renun/TwoNav
1
0
Fork 0
mirror of https://github.com/tznb1/TwoNav.git synced 2025-08-10 08:51:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: renun:v2.0.38-20230906
Branches Tags
renun:master renun:backup renun:updata
renun:v2.1.18-20241105 renun:v2.1.18-20241018 renun:v2.1.17-20240730 renun:v2.1.16-20240525 renun:v2.1.15-20240513 renun:v2.1.14-20240419 renun:v2.1.14-20240416 renun:v2.1.14-20240414 renun:v2.1.13-20240321 renun:v2.1.12-20240308 renun:v2.1.11-20240119 renun:v2.1.09-20231220 renun:v2.1.08-20231219 renun:v2.1.07-20231130 renun:v2.1.06-20231113 renun:v2.1.05-20231106 renun:v2.1.04-20231029 renun:v2.1.03-20231019 renun:v2.1.02-20231012 renun:v2.1.01-20231002 renun:v2.0.40-20230917 renun:v2.0.40-20230916 renun:v2.0.39-20230913 renun:v2.0.38-20230906 renun:v2.0.37-20230830 renun:v2.0.36-20230823 renun:v2.0.35-20230816 renun:v2.0.34-20230809 renun:v2.0.33-20230802 renun:v2.0.32-20230727 renun:v2.0.31-20230720 renun:v2.0.30-20230713 renun:v2.0.29-20230705 renun:v2.0.28-20230624 renun:v2.0.27-20230618 renun:v2.0.26-20230611 renun:v2.0.25-20230607 renun:v2.0.24-20230605 renun:v2.0.23-20230527 renun:v2.0.22-20230523 renun:v2.0.21-20230522 renun:v2.0.21-20230521 renun:v2.0.20-20230520 renun:v2.0.19-20230515 renun:v2.0.18-20230510 renun:v2.0.17-20230428 renun:v2.0.16-20230425 renun:v2.0.15-20230422 renun:v2.0.14-20230420 renun:v2.0.13-20230418 renun:v2.0.12-20230417 renun:v2.0.11-20230414 renun:v2.0.10-20230413 renun:v2.0.09-20230410 renun:v2.0.08-20230406 renun:v2.0.07-20230405
...
compare: renun:v2.1.18-20241018
Branches Tags
renun:master renun:backup renun:updata
renun:v2.1.18-20241105 renun:v2.1.18-20241018 renun:v2.1.17-20240730 renun:v2.1.16-20240525 renun:v2.1.15-20240513 renun:v2.1.14-20240419 renun:v2.1.14-20240416 renun:v2.1.14-20240414 renun:v2.1.13-20240321 renun:v2.1.12-20240308 renun:v2.1.11-20240119 renun:v2.1.09-20231220 renun:v2.1.08-20231219 renun:v2.1.07-20231130 renun:v2.1.06-20231113 renun:v2.1.05-20231106 renun:v2.1.04-20231029 renun:v2.1.03-20231019 renun:v2.1.02-20231012 renun:v2.1.01-20231002 renun:v2.0.40-20230917 renun:v2.0.40-20230916 renun:v2.0.39-20230913 renun:v2.0.38-20230906 renun:v2.0.37-20230830 renun:v2.0.36-20230823 renun:v2.0.35-20230816 renun:v2.0.34-20230809 renun:v2.0.33-20230802 renun:v2.0.32-20230727 renun:v2.0.31-20230720 renun:v2.0.30-20230713 renun:v2.0.29-20230705 renun:v2.0.28-20230624 renun:v2.0.27-20230618 renun:v2.0.26-20230611 renun:v2.0.25-20230607 renun:v2.0.24-20230605 renun:v2.0.23-20230527 renun:v2.0.22-20230523 renun:v2.0.21-20230522 renun:v2.0.21-20230521 renun:v2.0.20-20230520 renun:v2.0.19-20230515 renun:v2.0.18-20230510 renun:v2.0.17-20230428 renun:v2.0.16-20230425 renun:v2.0.15-20230422 renun:v2.0.14-20230420 renun:v2.0.13-20230418 renun:v2.0.12-20230417 renun:v2.0.11-20230414 renun:v2.0.10-20230413 renun:v2.0.09-20230410 renun:v2.0.08-20230406 renun:v2.0.07-20230405

24 Commits
v2.0.38-20 ... v2.1.18-20

Author SHA1 Message Date
MI15\Win
72f4cee174 v2.1.18-20241018 2024-10-17 16:29:12 +08:00
MI15\Win
b9eaa4099d v2.1.17-20240730 2024-07-30 17:28:39 +08:00
MI15\Win
d104bf66ce v2.1.16-20240525 2024-05-26 15:04:28 +08:00
MI15\Win
7c1b69b089 v2.1.15-20240513 2024-05-13 16:01:12 +08:00
MI15\Win
2d152489af v2.1.15-20240513 2024-05-13 14:44:55 +08:00
MI15\Win
f77a33581b v2.1.14-20240419 2024-04-19 16:04:17 +08:00
MI15\Win
aca9b6680b v2.1.14-20240416 2024-04-16 18:43:03 +08:00
MI15\Win
1aa4bb0634 v2.1.14-20240414 2024-04-14 15:42:25 +08:00
MI15\Win
fe1244b099 v2.1.13-20240321 2024-03-22 11:07:08 +08:00
MI15\Win
131d0d664b v2.1.12-20240308 2024-03-11 16:32:35 +08:00
MI15\Win
004273c0c4 v2.1.11-20240119 2024-01-21 01:31:42 +08:00
MI15\Win
851ff8285c v2.1.09-20231220 2023-12-21 23:02:38 +08:00
MI15\Win
b856c288b9 v2.1.08-20231219 2023-12-21 01:36:27 +08:00
MI15\Win
f2ce9c4eef v2.1.07-20231130 2023-12-01 00:14:39 +08:00
MI15\Win
01fdca800b v2.1.06-20231113 2023-11-14 01:25:59 +08:00
MI15\Win
77f357061a v2.1.05-20231106 2023-11-07 23:07:03 +08:00
MI15\Win
3ece39150c v2.1.04-20231029 2023-10-30 01:40:27 +08:00
MI15\Win
68464e34f9 v2.1.03-20231019 2023-10-20 00:34:17 +08:00
MI15\Win
9e31b94527 v2.1.02-20231012 2023-10-13 14:48:43 +08:00
MI15\Win
979295c684 v2.1.01-20231002 2023-10-04 16:30:28 +08:00
MI15\Win
91950de997 v2.0.40-20230917 2023-09-18 20:24:50 +08:00
MI15\Win
34f3c78fe9 v2.0.40-20230917 2023-09-17 00:08:07 +08:00
MI15\Win
06eb605e9a v2.0.40-20230916 2023-09-16 23:26:09 +08:00
MI15\Win
cdeea3ff36 v2.0.39-20230913 2023-09-13 13:41:29 +08:00
111 changed files with 2415 additions and 5708 deletions
Expand all files Collapse all files

14
.htaccess
View File

@@ -2,16 +2,4 @@
RewriteEngine On
# 安全规则(必选)
RewriteRule ^templates/.*\.(php|tar|gz|zip|info|log|json)$ - [F]
RewriteRule ^data/.*\.(db|db3|php|sql|tar|gz|zip|info|log|json)$ - [F]
# 重写规则(可选)
RewriteRule '^login$' ./index.php?c=login [L]
RewriteRule '^admin$' ./index.php?c=admin [L]
RewriteRule '^ico/(.+)' ./index.php?c=icon&url=$1 [L]
RewriteRule '^([A-Za-z0-9]+)$' ./index.php?u=$1 [L]
RewriteRule '^([A-Za-z0-9]+).html$' ./index.php?u=$1 [L]
RewriteRule '^([a-zA-Z0-9]+)/(click|article)/([A-Za-z0-9]+)$' ./index.php?c=$2&id=$3&u=$1 [L]
RewriteRule '^([a-zA-Z0-9]+)/(click|article)/([A-Za-z0-9]+)\.html$' ./index.php?c=$2&id=$3&u=$1 [L]
RewriteRule '^([a-zA-Z0-9]+)/(click|article)/(templates|static|data|system)/(.+)' /$3/$4 [L]
RewriteRule '^([a-zA-Z0-9]+)/(click|article)/favicon\.ico' /favicon.ico [L]
# 站点地图(可选)
RewriteRule '^sitemap.xml$' ./index.php?c=sitemap [L]
RewriteRule ^data/.*\.(db|db3|php|sql|tar|gz|zip|info|log|json)$ - [F]

59
README.md
View File

@@ -3,23 +3,68 @@ TwoNav 是一款开源的书签(导航)管理程序,界面简洁,安装
- **演示站**: [http://two.lm21.top](http://two.lm21.top)
- **仅供体验,定期清理数据** 账号密码`admin`
### 相关文档
* [安装教程](https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968668&doc_id=3767990) | [使用说明](https://gitee.com/tznb/TwoNav/wikis) | [下载TwoNav](https://gitee.com/tznb/TwoNav/releases)
* [OneNav Extend 升级到 TwoNav](https://gitee.com/tznb/OneNav/wikis/pages?sort_id=7955135&doc_id=2439895)
* [安装教程](https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968668&doc_id=3767990) | [使用说明](https://gitee.com/tznb/TwoNav/wikis) | [下载TwoNav](https://gitee.com/tznb/TwoNav/releases) | [获取授权](https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968669&doc_id=3767990)
### 作者声明
* 本程序没有二开版、除了下面的项目地址均为盗版。
* 使用盗版软件存在法律风险且没有任何保障。
* 未经许可禁止用于商业用途、转载请保留作品出处。
### 项目由来
```
起初只是搭建一个自己的书签站、网上找了一圈看中了小z的OneNav。
因功能无法满足我,开始基于ONeNav各种魔改、然后就有了OneNav Extend、这个名字还是小z给取的。
后来和小z都开始收费后、由于用户容易搞混等各种原因、于是我重写代码并改名为TwoNav。
其中一些OneNav的特色依旧是保留下来、并兼容OneNav的一些插件。
```
### 项目地址
- [https://gitee.com/tznb/TwoNav](https://gitee.com/tznb/TwoNav)
- [https://github.com/tznb1/TwoNav](https://github.com/tznb1/TwoNav)
### 技术支持
- QQ: 271152681
- QQ群: 695720839
- 技术支持QQ: 271152681
- 授权版QQ群: 695720839
- 免费版QQ群: 621815595
### 运行环境
* PHP: 7.3 - 8.2
* PHP: 7.3 - 8.2
* 数据库: SQLite3 或 MySQL > 5.6.0
### 版本差别
* 免费版无需授权即可使用 / 标准版|高级版需[获取授权](https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968669&doc_id=3767990)
* 以下是简要的差别对比, 还有很多细节无法全部列举出来
| 功能 | 免费版 | 标准版 | 高级版 |
| ---------------------------- | ---------------- | ---------------- | ---------------------------|
| 多用户支持 | 不支持 | 支持 | 支持 |
| 系统更新 | 不支持 | 一键更新 | 一键更新 |
| 下载主题 | 不支持 | 一键下载 | 一键下载 |
| 链接识别 | 支持单个 | 支持批量 | 支持批量 |
| 链接检测 | 不支持 | 支持 | 支持 |
| 本地备份 | 不支持 | 备份+回滚 | 备份+回滚 |
| 收录管理 | 不支持 | 支持 | 支持 |
| 留言管理 | 不支持 | 支持 | 支持 |
| 文章管理 | 不支持 | 支持 | 支持 |
| 热点新闻 | 不支持 | 支持 | 支持 |
| 账号保留 | 不支持 | 支持 | 支持 |
| 站点地图 | 不支持 | 支持 | 支持 |
| 用户组管理 | 不支持 | 支持 | 支持 |
| 自定义版权 | 不支持 | 支持 | 支持 |
| 自定义代码 | 不支持 | 支持 | 支持 |
| 注册码功能 | 不支持 | 支持 | 支持 |
| 图标获取 | 支持第三方 | 本地获取、第三方获取 | 本地获取、第三方获取 |
| 找回密码 | 不支持 | 不支持 | **支持** |
| 注册验证 | 不支持 | 邮箱 | **邮箱、短信** |
| 第三方登录 | 不支持 | 不支持 | **支持** |
| 短信登录 | 不支持 | 不支持 | **支持** |
| 域名防红 | 不支持 | 不支持 | **支持** |
| 个性域名 | 不支持 | 不支持 | **支持** |
### 功能特色
* 支持后台管理
* 支持私有链接
@@ -35,7 +80,7 @@ TwoNav 是一款开源的书签(导航)管理程序,界面简洁,安装
* 支持uTools插件
* 支持Chromium内核的[浏览器扩展]
* 支持简易文章管理
* 支持更换各种模板/支持混搭,20+个主题模板
* 支持更换各种模板/支持混搭,26个主题模板
* 安全性支持:更换登录入口/二级密码/OTP双重验证

1
data/README.md Normal file
View File

@@ -0,0 +1 @@
用户数据目录,请勿随意删除!

1
data/temp/README.md Normal file
View File

@@ -0,0 +1 @@
临时目录,可删除

1
data/user/README.md Normal file
View File

@@ -0,0 +1 @@
用户数据目录,请勿随意删除!

27
index.php
View File

@@ -15,9 +15,10 @@ if($db_config['type'] == 'sqlite'){
}catch (Exception $e) {
Amsg(-1,'载入数据库失败'.$db_config['path']);
}
}elseif($db_config['type'] == 'mysql'){
}elseif($db_config['type'] == 'mysql' || $db_config['type'] == 'mariadb' ){
try {
$db = new Medoo\Medoo(['type' => 'mysql',
$db = new Medoo\Medoo([
'type' => $db_config['type'],
'host' => $db_config['host'],
'port' => $db_config['port'],
'database' => $db_config['name'],
@@ -34,23 +35,19 @@ if($db_config['type'] == 'sqlite'){
$global_config = unserialize( get_db("global_config", "v", ["k" => "o_config"]) ); //全局配置
$c = Get('c');
$libs = $global_config['Libs'];
$layui['js'] = $libs.'/Layui/v2.8.10/layui.js';
$layui['css'] = $libs.'/Layui/v2.8.10/css/layui.css';
$layui['js'] = $libs.'/Layui/v2.9.18/layui.js';
$layui['css'] = $libs.'/Layui/v2.9.18/css/layui.css';
$global_config['static_link'] = isset($global_config['static_link']) ? $global_config['static_link'] : 0;
define('libs',$global_config['Libs']);
define('SysVer',Get_Version());
define('Debug',$global_config['Debug'] == 1);
define('static_link',$global_config['static_link'] > 0);
if(!in_array($c,[$global_config["Register"],'ico','icon'])){
$u = Get('u');
if(empty($u) && $global_config['Sub_domain'] == 1 && is_subscribe('bool')){
$cut = explode('.',$_SERVER["HTTP_HOST"]);
if(count($cut) == 3){
$USER_DB = get_db("global_user", "*", ["User"=>reset($cut)]);
if(!empty($USER_DB) && check_purview('Sub_domain',1)){
$_COOKIE['Default_User'] = $USER_DB['User'];unset($cut);
}
}
if(!in_array($c,[$global_config["Register"],'ico','icon','auth'])){
if($global_config['static_link'] > 0 && !empty($UUID)){
$_GET['u'] = $global_config['static_link'] == 2 ? get_db("global_user", "User", ["ID"=>$UUID]) : $UUID;
}
$u = Get('u');
$u = !empty($u)?$u:(!empty($_COOKIE['Default_User'])?$_COOKIE['Default_User']:(!empty($global_config['Default_User'])?$global_config['Default_User']:'admin'));//优先级:Get>Host>Cookie>默认用户>admin
$USER_DB = get_db("global_user", "*", ["User"=>$u]);
//没找到账号显示404
@@ -77,7 +74,7 @@ if(empty($c) || $c == 'index'){
require "./system/Register.php";//注册
}elseif($c == $global_config['Login'] || $c == $USER_DB['Login']){
require "./system/login.php";//登陆
}elseif(in_array($c,['admin','click','api','ico','icon','verify'])){
}elseif(in_array($c,['admin','click','api','ico','icon','verify','auth'])){
require "./system/{$c}.php";
}elseif(in_array($c,['apply','guestbook','article','sitemap'])){
if($global_config['Maintenance'] != 0){Amsg(-1,'网站正在进行维护,请稍后再试!');}

33
rewrite.php
View File

@@ -2,28 +2,45 @@
define('URI',$_SERVER['REQUEST_URI']);
//登录页和管理员(默认)
if (URI === '/login' || URI === '/admin') {
//登录/管理/注册页面(不带html)
if (URI === '/login' || URI === '/admin' || URI == '/register') {
$_GET['c'] = substr(URI, 1);
//管理页面
}elseif (preg_match('/^\/admin-([A-Za-z0-9]+)\.html?$/', URI, $matches)) {
$_GET['c'] = 'admin';
$UUID = $matches[1];
//专属登录页面
}elseif (preg_match('/^\/login-([A-Za-z0-9]+)-([A-Za-z0-9]+)\.html?$/', URI, $matches)) {
$UUID = $matches[1];
$_GET['c'] = $matches[2];
//收录和留言
}elseif (preg_match('/^\/(apply|guestbook)-([A-Za-z0-9]+)\.html?$/', URI, $matches)) {
$_GET['c'] = $matches[1];
$UUID = $matches[2];
//本地图标
}elseif(preg_match('/^\/ico\/(.+)$/', URI, $matches)){
$_GET['c'] = 'icon';
$_GET['url'] = $matches[1];
//用户主页
}elseif (preg_match('/^\/([A-Za-z0-9]+)(\.html)?$/', URI, $matches)) {
$_GET['u'] = $matches[1];
}elseif (preg_match('/^\/([A-Za-z0-9]+)\.html?$/', URI, $matches)) {
$UUID = $matches[1];
//过渡/文章
}elseif(preg_match('/^\/([A-Za-z0-9]+)\/(click|article)\/([A-Za-z0-9]+)(\.html)?$/', URI, $matches)) {
$_GET['u'] = $matches[1];
$_GET['c'] = $matches[2];
}elseif(preg_match('/^\/(click|article)-([A-Za-z0-9]+)-(\d+)\.html?$/', URI, $matches)) {
$_GET['c'] = $matches[1];
$UUID = $matches[2];
$_GET['id'] = $matches[3];
//分类页面
}elseif(preg_match('/^\/category-([A-Za-z0-9]+)-(\d+)\.html?$/', URI, $matches)) {
$_GET['c'] = 'index';
$UUID = $matches[1];
$_GET['oc'] = $matches[2];
//站点地图
}elseif(URI === '/sitemap.xml'){
$_GET['c'] = 'sitemap';
//匹配失败
}else{
header("HTTP/1.0 404 Not Found");
exit("404 Not Found.");
exit("404 Not Found.<br>".URI);
}
include 'index.php';

1
static/ContextMenu/2.9.2/jquery.contextMenu.min.css.map
View File

File diff suppressed because one or more lines are too long

1
static/ContextMenu/2.9.2/jquery.contextMenu.min.js.map
View File

File diff suppressed because one or more lines are too long

1
static/Layui/v2.8.10/css/layui.css
View File

File diff suppressed because one or more lines are too long

1
static/Layui/v2.8.10/layui.js
View File

File diff suppressed because one or more lines are too long

1
static/Layui/v2.9.18/css/layui.css Normal file
View File

File diff suppressed because one or more lines are too long

0
static/Layui/v2.8.10/font/iconfont.eot → static/Layui/v2.9.18/font/iconfont.eot
View File

0
static/Layui/v2.8.10/font/iconfont.svg → static/Layui/v2.9.18/font/iconfont.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 322 KiB

After

Width:  |  Height:  |  Size: 322 KiB

0
static/Layui/v2.8.10/font/iconfont.ttf → static/Layui/v2.9.18/font/iconfont.ttf
View File

0
static/Layui/v2.8.10/font/iconfont.woff → static/Layui/v2.9.18/font/iconfont.woff
View File

0
static/Layui/v2.8.10/font/iconfont.woff2 → static/Layui/v2.9.18/font/iconfont.woff2
View File

1
static/Layui/v2.9.18/layui.js Normal file
View File

File diff suppressed because one or more lines are too long

1
static/MDUI/v1.0.1/css/mdui.min.css.map
View File

File diff suppressed because one or more lines are too long

1
static/MDUI/v1.0.1/js/mdui.min.js.map
View File

File diff suppressed because one or more lines are too long

1
static/bootstrap4/css/bootstrap.min.css.map
View File

File diff suppressed because one or more lines are too long

1
static/bootstrap4/js/bootstrap.min.js.map
View File

File diff suppressed because one or more lines are too long

164
system/ATool.php
View File

@@ -27,6 +27,13 @@ if($config['switch'] === 1){
exit;
}
$layui_dir = "../static/Layui";
foreach(scandir($layui_dir) as $value) {
if(is_dir($layui_dir . '/' . $value) && preg_match('/^v\d+\.\d+\.\d+$/', $value) && is_file("{$layui_dir}/$value/layui.js")) {
$layui['js'] = "../static/Layui/{$value}/layui.js";
$layui['css'] = "../static/Layui/{$value}/css/layui.css";
}
}
session_name('ATool_SSID');
session_start();
@@ -84,7 +91,7 @@ if(!empty($_GET['type'])){
$user_group['root'] = '站长';
$user_group['default'] = '默认';
foreach ($datas as $key => $data){
$datas[$key]['UserGroupName'] = $user_group[$data['UserGroup']]??'Null';
$datas[$key]['UserGroupName'] = $user_group[$data['UserGroup']]??$data['UserGroup'];
}
}
msgA(['code'=>1,'msg'=>'获取成功','count'=>$count,'data'=>$datas]);
@@ -97,6 +104,7 @@ if(!empty($_GET['type'])){
msg(-1,'密码不能为空');
}
$RegTime = get_db('global_user','RegTime',['ID'=>$_POST['ID']]);
delete_db( "user_login_info", ["uid"=>$_POST['ID']] );
update_db('global_user',['Password'=>Get_MD5_Password($_POST['new_pwd'],$RegTime)],["ID" => $_POST['ID'] ],[1,'修改成功']);
}elseif($_GET['type'] == 'set_root'){
update_db('global_user',['UserGroup'=>'root'],["ID" => $_POST['ID'] ],[1,'修改成功']);
@@ -108,6 +116,10 @@ if(!empty($_GET['type'])){
}elseif($_GET['type'] == 'set_close_Maintenance'){
$global_config['Maintenance'] = 0;
update_db("global_config", ["v" => $global_config], ["k" => "o_config"],[1,'设置成功']);
//开启调试模式
}elseif($_GET['type'] == 'set_open_debug'){
$global_config['Debug'] = 1;
update_db("global_config", ["v" => $global_config], ["k" => "o_config"],[1,'设置成功']);
//重置静态路径
}elseif($_GET['type'] == 'Set_Libs'){
$global_config['Libs'] = "./static";
@@ -119,6 +131,10 @@ if(!empty($_GET['type'])){
opcache_reset(); //清理PHP缓存
}
msgA(['code'=>1,'msg'=>'操作成功']);
//清空统计
}elseif($_GET['type'] == 'del_tongji'){
delete_db('user_count',[]);
msgA(['code'=>1,'msg'=>'操作成功']);
//改账号
}elseif($_GET['type'] == 'set_user_name'){
//新用户名是否合规
@@ -173,6 +189,14 @@ if(!empty($_GET['type'])){
}
$LoginConfig['totp_key'] = '';
update_db("global_user", ["LoginConfig" => $LoginConfig], ["ID" => $_POST['ID']],[1,'操作成功']);
}elseif($_GET['type'] == 'get_pwd2'){
$user_data = get_db('global_user','*',['ID'=>$_POST['ID']]);
$LoginConfig = unserialize($user_data['LoginConfig']);
if(empty($LoginConfig['Password2'])){
msgA(['code'=>-1,'msg'=>'当前账号未设置二级密码']);
}else{
msgA(['code'=>1,'msg'=> "当前账号: {$user_data['User']}<br />二级密码: {$LoginConfig['Password2']}"]);
}
}
msgA(['code'=>-1,'msg'=>'请求类型错误']);
@@ -200,9 +224,10 @@ function Load_db(){
}catch (Exception $e) {
Amsg(-1,'载入数据库失败'.$db_config['path']);
}
}elseif($db_config['type'] == 'mysql'){
}elseif($db_config['type'] == 'mysql' || $db_config['type'] == 'mariadb'){
try {
$db = new Medoo\Medoo(['type' => 'mysql',
$db = new Medoo\Medoo([
'type' => $db_config['type'],
'host' => $db_config['host'],
'port' => $db_config['port'],
'database' => $db_config['name'],
@@ -226,7 +251,7 @@ function echo_Atool(){
<head>
<meta charset="UTF-8">
<title>ATool 工具箱</title>
<link rel="stylesheet" href="../static/Layui/v2.8.10/css/layui.css">
<link rel="stylesheet" href="<?php echo $GLOBALS['layui']['css']; ?>">
<style>
html, body {min-width: 1200px;background-color: #fff;position: relative;}
.page-wrapper {width: 1200px;margin: 0 auto;padding: 0 15px;}
@@ -243,9 +268,11 @@ function echo_Atool(){
<a class="layui-btn layui-btn-sm layui-btn-primary" href="../index.php?c=<?php echo $global_config['Register'];?>" target="_blank"><i class="layui-icon layui-icon-add-1"></i>打开注册页</a>
<button type="set_allow_register" class="set layui-btn layui-btn-sm layui-btn-primary"><i class="layui-icon layui-icon-set-sm"></i>允许注册</button>
<button type="set_close_Maintenance" class="set layui-btn layui-btn-sm layui-btn-primary"><i class="layui-icon layui-icon-set-sm"></i>关闭维护模式</button>
<button type="set_open_debug" class="set layui-btn layui-btn-sm layui-btn-primary"><i class="layui-icon layui-icon-set-sm"></i>打开调试模式</button>
<button type="Set_Libs" class="set layui-btn layui-btn-sm layui-btn-primary"><i class="layui-icon layui-icon-set-sm"></i>重置静态路径</button>
<button type="Set_clear_cache" class="set layui-btn layui-btn-sm layui-btn-primary"><i class="layui-icon layui-icon-set-sm"></i>清除缓存</button>
<a class="layui-btn layui-btn-sm layui-btn-primary" href="https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7993451&doc_id=3767990" target="_blank"><i class="layui-icon layui-icon-align-left"></i>帮助</a>
<button type="del_tongji" class="del_tongji layui-btn layui-btn-sm layui-btn-primary"><i class="layui-icon layui-icon-set-sm"></i>清空统计</button>
<a class="layui-btn layui-btn-sm layui-btn-primary" href="https://docs.twonav.cn/#/books/start-07" target="_blank"><i class="layui-icon layui-icon-align-left"></i>帮助</a>
</div>
<hr>
<div class="layui-inline layui-form" style="padding-bottom: 5px;">
@@ -272,24 +299,22 @@ function echo_Atool(){
<!-- 表格操作列 -->
<script type="text/html" id="tablebar">
<div class="layui-btn-group">
<a class="layui-btn layui-btn-primary layui-btn-xs" lay-event="set_pwd">改密码</a>
<a class="layui-btn layui-btn-primary layui-btn-xs" lay-event="set_root">设站长</a>
<a class="layui-btn layui-btn-primary layui-btn-xs" lay-event="set_user_name">改账号</a>
<a class="layui-btn layui-btn-primary layui-btn-xs" lay-event="del_otp" title="移除OTP登录验证">删OTP</a>
<a class="layui-btn layui-btn-primary layui-btn-xs" lay-event="more">操作 <i class="layui-icon layui-icon-down"></i></a>
</div>
</script>
<script src="../static/Layui/v2.8.10/layui.js"></script>
<script src="<?php echo $GLOBALS['layui']['js']; ?>"></script>
<script src="../static/jquery/jquery-3.6.0.min.js"></script>
<script src="../static/jquery/jquery.md5.js"></script>
<script src="../templates/admin/js/public.js?v=<?php echo time();?>"></script>
<script>
layui.use(['layer','table'], function () {
layui.use(function () {
var $ = layui.jquery;
var layer = layui.layer;
var table = layui.table;
var dropdown = layui.dropdown;
var cols = [[
{field:'ID',title:'ID',width:60,sort:true}
,{title:'操作',toolbar:'#tablebar',width:220}
,{title:'操作',toolbar:'#tablebar',width:90}
,{field:'User',title:'账号',minWidth:120,templet:function(d){
return '<a style="color:#3c78d8" title="打开用户主页" target="_blank" href="../?u='+d.User+'">'+d.User+'</a>'
}}
@@ -301,6 +326,7 @@ function echo_Atool(){
,{field:'RegTime',title: '注册时间',minWidth:100,templet:function(d){
return d.RegTime == null ? '' : timestampToTime(d.RegTime,true);
}}
]]
//用户表渲染
table.render({
@@ -336,47 +362,67 @@ function echo_Atool(){
table.on('tool(table)', function (obj) {
console.log(obj.data);
var data = obj.data;
if (obj.event == 'set_pwd') {
layer.prompt({formType: 3,value: '',title: '请输入新密码'}, function(value, index, elem){
$.post('./ATool.php?type=set_pwd',{ID:data.ID,new_pwd:$.md5(value)},function(data,status){
if(data.code == 1) {
layer.close(index);
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
if(obj.event == 'more'){
dropdown.render({
elem: this,
show: true,
data: [{
title: '修改密码',
id: 'set_pwd'
},{
title: '设为站长',
id: 'set_root'
},{
title: '修改账号',
id: 'set_user_name'
},{
title: '取消双重验证',
id: 'del_otp'
},{
title: '查看二级密码',
id: 'get_pwd2'
}
});
});
}else if(obj.event == 'set_root'){
$.post('./ATool.php?type=set_root',{ID:data.ID},function(data,status){
if(data.code == 1) {
table.reload('table');
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
}else if(obj.event == 'set_user_name'){
layer.prompt({formType: 3,value: '',title:'请输入新账号 (原账号:'+data.User+')'}, function(value, index, elem){
$.post('./ATool.php?type=set_user_name',{ID:data.ID,new_user_name:value},function(data,status){
if(data.code == 1) {
layer.close(index);
table.reload('table');
layer.msg(data.msg, {icon: 1});
],
click: function(menu, othis){
if(menu.id == 'set_pwd'){
layer.prompt({formType: 3,value: '',title: '请输入新密码'}, function(value, index, elem){
$.post('./ATool.php?type=set_pwd',{ID:data.ID,new_pwd:$.md5(value)},function(data,status){
if(data.code == 1) {
layer.close(index);
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
});
}else if(menu.id == 'set_user_name'){
layer.prompt({formType: 3,value: '',title:'请输入新账号 (原账号:'+data.User+')'}, function(value, index, elem){
$.post('./ATool.php?type=set_user_name',{ID:data.ID,new_user_name:value},function(data,status){
if(data.code == 1) {
layer.close(index);
table.reload('table');
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
});
}else if(menu.id == 'set_root' || menu.id == 'del_otp' || menu.id == 'get_pwd2'){
$.post('./ATool.php?type=' + menu.id,{ID:data.ID},function(data,status){
if(data.code == 1) {
table.reload('table');
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
}else{
layer.msg(data.msg, {icon: 5});
layer.msg('无效操作', {icon: 5});
}
});
});
}else if(obj.event == 'del_otp'){
$.post('./ATool.php?type=del_otp',{ID:data.ID},function(data,status){
if(data.code == 1) {
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
})
}
return false;
});
$('.set').click(function () {
let type = $(this).attr("type");
@@ -389,6 +435,22 @@ function echo_Atool(){
});
return false;
});
//清空统计
$('.del_tongji').on('click', function(){
layer.confirm('确认后将删除所有账号的统计数据(访问统计/点击统计/报表统计),是否继续?',{icon: 3, title:'此操作不可逆'}, function(index){
$.post('./ATool.php?type=del_tongji',function(data,status){
layer.closeLast('loading');
if(data.code == 1){
layer.msg(data.msg,{icon: 1})
} else{
layer.msg(data.msg,{icon: 5});
}
}).fail(function(xhr, textStatus, errorThrown) {
layer.closeLast('loading');
layer.alert('请求失败');
});
});
});
$('#logout').click(function () {
layer.confirm('退出后ATool将被关闭并重置Key',{icon: 3, title:'为了您的站点安全:'}, function(index){
$.post('./ATool.php?type=logout',function(re,status){
@@ -415,7 +477,7 @@ function echo_verify(){ ?>
<head>
<meta charset="UTF-8">
<title>ATool 工具箱</title>
<link rel="stylesheet" href="../static/Layui/v2.8.10/css/layui.css">
<link rel="stylesheet" href="<?php echo $GLOBALS['layui']['css']; ?>">
<link rel="stylesheet" href="../static/Other/login.css">
</head>
<body>
@@ -438,9 +500,9 @@ function echo_verify(){ ?>
</div>
</form>
</div>
</div>
</div>$G
<script src = "../static/jquery/jquery-3.6.0.min.js"></script>
<script src = "../static/Layui/v2.8.10/layui.js"></script>
<script src = "<?php echo $GLOBALS['layui']['js']; ?>"></script>
<script src = '../static/jquery/jquery.md5.js'></script>
<script>
layui.use(['form','jquery'], function () {

2
system/Authenticator.php
View File

@@ -37,7 +37,7 @@ class PHPGangsta_GoogleAuthenticator
}
$secretkey = $this->_base32Decode($secret);
$time = chr(0).chr(0).chr(0).chr(0).pack('N*', $timeSlice);
$time = chr(0). chr(0) .chr(0). chr(0) .pack('N*', $timeSlice);
$hm = hash_hmac('SHA1', $time, $secretkey, true);
$offset = ord(substr($hm, -1)) & 0x0F;
$hashpart = substr($hm, $offset, 4);

1853
system/Medoo.php
View File

File diff suppressed because it is too large Load Diff

16
system/MySQL/20240720.php Normal file
View File

@@ -0,0 +1,16 @@
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
$sql ='
CREATE INDEX category_idx_1
ON user_categorys (fid, uid, status, property, pid, weight);
CREATE INDEX link_idx_1
ON user_links (uid, fid, status, property, pid, add_time, click);
';
//创建索引用于优化效率
if(exe_sql($sql)){
insert_db('updatadb_logs',['file_name'=>$file_name,'update_time'=>time(),'status'=>'TRUE','extra'=>'']);
}else{
msg(-1,'数据库更新失败');
}

29
system/MySQL/install.sql
View File

@@ -49,6 +49,9 @@ INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALU
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230522.php', '1684762253', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230715.php', '1689427853', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230723.php', '1690119053', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20231218.php', '1702828800', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20240328.php', '1711296000', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20240720.php', '1721404800', 'TRUE', '');
-- 创建用户表
DROP TABLE IF EXISTS `global_user`;
@@ -66,6 +69,8 @@ CREATE TABLE IF NOT EXISTS `global_user` (
`Login` varchar(16) NOT NULL COMMENT '登录入口',
`LoginConfig` text NOT NULL COMMENT '登陆配置',
`kct` int(10) UNSIGNED DEFAULT '0' COMMENT 'Key清理时间',
`domain` text NOT NULL COMMENT '个性域名',
`phone` text NOT NULL COMMENT '手机号',
`Extend1` text NOT NULL COMMENT '扩展1',
`Extend2` text NOT NULL COMMENT '扩展2',
PRIMARY KEY (`ID`),
@@ -90,13 +95,15 @@ CREATE TABLE IF NOT EXISTS `user_categorys` (
`description` text NOT NULL DEFAULT '' COMMENT '描述',
`font_icon` text NOT NULL COMMENT '字体图标',
`icon` text NOT NULL DEFAULT '' COMMENT '个性图标',
`category_type` VARCHAR(255) NOT NULL DEFAULT 'link' COMMENT '分类类型',
`max` VARCHAR(255) NOT NULL DEFAULT '' COMMENT '显示数量',
`extend` text NOT NULL COMMENT '扩展',
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 COMMENT='用户分类';
INSERT INTO `user_categorys` (`id`, `cid`, `fid`, `uid`, `pid`, `status`, `property`, `name`, `add_time`, `up_time`, `weight`, `description`, `font_icon`, `icon`, `extend`) VALUES
(1, 1, 0, 0, 0, 1, 0, '默认分类', 1672502400, 1672502400, 0, 'TwoNav默认分类', 'fa fa-book', '', '');
CREATE INDEX category_idx_1 ON user_categorys (fid, uid, status, property, pid, weight);
-- 用户链接表
DROP TABLE IF EXISTS `user_links`;
@@ -127,7 +134,7 @@ INSERT INTO `user_links` (`id`, `lid`, `uid`, `fid`, `pid`, `status`, `property`
(1, 1, 0, 1, 0, 1, 0, 'TwoNav 源码', 'https://gitee.com/tznb/TwoNav', '', 0, '项目开源地址', '', 0, 1672502400, 1672502400, ''),
(2, 2, 0, 1, 0, 1, 0, '使用说明', 'https://gitee.com/tznb/TwoNav/wikis', '', 0, '使用说明', '', 0, 1672502400, 1672502400, '');
CREATE INDEX link_idx_1 ON user_links (uid, fid, status, property, pid, add_time, click);
-- 登录信息表
DROP TABLE IF EXISTS `user_login_info`;
@@ -300,3 +307,21 @@ CREATE TABLE IF NOT EXISTS `user_article_list` (
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4;
-- 第三方用户表
CREATE TABLE IF NOT EXISTS `third_party_user` (
`id` int UNSIGNED NOT NULL AUTO_INCREMENT,
`uid` int UNSIGNED NOT NULL COMMENT '用户id',
`inlet` text NOT NULL COMMENT '入口',
`provider` text NOT NULL COMMENT '提供商',
`nickname` text NOT NULL COMMENT '昵称',
`openid` text NOT NULL COMMENT '第三方用户标识',
`access_token` text NOT NULL COMMENT '访问令牌',
`refresh_token` text NOT NULL COMMENT '刷新令牌',
`faceimg` text NOT NULL COMMENT '头像URL',
`bind_time` int UNSIGNED NOT NULL DEFAULT 0 COMMENT '绑定时间',
`login_time` int UNSIGNED NOT NULL DEFAULT 0 COMMENT '登录时间',
`expires` int UNSIGNED NOT NULL DEFAULT 0 COMMENT '到期时间',
`extend` text NOT NULL COMMENT '扩展',
FOREIGN KEY (`uid`) REFERENCES `global_user` (`ID`) ON DELETE CASCADE,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4;

186
system/Register.php
View File

@@ -47,192 +47,8 @@ if(!preg_match('/^[A-Za-z0-9]{4,13}$/', $user)){
msg(-1,'POST提交的密码异常≠32!');
}elseif(preg_match("/^(system|data|static|templates|index|root|admin)$/i",$user) ) {
msg(-1,'改用户名已被系统保留!');
}elseif(!empty(get_db('global_user','ID',['User'=>$user ]))){
msg(-1,'该账号已被注册!');
}elseif(!empty(get_db('global_user','ID',['Email'=>$Email ]))){
msg(-1,'该邮箱已被使用!');
}elseif(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$Email)){
msg(-1,'邮箱错误!');
}elseif(username_retain_verify($user)){
msg(-1,'该账号已被站长保留!');
}
//读取邮件配置
$mail_config = get_db("global_config","v",["k"=>"mail_config"]);
if(!empty($mail_config)){
$mail_config = unserialize($mail_config);
if($mail_config['verify_email'] == 1 && $_GET['type'] == 'getcode'){
//判断是否频繁发送
$send_interval = intval($mail_config['send_interval']);
if($send_interval > 0 && has_db('user_log',['type'=>'send_email','ip'=>$IP,'time[>]'=>time() - $send_interval])){
msg(-1,'请勿频繁获取验证码');
}
$mail_config['addressee'] = $_POST['Email'];
$mail_config['Subject'] = '验证码';
$code = mt_rand(100000,999999);
if(!strstr($mail_config['verify_template'],'$code')){
$mail_config['verify_template'] = '您的验证:$code';
}
$mail_config['Body'] = empty($mail_config['verify_template']) ? '您的验证:'.$code:str_replace('$code', $code, $mail_config['verify_template']);
$mail_config['return']='bool';
if(send_email($mail_config)){
session_start();
$_SESSION["{$_POST['Email']}"]['code'] = "$code";
$_SESSION["{$_POST['Email']}"]['time'] = time();
insert_db("user_log", ["uid" => 0,"user"=>$user,"ip"=>$IP,"time"=>time(),"type" => 'send_email',"content"=>Get_Request_Content(),"description"=>"发送注册验证码:".$code.', 接收邮箱: '.$_POST['Email']]);
msg(1,'发送成功');
}else{
msg(-1,'发送失败');
}
exit;
}
}
//验证码效验
if(!empty($mail_config['verify_email']) && $mail_config['verify_email'] == 1){
session_start();
if(empty($_POST['code'])){
msg(-1,'请输入验证码');
}elseif ($_POST['code'] != $_SESSION["{$_POST['Email']}"]['code']) {
msg(-1,'验证码错误'.$_SESSION["{$_POST['Email']}"]['code']);
}elseif($_SESSION["{$_POST['Email']}"]['time'] + 300 < time()){
msg(-1,'验证码已过期');
}
unset($_SESSION["{$_POST['Email']}"]);
}
//插入用户表和创建初始数据库
$RegTime = time();
$PassMD5 = Get_MD5_Password($pass,$RegTime);
$Elogin = Get_Exclusive_Login($user);
//用户组
if(!empty($regcode_info['u_group'])){
$UserGroup = $regcode_info['u_group'];
}elseif(!empty($global_config['default_UserGroup'])){
$UserGroup = $global_config['default_UserGroup'];
}else{
$UserGroup = 'default';
}
//读取用户组信息,如果用户组不存在则设为默认用户组
if($UserGroup != 'default'){
$Group = get_db('user_group','*',['code' => $UserGroup]);
if(empty( $Group )){
$UserGroup = 'default';
}
}
$blueprint = !empty(get_db('global_user','ID',['ID'=>$Group['uid']]));
if($blueprint){
$LoginConfig = unserialize(get_db('global_user','LoginConfig',['ID'=>$Group['uid']]));
$LoginConfig['Password2'] = '';
}else{
//不需要修改内容,无需反序化
$LoginConfig = get_db('global_config','v',['k'=>'LoginConfig']);
}
//父ID
if(!empty($regcode_info['user'])){
$FID = get_db('global_user','ID',['User'=>$regcode_info['user']]);
}else{
$FID = 0;
}
insert_db("global_user", [
"FID"=>$FID,
"User"=>$user,
"Password"=>$PassMD5,
"UserGroup"=>$UserGroup,
"Email"=>$Email,
"SecretKey"=>'',
"Token"=>'',
"RegIP"=>$IP,
"RegTime"=>$RegTime,
"Login"=>$Elogin,
"LoginConfig"=>$LoginConfig
]);
//读取用户信息
$USER_DB = get_db("global_user", "*", ["User"=>$user]);
//记录日志
insert_db("user_log", ["uid" => $USER_DB['ID'],"user"=>$USER_DB['User'],"ip"=>$IP,"time"=>time(),"type" => 'register',"content"=>Get_Request_Content(),"description"=>"注册账号"]);
//生成Cookie
Set_key($USER_DB);
//注册码注册时回写数据
if(!empty($regcode_info)){
update_db('regcode_list',['use_time'=>time(),'use_state'=>'已使用,用户名:'.$user],['id'=>$regcode_info['id']]);
}
//写默认站点配置
if($blueprint){
$s_site = get_db('user_config','v',['k'=>'s_site','uid'=>$Group['uid']]);
}else{
$s_site = get_db('global_config','v',['k'=>'s_site']);
}
insert_db("user_config", ["uid"=>$USER_DB['ID'], "k" => "s_site","v" => $s_site,"d" => '站点配置','t'=>'config']);
//写默认模板
if($blueprint){
$global_templates = unserialize(get_db('user_config','v',['k'=>'s_templates','uid'=>$Group['uid']]));
}else{
$global_templates = unserialize(get_db('global_config','v',['k'=>'s_templates']));
}
insert_db("user_config", ["uid" => $USER_DB['ID'],"k"=>"s_templates","v"=>$global_templates,"t"=>"config","d" => '默认模板']);
//写初始分类和链接
$time = time();
if($blueprint){
$categorys = select_db('user_categorys','*',['uid'=>$Group['uid']]);
$links = select_db('user_links','*',['uid'=>$Group['uid']]);
}else{
$categorys = select_db('user_categorys','*',['uid'=>0]);
$links = select_db('user_links','*',['uid'=>0]);
}
foreach ($categorys as $key => $data){
$data['uid'] = $USER_DB['ID'];
$data['add_time'] = $time;
$data['up_time'] = $time;
unset($data['id']);
insert_db('user_categorys',$data);
}
foreach ($links as $key => $data){
$data['uid'] = $USER_DB['ID'];
$data['add_time'] = $time;
$data['up_time'] = $time;
unset($data['id']);
insert_db('user_links',$data);
}
//写初始ID
$link_id = intval(max_db('user_links','lid',['uid'=>$USER_DB['ID']])) +1;
insert_db("user_config", ["uid"=>$USER_DB['ID'],"k"=>"link_id","v"=>$link_id,"t"=>"max_id","d"=>'链接ID']);
$category_id = intval(max_db('user_categorys','cid',['uid'=>$USER_DB['ID']])) +1;
insert_db("user_config", ["uid"=>$USER_DB['ID'],"k"=>"category_id","v"=>$category_id,"t"=>"max_id","d"=>'分类ID']);
insert_db("user_config", ["uid"=>$USER_DB['ID'],"k"=>"pwd_group_id","v"=>1,"t"=>"max_id","d"=>'加密组ID']);
//账号保留
function username_retain_verify($username){
$list = get_db("global_config", "v", ["k" => "username_retain"]);
if(empty($list)){
return false;
}
$patterns = explode("\n", $list);
foreach($patterns as $pattern){
if (preg_match($pattern, $username)) {
return true;
}
}
return false;
}
//返回注册成功
msg(1,'注册成功');
msg(-1,'免费版不支持此功能<br /> <a href="https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968669&doc_id=3767990" target="_blank" style="color: #1e9fff;">点击此处前往购买页面</a>');

