renun/TwoNav
1
0
Fork 0
mirror of https://github.com/tznb1/TwoNav.git synced 2025-08-10 08:51:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

v2.0.24-20230605

Browse Source
This commit is contained in:
MI15\Win
2023-06-06 13:45:44 +08:00
parent b6b0d7efe5
commit 332cd313fb
14 changed files with 218 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.htaccess
View File

@@ -1,8 +1,12 @@
# Apache配置文件
RewriteEngine On
RewriteRule ^(data|system|templates)/.*.(db|db3|sql|tar|gz|zip|info|log)$ - [F]
# 安全规则(必选)
RewriteRule ^templates/.*\.(php|tar|gz|zip|info|log|json)$ - [F]
RewriteRule ^data/.*\.(db|db3|php|sql|tar|gz|zip|info|log|json)$ - [F]
# 重写规则(可选)
RewriteRule '^login$' ./index.php?c=login [L]
RewriteRule '^admin$' ./index.php?c=admin [L]
RewriteRule '^ico/(.+)' ./index.php?c=icon&url=$1 [L]
RewriteRule '^([A-Za-z0-9]+)$' ./index.php?u=$1 [L]
RewriteRule '^(.+)/click/([A-Za-z0-9]+)$' ./index.php?c=$2&id=$3&u=$1 [L]
RewriteRule '^(.+)/click/(.+)' ./$3 [L]

17
system/MySQL/20230605.php Normal file
View File

@@ -0,0 +1,17 @@
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
$sql ="
ALTER TABLE `global_user` CHANGE `RegIP` `RegIP` VARCHAR( 64 ) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '' COMMENT '注册IP';
ALTER TABLE `user_apply` CHANGE `ip` `ip` VARCHAR( 64 ) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '' COMMENT 'ip';
ALTER TABLE `user_apply` CHANGE `ua` `ua` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '' COMMENT '浏览器UA';
ALTER TABLE `user_share` CHANGE `description` `description` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '' COMMENT '备注';
ALTER TABLE `user_log` CHANGE `ip` `ip` VARCHAR( 64 ) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT '' COMMENT '请求ip';
ALTER TABLE `user_log` CHANGE `description` `description` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '' COMMENT '描述';
ALTER TABLE `user_login_info` CHANGE `ip` `ip` VARCHAR( 64 ) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '' COMMENT '登录IP';
ALTER TABLE `user_login_info` CHANGE `ua` `ua` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '' COMMENT '浏览器UA';
";
if(exe_sql($sql)){
insert_db('updatadb_logs',['file_name'=>$file_name,'update_time'=>time(),'status'=>'TRUE','extra'=>'']);
}else{
msg(-1,'数据库更新失败');
}

