diff --git a/.htaccess b/.htaccess
index ed2dc09..6292e82 100644
--- a/.htaccess
+++ b/.htaccess
@@ -2,16 +2,4 @@
RewriteEngine On
# 安全规则(必选)
RewriteRule ^templates/.*\.(php|tar|gz|zip|info|log|json)$ - [F]
-RewriteRule ^data/.*\.(db|db3|php|sql|tar|gz|zip|info|log|json)$ - [F]
-# 重写规则(可选)
-RewriteRule '^login$' ./index.php?c=login [L]
-RewriteRule '^admin$' ./index.php?c=admin [L]
-RewriteRule '^ico/(.+)' ./index.php?c=icon&url=$1 [L]
-RewriteRule '^([A-Za-z0-9]+)$' ./index.php?u=$1 [L]
-RewriteRule '^([A-Za-z0-9]+).html$' ./index.php?u=$1 [L]
-RewriteRule '^([a-zA-Z0-9]+)/(click|article)/([A-Za-z0-9]+)$' ./index.php?c=$2&id=$3&u=$1 [L]
-RewriteRule '^([a-zA-Z0-9]+)/(click|article)/([A-Za-z0-9]+)\.html$' ./index.php?c=$2&id=$3&u=$1 [L]
-RewriteRule '^([a-zA-Z0-9]+)/(click|article)/(templates|static|data|system)/(.+)' /$3/$4 [L]
-RewriteRule '^([a-zA-Z0-9]+)/(click|article)/favicon\.ico' /favicon.ico [L]
-# 站点地图(可选)
-RewriteRule '^sitemap.xml$' ./index.php?c=sitemap [L]
+RewriteRule ^data/.*\.(db|db3|php|sql|tar|gz|zip|info|log|json)$ - [F]
\ No newline at end of file
diff --git a/README.md b/README.md
index b02ed6e..ac50052 100644
--- a/README.md
+++ b/README.md
@@ -7,6 +7,19 @@ TwoNav 是一款开源的书签(导航)管理程序,界面简洁,安装
* [安装教程](https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968668&doc_id=3767990) | [使用说明](https://gitee.com/tznb/TwoNav/wikis) | [下载TwoNav](https://gitee.com/tznb/TwoNav/releases)
* [OneNav Extend 升级到 TwoNav](https://gitee.com/tznb/OneNav/wikis/pages?sort_id=7955135&doc_id=2439895)
+### 作者声明
+* 本程序没有二开版、除了下面的项目地址均为盗版。
+* 使用盗版软件存在法律风险且没有任何保障。
+* 未经许可禁止用于商业用途、转载请保留作品出处。
+
+### 项目由来
+```
+起初只是搭建一个自己的书签站、网上找了一圈看中了小z的OneNav。
+因功能无法满足我,开始基于ONeNav各种魔改、然后就有了OneNav Extend、这个名字还是小z给取的。
+后来和小z都开始收费后、由于用户容易搞混等各种原因、于是我重写代码并改名为TwoNav。
+其中一些OneNav的特色依旧是保留下来、并兼容OneNav的一些插件。
+```
+
### 项目地址
- [https://gitee.com/tznb/TwoNav](https://gitee.com/tznb/TwoNav)
- [https://github.com/tznb1/TwoNav](https://github.com/tznb1/TwoNav)
diff --git a/data/temp/README.md b/data/temp/README.md
index 69e30d7..8671162 100644
--- a/data/temp/README.md
+++ b/data/temp/README.md
@@ -1 +1 @@
-临时目录,可以删除
\ No newline at end of file
+临时目录,可删除
\ No newline at end of file
diff --git a/index.php b/index.php
index 17d3067..313bdb6 100644
--- a/index.php
+++ b/index.php
@@ -39,9 +39,22 @@ $layui['css'] = $libs.'/Layui/v2.8.17/css/layui.css';
define('libs',$global_config['Libs']);
define('SysVer',Get_Version());
define('Debug',$global_config['Debug'] == 1);
+define('static_link',$global_config['static_link'] > 0);
if(!in_array($c,[$global_config["Register"],'ico','icon'])){
+ if($global_config['static_link'] > 0 && !empty($UUID)){
+ $_GET['u'] = $global_config['static_link'] == 2 ? get_db("global_user", "User", ["ID"=>$UUID]) : $UUID;
+ }
$u = Get('u');
+ if(empty($u) && $global_config['Sub_domain'] == 1 && is_subscribe('bool')){
+ $cut = explode('.',$_SERVER["HTTP_HOST"]);
+ if(count($cut) == 3){
+ $USER_DB = get_db("global_user", "*", ["User"=>reset($cut)]);
+ if(!empty($USER_DB) && check_purview('Sub_domain',1)){
+ $_COOKIE['Default_User'] = $USER_DB['User'];unset($cut);
+ }
+ }
+ }
$u = !empty($u)?$u:(!empty($_COOKIE['Default_User'])?$_COOKIE['Default_User']:(!empty($global_config['Default_User'])?$global_config['Default_User']:'admin'));//优先级:Get>Host>Cookie>默认用户>admin
$USER_DB = get_db("global_user", "*", ["User"=>$u]);
//没找到账号显示404
diff --git a/rewrite.php b/rewrite.php
index afbb518..661997f 100644
--- a/rewrite.php
+++ b/rewrite.php
@@ -2,25 +2,45 @@
define('URI',$_SERVER['REQUEST_URI']);
-//登录页和管理员(默认)
-if (URI === '/login' || URI === '/admin') {
+//登录/管理/注册页面(不带html)
+if (URI === '/login' || URI === '/admin' || URI == '/register') {
$_GET['c'] = substr(URI, 1);
+//管理页面
+}elseif (preg_match('/^\/admin-([A-Za-z0-9]+)\.html?$/', URI, $matches)) {
+ $_GET['c'] = 'admin';
+ $UUID = $matches[1];
+//专属登录页面
+}elseif (preg_match('/^\/login-([A-Za-z0-9]+)-([A-Za-z0-9]+)\.html?$/', URI, $matches)) {
+ $UUID = $matches[1];
+ $_GET['c'] = $matches[2];
+//收录和留言
+}elseif (preg_match('/^\/(apply|guestbook)-([A-Za-z0-9]+)\.html?$/', URI, $matches)) {
+ $_GET['c'] = $matches[1];
+ $UUID = $matches[2];
//本地图标
}elseif(preg_match('/^\/ico\/(.+)$/', URI, $matches)){
$_GET['c'] = 'icon';
$_GET['url'] = $matches[1];
//用户主页
-}elseif (preg_match('/^\/([A-Za-z0-9]+)(\.html)?$/', URI, $matches)) {
- $_GET['u'] = $matches[1];
+}elseif (preg_match('/^\/([A-Za-z0-9]+)\.html?$/', URI, $matches)) {
+ $UUID = $matches[1];
//过渡/文章
-}elseif(preg_match('/^\/([A-Za-z0-9]+)\/(click|article)\/([A-Za-z0-9]+)(\.html)?$/', URI, $matches)) {
- $_GET['u'] = $matches[1];
- $_GET['c'] = $matches[2];
+}elseif(preg_match('/^\/(click|article)-([A-Za-z0-9]+)-(\d+)\.html?$/', URI, $matches)) {
+ $_GET['c'] = $matches[1];
+ $UUID = $matches[2];
$_GET['id'] = $matches[3];
+//分类页面
+}elseif(preg_match('/^\/category-([A-Za-z0-9]+)-(\d+)\.html?$/', URI, $matches)) {
+ $_GET['c'] = 'index';
+ $UUID = $matches[1];
+ $_GET['oc'] = $matches[2];
+//站点地图
+}elseif(URI === '/sitemap.xml'){
+ $_GET['c'] = 'sitemap';
//匹配失败
}else{
header("HTTP/1.0 404 Not Found");
- exit("404 Not Found.");
+ exit("404 Not Found.
".URI);
}
include 'index.php';
diff --git a/system/Authenticator.php b/system/Authenticator.php
index 4c29cb0..566eae9 100644
--- a/system/Authenticator.php
+++ b/system/Authenticator.php
@@ -37,7 +37,7 @@ class PHPGangsta_GoogleAuthenticator
}
$secretkey = $this->_base32Decode($secret);
- $time = chr(0).chr(0).chr(0).chr(0).pack('N*', $timeSlice);
+ $time = chr(0). chr(0) .chr(0). chr(0) .pack('N*', $timeSlice);
$hm = hash_hmac('SHA1', $time, $secretkey, true);
$offset = ord(substr($hm, -1)) & 0x0F;
$hashpart = substr($hm, $offset, 4);
diff --git a/system/MySQL/20230917.php b/system/MySQL/20230917.php
new file mode 100644
index 0000000..706fef8
--- /dev/null
+++ b/system/MySQL/20230917.php
@@ -0,0 +1,18 @@
+ "s_subscribe"]));
+ if(!isset($subscribe['public']) || empty($subscribe['public'])){
+ //尝试从服务器下载秘钥
+ $Res = ccurl("https://service.twonav.cn/api.php?fn=get_subscribe&order_id={$subscribe['order_id']}&email={$subscribe['email']}&domain={$subscribe['domain']}&mark=20230917",30,true);
+ $data = json_decode($Res["content"], true);
+ // 获取成功
+ if($data["code"] == 200){
+ $subscribe['public'] = $data['data']['public'];
+ $subscribe['type'] = $data['data']['type'];
+ $subscribe['type_name'] = $data['data']['type_name'];
+ write_global_config('s_subscribe',$subscribe,'订阅信息');
+ }
+ }
+}
diff --git a/system/Register.php b/system/Register.php
index e0f910e..d6a7c26 100644
--- a/system/Register.php
+++ b/system/Register.php
@@ -57,49 +57,6 @@ if(!preg_match('/^[A-Za-z0-9]{4,13}$/', $user)){
msg(-1,'该账号已被站长保留!');
}
-//读取邮件配置
-$mail_config = get_db("global_config","v",["k"=>"mail_config"]);
-if(!empty($mail_config)){
- $mail_config = unserialize($mail_config);
- if($mail_config['verify_email'] == 1 && $_GET['type'] == 'getcode'){
- //判断是否频繁发送
- $send_interval = intval($mail_config['send_interval']);
- if($send_interval > 0 && has_db('user_log',['type'=>'send_email','ip'=>$IP,'time[>]'=>time() - $send_interval])){
- msg(-1,'请勿频繁获取验证码');
- }
- $mail_config['addressee'] = $_POST['Email'];
- $mail_config['Subject'] = '验证码';
- $code = mt_rand(100000,999999);
-
- if(!strstr($mail_config['verify_template'],'$code')){
- $mail_config['verify_template'] = '您的验证:$code';
- }
- $mail_config['Body'] = empty($mail_config['verify_template']) ? '您的验证:'.$code:str_replace('$code', $code, $mail_config['verify_template']);
- $mail_config['return']='bool';
- if(send_email($mail_config)){
- session_start();
- $_SESSION["{$_POST['Email']}"]['code'] = "$code";
- $_SESSION["{$_POST['Email']}"]['time'] = time();
- insert_db("user_log", ["uid" => 0,"user"=>$user,"ip"=>$IP,"time"=>time(),"type" => 'send_email',"content"=>Get_Request_Content(),"description"=>"发送注册验证码:".$code.', 接收邮箱: '.$_POST['Email']]);
- msg(1,'发送成功');
- }else{
- msg(-1,'发送失败');
- }
- exit;
- }
-}
-//验证码效验
-if(!empty($mail_config['verify_email']) && $mail_config['verify_email'] == 1){
- session_start();
- if(empty($_POST['code'])){
- msg(-1,'请输入验证码');
- }elseif ($_POST['code'] != $_SESSION["{$_POST['Email']}"]['code']) {
- msg(-1,'验证码错误'.$_SESSION["{$_POST['Email']}"]['code']);
- }elseif($_SESSION["{$_POST['Email']}"]['time'] + 300 < time()){
- msg(-1,'验证码已过期');
- }
- unset($_SESSION["{$_POST['Email']}"]);
-}
//插入用户表和创建初始数据库
$RegTime = time();
$PassMD5 = Get_MD5_Password($pass,$RegTime);
diff --git a/system/SQLite/20230917.php b/system/SQLite/20230917.php
new file mode 100644
index 0000000..706fef8
--- /dev/null
+++ b/system/SQLite/20230917.php
@@ -0,0 +1,18 @@