16
system/SQLite/20240720.php Normal file
View File

@@ -0,0 +1,16 @@
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
$sql ='
CREATE INDEX "category_idx_1"
ON "user_categorys" ("fid","uid","status","property","pid","weight");
CREATE INDEX "link_idx_1"
ON "user_links" ("uid","fid","status","property","pid","add_time","click");
';
//创建索引用于优化效率
if(exe_sql($sql)){
insert_db('updatadb_logs',['file_name'=>$file_name,'update_time'=>time(),'status'=>'TRUE','extra'=>'']);
}else{
msg(-1,'数据库更新失败');
}

30
system/SQLite/install.sql
View File

@@ -41,7 +41,9 @@ INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALU
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230522.php', '1684762253', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230715.php', '1689427853', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20230723.php', '1690119053', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20231218.php', '1702828800', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20240328.php', '1711296000', 'TRUE', '');
INSERT INTO "updatadb_logs" ("file_name", "update_time", "status", "extra") VALUES ('20240720.php', '1721404800', 'TRUE', '');
-- 创建用户表
CREATE TABLE IF NOT EXISTS "global_user" (
@@ -58,6 +60,8 @@ CREATE TABLE IF NOT EXISTS "global_user" (
"Login" TEXT(16) NOT NULL,
"LoginConfig" TEXT NOT NULL,
"kct" integer(10) DEFAULT 0,
"domain" TEXT NOT NULL DEFAULT "",
"phone" TEXT NOT NULL DEFAULT "",
"Extend1" TEXT NOT NULL DEFAULT "",
"Extend2" TEXT NOT NULL DEFAULT "",
CONSTRAINT "User" UNIQUE ("User" ASC, "Email" ASC)
@@ -79,10 +83,13 @@ CREATE TABLE IF NOT EXISTS "user_categorys" (
"description" TEXT(128) NOT NULL DEFAULT "",
"font_icon" TEXT DEFAULT "",
"icon" TEXT DEFAULT "",
"category_type" TEXT DEFAULT "link",
"max" text DEFAULT "",
"extend" TEXT DEFAULT ""
);
INSERT INTO "user_categorys"("id", "cid", "fid", "uid", "pid", "status", "property", "name", "add_time", "up_time", "weight", "description", "font_icon", "icon", "extend") VALUES (1, 1, 0, 0, 0, 1, 0, '默认分类', 1672502400, 1672502400, 0, 'TwoNav默认分类', 'fa fa-book', '', '');
CREATE INDEX "category_idx_1" ON "user_categorys" ("fid","uid","status","property","pid","weight");
-- 用户链接表
CREATE TABLE IF NOT EXISTS "user_links" (
@@ -107,7 +114,8 @@ CREATE TABLE IF NOT EXISTS "user_links" (
);
INSERT INTO "user_links"("id", "lid", "uid", "fid", "pid", "status", "property", "title", "url", "url_standby", "weight", "description", "icon", "click", "add_time", "up_time", "extend") VALUES (1, 1, 0, 1, 0, 1, 0, 'TwoNav 源码', 'https://gitee.com/tznb/TwoNav', '', 0, '项目开源地址', '', 0, 1672502400, 1672502400, '');
INSERT INTO "user_links"("id", "lid", "uid", "fid", "pid", "status", "property", "title", "url", "url_standby", "weight", "description", "icon", "click", "add_time", "up_time", "extend") VALUES (2, 2, 0, 1, 0, 1, 0, '使用说明', 'https://gitee.com/tznb/TwoNav/wikis', '', 0, '使用说明', '', 0, 1672502400, 1672502400, '');
CREATE INDEX "link_idx_1" ON "user_links" ("uid","fid","status","property","pid","add_time","click");
-- 登录信息表
CREATE TABLE IF NOT EXISTS "user_login_info" (
"id" integer NOT NULL PRIMARY KEY AUTOINCREMENT,
@@ -263,4 +271,22 @@ CREATE TABLE "user_article_list" (
"cover" TEXT,
"extend" TEXT,
CONSTRAINT "id" UNIQUE ("id" ASC)
);
-- 第三方用户表
CREATE TABLE "third_party_user" (
"id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
"uid" INTEGER NOT NULL,
"inlet" TEXT NOT NULL DEFAULT "",
"provider" TEXT NOT NULL DEFAULT "",
"nickname" TEXT NOT NULL DEFAULT "",
"openid" TEXT NOT NULL DEFAULT "",
"access_token" TEXT NOT NULL DEFAULT "",
"refresh_token" TEXT NOT NULL DEFAULT "",
"faceimg" TEXT NOT NULL DEFAULT "",
"bind_time" integer NOT NULL DEFAULT 0,
"login_time" integer NOT NULL DEFAULT 0,
"expires" integer NOT NULL DEFAULT 0,
"extend" TEXT NOT NULL DEFAULT "",
CONSTRAINT "uid" FOREIGN KEY ("uid") REFERENCES "global_user" ("ID") ON DELETE CASCADE
);

83
system/UseFew/Import_data.php
View File

@@ -18,7 +18,7 @@ if($_GET['type'] == 'upload'){
//取后缀并判断是否支持
$suffix = strtolower(end(explode('.',$_FILES["file"]["name"])));
if(!preg_match('/^(db3|html)$/i',$suffix)){
if(!preg_match('/^(db3|html|itabdata)$/i',$suffix)){
@unlink($_FILES["file"]["tmp_name"]);
msg(-1,'文件格式不被支持!');
}
@@ -384,6 +384,87 @@ if($_GET['type'] == 'upload'){
}
}
msg(-1,'导入失败.');
}elseif($_GET['type'] == 'itabdata'){
$temp_path = $_SESSION['upload_bookmark'][UID][$sid];
$content = file_get_contents($temp_path);
$data = json_decode($content, true);
if(!isset($data['navConfig']) || empty($data['navConfig'])){
msg(-1,'数据解析失败,请确认导入的是iTab备份的数据,且导出内容包含图标');
}
$time = time();
$success = 0; $fail = 0; $total = 0;$res = '';
$res='<table class="layui-table" lay-even><colgroup><col width="200"><col width="250"><col></colgroup><thead><tr><th>标题</th><th>URL</th><th>失败原因</th></tr></thead><tbody>';
foreach($data['navConfig'] as $key => $category){
if(!isset($category['children']) || empty($category['children'])){
continue; //分类下没数据则跳过
}
//分类名称不错在时创建
if(!has_db('user_categorys',['name'=>$category['name']]) ){
insert_db('user_categorys',[
'uid'=>UID,
'cid'=>get_maxid('category_id'),
'fid'=>0,
'pid'=>0,
'status'=>1,
'property'=>1,
'name'=>$category['name'],
'add_time'=>$time,
'up_time'=>$time,
'weight'=>0,
'description'=>'',
'font_icon'=>'fa fa-user',
'icon'=>''
]
);
}
// 读取分类ID
$category_id = get_db('user_categorys','cid',['uid'=>UID,'name'=>$category['name']]);
if(empty($category_id)){
msg(-1,'意外结束:创建或读取分类信息失败!');
}
$total += count($category['children']);
//遍历链接
foreach($category['children'] as $link){
$id = get_db('user_links','id',['uid'=>UID,'url'=>$link['url'] ]);
if(!empty($id)){
$res=$res.'<tr><td>'.mb_substr($link['name'], 0, 30).'</td><td>'.mb_substr($link['url'], 0, 40).'</td><td>URL重复'.'</td></tr>';
$fail++;
continue;
}
if(empty($id) && strpos($link['url'], "http") === 0 ){
insert_db('user_links',[
'uid' => UID,
'lid' => get_maxid('link_id'),
'fid' => $category_id,
'add_time' => $time,
'up_time' => $time,
'weight' => 0,
'title' => $link['name'] ,
'url' => $link['url'],
'property' => 0,
'icon' => '', // "{$link['src']}",
'status' => 1
]);
$success++;
}else{
$res=$res.'<tr><td>'.mb_substr($link['name'], 0, 30).'</td><td>'.mb_substr($link['url'], 0, 40).'</td><td>'.$link['name'].' >> 不是链接'.'</td></tr>';
$fail++;
}
}
}
$data = [
'code' => 1,
'msg' => '总数:'.$total.' 成功:'.$success.' 失败:'.$fail,
'res' => $res.'</tbody></table>',
'fail' => $fail
];
//删除文件和变量
unlink($temp_path);
unset($_SESSION['upload_bookmark'][UID][$sid]);
msgA($data);
}elseif($_GET['type'] == 'data_empty'){
//验证密码
global $USER_DB;

352
system/UseFew/local_backup.php
View File

@@ -4,355 +4,5 @@ if(!defined('DIR')){
header("status: 404 Not Found");
exit;
}else{
if(!is_subscribe('bool')){
msg(-1,"未检测到有效授权,无法使用该功能!");
}
if($_GET['type'] == 'list'){
$backup_dir = DIR."/data/backup/".U."/"; //备份目录
$file_list = glob("{$backup_dir}*.info"); //扫描文件
$num = count($file_list); //取列表数
rsort($file_list,2); //按时间从大到小重排序
//备份文件数大于20个时删除旧数据
if( $num > 20 ) {
for ($i=$num; $i > 20; $i--) {
$path = pathinfo($file_list[$i-1]);
$path = $path['dirname'] .'/'. $path['filename'];
unlink($path.'.info');
unlink($path.'.db3');
unlink($path.'.tar');
array_pop($file_list);
}
$count = 20;
}else{
$count = $num;
}
$data = [];
//遍历读入备份信息
foreach ($file_list as $key => $filePath) {
$file = pathinfo($filePath);
$info_file = @file_get_contents("{$file['dirname']}/{$file['filename']}.info");
$info = json_decode($info_file,true);
if($info != false){
array_push($data,$info);
}
}
msgA( ['code' => 1,'msg' => '','count' => $count,'data' => $data] );
}elseif($_GET['type'] == 'backup'){
//初始信息
$info['user_dir'] = DIR."/data/user/".U;
$info['backup_dir'] = DIR."/data/backup/".U; //备份目录
$info['file'] = SysVer . "_".date("ymdHis",time())."_".Get_Rand_Str(5);
$info['file_db'] = $info['backup_dir'] .'/'. $info['file'].'.db3';
$info['file_info'] = $info['backup_dir'] .'/'. $info['file'].'.info';
$info['file_gz'] = $info['backup_dir'] .'/'. $info['file'].'.tar';
$info['table_arr'] = ['user_config','user_categorys','user_links','user_pwd_group','user_apply','user_share','user_article_list'];
$info['lock'] = DIR.'/data/user/'.U.'/lock.'.UID;
if (!extension_loaded('phar')) {
msg(-1,'不支持phar扩展');
}elseif(!is_dir($info['backup_dir']) && !mkdir($info['backup_dir'],0755,true) ){
msg(-1,'创建backup目录失败');
}elseif(!is_file($info['lock']) && !file_put_contents($info['lock'],'TwoNav')){
msg(-1,'创建lock文件失败');
}
//打包用户文件
try {
$phar = new PharData($info['file_gz']);
$phar->buildFromDirectory($info['user_dir']);
} catch (Exception $e) {
msg(-1,'打包用户数据发生异常>'.$e->getMessage());
}
//创建数据
try {
$MyDB = new Medoo\Medoo(['type'=>'sqlite','database'=>$info['file_db']]);
$MyDB->query('CREATE TABLE IF NOT EXISTS "backup" ("id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,"name" TEXT,"data" TEXT,CONSTRAINT "id" UNIQUE ("id" ASC));')->fetchAll();
$MyDB->insert('backup',['name'=>'ver','data'=>SysVer]); //记系统版本
$MyDB->insert('backup',['name'=>'backup_time','data'=>time()]); //记备份时间
$MyDB->insert('backup',['name'=>'database_type','data'=>$GLOBALS['db_config']['type']]); //数据库类型
}catch (Exception $e) {
Amsg(-1,'创建备份数据库失败');
}
//开始备份数据
$table_info = [];
foreach($info['table_arr'] as $table_name){
$count = count_db($table_name,['uid'=>UID]); //总条数
$limit = 100; //每页数量
$pages= ceil($count/$limit); //总页数
//分页逐条处理
for ($page=1; $page<=$pages; $page++) {
$where['uid'] = UID;
$where['LIMIT'] = [($page - 1) * $limit,$limit];
$datas = select_db($table_name,'*',$where);
foreach($datas as $data){
try {
if(isset($data['id'])){
unset($data['id']);
}
$MyDB->insert('backup',['name'=>$table_name,'data'=>$data]);
}catch (Exception $e) {
Amsg(-1,'插入数据时发生异常');
}
}
}
$table_info[$table_name] = ['count'=>$count,'pages'=>$pages];
}
//备份信息
$info['info'] = [
"name" => $info['file'],
"db_size" => filesize($info['file_db']),
"db_md5" => md5_file($info['file_db']),
"tar_size" => filesize($info['file_gz']),
"tar_md5" => md5_file($info['file_gz']),
"backup_time" => time(),
"version" => SysVer,
"desc" => "{$_POST['desc']}"
];
$info['info'] = array_merge($table_info,$info['info']);
$info['info'] = json_encode($info['info']);
//写到文件
if(file_put_contents($info['file_info'], $info['info']) === false){
msg(-1,'写备份信息失败');
}
msg(1,'备份成功');
//删除备份
}elseif($_GET['type'] == 'del'){
$path = DIR."/data/backup/".U."/".$_POST['name'];
if( !preg_match_all('/^v\d+\.\d+\.\d+-\d{8}_\d{12}_[A-Za-z0-9]{5}$/',$_POST['name']) ) {
msg(-1,'数据库名称不合法');
}elseif(!is_file($path.'.info')){
msg(-1,'备份不存在');
}elseif(!extension_loaded('phar')) {
msg(-1,'不支持phar扩展');
}
try {
unlink($path.'.info');
unlink($path.'.db3');
unlink($path.'.tar');
msg(1,'备份数据库已被删除');
} catch (\Throwable $th) {
msg(-1,"删除失败,请检查目录权限");
}
//回滚备份
}elseif($_GET['type'] == 'restore'){
try {
global $db;
header('Content-Type:application/json; charset=utf-8');
//使用事务来处理
$db->action(function($db) {
//检测是否符合回滚要求
$path = DIR."/data/backup/".U."/".$_POST['name'];
if( !preg_match_all('/^v\d+\.\d+\.\d+-\d{8}_\d{12}_[A-Za-z0-9]{5}$/',$_POST['name']) ) {
msg(-1,'数据库名称不合法');
}
$info_file = @file_get_contents($path.'.info');
$info = json_decode($info_file,true);
if($info == false){
msg(-1,'读取备份信息失败');
}elseif($info['db_md5'] != md5_file($path.'.db3')){
msg(-1,'db3文件效验失败');
}elseif($info['tar_md5'] != md5_file($path.'.tar')){
msg(-1,'tar文件效验失败');
}
//载入数据库
try {
$MyDB = new Medoo\Medoo(['type'=>'sqlite','database'=>$path.'.db3']);
}catch (Exception $e) {
msg(-1,'载入备份数据库失败');
return false;
}
//遍历删除用户数据
$info['table_arr'] = ['user_config','user_categorys','user_links','user_pwd_group','user_apply','user_share','user_article_list'];
foreach($info['table_arr'] as $table_name){
//删除数据
delete_db($table_name,['uid'=>UID]);
//确保数据已删除
if($db->has($table_name,['uid'=>UID])){
msg(-1,'del ' . $table_name . ' fail');
}
//读取条数,分页逐条导入
$count = $MyDB->count('backup',['name'=>$table_name]); //总条数
$limit = 100; //每页数量
$pages= ceil($count/$limit); //总页数
for ($page=1; $page<=$pages; $page++) {
$where['name'] = $table_name;
$where['LIMIT'] = [($page - 1) * $limit,$limit];
$datas = $MyDB->select('backup','data',$where);
foreach($datas as $key => $data){
$data = unserialize($data);
//处理null
foreach ($data as $key => $value) {
if ($value === null) {
$data[$key] = '';
}
}
if(isset($data['id'])){
unset($data['id']);
}
$data['uid'] = UID;
insert_db($table_name,$data);
}
}
//确保数据已导入
if($count != count_db($table_name,['uid'=>UID])){
msg(-1,'restore ' . $table_name . ' fail');
}
}
//删除用户目录
$user_dir = DIR."/data/user/".U;
if(is_dir($user_dir) && !deldir($user_dir)){
msg(-1,'删除用户目录失败');
}
//创建用户目录
if(!is_dir($user_dir) && !mkdir($user_dir,0755,true)){
msg(-1,'创建用户目录失败');
}
//回滚用户目录
try {
$phar = new PharData($path.'.tar');
$phar->extractTo($user_dir, null, true);
} catch (Exception $e) {
msg(-1,'回滚用户数据失败');
}
//返回信息,直接msg会导致回滚
header('Content-Type:application/json; charset=utf-8');
echo(json_encode(['code'=>1,'msg'=>'回滚成功']));
});
} catch (\Throwable $th) {
msg(-1,"回滚失败");
}
//导出密码验证
}elseif($_GET['type'] == 'create'){
global $USER_DB;
$pwd = Get_MD5_Password($_POST['pwd'],$USER_DB["RegTime"]) === $USER_DB["Password"];
if(!$pwd){
msg(-1,'密码错误');
}elseif(empty($_POST['name'])){
msg(-1,'文件名不能为空');
}elseif(!extension_loaded('phar')) {
msg(-1,'不支持phar扩展');
}
$path = DIR."/data/backup/".U."/".$_POST['name'];
if(!is_file($path.'.info')){
msg(-1,'info文件不存在');
}elseif(!is_file($path.'.db3')){
msg(-1,'db3文件不存在');
}elseif(!is_file($path.'.tar')){
msg(-1,'tar文件不存在');
}
session_start();
$key = md5(uniqid().Get_Rand_Str(8));
try {
$temp_dir = DIR."/data/temp/{$key}";
if(!is_dir($temp_dir) && !mkdir($temp_dir,0755,true)){
msg(-1,'创建临时目录失败');
}
copy($path.'.info',"{$temp_dir}/{$_POST['name']}.info");
copy($path.'.db3',"{$temp_dir}/{$_POST['name']}.db3");
copy($path.'.tar',"{$temp_dir}/{$_POST['name']}.tar");
$backup_path = "{$temp_dir}/TwoNav_{$_POST['name']}.tar";
$phar = new PharData($backup_path);
$phar->buildFromDirectory($temp_dir);
$phar->compress(Phar::GZ);
$backup_path .= ".gz";
if(!is_file($backup_path)){
msg(-1,'打包数据失败');
}
} catch (Exception $e) {
msg(-1,'压缩数据异常');
}
$_SESSION['download'][$key] = $backup_path;
msgA(['code'=>1,'msg'=>'success','key'=>$key]);
//下载备份数据
}elseif($_GET['type'] == 'download'){
session_start();
if(empty($_GET['key']) || !isset($_SESSION['download'][$_GET['key']])){
msg(-1,'Key不存在,请重新导出');
}
$path = $_SESSION['download'][$_GET['key']];
if(!is_file($path)){
msg(-1,'文件不存在,请重新导出');
}
$filename = pathinfo($path,PATHINFO_BASENAME);
header("Cache-Control: public");
header("Content-Description: File Transfer");
header('Content-disposition: attachment; filename='.$filename); //文件名
header("Content-Type: application/octet-stream");
header("Content-Transfer-Encoding: binary"); //告诉浏览器,这是二进制文件
header('Content-Length: '. filesize($path)); //告诉浏览器,文件大小
readfile($path); //返回文件
unlink ($path);//删除临时文件
unset($_SESSION['download'][$_GET['key']]); //删除Key
deldir(DIR."/data/temp/{$_GET['key']}"); //删除临时目录
//导入
}elseif($_GET['type'] == 'local_import'){
if (!extension_loaded('phar')) {
msg(-1,'不支持phar扩展');
}
$key = md5(uniqid().Get_Rand_Str(8));
$temp_dir = DIR."/data/temp/{$key}";
if(!is_dir($temp_dir) && !mkdir($temp_dir,0755,true)){
msg(-1,'创建临时目录失败');
}
//解压数据
try {
copy($_FILES['file']['tmp_name'],"{$temp_dir}/{$_FILES['file']['name']}");
$phar = new PharData("{$temp_dir}/{$_FILES['file']['name']}");
$phar->extractTo($temp_dir, null, true);
unlink("{$temp_dir}/{$_FILES['file']['name']}");
} catch (Exception $e) {
deldir($temp_dir);
msg(-1,'解压数据失败');
}
//获取备份信息
$file = glob("{$temp_dir}/*.info");
if(count($file) != 1){
deldir($temp_dir);
msg(-1,'读取备份信息失败');
}
$file = pathinfo($file[0]);
$info = @file_get_contents("{$temp_dir}/{$file['basename']}");
$info = json_decode($info,true);
if($info == false){
deldir($temp_dir);
msg(-1,'解析备份信息失败');
}elseif($info['db_md5'] != md5_file("{$temp_dir}/{$info['name']}.db3")){
deldir($temp_dir);
msg(-1,'db3文件效验失败'.$info['db_md5']);
}elseif($info['tar_md5'] != md5_file("{$temp_dir}/{$info['name']}.tar")){
deldir($temp_dir);
msg(-1,'tar文件效验失败');
}
//检查目录
if(!Check_Path(DIR."/data/backup/".U)){
msg(-1,'创建backup目录失败,请检查权限');
}
//复制到用户数据
try {
$backup_dir = DIR."/data/backup/".U."/";
copy("{$temp_dir}/{$info['name']}.info","{$backup_dir}{$info['name']}.info");
copy("{$temp_dir}/{$info['name']}.db3", "{$backup_dir}{$info['name']}.db3");
copy("{$temp_dir}/{$info['name']}.tar", "{$backup_dir}{$info['name']}.tar");
deldir($temp_dir);
msg(1,'导入成功');
} catch (Exception $e) {
deldir($temp_dir);
msg(-1,'复制数据失败,请检查目录权限');
}
//结束
}
msg_tip();
}

103
system/admin.php
View File

@@ -68,7 +68,12 @@ if($page == 'config_home'){
if(!in_array($_GET['fn'],['home','login','register','transit','guide','article','verify','guestbook','apply'])){
msg(-1,"参数错误");
}
$theme_config_db = get_db('user_config','v',['t'=>'theme_'.$_GET['fn'],'k'=>$theme,'uid'=>UID]);
if(in_array($_GET['fn'],['guide','register'])){
$theme_config_db = get_db('global_config','v',['k'=>"theme_{$_GET['fn']}_{$theme}"]);
}else{
$theme_config_db = get_db('user_config','v',['t'=>'theme_'.$_GET['fn'],'k'=>$theme,'uid'=>UID]);
}
$theme_config_db = unserialize($theme_config_db);
//如果不为空则合并数据
@@ -83,102 +88,6 @@ if($page == 'config_home'){
exit;
}
//主题设置页面
if( $page == 'theme_home' || $page == 'theme_login' || $page == 'theme_transit' || $page == 'theme_register' || $page == 'theme_guide' || $page == 'theme_article') {
if(!check_purview('theme_in',1)){
require(DIR.'/templates/admin/page/404.php');
exit;
}
$fn = str_replace('theme_','',$page);
$dirs = get_dir_list(DIR.'/templates/'.$fn);
foreach ($dirs as $dir) {
$path = DIR.'/templates/'.$fn.'/'.$dir; //目录完整路径
//没有信息文件则跳过
if(!is_file($path.'/info.json') ) {continue;}
//读取主题信息
$themes[$dir]['info'] = json_decode(@file_get_contents($path.'/info.json'),true);
//是否支持配置
$themes[$dir]['info']['config'] = is_file($path.'/config.php') ? '1':'0';
//预览图优先顺序:png>jpg>info>default
if(is_file($path.'/screenshot.jpg')){
$themes[$dir]['info']['screenshot'] = "./templates/$fn/$dir/screenshot.jpg";
}elseif(is_file($path.'/screenshot.png')){
$themes[$dir]['info']['screenshot'] = "./templates/$fn/$dir/screenshot.png";
}elseif(empty($themes[$dir]['info']['screenshot'])){
$themes[$dir]['info']['screenshot'] = "./templates/admin/static/42ed3ef2c4a50f6d.png";
}
}
//获取当前主题
require "./system/templates.php";
//在线主题处理
if ( !$global_config['offline'] && $USER_DB['UserGroup'] === 'root'){
if(preg_match('/^v.+-(\d{8})$/i',SysVer,$matches)){
$sysver = intval( $matches[1] );//取版本中的日期
}else{
exit("获取程序版本异常");
}
//读取缓存
$template = get_db('global_config','v',['k'=>$page.'_cache']);
if(!empty($template)){
$data = json_decode($template, true);
}
//没有缓存 或 禁止缓存 或 缓存过时
if(empty($template) || $_GET['cache'] === 'no' || time() - $data["time"] > 1800 ){
$urls = [
"lm21" => "https://update.lm21.top/TwoNav/{$fn}_template.json",
"gitee" => "https://gitee.com/tznb/twonav_updata/raw/master/{$fn}_template.json"
];
$Source = $global_config['Update_Source'] ?? '';
if (!empty($Source) && isset($urls[$Source])) {
$urls = [$Source => $urls[$Source]];
}
}else{
$cache = true;
}
//读取超时参数
$overtime = !isset($global_config['Update_Overtime']) ? 3 : ($global_config['Update_Overtime'] < 3 || $global_config['Update_Overtime'] > 60 ? 3 : $global_config['Update_Overtime']);
//远程获取
foreach($urls as $key => $url){
$Res = ccurl($url,$overtime);
$data = json_decode($Res["content"], true);
if($data["code"] == 200 ){ //如果获取成功
$data["time"] = time(); //记录当前时间
write_global_config($page.'_cache',json_encode($data),$fn.'_模板缓存');
break; //跳出循环.
}
}
//解析
foreach($data["data"] as $key){
$path = DIR.'/templates/'.$fn.'/'.$key["dir"];
if( is_dir($path) ) { //本地存在
$value = $key["dir"];
//检查是否可以更新
$update = str_replace('/','',$themes[$value]['info']['update']); //本地主题版本
$update_new = str_replace('/','',$key["update"]); //远程主题版本
if( $sysver >= intval($key["low"]) && $sysver <= intval($key["high"]) && $update < $update_new ){
$themes[$value]['info']['up'] = '1';
}
}else{
//判断是否适配当前系统版本
if( $sysver >= intval($key["low"]) && $sysver <= intval($key["high"]) ){
$value = $key["dir"];
$themes[$value]['info'] = json_decode(json_encode($key),true);
}
}
}
//来源策略 (用于Gitee作为图床反防盗链)
if(!empty($data['referrer'])){
define('referrer',$data['referrer']);
}
}
}
//不带参数是载入框架
if(empty($page)){
$site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));

