v2.0.15-20230422

2025-08-10 08:51:49 +00:00 · 2023-04-22 20:37:34 +08:00
parent 87566c39f3
commit ccae67f236
14 changed files with 136 additions and 19 deletions
--- a/system/Msg.php
+++ b/system/Msg.php
@@ -23,6 +23,6 @@ function Amsg($code,$msg){
        msg($code,$msg);
    }else{
        header("content-Type: text/html; charset=utf-8");
-        exit('<title>错误</title><font color="red">错误代码:'.$code.'<br />错误信息:'.$msg.'</font>');
+        exit('<title>错误</title><font color="red">代码:'.$code.'<br />信息:'.$msg.'</font>');
    }
 }
--- a/system/Register.php
+++ b/system/Register.php
@@ -1,4 +1,5 @@
 <?php if(!defined('DIR')||$global_config['RegOption']=='0'){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
+if($global_config['Maintenance'] != 0){Amsg(-1,'网站正在进行维护,请稍后再试!');}
 //注册入口
 $global_templates = unserialize(get_db("global_config",'v', ["k" => "s_templates"]));
 //如果是Get请求则载入登录模板
@@ -14,7 +15,7 @@ if($_SERVER['REQUEST_METHOD'] === 'GET'){
        $global_templates['register'] = 'default';
        update_db("global_config", ["v" => $global_templates], ["k"=>"s_templates"]);
    }
-    $copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/twonav">Copyright © TwoNav</a>':$global_config['copyright'];
+    $copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/TwoNav">Copyright © TwoNav</a>':$global_config['copyright'];
    $ICP = empty($global_config['ICP'])?'':'<a target="_blank" href="https://beian.miit.gov.cn">'.$global_config['ICP'].'</a>';
    $reg_tips = get_db('global_config','v',['k'=>'reg_tips']);
    require $t_path;
@@ -55,17 +56,18 @@ if(!preg_match('/^[A-Za-z0-9]{4,13}$/', $user)){
    msg(-1,'邮箱长度超限');
 }elseif(strlen($pass)!=32){
    msg(-1,'POST提交的密码异常≠32!');
-}elseif(preg_match("/(class|controller|data|favicon|initial|static|templates|index|root|admin|cache|upload)/i",$user) ) {
-    msg(-1,'禁止注册保留用户名!');
+}elseif(preg_match("/^(system|data|static|templates|index|root|admin)$/i",$user) ) {
+    msg(-1,'改用户名已被系统保留!');
 }elseif(!empty(get_db('global_user','ID',['User'=>$user ]))){
    msg(-1,'该账号已被注册!');
 }elseif(!empty(get_db('global_user','ID',['Email'=>$Email ]))){
    msg(-1,'该邮箱已被使用!');
 }elseif(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$Email)){
    msg(-1,'邮箱错误!');
+}elseif(username_retain_verify($user)){
+    msg(-1,'该账号已被站长保留!');
 }

-
 //插入用户表和创建初始数据库
 $RegTime = time();
 $PassMD5 = Get_MD5_Password($pass,$RegTime);
@@ -182,6 +184,22 @@ $category_id = intval(max_db('user_categorys','cid',['uid'=>$USER_DB['ID']])) +1
 insert_db("user_config", ["uid"=>$USER_DB['ID'],"k"=>"category_id","v"=>$category_id,"t"=>"max_id","d"=>'分类ID']);
 insert_db("user_config", ["uid"=>$USER_DB['ID'],"k"=>"pwd_group_id","v"=>1,"t"=>"max_id","d"=>'加密组ID']);

+
+//账号保留
+function username_retain_verify($username){
+    $list = get_db("global_config", "v", ["k" => "username_retain"]);
+    if(empty($list)){
+        return false;
+    }
+    $patterns = explode("\n", $list);
+    foreach($patterns as $pattern){
+        if (preg_match($pattern, $username)) {
+            return true;
+        }
+    }
+    return false;
+}
+
 //返回注册成功
 msg(1,'注册成功');

--- a/system/admin.php
+++ b/system/admin.php
@@ -1,4 +1,4 @@
-<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
+<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}AccessControl();

