amber/AvocadoAmber
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

update

Browse source
This commit is contained in:
Amberstone 2024-10-12 13:34:19 +09:00
parent 7fa0609ac5
commit b905c326c2
Signed by: amber
GPG key ID: 094B0E55F98D8BF1
16 changed files with 4711 additions and 4629 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
.editorconfig
View file

@ -6,3 +6,15 @@ insert_final_newline = true
charset = utf-8 charset = utf-8
indent_style = space indent_style = space
indent_size = 2 indent_size = 2
[*.php]
indent_style = space
indent_size = 2
[composer.json]
indent_style = space
indent_size = 2
[*.yml]
indent_style = space
indent_size = 2

3
AvocadoAmber/plugin/PHPMailer/class.phpmaileroauth.php
View file

@ -165,7 +165,8 @@ class PHPMailerOAuth extends PHPMailer
$this->smtp->hello($hello); $this->smtp->hello($hello);
} }
if ($this->SMTPAuth) { if ($this->SMTPAuth) {
if (!$this->smtp->authenticate( if (
!$this->smtp->authenticate(
$this->Username, $this->Username,
$this->Password, $this->Password,
$this->AuthType, $this->AuthType,

3
AvocadoAmber/plugin/PHPMailer/class.pop3.php
View file

@ -302,7 +302,8 @@ class POP3
@fclose($this->pop_conn); @fclose($this->pop_conn);
} catch (Exception $e) { } catch (Exception $e) {
//Do nothing //Do nothing
}; }
;
} }
/** /**

6
AvocadoAmber/plugin/PHPMailer/class.smtp.php
View file

@ -445,7 +445,8 @@ class SMTP
return false; return false;
} }
// Send encoded username and password // Send encoded username and password
if (!$this->sendCommand( if (
!$this->sendCommand(
'User & Password', 'User & Password',
base64_encode("\0" . $username . "\0" . $password), base64_encode("\0" . $username . "\0" . $password),
235 235
@ -504,7 +505,8 @@ class SMTP
//msg1 //msg1
$msg1 = $ntlm_client->typeMsg1($realm, $workstation); //msg1 $msg1 = $ntlm_client->typeMsg1($realm, $workstation); //msg1
if (!$this->sendCommand( if (
!$this->sendCommand(
'AUTH NTLM', 'AUTH NTLM',
'AUTH NTLM ' . base64_encode($msg1), 'AUTH NTLM ' . base64_encode($msg1),
334 334