618
system/api.php
View File

@@ -47,7 +47,7 @@ if(in_array($api_model,['compatible','compatible+open']) && in_array($method,$co
}
//站长相关方法名
$root = ['write_subscribe','write_sys_settings','write_default_settings','read_user_list','write_user_info','read_purview_list','read_users_list','write_users','read_regcode_list','write_regcode','other_upsys','read_log','other_root'];
$root = ['write_subscribe','write_sys_settings','write_default_settings','read_user_list','write_user_info','read_purview_list','read_users_list','write_users','read_regcode_list','write_regcode','other_upsys','read_log','other_root','other_services'];
if(in_array($method,$root)){
require('api_root.php');
//非站长接口则判断是否加载防火墙
@@ -288,6 +288,7 @@ function write_category(){
msg(-1,'操作类型错误');
}
//读链接列表
//读链接列表
function read_link_list(){
if($_GET['type'] == 'extend_list'){
@@ -307,7 +308,8 @@ function read_link_list(){
$page = empty(intval($_REQUEST['page'])) ? 1 : intval($_REQUEST['page']);
$limit = empty(intval($_REQUEST['limit'])) ? 50 : intval($_REQUEST['limit']);
$offset = ($page - 1) * $limit; //起始行号
$where = ["uid"=> UID];
$where = ["uid"=> UID,'fid[<=]'=>10000000];
//分类筛选
if(!empty($fid)){
$where['AND']['fid'] = $fid;
@@ -317,6 +319,12 @@ function read_link_list(){
// array_push($category,$fid);
// $where['AND']['fid'] = $category;
// }
}else{
//240405新增: 避免查找全部时将已停用分类下的链接显示出来
$category_where = ['uid'=>UID,'fid'=>0,'status'=>1];
$fid = select_db('user_categorys','cid', $category_where);
$category_where['fid'] = $fid;
$where['AND']['fid'] = array_merge ($fid,select_db('user_categorys','cid',$category_where));
}
//属性筛选
if($_POST['property']==='0' || $_POST['property'] ==='1'){$where['AND']['property'] = ($_POST['property'] == 1?1:0);}
@@ -378,7 +386,7 @@ function write_link(){
//检测链接是否合法
check_link($fid,$title,$url,$_POST['url_standby']);
//检查链接是否已存在
if(get_db('user_links','lid',['uid'=>UID ,"url" => $url])){
if(empty(get_db('user_config','v',['uid'=>UID ,'t'=>'config','k'=>'repeat_url'])) && has_db('user_links',['uid'=>UID ,"url" => $url])){
msg(-1,'链接已存在!');
}
//描述长度检测
@@ -398,7 +406,11 @@ function write_link(){
$tmp_path = $_SESSION['upload_images'][UID][$_POST['file']];
if(!empty($tmp_path) && is_file($tmp_path)){
$suffix = strtolower(end(explode('.',$tmp_path)));
$path = "./data/user/{$u}/favicon/{$lid}.{$suffix}";
$path = "./data/user/{$u}/favicon";
if(!Check_Path($path)){
msg(-1,'创建目录失败,请检查权限');
}
$path .= "/{$lid}.{$suffix}";
if(rename($tmp_path,$path)) { //移动文件到用户目录
$icon = $path;
}else{
@@ -526,36 +538,7 @@ function write_link(){
}
//扩展上传图片
}elseif($_GET['type'] == 'extend_up_img'){
//权限检测
if(!check_purview('Upload_icon',1)){
msg(-1,'您的用户组无权限上传图片');
}elseif(empty($_FILES["file"]) || $_FILES["file"]["error"] > 0){
msg(-1,'文件上传失败');
}
//取后缀并判断是否支持
$suffix = strtolower(end(explode('.',$_FILES["file"]["name"])));
if(!preg_match('/^(jpg|jpeg|png|ico|bmp|svg)$/',$suffix)){
@unlink($_FILES["file"]["tmp_name"]);
msg(-1,'文件格式不被支持!');
}
//限制文件大小
if(filesize($_FILES["file"]["tmp_name"]) > 1 * 1024 * 1024){
msg(-1,'文件大小超限');
}
//文件临时路径
$path = DIR . "/data/user/{$u}/upload";
//检测目录,不存在则创建!
if(!Check_Path($path)){
msg(-1,'创建upload目录失败,请检查权限');
}
$tmp_name = 'LE_'.uniqid().'.'.$suffix;
//移动文件
if(!move_uploaded_file($_FILES["file"]["tmp_name"],"{$path}/{$tmp_name}")) {
msg(-1,'上传失败,请检查目录权限');
}else{
msgA(['code'=>1,'msg'=>'上传成功','url'=>"./data/user/".U.'/upload/'.$tmp_name]);
}
msg_tip();
//删除图标
}elseif($_GET['type'] === 'del_images'){
@@ -610,7 +593,9 @@ function write_link(){
msg(-1,'关键字长度不能大于'.$length_limit['l_key'].'个字节');
}
//检查链接是否已存在
if(has_db('user_links',['uid'=>UID ,'lid[!]'=>$lid, "url" => $url])){msg(-1,'链接已存在!');}
if(empty(get_db('user_config','v',['uid'=>UID ,'t'=>'config','k'=>'repeat_url'])) && has_db('user_links',['uid'=>UID ,'lid[!]'=>$lid, "url" => $url])){
msg(-1,'链接已存在!');
}
//检查链接ID是否存在
if(!has_db('user_links',['uid'=>UID ,'lid'=>$lid])){msg(-1,'链接ID不存在!');}
@@ -744,195 +729,15 @@ function write_link(){
update_db('user_links',['fid'=>$fid],['uid'=>UID ,"lid" => json_decode($_POST['lid']) ],[1,'设置成功']);
//检测是否满足要求
}elseif($_GET['type'] === 'msg_pull_check'){
if($global_config['offline']){
msg(-1,"离线模式不可用");
}
if(!is_subscribe('bool')){
msg(-1,"未检测到有效授权,无法使用该功能!");
}
if(intval($_POST['icon']) > 0){
if(!check_purview('icon_pull',1)){
msg(-1,'您所在的用户组,无法使用网站图标获取功能');
}
$path = DIR ."/data/user/".U."/favicon";
if(!Check_Path($path)){
msg(-1,'创建目录失败,请检查目录权限');
}
$config = unserialize( get_db("global_config", "v", ["k" => "icon_config"])) ?? [];
if($config['o_switch'] == '0'){
msg(-1,'相关服务处于关闭状态,请联系站长开启');
}
}
session_start();
$key = md5(uniqid().Get_Rand_Str(8));
$_SESSION['msg_pull']["$key"] = true;
msgA(['code'=>1,'msg'=>'success','key'=>$key]);
msg_tip();
}elseif($_GET['type'] === 'msg_pull'){
session_start();
$key = $_POST['key'];
if(empty($key) || !$_SESSION['msg_pull']["$key"]){
msg(-1,'key验证失败,请重试!');
}elseif(empty($_POST['link_id'])){
msg(-1,'链接ID不能为空');
}
//读取信息
$link = get_db('user_links','*',['uid'=>UID ,'lid'=>$_POST['link_id'] ]);
//检查链接
if(empty($link)){
msg(-1,'链接ID不存在');
}elseif(!preg_match("/^(http:\/\/|https:\/\/).*/",$link['url'])){
msg(-1,'只支持识别http/https协议的链接!');
}elseif( !filter_var($link['url'], FILTER_VALIDATE_URL) ) {
msg(-1,'URL无效!');
}
//是否获取站点信息
if( ( intval($_POST['title']) + intval($_POST['keywords']) + intval($_POST['description']) ) > 0 ){
//读取长度限制配置
$length_limit = unserialize(get_db("global_config","v",["k"=>"length_limit"]));
//获取网站标题
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $link['url']);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($c, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($c, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36');
curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($c , CURLOPT_TIMEOUT, 10);
$data = curl_exec($c);
curl_close($c);
require (DIR .'/system/get_page_info.php');
$info = get_page_info($data);
$new = [];
if(intval($_POST['title']) > 0 && !empty($info['site_title'])){
$new['title'] = $info['site_title'];
if($length_limit['l_name'] > 0 && strlen($new['title']) > $length_limit['l_name'] ){
$new['title'] = mb_substr($new['title'], 0, $length_limit['l_name'], 'utf-8');
}
}
if(intval($_POST['keywords']) > 0 && !empty($info['site_keywords'])){
$new['keywords'] = (empty($link['keywords']) || $_POST['keywords'] == '2') ? $info['site_keywords'] : $link['keywords'];
if($length_limit['l_key'] > 0 && strlen($new['keywords']) > $length_limit['l_key'] ){
$new['keywords'] = mb_substr($new['keywords'], 0, $length_limit['l_key'], 'utf-8');
}
}
if(intval($_POST['description']) > 0 && !empty($info['site_description'])){
$new['description'] = (empty($link['description']) || $_POST['description'] == '2') ? $info['site_description'] : $link['description'];
if($length_limit['l_desc'] > 0 && strlen($new['description']) > $length_limit['l_desc'] ){
$new['description'] = mb_substr($new['description'], 0, $length_limit['l_desc'], 'utf-8');
}
}
if(empty($new)){
$r['info'] = 'fail';
}else{
update_db('user_links',$new,['uid'=>UID ,"lid" => $link['lid'] ]);
$r['info'] = 'success';
}
}
//是否获取图标
if(intval($_POST['icon']) > 0){
//检查跳过已存在图标的链接
if($_POST['icon'] == '1' && !empty($link['icon'])){
$r['icon'] = 'skip';
}
$api = Get_Index_URL().'?c=icon&url='.base64_encode($link['url']);
$res = ccurl($api,30,true);
$data = get_db('global_icon','*',['url_md5'=>md5($link['url'])]);
if(empty($data)){
$r['icon'] = 'fail';
}
$new_path = "./data/user/".U.'/favicon/'.$data['file_name'];
if(copy("./data/icon/{$data['file_name']}",$new_path)){
update_db('user_links',['icon'=>$new_path],['uid'=>UID ,"lid" => $link['lid'] ]);
$r['icon'] = 'success';
}else{
$r['icon'] = 'fail';
}
}
msg(1,$r);
msg_tip();
//图标拉取
}elseif($_GET['type'] === 'icon_pull'){
if($global_config['offline']){
msg(-1,"离线模式不可用");
}
if(!is_subscribe('bool')){
msg(-1,"未检测到有效授权,无法使用该功能!");
}
if(!check_purview('icon_pull',1)){
msg(-1,'无权限');
}
$link = get_db('user_links','*',['uid'=>UID,'lid'=>$_POST['id']]);
if(empty($link)){
msg(-1,'请求的链接id不存在');
}
$path = DIR ."/data/user/".U."/favicon";
if(!Check_Path($path)){
msg(-1,'创建目录失败,请检查权限');
}
//检查配置
$config = unserialize( get_db("global_config", "v", ["k" => "icon_config"])) ?? [];
if($config['o_switch'] == '0'){
msg(-1,'相关服务处于关闭状态,请联系站长开启');
}
//跳过存在图标的链接
if(empty($_POST['cover']) && !empty($link['icon'])){
msg(1,'skip');
}
$api = Get_Index_URL().'?c=icon&url='.base64_encode($link['url']);
$res = ccurl($api,30,true);
$data = get_db('global_icon','*',['url_md5'=>md5($link['url'])]);
if(empty($data)){
msg(1,'fail');
}
$new_path = "./data/user/".U.'/favicon/'.$data['file_name'];
if(copy("./data/icon/{$data['file_name']}",$new_path)){
update_db('user_links',['icon'=>$new_path],['uid'=>UID ,"lid" => $_POST['id'] ],[1,'success']);
}
msg(1,'fail');
msg_tip();
}elseif($_GET['type'] == 'extend_list'){
if($GLOBALS['global_config']['link_extend'] != 1 ||!check_purview('link_extend',1)){
msg(-1,'无权限');
}
$lists = json_decode($_POST['list'],true);
$weight = [];
foreach ($lists as $data ){
if(empty($data['weight']) || !preg_match('/^\d$/', $data['weight'])){
msgA( ['code' => -1,'msg' => '序号错误,请输入正整数'] );
}
if(empty($data['title']) || check_xss($data['title'])){
msgA( ['code' => -1,'msg' => '标题不能为空'] );
}
if(empty($data['name']) || check_xss($data['name']) || !preg_match('/^[A-Za-z0-9]{3,18}$/',$data['name'])){
msgA( ['code' => -1,'msg' => '字段名错误,请输入长度3-18的字母/数字'] );
}
if(!in_array($data['type'],['text','textarea','up_img'])){
msgA( ['code' => -1,'msg' => '类型错误'] );
}
}
if(is_Duplicated($lists,'weight')){
msg(-1,'序号不能重复');
}elseif(is_Duplicated($lists,'title')){
msg(-1,'标题不能重复');
}elseif(is_Duplicated($lists,'name')){
msg(-1,'字段名不能重复');
}
$datas = [];
foreach ($lists as $key => $data ){
array_push($datas,['title'=>$data['title'],'name'=>$data['name'],'weight'=>$data['weight'],'type'=>$data['type'],'default'=> "{$data['default']}",'tip'=>$data['tip']]);
}
//根据序号排序
usort($datas, function($a, $b) {
return $a['weight'] - $b['weight'];
});
write_user_config('s_extend_list',$datas,'config','链接扩展字段');
msgA( ['code' => 1,'msg' => '保存成功','datas'=>$datas] );
msg_tip();
}
msg(-1,'操作类型错误');
@@ -949,6 +754,7 @@ function write_security_setting(){
}
$datas = [
'admin_inlet'=>['v'=>['display','hide','condition1'],'msg'=>'管理入口参数错误'],
'Session'=>['int'=>true,'min'=>0,'max'=>360,'msg'=>'登录保持参数错误'],
'HttpOnly'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'HttpOnly参数错误'],
'KeySecurity'=>['int'=>true,'min'=>0,'max'=>2,'msg'=>'Key安全参数错误'],
@@ -991,145 +797,18 @@ function write_security_setting(){
//写收录配置
function write_apply(){
global $global_config;
if($global_config['apply'] != 1){
msg(-1,'管理员禁止了此功能!');
}
if($_GET['type'] == 'set'){
$s['apply'] = intval($_POST['apply']); // 功能选项0.关闭 1.需要审核 2.无需审核
$s['Notice'] = $_POST['Notice']??''; // 公告
$s['submit_limit'] = intval($_POST['submit_limit']); //提交限制
$s['iconurl'] = $_POST['iconurl'];
$s['description'] = $_POST['description'];
$s['email'] = $_POST['email'];
if($s['apply'] < 0 || $s['apply'] > 2 ){
msg(-1,'参数错误!');
}elseif(strlen($s['Notice']) > 512){
msg(-1,'公告长度超限!');
}if(empty($_POST['submit_limit']) || !preg_match("/^\d*$/",$_POST['submit_limit'])){
msg(-1,'提交限制必须为正整数!');
}
write_user_config('apply',$s,'config','收录配置');
msg(1,'保存成功');
}elseif($_GET['type'] == '2'){ //通过
$id = intval($_POST['id']);
$link = get_db("user_apply","*",["uid"=>UID,"id"=> $id ]);
if(empty($id)){
msg(-1,'id错误');
}elseif(empty($link['category_id'])){
msg(-1,'分类id错误');
}elseif(empty($link['title'])){
msg(-1,'标题不能为空');
}elseif(empty($link['url'])){
msg(-1,'链接不能为空');
}elseif($link['state'] != 0){
msg(-1,'此申请信息不是待审核状态!');
}elseif(!empty(get_db('user_links','*',['uid'=>UID,'url'=>$link['url']]))){
msg(-1,'链接已存在');
}
check_link($link['category_id'],$link['title'],$link['url'],''); //检测链接是否合法
$lid = get_maxid('link_id');
$data = [
'lid' => $lid,
'uid' => UID,
'fid' => $link['category_id'],
'title' => $link['title'],
'url' => $link['url'],
'description' => $link['description'],
'add_time' => time(),
'up_time' => time(),
'icon' => $link['iconurl']
];
insert_db('user_links',$data);//插入链接
update_db('user_apply',['state'=>1],['uid'=>UID,'id'=>$id]);//更新状态
msg(1,'操作成功');
}elseif($_GET['type'] == '3'){ //拒绝
update_db('user_apply',['state'=>2],['uid'=>UID,'id'=>intval($_POST['id'])],[1,'操作成功']);//更新状态
}elseif($_GET['type'] == '4'){ //删除
delete_db('user_apply',['uid'=>UID,'id'=>intval($_POST['id'])],[1,'操作成功']);
}elseif($_GET['type'] == 'empty'){ //清空
delete_db('user_apply',['uid'=>UID],[1,'操作成功']); //删除
}elseif($_GET['type'] == 'edit'){ //编辑
$id = intval($_POST['id']);
$link = get_db("user_apply","*",["uid"=>UID,"id"=> $id]);
if(empty($id)){
msg(-1,'id错误');
}elseif(empty($link)){
msg(-1,'未找到数据');
}
$category_id = intval($_POST['edit_category']);
$category_name = get_db("user_categorys","name",["uid"=>UID,"cid"=> $category_id ]);
if(empty($category_name)){
msg(-1,'未找到分类');
}
$data = [
'category_id' => $category_id,
'category_name' => $category_name,
'title' => htmlspecialchars($_POST['title'],ENT_QUOTES),
'url' => $_POST['url'],
'description' => htmlspecialchars($_POST['description'],ENT_QUOTES),
'iconurl' => $_POST['iconurl']
];
update_db('user_apply',$data,['uid'=>UID,'id'=>intval($_POST['id'])]);
msg(1,'修改成功');
}
msg(-1,'不支持的操作类型');
msg_tip();
}
//读收录列表
function read_apply_list(){
$page = empty(intval($_REQUEST['page'])) ? 1 : intval($_REQUEST['page']);
$limit = empty(intval($_REQUEST['limit'])) ? 50 : intval($_REQUEST['limit']);
$offset = ($page - 1) * $limit; //起始行号
$where["uid"] = UID;
//统计条数
$count = count_db('user_apply',$where);
//权重排序(数字小的排前面)
$where['ORDER']['id'] = 'DESC';
//分页
$where['LIMIT'] = [$offset,$limit];
//查询
$datas = select_db('user_apply','*',$where);
msgA(['code'=>1,'msg'=>'获取成功','count'=>$count,'data'=>$datas]);
msg_tip();
}
//写站点设置
function write_site_setting(){
//图标上传
if(!empty($_FILES["file"])){
check_purview('Upload_icon',2);
if ($_FILES["file"]["error"] > 0){
msg(-1,'文件上传失败,error:'.$_FILES["file"]["error"]);
}
//获取文件名后缀
$suffix = strtolower(end(explode('.',$_FILES["file"]["name"])));
if(!preg_match('/^(jpg|jpeg|png|bmp|gif|ico|svg)$/',$suffix)){
@unlink($_FILES["file"]["tmp_name"]);
msg(-1,'文件上传失败,文件格式不被支持!');
}
//文件路径
$path = 'data/user/'.U.'/favicon/favicon.'.$suffix;
//检查并创建目录
if(!Check_Path(dirname($path))){
msg(-1,'创建目录失败,请检查权限');
}
$site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
//存在旧图标则先删除
if(!empty($site['site_icon_file']) && is_file($site['site_icon_file'])){
@unlink($site['site_icon_file']);
}
//转移临时文件
if(move_uploaded_file($_FILES["file"]["tmp_name"],$path)) {
$site['site_icon_file'] = 'data/user/'.U.'/favicon/favicon.'.$suffix; //储存路径
$site['site_icon'] = './'.$site['site_icon_file']; //前端请求路径
update_db("user_config", ["v" =>$site], ['uid'=>UID,'k'=>'s_site'],[1,'上传成功']);
}else{
msg(-1,'上传失败,请检查目录权限');
}
msg_tip();
}
check_purview('site_info',2);
if(!empty($_POST['custom_header']) && !check_purview('header',1)){
@@ -1147,6 +826,7 @@ function write_site_setting(){
'link_model'=>['v'=>['direct','Privacy','Privacy_js','Privacy_meta','301','302','Transition'],'msg'=>'链接模式参数错误'],
'main_link_priority'=>['int'=>true,'min'=>0,'max'=>3,'msg'=>'主链优先参数错误'],
'link_icon'=>['int'=>true,'min'=>0,'max'=>30,'msg'=>'链接图标参数错误'],
'repeat_url'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'重复链接参数错误'],
'site_icon'=>['empty'=>true],
'top_link'=>['int'=>true,'min'=>0,'max'=>100,'msg'=>'热门链接参数错误'],
'new_link'=>['int'=>true,'min'=>0,'max'=>100,'msg'=>'最新链接参数错误'],
@@ -1172,6 +852,7 @@ function write_site_setting(){
@unlink($site['site_icon_file']);
$s_site['site_icon_file'] = '';
}
write_user_config('repeat_url',$_POST['repeat_url'],'config','重复链接');
update_db("user_config",["v"=>$s_site],["k"=>'s_site',"uid"=>UID],[1,'保存成功']);
}
//写过渡页配置
@@ -1333,36 +1014,13 @@ function read_pwd_group_list(){
}
//写加密分组 考虑要不要限制特殊字符
function write_pwd_group(){
check_purview('link_pwd',2);
if($_GET['type'] === 'del'){
//判断有没有被使用
if(!empty(get_db('user_links','id',['uid'=>UID,'pid'=>intval($_POST['pid'])]))){
msg(-1,'正在被链接使用,无法删除!');
}else if(!empty(get_db('user_categorys','id',['uid'=>UID,'pid'=>intval($_POST['pid'])]))){
msg(-1,'正在被分类使用,无法删除!');
}
delete_db('user_pwd_group',['uid'=>UID,'pid'=>intval($_POST['pid'])],[1,'删除成功']);
}elseif($_GET['type'] == 'add'){
//$pid = intval(max_db('user_pwd_group','pid',['uid'=>UID])) +1;
$pid = get_maxid('pwd_group_id');
insert_db('user_pwd_group',['name' => $_POST['name'],'password' =>$_POST['password'],'description'=>$_POST['description'],'uid'=>UID,'pid'=>$pid],[1,'操作成功']);
}elseif($_GET['type'] === 'edit'){
update_db('user_pwd_group',['name' => $_POST['name'],'password' =>$_POST['password'],'description'=>$_POST['description']],['uid'=>UID,'pid'=>intval($_POST['pid'])],[1,'操作成功']);
}
msgA(['code' => 1 ,'msg'=> '1111']);
msg_tip();
}
//检测链接是否有效
function other_testing_link(){
global $global_config;
if ( $global_config['offline'] == '1'){ msg(-1,"离线模式无法使用此功能"); }
$code = get_http_code($_POST['url']);
if($code != 200 && $code != 302 && $code != 301){
$code = ccurl($_POST['url'],30)['code'];
}
msgA(['code' => 0 ,'StatusCode'=> $code]);
msg_tip();
}
//读主题信息
@@ -1420,13 +1078,7 @@ function read_theme(){
//在线主题处理
if ( !$global_config['offline'] && $USER_DB['UserGroup'] === 'root'){
if(preg_match('/^v.+-(\d{8})$/i',SysVer,$matches)){
$sysver = intval( $matches[1] );//取版本中的日期
}else{
msg(-1,'获取程序版本异常');
}
$sysver = get_SysVer();
//读取缓存
$page = 'theme_'.$request_dir;
$template = get_db('global_config','v',['k'=>$page.'_cache']);
@@ -1436,10 +1088,7 @@ function read_theme(){
//没有缓存 或 禁止缓存 或 缓存过时
if(empty($template) || $_GET['cache'] === 'no' || time() - $data["time"] > 1800 ){
$urls = [
"lm21" => "https://update.lm21.top/TwoNav/{$request_dir}_template.json",
"gitee" => "https://gitee.com/tznb/twonav_updata/raw/master/{$request_dir}_template.json"
];
$urls = ["gitee" => "http://gitee.com/tznb/TwoNav_Resource/raw/master/{$request_dir}_template.json"];
$Source = $global_config['Update_Source'] ?? '';
if (!empty($Source) && isset($urls[$Source])) {
$urls = [$Source => $urls[$Source]];
@@ -1450,7 +1099,7 @@ function read_theme(){
//读取超时参数
$overtime = !isset($global_config['Update_Overtime']) ? 3 : ($global_config['Update_Overtime'] < 3 || $global_config['Update_Overtime'] > 60 ? 3 : $global_config['Update_Overtime']);
//远程获取
foreach($urls as $key => $url){
foreach($urls as $key => $url){
$Res = ccurl($url,$overtime);
$data = json_decode($Res["content"], true);
if($data["code"] == 200 ){ //如果获取成功
@@ -1481,91 +1130,36 @@ function read_theme(){
}
//取正在使用的模板
$s_templates = unserialize(get_db("user_config", "v", ["uid"=>UID,"k"=>"s_templates"]));
if($request_dir == 'home'){
$current['home_pad'] = $s_templates['home_pad'] ?? 'default';
$current['home_pc'] = $s_templates['home_pc'] ?? 'default';
if(in_array($request_dir,['register','guide'])){
$global_templates = unserialize(get_db("global_config",'v', ["k" => "s_templates"]));
$current[$request_dir] = $global_templates[$request_dir] ?? 'default';
}else{
$current[$request_dir] = $s_templates[$request_dir] ?? 'default';
$s_templates = unserialize(get_db("user_config", "v", ["uid"=>UID,"k"=>"s_templates"]));
if($request_dir == 'home'){
$current['home_pad'] = $s_templates['home_pad'] ?? 'default';
$current['home_pc'] = $s_templates['home_pc'] ?? 'default';
}else{
$current[$request_dir] = $s_templates[$request_dir] ?? 'default';
}
}
$themes = filter($themes);
msgA(['code'=>1,'data'=>$themes,'current'=>$current,'referrer'=>($data['referrer'] ?? '')]);
}
function msg_tip(){
if(is_subscribe()){
msg(-1,'请前往概要页面更新系统,未提示更新则尝试刷新页面<br />更新后即可解锁全部功能,如有疑问请联系客服');
}
msg(-1,'免费版不支持此功能<br /> <a href="https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968669&doc_id=3767990" target="_blank" style="color: #1e9fff;">点击此处前往购买页面</a>');
}
//主题下载/更新/删除
function write_theme(){
global $global_config;
$fn = $_POST['fn'];if($_GET['type'] != 'config' && !in_array($fn,['home','login','transit','register','guide','article','verify','guestbook','apply'])){msg(-1,'fn参数错误');}
if($_GET['type'] == 'download'){
is_root();
if($global_config['offline']){msg(-1,"离线模式禁止下载主题!");} //离线模式
if(!is_subscribe('bool')){msg(-1,"未检测到有效授权,无法使用该功能!");}
$dir = $_POST['dir'];
$name = $_POST['name'];
if(preg_match('/^v.+-(\d{8})$/i',SysVer,$matches)){
$sysver = intval( $matches[1] );
}else{
msg(-1,"获取程序版本异常");
}
if(!is_writable('./templates')){
msg(-1,"检测到模板目录不可写<br />请检查templates目录权限<br />宝塔面板请注意所有者为www<br />其他疑问请联系技术支持");
}
//从数据库查找主题信息
$template = get_db('global_config','v',['k'=> 'theme_'.$fn.'_cache']);
if(empty($template)){
msg(-1,'-1,未找到数据');
}else{
$data = json_decode($template, true); //转为数组
foreach($data["data"] as $key){
if( $key['dir'] === $dir && $sysver >= intval($key["low"]) && $sysver <= intval($key["high"])){
$file = $key['dir'].".tar.gz";
$filePath = DIR."/data/temp/{$file}";
break; //找到跳出
}
}
if(empty($file)){
msg(-1,'-2,未找到数据');
}
}
//下载主题包
if(!is_dir('./data/temp')) mkdir('./data/temp',0755,true) or msg(-1,'下载失败,创建临时[/data/temp]目录失败');
if(!is_writable('./data/temp')){
msg(-1,"检测到临时目录不可写<br />请检查data/temp目录权限<br />宝塔面板请注意所有者为www<br />其他疑问请联系技术支持");
}
$data = $key;
foreach($data['url'] as $url){
if(downFile( $url , $file , DIR.'/data/temp/')){
$file_md5 = md5_file($filePath);
if($file_md5 === $data['md5']){
$downok = true;
break;//下载成功,跳出循环!
}else{
unlink($filePath);
}
}
}
//判断下载结果
if(!$downok || !file_exists($filePath)){
msg(-1,'-1,下载失败');
}elseif($file_md5 != $data['md5']){
msgA(['code'=>-1,'msg'=> '效验压缩包异常','Correct_md5'=> $data['md5'],'file_md5'=>$file_md5]);
}
//解压主题包
try {
$phar = new PharData($filePath);
$phar->extractTo(DIR.'/templates/'.$fn, null, true); //路径 要解压的文件 是否覆盖
unlink($filePath);//删除文件
} catch (Exception $e) {
msg(-1,'解压主题包失败');
}
//检查结果并返回
if(file_exists(DIR."/templates/$fn/".$data['dir']."/info.json")){
msgA(['code'=>1,'msg'=> '下载成功']);
}else{
msgA(['code'=>-1,'msg'=> '解压后未找到主题信息','url'=> $url,'file_md5'=>$file_md5]);
}
msg_tip();
//删除主题
}elseif($_GET['type'] == 'del'){
is_root();
@@ -1619,9 +1213,17 @@ function write_theme(){
}
}else{
$s_templates[$fn] = $name;
if($fn == 'transit'){
$site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
if($site['link_model'] != 'Transition'){
$site['link_model'] = 'Transition';
update_db("user_config",["v"=>$site],["k"=>'s_site',"uid"=>UID]);
$msg = ',已同步链接模式为过渡页面';
}
}
}
//更新数据
update_db('user_config',['v'=>$s_templates],['uid'=>UID,'k'=>'s_templates'],[1,'设置成功']);
update_db('user_config',['v'=>$s_templates],['uid'=>UID,'k'=>'s_templates'],[1,"设置成功{$msg}"]);
//配置主题信息
}elseif($_GET['type'] == 'config'){
@@ -1641,7 +1243,11 @@ function write_theme(){
msg(-1,"参数错误");
}
//0420 END
write_user_config($_GET['t'],$_POST,'theme_' . $fn,'主题配置');
if(in_array($fn,['guide','register'])){
write_global_config("theme_{$fn}_{$_GET['t']}",$_POST,'主题配置');
}else{
write_user_config($_GET['t'],$_POST,'theme_' . $fn,'主题配置');
}
msg(1,"保存成功!");
}
}
@@ -1837,7 +1443,7 @@ function read_data(){
msg(1,'您已开启离线模式,无法使用该功能!');
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $_POST['url']);
curl_setopt($ch, CURLOPT_URL, 'https://gitee.com/tznb/TwoNav_Resource/raw/master/connectivity_test.txt');
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
@@ -1868,8 +1474,8 @@ function read_data(){
$php_version = floatval(PHP_VERSION);
$log .= "PHP版本{$php_version}\n";
$log .= "Web版本{$_SERVER['SERVER_SOFTWARE']}\n";
if( ( $php_version < 7.3 ) || ( $php_version > 8.2 ) ) {
$log .= "PHP版本不满足要求,支持范围7.3 - 8.2 )\n";
if( $php_version < 7.3 ) {
$log .= "PHP版本不满足要求,要求不低于7.3\n";
}
//获取加载的模块
$ext = get_loaded_extensions();
@@ -1880,7 +1486,8 @@ function read_data(){
$log .= "SQLite".(is_writable($db_config['path'])?'数据库读写正常':'数据库只读(请将权限设为755)')."\n";
}elseif($db_config['type'] == 'mysql'){
$log .= "MySQL".$db->info ()['version']."\n";
}elseif($db_config['type'] == 'mariadb'){
$log .= "MariaDB".$db->info ()['version']."\n";
}
$path = './data/test_'.time().'.txt';
@@ -1915,6 +1522,8 @@ function read_data(){
$log .= in_array("Phar",$ext) ? "" : "Phar不支持 (在线更新/主题下载)\n";
$log .= in_array("hash",$ext) ? "" : "hash不支持 (书签分享/生成注册码)\n";
$log .= in_array("session",$ext) ? "" : "session不支持 (影响较大)\n";
$log .= in_array("intl",$ext) ? "" : "intl不支持 (使用中文域名时可能会导致异常)\n";
$log .= $GLOBALS['global_config']['offline'] == '1' ? "离线模式:已开启,会导致无法更新系统/下载主题模板等\n" : "";
$log .= "可用模块:".implode("&#12288;",$ext)."\n";
$updatadb_logs = select_db('updatadb_logs','file_name',['file_name[!]'=>'install.sql']);
$log .= "数据库更新记录:".(empty($updatadb_logs)?'无':"\n".implode("\n",$updatadb_logs))."\n";
@@ -1959,12 +1568,10 @@ function read_data(){
$date = date('Ymd', strtotime("-$i days"));
$dates[] = $date;
}
$dates = array_reverse($dates);
$day_data = [];
foreach ($dates as $date) {
$list = get_db('user_count', 'e', ['uid' => UID, 'k' => $date, 't' => 'ip_list']);
$list = unserialize($list);
$list = select_db('user_count','e',['uid'=>UID,'k'=>$date,'t'=>'access_ip']);
$day_data[$date] = empty($list) ? [] : $list ;
}
msgA(['code'=>1,'data'=>$day_data]);
@@ -1991,15 +1598,15 @@ function read_data(){
//扩展功能
$extend = [];
if($global_config['apply'] == 1 && check_purview('apply',1)){
//if($global_config['apply'] == 1 && check_purview('apply',1)){
array_push($extend,['title'=>'收录管理','href'=>'expand/apply-admin','icon'=>'fa fa-pencil']);
}
if($global_config['guestbook'] == 1 && check_purview('guestbook',1)){
//}
//if($global_config['guestbook'] == 1 && check_purview('guestbook',1)){
array_push($extend,['title'=>'留言管理','href'=>'expand/guestbook-admin','icon'=>'fa fa-commenting-o']);
}
if($global_config['article'] > 0 && check_purview('article',1)){
//}
//if($global_config['article'] > 0 && check_purview('article',1)){
array_push($extend,['title'=>'文章管理','href'=>'expand/article-list','icon'=>'fa fa-file-text-o']);
}
//}
if(!empty($extend)){
$extend = ['title'=>'扩展功能','icon'=>'fa fa-folder-open-o','href'=>'','child'=> $extend];
array_push($menu,$extend);
@@ -2019,7 +1626,8 @@ function read_data(){
]
]);
}
$init = array( 'homeInfo'=>['title'=>'概要','href'=>'home'],'logoInfo'=>['title'=>'TwoNav','image'=>'./templates/admin/img/logo.png','href'=>'./?u='.U],'menuInfo'=>$menu);
$logo_url = static_link ? get_surl('{UUID}.html'):"./?u={$USER_DB['User']}";
$init = array( 'homeInfo'=>['title'=>'概要','href'=>'home'],'logoInfo'=>['title'=>'TwoNav','image'=>'./templates/admin/img/logo.png','href'=>$logo_url],'menuInfo'=>$menu);
msgA($init);
}
}
@@ -2041,60 +1649,7 @@ function write_article(){
}
//百度推送
function other_baidu_push(){
global $u,$global_config;
if ( $global_config['offline'] == '1'){
msg(-1,"离线模式无法使用此功能");
}
if(!is_subscribe('bool')){
msg(-1,"未检测到有效授权,无法使用该功能!");
}
if(empty($_POST['push_api'])){
msg(-1,'请输入接口地址');
}
if(empty($_POST['id'])){
msg(-1,'请提交链接ID');
}
$host = $_SERVER['HTTP_HOST']; // 获取主机名
$port = isset($_SERVER['SERVER_PORT']) ? ($_SERVER['SERVER_PORT'] == 80 ? '' : ':'.$_SERVER['SERVER_PORT']) : ''; // 获取端口号
$scheme = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https://' : 'http://'; // 获取协议
$host = $scheme.$host.$port;
$ids = json_decode($_POST['id']) ?? 0;
if(count($ids)<1){
msg(-1,'解析数据失败,请检查格式是否正确');
}
$urls=[];
if($_POST['type'] == 'link'){
foreach($ids as $id){
$urls[] = "{$host}/{$u}/click/{$id}.html";
}
}elseif($_POST['type'] == 'article'){
foreach($ids as $id){
$urls[] = "{$host}/{$u}/article/{$id}.html";
}
}else{
msg(-1,'无效类型');
}
if(!empty($urls)){
$api = $_POST['push_api'];
write_user_config('baidu_push_api',$api,'config','百度推送API');
$ch = curl_init();
$options = array(
CURLOPT_URL => $api,
CURLOPT_POST => true,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POSTFIELDS => implode("\n", $urls),
CURLOPT_HTTPHEADER => array('Content-Type: text/plain'),
);
curl_setopt_array($ch, $options);
$result = curl_exec($ch);
$result = json_decode($result,true) ?? '';
if(empty($result)){
msg(-1,'推送失败');
}else{
msgA(['code'=>curl_getinfo($ch, CURLINFO_HTTP_CODE),'data'=>$result]);
}
}
msg(-1,'未检测到有效授权,无法使用该功能');
}
//获取链接信息
function other_get_link_info(){
@@ -2106,9 +1661,8 @@ function other_get_link_info(){
msg(-1010,'URL不能为空!');
}elseif(!preg_match("/^(http:\/\/|https:\/\/).*/",$url)){
msg(-1010,'只支持识别http/https协议的链接!');
}elseif( !filter_var($url, FILTER_VALIDATE_URL) ) {
msg(-1010,'URL无效!');
}
$url = process_url_idn($url);
//获取网站标题 (HTML/JS跳转无法识别)
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $url);

206
system/api_article.php
View File

@@ -4,219 +4,17 @@ $type = htmlspecialchars(trim($_GET['type']),ENT_QUOTES);
if (function_exists($type) ) {
if($GLOBALS['global_config']['article'] < 1 || !check_purview('article',1)){
msg(-1,'无权限');
msg_tip();
}
$type();
}else{
Amsg(-1,'请求类型错误 >> '.$type);
}
//上传图片
function uploadImage(){
global $u;
//权限检测
if(!check_purview('article_image',1)){
msgA(['errno'=>-1,'message'=>'您的用户组无权限上传图片']);
}elseif(empty($_FILES["file"]) || $_FILES["file"]["error"] > 0){
msgA(['errno'=>-1,'message'=>'文件上传失败']);
}
//取后缀并判断是否支持
$suffix = strtolower(end(explode('.',$_FILES["file"]["name"])));
if(!preg_match('/^(jpg|png|gif|bmp|jpeg|svg|webp)$/',$suffix)){
@unlink($_FILES["file"]["tmp_name"]);
msgA(['errno'=>-1,'message'=>'文件格式不被支持']);
}
//限制文件大小
if(filesize($_FILES["file"]["tmp_name"]) > 5 * 1024 * 1024){
msgA(['errno'=>-1,'message'=>'文件大小超限']);
}
//文件临时路径
$ym = date("Ym");
$path = DIR . "/data/user/{$u}/upload/{$ym}/";
//检测目录,不存在则创建!
if(!Check_Path($path)){
msgA(['errno'=>-1,'message'=>'创建upload目录失败,请检查权限']);
}
$tmp_name = 'AI_'.uniqid().'.'.$suffix;
//移动文件
if(!move_uploaded_file($_FILES["file"]["tmp_name"],"{$path}/{$tmp_name}")) {
msgA(['errno'=>-1,'message'=>'上传失败,请检查目录权限']);
}else{
msgA(['errno'=>0,'data'=>['url'=>"./data/user/{$u}/upload/{$ym}/$tmp_name",'alt'=>$_FILES["file"]["name"],'href'=>''],'message'=>'上传成功']);
}
}
//删除图片
function deleteImage(){
global $u;
if(empty($_POST['path'])){
msg(-1,'请求参数错误');
}
$path = $_POST['path'];
$pattern = "/^\.\/data\/user\/{$u}\/upload\/\d{6}\/AI_[A-Za-z0-9_]+\.(jpg|png|gif|bmp|jpeg|svg|webp)$/i";
if(preg_match($pattern,$path) && is_file($path)){
@unlink($path);
}else{
msg(-1,'请求参数错误');
}
//需考虑编辑文章删除封面时未点击保存的情况
if(is_file($path)){
msg(-1,'删除失败');
}else{
msg(1,'删除成功');
}
}
//上传视频
function uploadVideo(){
msgA(['errno'=>-1,'message'=>'未开放']);
global $u;
//权限检测
if(!check_purview('article_image',1)){
msgA(['errno'=>-1,'message'=>'您的用户组无权限上传视频']);
}elseif(empty($_FILES["file"]) || $_FILES["file"]["error"] > 0){
msgA(['errno'=>-1,'message'=>'文件上传失败']);
}
//取后缀并判断是否支持
$suffix = strtolower(end(explode('.',$_FILES["file"]["name"])));
if(!preg_match('/^(avi|mp4|wma|rmvb|rm|flash|3gp|flv)$/',$suffix)){
@unlink($_FILES["file"]["tmp_name"]);
msgA(['errno'=>-1,'message'=>'文件格式不被支持']);
}
//限制文件大小
if(filesize($_FILES["file"]["tmp_name"]) > 20 * 1024 * 1024){
msgA(['errno'=>-1,'message'=>'文件大小超限']);
}
//文件临时路径
$ym = date("Ym");
$path = DIR . "/data/user/{$u}/upload/{$ym}/";
//检测目录,不存在则创建!
if(!Check_Path($path)){
msgA(['errno'=>-1,'message'=>'创建upload目录失败,请检查权限']);
}
$tmp_name = 'AV_'.uniqid().'.'.$suffix;
//移动文件
if(!move_uploaded_file($_FILES["file"]["tmp_name"],"{$path}/{$tmp_name}")) {
msgA(['errno'=>-1,'message'=>'上传失败,请检查目录权限']);
}else{
msgA(['errno'=>0,'data'=>['url'=>"./data/user/{$u}/upload/{$ym}/$tmp_name",'alt'=>$_FILES["file"]["name"],'href'=>''],'message'=>'上传成功']);
}
}
//获取文章列表
function article_list(){
$where['uid'] = UID;
//分类筛选
if(intval(@$_POST['category']) > 0){
$where['AND']['category'] = intval(@$_POST['category']);
}
//状态筛选
if(intval(@$_POST['state']) > 0){
$where['AND']['state'] = intval(@$_POST['state']);
}
//关键字筛选
$query = $_POST['keyword'];
if(!empty($query)){
$where['AND']['OR'] = ["title[~]" => $query,"summary[~]" => $query,"content[~]" => $query];
}
//统计条数
$count = count_db('user_article_list',$where);
//分页
$page = empty(intval($_REQUEST['page'])) ? 1 : intval($_REQUEST['page']);
$limit = empty(intval($_REQUEST['limit'])) ? 50 : intval($_REQUEST['limit']);
$offset = ($page - 1) * $limit; //起始行号
$where['LIMIT'] = [$offset,$limit];
$datas = select_db('user_article_list',['id','title','category','state','password','top','add_time','up_time','browse_count','summary','cover'],$where);
//查询分类
$categorys = select_db('user_categorys',['cid(id)','name'],['uid'=>UID]);
$categorys = array_column($categorys,'name','id');
//为文章添加分类名称
foreach ($datas as &$data) {
$data['category_name'] = $categorys[$data['category']] ?? 'Null';
}
msgA(['code'=>1,'count'=>$count,'data'=>$datas]);
}
//保存文章
function save_article(){
if(empty($_POST['category']) || !has_db('user_categorys',['uid'=>UID,'cid'=>$_POST['category']])){
msg(-1,'分类不存在');
}
$time = time();
//id为空,添加文章
if(empty($_POST['id'])){
insert_db('user_article_list',[
'uid'=>UID,
'title'=>$_POST['title'],
'category'=>$_POST['category'],
'state'=>$_POST['state'],
'password'=>'',
'top'=>0,
'add_time'=>$time,
'up_time'=>$time,
'browse_count'=>0,
'summary'=>$_POST['summary'],
'content'=>$_POST['content'],
'cover'=>$_POST['cover_url'],
'extend'=>''
],[1,'保存成功']);
//存在id,更新文章数据
}else{
if(!has_db('user_article_list',['uid'=>UID,'id'=>$_POST['id']])){
msg(-1,'文章id错误');
}
update_db('user_article_list',[
'title'=>$_POST['title'],
'category'=>$_POST['category'],
'state'=>$_POST['state'],
'up_time'=>$time,
'summary'=>$_POST['summary'],
'content'=>$_POST['content'],
'cover'=>$_POST['cover_url']
],['uid'=>UID,'id'=>$_POST['id']],[1,'保存成功']);
}
}
//删除文章
function del_article(){
$id = json_decode($_POST['id']);
if(empty($id)) msg(-1,'参数错误');
delete_db('user_article_list',['uid'=>UID,'id'=>$id],[1,'操作成功']);
}
//修改分类
function up_category(){
$id = json_decode($_POST['id']);
if(empty($id)) msg(-1,'参数错误');
if(empty($_POST['category_id']) || !has_db('user_categorys',['uid'=>UID,'cid'=>$_POST['category_id']])){
msg(-1,'分类不存在');
}
update_db('user_article_list',['category'=>$_POST['category_id']],['uid'=>UID,'id'=>$id],[1,'操作成功']);
}
//修改状态
function up_state(){
$id = json_decode($_POST['id']);
if(empty($id)) msg(-1,'参数错误');
if(!in_array($_POST['state_id'],['1','2','3','4'])){
msg(-1,'状态参数错误');
}
update_db('user_article_list',['state'=>$_POST['state_id']],['uid'=>UID,'id'=>$id],[1,'操作成功']);
msg_tip();
}
//保存设置 (与站点配置共享)
function save_article_set(){
//检查配置参数
if(!in_array($_POST['visual'],['0','1','2']) || !in_array($_POST['icon'],['0','1','2'])){
msg(-1,'参数错误');
}
//读取站点配置
$s_site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
$s_site['article_visual'] = $_POST['visual'];
$s_site['article_icon'] = $_POST['icon'];
update_db("user_config",["v"=>$s_site],["k"=>'s_site',"uid"=>UID],[1,'保存成功']);
}

3
system/api_compatible.php
View File

@@ -296,7 +296,8 @@ function get_a_category(){
//获取TwoNav信息
function app_info(){
$data['php_version'] = floatval(PHP_VERSION);
$data['onenav_version'] = SysVer;
$data['onenav_version'] = 'v0.9.35-20240318'; //模拟版本号用于解决新版插件检测版本>1提示发生异常
$data['twonav_version'] = SysVer;
$data['cat_num'] = count_db('user_categorys',['uid'=>UID])??0;
$data['link_num'] = count_db('user_links',['uid'=>UID])??0;
$data['username'] = U;

