Ejemplo n.º 1
0
 private function _init_input()
 {
     if (isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_COOKIE['GLOBALS']) || isset($_FILES['GLOBALS'])) {
         die('request is invalid');
     }
     if ($_GET) {
         if ((true === IN_JISHIGOU_MOBILE || true === IN_JISHIGOU_AJAX) && 'utf-8' != $this->var['charset']) {
             $_GET = array_iconv('utf-8', $this->var['charset'], $_GET);
         }
         $_GET = jaddslashes($_GET);
     }
     if ($_POST) {
         if ((true === IN_JISHIGOU_MOBILE || true === IN_JISHIGOU_AJAX) && 'utf-8' != $this->var['charset']) {
             $_POST = array_iconv('utf-8', $this->var['charset'], $_POST);
         }
         $_POST = jaddslashes($_POST);
     }
     $_COOKIE = jaddslashes($_COOKIE);
 }
Ejemplo n.º 2
0
 function Attach()
 {
     $item = $this->Get['aitem'];
     $itemid = max(0, (int) $this->Get['aitemid']);
     $this->_init_auth();
     $field = 'topic';
     if (empty($_FILES) || !$_FILES[$field]['name']) {
         $this->_attach_error('FILES is empty');
     }
     $_FILES[$field]['name'] = get_safe_code($_FILES[$field]['name']);
     $_FILES[$field]['name'] = jaddslashes($_FILES[$field]['name']);
     $uid = jget('topic_uid', 'int') > 0 ? jget('topic_uid', 'int') : MEMBER_ID;
     $username = jget('topic_uid', 'int') > 0 ? '' : MEMBER_NICKNAME;
     $category = '';
     if (jget('attch_category') > 0) {
         $category = jlogic('attach_category')->get_attacht_cat(jget('attch_category'));
     }
     $attach_id = $this->AttachLogic->add($uid, $username, $item, $itemid, $category);
     if (jget('attch_category') > 0) {
         $this->auto_add_weibo($attach_id, $_FILES[$field]['name']);
     }
     if ($attach_id < 1) {
         $this->_attach_error('write database is invalid');
     }
     $this->AttachLogic->clear_invalid();
     $attach_size = min(is_numeric($this->Config['attach_size_limit']) ? $this->Config['attach_size_limit'] : 1024, 51200);
     $attach_path = RELATIVE_ROOT_PATH . 'data/attachs/' . $field . '/' . face_path($attach_id);
     $attach_type = strtolower(end(explode('.', $_FILES[$field]['name'])));
     $attach_name = $attach_id . '.' . $attach_type;
     $attach_file = $attach_path . $attach_name;
     if (!is_dir($attach_path)) {
         jio()->MakeDir($attach_path);
     }
     jupload()->init($attach_path, $field, false, true);
     jupload()->setMaxSize($attach_size);
     jupload()->setNewName($attach_name);
     $ret = jupload()->doUpload();
     if ($ret) {
         $ret = true;
     }
     if (!$ret) {
         jio()->DeleteFile($attach_file);
         $this->DatabaseHandler->Query("delete from " . TABLE_PREFIX . "topic_attach where `id`='{$attach_id}'");
         $rets = jupload()->getError();
         $ret = $rets ? implode(" ", (array) $rets) : 'attach file is invalid';
         $this->_attach_error($ret);
     }
     $attach_size = filesize($attach_file);
     $site_url = '';
     if ($this->Config['ftp_on']) {
         $ftp_key = randgetftp();
         $get_ftps = jconf::get('ftp');
         $site_url = $get_ftps[$ftp_key]['attachurl'];
         $ftp_result = ftpcmd('upload', $attach_file, '', $ftp_key);
         if ($ftp_result > 0) {
             jio()->DeleteFile($attach_file);
         }
     }
     $name = addslashes($_FILES[$field]['name']);
     $p = array('id' => $attach_id, 'site_url' => $site_url, 'file' => $attach_file, 'name' => $name, 'filetype' => $attach_type, 'filesize' => $attach_size);
     $this->AttachLogic->modify($p);
     update_credits_by_action('attach_add', $uid);
     $retval = array('id' => $attach_id, 'src' => 'images/filetype/' . $attach_type . '.gif', 'name' => $name);
     $this->_attach_result('ok', $retval);
 }
Ejemplo n.º 3
0
function array_iconv($in_charset, $out_charset, $array, $addsl = 0)
{
    if ($array && strtoupper($in_charset) != strtoupper($out_charset) && (function_exists('mb_convert_encoding') || function_exists('iconv'))) {
        if (is_array($array)) {
            foreach ($array as $key => $val) {
                $key = lconv($in_charset, $out_charset, $key);
                $array[$key] = array_iconv($in_charset, $out_charset, $val);
            }
        } else {
            $array = lconv($in_charset, $out_charset, $array);
        }
        if ($addsl) {
            $array = jaddslashes($array);
        }
    }
    return $array;
}