From f276a60a1db3e7903bbe12601d9d842be8fb235b Mon Sep 17 00:00:00 2001 From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com> Date: Sat, 16 Apr 2022 10:54:15 +0800 Subject: [PATCH] add smallfileupload, fix title in encrypted folder #576 , --- common.php | 55 ++++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 43 insertions(+), 12 deletions(-) diff --git a/common.php b/common.php index a1663b3..9c887a4 100644 --- a/common.php +++ b/common.php @@ -42,6 +42,7 @@ $EnvConfigs = [ 'globalHeadMdUrl' => 0b011, 'globalReadmeMdUrl' => 0b011, 'globalFootOmfUrl' => 0b011, + 'bcmathUrl' => 0b011, 'Driver' => 0b100, 'client_id' => 0b100, @@ -320,12 +321,13 @@ function main($path) //error_log1($_SERVER['REQUEST_METHOD']); if ($_GET['action']=='del_upload_cache') { // del '.tmp' without login. 无需登录即可删除.tmp后缀文件 - if (!driveisfine($_SERVER['disktag'], $drive)) return output('Not in drive, or disk [' . $_SERVER['disktag'] . '] error.', 403); + if (!driveisfine($_SERVER['disktag'], $drive)) return output($_SERVER['disktag']?'disk [ ' . $_SERVER['disktag'] . ' ] error.':'Not in drive', 403); savecache('path_' . $path1, '', $_SERVER['disktag'], 1); // clear cache. return $drive->del_upload_cache($path); } + if ($_GET['action']=='upbigfile') { - if (!driveisfine($_SERVER['disktag'], $drive)) return output('Not in drive, or disk [' . $_SERVER['disktag'] . '] error.', 403); + if (!driveisfine($_SERVER['disktag'], $drive)) return output($_SERVER['disktag']?'disk [ ' . $_SERVER['disktag'] . ' ] error.':'Not in drive', 403); if (!$_SERVER['admin']) { if (!$_SERVER['is_guestup_path']) return output('Not_Guest_Upload_Folder', 400); if (strpos($_GET['upbigfilename'], '../')!==false) return output('Not_Allow_Cross_Path', 400); @@ -334,7 +336,20 @@ function main($path) return $drive->bigfileupload($path1); } } - + if ($_GET['action']=='upsmallfile') { + //echo json_encode($_POST, JSON_PRETTY_PRINT); + //echo json_encode($_FILES, JSON_PRETTY_PRINT); + if (!driveisfine($_SERVER['disktag'], $drive)) return output($_SERVER['disktag']?'disk [ ' . $_SERVER['disktag'] . ' ] error.':'Not in drive', 403); + if (!$_SERVER['admin']) { + if (!$_SERVER['is_guestup_path']) return output('Not_Guest_Upload_Folder', 400); + if (strpos($_GET['upbigfilename'], '../')!==false) return output('Not_Allow_Cross_Path', 400); + if (strpos($_POST['upbigfilename'], '../')!==false) return output('Not_Allow_Cross_Path', 400); + } + return smallfileupload($drive, $path); + /*if ($_FILES['file1']['error']) return output($_FILES['file1']['error'], 400); + if ($_FILES['file1']['size']>4*1024*1024) return output('File too large', 400); + return $drive->smallfileupload($path, $_FILES['file1']);*/ + } if ($_SERVER['admin']) { $tmp = adminoperate($path); if ($tmp['statusCode'] > 0) { @@ -446,26 +461,34 @@ function main($path) $fileConduitSize = getConfig('fileConduitSize', $_SERVER['disktag']); $fileConduitCacheTime = getConfig('fileConduitCacheTime', $_SERVER['disktag']); if (!!$fileConduitSize || !!$fileConduitCacheTime) { - if ($fileConduitSize>1) $fileConduitSize *= 1024*1024; + if ($fileConduitSize>0) $fileConduitSize *= 1024*1024; else $fileConduitSize = 1024*1024; - if ($fileConduitCacheTime>1) $fileConduitCacheTime *= 3600; + if ($fileConduitCacheTime>0) $fileConduitCacheTime *= 3600; else $fileConduitCacheTime = 3600; /*if ($_SERVER['HTTP_RANGE']!