581
system/api_root.php
View File

@@ -33,76 +33,52 @@ function other_upsys(){
msg(-1,"文件夹不可写 >> $path");
}
}
$_SESSION['upsys']['sysver'] = intval($matches[1]);
usleep(1000*300); //延迟300毫秒
msg(1,'success');
}
//下载更新包
if($_POST['i'] == 2){
//检查授权状态
if(!is_subscribe('bool')){
msg(-1,'未检测到有效授权,请
<a href="https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968669&doc_id=3767990" target="_blank" style="color: #01AAED;">购买授权</a>
<a href="https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=8013447&doc_id=3767990" target="_blank" style="color: #01AAED;">手动更新</a>');
}
$subscribe = unserialize(get_db('global_config','v',["k" => "s_subscribe"]));
if(!isset($subscribe['public']) || empty($subscribe['public'])){
msg(-1,'
错误原因: 未检测到授权秘钥<br />如何处理: <br />
&nbsp;&nbsp; 1. 转到<a href="./index.php?c=admin&u='.U.'#root/vip" target="_blank" style="color: #01AAED;">授权管理</a>页面点击保存设置<br />
&nbsp;&nbsp; 2. 提示保存成功后在尝试更新');
}
$_SESSION['upsys']['sysver'] = intval($matches[1]);
usleep(1000*300); //延迟300毫秒
msg(1,'success');
}
//下载更新包
if($_POST['i'] == 2){
//设置执行最长时间0为无限制。单位秒!
set_time_limit(5*60);
$overtime = !isset($GLOBALS['global_config']['Update_Overtime']) ? 3 : ($GLOBALS['global_config']['Update_Overtime'] < 3 || $GLOBALS['global_config']['Update_Overtime'] > 60 ? 3 : $GLOBALS['global_config']['Update_Overtime']);
//加载远程数据
$urls = [
"lm21" => "https://update.lm21.top/TwoNav/updata.json",
"gitee" => "https://gitee.com/tznb/twonav_updata/raw/master/updata.json"
];
$Source = $GLOBALS['global_config']['Update_Source'] ?? '';
if (!empty($Source) && isset($urls[$Source])) {
$urls = [$Source => $urls[$Source]];
}
foreach($urls as $key => $url){
$Res = ccurl($url,$overtime);
$data = json_decode($Res["content"], true);
if($data["code"] == 200 ){ //如果获取成功
break; //跳出循环.
}
}
//请求获取更新包
$node = intval($GLOBALS['global_config']['Update_Source']);
$Res = ccurl("http://service.twonav.cn/service.php",30,true,data_encryption('updateSystem',['node'=>$node]));
$data = json_decode($Res["content"], true);
if($data["code"] != '200'){
msg(-1,'获取更新信息失败,请稍后再试..');
msg(-1,$data['msg'] ?? '获取更新信息失败,请稍后再试..');
}
foreach($data["data"] as $key){
if( $_SESSION['upsys']['sysver'] >= $key["low"] && $_SESSION['upsys']['sysver'] <= $key["high"] && $key["update"] > $_SESSION['upsys']['sysver']){
$file = "System_Upgrade.tar.gz";
$filePath = "./data/temp/{$file}";
$data = $key;
break; //找到跳出
}
}
if(empty($file)){
msg(-1,'暂无可用更新');
}
$file = "System_Upgrade.tar.gz";
$filePath = "./data/temp/{$file}";
//下载升级包
unlink($filePath);
foreach($data["url"] as $url){
if(downFile($url,$file,'./data/temp/')){
$file_md5 = md5_file($filePath);
if($file_md5 === $data['md5']){
break; //下载成功,跳出循环
}else{
unlink($filePath); //下载失败,删除文件
}
if(downFile($data['url'],$file,'./data/temp/')){
$file_md5 = md5_file($filePath);
if($file_md5 != $data['md5']){
unlink($filePath);
msg(-1,'更新包校验失败,请重试或联系客服');
}
}
//检查下载结果
if(empty($file_md5) ){
}else{
msg(-1,'下载更新包失败');
}elseif($file_md5 != $data['md5']){
msgA(['code'=>-1,'msg'=> '升级包效验失败','correct_md5'=> $data['md5'],'reality_md5'=>$file_md5]);
}
//sleep(1);
msg(1,'success');
}
@@ -128,10 +104,11 @@ function other_upsys(){
//检测是否需要更新数据库
if($_POST['i'] == 4){
clean_cache();
set_time_limit(5*60);
try {
//根据数据库类型扫描不同目录,并声明执行SQL语句的函数
if($GLOBALS['db_config']['type'] == 'mysql'){
if($GLOBALS['db_config']['type'] == 'mysql' || $GLOBALS['db_config']['type'] == 'mariadb'){
$dir = './system/MySQL';
function exe_sql($content) {
global $db;
@@ -175,8 +152,6 @@ function other_upsys(){
//查找数据库是否已安装更新
if(empty(get_db('updatadb_logs','*',['file_name'=>$file_name]))){
require $filePath; //载入升级脚本
//脚本规范:头部判断是否有DIR常量来避免被直接访问,中间执行升级脚本!底部将执行记录写入数据库!
//insert_db('updatadb_logs',['file_name'=>$file_name,'update_time'=>time(),'status'=>'TRUE','extra'=>'']);
}
}
} catch (Exception $e) {
@@ -186,7 +161,6 @@ function other_upsys(){
$updatadb_logs = select_db('updatadb_logs','file_name',['file_name[!]'=>'install.sql']);
$msg .= "当前版本:" . SysVer . "\n";
$msg .= "数据储存:{$GLOBALS['db_config']['type']}\n";
//$msg .= "脚本列表:".(empty($file_list)?'无': "\n".implode("\n",$file_list))."\n" ;
$msg .= "更新记录:".(empty($updatadb_logs)?'无':"\n".implode("\n",$updatadb_logs))."\n";
msg(1,$msg);
}else{
@@ -199,6 +173,7 @@ function other_upsys(){
msgA(['code'=>-1,'msg'=>'步骤错误']);
}
//读用户列表
function read_user_list(){
$query = $_POST['query'];
@@ -258,271 +233,40 @@ function read_purview_list(){
//读用户组列表
function read_users_list(){
if(!is_subscribe('bool')){
msg(-1,'未检测到有效授权');
}
$purview_list = select_db('purview_list','name','');
$datas = select_db('user_group',['id','name','allow','code','codes','uname'],'');
foreach ($datas as $key => $data){
$datas[$key]['codes'] = unserialize($datas[$key]['codes']);
if(empty($datas[$key]['codes'])){
$datas[$key]['disable'] = $purview_list;//为空表示全部
}else{
$datas[$key]['disable'] = array_diff($purview_list,explode(",", $data['allow']));
}
$datas[$key]['disable'] = implode(',',$datas[$key]['disable']); //数组转文本
}
msgA(['code'=>1,'msg'=>'获取成功','count'=>count($datas),'data'=>$datas]);
msg_tip();
}
//写用户组
function write_users(){
//验证代号是否合规
if(!preg_match('/^[A-Za-z0-9]+$/',$_POST['code'])){
msg(-1,'分组代号只能是字母和数字');
}elseif($_POST['code'] == 'root' || $_POST['code'] == 'default'){
msg(-1,'不能使用系统预设的代号');
}elseif(htmlspecialchars(trim($_POST['name'])) != $_POST['name']){
msg(-1,'分组名称不能含有特殊字符');
}
if(!is_subscribe('bool')){
msg(-1,'未检测到有效授权');
}
$USER = $_POST['uname'];
$USER_ID = '';
if(!empty($USER)){
$USER_ID = get_db("global_user", "ID", ["User"=>$USER]);
if(empty($USER_ID)){msg(-1,'蓝图用户不存在');}
}
if($_GET['type'] == 'add'){
if(!empty(get_db('user_group','code',['code' => $_POST['code']]))){
msg(-1,'分组代号已存在');
}elseif(!empty(get_db('user_group','name',['name' => $_POST['name']]))){
msg(-1,'分组名称已存在');
}
insert_db('user_group',["uname"=>$USER,"uid"=>$USER_ID,"code"=>$_POST['code'],"name"=>$_POST['name'],"allow"=>$_POST['allow_list'],"codes"=>json_decode($_POST['allow_code_list'])],[1,'添加成功']);
}elseif($_GET['type'] == 'edit'){
if(empty(get_db('user_group','code',['code' => $_POST['code']]))){
msg(-1,'此分组代号不存在');
}elseif(!empty(get_db('user_group','name',['name' => $_POST['name'],'code[!]'=>$_POST['code']]))){
msg(-1,'分组名称已存在');
}
update_db('user_group',["uname"=>$USER,"uid"=>$USER_ID,"name"=>$_POST['name'],'allow'=>$_POST['allow_list'],'codes'=>json_decode($_POST['allow_code_list']) ],['code'=>$_POST['code']],[1,'保存成功']);
}elseif($_GET['type'] == 'del'){
global $global_config;
if(!empty(get_db('global_user','ID',['UserGroup' => $_POST['code']]))){
msg(-1,'无法删除,有用户正在使用此用户组');
}elseif(!empty(get_db('regcode_list','regcode',['u_group' => $_POST['code']]))){
msg(-1,'无法删除,存在使用此用户组的注册码');
}elseif($global_config['default_UserGroup'] == $_POST['code']){
msg(-1,'无法删除,正在被使用:系统设置>默认分组');
}
delete_db('user_group',["code" => $_POST['code'] ],[1,'删除成功']);
}
msg_tip();
}
//写用户信息
function write_user_info(){
switch ($_GET['type']) {
//删除
case "Del":
$uids = json_decode($_POST['ID']);
$USER_S = select_db('global_user','User',['ID'=>$uids]);
foreach($USER_S as $USER){
if(is_dir(DIR.'/data/user/'.$USER)){
deldir(DIR.'/data/user/'.$USER);
if(is_dir(DIR.'/data/user/'.$USER)){
msg(1,'删除用户数据目录失败,用户名:'.$USER);
}
}
if(is_dir(DIR.'/data/backup/'.$USER)){
deldir(DIR.'/data/backup/'.$USER);
if(is_dir(DIR.'/data/backup/'.$USER)){
msg(1,'删除用户备份目录失败,用户名:'.$USER);
}
}
}
foreach (['regcode_list','user_categorys','user_config','user_count','user_links','user_log','user_login_info'] as $table){
delete_db($table,[ "uid" => $uids ]);
}
delete_db('global_user',["ID" => $uids]);
msg(1,'删除成功');
break;
//删除OTP验证
case "Del_OTP":
$uids = json_decode($_POST['ID']);
$USER_S = select_db('global_user',['LoginConfig','ID','User'],['ID'=>$uids]);
$fail = 0;
foreach($USER_S as $USER){
$LoginConfig = unserialize($USER['LoginConfig']);
if(empty($LoginConfig['totp_key'])){
$fail ++;
continue;
}
$LoginConfig['totp_key'] = '';
update_db("global_user", ["LoginConfig" => $LoginConfig], ["ID" => $USER['ID']]);
}
if($fail > 0){
msg(1,'操作完毕,有'.$fail.'个账号未开启OTP双重验证');
}
msg(1,'操作成功');
break;
//设用户组
case "set_UserGroup":
if(empty($_POST['UserGroup'])){
msg(-1,'用户组不能为空');
}elseif(!in_array($_POST['UserGroup'],['default','root']) && empty(get_db('user_group','code',['code' => $_POST['UserGroup']]))){
msg(-1,'用户组不存在');
}
update_db('global_user',['UserGroup'=>$_POST['UserGroup']],["ID" => json_decode($_POST['ID']) ],[1,'修改成功']);
break;
//设密码
case "set_pwd":
if(!has_db('global_user',['ID'=>$_POST['ID']])){
msg(-1,'用户不存在!');
}
//空字符串md5 防止意外出现空密码
if( $_POST['new_pwd']== 'd41d8cd98f00b204e9800998ecf8427e'){
msg(-1,'密码不能为空');
}
$RegTime = get_db('global_user','RegTime',['ID'=>$_POST['ID']]);
update_db('global_user',['Password'=>Get_MD5_Password($_POST['new_pwd'],$RegTime)],["ID" => $_POST['ID'] ],[1,'修改成功']);
break;
//设邮箱
case "set_email":
if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$_POST['new_email'])){
msg(-1,'邮箱错误!');
}
if(has_db('global_user',['Email'=>$_POST['new_email']])){
msg(-1,'邮箱已存在!');
}
update_db('global_user',['Email'=>$_POST['new_email']],["ID" => $_POST['ID'] ],[1,'修改成功']);
break;
default:
msg(-1,'操作类型错误');
}
msg_tip();
}
//读注册码列表
function read_regcode_list(){
if(!is_subscribe('bool')){
msg(-1,'未检测到有效授权');
}
$page = empty(intval($_REQUEST['page'])) ? 1 : intval($_REQUEST['page']);
$limit = empty(intval($_REQUEST['limit'])) ? 50 : intval($_REQUEST['limit']);
$offset = ($page - 1) * $limit; //起始行号
$where = [];
//统计条数
$count = count_db('regcode_list',$where);
//分页
$where['LIMIT'] = [$offset,$limit];
//排序
$where['ORDER']['id'] = 'DESC';
//查询
$datas = select_db('regcode_list','*',$where);
//用户组处理
if(!empty($datas)){
$user_group = select_db('user_group',['name','code'],'');//读用户组
$user_group = array_column($user_group, 'name', 'code');//以代号为键
$user_group['root'] = '站长';
$user_group['default'] = '默认';
foreach ($datas as $key => $data){
$datas[$key]['UserGroupName'] = $user_group[$data['u_group']]??'Null';
}
}
msgA(['code'=>1,'msg'=>'获取成功','count'=>$count,'data'=>$datas]);
msg_tip();
}
//写注册码
function write_regcode(){
global $db;
if(!is_subscribe('bool')){
msg(-1,'未检测到有效授权');
}
if($_GET['type'] == 'generate'){
if(!in_array($_POST['group'] ,['default']) && empty(get_db('user_group','code',['code' => $_POST['group'] ]))){
msg(-1,'用户组不存在');
}
$t = time();
for ($i=1; $i<=$_POST['number']??1; $i++){
if($_POST['regcode_length'] == 8){
$regcode = hash("crc32b",uniqid());
}elseif($_POST['regcode_length'] == 36){
$regcode = $db::raw("UUID()");
}else{
$regcode = md5(uniqid());
}
insert_db('regcode_list',["uid"=>UID,"regcode"=>$regcode,"u_group"=>$_POST['group'],"use_state"=>'未使用',"add_time"=>$t,"use_time"=>0]);
}
msg(1,'注册码已生成');
}elseif($_GET['type'] == 'set'){
write_global_config('reg_tips',$_POST['content'],'注册提示');
msg(1,'保存成功');
}elseif($_GET['type'] == 'del'){
delete_db("regcode_list",[ "id" => json_decode($_POST['id'])]);
msg(1,'删除成功');
}
msg(-1,'无效的请求类型');
msg_tip();
}
//写订阅信息
function write_subscribe(){
global $USER_DB;
$data['order_id'] = htmlspecialchars( trim($_REQUEST['order_id']) ); //获取订单ID
$data['email'] = htmlspecialchars( trim($_REQUEST['email']) ); //获取邮箱
$data['end_time'] = htmlspecialchars( trim($_REQUEST['end_time']) );//到期时间
$data['domain'] = htmlspecialchars( trim($_REQUEST['domain']) );//支持域名
$data['host'] = $_SERVER['HTTP_HOST']; //当前域名
if(empty($data['order_id']) && empty($data['email']) && empty($data['end_time'])){
write_global_config('s_subscribe','','订阅信息');
msg(1,'清除成功');
}
if($data['end_time'] < time()){
msg(-1,"您的订阅已过期!");
}
//判断是否为IP
if(preg_match("/^(\d+\.\d+\.\d+\.\d+):*\d*$/",$data['host'],$host)) {
$data['host'] = $host[1]; //取出IP(不含端口)
}else{
$host = explode(".", $data['host']);
$count = count($host);
if($count != 2){
$data['host'] = $host[$count-2].'.'.$host[$count-1];
//如果存在端口则去除
if(preg_match("/(.+):\d+/",$data['host'],$host)) {
$data['host'] = $host[1];
}
}
}
if(stristr($data['domain'],$data['host'])){
write_global_config('s_subscribe',$data,'订阅信息');
msg(1,'保存成功');
}else{
msg(-1,"您的订阅不支持当前域名 >> ".$_SERVER['HTTP_HOST']);
}
}
// 写系统设置
function write_sys_settings(){
global $USER_DB;
if($_POST['Login'] == $_POST['Register']){
msg(-1,'注册入口名不能和登录入口名相同');
}elseif(!preg_match("/^[a-zA-Z0-9]+$/",$_POST['Register'])){
msg(-1,'注册入口错误,仅允许使用字母和数字');
msg(-1,'注册入口错误,仅允许使用字母和数字');
}elseif(!preg_match("/^[a-zA-Z0-9]+$/",$_POST['Login'])){
msg(-1,'登陆入口错误,仅允许使用字母和数字');
msg(-1,'登陆入口错误,仅允许使用字母和数字');
}elseif(empty($_POST['Default_User']) || !get_db("global_user", "User", [ "User"=>$_POST['Default_User'] ]) ){
msg(-1,'默认账号不存在');
}elseif(!empty($_POST['default_UserGroup']) && empty(get_db('user_group','code',['code' => $_POST['default_UserGroup']]))){
@@ -539,6 +283,14 @@ function write_sys_settings(){
}
}
//自定义登录入口和注册入口检测
$prohibits = ['admin','click','api','ico','icon','verify','apply','guestbook','article','sitemap'];
if(in_array($_POST['Login'],$prohibits)){
msg(-1,'此登录入口名已被系统使用');
}
if(in_array($_POST['Register'],$prohibits)){
msg(-1,'此注册入口名已被系统使用');
}
//长度限制
foreach (['c_name','c_desc','l_name','l_url','l_key','l_desc'] as $name){
$length_limit[$name] = is_subscribe('bool') ? intval($_POST[$name]) : 0;
@@ -562,11 +314,11 @@ function write_sys_settings(){
'Sub_domain'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'二级域名参数错误'],
'Privacy'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'强制私有参数错误'],
'default_page'=>['int'=>true,'min'=>0,'max'=>2,'msg'=>'默认页面参数错误'],
'copyright'=>['empty'=>true],
'global_header'=>['empty'=>true],
'global_footer'=>['empty'=>true],
'api_extend'=>['empty'=>true],
'c_code'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'自定义代码参数错误'],
'static_link'=>['int'=>true,'min'=>0,'max'=>2,'msg'=>'静态链接参数错误'],
//更新设置
'Update_Source'=>['empty'=>true],
'Update_Overtime'=>['int'=>true,'min'=>3,'max'=>60,'msg'=>'资源超时参数错误'],
@@ -592,91 +344,15 @@ function write_sys_settings(){
if(!empty($_POST['copyright'])){$o_config['copyright'] = "";$filter = true;}
if(!empty($_POST['global_header'])){$o_config['global_header'] = "";$filter = true;}
if(!empty($_POST['global_footer'])){$o_config['global_footer'] = "";$filter = true;}
if($_POST['apply'] == 1){$o_config['apply'] = 0;$filter = true;}
if($_POST['guestbook'] == 1){$o_config['guestbook'] = 0;$filter = true;}
if($_POST['link_extend'] == 1){$o_config['link_extend'] = 0;$filter = true;}
if($_POST['article'] == 1){$o_config['article'] = 0;$filter = true;}
if($_POST['static_link'] == 1){$o_config['static_link'] = 0;$filter = true;}
}
//检测于下载文章管理依赖资源
clearstatcache();
if($o_config['article'] == 1 && ( !is_file('./static/wangEditor/wangEditor.js') || !is_file('./static/wangEditor/wangEditor.css'))){
$filePath = "./data/temp/wangEdito.tar.gz";
if(downFile('https://update.lm21.top/TwoNav/updata/wangEdito.tar.gz','wangEdito.tar.gz','./data/temp/')){
$file_md5 = md5_file($filePath);
if($file_md5 != "95f830656ba8972cca39a1ddd6ebaeda"){
unlink($filePath);
msg(-1,'效验wangEdito失败<br/>!');
}
}else{
msg(-1,'下载wangEdito失败,请重试!<br/>如需手动安装可联系技术支持!');
}
try {
$phar = new PharData($filePath);
$phar->extractTo('./static/', null, true);
unlink($filePath);
clearstatcache();
} catch (Exception $e) {
msg(-1,'安装wangEdito失败');
}
}
update_db("global_config", ["v" => $o_config], ["k" => "o_config"],[1,($filter ?"保存成功,未检测到有效授权,带*号的配置无法为你保存":"保存成功")]);
}
//写默认设置
function write_default_settings(){
global $USER_DB;
if(!is_subscribe('bool')){
msg(-1,'未检测到有效授权');
}
if(intval($_POST['Session']) > 0 && intval($_POST['KeyClear']) > intval($_POST['Session'])){
msg(-1,'Key清理时间不能大于登录保持时间');
}
// 安全配置(登录配置)
$datas = [
'Session'=>['int'=>true,'min'=>0,'max'=>360,'msg'=>'登录保持参数错误'],
'HttpOnly'=>['int'=>true,'min'=>0,'max'=>1,'msg'=>'HttpOnly参数错误'],
'KeySecurity'=>['int'=>true,'min'=>0,'max'=>2,'msg'=>'Key安全参数错误'],
'KeyClear'=>['int'=>true,'min'=>1,'max'=>60,'msg'=>'Key清理参数错误'],
'api_model'=>['v'=>['security','compatible','compatible+open'],'msg'=>'API模式参数错误'],
'login_page'=>['v'=>['admin','index','auto'],'msg'=>'登录成功参数错误']
];
foreach ($datas as $key => $data){
if($data['int']){
$LoginConfig[$key] = ($_POST[$key] >= $data['min'] && $_POST[$key] <= $data['max'])?intval($_POST[$key]):msg(-1,$data['msg']);
}elseif(isset($data['v'])){
$LoginConfig[$key] = in_array($_POST[$key],$data['v']) ? $_POST[$key]:msg(-1,$data['msg']);
}else{
$LoginConfig[$key] = $data['empty']?$_POST[$key]:(!empty($_POST[$key])?$_POST[$key]:msg(-1,$data['msg']));
}
}
$LoginConfig['Login'] = '0';
$LoginConfig['Password2'] = '';
update_db("global_config",["v"=>$LoginConfig],["k"=>'LoginConfig']);
//站点配置
$datas = [
'title'=>['empty'=>false,'msg'=>'主标题不能为空'],
'subtitle'=>['empty'=>true],
'logo'=>['empty'=>true],
'keywords'=>['empty'=>true],
'description'=>['empty'=>true],
'link_model'=>['v'=>['direct','Privacy','302','Transition'],'msg'=>'链接模式参数错误'],
'link_icon'=>['int'=>true,'min'=>0,'max'=>6,'msg'=>'链接图标参数错误'],
'custom_header'=>['empty'=>true],
'custom_footer'=>['empty'=>true]
];
$s_site = [];
foreach ($datas as $key => $data){
if($data['int']){
$s_site[$key] = ($_POST[$key] >= $data['min'] && $_POST[$key] <= $data['max'])?intval($_POST[$key]):msg(-1,$data['msg']);
}elseif(isset($data['v'])){
$s_site[$key] = in_array($_POST[$key],$data['v']) ? $_POST[$key]:msg(-1,$data['msg']);
}else{
$s_site[$key] = $data['empty']?$_POST[$key]:(!empty($_POST[$key])?$_POST[$key]:msg(-1,$data['msg']));
}
}
update_db("global_config",["v"=>$s_site],["k"=>'s_site'],[1,'保存成功']);
msg_tip();
}
//读日志
function read_log(){
@@ -720,6 +396,7 @@ function other_root(){
delfile($dir,30);
$size = $_SESSION['CleanCacheSize'];
unset($_SESSION['CleanCacheSize']);
clean_cache();
if($size == 0){
msg(1,'暂无可清理缓存');
}
@@ -731,54 +408,13 @@ function other_root(){
$data = get_db("global_config", "v", ["k" => "username_retain"]);
msgA(['code'=>1,'msg'=>'获取成功','data'=>$data]);
}elseif($_GET['type'] == 'write_username_retain'){
//遍历检测语法
$patterns = explode("\n",$_POST['username_retain']);
foreach($patterns as $pattern){
if (@preg_match($pattern, '') === false) {
msg(-1,'正则表达式语法错误,请检查');
}
}
if(!is_subscribe('bool')){
msg(-1,'未检测到有效授权');
}
write_global_config('username_retain',$_POST['username_retain'],'账号保留');
msg(1,'保存成功');
msg_tip();
}elseif($_GET['type'] == 'write_mail_config'){
if($GLOBALS['global_config']['offline'] == '1'){msg(-1,"离线模式无法使用此功能");}
if(!is_subscribe('bool')){msg(-1,"未检测到有效授权,无法使用该功能!");}
//检测PHPMailer是否存在
clearstatcache();
if(!is_file(DIR.'/system/PHPMailer/PHPMailer.php')){
$filePath = "./data/temp/PHPMailer_6.8.0.tar.gz";
if(downFile('https://update.lm21.top/TwoNav/updata/PHPMailer_6.8.0.tar.gz','PHPMailer_6.8.0.tar.gz','./data/temp/')){
$file_md5 = md5_file($filePath);
if($file_md5 != "07251997fb7ebf3bf2d296d4214ccf0a"){
unlink($filePath);
msg(-1,'效验PHPMailer失败<br/>!');
}
}else{
msg(-1,'下载PHPMailer失败,请重试!<br/>如需手动安装可联系技术支持!');
}
try {
$phar = new PharData($filePath);
$phar->extractTo('./system/', null, true);
unlink($filePath);
clearstatcache();
} catch (Exception $e) {
msg(-1,'安装PHPMailer失败');
}
}
write_global_config('mail_config',$_POST,'账号保留');
msg(1,'保存成功');
msg_tip();
}elseif($_GET['type'] == 'write_mail_test'){
$_POST['Subject'] = 'TwoNav 测试邮件' . time();
$_POST['Body'] = '<h1>TwoNav 测试邮件</h1>' . date('Y-m-d H:i:s');
send_email($_POST);
msg_tip();
}elseif($_GET['type'] == 'write_icon_config'){
if($GLOBALS['global_config']['offline'] == '1'){msg(-1,"离线模式无法使用此功能");}
if(!is_subscribe('bool')){msg(-1,"未检测到有效授权,无法使用该功能!");}
write_global_config('icon_config',$_POST,'图标配置');
msg(1,'保存成功');
msg_tip();
}elseif($_GET['type'] == 'write_icon_del_cache'){
//删除数据库缓存信息
if(empty(count_db('global_icon','*'))){
@@ -799,12 +435,111 @@ function other_root(){
msg(1,'操作成功');
}elseif($_GET['type'] == 'write_sitemap_config'){
if(!is_subscribe('bool')){
msg(-1,'未检测到有效授权');
}
write_global_config('sitemap_config',$_POST,'站点地图配置');
msg(1,'保存成功');
msg_tip();
}
}
// 通用类请求官方服务器
function other_services(){
// 生成请求数据
$domain = preg_replace('/:\d+$/','',$_SERVER['HTTP_HOST']);
$post = [
'domain' => $domain,
'referer' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "",
'email' => isset($_POST['email']) ? $_POST['email'] : "",
'order_id' => isset($_POST['order_id']) ? $_POST['order_id'] : "",
'sysver' => SysVer,
'ip' => Get_IP(),
'method' => $_GET['type'],
'sys' => $_POST['sys']
];
$overtime = 30;
// 判断操作类型
if($_GET['type'] == 'query_key' || $_GET['type'] == 'save_key'){
$Res = ccurl("http://service.twonav.cn/service.php",$overtime,true,$post);
if($Res['code'] != 200){
msg(-1,'请求官方服务器失败,请稍后再试');
}
$data = json_decode($Res["content"], true);
$msg = $data['msg'];
// 如果是保存设置
if($_GET['type'] == 'save_key'){
$data = $data['data'];
if(!isset($data['order_id']) || empty($data['order_id'])){
msg(-1,empty($msg) ? '保存失败,请核对信息是否有误<br />' : $msg);
}
//判断是否为IP
if(preg_match("/^(\d+\.\d+\.\d+\.\d+):*\d*$/",$domain,$host)) {
$data['host'] = $host[1]; //取出IP(不含端口)
}else{
$host = explode(".", $domain);
$count = count($host);
if($count != 2){
$data['host'] = $host[$count-2].'.'.$host[$count-1];
//如果存在端口则去除
if(preg_match("/(.+):\d+/",$data['host'],$host)) {
$data['host'] = $host[1];
}
}
}
write_global_config('s_subscribe',$data,'订阅信息');
clean_cache();
msgA(['code'=>200,'msg'=>'保存成功','data'=>['order_id'=>$data['order_id'],'end_time'=>$data['end_time'],'type_name'=>$data['type_name']]]);
}
msgA($data);
}elseif($_GET['type'] == 'del_key'){
$subscribe = unserialize(get_db('global_config','v',["k" => "s_subscribe"]));
if(!isset($subscribe['order_id']) || empty($subscribe['order_id'])){
msg(200,'清除成功');
}
ccurl("http://service.twonav.cn/service.php",$overtime,true,$post);
write_global_config('s_subscribe','','订阅信息');
clean_cache();
msg(200,'删除成功');
}elseif($_GET['type'] == 'validate'){
$Res = ccurl("http://service.twonav.cn/service.php",$overtime,true,data_encryption('validate'));
$data = json_decode($Res["content"], true);
if($data["code"] != '200'){
msg(-1,$data['msg'] ?? '验证失败');
}
msgA($data);
}elseif($_GET['type'] == 'get_notice'){
//读取缓存数据
$Notice = get_db('global_config','v',['k'=>'notice']);$data=[];
//如果不为空,则解析数据
if(!empty($Notice)){
$data = json_decode($Notice, true);
$cache_time = Debug ? 0 : 60; //缓存时间(秒);
$reload = time() > $data["download_time"] + $cache_time; //是否更新
}else{
$reload = true; //需要刷新
}
if($GLOBALS['global_config']['offline'] == '1'){
msgA(['code'=>200,'message'=>"已开启离线模式,无法获取最新动态/官方公告/下载模板/更新系统等。"]);
}
// 判断是否刷新数据
if(!$global_config['offline'] && $reload){
if(is_subscribe('bool')){
$Res = ccurl('http://service.twonav.cn/service.php',$overtime,true,data_encryption('get_new_ver',['ver'=>SysVer]));
}else{
$Res = ccurl('http://gitee.com/tznb/TwoNav_Resource/raw/master/Notice.json',$overtime);
}
$new_data = json_decode($Res['content'], true);
if($new_data["code"] == 200 ){
$new_data['download_time'] = time();
$new_data['version'] = version_compare($new_data['version'],SysVer,'<') ? SysVer : $new_data['version'];
write_global_config('notice',json_encode($new_data),'官方公告(缓存)');
write_global_config('sys_switch',"{$new_data['sys_switch']}",'sys_switch');
$data = $new_data;
}
}
//时间检测
if(isset($_GET['t']) && !empty($_GET['t'])){
if (abs( time() - $_GET['t'] ) > 300) {
$data['message'] .= "<br /><span style=\"color: #ff5722;\" >检测到客户端时间与服务器时间存在较大差异<br />这会导致部分功能无法正常使用<br />请及时校对服务器或客户端时间</span>";
}
}
msgA($data);
}
}

90
system/auth.php Normal file
View File

@@ -0,0 +1,90 @@
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
// 鉴权接口: 账号登录
//忽略GET/POST以外的请求
if(!in_array($_SERVER['REQUEST_METHOD'],['GET','POST'])){
exit;
}
if(!isset($auth_mode)){
$auth_mode = $_GET['mode'];
}
//账号登录
if($auth_mode == 'uname'){
$username = $_POST['username'];
$password = $_POST['password'];
$log = ["uid" => '',"user"=>$username,"ip"=>Get_IP(),"time"=>time(),"type" => 'login',"content"=>Get_Request_Content(),"description"=>""];
//密码长度
if(strlen($password)!==32){
$log['description'] = '请求登录>密码错误(长度应该是32位的MD5)';
insert_db("user_log",$log);
msg(-1,'账号或密码错误');
}
//浏览器UA
if(strlen($_SERVER['HTTP_USER_AGENT']) > 1024){
$log['description'] = '请求登录>浏览器UA长度>1024';
insert_db("user_log",$log);
msg(-1,"浏览器UA长度异常,请更换浏览器!");
}
//读取资料
$USER_DB = get_db("global_user", "*", ["OR"=>['User'=>$username,'Email'=>$username]]);
if(empty($USER_DB)){
$log['description'] = '请求登录>账号不存在';
insert_db("user_log",$log);
msg(-1,'账号不存在');
}
$log['uid'] = $USER_DB['ID'];
//登录入口
session_start();
if($_SESSION['login'] != $global_config["Login"] && $_SESSION['login'] != $USER_DB['Login'] ){
$log['description'] = '请求登录>登录入口错误';
insert_db("user_log",$log);
msg(-1,"请求失败,请刷新登录页面再试");
}
//双重验证
$LoginConfig = unserialize( $USER_DB['LoginConfig'] );
if(!empty($LoginConfig['totp_key'])){
if(empty($_POST['otp_code'])){
msgA(['code'=>2]);
}
require DIR . '/system/Authenticator.php';
$totp = new PHPGangsta_GoogleAuthenticator();
$checkResult = $totp->verifyCode($LoginConfig['totp_key'], $_POST['otp_code'], 2);
if(!$checkResult){
$log['description'] = '请求登录>动态口令错误';
insert_db("user_log",$log);
msgA(['code'=>-1,'msg'=>'动态口令错误']);
}
}
//验证密码
if(Get_MD5_Password($password,$USER_DB["RegTime"]) === $USER_DB["Password"]){
$log['description'] = '请求登录>登录成功';
insert_db("user_log",$log);
//保持登录
$keep_login = isset($_POST['keep']) && $_POST['keep'] == 'on';
if($keep_login == true){
$LoginConfig['Session'] = ($LoginConfig['Session'] > 0 ? $LoginConfig['Session'] : 7 );
}else{
$LoginConfig['Session'] = 0;
}
$USER_DB['LoginConfig'] = serialize($LoginConfig);
//设置Cookie
Set_key($USER_DB);
if(empty($LoginConfig['login_page']) || $LoginConfig['login_page'] == 'admin'){
$url = "./?c=admin&u={$USER_DB['User']}";
}elseif($LoginConfig['login_page'] == 'index'){
$url = "./?c=index&u={$USER_DB['User']}";
}else{
$url = preg_match('/Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i',$_SERVER['HTTP_USER_AGENT']) ? "./?c=index&u={$USER_DB['User']}" : "./?c=admin&u={$USER_DB['User']}";
}
//默认页面
if(!empty($global_config['default_page'])){
setcookie('Default_User', $USER_DB['User'], strtotime("+360 day"),"/",'',false,false);
}
msgA(['code'=>1,'msg'=>'登录成功','url'=>$url]);
}else{
$log['description'] = '请求登录>账户或密码错误';
insert_db("user_log",$log);
msg(-1,"账户或密码错误");
}
}

49
system/click.php
View File

@@ -55,40 +55,6 @@ if(!$is_login){
if($category_ancestor['property'] == 1 && !$pv){
exit('很抱歉,页面所属的祖分类是私有的!您无权限查看,如果您是管理员,请先登录!');
}
//判断链接是否加密
if(!empty($link['pid'])){
$verify_type = 'link_pwd';
$password = get_db('user_pwd_group','password',['uid'=>UID,'pid'=>$link['pid']]);
if($_SESSION['verify']['link'][$link['lid']] != $password){
$c = 'verify';
require DIR."/system/templates.php";
require $index_path;
exit();
}
}
//判断父分类是否加密
if(empty($link['pid']) && !empty($category_parent['pid'])){
$verify_type = 'category_pwd';
$password = get_db('user_pwd_group','password',['uid'=>UID,'pid'=>$category_parent['pid']]);
if($_SESSION['verify']['category'][$category_parent['cid']] != $password){
$c = 'verify';
require DIR."/system/templates.php";
require $index_path;
exit();
}
}
//判断祖分类是否加密
if(empty($link['pid']) && empty($category_parent['pid']) && !empty($category_ancestor['pid'])){
$verify_type = 'category_pwd';
$password = get_db('user_pwd_group','password',['uid'=>UID,'pid'=>$category_ancestor['pid']]);
if($_SESSION['verify']['category'][$category_ancestor['cid']] != $password){
$c = 'verify';
require DIR."/system/templates.php";
require $index_path;
exit();
}
}
}
@@ -100,11 +66,6 @@ update_db("user_links", ["click[+]"=>1],['uid'=>UID,'lid'=>$id]);
//通用数据初始化
require DIR."/system/templates.php";
//如果主题信息声明支持扩展字段
if($global_config['link_extend'] == 1 && check_purview('link_extend',1) && in_array($theme_info['support']['link_extend'],["true","1"])){
$extend = empty($link['extend']) ? [] : unserialize($link['extend']);
}
//载入过渡页设置
$transition_page = unserialize(get_db("user_config", "v", ["uid"=>UID,"k"=>"s_transition_page"]));
@@ -125,7 +86,9 @@ if(!empty($link['url_standby']) || $site['link_model'] == 'Transition'){
if(!empty($link['url_standby'])) {
$link['url_standby'] = unserialize($link['url_standby']);
//主链优先模式
if(!empty($site['main_link_priority']) && $site['link_model'] != 'Transition'){
if($site['main_link_priority'] == '3'){
$site['link_model'] = $site['link_model'] == 'direct' ? '302' : $site['link_model'];
}elseif($site['main_link_priority'] > 0 && $site['link_model'] != 'Transition'){
$code = get_http_code($link['url'],3,($site['main_link_priority'] == 1));
if(in_array(intval($code),[200,301,302,401]) ){
$site['link_model'] = $site['link_model'] == 'direct' ? '302' : $site['link_model'];
@@ -149,9 +112,11 @@ if ($site['link_model'] == '302'){ //302重定向(临时)
exit;
}elseif($site['link_model'] == 'Privacy'){ //隐私保护_header
header("Content-type: text/html; charset=utf-8");
if(preg_match('/[\x{4e00}-\x{9fa5}]/u', $link['url']) > 0){
exit ('<html lang="zh-ch"><head><title>正在保护您的隐私..</title><meta name="referrer" content="same-origin"><script>window.location.href="'.$link['url'].'"</script></head>');
}
header("Refresh:0;url=".$link['url']);
echo '<html lang="zh-ch"><head><title>正在保护您的隐私..</title><meta name="referrer" content="same-origin"></head>';
exit;
exit ('<html lang="zh-ch"><head><title>正在保护您的隐私..</title><meta name="referrer" content="same-origin"></head>');
}elseif($site['link_model'] == 'Privacy_js'){ //隐私保护_js
header("Content-type: text/html; charset=utf-8");
echo '<html lang="zh-ch"><head><title>正在保护您的隐私..</title><meta name="referrer" content="same-origin"><script>window.location.href="'.$link['url'].'"</script></head>';

126
system/expand/apply.php
View File

@@ -1,133 +1,11 @@
<?php
$apply = $global_config['apply'];
// 如果管理了收录功能则返回404
if ($apply != 1 ){
load_tip();
header('HTTP/1.1 404 Not Found');
header("status: 404 Not Found");
exit;
}
$apply = unserialize( get_db("user_config", "v", ["k" => "apply","uid"=>UID]));
// 用户关闭收录申请
if ( $apply['apply'] == 0 ){
if($_SERVER['REQUEST_METHOD'] === 'GET'){
load_tip();
}else{
msg(-1,"用户已关闭收录申请");
}
}
//get请求载入页面
if($_SERVER['REQUEST_METHOD'] === 'GET'){
require DIR."/system/templates.php";
require($index_path);
exit;
}
//载入提示页
function load_tip() {
$content = '站长或用户未开启申请收录功能';
require DIR.'/templates/admin/page/404.php';
exit;
}
//强制加载防火墙来过滤相关攻击!
$global_config['XSS_WAF'] = 1; $global_config['SQL_WAF'] = 1;
require DIR.'/system/firewall.php';
// 遍历请求表单,拦截可疑内容!
foreach($_POST as $key =>$value){
if( htmlspecialchars($value,ENT_QUOTES) != $value ){
msg(-1,$key.' > 请避免使用<\'&">单引号,双引号等特殊字符!');
}elseif( strlen($value) >= 256 ){
msg(-1,$key.' > 字符串长度不允许超过256');
}
}
$title = $_POST['title'];
$url = $_POST['url'];
$iconurl = $_POST['iconurl'] ?? '';
$description = $_POST['description'] ?? '';
$category_id = intval ($_POST['category_id']);
$email = $_POST['email'] ?? '';
$user_ip = Get_IP();
if( !filter_var($url, FILTER_VALIDATE_URL) ) {
msg(-1,'URL无效!');
}elseif(!empty($apply['iconurl']) && !filter_var($iconurl, FILTER_VALIDATE_URL) ){
msg(-1,'网站图标无效!');
}elseif(!empty($apply['email']) && !preg_match('/^([a-zA-Z]|[0-9])(\w|\-)+@[a-zA-Z0-9]+\.([a-zA-Z]{2,4})$/',$email)){
msg(-1,'联系邮箱无效!');
}elseif(!isset($_POST['category_id'])){
msg(-1,'分类ID不能为空!');
}elseif(!isset($_POST['title'])){
msg(-1,'网站标题不能为空!');
}elseif(!empty($apply['description']) && empty($_POST['description'])){
msg(-1,'网站描述不能为空!');
}
//获取和检查分类信息
$where['cid'] = $category_id;
$where['uid'] = UID;
$category_info = get_db('user_categorys',['cid','fid','property','name','font_icon','description'],$where);
if(empty($category_info) || $category_info['property'] != 0){
msgA(['code'=>-1,'msg'=>'没有找到分类信息']);
}
//检查是否重复
$url_data = get_db("user_apply","*",["url"=> $url,'uid'=>UID ]);
if(isset($url_data['id'])){
if ($url_data['state'] == 0){
msg(-1,'审核中,请勿重复提交!');
}elseif ($url_data['state'] == 1 || $url_data['state'] == 3 ){
msg(-1,'已通过,请勿重复提交!');
}elseif ($url_data['state'] == 2){
msg(-1,'已拒绝,请勿重复提交!');
}
}
// 统计IP 24小时内提交的数量!,超限则拦截!
$count = count_db("user_apply", ["uid"=>UID , "ip" => $user_ip ,"time[>]" => time() - 60*60*24]);
if ($count >= $apply['submit_limit'] ?? 5){
msg(-1,'您提交的申请数量已达到上限!请明天再试!');
}
$data = [
'uid' => UID,
'iconurl' => $iconurl,
'title' => $title,
'url' => $url,
'email' => $email,
'ip' => $user_ip,
'ua' => $_SERVER['HTTP_USER_AGENT'],
'time' => time(),
'state' => 0, // 0.待审核 1.手动通过 2.已拒绝 3.自动通过
'category_id' => $category_id,
'category_name' => $category_info['name'],
'description' => $description
];
//0.关闭 1.开启 2.无需审核
if($apply['apply'] == 1){
$data['state'] = 0 ;
}elseif($apply['apply'] == 2){
$data['state'] = 3 ;
if(!empty(get_db("user_links","*",["url"=> $url,'uid'=>UID ]))){
msg(-1,'URL已经存在'); //存在于链接列表中!
}
$lid = get_maxid('link_id');
$url_data = [
'lid' => $lid,
'uid' => UID,
'fid' => $category_id,
'title' => $title,
'url' => $url,
'description' => $description,
'add_time' => time(),
'up_time' => time(),
'weight' => 0,
'property' => 0,
'icon' => $iconurl
];
insert_db('user_links',$url_data);
}
insert_db('user_apply',$data,[1,'提交成功!']);
msg(-1,'免费版不支持此功能');
?>

27
system/expand/article.php
View File

@@ -1,28 +1,3 @@
<?php if(!defined('DIR')){Not_Found();}AccessControl();
//判断全局开关和用户权限
if($global_config['article'] < 1 || !check_purview('article',1)) Not_Found();
//IP数统计
count_ip();
//取GET参数中的id
$id = intval($_GET['id']);
//如果id为空,则显示404
if(empty($id)) Not_Found();
//通用数据初始化
require DIR."/system/templates.php";
//读取文章内容
$data = get_article_content($id);
//查找失败时显示404
if(empty($data)) Not_Found();
//统计点击数
update_db("user_article_list", ["browse_count[+]"=>1],['uid'=>UID,'id'=>$id]);
//载入模板
require $index_path;
exit('免费版不支持此功能');

65
system/expand/guestbook.php
View File

@@ -1,73 +1,10 @@
<?php
if($global_config['guestbook'] != 1 || !check_purview('guestbook',1)){
require DIR.'/templates/admin/page/404.php';
exit;
}
$s = unserialize( get_db("user_config", "v", ["k" => "guestbook","uid"=>UID]) );
if(empty($s) || $s['allow'] != 1){
$content = '站点已设置禁止留言';
require DIR.'/templates/admin/page/404.php';
exit;
}
if(!Check_Path("data/user/{$u}/MessageBoard")){
exit("<h2>创建目录失败,请检查权限</h2>");
}
//POST提交留言
if($_SERVER['REQUEST_METHOD'] === 'POST'){
if($s['allow'] != '1'){ msg(-1,'提交失败,当前禁止留言!'); }
$type = $_POST['type']; //类型
$contact = $_POST['contact']; //联系方式
$title = $_POST['title']; //标题
$content = $_POST['content']; //内容
if(empty($type)){
msg(-1,'提交失败,类型不能为空');
}elseif(empty($contact)){
msg(-1,'提交失败,联系方式不能为空');
}elseif(empty($title)){
msg(-1,'提交失败,标题不能为空');
}elseif(empty($content)){
msg(-1,'提交失败,内容不能为空');
}elseif(strlen($type) >= 32 || strlen($contact) >= 64 || strlen($title) >= 128 || strlen($content) >= 2048){
msg(-1,'提交失败,长度超限');
}elseif(ShuLiang("data/user/{$u}/MessageBoard/") > 256){
msg(-1,'提交失败,留言太多了请稍后再试');
}
$json_arr = array(
'type'=>htmlentities($type),
'contact'=>htmlentities($contact),
'title'=>htmlentities($title),
'content'=>htmlentities($content),
'time'=>time(),
'ip'=>get_IP()
);
//限制长度 参数
//var_dump($json_arr);exit;
$json = json_encode($json_arr);
$path = "data/user/{$u}/MessageBoard/".time().'_'.crc32($json).'.json';
if( Check_Path("data/user/{$u}/MessageBoard") && file_put_contents($path, $json)){
msg(1,'提交成功');
}else{
msg(-1,'系统错误,提交失败'); //创建目录或写入文件失败,请检查权限
}
msg(-1,'免费版不支持此功能');
}
//获取文件数
function ShuLiang($path){
$sl=0;
$arr = glob($path);
foreach ($arr as $v){
if(is_file($v)){
$sl++;
}else{
$sl+=ShuLiang($v."/*");
}
}
return $sl;
}
//通用数据初始化
require DIR."/system/templates.php";
require $index_path;

40
system/expand/sitemap.php
View File

@@ -3,44 +3,6 @@ if(!is_subscribe('bool')){exit;}
//设置协议头
header('Content-Type: application/xml');
//读取配置
$sitemap_config = unserialize( get_db("global_config", "v", ["k" => "sitemap_config"]));
//储存路径
$sitemap_path = DIR . "/data/user/{$u}/sitemap.php";
//载入生成脚本
require 'sitemap_create.php';
//是否为手动生成
if(!empty($_GET['mode'])){
if($sitemap_config['switch'] != '1'){
msg(-1,'请将功能开关设为开启并保存');
}else{
create_sitemap($sitemap_config,$sitemap_path,$u);
msg(1,'生成完毕');
}
}else{
//未开启被动请求时,如果有缓存文件则返回
if($sitemap_config['beidong'] != '1'){
if(file_exists($sitemap_path)){
exit(file_get_contents($sitemap_path) ?? '');
}
exit;
}
}
//未开启功能时不输出任何数据
if($sitemap_config['switch'] != '1'){
exit;
}
//判断是否需要更新
if(is_Update_Sitemap($sitemap_config,$sitemap_path)){
exit (create_sitemap($sitemap_config,$sitemap_path,$u));
}else{
exit(file_get_contents($sitemap_path) ?? '');
}
exit;
?>

133
system/expand/sitemap_create.php
View File

@@ -1,134 +1 @@
<?php
//判断是否需要更新缓存
function is_Update_Sitemap($sitemap_config,$sitemap_path){
if (file_exists($sitemap_path)) {
$up_time = filemtime($sitemap_path);
$timeIntervals = [
'monthly' => 30 * 24 * 60 * 60, // 30天
'weekly' => 7 * 24 * 60 * 60, // 7天
'daily' => 24 * 60 * 60, // 1天
'hourly' => 60 * 60, // 1小时
'minute' => 60, //1分钟
'second' => 1 //1秒
];
$interval_seconds = $timeIntervals[$sitemap_config['changefreq']] ?? 86400; //间隔秒
if (time() - $up_time >= $interval_seconds){
return true;
}else{
return false;
}
//缓存文件不存在时重新创建地图
}else{
return true;
}
}
//创建地图数据函数
function create_sitemap($sitemap_config,$sitemap_path,$u){
//创建一个空的 XML 文档
$xml = new DOMDocument('1.0', 'UTF-8');
$xml->formatOutput = true;
//创建根元素
$urlset = $xml->createElement('urlset');
$urlset->setAttribute('xmlns', 'http://www.sitemaps.org/schemas/sitemap/0.9');
$xml->appendChild($urlset);
//今天
$today = date("Y-m-d\TH:i:s", time());
//域名
$host = $_SERVER['HTTP_HOST']; // 获取主机名
$port = isset($_SERVER['SERVER_PORT']) ? ($_SERVER['SERVER_PORT'] == 80 ? '' : ':'.$_SERVER['SERVER_PORT']) : ''; // 获取端口号
$scheme = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https://' : 'http://'; // 获取协议
$host = $scheme.$host.$port;
//用户主页 0.关闭 1.动态地址 2.静态地址 3.二级域名
if($sitemap_config['user_homepage'] > 0){
//读取用户列表
$user_list = select_db('global_user','User','');
if($sitemap_config['user_homepage'] == '3'){
$strings = explode('.',$_SERVER['HTTP_HOST']);
if(count($strings) == 3){
$root_domain = "{$strings[1]}.{$strings[2]}";
}elseif(count($strings) == 2){
$root_domain = $_SERVER['HTTP_HOST'];
}else{
$sitemap_config['user_homepage'] == '1';
}
}
//遍历用户列表
foreach($user_list as $user){
if($sitemap_config['user_homepage'] == '2'){
$locurl = "{$host}/{$user}.html";
}elseif($sitemap_config['user_homepage'] == '3'){
$locurl = "{$scheme}{$user}.{$root_domain}";
}else{
$locurl = "{$host}/index.php?u={$user}";
}
//生成数据
$url = createUrlElement($xml, $locurl, $today, $sitemap_config['user_homepage_changefreq'], $sitemap_config['user_homepage_weight']);
$urlset->appendChild($url);
}
}
//过度页面 0.关闭 1.动态 2.静态
if($sitemap_config['click_page'] > 0){
$category_parent = []; //父分类
$categorys = []; //全部分类
//查找条件 - 分类
$where['uid'] = UID;
$where['fid'] = 0;
$where['pid'] = 0;
$where['status'] = 1;
$where['ORDER'] = ['weight'=>'ASC'];
$where['property'] = 0;
//查找一级分类
$category_parent = select_db('user_categorys','cid',$where);
//遍历二级分类
foreach ($category_parent as $cid) {
$where['fid'] = $cid;
$category_subitem = select_db('user_categorys','cid',$where);
array_push($categorys,$cid);
$categorys = array_merge ($categorys,$category_subitem);
}
//遍历链接
foreach ($categorys as $cid) {
$where['fid'] = $cid;
$links = select_db('user_links',['lid','up_time'],$where);
foreach ($links as $link) {
if($sitemap_config['click_page'] == '2'){
$locurl = "{$host}/{$u}/click/{$link['lid']}.html";
}else{
$locurl = "{$host}/index.php?c=click&id={$link['lid']}&u={$u}";
}
$url = createUrlElement($xml, $locurl, date("Y-m-d\TH:i:s", $link['up_time']), $sitemap_config['click_page_changefreq'], $sitemap_config['click_page_weight']);
$urlset->appendChild($url);
}
}
}
//保存 XML 内容到文件
$xml->save($sitemap_path);
//返回内容
return $xml->saveXML();
}
// 生成URL元素
function createUrlElement($xml, $loc, $lastmod, $changefreq, $priority) {
$url = $xml->createElement('url');
$locElem = $xml->createElement('loc', htmlspecialchars($loc));
$url->appendChild($locElem);
$lastmodElem = $xml->createElement('lastmod', $lastmod);
$url->appendChild($lastmodElem);
$changefreqElem = $xml->createElement('changefreq', $changefreq);
$url->appendChild($changefreqElem);
$priorityElem = $xml->createElement('priority', $priority);
$url->appendChild($priorityElem);
return $url;
}

9
system/firewall.php
View File

@@ -21,7 +21,7 @@ foreach($_POST as $key =>$value){
}
}
//拦截SQL注入
if($global_config['SQL_WAF'] == 1 ){
if(!isset($code) && $global_config['SQL_WAF'] == 1 ){
if(preg_match("/\s+(or|xor|and)\s+(=|<|>|'|".'")/i',$value)){
$code = 2101;
}elseif(preg_match("/select.+(from|limit)/i",$value)){
@@ -43,5 +43,10 @@ foreach($_POST as $key =>$value){
}
}
if(!empty($code)){msgA(['code'=>$code,'msg'=>$code.':已拦截不合法参数!','key'=>$key,'Value'=>$value,'method'=>$method ]);}
if(!empty($code)){
$tips = $code <= 2100 ?
'<br />如果您是站长,请前往系统设置关闭防XSS脚本<br />如果您是用户,请联系站长处理':
'<br />如果您是站长,请前往系统设置关闭防SQL注入<br />如果您是用户,请联系站长处理';
msgA(['code'=>$code,'msg'=>$code.':已拦截不合法参数!'.$tips,'key'=>$key,'Value'=>$value,'method'=>$method ]);
}
}