+ "s_subscribe"]));
+ if(!isset($subscribe['public']) || empty($subscribe['public'])){
+ //尝试从服务器下载秘钥
+ $Res = ccurl("https://service.twonav.cn/api.php?fn=get_subscribe&order_id={$subscribe['order_id']}&email={$subscribe['email']}&domain={$subscribe['domain']}&mark=20230917",30,true);
+ $data = json_decode($Res["content"], true);
+ // 获取成功
+ if($data["code"] == 200){
+ $subscribe['public'] = $data['data']['public'];
+ $subscribe['type'] = $data['data']['type'];
+ $subscribe['type_name'] = $data['data']['type_name'];
+ write_global_config('s_subscribe',$subscribe,'订阅信息');
+ }
+ }
+}
diff --git a/system/UseFew/Import_data.php b/system/UseFew/Import_data.php
index 40d0a5f..b916863 100644
--- a/system/UseFew/Import_data.php
+++ b/system/UseFew/Import_data.php
@@ -18,7 +18,7 @@ if($_GET['type'] == 'upload'){
//取后缀并判断是否支持
$suffix = strtolower(end(explode('.',$_FILES["file"]["name"])));
- if(!preg_match('/^(db3|html)$/i',$suffix)){
+ if(!preg_match('/^(db3|html|itabdata)$/i',$suffix)){
@unlink($_FILES["file"]["tmp_name"]);
msg(-1,'文件格式不被支持!');
}
@@ -384,6 +384,87 @@ if($_GET['type'] == 'upload'){
}
}
msg(-1,'导入失败.');
+
+}elseif($_GET['type'] == 'itabdata'){
+ $temp_path = $_SESSION['upload_bookmark'][UID][$sid];
+ $content = file_get_contents($temp_path);
+ $data = json_decode($content, true);
+ if(!isset($data['navConfig']) || empty($data['navConfig'])){
+ msg(-1,'数据解析失败,请确认导入的是iTab备份的数据,且导出内容包含图标');
+ }
+ $time = time();
+ $success = 0; $fail = 0; $total = 0;$res = '';
+ $res='| 标题 | URL | 失败原因 |
|---|
';
+ foreach($data['navConfig'] as $key => $category){
+ if(!isset($category['children']) || empty($category['children'])){
+ continue; //分类下没数据则跳过
+ }
+ //分类名称不错在时创建
+ if(!has_db('user_categorys',['name'=>$category['name']]) ){
+ insert_db('user_categorys',[
+ 'uid'=>UID,
+ 'cid'=>get_maxid('category_id'),
+ 'fid'=>0,
+ 'pid'=>0,
+ 'status'=>1,
+ 'property'=>1,
+ 'name'=>$category['name'],
+ 'add_time'=>$time,
+ 'up_time'=>$time,
+ 'weight'=>0,
+ 'description'=>'',
+ 'font_icon'=>'fa fa-user',
+ 'icon'=>''
+ ]
+ );
+ }
+
+ // 读取分类ID
+ $category_id = get_db('user_categorys','cid',['uid'=>UID,'name'=>$category['name']]);
+ if(empty($category_id)){
+ msg(-1,'意外结束:创建或读取分类信息失败!');
+ }
+ $total += count($category['children']);
+ //遍历链接
+ foreach($category['children'] as $link){
+ $id = get_db('user_links','id',['uid'=>UID,'url'=>$link['url'] ]);
+ if(!empty($id)){
+ $res=$res.'| '.mb_substr($link['name'], 0, 30).' | '.mb_substr($link['url'], 0, 40).' | URL重复'.' |
';
+ $fail++;
+ continue;
+ }
+ if(empty($id) && strpos($link['url'], "http") === 0 ){
+ insert_db('user_links',[
+ 'uid' => UID,
+ 'lid' => get_maxid('link_id'),
+ 'fid' => $category_id,
+ 'add_time' => $time,
+ 'up_time' => $time,
+ 'weight' => 0,
+ 'title' => $link['name'] ,
+ 'url' => $link['url'],
+ 'property' => 0,
+ 'icon' => '', // "{$link['src']}",
+ 'status' => 1
+ ]);
+ $success++;
+ }else{
+ $res=$res.'| '.mb_substr($link['name'], 0, 30).' | '.mb_substr($link['url'], 0, 40).' | '.$link['name'].' >> 不是链接'.' |
';
+ $fail++;
+ }
+ }
+ }
+
+ $data = [
+ 'code' => 1,
+ 'msg' => '总数:'.$total.' 成功:'.$success.' 失败:'.$fail,
+ 'res' => $res.'
',
+ 'fail' => $fail
+ ];
+ //删除文件和变量
+ unlink($temp_path);
+ unset($_SESSION['upload_bookmark'][UID][$sid]);
+ msgA($data);
}elseif($_GET['type'] == 'data_empty'){
//验证密码
global $USER_DB;
diff --git a/system/UseFew/local_backup.php b/system/UseFew/local_backup.php
index ce87ff2..054ab91 100644
--- a/system/UseFew/local_backup.php
+++ b/system/UseFew/local_backup.php
@@ -4,8 +4,5 @@ if(!defined('DIR')){
header("status: 404 Not Found");
exit;
}else{
- if(!is_subscribe('bool')){
- msg(-1,"未检测到有效授权,无法使用该功能!");
- }
- msg(1,'请更新系统后再试');
+ msg_tip();
}
diff --git a/system/api.php b/system/api.php
index dff5104..93232bf 100644
--- a/system/api.php
+++ b/system/api.php
@@ -47,7 +47,7 @@ if(in_array($api_model,['compatible','compatible+open']) && in_array($method,$co
}
//站长相关方法名
-$root = ['write_subscribe','write_sys_settings','write_default_settings','read_user_list','write_user_info','read_purview_list','read_users_list','write_users','read_regcode_list','write_regcode','other_upsys','read_log','other_root'];
+$root = ['write_subscribe','write_sys_settings','write_default_settings','read_user_list','write_user_info','read_purview_list','read_users_list','write_users','read_regcode_list','write_regcode','other_upsys','read_log','other_root','other_services'];
if(in_array($method,$root)){
require('api_root.php');
//非站长接口则判断是否加载防火墙
@@ -526,36 +526,7 @@ function write_link(){
}
//扩展上传图片
}elseif($_GET['type'] == 'extend_up_img'){
- //权限检测
- if(!check_purview('Upload_icon',1)){
- msg(-1,'您的用户组无权限上传图片');
- }elseif(empty($_FILES["file"]) || $_FILES["file"]["error"] > 0){
- msg(-1,'文件上传失败');
- }
-
- //取后缀并判断是否支持
- $suffix = strtolower(end(explode('.',$_FILES["file"]["name"])));
- if(!preg_match('/^(jpg|jpeg|png|ico|bmp|svg)$/',$suffix)){
- @unlink($_FILES["file"]["tmp_name"]);
- msg(-1,'文件格式不被支持!');
- }
- //限制文件大小
- if(filesize($_FILES["file"]["tmp_name"]) > 1 * 1024 * 1024){
- msg(-1,'文件大小超限');
- }
- //文件临时路径
- $path = DIR . "/data/user/{$u}/upload";
- //检测目录,不存在则创建!
- if(!Check_Path($path)){
- msg(-1,'创建upload目录失败,请检查权限');
- }
- $tmp_name = 'LE_'.uniqid().'.'.$suffix;
- //移动文件
- if(!move_uploaded_file($_FILES["file"]["tmp_name"],"{$path}/{$tmp_name}")) {
- msg(-1,'上传失败,请检查目录权限');
- }else{
- msgA(['code'=>1,'msg'=>'上传成功','url'=>"./data/user/".U.'/upload/'.$tmp_name]);
- }
+ msg_tip();
//删除图标
}elseif($_GET['type'] === 'del_images'){
@@ -744,147 +715,15 @@ function write_link(){
update_db('user_links',['fid'=>$fid],['uid'=>UID ,"lid" => json_decode($_POST['lid']) ],[1,'设置成功']);
//检测是否满足要求
}elseif($_GET['type'] === 'msg_pull_check'){
- if($global_config['offline']){
- msg(-1,"离线模式不可用");
- }
- if(!is_subscribe('bool')){
- msg(-1,"未检测到有效授权,无法使用该功能!");
- }
- msg(-1,'请更新系统后再试');
+ msg_tip();
}elseif($_GET['type'] === 'msg_pull'){
- session_start();
- $key = $_POST['key'];
- if(empty($key) || !$_SESSION['msg_pull']["$key"]){
- msg(-1,'key验证失败,请重试!');
- }elseif(empty($_POST['link_id'])){
- msg(-1,'链接ID不能为空');
- }
- //读取信息
- $link = get_db('user_links','*',['uid'=>UID ,'lid'=>$_POST['link_id'] ]);
- //检查链接
- if(empty($link)){
- msg(-1,'链接ID不存在');
- }elseif(!preg_match("/^(http:\/\/|https:\/\/).*/",$link['url'])){
- msg(-1,'只支持识别http/https协议的链接!');
- }elseif( !filter_var($link['url'], FILTER_VALIDATE_URL) ) {
- msg(-1,'URL无效!');
- }
-
- //是否获取站点信息
- if( ( intval($_POST['title']) + intval($_POST['keywords']) + intval($_POST['description']) ) > 0 ){
- //读取长度限制配置
- $length_limit = unserialize(get_db("global_config","v",["k"=>"length_limit"]));
- //获取网站标题
- $c = curl_init();
- curl_setopt($c, CURLOPT_URL, $link['url']);
- curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($c, CURLOPT_SSL_VERIFYHOST, false);
- curl_setopt($c, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36');
- curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($c , CURLOPT_TIMEOUT, 10);
- $data = curl_exec($c);
- curl_close($c);
- require (DIR .'/system/get_page_info.php');
- $info = get_page_info($data);
- $new = [];
- if(intval($_POST['title']) > 0 && !empty($info['site_title'])){
- $new['title'] = $info['site_title'];
- if($length_limit['l_name'] > 0 && strlen($new['title']) > $length_limit['l_name'] ){
- $new['title'] = mb_substr($new['title'], 0, $length_limit['l_name'], 'utf-8');
- }
- }
- if(intval($_POST['keywords']) > 0 && !empty($info['site_keywords'])){
- $new['keywords'] = (empty($link['keywords']) || $_POST['keywords'] == '2') ? $info['site_keywords'] : $link['keywords'];
- if($length_limit['l_key'] > 0 && strlen($new['keywords']) > $length_limit['l_key'] ){
- $new['keywords'] = mb_substr($new['keywords'], 0, $length_limit['l_key'], 'utf-8');
- }
- }
- if(intval($_POST['description']) > 0 && !empty($info['site_description'])){
- $new['description'] = (empty($link['description']) || $_POST['description'] == '2') ? $info['site_description'] : $link['description'];
- if($length_limit['l_desc'] > 0 && strlen($new['description']) > $length_limit['l_desc'] ){
- $new['description'] = mb_substr($new['description'], 0, $length_limit['l_desc'], 'utf-8');
- }
- }
- if(empty($new)){
- $r['info'] = 'fail';
- }else{
- update_db('user_links',$new,['uid'=>UID ,"lid" => $link['lid'] ]);
- $r['info'] = 'success';
- }
- }
-
- //是否获取图标
- if(intval($_POST['icon']) > 0){
- //检查跳过已存在图标的链接
- if($_POST['icon'] == '1' && !empty($link['icon'])){
- $r['icon'] = 'skip';
- }
- $api = Get_Index_URL().'?c=icon&url='.base64_encode($link['url']);
- $res = ccurl($api,30,true);
