叙述、别离
1 year ago
3 changed files with 5 additions and 7 deletions
Unified View
Diff Options
-
+3 -3src/admin/dialog/select_soft_post.php
-
+0 -2src/admin/file_class.php
-
+2 -2src/admin/media_add.php
+ 3
- 3
src/admin/dialog/select_soft_post.php
View File
| @@ -45,7 +45,7 @@ if (!empty($newname)) { | |||||
| if (!preg_match("#\.#", $filename)) $fs = explode('.', $uploadfile_name); | if (!preg_match("#\.#", $filename)) $fs = explode('.', $uploadfile_name); | ||||
| else $fs = explode('.', $filename); | else $fs = explode('.', $filename); | ||||
| if (preg_match("#".$cfg_not_allowall."#", $fs[count($fs) - 1])) { | if (preg_match("#".$cfg_not_allowall."#", $fs[count($fs) - 1])) { | ||||
| ShowMsg("指定的文件名已被系统禁止", 'javascript:;'); | |||||
| ShowMsg("指定的文件名已被系统禁止", "javascript:;"); | |||||
| exit(); | exit(); | ||||
| } | } | ||||
| if (!preg_match("#\.#", $filename)) $filename = $filename.'.'.$fs[count($fs) - 1]; | if (!preg_match("#\.#", $filename)) $filename = $filename.'.'.$fs[count($fs) - 1]; | ||||
| @@ -58,8 +58,8 @@ if (!empty($newname)) { | |||||
| } | } | ||||
| $filename = $filename.'.'.$fs[count($fs) - 1]; | $filename = $filename.'.'.$fs[count($fs) - 1]; | ||||
| } | } | ||||
| if (preg_match('#\.(php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml)[^a-zA-Z0-9]+$#i', trim($filename))) { | |||||
| ShowMsg("指定的文件名已被系统禁止",'javascript:;'); | |||||
| if (preg_match('#\.(php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml)$#i', trim($filename))) { | |||||
| ShowMsg("指定的文件名已被系统禁止", "javascript:;"); | |||||
| exit(); | exit(); | ||||
| } | } | ||||
| $fullfilename = $cfg_basedir.$activepath.'/'.$filename; | $fullfilename = $cfg_basedir.$activepath.'/'.$filename; | ||||
+ 0
- 2
src/admin/file_class.php
View File
| @@ -30,14 +30,12 @@ class FileManagement | |||||
| $newname = $this->baseDir.$this->activeDir."/".$newname; | $newname = $this->baseDir.$this->activeDir."/".$newname; | ||||
| $oldext = pathinfo($oldname)['extension']; | $oldext = pathinfo($oldname)['extension']; | ||||
| $newext = pathinfo($newname)['extension']; | $newext = pathinfo($newname)['extension']; | ||||
| if ($oldext != $newext) { | if ($oldext != $newext) { | ||||
| if (preg_match('#\.(php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml)$#i', trim($newname))) { | if (preg_match('#\.(php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml)$#i', trim($newname))) { | ||||
| ShowMsg("指定的文件名已被系统禁止", "javascript:;"); | ShowMsg("指定的文件名已被系统禁止", "javascript:;"); | ||||
| exit(); | exit(); | ||||
| } | } | ||||
| } | } | ||||
| if (($newname != $oldname) && is_writable($oldname)) { | if (($newname != $oldname) && is_writable($oldname)) { | ||||
| rename($oldname, $newname); | rename($oldname, $newname); | ||||
| } | } | ||||
+ 2
- 2
src/admin/media_add.php
View File
| @@ -52,8 +52,8 @@ if ($dopost == "upload") { | |||||
| MkdirAll($cfg_basedir.$savePath, 777); | MkdirAll($cfg_basedir.$savePath, 777); | ||||
| CloseFtp(); | CloseFtp(); | ||||
| } | } | ||||
| if (preg_match('#\.(php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml)[^a-zA-Z0-9]+$#i', trim($filename))) { | |||||
| ShowMsg("指定的文件名已被系统禁止",'javascript:;'); | |||||
| if (preg_match('#\.(php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml)$#i', trim($newname))) { | |||||
| ShowMsg("指定的文件名已被系统禁止", "javascript:;"); | |||||
| exit(); | exit(); | ||||
| } | } | ||||
| $fullfilename = $cfg_basedir.$filename; | $fullfilename = $cfg_basedir.$filename; | ||||