github
/
EasyImages2.0
mirror of https://github.com/icret/EasyImages2.0
1
0
Fork 0
Code Issues Releases Wiki Activity

v2.6.9 

* 2023-01-21 v2.6.9 Happy New Year
- 修复BMP格式无法增加水印(不建议开启,非常耗时)
- 修复上传用户组会串联变成管理员权限 [#61](https://github.com/icret/EasyImages2.0/issues/61)
- 增加了上传提示和登录提示
- 增加自定义存储分类路径 设置方法参考 [PHP date() 函数](https://www.runoob.com/php/php-date.html)
- 更改后台部分管理设置的位置
- 优化操作逻辑和信息提示
pull/141/head 2.6.9
icret 2023-01-21 11:56:00 +08:00 committed by GitHub
parent cbaf3a30ae
commit 9af638a2bd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
18 changed files with 404 additions and 268 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
README.md
View File

@ -183,6 +183,15 @@ $HTTP["url"] =~ "^/(i|public)/" {
<details><summary>点击查看2.0版更新日志</summary>
* 2023-01-21 v2.6.9 Happy New Year
- 修复BMP格式无法增加水印(不建议开启,非常耗时)
- 修复上传用户组会串联变成管理员权限 [#61](https://github.com/icret/EasyImages2.0/issues/61)
- 增加了上传提示和登录提示
- 增加自定义存储分类路径 设置方法参考 [PHP date() 函数](https://www.runoob.com/php/php-date.html)
- 更改后台部分管理设置的位置
- 优化操作逻辑和信息提示
* 2022-12-30 v2.6.8
- 上传组件支持到 PHP 8.2
- 修复下载任意文件漏洞 [#75](https://github.com/icret/EasyImages2.0/issues/75)
@ -608,7 +617,7 @@ RewriteRule config/(.*).(php)$ [F]
## 支持开发者
| 支付宝支持 | 微信支持 |
|:----:|:----:|
| :---------------------------------------: | :-------------------------------------: |
| ![支付宝支持](./public/images/alipay.jpg) | ![微信支持](./public/images/wechat.jpg) |
## 界面演示