- $data = get_db('global_icon','*',['url_md5'=>md5($link['url'])]);
- if(empty($data)){
- $r['icon'] = 'fail';
- }
- $new_path = "./data/user/".U.'/favicon/'.$data['file_name'];
- if(copy("./data/icon/{$data['file_name']}",$new_path)){
- update_db('user_links',['icon'=>$new_path],['uid'=>UID ,"lid" => $link['lid'] ]);
- $r['icon'] = 'success';
- }else{
- $r['icon'] = 'fail';
- }
- }
-
- msg(1,$r);
+ msg_tip();
//图标拉取
}elseif($_GET['type'] === 'icon_pull'){
- if($global_config['offline']){
- msg(-1,"离线模式不可用");
- }
- if(!is_subscribe('bool')){
- msg(-1,"未检测到有效授权,无法使用该功能!");
- }
- msg(-1,'请更新系统后再试');
+ msg_tip();
}elseif($_GET['type'] == 'extend_list'){
- if($GLOBALS['global_config']['link_extend'] != 1 ||!check_purview('link_extend',1)){
- msg(-1,'无权限');
- }
- $lists = json_decode($_POST['list'],true);
-
- $weight = [];
- foreach ($lists as $data ){
- if(empty($data['weight']) || !preg_match('/^\d$/', $data['weight'])){
- msgA( ['code' => -1,'msg' => '序号错误,请输入正整数'] );
- }
- if(empty($data['title']) || check_xss($data['title'])){
- msgA( ['code' => -1,'msg' => '标题不能为空'] );
- }
- if(empty($data['name']) || check_xss($data['name']) || !preg_match('/^[A-Za-z0-9]{3,18}$/',$data['name'])){
- msgA( ['code' => -1,'msg' => '字段名错误,请输入长度3-18的字母/数字'] );
- }
- if(!in_array($data['type'],['text','textarea','up_img'])){
- msgA( ['code' => -1,'msg' => '类型错误'] );
- }
- }
- if(is_Duplicated($lists,'weight')){
- msg(-1,'序号不能重复');
- }elseif(is_Duplicated($lists,'title')){
- msg(-1,'标题不能重复');
- }elseif(is_Duplicated($lists,'name')){
- msg(-1,'字段名不能重复');
- }
-
- $datas = [];
- foreach ($lists as $key => $data ){
- array_push($datas,['title'=>$data['title'],'name'=>$data['name'],'weight'=>$data['weight'],'type'=>$data['type'],'default'=> "{$data['default']}",'tip'=>$data['tip']]);
- }
- //根据序号排序
- usort($datas, function($a, $b) {
- return $a['weight'] - $b['weight'];
- });
- write_user_config('s_extend_list',$datas,'config','链接扩展字段');
- msgA( ['code' => 1,'msg' => '保存成功','datas'=>$datas] );
+ msg_tip();
}
msg(-1,'操作类型错误');
@@ -901,6 +740,7 @@ function write_security_setting(){
}
$datas = [
+ 'admin_inlet'=>['v'=>['display','hide','condition1'],'msg'=>'管理入口参数错误'],
'Session'=>['int'=>true,'min'=>0,'max'=>360,'msg'=>'登录保持参数错误'],
'HttpOnly'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'HttpOnly参数错误'],
'KeySecurity'=>['int'=>true,'min'=>0,'max'=>2,'msg'=>'Key安全参数错误'],
@@ -943,47 +783,18 @@ function write_security_setting(){
//写收录配置
function write_apply(){
- msg(-1,'免费版不支持此功能,请购买授权版');
+ msg_tip();
}
//读收录列表
function read_apply_list(){
- msgA(['code'=>-1,'msg'=>'免费版不支持此功能,请购买授权版','count'=>0,'data'=>[]]);
+ msg_tip();
}
//写站点设置
function write_site_setting(){
//图标上传
if(!empty($_FILES["file"])){
- check_purview('Upload_icon',2);
- if ($_FILES["file"]["error"] > 0){
- msg(-1,'文件上传失败,error:'.$_FILES["file"]["error"]);
- }
- //获取文件名后缀
- $suffix = strtolower(end(explode('.',$_FILES["file"]["name"])));
- if(!preg_match('/^(jpg|jpeg|png|bmp|gif|ico|svg)$/',$suffix)){
- @unlink($_FILES["file"]["tmp_name"]);
- msg(-1,'文件上传失败,文件格式不被支持!');
- }
- //文件路径
- $path = 'data/user/'.U.'/favicon/favicon.'.$suffix;
- //检查并创建目录
- if(!Check_Path(dirname($path))){
- msg(-1,'创建目录失败,请检查权限');
- }
- $site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
- //存在旧图标则先删除
- if(!empty($site['site_icon_file']) && is_file($site['site_icon_file'])){
- @unlink($site['site_icon_file']);
- }
- //转移临时文件
- if(move_uploaded_file($_FILES["file"]["tmp_name"],$path)) {
-
- $site['site_icon_file'] = 'data/user/'.U.'/favicon/favicon.'.$suffix; //储存路径
- $site['site_icon'] = './'.$site['site_icon_file']; //前端请求路径
- update_db("user_config", ["v" =>$site], ['uid'=>UID,'k'=>'s_site'],[1,'上传成功']);
- }else{
- msg(-1,'上传失败,请检查目录权限');
- }
+ msg_tip();
}
check_purview('site_info',2);
if(!empty($_POST['custom_header']) && !check_purview('header',1)){
@@ -1187,36 +998,13 @@ function read_pwd_group_list(){
}
//写加密分组 考虑要不要限制特殊字符
function write_pwd_group(){
- check_purview('link_pwd',2);
- if($_GET['type'] === 'del'){
- //判断有没有被使用
- if(!empty(get_db('user_links','id',['uid'=>UID,'pid'=>intval($_POST['pid'])]))){
- msg(-1,'正在被链接使用,无法删除!');
- }else if(!empty(get_db('user_categorys','id',['uid'=>UID,'pid'=>intval($_POST['pid'])]))){
- msg(-1,'正在被分类使用,无法删除!');
- }
-
- delete_db('user_pwd_group',['uid'=>UID,'pid'=>intval($_POST['pid'])],[1,'删除成功']);
- }elseif($_GET['type'] == 'add'){
- //$pid = intval(max_db('user_pwd_group','pid',['uid'=>UID])) +1;
- $pid = get_maxid('pwd_group_id');
- insert_db('user_pwd_group',['name' => $_POST['name'],'password' =>$_POST['password'],'description'=>$_POST['description'],'uid'=>UID,'pid'=>$pid],[1,'操作成功']);
- }elseif($_GET['type'] === 'edit'){
- update_db('user_pwd_group',['name' => $_POST['name'],'password' =>$_POST['password'],'description'=>$_POST['description']],['uid'=>UID,'pid'=>intval($_POST['pid'])],[1,'操作成功']);
- }
- msgA(['code' => 1 ,'msg'=> '1111']);
+ msg_tip();
}
//检测链接是否有效
function other_testing_link(){
- global $global_config;
- if ( $global_config['offline'] == '1'){ msg(-1,"离线模式无法使用此功能"); }
- $code = get_http_code($_POST['url']);
- if($code != 200 && $code != 302 && $code != 301){
- $code = ccurl($_POST['url'],30)['code'];
- }
- msgA(['code' => 0 ,'StatusCode'=> $code]);
+ msg_tip();
}
//读主题信息
@@ -1274,13 +1062,7 @@ function read_theme(){
//在线主题处理
if ( !$global_config['offline'] && $USER_DB['UserGroup'] === 'root'){
-
- if(preg_match('/^v.+-(\d{8})$/i',SysVer,$matches)){
- $sysver = intval( $matches[1] );//取版本中的日期
- }else{
- msg(-1,'获取程序版本异常');
- }
-
+ $sysver = get_SysVer();
//读取缓存
$page = 'theme_'.$request_dir;
$template = get_db('global_config','v',['k'=>$page.'_cache']);
@@ -1332,27 +1114,33 @@ function read_theme(){
}
//取正在使用的模板
- $s_templates = unserialize(get_db("user_config", "v", ["uid"=>UID,"k"=>"s_templates"]));
- if($request_dir == 'home'){
- $current['home_pad'] = $s_templates['home_pad'] ?? 'default';
- $current['home_pc'] = $s_templates['home_pc'] ?? 'default';
+ if(in_array($request_dir,['register','guide'])){
+ $global_templates = unserialize(get_db("global_config",'v', ["k" => "s_templates"]));
+ $current[$request_dir] = $global_templates[$request_dir] ?? 'default';
}else{
- $current[$request_dir] = $s_templates[$request_dir] ?? 'default';
+ $s_templates = unserialize(get_db("user_config", "v", ["uid"=>UID,"k"=>"s_templates"]));
+ if($request_dir == 'home'){
+ $current['home_pad'] = $s_templates['home_pad'] ?? 'default';
+ $current['home_pc'] = $s_templates['home_pc'] ?? 'default';
+ }else{
+ $current[$request_dir] = $s_templates[$request_dir] ?? 'default';
+ }
}
+
$themes = filter($themes);
msgA(['code'=>1,'data'=>$themes,'current'=>$current,'referrer'=>($data['referrer'] ?? '')]);
}
+function msg_tip(){
+ msg(-1,'免费版不支持此功能,购买授权版
点击此处前往购买页面');
+}
+
//主题下载/更新/删除
function write_theme(){
global $global_config;
$fn = $_POST['fn'];if($_GET['type'] != 'config' && !in_array($fn,['home','login','transit','register','guide','article','verify','guestbook','apply'])){msg(-1,'fn参数错误');}
if($_GET['type'] == 'download'){
- is_root();
- if($global_config['offline']){msg(-1,"离线模式禁止下载主题!");} //离线模式
- if(!is_subscribe('bool')){msg(-1,"未检测到有效授权,无法使用该功能!");}
- msg(-1,'请更新系统后再试');
-
+ msg_tip();
//删除主题
}elseif($_GET['type'] == 'del'){
is_root();
@@ -1782,11 +1570,19 @@ function read_data(){
//扩展功能
$extend = [];
- array_push($extend,['title'=>'收录管理','href'=>'expand/apply-admin','icon'=>'fa fa-pencil']);
- array_push($extend,['title'=>'留言管理','href'=>'expand/guestbook-admin','icon'=>'fa fa-commenting-o']);
- array_push($extend,['title'=>'文章管理','href'=>'expand/article-list','icon'=>'fa fa-file-text-o']);
- $extend = ['title'=>'扩展功能','icon'=>'fa fa-folder-open-o','href'=>'','child'=> $extend];
- array_push($menu,$extend);
+ //if($global_config['apply'] == 1 && check_purview('apply',1)){
+ array_push($extend,['title'=>'收录管理','href'=>'expand/apply-admin','icon'=>'fa fa-pencil']);
+ //}
+ //if($global_config['guestbook'] == 1 && check_purview('guestbook',1)){
+ array_push($extend,['title'=>'留言管理','href'=>'expand/guestbook-admin','icon'=>'fa fa-commenting-o']);
+ //}
+ //if($global_config['article'] > 0 && check_purview('article',1)){
+ array_push($extend,['title'=>'文章管理','href'=>'expand/article-list','icon'=>'fa fa-file-text-o']);
+ //}
+ if(!empty($extend)){
+ $extend = ['title'=>'扩展功能','icon'=>'fa fa-folder-open-o','href'=>'','child'=> $extend];
+ array_push($menu,$extend);
+ }
//如果是管理员则追加菜单
if($USER_DB['UserGroup'] == 'root'){
@@ -1802,7 +1598,8 @@ function read_data(){
]
]);
}
- $init = array( 'homeInfo'=>['title'=>'概要','href'=>'home'],'logoInfo'=>['title'=>'TwoNav','image'=>'./templates/admin/img/logo.png','href'=>'./?u='.U],'menuInfo'=>$menu);
