Discuz! X3.4 Thai UTF-8 R20210320, Rev.64

- เพิ่ม !837 Add a new configuration for GD image max pixel upper limit
- เพิ่ม !835 Add a new low-level security modules to minimize the security risks of short file names and empty Host access
- เพิ่ม !788 Add description for multiple selection: "Hold down the CTRL key to select multiple options"
- เพิ่ม !404 Add a new setting "Whether to disclose the management reason" under the topic post
- ปรับปรุง ข้อความภาษาไทยใน AdminCP ส่วนของ "สกิน" เป็น "รูปแบบสไตล์" เพื่อป้องกันความสับสนกับเมนู เทมเพลต (ที่เพิ่มขึ้นมาใหม่)
- ปรับปรุง ข้อมูลลิขสิทธิ์เป็นปี 2021
- ปรับปรุง !844 Update task status in real time instead of cron
- ปรับปรุง !843 Fix: Security question position can reveal the password field
- ปรับปรุง !838 Fix the calendar css
- ปรับปรุง !834 Fix admincp language related to the safety
- ปรับปรุง !827 Remove duplicated language keys
- ปรับปรุง !769 Fix: ambiguous password recovery email tips
- ปรับปรุง !704 Fix the convertip function for illegal second parameter
- ปรับปรุง !699 Update copyright info and some other minor issues
- แก้ไขปัญหา พื้นหลังเมนูย่อยใน AdminCP ที่มีพื้นหลังสีขาว เมื่อชื่อเมนูนั้นมีชื่อยาว เช่น ชื่อเมนู "ตัวเลือกการนำเข้าไฟล์ของเทมเพลท" พื้นหลังเมนูจะมีสีดำไม่ทั้งหมด เป็นต้น
- แก้ไขปัญหา การแคร็กระบบป้องกันการติดตั้งปลั๊กอิน/สกิน/สไตล์ที่ไม่ใช่ของแท้ใหม่ เนื่องจากไฟล์แพทช์ R20210320 มีการแก้ไขระบบตรวจสอบใหม่ (ขอขอบคุณ @zhogong)
- แก้ไขปัญหา Delete the duplicate key value in the article call DIY module
- แก้ไขปัญหา Database connection error returned.
- แก้ไขปัญหา !858 Fix: the second breadcrumb navigation node is blank when the home is displayed in SNS style and is dynamically closed
- แก้ไขปัญหา !857 Move forward the setting of the new mobile template
- แก้ไขปัญหา !855 Fix the bug that the verified information and unmodifiable information can be resubmitted through the form for mandatory modification
- แก้ไขปัญหา !853 Fix: Repeated reply numbers after deleting comments in Topic->Post moderation->Replies moderation
- แก้ไขปัญหา !848 Fix: the page belongs to the unselected state in Portal->Module Management->Module List
- แก้ไขปัญหา !841 Fix the problem that the admincp database verification tool does not support MySQL 8
- แก้ไขปัญหา !839 Prevent the invalid siteurl to be cached
- แก้ไขปัญหา !833 Fix: missed language entry for background HTML module
- แก้ไขปัญหา !831 Fix some bugs in forum-section editing
- แก้ไขปัญหา !828 Fix: Topic generation Tips are not hidden (Portal->Html Management->Generate All)
- แก้ไขปัญหา !821 The plug-in version number is displayed in the plug-in settings and "Not enabled" is displayed when the plug-in is not enabled
- แก้ไขปัญหา !817 Fix some bugs related to the database backup and recovery
- แก้ไขปัญหา !816 Fix: Custom image is not displayed at the site advertisement space
- แก้ไขปัญหา !815 Fix: empty exported file content on the database shell backup
- แก้ไขปัญหา !814 Fix problem that the detection of friend relationship is invalid in some cases
- แก้ไขปัญหา !811 Fix: missing closing A tag.
- แก้ไขปัญหา !809 Fix: Invalid label in the database backup selection: system MySQL Dump (Shell)
- แก้ไขปัญหา !808 Fix the bug: White screen in "System MySQL Dump (Shell) backup database"
- แก้ไขปัญหา !805 Small fix of PR393 to avoid the situation where the resource handle is equal 0
- แก้ไขปัญหา !804 Fix: missing highlight on the forum list page
- แก้ไขปัญหา !803 Adjust the code to avoid false alarms by Tencent Computer Manager
- แก้ไขปัญหา !802 Recommend common websites when installation is complete, such as tutorials
- แก้ไขปัญหา !801 Adjust the version number and the QQ Connect plug-in to adapt to the update of the application center
- แก้ไขปัญหา !800 Fixed an issue where a 404 error was reported when the "URL/undefined" page was redirected to the "URL/undefined" page when an error message was returned when the mobile form was submitted via Ajax
- แก้ไขปัญหา !799 Fix: Cannot complete the account registration on a mobile phone using QQ
- แก้ไขปัญหา !797 Remove duplicated keys in lang_admincp
- แก้ไขปัญหา !795 Clean up some non-existent entries
- แก้ไขปัญหา !789 Delete invalid variable $mobile1exists
- แก้ไขปัญหา !784 Fix: New setting: Allow guests to view user profile
- แก้ไขปัญหา !783 Support SSL encryption while sending email
- แก้ไขปัญหา !779 Fix: Registration is not available at the touch mobile phone because of the form nesting error
- แก้ไขปัญหา !776 Fix the BUG: invalid email sending task caused by WeChat login
- แก้ไขปัญหา !773 New setting: Allow guests to view user profile
- แก้ไขปัญหา !772 Fix: Repeated post operation info in portal page (from=portal)
