示例#1
0
 /**
  * 保存非法字符攻击日志
  */
 private static function save_attack_log($type, $val)
 {
     $cfg = App::get_config();
     if ($cfg['SYS_ATTACK_LOG']) {
         if (SYS_DOMAIN) {
             $_SERVER['REQUEST_URI'] = str_replace('/' . SYS_DOMAIN, '', $_SERVER['REQUEST_URI']);
         }
         $data = array('url' => isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] ? $_SERVER['QUERY_STRING'] : $_SERVER['REQUEST_URI'], 'ip' => client::get_user_ip(), 'uid' => get_cookie('member_id'), 'time' => time(), 'type' => $type, 'val' => $val, 'user' => $_SERVER['HTTP_USER_AGENT']);
         $dir = APP_ROOT . 'cache' . DIRECTORY_SEPARATOR . 'attack' . DIRECTORY_SEPARATOR;
         $file = $dir . date('Ymd') . '.log';
         if (!is_dir($dir)) {
             mkdir($dir, 0777);
         }
         $body = file_exists($file) ? file_get_contents($file) : null;
         if ($body) {
             $fdata = explode(PHP_EOL, $body);
             $idata = 0;
             foreach ($fdata as $v) {
                 if (empty($v)) {
                     continue;
                 }
                 $t = unserialize($v);
                 if ($data['ip'] == $t['ip']) {
                     $idata++;
                 }
                 //若Ip出现10次以上,直接禁止不再保存提醒
                 //相同地址在20秒内都含有非法字符,直接禁止不再保存提醒
                 if ($idata >= 10 || $data['time'] - $t['time'] < 20 && $data['user'] == $t['user'] && $data['ip'] == $t['ip'] && $data['url'] == $t['url']) {
                     if ($cfg['SYS_ILLEGAL_CHAR']) {
                         App::display_error(lang('app-10') . '<pre>' . htmlspecialchars(self::strip_slashes($val)) . '</pre>', 1);
                     }
                     unset($cfg);
                     return false;
                 }
             }
             unset($fadta);
         }
         $body = serialize($data) . PHP_EOL . $body;
         file_put_contents($file, $body, LOCK_EX);
         if ($data['ip'] && $cfg['SYS_ATTACK_MAIL'] && check::is_email($cfg['SITE_SYSMAIL'])) {
             //发送邮件至管理员
             mail::set($cfg);
             $body = '------------------------------------------------------------------------------------------<br>' . 'SITE: ' . SITE_URL . '<br>URL: ' . $data['url'] . '<br>TYPE: ' . $data['type'] . '<br>VALUE: ' . $data['val'] . '<br>IP: ' . $data['ip'] . '<br>TIME: ' . date(TIME_FORMAT, $data['time']) . '<br>USER: '******'user'] . '<br>------------------------------------------------------------------------------------------<br>' . lang('a-cfg-6') . '<br>';
             mail::sendmail($cfg['SITE_SYSMAIL'], lang('a-cfg-5') . '-' . $cfg['SITE_NAME'], $body);
         }
     }
     if ($cfg['SYS_ILLEGAL_CHAR']) {
         App::display_error(lang('app-10') . '<pre>' . htmlspecialchars(self::strip_slashes($val)) . '</pre>', 1);
     }
     unset($cfg);
 }
示例#2
0
/**
 * 栏目页SEO信息
 * @param int    $cat
 * @param int    $page
 * @param string $kw
 * @return array
 */
function listSeo($cat, $page = 1, $kw = NULL)
{
    $config = App::get_config();
    $meta_title = $meta_keywords = $meta_description = '';
    if ($kw) {
        $meta_title = (empty($cat) ? lang('fun-2', array('1' => $kw)) : lang('fun-2', array('1' => $kw))) . '-' . $config['SITE_NAME'];
        $meta_title = $page > 1 ? lang('fun-1', array('1' => $page)) . '-' . $meta_title : $meta_title;
    } else {
        $meta_title = empty($cat['meta_title']) ? getParentName($cat['catid'], '-', 0) : $cat['meta_title'];
