php防dedecms附件式文件在线管理系统

作者:袖梨 2022-06-24

  使用方法:
     1。先在根目录建立uploadfile目录
     2。“值”与“图”:这是用于将此图片传到父窗口的。值,传的是文件名,可用于input;图,传的是图片,用于编辑器。在使用此功能时,先将“值”前面的文本框填写父窗口的ID值。我在用层弹出本程序时可正常赋值。
     3。可多个文件上传,如果目标目录有相同的文件,则重命名为“文件名(n).jpg",和FCKeditor一样的命名方式
  测试环境:apache2.2.14 + PHP5.3 + windowswww.111com.net
*/

 代码如下 复制代码

header("Content-type: text/html; charset=UTF-8");
define("ROOT",str_ireplace('/waityou/'.basename(__FILE__),'',str_ireplace("","/",__FILE__)));
define("UploadFolder","/uploadfile/");//上传根目录
define("_d",$_SERVER['DOCUMENT_ROOT']);
define("AllowUploadType","gif|jpg|png|txt|doc|xls|ppt|pdf|rar|zip|7z|chm|mp3|mp4|mpg|mpeg|flv|swf");//允许上传的类型
define("MaxUploadSize",@ini_get('upload_max_filesize'));


$act = empty($_GET['act'])?'':$_GET['act'];

if($act == ""){
   html_header();
}elseif($act == 'left'){
   left();
}elseif($act == 'right'){
   if(!empty($_POST['upfolder'])) {
     upload_file();exit;
   }

   $dir = empty($_GET['folder'])?'':$_GET['folder'];
   if($dir == ''){
      right(UploadFolder);
   }else{
     $del_file = empty($_GET['del_file'])?'':$_GET['del_file'];
     if($del_file == '') {
        open_folder($dir);
     }else{
        delete_file($del_file);
     }
   }
}

 

 

 

 代码如下 复制代码

function html_header(){
   echo '
   
    
     
      
      
      
      
      
     
     
     


       

       
     

';
}

function html_footer(){
   echo '';
}

function left() {
   $yearpath = UploadFolder.date('Y').'/';
   if(!is_dir(_d.$yearpath)) @mkdir(_d.$yearpath);
   $m=0;
   function folder_tree($dir) {
     $i = 0;
     global $m;
     $m++;
     if(is_dir($dir)) {
        $files = scandir($dir);
        foreach ($files as $file)  {
           $i++;
           $currentfile = $dir .'/'. $file;
           $currentfile = str_replace("//","/",$currentfile);
           $last_dir = "";
           $prefix = '';         
           if (is_dir($currentfile)) {
             if ($file != '.' && $file != '..') {
                $minus_count = substr_count(strstr($currentfile,UploadFolder), '/');
                if($minus_count <=0 ){
                  $prefix = '';
                }elseif($minus_count ==1){
                  $prefix = '├';
                }elseif($minus_count ==2) {
                  $prefix = '├→';
                }elseif($minus_count ==3) {
                  $prefix = '├—→→';
                }else{
                  $prefix = '---';
                }
                $last_dir .= $prefix."javascript教程:OpenFolder('" . substr($currentfile,strlen(_d)-1) . "/')">". substr(substr($currentfile, strrpos($currentfile, '/')),1) . "
";
                echo $last_dir;
                folder_tree($currentfile);$m--;
            }
           }
        }
     }
   }
   //global UploadFolder;

 

 

   
  

 

 代码如下 复制代码

echo "

";
   echo '根目录
';
   folder_tree($_SERVER['DOCUMENT_ROOT'].'uploadfile/');
   echo "
";

   echo '
      ';

}

function right($dir) {
   header("Content-type: text/html; charset=UTF-8");
   echo '';
   echo '

';
   $dir  = _d.$dir;
   $dir  = str_replace("//","/",$dir);
   $_dir = UploadFolder;
   if(is_dir($dir)) {
      $arr   = array();
      $files = scandir($dir);
      foreach($files as $file){
        if(is_file($dir.'/'.$file)){
           $arr[] = iconv('gbk','utf-8',$file);
        }
      }
      asort($arr);
      $_dir = strstr($dir,UploadFolder);
      $i    = 0;
      foreach($arr as $a) {
         $i++;
         $abpath = str_replace('//','/',$_dir.'/'.$a);
         echo '';
         echo '';
         echo '';
         echo '';
      }
   }
   echo '
';
         echo ''.$a.'';
         echo '
<>';
         echo '
';
         echo '删除
';
   echo '';
   echo '

         
           
             
               
               
             
           
           
             
               
             
             
               
             
             
               
             
           
         
添加上传文件

                   
                     
                   
                   
                 
序号文件路径操作
温馨提示:最多可同时上传共 '.MaxUploadSize.' 文件。

                     
                 
                 
               