250
system/icon.php
View File

@@ -1,254 +1,6 @@
<?php
//读取配置
$config = unserialize( get_db("global_config", "v", ["k" => "icon_config"])) ?? [];
$config['analysis_timeout'] = (intval($config['analysis_timeout']) >= 3 && intval($config['analysis_timeout']) <= 20) ? intval($config['analysis_timeout']) : 6; //解析超时
$config['download_timeout'] = (intval($config['download_timeout']) >= 3 && intval($config['download_timeout']) <= 20) ? intval($config['download_timeout']) : 6; //下载超时
$config['icon_size'] = (intval($config['icon_size']) >= 5 && intval($config['icon_size']) <= 1024) ? intval($config['icon_size']) : 256; //大小限制
$favicon_url = '';
//防盗链
if($config['referer_test'] == 1){
if(empty($_SERVER['HTTP_REFERER']) || !strstr($_SERVER['HTTP_REFERER'],$_SERVER['HTTP_HOST'])){
header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit('404 Not Found');
}
}
//获取URL
$url = base64_decode($_GET['url']);
$url_md5 = md5($url);
//维护模式/离线模式/关闭服务 > 输出固定图标
if($global_config['Maintenance'] != 0 || $global_config['offline'] == '1' || $config['o_switch'] == '0' || !is_subscribe('bool')){
echo_link_type_icon();
}
//如果不是http(s)则根据类型输出固定图标
if(!preg_match("/^(http:\/\/|https:\/\/)/",$url)){
echo_link_type_icon();
}else{
$uri_part = parse_url($url);
$url_root = $uri_part['scheme'] . '://' . $uri_part['host'] . (isset($uri_part['port']) ? ':' . $uri_part['port'] : '');
}
//检查目录 > 不存在则自动创建 > 创建失败显示错误图标
if(!Check_Path(DIR.'/data/icon')){
echo_icon(DIR . '/templates/admin/img/error.svg',$config);
}
//读取缓存 > 存在且可用则输出
$cache_data = get_db('global_icon','*',['url_md5'=>$url_md5]);
if(!empty($cache_data) && $cache_data['update_time'] > time() - intval($config['server_cache_time']) && is_file(DIR . '/data/icon/' . $cache_data['file_name'])){
echo_icon(DIR . '/data/icon/' . $cache_data['file_name'],$config,$cache_data);
}
//缓存不可用
//获取URL的html内容
$html = get_html($url,$config['analysis_timeout']);
//获取html失败
if(empty($html)){
backup_api($url,$config); //调用备选接口
}
//html获取成功>尝试解析
try {
$doc = new DOMDocument();
@$doc->loadHTML($html);
$links = $doc->getElementsByTagName('link');
//后续可以考虑将所有声明的图标加入数组,然后按特定规则排序,实现多图标时获取较大尺寸的图标
foreach ($links as $link) {
if (in_array($link->getAttribute('rel'),['shortcut icon','icon','alternate icon','apple-touch-icon'])) {
$favicon_url = $link->getAttribute('href');
break;
}
}
}catch (Exception $e) {
//解析异常,不做处理!下面继续尝试其他方法获取!
}
//解析失败(可能是未设置图标)
if(empty($favicon_url)){
//尝试获取根目录的favicon.ico
$res = down_ico($url_root.'/favicon.ico','./data/icon/',$url,$config['download_timeout']);
if($res){
echo_icon(DIR . '/data/icon/'.$url_md5.".ico",$config);
}
//调用备选接口
backup_api($url,$config);
}
//解析到图标
$favicon_url = url_patch($favicon_url,$url);
//if 如果图标类型是base64或者svg则不需要下载
//匹配图标类型>下载>输出
$suffix = strtolower(end(explode('.',$favicon_url)));
$suffix = strtolower(reset(explode('?',$suffix)));
$suffix = preg_match('/^(jpg|jpeg|png|ico|bmp|svg|webp)$/i',$suffix) ? $suffix : 'ico';
//下载图标 > 成功则输出
$res = down_ico($favicon_url,'./data/icon/',$url,$config['download_timeout']);
if($res){
echo_icon(DIR . '/data/icon/'.$url_md5.".$suffix",$config);
}else{
echo_link_type_icon();
}
//使用备用接口
function backup_api($url,$config){
global $uri_part,$url_root;
//未设置时直接输出ie图标
$backup_api = intval($config['backup_api']);
if($backup_api == 0){
echo_icon(DIR . '/templates/admin/img/ie.svg',$config);
}elseif($backup_api == 6){
$res = down_ico('https://api.iowen.cn/favicon/'.parse_url($url)['host'].'.png','./data/icon/','',$config['download_timeout']);
if($res){
echo_icon(DIR . '/data/icon/'.$GLOBALS['url_md5'].".png",$config);
}
}elseif($backup_api == 2){
$res = down_ico('https://favicon.png.pub/v1/'.base64_encode($url_root),'./data/icon/','',$config['download_timeout']);
if($res){
echo_icon(DIR . '/data/icon/'.$GLOBALS['url_md5'].".png",$config);
}
}
//如果都失败,则输出默认图标
echo_icon(DIR . '/templates/admin/img/ie.svg',$config);
}
//检测URL自动补全
function url_patch($favicon_url,$url){
global $uri_part,$url_root;
//包含协议表示URL完整,直接返回
if(strpos($favicon_url, '://')){
return $favicon_url;
}
//忽略协议的绝对路径
if(strpos($favicon_url, '//') === 0 ) {
return $uri_part['scheme'] . ':' . $favicon_url;
}
//位于根目录
if(strpos($favicon_url, '/') === 0 ){
return $url_root.$favicon_url;
}
//当前目录
if(strpos($favicon_url, './') === 0){
return $url_root . $uri_part['path'] . substr($favicon_url, 2);
}
//向上N级目录
if(strpos($favicon_url, '../') === 0){
$N = substr_count($favicon_url,'../');
$url_temp = $uri_part['path'];
for ($i = 0; $i < $N; $i++) {
$url_temp = dirname($url_temp);
$favicon_url = preg_replace('/^\.\.\//', '', $favicon_url);
}
return $url_root . $url_temp . $favicon_url;
}
//base64
//SVG
//默认路径
return $url_root . $uri_part['path'] . $favicon_url;
}
//获取html
function get_html($url,$TIMEOUT = 5){
try {
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $url);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($c, CURLOPT_FAILONERROR, 1);
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($c, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($c, CURLOPT_TIMEOUT, $TIMEOUT);
curl_setopt($c, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36');
$data = curl_exec($c);
//如果是gzip则解压
$prefix = dechex(ord($data[0])) . dechex(ord($data[1]));
if(strtolower($prefix) == '1f8b'){
$data = gzdecode($data);
}
curl_close($c);
return $data;
}catch (Exception $e) {
return false;
}
}
function down_ico($ico_url, $savePath = './data/temp/',$referer = '',$TIMEOUT = 60){
$suffix = strtolower(end(explode('.',$ico_url)));
$suffix = strtolower(reset(explode('?',$suffix))); //截取?前面的
if(!preg_match('/^(jpg|jpeg|png|ico|bmp|svg|webp)$/i',$suffix)){
$suffix = 'ico'; //没匹配到后缀名则默认为ico
}
$file = "{$GLOBALS['url_md5']}.{$suffix}";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $ico_url);
curl_setopt($c, CURLOPT_TIMEOUT, $TIMEOUT);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($c, CURLOPT_HEADER, FALSE);
curl_setopt($c, CURLOPT_NOBODY, FALSE);
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($c, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($c, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36');
if(!empty($referer)){
curl_setopt($c, CURLOPT_REFERER, $referer);
}
try{
$res = curl_exec($c);
}finally{
$code = curl_getinfo($c, CURLINFO_HTTP_CODE);
curl_close($c);
}
if ($code == '200') { //状态码正常
//十六进制取文件头
$prefix = strtolower( dechex(ord($res[0])) . dechex(ord($res[1])) );
//根据头判断类型
if($prefix == '1f8b'){ //gzip解码
$res = gzdecode($res);
}elseif( $prefix != '3c73' && strpos($prefix, '3c') === 0){ // <开头视为文本 <?开头是svg除外
return false;
}
//3c73>svg 3c21>html 1f8b>gzip
//文件大小限制
if((strlen($res) / 1024)> $GLOBALS['config']['icon_size']){
return false;
}
$fullName = rtrim($savePath, '/') . '/' . $file;
$type = ['jpg'=>'jpeg','jpeg'=>'jpeg','svg'=>'svg+xml','ico'=>'x-icon']; //类型表
$mime = $type[$suffix] ?? 'x-icon';
//黑名单(后期考虑使用在线名单缓存到本地,以便以更好的维护)
$_md5 = md5($res);
if($_md5 == 'c531ffbdad1ba93bd84f2398052958dc') return false; //阿里云
if($_md5 == '05231fb6b69aff47c3f35efe09c11ba0') return false; //一为默认
if($_md5 == '3ca64f83fdcf25135d87e08af65e68c9') return false; //小z默认
$data = ['update_time'=>time(),'file_name'=>$file,'file_mime'=>$mime,'ico_url'=>$ico_url,'extend'=>''];
if(!has_db('global_icon',['url_md5'=>$GLOBALS['url_md5']])){
$data['url_md5'] = $GLOBALS['url_md5'];
$data['url'] = $GLOBALS['url'];
$data['add_time'] = time();
insert_db('global_icon',$data);
}else{
update_db('global_icon',$data,['url_md5'=>$GLOBALS['url_md5']]);
}
return file_put_contents($fullName, $res);
}else{
return false;
}
}
echo_link_type_icon();
function echo_icon($path,$config,$db = false){
//文件不存在时输出固定图标(理论上执行到这里不会出现文件不存在)

43
system/index.php
View File

@@ -154,7 +154,8 @@ function get_links($fid) {
$max_link = true;
}
$links = select_db('user_links',['lid(id)','fid','property','title','url(real_url)','url_standby','description','icon','click','pid','extend'],$where);
foreach ($links as $key => $link) {
$UUID = ($GLOBALS['global_config']['static_link'] == 2 ? UID : U);
foreach ($links as &$link) {
$click = false; $lock = false;
//直连模式,但存在备用链接
@@ -174,20 +175,20 @@ function get_links($fid) {
}
if($click || $site['link_model'] != 'direct'){
$links[$key]['url'] = "./index.php?c=click&id={$link['id']}&u=".U;
$link['url'] = static_link ? "{$GLOBALS['HOST']}/click-{$UUID}-{$link['id']}.html" : "./index.php?c=click&id={$link['id']}&u={$u}";
if($lock){
$links[$key]['real_url'] = $links[$key]['url']; //篡改真实URL,防止泄密
$link['real_url'] = $link['url']; //篡改真实URL,防止泄密
if(isset($share['sid'])){
$links[$key]['url'] .='&share='.$share['sid'];
$link['url'] .='&share='.$share['sid'];
}
}
}else{
$links[$key]['url'] = $link['real_url'];
$link['url'] = $link['real_url'];
}
//获取图标链接
$links[$key]['ico'] = $lock ? $GLOBALS['libs'].'/Other/lock.svg' : geticourl($site['link_icon'],$link);
$links[$key]['type'] = 'link';
$link['ico'] = $lock ? $GLOBALS['libs'].'/Other/lock.svg' : geticourl($site['link_icon'],$link);
$link['type'] = 'link';
}
//处理扩展信息
if($GLOBALS['global_config']['link_extend'] == 1 && check_purview('link_extend',1) && in_array($GLOBALS['theme_info']['support']['link_extend'],["true","1"])){
@@ -198,32 +199,9 @@ function get_links($fid) {
}
}
//生成文章链接, 条件:非隐藏,且主题未声明不显示文章
if( intval($site['article_visual'] ?? '1') > 0 && $GLOBALS['theme_info']['support']['article'] != 'notdisplay'){
$articles = get_article_list($fid);
foreach ($articles['data'] as $article) {
$url = "./index.php?c=article&id={$article['id']}&u={$u}";
if($site['article_icon'] == '1'){ //站点图标
$icon = $GLOBALS['favicon'];
}elseif($site['article_icon'] == '2' && !empty($article['cover'])){ //封面
$icon = $article['cover'];
}else{ //首字
$icon = './system/ico.php?text='.mb_strtoupper(mb_substr($article['title'], 0, 1));
}
$article_link = ['type'=>'article','id'=>0,'title'=>htmlspecialchars($article['title'],ENT_QUOTES),'url'=>$url,'real_url'=>$url,'description'=> htmlspecialchars($article['summary'],ENT_QUOTES),'ico'=>$icon,'icon'=>$icon];
//判断靠前还是靠后
if($site['article_visual'] == '1'){
array_unshift($links,$article_link);
}else{
array_push($links,$article_link);
}
}
}
if($max_link && $count > $site['max_link']){
$oc_url = "./index.php?u={$u}&oc={$fid}" . (empty($_GET['theme']) ? '':"&theme={$_GET['theme']}");
$oc_url = static_link ? "{$GLOBALS['HOST']}/category-{$UUID}-{$fid}.html" : "./index.php?u={$u}&oc={$fid}";
array_push($links,['id'=>0,'title'=>'查看全部','url'=>$oc_url,'real_url'=>$oc_url,'description'=>'该分类共有'.$count.'条数据','ico'=>'./favicon.ico']);
}
@@ -275,5 +253,6 @@ if(empty($_GET['share']) && !$site['ex_theme']){
write_user_count(date('Ym'),'index_Ym');
write_user_count(date('Ymd'),'index_Ymd');
count_ip();
//载入模板
require($index_path);

156
system/install.php
View File

@@ -4,24 +4,27 @@ if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Fou
//初始化
session_name('TwoNav_initial');
session_start();
$layui['js'] = './static/Layui/v2.8.10/layui.js';
$layui['css'] = './static/Layui/v2.8.10/css/layui.css';
$layui_dir = "./static/Layui";
foreach(scandir($layui_dir) as $value) {
if(is_dir($layui_dir . '/' . $value) && preg_match('/^v\d+\.\d+\.\d+$/', $value) && is_file("{$layui_dir}/$value/layui.js")) {
$layui['js'] = "./static/Layui/{$value}/layui.js";
$layui['css'] = "./static/Layui/{$value}/css/layui.css";
}
}
//判断请求类型
if($_SERVER['REQUEST_METHOD'] === 'POST'){
if(empty($_SESSION['initial'])){ msg(-1,'当前环境无法满足程序运行条件!'); }
define('Debug',TRUE);
$db = null;
$USER_DB =null;
$USER_DB = null;
require DIR.'/system/public.php';
install();
}else{
clearstatcache();//清除缓存
check_env();
$libs = './static'; //使用本地静态库
}
// 环境检查
function check_env() {
if(!empty($_GET['diagnosis'])){
@@ -33,8 +36,8 @@ function check_env() {
$ext = get_loaded_extensions(); //获取组件信息
$php_version = floatval(PHP_VERSION); //获取PHP版本
if( ( $php_version < 7.3 ) || ( $php_version > 8.2 ) ) {
exit("当前PHP版本{$php_version}不满足要求,支持范围7.3 - 8.2");
if($php_version < 7.3 ) {
exit("当前PHP版本{$php_version}不满足要求,要求不低于7.3");
}
//检查是否支持pdo_sqlite
@@ -57,10 +60,10 @@ function diagnosis() {
//检查PHP版本需要大于5.6小于8.0
$php_version = floatval(PHP_VERSION);
$log .= "PHP版本{$php_version}<br />";
$log .= "PHP版本{$php_version} <a href='./?phpinfo=1' style='text-decoration: none;'> 显示phpinfo</a> <br />";
$log .= "Web版本{$_SERVER['SERVER_SOFTWARE']}<br />";
if( ( $php_version < 7.3 ) || ( $php_version > 8.1 ) ) {
$log .= "PHP版本不满足要求,需要7.3 <= PHP <= 8.1 )<br />";
if( $php_version < 7.3) {
$log .= "PHP版本不满足要求,要求不低于7.3<br />";
}
//获取加载的模块
$ext = get_loaded_extensions();
@@ -85,6 +88,7 @@ function diagnosis() {
$log .= in_array("Phar",$ext) ? "Phar支持<br />" : "Phar不支持 (在线更新/主题下载)<br />";
$log .= in_array("hash",$ext) ? "hash支持<br />" : "hash不支持 (书签分享/生成注册码)<br />";
$log .= in_array("session",$ext) ? "session支持<br />" : "session不支持 (影响较大)<br />";
$log .= in_array("intl",$ext) ? "" : "intl不支持 (使用中文域名时可能会导致异常)\n";
$log .= "可用模块:".implode("&#12288;",$ext)."<br />";
exit($log);
}
@@ -148,15 +152,15 @@ $db_config = array(
}
// mysql
if($_POST['db_type'] === 'mysql'){
if($_POST['db_type'] === 'mysql' || $_POST['db_type'] === 'mariadb'){
if( !isset($_POST['db_host']) || !isset($_POST['db_port']) || !isset($_POST['db_name']) || !isset($_POST['db_user']) || !isset($_POST['db_password']) ){
msg(-1,'MySQL配置错误,请检查..');
msg(-1,'数据库配置错误,请检查..');
}
require (DIR.'/system/Medoo.php'); //载入框架
try {
$db = new Medoo\Medoo([
'type' => 'mysql',
'type' => $_POST['db_type'],
'host' => $_POST['db_host'],
'port' => $_POST['db_port'],
'database' => $_POST['db_name'],
@@ -164,10 +168,17 @@ $db_config = array(
'password' => $_POST['db_password'],
'charset' => 'utf8mb4'
]);
//判断版本,目前基于5.6.50开发,其他版本兼容性未知,若您需要强制安装请屏蔽检测
if(version_compare($db->info ()['version'],'5.6.0','<')) msg(-1,'MySQL数据库版本不能低于5.6,当前版本:'.$db->info ()['version']);
//链接成功..
$ver = $db->info ()['version'];
if($_POST['db_type'] === 'mysql'){
if(version_compare($ver,'5.6.0','<')){
msg(-1,'MySQL数据库版本不能低于5.6,当前版本:'.$ver);
}
}else{
preg_match('/(\d+\.\d+\.\d+)-MariaDB/', $ver, $matches);
if(version_compare($matches[1],'10.1.0','<')){
msg(-1,'MariaDB数据库版本不能低于10.1,当前版本:'.$ver);
}
}
}catch (Exception $e) {
$E = $e->getMessage();
if(strstr($E,'[1044]') || strstr($E,'[1049]')){
@@ -195,7 +206,7 @@ $db_config = array(
$config = '<?php
//数据库配置
$db_config = array(
"type" => "mysql", //类型
"type" => "'.$_POST['db_type'].'", //类型
"host" => "'.$_POST['db_host'].'", //地址
"port" => '.$_POST['db_port'].', //端口
"name" => "'.$_POST['db_name'].'", //库名
@@ -259,7 +270,7 @@ function Write_Config(){
$s_site['title'] = '我的书签'; //站点标题
$s_site['subtitle'] = 'TwoNav'; //副标题
$s_site['logo'] = '我的书签'; //站点logo
$s_site['keywords'] = 'TwoNav,开源导航,开源书签,简洁导航,云链接,个人导航,个人书签,扩展,多用户,落幕'; //关键字
$s_site['keywords'] = 'TwoNav,开源导航,开源书签,简洁导航,网址导航,云链接,个人导航,个人书签'; //关键字
$s_site['description'] = 'TwoNav 是一款使用PHP + SQLite3/MySQL 开发的简约导航/书签管理器。'; //描述
$s_site['link_model'] = '302'; //链接模式
$s_site['link_icon'] = '0'; //链接图标
@@ -283,19 +294,40 @@ function Write_Config(){
insert_db("global_config", ["k" => "s_templates","v" => $templates,"d" => '默认模板']);
//写站点配置
$o_config['Login'] = 'login'; //登录入口
$o_config['Register'] = 'register'; //注册入口
$o_config['RegOption'] = '0'; //注册配置
$o_config['Libs'] = './static'; //静态库路径
$o_config['Default_User'] = $_POST['User']; //默认用户
$o_config['XSS_WAF'] = '0'; //防XSS脚本
$o_config['SQL_WAF'] = '0'; //防SQL注入
$o_config['offline'] = '0'; //离线模式
$o_config['Debug'] = '0'; //调试模式
$o_config['Maintenance'] = '0'; //维护模式
$o_config['Sub_domain'] = '0'; //二级域名
$o_config['copyright'] = ''; //版权信息
$o_config['c_code'] = '0'; //禁用默认用户使用自定义代码
$o_config['Default_User'] = $_POST['User'];
$o_config['default_page'] = 0;
$o_config['default_UserGroup'] = '';
$o_config['RegOption'] = 0;
$o_config['Register'] = 'register';
$o_config['Login'] = 'login';
$o_config['Libs'] = './static';
$o_config['ICP'] = '';
$o_config['XSS_WAF'] = 0;
$o_config['SQL_WAF'] = 0;
$o_config['offline'] = 0;
$o_config['Update_Source'] = 0;
$o_config['Update_Overtime'] = 3;
$o_config['Debug'] = 0;
$o_config['Maintenance'] = 0;
$o_config['static_link'] = 0;
$o_config['Privacy'] = 0;
$o_config['Sub_domain'] = 0;
$o_config['copyright'] = '';
$o_config['global_header'] = '';
$o_config['global_footer'] = '';
$o_config['api_extend'] = 0;
$o_config['apply'] = 1;
$o_config['guestbook'] = 1;
$o_config['link_extend'] = 0;
$o_config['article'] = 1;
$o_config['c_name'] = 0;
$o_config['c_desc'] = 0;
$o_config['l_name'] = 0;
$o_config['l_url'] = 0;
$o_config['l_key'] = 0;
$o_config['l_desc'] = 0;
$o_config['c_code'] = 0;
insert_db("global_config", ["k" => "o_config","v" => $o_config,"d" => '网站配置']);
@@ -356,6 +388,9 @@ function Write_Config(){
<div class="login-logo"><h1>TwoNav 安装引导</h1></div>
<div class="layui-col-lg6 layui-col-md-offset3" style ="margin-top:4em;">
<form class="layui-form layui-form-pane" action="">
<div class="layui-form-mid layui-word-aux" style="width: 99%;">
<span>禁止用于违法用途、使用者造成的一切法律后果由使用者自行承担、安装视为同意。</span>
</div>
<div class="layui-form-item">
<label class="layui-form-label">管理员账号</i></label>
<div class="layui-input-block">
@@ -379,8 +414,9 @@ function Write_Config(){
<label class="layui-form-label">数据库类型</label>
<div class="layui-input-block">
<select id="db_type" name="db_type" lay-filter="db_type" >
<option value="sqlite" selected="">SQLite ( 个人和工作室推荐 )</option>
<option value="mysql" >MySQL ( 大量用户推荐 )</option>
<option value="sqlite" selected="">SQLite</option>
<option value="mysql" >MySQL ≥ 5.6.0 </option>
<option value="mariadb" >MariaDB ≥ 10.1 </option>
</select>
</div>
</div>
@@ -394,49 +430,51 @@ function Write_Config(){
</div>
<!--SQLite配置-->
<!--MySQL配置-->
<!--MySQL/MariaDB 配置-->
<div id='db_mysql' style = "display:none;">
<div class="layui-form-item">
<label class="layui-form-label">MySQL地址</label>
<label class="layui-form-label">地址</label>
<div class="layui-input-block">
<input type="text" name="db_host" value="localhost" placeholder="请输入服务器地址" autocomplete="off" class="layui-input">
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">MySQL端口</label>
<label class="layui-form-label">端口</label>
<div class="layui-input-block">
<input type="number" name="db_port" value="3306" placeholder="请输入服务器端口" autocomplete="off" class="layui-input">
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">MySQL库名</label>
<label class="layui-form-label">库名</label>
<div class="layui-input-block">
<input type="text" name="db_name" placeholder="请输入数据库库名" autocomplete="off" class="layui-input">
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">MySQL账号</label>
<label class="layui-form-label">账号</label>
<div class="layui-input-block">
<input type="text" name="db_user" placeholder="请输入数据库账号" autocomplete="off" class="layui-input">
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">MySQL密码</label>
<label class="layui-form-label">密码</label>
<div class="layui-input-block">
<input type="text" name="db_password" placeholder="请输入数据库密码" autocomplete="off" class="layui-input">
</div>
</div>
</div>
<!--MySQL配置 End-->
<div class="layui-form-mid layui-word-aux">安装方式:全新安装 &ensp;&ensp;&ensp;&ensp;&ensp;</div>
<div class="layui-form-mid layui-word-aux">推荐配置Nginx-1.20 +&ensp;PHP-8.1 </div>
<button class="layui-btn" lay-submit lay-filter="register" style = "width:100%;">开始安装</button>
<!--MySQL/MariaDB 配置 End-->
<div class="layui-form-mid layui-word-aux" style="width: 99%;">
<span>推荐环境Nginx &&ensp;PHP8+ </span>
<a href="./?diagnosis=1" style="float: right;color: #fff;" target="_blank">info</a>
</div>
<button class="layui-btn" lay-submit lay-filter="install" style = "width:100%;">开始安装</button>
</form>
</div>
</div>
</div>
<script src = '<?php echo $libs?>/jquery/jquery-3.6.0.min.js'></script>
<script src = './static/jquery/jquery-3.6.0.min.js'></script>
<script src = '<?php echo $layui['js']; ?>'></script>
<script>
@@ -448,7 +486,7 @@ set_db_type(db_type);
layui.use(['form'], function(){
var form = layui.form;
var install = 0;
//伪静态检测
var request = new XMLHttpRequest();
request.open('GET', './static/Other/login.css?t=' + new Date().getTime(), true);
@@ -469,7 +507,7 @@ layui.use(['form'], function(){
//开始安装
form.on('submit(register)', function(data){
form.on('submit(install)', function(data){
var d = data.field;
if(!/^[A-Za-z0-9]{3,13}$/.test(d.User)){
layer.msg('账号只能是3到13位的数字和字母!', {icon: 5});
@@ -482,24 +520,44 @@ layui.use(['form'], function(){
return false;
}else if(d.db_type == 'mysql'){
if(d.db_host.length == 0 || d.db_port.length == 0 || d.db_name.length == 0 || d.db_user.length == 0 || d.db_password.length == 0){
layer.msg('MySQL配置有误,请检查.', {icon: 5});
layer.msg('数据库配置有误,请检查.', {icon: 5});
return false;
}
}
//防止重复安装
if(install > 0){
return false;
}
//安装标记和动态效果
install = 1;
layer.load(1, {shade:[0.5,'#fff']});
layer.msg('正在安装中..', {icon: 16,time: 1000*300});
setTimeout(function() {
if(install == 1){
layer.msg('如果页面长时间无响应,请检查您的运行环境和网络,然后尝试刷新页面再次操作...', {icon: 16,time: 1000*300});
}
}, 6000);
$.post('./index.php?c=install',d,function(Re,status){
if(Re.code == 1){
install = 2;
layer.closeLast('loading');
open_msg(d.User,d.Password);
}else if(Re.code == -2){ //强制安装
layer.confirm(Re.msg,{icon: 3, title:'确定继续 ?'}, function(index){
$.post('./index.php?c=install&f=yes',d,function(Re,status){
layer.closeLast('loading');
if(Re.code == 1){
install = 2;
open_msg(d.User,d.Password);
}else{
install = 0;
layer.msg(Re.msg, {icon: 5,time: 60*1000});
}
});
});
}else{
install = 0;
layer.closeLast('loading');
layer.msg(Re.msg, {icon: 5,time: 60*1000});
}
});
@@ -517,7 +575,7 @@ layui.use(['form'], function(){
//数据库类型切换
function set_db_type(v){
document.cookie="db_type="+v;
if(v == 'mysql'){
if(v == 'mysql' || v == 'mariadb'){
$("#db_mysql").show();
$("#db_sqlite").hide();
}else if(v == 'sqlite'){

2
system/login.php
View File

@@ -2,6 +2,8 @@
//如果是Get请求则载入登录模板
if($_SERVER['REQUEST_METHOD'] === 'GET'){
session_start();
$_SESSION['login'] = $c;
require DIR."/system/templates.php";
require $index_path;
exit;

173
system/public.php
View File

@@ -291,8 +291,9 @@ function Set_key($USER_DB){
$LoginConfig = unserialize($USER_DB['LoginConfig']);
$session = $LoginConfig['Session']; //保持时间(单位天)
$Expire = Get_ExpireTime($session); //计算到期时间戳
$real_Expire = ($Expire == 0) ? time() + 86400 : $Expire;
$time = time(); //取当前时间
$key = Getkey($USER_DB['User'],Get_MD5_Password($USER_DB["Password"],$USER_DB["RegTime"]),$Expire,$LoginConfig['KeySecurity'],$time);
$key = Getkey($USER_DB['User'],Get_MD5_Password($USER_DB["Password"],$USER_DB["RegTime"]),$real_Expire,$LoginConfig['KeySecurity'],$time);
setcookie($USER_DB['User'].'_key', $key, $session == 0 ? 0 : $Expire,"/",'',false,$LoginConfig['HttpOnly']==1);
insert_db("user_login_info", [
"uid" => $USER_DB['ID'],
@@ -301,8 +302,8 @@ function Set_key($USER_DB){
"ua"=>$_SERVER['HTTP_USER_AGENT'],
"login_time"=>$time,
"last_time"=>$time,
"expire_time"=>$Expire,
"cookie_key"=>md5($key)]); //不记录用户真实key,同时防止Cookie攻击
"expire_time"=>$real_Expire,
"cookie_key"=>md5($key)]);
return $key;
}
@@ -503,20 +504,26 @@ function Get_IP() {
$ip = getenv('HTTP_CLIENT_IP');
}elseif(getenv('HTTP_X_FORWARDED_FOR')) {
$ip = getenv('HTTP_X_FORWARDED_FOR');
} elseif (getenv('HTTP_X_FORWARDED')) {
}elseif (getenv('HTTP_X_FORWARDED')) {
$ip = getenv('HTTP_X_FORWARDED');
} elseif (getenv('HTTP_FORWARDED_FOR')) {
}elseif (getenv('HTTP_FORWARDED_FOR')) {
$ip = getenv('HTTP_FORWARDED_FOR');
} elseif (getenv('HTTP_FORWARDED')) {
}elseif (getenv('HTTP_FORWARDED')) {
$ip = getenv('HTTP_FORWARDED');
}else{
$ip = $_SERVER['REMOTE_ADDR'];
}
}
if(strpos($ip, ',') != false) {
$ip = reset(explode(",", $ip));
}
return $ip;
}
//获取URL状态码
function get_http_code($url,$TIMEOUT = 10 ,$NOBODY = true) {
if(!preg_match("/^(http:\/\/|https:\/\/).*/",$url)){
return false;
}
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_HEADER, 1);
@@ -530,7 +537,10 @@ function get_http_code($url,$TIMEOUT = 10 ,$NOBODY = true) {
return $return;
}
function ccurl($url,$overtime = 3,$Referer = false){
function ccurl($url,$overtime = 3,$Referer = false,$post_data = false){
if(!preg_match("/^(http:\/\/|https:\/\/).*/",$url)){
return false;
}
try {
$curl = curl_init ( $url ) ; //初始化
curl_setopt($curl, CURLOPT_TIMEOUT, $overtime ); //超时
@@ -539,6 +549,11 @@ function ccurl($url,$overtime = 3,$Referer = false){
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
if(!empty($post_data)){
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $post_data);
}
if($Referer === true){
curl_setopt($curl, CURLOPT_REFERER, $_SERVER['HTTP_REFERER']);
}elseif(!empty($Referer)){
@@ -555,7 +570,10 @@ function ccurl($url,$overtime = 3,$Referer = false){
return $Res;
}
function downFile($url, $file = '', $savePath = './data/temp/',$referer = '',$TIMEOUT = 60){
function downFile($url, $file = '', $savePath = './data/temp/',$referer = '',$TIMEOUT = 60,$post_data = false){
if(!preg_match("/^(http:\/\/|https:\/\/).*/",$url)){
return false;
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_TIMEOUT, $TIMEOUT); //超时/秒
@@ -565,6 +583,10 @@ function downFile($url, $file = '', $savePath = './data/temp/',$referer = '',$TI
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); //允许重定向(适应网盘下载)
if(!empty($post_data)){
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
}
if(!empty($referer)){
curl_setopt($ch, CURLOPT_REFERER, $referer);
}
@@ -574,14 +596,14 @@ function downFile($url, $file = '', $savePath = './data/temp/',$referer = '',$TI
$code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
}
if ($code == '200') { //状态码正常
if(empty($file)){ //如果文件名为空
$file = date('Ymd_His').'.tmp';
}
$fullName = rtrim($savePath, '/') . '/' . $file;
return file_put_contents($fullName, $res);
return file_put_contents($fullName, $res) > 0;
}elseif($code == '202'){
return $res;
}else{
return false;
}
@@ -647,6 +669,9 @@ function is_Duplicated($array, $field){
//检查权限(有权限返回true 没有权限时根传递参数1是返回false 2是直接返回错误信息)
function check_purview($name,$return_type){
global $USER_DB;
if($USER_DB == null){
return true;
}
//230705新增,禁止判断默认用户是否可以使用自定义代码
if($USER_DB['UserGroup'] == 'default' && $GLOBALS['global_config']['c_code'] != '1' && ( $name == 'header' || $name == 'footer' )){
return false;
@@ -666,6 +691,26 @@ function check_purview($name,$return_type){
}
}
//数据加密函
function data_encryption($method,$extend = []){
$subscribe = unserialize(get_db('global_config','v',["k" => "s_subscribe"]));
if(!isset($subscribe['public']) || empty($subscribe['public'])){
msg(-1,'未检测到授权秘钥,如果已经获取授权,请在授权管理页面点击保存设置后在重试!');
}
$data['key'] = $subscribe['order_id'];
$data['host'] = $_SERVER['HTTP_HOST'];
$data['sysver'] = SysVer;
$data['time'] = time();
$data['ip'] = Get_IP();
$data['method'] = $method;
$publicKey = openssl_pkey_get_public($subscribe['public']);
openssl_public_encrypt(json_encode($data), $encryptedData, $publicKey, OPENSSL_PKCS1_PADDING);
$data = $extend;
$data['data'] = base64_encode($encryptedData);
$data['md5'] = md5($subscribe['order_id']);
$data['email'] = md5($subscribe['email']);
return json_encode($data);
}
//字节格式化
function byteFormat($bytes) {
$sizetext = array(" B", " KB", " MB", " GB", " TB", " PB", " EB", " ZB", " YB");
@@ -694,67 +739,57 @@ function Get_Rand_Str( $length = 8 ,$extend = false){
}
//发送邮件
function send_email($config){
if(!is_file(DIR.'/system/PHPMailer/PHPMailer.php')){
msg(-1,'未安装PHPMailer!');
}
require DIR.'/system/PHPMailer/Exception.php';
require DIR.'/system/PHPMailer/PHPMailer.php';
require DIR.'/system/PHPMailer/SMTP.php';
$mail = new PHPMailer\PHPMailer\PHPMailer(true);
try {
$mail->CharSet ="UTF-8";
$mail->SMTPDebug = 0;
$mail->isSMTP();
$mail->Host = $config['host'];
$mail->SMTPAuth = true;
$mail->Username = $config['user'];
$mail->Password = $config['pwd'];
$mail->SMTPSecure = $config['secure'];
$mail->Port = intval($config['port']);
if(preg_match('/(.+)<(.+@.+)>$/', $config['sender'], $match)){
$mail->setFrom($match[2],$match[1]);
}else{
$mail->setFrom($config['user'],empty($config['sender'])?'TwoNav':$config['sender']);
}
$mail->addAddress($config['addressee']); //收件人
$mail->isHTML(true);
$mail->Subject = $config['Subject'];
$mail->Body = $config['Body'];
$mail->send();
if(!empty($config['return']) && $config['return'] == 'bool'){
return true;
}
msg(1,'邮件发送成功');
} catch (Exception $e) {
if(!empty($config['return']) && $config['return'] == 'bool'){
return false;
}
if(Debug){
msgA(['code'=>-1,'msg'=>'发送失败:'.$mail->ErrorInfo]);
}else{
msg(-1,'发送失败');
}
}
msg(0,'免费版不支持此功能');
}
//统计访问ip数
function count_ip(){
$ip = Get_IP(); //取访客IP
$k = date('Ymd'); $t = 'ip_list';
$ip_list = get_db('user_count','e',['uid'=>UID,'k'=>$k,'t'=>$t]); //取列表
$ip_list = empty($ip_list) ? [] : unserialize($ip_list); //反序列化
//判断IP是否存在列表中
if(!in_array($ip, $ip_list)){
$ip_list[] = $ip; //加入列表
if(!has_db('user_count',['uid'=>UID,'t'=>$t,'k'=>$k])){
insert_db("user_count", ['uid'=>UID,"k"=>$k,"e"=>$ip_list,'t'=>$t]);
}else{
update_db("user_count", ["e"=>$ip_list],['uid'=>UID,'t'=>$t,'k'=>$k]);
}
$ip = Get_IP(); $k = date('Ymd'); $t = 'access_ip';
if(!has_db('user_count',['uid'=>UID,'k'=>$k,'t'=>$t,'e'=>$ip])){
insert_db("user_count",['uid'=>UID,'k'=>$k,'t'=>$t,'e'=>$ip,'v'=>0]);
write_user_count($k,'ip_count');//访问ip数+1
}
}
//清理缓存
function clean_cache(){
write_global_config('notice','','官方公告(缓存)');
foreach(['home','login','transit','register','guide','article','apply','verify','guestbook'] as $v){
write_global_config($v.'_cache','',$v.'_模板缓存');
}
}
//取系统版本(日期)
function get_SysVer(){
if(preg_match('/^v.+-(\d{8})$/i',SysVer,$matches)){
return $matches[1];
}else{
return 19990101;
}
}
function get_HOST(){
return (((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')) ? 'https://' :'http://').$_SERVER['HTTP_HOST'];
}
function get_UUID(){
return ($GLOBALS['global_config']['static_link'] == 2 ? UID : U);
}
function get_surl($input,$id=''){
return get_HOST().'/'.strtr($input, ['{UUID}'=>get_UUID(),'{id}'=>$id]);
}
function get_OEM(){
$OEM['program_name'] = "TwoNav";
return $OEM;
}
//返回404
function Not_Found() {
header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;
}
function process_url_idn($url) {
$parsed_url = parse_url($url);
if(!preg_match('/[\x{4e00}-\x{9fa5}]/u', $parsed_url['host'])){
return $url;
}
return substr_replace($url, idn_to_ascii($parsed_url['host']), strpos($url, "//") + 2, strlen($parsed_url['host']));
}

130
system/templates.php
View File

@@ -3,7 +3,7 @@
//读取全局模板配置
$global_templates = unserialize(get_db("global_config",'v', ["k" => "s_templates"]));
if(defined('UID')){
if(defined('UID') && $c != 'guide'){
//读取用户模板配置
$s_templates = unserialize(get_db("user_config", "v", ["uid"=>UID,"k"=>"s_templates"]));
//没找到用户模板配置
@@ -65,11 +65,12 @@ if($c == 'index'){
}elseif($c == 'guide'){ //引导页,由主页修改$c
$theme = $global_templates['guide'];
$dir_path = DIR.'/templates/guide';
$s_site = unserialize( get_db("global_config", "v", ["k" => "s_site"]));//读入默认站点配置
}
//模板类型(用于读取配置)
$templates_type = substr($dir_path, strrpos($dir_path, "/") + 1) ;
$config_type = in_array($templates_type,['guide','register']) ? 'global' : 'user';
//无权限或不存在使用默认
if( !check_purview('theme_in',1) || !is_file("{$dir_path}/{$theme}/index.php")){
$theme = 'default';
@@ -87,45 +88,59 @@ $theme_info = json_decode(@file_get_contents($dir_path.'/info.json'),true);
//主题配置(默认)
$theme_config = empty($theme_info['config']) ? []:$theme_info['config'];
if(defined('UID')){
//主题配置(用户)
//读取主题配置
if(defined('UID') && !in_array($templates_type,['guide','register'])){
$theme_config_db = get_db('user_config','v',['t'=>"theme_{$templates_type}",'k'=>$theme,'uid'=>UID]);
$theme_config_db = unserialize($theme_config_db);
}else{
//主题配置(用户)
$theme_config_db = get_db('global_config','v',['t'=>"theme_{$templates_type}",'k'=>$theme]);
$theme_config_db = unserialize($theme_config_db);
$theme_config_db = get_db('global_config','v',['k'=>"theme_{$templates_type}_{$theme}"]);
}
$theme_config_db = unserialize($theme_config_db);
//合并配置数据
$theme_config = empty($theme_config_db) ? $theme_config : array_merge ($theme_config,$theme_config_db);
//主题版本
$theme_ver = Debug ? "{$theme_info['version']}.".time() : $theme_info['version'];
if(defined('UID')){
//版权信息
$copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/TwoNav">Copyright © TwoNav</a>':$global_config['copyright'];
//备案信息
$ICP = empty($global_config['ICP'])?'':'<a target="_blank" href="https://beian.miit.gov.cn">'.$global_config['ICP'].'</a>';
//访问域名(伪静态用)
$HOST = get_HOST();
$OEM = get_OEM();
//静态链接
define('static_link',$global_config['static_link'] > 0);
$urls['login'] = static_link ? "$HOST/login":"./?c=login";
$urls['register'] = static_link ? "$HOST/register":"./?c=register";
if($config_type == 'user'){
//载入站点设置
$site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
//如果没有权限则清除自定义代码
if(!check_purview('header',1)){$site['custom_header'] = '';}
if(!check_purview('footer',1)){$site['custom_footer'] = '';}
//主页标题( 主标题 - 副标题 )
//主页标题(分类页面显示分类名-描述)
if(isset($_GET['cid']) && intval($_GET['cid']) > 0){
$teml_cd = get_db('user_categorys',['name','description'],['uid'=>UID,'cid'=>intval($_GET['cid'])]);
$site['title'] = $teml_cd['name']; $site['subtitle'] = $teml_cd['description'];
}
$site['Title'] = $site['title'].(empty($site['subtitle'])?'':' - '.$site['subtitle']);
//站点图标
$favicon = ( !empty($site['site_icon_file'])) ? $site['site_icon'] : './favicon.ico';
//相关入口
$UUID = get_UUID();
$urls['home'] = static_link ? "$HOST/{$UUID}.html":"./?u={$u}";
$urls['admin'] = static_link ? "$HOST/admin-{$UUID}.html":"./?c=admin&u={$u}";
$urls['apply'] = static_link ? "$HOST/apply-{$UUID}.html":"./?c=apply&u={$u}";
$urls['guestbook'] = static_link ? "$HOST/guestbook-{$UUID}.html":"./?c=guestbook&u={$u}";
}else{
//站点图标
$favicon = './favicon.ico';
}
//版权信息
$copyright = empty($global_config['copyright'])?'<a target="_blank" href="https://gitee.com/tznb/TwoNav">Copyright © TwoNav</a>':$global_config['copyright'];
//备案信息
$ICP = empty($global_config['ICP'])?'':'<a target="_blank" href="https://beian.miit.gov.cn">'.$global_config['ICP'].'</a>';
//是否启用收录
function is_apply(){
$apply_user = unserialize( get_db("user_config", "v", ["k" => "apply","uid"=>UID]));
@@ -196,6 +211,9 @@ function get_open_category(){
//获取文章列表
function get_article_list($category = 0,$limit = 0){
if($GLOBALS['global_config']['article'] < 1){
return ['data'=>[],'count'=>0];
}
$where['uid'] = UID;
if(!is_login()){
$where['AND']['state'] = 1; //状态筛选
@@ -214,7 +232,8 @@ function get_article_list($category = 0,$limit = 0){
}
//获取文章列表
$datas = select_db('user_article_list','*',$where);
$host = get_HOST();
$uuid = get_UUID();
//查询分类
$categorys = select_db('user_categorys',['cid(id)','name'],['uid'=>UID]);
$categorys = array_column($categorys,'name','id');
@@ -223,12 +242,20 @@ function get_article_list($category = 0,$limit = 0){
$data['category_name'] = $categorys[$data['category']] ?? 'Null';
$data['title'] = htmlspecialchars($data['title'],ENT_QUOTES);
$data['summary'] = htmlspecialchars($data['summary'],ENT_QUOTES);
if(static_link){
$data['url'] = "{$host}/article-{$uuid}-{$data['id']}.html";
}else{
$data['url'] = "./index.php?c=article&id={$data['id']}&u={$u}";
}
}
return ['data'=>$datas,'count'=>$count];
}
//根据文章id获取内容
function get_article_content($id){
if($GLOBALS['global_config']['article'] < 1){
return ['data'=>[],'count'=>0];
}
$where['uid'] = UID;
if(!is_login()){
$where['state'] = 1; //状态筛选
@@ -277,7 +304,68 @@ function get_category_list($layer = false){
return $categorys;
}
//返回404
function Not_Found() {
header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;
function get_links2($fid,$limit = 0) {
global $site,$u;
$fid_s = select_db('user_categorys',['cid','fid','pid'],['uid'=>UID,'status'=>1]);
$fid_s = array_column($fid_s,null,'cid');
$where['uid'] = UID;
$where['fid'] = intval($fid);
$where['status'] = 1;
$where['ORDER']['weight'] = 'ASC';
$where['ORDER']['lid'] = 'ASC';
if($limit > 0){
$where['LIMIT'] = [0,$limit];
}
if(!is_login){
$where['property'] = 0;
}
$links = select_db('user_links',['lid(id)','fid','property','title','url(real_url)','url_standby','description','icon','click','pid','extend'],$where);
$UUID = ($GLOBALS['global_config']['static_link'] == 2 ? UID : U);
foreach ($links as &$link) {
$click = false; $lock = false;
//直连模式,但存在备用链接
if ($site['link_model'] == 'direct' && $site['main_link_priority'] != '3' && !empty($link['url_standby'])){
$click = true;
}
//未登录,判断是否加密
if(!is_login){
//链接加密了
if(!empty($link['pid'])){
$click = true; $lock = true;
//父分类加密了 或 祖分类加密了
}elseif(!empty($fid_s[$link['fid']]['pid']) || (!empty($fid_s[$link['fid']]['fid']) && !empty($fid_s[$fid_s[$link['fid']]['fid']]['pid'])) ){
$click = true; $lock = true;
}
}
if($click || $site['link_model'] != 'direct'){
$link['url'] = static_link ? "{$GLOBALS['HOST']}/click-{$UUID}-{$link['id']}.html" : "./index.php?c=click&id={$link['id']}&u={$u}";
if($lock){
$link['real_url'] = $link['url'];
}
}else{
$link['url'] = $link['real_url'];
}
//获取图标链接
$link['ico'] = $lock ? $GLOBALS['libs'].'/Other/lock.svg' : geticourl($site['link_icon'],$link);
}
return $links;
}
function admin_inlet() {
global $USER_DB;
$v = unserialize($USER_DB['LoginConfig'])['admin_inlet'];
if($v == 'display'){
return true;
}elseif($v == 'hide'){
return false;
}elseif($v == 'condition1'){
return is_login();
}else{
return true;
}
}

