From 06eb605e9a8f1c0d6e13402e67acb94a58ce9ed1 Mon Sep 17 00:00:00 2001 From: "MI15\\Win" <10359480+tznb@user.noreply.gitee.com> Date: Sat, 16 Sep 2023 23:26:09 +0800 Subject: [PATCH] v2.0.40-20230916 --- README.md | 1 - data/README.md | 1 + data/temp/README.md | 1 + data/user/README.md | 1 + rewrite.php | 3 - system/UseFew/local_backup.php | 349 +------------- system/admin.php | 96 ---- system/api.php | 300 +----------- system/api_article.php | 222 +-------- system/api_root.php | 429 ++---------------- system/expand/apply.php | 131 +----- system/expand/guestbook.php | 76 +--- system/expand/sitemap.php | 46 -- system/expand/sitemap_create.php | 148 ------ system/public.php | 26 +- system/version.txt | 2 +- templates/admin/js/public.js | 4 + templates/admin/other/verify_link_pwd.php | 91 ---- templates/admin/other/verify_pwd2.php | 90 ---- templates/admin/other/verify_share_pwd.php | 88 ---- templates/admin/page/expand/apply-admin.php | 8 +- templates/admin/page/expand/apply-user.php | 13 +- templates/admin/page/expand/article-edit.php | 24 +- templates/admin/page/expand/article-list.php | 146 +----- .../admin/page/expand/guestbook-admin.php | 21 +- templates/admin/page/expand/sitemap.php | 23 +- templates/admin/page/home.php | 17 +- templates/admin/page/root/mail_set.php | 27 +- templates/admin/page/root/tool.php | 5 +- templates/admin/page/root/vip.php | 22 +- templates/admin/page/theme_article.php | 83 ---- templates/admin/page/theme_guide.php | 84 ---- templates/admin/page/theme_home.php | 94 ---- templates/admin/page/theme_login.php | 87 ---- templates/admin/page/theme_register.php | 86 ---- templates/admin/page/theme_transit.php | 89 ---- templates/admin/page/updatelog.php | 11 +- 37 files changed, 162 insertions(+), 2783 deletions(-) create mode 100644 data/README.md create mode 100644 data/temp/README.md create mode 100644 data/user/README.md delete mode 100644 system/expand/sitemap.php delete mode 100644 system/expand/sitemap_create.php delete mode 100644 templates/admin/other/verify_link_pwd.php delete mode 100644 templates/admin/other/verify_pwd2.php delete mode 100644 templates/admin/other/verify_share_pwd.php delete mode 100644 templates/admin/page/theme_article.php delete mode 100644 templates/admin/page/theme_guide.php delete mode 100644 templates/admin/page/theme_home.php delete mode 100644 templates/admin/page/theme_login.php delete mode 100644 templates/admin/page/theme_register.php delete mode 100644 templates/admin/page/theme_transit.php diff --git a/README.md b/README.md index afab7ab..b02ed6e 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,6 @@ TwoNav 是一款开源的书签(导航)管理程序,界面简洁,安装 - **演示站**: [http://two.lm21.top](http://two.lm21.top) - **仅供体验,定期清理数据** 账号密码`admin` - ### 相关文档 * [安装教程](https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968668&doc_id=3767990) | [使用说明](https://gitee.com/tznb/TwoNav/wikis) | [下载TwoNav](https://gitee.com/tznb/TwoNav/releases) * [OneNav Extend 升级到 TwoNav](https://gitee.com/tznb/OneNav/wikis/pages?sort_id=7955135&doc_id=2439895) diff --git a/data/README.md b/data/README.md new file mode 100644 index 0000000..c05f6ff --- /dev/null +++ b/data/README.md @@ -0,0 +1 @@ +用户数据目录,请勿随意删除! \ No newline at end of file diff --git a/data/temp/README.md b/data/temp/README.md new file mode 100644 index 0000000..69e30d7 --- /dev/null +++ b/data/temp/README.md @@ -0,0 +1 @@ +临时目录,可以删除 \ No newline at end of file diff --git a/data/user/README.md b/data/user/README.md new file mode 100644 index 0000000..c05f6ff --- /dev/null +++ b/data/user/README.md @@ -0,0 +1 @@ +用户数据目录,请勿随意删除! \ No newline at end of file diff --git a/rewrite.php b/rewrite.php index 86967a7..afbb518 100644 --- a/rewrite.php +++ b/rewrite.php @@ -17,9 +17,6 @@ if (URI === '/login' || URI === '/admin') { $_GET['u'] = $matches[1]; $_GET['c'] = $matches[2]; $_GET['id'] = $matches[3]; -//站点地图 -}elseif(URI === '/sitemap.xml'){ - $_GET['c'] = 'sitemap'; //匹配失败 }else{ header("HTTP/1.0 404 Not Found"); diff --git a/system/UseFew/local_backup.php b/system/UseFew/local_backup.php index faef69d..ce87ff2 100644 --- a/system/UseFew/local_backup.php +++ b/system/UseFew/local_backup.php @@ -7,352 +7,5 @@ if(!defined('DIR')){ if(!is_subscribe('bool')){ msg(-1,"未检测到有效授权,无法使用该功能!"); } - - if($_GET['type'] == 'list'){ - $backup_dir = DIR."/data/backup/".U."/"; //备份目录 - $file_list = glob("{$backup_dir}*.info"); //扫描文件 - $num = count($file_list); //取列表数 - rsort($file_list,2); //按时间从大到小重排序 - //备份文件数大于20个时删除旧数据 - if( $num > 20 ) { - for ($i=$num; $i > 20; $i--) { - $path = pathinfo($file_list[$i-1]); - $path = $path['dirname'] .'/'. $path['filename']; - unlink($path.'.info'); - unlink($path.'.db3'); - unlink($path.'.tar'); - array_pop($file_list); - } - $count = 20; - }else{ - $count = $num; - } - - $data = []; - //遍历读入备份信息 - foreach ($file_list as $key => $filePath) { - $file = pathinfo($filePath); - $info_file = @file_get_contents("{$file['dirname']}/{$file['filename']}.info"); - $info = json_decode($info_file,true); - if($info != false){ - array_push($data,$info); - } - } - msgA( ['code' => 1,'msg' => '','count' => $count,'data' => $data] ); - }elseif($_GET['type'] == 'backup'){ - //初始信息 - $info['user_dir'] = DIR."/data/user/".U; - $info['backup_dir'] = DIR."/data/backup/".U; //备份目录 - $info['file'] = SysVer . "_".date("ymdHis",time())."_".Get_Rand_Str(5); - $info['file_db'] = $info['backup_dir'] .'/'. $info['file'].'.db3'; - $info['file_info'] = $info['backup_dir'] .'/'. $info['file'].'.info'; - $info['file_gz'] = $info['backup_dir'] .'/'. $info['file'].'.tar'; - $info['table_arr'] = ['user_config','user_categorys','user_links','user_pwd_group','user_apply','user_share','user_article_list']; - $info['lock'] = DIR.'/data/user/'.U.'/lock.'.UID; - if (!extension_loaded('phar')) { - msg(-1,'不支持phar扩展'); - }elseif(!is_dir($info['backup_dir']) && !mkdir($info['backup_dir'],0755,true) ){ - msg(-1,'创建backup目录失败'); - }elseif(!is_file($info['lock']) && !file_put_contents($info['lock'],'TwoNav')){ - msg(-1,'创建lock文件失败'); - } - - //打包用户文件 - try { - $phar = new PharData($info['file_gz']); - $phar->buildFromDirectory($info['user_dir']); - } catch (Exception $e) { - msg(-1,'打包用户数据发生异常>'.$e->getMessage()); - } - //创建数据 - try { - $MyDB = new Medoo\Medoo(['type'=>'sqlite','database'=>$info['file_db']]); - $MyDB->query('CREATE TABLE IF NOT EXISTS "backup" ("id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,"name" TEXT,"data" TEXT,CONSTRAINT "id" UNIQUE ("id" ASC));')->fetchAll(); - $MyDB->insert('backup',['name'=>'ver','data'=>SysVer]); //记系统版本 - $MyDB->insert('backup',['name'=>'backup_time','data'=>time()]); //记备份时间 - $MyDB->insert('backup',['name'=>'database_type','data'=>$GLOBALS['db_config']['type']]); //数据库类型 - }catch (Exception $e) { - Amsg(-1,'创建备份数据库失败'); - } - - //开始备份数据 - $table_info = []; - foreach($info['table_arr'] as $table_name){ - $count = count_db($table_name,['uid'=>UID]); //总条数 - $limit = 100; //每页数量 - $pages= ceil($count/$limit); //总页数 - //分页逐条处理 - for ($page=1; $page<=$pages; $page++) { - $where['uid'] = UID; - $where['LIMIT'] = [($page - 1) * $limit,$limit]; - $datas = select_db($table_name,'*',$where); - foreach($datas as $data){ - try { - if(isset($data['id'])){ - unset($data['id']); - } - $MyDB->insert('backup',['name'=>$table_name,'data'=>$data]); - }catch (Exception $e) { - Amsg(-1,'插入数据时发生异常'); - } - } - } - $table_info[$table_name] = ['count'=>$count,'pages'=>$pages]; - } - - //备份信息 - $info['info'] = [ - "name" => $info['file'], - "db_size" => filesize($info['file_db']), - "db_md5" => md5_file($info['file_db']), - "tar_size" => filesize($info['file_gz']), - "tar_md5" => md5_file($info['file_gz']), - "backup_time" => time(), - "version" => SysVer, - "desc" => "{$_POST['desc']}" - ]; - $info['info'] = array_merge($table_info,$info['info']); - $info['info'] = json_encode($info['info']); - //写到文件 - if(file_put_contents($info['file_info'], $info['info']) === false){ - msg(-1,'写备份信息失败'); - } - msg(1,'备份成功'); - //删除备份 - }elseif($_GET['type'] == 'del'){ - $path = DIR."/data/backup/".U."/".$_POST['name']; - if( !preg_match_all('/^v\d+\.\d+\.\d+-\d{8}_\d{12}_[A-Za-z0-9]{5}$/',$_POST['name']) ) { - msg(-1,'数据库名称不合法'); - }elseif(!is_file($path.'.info')){ - msg(-1,'备份不存在'); - }elseif(!extension_loaded('phar')) { - msg(-1,'不支持phar扩展'); - } - try { - unlink($path.'.info'); - unlink($path.'.db3'); - unlink($path.'.tar'); - msg(1,'备份数据库已被删除'); - } catch (\Throwable $th) { - msg(-1,"删除失败,请检查目录权限"); - } - //回滚备份 - }elseif($_GET['type'] == 'restore'){ - try { - global $db; - header('Content-Type:application/json; charset=utf-8'); - //使用事务来处理 - $db->action(function($db) { - //检测是否符合回滚要求 - $path = DIR."/data/backup/".U."/".$_POST['name']; - if( !preg_match_all('/^v\d+\.\d+\.\d+-\d{8}_\d{12}_[A-Za-z0-9]{5}$/',$_POST['name']) ) { - msg(-1,'数据库名称不合法'); - } - $info_file = @file_get_contents($path.'.info'); - $info = json_decode($info_file,true); - if($info == false){ - msg(-1,'读取备份信息失败'); - }elseif($info['db_md5'] != md5_file($path.'.db3')){ - msg(-1,'db3文件效验失败'); - }elseif($info['tar_md5'] != md5_file($path.'.tar')){ - msg(-1,'tar文件效验失败'); - } - - //载入数据库 - try { - $MyDB = new Medoo\Medoo(['type'=>'sqlite','database'=>$path.'.db3']); - }catch (Exception $e) { - msg(-1,'载入备份数据库失败'); - return false; - } - - //遍历删除用户数据 - $info['table_arr'] = ['user_config','user_categorys','user_links','user_pwd_group','user_apply','user_share','user_article_list']; - foreach($info['table_arr'] as $table_name){ - - //删除数据 - delete_db($table_name,['uid'=>UID]); - - //确保数据已删除 - if($db->has($table_name,['uid'=>UID])){ - msg(-1,'del ' . $table_name . ' fail'); - } - - //读取条数,分页逐条导入 - $count = $MyDB->count('backup',['name'=>$table_name]); //总条数 - $limit = 100; //每页数量 - $pages= ceil($count/$limit); //总页数 - for ($page=1; $page<=$pages; $page++) { - $where['name'] = $table_name; - $where['LIMIT'] = [($page - 1) * $limit,$limit]; - $datas = $MyDB->select('backup','data',$where); - foreach($datas as $key => $data){ - $data = unserialize($data); - //处理null - foreach ($data as $key => $value) { - if ($value === null) { - $data[$key] = ''; - } - } - - if(isset($data['id'])){ - unset($data['id']); - } - $data['uid'] = UID; - insert_db($table_name,$data); - } - } - - //确保数据已导入 - if($count != count_db($table_name,['uid'=>UID])){ - msg(-1,'restore ' . $table_name . ' fail'); - } - } - - //删除用户目录 - $user_dir = DIR."/data/user/".U; - if(is_dir($user_dir) && !deldir($user_dir)){ - msg(-1,'删除用户目录失败'); - } - //创建用户目录 - if(!is_dir($user_dir) && !mkdir($user_dir,0755,true)){ - msg(-1,'创建用户目录失败'); - } - //回滚用户目录 - try { - $phar = new PharData($path.'.tar'); - $phar->extractTo($user_dir, null, true); - } catch (Exception $e) { - msg(-1,'回滚用户数据失败'); - } - //返回信息,直接msg会导致回滚 - header('Content-Type:application/json; charset=utf-8'); - echo(json_encode(['code'=>1,'msg'=>'回滚成功'])); - }); - } catch (\Throwable $th) { - msg(-1,"回滚失败"); - } - //导出密码验证 - }elseif($_GET['type'] == 'create'){ - global $USER_DB; - $pwd = Get_MD5_Password($_POST['pwd'],$USER_DB["RegTime"]) === $USER_DB["Password"]; - if(!