diff --git a/app/admin/controller/Admin.php b/app/admin/controller/Admin.php index 0d149ce..3ebb07c 100644 --- a/app/admin/controller/Admin.php +++ b/app/admin/controller/Admin.php @@ -4,8 +4,8 @@ namespace app\admin\controller; use app\admin\extend\FormBuilder as Form; use app\admin\extend\Util as Util; -use app\common\model\Admin as aModel; -use app\common\model\AdminRole as rModel; +use app\admin\model\Admin as aModel; +use app\admin\model\AdminRole as rModel; use app\common\model\User as userModel; use app\Request; use FormBuilder\Exception\FormBuilderException; diff --git a/app/admin/controller/AdminAuth.php b/app/admin/controller/AdminAuth.php index bd6a2a1..f689d85 100644 --- a/app/admin/controller/AdminAuth.php +++ b/app/admin/controller/AdminAuth.php @@ -4,7 +4,7 @@ namespace app\admin\controller; use app\admin\extend\FormBuilder as Form; use app\admin\extend\Util as Util; -use app\common\model\AdminAuth as aModel; +use app\admin\model\AdminAuth as aModel; use app\Request; use Exception; use FormBuilder\Exception\FormBuilderException; diff --git a/app/admin/controller/AdminLog.php b/app/admin/controller/AdminLog.php index c6db8f3..ccc51f1 100644 --- a/app/admin/controller/AdminLog.php +++ b/app/admin/controller/AdminLog.php @@ -3,7 +3,7 @@ namespace app\admin\controller; use app\admin\extend\Util as Util; -use app\common\model\AdminLog as lModel; +use app\admin\model\AdminLog as lModel; use app\Request; use Exception; use think\db\exception\DataNotFoundException; diff --git a/app/admin/controller/AdminNotify.php b/app/admin/controller/AdminNotify.php index 5d747d7..0324c6b 100644 --- a/app/admin/controller/AdminNotify.php +++ b/app/admin/controller/AdminNotify.php @@ -3,7 +3,7 @@ namespace app\admin\controller; use app\admin\extend\Util as Util; -use app\common\model\AdminNotify as nModel; +use app\admin\model\AdminNotify as nModel; use Exception; /** diff --git a/app/admin/controller/AdminRole.php b/app/admin/controller/AdminRole.php index f7ac596..8d16100 100644 --- a/app/admin/controller/AdminRole.php +++ b/app/admin/controller/AdminRole.php @@ -4,8 +4,8 @@ namespace app\admin\controller; use app\admin\extend\FormBuilder as Form; use app\admin\extend\Util as Util; -use app\common\model\AdminAuth as aModel; -use app\common\model\AdminRole as rModel; +use app\admin\model\AdminAuth as aModel; +use app\admin\model\AdminRole as rModel; use app\Request; use FormBuilder\Exception\FormBuilderException; use FormBuilder\Factory\Elm; diff --git a/app/admin/controller/AuthController.php b/app/admin/controller/AuthController.php index 5abbcf6..9191d06 100644 --- a/app/admin/controller/AuthController.php +++ b/app/admin/controller/AuthController.php @@ -2,8 +2,8 @@ namespace app\admin\controller; +use app\admin\model\AdminAuth; use app\common\constant\Data; -use app\common\model\AdminAuth; use think\facade\App; use think\facade\Lang; use think\facade\Session; diff --git a/app/admin/controller/Databases.php b/app/admin/controller/Databases.php index 9383f30..8b929e4 100644 --- a/app/admin/controller/Databases.php +++ b/app/admin/controller/Databases.php @@ -1,11 +1,4 @@ find(); + if (empty($info)) return self::setErrorInfo("登录账号不存在"); + if ($info['password'] != md5(md5($pwd))) return self::setErrorInfo("密码不正确!"); + if ($info['status'] != 1) return self::setErrorInfo("账号已被冻结!"); + self::setLoginInfo($info); + return true; + } + + /** + * 设置登录信息 + * @param $info + * @return bool + */ + public static function setLoginInfo($info) + { + unset($info->password);//去除密码字段 + $info->role_auth = AdminRole::getAuth($info['role_id'] ?? 