www.gusucode.com > PHP展示型企业网站模板米拓整站源码 1.0PHP源码程序 > PHP展示型企业网站模板米拓整站源码 1.0/MetInfozs_v1.0/MetInfozs_v1.0/admin/include/uploadify.php
<?php
require_once '../login/login_check.php';
require_once 'upfile.class.php';
require_once 'watermark.class.php';
/*初始化*/
echo 'SUC,';
$metinfo=0;
$met_file_maxsize=$met_file_maxsize*1024*1024;
$file_size=$_FILES['Filedata']['size'];
if($file_size>$met_file_maxsize){
echo $lang_filemaxsize;
exit;
}
$filesize=round($_FILES['Filedata']['size']/1024,2);
/*批量上传内容csv文件*/
if($type=="contentup"){
$met_file_format='csv';
$f = new upfile($met_file_format,'',$met_file_maxsize,'','1','|');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
$filename=time().'.csv';
$flienamecsv=$f->upload("Filedata",$filename);
$flienamecsv='../../'.$flienamecsv;
if($f->get_error()){
echo $f->get_errorcode();
die();
}
$fileField=$_FILES['Filedata']['name'];
$fileField=str_replace(".csv","",$fileField);
$metinfo='1$'.$flienamecsv.'|'.$fileField;
/*单独上传缩略图*/
}elseif($type=="small") {
$f = new upfile($met_file_format,'',$met_file_maxsize,'','1','|');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
$f->savepath = $f->savepath.'thumb/';
$imgurls = $f->upload('Filedata');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
$metinfo='1$'.$imgurls;
/*大图上传-水印-缩略图生成*/
}elseif($type=='big_wate_img'){
$f = new upfile($met_file_format,'',$met_file_maxsize,'','1','|');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
$imgurls = $f->upload('Filedata');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
$met_big_img = $imgurls;
$img = new Watermark();
if($met_big_wate==1){
if($met_wate_class==2){
$img->met_image_name = $met_wate_bigimg;
$img->met_image_pos = $met_watermark;
}else{
$img->met_text = $met_text_wate;
$img->met_text_size = $met_text_bigsize;
$img->met_text_color = $met_text_color;
$img->met_text_angle = $met_text_angle;
$img->met_text_pos = $met_watermark;
$img->met_text_font = $met_text_fonts;
}
$img->src_image_name ="../".$imgurls;
$img->save_file = $f->waterpath.$f->savename;
$img->create();
$imgurls ="../upload/".date('Ym')."/watermark/".$f->savename;
}
$met_dis_img='../'.$met_big_img;
if($wate==3){$met_img_x=$met_productdetail_x;$met_img_y=$met_productdetail_y;}
if($wate==5){$met_img_x=$met_imgdetail_x;$met_img_y=$met_imgdetail_y;}
if($met_img_x&&$met_img_y){
$met_dis_imgs=$f->createthumb($met_dis_img,$met_img_x,$met_img_y,'thumb_dis/');
if($f->get_error()==1){
echo $f->get_errorcode();
die();
}
if($met_big_wate==1){
if($met_wate_class==2){
$img->met_image_name = $met_wate_bigimg;
$img->met_image_pos = $met_watermark;
}else{
$img->met_text = $met_text_wate;
$img->met_text_size = $met_text_bigsize;
$img->met_text_color = $met_text_color;
$img->met_text_angle = $met_text_angle;
$img->met_text_pos = $met_watermark;
$img->met_text_font = $met_text_fonts;
}
$img->src_image_name =$met_dis_imgs;
$img->save_file = $met_dis_imgs;
$img->create();
}
}
if($met_autothumb_ok && $module!=67 && $module){
imgstyle($module);
$met_big_img="../".$met_big_img;
$imgurlss = $f->createthumb($met_big_img,$met_img_x,$met_img_y);
if($f->get_error()==1){
echo $f->get_errorcode();
die();
}
if($met_thumb_wate==1){
if($met_wate_class==2){
$img->met_image_name = $met_wate_img;
$img->met_image_pos = $met_watermark;
}else {
$img->met_text = $met_text_wate;
$img->met_text_size = $met_text_size;
$img->met_text_color = $met_text_color;
$img->met_text_angle = $met_text_angle;
$img->met_text_pos = $met_watermark;
$img->met_text_font = $met_text_fonts;
}
$img->src_image_name =$imgurlss;
$img->save_file =$imgurlss;
$img->create();
}
$imgurls_a=explode("../",$imgurlss);
$imgurlss="../".$imgurls_a[2];
}
$metinfo='1$'.$imgurls.'|'.$imgurlss;
if(!$module||$module==67)$metinfo='1$'.$imgurls;
/*ICO图标*/
}elseif($type=='metico'){
$f = new upfile($met_file_format,'../../',$met_file_maxsize,'','1','|');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
$file = $f->upload('Filedata','favicon');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
$metinfo='1$'.$file;
/*文件上传*/
}elseif($type=='upfile'){
$f = new upfile($met_file_format,'../../upload/file/',$met_file_maxsize,'','1','|');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
$file = $f->upload('Filedata');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
$metinfo='1$'.$file;
if($module==4)$metinfo.='|'.$filesize;
/*图片上传*/
}elseif($type=='upimage'){
$f = new upfile($met_file_format,'',$met_file_maxsize,'','1','|');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
$imgurls = $f->upload('Filedata');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
