version 4.24 release

ChangeLog.md

@@ -1,7 +1,8 @@
-### ver4.23 `2017/10/9` 
+### ver4.24 `2017/10/10` 
 -----
 #### update:
 - url获取服务器兼容性优化(sso部分使用)
+- 部分特殊服务区环境兼容.
 
 #### fix bug
 - 安全漏洞修复：文件越权读取、删除漏洞；getshell漏洞紧急修复

app/api/sso.class.php

@@ -57,10 +57,8 @@ class SSO{
 
 
 	static public function sessionCheck($key,$value='success'){
-		//$path = session_save_path();//还原session路径
 		$session = self::init();
 		if( isset($session[$key]) && $session[$key] == $value){
-			//session_save_path($path);
 			return true;
 		}
 		return false;
@@ -68,7 +66,7 @@ class SSO{
 
 	/**
 	 * 直接调用kod的登陆检测(适用于同服务器同域名;)
-	 * @param  [type] $kodHost kod的地址;例如 http://test.com/ ;默认为
+	 * @param  [type] $kodHost kod的地址;例如 http://test.com/ ;默认为插件目录
 	 * @param  [type] $appKey  应用标记 例如 loginCheck
 	 * @param  [type] $appUrl  验证后跳转到的url;默认为当前url
 	 * @param  [type] $auth    验证方式：例如:'check=userName&value=smartx'
@@ -76,8 +74,17 @@ class SSO{
 	 */
 	static public function sessionAuth($appKey,$auth,$kodHost='',$appUrl=''){
 		if($kodHost==''){
-			$basicPath   = dirname(dirname(dirname(__FILE__))).'/';
-			$kodHost = get_host().'/'.str_replace(get_webroot(),'',$basicPath);//程序根目录
+			$appUrl = this_url();
+			if(strstr($appUrl,'/plugins/')){
+				$kodHost = substr($appUrl,0,strpos($appUrl,'/plugins/'));
+			}else{
+				$kodHost = $_SERVER['HTTP_REFERER'];
+				if(strstr($kodHost,'/index.php?')){
+					$kodHost = substr($kodHost,0,strpos($kodHost,'/index.php?'));
+				}else if(strstr($kodHost,'/?')){
+					$kodHost = substr($kodHost,0,strpos($kodHost,'/?'));
+				}
+			}
 		}
 		$authUrl = rtrim($kodHost,'/').'/index.php?user/sso&app='.$appKey.'&'.$auth;
 		if($appUrl == ''){

app/function/web.function.php

@@ -71,13 +71,12 @@ function reset_path($str){
 }
 function get_webroot($app_path=''){
 	$index='index.php';
+	$self_file  = reset_path($_SERVER['SCRIPT_NAME']);
 	if($app_path == ''){
-		$self_file  = reset_path($_SERVER['SCRIPT_NAME']);
 		$index_path = reset_path($_SERVER['SCRIPT_FILENAME']);
 		$app_path = substr($index_path,0,strrpos($index_path,'/'));
 		$index = substr($index_path,1+strrpos($index_path,'/'));
 	}
-
 	$webRoot = str_replace($self_file,'',$app_path.$index).'/';
 	if (substr($webRoot,-(strlen($index)+1)) == $index.'/') {//解决部分主机不兼容问题
 		$webRoot = reset_path($_SERVER['DOCUMENT_ROOT']).'/';

config/version.php

@@ -1,2 +1,2 @@
 <?php
-define('KOD_VERSION','4.23');
+define('KOD_VERSION','4.24');