v2.0.33-20230802

2025-08-10 08:51:49 +00:00 · 2023-08-02 15:57:19 +08:00
parent 1d379543f5
commit cec87b24f2
27 changed files with 859 additions and 532 deletions
--- a/system/MySQL/20230723.php
+++ b/system/MySQL/20230723.php
@@ -1,13 +1,5 @@
 <?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
 $sql =<<<EOF
-CREATE TABLE IF NOT EXISTS `user_article_categorys` (
-  `id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT,
-  `uid` varchar(32) NOT NULL COMMENT '用户id',
-  `name` varchar(64) NOT NULL COMMENT '名称',
-  `weight` int(11) NOT NULL DEFAULT '0' COMMENT '权重',
-  `add_time` int(10) UNSIGNED NOT NULL COMMENT '创建时间',
-  PRIMARY KEY (`id`)
-) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4;

 CREATE TABLE IF NOT EXISTS `user_article_list` (
  `id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT,
--- a/system/MySQL/install.sql
+++ b/system/MySQL/install.sql
@@ -280,15 +280,6 @@ CREATE TABLE IF NOT EXISTS `global_icon` (
  PRIMARY KEY (`id`)
 ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4;

-- 用户文章分类
-CREATE TABLE IF NOT EXISTS `user_article_categorys` (
-  `id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT,
-  `uid` varchar(32) NOT NULL COMMENT '用户id',
-  `name` varchar(64) NOT NULL COMMENT '名称',
-  `weight` int(11) NOT NULL DEFAULT '0' COMMENT '权重',
-  `add_time` int(10) UNSIGNED NOT NULL COMMENT '创建时间',
-  PRIMARY KEY (`id`)
-) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4;

 -- 用户文章列表
 CREATE TABLE IF NOT EXISTS `user_article_list` (
--- a/system/SQLite/20230723.php
+++ b/system/SQLite/20230723.php
@@ -1,14 +1,5 @@
 <?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
 $sql =<<<EOF
-CREATE TABLE IF NOT EXISTS "user_article_categorys" (
-  "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
-  "uid" integer(10) NOT NULL,
-  "name" text NOT NULL DEFAULT "",
-  "weight" integer NOT NULL,
-  "add_time" integer(10) NOT NULL,
-  CONSTRAINT "id" UNIQUE ("id" ASC)
-);
-
 CREATE TABLE "user_article_list" (
  "id" integer PRIMARY KEY AUTOINCREMENT,
  "uid" integer(10) NOT NULL,
--- a/system/SQLite/install.sql
+++ b/system/SQLite/install.sql
@@ -245,15 +245,7 @@ CREATE TABLE IF NOT EXISTS "global_icon" (
  "extend" text NOT NULL DEFAULT "",
  CONSTRAINT "id" UNIQUE ("id" ASC)
 );
-- 用户文章分类
-CREATE TABLE IF NOT EXISTS "user_article_categorys" (
-  "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
-  "uid" integer(10) NOT NULL,
-  "name" text NOT NULL DEFAULT "",
-  "weight" integer NOT NULL,
-  "add_time" integer(10) NOT NULL,
-  CONSTRAINT "id" UNIQUE ("id" ASC)
-);
+
 -- 用户文章列表
 CREATE TABLE "user_article_list" (
  "id" integer PRIMARY KEY AUTOINCREMENT,
--- a/system/admin.php
+++ b/system/admin.php
@@ -64,7 +64,7 @@ if($page == 'config_home'){
    $theme_config = empty($theme_config['config']) ? []:$theme_config['config'];
    
    //读取用户主题配置
-    if(!in_array($_GET['fn'],['home','login','register','transit','guide'])){
+    if(!in_array($_GET['fn'],['home','login','register','transit','guide','article'])){
        msg(-1,"参数错误");
    }
    $theme_config_db = get_db('user_config','v',['t'=>'theme_'.$_GET['fn'],'k'=>$theme,'uid'=>UID]);
--- a/system/api.php
+++ b/system/api.php
@@ -4,52 +4,48 @@ header("Access-Control-Allow-Origin: *");
 header("Access-Control-Allow-Headers: Access-Control-Allow-Private-Network,Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid");
 AccessControl();
 //鉴权验证 Cookie验证通过,验证二级密码,Cookie验证失败时尝试验证token
-
 if(!empty(trim($_REQUEST['token']))){ $_COOKIE = []; } //兼容浏览器插件,避免干扰