0);//提前缓存auth字段避免频繁查询 + Session::set(Data::SESSION_KEY_ADMIN_ID, $info['id']); + Session::set(Data::SESSION_KEY_ADMIN_INFO, $info->toArray()); + event("AdminLog", [$info->toArray(), "admin", "login", "login"]); + return true; + } + + /** + * 退出登录 + */ + public static function clearLoginInfo() + { + Session::delete(Data::SESSION_KEY_ADMIN_ID); + Session::delete(Data::SESSION_KEY_ADMIN_INFO); + Session::clear(); + return true; + } + + /** + * 列表 + * @param array $where + * @return array + * @throws DataNotFoundException + * @throws DbException + * @throws ModelNotFoundException + */ + public static function systemPage(array $where): array + { + $model = new self; + if ($where['username'] != '') $model = $model->where("username|id|nickname", "like", "%$where[username]%"); + if ($where['start_time'] != '') $model = $model->where("create_time", ">", strtotime($where['start_time'] . " 00:00:00")); + if ($where['end_time'] != '') $model = $model->where("create_time", "<", strtotime($where['end_time'] . " 23:59:59")); + if ($where['tel'] != '') $model = $model->where("tel|mail", "like", "%$where[tel]%"); + if ($where['status'] != '') $model = $model->where("status", $where['status']); + if ($where['role_id'] != '') $model = $model->where("role_id", $where['role_id']); + $count = self::count(); + if ($where['page'] && $where['limit']) $model = $model->page((int)$where['page'], (int)$where['limit']); + $data = $model->select()->each(function ($item) { + unset($item['password']); + // 用户信息 + $info = self::getAdminInfoById((int)$item['create_user']); + $item['create_user'] = $info ? $info['nickname'] : $item['create_user']; + $item['role_id'] = AdminRole::getAuthNameById((int)$item['role_id']); + }); + $data = $data ? $data->toArray() : []; + return compact("data", "count"); + } + + /** + * 获取账号信息 + * @param int $id + * @param string $field + * @return array + * @throws DataNotFoundException + * @throws DbException + * @throws ModelNotFoundException + */ + public static function getAdminInfoById(int $id, string $field = '*'): array + { + $model = new self; + $model = $model->where("id", $id); + $model = $model->field($field); + $info = $model->find(); + unset($info->password); + return $info ? $info->toArray() : []; + } + + /** + * 人员列表 + * @return array + * @throws DataNotFoundException + * @throws DbException + * @throws ModelNotFoundException + */ + public static function lst() + { + $model = new self; + $model = $model->where("status", 1); + $model = $model->field("id,realname"); + $data = $model->select(); + return $data ? $data->toArray() : []; + } +} \ No newline at end of file diff --git a/app/admin/model/AdminAuth.php b/app/admin/model/AdminAuth.php new file mode 100644 index 0000000..6342237 --- /dev/null +++ b/app/admin/model/AdminAuth.php @@ -0,0 +1,252 @@ + $value) { + $temp[$value['module'] . '_' . $value['controller'] . '_' . $value['action']] = $key; + } + $authList = $temp; + cache(AdminAuth::getAuthCacheKey(), $authList, 24 * 60 * 60); + unset($temp); + } + return $authList[$module . '_' . $controller . '_' . $action] ?? -1; + } + + /** + * 获取用户权限列表 + * @param $admin_id + * @param $auth + * @return array|mixed|object|\think\App + * @throws DataNotFoundException + * @throws DbException + * @throws ModelNotFoundException + */ + public static function getAuthList($admin_id,$auth){ + $menuList = cache(self::getMenuCacheKey($admin_id)); + if ($menuList === null) { + $menuList = self::getMenu(0, $auth); + cache(AdminAuth::getMenuCacheKey($admin_id), $menuList, 1 * 60 * 60); + } + return $menuList; + } + + /** + * 获取菜单 + * @param int $pid + * @param array $auth + * @return array + * @throws DataNotFoundException + * @throws DbException + * @throws ModelNotFoundException + */ + public static function getMenu(int $pid = 0, array $auth = []): array + { + $model = new self; + $model = $model->where("is_menu", 1); + $model = $model->where("status", 1); + $model = $model->where("pid", $pid); + if ($auth != []) $model = $model->where("id", 'in', $auth); + $model = $model->field(['name as title', 'path as href', 'icon', 'id', 'font_family as fontFamily', 'is_check as isCheck', 'spreed', 'params']); + $model = $model->order(["rank desc", "id"]); + $data = $model->select()->each(function ($item) use ($auth) { + $item['children'] = self::getMenu($item['id'], $auth); + $item['isCheck'] = $item['isCheck'] ? true : false; + $item['spreed'] = $item['spreed'] ? true : false; + }); + return $data->toArray() ?: []; + } + + /** + * 权限列表 + * @param $where + * @return array + * @throws DataNotFoundException + * @throws DbException + * @throws ModelNotFoundException + */ + public static function systemPage($where): array + { + $model = new self; + if (isset($where['status']) && $where['status'] != '') $model = $model->where("status", $where['status']); + if (isset($where['name']) && $where['name'] != '') $model = $model->where("name|id", "like", "%$where[name]%"); + $model = $model->field(['id', 'name', 'icon', 'pid', 'module', 'controller', 'action', 'params', 'is_menu', 'path', 'rank', 'status']); + $model = $model->order(["rank desc", "id"]); + $data = $model->select(); + return $data->toArray() ?: []; + } + + /** + * 获取选择数据 + * @param int $pid + * @param array $auth + * @return array + * @throws DataNotFoundException + * @throws DbException + * @throws ModelNotFoundException + */ + public static function lst(int $pid = 0, array $auth = []): array + { + $model = new self; + $model = $model->where("pid", $pid); + if ($auth != []) $model = $model->where("id", 'in', $auth); + $model = $model->field(['name', 'id']); + $model = $model->order(["rank desc", "id"]); + $data = $model->select()->each(function ($item) use ($auth) { + $item['children'] = self::lst($item['id'], $auth); + }); + return $data->toArray() ?: []; + } + + /** + * 获取菜单列表缓存key + * @param $adminId + * @return string + * @author 木子的忧伤 + * @date 2021-06-09 17:24 + */ + public static function getMenuCacheKey($adminId) + { + return 'menu:List:' . $adminId; + } + + /** + * @return string + * @author 木子的忧伤 + * @date 2021-06-15 11:11 + */ + public static function getAuthCacheKey() + { + return 'auth:key:list'; + } + + public static function clearCache($adminId) + { + cache(AdminAuth::getMenuCacheKey($adminId), null); + cache(AdminAuth::getAuthCacheKey(), null); + } + + /** + * 遍历选择项 + * @param array $data + * @param $list + * @param int $num + * @param bool $clear + */ + public static function myOptions(array $data, &$list, $num = 0, $clear = true) + { + foreach ($data as $k => $v) { + $list[] = ['value' => $v['id'], 'label' => self::cross($num) . $v['name']]; + if (is_array($v['children']) && !empty($v['children'])) { + self::myOptions($v['children'], $list, $num + 1, false); + } + } + } + + /** + * 返回选择项 + * @return array + * @throws DataNotFoundException + * @throws DbException + * @throws ModelNotFoundException + */ + public static function returnOptions(): array + { + $list = []; + $list[] = ['value' => 0, 'label' => '总后台']; + self::myOptions(self::lst(), $list, 1, true); + return $list; + } + + /** + * 横线 + * @param int $num + * @return string + */ + public static function cross(int $num = 0): string + { + $str = ""; + if ($num == 1) $str .= "|--"; + elseif ($num > 1) for ($i = 0; $i < $num; $i++) + if ($i == 0) $str .= "|--"; + else $str .