@@ -207,7 +207,7 @@ else if($dopost=='save') | |||
color,writer,source,litpic,pubdate,senddate,mid,voteid,notpost,description,keywords,filename,dutyadmin,weight) | |||
VALUES ('$arcID','$typeid','$typeid2','$sortrank','$flag','$ismake','$channelid','$arcrank','$click','$money', | |||
'$title','$shorttitle','$color','$writer','$source','$litpic','$pubdate','$senddate', | |||
'$adminid','$voteid','$notpost','$description','$keywords','$filename','$adminid','$weight');"; | |||
'$adminid','0','$notpost','$description','$keywords','$filename','$adminid','$weight');"; | |||
if(!$dsql->ExecuteNoneQuery($query)) | |||
{ | |||
@@ -11,6 +11,7 @@ | |||
require_once(dirname(__FILE__).'/../include/common.inc.php'); | |||
require_once(DEDEINC.'/userlogin.class.php'); | |||
if(empty($dopost)) $dopost = ''; | |||
if(empty($gotopage)) $gotopage = ''; | |||
$gotopage = RemoveXSS($gotopage); | |||
@@ -282,7 +282,7 @@ class Archives | |||
{ | |||
if($this->Fields['litpic'] == '-' || $this->Fields['litpic'] == '') | |||
{ | |||
$this->Fields['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif'; | |||
$this->Fields['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif'; | |||
} | |||
if(!preg_match("#^http:\/\/#i", $this->Fields['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') | |||
{ | |||
@@ -190,7 +190,7 @@ class Caicai extends DataListCP | |||
$arr['typeurl'] = GetTypeUrl($arr['typeid'], MfTypedir($arr['typedir']), $arr['isdefault'], $arr['defaultname'], | |||
$arr['ispart'], $arr['namerule2'], $arr['moresite'], $arr['siteurl'], $arr['sitepath']); | |||
if($arr['litpic']=='') $arr['litpic'] = '/images/defaultpic.gif'; | |||
if($arr['litpic']=='') $arr['litpic'] = '/static/defaultpic.gif'; | |||
if(!preg_match("#^http:\/\/#", $arr['litpic'])) | |||
{ | |||
@@ -672,7 +672,7 @@ class FreeList | |||
if($row['litpic'] == '-' || $row['litpic'] == '') | |||
{ | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif'; | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif'; | |||
} | |||
if(!preg_match("#^http:\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') | |||
{ | |||
@@ -891,7 +891,7 @@ class ListView | |||
$row['ispart'],$row['namerule2'],$row['moresite'],$row['siteurl'],$row['sitepath']); | |||
if($row['litpic'] == '-' || $row['litpic'] == '') | |||
{ | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif'; | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif'; | |||
} | |||
if(!preg_match("/^http:\/\//i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') | |||
{ | |||
@@ -230,7 +230,7 @@ class MemberListview | |||
$row['namerule2'],$row['moresite'],$row['siteurl'],$row['sitepath']); | |||
if($row['litpic'] == '-' || $row['litpic'] == '') | |||
{ | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif'; | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif'; | |||
} | |||
if(!preg_match("/^http:\/\//i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') | |||
{ | |||
@@ -171,7 +171,7 @@ class RssView | |||
//处理一些特殊字段 | |||
if($row['litpic'] == '-' || $row['litpic'] == '') | |||
{ | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif'; | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif'; | |||
} | |||
if(!preg_match("/^http:\/\//", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') | |||
{ | |||
@@ -737,7 +737,7 @@ class SearchView | |||
$row["id"] = $row["id"]; | |||
if($row['litpic'] == '-' || $row['litpic'] == '') | |||
{ | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif'; | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif'; | |||
} | |||
if(!preg_match("/^http:\/\//", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') | |||
{ | |||
@@ -786,7 +786,7 @@ class SgListView | |||
$row['ispart'],$row['namerule2'],$row['moresite'],$row['siteurl'],$row['sitepath']); | |||
if($row['litpic'] == '-' || $row['litpic'] == '') | |||
{ | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif'; | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif'; | |||
} | |||
if(!preg_match("/^http:\/\//", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') | |||
{ | |||
@@ -436,7 +436,7 @@ class SpecView | |||
$row["id"] = $row["id"]; | |||
if($row['litpic'] == '-' || $row['litpic'] == '') | |||
{ | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif'; | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif'; | |||
} | |||
if(!preg_match("/^http:\/\//", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') | |||
{ | |||
@@ -363,7 +363,7 @@ class TagList | |||
$row['ispart'],$row['namerule2'],$row['moresite'],$row['siteurl'],$row['sitepath']); | |||
if($row['litpic'] == '-' || $row['litpic'] == '') | |||
{ | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif'; | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif'; | |||
} | |||
if(!preg_match("/^http:\/\//", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') | |||
{ | |||
@@ -64,7 +64,7 @@ if(function_exists('iconv_substr')) $cfg_is_iconv = TRUE; | |||
function _RunMagicQuotes(&$svar) | |||
{ | |||
if(!get_magic_quotes_gpc()) | |||
if(!@get_magic_quotes_gpc()) | |||
{ | |||
if( is_array($svar) ) | |||
{ | |||
@@ -1,4 +1,4 @@ | |||
<?php if(!defined('DEDEINC')) exit("Request Error!"); | |||