        $meta_title = $meta_title ? $meta_title . '-' . $config['SITE_NAME'] : $config['SITE_NAME'];
        $meta_title = isset($cat['stitle']) && $cat['stitle'] ? $cat['stitle'] . '-' . $meta_title : ($page > 1 ? lang('fun-1', array('1' => $page)) . '-' . $meta_title : $meta_title);
        $meta_keywords = empty($cat['meta_keywords']) ? getParentName($cat['catid'], ',', 0) . ',' . $config['SITE_KEYWORDS'] : $cat['meta_keywords'];
        $meta_description = empty($cat['meta_description']) ? $config['SITE_DESCRIPTION'] : $cat['meta_description'];
    }
    return array('meta_title' => $meta_title, 'meta_keywords' => $meta_keywords, 'meta_description' => $meta_description);
}
示例#3
0
 /**
  * 下载远程图片
  */
 private function download_images($imgs, $uid = 0, $size = 0)
 {
     $imgs = array_unique($imgs);
     //去除重复图片
     $regex = $replace = array();
     $path = $uid ? 'uploadfiles/member/' . $uid . '/image/' . date('Ym') . '/' : 'uploadfiles/image/' . date('Ym') . '/';
     $this->mkdirs($path);
     //水印
     $config = App::get_config();
     if ($config['SITE_WATERMARK']) {
         $image = Controller::instance('image_lib');
     }
     foreach ($imgs as $img) {
         if ($uid && $size && count_member_size($uid) > $size * 1024 * 1024) {
             continue;
         }
         if (strpos($img, SITE_URL) !== false || substr($img, 0, 7) != 'http://') {
             continue;
         }
         //下载图片
         $fileext = strtolower(trim(substr(strrchr($img, '.'), 1, 10)));
         //扩展名
         $name = $path . md5($img . time()) . '.' . $fileext;
         $content = fn_geturl($img);
         if (empty($content)) {
             continue;
         }
         if (file_put_contents($name, $content)) {
             if ($config['SITE_WATERMARK']) {
                 $image = Controller::instance('image_lib');
                 if ($config['SITE_WATERMARK'] == 1) {
                     $image->set_watermark_alpha($config['SITE_WATERMARK_ALPHA']);
                     $image->make_image_watermark($name, $config['SITE_WATERMARK_POS'], $config['SITE_WATERMARK_IMAGE']);
                 } else {
                     $image->set_text_content($config['SITE_WATERMARK_TEXT']);
                     $image->make_text_watermark($name, $config['SITE_WATERMARK_POS'], $config['SITE_WATERMARK_SIZE']);
                 }
             }
             $regex[] = $img;
             $replace[] = $name;
         }
     }
     return count($regex) > 0 ? array('regex' => $regex, 'replace' => $replace) : null;
 }
示例#4
0
 public function del($data)
 {
     $table = $this->prefix . $data['tablename'];
     $this->query('DROP TABLE IF EXISTS `' . $table . '`');
     $this->delete('modelid=' . $data['modelid']);
     $this->del_model($data['tablename']);
     $this->query('DELETE FROM `' . $this->prefix . 'model_field` where modelid=' . $data['modelid']);
     //删除多站点
     $sites = App::get_site();
     $config = App::get_config();
     foreach ($sites as $sid => $t) {
         if ($t['SITE_EXTEND_ID'] == $data['site'] || $data['site'] == $sid) {
             //继承网站则同步删除模型
             $table = preg_replace('/\\_([0-9]+)\\_/', '_' . $sid . '_', $data['tablename']);
             $this->query('DROP TABLE IF EXISTS `' . $this->prefix . $table . '`');
             $this->del_model($table);
         }
     }
     //删除栏目
     $this->query('DELETE FROM `' . $this->prefix . 'category` where modelid=' . $data['modelid']);
 }