renun/TwoNav
1
0
Fork 0
mirror of https://github.com/tznb1/TwoNav.git synced 2025-08-10 08:51:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

v2.0.15-20230422

Browse Source
This commit is contained in:
MI15\Win
2023-04-22 20:37:34 +08:00
parent 87566c39f3
commit ccae67f236
14 changed files with 136 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
index.php
View File

@@ -73,6 +73,7 @@ if(empty($c) || $c == 'index'){
}elseif(in_array($c,['admin','click','api','ico','verify'])){
require "./system/{$c}.php";
}elseif(in_array($c,['apply','guestbook'])){
if($global_config['Maintenance'] != 0){Amsg(-1,'网站正在进行维护,请稍后再试!');}
require "./system/expand/{$c}.php";
}else{
Amsg(-1,'接口错误'.$c);

2
system/Msg.php
View File

@@ -23,6 +23,6 @@ function Amsg($code,$msg){
msg($code,$msg);
}else{
header("content-Type: text/html; charset=utf-8");
exit('<title>错误</title><font color="red">错误代码:'.$code.'<br />错误信息:'.$msg.'</font>');
exit('<title>错误</title><font color="red">代码:'.$code.'<br />信息:'.$msg.'</font>');
}
}

26
system/Register.php
View File

@@ -1,4 +1,5 @@
<?php if(!defined('DIR')||$global_config['RegOption']=='0'){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
if($global_config['Maintenance'] != 0){Amsg(-1,'网站正在进行维护,请稍后再试!');}
//注册入口
$global_templates = unserialize(get_db("global_config",'v', ["k" => "s_templates"]));
//如果是Get请求则载入登录模板
@@ -14,7 +15,7 @@ if($_SERVER['REQUEST_METHOD'] === 'GET'){
$global_templates['register'] = 'default';
update_db("global_config", ["v" => $global_templates], ["k"=>"s_templates"]);
}
$copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/twonav">Copyright © TwoNav</a>':$global_config['copyright'];
$copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/TwoNav">Copyright © TwoNav</a>':$global_config['copyright'];
$ICP = empty($global_config['ICP'])?'':'<a target="_blank" href="https://beian.miit.gov.cn">'.$global_config['ICP'].'</a>';
$reg_tips = get_db('global_config','v',['k'=>'reg_tips']);
require $t_path;
@@ -55,17 +56,18 @@ if(!preg_match('/^[A-Za-z0-9]{4,13}$/', $user)){
msg(-1,'邮箱长度超限');
}elseif(strlen($pass)!=32){
msg(-1,'POST提交的密码异常≠32!');
}elseif(preg_match("/(class|controller|data|favicon|initial|static|templates|index|root|admin|cache|upload)/i",$user) ) {
msg(-1,'禁止注册保留用户名!');
}elseif(preg_match("/^(system|data|static|templates|index|root|admin)$/i",$user) ) {
msg(-1,'改用户名已被系统保留!');
}elseif(!empty(get_db('global_user','ID',['User'=>$user ]))){
msg(-1,'该账号已被注册!');
}elseif(!empty(get_db('global_user','ID',['Email'=>$Email ]))){
msg(-1,'该邮箱已被使用!');
}elseif(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$Email)){
msg(-1,'邮箱错误!');
}elseif(username_retain_verify($user)){
msg(-1,'该账号已被站长保留!');
}
//插入用户表和创建初始数据库
$RegTime = time();
$PassMD5 = Get_MD5_Password($pass,$RegTime);
@@ -182,6 +184,22 @@ $category_id = intval(max_db('user_categorys','cid',['uid'=>$USER_DB['ID']])) +1
insert_db("user_config", ["uid"=>$USER_DB['ID'],"k"=>"category_id","v"=>$category_id,"t"=>"max_id","d"=>'分类ID']);
insert_db("user_config", ["uid"=>$USER_DB['ID'],"k"=>"pwd_group_id","v"=>1,"t"=>"max_id","d"=>'加密组ID']);
//账号保留
function username_retain_verify($username){
$list = get_db("global_config", "v", ["k" => "username_retain"]);
if(empty($list)){
return false;
}
$patterns = explode("\n", $list);
foreach($patterns as $pattern){
if (preg_match($pattern, $username)) {
return true;
}
}
return false;
}
//返回注册成功
msg(1,'注册成功');

