molong/sentcms
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

1、内核修复

Browse Source 
2、用户模块完善和bug修复
This commit is contained in:
molong
2016-07-15 11:59:56 +08:00
parent 9ad5d5fd9c
commit ad1f4c029e
14 changed files with 122 additions and 174 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
application/admin/controller/User.php
View File

@@ -38,8 +38,8 @@ class User extends Admin{
} }
/** /**
* create * 添加用户
* @author colin <colin@tensent.cn> * @author colin <molong@tensent.cn>
*/ */
public function add(){ public function add(){
$model = \think\Loader::model('User'); $model = \think\Loader::model('User');
@@ -77,24 +77,13 @@ class User extends Admin{
$model = model('User'); $model = model('User');
if(IS_POST){ if(IS_POST){
$data = $this->request->post(); $data = $this->request->post();
if(!$data){
return $this->error($this->showRegError($model->getError()));
}
//为空 $reuslt = $model->editUser($data, true);
if($data['password'] == ''){
unset($data['password']);
unset($data['salt']);
}else{
$data['salt'] = rand_string();
$data['password'] = md5($password.$data['salt']);
}
$reuslt = $model->save($data,array('uid'=>$data['uid']));
if (false != $reuslt) { if (false !== $reuslt) {
return $this->success('修改成功!', url('admin/user/index')); return $this->success('修改成功!', url('admin/user/index'));
}else{ }else{
return $this->error('修改失败!'); return $this->error($model->getError(), '');
} }
}else{ }else{
$info = $this->getUserinfo(); $info = $this->getUserinfo();
@@ -236,25 +225,10 @@ class User extends Admin{
*/ */
public function editpwd() { public function editpwd() {
if (IS_POST) { if (IS_POST) {
$user = \think\Loader::model('User'); $user = model('User');
//获取参数 $data = $this->request->post();
$password = input('post.old');
if(empty($password)){ $res = $user->editpw($data);
return $this->error('请输入原密码');
}
$data['password'] = input('post.password');
if (empty($data['password'])) {
return $this->error('请输入新密码');
}
$repassword = input('post.repassword');
if (empty($repassword)) {
return $this->error('请输入确认密码');
}
if ($data['password'] !== $repassword) {
return $this->error('您输入的新密码与确认密码不一致');
}
$res = $user->updateUserFields(UID, $password, $data);
if ($res) { if ($res) {
return $this->success('修改密码成功!'); return $this->success('修改密码成功!');
}else { }else {
@@ -297,61 +271,4 @@ class User extends Admin{
return $this->error('参数非法'); return $this->error('参数非法');
} }
} }
/**
* 获取用户注册错误信息
* @param integer $code 错误编码
* @return string 错误信息
*/
private function showRegError($code = 0) {
switch ($code) {
case -1:
$error = '用户名长度必须在16个字符以内';
break;
case -2:
$error = '用户名被禁止注册!';
break;
case -3:
$error = '用户名被占用!';
break;
case -4:
$error = '密码长度必须在6-30个字符之间';
break;
case -5:
$error = '邮箱格式不正确!';
break;
case -6:
$error = '邮箱长度必须在1-32个字符之间';
break;
case -7:
$error = '邮箱被禁止注册!';
break;
case -8:
$error = '邮箱被占用!';
break;
case -9:
$error = '手机格式不正确!';
break;
case -10:
$error = '手机被禁止注册!';
break;
case -11:
$error = '手机号被占用!';
break;
default:
$error = '未知错误';
}
return $error;
}
} }

2
application/admin/view/user/editpwd.html
View File

@@ -17,7 +17,7 @@
<div class="form-group"> <div class="form-group">
<label class="col-lg-2 control-label">原密码:</label> <label class="col-lg-2 control-label">原密码:</label>
<div class="col-lg-6 col-sm-10"> <div class="col-lg-6 col-sm-10">
<input type="password" name="old" class="form-control " autocomplete="off" /> <input type="password" name="oldpassword" class="form-control " autocomplete="off" />
</div> </div>
</div> </div>
<div class="form-group"> <div class="form-group">