112
admin/admin.inc.php
View File

@ -10,7 +10,7 @@ require_once APP_ROOT . '/config/config.guest.php';
// 检查登录
if (!is_who_login('admin')) {
echo '
<script> new $.zui.Messager("登录后再修改! ", {
<script> new $.zui.Messager("使用管理员账户登录! ", {
type: "danger", // 定义颜色主题
icon: "exclamation-sign" // 定义消息图标
}).show();</script>';
@ -36,11 +36,13 @@ if (isset($_POST['update'])) {
header("refresh:1;");
}
// 添加token
/**
* 添加token
* $_POST['add_token'] 生成的Token
* $_POST['add_token_id'] Token的ID
* $_POST['add_token_expired'] 过期时间
*/
if (isset($_POST['add_token_id'])) {
// $_POST['add_token'] 生成的Token
// $_POST['add_token_id'] Token的ID
// $_POST['add_token_expired'] 过期时间
$postArr = array(
$_POST['add_token'] => array(
'id' => $_POST['add_token_id'], 'expired' => $_POST['add_token_expired'] * 86400 + time(), 'add_time' => time()
@ -311,20 +313,25 @@ if (isset($_GET['recycle_reimg'])) {
</div>
<div class="tab-pane fade" id="Content2">
<form action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" method="post">
<div class="form-group col-md-12">
<div class="form-group col-md-1">
<label data-toggle="tooltip" title="前后需加'/' 例: /i/">存储路径</label>
<label data-toggle="tooltip" title="前后需加'/' 例: /i/">存储目录</label>
<input type="text" class="form-control" name="path" required="required" value="<?php echo $config['path']; ?>" onkeyup="this.value=this.value.replace(/\s/g,'')" title="可根据Apache/Nginx配置安全,参考: https://blog.png.cm/981.html 或 README.md">
</div>
<div class="form-group col-md-2">
<label for="storage_path" data-toggle="tooltip" title="图片的分类目录<br>更改会导致广场无法使用<br>非必要不要修改,末尾需要加'/' <br />PHP date() 函数参考">存储分类路径 <a href="https://www.runoob.com/php/php-date.html" target="_blank"><i class="icon icon-external-link"></i></a></label>
<input type="text" class="form-control" name="storage_path" required="required" value="<?php echo $config['storage_path']; ?>" onkeyup="this.value=this.value.replace(/\s/g,'')" title="参考PHP date() 函数">
</div>
<!-- <div class="form-group">
<label data-toggle="tooltip" title="不懂就不要改本图床仅针对图片上传,如果想上传其他类型文件请更改此出,不同mime请以英文,分割">允许的MIME类型</label>
<input type="text" class="form-control" name="mime" required="required" value="php echo $config['mime'];" onkeyup="this.value=this.value.replace(/\s/g,'')">
</div> -->
<div class="form-group col-md-5">
<div class="form-group col-md-4">
<label data-toggle="tooltip" title="请以英文 , 分割 最后一个不加 , <br/>想上传图片以外的格式?请关闭图床安全->图床模式">允许的扩展名</label>
<input type="text" class="form-control" name="extensions" required="required" value="<?php echo $config['extensions']; ?>" onkeyup="this.value=this.value.replace(/\s/g,'')">
</div>
<div class="form-group col-md-4">
<label>上传图片的命名方式</label>
<div class="form-group col-md-3">
<label>已上传文件的命名方式</label>
<select class="chosen-select form-control" name="imgName">
<option value="default" <?php if ($config['imgName'] == 'default') echo 'selected'; ?>>默认 - 36进制时间+随机数 >> vx77yu</option>
<option value="date" <?php if ($config['imgName'] == 'date') echo 'selected'; ?>>时间 >> 192704</option>
@ -350,6 +357,8 @@ if (isset($_GET['recycle_reimg'])) {
<option value="bmp" <?php if ($config['imgConvert'] == 'bmp') echo 'selected'; ?>>BMP</option>
</select>
</div>
</div>
<div class="form-group col-md-12">
<div class="form-group">
<label>单次最多上传 | 当前: </label><label id="maxUploadFiles"><?php echo $config['maxUploadFiles']; ?></label><label>张</label>
<input type="range" class="form-control" name="maxUploadFiles" value="<?php echo $config['maxUploadFiles']; ?>" min="1" max="200" step="1" onchange="document.getElementById('maxUploadFiles').innerHTML=value">
@ -378,6 +387,7 @@ if (isset($_GET['recycle_reimg'])) {
<input type="hidden" class="form-control" name="update" value="<?php echo date("Y-m-d H:i:s"); ?>" placeholder="隐藏的保存">
</div>
<button type="submit" class="btn btn-primary">保存</button>
</div>
</form>
</div>
<div class="tab-pane fade" id="Content3">
@ -528,7 +538,7 @@ if (isset($_GET['recycle_reimg'])) {
<input type="range" class="form-control" name="cache_freq" value="<?php echo $config['cache_freq']; ?>" min="1" step="1" max="24" onchange="document.getElementById('cache_freq').innerHTML=value">
</div>
<div class="form-group">
<label for="report" data-toggle="tooltip" title="举报地址支持Zoho表单、金数据、表单大师等<br/>(推荐ZOHO)<br/>留空则不显示">举报地址 <a href="https://store.zoho.com.cn/referral.do?servicename=ZohoForms&category=ZohoForms&ref=52f8a4e98a7a7d4c2475713784605af0dc842f6cc9732dd77f37b87f2959149e212e550f50a869f70360f15b80a4abc6" target="_blank"><i class="icon icon-external-link"></i></a></label>
<label for="report" data-toggle="tooltip" title="举报地址支持Zoho表单、金数据、表单大师等<br/>(推荐ZOHO)留空则不显示">举报地址 <a href="https://store.zoho.com.cn/referral.do?servicename=ZohoForms&category=ZohoForms&ref=52f8a4e98a7a7d4c2475713784605af0dc842f6cc9732dd77f37b87f2959149e212e550f50a869f70360f15b80a4abc6" target="_blank"><i class="icon icon-external-link"></i></a></label>
<input type="text" class="form-control" id="report" name="report" value="<? if ($config['report']) echo $config['report']; ?>" placeholder="可以是网址或邮箱" onkeyup="this.value=this.value.replace(/\s/g,'')">