$metinfo='1$'.$imgurls;
}elseif($type=='upimage-met'){
$f = new upfile($met_file_format,'',$met_file_maxsize,'','1','|');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
$imgurls = $f->upload('Filedata');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
if($met_big_wate==1){
$img = new Watermark();
if($met_wate_class==2){
$img->met_image_name = $met_wate_bigimg;
$img->met_image_pos = $met_watermark;
}else{
$img->met_text = $met_text_wate;
$img->met_text_size = $met_text_bigsize;
$img->met_text_color = $met_text_color;
$img->met_text_angle = $met_text_angle;
$img->met_text_pos = $met_watermark;
$img->met_text_font = $met_text_fonts;
}
$img->src_image_name ="../".$imgurls;
$img->save_file = $f->waterpath.$f->savename;
$img->create();
$imgurls ="../upload/".date('Ym')."/watermark/".$f->savename;
}
$metinfo='1$'.$imgurls;
}elseif($type=='skin'){
die();
/*模板文件*/
$filetype=explode('.',$_FILES['Filedata']['name']);
if($filetype[count($filetype)-1]=='zip'){
if(stristr($met_file_format,'zip') === false){
echo $lang_jsx36;
die();
}
//if(!is_writable('../../templates/'))@chmod('../../templates/',0777);
$filenamearray=explode('.zip',$_FILES['Filedata']['name']);
$skin_if=$db->get_one("SELECT * FROM {$met_skin_table} WHERE skin_file='{$filenamearray[0]}'");
if($skin_if){
$metinfo=$lang_loginSkin;
}else{
$f = new upfile('zip','../../templates/','','');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
if(file_exists('../../templates/'.$filenamearray[0].'.zip'))$filenamearray[0]='metinfo'.$filenamearray[0];
$met_upsql = $f->upload('Filedata',$filenamearray[0]);
include "pclzip.lib.php";
$archive = new PclZip('../../templates/'.$filenamearray[0].'.zip');
if($archive->extract(PCLZIP_OPT_PATH, '../../templates/') == 0)$metinfo=$archive->errorInfo(true);
$list = $archive->listContent();
$error=0;
foreach($list as $key=>$val){
if(preg_match("/\.(asp|aspx|jsp)/i",$val[filename])){
$error=1;
}
if(!is_dir('../../templates/'.$val[filename])&&preg_match("/\.(php)/i",$val[filename])){
$danger=explode('|','preg_replace|assert|dirname|file_exists|file_get_contents|file_put_contents|fopen|mkdir|unlink|readfile|eval|cmd|passthru|system|gzuncompress|exec|shell_exec|fsockopen|pfsockopen|proc_open|scandir');
$ban='preg_replace|assert|eval|\$_POST|\$_GET';
foreach($danger as $key1 => $val1){
$str=file_get_contents('../../templates/'.$val[filename]);
$str=str_replace(array('\'','"','.'),'',$str);
if(preg_match("/([^A-Za-z0-9_]$val1)[\r\n\t]{0,}([\[\(])/i",$str)){
$error=1;
}
if(preg_match('/('.$ban.')/i',$str)){
$error=1;
}
}
}
}
@unlink('../../templates/'.$filenamearray[0].'.zip');
if($error){
foreach($list as $key=>$val){
if(is_dir('../../templates/'.$val[filename])){
@deldir('../../templates/'.$val[filename]);
}else{
@unlink('../../templates/'.$val[filename]);
}
}
$metinfo='含有危险函数,禁止上传!!';
}else{
$metinfo='1$'.$filenamearray[0];
}
}
}else{
$metinfo=$lang_uplaoderr2;
}
/*数据库文件*/
}elseif($type=='sql'){
if(strstr($_FILES['Filedata']['name'],'.sql') == '.sql'){
if(stristr($met_file_format,'sql') === false){
echo $lang_jsx37;
die();
}
$filenamearray=explode('.sql',$_FILES['Filedata']['name']);
$f = new upfile('sql,zip','../databack/','','');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
if(file_exists('../databack/'.$filenamearray[0].'.sql'))$filenamearray[0]='metinfo'.$filenamearray[0];
if($_FILES['Filedata']['name']!=''){
$met_upsql = $f->upload('Filedata',$filenamearray[0]);
}
include "pclzip.lib.php";
$archive = new PclZip('../databack/sql/'.'metinfo_'.$filenamearray[0].'.zip');
$archive->add('../databack/'.$filenamearray[0].'.sql',PCLZIP_OPT_REMOVE_PATH,'../databack/');
$metinfo='1$'.'../databack/'.$filenamearray[0].'.sql';
}else{
$filetype=explode('.',$_FILES['Filedata']['name']);
if($filetype[count($filetype)-1]=='zip'){
if(stristr($met_file_format,'zip') === false){
echo $lang_jsx36;
die();
}
$filenamearray=explode('.zip',$_FILES['Filedata']['name']);
$f = new upfile('sql,zip','../databack/sql/','','');
if($f->get_error()){
echo $f->get_errorcode();
die();
}
if(file_exists('../databack/sql/'.$filenamearray[0].'.zip'))$filenamearray[0]='metinfo'.$filenamearray[0];
if($_FILES['Filedata']['name']!=''){
$met_upsql = $f->upload('Filedata',$filenamearray[0]);
}
include "pclzip.lib.php";
$archive = new PclZip('../databack/sql/'.$filenamearray[0].'.zip');
if($archive->extract(PCLZIP_OPT_PATH, '../databack') == 0){
$metinfo=$archive->errorInfo(true);
}
else{
$list = $archive->listContent();
$metinfo='1$'.'../databack/sql/'.$filenamearray[0].'.zip';
}
}else{
$metinfo=$lang_uplaoderr3;
}
}
}
echo $metinfo;
?>