renun/TwoNav
1
0
Fork 0
mirror of https://github.com/tznb1/TwoNav.git synced 2025-08-10 08:51:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: renun:v2.0.31-20230720
Branches Tags
renun:master renun:backup renun:updata
renun:v2.1.18-20241105 renun:v2.1.18-20241018 renun:v2.1.17-20240730 renun:v2.1.16-20240525 renun:v2.1.15-20240513 renun:v2.1.14-20240419 renun:v2.1.14-20240416 renun:v2.1.14-20240414 renun:v2.1.13-20240321 renun:v2.1.12-20240308 renun:v2.1.11-20240119 renun:v2.1.09-20231220 renun:v2.1.08-20231219 renun:v2.1.07-20231130 renun:v2.1.06-20231113 renun:v2.1.05-20231106 renun:v2.1.04-20231029 renun:v2.1.03-20231019 renun:v2.1.02-20231012 renun:v2.1.01-20231002 renun:v2.0.40-20230917 renun:v2.0.40-20230916 renun:v2.0.39-20230913 renun:v2.0.38-20230906 renun:v2.0.37-20230830 renun:v2.0.36-20230823 renun:v2.0.35-20230816 renun:v2.0.34-20230809 renun:v2.0.33-20230802 renun:v2.0.32-20230727 renun:v2.0.31-20230720 renun:v2.0.30-20230713 renun:v2.0.29-20230705 renun:v2.0.28-20230624 renun:v2.0.27-20230618 renun:v2.0.26-20230611 renun:v2.0.25-20230607 renun:v2.0.24-20230605 renun:v2.0.23-20230527 renun:v2.0.22-20230523 renun:v2.0.21-20230522 renun:v2.0.21-20230521 renun:v2.0.20-20230520 renun:v2.0.19-20230515 renun:v2.0.18-20230510 renun:v2.0.17-20230428 renun:v2.0.16-20230425 renun:v2.0.15-20230422 renun:v2.0.14-20230420 renun:v2.0.13-20230418 renun:v2.0.12-20230417 renun:v2.0.11-20230414 renun:v2.0.10-20230413 renun:v2.0.09-20230410 renun:v2.0.08-20230406 renun:v2.0.07-20230405
..
compare: renun:v2.0.36-20230823
Branches Tags
renun:master renun:backup renun:updata
renun:v2.1.18-20241105 renun:v2.1.18-20241018 renun:v2.1.17-20240730 renun:v2.1.16-20240525 renun:v2.1.15-20240513 renun:v2.1.14-20240419 renun:v2.1.14-20240416 renun:v2.1.14-20240414 renun:v2.1.13-20240321 renun:v2.1.12-20240308 renun:v2.1.11-20240119 renun:v2.1.09-20231220 renun:v2.1.08-20231219 renun:v2.1.07-20231130 renun:v2.1.06-20231113 renun:v2.1.05-20231106 renun:v2.1.04-20231029 renun:v2.1.03-20231019 renun:v2.1.02-20231012 renun:v2.1.01-20231002 renun:v2.0.40-20230917 renun:v2.0.40-20230916 renun:v2.0.39-20230913 renun:v2.0.38-20230906 renun:v2.0.37-20230830 renun:v2.0.36-20230823 renun:v2.0.35-20230816 renun:v2.0.34-20230809 renun:v2.0.33-20230802 renun:v2.0.32-20230727 renun:v2.0.31-20230720 renun:v2.0.30-20230713 renun:v2.0.29-20230705 renun:v2.0.28-20230624 renun:v2.0.27-20230618 renun:v2.0.26-20230611 renun:v2.0.25-20230607 renun:v2.0.24-20230605 renun:v2.0.23-20230527 renun:v2.0.22-20230523 renun:v2.0.21-20230522 renun:v2.0.21-20230521 renun:v2.0.20-20230520 renun:v2.0.19-20230515 renun:v2.0.18-20230510 renun:v2.0.17-20230428 renun:v2.0.16-20230425 renun:v2.0.15-20230422 renun:v2.0.14-20230420 renun:v2.0.13-20230418 renun:v2.0.12-20230417 renun:v2.0.11-20230414 renun:v2.0.10-20230413 renun:v2.0.09-20230410 renun:v2.0.08-20230406 renun:v2.0.07-20230405

5 Commits
v2.0.31-20 ... v2.0.36-20

Author SHA1 Message Date
MI15\Win
5c7136ff0f v2.0.36-20230823 2023-08-23 16:33:53 +08:00
MI15\Win
86be0ca786 v2.0.35-20230816 2023-08-16 01:14:09 +08:00
MI15\Win
1ece1135ea v2.0.34-20230809 2023-08-09 14:52:37 +08:00
MI15\Win
cec87b24f2 v2.0.33-20230802 2023-08-02 15:57:19 +08:00
MI15\Win
1d379543f5 v2.0.32-20230727 2023-07-28 00:19:25 +08:00
50 changed files with 2525 additions and 151 deletions
Expand all files Collapse all files

10
README.md
View File

@@ -1,4 +1,4 @@
TwoNav 是一款开源免费的书签导航管理程序界面简洁安装简单使用方便。TwoNav可帮助你将浏览器书签集中式管理解决跨设备、跨平台、跨浏览器之间同步和访问困难问题做到一处部署随处访问。
TwoNav 是一款开源的书签(导航)管理程序,界面简洁,安装简单,使用方便,基础功能免费。TwoNav可帮助你将浏览器书签集中式管理解决跨设备、跨平台、跨浏览器之间同步和访问困难问题做到一处部署随处访问。
- **演示站**: [http://two.lm21.top](http://two.lm21.top)
- **仅供体验,定期清理数据** 账号密码`admin`
@@ -26,14 +26,18 @@ TwoNav 是一款开源免费的书签(导航)管理程序,界面简洁,
* 支持加密链接
* 支持分享链接
* 支持二级分类
* 支持用户分组
* 支持用户分组/权限管理
* 支持Chrome/Firefox/Edge书签批量导入
* 支持多种主题风格
* 支持批量更新链接图标/标题/描述等信息
* 支持链接信息自动识别
* 支持API
* 支持Docker部署
* 支持uTools插件
* 支持Chromium内核的[浏览器扩展]
* 支持简易文章管理
* 支持更换各种模板/支持混搭,20+个主题模板
* 安全性支持:更换登录入口/二级密码/OTP双重验证
![](https://foruda.gitee.com/images/1680680754989095293/fcc56e76_10359480.jpeg "主页预览")
![](https://foruda.gitee.com/images/1680680836189756220/8c227c34_10359480.jpeg "主题模板")

2
index.php
View File

@@ -74,7 +74,7 @@ if(empty($c) || $c == 'index'){
require "./system/login.php";//登陆
}elseif(in_array($c,['admin','click','api','ico','icon','verify'])){
require "./system/{$c}.php";
}elseif(in_array($c,['apply','guestbook'])){
}elseif(in_array($c,['apply','guestbook','article'])){
if($global_config['Maintenance'] != 0){Amsg(-1,'网站正在进行维护,请稍后再试!');}
require "./system/expand/{$c}.php";
}else{

19
system/ATool.php
View File

@@ -165,6 +165,14 @@ if(!empty($_GET['type'])){
update_db("user_login_info", ["user" => $_POST['new_user_name']], ["user" => $USER['User']]);
update_db("user_log", ["user" => $_POST['new_user_name']], ["user" => $USER['User']]);
update_db("global_user", ["User" => $_POST['new_user_name']], ["ID" => $_POST['ID']],[1,'操作成功']);
}elseif($_GET['type'] == 'del_otp'){
$user_data = get_db('global_user','*',['ID'=>$_POST['ID']]);
$LoginConfig = unserialize($user_data['LoginConfig']);
if(empty($LoginConfig['totp_key'])){
msgA(['code'=>-1,'msg'=>'当前账号未开启OTP双重验证']);
}
$LoginConfig['totp_key'] = '';
update_db("global_user", ["LoginConfig" => $LoginConfig], ["ID" => $_POST['ID']],[1,'操作成功']);
}
msgA(['code'=>-1,'msg'=>'请求类型错误']);
@@ -267,6 +275,7 @@ function echo_Atool(){
<a class="layui-btn layui-btn-primary layui-btn-xs" lay-event="set_pwd">改密码</a>
<a class="layui-btn layui-btn-primary layui-btn-xs" lay-event="set_root">设站长</a>
<a class="layui-btn layui-btn-primary layui-btn-xs" lay-event="set_user_name">改账号</a>
<a class="layui-btn layui-btn-primary layui-btn-xs" lay-event="del_otp" title="移除OTP登录验证">删OTP</a>
</div>
</script>
<script src="../static/Layui/v2.8.10/layui.js"></script>
@@ -280,7 +289,7 @@ function echo_Atool(){
var table = layui.table;
var cols = [[
{field:'ID',title:'ID',width:60,sort:true}
,{title:'操作',toolbar:'#tablebar',width:175}
,{title:'操作',toolbar:'#tablebar',width:220}
,{field:'User',title:'账号',minWidth:120,templet:function(d){
return '<a style="color:#3c78d8" title="打开用户主页" target="_blank" href="../?u='+d.User+'">'+d.User+'</a>'
}}
@@ -359,6 +368,14 @@ function echo_Atool(){
}
});
});
}else if(obj.event == 'del_otp'){
$.post('./ATool.php?type=del_otp',{ID:data.ID},function(data,status){
if(data.code == 1) {
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
}
});
$('.set').click(function () {

161
system/Authenticator.php Normal file
View File

@@ -0,0 +1,161 @@
<?php
class PHPGangsta_GoogleAuthenticator
{
protected $_codeLength = 6;
public function createSecret($secretLength = 16)
{
$validChars = $this->_getBase32LookupTable();
if ($secretLength < 16 || $secretLength > 128) {
throw new Exception('Bad secret length');
}
$secret = '';
$rnd = false;
if (function_exists('random_bytes')) {
$rnd = random_bytes($secretLength);
} elseif (function_exists('mcrypt_create_iv')) {
$rnd = mcrypt_create_iv($secretLength, MCRYPT_DEV_URANDOM);
} elseif (function_exists('openssl_random_pseudo_bytes')) {
$rnd = openssl_random_pseudo_bytes($secretLength, $cryptoStrong);
if (!$cryptoStrong) {
$rnd = false;
}
}
if ($rnd !== false) {
for ($i = 0; $i < $secretLength; ++$i) {
$secret .= $validChars[ord($rnd[$i]) & 31];
}
} else {
throw new Exception('No source of secure random');
}
return $secret;
}
public function getCode($secret, $timeSlice = null)
{
if ($timeSlice === null) {
$timeSlice = floor(time() / 30);
}
$secretkey = $this->_base32Decode($secret);
$time = chr(0).chr(0).chr(0).chr(0).pack('N*', $timeSlice);
$hm = hash_hmac('SHA1', $time, $secretkey, true);
$offset = ord(substr($hm, -1)) & 0x0F;
$hashpart = substr($hm, $offset, 4);
$value = unpack('N', $hashpart);
$value = $value[1];
$value = $value & 0x7FFFFFFF;
$modulo = pow(10, $this->_codeLength);
return str_pad($value % $modulo, $this->_codeLength, '0', STR_PAD_LEFT);
}
public function getQRCodeGoogleUrl($name, $secret, $title = null, $params = array())
{
$width = !empty($params['width']) && (int) $params['width'] > 0 ? (int) $params['width'] : 200;
$height = !empty($params['height']) && (int) $params['height'] > 0 ? (int) $params['height'] : 200;
$level = !empty($params['level']) && array_search($params['level'], array('L', 'M', 'Q', 'H')) !== false ? $params['level'] : 'M';
$urlencoded = urlencode('otpauth://totp/'.$name.'?secret='.$secret.'');
if (isset($title)) {
$urlencoded .= urlencode('&issuer='.urlencode($title));
}
return "https://api.qrserver.com/v1/create-qr-code/?data=$urlencoded&size=${width}x${height}&ecc=$level";
}
public function verifyCode($secret, $code, $discrepancy = 1, $currentTimeSlice = null)
{
if ($currentTimeSlice === null) {
$currentTimeSlice = floor(time() / 30);
}
if (strlen($code) != 6) {
return false;
}
for ($i = -$discrepancy; $i <= $discrepancy; ++$i) {
$calculatedCode = $this->getCode($secret, $currentTimeSlice + $i);
if ($this->timingSafeEquals($calculatedCode, $code)) {
return true;
}
}
return false;
}
public function setCodeLength($length)
{
$this->_codeLength = $length;
return $this;
}
protected function _base32Decode($secret)
{
if (empty($secret)) {
return '';
}
$base32chars = $this->_getBase32LookupTable();
$base32charsFlipped = array_flip($base32chars);
$paddingCharCount = substr_count($secret, $base32chars[32]);
$allowedValues = array(6, 4, 3, 1, 0);
if (!in_array($paddingCharCount, $allowedValues)) {
return false;
}
for ($i = 0; $i < 4; ++$i) {
if ($paddingCharCount == $allowedValues[$i] &&
substr($secret, -($allowedValues[$i])) != str_repeat($base32chars[32], $allowedValues[$i])) {
return false;
}
}
$secret = str_replace('=', '', $secret);
$secret = str_split($secret);
$binaryString = '';
for ($i = 0; $i < count($secret); $i = $i + 8) {
$x = '';
if (!in_array($secret[$i], $base32chars)) {
return false;
}
for ($j = 0; $j < 8; ++$j) {
$x .= str_pad(base_convert(@$base32charsFlipped[@$secret[$i + $j]], 10, 2), 5, '0', STR_PAD_LEFT);
}
$eightBits = str_split($x, 8);
for ($z = 0; $z < count($eightBits); ++$z) {
$binaryString .= (($y = chr(base_convert($eightBits[$z], 2, 10))) || ord($y) == 48) ? $y : '';
}
}
return $binaryString;
}
protected function _getBase32LookupTable()
{
return array(
'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H',
'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P',
'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X',
'Y', 'Z', '2', '3', '4', '5', '6', '7',
'=',
);
}
private function timingSafeEquals($safeString, $userString)
{
if (function_exists('hash_equals')) {
return hash_equals($safeString, $userString);
}
$safeLen = strlen($safeString);
$userLen = strlen($userString);
if ($userLen != $safeLen) {
return false;
}
$result = 0;
for ($i = 0; $i < $userLen; ++$i) {
$result |= (ord($safeString[$i]) ^ ord($userString[$i]));
}
return $result === 0;
}
}

32
system/MySQL/20230723.php Normal file
View File

@@ -0,0 +1,32 @@
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
$sql =<<<EOF
CREATE TABLE IF NOT EXISTS `user_article_list` (
`id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT,
`uid` varchar(32) NOT NULL COMMENT '用户id',
`title` text NOT NULL COMMENT '标题',
`category` int(10) UNSIGNED NOT NULL COMMENT '分类id',
`state` int(10) UNSIGNED NOT NULL COMMENT '状态',
`password` text NOT NULL COMMENT '访问密码',
`top` int(10) UNSIGNED NOT NULL COMMENT '置顶',
`add_time` int(10) UNSIGNED NOT NULL COMMENT '创建时间',
`up_time` int(10) UNSIGNED NOT NULL COMMENT '修改时间',
`browse_count` int(10) UNSIGNED NOT NULL COMMENT '浏览次数',
`summary` text NOT NULL COMMENT '摘要',
`content` text NOT NULL COMMENT '内容',
`cover` text NOT NULL COMMENT '封面',
`extend` text NOT NULL COMMENT '扩展',
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4;
ALTER TABLE `user_count` ADD `e` TEXT NOT NULL DEFAULT '' COMMENT '扩展';
INSERT INTO `purview_list` (`code`, `name`, `description`) VALUES
('article', '文章管理', '允许使用文章管理功能'),
('article_image', '文章图片', '允许在文章编辑器上传图片');
EOF;
if(exe_sql($sql)){
insert_db('updatadb_logs',['file_name'=>$file_name,'update_time'=>time(),'status'=>'TRUE','extra'=>'']);
}else{
msg(-1,'数据库更新失败');
}

33
system/MySQL/install.sql
View File

@@ -26,7 +26,8 @@ CREATE TABLE IF NOT EXISTS `user_count` (
`uid` int(10) UNSIGNED NOT NULL COMMENT '用户ID',
`k` varchar(32) NOT NULL COMMENT '',
`v` bigint(10) UNSIGNED DEFAULT '0' COMMENT '',
`t` varchar(32) NOT NULL COMMENT '类型'
`t` varchar(32) NOT NULL COMMENT '类型',
`e` text NOT NULL DEFAULT ''
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
@@ -46,7 +47,8 @@ INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALU
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230420.php', '1681977368', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230518.php', '1684393068', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230522.php', '1684762253', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230715.php', '1684762253', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230715.php', '1689427853', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230723.php', '1690119053', 'TRUE', '');
-- 创建用户表
DROP TABLE IF EXISTS `global_user`;
@@ -195,7 +197,9 @@ INSERT INTO `purview_list` (`code`, `name`, `description`) VALUES
('link_extend', '链接扩展', '允许使用链接扩展字段'),
('theme_in', '主题设置', '后台显示主题设置菜单'),
('theme_set', '主题配置', '允许自定义主题配置'),
('icon_pull', '图标拉取', '允许用户拉取链接图标');
('icon_pull', '图标拉取', '允许用户拉取链接图标'),
('article', '文章管理', '允许使用文章管理功能'),
('article_image', '文章图片', '允许在文章编辑器上传图片');
-- 注册码列表
DROP TABLE IF EXISTS `regcode_list`;
@@ -274,4 +278,25 @@ CREATE TABLE IF NOT EXISTS `global_icon` (
`file_mime` text NOT NULL COMMENT 'MIME类型',
`extend` text NOT NULL COMMENT '预留扩展',
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4;
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4;
-- 用户文章列表
CREATE TABLE IF NOT EXISTS `user_article_list` (
`id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT,
`uid` varchar(32) NOT NULL COMMENT '用户id',
`title` text NOT NULL COMMENT '标题',
`category` int(10) UNSIGNED NOT NULL COMMENT '分类id',
`state` int(10) UNSIGNED NOT NULL COMMENT '状态',
`password` text NOT NULL COMMENT '访问密码',
`top` int(10) UNSIGNED NOT NULL COMMENT '置顶',
`add_time` int(10) UNSIGNED NOT NULL COMMENT '创建时间',
`up_time` int(10) UNSIGNED NOT NULL COMMENT '修改时间',
`browse_count` int(10) UNSIGNED NOT NULL COMMENT '浏览次数',
`summary` text NOT NULL COMMENT '摘要',
`content` text NOT NULL COMMENT '内容',
`cover` text NOT NULL COMMENT '封面',
`extend` text NOT NULL COMMENT '扩展',
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4;