$pwd){ - msg(-1,'密码错误'); - }elseif(empty($_POST['name'])){ - msg(-1,'文件名不能为空'); - }elseif(!extension_loaded('phar')) { - msg(-1,'不支持phar扩展'); - } - - $path = DIR."/data/backup/".U."/".$_POST['name']; - if(!is_file($path.'.info')){ - msg(-1,'info文件不存在'); - }elseif(!is_file($path.'.db3')){ - msg(-1,'db3文件不存在'); - }elseif(!is_file($path.'.tar')){ - msg(-1,'tar文件不存在'); - } - - session_start(); - $key = md5(uniqid().Get_Rand_Str(8)); - try { - $temp_dir = DIR."/data/temp/{$key}"; - if(!is_dir($temp_dir) && !mkdir($temp_dir,0755,true)){ - msg(-1,'创建临时目录失败'); - } - copy($path.'.info',"{$temp_dir}/{$_POST['name']}.info"); - copy($path.'.db3',"{$temp_dir}/{$_POST['name']}.db3"); - copy($path.'.tar',"{$temp_dir}/{$_POST['name']}.tar"); - $backup_path = "{$temp_dir}/TwoNav_{$_POST['name']}.tar"; - $phar = new PharData($backup_path); - $phar->buildFromDirectory($temp_dir); - $phar->compress(Phar::GZ); - $backup_path .= ".gz"; - if(!is_file($backup_path)){ - msg(-1,'打包数据失败'); - } - } catch (Exception $e) { - msg(-1,'压缩数据异常'); - } - $_SESSION['download'][$key] = $backup_path; - msgA(['code'=>1,'msg'=>'success','key'=>$key]); - //下载备份数据 - }elseif($_GET['type'] == 'download'){ - session_start(); - if(empty($_GET['key']) || !isset($_SESSION['download'][$_GET['key']])){ - msg(-1,'Key不存在,请重新导出'); - } - $path = $_SESSION['download'][$_GET['key']]; - if(!is_file($path)){ - msg(-1,'文件不存在,请重新导出'); - } - - $filename = pathinfo($path,PATHINFO_BASENAME); - header("Cache-Control: public"); - header("Content-Description: File Transfer"); - header('Content-disposition: attachment; filename='.$filename); //文件名 - header("Content-Type: application/octet-stream"); - header("Content-Transfer-Encoding: binary"); //告诉浏览器,这是二进制文件 - header('Content-Length: '. filesize($path)); //告诉浏览器,文件大小 - readfile($path); //返回文件 - unlink ($path);//删除临时文件 - unset($_SESSION['download'][$_GET['key']]); //删除Key - deldir(DIR."/data/temp/{$_GET['key']}"); //删除临时目录 - //导入 - }elseif($_GET['type'] == 'local_import'){ - if (!extension_loaded('phar')) { - msg(-1,'不支持phar扩展'); - } - $key = md5(uniqid().Get_Rand_Str(8)); - $temp_dir = DIR."/data/temp/{$key}"; - if(!is_dir($temp_dir) && !mkdir($temp_dir,0755,true)){ - msg(-1,'创建临时目录失败'); - } - //解压数据 - try { - copy($_FILES['file']['tmp_name'],"{$temp_dir}/{$_FILES['file']['name']}"); - $phar = new PharData("{$temp_dir}/{$_FILES['file']['name']}"); - $phar->extractTo($temp_dir, null, true); - unlink("{$temp_dir}/{$_FILES['file']['name']}"); - } catch (Exception $e) { - deldir($temp_dir); - msg(-1,'解压数据失败'); - } - //获取备份信息 - $file = glob("{$temp_dir}/*.info"); - if(count($file) != 1){ - deldir($temp_dir); - msg(-1,'读取备份信息失败'); - } - $file = pathinfo($file[0]); - $info = @file_get_contents("{$temp_dir}/{$file['basename']}"); - $info = json_decode($info,true); - if($info == false){ - deldir($temp_dir); - msg(-1,'解析备份信息失败'); - }elseif($info['db_md5'] != md5_file("{$temp_dir}/{$info['name']}.db3")){ - deldir($temp_dir); - msg(-1,'db3文件效验失败'.$info['db_md5']); - }elseif($info['tar_md5'] != md5_file("{$temp_dir}/{$info['name']}.tar")){ - deldir($temp_dir); - msg(-1,'tar文件效验失败'); - } - //检查目录 - if(!Check_Path(DIR."/data/backup/".U)){ - msg(-1,'创建backup目录失败,请检查权限'); - } - //复制到用户数据 - try { - $backup_dir = DIR."/data/backup/".U."/"; - copy("{$temp_dir}/{$info['name']}.info","{$backup_dir}{$info['name']}.info"); - copy("{$temp_dir}/{$info['name']}.db3", "{$backup_dir}{$info['name']}.db3"); - copy("{$temp_dir}/{$info['name']}.tar", "{$backup_dir}{$info['name']}.tar"); - deldir($temp_dir); - msg(1,'导入成功'); - } catch (Exception $e) { - deldir($temp_dir); - msg(-1,'复制数据失败,请检查目录权限'); - } - //结束 - } + msg(1,'请更新系统后再试'); } diff --git a/system/admin.php b/system/admin.php index 9ea863b..809765d 100644 --- a/system/admin.php +++ b/system/admin.php @@ -88,102 +88,6 @@ if($page == 'config_home'){ exit; } -//主题设置页面 -if( $page == 'theme_home' || $page == 'theme_login' || $page == 'theme_transit' || $page == 'theme_register' || $page == 'theme_guide' || $page == 'theme_article') { - if(!check_purview('theme_in',1)){ - require(DIR.'/templates/admin/page/404.php'); - exit; - } - $fn = str_replace('theme_','',$page); - $dirs = get_dir_list(DIR.'/templates/'.$fn); - - foreach ($dirs as $dir) { - $path = DIR.'/templates/'.$fn.'/'.$dir; //目录完整路径 - //没有信息文件则跳过 - if(!is_file($path.'/info.json') ) {continue;} - //读取主题信息 - $themes[$dir]['info'] = json_decode(@file_get_contents($path.'/info.json'),true); - //是否支持配置 - $themes[$dir]['info']['config'] = is_file($path.'/config.php') ? '1':'0'; - //预览图优先顺序:png>jpg>info>default - if(is_file($path.'/screenshot.jpg')){ - $themes[$dir]['info']['screenshot'] = "./templates/$fn/$dir/screenshot.jpg"; - }elseif(is_file($path.'/screenshot.png')){ - $themes[$dir]['info']['screenshot'] = "./templates/$fn/$dir/screenshot.png"; - }elseif(empty($themes[$dir]['info']['screenshot'])){ - $themes[$dir]['info']['screenshot'] = "./templates/admin/static/42ed3ef2c4a50f6d.png"; - } - } - - //获取当前主题 - require "./system/templates.php"; - - //在线主题处理 - if ( !$global_config['offline'] && $USER_DB['UserGroup'] === 'root'){ - - if(preg_match('/^v.+-(\d{8})$/i',SysVer,$matches)){ - $sysver = intval( $matches[1] );//取版本中的日期 - }else{ - exit("获取程序版本异常"); - } - - //读取缓存 - $template = get_db('global_config','v',['k'=>$page.'_cache']); - if(!empty($template)){ - $data = json_decode($template, true); - } - - //没有缓存 或 禁止缓存 或 缓存过时 - if(empty($template) || $_GET['cache'] === 'no' || time() - $data["time"] > 1800 ){ - $urls = [ - "lm21" => "https://update.lm21.top/TwoNav/{$fn}_template.json", - "gitee" => "https://gitee.com/tznb/twonav_updata/raw/master/{$fn}_template.json" - ]; - $Source = $global_config['Update_Source'] ?? ''; - if (!empty($Source) && isset($urls[$Source])) { - $urls = [$Source => $urls[$Source]]; - } - }else{ - $cache = true; - } - //读取超时参数 - $overtime = !isset($global_config['Update_Overtime']) ? 3 : ($global_config['Update_Overtime'] < 3 || $global_config['Update_Overtime'] > 60 ? 3 : $global_config['Update_Overtime']); - //远程获取 - foreach($urls as $key => $url){ - $Res = ccurl($url,$overtime); - $data = json_decode($Res["content"], true); - if($data["code"] == 200 ){ //如果获取成功 - $data["time"] = time(); //记录当前时间 - write_global_config($page.'_cache',json_encode($data),$fn.'_模板缓存'); - break; //跳出循环. - } - } - //解析 - foreach($data["data"] as $key){ - $path = DIR.'/templates/'.$fn.'/'.$key["dir"]; - if( is_dir($path) ) { //本地存在 - $value = $key["dir"]; - //检查是否可以更新 - $update = str_replace('/','',$themes[$value]['info']['update']); //本地主题版本 - $update_new = str_replace('/','',$key["update"]); //远程主题版本 - if( $sysver >= intval($key["low"]) && $sysver <= intval($key["high"]) && $update < $update_new ){ - $themes[$value]['info']['up'] = '1'; - } - }else{ - //判断是否适配当前系统版本 - if( $sysver >= intval($key["low"]) && $sysver <= intval($key["high"]) ){ - $value = $key["dir"]; - $themes[$value]['info'] = json_decode(json_encode($key),true); - } - } - } - //来源策略 (用于Gitee作为图床反防盗链) - if(!empty($data['referrer'])){ - define('referrer',$data['referrer']); - } - } -} - //不带参数是载入框架 if(empty($page)){ $site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site'])); diff --git a/system/api.php b/system/api.php index d160fab..7eb0c86 100644 --- a/system/api.php +++ b/system/api.php @@ -750,23 +750,7 @@ function write_link(){ if(!is_subscribe('bool')){ msg(-1,"未检测到有效授权,无法使用该功能!"); } - if(intval($_POST['icon']) > 0){ - if(!check_purview('icon_pull',1)){ - msg(-1,'您所在的用户组,无法使用网站图标获取功能'); - } - $path = DIR ."/data/user/".U."/favicon"; - if(!Check_Path($path)){ - msg(-1,'创建目录失败,请检查目录权限'); - } - $config = unserialize( get_db("global_config", "v", ["k" => "icon_config"])) ?? []; - if($config['o_switch'] == '0'){ - msg(-1,'相关服务处于关闭状态,请联系站长开启'); - } - } - session_start(); - $key = md5(uniqid().Get_Rand_Str(8)); - $_SESSION['msg_pull']["$key"] = true; - msgA(['code'=>1,'msg'=>'success','key'=>$key]); + msg(1,'请更新系统后再试'); }elseif($_GET['type'] === 'msg_pull'){ session_start(); $key = $_POST['key']; @@ -860,39 +844,7 @@ function write_link(){ if(!is_subscribe('bool')){ msg(-1,"未检测到有效授权,无法使用该功能!"); } - if(!check_purview('icon_pull',1)){ - msg(-1,'无权限'); - } - $link = get_db('user_links','*',['uid'=>UID,'lid'=>$_POST['id']]); - if(empty($link)){ - msg(-1,'请求的链接id不存在'); - } - $path = DIR ."/data/user/".U."/favicon"; - if(!Check_Path($path)){ - msg(-1,'创建目录失败,请检查权限'); - } - //检查配置 - $config = unserialize( get_db("global_config", "v", ["k" => "icon_config"])) ?? []; - if($config['o_switch'] == '0'){ - msg(-1,'相关服务处于关闭状态,请联系站长开启'); - } - - //跳过存在图标的链接 - if(empty($_POST['cover']) && !empty($link['icon'])){ - msg(1,'skip'); - } - - $api = Get_Index_URL().'?c=icon&url='.base64_encode($link['url']); - $res = ccurl($api,30,true); - $data = get_db('global_icon','*',['url_md5'=>md5($link['url'])]); - if(empty($data)){ - msg(1,'fail'); - } - $new_path = "./data/user/".U.'/favicon/'.$data['file_name']; - if(copy("./data/icon/{$data['file_name']}",$new_path)){ - update_db('user_links',['icon'=>$new_path],['uid'=>UID ,"lid" => $_POST['id'] ],[1,'success']); - } - msg(1,'fail'); + msg(1,'请更新系统后再试'); }elseif($_GET['type'] == 'extend_list'){ if($GLOBALS['global_config']['link_extend'] != 1 ||!check_purview('link_extend',1)){ @@ -991,109 +943,11 @@ function write_security_setting(){ //写收录配置 function write_apply(){ - global $global_config; - if($global_config['apply'] != 1){ - msg(-1,'管理员禁止了此功能!'); - } - if($_GET['type'] == 'set'){ - $s['apply'] = intval($_POST['apply']); // 功能选项0.关闭 1.需要审核 2.