molong/sentcms
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

1、后台的一些bug修复

Browse Source 
2、内核更新
3、后台的扩展模型做了一点更新一点,还不够完善
This commit is contained in:
molong
2016-07-19 14:08:00 +08:00
parent 124745c341
commit 783369c9e4
26 changed files with 492 additions and 238 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
application/admin/controller/Action.php
View File

@@ -42,8 +42,8 @@ class Action extends Admin {
$model = model('Action'); $model = model('Action');
if(IS_POST){ if(IS_POST){
$data = input('post.'); $data = input('post.');
$result = $model->save(); $result = $model->save($data);
if ($result) { if (false != $result) {
action_log('add_action', 'Action', $result, session('user_auth.uid')); action_log('add_action', 'Action', $result, session('user_auth.uid'));
return $this->success('添加成功!',url('index')); return $this->success('添加成功!',url('index'));
}else{ }else{

24
application/admin/controller/Ad.php
View File

@@ -43,8 +43,7 @@ class Ad extends Admin {
public function add(){ public function add(){
$place = model('AdPlace'); $place = model('AdPlace');
if (IS_POST) { if (IS_POST) {
$data = input('post.'); $result = $place->change();
$result = $place->save($data);
if (false !== false) { if (false !== false) {
return $this->success("添加成功!"); return $this->success("添加成功!");
}else{ }else{
@@ -63,17 +62,12 @@ class Ad extends Admin {
public function edit($id = null){ public function edit($id = null){
$place = model('AdPlace'); $place = model('AdPlace');
if (IS_POST) { if (IS_POST) {
$data = $this->request->post(); $result = $place->change();
if ($data) {
$result = $place->save($data,array('id'=>$data['id']));
if ($result) { if ($result) {
return $this->success("修改成功!", url('admin/ad/index')); return $this->success("修改成功!", url('admin/ad/index'));
}else{ }else{
return $this->error($this->adplace->getError()); return $this->error($this->adplace->getError());
} }
}else{
return $this->error($this->adplace->getError());
}
}else{ }else{
$info = db('AdPlace')->where(array('id'=>$id))->find(); $info = db('AdPlace')->where(array('id'=>$id))->find();
if (!$info) { if (!$info) {
@@ -122,17 +116,12 @@ class Ad extends Admin {
public function addad($id){ public function addad($id){
$ad = model('ad'); $ad = model('ad');
if (IS_POST) { if (IS_POST) {
$data = $this->request->post(); $result = $ad->change();
if ($data) {
$result = $ad->save($data);
if ($result) { if ($result) {
return $this->success("添加成功!", url('admin/ad/lists',array('id'=>$data['place_id']))); return $this->success("添加成功!", url('admin/ad/lists',array('id'=>$data['place_id'])));
}else{ }else{
return $this->error($ad->getError()); return $this->error($ad->getError());
} }
}else{
return $this->error($ad->getError());
}
}else{ }else{
$info['place_id'] = $id; $info['place_id'] = $id;
$data = array( $data = array(
@@ -148,17 +137,12 @@ class Ad extends Admin {
public function editad($id = null){ public function editad($id = null){
$ad = model('ad'); $ad = model('ad');
if (IS_POST) { if (IS_POST) {
$data = $this->request->post(); $result = $ad->change();
if ($data) {
$result = $ad->save($data,array('id'=>$data['id']));
if ($result) { if ($result) {
return $this->success("修改成功!", url('admin/ad/lists',array('id'=>$data['place_id']))); return $this->success("修改成功!", url('admin/ad/lists',array('id'=>$data['place_id'])));
}else{ }else{
return $this->error($ad->getError()); return $this->error($ad->getError());
} }
}else{
return $this->error($ad->getError());
}
}else{ }else{
$info = db('ad')->where(array('id'=>$id))->find(); $info = db('ad')->where(array('id'=>$id))->find();
if (!$info) { if (!$info) {

21
application/admin/controller/Addons.php
View File

@@ -24,28 +24,17 @@ class Addons extends Admin {
/** /**
* 插件列表 * 插件列表
*/ */
public function index(){ public function index($refresh = 0){
$row = $this->addons->getList(); if ($refresh) {
foreach($row as $key => $value){ $this->addons->refresh();
$value['status_text'] = '';
if($value['uninstall'] == 1){
$value['uninstall_text'] = '未安装';
}else{
$value['uninstall_text'] = '已安装';
if($value['status'] == 0){
$value['status_text'] = '禁用';
}else{
$value['status_text'] = '启用';
}
}
$list[] = $value;
} }
$list = $this->addons->order('id desc')->paginate(25);
// 记录当前列表页的cookie // 记录当前列表页的cookie
Cookie('__forward__',$_SERVER['REQUEST_URI']); Cookie('__forward__',$_SERVER['REQUEST_URI']);
$data = array( $data = array(
'list' => $list, 'list' => $list,
//'page' => $page->show() 'page' => $list->render()
); );
$this->setMeta("插件管理"); $this->setMeta("插件管理");
$this->assign($data); $this->assign($data);