+ $logo_url = static_link ? get_surl('{UUID}.html'):"./?u={$USER_DB['User']}";
+ $init = array( 'homeInfo'=>['title'=>'概要','href'=>'home'],'logoInfo'=>['title'=>'TwoNav','image'=>'./templates/admin/img/logo.png','href'=>$logo_url],'menuInfo'=>$menu);
msgA($init);
}
}
diff --git a/system/api_article.php b/system/api_article.php
index c7433ea..556cd12 100644
--- a/system/api_article.php
+++ b/system/api_article.php
@@ -1,2 +1,20 @@
> '.$type);
+}
+
+//获取文章列表
+function article_list(){
+ msg_tip();
+}
+
+
+
diff --git a/system/api_root.php b/system/api_root.php
index 0f68e86..29539e4 100644
--- a/system/api_root.php
+++ b/system/api_root.php
@@ -58,7 +58,8 @@ function other_upsys(){
$overtime = !isset($GLOBALS['global_config']['Update_Overtime']) ? 3 : ($GLOBALS['global_config']['Update_Overtime'] < 3 || $GLOBALS['global_config']['Update_Overtime'] > 60 ? 3 : $GLOBALS['global_config']['Update_Overtime']);
//请求获取更新包
- $Res = ccurl("http://service.twonav.cn/service.php",30,true,data_encryption('updateSystem',['sysver'=>$_SESSION['upsys']['sysver']]));
+ $node = intval($GLOBALS['global_config']['Update_Source']);
+ $Res = ccurl("http://service.twonav.cn/service.php",30,true,data_encryption('updateSystem',['node'=>$node]));
$data = json_decode($Res["content"], true);
if($data["code"] != '200'){
@@ -78,7 +79,6 @@ function other_upsys(){
}else{
msg(-1,'下载更新包失败');
}
-
msg(1,'success');
}
@@ -98,13 +98,13 @@ function other_upsys(){
} catch (Exception $e) {
msg(-1,'释放更新包,请检查写入权限');//解压出问题了
}
- clean_cache();
usleep(1000*300);
msg(1,'success');
}
//检测是否需要更新数据库
if($_POST['i'] == 4){
+ clean_cache();
set_time_limit(5*60);
try {
//根据数据库类型扫描不同目录,并声明执行SQL语句的函数
@@ -236,90 +236,31 @@ function read_purview_list(){
//读用户组列表
function read_users_list(){
- if(!is_subscribe('bool')){
- msg(-1,'未检测到有效授权');
- }
- msg(1,'请更新系统后再试');
+ msg_tip();
}
//写用户组
function write_users(){
//验证代号是否合规
- if(!preg_match('/^[A-Za-z0-9]+$/',$_POST['code'])){
- msg(-1,'分组代号只能是字母和数字');
- }elseif($_POST['code'] == 'root' || $_POST['code'] == 'default'){
- msg(-1,'不能使用系统预设的代号');
- }elseif(htmlspecialchars(trim($_POST['name'])) != $_POST['name']){
- msg(-1,'分组名称不能含有特殊字符');
- }
- if(!is_subscribe('bool')){
- msg(-1,'未检测到有效授权');
- }
- msg(1,'请更新系统后再试');
+ msg_tip();
}
//写用户信息
function write_user_info(){
- msg(-1,'未检测到有效授权,无法使用该功能');
+ msg_tip();
}
//读注册码列表
function read_regcode_list(){
- if(!is_subscribe('bool')){
- msg(-1,'未检测到有效授权');
- }
- msg(1,'请更新系统后再试');
- msgA(['code'=>1,'msg'=>'获取成功','count'=>$count,'data'=>$datas]);
+ msg_tip();
}
//写注册码
function write_regcode(){
- global $db;
- if(!is_subscribe('bool')){
- msg(-1,'未检测到有效授权');
- }
- msg(1,'请更新系统后再试');
+ msg_tip();
}
-
-//写订阅信息
-function write_subscribe(){
- global $USER_DB;
- $data = $_POST;
- $data['host'] = $_SERVER['HTTP_HOST']; //当前域名
- if(empty($data['order_id']) && empty($data['email']) && empty($data['end_time'])){
- write_global_config('s_subscribe','','订阅信息');
- msg(1,'清除成功');
- }
- if($data['end_time'] < time()){
- msg(-1,"您的订阅已过期!");
- }
- //判断是否为IP
- if(preg_match("/^(\d+\.\d+\.\d+\.\d+):*\d*$/",$data['host'],$host)) {
- $data['host'] = $host[1]; //取出IP(不含端口)
- }else{
- $host = explode(".", $data['host']);
- $count = count($host);
- if($count != 2){
- $data['host'] = $host[$count-2].'.'.$host[$count-1];
- //如果存在端口则去除
- if(preg_match("/(.+):\d+/",$data['host'],$host)) {
- $data['host'] = $host[1];
- }
- }
- }
-
- if(stristr($data['domain'],$data['host'])){
- write_global_config('s_subscribe',$data,'订阅信息');
- clean_cache();
- msg(1,'保存成功');
- }else{
- msg(-1,"您的订阅不支持当前域名 >> ".$_SERVER['HTTP_HOST']);
- }
-}
-
-
// 写系统设置
function write_sys_settings(){
global $USER_DB;
@@ -333,6 +274,16 @@ function write_sys_settings(){
msg(-1,'默认账号不存在');
}elseif(!empty($_POST['default_UserGroup']) && empty(get_db('user_group','code',['code' => $_POST['default_UserGroup']]))){
msg(-1,'默认分组代号不存在');
+ }elseif($_POST['Sub_domain'] == 1){
+ if(preg_match('/\.(com|net|org|gov|edu)\.cn$/', $_SERVER["HTTP_HOST"])){
+ msg(-1,'不支持此类域名');
+ }
+ if(filter_var($_SERVER["HTTP_HOST"], FILTER_VALIDATE_IP) != false){
+ msg(-1,'不支持IP访问开启二级域名');
+ }
+ if(preg_match('/\.(\d+|:\d+)$/', preg_replace('/:\d+$/','',$_SERVER['HTTP_HOST'])) || substr_count($_SERVER["HTTP_HOST"],':') > 2){
+ msg(-1,'不支持IP访问开启二级域名,如有误判请联系技术支持!');
+ }
}
//自定义登录入口和注册入口检测
@@ -343,7 +294,12 @@ function write_sys_settings(){
if(in_array($_POST['Register'],$prohibits)){
msg(-1,'此注册入口名已被系统使用');
}
-
+ //长度限制
+ foreach (['c_name','c_desc','l_name','l_url','l_key','l_desc'] as $name){
+ $length_limit[$name] = is_subscribe('bool') ? intval($_POST[$name]) : 0;
+ }
+ write_global_config("length_limit",$length_limit,'长度限制');
+
//全局配置
$datas = [
'Login'=>['empty'=>false,'msg'=>'登录入口不能为空'],
@@ -358,14 +314,22 @@ function write_sys_settings(){
'offline'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'离线模式参数错误'],
'Debug'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'调试模式参数错误'],
'Maintenance'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'维护模式参数错误'],
+ 'Sub_domain'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'二级域名参数错误'],
+ 'Privacy'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'强制私有参数错误'],
'default_page'=>['int'=>true,'min'=>0,'max'=>2,'msg'=>'默认页面参数错误'],
-
+ 'global_header'=>['empty'=>true],
+ 'global_footer'=>['empty'=>true],
'api_extend'=>['empty'=>true],
'c_code'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'自定义代码参数错误'],
+ 'static_link'=>['int'=>true,'min'=>0,'max'=>2,'msg'=>'静态链接参数错误'],
//更新设置
'Update_Source'=>['empty'=>true],
'Update_Overtime'=>['int'=>true,'min'=>3,'max'=>60,'msg'=>'资源超时参数错误'],
-
+ //扩展功能-(全局开关)
+ 'apply'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'收录管理参数错误'],
+ 'guestbook'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'留言管理参数错误'],
+ 'link_extend'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'链接扩展参数错误'],
+ 'article'=>['int'=>true,'min'=>0,'max'=>2,'msg'=>'文章管理参数错误']
];
$o_config = [];
foreach ($datas as $key => $data){
@@ -377,18 +341,24 @@ function write_sys_settings(){
$o_config[$key] = $data['empty']?$_POST[$key]:(!empty($_POST[$key])?$_POST[$key]:msg(-1,$data['msg']));
}
}
-
-
- update_db("global_config", ["v" => $o_config], ["k" => "o_config"],[1,"免费版可用功能配置已保存!"]);
+ if(!is_subscribe('bool')){
+ if($_POST['Sub_domain'] == 1){$o_config['Sub_domain'] = 0;$filter = true;}
+ if($_POST['Privacy'] == 1){$o_config['Privacy'] = 0;$filter = true;}
+ if(!empty($_POST['copyright'])){$o_config['copyright'] = "";$filter = true;}
+ if(!empty($_POST['global_header'])){$o_config['global_header'] = "";$filter = true;}
+ if(!empty($_POST['global_footer'])){$o_config['global_footer'] = "";$filter = true;}
+ if($_POST['apply'] == 1){$o_config['apply'] = 0;$filter = true;}
+ if($_POST['guestbook'] == 1){$o_config['guestbook'] = 0;$filter = true;}
+ if($_POST['link_extend'] == 1){$o_config['link_extend'] = 0;$filter = true;}
+ if($_POST['article'] == 1){$o_config['article'] = 0;$filter = true;}
+ if($_POST['static_link'] == 1){$o_config['static_link'] = 0;$filter = true;}
+ }
+ update_db("global_config", ["v" => $o_config], ["k" => "o_config"],[1,($filter ?"保存成功,未检测到有效授权,带*号的配置无法为你保存":"保存成功")]);
}
//写默认设置
function write_default_settings(){
- global $USER_DB;
- if(!is_subscribe('bool')){
- msg(-1,'未检测到有效授权');
- }
- msg(1,'请更新系统后再试');
+ msg_tip();
}
//读日志
function read_log(){
@@ -443,22 +413,13 @@ function other_root(){
$data = get_db("global_config", "v", ["k" => "username_retain"]);
msgA(['code'=>1,'msg'=>'获取成功','data'=>$data]);
}elseif($_GET['type'] == 'write_username_retain'){
- if(!is_subscribe('bool')){
- msg(-1,'未检测到有效授权');
- }
- msg(1,'请更新系统后再试');
+ msg_tip();
}elseif($_GET['type'] == 'write_mail_config'){
- if($GLOBALS['global_config']['offline'] == '1'){msg(-1,"离线模式无法使用此功能");}
- if(!is_subscribe('bool')){msg(-1,"未检测到有效授权,无法使用该功能!");}
- msg(1,'请更新系统后再试');
+ msg_tip();
}elseif($_GET['type'] == 'write_mail_test'){
- $_POST['Subject'] = 'TwoNav 测试邮件' . time();
- $_POST['Body'] = 'TwoNav 测试邮件
' . date('Y-m-d H:i:s');
- send_email($_POST);
+ msg_tip();
}elseif($_GET['type'] == 'write_icon_config'){
- if($GLOBALS['global_config']['offline'] == '1'){msg(-1,"离线模式无法使用此功能");}
- if(!is_subscribe('bool')){msg(-1,"未检测到有效授权,无法使用该功能!");}
- msg(1,'请更新系统后再试');
+ msg_tip();
}elseif($_GET['type'] == 'write_icon_del_cache'){
//删除数据库缓存信息
if(empty(count_db('global_icon','*'))){
@@ -478,7 +439,100 @@ function other_root(){
}
msg(1,'操作成功');
+ }elseif($_GET['type'] == 'write_sitemap_config'){
+ msg_tip();
}
}
+// 通用类请求官方服务器
+function other_services(){
