From ebb8ba3b235a518d3db242a7921dbc8b0d369503 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=80=81=E5=91=A8=E9=83=A8=E8=90=BD?= Date: Wed, 24 Nov 2021 14:58:51 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=20=E7=B4=AF=E7=A7=AF?= =?UTF-8?q?=E5=AE=89=E5=85=A8=E6=80=A7=E6=9B=B4=E6=96=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- upload/api/db/dbbak.php | 13 ++++----- upload/config/config_global_default.php | 2 ++ upload/install/include/install_mysqli.php | 15 +++++----- upload/source/admincp/admincp_setting.php | 6 ++++ .../class/discuz/discuz_application.php | 28 +++++++++++-------- upload/source/language/lang_admincp_msg.php | 1 + upload/uc_client/lib/dbi.class.php | 15 +++++----- upload/uc_server/api/dbbak.php | 13 ++++----- upload/uc_server/install/dbi.class.php | 14 ++++------ upload/uc_server/lib/dbi.class.php | 15 +++++----- utility/restore.php | 14 ++++------ 11 files changed, 68 insertions(+), 68 deletions(-) diff --git a/upload/api/db/dbbak.php b/upload/api/db/dbbak.php index 4960cb02e..3ac052aef 100644 --- a/upload/api/db/dbbak.php +++ b/upload/api/db/dbbak.php @@ -218,16 +218,13 @@ class dbstuffi { $this->halt('Can not connect to MySQL server'); } - if($this->version() > '4.1') { - if($dbcharset) { - $this->link->set_charset($dbcharset); - } - - if($this->version() > '5.0.1') { - $this->query("SET sql_mode=''"); - } + if($dbcharset) { + $this->link->set_charset($dbcharset); } + $this->link->query("SET sql_mode=''"); + + $this->link->query("SET character_set_client=binary"); } diff --git a/upload/config/config_global_default.php b/upload/config/config_global_default.php index 7b97da8a8..705c233ce 100644 --- a/upload/config/config_global_default.php +++ b/upload/config/config_global_default.php @@ -9,6 +9,8 @@ $_config = array(); +// 提示:自当前版本起,本文件不支持调用系统内任何变量或函数,请依赖此行为的站点修正实现 // + // ---------------------------- CONFIG DB ----------------------------- // // ---------------------------- 数据库相关设置---------------------------- // diff --git a/upload/install/include/install_mysqli.php b/upload/install/include/install_mysqli.php index 2a4c70bc6..084cec882 100644 --- a/upload/install/include/install_mysqli.php +++ b/upload/install/include/install_mysqli.php @@ -26,15 +26,14 @@ class dbstuff { $this->halt('Can not connect to MySQL server'); } - if($this->version() > '4.1') { - if($dbcharset) { - $this->link->set_charset($dbcharset); - } - - if($this->version() > '5.0.1') { - $this->query("SET sql_mode=''"); - } + if($dbcharset) { + $this->link->set_charset($dbcharset); } + + $this->link->query("SET sql_mode=''"); + + $this->link->query("SET character_set_client=binary"); + } function fetch_array($query, $result_type = MYSQLI_ASSOC) { diff --git a/upload/source/admincp/admincp_setting.php b/upload/source/admincp/admincp_setting.php index 52008166f..a32cbec1e 100644 --- a/upload/source/admincp/admincp_setting.php +++ b/upload/source/admincp/admincp_setting.php @@ -2660,6 +2660,10 @@ EOT; cpmsg('uc_config_appid_error', '', 'error'); } + if(!empty($settingnew['uc']['ip']) && !filter_var($settingnew['uc']['ip'], FILTER_VALIDATE_IP)) { + cpmsg('uc_config_ip_error', '', 'error'); + } + if(function_exists("mysql_connect") && ini_get("mysql.allow_local_infile")=="1" && constant("UC_DBHOST") != $settingnew['uc']['dbhost']){ cpmsg('uc_config_load_data_local_infile_error', '', 'error'); } @@ -2677,6 +2681,8 @@ EOT; } } + $settingnew['uc']['api'] = str_replace(array('\'', '"', '\\', "\0", "\n", "\r"), '', $settingnew['uc']['api']); + $fp = fopen('./config/config_ucenter.php', 'r'); $configfile = fread($fp, filesize('./config/config_ucenter.php')); $configfile = trim($configfile); diff --git a/upload/source/class/discuz/discuz_application.php b/upload/source/class/discuz/discuz_application.php index 4f871b6c8..28f58e0cb 100644 --- a/upload/source/class/discuz/discuz_application.php +++ b/upload/source/class/discuz/discuz_application.php @@ -54,6 +54,7 @@ class discuz_application extends discuz_base{ } public function __construct() { + $this->_init_cnf(); $this->_init_env(); $this->_init_config(); $this->_init_input(); @@ -135,7 +136,7 @@ class discuz_application extends discuz_base{ 'pluginrunlist' => !defined('PLUGINRUNLIST') ? array() : explode(',', PLUGINRUNLIST), - 'config' => array(), + 'config' => & $this->config, 'setting' => array(), 'member' => array(), 'group' => array(), @@ -275,7 +276,7 @@ class discuz_application extends discuz_base{ } - private function _init_config() { + private function _init_cnf() {// 新增本方法用于预先加载配置文件,便于在初始化环境时通过$this->config使用配置文件内选项控制初始化流程 $_config = array(); @include DISCUZ_ROOT.'./config/config_global.php'; @@ -288,30 +289,33 @@ class discuz_application extends discuz_base{ } } - if(empty($_config['security']['authkey'])) { - $_config['security']['authkey'] = md5($_config['cookie']['cookiepre'].$_config['db'][1]['dbname']); + $this->config = & $_config; + + } + + private function _init_config() {// 原有的基于配置文件设置站点的方法保留原方法名,改为使用$this->var['config']对config进行读写 + + if(empty($this->var['config']['security']['authkey'])) { + $this->var['config']['security']['authkey'] = md5($this->var['config']['cookie']['cookiepre'].$this->var['config']['db'][1]['dbname']); } - if(empty($_config['debug']) || !file_exists(libfile('function/debug'))) { + if(empty($this->var['config']['debug']) || !file_exists(libfile('function/debug'))) { define('DISCUZ_DEBUG', false); error_reporting(0); - } elseif($_config['debug'] === 1 || $_config['debug'] === 2 || !empty($_REQUEST['debug']) && $_REQUEST['debug'] === $_config['debug']) { + } elseif($this->var['config']['debug'] === 1 || $this->var['config']['debug'] === 2 || !empty($_REQUEST['debug']) && $_REQUEST['debug'] === $this->var['config']['debug']) { define('DISCUZ_DEBUG', true); error_reporting(E_ERROR); - if($_config['debug'] === 2) { + if($this->var['config']['debug'] === 2) { error_reporting(E_ALL); } } else { define('DISCUZ_DEBUG', false); error_reporting(0); } - define('STATICURL', !empty($_config['output']['staticurl']) ? $_config['output']['staticurl'] : 'static/'); + define('STATICURL', !empty($this->var['config']['output']['staticurl']) ? $this->var['config']['output']['staticurl'] : 'static/'); $this->var['staticurl'] = STATICURL; - $this->config = & $_config; - $this->var['config'] = & $_config; - - if(substr($_config['cookie']['cookiepath'], 0, 1) != '/') { + if(substr($this->var['config']['cookie']['cookiepath'], 0, 1) != '/') { $this->var['config']['cookie']['cookiepath'] = '/'.$this->var['config']['cookie']['cookiepath']; } $this->var['config']['cookie']['cookiepre'] = $this->var['config']['cookie']['cookiepre'].substr(md5($this->var['config']['cookie']['cookiepath'].'|'.$this->var['config']['cookie']['cookiedomain']), 0, 4).'_'; diff --git a/upload/source/language/lang_admincp_msg.php b/upload/source/language/lang_admincp_msg.php index 681536954..7254ee2e2 100644 --- a/upload/source/language/lang_admincp_msg.php +++ b/upload/source/language/lang_admincp_msg.php @@ -469,6 +469,7 @@ $lang = array ( 'uc_database_connect_error' => '连接用户中心数据库服务器失败检查设置', 'uc_config_write_error' => '配置文件写入失败,请检查设置', 'uc_config_appid_error' => 'UCenter 应用 ID 必须为数字,请检查设置', + 'uc_config_ip_error' => 'UCenter IP 地址必须为合法的 IP 地址,请检查设置', 'uc_config_load_data_local_infile_error' => '服务器开启了 MySQL LOAD DATA LOCAL IN FILE 功能,为避免可能发生的安全威胁,不允许在线编辑 UCenter 数据库服务器地址,如需修改请编辑 config/config_ucenter.php 内 UC_DBHOST 常量', 'setting_ipaccess_invalid' => '操作错误!