From 678be2f3a9d6953ec91b7bd70597ae6f21f7ccfa Mon Sep 17 00:00:00 2001 From: Karson Date: Wed, 25 Sep 2019 20:58:03 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8Dselectpage=E6=A0=91=E7=8A=B6?= =?UTF-8?q?=E6=98=BE=E7=A4=BA=E7=9A=84bug=20=E4=BF=AE=E5=A4=8D=E5=90=8E?= =?UTF-8?q?=E5=8F=B0=E8=A1=A8=E6=A0=BC=E5=9B=BE=E7=89=87=E7=82=B9=E5=87=BB?= =?UTF-8?q?=E5=BC=B9=E5=87=BA=E6=96=B0=E7=AA=97=E5=8F=A3=E7=9A=84BUG=20?= =?UTF-8?q?=E4=BC=98=E5=8C=96=E5=90=8E=E5=8F=B0=E7=AB=99=E7=82=B9=E5=90=8D?= =?UTF-8?q?=E7=A7=B0=E3=80=81=E7=94=A8=E6=88=B7=E6=98=B5=E7=A7=B0=E5=A4=B4?= =?UTF-8?q?=E5=83=8F=E7=9A=84=E6=98=BE=E7=A4=BA=E6=B8=B2=E6=9F=93=20?= =?UTF-8?q?=E4=BC=98=E5=8C=96=E5=90=8E=E5=8F=B0=E5=AE=BD=E5=BA=A6=E8=87=AA?= =?UTF-8?q?=E9=80=82=E5=BA=94=20=E5=A2=9E=E5=BC=BA=E5=90=8E=E5=8F=B0?= =?UTF-8?q?=E7=AE=A1=E7=90=86=E5=91=98=E5=AE=89=E5=85=A8=E9=89=B4=E6=9D=83?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../admin/command/Install/fastadmin.sql | 1 + .../admin/controller/general/Config.php | 54 +- .../admin/controller/general/Profile.php | 36 +- application/admin/lang/zh-cn/dashboard.php | 2 +- .../admin/lang/zh-cn/general/config.php | 1 + application/admin/library/Auth.php | 53 +- application/admin/view/common/header.html | 12 +- application/admin/view/common/menu.html | 4 +- application/admin/view/common/script.html | 2 +- .../admin/view/general/profile/index.html | 8 +- application/common/controller/Backend.php | 2 +- application/index/view/common/script.html | 2 +- application/index/view/layout/default.html | 2 +- public/assets/css/backend.css | 4 +- public/assets/css/backend.min.css | 2 +- public/assets/js/backend/addon.js | 8 +- public/assets/js/backend/general/config.js | 6 +- public/assets/js/echarts.min.js | 57 +- public/assets/js/require-backend.min.js | 1249 +++++++++-------- public/assets/js/require-table.js | 8 +- public/assets/less/backend.less | 5 +- 21 files changed, 783 insertions(+), 735 deletions(-) diff --git a/application/admin/command/Install/fastadmin.sql b/application/admin/command/Install/fastadmin.sql index 72b78422..9206eeaa 100755 --- a/application/admin/command/Install/fastadmin.sql +++ b/application/admin/command/Install/fastadmin.sql @@ -23,6 +23,7 @@ CREATE TABLE `fa_admin` ( `email` varchar(100) NOT NULL DEFAULT '' COMMENT '电子邮箱', `loginfailure` tinyint(1) unsigned NOT NULL DEFAULT '0' COMMENT '失败次数', `logintime` int(10) DEFAULT NULL COMMENT '登录时间', + `loginip` varchar(50) DEFAULT NULL COMMENT '登录IP', `createtime` int(10) DEFAULT NULL COMMENT '创建时间', `updatetime` int(10) DEFAULT NULL COMMENT '更新时间', `token` varchar(59) NOT NULL DEFAULT '' COMMENT 'Session标识', diff --git a/application/admin/controller/general/Config.php b/application/admin/controller/general/Config.php index 14365b8a..c01b241b 100644 --- a/application/admin/controller/general/Config.php +++ b/application/admin/controller/general/Config.php @@ -6,6 +6,7 @@ use app\common\controller\Backend; use app\common\library\Email; use app\common\model\Config as ConfigModel; use think\Exception; +use think\Validate; /** * 系统配置 @@ -50,8 +51,8 @@ class Config extends Backend if (in_array($value['type'], ['select', 'selects', 'checkbox', 'radio'])) { $value['value'] = explode(',', $value['value']); } - $value['content'] = json_decode($value['content'], TRUE); - $value['tip'] = htmlspecialchars($value['tip']); + $value['content'] = json_decode($value['content'], true); + $value['tip'] = htmlspecialchars($value['tip']); $siteList[$v['group']]['list'][] = $value; } $index = 0; @@ -106,7 +107,7 @@ class Config extends Backend * 编辑 * @param null $ids */ - public function edit($ids = NULL) + public function edit($ids = null) { if ($this->request->isPost()) { $row = $this->request->post("row/a"); @@ -136,11 +137,15 @@ class Config extends Backend } } + /** + * 删除 + * @param string $ids + */ public function del($ids = "") { - $name = $this->request->request('name'); + $name = $this->request->post('name'); $config = ConfigModel::getByName($name); - if ($config) { + if ($name && $config) { try { $config->delete(); $this->refreshFile(); @@ -160,17 +165,19 @@ class Config extends Backend { $config = []; foreach ($this->model->all() as $k => $v) { - $value = $v->toArray(); if (in_array($value['type'], ['selects', 'checkbox', 'images', 'files'])) { $value['value'] = explode(',', $value['value']); } if ($value['type'] == 'array') { - $value['value'] = (array)json_decode($value['value'], TRUE); + $value['value'] = (array)json_decode($value['value'], true); } $config[$value['name']] = $value['value']; } - file_put_contents(APP_PATH . 