function check_fastpick_viewurl($url, $lilely_page = array()) { $url_arr = parse_url($url); if ($url_arr['path'] == '/' || !$url_arr['path']) { return FALSE; } if ($url_arr['query']) { parse_str($url_arr['query'], $url_info); if (!preg_match('/\\d+/', $url_arr['query'])) { return FALSE; } if ($url_info['page']) { return FALSE; } } else { $file_ext = addslashes(strtolower(substr(strrchr($url_arr['path'], '.'), 1, 10))); if (!$file_ext) { //形如 http://kb.cnblogs.com/page/146617/ if (preg_match('/\\d+/', $url_arr['path'])) { if (!filter_something($url_arr['path'], array('list'), TRUE)) { return FALSE; } return TRUE; } } $ext_arr = array('html', 'htm', 'shtml'); if (!in_array($file_ext, $ext_arr)) { return FALSE; } if (!preg_match('/\\d+/', $url_arr['path'])) { return FALSE; } //宁可错杀一千,不放过一个 } $lilely_page_arr = !is_array($lilely_page) ? array($lilely_page) : $lilely_page; foreach ($lilely_page_arr as $k => $v) { similar_text($v, $url, $percent); if ($percent > 90) { return FALSE; } } return TRUE; }
function filter_page_link($now_url, $args) { extract($args); if ($page_url_no_other) { //要过滤的网址 $user_no_arr = format_wrap(trim($page_url_no_other)); foreach ($user_no_arr as $k => $v) { $user_no_arr[$k] = str_replace('&', '&', dhtmlspecialchars(trim($v))); } if (in_array($now_url, $user_no_arr)) { return FALSE; } } if (filter_something($now_url, $page_url_contain)) { return FALSE; } //必须包含 if (!filter_something($now_url, $page_url_no_contain, TRUE)) { return FALSE; } //不包含 return TRUE; }
function forum_downremotefile($arr, $old_arr) { global $_G; $evo_img_no = $_G['cache']['evn_milu_pick']['evo_img_no']; $config = get_pick_set(); $get_file_ext_arr = $config['get_file_ext'] ? explode('|', $config['get_file_ext']) : array(); $arr['is_download_file'] = $arr['is_download_file'] ? $arr['is_download_file'] : $arr['p_arr']['is_download_file']; $arr['message'] = dstripslashes($arr['content']); //print_r($arr); //$arr['message'] = str_replace(array("\r", "\n"), array($_GET['wysiwyg'] ? '<br />' : '', "\\n"), $arr['message']); preg_match_all("/\\[img\\]\\s*([^\\[\\<\r\n]+?)\\s*\\[\\/img\\]|\\[img=\\d{1,4}[x|\\,]\\d{1,4}\\]\\s*([^\\[\\<\r\n]+?)\\s*\\[\\/img\\]/is", $arr['message'], $image1, PREG_SET_ORDER); //preg_match_all("/\<img.+src=('|\"|)?(.*)(\\1)([\s].*)?\>/ismUe", $arr['message'], $image2, PREG_SET_ORDER); preg_match_all("/\\<img.+src=('|\"|)?(.*)(\\1)(.*)?\\>/isU", $arr['message'], $image2, PREG_SET_ORDER); $temp = $aids = $existentimg = $attach_arr = array(); if (is_array($image1) && !empty($image1)) { foreach ($image1 as $value) { $v = trim(!empty($value[1]) ? $value[1] : $value[2]); $no_remote = 0; if (!filter_something($v, $evo_img_no)) { //存在 $no_remote = 1; } if ($no_remote == 0) { $temp[] = array('0' => $value[0], '1' => $v); } } } if (is_array($image2) && !empty($image2)) { foreach ($image2 as $v) { $no_remote = 0; $v[2] = trim(strip_tags($v[2])); if (!filter_something($v[2], $evo_img_no)) { //存在 $no_remote = 1; } if ($no_remote == 0) { $temp[] = array('0' => $v[0], '1' => $v[2]); } } } if ($arr['is_download_file'] == 1) { $attach_arr = get_attach_data($arr['page_url'], $arr['message']); } $attach_arr = $attach_arr ? $attach_arr : array(); $temp = $temp ? $temp : array(); $temp = array_merge($temp, $attach_arr); //if(VIP) $arr['message'] = post($arr['message'], array('cookie' => $arr['cookie'], 'page_url' => $arr['page_url'], 'cid' => $arr['cid'])); $del_a = 0; if ($arr['content_filter_html'][0] == 0 && $arr['content_filter_html']) { $del_a = 1; } //print_r($arr['message']);exit(); require_once libfile('class/image'); if (is_array($temp) && !empty($temp)) { if (file_exists(libfile('class/upload'))) { require_once libfile('class/upload'); } else { require_once libfile('discuz/upload', 'class'); } $upload = new discuz_upload(); $attachaids = array(); $threadimage_flag = 0; $content_md5_arr = array(); foreach ($temp as $key => $value) { $snoopy_args['cookie'] = $arr['cookie']; $snoop_obj = get_snoopy_obj($snoopy_args); $imageurl = $value[1]; $hash = md5($imageurl); if (strlen($imageurl)) { $imagereplace['oldimageurl'][] = $value[0]; if (!isset($existentimg[$hash])) { $existentimg[$hash] = $imageurl; $attach['ext'] = $upload->fileext($imageurl); if ($upload->is_image_ext($attach['ext']) == 1 && $arr['is_download_img'] != 1) { $imagereplace['newimageurl'][] = $value[0]; continue; } if (!$upload->is_image_ext($attach['ext'])) { $ext = 'no_get'; } if (preg_match('/^(http:\\/\\/|\\.)/i', $imageurl)) { if ($imageurl && snoop_obj) { $content_re = get_img_content($imageurl, $snoop_obj, $ext); } if (is_array($content_re)) { $content = $content_re['content']; $file_name = $attach['name'] = $content_re['file_name'] ? $content_re['file_name'] : ($value[2] ? _striptext($value[2]) : time() . '.' . $content_re['file_ext']); $attach['ext'] = $content_re['file_ext'] ? $content_re['file_ext'] : trim($upload->fileext($file_name)); $file_name = $attach['name'] = $file_name; } else { $content = $content_re; } if (in_array(md5($content), $content_md5_arr)) { $imagereplace['newimageurl'][] = ''; continue; } $content_md5_arr[] = md5($content); } elseif (preg_match('/^(' . preg_quote(getglobal('setting/attachurl'), '/') . ')/i', $imageurl)) { $imagereplace['newimageurl'][] = $value[0]; } if (empty($content)) { if ($value[4] == 1) { if ($del_a == 1) { $imagereplace['newimageurl'][] = $value[2]; } else { unset($imagereplace['oldimageurl'][$key]); } } else { $imagereplace['newimageurl'][] = ''; } continue; } if (!$attach['name']) { $patharr = explode('/', $imageurl); $attach['name'] = trim($patharr[count($patharr) - 1]); } $patharr = explode('/', $imageurl); if (!$attach['name']) { $attach['name'] = trim($patharr[count($patharr) - 1]); } $attach['thumb'] = ''; $attach['ext'] = trim($attach['ext']); //不加这个有些还真不行 $attach['isimage'] = $upload->is_image_ext($attach['ext']); if ($attach['isimage'] == 1 && $arr['is_download_img'] != 1) { $imagereplace['newimageurl'][] = $value[0]; continue; } $attach['extension'] = $upload->get_target_extension($attach['ext']); $attach['attachdir'] = $upload->get_target_dir('forum'); $attach['attachment'] = $attach['attachdir'] . $upload->get_target_filename('forum') . '.' . $attach['extension']; $attach['target'] = getglobal('setting/attachdir') . './forum/' . $attach['attachment']; if (!in_array($attach['ext'], $get_file_ext_arr) && $get_file_ext_arr && $attach['isimage'] == 0) { if ($value[4] == 1) { if ($del_a == 1) { $imagereplace['newimageurl'][] = $value[2]; } else { unset($imagereplace['oldimageurl'][$key]); } } else { $imagereplace['newimageurl'][] = ''; } continue; } if (!