20
system/MySQL/install.sql
View File

@@ -45,6 +45,7 @@ CREATE TABLE IF NOT EXISTS `updatadb_logs` (
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230417.php', '1681719049', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230420.php', '1681977368', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230518.php', '1684393068', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230522.php', '1684762253', 'TRUE', '');
-- 创建用户表
DROP TABLE IF EXISTS `global_user`;
@@ -57,7 +58,7 @@ CREATE TABLE IF NOT EXISTS `global_user` (
`Email` varchar(32) NOT NULL COMMENT '邮箱',
`SecretKey` varchar(32) NOT NULL DEFAULT '' COMMENT 'SecretKey',
`Token` varchar(32) NOT NULL DEFAULT '' COMMENT 'Token',
`RegIP` varchar(15) NOT NULL COMMENT '注册IP',
`RegIP` varchar(64) NOT NULL DEFAULT '' COMMENT '注册IP',
`RegTime` int(10) UNSIGNED NOT NULL COMMENT '注册时间',
`Login` varchar(16) NOT NULL COMMENT '登录入口',
`LoginConfig` text NOT NULL COMMENT '登陆配置',
@@ -130,8 +131,8 @@ CREATE TABLE IF NOT EXISTS `user_login_info` (
`id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT,
`uid` int(10) UNSIGNED NOT NULL COMMENT '用户id',
`user` varchar(32) NOT NULL COMMENT '用户名',
`ip` varchar(15) NOT NULL COMMENT '登录IP',
`ua` varchar(256) NOT NULL COMMENT '浏览器UA',
`ip` varchar(64) NOT NULL DEFAULT '' COMMENT '登录IP',
`ua` TEXT NOT NULL DEFAULT '' COMMENT '浏览器UA',
`login_time` int(10) UNSIGNED NOT NULL COMMENT '登录时间',
`last_time` int(10) UNSIGNED NOT NULL COMMENT '最后访问时间',
`expire_time` int(10) UNSIGNED NOT NULL COMMENT '过期时间',
@@ -145,11 +146,11 @@ CREATE TABLE IF NOT EXISTS `user_log` (
`id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT,
`uid` int(10) UNSIGNED NOT NULL COMMENT '用户id',
`user` varchar(32) NOT NULL COMMENT '用户名',
`ip` varchar(15) NOT NULL COMMENT '请求ip',
`ip` varchar(64) NOT NULL DEFAULT '' COMMENT '请求ip',
`time` varchar(13) NOT NULL COMMENT '请求时间',
`type` varchar(16) NOT NULL COMMENT '日志类型',
`content` text NOT NULL COMMENT '请求内容',
`description` varchar(128) NOT NULL COMMENT '描述',
`description` text NOT NULL DEFAULT '' COMMENT '描述',
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 COMMENT='日志';
@@ -191,7 +192,8 @@ INSERT INTO `purview_list` (`code`, `name`, `description`) VALUES
('guestbook', '留言板', '允许使用留言板功能'),
('link_extend', '链接扩展', '允许使用链接扩展字段'),
('theme_in', '主题设置', '后台显示主题设置菜单'),
('theme_set', '主题配置', '允许自定义主题配置');
('theme_set', '主题配置', '允许自定义主题配置'),
('icon_pull', '图标拉取', '允许用户拉取链接图标');
-- 注册码列表
DROP TABLE IF EXISTS `regcode_list`;
@@ -228,9 +230,9 @@ CREATE TABLE IF NOT EXISTS `user_apply` (
`iconurl` varchar(512) NOT NULL COMMENT '图标url',
`title` varchar(512) NOT NULL COMMENT '标题',
`url` varchar(512) NOT NULL COMMENT '链接',
`ip` varchar(16) NOT NULL DEFAULT '' COMMENT 'ip',
`ip` varchar(64) NOT NULL DEFAULT '' COMMENT 'ip',
`email` varchar(128) NOT NULL DEFAULT '' COMMENT '邮箱',
`ua` varchar(512) NOT NULL DEFAULT '' COMMENT '浏览器UA',
`ua` TEXT NOT NULL DEFAULT '' COMMENT '浏览器UA',
`time` int(10) NOT NULL DEFAULT '0' COMMENT '时间',
`state` int(1) NOT NULL DEFAULT '0' COMMENT '状态',
`category_id` int(10) NOT NULL DEFAULT '0' COMMENT '分类id',
@@ -251,7 +253,7 @@ CREATE TABLE IF NOT EXISTS `user_share` (
`up_time` Bigint(13) NOT NULL DEFAULT '0' COMMENT '修改时间',
`expire_time` Bigint(13) UNSIGNED NOT NULL DEFAULT '0' COMMENT '到期时间',
`views` Bigint(13) NOT NULL DEFAULT '0' COMMENT '浏览数',
`description` varchar(13) NOT NULL DEFAULT '' COMMENT '备注',
`description` TEXT NOT NULL DEFAULT '' COMMENT '备注',
`type` int(1) NOT NULL COMMENT '类型',
`data` text NOT NULL COMMENT '数据',
`pv` int(1) NOT NULL COMMENT '私有可见',

