DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
Browse Source

生产环境严格模式

tags/6.1.1^2
tianya 2 years ago
parent
35484a060f
commit
cd0e3bb50b
2 changed files with 27 additions and 39 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      src/install/index.php
  2. +26
    -38
      src/system/common.inc.php

+ 1
- 1
src/install/index.php View File

@@ -17,7 +17,7 @@ if(file_exists(INSLOCKFILE))

$verMsg = 'V6';
$dfDbname = 'DedeBIZ';
$cfg_version_detail = '6.1.0'; //详细版本号
$cfg_version_detail = '6.1.1'; //详细版本号
$errmsg = '';
if (version_compare(PHP_VERSION, '8.0.0', '>=')) {
mysqli_report(MYSQLI_REPORT_OFF);


+ 26
- 38
src/system/common.inc.php View File

@@ -9,9 +9,18 @@
//生产环境使用production,如果采用dev模式,会有一些php的报错信息提示,便于开发调试
define('DEDE_ENVIRONMENT', 'production');
if (DEDE_ENVIRONMENT == 'production') {
error_reporting(E_ALL || ~E_NOTICE);
ini_set('display_errors', 0);
if (version_compare(PHP_VERSION, '5.3', '>='))
{
error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT & ~E_USER_NOTICE & ~E_USER_DEPRECATED);
}
else
{
error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_USER_NOTICE);
}
} else {
error_reporting(E_ALL);
error_reporting(-1);
ini_set('display_errors', 1);
}
define('DEBUG_LEVEL', FALSE);//如果设置为TRUE则会打印执行SQL的时间和标签加载时间方便调试
define('DEDEINC', str_replace("\\", '/', dirname(__FILE__)));
@@ -32,9 +41,6 @@ NQabUzX9JoYtXqPcpZRT7ymHrppU0KFdUSEJiW0utTWJo0HrDOBIT5qWlM0MP9p/
PwIDAQAB
-----END PUBLIC KEY-----'); //DedeBIZ系统公钥
define('DEDECDNURL', 'https://cdn.dedebiz.com'); //默认静态资源地址
if (version_compare(PHP_VERSION, '5.3.0', '<') && function_exists("get_magic_quotes_gpc")) {
set_magic_quotes_runtime(0);
}
if (version_compare(PHP_VERSION, '5.4.0', '>=')) {
if (!function_exists('session_register')) {
function session_register()
@@ -60,42 +66,24 @@ if (function_exists('mb_substr')) $cfg_is_mb = TRUE;
if (function_exists('iconv_substr')) $cfg_is_iconv = TRUE;
function _RunMagicQuotes(&$svar)
{
if (function_exists("get_magic_quotes_gpc") && !@get_magic_quotes_gpc()) {
if (is_array($svar)) {
foreach ($svar as $_k => $_v) $svar[$_k] = _RunMagicQuotes($_v);
} else {
if (strlen($svar) > 0 && preg_match('#^(cfg_|GLOBALS|_GET|_POST|_COOKIE|_SESSION)#', $svar)) {
exit('Request var not allow!');
}
$svar = addslashes($svar);
if (is_array($svar)) {
foreach ($svar as $_k => $_v) {
if ($_k == 'nvarname') continue;
_RunMagicQuotes($_k);
$svar[$_k] = _RunMagicQuotes($_v);
}
} else {
if (strlen($svar) > 0 && preg_match('#^(cfg_|GLOBALS|_GET|_REQUEST|_POST|_COOKIE|_SESSION)#', $svar)) {
exit('Request var not allow!');
}
$svar = addslashes($svar);
}
return $svar;
}
if (!defined('DEDEREQUEST')) {
//检查和注册外部提交的变量(2011.8.10 修改登录时相关过滤)
function CheckRequest(&$val)
{
if (is_array($val)) {
foreach ($val as $_k => $_v) {
if ($_k == 'nvarname') continue;
CheckRequest($_k);
CheckRequest($val[$_k]);
}
} else {
if (strlen($val) > 0 && preg_match('#^(cfg_|GLOBALS|_GET|_POST|_COOKIE|_SESSION)#', $val)) {
exit('Request var not allow!');
}
}
}
//var_dump($_REQUEST);exit;
CheckRequest($_REQUEST);
CheckRequest($_COOKIE);
foreach (array('_GET', '_POST', '_COOKIE') as $_request) {
foreach ($$_request as $_k => $_v) {
if ($_k == 'nvarname') ${$_k} = $_v;
else ${$_k} = _RunMagicQuotes($_v);
}
foreach (array('_GET', '_POST', '_COOKIE', '_REQUEST') as $_request) {
foreach ($$_request as $_k => $_v) {
if ($_k == 'nvarname') ${$_k} = $_v;
else ${$_k} = _RunMagicQuotes($_v);
}
}
//系统相关变量检测
@@ -195,7 +183,7 @@ $cfg_soft_dir = $cfg_medias_dir.'/soft';
$cfg_other_medias = $cfg_medias_dir.'/media';
//软件摘要信息,****请不要删除本项**** 否则系统无法正确接收系统漏洞或升级信息
$cfg_version = 'V6';
$cfg_version_detail = '6.1.0'; //详细版本号
$cfg_version_detail = '6.1.1'; //详细版本号
$cfg_soft_lang = 'utf-8';
$cfg_soft_public = 'base';
$cfg_softname = '织梦内容管理系统';


Write Preview
Loading…
Cancel
Save