31
system/SQLite/20230723.php Normal file
View File

@@ -0,0 +1,31 @@
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
$sql =<<<EOF
CREATE TABLE "user_article_list" (
"id" integer PRIMARY KEY AUTOINCREMENT,
"uid" integer(10) NOT NULL,
"title" TEXT NOT NULL DEFAULT "",
"category" integer NOT NULL,
"state" integer(1) DEFAULT 0,
"password" TEXT NOT NULL DEFAULT "",
"top" integer(10),
"add_time" integer(10),
"up_time" integer(10),
"browse_count" integer DEFAULT 0,
"summary" TEXT,
"content" TEXT,
"cover" TEXT,
"extend" TEXT,
CONSTRAINT "id" UNIQUE ("id" ASC)
);
ALTER TABLE user_count ADD e TEXT NOT NULL DEFAULT "";
INSERT INTO `purview_list` (`code`, `name`, `description`) VALUES
('article', '文章管理', '允许使用文章管理功能'),
('article_image', '文章图片', '允许在文章编辑器上传图片');
EOF;
if(exe_sql($sql)){
insert_db('updatadb_logs',['file_name'=>$file_name,'update_time'=>time(),'status'=>'TRUE','extra'=>'']);
}else{
msg(-1,'数据库更新失败');
}

29
system/SQLite/install.sql
View File

@@ -23,7 +23,8 @@ CREATE TABLE IF NOT EXISTS "user_count" (
"uid" integer(10) NOT NULL,
"k" text(32) NOT NULL DEFAULT "",
"v" integer(10) NOT NULL DEFAULT 0,
"t" text(32) NOT NULL DEFAULT ""
"t" text(32) NOT NULL DEFAULT "",
"e" text NOT NULL DEFAULT ""
);
-- 数据库升级记录
@@ -38,7 +39,9 @@ CREATE TABLE IF NOT EXISTS "updatadb_logs" (
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230417.php', '1681719049', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230420.php', '1681977368', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230522.php', '1684762253', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230715.php', '1684762253', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230715.php', '1689427853', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230723.php', '1690119053', 'TRUE', '');
-- 创建用户表
CREATE TABLE IF NOT EXISTS "global_user" (
@@ -167,7 +170,9 @@ INSERT INTO `purview_list` (`code`, `name`, `description`) VALUES
('link_extend', '链接扩展', '允许使用链接扩展字段'),
('theme_in', '主题设置', '后台显示主题设置菜单'),
('theme_set', '主题配置', '允许自定义主题配置'),
('icon_pull', '图标拉取', '允许用户拉取链接图标');
('icon_pull', '图标拉取', '允许用户拉取链接图标'),
('article', '文章管理', '允许使用文章管理功能'),
('article_image', '文章图片', '允许在文章编辑器上传图片');
-- 注册码列表
CREATE TABLE IF NOT EXISTS "regcode_list" (
@@ -241,3 +246,21 @@ CREATE TABLE IF NOT EXISTS "global_icon" (
CONSTRAINT "id" UNIQUE ("id" ASC)
);
-- 用户文章列表
CREATE TABLE "user_article_list" (
"id" integer PRIMARY KEY AUTOINCREMENT,
"uid" integer(10) NOT NULL,
"title" TEXT NOT NULL DEFAULT "",
"category" integer NOT NULL,
"state" integer(1) DEFAULT 0,
"password" TEXT NOT NULL DEFAULT "",
"top" integer(10),
"add_time" integer(10),
"up_time" integer(10),
"browse_count" integer DEFAULT 0,
"summary" TEXT,
"content" TEXT,
"cover" TEXT,
"extend" TEXT,
CONSTRAINT "id" UNIQUE ("id" ASC)
);

4
system/UseFew/Import_data.php
View File

@@ -392,7 +392,7 @@ if($_GET['type'] == 'upload'){
}
//数据库清除
if(!empty($_POST['TABLE'])){
$TABLE = ["user_categorys","user_links","user_pwd_group","user_share","user_apply"];
$TABLE = ["user_categorys","user_links","user_pwd_group","user_share","user_apply","user_article_list"];
foreach($_POST['TABLE'] as $key =>$value){
if(in_array($key,$TABLE)){
delete_db($key,['uid'=>UID]);
@@ -418,7 +418,7 @@ if($_GET['type'] == 'upload'){
//文件删除
if(!empty($_POST['FILE'])){
$FILE = ["MessageBoard","favicon"];
$FILE = ["MessageBoard","favicon","upload"];
foreach($_POST['FILE'] as $key =>$value){
$path = DIR.'/data/user/'.U.'/'.$key;
if(in_array($key,$FILE) && is_dir($path)){

13
system/UseFew/local_backup.php
View File

@@ -47,7 +47,7 @@ if(!defined('DIR')){
$info['file_db'] = $info['backup_dir'] .'/'. $info['file'].'.db3';
$info['file_info'] = $info['backup_dir'] .'/'. $info['file'].'.info';
$info['file_gz'] = $info['backup_dir'] .'/'. $info['file'].'.tar';
$info['table_arr'] = ['user_config','user_categorys','user_links','user_pwd_group','user_apply','user_share'];
$info['table_arr'] = ['user_config','user_categorys','user_links','user_pwd_group','user_apply','user_share','user_article_list'];
$info['lock'] = DIR.'/data/user/'.U.'/lock.'.UID;
if (!extension_loaded('phar')) {
msg(-1,'不支持phar扩展');
@@ -167,7 +167,7 @@ if(!defined('DIR')){
}
//遍历删除用户数据
$info['table_arr'] = ['user_config','user_categorys','user_links','user_pwd_group','user_apply','user_share'];
$info['table_arr'] = ['user_config','user_categorys','user_links','user_pwd_group','user_apply','user_share','user_article_list'];
foreach($info['table_arr'] as $table_name){
//删除数据
@@ -186,8 +186,15 @@ if(!defined('DIR')){
$where['name'] = $table_name;
$where['LIMIT'] = [($page - 1) * $limit,$limit];
$datas = $MyDB->select('backup','data',$where);
foreach($datas as $data){
foreach($datas as $key => $data){
$data = unserialize($data);
//处理null
foreach ($data as $key => $value) {
if ($value === null) {
$data[$key] = '';
}
}
if(isset($data['id'])){
unset($data['id']);
}

15
system/admin.php
View File

@@ -64,7 +64,7 @@ if($page == 'config_home'){
$theme_config = empty($theme_config['config']) ? []:$theme_config['config'];
//读取用户主题配置
if(!in_array($_GET['fn'],['home','login','register','transit','guide'])){
if(!in_array($_GET['fn'],['home','login','register','transit','guide','article'])){
msg(-1,"参数错误");
}
$theme_config_db = get_db('user_config','v',['t'=>'theme_'.$_GET['fn'],'k'=>$theme,'uid'=>UID]);
@@ -83,7 +83,7 @@ if($page == 'config_home'){
}
//主题设置页面
if( $page == 'theme_home' || $page == 'theme_login' || $page == 'theme_transit' || $page == 'theme_register' || $page == 'theme_guide') {
if( $page == 'theme_home' || $page == 'theme_login' || $page == 'theme_transit' || $page == 'theme_register' || $page == 'theme_guide' || $page == 'theme_article') {
if(!check_purview('theme_in',1)){
require(DIR.'/templates/admin/page/404.php');
exit;
@@ -208,7 +208,9 @@ if ($page == 'menu') {
if($global_config['guestbook'] == 1 && check_purview('guestbook',1)){
array_push($extend,['title'=>'留言管理','href'=>'expand/guestbook-admin','icon'=>'fa fa-commenting-o']);
}
if($global_config['article'] > 0 && check_purview('article',1)){
array_push($extend,['title'=>'文章管理','href'=>'expand/article-list','icon'=>'fa fa-file-text-o']);
}
if(!empty($extend)){
$extend = ['title'=>'扩展功能','icon'=>'fa fa-folder-open-o','href'=>'','child'=> $extend];
array_push($menu,$extend);
@@ -242,6 +244,13 @@ if(empty($page)){
exit;
}
// 插件编辑链接跳转
if($page === 'edit_link' && !empty($_GET['id'])){
header("HTTP/1.1 302 Moved Permanently");
header("Location: ./index.php?c=admin&page=link_edit&u=".U."&id=".$_GET['id']);
exit;
}
//页面文件不存在时载入404
if(!empty($page)){
if(!is_file(DIR.'/templates/admin/page/'.$page.'.php')){

190
system/api.php
View File

@@ -4,51 +4,48 @@ header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Headers: Access-Control-Allow-Private-Network,Content-Type, AccessToken, X-CSRF-Token, Authorization, Token,X-Token,X-Cid");
AccessControl();
//鉴权验证 Cookie验证通过,验证二级密码,Cookie验证失败时尝试验证token
if(!empty(trim($_REQUEST['token']))){ $_COOKIE = []; } //兼容浏览器插件,避免干扰
//获取请求方法
$method = htmlspecialchars(trim($_GET['method']),ENT_QUOTES);
$LoginConfig = unserialize($USER_DB['LoginConfig']);
$api_model = $LoginConfig['api_model']; //API模式
if(!is_login()){
//没登录,根据API模式来限制
$api_model = $LoginConfig['api_model']; //API模式
$token = trim($_REQUEST['token']); //尝试获取令牌
if( empty($USER_DB['Token']) && $api_model != 'compatible+open' ){
Amsg(-1,'未设置token');
//没登录,尝试验证token
if( empty($USER_DB['Token']) ){
msg(-1,'鉴权失败:未登录且未设置token');
}
//获取请求token
$token = trim($_REQUEST['token']);
if(empty($token)){
if($api_model != 'compatible+open'){
Amsg(-1,'非开放模式,token不能为空!');
}
if(in_array($method,['link_list','get_a_link','q_category_link','category_list','get_a_category','check_login'])){
define('Access_Type','open'); //数据访问类型:仅开放
require 'api_compatible.php';
exit;
}else{
Amsg(-1,'token为空时不允许访问此接口');
}
msg(-1,'鉴权失败:未登录且请求未携带token');
}else{
if($token === $USER_DB['Token']){
define('Access_Type','all');
//验证通过
}else{
Amsg(-1,'token验证失败');
msg(-1,'鉴权失败:未登录且token错误');
}
}
if($api_model === 'compatible' || $api_model ==='compatible+open'){
require 'api_compatible.php';
}
//Cookie登录验证OK,验证二级密码
}elseif(Check_Password2($LoginConfig)){
// Cookie 二级密码验证成功(未设置时也认为成功)
}else{
msg(-1,'请先验证二级密码!');
}
//是否加载扩展API
//扩展API
if($global_config['api_extend'] == 1 && is_file('./system/api_extend.php')){
require './system/api_extend.php';
}
//兼容API
$compatible_list = ['add_link','edit_link','del_link','link_list','get_a_link','q_category_link','category_list','get_a_category','add_category','edit_category','app_info','check_login','global_search'];
if(in_array($api_model,['compatible','compatible+open']) && in_array($method,$compatible_list)){
require 'api_compatible.php';
exit;
}
//站长相关方法名
$root = ['write_subscribe','write_sys_settings','write_default_settings','read_user_list','write_user_info','read_purview_list','read_users_list','write_users','read_regcode_list','write_regcode','other_upsys','read_log','other_root'];
if(in_array($method,$root)){
@@ -62,9 +59,7 @@ if(in_array($method,$root)){
if ( preg_match("/^read_|^write_|^other_/",$method) && function_exists($method) ) {
$method();
}else{
if($api_model == 'security'){
Amsg(-1,'方法未找到 >> '.$method);
}
Amsg(-1,'方法未找到 >> '.$method);
}
//读分类列表
@@ -462,7 +457,10 @@ function write_link(){
@unlink($_FILES["file"]["tmp_name"]);
msg(-1,'文件格式不被支持!');
}
//限制文件大小
if(filesize($_FILES["file"]["tmp_name"]) > 1 * 1024 * 1024){
msg(-1,'文件大小超限');
}
session_start();
$sid = $_POST['page_sid'];
//添加链接
@@ -516,7 +514,39 @@ function write_link(){
}else{
msg(-1,'参数错误');
}
//扩展上传图片
}elseif($_GET['type'] == 'extend_up_img'){
//权限检测
if(!check_purview('Upload_icon',1)){
msg(-1,'您的用户组无权限上传图片');
}elseif(empty($_FILES["file"]) || $_FILES["file"]["error"] > 0){
msg(-1,'文件上传失败');
}
//取后缀并判断是否支持
$suffix = strtolower(end(explode('.',$_FILES["file"]["name"])));
if(!preg_match('/^(jpg|jpeg|png|ico|bmp|svg)$/',$suffix)){
@unlink($_FILES["file"]["tmp_name"]);
msg(-1,'文件格式不被支持!');
}
//限制文件大小
if(filesize($_FILES["file"]["tmp_name"]) > 1 * 1024 * 1024){
msg(-1,'文件大小超限');
}
//文件临时路径
$path = DIR . "/data/user/{$u}/upload";
//检测目录,不存在则创建!
if(!Check_Path($path)){
msg(-1,'创建upload目录失败,请检查权限');
}
$tmp_name = 'LE_'.uniqid().'.'.$suffix;
//移动文件
if(!move_uploaded_file($_FILES["file"]["tmp_name"],"{$path}/{$tmp_name}")) {
msg(-1,'上传失败,请检查目录权限');
}else{
msgA(['code'=>1,'msg'=>'上传成功','url'=>"./data/user/".U.'/upload/'.$tmp_name]);
}
//删除图标
}elseif($_GET['type'] === 'del_images'){
session_start();
@@ -625,7 +655,7 @@ function write_link(){
unset($data['keywords']);
}
//更新数据
update_db('user_links',$data,['uid'=>UID,'lid'=>intval($_POST['lid']) ]);
update_db('user_links',$data,['uid'=>UID,'lid'=>$lid ]);
msgA(['code'=>1,'msg'=>'修改成功','icon' => $icon]);
//删除
}elseif($_GET['type'] === 'del'){
@@ -875,7 +905,7 @@ function write_link(){
if(empty($data['name']) || check_xss($data['name']) || !preg_match('/^[A-Za-z0-9]{3,18}$/',$data['name'])){
msgA( ['code' => -1,'msg' => '字段名错误,请输入长度3-18的字母/数字'] );
}
if(!in_array($data['type'],['text','textarea'])){
if(!in_array($data['type'],['text','textarea','up_img'])){
msgA( ['code' => -1,'msg' => '类型错误'] );
}
}
@@ -889,7 +919,7 @@ function write_link(){
$datas = [];
foreach ($lists as $key => $data ){
array_push($datas,['title'=>$data['title'],'name'=>$data['name'],'weight'=>$data['weight'],'type'=>$data['type'],'default'=> "{$data['default']}"]);
array_push($datas,['title'=>$data['title'],'name'=>$data['name'],'weight'=>$data['weight'],'type'=>$data['type'],'default'=> "{$data['default']}",'tip'=>$data['tip']]);
}
//根据序号排序
usort($datas, function($a, $b) {
@@ -917,11 +947,11 @@ function write_security_setting(){
'HttpOnly'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'HttpOnly参数错误'],
'KeySecurity'=>['int'=>true,'min'=>0,'max'=>2,'msg'=>'Key安全参数错误'],
'KeyClear'=>['int'=>true,'min'=>1,'max'=>60,'msg'=>'Key清理参数错误'],
'api_model'=>['v'=>['security','compatible','compatible+open'],'msg'=>'API模式参数错误'],
'api_model'=>['v'=>['security','compatible'],'msg'=>'API模式参数错误'],
'login_page'=>['v'=>['admin','index','auto'],'msg'=>'登录成功参数错误'],
'Password2'=>['empty'=>true]
];
$LoginConfig = unserialize($USER_DB['LoginConfig']);
foreach ($datas as $key => $data){
if($data['int']){
$LoginConfig[$key] = ($_POST[$key] >= $data['min'] && $_POST[$key] <= $data['max'])?intval($_POST[$key]):msg(-1,$data['msg']);
@@ -1181,6 +1211,65 @@ function write_user_password(){
msg(1,'修改成功');
}
//读双重验证
function read_totp(){
global $USER_DB;
if($USER_DB['Password'] !== Get_MD5_Password($_POST['Password'],$USER_DB['RegTime'])){
msg(-1102,'密码错误,请核对后再试!');
}
$LoginConfig = unserialize($USER_DB['LoginConfig']);
if(empty($LoginConfig['totp_key'])){
require DIR . '/system/Authenticator.php';
$totp = new PHPGangsta_GoogleAuthenticator();
$key = $totp->createSecret();
msgA(['code'=>2,'msg'=>'未开启双重验证','key'=> $key ]);
}
msgA(['code'=>1,'msg'=>'已开启双重验证']);
}
//写双重验证
function write_totp(){
global $USER_DB;
if($USER_DB['Password'] !== Get_MD5_Password($_POST['Password'],$USER_DB['RegTime'])){
msg(-1102,'密码错误,请核对后再试!');
}
if($_GET['type'] === 'delete'){ //删除双重验证
$LoginConfig = unserialize($USER_DB['LoginConfig']);
if(empty($LoginConfig['totp_key'])){
msgA(['code'=>-1,'msg'=>'未开启双重验证',]);
}
$LoginConfig['totp_key'] = '';
update_db("global_user", ["LoginConfig"=>$LoginConfig],["ID"=>UID],[1,'操作成功']);
}elseif($_GET['type'] === 'set'){ //设置双重验证
//必填项验证
if(empty($_POST['key'])){
msgA(['code'=>-1,'msg'=>'Key不能为空']);
}elseif(empty($_POST['code'])){
msgA(['code'=>-1,'msg'=>'验证码不能为空']);
}
$LoginConfig = unserialize($USER_DB['LoginConfig']);
if(!empty($LoginConfig['totp_key'])){
msgA(['code'=>-1,'msg'=>'已开启双重验证,无法继续开启!']);
}
//载入totp库
require DIR . '/system/Authenticator.php';
$totp = new PHPGangsta_GoogleAuthenticator();
$checkResult = $totp->verifyCode($_POST['key'], $_POST['code'], 2);
if(!$checkResult){
msgA(['code'=>-1,'msg'=>'验证失败,请重试']);
}
//写入数据库
$LoginConfig = unserialize($USER_DB['LoginConfig']);
$LoginConfig['totp_key'] = $_POST['key'];
update_db("global_user", ["LoginConfig"=>$LoginConfig],["ID"=>UID],[1,'操作成功']);
}else{
msg(-1,'请求参数有误');
}
}
//查Token
function read_token(){
global $USER_DB;
@@ -1272,7 +1361,7 @@ function other_testing_link(){
//主题下载/更新/删除
function write_theme(){
global $global_config;
$fn = $_POST['fn'];if($_GET['type'] != 'config' && !in_array($fn,['home','login','transit','register','guide'])){msg(-1,'fn参数错误');}
$fn = $_POST['fn'];if($_GET['type'] != 'config' && !in_array($fn,['home','login','transit','register','guide','article'])){msg(-1,'fn参数错误');}
if($_GET['type'] == 'download'){
is_root();
if($global_config['offline']){msg(-1,"离线模式禁止下载主题!");} //离线模式
@@ -1393,6 +1482,8 @@ function write_theme(){
$s_templates['login'] = $name;
}elseif($fn == 'transit'){
$s_templates['transit'] = $name;
}elseif($fn == 'article'){
$s_templates['article'] = $name;
}elseif($fn == 'register'){
$global_templates['register'] = $name;
update_db('global_config',['v'=>$global_templates],['k'=>'s_templates'],[1,'注册模板设置成功']);
@@ -1417,7 +1508,7 @@ function write_theme(){
msg(-1,"获取模板类型错误");
}
$fn = empty($GET['fn']) ? $_GET['template_type'] : $GET['fn'];
if(!in_array($fn,['home','login','register','transit','guide'])){
if(!in_array($fn,['home','login','register','transit','guide','article'])){
msg(-1,"参数错误");
}
//0420 END
@@ -1617,6 +1708,8 @@ function read_data(){
curl_setopt($ch, CURLOPT_URL, $_POST['url']);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$start = microtime(true);
$response = curl_exec($ch);
$end = microtime(true);
@@ -1727,6 +1820,22 @@ function read_data(){
$data = ['dates'=>$dates,'day_data'=>$day_data];
msgA(['code'=>1,'data'=>$data]);
}elseif($_GET['type'] == 'tongji_ip_list'){
$days = isset($_GET['date']) && !empty($_GET['date']) ? $_GET['date'] : 7;
$dates = [];
for ($i = 0; $i < $days; $i++) {
$date = date('Ymd', strtotime("-$i days"));
$dates[] = $date;
}
$dates = array_reverse($dates);
$day_data = [];
foreach ($dates as $date) {
$list = get_db('user_count', 'e', ['uid' => UID, 'k' => $date, 't' => 'ip_list']);
$list = unserialize($list);
$day_data[$date] = empty($list) ? [] : $list ;
}
msgA(['code'=>1,'data'=>$day_data]);
}
}
@@ -1735,6 +1844,17 @@ function other_local_backup(){
require DIR . '/system/UseFew/local_backup.php';
exit;
}
//读文章
function read_article(){
require DIR . '/system/api_article.php';
exit;
}
//写文章
function write_article(){
require DIR . '/system/api_article.php';
exit;
}
//获取链接信息
function other_get_link_info(){
global $global_config;

