www.gusucode.com > SDCMS三合一企业网站管理系统PHP源码程序 > SDCMS三合一企业网站管理系统/sdcms_swhy_v1.7/sdcms_swhy_v1.7/上传本目录中文件/app/admin/controller/uploadcontroller.php
<?php
/**
* 作用:上传
* 官网:Http://www.sdcms.cn
* 作者:IT平民
* ===========================================================================
* 这不是一个自由软件!您只能在不用于商业目的的前提下对程序代码进行修改和使用;
* 未经授权不允许对程序代码以任何形式任何目的的再发布。
* ===========================================================================
**/
class UploadController extends AdminsController
{
private $step;
public function __construct()
{
parent::__construct();
$this->step=0;
}
function tree($root,$pid=0,$type,$multiple)
{
$str='';
$tid=$this->step+1;
$name=explode("/", $root);
$name=end($name);
$str.=",{id:$tid,pId:$pid,name:'$name',url:'".U('imagelists','type='.$type.'&multiple='.$multiple.'&root='.base64_encode($root).'')."',target:'content_body'}";
$this->step=$this->step+1;
$data=scandir($root);
if(is_array($data))
{
unset($data[0]);
unset($data[1]);
#降序排列
rsort($data);
foreach($data as $key=>$val)
{
if(is_dir($root.'/'.$val))
{
$str.=$this->tree($root.'/'.$val,$tid,$type,$multiple);
}
}
}
return $str;
}
public function index()
{
$action=F('get.action');
switch ($action)
{
case 'image':
self::editor(1);
break;
case 'video':
self::editor(2);
break;
case 'file':
self::editor(3);
break;
case 'listimage':
self::list_file(1);
break;
case 'listfile':
self::list_file(2);
break;
case 'catchimage':
self::catch_image();
break;
default:
self::config();
break;
}
}
public function config()
{
list($host)=explode(':',$_SERVER['HTTP_HOST']);
$arr=[
'imageActionName'=>'image',
'imageFieldName'=>'file',
'imageMaxSize'=>C('upload_image_max')*1024*1024,
'imageAllowFiles'=>[".png",".jpeg",".jpg",".gif"],
'imageCompressEnable'=>false,
'imageCompressBorder'=>99999,
'imageInsertAlign'=>'none',
'imageUrlPrefix'=>'',
'imagePathFormat'=>'',
'videoActionName'=>'video',
'videoFieldName'=>'file',
'videoMaxSize'=>C('upload_video_max')*1024*1024,
'videoAllowFiles'=>[".mp4"],
'videoUrlPrefix'=>'',
'videoPathFormat'=>'',
'fileActionName'=>'file',
'fileFieldName'=>'file',
'filePathFormat'=>'',
'fileUrlPrefix'=>'',
'fileMaxSize'=>C('upload_file_max')*1024*1024,
'fileAllowFiles'=>[".gif",".jpeg",".jpg",".png",
".swf",".mp4",".flv",
".doc",".docx",".xls",".xlsx",".ppt",".pptx",
".rar",".zip",".7z",".gz",".tar",
".apk",".iso",".pdf",".txt"],
'imageManagerActionName'=>'listimage',
'imageManagerListSize'=>'20',
'imageManagerUrlPrefix'=>'',
'imageManagerInsertAlign'=>'none',
'fileManagerActionName'=>'listfile',
'fileManagerListSize'=>'20',
'fileManagerUrlPrefix'=>'',
'catcherLocalDomain'=>["127.0.0.1","localhost",$host],
'catcherActionName'=>'catchimage',
'catcherFieldName'=>'source',
'catcherPathFormat'=>'',
'catcherUrlPrefix'=>'',
'catcherMaxSize'=>C('upload_image_max')*1024*1024,
'catcherAllowFiles'=>[".png",".jpg",".jpeg",".gif",".bmp"]
];
echo json_encode($arr);
}
public function catch_image()
{
$list=[];
$data=[];
if(isset($_POST['source']))
{
$data=$_POST['source'];
}
else
{
if(isset($_GET['source']))
{
$data=$_GET['source'];
}
}
if(is_array($data))
{
foreach($data as $key)
{
$info=self::saveRemote($key);
array_push($list,["state"=>$info['state'],"url"=>$info['url'],"source"=>$key]);
}
}
echo json_encode(array('state'=>count($list)?'SUCCESS':'ERROR','list'=>$list));
}
public function saveRemote($url)
{
$info=['state'=>'错误','url'=>null];
#enhtml可能会造成远程图片保存失败(原因:URL路径中含有非法字符)
#$url=enhtml($url);
$url=str_replace('&','&',$url);
if(strpos($url,'http')!==0)
{
$info['state']='链接不是http链接';
return $info;
}
preg_match('/(^https*:\/\/[^:\/]+)/', $url, $matches);
$host_with_protocol=count($matches)>1? $matches[1]:'';
#判断是否是合法 url
if(!filter_var($host_with_protocol, FILTER_VALIDATE_URL))
{
$info['state']='非法URL';
return $info;
}
preg_match('/^https*:\/\/(.+)/',$host_with_protocol,$matches);
$host_without_protocol=count($matches)>1?$matches[1]:'';
#此时提取出来的可能是 ip 也有可能是域名,先获取 ip
$ip=gethostbyname($host_without_protocol);
#判断是否是私有 ip
if(!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE))
{
$info['state']='非法IP';
return $info;
}