</div>
<div class="form-group">
@ -550,8 +560,8 @@ if (isset($_GET['recycle_reimg'])) {
<label class="radio-inline"><input type="radio" name="check_ip_model" value="1" <?php if ($config['check_ip_model'] == 1) echo 'checked'; ?>> 白名单模式</label>
</div>
<div class="row">
<div class="col-md-12">
<h5 class="header-dividing">高级设置 <?php if ($config['domain'] == $config['imgurl']) echo '<small> 网站域名与图片域名相同,锁定隐藏' . $config['path'] . '目录开关</small>'; ?></h5>
<div class="col-md-12">
<div class="col-md-2">
<div class="switch switch-inline" data-toggle="tooltip" title="网址设置->弹窗公告修改内容<br />重开浏览器访问网站会再次展示公告弹窗">
<input type="hidden" name="notice_status" value="0">
@ -588,14 +598,12 @@ if (isset($_GET['recycle_reimg'])) {
</div>
</div>
<div class="col-md-2">
<div class="switch switch-inline" data-toggle="tooltip" title="所有用户上传的图片使用加密链接删除的图片会进入回收站">
<div class="switch switch-inline" data-toggle="tooltip" title="使用加密链接删除的图片移动至图片回收">
<input type="hidden" name="image_recycl" value="0">
<input type="checkbox" name="image_recycl" value="1" <?php if ($config['image_recycl']) echo 'checked="checked"'; ?>>
<label style="font-weight: bold">图片回收</label>
</div>
</div>
</div>
<div class="col-md-12">
<div class="col-md-2">
<div class="switch switch-inline" data-toggle="tooltip" title="以登陆账号名称创建上传目录">
<input type="hidden" name="guest_path_status" value="0">
@ -616,9 +624,9 @@ if (isset($_GET['recycle_reimg'])) {
<input type="checkbox" name="admin_path_status" value="1" <?php if ($config['admin_path_status']) echo 'checked="checked"'; ?>>
<label style="font-weight: bold">管理分离</label>
</div>
<!-- <input type="text" name="admin_path" class="form-control input-sm" value="echo $config['admin_path']" placeholder="请自定义管理的上传目录"> -->
</div>
<div class="col-md-2">
<!-- <input type="text" name="admin_path" class="form-control input-sm" value="echo $config['admin_path']" placeholder="请自定义管理的上传目录"> -->
<div class="switch switch-inline" data-toggle="tooltip" title="开启文件管理">
<input type="hidden" name="tinyfilemanager" value="0">
<input type="checkbox" name="tinyfilemanager" value="1" <?php if ($config['tinyfilemanager']) echo 'checked="checked"'; ?>>
@ -626,7 +634,28 @@ if (isset($_GET['recycle_reimg'])) {
</div>
</div>
<div class="col-md-2">
<div class="switch switch-inline" data-toggle="tooltip" title="日志每月保存一个文件<br/>经测试二十万条数据并不影响速度!">
<div class="switch switch-inline" data-toggle="tooltip" title="上传后显示删除链接<br/>删除链接是经过加密的">
<input type="hidden" name="show_user_hash_del" value="0">
<input type="checkbox" name="show_user_hash_del" value="1" <?php if ($config['show_user_hash_del']) echo 'checked="checked"'; ?>>
<label style="font-weight: bold">显示删除</label>
</div>
</div>
<div class="col-md-2">
<div class="switch switch-inline" data-toggle="tooltip" title="广场图片以上传时间倒序 | 正序">
<input type="hidden" name="showSort" value="0">
<input type="checkbox" name="showSort" value="1" <?php if ($config['showSort']) echo 'checked="checked"'; ?>>
<label style="font-weight: bold">广场排序</label>
</div>
</div>
<div class="col-md-2">
<div class="switch switch-inline" data-toggle="tooltip" title="图片过多时可能会影响统计时间">
<input type="hidden" name="chart_on" value="0">
<input type="checkbox" name="chart_on" value="1" <?php if ($config['chart_on']) echo 'checked="checked"'; ?>>
<label style="font-weight: bold">显示统计</label>
</div>
</div>
<div class="col-md-2">
<div class="switch switch-inline" data-toggle="tooltip" title="上传日志每月保存一个文件<br/>经测试二十万条数据并不影响速度!">
<input type="hidden" name="upload_logs" value="0">
<input type="checkbox" name="upload_logs" value="1" <?php if ($config['upload_logs']) echo 'checked="checked"'; ?>>
<label style="font-weight: bold">上传日志</label>
@ -639,8 +668,6 @@ if (isset($_GET['recycle_reimg'])) {
<label style="font-weight: bold">图床自检</label>
</div>
</div>
</div>
<div class="col-md-12">
<div class="col-md-2">
<div class="switch switch-inline" data-toggle="tooltip" title="危险:关闭后除图片外不验证文件是否正常,代表可以上传任意指定格式!">
<input type="hidden" name="allowed" value="0">
@ -648,15 +675,16 @@ if (isset($_GET['recycle_reimg'])) {
<label style="font-weight: bold">图床模式</label>
</div>
</div>
</div>
</div>
<div class="col-md-12">
<div class="col-md-2">
<div class="switch switch-inline" data-toggle="tooltip" title="建议开启,有效防止因撞库导致账户密码被破解!">
<input type="hidden" name="captcha" value="0">
<input type="checkbox" name="captcha" value="1" <?php if ($config['captcha']) echo 'checked'; ?>>
<label style="font-weight: bold">验证码</label>
</div>
</div>
</div>
</div>
<div class="col-md-12">
<div class="switch switch-inline" data-toggle="tooltip" title="通过指定参数查询图床的开放数据 | 与缓存周期同步 | 使用方法见使用手册->公共查询">
<input type="hidden" name="public" value="0">
<input type="checkbox" name="public" value="1" <?php if ($config['public']) echo 'checked'; ?>>
@ -769,13 +797,13 @@ if (isset($_GET['recycle_reimg'])) {
<p class="text-ellipsis">剩余磁盘: <?php echo getDistUsed(disk_free_space(__DIR__)); ?></p>
<h5>PHP信息</h5>
<hr />