无需审核 - $s['Notice'] = $_POST['Notice']??''; // 公告 - $s['submit_limit'] = intval($_POST['submit_limit']); //提交限制 - $s['iconurl'] = $_POST['iconurl']; - $s['description'] = $_POST['description']; - $s['email'] = $_POST['email']; - - if($s['apply'] < 0 || $s['apply'] > 2 ){ - msg(-1,'参数错误!'); - }elseif(strlen($s['Notice']) > 512){ - msg(-1,'公告长度超限!'); - }if(empty($_POST['submit_limit']) || !preg_match("/^\d*$/",$_POST['submit_limit'])){ - msg(-1,'提交限制必须为正整数!'); - } - - write_user_config('apply',$s,'config','收录配置'); - msg(1,'保存成功'); - }elseif($_GET['type'] == '2'){ //通过 - $id = intval($_POST['id']); - $link = get_db("user_apply","*",["uid"=>UID,"id"=> $id ]); - if(empty($id)){ - msg(-1,'id错误'); - }elseif(empty($link['category_id'])){ - msg(-1,'分类id错误'); - }elseif(empty($link['title'])){ - msg(-1,'标题不能为空'); - }elseif(empty($link['url'])){ - msg(-1,'链接不能为空'); - }elseif($link['state'] != 0){ - msg(-1,'此申请信息不是待审核状态!'); - }elseif(!empty(get_db('user_links','*',['uid'=>UID,'url'=>$link['url']]))){ - msg(-1,'链接已存在'); - } - check_link($link['category_id'],$link['title'],$link['url'],''); //检测链接是否合法 - $lid = get_maxid('link_id'); - $data = [ - 'lid' => $lid, - 'uid' => UID, - 'fid' => $link['category_id'], - 'title' => $link['title'], - 'url' => $link['url'], - 'description' => $link['description'], - 'add_time' => time(), - 'up_time' => time(), - 'icon' => $link['iconurl'] - ]; - insert_db('user_links',$data);//插入链接 - update_db('user_apply',['state'=>1],['uid'=>UID,'id'=>$id]);//更新状态 - msg(1,'操作成功'); - }elseif($_GET['type'] == '3'){ //拒绝 - update_db('user_apply',['state'=>2],['uid'=>UID,'id'=>intval($_POST['id'])],[1,'操作成功']);//更新状态 - }elseif($_GET['type'] == '4'){ //删除 - delete_db('user_apply',['uid'=>UID,'id'=>intval($_POST['id'])],[1,'操作成功']); - }elseif($_GET['type'] == 'empty'){ //清空 - delete_db('user_apply',['uid'=>UID],[1,'操作成功']); //删除 - }elseif($_GET['type'] == 'edit'){ //编辑 - $id = intval($_POST['id']); - $link = get_db("user_apply","*",["uid"=>UID,"id"=> $id]); - if(empty($id)){ - msg(-1,'id错误'); - }elseif(empty($link)){ - msg(-1,'未找到数据'); - } - $category_id = intval($_POST['edit_category']); - $category_name = get_db("user_categorys","name",["uid"=>UID,"cid"=> $category_id ]); - if(empty($category_name)){ - msg(-1,'未找到分类'); - } - - $data = [ - 'category_id' => $category_id, - 'category_name' => $category_name, - 'title' => htmlspecialchars($_POST['title'],ENT_QUOTES), - 'url' => $_POST['url'], - 'description' => htmlspecialchars($_POST['description'],ENT_QUOTES), - 'iconurl' => $_POST['iconurl'] - ]; - update_db('user_apply',$data,['uid'=>UID,'id'=>intval($_POST['id'])]); - msg(1,'修改成功'); - } - msg(-1,'不支持的操作类型'); + msg(-1,'免费版不支持此功能,请购买授权版'); } //读收录列表 function read_apply_list(){ - $page = empty(intval($_REQUEST['page'])) ? 1 : intval($_REQUEST['page']); - $limit = empty(intval($_REQUEST['limit'])) ? 50 : intval($_REQUEST['limit']); - $offset = ($page - 1) * $limit; //起始行号 - $where["uid"] = UID; - - //统计条数 - $count = count_db('user_apply',$where); - //权重排序(数字小的排前面) - $where['ORDER']['id'] = 'DESC'; - //分页 - $where['LIMIT'] = [$offset,$limit]; - //查询 - $datas = select_db('user_apply','*',$where); - msgA(['code'=>1,'msg'=>'获取成功','count'=>$count,'data'=>$datas]); + msgA(['code'=>-1,'msg'=>'免费版不支持此功能,请购买授权版','count'=>0,'data'=>[]]); } //写站点设置 @@ -1436,10 +1290,7 @@ function read_theme(){ //没有缓存 或 禁止缓存 或 缓存过时 if(empty($template) || $_GET['cache'] === 'no' || time() - $data["time"] > 1800 ){ - $urls = [ - "lm21" => "https://update.lm21.top/TwoNav/{$request_dir}_template.json", - "gitee" => "https://gitee.com/tznb/twonav_updata/raw/master/{$request_dir}_template.json" - ]; + $urls = ["gitee" => "http://tznb.gitee.io/twonav_resource/{$request_dir}_template.json"]; $Source = $global_config['Update_Source'] ?? ''; if (!empty($Source) && isset($urls[$Source])) { $urls = [$Source => $urls[$Source]]; @@ -1450,7 +1301,7 @@ function read_theme(){ //读取超时参数 $overtime = !isset($global_config['Update_Overtime']) ? 3 : ($global_config['Update_Overtime'] < 3 || $global_config['Update_Overtime'] > 60 ? 3 : $global_config['Update_Overtime']); //远程获取 - foreach($urls as $key => $url){ + foreach($urls as $key => $url){ $Res = ccurl($url,$overtime); $data = json_decode($Res["content"], true); if($data["code"] == 200 ){ //如果获取成功 @@ -1500,71 +1351,7 @@ function write_theme(){ is_root(); if($global_config['offline']){msg(-1,"离线模式禁止下载主题!");} //离线模式 if(!is_subscribe('bool')){msg(-1,"未检测到有效授权,无法使用该功能!");} - $dir = $_POST['dir']; - $name = $_POST['name']; - if(preg_match('/^v.+-(\d{8})$/i',SysVer,$matches)){ - $sysver = intval( $matches[1] ); - }else{ - msg(-1,"获取程序版本异常"); - } - if(!is_writable('./templates')){ - msg(-1,"检测到模板目录不可写
请检查templates目录权限
宝塔面板请注意所有者为www
其他疑问请联系技术支持"); - } - //从数据库查找主题信息 - $template = get_db('global_config','v',['k'=> 'theme_'.$fn.'_cache']); - if(empty($template)){ - msg(-1,'-1,未找到数据'); - }else{ - $data = json_decode($template, true); //转为数组 - foreach($data["data"] as $key){ - if( $key['dir'] === $dir && $sysver >= intval($key["low"]) && $sysver <= intval($key["high"])){ - $file = $key['dir'].".tar.gz"; - $filePath = DIR."/data/temp/{$file}"; - break; //找到跳出 - } - } - if(empty($file)){ - msg(-1,'-2,未找到数据'); - } - } - - //下载主题包 - if(!is_dir('./data/temp')) mkdir('./data/temp',0755,true) or msg(-1,'下载失败,创建临时[/data/temp]目录失败'); - if(!is_writable('./data/temp')){ - msg(-1,"检测到临时目录不可写
请检查data/temp目录权限
宝塔面板请注意所有者为www
其他疑问请联系技术支持"); - } - $data = $key; - foreach($data['url'] as $url){ - if(downFile( $url , $file , DIR.'/data/temp/')){ - $file_md5 = md5_file($filePath); - if($file_md5 === $data['md5']){ - $downok = true; - break;//下载成功,跳出循环! - }else{ - unlink($filePath); - } - } - } - //判断下载结果 - if(!$downok || !file_exists($filePath)){ - msg(-1,'-1,下载失败'); - }elseif($file_md5 != $data['md5']){ - msgA(['code'=>-1,'msg'=> '效验压缩包异常','Correct_md5'=> $data['md5'],'file_md5'=>$file_md5]); - } - //解压主题包 - try { - $phar = new PharData($filePath); - $phar->extractTo(DIR.'/templates/'.$fn, null, true); //路径 要解压的文件 是否覆盖 - unlink($filePath);//删除文件 - } catch (Exception $e) { - msg(-1,'解压主题包失败'); - } - //检查结果并返回 - if(file_exists(DIR."/templates/$fn/".$data['dir']."/info.json")){ - msgA(['code'=>1,'msg'=> '下载成功']); - }else{ - msgA(['code'=>-1,'msg'=> '解压后未找到主题信息','url'=> $url,'file_md5'=>$file_md5]); - } + msg(1,'请更新系统后再试'); //删除主题 }elseif($_GET['type'] == 'del'){ @@ -1995,19 +1782,11 @@ function read_data(){ //扩展功能 $extend = []; - if($global_config['apply'] == 1 && check_purview('apply',1)){ - array_push($extend,['title'=>'收录管理','href'=>'expand/apply-admin','icon'=>'fa fa-pencil']); - } - if($global_config['guestbook'] == 1 && check_purview('guestbook',1)){ - array_push($extend,['title'=>'留言管理','href'=>'expand/guestbook-admin','icon'=>'fa fa-commenting-o']); - } - if($global_config['article'] > 0 && check_purview('article',1)){ - array_push($extend,['title'=>'文章管理','href'=>'expand/article-list','icon'=>'fa fa-file-text-o']); - } - if(!empty($extend)){ - $extend = ['title'=>'扩展功能','icon'=>'fa fa-folder-open-o','href'=>'','child'=> $extend]; - array_push($menu,$extend); - } + array_push($extend,['title'=>'收录管理','href'=>'expand/apply-admin','icon'=>'fa fa-pencil']); + array_push($extend,['title'=>'留言管理','href'=>'expand/guestbook-admin','icon'=>'fa fa-commenting-o']); + array_push($extend,['title'=>'文章管理','href'=>'expand/article-list','icon'=>'fa fa-file-text-o']); + $extend = ['title'=>'扩展功能','icon'=>'fa fa-folder-open-o','href'=>'','child'=> $extend]; + array_push($menu,$extend); //如果是管理员则追加菜单 if($USER_DB['UserGroup'] == 'root'){ @@ -2045,60 +1824,7 @@ function write_article(){ } //百度推送 function other_baidu_push(){ - global $u,$global_config; - if ( $global_config['offline'] == '1'){ - msg(-1,"离线模式无法使用此功能"); - } - if(!is_subscribe('bool')){ - msg(-1,"未检测到有效授权,无法使用该功能!"); - } - if(empty($_POST['push_api'])){ - msg(-1,'请输入接口地址'); - } - if(empty($_POST['id'])){ - msg(-1,'请提交链接ID'); - } - $host = $_SERVER['HTTP_HOST']; // 获取主机名 - $port = isset($_SERVER['SERVER_PORT']) ? ($_SERVER['SERVER_PORT'] == 80 ? '' : ':'.$_SERVER['SERVER_PORT']) : ''; // 获取端口号 - $scheme = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https://' : 'http://'; // 获取协议 - $host = $scheme.$host.$port; - $ids = json_decode($_POST['id']) ?? 0; - if(count($ids)<1){ - msg(-1,'解析数据失败,请检查格式是否正确'); - } - $urls=[]; - if($_POST['type'] == 'link'){ - foreach($ids as $id){ - $urls[] = "{$host}/{$u}/click/{$id}.html"; - } - }elseif($_POST['type'] == 'article'){ - foreach($ids as $id){ - $urls[] = "{$host}/{$u}/article/{$id}.html"; - } - }else{ - msg(-1,'无效类型'); - } - - if(!empty($urls)){ - $api = $_POST['push_api']; - write_user_config('baidu_push_api',$api,'config','百度推送API'); - $ch = curl_init(); - $options = array( - CURLOPT_URL => $api, - CURLOPT_POST => true, - CURLOPT_RETURNTRANSFER => true, - CURLOPT_POSTFIELDS => implode("\n", $urls), - CURLOPT_HTTPHEADER => array('Content-Type: text/plain'), - ); - curl_setopt_array($ch, $options); - $result = curl_exec($ch); - $result = json_decode($result,true) ?? ''; - if(empty($result)){ - msg(-1,'推送失败'); - }else{ - msgA(['code'=>curl_getinfo($ch, CURLINFO_HTTP_CODE),'data'=>$result]); - } - } + msg(-1,'未检测到有效授权,无法使用该功能'); } //获取链接信息 function other_get_link_info(){ diff --git a/system/api_article.php b/system/api_article.php index da291c0..c7433ea 100644 --- a/system/api_article.php +++ b/system/api_article.php @@ -1,222 +1,2 @@ > '.$type); -} - -//上传图片 -function uploadImage(){ - global $u; - //权限检测 - if(!check_purview('article_image',1)){ - msgA(['errno'=>-1,'message'=>'您的用户组无权限上传图片']); - }elseif(empty($_FILES["file"]) || $_FILES["file"]["error"] > 0){ - msgA(['errno'=>-1,'message'=>'文件上传失败']); - } - - //取后缀并判断是否支持 - $suffix = strtolower(end(explode('.',$_FILES["file"]["name"]))); - if(!preg_match('/^(jpg|png|gif|bmp|jpeg|svg|webp)$/',$suffix)){ - @unlink($_FILES["file"]["tmp_name"]); - msgA(['errno'=>-1,'message'=>'文件格式不被支持']); - } - //限制文件大小 - if(filesize($_FILES["file"]["tmp_name"]) > 5 * 1024 * 1024){ - msgA(['errno'=>-1,'message'=>'文件大小超限']); - } - //文件临时路径 - $ym = date("Ym"); - $path = DIR . "/data/user/{$u}/upload/{$ym}/"; - //检测目录,不存在则创建! - if(!Check_Path($path)){ - msgA(['errno'=>-1,'message'=>'创建upload目录失败,请检查权限']); - } - $tmp_name = 'AI_'.uniqid().'.'.$suffix; - //移动文件 - if(!move_uploaded_file($_FILES["file"]["tmp_name"],"{$path}/{$tmp_name}")) { - msgA(['errno'=>-1,'message'=>'上传失败,请检查目录权限']); - }else{ - msgA(['errno'=>0,'data'=>['url'=>"./data/user/{$u}/upload/{$ym}/$tmp_name",'alt'=>$_FILES["file"]["name"],'href'=>''],'message'=>'上传成功']); - } -} -//删除图片 -function deleteImage(){ - global $u; - if(empty($_POST['path'])){ - msg(-1,'请求参数错误'); - } - $path = $_POST['path']; - $pattern = "/^\.\/data\/user\/{$u}\/upload\/\d{6}\/AI_[A-Za-z0-9_]+\.(jpg|png|gif|bmp|jpeg|svg|webp)$/i"; - if(preg_match($pattern,$path) && is_file($path)){ - @unlink($path); - }else{ - msg(-1,'请求参数错误'); - } - //需考虑编辑文章删除封面时未点击保存的情况 - if(is_file($path)){ - msg(-1,'删除失败'); - }else{ - msg(1,'删除成功'); - } -} -//上传视频 -function uploadVideo(){ - msgA(['errno'=>-1,'message'=>'未开放']); - global $u; - //权限检测 - if(!check_purview('article_image',1)){ - msgA(['errno'=>-1,'message'=>'您的用户组无权限上传视频']); - }elseif(empty($_FILES["file"]) || $_FILES["file"]["error"] > 0){ - msgA(['errno'=>-1,'message'=>'文件上传失败']); - } - - //取后缀并判断是否支持 - $suffix = strtolower(end(explode('.',$_FILES["file"]["name"]))); - if(!preg_match('/^(avi|mp4|wma|rmvb|rm|flash|3gp|flv)$/',$suffix)){ - @unlink($_FILES["file"]["tmp_name"]); - msgA(['errno'=>-1,'message'=>'文件格式不被支持']); - } - //限制文件大小 - if(filesize($_FILES["file"]["tmp_name"]) > 20 * 1024 * 1024){ - msgA(['errno'=>-1,'message'=>'文件大小超限']); - } - //文件临时路径 - $ym = date("Ym"); - $path = DIR . "/data/user/{$u}/upload/{$ym}/"; - //检测目录,不存在则创建! - if(!Check_Path($path)){ - msgA(['errno'=>-1,'message'=>'创建upload目录失败,请检查权限']); - } - $tmp_name = 'AV_'.uniqid().'.'.