github
/
EasyImages2.0
mirror of https://github.com/icret/EasyImages2.0
1
0
Fork 0
Code Issues Releases Wiki Activity

黑白名单

pull/18/head
icret 2022-01-20 01:55:20 +08:00
parent 46296e5601
commit 6c233876ea
8 changed files with 166 additions and 93 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -87,6 +87,7 @@ Deny from all
* 2022-1-19 v2.4.6 beta * 2022-1-19 v2.4.6 beta
- 增加图片信息页面 - 增加图片信息页面
- 增加上传黑/白名单
- 视图优化 - 视图优化
* 2022-1-13 v2.4.5 * 2022-1-13 v2.4.5

35
admin/admin.inc.php
View File

@ -502,7 +502,7 @@ if (isset($_GET['reimg'])) {
</div> </div>
</div> </div>
</form> </form>
<form action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" method="post" onsubmit="return md5_post()"> <form action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" method="post">
<div class="form-group"> <div class="form-group">
<div class="switch"> <div class="switch">
<input type="hidden" name="checkImg" value="0"> <input type="hidden" name="checkImg" value="0">
@ -520,6 +520,21 @@ if (isset($_GET['reimg'])) {
<label id="cache_freq"><?php echo $config['cache_freq']; ?></label><label>小时</label> <label id="cache_freq"><?php echo $config['cache_freq']; ?></label><label>小时</label>
<input type="range" class="form-control" name="cache_freq" value="<?php echo $config['cache_freq']; ?>" min="1" step="1"max="24" onchange="document.getElementById('cache_freq').innerHTML=value"> <input type="range" class="form-control" name="cache_freq" value="<?php echo $config['cache_freq']; ?>" min="1" step="1"max="24" onchange="document.getElementById('cache_freq').innerHTML=value">
</div> </div>
<div class="form-group">
<div class="switch">
<input type="hidden" name="check_ip" value="0">
<input type="checkbox" name="check_ip" value="1" <?php if ($config['check_ip']) {echo 'checked="checked"';} ?>>
<label style="font-weight: bold">开启黑/白IP名单上传</label>
</div>
</div>
<div class="form-group">
<label>输入黑/白名单IP 每个IP以英文,结尾 支持IP段</label>
<textarea class="form-control" rows="5" name="check_ip_list" placeholder=" 每个IP以英文,结尾 支持IP段 例:192.168.1.13,123.23.23.44,193.134.*.*"><?php echo $config['check_ip_list']; ?></textarea>
</div>
<div class="form-group">
<label class="radio-inline"><input type="radio" name="check_ip_model" value="0" <?php if($config['check_ip_model']==0){echo 'checked';}?>> 黑名单模式</label>
<label class="radio-inline"><input type="radio" name="check_ip_model" value="1" <?php if($config['check_ip_model']==1){echo 'checked';}?>> 白名单模式</label>
</div>
<div class="form-group"> <div class="form-group">
<div class="switch"> <div class="switch">
<input type="hidden" name="checkEnv" value="0"> <input type="hidden" name="checkEnv" value="0">
@ -534,12 +549,6 @@ if (isset($_GET['reimg'])) {
<label style="font-weight: bold">开启上传日志</label> <label style="font-weight: bold">开启上传日志</label>
</div> </div>
</div> </div>
<div class="form-group">
<p style="font-weight: bold">
当前版本:<span class="label label-badge label-outline"><?php echo $config['version']; ?></span>
Github<a href="https://github.com/icret/EasyImages2.0/releases" target="_blank"><span class="label label-badge label-success label-outline"><?php echo getVersion(); ?></span></a>
</p>
</div>
<div class="form-group"> <div class="form-group">
<input type="hidden" class="form-control" name="form" value="<?php echo date("Y-m-d H:i:s") ;?>" placeholder="隐藏的保存"> <input type="hidden" class="form-control" name="form" value="<?php echo date("Y-m-d H:i:s") ;?>" placeholder="隐藏的保存">
</div> </div>
@ -604,12 +613,6 @@ if (isset($_GET['reimg'])) {
<label style="font-weight: bold">开启上传日志</label> <label style="font-weight: bold">开启上传日志</label>
</div> </div>
</div> </div>
<div class="form-group">
<p style="font-weight: bold">
当前版本:<span class="label label-badge label-outline"><?php echo $config['version']; ?></span>
Github<a href="https://github.com/icret/EasyImages2.0/releases" target="_blank"><span class="label label-badge label-success label-outline"><?php echo getVersion(); ?></span></a>
</p>
</div>
<div class="form-group"> <div class="form-group">
<input type="hidden" class="form-control" name="form" value="<?php echo date("Y-m-d H:i:s") ;?>" placeholder="隐藏的保存"> <input type="hidden" class="form-control" name="form" value="<?php echo date("Y-m-d H:i:s") ;?>" placeholder="隐藏的保存">
</div> </div>
@ -687,7 +690,8 @@ if (isset($_GET['reimg'])) {
<p>我的IP<?php echo $_SERVER["REMOTE_ADDR"]; ?></p> <p>我的IP<?php echo $_SERVER["REMOTE_ADDR"]; ?></p>
<h5>图床信息</h5> <h5>图床信息</h5>
<hr /> <hr />
<p><?php <p>
<?php
if (empty($config['TinyImag_key'])) { if (empty($config['TinyImag_key'])) {
echo '<i class="icon icon-times" title="图片压缩TinyImag未填写">TinyImag Key</i><br />'; echo '<i class="icon icon-times" title="图片压缩TinyImag未填写">TinyImag Key</i><br />';
} else { } else {
@ -699,8 +703,8 @@ if (isset($_GET['reimg'])) {
echo '<i class="icon icon-check" title="图片审查moderatecontent已填写">Moderatecontent Key</i><br/>'; echo '<i class="icon icon-check" title="图片审查moderatecontent已填写">Moderatecontent Key</i><br/>';
} }
?> ?>
当前版本:<span class="label label-badge label-outline"><?php echo $config['version']; ?></span> Github<a href="https://github.com/icret/EasyImages2.0/releases" target="_blank"><span class="label label-badge label-success label-outline"><?php echo getVersion(); ?></span></a>
</p> </p>
<p>当前版本:<?php echo $config['version']; ?>Github版本<a href="https://github.com/icret/EasyImages2.0/releases" target="_blank"><?php echo getVersion(); ?></a></p>
</div> </div>
</div> </div>
<div class="tab-pane fade" id="Content9"> <div class="tab-pane fade" id="Content9">
@ -713,7 +717,6 @@ if (isset($_GET['reimg'])) {
<label class="radio-inline"><input type="radio" name="first_show" value="4" <?php if($config['first_show']==4){echo 'checked';}?>><i class="icon icon-html5"> HTML</i></label> <label class="radio-inline"><input type="radio" name="first_show" value="4" <?php if($config['first_show']==4){echo 'checked';}?>><i class="icon icon-html5"> HTML</i></label>
<label class="radio-inline"><input type="radio" name="first_show" value="5" <?php if($config['first_show']==5){echo 'checked';}?>><i class="icon icon-trash"> 删除</i></label> <label class="radio-inline"><input type="radio" name="first_show" value="5" <?php if($config['first_show']==5){echo 'checked';}?>><i class="icon icon-trash"> 删除</i></label>
</div> </div>
<div class="form-group"> <div class="form-group">
<input type="hidden" class="form-control" name="form" value="<?php echo date("Y-m-d H:i:s") ;?>" placeholder="隐藏的保存"> <input type="hidden" class="form-control" name="form" value="<?php echo date("Y-m-d H:i:s") ;?>" placeholder="隐藏的保存">
</div> </div>

