molong/sentcms
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

解决未登录也能文件上传的问题

Browse Source
This commit is contained in:
molong
2022-01-09 22:49:38 +08:00
parent 53ef2ad583
commit 35fcb75a50
5 changed files with 571 additions and 592 deletions
Download Patch File Download Diff File Expand all files Collapse all files

325
app/controller/Upload.php
View File

@@ -1,173 +1,154 @@
<?php
// +----------------------------------------------------------------------
// | SentCMS [ WE CAN DO IT JUST THINK IT ]
// +----------------------------------------------------------------------
// | Copyright (c) 2013 http://www.tensent.cn All rights reserved.
// +----------------------------------------------------------------------
// | Author: molong <molong@tensent.cn> <http://www.tensent.cn>
// +----------------------------------------------------------------------
namespace app\controller;
use think\facade\Session;
use think\facade\Filesystem;
use app\model\Attach;
class Upload extends Base {
// 使用内置PHP模板引擎渲染模板输出
protected $tpl_config = [
'view_dir_name' => 'view',
'tpl_replace_string' => [
'__static__' => '/static',
'__img__' => '/static/admin/images',
'__css__' => '/static/admin/css',
'__js__' => '/static/admin/js',
'__plugins__' => '/static/plugins',
'__public__' => '/static/admin',
],
];
public $data = ['data' => [], 'code' => 0, 'msg' => ''];
protected function initialize() {
}
public function index(){
$param = $this->request->get();
if (!isset($param['name'])) {
return $this->error('非法操作');
}
$this->data = [
'from' => $this->request->param('from'),
'param' => $param,
'require' => [
'jsname' => 'upload',
'actionname' => 'index'
]
];
return $this->fetch();
}
public function server(){
$param = $this->request->get();
$map = [];
if (!isset($param['name'])) {
return $this->error('非法操作');
}
$pageConfig = [
'list_rows' => $this->request->param('list_rows', 20),
'page' => $this->request->param('page', 1),
'query' => $this->request->param()
];
if($param['type'] == 'file'){
$map[] = ['type', '<>', 'image'];
}else{
$map[] = ['type', '=', 'image'];
}
$list = Attach::where($map)->paginate($pageConfig);
$this->data = [
'from' => $this->request->param('from'),
'param' => $param,
'list' => $list,
'page' => $list->render(),
'require' => [
'jsname' => 'upload',
'actionname' => 'server'
]
];
return $this->fetch();
}
public function upload(){
$type = $this->request->param('type');
$upload_type = (false !== strpos($type, "image")) ? "image" : 'file';
$config = $this->$upload_type();
// 获取表单上传文件 例如上传了001.jpg
$file = $this->request->file('file');
try {
validate(['file'=>'filesize:10240|fileExt:jpg|image:200,200,jpg'])
->check([$file]);
$data['code'] = 1;
$data['info'] = $this->save($this->request, $upload_type);
} catch (think\exception\ValidateException $e) {
$data['code'] = 0;
$data['info'] = $e->getMessage();
}
return json($data);
}
protected function image(){
return [];
}
protected function file(){
return [];
}
public function editor(){
$fileType = $this->request->get('fileType', 'image', 'trim');
$file = request()->file('imgFile');
$data['data']['url'] = '/uploads/' . Filesystem::disk('public')->putFile($fileType, $file, 'md5');
$data['code'] = "000";
return json($data);
}
public function filemanage(){
$pageConfig = [
'list_rows' => $this->request->param('list_rows', 20),
'page' => $this->request->param('page', 1),
'query' => $this->request->param()
];
$map[] = ['type', '=', 'image'];
$data = Attach::where($map)->paginate($pageConfig)->each(function($item, $key){
$item['thumbURL'] = $item['url'];
$item['oriURL'] = $item['url'];
return $item;
})->toArray();
$data['code'] = "000";
return $data;
}
public function ueditor(){
$data = new \com\Ueditor(Session::get('userInfo.uid'));
echo $data->output();
}
public function delete(){
$id = $this->request->param('id', 0);
if(!$id){
$data = [
'status' => false
];
}else{
$data = [
'status' => true
];
}
return json($data);
}
protected function save($request, $upload_type){
$data = [];
$file= $request->file('file');
$data['type'] = $upload_type;
$data['mime'] = $request->param('type');
$data['size'] = $file->getSize(); //文件大小,单位字节
$data['md5'] = md5_file($file->getPathname());
$data['sha1'] = sha1_file($file->getPathname());
$data['savepath'] = str_replace("\\", "/", Filesystem::disk('public')->putFile($upload_type, $file, 'md5'));
$data['ext'] = pathinfo($data['savepath'], PATHINFO_EXTENSION); //文件扩展名
$data['location'] = "/uploads/";
$data['url'] = $data['location'] . $data['savepath'];
$data['real_url'] = $request->domain() . $data['url'];
$data['create_time'] = time();
$data['savename'] = $request->param('name', $data['savepath']);
$data['name'] = $request->param('name', $data['savepath']);
$attach = Attach::create($data);
$data['id'] = $attach->id;
return $data;
}
<?php
// +----------------------------------------------------------------------
// | SentCMS [ WE CAN DO IT JUST THINK IT ]
// +----------------------------------------------------------------------
// | Copyright (c) 2013 http://www.tensent.cn All rights reserved.
