PickCandy/web-discuz
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

First commit

Browse Source
This commit is contained in:
UnknownMp
2025-06-18 10:24:27 +08:00
commit ebc39cd5dd
3873 changed files with 412712 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

267
source/class/filesock/filesock_base.php Normal file
View File

@@ -0,0 +1,267 @@
<?php
/**
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*/
if(!defined('IN_DISCUZ')) {
exit('Access Denied');
}
class filesock_base {
public $url;
public $limit = 0;
public $method = '';
public $post = '';
public $cookie = '';
public $ip = '';
public $conntimeout = 5;
public $timeout = 15;
public $block = true;
public $encodetype = 'URLENCODE';
public $position = 0;
public $files = array();
public $unsafe = false;
public $useragent = '';
public $header = array();
public $rawdata = '';
public $returnbody = true;
public $failonerror = true;
public $errno = 0;
public $errstr = '';
public $filesockheader = '';
public $filesockbody = '';
public $scheme;
public $host;
public $port;
public $path;
public $safequery = true;
public $allowmultiip = false;
public $primaryip;
public $iplist;
public $verifypeer;
public function __construct($param = array()) {
global $_G;
$this->verifypeer = $_G['config']['security']['fsockopensafe']['verifypeer'];
if(!empty($param)) {
$this->set($param);
}
}
private function _query_safecheck($tmp) {
global $_G;
$this->primaryip = '';
if(!$tmp || empty($tmp['host'])) return false;
$isip = false;
if(filter_var(str_replace(array('[',']'), '', $tmp['host']), FILTER_VALIDATE_IP)) {
$isip = true;
}
if(isset($tmp['user']) || isset($tmp['pass'])) return false;
if(!$isip && strpbrk($tmp['host'], ':#?[]') !== false) return false;
if($this->ip) {
if(!(filter_var($this->ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false)) {
return false;
} elseif(filter_var($this->ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) !== false) {
$this->primaryip = '['.$this->ip.']';
} else {
$this->primaryip = $this->ip;
}
} elseif($isip) {
if(!(filter_var(str_replace(array('[',']'), '', $tmp['host']), FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false)) {
return false;
} else {
$this->primaryip = $tmp['host'];
}
}
if(!in_array(strtolower($tmp['scheme']), array('http', 'https'))) {
return false;
}
$config = $_G['config']['security']['fsockopensafe'];
if(!empty($config['port']) && isset($tmp['port'])) {
if(isset($_SERVER['SERVER_PORT']) && !in_array($_SERVER['SERVER_PORT'], $config['port'])) {
$config['port'][] = $_SERVER['SERVER_PORT'];
}
if(!in_array($tmp['port'], $config['port'])) {
return false;
}
}
if(!isset($tmp['port'])) {
$tmp['port'] = strtolower($tmp['scheme']) == 'https' ? 443 : 80;
}
if($this->primaryip) {
return $tmp;
}
$this->_dns_query($tmp['host']);
if(!$this->primaryip) return false;
if(!$this->allowmultiip) {
$this->_connectivity_check($tmp['port']);
}
return $tmp;
}
private function _parse_url() {
$tmp = parse_url($this->url);
if(!$this->unsafe) {
$tmp = $this->_query_safecheck($tmp);
if($tmp === false) {
$this->safequery = false;
$this->scheme = '';
$this->host = '';
$this->path = '/';
$this->port = '80';
return;
}
} elseif($this->ip) {
if(filter_var($this->ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) !== false) {
$this->primaryip = '['.$this->ip.']';
} else {
$this->primaryip = $this->ip;
}
}
$this->scheme = $tmp['scheme'];
$this->host = $tmp['host'];