'extra' . DS . 'site.php', 'request->post("row/a"); if ($params) { - $config = $this->model->get($params); if (!$config) { return $this->success(); @@ -200,19 +206,25 @@ class Config extends Backend public function emailtest() { $row = $this->request->post('row/a'); - \think\Config::set('site', array_merge(\think\Config::get('site'), $row)); - $receiver = $this->request->request("receiver"); - $email = new Email; - $result = $email - ->to($receiver) - ->subject(__("This is a test mail")) - ->message('
' . __('This is a test mail content') . '
') - ->send(); - if ($result) { - $this->success(); + $receiver = $this->request->post("receiver"); + if ($receiver) { + if (!Validate::is($receiver, "email")) { + $this->error(__('Please input correct email')); + } + \think\Config::set('site', array_merge(\think\Config::get('site'), $row)); + $email = new Email; + $result = $email + ->to($receiver) + ->subject(__("This is a test mail")) + ->message('
' . __('This is a test mail content') . '
') + ->send(); + if ($result) { + $this->success(); + } else { + $this->error($email->getError()); + } } else { - $this->error($email->getError()); + return $this->error(__('Invalid parameters')); } } - } diff --git a/application/admin/controller/general/Profile.php b/application/admin/controller/general/Profile.php index 1a9c0c65..5956f789 100644 --- a/application/admin/controller/general/Profile.php +++ b/application/admin/controller/general/Profile.php @@ -22,23 +22,22 @@ class Profile extends Backend { //设置过滤方法 $this->request->filter(['strip_tags']); - if ($this->request->isAjax()) - { + if ($this->request->isAjax()) { $model = model('AdminLog'); list($where, $sort, $order, $offset, $limit) = $this->buildparams(); $total = $model - ->where($where) - ->where('admin_id', $this->auth->id) - ->order($sort, $order) - ->count(); + ->where($where) + ->where('admin_id', $this->auth->id) + ->order($sort, $order) + ->count(); $list = $model - ->where($where) - ->where('admin_id', $this->auth->id) - ->order($sort, $order) - ->limit($offset, $limit) - ->select(); + ->where($where) + ->where('admin_id', $this->auth->id) + ->order($sort, $order) + ->limit($offset, $limit) + ->select(); $result = array("total" => $total, "rows" => $list); @@ -52,18 +51,18 @@ class Profile extends Backend */ public function update() { - if ($this->request->isPost()) - { + if ($this->request->isPost()) { $params = $this->request->post("row/a"); - $params = array_filter(array_intersect_key($params, array_flip(array('email', 'nickname', 'password', 'avatar')))); + $params = array_filter(array_intersect_key( + $params, + array_flip(array('email', 'nickname', 'password', 'avatar')) + )); unset($v); - if (isset($params['password'])) - { + if (isset($params['password'])) { $params['salt'] = Random::alnum(); $params['password'] = md5(md5($params['password']) . $params['salt']); } - if ($params) - { + if ($params) { $admin = Admin::get($this->auth->id); $admin->save($params); //因为个人资料面板读取的Session显示,修改自己资料后同时更新Session @@ -74,5 +73,4 @@ class Profile extends Backend } return; } - } diff --git a/application/admin/lang/zh-cn/dashboard.php b/application/admin/lang/zh-cn/dashboard.php index 8bd0bb95..6e01d309 100644 --- a/application/admin/lang/zh-cn/dashboard.php +++ b/application/admin/lang/zh-cn/dashboard.php @@ -44,5 +44,5 @@ return [ 'Timezone' => '时区', 'Language' => '语言', 'View more' => '查看更多', - 'Security tips' => ' 安全提示:你正在使用默认的后台登录入口,为了你的网站安全,建议你修改后台登录入口,点击查看修改方法', + 'Security tips' => ' 安全提示:你正在使用默认的后台登录入口,为了你的网站安全,强烈建议你修改后台登录入口,点击查看修改方法', ]; diff --git a/application/admin/lang/zh-cn/general/config.php b/application/admin/lang/zh-cn/general/config.php index 94da678d..317ee88f 100644 --- a/application/admin/lang/zh-cn/general/config.php +++ b/application/admin/lang/zh-cn/general/config.php @@ -57,4 +57,5 @@ return [ 'This is a test mail content' => '这是一封来自FastAdmin校验邮件,用于校验邮件配置是否正常!', 