- แก้ไขปัญหา !770 Remove the nonexistent second parameter of convertip function
- แก้ไขปัญหา !768 Fix PR 660 BUG
- แก้ไขปัญหา !764 Fix several issues with the "atlist" (@username) when posting
- แก้ไขปัญหา !762 Fix: Invalid mail sent in Back-end and Front-end user review
- แก้ไขปัญหา !758 Fix: Invalid bottom links in mobile version
- แก้ไขปัญหา !756 Fix the Search Tags for searchindex
- แก้ไขปัญหา !754 Separate code and language in admincp_index.php
- แก้ไขปัญหา !752 Fix: Error in the archiver pseudo-static rules, optimize the rewrite rules
- แก้ไขปัญหา !750 Fix a BUG in remote login prompt code
- แก้ไขปัญหา !748 Fix: conflict between jQuery and avatar upload tool
- แก้ไขปัญหา !747 Fix: Wrong download file name in some cases
- แก้ไขปัญหา !745 Separate code and language in misc_security.php
- แก้ไขปัญหา !743 Fix: User batch verification is exported as empty files or wrong type data
- แก้ไขปัญหา !740 Fix: Garbled attachments on IE 11 and old Edge
- แก้ไขปัญหา !739 Fix: A link to the related section is not determoned as "section/group".
- แก้ไขปัญหา !737 Fix: The optimized position is wrong when checking if the topic table needs to be optimized
- แก้ไขปัญหา !736 Fix: AdminCP->Optimization, Check SEO optimization always prompting to improve SEO settings
- แก้ไขปัญหา !735 Remove obsolete options in admincp optimizer
- แก้ไขปัญหา !732 (AdminCP->Anti-Spam->Security master) Invalid optimized position for deleting the post when the user is allowed to edit the post
- แก้ไขปัญหา !729 Fix some SQL queries problems caused by some table prefixes
- แก้ไขปัญหา !718 Fix the installation bug: "Data table prefix is empty or format is wrong, please check"
- แก้ไขปัญหา !717 Fix: IP library does not need to be deleted after the operation is not updated
- แก้ไขปัญหา !716 Fix guide page, the post icon does not change with the template color switch and becomes the post icon of the corresponding color system.
- แก้ไขปัญหา !715 Fix: parse tel/magnet links
- แก้ไขปัญหา !713 Fix: restrict the last character to _ in the table prefix format, to avoid the table prefix like pre_1 from being generated and causing the program processing errors
- แก้ไขปัญหา !706 Remove invalid link in AdmiCP->User->send notification->group message
- แก้ไขปัญหา !701 Fix the problem that the custom advertising block function does not work properly in search and misc entries
- แก้ไขปัญหา !700 Fix some group bugs
- แก้ไขปัญหา !698 Groups->Search->Delete group: groupnum updated multiple times
- แก้ไขปัญหา !696 Fix: Invalid label for input id=replylimit
- แก้ไขปัญหา !695 Fix: Change the forum statistics chart from Flash to HTML5
- แก้ไขปัญหา !694 Only super administrators can do "Groups->Group Settings->Select user groups"
- แก้ไขปัญหา !692 Fix the bug that abnormal posts are displayed in the label (such as regular posts, deleted posts, etc.)
- แก้ไขปัญหา !691 Fix vulnerability: restore.php can execute remote SQL files
- แก้ไขปัญหา !685 Fix: hide directory content in some locations
- แก้ไขปัญหา !678 Parsing for new protocol tel/magnet link
- แก้ไขปัญหา !677 Fix some small bugs and problems in the current system
- แก้ไขปัญหา !675 Fix dfopen socket related issues (UCenter and installer)
- แก้ไขปัญหา !674 Fix php5.3 compatibility issues
- แก้ไขปัญหา !660 Fix several bugs in the admincp_db functions
- แก้ไขปัญหา !659 Fix some bugs in data recovery tool
- แก้ไขปัญหา !654 Fix: Site task execution problem
- แก้ไขปัญหา !653 Style scheme setting does not take effect in "Forum Section Management"->"Batch Edit"
- แก้ไขปัญหา !652 Fix: Wrong behavior caused by adminid = -1
- แก้ไขปัญหา !646 Fix: The user list is not displayed after a notification message
- แก้ไขปัญหา !630 Fix a bug: User Tag-Send a notification report [Your request is not correct or the form verification string does not match]
- แก้ไขปัญหา !622 Deleting user restrictions does not take effect in ACP->Users->Search->Manage users
- แก้ไขปัญหา !612 Fix: showsetting shows unclosed <TR> tag
- แก้ไขปัญหา !532 Fix: losing the line-wrapping of downloading pictures from the portal
- แก้ไขปัญหา !521 Fix: search bots can not browse the tag page
- แก้ไขปัญหา !507 Fix: no reminder for private messages and other messages
- แก้ไขปัญหา !506 [Lightweight PR] Fixed the problem that the section rules become invalid after the section cache is turned on due to the same cache key value
- แก้ไขปัญหา !495 Fix the bug that the converted HTML entity is lost after editing the article again
- แก้ไขปัญหา !439 Fixed Scroll Link Menu Overflow in AdminCP
- แก้ไขปัญหา !411 Fix: missing fields on user profile after moving a user to sub-table
- แก้ไขปัญหา !393 Fix the error caused by continuing to execute the query when the query result is 0