79
application/common/model/User.php
View File

@@ -68,8 +68,8 @@ class User extends Base{
return 1; return 1;
} }
protected function setPasswordAttr($value){ protected function setPasswordAttr($value, $data){
return md5($value.$this->data['salt']); return md5($value.$data['salt']);
} }
/** /**
@@ -182,12 +182,20 @@ class User extends Base{
} }
} }
public function change(){ /**
$data = input('post.'); * 修改用户资料
*/
public function editUser($data, $ischangepwd = false){
if ($data['uid']) { if ($data['uid']) {
if (!$ischangepwd || ($ischangepwd && $data['password'] == '')) {
unset($data['salt']);
unset($data['password']);
}else{
$data['salt'] = rand_string(6);
}
$result = $this->validate('member.edit')->save($data, array('uid'=>$data['uid'])); $result = $this->validate('member.edit')->save($data, array('uid'=>$data['uid']));
if ($result) { if ($result) {
$result = $this->extend->save($data, array('uid'=>$data['uid'])); return $this->extend->save($data, array('uid'=>$data['uid']));
}else{ }else{
return false; return false;
} }
@@ -197,46 +205,39 @@ class User extends Base{
} }
} }
public function editpw(){ public function editpw($data, $is_reset = false){
$data = input('post.'); $uid = $is_reset ? $data['uid'] : session('user_auth.uid');
$username = session('user_auth.username'); if (!$is_reset) {
$uid = session('user_auth.uid'); //后台修改用户时可修改用户密码时设置为true
$result = $this->checkPassword($username,$data['oldpassword']); $this->checkPassword($uid,$data['oldpassword']);
if (!$result) {
$validate = $this->validate('member.password');
if (false === $validate) {
return false;
}
}
$data['salt'] = rand_string(6);
return $this->save($data, array('uid'=>$uid));
}
protected function checkPassword($uid,$password){
if (!$uid || !$password) {
$this->error = '原始用户UID和密码不能为空';
return false;
}
$user = $this->where(array('uid'=>$uid))->find();
if (md5($password.$user['salt']) === $user['password']) {
return true;
}else{
$this->error = '原始密码错误!'; $this->error = '原始密码错误!';
return false; return false;
} }
if (!$data['password']) {
$this->error = '密码不能为空!';
return false;
}
if ($data['password'] !== $data['repassword']) {
$this->error = '密码和确认密码不相同!';
return false;
}
if (!$uid) {
return false;
}
$data['salt'] = rand_string(6);
$data['password'] = md5($data['password'].$data['salt']);
$data['uid'] = $uid;
return $this->db()->where(array('uid'=>$uid))->update($data);
} }
public function extend(){ public function extend(){
return $this->hasOne('MemberExtend', 'uid'); return $this->hasOne('MemberExtend', 'uid');
} }
protected function checkPassword($username,$password){
if (!$username || !$password) {
return false;
}
$user = $this->db()->where(array('username'=>$username))->find()->toArray();
if (md5($password.$user['salt']) === $user['password']) {
return true;
}else{
return false;
}
}
} }

11
application/common/validate/Member.php
View File

@@ -15,10 +15,11 @@ namespace app\common\validate;
class Member extends \think\Validate{ class Member extends \think\Validate{
protected $rule = array( protected $rule = array(
'username' => 'require|unique:member|/^[a-zA-Z]\w{0,39}$/', 'username' => 'require|unique:member|/^[a-zA-Z]\w{0,39}$/',
'email' => 'require|unique:member|email', 'email' => 'require|unique:member|email',
'mobile' => 'unique:member', 'mobile' => 'unique:member',
'repassword'=>'require|confirm:password' 'password' => 'require',
'repassword' => 'confirm:password'
); );
protected $message = array( protected $message = array(
'username.require' => '用户名必须', 'username.require' => '用户名必须',
@@ -26,10 +27,12 @@ class Member extends \think\Validate{
'email.require' => '邮箱必须', 'email.require' => '邮箱必须',
'email.unique' => '邮箱已存在', 'email.unique' => '邮箱已存在',
'mobile.unique' => '手机号已存在', 'mobile.unique' => '手机号已存在',
'password.require' => '密码必须',
'repassword.require' => '确认密码和密码必须一致', 'repassword.require' => '确认密码和密码必须一致',
); );
protected $scene = array( protected $scene = array(
'edit' => 'email,mobile', 'edit' => 'email,mobile',
'password' => 'password,repassword'
); );
} }

1
application/common/view/default/form/editor.html
View File

@@ -6,6 +6,7 @@ var editor = new Simditor({
upload : { upload : {
placeholder : '欢迎使用SentCMS网站管理系统', placeholder : '欢迎使用SentCMS网站管理系统',
url: "{:url('upload/editor')}", url: "{:url('upload/editor')}",
pasteImage:true,
fileKey: "upload_file" fileKey: "upload_file"
} }
}); });

