From b4aadfdf5628069d15edcdccb911ceaa13724915 Mon Sep 17 00:00:00 2001
From: Devil <fuxiang.gong@qq.com>
Date: Mon, 14 Oct 2019 21:33:20 +0800
Subject: [PATCH] =?UTF-8?q?=E6=8F=92=E4=BB=B6=E4=B8=8B=E8=BD=BD=E5=90=8D?=
 =?UTF-8?q?=E7=A7=B0=E4=BC=98=E5=8C=96?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 application/service/PluginsAdminService.php | 18 +++++++++++++++---
 application/service/ThemeService.php        | 14 +++++++++++++-
 2 files changed, 28 insertions(+), 4 deletions(-)

diff --git a/application/service/PluginsAdminService.php b/application/service/PluginsAdminService.php
index 20ebd611c..0a4b375f6 100755
--- a/application/service/PluginsAdminService.php
+++ b/application/service/PluginsAdminService.php
@@ -1115,9 +1115,21 @@ php;
         {
             return DataReturn('请先开启开发者模式', -1); 
         }
-        
+
         // 获取应用标记
-        $plugins = $params['id'];
+        // 防止路径回溯
+        $plugins = htmlentities(str_replace(array('.', '/', '\\', ':'), '', strip_tags($params['id'])));
+        if(empty($plugins))
+        {
+            return DataReturn('插件标识有误', -1);
+        }
+
+        // 配置信息
+        $config = self::GetPluginsConfig($plugins);
+        if($config === false)
+        {
+            return DataReturn('插件配置有误', -10);
+        }
 
         // 目录不存在则创建
         $new_dir = ROOT.'runtime'.DS.'data'.DS.'plugins_package'.DS.$plugins;
@@ -1214,7 +1226,7 @@ php;
         \base\FileUtil::UnlinkDir($new_dir);
 
         // 开始下载
-        if(\base\FileUtil::DownloadFile($new_dir.'.zip', $plugins.'.zip'))
+        if(\base\FileUtil::DownloadFile($new_dir.'.zip', $config['base']['name'].'.zip'))
         {
             @unlink($new_dir.'.zip');
         } else {
diff --git a/application/service/ThemeService.php b/application/service/ThemeService.php
index 458d5e52f..64af286fa 100755
--- a/application/service/ThemeService.php
+++ b/application/service/ThemeService.php
@@ -261,6 +261,18 @@ class ThemeService
             return DataReturn('主题名称有误', -1);
         }
 
+        // 获取配置信息
+        $config_file = ROOT.self::$html_path.$theme.DS.'config.json';
+        if(!file_exists($config_file))
+        {
+            return DataReturn('主题配置文件不存在', -1);
+        }
+        $config = json_decode(file_get_contents($config_file), true);
+        if(empty($config))
+        {
+            return DataReturn('主题配置信息有误', -1);
+        }
+
         // 目录不存在则创建
         $new_dir = ROOT.'runtime'.DS.'data'.DS.'theme_package'.DS.$theme;
         \base\FileUtil::CreateDir($new_dir);
@@ -296,7 +308,7 @@ class ThemeService
         \base\FileUtil::UnlinkDir($new_dir);
 
         // 开始下载
-        if(\base\FileUtil::DownloadFile($new_dir.'.zip', $theme.'.zip'))
+        if(\base\FileUtil::DownloadFile($new_dir.'.zip', $config['name'].'.zip'))
         {
             @unlink($new_dir.'.zip');
         } else {