$this->path = !empty($tmp['path']) ? $tmp['path'].(empty($tmp['query']) ? '' : '?'.$tmp['query']) : '/';
$this->port = empty($tmp['port']) ? ($this->scheme == 'https' ? '443' : '80') : $tmp['port'];
}
private function _dns_query($host) {
global $_G;
if(!$host) {
return;
}
$config = $_G['config']['security']['fsockopensafe'];
$dnsresult = [[],[]];
$recordtype = 0;
$ipversion = is_array($config['ipversion']) ? $config['ipversion'] : array('ipv6', 'ipv4');
if(in_array('ipv4', $ipversion)) {
$recordtype += DNS_A;
}
if(in_array('ipv6', $ipversion)) {
$recordtype += DNS_AAAA;
}
$dnsq = dns_get_record($host, $recordtype);
foreach($dnsq as $v) {
if($v['type'] == 'A' && filter_var($v['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) {
$dnsresult[0][] = $v['ip'];
} elseif($v['type'] == 'AAAA' && filter_var($v['ipv6'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) {
$dnsresult[1][] = $v['ipv6'];
}
}
$this->iplist = $dnsresult;
$this->primaryip = '';
if(!empty($dnsresult[0])) {
$this->primaryip = $dnsresult[0][0];
} elseif(!empty($dnsresult[1])) {
$this->primaryip = '['.$dnsresult[1][0].']';
}
}
private function _connectivity_check($port) {
foreach($this->iplist[1] as $v) {
if($this->_ipcheck('['.$v.']', $port)) {
$this->primaryip = '['.$v.']';
return;
}
}
foreach($this->iplist[0] as $v) {
if($this->_ipcheck($v, $port)) {
$this->primaryip = $v;
return;
}
}
}
private function _ipcheck($ip, $port) {
$errstr = '';
$ch = fsocketopen($ip, $port, $errno, $errstr, 0.6);
if(!$ch) {
return false;
} else {
fclose($ch);
return true;
}
}
private function _format_postkey($post, &$result, $key = '') {
foreach($post as $k => $v) {
$_k = $key ? $key.'['.$k.']' : $k;
if(is_array($v)) {
$this->_format_postkey($v, $result, $_k);
} else {
$result[$_k] = $v;
}
}
}
private function _format_encodetype() {
if($this->encodetype === 'URLENCODE') {
$this->encodetype = 'application/x-www-form-urlencoded';
} elseif($this->encodetype === 'FORMDATA') {
$this->encodetype = 'multipart/form-data';
} elseif($this->encodetype === 'JSON') {
$this->encodetype = 'application/json';
}
}
private function _detect_method() {
if($this->post || $this->files) {
$this->method = 'POST';
} else {
$this->method = 'GET';
}
}
public function set($param) {
if(is_string($param)) {
$param = array('url' => $param);
}
foreach($param as $key => $value) {
if(property_exists($this, $key)) {
$this->$key = $value;
}
}
}
public function request($param = array()) {
if(!empty($param)) {
$this->set($param);
}
$this->_parse_url();
$this->_format_encodetype();
if(!$this->useragent) {
$this->useragent = $_SERVER['HTTP_USER_AGENT'];
}
if(!$this->method) {
$this->_detect_method();
}
if($this->post) {
if(!is_array($this->post)) {
parse_str($this->post, $this->post);
}
$this->_format_postkey($this->post, $postnew);
$this->post = $postnew;
}
}
public function get($param = array()) {
$this->method = 'GET';
return $this->request($param);
}
public function post($param = array()) {
$this->method = 'POST';
return $this->request($param);
}
public function head($param = array()) {
$this->method = 'HEAD';
return $this->request($param);
}
public function patch($param = array()) {
$this->method = 'PATCH';
return $this->request($param);
}
public function put($param = array()) {
$this->method = 'PUT';
return $this->request($param);
}
public function delete($param = array()) {
$this->method = 'DELETE';
return $this->request($param);
}
}