24
AvocadoAmber/plugin/PHPMailer/extras/htmlfilter.php
View file

@ -467,7 +467,8 @@ function tln_defang(&$attvalue)
/** /**
* Skip this if there aren't ampersands or backslashes. * Skip this if there aren't ampersands or backslashes.
*/ */
if (strpos($attvalue, '&') === false if (
strpos($attvalue, '&') === false
&& strpos($attvalue, '\\') === false && strpos($attvalue, '\\') === false
) { ) {
return; return;
@ -772,14 +773,16 @@ function tln_fixstyle($body, $pos, $trans_image_path, $block_external_images)
tln_defang($contentTemp); tln_defang($contentTemp);
tln_unspace($contentTemp); tln_unspace($contentTemp);
$match = array('/\/\*.*\*\//', $match = array(
'/\/\*.*\*\//',
'/expression/i', '/expression/i',
'/behaviou*r/i', '/behaviou*r/i',
'/binding/i', '/binding/i',
'/include-source/i', '/include-source/i',
'/javascript/i', '/javascript/i',
'/script/i', '/script/i',
'/position/i'); '/position/i'
);
$replace = array('', 'idiocy', 'idiocy', 'idiocy', 'idiocy', 'idiocy', 'idiocy', ''); $replace = array('', 'idiocy', 'idiocy', 'idiocy', 'idiocy', 'idiocy', 'idiocy', '');
$contentNew = preg_replace($match, $replace, $contentTemp); $contentNew = preg_replace($match, $replace, $contentTemp);
if ($contentNew !== $contentTemp) { if ($contentNew !== $contentTemp) {
@ -883,7 +886,8 @@ function tln_sanitize(
tln_fixstyle($body, $gt + 1, $trans_image_path, $block_external_images); tln_fixstyle($body, $gt + 1, $trans_image_path, $block_external_images);
if ($free_content != FALSE) { if ($free_content != FALSE) {
if (!empty($attary)) { if (!empty($attary)) {
$attary = tln_fixatts($tagname, $attary = tln_fixatts(
$tagname,
$attary, $attary,
$rm_attnames, $rm_attnames,
$bad_attvals, $bad_attvals,
@ -914,7 +918,8 @@ function tln_sanitize(
if ($tagname == "body") { if ($tagname == "body") {
$tagname = "div"; $tagname = "div";
} }
if (isset($open_tags[$tagname]) && if (
isset($open_tags[$tagname]) &&
$open_tags[$tagname] > 0 $open_tags[$tagname] > 0
) { ) {
$open_tags[$tagname]--; $open_tags[$tagname]--;
@ -932,7 +937,8 @@ function tln_sanitize(
* See if this is a self-closing type and change * See if this is a self-closing type and change
* tagtype appropriately. * tagtype appropriately.
*/ */
if ($tagtype == 1 if (
$tagtype == 1
&& in_array($tagname, $self_closing_tags) && in_array($tagname, $self_closing_tags)
) { ) {
$tagtype = 3; $tagtype = 3;
@ -941,12 +947,14 @@ function tln_sanitize(
* See if we should skip this tag and any content * See if we should skip this tag and any content
* inside it. * inside it.
*/ */
if ($tagtype == 1 if (
$tagtype == 1
&& in_array($tagname, $rm_tags_with_content) && in_array($tagname, $rm_tags_with_content)
) { ) {
$skip_content = $tagname; $skip_content = $tagname;
} else { } else {
if (($rm_tags == false if (
($rm_tags == false
&& in_array($tagname, $tag_list)) || && in_array($tagname, $tag_list)) ||
($rm_tags == true ($rm_tags == true
&& !in_array($tagname, $tag_list)) && !in_array($tagname, $tag_list))

3
AvocadoAmber/plugin/PHPMailer/extras/ntlm_sasl_client.php
View file

@ -20,7 +20,8 @@ class ntlm_sasl_client_class
public function initialize(&$client) public function initialize(&$client)
{ {
if (!function_exists($function = "mcrypt_encrypt") if (
!function_exists($function = "mcrypt_encrypt")
|| !function_exists($function = "mhash") || !function_exists($function = "mhash")
) { ) {
$extensions = array( $extensions = array(