10
application/common/view/default/form/show.html
View File

@@ -1,18 +1,18 @@
{switch name="type"} {switch name="type"}
{case value="readonly"} {case value="readonly"}
<input type="text" class="form-control" name="{$field}" id="{$field}" value="{$value}" readonly> <input type="text" class="form-control" name="{$field}" id="{$field}" value="{$value}" autocomplete="false" readonly>
{/case} {/case}
{case value="num"} {case value="num"}
<input type="text" style="width: auto;" class="form-control" name="{$field}" id="{$field}" value="{$value}"> <input type="text" style="width: auto;" class="form-control" name="{$field}" id="{$field}" autocomplete="false" value="{$value}">
{/case} {/case}
{case value="decimal"} {case value="decimal"}
<input type="text" style="width: auto;" class="form-control" name="{$field}" id="{$field}" value="{$value}"> <input type="text" style="width: auto;" class="form-control" name="{$field}" id="{$field}" autocomplete="false" value="{$value}">
{/case} {/case}
{case value="text"} {case value="text"}
<input type="text" class="form-control" name="{$field}" id="{$field}" value="{$value}"> <input type="text" class="form-control" name="{$field}" id="{$field}" autocomplete="false" value="{$value}">
{/case} {/case}
{case value="password"} {case value="password"}
<input type="password" class="form-control" name="{$field}" id="{$field}" value="{$value}"> <input type="password" class="form-control" name="{$field}" id="{$field}" autocomplete="false" value="{$value}">
{/case} {/case}
{case value="textarea"} {case value="textarea"}
<textarea class="form-control" name="{$field}" id="{$field}">{$value}</textarea> <textarea class="form-control" name="{$field}" id="{$field}">{$value}</textarea>

4
application/user/controller/Profile.php
View File

@@ -16,7 +16,7 @@ class Profile extends User{
public function index(){ public function index(){
$user = model('User'); $user = model('User');
if (IS_POST) { if (IS_POST) {
$result = $user->change(); $result = $user->editUser($this->request->post());
if ($result !== false) { if ($result !== false) {
return $this->success("更新成功!", ""); return $this->success("更新成功!", "");
}else{ }else{
@@ -44,7 +44,7 @@ class Profile extends User{
public function editpw(){ public function editpw(){
$user = model('User'); $user = model('User');
if (IS_POST) { if (IS_POST) {
$result = $user->editpw(); $result = $user->editpw($this->request->post());
if ($result !== false) { if ($result !== false) {
return $this->success("更新成功!", ""); return $this->success("更新成功!", "");
}else{ }else{

5
core/library/think/Route.php
View File

@@ -672,6 +672,8 @@ class Route
if ($checkDomain) { if ($checkDomain) {
self::checkDomain($request); self::checkDomain($request);
} }
// 获取当前请求类型的路由规则
$rules = self::$rules[$request->method()];
// 检测URL绑定 // 检测URL绑定
$return = self::checkUrlBind($url, $rules, $depr); $return = self::checkUrlBind($url, $rules, $depr);
@@ -679,9 +681,6 @@ class Route
return $return; return $return;
} }
// 获取当前请求类型的路由规则
$rules = self::$rules[$request->method()];
if (isset($rules[$url])) { if (isset($rules[$url])) {
// 静态路由规则检测 // 静态路由规则检测
$rule = $rules[$url]; $rule = $rules[$url];

14
core/library/think/Url.php
View File

@@ -19,9 +19,6 @@ use think\Route;
class Url class Url
{ {
// 生成URL地址的root
protected static $root;
/** /**
* URL生成 支持路由反射 * URL生成 支持路由反射
* @param string $url URL表达式 * @param string $url URL表达式
@@ -116,7 +113,7 @@ class Url
// 检测域名 // 检测域名
$domain = self::parseDomain($url, $domain); $domain = self::parseDomain($url, $domain);
// URL组装 // URL组装
$url = $domain . (self::$root ?: Request::instance()->root()) . '/' . ltrim($url, '/'); $url = $domain . Request::instance()->root() . '/' . ltrim($url, '/');
return $url; return $url;
} }
@@ -319,11 +316,4 @@ class Url
{ {
Cache::rm('think_route_map'); Cache::rm('think_route_map');
} }
}
// 指定当前生成URL地址的root
public static function root($root)
{
self::$root = $root;
Request::instance()->root($root);
}
}