2
application/admin/controller/Attribute.php
View File

@@ -75,7 +75,7 @@ class Attribute extends Admin {
if ($result) { if ($result) {
return $this->success("创建成功!",url('Attribute/index',array('model_id'=>$model_id))); return $this->success("创建成功!",url('Attribute/index',array('model_id'=>$model_id)));
}else{ }else{
return $this->error($this->model->getError(),''); return $this->error($this->model->getError());
} }
}else{ }else{
if (!$model_id) { if (!$model_id) {

7
application/admin/controller/Content.php
View File

@@ -84,7 +84,7 @@ class Content extends Admin{
if ($result) { if ($result) {
return $this->success("添加成功!", url('admin/content/index',array('model_id'=>$this->modelInfo['id']))); return $this->success("添加成功!", url('admin/content/index',array('model_id'=>$this->modelInfo['id'])));
}else{ }else{
return $this->error($this->model->getError(),''); return $this->error($this->model->getError(), url('admin/content/add',array('model_id'=>$this->modelInfo['id'])));
} }
}else{ }else{
$info = array( $info = array(
@@ -109,16 +109,15 @@ class Content extends Admin{
* 内容修改 * 内容修改
* @author molong <ycgpp@126.com> * @author molong <ycgpp@126.com>
*/ */
public function edit(){ public function edit($id){
if (IS_POST) { if (IS_POST) {
$result = $this->model->change(); $result = $this->model->change();
if ($result !== false) { if ($result !== false) {
return $this->success("更新成功!",url('admin/content/index',array('model_id'=>$this->modelInfo['id']))); return $this->success("更新成功!",url('admin/content/index',array('model_id'=>$this->modelInfo['id'])));
}else{ }else{
return $this->error($this->model->getError(),''); return $this->error($this->model->getError(), url('admin/content/edit',array('model_id'=>$this->modelInfo['id'],'id'=>$id)));
} }
}else{ }else{
$id = input('id','','trim,intval');
if (!$id) { if (!$id) {
return $this->error("非法操作!"); return $this->error("非法操作!");
} }

1
application/admin/view/addons/index.html
View File

@@ -57,6 +57,7 @@
{/volist} {/volist}
</tbody> </tbody>
</table> </table>
{$page}
</div> </div>
</div> </div>
</div> </div>

72
application/common.php
View File

@@ -983,26 +983,6 @@ function get_category_child($id){
return array_unique($ids); return array_unique($ids);
} }
function getContentNav($type, $info){
$data = array();
$map['model_id'] = $info['model_id'];
$map['category_id'] = $info['category_id'];
if ($type == 'prev') {
$map['id'] = array('gt',$info['id']);
$data = db('Document')->where($map)->order('id desc')->find();
}elseif ($type == 'next') {
$map['id'] = array('lt',$info['id']);
$data = db('Document')->where($map)->order('id asc')->find();
}
if (!empty($data)) {
$html = '<a href="' . url('index/content/detail',array('model_id'=>$info['model_id'], 'id'=>$data['id'])) . '">' . $data['title'] . '</a>';
}else{
$html = '没有了……';
}
return $html;
}
function send_email($to, $subject, $message){ function send_email($to, $subject, $message){
$config = array( $config = array(
'protocol' => 'smtp', 'protocol' => 'smtp',
@@ -1019,3 +999,55 @@ function send_email($to, $subject, $message){
return $email->send(); return $email->send();
} }
//php获取中文字符拼音首字母
function getFirstCharter($s0){
$fchar = ord($s0{0});
if($fchar >= ord("A") and $fchar <= ord("z") )return strtoupper($s0{0});
$s1 = \iconv("UTF-8","gb2312", $s0);
$s2 = \iconv("gb2312","UTF-8", $s1);
if($s2 == $s0){$s = $s1;}else{$s = $s0;}
$asc = ord($s{0}) * 256 + ord($s{1}) - 65536;
if($asc >= -20319 and $asc <= -20284) return "A";
if($asc >= -20283 and $asc <= -19776) return "B";
if($asc >= -19775 and $asc <= -19219) return "C";
if($asc >= -19218 and $asc <= -18711) return "D";
if($asc >= -18710 and $asc <= -18527) return "E";
if($asc >= -18526 and $asc <= -18240) return "F";
if($asc >= -18239 and $asc <= -17923) return "G";
if($asc >= -17922 and $asc <= -17418) return "H";
if($asc >= -17417 and $asc <= -16475) return "J";
if($asc >= -16474 and $asc <= -16213) return "K";
if($asc >= -16212 and $asc <= -15641) return "L";
if($asc >= -15640 and $asc <= -15166) return "M";
if($asc >= -15165 and $asc <= -14923) return "N";
if($asc >= -14922 and $asc <= -14915) return "O";
if($asc >= -14914 and $asc <= -14631) return "P";
if($asc >= -14630 and $asc <= -14150) return "Q";
if($asc >= -14149 and $asc <= -14091) return "R";
if($asc >= -14090 and $asc <= -13319) return "S";
if($asc >= -13318 and $asc <= -12839) return "T";
if($asc >= -12838 and $asc <= -12557) return "W";
if($asc >= -12556 and $asc <= -11848) return "X";
if($asc >= -11847 and $asc <= -11056) return "Y";
if($asc >= -11055 and $asc <= -10247) return "Z";
return null;
}
function PyFirst($zh){
$ret = "";
$s1 = \iconv("UTF-8","gb2312", $zh);
$s2 = \iconv("gb2312","UTF-8", $s1);
if($s2 == $zh){$zh = $s1;}
for($i = 0; $i < strlen($zh); $i++){
$s1 = substr($zh,$i,1);
$p = ord($s1);
if($p > 160){
$s2 = substr($zh,$i++,2);
$ret .= getFirstCharter($s2);
}else{
$ret .= $s1;
}
}
return $ret;
}