2
system/admin.php
View File

@@ -1,4 +1,4 @@
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}AccessControl();
//获取请求参数
$page = trim($_GET['page']);

2
system/api.php
View File

@@ -2,7 +2,7 @@
//允许跨域访问
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Headers: Access-Control-Allow-Private-Network,Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid");
AccessControl();
//鉴权验证 Cookie验证通过,验证二级密码,Cookie验证失败时尝试验证token
//获取请求方法

16
system/api_root.php
View File

@@ -634,6 +634,22 @@ function other_root(){
msg(1,'已释放 '.byteFormat($size).' 缓存');
}elseif($_GET['type'] == 'import_data'){
require DIR .'/system/UseFew/root_import_data.php';
}elseif($_GET['type'] == 'read_username_retain'){
$data = get_db("global_config", "v", ["k" => "username_retain"]);
msgA(['code'=>1,'msg'=>'获取成功','data'=>$data]);
}elseif($_GET['type'] == 'write_username_retain'){
//遍历检测语法
$patterns = explode("\n",$_POST['username_retain']);
foreach($patterns as $pattern){
if (@preg_match($pattern, '') === false) {
msg(-1,'正则表达式语法错误,请检查');
}
}
if(!is_subscribe('bool')){
msg(-1,'未检测到有效授权');
}
write_global_config('username_retain',$_POST['username_retain'],'账号保留');
msg(1,'保存成功');
}
}

4
system/click.php
View File

@@ -1,4 +1,4 @@
<?php if(!defined('DIR')){Not_Found();}
<?php if(!defined('DIR')){Not_Found();}AccessControl();
//负责过渡页/跳转/隐私保护/密码访问
$id = intval($_GET['id']);
@@ -18,7 +18,7 @@ if(empty($link)){Not_Found();}
$site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
$site['Title'] = $site['title'].(empty($site['subtitle'])?'':' - '.$site['subtitle']);
//免费用户请保留版权,谢谢!
$copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/twonav">Copyright © TwoNav</a>':$global_config['copyright'];
$copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/TwoNav">Copyright © TwoNav</a>':$global_config['copyright'];
$ICP = empty($global_config['ICP'])?'':'<a target="_blank" href="https://beian.miit.gov.cn">'.$global_config['ICP'].'</a>';
$favicon = ( !empty($site['site_icon_file'])) ? $site['site_icon'] : './favicon.ico';

4
system/index.php
View File

@@ -1,4 +1,4 @@
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}AccessControl();
//主页入口
define('is_login',is_login());
@@ -12,7 +12,7 @@ if(!is_login && ($global_config['Privacy'] == 1 || !check_purview('Common_home',
$site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
$site['Title'] = $site['title'].(empty($site['subtitle'])?'':' - '.$site['subtitle']);
//免费用户请保留版权,谢谢!
$copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/twonav">Copyright © TwoNav</a>':$global_config['copyright'];
$copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/TwoNav">Copyright © TwoNav</a>':$global_config['copyright'];
$ICP = empty($global_config['ICP'])?'':'<a target="_blank" href="https://beian.miit.gov.cn">'.$global_config['ICP'].'</a>';
$favicon = ( !empty($site['site_icon_file'])) ? $site['site_icon'] : './favicon.ico';
//读取默认模板信息

2
system/login.php
View File

@@ -5,7 +5,7 @@ require "./system/templates.php";
if($_SERVER['REQUEST_METHOD'] === 'GET'){
require DIR ."/system/templates.php";
$t_path = DIR ."/templates/login/{$s_templates['login']}/index.php"; //模板路径
$copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/twonav">Copyright © TwoNav</a>':$global_config['copyright'];
$copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/TwoNav">Copyright © TwoNav</a>':$global_config['copyright'];
$ICP = empty($global_config['ICP'])?'':'<a target="_blank" href="https://beian.miit.gov.cn">'.$global_config['ICP'].'</a>';
//检查是否存在,不存在则使用默认
if(!is_file($t_path)){