60
AvocadoAmber/plugin/browscap/Browscap.php
View file

@ -654,7 +654,8 @@ class Browscap
foreach ($tmpUserAgents as $i => $userAgent) { foreach ($tmpUserAgents as $i => $userAgent) {
$properties = $browsers[$userAgent]; $properties = $browsers[$userAgent];
if (empty($properties['Comment']) if (
empty($properties['Comment'])
|| false !== strpos($userAgent, '*') || false !== strpos($userAgent, '*')
|| false !== strpos($userAgent, '?') || false !== strpos($userAgent, '?')
) { ) {
@ -690,7 +691,8 @@ class Browscap
$properties['Parent'] = $parentKey; $properties['Parent'] = $parentKey;
$this->_userAgents[$parentKey . '.0'] = $tmpUserAgents[$parentKey]; $this->_userAgents[$parentKey . '.0'] = $tmpUserAgents[$parentKey];
}; }
;
$this->_browsers[] = $this->resortProperties($properties, $propertiesKeys); $this->_browsers[] = $this->resortProperties($properties, $propertiesKeys);
} }
@ -768,7 +770,8 @@ class Browscap
$properties = parse_ini_string($iniParts[($position + 1)], true, INI_SCANNER_RAW); $properties = parse_ini_string($iniParts[($position + 1)], true, INI_SCANNER_RAW);
if (empty($properties['Comment']) if (
empty($properties['Comment'])
|| false !== strpos($userAgent, '*') || false !== strpos($userAgent, '*')
|| false !== strpos($userAgent, '?') || false !== strpos($userAgent, '?')
) { ) {
@ -804,7 +807,8 @@ class Browscap
$properties['Parent'] = $parentKey - 1; $properties['Parent'] = $parentKey - 1;
$this->_userAgents[($parentKey - 1) . '.0'] = $patternPositions[$parentKey]; $this->_userAgents[($parentKey - 1) . '.0'] = $patternPositions[$parentKey];
}; }
;
$this->_browsers[] = $this->resortProperties($properties, $propertiesKeys); $this->_browsers[] = $this->resortProperties($properties, $propertiesKeys);
} }
@ -1020,12 +1024,52 @@ class Browscap
// to properly unescape '?' which was changed to '.', I replace '\.' (real dot) with '\?', // to properly unescape '?' which was changed to '.', I replace '\.' (real dot) with '\?',
// then change '.' to '?' and then '\?' to '.'. // then change '.' to '?' and then '\?' to '.'.
$search = array( $search = array(
'\\' . self::REGEX_DELIMITER, '\\.', '\\\\', '\\+', '\\[', '\\^', '\\]', '\\$', '\\(', '\\)', '\\{', '\\}', '\\' . self::REGEX_DELIMITER,
'\\=', '\\!', '\\<', '\\>', '\\|', '\\:', '\\-', '.*', '.', '\\?' '\\.',
'\\\\',
'\\+',
'\\[',
'\\^',
'\\]',
'\\$',
'\\(',
'\\)',
'\\{',
'\\}',
'\\=',
'\\!',
'\\<',
'\\>',
'\\|',
'\\:',
'\\-',
'.*',
'.',
'\\?'
); );
$replace = array( $replace = array(
self::REGEX_DELIMITER, '\\?', '\\', '+', '[', '^', ']', '$', '(', ')', '{', '}', '=', '!', '<', '>', '|', self::REGEX_DELIMITER,
':', '-', '*', '?', '.' '\\?',
'\\',
'+',
'[',
'^',
']',
'$',
'(',
')',
'{',
'}',
'=',
'!',
'<',
'>',
'|',
':',
'-',
'*',
'?',
'.'
); );
$result = substr(str_replace($search, $replace, $pattern), 2, -2); $result = substr(str_replace($search, $replace, $pattern), 2, -2);