13
application/common/controller/Base.php
View File

@@ -79,7 +79,7 @@ class Base extends \think\Controller{
return $ret; return $ret;
} }
protected function setSeo($title = null,$keywords = null,$description = null){ protected function setSeo($title = '', $keywords = '', $description = ''){
$seo = array( $seo = array(
'title' => $title, 'title' => $title,
'keywords' => $keywords, 'keywords' => $keywords,
@@ -87,14 +87,11 @@ class Base extends \think\Controller{
); );
//获取还没有经过变量替换的META信息 //获取还没有经过变量替换的META信息
$meta = model('SeoRule')->getMetaOfCurrentPage($seo); $meta = model('SeoRule')->getMetaOfCurrentPage($seo);
foreach ($seo as $key => $value) { foreach ($seo as $key => $item) {
if (is_array($value)) { if (is_array($item)) {
foreach ($value as $k => $v) { $item = implode(',', $item);
$meta[$key] = str_replace("[".$k."]", $v . '|', $meta[$key]);
}
}else{
$meta[$key] = str_replace("[".$key."]", $value . '|', $meta[$key]);
} }
$meta[$key] = str_replace("[".$key."]", $item . '|', $meta[$key]);
} }
$data = array( $data = array(

29
application/common/model/Addons.php
View File

@@ -19,15 +19,27 @@ class Addons extends \app\common\model\Base {
protected $auto = array('status'); protected $auto = array('status');
protected $insert = array('create_time'); protected $insert = array('create_time');
protected function setStatusAttr(){ protected function setStatusAttr($value){
return 1; return 1;
} }
protected function setIsinstallAttr($value){
return 0;
}
protected function getStatusTextAttr($value, $data){
return $data['status'] ? "启用" : "禁用";
}
protected function getUninstallAttr($value, $data){
return 0;
}
/** /**
* 获取插件列表 * 更新插件列表
* @param string $addon_dir * @param string $addon_dir
*/ */
public function getList($addon_dir = ''){ public function refresh($addon_dir = ''){
if(!$addon_dir){ if(!$addon_dir){
$addon_dir = SENT_ADDON_PATH; $addon_dir = SENT_ADDON_PATH;
} }
@@ -36,13 +48,9 @@ class Addons extends \app\common\model\Base {
$this->error = '插件目录不可读或者不存在'; $this->error = '插件目录不可读或者不存在';
return FALSE; return FALSE;
} }
$addons = array();
$where['name'] = array('in',$dirs); $where['name'] = array('in',$dirs);
$list = db('Addons')->where($where)->field(true)->select(); $addons = $this->where($where)->select();
foreach($list as $addon){
$addon['uninstall'] = 0;
$addons[$addon['name']] = $addon;
}
foreach ($dirs as $value) { foreach ($dirs as $value) {
$value = ucfirst($value); $value = ucfirst($value);
if(!isset($addons[$value])){ if(!isset($addons[$value])){
@@ -61,9 +69,6 @@ class Addons extends \app\common\model\Base {
} }
} }
} }
int_to_string($addons, array('status'=>array(-1=>'损坏', 0=>'禁用', 1=>'启用', null=>'未安装')));
$addons = list_sort_by($addons,'uninstall','desc');
return $addons;
} }
/** /**

19
application/common/model/Attribute.php
View File

@@ -43,29 +43,26 @@ class Attribute extends Base{
} }
public function change(){ public function change(){
$data = input('post.'); $data = \think\Request::instance()->post();
if (!empty($data)) { if ($data['id']) {
$status = $this->validate('attribute.edit')->save($data, array('id'=>$data['id']));
}else{
$status = $this->validate('attribute.add')->save($data);
}
if (false !== $status) {
//在数据库内添加字段 //在数据库内添加字段
$result = $this->checkTableField($data); $result = $this->checkTableField($data);
if (!$result) { if (!$result) {
$this->error = "字段创建失败!"; $this->error = "字段创建失败!";
return false; return false;
} }
if ($data['id']) {
$status = $this->save($data, array('id'=>$data['id']));
}else{
$status = $this->save($data);
}
if (false !== $status) {
return $status; return $status;
}else{ }else{
$this->error = "添加失败!";
return false; return false;
} }
} }
}
public function del($id){ public function del($id){
$map['id'] = $id; $map['id'] = $id;