20
core/library/think/Validate.php
View File

@@ -48,6 +48,10 @@ class Validate
'alphaNum' => ':attribute只能是字母和数字', 'alphaNum' => ':attribute只能是字母和数字',
'alphaDash' => ':attribute只能是字母、数字和下划线_及破折号-', 'alphaDash' => ':attribute只能是字母、数字和下划线_及破折号-',
'activeUrl' => ':attribute不是有效的域名或者IP', 'activeUrl' => ':attribute不是有效的域名或者IP',
'chs' => ':attribute只能是汉字',
'chsAlpha' => ':attribute只能是汉字、字母',
'chsAlphaNum'=> ':attribute只能是汉字、字母和数字',
'chsDash' => ':attribute只能是汉字、字母、数字和下划线_及破折号-',
'url' => ':attribute不是有效的URL地址', 'url' => ':attribute不是有效的URL地址',
'ip' => ':attribute不是有效的IP地址', 'ip' => ':attribute不是有效的IP地址',
'dateFormat' => ':attribute必须使用日期格式 :rule', 'dateFormat' => ':attribute必须使用日期格式 :rule',
@@ -516,6 +520,22 @@ class Validate
// 只允许字母、数字和下划线 破折号 // 只允许字母、数字和下划线 破折号
$result = $this->regex($value, '/^[A-Za-z0-9\-\_]+$/'); $result = $this->regex($value, '/^[A-Za-z0-9\-\_]+$/');
break; break;
case 'chs':
// 只允许汉字
$result = $this->regex($value, '/^[\x{4e00}-\x{9fa5}]+$/u');
break;
case 'chsAlpha':
// 只允许汉字、字母
$result = $this->regex($value, '/^[\x{4e00}-\x{9fa5}a-zA-Z]+$/u');
break;
case 'chsAlphaNum':
// 只允许汉字、字母和数字
$result = $this->regex($value, '/^[\x{4e00}-\x{9fa5}a-zA-Z0-9]+$/u');
break;
case 'chsDash':
// 只允许汉字、字母、数字和下划线_及破折号-
$result = $this->regex($value, '/^[\x{4e00}-\x{9fa5}a-zA-Z0-9\_\-]+$/u');
break;
case 'activeUrl': case 'activeUrl':
// 是否为有效的网址 // 是否为有效的网址
$result = checkdnsrr($value); $result = checkdnsrr($value);

1
core/library/think/db/connector/Sqlsrv.php
View File

@@ -24,7 +24,6 @@ class Sqlsrv extends Connection
PDO::ATTR_CASE => PDO::CASE_LOWER, PDO::ATTR_CASE => PDO::CASE_LOWER,
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_STRINGIFY_FETCHES => false, PDO::ATTR_STRINGIFY_FETCHES => false,
PDO::SQLSRV_ATTR_ENCODING => PDO::SQLSRV_ENCODING_UTF8,
]; ];
/** /**

27
core/library/think/model/Relation.php
View File

@@ -43,6 +43,8 @@ class Relation
protected $alias; protected $alias;
// 当前关联的JOIN类型 // 当前关联的JOIN类型
protected $joinType; protected $joinType;
// 关联模型查询对象
protected $query;
/** /**
* 架构函数 * 架构函数
@@ -409,7 +411,7 @@ class Relation
$this->localKey = $localKey; $this->localKey = $localKey;
$this->alias = $alias; $this->alias = $alias;
$this->joinType = $joinType; $this->joinType = $joinType;
$this->query = (new $model)->db();
// 返回关联的模型对象 // 返回关联的模型对象
return $this; return $this;
} }
@@ -433,7 +435,7 @@ class Relation
$this->localKey = $otherKey; $this->localKey = $otherKey;
$this->alias = $alias; $this->alias = $alias;
$this->joinType = $joinType; $this->joinType = $joinType;
$this->query = (new $model)->db();
// 返回关联的模型对象 // 返回关联的模型对象
return $this; return $this;
} }
@@ -455,7 +457,7 @@ class Relation
$this->foreignKey = $foreignKey; $this->foreignKey = $foreignKey;
$this->localKey = $localKey; $this->localKey = $localKey;
$this->alias = $alias; $this->alias = $alias;
$this->query = (new $model)->db();
// 返回关联的模型对象 // 返回关联的模型对象
return $this; return $this;
} }
@@ -481,7 +483,7 @@ class Relation
$this->throughKey = $throughKey; $this->throughKey = $throughKey;
$this->localKey = $localKey; $this->localKey = $localKey;
$this->alias = $alias; $this->alias = $alias;
$this->query = (new $model)->db();
// 返回关联的模型对象 // 返回关联的模型对象
return $this; return $this;
} }
@@ -505,7 +507,7 @@ class Relation
$this->localKey = $localKey; $this->localKey = $localKey;
$this->middle = $table; $this->middle = $table;
$this->alias = $alias; $this->alias = $alias;
$this->query = (new $model)->db();
// 返回关联的模型对象 // 返回关联的模型对象
return $this; return $this;
} }
@@ -653,14 +655,12 @@ class Relation
public function __call($method, $args) public function __call($method, $args)
{ {
if ($this->model) { if ($this->query) {
$model = new $this->model;
$db = $model->db();
switch ($this->type) { switch ($this->type) {
case self::HAS_MANY: case self::HAS_MANY:
if (isset($this->parent->{$this->localKey})) { if (isset($this->parent->{$this->localKey})) {
// 关联查询带入关联条件 // 关联查询带入关联条件
$db->where($this->foreignKey, $this->parent->{$this->localKey}); $this->query->where($this->foreignKey, $this->parent->{$this->localKey});
} }
break; break;
case self::HAS_MANY_THROUGH: case self::HAS_MANY_THROUGH:
@@ -671,13 +671,18 @@ class Relation
$pk = (new $this->model)->getPk(); $pk = (new $this->model)->getPk();
$throughKey = $this->throughKey; $throughKey = $this->throughKey;
$modelTable = $this->parent->getTable(); $modelTable = $this->parent->getTable();
$result = $db->field($alias . '.*')->alias($alias) $result = $this->query->field($alias . '.*')->alias($alias)
->join($throughTable, $throughTable . '.' . $pk . '=' . $alias . '.' . $throughKey) ->join($throughTable, $throughTable . '.' . $pk . '=' . $alias . '.' . $throughKey)
->join($modelTable, $modelTable . '.' . $this->localKey . '=' . $throughTable . '.' . $this->foreignKey) ->join($modelTable, $modelTable . '.' . $this->localKey . '=' . $throughTable . '.' . $this->foreignKey)
->where($throughTable . '.' . $this->foreignKey, $this->parent->{$this->localKey}); ->where($throughTable . '.' . $this->foreignKey, $this->parent->{$this->localKey});
break; break;
} }
return call_user_func_array([$db, $method], $args); $result = call_user_func_array([$this->query, $method], $args);
if ($result instanceof \think\db\Query) {
return $this;
} else {
return $result;
}
} else { } else {
throw new Exception('method not exists:' . __CLASS__ . '->' . $method); throw new Exception('method not exists:' . __CLASS__ . '->' . $method);
} }

