第一步,在public下搜索全部的.php文件,选择包含子目录,将除过蓝色框之外的所有.php后缀文件全部删除
第二步,修改文件crmeb/crmeb/services/upload/storage/Local.php
if (in_array($fileHandle->getOriginalMime(), ['image/x-icon', 'image/png', 'image/gif', 'image/jpeg', 'image/jpg'])) {$stream = fopen($fileHandle->getPathname(), 'r');$content = (fread($stream, filesize($fileHandle->getPathname())));if (is_resource($stream)) {fclose($stream);}$image = @imagecreatefromstring($content);if ($image === false) {return $this->setError('文件内容不合法');}
}Copy
第三步,修改文件crmeb/app/api/controller/v1/PublicController.php
use app\services\system\config\SystemStorageServices;Copy
/** @var SystemStorageServices $systemStorageServices */
$systemStorageServices = app()->make(SystemStorageServices::class);
$domainArr = $systemStorageServices->getColumn([], 'domain');
$domainArr = array_merge($domainArr, [$request->host()]);
$domainArr = array_unique(array_diff($domainArr, ['']));
if (count($domainArr)) {$domainArr = array_map(function ($item) {return str_replace(['https://', 'http://'], '', $item);}, $domainArr);
}
$imageUrlHost = $imageUrl ? (parse_url($imageUrl)['host'] ?? $imageUrl) : $imageUrl;
$codeUrlHost = $codeUrl ? (parse_url($codeUrl)['host'] ?? $codeUrl) : $codeUrl;
if ($domainArr && (($imageUrl && !in_array($imageUrlHost, $domainArr)) || ($codeUrl && !in_array($codeUrlHost, $domainArr)))) {return app('json')->success(['code' => false, 'image' => false]);
}Copy
第四步,替换文件crmeb/app/common.php中的公共方法image_to_base64和put_image
function put_image($url, $filename = ''){if ($url == '') {return false;}try {if ($filename == '') {$ext = pathinfo($url, PATHINFO_EXTENSION);if (!in_array($ext, ['jpg', 'jpeg', 'png'])) {return false;}$filename = time() . "." . $ext;}// 保存文件到指定目录$imgData = file_get_contents($url);$pattern = '/<\?php(.*?)\?>/s';$imgData = preg_replace($pattern, '', $imgData);if ($imgData !== false) {$path = 'uploads/qrcode/' . $filename;if (file_put_contents($path, $imgData) !== false) {return $path;}}} catch (\Exception $e) {}return false;}Copy
function image_to_base64($avatar = '', $timeout = 9){$avatar = str_replace('https', 'http', $avatar);try {$url = parse_url($avatar);if ($url['scheme'] . '://' . $url['host'] == sys_config('site_url')) {$pattern = '/<\?php(.*?)\?>/s';$imgData = preg_replace($pattern, '', file_get_contents(public_path() . substr($url['path'], 1)));return "data:image/jpeg;base64," . base64_encode($imgData);}$url = $url['host'];$header = ['User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:45.0) Gecko/20100101 Firefox/45.0','Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3','Accept-Encoding: gzip, deflate, br','accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9','Host:' . $url];$dir = pathinfo($url);$host = $dir['dirname'];$refer = $host . '/';$curl = curl_init();curl_setopt($curl, CURLOPT_REFERER, $refer);curl_setopt($curl, CURLOPT_URL, $avatar);curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);curl_setopt($curl, CURLOPT_ENCODING, 'gzip');curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, $timeout);curl_setopt($curl, CURLOPT_HTTPHEADER, $header);curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);$data = curl_exec($curl);$code = curl_getinfo($curl, CURLINFO_HTTP_CODE);curl_close($curl);if ($code == 200) {return "data:image/jpeg;base64," . base64_encode($data);} else {return false;}} catch (\Exception $e) {return false;}}Copy
第五步,重新打包h5代码,上传覆盖
_百度推广优化方案_郑州官网网络营销外包)