 //获取请求方法
 $method = htmlspecialchars(trim($_GET['method']),ENT_QUOTES); 
 $LoginConfig = unserialize($USER_DB['LoginConfig']);
+$api_model = $LoginConfig['api_model']; //API模式
+
 if(!is_login()){
-    //没登录,根据API模式来限制
-    $api_model = $LoginConfig['api_model']; //API模式
-    $token = trim($_REQUEST['token']); //尝试获取令牌
-    
-    if( empty($USER_DB['Token']) && $api_model != 'compatible+open' ){
-        Amsg(-1,'未设置token'); 
+    //没登录,尝试验证token
+    if( empty($USER_DB['Token']) ){
+        msg(-1,'鉴权失败:未登录且未设置token'); 
    }
+    //获取请求token
+    $token = trim($_REQUEST['token']);
    if(empty($token)){
-        if($api_model != 'compatible+open'){
-            Amsg(-1,'非开放模式,token不能为空!'); 
-        }
-        if(in_array($method,['link_list','get_a_link','q_category_link','category_list','get_a_category','check_login','app_info'])){
-            define('Access_Type','open'); //数据访问类型:仅开放
-            require 'api_compatible.php';
-            exit;
-        }else{
-            Amsg(-1,'token为空时不允许访问此接口');
-        }
+        msg(-1,'鉴权失败:未登录且请求未携带token'); 
    }else{
        if($token === $USER_DB['Token']){
-            define('Access_Type','all');
+            //验证通过
        }else{
-            Amsg(-1,'token验证失败'); 
+            msg(-1,'鉴权失败:未登录且token错误'); 
        }
    }
-    if($api_model === 'compatible' || $api_model ==='compatible+open'){
-        require 'api_compatible.php';
-    }
 //Cookie登录验证OK,验证二级密码
 }elseif(Check_Password2($LoginConfig)){
    // Cookie 二级密码验证成功(未设置时也认为成功)
 }else{
    msg(-1,'请先验证二级密码!');
 }
-//是否加载扩展API
+
+//扩展API
 if($global_config['api_extend'] == 1 && is_file('./system/api_extend.php')){
    require './system/api_extend.php';
 }

+//兼容API
+$compatible_list = ['add_link','edit_link','del_link','link_list','get_a_link','q_category_link','category_list','get_a_category','add_category','edit_category','app_info','check_login','global_search'];
+if(in_array($api_model,['compatible','compatible+open']) && in_array($method,$compatible_list)){
+    require 'api_compatible.php';
+    exit;
+}
+
 //站长相关方法名
 $root = ['write_subscribe','write_sys_settings','write_default_settings','read_user_list','write_user_info','read_purview_list','read_users_list','write_users','read_regcode_list','write_regcode','other_upsys','read_log','other_root'];
 if(in_array($method,$root)){
@@ -63,9 +59,7 @@ if(in_array($method,$root)){
 if ( preg_match("/^read_|^write_|^other_/",$method) && function_exists($method) ) {
    $method();
 }else{
-    if($api_model == 'security'){
-        Amsg(-1,'方法未找到 >> '.$method);
-    }
+    Amsg(-1,'方法未找到 >> '.$method);
 }

 //读分类列表
@@ -661,7 +655,7 @@ function write_link(){
            unset($data['keywords']);
        }
        //更新数据
-        update_db('user_links',$data,['uid'=>UID,'lid'=>intval($_POST['lid']) ]);
+        update_db('user_links',$data,['uid'=>UID,'lid'=>$lid ]);
        msgA(['code'=>1,'msg'=>'修改成功','icon' => $icon]);
    //删除
    }elseif($_GET['type'] === 'del'){
@@ -953,7 +947,7 @@ function write_security_setting(){
        'HttpOnly'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'HttpOnly参数错误'],
        'KeySecurity'=>['int'=>true,'min'=>0,'max'=>2,'msg'=>'Key安全参数错误'],
        'KeyClear'=>['int'=>true,'min'=>1,'max'=>60,'msg'=>'Key清理参数错误'],
-        'api_model'=>['v'=>['security','compatible','compatible+open'],'msg'=>'API模式参数错误'],
+        'api_model'=>['v'=>['security','compatible'],'msg'=>'API模式参数错误'],
        'login_page'=>['v'=>['admin','index','auto'],'msg'=>'登录成功参数错误'],
        'Password2'=>['empty'=>true]
        ];
--- a/system/api_article.php
+++ b/system/api_article.php
@@ -23,7 +23,7 @@ function uploadImage(){
    
