此补丁来自PHPwind官方商业用户补丁,涉及版本 PHPwind7.5 ,主要用于安全修复。
1、打开:admin/setforum.php
查找:
$db_uploadfiletype = !empty($db_uploadfiletype) ? (is_array($db_uploadfiletype) ? $db_uploadfiletype : unserialize($db_uploadfiletype)) : array();
修改为:
$db_uploadfiletype = array(
'gif' => 2048, 'jpg' => 2048,
'jpeg' => 2048, 'bmp' => 2048,
'png' => 2048
);
------------------------------------------------------------
2、打开:pw_ajax.php
查找:} elseif ($action == 'pcdelimg') {
将此$aciton 中的内容替换如下:
InitGP(array('fieldname','pctype'));
InitGP(array('tid','id'),GP,2);
if (!$tid || !$id || !$fieldname || !$pctype) {
echo 'fail';ajax_footer();
}
$id = (int)$id;
if ($pctype == 'topic') {
$tablename = GetTopcitable($id);
} elseif ($pctype == 'postcate') {
$tablename = GetPcatetable($id);
}
$fieldname = $db->get_value("SELECT fieldname FROM pw_pcfield WHERE fieldname=" . pwEscape($fieldname));
if (!$fieldname || !$tablename) {
echo 'fail';ajax_footer();
}
$path = $db->get_value("SELECT $fieldname FROM $tablename WHERE tid=". pwEscape($tid));
if (strpos($path,'..') !== false) {
echo 'fail';ajax_footer();
}
$lastpos = strrpos($path,'/') + 1;
$s_path = substr($path, 0, $lastpos) . 's_' . substr($path, $lastpos);
if (!file_exists("$attachpath/$path")) {
if (pwFtpNew($ftp,$db_ifftp)) {
$ftp->delete($path);
$ftp->delete($s_path);
pwFtpClose($ftp);
}
} else {
P_unlink("$attachdir/$path");
if (file_exists("$attachdir/$s_path")) {
P_unlink("$attachdir/$s_path");
}
}
$db->update("UPDATE $tablename SET $fieldname='' WHERE tid=". pwEscape($tid));
echo 'success';
ajax_footer();
------------------------------------------------------------
3、打开:api/class_Other.php
查找:foreach ($classdb as $key => $class) {
在下面添加:
$class['cid'] = intval($class['cid']);