<p class="text-ellipsis">PHP Version: <?php echo phpversion(); ?></p>
<p class="text-ellipsis">PHP Model: <?PHP echo php_sapi_name(); ?></p>
<p class="text-ellipsis">PHP Max UP: <?PHP echo get_cfg_var("upload_max_filesize"); ?></p>
<p class="text-ellipsis">PHP Max Time: <?PHP echo get_cfg_var("max_execution_time") . "s"; ?></p>
<p class="text-ellipsis">PHP Max Memery: <?PHP echo get_cfg_var("memory_limit"); ?></p>
<p class="text-ellipsis">POST Max Upload: <?php echo ini_get('post_max_size'); ?></p>
<p class="text-ellipsis">GD: <?php echo (gd_info()["GD Version"]); ?></p>
<p class="text-ellipsis">PHP版本: <?php echo phpversion(); ?></p>
<p class="text-ellipsis">运行模式: <?PHP echo php_sapi_name(); ?></p>
<p class="text-ellipsis">上传限制: <?PHP echo get_cfg_var("upload_max_filesize"); ?></p>
<p class="text-ellipsis">运行时间限制: <?PHP echo get_cfg_var("max_execution_time") . "s"; ?></p>
<p class="text-ellipsis">最大占用内存: <?PHP echo get_cfg_var("memory_limit"); ?></p>
<p class="text-ellipsis">POST上传限制: <?php echo ini_get('post_max_size'); ?></p>
<p class="text-ellipsis">GD版本: <?php echo (gd_info()["GD Version"]); ?></p>
<h5>我的信息</h5>
<hr />
<p class="text-ellipsis">IP: <?php echo real_ip(); ?></p>
@ -822,7 +850,7 @@ if (isset($_GET['recycle_reimg'])) {
<div class="tab-pane fade" id="Content9">
<form action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" method="post">
<div class="form-group">
<h5>上传首选</h5>
<h5>上传首选显示</h5>
<label class="radio-inline">
<input type="radio" name="upload_first_show" value="1" data-toggle="tooltip" title="图片直链" <?php if ($config['upload_first_show'] == 1) echo 'checked'; ?>>
<i class="icon icon-link"></i>
@ -840,37 +868,23 @@ if (isset($_GET['recycle_reimg'])) {
<i class="icon icon-html5"></i>
</label>
<label class="radio-inline" data-toggle="tooltip" title="删除链接">
<input type="radio" id="upload_first_show5" name="upload_first_show" value="5" <?php if ($config['upload_first_show'] == 5) echo 'checked'; ?>>
<input <?php if ($config['show_user_hash_del'] == 0) echo 'disabled'; ?> type="radio" id="upload_first_show5" name="upload_first_show" value="5" <?php if ($config['upload_first_show'] == 5) echo 'checked'; ?>>
<i class="icon icon-trash"></i>
</label>
</div>
<div class="form-group">
<label data-toggle="tooltip" title="选择网站对外展示的一些功能和页面">对外展示</label><br />
<label data-toggle="tooltip" title="选择网站对外展示的一些功能和页面">对外功能展示</label><br />
<div class="switch switch-inline" data-toggle="tooltip" title="暗黑模式切换">
<input type="hidden" name="dark-mode" value="0">
<input type="checkbox" name="dark-mode" value="1" <?php if ($config['dark-mode']) echo 'checked="checked"'; ?>>
<label style="font-weight: bold">暗黑</label>
</div>
<div class="switch switch-inline" data-toggle="tooltip" title="上传后显示删除链接<br/>删除链接是经过加密的">
<input type="hidden" name="show_user_hash_del" value="0">
<input type="checkbox" name="show_user_hash_del" value="1" <?php if ($config['show_user_hash_del']) echo 'checked="checked"'; ?>>
<label style="font-weight: bold">删除</label>
</div>
<div class="switch switch-inline" data-toggle="tooltip" title=" 关闭后非登录状态不显示广场图片">
<input type="hidden" name="showSwitch" value="0">
<input type="checkbox" name="showSwitch" value="1" <?php if ($config['showSwitch']) echo 'checked="checked"'; ?>>
<label style="font-weight: bold">广场</label>
</div>
<div class="switch switch-inline" data-toggle="tooltip" title="广场图片以上传时间倒序 | 正序">
<input type="hidden" name="showSort" value="0">
<input type="checkbox" name="showSort" value="1" <?php if ($config['showSort']) echo 'checked="checked"'; ?>>
<label style="font-weight: bold">排序</label>
</div>
<div class="switch switch-inline" data-toggle="tooltip" title="图片过多时可能会影响统计时间">
<input type="hidden" name="chart_on" value="0">
<input type="checkbox" name="chart_on" value="1" <?php if ($config['chart_on']) echo 'checked="checked"'; ?>>
<label style="font-weight: bold">统计</label>
</div>
<div class="switch switch-inline" data-toggle="tooltip" title="广场图片详细信息按钮">
<input type="hidden" name="show_exif_info" value="0">
<input type="checkbox" name="show_exif_info" value="1" <?php if ($config['show_exif_info']) echo 'checked="checked"'; ?>>
@ -948,8 +962,8 @@ if (isset($_GET['recycle_reimg'])) {
<div class="content">
<p>直接输入账号和密码即可完成修改.</p>
<p>更改后会立即生效并重新登录,请务必牢记账号和密码! </p>
<p>如果忘记账号可以打开-><code>/config/config.php</code>文件->找到user对应的键值->填入</p>
<p>如果忘记密码请将密码->转换成MD5小写-><a href="<?php echo $config['domain'] . '/application/md5.php'; ?>" target="_blank" class="text-purple">转换网址</a>->打开<code>/config/config.php</code>文件->找到password对应的键值->填入</p>
<p>如果忘记账号可以打开-><code>/config/config.php</code>文件->找到<code data-toggle="tooltip" title="'user'=><strong>admin</strong>'">user</code>对应的键值->填入</p>
<p>如果忘记密码请将密码->转换成MD5小写-><a href="<?php echo $config['domain'] . '/application/md5.php'; ?>" target="_blank" class="text-purple">转换网址</a>->打开<code>/config/config.php</code>文件->找到<code data-toggle="tooltip" title="'password'=>'<strong>e6e0612609</strong>'">password</code>对应的键值->填入</p>
</div>
</div>
</form>

