リビジョン | 1a3c9d91c1161ee97c41642266e8b66d931e4f9e (tree) |
---|---|
日時 | 2017-01-12 23:06:24 |
作者 | Keishi Tanaka <kc@hoku...> |
コミッター | Keishi Tanaka |
Merge remote-tracking branch 'origin/master' into hotfix/dlexec
@@ -11,7 +11,7 @@ | ||
11 | 11 | // PukiWiki version / Copyright / Licence |
12 | 12 | |
13 | 13 | define('S_VERSION', '1.4.7'); |
14 | -define('QHM_VERSION', '6.0.5'); //絶対に編集しないで下さい | |
14 | +define('QHM_VERSION', '6.0.8'); //絶対に編集しないで下さい | |
15 | 15 | define('QHM_OPTIONS', 'update=download; support=false; banner=true'); |
16 | 16 | define('S_COPYRIGHT', |
17 | 17 | 'powered by <strong><a href="http://www.open-qhm.net/">QHM</a> ' . QHM_VERSION . '</strong> haik<br />' . |
@@ -15,7 +15,7 @@ | ||
15 | 15 | .cboxIframe{width:100%; height:100%; display:block; border:0; padding:0; margin:0;} |
16 | 16 | #colorbox, #cboxContent, #cboxLoadedContent{box-sizing:content-box; -moz-box-sizing:content-box; -webkit-box-sizing:content-box;} |
17 | 17 | |
18 | -/* | |
18 | +/* | |
19 | 19 | User Style: |
20 | 20 | Change the following styles to modify the appearance of Colorbox. They are |
21 | 21 | ordered & tabbed in a way that represents the nesting of the generated HTML. |
@@ -41,7 +41,7 @@ | ||
41 | 41 | |
42 | 42 | /* these elements are buttons, and may need to have additional styles reset to avoid unwanted base styles */ |
43 | 43 | #cboxPrevious, #cboxNext, #cboxSlideshow, #cboxClose {border:0; padding:0; margin:0; overflow:visible; width:auto; background:none; } |
44 | - | |
44 | + | |
45 | 45 | /* avoid outlines on :active (mouseclick), but preserve outlines on :focus (tabbed navigating) */ |
46 | 46 | #cboxPrevious:active, #cboxNext:active, #cboxSlideshow:active, #cboxClose:active {outline:0;} |
47 | 47 |
@@ -67,4 +67,10 @@ | ||
67 | 67 | .cboxIE #cboxMiddleLeft, |
68 | 68 | .cboxIE #cboxMiddleRight { |
69 | 69 | filter: progid:DXImageTransform.Microsoft.gradient(startColorstr=#00FFFFFF,endColorstr=#00FFFFFF); |
70 | -} | |
\ No newline at end of file | ||
70 | +} | |
71 | + | |
72 | +@media (max-width: 480px) { | |
73 | + #cboxCurrent{ | |
74 | + display: none !important; | |
75 | + } | |
76 | +} |
@@ -78,11 +78,11 @@ function plugin_comment2_action() | ||
78 | 78 | else{ |
79 | 79 | $vars['comment2_error'] = 'error!!!'; |
80 | 80 | } |
81 | - | |
81 | + | |
82 | 82 | $retvars['msg'] = $title; |
83 | 83 | $retvars['body'] = $body; |
84 | - | |
85 | - | |
84 | + | |
85 | + | |
86 | 86 | $vars['page'] = $vars['refer']; |
87 | 87 | |
88 | 88 | return $retvars; |
@@ -95,21 +95,21 @@ function plugin_comment2_convert() | ||
95 | 95 | static $comment2_cols = PLUGIN_COMMENT2_SIZE_MSG; |
96 | 96 | $qm = get_qm(); |
97 | 97 | $plugin_comment2_auth = true; |
98 | - | |
98 | + | |
99 | 99 | $s_msg = $s_name = ""; |
100 | - | |
100 | + | |
101 | 101 | if (PKWK_READONLY) return ''; // Show nothing |
102 | - | |
102 | + | |
103 | 103 | if (! isset($numbers[$vars['page']])) $numbers[$vars['page']] = 0; |
104 | 104 | $comment2_no = $numbers[$vars['page']]++; |
105 | - | |
105 | + | |