<?php if (!defined('DEDEINC')) exit("Request Error!"); | |||
/** | |||
* 织梦HTTP下载类 | |||
* | |||
@@ -42,45 +42,38 @@ class DedeHttpDown | |||
*/ | |||
function PrivateInit($url) | |||
{ | |||
if($url=='') { | |||
return ; | |||
if ($url == '') { | |||
return; | |||
} | |||
$urls = ''; | |||
$urls = @parse_url($url); | |||
$this->m_url = $url; | |||
if(is_array($urls)) | |||
{ | |||
if (is_array($urls)) { | |||
$this->m_host = $urls["host"]; | |||
if(!empty($urls["scheme"])) | |||
{ | |||
if (!empty($urls["scheme"])) { | |||
$this->m_scheme = $urls["scheme"]; | |||
} | |||
if(!empty($urls["user"])) | |||
{ | |||
if (!empty($urls["user"])) { | |||
$this->m_user = $urls["user"]; | |||
} | |||
if(!empty($urls["pass"])) | |||
{ | |||
if (!empty($urls["pass"])) { | |||
$this->m_pass = $urls["pass"]; | |||
} | |||
if(!empty($urls["port"])) | |||
{ | |||
if (!empty($urls["port"])) { | |||
$this->m_port = $urls["port"]; | |||
} | |||
if(!empty($urls["path"])) | |||
{ | |||
if (!empty($urls["path"])) { | |||
$this->m_path = $urls["path"]; | |||
} | |||
$this->m_urlpath = $this->m_path; | |||
if(!empty($urls["query"])) | |||
{ | |||
if (!empty($urls["query"])) { | |||
$this->m_query = $urls["query"]; | |||
$this->m_urlpath .= "?".$this->m_query; | |||
$this->m_urlpath .= "?" . $this->m_query; | |||
} | |||
$this->HomeUrl = $urls["host"]; | |||
$this->BaseUrlPath = $this->HomeUrl.$urls["path"]; | |||
$this->BaseUrlPath = preg_replace("/\/([^\/]*)\.(.*)$/","/",$this->BaseUrlPath); | |||
$this->BaseUrlPath = preg_replace("/\/$/","",$this->BaseUrlPath); | |||
$this->BaseUrlPath = $this->HomeUrl . $urls["path"]; | |||
$this->BaseUrlPath = preg_replace("/\/([^\/]*)\.(.*)$/", "/", $this->BaseUrlPath); | |||
$this->BaseUrlPath = preg_replace("/\/$/", "", $this->BaseUrlPath); | |||
} | |||
} | |||
@@ -114,11 +107,11 @@ class DedeHttpDown | |||
* @param string $requestType 请求类型 | |||
* @return string | |||
*/ | |||
function OpenUrl($url,$requestType="GET") | |||
function OpenUrl($url, $requestType = "GET") | |||
{ | |||
$this->ResetAny(); | |||
$this->JumpCount = 0; | |||
$this->m_httphead = Array() ; | |||
$this->m_httphead = array(); | |||
$this->m_html = ''; | |||
$this->reTry = 0; | |||
$this->Close(); | |||
@@ -139,7 +132,7 @@ class DedeHttpDown | |||
{ | |||
$this->ResetAny(); | |||
$this->JumpCount++; | |||
$this->m_httphead = Array() ; | |||
$this->m_httphead = array(); | |||
$this->m_html = ""; | |||
$this->Close(); | |||
@@ -156,9 +149,11 @@ class DedeHttpDown | |||
*/ | |||
function printError() | |||
{ | |||
echo "错误信息:".$this->m_error; | |||
echo "错误信息:" . $this->m_error; | |||
echo "<br/>具体返回头:<br/>"; | |||
foreach($this->m_httphead as $k=>$v){ echo "$k => $v <br/>\r\n"; } | |||
foreach ($this->m_httphead as $k => $v) { | |||
echo "$k => $v <br/>\r\n"; | |||
} | |||
} | |||
/** | |||
@@ -169,13 +164,10 @@ class DedeHttpDown | |||
*/ | |||
function IsGetOK() | |||
{ | |||
if( preg_match("/^2/",$this->GetHead("http-state")) ) | |||
{ | |||
if (preg_match("/^2/", $this->GetHead("http-state"))) { | |||
return TRUE; | |||
} | |||
else | |||
{ | |||
$this->m_error .= $this->GetHead("http-state")." - ".$this->GetHead("http-describe")."<br/>"; | |||
} else { | |||
$this->m_error .= $this->GetHead("http-state") . " - " . $this->GetHead("http-describe") . "<br/>"; | |||
return FALSE; | |||
} | |||
} | |||
@@ -188,12 +180,9 @@ class DedeHttpDown | |||
*/ | |||
function IsText() | |||
{ | |||
if( preg_match("/^2/",$this->GetHead("http-state")) && preg_match("/text|xml/i",$this->GetHead("content-type")) ) | |||
{ | |||
if (preg_match("/^2/", $this->GetHead("http-state")) && preg_match("/text|xml/i", $this->GetHead("content-type"))) { | |||
return TRUE; | |||
} | |||
else | |||
{ | |||
} else { | |||
$this->m_error .= "内容为非文本类型或网址重定向<br/>"; | |||
return FALSE; | |||
} | |||
@@ -208,12 +197,13 @@ class DedeHttpDown | |||
*/ | |||
function IsContentType($ctype) | |||
{ | |||
if(preg_match("/^2/",$this->GetHead("http-state")) | |||
&& $this->GetHead("content-type")==strtolower($ctype)) | |||
{ return TRUE; } | |||
else | |||
{ | |||
$this->m_error .= "类型不对 ".$this->GetHead("content-type")."<br/>"; | |||
if ( | |||
preg_match("/^2/", $this->GetHead("http-state")) | |||
&& $this->GetHead("content-type") == strtolower($ctype) | |||
) { | |||
return TRUE; | |||
} else { | |||
$this->m_error .= "类型不对 " . $this->GetHead("content-type") . "<br/>"; | |||
return FALSE; | |||
} | |||
} | |||
@@ -227,8 +217,7 @@ class DedeHttpDown | |||
*/ | |||
function SaveToBin($savefilename) | |||
{ | |||
if(!$this->IsGetOK()) | |||
{ | |||
if (!$this->IsGetOK()) { | |||
return FALSE; | |||
} | |||
if (function_exists('curl_init') && function_exists('curl_exec')) { | |||
@@ -236,13 +225,12 @@ class DedeHttpDown | |||
return TRUE; | |||
} | |||
if(@feof($this->m_fp)) | |||
{ | |||
$this->m_error = "连接已经关闭!"; return FALSE; | |||
if (@feof($this->m_fp)) { | |||
$this->m_error = "连接已经关闭!"; | |||
return FALSE; | |||
} | |||
$fp = fopen($savefilename,"w"); | |||
while(!feof($this->m_fp)) | |||
{ | |||
$fp = fopen($savefilename, "w"); | |||
while (!feof($this->m_fp)) { | |||
fwrite($fp, fread($this->m_fp, 1024)); | |||
} | |||