2
system/version.txt
View File

@@ -1 +1 @@
v2.0.38-20230906
v2.1.18-20241018

3
templates/admin/index.php
View File

@@ -14,7 +14,7 @@
<link rel="stylesheet" href="<?php echo $layui['css'];?>" media="all">
<link rel="stylesheet" href="./templates/admin/css/layuimini.css?v=<?php echo $Ver;?>" media="all">
<link rel="stylesheet" href="./templates/admin/css/themes/default.css?v=<?php echo $Ver;?>" media="all">
<link rel="stylesheet" href="<?php echo $libs?>/Font-awesome/4.7.0/css/font-awesome.css" media="all">
<link rel="stylesheet" href="<?php echo $libs?>/Font-awesome/4.7.0/css/font-awesome.min.css" media="all">
<link rel="shortcut icon" href="<?php echo $favicon;?>">
<style id="layuimini-bg-color"></style>
</head>
@@ -35,6 +35,7 @@
<dl class="layui-nav-child">
<dd><a href="javascript:;" layuimini-content-href="LoginDevice" data-title="登录设备">登录设备</a></dd>
<dd><a href="javascript:;" layuimini-content-href="SecuritySetting" data-title="安全设置">安全设置</a></dd>
<dd><a href="javascript:;" layuimini-content-href="AccessRestrictions" data-title="访问限制">访问限制</a></dd>
<dd><a href="javascript:;" layuimini-content-href="UserPassword" data-title="修改密码">修改密码</a></dd>
<dd><hr></dd>
<dd><a href="javascript:;" id="logout">退出登录</a></dd>

3
templates/admin/js/category.js
View File

@@ -73,6 +73,7 @@
//分类切换按钮
$("#btn-type").text(type == '&type=all' ?'收起':'展开');
//将一级分类加入下拉框
let old_val = $("#fid").val();
$("#fid").empty();
$("#fid").append("<option value=\"0\">无</option>");
for (i = 0; i < count; i++) {
@@ -80,6 +81,8 @@
$("#fid").append("<option value=\""+res.data[i].cid+"\">"+res.data[i].name+"</option>");
}
}
$("#fid").val(old_val);
form.render('select');
limit = false; //取消修改限制
layer.closeAll('loading'); //关闭加载层
//加载加密分组数据

196
templates/admin/js/home-root.js
View File

@@ -3,93 +3,122 @@ layui.use(['layer','miniTab'], function(){
var $ = layui.$;
var miniTab = layui.miniTab;
//获取最新版本
let latest_version = $("#new_ver").text();
//console.log(latest_version);
$("#new_ver").append('<span id="sysup" style="cursor:pointer;color:darkgray;">&nbsp;更新系统&nbsp;</span> ');
$("#new_ver").append('<i class="fa fa-spinner fa-spin update" style="cursor:pointer;color: rgb(127 137 141);" title="正在检测更新中"></i>');
//获取当前版本
let current_version = $("#ver").text();
//console.log(current_version);
let pattern = /\d{8}/;
current_version = pattern.exec(current_version)[0];
latest_version = pattern.exec(latest_version)[0];
//如果当前版本小于最新版本,则提示更新
if( current_version < latest_version ) {
$("#new_ver").append(' <span id="sysup" style="cursor:pointer;color:red;">&nbsp;更新系统</span>');
if($("#layuiminiHomeTabId",parent.document).attr('class') == 'layui-this'){
$('html,body').animate({scrollTop : $("#msg").offset().top - 20});
layer.tips("点击此处更新到最新版","#sysup",{tips: [3, "#ff5722"],time: 60*1000,anim: 6});
layer.msg(' 检测到新版本,请尽快更新 ', {offset: 'b',anim: 6,time: 60*1000});
// 获取最新信息
$.post(get_api('other_services','get_notice') + '&t=' + Math.round(new Date() / 1000),function(data,status){
if(data.code == 200) {
$("#new_ver a").text(data.version);
$('#notice_link').text('');
if (Array.isArray(data.notice) && data.notice.length > 0) {
data.notice.forEach(notice => {
$('#notice_link').append(`<div class="layuimini-notice"><div class="layuimini-notice-title"><a href="${notice.url}" target="_blank">${notice.title}</a></div></div>`);
});
}else{
$('.notice1').remove();
}
if(data.message.length > 0){
$('#notice_text').html(data.message);
}else{
$('.notice2').remove();
}
}
//点击更新事件
$('#sysup').on('click', function(){
let tip = layer.open({
title:"系统更新"
,content: "1.更新有风险请备份后再更新<br />2.更新后检查主题是否可更新<br />3.更新时请勿有其他操作<br />4.更新时请勿刷新或关闭页面<br />5.确保所有文件(夹)是可写权限"
,btn: ['确定更新', '更新内容', '取消']
,yes: function(index, layero){
let fail = false;
let up_info = {'code':0};
let i=0;
layer.close(tip);
layer.load(1, {shade:[0.3,'#fff']});//加载层
let msg_id = layer.msg('正在准备更新,请勿操作.', {icon: 16,time: 1000*300});
//设置同步模式
$.ajaxSetup({ async : false });
//获取更新信息
$.post(get_api("other_upsys"),{"i":0}, function(data, status) {
up_info = data;
});
//如果失败
if(up_info.code != 1){
layer.closeAll();
layer.alert(up_info.msg || "错误代码404",{icon:2,title:'更新失败',anim: 2,shadeClose: false,closeBtn: 0,btn: ['知道了']});
return;
}
//设为异步模式
$.ajaxSetup({ async : true });
//开始请求更新
request_update(); let msg = '';
function request_update(){
if( i >= up_info.info.length){
layer.closeAll();
layer.alert('更新完毕,请刷新页面!',{icon:1,title:'更新成功',anim: 2,shadeClose: false,closeBtn: 0,btn: ['刷新页面']},function () {parent.location.reload();});
return;
}else{
i++;
}
$("#layui-layer"+ msg_id+" .layui-layer-padding").html('<i class="layui-layer-face layui-icon layui-icon layui-icon-loading layui-anim layui-anim-rotate layui-anim-loop"></i>[ ' + i + ' / ' + up_info.info.length + ' ] ' + up_info.info[i-1]);
$.post(get_api("other_upsys"),{"i":i}, function(data, status) {
if (data.code == 1) {
request_update();
}else{
layer.closeAll();
layer.alert(data.msg || "未知错误,请联系开发者!",{icon:5,title:up_info.info[i-1],anim: 2,shadeClose: false,closeBtn: 0,btn: ['知道了']});
}
});
}
},btn2: function(index, layero){
window.open("https://gitee.com/tznb/TwoNav/releases");
},btn3: function(index, layero){
return true;
},cancel: function(){
return true;
}
});
});
}else{
$("#new_ver").append(' <span id="sysup" style="cursor:pointer;color: rgb(1, 170, 237);">&nbsp;更新系统</span>');
$('#sysup').on('click', function(){
layer.alert("暂无可用更新,当前为最新版本",{icon:1,title:"更新系统",anim: "slideDown",shadeClose: true,closeBtn: 0,btn: ['知道了']});
});
}
init_update();
$(".update").remove();
}).fail(function () {
$(".update").remove();
layer.msg('请求失败', {icon: 5});
});
function init_update(){
//获取最新版本
let latest_version = $("#new_ver").text();
//获取当前版本
let current_version = $("#ver").text();
let pattern = /v(\d+\.\d+\.\d+)/;
current_version = pattern.exec(current_version)[0];
latest_version = pattern.exec(latest_version)[0];
//如果当前版本小于最新版本,则提示更新
if( current_version < latest_version ) {
$("#sysup").css("color", "red");
if($("#layuiminiHomeTabId",parent.document).attr('class') == 'layui-this'){
$('html,body').animate({scrollTop : $("#msg").offset().top - 20});
layer.tips("点击此处更新到最新版","#sysup",{tips: [3, "#ff5722"],time: 60*1000,anim: 6});
layer.msg(' 检测到新版本,请尽快更新 ', {offset: 'b',anim: 6,time: 60*1000});
}
//点击更新事件
$('#sysup').on('click', function(){
let tip = layer.open({
title:"系统更新"
,content: "1.更新有风险请备份后再更新<br />2.更新后检查主题是否可更新<br />3.更新时请勿有其他操作<br />4.更新时请勿刷新或关闭页面<br />5.确保所有文件(夹)是可写权限"
,btn: ['确定更新', '更新内容', '取消']
,yes: function(index, layero){
let fail = false;
let up_info = {'code':0};
let i=0;
layer.close(tip);
layer.load(1, {shade:[0.3,'#fff']});//加载层
let msg_id = layer.msg('正在准备更新,请勿操作.', {icon: 16,time: 1000*300});
//设置同步模式
$.ajaxSetup({ async : false });
//获取更新信息
$.post(get_api("other_upsys"),{"i":0}, function(data, status) {
up_info = data;
});
//如果失败
if(up_info.code != 1){
layer.closeAll();
layer.alert(up_info.msg || "错误代码404",{icon:2,title:'更新失败',anim: 2,shadeClose: false,closeBtn: 0,btn: ['知道了']});
return;
}
//设为异步模式
$.ajaxSetup({ async : true });
//开始请求更新
request_update(); let msg = '';
function request_update(){
if( i >= up_info.info.length){
layer.closeAll();
layer.alert('更新完毕,请刷新页面!',{icon:1,title:'更新成功',anim: 2,shadeClose: false,closeBtn: 0,btn: ['刷新页面']},function () {parent.location.reload();});
return;
}else{
i++;
}
$("#layui-layer"+ msg_id+" .layui-layer-padding").html('<i class="layui-layer-face layui-icon layui-icon layui-icon-loading layui-anim layui-anim-rotate layui-anim-loop"></i>[ ' + i + ' / ' + up_info.info.length + ' ] ' + up_info.info[i-1]);
$.post(get_api("other_upsys"),{"i":i}, function(data, status) {
if (data.code == 1) {
request_update();
}else{
layer.closeAll();
layer.alert(data.msg || "未知错误,请联系开发者!",{icon:5,title:up_info.info[i-1],anim: 2,shadeClose: false,closeBtn: 0,btn: ['知道了']});
}
});
}
},btn2: function(index, layero){
window.open("https://gitee.com/tznb/TwoNav/releases");
},btn3: function(index, layero){
return true;
},cancel: function(){
return true;
}
});
});
}else{
$("#sysup").css("color", "rgb(1, 170, 237)");
$('#sysup').on('click', function(){
layer.alert("暂无可用更新,当前为最新版本",{icon:1,title:"更新系统",anim: "slideDown",shadeClose: true,closeBtn: 0,btn: ['知道了']});
});
}
}
//查看更新日志
$('#ver').css({"cursor":"pointer","color":"#01AAED"}); //设置鼠标形状和字体颜色
$('#ver').attr("title","点击查看更新日志");
@@ -99,7 +128,6 @@ layui.use(['layer','miniTab'], function(){
title:"更新日志",
});
});
});
function get_api(method,type=null){

3
templates/admin/js/lay-config.js
View File

@@ -15,6 +15,5 @@ layui.config({
treetable: 'treetable-lay/treetable', //table树形扩展
tableSelect: 'tableSelect/tableSelect', // table选择扩展
xIcon: 'xIcon/xIcon', //图标选择器
treeSelect: 'treeSelect/treeSelect', // 树形下拉选择器
background: 'background/background' //随机背景图
treeSelect: 'treeSelect/treeSelect'
});

84
templates/admin/js/lay-module/background/background.js
View File

@@ -1,84 +0,0 @@
/**
* 随机背景图
*/
layui.define(['dropdown'], function (exports) {
var background = {
render: function (elem) {
layui.dropdown.render({elem: elem
,data: [{
title: '博天(自适应/动漫)'
,url: 'https://api.btstu.cn/sjbz/api.php?lx=dongman&method=zsy'
,author:'https://api.btstu.cn/doc/sjbz.php'
},{
title: '博天(自适应/妹子)'
,url: 'https://api.btstu.cn/sjbz/api.php?lx=meizi&method=zsy'
,author:'https://api.btstu.cn/doc/sjbz.php'
},{
title: '博天(自适应/风景)'
,url: 'https://api.btstu.cn/sjbz/api.php?lx=fengjing&method=zsy'
,author:'https://api.btstu.cn/doc/sjbz.php'
},{
title: '博天(自适应/随机)'
,url: 'https://api.btstu.cn/sjbz/api.php?lx=suiji&method=zsy'
,author:'https://api.btstu.cn/doc/sjbz.php'
},{
title: '姬长信(PC/每日必应)'
,url: 'https://api.isoyu.com/bing_images.php'
,author:'https://api.isoyu.com'
},{
title: '樱花(PC/动漫)'
,url: 'https://www.dmoe.cc/random.php'
,author:'https://www.dmoe.cc'
},{
title: '梁炯灿(PC/动漫)'
,url: 'https://tuapi.eees.cc/api.php?category=dongman&type=302'
,author:'https://tuapi.eees.cc'
},{
title: '梁炯灿(PC/风景)'
,url: 'https://tuapi.eees.cc/api.php?category=fengjing&type=302'
,author:'https://tuapi.eees.cc'
},{
title: '梁炯灿(PC/必应)'
,url: 'https://tuapi.eees.cc/api.php?category=biying&type=302'
,author:'https://tuapi.eees.cc'
},{
title: '梁炯灿(PC/美女)'
,url: 'https://tuapi.eees.cc/api.php?category=meinv&type=302'
,author:'https://tuapi.eees.cc'
},{
title: '苏晓晴(PC/动漫)'
,url: 'https://acg.toubiec.cn/random.php'
,author:'https://acg.toubiec.cn'
},{
title: '墨天逸(PC/动漫)'
,url: 'https://api.mtyqx.cn/api/random.php'
,author:'https://api.mtyqx.cn/'
},{
title: '小歪(PC/动漫)'
,url: 'https://api.ixiaowai.cn/api/api.php'
,author:'https://api.ixiaowai.cn'
},{
title: '小歪(PC/MC酱)'
,url: 'https://api.ixiaowai.cn/mcapi/mcapi.php'
,author:'https://api.ixiaowai.cn'
},{
title: '小歪(PC/风景)'
,url: 'https://api.ixiaowai.cn/gqapi/gqapi.php'
,author:'https://api.ixiaowai.cn'
},{
title: '保罗(PC/动漫)'
,url: 'https://api.paugram.com/wallpaper/?source=sina'
,author:'https://api.paugram.com/help/wallpaper'
},{
title: '樱道(PC/动漫)'
,url: 'https://api.r10086.com/img-api.php?type=动漫综合1'
,author:'https://img.r10086.com/'
}],click: function(obj){
this.elem.val(obj.url);
},style: 'width: 235px;'
});
}
};
exports("background",background);
});

1
templates/admin/js/link_list.js
View File

@@ -474,6 +474,7 @@ layui.use(['form','table','dropdown','miniTab'], function () {
//手机端操作
function load_dropdown(){
var data = [];
data.push({'title':'删除选中','id':'batch_del'});
$(".layui-btn-normal.layui-hide-xs").each(function(){
data.push({'title':$(this).text(),'id':$(this).attr('lay-event')});
});

4
templates/admin/js/public.js
View File

@@ -73,6 +73,10 @@ function Get_baseUrl() {
return baseUrl;
}
function Authorization_Prompt() {
layer.alert("您正在使用的是免费版,此功能需购买授权才可使用<br />如果您已购买授权,请在授权管理页面输入并保存<br />然后在更新系统即可解锁全部功能!");
}
//帮助
if (typeof jQuery != 'undefined') {
$("#help").click(function(){

13
templates/admin/js/theme.js
View File

@@ -104,13 +104,16 @@ layui.use(function(){
$.post(`./index.php?c=api&method=read_theme&dir=${dir}&u=${u}&cache=${cache ? 'no':'yes'}`, function (r, status) {
layer.closeAll();
if (r.code == 1) {
if(r.referrer.length > 0){
$('meta[name="referrer"]').replaceWith(`<meta name="referrer" content="${r.referrer}">`);
}
datas = r.data;
render_data(r);
} else {
layer.alert("获取数据失败,请重试!",{icon:5,title:'错误',anim: 2,closeBtn: 0,btn: ['刷新页面']},function () {location.reload();});
layer.alert("获取数据失败,请重试!",{icon:5,title:'错误',anim: 2,closeBtn: 1,btn: ['刷新页面']},function () {location.reload();});
}
}).fail(function () {
layer.alert("获取数据异常,请重试!",{icon:5,title:'错误',anim: 2,closeBtn: 0,btn: ['刷新页面']},function () {location.reload();});
layer.alert("获取数据异常,请重试!",{icon:5,title:'错误',anim: 2,closeBtn: 1,btn: ['刷新页面']},function () {location.reload();});
});
}
@@ -163,15 +166,12 @@ layui.use(function(){
current2.css('color','#03a9f4');
current2.prepend('<i class="layui-icon layui-icon-cellphone" title="移动终端正在使用此主题"> ');
$(`#col_${d.current.home_pad}`).prependTo($row);
//if(current1.is(current2)){ $("#set:first").remove(); }
}else{
if(d.current[active] !== null && d.current[active] !== undefined && d.current[active].length > 0){
var current = $(`#t_${d.current[active]}`);
current.css('color','#03a9f4');
current.prepend('<i class="fa fa-magic" style="color: #03a9f4;" title="正在使用"></i> ');
$(`#col_${d.current[active]}`).prependTo($row);
//$("#set:first").remove();
}
}
$(`#col_default`).prependTo($row);
@@ -292,7 +292,7 @@ layui.use(function(){
$.post(get_api('write_theme','set'),{type:type,name:name,fn:fn},function(data,status){
if( data.code == 1 ) {
layer.msg(data.msg, {icon: 1});
setTimeout(() => {load_data(active);}, 800);
setTimeout(() => {load_data(active);}, (data.msg == '设置成功' ? 800 : 2000));
}else{
layer.msg(data.msg, {icon: 5});
}
@@ -302,6 +302,5 @@ layui.use(function(){
//主题详情
function theme_detail(data){
layer.open({type: 1,scrollbar: false,maxmin: false,shadeClose: true,resize: false,title: data.name + ' - 主题详情',area: ['60%', '59%'],content: '<body class="layui-fluid"><div class="layui-row" style = "margin-top :1em;"><div class="layui-col-sm9" style = "border-right:1px solid #e2e2e2;"><div style = "margin-left:1em;margin-right:1em;"><img src="'+data.screenshot+'" alt="" style = "max-width:100%;"></div></div><div class ="layui-col-sm3"><div style = "margin-left:1em;margin-right:1em;"><h1>'+data.name+'</h1><p>描述:'+data.description+'</p><p>版本:'+data.version+'</p><p>更新时间:'+data.update+'</p><p>作者:'+data.author+'</p><p >主页:<a style = "color:#01AAED;" href="'+data.homepage+'" target="_blank" rel = "nofollow">访问主页</a></p></div></div></div></body>'});
}
});

91
templates/admin/other/verify_link_pwd.php
View File

@@ -1,91 +0,0 @@
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
$tip = $verify_type == 'link_pwd'?'请输入链接密码':'请输入分类密码';
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>查看加密链接 - TwoNav</title>
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta http-equiv="Access-Control-Allow-Origin" content="*">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<meta name="apple-mobile-web-app-status-bar-style" content="black">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="format-detection" content="telephone=no">
<link rel="stylesheet" href="<?php echo $layui['css']; ?>">
<link rel="stylesheet" href="<?php echo $libs?>/Other/login.css">
<!--[if lt IE 9]>
<script src="<?php echo $libs?>/Other/html5.min.js"></script>
<script src="<?php echo $libs?>/Other/respond.min.js"></script>
<![endif]-->
</head>
<body>
<div class="main-body">
<div class="login-main">
<div class="login-top">
<span>TwoNav 查看加密链接</span>
<span class="bg1"></span>
<span class="bg2"></span>
</div>
<form class="layui-form login-bottom">
<div class="center">
<div class="item">
<span class="icon icon-3"></span>
<input type="password" name="Password" lay-verify="required" lay-reqtext="<?php echo $tip;?>" placeholder="<?php echo $tip;?>">
<span class="bind-password icon icon-4"></span>
</div>
</div>
<div class="layui-form-item" style="text-align:center; width:100%;height:100%;margin:0px;">
<button class="login-btn" lay-submit="" lay-filter="verify">验证</button>
</div>
</form>
</div>
</div>
<div class="footer">
<?php echo $copyright.( !empty($ICP)?'<span class="padding-5">|</span>':'').$ICP; ?>
</div>
<script src = "<?php echo $libs?>/jquery/jquery-3.6.0.min.js"></script>
<script src = "<?php echo $layui['js']; ?>"></script>
<script src = '<?php echo $libs?>/jquery/jquery.md5.js'></script>
<script>
layui.use(['form','jquery'], function () {
var $ = layui.jquery,
form = layui.form,
layer = layui.layer;
$('.bind-password').on('click', function () {
if ($(this).hasClass('icon-5')) {
$(this).removeClass('icon-5');
$("input[name='Password']").attr('type', 'password');
} else {
$(this).addClass('icon-5');
$("input[name='Password']").attr('type', 'text');
}
});
form.on('submit(verify)', function (data) {
data = data.field;
if (data.Password == '') {
layer.msg('密码不能为空');
return false;
}
data.id = '<?php echo $_GET['id']?>';
$.post('./index.php?c=verify&type=link_pwd&u=<?php echo U?>',data,function(re,status){
if(re.code == 1) {
layer.msg('正在验证..', {icon: 16,shade: [0.1, '#f5f5f5'],scrollbar: false,offset: 'auto',time: 888,
end: function() {
window.location.reload();
return false;
}
});
}else{
layer.msg(re.msg, {icon: 5});
}
});
return false;
});
});
</script>
</body>
</html>

90
templates/admin/other/verify_pwd2.php
View File

@@ -1,90 +0,0 @@
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}
$tip ='请输入二级密码';
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>查看加密链接 - TwoNav</title>
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta http-equiv="Access-Control-Allow-Origin" content="*">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<meta name="apple-mobile-web-app-status-bar-style" content="black">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="format-detection" content="telephone=no">
<link rel="stylesheet" href="<?php echo $layui['css']; ?>">
<link rel="stylesheet" href="<?php echo $libs?>/Other/login.css">
<!--[if lt IE 9]>
<script src="<?php echo $libs?>/Other/html5.min.js"></script>
<script src="<?php echo $libs?>/Other/respond.min.js"></script>
<![endif]-->
</head>
<body>
<div class="main-body">
<div class="login-main">
<div class="login-top">
<span>TwoNav 验证二级密码</span>
<span class="bg1"></span>
<span class="bg2"></span>
</div>
<form class="layui-form login-bottom">
<div class="center">
<div class="item">
<span class="icon icon-3"></span>
<input type="password" name="Password2" lay-verify="required" lay-reqtext="<?php echo $tip;?>" placeholder="<?php echo $tip;?>">
<span class="bind-password icon icon-4"></span>
</div>
</div>
<div class="layui-form-item" style="text-align:center; width:100%;height:100%;margin:0px;">
<button class="login-btn" lay-submit="" lay-filter="verify">验证</button>
</div>
</form>
</div>
</div>
<div class="footer">
<?php echo $copyright.( !empty($ICP)?'<span class="padding-5">|</span>':'').$ICP; ?>
</div>
<script src = "<?php echo $libs?>/jquery/jquery-3.6.0.min.js"></script>
<script src = "<?php echo $layui['js']; ?>"></script>
<script src = '<?php echo $libs?>/jquery/jquery.md5.js'></script>
<script>
layui.use(['form','jquery'], function () {
var $ = layui.jquery,
form = layui.form,
layer = layui.layer;
$('.bind-password').on('click', function () {
if ($(this).hasClass('icon-5')) {
$(this).removeClass('icon-5');
$("input[name='Password']").attr('type', 'password');
} else {
$(this).addClass('icon-5');
$("input[name='Password']").attr('type', 'text');
}
});
form.on('submit(verify)', function (data) {
data = data.field;
if (data.Password == '') {
layer.msg('密码不能为空');
return false;
}
$.post('./index.php?c=verify&type=pwd2&u=<?php echo U?>',data,function(re,status){
if(re.code == 1) {
layer.msg('验证成功,请稍后..', {icon: 6,time: 1000,
end: function() {
window.location.reload();
return false;
}
});
}else{
layer.msg(re.msg, {icon: 5});
}
});
return false;
});
});
</script>
</body>
</html>

88
templates/admin/other/verify_share_pwd.php
View File

@@ -1,88 +0,0 @@
<?php if(!defined('DIR')){header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");exit;}?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>提取书签 - TwoNav</title>
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta http-equiv="Access-Control-Allow-Origin" content="*">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<meta name="apple-mobile-web-app-status-bar-style" content="black">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="format-detection" content="telephone=no">
<link rel="stylesheet" href="<?php echo $layui['css']; ?>">
<link rel="stylesheet" href="<?php echo $libs?>/Other/login.css">
<!--[if lt IE 9]>
<script src="<?php echo $libs?>/Other/html5.min.js"></script>
<script src="<?php echo $libs?>/Other/respond.min.js"></script>
<![endif]-->
</head>
<body>
<div class="main-body">
<div class="login-main">
<div class="login-top">
<span>TwoNav 提取书签</span>
<span class="bg1"></span>
<span class="bg2"></span>
</div>
<form class="layui-form login-bottom">
<div class="center">
<div class="item">
<span class="icon icon-3"></span>
<input type="text" name="Password" lay-verify="required" lay-reqtext="请输入提取码" placeholder="请输入提取码" value="<?php echo $_GET['pwd'];?>">
<span class="bind-password icon icon-4 icon-5"></span>
</div>
</div>
<div class="layui-form-item" style="text-align:center; width:100%;height:100%;margin:0px;">
<button class="login-btn" lay-submit="" lay-filter="verify">提取</button>
</div>
</form>
</div>
</div>
<div class="footer">
<?php echo $copyright.( !empty($ICP)?'<span class="padding-5">|</span>':'').$ICP; ?>
</div>
<script src = "<?php echo $libs?>/jquery/jquery-3.6.0.min.js"></script>
<script src = "<?php echo $layui['js']; ?>"></script>
<script>
layui.use(['form','jquery'], function () {
var $ = layui.jquery,
form = layui.form,
layer = layui.layer;
$('.bind-password').on('click', function () {
if ($(this).hasClass('icon-5')) {
$(this).removeClass('icon-5');
$("input[name='Password']").attr('type', 'password');
} else {
$(this).addClass('icon-5');
$("input[name='Password']").attr('type', 'text');
}
});
form.on('submit(verify)', function (data) {
data = data.field;
if (data.Password == '') {
layer.msg('密码不能为空');
return false;
}
$.post('./index.php?c=verify&type=share_pwd&u=<?php echo U;?>&share=<?php echo $_GET['share'];?>',data,function(re,status){
if(re.code == 1) {
layer.msg('正在提取..', {icon: 16,shade: [0.1, '#f5f5f5'],scrollbar: false,offset: 'auto',time: 888,
end: function() {
window.location.reload();
return false;
}
});
}else{
layer.msg(re.msg, {icon: 5});
}
});
return false;
});
});
</script>
</body>
</html>

71
templates/admin/page/AccessRestrictions.php Normal file
View File

@@ -0,0 +1,71 @@
<?php $title='访问限制'; require 'header.php';?>
<style>
.layui-btn-container .layui-btn{border-width: 1px; border-style: solid; border-color: #FF5722!important; color: #FF5722!important;background: none;height: 30px; line-height: 30px; padding: 0 10px; font-size: 12px;}
</style>
<body>
<div class="layuimini-container">
<div class="layuimini-main">
<form class="layui-form" lay-filter="form">
<div class="layui-form layuimini-form layui-form-pane">
<blockquote class="layui-elem-quote layui-text" style="">
此功能<a href="https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968669&doc_id=3767990" target="_blank">授权用户</a>专享
</blockquote>
<blockquote class="layui-elem-quote layui-text" style="">白名单模式 > 除了名单中的账号和分组一律不可访问您的主页<br />黑名单模式 > 黑名单中的账号和分组不可访问您的主页<br />匹配优先级: 用户组名单 > 账号名单<br />使用黑白名单模式时,未登录账号不可访问您的主页<br />名单中多个账号或分组时用半角的逗号,间隔<br />新增功能,难免会有BUG,如有遇到请反馈并关闭该功能</blockquote>
<div class="layui-form-item">
<label class="layui-form-label">访问限制</label>
<div class="layui-input-inline" >
<select name="mode">
<option value="0" selected="">无限制</option>
<option value="white">白名单模式</option>
<option value="black">黑名单模式</option>
</select>
</div>
<div class="layui-form-mid layui-word-aux"></div>
</div>
<div class="layui-form-item layui-form-text">
<label class="layui-form-label">用户组名单</label>
<div class="layui-input-block">
<textarea name="users_list" class="layui-textarea" placeholder='填写用户组代号,例如: group1,group2,group3'></textarea>
</div>
</div>
<div class="layui-form-item layui-form-text">
<label class="layui-form-label">账号名单</label>
<div class="layui-input-block">
<textarea name="user_list" class="layui-textarea" placeholder='填写用户账号,例如: user1,user2,user3'></textarea>
</div>
</div>
<div class="layui-form-item layui-form-text">
<label class="layui-form-label">限制提示</label>
<div class="layui-input-block">
<textarea name="prompt" class="layui-textarea" placeholder='留空时: 显示引导页
以http开头时: 跳转到url
其他内容则直接显示'></textarea>
</div>
</div>
<div class="layui-form-item">
<div class="layui-input-block"><button class="layui-btn layui-btn-normal" lay-submit lay-filter="save">确认保存</button></div>
</div>
</div>
</form>
</div>
</div>
<script src = "<?php echo $libs;?>/jquery/jquery-3.6.0.min.js"></script>
<?php load_static('js.layui');?>
<script>
layui.use(['jquery','form','miniTab'], function () {
var form = layui.form;
var layer = layui.layer;
var $ = layui.jquery;
var miniTab = layui.miniTab;
miniTab.listen();
//监听提交
form.on('submit(save)', function (data) {
return false;
});
});
</script>
</body>
</html>

13
templates/admin/page/SecuritySetting.php
View File

@@ -25,7 +25,17 @@ $LoginConfig['totp_key'] = empty($LoginConfig['totp_key']) ? '0':'1';?>
</div>
<div class="layui-form-mid layui-word-aux">接口泄漏时可以选择重设登陆入口,更换后请及时保存!</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">管理入口</label>
<div class="layui-input-inline" >
<select name="admin_inlet" >
<option value="display" selected>显示</option>
<option value="hide">隐藏</option>
<option value="condition1">登录时显示</option>
</select>
</div>
<div class="layui-form-mid layui-word-aux">是否在主页显示管理入口</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">登录保持</label>
<div class="layui-input-inline" >
@@ -89,7 +99,6 @@ $LoginConfig['totp_key'] = empty($LoginConfig['totp_key']) ? '0':'1';?>
</div>
<div class="layui-form-mid layui-word-aux">部分主题和插件需设为兼容 <a href="javascript:;" layuimini-content-href="Token" data-title="Token"><font color="red"> 获取API ( Token )</font></a></div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">登录后</label>
<div class="layui-input-inline" >

23
templates/admin/page/SiteSetting.php
View File

@@ -73,17 +73,21 @@
<option value="20" >本地服务</option>
<option value="21" >本地服务(伪静态)</option>
<option value="2" >favicon.png.pub (小图标)</option>
<!--<option value="4" >api.15777.cn</option>-->
<!--<option value="5" >favicon.cccyun.cc</option>-->
<option value="6" >api.iowen.cn</option>
<!--<option value="7" >toolb.cn</option>-->
<!--<option value="8" >apis.jxcxin.cn</option>-->
<!--<option value="9" >ico.kucat.cn</option>-->
</select>
</div>
<div class="layui-form-mid layui-word-aux">所有API接口均由其他大佬提供!若有异常请尝试更换接口!</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">重复链接</label>
<div class="layui-input-inline" >
<select name="repeat_url" >
<option value="0" selected>禁止</option>
<option value="1">允许</option>
</select>
</div>
<div class="layui-form-mid layui-word-aux">是否允许添加已存在的链接</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">最新网址</label>
<div class="layui-input-inline" >
@@ -195,13 +199,18 @@ layui.use(['jquery','form','upload'], function () {
});
//监听提交
form.on('submit(save)', function (data) {
layer.load(0);
$.post('./index.php?c=api&method=write_site_setting&u='+u,data.field,function(data,status){
layer.closeLast('loading');
if(data.code == 1) {
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
}).fail(function(xhr, textStatus, errorThrown) {
layer.closeLast('loading');
layer.alert('请求失败');
});
return false;
});

14
templates/admin/page/Token.php
View File

@@ -22,12 +22,14 @@
<div class="layui-colla-item">
<div class="layui-colla-title">如何使用Chrome浏览器扩展 [非官方]</div>
<div class="layui-colla-content">
前言: 由于浏览器扩展插件非TwoNav所开发适配,如存在Bug或无法使用属正常现象!<br />
安装: 谷歌应用商店下载<a href="https://chrome.google.com/webstore/detail/onenav/omlkjgkogkfpjbdigianpdbjncdchdco?hl=zh-CN&authuser=0" >OneNav</a>并安装 ( 已知0.9.24 - 1.0.1可用,其他版本未知 )<br />
设置S: 1.TwoNav后台>右上角账号>安全设置>API模式>设为<兼容模式> 2.在本页面获取Token<br />
设置C: 插件API设置>填入域名和Token并保存>完成<br />
问题1: 对于单用户使用,确保系统设置中默认用户是当前用户即可!多用户使用时需开启二级域名功能并将域名替换成用户的二级域名,注意结尾不需要带/
问题2: 因为插件非官方开发维护,能用就尽量不要更新,如果插件更新可能会导致无法正常使用,需这个更新获得兼容性!
注意事项: 由于浏览器扩展插件非TwoNav所开发适配,如存在Bug或无法使用属正常现象!<br />
安装扩展: 扩展插件获取:
<a style="color:#3c78d8" href="https://chromewebstore.google.com/detail/onenav/omlkjgkogkfpjbdigianpdbjncdchdco" >Chrome/Edge</a> /
<a style="color:#3c78d8" href="https://addons.mozilla.org/zh-CN/firefox/addon/onenav" >Firefox</a> 下载并安装 ( 已知0.9.24 - 1.1.0可用,其他版本未知 )<br />
后台设置: 1.TwoNav后台>右上角账号>安全设置>API模式>设为<兼容模式> 2.在本页面获取Token<br />
扩展设置: 设置>填入域名和Token并保存即可,注意: 扩展插件中的推荐内容与本程序无关<br />
问题1: 对于单用户使用,确保系统设置中默认用户是当前用户即可!多用户使用时需开启二级域名功能并将域名替换成用户的二级域名,注意结尾不需要带/<br />
问题2: 因为插件非官方开发维护,能用就尽量不要更新,更新后可能会导致无法正常使用!如有发现不兼容我们也会尽快跟进!<br />
问题3: 因为国内环境限制,你可能无法访问谷歌,这种情况你可以在交流群获取插件(安装方法自行百度,部分浏览器可能需要开发者模式加载)
</div>
</div>

10
templates/admin/page/data_control.php
View File

@@ -34,7 +34,7 @@
<div class="layui-progress" lay-filter="progress" id="progress" style="display:none;">
<div class="layui-progress-bar"></div>
</div>
<blockquote class="layui-elem-quote" style="margin-top: 10px;border-left: 5px solid #FF5722; color: #FF5722;" id='guide'>第一步:请上传数据,支持: db3 / html 格式(最大10M),使用前请参考<a href="https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968661&doc_id=3767990" target="_blank" rel = "nofollow">帮助文档</a></blockquote>
<blockquote class="layui-elem-quote" style="margin-top: 10px;border-left: 5px solid #FF5722; color: #FF5722;" id='guide'>第一步:请上传数据,支持: db3 / html / itabdata 格式(最大10M),使用前请参考<a href="https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968661&doc_id=3767990" target="_blank" rel = "nofollow">帮助文档</a></blockquote>
<div class="layui-form-item" style="display:none;" id='fid'>
<label class="layui-form-label">所属分类</label>
@@ -267,7 +267,7 @@ layui.use(['layer','element','upload','form','table'], function(){
var up_bookmark = upload.render({
elem: '#up_html'
,url: get_api('write_data_control','upload')
,exts: 'html|db3'
,exts: 'html|db3|itabdata'
,accept: 'file'
,size: 1024 * 10
,data: {"page_sid":page_sid}
@@ -290,6 +290,12 @@ layui.use(['layer','element','upload','form','table'], function(){
$("#property").hide();
$("#attr").show();
$("#source").show();
}else if(suffix == 'itabdata'){
$("#fid").hide();
$("#AutoClass").hide();
$("#property").hide();
$("#attr").hide();
$("#source").hide();
}else{
$("#fid").show();
$("#AutoClass").show();

8
templates/admin/page/expand/apply-admin.php
View File

@@ -1,8 +1,8 @@
<?php
if($global_config['apply'] != 1 || !check_purview('apply',1)){
require(DIR.'/templates/admin/page/404.php');
exit;
}
// if($global_config['apply'] != 1 || !check_purview('apply',1)){
// require(DIR.'/templates/admin/page/404.php');
// exit;
// }
$data = unserialize( get_db("user_config", "v", ["k" => "apply","uid"=>UID]) );
$title='收录管理';$awesome=true; require dirname(__DIR__).'/header.php';
?>

19
templates/admin/page/expand/article-edit.php
View File

@@ -1,24 +1,5 @@
<?php
if($global_config['article'] < 1 || !check_purview('article',1)){
require(DIR.'/templates/admin/page/404.php');
exit;
}
// if($global_config['article'] == 2 ){
// if(is_file(DIR.'/static/UEditor/ueditor.all.min.js')){
// require('article-edit-2.php');
// exit;
// }else{
// $content = '未检测到UEditor资源';
// require DIR.'/templates/admin/page/404.php';
// exit;
// }
// }
if(!is_file(DIR.'/static/wangEditor/wangEditor.css') || !is_file(DIR.'/static/wangEditor/wangEditor.js')){
$content = '由于缺少静态资源,当前无法加载编辑器!<br />如果您是站长,请在系统设置页面点击确定保存,系统将自动下载相关资源!<br />如果您是用户,请联系站长处理或耐心等候!';
require DIR.'/templates/admin/page/404.php';
exit;
}
$article_id = Get('id');
$mode = empty($article_id) ? 'add' : 'edit' ;

73
templates/admin/page/expand/article-list.php
View File

@@ -1,13 +1,5 @@
<?php
if($global_config['article'] < 1 || !check_purview('article',1)){
require(DIR.'/templates/admin/page/404.php');
exit;
}
//读取设置
$s_site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
$set['visual'] = $s_site['article_visual'] ?? '1';
$set['icon'] = $s_site['article_icon'] ?? '1';
$title='文章列表';
require dirname(__DIR__).'/header.php' ?>
<body>
<div class="layuimini-container">
@@ -283,18 +275,7 @@ layui.use(['form','table','dropdown','miniTab'], function () {
}
//开始推送
$('#start_push').click(function () {
let checkStatus = table.checkStatus('table');
tableIds = checkStatus.data.map(function (value) {return value.id;});
tableIds = JSON.stringify(tableIds);
$.post(get_api('other_baidu_push'),{'type':'article','push_api':$('#push_api').val(),'id':tableIds},function(data,status){
if(data.code == -1){
layer.msg(data.msg,{icon: 5});
}else if(data.code == 200){
layer.alert('成功推送的条数: ' + data.data.success + '<br />当天剩余的可推送条数: ' + data.data.remain + (data.data.not_same_site && data.data.not_same_site.length > 0 ? "<br />未处理的条数(非本站URL): " + data.data.not_same_site.length:'') + (data.data.not_valid && data.data.not_valid.length > 0 ? "<br />不合法的URL条数: " + data.data.not_valid.length:''));
}else{
layer.alert('错误代码: ' + data.data.error + '<br />错误描述: ' + data.data.message);
}
});
Authorization_Prompt();
return false;
});
//关闭按钮
@@ -322,20 +303,7 @@ layui.use(['form','table','dropdown','miniTab'], function () {
table.on('toolbar(table)', function (obj) {
var btn = obj.event;
if (btn == 'add_article') { //添加文章
layer.open({
title: false,
type: 2,
scrollbar: false,
shade: 0.2,
maxmin:false,
shadeClose: true,
closeBtn:0,
area: ['100%', '100%'],
content: './?c=admin&page=expand/article-edit&u=' + u,
end: function(){
search();
}
});
Authorization_Prompt();
}else if(btn == 'set'){ //设置
index = layer.open({type: 1,scrollbar: false,shadeClose: true,title: false ,area : ['100%', '100%'],closeBtn:0,content: $('.set')});
}else{ //综合批量操作
@@ -381,33 +349,13 @@ layui.use(['form','table','dropdown','miniTab'], function () {
});
});
}else if(btn === 'edit'){
layer.open({
title: false,
type: 2,
scrollbar: false,
shade: 0.2,
maxmin:false,
shadeClose: true,
closeBtn:0,
area: ['100%', '100%'],
content: './?c=admin&page=expand/article-edit&id='+data.id+'&u=' + u,
end: function(){
search();
}
});
Authorization_Prompt();
}
});
//设置相关
form.val('set_form', <?php echo json_encode($set);?>);
$('#save_set').on('click', function(){
$.post(get_api('write_article','save_article_set'),form.val('set_form'),function(data,status){
if(data.code == 1) {
layer.close(index);
layer.msg('操作成功', {icon: 1});
}else{
layer.msg(data.msg || '未知错误',{icon: 5});
}
});
Authorization_Prompt();
return false;
});
//取消按钮
@@ -418,16 +366,7 @@ layui.use(['form','table','dropdown','miniTab'], function () {
//批量修改分类
$('#batch_category').click(function () {
fid = $('#batch_category_fid').val();
$.post(get_api('write_article','up_category'),{'id':tableIds,'category_id':fid},function(data,status){
if(data.code == 1) {
search();
layer.close(index);
layer.msg('操作成功', {icon: 1});
}else{
layer.msg(data.msg || '未知错误',{icon: 5});
}
});
Authorization_Prompt();
return false;
});

29
templates/admin/page/expand/guestbook-admin.php
View File

@@ -1,8 +1,5 @@
<?php
if($global_config['guestbook'] != 1 || !check_purview('guestbook',1)){
require(DIR.'/templates/admin/page/404.php');
exit;
}
$s = unserialize( get_db("user_config", "v", ["k" => "guestbook","uid"=>UID]) );
if(empty($s)){
@@ -14,27 +11,9 @@ if(!Check_Path("data/user/{$u}/MessageBoard")){
$dir = DIR."/data/user/{$u}/MessageBoard/";
if($_POST['type'] == 'set'){
$s['allow'] = $_POST['set'];
write_user_config('guestbook',$s,'config','留言板配置');
msg(1,'操作成功');
msg(-1,'免费不支持此功能');
}elseif($_POST['type'] == 'del'){
if($_POST['name'] == 'help'){
$s['help'] = 'del';
write_user_config('guestbook',$s,'config','留言板配置');
msg(1,'删除成功');
}
//文件名检测
if( !preg_match_all('/^\d+_\d+\.json$/',$_POST['name']) ) {
msg(-1,'数据库名称不合法!');
}
$path = DIR."/data/user/{$u}/MessageBoard/".$_POST['name'];
if(!file_exists($path)){
msg(-1,'文件不存在');
}else if(unlink($path)){
msg(1,'删除成功');
}else{
msg(-1,'删除失败');
}
msg(-1,'免费不支持此功能');
}
@@ -104,7 +83,7 @@ $title='留言管理';require dirname(__DIR__).'/header.php';
<body>
<div class="layuimini-container">
<div class="layuimini-main">
<fieldset class="layui-elem-field layui-field-title" style="margin-top: 30px;"><legend><a style="cursor:pointer;" title="点击打开客户留言页面" rel = "nofollow" href="./?c=guestbook&u=<?php echo U;?>" target="_blank">TowNav 极简留言板</a></legend></fieldset>
<fieldset class="layui-elem-field layui-field-title" style="margin-top: 30px;"><legend><a style="cursor:pointer;" title="点击打开客户留言页面" rel = "nofollow" href="<?php echo (static_link ? get_surl("guestbook-{UUID}.html"):"./?c=guestbook&u={$u}") ;?>" target="_blank">TowNav 极简留言板</a></legend></fieldset>
<fieldset class="layui-elem-field layui-field-title" style="margin-top: 30px;">
<legend>当前设置:<a style="cursor:pointer;" title="点击切换" rel = "nofollow" onclick = "set('<?php echo $s['allow']== '1'?'0':'1';?>')"><?php echo $s['allow']== '1'?'允许留言':'禁止留言';?></a>
</legend>

2
templates/admin/page/expand/guestbook-user.php
View File

@@ -54,7 +54,7 @@
</div>
<div class="layui-form-item" style="padding-top: 10px;">
<div class="layui-input-block">
<?php if($s['allow'] == '1'){ echo '<button class="layui-btn" lay-submit lay-filter="Submit">提交</button>';} ?>
<button class="layui-btn" lay-submit lay-filter="Submit">提交</button>
</div>
</div>
</form>

