forked from fex-team/fis3
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
wangrui10
committed
Sep 2, 2015
1 parent
fb7bff9
commit afd0c09
Showing
3,072 changed files
with
290,949 additions
and
4 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
48 changes: 48 additions & 0 deletions
48
test/diff_fis3_smarty/product_code/hao123_fis3_smarty/common/build.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,48 @@ | ||
| #!/bin/bash | ||
|
|
||
| MOD_NAME="common" | ||
| TAR="$MOD_NAME.tar.gz" | ||
|
|
||
| # add path | ||
| export PATH=/home/fis/npm/bin:$PATH | ||
| #show fisp version | ||
| fisp --version --no-color | ||
|
|
||
| #通过fisp release 命令进行模块编译 开启optimize、md5、打包功能,同时需开启-u 独立缓存编译方式,产出到同目录下output中 | ||
| fisp release -cuompd output | ||
|
|
||
| php ./json2php.php $MOD_NAME | ||
|
|
||
| #进入output目录 | ||
| cd output | ||
| #删除产出的test目录 | ||
| rm -rf test | ||
|
|
||
| #整理output目录 | ||
| mkdir webroot | ||
| mkdir views | ||
| rm json2php.php | ||
| mv static/ webroot/static | ||
| mv static304/ webroot/static304 | ||
| mv template/ views/templates | ||
| mv config/ views/templates/config | ||
| #mv server.conf webroot/ | ||
| rm -f plugin/compiler.fis_require.php | ||
| mkdir libs | ||
| mkdir libs/Third | ||
| mkdir libs/Third/Smarty | ||
| mv plugin/ libs/Third/Smarty/plugins | ||
|
|
||
|
|
||
| #将output目录进行打包 | ||
| tar zcf $TAR ./* | ||
| mv $TAR ../ | ||
|
|
||
| cd .. | ||
| rm -rf output | ||
|
|
||
| mkdir output | ||
|
|
||
| mv $TAR output/ | ||
|
|
||
| echo "build end" |
9 changes: 9 additions & 0 deletions
9
test/diff_fis3_smarty/product_code/hao123_fis3_smarty/common/common-autopack.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| { | ||
| "pack" : { | ||
| "pkg/autopack_common_base.js": [ | ||
| "/static/lazyload.js", | ||
| "/static/mod.js", | ||
| "/static/BigPipe.js" | ||
| ] | ||
| } | ||
| } |
40 changes: 40 additions & 0 deletions
40
test/diff_fis3_smarty/product_code/hao123_fis3_smarty/common/config/xss.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| <?php | ||
| return array( | ||
| //基本配置区域,建议用utf-8编码保存本文件。当然使用gbk也无影响。 | ||
| 'TPL_LEFT_DELIMITER' => '<%', //smarty左界符 | ||
| 'TPL_RIGHT_DELIMITER' => '%>', //smarty右界符 | ||
| 'TPL_SUFFIX' => 'tpl', //模板文件扩展名 | ||
| 'func_name_callback' => '/callback/', //回调函数名,$callback(json),正则匹配,防止多个变量名,不需要则可以关闭check_callback | ||
| 'name_callback' => 'callback', //smarty.get.callback(json),不需要则可以关闭check_callback | ||
|
|
||
| //添加各场景开关检查功能,on 或者 off,默认为on,即全部要检查 | ||
| 'check_callback' => 'on', | ||
| 'check_html' => 'off', | ||
| 'check_js' => 'on', | ||
| 'check_data' => 'on', | ||
| 'check_path' => 'on', | ||
| 'check_event' => 'on', | ||
|
|
||
| //各场景对应的安全转义函数,正则配置 | ||
| 'escape_js' => '/sp_escape_js|escape:("|\'?)javascript\1/', //js转义函数配置 | ||
| 'escape_html' => '/sp_escape_html|escape:("|\'?)html\1|(escape$)|(escape\|)/', //html转义函数配置 | ||
| 'escape_event' => '/sp_escape_event|escape:("|\'?)javascript\1\|escape:("|\'?)html\2/', //标签事件属性值场景转义函数配置 | ||
| 'escape_data' => '/sp_escape_data/', //json数据转义配置 | ||
| 'escape_path' => '/sp_path|escape:("|\'?)url\1|escape:("|\'?)html\2|(escape$)|(escape\|)/', //url属性里转义 | ||
| 'escape_callback' => '/sp_escape_callback/', //callback最小化转义 | ||
|
|
||
| //如果某个特定变量不需要转义,可以加上|escape:none ,正则配置 | ||
| 'noescape' => '/escape:[\'|\"]?none[\'|\"]?/', | ||
|
|
||
| //全局白名单,变量名与正则匹配则可信,不对其进行检查,明妃,坤哥,如果你们从cms中读取的变量取了新的名称请把名称填写到这里 | ||
| 'XSS_SAFE_VAR' => array( //安全变量列表,必须是正则,不包含$ | ||
| '/(?:body|html|head|value|hotSiteCon|listValue|entry|link|linksValue|defaultClass|data|sBoxTag|sysInfo|uaq|mod|root\.html\.content|country|host|smarty|engine|tag|params|root\.conf)/ies', | ||
| '/(?:_pv|_num|_id)/ies' | ||
| ), | ||
| //精确白名单,某特定文件名,或其内某个变量是完全可信的 | ||
| 'file_safe_var' =>array( //filename为相对路径(非中文),$varname为变量,表明filename下的所有$varname都是白名单。 | ||
| 'filename::$varname' | ||
| ) | ||
|
|
||
| ); | ||
| ?> |
Oops, something went wrong.