From 5ef77bb8f4b01d6a06d46a89dbcba86db47b0d15 Mon Sep 17 00:00:00 2001 From: tensent Date: Sat, 28 Mar 2020 16:52:28 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=E7=94=A8=E6=88=B7=E6=A8=A1?= =?UTF-8?q?=E5=9D=97?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .example.env | 2 +- app/common.php | 3 ++- app/controller/Base.php | 1 + app/controller/admin/Base.php | 4 ++-- app/controller/admin/User.php | 18 +++++++++++++----- app/http/middleware/Admin.php | 3 ++- 6 files changed, 21 insertions(+), 10 deletions(-) diff --git a/.example.env b/.example.env index c27f74ca..5342cb43 100755 --- a/.example.env +++ b/.example.env @@ -1 +1 @@ -APP_DEBUG = true [APP] DEFAULT_TIMEZONE = Asia/Shanghai [DATABASE] TYPE = mysql HOSTNAME = 127.0.0.1 DATABASE = test USERNAME = username PASSWORD = password HOSTPORT = 3306 CHARSET = utf8 DEBUG = true [LANG] default_lang = zh-cn \ No newline at end of file +APP_DEBUG = true rootuid = 1 [APP] DEFAULT_TIMEZONE = Asia/Shanghai [DATABASE] TYPE = mysql HOSTNAME = 127.0.0.1 DATABASE = test USERNAME = username PASSWORD = password HOSTPORT = 3306 CHARSET = utf8 DEBUG = true [LANG] default_lang = zh-cn \ No newline at end of file diff --git a/app/common.php b/app/common.php index 9bf894da..c5f8db3f 100755 --- a/app/common.php +++ b/app/common.php @@ -20,7 +20,8 @@ function is_login() { } function is_administrator() { - return true; + $user = Session::get('userInfo'); + return (int) $user['uid'] === (int) env('rootuid') ? true : false; } function form($field = [], $data = []) { diff --git a/app/controller/Base.php b/app/controller/Base.php index c24ca5d7..742a99c5 100644 --- a/app/controller/Base.php +++ b/app/controller/Base.php @@ -70,6 +70,7 @@ class Base { $config = Config::getConfigList($this->request); Cache::set('system_config_data', $config); } + config($config, 'config'); View::assign('config', $config); // 控制器初始化 $this->initialize(); diff --git a/app/controller/admin/Base.php b/app/controller/admin/Base.php index 1bc7392d..eb2c3714 100644 --- a/app/controller/admin/Base.php +++ b/app/controller/admin/Base.php @@ -42,9 +42,9 @@ class Base extends BaseC { // 是否是超级管理员 define('IS_ROOT', is_administrator()); - if (!IS_ROOT && \think\Config::get('admin_allow_ip')) { + if (!IS_ROOT && \think\facade\Config::get('config.admin_allow_ip')) { // 检查IP地址访问 - if (!in_array(get_client_ip(), explode(',', \think\Config::get('admin_allow_ip')))) { + if (!in_array(get_client_ip(), explode(',', \think\facade\Config::get('config.admin_allow_ip')))) { $this->error('403:禁止访问'); } } diff --git a/app/controller/admin/User.php b/app/controller/admin/User.php index 48657d1d..d60c1576 100644 --- a/app/controller/admin/User.php +++ b/app/controller/admin/User.php @@ -82,12 +82,20 @@ class User extends Base { * @title 删除用户 * @author colin */ - public function del($id) { - $uid = array('IN', is_array($id) ? implode(',', $id) : $id); + public function del() { + $uid = $this->request->param('id'); + + if ($this->request->rootUid == $uid) { + return $this->error('超级用户无法删除!'); + } + //获取用户信息 - $find = $this->getUserinfo($uid); - model('Member')->where(array('uid' => $uid))->delete(); - return $this->success('删除用户成功!'); + $result = Member::where('uid', $uid)->delete(); + if (false !== $result) { + return $this->success('删除用户成功!'); + }else{ + return $this->error('删除失败!'); + } } /** diff --git a/app/http/middleware/Admin.php b/app/http/middleware/Admin.php index c4d84da1..4fc5356f 100755 --- a/app/http/middleware/Admin.php +++ b/app/http/middleware/Admin.php @@ -16,7 +16,8 @@ use think\facade\Session; class Admin { public function handle($request, \Closure $next) { - $user = Session::get('user'); + $request->rootUid = env('rootuid'); + $request->user = Session::get('userInfo'); $request->url = str_replace(".", "/", strtolower($request->controller())) . '/' . $request->action(); $request->pageConfig = array(