66
templates/admin/page/expand/sitemap.php
View File

@@ -71,8 +71,8 @@ $title='站点地图';require(dirname(__DIR__).'/header.php');
<div class="layui-input-block" >
<select name="user_homepage">
<option value="0" >不生成</option>
<option value="1" selected="">动态地址 | http://example.com/index.php?u=user</option>
<option value="2" >静态地址 | http://example.com/user.html</option>
<option value="1" >动态地址 | http://example.com/index.php?u=user</option>
<option value="2" selected="">静态地址 | http://example.com/user.html</option>
<option value="3" >二级域名 | http://user.example.com</option>
</select>
</div>
@@ -98,8 +98,9 @@ $title='站点地图';require(dirname(__DIR__).'/header.php');
<div class="layui-input-block" >
<select name="click_page">
<option value="0" >不生成</option>
<option value="1" selected="">动态地址 | http://example.com/index.php?c=click&id=1&u=user</option>
<option value="2" >静态地址 | http://example.com/user/click/1.html</option>
<option value="1" >动态地址 | http://example.com/index.php?c=click&id=1&u=user</option>
<option value="2" selected="">静态地址 | http://example.com/user/click/1.html</option>
<option value="2" selected="">静态地址 | http://example.com/click-user-1.html</option>
</select>
</div>
</div>
@@ -118,31 +119,31 @@ $title='站点地图';require(dirname(__DIR__).'/header.php');
</div>
</div>
<!--<fieldset class="layui-elem-field layui-field-title" style="margin-top: 30px;"><legend>文章页面</legend></fieldset>-->
<!--<div class="layui-form-item">-->
<!-- <label class="layui-form-label">URL格式</label>-->
<!-- <div class="layui-input-block" >-->
<!-- <select name="article_page">-->
<!-- <option value="0" >不生成</option>-->
<!-- <option value="1" selected="">动态地址 | http://example.com/index.php?c=article&id=1&u=user</option>-->
<!-- <option value="2" >静态地址 | http://example.com/user/article/1.html</option>-->
<!-- </select>-->
<!-- </div>-->
<!--</div>-->
<fieldset class="layui-elem-field layui-field-title" style="margin-top: 30px;"><legend>文章页面</legend></fieldset>
<div class="layui-form-item">
<label class="layui-form-label">URL格式</label>
<div class="layui-input-block" >
<select name="article_page">
<option value="0" >不生成</option>
<option value="1" >动态地址 | http://example.com/index.php?c=article&id=1&u=user</option>
<option value="2" selected="">静态地址 | http://example.com/article-user-1.html</option>
</select>
</div>
</div>
<!--<div class="layui-form-item">-->
<!-- <label class="layui-form-label">权重</label>-->
<!-- <div class="layui-input-inline">-->
<!-- <input type="text" name="article_page_weight" lay-verify="required" value="0.8" autocomplete="off" class="layui-input">-->
<!-- </div>-->
<!--</div>-->
<div class="layui-form-item">
<label class="layui-form-label">权重</label>
<div class="layui-input-inline">
<input type="text" name="article_page_weight" lay-verify="required" value="0.8" autocomplete="off" class="layui-input">
</div>
</div>
<!--<div class="layui-form-item">-->
<!-- <label class="layui-form-label">更新频率</label>-->
<!-- <div class="layui-input-inline" >-->
<!-- <select name="article_page_changefreq"></select>-->
<!-- </div>-->
<!--</div>-->
<div class="layui-form-item">
<label class="layui-form-label">更新频率</label>
<div class="layui-input-inline" >
<select name="article_page_changefreq"></select>
</div>
</div>
<div class="layui-form-item">
<div class="layui-input-block">
@@ -194,16 +195,7 @@ layui.use(['jquery','form'], function () {
});
//测试
form.on('submit(generate)', function (data) {
layer.load(1, {shade:[0.3,'#fff']});
layer.msg('正在处理中..', {icon: 16,time: 1000*300});
$.post('./?c=sitemap&mode=manual',data.field,function(data,status){
layer.closeAll();
if(data.code == 1) {
layer.alert(data.msg);
}else{
layer.msg(data.msg, {icon: 5});
}
});
Authorization_Prompt();
return false;
});

4
templates/admin/page/header.php
View File

@@ -7,7 +7,7 @@
<meta name="renderer" content="webkit">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<?php if(defined('referrer')) echo '<meta name="referrer" content="' . referrer . '">'."\n";?>
<?php load_static('css');if($awesome) echo str_replace('#',$libs,' <link rel="stylesheet" href="#/Font-awesome/4.7.0/css/font-awesome.css" media="all">'."\n");?>
<meta name="referrer" content="no-referrer-when-downgrade">
<?php load_static('css');if($awesome) echo str_replace('#',$libs,' <link rel="stylesheet" href="#/Font-awesome/4.7.0/css/font-awesome.min.css" media="all">'."\n");?>
<script>var u = "<?php echo U;?>";</script>
</head>

80
templates/admin/page/home.php
View File

@@ -4,65 +4,20 @@ $awesome=true;
//读取缓存数据
$Notice = get_db('global_config','v',['k'=>'notice']);
//如果不为空,则解析数据
if(!empty($Notice)){
$data = json_decode($Notice, true);
$cache_time = 60; //缓存时间(秒);
$reload = time() > $data["download_time"] + $cache_time; //是否更新公告
}else{
$reload = true; //需要刷新
}
//是否下载数据
if(!offline && $reload){
$overtime = !isset($global_config['Update_Overtime']) ? 3 : ($global_config['Update_Overtime'] < 3 || $global_config['Update_Overtime'] > 60 ? 3 : $global_config['Update_Overtime']);
$urls = [
"lm21" => "https://update.lm21.top/TwoNav/Notice.json",
"gitee" => "https://gitee.com/tznb/twonav_updata/raw/master/Notice.json"
];
$Source = $global_config['Update_Source'] ?? '';
if (!empty($Source) && isset($urls[$Source])) {
$urls = [$Source => $urls[$Source]];
}
foreach($urls as $key => $url){
$Res = ccurl($url,$overtime);
$new_data = json_decode($Res['content'], true);unset($Res);
if($new_data["code"] == 200 ){ //下载成功,写入缓存
$new_data['download_time'] = time();
write_global_config('notice',json_encode($new_data),'官方公告(缓存)');
$data = $new_data;
unset($new_data);
break;
}
}
}
//判断是否为空
if(empty($data['version'])){
$data['version'] = SysVer; //获取失败时=当前版本
}else{
//比较远程版本
if(version_compare($data['version'],SysVer,'<')){
$data['version'] = SysVer; //远程版本比当前旧是最新版本显示当前版本
}
}
$data = empty($Notice)?[]:json_decode($Notice, true);
//输出公告
function echo_notice($data){
if(empty($data["notice"])){
return;
}
echo '<div class="layui-card"><div class="layui-card-header"><i class="fa fa-bullhorn icon"></i>最新动态</div><div class="layui-card-body layui-text">';
//输出最新动态
function echo_notice_link($data){
echo '<div class="layui-card notice1"><div class="layui-card-header"><i class="fa fa-bullhorn icon"></i>最新动态</div><div class="layui-card-body layui-text" id="notice_link">';
foreach($data["notice"] as $value){
echo "<div class=\"layuimini-notice\"><div class=\"layuimini-notice-title\"><a href=\"{$value['url']}\" target=\"_blank\">{$value['title']}</a></div></div>";
}
echo '</div></div>';
}
//输出作者心语
function echo_message($data){
if(empty($data["message"])){
return;
}
echo '<div class="layui-card"><div class="layui-card-header"><i class="fa fa-paper-plane-o icon"></i>作者心语</div><div class="layui-card-body layui-text layadmin-text">';
//输出官方公告
function echo_notice_text($data){
echo '<div class="layui-card notice2"><div class="layui-card-header"><i class="fa fa-bell-o icon"></i>官方公告</div><div class="layui-card-body layui-text layadmin-text" id="notice_text">';
echo $data['message'];
echo '</div></div>';
}
@@ -77,12 +32,9 @@ if( $global_config['Sub_domain'] == 1 && check_purview('Sub_domain',1)){
}
}
if(!isset($_h)){
$_h = './?u='.U;
$_l = './?c='.$USER_DB['Login'].'&u='.U;
$_h = static_link ? get_surl('{UUID}.html'):"./?u={$u}";
$_l = static_link ? get_surl("login-{UUID}-{$USER_DB['Login']}.html"):"./?c={$USER_DB['Login']}&u={$u}" ;
}
require 'header.php';
?>
<style>
@@ -227,9 +179,9 @@ require 'header.php';
</a>
</div>
<div class="layui-col-xs3 layuimini-qiuck-module">
<a href="javascript:;" layuimini-content-href="UserPassword" data-title="修改密码" data-icon="fa fa-key">
<i class="fa fa-key"></i>
<cite>修改密码</cite>
<a href="https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968669&doc_id=3767990" target="_blank">
<i class="fa fa-diamond"></i>
<cite>购买授权</cite>
</a>
</div>
</div>
@@ -288,7 +240,7 @@ require 'header.php';
<?php }?>
<tr>
<td>用户交流</td>
<td><a target="_blank" href="https://qm.qq.com/cgi-bin/qm/qr?k=LaIzFK2hfTYBZGR0cKvW3xZL6aNgcSXH&jump_from=webapi&authKey=LHh1NtAiGdK0wNyoZiHWrzAZTWWq26YgAwX0Ak7rBWchh6Y5ocUX/0cCXLMXvq/k" title="TwoNav - 技术交流">QQ群695720839</a>
<td><a target="_blank" href="https://qm.qq.com/cgi-bin/qm/qr?k=dMXOVXaYcnKMVmPsqBqpeSxcszy-z4vT&jump_from=webapi&authKey=SQArXAovtNKkH4VGv2Uy6p9wITMQxtjx8W2xLxCKkw3IOwXqQ9H34k4K9o1p4DVQ" title="TwoNav - 技术交流2">QQ群621815595</a>
</td>
</tr>
<tr>
@@ -309,8 +261,8 @@ require 'header.php';
</table>
</div>
</div>
<?php echo_notice($data); //官方公告?>
<?php echo_message($data); //作者心语?>
<?php echo_notice_link($data); //最新动态 ?>
<?php echo_notice_text($data); //官方公告 ?>
</div>
</div>
</div>

11
templates/admin/page/root/default_setting.php
View File

@@ -9,7 +9,7 @@ $LoginConfig = unserialize( get_db("global_config", "v", ["k" => "LoginConfig"])
<div class="layuimini-main">
<form class="layui-form" lay-filter="form">
<div class="layui-form layuimini-form layui-form-pane">
<blockquote class="layui-elem-quote layui-text" style="">1.本页功能<a href="https://gitee.com/tznb/OneNav/wikis/%E8%AE%A2%E9%98%85%E6%9C%8D%E5%8A%A1%E6%8C%87%E5%BC%95" target="_blank">授权用户</a>专享<br />2.用户注册后默认使用此方案<br />3.此功能不会修改现有用户的配置<br />4.如果您不理解选项的作用请勿乱改 </blockquote>
<blockquote class="layui-elem-quote layui-text" style="">1.本页功能<a href="https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968669&doc_id=3767990" target="_blank">授权用户</a>专享<br />2.用户注册后默认使用此方案<br />3.此功能不会修改现有用户的配置<br />4.如果您不理解选项的作用请勿乱改 </blockquote>
<fieldset class="layui-elem-field layui-field-title"><legend>安全设置</legend></fieldset>
<div class="layui-form-item">
@@ -141,11 +141,10 @@ $LoginConfig = unserialize( get_db("global_config", "v", ["k" => "LoginConfig"])
<label class="layui-form-label">链接图标</label>
<div class="layui-input-inline" >
<select name="link_icon">
<option value="0" selected>离线图标</option>
<!--<option value="1" >本地服务(支持缓存)</option>-->
<option value="2" >favicon.rss.ink (小图标)</option>
<option value="4" >api.15777.cn</option>
<option value="5" >favicon.cccyun.cc</option>
<option value="0" selected>离线图标(首字图标)</option>
<option value="20" >本地服务</option>
<option value="21" >本地服务(伪静态)</option>
<option value="2" >favicon.png.pub (小图标)</option>
<option value="6" >api.iowen.cn</option>
</select>
</div>

2
templates/admin/page/root/icon_set.php
View File

@@ -8,7 +8,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<form class="layui-form" lay-filter="form">
<div class="layui-form layuimini-form layui-form-pane">
<blockquote class="layui-elem-quote layui-text" style="">
1.此功能<a href="https://gitee.com/tznb/OneNav/wikis/%E8%AE%A2%E9%98%85%E6%9C%8D%E5%8A%A1%E6%8C%87%E5%BC%95" target="_blank">授权用户</a>专享,请仔细阅读本页说明<br />
1.此功能<a href="https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968669&doc_id=3767990" target="_blank">授权用户</a>专享,请仔细阅读本页说明<br />
2.缓存时间视自身需求而定,希望及时更新则短一点(实际上站点很少会更新图标),建议值: 604800 (7天)<br />
3.修改缓存时间可能不会立即生效,因为浏览器已经缓存的图标会等过期后再刷新 (可以清理浏览器缓存来强制刷新)<br />
4.用户需在站点设置>链接图标>选择本地服务或本地服务(伪静态),后者需要从站长工具生成伪静态并正确配置<br />

40
templates/admin/page/root/mail_set.php
View File

@@ -8,28 +8,28 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<form class="layui-form" lay-filter="form">
<div class="layui-form layuimini-form layui-form-pane">
<blockquote class="layui-elem-quote layui-text" style="">
1.此功能<a href="https://gitee.com/tznb/OneNav/wikis/%E8%AE%A2%E9%98%85%E6%9C%8D%E5%8A%A1%E6%8C%87%E5%BC%95" target="_blank">授权用户</a>专享
1.此功能<a href="https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968669&doc_id=3767990" target="_blank">授权用户</a>专享
</blockquote>
<fieldset class="layui-elem-field layui-field-title" style="margin-top: 30px;"><legend>SMTP 配置</legend></fieldset>
<div class="layui-form-item">
<label class="layui-form-label">账号</label>
<div class="layui-input-inline">
<input type="pass" name="user" lay-verify="required" lay-reqtext="账号不能为空" placeholder='请输入账号' autocomplete="off" class="layui-input">
<input type="pass" name="user" lay-reqtext="账号不能为空" placeholder='请输入账号' autocomplete="off" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">邮箱账号,例如: admin@qq.com</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">密码</label>
<div class="layui-input-inline">
<input type="password" name="pwd" lay-verify="required" lay-reqtext="密码不能为空" placeholder='请输入密码或授权码' autocomplete="off" class="layui-input">
<input type="password" name="pwd" lay-reqtext="密码不能为空" placeholder='请输入密码或授权码' autocomplete="off" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">邮箱密码,也可能是独立密码或者授权码</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">服务器</label>
<div class="layui-input-inline">
<input type="text" name="host" lay-verify="required" lay-reqtext="服务器不能为空" placeholder='请输入发件服务器地址' autocomplete="off" class="layui-input">
<input type="text" name="host" lay-reqtext="服务器不能为空" placeholder='请输入发件服务器地址' autocomplete="off" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">例如: smtp.qq.com</div>
</div>
@@ -37,7 +37,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-form-item">
<label class="layui-form-label">端口</label>
<div class="layui-input-inline">
<input type="number" name="port" lay-verify="required" lay-reqtext="端口不能为空" placeholder='请输入服务器端口' value="465" autocomplete="off" class="layui-input">
<input type="number" name="port" lay-reqtext="端口不能为空" placeholder='请输入服务器端口' value="465" autocomplete="off" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">通常是: 465或587</div>
</div>
@@ -56,7 +56,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-form-item">
<label class="layui-form-label">发送人</label>
<div class="layui-input-inline">
<input type="text" name="sender" lay-verify="required" lay-reqtext="发送人名称不能为空" placeholder='' autocomplete="off" class="layui-input">
<input type="text" name="sender" lay-reqtext="发送人名称不能为空" placeholder='' autocomplete="off" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">例如: TwoNav</div>
</div>
@@ -83,7 +83,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-form-item">
<label class="layui-form-label">发送间隔</label>
<div class="layui-input-inline">
<input type="number" name="send_interval" lay-verify="required" lay-reqtext="发送间隔不能为空" placeholder='IP发送间隔,单位秒!' value="60" autocomplete="off" class="layui-input">
<input type="number" name="send_interval" lay-reqtext="发送间隔不能为空" placeholder='IP发送间隔,单位秒!' value="60" autocomplete="off" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">为了避免被恶意发送,建议不低于30秒</div>
</div>
@@ -112,37 +112,15 @@ layui.use(['jquery','form'], function () {
var form = layui.form;
var layer = layui.layer;
var $ = layui.jquery;
//表单赋值
form.val('form', <?php echo json_encode(unserialize( get_db("global_config", "v", ["k" => "mail_config"])));?>);
//监听提交
form.on('submit(save)', function (data) {
$.post(get_api('other_root','write_mail_config'),data.field,function(data,status){
if(data.code == 1) {
if(data.msg!="保存成功"){
layer.alert(data.msg)
}else{
layer.msg(data.msg, {icon: 1});
}
}else{
layer.msg(data.msg, {icon: 5});
}
});
layer.msg('当前版本不支持此功能,如需此功能请购买高级版授权', {icon: 5,time: 1000*300});
return false;
});
//测试
form.on('submit(send_test)', function (data) {
layer.load(1, {shade:[0.3,'#fff']});
layer.msg('正在发送中..', {icon: 16,time: 1000*300});
$.post(get_api('other_root','write_mail_test'),data.field,function(data,status){
layer.closeAll();
if(data.code == 1) {
layer.alert(data.msg);
}else{
layer.msg(data.msg, {icon: 5});
}
});
layer.msg('当前版本不支持此功能,如需此功能请购买高级版授权', {icon: 5,time: 1000*300});
return false;
});

89
templates/admin/page/root/sys_setting.php
View File

@@ -4,6 +4,15 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
?>
<style>
.layui-btn-container .layui-btn{border-width: 1px; border-style: solid; border-color: #FF5722!important; color: #FF5722!important;background: none;height: 30px; line-height: 30px; padding: 0 10px; font-size: 12px;}
.footer{
position: fixed;
bottom: 0;
left: 0;
width: 100%;
padding: 10px;
background-color: #fff;
border-top: 1px solid #e6e6e6;
}
</style>
<body>
<div class="layuimini-container">
@@ -16,7 +25,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
</div>
<form class="layui-form" lay-filter="form">
<div class="layui-form layuimini-form layui-form-pane">
<blockquote class="layui-elem-quote layui-text" style="">1.带*号的选项属<a href="https://gitee.com/tznb/OneNav/wikis/%E8%AE%A2%E9%98%85%E6%9C%8D%E5%8A%A1%E6%8C%87%E5%BC%95" target="_blank">授权用户</a>专享<br />2.原OneNav Extend的部分配置已下放到用户组配置中<br />3.如果您不理解选项的作用请勿乱改 </blockquote>
<blockquote class="layui-elem-quote layui-text" style="">1.带*号的选项属<a href="https://gitee.com/tznb/TwoNav/wikis/pages?sort_id=7968669&doc_id=3767990" target="_blank">授权用户</a>专享<br />2.如果您不理解选项的作用请勿乱改 </blockquote>
<div class="layui-form-item">
<label class="layui-form-label">默认用户</label>
@@ -38,7 +47,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-form-mid layui-word-aux">直接访问域名不带任何参数时显示的页面</div>
</div>
<div class="layui-form-item">
<div class="layui-form-item layui-hide">
<label class="layui-form-label required">默认分组</label>
<div class="layui-input-inline">
<input type="text" name="default_UserGroup" lay-reqtext="默认用户不能为空" placeholder='default' autocomplete="off" class="layui-input">
@@ -46,7 +55,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-form-mid layui-word-aux">用户注册成功后所在分组代号,留空则使用默认分组</div>
</div>
<div class="layui-form-item">
<div class="layui-form-item layui-hide">
<label class="layui-form-label">注册配置</label>
<div class="layui-input-inline" >
<select name="RegOption">
@@ -58,7 +67,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-form-mid layui-word-aux">个人使用时建议禁止注册</div>
</div>
<div class="layui-form-item">
<div class="layui-form-item layui-hide">
<label class="layui-form-label">注册入口</label>
<div class="layui-input-inline">
<input type="text" name="Register" lay-verify="required" lay-reqtext="注册入口不能为空" placeholder='register' autocomplete="off" class="layui-input">
@@ -66,7 +75,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-form-mid layui-word-aux">不想被随意注册时可以修改</div>
</div>
<div class="layui-form-item">
<div class="layui-form-item layui-hide">
<label class="layui-form-label">登录入口</label>
<div class="layui-input-inline">
<input type="text" name="Login" lay-verify="required" lay-reqtext="登录入口不能为空" placeholder='login' autocomplete="off" class="layui-input">
@@ -74,7 +83,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-form-mid layui-word-aux">修改可以防止被爆破,修改请记好入口名,否则无法登录后台</div>
</div>
<div class="layui-form-item">
<div class="layui-form-item layui-hide">
<label class="layui-form-label">静态路径</label>
<div class="layui-input-inline">
<input type="text" name="Libs" lay-verify="required" lay-reqtext="静态路径不能为空,填错会导致无法正常加载网页!默认./static" placeholder='./static' autocomplete="off" class="layui-input">
@@ -90,7 +99,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-form-mid layui-word-aux">主页底部显示的备案信息</div>
</div>
<div class="layui-form-item">
<div class="layui-form-item layui-hide">
<label class="layui-form-label">防XSS脚本</label>
<div class="layui-input-inline" >
<select name="XSS_WAF">
@@ -101,7 +110,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-form-mid layui-word-aux">拦截POST表单中的XSS恶意代码,提升网站安全性</div>
</div>
<div class="layui-form-item">
<div class="layui-form-item layui-hide">
<label class="layui-form-label">防SQL注入</label>
<div class="layui-input-inline" >
<select name="SQL_WAF">
@@ -112,7 +121,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-form-mid layui-word-aux">拦截POST表单中的SQL注入代码,提升网站安全性</div>
</div>
<div class="layui-form-item">
<div class="layui-form-item layui-hide">
<label class="layui-form-label">离线模式</label>
<div class="layui-input-inline" >
<select name="offline">
@@ -123,6 +132,28 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-form-mid layui-word-aux">开启将禁止服务器访问互联网,部分功能将被禁用(如:更新提示,公告,在线主题,链接识别等)</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">资源节点</label>
<div class="layui-input-inline">
<select name="Update_Source">
<option value="0" selected="">自动</option>
<option value="1">国内-1</option>
<option value="2">国内-2</option>
<option value="3">海外-3</option>
<option value="4">国内-4</option>
</select>
</div>
<div class="layui-form-mid layui-word-aux">默认为自动 (非必要请勿修改)</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">请求超时</label>
<div class="layui-input-inline">
<input type="number" name="Update_Overtime" autocomplete="off" value="3" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">默认3秒,范围3-60 (非必要请勿修改)</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">调试模式</label>
<div class="layui-input-inline">
@@ -134,7 +165,7 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-form-mid layui-word-aux">开发者调试模式,请不要随意开启</div>
</div>
<div class="layui-form-item">
<div class="layui-form-item layui-hide">
<label class="layui-form-label">维护模式</label>
<div class="layui-input-inline">
<select name="Maintenance">
@@ -144,7 +175,19 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
</div>
<div class="layui-form-mid layui-word-aux">开启时将关闭主页/登录/注册等服务,站长账号不受影响(网站升级迁移时适用)</div>
</div>
<div class="layui-form-item layui-hide">
<label class="layui-form-label required">静态链接</label>
<div class="layui-input-inline">
<select name="static_link">
<option value="0" selected="">关闭</option>
<option value="1" >开启-UN</option>
<option value="2" >开启-UID</option>
</select>
</div>
<div class="layui-form-mid layui-word-aux">开启后部分动态链接将改为静态链接 (请确保伪静态生效中,选定后不建议更改)</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label required">强制私有</label>
<div class="layui-input-inline">
@@ -199,26 +242,6 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
</div>
<div class="layui-form-mid layui-word-aux">请勿开启!请勿开启!请勿开启!</div>
</div>
<div class="layui-form-item layui-hide">
<label class="layui-form-label">资源接口</label>
<div class="layui-input-inline">
<select name="Update_Source">
<option value="0" selected="">自动</option>
<option value="lm21">主线路</option>
<option value="gitee">备用线路(gitee)</option>
</select>
</div>
<div class="layui-form-mid layui-word-aux">备用资源不定期更新,非必要请勿使用!</div>
</div>
<div class="layui-form-item layui-hide">
<label class="layui-form-label">资源超时</label>
<div class="layui-input-inline">
<input type="number" name="Update_Overtime" autocomplete="off" value="3" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">默认3秒,范围3-60</div>
</div>
<fieldset class="layui-elem-field layui-field-title" style="margin-top: 30px;"><legend>扩展功能</legend></fieldset>
<blockquote class="layui-elem-quote layui-text" style="">注:开关后请刷新整个页面</blockquote>
@@ -318,8 +341,8 @@ $title='系统设置';require(dirname(__DIR__).'/header.php');
<div class="layui-form-mid layui-word-aux">是否允许默认用户组使用自定义代码!允许存在安全隐患!</div>
</div>
<div class="layui-form-item">
<div class="layui-input-block"><button class="layui-btn layui-btn-normal" lay-submit lay-filter="save">确认保存</button></div>
<div class="footer">
<button class="layui-btn layui-btn-normal" lay-submit lay-filter="save" style=" margin-left: 10px; ">确认保存</button>
</div>
</div>
</form>

74
templates/admin/page/root/tool.php
View File

@@ -34,7 +34,7 @@ require(dirname(__DIR__).'/header.php');
<pre class="layui-code" id="console_log" >
1.功能都集中在上方的按钮了,需要那个就点击那个!
2.一键诊断和phpinfo用于帮助站长和开发者快速了解服务器环境
3.生成伪静态(伪静态无需求可不设置,安全设置最好设置下)
3.生成伪静态(仅针对Nginx,安全配置必选,其他规则按需,Apache已内置规则无需设置,其他环境不支持)
4.数据库升级: 手动安装更新时,若有说明需更新数据库,则需要手动点击此按钮!自动更新时无需干预,特殊情况除外!
5.清理缓存: 用于清理特定情况下产生的临时数据 (仅清理60分钟前的数据)
产生原因1:用户在添加链接页面上传了图标且未点击删除图标或添加链接,而是直接关闭了页面
@@ -46,10 +46,10 @@ require(dirname(__DIR__).'/header.php');
</div>
<script src = "<?php echo $libs;?>/jquery/jquery-3.6.0.min.js"></script>
<script src = "<?php echo $libs;?>/jquery/jquery-3.6.0.min.js?v=<?php echo $Ver;?>"></script>
<script src = "./templates/admin/js/public.js?v=<?php echo $Ver;?>"></script>
<script src = "<?php echo $libs?>/Other/ClipBoard.min.js"></script>
<script src = '<?php echo $libs?>/jquery/jquery.md5.js'></script>
<script src = "<?php echo $libs?>/Other/ClipBoard.min.js?v=<?php echo $Ver;?>"></script>
<script src = '<?php echo $libs?>/jquery/jquery.md5.js?v=<?php echo $Ver;?>'></script>
<?php load_static('js');?>
<script>
layui.use(['layer','form','miniTab'], function () {
@@ -69,40 +69,37 @@ layui.use(['layer','form','miniTab'], function () {
});
//一键诊断
$('.diagnose').on('click', function(){
layer.load(0);
$("#console_log").text("");
$("#console_log").append("浏览器UA" + navigator.userAgent +"\n");
$("#console_log").append("客户端时间:" + timestampToTime(Math.round(new Date() / 1000) ) +"\n");
$.post(get_api('read_data','diagnostic_log'),function(data,status){
layer.closeLast('loading');
$("#console_log").append(data.msg);
}).fail(function(xhr, textStatus, errorThrown) {
layer.closeLast('loading');
layer.alert('请求失败');
});
});
//连通测试
$('.connectivity_test').on('click', function(){
layer.load(0);
$("#console_log").text("");
$("#console_log").append("浏览器UA" + navigator.userAgent +"\n");
$("#console_log").append("客户端时间:" + timestampToTime(Math.round(new Date() / 1000) ) +"\n");
var urls = [
['主线路', 'https://update.lm21.top/connectivity_test.txt'],
['备用线路(Gitee)', 'https://gitee.com/tznb/twonav_updata/raw/master/connectivity_test.txt']
];
urls.forEach(function(route) {
var routeName = route[0];
var url = route[1];
$("#console_log").append("正在检测: " + routeName +"\n");
$.ajax({
url: get_api('read_data', 'connectivity_test'),
type: 'POST',
data: { url: url },
async: false,
success: function(data, status) {
$("#console_log").append("正在检测: " + 'gitee' +"\n");
$.ajax({
url: get_api('read_data', 'connectivity_test'),
type: 'POST',
data: { id: '1' },
success: function(data, status) {
layer.closeLast('loading');
$("#console_log").append(data.msg + "\n");
},
error: function(jqXHR, textStatus, errorThrown) {
$("#console_log").append(routeName + ": 请求 " + url + " 发生错误:" + errorThrown + "\n");
}
});
},error: function(jqXHR, textStatus, errorThrown) {
layer.closeLast('loading');
$("#console_log").append('gitee' + ": 请求 " + url + " 发生错误:" + errorThrown + "\n");
}
});
});
//phpinfo
@@ -133,23 +130,6 @@ layui.use(['layer','form','miniTab'], function () {
$('.rewrite').on('click', function(){
let pathname = window.location.pathname;
$("#console_log").text("");
//$("#console_log").append(`#更新时间: 2023.09.05\n`);
//$("#console_log").append(`#安全规则(必选)\n`);
//$("#console_log").append(`location ^~ ${pathname}data/ {location ~* \\.(db|db3|php|sql|tar|gz|zip|info|log|json)$ {return 403;}}\n`);
//$("#console_log").append(`location ^~ ${pathname}templates/ {location ~* \\.(php|tar|gz|zip|info|log|json)$ {return 403;}}\n`);
//$("#console_log").append(`#重写规则(可选)\n`);
//$("#console_log").append(`rewrite ^${pathname}login$ ${pathname}index.php?c=login break;\n`);
//$("#console_log").append(`rewrite ^${pathname}admin$ ${pathname}index.php?c=admin break;\n`);
//$("#console_log").append(`rewrite ^${pathname}ico/(.+) ${pathname}index.php?c=icon&url=$1 break;\n`);
//$("#console_log").append(`rewrite ^${pathname}([A-Za-z0-9]+)$ ${pathname}index.php?u=$1 break;\n`);
//$("#console_log").append(`rewrite ^${pathname}([A-Za-z0-9]+)\\.html$ ${pathname}index.php?u=$1 break;\n`);
//$("#console_log").append(`rewrite ^${pathname}(.+)/(click|article)/([A-Za-z0-9]+)$ ${pathname}index.php?c=$2&id=$3&u=$1 break;\n`);
//$("#console_log").append(`rewrite ^${pathname}(.+)/(click|article)/([A-Za-z0-9]+)\\.html$ ${pathname}index.php?c=$2&id=$3&u=$1 break;\n`);
////路径修正(解决使用伪静态链接访问时路径错误的问题)
//$("#console_log").append(`rewrite ^${pathname}(.+)/(click|article)/(templates|static|data|system)/(.+) ${pathname}$3/$4 break;\n`);
//$("#console_log").append(`rewrite ^${pathname}(.+)/(click|article)/favicon\\.ico ${pathname}favicon.ico break;\n`);
//$("#console_log").append(`#站点地图(可选)\n`);
//$("#console_log").append(`rewrite ^${pathname}sitemap.xml$ ${pathname}index.php?c=sitemap break;\n`);
$("#console_log").append(`#安全规则(必选)\n`);
$("#console_log").append(`location ^~ ${pathname}data/ {location ~* \\.(db|db3|php|sql|tar|gz|zip|info|log|json)$ {return 403;}}\n`);
@@ -157,8 +137,6 @@ layui.use(['layer','form','miniTab'], function () {
if(pathname == '/'){
$("#console_log").append(`#重写规则(可选)\n`);
$("#console_log").append(`location / {\n if ($uri ~* ^/index\.php$) { break; }\n if ($uri ~* ^/(templates|static|data|system)/) { break; }\n try_files $uri $uri/ /rewrite.php?$query_string;\n}\n`);
$("#console_log").append(`rewrite ^/[a-zA-Z0-9]+/[a-zA-Z]+/(templates|static|data|system)/(.+) /$1/$2 break;\n`);
$("#console_log").append(`rewrite ^/[a-zA-Z0-9]+/[a-zA-Z]+/favicon\\.ico /favicon.ico break;\n`);
}else{
$("#console_log").append(`#检测到程序运行在非根目录,此环境仅提供安全规则!部分与伪静态相关的功能将不可用!\n`);
}
@@ -166,21 +144,31 @@ layui.use(['layer','form','miniTab'], function () {
});
//清理缓存
$('.CleanCache').on('click', function(){
layer.load(0);
$.post(get_api('other_root','CleanCache'),function(data,status){
layer.closeLast('loading');
if(data.code == 1){
layer.msg(data.msg,{icon: 1})
} else{
layer.msg(data.msg,{icon: 5});
}
}).fail(function(xhr, textStatus, errorThrown) {
layer.closeLast('loading');
layer.alert('请求失败');
});
});
//数据库升级
$('.db_upgrade').on('click', function(){
layer.load(0);
$("#console_log").text("");
$("#console_log").append(`正在处理中,请勿操作页面...\n`);
$.post(get_api("other_upsys"),{"i":4,"pattern":"manual"}, function(data, status) {
layer.closeLast('loading');
$("#console_log").text("");
$("#console_log").append(`${data.msg}\n`);
}).fail(function(xhr, textStatus, errorThrown) {
layer.closeLast('loading');
layer.alert('请求失败');
});
});
});

21
templates/admin/page/root/user_control.php
View File

@@ -58,13 +58,22 @@ layui.use(['table','layer','form'], function () {
var limit = localStorage.getItem(u + "_limit") || 50;
var api = get_api('read_user_list','list');
var IDs = [];
var static_link = 0;
var cols = [[
{type:'checkbox'} //开启复选框
,{field:'ID',title:'ID',width:60,sort:true,event:'login_entry',style:'cursor: pointer;color: #3c78d8;'}
,{title:'操作',toolbar:'#line_tool',width:70}
,{field:'User',title:'账号',minWidth:120,sort:true,templet:function(d){
return '<a style="color:#3c78d8" title="打开用户主页" target="_blank" href="./?u='+d.User+'">'+d.User+'</a>'
if(static_link == 1){
url = `./${d.User}.html`;
}else if(static_link == 2){
url = `./${d.ID}.html`;
}else{
url = `./index.php?&u=${d.User}`;
}
return '<a style="color:#3c78d8" title="打开用户主页" target="_blank" href="'+url+'">'+d.User+'</a>'
}}
,{field:'UserGroupName',title:'用户组',minWidth:90,sort:true}
,{field:'Email',title:'Email',minWidth:170,sort:true,event:'set_email',style:'cursor: pointer;color: #3c78d8;'}
@@ -203,9 +212,13 @@ layui.use(['table','layer','form'], function () {
});
});
}else if(obj.event == 'login_entry'){
window.open('./index.php?c=' + data.Login + '&u=' + data.User);
}else if(obj.event == 'homepage'){
window.open('./index.php?&u=' + data.User);
if(static_link == 1){
window.open(`./login-${data.User}-${data.Login}.html`);
}else if(static_link == 2){
window.open(`./login-${data.ID}-${data.Login}.html`);
}else{
window.open('./index.php?c=' + data.Login + '&u=' + data.User);
}
}else if(obj.event == 'ip'){
query_ip(data.RegIP);
}

123
templates/admin/page/root/vip.php
View File

@@ -12,12 +12,30 @@ if(!empty($Notice)){
<div class="layuimini-container">
<div class="layuimini-main">
<div class="layui-form layuimini-form layui-form-pane">
<h4 style = "margin-bottom:1em;"><font color="red">不要使用盗版/破解版,盗版无法升级却存在诸多问题,所造成的损失与本程序无关</font></h4>
<blockquote class="layui-elem-quote layui-text" style="color:red" >
<li> 如何激活授权: </li>
<li>1. 购买授权后将授权卡密和邮箱填入下方并点击保存</li>
<li>2. 返回概要页面 > 刷新 > 更新系统 ( 不更新还是免费版 )</li>
<li>3. 更新成功后就是授权版的系统了,可使用全部功能</li>
<li>4. 禁止传播/破解授权版源代码,违者封授权并追责</li>
</blockquote>
<blockquote class="layui-elem-quote layui-text" style="color:red" >
<li> 温馨提示: </li>
<li>授权是跟当前访问的域名或IP绑定的,通常建议绑定域名</li>
<li>初次保存授权时会自动激活卡密并绑定当前域名或IP</li>
<li>请不要在临时域名或临时IP中激活授权 (特殊情况请提前说明)</li>
<li>授权针对顶级域名授权,如授权www.nav.cn时,dh.nav.cn可以正常使用</li>
<li>绑定IP时部分功能会无法使用,如二级域名功能</li>
<li>激活后修改域名或IP需扣除修改次数(年授权需付费修改)</li>
<li>如有疑问请联系技术支持QQ: 271152681</li>
</blockquote>
<h3 style = "margin-bottom:1em;">当前域名:<font color="red"><?php echo $HTTP_HOST; ?></font></h3>
<div class="layui-form-item">
<label class="layui-form-label">订单号</label>
<label class="layui-form-label">授权卡密</label>
<div class="layui-input-block">
<input type="text" id = "order_id" name="order_id" value="<?php echo $subscribe['order_id']; ?>" required autocomplete="off" placeholder="请输入订单号" class="layui-input">
<input type="text" id = "order_id" name="order_id" value="<?php echo $subscribe['order_id']; ?>" required autocomplete="off" placeholder="请输入授权号或卡密" class="layui-input">
</div>
</div>
@@ -41,18 +59,25 @@ if(!empty($Notice)){
<input type="text" name="end_time" id = "end_time" readonly="readonly" value = "<?php echo date("Y-m-d H:i:s",$subscribe['end_time']); ?>" autocomplete="off" placeholder="订阅到期时间" class="layui-input">
</div>
</div>
<div class="layui-form-item" style = "">
<label class="layui-form-label">授权类型</label>
<div class="layui-input-block">
<input type="text" name="type_name" id ="type_name" value="<?php echo $subscribe['type_name'] ?? ''; ?>" autocomplete="off" placeholder="若未正确显示请点击保存设置" class="layui-input">
</div>
</div>
<div class="layui-btn-group">
<button class="layui-btn layui-btn-normal" lay-submit lay-filter="set_subscribe">保存设置</button>
<button class="layui-btn layui-btn-warm" lay-submit lay-filter="reset_subscribe">删除</button>
<button class="layui-btn layui-btn-normal" lay-submit lay-filter="save_key">保存</button>
<button class="layui-btn layui-btn-danger" lay-submit lay-filter="buy_vip" data-url="<?php echo empty($data['pay_rul']) ?'':$data['pay_rul']?>" >购买授权</button>
<button class="layui-btn" lay-submit lay-filter="get_subscribe">查询授权</button>
<button class="layui-btn layui-btn-danger" lay-submit lay-filter="Modify_Domain" data-url="https://docs.twonav.cn/#/books/root-02?id=%e4%bf%ae%e6%94%b9%e5%9f%9f%e5%90%8d" >修改域名</button>
<button class="layui-btn layui-bg-purple" type="button" id="validate" style="<?php echo empty($subscribe['order_id']) ? 'display:none;':''; ?>">正版验证</button>
</div>
<fieldset class="layui-elem-field layui-field-title" style="margin-top:30px;"><legend>授权用户专享</legend></fieldset>
<blockquote class="layui-elem-quote layui-text">
<ul>
<li>在线更新系统 ( 免费只能手动更新 )</li>
<li>在线更新系统 ( 免费只能手动更新 )</li>
<li>在线下载和更新主题模板</li>
<li>批量更新链接标题/关键字/描述/图标</li>
<li>批量识别链接是否可以访问</li>
@@ -85,25 +110,11 @@ layui.use(['jquery','form'], function () {
var form = layui.form;
var layer = layui.layer;
var $ = layui.jquery;
//查询订阅
form.on('submit(get_subscribe)', function(data){
layer.load(2, {shade: [0.1,'#fff']});
$.get('https://api.lm21.top/api.php?fn=get_subscribe',data.field,function(data,status){
layer.closeAll('loading');
if(data.code == 200) {
$("#order_id").val(data.data.order_id);
$("#end_time").val(timestampToTime(data.data.end_time));
layer.msg(data.msg, {icon: 1,time: 10000});
}else{
layer.msg(data.msg, {icon: 5,time: 10000});
}
});
return false;
});
var vcode;
$("#sys").val('<?php echo empty($subscribe['sys']) ? 'biaozhun':$subscribe['sys']; ?>');
form.render('select');
//保存订阅
form.on('submit(set_subscribe)', function(data){
form.on('submit(save_key)', function(data){
var order_id = data.field.order_id;
if(order_id.length < 20){
layer.msg('订单号错误,请核对', {icon: 5});
@@ -114,16 +125,28 @@ layui.use(['jquery','form'], function () {
return false;
}
layer.load(2, {shade: [0.1,'#fff']});
$.get('https://api.lm21.top/api.php?fn=check_subscribe',data.field,function(data,status){
$.post(get_api('other_services','save_key'),{'order_id':data.field.order_id,'email':data.field.email,'sys':data.field.sys},function(data,status){
layer.closeAll('loading');
if(data.code == 200) {
$("#order_id").val(data.data.order_id);
$("#end_time").val(timestampToTime(data.data.end_time));
set_subscribe(order_id,data.data.email,data.data.end_time,data.data.domain);
$("#type_name").val(data.data.type_name);
layer.msg('保存成功,稍后请更新系统..', {icon: 16,shade: [0.1, '#f5f5f5'],scrollbar: false,offset: 'auto',time: 3666,
end: function() {
window.parent.location.href = './?c=admin';
}
});
}else{
layer.msg(data.msg, {icon: 5});
layer.alert(data.msg,{icon:5,title:'保存结果',anim: 2,closeBtn: 0,btn: ['我知道了']});
}
}).fail(function () {
layer.msg('请求失败', {icon: 5});
});
console.log(data.field)
});
//修改域名
form.on('submit(Modify_Domain)', function(data){
let url = $(this).attr('data-url');
window.open($(this).attr('data-url'));
return false;
});
//购买授权
@@ -134,29 +157,33 @@ layui.use(['jquery','form'], function () {
return false;
});
//清空订阅信息
form.on('submit(reset_subscribe)', function(data){
var order_id = data.field.order_id;
layer.load(2, {shade: [0.1,'#fff']});
$("#order_id").val('');
$("#email").val('');
$("#end_time").val('1970-01-01 08:00:00');
set_subscribe('','','0','');
layer.closeAll('loading');
return false;
// 正版验证
$('#validate').on('click', function(){
vcode = randomnum(6);
index = layer.prompt({formType: 0,value: '',title: '请输入验证码: ' + vcode,shadeClose: false,"success":function(){
$("input.layui-layer-input").on('keydown',function(e){
if(e.which == 13) {
validate();
}
});
}},function(){
validate()
});
});
//存储到数据库中
function set_subscribe(order_id,email,end_time,domain) {
$.post(get_api('write_subscribe'),{order_id:order_id,email:email,end_time:end_time,domain:domain},function(data,status){
if(data.code == 1) {
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
function validate() {
layer.close(index);
if($("input.layui-layer-input").val() != vcode){
layer.msg('验证码错误', {icon: 5});
return false;
}
$.post(get_api('other_services','validate'),function(data,status){
layer.closeAll('loading');
layer.alert(data.msg,{icon:(data.code == 200 ? 1 : 5),title:'验证结果',anim: 2,closeBtn: 0,btn: ['我知道了']});
}).fail(function () {
layer.msg('请求失败', {icon: 5});
});
}
});
</script>
</body>

