lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-14 12:30:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix filter_src() undefined HTTP_HOST

Browse Source
This commit is contained in:
xiaomlove
2025-11-09 13:30:14 +07:00
parent f997c97958
commit ab7c3a71a4
1 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
include/globalfunctions.php
View File

@@ -507,7 +507,7 @@ function isHttps(): bool
}
function getSchemeAndHttpHost(bool $fromConfig = false)
function getSchemeAndHttpHost(bool $fromConfig = false): string
{
if (isRunningInConsole() || $fromConfig) {
$host = get_setting("basic.BASEURL");
@@ -1378,12 +1378,15 @@ function filter_src($src)
return $src;
}
$host = parse_url($src, PHP_URL_HOST);
if (!empty($host) && $host != $_SERVER['HTTP_HOST']) {
$currentHost = parse_url(getSchemeAndHttpHost(), PHP_URL_HOST);
if (!empty($host) && $host != $currentHost) {
return $src;
}
$guessScriptFilename = sprintf("%s/%s", $_SERVER['DOCUMENT_ROOT'], trim($path, '/'));
if (!file_exists($guessScriptFilename)) {
return $src;
if (isset($_SERVER['DOCUMENT_ROOT'])) {
$guessScriptFilename = sprintf("%s/%s", $_SERVER['DOCUMENT_ROOT'], trim($path, '/'));
if (!file_exists($guessScriptFilename)) {
return $src;
}
}
//only allow these
$imgExtensions = implode("|", \App\Models\Attachment::IMG_EXTENSIONS);