Windy/EasyImages2.0
1
0
Fork 0
mirror of https://github.com/icret/EasyImages2.0.git synced 2025-01-08 11:58:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

增加前端上传签名

Browse Source
This commit is contained in:
icret 2023-03-05 21:46:49 +08:00
parent f311863c73
commit b620eb412b
6 changed files with 53 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
admin/admin.inc.php
View File

@ -572,14 +572,14 @@ auto_delete(); //定时删除
<div class="form-group">
<label for="logDate" class="text-primary">月份: </label>
<input type="text" class="form-control logDate" id="logDate" name="logDate" value="<?php echo date('Y-m'); ?>" required="required" readonly>
<input type="hidden" class="form-control" name="pass" value="<?php echo md5($config['password'] . date('ymdh')); ?>" placeholder="日志访问秘钥">
<input type="hidden" class="form-control" name="sign" value="<?php echo md5($config['password'] . date('ymdh')); ?>" placeholder="日志访问秘钥">
</div>
<button type="submit" class="btn btn-primary">查看</button>
</form>
</div>
<div class="col-md-2">
<h5 class="header-dividing">登录日志 <small>仅显示当月</small></h5>
<button type="button" class="btn btn-primary" data-toggle="modal" data-title="登录日志 - 仅显示当月" data-icon="book" data-moveable="true" data-width="60%" data-type="ajax" data-url="../application/viewlog.php?login_log&pass=<?php echo md5($config['password'] . date('ymdh')); ?>">查看</button>
<button type="button" class="btn btn-primary" data-toggle="modal" data-title="登录日志 - 仅显示当月" data-icon="book" data-moveable="true" data-width="60%" data-type="ajax" data-url="../application/viewlog.php?login_log&sign=<?php echo md5($config['password'] . date('ymdh')); ?>">查看</button>
</div>
<div class="col-md-3">
<h5 class="header-dividing" data-toggle="tooltip" title="仅限存储分类路径为 Y/m/d/ 格式<br/>且每天需要访问一次后台才执行<br/>先重命名要删除文件夹作为备份<br/>超过定时日期的2倍后再彻底删除重命名的文件夹<br/>超过定时日期前和开启分离的文件夹不删除">定时删除 <small>数值为<code>0</code>时关闭</small></h5>

28
api/index.php
View File

@ -167,24 +167,24 @@ if ($handle->uploaded) {
// 上传成功后返回json数据
$reJson = array(
"result" => "success",
"code" => 200,
"url" => $imageUrl,
"srcName" => $handle->file_src_name_body,
"thumb" => $handleThumb,
"del" => $delUrl,
"ID" => $tokenID, // 202-02-11 增加返回Token ID
// "memory" => getDistUsed(memory_get_peak_usage()), // 占用内存 2023-02-12
"result" => "success",
"code" => 200,
"url" => $imageUrl,
"srcName" => $handle->file_src_name_body,
"thumb" => $handleThumb,
"del" => $delUrl,
"ID" => $tokenID, // 202-02-11 增加返回Token ID
// "memory" => getDistUsed(memory_get_peak_usage()), // 占用内存 2023-02-12
);
echo json_encode($reJson, JSON_UNESCAPED_UNICODE);
$handle->clean();
} else {
// 上传错误 code:206 客户端文件有问题
$reJson = array(
"result" => "failed",
"code" => 206,
"message" => $handle->error,
"memory" => getDistUsed(memory_get_peak_usage()), // 占用内存 2023-02-12
"result" => "failed",
"code" => 206,
"message" => $handle->error,
"memory" => getDistUsed(memory_get_peak_usage()), // 占用内存 2023-02-12
// 'log' => $handle->log, // 仅用作调试用
);
unset($handle);
@ -202,9 +202,9 @@ if ($handle->uploaded) {
@write_upload_logs($pathIMG, $handle->file_src_name, $handle->file_dst_pathname, $handle->file_src_size, $tokenID);
// 鉴黄
@process_checkImg($processUrl);
// 水印
// 水印
@water($handle->file_dst_pathname);
// 压缩
// 压缩
@process_compress($handle->file_dst_pathname);
} else { // 普通模式
// 记录同IP上传次数

