From cd87ca9ad14d26fce38f542b8ef726d1d1f5cf07 Mon Sep 17 00:00:00 2001 From: rainbowsoft Date: Thu, 5 Dec 2024 15:31:57 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=AD=A3=E4=BA=86trim=E6=8A=A5?= =?UTF-8?q?=E9=94=99=E7=9A=84=E9=97=AE=E9=A2=98;=E4=BF=AE=E6=AD=A3?= =?UTF-8?q?=E4=BA=868.4=E4=B8=8BE=5FSTRICT=E6=8A=A5=E9=94=99=E7=9A=84?= =?UTF-8?q?=E9=97=AE=E9=A2=98;?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- readme.md | 4 +-- readme.txt | 4 +-- zb_install/index.php | 44 +++++++++++++-------------- zb_system/api/comment.php | 2 +- zb_system/api/member.php | 6 ++-- zb_system/api/post.php | 2 +- zb_system/function/c_system_api.php | 2 +- zb_system/function/c_system_debug.php | 2 +- zb_system/function/c_system_event.php | 4 +-- zb_system/function/c_system_misc.php | 2 +- zb_system/function/lib/zblogphp.php | 4 +-- 11 files changed, 38 insertions(+), 38 deletions(-) diff --git a/readme.md b/readme.md index fa76a6298..81751f8e0 100644 --- a/readme.md +++ b/readme.md @@ -2,7 +2,7 @@ Z-BlogPHP ============= -Z-BlogPHP 是由 Z-Blog 社区提供的博客程序,一直致力于给国内用户提供优秀的博客写作体验。从 2005 年起发布第一版,至今已有 18 年的历史,是目前国内为数不多的持续提供更新的开源 CMS 系统之一。 +Z-BlogPHP 是由 Z-Blog 社区提供的博客程序,一直致力于给国内用户提供优秀的博客写作体验。从 2005 年起发布第一版,至今已有 20 年的历史,是目前国内为数不多的持续提供更新的开源 CMS 系统之一。 我们的目标是使用户沉浸于写作、记录生活,不需要关注繁琐的设置等,让用户专注于创作。对于用户而言,它简单易用,体积小,速度快,支持数据量大。对开发者而言,它又有着强大的可定制性、丰富的插件接口和精美的主题模板。 @@ -30,7 +30,7 @@ For security vulnerabilities, please contact us via ``contact#rainbowsoft.org`` ## 运行环境 - Windows / Linux / macOS and so on... - IIS / Apache / nginx / Lighttpd / Kangle / Tengine / Caddy and so on... -- PHP 5.2 - 8.2 +- PHP 5.2 - 8.4 - MySQL 5+ / MariaDB 10+ / SQLite 3 / PostgreSQL ## 安装说明 diff --git a/readme.txt b/readme.txt index ae01522cf..d6835cdd0 100644 --- a/readme.txt +++ b/readme.txt @@ -1,4 +1,4 @@ -Z-BlogPHP 是由 Z-Blog 社区提供的博客程序,一直致力于给国内用户提供优秀的博客写作体验。从 2005 年起发布第一版,至今已有 18 年的历史,是目前国内为数不多的持续提供更新的开源 CMS 系统之一。我们的目标是使用户沉浸于写作、记录生活,不需要关注繁琐的设置等,让用户专注于创作。对于用户而言,它简单易用,体积小,速度快,支持数据量大。对开发者而言,它又有着强大的可定制性、丰富的插件接口和独立的主题模板。期待 Z-BlogPHP 能成为您写博客的上佳选择。 +Z-BlogPHP 是由 Z-Blog 社区提供的博客程序,一直致力于给国内用户提供优秀的博客写作体验。从 2005 年起发布第一版,至今已有 20 年的历史,是目前国内为数不多的持续提供更新的开源 CMS 系统之一。我们的目标是使用户沉浸于写作、记录生活,不需要关注繁琐的设置等,让用户专注于创作。对于用户而言,它简单易用,体积小,速度快,支持数据量大。对开发者而言,它又有着强大的可定制性、丰富的插件接口和独立的主题模板。期待 Z-BlogPHP 能成为您写博客的上佳选择。 GitHub: https://github.com/zblogcn/zblogphp @@ -20,7 +20,7 @@ https://www.zblogcn.com/disclaimer/ 运行环境 ============================= - Web Server: IIS / Apache / nginx / Lighttpd / Kangle / Tengine / Caddy and so on... -- PHP 5.2 - 8.2 / HHVM 3 +- PHP 5.2 - 8.4 / HHVM 3 - MySQL 5+ / MariaDB 10+ / SQLite 3 / PostgreSQL ============================= diff --git a/zb_install/index.php b/zb_install/index.php index dbfab1250..3248f7b4b 100644 --- a/zb_install/index.php +++ b/zb_install/index.php @@ -932,7 +932,7 @@ function Setup4()