32
admin/index.php
View File

@ -63,34 +63,24 @@ if ($config['captcha']) {
// 提交登录
if (isset($_POST['password']) and isset($_POST['user'])) {
global $guestConfig;
$postUser = strip_tags($_POST['user']);
$postPWD = strip_tags($_POST['password']);
$login = _login($_POST['user'], $_POST['password']);
$login = json_decode($login, true);
if ($postUser == $config['user'] || in_array($guestConfig[$postUser], $guestConfig)) {
if ($postPWD == $config['password'] || $postPWD == $guestConfig[$postUser]['password']) {
// 将账号密码序列化后存储
$setCOK = serialize(array($postUser, $postPWD));
setcookie('auth', $setCOK, time() + 3600 * 24 * 14, '/');
if ($login['code'] == 200) {
echo '
<script>
new $.zui.Messager("登录成功", {type: "primary" // 定义颜色主题
new $.zui.Messager("' . $login["messege"] . '" , {
type: "primary", // 定义颜色主题
icon: "check" // 定义消息图标
}).show();
</script>';
header("refresh:2;url=" . $config['domain'] . "");
} else {
echo '
<script>
new $.zui.Messager("密码错误", {type: "danger" // 定义颜色主题
}).show();
</script>';
header("refresh:2;");
}
} else {
echo '
<script>
new $.zui.Messager("账号不存在", {type: "danger" // 定义颜色主题
new $.zui.Messager("' . $login["messege"] . '" , {
type: "danger", // 定义颜色主题
icon: "times" // 定义消息图标
}).show();
</script>';
header("refresh:2;");
@ -109,8 +99,8 @@ if (isset($_POST['password']) and isset($_POST['user'])) {
</h4>
</div>
<div class="modal-body">
<p class="text-primary">忘记账号可以打开<code>/config/config.php</code>文件找到user对应的键值->填入</p>
<p class="text-success">忘记密码请将密码转换成MD5小写(<a href="<?php echo $config['domain'] . '/application/md5.php'; ?>" target="_blank" class="text-purple">转换网址</a>)->打开<code>/config/config.php</code>文件->找到password对应的键值->填入</p>
<p class="text-primary">忘记账号可以打开<code>/config/config.php</code>文件找到<code data-toggle="tooltip" title="'user'=><strong>admin</strong>'">user</code>对应的键值->填入</p>
<p class="text-success">忘记密码请将密码转换成MD5小写(<a href="<?php echo $config['domain'] . '/application/md5.php'; ?>" target="_blank" class="text-purple">转换网址</a>)->打开<code>/config/config.php</code>文件->找到<code data-toggle="tooltip" title="'password'=>'<strong>e6e0612609</strong>'">password</code>对应的键值->填入</p>
<h4 class="text-danger">更改后会立即生效并重新登录,请务必牢记账号和密码! </h4>
</div>
<div class="modal-footer">

1
admin/verson.php Normal file
View File

@ -0,0 +1 @@
2.6.9

16
api/index.php
View File

@ -47,7 +47,7 @@ if ($handle->uploaded) {
// 添加Token ID
$handle->file_name_body_add = '-' . $tokenID;
// 最大上传限制
$handle->file_max_sizes = $config['maxSize'];
$handle->file_max_size = $config['maxSize'];
// 最大宽度
$handle->image_max_width = $config['maxWidth'];
// 最大高度
@ -56,19 +56,16 @@ if ($handle->uploaded) {
$handle->image_min_width = $config['minWidth'];
// 最小高度
$handle->image_min_height = $config['minHeight'];
// 转换图片为指定格式
if ($config['imgConvert']) {
// 只转换非webp格式和非动态图片
// 2023-01-06 转换图片为指定格式 只转换非webp格式和非动态图片
if ($handle->file_src_name_ext !== 'webp' && !isAnimatedGif($handle->file_src_pathname)) {
$handle->image_convert = $config['imgConvert'];
// PNG 图像的压缩级别,介于 1快速但大文件和 9慢但较小文件之间
}
// 2023-01-06 PNG 图像的压缩级别,介于 1快速但大文件和 9慢但较小文件之间
$handle->png_compression = 9 - round($config['compress_ratio'] / 11.2);
// WEBP 图像的压缩质量 1-100
$handle->webp_quality = $config['compress_ratio'];
// JPEG 图像的压缩质量 1-100
$handle->jpeg_quality = $config['compress_ratio'];
}
}
/* 等比例缩减图片 放到前端了*/
/*
@ -129,7 +126,7 @@ if ($handle->uploaded) {
$delUrl = "Sever PHP version lower 7.0";
}
} else {
$delUrl = "Admin closed delete";
$delUrl = "Admin closed user delete";
}
// 当设置访问生成缩略图时自动生成 2022-12-30
@ -150,7 +147,6 @@ if ($handle->uploaded) {
$handle->file_new_name_body = date('Y_m_d_') . $handle->file_dst_name_body;
$handle->process(APP_ROOT . $config['path'] . 'thumbnails/');
}
// 上传成功后返回json数据
@ -170,6 +166,8 @@ if ($handle->uploaded) {
"result" => "failed",
"code" => 206,
"message" => $handle->error,
// 'up_log' => $handle->log,(仅用作调试用)
);
exit(json_encode($reJson, JSON_UNESCAPED_UNICODE));

22
application/WaterMask.php
View File

@ -78,6 +78,12 @@ class Imgs
imagecopyresampled($temp_img, $im, 0, 0, 0, 0, $temp_w, $temp_h, $width, $height);
imagepng($temp_img, $savepath, 100);
break;
case 6:
$im = imagecreatefrombmp($src);
imagesavealpha($im, true); //这里很重要;3-1
imagecopyresampled($temp_img, $im, 0, 0, 0, 0, $temp_w, $temp_h, $width, $height);
imagebmp($temp_img, $savepath, 100);
break;
case 18:
$im = imagecreatefromwebp($src);
imagesavealpha($im, true); //这里很重要;3-1
@ -168,6 +174,11 @@ class Imgs
$dst_img = imagecreatefrompng($src);
imagesavealpha($dst_img, true); //这里很重要;3-1
break;
case 6:
$dst_img = imagecreatefrombmp($src);
imagesavealpha($dst_img, true); //这里很重要;3-1
break;
case 18:
$dst_img = imagecreatefromwebp($src);
imagesavealpha($dst_img, true); //这里很重要;3-1
@ -202,18 +213,18 @@ class Imgs
case 1:
$markim = imagecreatefromgif($def['res']);
break;
case 2:
$markim = imagecreatefromjpeg($def['res']);
break;
case 3:
$markim = imagecreatefrompng($def['res']);
break;
case 6:
$markim = imagecreatefrombmp($def['res']);
break;
case 18:
$markim = imagecreatefromwebp($def['res']);
break;
default:
return array('code' => false, 'msg' => '水印图片类型错误');
exit;
@ -329,8 +340,11 @@ class Imgs
case 'gif':
imagegif($dst_img, $def['name']);
break;
case 'bmp':
imagebmp($dst_img, $def['name']);
break;
case 'webp':
imagegif($dst_img, $def['name']);
imagewebp($dst_img, $def['name']);
break;
default:
return array('code' => false, 'msg' => '保存图片类型有误');