upload/admin.php

@@ -62,6 +62,10 @@
 	}
 } else {
 	cpheader();
-	cpmsg('action_noaccess', '', 'error');
+	if($action == 'cloudaddons') {
+		cpmsg('cloudaddons_noaccess', '', 'error');
+	} else {
+		cpmsg('action_noaccess', '', 'error');
+	}
 }
 ?>

upload/archiver/index.php

@@ -13,7 +13,7 @@
 
 $querystring = $_SERVER['QUERY_STRING'];
 
-if(!empty($_GET['action'])) {
+if(!empty($_GET['action']) && !empty($_GET['value'])) {
 	$querystring = $_GET['action'].'-'.$_GET['value'];
 }
 

upload/connect.php

@@ -1,6 +1,6 @@
 <?php
 /*
-   [Discuz!] (C)2001-2009 Comsenz Inc.
+   [Discuz!] (C)2001-2099 Comsenz Inc.
    This is NOT a freeware, use is subject to license terms
 
    $Id: connect.php 26424 2011-12-13 03:02:20Z zhouxiaobo $

upload/install/data/install_data.sql

@@ -158,17 +158,15 @@ INSERT INTO pre_common_nav VALUES ('','0','ทักทาย','Doing','home.php
 INSERT INTO pre_common_nav VALUES ('', '0', 'สถิติเว็บไซต์', '', 'misc.php?mod=stat', 'stat', 0, 0, 1, 1, 0, 0, 0, 0, '', '', '', 1, '');
 INSERT INTO pre_common_nav VALUES ('', '0', 'รายงานหน้านี้', '', '#', 'report', 0, 0, 1, 2, 0, 0, 0, 0, '', '', '', 1, '');
 INSERT INTO pre_common_nav VALUES ('', '0', 'ข้อความล้วน', '', 'archiver/', 'archiver', 0, 0, 1, 3, 0, 0, 0, 0, '', '', '', 1, '');
-INSERT INTO pre_common_nav VALUES ('', '0', 'อุปกรณ์พกพา', '', 'forum.php?mobile=yes', 'mobile', 0, 0, 1, 3, 0, 0, 0, 0, '', '', '', 1, '');
+INSERT INTO pre_common_nav VALUES ('', '0', 'อุปกรณ์พกพา', '', 'forum.php?mobile=yes', 'mobile', 0, 0, 0, 3, 0, 0, 0, 0, '', '', '', 1, '');
 INSERT INTO pre_common_nav VALUES ('', '0', 'ประวัติการแบน', '', 'forum.php?mod=misc&action=showdarkroom', 'darkroom', 0, 0, 1, 3, 0, 0, 0, 0, '', '', '', 1, '');
 