222
system/api_article.php Normal file
View File

@@ -0,0 +1,222 @@
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
$type = htmlspecialchars(trim($_GET['type']),ENT_QUOTES);
if (function_exists($type) ) {
if($GLOBALS['global_config']['article'] < 1 || !check_purview('article',1)){
msg(-1,'无权限');
}
$type();
}else{
Amsg(-1,'请求类型错误 >> '.$type);
}
//上传图片
function uploadImage(){
global $u;
//权限检测
if(!check_purview('article_image',1)){
msgA(['errno'=>-1,'message'=>'您的用户组无权限上传图片']);
}elseif(empty($_FILES["file"]) || $_FILES["file"]["error"] > 0){
msgA(['errno'=>-1,'message'=>'文件上传失败']);
}
//取后缀并判断是否支持
$suffix = strtolower(end(explode('.',$_FILES["file"]["name"])));
if(!preg_match('/^(jpg|png|gif|bmp|jpeg|svg|webp)$/',$suffix)){
@unlink($_FILES["file"]["tmp_name"]);
msgA(['errno'=>-1,'message'=>'文件格式不被支持']);
}
//限制文件大小
if(filesize($_FILES["file"]["tmp_name"]) > 5 * 1024 * 1024){
msgA(['errno'=>-1,'message'=>'文件大小超限']);
}
//文件临时路径
$ym = date("Ym");
$path = DIR . "/data/user/{$u}/upload/{$ym}/";
//检测目录,不存在则创建!
if(!Check_Path($path)){
msgA(['errno'=>-1,'message'=>'创建upload目录失败,请检查权限']);
}
$tmp_name = 'AI_'.uniqid().'.'.$suffix;
//移动文件
if(!move_uploaded_file($_FILES["file"]["tmp_name"],"{$path}/{$tmp_name}")) {
msgA(['errno'=>-1,'message'=>'上传失败,请检查目录权限']);
}else{
msgA(['errno'=>0,'data'=>['url'=>"./data/user/{$u}/upload/{$ym}/$tmp_name",'alt'=>$_FILES["file"]["name"],'href'=>''],'message'=>'上传成功']);
}
}
//删除图片
function deleteImage(){
global $u;
if(empty($_POST['path'])){
msg(-1,'请求参数错误');
}
$path = $_POST['path'];
$pattern = "/^\.\/data\/user\/{$u}\/upload\/\d{6}\/AI_[A-Za-z0-9_]+\.(jpg|png|gif|bmp|jpeg|svg|webp)$/i";
if(preg_match($pattern,$path) && is_file($path)){
@unlink($path);
}else{
msg(-1,'请求参数错误');
}
//需考虑编辑文章删除封面时未点击保存的情况
if(is_file($path)){
msg(-1,'删除失败');
}else{
msg(1,'删除成功');
}
}
//上传视频
function uploadVideo(){
msgA(['errno'=>-1,'message'=>'未开放']);
global $u;
//权限检测
if(!check_purview('article_image',1)){
msgA(['errno'=>-1,'message'=>'您的用户组无权限上传视频']);
}elseif(empty($_FILES["file"]) || $_FILES["file"]["error"] > 0){
msgA(['errno'=>-1,'message'=>'文件上传失败']);
}
//取后缀并判断是否支持
$suffix = strtolower(end(explode('.',$_FILES["file"]["name"])));
if(!preg_match('/^(avi|mp4|wma|rmvb|rm|flash|3gp|flv)$/',$suffix)){
@unlink($_FILES["file"]["tmp_name"]);
msgA(['errno'=>-1,'message'=>'文件格式不被支持']);
}
//限制文件大小
if(filesize($_FILES["file"]["tmp_name"]) > 20 * 1024 * 1024){
msgA(['errno'=>-1,'message'=>'文件大小超限']);
}
//文件临时路径
$ym = date("Ym");
$path = DIR . "/data/user/{$u}/upload/{$ym}/";
//检测目录,不存在则创建!
if(!Check_Path($path)){
msgA(['errno'=>-1,'message'=>'创建upload目录失败,请检查权限']);
}
$tmp_name = 'AV_'.uniqid().'.'.$suffix;
//移动文件
if(!move_uploaded_file($_FILES["file"]["tmp_name"],"{$path}/{$tmp_name}")) {
msgA(['errno'=>-1,'message'=>'上传失败,请检查目录权限']);
}else{
msgA(['errno'=>0,'data'=>['url'=>"./data/user/{$u}/upload/{$ym}/$tmp_name",'alt'=>$_FILES["file"]["name"],'href'=>''],'message'=>'上传成功']);
}
}
//获取文章列表
function article_list(){
$where['uid'] = UID;
//分类筛选
if(intval(@$_POST['category']) > 0){
$where['AND']['category'] = intval(@$_POST['category']);
}
//状态筛选
if(intval(@$_POST['state']) > 0){
$where['AND']['state'] = intval(@$_POST['state']);
}
//关键字筛选
$query = $_POST['keyword'];
if(!empty($query)){
$where['AND']['OR'] = ["title[~]" => $query,"summary[~]" => $query,"content[~]" => $query];
}
//统计条数
$count = count_db('user_article_list',$where);
//分页
$page = empty(intval($_REQUEST['page'])) ? 1 : intval($_REQUEST['page']);
$limit = empty(intval($_REQUEST['limit'])) ? 50 : intval($_REQUEST['limit']);
$offset = ($page - 1) * $limit; //起始行号
$where['LIMIT'] = [$offset,$limit];
$datas = select_db('user_article_list',['id','title','category','state','password','top','add_time','up_time','browse_count','summary','cover'],$where);
//查询分类
$categorys = select_db('user_categorys',['cid(id)','name'],['uid'=>UID]);
$categorys = array_column($categorys,'name','id');
//为文章添加分类名称
foreach ($datas as &$data) {
$data['category_name'] = $categorys[$data['category']] ?? 'Null';
}
msgA(['code'=>1,'count'=>$count,'data'=>$datas]);
}
//保存文章
function save_article(){
if(empty($_POST['category']) || !has_db('user_categorys',['uid'=>UID,'cid'=>$_POST['category']])){
msg(-1,'分类不存在');
}
$time = time();
//id为空,添加文章
if(empty($_POST['id'])){
insert_db('user_article_list',[
'uid'=>UID,
'title'=>$_POST['title'],
'category'=>$_POST['category'],
'state'=>$_POST['state'],
'password'=>'',
'top'=>0,
'add_time'=>$time,
'up_time'=>$time,
'browse_count'=>0,
'summary'=>$_POST['summary'],
'content'=>$_POST['content'],
'cover'=>$_POST['cover_url'],
'extend'=>''
],[1,'保存成功']);
//存在id,更新文章数据
}else{
if(!has_db('user_article_list',['uid'=>UID,'id'=>$_POST['id']])){
msg(-1,'文章id错误');
}
update_db('user_article_list',[
'title'=>$_POST['title'],
'category'=>$_POST['category'],
'state'=>$_POST['state'],
'up_time'=>$time,
'summary'=>$_POST['summary'],
'content'=>$_POST['content'],
'cover'=>$_POST['cover_url']
],['uid'=>UID,'id'=>$_POST['id']],[1,'保存成功']);
}
}
//删除文章
function del_article(){
$id = json_decode($_POST['id']);
if(empty($id)) msg(-1,'参数错误');
delete_db('user_article_list',['uid'=>UID,'id'=>$id],[1,'操作成功']);
}
//修改分类
function up_category(){
$id = json_decode($_POST['id']);
if(empty($id)) msg(-1,'参数错误');
if(empty($_POST['category_id']) || !has_db('user_categorys',['uid'=>UID,'cid'=>$_POST['category_id']])){
msg(-1,'分类不存在');
}
update_db('user_article_list',['category'=>$_POST['category_id']],['uid'=>UID,'id'=>$id],[1,'操作成功']);
}
//修改状态
function up_state(){
$id = json_decode($_POST['id']);
if(empty($id)) msg(-1,'参数错误');
if(!in_array($_POST['state_id'],['1','2','3','4'])){
msg(-1,'状态参数错误');
}
update_db('user_article_list',['state'=>$_POST['state_id']],['uid'=>UID,'id'=>$id],[1,'操作成功']);
}
//保存设置 (与站点配置共享)
function save_article_set(){
//检查配置参数
if(!in_array($_POST['visual'],['0','1','2']) || !in_array($_POST['icon'],['0','1','2'])){
msg(-1,'参数错误');
}
//读取站点配置
$s_site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
$s_site['article_visual'] = $_POST['visual'];
$s_site['article_icon'] = $_POST['icon'];
update_db("user_config",["v"=>$s_site],["k"=>'s_site',"uid"=>UID],[1,'保存成功']);
}