3
application/check.php
View File

@ -5,9 +5,8 @@ if (!is_file(APP_ROOT . '/install/install.lock') and is_file(APP_ROOT . '/instal
exit('<script type="text/javascript">window.location.href="' . get_whole_url('/') . '/install/index.php"</script>');
}
/**
* 检测弹窗内容
* 检测弹窗
*/
if (file_exists(APP_ROOT . '/admin/EasyIamge.lock')) return; // 查询锁定弹窗文件是否存在
file_put_contents(APP_ROOT . '/admin/EasyIamge.lock', '安装环境检测锁定文件,如需再次展示请删除此文件!', FILE_APPEND | LOCK_EX);
?>

2
application/check_admin.inc.php
View File

@ -78,7 +78,7 @@ if (getVersion() !== get_current_verson()) {
if ($config['mustLogin']) {
echo '
<script>
$.zui.browser.tip("请注意: 当前已开启登录上传,非登录用户不可上传图片!");
$.zui.browser.tip("请注意: 当前已开启登录上传,游客不能上传图片!");
</script>
';
}

6
application/down.php
View File

@ -23,7 +23,7 @@ $dw_extension = pathinfo($dw,PATHINFO_EXTENSION);
$filter_extensions = explode(',', $config['extensions']);
// 过滤下载其他格式
$filter_other = array('php','json','log');
$filter_other = array('php', 'json', 'log', 'lock');
// 先过滤后下载
if (in_array($dw_extension, $filter_extensions) && !in_array($dw_extension, $filter_other)) {
@ -36,7 +36,3 @@ if(in_array($dw_extension,$filter_extensions) && !in_array($dw_extension,$filter
} else {
exit('Downfile Type Error');
}

