首頁 探索 說明
註冊 登入
roobe
/
zijia
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
分支: online
分支列表 標籤列表
zijia
/
source
/
include
/
portalcp
/
portalcp_upload.php

portalcp_upload.php 7.4 KB
永久連結 文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196 
  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  *      [Discuz!] (C)2001-2099 Comsenz Inc.
    5. 

  5.  *      This is NOT a freeware, use is subject to license terms
    6. 

  6.  *
    7. 

  7.  *      $Id: portalcp_upload.php 30107 2012-05-11 02:10:58Z svn_project_zhangjie $
    8. 

  8.  */
    9. 

  9. 

  10. if(!defined('IN_DISCUZ')) {
    11. 

  11. 	exit('Access Denied');
    12. 

  12. }
    13. 

  13. $operation = $_GET['op'] ? $_GET['op'] : '';
    14. 

  14. 

  15. $upload = new discuz_upload();
    16. 

  16. $downremotefile = false;
    17. 

  17. $aid = intval(getgpc('aid'));
    18. 

  18. $catid = intval(getgpc('catid'));
    19. 

  19. if($aid) {
    20. 

  20. 	$article = C::t('portal_article_title')->fetch($aid);
    21. 

  21. 	if(!$article) {
    22. 

  22. 		portal_upload_error(lang('portalcp', 'article_noexist'));
    23. 

  23. 	}
    24. 

  24. 	if(check_articleperm($catid, $aid, $article, false, true) !== true) {
    25. 

  25. 		portal_upload_error(lang('portalcp', 'article_noallowed'));
    26. 

  26. 	}
    27. 

  27. } else {
    28. 

  28. 	if(($return = check_articleperm($catid, $aid, null, false, true)) !== true) {
    29. 

  29. 		portal_upload_error(lang('portalcp', $return));
    30. 

  30. 	}
    31. 

  31. }
    32. 

  32. 

  33. if($operation == 'downremotefile') {
    34. 

  34. 	$arrayimageurl = $temp = $imagereplace = array();
    35. 

  35. 	$string = $_GET['content'];
    36. 

  36. 	$downremotefile = true;
    37. 

  37. 	preg_match_all("/\<img.+src=('|\"|)?(.*)(\\1)([\s].*)?\>/ismUe", $string, $temp, PREG_SET_ORDER);
    38. 

  38. 	if(is_array($temp) && !empty($temp)) {
    39. 

  39. 		foreach($temp as $tempvalue) {
    40. 

  40. 			$tempvalue[2] = str_replace('\"', '', $tempvalue[2]);
    41. 

  41. 			if(strlen($tempvalue[2])){
    42. 

  42. 				$arrayimageurl[] = $tempvalue[2];
    43. 

  43. 			}
    44. 

  44. 		}
    45. 

  45. 		$arrayimageurl = array_unique($arrayimageurl);
    46. 

  46. 		if($arrayimageurl) {
    47. 

  47. 			foreach($arrayimageurl as $tempvalue) {
    48. 

  48. 				$imageurl = $tempvalue;
    49. 

  49. 				$imagereplace['oldimageurl'][] = $imageurl;
    50. 

  50. 				$attach['ext'] = $upload->fileext($imageurl);
    51. 

  51. 				if(!$upload->is_image_ext($attach['ext'])) {
    52. 

  52. 					continue;
    53. 

  53. 				}
    54. 

  54. 				$content = '';
    55. 

  55. 				if(preg_match('/^(http:\/\/|\.)/i', $imageurl)) {
    56. 

  56. 					$content = dfsockopen($imageurl);
    57. 

  57. 				} elseif(checkperm('allowdownlocalimg')) {
    58. 

  58. 					if(preg_match('/^data\/(.*?)\.thumb\.jpg$/i', $imageurl)) {
    59. 

  59. 						$content = file_get_contents(substr($imageurl, 0, strrpos($imageurl, '.')-6));
    60. 

  60. 					} elseif(preg_match('/^data\/(.*?)\.(jpg|jpeg|gif|png)$/i', $imageurl)) {
    61. 

  61. 						$content = file_get_contents($imageurl);
    62. 

  62. 					}
    63. 

  63. 				}
    64. 

  64. 				if(empty($content)) continue;
    65. 

  65. 				$temp = explode('/', $imageurl);
    66. 

  66. 

  67. 				$attach['name'] =  trim($temp[count($temp)-1]);
    68. 

  68. 				$attach['thumb'] = '';
    69. 

  69. 

  70. 				$attach['isimage'] = $upload -> is_image_ext($attach['ext']);
    71. 