    //取后缀并判断是否支持
    $suffix = strtolower(end(explode('.',$_FILES["file"]["name"])));
-    if(!preg_match('/^(jpg|png|gif|bmp|jpeg|svg)$/',$suffix)){
+    if(!preg_match('/^(jpg|png|gif|bmp|jpeg|svg|webp)$/',$suffix)){
        @unlink($_FILES["file"]["tmp_name"]);
        msgA(['errno'=>-1,'message'=>'文件格式不被支持']);
    }
@@ -46,7 +46,26 @@ function uploadImage(){
        msgA(['errno'=>0,'data'=>['url'=>"./data/user/{$u}/upload/{$ym}/$tmp_name",'alt'=>$_FILES["file"]["name"],'href'=>''],'message'=>'上传成功']);
    }
 }
-
+//删除图片
+function deleteImage(){
+    global $u;
+    if(empty($_POST['path'])){
+        msg(-1,'请求参数错误');
+    }
+    $path = $_POST['path'];
+    $pattern = "/^\.\/data\/user\/{$u}\/upload\/\d{6}\/AI_[A-Za-z0-9_]+\.(jpg|png|gif|bmp|jpeg|svg|webp)$/i";
+    if(preg_match($pattern,$path) && is_file($path)){
+        @unlink($path);
+    }else{
+        msg(-1,'请求参数错误');
+    }
+    //需考虑编辑文章删除封面时未点击保存的情况
+    if(is_file($path)){
+        msg(-1,'删除失败');
+    }else{
+        msg(1,'删除成功');
+    }
+}
 //上传视频
 function uploadVideo(){
    msgA(['errno'=>-1,'message'=>'未开放']);
@@ -107,25 +126,26 @@ function article_list(){
    $limit  = empty(intval($_REQUEST['limit'])) ? 50 : intval($_REQUEST['limit']);
    $offset = ($page - 1) * $limit; //起始行号
    $where['LIMIT'] = [$offset,$limit];
-    $where['ORDER']['weight'] = 'ASC';
-    
-    $datas = select_db('user_article_list',['id','title','category','category_name','state','password','top','add_time','up_time','browse_count','summary'],$where);

-    $categorys = select_db('user_article_categorys',['id','name'],['uid'=>UID]);
-    
-    foreach (select_db('user_article_categorys',['id','name'],['uid'=>UID]) as $data) {
-        $categorys[$data['id']] = $data['name'];
-    }
-    
+    $datas = select_db('user_article_list',['id','title','category','state','password','top','add_time','up_time','browse_count','summary','cover'],$where);
+
+    //查询分类
+    $categorys = select_db('user_categorys',['cid(id)','name'],['uid'=>UID]);
+    $categorys = array_column($categorys,'name','id');
+    //为文章添加分类名称
    foreach ($datas as &$data) {
-        $data['category_name'] = $categorys[$data['category']];
+        $data['category_name'] = $categorys[$data['category']] ?? 'Null';
    }
    msgA(['code'=>1,'count'=>$count,'data'=>$datas]);
 }

 //保存文章
 function save_article(){
-    check_category($_POST['category']);$time = time();
+    if(empty($_POST['category']) || !has_db('user_categorys',['uid'=>UID,'cid'=>$_POST['category']])){
+        msg(-1,'分类不存在');
+    }
+    $time = time();
+    //id为空,添加文章
    if(empty($_POST['id'])){
        insert_db('user_article_list',[
            'uid'=>UID,
@@ -139,9 +159,10 @@ function save_article(){
            'browse_count'=>0,
            'summary'=>$_POST['summary'],