$suffix; - //移动文件 - if(!move_uploaded_file($_FILES["file"]["tmp_name"],"{$path}/{$tmp_name}")) { - msgA(['errno'=>-1,'message'=>'上传失败,请检查目录权限']); - }else{ - msgA(['errno'=>0,'data'=>['url'=>"./data/user/{$u}/upload/{$ym}/$tmp_name",'alt'=>$_FILES["file"]["name"],'href'=>''],'message'=>'上传成功']); - } -} - -//获取文章列表 -function article_list(){ - $where['uid'] = UID; - //分类筛选 - if(intval(@$_POST['category']) > 0){ - $where['AND']['category'] = intval(@$_POST['category']); - } - //状态筛选 - if(intval(@$_POST['state']) > 0){ - $where['AND']['state'] = intval(@$_POST['state']); - } - //关键字筛选 - $query = $_POST['keyword']; - if(!empty($query)){ - $where['AND']['OR'] = ["title[~]" => $query,"summary[~]" => $query,"content[~]" => $query]; - } - //统计条数 - $count = count_db('user_article_list',$where); - //分页 - $page = empty(intval($_REQUEST['page'])) ? 1 : intval($_REQUEST['page']); - $limit = empty(intval($_REQUEST['limit'])) ? 50 : intval($_REQUEST['limit']); - $offset = ($page - 1) * $limit; //起始行号 - $where['LIMIT'] = [$offset,$limit]; - - $datas = select_db('user_article_list',['id','title','category','state','password','top','add_time','up_time','browse_count','summary','cover'],$where); - - //查询分类 - $categorys = select_db('user_categorys',['cid(id)','name'],['uid'=>UID]); - $categorys = array_column($categorys,'name','id'); - //为文章添加分类名称 - foreach ($datas as &$data) { - $data['category_name'] = $categorys[$data['category']] ?? 'Null'; - } - msgA(['code'=>1,'count'=>$count,'data'=>$datas]); -} - -//保存文章 -function save_article(){ - if(empty($_POST['category']) || !has_db('user_categorys',['uid'=>UID,'cid'=>$_POST['category']])){ - msg(-1,'分类不存在'); - } - $time = time(); - //id为空,添加文章 - if(empty($_POST['id'])){ - insert_db('user_article_list',[ - 'uid'=>UID, - 'title'=>$_POST['title'], - 'category'=>$_POST['category'], - 'state'=>$_POST['state'], - 'password'=>'', - 'top'=>0, - 'add_time'=>$time, - 'up_time'=>$time, - 'browse_count'=>0, - 'summary'=>$_POST['summary'], - 'content'=>$_POST['content'], - 'cover'=>$_POST['cover_url'], - 'extend'=>'' - ],[1,'保存成功']); - //存在id,更新文章数据 - }else{ - if(!has_db('user_article_list',['uid'=>UID,'id'=>$_POST['id']])){ - msg(-1,'文章id错误'); - } - update_db('user_article_list',[ - 'title'=>$_POST['title'], - 'category'=>$_POST['category'], - 'state'=>$_POST['state'], - 'up_time'=>$time, - 'summary'=>$_POST['summary'], - 'content'=>$_POST['content'], - 'cover'=>$_POST['cover_url'] - ],['uid'=>UID,'id'=>$_POST['id']],[1,'保存成功']); - } - - -} -//删除文章 -function del_article(){ - $id = json_decode($_POST['id']); - if(empty($id)) msg(-1,'参数错误'); - delete_db('user_article_list',['uid'=>UID,'id'=>$id],[1,'操作成功']); -} -//修改分类 -function up_category(){ - $id = json_decode($_POST['id']); - if(empty($id)) msg(-1,'参数错误'); - if(empty($_POST['category_id']) || !has_db('user_categorys',['uid'=>UID,'cid'=>$_POST['category_id']])){ - msg(-1,'分类不存在'); - } - update_db('user_article_list',['category'=>$_POST['category_id']],['uid'=>UID,'id'=>$id],[1,'操作成功']); -} -//修改状态 -function up_state(){ - $id = json_decode($_POST['id']); - if(empty($id)) msg(-1,'参数错误'); - if(!in_array($_POST['state_id'],['1','2','3','4'])){ - msg(-1,'状态参数错误'); - } - update_db('user_article_list',['state'=>$_POST['state_id']],['uid'=>UID,'id'=>$id],[1,'操作成功']); -} - - -//保存设置 (与站点配置共享) -function save_article_set(){ - //检查配置参数 - if(!in_array($_POST['visual'],['0','1','2']) || !in_array($_POST['icon'],['0','1','2'])){ - msg(-1,'参数错误'); - } - //读取站点配置 - $s_site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site'])); - $s_site['article_visual'] = $_POST['visual']; - $s_site['article_icon'] = $_POST['icon']; - update_db("user_config",["v"=>$s_site],["k"=>'s_site',"uid"=>UID],[1,'保存成功']); -} - - +msg(-1,'未检测到有效授权,无法使用该功能'); diff --git a/system/api_root.php b/system/api_root.php index 651515e..92f8311 100644 --- a/system/api_root.php +++ b/system/api_root.php @@ -33,76 +33,52 @@ function other_upsys(){ msg(-1,"文件夹不可写 >> $path"); } } - - $_SESSION['upsys']['sysver'] = intval($matches[1]); - usleep(1000*300); //延迟300毫秒 - msg(1,'success'); - } - //下载更新包 - if($_POST['i'] == 2){ + //检查授权状态 if(!is_subscribe('bool')){ msg(-1,'未检测到有效授权,请 购买授权手动更新'); } + $subscribe = unserialize(get_db('global_config','v',["k" => "s_subscribe"])); + if(!isset($subscribe['public']) || empty($subscribe['public'])){ + msg(-1,' + 错误原因: 未检测到授权秘钥
如何处理:
+    1. 转到授权管理页面点击保存设置
+    2. 提示保存成功后在尝试更新'); + } + $_SESSION['upsys']['sysver'] = intval($matches[1]); + usleep(1000*300); //延迟300毫秒 + msg(1,'success'); + } + //下载更新包 + if($_POST['i'] == 2){ //设置执行最长时间,0为无限制。单位秒! set_time_limit(5*60); $overtime = !isset($GLOBALS['global_config']['Update_Overtime']) ? 3 : ($GLOBALS['global_config']['Update_Overtime'] < 3 || $GLOBALS['global_config']['Update_Overtime'] > 60 ? 3 : $GLOBALS['global_config']['Update_Overtime']); - //加载远程数据 - $urls = [ - "lm21" => "https://update.lm21.top/TwoNav/updata.json", - "gitee" => "https://gitee.com/tznb/twonav_updata/raw/master/updata.json" - ]; - $Source = $GLOBALS['global_config']['Update_Source'] ?? ''; - if (!empty($Source) && isset($urls[$Source])) { - $urls = [$Source => $urls[$Source]]; - } - - foreach($urls as $key => $url){ - $Res = ccurl($url,$overtime); - $data = json_decode($Res["content"], true); - if($data["code"] == 200 ){ //如果获取成功 - break; //跳出循环. - } - } - + //请求获取更新包 + $Res = ccurl("http://service.twonav.cn/service.php",30,true,data_encryption('updateSystem',['sysver'=>$_SESSION['upsys']['sysver']])); + $data = json_decode($Res["content"], true); + if($data["code"] != '200'){ - msg(-1,'获取更新信息失败,请稍后再试..'); + msg(-1,$data['msg'] ?? '获取更新信息失败,请稍后再试..'); } - foreach($data["data"] as $key){ - if( $_SESSION['upsys']['sysver'] >= $key["low"] && $_SESSION['upsys']['sysver'] <= $key["high"] && $key["update"] > $_SESSION['upsys']['sysver']){ - $file = "System_Upgrade.tar.gz"; - $filePath = "./data/temp/{$file}"; - $data = $key; - break; //找到跳出 - } - } - if(empty($file)){ - msg(-1,'暂无可用更新'); - } + $file = "System_Upgrade.tar.gz"; + $filePath = "./data/temp/{$file}"; //下载升级包 - unlink($filePath); - foreach($data["url"] as $url){ - if(downFile($url,$file,'./data/temp/')){ - $file_md5 = md5_file($filePath); - if($file_md5 === $data['md5']){ - break; //下载成功,跳出循环 - }else{ - unlink($filePath); //下载失败,删除文件 - } + if(downFile($data['url'],$file,'./data/temp/')){ + $file_md5 = md5_file($filePath); + if($file_md5 != $data['md5']){ + unlink($filePath); + msg(-1,'更新包校验失败,请重试或联系客服'); } - } - //检查下载结果 - if(empty($file_md5) ){ + }else{ msg(-1,'下载更新包失败'); - }elseif($file_md5 != $data['md5']){ - msgA(['code'=>-1,'msg'=> '升级包效验失败','correct_md5'=> $data['md5'],'reality_md5'=>$file_md5]); } - //sleep(1); + msg(1,'success'); } @@ -199,6 +175,7 @@ function other_upsys(){ msgA(['code'=>-1,'msg'=>'步骤错误']); } + //读用户列表 function read_user_list(){ $query = $_POST['query']; @@ -261,19 +238,7 @@ function read_users_list(){ if(!is_subscribe('bool')){ msg(-1,'未检测到有效授权'); } - $purview_list = select_db('purview_list','name',''); - $datas = select_db('user_group',['id','name','allow','code','codes','uname'],''); - foreach ($datas as $key => $data){ - $datas[$key]['codes'] = unserialize($datas[$key]['codes']); - if(empty($datas[$key]['codes'])){ - $datas[$key]['disable'] = $purview_list;//为空表示全部 - }else{ - $datas[$key]['disable'] = array_diff($purview_list,explode(",", $data['allow'])); - } - - $datas[$key]['disable'] = implode(',',$datas[$key]['disable']); //数组转文本 - } - msgA(['code'=>1,'msg'=>'获取成功','count'=>count($datas),'data'=>$datas]); + msg(1,'请更新系统后再试'); } //写用户组 @@ -289,123 +254,13 @@ function write_users(){ if(!is_subscribe('bool')){ msg(-1,'未检测到有效授权'); } - $USER = $_POST['uname']; - $USER_ID = ''; - if(!empty($USER)){ - $USER_ID = get_db("global_user", "ID", ["User"=>$USER]); - if(empty($USER_ID)){msg(-1,'蓝图用户不存在');} - } - - if($_GET['type'] == 'add'){ - if(!empty(get_db('user_group','code',['code' => $_POST['code']]))){ - msg(-1,'分组代号已存在'); - }elseif(!empty(get_db('user_group','name',['name' => $_POST['name']]))){ - msg(-1,'分组名称已存在'); - } - - insert_db('user_group',["uname"=>$USER,"uid"=>$USER_ID,"code"=>$_POST['code'],"name"=>$_POST['name'],"allow"=>$_POST['allow_list'],"codes"=>json_decode($_POST['allow_code_list'])],[1,'添加成功']); - }elseif($_GET['type'] == 'edit'){ - if(empty(get_db('user_group','code',['code' => $_POST['code']]))){ - msg(-1,'此分组代号不存在'); - }elseif(!empty(get_db('user_group','name',['name' => $_POST['name'],'code[!]'=>$_POST['code']]))){ - msg(-1,'分组名称已存在'); - } - update_db('user_group',["uname"=>$USER,"uid"=>$USER_ID,"name"=>$_POST['name'],'allow'=>$_POST['allow_list'],'codes'=>json_decode($_POST['allow_code_list']) ],['code'=>$_POST['code']],[1,'保存成功']); - }elseif($_GET['type'] == 'del'){ - global $global_config; - if(!empty(get_db('global_user','ID',['UserGroup' => $_POST['code']]))){ - msg(-1,'无法删除,有用户正在使用此用户组'); - }elseif(!empty(get_db('regcode_list','regcode',['u_group' => $_POST['code']]))){ - msg(-1,'无法删除,存在使用此用户组的注册码'); - }elseif($global_config['default_UserGroup'] == $_POST['code']){ - msg(-1,'无法删除,正在被使用:系统设置>默认分组'); - } - delete_db('user_group',["code" => $_POST['code'] ],[1,'删除成功']); - } + msg(1,'请更新系统后再试'); } //写用户信息 function write_user_info(){ - switch ($_GET['type']) { - //删除 - case "Del": - $uids = json_decode($_POST['ID']); - $USER_S = select_db('global_user','User',['ID'=>$uids]); - foreach($USER_S as $USER){ - if(is_dir(DIR.'/data/user/'.$USER)){ - deldir(DIR.'/data/user/'.$USER); - if(is_dir(DIR.'/data/user/'.$USER)){ - msg(1,'删除用户数据目录失败,用户名:'.$USER); - } - } - if(is_dir(DIR.'/data/backup/'.$USER)){ - deldir(DIR.'/data/backup/'.$USER); - if(is_dir(DIR.'/data/backup/'.$USER)){ - msg(1,'删除用户备份目录失败,用户名:'.$USER); - } - } - } - foreach (['regcode_list','user_categorys','user_config','user_count','user_links','user_log','user_login_info'] as $table){ - delete_db($table,[ "uid" => $uids ]); - } - delete_db('global_user',["ID" => $uids]); - msg(1,'删除成功'); - break; - //删除OTP验证 - case "Del_OTP": - $uids = json_decode($_POST['ID']); - $USER_S = select_db('global_user',['LoginConfig','ID','User'],['ID'=>$uids]); - $fail = 0; - foreach($USER_S as $USER){ - $LoginConfig = unserialize($USER['LoginConfig']); - if(empty($LoginConfig['totp_key'])){ - $fail ++; - continue; - } - $LoginConfig['totp_key'] = ''; - update_db("global_user", ["LoginConfig" => $LoginConfig], ["ID" => $USER['ID']]); - } - if($fail > 0){ - msg(1,'操作完毕,有'.$fail.'个账号未开启OTP双重验证'); - } - msg(1,'操作成功'); - break; - //设用户组 - case "set_UserGroup": - if(empty($_POST['UserGroup'])){ - msg(-1,'用户组不能为空'); - }elseif(!in_array($_POST['UserGroup'],['default','root']) && empty(get_db('user_group','code',['code' => $_POST['UserGroup']]))){ - msg(-1,'用户组不存在'); - } - update_db('global_user',['UserGroup'=>$_POST['UserGroup']],["ID" => json_decode($_POST['ID']) ],[1,'修改成功']); - break; - //设密码 - case "set_pwd": - if(!has_db('global_user',['ID'=>$_POST['ID']])){ - msg(-1,'用户不存在!'); - } - //空字符串md5 防止意外出现空密码 - if( $_POST['new_pwd']== 'd41d8cd98f00b204e9800998ecf8427e'){ - msg(-1,'密码不能为空'); - } - $RegTime = get_db('global_user','RegTime',['ID'=>$_POST['ID']]); - update_db('global_user',['Password'=>Get_MD5_Password($_POST['new_pwd'],$RegTime)],["ID" => $_POST['ID'] ],[1,'修改成功']); - break; - //设邮箱 - case "set_email": - if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$_POST['new_email'])){ - msg(-1,'邮箱错误!'); - } - if(has_db('global_user',['Email'=>$_POST['new_email']])){ - msg(-1,'邮箱已存在!'); - } - update_db('global_user',['Email'=>$_POST['new_email']],["ID" => $_POST['ID'] ],[1,'修改成功']); - break; - - default: - msg(-1,'操作类型错误'); - } + msg(-1,'未检测到有效授权,无法使用该功能'); } //读注册码列表 @@ -413,29 +268,7 @@ function read_regcode_list(){ if(!is_subscribe('bool')){ msg(-1,'未检测到有效授权'); } - $page = empty(intval($_REQUEST['page'])) ? 