function InitParam() { global $sType, $sStyleName, $sCusDir, $sAction; global $nTreeIndex; global $sAllowExt, $sUploadDir, $sBaseUrl, $sContentPath, $nAllowBrowse; global $sPathShareImage, $sPathShareFlash, $sPathShareMedia, $sPathShareOther; $sType = strtoupper(TrimGet("type")); $sStyleName = TrimGet("style"); $sCusDir = TrimGet("cusdir"); $s_SKey = TrimGet("skey"); $bValidStyle = false; $numElements = count($GLOBALS["aStyle"]); for ($i = 1; $i <= $numElements; $i++) { $aStyleConfig = explode("|||", $GLOBALS["aStyle"][$i]); if (strtolower($sStyleName) == strtolower($aStyleConfig[0])) { $bValidStyle = true; break; } } if ($bValidStyle == false) { OutScript("alert('Invalid Style!')"); } if ($aStyleConfig[61] != "1") { $sCusDir = ""; } if ($aStyleConfig[61] == "2" && $s_SKey != "") { $ss_FileSize = GetSAPIvalue($s_SKey, "FileSize"); $ss_FileBrowse = GetSAPIvalue($s_SKey, "FileBrowse"); $ss_SpaceSize = GetSAPIvalue($s_SKey, "SpaceSize"); $ss_SpacePath = GetSAPIvalue($s_SKey, "SpacePath"); $ss_PathMode = GetSAPIvalue($s_SKey, "PathMode"); $ss_PathUpload = GetSAPIvalue($s_SKey, "PathUpload"); $ss_PathCusDir = GetSAPIvalue($s_SKey, "PathCusDir"); $ss_PathCode = GetSAPIvalue($s_SKey, "PathCode"); $ss_PathView = GetSAPIvalue($s_SKey, "PathView"); if (is_numeric($ss_FileSize)) { $aStyleConfig[11] = $ss_FileSize; $aStyleConfig[12] = $ss_FileSize; $aStyleConfig[13] = $ss_FileSize; $aStyleConfig[14] = $ss_FileSize; $aStyleConfig[15] = $ss_FileSize; $aStyleConfig[45] = $ss_FileSize; } else { $ss_FileSize = ""; } if ($ss_FileBrowse == "0" || $ss_FileBrowse == "1") { $aStyleConfig[43] = $ss_FileBrowse; } else { $ss_FileBrowse = ""; } if (is_numeric($ss_SpaceSize)) { $aStyleConfig[78] = $ss_SpaceSize; } else { $ss_SpaceSize = ""; } if ($ss_PathMode != "") { $aStyleConfig[19] = $ss_PathMode; } if ($ss_PathUpload != "") { $aStyleConfig[3] = $ss_PathUpload; } if ($ss_PathCode != "") { $aStyleConfig[23] = $ss_PathCode; } if ($ss_PathView != "") { $aStyleConfig[22] = $ss_PathView; } $sCusDir = $ss_PathCusDir; } $sBaseUrl = $aStyleConfig[19]; $nAllowBrowse = (int) $aStyleConfig[43]; if ($nAllowBrowse != 1) { OutScript("alert('Do not allow browse!')"); } if ($sCusDir != "") { $sCusDir = str_replace("\\", "/", $sCusDir); if (substr($sCusDir, 0, 1) == "/" || substr($sCusDir, 0, 1) == "." || substr($sCusDir, -1) == "." || strpos($sCusDir, "./") !== false || strpos($sCusDir, "/.") !== false || strpos($sCusDir, "//") !== false || strpos($sCusDir, "..") !== false) { $sCusDir = ""; } else { if (substr($sCusDir, -1) != "/") { $sCusDir = $sCusDir . "/"; } } } $sUploadDir = $aStyleConfig[3]; if ($sBaseUrl != "3") { if (substr($sUploadDir, 0, 1) != "/") { $sUploadDir = "../" . $sUploadDir; } $sUploadDir = realpath($sUploadDir); } $sUploadDir = GetSlashPath($sUploadDir); $sUploadDir = $sUploadDir . $sCusDir; switch ($sType) { case "FILE": $sAllowExt = $aStyleConfig[6]; break; case "MEDIA": $sAllowExt = $aStyleConfig[9]; break; case "FLASH": $sAllowExt = $aStyleConfig[7]; break; default: $sAllowExt = $aStyleConfig[8]; break; } $sAllowExt = strtoupper($sAllowExt); $sPathShareImage = GetSlashPath(realpath("../sharefile/image/")); $sPathShareFlash = GetSlashPath(realpath("../sharefile/flash/")); $sPathShareMedia = GetSlashPath(realpath("../sharefile/media/")); $sPathShareOther = GetSlashPath(realpath("../sharefile/other/")); }
function InitParam() { global $sType, $sStyleName, $sCusDir, $sAction; global $nTreeIndex; global $sAllowExt, $sUploadDir, $sBaseUrl, $sContentPath, $nAllowBrowse, $nCusDirFlag; global $sPathShareImage, $sPathShareFlash, $sPathShareMedia, $sPathShareOther; $sType = strtoupper(toTrim("type")); $sStyleName = toTrim("style"); $sCusDir = toTrim("cusdir"); $bValidStyle = false; $numElements = count($GLOBALS["aStyle"]); for ($i = 1; $i <= $numElements; $i++) { $aStyleConfig = explode("|||", $GLOBALS["aStyle"][$i]); if (strtolower($sStyleName) == strtolower($aStyleConfig[0])) { $bValidStyle = true; break; } } if ($bValidStyle == false) { OutScript("alert('Invalid Style!')"); } $sBaseUrl = $aStyleConfig[19]; $nAllowBrowse = (int) $aStyleConfig[43]; $nCusDirFlag = (int) $aStyleConfig[61]; if ($nAllowBrowse != 1) { OutScript("alert('Do not allow browse!')"); } if ($nCusDirFlag != 1) { $sCusDir = ""; } else { $sCusDir = str_replace("\\", "/", $sCusDir); if (substr($sCusDir, 0, 1) == "/" || substr($sCusDir, 0, 1) == "." || substr($sCusDir, -1) == "." || strstr($sCusDir, "./") || strstr($sCusDir, "/.") || strstr($sCusDir, "//")) { $sCusDir = ""; } else { if (substr($sCusDir, -1) != "/") { $sCusDir = $sCusDir . "/"; } } } $sUploadDir = $aStyleConfig[3]; if ($sBaseUrl != "3") { if (substr($sUploadDir, 0, 1) != "/") { $sUploadDir = "../" . $sUploadDir; } $sUploadDir = realpath($sUploadDir); } $sUploadDir = GetSlashPath($sUploadDir); $sUploadDir = $sUploadDir . $sCusDir; switch ($sType) { case "FILE": $sAllowExt = ""; break; case "MEDIA": $sAllowExt = "rm|mp3|wav|mid|midi|ra|avi|mpg|mpeg|asf|asx|wma|mov"; break; case "FLASH": $sAllowExt = "swf"; break; default: $sAllowExt = "bmp|jpg|jpeg|png|gif"; break; } $sAllowExt = strtoupper($sAllowExt); $sPathShareImage = GetSlashPath(realpath("../sharefile/image/")); $sPathShareFlash = GetSlashPath(realpath("../sharefile/flash/")); $sPathShareMedia = GetSlashPath(realpath("../sharefile/media/")); $sPathShareOther = GetSlashPath(realpath("../sharefile/other/")); }