#获取请求头并检测死链
$heads = get_headers($url, 1);
if (!(stristr($heads[0], "200") && stristr($heads[0], "OK")))
{
$info['state']='链接不可用';
return $info;
}
#格式验证(扩展名验证和Content-Type验证)
if(isset($heads['Content-Type']))
{
switch ($heads['Content-Type'])
{
case 'image/gif':
$ext='.gif';
break;
case 'image/jpeg':
$ext='.jpg';
break;
case 'image/png':
$ext='.png';
break;
case 'image/bmp':
$ext='.bmp';
break;
default:
$ext=strtolower(strrchr($url,'.'));
break;
}
}
if (!in_array($ext, [".png",".jpg",".jpeg",".gif",".bmp"]) || !isset($heads['Content-Type']) || !stristr($heads['Content-Type'], "image"))
{
$info['state']='链接contentType不正确';
return $info;
}
#打开输出缓冲区并获取远程图片
ob_start();
$context=stream_context_create(
array('http' => array(
'follow_location' => false // don't follow redirects
))
);
readfile($url,false,$context);
$img=ob_get_contents();
ob_end_clean();
preg_match("/[\/]([^\/]*)[\.]?[^\.\/]*$/",$url,$m);
$size=strlen($img);
if($size>C('upload_image_max')*1024*1024)
{
$info['state']='文件大小超出网站限制';
return $info;
}
switch (C('upload_file_folder'))
{
case '1':
$filepath='upfile/'.date("Y").'/';
break;
case '2':
$filepath='upfile/'.date("Y").'/'.date("m").'/';
break;
case '3':
$filepath='upfile/'.date("Y").'/'.date("m").'/'.date("d").'/';
break;
default:
$filepath='upfile/'.date("Ym").'/';
}
if(!is_dir($filepath))
{
if(!mkfolder($filepath))
{
$info['state']='文件夹创建失败';
return $info;
}
}
$newname=time().mt_rand(100,999).$ext;
if (!(file_put_contents($filepath.$newname, $img) && file_exists($filepath.$newname)))
{
$info['state']='移动失败';
}
else
{
$fileway=C('file_way');
if($fileway=='local')
{
$info['state']='SUCCESS';
$info['url']=WEB_ROOT.$filepath.$newname;
}
else
{
$data['tmp_name']=$filepath.$newname;
$data['type']='image/'.$ext;
$up=new $fileway();
$result=$up->upload($data,$filepath.$newname);
if($result)
{
$info['url']=$up->backurl;
$info['state']='SUCCESS';
#删除本地文件
@unlink($filepath.$newname);
}
else
{
$info['state']=$up->msg;
}
}
}
return $info;
}
public function outimage()
{
$a='';
if(isset($_POST['content']))
{
$a=$_POST['content'];
}
if(empty($a))
{
echo '';
exit;
}
#去掉反斜杠
if(!get_magic_quotes_gpc())
{
$a=stripslashes($a);
}
list($host)=explode(':',$_SERVER['HTTP_HOST']);
$d=get_all_picurl($a,$host);
if(is_array($d))
{
foreach ($d as $key => $val)
{
$info=self::saveRemote($val);
if($info['state']=='SUCCESS')
{
$a=str_replace($val,$info['url'],$a);
}
/*
else
{
$a=$info['state'];
}
*/
}
}
echo $a;
}
public function list_file($type)
{
header("Content-Type: text/html; charset=utf-8");
if($type==1)
{
$allowFiles=[".png",".jpg",".gif"];
}
else
{
$allowFiles=[
".png", ".jpg", ".jpeg", ".gif", ".bmp",
".flv", ".swf", ".mkv", ".avi", ".rm", ".rmvb", ".mpeg", ".mpg",
".ogg", ".ogv", ".mov", ".wmv", ".mp4", ".webm", ".mp3", ".wav", ".mid",
".rar", ".zip", ".tar", ".gz", ".7z", ".bz2", ".cab", ".iso",
".doc", ".docx", ".xls", ".xlsx", ".ppt", ".pptx", ".pdf", ".txt", ".md", ".xml"
];
}
$listSize=20;
$path=WEB_ROOT.'upfile/';
$allowFiles = substr(str_replace(".", "|", join("", $allowFiles)), 1);
/* 获取参数 */
$size = getint(F('get.size'),$listSize);
$start =getint(F('get.start'),0);
$end = $start+$size;
/* 获取文件列表 */
$path = $_SERVER['DOCUMENT_ROOT'] . (substr($path, 0, 1) == "/" ? "":"/") . $path;
$files = self::getfiles($path, $allowFiles);
if (!count($files)) {
echo json_encode(array(
"state" => "no match file",
"list" => array(),
"start" => $start,
"total" => count($files)
),JSON_UNESCAPED_UNICODE);
return;
}
/* 获取指定范围的列表 */
$len = count($files);
rsort($files);
for ($i = min($end, $len) - 1, $list = array(); $i < $len && $i >= 0 && $i >= $start; $i--)
{
$list[] = $files[$i];
}
/* 返回数据 */
$result = json_encode(array(
"state" => "SUCCESS",
"list" => $list,
"start" => $start,
"total" => count($files)
),JSON_UNESCAPED_UNICODE);
echo $result;
}
function getfiles($path, $allowFiles, &$files = array())
{
if (!is_dir($path)) return null;
if(substr($path, strlen($path) - 1) != '/') $path .= '/';
$handle = opendir($path);
while (false !== ($file = readdir($handle)))
{
if ($file != '.' && $file != '..')