// +----------------------------------------------------------------------
// | Author: molong <molong@tensent.cn> <http://www.tensent.cn>
// +----------------------------------------------------------------------
namespace app\controller;
use think\facade\Session;
use think\facade\Filesystem;
use app\model\Attach;
trait Upload {
public function index(){
$param = $this->request->get();
if (!isset($param['name'])) {
return $this->error('非法操作');
}
$this->data = [
'from' => $this->request->param('from'),
'param' => $param,
'require' => [
'jsname' => 'upload',
'actionname' => 'index'
]
];
return $this->fetch(root_path() . 'view/upload/index.html');
}
public function server(){
$param = $this->request->get();
$map = [];
if (!isset($param['name'])) {
return $this->error('非法操作');
}
$pageConfig = [
'list_rows' => $this->request->param('list_rows', 20),
'page' => $this->request->param('page', 1),
'query' => $this->request->param()
];
if($param['type'] == 'file'){
$map[] = ['type', '<>', 'image'];
}else{
$map[] = ['type', '=', 'image'];
}
$list = Attach::where($map)->paginate($pageConfig);
$this->data = [
'from' => $this->request->param('from'),
'param' => $param,
'list' => $list,
'page' => $list->render(),
'require' => [
'jsname' => 'upload',
'actionname' => 'server'
]
];
return $this->fetch(root_path() . 'view/upload/server.html');
}
public function upload(){
$type = $this->request->param('type');
$upload_type = (false !== strpos($type, "image")) ? "image" : 'file';
$config = $this->$upload_type();
// 获取表单上传文件 例如上传了001.jpg
$file = $this->request->file('file');
try {
validate(['file'=>'filesize:10240|fileExt:jpg|image:200,200,jpg'])
->check([$file]);
$data['code'] = 1;
$data['info'] = $this->save($this->request, $upload_type);
} catch (think\exception\ValidateException $e) {
$data['code'] = 0;
$data['info'] = $e->getMessage();
}
return json($data);
}
protected function image(){
return [];
}
protected function file(){
return [];
}
public function editor(){
$fileType = $this->request->get('fileType', 'image', 'trim');
$file = request()->file('imgFile');
$data['data']['url'] = '/uploads/' . Filesystem::disk('public')->putFile($fileType, $file, 'md5');
$data['code'] = "000";
return json($data);
}
public function filemanage(){
$pageConfig = [
'list_rows' => $this->request->param('list_rows', 20),
'page' => $this->request->param('page', 1),
'query' => $this->request->param()
];
$map[] = ['type', '=', 'image'];
$data = Attach::where($map)->paginate($pageConfig)->each(function($item, $key){
$item['thumbURL'] = $item['url'];
$item['oriURL'] = $item['url'];
return $item;
})->toArray();
$data['code'] = "000";
return $data;
}
public function ueditor(){
$data = new \com\Ueditor(Session::get('userInfo.uid'));
echo $data->output();
}
public function delete(){
$id = $this->request->param('id', 0);
if(!$id){
$data = [
'status' => false
];
}else{
$data = [
'status' => true
];
}
return json($data);
}
protected function save($request, $upload_type){
$data = [];
$file= $request->file('file');
$data['type'] = $upload_type;
$data['mime'] = $request->param('type');
$data['size'] = $file->getSize(); //文件大小,单位字节
$data['md5'] = md5_file($file->getPathname());
$data['sha1'] = sha1_file($file->getPathname());
$data['savepath'] = str_replace("\\", "/", Filesystem::disk('public')->putFile($upload_type, $file, 'md5'));
$data['ext'] = pathinfo($data['savepath'], PATHINFO_EXTENSION); //文件扩展名
$data['location'] = "/uploads/";
$data['url'] = $data['location'] . $data['savepath'];
$data['real_url'] = $request->domain() . $data['url'];
$data['create_time'] = time();
$data['savename'] = $request->param('name', $data['savepath']);
$data['name'] = $request->param('name', $data['savepath']);
$attach = Attach::create($data);
$data['id'] = $attach->id;
return $data;
}
}

498
app/controller/admin/Base.php
View File

@@ -1,250 +1,250 @@
<?php
// +----------------------------------------------------------------------
// | SentCMS [ WE CAN DO IT JUST THINK IT ]
// +----------------------------------------------------------------------
// | Copyright (c) 2013 http://www.tensent.cn All rights reserved.