            'content'=>$_POST['content'],
-            'cover'=>'',
+            'cover'=>$_POST['cover_url'],
            'extend'=>''
-            ],[1,'保存成功']);
+        ],[1,'保存成功']);
+    //存在id,更新文章数据
    }else{
        if(!has_db('user_article_list',['uid'=>UID,'id'=>$_POST['id']])){
            msg(-1,'文章id错误');
@@ -153,7 +174,8 @@ function save_article(){
            'up_time'=>$time,
            'summary'=>$_POST['summary'],
            'content'=>$_POST['content'],
-            ],['uid'=>UID,'id'=>$_POST['id']],[1,'保存成功']);
+            'cover'=>$_POST['cover_url']
+        ],['uid'=>UID,'id'=>$_POST['id']],[1,'保存成功']);
    }
    

@@ -161,50 +183,40 @@ function save_article(){
 //删除文章
 function del_article(){
    $id = json_decode($_POST['id']);
-    delete_db('user_article_list',['uid'=>UID,'id'=>$id],[1,'删除成功']);
+    if(empty($id)) msg(-1,'参数错误');
+    delete_db('user_article_list',['uid'=>UID,'id'=>$id],[1,'操作成功']);
 }
-//分类列表
-function category_list(){
-    $where['uid'] = UID;
-    $where['ORDER']['weight'] = 'ASC';
-    $data = select_db('user_article_categorys',['id','name','weight','add_time'],$where);
-    msgA(['code'=>1,'count'=>count($data),'data'=>$data]);
-}
-//添加分类
-function add_category(){
-    $name = trim($_POST['name']);
-    $time = time();
-    if(empty($name)){
-        msg(-1,'分类名称不能为空');
-    }
-    if(has_db('user_article_categorys',['uid'=>UID,'name'=>$name])){
-        msg(-1,'分类名称已存在');
-    }
-    insert_db('user_article_categorys',[
-        'uid'=>UID,
-        'name'=>$name,
-        'weight'=>0,
-        'add_time'=>$time
-        ],[1,'添加成功']);
-    msg(-1,'添加失败');
-}
-//删除分类
-function del_category(){
-    check_category($_POST['id']);
-    delete_db('user_article_categorys',['uid'=>UID,'id'=>$_POST['id']],[1,'删除成功']);
-}
-//保存分类
-function save_category(){
-    check_category($_POST['id']);
-    update_db('user_article_categorys',['name'=>$_POST['name'],'weight'=>$_POST['weight']],['uid'=>UID,'id'=>$_POST['id']],[1,'更新成功']);
-}
-//检查分类
-function check_category($id){
-    if(empty($id)){
-        msg(-1,'分类ID不能为空');
-    }
-    if(!has_db('user_article_categorys',['uid'=>UID,'id'=>$id])){
+//修改分类
+function up_category(){
+    $id = json_decode($_POST['id']);
+    if(empty($id)) msg(-1,'参数错误');
+    if(empty($_POST['category_id']) || !has_db('user_categorys',['uid'=>UID,'cid'=>$_POST['category_id']])){
        msg(-1,'分类不存在');
    }
+    update_db('user_article_list',['category'=>$_POST['category_id']],['uid'=>UID,'id'=>$id],[1,'操作成功']);
+}
+//修改状态
+function up_state(){
+    $id = json_decode($_POST['id']);
+    if(empty($id)) msg(-1,'参数错误');
+    if(!in_array($_POST['state_id'],['1','2','3','4'])){
+        msg(-1,'状态参数错误');
+    }
+    update_db('user_article_list',['state'=>$_POST['state_id']],['uid'=>UID,'id'=>$id],[1,'操作成功']);
 }