+ // 生成请求数据
+ $domain = preg_replace('/:\d+$/','',$_SERVER['HTTP_HOST']);
+ $post = [
+ 'domain' => $domain,
+ 'referer' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "",
+ 'email' => isset($_POST['email']) ? $_POST['email'] : "",
+ 'order_id' => isset($_POST['order_id']) ? $_POST['order_id'] : "",
+ 'sysver' => SysVer,
+ 'ip' => Get_IP(),
+ 'method' => $_GET['type']
+ ];
+ $overtime = !isset($global_config['Update_Overtime']) ? 3 : ($global_config['Update_Overtime'] < 3 || $global_config['Update_Overtime'] > 60 ? 3 : $global_config['Update_Overtime']);
+ // 判断操作类型
+ if($_GET['type'] == 'query_key' || $_GET['type'] == 'save_key'){
+ $Res = ccurl("http://service.twonav.cn/service.php",$overtime,true,$post);
+ if($Res['code'] != 200){
+ msg(-1,'请求官方服务器失败,请稍后再试');
+ }
+ $data = json_decode($Res["content"], true);
+ // 如果是保存设置
+ if($_GET['type'] == 'save_key'){
+ $data = $data['data'];
+ if(!isset($data['order_id']) || empty($data['order_id'])){
+ msg(-1,'保存失败,请核对信息是否有误');
+ }
+ //判断是否为IP
+ if(preg_match("/^(\d+\.\d+\.\d+\.\d+):*\d*$/",$domain,$host)) {
+ $data['host'] = $host[1]; //取出IP(不含端口)
+ }else{
+ $host = explode(".", $domain);
+ $count = count($host);
+ if($count != 2){
+ $data['host'] = $host[$count-2].'.'.$host[$count-1];
+ //如果存在端口则去除
+ if(preg_match("/(.+):\d+/",$data['host'],$host)) {
+ $data['host'] = $host[1];
+ }
+ }
+ }
+ write_global_config('s_subscribe',$data,'订阅信息');
+ clean_cache();
+ msgA(['code'=>200,'msg'=>'保存成功','data'=>['order_id'=>$data['order_id'],'end_time'=>$data['end_time'],'type_name'=>$data['type_name']]]);
+ }
+ msgA($data);
+ }elseif($_GET['type'] == 'del_key'){
+ $subscribe = unserialize(get_db('global_config','v',["k" => "s_subscribe"]));
+ if(!isset($subscribe['order_id']) || empty($subscribe['order_id'])){
+ msg(200,'清除成功');
+ }
+ ccurl("http://service.twonav.cn/service.php",$overtime,true,$post);
+ write_global_config('s_subscribe','','订阅信息');
+ clean_cache();
+ msg(200,'删除成功');
+ }elseif($_GET['type'] == 'validate'){
+ $Res = ccurl("http://service.twonav.cn/service.php",$overtime,true,data_encryption('validate'));
+ $data = json_decode($Res["content"], true);
+ if($data["code"] != '200'){
+ msg(-1,$data['msg'] ?? '验证失败');
+ }
+ msgA($data);
+ }elseif($_GET['type'] == 'get_notice'){
+ //读取缓存数据
+ $Notice = get_db('global_config','v',['k'=>'notice']);$data=[];
+ //如果不为空,则解析数据
+ if(!empty($Notice)){
+ $data = json_decode($Notice, true);
+ $cache_time = 60; //缓存时间(秒);
+ $reload = time() > $data["download_time"] + $cache_time; //是否更新
+ }else{
+ $reload = true; //需要刷新
+ }
+ // 判断是否刷新数据
+ if(!$global_config['offline'] && $reload){
+ if(is_subscribe('bool')){
+ $Res = ccurl('http://service.twonav.cn/service.php',$overtime,true,data_encryption('get_new_ver',['ver'=>SysVer]));
+ }else{
+ $Res = ccurl('http://tznb.gitee.io/twonav_resource/Notice.json',$overtime);
+ }
+ $new_data = json_decode($Res['content'], true);
+ if($new_data["code"] == 200 ){
+ $new_data['download_time'] = time();
+ $new_data['version'] = version_compare($new_data['version'],SysVer,'<') ? SysVer : $new_data['version'];
+ write_global_config('notice',json_encode($new_data),'官方公告(缓存)');
+ $data = $new_data;
+ }
+ }
+ msgA($data);
+ }
+}
diff --git a/system/click.php b/system/click.php
index f28135b..c2e9b9b 100644
--- a/system/click.php
+++ b/system/click.php
@@ -55,40 +55,6 @@ if(!$is_login){
if($category_ancestor['property'] == 1 && !$pv){
exit('很抱歉,页面所属的祖分类是私有的!您无权限查看,如果您是管理员,请先登录!');
}
-
- //判断链接是否加密
- if(!empty($link['pid'])){
- $verify_type = 'link_pwd';
- $password = get_db('user_pwd_group','password',['uid'=>UID,'pid'=>$link['pid']]);
- if($_SESSION['verify']['link'][$link['lid']] != $password){
- $c = 'verify';
- require DIR."/system/templates.php";
- require $index_path;
- exit();
- }
- }
- //判断父分类是否加密
- if(empty($link['pid']) && !empty($category_parent['pid'])){
- $verify_type = 'category_pwd';
- $password = get_db('user_pwd_group','password',['uid'=>UID,'pid'=>$category_parent['pid']]);
- if($_SESSION['verify']['category'][$category_parent['cid']] != $password){
- $c = 'verify';
- require DIR."/system/templates.php";
- require $index_path;
- exit();
- }
- }
- //判断祖分类是否加密
- if(empty($link['pid']) && empty($category_parent['pid']) && !empty($category_ancestor['pid'])){
- $verify_type = 'category_pwd';
- $password = get_db('user_pwd_group','password',['uid'=>UID,'pid'=>$category_ancestor['pid']]);
- if($_SESSION['verify']['category'][$category_ancestor['cid']] != $password){
- $c = 'verify';
- require DIR."/system/templates.php";
- require $index_path;
- exit();
- }
- }
}
@@ -100,11 +66,6 @@ update_db("user_links", ["click[+]"=>1],['uid'=>UID,'lid'=>$id]);
//通用数据初始化
require DIR."/system/templates.php";
-//如果主题信息声明支持扩展字段
-if($global_config['link_extend'] == 1 && check_purview('link_extend',1) && in_array($theme_info['support']['link_extend'],["true","1"])){
- $extend = empty($link['extend']) ? [] : unserialize($link['extend']);
-}
-
//载入过渡页设置
$transition_page = unserialize(get_db("user_config", "v", ["uid"=>UID,"k"=>"s_transition_page"]));
diff --git a/system/expand/apply.php b/system/expand/apply.php
index 3ea701b..2719c52 100644
--- a/system/expand/apply.php
+++ b/system/expand/apply.php
@@ -1,6 +1,11 @@
diff --git a/system/expand/article.php b/system/expand/article.php
index 828da13..5759404 100644
--- a/system/expand/article.php
+++ b/system/expand/article.php
@@ -1,28 +1,3 @@
1],['uid'=>UID,'id'=>$id]);
-
-//载入模板
-require $index_path;
+exit('免费版不支持此功能');
\ No newline at end of file
diff --git a/system/expand/guestbook.php b/system/expand/guestbook.php
index 3ea701b..5bae4fc 100644
--- a/system/expand/guestbook.php
+++ b/system/expand/guestbook.php
@@ -1,6 +1,11 @@
+
+//POST提交留言
+if($_SERVER['REQUEST_METHOD'] === 'POST'){
+ msg(-1,'免费版不支持此功能');
+ }
+
+//通用数据初始化
+require DIR."/system/templates.php";
+require $index_path;
+exit;
\ No newline at end of file
diff --git a/system/expand/sitemap.php b/system/expand/sitemap.php
new file mode 100644
index 0000000..5851ff8
--- /dev/null
+++ b/system/expand/sitemap.php
@@ -0,0 +1,8 @@
+
diff --git a/system/expand/sitemap_create.php b/system/expand/sitemap_create.php
new file mode 100644
index 0000000..b3d9bbc
--- /dev/null
+++ b/system/expand/sitemap_create.php
@@ -0,0 +1 @@
+ "icon_config"])) ?? [];
-$config['analysis_timeout'] = (intval($config['analysis_timeout']) >= 3 && intval($config['analysis_timeout']) <= 20) ? intval($config['analysis_timeout']) : 6; //解析超时
-$config['download_timeout'] = (intval($config['download_timeout']) >= 3 && intval($config['download_timeout']) <= 20) ? intval($config['download_timeout']) : 6; //下载超时
-$config['icon_size'] = (intval($config['icon_size']) >= 5 && intval($config['icon_size']) <= 1024) ? intval($config['icon_size']) : 256; //大小限制
-$favicon_url = '';
-//防盗链
-if($config['referer_test'] == 1){
- if(empty($_SERVER['HTTP_REFERER']) || !strstr($_SERVER['HTTP_REFERER'],$_SERVER['HTTP_HOST'])){
- header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit('404 Not Found');
- }
-}
-
-//获取URL
-$url = base64_decode($_GET['url']);
-$url_md5 = md5($url);
-
-//维护模式/离线模式/关闭服务 > 输出固定图标
-if($global_config['Maintenance'] != 0 || $global_config['offline'] == '1' || $config['o_switch'] == '0' || !is_subscribe('bool')){
- echo_link_type_icon();
-}
-
-//如果不是http(s)则根据类型输出固定图标
-if(!preg_match("/^(http:\/\/|https:\/\/)/",$url)){
- echo_link_type_icon();
-}else{
- $uri_part = parse_url($url);
- $url_root = $uri_part['scheme'] . '://' . $uri_part['host'] . (isset($uri_part['port']) ? ':' . $uri_part['port'] : '');
-}
-
-//检查目录 > 不存在则自动创建 > 创建失败显示错误图标
-if(!Check_Path(DIR.'/data/icon')){
- echo_icon(DIR . '/templates/admin/img/error.svg',$config);
-}
-
-//读取缓存 > 存在且可用则输出
-$cache_data = get_db('global_icon','*',['url_md5'=>$url_md5]);
-if(!empty($cache_data) && $cache_data['update_time'] > time() - intval($config['server_cache_time']) && is_file(DIR . '/data/icon/' . $cache_data['file_name'])){
- echo_icon(DIR . '/data/icon/' . $cache_data['file_name'],$config,$cache_data);
-}
-
-//缓存不可用
-//获取URL的html内容
-$html = get_html($url,$config['analysis_timeout']);
-
-//获取html失败
-if(empty($html)){
- backup_api($url,$config); //调用备选接口
-}
-
-//html获取成功>尝试解析
-try {
- $doc = new DOMDocument();
- @$doc->loadHTML($html);
- $links = $doc->getElementsByTagName('link');
- //后续可以考虑将所有声明的图标加入数组,然后按特定规则排序,实现多图标时获取较大尺寸的图标
- foreach ($links as $link) {
- if (in_array($link->getAttribute('rel'),['shortcut icon','icon','alternate icon','apple-touch-icon'])) {
- $favicon_url = $link->getAttribute('href');
- break;
- }
- }
-}catch (Exception $e) {
- //解析异常,不做处理!下面继续尝试其他方法获取!
