此补丁来自PHPwind官方商业用户补丁,涉及版本 PHPwind7.5 ,主要用于安全修复。
1、打开:admin/setforum.php
查找:
$db_uploadfiletype = !empty($db_uploadfiletype) ? (is_array($db_uploadfiletype) ? $db_uploadfiletype : unserialize($db_uploadfiletype)) : array();
修改为:
$db_uploadfiletype = array(
''gif'' => 2048, ''jpg'' => 2048,
''jpeg'' => 2048, ''bmp'' => 2048,
''png'' => 2048
);
------------------------------------------------------------
2、打开:pw_ajax.php
查找:} elseif ($action == ''pcdelimg'') {
将此$aciton 中的内容替换如下:
InitGP(array(''fieldname'',''pctype''));
InitGP(array(''tid'',''id''),GP,2);
if (!$tid || !$id || !$fieldname || !$pctype) {
echo ''fail'';ajax_footer();
}
$id = (int)$id;
if ($pctype == ''topic'') {
$tablename = GetTopcitable($id);
} elseif ($pctype == ''postcate'') {
$tablename = GetPcatetable($id);
}
$fieldname = $db->get_value("SELECT fieldname FROM pw_pcfield WHERE fieldname=" . pwEscape($fieldname));
if (!$fieldname || !$tablename) {
echo ''fail'';ajax_footer();
}
$path = $db->get_value("SELECT $fieldname FROM $tablename WHERE tid=". pwEscape($tid));
if (strpos($path,''..'') !== false) {
echo ''fail'';ajax_footer();
}
$lastpos = strrpos($path,''/'') + 1;
$s_path = substr($path, 0, $lastpos) . ''s_'' . substr($path, $lastpos);
if (!file_exists("$attachpath/$path")) {
if (pwFtpNew($ftp,$db_ifftp)) {
$ftp->delete($path);
$ftp->delete($s_path);
pwFtpClose($ftp);
}
} else {
P_unlink("$attachdir/$path");
if (file_exists("$attachdir/$s_path")) {
P_unlink("$attachdir/$s_path");
}
}
$db->update("UPDATE $tablename SET $fieldname='''' WHERE tid=". pwEscape($tid));
echo ''success'';
ajax_footer();
------------------------------------------------------------
3、打开:api/class_Other.php
查找:foreach ($classdb as $key => $class) {
在下面添加:
$class[''cid''] = intval($class[''cid'']); |