21
api/index.php
View File

@ -11,6 +11,18 @@ $token = preg_replace('/[\W]/', '', $_POST['token']); // 获取Token并过滤非
// 检查api合法性 // 检查api合法性
check_api($token); check_api($token);
// 黑/白IP名单上传
if ($config['check_ip']) {
if (checkIP(null, $config['check_ip_list'], $config['check_ip_model'])) {
// 上传错误 code:403 未授权IP
exit(json_encode(array(
"result" => "failed",
"code" => 403,
"message" => "黑名单内或白名单外用户不允许上传",
)));
}
}
$handle = new Upload($_FILES['image'], 'zh_CN'); $handle = new Upload($_FILES['image'], 'zh_CN');
if ($handle->uploaded) { if ($handle->uploaded) {
@ -113,11 +125,14 @@ if ($handle->uploaded) {
exit(json_encode($reJson, JSON_UNESCAPED_UNICODE)); exit(json_encode($reJson, JSON_UNESCAPED_UNICODE));
} }
// 上传日志控制 // 后续处理
require_once APP_ROOT . '/application/process.php';
// 日志
if ($config['upload_logs']) { if ($config['upload_logs']) {
require_once APP_ROOT . '/application/logs-write.php'; @write_log(config_path() . $handle->file_dst_name, $handle->file_src_name, $handle->file_dst_pathname, $handle->file_src_size);
@write_log(config_path() . $handle->file_dst_name, $handle->file_src_name, $handle->file_dst_pathname, $handle->file_src_size, "API upload");
} }
// 压缩|鉴黄
process(config_path() . $handle->file_dst_name, $handle->file_dst_pathname);
unset($handle); unset($handle);
} }

