From c129974c12c33699cc0ae13070385c4266cf53e2 Mon Sep 17 00:00:00 2001
From: Karson <karsonzhang@163.com>
Date: Sat, 18 Nov 2017 13:05:49 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8Dphp=20think=20min=E6=97=A0?=
 =?UTF-8?q?=E6=B3=95=E5=9C=A8Win=E4=B8=8B=E5=8E=8B=E7=BC=A9=E7=9A=84BUG=20?=
 =?UTF-8?q?=E4=BF=AE=E5=A4=8DAuth.php=E7=B1=BB=E5=9C=A8=E6=95=B0=E6=8D=AE?=
 =?UTF-8?q?=E8=A1=A8=E5=89=8D=E7=BC=80=E9=85=8D=E7=BD=AE=E4=B8=BA=E7=A9=BA?=
 =?UTF-8?q?=E6=83=85=E5=86=B5=E4=B8=8B=E6=8A=A5=E9=94=99=E7=9A=84BUG=20?=
 =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E7=BD=91=E9=A1=B5=E7=AB=AF=E5=AE=89=E8=A3=85?=
 =?UTF-8?q?=E7=A8=8B=E5=BA=8F=E6=97=A0=E6=B3=95=E5=86=99=E5=85=A5=E9=85=8D?=
 =?UTF-8?q?=E7=BD=AE=E7=9A=84BUG?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 application/admin/command/Min.php     | 30 ++++++++++++++-------------
 application/index/controller/Ajax.php |  1 -
 extend/fast/Auth.php                  | 15 +++++++-------
 public/install.php                    | 28 +++++++++++++++----------
 4 files changed, 40 insertions(+), 34 deletions(-)

diff --git a/application/admin/command/Min.php b/application/admin/command/Min.php
index 277d33cd..de5be1b9 100644
--- a/application/admin/command/Min.php
+++ b/application/admin/command/Min.php
@@ -51,27 +51,29 @@ class Min extends Command
         $publicPath = ROOT_PATH . 'public' . DS;
         $tempFile = $minPath . 'temp.js';
 
-        // Winsows下请手动配置配置该值
-        $nodeExec = "";
+        $nodeExec = '';
 
         if (!$nodeExec)
         {
             if (IS_WIN)
             {
-                throw new Exception("node environment not found!please check http://doc.fastadmin.net/docs/faq.html !");
+                // Winsows下请手动配置配置该值,一般将该值配置为 '"C:/Program Files/nodejs/node.exe"'，除非你的Node安装路径有变更
+                $nodeExec = '"C:/Program Files/nodejs/node.exe"';
             }
-
-            try
+            else
             {
-                $nodeExec = exec("which node");
-                if (!$nodeExec)
+                try
                 {
-                    throw new Exception("node environment not found!please install node first!");
+                    $nodeExec = exec("which node");
+                    if (!$nodeExec)
+                    {
+                        throw new Exception("node environment not found!please install node first!");
+                    }
+                }
+                catch (Exception $e)
+                {
+                    throw new Exception($e->getMessage());
                 }
-            }
-            catch (Exception $e)
-            {
-                throw new Exception($e->getMessage());
             }
         }
 
@@ -85,8 +87,8 @@ class Min extends Command
                     'jsBaseUrl'   => $this->options['jsBaseUrl'],
                     'cssBaseName' => str_replace('{module}', $mod, $this->options['cssBaseName']),
                     'cssBaseUrl'  => $this->options['cssBaseUrl'],
-                    'jsBasePath'  => str_replace('/', DS, ROOT_PATH . $this->options['jsBaseUrl']),
-                    'cssBasePath' => str_replace('/', DS, ROOT_PATH . $this->options['cssBaseUrl']),
+                    'jsBasePath'  => str_replace(DS, '/', ROOT_PATH . $this->options['jsBaseUrl']),
+                    'cssBasePath' => str_replace(DS, '/', ROOT_PATH . $this->options['cssBaseUrl']),
                     'ds'          => DS,
                 ];
 
diff --git a/application/index/controller/Ajax.php b/application/index/controller/Ajax.php
index f7d2eac9..c656cce6 100644
--- a/application/index/controller/Ajax.php
+++ b/application/index/controller/Ajax.php
@@ -37,7 +37,6 @@ class Ajax extends Frontend
      */
     public function upload()
     {
-        $this->checkLogin();
         $file = $this->request->file('file');
 
