diff --git a/.htaccess b/.htaccess index 45b9c2a..f75587a 100644 --- a/.htaccess +++ b/.htaccess @@ -1,13 +1,15 @@ # apache +# LoadModule rewrite_module modules/mod_rewrite.so +# AllowOverride All RewriteEngine On RewriteRule ^(.*) index.php?/$1 [L] #----------------------------------- # nginx # rewrite ^(.*) index.php?/$1 last; - +# # caddy (not sure) # rewrite { -# to /index.php?/$1 +# to index.php?/$1 # } #----------------------------------- diff --git a/function/common.php b/function/common.php index 31dc11c..4c04cff 100644 --- a/function/common.php +++ b/function/common.php @@ -86,14 +86,14 @@ $ShowedInnerEnv = [ function getcache($str) { - $cache = null; + //$cache = null; $cache = new \Doctrine\Common\Cache\FilesystemCache(sys_get_temp_dir(), __DIR__.'/Onedrive/'.$_SERVER['disktag']); return $cache->fetch($str); } function savecache($key, $value, $exp = 1800) { - $cache = null; + //$cache = null; $cache = new \Doctrine\Common\Cache\FilesystemCache(sys_get_temp_dir(), __DIR__.'/Onedrive/'.$_SERVER['disktag']); $cache->save($key, $value, $exp); } @@ -364,7 +364,8 @@ function message($message, $title = 'Message', $statusCode = 200)

-', $statusCode); + +', $statusCode); } function needUpdate() @@ -488,8 +489,8 @@ function main($path) global $constStr; //echo 'main.enterpath:'.$path.' //'; - $constStr['language'] = $_COOKIE['language']; - if ($constStr['language']=='') $constStr['language'] = getConfig('language'); + if (isset($_COOKIE['language'])) $constStr['language'] = $_COOKIE['language']; + if (!$constStr['language']) $constStr['language'] = getConfig('language'); if ($constStr['language']=='') $constStr['language'] = 'en-us'; $_SERVER['language'] = $constStr['language']; $_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path); @@ -517,8 +518,8 @@ function main($path) } else { $adminloginpage = getConfig('adminloginpage'); } - if ($_GET[$adminloginpage]) { - if ($_GET['preview']) { + if (isset($_GET[$adminloginpage])) { + if (isset($_GET['preview'])) { $url = $_SERVER['PHP_SELF'] . '?preview'; } else { $url = path_format($_SERVER['PHP_SELF'] . '/'); @@ -532,13 +533,13 @@ function main($path) } } if (getConfig('admin')!='') - if ( $_COOKIE['admin']==md5(getConfig('admin')) || $_POST['password1']==getConfig('admin') ) { + if ( (isset($_COOKIE['admin'])&&$_COOKIE['admin']==md5(getConfig('admin'))) || (isset($_POST['password1'])&&$_POST['password1']==getConfig('admin')) ) { $_SERVER['admin']=1; $_SERVER['needUpdate'] = needUpdate(); } else { $_SERVER['admin']=0; } - if ($_GET['setup']) + if (isset($_GET['setup'])) if ($_SERVER['admin']) { // setup Environments. 设置,对环境变量操作 return EnvOpt($_SERVER['needUpdate']); @@ -549,7 +550,7 @@ function main($path) if (getConfig('admin')=='') return install(); config_oauth(); - if ($_SERVER['admin']) if ($_GET['AddDisk']||$_GET['authorization_code']) return get_refresh_token(); + if ($_SERVER['admin']) if (isset($_GET['AddDisk'])||isset($_GET['authorization_code'])) return get_refresh_token(); $refresh_token = getConfig('refresh_token'); //if (!$refresh_token) return get_refresh_token(); if (!$refresh_token) { @@ -607,7 +608,7 @@ function main($path) if ($_SERVER['ajax']) return output(getconstStr('RefreshtoLogin'),401); } $_SERVER['ishidden'] = passhidden($path); - if ($_GET['thumbnails']) { + if (isset($_GET['thumbnails'])) { if ($_SERVER['ishidden']<4) { if (in_array(strtolower(substr($path, strrpos($path, '.') + 1)), $exts['img'])) { return get_thumbnails_url($path); @@ -630,7 +631,7 @@ function main($path) } else return output('',404); } else return output('',401); } - if (isset($files['file']) && !