Skip to content

Commit

Permalink
Merge pull request typecho#210 from shingchi/master
Browse files Browse the repository at this point in the history 
安装文件漏掉括号和参数错误
  • Loading branch information
@joyqi
joyqi committed Mar 19, 2014
2 parents de41a3e + 608a3c4 commit db5f841
Show file tree
Hide file tree
Showing 3 changed files with 58 additions and 25 deletions.
30 changes: 15 additions & 15 deletions install.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,11 +62,11 @@

// 挡掉可能的跨站请求
if (!empty($_GET) || !empty($_POST)) {
if (empty($_SERVER['HTTP_REFERER')) {
if (empty($_SERVER['HTTP_REFERER'])) {
exit;
}

$parts = parse_url($_SERVER);
$parts = parse_url($_SERVER['HTTP_REFERER']);
if (empty($parts['host']) || $_SERVER['HTTP_HOST'] != $parts['host']) {
exit;
}
Expand All @@ -86,18 +86,18 @@ function _r($name, $default = NULL) {

/**
* 获取多个传递参数
*
*
* @return array
*/
function _rFrom() {
$result = array();
$params = func_get_args();

foreach ($params as $param) {
$result[$param] = isset($_REQUEST[$param]) ?
(is_array($_REQUEST[$param]) ? NULL : $_REQUEST[$param]) : NULL;
}

return $result;
}

Expand Down Expand Up @@ -215,7 +215,7 @@ function _u() {
<ul>
<?php
if (isset($_REQUEST['user']) && isset($_REQUEST['password'])) {
$loginUrl = _u() . '/index.php/action/login?name=' . urlencode(_r('user')) . '&password='
$loginUrl = _u() . '/index.php/action/login?name=' . urlencode(_r('user')) . '&password='
. urlencode(_r('password')) . '&referer=' . _u() . '/admin/index.php';
$loginUrl = Typecho_Widget::widget('Widget_Security')->getTokenUrl($loginUrl);
} else {
Expand Down Expand Up @@ -344,13 +344,13 @@ function _u() {

/** 初始用户 */
$password = empty($config['userPassword']) ? substr(uniqid(), 7) : $config['userPassword'];

$installDb->query($installDb->insert('table.users')->rows(array('name' => $config['userName'], 'password' => Typecho_Common::hash($password), 'mail' => $config['userMail'],
'url' => 'http://www.typecho.org', 'screenName' => $config['userName'], 'group' => 'administrator', 'created' => Typecho_Date::gmtTime())));

unset($_SESSION['typecho']);
Typecho_Cookie::delete('__typecho_config');
header('Location: ./install.php?finish&user=' . urlencode($config['userName'])
header('Location: ./install.php?finish&user=' . urlencode($config['userName'])
. '&password=' . urlencode($password));
} catch (Typecho_Db_Exception $e) {
$success = false;
Expand Down Expand Up @@ -387,7 +387,7 @@ function _u() {
header('Location: ./install.php?finish&use_old');
exit;
} else {
echo '<p class="message error">' . _t('安装程序检查到原有数据表已经存在.')
echo '<p class="message error">' . _t('安装程序检查到原有数据表已经存在.')
. '<br /><br />' . '<button type="submit" name="delete" value="1" class="btn btn-warn">' . _t('删除原有数据') . '</button> '
. _t('或者') . ' <button type="submit" name="goahead" value="1" class="btn primary">' . _t('使用原有数据') . '</button></p>';
}
Expand Down Expand Up @@ -420,7 +420,7 @@ function _u() {
<?php
if ('config' == _r('action')) {
$success = true;

if (_r('created') && !file_exists('./config.inc.php')) {
echo '<p class="message error">' . _t('没有检测到您手动创建的配置文件, 请检查后再次创建') . '</p>';
$success = false;
Expand Down Expand Up @@ -456,7 +456,7 @@ function _u() {
$replace = array_keys($dbConfig);
foreach ($replace as &$key) {
$key = '{' . $key . '}';
}
}

$config = str_replace($replace, array_values($dbConfig), _r('config'));
}
Expand All @@ -471,11 +471,11 @@ function _u() {
$installDb->query('SELECT 1=1');
} catch (Typecho_Db_Adapter_Exception $e) {
$success = false;
echo '<p class="message error">'
echo '<p class="message error">'
. _t('对不起,无法连接数据库,请先检查数据库配置再继续进行安装') . '</p>';
} catch (Typecho_Db_Exception $e) {
$success = false;
echo '<p class="message error">'
echo '<p class="message error">'
. _t('安装程序捕捉到以下错误: " %s ". 程序被终止, 请检查您的配置信息.',$e->getMessage()) . '</p>';
}
}
Expand Down Expand Up @@ -510,15 +510,15 @@ function _u() {

