fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-04 09:32:15 +09:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #622 from kijin/pr/1.8.27

Browse source 
Merge with XE 1.8.27
This commit is contained in:
Kijin Sung 2016-10-28 15:38:13 +09:00 committed by GitHub
commit e519d30688
4 changed files with 94 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

124
addons/blogapi/blogapi.addon.php
View file

@ -99,8 +99,10 @@ if($called_position == 'before_module_proc')
$category_list = $oDocumentModel->getCategoryList($this->module_srl); $category_list = $oDocumentModel->getCategoryList($this->module_srl);
// Specifies a temporary file storage // Specifies a temporary file storage
$tmp_uploaded_path = sprintf(_XE_PATH_ . 'files/cache/blogapi/%s/%s/', $this->mid, $user_id); $logged_info = Context::get('logged_info');
$uploaded_target_path = sprintf(_XE_PATH_ . 'files/cache/blogapi/%s/%s/', $this->mid, $user_id); $mediaPath = sprintf('files/cache/blogapi/%s/%s/', $this->mid, $logged_info->member_srl);
$mediaAbsPath = _XE_PATH_ . $mediaPath;
$mediaUrlPath = Context::getRequestUri() . $mediaPath;
switch($method_name) switch($method_name)
{ {
@ -167,22 +169,56 @@ if($called_position == 'before_module_proc')
foreach($fileinfo as $key => $val) foreach($fileinfo as $key => $val)
{ {
$nodename = (string)$val->name; $nodename = (string)$val->name;
if($nodename == 'bits') if($nodename === 'bits')
{
$filedata = base64_decode((string)$val->value->base64); $filedata = base64_decode((string)$val->value->base64);
elseif($nodename == 'name') }
$filename = (string)$val->value->string; else if($nodename === 'name')
{
$filename = pathinfo((string)$val->value->string, PATHINFO_BASENAME);
}
} }
$tmp_arr = explode('/', $filename); if($logged_info->is_admin != 'Y')
$filename = array_pop($tmp_arr); {
// check file type
if(isset($file_module_config->allowed_filetypes) && $file_module_config->allowed_filetypes !== '*.*')
{
$filetypes = explode(';', $file_module_config->allowed_filetypes);
$ext = array();
FileHandler::makeDir($tmp_uploaded_path); foreach($filetypes as $item)
{
$item = explode('.', $item);
$ext[] = strtolower(array_pop($item));
}
$target_filename = sprintf('%s%s', $tmp_uploaded_path, $filename); $uploaded_ext = explode('.', $filename);
$uploaded_ext = strtolower(array_pop($uploaded_ext));
if(!in_array($uploaded_ext, $ext))
{
printContent(getXmlRpcFailure(1, 'Not allowed file type'));
break;
}
}
$allowed_filesize = $file_module_config->allowed_filesize * 1024 * 1024;
if($allowed_filesize < strlen($filedata))
{
printContent(getXmlRpcFailure(1, 'This file exceeds the attachment limit'));
break;
}
}
$temp_filename = Password::createSecureSalt(12, 'alnum');
$target_filename = sprintf('%s%s', $mediaAbsPath, $temp_filename);
FileHandler::makeDir($mediaAbsPath);
FileHandler::writeFile($target_filename, $filedata); FileHandler::writeFile($target_filename, $filedata);
$obj = new stdClass(); FileHandler::writeFile($target_filename . '_source_filename', $filename);
$obj->url = Context::getRequestUri() . $target_filename;
$obj = new stdClass();
$obj->url = Context::getRequestUri() . $mediaPath . $temp_filename;
$content = getXmlRpcResponse($obj); $content = getXmlRpcResponse($obj);
printContent($content); printContent($content);
break; break;
@ -291,21 +327,34 @@ if($called_position == 'before_module_proc')
$obj->module_srl = $this->module_srl; $obj->module_srl = $this->module_srl;
// Attachment // Attachment
if(is_dir($tmp_uploaded_path)) if(is_dir($mediaAbsPath))
{ {
$file_list = FileHandler::readDir($tmp_uploaded_path); $file_list = FileHandler::readDir($mediaAbsPath, '/(_source_filename)$/is');
$file_count = count($file_list); $file_count = count($file_list);
if($file_count) if($file_count)
{ {
$oFileController = getController('file'); $oFileController = getController('file');
for($i = 0; $i < $file_count; $i++) $oFileModel = getModel('file');
foreach($file_list as $file)
{ {
$file_info['tmp_name'] = sprintf('%s%s', $tmp_uploaded_path, $file_list[$i]); $filename = FileHandler::readFile($mediaAbsPath . $file);
$file_info['name'] = $file_list[$i]; $temp_filename = str_replace('_source_filename', '', $file);
$file_info = array();
$file_info['tmp_name'] = sprintf('%s%s', $mediaAbsPath, $temp_filename);
$file_info['name'] = $filename;
$fileOutput = $oFileController->insertFile($file_info, $this->module_srl, $document_srl, 0, true); $fileOutput = $oFileController->insertFile($file_info, $this->module_srl, $document_srl, 0, true);
$uploaded_filename = $fileOutput->get('uploaded_filename');
$source_filename = $fileOutput->get('source_filename'); if($fileOutput->get('direct_download') === 'N')
$obj->content = str_replace($uploaded_target_path . $source_filename, sprintf('/files/attach/images/%s/%s%s', $this->module_srl, getNumberingPath($document_srl, 3), $uploaded_filename), $obj->content); {
$replace_url = Context::getRequestUri() . $oFileModel->getDownloadUrl($fileOutput->file_srl, $fileOutput->sid, $this->module_srl);
}
else
{
$replace_url = Context::getRequestUri() . $fileOutput->get('uploaded_filename');
}
$obj->content = str_replace($mediaUrlPath . $temp_filename, $replace_url, $obj->content);
} }
$obj->uploaded_count = $file_count; $obj->uploaded_count = $file_count;
} }
@ -332,7 +381,7 @@ if($called_position == 'before_module_proc')
{ {
$content = getXmlRpcResponse(strval($document_srl)); $content = getXmlRpcResponse(strval($document_srl));
} }
FileHandler::removeDir($tmp_uploaded_path); FileHandler::removeDir($mediaAbsPath);
printContent($content); printContent($content);
break; break;
@ -404,27 +453,36 @@ if($called_position == 'before_module_proc')
// Document srl // Document srl
$obj->document_srl = $document_srl; $obj->document_srl = $document_srl;
$obj->module_srl = $this->module_srl; $obj->module_srl = $this->module_srl;
// Attachment // Attachment
if(is_dir($tmp_uploaded_path)) if(is_dir($mediaAbsPath))
{ {
$file_list = FileHandler::readDir($tmp_uploaded_path); $file_list = FileHandler::readDir($mediaAbsPath, '/(_source_filename)$/is');
$file_count = count($file_list); $file_count = count($file_list);
if($file_count) if($file_count)
{ {
$oFileController = getController('file'); $oFileController = getController('file');
for($i = 0; $i < $file_count; $i++) $oFileModel = getModel('file');
foreach($file_list as $file)
{ {
$file_info['tmp_name'] = sprintf('%s%s', $tmp_uploaded_path, $file_list[$i]); $filename = FileHandler::readFile($mediaAbsPath . $file);
$file_info['name'] = $file_list[$i]; $temp_filename = str_replace('_source_filename', '', $file);
$moved_filename = sprintf('./files/attach/images/%s/%s/%s', $this->module_srl, $document_srl, $file_info['name']);
if(file_exists($moved_filename))
continue;
$file_info = array();
$file_info['tmp_name'] = sprintf('%s%s', $mediaAbsPath, $temp_filename);
$file_info['name'] = $filename;
$fileOutput = $oFileController->insertFile($file_info, $this->module_srl, $document_srl, 0, true); $fileOutput = $oFileController->insertFile($file_info, $this->module_srl, $document_srl, 0, true);
$uploaded_filename = $fileOutput->get('uploaded_filename');
$source_filename = $fileOutput->get('source_filename'); if($fileOutput->get('direct_download') === 'N')
$obj->content = str_replace($uploaded_target_path . $source_filename, sprintf('/files/attach/images/%s/%s%s', $this->module_srl, getNumberingPath($document_srl, 3), $uploaded_filename), $obj->content); {
$replace_url = Context::getRequestUri() . $oFileModel->getDownloadUrl($fileOutput->file_srl, $fileOutput->sid, $this->module_srl);
}
else
{
$replace_url = Context::getRequestUri() . $fileOutput->get('uploaded_filename');
}
$obj->content = str_replace($mediaUrlPath . $temp_filename, $replace_url, $obj->content);
} }
$obj->uploaded_count += $file_count; $obj->uploaded_count += $file_count;
} }
@ -440,7 +498,7 @@ if($called_position == 'before_module_proc')
else else
{ {
$content = getXmlRpcResponse(true); $content = getXmlRpcResponse(true);
FileHandler::removeDir($tmp_uploaded_path); FileHandler::removeDir($mediaAbsPath);
} }
printContent($content); printContent($content);

