From cd0e3bb50be27f63c1d8e3b5499102ac88074af9 Mon Sep 17 00:00:00 2001
From: tianya <tianya@benshar.com>
Date: Sun, 20 Mar 2022 18:24:55 +0800
Subject: [PATCH] =?UTF-8?q?=E7=94=9F=E4=BA=A7=E7=8E=AF=E5=A2=83=E4=B8=A5?=
 =?UTF-8?q?=E6=A0=BC=E6=A8=A1=E5=BC=8F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/install/index.php     |  2 +-
 src/system/common.inc.php | 64 ++++++++++++++++-----------------------
 2 files changed, 27 insertions(+), 39 deletions(-)

diff --git a/src/install/index.php b/src/install/index.php
index 72b52188..03b4f30b 100644
--- a/src/install/index.php
+++ b/src/install/index.php
@@ -17,7 +17,7 @@ if(file_exists(INSLOCKFILE))
 
 $verMsg = 'V6';
 $dfDbname = 'DedeBIZ';
-$cfg_version_detail = '6.1.0'; //详细版本号
+$cfg_version_detail = '6.1.1'; //详细版本号
 $errmsg = '';
 if (version_compare(PHP_VERSION, '8.0.0', '>=')) {
     mysqli_report(MYSQLI_REPORT_OFF);
diff --git a/src/system/common.inc.php b/src/system/common.inc.php
index a3c91fc4..41e0c324 100755
--- a/src/system/common.inc.php
+++ b/src/system/common.inc.php
@@ -9,9 +9,18 @@
 //生产环境使用production，如果采用dev模式，会有一些php的报错信息提示，便于开发调试
 define('DEDE_ENVIRONMENT', 'production');
 if (DEDE_ENVIRONMENT == 'production') {
-    error_reporting(E_ALL || ~E_NOTICE);
+    ini_set('display_errors', 0);
+    if (version_compare(PHP_VERSION, '5.3', '>='))
+    {
+        error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT & ~E_USER_NOTICE & ~E_USER_DEPRECATED);
+    }
+    else
+    {
+        error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_USER_NOTICE);
+    }
 } else {
-    error_reporting(E_ALL);
+    error_reporting(-1);
+    ini_set('display_errors', 1);
 }
 define('DEBUG_LEVEL', FALSE);//如果设置为TRUE则会打印执行SQL的时间和标签加载时间方便调试
 define('DEDEINC', str_replace("\\", '/', dirname(__FILE__)));
@@ -32,9 +41,6 @@ NQabUzX9JoYtXqPcpZRT7ymHrppU0KFdUSEJiW0utTWJo0HrDOBIT5qWlM0MP9p/
 PwIDAQAB
 -----END PUBLIC KEY-----'); //DedeBIZ系统公钥
 define('DEDECDNURL', 'https://cdn.dedebiz.com'); //默认静态资源地址
-if (version_compare(PHP_VERSION, '5.3.0', '<') && function_exists("get_magic_quotes_gpc")) {
-    set_magic_quotes_runtime(0);
-}
 if (version_compare(PHP_VERSION, '5.4.0', '>=')) {
     if (!function_exists('session_register')) {
         function session_register()
@@ -60,42 +66,24 @@ if (function_exists('mb_substr')) $cfg_is_mb = TRUE;
 if (function_exists('iconv_substr')) $cfg_is_iconv = TRUE;
 function _RunMagicQuotes(&$svar)
 {
-    if (function_exists("get_magic_quotes_gpc") && !@get_magic_quotes_gpc()) {
-        if (is_array($svar)) {
-            foreach ($svar as $_k => $_v) $svar[$_k] = _RunMagicQuotes($_v);
-        } else {
-            if (strlen($svar) > 0 && preg_match('#^(cfg_|GLOBALS|_GET|_POST|_COOKIE|_SESSION)#', $svar)) {
-                exit('Request var not allow!');
-            }
-            $svar = addslashes($svar);
+    if (is_array($svar)) {
+        foreach ($svar as $_k => $_v) {
+            if ($_k == 'nvarname') continue;
+            _RunMagicQuotes($_k);
+            $svar[$_k] = _RunMagicQuotes($_v);
+        }
+    } else {
+        if (strlen($svar) > 0 && preg_match('#^(cfg_|GLOBALS|_GET|_REQUEST|_POST|_COOKIE|_SESSION)#', $svar)) {
+            exit('Request var not allow!');
         }
+        $svar = addslashes($svar);
     }
     return $svar;
 }
-if (!defined('DEDEREQUEST')) {
-    //检查和注册外部提交的变量（2011.8.10 修改登录时相关过滤）
-    function CheckRequest(&$val)
-    {
-        if (is_array($val)) {
-            foreach ($val as $_k => $_v) {
-                if ($_k == 'nvarname') continue;
-                CheckRequest($_k);
-                CheckRequest($val[$_k]);
-            }
-        } else {
-            if (strlen($val) > 0 && preg_match('#^(cfg_|GLOBALS|_GET|_POST|_COOKIE|_SESSION)#', $val)) {
-                exit('Request var not allow!');
-            }
-        }
-    }
-    //var_dump($_REQUEST);exit;
-    CheckRequest($_REQUEST);
-    CheckRequest($_COOKIE);
-    foreach (array('_GET', '_POST', '_COOKIE') as $_request) {
-        foreach ($$_request as $_k => $_v) {
-            if ($_k == 'nvarname') ${$_k} = $_v;
-            else ${$_k} = _RunMagicQuotes($_v);
-        }
+foreach (array('_GET', '_POST', '_COOKIE', '_REQUEST') as $_request) {
+    foreach ($$_request as $_k => $_v) {
+        if ($_k == 'nvarname') ${$_k} = $_v;
+        else ${$_k} = _RunMagicQuotes($_v);
     }
 }
 //系统相关变量检测
@@ -195,7 +183,7 @@ $cfg_soft_dir = $cfg_medias_dir.'/soft';
 $cfg_other_medias = $cfg_medias_dir.'/media';
 //软件摘要信息，****请不要删除本项**** 否则系统无法正确接收系统漏洞或升级信息
 $cfg_version = 'V6';
-$cfg_version_detail = '6.1.0'; //详细版本号
+$cfg_version_detail = '6.1.1'; //详细版本号
 $cfg_soft_lang = 'utf-8';
 $cfg_soft_public = 'base';
 $cfg_softname = '织梦内容管理系统';