         //判断是否已经存在附件
diff --git a/extend/fast/Auth.php b/extend/fast/Auth.php
index f17fdb67..73ead61e 100644
--- a/extend/fast/Auth.php
+++ b/extend/fast/Auth.php
@@ -172,16 +172,15 @@ class Auth
         {
             return $groups[$uid];
         }
-        // 转换表名
-        $auth_group_access = Loader::parseName($this->config['auth_group_access'], 1);
-        $auth_group = Loader::parseName($this->config['auth_group'], 1);
+
         // 执行查询
-        $user_groups = Db::view($auth_group_access, 'uid,group_id')
-                ->view($auth_group, 'id,pid,name,rules', "{$auth_group_access}.group_id={$auth_group}.id", 'LEFT')
-                ->where("{$auth_group_access}.uid='{$uid}' and {$auth_group}.status='normal'")
+        $user_groups = Db::name($this->config['auth_group_access'])
+                ->alias('aga')
+                ->join('__' . strtoupper($this->config['auth_group']) . '__ ag', 'aga.group_id = ag.id', 'LEFT')
+                ->field('aga.uid,aga.group_id,ag.id,ag.pid,ag.name,ag.rules')
+                ->where("aga.uid='{$uid}' and ag.status='normal'")
                 ->select();
         $groups[$uid] = $user_groups ?: [];
-
         return $groups[$uid];
     }
 
@@ -220,7 +219,7 @@ class Auth
         }
         //读取用户组所有权限规则
         $this->rules = Db::name($this->config['auth_rule'])->where($where)->field('id,pid,condition,icon,name,title,ismenu')->select();
-        
+
         //循环规则，判断结果。
         $rulelist = []; //
         if (in_array('*', $ids))
diff --git a/public/install.php b/public/install.php
index 95e92eaf..c5e4455c 100644
--- a/public/install.php
+++ b/public/install.php
@@ -38,7 +38,7 @@ $sitename = "FastAdmin";
 
 $link = array(
     'qqun'  => "https://jq.qq.com/?_wv=1027&amp;k=487PNBb",
-    'osc'   => 'https://git.oschina.net/karson/fastadmin/attach_files',
+    'gitee' => 'https://gitee.com/karson/fastadmin/attach_files',
     'home'  => 'http://www.fastadmin.net?ref=install',
     'forum' => 'http://forum.fastadmin.net?ref=install',
     'doc'   => 'http://doc.fastadmin.net?ref=install',
@@ -84,7 +84,7 @@ else
     {
         if (!is_dir(ROOT_PATH . $v))
         {
-            $errInfo = '请先下载完整包覆盖后再安装，<a href="' . $link['qqun'] . '" target="_blank">群共享下载</a> <a href="' . $link['osc'] . '" target="_blank">码云下载</a>';
+            $errInfo = '请先下载完整包覆盖后再安装，<a href="' . $link['qqun'] . '" target="_blank">群共享下载</a> <a href="' . $link['gitee'] . '" target="_blank">码云下载</a>';
             break;
         }
     }
@@ -104,6 +104,7 @@ if (!$errInfo && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD']
     $mysqlUsername = isset($_POST['mysqlUsername']) ? $_POST['mysqlUsername'] : 'root';
     $mysqlPassword = isset($_POST['mysqlPassword']) ? $_POST['mysqlPassword'] : '';
     $mysqlDatabase = isset($_POST['mysqlDatabase']) ? $_POST['mysqlDatabase'] : 'fastadmin';
+    $mysqlPrefix = isset($_POST['mysqlPrefix']) ? $_POST['mysqlPrefix'] : 'fa_';
     $adminUsername = isset($_POST['adminUsername']) ? $_POST['adminUsername'] : 'admin';
     $adminPassword = isset($_POST['adminPassword']) ? $_POST['adminPassword'] : '123456';
     $adminPasswordConfirmation = isset($_POST['adminPasswordConfirmation']) ? $_POST['adminPasswordConfirmation'] : '123456';
@@ -143,6 +144,7 @@ if (!$errInfo && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD']
         {
             throw new Exception("无法读取application/admin/command/Install/fastadmin.sql文件，请检查是否有读权限");
         }
+        $sql = str_replace("`fa_", "`{$mysqlPrefix}", $sql);
         $pdo = new PDO("mysql:host={$mysqlHostname};port={$mysqlHostport}", $mysqlUsername, $mysqlPassword, array(
             PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
             PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8"
@@ -155,17 +157,16 @@ if (!$errInfo && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD']
         $pdo->exec($sql);
 