 INSERT INTO pre_common_nav VALUES ('', '0', 'บล็อก', '', 'home.php?mod=space&do=blog', 'blog', 0, 0, -1, 2, 0, 0, 0, 0, '{STATICURL}image/feed/blog.gif', 'เขียน', 'home.php?mod=spacecp&ac=blog', 2, '');
 INSERT INTO pre_common_nav VALUES ('', '0', 'อัลบั้ม', '', 'home.php?mod=space&do=album', 'album', 0, 0, -1, 3, 0, 0, 0, 0, '{STATICURL}image/feed/album.gif', 'สร้าง', 'home.php?mod=spacecp&ac=upload', 2, '');
 INSERT INTO pre_common_nav VALUES ('', '0', 'แบ่งปัน', '', 'home.php?mod=space&do=share', 'share', 0, 0, -1, 4, 0, 0, 0, 0, '{STATICURL}image/feed/share.gif', 'เพิ่ม', 'home.php?mod=spacecp&ac=share', 2, '');
 INSERT INTO pre_common_nav VALUES ('', '0', 'ทักทาย', '', 'home.php?mod=space&do=doing', 'doing', 0, 0, -1, 5, 0, 0, 0, 0, '{STATICURL}image/feed/doing.gif', '', '', 2, '');
 INSERT INTO pre_common_nav VALUES ('', '0', 'ติดตาม', '', 'home.php?mod=follow', 'follow', 0, 0, -1, 6, 0, 0, 0, 0, '{STATICURL}image/feed/follow.gif', '', '', 2, '');
-INSERT INTO pre_common_nav VALUES ('', '0', '{userpanelarea1}', '', '', '', 0, 0, 1, 7, 0, 0, 0, 0, '', '', '', 2, '');
 INSERT INTO pre_common_nav VALUES ('', '0', '{hr}', '', '', '', 0, 1, 1, 8, 0, 0, 0, 0, '', '', '', 2, '');
-INSERT INTO pre_common_nav VALUES ('', '0', '{userpanelarea2}', '', '', '', 0, 0, 1, 9, 0, 0, 0, 0, '', '', '', 2, '');
 
 INSERT INTO pre_common_nav VALUES ('', '0', 'เพื่อน', '', 'home.php?mod=space&do=friend', 'friend', 0, 0, 0, 1, 0, 0, 0, 0, '{STATICURL}image/feed/friend_b.png', '', '', 3, '');
 INSERT INTO pre_common_nav VALUES ('', '0', 'กระทู้แนะนำของฉัน', '', 'forum.php?mod=guide&view=my', 'thread', 0, 0, 0, 2, 0, 0, 0, 0, '{STATICURL}image/feed/thread_b.png', '', '', 3, '');
@@ -306,7 +304,6 @@ INSERT INTO pre_common_setting VALUES ('friendgroupnum','8');
 INSERT INTO pre_common_setting VALUES ('ftp','a:10:{s:2:\"on\";s:1:\"0\";s:3:\"ssl\";s:1:\"0\";s:4:\"host\";s:0:\"\";s:4:\"port\";s:2:\"21\";s:8:\"username\";s:0:\"\";s:8:\"password\";s:0:\"\";s:9:\"attachdir\";s:1:\".\";s:9:\"attachurl\";s:0:\"\";s:7:\"hideurl\";s:1:\"0\";s:7:\"timeout\";s:1:\"0\";}');
 INSERT INTO pre_common_setting VALUES ('globalstick','1');
 INSERT INTO pre_common_setting VALUES ('targetblank','0');
-INSERT INTO pre_common_setting VALUES ('google','1');
 INSERT INTO pre_common_setting VALUES ('groupstatus','0');
 INSERT INTO pre_common_setting VALUES ('portalstatus','0');
 INSERT INTO pre_common_setting VALUES ('followstatus','0');
@@ -791,7 +788,7 @@ INSERT INTO pre_common_word_type SET `id`='1', `typename`='แบ่งปัน
 INSERT INTO pre_common_word_type SET `id`='2', `typename`='ค้าขาย';
 