-}
-
-//解析失败(可能是未设置图标)
-if(empty($favicon_url)){
- //尝试获取根目录的favicon.ico
- $res = down_ico($url_root.'/favicon.ico','./data/icon/',$url,$config['download_timeout']);
- if($res){
- echo_icon(DIR . '/data/icon/'.$url_md5.".ico",$config);
- }
- //调用备选接口
- backup_api($url,$config);
-}
-
-//解析到图标
-$favicon_url = url_patch($favicon_url,$url);
-
-//if 如果图标类型是base64或者svg则不需要下载
-
-//匹配图标类型>下载>输出
-$suffix = strtolower(end(explode('.',$favicon_url)));
-$suffix = strtolower(reset(explode('?',$suffix)));
-$suffix = preg_match('/^(jpg|jpeg|png|ico|bmp|svg|webp)$/i',$suffix) ? $suffix : 'ico';
-
-//下载图标 > 成功则输出
-$res = down_ico($favicon_url,'./data/icon/',$url,$config['download_timeout']);
-if($res){
- echo_icon(DIR . '/data/icon/'.$url_md5.".$suffix",$config);
-}else{
- echo_link_type_icon();
-}
-
-//使用备用接口
-function backup_api($url,$config){
- global $uri_part,$url_root;
- //未设置时直接输出ie图标
- $backup_api = intval($config['backup_api']);
- if($backup_api == 0){
- echo_icon(DIR . '/templates/admin/img/ie.svg',$config);
- }elseif($backup_api == 6){
- $res = down_ico('https://api.iowen.cn/favicon/'.parse_url($url)['host'].'.png','./data/icon/','',$config['download_timeout']);
- if($res){
- echo_icon(DIR . '/data/icon/'.$GLOBALS['url_md5'].".png",$config);
- }
- }elseif($backup_api == 2){
- $res = down_ico('https://favicon.png.pub/v1/'.base64_encode($url_root),'./data/icon/','',$config['download_timeout']);
- if($res){
- echo_icon(DIR . '/data/icon/'.$GLOBALS['url_md5'].".png",$config);
- }
- }
-
- //如果都失败,则输出默认图标
- echo_icon(DIR . '/templates/admin/img/ie.svg',$config);
-}
-//检测URL自动补全
-function url_patch($favicon_url,$url){
- global $uri_part,$url_root;
- //包含协议表示URL完整,直接返回
- if(strpos($favicon_url, '://')){
- return $favicon_url;
- }
-
- //忽略协议的绝对路径
- if(strpos($favicon_url, '//') === 0 ) {
- return $uri_part['scheme'] . ':' . $favicon_url;
- }
-
- //位于根目录
- if(strpos($favicon_url, '/') === 0 ){
- return $url_root.$favicon_url;
- }
- //当前目录
- if(strpos($favicon_url, './') === 0){
- return $url_root . $uri_part['path'] . substr($favicon_url, 2);
- }
- //向上N级目录
- if(strpos($favicon_url, '../') === 0){
- $N = substr_count($favicon_url,'../');
- $url_temp = $uri_part['path'];
- for ($i = 0; $i < $N; $i++) {
- $url_temp = dirname($url_temp);
- $favicon_url = preg_replace('/^\.\.\//', '', $favicon_url);
- }
- return $url_root . $url_temp . $favicon_url;
- }
-
- //base64
-
- //SVG
-
- //默认路径
- return $url_root . $uri_part['path'] . $favicon_url;
-}
-
-//获取html
-function get_html($url,$TIMEOUT = 5){
- try {
- $c = curl_init();
- curl_setopt($c, CURLOPT_URL, $url);
- curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($c, CURLOPT_FAILONERROR, 1);
- curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($c, CURLOPT_SSL_VERIFYHOST, false);
- curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($c, CURLOPT_TIMEOUT, $TIMEOUT);
- curl_setopt($c, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36');
- $data = curl_exec($c);
- //如果是gzip则解压
- $prefix = dechex(ord($data[0])) . dechex(ord($data[1]));
- if(strtolower($prefix) == '1f8b'){
- $data = gzdecode($data);
- }
- curl_close($c);
- return $data;
- }catch (Exception $e) {
- return false;
- }
-}
-
-function down_ico($ico_url, $savePath = './data/temp/',$referer = '',$TIMEOUT = 60){
- $suffix = strtolower(end(explode('.',$ico_url)));
- $suffix = strtolower(reset(explode('?',$suffix))); //截取?前面的
- if(!preg_match('/^(jpg|jpeg|png|ico|bmp|svg|webp)$/i',$suffix)){
- $suffix = 'ico'; //没匹配到后缀名则默认为ico
- }
- $file = "{$GLOBALS['url_md5']}.{$suffix}";
- $c = curl_init();
- curl_setopt($c, CURLOPT_URL, $ico_url);
- curl_setopt($c, CURLOPT_TIMEOUT, $TIMEOUT);
- curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($c, CURLOPT_HEADER, FALSE);
- curl_setopt($c, CURLOPT_NOBODY, FALSE);
- curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($c, CURLOPT_SSL_VERIFYHOST, false);
- curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($c, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36');
- if(!empty($referer)){
- curl_setopt($c, CURLOPT_REFERER, $referer);
- }
- try{
- $res = curl_exec($c);
- }finally{
- $code = curl_getinfo($c, CURLINFO_HTTP_CODE);
- curl_close($c);
- }
-
- if ($code == '200') { //状态码正常
- //十六进制取文件头
- $prefix = strtolower( dechex(ord($res[0])) . dechex(ord($res[1])) );
- //根据头判断类型
- if($prefix == '1f8b'){ //gzip解码
- $res = gzdecode($res);
- }elseif( $prefix != '3c73' && strpos($prefix, '3c') === 0){ // <开头视为文本 svg 3c21>html 1f8b>gzip
-
- //文件大小限制
- if((strlen($res) / 1024)> $GLOBALS['config']['icon_size']){
- return false;
- }
- $fullName = rtrim($savePath, '/') . '/' . $file;
- $type = ['jpg'=>'jpeg','jpeg'=>'jpeg','svg'=>'svg+xml','ico'=>'x-icon']; //类型表
- $mime = $type[$suffix] ?? 'x-icon';
-
- //黑名单(后期考虑使用在线名单缓存到本地,以便以更好的维护)
- $_md5 = md5($res);
- if($_md5 == 'c531ffbdad1ba93bd84f2398052958dc') return false; //阿里云
- if($_md5 == '05231fb6b69aff47c3f35efe09c11ba0') return false; //一为默认
- if($_md5 == '3ca64f83fdcf25135d87e08af65e68c9') return false; //小z默认
-
- $data = ['update_time'=>time(),'file_name'=>$file,'file_mime'=>$mime,'ico_url'=>$ico_url,'extend'=>''];
- if(!has_db('global_icon',['url_md5'=>$GLOBALS['url_md5']])){
- $data['url_md5'] = $GLOBALS['url_md5'];
- $data['url'] = $GLOBALS['url'];
- $data['add_time'] = time();
- insert_db('global_icon',$data);
- }else{
- update_db('global_icon',$data,['url_md5'=>$GLOBALS['url_md5']]);
- }
-
- return file_put_contents($fullName, $res);
- }else{
- return false;
- }
-}
+echo_link_type_icon();
function echo_icon($path,$config,$db = false){
//文件不存在时输出固定图标(理论上执行到这里不会出现文件不存在)
diff --git a/system/index.php b/system/index.php
index 0efd0a9..abefe4e 100644
--- a/system/index.php
+++ b/system/index.php
@@ -154,7 +154,8 @@ function get_links($fid) {
$max_link = true;
}
$links = select_db('user_links',['lid(id)','fid','property','title','url(real_url)','url_standby','description','icon','click','pid','extend'],$where);
- foreach ($links as $key => $link) {
+ $UUID = ($GLOBALS['global_config']['static_link'] == 2 ? UID : U);
+ foreach ($links as &$link) {
$click = false; $lock = false;
//直连模式,但存在备用链接
@@ -174,25 +175,20 @@ function get_links($fid) {
}
if($click || $site['link_model'] != 'direct'){
- if($GLOBALS['global_config']['static_link'] == 1){
- $links[$key]['url'] = "/{$u}/click/{$link['id']}.html";
- }else{
- $links[$key]['url'] = "./index.php?c=click&id={$link['id']}&u=".U;
- }
-
+ $link['url'] = static_link ? "{$GLOBALS['HOST']}/click-{$UUID}-{$link['id']}.html" : "./index.php?c=click&id={$link['id']}&u={$u}";
if($lock){
- $links[$key]['real_url'] = $links[$key]['url']; //篡改真实URL,防止泄密
+ $link['real_url'] = $link['url']; //篡改真实URL,防止泄密
if(isset($share['sid'])){
- $links[$key]['url'] .='&share='.$share['sid'];
+ $link['url'] .='&share='.$share['sid'];
}
}
}else{
- $links[$key]['url'] = $link['real_url'];
+ $link['url'] = $link['real_url'];
}
//获取图标链接
- $links[$key]['ico'] = $lock ? $GLOBALS['libs'].'/Other/lock.svg' : geticourl($site['link_icon'],$link);
- $links[$key]['type'] = 'link';
+ $link['ico'] = $lock ? $GLOBALS['libs'].'/Other/lock.svg' : geticourl($site['link_icon'],$link);
+ $link['type'] = 'link';
}
//处理扩展信息
if($GLOBALS['global_config']['link_extend'] == 1 && check_purview('link_extend',1) && in_array($GLOBALS['theme_info']['support']['link_extend'],["true","1"])){
@@ -203,36 +199,9 @@ function get_links($fid) {
}
}
- //生成文章链接, 条件:非隐藏,且主题未声明不显示文章
- if( intval($site['article_visual'] ?? '1') > 0 && $GLOBALS['theme_info']['support']['article'] != 'notdisplay'){
- $articles = get_article_list($fid);
- foreach ($articles['data'] as $article) {
- if($GLOBALS['global_config']['static_link'] == 1){
- $url = "/{$u}/article/{$article['id']}.html";
- }else{
- $url = "./index.php?c=article&id={$article['id']}&u={$u}";
- }
- if($site['article_icon'] == '1'){ //站点图标
- $icon = $GLOBALS['favicon'];
- }elseif($site['article_icon'] == '2' && !empty($article['cover'])){ //封面
- $icon = $article['cover'];
- }else{ //首字
- $icon = './system/ico.php?text='.mb_strtoupper(mb_substr($article['title'], 0, 1));
- }
- $article_link = ['type'=>'article','id'=>0,'title'=>htmlspecialchars($article['title'],ENT_QUOTES),'url'=>$url,'real_url'=>$url,'description'=> htmlspecialchars($article['summary'],ENT_QUOTES),'ico'=>$icon,'icon'=>$icon];
- //判断靠前还是靠后
- if($site['article_visual'] == '1'){
- array_unshift($links,$article_link);
- }else{
- array_push($links,$article_link);
- }
-
- }
- }
-
-
+
if($max_link && $count > $site['max_link']){
- $oc_url = "./index.php?u={$u}&oc={$fid}" . (empty($_GET['theme']) ? '':"&theme={$_GET['theme']}");