// +----------------------------------------------------------------------
// | Author: molong <molong@tensent.cn> <http://www.tensent.cn>
// +----------------------------------------------------------------------
namespace app\controller\admin;
use app\model\Addons;
use app\model\AuthGroup;
use app\model\Menu;
use app\model\Model;
use think\facade\View;
use think\facade\Config;
class Base extends \app\controller\Base {
// 使用内置PHP模板引擎渲染模板输出
protected $tpl_config = [
'view_dir_name' => 'view',
'tpl_replace_string' => [
'__static__' => '/static',
'__img__' => '/static/admin/images',
'__css__' => '/static/admin/css',
'__js__' => '/static/admin/js',
'__plugins__' => '/static/plugins',
'__public__' => '/static/admin',
],
];
protected $middleware = [
'\app\http\middleware\Validate',
'\app\http\middleware\Admin',
];
protected function initialize() {
$url = str_replace(".", "/", strtolower($this->request->controller())) . '/' . $this->request->action();
if (!is_login() and !in_array($url, array('admin/index/login', 'admin/index/logout', 'admin/index/verify'))) {
$this->redirect('/admin/index/login');
}
if (!in_array($url, array('admin/index/login', 'admin/index/logout', 'admin/index/verify'))) {
// 是否是超级管理员
define('IS_ROOT', is_administrator());
if (!IS_ROOT && $this->config['admin_allow_ip']) {
// 检查IP地址访问
if (!in_array(get_client_ip(), explode(',', $this->config['admin_allow_ip']))) {
$this->error('403:禁止访问');
}
}
// 检测系统权限
if (!IS_ROOT) {
$access = $this->accessControl();
if (false === $access) {
$this->error('403:禁止访问');
} elseif (null === $access) {
$dynamic = $this->checkDynamic(); //检测分类栏目有关的各项动态权限
if ($dynamic === null) {
//检测访问权限
if (!$this->checkRule($url, [1,2])) {
$this->error('未授权访问!');
} else {
// 检测分类及内容有关的各项动态权限
$dynamic = $this->checkDynamic();
if (false === $dynamic) {
$this->error('未授权访问!');
}
}
} elseif ($dynamic === false) {
$this->error('未授权访问!');
}
}
}
//菜单设置
$this->getMenu();
View::assign('meta_title', isset($this->data['meta_title']) ? $this->data['meta_title'] : $this->getCurrentTitle());
}
}
/**
* 权限检测
* @param string $rule 检测的规则
* @param string $mode check模式
* @return boolean
* @author 朱亚杰 <xcoolcc@gmail.com>
*/
final protected function checkRule($rule, $type = AuthRule::rule_url, $mode = 'url') {
static $Auth = null;
if (!$Auth) {
$Auth = new \sent\auth\Auth();
}
if (!$Auth->check($rule, session('userInfo.uid'), $type, $mode)) {
return false;
}
return true;
}
/**
* 检测是否是需要动态判断的权限
* @return boolean|null
* 返回true则表示当前访问有权限
* 返回false则表示当前访问无权限
* 返回null则表示权限不明
*
* @author 朱亚杰 <xcoolcc@gmail.com>
*/
protected function checkDynamic() {
if (IS_ROOT) {
return true; //管理员允许访问任何页面
}
return null; //不明,需checkRule
}
/**
* action访问控制,在 **登陆成功** 后执行的第一项权限检测任务
*
* @return boolean|null 返回值必须使用 `===` 进行判断
*
* 返回 **false**, 不允许任何人访问(超管除外)
* 返回 **true**, 允许任何管理员访问,无需执行节点权限检测
* 返回 **null**, 需要继续执行节点权限检测决定是否允许访问
* @author 朱亚杰 <xcoolcc@gmail.com>
*/
final protected function accessControl() {
$allow = [];
$deny = [];
foreach ($this->config['allow_visit'] as $key => $value) {
$allow[] = $value['label'];
}
foreach ($this->config['deny_visit'] as $key => $value) {
$deny[] = $value['label'];
}
$check = strtolower(str_replace(".", "/", $this->request->controller()) . '/' . $this->request->action());
if (!empty($deny) && in_array_case($check, $deny)) {
return false; //非超管禁止访问deny中的方法
}
if (!empty($allow) && in_array_case($check, $allow)) {
return true;
}
return null; //需要检测节点权限
}
protected function getMenu() {
$addon = $this->request->param('addon', false);
$hover_url = str_replace(".", "/", strtolower($this->request->controller()));
$controller = str_replace(".", "/", strtolower($this->request->controller()));
$menu = array(
'main' => array(),
'child' => array(),
);
$where['pid'] = 0;
$where['hide'] = 0;
$where['type'] = 'admin';
if (!config('develop_mode')) {
// 是否开发者模式
$where['is_dev'] = 0;
}
$row = Menu::where($where)->order('sort asc')->field("id,title,url,icon,'' as style")->select();
foreach ($row as $key => $value) {
//此处用来做权限判断
if (!IS_ROOT && !$this->checkRule(substr($value['url'], 1), 2, null)) {
unset($menu['main'][$value['id']]);
continue; //继续循环
}
if (false !== strripos($controller, $value['url'])) {
$value['style'] = "active";
}
$menu['main'][$value['id']] = $value;
}
// 查找当前子菜单
$pid = Menu::where("pid !=0 AND url like '%{$hover_url}%'")->value('pid');
$id = Menu::where("pid = 0 AND url like '%{$hover_url}%'")->value('id');
$pid = $pid ? $pid : $id;
if (strtolower($hover_url) == 'admin/content' || strtolower($hover_url) == 'admin/attribute') {
//内容管理菜单
$pid = Menu::where("pid =0 AND url like '%admin/category%'")->value('id');