 //获取请求参数
 $page = trim($_GET['page']);
--- a/system/api.php
+++ b/system/api.php
@@ -2,7 +2,7 @@
 //允许跨域访问
 header("Access-Control-Allow-Origin: *"); 
 header("Access-Control-Allow-Headers: Access-Control-Allow-Private-Network,Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid");
-
+AccessControl();
 //鉴权验证 Cookie验证通过,验证二级密码,Cookie验证失败时尝试验证token

 //获取请求方法
--- a/system/api_root.php
+++ b/system/api_root.php
@@ -634,6 +634,22 @@ function other_root(){
        msg(1,'已释放 '.byteFormat($size).' 缓存');
    }elseif($_GET['type'] == 'import_data'){
        require DIR .'/system/UseFew/root_import_data.php';
+    }elseif($_GET['type'] == 'read_username_retain'){
+        $data = get_db("global_config", "v", ["k" => "username_retain"]);
+        msgA(['code'=>1,'msg'=>'获取成功','data'=>$data]);
+    }elseif($_GET['type'] == 'write_username_retain'){
+        //遍历检测语法
+        $patterns = explode("\n",$_POST['username_retain']);
+        foreach($patterns as $pattern){
+            if (@preg_match($pattern, '') === false) {
+                msg(-1,'正则表达式语法错误,请检查');
+            }
+        }
+        if(!is_subscribe('bool')){
+            msg(-1,'未检测到有效授权');
+        }
+        write_global_config('username_retain',$_POST['username_retain'],'账号保留');
+        msg(1,'保存成功');
    }
    
 }
--- a/system/click.php
+++ b/system/click.php
@@ -1,4 +1,4 @@
-<?php if(!defined('DIR')){Not_Found();}
+<?php if(!defined('DIR')){Not_Found();}AccessControl();
 //负责过渡页/跳转/隐私保护/密码访问
 $id = intval($_GET['id']);

@@ -18,7 +18,7 @@ if(empty($link)){Not_Found();}
 $site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
 $site['Title']  =  $site['title'].(empty($site['subtitle'])?'':' - '.$site['subtitle']);
 //免费用户请保留版权,谢谢!
-$copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/twonav">Copyright © TwoNav</a>':$global_config['copyright'];
+$copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/TwoNav">Copyright © TwoNav</a>':$global_config['copyright'];
 $ICP = empty($global_config['ICP'])?'':'<a target="_blank" href="https://beian.miit.gov.cn">'.$global_config['ICP'].'</a>';
 $favicon = ( !empty($site['site_icon_file'])) ? $site['site_icon'] : './favicon.ico';

--- a/system/index.php
+++ b/system/index.php
@@ -1,4 +1,4 @@
-<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
+<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}AccessControl();
 //主页入口
 define('is_login',is_login());

@@ -12,7 +12,7 @@ if(!is_login && ($global_config['Privacy'] == 1 || !check_purview('Common_home',
 $site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
 $site['Title']  =  $site['title'].(empty($site['subtitle'])?'':' - '.$site['subtitle']);
 //免费用户请保留版权,谢谢!
-$copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/twonav">Copyright © TwoNav</a>':$global_config['copyright'];
+$copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/TwoNav">Copyright © TwoNav</a>':$global_config['copyright'];
 $ICP = empty($global_config['ICP'])?'':'<a target="_blank" href="https://beian.miit.gov.cn">'.$global_config['ICP'].'</a>';
 $favicon = ( !empty($site['site_icon_file'])) ? $site['site_icon'] : './favicon.ico';
 //读取默认模板信息
--- a/system/login.php
+++ b/system/login.php
@@ -5,7 +5,7 @@ require "./system/templates.php";
 if($_SERVER['REQUEST_METHOD'] === 'GET'){
    require DIR ."/system/templates.php";
    $t_path = DIR ."/templates/login/{$s_templates['login']}/index.php"; //模板路径
-    $copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/twonav">Copyright © TwoNav</a>':$global_config['copyright'];
+    $copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/TwoNav">Copyright © TwoNav</a>':$global_config['copyright'];
    $ICP = empty($global_config['ICP'])?'':'<a target="_blank" href="https://beian.miit.gov.cn">'.$global_config['ICP'].'</a>';
    //检查是否存在,不存在则使用默认
    if(!is_file($t_path)){
--- a/system/version.txt
+++ b/system/version.txt
@@ -1 +1 @@
-v2.0.14-20230420
+v2.0.15-20230422