2
system/version.txt
View File

@@ -1 +1 @@
v2.0.14-20230420
v2.0.15-20230422

8
templates/admin/page/expand/guestbook-admin.php
View File

@@ -113,7 +113,7 @@ $title='留言管理';require dirname(__DIR__).'/header.php';
<?php foreach ( $data as $value ) { ?>
<div class="layui-colla-item">
<h2 class="layui-colla-title"><?php echo $value['id'] .'.&nbsp;[&nbsp;'. $value['type'] .'&nbsp;]&nbsp;[&nbsp;'. $value['title'].'&nbsp;]'; ?>&emsp;
<a style="cursor:pointer;" rel = "nofollow" onclick = "del('<?php echo $value['file'] ?>')">删除</a>
<a class="click" style="cursor:pointer;" rel = "nofollow" onclick = "del('<?php echo $value['file'] ?>')">删除</a> &emsp;
</h2>
<div class="layui-colla-content <?php if( $value['id'] <= $show ){echo 'layui-show';} ?>">
<p><?php echo '提交时间: '. $value['time'] .'<br />终端地址: '. $value['ip'] .'<br />联系方式: '. $value['contact'] .'<br /> <br />'. str_replace("\n","<br />",str_replace(" ","&nbsp;",$value['content'])) ; ?></p>
@@ -134,6 +134,11 @@ layui.use(['layer','element'], function(){
var layer = layui.layer;
});
$('.click').click(function (event) {
event.preventDefault();
return false;
});
function del(name) {
$.post('',{'type':'del','name':name},function(data,status){
if(data.code == 1) {
@@ -154,6 +159,7 @@ function set(key){
}
});
}
</script>
</body>
</html>

4
templates/admin/page/expand/guestbook-user.php
View File

@@ -22,7 +22,7 @@
<div class="layui-container">
<div class="layui-col-lg10 ">
<form class="layui-form">
<fieldset class="layui-elem-field layui-field-title " style="margin-top: 30px;"><legend><a href="https://gitee.com/tznb/OneNav" target="_blank" rel="nofollow">TwoNav</a> 极简留言板</legend></fieldset>
<fieldset class="layui-elem-field layui-field-title " style="margin-top: 30px;"><legend><a href="https://gitee.com/tznb/TwoNav" target="_blank" rel="nofollow">TwoNav</a> 极简留言板</legend></fieldset>
<div class="layui-form-item">
<label class="layui-form-label">反馈类型</label>
<div class="layui-input-inline">
@@ -59,7 +59,7 @@
</div>
</form>
<fieldset class="layui-elem-field layui-field-title" style="margin-top: 30px;">
<legend>Powered by <a href="https://gitee.com/tznb/OneNav" target="_blank" rel="nofollow">lm21</a></legend>
<legend>Powered by <a href="https://gitee.com/tznb/TwoNav" target="_blank" rel="nofollow">lm21</a></legend>
<!--非订阅用户请勿去除版权,谢谢-->
</fieldset>
</div>

