/** * 保存非法字符攻击日志 */ private static function save_attack_log($type, $val) { $cfg = App::get_config(); if ($cfg['SYS_ATTACK_LOG']) { if (SYS_DOMAIN) { $_SERVER['REQUEST_URI'] = str_replace('/' . SYS_DOMAIN, '', $_SERVER['REQUEST_URI']); } $data = array('url' => isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] ? $_SERVER['QUERY_STRING'] : $_SERVER['REQUEST_URI'], 'ip' => client::get_user_ip(), 'uid' => get_cookie('member_id'), 'time' => time(), 'type' => $type, 'val' => $val, 'user' => $_SERVER['HTTP_USER_AGENT']); $dir = APP_ROOT . 'cache' . DIRECTORY_SEPARATOR . 'attack' . DIRECTORY_SEPARATOR; $file = $dir . date('Ymd') . '.log'; if (!is_dir($dir)) { mkdir($dir, 0777); } $body = file_exists($file) ? file_get_contents($file) : null; if ($body) { $fdata = explode(PHP_EOL, $body); $idata = 0; foreach ($fdata as $v) { if (empty($v)) { continue; } $t = unserialize($v); if ($data['ip'] == $t['ip']) { $idata++; } //若Ip出现10次以上,直接禁止不再保存提醒 //相同地址在20秒内都含有非法字符,直接禁止不再保存提醒 if ($idata >= 10 || $data['time'] - $t['time'] < 20 && $data['user'] == $t['user'] && $data['ip'] == $t['ip'] && $data['url'] == $t['url']) { if ($cfg['SYS_ILLEGAL_CHAR']) { App::display_error(lang('app-10') . '<pre>' . htmlspecialchars(self::strip_slashes($val)) . '</pre>', 1); } unset($cfg); return false; } } unset($fadta); } $body = serialize($data) . PHP_EOL . $body; file_put_contents($file, $body, LOCK_EX); if ($data['ip'] && $cfg['SYS_ATTACK_MAIL'] && check::is_email($cfg['SITE_SYSMAIL'])) { //发送邮件至管理员 mail::set($cfg); $body = '------------------------------------------------------------------------------------------<br>' . 'SITE: ' . SITE_URL . '<br>URL: ' . $data['url'] . '<br>TYPE: ' . $data['type'] . '<br>VALUE: ' . $data['val'] . '<br>IP: ' . $data['ip'] . '<br>TIME: ' . date(TIME_FORMAT, $data['time']) . '<br>USER: '******'user'] . '<br>------------------------------------------------------------------------------------------<br>' . lang('a-cfg-6') . '<br>'; mail::sendmail($cfg['SITE_SYSMAIL'], lang('a-cfg-5') . '-' . $cfg['SITE_NAME'], $body); } } if ($cfg['SYS_ILLEGAL_CHAR']) { App::display_error(lang('app-10') . '<pre>' . htmlspecialchars(self::strip_slashes($val)) . '</pre>', 1); } unset($cfg); }
/** * 栏目页SEO信息 * @param int $cat * @param int $page * @param string $kw * @return array */ function listSeo($cat, $page = 1, $kw = NULL) { $config = App::get_config(); $meta_title = $meta_keywords = $meta_description = ''; if ($kw) { $meta_title = (empty($cat) ? lang('fun-2', array('1' => $kw)) : lang('fun-2', array('1' => $kw))) . '-' . $config['SITE_NAME']; $meta_title = $page > 1 ? lang('fun-1', array('1' => $page)) . '-' . $meta_title : $meta_title; } else { $meta_title = empty($cat['meta_title']) ? getParentName($cat['catid'], '-', 0) : $cat['meta_title']; $meta_title = $meta_title ? $meta_title . '-' . $config['SITE_NAME'] : $config['SITE_NAME']; $meta_title = isset($cat['stitle']) && $cat['stitle'] ? $cat['stitle'] . '-' . $meta_title : ($page > 1 ? lang('fun-1', array('1' => $page)) . '-' . $meta_title : $meta_title); $meta_keywords = empty($cat['meta_keywords']) ? getParentName($cat['catid'], ',', 0) . ',' . $config['SITE_KEYWORDS'] : $cat['meta_keywords']; $meta_description = empty($cat['meta_description']) ? $config['SITE_DESCRIPTION'] : $cat['meta_description']; } return array('meta_title' => $meta_title, 'meta_keywords' => $meta_keywords, 'meta_description' => $meta_description); }
/** * 下载远程图片 */ private function download_images($imgs, $uid = 0, $size = 0) { $imgs = array_unique($imgs); //去除重复图片 $regex = $replace = array(); $path = $uid ? 'uploadfiles/member/' . $uid . '/image/' . date('Ym') . '/' : 'uploadfiles/image/' . date('Ym') . '/'; $this->mkdirs($path); //水印 $config = App::get_config(); if ($config['SITE_WATERMARK']) { $image = Controller::instance('image_lib'); } foreach ($imgs as $img) { if ($uid && $size && count_member_size($uid) > $size * 1024 * 1024) { continue; } if (strpos($img, SITE_URL) !== false || substr($img, 0, 7) != 'http://') { continue; } //下载图片 $fileext = strtolower(trim(substr(strrchr($img, '.'), 1, 10))); //扩展名 $name = $path . md5($img . time()) . '.' . $fileext; $content = fn_geturl($img); if (empty($content)) { continue; } if (file_put_contents($name, $content)) { if ($config['SITE_WATERMARK']) { $image = Controller::instance('image_lib'); if ($config['SITE_WATERMARK'] == 1) { $image->set_watermark_alpha($config['SITE_WATERMARK_ALPHA']); $image->make_image_watermark($name, $config['SITE_WATERMARK_POS'], $config['SITE_WATERMARK_IMAGE']); } else { $image->set_text_content($config['SITE_WATERMARK_TEXT']); $image->make_text_watermark($name, $config['SITE_WATERMARK_POS'], $config['SITE_WATERMARK_SIZE']); } } $regex[] = $img; $replace[] = $name; } } return count($regex) > 0 ? array('regex' => $regex, 'replace' => $replace) : null; }
public function del($data) { $table = $this->prefix . $data['tablename']; $this->query('DROP TABLE IF EXISTS `' . $table . '`'); $this->delete('modelid=' . $data['modelid']); $this->del_model($data['tablename']); $this->query('DELETE FROM `' . $this->prefix . 'model_field` where modelid=' . $data['modelid']); //删除多站点 $sites = App::get_site(); $config = App::get_config(); foreach ($sites as $sid => $t) { if ($t['SITE_EXTEND_ID'] == $data['site'] || $data['site'] == $sid) { //继承网站则同步删除模型 $table = preg_replace('/\\_([0-9]+)\\_/', '_' . $sid . '_', $data['tablename']); $this->query('DROP TABLE IF EXISTS `' . $this->prefix . $table . '`'); $this->del_model($table); } } //删除栏目 $this->query('DELETE FROM `' . $this->prefix . 'category` where modelid=' . $data['modelid']); }