$_GET['preview']) { + if (isset($files['file']) && !isset($_GET['preview'])) { // is file && not preview mode if ( $_SERVER['ishidden']<4 || (!!getConfig('downloadencrypt')&&$files['name']!=getConfig('passfile')) ) return output('', 302, [ 'Location' => $files['@microsoft.graph.downloadUrl'] ]); } @@ -701,7 +702,7 @@ function adminoperate($path) $path1 = path_format($_SERVER['list_path'] . path_format($path)); if (substr($path1,-1)=='/') $path1=substr($path1,0,-1); $tmparr['statusCode'] = 0; - if ($_GET['rename_newname']!=$_GET['rename_oldname'] && $_GET['rename_newname']!='') { + if (isset($_GET['rename_newname'])&&$_GET['rename_newname']!=$_GET['rename_oldname'] && $_GET['rename_newname']!='') { // rename 重命名 $oldname = spurlencode($_GET['rename_oldname']); $oldname = path_format($path1 . '/' . $oldname); @@ -711,7 +712,7 @@ function adminoperate($path) //savecache('path_' . $path1, json_decode('{}',true), 1); return output($result['body'], $result['stat']); } - if ($_GET['delete_name']!='') { + if (isset($_GET['delete_name'])) { // delete 删除 $filename = spurlencode($_GET['delete_name']); $filename = path_format($path1 . '/' . $filename); @@ -720,7 +721,7 @@ function adminoperate($path) //savecache('path_' . $path1, json_decode('{}',true), 1); return output($result['body'], $result['stat']); } - if ($_GET['operate_action']==getconstStr('encrypt')) { + if (isset($_GET['operate_action'])&&$_GET['operate_action']==getconstStr('encrypt')) { // encrypt 加密 if (getConfig('passfile')=='') return message(getconstStr('SetpassfileBfEncrypt'),'',403); if ($_GET['encrypt_folder']=='/') $_GET['encrypt_folder']==''; @@ -732,7 +733,7 @@ function adminoperate($path) savecache('path_' . $path1 . '/?password', '', 1); return output($result['body'], $result['stat']); } - if ($_GET['move_folder']!='') { + if (isset($_GET['move_folder'])) { // move 移动 $moveable = 1; if ($path == '/' && $_GET['move_folder'] == '/../') $moveable=0; @@ -752,7 +753,7 @@ function adminoperate($path) return output('{"error":"'.getconstStr('CannotMove').'"}', 403); } } - if ($_GET['copy_name']!='') { + if (isset($_GET['copy_name'])) { // copy 复制 $filename = spurlencode($_GET['copy_name']); $filename = path_format($path1 . '/' . $filename); @@ -788,7 +789,7 @@ function adminoperate($path) //savecache('path_' . $path2, json_decode('{}',true), 1); return output($result['body'].json_encode($result['Location']), $result['stat']); } - if ($_POST['editfile']!='') { + if (isset($_POST['editfile'])) { // edit 编辑 $data = $_POST['editfile']; /*TXT一般不会超过4M,不用二段上传 @@ -801,7 +802,7 @@ function adminoperate($path) $resultarry = json_decode($result,true); if (isset($resultarry['error'])) return message($resultarry['error']['message']. '
'.getconstStr('Back').'','Error',403); } - if ($_GET['create_name']!='') { + if (isset($_GET['create_name'])) { // create 新建 if ($_GET['create_type']=='file') { $filename = spurlencode($_GET['create_name']); @@ -815,7 +816,7 @@ function adminoperate($path) //savecache('path_' . $path1, json_decode('{}',true), 1); return output($result['body'], $result['stat']); } - if ($_GET['RefreshCache']) { + if (isset($_GET['RefreshCache'])) { $path1 = path_format($_SERVER['list_path'] . path_format($path)); savecache('path_' . $path1 . '/?password', '', 1); return message('', getconstStr('RefreshCache'), 302); @@ -1110,7 +1111,7 @@ function render_list($path = '', $files = '') Github : https://github.com/ldxw/OneManager-php -->' . ob_get_clean(); if (isset($htmlpage['statusCode'])) return $htmlpage; - if ($_SERVER['Set-Cookie']!