// 创建一个用于标识的临时文件
$_SESSION['typecho'] = 1;

if (!file_exists('./config.inc.php')) {
?>
<div class="message notice"><p><?php _e('安装程序无法自动创建 <strong>config.inc.php</strong> 文件'); ?><br />
<?php _e('您可以在网站根目录下手动创建 <strong>config.inc.php</strong> 文件, 并复制如下代码至其中'); ?></p>
<p><textarea rows="5" onmouseover="this.select();" class="w-100 mono" readonly><?php echo htmlspecialchars($contents); ?></textarea></p>
<p><button name="created" value="1" type="submit" class="btn primary">创建完毕, 继续安装 &raquo;</button></p></div>
<?php
} else {
} else {
header('Location: ./install.php?start');
exit;
}
Expand Down
21 changes: 19 additions & 2 deletions var/Widget/Abstract/Contents.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,9 +149,26 @@ protected function ___content()
protected function ___summary()
{
$content = $this->content;
$parts = preg_split("/<\/\s*(?:p|blockquote|q|pre)\s*>/i", $content, 2);
$parts = preg_split("/<\/\s*(?:p|blockquote|q|pre|table)\s*>/i", $content, 2);
if (!empty($parts)) {
$content = $parts[0] . '</p>';
preg_match("/<\s*(?:p|blockquote|q|pre|table)\s*>/i", $parts[0], $tags);
switch ($tags[0]) {
case '<pre>':
$content = $parts[0] . '</pre>';
break;
case '<blockquote>':
$content = $parts[0] . '</blockquote>';
break;
case '<q>':
$content = $parts[0] . '</q>';
break;
case '<table>':
$content = $parts[0] . '</table>';
break;
default:
$content = $parts[0] . '</p>';
break;
}
}

return $content;
Expand Down
32 changes: 24 additions & 8 deletions var/Widget/Archive.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1504,11 +1504,12 @@ public function attachments($limit = 0, $offset = 0)
* 显示下一个内容的标题链接
*
* @access public
* @param string $format 格式
* @param string $wrod 链接文字
* @param string $class 类选择器
* @param string $default 如果没有下一篇,显示的默认文字
* @return void
*/
public function theNext($format = '%s', $default = NULL)
public function theNext($word = NULL, $class = NULL, $default = NULL)
{
$content = $this->db->fetchRow($this->select()->where('table.contents.created > ? AND table.contents.created < ?',
$this->created, $this->options->gmtTime)
Expand All @@ -1520,8 +1521,15 @@ public function theNext($format = '%s', $default = NULL)

if ($content) {
$content = $this->filter($content);
$link = '<a href="' . $content['permalink'] . '" title="' . $content['title'] . '">' . $content['title'] . '</a>';
printf($format, $link);

if ($word != NULL) {
$class = $class ? ' class="' . $class . '"' : '';
$link = '<a' . $class . ' href="' . $content['permalink'] . '" title="' . $content['title'] . '">' . $word . '</a>';
echo $link;
} else {
$link = '<a href="' . $content['permalink'] . '" title="' . $content['title'] . '">' . $content['title'] . '</a>';
printf('%s', $link);
}
} else {
echo $default;
}
Expand All @@ -1531,11 +1539,12 @@ public function theNext($format = '%s', $default = NULL)
* 显示上一个内容的标题链接
*
* @access public
* @param string $format 格式
* @param string $wrod 链接文字
* @param string $class 类选择器
* @param string $default 如果没有上一篇,显示的默认文字
* @return void
*/
public function thePrev($format = '%s', $default = NULL)
public function thePrev($word = NULL, $class = NULL, $default = NULL)
{
$content = $this->db->fetchRow($this->select()->where('table.contents.created < ?', $this->created)
->where('table.contents.status = ?', 'publish')
Expand All @@ -1546,8 +1555,15 @@ public function thePrev($format = '%s', $default = NULL)

if ($content) {
$content = $this->filter($content);
$link = '<a href="' . $content['permalink'] . '" title="' . $content['title'] . '">' . $content['title'] . '</a>';
printf($format, $link);

if ($word != NULL) {
$class = $class ? ' class="' . $class . '"' : '';
$link = '<a' . $class . ' href="' . $content['permalink'] . '" title="' . $content['title'] . '">' . $word . '</a>';
echo $link;
} else {
$link = '<a href="' . $content['permalink'] . '" title="' . $content['title'] . '">' . $content['title'] . '</a>';
printf('%s', $link);
}
} else {
echo $default;
}
Expand Down

0 comments on commit db5f841

Please sign in to comment.