/**
* @brief showAttachment 防盗链显示、下载附件
*
* @param $params 参数
*
* @return void
*/
public function showAttachment($params)
{
$meta = new MetaLibrary();
$meta->setType(3);
$meta->setMID($params['mid']);
if (!($m = $meta->getMeta())) {
Response::error(404);
return;
}
$m = $m[0];
// 判断 referer 防盗链
$referer = Request::S('HTTP_REFERER', 'string');
if ($referer) {
$referer = parse_url($referer);
$host = parse_url(OptionLibrary::get('domain'));
if (LogX::getDomain($referer['host']) != LogX::getDomain($host['host'])) {
Response::error(403);
exit;
}
}
$m['alias'] = LOGX_FILE . $m['alias'];
// 通过判断getimagesize取出的图片信息是否存在类型标记和色彩位深来防止伪造。
$isimage = false;
if (stristr($m['description'], 'image')) {
if (function_exists('getimagesize')) {
$imginfo = @getimagesize($m['alias']);
if (isset($imginfo[2]) && isset($imginfo['bits'])) {
$isimage = true;
}
unset($imginfo);
} else {
$isimage = true;
}
}
// 附件读取形式,inline直接读取,attachment下载到本地
$disposition = $isimage ? 'inline' : 'attachment';
// 统计附件下载次数
if ($disposition == 'attachment') {
$meta->incReply($params['mid']);
}
$m['description'] = $m['description'] ? $m['description'] : 'application/octet-stream';
if (is_readable($m['alias'])) {
@ob_end_clean();
if ($disposition == 'inline') {
Response::setExpire(60 * 24 * 365);
}
header('content-Encoding: none');
header('content-type: ' . $m['description']);
header('content-Disposition: ' . $disposition . '; filename=' . urlencode($m['name']));
header('content-Length: ' . abs(filesize($m['alias'])));
$fp = @fopen($m['alias'], 'rb');
@fpassthru($fp);
@fclose($fp);
exit;
} else {
Response::error(404);
}
}
?>
</a></dt>
<dd id="tabTagAdd" style="display: <?php
if (!Request::G('page')) {
?>
block<?php
} else {
?>
none<?php
}
?>
; ">
<?php
if ($mid = Request::G('mid')) {
$meta = new MetaLibrary();
$meta->setMID($mid);
$m = $meta->getMeta();
$m = $m[0];
?>
<form action="<?php
path(array('do' => 'editTag'), 'AdminDo');
?>
" method="post" name="add_tag" id="add-tag">
<ul id="add-post-option">
<li>
<label for="add-tag-title" class="add-post-label"><?php
_e('Name');
?>
</label>
<p><input type="text" id="add-tag-title" name="name" value="<?php
echo $m['name'];
/**
* @brief postPath 输出文章路径
*
* @return void
*/
public function postPath()
{
// 检查是否有文章
if (!$this->postHave()) {
return;
}
$path = $this->postTitle(0, FALSE);
$meta = new MetaLibrary();
$meta->setType(1);
$meta->setPID($this->postID(FALSE));
$metas = $meta->getMeta();
$me = isset($metas[0]['mid']) ? $metas[0]['mid'] : 0;
$m = isset($metas[0]) ? $metas[0] : array();
$meta->setPID(0);
while ($me) {
$path = '<a href="' . Router::patch('Category', array('alias' => $m['alias'])) . '">' . $m['name'] . '</a> » ' . $path;
if ($m['parent'] == 0) {
break;
}
$meta->setMID($m['parent']);
$metas = $meta->getMeta();
$me = isset($metas[0]['mid']) ? $metas[0]['mid'] : 0;
$m = isset($metas[0]) ? $metas[0] : array();
}
$path = '<a href="' . LOGX_PATH . '">' . OptionLibrary::get('title') . '</a> » ' . $path;
echo $path;
}