}
if ($addon) {
//扩展管理菜单
$pid = Menu::where("pid =0 AND url like '%admin/addons%'")->value('id');
$this->getAddonsMenu();
}
if ($pid) {
$map['pid'] = $pid;
$map['hide'] = 0;
$map['type'] = 'admin';
$row = Menu::field("id,title,url,icon,`group`,pid,'' as style")->where($map)->order('sort asc')->select();
foreach ($row as $key => $value) {
if (IS_ROOT || $this->checkRule(substr($value['url'], 1), 2, null)) {
if ($controller == $value['url']) {
$menu['main'][$value['pid']]['style'] = "active";
$value['style'] = "active";
}
$menu['child'][$value['group']][] = $value;
}
}
}
View::assign('__menu__', $menu);
}
protected function getContentMenu() {
$list = [];
$menu = [];
$map[] = ['status', '>', 0];
$list = Model::where($map)->field("name,id,title,icon,'' as 'style'")->select();
//判断是否有模型权限
$models = AuthGroup::getAuthModels(session('userInfo.uid'));
foreach ($list as $key => $value) {
if (IS_ROOT || in_array($value['id'], $models)) {
if ('/admin/content/index' == $this->request->url() && input('model_id') == $value['id']) {
$value['style'] = "active";
}
$value['url'] = "/admin/" . $value['name'] . "/index";
$value['title'] = $value['title'] . "管理";
$value['icon'] = $value['icon'] ? $value['icon'] : 'file';
$menu[] = $value;
}
}
if (!empty($menu)) {
View::assign('extend_menu', array('内容管理' => $menu));
}
}
protected function getAddonsMenu() {
$list = array();
$map[] = ['isinstall', '>', 0];
$map[] = ['status', '>', 0];
$list = Addons::where($map)->field("name,id,title,'' as 'style'")->select();
$menu = array();
foreach ($list as $key => $value) {
$class = "\\addons\\" . strtolower($value['name']) . "\\controller\\Admin";
if (is_file($this->app->getRootPath() . '/addons/' . strtolower($value['name']) . "/controller/Admin.php")) {
$action = get_class_methods($class);
$value['url'] = "/addons/" . $value['name'] . "/admin/" . $action[0];
$menu[$key] = $value;
}
}
if (!empty($menu)) {
View::assign('extend_menu', array('管理插件' => $menu));
}
}
<?php
// +----------------------------------------------------------------------
// | SentCMS [ WE CAN DO IT JUST THINK IT ]
// +----------------------------------------------------------------------
// | Copyright (c) 2013 http://www.tensent.cn All rights reserved.
// +----------------------------------------------------------------------
// | Author: molong <molong@tensent.cn> <http://www.tensent.cn>
// +----------------------------------------------------------------------
namespace app\controller\admin;
use app\model\Addons;
use app\model\AuthGroup;
use app\model\Menu;
use app\model\Model;
use think\facade\View;
use think\facade\Config;
class Base extends \app\controller\Base {
// 使用内置PHP模板引擎渲染模板输出
protected $tpl_config = [
'view_dir_name' => 'view',
'tpl_replace_string' => [
'__static__' => '/static',
'__img__' => '/static/admin/images',
'__css__' => '/static/admin/css',
'__js__' => '/static/admin/js',
'__plugins__' => '/static/plugins',
'__public__' => '/static/admin',
],
];
protected $middleware = [
'\app\http\middleware\Validate',
'\app\http\middleware\Admin',
];
protected function initialize() {
$url = str_replace(".", "/", strtolower($this->request->controller())) . '/' . $this->request->action();
if (!is_login() and !in_array($url, array('admin/index/login', 'admin/index/logout', 'admin/index/verify'))) {
$this->redirect('/admin/index/login');
}
if (!in_array($url, array('admin/index/login', 'admin/index/logout', 'admin/index/verify'))) {
// 是否是超级管理员
define('IS_ROOT', is_administrator());
if (!IS_ROOT && $this->config['admin_allow_ip']) {
// 检查IP地址访问
if (!in_array(get_client_ip(), explode(',', $this->config['admin_allow_ip']))) {
$this->error('403:禁止访问');
}
}
// 检测系统权限
if (!IS_ROOT) {
$access = $this->accessControl();
if (false === $access) {
$this->error('403:禁止访问');
} elseif (null === $access) {
$dynamic = $this->checkDynamic(); //检测分类栏目有关的各项动态权限
if ($dynamic === null) {
//检测访问权限
if (!$this->checkRule($url, [1,2])) {
$this->error('未授权访问!');
} else {
// 检测分类及内容有关的各项动态权限
$dynamic = $this->checkDynamic();
if (false === $dynamic) {
$this->error('未授权访问!');
}
}
} elseif ($dynamic === false) {
$this->error('未授权访问!');
}
}
}
//菜单设置
$this->getMenu();
View::assign('meta_title', isset($this->data['meta_title']) ? $this->data['meta_title'] : $this->getCurrentTitle());
}
}
/**
* 权限检测
* @param string $rule 检测的规则
* @param string $mode check模式
* @return boolean
* @author 朱亚杰 <xcoolcc@gmail.com>
*/
final protected function checkRule($rule, $type = AuthRule::rule_url, $mode = 'url') {
static $Auth = null;
if (!$Auth) {
$Auth = new \sent\auth\Auth();
}
