Skip to content

Commit

Permalink
Use EvalMath.class.php instead of eval()
Browse files Browse the repository at this point in the history
  • Loading branch information
@kinosang
kinosang committed Nov 2, 2015
1 parent d803747 commit 09626c9
Show file tree
Hide file tree
Showing 5 changed files with 489 additions and 91 deletions.
12 changes: 2 additions & 10 deletions extensions/torrent/admin/ManageController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,8 +78,7 @@ public function dorunAction()

public function docreditAction()
{
list($creditifopen, $credits, $calfunc, $calcmd) = $this->getInput(array('creditifopen', 'credits', 'calfunc', 'calcmd'), 'post');
$_calcmd = array('expr', 'bc', 'dc');
list($creditifopen, $credits) = $this->getInput(array('creditifopen', 'credits'), 'post');
$_credits = array();
!$credits && $credits = array();
foreach ($credits as $key => $credit) {
Expand All @@ -89,16 +88,9 @@ public function docreditAction()

$_credits[$key] = $credit;
}
if ($calfunc == 'exec' && !in_array($calcmd, $_calcmd)) {
$calcmd = 'bc';
}

if ($calfunc == 'curl' && in_array($calcmd, $_calcmd)) {
$calcmd = '';
}

$config = new PwConfigSet('site');
$config->set('app.torrent.creditifopen', intval($creditifopen))->set('app.torrent.credits', $_credits)->set('app.torrent.calfunc', $calfunc)->set('app.torrent.calcmd', $calcmd)->flush();
$config->set('app.torrent.creditifopen', intval($creditifopen))->set('app.torrent.credits', $_credits)->flush();
$this->showMessage('ADMIN:success');
}

Expand Down
20 changes: 14 additions & 6 deletions extensions/torrent/controller/IndexController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -360,17 +360,25 @@ public function announceAction()
}

$timeUsed = time() - strtotime($self['started']);
$symbol = array('%downloaded%', '%downloaded_total%', '%uploaded%', '%uploaded_total%', '%rotio%', '%rotio_total%', '%time%', '%credit%', '%torrents%');
$numbers = array(intval($downloaded), intval($downloaded_total), intval($uploaded), intval($uploaded_total), intval($rotio), intval($rotio_total), intval($timeUsed), 0, intval($user_torrents));

$m = Wekit::load('EXT:torrent.service.srv.helper.PwEvalmath');
$m->e('downloaded = ' . intval($downloaded));
$m->e('downloaded_total = ' . intval($downloaded_total));
$m->e('uploaded = ' . intval($uploaded));
$m->e('uploaded_total = ' . intval($uploaded_total));
$m->e('rotio = ' . intval($rotio));
$m->e('rotio_total = ' . intval($rotio_total));
$m->e('time = ' . intval($timeUsed));
$m->e('torrents = ' . intval($user_torrents));

foreach ($_credits as $key => $value) {
if ($value['enabled'] != '1') {
continue;
}

$numbers[7] = intval($crdtits['credit' . $key]);
$exp = str_replace($symbol, $numbers, $value['func']);
$credit_c = PwAnnounce::cal($exp);
$changes[$key] = $credit_c;
$m->e('credit = ' . intval($crdtits['credit' . $key]));

$changes[$key] = intval($m->e($exp));
$changed++;
}

Expand Down
25 changes: 0 additions & 25 deletions extensions/torrent/service/srv/helper/PwAnnounce.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,31 +13,6 @@ public static function showError($message = '')
exit(0);
}

public static function cal($exp)
{
if (Wekit::C('site', 'app.torrent.calfunc') == 'curl') {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, str_replace('%s', urlencode($exp), Wekit::C('site', 'app.torrent.calcmd')));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
$result = curl_exec($ch);
curl_close($ch);
} else {
switch (Wekit::C('site', 'app.torrent.calcmd') == 'expr') {
case 'expr':
$cmd = 'xargs expr';
break;
case 'dc':
$cmd = 'dc';
break;
default:
$cmd = 'bc -l';
}
$result = exec('echo ' . escapeshellarg($exp) . ' | ' . $cmd);
}
return intval($result);
}

public static function getPeersByTorrentId($torrent_id = 0, $peer_id = '')
{
$peer_list = self::_getTorrentPeerDS()->getTorrentPeerByTorrent($torrent_id);
Expand Down

0 comments on commit 09626c9

Please sign in to comment.