36
AvocadoAmber/plugin/kcaptcha/kcaptcha.lib.php
View file

@ -16,12 +16,14 @@
# See kcaptcha_config.php for customization # See kcaptcha_config.php for customization
class KCAPTCHA{ class KCAPTCHA
{
private $keystring; private $keystring;
// generates keystring and image // generates keystring and image
function image(){ function image()
{
require dirname(__FILE__) . '/kcaptcha_config.php'; require dirname(__FILE__) . '/kcaptcha_config.php';
$fonts = array(); $fonts = array();
@ -75,10 +77,12 @@ class KCAPTCHA{
// draw text // draw text
$x = 1; $x = 1;
$odd = mt_rand(0, 1); $odd = mt_rand(0, 1);
if($odd==0) $odd=-1; if ($odd == 0)
$odd = -1;
for ($i = 0; $i < $length; $i++) { for ($i = 0; $i < $length; $i++) {
if( ! isset($this->keystring[$i]) ) continue; if (!isset($this->keystring[$i]))
continue;
$m = $font_metrics[$this->keystring[$i]]; $m = $font_metrics[$this->keystring[$i]];
$y = (($i % 2) * $fluctuation_amplitude - $fluctuation_amplitude / 2) * $odd $y = (($i % 2) * $fluctuation_amplitude - $fluctuation_amplitude / 2) * $odd
@ -96,7 +100,8 @@ class KCAPTCHA{
if ($opacity < 127) { if ($opacity < 127) {
$left = $sx - $m['start'] + $x; $left = $sx - $m['start'] + $x;
$py = $sy + $y; $py = $sy + $y;
if($py>$height) break; if ($py > $height)
break;
for ($px = min($left, $width - 1); $px > $left - 200 && $px >= 0; $px -= 1) { for ($px = min($left, $width - 1); $px > $left - 200 && $px >= 0; $px -= 1) {
$color = imagecolorat($img, $px, $py) & 0xff; $color = imagecolorat($img, $px, $py) & 0xff;
if ($color + $opacity < 170) { // 170 - threshold if ($color + $opacity < 170) { // 170 - threshold
@ -164,8 +169,7 @@ class KCAPTCHA{
if ($wave) { if ($wave) {
$sx = $x + (sin($x * $rand1 + $rand5) + sin($y * $rand3 + $rand6)) * $rand9 - $width / 2 + $center + 1; $sx = $x + (sin($x * $rand1 + $rand5) + sin($y * $rand3 + $rand6)) * $rand9 - $width / 2 + $center + 1;
$sy = $y + (sin($x * $rand2 + $rand7) + sin($y * $rand4 + $rand8)) * $rand10; $sy = $y + (sin($x * $rand2 + $rand7) + sin($y * $rand4 + $rand8)) * $rand10;
} } else {
else {
$sx = $x - $width / 2 + $center + 1; $sx = $x - $width / 2 + $center + 1;
$sy = $y + (sin($x * $rand2 + $rand7) + sin($y * $rand4 + $rand8)) * 1.5; $sy = $y + (sin($x * $rand2 + $rand7) + sin($y * $rand4 + $rand8)) * 1.5;
} }
@ -197,7 +201,8 @@ class KCAPTCHA{
$color_y * $frsx1 * $frsy + $color_y * $frsx1 * $frsy +
$color_xy * $frsx * $frsy); $color_xy * $frsx * $frsy);
if($newcolor>255) $newcolor=255; if ($newcolor > 255)
$newcolor = 255;
$newcolor = $newcolor / 255; $newcolor = $newcolor / 255;
$newcolor0 = 1 - $newcolor; $newcolor0 = 1 - $newcolor;
@ -228,11 +233,13 @@ class KCAPTCHA{
} }
// returns keystring // returns keystring
function getKeyString(){ function getKeyString()
{
return $this->keystring; return $this->keystring;
} }
function setKeyString($str){ function setKeyString($str)
{
$this->keystring = $str; $this->keystring = $str;
} }
} }
@ -249,11 +256,13 @@ function captcha_html($class="captcha")
$html .= "\n" . '<script src="' . G5_CAPTCHA_URL . '/kcaptcha.js"></script>'; $html .= "\n" . '<script src="' . G5_CAPTCHA_URL . '/kcaptcha.js"></script>';
$html .= "\n" . '<fieldset id="captcha" class="' . $class . '">'; $html .= "\n" . '<fieldset id="captcha" class="' . $class . '">';
$html .= "\n" . '<legend><label for="captcha_key">자동등록방지</label></legend>'; $html .= "\n" . '<legend><label for="captcha_key">자동등록방지</label></legend>';
if (is_mobile()) $html .= '<audio id="captcha_audio" controls></audio>'; if (is_mobile())
$html .= '<audio id="captcha_audio" controls></audio>';
//$html .= "\n".'<img src="#" alt="" id="captcha_img">'; //$html .= "\n".'<img src="#" alt="" id="captcha_img">';
$html .= "\n" . '<img src="' . G5_CAPTCHA_URL . '/img/dot.gif" alt="" id="captcha_img">'; $html .= "\n" . '<img src="' . G5_CAPTCHA_URL . '/img/dot.gif" alt="" id="captcha_img">';
$html .= '<input type="text" name="captcha_key" id="captcha_key" required class="captcha_box required" size="6" maxlength="6">'; $html .= '<input type="text" name="captcha_key" id="captcha_key" required class="captcha_box required" size="6" maxlength="6">';
if (!is_mobile()) $html .= "\n".'<button type="button" id="captcha_mp3"><span></span>숫자음성듣기</button>'; if (!is_mobile())
$html .= "\n" . '<button type="button" id="captcha_mp3"><span></span>숫자음성듣기</button>';
$html .= "\n" . '<button type="button" id="captcha_reload"><span></span>새로고침</button>'; $html .= "\n" . '<button type="button" id="captcha_reload"><span></span>새로고침</button>';
$html .= "\n" . '<span id="captcha_info">자동등록방지 숫자를 순서대로 입력하세요.</span>'; $html .= "\n" . '<span id="captcha_info">자동등록방지 숫자를 순서대로 입력하세요.</span>';
$html .= "\n" . '</fieldset>'; $html .= "\n" . '</fieldset>';
@ -277,7 +286,8 @@ function chk_captcha()
} }
$post_captcha_key = (isset($_POST['captcha_key']) && $_POST['captcha_key']) ? trim($_POST['captcha_key']) : ''; $post_captcha_key = (isset($_POST['captcha_key']) && $_POST['captcha_key']) ? trim($_POST['captcha_key']) : '';
if (!trim($post_captcha_key)) return false; if (!trim($post_captcha_key))
return false;
if ($post_captcha_key && function_exists('get_string_encrypt')) { if ($post_captcha_key && function_exists('get_string_encrypt')) {
$ip = md5(sha1($_SERVER['REMOTE_ADDR'])); $ip = md5(sha1($_SERVER['REMOTE_ADDR']));

