From ab3b24207e9886f21708ced9c16805a4c35bd517 Mon Sep 17 00:00:00 2001 From: DiscuzX <153619335@qq.com> Date: Wed, 10 Mar 2021 20:58:40 +0800 Subject: [PATCH] =?UTF-8?q?=E9=81=BF=E5=85=8Dsiteurl=E4=BC=AA=E9=80=A0?= =?UTF-8?q?=E8=A2=AB=E7=BC=93=E5=AD=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- upload/source/function/function_core.php | 6 +++++- upload/source/function/function_forumlist.php | 11 +++++++++++ upload/source/module/forum/forum_index.php | 7 ------- upload/source/module/forum/forum_viewthread.php | 7 ------- 4 files changed, 16 insertions(+), 15 deletions(-) diff --git a/upload/source/function/function_core.php b/upload/source/function/function_core.php index bb7f5b5c4..9ea09b16f 100644 --- a/upload/source/function/function_core.php +++ b/upload/source/function/function_core.php @@ -1065,8 +1065,12 @@ function output() { if($fp = @fopen(CACHE_FILE, 'w')) { flock($fp, LOCK_EX); $content = empty($content) ? ob_get_contents() : $content; - $temp_formhash = substr(md5(substr($_G['timestamp'], 0, -3).substr($_G['config']['security']['authkey'], 3, -3)), 8, 8); + $temp_md5 = md5(substr($_G['timestamp'], 0, -3).substr($_G['config']['security']['authkey'], 3, -3)); + $temp_formhash = substr($temp_md5, 8, 8); $content = preg_replace('/(name=[\'|\"]formhash[\'|\"] value=[\'\"]|formhash=)('.constant("FORMHASH").')/ismU', '${1}'.$temp_formhash, $content); + //避免siteurl伪造被缓存 + $temp_siteurl = 'siteurl_'.substr($temp_md5, 16, 8); + $content = preg_replace('/("|\')('.preg_quote($_G['siteurl'], '/').')/ismU', '${1}'.$temp_siteurl, $content); fwrite($fp, empty($content) ? ob_get_contents() : $content); } @fclose($fp); diff --git a/upload/source/function/function_forumlist.php b/upload/source/function/function_forumlist.php index 2e478bdc0..19ebe48c8 100644 --- a/upload/source/function/function_forumlist.php +++ b/upload/source/function/function_forumlist.php @@ -179,6 +179,17 @@ function getcacheinfo($tid) { return $cache; } +function replace_formhash($timestamp, $input) { + global $_G; + $temp_md5 = md5(substr($timestamp, 0, -3).substr($_G['config']['security']['authkey'], 3, -3)); + $temp_formhash = substr($temp_md5, 8, 8); + $input = preg_replace('/(name=[\'|\"]formhash[\'|\"] value=[\'\"]|formhash=)'.$temp_formhash.'/ismU', '${1}'.constant("FORMHASH"), $input); + //避免siteurl伪造被缓存 + $temp_siteurl = 'siteurl_'.substr($temp_md5, 16, 8); + $input = preg_replace('/("|\')'.$temp_siteurl.'/ismU', '${1}'.$_G['siteurl'], $input); + return $input; +} + function recommendupdate($fid, &$modrecommend, $force = '', $position = 0) { global $_G; diff --git a/upload/source/module/forum/forum_index.php b/upload/source/module/forum/forum_index.php index 7e7273ef3..0aad04a7c 100644 --- a/upload/source/module/forum/forum_index.php +++ b/upload/source/module/forum/forum_index.php @@ -455,13 +455,6 @@ function get_index_announcements() { return $announcements; } -function replace_formhash($timestamp, $input) { - global $_G; - $temp_formhash = substr(md5(substr($timestamp, 0, -3).substr($_G['config']['security']['authkey'], 3, -3)), 8, 8); - $formhash = constant("FORMHASH"); - return preg_replace('/(name=[\'|\"]formhash[\'|\"] value=[\'\"]|formhash=)'.$temp_formhash.'/ismU', '${1}'.$formhash, $input); -} - function get_index_page_guest_cache() { global $_G; $indexcache = getcacheinfo(0); diff --git a/upload/source/module/forum/forum_viewthread.php b/upload/source/module/forum/forum_viewthread.php index e68e2c265..d160ab6dd 100644 --- a/upload/source/module/forum/forum_viewthread.php +++ b/upload/source/module/forum/forum_viewthread.php @@ -1274,13 +1274,6 @@ function viewthread_procpost($post, $lastvisit, $ordertype, $maxposition = 0) { return $post; } -function replace_formhash($timestamp, $input) { - global $_G; - $temp_formhash = substr(md5(substr($timestamp, 0, -3).substr($_G['config']['security']['authkey'], 3, -3)), 8, 8); - $formhash = constant("FORMHASH"); - return preg_replace('/(name=[\'|\"]formhash[\'|\"] value=[\'\"]|formhash=)'.$temp_formhash.'/ismU', '${1}'.$formhash, $input); -} - function viewthread_loadcache() { global $_G; $_G['thread']['livedays'] = ceil((TIMESTAMP - $_G['thread']['dateline']) / 86400); // 本贴子存在了多少天,最少是1天 -- Gitee