  71. 				$attach['extension'] = $upload -> get_target_extension($attach['ext']);
    72. 

  72. 				$attach['attachdir'] = $upload -> get_target_dir('portal');
    73. 

  73. 				$attach['attachment'] = $attach['attachdir'] . $upload->get_target_filename('portal').'.'.$attach['extension'];
    74. 

  74. 				$attach['target'] = getglobal('setting/attachdir').'./portal/'.$attach['attachment'];
    75. 

  75. 

  76. 				if(!@$fp = fopen($attach['target'], 'wb')) {
    77. 

  77. 					continue;
    78. 

  78. 				} else {
    79. 

  79. 					flock($fp, 2);
    80. 

  80. 					fwrite($fp, $content);
    81. 

  81. 					fclose($fp);
    82. 

  82. 				}
    83. 

  83. 				if(!$upload->get_image_info($attach['target'])) {
    84. 

  84. 					@unlink($attach['target']);
    85. 

  85. 					continue;
    86. 

  86. 				}
    87. 

  87. 				$attach['size'] = filesize($attach['target']);
    88. 

  88. 				$attachs[] = daddslashes($attach);
    89. 

  89. 			}
    90. 

  90. 		}
    91. 

  91. 	}
    92. 

  92. } else {
    93. 

  93. 

  94. 	$upload->init($_FILES['attach'], 'portal');
    95. 

  95. 	$attach = $upload->attach;
    96. 

  96. 

  97. 	if(!$upload->error()) {
    98. 

  98. 		$upload->save();
    99. 

  99. 	}
    100. 

  100. 	if($upload->error()) {
    101. 

  101. 		portal_upload_error($upload->error());
    102. 

  102. 	}
    103. 

  103. 	$attachs[] = $attach;
    104. 

  104. }
    105. 

  105. 

  106. if($attachs) {
    107. 

  107. 

  108. 	foreach($attachs as $attach) {
    109. 

  109. 		if($attach['isimage'] && empty($_G['setting']['portalarticleimgthumbclosed'])) {
    110. 

  110. 			require_once libfile('class/image');
    111. 

  111. 			$image = new image();
    112. 

  112. 			$thumbimgwidth = $_G['setting']['portalarticleimgthumbwidth'] ? $_G['setting']['portalarticleimgthumbwidth'] : 300;
    113. 

  113. 			$thumbimgheight = $_G['setting']['portalarticleimgthumbheight'] ? $_G['setting']['portalarticleimgthumbheight'] : 300;
    114. 

  114. 			$attach['thumb'] = $image->Thumb($attach['target'], '', $thumbimgwidth, $thumbimgheight, 2);
    115. 

  115. 			$image->Watermark($attach['target'], '', 'portal');
    116. 

  116. 		}
    117. 

  117. 

  118. 		if(getglobal('setting/ftp/on') && ((!$_G['setting']['ftp']['allowedexts'] && !$_G['setting']['ftp']['disallowedexts']) || ($_G['setting']['ftp']['allowedexts'] && in_array($attach['ext'], $_G['setting']['ftp']['allowedexts'])) || ($_G['setting']['ftp']['disallowedexts'] && !in_array($attach['ext'], $_G['setting']['ftp']['disallowedexts']))) && (!$_G['setting']['ftp']['minsize'] || $attach['size'] >= $_G['setting']['ftp']['minsize'] * 1024)) {
    119. 

  119. 			if(ftpcmd('upload', 'portal/'.$attach['attachment']) && (!$attach['thumb'] || ftpcmd('upload', 'portal/'.getimgthumbname($attach['attachment'])))) {
    120. 

  120. 				@unlink($_G['setting']['attachdir'].'/portal/'.$attach['attachment']);
    121. 

  121. 				@unlink($_G['setting']['attachdir'].'/portal/'.getimgthumbname($attach['attachment']));
    122. 

  122. 				$attach['remote'] = 1;
    123. 

  123. 			} else {
    124. 

  124. 				if(getglobal('setting/ftp/mirror')) {
    125. 

  125. 					@unlink($attach['target']);
    126. 

  126. 					@unlink(getimgthumbname($attach['target']));
    127. 

  127. 					portal_upload_error(lang('portalcp', 'upload_remote_failed'));
    128. 

  128. 				}
    129. 

  129. 			}
    130. 

  130. 		}
    131. 

  131. 

  132. 		$setarr = array(
    133. 

  133. 			'uid' => $_G['uid'],
    134. 

  134. 			'filename' => $attach['name'],
    135. 

  135. 			'attachment' => $attach['attachment'],
    136. 

  136. 			'filesize' => $attach['size'],
    137. 