= "--"; + return $str . " "; + } + + /** + * 生成treeData + * @param int $pid + * @param array $auth + * @param array $list + * @return array + * @throws DataNotFoundException + * @throws DbException + * @throws ModelNotFoundException + */ + public static function selectAndBuildTree(int $pid = 0, array $auth = [], array $list = []) + { + $model = new self; + $model = $model->where("pid", $pid); + if ($auth != []) $model = $model->where("id", 'in', $auth); + $model = $model->where("status", 1); + $model = $model->field(['name', 'id']); + $model = $model->order(["rank desc", "id"]); + $data = $model->select(); + foreach ($data as $k => $v) { + $list[] = AdminRole::buildTreeData($v['id'], $v['name'], self::selectAndBuildTree($v['id'], $auth)); + } + return $list; + } + + /** + * 获取所有权限id + * @param array $ids + * @return array + */ + public static function getIds(array $ids = []): array + { + if (empty($ids)) return self::where("status", 1)->column("id"); + $pids = self::where("id", "in", $ids)->column("pid"); + return array_merge($ids, $pids) ?: []; + } + + /** + * 获取操作名 + * @param string $module + * @param string $controller + * @param string $action + * @return string + */ + public static function getNameByAction(string $module, string $controller, string $action) + { + return self::where("module", $module)->where("controller", $controller)->where("action", $action)->value("name") ?: '未知操作'; + } +} \ No newline at end of file diff --git a/app/admin/model/AdminLog.php b/app/admin/model/AdminLog.php new file mode 100644 index 0000000..680340c --- /dev/null +++ b/app/admin/model/AdminLog.php @@ -0,0 +1,62 @@ + $adminInfo['id'], + 'admin_name' => $adminInfo['username'], + 'module' => $module, + 'controller' => $controller, + 'action' => $action, + 'ip' => request()->ip(), + 'create_time' => time(), + 'user_agent' => substr(request()->server('HTTP_USER_AGENT'), 0, 255), + ]) ? true : false; + } + + /** + * 日志列表 + * @param $where + * @return array + * @throws DbException + */ + public static function systemPage($where) + { + $model = new self; + $model = $model->order("id desc"); + if ($where['name'] != '') $model = $model->where('admin_name|id', "like", "%$where[name]%"); + if ($where['ip'] != '') $model = $model->where('ip', "like", "%$where[ip]%"); + if ($where['start_time'] != '') $model = $model->where('create_time', '>', strtotime($where['start_time'] . " 00:00:00")); + if ($where['end_time'] != '') $model = $model->where('create_time', '<', strtotime($where['end_time'] . " 23:59:59")); + $count = self::count(); + if (!empty($where['page']) && !empty($where['limit'])) $model = $model->page((int)$where['page'], (int)$where['limit']); + $data = $model->select()->each(function ($item) { + $item['name'] = AdminAuth::getNameByAction($item['module'], $item['controller'], $item['action']); + }); + $data = $data ? $data->toArray() : []; + return compact("data", "count"); + } +} \ No newline at end of file diff --git a/app/admin/model/AdminNotify.php b/app/admin/model/AdminNotify.php new file mode 100644 index 0000000..8b096b8 --- /dev/null +++ b/app/admin/model/AdminNotify.php @@ -0,0 +1,69 @@ +where("create_time", "between", [strtotime($where['start_time'] . " 00:00:00"), strtotime($where['end_time'] . " 23:59:59")]); + } + if ($where['title'] != '') $model = $model->where("title|content", "like", "%$where[title]%"); + if ($where['is_read'] != '') $model = $model->where("is_read", $where['is_read']); + if ($where['aid'] != '') $model = $model->where("aid", $where['aid']); + $model = $model->order("is_read"); + $model = $model->order("create_time desc"); + return $model->paginate(10)->appends($where); + } + + /** + * 添加记录 + * @param array $data + * @return int|string + */ + public static function addLog(array $data) + { + return self::create($data); + } + + /** + * 后台首页获取通知信息 + * @param int $num + * @return array + * @throws DataNotFoundException + * @throws DbException + * @throws ModelNotFoundException + */ + public static function pageList(int $num) + { + $model = new self; + $model = $model->where("is_read", 0); + $count = self::count(); + $model = $model->order("create_time desc"); + $model = $model->page(1, $num); + $data = $model->select(); + if ($data) $data = $data->toArray(); + return compact("data", "count"); + } +} \ No newline at end