yanglc
/
OneManager-php
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

encrypt via fileID, try fix get pass from specialchars folder

pull/453/head
qkqpttgf 2021-10-21 11:39:09 +08:00 committed by GitHub
parent 9623e03c3f
commit 07664407c6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
common.php
View File

@ -826,7 +826,7 @@ function gethiddenpass($path,$passfile)
$path1 = path_format($_SERVER['list_path'] . path_format($path)); $path1 = path_format($_SERVER['list_path'] . path_format($path));
if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1); if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1);
$password=getcache('path_' . $path1 . '/?password', $_SERVER['disktag']); $password=getcache('path_' . $path1 . '/?password', $_SERVER['disktag']);
if ($password=='') { if ($password===false) {
$ispassfile = get_content(path_format($path . '/' . urlencode($passfile))); $ispassfile = get_content(path_format($path . '/' . urlencode($passfile)));
//echo $path . '<pre>' . json_encode($ispassfile, JSON_PRETTY_PRINT) . '</pre>'; //echo $path . '<pre>' . json_encode($ispassfile, JSON_PRETTY_PRINT) . '</pre>';
if ($ispassfile['type']=='file') { if ($ispassfile['type']=='file') {
@ -981,11 +981,11 @@ function output($body, $statusCode = 200, $headers = ['Content-Type' => 'text/ht
function passhidden($path) function passhidden($path)
{ {
if ($_SERVER['admin']) return 0; if ($_SERVER['admin']) return 0;
$path = str_replace('+','%2B',$path); //$path = str_replace('+','%2B',$path);
$path = str_replace('&amp;','&', path_format(urldecode($path))); //$path = str_replace('&amp;','&', path_format(urldecode($path)));
if (getConfig('passfile') != '') { if (getConfig('passfile') != '') {
$path = spurlencode($path,'/'); //$path = spurlencode($path,'/');
if (substr($path,-1)=='/') $path=substr($path,0,-1); //if (substr($path,-1)=='/') $path=substr($path,0,-1);
$hiddenpass=gethiddenpass($path, getConfig('passfile')); $hiddenpass=gethiddenpass($path, getConfig('passfile'));
if ($hiddenpass != '') { if ($hiddenpass != '') {
return comppass($hiddenpass); return comppass($hiddenpass);
@ -1075,7 +1075,7 @@ function adminform($name = '', $pass = '', $storage = '', $path = '')
function adminoperate($path) function adminoperate($path)
{ {
global $drive; global $drive;
$path1 = path_format($_SERVER['list_path'] . path_format($path)); $path1 = path_format($_SERVER['list_path'] . '/' . $path);
if (substr($path1, -1)=='/') $path1=substr($path1, 0, -1); if (substr($path1, -1)=='/') $path1=substr($path1, 0, -1);
$tmpget = $_GET; $tmpget = $_GET;
$tmppost = $_POST; $tmppost = $_POST;
@ -1119,7 +1119,7 @@ function adminoperate($path)
if (${$VAR}['encrypt_folder']=='/') ${$VAR}['encrypt_folder']==''; if (${$VAR}['encrypt_folder']=='/') ${$VAR}['encrypt_folder']=='';
$folder['path'] = path_format($path1 . '/' . spurlencode(${$VAR}['encrypt_folder'], '/')); $folder['path'] = path_format($path1 . '/' . spurlencode(${$VAR}['encrypt_folder'], '/'));
$folder['name'] = ${$VAR}['encrypt_folder']; $folder['name'] = ${$VAR}['encrypt_folder'];
$folder['id'] = ${$VAR}['id']; $folder['id'] = ${$VAR}['encrypt_fileid'];
return $drive->Encrypt($folder, getConfig('passfile'), ${$VAR}['encrypt_newpass']); return $drive->Encrypt($folder, getConfig('passfile'), ${$VAR}['encrypt_newpass']);
} }
if (isset($tmpget['move_folder']) || isset($tmppost['move_folder'])) { if (isset($tmpget['move_folder']) || isset($tmppost['move_folder'])) {