71
templates/admin/page/root/user_control.php
View File

@@ -35,8 +35,9 @@ $user_groups = select_db('user_group',['id','code','name'],'');
<script type="text/html" id="user_tool">
<div class="layui-btn-group">
<button class="layui-btn layui-btn-sm layui-btn-danger" lay-event="Del">删除</button>
<button class="layui-btn layui-btn-sm " lay-event="register" <?php echo $global_config['RegOption'] == 0? 'style = "display:none;"':'' ?> >注册账号</button>
<button class="layui-btn layui-btn-sm " lay-event="set_UserGroup" >设用户组</button>
<button class="layui-btn layui-btn-sm" lay-event="register" <?php echo $global_config['RegOption'] == 0? 'style = "display:none;"':'' ?> >注册账号</button>
<button class="layui-btn layui-btn-sm" lay-event="set_UserGroup">设用户组</button>
<button class="layui-btn layui-btn-sm" lay-event="username_retain">账号保留</button>
</div>
</script>
<!-- 操作列 -->
@@ -122,6 +123,17 @@ layui.use(['table','layer','form'], function () {
if (event == 'register') {
window.open('./index.php?c=<?php echo $global_config['Register'];?>');
return;
}else if(event == 'username_retain'){
index = layer.open({type: 1,scrollbar: false,shadeClose: true,title: '账号保留',area : ['100%', '100%'],content: $('.username_retain')});
$.post(get_api('other_root','read_username_retain'),function(data,status){
if(data.code == 1) {
form.val('username_retain', {"username_retain": data.data});
}else{
layer.msg(data.msg, {icon: 5});
}
});
return;
}
var checkStatus = table.checkStatus(obj.config.id);
@@ -206,6 +218,20 @@ layui.use(['table','layer','form'], function () {
});
return false;
});
//保存账号保留
form.on('submit(save_username_retain)', function (data) {
$.post(get_api('other_root','write_username_retain'),data.field,function(data,status){
if(data.code == 1) {
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
return false;
});
});
</script>
<ul class="set_UserGroup" style = "margin-top:18px;display:none;padding-right: 10px;" >
@@ -225,8 +251,47 @@ layui.use(['table','layer','form'], function () {
<div class="layui-form-item">
<div class="layui-input-block">
<button class="layui-btn layui-btn-normal" lay-submit lay-filter="save_UserGroup" id ='save_UserGroup'>保存</button>
<button class="layui-btn layui-btn-warm" type="button" id="close" >关闭</button>
<button class="layui-btn layui-btn-normal" lay-submit lay-filter="save_UserGroup" id ='save_UserGroup'>保存</button>
</div>
</div>
</form>
</ul>
<ul class="username_retain" style="margin-left: 10px;padding-right: 10px;margin-top:18px;display:none;" >
<form class="layui-form layuimini-form layui-form-pane" lay-filter="username_retain">
<div class="layui-form-item layui-form-text">
<label class="layui-form-label required">账号保留 - 正则表达式匹配</label>
<div class="layui-input-block">
<textarea name="username_retain" class="layui-textarea"></textarea>
</div>
</div>
<pre class="layui-code" >
使用举例:
/^(root|data)$/ 匹配用户等于root或data 区分大小写!
/^(root|data)$/i 匹配用户等于root或data 不区分大小写!
/root|data/ 匹配用户含有root或data 区分大小写!
/root|data/i 匹配用户含有root或data 不区分大小写!
/^admin.+/ 匹配admin开头的任意用账号,但不匹配admin
/^admin.*/ 同上,但匹配admin本身
支持多行,一行一条规则!
举例中的表达式解释:
^ 匹配开头位置
$ 匹配结尾位置
| 或者
. 匹配换行符以外的任何字符
+ 匹配前一个字符一次或多次
* 匹配前一个字符零次或多次
更多语法请自行百度
注:错误的规则可能会造成程序异常,如需帮助请联系技术支持QQ:271152681或技术交流群695720839
</pre>
<div class="layui-form-item">
<div class="layui-input-block">
<button class="layui-btn layui-btn-warm" type="button" id="close" >关闭</button>
<button class="layui-btn layui-btn-normal" lay-submit lay-filter="save_username_retain" id ='save_username_retain'>保存</button>
</div>
</div>
</form>

11
templates/admin/page/updatelog.php
View File

@@ -2,6 +2,17 @@
<body>
<div class="layuimini-container">
<div class="layuimini-main" style=" margin-left: 20px;">
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.0.15-20230422</h4>
<ul>
<li>修复默认版权链接错误的问题</li>
<li>修复维护模式未起作用</li>
<li>网站管理>用户管理>新增账号保留,方便公开注册的站长保留一些账号</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">