='') { $header['Range'] = $_SERVER['HTTP_RANGE']; + $response = curl('GET', $files['url'], '', $header, 1); //return output($header['Range'] . json_encode($response['returnhead'])); return output( $response['body'], $response['stat'], - //$response['returnhead'], - ['Content-Type' => $files['mime'], 'Cache-Control' => 'max-age=' . $fileConduitCacheTime], + $response['returnhead'], + //['Accept-Ranges' => 'bytes', 'Range' => $response['returnhead']['Range'], 'Content-Type' => $files['mime'], 'Cache-Control' => 'max-age=' . $fileConduitCacheTime], false ); + } else { + return output('', 206, + ['Accept-Ranges' => 'bytes', 'Content-Range' => 'bytes 0-0/' . $files['size'], 'Content-Type' => $files['mime'] ] + ); }*/ if ($files['size']<$fileConduitSize) return output( base64_encode(file_get_contents($files['url'])), 200, [ + 'Accept-Ranges' => 'bytes', + //'access-control-allow-origin' => '*', + //'access-control-expose-headers' => 'Content-Length, WWW-Authenticate, Location, Accept-Ranges', 'Content-Type' => $files['mime'], 'Cache-Control' => 'max-age=' . $fileConduitCacheTime, //'Cache-Control' => 'max-age=0', @@ -857,7 +880,7 @@ function curl($method, $url, $data = '', $headers = [], $returnheader = 0, $loca } $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); - curl_setopt($ch, CURLOPT_CUSTOMREQUEST,$method); + curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); curl_setopt($ch, CURLOPT_TIMEOUT, 5); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); @@ -869,7 +892,9 @@ function curl($method, $url, $data = '', $headers = [], $returnheader = 0, $loca if ($location) curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); //$response['body'] = curl_exec($ch); if ($returnheader) { - list($returnhead, $response['body']) = explode("\r\n\r\n", curl_exec($ch)); + $tmpres = splitlast(curl_exec($ch), "\r\n\r\n"); + $result['body'] = $tmpres[1]; + $returnhead = $tmpres[0]; //echo "HEAD:" . $returnhead; foreach (explode("\r\n", $returnhead) as $head) { $tmp = explode(': ', $head); @@ -879,7 +904,7 @@ function curl($method, $url, $data = '', $headers = [], $returnheader = 0, $loca } else { $response['body'] = curl_exec($ch); } - $response['stat'] = curl_getinfo($ch,CURLINFO_HTTP_CODE); + $response['stat'] = curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch); return $response; } @@ -1208,7 +1233,7 @@ function adminform($name = '', $pass = '', $storage = '', $path = '') function adminoperate($path) { global $drive; - if ($_SERVER['REQUEST_METHOD']=='POST') if (!driveisfine($_SERVER['disktag'], $drive)) return output('Not in drive, or disk [' . $_SERVER['disktag'] . '] error.', 403); + if ($_SERVER['REQUEST_METHOD']=='POST') if (!driveisfine($_SERVER['disktag'], $drive)) return output($_SERVER['disktag']?'disk [ ' . $_SERVER['disktag'] . ' ] error.':'Not in drive', 403); $path1 = path_format($_SERVER['list_path'] . '/' . $path); if (substr($path1, -1)=='/') $path1=substr($path1, 0, -1); $tmpget = $_GET; @@ -2159,7 +2184,13 @@ function render_list($path = '', $files = []) $p_path=''; if ($path1 !== '/') { if ($files['type']=='file') { - $pretitle = str_replace('&','&', $files['name']); + if (isset($files['name'])) { + $pretitle = str_replace('&','&', $files['name']); + } else { + if (substr($path1, 0, 1)=='/') $pretitle = substr($path1, 1); + if (substr($path1, -1)=='/') $pretitle = substr($pretitle, 0, -1); + $pretitle = str_replace('&','&', $pretitle); + } $n_path = $pretitle; $tmp = splitlast(splitlast($path1,'/')[0],'/'); if ($tmp[1]=='') {