234
system/api_compatible.php
View File

@@ -1,6 +1,6 @@
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
if ( in_array($method,['link_list','get_a_link','q_category_link','category_list','get_a_category','check_login','add_link']) && function_exists($method) ) {
if (function_exists($method)) {
$method();
}else{
Amsg(-1,'方法未找到 >> '.$method);
@@ -42,17 +42,83 @@ function add_link(){
insert_db('user_links',$data);
msgA(['code'=>0,'id'=>$lid]);
}
//编辑链接
function edit_link(){
$lid = intval(@$_POST['id']);
$fid = intval(@$_POST['fid']);
$title = $_POST['title'];
$url = $_POST['url'];
$description = empty($_POST['description']) ? '' : $_POST['description'];
$property = empty($_POST['property']) ? 0 : 1;
//检测链接是否合法
check_link($fid,$title,$url,'');
//描述长度检测
$length_limit = unserialize(get_db("global_config","v",["k"=>"length_limit"]));
if($length_limit['l_desc'] > 0 && strlen($description) > $length_limit['l_desc'] ){
msg(-1,'描述长度不能大于'.$length_limit['l_desc'].'个字节');
}
//关键字长度检测
if($length_limit['l_key'] > 0 && strlen($keywords) > $length_limit['l_key'] ){
msg(-1,'关键字长度不能大于'.$length_limit['l_key'].'个字节');
}
//检查链接是否已存在
if(has_db('user_links',['uid'=>UID ,'lid[!]'=>$lid, "url" => $url])){msg(-1011,'链接已存在!');}
//检查链接ID是否存在
if(!has_db('user_links',['uid'=>UID ,'lid'=>$lid])){msg(-1012,'链接ID不存在!');}
$data = [
'fid' => $fid,
'title' => htmlspecialchars($title,ENT_QUOTES),
'url' => $url,
'description' => htmlspecialchars($description,ENT_QUOTES),
'up_time' => time(),
'property' => $property
];
//更新数据
update_db('user_links',$data,['uid'=>UID,'lid'=>$lid ]);
msgA(['code'=>0,'msg'=>'successful']);
}
//删除链接
function del_link(){
$lid = intval(trim($_REQUEST['id']));
if(empty($lid)){
msg(-1010,'链接ID不能为空');
}
$where['lid'] = $lid;
$where['uid'] = UID;
if(!has_db('user_links',$where)){
msg(-1010,'链接id不存在');
}
delete_db('user_links',$where,[0,'删除成功']);
}
//搜索链接
function global_search(){
$keyword = htmlspecialchars($_REQUEST['keyword']);
if( strlen($keyword) < 2 ) {
msg(-2000,'关键字的长度太短');
}elseif( strlen($keyword) > 32 ) {
msg(-2000,'关键字长度过长');
}
$where['uid'] = UID;
$where['status'] = 1;
$where['AND']['OR'] = ["title[~]" => $keyword,"url[~]" => $keyword, "url_standby[~]" => $keyword,"description[~]" => $keyword];
$where['ORDER'] = ['weight'=>'DESC'];
$field = ['lid(id)','fid','status','property','title','url','url_standby','weight','description','click','add_time','up_time'];
$datas = select_db('user_links',$field,$where);
links_add_category_field($datas); //添加分类信息
msgA(['code'=>0,'msg'=>'获取成功','count'=>count($datas),'data'=>$datas]);
}
//查询链接列表
function link_list(){
$page = empty(intval($_REQUEST['page'])) ? 1 : intval($_REQUEST['page']);
$limit = empty(intval($_REQUEST['limit'])) ? 50 : intval($_REQUEST['limit']);
$offset = ($page - 1) * $limit; //起始行号
$where['uid'] = UID;
$where['AND']['status'] = 1;
if(Access_Type != 'all'){
$where['property'] = 0;
}
$where['status'] = 1;
$count = count_db('user_links',$where); //统计条数
//权重排序(数字小的排前面)
$where['ORDER']['weight'] = 'ASC';
@@ -61,6 +127,7 @@ function link_list(){
$where['LIMIT'] = [$offset,$limit];
//查询
$datas = select_db('user_links',['lid(id)','fid','property','title','url','url_standby','weight','description','icon','click','add_time','up_time'],$where);
links_add_category_field($datas); //添加分类信息
msgA(['code'=>0,'msg'=>'获取成功','count'=>$count,'data'=>$datas]);
}
//查询单个链接
@@ -68,7 +135,6 @@ function get_a_link(){
$lid = intval(trim($_REQUEST['id']));
if(empty($lid)){
msg(-1,'id不能为空');
}
$where['lid'] = $lid;
$where['uid'] = UID;
@@ -76,11 +142,7 @@ function get_a_link(){
if(empty($link_info)){
msgA(['code'=>-1,'msg'=>'没有找到链接信息','data'=>[]]);
}else{
if(Access_Type == 'all' || $link_info['property'] == 0){
msgA(['code'=>0,'data'=>$link_info]);
}else{
msgA(['code'=>-1,'msg'=>'私有链接,无权查看','data'=>[]]);
}
msgA(['code'=>0,'data'=>$link_info]);
}
}
//查询指定分类的链接
@@ -92,9 +154,6 @@ function q_category_link(){
$where['uid'] = UID;
$where['AND']['status'] = 1;
$where['AND']['fid'] = $category_id;
if(Access_Type != 'all'){
$where['property'] = 0;
}
$count = count_db('user_links',$where); //统计条数
//权重排序(数字小的排前面)
@@ -104,17 +163,120 @@ function q_category_link(){
$where['LIMIT'] = [$offset,$limit];
//查询
$datas = select_db('user_links',['lid(id)','fid','property','title','url','url_standby','weight','description','icon','click','add_time','up_time'],$where);
links_add_category_field($datas); //添加分类信息
msgA(['code'=>0,'msg'=>'获取成功','count'=>$count,'data'=>$datas]);
}
//查询分类列表
function category_list(){
$where = ['uid'=>UID,'status'=>1,'ORDER' => ['weight'=>'ASC']];
if(Access_Type != 'all'){
$where['property'] = 0;
}
$datas = select_db('user_categorys',['cid(id)','fid','property','name','add_time','up_time','weight','description','font_icon'],$where);
msgA(['code'=>0,'msg'=>'获取成功','count'=>count($datas),'data'=>$datas ]);
}
//添加分类
function add_category(){
if(empty($_POST['name'])){
msg(-1,'分类名称不能为空');
}elseif(!preg_match('/^(fa fa-|layui-icon layui-icon-)([A-Za-z0-9]|-)+$/',$_POST['font_icon'])){
$_POST['font_icon'] = 'fa fa-star-o';
}
//分类名查重
if(get_db('user_categorys','cid',['uid'=>UID ,"name" => $_POST['name']])){
msg(-1,'分类名称已存在');
}
//父分类不能是二级分类
if(intval($_POST['fid']) !=0 && get_db('user_categorys','fid',['uid'=>UID ,"cid" => intval($_POST['fid']) ]) !=0 ){
msg(-1,'父分类不能是二级分类');
}
//长度检测
$length_limit = unserialize(get_db("global_config","v",["k"=>"length_limit"]));
if($length_limit['c_name'] > 0 && strlen($_POST['name']) > $length_limit['c_name'] ){
msg(-1,'名称长度不能大于'.$length_limit['c_name'].'个字节');
}
if($length_limit['c_desc'] > 0 && strlen($_POST['description']) > $length_limit['c_desc'] ){
msg(-1,'名称长度不能大于'.$length_limit['c_desc'].'个字节');
}
//取最大CID
$cid = get_maxid('category_id');
//插入数据库
insert_db('user_categorys',[
'uid'=>UID,
'cid'=>$cid,
'fid'=>intval($_POST['fid']??'0'),
'pid'=>0,
'status'=>1,
'property'=>intval($_POST['property']??'0'),
'name'=>htmlspecialchars($_POST['name'],ENT_QUOTES),
'add_time'=>time(),
'up_time'=>time(),
'weight'=>$cid,
'description'=>htmlspecialchars($_POST['description'],ENT_QUOTES),
'font_icon'=>$_POST['font_icon'],
'icon'=>''
],[0,'添加成功']
);
}
//编辑分类
function edit_category(){
if(empty($_POST['name'])){
msg(-1,'分类名称不能为空');
}elseif(!preg_match('/^(fa fa-|layui-icon layui-icon-)([A-Za-z0-9]|-)+$/',$_POST['font_icon'])){
$_POST['font_icon'] = 'fa fa-star-o';
}
//父分类不能是自己
if($_POST['id'] == $_POST['fid']){
msg(-1,'父分类不能是自己');
}
//查CID是否存在
if(!get_db('user_categorys','cid',['uid'=>UID ,"cid" => intval($_POST['id'])])){
msg(-1,'分类不存在');
}
//分类名查重(排除自身)
if(get_db('user_categorys','cid',['uid'=>UID,'cid[!]'=>intval($_POST['id']),"name" => $_POST['name']])){
msg(-1,'分类名称已存在');
}
//父分类不能是二级分类
if(intval($_POST['fid']) !=0 && get_db('user_categorys','fid',['uid'=>UID ,"cid" => intval($_POST['fid']) ]) !=0 ){
msg(-1,'父分类不能是二级分类');
}
//分类下存在子分类,禁止修改父分类
if( $_POST['fid']!=0 && count_db('user_categorys',['uid'=>UID,'fid'=>$_POST['id']])>0){
msg(-1,'该分类下已存在子分类!');
}
//查父分类是否存在
if( $_POST['fid'] !=0 && !get_db('user_categorys','cid',['uid'=>UID ,"cid" => intval($_POST['fid'])])){
msg(-1,'父分类不存在');
}
//长度检测
$length_limit = unserialize(get_db("global_config","v",["k"=>"length_limit"]));
if($length_limit['c_name'] > 0 && strlen($_POST['name']) > $length_limit['c_name'] ){
msg(-1,'名称长度不能大于'.$length_limit['c_name'].'个字节');
}
if($length_limit['c_desc'] > 0 && strlen($_POST['description']) > $length_limit['c_desc'] ){
msg(-1,'名称长度不能大于'.$length_limit['c_desc'].'个字节');
}
//更新数据
$data = [
'fid'=>$_POST['fid'],
'property'=>intval($_POST['property']??'0'),
'name'=>$_POST['name'],
'up_time'=>time(),
'description'=>$_POST['description']??'',
'font_icon'=>$_POST['font_icon'],
];
if(!isset($_POST['fid'])){ //为空时不修改父id,避免二级变一级
unset($data['fid']);
}
if(!isset($_POST['font_icon'])){
unset($data['font_icon']);
}
update_db('user_categorys',$data,['uid'=>UID ,"cid"=>intval($_POST['id'])],[0,'successful']);
}
//查询单个分类信息
function get_a_category(){
$cid = intval(trim($_REQUEST['id']));
@@ -127,19 +289,33 @@ function get_a_category(){
if(empty($category_info)){
msgA(['code'=>-1,'msg'=>'没有找到分类信息','data'=>[]]);
}else{
if(Access_Type == 'all' || $category_info['property'] == 0){
msgA(['code'=>0,'data'=>$category_info]);
}else{
msgA(['code'=>-1,'msg'=>'私有分类,无权查看','data'=>[]]);
}
msgA(['code'=>0,'data'=>$category_info]);
}
}
//是否已登录
//获取TwoNav信息
function app_info(){
$data['php_version'] = floatval(PHP_VERSION);
$data['onenav_version'] = SysVer;
$data['cat_num'] = count_db('user_categorys',['uid'=>UID])??0;
$data['link_num'] = count_db('user_links',['uid'=>UID])??0;
$data['username'] = U;
msgA(['code'=>200,'msg'=>'success','data'=>$data]);
}
//是否已登录,由于上游已经拦截未登录状态,所以这里固定返回已登录
function check_login(){
if(Access_Type == 'open'){
msgA(['code'=>-1002,'data'=>'false','err_msg'=>'Authorization failure!']);
}else{
msgA(['code'=>200,'data'=>'true','msg'=>'success']);
msgA(['code'=>200,'data'=>'true','msg'=>'success']);
}
//给链接数组添加分类字段
function links_add_category_field(&$arr){
$where['uid'] = UID;
$where['status'] = 1;
$categorys = select_db('user_categorys',['cid(id)','name'],$where);
$newCategorys = array_column($categorys,'name','id');
foreach ($arr as &$data) {
$data['category_name'] = $newCategorys[$data['fid']];
}
}
return $arr;
}

45
system/api_root.php
View File

@@ -352,6 +352,25 @@ function write_user_info(){
delete_db('global_user',["ID" => $uids]);
msg(1,'删除成功');
break;
//删除OTP验证
case "Del_OTP":
$uids = json_decode($_POST['ID']);
$USER_S = select_db('global_user',['LoginConfig','ID','User'],['ID'=>$uids]);
$fail = 0;
foreach($USER_S as $USER){
$LoginConfig = unserialize($USER['LoginConfig']);
if(empty($LoginConfig['totp_key'])){
$fail ++;
continue;
}
$LoginConfig['totp_key'] = '';
update_db("global_user", ["LoginConfig" => $LoginConfig], ["ID" => $USER['ID']]);
}
if($fail > 0){
msg(1,'操作完毕,有'.$fail.'个账号未开启OTP双重验证');
}
msg(1,'操作成功');
break;
//设用户组
case "set_UserGroup":
if(empty($_POST['UserGroup'])){
@@ -555,6 +574,7 @@ function write_sys_settings(){
'apply'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'收录管理参数错误'],
'guestbook'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'留言管理参数错误'],
'link_extend'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'链接扩展参数错误'],
'article'=>['int'=>true,'min'=>0,'max'=>2,'msg'=>'文章管理参数错误']
];
$o_config = [];
foreach ($datas as $key => $data){
@@ -575,9 +595,30 @@ function write_sys_settings(){
if($_POST['apply'] == 1){$o_config['apply'] = 0;$filter = true;}
if($_POST['guestbook'] == 1){$o_config['guestbook'] = 0;$filter = true;}
if($_POST['link_extend'] == 1){$o_config['link_extend'] = 0;$filter = true;}
if($_POST['article'] == 1){$o_config['article'] = 0;$filter = true;}
}
//检测于下载文章管理依赖资源
clearstatcache();
if($o_config['article'] == 1 && ( !is_file('./static/wangEditor/wangEditor.js') || !is_file('./static/wangEditor/wangEditor.css'))){
$filePath = "./data/temp/wangEdito.tar.gz";
if(downFile('https://update.lm21.top/TwoNav/updata/wangEdito.tar.gz','wangEdito.tar.gz','./data/temp/')){
$file_md5 = md5_file($filePath);
if($file_md5 != "95f830656ba8972cca39a1ddd6ebaeda"){
unlink($filePath);
msg(-1,'效验wangEdito失败<br/>!');
}
}else{
msg(-1,'下载wangEdito失败,请重试!<br/>如需手动安装可联系技术支持!');
}
try {
$phar = new PharData($filePath);
$phar->extractTo('./static/', null, true);
unlink($filePath);
clearstatcache();
} catch (Exception $e) {
msg(-1,'安装wangEdito失败');
}
}
update_db("global_config", ["v" => $o_config], ["k" => "o_config"],[1,($filter ?"保存成功,未检测到有效授权,带*号的配置无法为你保存":"保存成功")]);
}

65
system/expand/article.php Normal file
View File

@@ -0,0 +1,65 @@
<?php if(!defined('DIR')){Not_Found();}AccessControl();
if($global_config['article'] < 1 | !check_purview('article',1)){
Not_Found();
}
$id = intval($_GET['id']);
//IP数统计
count_ip();
//如果id为空,则显示404
if(empty($id)){Not_Found();}
//查询文章
$where['uid'] = UID;
if(!is_login()){
$where['state'] = 1; //状态筛选
}
$where['id'] = $id;
$data = get_db('user_article_list','*',$where);
//查找失败时显示404
if(empty($data)){Not_Found();}
//var_dump($data);
//exit;
//站点设置和站点图标
$site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
$site['Title'] = $site['title'].(empty($site['subtitle'])?'':' - '.$site['subtitle']);
//免费用户请保留版权,谢谢!
$copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/TwoNav">Copyright © TwoNav</a>':$global_config['copyright'];
$ICP = empty($global_config['ICP'])?'':'<a target="_blank" href="https://beian.miit.gov.cn">'.$global_config['ICP'].'</a>';
$favicon = ( !empty($site['site_icon_file'])) ? $site['site_icon'] : './favicon.ico';
//取模板信息
require DIR ."/system/templates.php";
$dir_path = DIR.'/templates/article/'.$s_templates['article'];
$theme_dir = str_replace(DIR.'/templates/article',"./templates/article",$dir_path);
$path = $dir_path.'/index.php';
//检查是否存在,不存在则使用默认
if(!is_file($path)){
$path= DIR.'/templates/article/default/index.php';
$theme_dir = './templates/article/default';
}
//统计点击数
update_db("user_article_list", ["browse_count[+]"=>1],['uid'=>UID,'id'=>$id]);
//读取用户主题配置
$theme_config_db = unserialize(get_db('user_config','v',['t'=>'theme_article','k'=>$s_templates['article'],'uid'=>UID]));
//读取默认主题配置
$theme_info = json_decode(@file_get_contents($theme_dir.'/info.json'),true);
$theme_config = empty($theme_info['config']) ? []:$theme_info['config'];
$theme_ver = !Debug?$theme_info['version']:$theme_info['version'].'.'.time();
//合并配置数据
$theme_config = empty($theme_config_db) ? $theme_config : array_merge ($theme_config??[],$theme_config_db??[]);
require $path;
exit;
//返回404
function Not_Found() {
header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;
}

4
system/firewall.php
View File

@@ -11,7 +11,9 @@ foreach($_POST as $key =>$value){
if($method =='write_site_setting' && ($key =='custom_header' || $key =='custom_footer')){
continue;
}
if($method == 'write_article'){
continue;
}
if(preg_match('/<(iframe|script|body|img|layer|div|meta|style|base|object|input)/i',$value)){
$code = 2001;
}elseif(preg_match('/(onmouseover|onerror|onload)\=/i',$value)){

41
system/index.php
View File

@@ -77,7 +77,7 @@ $theme_ver = !Debug?$theme_info['version']:$theme_info['version'].'.'.time();
$site['ex_theme'] = in_array($theme,['snail-nav','heimdall']); //例外主题,不支持热门网址/最新网址/输出上限
//分类查找条件
$categorys = []; //声明一个空数组
$content = ['cid(id)','name','property','font_icon','icon','description'];//需要的内容
$content = ['cid(id)','fid','name','property','font_icon','icon','description'];//需要的内容
$where['uid'] = UID;
$where['fid'] = 0;
$where['status'] = 1;
@@ -102,7 +102,7 @@ function get_category_sub($id) {
if(!empty($share)){
$where['cid'] = $data;
}
$content = ['cid(id)','name','property','font_icon','icon','description'];
$content = ['cid(id)','name','fid','property','font_icon','icon','description'];
$where['uid'] = UID;
$where['fid'] = intval($id);
$where['status'] = 1;
@@ -129,7 +129,6 @@ function get_links($fid) {
$where['ORDER']['lid'] = 'ASC';
if(!is_login){
$where['property'] = 0;
}
//书签分享>私有可见
if(isset($share['pv']) && $share['pv'] == 1){
@@ -163,7 +162,7 @@ function get_links($fid) {
$where['LIMIT'] = $site['max_link'];
$max_link = true;
}
$links = select_db('user_links',['lid(id)','fid','property','title','url(real_url)','url_standby','description','icon','click','pid'],$where);
$links = select_db('user_links',['lid(id)','fid','property','title','url(real_url)','url_standby','description','icon','click','pid','extend'],$where);
foreach ($links as $key => $link) {
$click = false; $lock = false;
@@ -197,7 +196,41 @@ function get_links($fid) {
//获取图标链接
$links[$key]['ico'] = $lock ? $GLOBALS['libs'].'/Other/lock.svg' : geticourl($site['link_icon'],$link);
$links[$key]['type'] = 'link';
}
//处理扩展信息
if($GLOBALS['global_config']['link_extend'] == 1 && check_purview('link_extend',1) && in_array($GLOBALS['theme_info']['support']['link_extend'],["true","1"])){
foreach ($links as &$link) {
if(!empty($link['extend'])){
$link = array_merge ($link,unserialize($link['extend']));
}
}
}
//生成文章链接, 条件:非隐藏,且主题未声明不显示文章
if( intval($site['article_visual'] ?? '1') > 0 && $GLOBALS['theme_info']['support']['article'] != 'notdisplay'){
$articles = get_article_list($fid);
foreach ($articles['data'] as $article) {
$url = "./index.php?c=article&id={$article['id']}&u={$u}";
if($site['article_icon'] == '1'){ //站点图标
$icon = $GLOBALS['favicon'];
}elseif($site['article_icon'] == '2' && !empty($article['cover'])){ //封面
$icon = $article['cover'];
}else{ //首字
$icon = './system/ico.php?text='.mb_strtoupper(mb_substr($article['title'], 0, 1));
}
$article_link = ['type'=>'article','id'=>0,'title'=>$article['title'],'url'=>$url,'real_url'=>$url,'description'=>$article['summary'],'ico'=>$icon,'icon'=>$icon];
//判断靠前还是靠后
if($site['article_visual'] == '1'){
array_unshift($links,$article_link);
}else{
array_push($links,$article_link);
}
}
}
if($max_link && $count > $site['max_link']){
$oc_url = "./index.php?u={$u}&oc={$fid}" . (empty($_GET['theme']) ? '':"&theme={$_GET['theme']}");
array_push($links,['id'=>0,'title'=>'查看全部','url'=>$oc_url,'real_url'=>$oc_url,'description'=>'该分类共有'.$count.'条数据','ico'=>'./favicon.ico']);

19
system/login.php
View File

@@ -1,6 +1,5 @@
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
//登录入口
require "./system/templates.php";
//如果是Get请求则载入登录模板
if($_SERVER['REQUEST_METHOD'] === 'GET'){
require DIR ."/system/templates.php";
@@ -41,11 +40,25 @@ if(strlen($Password)!==32){
msg(-1,"浏览器UA长度异常,请更换浏览器!");
}
$LoginConfig = unserialize( $USER_DB['LoginConfig'] );
//开启双重验证时验证OTP验证码
if(!empty($LoginConfig['totp_key'])){
if(empty($_POST['otp_code'])){
msgA(['code'=>-1,'msg'=>'您已开启双重验证,请输入OTP验证码']);
}
require DIR . '/system/Authenticator.php';
$totp = new PHPGangsta_GoogleAuthenticator();
$checkResult = $totp->verifyCode($LoginConfig['totp_key'], $_POST['otp_code'], 2);
if(!$checkResult){
msgA(['code'=>-1,'msg'=>'OTP验证码错误,请重试!']);
}
}
//计算请求密码和数据库的对比
if(Get_MD5_Password($Password,$USER_DB["RegTime"]) === $USER_DB["Password"]){
update_db("user_log", ["description" => "请求登录>登录成功"], ["id"=>$log_id]);
Set_key($USER_DB);
$LoginConfig = unserialize( $USER_DB['LoginConfig'] );
if(empty($LoginConfig['login_page']) || $LoginConfig['login_page'] == 'admin'){
$url = "./?c=admin&u={$USER_DB['User']}";
}elseif($LoginConfig['login_page'] == 'index'){