@($fp = fopen($attach['target'], 'wb'))) { continue; } else { flock($fp, 2); fwrite($fp, $content); fclose($fp); } if (!$upload->get_image_info($attach['target']) && $attach['isimage'] == 1) { @unlink($attach['target']); continue; } $attach['size'] = filesize($attach['target']); $upload->attach = $attach; $thumb = $width = 0; if ($upload->attach['isimage']) { if ($_G['setting']['thumbstatus']) { $image = new image(); $thumb = $image->Thumb($upload->attach['target'], '', $_G['setting']['thumbwidth'], $_G['setting']['thumbheight'], $_G['setting']['thumbstatus'], $_G['setting']['thumbsource']) ? 1 : 0; $width = $image->imginfo['width']; } if ($_G['setting']['thumbsource'] || !$_G['setting']['thumbstatus']) { list($width) = @getimagesize($upload->attach['target']); } if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark']) && $arr['is_water_img'] == 1) { $image = new image(); $image->Watermark($attach['target'], '', 'forum'); } } $desc = $value[3]; $arr['public_time'] = $arr['public_time'] ? $arr['public_time'] : $arr['dateline']; $arr['public_time'] = $arr['public_time'] ? $arr['public_time'] : $_G['timestamp']; $remote = 0; $setarr = array('uid' => $arr['uid'], 'tid' => $arr['tid'], 'pid' => $arr['pid'], 'filename' => daddslashes($upload->attach['name']), 'attachment' => $upload->attach['attachment'], 'filesize' => $upload->attach['size'], 'thumb' => $thumb, 'remote' => $remote, 'picid' => $picid, 'isimage' => $attach['isimage'], 'description' => $desc, 'readperm' => 0, 'price' => 0, 'width' => $width, 'dateline' => $arr['public_time']); $setimg_arr = array('tid' => $arr['tid'], 'attachment' => $upload->attach['attachment'], 'remote' => $remote); $set_att = array('downloads' => rand(1, 15), 'tableid' => getattachtableid($arr['tid']), 'uid' => $arr['uid'], 'pid' => $arr['pid'], 'tid' => $arr['tid']); if ($threadimage_flag == 0 && !$arr['is_post'] && $attach['isimage'] == 1) { DB::insert('forum_threadimage', $setimg_arr, true); $threadimage_flag = 1; } $setarr['aid'] = $newaids[] = DB::insert('forum_attachment', $set_att, true); $at[] = $setarr['aid']; $attachnew_arr[$setarr['aid']] = array('description' => $setarr['description']); DB::insert(getattachtablebytid($arr['tid']), $setarr, true); $attachaids[$hash] = $imagereplace['newimageurl'][] = '[attach]' . $setarr['aid'] . '[/attach]'; } else { $imagereplace['newimageurl'][] = $attachaids[$hash]; } } } if ($_G['setting']['ftp']['on'] == 1) { require_once libfile('function/post'); ftpupload($newaids, $arr['uid']); } if (count($at) > 0) { $arr['attachment'] = 2; } $arr['message'] = str_replace($imagereplace['oldimageurl'], $imagereplace['newimageurl'], $arr['message']); if ($del_a == 1) { $arr['message'] = clear_html_script($arr['message'], array(0)); } forum_article_content($arr); } }