{
$path2 = $path . $file;
if (is_dir($path2))
{
self::getfiles($path2, $allowFiles, $files);
}
else
{
if (preg_match("/\.(".$allowFiles.")$/i", $file))
{
$files[] = array(
'url'=> iconv("gbk","utf-8",substr($path2,strlen($_SERVER['DOCUMENT_ROOT']))),
'mtime'=> filemtime($path2)
);
}
}
}
}
return $files;
}
public function editor($type)
{
$up=new sdcms_upload('file',$type,1,1);
if($up->state=='success')
{
$arr=['state'=>'SUCCESS','url'=>$up->msg,'original'=>$up->oldname,'title'=>$up->oldname];
}
else
{
$arr=['state'=>$up->msg];
}
echo json_encode($arr);
}
public function upfile()
{
$water=getint(F('get.water'),0);
$thumb=getint(F('get.thumb'),0);
$type=getint(F('get.type'),1);
$up=new sdcms_upload('file',$type,$thumb,$water);
echo $up->showmsg();
}
public function imagelist()
{
$type=getint(F('get.type'),0);
$multiple=getint(F('get.multiple'),0);
if($type==1)
{
$action='listimage';
}
else
{
$action='listfile';
}
$root=base64_decode(F('get.root'));
if($root=='')
{
$root='upfile';
}
$data=self::deal_arr(scandir($root),$root);
$folder=$data[0];
$this->assign('tree',trim($this->tree('upfile',0,$type,$multiple),","));
$this->assign('dir',$root);
$this->assign('type',$type);
$this->assign('folder',$folder);
$this->assign('action',$action);
$this->assign('multiple',$multiple);
$this->display('module/other/image.php');
}
public function imagelists()
{
$type=getint(F('get.type'),0);
$multiple=getint(F('get.multiple'),0);
if($type==1)
{
$action='listimage';
}
else
{
$action='listfile';
}
$root=base64_decode(F('get.root'));
if($root=='')
{
$root='upfile';
}
$data=self::deal_arr(scandir($root),$root);
$folder=$data[0];
$file=$data[1];
$arr=explode('/',$root);
$str='';
$position='';
foreach ($arr as $key=>$val)
{
if($key==0)
{
$str=$val;
}
else
{
$str.='/'.$val;
}
if($val=='upfile')
{
$val='根目录';
}
if($key>0)
{
$position.=' > ';
}
$position.='<a href="'.U('imagelists','type='.$type.'&multiple='.$multiple.'&root='.base64_encode($str).'').'">'.$val.'</a>';
}
switch(C('upload_file_folder'))
{
case '1':
$filepath='upfile/'.date("Y");
break;
case '2':
$filepath='upfile/'.date("Y").'/'.date("m");
break;
case '3':
$filepath='upfile/'.date("Y").'/'.date("m").'/'.date("d");
break;
default:
$filepath='upfile/'.date("Ym");
break;
}
$uploadurl=U('imagelists','type='.$type.'&multiple='.$multiple.'&root='.base64_encode($filepath));
$this->assign('dir',$root);
$this->assign('position',$position);
$this->assign('file',$file);
$this->assign('uploadurl',$uploadurl);
$this->assign('action',$action);
$this->assign('multiple',$multiple);
$this->display('module/other/image-list.php');
}
function deal_arr($data,$root,$name=[])
{
unset($data[0]);unset($data[1]);
$a=[];
$b=[];
foreach($data as $key=>$val)
{
if(is_dir($root.'/'.$val))
{
$a[$key]=['0'=>iconv("gb2312","utf-8",$val),'1'=>filemtime($root.'/'.$val)];
}
elseif(is_file($root.'/'.$val))
{
$ext=strtolower(strrchr($root.'/'.$val,'.'));
$b[filemtime($root.'/'.$val)]=['0'=>iconv("gb2312","utf-8",$val),'1'=>filemtime($root.'/'.$val),'2'=>formatBytes(filesize($root.'/'.$val)),'3'=>$ext,'4'=>self::is_image($ext)];
}
else
{
unset($data[$key]);
}
}
krsort($a);
krsort($b);
return ['0'=>$a,'1'=>$b];
}
public function is_image($a)
{
if(in_array($a,['.gif','.jpg','.jpeg','.png','.bmp']))
{
return '1';
}
else
{
return '0';
}
}
}