fclose($this->m_fp); | |||
@@ -259,16 +247,18 @@ class DedeHttpDown | |||
*/ | |||
function SaveToText($savefilename) | |||
{ | |||
if($this->IsText()) | |||
{ | |||
if ($this->IsText()) { | |||
$this->SaveBinFile($savefilename); | |||
} | |||
else | |||
{ | |||
} else { | |||
return ""; | |||
} | |||
} | |||
function SaveBinFile($filename) | |||
{ | |||
return $this->SaveBinFile($filename); | |||
} | |||
/** | |||
* 用Http协议获得一个网页的内容 | |||
* | |||
@@ -277,21 +267,17 @@ class DedeHttpDown | |||
*/ | |||
function GetHtml() | |||
{ | |||
if($this->m_html!='') | |||
{ | |||
if ($this->m_html != '') { | |||
return $this->m_html; | |||
} | |||
if(!$this->IsText()) | |||
{ | |||
if (!$this->IsText()) { | |||
return ''; | |||
} | |||
if(!$this->m_fp||@feof($this->m_fp)) | |||
{ | |||
if (!$this->m_fp || @feof($this->m_fp)) { | |||
return ''; | |||
} | |||
while(!feof($this->m_fp)) | |||
{ | |||
$this->m_html .= fgets($this->m_fp,256); | |||
while (!feof($this->m_fp)) { | |||
$this->m_html .= fgets($this->m_fp, 256); | |||
} | |||
@fclose($this->m_fp); | |||
return $this->m_html; | |||
@@ -304,14 +290,14 @@ class DedeHttpDown | |||
* @param string $requestType 请求类型 | |||
* @return string | |||
*/ | |||
function PrivateStartSession($requestType="GET") | |||
function PrivateStartSession($requestType = "GET") | |||
{ | |||
if ($this->m_scheme == "https") { | |||
$this->m_port = "443"; | |||
} | |||
if (function_exists('curl_init') && function_exists('curl_exec')) { | |||
$this->m_ch = curl_init(); | |||
curl_setopt($this->m_ch, CURLOPT_URL, $this->m_scheme.'://'.$this->m_host.':'.$this->m_port.$this->m_path); | |||
curl_setopt($this->m_ch, CURLOPT_URL, $this->m_scheme . '://' . $this->m_host . ':' . $this->m_port . $this->m_path); | |||
curl_setopt($this->m_ch, CURLOPT_RETURNTRANSFER, 1); | |||
curl_setopt($this->m_ch, CURLOPT_FOLLOWLOCATION, 1); | |||
if ($requestType == "POST") { | |||
@@ -331,32 +317,27 @@ class DedeHttpDown | |||
$this->m_puthead["Host"] = $this->m_host; | |||
//发送用户自定义的请求头 | |||
if(!isset($this->m_puthead["Accept"])) | |||
{ | |||
if (!isset($this->m_puthead["Accept"])) { | |||
$this->m_puthead["Accept"] = "*/*"; | |||
} | |||
if(!isset($this->m_puthead["User-Agent"])) | |||
{ | |||
if (!isset($this->m_puthead["User-Agent"])) { | |||
$this->m_puthead["User-Agent"] = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2)"; | |||
} | |||
if(!isset($this->m_puthead["Refer"])) | |||
{ | |||
$this->m_puthead["Refer"] = "http://".$this->m_puthead["Host"]; | |||
if (!isset($this->m_puthead["Refer"])) { | |||
$this->m_puthead["Refer"] = "http://" . $this->m_puthead["Host"]; | |||
} | |||
$headers = array(); | |||
foreach($this->m_puthead as $k=>$v) | |||
{ | |||
foreach ($this->m_puthead as $k => $v) { | |||
$k = trim($k); | |||
$v = trim($v); | |||
if($k!=""&&$v!="") | |||
{ | |||
if ($k != "" && $v != "") { | |||
$headers[] = "$k: $v"; | |||
} | |||
} | |||
if (count($headers) > 0) { | |||
curl_setopt($this->m_ch, CURLOPT_HTTPHEADER, $headers); | |||
} | |||
curl_setopt($this->m_ch, CURLOPT_CONNECTTIMEOUT, 20); | |||
curl_setopt($this->m_ch, CURLOPT_TIMEOUT, 900); | |||
@@ -375,168 +356,129 @@ class DedeHttpDown | |||
return TRUE; | |||
} | |||
if(!$this->PrivateOpenHost()) | |||
{ | |||
if (!$this->PrivateOpenHost()) { | |||
$this->m_error .= "打开远程主机出错!"; | |||
return FALSE; | |||
} | |||
$this->reTry++; | |||
if($this->GetHead("http-edition")=="HTTP/1.1") | |||
{ | |||
if ($this->GetHead("http-edition") == "HTTP/1.1") { | |||
$httpv = "HTTP/1.1"; | |||
} | |||
else | |||
{ | |||
} else { | |||
$httpv = "HTTP/1.0"; | |||
} | |||
$ps = explode('?',$this->m_urlpath); | |||
$ps = explode('?', $this->m_urlpath); | |||
$headString = ''; | |||
//发送固定的起始请求头GET、Host信息 | |||
if($requestType=="GET") | |||
{ | |||
$headString .= "GET ".$this->m_urlpath." $httpv\r\n"; | |||
} | |||
else | |||
{ | |||
$headString .= "POST ".$ps[0]." $httpv\r\n"; | |||
if ($requestType == "GET") { | |||
$headString .= "GET " . $this->m_urlpath . " $httpv\r\n"; | |||
} else { | |||
$headString .= "POST " . $ps[0] . " $httpv\r\n"; | |||
} | |||
$this->m_puthead["Host"] = $this->m_host; | |||
//发送用户自定义的请求头 | |||
if(!isset($this->m_puthead["Accept"])) | |||
{ | |||
if (!isset($this->m_puthead["Accept"])) { | |||
$this->m_puthead["Accept"] = "*/*"; | |||
} | |||
if(!isset($this->m_puthead["User-Agent"])) | |||
{ | |||
if (!isset($this->m_puthead["User-Agent"])) { | |||
$this->m_puthead["User-Agent"] = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2)"; | |||
} | |||
if(!isset($this->m_puthead["Refer"])) | |||
{ | |||
$this->m_puthead["Refer"] = "http://".$this->m_puthead["Host"]; | |||
if (!isset($this->m_puthead["Refer"])) { | |||
$this->m_puthead["Refer"] = "http://" . $this->m_puthead["Host"]; | |||
} | |||
foreach($this->m_puthead as $k=>$v) | |||
{ | |||
foreach ($this->m_puthead as $k => $v) { | |||
$k = trim($k); | |||
$v = trim($v); | |||
if($k!=""&&$v!="") | |||
{ | |||
if ($k != "" && $v != "") { | |||
$headString .= "$k: $v\r\n"; | |||
} | |||
} | |||
fputs($this->m_fp, $headString); | |||
if($requestType=="POST") | |||
{ | |||
if ($requestType == "POST") { | |||
$postdata = ""; | |||
if(count($ps)>1) | |||