         $config = @file_get_contents($dbConfigFile);
-        $callback = function($matches) use($mysqlHostname, $mysqlHostport, $mysqlUsername, $mysqlPassword, $mysqlDatabase) {
+        $callback = function($matches) use($mysqlHostname, $mysqlHostport, $mysqlUsername, $mysqlPassword, $mysqlDatabase, $mysqlPrefix) {
             $field = ucfirst($matches[1]);
             $replace = ${"mysql{$field}"};
             if ($matches[1] == 'hostport' && $mysqlHostport == 3306)
             {
                 $replace = '';
             }
-            return "'{$matches[1]}'{$matches[2]}=>{$matches[3]}'{$replace}',";
+            return "'{$matches[1]}'{$matches[2]}=>{$matches[3]}Env::get('database.{$matches[1]}', '{$replace}'),";
         };
-        $config = preg_replace_callback("/'(hostname|database|username|password|hostport)'(\s+)=>(\s+)'(.*)'\,/", $callback, $config);
-
+        $config = preg_replace_callback("/'(hostname|database|username|password|hostport|prefix)'(\s+)=>(\s+)Env::get\((.*)\)\,/", $callback, $config);
         //检测能否成功写入数据库配置
         $result = @file_put_contents($dbConfigFile, $config);
         if (!$result)
@@ -181,7 +182,7 @@ if (!$errInfo && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD']
         }
         $newSalt = substr(md5(uniqid(true)), 0, 6);
         $newPassword = md5(md5($adminPassword) . $newSalt);
-        $pdo->query("UPDATE fa_admin SET username = '{$adminUsername}', email = '{$adminEmail}',password = '{$newPassword}', salt = '{$newSalt}' WHERE username = 'admin'");
+        $pdo->query("UPDATE {$mysqlPrefix}admin SET username = '{$adminUsername}', email = '{$adminEmail}',password = '{$newPassword}', salt = '{$newSalt}' WHERE username = 'admin'");
         echo "success";
     }
     catch (Exception $e)
@@ -328,7 +329,7 @@ if (!$errInfo && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD']
             <div>
 
                 <p>若你在安装中遇到麻烦可点击  <a href="<?php echo $link['doc']; ?>" target="_blank">安装文档</a> <a href="<?php echo $link['forum']; ?>" target="_blank">交流论坛</a> <a href="<?php echo $link['qqun']; ?>">QQ交流群</a></p>
-                <p><?php echo $sitename; ?>还支持在命令行php think install一键安装</p>
+                <!--<p><?php echo $sitename; ?>还支持在命令行php think install一键安装</p>-->
 
                 <form method="post">
                     <?php if ($errInfo): ?>
@@ -342,23 +343,28 @@ if (!$errInfo && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD']
                     <div class="form-group">
                         <div class="form-field">
                             <label>MySQL 数据库地址</label>
-                            <input name="mysqlHost" value="localhost" required="">
+                            <input type="text" name="mysqlHost" value="localhost" required="">
                         </div>
 
                         <div class="form-field">
                             <label>MySQL 数据库名</label>
-                            <input name="mysqlDatabase" value="fastadmin" required="">
+                            <input type="text" name="mysqlDatabase" value="fastadmin" required="">
                         </div>
 
                         <div class="form-field">
                             <label>MySQL 用户名</label>
-                            <input name="mysqlUsername" value="root" required="">
+                            <input type="text" name="mysqlUsername" value="root" required="">
                         </div>
 
                         <div class="form-field">
                             <label>MySQL 密码</label>
                             <input type="password" name="mysqlPassword">
                         </div>
+
+                        <div class="form-field">
+                            <label>MySQL 数据表前缀</label>
+                            <input type="text" name="mysqlPrefix" value="fa_">
+                        </div>
                     </div>
 
                     <div class="form-group">