filesite
/
machete
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

bug fix: show image, video, audio file not authed, v0.4.2 release

master
filesite 4 weeks ago
parent
fba2bdf850
commit
a69712e34a
4 changed files with 83 additions and 12 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      conf/app.php
  2. 28
      plugins/Common.php
  3. 42
      themes/beauty/views/list/bydate.php
  4. 15
      www/js/beauty.js

4
conf/app.php
Unescape View File

@ -3,8 +3,8 @@ @@ -3,8 +3,8 @@
* Config
*/
$configs = array(
'version' => '0.4.1',
'releaseDate' => '2024-12-18',
'version' => '0.4.2',
'releaseDate' => '2024-12-20',
'showVersion' => false, //默认不显示版本号和发布日期
'default_timezone' => 'Asia/Hong_Kong', //timezone, check more: https://www.php.net/manual/en/timezones.asia.php

28
plugins/Common.php
Unescape View File

@ -651,6 +651,34 @@ Class Common { @@ -651,6 +651,34 @@ Class Common {
return $authDirs;
}
//判断当前文件是否允许访问
public static function isUserAllowedToFile($filepath) {
if( empty(FSC::$app['config']['password_auth']) ) {
return true;
}
$authConfig = FSC::$app['config']['password_auth'];
if (empty($authConfig['enable']) || $authConfig['enable'] === 'false') {
return true;
}
$allowed = true;
$filepath = preg_replace('/\/[^\/]+$/', '', $filepath);
$filepath = trim($filepath, '/');
$arr = explode('/', $filepath);
if (!empty($arr)) {
foreach($arr as $dir) {
$allowed = self::isUserAllowedToDir($dir);
if (!$allowed) {
break;
}
}
}
return $allowed;
}
//判断当前目录是否允许访问
public static function isUserAllowedToDir($dir) {
if( empty(FSC::$app['config']['password_auth']) ) {

42
themes/beauty/views/list/bydate.php
Unescape View File

@ -297,12 +297,20 @@ eof; @@ -297,12 +297,20 @@ eof;
$bigUrl = $file['path'];
}
//权限检查
$originUrl = $file['path'];
$isAllowedToVisit = Common::isUserAllowedToFile($file['realpath']);
if (!$isAllowedToVisit) {
$smallUrl = '/img/beauty/lock-fill.svg';
$bigUrl = $originUrl = '/img/beauty/lazy.svg';
}
echo <<<eof
<div class="im_item bor_radius col-xs-6 col-sm-4 col-md-3 col-lg-2">
<a href="javascript:;" class="bor_radius" data-fancybox="gallery"
data-src="{$bigUrl}"
data-thumb="{$smallUrl}"
data-download-src="{$file['path']}"
data-download-src="{$originUrl}"
data-download-filename="{$file['filename']}.{$file['extension']}"
data-caption="{$title} - {$file['filename']}"
data-pid="{$file['pid']}"
@ -333,12 +341,26 @@ eof; @@ -333,12 +341,26 @@ eof;
$linkUrl .= "&name=" . urlencode($file['filename']);
}
//权限检查
$linkTarget = '_blank';
$videoCover = '/img/beauty/video_snap.jpg';
$lockedAttr = '';
$isAllowedToVisit = Common::isUserAllowedToFile($file['realpath']);
if (!$isAllowedToVisit) {
$linkUrl = 'javascript:;';
$linkTarget = '_self';
$videoCover = '/img/beauty/lock-fill.svg';
$lockedAttr = 'data-lock="true"';
}
echo <<<eof
<div class="im_item bor_radius col-xs-6 col-sm-4 col-md-3 col-lg-2">
<a href="{$linkUrl}" target="_blank" class="bor_radius" title="{$title} - {$file['filename']}">
<img src="/img/beauty/video_snap.jpg" class="bor_radius im_img video-poster" id="poster_{$file['id']}"
<a href="{$linkUrl}" target="{$linkTarget}" class="bor_radius" title="{$title} - {$file['filename']}">
<img src="{$videoCover}" class="bor_radius im_img video-poster"
id="poster_{$file['id']}"
data-video-id="{$file['id']}"
data-video-url="{$file['path']}"
{$lockedAttr}
alt="{$file['filename']}">
<div class="im_img_title">
<span class="right-bottom">
@ -370,12 +392,24 @@ eof; @@ -370,12 +392,24 @@ eof;
}
}
//权限检查
$linkTarget = '_blank';
$lockedAttr = '';
$isAllowedToVisit = Common::isUserAllowedToFile($file['realpath']);
if (!$isAllowedToVisit) {
$linkUrl = 'javascript:;';
$linkTarget = '_self';
$snapshot = '/img/beauty/lock-fill.svg';
$lockedAttr = 'data-lock="true"';
}
echo <<<eof
<div class="im_item bor_radius col-xs-6 col-sm-4 col-md-3 col-lg-2 audio-list-item">
<a href="{$linkUrl}" target="_blank" class="bor_radius vercenter" title="{$title} - {$file['filename']}">
<a href="{$linkUrl}" target="{$linkTarget}" class="bor_radius vercenter" title="{$title} - {$file['filename']}">
<img src="{$snapshot}" class="bor_radius im_img video-poster" id="poster_{$file['id']}"
data-video-id="{$file['id']}"
data-video-url="{$file['path']}"
{$lockedAttr}
alt="{$file['filename']}">
<span class="title">{$title}</span>
<img src="/img/video-play.svg" class="playbtn hide" alt="video play button">

15
www/js/beauty.js
Unescape View File

@ -595,8 +595,11 @@ var getVideoMetaAndShowIt = function(videoId, videoUrl) { @@ -595,8 +595,11 @@ var getVideoMetaAndShowIt = function(videoId, videoUrl) {
$('.video-poster').each(function(index, el) {
var videoId = $(el).attr('data-video-id'),
videoUrl = $(el).attr('data-video-url');
videoUrl = $(el).attr('data-video-url'),
isLocked = $(el).attr('data-lock');
if (!isLocked) {
getVideoMetaAndShowIt(videoId, videoUrl);
}
});
//保存视频/音乐meta数据
@ -781,8 +784,11 @@ if ($('#my-player').length > 0 && typeof(videojs) != 'undefined') { @@ -781,8 +784,11 @@ if ($('#my-player').length > 0 && typeof(videojs) != 'undefined') {
setTimeout(function() {
$('.othervideos .video-poster').each(function(index, el) {
var videoId = $(el).attr('data-video-id'),
videoUrl = $(el).attr('data-video-url');
videoUrl = $(el).attr('data-video-url'),
isLocked = $(el).attr('data-lock');
if (!isLocked) {
getVideoMetaAndShowIt(videoId, videoUrl);
}
});
}, 50);
@ -795,8 +801,11 @@ if ($('#my-player').length > 0 && typeof(videojs) != 'undefined') { @@ -795,8 +801,11 @@ if ($('#my-player').length > 0 && typeof(videojs) != 'undefined') {
setTimeout(function() {
$('.othervideos .video-poster').each(function(index, el) {
var videoId = $(el).attr('data-video-id'),
videoUrl = $(el).attr('data-video-url');
videoUrl = $(el).attr('data-video-url'),
isLocked = $(el).attr('data-lock');
if (!isLocked) {
getVideoMetaAndShowIt(videoId, videoUrl);
};
});
}, 50);

Write Preview
Loading…
Cancel
Save