 INSERT INTO pre_forum_bbcode VALUES ('1','0','fly','bb_fly.gif','<marquee width=\"90%\" scrollamount=\"3\">{1}</marquee>','[fly]This is sample text[/fly]','แสดงเนื้หาเลื่อนตามแนวนอน การกระทำนี้จะคล้ายกับ HTML และ marquee คำค้น หมายเหตุ: การกระทำนี้มีผลกับเบราว์เซอร์ Internet Explorer เท่านั้น','1','กรุณาใส่ข้อความที่จะแสดง:','1','19','1	2	3	12	13	14	15	16	17	18	19');
-INSERT INTO pre_forum_bbcode VALUES ('2','0','qq','bb_qq.gif','<a href=\"http://wpa.qq.com/msgrd?v=3&uin={1}&amp;site=[Discuz!]&amp;from=discuz&amp;menu=yes\" target=\"_blank\"><img src=\"static/image/common/qq_big.gif\" border=\"0\"></a>','[qq]688888[/qq]','แสดงสถานะ QQ ออนไลน์，คลิกที่ไอคอนของเขา(เธอ)เพื่อสนทนา','1','กรุณาใส่หมายเลข QQ เพื่อแสดงสถานะออนไลน์:<a href=\"\" class=\"xi2\" onclick=\"this.href=\'http://wp.qq.com/set.html?from=discuz&uin=\'+$(\'e_cst1_qq_param_1\').value\" target=\"_blank\" style=\"float:right;\">ตั้งค่า QQ สถานะออนไลน์&nbsp;&nbsp;</a>','1','21','1	2	3	10	11	12	13	14	15	16	17	18	19');
+INSERT INTO pre_forum_bbcode VALUES ('2','0','qq','bb_qq.gif','<a href=\"https://wpa.qq.com/msgrd?v=3&uin={1}&amp;site=[Discuz!]&amp;from=discuz&amp;menu=yes\" target=\"_blank\"><img src=\"static/image/common/qq_big.gif\" border=\"0\"></a>','[qq]688888[/qq]','แสดงสถานะ QQ ออนไลน์，คลิกที่ไอคอนของเขา(เธอ)เพื่อสนทนา','1','กรุณาใส่หมายเลข QQ เพื่อแสดงสถานะออนไลน์:<a href=\"\" class=\"xi2\" onclick=\"this.href=\'https://wp.qq.com/set.html?from=discuz&uin=\'+$(\'e_cst1_qq_param_1\').value\" target=\"_blank\" style=\"float:right;\">ตั้งค่า QQ สถานะออนไลน์&nbsp;&nbsp;</a>','1','21','1	2	3	10	11	12	13	14	15	16	17	18	19');
 INSERT INTO pre_forum_bbcode VALUES ('3','0','sup','bb_sup.gif','<sup>{1}</sup>','X[sup]2[/sup]','แสดงตัวอักษรลักษณะยกกำลัง','1','ใส่ข้อความที่นี่: ','1','22','1	2	3	12	13	14	15	16	17	18	19');
 INSERT INTO pre_forum_bbcode VALUES ('4','0','sub','bb_sub.gif','<sub>{1}</sub>','X[sub]2[/sub]','แสดงตัวอักษรลักษณะตัวห้อย','1','ใส่ข้อความที่นี่: ','1','23','1	2	3	12	13	14	15	16	17	18	19');
 INSERT INTO pre_forum_bbcode VALUES ('5', '2', 'spoil', 'bb_spoil.png', '<div style="display: inline;"><div style="display: inline;"><span onClick="if (this.parentNode.parentNode.getElementsByTagName(''div'')[1].getElementsByTagName(''div'')[0].style.display != '''') {  this.parentNode.parentNode.getElementsByTagName(''div'')[1].getElementsByTagName(''div'')[0].style.display = ''''; this.innerHTML = ''<a href=\\''javascript:void(0);\\'' onClick=\\''return false;\\'' style=\\''color: #FF0000;\\''>[Spoil] คลิกเพื่อซ่อนข้อความ</a>''; } else { this.parentNode.parentNode.getElementsByTagName(''div'')[1].getElementsByTagName(''div'')[0].style.display = ''none''; this.innerHTML = ''<a href=\\''javascript:void(0);\\'' onClick=\\''return false;\\'' style=\\''color: #FF0000;\\''>[Spoil] คลิกเพื่อดูข้อความที่ซ่อนไว้</a>''; }" /><a href="javascript:void(0);" onClick="return false;" style="color: #FF0000;">[Spoil] คลิกเพื่อดูข้อความที่ซ่อนไว้</a></span></div><div style="display: inline;"><div style="border: dashed 1px #FF0000;padding: 10px 0px 10px 20px;margin: 10px 0px;display: none;">{1}</div></div></div>', '', 'สปอยล์', '1', 'กรอกข้อความที่คุณต้องการสปอยล์', '1', '24', '10	11	12	13	14	15	20	16	17	18	19	1	2	3');