21
system/SQLite/install.sql
View File

@@ -37,6 +37,8 @@ CREATE TABLE IF NOT EXISTS "updatadb_logs" (
);
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230417.php', '1681719049', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230420.php', '1681977368', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230522.php', '1684762253', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230605.php', '1685960298', 'TRUE', '');
-- 创建用户表
CREATE TABLE IF NOT EXISTS "global_user" (
@@ -48,7 +50,7 @@ CREATE TABLE IF NOT EXISTS "global_user" (
"Email" TEXT(32) NOT NULL,
"SecretKey" TEXT(32) NOT NULL DEFAULT "",
"Token" TEXT(32) NOT NULL DEFAULT "",
"RegIP" TEXT(15) NOT NULL,
"RegIP" TEXT(64) NOT NULL DEFAULT "",
"RegTime" integer(10) NOT NULL,
"Login" TEXT(16) NOT NULL,
"LoginConfig" TEXT NOT NULL,
@@ -107,8 +109,8 @@ CREATE TABLE IF NOT EXISTS "user_login_info" (
"id" integer NOT NULL PRIMARY KEY AUTOINCREMENT,
"uid" integer(10) NOT NULL,
"user" TEXT(32) NOT NULL,
"ip" TEXT(15) NOT NULL,
"ua" TEXT(256) NOT NULL,
"ip" TEXT(64) NOT NULL,
"ua" TEXT NOT NULL,
"login_time" integer(10) NOT NULL,
"last_time" integer(10) NOT NULL,
"expire_time" integer(10) NOT NULL,
@@ -120,11 +122,11 @@ CREATE TABLE IF NOT EXISTS "user_log" (
"id" integer NOT NULL PRIMARY KEY AUTOINCREMENT,
"uid" integer(10) NOT NULL,
"user" TEXT(32) NOT NULL,
"ip" TEXT(15) NOT NULL,
"ip" TEXT(64) NOT NULL,
"time" TEXT(13) NOT NULL,
"type" TEXT(16) NOT NULL,
"content" TEXT NOT NULL,
"description" TEXT(128) NOT NULL
"description" TEXT NOT NULL
);
-- 用户组
@@ -163,7 +165,8 @@ INSERT INTO `purview_list` (`code`, `name`, `description`) VALUES
('guestbook', '留言板', '允许使用留言板功能'),
('link_extend', '链接扩展', '允许使用链接扩展字段'),
('theme_in', '主题设置', '后台显示主题设置菜单'),
('theme_set', '主题配置', '允许自定义主题配置');
('theme_set', '主题配置', '允许自定义主题配置'),
('icon_pull', '图标拉取', '允许用户拉取链接图标');
-- 注册码列表
CREATE TABLE IF NOT EXISTS "regcode_list" (
@@ -197,8 +200,8 @@ CREATE TABLE IF NOT EXISTS "user_apply" (
"title" TEXT(512) DEFAULT "",
"url" TEXT(512) DEFAULT "",
"email" TEXT(128) DEFAULT "",
"ip" TEXT(16) DEFAULT "",
"ua" TEXT(512) DEFAULT "",
"ip" TEXT(64) DEFAULT "",
"ua" TEXT DEFAULT "",
"time" integer DEFAULT "0",
"state" integer DEFAULT "0",
"category_id" INTEGER DEFAULT "0",
@@ -217,7 +220,7 @@ CREATE TABLE IF NOT EXISTS "user_share" (
"up_time" integer(13) DEFAULT "0",
"expire_time" integer(13) DEFAULT "0",
"views" integer(13) DEFAULT "0",
"description" TEXT(13) DEFAULT "",
"description" TEXT DEFAULT "",
"type" integer(1) NOT NULL,
"data" TEXT,
"pv" integer(1) DEFAULT "0"