+
+//保存设置 (与站点配置共享)
+function save_article_set(){
+    //检查配置参数
+    if(!in_array($_POST['visual'],['0','1','2']) || !in_array($_POST['icon'],['0','1','2'])){
+        msg(-1,'参数错误');
+    }
+    //读取站点配置
+    $s_site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
+    $s_site['article_visual'] = $_POST['visual'];
+    $s_site['article_icon'] = $_POST['icon'];
+    update_db("user_config",["v"=>$s_site],["k"=>'s_site',"uid"=>UID],[1,'保存成功']);
+}
+
+
--- a/system/api_compatible.php
+++ b/system/api_compatible.php
@@ -1,6 +1,6 @@
 <?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}

-if ( in_array($method,['link_list','get_a_link','q_category_link','category_list','get_a_category','check_login','add_link','app_info','del_link','global_search']) && function_exists($method) ) {
+if (function_exists($method)) {
    $method();
 }else{
    Amsg(-1,'方法未找到 >> '.$method);
@@ -42,16 +42,55 @@ function add_link(){
        insert_db('user_links',$data); 
        msgA(['code'=>0,'id'=>$lid]);
 }
+
+//编辑链接
+function edit_link(){
+    $lid = intval(@$_POST['id']);
+    $fid = intval(@$_POST['fid']);
+    $title = $_POST['title'];
+    $url = $_POST['url'];
+    $description = empty($_POST['description']) ? '' : $_POST['description'];
+    $property = empty($_POST['property']) ? 0 : 1;
+    //检测链接是否合法
+    check_link($fid,$title,$url,''); 
+    //描述长度检测
+    $length_limit = unserialize(get_db("global_config","v",["k"=>"length_limit"]));
+    if($length_limit['l_desc'] > 0 && strlen($description) > $length_limit['l_desc'] ){
+        msg(-1,'描述长度不能大于'.$length_limit['l_desc'].'个字节');
+    }
+    //关键字长度检测
+    if($length_limit['l_key'] > 0 && strlen($keywords) > $length_limit['l_key'] ){
+        msg(-1,'关键字长度不能大于'.$length_limit['l_key'].'个字节');
+    }
+    //检查链接是否已存在
+    if(has_db('user_links',['uid'=>UID ,'lid[!]'=>$lid, "url" => $url])){msg(-1011,'链接已存在!');}
+    //检查链接ID是否存在
+    if(!has_db('user_links',['uid'=>UID ,'lid'=>$lid])){msg(-1012,'链接ID不存在!');}
+    $data = [
+        'fid'           =>  $fid,
+        'title'         =>  htmlspecialchars($title,ENT_QUOTES),
+        'url'           =>  $url,
+        'description'   =>  htmlspecialchars($description,ENT_QUOTES),
+        'up_time'       =>  time(),
+        'property'      =>  $property
+        ];
+    
+    //更新数据
+    update_db('user_links',$data,['uid'=>UID,'lid'=>$lid ]);
+    msgA(['code'=>0,'msg'=>'successful']);
+}
+
+
 //删除链接
 function del_link(){
    $lid = intval(trim($_REQUEST['id']));
    if(empty($lid)){
-        msg(-1,'id不能为空');
+        msg(-1010,'链接ID不能为空');
    }
    $where['lid'] = $lid;
    $where['uid'] = UID;
    if(!has_db('user_links',$where)){
-        msg(-1,'链接id不存在');
+        msg(-1010,'链接id不存在');
    }
    delete_db('user_links',$where,[0,'删除成功']);
 }
@@ -59,32 +98,19 @@ function del_link(){
 //搜索链接
 function global_search(){
    $keyword = htmlspecialchars($_REQUEST['keyword']);
-    
    if( strlen($keyword) < 2 ) {
        msg(-2000,'关键字的长度太短');
    }elseif( strlen($keyword) > 32 ) {
        msg(-2000,'关键字长度过长');
    }
-    
    $where['uid'] = UID;
    $where['status'] = 1;
    $where['AND']['OR'] = ["title[~]" => $keyword,"url[~]" => $keyword, "url_standby[~]" => $keyword,"description[~]" => $keyword];
    $where['ORDER'] = ['weight'=>'DESC'];
    $field = ['lid(id)','fid','status','property','title','url','url_standby','weight','description','click','add_time','up_time'];
-    $data = select_db('user_links',$field,$where);
-    
-    // 查询出分类名称
-    $categorys = select_db('user_categorys',['cid(id)','name'],['uid'=>UID,'status'=>1]);
-    // 遍历分类，以id作为键名
-    foreach ($categorys as $category) {
-        $newCategorys[$category['id']] = $category['name'];
-    }
-    // 遍历查询的数据，然后添加父级分类名称
-    foreach ($data as $key => $value) {
-        $data[$key]['category_name'] = $newCategorys[$value['fid']];
-    }
-    
-    msgA(['code'=>0,'msg'=>'获取成功','count'=>count($data),'data'=>$data]);
+    $datas = select_db('user_links',$field,$where);
+    links_add_category_field($datas); //添加分类信息
+    msgA(['code'=>0,'msg'=>'获取成功','count'=>count($datas),'data'=>$datas]);
 }
 //查询链接列表
 function link_list(){
@@ -92,11 +118,7 @@ function link_list(){
    $limit  = empty(intval($_REQUEST['limit'])) ? 50 : intval($_REQUEST['limit']);
    $offset = ($page - 1) * $limit; //起始行号
    $where['uid'] = UID;
-    $where['AND']['status'] = 1;
-    if(Access_Type != 'all'){
-        $where['property'] = 0;
-    }
-
+    $where['status'] = 1;
    $count = count_db('user_links',$where); //统计条数
    //权重排序(数字小的排前面)
    $where['ORDER']['weight'] = 'ASC';
@@ -105,6 +127,7 @@ function link_list(){
    $where['LIMIT'] = [$offset,$limit];
    //查询
    $datas = select_db('user_links',['lid(id)','fid','property','title','url','url_standby','weight','description','icon','click','add_time','up_time'],$where);
+    links_add_category_field($datas); //添加分类信息
    msgA(['code'=>0,'msg'=>'获取成功','count'=>$count,'data'=>$datas]);
 }
 //查询单个链接
@@ -119,11 +142,7 @@ function get_a_link(){
    if(empty($link_info)){
        msgA(['code'=>-1,'msg'=>'没有找到链接信息','data'=>[]]);
    }else{
-        if(Access_Type == 'all' || $link_info['property'] == 0){
-            msgA(['code'=>0,'data'=>$link_info]);
-        }else{
-            msgA(['code'=>-1,'msg'=>'私有链接,无权查看','data'=>[]]);
-        }
+        msgA(['code'=>0,'data'=>$link_info]);
    }
 }
 //查询指定分类的链接
@@ -135,9 +154,6 @@ function q_category_link(){
    $where['uid'] = UID;
    $where['AND']['status'] = 1;
    $where['AND']['fid'] = $category_id;
-    if(Access_Type != 'all'){
-        $where['property'] = 0;
-    }
    