您必须将自己的 IP 加入到允许访问站点的 IP 列表中', 'setting_adminipaccess_invalid' => '操作错误!您必须将自己的 IP 加入到允许访问后台的 IP 列表中', diff --git a/upload/uc_client/lib/dbi.class.php b/upload/uc_client/lib/dbi.class.php index 56b684f7e..e38175ef7 100644 --- a/upload/uc_client/lib/dbi.class.php +++ b/upload/uc_client/lib/dbi.class.php @@ -39,15 +39,14 @@ class ucclient_db { $this->link->options(MYSQLI_OPT_LOCAL_INFILE, false); - if($this->version() > '4.1') { - if($dbcharset) { - $this->link->set_charset($dbcharset); - } - - if($this->version() > '5.0.1') { - $this->link->query("SET sql_mode=''"); - } + if($dbcharset) { + $this->link->set_charset($dbcharset); } + + $this->link->query("SET sql_mode=''"); + + $this->link->query("SET character_set_client=binary"); + } function fetch_array($query, $result_type = MYSQLI_ASSOC) { diff --git a/upload/uc_server/api/dbbak.php b/upload/uc_server/api/dbbak.php index ff41add98..50ec0a5cc 100644 --- a/upload/uc_server/api/dbbak.php +++ b/upload/uc_server/api/dbbak.php @@ -215,16 +215,13 @@ class dbstuffi { $this->halt('Can not connect to MySQL server'); } - if($this->version() > '4.1') { - if($dbcharset) { - $this->link->set_charset($dbcharset); - } - - if($this->version() > '5.0.1') { - $this->query("SET sql_mode=''"); - } + if($dbcharset) { + $this->link->set_charset($dbcharset); } + $this->link->query("SET sql_mode=''"); + + $this->link->query("SET character_set_client=binary"); } diff --git a/upload/uc_server/install/dbi.class.php b/upload/uc_server/install/dbi.class.php index 403065f51..fe0a4741d 100644 --- a/upload/uc_server/install/dbi.class.php +++ b/upload/uc_server/install/dbi.class.php @@ -26,16 +26,14 @@ class dbstuff { $this->halt('Can not connect to MySQL server'); } - if($this->version() > '4.1') { - if($dbcharset) { - $this->link->set_charset($dbcharset); - } - - if($this->version() > '5.0.1') { - $this->link->query("SET sql_mode=''"); - } + if($dbcharset) { + $this->link->set_charset($dbcharset); } + $this->link->query("SET sql_mode=''"); + + $this->link->query("SET character_set_client=binary"); + } function fetch_array($query, $result_type = MYSQLI_ASSOC) { diff --git a/upload/uc_server/lib/dbi.class.php b/upload/uc_server/lib/dbi.class.php index 9ef4c9bbc..513fafe7c 100644 --- a/upload/uc_server/lib/dbi.class.php +++ b/upload/uc_server/lib/dbi.class.php @@ -39,15 +39,14 @@ class ucserver_db { $this->link->options(MYSQLI_OPT_LOCAL_INFILE, false); - if($this->version() > '4.1') { - if($dbcharset) { - $this->link->set_charset($dbcharset); - } - - if($this->version() > '5.0.1') { - $this->link->query("SET sql_mode=''"); - } + if($dbcharset) { + $this->link->set_charset($dbcharset); } + + $this->link->query("SET sql_mode=''"); + + $this->link->query("SET character_set_client=binary"); + } function fetch_array($query, $result_type = MYSQLI_ASSOC) { diff --git a/utility/restore.php b/utility/restore.php index fc1648257..39280a566 100644 --- a/utility/restore.php +++ b/utility/restore.php @@ -841,16 +841,14 @@ class dbstuffi { return FALSE; } - if($this->version() > '4.1') { - if($dbcharset) { - $this->link->set_charset($dbcharset); - } - - if($this->version() > '5.0.1') { - $this->query("SET sql_mode=''"); - } + if($dbcharset) { + $this->link->set_charset($dbcharset); } + $this->link->query("SET sql_mode=''"); + + $this->link->query("SET character_set_client=binary"); + return TRUE; } -- Gitee