17
system/api.php
View File

@@ -766,7 +766,7 @@ function write_security_setting(){
global $USER_DB;
if($USER_DB['Password'] !== Get_MD5_Password($_POST['Password'],$USER_DB['RegTime'])){
msg(-1,'密码错误,请核对后再试!');
}elseif( $_POST['KeyClear'] > $_POST['Session']){
}elseif( intval($_POST['Session']) > 0 && intval($_POST['KeyClear']) > intval($_POST['Session'])){
msg(-1,'Key清理时间不能大于登录保持时间');
}
@@ -1137,6 +1137,9 @@ function write_theme(){
}else{
msg(-1,"获取程序版本异常");
}
if(!is_writable('./templates')){
msg(-1,"检测到模板目录不可写<br />请检查templates目录权限<br />宝塔面板请注意所有者为www<br />其他疑问请联系技术支持");
}
//从数据库查找主题信息
$template = get_db('global_config','v',['k'=> 'theme_'.$fn.'_cache']);
if(empty($template)){
@@ -1156,7 +1159,10 @@ function write_theme(){
}
//下载主题包
if (!is_dir('./data/temp')) mkdir('./data/temp',0755,true) or msg(-1,'下载失败,创建临时[/data/temp]目录失败');
if(!is_dir('./data/temp')) mkdir('./data/temp',0755,true) or msg(-1,'下载失败,创建临时[/data/temp]目录失败');
if(!is_writable('./data/temp')){
msg(-1,"检测到临时目录不可写<br />请检查data/temp目录权限<br />宝塔面板请注意所有者为www<br />其他疑问请联系技术支持");
}
$data = $key;
foreach($data['url'] as $url){
if(downFile( $url , $file , DIR.'/data/temp/')){
@@ -1280,7 +1286,7 @@ function read_login_info(){
$limit = empty(intval($_REQUEST['limit'])) ? 50 : intval($_REQUEST['limit']);
$offset = ($page - 1) * $limit; //起始行号
$where["uid"] = UID;
$where["cookie_key[!]"] = md5($_COOKIE[U.'_key']);
//$where["cookie_key[!]"] = md5($_COOKIE[U.'_key']); //不显示当前设备
//统计条数
$count = count_db('user_login_info',$where);
//权重排序(数字小的排前面)
@@ -1289,7 +1295,10 @@ function read_login_info(){
$where['LIMIT'] = [$offset,$limit];
//查询
$datas = select_db('user_login_info',['id','ip','ua','login_time','last_time','expire_time'],$where);
msgA(['code'=>1,'msg'=>'获取成功','count'=>$count,'data'=>$datas]);
//获取当前登录ID,用于前端标记
$where["cookie_key"] = md5($_COOKIE[U.'_key']);
$current_id = get_db('user_login_info','id',$where);
msgA(['code'=>1,'msg'=>'获取成功','count'=>$count,'data'=>$datas,'current_id'=>$current_id]);
}
//写登录信息

2
system/login.php
View File

@@ -31,7 +31,7 @@ if(!isset($User)){
}elseif($c != $global_config["Login"] && $c != $USER_DB['Login'] ){
update_db("user_log", ["description" => "请求登录>登录入口错误"], ["id"=>$log_id]);
msg(-1,"登录入口错误");
}elseif(strlen($_SERVER['HTTP_USER_AGENT'])>256){
}elseif(strlen($_SERVER['HTTP_USER_AGENT'])>1024){
update_db("user_log", ["description" => "请求登录>浏览器UA长度异常"], ["id"=>$log_id]);
msg(-1,"浏览器UA长度异常,请更换浏览器!");
}