83
application/function.php
View File

@ -762,3 +762,86 @@ function writefile($filename, $writetext, $openmod = 'w')
return false; return false;
} }
} }
/*
* 获得用户的真实IP地址
* <br />来源ecshop
* <br />$_SERVER和getenv的区别getenv不支持IIS的isapi方式运行的php
* @access public
* @return string
*/
function real_ip()
{
static $realip = NULL;
if ($realip !== NULL) {
return $realip;
}
if (isset($_SERVER)) {
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$arr = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
/* 取X-Forwarded-For中第一个非unknown的有效IP字符串 */
foreach ($arr as $ip) {
$ip = trim($ip);
if ($ip != 'unknown') {
$realip = $ip;
break;
}
}
} elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
$realip = $_SERVER['HTTP_CLIENT_IP'];
} else {
if (isset($_SERVER['REMOTE_ADDR'])) {
$realip = $_SERVER['REMOTE_ADDR'];
} else {
$realip = '0.0.0.0';
}
}
} else {
if (getenv('HTTP_X_FORWARDED_FOR')) {
$realip = getenv('HTTP_X_FORWARDED_FOR');
} elseif (getenv('HTTP_CLIENT_IP')) {
$realip = getenv('HTTP_CLIENT_IP');
} else {
$realip = getenv('REMOTE_ADDR');
}
}
// 使用正则验证IP地址的有效性防止伪造IP地址进行SQL注入攻击
preg_match("/[\d\.]{7,15}/", $realip, $onlineip);
$realip = !empty($onlineip[0]) ? $onlineip[0] : '0.0.0.0';
return $realip;
}
/*
* IP黑白名单检测支持IP段检测
* @param string $ipNow 要检测的IP
* @param string|array $ipList 白名单IP或者黑名单IP
* @return boolean false|true true:白名单模式false:黑名单模式
*/
function checkIP($ipNow = null, $ipList = null, $model = false)
{
// global $config;
$ipNow = isset($ipNow) ?: real_ip();
// 将IP文本转换为数组
if (is_string($ipList)) {
$ipList = explode(",", $ipList);
} else {
echo 'IP名单错误';
}
$ipregexp = implode('|', str_replace(array('*', '.'), array('\d+', '\.'), $ipList));
$result = preg_match("/^(" . $ipregexp . ")$/", $ipNow);
// 白名单模式
if ($model) {
if (in_array($ipNow, $ipList)) {
return false;
}
}
// 黑名单模式
if ($result) {
return true;
}
}

34
application/logs-write.php → application/process.php
View File

@ -1,15 +1,9 @@
<?php <?php
require_once __DIR__ . '/function.php'; require_once __DIR__ . '/function.php';
require_once __DIR__ . '/real_ip.php';
/** // 压缩图片与图片鉴黄
* 写日志 function process($filePath, $absolutePath)
* 日志格式:图片名称->源文件名称->上传时间Asia/Shanghai->IP地址->浏览器信息->文件相对路径->图片的MD5
* $filePath 文件相对路径
* $sourceName 源文件名称
* $absolutePath 图片的绝对路径
* $fileSize 图片的大小
*/
function write_log($filePath, $sourceName, $absolutePath, $fileSize, $from = "Web upload")
{ {
global $config; global $config;
// 压缩图片 后压缩模式,不影响前台输出速度 // 压缩图片 后压缩模式,不影响前台输出速度
@ -28,12 +22,22 @@ function write_log($filePath, $sourceName, $absolutePath, $fileSize, $from = "We
if ($config['checkImg']) { if ($config['checkImg']) {
require_once APP_ROOT . '/config/api_key.php'; require_once APP_ROOT . '/config/api_key.php';
@checkImg($config['imgurl'] . $filePath); @checkImg($config['imgurl'] . $filePath);
// 检查通过
$checkImg = "Images Passed";
} else {
// 未开通
$checkImg = "Check Closed";
} }
}
/**
* 写日志
* 日志格式:图片名称->源文件名称->上传时间Asia/Shanghai->IP地址->浏览器信息->文件相对路径->图片的MD5
* $filePath 文件相对路径
* $sourceName 源文件名称
* $absolutePath 图片的绝对路径
* $fileSize 图片的大小
*/
function write_log($filePath, $sourceName, $absolutePath, $fileSize, $from = "Web upload")
{
global $config;
$checkImg = $config['checkImg'] == true ? "Images Passed" : "Check Closed";
$name = trim(basename($filePath), " \t\n\r\0\x0B"); // 当前图片名称 $name = trim(basename($filePath), " \t\n\r\0\x0B"); // 当前图片名称
$log = array($name => array( $log = array($name => array(