    $count = count_db('user_links',$where); //统计条数
    //权重排序(数字小的排前面)
@@ -147,17 +163,120 @@ function q_category_link(){
    $where['LIMIT'] = [$offset,$limit];
    //查询
    $datas = select_db('user_links',['lid(id)','fid','property','title','url','url_standby','weight','description','icon','click','add_time','up_time'],$where);
+    links_add_category_field($datas); //添加分类信息
+
+    
    msgA(['code'=>0,'msg'=>'获取成功','count'=>$count,'data'=>$datas]);
 }
 //查询分类列表
 function category_list(){
    $where = ['uid'=>UID,'status'=>1,'ORDER' => ['weight'=>'ASC']];
-    if(Access_Type != 'all'){
-        $where['property'] = 0;
-    }
    $datas = select_db('user_categorys',['cid(id)','fid','property','name','add_time','up_time','weight','description','font_icon'],$where);
    msgA(['code'=>0,'msg'=>'获取成功','count'=>count($datas),'data'=>$datas ]);
 }
+
+//添加分类
+function add_category(){
+    if(empty($_POST['name'])){
+        msg(-1,'分类名称不能为空');
+    }elseif(!preg_match('/^(fa fa-|layui-icon layui-icon-)([A-Za-z0-9]|-)+$/',$_POST['font_icon'])){
+        $_POST['font_icon'] = 'fa fa-star-o';
+    }
+    //分类名查重
+    if(get_db('user_categorys','cid',['uid'=>UID ,"name" => $_POST['name']])){
+        msg(-1,'分类名称已存在');
+    }
+    //父分类不能是二级分类
+    if(intval($_POST['fid']) !=0 && get_db('user_categorys','fid',['uid'=>UID ,"cid" => intval($_POST['fid']) ]) !=0  ){
+        msg(-1,'父分类不能是二级分类');
+    }
+
+    //长度检测
+    $length_limit = unserialize(get_db("global_config","v",["k"=>"length_limit"]));
+    if($length_limit['c_name'] > 0 && strlen($_POST['name']) > $length_limit['c_name'] ){
+        msg(-1,'名称长度不能大于'.$length_limit['c_name'].'个字节');
+    }
+    if($length_limit['c_desc'] > 0 && strlen($_POST['description']) > $length_limit['c_desc'] ){
+        msg(-1,'名称长度不能大于'.$length_limit['c_desc'].'个字节');
+    }
+    //取最大CID
+    $cid = get_maxid('category_id');
+    //插入数据库
+    insert_db('user_categorys',[
+        'uid'=>UID,
+        'cid'=>$cid,
+        'fid'=>intval($_POST['fid']??'0'),
+        'pid'=>0,
+        'status'=>1,
+        'property'=>intval($_POST['property']??'0'),
+        'name'=>htmlspecialchars($_POST['name'],ENT_QUOTES),
+        'add_time'=>time(),
+        'up_time'=>time(),
+        'weight'=>$cid,
+        'description'=>htmlspecialchars($_POST['description'],ENT_QUOTES),
+        'font_icon'=>$_POST['font_icon'],
+        'icon'=>''
+        ],[0,'添加成功']
+    );
+}
+//编辑分类
+function edit_category(){
+    if(empty($_POST['name'])){
+        msg(-1,'分类名称不能为空');
+    }elseif(!preg_match('/^(fa fa-|layui-icon layui-icon-)([A-Za-z0-9]|-)+$/',$_POST['font_icon'])){
+        $_POST['font_icon'] = 'fa fa-star-o';
+    }
+    //父分类不能是自己
+    if($_POST['id'] == $_POST['fid']){
+        msg(-1,'父分类不能是自己');
+    }
+    //查CID是否存在
+    if(!get_db('user_categorys','cid',['uid'=>UID ,"cid" => intval($_POST['id'])])){
+        msg(-1,'分类不存在');
+    }
+    //分类名查重(排除自身)
+    if(get_db('user_categorys','cid',['uid'=>UID,'cid[!]'=>intval($_POST['id']),"name" => $_POST['name']])){
+        msg(-1,'分类名称已存在');
+    }
+    //父分类不能是二级分类
+    if(intval($_POST['fid']) !=0 && get_db('user_categorys','fid',['uid'=>UID ,"cid" => intval($_POST['fid']) ]) !=0  ){
+        msg(-1,'父分类不能是二级分类');
+    }
+    //分类下存在子分类,禁止修改父分类
+    if( $_POST['fid']!=0  && count_db('user_categorys',['uid'=>UID,'fid'=>$_POST['id']])>0){
+        msg(-1,'该分类下已存在子分类！');
+    }
+    //查父分类是否存在
+    if( $_POST['fid'] !=0  && !get_db('user_categorys','cid',['uid'=>UID ,"cid" => intval($_POST['fid'])])){
+        msg(-1,'父分类不存在');
+    }
+    //长度检测
+    $length_limit = unserialize(get_db("global_config","v",["k"=>"length_limit"]));
+    if($length_limit['c_name'] > 0 && strlen($_POST['name']) > $length_limit['c_name'] ){
+        msg(-1,'名称长度不能大于'.$length_limit['c_name'].'个字节');
+    }
+    if($length_limit['c_desc'] > 0 && strlen($_POST['description']) > $length_limit['c_desc'] ){
+        msg(-1,'名称长度不能大于'.$length_limit['c_desc'].'个字节');
+    }
+    
+    //更新数据
+    $data = [
+        'fid'=>$_POST['fid'],
+        'property'=>intval($_POST['property']??'0'),
+        'name'=>$_POST['name'],
+        'up_time'=>time(),
+        'description'=>$_POST['description']??'',
+        'font_icon'=>$_POST['font_icon'],
+        ];
+    if(!isset($_POST['fid'])){ //为空时不修改父id,避免二级变一级
+        unset($data['fid']);
+    }
+    if(!isset($_POST['font_icon'])){
+        unset($data['font_icon']);
+    }
+    update_db('user_categorys',$data,['uid'=>UID ,"cid"=>intval($_POST['id'])],[0,'successful']);
+}
+
 //查询单个分类信息
 function get_a_category(){
    $cid = intval(trim($_REQUEST['id']));
@@ -170,14 +289,11 @@ function get_a_category(){
    if(empty($category_info)){
        msgA(['code'=>-1,'msg'=>'没有找到分类信息','data'=>[]]);
    }else{
-        if(Access_Type == 'all' || $category_info['property'] == 0){
-            msgA(['code'=>0,'data'=>$category_info]);
-        }else{
-            msgA(['code'=>-1,'msg'=>'私有分类,无权查看','data'=>[]]);
-        }
+        msgA(['code'=>0,'data'=>$category_info]);
    }
 }