of file diff --git a/app/admin/model/AdminRole.php b/app/admin/model/AdminRole.php new file mode 100644 index 0000000..a2e5028 --- /dev/null +++ b/app/admin/model/AdminRole.php @@ -0,0 +1,152 @@ +value("auth") ?: ''; + } + + /** + * 获取所有角色ids + * @return array + * @throws DataNotFoundException + * @throws DbException + * @throws ModelNotFoundException + */ + public static function getAuthLst(): array + { + $data = self::where("status", 1)->field("id,name")->select(); + return $data ? $data->toArray() : []; + } + + /** + * 获取角色名称 + * @param int $id + * @return string + */ + public static function getAuthNameById(int $id): string + { + return self::where("id", $id)->value("name") ?: (string)$id; + } + + /** + * 角色列表 + * @param int $pid + * @param array $auth + * @return array + * @throws DataNotFoundException + * @throws DbException + * @throws ModelNotFoundException + */ + public static function systemPage(int $pid = -1): array + { + $model = new self; + if ($pid != -1) $model = $model->where("pid", $pid); + $model = $model->field(['id', 'name', 'pid', 'auth', 'rank', 'status']); + $model = $model->order(["rank desc", "id"]); + $data = $model->select(); + return $data->toArray() ?: []; + } + + /** + * 获取选择数据 + * @param int $pid + * @param array $auth + * @return array + * @throws DataNotFoundException + * @throws DbException + * @throws ModelNotFoundException + */ + public static function lst(int $pid = 0, array $auth = []): array + { + $model = new self; + $model = $model->where("pid", $pid); + $model = $model->field(['name', 'id']); + $model = $model->order(["rank desc", "id"]); + $data = $model->select()->each(function ($item) use ($auth) { + $item['children'] = self::lst($item['id'], $auth); + }); + return $data->toArray() ?: []; + } + + /** + * 遍历选择项 + * @param array $data + * @param $list + * @param int $num + * @param bool $clear + */ + public static function myOptions(array $data, &$list, $num = 0, $clear = true) + { + foreach ($data as $k => $v) { + $list[] = ['value' => $v['id'], 'label' => self::cross($num) . $v['name']]; + if (is_array($v['children']) && !empty($v['children'])) { + self::myOptions($v['children'], $list, $num + 1, false); + } + } + } + + /** + * 返回选择项 + * @return array + * @throws DataNotFoundException + * @throws DbException + * @throws ModelNotFoundException + */ + public static function returnOptions(): array + { + $list = []; + $list[] = ['label' => '总后台', 'value' => 0]; + self::myOptions(self::lst(), $list, 1, true); + return $list; + } + + /** + * 横线 + * @param int $num + * @return string + */ + public static function cross(int $num = 0): string + { + $str = ""; + if ($num == 1) $str .= "|--"; + elseif ($num > 1) for ($i = 0; $i < $num; $i++) + if ($i == 0) $str .= "|--"; + else $str .= "--"; + return $str . " "; + } + + /** + * 生成单个节点 + * @param $id + * @param $title + * @return array + */ + public static function buildTreeData($id, $title, $children = []): array + { + $tree = Elm::TreeData($id, $title); + if (!empty($children)) $tree = $tree->children($children); + return $tree->getOption(); + } +} \ No newline at end of file diff --git a/app/admin/subscribes/AdminSubscribe.php b/app/admin/subscribes/AdminSubscribe.php index 503aae8..b6e60dc 100644 --- a/app/admin/subscribes/AdminSubscribe.php +++ b/app/admin/subscribes/AdminSubscribe.php @@ -3,7 +3,7 @@ namespace app\admin\subscribes; -use app\common\model\AdminLog; +use app\admin\model\AdminLog; /** * 操作员日志记录 diff --git a/app/common/validate/MessageForm.php b/app/common/validate/MessageForm.php deleted file mode 100644 index e112b04..0000000 --- a/app/common/validate/MessageForm.php +++ /dev/null @@ -1,29 +0,0 @@ - 'require', - 'tel' => 'number|max:11', - ]; - protected $message = [ - 'content.require' => '请输入留言内容!', - 'tel.number' => '手机号必须是数字!', - 