if (!$Auth->check($rule, session('adminInfo.uid'), $type, $mode)) {
return false;
}
return true;
}
/**
* 检测是否是需要动态判断的权限
* @return boolean|null
* 返回true则表示当前访问有权限
* 返回false则表示当前访问无权限
* 返回null则表示权限不明
*
* @author 朱亚杰 <xcoolcc@gmail.com>
*/
protected function checkDynamic() {
if (IS_ROOT) {
return true; //管理员允许访问任何页面
}
return null; //不明,需checkRule
}
/**
* action访问控制,在 **登陆成功** 后执行的第一项权限检测任务
*
* @return boolean|null 返回值必须使用 `===` 进行判断
*
* 返回 **false**, 不允许任何人访问(超管除外)
* 返回 **true**, 允许任何管理员访问,无需执行节点权限检测
* 返回 **null**, 需要继续执行节点权限检测决定是否允许访问
* @author 朱亚杰 <xcoolcc@gmail.com>
*/
final protected function accessControl() {
$allow = [];
$deny = [];
foreach ($this->config['allow_visit'] as $key => $value) {
$allow[] = $value['label'];
}
foreach ($this->config['deny_visit'] as $key => $value) {
$deny[] = $value['label'];
}
$check = strtolower(str_replace(".", "/", $this->request->controller()) . '/' . $this->request->action());
if (!empty($deny) && in_array_case($check, $deny)) {
return false; //非超管禁止访问deny中的方法
}
if (!empty($allow) && in_array_case($check, $allow)) {
return true;
}
return null; //需要检测节点权限
}
protected function getMenu() {
$addon = $this->request->param('addon', false);
$hover_url = str_replace(".", "/", strtolower($this->request->controller()));
$controller = str_replace(".", "/", strtolower($this->request->controller()));
$menu = array(
'main' => array(),
'child' => array(),
);
$where['pid'] = 0;
$where['hide'] = 0;
$where['type'] = 'admin';
if (!config('develop_mode')) {
// 是否开发者模式
$where['is_dev'] = 0;
}
$row = Menu::where($where)->order('sort asc')->field("id,title,url,icon,'' as style")->select();
foreach ($row as $key => $value) {
//此处用来做权限判断
if (!IS_ROOT && !$this->checkRule(substr($value['url'], 1), 2, null)) {
unset($menu['main'][$value['id']]);
continue; //继续循环
}
if (false !== strripos($controller, $value['url'])) {
$value['style'] = "active";
}
$menu['main'][$value['id']] = $value;
}
// 查找当前子菜单
$pid = Menu::where("pid !=0 AND url like '%{$hover_url}%'")->value('pid');
$id = Menu::where("pid = 0 AND url like '%{$hover_url}%'")->value('id');
$pid = $pid ? $pid : $id;
if (strtolower($hover_url) == 'admin/content' || strtolower($hover_url) == 'admin/attribute') {
//内容管理菜单
$pid = Menu::where("pid =0 AND url like '%admin/category%'")->value('id');
}
if ($addon) {
//扩展管理菜单
$pid = Menu::where("pid =0 AND url like '%admin/addons%'")->value('id');
$this->getAddonsMenu();
}
if ($pid) {
$map['pid'] = $pid;
$map['hide'] = 0;
$map['type'] = 'admin';
$row = Menu::field("id,title,url,icon,`group`,pid,'' as style")->where($map)->order('sort asc')->select();
foreach ($row as $key => $value) {
if (IS_ROOT || $this->checkRule(substr($value['url'], 1), 2, null)) {
if ($controller == $value['url']) {
$menu['main'][$value['pid']]['style'] = "active";
$value['style'] = "active";
}
$menu['child'][$value['group']][] = $value;
}
}
}
View::assign('__menu__', $menu);
}
protected function getContentMenu() {
$list = [];
$menu = [];
$map[] = ['status', '>', 0];
$list = Model::where($map)->field("name,id,title,icon,'' as 'style'")->select();
//判断是否有模型权限
$models = AuthGroup::getAuthModels(session('userInfo.uid'));
foreach ($list as $key => $value) {
if (IS_ROOT || in_array($value['id'], $models)) {
if ('/admin/content/index' == $this->request->url() && input('model_id') == $value['id']) {
$value['style'] = "active";
}
$value['url'] = "/admin/" . $value['name'] . "/index";
$value['title'] = $value['title'] . "管理";
$value['icon'] = $value['icon'] ? $value['icon'] : 'file';
$menu[] = $value;
}
}
if (!empty($menu)) {
View::assign('extend_menu', array('内容管理' => $menu));
}
}
protected function getAddonsMenu() {
$list = array();
$map[] = ['isinstall', '>', 0];
$map[] = ['status', '>', 0];
$list = Addons::where($map)->field("name,id,title,'' as 'style'")->select();
$menu = array();
foreach ($list as $key => $value) {
$class = "\\addons\\" . strtolower($value['name']) . "\\controller\\Admin";
if (is_file($this->app->getRootPath() . '/addons/' . strtolower($value['name']) . "/controller/Admin.php")) {
$action = get_class_methods($class);
$value['url'] = "/addons/" . $value['name'] . "/admin/" . $action[0];
$menu[$key] = $value;
}
}
if (!empty($menu)) {
View::assign('extend_menu', array('管理插件' => $menu));
}
}
}

33
app/controller/admin/Upload.php
View File

@@ -1,19 +1,16 @@
<?php
// +----------------------------------------------------------------------
// | SentCMS [ WE CAN DO IT JUST THINK IT ]
// +----------------------------------------------------------------------
// | Copyright (c) 2013 http://www.tensent.cn All rights reserved.