1 : intval($_REQUEST['page']); - $limit = empty(intval($_REQUEST['limit'])) ? 50 : intval($_REQUEST['limit']); - $offset = ($page - 1) * $limit; //起始行号 - $where = []; - - //统计条数 - $count = count_db('regcode_list',$where); - //分页 - $where['LIMIT'] = [$offset,$limit]; - //排序 - $where['ORDER']['id'] = 'DESC'; - //查询 - $datas = select_db('regcode_list','*',$where); - //用户组处理 - if(!empty($datas)){ - $user_group = select_db('user_group',['name','code'],'');//读用户组 - $user_group = array_column($user_group, 'name', 'code');//以代号为键 - $user_group['root'] = '站长'; - $user_group['default'] = '默认'; - foreach ($datas as $key => $data){ - $datas[$key]['UserGroupName'] = $user_group[$data['u_group']]??'Null'; - } - } + msg(1,'请更新系统后再试'); msgA(['code'=>1,'msg'=>'获取成功','count'=>$count,'data'=>$datas]); } @@ -445,43 +278,14 @@ function write_regcode(){ if(!is_subscribe('bool')){ msg(-1,'未检测到有效授权'); } - if($_GET['type'] == 'generate'){ - if(!in_array($_POST['group'] ,['default']) && empty(get_db('user_group','code',['code' => $_POST['group'] ]))){ - msg(-1,'用户组不存在'); - } - - $t = time(); - for ($i=1; $i<=$_POST['number']??1; $i++){ - if($_POST['regcode_length'] == 8){ - $regcode = hash("crc32b",uniqid()); - }elseif($_POST['regcode_length'] == 36){ - $regcode = $db::raw("UUID()"); - }else{ - $regcode = md5(uniqid()); - } - insert_db('regcode_list',["uid"=>UID,"regcode"=>$regcode,"u_group"=>$_POST['group'],"use_state"=>'未使用',"add_time"=>$t,"use_time"=>0]); - } - - msg(1,'注册码已生成'); - }elseif($_GET['type'] == 'set'){ - write_global_config('reg_tips',$_POST['content'],'注册提示'); - msg(1,'保存成功'); - }elseif($_GET['type'] == 'del'){ - delete_db("regcode_list",[ "id" => json_decode($_POST['id'])]); - msg(1,'删除成功'); - } - - msg(-1,'无效的请求类型'); + msg(1,'请更新系统后再试'); } //写订阅信息 function write_subscribe(){ global $USER_DB; - $data['order_id'] = htmlspecialchars( trim($_REQUEST['order_id']) ); //获取订单ID - $data['email'] = htmlspecialchars( trim($_REQUEST['email']) ); //获取邮箱 - $data['end_time'] = htmlspecialchars( trim($_REQUEST['end_time']) );//到期时间 - $data['domain'] = htmlspecialchars( trim($_REQUEST['domain']) );//支持域名 + $data = $_POST; $data['host'] = $_SERVER['HTTP_HOST']; //当前域名 if(empty($data['order_id']) && empty($data['email']) && empty($data['end_time'])){ write_global_config('s_subscribe','','订阅信息'); @@ -504,8 +308,9 @@ function write_subscribe(){ } } } - + if(stristr($data['domain'],$data['host'])){ + //unset($data['public']); // 记得删除 write_global_config('s_subscribe',$data,'订阅信息'); msg(1,'保存成功'); }else{ @@ -527,16 +332,6 @@ function write_sys_settings(){ msg(-1,'默认账号不存在'); }elseif(!empty($_POST['default_UserGroup']) && empty(get_db('user_group','code',['code' => $_POST['default_UserGroup']]))){ msg(-1,'默认分组代号不存在'); - }elseif($_POST['Sub_domain'] == 1){ - if(preg_match('/\.(com|net|org|gov|edu)\.cn$/', $_SERVER["HTTP_HOST"])){ - msg(-1,'不支持此类域名'); - } - if(filter_var($_SERVER["HTTP_HOST"], FILTER_VALIDATE_IP) != false){ - msg(-1,'不支持IP访问开启二级域名'); - } - if(preg_match('/\.(\d+|:\d+)$/', preg_replace('/:\d+$/','',$_SERVER['HTTP_HOST'])) || substr_count($_SERVER["HTTP_HOST"],':') > 2){ - msg(-1,'不支持IP访问开启二级域名,如有误判请联系技术支持!'); - } } //自定义登录入口和注册入口检测 @@ -547,12 +342,7 @@ function write_sys_settings(){ if(in_array($_POST['Register'],$prohibits)){ msg(-1,'此注册入口名已被系统使用'); } - //长度限制 - foreach (['c_name','c_desc','l_name','l_url','l_key','l_desc'] as $name){ - $length_limit[$name] = is_subscribe('bool') ? intval($_POST[$name]) : 0; - } - write_global_config("length_limit",$length_limit,'长度限制'); - + //全局配置 $datas = [ 'Login'=>['empty'=>false,'msg'=>'登录入口不能为空'], @@ -567,23 +357,14 @@ function write_sys_settings(){ 'offline'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'离线模式参数错误'], 'Debug'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'调试模式参数错误'], 'Maintenance'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'维护模式参数错误'], - 'Sub_domain'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'二级域名参数错误'], - 'Privacy'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'强制私有参数错误'], 'default_page'=>['int'=>true,'min'=>0,'max'=>2,'msg'=>'默认页面参数错误'], - 'copyright'=>['empty'=>true], - 'global_header'=>['empty'=>true], - 'global_footer'=>['empty'=>true], + 'api_extend'=>['empty'=>true], 'c_code'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'自定义代码参数错误'], - 'static_link'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'静态链接参数错误'], //更新设置 'Update_Source'=>['empty'=>true], 'Update_Overtime'=>['int'=>true,'min'=>3,'max'=>60,'msg'=>'资源超时参数错误'], - //扩展功能-(全局开关) - 'apply'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'收录管理参数错误'], - 'guestbook'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'留言管理参数错误'], - 'link_extend'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'链接扩展参数错误'], - 'article'=>['int'=>true,'min'=>0,'max'=>2,'msg'=>'文章管理参数错误'] + ]; $o_config = []; foreach ($datas as $key => $data){ @@ -595,42 +376,9 @@ function write_sys_settings(){ $o_config[$key] = $data['empty']?$_POST[$key]:(!empty($_POST[$key])?$_POST[$key]:msg(-1,$data['msg'])); } } - if(!is_subscribe('bool')){ - if($_POST['Sub_domain'] == 1){$o_config['Sub_domain'] = 0;$filter = true;} - if($_POST['Privacy'] == 1){$o_config['Privacy'] = 0;$filter = true;} - if(!empty($_POST['copyright'])){$o_config['copyright'] = "";$filter = true;} - if(!empty($_POST['global_header'])){$o_config['global_header'] = "";$filter = true;} - if(!empty($_POST['global_footer'])){$o_config['global_footer'] = "";$filter = true;} - if($_POST['apply'] == 1){$o_config['apply'] = 0;$filter = true;} - if($_POST['guestbook'] == 1){$o_config['guestbook'] = 0;$filter = true;} - if($_POST['link_extend'] == 1){$o_config['link_extend'] = 0;$filter = true;} - if($_POST['article'] == 1){$o_config['article'] = 0;$filter = true;} - if($_POST['static_link'] == 1){$o_config['static_link'] = 0;$filter = true;} - } - //检测于下载文章管理依赖资源 - clearstatcache(); - if($o_config['article'] == 1 && ( !is_file('./static/wangEditor/wangEditor.js') || !is_file('./static/wangEditor/wangEditor.css'))){ - $filePath = "./data/temp/wangEdito.tar.gz"; - if(downFile('https://update.lm21.top/TwoNav/updata/wangEdito.tar.gz','wangEdito.tar.gz','./data/temp/')){ - $file_md5 = md5_file($filePath); - if($file_md5 != "95f830656ba8972cca39a1ddd6ebaeda"){ - unlink($filePath); - msg(-1,'效验wangEdito失败
!'); - } - }else{ - msg(-1,'下载wangEdito失败,请重试!
如需手动安装可联系技术支持!'); - } - try { - $phar = new PharData($filePath); - $phar->extractTo('./static/', null, true); - unlink($filePath); - clearstatcache(); - } catch (Exception $e) { - msg(-1,'安装wangEdito失败'); - } - } - update_db("global_config", ["v" => $o_config], ["k" => "o_config"],[1,($filter ?"保存成功,未检测到有效授权,带*号的配置无法为你保存":"保存成功")]); + + update_db("global_config", ["v" => $o_config], ["k" => "o_config"],[1,"免费版可用功能配置已保存!"]); } //写默认设置 @@ -639,54 +387,7 @@ function write_default_settings(){ if(!is_subscribe('bool')){ msg(-1,'未检测到有效授权'); } - if(intval($_POST['Session']) > 0 && intval($_POST['KeyClear']) > intval($_POST['Session'])){ - msg(-1,'Key清理时间不能大于登录保持时间'); - } - // 安全配置(登录配置) - $datas = [ - 'Session'=>['int'=>true,'min'=>0,'max'=>360,'msg'=>'登录保持参数错误'], - 'HttpOnly'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'HttpOnly参数错误'], - 'KeySecurity'=>['int'=>true,'min'=>0,'max'=>2,'msg'=>'Key安全参数错误'], - 'KeyClear'=>['int'=>true,'min'=>1,'max'=>60,'msg'=>'Key清理参数错误'], - 'api_model'=>['v'=>['security','compatible','compatible+open'],'msg'=>'API模式参数错误'], - 'login_page'=>['v'=>['admin','index','auto'],'msg'=>'登录成功参数错误'] - ]; - foreach ($datas as $key => $data){ - if($data['int']){ - $LoginConfig[$key] = ($_POST[$key] >= $data['min'] && $_POST[$key] <= $data['max'])?intval($_POST[$key]):msg(-1,$data['msg']); - }elseif(isset($data['v'])){ - $LoginConfig[$key] = in_array($_POST[$key],$data['v']) ? $_POST[$key]:msg(-1,$data['msg']); - }else{ - $LoginConfig[$key] = $data['empty']?$_POST[$key]:(!empty($_POST[$key])?$_POST[$key]:msg(-1,$data['msg'])); - } - } - $LoginConfig['Login'] = '0'; - $LoginConfig['Password2'] = ''; - update_db("global_config",["v"=>$LoginConfig],["k"=>'LoginConfig']); - - //站点配置 - $datas = [ - 'title'=>['empty'=>false,'msg'=>'主标题不能为空'], - 'subtitle'=>['empty'=>true], - 'logo'=>['empty'=>true], - 'keywords'=>['empty'=>true], - 'description'=>['empty'=>true], - 'link_model'=>['v'=>['direct','Privacy','302','Transition'],'msg'=>'链接模式参数错误'], - 'link_icon'=>['int'=>true,'min'=>0,'max'=>6,'msg'=>'链接图标参数错误'], - 'custom_header'=>['empty'=>true], - 'custom_footer'=>['empty'=>true] - ]; - $s_site = []; - foreach ($datas as $key => $data){ - if($data['int']){ - $s_site[$key] = ($_POST[$key] >= $data['min'] && $_POST[$key] <= $data['max'])?intval($_POST[$key]):msg(-1,$data['msg']); - }elseif(isset($data['v'])){ - $s_site[$key] = in_array($_POST[$key],$data['v']) ? $_POST[$key]:msg(-1,$data['msg']); - }else{ - $s_site[$key] = $data['empty']?$_POST[$key]:(!empty($_POST[$key])?$_POST[$key]:msg(-1,$data['msg'])); - } - } - update_db("global_config",["v"=>$s_site],["k"=>'s_site'],[1,'保存成功']); + msg(1,'请更新系统后再试'); } //读日志 function read_log(){ @@ -741,45 +442,14 @@ function other_root(){ $data = get_db("global_config", "v", ["k" => "username_retain"]); msgA(['code'=>1,'msg'=>'获取成功','data'=>$data]); }elseif($_GET['type'] == 'write_username_retain'){ - //遍历检测语法 - $patterns = explode("\n",$_POST['username_retain']); - foreach($patterns as $pattern){ - if (@preg_match($pattern, '') === false) { - msg(-1,'正则表达式语法错误,请检查'); - } - } if(!is_subscribe('bool')){ msg(-1,'未检测到有效授权'); } - write_global_config('username_retain',$_POST['username_retain'],'账号保留'); - msg(1,'保存成功'); + msg(1,'请更新系统后再试'); }elseif($_GET['type'] == 'write_mail_config'){ if($GLOBALS['global_config']['offline'] == '1'){msg(-1,"离线模式无法使用此功能");} if(!is_subscribe('bool')){msg(-1,"未检测到有效授权,无法使用该功能!");} - //检测PHPMailer是否存在 - clearstatcache(); - if(!is_file(DIR.'/system/PHPMailer/PHPMailer.php')){ - $filePath = "./data/temp/PHPMailer_6.8.0.tar.gz"; - if(downFile('https://update.lm21.top/TwoNav/updata/PHPMailer_6.8.0.tar.gz','PHPMailer_6.8.0.tar.gz','./data/temp/')){ - $file_md5 = md5_file($filePath); - if($file_md5 != "07251997fb7ebf3bf2d296d4214ccf0a"){ - unlink($filePath); - msg(-1,'效验PHPMailer失败
!'); - } - }else{ - msg(-1,'下载PHPMailer失败,请重试!