106 | 106 | $options = func_num_args() ? func_get_args() : array(); |
107 | 107 | |
108 | 108 | $nodate = in_array('nodate', $options) ? '1' : '0'; |
109 | 109 | $noupdate = in_array('noupdate', $options) ? '1' : '0'; |
110 | 110 | $above = in_array('above', $options) ? '1' : |
111 | - (in_array('below', $options) ? '0' : PLUGIN_COMMENT2_DIRECTION_DEFAULT); | |
112 | - | |
111 | + (in_array('below', $options) ? '0' : PLUGIN_COMMENT2_DIRECTION_DEFAULT); | |
112 | + | |
113 | 113 | $authcode = '' . rand(0,9) . rand(0,9) . rand(0,9) . rand(0,9); |
114 | 114 | $auth_label = '認証コード'; |
115 | 115 | $auth_error_alert = ''; |
@@ -118,11 +118,11 @@ function plugin_comment2_convert() | ||
118 | 118 | |
119 | 119 | if (in_array('textarea', $options)) |
120 | 120 | { |
121 | - $area = isset($options[1]) && is_numeric($options[1]) ? $options[1] : 6; | |
121 | + $area = isset($options[1]) && is_numeric($options[1]) ? $options[1] : 6; | |
122 | 122 | } |
123 | 123 | else |
124 | 124 | { |
125 | - $area = 0; | |
125 | + $area = 0; | |
126 | 126 | } |
127 | 127 | |
128 | 128 | $nametags = ''; |
@@ -231,7 +231,7 @@ function plugin_comment2_convert() | ||
231 | 231 | else |
232 | 232 | { |
233 | 233 | $input_area = $commenttags . '<input type="text" name="msg" class="form-control input-sm" id="_p_comment2_comment2_' |
234 | - .$comment2_no.'" size="'.$comment2_cols.'" value="'.$s_msg.'" />'; | |
234 | + .$comment2_no.'" size="'.$comment2_cols.'" value="'.$s_msg.'" />'; | |
235 | 235 | |
236 | 236 | $comment_form = ' |
237 | 237 | <div class="form-horizontal"> |
@@ -254,7 +254,7 @@ function plugin_comment2_convert() | ||
254 | 254 | <div class="form-group"> |
255 | 255 | <div class="col-md-10 col-md-offset-2"> |
256 | 256 | <div class="row"> |
257 | - <div class="col-md-6 col-xs-12 col-sm-7 pull-right"> | |
257 | + <div class="col-md-6 col-sm-7 col-sm-push-6"> | |
258 | 258 | <div class="form-inline"> |
259 | 259 | <div class="col-sm-12"> |
260 | 260 |
@@ -266,7 +266,7 @@ function plugin_comment2_convert() | ||
266 | 266 | </div> |
267 | 267 | </div> |
268 | 268 | </div> |
269 | - <div class="col-md-6 col-sm-5"> | |
269 | + <div class="col-md-6 col-sm-5 col-sm-pull-6"> | |
270 | 270 | <div class="form-group"> |
271 | 271 | <div class="col-sm-12"> |
272 | 272 | <input type="submit" name="comment2" class="btn btn-default btn-sm" value="'.$qm->m['plg_comment']['btn_comment'].'" style="margin-bottom:0;white-space:normal;"> |
@@ -284,10 +284,10 @@ function plugin_comment2_convert() | ||
284 | 284 | else |
285 | 285 | { |
286 | 286 | $authcode_msg = ' |
287 | - <span id="coment2_auth_msg_no_'.$comment2_no.'" style="font-size:11px;'.$auth_error_style.'"> | |
288 | - '.$auth_label.'('.$authcode.') | |
289 | - <input type="text" name="authcode" value="" size="4" /> | |
290 | - </span> | |
287 | + <span id="coment2_auth_msg_no_'.$comment2_no.'" style="font-size:11px;'.$auth_error_style.'"> | |
288 | + '.$auth_label.'('.$authcode.') | |
289 | + <input type="text" name="authcode" value="" size="4" /> | |