18
system/public.php
View File

@@ -445,10 +445,10 @@ function is_subscribe($type = 'bool'){
$count = count($host);
if($count != 2){
$data['host'] = $host[$count-2].'.'.$host[$count-1];
//如果存在端口则去除
if(preg_match("/(.+):\d+/",$data['host'],$host)) {
$data['host'] = $host[1];
}
}
//如果存在端口则去除
if(preg_match("/(.+):\d+/",$data['host'],$host)) {
$data['host'] = $host[1];
}
}
if(!stristr($data['domain'],$data['host'])){
@@ -713,10 +713,10 @@ function send_email($config){
$mail->SMTPSecure = $config['secure'];
$mail->Port = intval($config['port']);
if(preg_match('/(.+)<(.+)>/', $config['sender'], $match)){
if(preg_match('/(.+)<(.+@.+)>$/', $config['sender'], $match)){
$mail->setFrom($match[2],$match[1]);
}else{
$mail->setFrom($config['sender']);
$mail->setFrom($config['user'],empty($config['sender'])?'TwoNav':$config['sender']);
}
$mail->addAddress($config['addressee']); //收件人
@@ -745,15 +745,15 @@ function send_email($config){
function count_ip(){
$ip = Get_IP(); //取访客IP
$k = date('Ymd'); $t = 'ip_list';
$ip_list = get_db('user_count','v',['uid'=>UID,'k'=>$k,'t'=>$t]); //取列表
$ip_list = get_db('user_count','e',['uid'=>UID,'k'=>$k,'t'=>$t]); //取列表
$ip_list = empty($ip_list) ? [] : unserialize($ip_list); //反序列化
//判断IP是否存在列表中
if(!in_array($ip, $ip_list)){
$ip_list[] = $ip; //加入列表
if(!has_db('user_count',['uid'=>UID,'t'=>$t,'k'=>$k])){
insert_db("user_count", ['uid'=>UID,"k"=>$k,"v"=>$ip_list,'t'=>$t]);
insert_db("user_count", ['uid'=>UID,"k"=>$k,"e"=>$ip_list,'t'=>$t]);
}else{
update_db("user_count", ["v"=>$ip_list],['uid'=>UID,'t'=>$t,'k'=>$k]);
update_db("user_count", ["e"=>$ip_list],['uid'=>UID,'t'=>$t,'k'=>$k]);
}
write_user_count($k,'ip_count');//访问ip数+1
}

84
system/templates.php
View File

@@ -14,7 +14,7 @@ if(empty($s_templates)){
}
//载入辅助函数
if(empty($c) || in_array($c,['index','click'])){
if(empty($c) || in_array($c,['index','click','article'])){
//将URL转换为base64编码
function base64($url){
$urls = parse_url($url);
@@ -28,7 +28,7 @@ if(empty($c) || in_array($c,['index','click'])){
function is_apply(){
global $global_config;
$apply_user = unserialize( get_db("user_config", "v", ["k" => "apply","uid"=>UID]));
return ($global_config['apply'] == 1 && $apply_user['apply'] == 1);
return ($global_config['apply'] == 1 && $apply_user['apply'] > 0);
}
//是否启用留言
function is_guestbook(){
@@ -98,3 +98,83 @@ if(empty($c) || in_array($c,['index','click'])){
}
//获取文章列表
function get_article_list($category = 0,$limit = 0){
$where['uid'] = UID;
if(!is_login()){
$where['AND']['state'] = 1; //状态筛选
}else{
$where['AND']['OR']['state'] = [1,2]; //状态筛选
}
//分类筛选
if($category > 0){
$where['AND']['category'] = $category;
}
//统计条数
$count = count_db('user_article_list',$where);
//获取条数
if($limit > 0){
$where['LIMIT'] = [0,$limit];
}
//获取文章列表
$datas = select_db('user_article_list','*',$where);
//查询分类
$categorys = select_db('user_categorys',['cid(id)','name'],['uid'=>UID]);
$categorys = array_column($categorys,'name','id');
//为文章添加分类名称
foreach ($datas as &$data) {
$data['category_name'] = $categorys[$data['category']] ?? 'Null';
}
return ['data'=>$datas,'count'=>$count];
}
//根据文章id获取内容
function get_article_content($id){
$where['uid'] = UID;
if(!is_login()){
$where['AND']['state'] = 1; //状态筛选
}else{
$where['AND']['OR']['state'] = [1,2]; //状态筛选
}
$where['id'] = $id;
$data = get_db('user_article_list','*',$where);
$data['category_name'] = get_db('user_categorys','name',['uid'=>UID,'cid'=>$data['category']]);
return $data;
}
//获取分类列表
function get_category_list($layer = false){
//查询条件
$where = [];
$where['uid'] = UID;
$where['fid'] = 0;
$where['status'] = 1;
$where['ORDER'] = ['weight'=>'ASC'];
if(!is_login()){
$where['property'] = 0;
}
//查找一级分类
$content = ['cid(id)','name','property','font_icon','icon','description'];
$category_parent = select_db('user_categorys',$content,$where);
//查找二级分类
$categorys = [];
if($layer === true){
foreach ($category_parent as $key => $category) {
$where['fid'] = $category['id'];
$category_subitem = select_db('user_categorys',$content,$where);
$category['subitem_count'] = count($category_subitem);
$category['subitem'] = $category_subitem;
array_push($categorys,$category);
}
}else{
foreach ($category_parent as $key => $category) {
$where['fid'] = $category['id'];
$category_subitem = select_db('user_categorys',$content,$where);
$category['subitem_count'] = count($category_subitem);
array_push($categorys,$category);
$categorys = array_merge ($categorys,$category_subitem);
}
}
return $categorys;
}

2
system/version.txt
View File

@@ -1 +1 @@
v2.0.31-20230720
v2.0.36-20230823

22
templates/admin/js/link.js
View File

@@ -204,6 +204,28 @@ layui.use(module, function () {
}
}
//链接扩展上传图片
upload.render({
elem: '.extend_up_img'
,url: get_api('write_link','extend_up_img')
,exts: 'jpg|jpeg|png|ico|bmp|svg'
,acceptMime: 'image/*'
,accept: 'file'
,size: 1024
,done: function(res){
if(res.code == 1){
let inpu = this.item.closest('.layui-form-item').find('input[name^="_"]');
inpu.val(res.url);
}else{
layer.msg(res.msg || '上传失败', {icon: 5});
}
},error: function(){
layer.msg("上传异常,请刷新重试", {icon: 5});
}
});
//layui>end
});

3
templates/admin/js/link_list.js
View File

@@ -376,6 +376,7 @@ layui.use(['form','table','dropdown','miniTab'], function () {
,{field:'name',title:'字段名',edit:'text',width:256}
,{field:'type',title:'类型',edit:'text',width:256}
,{field:'default',title:'默认值',edit:'text',width:256}
,{field:'tip',title:'提示内容',edit:'text',width:256}
,{ title:'操作',toolbar:'#link_extend_toolbar',align:'center',width:118}
]]
});
@@ -530,7 +531,7 @@ layui.use(['form','table','dropdown','miniTab'], function () {
"title": "请输入标题",
"name":"请输入字段名(大小写字母或数字)",
"weight":(max_weight + 1),
"type":"请输入 text 或 textarea",
"type":"请输入 text 或 textarea 或 up_img",
"default":""
});
table.reload('link_extend_list', {data: data});

122
templates/admin/page/SecuritySetting.php
View File

@@ -1,4 +1,6 @@
<?php $title='安全设置'; require 'header.php'; ?>
<?php $title='安全设置'; require 'header.php';
$LoginConfig = unserialize($USER_DB['LoginConfig']);
$LoginConfig['totp_key'] = empty($LoginConfig['totp_key']) ? '0':'1';?>
<body>
<div class="layuimini-container">
<div class="layuimini-main">
@@ -83,10 +85,9 @@
<select name="api_model">
<option value="security" selected>安全模式</option>
<option value="compatible">兼容模式</option>
<option value="compatible+open">兼容模式+开放</option>
</select>
</div>
<div class="layui-form-mid layui-word-aux">部分主题和插件需设为兼容+开放模式 <a href="javascript:;" layuimini-content-href="Token" data-title="Token"><font color="red"> 获取API ( Token )</font></a></div>
<div class="layui-form-mid layui-word-aux">部分主题和插件需设为兼容 <a href="javascript:;" layuimini-content-href="Token" data-title="Token"><font color="red"> 获取API ( Token )</font></a></div>
</div>
<div class="layui-form-item">
@@ -110,14 +111,58 @@
</div>
<div class="layui-form-item">
<div class="layui-input-block"><button class="layui-btn layui-btn-normal" lay-submit lay-filter="save">确认保存</button></div>
<div class="layui-input-block">
<button class="layui-btn layui-btn-normal" lay-submit lay-filter="save">确认保存</button>
<button class="layui-btn layui-bg-purple" lay-submit lay-filter="open_totp">OTP 双重验证</button>
</div>
</div>
</div>
</form>
</div>
</div>
<ul class="ul_totp" style="margin-top:18px;display:none;padding-right: 10px;">
<form class="layui-form" lay-filter="ul_totp">
<div class="layui-form-item">
<label class="layui-form-label">二维码</label>
<div id="qr"></div><div id="qrcode"></div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">秘钥</label>
<div class="layui-input-inline">
<input type="text" name="key" id="key" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">为了您的账户安全,成功保存后无法再查看秘钥,请勿泄漏秘钥</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">验证码</label>
<div class="layui-input-inline">
<input type="text" name="code" id="code" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">请输入生成的验证码</div>
</div>
<pre class="layui-code" >
这东西叫法太多了,比如双重验证/动态密码/动态口令/动态令牌/身份验证器/双因子认证/2FA/TOTP验证码等等
原理是基于时间的动态验证码,网上客户端也大把,喜欢那个安装那个
开启后登录时需输入OTP验证码,作用是提高账号安全性
</pre>
<div class="layui-form-item">
<div class="layui-input-block">
<button class="layui-btn layui-btn-warm" type="button" id="close" >关闭</button>
<button class="layui-btn layui-btn-normal" lay-submit lay-filter="save_totp" id="save_totp">保存</button>
</div>
</div>
</form>
</ul>
<script src = "<?php echo $libs;?>/jquery/jquery-3.6.0.min.js"></script>
<script src = "<?php echo $libs;?>/jquery/jquery.md5.js"></script>
<script src = "<?php echo $libs; ?>/jquery/jquery.qrcode.min.js"></script>
<script src = "./templates/admin/js/public.js?v=<?php echo $Ver;?>"></script>
<?php load_static('js');?>
<script>
@@ -127,9 +172,9 @@ layui.use(['jquery','form','miniTab'], function () {
miniTab = layui.miniTab;
miniTab.listen();
//表单赋值
form.val('form', <?php echo json_encode(unserialize( $USER_DB['LoginConfig'] ));?>);
form.val('form', <?php echo json_encode($LoginConfig);?>);
//监听提交
//保存
form.on('submit(save)', function (data) {
$("*").blur(); //失去焦点,解决按回车无限提交
data.field.Password=$.md5(data.field.Password);
@@ -137,7 +182,7 @@ layui.use(['jquery','form','miniTab'], function () {
if(data.code == 1) {
var index = layer.alert("保存成功!", function () {
layer.close(index);
//miniTab.deleteCurrentByIframe();
//miniTab.deleteCurrentByIframe(); //关闭页面
});
}else{
layer.msg(data.msg, {icon: 5});
@@ -145,6 +190,69 @@ layui.use(['jquery','form','miniTab'], function () {
});
return false;
});
//双重验证
form.on('submit(open_totp)', function (data) {
$("*").blur(); //失去焦点,解决按回车无限提交
data.field.Password=$.md5(data.field.Password);
pwd_md5 = data.field.Password;
$.post(get_api('read_totp'),data.field,function(data,status){
if(data.code == 1){
layer.confirm('已开启双重验证,是否要关闭?',{icon: 3, title:'温馨提示'}, function(index){
layer.closeAll();
$.post(get_api('write_totp','delete'),{'Password':pwd_md5},function(data,status){
if(data.code == 1) {
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
});
}else if(data.code == 2) {
layer.confirm('未开启双重验证,是否要开启?',{icon: 3, title:'温馨提示'}, function(index){
layer.closeAll();
$('#key').val(data.key);
$('#code').val('');
$("#qr").html('');//防止多次操作出现多个二维码
let content = `otpauth://totp/${u}?secret=${data.key}&issuer=TwoNav`;
$('#qr').qrcode({render: "canvas",width: 200,height: 200,text: content});
var index = layer.open({type: 1,scrollbar: false,shadeClose: true,title: '双重验证',area : ['100%', '100%'],content: $('.ul_totp')});
});
return false;
}else{
layer.msg(data.msg, {icon: 5});
}
});
return false;
});
$('#key').on('input', function() {
$("#key").html('');
let key = $('#key').val();
let content = `otpauth://totp/${u}?secret=${key}&issuer=TwoNav`;
$("#qr").html('');
$('#qr').qrcode({render: "canvas",width: 200,height: 200,text: content});
});
//保存双重验证
form.on('submit(save_totp)', function (data) {
$("*").blur(); //失去焦点,解决按回车无限提交
data.field.Password = pwd_md5;
$.post(get_api('write_totp','set'),data.field,function(data,status){
if(data.code == 1) {
layer.closeAll();
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
return false;
});
//关闭页面
$(document).on('click', '#close', function() {
layer.closeAll();
});
});
</script>
</body>

7
templates/admin/page/SiteSetting.php
View File

@@ -69,15 +69,16 @@
<label class="layui-form-label">链接图标</label>
<div class="layui-input-inline" >
<select name="link_icon">
<option value="0" selected>离线图标</option>
<option value="0" selected>离线图标(首字图标)</option>
<option value="20" >本地服务</option>
<option value="21" >本地服务(伪静态)</option>
<option value="2" >favicon.png.pub (小图标)</option>
<option value="4" >api.15777.cn</option>
<option value="5" >favicon.cccyun.cc</option>
<!--<option value="4" >api.15777.cn</option>-->
<!--<option value="5" >favicon.cccyun.cc</option>-->
<option value="6" >api.iowen.cn</option>
<!--<option value="7" >toolb.cn</option>-->
<!--<option value="8" >apis.jxcxin.cn</option>-->
<!--<option value="9" >ico.kucat.cn</option>-->
</select>
</div>
<div class="layui-form-mid layui-word-aux">所有API接口均由其他大佬提供!若有异常请尝试更换接口!</div>

15
templates/admin/page/Token.php
View File

@@ -14,9 +14,8 @@
<div class="layui-colla-item">
<div class="layui-colla-title">API模式的差别</div>
<div class="layui-colla-content">
<p>安全模式: 仅提供TwoNav自身的API接口,访客(未登录/Token为空)无法调用!</p>
<p>兼容模式: 兼容部分OneNav的API接口,以便于其他插件调用!不允许访客调用!</p>
<p>兼容模式+开放: 在兼容模式的基础上允许访客调用API获取共有数据!</p>
<p>安全模式: 仅提供TwoNav自身的API接口,不兼容Onenav的API接口!</p>
<p>兼容模式: 兼容部分OneNav的API接口,以便于其他插件调用!不支持访客调用!</p>
<p>如果你未使用相关扩展插件,则无需修改模式并将Token删除,以提高账号的安全性!</p>
</div>
</div>
@@ -24,10 +23,12 @@
<div class="layui-colla-title">如何使用Chrome浏览器扩展 [非官方]</div>
<div class="layui-colla-content">
前言: 由于浏览器扩展插件非TwoNav所开发适配,如存在Bug或无法使用属正常现象!<br />
安装: 谷歌应用商店下载<a href="https://chrome.google.com/webstore/detail/onenav/omlkjgkogkfpjbdigianpdbjncdchdco?hl=zh-CN&authuser=0" >OneNav</a>并安装 ( 已知0.9.24可用,其他版本未知 )<br />
设置S: 1.TwoNav后台>右上角账号>安全设置>API模式>设为<兼容模式>或<兼容模式+开放> 2.在本页面获取Token<br />
安装: 谷歌应用商店下载<a href="https://chrome.google.com/webstore/detail/onenav/omlkjgkogkfpjbdigianpdbjncdchdco?hl=zh-CN&authuser=0" >OneNav</a>并安装 ( 已知0.9.24 - 1.0.1可用,其他版本未知 )<br />
设置S: 1.TwoNav后台>右上角账号>安全设置>API模式>设为<兼容模式> 2.在本页面获取Token<br />
设置C: 插件API设置>填入域名和Token并保存>完成<br />
常见问题1: 对于单用户使用,确保系统设置中默认用户是当前用户即可!多用户使用时需开启二级域名功能并将域名替换成用户的二级域名,注意结尾不需要带/
问题1: 对于单用户使用,确保系统设置中默认用户是当前用户即可!多用户使用时需开启二级域名功能并将域名替换成用户的二级域名,注意结尾不需要带/
问题2: 因为插件非官方开发维护,能用就尽量不要更新,如果插件更新可能会导致无法正常使用,需这个更新获得兼容性!
问题3: 因为国内环境限制,你可能无法访问谷歌,这种情况你可以在交流群获取插件(安装方法自行百度,部分浏览器可能需要开发者模式加载)
</div>
</div>
<div class="layui-colla-item">
@@ -35,7 +36,7 @@
<div class="layui-colla-content">
<p>前言: 由于uTools扩展插件非TwoNav所开发适配,如存在Bug或无法使用属正常现象!</p>
<p>安装: 在uTools插件应用市场>搜索OneNav>点击获取 </p>
<p>设置S: 1.TwoNav后台>右上角账号>安全设置>API模式>设为<兼容模式>或<兼容模式+开放> 2.在本页面获取SecretKey ( 即插件设置中的API KEY )</p>
<p>设置S: 1.TwoNav后台>右上角账号>安全设置>API模式>设为<兼容模式> 2.在本页面获取SecretKey ( 即插件设置中的API KEY )</p>
<p>设置C: 打开uTools中的OneNav,点击右下角小齿轮>输入网站地址/用户名/API KEY</p>
</div>
</div>

4
templates/admin/page/data_control.php
View File

@@ -175,7 +175,7 @@
</blockquote>
<fieldset class="layui-elem-field layui-field-title" style="margin-top: 30px;"><legend>本地备份 (订阅可用)</legend></fieldset>
<blockquote class="layui-elem-quote" style="margin-top: 10px;border-left: 2px solid #FF5722; color: #FF5722;">1.备份数据库仅保存最近20份数据<br />2.该功能仅辅助备份使用无法确保100%数据安全,因此定期对整个站点打包备份仍然是必要的</blockquote>
<blockquote class="layui-elem-quote" style="margin-top: 10px;border-left: 2px solid #FF5722; color: #FF5722;">1.备份数据库仅保存最近20份数据<br />2.该功能仅辅助备份使用无法确保100%数据安全,因此定期对整个站点打包备份仍然是必要的<br />3.不支持将新版本备份回滚到旧版本中,不建议跨数据库类型回滚</blockquote>
<!-- 数据表格 -->
<table class="layui-hide" id="list" lay-filter="list"></table>
<!--本地备份备注输入-->
@@ -233,8 +233,10 @@
<input type="checkbox" name="TABLE[user_pwd_group]" title="加密" checked>
<input type="checkbox" name="TABLE[user_share]" title="分享" checked>
<input type="checkbox" name="TABLE[user_apply]" title="收录" checked>
<input type="checkbox" name="TABLE[user_article_list]" title="文章" checked>
<input type="checkbox" name="FILE[MessageBoard]" title="留言" checked>
<input type="checkbox" name="FILE[favicon]" title="图标" checked>
<input type="checkbox" name="FILE[upload]" title="上传目录(如文章图片)" checked>
</div>
</div>
<div class="layui-form-item">