如需手动安装可联系技术支持!'); - } - try { - $phar = new PharData($filePath); - $phar->extractTo('./system/', null, true); - unlink($filePath); - clearstatcache(); - } catch (Exception $e) { - msg(-1,'安装PHPMailer失败'); - } - } - write_global_config('mail_config',$_POST,'账号保留'); - msg(1,'保存成功'); + msg(1,'请更新系统后再试'); }elseif($_GET['type'] == 'write_mail_test'){ $_POST['Subject'] = 'TwoNav 测试邮件' . time(); $_POST['Body'] = '

TwoNav 测试邮件

' . date('Y-m-d H:i:s'); @@ -787,8 +457,7 @@ function other_root(){ }elseif($_GET['type'] == 'write_icon_config'){ if($GLOBALS['global_config']['offline'] == '1'){msg(-1,"离线模式无法使用此功能");} if(!is_subscribe('bool')){msg(-1,"未检测到有效授权,无法使用该功能!");} - write_global_config('icon_config',$_POST,'图标配置'); - msg(1,'保存成功'); + msg(1,'请更新系统后再试'); }elseif($_GET['type'] == 'write_icon_del_cache'){ //删除数据库缓存信息 if(empty(count_db('global_icon','*'))){ @@ -808,12 +477,6 @@ function other_root(){ } msg(1,'操作成功'); - }elseif($_GET['type'] == 'write_sitemap_config'){ - if(!is_subscribe('bool')){ - msg(-1,'未检测到有效授权'); - } - write_global_config('sitemap_config',$_POST,'站点地图配置'); - msg(1,'保存成功'); } } diff --git a/system/expand/apply.php b/system/expand/apply.php index 355b96f..3ea701b 100644 --- a/system/expand/apply.php +++ b/system/expand/apply.php @@ -1,133 +1,6 @@ "apply","uid"=>UID])); -// 用户关闭收录申请 -if ( $apply['apply'] == 0 ){ - if($_SERVER['REQUEST_METHOD'] === 'GET'){ - load_tip(); - }else{ - msg(-1,"用户已关闭收录申请"); - } -} -//get请求载入页面 if($_SERVER['REQUEST_METHOD'] === 'GET'){ - require DIR."/system/templates.php"; - require($index_path); - exit; + exit('当前为免费版,不支持此功能'); } -//载入提示页 -function load_tip() { - $content = '站长或用户未开启申请收录功能'; - require DIR.'/templates/admin/page/404.php'; - exit; -} - -//强制加载防火墙来过滤相关攻击! -$global_config['XSS_WAF'] = 1; $global_config['SQL_WAF'] = 1; -require DIR.'/system/firewall.php'; - -// 遍历请求表单,拦截可疑内容! -foreach($_POST as $key =>$value){ - if( htmlspecialchars($value,ENT_QUOTES) != $value ){ - msg(-1,$key.' > 请避免使用<\'&">单引号,双引号等特殊字符!'); - }elseif( strlen($value) >= 256 ){ - msg(-1,$key.' > 字符串长度不允许超过256'); - } -} - - -$title = $_POST['title']; -$url = $_POST['url']; -$iconurl = $_POST['iconurl'] ?? ''; -$description = $_POST['description'] ?? ''; -$category_id = intval ($_POST['category_id']); -$email = $_POST['email'] ?? ''; -$user_ip = Get_IP(); -if( !filter_var($url, FILTER_VALIDATE_URL) ) { - msg(-1,'URL无效!'); -}elseif(!empty($apply['iconurl']) && !filter_var($iconurl, FILTER_VALIDATE_URL) ){ - msg(-1,'网站图标无效!'); -}elseif(!empty($apply['email']) && !preg_match('/^([a-zA-Z]|[0-9])(\w|\-)+@[a-zA-Z0-9]+\.([a-zA-Z]{2,4})$/',$email)){ - msg(-1,'联系邮箱无效!'); -}elseif(!isset($_POST['category_id'])){ - msg(-1,'分类ID不能为空!'); -}elseif(!isset($_POST['title'])){ - msg(-1,'网站标题不能为空!'); -}elseif(!empty($apply['description']) && empty($_POST['description'])){ - msg(-1,'网站描述不能为空!'); -} -//获取和检查分类信息 -$where['cid'] = $category_id; -$where['uid'] = UID; -$category_info = get_db('user_categorys',['cid','fid','property','name','font_icon','description'],$where); -if(empty($category_info) || $category_info['property'] != 0){ - msgA(['code'=>-1,'msg'=>'没有找到分类信息']); -} - -//检查是否重复 -$url_data = get_db("user_apply","*",["url"=> $url,'uid'=>UID ]); -if(isset($url_data['id'])){ - if ($url_data['state'] == 0){ - msg(-1,'审核中,请勿重复提交!'); - }elseif ($url_data['state'] == 1 || $url_data['state'] == 3 ){ - msg(-1,'已通过,请勿重复提交!'); - }elseif ($url_data['state'] == 2){ - msg(-1,'已拒绝,请勿重复提交!'); - } -} - -// 统计IP 24小时内提交的数量!,超限则拦截! -$count = count_db("user_apply", ["uid"=>UID , "ip" => $user_ip ,"time[>]" => time() - 60*60*24]); -if ($count >= $apply['submit_limit'] ?? 5){ - msg(-1,'您提交的申请数量已达到上限!请明天再试!'); -} - - -$data = [ - 'uid' => UID, - 'iconurl' => $iconurl, - 'title' => $title, - 'url' => $url, - 'email' => $email, - 'ip' => $user_ip, - 'ua' => $_SERVER['HTTP_USER_AGENT'], - 'time' => time(), - 'state' => 0, // 0.待审核 1.手动通过 2.已拒绝 3.自动通过 - 'category_id' => $category_id, - 'category_name' => $category_info['name'], - 'description' => $description -]; - -//0.关闭 1.开启 2.无需审核 -if($apply['apply'] == 1){ - $data['state'] = 0 ; -}elseif($apply['apply'] == 2){ - $data['state'] = 3 ; - if(!empty(get_db("user_links","*",["url"=> $url,'uid'=>UID ]))){ - msg(-1,'URL已经存在!'); //存在于链接列表中! - } - $lid = get_maxid('link_id'); - $url_data = [ - 'lid' => $lid, - 'uid' => UID, - 'fid' => $category_id, - 'title' => $title, - 'url' => $url, - 'description' => $description, - 'add_time' => time(), - 'up_time' => time(), - 'weight' => 0, - 'property' => 0, - 'icon' => $iconurl - ]; - insert_db('user_links',$url_data); -} -insert_db('user_apply',$data,[1,'提交成功!']); +msg(-1,'当前为免费版,不支持此功能'); ?> diff --git a/system/expand/guestbook.php b/system/expand/guestbook.php index 8e76ecf..3ea701b 100644 --- a/system/expand/guestbook.php +++ b/system/expand/guestbook.php @@ -1,74 +1,6 @@ "guestbook","uid"=>UID]) ); -if(empty($s) || $s['allow'] != 1){ - $content = '站点已设置禁止留言'; - require DIR.'/templates/admin/page/404.php'; - exit; -} -if(!Check_Path("data/user/{$u}/MessageBoard")){ - exit("

创建目录失败,请检查权限

"); -} - -//POST提交留言 -if($_SERVER['REQUEST_METHOD'] === 'POST'){ - if($s['allow'] != '1'){ msg(-1,'提交失败,当前禁止留言!'); } - $type = $_POST['type']; //类型 - $contact = $_POST['contact']; //联系方式 - $title = $_POST['title']; //标题 - $content = $_POST['content']; //内容 - if(empty($type)){ - msg(-1,'提交失败,类型不能为空'); - }elseif(empty($contact)){ - msg(-1,'提交失败,联系方式不能为空'); - }elseif(empty($title)){ - msg(-1,'提交失败,标题不能为空'); - }elseif(empty($content)){ - msg(-1,'提交失败,内容不能为空'); - }elseif(strlen($type) >= 32 || strlen($contact) >= 64 || strlen($title) >= 128 || strlen($content) >= 2048){ - msg(-1,'提交失败,长度超限'); - }elseif(ShuLiang("data/user/{$u}/MessageBoard/") > 256){ - msg(-1,'提交失败,留言太多了请稍后再试'); - } - - $json_arr = array( - 'type'=>htmlentities($type), - 'contact'=>htmlentities($contact), - 'title'=>htmlentities($title), - 'content'=>htmlentities($content), - 'time'=>time(), - 'ip'=>get_IP() - ); - //限制长度 参数 - //var_dump($json_arr);exit; - $json = json_encode($json_arr); - $path = "data/user/{$u}/MessageBoard/".time().'_'.crc32($json).'.json'; - if( Check_Path("data/user/{$u}/MessageBoard") && file_put_contents($path, $json)){ - msg(1,'提交成功'); - }else{ - msg(-1,'系统错误,提交失败'); //创建目录或写入文件失败,请检查权限 - } - } - -//获取文件数 -function ShuLiang($path){ - $sl=0; - $arr = glob($path); - foreach ($arr as $v){ - if(is_file($v)){ - $sl++; - }else{ - $sl+=ShuLiang($v."/*"); - } - } - return $sl; -} - -//通用数据初始化 -require DIR."/system/templates.php"; -require $index_path; -exit; \ No newline at end of file +msg(-1,'当前为免费版,不支持此功能'); +?> diff --git a/system/expand/sitemap.php b/system/expand/sitemap.php deleted file mode 100644 index ed97644..0000000 --- a/system/expand/sitemap.php +++ /dev/null @@ -1,46 +0,0 @@ - "sitemap_config"])); - -//储存路径 -$sitemap_path = DIR . "/data/user/{$u}/sitemap.php"; - -//载入生成脚本 -require 'sitemap_create.php'; - -//是否为手动生成 -if(!empty($_GET['mode'])){ - if($sitemap_config['switch'] != '1'){ - msg(-1,'请将功能开关设为开启并保存'); - }else{ - create_sitemap($sitemap_config,$sitemap_path,$u); - msg(1,'生成完毕'); - } -}else{ - //未开启被动请求时,如果有缓存文件则返回 - if($sitemap_config['beidong'] != '1'){ - if(file_exists($sitemap_path)){ - exit(file_get_contents($sitemap_path) ?? ''); - } - exit; - } -} - -//未开启功能时不输出任何数据 -if($sitemap_config['switch'] != '1'){ - exit; -} - -//判断是否需要更新 -if(is_Update_Sitemap($sitemap_config,$sitemap_path)){ - exit (create_sitemap($sitemap_config,$sitemap_path,$u)); -}else{ - exit(file_get_contents($sitemap_path) ?? ''); -} - -?> diff --git a/system/expand/sitemap_create.php b/system/expand/sitemap_create.php deleted file mode 100644 index 7fd9e49..0000000 --- a/system/expand/sitemap_create.php +++ /dev/null @@ -1,148 +0,0 @@ - 30 * 24 * 60 * 60, // 30天 - 'weekly' => 7 * 24 * 60 * 60, // 7天 - 'daily' => 24 * 60 * 60, // 1天 - 'hourly' => 60 * 60, // 1小时 - 'minute' => 60, //1分钟 - 'second' => 1 //1秒 - ]; - - $interval_seconds = $timeIntervals[$sitemap_config['changefreq']] ?? 86400; //间隔秒 - if (time() - $up_time >= $interval_seconds){ - return true; - }else{ - return false; - } - //缓存文件不存在时重新创建地图 - }else{ - return true; - } -} - -//创建地图数据函数 -function create_sitemap($sitemap_config,$sitemap_path,$u){ - //创建一个空的 XML 文档 - $xml = new DOMDocument('1.0', 'UTF-8'); - $xml->formatOutput = true; - //创建根元素 - $urlset = $xml->createElement('urlset'); - $urlset->setAttribute('xmlns', 'http://www.sitemaps.org/schemas/sitemap/0.9'); - $xml->appendChild($urlset); - //今天 - $today = date("Y-m-d\TH:i:s", time()); - //域名 - $host = $_SERVER['HTTP_HOST']; // 获取主机名 - $port = isset($_SERVER['SERVER_PORT']) ? ($_SERVER['SERVER_PORT'] == 80 || $_SERVER['SERVER_PORT'] == 443 ? '' : ':'.$_SERVER['SERVER_PORT']) : ''; // 获取端口号 - $scheme = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https://' : 'http://'; // 获取协议 - $host = $scheme.$host.$port; - //用户主页 0.关闭 1.动态地址 2.静态地址 3.二级域名 - if($sitemap_config['user_homepage'] > 0){ - //读取用户列表 - $user_list = select_db('global_user','User',''); - if($sitemap_config['user_homepage'] == '3'){ - $strings = explode('.',$_SERVER['HTTP_HOST']); - if(count($strings) == 3){ - $root_domain = "{$strings[1]}.{$strings[2]}"; - }elseif(count($strings) == 2){ - $root_domain = $_SERVER['HTTP_HOST']; - }else{ - $sitemap_config['user_homepage'] == '1'; - } - } - //遍历用户列表 - foreach($user_list as $user){ - if($sitemap_config['user_homepage'] == '2'){ - $locurl = "{$host}/{$user}.html"; - }elseif($sitemap_config['user_homepage'] == '3'){ - $locurl = "{$scheme}{$user}.{$root_domain}"; - }else{ - $locurl = "{$host}/index.php?u={$user}"; - } - //生成数据 - $url = createUrlElement($xml, $locurl, $today, $sitemap_config['user_homepage_changefreq'], $sitemap_config['user_homepage_weight']); - $urlset->appendChild($url); - } - - } - - //过度页面 0.关闭 1.动态 2.静态 - if($sitemap_config['click_page'] > 0){ - $category_parent = []; //父分类 - $categorys = []; //全部分类 - //查找条件 - 分类 - $where['uid'] = UID; - $where['fid'] = 0; - $where['pid'] = 0; - $where['status'] = 1; - $where['ORDER'] = ['weight'=>'ASC']; - $where['property'] = 0; - //查找一级分类 - $category_parent = select_db('user_categorys','cid',$where); - //遍历二级分类 - foreach ($category_parent as $cid) { - $where['fid'] = $cid; - $category_subitem = select_db('user_categorys','cid',$where); - array_push($categorys,$cid); - $categorys = array_merge ($categorys,$category_subitem); - } - - //遍历链接 - foreach ($categorys as $cid) { - $where['fid'] = $cid; - $links = select_db('user_links',['lid','up_time'],$where); - foreach ($links as $link) { - if($sitemap_config['click_page'] == '2'){ - $locurl = "{$host}/{$u}/click/{$link['lid']}.html"; - }else{ - $locurl = "{$host}/index.php?c=click&id={$link['lid']}&u={$u}"; - } - $url = createUrlElement($xml, $locurl, date("Y-m-d\TH:i:s", $link['up_time']), $sitemap_config['click_page_changefreq'], $sitemap_config['click_page_weight']); - $urlset->appendChild($url); - } - } - } - - //文章页面 - if($sitemap_config['article_page'] > 0){ - $article_list = select_db('user_article_list',['id','up_time'],['state'=>1,'uid'=>UID]); - foreach ($article_list as $data) { - if($sitemap_config['article_page'] == '2'){ - $locurl = "{$host}/{$u}/article/{$data['id']}.html"; - }else{ - $locurl = "{$host}/index.php?c=article&id={$data['id']}&u={$u}"; - } - $url = createUrlElement($xml, $locurl, date("Y-m-d\TH:i:s", $data['up_time']), $sitemap_config['article_page_changefreq'], $sitemap_config['article_page_weight']); - $urlset->appendChild($url); - } - } - - //保存 XML 内容到文件 - $xml->save($sitemap_path); - - //返回内容 - return $xml->saveXML(); -} - -// 生成URL元素 -function createUrlElement($xml, $loc, $lastmod, $changefreq, $priority) { - $url = $xml->createElement('url'); - - $locElem = $xml->createElement('loc', htmlspecialchars($loc)); - $url->appendChild($locElem); - - $lastmodElem = $xml->createElement('lastmod', $lastmod); - $url->appendChild($lastmodElem); - - $changefreqElem = $xml->createElement('changefreq', $changefreq); - $url->appendChild($changefreqElem); - - $priorityElem = $xml->createElement('priority', $priority); - $url->appendChild($priorityElem); - - return $url; -} \ No newline at end of file diff --git a/system/public.php b/system/public.php index c133b80..f649e15 100644 --- a/system/public.php +++ b/system/public.php @@ -530,7 +530,7 @@ function