47
application/upload.php
View File

@ -9,9 +9,9 @@ require __DIR__ . '/class.upload.php';
if ($config['mustLogin']) {
if (!is_who_login('status')) {
exit(json_encode(array(
"result" => "failed",
"code" => 401,
"message" => "本站已开启登陆上传,您尚未登陆",
"result" => "failed",
"code" => 401,
"message" => "本站已开启登陆上传,您尚未登陆",
)));
}
}
@ -20,21 +20,30 @@ if ($config['mustLogin']) {
if (empty($_FILES['file'])) {
exit(json_encode(
array(
"result" => "failed",
"code" => 204,
"message" => "没有选择上传的文件",
"result" => "failed",
"code" => 204,
"message" => "没有选择上传的文件",
)
));
}
// sign
if (empty($_POST['sign']) || $_POST['sign'] !== md5($config['password'] . date('YmdH'))) {
exit(json_encode(array(
"result" => "failed",
"code" => 403,
"message" => "签名错误,请刷新重试",
)));
}
// 黑/白IP名单上传
if ($config['check_ip']) {
if (checkIP(null, $config['check_ip_list'], $config['check_ip_model'])) {
// 上传错误 code:403 未授权IP
exit(json_encode(array(
"result" => "failed",
"code" => 403,
"message" => "黑名单内或白名单外用户不允许上传",
"result" => "failed",
"code" => 403,
"message" => "黑名单内或白名单外用户不允许上传",
)));
}
}
@ -182,12 +191,12 @@ if ($handle->uploaded) {
// 上传成功后返回json数据
$reJson = array(
"result" => "success",
"code" => 200,
"url" => $imageUrl,
"srcName" => $handle->file_src_name_body,
"thumb" => $handleThumb,
"del" => $delUrl,
"result" => "success",
"code" => 200,
"url" => $imageUrl,
"srcName" => $handle->file_src_name_body,
"thumb" => $handleThumb,
"del" => $delUrl,
// "memory" => getDistUsed(memory_get_peak_usage()), // 占用内存 2023-02-12
);
echo json_encode($reJson);
@ -195,10 +204,10 @@ if ($handle->uploaded) {
} else {
// 上传错误 code:206 客户端文件有问题
$reJson = array(
"result" => "failed",
"code" => 206,
"message" => $handle->error,
"memory" => getDistUsed(memory_get_peak_usage()), // 占用内存 2023-02-12
"result" => "failed",
"code" => 206,
"message" => $handle->error,
"memory" => getDistUsed(memory_get_peak_usage()), // 占用内存 2023-02-12
// 'log' => $handle->log, // 仅用作调试用
);
unset($handle);

2
application/viewlog.php
View File

@ -9,7 +9,7 @@ require_once __DIR__ . '/function.php';
// 非管理员不可访问!
if (!is_who_login('admin')) exit('Permission denied');
// 禁止直接访问
if (empty($_REQUEST['pass']) || $_REQUEST['pass'] !== md5($config['password'] . date('ymdh'))) exit('Authentication error!');
if (empty($_REQUEST['sign']) || $_REQUEST['sign'] !== md5($config['password'] . date('ymdh'))) exit('Authentication error!');
// 登录日志
if (isset($_GET['login_log'])) {

5
docs/update.md
View File

@ -1,4 +1,7 @@
* 2023-03-05 v2.7.7 dev
* 2023-03-06 v2.7.8
- 增加前端上传签名
* 2023-03-05 v2.7.7
- 增加登录日志
- 修复备用文件管理登录失效

4
index.php
View File

@ -128,6 +128,10 @@ mustLogin();
flash_swf_url: '<?php static_cdn(); ?>/public/static/zui/lib/uploader/Moxie.swf',
// silverlight 上传组件地址
flash_swf_url: '<?php static_cdn(); ?>/public/static/zui/lib/uploader/Moxie.xap',
// sign
multipart_params: {
'sign': '<?php echo md5($config['password'] . date('YmdH')); ?>', // new Date().format("YYYYMMddhh")
},
// 预览图尺寸
previewImageSize: {
'width': 80,