6
templates/admin/page/theme.php
View File

@@ -1,4 +1,4 @@
<?php $title='主题管理';$awesome=true; require 'header.php';?>
<?php $title='主题管理';$awesome=true; define('referrer','same-origin'); require 'header.php';?>
<style>
.tab-header .layui-btn.layui-this{border-color: #1E9FFF; color: #1E9FFF;}
.screenshot{
@@ -25,7 +25,6 @@
<script src="<?php echo $libs;?>/jquery/jquery.lazyload.min.js"></script>
<script src="./templates/admin/js/public.js?v=<?php echo $Ver;?>"></script>
<?php load_static('js');?>
<script src="./templates/admin/js/theme.js?v=<?php echo $Ver;?>"></script>
<script>
const is_admin = <?php echo $USER_DB['UserGroup'] === 'root' ? 'true' : 'false'; ?>;
const theme_set = <?php echo check_purview('theme_set',1) ? 'true' : 'false'; ?>;
@@ -33,4 +32,5 @@
const guestbook = <?php echo check_purview('guestbook',1) ? 'true' : 'false'; ?>;
const article = <?php echo check_purview('article',1) ? 'true' : 'false'; ?>;
const loginAddress = '<?php echo $USER_DB['Login']; ?>';
</script>
</script>
<script src="./templates/admin/js/theme.js?v=<?php echo $Ver;?>"></script>

83
templates/admin/page/theme_article.php
View File

@@ -1,83 +0,0 @@
<?php $title='文章模板';$awesome=true; require 'header.php';
$site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
?>
<style type="text/css">
.screenshot{
width: 99%;
height: 99%;
max-width: 100%;
max-height: 100%;
aspect-ratio:16/9;
}
#default #del {display: none;}
</style>
<body>
<div class="layuimini-container">
<div class="layuimini-main">
<blockquote class="layui-elem-quote layuimini-form" style="margin-top: 0px;border-left: 5px solid <?php echo $cache?"#1e9fff":($global_config['offline']?"":"#639d11") ?>;padding: 6px;">
<span class="layui-breadcrumb" lay-separator="|">
<a href="./index.php?c=admin&page=theme_article&cache=no&u=<?php echo U;?>">刷新数据</a>
</span>
</blockquote>
<div class="layui-bg-gray" style="padding: 1px;" >
<div class="layui-row layui-col-space15">
<?php
$Space = ' ';//占位符,强迫症想让输出的源码好看点而已...
foreach ($themes as $key => $theme) {
$online = !empty($theme['info']['md5']); //在线主题!
if($s_templates['article'] == $key){
$icon ='<i class="fa fa-magic" style="color: #03a9f4;" title = "正在使用"></i> ';
}else{
$icon ='';
}
$color = ($s_templates['article'] == $key ?"color: #03a9f4;":"");
?>
<!--主题卡片-->
<div class="layui-col-xs layui-col-sm4 layui-col-md3 ">
<div class="layui-card">
<div class="layui-card-header">
<div style="float:left; cursor:pointer;<?php echo $color; ?>" title="<?php echo $key; ?>"><?php echo $icon.$theme['info']['name']; ?></div>
<div style="float:right;cursor:pointer;" title="<?php echo $theme['info']['update']; ?>"><?php echo $theme['info']['version']; ?></div>
</div>
<div class="layui-card-body">
<div class="img-list"><img class="screenshot" layer-src="<?php echo $theme['info']['screenshot']; ?>" data-original="<?php echo $theme['info']['screenshot']; ?>"></div>
</div>
<div class="layui-card-header" style="height: 1px;"></div>
<div class="layui-card-header" style="height: auto;" id="article">
<div class="layui-btn-group" id="<?php echo $key;?>">
<?php
if($online){ //如果是在线主题则显示下载
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="dw">下载</button>'."\n";
}elseif($theme['info']['up'] == 1){ //如果有更新则同时显示下载和使用
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="up">更新</button>'."\n";
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="set">使用</button>'."\n";
}else{ //其他情况仅显示使用
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="set">使用</button>'."\n";
}
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="detail">详情</button>'."\n";
if($theme['info']['config'] == '1'){ //支持配置的主题显示配置
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="config">配置</button>'."\n";
}
if($USER_DB['UserGroup'] === 'root' && !$online){ //管理员&本地主题>显示删除
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="del">删除</button>'."\n";
}
?>
</div>
</div>
</div>
</div>
<!--主题卡片End-->
<?php }?>
</div>
</div>
</div>
</div>
<script src = "<?php echo $libs;?>/jquery/jquery-3.6.0.min.js"></script>
<script src = "<?php echo $libs;?>/jquery/jquery.lazyload.min.js"></script>
<script src = "./templates/admin/js/public.js?v=<?php echo $Ver;?>"></script>
<?php load_static('js');?>
<script>var datas = <?php echo json_encode($themes)?>;</script>
<script src = "./templates/admin/js/theme.js?v=<?php echo $Ver;?>"></script>
</body>
</html>

84
templates/admin/page/theme_guide.php
View File

@@ -1,84 +0,0 @@
<?php $title='引导页模板';$awesome=true; require 'header.php'; if($USER_DB['UserGroup'] != 'root'){$content='您没有权限访问此页面'; require(DIR.'/templates/admin/page/404.php');exit;}?>
<style type="text/css">
.screenshot{
width: 99%;
height: 99%;
max-width: 100%;
max-height: 100%;
aspect-ratio:16/9;
}
#default #del {display: none;}
</style>
<body>
<div class="layuimini-container">
<div class="layuimini-main">
<blockquote class="layui-elem-quote layuimini-form" style="margin-top: 0px;border-left: 5px solid <?php echo $cache?"#1e9fff":($global_config['offline']?"":"#639d11") ?>;padding: 6px;">
<span class="layui-breadcrumb" lay-separator="|">
<a href="./index.php?c=admin&page=theme_guide&cache=no&u=<?php echo U;?>" >刷新数据</a>
</span>
</blockquote>
<div class="layui-bg-gray" style="padding: 1px;" >
<div class="layui-row layui-col-space15">
<?php
$Space = ' ';//占位符,强迫症想让输出的源码好看点而已...
foreach ($themes as $key => $theme) {
$online = !empty($theme['info']['md5']); //在线主题!
if($global_templates['guide'] == $key){
$icon ='<i class="fa fa-magic" style="color: #03a9f4;" title = "正在使用"></i> ';
}else{
$icon ='';
}
$color = ($global_templates['guide'] == $key ?"color: #03a9f4;":"");
?>
<!--主题卡片-->
<div class="layui-col-xs layui-col-sm4 layui-col-md3 ">
<div class="layui-card">
<div class="layui-card-header">
<div style="float:left; cursor:pointer;<?php echo $color; ?>" title="<?php echo $key; ?>"><?php echo $icon.$theme['info']['name']; ?></div>
<div style="float:right;cursor:pointer;" title="<?php echo $theme['info']['update']; ?>"><?php echo $theme['info']['version']; ?></div>
</div>
<div class="layui-card-body">
<div class="img-list"><img class="screenshot" layer-src="<?php echo $theme['info']['screenshot']; ?>" data-original="<?php echo $theme['info']['screenshot']; ?>"></div>
</div>
<div class="layui-card-header" style="height: 1px;"></div>
<div class="layui-card-header" style="height: auto;" id="guide">
<div class="layui-btn-group" id="<?php echo $key;?>">
<?php
if($online){ //如果是在线主题则显示下载
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="dw">下载</button>'."\n";
}elseif($theme['info']['up'] == 1){ //如果有更新则同时显示下载和使用
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="up">更新</button>'."\n";
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="set">使用</button>'."\n";
}else{ //其他情况仅显示使用
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="set">使用</button>'."\n";
}
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="detail">详情</button>'."\n";
if(!$online){ //本地主题显示预览
//echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="preview">预览</button>'."\n";
}
if($theme['info']['config'] == '1'){ //支持配置的主题显示配置
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="config">配置</button>'."\n";
}
if($USER_DB['UserGroup'] === 'root' && !$online){ //管理员&本地主题>显示删除
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="del">删除</button>'."\n";
}
?>
</div>
</div>
</div>
</div>
<!--主题卡片End-->
<?php }?>
</div>
</div>
</div>
</div>
<script src = "<?php echo $libs;?>/jquery/jquery-3.6.0.min.js"></script>
<script src = "<?php echo $libs;?>/jquery/jquery.lazyload.min.js"></script>
<script src = "./templates/admin/js/public.js?v=<?php echo $Ver;?>"></script>
<?php load_static('js');?>
<script>var datas = <?php echo json_encode($themes)?>;</script>
<script src = "./templates/admin/js/theme.js?v=<?php echo $Ver;?>"></script>
</body>
</html>

94
templates/admin/page/theme_home.php
View File

@@ -1,94 +0,0 @@
<?php $title='主题设置';$awesome=true; require 'header.php'; ?>
<style type="text/css">
.screenshot{
width: 99%;
height: 99%;
max-width: 100%;
max-height: 100%;
aspect-ratio:16/9;
}
#default #del {display: none;}
</style>
<body>
<div class="layuimini-container">
<div class="layuimini-main">
<blockquote class="layui-elem-quote layuimini-form" style="margin-top: 0px;border-left: 5px solid <?php echo $cache?"#1e9fff":($global_config['offline']?"":"#639d11") ?>;padding: 6px;">
<span class="layui-breadcrumb" lay-separator="|">
<a href="./index.php?c=admin&page=theme_home&cache=no&u=<?php echo U;?>" >刷新数据</a>
<a href="javascript:;" layuimini-content-href="theme_login" data-title="登录模板">登录模板</a>
<a href="javascript:;" layuimini-content-href="theme_transit" data-title="过渡模板">过渡模板</a>
<a href="javascript:;" layuimini-content-href="theme_article" data-title="文章模板">文章模板</a>
<?php if($USER_DB['UserGroup'] === 'root'){echo '<a href="javascript:;" layuimini-content-href="theme_register" data-title="注册模板">注册模板</a>';} ?>
<?php if($USER_DB['UserGroup'] === 'root'){echo '<a href="javascript:;" layuimini-content-href="theme_guide" data-title="引导页模板">引导页模板</a>';} ?>
</span>
</blockquote>
<div class="layui-bg-gray" style="padding: 1px;" >
<div class="layui-row layui-col-space15">
<?php
$Space = ' ';//占位符,强迫症想让输出的源码好看点而已...
foreach ($themes as $key => $theme) {
$online = !empty($theme['info']['md5']); //在线主题!
if($s_templates['home_pc'] == $key && $s_templates['home_pad'] == $key){
$icon ='<i class="layui-icon layui-icon-cellphone" style="color: #03a9f4;" title = "移动终端正在使用此主题"> </i><i class="fa fa-tv" style="color: #03a9f4;" title = "PC终端正在使用此主题"></i> ';
}elseif($s_templates['home_pc'] == $key){
$icon ='<i class="fa fa-tv" style="color: #03a9f4;" title = "PC终端正在使用此主题"></i> ';
}elseif($s_templates['home_pad'] == $key){
$icon ='<i class="layui-icon layui-icon-cellphone" style="color: #03a9f4;" title = "移动终端正在使用此主题"></i> ';
}else{
$icon ='';
}
$color = ($s_templates['home_pc'] == $key || $s_templates['home_pad'] == $key ?"color: #03a9f4;":"");
?>
<!--主题卡片-->
<div class="layui-col-xs layui-col-sm4 layui-col-md3 ">
<div class="layui-card">
<div class="layui-card-header">
<div style="float:left; cursor:pointer;<?php echo $color; ?>" title="<?php echo $key; ?>"><?php echo $icon.$theme['info']['name']; ?></div>
<div style="float:right;cursor:pointer;" title="<?php echo $theme['info']['update']; ?>"><?php echo $theme['info']['version']; ?></div>
</div>
<div class="layui-card-body">
<div class="img-list"><img class="screenshot" layer-src="<?php echo $theme['info']['screenshot']; ?>" data-original="<?php echo $theme['info']['screenshot']; ?>"></div>
</div>
<div class="layui-card-header" style="height: 1px;"></div>
<div class="layui-card-header" style="height: auto;" id="home">
<div class="layui-btn-group" id="<?php echo $key;?>">
<?php
$theme_set = check_purview('theme_set',1);
if($online){ //如果是在线主题则显示下载
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="dw">下载</button>'."\n";
}elseif($theme['info']['up'] == 1){ //如果有更新则同时显示下载和使用
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="up">更新</button>'."\n";
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="set">使用</button>'."\n";
}else{ //其他情况仅显示使用
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="set">使用</button>'."\n";
}
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="detail">详情</button>'."\n";
if(!$online){ //本地主题显示预览
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="preview">预览</button>'."\n";
}
if($theme['info']['config'] == '1' && $theme_set){ //支持配置的主题显示配置
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="config">配置</button>'."\n";
}
if($USER_DB['UserGroup'] === 'root' && !$online){ //管理员&本地主题>显示删除
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="del">删除</button>'."\n";
}
?>
</div>
</div>
</div>
</div>
<!--主题卡片End-->
<?php }?>
</div>
</div>
</div>
</div>
<script src = "<?php echo $libs;?>/jquery/jquery-3.6.0.min.js"></script>
<script src = "<?php echo $libs;?>/jquery/jquery.lazyload.min.js"></script>
<script src = "./templates/admin/js/public.js?v=<?php echo $Ver;?>"></script>
<?php load_static('js');?>
<script>var datas = <?php echo json_encode($themes)?>;</script>
<script src = "./templates/admin/js/theme.js?v=<?php echo $Ver;?>"></script>
</body>
</html>

87
templates/admin/page/theme_login.php
View File

@@ -1,87 +0,0 @@
<?php $title='登录模板';$awesome=true; require 'header.php'; ?>
<style type="text/css">
.screenshot{
width: 99%;
height: 99%;
max-width: 100%;
max-height: 100%;
aspect-ratio:16/9;
}
#default #del {display: none;}
</style>
<body>
<div class="layuimini-container">
<div class="layuimini-main">
<blockquote class="layui-elem-quote layuimini-form" style="margin-top: 0px;border-left: 5px solid <?php echo $cache?"#1e9fff":($global_config['offline']?"":"#639d11") ?>;padding: 6px;">
<span class="layui-breadcrumb" lay-separator="|">
<a href="./index.php?c=admin&page=theme_login&cache=no&u=<?php echo U;?>" >刷新数据</a>
<a href="javascript:;" layuimini-content-href="theme_home" data-title="主页模板">主页模板</a>
<a href="javascript:;" layuimini-content-href="theme_transit" data-title="过渡模板">过渡模板</a>
<a target="_blank" href="./index.php?c=<?php echo $USER_DB['Login']?>&u=<?php echo U?>" >注:登录样式只有使用您的专属登录入口时有效 <点击预览></a>
</span>
</blockquote>
<div class="layui-bg-gray" style="padding: 1px;" >
<div class="layui-row layui-col-space15">
<?php
$Space = ' ';//占位符,强迫症想让输出的源码好看点而已...
foreach ($themes as $key => $theme) {
$online = !empty($theme['info']['md5']); //在线主题!
if($s_templates['login'] == $key){
$icon ='<i class="fa fa-magic" style="color: #03a9f4;" title = "正在使用此主题"></i> ';
}else{
$icon ='';
}
$color = ($s_templates['login'] == $key ?"color: #03a9f4;":"");
?>
<!--主题卡片-->
<div class="layui-col-xs layui-col-sm4 layui-col-md3 ">
<div class="layui-card">
<div class="layui-card-header">
<div style="float:left; cursor:pointer;<?php echo $color; ?>" title="<?php echo $key; ?>"><?php echo $icon.$theme['info']['name']; ?></div>
<div style="float:right;cursor:pointer;" title="<?php echo $theme['info']['update']; ?>"><?php echo $theme['info']['version']; ?></div>
</div>
<div class="layui-card-body">
<div class="img-list"><img class="screenshot" layer-src="<?php echo $theme['info']['screenshot']; ?>" data-original="<?php echo $theme['info']['screenshot']; ?>"></div>
</div>
<div class="layui-card-header" style="height: 1px;"></div>
<div class="layui-card-header" style="height: auto;" id="login">
<div class="layui-btn-group" id="<?php echo $key;?>">
<?php
if($online){ //如果是在线主题则显示下载
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="dw">下载</button>'."\n";
}elseif($theme['info']['up'] == 1){ //如果有更新则同时显示下载和使用
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="up">更新</button>'."\n";
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="set">使用</button>'."\n";
}else{ //其他情况仅显示使用
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="set">使用</button>'."\n";
}
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="detail">详情</button>'."\n";
if(!$online){ //本地主题显示预览
//echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="preview">预览</button>'."\n";
}
if($theme['info']['config'] == '1'){ //支持配置的主题显示配置
//echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="config">配置</button>'."\n";
}
if($USER_DB['UserGroup'] === 'root' && !$online){ //管理员&本地主题>显示删除
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="del">删除</button>'."\n";
}
?>
</div>
</div>
</div>
</div>
<!--主题卡片End-->
<?php }?>
</div>
</div>
</div>
</div>
<script src = "<?php echo $libs;?>/jquery/jquery-3.6.0.min.js"></script>
<script src = "<?php echo $libs;?>/jquery/jquery.lazyload.min.js"></script>
<script src = "./templates/admin/js/public.js?v=<?php echo $Ver;?>"></script>
<?php load_static('js');?>
<script>var datas = <?php echo json_encode($themes)?>;</script>
<script src = "./templates/admin/js/theme.js?v=<?php echo $Ver;?>"></script>
</body>
</html>

86
templates/admin/page/theme_register.php
View File

@@ -1,86 +0,0 @@
<?php $title='注册模板';$awesome=true; require 'header.php'; if($USER_DB['UserGroup'] != 'root'){$content='您没有权限访问此页面'; require(DIR.'/templates/admin/page/404.php');exit;}?>
<style type="text/css">
.screenshot{
width: 99%;
height: 99%;
max-width: 100%;
max-height: 100%;
aspect-ratio:16/9;
}
#default #del {display: none;}
</style>
<body>
<div class="layuimini-container">
<div class="layuimini-main">
<blockquote class="layui-elem-quote layuimini-form" style="margin-top: 0px;border-left: 5px solid <?php echo $cache?"#1e9fff":($global_config['offline']?"":"#639d11") ?>;padding: 6px;">
<span class="layui-breadcrumb" lay-separator="|">
<a href="./index.php?c=admin&page=theme_register&cache=no&u=<?php echo U;?>" >刷新数据</a>
<a href="javascript:;" layuimini-content-href="theme_home" data-title="主页模板">主页模板</a>
<a href="javascript:;" layuimini-content-href="theme_login" data-title="登录模板">登录模板</a>
</span>
</blockquote>
<div class="layui-bg-gray" style="padding: 1px;" >
<div class="layui-row layui-col-space15">
<?php
$Space = ' ';//占位符,强迫症想让输出的源码好看点而已...
foreach ($themes as $key => $theme) {
$online = !empty($theme['info']['md5']); //在线主题!
if($global_templates['register'] == $key){
$icon ='<i class="fa fa-magic" style="color: #03a9f4;" title = "正在使用"></i> ';
}else{
$icon ='';
}
$color = ($global_templates['register'] == $key ?"color: #03a9f4;":"");
?>
<!--主题卡片-->
<div class="layui-col-xs layui-col-sm4 layui-col-md3 ">
<div class="layui-card">
<div class="layui-card-header">
<div style="float:left; cursor:pointer;<?php echo $color; ?>" title="<?php echo $key; ?>"><?php echo $icon.$theme['info']['name']; ?></div>
<div style="float:right;cursor:pointer;" title="<?php echo $theme['info']['update']; ?>"><?php echo $theme['info']['version']; ?></div>
</div>
<div class="layui-card-body">
<div class="img-list"><img class="screenshot" layer-src="<?php echo $theme['info']['screenshot']; ?>" data-original="<?php echo $theme['info']['screenshot']; ?>"></div>
</div>
<div class="layui-card-header" style="height: 1px;"></div>
<div class="layui-card-header" style="height: auto;" id="register">
<div class="layui-btn-group" id="<?php echo $key;?>">
<?php
if($online){ //如果是在线主题则显示下载
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="dw">下载</button>'."\n";
}elseif($theme['info']['up'] == 1){ //如果有更新则同时显示下载和使用
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="up">更新</button>'."\n";
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="set">使用</button>'."\n";
}else{ //其他情况仅显示使用
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="set">使用</button>'."\n";
}
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="detail">详情</button>'."\n";
if(!$online){ //本地主题显示预览
//echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="preview">预览</button>'."\n";
}
if($theme['info']['config'] == '1'){ //支持配置的主题显示配置
//echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="config">配置</button>'."\n";
}
if($USER_DB['UserGroup'] === 'root' && !$online){ //管理员&本地主题>显示删除
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="del">删除</button>'."\n";
}
?>
</div>
</div>
</div>
</div>
<!--主题卡片End-->
<?php }?>
</div>
</div>
</div>
</div>
<script src = "<?php echo $libs;?>/jquery/jquery-3.6.0.min.js"></script>
<script src = "<?php echo $libs;?>/jquery/jquery.lazyload.min.js"></script>
<script src = "./templates/admin/js/public.js?v=<?php echo $Ver;?>"></script>
<?php load_static('js');?>
<script>var datas = <?php echo json_encode($themes)?>;</script>
<script src = "./templates/admin/js/theme.js?v=<?php echo $Ver;?>"></script>
</body>
</html>

89
templates/admin/page/theme_transit.php
View File

@@ -1,89 +0,0 @@
<?php $title='过渡模板';$awesome=true; require 'header.php';
$site = unserialize(get_db('user_config','v',['uid'=>UID,'k'=>'s_site']));
$tip = $site['link_model'] == 'Transition';
?>
<style type="text/css">
.screenshot{
width: 99%;
height: 99%;
max-width: 100%;
max-height: 100%;
aspect-ratio:16/9;
}
#default #del {display: none;}
</style>
<body>
<div class="layuimini-container">
<div class="layuimini-main">
<blockquote class="layui-elem-quote layuimini-form" style="margin-top: 0px;border-left: 5px solid <?php echo $cache?"#1e9fff":($global_config['offline']?"":"#639d11") ?>;padding: 6px;">
<span class="layui-breadcrumb" lay-separator="|">
<a href="./index.php?c=admin&page=theme_transit&cache=no&u=<?php echo U;?>">刷新数据</a>
<a href="javascript:;" layuimini-content-href="set_transit" data-title="设置过渡页面">设置</a><?php if(!$tip){echo '
<a href="javascript:;" layuimini-content-href="SiteSetting" data-title="站点设置">注:请将站点设置>链接模式>改为过渡页面</a>';}?>
</span>
</blockquote>
<div class="layui-bg-gray" style="padding: 1px;" >
<div class="layui-row layui-col-space15">
<?php
$Space = ' ';//占位符,强迫症想让输出的源码好看点而已...
foreach ($themes as $key => $theme) {
$online = !empty($theme['info']['md5']); //在线主题!
if($s_templates['transit'] == $key){
$icon ='<i class="fa fa-magic" style="color: #03a9f4;" title = "正在使用"></i> ';
}else{
$icon ='';
}
$color = ($s_templates['transit'] == $key ?"color: #03a9f4;":"");
?>
<!--主题卡片-->
<div class="layui-col-xs layui-col-sm4 layui-col-md3 ">
<div class="layui-card">
<div class="layui-card-header">
<div style="float:left; cursor:pointer;<?php echo $color; ?>" title="<?php echo $key; ?>"><?php echo $icon.$theme['info']['name']; ?></div>
<div style="float:right;cursor:pointer;" title="<?php echo $theme['info']['update']; ?>"><?php echo $theme['info']['version']; ?></div>
</div>
<div class="layui-card-body">
<div class="img-list"><img class="screenshot" layer-src="<?php echo $theme['info']['screenshot']; ?>" data-original="<?php echo $theme['info']['screenshot']; ?>"></div>
</div>
<div class="layui-card-header" style="height: 1px;"></div>
<div class="layui-card-header" style="height: auto;" id="transit">
<div class="layui-btn-group" id="<?php echo $key;?>">
<?php
if($online){ //如果是在线主题则显示下载
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="dw">下载</button>'."\n";
}elseif($theme['info']['up'] == 1){ //如果有更新则同时显示下载和使用
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="up">更新</button>'."\n";
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="set">使用</button>'."\n";
}else{ //其他情况仅显示使用
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="set">使用</button>'."\n";
}
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="detail">详情</button>'."\n";
if(!$online){ //本地主题显示预览
//echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="preview">预览</button>'."\n";
}
if($theme['info']['config'] == '1'){ //支持配置的主题显示配置
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-normal" id="config">配置</button>'."\n";
}
if($USER_DB['UserGroup'] === 'root' && !$online){ //管理员&本地主题>显示删除
echo $Space.'<button type="button" class="layui-btn layui-btn-sm layui-btn-danger" id="del">删除</button>'."\n";
}
?>
</div>
</div>
</div>
</div>
<!--主题卡片End-->
<?php }?>
</div>
</div>
</div>
</div>
<script src = "<?php echo $libs;?>/jquery/jquery-3.6.0.min.js"></script>
<script src = "<?php echo $libs;?>/jquery/jquery.lazyload.min.js"></script>
<script src = "./templates/admin/js/public.js?v=<?php echo $Ver;?>"></script>
<?php load_static('js');?>
<script>var datas = <?php echo json_encode($themes)?>;</script>
<script src = "./templates/admin/js/theme.js?v=<?php echo $Ver;?>"></script>
</body>
</html>

260
templates/admin/page/updatelog.php
View File

@@ -2,6 +2,266 @@
<body>
<div class="layuimini-container">
<div class="layuimini-main" style=" margin-left: 20px;">
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.18-20241018</h4>
<ul>
<li>[升级] Layui组件由2.9.14升级到2.9.16</li>
<li>[升级] Medoo组件由2.1.8升级到2.1.12</li>
<li>[新增] 授权管理页面增加修改域名入口</li>
<li>[变更] 分类页面标题显示分类名称-分类描述</li>
<li>[修复] 默认登录模板输入密码处点击小眼睛未显示密码</li>
<li>[优化] 调高超时参数以兼顾网络较慢的环境</li>
<li>[优化] 默认登录模板检测到使用IE浏览器时弹出提示</li>
<li>[优化] 内置防火墙拦截时提示如何解决</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.17-20240730</h4>
<ul>
<li>[升级] Layui组件由2.9.10升级到v2.9.13</li>
<li>[增加] Atool工具箱增加查看二级密码功能</li>
<li>[增加] Atool工具箱增加清空统计数据 ( 指全部账号概要页面的报表统计/访问统计/点击统计 )</li>
<li>[优化] 性能优化 ( 存在数据库更新,建议先备份在升级 )</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.16-20240525</h4>
<ul>
<li>[升级] Layui组件由2.9.9升级到2.9.10</li>
<li>[修复] 添加链接时上传图标未自动创建目录</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.15-20240513</h4>
<ul>
<li>[修复] 因 Gitee Pages 停止服务导致的相关问题</li>
<li>[升级] Layui组件由2.9.8升级到2.9.9</li>
<li>[变更] 系统设置隐藏部分配置(防止乱搞导致系统异常)</li>
<li>[变更] 保存授权后自动刷新页面并跳转到概要页方便新手用户更新系统</li>
<li>[移除] 自助注册功能</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.14-20240416</h4>
<ul>
<li>[修复] 修复已知的安全漏洞提高安全性</li>
<li>[修复] 分类停用时链接列表查找全部时出现已停用分类下的链接</li>
<li>[升级] Layui组件由2.9.7升级到2.9.8</li>
<li>[优化] Docker镜像支持在线下载安装包</li>
<li>[移除] 和风天气插件 ( 因官方停止服务 )</li>
<li>[移除] 随机背景图URL ( 大多数已经无法正常使用了 )</li>
<li>[优化] 安装脚本优化/初始配置优化</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.13-20240321</h4>
<ul>
<li>[优化] 兼容OneNav浏览器扩展V1.1.0重构版</li>
<li>[优化] 浏览器插件的相关使用说明 ( 右上角账号>安全设置>获取API )</li>
<li>[优化] 更新检测逻辑由原来判断日期改成判断版本号</li>
<li>[优化] 支持PHP8.3环境下运行</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.12-20240308</h4>
<ul>
<li>[优化] 后台概要页支持时间差异较大提示,避免因时间错误导致的各种问题</li>
<li>[新增] 站点设置新增重复链接选项,解决部分用户需要添加相同链接的问题</li>
<li>[升级] Layui组件由2.9.2升级到2.9.7</li>
<li>[变更] 默认配置调整,概要页QQ群改为免费用户群(授权用户可凭授权加入会员群)</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.11-20240119</h4>
<ul>
<li>[修复] 链接识别遇到中文域名时提示URL无效</li>
<li>[修复] 链接模式为隐私保护(header)时中文域名无法跳转</li>
<li>[修复] 主链优先设为强制优先时不起作用</li>
<li>[优化] 一键诊断缺少intl扩展模块时给出提醒</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.09-20231220</h4>
<ul>
<li>[修复] 紧急修复一个影响登录的bug,影响范围:v2.1.08版本 + MySQL数据库</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.08-20231219</h4>
<ul>
<li>[升级] Layui组件由2.9.0升级到2.9.2</li>
<li>[修复] Atool工具和用户管理中强制修改用户密码时未将已登录的终端踢下线的bug</li>
<li>[优化] 概要页面更新内容直接从服务器获取并显示,不需要在跳转到Gitee上查看</li>
<li>[优化] 主题管理:可更新时在右上显示一个问号,点击可以查看更新内容</li>
<li>[变更] 普通账号不在支持自定义登录模板,只有站长号可以选择和配置模板</li>
<li>[优化] 系统设置的保存按钮改为悬浮在页面底部,避免老是要滚动到底部去点保存的问题</li>
<li>[修复] 链接列表手机端不显示删除按钮的问题</li>
<li>[修复] 书签分享特定条件下存在的bug</li>
<li>[修复] 安全设置>登录保持设为浏览器关闭会导致无法登录的bug</li>
<li>[修复] OTP双重认证使用公用登录入口时无法输入验证码的问题 ( 需更新登录模板 )</li>
<li>[模板] [12.02]爱导航V1: 配置选项新增分类收缩,可选仅图标/分类/菜单/目录,用于解决部分手机端用户不知道点这个图标展开分类的问题</li>
<li>[模板] [12.02]百素New: 新增拖拽排序功能、修复未加载用户header和全局header的bug、新增搜索框背景自定义支持</li>
<li>[模板] [12.20]花森主页: 调整本地添加链接时判断是否为URL的条件,仅检测http(s)://开头</li>
<li>[修复] [12.20]WebStack-Hugo: 夜间模式下搜索框热词点空白处没有取消热词显示的问题</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.06-20231114</h4>
<ul>
<li>[修复] 开启离线模式时概要页依旧获取在线数据,V0921</li>
<li>[优化] 为部分操作添加处理中的效果( 防止网络极差的用户以为没点到而重复点击 )</li>
<li>[新增] 内置用户组新增:访客 (代号:visitor,处于该用户组的账号登录后跳转到默认用户的主页,配合引导页使用实现需注册登录才能访问站点)</li>
<li>[备注] 由于访客无权限进入后台,所以也无法自助修改密码</li>
<li>[新增] 在用户组列表中显示内置用户组 ( 默认/访客/站长 )</li>
<li>[变更] 系统设置中的默认分组允许设置为内置用户组 ( 例如设为访客 )</li>
<li>[新增] 访问限制 (右上角账号下拉),可设置:无限制/白名单/黑名单,具体查看页面中的说明</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.05-20231107</h4>
<ul>
<li>[修复] 使用MySQL/MariaDB数据库时记录访客IP错误</li>
<li>[修复] 注册模板/引导页模板配置无法正常读取</li>
<li>[模板] 主页模板新增 > Snavigation ( 简约型的模板,点击时间显示书签数据 )</li>
<li>[模板] 引导页模板新增 > 無名の主页</li>
<li>[模板] WebStack-Hugo > 搜索栏新增站内搜索选项,用于解决同时开启站内搜索和搜索热词时遮挡问题</li>
<li>[模板] 挽风导航V1.0 > CSS样式细节优化 </li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.04-20231101</h4>
<ul>
<li>[修复] 连续添加分类时未正确添加到所选的父分类中</li>
<li>[修复] 使用MySQL/MariaDB数据库时文章图片可能不显示的bug</li>
<li>[优化] 二级域名功能支持已知的双后缀顶级域名(例如example.com.cn)</li>
<li>[新增] Docker镜像增加intl模块</li>
<li>[模板] WebStack-Hugo > 修复过渡页模板logo设置无效</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.03-20231020</h4>
<ul>
<li>[修复] 站点地图时间格式问题</li>
<li>[修复] 后台我的主页地址错误</li>
<li>[变更] 移除授权管理页查询授权功能 ( 如需查询请联系客服 )</li>
<li>[优化] 使用过渡页模板时若站点设置>链接模式不是过渡页面时自动修改配置</li>
<li>[模板] WebStack-Hugo > 修复二级分类横向滚动条过大/顶部的管理入口未遵循系统设置是否显示</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.02-20231013</h4>
<ul>
<li>[优化] IP统计的记录方式,提高性能和稳定性</li>
<li>[修复] 未在系统设置保存过设置时因缺少参数而导致部分页面加载异常</li>
<li>[安装] 数据库类型选项新增MariaDB,其他细节调整</li>
<li>[变更] 免费版升级授权版的相关提示信息</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.1.01-20231003</h4>
<ul>
<li>[优化] 已部署国内服务器并接入了CDN加速和3个资源节点</li>
<li>[新增] 系统设置>资源节点,可选自动/国内1/国内2/海外1</li>
<li>[新增] 系统设置>请求超时,默认为3秒,范围3-60</li>
<li>[新增] 后台>安全设置(右上角账号下拉)>新增管理入口选项,可选隐藏/显示/登录时显示</li>
<li>[优化] 静态链接(伪静态)处理方案,支持选择UN(用户名)或UID(用户ID)作为用户标识</li>
<li>[优化] 百度推送/站点地图静态链接格式调整</li>
<li>[优化] 后台的部分前台链接支持伪静态链接</li>
<li>[修复] 注册模板无法切换、其他已知的bug</li>
<li>[模板] 所有模板更新至2.1.0</li>
<li>[模板] 下载/更新多合一模板时自动释放到对应模板目录,无需重复下载!</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.0.41-20230921</h4>
<ul>
<li>[优化] 后台>概要页面改为异步加载,避免因网络不好时出现页面打开慢的问题</li>
<li>[新增] 后台>授权管理页面新增正版验证按钮/显示授权类型/相关验证逻辑调整</li>
<li>[修复] 文章功能全局开关为关闭时前台依然输出文章链接的bug</li>
<li>[修复] 从免费版升级到授权版时未自动清理缓存造成不好的体验</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.0.40-20230919</h4>
<ul>
<li>[变更] 优化资源节点,提高系统更新速度,主题下载速度,预览图加载速度! </li>
<li>[变更] 为保障授权用户的权益,本版开始请求下载主题/更新系统时服务器将验证授权</li>
<li>[变更] 开源版(免费版)与授权版(标准版/高级版)将分开维护,以避免某些人非法获取权限,这对付费用户是极不公平的</li>
<li>[新增] 特定操作时清理缓存,避免因版本不一致造成的问题</li>
<li>[新增] 请求服务器时携带本地系统版本号以便于服务器返回相匹配的资源</li>
<li>[新增] 导出导入页面的导入功能支持iTab的数据( 扩展名为: itabdata )</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">
<h4 class="layui-timeline-title">v2.0.39-20230913</h4>
<ul>
<li>[升级] Layui组件由 v2.8.10 升级到 v2.8.17</li>
<li>[优化] 站点地图支持生成文章页面链接</li>
<li>[新增] 系统设新增静态链接选项,开启后部分动态链接将改为静态链接 (请确保伪静态生效中,仅针对前台内容)</li>
<li>[优化] 挽风导航V1:文章图片点击放大,新增两处自定义代码,添加返回顶部功能!主页增加一处自定义代码,修复全局底部代码无效,磨砂风格支持</li>
<li>[修复] 使用Mysql数据库在访问注册页面/引导时报错</li>
<li>[修复] 全局类模板配置保存位置错误</li>
<li>[修复] 站点地图HTTPS访问时携带443端口的问题 #I80I6K</li>
<li>[变更] 阻止将登录/注册入口改成系统在使用的名称,避免产生冲突</li>
</ul>
</div>
</li>
<li class="layui-timeline-item">
<i class="layui-icon layui-timeline-axis"></i>
<div class="layui-timeline-content layui-text">

4
templates/apply/default/info.json
View File

@@ -2,7 +2,7 @@
"name": "默认模板",
"description": "默认",
"homepage": "https://gitee.com/tznb/TwoNav",
"version": "2.0.0",
"update": "2023/08/25",
"version": "2.1.0",
"update": "2023/09/28",
"author": "TwoNav"
}

2
templates/article/default/index.php
View File

@@ -19,7 +19,7 @@
<span class="mdui-btn mdui-btn-icon mdui-ripple mdui-ripple-white" mdui-drawer="{target: '#main-drawer', swipe: true}">
<i class="mdui-icon material-icons">menu</i>
</span>
<a href="" class="mdui-typo-headline mdui-hidden-xs"><?php echo $site['logo'];?></a>
<a href="<?php echo $urls['home'];?>" class="mdui-typo-headline mdui-hidden-xs"><?php echo $site['logo'];?></a>
<a href="" class="mdui-typo-title"><?php echo $data['title'];?></a>
<div class="mdui-toolbar-spacer"></div>
</div>

4
templates/article/default/info.json
View File

@@ -2,8 +2,8 @@
"name":"默认模板",
"description":"系统默认的文章模板,支持代码段上色,支持自适应!",
"homepage":"https://gitee.com/tznb/TwoNav",
"version":"2.0.0",
"update":"2023/07/01",
"version":"2.1.0",
"update":"2023/09/28",
"author":"TwoNav",
"screenshot":"https://img.lm21.top/article_default.jpg",
"config": {

2
templates/guestbook/default/index.php
View File

@@ -54,7 +54,7 @@
</div>
<div class="layui-form-item" style="padding-top: 10px;">
<div class="layui-input-block">
<?php if($s['allow'] == '1'){ echo '<button class="layui-btn" lay-submit lay-filter="Submit">提交</button>';} ?>
<button class="layui-btn" lay-submit lay-filter="Submit">提交</button>
</div>
</div>
</form>

4
templates/guestbook/default/info.json
View File

@@ -2,7 +2,7 @@
"name": "默认模板",
"description": "默认",
"homepage": "https://gitee.com/tznb/TwoNav",
"version": "2.0.0",
"update": "2023/08/25",
"version": "2.1.0",
"update": "2023/09/28",
"author": "TwoNav"
}

4
templates/guide/default/config.php
View File

@@ -15,14 +15,14 @@
<div class="layui-form-item layui-form-text">
<label class="layui-form-label">页内标题</label>
<div class="layui-input-block">
<input type="text" name="title" placeholder="留空则使用默认用户站点配置的主标题" autocomplete="off" class="layui-input">
<input type="text" name="title" placeholder="留空则使用:默认设置>站点设置>主标题" autocomplete="off" class="layui-input">
</div>
</div>
<div class="layui-form-item layui-form-text">
<label class="layui-form-label">页内描述</label>
<div class="layui-input-block">
<input type="text" name="p1" placeholder="留空则使用默认用户站点配置的描述" autocomplete="off" class="layui-input">
<input type="text" name="p1" placeholder="留空则使用:默认设置>站点设置>站点描述" autocomplete="off" class="layui-input">
</div>
</div>

10
templates/guide/default/index.php
View File

@@ -2,9 +2,9 @@
<html>
<head>
<meta charset="utf-8" />
<title><?php echo $site['Title'];?></title>
<meta name="keywords" content="<?php echo $site['keywords']; ?>">
<meta name="description" content="<?php echo $site['description']; ?>">
<title><?php echo $s_site['title'];?></title>
<meta name="keywords" content="<?php echo $s_site['keywords']; ?>">
<meta name="description" content="<?php echo $s_site['description']; ?>">
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no" />
<link rel="stylesheet" href="<?php echo $theme_dir;?>/main.css" />
<link rel="shortcut icon" href="<?php echo $favicon;?>">
@@ -18,8 +18,8 @@
<header id="header">
<div class="content">
<div class="inner">
<h3><?php echo empty($theme_config['title'])?$site['title']:$theme_config['title'];?></h3>
<p><?php echo empty($theme_config['p1'])?$site['description']:$theme_config['p1']; ?></p>
<h3><?php echo empty($theme_config['title'])?$s_site['title']:$theme_config['title'];?></h3>
<p><?php echo empty($theme_config['p1'])?$s_site['description']:$theme_config['p1']; ?></p>
</div>
</div>
<nav>

4
templates/guide/default/info.json
View File

@@ -2,8 +2,8 @@
"name": "默认模板",
"description": "模板来自于html5up.net",
"homepage": "https://gitee.com/tznb/TwoNav",
"version": "2.0.0",
"update": "2023/04/25",
"version": "2.1.1",
"update": "2023/11/27",
"author": "TwoNav",
"config": {
"title":"",

58
templates/home/default/config.php
View File

@@ -21,7 +21,6 @@
<ul class="layui-tab-title">
<li class="layui-this">配色</li>
<li>设置</li>
<li>天气</li>
</ul>
<div class="layui-tab-content">
<!--配色Tab-->
@@ -217,57 +216,6 @@
</div>
</div>
<!--天气Tab-->
<div class="layui-tab-item">
<div class="layui-form-item">
<input id="WeatherPosition-input" type="hidden" value="<?php echo $theme_config['WeatherPosition'];?>">
<label class="layui-form-label">插件位置</label>
<div class="layui-input-inline">
<select lay-verify="required" id="WeatherPosition" name="WeatherPosition" lay-search>
<option value="0">关闭</option>
<option value="1">头部工具条</option>
<option value="2">正文右上角</option>
</select>
</div>
<div class="layui-form-mid layui-word-aux">插件显示的位置</div>
</div>
<div class="layui-form-item">
<input id="WeatherBackground-input" type="hidden" value="<?php echo $theme_config['WeatherBackground'];?>">
<label class="layui-form-label">天气背景</label>
<div class="layui-input-inline">
<select lay-verify="required" id="WeatherBackground" name="WeatherBackground" lay-search>
<option value="1">随天气变化</option>
<option value="2">浅色</option>
<option value="3">深色</option>
<option value="4">透明</option>
</select>
</div>
<div class="layui-form-mid layui-word-aux">天气插件的背景颜色</div>
</div>
<div class="layui-form-item">
<input id="WeatherFontColor-input" type="hidden" value="<?php echo $theme_config['WeatherFontColor'];?>">
<label class="layui-form-label">天气字体色</label>
<div class="layui-input-inline">
<select lay-verify="required" id="WeatherFontColor" name="WeatherFontColor" lay-search>
<option value="1">随头部字体色</option>
<option value="2">随标题字体色</option>
</select>
</div>
<div class="layui-form-mid layui-word-aux">天气插件的字体颜色</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">插件Key</label>
<div class="layui-input-inline" style="width: 50%;">
<input type="url" id="WeatherKey" name="WeatherKey" value="<?php echo $theme_config['WeatherKey'];?>" placeholder="" autocomplete="off" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">
<a target="_blank" style="color:#03a9f4!important;" href='https://widget.qweather.com/create-simple/'>申请Key</a>
</div>
</div>
</div>
<div class="layui-form-item" style="padding-top: 10px;">
<div class="layui-input-block">
@@ -288,7 +236,7 @@ var u = '<?php echo $u?>';
var t = '<?php echo $theme;?>';
var s = '<?php echo $_GET['source'];?>';
var api = get_api('write_theme','config') + '&t=' + t;
layui.use(['form','colorpicker','element','dropdown','background'], function(){
layui.use(['form','colorpicker','element','dropdown'], function(){
var form = layui.form;
var colorpicker = layui.colorpicker;
var dropdown = layui.dropdown;
@@ -327,9 +275,7 @@ dropdown.render({elem: '#CardBackgroundColor-input',data:BackgroundColor ,click:
dropdown.render({elem: '#OtherBackgroundColor-input',data:BackgroundColor ,click: function(obj){this.elem.val(obj.code);},style: 'width: 225px;'});
dropdown.render({elem: '#SidebarBackgroundColor-input',data:BackgroundColor ,click: function(obj){this.elem.val(obj.code);},style: 'width: 225px;'});
//背景图下拉菜单
layui.background.render("input[name='backgroundURL']");
function layeropen(content,url){
layer.open({
type: 1

Some files were not shown because too many files have changed in this diff Show More