63
system/public.php
View File

@@ -335,23 +335,40 @@ function Get_ExpireTime($day =30){
}
//验证登录
function is_login(){
global $USER_DB,$db;
global $USER_DB;
$time = time();
$LoginConfig = unserialize($USER_DB['LoginConfig']);
//清理间隔30分钟(1800秒)
if( ($USER_DB['kct'] + 1800) < $time ){
$lt = $time - ($LoginConfig['KeyClear'] * 24 * 60 * 60);
$where = ["AND" =>
[
"uid" => $USER_DB['ID'],
"OR" => ["expire_time[<]" => $time,"last_time[<]" => $lt]
]
];
function delete_expired_info($time,$LoginConfig){
global $USER_DB;
if(empty($LoginConfig['Session'])){
$where = [
"uid" => $USER_DB['ID'],
//"expire_time" => 0,
"OR" => [
"last_time[<]" => strtotime('-1 day'),
"login_time[<]" => strtotime('-15 day')
]
];
}else{
$where = [
"uid" => $USER_DB['ID'],
"OR" => [
"expire_time[<]" => $time,
"last_time[<]" => strtotime("-{$LoginConfig['KeyClear']} day")
]
];
}
//var_dump(select_db('user_login_info','*',$where),$where);exit;
delete_db("user_login_info", $where); //清理到期Key
update_db("global_user",["kct"=>$time],["User" => $USER_DB['User']]); //记录清理时间
}
//清理间隔30分钟(1800秒)
if( ($USER_DB['kct'] + 1800) < $time ){
delete_expired_info($time,$LoginConfig);
}
//查询登录信息
$where = ["cookie_key"=>md5($_COOKIE[U.'_key']),"uid"=>$USER_DB['ID']];
$info = get_db("user_login_info", "*", $where);
@@ -359,26 +376,22 @@ function is_login(){
//没找到返回未登录
if(empty($info)){return false;}
//UA验证
if($LoginConfig['KeySecurity'] > 0 && $_SERVER['HTTP_USER_AGENT'] != $info['ua']){return false;}
//IP验证
if($LoginConfig['KeySecurity'] > 1 && Get_IP() != $info['ip']){return false;}
//到期验证(同时重新计算)
if( $info['expire_time'] != 0 && ($time > $info['expire_time'] || $time > ($info['login_time'] + ($LoginConfig['Session'] * 24 * 60 * 60) ) )){
delete_db("user_login_info", $where);
return false;
}
//会话Key验证(没有到期时间时如果距上次访问时间大于24小时认为无效)
if($info['expire_time'] == 0 && ($info['last_time'] + 86400) < $time){
delete_db("user_login_info", $where);
return false;
}//有到期时间,且开启了Key清理
elseif($LoginConfig['KeyClear'] != 0 && ($info['last_time'] + ($LoginConfig['KeyClear'] * 24 * 60 * 60)) < $time ){
delete_db("user_login_info", $where);
return false;
//根据登录保持选项来判断key是否有效
if(empty($LoginConfig['Session'])){ //浏览器关闭时
if($info['last_time'] < strtotime('-1 day') || $info['login_time'] < strtotime('-15 day')){ //上次访问超过1天 或 登录时间超过15天
delete_expired_info($time,$LoginConfig);
return false;
}
}else{ //保持天数(已到期或上次访问时间超时)
if($info['expire_time'] < $time || $info['last_time'] < strtotime("-{$LoginConfig['KeyClear']} day")){
delete_expired_info($time,$LoginConfig);
return false;
}
}
//Key验证