='') return output($html, $statusCode, [ 'Set-Cookie' => $_SERVER['Set-Cookie'], 'Content-Type' => 'text/html' ]); + if (isset($_SERVER['Set-Cookie'])) return output($html, $statusCode, [ 'Set-Cookie' => $_SERVER['Set-Cookie'], 'Content-Type' => 'text/html' ]); return output($html,$statusCode); } @@ -1118,9 +1119,10 @@ function get_refresh_token() { global $constStr; global $CommonEnv; + $envs = ''; foreach ($CommonEnv as $env) $envs .= '\'' . $env . '\', '; $url = path_format($_SERVER['PHP_SELF'] . '/'); - if ($_GET['authorization_code'] && isset($_GET['code'])) { + if (isset($_GET['authorization_code']) && isset($_GET['code'])) { $_SERVER['disktag'] = $_COOKIE['disktag']; config_oauth(); $tmp = curl_request($_SERVER['oauth_url'] . 'token', 'client_id=' . $_SERVER['client_id'] .'&client_secret=' . $_SERVER['client_secret'] . '&grant_type=authorization_code&requested_token_use=on_behalf_of&redirect_uri=' . $_SERVER['redirect_uri'] .'&code=' . $_GET['code']); @@ -1150,7 +1152,7 @@ function get_refresh_token() return message('
' . json_encode(json_decode($tmp['body']), JSON_PRETTY_PRINT) . '
', $tmp['stat']); //return message('
' . json_encode($ret, JSON_PRETTY_PRINT) . '
', 500); } - if ($_GET['install1']) { + if (isset($_GET['install1'])) { $_SERVER['disk_oprating'] = $_COOKIE['disktag']; $_SERVER['disktag'] = $_COOKIE['disktag']; config_oauth(); @@ -1169,7 +1171,7 @@ function get_refresh_token() return message('something error, try after a few seconds.', 'retry', 201); } } - if ($_GET['install0']) { + if (isset($_GET['install0'])) { if ($_POST['disktag_add']!='' && ($_POST['Onedrive_ver']=='MS' || $_POST['Onedrive_ver']=='CN' || $_POST['Onedrive_ver']=='MSC')) { if (in_array($_COOKIE['disktag'], $CommonEnv)) { return message('Do not input ' . $envs . '
', 'Error', 201); @@ -1248,7 +1250,7 @@ function EnvOpt($needUpdate = 0) asort($ShowedCommonEnv); asort($ShowedInnerEnv); $html = 'OneManager '.getconstStr('Setup').''; - if ($_POST['updateProgram']==getconstStr('updateProgram')) { + if (isset($_POST['updateProgram'])&&$_POST['updateProgram']==getconstStr('updateProgram')) { $response = OnekeyUpate(); if (api_error($response)) { $html = api_error_msg($response); @@ -1261,7 +1263,7 @@ function EnvOpt($needUpdate = 0) } return message($html, $title); } - if ($_POST['submit1']) { + if (isset($_POST['submit1'])) { $_SERVER['disk_oprating'] = ''; foreach ($_POST as $k => $v) { if (in_array($k, $ShowedCommonEnv)||in_array($k, $ShowedInnerEnv)||$k=='disktag_del' || $k=='disktag_add') { @@ -1291,7 +1293,7 @@ function EnvOpt($needUpdate = 0) } return message($html, $title); } - if ($_GET['preview']) { + if (isset($_GET['preview'])) { $preurl = $_SERVER['PHP_SELF'] . '?preview'; } else { $preurl = path_format($_SERVER['PHP_SELF'] . '/'); @@ -1299,7 +1301,7 @@ function EnvOpt($needUpdate = 0) $html .= ' '.getconstStr('Back').'   '.getconstStr('Back').getconstStr('Home').'
Github
'; - if (!($_SERVER['USER']==='qcloud'||$_SERVER['HEROKU_APP_DIR']==='/app')) { + if (!((isset($_SERVER['USER'])&&$_SERVER['USER']==='qcloud')||(isset($_SERVER['HEROKU_APP_DIR'])&&$_SERVER['HEROKU_APP_DIR']==='/app'))) { $html .= ' In VPS can not update by a click!