290 | + </span> | |
291 | 291 | '; |
292 | 292 | |
293 | 293 | if (in_array('noname', $options)) |
@@ -314,7 +314,7 @@ function plugin_comment2_convert() | ||
314 | 314 | $input_button = '<input type="submit" name="comment2" value="'.$qm->m['plg_comment']['btn_comment'].'" />'; |
315 | 315 | $comment_form = $nametags . $authcode_msg . $input_area .$input_button; |
316 | 316 | } |
317 | - | |
317 | + | |
318 | 318 | $script = get_script_uri(); |
319 | 319 | $s_page = htmlspecialchars($vars['page']); |
320 | 320 | $string = <<<EOD |
@@ -556,8 +556,19 @@ $(document).ready(function(){ | ||
556 | 556 | <link href="./plugin/colorbox/colorbox.css" rel="stylesheet" type="text/css" /> |
557 | 557 | <script type="text/javascript"> |
558 | 558 | $(function(){ |
559 | - $("a.colorbox").colorbox({opacity:0.5, current: "{current}/{total}"}); | |
560 | - $("a.colorbox_slideshow").colorbox({opacity:0.8, current: "{current}/{total}", slideshow: true}); | |
559 | + var options = { | |
560 | + opacity:0.5, | |
561 | + current: "{current}/{total}", | |
562 | + maxWidth: "100%", | |
563 | + maxHeight: "90%" | |
564 | + }; | |
565 | + var slideshowOptions = $.extend({}, options, { | |
566 | + opacity: 0.8, | |
567 | + slideshow: true | |
568 | + }); | |
569 | + | |
570 | + $("a.colorbox").colorbox(options); | |
571 | + $("a.colorbox_slideshow").colorbox(slideshowOptions); | |
561 | 572 | }); |
562 | 573 | </script> |
563 | 574 | '; |
@@ -547,6 +547,28 @@ if ( ! function_exists('get_qhm_option')) | ||
547 | 547 | } |
548 | 548 | } |
549 | 549 | |
550 | +if ( ! function_exists('get_extension_blacklist')) { | |
551 | + /* | |
552 | + * PHP, CGI, Pearl スクリプトはアップロード許可しない | |
553 | + */ | |
554 | + function get_extension_blacklist() | |
555 | + { | |
556 | + return array( | |
557 | + 'php', 'cgi', 'pl' | |
558 | + ); | |
559 | + } | |
560 | +} | |
561 | + | |
562 | +if ( ! function_exists('is_valid_file_for_upload')) { | |
563 | + /* | |
564 | + * アップロードしても良いファイルかどうか判別する | |
565 | + */ | |
566 | + function is_valid_file_for_upload($filename) | |
567 | + { | |
568 | + return ! in_array(pathinfo($filename, PATHINFO_EXTENSION), get_extension_blacklist()); | |
569 | + } | |
570 | +} | |
571 | + | |
550 | 572 | //-------------------------------- |
551 | 573 | //main |
552 | 574 | if ( isset($script) && $script != '') { |
@@ -0,0 +1,4 @@ | ||
1 | +# Prohibit direct access | |
2 | +<FilesMatch "\.(php[3457]?|pht|phtml|cgi|pl|exe|com)$"> | |
3 | + Deny from all | |
4 | +</FilesMatch> |
@@ -10,8 +10,21 @@ if (isset($_POST["PHPSESSID"])) { | ||
10 | 10 | } |
11 | 11 | session_start(); |
12 | 12 | |
13 | -if (!isset($_FILES["Filedata"]) | |
14 | - || !is_uploaded_file($_FILES["Filedata"]["tmp_name"]) | |
13 | +if ( ! isset($_SESSION['usr'])) { | |
14 | + header('HTTP/1.1 403 Forbidden'); | |
15 | + exit(0); | |
16 | +} | |
17 | + | |
18 | +$upload_name = $_FILES['Filedata']['name']; | |
19 | + | |
20 | +// ファイルをチェックする。スクリプトを実行可能なファイルは許可しない | |
21 | +if ( ! is_valid_file_for_upload($upload_name)) { | |
22 | + header('HTTP/1.1 400 Bad Request'); | |