option['ZC_DATABASE_TYPE'] = GetVars('dbtype', 'POST'); + $zbp->option['ZC_DATABASE_TYPE'] = GetVars('dbtype', 'POST', ''); $cts = ''; @@ -941,7 +941,7 @@ function Setup4() case 'mysqli': case 'pdo_mysql': $cts = file_get_contents($GLOBALS['blogpath'] . 'zb_system/defend/createtable/mysql.sql'); - $zbp->option['ZC_MYSQL_SERVER'] = GetVars('dbmysql_server', 'POST'); + $zbp->option['ZC_MYSQL_SERVER'] = GetVars('dbmysql_server', 'POST', ''); if (strpos($zbp->option['ZC_MYSQL_SERVER'], ':') !== false) { $servers = explode(':', $zbp->option['ZC_MYSQL_SERVER']); $zbp->option['ZC_MYSQL_SERVER'] = trim($servers[0]); @@ -952,16 +952,16 @@ function Setup4() unset($servers); } - //$zbp->option['ZC_MYSQL_CHARSET'] = GetVars('dbcharset', 'POST'); - $zbp->option['ZC_MYSQL_USERNAME'] = trim(GetVars('dbmysql_username', 'POST')); - $zbp->option['ZC_MYSQL_PASSWORD'] = trim(GetVars('dbmysql_password', 'POST')); - $zbp->option['ZC_MYSQL_NAME'] = trim(str_replace(array('\'', '"'), array('', ''), GetVars('dbmysql_name', 'POST'))); - $zbp->option['ZC_MYSQL_PRE'] = trim(str_replace(array('\'', '"'), array('', ''), GetVars('dbmysql_pre', 'POST'))); + //$zbp->option['ZC_MYSQL_CHARSET'] = GetVars('dbcharset', 'POST', ''); + $zbp->option['ZC_MYSQL_USERNAME'] = trim(GetVars('dbmysql_username', 'POST', '')); + $zbp->option['ZC_MYSQL_PASSWORD'] = trim(GetVars('dbmysql_password', 'POST', '')); + $zbp->option['ZC_MYSQL_NAME'] = trim(str_replace(array('\'', '"'), array('', ''), GetVars('dbmysql_name', 'POST', ''))); + $zbp->option['ZC_MYSQL_PRE'] = trim(str_replace(array('\'', '"'), array('', ''), GetVars('dbmysql_pre', 'POST', ''))); if ($zbp->option['ZC_MYSQL_PRE'] == '') { $zbp->option['ZC_MYSQL_PRE'] = 'zbp_'; } - $zbp->option['ZC_MYSQL_ENGINE'] = GetVars('dbengine', 'POST'); + $zbp->option['ZC_MYSQL_ENGINE'] = GetVars('dbengine', 'POST', ''); $cts = str_replace('MyISAM', $zbp->option['ZC_MYSQL_ENGINE'], $cts); if (!(isset($zbp->option['ZC_INSTALL_AFTER_CONFIG']) && $zbp->option['ZC_INSTALL_AFTER_CONFIG'] == true)) { @@ -977,8 +977,8 @@ function Setup4() case 'sqlite': $cts = file_get_contents($GLOBALS['blogpath'] . 