+//获取TwoNav信息
 function app_info(){
    $data['php_version'] = floatval(PHP_VERSION);
    $data['onenav_version'] = SysVer;
@@ -187,11 +303,19 @@ function app_info(){
    msgA(['code'=>200,'msg'=>'success','data'=>$data]);
 }

-//是否已登录
+//是否已登录,由于上游已经拦截未登录状态,所以这里固定返回已登录
 function check_login(){
-    if(Access_Type == 'open'){
-        msgA(['code'=>-1002,'data'=>'false','err_msg'=>'Authorization failure!']);
-    }else{
-        msgA(['code'=>200,'data'=>'true','msg'=>'success']);
+    msgA(['code'=>200,'data'=>'true','msg'=>'success']);
+}
+//给链接数组添加分类字段
+function links_add_category_field(&$arr){
+    $where['uid'] = UID;
+    $where['status'] = 1;
+    $categorys = select_db('user_categorys',['cid(id)','name'],$where);
+    $newCategorys = array_column($categorys,'name','id');
+    foreach ($arr as &$data) {
+        $data['category_name'] = $newCategorys[$data['fid']];
    }
-}
+    return $arr;
+}
+
--- a/system/expand/article.php
+++ b/system/expand/article.php
@@ -1,4 +1,8 @@
 <?php if(!defined('DIR')){Not_Found();}AccessControl();
+if($global_config['article'] == 0 | !check_purview('article',1)){ 
+    Not_Found();
+}
+
 $id = intval($_GET['id']);
 //IP数统计
 count_ip();
@@ -7,7 +11,9 @@ if(empty($id)){Not_Found();}

 //查询文章
 $where['uid'] = UID;
-$where['state'] = 1; //1表示公开
+if(!is_login()){
+    $where['state'] = 1; //状态筛选
+}
 $where['id'] = $id;
 $data = get_db('user_article_list','*',$where);

@@ -33,6 +39,7 @@ $path = $dir_path.'/index.php';
 //检查是否存在,不存在则使用默认
 if(!is_file($path)){
    $path= DIR.'/templates/article/default/index.php';
+    $theme_dir = './templates/article/default';
 }

 //统计点击数
@@ -42,7 +49,7 @@ update_db("user_article_list", ["browse_count[+]"=>1],['uid'=>UID,'id'=>$id]);
 $theme_config_db = unserialize(get_db('user_config','v',['t'=>'theme_article','k'=>$s_templates['article'],'uid'=>UID]));

 //读取默认主题配置
-$theme_info = json_decode(@file_get_contents($dir_path.'/info.json'),true);
+$theme_info = json_decode(@file_get_contents($theme_dir.'/info.json'),true);
 $theme_config = empty($theme_info['config']) ? []:$theme_info['config'];
 $theme_ver = !Debug?$theme_info['version']:$theme_info['version'].'.'.time();

--- a/system/index.php
+++ b/system/index.php
@@ -77,7 +77,7 @@ $theme_ver = !Debug?$theme_info['version']:$theme_info['version'].'.'.time();
 $site['ex_theme'] = in_array($theme,['snail-nav','heimdall']); //例外主题,不支持热门网址/最新网址/输出上限
 //分类查找条件
 $categorys = []; //声明一个空数组
-$content = ['cid(id)','name','property','font_icon','icon','description'];//需要的内容
+$content = ['cid(id)','fid','name','property','font_icon','icon','description'];//需要的内容
 $where['uid'] = UID; 
 $where['fid'] = 0;
 $where['status'] = 1;
@@ -102,7 +102,7 @@ function get_category_sub($id) {
    if(!empty($share)){
        $where['cid'] = $data;
    }
-    $content = ['cid(id)','name','property','font_icon','icon','description'];
+    $content = ['cid(id)','name','fid','property','font_icon','icon','description'];
    $where['uid'] = UID;
    $where['fid'] = intval($id);
    $where['status'] = 1;
@@ -197,6 +197,7 @@ function get_links($fid) {

        //获取图标链接
        $links[$key]['ico'] = $lock ? $GLOBALS['libs'].'/Other/lock.svg' : geticourl($site['link_icon'],$link);
+        $links[$key]['type'] = 'link';
    }
    //处理扩展信息
    if($GLOBALS['global_config']['link_extend'] == 1 && check_purview('link_extend',1) && in_array($GLOBALS['theme_info']['support']['link_extend'],["true","1"])){
@@ -207,6 +208,30 @@ function get_links($fid) {
        }