upload/install/images/style.css

@@ -1,5 +1,5 @@
 /*
-(C) 2001-2009 Comsenz Inc.
+(C) 2001-2099 Comsenz Inc.
 */
 
 /* common */
@@ -39,7 +39,7 @@ table{ border-collapse:collapse; }
 	.btnbox input{ margin:0 2px; }
 	.btnbox textarea{ margin-bottom:10px; height:150px; }
 .btn{ margin-top:10px; }
-.footer{ line-height:40px; text-align:center; background:url(bg_footer.gif) repeat-x; font-size:11px; }
+.footer{ line-height:40px; text-align:center; background:#F7FBFE url(bg_footer.gif) repeat-x; font-size:11px; }
 
 /* form */
 .txt{ width:200px; }

upload/install/include/install_function.php

@@ -19,6 +19,7 @@ function show_msg($error_no, $error_msg = 'ok', $success = 1, $quit = TRUE) {
 		$str = "<root>\n";
 		$str .= "\t<error errorCode=\"$error_code\" errorMessage=\"$error_msg\" />\n";
 		$str .= "</root>";
+		send_mime_type_header();
 		echo $str;
 		exit;
 	} else {
@@ -63,16 +64,17 @@ function check_db($dbhost, $dbuser, $dbpw, $dbname, $tablepre) {
 	}
 	$mysqlmode = function_exists('mysql_connect') ? 'mysql' : 'mysqli';
 	$link = ($mysqlmode == 'mysql') ? @mysql_connect($dbhost, $dbuser, $dbpw) : new mysqli($dbhost, $dbuser, $dbpw);
-	if(!$link) {
-		$errno = ($mysqlmode == 'mysql') ? mysql_errno() : mysqli_errno();
-		$error = ($mysqlmode == 'mysql') ? mysql_error() : mysqli_error();
+	if(($mysqlmode == 'mysql' && !$link) || ($mysqlmode != 'mysql' && $link->connect_errno)) {
+		$errno = ($mysqlmode == 'mysql') ? mysql_errno($link) : $link->connect_errno;
+		$error = ($mysqlmode == 'mysql') ? mysql_error($link) : $link->connect_error;
 		if($errno == 1045) {
 			show_msg('database_errno_1045', $error, 0);
 		} elseif($errno == 2003) {
 			show_msg('database_errno_2003', $error, 0);
 		} else {
 			show_msg('database_connect_error', $error, 0);
 		}
+		return false;
 	} else {
 		if($query = (($mysqlmode == 'mysql') ? @mysql_query("SHOW TABLES FROM $dbname") : $link->query("SHOW TABLES FROM $dbname"))) {
 			if(!$query) {
@@ -170,12 +172,12 @@ function_exists($item) or show_msg('undefine_func', $item, 0);
 	}
 }
 
-function dintval($int, $allowarray = false) {
+function dfloatval($int, $allowarray = false) {
 	$ret = floatval($int);
 	if($int == $ret || !$allowarray && is_array($int)) return $ret;
 	if($allowarray && is_array($int)) {
 		foreach($int as &$v) {
-			$v = dintval($v, true);
+			$v = dfloatval($v, true);
 		}
 		return $int;
 	} elseif($int <= 0xffffffff) {
@@ -198,8 +200,8 @@ function show_env_result(&$env_items, &$dirfile_items, &$func_items, &$filesock_
 		}
 		$status = 1;
 		if($item['r'] != 'notset') {
-			if(dintval($item['current']) && dintval($item['r'])) {
-				if(dintval($item['current']) < dintval($item['r'])) {
+			if(dfloatval($item['current']) && dfloatval($item['r'])) {
+				if(dfloatval($item['current']) < dfloatval($item['r'])) {
 					$status = 0;
 					$error_code = ENV_CHECK_ERROR;
 				}
@@ -267,6 +269,7 @@ function show_env_result(&$env_items, &$dirfile_items, &$func_items, &$filesock_
 		$str .= "\t</FileDirs>\n";
 		$str .= "\t<error errorCode=\"$error_code\" errorMessage=\"\" />\n";
 		$str .= "</root>";
+		send_mime_type_header();
 		echo $str;
 		exit;
 