get_http_code($url,$TIMEOUT = 10 ,$NOBODY = true) { return $return; } -function ccurl($url,$overtime = 3,$Referer = false){ +function ccurl($url,$overtime = 3,$Referer = false,$post_data = false){ try { $curl = curl_init ( $url ) ; //初始化 curl_setopt($curl, CURLOPT_TIMEOUT, $overtime ); //超时 @@ -539,6 +539,11 @@ function ccurl($url,$overtime = 3,$Referer = false){ curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); + if(!empty($post_data)){ + curl_setopt($curl, CURLOPT_POST, true); + curl_setopt($curl, CURLOPT_POSTFIELDS, $post_data); + } + if($Referer === true){ curl_setopt($curl, CURLOPT_REFERER, $_SERVER['HTTP_REFERER']); }elseif(!empty($Referer)){ @@ -666,6 +671,25 @@ function check_purview($name,$return_type){ } } +//数据加密函 +function data_encryption($method,$extend = []){ + $subscribe = unserialize(get_db('global_config','v',["k" => "s_subscribe"])); + if(!isset($subscribe['public']) || empty($subscribe['public'])){ + msg(-1,'未检测到授权秘钥,如果已经获取授权,请在授权管理页面点击保存设置后在重试!'); + } + $data['key'] = $subscribe['order_id']; + $data['host'] = $_SERVER['HTTP_HOST']; + $data['time'] = time(); + $data['ip'] = Get_IP(); + $data['method'] = $method; + $publicKey = openssl_pkey_get_public($subscribe['public']); + openssl_public_encrypt(json_encode($data), $encryptedData, $publicKey, OPENSSL_PKCS1_PADDING); + $data = $extend; + $data['data'] = base64_encode($encryptedData); + $data['md5'] = md5($subscribe['order_id']); + $data['email'] = md5($subscribe['email']); + return json_encode($data); +} //字节格式化 function byteFormat($bytes) { $sizetext = array(" B", " KB", " MB", " GB", " TB", " PB", " EB", " ZB", " YB"); diff --git a/system/version.txt b/system/version.txt index 9ad4add..590ce1f 100644 --- a/system/version.txt +++ b/system/version.txt @@ -1 +1 @@ -v2.0.39-20230913 \ No newline at end of file +v2.0.40-20230916 \ No newline at end of file diff --git a/templates/admin/js/public.js b/templates/admin/js/public.js index f1a9309..ace5e07 100644 --- a/templates/admin/js/public.js +++ b/templates/admin/js/public.js @@ -73,6 +73,10 @@ function Get_baseUrl() { return baseUrl; } +function Authorization_Prompt() { + layer.alert("您正在使用的是免费版,此功能需购买授权才可使用
如果您已购买授权,请在授权管理页面输入并保存
然后在更新系统即可解锁全部功能!") +} + //帮助 if (typeof jQuery != 'undefined') { $("#help").click(function(){ diff --git a/templates/admin/other/verify_link_pwd.php b/templates/admin/other/verify_link_pwd.php deleted file mode 100644 index 9b32871..0000000 --- a/templates/admin/other/verify_link_pwd.php +++ /dev/null @@ -1,91 +0,0 @@ - - - - - - 查看加密链接 - TwoNav - - - - - - - - - - - -
-
- - -
-
-
- |':'').$ICP; ?> -
- - - - - - \ No newline at end of file diff --git a/templates/admin/other/verify_pwd2.php b/templates/admin/other/verify_pwd2.php deleted file mode 100644 index a414c03..0000000 --- a/templates/admin/other/verify_pwd2.php +++ /dev/null @@ -1,90 +0,0 @@ - - - - - - 查看加密链接 - TwoNav - - - - - - - - - - - -
-
- - -
-
-
- |':'').$ICP; ?> -
- - - - - - \ No newline at end of file diff --git a/templates/admin/other/verify_share_pwd.php b/templates/admin/other/verify_share_pwd.php deleted file mode 100644 index e630f44..0000000 --- a/templates/admin/other/verify_share_pwd.php +++ /dev/null @@ -1,88 +0,0 @@ - - - - - - 提取书签 - TwoNav - - - - - - - - - - - -
-
- - -
-
-
- |':'').$ICP; ?> -
- - - - - \ No newline at end of file diff --git a/templates/admin/page/expand/apply-admin.php b/templates/admin/page/expand/apply-admin.php index 1ffd94b..4d3dc4d 100644 --- a/templates/admin/page/expand/apply-admin.php +++ b/templates/admin/page/expand/apply-admin.php @@ -1,8 +1,8 @@ "apply","uid"=>UID]) ); $title='收录管理';$awesome=true; require dirname(__DIR__).'/header.php'; ?> diff --git a/templates/admin/page/expand/apply-user.php b/templates/admin/page/expand/apply-user.php index 3936e3f..8578849 100644 --- a/templates/admin/page/expand/apply-user.php +++ b/templates/admin/page/expand/apply-user.php @@ -95,18 +95,7 @@ layui.use(['form'], function(){ } }); return false; - }); + }); }); diff --git a/templates/admin/page/expand/article-edit.php b/templates/admin/page/expand/article-edit.php index 0b4d7ed..81b1aa6 100644 --- a/templates/admin/page/expand/article-edit.php +++ b/templates/admin/page/expand/article-edit.php @@ -1,24 +1,9 @@ 如果您是站长,请在系统设置页面点击确定保存,系统将自动下载相关资源!
如果您是用户,请联系站长处理或耐心等候!'; - require DIR.'/templates/admin/page/404.php'; - exit; -} +$content = '免费版不支持此功能,请购买授权'; +require DIR.'/templates/admin/page/404.php'; +exit; + $article_id = Get('id'); $mode = empty($article_id) ? 'add' : 'edit' ; @@ -30,7 +15,6 @@ if($mode == 'edit'){ }else{ $mode = 'add'; } - } $title = $mode == 'add' ? '添加文章' : '编辑文章'; diff --git a/templates/admin/page/expand/article-list.php b/templates/admin/page/expand/article-list.php index ae05d27..329ff27 100644 --- a/templates/admin/page/expand/article-list.php +++ b/templates/admin/page/expand/article-list.php @@ -1,10 +1,6 @@ UID,'k'=>'s_site'])); $set['visual'] = $s_site['article_visual'] ?? '1'; $set['icon'] = $s_site['article_icon'] ?? '1'; $title='文章列表'; @@ -244,57 +240,13 @@ layui.use(['form','table','dropdown','miniTab'], function () { id: 'push' }], click: function(obj){ - let checkStatus = table.checkStatus('table').data; - if( checkStatus.length == 0 ) { - layer.msg('未选中任何数据!'); - return; - } - //获取被选ID并格式化 - tableIds = checkStatus.map(function (value) {return value.id;}); - tableIds = JSON.stringify(tableIds); - //删除文章 - if(obj.id == 'del_article'){ - layer.confirm('确认删除?',{icon: 3, title:'温馨提示'}, function(index){ - $.post(get_api('write_article','del_article'),{id:tableIds},function(data,status){ - if(data.code == 1) { - search(); - layer.msg(data.msg, {icon: 1}); - }else{ - layer.msg(data.msg, {icon: 5}); - } - }); - }); - }else if(obj.id == 'up_category'){ - index = layer.open({type: 1,scrollbar: false,shadeClose: true,title: false ,area : ['100%', '100%'],closeBtn:0,content: $('.batch_category')}); - }else if(obj.id == 'up_state'){ - $.post(get_api('write_article','up_state'),{'id':tableIds,'state_id':obj.value},function(data,status){ - if(data.code == 1) { - search(); - layer.msg('操作成功', {icon: 1}); - }else{ - layer.msg(data.msg || '未知错误',{icon: 5}); - } - }); - }else if(obj.id == 'push'){ - index = layer.open({type: 1,scrollbar: false,shadeClose: true,title: '推送工具',area : ['100%', '100%'],content: $('.push')}); - } + Authorization_Prompt(); } }); } //开始推送 $('#start_push').click(function () { - let checkStatus = table.checkStatus('table'); - tableIds = checkStatus.data.map(function (value) {return value.id;}); - tableIds = JSON.stringify(tableIds); - $.post(get_api('other_baidu_push'),{'type':'article','push_api':$('#push_api').val(),'id':tableIds},function(data,status){ - if(data.code == -1){ - layer.msg(data.msg,{icon: 5}); - }else if(data.code == 200){ - layer.alert('成功推送的条数: ' + data.data.success + '
当天剩余的可推送条数: ' + data.data.remain + (data.data.not_same_site && data.data.not_same_site.length > 0 ? "
未处理的条数(非本站URL): " + data.data.not_same_site.length:'') + (data.data.not_valid && data.data.not_valid.length > 0 ? "
不合法的URL条数: " + data.data.not_valid.length:'')); - }else{ - layer.alert('错误代码: ' + data.data.error + '
错误描述: ' + data.data.message); - } - }); + Authorization_Prompt(); return false; }); //关闭按钮 @@ -320,94 +272,23 @@ layui.use(['form','table','dropdown','miniTab'], function () { } //监听工具栏 table.on('toolbar(table)', function (obj) { - var btn = obj.event; - if (btn == 'add_article') { //添加文章 - layer.open({ - title: false, - type: 2, - scrollbar: false, - shade: 0.2, - maxmin:false, - shadeClose: true, - closeBtn:0, - area: ['100%', '100%'], - content: './?c=admin&page=expand/article-edit&u=' + u, - end: function(){ - search(); - } - }); - }else if(btn == 'set'){ //设置 + if(obj.event == 'set'){ //设置 index = layer.open({type: 1,scrollbar: false,shadeClose: true,title: false ,area : ['100%', '100%'],closeBtn:0,content: $('.set')}); - }else{ //综合批量操作 - //取选中数据 - var checkStatus = table.checkStatus(obj.config.id); - if( checkStatus.data.length == 0 && ['LAYTABLE_COLS','LAYTABLE_EXPORT','LAYTABLE_PRINT'].indexOf(btn) == -1 ) { - layer.msg('未选中任何数据!'); - return; - } - //批量删除 - if(btn == 'batch_del'){ - tableIds = checkStatus.data.map(function (value) {return value.id;}); - tableIds = JSON.stringify(tableIds); - layer.confirm('确认删除?',{icon: 3, title:'温馨提示'}, function(index){ - $.post(get_api('write_article','del_article'),{id:tableIds},function(data,status){ - if(data.code == 1) { - search(); - layer.msg(data.msg, {icon: 1}); - }else{ - layer.msg(data.msg, {icon: 5}); - } - }); - }); - } + return false; } + Authorization_Prompt(); }); //监听行工具 table.on('tool(table)', function (obj) { - let btn = obj.event; - let data = obj.data; - if (btn === 'del') { - layer.confirm('确认删除?',{icon: 3, title:'温馨提示'}, function(index){ - $.post(get_api('write_article','del_article'),{id:'['+data.id+']'},function(data,status){ - if(data.code == 1) { - obj.del(); - layer.msg(data.msg, {icon: 1}); - }else{ - layer.msg(data.msg, {icon: 5}); - } - }); - }); - }else if(btn === 'edit'){ - layer.open({ - title: false, - type: 2, - scrollbar: false, - shade: 0.2, - maxmin:false, - shadeClose: true, - closeBtn:0, - area: ['100%', '100%'], - content: './?c=admin&page=expand/article-edit&id='+data.id+'&u=' + u, - end: function(){ - search(); - } - }); - } + Authorization_Prompt(); }); //设置相关 form.val('set_form', ); $('#save_set').on('click', function(){ - $.post(get_api('write_article','save_article_set'),form.val('set_form'),function(data,status){ - if(data.code == 1) { - layer.close(index); - layer.msg('操作成功', {icon: 1}); - }else{ - layer.msg(data.msg || '未知错误',{icon: 5}); - } - }); + Authorization_Prompt(); return false; }); //取消按钮 @@ -418,16 +299,7 @@ layui.use(['form','table','dropdown','miniTab'], function () { //批量修改分类 $('#batch_category').click(function () { - fid = $('#batch_category_fid').val(); - $.post(get_api('write_article','up_category'),{'id':tableIds,'category_id':fid},function(data,status){ - if(data.code == 1) { - search(); - layer.close(index); - layer.msg('操作成功', {icon: 1}); - }else{ - layer.msg(data.msg || '未知错误',{icon: 5}); - } - }); + Authorization_Prompt(); return false; }); diff --git a/templates/admin/page/expand/guestbook-admin.php b/templates/admin/page/expand/guestbook-admin.php index 5f7fc2a..611a55d 100644 --- a/templates/admin/page/expand/guestbook-admin.php +++ b/templates/admin/page/expand/guestbook-admin.php @@ -1,8 +1,4 @@ "guestbook","uid"=>UID]) ); if(empty($s)){ @@ -140,24 +136,11 @@ $('.click').click(function (event) { }); function del(name) { - $.post('',{'type':'del','name':name},function(data,status){ - if(data.code == 1) { - layer.msg("删除成功", {icon: 1}); - setTimeout(() => {location.reload();}, 500); - }else{ - layer.msg(data.msg, {icon: 5}); - } - }); + Authorization_Prompt(); } function set(key){ - $.post('',{'type':'set','set':key},function(data,status){ - if(data.code == 1) { - location.reload(); - }else{ - layer.msg(data.msg, {icon: 5}); - } - }); + Authorization_Prompt(); } diff --git a/templates/admin/page/expand/sitemap.php b/templates/admin/page/expand/sitemap.php index f77a316..f6e2111 100644 --- a/templates/admin/page/expand/sitemap.php +++ b/templates/admin/page/expand/sitemap.php @@ -179,31 +179,12 @@ layui.use(['jquery','form'], function () { //监听提交 form.on('submit(save)', function (data) { - $.post(get_api('other_root','write_sitemap_config'),data.field,function(data,status){ - if(data.code == 1) { - if(data.msg!="保存成功"){ - layer.alert(data.msg) - }else{ - layer.msg(data.msg, {icon: 1}); - } - }else{ - layer.msg(data.msg, {icon: 5}); - } - }); + Authorization_Prompt(); return false; }); //测试 form.on('submit(generate)', function (data) { - layer.load(1, {shade:[0.3,'#fff']}); - layer.msg('正在处理中..', {icon: 16,time: 1000*300}); - $.post('./?c=sitemap&mode=manual',data.field,function(data,status){ - layer.closeAll(); - if(data.code == 1) { - layer.alert(data.msg); - }else{ - layer.msg(data.msg, {icon: 5}); - } - }); + Authorization_Prompt(); return false; }); diff --git a/templates/admin/page/home.php b/templates/admin/page/home.php index 2350f23..db61e53 100644 --- a/templates/admin/page/home.php +++ b/templates/admin/page/home.php @@ -15,17 +15,22 @@ if(!empty($Notice)){ //是否下载数据 if(!offline && $reload){ $overtime = !isset($global_config['Update_Overtime']) ? 