+ $oc_url = static_link ? "{$GLOBALS['HOST']}/category-{$UUID}-{$fid}.html" : "./index.php?u={$u}&oc={$fid}";
array_push($links,['id'=>0,'title'=>'查看全部','url'=>$oc_url,'real_url'=>$oc_url,'description'=>'该分类共有'.$count.'条数据','ico'=>'./favicon.ico']);
}
@@ -284,5 +253,6 @@ if(empty($_GET['share']) && !$site['ex_theme']){
write_user_count(date('Ym'),'index_Ym');
write_user_count(date('Ymd'),'index_Ymd');
count_ip();
+
//载入模板
require($index_path);
\ No newline at end of file
diff --git a/system/public.php b/system/public.php
index 0ee1065..e4276ca 100644
--- a/system/public.php
+++ b/system/public.php
@@ -560,7 +560,7 @@ function ccurl($url,$overtime = 3,$Referer = false,$post_data = false){
return $Res;
}
-function downFile($url, $file = '', $savePath = './data/temp/',$referer = '',$TIMEOUT = 60){
+function downFile($url, $file = '', $savePath = './data/temp/',$referer = '',$TIMEOUT = 60,$post_data = false){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_TIMEOUT, $TIMEOUT); //超时/秒
@@ -570,6 +570,10 @@ function downFile($url, $file = '', $savePath = './data/temp/',$referer = '',$TI
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); //允许重定向(适应网盘下载)
+ if(!empty($post_data)){
+ curl_setopt($ch, CURLOPT_POST, true);
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
+ }
if(!empty($referer)){
curl_setopt($ch, CURLOPT_REFERER, $referer);
}
@@ -579,14 +583,14 @@ function downFile($url, $file = '', $savePath = './data/temp/',$referer = '',$TI
$code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
}
-
if ($code == '200') { //状态码正常
-
if(empty($file)){ //如果文件名为空
$file = date('Ymd_His').'.tmp';
}
$fullName = rtrim($savePath, '/') . '/' . $file;
- return file_put_contents($fullName, $res);
+ return file_put_contents($fullName, $res) > 0;
+ }elseif($code == '202'){
+ return $res;
}else{
return false;
}
@@ -652,6 +656,9 @@ function is_Duplicated($array, $field){
//检查权限(有权限返回true 没有权限时根传递参数1是返回false 2是直接返回错误信息)
function check_purview($name,$return_type){
global $USER_DB;
+ if($USER_DB == null){
+ return true;
+ }
//230705新增,禁止判断默认用户是否可以使用自定义代码
if($USER_DB['UserGroup'] == 'default' && $GLOBALS['global_config']['c_code'] != '1' && ( $name == 'header' || $name == 'footer' )){
return false;
@@ -675,10 +682,11 @@ function check_purview($name,$return_type){
function data_encryption($method,$extend = []){
$subscribe = unserialize(get_db('global_config','v',["k" => "s_subscribe"]));
if(!isset($subscribe['public']) || empty($subscribe['public'])){
- msg(-1,'未检测到授权秘钥,如果已经获取授权,请在授权管理页面点击保存设置后在重试!');
+ msg(-1,'未检测到授权秘钥,如果已经获取授权,请在授权管理页面点击保存设置后在重试!');
}
$data['key'] = $subscribe['order_id'];
$data['host'] = $_SERVER['HTTP_HOST'];
+ $data['sysver'] = SysVer;
$data['time'] = time();
$data['ip'] = Get_IP();
$data['method'] = $method;
@@ -789,4 +797,31 @@ function clean_cache(){
foreach(['home','login','transit','register','guide','article','apply','verify','guestbook'] as $v){
write_global_config($v.'_cache','',$v.'_模板缓存');
}
+}
+
+//取系统版本(日期)
+function get_SysVer(){
+ if(preg_match('/^v.+-(\d{8})$/i',SysVer,$matches)){
+ return $matches[1];
+ }else{
+ return 19990101;
+ }
+}
+
+function get_HOST(){
+ return (((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')) ? 'https://' :'http://').$_SERVER['HTTP_HOST'];
+}
+function get_UUID(){
+ return ($GLOBALS['global_config']['static_link'] == 2 ? UID : U);
+}
+function get_surl($input,$id=''){
+ return get_HOST().'/'.strtr($input, ['{UUID}'=>get_UUID(),'{id}'=>$id]);
+}
+function get_OEM(){
+ $OEM['program_name'] = "TwoNav";
+ return $OEM;
+}
+//返回404
+function Not_Found() {
+ header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;
}
\ No newline at end of file
diff --git a/system/templates.php b/system/templates.php
index 8093f30..8a4bb8f 100644
--- a/system/templates.php
+++ b/system/templates.php
@@ -101,6 +101,19 @@ $theme_config = empty($theme_config_db) ? $theme_config : array_merge ($theme_co
//主题版本
$theme_ver = Debug ? "{$theme_info['version']}.".time() : $theme_info['version'];
+//版权信息
+$copyright = empty($global_config['copyright'])?'Copyright © TwoNav':$global_config['copyright'];
+
+//备案信息
+$ICP = empty($global_config['ICP'])?'':''.$global_config['ICP'].'';
+//访问域名(伪静态用)
+$HOST = get_HOST();
+$OEM = get_OEM();
+//静态链接
+define('static_link',$global_config['static_link'] > 0);
+
+$urls['login'] = static_link ? "$HOST/login":"./?c=login";
+$urls['register'] = static_link ? "$HOST/register":"./?c=register";
if($config_type == 'user'){
//载入站点设置
$site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
@@ -113,17 +126,17 @@ if($config_type == 'user'){
//站点图标
$favicon = ( !empty($site['site_icon_file'])) ? $site['site_icon'] : './favicon.ico';
+ //相关入口
+ $UUID = get_UUID();
+ $urls['home'] = static_link ? "$HOST/{$UUID}.html":"./?u={$u}";
+ $urls['admin'] = static_link ? "$HOST/admin-{$UUID}.html":"./?c=admin&u={$u}";
+ $urls['apply'] = static_link ? "$HOST/apply-{$UUID}.html":"./?c=apply&u={$u}";
+ $urls['guestbook'] = static_link ? "$HOST/guestbook-{$UUID}.html":"./?c=guestbook&u={$u}";
}else{
//站点图标
$favicon = './favicon.ico';
}
-//版权信息
-$copyright = empty($global_config['copyright'])?'Copyright © TwoNav':$global_config['copyright'];
-
-//备案信息
-$ICP = empty($global_config['ICP'])?'':''.$global_config['ICP'].'';
-
//是否启用收录
function is_apply(){
$apply_user = unserialize( get_db("user_config", "v", ["k" => "apply","uid"=>UID]));
@@ -194,6 +207,9 @@ function get_open_category(){
//获取文章列表
function get_article_list($category = 0,$limit = 0){
+ if($GLOBALS['global_config']['article'] < 1){
+ return ['data'=>[],'count'=>0];
+ }
$where['uid'] = UID;
if(!is_login()){
$where['AND']['state'] = 1; //状态筛选
@@ -212,7 +228,8 @@ function get_article_list($category = 0,$limit = 0){
}
//获取文章列表
$datas = select_db('user_article_list','*',$where);
-
+ $host = get_HOST();
+ $uuid = get_UUID();
//查询分类
$categorys = select_db('user_categorys',['cid(id)','name'],['uid'=>UID]);
$categorys = array_column($categorys,'name','id');
@@ -221,10 +238,10 @@ function get_article_list($category = 0,$limit = 0){
$data['category_name'] = $categorys[$data['category']] ?? 'Null';
$data['title'] = htmlspecialchars($data['title'],ENT_QUOTES);
$data['summary'] = htmlspecialchars($data['summary'],ENT_QUOTES);
- if($GLOBALS['global_config']['static_link'] == 1){
- $data['url'] = "/{$GLOBALS['u']}/article/{$data['id']}.html";
+ if(static_link){
+ $data['url'] = "{$host}/article-{$uuid}-{$data['id']}.html";
}else{
- $data['url'] = "./index.php?c=article&id={$data['id']}&u={$GLOBALS['u']}";
+ $data['url'] = "./index.php?c=article&id={$data['id']}&u={$u}";
}
}
return ['data'=>$datas,'count'=>$count];
@@ -232,6 +249,9 @@ function get_article_list($category = 0,$limit = 0){
//根据文章id获取内容
function get_article_content($id){
+ if($GLOBALS['global_config']['article'] < 1){
+ return ['data'=>[],'count'=>0];
+ }
$where['uid'] = UID;
if(!is_login()){
$where['state'] = 1; //状态筛选
@@ -280,7 +300,68 @@ function get_category_list($layer = false){
return $categorys;
}
-//返回404
-function Not_Found() {
- header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;
+function get_links2($fid,$limit = 0) {
+ global $site,$u;
+ $fid_s = select_db('user_categorys',['cid','fid','pid'],['uid'=>UID,'status'=>1]);
+ $fid_s = array_column($fid_s,null,'cid');
+ $where['uid'] = UID;
+ $where['fid'] = intval($fid);
+ $where['status'] = 1;
+ $where['ORDER']['weight'] = 'ASC';
+ $where['ORDER']['lid'] = 'ASC';
+ if($limit > 0){
+ $where['LIMIT'] = [0,$limit];
+ }
+ if(!is_login){
+ $where['property'] = 0;
+ }
+
+ $links = select_db('user_links',['lid(id)','fid','property','title','url(real_url)','url_standby','description','icon','click','pid','extend'],$where);
+ $UUID = ($GLOBALS['global_config']['static_link'] == 2 ? UID : U);
+ foreach ($links as &$link) {
+ $click = false; $lock = false;
+
+ //直连模式,但存在备用链接
+ if ($site['link_model'] == 'direct' && $site['main_link_priority'] != '3' && !empty($link['url_standby'])){
+ $click = true;
+ }
+
+ //未登录,判断是否加密
+ if(!is_login){
+ //链接加密了
+ if(!empty($link['pid'])){
+ $click = true; $lock = true;
+ //父分类加密了 或 祖分类加密了
+ }elseif(!empty($fid_s[$link['fid']]['pid']) || (!empty($fid_s[$link['fid']]['fid']) && !empty($fid_s[$fid_s[$link['fid']]['fid']]['pid'])) ){
+ $click = true; $lock = true;
+ }
+ }
+
+ if($click || $site['link_model'] != 'direct'){
+ $link['url'] = static_link ? "{$GLOBALS['HOST']}/click-{$UUID}-{$link['id']}.html" : "./index.php?c=click&id={$link['id']}&u={$u}";
+ if($lock){
+ $link['real_url'] = $link['url'];
+ }
+ }else{
+ $link['url'] = $link['real_url'];
+ }
+
+ //获取图标链接
+ $link['ico'] = $lock ? $GLOBALS['libs'].'/Other/lock.svg' : geticourl($site['link_icon'],$link);
