From ad1f4c029e1fdb999daf49a56b5779a72f16cc39 Mon Sep 17 00:00:00 2001 From: molong Date: Fri, 15 Jul 2016 11:59:56 +0800 Subject: [PATCH] =?UTF-8?q?1=E3=80=81=E5=86=85=E6=A0=B8=E4=BF=AE=E5=A4=8D?= =?UTF-8?q?=202=E3=80=81=E7=94=A8=E6=88=B7=E6=A8=A1=E5=9D=97=E5=AE=8C?= =?UTF-8?q?=E5=96=84=E5=92=8Cbug=E4=BF=AE=E5=A4=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- application/admin/controller/User.php | 101 ++---------------- application/admin/view/user/editpwd.html | 2 +- application/common/model/User.php | 79 +++++++------- application/common/validate/Member.php | 11 +- .../common/view/default/form/editor.html | 1 + .../common/view/default/form/show.html | 10 +- application/user/controller/Profile.php | 4 +- core/library/think/Route.php | 5 +- core/library/think/Url.php | 14 +-- core/library/think/Validate.php | 20 ++++ core/library/think/db/connector/Sqlsrv.php | 1 - core/library/think/model/Relation.php | 27 +++-- core/library/think/response/Json.php | 8 +- core/library/think/response/Jsonp.php | 13 ++- 14 files changed, 122 insertions(+), 174 deletions(-) diff --git a/application/admin/controller/User.php b/application/admin/controller/User.php index f841f4c4..1d7a38b4 100644 --- a/application/admin/controller/User.php +++ b/application/admin/controller/User.php @@ -38,8 +38,8 @@ class User extends Admin{ } /** - * create - * @author colin + * 添加用户 + * @author colin */ public function add(){ $model = \think\Loader::model('User'); @@ -77,24 +77,13 @@ class User extends Admin{ $model = model('User'); if(IS_POST){ $data = $this->request->post(); - if(!$data){ - return $this->error($this->showRegError($model->getError())); - } - //为空 - if($data['password'] == ''){ - unset($data['password']); - unset($data['salt']); - }else{ - $data['salt'] = rand_string(); - $data['password'] = md5($password.$data['salt']); - } - $reuslt = $model->save($data,array('uid'=>$data['uid'])); + $reuslt = $model->editUser($data, true); - if (false != $reuslt) { + if (false !== $reuslt) { return $this->success('修改成功!', url('admin/user/index')); }else{ - return $this->error('修改失败!'); + return $this->error($model->getError(), ''); } }else{ $info = $this->getUserinfo(); @@ -236,25 +225,10 @@ class User extends Admin{ */ public function editpwd() { if (IS_POST) { - $user = \think\Loader::model('User'); - //获取参数 - $password = input('post.old'); - if(empty($password)){ - return $this->error('请输入原密码'); - } - $data['password'] = input('post.password'); - if (empty($data['password'])) { - return $this->error('请输入新密码'); - } - $repassword = input('post.repassword'); - if (empty($repassword)) { - return $this->error('请输入确认密码'); - } - - if ($data['password'] !== $repassword) { - return $this->error('您输入的新密码与确认密码不一致'); - } - $res = $user->updateUserFields(UID, $password, $data); + $user = model('User'); + $data = $this->request->post(); + + $res = $user->editpw($data); if ($res) { return $this->success('修改密码成功!'); }else { @@ -297,61 +271,4 @@ class User extends Admin{ return $this->error('参数非法'); } } - - /** - * 获取用户注册错误信息 - * @param integer $code 错误编码 - * @return string 错误信息 - */ - private function showRegError($code = 0) { - switch ($code) { - case -1: - $error = '用户名长度必须在16个字符以内!'; - break; - - case -2: - $error = '用户名被禁止注册!'; - break; - - case -3: - $error = '用户名被占用!'; - break; - - case -4: - $error = '密码长度必须在6-30个字符之间!'; - break; - - case -5: - $error = '邮箱格式不正确!'; - break; - - case -6: - $error = '邮箱长度必须在1-32个字符之间!'; - break; - - case -7: - $error = '邮箱被禁止注册!'; - break; - - case -8: - $error = '邮箱被占用!'; - break; - - case -9: - $error = '手机格式不正确!'; - break; - - case -10: - $error = '手机被禁止注册!'; - break; - - case -11: - $error = '手机号被占用!'; - break; - - default: - $error = '未知错误'; - } - return $error; - } } \ No newline at end of file diff --git a/application/admin/view/user/editpwd.html b/application/admin/view/user/editpwd.html index 9b830a56..cc2771b9 100644 --- a/application/admin/view/user/editpwd.html +++ b/application/admin/view/user/editpwd.html @@ -17,7 +17,7 @@
- +
diff --git a/application/common/model/User.php b/application/common/model/User.php index d7095d83..0d5674ee 100644 --- a/application/common/model/User.php +++ b/application/common/model/User.php @@ -68,8 +68,8 @@ class User extends Base{ return 1; } - protected function setPasswordAttr($value){ - return md5($value.$this->data['salt']); + protected function setPasswordAttr($value, $data){ + return md5($value.$data['salt']); } /** @@ -182,12 +182,20 @@ class User extends Base{ } } - public function change(){ - $data = input('post.'); + /** + * 修改用户资料 + */ + public function editUser($data, $ischangepwd = false){ if ($data['uid']) { + if (!$ischangepwd || ($ischangepwd && $data['password'] == '')) { + unset($data['salt']); + unset($data['password']); + }else{ + $data['salt'] = rand_string(6); + } $result = $this->validate('member.edit')->save($data, array('uid'=>$data['uid'])); if ($result) { - $result = $this->extend->save($data, array('uid'=>$data['uid'])); + return $this->extend->save($data, array('uid'=>$data['uid'])); }else{ return false; } @@ -197,46 +205,39 @@ class User extends Base{ } } - public function editpw(){ - $data = input('post.'); - $username = session('user_auth.username'); - $uid = session('user_auth.uid'); - $result = $this->checkPassword($username,$data['oldpassword']); - if (!$result) { + public function editpw($data, $is_reset = false){ + $uid = $is_reset ? $data['uid'] : session('user_auth.uid'); + if (!$is_reset) { + //后台修改用户时可修改用户密码时设置为true + $this->checkPassword($uid,$data['oldpassword']); + + $validate = $this->validate('member.password'); + if (false === $validate) { + return false; + } + } + + $data['salt'] = rand_string(6); + + return $this->save($data, array('uid'=>$uid)); + } + + protected function checkPassword($uid,$password){ + if (!$uid || !$password) { + $this->error = '原始用户UID和密码不能为空'; + return false; + } + + $user = $this->where(array('uid'=>$uid))->find(); + if (md5($password.$user['salt']) === $user['password']) { + return true; + }else{ $this->error = '原始密码错误!'; return false; } - if (!$data['password']) { - $this->error = '密码不能为空!'; - return false; - } - if ($data['password'] !== $data['repassword']) { - $this->error = '密码和确认密码不相同!'; - return false; - } - if (!$uid) { - return false; - } - $data['salt'] = rand_string(6); - $data['password'] = md5($data['password'].$data['salt']); - $data['uid'] = $uid; - return $this->db()->where(array('uid'=>$uid))->update($data); } public function extend(){ return $this->hasOne('MemberExtend', 'uid'); } - - protected function checkPassword($username,$password){ - if (!$username || !$password) { - return false; - } - - $user = $this->db()->where(array('username'=>$username))->find()->toArray(); - if (md5($password.