'zb_system/defend/createtable/sqlite.sql'); $cts = str_replace(' autoincrement', '', $cts); - $zbp->option['ZC_SQLITE_NAME'] = trim(GetVars('dbsqlite_name', 'POST')); - $zbp->option['ZC_SQLITE_PRE'] = trim(GetVars('dbsqlite_pre', 'POST')); + $zbp->option['ZC_SQLITE_NAME'] = trim(GetVars('dbsqlite_name', 'POST', '')); + $zbp->option['ZC_SQLITE_PRE'] = trim(GetVars('dbsqlite_pre', 'POST', '')); if ($zbp->option['ZC_SQLITE_PRE'] == '') { $zbp->option['ZC_SQLITE_PRE'] = 'zbp_'; } @@ -986,8 +986,8 @@ function Setup4() case 'sqlite3': case 'pdo_sqlite': $cts = file_get_contents($GLOBALS['blogpath'] . 'zb_system/defend/createtable/sqlite.sql'); - $zbp->option['ZC_SQLITE_NAME'] = trim(GetVars('dbsqlite_name', 'POST')); - $zbp->option['ZC_SQLITE_PRE'] = trim(GetVars('dbsqlite_pre', 'POST')); + $zbp->option['ZC_SQLITE_NAME'] = trim(GetVars('dbsqlite_name', 'POST', '')); + $zbp->option['ZC_SQLITE_PRE'] = trim(GetVars('dbsqlite_pre', 'POST', '')); if ($zbp->option['ZC_SQLITE_PRE'] == '') { $zbp->option['ZC_SQLITE_PRE'] = 'zbp_'; } @@ -995,7 +995,7 @@ function Setup4() case 'postgresql': case 'pdo_postgresql': $cts = file_get_contents($GLOBALS['blogpath'] . 'zb_system/defend/createtable/pgsql.sql'); - $zbp->option['ZC_PGSQL_SERVER'] = GetVars('dbpgsql_server', 'POST'); + $zbp->option['ZC_PGSQL_SERVER'] = GetVars('dbpgsql_server', 'POST', ''); if (strpos($zbp->option['ZC_PGSQL_SERVER'], ':') !== false) { $servers = explode(':', $zbp->option['ZC_PGSQL_SERVER']); $zbp->option['ZC_PGSQL_SERVER'] = trim($servers[0]); @@ -1007,10 +1007,10 @@ function Setup4() unset($servers); } $zbp->option['ZC_PGSQL_CHARSET'] = 'utf8'; - $zbp->option['ZC_PGSQL_USERNAME'] = trim(GetVars('dbpgsql_username', 'POST')); - $zbp->option['ZC_PGSQL_PASSWORD'] = trim(GetVars('dbpgsql_password', 'POST')); - $zbp->option['ZC_PGSQL_NAME'] = strtolower(trim(str_replace(array('\'', '"'), array('', ''), GetVars('dbpgsql_name', 'POST')))); - $zbp->option['ZC_PGSQL_PRE'] = trim(str_replace(array('\'', '"'), array('', ''), GetVars('dbpgsql_pre', 'POST'))); + $zbp->option['ZC_PGSQL_USERNAME'] = trim(GetVars('dbpgsql_username', 'POST', '')); + $zbp->option['ZC_PGSQL_PASSWORD'] = trim(GetVars('dbpgsql_password', 'POST', '')); + $zbp->option['ZC_PGSQL_NAME'] = strtolower(trim(str_replace(array('\'', '"'), array('', ''), GetVars('dbpgsql_name', 'POST', '')))); + $zbp->option['ZC_PGSQL_PRE'] = trim(str_replace(array('\'', '"'), array('', ''), GetVars('dbpgsql_pre', 'POST', ''))); if ($zbp->option['ZC_PGSQL_PRE'] == '') { $zbp->option['ZC_PGSQL_PRE'] == 