// +----------------------------------------------------------------------
// | Author: molong <molong@tensent.cn> <http://www.tensent.cn>
// +----------------------------------------------------------------------
namespace app\controller\admin;
class Upload extends Base {
public function _empty() {
$controller = controller('common/Upload');
$action = $this->request->action();
return $controller->$action();
}
<?php
// +----------------------------------------------------------------------
// | SentCMS [ WE CAN DO IT JUST THINK IT ]
// +----------------------------------------------------------------------
// | Copyright (c) 2013 http://www.tensent.cn All rights reserved.
// +----------------------------------------------------------------------
// | Author: molong <molong@tensent.cn> <http://www.tensent.cn>
// +----------------------------------------------------------------------
namespace app\controller\admin;
use app\controller\Upload as Uploads;
class Upload extends Base {
use Uploads;
}

136
app/controller/user/Base.php
View File

@@ -1,69 +1,69 @@
<?php
// +----------------------------------------------------------------------
// | SentCMS [ WE CAN DO IT JUST THINK IT ]
// +----------------------------------------------------------------------
// | Copyright (c) 2013 http://www.tensent.cn All rights reserved.
// +----------------------------------------------------------------------
// | Author: molong <molong@tensent.cn> <http://www.tensent.cn>
// +----------------------------------------------------------------------
namespace app\controller\user;
use app\model\Form;
use app\model\Model;
use think\facade\Cache;
use think\facade\Config;
use think\facade\View;
class Base extends \app\controller\Base {
protected $outAuthUrl = ['user/index/login', 'user/index/logout', 'user/index/verify', 'user/index/register', 'user/index/forget', 'user/index/resetpasswd'];
protected function initialize() {
$url = str_replace(".", "/", strtolower($this->request->controller())) . '/' . $this->request->action();
if (!is_login() && !in_array($url, $this->outAuthUrl)) {
$this->redirect('/user/index/login');
}
if (!in_array($url, array('user/index/login', 'user/index/logout', 'user/index/verify'))) {
$map = [];
$model = Model::where($map)->column('name, title, icon', 'name');
View::assign('model', $model);
$form = Form::where($map)->column('id, name, title', 'name');
View::assign('form', $form);
View::assign('meta_title', isset($this->data['meta_title']) ? $this->data['meta_title'] : $this->getCurrentTitle());
}
}
protected function fetch($template = '') {
$config = Cache::get('system_config_data');
$this->tpl_config['view_depr'] = '_';
$pc_themes = $config['pc_themes'] ? $config['pc_themes'] . DIRECTORY_SEPARATOR : "";
$this->tpl_config['view_dir_name'] = 'public' . DIRECTORY_SEPARATOR . 'template' . DIRECTORY_SEPARATOR . $pc_themes;
if ($this->isMobile() && $config['mobile_themes']) {
$mobile_themes = $config['mobile_themes'] ? $config['mobile_themes'] . DIRECTORY_SEPARATOR : "";
$this->tpl_config['view_dir_name'] = 'public' . DIRECTORY_SEPARATOR . 'template' . DIRECTORY_SEPARATOR . $mobile_themes;
if (!file_exists($this->app->getRootPath() . $this->tpl_config['view_dir_name'])) {
$this->tpl_config['view_dir_name'] = 'public' . DIRECTORY_SEPARATOR . 'template' . DIRECTORY_SEPARATOR . $pc_themes;
}
}
if (!file_exists($this->app->getRootPath() . $this->tpl_config['view_dir_name'] . DIRECTORY_SEPARATOR . 'user')) {
$this->tpl_config['view_dir_name'] = 'public' . DIRECTORY_SEPARATOR . 'template' . DIRECTORY_SEPARATOR . 'default';
}
if ($template == '') {
$template = str_replace(".", "@", strtolower($this->request->controller())) . "/" . $this->request->action();
}
$template_path = str_replace("public", "", $this->tpl_config['view_dir_name']);
$this->tpl_config['tpl_replace_string'] = [
'__static__' => '/static',
'__img__' => $template_path . DIRECTORY_SEPARATOR . 'static/images',
'__css__' => $template_path . DIRECTORY_SEPARATOR . 'static/css',
'__js__' => $template_path . DIRECTORY_SEPARATOR . 'static/js',
'__plugins__' => '/static/plugins',
'__public__' => $template_path . DIRECTORY_SEPARATOR . 'static',
];
View::config($this->tpl_config);
View::assign($this->data);
return View::fetch($template);
}
<?php
// +----------------------------------------------------------------------
// | SentCMS [ WE CAN DO IT JUST THINK IT ]
// +----------------------------------------------------------------------
// | Copyright (c) 2013 http://www.tensent.cn All rights reserved.