6
application/common/model/Document.php
View File

@@ -85,17 +85,15 @@ class Document extends \think\model\Merge{
/* 添加或新增基础内容 */ /* 添加或新增基础内容 */
if(empty($data['id'])){ //新增数据 if(empty($data['id'])){ //新增数据
unset($data['id']); unset($data['id']);
$id = $this->save($data); //添加基础内容 $id = $this->validate('document.edit')->save($data); //添加基础内容
if(!$id){ if(!$id){
$this->error = '添加基础内容出错!';
return false; return false;
} }
$data['id'] = $id; $data['id'] = $id;
} else { //更新数据 } else { //更新数据
$status = $this->save($data, array('id'=>$data['id'])); //更新基础内容 $status = $this->validate('document.edit')->save($data, array('id'=>$data['id'])); //更新基础内容
if(false === $status){ if(false === $status){
$this->error = '更新基础内容出错!';
return false; return false;
} }
} }

38
application/common/validate/Attribute.php Normal file
View File

@@ -0,0 +1,38 @@
<?php
// +----------------------------------------------------------------------
// | SentCMS [ WE CAN DO IT JUST THINK IT ]
// +----------------------------------------------------------------------
// | Copyright (c) 2013 http://www.tensent.cn All rights reserved.
// +----------------------------------------------------------------------
// | Author: molong <molong@tensent.cn> <http://www.tensent.cn>
// +----------------------------------------------------------------------
namespace app\common\validate;
/**
* 设置模型
*/
class Attribute extends Base{
protected $rule = array(
'name' => 'require|/^[a-zA-Z]\w{0,39}$/',
'title' => 'require',
'type' => 'require',
'length' => 'requireIn:type,textarea,editor|integer',
'remark' => 'require',
);
protected $message = array(
'length.requireIn' => '字段长度必须!',
'length.integer' => '字段必须为整形',
'name.require' => '字段名不能为空!',
'title.require' => '字段标题不能为空!',
'type.require' => '类型不能为空!',
'remark.require' => '描述不能为空!',
);
protected $scene = array(
'add' => 'name,title,type,remark,length',
'edit' => 'name,title,type,remark,length'
);
}

32
application/common/validate/Base.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
// +----------------------------------------------------------------------
// | SentCMS [ WE CAN DO IT JUST THINK IT ]
// +----------------------------------------------------------------------
// | Copyright (c) 2013 http://www.tensent.cn All rights reserved.
// +----------------------------------------------------------------------
// | Author: molong <molong@tensent.cn> <http://www.tensent.cn>
// +----------------------------------------------------------------------
namespace app\common\validate;
/**
* 设置模型
*/
class Base extends \think\Validate{
protected function requireIn($value, $rule, $data){
if (is_string($rule)) {
$rule = explode(',', $rule);
}else{
return true;
}
$field = array_shift($rule);
$val = $this->getDataValue($data, $field);
if (!in_array($val, $rule) && $value == '') {
return false;
} else {
return true;
}
}
}

2
application/common/validate/Config.php
View File

@@ -12,7 +12,7 @@ namespace app\common\validate;
/** /**
* 设置模型 * 设置模型
*/ */
class Config extends \think\Validate{ class Config extends Base{
protected $rule = array( protected $rule = array(
'name' => 'require|unique', 'name' => 'require|unique',

29
application/common/validate/Document.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
// +----------------------------------------------------------------------
// | SentCMS [ WE CAN DO IT JUST THINK IT ]
// +----------------------------------------------------------------------
// | Copyright (c) 2013 http://www.tensent.cn All rights reserved.
// +----------------------------------------------------------------------
// | Author: molong <molong@tensent.cn> <http://www.tensent.cn>
// +----------------------------------------------------------------------
namespace app\common\validate;
/**
* 设置模型
*/
class Document extends Base{
protected $rule = array(
'title' => 'require',
);
protected $message = array(
'title.require' => '字段标题不能为空!',
);
protected $scene = array(
'add' => 'title',
'edit' => 'title'
);
}

2
application/common/validate/Member.php
View File

@@ -12,7 +12,7 @@ namespace app\common\validate;
/** /**
* 设置模型 * 设置模型
*/ */
class Member extends \think\Validate{ class Member extends Base{
protected $rule = array( protected $rule = array(
'username' => 'require|unique:member|/^[a-zA-Z]\w{0,39}$/', 'username' => 'require|unique:member|/^[a-zA-Z]\w{0,39}$/',

2
application/common/validate/Model.php
View File

@@ -12,7 +12,7 @@ namespace app\common\validate;
/** /**
* 设置模型 * 设置模型
*/ */
class Model extends \think\Validate{ class Model extends Base{
protected $rule = array( protected $rule = array(
'name' => 'require|unique:model|/^[a-zA-Z]\w{0,39}$/', 'name' => 'require|unique:model|/^[a-zA-Z]\w{0,39}$/',

5
application/index/controller/Content.php
View File

@@ -96,7 +96,10 @@ class Content extends Fornt{
} }
$cate = $this->getCategory($id); $cate = $this->getCategory($id);
$map = array(); $category = get_category_child($id);
$map = array(
'category_id' => array('IN', $category)
);
$order = "id desc"; $order = "id desc";
$list = model('Document')->where($map)->order($order)->paginate(15); $list = model('Document')->where($map)->order($order)->paginate(15);

