diff --git a/upload/source/function/function_core.php b/upload/source/function/function_core.php index bb7f5b5c4eabc414aadc1bfa77338f6eb96d6e13..9ea09b16f8a37975e428bbef0dd9e316fd0190fa 100644 --- a/upload/source/function/function_core.php +++ b/upload/source/function/function_core.php @@ -1065,8 +1065,12 @@ function output() { if($fp = @fopen(CACHE_FILE, 'w')) { flock($fp, LOCK_EX); $content = empty($content) ? ob_get_contents() : $content; - $temp_formhash = substr(md5(substr($_G['timestamp'], 0, -3).substr($_G['config']['security']['authkey'], 3, -3)), 8, 8); + $temp_md5 = md5(substr($_G['timestamp'], 0, -3).substr($_G['config']['security']['authkey'], 3, -3)); + $temp_formhash = substr($temp_md5, 8, 8); $content = preg_replace('/(name=[\'|\"]formhash[\'|\"] value=[\'\"]|formhash=)('.constant("FORMHASH").')/ismU', '${1}'.$temp_formhash, $content); + //避免siteurl伪造被缓存 + $temp_siteurl = 'siteurl_'.substr($temp_md5, 16, 8); + $content = preg_replace('/("|\')('.preg_quote($_G['siteurl'], '/').')/ismU', '${1}'.$temp_siteurl, $content); fwrite($fp, empty($content) ? ob_get_contents() : $content); } @fclose($fp); diff --git a/upload/source/function/function_forumlist.php b/upload/source/function/function_forumlist.php index 2e478bdc0f8e1c3aa9fafedecf524907bf3be2c5..19ebe48c839c90f052c01fb46a1ba81765273c88 100644 --- a/upload/source/function/function_forumlist.php +++ b/upload/source/function/function_forumlist.php @@ -179,6 +179,17 @@ function getcacheinfo($tid) { return $cache; } +function replace_formhash($timestamp, $input) { + global $_G; + $temp_md5 = md5(substr($timestamp, 0, -3).substr($_G['config']['security']['authkey'], 3, -3)); + $temp_formhash = substr($temp_md5, 8, 8); + $input = preg_replace('/(name=[\'|\"]formhash[\'|\"] value=[\'\"]|formhash=)'.$temp_formhash.'/ismU', '${1}'.constant("FORMHASH"), $input); + //避免siteurl伪造被缓存 + $temp_siteurl = 'siteurl_'.substr($temp_md5, 16, 8); + $input = preg_replace('/("|\')'.$temp_siteurl.'/ismU', '${1}'.$_G['siteurl'], $input); + return $input; +} + function recommendupdate($fid, &$modrecommend, $force = '', $position = 0) { global $_G; diff --git a/upload/source/module/forum/forum_index.php b/upload/source/module/forum/forum_index.php index 7e7273ef3640cf6afca573b9d605bd79209b1e09..0aad04a7cc45bbe934d4f542c36f29a9a72a6a88 100644 --- a/upload/source/module/forum/forum_index.php +++ b/upload/source/module/forum/forum_index.php @@ -455,13 +455,6 @@ function get_index_announcements() { return $announcements; } -function replace_formhash($timestamp, $input) { - global $_G; - $temp_formhash = substr(md5(substr($timestamp, 0, -3).substr($_G['config']['security']['authkey'], 3, -3)), 8, 8); - $formhash = constant("FORMHASH"); - return preg_replace('/(name=[\'|\"]formhash[\'|\"] value=[\'\"]|formhash=)'.$temp_formhash.'/ismU', '${1}'.$formhash, $input); -} - function get_index_page_guest_cache() { global $_G; $indexcache = getcacheinfo(0); diff --git a/upload/source/module/forum/forum_viewthread.php b/upload/source/module/forum/forum_viewthread.php index e68e2c265658e372826087da02a6c51be3636753..d160ab6dd35d143fb879bbc4b9f86c5b6fffb1ea 100644 --- a/upload/source/module/forum/forum_viewthread.php +++ b/upload/source/module/forum/forum_viewthread.php @@ -1274,13 +1274,6 @@ function viewthread_procpost($post, $lastvisit, $ordertype, $maxposition = 0) { return $post; } -function replace_formhash($timestamp, $input) { - global $_G; - $temp_formhash = substr(md5(substr($timestamp, 0, -3).substr($_G['config']['security']['authkey'], 3, -3)), 8, 8); - $formhash = constant("FORMHASH"); - return preg_replace('/(name=[\'|\"]formhash[\'|\"] value=[\'\"]|formhash=)'.$temp_formhash.'/ismU', '${1}'.$formhash, $input); -} - function viewthread_loadcache() { global $_G; $_G['thread']['livedays'] = ceil((TIMESTAMP - $_G['thread']['dateline']) / 86400); // 本贴子存在了多少天,最少是1天