3 : ($global_config['Update_Overtime'] < 3 || $global_config['Update_Overtime'] > 60 ? 3 : $global_config['Update_Overtime']); - $urls = [ - "lm21" => "https://update.lm21.top/TwoNav/Notice.json", - "gitee" => "https://gitee.com/tznb/twonav_updata/raw/master/Notice.json" - ]; + if(!is_subscribe('bool')){ + $urls = ["gitee" => "http://tznb.gitee.io/twonav_resource/Notice.json"]; + }else{ + $urls = ["twonav" => "http://service.twonav.cn/service.php"]; + } $Source = $global_config['Update_Source'] ?? ''; if (!empty($Source) && isset($urls[$Source])) { $urls = [$Source => $urls[$Source]]; } - foreach($urls as $key => $url){ - $Res = ccurl($url,$overtime); + foreach($urls as $key => $url){ + if($key == 'gitee'){ + $Res = ccurl($url,$overtime); + }else{ + $Res = ccurl($url,30,true,data_encryption('get_new_ver',['ver'=>SysVer])); + } $new_data = json_decode($Res['content'], true);unset($Res); if($new_data["code"] == 200 ){ //下载成功,写入缓存 $new_data['download_time'] = time(); diff --git a/templates/admin/page/root/mail_set.php b/templates/admin/page/root/mail_set.php index 9efe9b2..cac7c71 100644 --- a/templates/admin/page/root/mail_set.php +++ b/templates/admin/page/root/mail_set.php @@ -112,37 +112,14 @@ layui.use(['jquery','form'], function () { var form = layui.form; var layer = layui.layer; var $ = layui.jquery; - - //表单赋值 - form.val('form', "mail_config"])));?>); - //监听提交 form.on('submit(save)', function (data) { - $.post(get_api('other_root','write_mail_config'),data.field,function(data,status){ - if(data.code == 1) { - if(data.msg!="保存成功"){ - layer.alert(data.msg) - }else{ - layer.msg(data.msg, {icon: 1}); - } - }else{ - layer.msg(data.msg, {icon: 5}); - } - }); + Authorization_Prompt(); return false; }); //测试 form.on('submit(send_test)', function (data) { - layer.load(1, {shade:[0.3,'#fff']}); - layer.msg('正在发送中..', {icon: 16,time: 1000*300}); - $.post(get_api('other_root','write_mail_test'),data.field,function(data,status){ - layer.closeAll(); - if(data.code == 1) { - layer.alert(data.msg); - }else{ - layer.msg(data.msg, {icon: 5}); - } - }); + Authorization_Prompt(); return false; }); diff --git a/templates/admin/page/root/tool.php b/templates/admin/page/root/tool.php index 3b7ff19..0d7f353 100644 --- a/templates/admin/page/root/tool.php +++ b/templates/admin/page/root/tool.php @@ -20,7 +20,7 @@ require(dirname(__DIR__).'/header.php');
- + @@ -84,8 +84,7 @@ layui.use(['layer','form','miniTab'], function () { $("#console_log").append("客户端时间:" + timestampToTime(Math.round(new Date() / 1000) ) +"\n"); var urls = [ - ['主线路', 'https://update.lm21.top/connectivity_test.txt'], - ['备用线路(Gitee)', 'https://gitee.com/tznb/twonav_updata/raw/master/connectivity_test.txt'] + ['资源节点-码云', 'http://tznb.gitee.io/twonav_resource/connectivity_test.json'] ]; urls.forEach(function(route) { var routeName = route[0]; diff --git a/templates/admin/page/root/vip.php b/templates/admin/page/root/vip.php index 66c6ec6..f864352 100644 --- a/templates/admin/page/root/vip.php +++ b/templates/admin/page/root/vip.php @@ -12,12 +12,20 @@ if(!empty($Notice)){
+
+
  • 1. 购买授权后请按购买处提示使用授权
    • +
  • 2. 成功保存设置后返回概要页面并刷新
    • +
  • 3. 提示可以更新时请更新系统,更新后才可以使用全部功能
    • +
  • 4. 如果没有提示更新或无法更新,请等待1分钟后在重试
    • +
  • 5. 长时间未提示更新则检查服务器网络
    • +
  • 6. 其他疑问请联系客服QQ 271152681
    • +

    当前域名:

    - +
    @@ -89,7 +97,7 @@ layui.use(['jquery','form'], function () { //查询订阅 form.on('submit(get_subscribe)', function(data){ layer.load(2, {shade: [0.1,'#fff']}); - $.get('https://api.lm21.top/api.php?fn=get_subscribe',data.field,function(data,status){ + $.get('http://service.twonav.cn/api.php?fn=get_subscribe',data.field,function(data,status){ layer.closeAll('loading'); if(data.code == 200) { $("#order_id").val(data.data.order_id); @@ -114,11 +122,11 @@ layui.use(['jquery','form'], function () { return false; } layer.load(2, {shade: [0.1,'#fff']}); - $.get('https://api.lm21.top/api.php?fn=check_subscribe',data.field,function(data,status){ + $.get('http://service.twonav.cn/api.php?fn=check_subscribe',data.field,function(data,status){ layer.closeAll('loading'); if(data.code == 200) { $("#end_time").val(timestampToTime(data.data.end_time)); - set_subscribe(order_id,data.data.email,data.data.end_time,data.data.domain); + set_subscribe(data.data); }else{ layer.msg(data.msg, {icon: 5}); } @@ -141,14 +149,14 @@ layui.use(['jquery','form'], function () { $("#order_id").val(''); $("#email").val(''); $("#end_time").val('1970-01-01 08:00:00'); - set_subscribe('','','0',''); + set_subscribe(''); layer.closeAll('loading'); return false; }); //存储到数据库中 - function set_subscribe(order_id,email,end_time,domain) { - $.post(get_api('write_subscribe'),{order_id:order_id,email:email,end_time:end_time,domain:domain},function(data,status){ + function set_subscribe(data) { + $.post(get_api('write_subscribe'),data,function(data,status){ if(data.code == 1) { layer.msg(data.msg, {icon: 1}); }else{ diff --git a/templates/admin/page/theme_article.php b/templates/admin/page/theme_article.php deleted file mode 100644 index 0e92093..0000000 --- a/templates/admin/page/theme_article.php +++ /dev/null @@ -1,83 +0,0 @@ -UID,'k'=>'s_site'])); -?> - - -
    -
    -
    ;padding: 6px;"> - - 刷新数据 - -
    -
    -
    - $theme) { -$online = !empty($theme['info']['md5']); //在线主题! -if($s_templates['article'] == $key){ - $icon =' '; -}else{ - $icon =''; -} -$color = ($s_templates['article'] == $key ?"color: #03a9f4;":""); -?> - -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -下载'."\n"; - }elseif($theme['info']['up'] == 1){ //如果有更新则同时显示下载和使用 - echo $Space.''."\n"; - echo $Space.''."\n"; - }else{ //其他情况仅显示使用 - echo $Space.''."\n"; - } - echo $Space.''."\n"; - if($theme['info']['config'] == '1'){ //支持配置的主题显示配置 - echo $Space.''."\n"; - } - if($USER_DB['UserGroup'] === 'root' && !$online){ //管理员&本地主题>显示删除 - echo $Space.''."\n"; - } -?> -
    -
    -
    -
    - - - -
    -
    -
    -
    - - - - - - - - \ No newline at end of file diff --git a/templates/admin/page/theme_guide.php b/templates/admin/page/theme_guide.php deleted file mode 100644 index a6665c6..0000000 --- a/templates/admin/page/theme_guide.php +++ /dev/null @@ -1,84 +0,0 @@ - - - -
    -
    -
    ;padding: 6px;"> - - 刷新数据 - -
    -
    -
    - $theme) { -$online = !empty($theme['info']['md5']); //在线主题! -if($global_templates['guide'] == $key){ - $icon =' '; -}else{ - $icon =''; -} -$color = ($global_templates['guide'] == $key ?"color: #03a9f4;":""); -?> - -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -下载'."\n"; - }elseif($theme['info']['up'] == 1){ //如果有更新则同时显示下载和使用 - echo $Space.''."\n"; - echo $Space.''."\n"; - }else{ //其他情况仅显示使用 - echo $Space.''."\n"; - } - echo $Space.''."\n"; - if(!$online){ //本地主题显示预览 - //echo $Space.''."\n"; - } - if($theme['info']['config'] == '1'){ //支持配置的主题显示配置 - echo $Space.''."\n"; - } - if($USER_DB['UserGroup'] === 'root' && !$online){ //管理员&本地主题>显示删除 - echo $Space.''."\n"; - } -?> -
    -
    -
    -
    - - - -
    -
    -
    -
    - - - - - - - - \ No newline at end of file diff --git a/templates/admin/page/theme_home.php b/templates/admin/page/theme_home.php deleted file mode 100644 index 0dfadeb..0000000 --- a/templates/admin/page/theme_home.php +++ /dev/null @@ -1,94 +0,0 @@ - - - -
    -
    -
    ;padding: 6px;"> - - 刷新数据 - 登录模板 - 过渡模板 - 文章模板 - 注册模板';} ?> - 引导页模板';} ?> - -
    -
    -
    - $theme) { -$online = !empty($theme['info']['md5']); //在线主题! -if($s_templates['home_pc'] == $key && $s_templates['home_pad'] == $key){ - $icon =' '; -}elseif($s_templates['home_pc'] == $key){ - $icon =' '; -}elseif($s_templates['home_pad'] == $key){ - $icon =' '; -}else{ - $icon =''; -} -$color = ($s_templates['home_pc'] == $key || $s_templates['home_pad'] == $key ?"color: #03a9f4;":""); -?> - -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -下载'."\n"; - }elseif($theme['info']['up'] == 1){ //如果有更新则同时显示下载和使用 - echo $Space.''."\n"; - echo $Space.''."\n"; - }else{ //其他情况仅显示使用 - echo $Space.''."\n"; - } - echo $Space.''."\n"; - if(!$online){ //本地主题显示预览 - echo $Space.''."\n"; - } - if($theme['info']['config'] == '1' && $theme_set){ //支持配置的主题显示配置 - echo $Space.''."\n"; - } - if($USER_DB['UserGroup'] === 'root' && !$online){ //管理员&本地主题>显示删除 - echo $Space.''."\n"; - } -?> -
    -
    -
    -
    - - - -
    -
    -
    -
    - - - - - - - - \ No newline at end of file diff --git a/templates/admin/page/theme_login.php b/templates/admin/page/theme_login.php deleted file mode 100644 index 53d49e8..0000000 --- a/templates/admin/page/theme_login.php +++ /dev/null @@ -1,87 +0,0 @@ - - - -
    -
    -
    ;padding: 6px;"> - - 刷新数据 - 主页模板 - 过渡模板 - 注:登录样式只有使用您的专属登录入口时有效 <点击预览> - -
    -
    -
    - $theme) { -$online = !empty($theme['info']['md5']); //在线主题! -if($s_templates['login'] == $key){ - $icon =' '; -}else{ - $icon =''; -} -$color = ($s_templates['login'] == $key ?"color: #03a9f4;":""); -?> - -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -下载'."\n"; - }elseif($theme['info']['up'] == 1){ //如果有更新则同时显示下载和使用 - echo $Space.''."\n"; - echo $Space.''."\n"; - }else{ //其他情况仅显示使用 - echo $Space.''."\n"; - } - echo $Space.''."\n"; - if(!$online){ //本地主题显示预览 - //echo $Space.''."\n"; - } - if($theme['info']['config'] == '1'){ //支持配置的主题显示配置 - //echo $Space.''."\n"; - } - if($USER_DB['UserGroup'] === 'root' && !$online){ //管理员&本地主题>显示删除 - echo $Space.''."\n"; - } -?> -
    -
    -
    -
    - - - -
    -
    -
    -
    - - - - - - - - \ No newline at end of file diff --git a/templates/admin/page/theme_register.php b/templates/admin/page/theme_register.php deleted file mode 100644 index 64cfbff..0000000 --- a/templates/admin/page/theme_register.php +++ /dev/null @@ -1,86 +0,0 @@ - - - -
    -
    -
    ;padding: 6px;"> - - 刷新数据 - 主页模板 - 登录模板 - -
    -
    -
    - $theme) { -$online = !empty($theme['info']['md5']); //在线主题! -if($global_templates['register'] == $key){ - $icon =' '; -}else{ - $icon =''; -} -$color = ($global_templates['register'] == $key ?"color: #03a9f4;":""); -?> - -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -下载'."\n"; - }elseif($theme['info']['up'] == 1){ //如果有更新则同时显示下载和使用 - echo $Space.''."\n"; - echo $Space.''."\n"; - }else{ //其他情况仅显示使用 - echo $Space.''."\n"; - } - echo $Space.''."\n"; - if(!$online){ //本地主题显示预览 - //echo $Space.''."\n"; - } - if($theme['info']['config'] == '1'){ //支持配置的主题显示配置 - //echo $Space.''."\n"; - } - if($USER_DB['UserGroup'] === 'root' && !$online){ //管理员&本地主题>显示删除 - echo $Space.''."\n"; - } -?> -
    -
    -
    -
    - - - -
    -
    -
    -
    - - - - - - - - \ No newline at end of file diff --git a/templates/admin/page/theme_transit.php b/templates/admin/page/theme_transit.php deleted file mode 100644 index 767e993..0000000 --- a/templates/admin/page/theme_transit.php +++ /dev/null @@ -1,89 +0,0 @@ -UID,'k'=>'s_site'])); -$tip = $site['link_model'] == 'Transition'; -?> - - -
    -
    -
    ;padding: 6px;"> - - 刷新数据 - 设置注:请将站点设置>链接模式>改为过渡页面';}?> - -
    -
    -
    - $theme) { -$online = !empty($theme['info']['md5']); //在线主题! -if($s_templates['transit'] == $key){ - $icon =' '; -}else{ - $icon =''; -} -$color = ($s_templates['transit'] == $key ?"color: #03a9f4;":""); -?> - -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -下载'."\n"; - }elseif($theme['info']['up'] == 1){ //如果有更新则同时显示下载和使用 - echo $Space.''."\n"; - echo $Space.''."\n"; - }else{ //其他情况仅显示使用 - echo $Space.''."\n"; - } - echo $Space.''."\n"; - if(!$online){ //本地主题显示预览 - //echo $Space.''."\n"; - } - if($theme['info']['config'] == '1'){ //支持配置的主题显示配置 - echo $Space.''."\n"; - } - if($USER_DB['UserGroup'] === 'root' && !$online){ //管理员&本地主题>显示删除 - echo $Space.''."\n"; - } -?> -
    -
    -
    -
    - - - -
    -
    -
    -
    - - - - - - - - \ No newline at end of file diff --git a/templates/admin/page/updatelog.php b/templates/admin/page/updatelog.php index fb4ae22..887d8b5 100644 --- a/templates/admin/page/updatelog.php +++ b/templates/admin/page/updatelog.php @@ -2,6 +2,16 @@
    +
  • + +
    +

    v2.0.40-20230916

    +
      +
    • [优化] 优化资源节点,提高系统更新速度,主题下载速度,预览图加载速度!
      • +
    • [优化] 系统响应速度,修复已知问题
      • +
    +
    +
  • @@ -15,7 +25,6 @@
  • [修复] 全局类模板配置保存位置错误
  • [修复] 站点地图HTTPS访问时携带443端口的问题 #I80I6K
  • [变更] 阻止将登录/注册入口改成系统在使用的名称,避免产生冲突
    • -