2
core/convention.php
View File

@@ -77,8 +77,6 @@ return [
'url_html_suffix' => 'html', 'url_html_suffix' => 'html',
// URL普通方式参数 用于自动生成 // URL普通方式参数 用于自动生成
'url_common_param' => false, 'url_common_param' => false,
//url禁止访问的后缀
'url_deny_suffix' => 'ico|png|gif|jpg',
// URL参数方式 0 按名称成对解析 1 按顺序解析 // URL参数方式 0 按名称成对解析 1 按顺序解析
'url_param_type' => 0, 'url_param_type' => 0,
// 是否开启路由 // 是否开启路由

16
core/extend/com/Sent.php
View File

@@ -139,26 +139,24 @@ class Sent extends Taglib{
$cate = !empty($tag['cate']) ? $tag['cate'] : ''; $cate = !empty($tag['cate']) ? $tag['cate'] : '';
$model_id = !empty($tag['model']) ? $tag['model'] : ''; $model_id = !empty($tag['model']) ? $tag['model'] : '';
$map = "category_id = ".$cate." and model_id=".$model_id." and id < ".$id;
$parse = '<?php '; $parse = '<?php ';
$parse .= '$__DATA__ = db(\'Document\')->where("' . $map . '")->order(\'id asc\')->find();'; $parse .= '$map = "category_id=" . ' . $cate . ' . " and model_id=" . ' . $model_id . ' . " and id>".' . $id . ';';
$parse .= '$prev = db(\'Document\')->where($map)->order(\'id asc\')->find();if(!empty($prev)){ ?>';
$parse .= $content; $parse .= $content;
$parse .= '}?>'; $parse .= '<?php } ?>';
return $parse; return $parse;
} }
public function tagnext($tag, $content){ public function tagnext($tag, $content){
$id = !empty($tag['id']) ? $tag['id'] : ''; $id = !empty($tag['id']) ? ($tag['id']) : '';
$cate = !empty($tag['cate']) ? $tag['cate'] : ''; $cate = !empty($tag['cate']) ? $tag['cate'] : '';
$model_id = !empty($tag['model']) ? $tag['model'] : ''; $model_id = !empty($tag['model']) ? $tag['model'] : '';
$map = "category_id = ".$cate." and model_id=".$model_id." and id < ".$id;
$parse = '<?php '; $parse = '<?php ';
$parse .= '$__DATA__ = db(\'Document\')->where("' . $map . '")->order(\'id asc\')->find();'; $parse .= '$map = "category_id=" . ' . $cate . ' . " and model_id=" . ' . $model_id . ' . " and id<".' . $id . ';';
$parse .= '$next = db(\'Document\')->where($map)->order(\'id desc\')->find();if(!empty($next)){ ?>';
$parse .= $content; $parse .= $content;
$parse .= '}?>'; $parse .= '<?php } ?>';
return $parse; return $parse;
} }
} }

9
core/library/think/App.php
View File

@@ -77,6 +77,10 @@ class App
{ {
is_null($request) && $request = Request::instance(); is_null($request) && $request = Request::instance();
if ('ico' == $request->ext()) {
throw new HttpException(404, 'ico file not exists');
}
$config = self::initCommon(); $config = self::initCommon();
try { try {
@@ -461,11 +465,6 @@ class App
*/ */
public static function routeCheck($request, array $config) public static function routeCheck($request, array $config)
{ {
// 检测URL禁用后缀
if ($config['url_deny_suffix'] && preg_match('/\.(' . $config['url_deny_suffix'] . ')$/i', $request->pathinfo())) {
throw new Exception('url suffix deny:' . $request->ext());
}
$path = $request->path(); $path = $request->path();
$depr = $config['pathinfo_depr']; $depr = $config['pathinfo_depr'];
$result = false; $result = false;