51
application/real_ip.php
View File

@ -1,51 +0,0 @@
<?php
/**
* 获得用户的真实IP地址
* <br />来源ecshop
* <br />$_SERVER和getenv的区别getenv不支持IIS的isapi方式运行的php
* @access public
* @return string
*/
function real_ip()
{
static $realip = NULL;
if ($realip !== NULL) {
return $realip;
}
if (isset($_SERVER)) {
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$arr = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
/* 取X-Forwarded-For中第一个非unknown的有效IP字符串 */
foreach ($arr as $ip) {
$ip = trim($ip);
if ($ip != 'unknown') {
$realip = $ip;
break;
}
}
} elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
$realip = $_SERVER['HTTP_CLIENT_IP'];
} else {
if (isset($_SERVER['REMOTE_ADDR'])) {
$realip = $_SERVER['REMOTE_ADDR'];
} else {
$realip = '0.0.0.0';
}
}
} else {
if (getenv('HTTP_X_FORWARDED_FOR')) {
$realip = getenv('HTTP_X_FORWARDED_FOR');
} elseif (getenv('HTTP_CLIENT_IP')) {
$realip = getenv('HTTP_CLIENT_IP');
} else {
$realip = getenv('REMOTE_ADDR');
}
}
// 使用正则验证IP地址的有效性防止伪造IP地址进行SQL注入攻击
preg_match("/[\d\.]{7,15}/", $realip, $onlineip);
$realip = !empty($onlineip[0]) ? $onlineip[0] : '0.0.0.0';
return $realip;
}

11
config/config.php
View File

@ -1,4 +1,4 @@
<?php <?php
$config=Array $config=Array
( (
'title'=>'简单图床 - EasyImage', 'title'=>'简单图床 - EasyImage',
@ -68,11 +68,14 @@ $config=Array
})(); })();
</script>', </script>',
'checkEnv'=>1, 'checkEnv'=>1,
'checkImg'=>1, 'checkImg'=>0,
'checkImg_value'=>50, 'checkImg_value'=>50,
'upload_logs'=>1, 'upload_logs'=>1,
'cache_freq'=>2, 'cache_freq'=>2,
'first_show'=>1, 'first_show'=>1,
'version'=>'2.4.5', 'check_ip'=>0,
'form'=>'2022-01-19 16:48:54' 'check_ip_model'=>0,
'check_ip_list'=>'',
'version'=>'2.4.6 beta',
'form'=>'2022-01-20 01:31:54'
); );

23
file.php
View File

@ -4,6 +4,18 @@ require __DIR__ . '/application/function.php';
require APP_ROOT . '/application/class.upload.php'; require APP_ROOT . '/application/class.upload.php';
require APP_ROOT . '/application/WaterMask.php'; require APP_ROOT . '/application/WaterMask.php';
// 黑/白IP名单上传
if ($config['check_ip']) {
if (checkIP(null, $config['check_ip_list'], $config['check_ip_model'])) {
// 上传错误 code:403 未授权IP
exit(json_encode(array(
"result" => "failed",
"code" => 403,
"message" => "黑名单内或白名单外用户不允许上传",
)));
}
}
$handle = new Upload($_FILES['file'], 'zh_CN'); $handle = new Upload($_FILES['file'], 'zh_CN');
if ($handle->uploaded) { if ($handle->uploaded) {
@ -102,10 +114,10 @@ if ($handle->uploaded) {
echo json_encode($reJson); echo json_encode($reJson);
$handle->clean(); $handle->clean();
} else { } else {
// 上传错误 code:403 客户端文件有问题 // 上传错误 code:400 客户端文件有问题
$reJson = array( $reJson = array(
"result" => "failed", "result" => "failed",
"code" => 403, "code" => 400,
"message" => $handle->error, "message" => $handle->error,
//"log" => $handle->log, //"log" => $handle->log,
); );
@ -114,11 +126,14 @@ if ($handle->uploaded) {
exit(json_encode($reJson, JSON_UNESCAPED_UNICODE)); exit(json_encode($reJson, JSON_UNESCAPED_UNICODE));
} }
// 上传日志控制 // 后续处理
require_once APP_ROOT . '/application/process.php';
// 日志
if ($config['upload_logs']) { if ($config['upload_logs']) {
require_once APP_ROOT . '/application/logs-write.php';
@write_log(config_path() . $handle->file_dst_name, $handle->file_src_name, $handle->file_dst_pathname, $handle->file_src_size); @write_log(config_path() . $handle->file_dst_name, $handle->file_src_name, $handle->file_dst_pathname, $handle->file_src_size);
} }
// 压缩|鉴黄
process(config_path() . $handle->file_dst_name, $handle->file_dst_pathname);
unset($handle); unset($handle);
} }