function show_var_html($key, $args, $now_v) { //print_r($args); global $_G; $long_text = $_G['cache']['evn_milu_pick']['long_text']; $type = $args['var_type'][$key]; $title = $args['var_title'][$key]; $desc = $args['var_desc'][$key]; $ext_select = $args['var_ext_select'][$key]; $ext_keyword = $args['var_ext_keyword'][$key]; if (!filter_something($title, $long_text)) { $text_class = 'longtxt'; } else { $text_class = 'txt'; } $tr_start = '<tr><td colspan="2" class="td27" s="1"><span class="vtop rowform">' . $title . ':</span></td></tr><tr class="noborder"><td class="vtop rowform">'; if ($type == 'text') { $body = '<input type="text" value="' . $now_v . '" id="rules_var_' . $key . '" class="' . $text_class . '" name="rules_var[' . $key . ']">'; if ($ext_keyword) { $body .= show_keyword_html($key); } } else { if ($type == 'textarea') { $body = '<textarea class="tarea" cols="50" id="rules_var_' . $key . '" name="rules_var[' . $key . ']" onkeyup="textareasize(this, 0)" ondblclick="textareasize(this, 1)" rows="6">' . $now_v . '</textarea>'; if ($ext_keyword) { $body .= show_keyword_html($key); } } else { if ($type == 'select' || $type == 'selects') { $select_arr = format_wrap($ext_select); if (!$select_arr) { $body = milu_lang('no_set_value'); } $multiple = $type == 'selects' ? 'multiple="multiple" style=" width:250px;" name="rules_var[' . $key . '][]"' : 'name="rules_var[' . $key . ']"'; $body = '<select ' . $multiple . ' id="rules_var_' . $key . '">'; foreach ($select_arr as $k => $v) { $v_arr = explode('=', $v); $selected = ''; if (is_array($now_v)) { if (in_array($v_arr[0], $now_v)) { $selected = 'selected="selected"'; } } else { if ($v_arr[0] == $now_v) { $selected = 'selected="selected"'; } } $body .= '<option ' . $selected . ' value="' . $v_arr[0] . '">' . $v_arr[1] . '</option>'; } $body .= '</select>'; } } } $tr_end = '<td s="1" class="vtop tips2">' . $desc . '</td></tr>'; $html = $tr_start . $body . $tr_end; return $html; }
function check_visit_url() { global $_G; $this->format_url(); $evo_rules = $_G['cache']['evn_milu_pick']['evo_rules']; $no_url = $evo_rules['no_url']; if (!filter_something($this->now_url, $no_url, TRUE)) { return FALSE; } if ($this->p_arr['page_fiter'] == 1 && $this->now_level < $this->max_level) { //开启了网址过滤器 入口地址不要过滤 //这里有个bug,就是某些url不知道为何now_level等于max_level,导致这来没过滤 if ($this->p_arr['page_url_no_other']) { //要过滤的网址 $user_no_arr = format_wrap(trim($this->p_arr['page_url_no_other'])); $user_no_arr = $this->format_url($user_no_arr); if (in_array($this->now_url, $user_no_arr)) { return -1; } } if (filter_something($this->now_url, $this->p_arr['page_url_contain'])) { return -2; } //必须包含 if (!filter_something($this->now_url, $this->p_arr['page_url_no_contain'], TRUE)) { return -3; } //不包含 } if ($this->p_arr['rules_type'] == 3) { $this->p_arr['only_in_domain'] = $this->p_arr['only_in_domain'] ? $this->p_arr['only_in_domain'] : 1; if ($this->p_arr['only_in_domain'] == 0 && !strexists($this->now_url, $this->base_url)) { return -4; } //指定域名内 } if (!$_GET['no_check_url']) { $v_info = DB::fetch_first('SELECT uid FROM ' . DB::table('strayer_url') . " WHERE pid='" . $this->pid . "' AND hash='" . md5(daddslashes($this->now_url)) . "'"); if ($v_info && $this->now_level == 1) { return -5; } //有些列表还是要重复访问的 } return 1; }