8
core/library/think/response/Json.php
View File

@@ -19,8 +19,9 @@ class Json extends Response
protected $options = [ protected $options = [
'json_encode_param' => JSON_UNESCAPED_UNICODE, 'json_encode_param' => JSON_UNESCAPED_UNICODE,
]; ];
protected $contentType = 'application/json'; protected $contentType = 'application/json';
/** /**
* 处理数据 * 处理数据
* @access protected * @access protected
@@ -31,6 +32,11 @@ class Json extends Response
{ {
// 返回JSON数据格式到客户端 包含状态信息 // 返回JSON数据格式到客户端 包含状态信息
$data = json_encode($data, $this->options['json_encode_param']); $data = json_encode($data, $this->options['json_encode_param']);
if ($data === false) {
throw new \InvalidArgumentException(json_last_error_msg());
}
return $data; return $data;
} }

13
core/library/think/response/Jsonp.php
View File

@@ -22,7 +22,7 @@ class Jsonp extends Response
'default_jsonp_handler' => 'jsonpReturn', 'default_jsonp_handler' => 'jsonpReturn',
'json_encode_param' => JSON_UNESCAPED_UNICODE, 'json_encode_param' => JSON_UNESCAPED_UNICODE,
]; ];
protected $contentType = 'application/javascript'; protected $contentType = 'application/javascript';
/** /**
@@ -35,8 +35,15 @@ class Jsonp extends Response
{ {
// 返回JSON数据格式到客户端 包含状态信息 [当url_common_param为false时是无法获取到$_GET的数据的故使用Request来获取<xiaobo.sun@qq.com>] // 返回JSON数据格式到客户端 包含状态信息 [当url_common_param为false时是无法获取到$_GET的数据的故使用Request来获取<xiaobo.sun@qq.com>]
$var_jsonp_handler = Request::instance()->param($this->options['var_jsonp_handler'], ""); $var_jsonp_handler = Request::instance()->param($this->options['var_jsonp_handler'], "");
$handler = !empty($var_jsonp_handler) ? $var_jsonp_handler : $this->options['default_jsonp_handler']; $handler = !empty($var_jsonp_handler) ? $var_jsonp_handler : $this->options['default_jsonp_handler'];
$data = $handler . '(' . json_encode($data, $this->options['json_encode_param']) . ');';
$data = json_encode($data, $this->options['json_encode_param']);
if ($data === false) {
throw new \InvalidArgumentException(json_last_error_msg());
}
$data = $handler . '(' . $data . ');';
return $data; return $data;
} }