'zbp_'; } @@ -1285,8 +1285,8 @@ function InsertInfo() $mem->Guid = $guid; $mem->Level = 1; - $mem->Name = GetVars('username', 'POST'); - $mem->Password = Member::GetPassWordByGuid(GetVars('password', 'POST'), $guid); + $mem->Name = GetVars('username', 'POST', ''); + $mem->Password = Member::GetPassWordByGuid(GetVars('password', 'POST', ''), $guid); $mem->IP = GetGuestIP(); $mem->PostTime = time(); @@ -1488,11 +1488,11 @@ function SaveConfig() global $zbp; $zbp->option['ZC_BLOG_VERSION'] = ZC_BLOG_VERSION; - $zbp->option['ZC_BLOG_NAME'] = GetVars('blogtitle', 'POST'); + $zbp->option['ZC_BLOG_NAME'] = GetVars('blogtitle', 'POST', ''); $zbp->option['ZC_USING_PLUGIN_LIST'] = 'AppCentre|UEditor|Totoro|LinksManage'; - $zbp->option['ZC_BLOG_THEME'] = SplitAndGet(GetVars('blogtheme', 'POST'), '|', 0); - $zbp->option['ZC_BLOG_CSS'] = SplitAndGet(GetVars('blogtheme', 'POST'), '|', 1); + $zbp->option['ZC_BLOG_THEME'] = SplitAndGet(GetVars('blogtheme', 'POST', ''), '|', 0); + $zbp->option['ZC_BLOG_CSS'] = SplitAndGet(GetVars('blogtheme', 'POST', ''), '|', 1); $zbp->option['ZC_DEBUG_MODE'] = false; $zbp->option['ZC_LAST_VERSION'] = ZC_LAST_VERSION; $zbp->option['ZC_NOW_VERSION'] = $zbp->version; diff --git a/zb_system/api/comment.php b/zb_system/api/comment.php index 3880eccbb..ad600404d 100644 --- a/zb_system/api/comment.php +++ b/zb_system/api/comment.php @@ -144,7 +144,7 @@ function api_comment_list() { global $zbp; - $mng = (int) trim(GetVars('manage')); //&manage=1 + $mng = (int) trim(GetVars('manage', '', '')); //&manage=1 $postId = (int) GetVars('post_id'); $authId = (int) GetVars('auth_id'); $ischecking = (int) GetVars('ischecking'); diff --git a/zb_system/api/member.php b/zb_system/api/member.php index e4e58559c..96dcbe302 100644 --- a/zb_system/api/member.php +++ b/zb_system/api/member.php @@ -24,15 +24,15 @@ function api_member_login() $member = null; - $password = trim(GetVars('password', 'POST')); + $password = trim(GetVars('password', 'POST', '')); $verify_ret = false; if ((bool) preg_match("/^[a-z0-9]{32}$/", $password) === true) { // 如果格式是 md5,优先直接验证(只是大概猜测是 md5,不保证是,所以如果失败会在下面重新验) - $verify_ret = $zbp->Verify_MD5(trim(GetVars('username', 'POST')), $password, $member); + $verify_ret = $zbp->Verify_MD5(trim(GetVars('username', 'POST', '')), $password, $member); } if ($verify_ret === false) { // 如果直接验证失败,或者没有验证,再接着验证 - $verify_ret = $zbp->Verify_MD5(trim(GetVars('username', 'POST')), md5($password), $member); + $verify_ret = $zbp->Verify_MD5(trim(GetVars('username', 'POST', '')), md5($password), $member); } if ($verify_ret) { diff --git a/zb_system/api/post.php b/zb_system/api/post.php index faad7d67d..7681a9e2c 100644 --- a/zb_system/api/post.php +++ b/zb_system/api/post.php @@ -219,7 +219,7 @@ function api_post_list() $tagId = (int) GetVars('tag_id'); $authId = (int) GetVars('auth_id'); $date = GetVars('date'); - $mng = (int) trim(GetVars('manage')); //&manage=1 + $mng = (int) trim(GetVars('manage', '', '')); //&manage=1 $type = (int) GetVars('type'); $actions = $zbp->GetPostType($type, 'actions'); $search = (string) GetVars('search'); diff --git a/zb_system/function/c_system_api.php b/zb_system/function/c_system_api.php index f91872221..fb9984726 100644 --- a/zb_system/function/c_system_api.php +++ b/zb_system/function/c_system_api.php @@ -656,7 +656,7 @@ function ApiGetPagebarInfo($option = null) */ function ApiGetAndFilterRelationQuery($info) { - $relations_req = trim(GetVars('with_relations')); + $relations_req = trim(GetVars('with_relations', '', '')); if (empty($relations_req)) { return array(); diff --git a/zb_system/function/c_system_debug.php b/zb_system/function/c_system_debug.php index 121881cf5..b391773a7 100644 --- a/zb_system/function/c_system_debug.php +++ b/zb_system/function/c_system_debug.php @@ -78,7 +78,7 @@ function Debug_IgnoreError($errno) } } if (ZbpErrorControl::$isstrict == false) { - if ($errno == E_STRICT) { + if (PHP_VERSION_ID < 80400 && defined('E_STRICT') && $errno == constant("E_STRICT")) { return true; } diff --git a/zb_system/function/c_system_event.php b/zb_system/function/c_system_event.php index a0a8c73b2..979ea5f54 100644 --- a/zb_system/function/c_system_event.php +++ b/zb_system/function/c_system_event.php @@ -39,7 +39,7 @@ function VerifyLogin($throwException = true, $ignoreValidCode = true, $ignoreCsr /* @var Member $m */ $m = null; - if ($zbp->Verify_MD5(trim(GetVars('username', 'POST')), trim(GetVars('password', 'POST')), $m)) { + if ($zbp->Verify_MD5(trim(GetVars('username', 'POST', '')), trim(GetVars('password', 'POST', '')), $m)) { $zbp->user = $m; $zbp->islogin = true; $sd = (float) GetVars('savedate'); @@ -2224,7 +2224,7 @@ function SetSidebar() $optionName = $i === 1 ? 'ZC_SIDEBAR_ORDER' : "ZC_SIDEBAR{$i}_ORDER"; $formName = $i === 1 ? 