$filename1 = dealpath($path . $file1); if ($filename1 != $path . $file1 || $filename2 != $path . $file2) { exitme("notice(lang.name_error)", "eval"); } checktype($filename1); checktype($filename2); if (!is_writeable($path)) { exitme("notice(lang.cannot_write)", "eval"); } if (is_file($filename2) || is_dir($filename2)) { exitme("notice(lang.alreadyExist+':{$filename2}')", "eval"); } if (!@rename($filename1, $filename2)) { exitme("notice(lang.rename+lang.fail);", "eval"); } else { inlog("Rename,{$filename1} >> {$filename2} \n"); exitme("notice(lang.rename+lang.success);reloaddata();", "eval"); } } else { if ($action == "savefile") { if (!$user["savefile"]) { exitme1($lang["js"]["deny"]); } if ($_POST['encode'] != $host_charset) { $i = @iconv($_POST['encode'], $host_charset, $_POST['filename']); if ($i) { $filename = $i; } } if ($filename != checkfilename($filename)) { exitme1($lang["js"]["name_error"]);
} $user_orig = $_POST["user_name"]; $pass_orig = $_POST["user_pass"]; $user_name = my_encode($user_orig); $user_pass = my_encode($pass_orig); $users = file("class/users.php"); for ($i = 1; $i < count($users); $i++) { if (!trim($users[$i])) { continue; } $arr = explode("|", $users[$i]); if ($user_name == my_encode($arr[0]) && $user_pass == $arr[1]) { mkcookie('user_name', $user_name); mkcookie('user_pass', $user_pass); mkcookie('last_time', date("D, d M Y H:i:s") . " GMT"); inlog("登陆成功,用户名:" . $user_orig); if ($user_orig == "admin" && $pass_orig == "admin") { exit("<script language=javascript>alert(\"欢迎使用 PHPCMS 文件管理器 \\n您是第一次登陆本程序\\n现在请修改默认密码!\");window.location = 'admin.php?action=muser&name=admin';</script>"); } else { ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <meta http-equiv="refresh" content="1;url=index.php"> <title><?php echo $title; ?> --登陆成功</title> </head> <body> <table cellspacing="0" cellpadding="0" border="0" align="center" height="80%" width="50%">
$error .= "{$myfile_name}上传失败:文件名有错误\\n"; } else { if ($user["limit"]["{$ftype}"] && !$user["only"]) { $error .= "{$myfile_name}上传失败:不能能上传 " . $user["limittype"] . " 类型的文件\\n"; } else { if (!$user["limit"]["{$ftype}"] && $user["only"]) { $error .= "{$myfile_name}上传失败:不能能上传除 " . $user["limittype"] . " 类型以外的文件\\n"; } else { if (file_exists($path . $myfile_name)) { $error .= $myfile_name . "上传失败:有同名文件存在!\\n"; continue; } else { if (@move_uploaded_file($myfile, $path . $myfile_name)) { $tt++; $tsize += filesize($path . $myfile_name); inlog("上传文件," . $path . $myfile_name . "成功"); } else { $error .= $myfile_name . "上传失败:原因不明!\\n"; continue; } } } } } } } $str = "成功上传{$tt}个文件!!"; $str .= "\\n总大小:" . dealsize($tsize) . "\\n"; $str .= $error ? "\\n以下是错误信息:\\n" . $error : ""; exit3($str); } else {
function download_and_check_integrity($file, $destination, $counter = 5) { global $config; if (!($content = file_curl_contents($config['update_url'] . 'maj.php?f=' . $file))) { inlog('<em class="warning">!! file unreachable </em>' . $file); return false; } file_put_contents($destination . $file, $content); while (!md5_file($file) == $config['update_url'] . 'maj.php?f=' . $file . '&md5' && $counter <= 0) { inlog('<em class="warning">!!Integrity failure, retry </em>' . $dir . ' (n°' . $counter . ')'); $counter--; $content = file_curl_contents($config['update_url'] . 'maj.php?f=' . $file); file_put_contents($destination . $file, $content); } if (!md5_file($file) == $config['update_url'] . 'maj.php?f=' . $file . '&md5') { inlog('<em class="warning">!!Integrity failure </em>'); return false; } else { return $content; } }