328
templates/admin/page/expand/article-edit.php Normal file
View File

@@ -0,0 +1,328 @@
<?php
if($global_config['article'] < 1 || !check_purview('article',1)){
require(DIR.'/templates/admin/page/404.php');
exit;
}
// if($global_config['article'] == 2 ){
// if(is_file(DIR.'/static/UEditor/ueditor.all.min.js')){
// require('article-edit-2.php');
// exit;
// }else{
// $content = '未检测到UEditor资源';
// require DIR.'/templates/admin/page/404.php';
// exit;
// }
// }
if(!is_file(DIR.'/static/wangEditor/wangEditor.css') || !is_file(DIR.'/static/wangEditor/wangEditor.js')){
$content = '由于缺少静态资源,当前无法加载编辑器!<br />如果您是站长,请在系统设置页面点击确定保存,系统将自动下载相关资源!<br />如果您是用户,请联系站长处理或耐心等候!';
require DIR.'/templates/admin/page/404.php';
exit;
}
$article_id = Get('id');
$mode = empty($article_id) ? 'add' : 'edit' ;
if($mode == 'edit'){
if(has_db('user_article_list',['uid'=>UID,'id'=>$article_id])){
$data = get_db('user_article_list','*',['uid'=>UID,'id'=>$article_id]);
//var_dump($data);
}else{
$mode = 'add';
}
}
$title = $mode == 'add' ? '添加文章' : '编辑文章';
require dirname(__DIR__).'/header.php' ?>
<link href="<?php echo $libs?>/wangEditor/wangEditor.css" rel="stylesheet">
<style type="text/css">
#editor—wrapper { border: 1px solid #cccccc88; }
#toolbar-container { border-bottom: 1px solid #ccc; }
#editor-container { height: 400px; }
.w40{width:40px;}
.layui-upload-drag .layui-icon{font-size: 40px;color: #c2c2c2;}
.layui-upload-drag{padding: 10px;}
.badge{display:inline-block;min-width:10px;padding:3px 7px;font-size:11px;font-weight:700;color:#fff;line-height:1;vertical-align:middle;white-space:nowrap;text-align:center;background-color:#777;border-radius:10px}
.bg-red{background-color:#e74c3c!important}
.uploads-delete-tip{position: absolute;right: 10px;font-size: 12px;}
.layui-input-block{margin-left: 70px;}
@media screen and (max-width: 768px) {
.layui-input-block {margin-left: 12px;}
.content{display: none!important;}
.layui-form-select .layui-edge {top: 75%;}
}
</style>
<body>
<div class="layuimini-container">
<div class="layuimini-main">
<form class="layui-form" lay-filter="form">
<input class="layui-input layui-hide" name="id" autocomplete="off" value="<?php echo $data['id'];?>">
<div class="layui-form-item ">
<label class="layui-form-label w40">标题:</label>
<div class="layui-input-block">
<input class="layui-input" name="title" placeholder='请输入文章标题' autocomplete="off" value="<?php echo $data['title'];?>">
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label w40">分类:</label>
<div class="layui-input-block">
<select name="category" lay-search>
<?php echo_category(true); ?>
</select>
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label w40">状态:</label>
<div class="layui-input-block">
<select name="state">
<option value="1">公开</option>
<option value="2">私有</option>
<option value="3">草稿</option>
<option value="4">废弃</option>
</select>
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label w40">摘要:</label>
<div class="layui-input-block">
<textarea name="summary" rows ="2" placeholder="文章摘要,留空时自动获取" class="layui-textarea" style="min-height: 45px;"><?php echo $data['summary'];?></textarea>
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label w40 content">正文:</label>
<div class="layui-input-block" id="editor—wrapper">
<div id="toolbar-container"></div>
<div id="editor-container"></div>
<textarea name="content" id="content" class="layui-textarea layui-hide"><?php echo $data['content'] ?? '<p><br></p>';?></textarea>
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label w40">封面:</label>
<div class="layui-upload-drag">
<input type="text" name="cover_url" id="cover_url" style="display: none;" value="<?php echo $data['cover'];?>">
<small class="uploads-delete-tip bg-red badge" style="cursor:pointer;display: none;" id="del_cover_view">×</small>
<i class="up_cover layui-icon layui-icon-add-1" id="up_cover" style="padding-right: 20px; padding-left: 20px;color: #e2e2e2;"></i>
<p class="up_cover">上传封面</p>
<div id="cover_view" style="display: none;"><img src="<?php echo $data['cover'];?>" style="max-width: 196px"></div>
</div>
</div>
</form>
<div class="layui-form-item">
<div class="layui-input-block">
<button class="layui-btn layui-btn-normal layui-btn-danger" id="cancel" >取消</button>
<button class="layui-btn layui-btn-normal" id="save" >保存</button>
</div>
</div>
</div>
</div>
<script src = "<?php echo $libs;?>/jquery/jquery-3.6.0.min.js"></script>
<script src = '<?php echo $libs?>/jquery/jquery.md5.js'></script>
<script src = "./templates/admin/js/public.js?v=<?php echo $Ver;?>"></script>
<?php load_static('js');?>
<script src="<?php echo $libs?>/wangEditor/wangEditor.js"></script>
<script>
const { createEditor, createToolbar } = window.wangEditor
const editorConfig = {
placeholder: '请输入文章内容...',
MENU_CONF: {
uploadImage: {}
},
onChange(editor) {
const html = editor.getHtml();
$('#content').val(html);
}
}
editorConfig.MENU_CONF['uploadImage'] = {
base64LimitSize: 128 * 1024, //小于该值就插入base64
server: get_api('write_article','uploadImage'),
fieldName: 'file',
maxFileSize: 5 * 1024 * 1024, // 单文件限制5M
maxNumberOfFiles: 10, //最多上传10个文件
// 上传之前触发
onBeforeUpload(file) {
return file
},
// 上传进度的回调函数
onProgress(progress) {
console.log('progress', progress) //进度: 0-100
},
// 单个文件上传成功之后
onSuccess(file, res) {
parent.layer.msg('上传成功', {icon: 1});
},
// 单个文件上传失败
onFailed(file, res) {
layer.alert(`${res.message}`,{icon:5,title:`上传失败: ${file.name}`,anim: 2,closeBtn: 0});
console.log(res );
},
// 上传错误,或者触发 timeout 超时
onError(file, err, res) {
layer.alert(`${err}`,{icon:5,title:`上传错误: ${file.name}`,anim: 2,closeBtn: 0});
},
}
editorConfig.MENU_CONF['uploadVideo'] = {
base64LimitSize: 128 * 1024, //小于该值就插入base64
server: get_api('write_article','uploadVideo'),
fieldName: 'file',
maxFileSize: 20 * 1024 * 1024, // 单文件限制
maxNumberOfFiles: 10, //最多上传10个文件
// 上传之前触发
onBeforeUpload(file) {
return file
},
// 上传进度的回调函数
onProgress(progress) {
console.log('progress', progress) //进度: 0-100
},
// 单个文件上传成功之后
onSuccess(file, res) {
parent.layer.msg('上传成功', {icon: 1});
},
// 单个文件上传失败
onFailed(file, res) {
layer.alert(`${res.message}`,{icon:5,title:`上传失败: ${file.name}`,anim: 2,closeBtn: 0});
console.log(res );
},
// 上传错误,或者触发 timeout 超时
onError(file, err, res) {
layer.alert(`${err}`,{icon:5,title:`上传错误: ${file.name}`,anim: 2,closeBtn: 0});
},
}
const editor = createEditor({
selector: '#editor-container',
html: $('#content').val(),
config: editorConfig,
mode: 'default'
})
const toolbarConfig = {excludeKeys: ['fullScreen','uploadVideo']}
const toolbar = createToolbar({
editor,
selector: '#toolbar-container',
config: toolbarConfig,
mode: 'default'
})
layui.use(['form','upload'], function () {
var form = layui.form,
upload = layui.upload;
<?php if($mode == 'edit'){ ?>
form.val('form',{category:<?php echo $data['category'];?>,state:<?php echo $data['state'];?>});
<?php }?>
var original_md5 = $.md5(JSON.stringify(form.val('form')));
$('#cancel').click(function () {
let data = form.val('form');
if($.md5(JSON.stringify(form.val('form'))) == original_md5){
parent.layer.close(parent.layer.getFrameIndex(window.name));
return false;
}
layer.confirm('确定取消?',{icon: 3, title:'温馨提示'}, function(index){
parent.layer.close(parent.layer.getFrameIndex(window.name));
});
return false;
});
//如果存在封面则加载
if($("#cover_url").val() != ''){
layui.$('#cover_view img').attr('src', $("#cover_url").val());
layui.$('#cover_view').show();
layui.$('#del_cover_view').show();
layui.$('.up_cover').hide();
}
//上传
var uploadInst = upload.render({
elem: '.up_cover'
,url: get_api('write_article','uploadImage')
,accept: 'images'
,acceptMime: 'image/*'
,exts:'jpg|png|gif|bmp|jpeg|svg|webp'
,size: 5*1024
,done: function(res){
if(res.errno == 0){
$("#cover_url").val(res.data.url);
layui.$('#cover_view img').attr('src', res.data.url);
layui.$('#cover_view').show();
layui.$('#del_cover_view').show();
layui.$('.up_cover').hide();
layer.msg('上传成功', {icon: 1});
}else{
layer.msg(res.message || '上传失败', {icon: 5});
}
},error: function(){
layer.msg("上传异常,请刷新重试", {icon: 5});
}
});
//删除封面
$(document).on('click', '#del_cover_view', function() {
$.post(get_api('write_article','deleteImage'),{'path':$("#cover_url").val()},function(data,status){
if(data.code == 1) {
$("#cover_url").val('');
layui.$('#cover_view').hide();
layui.$('#del_cover_view').hide();
layui.$('.up_cover').show();
uploadInst.config.elem.next()[1].value = '';
layer.msg("删除成功",{icon:1});
}else{
layer.msg(data.msg || '未知错误',{icon: 5});
}
});
});
$('#save').click(function () {
let data = form.val('form');
if(data.title == ''){
layer.msg('标题不能为空,请输入标题',{icon: 5});
return false;
}
if(data.summary == ''){
data.summary = truncateString(editor.getText(),120).replace(/\n/g, ' ');
}
let loading = layer.msg('正在处理,请稍后..', {icon: 16,time: 1000*300,shadeClose: false});
$.post(get_api('write_article','save_article'),data,function(data,status){
layer.close(loading);
if(data.code == 1) {
parent.layer.close(parent.layer.getFrameIndex(window.name));
parent.layer.msg('操作成功', {icon: 1});
}else{
layer.msg(data.msg || '未知错误',{icon: 5});
}
});
return false;
});
});
function truncateString(str,n) {
var r=/[^\x00-\xff]/g;
if(str.replace(r,"mm").length<=n){return str;}
var m=Math.floor(n/2);
for(var i=m;i<str.length;i++){
if(str.substr(0,i).replace(r,"mm").length>=n){
return str.substr(0,i)+"...";
}
}
return str;
}
</script>
</body>
</html>

392
templates/admin/page/expand/article-list.php Normal file
View File

@@ -0,0 +1,392 @@
<?php
if($global_config['article'] < 1 || !check_purview('article',1)){
require(DIR.'/templates/admin/page/404.php');
exit;
}
//读取设置
$s_site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
$set['visual'] = $s_site['article_visual'] ?? '1';
$set['icon'] = $s_site['article_icon'] ?? '1';
$title='文章列表';
require dirname(__DIR__).'/header.php' ?>
<body>
<div class="layuimini-container">
<div class="layuimini-main">
<form class="layui-form" lay-filter="form">
<div class="layui-inline layui-form" style="padding-bottom: 5px;">
<label class="layui-form-label " style="width:60px;padding-left: 5px;padding-right: 5px;">文章筛选:</label>
<div class="layui-input-inline" style="width: 150px;">
<select name="category" lay-search>
<option value="0" selected="">全部</option>
<optgroup label="用户分类">
<?php echo_category(true); ?>
</optgroup>
</select>
</div>
</div>
<div class="layui-inline layui-form" style="padding-bottom: 5px;">
<label class="layui-form-label layui-hide-sm" style="width:60px;padding-left: 5px;padding-right: 5px;">关键字:</label>
<div class="layui-input-inline">
<input class="layui-input" name="keyword" id="keyword" placeholder='请输入标题或文章内容' autocomplete="off" >
</div>
</div>
<div class="layui-inline layui-form layui-hide-xs" style="padding-bottom: 5px;" >
<label class="layui-form-label layui-hide-sm" style="width:60px;padding-left: 5px;padding-right: 5px; ">属性筛选:</label>
<div class="layui-input-inline" style="width: 80px;">
<select name="state">
<option value="0" selected="">全部</option>
<option value="1">公开</option>
<option value="2">私有</option>
<option value="3">草稿</option>
<option value="4">废弃</option>
</select>
</div>
</div>
<div class="layui-inline layui-form" style="padding-bottom: 5px;">
<button class="layui-btn layui-btn-normal "type="button" id="search" style="height: 36px;">搜索</button>
</div>
</form>
<table id="table" class="layui-table" lay-filter="table" style="margin: 1px 0;"></table>
</div>
</div>
<!-- 操作列 -->
<script type="text/html" id="tablebar">
<div class="layui-btn-group">
<a class="layui-btn layui-btn-danger layui-btn-xs" lay-event="del">删除</a>
<a class="layui-btn layui-btn-normal layui-btn-xs" lay-event="edit">编辑</a>
</div>
</script>
<!-- 表头工具栏 -->
<script type="text/html" id="toolbar">
<div class="layui-btn-group">
<button class="layui-btn layui-btn-sm layui-btn-danger" id="batch_operation"><span>批量操作</span><i class="layui-icon layui-icon-down layui-font-12"></i></button>
<button class="layui-btn layui-btn-sm layui-btn-normal" lay-event="add_article">添加文章</button>
<button class="layui-btn layui-btn-sm " lay-event="set">设置</button>
</div>
</script>
<script src = "<?php echo $libs;?>/jquery/jquery-3.6.0.min.js"></script>
<script src = "./templates/admin/js/public.js?v=<?php echo $Ver;?>"></script>
<?php load_static('js');?>
<!--批量修改分类-->
<ul class="batch_category" style="margin-top: 18px;display:none;padding-right: 10px;padding-left: 10px;">
<form class="layui-form" lay-filter="batch_category">
<div class="layui-form-item">
<label class="layui-form-label">父级分类</label>
<div class="layui-input-block">
<select id="batch_category_fid">
<?php echo_category(true); ?>
</select>
</div>
</div>
<div class="layui-form-item">
<div class="layui-input-block">
<button class="layui-btn layui-btn-normal layui-btn-danger cancel" type="button">取消</button>
<button class="layui-btn" type="button" id="batch_category" >确定修改</button>
</div>
</div>
</form>
</ul>
<!--设置-->
<ul class="set" style="margin-top: 18px;display:none;padding-right: 10px;padding-left: 10px;">
<form class="layui-form" lay-filter="set_form">
<div class="layui-form-item">
<label class="layui-form-label">显示文章</label>
<div class="layui-input-inline">
<select name="visual">
<option value="1">显示靠前</option>
<option value="2">显示靠后</option>
<option value="0">隐藏</option>
</select>
</div>
<div class="layui-form-mid layui-word-aux">是否在主页显示文章链接</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">链接图标</label>
<div class="layui-input-inline">
<select name="icon">
<option value="0">首字图标</option>
<option value="1">站点图标</option>
<option value="2">文章封面</option>
</select>
</div>
<div class="layui-form-mid layui-word-aux">设为文章封面且无封面时显示站点图标</div>
</div>
<div class="layui-form-item" style="padding-top: 10px;">
<div class="layui-input-block">
<button class="layui-btn layui-btn-normal layui-btn-danger cancel">取消</button>
<button class="layui-btn" lay-submit id="save_set">保存</button>
</div>
</div>
<pre class="layui-code" >
小提示:
1.文章所属分类加密时不会对文章加密 (暂不支持文章加密,不想被看到可将文章设为私有)
2.文章所属分类私有且未登录时不显示文章链接 (通过文章链接访问不受限制,不想被看到可将文章设为私有)
3.上传图片支持格式:jpg|png|gif|bmp|jpeg|svg 大小限制:5M
4.编辑器中上传图片小于128KB时使用base64编码存入数据库,大于128KB时将以文件的方式上传到服务器
5.显示文章选项中的靠前/靠后是指文章链接在所属分类下的位置,隐藏则不在主页显示
</pre>
</form>
</ul>
<script>
layui.use(['form','table','dropdown','miniTab'], function () {
var $ = layui.jquery;
var table = layui.table;
var form = layui.form;
var dropdown = layui.dropdown;
var miniTab = layui.miniTab;
var api = get_api('read_article','article_list');
var limit = localStorage.getItem(u + "_limit") || 50;
var state_data = ["Null","公开", "私有", "草稿", "废弃"];
var cols=[ //表头
{type:'checkbox'} //开启复选框
,{ title:'操作', toolbar: '#tablebar',width:110}
,{field: 'title', title: '标题', minWidth:200,templet: function(d){
return '<a style="color:#3c78d8" target="_blank" href="./?c=article&id=' +d.id + '&u=' + u + '" title="' + d.summary + '">'+d.title+'</a>'
}}
,{field:'category',title:'分类',width:100,templet: function(d){
return d.category_name;
}}
,{field:'state',title:'状态',width:100,templet: function(d){
return state_data[d.state];
}}
,{field: 'browse_count', title: '浏览次数',width:120,sort:true}
,{field: 'add_time', title: '添加时间', width:170, sort: true,templet:function(d){
var add_time = timestampToTime(d.add_time);
return add_time;
}}
,{field: 'up_time', title: '修改时间', width:170,sort:true,templet:function(d){
return d.up_time == null ?'':timestampToTime(d.up_time);
}}
];
table.render({
elem: '#table'
,height: 'full-80'
,url: api
,page: true
,limit:limit
,limits: [20,50,100,300,500]
,even:true
,loading:true
,toolbar: '#toolbar'
,id:'table'
,cols: [cols]
,method: 'post'
,response: {statusCode: 1 }
,done: function (res, curr, count) {
batch_operation();//初始化批量操作菜单
//获取当前每页显示数量.并写入本都储存
var temp_limit = $(".layui-laypage-limits option:selected").val();
if(temp_limit > 0 && localStorage.getItem(u + "_limit") != temp_limit){
localStorage.setItem(u + "_limit",temp_limit);
}
}
});
//批量操作
function batch_operation(){
dropdown.render({
elem: '#batch_operation',
data: [{
title: ' 修改分类 ',
id: 'up_category'
},{
title: '修改状态',
child: [{
title: '设为公开',
id: "up_state",
value: 1
},{
title: '设为私有',
id: "up_state",
value: 2
},{
title: '设为草稿',
id: "up_state",
value: 3
},{
title: '设为废弃',
id: "up_state",
value: 4
}]
},{
title: '批量删除',
id: 'del_article'
}],
click: function(obj){
let checkStatus = table.checkStatus('table').data;
if( checkStatus.length == 0 ) {
layer.msg('未选中任何数据!');
return;
}
//获取被选ID并格式化
tableIds = checkStatus.map(function (value) {return value.id;});
tableIds = JSON.stringify(tableIds);
//删除文章
if(obj.id == 'del_article'){
layer.confirm('确认删除?',{icon: 3, title:'温馨提示'}, function(index){
$.post(get_api('write_article','del_article'),{id:tableIds},function(data,status){
if(data.code == 1) {
search();
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
});
}else if(obj.id == 'up_category'){
index = layer.open({type: 1,scrollbar: false,shadeClose: true,title: false ,area : ['100%', '100%'],closeBtn:0,content: $('.batch_category')});
}else if(obj.id == 'up_state'){
$.post(get_api('write_article','up_state'),{'id':tableIds,'state_id':obj.value},function(data,status){
if(data.code == 1) {
search();
layer.msg('操作成功', {icon: 1});
}else{
layer.msg(data.msg || '未知错误',{icon: 5});
}
});
}
}
});
}
//输入框回车事件和搜索按钮点击事件
$('#keyword, #search').on('keydown click', function(e) {
if ( (e.target.id === 'keyword' && e.keyCode === 13) || (e.target.id === 'search' && e.type === 'click') ) {
search();
}
});
//搜索
function search(){
let data = form.val('form');
table.reload('table', {
url: api
,method: 'post'
,request: {pageName: 'page',limitName: 'limit'}
,where: data
,page: {curr: 1}
});
}
//监听工具栏
table.on('toolbar(table)', function (obj) {
var btn = obj.event;
if (btn == 'add_article') { //添加文章
layer.open({
title: false,
type: 2,
scrollbar: false,
shade: 0.2,
maxmin:false,
shadeClose: true,
closeBtn:0,
area: ['100%', '100%'],
content: './?c=admin&page=expand/article-edit&u=' + u,
end: function(){
search();
}
});
}else if(btn == 'set'){ //设置
index = layer.open({type: 1,scrollbar: false,shadeClose: true,title: false ,area : ['100%', '100%'],closeBtn:0,content: $('.set')});
}else{ //综合批量操作
//取选中数据
var checkStatus = table.checkStatus(obj.config.id);
if( checkStatus.data.length == 0 && ['LAYTABLE_COLS','LAYTABLE_EXPORT','LAYTABLE_PRINT'].indexOf(btn) == -1 ) {
layer.msg('未选中任何数据!');
return;
}
//批量删除
if(btn == 'batch_del'){
tableIds = checkStatus.data.map(function (value) {return value.id;});
tableIds = JSON.stringify(tableIds);
layer.confirm('确认删除?',{icon: 3, title:'温馨提示'}, function(index){
$.post(get_api('write_article','del_article'),{id:tableIds},function(data,status){
if(data.code == 1) {
search();
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
});
}
}
});
//监听行工具
table.on('tool(table)', function (obj) {
let btn = obj.event;
let data = obj.data;
if (btn === 'del') {
layer.confirm('确认删除?',{icon: 3, title:'温馨提示'}, function(index){
$.post(get_api('write_article','del_article'),{id:'['+data.id+']'},function(data,status){
if(data.code == 1) {
obj.del();
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
});
}else if(btn === 'edit'){
layer.open({
title: false,
type: 2,
scrollbar: false,
shade: 0.2,
maxmin:false,
shadeClose: true,
closeBtn:0,
area: ['100%', '100%'],
content: './?c=admin&page=expand/article-edit&id='+data.id+'&u=' + u,
end: function(){
search();
}
});
}
});
//设置相关
form.val('set_form', <?php echo json_encode($set);?>);
$('#save_set').on('click', function(){
$.post(get_api('write_article','save_article_set'),form.val('set_form'),function(data,status){
if(data.code == 1) {
layer.close(index);
layer.msg('操作成功', {icon: 1});
}else{
layer.msg(data.msg || '未知错误',{icon: 5});
}
});
return false;
});
//取消按钮
$('.cancel').click(function () {
layer.close(index);
return false;
});
//批量修改分类
$('#batch_category').click(function () {
fid = $('#batch_category_fid').val();
$.post(get_api('write_article','up_category'),{'id':tableIds,'category_id':fid},function(data,status){
if(data.code == 1) {
search();
layer.close(index);
layer.msg('操作成功', {icon: 1});
}else{
layer.msg(data.msg || '未知错误',{icon: 5});
}
});
return false;
});
});
</script>
</body>
</html>