$user['salt']) === $user['password']) { - return true; - }else{ - return false; - } - } } \ No newline at end of file diff --git a/application/common/validate/Member.php b/application/common/validate/Member.php index c0e8bf4c..1e83efa3 100644 --- a/application/common/validate/Member.php +++ b/application/common/validate/Member.php @@ -15,10 +15,11 @@ namespace app\common\validate; class Member extends \think\Validate{ protected $rule = array( - 'username' => 'require|unique:member|/^[a-zA-Z]\w{0,39}$/', - 'email' => 'require|unique:member|email', - 'mobile' => 'unique:member', - 'repassword'=>'require|confirm:password' + 'username' => 'require|unique:member|/^[a-zA-Z]\w{0,39}$/', + 'email' => 'require|unique:member|email', + 'mobile' => 'unique:member', + 'password' => 'require', + 'repassword' => 'confirm:password' ); protected $message = array( 'username.require' => '用户名必须', @@ -26,10 +27,12 @@ class Member extends \think\Validate{ 'email.require' => '邮箱必须', 'email.unique' => '邮箱已存在', 'mobile.unique' => '手机号已存在', + 'password.require' => '密码必须', 'repassword.require' => '确认密码和密码必须一致', ); protected $scene = array( 'edit' => 'email,mobile', + 'password' => 'password,repassword' ); } \ No newline at end of file diff --git a/application/common/view/default/form/editor.html b/application/common/view/default/form/editor.html index b01b70fa..87f8bd13 100644 --- a/application/common/view/default/form/editor.html +++ b/application/common/view/default/form/editor.html @@ -6,6 +6,7 @@ var editor = new Simditor({ upload : { placeholder : '欢迎使用SentCMS网站管理系统', url: "{:url('upload/editor')}", + pasteImage:true, fileKey: "upload_file" } }); diff --git a/application/common/view/default/form/show.html b/application/common/view/default/form/show.html index 31bc9e98..e14be293 100644 --- a/application/common/view/default/form/show.html +++ b/application/common/view/default/form/show.html @@ -1,18 +1,18 @@ {switch name="type"} {case value="readonly"} - + {/case} {case value="num"} - + {/case} {case value="decimal"} - + {/case} {case value="text"} - + {/case} {case value="password"} - + {/case} {case value="textarea"} diff --git a/application/user/controller/Profile.php b/application/user/controller/Profile.php index a5ef42ea..bfda1c73 100644 --- a/application/user/controller/Profile.php +++ b/application/user/controller/Profile.php @@ -16,7 +16,7 @@ class Profile extends User{ public function index(){ $user = model('User'); if (IS_POST) { - $result = $user->change(); + $result = $user->editUser($this->request->post()); if ($result !== false) { return $this->success("更新成功!", ""); }else{ @@ -44,7 +44,7 @@ class Profile extends User{ public function editpw(){ $user = model('User'); if (IS_POST) { - $result = $user->editpw(); + $result = $user->editpw($this->request->post()); if ($result !== false) { return $this->success("更新成功!", ""); }else{ diff --git a/core/library/think/Route.php b/core/library/think/Route.php index de0bc30c..55fde12c 100644 --- a/core/library/think/Route.php +++ b/core/library/think/Route.php @@ -672,6 +672,8 @@ class Route if ($checkDomain) { self::checkDomain($request); } + // 获取当前请求类型的路由规则 + $rules = self::$rules[$request->method()]; // 检测URL绑定 $return = self::checkUrlBind($url, $rules, $depr); @@ -679,9 +681,6 @@ class Route return $return; } - // 获取当前请求类型的路由规则 - $rules = self::$rules[$request->method()]; - if (isset($rules[$url])) { // 静态路由规则检测 $rule = $rules[$url]; diff --git a/core/library/think/Url.php b/core/library/think/Url.php