167
application/function.php
View File

@ -52,8 +52,81 @@ function isAnimatedGif($filename)
return strpos($filecontent, chr(0x21) . chr(0xff) . chr(0x0b) . 'NETSCAPE2.0') === FALSE ? 0 : 1;
}
/**
* 校验登录
* 2023-01-06 校验登录
* @param $user String 登录用户名
* @param $password 登录密码
* 返回参数解析 code=>状态码 200成功400失败; 登录用户级别level => 0无状态, 1管理员, 2上传者, messege => 提示信息
*/
function _login($user = null, $password = null)
{
global $config;
global $guestConfig;
// cookie验证
if ($user == null and $password == null) {
// 无cookie
if (empty($_COOKIE['auth'])) {
return json_encode(array('code' => 400, 'level' => 0, 'messege' => '请登录'));
}
// 存在cookie
if (isset($_COOKIE['auth'])) {
$browser_cookie = unserialize($_COOKIE['auth']);
// cookie无法读取
if (!$browser_cookie) return json_encode(array('code' => 400, 'level' => 0, 'messege' => '登录已过期,请重新登录'));
// 判断账号是否存在
if ($browser_cookie[0] !== $config['user'] && !array_key_exists($browser_cookie[0], $guestConfig)) return json_encode(array('code' => 400, 'level' => 0, 'messege' => '账号不存在'));
// 判断是否管理员
if ($browser_cookie[0] == $config['user'] && $browser_cookie[1] == $config['password']) return json_encode(array('code' => 200, 'level' => 1, 'messege' => '尊敬的管理员'));
// 判断是否上传者
if (array_key_exists($browser_cookie[0], $guestConfig) && $browser_cookie[1] == $guestConfig[$browser_cookie[0]]['password']) {
// 判断上车者是否过期
if ($guestConfig[$browser_cookie[0]]['expired'] < time()) {
// 上传者账户密码正确,但是账户过期
return json_encode(array('code' => 400, 'level' => 0, 'messege' => $browser_cookie[0] . '账号已过期'));
}
return json_encode(array('code' => 200, 'level' => 2, 'messege' => $browser_cookie[0] . '用户已登录'));
}
// 账号存在,密码错误
if ($browser_cookie[0] == $config['user'] || array_key_exists($browser_cookie[0], $guestConfig)) return json_encode(array('code' => 400, 'level' => 0, 'messege' => '密码错误'));
}
}
// 前端验证
$user = strip_tags($user);
$password = strip_tags($password);
// 是否管理员
if ($user == $config['user'] && $password == $config['password']) {
// 将账号密码序列化后存储
$browser_cookie = serialize(array($user, $password));
setcookie('auth', $browser_cookie, time() + 3600 * 24 * 14, '/');
return json_encode(array('code' => 200, 'level' => 1, 'messege' => '管理员登录成功'));
}
// 是否上传者
if (array_key_exists($user, $guestConfig) && $password == $guestConfig[$user]['password']) {
// 上传者账号过期
if ($guestConfig[$user]['expired'] < time()) return json_encode(array('code' => 400, 'level' => 0, 'messege' => $user . '账号已过期'));
// 未过期设置cookie
$browser_cookie = serialize(array($user, $password));
setcookie('auth', $browser_cookie, time() + 3600 * 24 * 14, '/');
return json_encode(array('code' => 200, 'level' => 2, 'messege' => $user . '用户登录成功'));
}
// 检查账号是否存在
if (array_key_exists($user, $guestConfig) || $user == $config['user']) {
// 账号存在,密码错误
if ($user == $config['user'] || array_key_exists($user, $guestConfig)) return json_encode(array('code' => 400, 'level' => 0, 'messege' => '密码错误'));
} else {
return json_encode(array('code' => 400, 'level' => 0, 'messege' => '账号不存在'));
}
// 未知错误
return json_encode(array('code' => 400, 'level' => 0, 'messege' => '未知错误'));
}
/**
* 校验登录 2023-01-05弃用
*/
function checkLogin()
{
@ -81,7 +154,7 @@ function checkLogin()
}
// 管理员登陆
if ($getCOK[1] == $config['password']) {
if ($getCOK[0] == $config['user'] && $getCOK[1] == $config['password']) {
return 204;
}
@ -97,9 +170,43 @@ function checkLogin()
}
/**
* 仅允许登录上传
* 2023-01-06 仅允许登录上传
*/
function mustLogin()
{
global $config;
if ($config['mustLogin']) {
$status = _login();
$status = json_decode($status, true);
if ($status['code'] == 200) {
echo '
<script>
new $.zui.Messager("' . $status["messege"] . '", {
type: "success", // 定义颜色主题
icon: "linux", // 定义消息图标
placement:"bottom-right" // 消息位置
}).show();
</script>';
}
if ($status['code'] == 400) {
echo '
<script>
new $.zui.Messager("' . $status["messege"] . '", {
type: "danger", // 定义颜色主题
icon: "bullhorn" // 定义消息图标
}).show();
</script>';
header("refresh:2;url=" . $config['domain'] . "/admin/index.php");
}
}
}
/**
* 仅允许登录后上传 2023-01-05弃用
*/
function mustLogin_a()
{
global $config;
if ($config['mustLogin']) {
@ -108,7 +215,7 @@ function mustLogin()
case 201:
echo '
<script>
new $.zui.Messager("本站已开启登陆上传, 请登录!", {
new $.zui.Messager("请登录 !", {
type: "danger", // 定义颜色主题
icon: "bullhorn" // 定义消息图标
}).show();
@ -135,6 +242,16 @@ function mustLogin()
</script>';
exit(header("refresh:2;url=" . $config['domain'] . "/admin/index.php"));
break;
case 204:
echo '
<script>
new $.zui.Messager("管理员已登陆", {
type: "success", // 定义颜色主题
icon: "check", // 定义消息图标
placement:"bottom-right" // 消息位置
}).show();
</script>';
break;
case 205:
echo '
<script>
@ -154,13 +271,12 @@ function mustLogin()
}).show();
</script>';
break;
case 204:
case 206:
echo '
<script>
new $.zui.Messager("管理员已登陆", {
type: "success", // 定义颜色主题
icon: "check", // 定义消息图标
placement:"bottom-right" // 消息位置
new $.zui.Messager("登录失败!", {
type: "special", // 定义颜色主题
icon: "exclamation-sign" // 定义消息图标
}).show();
</script>';
break;
@ -176,9 +292,18 @@ function mustLogin()
function config_path($path = null)
{
global $config;
// php5.6 兼容写法:
$path = isset($path) ? $path : date('Y/m/d/');
if (empty($path)) {
if (array_key_exists('storage_path', $config)) {
$path = date($config['storage_path']);
} else {
$path = date('Y/m/d/');
}
}
// 2023-01-06弃用 php5.6 兼容写法:
// $path = isset($path) ? $path : date('Y/m/d/');
// php7.0 $path = $path ?? date('Y/m/d/');
$img_path = $config['path'] . $path;
if (!is_dir($img_path)) {
@ -549,8 +674,8 @@ function getDel($url, $type)
type: "success", // 定义颜色主题
icon: "ok-sign" // 定义消息图标
}).show();
// 延时2s跳转
// window.setTimeout("window.location=\'/../ \'",3500);
// 延时5s跳转
// window.setTimeout("window.location=\'/../ \'",5000);
</script>
';
} else {
@ -584,21 +709,13 @@ function getDel($url, $type)
*/
function is_who_login($user)
{
global $config;
global $guestConfig;
if (isset($_COOKIE['auth'])) {
$getCOK = unserialize($_COOKIE['auth']);
if (!$getCOK) {
return false;
}
$status = json_decode(_login(), true);
if ($user == 'admin') {
if ($getCOK[1] == $config['password']) return true;
if ($status['level'] == 1) return true;
}
if ($user == 'guest') {
if ($getCOK[0] !== $guestConfig[$getCOK[0]]) return true;
if ($status['level'] == 2) return true;
}
}
return false;
}
@ -1391,7 +1508,7 @@ function isAnimatedGifWebp($src)
* @return String 内容信息
*/
function get_current_verson($file = '/admin/verson.txt')
function get_current_verson($file = '/admin/verson.php')
{
$file = APP_ROOT . $file;