22
templates/admin/page/home.php
View File

@@ -242,7 +242,7 @@ require 'header.php';
<div class="layui-card">
<div class="layui-card-header">
<div style="display: flex; justify-content: space-between;">
<div><i class="fa fa-line-chart icon"></i>报表统计</div>
<div id="tongji" style="cursor: pointer;"><i class="fa fa-line-chart icon" ></i>报表统计</div>
<div>
<button class="layui-btn layui-btn-primary echarts" style="border: none;display:none;"><span>最近7天</span><i class="layui-icon layui-icon-down layui-font-12"></i></button>
</div>
@@ -359,6 +359,26 @@ if($USER_DB['UserGroup'] == 'root'){
}
});
$('#tongji').on('click', function(){
$.post('./index.php?c=api&method=read_data&date='+home_echarts+'&type=tongji_ip_list&u='+u,function(data,status){
if(data.code == 1){
var content = '<table class="layui-table" border="1"><thead><tr><th>日期</th><th>IP列表</th></tr></thead><tbody>';
$.each(data.data, function (date, ipAddresses) {
content += '<tr><td>' + date + '</td><td>';
$.each(ipAddresses, function (index, ipAddress) {
content += ipAddress + '<br>';
});
content += '</td></tr>';
});
content += '</tbody></table>';
layer.open({
title: '访问IP列表',
content: content,
area: ['100%', '100%']
});
}
});
});
//加载报表统计
function load_echarts(){
var echartsRecords = echarts.init(document.getElementById('echarts-records'), 'walden');

25
templates/admin/page/link_extend.php
View File

@@ -18,15 +18,17 @@ if(!empty($list)){
echo_text($data);
}elseif($data['type'] == 'textarea'){
echo_textarea($data);
}elseif($data['type'] == 'up_img'){
echo_up_img($data);
}
}
}
function echo_text($data){ ?>
<div class="layui-form-item">
<label class="layui-form-label"><?php echo $data['title']?></label>
<label class="layui-form-label" title="<?php echo $data['name']?>"><?php echo $data['title']?></label>
<div class="layui-input-block">
<input type="text" name="_<?php echo $data['name']?>" autocomplete="off" value="<?php echo htmlentities($data['value'])?>" class="layui-input">
<input type="text" name="_<?php echo $data['name']?>" autocomplete="off" value="<?php echo htmlentities($data['value'])?>" placeholder="<?php echo htmlentities($data['tip'])?>" class="layui-input" >
</div>
</div>
<?php
@@ -34,13 +36,26 @@ function echo_text($data){ ?>
function echo_textarea($data){ ?>
<div class="layui-form-item">
<label class="layui-form-label"><?php echo $data['title']?></label>
<label class="layui-form-label" title="<?php echo $data['name']?>"><?php echo $data['title']?></label>
<div class="layui-input-block">
<textarea name="_<?php echo $data['name']?>" class="layui-textarea"><?php echo htmlentities($data['value'])?></textarea>
<textarea name="_<?php echo $data['name']?>" placeholder="<?php echo htmlentities($data['tip'])?>" class="layui-textarea"><?php echo htmlentities($data['value'])?></textarea>
</div>
</div>
<?php
}
}
function echo_up_img($data){ ?>
<div class="layui-form-item">
<label class="layui-form-label" title="<?php echo $data['name']?>"><?php echo $data['title']?></label>
<div class="layui-input-block layuimini-upload" >
<input type="text" name="_<?php echo $data['name']?>" autocomplete="off" class="layui-input obtn" value="<?php echo htmlentities($data['value'])?>" placeholder="<?php echo htmlentities($data['tip'])?>">
<div style="position: absolute; top:0px;" >
<span><a class="layui-btn layui-btn-primary extend_up_img"><i class="fa fa-upload"></i> 上传</a></span>
</div>
</div>
</div>
<?php
}
?>

11
templates/admin/page/root/mail_set.php
View File

@@ -17,18 +17,21 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-input-inline">
<input type="pass" name="user" lay-verify="required" lay-reqtext="账号不能为空" placeholder='请输入账号' autocomplete="off" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">邮箱账号,例如: admin@qq.com</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">密码</label>
<div class="layui-input-inline">
<input type="password" name="pwd" lay-verify="required" lay-reqtext="密码不能为空" placeholder='请输入密码或授权码' autocomplete="off" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">邮箱密码,也可能是独立密码或者授权码</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">服务器</label>
<div class="layui-input-inline">
<input type="text" name="host" lay-verify="required" lay-reqtext="服务器不能为空" placeholder='请输入发件服务器地址' autocomplete="off" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">例如: smtp.qq.com</div>
</div>
<div class="layui-form-item">
@@ -36,6 +39,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-input-inline">
<input type="number" name="port" lay-verify="required" lay-reqtext="端口不能为空" placeholder='请输入服务器端口' value="465" autocomplete="off" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">通常是: 465或587</div>
</div>
<div class="layui-form-item">
@@ -46,13 +50,15 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<option value="TLS" >TLS</option>
</select>
</div>
<div class="layui-form-mid layui-word-aux">通常是: ssl</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">发送人</label>
<div class="layui-input-inline">
<input type="text" name="sender" lay-verify="required" lay-reqtext="发送人邮箱不能为空" placeholder='' autocomplete="off" class="layui-input">
<input type="text" name="sender" lay-verify="required" lay-reqtext="发送人名称不能为空" placeholder='' autocomplete="off" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">例如: TwoNav</div>
</div>
<div class="layui-form-item">
@@ -60,6 +66,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-input-inline">
<input type="text" name="addressee" placeholder='仅用于发件测试' autocomplete="off" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">例如:user@qq.com</div>
</div>
<fieldset class="layui-elem-field layui-field-title" style="margin-top: 30px;"><legend>注册参数</legend></fieldset>
@@ -71,12 +78,14 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<option value="1" >开启</option>
</select>
</div>
<div class="layui-form-mid layui-word-aux">开启时用户注册需通过邮箱接收验证码</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">发送间隔</label>
<div class="layui-input-inline">
<input type="number" name="send_interval" lay-verify="required" lay-reqtext="发送间隔不能为空" placeholder='IP发送间隔,单位秒!' value="60" autocomplete="off" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">为了避免被恶意发送,建议不低于30秒</div>
</div>
<div class="layui-form-item layui-form-text">

12
templates/admin/page/root/sys_setting.php
View File

@@ -251,6 +251,16 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
</div>
<div class="layui-form-mid layui-word-aux">自定义链接的扩展信息(需自行添加字段,目前仅用于自定义过渡页)</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label required">文章管理</label>
<div class="layui-input-inline">
<select name="article">
<option value="0" selected="">关闭</option>
<option value="1" >开启</option>
</select>
</div>
<div class="layui-form-mid layui-word-aux">简易文章管理功能 ( 请勿和专业的比,首次开启时自动下载相关资源 )</div>
</div>
<fieldset class="layui-elem-field layui-field-title" style="margin-top: 30px;"><legend>相关限制</legend></fieldset>
<blockquote class="layui-elem-quote layui-text" style="">程序采用UTF8编码,一个汉字约占用3个字节!英文字母和数组占用1个字节!值为0表示不限制!<br />添加或编辑时长度超限则不允许添加,批量识别时超限则截断</blockquote>
@@ -335,7 +345,9 @@ layui.use(['jquery','form','miniTab'], function () {
});
//监听提交
form.on('submit(save)', function (data) {
layer.msg('正在保存中,请稍后...', {icon: 16,time: 1000*300,shadeClose: false});
$.post('./index.php?c=api&method=write_sys_settings&u='+u,data.field,function(data,status){
layer.closeAll();
if(data.code == 1) {
if(data.msg!="保存成功"){
layer.alert(data.msg)

11
templates/admin/page/root/user_control.php
View File

@@ -35,6 +35,7 @@ $user_groups = select_db('user_group',['id','code','name'],'');
<script type="text/html" id="user_tool">
<div class="layui-btn-group">
<button class="layui-btn layui-btn-sm layui-btn-danger" lay-event="Del">删除</button>
<button class="layui-btn layui-btn-sm layui-btn-danger" lay-event="Del_OTP" title="移除OTP双重验证">移除OTP验证</button>
<button class="layui-btn layui-btn-sm" lay-event="register" <?php echo $global_config['RegOption'] == 0? 'style = "display:none;"':'' ?> >注册账号</button>
<button class="layui-btn layui-btn-sm" lay-event="set_UserGroup">设用户组</button>
<button class="layui-btn layui-btn-sm" lay-event="username_retain">账号保留</button>
@@ -163,6 +164,16 @@ layui.use(['table','layer','form'], function () {
}else if(event == 'set_UserGroup'){
IDs = tableIds;
index = layer.open({type: 1,scrollbar: false,shadeClose: true,title: '修改用户组',area : ['100%', '100%'],content: $('.set_UserGroup')});
}else if(event == 'Del_OTP'){
layer.alert("以下账号将被移除OTP双重验证,确定继续吗?<br />"+table_Users,{icon:3,title:'确认操作',anim: 2,closeBtn: 0,btn: ['确定','取消']},function () {
$.post(get_api('write_user_info','Del_OTP'),{ID:tableIds},function(data,status){
if(data.code == 1){
layer.msg(data.msg,{icon: 1})
} else{
layer.msg(data.msg,{icon: 5});
}
});
});
}
});
//行工具

83
templates/admin/page/theme_article.php Normal file
View File

@@ -0,0 +1,83 @@
<?php $title='文章模板';$awesome=true; require 'header.php';
$site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
?>
<style type="text/css">
.screenshot{
width: 99%;
height: 99%;
max-width: 100%;
max-height: 100%;
aspect-ratio:16/9;
}
#default #del {display: none;}
</style>
<body>
<div class="layuimini-container">
<div class="layuimini-main">
<blockquote class="layui-elem-quote layuimini-form" style="margin-top: 0px;border-left: 5px solid <?php echo $cache?"#1e9fff":($global_config['offline']?"":"#639d11") ?>;padding: 6px;">
<span class="layui-breadcrumb" lay-separator="|">
<a href="./index.php?c=admin&page=theme_article&cache=no&u=<?php echo U;?>">刷新数据</a>
</span>
</blockquote>
<div class="layui-bg-gray" style="padding: 1px;" >
<div class="layui-row layui-col-space15">
<?php
$Space = ' ';//占位符,强迫症想让输出的源码好看点而已...
foreach ($themes as $key => $theme) {
$online = !empty($theme['info']['md5']); //在线主题!
if($s_templates['article'] == $key){
$icon ='<i class="fa fa-magic" style="color: #03a9f4;" title = "正在使用"></i> ';
}else{
$icon ='';
}
$color = ($s_templates['article'] == $key ?"color: #03a9f4;":"");
?>
<!--主题卡片-->
<div class="layui-col-xs layui-col-sm4 layui-col-md3 ">
<div class="layui-card">
<div class="layui-card-header">
<div style="float:left; cursor:pointer;<?php echo $color; ?>" title="<?php echo $key; ?>"><?php echo $icon.$theme['info']['name']; ?></div>
<div style="float:right;cursor:pointer;" title="<?php echo $theme['info']['update']; ?>"><?php echo $theme['info']['version']; ?></div>
</div>
<div class="layui-card-body">
<div class="img-list"><img class="screenshot" layer-src="<?php echo $theme['info']['screenshot']; ?>" data-original="<?php echo $theme['info']['screenshot']; ?>"></div>
</div>
<div class="layui-card-header" style="height: 1px;"></div>
<div class="layui-card-header" style="height: auto;" id="article">
<div class="layui-btn-group" id="<?php echo $key;?>">
<?php
if($online){ //如果是在线主题则显示下载
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="dw">下载</button>'."\n";
}elseif($theme['info']['up'] == 1){ //如果有更新则同时显示下载和使用
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="up">更新</button>'."\n";
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="set">使用</button>'."\n";
}else{ //其他情况仅显示使用
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="set">使用</button>'."\n";
}
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="detail">详情</button>'."\n";
if($theme['info']['config'] == '1'){ //支持配置的主题显示配置
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="config">配置</button>'."\n";
}
if($USER_DB['UserGroup'] === 'root' && !$online){ //管理员&本地主题>显示删除
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="del">删除</button>'."\n";
}
?>
</div>
</div>
</div>
</div>
<!--主题卡片End-->
<?php }?>
</div>
</div>
</div>
</div>
<script src = "<?php echo $libs;?>/jquery/jquery-3.6.0.min.js"></script>
<script src = "<?php echo $libs;?>/jquery/jquery.lazyload.min.js"></script>
<script src = "./templates/admin/js/public.js?v=<?php echo $Ver;?>"></script>
<?php load_static('js');?>
<script>var datas = <?php echo json_encode($themes)?>;</script>
<script src = "./templates/admin/js/theme.js?v=<?php echo $Ver;?>"></script>
</body>
</html>