'sidebar' : "sidebar{$i}"; if (isset($_POST[$formName])) { - $zbp->option[$optionName] = trim(GetVars($formName, 'POST'), '|'); + $zbp->option[$optionName] = trim(GetVars($formName, 'POST', ''), '|'); } } $zbp->SaveOption(); diff --git a/zb_system/function/c_system_misc.php b/zb_system/function/c_system_misc.php index 5d6f3d5fa..5aefec65e 100644 --- a/zb_system/function/c_system_misc.php +++ b/zb_system/function/c_system_misc.php @@ -536,7 +536,7 @@ function misc_php_zbp_info() echo ''; - $c = 'PHP_VERSION , PHP_VERSION_ID , PHP_OS , PHP_SAPI , PHP_EOL , PHP_INT_MAX , PHP_INT_SIZE , DEFAULT_INCLUDE_PATH , PEAR_INSTALL_DIR , PEAR_EXTENSION_DIR , PHP_EXTENSION_DIR , PHP_PREFIX , PHP_BINDIR , PHP_LIBDIR , PHP_DATADIR , PHP_SYSCONFDIR , PHP_LOCALSTATEDIR , PHP_CONFIG_FILE_PATH , PHP_CONFIG_FILE_SCAN_DIR , PHP_SHLIB_SUFFIX , PHP_OUTPUT_HANDLER_START , PHP_OUTPUT_HANDLER_CONT , PHP_OUTPUT_HANDLER_END , E_ERROR , E_WARNING , E_PARSE , E_NOTICE , E_CORE_ERROR , E_CORE_WARNING , E_COMPILE_ERROR , E_COMPILE_WARNING , E_USER_ERROR , E_USER_WARNING , E_USER_NOTICE , E_ALL , E_STRICT , __COMPILER_HALT_OFFSET__ , EXTR_OVERWRITE , EXTR_SKIP , EXTR_PREFIX_SAME , EXTR_PREFIX_ALL , EXTR_PREFIX_INVALID , EXTR_PREFIX_IF_EXISTS , EXTR_IF_EXISTS , SORT_ASC , SORT_DESC , SORT_REGULAR , SORT_NUMERIC , SORT_STRING , CASE_LOWER , CASE_UPPER , COUNT_NORMAL , COUNT_RECURSIVE , ASSERT_ACTIVE , ASSERT_CALLBACK , ASSERT_BAIL , ASSERT_WARNING , ASSERT_QUIET_EVAL , CONNECTION_ABORTED , CONNECTION_NORMAL , CONNECTION_TIMEOUT , INI_USER , INI_PERDIR , INI_SYSTEM , INI_ALL , M_E , M_LOG2E , M_LOG10E , M_LN2 , M_LN10 , M_PI , M_PI_2 , M_PI_4 , M_1_PI , M_2_PI , M_2_SQRTPI , M_SQRT2 , M_SQRT1_2 , CRYPT_SALT_LENGTH , CRYPT_STD_DES , CRYPT_EXT_DES , CRYPT_MD5 , CRYPT_BLOWFISH , DIRECTORY_SEPARATOR , SEEK_SET , SEEK_CUR , SEEK_END , LOCK_SH , LOCK_EX , LOCK_UN , LOCK_NB , HTML_SPECIALCHARS , HTML_ENTITIES , ENT_COMPAT , ENT_QUOTES , ENT_NOQUOTES , INFO_GENERAL , INFO_CREDITS , INFO_CONFIGURATION , INFO_MODULES , INFO_ENVIRONMENT , INFO_VARIABLES , INFO_LICENSE , INFO_ALL , CREDITS_GROUP , CREDITS_GENERAL , CREDITS_SAPI , CREDITS_MODULES , CREDITS_DOCS , CREDITS_FULLPAGE , CREDITS_QA , CREDITS_ALL , STR_PAD_LEFT , STR_PAD_RIGHT , STR_PAD_BOTH , PATHINFO_DIRNAME , PATHINFO_BASENAME , PATHINFO_EXTENSION , PATH_SEPARATOR , CHAR_MAX , LC_CTYPE , LC_NUMERIC , LC_TIME , LC_COLLATE , LC_MONETARY , LC_ALL , LC_MESSAGES , ABDAY_1 , ABDAY_2 , ABDAY_3 , ABDAY_4 , ABDAY_5 , ABDAY_6 , ABDAY_7 , DAY_1 , DAY_2 , DAY_3 , DAY_4 , DAY_5 , DAY_6 , DAY_7 , ABMON_1 , ABMON_2 , ABMON_3 , ABMON_4 , ABMON_5 , ABMON_6 , ABMON_7 , ABMON_8 , ABMON_9 , ABMON_10 , ABMON_11 , ABMON_12 , MON_1 , MON_2 , MON_3 , MON_4 , MON_5 , MON_6 , MON_7 , MON_8 , MON_9 , MON_10 , MON_11 , MON_12 , AM_STR , PM_STR , D_T_FMT , D_FMT , T_FMT , T_FMT_AMPM , ERA , ERA_YEAR , ERA_D_T_FMT , ERA_D_FMT , ERA_T_FMT , ALT_DIGITS , INT_CURR_SYMBOL , CURRENCY_SYMBOL , CRNCYSTR , MON_DECIMAL_POINT , MON_THOUSANDS_SEP , MON_GROUPING , POSITIVE_SIGN , NEGATIVE_SIGN , INT_FRAC_DIGITS , FRAC_DIGITS , P_CS_PRECEDES , P_SEP_BY_SPACE , N_CS_PRECEDES , N_SEP_BY_SPACE , P_SIGN_POSN , N_SIGN_POSN , DECIMAL_POINT , RADIXCHAR , THOUSANDS_SEP , THOUSEP , GROUPING , YESEXPR , NOEXPR , YESSTR , NOSTR , CODESET , LOG_EMERG , LOG_ALERT , LOG_CRIT , LOG_ERR , LOG_WARNING , LOG_NOTICE , LOG_INFO , LOG_DEBUG , LOG_KERN , LOG_USER , LOG_MAIL , LOG_DAEMON , LOG_AUTH , LOG_SYSLOG , LOG_LPR , LOG_NEWS , LOG_UUCP , LOG_CRON , LOG_AUTHPRIV , LOG_LOCAL0 , LOG_LOCAL1 , LOG_LOCAL2 , LOG_LOCAL3 , LOG_LOCAL4 , LOG_LOCAL5 , LOG_LOCAL6 , LOG_LOCAL7 , LOG_PID , LOG_CONS , LOG_ODELAY , LOG_NDELAY , LOG_NOWAIT , LOG_PERROR , PCRE_VERSION'; + $c = 'PHP_VERSION , PHP_VERSION_ID , PHP_OS , PHP_SAPI , PHP_EOL , PHP_INT_MAX , PHP_INT_SIZE , DEFAULT_INCLUDE_PATH , PEAR_INSTALL_DIR , PEAR_EXTENSION_DIR , PHP_EXTENSION_DIR , PHP_PREFIX , PHP_BINDIR , PHP_LIBDIR , PHP_DATADIR , PHP_SYSCONFDIR , PHP_LOCALSTATEDIR , PHP_CONFIG_FILE_PATH , PHP_CONFIG_FILE_SCAN_DIR , PHP_SHLIB_SUFFIX , PHP_OUTPUT_HANDLER_START , PHP_OUTPUT_HANDLER_CONT , PHP_OUTPUT_HANDLER_END , E_ERROR , E_WARNING , E_PARSE , E_NOTICE , E_CORE_ERROR , E_CORE_WARNING , E_COMPILE_ERROR , E_COMPILE_WARNING , E_USER_ERROR , E_USER_WARNING , E_USER_NOTICE , E_ALL , __COMPILER_HALT_OFFSET__ , EXTR_OVERWRITE , EXTR_SKIP , EXTR_PREFIX_SAME , EXTR_PREFIX_ALL , EXTR_PREFIX_INVALID , EXTR_PREFIX_IF_EXISTS , EXTR_IF_EXISTS , SORT_ASC , SORT_DESC , SORT_REGULAR , SORT_NUMERIC , SORT_STRING , CASE_LOWER , CASE_UPPER , COUNT_NORMAL , COUNT_RECURSIVE , ASSERT_ACTIVE , ASSERT_CALLBACK , ASSERT_BAIL , ASSERT_WARNING , ASSERT_QUIET_EVAL , CONNECTION_ABORTED , CONNECTION_NORMAL , CONNECTION_TIMEOUT , INI_USER , INI_PERDIR , INI_SYSTEM , INI_ALL , M_E , M_LOG2E , M_LOG10E , M_LN2 , M_LN10 , M_PI , M_PI_2 , M_PI_4 , M_1_PI , M_2_PI , M_2_SQRTPI , M_SQRT2 , M_SQRT1_2 , CRYPT_SALT_LENGTH , CRYPT_STD_DES , CRYPT_EXT_DES , CRYPT_MD5 , CRYPT_BLOWFISH , DIRECTORY_SEPARATOR , SEEK_SET , SEEK_CUR , SEEK_END , LOCK_SH , LOCK_EX , LOCK_UN , LOCK_NB , HTML_SPECIALCHARS , HTML_ENTITIES , ENT_COMPAT , ENT_QUOTES , ENT_NOQUOTES , INFO_GENERAL , INFO_CREDITS , INFO_CONFIGURATION , INFO_MODULES , INFO_ENVIRONMENT , INFO_VARIABLES , INFO_LICENSE , INFO_ALL , CREDITS_GROUP , CREDITS_GENERAL , CREDITS_SAPI , CREDITS_MODULES , CREDITS_DOCS , CREDITS_FULLPAGE , CREDITS_QA , CREDITS_ALL , STR_PAD_LEFT , STR_PAD_RIGHT , STR_PAD_BOTH , PATHINFO_DIRNAME , PATHINFO_BASENAME , PATHINFO_EXTENSION , PATH_SEPARATOR , CHAR_MAX , LC_CTYPE , LC_NUMERIC , LC_TIME , LC_COLLATE , LC_MONETARY , LC_ALL , LC_MESSAGES , ABDAY_1 , ABDAY_2 , ABDAY_3 , ABDAY_4 , ABDAY_5 , ABDAY_6 , ABDAY_7 , DAY_1 , DAY_2 , DAY_3 , DAY_4 , DAY_5 , DAY_6 , DAY_7 , ABMON_1 , ABMON_2 , ABMON_3 , ABMON_4 , ABMON_5 , ABMON_6 , ABMON_7 , ABMON_8 , ABMON_9 , ABMON_10 , ABMON_11 , ABMON_12 , MON_1 , MON_2 , MON_3 , MON_4 , MON_5 , MON_6 , MON_7 , MON_8 , MON_9 , MON_10 , MON_11 , MON_12 , AM_STR , PM_STR , D_T_FMT , D_FMT , T_FMT , T_FMT_AMPM , ERA , ERA_YEAR , ERA_D_T_FMT , ERA_D_FMT , ERA_T_FMT , ALT_DIGITS , INT_CURR_SYMBOL , CURRENCY_SYMBOL , CRNCYSTR , MON_DECIMAL_POINT , MON_THOUSANDS_SEP , MON_GROUPING , POSITIVE_SIGN , NEGATIVE_SIGN , INT_FRAC_DIGITS , FRAC_DIGITS , P_CS_PRECEDES , P_SEP_BY_SPACE , N_CS_PRECEDES , N_SEP_BY_SPACE , P_SIGN_POSN , N_SIGN_POSN , DECIMAL_POINT , RADIXCHAR , THOUSANDS_SEP , THOUSEP , GROUPING , YESEXPR , NOEXPR , YESSTR , NOSTR , CODESET , LOG_EMERG , LOG_ALERT , LOG_CRIT , LOG_ERR , LOG_WARNING , LOG_NOTICE , LOG_INFO , LOG_DEBUG , LOG_KERN , LOG_USER , LOG_MAIL , LOG_DAEMON , LOG_AUTH , LOG_SYSLOG , LOG_LPR , LOG_NEWS , LOG_UUCP , LOG_CRON , LOG_AUTHPRIV , LOG_LOCAL0 , LOG_LOCAL1 , LOG_LOCAL2 , LOG_LOCAL3 , LOG_LOCAL4 , LOG_LOCAL5 , LOG_LOCAL6 , LOG_LOCAL7 , LOG_PID , LOG_CONS , LOG_ODELAY , LOG_NDELAY , LOG_NOWAIT , LOG_PERROR , PCRE_VERSION'; echo ''; $ca = explode(",", $c); foreach ($ca as $key => $value) { diff --git a/zb_system/function/lib/zblogphp.php b/zb_system/function/lib/zblogphp.php index 9e8e09066..02e15704d 100644 --- a/zb_system/function/lib/zblogphp.php +++ b/zb_system/function/lib/zblogphp.php @@ -1563,8 +1563,8 @@ public function CheckRightsByLevel($action, $level) public function Verify() { // 在普通 Web 页面中 - $username = trim(GetVars('username_' . hash("crc32b", $this->guid), 'COOKIE')); - $token = trim(GetVars('token_' . hash("crc32b", $this->guid), 'COOKIE')); + $username = trim(GetVars('username_' . hash("crc32b", $this->guid), 'COOKIE', '')); + $token = trim(GetVars('token_' . hash("crc32b", $this->guid), 'COOKIE', '')); $user = $this->VerifyUserToken($token, $username); if (is_object($user)) {
PHP Constants