    }
+    //生成文章链接, 条件:非隐藏,且主题未声明不显示文章
+    if( intval($site['article_visual'] ?? '1') > 0 && $GLOBALS['theme_info']['support']['article'] != 'notdisplay'){
+        $articles = get_article_list($fid);
+        foreach ($articles['data'] as $article) {
+            $url = "./index.php?c=article&id={$article['id']}&u={$u}";
+            if($site['article_icon'] == '1'){ //站点图标
+                $icon = $GLOBALS['favicon'];
+            }elseif($site['article_icon'] == '2' && !empty($article['cover'])){ //封面
+                $icon = $article['cover'];
+            }else{ //首字
+                $icon = './system/ico.php?text='.mb_strtoupper(mb_substr($article['title'], 0, 1));
+            }
+            $article_link = ['type'=>'article','id'=>0,'title'=>$article['title'],'url'=>$url,'real_url'=>$url,'description'=>$article['summary'],'ico'=>$icon,'icon'=>$icon];
+            //判断靠前还是靠后
+            if($site['article_visual'] == '1'){
+                array_unshift($links,$article_link);
+            }else{
+                array_push($links,$article_link);
+            }
+            
+        }
+    }
+    
+    
    if($max_link && $count > $site['max_link']){
        $oc_url = "./index.php?u={$u}&oc={$fid}" . (empty($_GET['theme']) ? '':"&theme={$_GET['theme']}");
        array_push($links,['id'=>0,'title'=>'查看全部','url'=>$oc_url,'real_url'=>$oc_url,'description'=>'该分类共有'.$count.'条数据','ico'=>'./favicon.ico']);
--- a/system/login.php
+++ b/system/login.php
@@ -1,6 +1,5 @@
 <?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
-//登录入口
-require "./system/templates.php";
+
 //如果是Get请求则载入登录模板
 if($_SERVER['REQUEST_METHOD'] === 'GET'){
    require DIR ."/system/templates.php";
--- a/system/templates.php
+++ b/system/templates.php
@@ -14,7 +14,7 @@ if(empty($s_templates)){
 }

 //载入辅助函数
-if(empty($c) || in_array($c,['index','click'])){
+if(empty($c) || in_array($c,['index','click','article'])){
    //将URL转换为base64编码
    function base64($url){
        $urls = parse_url($url);
@@ -98,3 +98,83 @@ if(empty($c) || in_array($c,['index','click'])){

 }

+//获取文章列表
+function get_article_list($category = 0,$limit = 0){
+    $where['uid'] = UID; 
+    if(!is_login()){
+        $where['AND']['state'] = 1; //状态筛选
+    }else{
+        $where['AND']['OR']['state'] = [1,2]; //状态筛选
+    }
+    
+    //分类筛选
+    if($category > 0){
+        $where['AND']['category'] = $category;
+    }
+    //统计条数
+    $count = count_db('user_article_list',$where);
+    //获取条数
+    if($limit > 0){
+        $where['LIMIT'] = [0,$limit];
+    }
+    //获取文章列表
+    $datas = select_db('user_article_list','*',$where);
+    
+    //查询分类
+    $categorys = select_db('user_categorys',['cid(id)','name'],['uid'=>UID]);
+    $categorys = array_column($categorys,'name','id');
+    //为文章添加分类名称
+    foreach ($datas as &$data) {
+        $data['category_name'] = $categorys[$data['category']] ?? 'Null';
+    }
+    return ['data'=>$datas,'count'=>$count];
+}
+//根据文章id获取内容
+function get_article_content($id){
+    $where['uid'] = UID;
+    if(!is_login()){
+        $where['AND']['state'] = 1; //状态筛选
+    }else{
+        $where['AND']['OR']['state'] = [1,2]; //状态筛选
+    }
+    $where['id'] = $id;
+    $data = get_db('user_article_list','*',$where);
+    $data['category_name'] = get_db('user_categorys','name',['uid'=>UID,'cid'=>$data['category']]);
+    return $data;
+}
+
+//获取分类列表
+function get_category_list($layer = false){
+    //查询条件
+    $where = [];
+    $where['uid'] = UID; 
+    $where['fid'] = 0;
+    $where['status'] = 1;
+    $where['ORDER'] = ['weight'=>'ASC'];
+    if(!is_login()){
+        $where['property'] = 0;
+    }
+    //查找一级分类
+    $content = ['cid(id)','name','property','font_icon','icon','description'];
+    $category_parent = select_db('user_categorys',$content,$where);
+    //查找二级分类
+    $categorys = [];
+    if($layer === true){
+        foreach ($category_parent as $key => $category) {
+            $where['fid'] = $category['id'];
+            $category_subitem = select_db('user_categorys',$content,$where);
+            $category['subitem_count'] = count($category_subitem);
+            $category['subitem'] = $category_subitem;
+            array_push($categorys,$category);
+        }
+    }else{
+        foreach ($category_parent as $key => $category) {
+            $where['fid'] = $category['id'];
+            $category_subitem = select_db('user_categorys',$content,$where);
+            $category['subitem_count'] = count($category_subitem);
+            array_push($categorys,$category);
+            $categorys = array_merge ($categorys,$category_subitem);
+        }
+    }
+    return $categorys;
+}
--- a/system/version.txt
+++ b/system/version.txt
@@ -1 +1 @@
-v2.0.32-20230727
+v2.0.33-20230802