'tel.max' => '手机号不得超过11位!', - ]; -} diff --git a/app/index/controller/Article.php b/app/index/controller/Article.php index d034d19..6fc0c1f 100644 --- a/app/index/controller/Article.php +++ b/app/index/controller/Article.php @@ -7,11 +7,13 @@ use app\common\constant\Data; use app\common\model\Comment as commentModel; use app\common\model\Document; use app\common\model\DocumentCategory; +use app\index\validate\Comment; use app\Request; use think\db\exception\DataNotFoundException; use think\db\exception\DbException; use think\db\exception\ModelNotFoundException; use think\Exception; +use think\exception\ValidateException; use think\facade\Log; /** @@ -56,7 +58,7 @@ class Article extends Base //判断后台统计配置是否开启 1 开启 if (web_config("web_statistics") == 1) { //统计url - $this->urlrecord($dc['title']); + $this->urlRecord($dc['title']); } //读取列表页模板 $template = Data::DOCUMENT_CATEGORY . '/' . ($dc['template'] ?: 'list_default.html'); @@ -138,7 +140,7 @@ class Article extends Base //判断后台统计配置是否开启 1 开启 if (web_config("web_statistics") == 1) { //统计url - $this->urlrecord($article['title']); + $this->urlRecord($article['title']); } Log::info('详情页模板路径:' . $templateFile); //去除后缀 @@ -163,16 +165,19 @@ class Article extends Base ['email', ''], ['content', ''], ]); - if (!web_config('comment_close')) { + if (!web_config('comment_close')){ $this->error('非法操作,请检查后重试', null); } - if (web_config('comment_visitor')) { - if ($data['author'] == "") $this->error("昵称不能为空"); - if ($data['email'] == "") $this->error("邮箱不能为空"); - if ($data['url'] == "") $this->error("url不能为空"); - } else { - $data['author'] = $this->userInfo['nickname'] ?: $this->userInfo['username']; - $data['email'] = $this->userInfo['email'] ?: ''; + if (web_config('comment_visitor')){ + try { + validate(Comment::class)->check($data); + } catch (ValidateException $e) { + // 验证失败 输出错误信息 + $this->error($e->getError(), null); + } + }elseif(web_config('is_register')){ + $data['author'] = $this->userInfo['nickname']?:$this->userInfo['username']; + $data['email'] = $this->userInfo['email']?:''; $data['url'] = ''; } if ($data['document_id'] == "") $this->error("文章id不能为空"); diff --git a/app/index/controller/Base.php b/app/index/controller/Base.php index de24071..112760a 100644 --- a/app/index/controller/Base.php +++ b/app/index/controller/Base.php @@ -70,7 +70,7 @@ class Base extends BaseController * @author 木子的忧伤 * @date 2021-05-09 23:44 */ - protected function urlrecord($title) + protected function urlRecord($title) { $urlLogModel = new UrlLog(); //获取url diff --git a/app/index/controller/Index.php b/app/index/controller/Index.php index f190549..44b384c 100644 --- a/app/index/controller/Index.php +++ b/app/index/controller/Index.php @@ -10,7 +10,8 @@ use app\common\model\DocumentCategory as DocumentCategoryModel; use app\common\model\FriendLink as friendLinkModel; use app\common\model\MessageForm as MessageFormModel; use app\common\model\Tag as TagModel; -use app\common\validate\MessageForm as MessageformValidate; +use app\index\validate\Msg as MsgValidate; +use app\index\validate\FriendLink as FriendLinkValidate; use app\Request; use think\db\exception\DataNotFoundException; use think\db\exception\DbException; @@ -33,7 +34,7 @@ class Index extends Base //判断后台统计配置是否开启 1 开启 if (web_config("web_statistics") == 1) { //统计url - $this->urlrecord('网站首页'); + $this->urlRecord('网站首页'); } //清除可能存在的栏目分类树id cache(Data::CURR_CATEGORY_PATENT_ID, false); @@ -64,8 +65,10 @@ class Index extends Base ['description', ''], ]); - if ($data['title'] == "") $this->error("链接名称不能为空"); - if ($data['url'] == "") $this->error("链接地址不能为空"); + $friendLinkValidate = new FriendLinkValidate(); + if (!