@@ -348,6 +351,16 @@ function show_env_result(&$env_items, &$dirfile_items, &$func_items, &$filesock_
 
 function show_next_step($step, $error_code) {
 	global $uchidden;
+
+	if(!empty($uchidden)) {
+		$uc_info_transfer = unserialize(urldecode($uchidden));
+		if(!isset($uc_info_transfer['ucapi']) && !isset($uc_info_transfer['ucfounderpw'])){
+			$uchidden = '';
+		} else {
+			$uchidden = dhtmlspecialchars($uchidden);
+		}
+	}
+
 	echo "<form action=\"index.php\" method=\"post\">\n";
 	echo "<input type=\"hidden\" name=\"step\" value=\"$step\" />";
 	if(isset($GLOBALS['hidden'])) {
@@ -570,7 +583,7 @@ function showmessage(message) {
 function show_footer($quit = true) {
 
 	echo <<<EOT
-		<div class="footer">Copyright &copy;2001-2020, Tencent Cloud.</div>
+		<div class="footer">Copyright &copy;2001-2021, Tencent Cloud.</div>
 	</div>
 </div>
 </body>
@@ -864,15 +877,24 @@ function fsocketopen($hostname, $port = 80, &$errno, &$errstr, $timeout = 15) {
 function dfopen($url, $limit = 0, $post = '', $cookie = '', $bysocket = FALSE, $ip = '', $timeout = 15, $block = TRUE, $encodetype  = 'URLENCODE', $allowcurl = TRUE) {
 	$return = '';
 	$matches = parse_url($url);
-	$scheme = $matches['scheme'];
+	$scheme = strtolower($matches['scheme']);
 	$host = $matches['host'];
-	$path = $matches['path'] ? $matches['path'].($matches['query'] ? '?'.$matches['query'] : '') : '/';
-	$port = !empty($matches['port']) ? $matches['port'] : ($matches['scheme'] == 'https' ? 443 : 80);
+	$path = !empty($matches['path']) ? $matches['path'].(!empty($matches['query']) ? '?'.$matches['query'] : '') : '/';
+	$port = !empty($matches['port']) ? $matches['port'] : ($scheme == 'https' ? 443 : 80);
 
-	if(function_exists('curl_init') && $allowcurl) {
+	if(function_exists('curl_init') && function_exists('curl_exec') && $allowcurl) {
 		$ch = curl_init();
 		$ip && curl_setopt($ch, CURLOPT_HTTPHEADER, array("Host: ".$host));
-		curl_setopt($ch, CURLOPT_URL, $scheme.'://'.($ip ? $ip : $host).':'.$port.$path);
+		curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
+		// 在请求主机名并非一个合法 IP 地址, 且 PHP 版本 >= 5.5.0 时, 使用 CURLOPT_RESOLVE 设置固定的 IP 地址与域名关系
+		// 在不支持的 PHP 版本下, 继续采用原有不支持 SNI 的流程
+		if(!filter_var($host, FILTER_VALIDATE_IP) && version_compare(PHP_VERSION, '5.5.0', 'ge')) {
+			curl_setopt($ch, CURLOPT_DNS_USE_GLOBAL_CACHE, false);
+			curl_setopt($ch, CURLOPT_RESOLVE, array("$host:$port:$ip"));
+			curl_setopt($ch, CURLOPT_URL, $scheme.'://'.$host.':'.$port.$path);
+		} else {
+			curl_setopt($ch, CURLOPT_URL, $scheme.'://'.($ip ? $ip : $host).':'.$port.$path);
+		}
 		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
 		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
 		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
@@ -904,6 +926,9 @@ function dfopen($url, $limit = 0, $post = '', $cookie = '', $bysocket = FALSE, $
 		$out = "POST $path HTTP/1.0\r\n";
 		$header = "Accept: */*\r\n";
 		$header .= "Accept-Language: zh-cn\r\n";
+		if($allowcurl) {
+			$encodetype = 'URLENCODE';
+		}
 		$boundary = $encodetype == 'URLENCODE' ? '' : '; boundary='.trim(substr(trim($post), 2, strpos(trim($post), "\n") - 2));
 		$header .= $encodetype == 'URLENCODE' ? "Content-Type: application/x-www-form-urlencoded\r\n" : "Content-Type: multipart/form-data$boundary\r\n";
 		$header .= "User-Agent: $_SERVER[HTTP_USER_AGENT]\r\n";
@@ -925,26 +950,45 @@ function dfopen($url, $limit = 0, $post = '', $cookie = '', $bysocket = FALSE, $
 	}
 