// +----------------------------------------------------------------------
// | Author: molong <molong@tensent.cn> <http://www.tensent.cn>
// +----------------------------------------------------------------------
namespace app\controller\user;
use app\model\Form;
use app\model\Model;
use think\facade\Cache;
use think\facade\Config;
use think\facade\View;
class Base extends \app\controller\Base {
protected $outAuthUrl = ['user/index/login', 'user/index/logout', 'user/index/verify', 'user/index/register', 'user/index/forget', 'user/index/resetpasswd'];
protected function initialize() {
$url = str_replace(".", "/", strtolower($this->request->controller())) . '/' . $this->request->action();
if (!is_login() && !in_array($url, $this->outAuthUrl)) {
$this->redirect('/user/index/login');
}
if (!in_array($url, array('user/index/login', 'user/index/logout', 'user/index/verify'))) {
$map = [];
$model = Model::where($map)->column('name, title, icon', 'name');
View::assign('model', $model);
$form = Form::where($map)->column('id, name, title', 'name');
View::assign('form', $form);
View::assign('meta_title', isset($this->data['meta_title']) ? $this->data['meta_title'] : $this->getCurrentTitle());
}
}
protected function fetch($template = '') {
$config = Cache::get('system_config_data');
$this->tpl_config['view_depr'] = '_';
$pc_themes = $config['pc_themes'] ? $config['pc_themes'] . DIRECTORY_SEPARATOR : "";
$this->tpl_config['view_dir_name'] = 'public' . DIRECTORY_SEPARATOR . 'template' . DIRECTORY_SEPARATOR . $pc_themes;
if ($this->isMobile() && $config['mobile_themes']) {
$mobile_themes = $config['mobile_themes'] ? $config['mobile_themes'] . DIRECTORY_SEPARATOR : "";
$this->tpl_config['view_dir_name'] = 'public' . DIRECTORY_SEPARATOR . 'template' . DIRECTORY_SEPARATOR . $mobile_themes;
if (!file_exists($this->app->getRootPath() . $this->tpl_config['view_dir_name'])) {
$this->tpl_config['view_dir_name'] = 'public' . DIRECTORY_SEPARATOR . 'template' . DIRECTORY_SEPARATOR . $pc_themes;
}
}
if (!file_exists($this->app->getRootPath() . $this->tpl_config['view_dir_name'] . DIRECTORY_SEPARATOR . 'user')) {
$this->tpl_config['view_dir_name'] = 'public' . DIRECTORY_SEPARATOR . 'template' . DIRECTORY_SEPARATOR . 'default';
}
if ($template == '') {
$template = str_replace(".", "@", strtolower($this->request->controller())) . "/" . $this->request->action();
}
$template_path = str_replace("public", "", $this->tpl_config['view_dir_name']);
$this->tpl_config['tpl_replace_string'] = [
'__static__' => '/static',
'__img__' => $template_path . DIRECTORY_SEPARATOR . 'static/images',
'__css__' => $template_path . DIRECTORY_SEPARATOR . 'static/css',
'__js__' => $template_path . DIRECTORY_SEPARATOR . 'static/js',
'__plugins__' => '/static/plugins',
'__public__' => $template_path . DIRECTORY_SEPARATOR . 'static',
];
View::config($this->tpl_config);
View::assign($this->data);
return View::fetch($template);
}
}

171
route/app.php
View File

@@ -1,86 +1,87 @@
<?php
// +----------------------------------------------------------------------
// | ThinkPHP [ WE CAN DO IT JUST THINK ]
// +----------------------------------------------------------------------
// | Copyright (c) 2006~2018 http://thinkphp.cn All rights reserved.
// +----------------------------------------------------------------------
// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | Author: liu21st <liu21st@gmail.com>
// +----------------------------------------------------------------------
use think\facade\Route;
use think\facade\Cache;
use app\model\Model;
use app\model\Rewrite;
$model = Cache::get('model_list');
if (!$model) {
$model = Model::where('status', '>', 0)->field(['id', 'name'])->select()->toArray();
Cache::set('model_list', $model);
}
if (!empty($model)) {
foreach ($model as $value) {
Route::rule('/admin/' . $value['name'] . '/:function', 'admin.Content/:function')->append(['name'=>$value['name'], 'model_id' => $value['id']]);
Route::rule($value['name'] . '/index', 'front.Content/index')->append(['name'=>$value['name'], 'model_id' => $value['id']]);
Route::rule($value['name'] . '/list/:id', 'front.Content/lists')->append(['name'=>$value['name'], 'model_id' => $value['id']]);
Route::rule($value['name'] . '/detail-:id', 'front.Content/detail')->append(['name'=>$value['name'], 'model_id' => $value['id']]);
Route::rule('/user/' . $value['name'] . '/:function', 'user.Content/:function')->append(['name'=>$value['name'], 'model_id' => $value['id']]);
Route::rule('/api/' . $value['name'] . '/:function', 'api.Content/:function')->append(['name'=>$value['name'], 'model_id' => $value['id']]);
}
}
$rewrite = Cache::get('rewrite_list');
if (!$rewrite) {
$rewrite = Rewrite::select()->toArray();
Cache::set('rewrite_list', $rewrite);
}
if (!empty($rewrite)) {
foreach ($rewrite as $key => $value) {
$url = parse_url($value['url']);
$param = [];
parse_str($url['query'], $param);
Route::rule($value['rule'], $url['path'])->append($param);
}
}
Route::rule('/', 'front.Index/index');
Route::rule('search', 'front.Content/search');
Route::rule('category', 'front.Content/category');