3
AvocadoAmber/plugin/kcaptcha/kcaptcha_image.php
View file

@ -10,7 +10,8 @@ if( $ss_captcha_key && !preg_match('/^[0-9]/', $ss_captcha_key) && function_exis
$ss_captcha_key_decrypt = str_replace($ip, '', get_string_decrypt($ss_captcha_key)); $ss_captcha_key_decrypt = str_replace($ip, '', get_string_decrypt($ss_captcha_key));
} }
# php 5.2 또는 5.3 버전에서 포인터처럼 해당 세션값이 변경되는 버그가 있어서 아래와 같이 조치함 # php 5.2 또는 5.3 버전에서 포인터처럼 해당 세션값이 변경되는 버그가 있어서 아래와 같이 조치함
if(! $ss_captcha_key_decrypt) $ss_captcha_key_decrypt = $ss_captcha_key; if (!$ss_captcha_key_decrypt)
$ss_captcha_key_decrypt = $ss_captcha_key;
$captcha->setKeyString($ss_captcha_key_decrypt); $captcha->setKeyString($ss_captcha_key_decrypt);
$captcha->getKeyString(); $captcha->getKeyString();
$captcha->image(); $captcha->image();

6
AvocadoAmber/plugin/kcaptcha/kcaptcha_mp3.php
View file

@ -7,12 +7,14 @@ function make_mp3()
$number = get_session("ss_captcha_key"); $number = get_session("ss_captcha_key");
if ($number == "") return; if ($number == "")
return;
$ip = md5(sha1($_SERVER['REMOTE_ADDR'])); $ip = md5(sha1($_SERVER['REMOTE_ADDR']));
if ($number && function_exists('get_string_decrypt')) { if ($number && function_exists('get_string_decrypt')) {
$number = str_replace($ip, '', get_string_decrypt($number)); $number = str_replace($ip, '', get_string_decrypt($number));
} }
if ($number == get_session("ss_captcha_save")) return; if ($number == get_session("ss_captcha_save"))
return;
$mp3s = array(); $mp3s = array();
for ($i = 0; $i < strlen($number); $i++) { for ($i = 0; $i < strlen($number); $i++) {