*/
5 function CheckDisabledFunctions($str,&$errmsg='')
4 {
3 global $cfg_disable_funs;
2 $cfg_disable_funs = isset($cfg_disable_funs)? $cfg_disable_funs : 'phpinfo,eval,exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source,file_put_contents,fsockopen,fopen,fwrite';
1 // 模板引擎增加disable_functions
474 return TRUE; 关键在这里
1 if (!defined('DEDEDISFUN')) {
2 $tokens = token_get_all_nl($str);
3 $disabled_functions = explode(',', $cfg_disable_funs);
4 foreach ($tokens as $token)
5 {
6 if (is_array($token))
7 {
8 if ($token[0] = '306' && in_array($token[1], $disabled_functions))
9 {
10 $errmsg = 'DedeCMS Error:function disabled "'.$token[1].'" <a href="http://help.dedecms.com/install-use/apply/2013/0711/2324.html" target="_blank">more...</a>';
11 return FALSE;
12 }
13 }
14 }
15 }
16 return TRUE;
17 }
18