国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

93 lines
3.9KB

  1. <?php
  2. /**
  3. * 附件添加
  4. *
  5. * @version $id:media_add.php 2 15:25 2011-6-2 tianya $
  6. * @package DedeBIZ.Administrator
  7. * @copyright Copyright (c) 2022 DedeBIZ.COM
  8. * @license https://www.dedebiz.com/license
  9. * @link https://www.dedebiz.com
  10. */
  11. require_once(dirname(__FILE__)."/config.php");
  12. //增加权限检查
  13. if (empty($dopost)) $dopost = "";
  14. //上传
  15. if ($dopost == "upload") {
  16. CheckCSRF();
  17. require_once(DEDEINC."/image.func.php");
  18. $sparr_image = array("image/pjpeg", "image/jpeg", "image/gif", "image/png", "image/x-png", "image/wbmp");
  19. $sparr_flash = array("application/xshockwaveflash");
  20. $okdd = 0;
  21. $uptime = time();
  22. $adminid = $cuserLogin->getUserID();
  23. $width = $height = '';
  24. for ($i = 0; $i <= 40; $i++) {
  25. if (isset(${"upfile".$i}) && is_uploaded_file(${"upfile".$i})) {
  26. $filesize = ${"upfile".$i."_size"};
  27. $upfile_type = ${"upfile".$i."_type"};
  28. $upfile_name = ${"upfile".$i."_name"};
  29. $dpath = MyDate("ymd", $uptime);
  30. if (in_array($upfile_type, $sparr_image)) {
  31. $mediatype = 1;
  32. $savePath = $cfg_image_dir."/".$dpath;
  33. } else if (in_array($upfile_type, $sparr_flash)) {
  34. $mediatype = 2;
  35. $savePath = $cfg_other_medias."/".$dpath;
  36. }
  37. //修复附件无法上传的错误
  38. else if (preg_match('#audio|media|video#i', $upfile_type) && preg_match("#\.".$cfg_mediatype."$#i", $upfile_name)) {
  39. $mediatype = 3;
  40. $savePath = $cfg_other_medias."/".$dpath;
  41. } else if (preg_match("#\.".$cfg_softtype."+\.".$cfg_softtype."$#i", $upfile_name)) {
  42. $mediatype = 4;
  43. $savePath = $cfg_soft_dir."/".$dpath;
  44. } else {
  45. continue;
  46. }
  47. $filename = "{$adminid}_".MyDate("His", $uptime).mt_rand(100, 999).$i;
  48. $fs = explode(".", ${"upfile".$i."_name"});
  49. $filename = $filename.".".$fs[count($fs) - 1];
  50. $filename = $savePath."/".$filename;
  51. if (!is_dir($cfg_basedir.$savePath)) {
  52. MkdirAll($cfg_basedir.$savePath, 777);
  53. CloseFtp();
  54. }
  55. if (preg_match('#\.(php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml)$#i', trim($newname))) {
  56. ShowMsg("指定的文件名已被系统禁止", "javascript:;");
  57. exit();
  58. }
  59. $fullfilename = $cfg_basedir.$filename;
  60. $mime = get_mime_type(${"upfile".$i});
  61. if (preg_match("#^unknow#", $mime)) {
  62. ShowMsg("系统不支持fileinfo组件,建议php.ini中开启", -1);
  63. exit;
  64. }
  65. if (!preg_match("#^(image|video|audio|application)#i", $mime)) {
  66. ShowMsg("仅支持媒体文件及应用程序上传", -1);
  67. exit;
  68. }
  69. if ($mediatype == 1) {
  70. @move_uploaded_file(${"upfile".$i}, $fullfilename);
  71. $info = '';
  72. $data = getImagesize($fullfilename, $info);
  73. $width = $data[0];
  74. $height = $data[1];
  75. if (in_array($upfile_type, $cfg_photo_typenames)) WaterImg($fullfilename, 'up');
  76. } else {
  77. @move_uploaded_file(${"upfile".$i}, $fullfilename);
  78. }
  79. if ($i > 1) {
  80. $ntitle = $title."_".$i;
  81. } else {
  82. $ntitle = $title;
  83. }
  84. $inquery = "INSERT INTO `#@__uploads` (title,url,mediatype,width,height,playtime,filesize,uptime,mid) VALUES ('$ntitle','$filename','$mediatype','$width','$height','$playtime','$filesize','$uptime','$adminid'); ";
  85. $okdd++;
  86. $dsql->ExecuteNoneQuery($inquery);
  87. }
  88. }
  89. ShowMsg("成功上传<span class='text-primary'>{$okdd}</span>个文件", "media_main.php");
  90. exit();
  91. }
  92. include DedeInclude('templets/media_add.htm');
  93. ?>