{ | |||
for($i=1;$i<count($ps);$i++) | |||
{ | |||
if (count($ps) > 1) { | |||
for ($i = 1; $i < count($ps); $i++) { | |||
$postdata .= $ps[$i]; | |||
} | |||
} | |||
else | |||
{ | |||
} else { | |||
$postdata = "OK"; | |||
} | |||
$plen = strlen($postdata); | |||
fputs($this->m_fp,"Content-Type: application/x-www-form-urlencoded\r\n"); | |||
fputs($this->m_fp,"Content-Length: $plen\r\n"); | |||
fputs($this->m_fp, "Content-Type: application/x-www-form-urlencoded\r\n"); | |||
fputs($this->m_fp, "Content-Length: $plen\r\n"); | |||
} | |||
//发送固定的结束请求头 | |||
//HTTP1.1协议必须指定文档结束后关闭链接,否则读取文档时无法使用feof判断结束 | |||
if($httpv=="HTTP/1.1") | |||
{ | |||
fputs($this->m_fp,"Connection: Close\r\n\r\n"); | |||
if ($httpv == "HTTP/1.1") { | |||
fputs($this->m_fp, "Connection: Close\r\n\r\n"); | |||
} else { | |||
fputs($this->m_fp, "\r\n"); | |||
} | |||
else | |||
{ | |||
fputs($this->m_fp,"\r\n"); | |||
} | |||
if($requestType=="POST") | |||
{ | |||
fputs($this->m_fp,$postdata); | |||
if ($requestType == "POST") { | |||
fputs($this->m_fp, $postdata); | |||
} | |||
//获取应答头状态信息 | |||
$httpstas = explode(" ",fgets($this->m_fp,256)); | |||
$httpstas = explode(" ", fgets($this->m_fp, 256)); | |||
$this->m_httphead["http-edition"] = trim($httpstas[0]); | |||
$this->m_httphead["http-state"] = trim($httpstas[1]); | |||
$this->m_httphead["http-describe"] = ""; | |||
for($i=2;$i<count($httpstas);$i++) | |||
{ | |||
$this->m_httphead["http-describe"] .= " ".trim($httpstas[$i]); | |||
for ($i = 2; $i < count($httpstas); $i++) { | |||
$this->m_httphead["http-describe"] .= " " . trim($httpstas[$i]); | |||
} | |||
//获取详细应答头 | |||
while(!feof($this->m_fp)) | |||
{ | |||
$line = trim(fgets($this->m_fp,256)); | |||
if($line == "") | |||
{ | |||
while (!feof($this->m_fp)) { | |||
$line = trim(fgets($this->m_fp, 256)); | |||
if ($line == "") { | |||
break; | |||
} | |||
$hkey = ""; | |||
$hvalue = ""; | |||
$v = 0; | |||
for($i=0;$i<strlen($line);$i++) | |||
{ | |||
if($v==1) | |||
{ | |||
for ($i = 0; $i < strlen($line); $i++) { | |||
if ($v == 1) { | |||
$hvalue .= $line[$i]; | |||
} | |||
if($line[$i]==":") | |||
{ | |||
if ($line[$i] == ":") { | |||
$v = 1; | |||
} | |||
if($v==0) | |||
{ | |||
if ($v == 0) { | |||
$hkey .= $line[$i]; | |||
} | |||
} | |||
$hkey = trim($hkey); | |||
if($hkey!="") | |||
{ | |||
if ($hkey != "") { | |||
$this->m_httphead[strtolower($hkey)] = trim($hvalue); | |||
} | |||
} | |||
//如果连接被不正常关闭,重试 | |||
if(feof($this->m_fp)) | |||
{ | |||
if($this->reTry > 10) | |||
{ | |||
if (feof($this->m_fp)) { | |||
if ($this->reTry > 10) { | |||
return FALSE; | |||
} | |||
$this->PrivateStartSession($requestType); | |||
} | |||
//判断是否是3xx开头的应答 | |||
if(preg_match("/^3/",$this->m_httphead["http-state"])) | |||
{ | |||
if($this->JumpCount > 3) | |||
{ | |||
if (preg_match("/^3/", $this->m_httphead["http-state"])) { | |||
if ($this->JumpCount > 3) { | |||
return; | |||
} | |||
if(isset($this->m_httphead["location"])) | |||
{ | |||
if (isset($this->m_httphead["location"])) { | |||
$newurl = $this->m_httphead["location"]; | |||
if(preg_match("/^http/i",$newurl)) | |||
{ | |||
if (preg_match("/^http/i", $newurl)) { | |||
$this->JumpOpenUrl($newurl); | |||
} | |||
else | |||
{ | |||
} else { | |||
$newurl = $this->FillUrl($newurl); | |||
$this->JumpOpenUrl($newurl); | |||
} | |||
} | |||
else | |||
{ | |||
} else { | |||
$this->m_error = "无法识别的答复!"; | |||
} | |||
} | |||
@@ -568,7 +510,7 @@ class DedeHttpDown | |||
* @param string $svalue 值 | |||
* @return string | |||
*/ | |||
function SetHead($skey,$svalue) | |||
function SetHead($skey, $svalue) | |||
{ | |||
$this->m_puthead[$skey] = $svalue; | |||
} | |||
@@ -581,21 +523,17 @@ class DedeHttpDown | |||
*/ | |||
function PrivateOpenHost() | |||
{ | |||
if($this->m_host=="") | |||
{ | |||
if ($this->m_host == "") { | |||
return FALSE; | |||
} | |||
$errno = ""; | |||
$errstr = ""; | |||
$this->m_fp = @fsockopen($this->m_host, $this->m_port, $errno, $errstr,10); | |||
if(!$this->m_fp) | |||
{ | |||
$this->m_fp = @fsockopen($this->m_host, $this->m_port, $errno, $errstr, 10); | |||
if (!$this->m_fp) { | |||
$this->m_error = $errstr; | |||
return FALSE; | |||
} | |||
else | |||
{ | |||
} else { | |||
return TRUE; | |||
} | |||
} | |||
@@ -609,7 +547,7 @@ class DedeHttpDown | |||
function Close() | |||
{ | |||
if (function_exists('curl_init') && function_exists('curl_exec')) { | |||
curl_close($ch); | |||
@curl_close($this->m_ch); | |||
} | |||
@fclose($this->m_fp); | |||
} | |||
@@ -629,81 +567,54 @@ class DedeHttpDown | |||
$okurl = ""; | |||
$pathStep = 0; | |||
$surl = trim($surl); | |||
if($surl=="") | |||
{ | |||
if ($surl == "") { | |||
return ""; | |||
} | |||
$pos = strpos($surl,"#"); | |||
if($pos>0) | |||
{ | |||
$surl = substr($surl,0,$pos); | |||
$pos = strpos($surl, "#"); | |||
if ($pos > 0) { | |||
$surl = substr($surl, 0, $pos); | |||
} | |||
if($surl[0]=="/") | |||
{ | |||
$okurl = "http://".$this->HomeUrl.$surl; | |||
} | |||
else if($surl[0]==".") | |||
{ | |||
if(strlen($surl)<=1) | |||
{ | |||
if ($surl[0] == "/") { | |||
$okurl = "http://" . $this->HomeUrl . $surl; | |||
} else if ($surl[0] == ".") { | |||
if (strlen($surl) <= 1) { | |||