$friendLinkValidate->check($data)) { + $this->error($friendLinkValidate->getError()); + } //判断下用户是否存在 $info = friendLinkModel::where('url', $data['url'])->find(); if ($info) { @@ -109,7 +112,7 @@ class Index extends Base ]); $data['create_time'] = time(); $data['reply_content'] = ''; - $messageFormValidate = new MessageFormValidate(); + $messageFormValidate = new MsgValidate(); if (!$messageFormValidate->check($data)) { $this->error($messageFormValidate->getError()); } @@ -168,7 +171,7 @@ class Index extends Base //判断后台统计配置是否开启 1 开启 if (web_config("web_statistics") == 1) { //统计url - $this->urlrecord($article['title']); + $this->urlRecord($article['title']); } Log::info('详情页模板路径:' . $templateFile); //去除后缀 diff --git a/app/index/controller/Page.php b/app/index/controller/Page.php index e023408..a073d84 100644 --- a/app/index/controller/Page.php +++ b/app/index/controller/Page.php @@ -6,11 +6,13 @@ use app\admin\extend\Util as Util; use app\common\constant\Data; use app\common\model\Comment as commentModel; use app\common\model\Document; +use app\index\validate\Comment; use app\Request; use think\db\exception\DataNotFoundException; use think\db\exception\DbException; use think\db\exception\ModelNotFoundException; use think\Exception; +use think\exception\ValidateException; use think\facade\Log; /** @@ -66,7 +68,7 @@ class Page extends Base //判断后台统计配置是否开启 1 开启 if (web_config("web_statistics") == 1) { //统计url - $this->urlrecord($article['title']); + $this->urlRecord($article['title']); } Log::info('详情页模板路径:' . $templateFile); //去除后缀 @@ -95,10 +97,13 @@ class Page extends Base $this->error('非法操作,请检查后重试', null); } if (web_config('comment_visitor')){ - if ($data['author'] == "") $this->error("昵称不能为空"); - if ($data['email'] == "") $this->error("邮箱不能为空"); - if ($data['url'] == "") $this->error("url不能为空"); - }else{ + try { + validate(Comment::class)->check($data); + } catch (ValidateException $e) { + // 验证失败 输出错误信息 + $this->error($e->getError(), null); + } + }elseif(web_config('is_register')){ $data['author'] = $this->userInfo['nickname']?:$this->userInfo['username']; $data['email'] = $this->userInfo['email']?:''; $data['url'] = ''; diff --git a/app/index/controller/User.php b/app/index/controller/User.php index c2479f8..d15fee2 100644 --- a/app/index/controller/User.php +++ b/app/index/controller/User.php @@ -9,11 +9,15 @@ namespace app\index\controller; use app\admin\extend\Util; use app\common\model\Document; use app\common\model\User as userModel; +use app\index\validate\Comment; +use app\index\validate\Login; +use app\index\validate\Register; use Exception; use think\App; use think\db\exception\DataNotFoundException; use think\db\exception\DbException; use think\db\exception\ModelNotFoundException; +use think\exception\ValidateException; use think\Response; class User extends Base @@ -49,12 +53,17 @@ class User extends Base */ public function verify() { - list($username, $password, $captcha) = Util::postMore(['username', 'password', 'captcha'], null, true); - if (empty($username) || empty($password)) return app("json")->fail("账号、密码和验证码不能为空!"); + $data = Util::postMore(['username', 'password', 'captcha'], null, true); + try { + validate(Login::class)->check($data); + } catch (ValidateException $e) { + // 验证失败 输出错误信息 + $this->error($e->getError(), null); + } // 验证码验证 - if (!captcha_check($captcha)) return app("json")->fail("验证码不正确!"); + if (!captcha_check($data['captcha'])) return app("json")->fail("验证码不正确!"); // 验证登录 - if (!userModel::login($username, $password)) return app("json")->fail(userModel::getErrorInfo()); + if (!userModel::login($data['username'], $data['password'])) return app("json")->fail(userModel::getErrorInfo()); return app("json")->success("登录成功!"); } @@ -77,16 +86,21 @@ class User extends Base */ public function register_verify() { - list($username, $email, $password, $captcha) = Util::postMore(['username', 'email', 'password', 'captcha'], null, true); - if (empty($username) || empty($email) || empty($password) || empty($captcha)) return app("json")->fail("账号、密码和验证码不能为空!"); + $data = Util::postMore(['username', 'email', 'password', 'captcha'], null, true); + try { + validate(Register::class)->check($data); + } catch (ValidateException $e) { + // 验证失败 输出错误信息 + $this->error($e->getError(), null); + } // 验证码验证 - if (!captcha_check($captcha)) return app("json")->fail("验证码不正确!"); + if (!captcha_check($data['captcha'])) return app("json")->fail("验证码不正确!"); // 验证码验证 - if (!empty(web_config('register_black_list')) && in_array($username, explode(',', web_config('register_black_list')))) { + if (!empty(web_config('register_black_list')) && in_array($data['username'], explode(',', web_config('register_black_list')))) { return app("json")->fail("账号不合法,请更换后重试"); } // 验证登录 - if (!userModel::register($username, $email, $password)) return app("json")->fail(userModel::getErrorInfo()); + if (!userModel::register($data['username'], $data['email'], $data['password'])) return app("json")->fail(userModel::getErrorInfo()); return app("json")->success("注册成功!我们给您邮箱发送了一封激活邮件,请按照邮件提示激活用户"); } diff --git a/app/index/validate/Comment.php b/app/index/validate/Comment.php new file mode 100644 index 0000000..9a892f5 --- /dev/null +++ b/app/index/validate/Comment.php @@ -0,0 +1,24 @@ + 'require', + 'pid' => '', + 'author'=> 'require', + 'url' => 'require', + 'email' => 'require|email', + 'content' => 'require|content', + ]; + + protected $message = [ + 'author.require' => '昵称不能为空', + 'email.require' => '邮箱不能为空', + 'url.require' => 'url不能为空', + 'document_id.require' => '文章id不能为空', + 'content.require' => '内容不能为空', + ]; +} \ No newline at end of file diff --git a/app/index/validate/FriendLink.php b/app/index/validate/FriendLink.php new file mode 100644 index 0000000..48a3cdf --- /dev/null +++ b/app/index/validate/FriendLink.php @@ -0,0 +1,31 @@ + 'require|max:255', + 'url' => 'require|max:255', + 'sort' => 'require|number', + ]; + protected $message = [ + 'title.require' => '请输入链接名称!', + 'url.require' => '请输入链接地址!', + 'sort' => '请输入排序序号', + 'sort.number' => '排序序号只能是数字', + 'title.max' => '链接名称最多输入255个字符', + 'url.max' => '链接地址最多输入255个字符', + ]; + + //更新排序 + protected $scene = [ + 'sort' => ['sort'] + ]; +} diff --git a/app/index/validate/Login.php b/app/index/validate/Login.php new file mode 100644 index 0000000..ca966b3 --- /dev/null +++ b/app/index/validate/Login.php @@ -0,0 +1,21 @@ + 'require|max:25', + 'password' => 'number|between:1,120', + 'captcha' => 'require', + ]; + + protected $message = [ + 'name.require' => '名称不能为空', + 'name.max' => '名称最多不能超过25个字符', + 'password' => '密码不能为空', + 'captcha' => '验证码不能为空' + ]; +} \ No newline at end of file diff --git a/app/index/validate/Msg.php b/app/index/validate/Msg.php new file mode 100644 index 0000000..142340e --- /dev/null +++ b/app/index/validate/Msg.php @@ -0,0 +1,26 @@ + 'require', + 'tel' => 'require|number|max:11', + 'email' => 'require|email', + 'content' => 'require', + ]; + + + protected $message = [ + 'author.require' => '昵称不能为空', + 'tel.require' => '手机号不能为空', + 'tel.number' => '手机号必须是数字!', + 'tel.max' => '手机号不得超过11位!', + 'email.require' => '邮箱不能为空', + 'email.email' => '邮箱格式错误', + 'content.require' => '内容不能为空', + ]; +} \ No newline at end of file diff --git a/app/index/validate/Register.php b/app/index/validate/Register.php new file mode 100644 index 0000000..6bba4b1 --- /dev/null +++ b/app/index/validate/Register.php @@ -0,0 +1,24 @@ + 'require|max:25', + 'email' => 'require|email', + 'password' => 'required', + 'captcha' => 'require', + ]; + + protected $message = [ + 'name.require' => '名称不能为空', + 'name.max' => '名称最多不能超过25个字符', + 'email.require' => '邮箱不能为空', + 'email.email' => '邮箱格式错误', + 'password' => '密码不能为空', + 'captcha' => '验证码不能为空' + ]; +} \ No newline at end of file