From dd1250b0f066d2e77d42fd16f5b2c37eed6a9dee Mon Sep 17 00:00:00 2001 From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com> Date: Sun, 16 May 2021 20:12:17 +0800 Subject: [PATCH] try fix & and & in path --- common.php | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/common.php b/common.php index c5423cc..e72e950 100644 --- a/common.php +++ b/common.php @@ -738,7 +738,7 @@ function comppass($pass) function encode_str_replace($str) { $str = str_replace('%','%25',$str); - //$str = str_replace('&','&',$str); + if (strpos($str, '&')) $str = str_replace('&', '&amp;', $str); $str = str_replace('+','%2B',$str); $str = str_replace('#','%23',$str); return $str; @@ -2117,9 +2117,9 @@ function render_list($path = '', $files = []) $html = str_replace('', '', $html); $html = str_replace('', '', $html); } - $html = str_replace('', str_replace('%2523', '%23', str_replace('%26amp%3B','&',spurlencode(path_format($_SERVER['base_disk_path'] . '/' . $path), '/'))), $html); - $html = str_replace('', path_format($_SERVER['base_disk_path'] . '/' . $path), $html); - + $html = str_replace('', encode_str_replace(path_format($_SERVER['base_disk_path'] . '/' . str_replace('&', '&', $path))), $html); + $html = str_replace('', encode_str_replace(path_format($_SERVER['base_disk_path'] . '/' . str_replace('&', '&', $path))), $html); + $ext = strtolower(substr($path, strrpos($path, '.') + 1)); if (in_array($ext, $exts['img'])) $ext = 'img'; elseif (in_array($ext, $exts['video'])) $ext = 'video'; @@ -2145,8 +2145,8 @@ function render_list($path = '', $files = []) $html = str_replace('', '', $html); } //while (strpos($html, '')) $html = str_replace('', $files['url'], $html); - while (strpos($html, '')) $html = str_replace('', path_format(encode_str_replace($_SERVER['base_disk_path'] . '/' . $path)), $html); - while (strpos($html, '')) $html = str_replace('', path_format(encode_str_replace($_SERVER['base_disk_path'] . '/' . $path)), $html); + while (strpos($html, '')) $html = str_replace('', encode_str_replace(path_format($_SERVER['base_disk_path'] . '/' . $path)), $html); + while (strpos($html, '')) $html = str_replace('', encode_str_replace(path_format($_SERVER['base_disk_path'] . '/' . $path)), $html); while (strpos($html, '')) $html = str_replace('', $files['name'], $html); while (strpos($html, '')) $html = str_replace('', urlencode($files['url']), $html); //while (strpos($html, '')) $html = str_replace('', urlencode(path_format($_SERVER['base_disk_path'] . '/' . $path)), $html); @@ -2196,7 +2196,7 @@ function render_list($path = '', $files = []) if ($file['type']=='folder') { if ($_SERVER['admin'] or !isHideFile($file['name'])) { $filenum++; - $FolderListStr = str_replace('', path_format(encode_str_replace($_SERVER['base_disk_path'] . '/' . $path . '/' . $file['name'])), $FolderList); + $FolderListStr = str_replace('', encode_str_replace(path_format($_SERVER['base_disk_path'] . '/' . str_replace('&', '&', $path) . '/' . $file['name'])), $FolderList); $FolderListStr = str_replace('', $file['id'], $FolderListStr); $FolderListStr = str_replace('', str_replace('&','&', $file['showname']?$file['showname']:$file['name']), $FolderListStr); $FolderListStr = str_replace('', time_format($file['time']), $FolderListStr); @@ -2218,7 +2218,7 @@ function render_list($path = '', $files = []) $filenum++; $ext = strtolower(substr($file['name'], strrpos($file['name'], '.') + 1)); $FolderListStr = $FolderList; - while (strpos($FolderListStr, '')) $FolderListStr = str_replace('', path_format(encode_str_replace($_SERVER['base_disk_path'] . '/' . $path . '/' . $file['name'])), $FolderListStr); + while (strpos($FolderListStr, '')) $FolderListStr = str_replace('', encode_str_replace(path_format($_SERVER['base_disk_path'] . '/' . str_replace('&', '&', $path) . '/' . $file['name'])), $FolderListStr); $FolderListStr = str_replace('', $ext, $FolderListStr); if (in_array($ext, $exts['music'])) $FolderListStr = str_replace('', 'audio', $FolderListStr); elseif (in_array($ext, $exts['video'])) $FolderListStr = str_replace('', 'iframe', $FolderListStr); @@ -2403,7 +2403,7 @@ function render_list($path = '', $files = []) $tmp1 = splitfirst($tmp_path, '/'); $folder1 = $tmp1[0]; if ($folder1!='') { - $tmp_url .= $folder1 . '/'; + $tmp_url .= str_replace('&', '&', $folder1) . '/'; $PathArrayStr1 = str_replace('', encode_str_replace($folder1==$files['name']?'':$tmp_url), $PathArrayStr); $PathArrayStr1 = str_replace('', $folder1, $PathArrayStr1); $html .= $PathArrayStr1; @@ -2424,7 +2424,7 @@ function render_list($path = '', $files = []) $tmp1 = splitfirst($tmp_path, '/'); $folder1 = $tmp1[0]; if ($folder1!='') { - $tmp_url .= $folder1 . '/'; + $tmp_url .= str_replace('&', '&', $folder1) . '/'; $PathArrayStr1 = str_replace('', encode_str_replace($folder1==$files['name']?'':$tmp_url), $PathArrayStr); $PathArrayStr1 = str_replace('', ($folder1==$_SERVER['disktag']?(getConfig('diskname')==''?$_SERVER['disktag']:getConfig('diskname')):$folder1), $PathArrayStr1); $html .= $PathArrayStr1;