128
source/class/filesock/filesock_curl.php Normal file
View File

@@ -0,0 +1,128 @@
<?php
/**
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*/
if(!defined('IN_DISCUZ')) {
exit('Access Denied');
}
class filesock_curl extends filesock_base {
public $curlstatus;
public function __construct($param = array()) {
parent::__construct($param);
if(version_compare(PHP_VERSION, '7.2', '>=')) {
$this->allowmultiip = true;
}
}
public function request($param = array()) {
parent::request($param);
if(!$this->safequery) {
return '';
}
$ch = curl_init();
$headerlist = $httpheader = array();
if($this->primaryip) {
$headerlist['Host'] = $this->host;
}
$headerlist['User-Agent'] = $this->useragent;
if($this->primaryip) {
if($this->allowmultiip && $this->iplist) {
$iplist = array();
foreach($this->iplist[1] as $v) {
$iplist[] = '['.$v.']';
}
foreach($this->iplist[0] as $v) {
$iplist[] = $v;
}
curl_setopt($ch, CURLOPT_RESOLVE, array($this->host.':'.$this->port.':'.implode(',', $iplist)));
} else {
curl_setopt($ch, CURLOPT_RESOLVE, array($this->host.':'.$this->port.':'.$this->primaryip));
}
}
curl_setopt($ch, CURLOPT_URL, $this->scheme.'://'.$this->host.($this->port ? ':'.$this->port : '').$this->path);
if($this->scheme == 'https') {
if($this->verifypeer) {
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
if(is_string($this->verifypeer)) {
curl_setopt($ch, CURLOPT_CAINFO, $this->verifypeer);
}
} else {
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
}
}
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_FAILONERROR, $this->failonerror);
$usetmpfile = false;
if($this->method == 'POST') {
curl_setopt($ch, CURLOPT_POST, 1);
if($this->encodetype == 'application/x-www-form-urlencoded') {
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($this->post));
} elseif($this->encodetype == 'multipart/form-data') {
foreach($this->post as $k => $v) {
if(isset($this->files[$k])) {
$usetmpfile = true;
$tmpnam = tempnam(DISCUZ_ROOT.'./data/attachment/temp', 'cU');
file_put_contents($tmpnam, $v);
$this->post[$k] = curl_file_create($tmpnam, 'application/octet-stream', $this->files[$k]);
}
}
foreach($this->files as $k => $file) {
if(!isset($this->post[$k]) && file_exists($file)) {
$this->post[$k] = curl_file_create($file);
}
}
curl_setopt($ch, CURLOPT_POSTFIELDS, $this->post);
} else {
$headerlist['Content-Type'] = $this->encodetype;
curl_setopt($ch, CURLOPT_POSTFIELDS, $this->rawdata);
}
} elseif(!in_array($this->method, array('GET', 'HEAD')) && $this->rawdata) {
$headerlist['Content-Type'] = $this->encodetype;
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $this->method);
curl_setopt($ch, CURLOPT_POSTFIELDS, $this->rawdata);
} elseif($this->method != 'GET') {
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $this->method);
}
if($this->header) {
foreach($this->header as $k => $v) {
$headerlist[$k] = $v;
}
}
foreach($headerlist as $k => $v) {
$httpheader[] = $k.': '.$v;
}
curl_setopt($ch, CURLOPT_HTTPHEADER, $httpheader);
if($this->cookie) {
curl_setopt($ch, CURLOPT_COOKIE, $this->cookie);
}
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $this->conntimeout);
curl_setopt($ch, CURLOPT_TIMEOUT, $this->timeout);
$data = curl_exec($ch);
$this->curlstatus = curl_getinfo($ch);
$this->errno = curl_errno($ch);
$this->errstr = curl_error($ch);
curl_close($ch);
if($usetmpfile && $dh = opendir(DISCUZ_ROOT.'./data/attachment/temp')) {
while(($fil = readdir($dh)) !== false) {
if(substr($fil, 0, 2) == 'cU') {
unlink(DISCUZ_ROOT.'./data/attachment/temp/'.$fil);
}
}
closedir($dh);
}
$GLOBALS['filesockheader'] = $this->filesockheader = substr($data, 0, $this->curlstatus['header_size']);
$data = substr($data, $this->curlstatus['header_size'] + $this->position);
$this->filesockbody = !$this->limit ? $data : substr($data, 0, $this->limit);
if(!$this->returnbody || $this->errno) {
return;
} else {
return $this->filesockbody;
}
}
}