 	$fpflag = 0;
-	if(!$fp = @fsocketopen(($scheme == 'https' ? 'ssl' : $scheme).'://'.($scheme == 'https' ? $host : ($ip ? $ip : $host)), $port, $errno, $errstr, $timeout)) {
-		$context = array(
-			'http' => array(
-				'method' => $post ? 'POST' : 'GET',
-				'header' => $header,
-				'content' => $post,
-				'timeout' => $timeout,
-			),
+	$context = array();
+	if($scheme == 'https') {
+		$context['ssl'] = array(
+			'verify_peer' => false,
+			'verify_peer_name' => false,
+			'peer_name' => $host
 		);
+		if(version_compare(PHP_VERSION, '5.6.0', '<')) {
+			$context['ssl']['SNI_enabled'] = true;
+			$context['ssl']['SNI_server_name'] = $host;
+		}
+	}
+	if(ini_get('allow_url_fopen')) {
+		$context['http'] = array(
+			'method' => $post ? 'POST' : 'GET',
+			'header' => $header,
+			'timeout' => $timeout
+		);
+		if($post) {
+			$context['http']['content'] = $post;
+		}
 		$context = stream_context_create($context);
-		$fp = @fopen($scheme.'://'.($scheme == 'https' ? $host : ($ip ? $ip : $host)).':'.$port.$path, 'b', false, $context);
+		$fp = @fopen($scheme.'://'.($ip ? $ip : $host).':'.$port.$path, 'b', false, $context);
 		$fpflag = 1;
+	} elseif(function_exists('stream_socket_client')) {
+		$context = stream_context_create($context);
+		$fp = @stream_socket_client(($scheme == 'https' ? 'ssl://' : '').($ip ? $ip : $host).':'.$port, $errno, $errstr, $timeout, STREAM_CLIENT_CONNECT, $context);
+	} else {
+		$fp = @fsocketopen(($scheme == 'https' ? 'ssl://' : '').($scheme == 'https' ? $host : ($ip ? $ip : $host)), $port, $errno, $errstr, $timeout);
 	}
 
 	if(!$fp) {
 		return '';
 	} else {
 		stream_set_blocking($fp, $block);
 		stream_set_timeout($fp, $timeout);
-		@fwrite($fp, $out);
+		if(!$fpflag) {
+			@fwrite($fp, $out);
+		}
 		$status = stream_get_meta_data($fp);
 		if(!$status['timed_out']) {
 			while (!feof($fp) && !$fpflag) {
@@ -1279,7 +1323,7 @@ function install_uc_server() {
 
 	$pathinfo = pathinfo($_SERVER['PHP_SELF']);
 	$pathinfo['dirname'] = substr($pathinfo['dirname'], 0, -8);
-	$isHTTPS = ($_SERVER['HTTPS'] && strtolower($_SERVER['HTTPS']) != 'off') ? true : false;
+	$isHTTPS = is_https();
 	$appurl = 'http'.($isHTTPS ? 's' : '').'://'.preg_replace("/\:\d+/", '', $_SERVER['HTTP_HOST']).($_SERVER['SERVER_PORT'] && $_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443 ? ':'.$_SERVER['SERVER_PORT'] : '').$pathinfo['dirname'];
 	$ucapi = $appurl.'/uc_server';
 	$ucip = '';
@@ -1762,4 +1806,27 @@ function format_space($space) {
 		}
 	}
 	return $space;
-}
+}
+
+function send_mime_type_header($type = 'application/xml') {
+	header("Content-Type: ".$type);
+}
+
+function is_https() {
+	if (isset($_SERVER["HTTPS"]) && strtolower($_SERVER["HTTPS"]) != "off") {
+		return true;
+	}
+	if (isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && strtolower($_SERVER["HTTP_X_FORWARDED_PROTO"]) == "https") {
+		return true;
+	}
+	if (isset($_SERVER["HTTP_SCHEME"]) && strtolower($_SERVER["HTTP_SCHEME"]) == "https") {
+		return true;
+	}
+	if (isset($_SERVER["HTTP_FROM_HTTPS"]) && strtolower($_SERVER["HTTP_FROM_HTTPS"]) != "off") {
+		return true;
+	}
+	if (isset($_SERVER["SERVER_PORT"]) && $_SERVER["SERVER_PORT"] == 443) {
+		return true;
+	}
+	return false;
+}