';
   echo '
';

   echo '';
}


function delete_file($file){
   if(substr_count(strtolower($file),UploadFolder)<1){
     echo 'access denied!';exit;
   }

   $dir  = dirname($file);

   $file = mb_convert_encoding (($file),'gbk','utf-8');
   if(!(@unlink(_d.$file))) echo($file.'删除失败!');
   open_folder($dir);
}

function open_folder($dir){
   if(substr($dir,-1,1) != '/') $dir .= '/';
   if(substr_count(strtolower($dir),UploadFolder)<1){
      echo 'access denied!';exit;
   }
   $dir = str_ireplace("","/",$dir);
   $dir = str_ireplace("//","/",$dir);
   right($dir);
}

function upload_file(){
   set_time_limit(0);
   $maxsize = MaxUploadSize;
   if (!is_numeric($maxsize)) {
     if (strpos($maxsize, 'M') !== false)
         $maxsize = intval($maxsize)*1024*1024;
     elseif (strpos($maxsize, 'K') !== false)
         $maxsize = intval($maxsize)*1024;
     elseif (strpos($maxsize, 'G') !== false)
         $maxsize = intval($maxsize)*1024*1024*1024;
   }
   $allowExt   = explode("|",AllowUploadType);
   $oFolder    = $_POST['upfolder'];
   $sErrorMsg  = '' ;
   foreach ($_FILES["upfile"]['name'] as $key => $error) {
      $sFileName = '' ;
      if(!empty($_FILES['upfile']['name'][$key]) && !empty($_FILES['upfile']['tmp_name'][$key])) {
         $sFileName  = $_FILES['upfile']['name'][$key] ;
         $sFileName  = iconv('utf-8','gbk',$sFileName) ;
         $sFileTmp   = $_FILES['upfile']['tmp_name'][$key];
         $sFileSize  = $_FILES['upfile']['size'][$key] ;

         $sFilePath  = _d.$oFolder . $sFileName ;

 

 

 

        

 代码如下 复制代码

$sFilePath  = str_replace('//','/',$sFilePath);
         $sFile      = substr( $sFileName, 0, strrpos( $sFileName, '.' ) )  ;
         $sExtension = strtolower(substr( $sFileName, ( strrpos($sFileName, '.') + 1 ) )) ;

         if(in_array($sExtension, $allowExt)) {
            $iCounter = 0 ;
            while ( true )   {
               $sFilePath = _d.$oFolder. $sFileName ;
               if(is_file( $sFilePath )) {
                  $iCounter++ ;
                  $sFileName = $sFile. '(' . $iCounter . ').' . $sExtension ;
               }else{
                  if($sFileSize > $maxsize) {
                     $sErrorMsg .= '文件:'.$sFileName.'('.$sFileSize.')超过最大上传尺寸'.$maxsize.'! ';
                     break;
                  }else{
                     if(is_uploaded_file($sFileTmp)) {
                        if(!@move_uploaded_file($sFileTmp, $sFilePath)) $sErrorMsg .= '无法移动文件:'.$sFileName.'! ' ;
                     }else{
                        $sErrorMsg .= '文件:'.$sFileName.'非正常上传! ';
                        break;
                     }
                  }
                  if ( is_file( $sFilePath ) ) {
                     $oldumask = umask(0) ;
                     @chmod( $sFilePath, 0777 ) ;
                     umask( $oldumask ) ;
                  }
                  break ;
               }
            }

            if ( file_exists( $sFilePath ) ) {
              if ( DetectHtml( $sFilePath ) === true )    {
                 @unlink( $sFilePath ) ;
              }
            }
         }
      }
   }
   header("location:?act=right&folder=".$oFolder);
}

function DetectHtml( $filePath ){
 $fp = @fopen( $filePath, 'rb' ) ;

 if ( $fp === false || !flock( $fp, LOCK_SH ) ) {
  return -1 ;
 }

 $chunk = fread( $fp, 1024 ) ;
 flock( $fp, LOCK_UN ) ;
 fclose( $fp ) ;

 $chunk = strtolower( $chunk ) ;

 if (!$chunk) {
  return false ;
 }

 $chunk = trim( $chunk ) ;

 if ( preg_match( "/   return true;
 }

 $tags = array( '

 foreach( $tags as $tag ) {
  if( false !== strpos( $chunk, $tag ) )  {
   return true ;
  }
 }

 if ( preg_match( '!types*=s*['"]?s*(?:w*/)?(?:ecma|java)!sim', $chunk ) ) {
  return true ;
 }

 if ( preg_match( '!(?:href|src|data)s*=s*['"]?s*(?:ecma|java)script:!sim', $chunk ) ) {
  return true ;
 }

 if ( preg_match( '!urls*(s*['"]?s*(?:ecma|java)script:!sim', $chunk ) ) {
  return true ;
 }

 return false ;
}

相关文章

精彩推荐