return ""; | |||
} | |||
else if($surl[1]=="/") | |||
{ | |||
$okurl = "http://".$this->BaseUrlPath."/".substr($surl,2,strlen($surl)-2); | |||
} | |||
else | |||
{ | |||
$urls = explode("/",$surl); | |||
foreach($urls as $u) | |||
{ | |||
if($u=="..") | |||
{ | |||
} else if ($surl[1] == "/") { | |||
$okurl = "http://" . $this->BaseUrlPath . "/" . substr($surl, 2, strlen($surl) - 2); | |||
} else { | |||
$urls = explode("/", $surl); | |||
foreach ($urls as $u) { | |||
if ($u == "..") { | |||
$pathStep++; | |||
} | |||
else if($i<count($urls)-1) | |||
{ | |||
$dstr .= $urls[$i]."/"; | |||
} | |||
else | |||
{ | |||
} else if ($i < count($urls) - 1) { | |||
$dstr .= $urls[$i] . "/"; | |||
} else { | |||
$dstr .= $urls[$i]; | |||
} | |||
$i++; | |||
} | |||
$urls = explode("/",$this->BaseUrlPath); | |||
if(count($urls) <= $pathStep) | |||
{ | |||
$urls = explode("/", $this->BaseUrlPath); | |||
if (count($urls) <= $pathStep) { | |||
return ""; | |||
} | |||
else | |||
{ | |||
} else { | |||
$pstr = "http://"; | |||
for($i=0;$i<count($urls)-$pathStep;$i++) | |||
{ | |||
$pstr .= $urls[$i]."/"; | |||
for ($i = 0; $i < count($urls) - $pathStep; $i++) { | |||
$pstr .= $urls[$i] . "/"; | |||
} | |||
$okurl = $pstr.$dstr; | |||
$okurl = $pstr . $dstr; | |||
} | |||
} | |||
} | |||
else | |||
{ | |||
if(strlen($surl)<7) | |||
{ | |||
$okurl = "http://".$this->BaseUrlPath."/".$surl; | |||
} | |||
else if(strtolower(substr($surl,0,7))=="http://") | |||
{ | |||
} else { | |||
if (strlen($surl) < 7) { | |||
$okurl = "http://" . $this->BaseUrlPath . "/" . $surl; | |||
} else if (strtolower(substr($surl, 0, 7)) == "http://") { | |||
$okurl = $surl; | |||
} | |||
else | |||
{ | |||
$okurl = "http://".$this->BaseUrlPath."/".$surl; | |||
} else { | |||
$okurl = "http://" . $this->BaseUrlPath . "/" . $surl; | |||
} | |||
} | |||
$okurl = preg_replace("/^(http:\/\/)/i","",$okurl); | |||
$okurl = preg_replace("/^(http:\/\/)/i", "", $okurl); | |||
$okurl = preg_replace("/\/{1,}/", "/", $okurl); | |||
return "http://".$okurl; | |||
return "http://" . $okurl; | |||
} | |||
}//End Class |
@@ -1,4 +1,4 @@ | |||
<?php if(!defined('DEDEINC')) exit('dedecms'); | |||
<?php if (!defined('DEDEINC')) exit('dedecms'); | |||
/** | |||
* FTP 操作类 | |||
* 不支持 SFTP 和 SSL FTP 协议, 仅支持标准 FTP 协议. | |||
@@ -16,7 +16,8 @@ | |||
* @link http://www.dedecms.com | |||
*/ | |||
@set_time_limit(1000); | |||
class FTP { | |||
class FTP | |||
{ | |||
var $hostname = ''; | |||
var $username = ''; | |||
var $password = ''; | |||
@@ -37,8 +38,7 @@ class FTP { | |||
*/ | |||
function FTP($config = array()) | |||
{ | |||
if (count($config) > 0) | |||
{ | |||
if (count($config) > 0) { | |||
$this->initialize($config); | |||
} | |||
} | |||
@@ -52,10 +52,8 @@ class FTP { | |||
*/ | |||
function initialize($config = array()) | |||
{ | |||
foreach ($config as $key => $val) | |||
{ | |||
if (isset($this->$key)) | |||
{ | |||
foreach ($config as $key => $val) { | |||
if (isset($this->$key)) { | |||
$this->$key = $val; | |||
} | |||
} | |||
@@ -73,32 +71,26 @@ class FTP { | |||
*/ | |||
function connect($config = array()) | |||
{ | |||
if (count($config) > 0) | |||
{ | |||
if (count($config) > 0) { | |||
$this->initialize($config); | |||
} | |||
if (FALSE === ($this->conn_id = @ftp_connect($this->hostname, $this->port))) | |||
{ | |||
if ($this->debug == TRUE) | |||
{ | |||
if (FALSE === ($this->conn_id = @ftp_connect($this->hostname, $this->port))) { | |||
if ($this->debug == TRUE) { | |||
$this->_error('无法链接'); | |||
} | |||
return FALSE; | |||
} | |||
if ( ! $this->_login()) | |||
{ | |||
if ($this->debug == TRUE) | |||
{ | |||
if (!$this->_login()) { | |||
if ($this->debug == TRUE) { | |||
$this->_error('无法登录'); | |||
} | |||
return FALSE; | |||
} | |||
// 如果需要则设置传输模式 | |||
if ($this->passive == TRUE) | |||
{ | |||
if ($this->passive == TRUE) { | |||
ftp_pasv($this->conn_id, TRUE); | |||
} | |||
@@ -124,10 +116,8 @@ class FTP { | |||
*/ | |||
function _is_conn() | |||
{ | |||
if ( ! is_resource($this->conn_id)) | |||
{ | |||
if ($this->debug == TRUE) | |||
{ | |||
if (!is_resource($this->conn_id)) { | |||
if ($this->debug == TRUE) { | |||
$this->_error('无法链接'); | |||
} | |||
return FALSE; | |||
@@ -149,17 +139,14 @@ class FTP { | |||
*/ | |||
function changedir($path = '', $supress_debug = FALSE) | |||
{ | |||
if ($path == '' OR ! $this->_is_conn()) | |||
{ | |||
if ($path == '' or !$this->_is_conn()) { | |||
return FALSE; | |||
} | |||
$result = @ftp_chdir($this->conn_id, $path); | |||
if ($result === FALSE) | |||
{ | |||
if ($this->debug == TRUE AND $supress_debug == FALSE) | |||
{ | |||
if ($result === FALSE) { | |||
if ($this->debug == TRUE and $supress_debug == FALSE) { | |||
$this->_error('无法更改目录'); | |||
} | |||
return FALSE; | |||
@@ -177,25 +164,21 @@ class FTP { | |||
*/ | |||
function mkdir($path = '', $permissions = NULL) | |||
{ | |||
if ($path == '' OR ! $this->_is_conn()) | |||
{ | |||
if ($path == '' or !$this->_is_conn()) { | |||
return FALSE; | |||
} | |||
$result = @ftp_mkdir($this->conn_id, $path); | |||
if ($result === FALSE) | |||
{ | |||
if ($this->debug == TRUE) | |||
{ | |||
if ($result === FALSE) { | |||