2
system/version.txt
View File

@@ -1 +1 @@
v2.0.23-20230527
v2.0.24-20230606

118
templates/admin/js/home-root.js
View File

@@ -23,66 +23,72 @@ layui.use(['layer','miniTab'], function(){
layer.tips("点击此处更新到最新版","#sysup",{tips: [3, "#ff5722"],time: 60*1000,anim: 6});
layer.msg(' 检测到新版本,请尽快更新 ', {offset: 'b',anim: 6,time: 60*1000});
}
}
//点击更新事件
$('#sysup').on('click', function(){
let tip = layer.open({
title:"系统更新"
,content: "1.更新有风险请备份后再更新<br />2.更新后检查主题是否可更新<br />3.更新时请勿有其他操作<br />4.更新时请勿刷新或关闭页面<br />5.确保所有文件(夹)是可写权限"
,btn: ['确定更新', '更新内容', '取消']
,yes: function(index, layero){
let fail = false;
let up_info = {'code':0};
let i=0;
layer.close(tip);
layer.load(1, {shade:[0.3,'#fff']});//加载层
let msg_id = layer.msg('正在准备更新,请勿操作.', {icon: 16,time: 1000*300});
//设置同步模式
$.ajaxSetup({ async : false });
//获取更新信息
$.post(get_api("other_upsys"),{"i":0}, function(data, status) {
up_info = data;
});
//如果失败
if(up_info.code != 1){
layer.closeAll();
layer.alert(up_info.msg || "错误代码404",{icon:2,title:'更新失败',anim: 2,shadeClose: false,closeBtn: 0,btn: ['知道了']});
return;
}
//设为异步模式
$.ajaxSetup({ async : true });
//开始请求更新
request_update(); let msg = '';
function request_update(){
if( i >= up_info.info.length){
layer.closeAll();
layer.alert('更新完毕,请刷新页面!',{icon:1,title:'更新成功',anim: 2,shadeClose: false,closeBtn: 0,btn: ['刷新页面']},function () {parent.location.reload();});
return;
}else{
i++;
}
$("#layui-layer"+ msg_id+" .layui-layer-padding").html('<i class="layui-layer-face layui-icon layui-icon layui-icon-loading layui-anim layui-anim-rotate layui-anim-loop"></i>[ ' + i + ' / ' + up_info.info.length + ' ] ' + up_info.info[i-1]);
//点击更新事件
$('#sysup').on('click', function(){
let tip = layer.open({
title:"系统更新"
,content: "1.更新有风险请备份后再更新<br />2.更新后检查主题是否可更新<br />3.更新时请勿有其他操作<br />4.更新时请勿刷新或关闭页面<br />5.确保所有文件(夹)是可写权限"
,btn: ['确定更新', '更新内容', '取消']
,yes: function(index, layero){
let fail = false;
let up_info = {'code':0};
let i=0;
layer.close(tip);
layer.load(1, {shade:[0.3,'#fff']});//加载层
let msg_id = layer.msg('正在准备更新,请勿操作.', {icon: 16,time: 1000*300});
//设置同步模式
$.ajaxSetup({ async : false });
$.post(get_api("other_upsys"),{"i":i}, function(data, status) {
if (data.code == 1) {
request_update();
}else{
layer.closeAll();
layer.alert(data.msg || "未知错误,请联系开发者!",{icon:5,title:up_info.info[i-1],anim: 2,shadeClose: false,closeBtn: 0,btn: ['知道了']});
}
//获取更新信息
$.post(get_api("other_upsys"),{"i":0}, function(data, status) {
up_info = data;
});
//如果失败
if(up_info.code != 1){
layer.closeAll();
layer.alert(up_info.msg || "错误代码404",{icon:2,title:'更新失败',anim: 2,shadeClose: false,closeBtn: 0,btn: ['知道了']});
return;
}
//设为异步模式
$.ajaxSetup({ async : true });
//开始请求更新
request_update(); let msg = '';
function request_update(){
if( i >= up_info.info.length){
layer.closeAll();
layer.alert('更新完毕,请刷新页面!',{icon:1,title:'更新成功',anim: 2,shadeClose: false,closeBtn: 0,btn: ['刷新页面']},function () {parent.location.reload();});
return;
}else{
i++;
}
$("#layui-layer"+ msg_id+" .layui-layer-padding").html('<i class="layui-layer-face layui-icon layui-icon layui-icon-loading layui-anim layui-anim-rotate layui-anim-loop"></i>[ ' + i + ' / ' + up_info.info.length + ' ] ' + up_info.info[i-1]);
$.post(get_api("other_upsys"),{"i":i}, function(data, status) {
if (data.code == 1) {
request_update();
}else{
layer.closeAll();
layer.alert(data.msg || "未知错误,请联系开发者!",{icon:5,title:up_info.info[i-1],anim: 2,shadeClose: false,closeBtn: 0,btn: ['知道了']});
}
});
}
},btn2: function(index, layero){
window.open("https://gitee.com/tznb/TwoNav/releases");
},btn3: function(index, layero){
return true;
},cancel: function(){
return true;
}
},btn2: function(index, layero){
window.open("https://gitee.com/tznb/TwoNav/releases");
},btn3: function(index, layero){
return true;
},cancel: function(){
return true;
}
});
});
});
}else{
$("#new_ver").append(' <span id="sysup" style="cursor:pointer;color: rgb(1, 170, 237);">&nbsp;更新系统</span>');
$('#sysup').on('click', function(){
layer.alert("暂无可用更新,当前为最新版本",{icon:1,title:"更新系统",anim: "slideDown",shadeClose: true,closeBtn: 0,btn: ['知道了']});
});
}
//查看更新日志
$('#ver').css({"cursor":"pointer","color":"#01AAED"}); //设置鼠标形状和字体颜色