4
application/md5.php
View File

@ -10,8 +10,8 @@ if (isset($_POST['md5'])) {
?>
<div class="row">
<div class="col-md-12">
<p class="text-primary">忘记账号可以打开<code>/config/config.php</code>文件找到user对应的键值->填入</p>
<p class="text-success">忘记密码请将密码转换成MD5小写(<a href="<?php echo $config['domain'] . '/application/md5.php'; ?>" target="_blank" class="text-purple">转换网址</a>)->打开<code>/config/config.php</code>文件->找到password对应的键值->填入</p>
<p class="text-primary">忘记账号可以打开<code>/config/config.php</code>文件找到<code data-toggle="tooltip" title="'user'=><strong>admin</strong>'">user</code>对应的键值->填入</p>
<p class="text-success">忘记密码请将密码转换成MD5小写(<a href="<?php echo $config['domain'] . '/application/md5.php'; ?>" target="_blank" class="text-purple">转换网址</a>)->打开<code>/config/config.php</code>文件->找到<code data-toggle="tooltip" title="'password'=>'<strong>e6e0612609</strong>'">password</code>对应的键值->填入</p>
<h4 class="text-danger">更改后会立即生效并重新登录,请务必牢记账号和密码! </h4>
</div>
<div class="col-md-12">

15
application/upload.php
View File

@ -51,7 +51,7 @@ if ($handle->uploaded) {
$handle->file_new_name_body = imgName($handle->file_src_name_body);
// 最大上传限制
$handle->file_max_sizes = $config['maxSize'];
$handle->file_max_size = $config['maxSize'];
// 最大宽度
$handle->image_max_width = $config['maxWidth'];
// 最大高度
@ -60,19 +60,16 @@ if ($handle->uploaded) {
$handle->image_min_width = $config['minWidth'];
// 最小高度
$handle->image_min_height = $config['minHeight'];
// 转换图片为指定格式
if ($config['imgConvert']) {
// 只转换非webp格式和非动态图片
// 2023-01-06 转换图片为指定格式 只转换非webp格式和非动态图片
if ($handle->file_src_name_ext !== 'webp' && !isAnimatedGif($handle->file_src_pathname)) {
$handle->image_convert = $config['imgConvert'];
// PNG 图像的压缩级别,介于 1快速但大文件和 9慢但较小文件之间
}
// 2023-01-06 PNG 图像的压缩级别,介于 1快速但大文件和 9慢但较小文件之间
$handle->png_compression = 9 - round($config['compress_ratio'] / 11.2);
// WEBP 图像的压缩质量 1-100
$handle->webp_quality = $config['compress_ratio'];
// JPEG 图像的压缩质量 1-100
$handle->jpeg_quality = $config['compress_ratio'];
}
}
/* 等比例缩减图片 放到前端了*/
/*
@ -149,7 +146,7 @@ if ($handle->uploaded) {
$delUrl = "Sever PHP version lower 7.0";
}
} else {
$delUrl = "Admin closed delete";
$delUrl = "Admin closed user delete";
}
// 当设置访问生成缩略图时自动生成 2022-12-30
@ -170,7 +167,6 @@ if ($handle->uploaded) {
$handle->file_new_name_body = date('Y_m_d_') . $handle->file_dst_name_body;
$handle->process(APP_ROOT . $config['path'] . 'thumbnails/');
}
// 上传成功后返回json数据
@ -190,6 +186,7 @@ if ($handle->uploaded) {
"result" => "failed",
"code" => 206,
"message" => $handle->error,
// 'up_log' => $handle->log,(仅用作调试用)
);
unset($handle);
header('Content-Type:application/json; charset=utf-8');

4
config/config.guest.php
View File

@ -4,7 +4,7 @@ $guestConfig=Array
'guest'=>Array
(
'password'=>'084e0343a0486ff05530df6c705c8bb4',
'expired'=>2536242924,
'add_time'=>1672329324
'expired'=>2536886016,
'add_time'=>1672972416
)
);

13
config/config.php
View File

File diff suppressed because one or more lines are too long

6
install/install.php
View File

@ -66,20 +66,20 @@ if ($state !== 'checked') {
<div class="form-group">
<label class="col-sm-2 ">管理账号</label>
<div class="col-md-6 col-sm-10">
<input type="text" class="form-control" name="user" value="" placeholder="请以大小写英文或数字输入管理员账号" onkeyup="this.value=this.value.replace(/[^\w\.\/]/ig,'')">
<input type="text" class="form-control" name="user" value="admin" placeholder="请以大小写英文或数字输入管理员账号" onkeyup="this.value=this.value.replace(/[^\w\.\/]/ig,'')">
</div>
</div>
<div class="form-group">
<label class="col-sm-2 ">管理密码</label>
<span class="message">请输入8~18位密码</span>
<div class="col-md-6 col-sm-10 register">
<input type="text" class="form-control inp" name="password" value="" required="required" placeholder="请使用英文输入法输入密码并不小于8位数" onkeyup="this.value=this.value.replace(/\s/g,'')">
<input type="text" class="form-control inp" name="password" value="admin@123" required="required" placeholder="请使用英文输入法输入密码并不小于8位数" onkeyup="this.value=this.value.replace(/\s/g,'')">
</div>
</div>
<div class="form-group">
<label class="col-sm-2 ">确认密码</label>
<div class="col-md-6 col-sm-10">
<input type="text" class="form-control" name="repassword" value="" required="required" placeholder="确认密码" onkeyup="this.value=this.value.replace(/\s/g,'')">
<input type="text" class="form-control" name="repassword" value="admin@123" required="required" placeholder="确认密码" onkeyup="this.value=this.value.replace(/\s/g,'')">
</div>
</div>
<div class="form-group">