'This is a test mail' => '这是一封来自FastAdmin的邮件', 'Please input your email' => '请输入测试接收者邮箱', + 'Please input correct email' => '请输入正确的邮箱地址', ]; diff --git a/application/admin/library/Auth.php b/application/admin/library/Auth.php index 99698a0d..d9a655e3 100644 --- a/application/admin/library/Auth.php +++ b/application/admin/library/Auth.php @@ -30,9 +30,9 @@ class Auth extends \fast\Auth /** * 管理员登录 * - * @param string $username 用户名 - * @param string $password 密码 - * @param int $keeptime 有效时长 + * @param string $username 用户名 + * @param string $password 密码 + * @param int $keeptime 有效时长 * @return boolean */ public function login($username, $password, $keeptime = 0) @@ -58,6 +58,7 @@ class Auth extends \fast\Auth } $admin->loginfailure = 0; $admin->logintime = time(); + $admin->loginip = request()->ip(0, false); $admin->token = Random::uuid(); $admin->save(); Session::set("admin", $admin->toArray()); @@ -101,6 +102,11 @@ class Auth extends \fast\Auth if ($key != md5(md5($id) . md5($keeptime) . md5($expiretime) . $admin->token)) { return false; } + $ip = request()->ip(0, false); + //IP有变动 + if ($admin->loginip != $ip) { + return false; + } Session::set("admin", $admin->toArray()); //刷新自动登录的时效 $this->keeplogin($keeptime); @@ -113,7 +119,7 @@ class Auth extends \fast\Auth /** * 刷新保持登录的Cookie * - * @param int $keeptime + * @param int $keeptime * @return boolean */ protected function keeplogin($keeptime = 0) @@ -178,6 +184,9 @@ class Auth extends \fast\Auth return false; } } + if (!isset($admin['loginip']) || $admin['loginip'] != request()->ip(0, false)) { + return false; + } $this->logined = true; return true; } @@ -258,10 +267,17 @@ class Auth extends \fast\Auth foreach ($groups as $k => $v) { $groupIds[] = $v['id']; } + $originGroupIds = $groupIds; + foreach ($groups as $k => $v) { + if (in_array($v['pid'], $originGroupIds)) { + $groupIds = array_diff($groupIds, [$v['id']]); + unset($groups[$k]); + } + } // 取出所有分组 $groupList = \app\admin\model\AuthGroup::where(['status' => 'normal'])->select(); $objList = []; - foreach ($groups as $K => $v) { + foreach ($groups as $k => $v) { if ($v['rules'] === '*') { $objList = $groupList; break; @@ -295,7 +311,6 @@ class Auth extends \fast\Auth field('uid,group_id') ->where('group_id', 'in', $groupIds) ->select(); - foreach ($authGroupList as $k => $v) { $childrenAdminIds[] = $v['uid']; } @@ -340,7 +355,7 @@ class Auth extends \fast\Auth /** * 获取左侧和顶部菜单栏 * - * @param array $params URL对应的badge数据 + * @param array $params URL对应的badge数据 * @param string $fixedPage 默认页 * @return array */ @@ -435,18 +450,36 @@ class Auth extends \fast\Auth $selectParentIds = $tree->getParentsIds($select_id, true); } foreach ($topList as $index => $item) { - $childList = Tree::instance()->getTreeMenu($item['id'], '
  • @title @caret @badge @childlist
  • ', $select_id, '', 'ul', 'class="treeview-menu"'); + $childList = Tree::instance()->getTreeMenu( + $item['id'], + '
  • @title @caret @badge @childlist
  • ', + $select_id, + '', + 'ul', + 'class="treeview-menu"' + ); $current = in_array($item['id'], $selectParentIds); $url = $childList ? 'javascript:;' : url($item['url']); $addtabs = $childList || !$url ? "" : (stripos($url, "?") !== false ? "&" : "?") . "ref=addtabs"; - $childList = str_replace('" pid="' . $item['id'] . '"', ' treeview ' . ($current ? '' : 'hidden') . '" pid="' . $item['id'] . '"', $childList); + $childList = str_replace( + '" pid="' . $item['id'] . '"', + ' treeview ' . ($current ? '' : 'hidden') . '" pid="' . $item['id'] . '"', + $childList + ); $nav .= '
  • ' . $item['title'] . '
  • '; $menu .= $childList; } } else { // 构造菜单数据 Tree::instance()->init($ruleList); - $menu = Tree::instance()->getTreeMenu(0, '
  • @title @caret @badge @childlist
  • ', $select_id, '', 'ul', 'class="treeview-menu"'); + $menu = Tree::instance()->getTreeMenu( + 0, + '
  • @title @caret @badge @childlist
  • ', + $select_id, + '', + 'ul', + 'class="treeview-menu"' + ); if ($selected) { $nav .= ''; } diff --git a/application/admin/view/common/header.html b/application/admin/view/common/header.html index 43588d90..379efb12 100755 --- a/application/admin/view/common/header.html +++ b/application/admin/view/common/header.html @@ -1,9 +1,9 @@ @@ -72,16 +72,16 @@