index cf570af0..a5190d7b 100644 --- a/core/library/think/Url.php +++ b/core/library/think/Url.php @@ -19,9 +19,6 @@ use think\Route; class Url { - // 生成URL地址的root - protected static $root; - /** * URL生成 支持路由反射 * @param string $url URL表达式, @@ -116,7 +113,7 @@ class Url // 检测域名 $domain = self::parseDomain($url, $domain); // URL组装 - $url = $domain . (self::$root ?: Request::instance()->root()) . '/' . ltrim($url, '/'); + $url = $domain . Request::instance()->root() . '/' . ltrim($url, '/'); return $url; } @@ -319,11 +316,4 @@ class Url { Cache::rm('think_route_map'); } - - // 指定当前生成URL地址的root - public static function root($root) - { - self::$root = $root; - Request::instance()->root($root); - } -} +} \ No newline at end of file diff --git a/core/library/think/Validate.php b/core/library/think/Validate.php index 39618646..552494d0 100644 --- a/core/library/think/Validate.php +++ b/core/library/think/Validate.php @@ -48,6 +48,10 @@ class Validate 'alphaNum' => ':attribute只能是字母和数字', 'alphaDash' => ':attribute只能是字母、数字和下划线_及破折号-', 'activeUrl' => ':attribute不是有效的域名或者IP', + 'chs' => ':attribute只能是汉字', + 'chsAlpha' => ':attribute只能是汉字、字母', + 'chsAlphaNum'=> ':attribute只能是汉字、字母和数字', + 'chsDash' => ':attribute只能是汉字、字母、数字和下划线_及破折号-', 'url' => ':attribute不是有效的URL地址', 'ip' => ':attribute不是有效的IP地址', 'dateFormat' => ':attribute必须使用日期格式 :rule', @@ -516,6 +520,22 @@ class Validate // 只允许字母、数字和下划线 破折号 $result = $this->regex($value, '/^[A-Za-z0-9\-\_]+$/'); break; + case 'chs': + // 只允许汉字 + $result = $this->regex($value, '/^[\x{4e00}-\x{9fa5}]+$/u'); + break; + case 'chsAlpha': + // 只允许汉字、字母 + $result = $this->regex($value, '/^[\x{4e00}-\x{9fa5}a-zA-Z]+$/u'); + break; + case 'chsAlphaNum': + // 只允许汉字、字母和数字 + $result = $this->regex($value, '/^[\x{4e00}-\x{9fa5}a-zA-Z0-9]+$/u'); + break; + case 'chsDash': + // 只允许汉字、字母、数字和下划线_及破折号- + $result = $this->regex($value, '/^[\x{4e00}-\x{9fa5}a-zA-Z0-9\_\-]+$/u'); + break; case 'activeUrl': // 是否为有效的网址 $result = checkdnsrr($value); diff --git a/core/library/think/db/connector/Sqlsrv.php b/core/library/think/db/connector/Sqlsrv.php index cfc80991..31cf9045 100644 --- a/core/library/think/db/connector/Sqlsrv.php +++ b/core/library/think/db/connector/Sqlsrv.php @@ -24,7 +24,6 @@ class Sqlsrv extends Connection PDO::ATTR_CASE => PDO::CASE_LOWER, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::ATTR_STRINGIFY_FETCHES => false, - PDO::SQLSRV_ATTR_ENCODING => PDO::SQLSRV_ENCODING_UTF8, ]; /** diff --git a/core/library/think/model/Relation.php b/core/library/think/model/Relation.php index d762afd5..515bf362 100644 --- a/core/library/think/model/Relation.php +++ b/core/library/think/model/Relation.php @@ -43,6 +43,8 @@ class Relation protected $alias; // 当前关联的JOIN类型 protected $joinType; + // 关联模型查询对象 + protected $query; /** * 架构函数 @@ -409,7 +411,7 @@ class Relation $this->localKey = $localKey; $this->alias = $alias; $this->joinType = $joinType; - + $this->query = (new $model)->db(); // 返回关联的模型对象 return $this; } @@ -433,7 +435,7 @@ class Relation $this->localKey = $otherKey; $this->alias = $alias; $this->joinType = $joinType; - + $this->query = (new $model)->db(); // 返回关联的模型对象 return $this; } @@ -455,7 +457,7 @@ class Relation $this->foreignKey = $foreignKey; $this->localKey = $localKey; $this->alias = $alias; - + $this->query = (new $model)->db(); // 返回关联的模型对象 return $this; } @@ -481,7 +483,7 @@ class Relation $this->throughKey = $throughKey; $this->localKey = $localKey; $this->alias = $alias; - + $this->query = (new $model)->db(); // 返回关联的模型对象 return $this; } @@ -505,7 +507,7 @@ class Relation $this->localKey = $localKey; $this->middle = $table; $this->alias = $alias; - + $this->query = (new $model)->db(); // 返回关联的模型对象 return $this; } @@ -653,14 +655,12 @@ class Relation public function __call($method, $args) { - if ($this->model) { - $model = new $this->model; - $db = $model->db(); + if ($this->query) { switch ($this->type) { case self::HAS_MANY: if (isset($this->parent->{$this->localKey})) { // 关联查询带入关联条件 - $db->where($this->foreignKey, $this->parent->{$this->localKey}); + $this->query->where($this->foreignKey, $this->parent->{$this->localKey}); } break; case self::HAS_MANY_THROUGH: @@ -671,13 +671,18 @@ class Relation $pk = (new $this->model)->getPk(); $throughKey = $this->throughKey; $modelTable = $this->parent->getTable(); - $result = $db->field($alias . '.*')->alias($alias) + $result = $this->query->field($alias . '.*')->alias($alias) ->join($throughTable, $throughTable . '.' . $pk . '=' . $alias . '.' . $throughKey) ->join($modelTable, $modelTable . '.' . $this->localKey . '=' . $throughTable . '.' . $this->foreignKey) ->where($throughTable . '.' . $this->foreignKey, $this->parent->{$this->localKey}); break; } - return call_user_func_array([$db, $method], $args); + $result = call_user_func_array([$this->query, $method], $args); + if ($result instanceof \think\db\Query) { + return $this; + } else { + return $result; + } } else { throw new Exception('method not exists:' . __CLASS__ . '->' . $method); } diff --git a/core/library/think/response/Json.php b/core/library/think/response/Json.php index f3cfc36f..a137f453 100644 --- a/core/library/think/response/Json.php +++ b/core/library/think/response/Json.php @@ -19,8 +19,9 @@ class Json extends Response protected $options = [ 'json_encode_param' => JSON_UNESCAPED_UNICODE, ]; - + protected $contentType = 'application/json'; + /** * 处理数据 * @access protected @@ -31,6 +32,11 @@ class Json extends Response { // 返回JSON数据格式到客户端 包含状态信息 $data = json_encode($data, $this->options['json_encode_param']); + + if ($data === false) { + throw new \InvalidArgumentException(json_last_error_msg()); + } + return $data; } diff --git a/core/library/think/response/Jsonp.php b/core/library/think/response/Jsonp.php index b6806575..fda1183a 100644 --- a/core/library/think/response/Jsonp.php +++ b/core/library/think/response/Jsonp.php @@ -22,7 +22,7 @@ class Jsonp extends Response 'default_jsonp_handler' => 'jsonpReturn', 'json_encode_param' => JSON_UNESCAPED_UNICODE, ]; - + protected $contentType = 'application/javascript'; /** @@ -35,8 +35,15 @@ class Jsonp extends Response { // 返回JSON数据格式到客户端 包含状态信息 [当url_common_param为false时是无法获取到$_GET的数据的,故使用Request来获取] $var_jsonp_handler = Request::instance()->param($this->options['var_jsonp_handler'], ""); - $handler = !empty($var_jsonp_handler) ? $var_jsonp_handler : $this->options['default_jsonp_handler']; - $data = $handler . '(' . json_encode($data, $this->options['json_encode_param']) . ');'; + $handler = !empty($var_jsonp_handler) ? $var_jsonp_handler : $this->options['default_jsonp_handler']; + + $data = json_encode($data, $this->options['json_encode_param']); + + if ($data === false) { + throw new \InvalidArgumentException(json_last_error_msg()); + } + + $data = $handler . '(' . $data . ');'; return $data; }