public function __construct() { parent::__construct(); //接入验证 valid_link(); //调用run方法根据不同的消息类型做出不同的回应 $this->run(); }
public function __construct() { parent::__construct(); //加载模型 $this->load->model('main_model'); //接入验证 valid_link(); //调用run方法根据不同的消息类型做出不同的回应 $this->run(); }
function build_url($url, $parent_url, $select, $current, $handle, $store_file) { global $clear, $ext, $mainurl, $apache_indexes, $strip_sessids, $ex_media, $clear; // find only media-files with allowed file suffix or type-description or application descriptor $match = valid_link($url, $select); if ($match == '0') { return ''; } if (substr($url, -1) == '\\') { return ''; } $original_parent_url_parts = parse_all_url($url); $urlparts = parse_all_url($url); $main_url_parts = parse_all_url($mainurl); if ($urlparts['host'] != "" && $urlparts['host'] != $main_url_parts['host'] && $ex_media != 1) { return ''; } if (isset($urlparts['query'])) { if ($apache_indexes[$urlparts['query']]) { return ''; } } if (preg_match("/[\\/]?mailto:|[\\/]?javascript:|[\\/]?news:/i", $url)) { return ''; } if (isset($urlparts['scheme'])) { $scheme = $urlparts['scheme']; } else { $scheme = ""; } //only http and https links are followed if (!($scheme == 'http' || $scheme == '' || $scheme == 'https')) { return ''; } //parent url might be used to build an url from relative path $parent_url = remove_file_from_url($parent_url); $parent_url_parts = parse_all_url($parent_url); if (substr($url, 0, 1) == '/') { $url = $parent_url_parts['scheme'] . "://" . $parent_url_parts['host'] . $url; } else { if (!isset($urlparts['scheme'])) { $url = $parent_url . $url; } } $url_parts = parse_all_url($url); $urlpath = $url_parts['path']; $regs = array(); while (preg_match("/[^\\/]*\\/[.]{2}\\//", $urlpath, $regs)) { $urlpath = str_replace($regs[0], "", $urlpath); } //remove relative path instructions like ../ etc $urlpath = preg_replace("/\\/+/", "/", $urlpath); $urlpath = preg_replace("/[^\\/]*\\/[.]{2}/", "", $urlpath); $urlpath = str_replace("./", "", $urlpath); $query = ""; if (isset($url_parts['query'])) { $query = "?" . $url_parts['query']; } if ($main_url_parts['port'] == 80 || $url_parts['port'] == "") { $portq = ""; } else { $portq = ":" . $main_url_parts['port']; } if (!$urlpath) { $urlpath = "/"; } // if not exists, add slash instead of real urlpath $url = $url_parts['scheme'] . "://" . $url_parts['host'] . $portq . $urlpath . $query; if (strstr($url, "/?")) { //added to address <a href="?id=1"> syntax $page = str_replace($main_url_parts['path'], null, $original_parent_url_parts['path']); if (substr(trim($mainurl), -1) !== "/" and substr(trim($page), 0, 1) !== "/") { $page = "/" . $page; } $url = $mainurl . $page . $query; } if ($ex_media == 1) { // if we index sub-domains return $url; } $mainurl = remove_file_from_url($mainurl); $url = convert_url($url); // convert 'blank' and '&' if ($strip_sessids == 1) { $url = remove_sessid($url); } if (strstr($url, $main_url_parts['host']) == false) { // $main_url_parts['host'] will support also relative-back-folder like ../../ if ($clear == 1) { unset($select, $mainurl, $urlpath, $query, $page); $original_parent_url_parts = array(); $main_url_parts = array(); $url_parts = array(); $urlparts = array(); } return ''; } else { if ($clear == 1) { unset($select, $mainurl, $urlpath, $query, $page); $original_parent_url_parts = array(); $main_url_parts = array(); $url_parts = array(); $urlparts = array(); } return $url; } }