1
templates/admin/page/theme_home.php
View File

@@ -17,6 +17,7 @@
<a href="./index.php?c=admin&page=theme_home&cache=no&u=<?php echo U;?>" >刷新数据</a>
<a href="javascript:;" layuimini-content-href="theme_login" data-title="登录模板">登录模板</a>
<a href="javascript:;" layuimini-content-href="theme_transit" data-title="过渡模板">过渡模板</a>
<a href="javascript:;" layuimini-content-href="theme_article" data-title="文章模板">文章模板</a>
<?php if($USER_DB['UserGroup'] === 'root'){echo '<a href="javascript:;" layuimini-content-href="theme_register" data-title="注册模板">注册模板</a>';} ?>
<?php if($USER_DB['UserGroup'] === 'root'){echo '<a href="javascript:;" layuimini-content-href="theme_guide" data-title="引导页模板">引导页模板</a>';} ?>
</span>

77
templates/admin/page/updatelog.php
View File

@@ -2,6 +2,83 @@
<body>
<div class="layuimini-container">
<div class="layuimini-main" style=" margin-left: 20px;">
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.0.36-20230823</h4>
<ul>
<li>[修复] 判断是否显示收录的逻辑错误(导致设为无需审核时不显示)</li>
<li>[变更] 移除2个链接图标API,因稳定性欠佳</li>
<li>[修复] WebStack-Hugo主页模板悬停提示不显示</li>
<li>[新增] 挽风导航主页模板(内置文章模板/拟态风格),注:内置文章模板在预览状态下是不生效的!</li>
<li>[新增] 挽风导航登录模板/过度模板</li>
<li>[新增] 后台概要页可以点击报表统计获取访问的IP列表</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.0.35-20230816</h4>
<ul>
<li>[新增] Atool工具箱增加关闭OTP双重验证选项(删OTP),用于解决站长丢失OTP令牌造成无法登录</li>
<li>[新增] 用户管理支持关闭OTP双重验证选项,用于站长帮助用户关闭OTP双重验证</li>
<li>[优化] 邮件配置发送人只填发送人名称未按要求格式填写邮箱时由系统自动完成拼接</li>
<li>[优化] 文章管理特定情况造成缺少资源时提醒用户如何解决</li>
<li>[模板] 新增爱导航V1主页模板,轻量化设计简洁不卡顿/支持缓存/自适应/站内搜索,适合书签多的用户使用</li>
<li>[模板] WebStack-Hugo主页模板新增:夜间背景图/炫彩横幅</li>
<li>[模板] 修复默认过度模板兼容问题</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.0.34-20230809</h4>
<ul>
<li>[新增] 安全设置新增OTP双重验证</li>
<li>[模板] 所有登录模板:已开启双重验证时,支持输入OTP验证码,版本:2.0.4 </li>
<li>[警告] 如果您正在使用非默认登录模板,请立即更新登录模板,以免因模板不支持输入OTP验证码造成无法登录</li>
<li>[新增] 导出导入>清空数据>支持清空文章和上传目录(upload)</li>
<li>[新增] 导出导入>本地备份>支持备份和回滚文章列表</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.0.33-20230802</h4>
<ul>
<li>[新增] 文章编辑新增封面上传功能,插入网络视频功能</li>
<li>[新增] 文章列表以链接的方式展现到主页( 已登录时显示公开和私有,未登录时显示公开文章 )</li>
<li>[新增] 文章列表新增批量操作,支持批量删除,批量修改文章分类和状态</li>
<li>[修复] 文章相关功能的已知问题</li>
<li>[变更] 移除文章功能的独立分类机制,改为使用链接分类 ( 已存在的文章需手动更新分类 )</li>
<li>[变更] API接口鉴权逻辑调整,新增几个兼容API,移除API模式中的兼容+开放模式</li>
<li>[变更] 默认主页模板右键对查看全部或文章链接操作给出提示,给文章链接添加黑色角标</li>
<li>[新增] 主页模板:简约主题 ( 需将安全设置>API模式>改为兼容模式才能使用全部功能 ) 作者:涂山</li>
<li>[新增] 主页模板:花森主页( 自带文章浏览功能 ),作者:花森JioJio</li>
<li>[新增] 文章模板:挽风导航,作者:凌云</li>
<li>[优化] 默认文章模板样式</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.0.32-20230727</h4>
<ul>
<li>[新增] 扩展功能新增简易文章管理 [ 半成品,尚未完善 ]</li>
<li>[新增] 链接自定义字段类型新增up_img,该类型支持上传1M大小的图片,权限与上传图标共享</li>
<li>[新增] 链接自定义字段新增提示内容</li>
<li>[变更] 主页模板前置处理,若模板支持链接扩展时提供扩展信息</li>
<li>[跟进] 支持onenav新版浏览器插件的兼容</li>
<li>[修复] ip统计存在异常的问题</li>
<li>[修复] 上传链接图标后端接口未限制大小</li>
<li>[修复] 在使用CDN的情况下可能出现授权验证问题</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">

53
templates/article/default/config.php Normal file
View File

@@ -0,0 +1,53 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<title><?php echo $theme;?> - 主题配置</title>
<link rel='stylesheet' href='<?php echo $layui['css']; ?>'>
<style>
.layui-form-item {margin-bottom: 10px;}
</style>
</style>
</head>
<body>
<div class="layui-row" style = "margin-top:18px;">
<div class="layui-container">
<div class="layui-col-lg8 layui-col-md-offset2">
<form class="layui-form" lay-filter="form">
<div class="layui-form-item">
<label class="layui-form-label">最大宽度</label>
<div class="layui-input-block">
<input type="text" name="container_width" placeholder="默认为空(全宽),输入格式80%或1280px" autocomplete="off" class="layui-input">
</div>
</div>
<div class="layui-form-item" style="padding-top: 10px;">
<div class="layui-input-block"><button class="layui-btn" lay-submit lay-filter="save">保存</button></div>
</div>
</form>
</div>
</div>
</div>
<script src="<?php echo $layui['js']; ?>"></script>
<script src="./templates/admin/js/public.js?v=<?php echo $Ver;?>"></script>
<script>
var u = _GET('u');
layui.use(['form'], function(){
var form = layui.form;var $ = layui.$;
form.val('form', <?php echo json_encode($theme_config);?>);
form.on('submit(save)', function(data){
$.post(get_api('write_theme','config') + '&t=' + _GET('theme'),data.field,function(data,status){
if(data.code == 1) {
layer.msg(data.msg, {icon: 1,time: 500,end: function() {if(_GET('source') != 'admin'){parent.location.reload();}}});
}else{
layer.msg(data.msg, {icon: 5});
}
});
return false;
});
});
</script>
</body>
</html>

68
templates/article/default/index.css Normal file
View File

@@ -0,0 +1,68 @@
@charset "utf-8";
html{height: 100%;}
h1,h2,h3,h4,h5{
color: black;
}
li {
line-height: 2.2;
}
/*图片边距*/
img {
margin: 10px;
}
/*代码段样式*/
pre {
background-color: #f2f2f2;
border: 1px solid #ccc;
border-radius: 5px;
padding: 10px;
margin: 10px 0;
font-family: "Courier New", monospace;
font-size: 14px;
line-height: 1.5;
overflow-x: auto;
box-shadow: 2px 2px 5px rgba(0, 0, 0, 0.1);
}
/*表格样式*/
.mdui-table {
border-collapse: collapse;
width: 100%;
}
.mdui-table th,
.mdui-table td {
border: 1px solid #ccc;
padding: 8px;
text-align: center;
}
.mdui-table th::after,
.mdui-table td::after {
content: '';
position: absolute;
top: 0;
bottom: 0;
right: -1px;
width: 1px;
background-color: #ccc;
}
/*a标签样式*/
.container a {
text-decoration: none;
color: inherit;
font-family: Arial, sans-serif;
color: #007bff;
padding: 5px 10px;
border-radius: 5px;
background-color: #f2f2f2;
}
.container a:hover {
color: #ff4500;
}
/*文章标题样式*/
.mdui-typo-title, .mdui-typo-title-opacity {
font-size: 1em;
}
/*prism 代码上色*/
code[class*=language-],pre[class*=language-]{color:#000;background:0 0;text-shadow:0 1px #fff;font-family:Consolas,Monaco,'Andale Mono','Ubuntu Mono',monospace;font-size:1em;text-align:left;white-space:pre;word-spacing:normal;word-break:normal;word-wrap:normal;line-height:1.5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-hyphens:none;-moz-hyphens:none;-ms-hyphens:none;hyphens:none}code[class*=language-] ::-moz-selection,code[class*=language-]::-moz-selection,pre[class*=language-] ::-moz-selection,pre[class*=language-]::-moz-selection{text-shadow:none;background:#b3d4fc}code[class*=language-] ::selection,code[class*=language-]::selection,pre[class*=language-] ::selection,pre[class*=language-]::selection{text-shadow:none;background:#b3d4fc}@media print{code[class*=language-],pre[class*=language-]{text-shadow:none}}pre[class*=language-]{padding:1em;margin:.5em 0;overflow:auto}:not(pre)>code[class*=language-],pre[class*=language-]{background:#f5f2f0}:not(pre)>code[class*=language-]{padding:.1em;border-radius:.3em;white-space:normal}.token.cdata,.token.comment,.token.doctype,.token.prolog{color:#708090}.token.punctuation{color:#999}.token.namespace{opacity:.7}.token.boolean,.token.constant,.token.deleted,.token.number,.token.property,.token.symbol,.token.tag{color:#905}.token.attr-name,.token.builtin,.token.char,.token.inserted,.token.selector,.token.string{color:#690}.language-css .token.string,.style .token.string,.token.entity,.token.operator,.token.url{color:#9a6e3a;background:hsla(0,0%,100%,.5)}.token.atrule,.token.attr-value,.token.keyword{color:#07a}.token.class-name,.token.function{color:#dd4a68}.token.important,.token.regex,.token.variable{color:#e90}.token.bold,.token.important{font-weight:700}.token.italic{font-style:italic}.token.entity{cursor:help}

46
templates/article/default/index.js Normal file
View File

File diff suppressed because one or more lines are too long

44
templates/article/default/index.php Normal file
View File

@@ -0,0 +1,44 @@
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"/>
<meta name="renderer" content="webkit"/>
<meta name="viewport" content="width=device-width, initial-scale=1.0,maximum-scale=5.0">
<meta http-equiv="Cache-Control" content="no-siteapp"/>
<title><?php echo $data['title'];?> - <?php echo $site['title']; ?></title>
<meta name="keywords" content="<?php echo $data['summary']; ?>">
<meta name="description" content="<?php echo $data['summary']; ?>">
<link rel="shortcut icon" href="<?php echo $favicon;?>">
<link rel="stylesheet" href="<?php echo $libs?>/MDUI/v1.0.1/css/mdui.min.css">
<link rel="stylesheet" href="<?php echo $theme_dir?>/index.css">
</head>
<body class="mdui-drawer-body-left mdui-appbar-with-toolbar mdui-theme-primary-indigo mdui-theme-accent-pink mdui-theme-layout-auto">
<header class="appbar mdui-appbar mdui-appbar-fixed">
<div class="mdui-toolbar mdui-color-theme">
<span class="mdui-btn mdui-btn-icon mdui-ripple mdui-ripple-white" mdui-drawer="{target: '#main-drawer', swipe: true}">
<i class="mdui-icon material-icons">menu</i>
</span>
<a href="" class="mdui-typo-headline mdui-hidden-xs"><?php echo $site['logo'];?></a>
<a href="" class="mdui-typo-title"><?php echo $data['title'];?></a>
<div class="mdui-toolbar-spacer"></div>
</div>
</header>
<div class="mdui-drawer" id="main-drawer">
<div class="mdui-collapse-item-header mdui-list-item mdui-ripple" data_id="to_top">
<i class="mdui-list-item-icon mdui-icon material-icons mdui-text-color-blue">&#xe25a;</i>
<div class="mdui-list-item-content">文章开始</div>
</div>
<div class="mdui-collapse-item-header mdui-list-item mdui-ripple" data_id="to_bottom" id="to_bottom">
<i class="mdui-list-item-icon mdui-icon material-icons mdui-text-color-blue">&#xe258;</i>
<div class="mdui-list-item-content">文章结尾</div>
</div>
</div>
<div class="container p-download mdui-container" style="max-width: <?php echo $theme_config['container_width'];?> ;">
<?php echo $data['content'];?>
</div>
<script src="<?php echo $libs?>/MDUI/v1.0.1/js/mdui.min.js"></script>
<script src="<?php echo $libs?>/jquery/jquery-3.6.0.min.js"></script>
<script src="<?php echo $theme_dir?>/index.js"></script>
</body>
</html>

12
templates/article/default/info.json Normal file
View File

@@ -0,0 +1,12 @@
{
"name":"默认",
"description":"系统默认的文章模板,支持代码段上色,支持自适应!",
"homepage":"https://gitee.com/tznb/TwoNav",
"version":"2.0.0",
"update":"2023/07/01",
"author":"TwoNav",
"screenshot":"https://img.lm21.top/article_default.jpg",
"config": {
"container_width":""
}
}

BIN
templates/article/default/screenshot.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 86 KiB

6
templates/home/default/index.php
View File

@@ -192,10 +192,8 @@ body{
<!--定义一个卡片-->
<div class="mdui-card link-line mdui-hoverable CBC">
<!-- 如果是私有链接,则显示角标 -->
<?php if($link['property'] == 1 ) { ?>
<div class="angle">
<span> </span>
</div>
<?php if($link['property'] == 1 || $link['type'] == 'article') { ?>
<div class="angle" <?php echo $link['type'] == 'article' ? 'style="background: #000000;"':'';?>><span> </span></div>
<?php } ?>
<!-- 角标END -->
<a class="TFC" href="<?php echo $link['url']; ?>" target="_blank" <?php echo $protectA; ?> title = "<?php echo $link['description']; ?>">

4
templates/home/default/info.json
View File

@@ -2,8 +2,8 @@
"name":"默认主题(加强)",
"description":"默认主题(加强)",
"homepage":"https://gitee.com/tznb/OneNav",
"version":"2.0.2",
"update":"2023/05/20",
"version":"2.0.3",
"update":"2023/07/31",
"author":"落幕",
"screenshot":"https://s3.bmp.ovh/imgs/2022/04/17/8cac968a8cc8135c.png",
"config": {

4
templates/home/default/static/embed.js
View File

@@ -33,17 +33,19 @@ var menu = {
var link_id = $(this).attr('id');
link_id = link_id.replace('id_','');
var tempwindow=window.open('_blank');
tempwindow.location='./index.php?c=click&id='+link_id+"&u="+u;
tempwindow.location = $(this).attr('link-url');
}},
"edit": {name: "编辑", icon: "edit",callback:function(key,opt){
var link_id = $(this).attr('id');
link_id = link_id.replace('id_','');
if(link_id == '0'){mdui.alert('非常规链接,无法操作');return true;}
var tempwindow=window.open('_blank');
tempwindow.location='./index.php?c=admin&page=link_edit&id='+link_id+"&u="+u;
}},
"delete": {name: "删除", icon: "delete",callback:function(){
var link_id = $(this).attr('id');
link_id = link_id.replace('id_','');
if(link_id == '0'){mdui.alert('非常规链接,无法操作');return true;}
mdui.confirm('确认删除?'
,function(){
$.post(get_api('write_link','del'),{lid:link_id},function(data,status){

14
templates/login/default/index.php
View File

@@ -1,4 +1,5 @@
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}?>
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
$LoginConfig = unserialize($USER_DB['LoginConfig']);?>
<!DOCTYPE html>
<html>
<head>
@@ -29,16 +30,21 @@
<form class="layui-form login-bottom">
<div class="center">
<div class="item">
<span class="icon icon-2"></span>
<span class="icon layui-icon layui-icon-username"></span>
<input type="text" name="User" lay-verify="required" placeholder="请输入账号">
</div>
<div class="item">
<span class="icon icon-3"></span>
<span class="icon layui-icon layui-icon-password"></span>
<input type="password" name="Password" lay-verify="required" placeholder="请输入密码">
<span class="bind-password icon icon-4"></span>
</div>
<?php if(!empty($LoginConfig['totp_key'])){ ?>
<div class="item">
<span class="icon layui-icon layui-icon-vercode"></span>
<input type="text" name="otp_code" lay-verify="required" placeholder="请输入OTP验证码">
</div>
<?php }?>
</div>
<div class="tip">
<?php

4
templates/login/default/info.json
View File

@@ -2,7 +2,7 @@
"name": "默认",
"description": "默认",
"homepage": "https://gitee.com/tznb/TwoNav",
"version": "2.0.2",
"update": "2023/04/25",
"version": "2.0.4",
"update": "2023/08/09",
"author": "TwoNav"
}

13
templates/transit/default/index.php
View File

@@ -1,15 +1,16 @@
<!DOCTYPE html>
<html lang="zh-cn" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8" />
<meta charset="utf-8">
<title><?php echo $link['title']; ?> - <?php echo $site['title']; ?></title>
<meta name="keywords" content="<?php echo $link['keywords']; ?>" />
<meta name="description" content="<?php echo $link['description']; ?>" />
<meta name="keywords" content="<?php echo $link['keywords']; ?>">
<meta name="description" content="<?php echo $link['description']; ?>">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="<?php echo $libs?>/bootstrap4/css/bootstrap.min.css" type="" media=""/>
<meta http-equiv = "X-UA-Compatible" content = "IE=edge" >
<link rel="stylesheet" href="<?php echo $libs?>/bootstrap4/css/bootstrap.min.css" crossorigin="anonymous">
<link rel="shortcut icon" href="<?php echo $favicon;?>">
<!--<script src="<?php echo $libs?>/jquery/jquery-2.2.4.min.js"></script>-->
<!--<script src="<?php echo $libs?>/bootstrap4/js/bootstrap.min.js"></script>-->
<script src="<?php echo $libs?>/jquery/jquery-2.2.4.min.js"></script>
<script src="<?php echo $libs?>/bootstrap4/js/bootstrap.min.js" crossorigin="anonymous"></script>
<style>
.a_d img{
max-width:100%;