'; } else { diff --git a/function/heroku.php b/function/heroku.php index e0a63cf..24619cf 100644 --- a/function/heroku.php +++ b/function/heroku.php @@ -41,13 +41,18 @@ function getConfig($str, $disktag = '') { global $InnerEnv; global $Base64Env; - if ($disktag=='') $disktag = $_SERVER['disktag']; if (in_array($str, $InnerEnv)) { - if (in_array($str, $Base64Env)) return equal_replace(json_decode(getenv($disktag), true)[$str],1); - else return json_decode(getenv($disktag), true)[$str]; + if ($disktag=='') $disktag = $_SERVER['disktag']; + $env = json_decode(getenv($disktag), true); + if (isset($env[$str])) { + if (in_array($str, $Base64Env)) return equal_replace($env[$str],1); + else return $env[$str]; + } + } else { + if (in_array($str, $Base64Env)) return equal_replace(getenv($str),1); + else return getenv($str); } - if (in_array($str, $Base64Env)) return equal_replace(getenv($str),1); - else return getenv($str); + return ''; } function setConfig($arr, $disktag = '') diff --git a/function/normal.php b/function/normal.php index e6a4d95..e6bf1e8 100644 --- a/function/normal.php +++ b/function/normal.php @@ -41,17 +41,21 @@ function getConfig($str, $disktag = '') global $InnerEnv; global $Base64Env; //include 'config.php'; - if ($disktag=='') $disktag = $_SERVER['disktag']; $s = file_get_contents('config.php'); $configs = substr($s, 18, -2); if ($configs!='') { $envs = json_decode($configs, true); if (in_array($str, $InnerEnv)) { - if (in_array($str, $Base64Env)) return equal_replace($envs[$disktag][$str],1); - else return $envs[$disktag][$str]; + if ($disktag=='') $disktag = $_SERVER['disktag']; + if (isset($envs[$disktag][$str])) { + if (in_array($str, $Base64Env)) return equal_replace($envs[$disktag][$str],1); + else return $envs[$disktag][$str]; + } } else { - if (in_array($str, $Base64Env)) return equal_replace($envs[$str],1); - else return $envs[$str]; + if (isset($envs[$str])) { + if (in_array($str, $Base64Env)) return equal_replace($envs[$str],1); + else return $envs[$str]; + } } } return ''; diff --git a/function/scf.php b/function/scf.php index ec8f8b9..85e4695 100644 --- a/function/scf.php +++ b/function/scf.php @@ -58,13 +58,18 @@ function getConfig($str, $disktag = '') { global $InnerEnv; global $Base64Env; - if ($disktag=='') $disktag = $_SERVER['disktag']; if (in_array($str, $InnerEnv)) { - if (in_array($str, $Base64Env)) return equal_replace(json_decode(getenv($disktag), true)[$str],1); - else return json_decode(getenv($disktag), true)[$str]; + if ($disktag=='') $disktag = $_SERVER['disktag']; + $env = json_decode(getenv($disktag), true); + if (isset($env[$str])) { + if (in_array($str, $Base64Env)) return equal_replace($env[$str],1); + else return $env[$str]; + } + } else { + if (in_array($str, $Base64Env)) return equal_replace(getenv($str),1); + else return getenv($str); } - if (in_array($str, $Base64Env)) return equal_replace(getenv($str),1); - else return getenv($str); + return ''; } function setConfig($arr, $disktag = '') diff --git a/index.php b/index.php index c53a035..ff1cac9 100644 --- a/index.php +++ b/index.php @@ -4,9 +4,9 @@ include 'conststr.php'; include 'function/common.php'; //echo '
'. json_encode($_SERVER, JSON_PRETTY_PRINT).'
