DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1340 Commits
3 Branches
110MB
Tree: 52c1c95671
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '52c1c95671'
${ noResults }
DedeV6/src/admin/dialog/select_soft_post.php

104 lines
4.3KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 软件发送

  4.  *

  5.  * @version        $id:select_soft_post.php 9:43 2010年7月8日 tianya $

  6.  * @package        DedeBIZ.Dialog

  7.  * @copyright      Copyright (c) 2022 DedeBIZ.COM

  8.  * @license        https://www.dedebiz.com/license

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. if (!isset($cfg_basedir)) {

  12.     include_once(dirname(__FILE__).'/config.php');

  13. }

  14. if (empty($uploadfile)) $uploadfile = '';

  15. if (empty($uploadmbtype)) $uploadmbtype = '软件类型';

  16. if (empty($bkurl)) $bkurl = 'select_soft.php';

  17. $CKEditorFuncNum = (isset($CKEditorFuncNum)) ? $CKEditorFuncNum : 1;

  18. $newname = (empty($newname) ? '' : preg_replace("#[\\ \"\*\?\t\r\n<>':\/|]#", "", $newname));

  19. $uploadfile = isset($imgfile) && empty($uploadfile) ? $imgfile : $uploadfile;

  20. $uploadfile_name = isset($imgfile_name) && empty($uploadfile_name) ? $imgfile_name : $uploadfile_name;

  21. if (!is_uploaded_file($uploadfile)) {

  22.     ShowMsg("您没有选择上传的文件或选择的文件大小超出限制", "-1");

  23.     exit();

  24. }

  25. //软件类型所有支持的附件

  26. $cfg_softtype = $cfg_softtype;

  27. $cfg_softtype = str_replace('||', '|', $cfg_softtype);

  28. $uploadfile_name = trim(preg_replace("#[ \r\n\t\*\%\\\/\?><\|\":]{1,}#", '', $uploadfile_name));

  29. if (!preg_match("#\.(".$cfg_softtype.")#i", $uploadfile_name)) {

  30.     ShowMsg("您所上传的<span class='text-primary'>{$uploadmbtype}</span>不在许可列表,请修改系统对扩展名限定的配置", "-1");

  31.     exit();

  32. }

  33. $nowtme = time();

  34. if ($activepath == $cfg_soft_dir) {

  35.     $newdir = MyDate($cfg_addon_savetype, $nowtme);

  36.     $activepath = $activepath.'/'.$newdir;

  37.     if (!is_dir($cfg_basedir.$activepath)) {

  38.         MkdirAll($cfg_basedir.$activepath, $cfg_dir_purview);

  39.         CloseFtp();

  40.     }

  41. }

  42. //文件名(前为手工指定,后者自动处理)

  43. if (!empty($newname)) {

  44.     $filename = $newname;

  45.     if (!preg_match("#\.#", $filename)) $fs = explode('.', $uploadfile_name);

  46.     else $fs = explode('.', $filename);

  47.     if (preg_match("#".$cfg_not_allowall."#", $fs[count($fs) - 1])) {

  48.         ShowMsg("指定的文件名已被系统禁止", 'javascript:;');

  49.         exit();

  50.     }

  51.     if (!preg_match("#\.#", $filename)) $filename = $filename.'.'.$fs[count($fs) - 1];

  52. } else {

  53.     $filename = $cuserLogin->getUserID().'-'.dd2char(MyDate('ymdHis', $nowtme));

  54.     $fs = explode('.', $uploadfile_name);

  55.     if (preg_match("#".$cfg_not_allowall."#", $fs[count($fs) - 1])) {

  56.         ShowMsg("您上传了某些可能存在不安全因素的文件,系统拒绝操作", "-1");

  57.         exit();

  58.     }

  59.     $filename = $filename.'.'.$fs[count($fs) - 1];

  60. }

  61. if (preg_match('#\.(php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml)[^a-zA-Z0-9]+$#i', trim($filename))) {

  62.     ShowMsg("指定的文件名已被系统禁止",'javascript:;');

  63.     exit();

  64. }

  65. $fullfilename = $cfg_basedir.$activepath.'/'.$filename;

  66. $fullfileurl = $activepath.'/'.$filename;

  67. $mime = get_mime_type($uploadfile);

  68. if (preg_match("#^unknow#", $mime)) {

  69.     ShowMsg("系统不支持fileinfo组件,建议php.ini中开启", -1);

  70.     exit;

  71. }

  72. if (!preg_match("#^(image|video|audio|application)#i", $mime)) {

  73.     ShowMsg("仅支持媒体文件及应用程序上传", -1);

  74.     exit;

  75. }

  76. move_uploaded_file($uploadfile, $fullfilename) or die("上传文件到<span class='text-primary'>$fullfilename</span>失败");

  77. @unlink($uploadfile);

  78. if ($uploadfile_type == 'application/x-shockwave-flash') {

  79.     $mediatype = 2;

  80. } else if (preg_match('#image#i', $uploadfile_type)) {

  81.     $mediatype = 1;

  82. } else if (preg_match('#audio|media|video#i', $uploadfile_type)) {

  83.     $mediatype = 3;

  84. } else {

  85.     $mediatype = 4;

  86. }

  87. $inquery = "INSERT INTO `#@__uploads` (arcid,title,url,mediatype,width,height,playtime,filesize,uptime,mid) VALUES ('0','$filename','$fullfileurl','$mediatype','0','0','0','{$uploadfile_size}','{$nowtme}','".$cuserLogin->getUserID()."'); ";

  88. $dsql->ExecuteNoneQuery($inquery);

  89. $fid = $dsql->GetLastID();

  90. AddMyAddon($fid, $fullfileurl);

  91. if ($ck == 1) {

  92.     $funcNum = isset($_GET['CKEditorFuncNum']) ? $_GET['CKEditorFuncNum'] : 1;

  93.     $url = $fullfileurl;

  94.     $arr = array(

  95.         "uploaded" => 1,

  96.         "fileName" => $filename,

  97.         "url" => $url,

  98.     );

  99.     echo json_encode($arr);

  100. } else {

  101.     ShowMsg("成功上传文件", $bkurl."?comeback=".urlencode($filename)."&f=$f&CKEditorFuncNum=$CKEditorFuncNum&activepath=".urlencode($activepath)."&d=".time());

  102.     exit();

  103. }

  104. ?>