  137. 			'isimage' => $attach['isimage'],
    138. 

  138. 			'thumb' => $attach['thumb'],
    139. 

  139. 			'remote' => $attach['remote'],
    140. 

  140. 			'filetype' => $attach['extension'],
    141. 

  141. 			'dateline' => $_G['timestamp'],
    142. 

  142. 			'aid' => $aid
    143. 

  143. 		);
    144. 

  144. 		$setarr['attachid'] = C::t('portal_attachment')->insert($setarr, true);
    145. 

  145. 		if($downremotefile) {
    146. 

  146. 			$attach['url'] = ($attach['remote'] ? $_G['setting']['ftp']['attachurl'] : $_G['setting']['attachurl']).'portal/';
    147. 

  147. 			$imagereplace['newimageurl'][] = $attach['url'].$attach['attachment'];
    148. 

  148. 		}
    149. 

  149. 		portal_upload_show($setarr);
    150. 

  150. 	}
    151. 

  151. 	if($downremotefile && $imagereplace) {
    152. 

  152. 		$string = preg_replace(array("/\<(script|style|iframe)[^\>]*?\>.*?\<\/(\\1)\>/si", "/\<!*(--|doctype|html|head|meta|link|body)[^\>]*?\>/si"), '', $string);
    153. 

  153. 		$string = str_replace($imagereplace['oldimageurl'], $imagereplace['newimageurl'], $string);
    154. 

  154. 		$string = str_replace(array("\r", "\n", "\r\n"), '', addcslashes($string, '/"\\\''));
    155. 

  155. 		print <<<EOF
    156. 

  156. 		<script type="text/javascript">
    157. 

  157. 			var f = parent.window.frames["uchome-ifrHtmlEditor"].window.frames["HtmlEditor"];
    158. 

  158. 			f.document.body.innerHTML = '$string';
    159. 

  159. 		</script>
    160. 

  160. EOF;
    161. 

  161. 	}
    162. 

  162. 	exit();
    163. 

  163. }
    164. 

  164. 

  165. 

  166. function portal_upload_error($msg) {
    167. 

  167. 	echo '<script>';
    168. 

  168. 	echo 'if(parent.$(\'localfile_'.$_GET['attach_target_id'].'\') != null)parent.$(\'localfile_'.$_GET['attach_target_id'].'\').innerHTML = \''.lang('portalcp', 'upload_error').$msg.'\';else alert(\''.$msg.'\')';
    169. 

  169. 	echo '</script>';
    170. 

  170. 	exit();
    171. 

  171. }
    172. 

  172. 

  173. function portal_upload_show($attach) {
    174. 

  174. 	global $_G;
    175. 

  175. 

  176. 	$imagehtml = $filehtml = $coverstr ='';
    177. 

  177. 

  178. 	if($attach['isimage']) {
    179. 

  179. 		$imagehtml = get_uploadcontent($attach, 'portal', 'upload');
    180. 

  180. 		$coverstr = addslashes(serialize(array('pic'=>'portal/'.$attach['attachment'], 'thumb'=>$attach['thumb'], 'remote'=>$attach['remote'])));
    181. 

  181. 	} else {
    182. 

  182. 		$filehtml = get_uploadcontent($attach, 'portal', 'upload');
    183. 

  183. 	}
    184. 

  184. 

  185. 	echo '<script type="text/javascript" src="'.$_G[setting][jspath].'handlers.js?'.$_G['style']['verhash'].'"></script>';
    186. 

  186. 	echo '<script>';
    187. 

  187. 	if($imagehtml) echo 'var tdObj = getInsertTdId(parent.$(\'imgattachlist\'), \'attach_list_'.$attach['attachid'].'\');tdObj.innerHTML = \''.addslashes($imagehtml).'\';';
    188. 

  188. 	if($filehtml) echo 'parent.$(\'attach_file_body\').innerHTML = \''.addslashes($filehtml).'\'+parent.$(\'attach_file_body\').innerHTML;';
    189. 

  189. 	echo 'if(parent.$(\'localfile_'.$_GET['attach_target_id'].'\') != null)parent.$(\'localfile_'.$_GET['attach_target_id'].'\').style.display = \'none\';';
    190. 

  190. 	echo 'parent.$(\'attach_ids\').value += \','.$attach['attachid'].'\';';
    191. 

  191. 	if($coverstr) echo 'if(parent.$(\'conver\').value == \'\')parent.$(\'conver\').value = \''.$coverstr.'\';';
    192. 

  192. 	echo '</script>';
    193. 

  193. 

  194. }
    195. 

  195. 

  196. ?>
    197.