'; -if ($_SERVER['USER']==='qcloud') { +if (isset($_SERVER['USER'])&&$_SERVER['USER']==='qcloud') { include 'function/scf.php'; -} elseif ($_SERVER['HEROKU_APP_DIR']==='/app') { +} elseif (isset($_SERVER['HEROKU_APP_DIR'])&&$_SERVER['HEROKU_APP_DIR']==='/app') { include 'function/heroku.php'; $path = getpath(); //echo 'path:'. $path; diff --git a/readme.md b/readme.md index 28e1350..ca4f48a 100644 --- a/readme.md +++ b/readme.md @@ -13,7 +13,7 @@ How to Install: 1.Start web service on your server (httpd or other), make sure you can visit it. 启动web服务器,确保你能访问到。 2.Make the rewrite works, the rule is in .htaccess file, make sure any query redirect to index.php. - 开启伪静态(重写)功能,规则在.htaccess文件中,ngnix自行转换,我们的目的是不管访问什么都让index.php来处理。 + 开启伪静态(重写)功能,规则在.htaccess文件中,ngnix从里面复制,我们的目的是不管访问什么都让index.php来处理。 3.Upload code. 上传好代码。 4.Change the file config.php can be read&write (666 is suggested). @@ -41,7 +41,7 @@ The XXX_path in setting is the path in Onedrive, not in url, program will find t LOGO ICON: put your 'favicon.ico' in the path you showed, make sure xxxxx.com/favicon.ico can be visited. 网站图标:将favicon.ico文件放在你要展示的目录中,确保 xxxxx.com/favicon.ico 可以访问到。 Program will show content of 'readme.md' & 'head.md'. -可以在文件列表下面显示readme.md文件的内容。 +可以在文件列表显示head.md跟readme.md文件的内容。 guest up path, is a folder that the guest can upload files, but can not be list (exclude admin). 游客上传目录(也叫图床目录),是指定一个目录,让游客可以上传文件,不限格式,不限大小。这个目录里面的内容不列清单(除非管理登录)。 If there is 'index.html' file, program will only show the content of 'index.html', not list the files. diff --git a/theme/classic.php b/theme/classic.php index ed807f9..766de04 100644 --- a/theme/classic.php +++ b/theme/classic.php @@ -70,7 +70,7 @@
    • -
    • +
    • + if (isset($_SERVER['needUpdate'])&&$_SERVER['needUpdate']) { ?>

    @@ -133,6 +133,10 @@
    @@ -155,8 +159,6 @@
    document.getElementById(\'url\').offsetWidth) this.style.width=\'100%\';" /> '; @@ -202,12 +204,12 @@
    + if (isset($_POST['filenum'])) $filenum = $_POST['filenum']; + if (!isset($filenum) and isset($files['folder']['page'])) $filenum = ($files['folder']['page']-1)*200; + else $filenum = 0; ?> - + @@ -406,7 +408,7 @@ + if (!isset($_GET['preview'])) { ?>
          
    + + + + + + + + + + + + +'; + foreach ($files['children'] as $file) { + // Files + if (isset($file['file'])) { + if ($_SERVER['admin'] or (substr($file['name'],0,1) !== '.' and $file['name'] !== getConfig('passfile') ) ) { + if (strtolower($file['name']) === 'head.md') $head = $file; + if (strtolower($file['name']) === 'readme.md') $readme = $file; + if (strtolower($file['name']) === 'index.html' && !$_SERVER['admin']) { + $html = curl_request(fetch_files(spurlencode(path_format($path . '/' .$file['name']),'/'))['@microsoft.graph.downloadUrl'])['body']; + return output($html,200); + } + $filenum++; ?> + + + + + + +
       
    + +
  • +
      +
      • +
      • +
      • +
      • +
      • +
    +
    • + + + +
    + +
  • +
      +
      • +
      • +
      • +
      • +
    +
    • + + + + + + + + + + + + + + + + + + + + + + + +
    +200) { + $pagenum = $files['folder']['page']; + $maxpage = ceil($files['folder']['childCount']/200); + $prepagenext = ' + + + + + + + + +
    '; + if ($pagenum!=1) { + $prepagenum = $pagenum-1; + $prepagenext .= ' + '.getconstStr('PrePage').''; + } + $prepagenext .= ' + '; + for ($page=1;$page<=$maxpage;$page++) { + if ($page == $pagenum) { + $prepagenext .= ' + ' . $page . ' '; + } else { + $prepagenext .= ' + ' . $page . ' '; + } + } + $prepagenext = substr($prepagenext,0,-1); + $prepagenext .= ' + '; + if ($pagenum!=$maxpage) { + $nextpagenum = $pagenum+1; + $prepagenext .= ' + '.getconstStr('NextPage').''; + } + $prepagenext .= ' +
    + '; + echo $prepagenext; + } + if ($_SERVER['admin']) { ?> +
    +
    + + +
    +
    + + + +
    +
    +
    +
    + +
    + +
    +
    +'; + } + if ($readme) { + echo ' +
    +
    +
    +
    +
    +
    +
    + +
    + +
    +
    +'; + } + } + } else { + echo ' +
    +
    +
    + + +
    +
    +
    '; + $statusCode = 401; + } + } ?> +
    +
    +
    + + + +
    + + + + + + +
    + + + +
    + + + + + + + + + +