123
core/library/think/File.php
View File

@@ -25,6 +25,8 @@ class File extends SplFileObject
protected $filename; protected $filename;
// 文件上传命名规则 // 文件上传命名规则
protected $rule = 'date'; protected $rule = 'date';
// 文件上传验证规则
protected $validate = [];
// 单元测试 // 单元测试
protected $isTest; protected $isTest;
// 上传文件信息 // 上传文件信息
@@ -108,6 +110,17 @@ class File extends SplFileObject
return $this; return $this;
} }
/**
* 设置上传文件的验证规则
* @param array $rule 验证规则
* @return $this
*/
public function validate($rule = [])
{
$this->validate = $rule;
return $this;
}
/** /**
* 检测是否合法的上传文件 * 检测是否合法的上传文件
* @return bool * @return bool
@@ -120,6 +133,106 @@ class File extends SplFileObject
return is_uploaded_file($this->filename); return is_uploaded_file($this->filename);
} }
/**
* 检测上传文件
* @param array $rule 验证规则
* @return bool
*/
public function check($rule = [])
{
$rule = $rule ?: $this->validate;
/* 检查文件大小 */
if (isset($rule['size']) && !$this->checkSize($rule['size'])) {
$this->error = '上传文件大小不符!';
return false;
}
/* 检查文件Mime类型 */
if (isset($rule['type']) && !$this->checkMime($rule['type'])) {
$this->error = '上传文件MIME类型不允许';
return false;
}
/* 检查文件后缀 */
if (isset($rule['ext']) && !$this->checkExt($rule['ext'])) {
$this->error = '上传文件后缀不允许';
return false;
}
/* 检查图像文件 */
if (!$this->checkImg()) {
$this->error = '非法图像文件!';
return false;
}
return true;
}
/**
* 检测上传文件后缀
* @param array|string $ext 允许后缀
* @return bool
*/
public function checkExt($ext)
{
if (is_string($ext)) {
$ext = explode(',', $ext);
}
$extension = strtolower(pathinfo($this->getInfo('name'), PATHINFO_EXTENSION));
if (!in_array($extension, $ext)) {
return false;
}
return true;
}
/**
* 检测图像文件
* @return bool
*/
public function checkImg()
{
$extension = strtolower(pathinfo($this->getInfo('name'), PATHINFO_EXTENSION));
/* 对图像文件进行严格检测 */
if (in_array($extension, array('gif', 'jpg', 'jpeg', 'bmp', 'png', 'swf'))) {
$imginfo = getimagesize($this->filename);
if (empty($imginfo) || ('gif' == $extension && empty($imginfo['bits']))) {
return false;
}
}
return true;
}
/**
* 检测上传文件大小
* @param integer $size 最大大小
* @return bool
*/
public function checkSize($size)
{
if ($this->getSize() > $size) {
return false;
}
return true;
}
/**
* 检测上传文件类型
* @param array|string $mime 允许类型
* @return bool
*/
public function checkMime($mime)
{
if (is_string($mime)) {
$mime = explode(',', $mime);
}
if (!in_array(strtolower($this->getMime()), $mime)) {
return false;
}
return true;
}
/** /**
* 移动文件 * 移动文件
* @param string $path 保存路径 * @param string $path 保存路径
@@ -135,6 +248,10 @@ class File extends SplFileObject
return false; return false;
} }
// 验证上传
if (!$this->check()) {
return false;
}
$path = rtrim($path, DS) . DS; $path = rtrim($path, DS) . DS;
// 文件保存命名规则 // 文件保存命名规则
$savename = $this->getSaveName($savename); $savename = $this->getSaveName($savename);
@@ -189,12 +306,12 @@ class File extends SplFileObject
$savename = call_user_func($this->rule); $savename = call_user_func($this->rule);
} }
} }
if (!strpos($savename, '.')) {
$savename .= '.' . pathinfo($this->getInfo('name'), PATHINFO_EXTENSION);
}
} elseif ('' === $savename) { } elseif ('' === $savename) {
$savename = $this->getInfo('name'); $savename = $this->getInfo('name');
} }
if (!strpos($savename, '.')) {
$savename .= '.' . pathinfo($this->getInfo('name'), PATHINFO_EXTENSION);
}
return $savename; return $savename;
} }

11
core/library/think/Request.php
View File

@@ -623,6 +623,12 @@ class Request
// 当前请求参数和URL地址中的参数合并 // 当前请求参数和URL地址中的参数合并
$this->param = array_merge($this->route(false), $this->get(false), $vars); $this->param = array_merge($this->route(false), $this->get(false), $vars);
} }
if (true === $name) {
// 获取包含文件上传信息的数组
$file = $this->file();
$data = array_merge($this->param, $file);
return $this->input($data, '', $default, $filter);
}
return $this->input($this->param, $name, $default, $filter); return $this->input($this->param, $name, $default, $filter);
} }
@@ -934,6 +940,9 @@ class Request
return $default; return $default;
} }
} }
if (is_object($data)) {
return $data;
}
} }
// 解析过滤器 // 解析过滤器
@@ -986,7 +995,7 @@ class Request
if (is_callable($filter)) { if (is_callable($filter)) {
// 调用函数或者方法过滤 // 调用函数或者方法过滤
$value = call_user_func($filter, $value); $value = call_user_func($filter, $value);
} else { } elseif (is_scalar($value)) {
if (strpos($filter, '/')) { if (strpos($filter, '/')) {
// 正则过滤 // 正则过滤
if (!preg_match($filter, $value)) { if (!preg_match($filter, $value)) {