+ }
+ return $links;
+}
+
+function admin_inlet() {
+ global $USER_DB;
+ $v = unserialize($USER_DB['LoginConfig'])['admin_inlet'];
+ if($v == 'display'){
+ return true;
+ }elseif($v == 'hide'){
+ return false;
+ }elseif($v == 'condition1'){
+ return is_login();
+ }else{
+ return true;
+ }
}
\ No newline at end of file
diff --git a/system/version.txt b/system/version.txt
index 5763c46..ad9d402 100644
--- a/system/version.txt
+++ b/system/version.txt
@@ -1 +1 @@
-v2.0.40-20230917
\ No newline at end of file
+v2.1.01-20231002
\ No newline at end of file
diff --git a/templates/admin/js/home-root.js b/templates/admin/js/home-root.js
index 6d43729..7ef6244 100644
--- a/templates/admin/js/home-root.js
+++ b/templates/admin/js/home-root.js
@@ -3,93 +3,114 @@ layui.use(['layer','miniTab'], function(){
var $ = layui.$;
var miniTab = layui.miniTab;
- //获取最新版本
- let latest_version = $("#new_ver").text();
- //console.log(latest_version);
+ $("#new_ver").append(' 更新系统 ');
+ $("#new_ver").append('');
- //获取当前版本
- let current_version = $("#ver").text();
- //console.log(current_version);
- let pattern = /\d{8}/;
- current_version = pattern.exec(current_version)[0];
- latest_version = pattern.exec(latest_version)[0];
-
- //如果当前版本小于最新版本,则提示更新
- if( current_version < latest_version ) {
- $("#new_ver").append(' 更新系统');
- if($("#layuiminiHomeTabId",parent.document).attr('class') == 'layui-this'){
- $('html,body').animate({scrollTop : $("#msg").offset().top - 20});
- layer.tips("点击此处更新到最新版","#sysup",{tips: [3, "#ff5722"],time: 60*1000,anim: 6});
- layer.msg(' 检测到新版本,请尽快更新 ', {offset: 'b',anim: 6,time: 60*1000});
- }
- //点击更新事件
- $('#sysup').on('click', function(){
- let tip = layer.open({
- title:"系统更新"
- ,content: "1.更新有风险请备份后再更新
2.更新后检查主题是否可更新
3.更新时请勿有其他操作
4.更新时请勿刷新或关闭页面
5.确保所有文件(夹)是可写权限"
- ,btn: ['确定更新', '更新内容', '取消']
- ,yes: function(index, layero){
- let fail = false;
- let up_info = {'code':0};
- let i=0;
- layer.close(tip);
- layer.load(1, {shade:[0.3,'#fff']});//加载层
- let msg_id = layer.msg('正在准备更新,请勿操作.', {icon: 16,time: 1000*300});
- //设置同步模式
- $.ajaxSetup({ async : false });
-
- //获取更新信息
- $.post(get_api("other_upsys"),{"i":0}, function(data, status) {
- up_info = data;
- });
-
- //如果失败
- if(up_info.code != 1){
- layer.closeAll();
- layer.alert(up_info.msg || "错误代码:404",{icon:2,title:'更新失败',anim: 2,shadeClose: false,closeBtn: 0,btn: ['知道了']});
- return;
- }
- //设为异步模式
- $.ajaxSetup({ async : true });
- //开始请求更新
- request_update(); let msg = '';
- function request_update(){
- if( i >= up_info.info.length){
- layer.closeAll();
- layer.alert('更新完毕,请刷新页面!',{icon:1,title:'更新成功',anim: 2,shadeClose: false,closeBtn: 0,btn: ['刷新页面']},function () {parent.location.reload();});
- return;
- }else{
- i++;
- }
- $("#layui-layer"+ msg_id+" .layui-layer-padding").html('[ ' + i + ' / ' + up_info.info.length + ' ] ' + up_info.info[i-1]);
-
- $.post(get_api("other_upsys"),{"i":i}, function(data, status) {
- if (data.code == 1) {
- request_update();
- }else{
- layer.closeAll();
- layer.alert(data.msg || "未知错误,请联系开发者!",{icon:5,title:up_info.info[i-1],anim: 2,shadeClose: false,closeBtn: 0,btn: ['知道了']});
- }
- });
- }
- },btn2: function(index, layero){
- window.open("https://gitee.com/tznb/TwoNav/releases");
- },btn3: function(index, layero){
- return true;
- },cancel: function(){
- return true;
- }
+ // 获取最新信息
+ $.post(get_api('other_services','get_notice'),function(data,status){
+ console.log(data );
+ if(data.code == 200) {
+ $("#new_ver a").text(data.version);
+ $('#notice_link').text('');
+ data.notice.forEach(notice => {
+ $('#notice_link').append(``);
});
- });
- }else{
- $("#new_ver").append(' 更新系统');
- $('#sysup').on('click', function(){
- layer.alert("暂无可用更新,当前为最新版本",{icon:1,title:"更新系统",anim: "slideDown",shadeClose: true,closeBtn: 0,btn: ['知道了']});
- });
- }
+ $('#notice_text').html(data.message);
+ }
+ init_update();
+ $(".update").remove();
+ }).fail(function () {
+ $(".update").remove();
+ layer.msg('请求失败', {icon: 5});
+ });
+
+ function init_update(){
+ //获取最新版本
+ let latest_version = $("#new_ver").text();
-
+ //获取当前版本
+ let current_version = $("#ver").text();
+
+ let pattern = /\d{8}/;
+ current_version = pattern.exec(current_version)[0];
+ latest_version = pattern.exec(latest_version)[0];
+
+ //如果当前版本小于最新版本,则提示更新
+ if( current_version < latest_version ) {
+ $("#sysup").css("color", "red");
+ if($("#layuiminiHomeTabId",parent.document).attr('class') == 'layui-this'){
+ $('html,body').animate({scrollTop : $("#msg").offset().top - 20});
+ layer.tips("点击此处更新到最新版","#sysup",{tips: [3, "#ff5722"],time: 60*1000,anim: 6});
+ layer.msg(' 检测到新版本,请尽快更新 ', {offset: 'b',anim: 6,time: 60*1000});
+ }
+ //点击更新事件
+ $('#sysup').on('click', function(){
+ let tip = layer.open({
+ title:"系统更新"
+ ,content: "1.更新有风险请备份后再更新
2.更新后检查主题是否可更新
3.更新时请勿有其他操作
4.更新时请勿刷新或关闭页面
5.确保所有文件(夹)是可写权限"
+ ,btn: ['确定更新', '更新内容', '取消']
+ ,yes: function(index, layero){
+ let fail = false;
+ let up_info = {'code':0};
+ let i=0;
+ layer.close(tip);
+ layer.load(1, {shade:[0.3,'#fff']});//加载层
+ let msg_id = layer.msg('正在准备更新,请勿操作.', {icon: 16,time: 1000*300});
+ //设置同步模式
+ $.ajaxSetup({ async : false });
+
+ //获取更新信息
+ $.post(get_api("other_upsys"),{"i":0}, function(data, status) {
+ up_info = data;
+ });
+
+ //如果失败
+ if(up_info.code != 1){
+ layer.closeAll();
+ layer.alert(up_info.msg || "错误代码:404",{icon:2,title:'更新失败',anim: 2,shadeClose: false,closeBtn: 0,btn: ['知道了']});
+ return;
+ }
+ //设为异步模式
+ $.ajaxSetup({ async : true });
+ //开始请求更新
+ request_update(); let msg = '';
+ function request_update(){
+ if( i >= up_info.info.length){
+ layer.closeAll();
+ layer.alert('更新完毕,请刷新页面!',{icon:1,title:'更新成功',anim: 2,shadeClose: false,closeBtn: 0,btn: ['刷新页面']},function () {parent.location.reload();});
+ return;
+ }else{
+ i++;
+ }
+ $("#layui-layer"+ msg_id+" .layui-layer-padding").html('[ ' + i + ' / ' + up_info.info.length + ' ] ' + up_info.info[i-1]);
+
+ $.post(get_api("other_upsys"),{"i":i}, function(data, status) {
+ if (data.code == 1) {
+ request_update();
+ }else{
+ layer.closeAll();
+ layer.alert(data.msg || "未知错误,请联系开发者!",{icon:5,title:up_info.info[i-1],anim: 2,shadeClose: false,closeBtn: 0,btn: ['知道了']});
+ }
+ });
+ }
+ },btn2: function(index, layero){
+ window.open("https://gitee.com/tznb/TwoNav/releases");
+ },btn3: function(index, layero){
+ return true;
+ },cancel: function(){
+ return true;
+ }
+ });
+ });
+ }else{
+ $("#sysup").css("color", "rgb(1, 170, 237)");
+ $('#sysup').on('click', function(){
+ layer.alert("暂无可用更新,当前为最新版本",{icon:1,title:"更新系统",anim: "slideDown",shadeClose: true,closeBtn: 0,btn: ['知道了']});
+ });
+ }
+ }
+
//查看更新日志
$('#ver').css({"cursor":"pointer","color":"#01AAED"}); //设置鼠标形状和字体颜色
$('#ver').attr("title","点击查看更新日志");
@@ -99,7 +120,6 @@ layui.use(['layer','miniTab'], function(){
title:"更新日志",
});
});
-
});
function get_api(method,type=null){
diff --git a/templates/admin/js/public.js b/templates/admin/js/public.js
index ace5e07..67eb1d3 100644
--- a/templates/admin/js/public.js
+++ b/templates/admin/js/public.js
@@ -74,7 +74,7 @@ function Get_baseUrl() {
}
function Authorization_Prompt() {
- layer.alert("您正在使用的是免费版,此功能需购买授权才可使用
如果您已购买授权,请在授权管理页面输入并保存
然后在更新系统即可解锁全部功能!")
+ layer.alert("您正在使用的是免费版,此功能需购买授权才可使用
如果您已购买授权,请在授权管理页面输入并保存
然后在更新系统即可解锁全部功能!");
}
//帮助
diff --git a/templates/admin/js/theme.js b/templates/admin/js/theme.js
index 6e9c9b4..91fa699 100644
--- a/templates/admin/js/theme.js
+++ b/templates/admin/js/theme.js
@@ -107,10 +107,10 @@ layui.use(function(){
datas = r.data;
render_data(r);
} else {
- layer.alert("获取数据失败,请重试!",{icon:5,title:'错误',anim: 2,closeBtn: 0,btn: ['刷新页面']},function () {location.reload();});
+ layer.alert("获取数据失败,请重试!",{icon:5,title:'错误',anim: 2,closeBtn: 1,btn: ['刷新页面']},function () {location.reload();});
}
}).fail(function () {
- layer.alert("获取数据异常,请重试!",{icon:5,title:'错误',anim: 2,closeBtn: 0,btn: ['刷新页面']},function () {location.reload();});
+ layer.alert("获取数据异常,请重试!",{icon:5,title:'错误',anim: 2,closeBtn: 1,btn: ['刷新页面']},function () {location.reload();});
});
}
diff --git a/templates/admin/page/SecuritySetting.php b/templates/admin/page/SecuritySetting.php
index e0ca7d9..e72e067 100644
--- a/templates/admin/page/SecuritySetting.php
+++ b/templates/admin/page/SecuritySetting.php
@@ -25,7 +25,17 @@ $LoginConfig['totp_key'] = empty($LoginConfig['totp_key']) ? '0':'1';?>
接口泄漏时可以选择重设登陆入口,更换后请及时保存!
-
+
-
diff --git a/templates/admin/page/expand/article-edit.php b/templates/admin/page/expand/article-edit.php
index 81b1aa6..a3795e3 100644
--- a/templates/admin/page/expand/article-edit.php
+++ b/templates/admin/page/expand/article-edit.php
@@ -1,9 +1,5 @@