Route::rule('topic-:id', 'front.Content/topic');
Route::rule('form/:id/[:name]', 'front.Form/index');
Route::rule('front/:controller/:function', 'front.:controller/:function');
Route::group('admin', function () {
Route::rule('/', 'admin.Index/index');
Route::rule('login', 'admin.Index/login');
Route::rule('logout', 'admin.Index/logout');
Route::rule('upload/:function', 'Upload/:function')->append(['from'=>'admin']);
Route::rule(':controller/:function', 'admin.:controller/:function');
});
Route::group('user', function () {
Route::rule('/', 'user.Index/index');
Route::rule('login', 'user.Index/login');
Route::rule('logout', 'user.Index/logout');
Route::rule('register', 'user.Index/register');
Route::rule('upload/:function', 'Upload/:function')->append(['from'=>'user']);
Route::rule(':controller/:function', 'user.:controller/:function');
});
Route::group('api', function () {
Route::rule('/', 'api.Index/index');
Route::rule('login', 'api.Login/index');
Route::rule('register', 'api.Login/register');
Route::rule('logout', 'api.Login/logout');
Route::rule('upload/:function', 'Upload/:function')->append(['from'=>'api']);
Route::rule(':controller/:function', 'api.:controller/:function');
})->allowCrossDomain([
'Access-Control-Allow-Origin' => '*',
'Access-Control-Allow-Credentials' => 'true',
'Access-Control-Allow-Headers' => 'authorization, token, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-Requested-With',
]);
<?php
// +----------------------------------------------------------------------
// | ThinkPHP [ WE CAN DO IT JUST THINK ]
// +----------------------------------------------------------------------
// | Copyright (c) 2006~2018 http://thinkphp.cn All rights reserved.
// +----------------------------------------------------------------------
// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | Author: liu21st <liu21st@gmail.com>
// +----------------------------------------------------------------------
use think\facade\Route;
use think\facade\Cache;
use app\model\Model;
use app\model\Rewrite;
use app\http\middleware\Validate;
use app\http\middleware\Admin;
$model = Cache::get('model_list');
if (!$model) {
$model = Model::where('status', '>', 0)->field(['id', 'name'])->select()->toArray();
Cache::set('model_list', $model);
}
if (!empty($model)) {
foreach ($model as $value) {
Route::rule('/admin/' . $value['name'] . '/:function', 'admin.Content/:function')->append(['name'=>$value['name'], 'model_id' => $value['id']]);
Route::rule($value['name'] . '/index', 'front.Content/index')->append(['name'=>$value['name'], 'model_id' => $value['id']]);
Route::rule($value['name'] . '/list/:id', 'front.Content/lists')->append(['name'=>$value['name'], 'model_id' => $value['id']]);
Route::rule($value['name'] . '/detail-:id', 'front.Content/detail')->append(['name'=>$value['name'], 'model_id' => $value['id']]);
Route::rule('/user/' . $value['name'] . '/:function', 'user.Content/:function')->append(['name'=>$value['name'], 'model_id' => $value['id']]);
Route::rule('/api/' . $value['name'] . '/:function', 'api.Content/:function')->append(['name'=>$value['name'], 'model_id' => $value['id']]);
}
}
$rewrite = Cache::get('rewrite_list');
if (!$rewrite) {
$rewrite = Rewrite::select()->toArray();
Cache::set('rewrite_list', $rewrite);
}
if (!empty($rewrite)) {
foreach ($rewrite as $key => $value) {
$url = parse_url($value['url']);
$param = [];
parse_str($url['query'], $param);
Route::rule($value['rule'], $url['path'])->append($param);
}
}
Route::rule('/', 'front.Index/index');
Route::rule('search', 'front.Content/search');
Route::rule('category', 'front.Content/category');
Route::rule('topic-:id', 'front.Content/topic');
Route::rule('form/:id/[:name]', 'front.Form/index');
Route::rule('front/:controller/:function', 'front.:controller/:function');
Route::group('admin', function () {
Route::rule('/', 'admin.Index/index');
Route::rule('login', 'admin.Index/login');
Route::rule('logout', 'admin.Index/logout');
Route::rule('upload/:function', 'admin.Upload/:function')->append(['from'=>'admin']);
Route::rule(':controller/:function', 'admin.:controller/:function');
});
Route::group('user', function () {
Route::rule('/', 'user.Index/index');
Route::rule('login', 'user.Index/login');
Route::rule('logout', 'user.Index/logout');
Route::rule('register', 'user.Index/register');
Route::rule('upload/:function', 'user.Upload/:function')->append(['from'=>'user']);
Route::rule(':controller/:function', 'user.:controller/:function');
});
Route::group('api', function () {
Route::rule('/', 'api.Index/index');
Route::rule('login', 'api.Login/index');
Route::rule('register', 'api.Login/register');
Route::rule('logout', 'api.Login/logout');
Route::rule('upload/:function', 'Upload/:function')->append(['from'=>'api']);
Route::rule(':controller/:function', 'api.:controller/:function');
})->allowCrossDomain([
'Access-Control-Allow-Origin' => '*',
'Access-Control-Allow-Credentials' => 'true',
'Access-Control-Allow-Headers' => 'authorization, token, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-Requested-With',
]);
Route::miss('front.Index/miss');