if ($this->debug == TRUE) { | |||
$this->_error('无法创建文件夹'); | |||
} | |||
return FALSE; | |||
} | |||
// 如果需要设置权限 | |||
if ( ! is_null($permissions)) | |||
{ | |||
if (!is_null($permissions)) { | |||
$this->chmod($path, (int)$permissions); | |||
} | |||
@@ -211,24 +194,19 @@ class FTP { | |||
*/ | |||
function rmkdir($path = '', $pathsymbol = '/') | |||
{ | |||
$pathArray = explode($pathsymbol,$path); | |||
$pathArray = explode($pathsymbol, $path); | |||
$pathstr = $pathsymbol; | |||
foreach($pathArray as $val) | |||
{ | |||
if(!empty($val)) | |||
{ | |||
foreach ($pathArray as $val) { | |||
if (!empty($val)) { | |||
//构建文件夹路径 | |||
$pathstr = $pathstr.$val.$pathsymbol; | |||
if (! $this->_is_conn()) | |||
{ | |||
$pathstr = $pathstr . $val . $pathsymbol; | |||
if (!$this->_is_conn()) { | |||
return FALSE; | |||
} | |||
$result = @ftp_chdir($this->conn_id, $pathstr); | |||
if($result === FALSE) | |||
{ | |||
if ($result === FALSE) { | |||
//如果不存在这个目录则创建 | |||
if(!$this->mkdir($pathstr)) | |||
{ | |||
if (!$this->mkdir($pathstr)) { | |||
return FALSE; | |||
} | |||
} | |||
@@ -248,20 +226,17 @@ class FTP { | |||
*/ | |||
function upload($locpath, $rempath, $mode = 'auto', $permissions = NULL) | |||
{ | |||
if (!$this->_is_conn()) | |||
{ | |||
if (!$this->_is_conn()) { | |||
return FALSE; | |||
} | |||
if (!file_exists($locpath)) | |||
{ | |||
if (!file_exists($locpath)) { | |||
$this->_error('不存在源文件'); | |||
return FALSE; | |||
} | |||
// 未指定则设置模式 | |||
if ($mode == 'auto') | |||
{ | |||
if ($mode == 'auto') { | |||
// 获取文件扩展名,以便本类上传类型 | |||
$ext = $this->_getext($locpath); | |||
$mode = $this->_settype($ext); | |||
@@ -271,18 +246,15 @@ class FTP { | |||
$result = @ftp_put($this->conn_id, $rempath, $locpath, $mode); | |||
if ($result === FALSE) | |||
{ | |||
if ($this->debug == TRUE) | |||
{ | |||
if ($result === FALSE) { | |||
if ($this->debug == TRUE) { | |||
$this->_error('无法上传'); | |||
} | |||
return FALSE; | |||
} | |||
// 如果需要设置文件权限 | |||
if ( ! is_null($permissions)) | |||
{ | |||
if (!is_null($permissions)) { | |||
$this->chmod($rempath, (int)$permissions); | |||
} | |||
@@ -300,17 +272,14 @@ class FTP { | |||
*/ | |||
function rename($old_file, $new_file, $move = FALSE) | |||
{ | |||
if ( ! $this->_is_conn()) | |||
{ | |||
if (!$this->_is_conn()) { | |||
return FALSE; | |||
} | |||
$result = @ftp_rename($this->conn_id, $old_file, $new_file); | |||
if ($result === FALSE) | |||
{ | |||
if ($this->debug == TRUE) | |||
{ | |||
if ($result === FALSE) { | |||
if ($this->debug == TRUE) { | |||
$msg = ($move == FALSE) ? '无法重命名' : '无法移动'; | |||
$this->_error($msg); | |||
@@ -343,17 +312,14 @@ class FTP { | |||
*/ | |||
function delete_file($filepath) | |||
{ | |||
if ( ! $this->_is_conn()) | |||
{ | |||
if (!$this->_is_conn()) { | |||
return FALSE; | |||
} | |||
$result = @ftp_delete($this->conn_id, $filepath); | |||
if ($result === FALSE) | |||
{ | |||
if ($this->debug == TRUE) | |||
{ | |||
if ($result === FALSE) { | |||
if ($this->debug == TRUE) { | |||
$this->_error('无法删除'); | |||
} | |||
return FALSE; | |||
@@ -371,8 +337,7 @@ class FTP { | |||
*/ | |||
function delete_dir($filepath) | |||
{ | |||
if ( ! $this->_is_conn()) | |||
{ | |||
if (!$this->_is_conn()) { | |||
return FALSE; | |||
} | |||
@@ -381,14 +346,11 @@ class FTP { | |||
$list = $this->list_files($filepath); | |||
if ($list !== FALSE AND count($list) > 0) | |||
{ | |||
foreach ($list as $item) | |||
{ | |||
if ($list !== FALSE and count($list) > 0) { | |||
foreach ($list as $item) { | |||
// 如果我们不能删除该项目,它则可能是一个文件夹 | |||
// 将调用 delete_dir() | |||
if ( ! @ftp_delete($this->conn_id, $item)) | |||
{ | |||
if (!@ftp_delete($this->conn_id, $item)) { | |||
$this->delete_dir($item); | |||
} | |||
} | |||
@@ -396,10 +358,8 @@ class FTP { | |||
$result = @ftp_rmdir($this->conn_id, $filepath); | |||
if ($result === FALSE) | |||
{ | |||
if ($this->debug == TRUE) | |||
{ | |||
if ($result === FALSE) { | |||
if ($this->debug == TRUE) { | |||
$this->_error('无法删除'); | |||
} | |||
return FALSE; | |||
@@ -418,16 +378,13 @@ class FTP { | |||
*/ | |||
function chmod($path, $perm) | |||
{ | |||
if ( ! $this->_is_conn()) | |||
{ | |||
if (!$this->_is_conn()) { | |||
return FALSE; | |||
} | |||
// 仅PHP5才能运行 | |||
if ( ! function_exists('ftp_chmod')) | |||
{ | |||
if ($this->debug == TRUE) | |||
{ | |||
if (!function_exists('ftp_chmod')) { | |||
if ($this->debug == TRUE) { | |||
$this->_error('无法更改权限'); | |||
} | |||
return FALSE; | |||
@@ -435,10 +392,8 @@ class FTP { | |||
$result = @ftp_chmod($this->conn_id, $perm, $path); | |||
if ($result === FALSE) | |||
{ | |||
if ($this->debug == TRUE) | |||
{ | |||
if ($result === FALSE) { | |||
if ($this->debug == TRUE) { | |||
$this->_error('无法更改权限'); | |||
} | |||
return FALSE; | |||
@@ -455,8 +410,7 @@ class FTP { | |||
*/ | |||
function list_files($path = '.') | |||
{ | |||
if ( ! $this->_is_conn()) | |||
{ | |||
if (!$this->_is_conn()) { | |||
return FALSE; | |||
} | |||
@@ -469,42 +423,41 @@ class FTP { | |||
* @access public | |||
* @return array | |||
*/ | |||
function list_rawfiles($path = '.', $type='dir') | |||
function list_rawfiles($path = '.', $type = 'dir') | |||
{ | |||
if ( ! $this->_is_conn()) | |||