3
templates/admin/js/theme.js
View File

@@ -72,7 +72,8 @@ function theme_download(dir,name,desc,fn){
layer.msg(data.msg, {icon: 1});
setTimeout(() => {location.reload();}, 500);//延迟刷新
}else{
layer.msg(data.msg, {icon: 5});
//layer.msg(data.msg, {icon: 5});
layer.alert(data.msg,{icon:5,title:"错误",anim: "slideDown",shadeClose: true,closeBtn: 0,btn: ['知道了']});
}
});
}

43
templates/admin/page/LoginDevice.php
View File

@@ -19,7 +19,7 @@ layui.use(['form','table'], function () {
var form = layui.form;
var api = get_api('read_login_info'); //列表接口
var limit = localStorage.getItem(u + "_limit") || 50; //尝试读取本地记忆数据,没有就默认50
var current_id = 0;
var cols=[[ //表头
{field: 'id', title: 'ID', width:60, sort: true,hide:true}
,{ title: '操作',toolbar: '#tablebar',width:70}
@@ -31,7 +31,7 @@ layui.use(['form','table'], function () {
return timestampToTime(d.last_time);;
}}
,{field: 'expire_time', title: '到期时间', width:160, sort: true,templet:function(d){
return timestampToTime(d.expire_time);;
return d.expire_time <= 0 ? '':timestampToTime(d.expire_time);
}}
,{field: 'ua', title: '浏览器UA'}
]]
@@ -50,24 +50,47 @@ layui.use(['form','table'], function () {
,method: 'post'
,response: {statusCode: 1 }
,done: function (res, curr, count) {
current_id = res.current_id;
var temp_limit = $(".layui-laypage-limits option:selected").val();
if(temp_limit > 0 && localStorage.getItem(u + "_limit") != temp_limit){
localStorage.setItem(u + "_limit",temp_limit);
}
//遍历表格数据,标记当前设备
layui.each(table.cache.table, function(index, item){
if(item.id == res.current_id){
let tr = $('.layui-table-body.layui-table-main tr[data-index="' + index + '"]');
tr.css('color', 'red');
tr.attr('title','当前设备');
return false;
}
});
}
});
table.on('tool(table)', function (obj) {
var data = obj.data;
if (obj.event === 'out') {
$.post(get_api('write_login_info','out'),{id:data.id},function(data,status){
if(data.code == 1) {
obj.del();
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
if(data.id == current_id ){
$.post('./index.php?c=admin&page=logout&u='+u,function(res,status){
if(res.code == 1) {
layer.alert("您已安全的退出登录!", function () {
top.location.href='./index.php?u='+u;
});
}else{
layer.msg(res.msg,{icon: 5});
}
});
}else{
$.post(get_api('write_login_info','out'),{id:data.id},function(res,status){
if(res.code == 1) {
obj.del();
layer.msg(res.msg, {icon: 1});
}else{
layer.msg(res.msg, {icon: 5});
}
});
}
}
});