2
common/constants.php
View file

@ -3,7 +3,7 @@
/** /**
* RX_VERSION is the version number of the Rhymix CMS. * RX_VERSION is the version number of the Rhymix CMS.
*/ */
define('RX_VERSION', '1.8.26'); define('RX_VERSION', '1.8.27');
/** /**
* RX_MICROTIME is the startup time of the current script, in microseconds since the Unix epoch. * RX_MICROTIME is the startup time of the current script, in microseconds since the Unix epoch.

1
modules/member/member.controller.php
View file

@ -1499,6 +1499,7 @@ class memberController extends member
{ {
$signature = trim(removeHackTag($signature)); $signature = trim(removeHackTag($signature));
$signature = preg_replace('/<(\/?)(embed|object|param)/is', '&lt;$1$2', $signature); $signature = preg_replace('/<(\/?)(embed|object|param)/is', '&lt;$1$2', $signature);
$signature = removeHackTag($signature);
$check_signature = trim(str_replace(array('&nbsp;',"\n","\r"),'',strip_tags($signature,'<img><object>'))); $check_signature = trim(str_replace(array('&nbsp;',"\n","\r"),'',strip_tags($signature,'<img><object>')));
$path = sprintf('files/member_extra_info/signature/%s/', getNumberingPath($member_srl)); $path = sprintf('files/member_extra_info/signature/%s/', getNumberingPath($member_srl));

2
modules/member/member.model.php
View file

@ -1052,7 +1052,7 @@ class memberModel extends member
{ {
$buff = FileHandler::readFile($filename); $buff = FileHandler::readFile($filename);
$signature = preg_replace('/<\?.*\?>/', '', $buff); $signature = preg_replace('/<\?.*\?>/', '', $buff);
$GLOBALS['__member_info__']['signature'][$member_srl] = $signature; $GLOBALS['__member_info__']['signature'][$member_srl] = removeHackTag($signature);
} }
else $GLOBALS['__member_info__']['signature'][$member_srl] = null; else $GLOBALS['__member_info__']['signature'][$member_srl] = null;
} }