{ | |||
if (!$this->_is_conn()) { | |||
return FALSE; | |||
} | |||
$ftp_rawlist = ftp_rawlist($this->conn_id, $path, TRUE); | |||
foreach ($ftp_rawlist as $v) { | |||
$info = array(); | |||
$vinfo = preg_split("/[\s]+/", $v, 9); | |||
if ($vinfo[0] !== "total") { | |||
$info['chmod'] = $vinfo[0]; | |||
$info['num'] = $vinfo[1]; | |||
$info['owner'] = $vinfo[2]; | |||
$info['group'] = $vinfo[3]; | |||
$info['size'] = $vinfo[4]; | |||
$info['month'] = $vinfo[5]; | |||
$info['day'] = $vinfo[6]; | |||
$info['time'] = $vinfo[7]; | |||
$info['name'] = $vinfo[8]; | |||
$rawlist[$info['name']] = $info; | |||
} | |||
} | |||
$dir = array(); | |||
$file = array(); | |||
foreach ($rawlist as $k => $v) { | |||
if ($v['chmod']{0} == "d") { | |||
$dir[$k] = $v; | |||
} elseif ($v['chmod']{0} == "-") { | |||
$file[$k] = $v; | |||
} | |||
} | |||
return ($type == 'dir')? $dir : $file; | |||
foreach ($ftp_rawlist as $v) { | |||
$info = array(); | |||
$vinfo = preg_split("/[\s]+/", $v, 9); | |||
if ($vinfo[0] !== "total") { | |||
$info['chmod'] = $vinfo[0]; | |||
$info['num'] = $vinfo[1]; | |||
$info['owner'] = $vinfo[2]; | |||
$info['group'] = $vinfo[3]; | |||
$info['size'] = $vinfo[4]; | |||
$info['month'] = $vinfo[5]; | |||
$info['day'] = $vinfo[6]; | |||
$info['time'] = $vinfo[7]; | |||
$info['name'] = $vinfo[8]; | |||
$rawlist[$info['name']] = $info; | |||
} | |||
} | |||
$dir = array(); | |||
$file = array(); | |||
foreach ($rawlist as $k => $v) { | |||
if ($v['chmod'][0] == "d") { | |||
$dir[$k] = $v; | |||
} elseif ($v['chmod'][0] == "-") { | |||
$file[$k] = $v; | |||
} | |||
} | |||
return ($type == 'dir') ? $dir : $file; | |||
} | |||
/** | |||
@@ -518,38 +471,30 @@ class FTP { | |||
*/ | |||
function mirror($locpath, $rempath) | |||
{ | |||
if ( ! $this->_is_conn()) | |||
{ | |||
if (!$this->_is_conn()) { | |||
return FALSE; | |||
} | |||
// 打开本地文件路径 | |||
if ($fp = @opendir($locpath)) | |||
{ | |||
if ($fp = @opendir($locpath)) { | |||
// 尝试打开远程文件的路径. | |||
if ( ! $this->changedir($rempath, TRUE)) | |||
{ | |||
if (!$this->changedir($rempath, TRUE)) { | |||
// 如果不能打开则创建 | |||
if ( ! $this->rmkdir($rempath) OR ! $this->changedir($rempath)) | |||
{ | |||
if (!$this->rmkdir($rempath) or !$this->changedir($rempath)) { | |||
return FALSE; | |||
} | |||
} | |||
// 递归读取本地目录 | |||
while (FALSE !== ($file = readdir($fp))) | |||
{ | |||
if (@is_dir($locpath.$file) && substr($file, 0, 1) != '.') | |||
{ | |||
$this->mirror($locpath.$file."/", $rempath.$file."/"); | |||
} | |||
elseif (substr($file, 0, 1) != ".") | |||
{ | |||
while (FALSE !== ($file = readdir($fp))) { | |||
if (@is_dir($locpath . $file) && substr($file, 0, 1) != '.') { | |||
$this->mirror($locpath . $file . "/", $rempath . $file . "/"); | |||
} elseif (substr($file, 0, 1) != ".") { | |||
// 获取文件扩展名,以便本类上传类型 | |||
$ext = $this->_getext($file); | |||
$mode = $this->_settype($ext); | |||
$this->upload($locpath.$file, $rempath.$file, $mode); | |||
$this->upload($locpath . $file, $rempath . $file, $mode); | |||
} | |||
} | |||
return TRUE; | |||
@@ -567,8 +512,7 @@ class FTP { | |||
*/ | |||
function _getext($filename) | |||
{ | |||
if (FALSE === strpos($filename, '.')) | |||
{ | |||
if (FALSE === strpos($filename, '.')) { | |||
return 'txt'; | |||
} | |||
@@ -586,20 +530,20 @@ class FTP { | |||
function _settype($ext) | |||
{ | |||
$text_types = array( | |||
'txt', | |||
'text', | |||
'php', | |||
'phps', | |||
'php4', | |||
'js', | |||
'css', | |||
'htm', | |||
'html', | |||
'phtml', | |||
'shtml', | |||
'log', | |||
'xml' | |||
); | |||
'txt', | |||
'text', | |||
'php', | |||
'phps', | |||
'php4', | |||
'js', | |||
'css', | |||
'htm', | |||
'html', | |||
'phtml', | |||
'shtml', | |||
'log', | |||
'xml' | |||
); | |||
return (in_array($ext, $text_types)) ? 'ascii' : 'binary'; | |||
@@ -615,8 +559,7 @@ class FTP { | |||
*/ | |||
function close() | |||
{ | |||
if ( ! $this->_is_conn()) | |||
{ | |||
if (!$this->_is_conn()) { | |||
return FALSE; | |||
} | |||
@@ -632,21 +575,21 @@ class FTP { | |||
*/ | |||
function _error($msg) | |||
{ | |||
$errorTrackFile = dirname(__FILE__).'/../data/ftp_error_trace.inc'; | |||
$errorTrackFile = dirname(__FILE__) . '/../data/ftp_error_trace.inc'; | |||
$emsg = ''; | |||
$emsg .= "<div><h3>DedeCMS Error Warning!</h3>\r\n"; | |||
$emsg .= "<div><a href='http://bbs.dedecms.com' target='_blank' style='color:red'>Technical Support: http://bbs.dedecms.com</a></div>"; | |||
$emsg .= "<div style='line-helght:160%;font-size:14px;color:green'>\r\n"; | |||
$emsg .= "<div style='color:blue'><br />Error page: <font color='red'>".$this->GetCurUrl()."</font></div>\r\n"; | |||
$emsg .= "<div style='color:blue'><br />Error page: <font color='red'>" . $this->GetCurUrl() . "</font></div>\r\n"; | |||
$emsg .= "<div>Error infos: {$msg}</div>\r\n"; | |||
$emsg .= "<br /></div></div>\r\n"; | |||
echo $emsg; | |||
$savemsg = 'Page: '.$this->GetCurUrl()."\r\nError: ".$msg; | |||
$savemsg = 'Page: ' . $this->GetCurUrl() . "\r\nError: " . $msg; | |||
//保存错误日志 | |||
$fp = @fopen($errorTrackFile, 'a'); | |||
@fwrite($fp, '<'.'?php exit();'."\r\n/*\r\n{$savemsg}\r\n*/\r\n?".">\r\n"); | |||