183
source/class/filesock/filesock_stream.php Normal file
View File

@@ -0,0 +1,183 @@
<?php
/**
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*/
if(!defined('IN_DISCUZ')) {
exit('Access Denied');
}
class filesock_stream extends filesock_base {
public function request($param = array()) {
parent::request($param);
if(!$this->safequery) {
return '';
}
$boundary = $this->encodetype == 'application/x-www-form-urlencoded' ? '' : '----WebKitFormBoundary'.random(16);
$header = '';
$headerlist = array();
$headerlist['Accept'] = '*/*';
$headerlist['Accept-Language'] = 'zh-CN';
$headerlist['User-Agent'] = $this->useragent;
$headerlist['Host'] = $this->host.':'.$this->port;
$headerlist['Connection'] = 'Close';
if($this->method == 'POST') {
if($this->encodetype == 'application/x-www-form-urlencoded') {
$data = http_build_query($this->post);
} elseif($this->encodetype == 'multipart/form-data') {
$data = '';
foreach($this->post as $k => $v) {
$data .= "--$boundary\r\n";
$data .= 'Content-Disposition: form-data; name="'.$k.'"'.(isset($this->files[$k]) ? '; filename="'.basename($this->files[$k])."\"\r\n".'Content-Type: application/octet-stream' : '')."\r\n\r\n";
$data .= $v."\r\n";
}
foreach($this->files as $k => $file) {
if(!isset($this->post[$k]) && file_exists($file)) {
if($fp = @fopen($file, 'r')) {
$v = fread($fp, filesize($file));
fclose($fp);
$data .= "--$boundary\r\n";
$data .= 'Content-Disposition: form-data; name="'.$k.'"; filename="'.basename($file)."\"\r\n".'Content-Type: application/octet-stream'."\r\n\r\n";
$data .= $v."\r\n";
}
}
}
$data .= "--$boundary--\r\n";
} else {
$data = $this->rawdata;
}
if($this->encodetype == 'multipart/form-data') {
$headerlist['Content-Type'] = 'multipart/form-data; boundary='.$boundary;
} else {
$headerlist['Content-Type'] = $this->encodetype;
}
$headerlist['Content-Length'] = strlen($data);
$headerlist['Cache-Control'] = 'no-cache';
} elseif(!in_array($this->method, array('GET', 'HEAD')) && $this->rawdata) {
$data = $this->rawdata;
$headerlist['Content-Type'] = $this->encodetype;
$headerlist['Content-Length'] = strlen($data);
$headerlist['Cache-Control'] = 'no-cache';
}
$out = $this->method.' '.$this->path." HTTP/1.0\r\n";
if($this->header) {
foreach($this->header as $k => $v) {
$headerlist[$k] = $v;
}
}
if($this->cookie) {
$headerlist['Cookie'] = $this->cookie;
}
$header = $this->_build_header($headerlist);
$out .= $header;
if(isset($data) && $data) {
$out .= $data;
}
$fpflag = 0;
$context = array();
if($this->scheme == 'https') {
$context['ssl'] = array(
'verify_peer' => false,
'verify_peer_name' => false,
'peer_name' => $this->host,
);
if($this->verifypeer) {
$context['ssl']['verify_peer'] = true;
$context['ssl']['verify_peer_name'] = true;
$context['ssl']['allow_self_signed'] = false;
if(is_string($this->verifypeer)) {
$context['ssl']['cafile'] = $this->verifypeer;
}
}
}
if(ini_get('allow_url_fopen')) {
$context['http'] = array(
'method' => $this->method,
'header' => $header,
'timeout' => $this->conntimeout,
'ignore_errors' => !$this->failonerror,
);
if(isset($data)) {
$context['http']['content'] = $data;
}
$context = stream_context_create($context);
$errno = 0;
$errstr = '';
set_error_handler(function($eno, $est) use (&$errno, &$errstr) {
$errno = $eno;
$errstr = $est;
return true;
});
$fp = @fopen($this->scheme.'://'.($this->primaryip ? $this->primaryip : $this->host).':'.$this->port.$this->path, 'b', false, $context);
$fpflag = 1;
restore_error_handler();
} elseif(function_exists('stream_socket_client')) {
$context = stream_context_create($context);
$fp = @stream_socket_client(($this->scheme == 'https' ? 'ssl://' : '').($this->primaryip ? $this->primaryip : $this->host).':'.$this->port, $errno, $errstr, $this->conntimeout, STREAM_CLIENT_CONNECT, $context);
} else {
$fp = @fsocketopen(($this->scheme == 'https' ? 'ssl://' : '').($this->scheme == 'https' ? $this->host : ($this->ip ? $this->ip : $this->host)), $this->port, $errno, $errstr, $this->conntimeout);
}
if(!$fp) {
$this->errno = $errno;
$this->errstr = $errstr;
return;
} else {
stream_set_blocking($fp, $this->block);
stream_set_timeout($fp, $this->timeout);
if(!$fpflag) {
@fwrite($fp, $out);
}
$status = stream_get_meta_data($fp);
if(!$status['timed_out']) {
$headers = '';
if($fpflag) {
$headers = implode("\r\n", $http_response_header)."\r\n\r\n";
} else {
while(!feof($fp) && !$fpflag) {
$header = @fgets($fp);
$headers .= $header;
if($this->failonerror && $header && substr($header, 0, 6) == 'HTTP/1' && intval(substr($header, 9, 3)) > 400) {
$this->errno = 2;
$this->errstr = 'Failed to open stream: HTTP request failed! '.$header;
return;
}
if($header && ($header == "\r\n" || $header == "\n")) {
break;
}
}
}
$GLOBALS['filesockheader'] = $this->filesockheader = $headers;
if($this->position) {
for($i=0; $i<$this->position; $i++) {
fgetc($fp);
}
}
if($this->limit) {
$return = stream_get_contents($fp, $this->limit);
} else {
$return = stream_get_contents($fp);
}
}
@fclose($fp);
$this->filesockbody = $return;
if($this->returnbody) {
return $return;
} else {
return;
}
}
}
private function _build_header($param) {
$output = '';
foreach($param as $k => $v) {
$output .= $k.': '.$v."\r\n";
}
return $output."\r\n";
}
}

0
source/class/filesock/index.htm Normal file
View File