4
templates/admin/page/home.php
View File

@@ -258,7 +258,7 @@ require 'header.php';
<?php if($USER_DB['UserGroup'] == 'root'){ ?>
<tr>
<td>最新版本</td>
<td id="new_ver"><?php echo $data['version'] ?? SysVer; ?></td>
<td id="new_ver"><a target="_blank" href="https://gitee.com/tznb/TwoNav/releases"><?php echo $data['version'] ?? SysVer; ?></a> </td>
</tr>
<tr>
<td>授权状态</td>
@@ -273,7 +273,7 @@ require 'header.php';
</tr>
<tr>
<td>技术支持</td>
<td><a target="_blank" href="tencent://message/?uin=271152681">QQ271152681</a></td>
<td><a target="_blank" href="tencent://message/?uin=271152681">QQ271152681</a></td>
</tr>
<tr>
<td>专属地址</td>

11
templates/admin/page/root/tool.php
View File

@@ -92,15 +92,16 @@ layui.use(['layer','form','miniTab'], function () {
$('.rewrite').on('click', function(){
let pathname = window.location.pathname;
$("#console_log").text("");
$("#console_log").append(`#安全设置\n`);
$("#console_log").append(`location ~* ^${pathname}(data|system|templates)/.*.(db|db3|php|sql|tar|gz|zip|info|log)$ {\n\treturn 403;\n}\n`);
$("#console_log").append(`#伪静态\n`);
$("#console_log").append(`#安全规则(必选)\n`);
$("#console_log").append(`location ^~ ${pathname}data/ {location ~* \\.(db|db3|php|sql|tar|gz|zip|info|log|json)$ {return 403;}}\n`);
$("#console_log").append(`location ^~ ${pathname}templates/ {location ~* \\.(php|tar|gz|zip|info|log|json)$ {return 403;}}\n`);
$("#console_log").append(`#重写规则(可选)\n`);
$("#console_log").append(`rewrite ^${pathname}login$ ${pathname}index.php?c=login break;\n`);
$("#console_log").append(`rewrite ^${pathname}admin$ ${pathname}index.php?c=admin break;\n`);
$("#console_log").append(`rewrite ^${pathname}ico/(.+) ${pathname}index.php?c=icon&url=$1 break;\n`);
$("#console_log").append(`rewrite ^${pathname}([A-Za-z0-9]+)$ ${pathname}index.php?u=$1 break; #HOST/USER\n`);
$("#console_log").append(`rewrite ^${pathname}([A-Za-z0-9]+)$ ${pathname}index.php?u=$1 break;\n`);
$("#console_log").append(`rewrite ^${pathname}(.+)/(click)/([A-Za-z0-9]+)$ ${pathname}index.php?c=$2&id=$3&u=$1 break;\n`);
$("#console_log").append(`rewrite ^${pathname}(.+)/(click)/(.+) ${pathname}$3 break; #static\n`);
$("#console_log").append(`rewrite ^${pathname}(.+)/(click)/(.+) ${pathname}$3 break;\n`);
});
//清理缓存

15
templates/admin/page/updatelog.php
View File

@@ -2,6 +2,21 @@
<body>
<div class="layuimini-container">
<div class="layuimini-main" style=" margin-left: 20px;">
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.0.24-20230606</h4>
<ul>
<li>[修复] 调整数据库字段长度限制,使其能够正确记录IPV6地址/较长的浏览器UA ( 同时解决MySQL严格模式报错 )</li>
<li>[修复] 放宽登录时UA长度限制,使其能够在腾讯系列APP(微信/QQ/QQ浏览器等)的内置浏览器登录程序</li>
<li>[修复] 安全设置>登录保持设为浏览器关闭时无法保存</li>
<li>[优化] 站长工具>生成伪静态,优化配置规则提高站点安全性 ( 需站长手动将新规则写入指定位置,仅针对Nginx环境 )</li>
<li>[优化] 下载主题前检测目录是否可写,不可写时提醒用户</li>
<li>[优化] 管理员登录后台时始终显示更新系统入口 ( 避免用户不知道在哪里更新系统 )</li>
<li>[优化] 登录设备页面支持显示当前设备(字体为红色)</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">