3
core/library/think/Route.php
View File

@@ -745,7 +745,7 @@ class Route
continue; continue;
} }
if ($group) { if ($group) {
$rule = $group . '/' . ltrim($rule, '/'); $rule = $group . ($rule ? '/' . ltrim($rule, '/') : '');
} }
$result = self::checkRule($rule, $route, $url, $pattern, $option); $result = self::checkRule($rule, $route, $url, $pattern, $option);
if (false !== $result) { if (false !== $result) {
@@ -916,6 +916,7 @@ class Route
// 请求类型检测 // 请求类型检测
if ((isset($option['method']) && false === stripos($option['method'], $request->method())) if ((isset($option['method']) && false === stripos($option['method'], $request->method()))
|| (isset($option['ext']) && false === stripos($option['ext'], $request->ext())) // 伪静态后缀检测 || (isset($option['ext']) && false === stripos($option['ext'], $request->ext())) // 伪静态后缀检测
|| (isset($option['deny_ext']) && false !== stripos($option['deny_ext'], $request->ext()))
|| (isset($option['domain']) && !in_array($option['domain'], [$_SERVER['HTTP_HOST'], self::$subDomain])) // 域名检测 || (isset($option['domain']) && !in_array($option['domain'], [$_SERVER['HTTP_HOST'], self::$subDomain])) // 域名检测
|| (!empty($option['https']) && !$request->isSsl()) // https检测 || (!empty($option['https']) && !$request->isSsl()) // https检测
|| (!empty($option['before_behavior']) && false === Hook::exec($option['before_behavior'], '', $url)) // 行为检测 || (!empty($option['before_behavior']) && false === Hook::exec($option['before_behavior'], '', $url)) // 行为检测

124
core/library/think/Validate.php
View File

@@ -11,7 +11,6 @@
namespace think; namespace think;
use think\Exception;
use think\Request; use think\Request;
class Validate class Validate
@@ -44,6 +43,7 @@ class Validate
'accepted' => ':attribute必须是yes、on或者1', 'accepted' => ':attribute必须是yes、on或者1',
'date' => ':attribute格式不符合', 'date' => ':attribute格式不符合',
'file' => ':attribute不是有效的上传文件', 'file' => ':attribute不是有效的上传文件',
'image' => ':attribute不是有效的图像文件',
'alpha' => ':attribute只能是字母', 'alpha' => ':attribute只能是字母',
'alphaNum' => ':attribute只能是字母和数字', 'alphaNum' => ':attribute只能是字母和数字',
'alphaDash' => ':attribute只能是字母、数字和下划线_及破折号-', 'alphaDash' => ':attribute只能是字母、数字和下划线_及破折号-',
@@ -80,6 +80,7 @@ class Validate
'fileSize' => '上传文件大小不符', 'fileSize' => '上传文件大小不符',
'fileExt' => '上传文件后缀不符', 'fileExt' => '上传文件后缀不符',
'fileMime' => '上传文件类型不符', 'fileMime' => '上传文件类型不符',
]; ];
// 当前验证场景 // 当前验证场景
@@ -386,33 +387,6 @@ class Validate
return true !== $result ? $result : true; return true !== $result ? $result : true;
} }
/**
* 验证表单令牌(需要配置令牌生成行为)
* @access protected
* @param mixed $value 字段值
* @param mixed $rule 验证规则
* @param array $data 数据
* @return bool
*/
protected function token($value, $rule, $data)
{
if (!isset($data[$rule]) || !isset($_SESSION[$rule])) {
// 令牌数据无效
return false;
}
// 令牌验证
list($key, $value) = explode('_', $data[$rule]);
if (isset($_SESSION[$rule][$key]) && $value && $_SESSION[$rule][$key] === $value) {
// 防止重复提交
unset($_SESSION[$rule][$key]); // 验证完成销毁session
return true;
}
// 开启TOKEN重置
unset($_SESSION[$rule][$key]);
return false;
}
/** /**
* 验证是否和某个字段的值一致 * 验证是否和某个字段的值一致
* @access protected * @access protected
@@ -570,8 +544,10 @@ class Validate
$result = is_array($value); $result = is_array($value);
break; break;
case 'file': case 'file':
$file = Request::instance()->file($value); $result = $value instanceof \think\File;
$result = !empty($file); break;
case 'image':
$result = $value instanceof \think\File && in_array(exif_imagetype($value->getRealPath()), [1, 2, 3, 6]);
break; break;
default: default:
if (isset(self::$type[$rule])) { if (isset(self::$type[$rule])) {
@@ -615,14 +591,13 @@ class Validate
/** /**
* 验证上传文件后缀 * 验证上传文件后缀
* @access protected * @access protected
* @param mixed $value 字段值 * @param mixed $file 上传文件
* @param mixed $rule 验证规则 * @param mixed $rule 验证规则
* @return bool * @return bool
*/ */
protected function fileExt($value, $rule) protected function fileExt($file, $rule)
{ {
$file = Request::instance()->file($value); if (!($file instanceof \think\File)) {
if (empty($file)) {
return false; return false;
} }
if (is_string($rule)) { if (is_string($rule)) {
@@ -630,27 +605,26 @@ class Validate
} }
if (is_array($file)) { if (is_array($file)) {
foreach ($file as $item) { foreach ($file as $item) {
if (!in_array(strtolower($item->getExtension()), $rule)) { if (!$item->checkExt($rule)) {
return false; return false;
} }
} }
return true; return true;
} else { } else {
return in_array(strtolower($file->getExtension()), $rule); return $file->checkExt($rule);
} }
} }