23 | + exit(0); | |
24 | +} | |
25 | + | |
26 | +if (!isset($_FILES["Filedata"]) | |
27 | + || !is_uploaded_file($_FILES["Filedata"]["tmp_name"]) | |
15 | 28 | || $_FILES["Filedata"]["error"] != 0 |
16 | 29 | ) |
17 | 30 | { |
@@ -19,10 +32,8 @@ if (!isset($_FILES["Filedata"]) | ||
19 | 32 | } |
20 | 33 | else |
21 | 34 | { // ---------------------- upload success -------------------- |
22 | - | |
23 | - $upload_name = $_FILES['Filedata']['name']; | |
24 | 35 | if( preg_match('/^[-_.+a-zA-Z0-9]+$/', $upload_name ) ){ |
25 | - | |
36 | + | |
26 | 37 | while(!$overwrite && file_exists(SWFU_DATA_DIR.$upload_name)){ |
27 | 38 | $upload_name = 's_'.$upload_name; |
28 | 39 | } |
@@ -32,16 +43,16 @@ else | ||
32 | 43 | else |
33 | 44 | { |
34 | 45 | $matches = array(); |
35 | - | |
46 | + | |
36 | 47 | if( !preg_match('/[^.]+\.(.*)$/', $upload_name, $matches) ){ |
37 | 48 | echo 'invalid file name'; |
38 | - exit(0); | |
49 | + exit(0); | |
39 | 50 | } |
40 | - | |
51 | + | |
41 | 52 | $ext = $matches[1]; |
42 | 53 | $tmp_name = tempnam(SWFU_DATA_DIR, 'auto_'); |
43 | 54 | $upname = $tmp_name.'.'.$ext; |
44 | - | |
55 | + | |
45 | 56 | rename($tmp_name, $upname); |
46 | 57 | $upload_file = SWFU_DATA_DIR. basename($upname); |
47 | 58 | $fname = basename($upname); |
@@ -49,10 +60,10 @@ else | ||
49 | 60 | |
50 | 61 | move_uploaded_file($_FILES['Filedata']['tmp_name'], $upload_file); |
51 | 62 | chmod($upload_file, 0666); |
52 | - | |
63 | + | |
53 | 64 | //regist db |
54 | 65 | $stat = stat($upload_file); |
55 | - | |
66 | + | |
56 | 67 | global $insert_img_data; |
57 | 68 | $insert_img_data = array( |
58 | 69 | 'name'=>$fname, |
@@ -61,7 +72,7 @@ else | ||
61 | 72 | 'size'=>$stat['size'], |
62 | 73 | 'page_name'=>$page_name, |
63 | 74 | ); |
64 | - | |
75 | + | |
65 | 76 | //何か出力する必要あり |
66 | 77 | echo "Flash requires that we output something or it won't fire the uploadSuccess event"; |
67 | 78 | } |
@@ -79,10 +90,10 @@ function action( &$c ) | ||
79 | 90 | { |
80 | 91 | global $insert_img_data; |
81 | 92 | $insert_img_data = $c->s->input_filter($insert_img_data); |
82 | - | |
93 | + | |
83 | 94 | if(isset($insert_img_data)){ |
84 | 95 | $c->image->insert($insert_img_data); |
85 | 96 | } |
86 | 97 | } |
87 | 98 | |
88 | -?> | |
\ No newline at end of file | ||
99 | +?> |
@@ -47,6 +47,13 @@ function action( &$c ) | ||
47 | 47 | $mode = 'ajax'; |
48 | 48 | } |
49 | 49 | |
50 | + // ファイルをチェックする。スクリプトを実行可能なファイルは許可しない | |
51 | + if ( ! is_valid_file_for_upload($upload_name)) { | |
52 | + header('HTTP/1.1 400 Bad Request'); | |
53 | + echo 'Cannot upload script file'; | |
54 | + exit(0); | |
55 | + } | |
56 | + | |
50 | 57 | //画像の説明 |
51 | 58 | $text = '画像の説明'; |
52 | 59 | $page = isset($_POST['page'])? $_POST['page']: ''; |
@@ -65,6 +72,7 @@ function action( &$c ) | ||
65 | 72 | echo 'invalid file name'; |
66 | 73 | exit(0); |
67 | 74 | } |
75 | + | |
68 | 76 | $text = $matches[1]; |
69 | 77 | $ext = $matches[2]; |
70 | 78 | $tmp_name = tempnam(SWFU_DATA_DIR, 'auto-'); |