@fwrite($fp, '<' . '?php exit();' . "\r\n/*\r\n{$savemsg}\r\n*/\r\n?" . ">\r\n"); | |||
@fclose($fp); | |||
} | |||
@@ -658,22 +601,17 @@ class FTP { | |||
*/ | |||
function GetCurUrl() | |||
{ | |||
if(!empty($_SERVER["REQUEST_URI"])) | |||
{ | |||
if (!empty($_SERVER["REQUEST_URI"])) { | |||
$scriptName = $_SERVER["REQUEST_URI"]; | |||
$nowurl = $scriptName; | |||
} | |||
else | |||
{ | |||
} else { | |||
$scriptName = $_SERVER["PHP_SELF"]; | |||
if(empty($_SERVER["QUERY_STRING"])) { | |||
if (empty($_SERVER["QUERY_STRING"])) { | |||
$nowurl = $scriptName; | |||
} | |||
else { | |||
$nowurl = $scriptName."?".$_SERVER["QUERY_STRING"]; | |||
} else { | |||
$nowurl = $scriptName . "?" . $_SERVER["QUERY_STRING"]; | |||
} | |||
} | |||
return $nowurl; | |||
} | |||
}//End Class |
@@ -500,7 +500,7 @@ function lib_arclistDone(&$refObj, &$ctag, $typeid=0, $row=10, $col=1, $titlelen | |||
if($row['litpic'] == '-' || $row['litpic'] == '') | |||
{ | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif'; | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif'; | |||
} | |||
if(!preg_match("#^http:\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') | |||
{ | |||
@@ -228,7 +228,7 @@ function lib_arclistsg(&$ctag,&$refObj) | |||
if($row['litpic'] == '-' || $row['litpic'] == '') | |||
{ | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif'; | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif'; | |||
} | |||
if(!preg_match("#^http:\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') | |||
{ | |||
@@ -157,7 +157,7 @@ function lib_likearticle(&$ctag,&$refObj) | |||
if($row['litpic'] == '-' || $row['litpic'] == '') | |||
{ | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif'; | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif'; | |||
} | |||
if(!preg_match("#^http:\/\/#i", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') | |||
{ | |||
@@ -44,7 +44,7 @@ function plus_spacenewart(&$atts,&$refObj,&$fields) | |||
if($row['litpic']=='') | |||
{ | |||
$row['litpic'] = '/images/defaultpic.gif'; | |||
$row['litpic'] = '/static/defaultpic.gif'; | |||
} | |||
if(!preg_match("#^http:\/\/#i", $row['litpic'])) | |||
{ | |||
@@ -1,4 +1,13 @@ | |||
<?php | |||
/** | |||
* 文件上传安全校验方法 | |||
* | |||
* @version $Id: uploadsafe.inc.php 1 15:59 2020年8月19日Z tianya $ | |||
* @package DedeCMS.Libraries | |||
* @copyright Copyright (c) 2007 - 2020, DesDev, Inc. | |||
* @license http://help.dedecms.com/usersguide/license.html | |||
* @link http://www.dedecms.com | |||
*/ | |||
if(!defined('DEDEINC')) exit('Request Error!'); | |||
if(isset($_FILES['GLOBALS'])) exit('Request not allow!'); | |||
@@ -32,13 +41,29 @@ foreach($_FILES as $_key=>$_value) | |||
${$_key.'_name'} = $_FILES[$_key]['name']; | |||
${$_key.'_type'} = $_FILES[$_key]['type'] = preg_replace('#[^0-9a-z\./]#i', '', $_FILES[$_key]['type']); | |||
${$_key.'_size'} = $_FILES[$_key]['size'] = preg_replace('#[^0-9]#','',$_FILES[$_key]['size']); | |||
if(!empty(${$_key.'_name'}) && (preg_match("#\.(".$cfg_not_allowall.")$#i",${$_key.'_name'}) || !preg_match("#\.#", ${$_key.'_name'})) ) | |||
{ | |||
if(!defined('DEDEADMIN')) | |||
if (is_array(${$_key.'_name'})) { | |||
if (count(${$_key.'_name'}) > 0) { | |||
foreach (${$_key.'_name'} as $key => $value) { | |||
if (!empty($value) && (preg_match("#\.(".$cfg_not_allowall.")$#i", $value) || !preg_match("#\.#", $value))) { | |||
if(!defined('DEDEADMIN')) | |||
{ | |||
exit('Not Admin Upload filetype not allow !'); | |||
} | |||
} | |||
} | |||
} | |||
} else { | |||
if(!empty(${$_key.'_name'}) && (preg_match("#\.(".$cfg_not_allowall.")$#i",${$_key.'_name'}) || !preg_match("#\.#", ${$_key.'_name'})) ) | |||
{ | |||
exit('Not Admin Upload filetype not allow !'); | |||
if(!defined('DEDEADMIN')) | |||
{ | |||
exit('Not Admin Upload filetype not allow !'); | |||
} | |||
} | |||
} | |||
if(empty(${$_key.'_size'})) | |||
{ | |||
${$_key.'_size'} = @filesize($$_key); | |||
@@ -50,13 +75,30 @@ foreach($_FILES as $_key=>$_value) | |||
"image/xpng", "image/wbmp", "image/bmp" | |||
); | |||
if(in_array(strtolower(trim(${$_key.'_type'})), $imtypes)) | |||
{ | |||
$image_dd = @getimagesize($$_key); | |||
if (!is_array($image_dd)) | |||
if (is_array(${$_key.'_type'})) { | |||
if (count(${$_key.'_type'}) > 0) { | |||
foreach (${$_key.'_type'} as $key => $value) { | |||
if(in_array(strtolower(trim($value)), $imtypes)) | |||
{ | |||
$image_dd = @getimagesize($$_key); | |||
if (!is_array($image_dd)) | |||
{ | |||
exit('Upload filetype not allow !'); | |||
} | |||
} | |||
} | |||
} | |||
} else { | |||
if(in_array(strtolower(trim(${$_key.'_type'})), $imtypes)) | |||
{ | |||
exit('Upload filetype not allow !'); | |||
$image_dd = @getimagesize($$_key); | |||
if (!is_array($image_dd)) | |||
{ | |||
exit('Upload filetype not allow !'); | |||
} | |||
} | |||
} | |||
} | |||
?> |
@@ -66,7 +66,7 @@ if($tagid !='') | |||
if($row['litpic'] == '-' || $row['litpic'] == '') | |||
{ | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/images/defaultpic.gif'; | |||
$row['litpic'] = $GLOBALS['cfg_cmspath'].'/static/defaultpic.gif'; | |||
} | |||
if(!preg_match("#^http:\/\/#", $row['litpic']) && $GLOBALS['cfg_multi_site'] == 'Y') | |||
{ | |||