/** /**
* 验证上传文件类型 * 验证上传文件类型
* @access protected * @access protected
* @param mixed $value 字段值 * @param mixed $file 上传文件
* @param mixed $rule 验证规则 * @param mixed $rule 验证规则
* @return bool * @return bool
*/ */
protected function fileMime($value, $rule) protected function fileMime($file, $rule)
{ {
$file = Request::instance()->file($value); if (!($file instanceof \think\File)) {
if (empty($file)) {
return false; return false;
} }
if (is_string($rule)) { if (is_string($rule)) {
@@ -658,44 +632,67 @@ class Validate
} }
if (is_array($file)) { if (is_array($file)) {
foreach ($file as $item) { foreach ($file as $item) {
if (!in_array(strtolower($item->getMime()), $rule)) { if (!$item->checkMime($rule)) {
return false; return false;
} }
} }
return true; return true;
} else { } else {
return in_array(strtolower($file->getMime()), $rule); return $file->checkMime($rule);
} }
} }
/** /**
* 验证上传文件大小 * 验证上传文件大小
* @access protected * @access protected
* @param mixed $value 字段值 * @param mixed $file 上传文件
* @param mixed $rule 验证规则 * @param mixed $rule 验证规则
* @return bool * @return bool
*/ */
protected function fileSize($value, $rule) protected function fileSize($file, $rule)
{ {
$file = Request::instance()->file($value); if (!($file instanceof \think\File)) {
if (empty($file)) {
return false; return false;
} }
if (is_string($rule)) {
$rule = explode(',', $rule);
}
if (is_array($file)) { if (is_array($file)) {
foreach ($file as $item) { foreach ($file as $item) {
if ($item->getSize() > $rule) { if (!$item->checkSize($rule)) {
return false; return false;
} }
} }
return true; return true;
} else { } else {
return $file->getSize() <= $rule; return $file->checkSize($rule);
} }
} }
/**
* 验证图片的宽高及类型
* @access protected
* @param mixed $file 上传文件
* @param mixed $rule 验证规则
* @return bool
*/
protected function image($file, $rule)
{
if (!($file instanceof \think\File)) {
return false;
}
$rule = explode(',', $rule);
list($width, $height, $type) = getimagesize($file->getRealPath());
if (isset($rule[2])) {
$imageType = strtolower($rule[2]);
if ('jpeg' == $imageType) {
$imageType = 'jpg';
}
if (image_type_to_extension($type) != $imageType) {
return false;
}
}
list($w, $h) = $rule;
return $w == $width && $h == $height;
}
/** /**
* 验证请求类型 * 验证请求类型
* @access protected * @access protected
@@ -915,7 +912,14 @@ class Validate
*/ */
protected function length($value, $rule) protected function length($value, $rule)
{ {
$length = strlen((string) $value); // 当前数据长度 if (is_array($value)) {
$length = count($value);
} elseif ($value instanceof \think\File) {
$length = $value->getSize();
} else {
$length = mb_strlen((string) $value);
}
if (strpos($rule, ',')) { if (strpos($rule, ',')) {
// 长度区间 // 长度区间
list($min, $max) = explode(',', $rule); list($min, $max) = explode(',', $rule);
@@ -935,7 +939,13 @@ class Validate
*/ */
protected function max($value, $rule) protected function max($value, $rule)
{ {
$length = strlen((string) $value); if (is_array($value)) {
$length = count($value);
} elseif ($value instanceof \think\File) {
$length = $value->getSize();
} else {
$length = mb_strlen((string) $value);
}
return $length <= $rule; return $length <= $rule;
} }
@@ -948,7 +958,13 @@ class Validate
*/ */
protected function min($value, $rule) protected function min($value, $rule)
{ {
$length = strlen((string) $value); if (is_array($value)) {
$length = count($value);
} elseif ($value instanceof \think\File) {
$length = $value->getSize();
} else {
$length = mb_strlen((string) $value);
}
return $length >= $rule; return $length >= $rule;
} }

12
core/library/think/view/driver/Php.php
View File

@@ -67,9 +67,15 @@ class Php
} }
// 记录视图信息 // 记录视图信息
App::$debug && Log::record('[ VIEW ] ' . $template . ' [ ' . var_export(array_keys($data), true) . ' ]', 'info'); App::$debug && Log::record('[ VIEW ] ' . $template . ' [ ' . var_export(array_keys($data), true) . ' ]', 'info');
if (isset($data['template'])) {
$__template__ = $template;
extract($data, EXTR_OVERWRITE);
include $__template__;
} else {
extract($data, EXTR_OVERWRITE); extract($data, EXTR_OVERWRITE);
include $template; include $template;
} }
}
/** /**
* 渲染模板内容 * 渲染模板内容
@@ -80,9 +86,15 @@ class Php
*/ */
public function display($content, $data = []) public function display($content, $data = [])
{ {
if (isset($data['content'])) {
$__content__ = $content;
extract($data, EXTR_OVERWRITE);
eval('?>' . $__content__);
} else {
extract($data, EXTR_OVERWRITE); extract($data, EXTR_OVERWRITE);
eval('?>' . $content); eval('?>' . $content);
} }
}
/** /**
* 自动定位模板文件 * 自动定位模板文件