From 28ff4ea2d97569d2feffab143b2482330ee7af84 Mon Sep 17 00:00:00 2001 From: qnnp-me Date: Sat, 4 Mar 2023 02:57:16 +0800 Subject: [PATCH 1/6] =?UTF-8?q?=E9=81=BF=E5=85=8D=E6=8E=A5=E5=85=A5admin?= =?UTF-8?q?=E7=9A=84=E6=97=B6=E5=80=99=E6=97=A0=E6=9D=83=E9=99=90=E7=9A=84?= =?UTF-8?q?=E6=83=85=E5=86=B5=E4=B8=8B=E8=B0=83=E7=94=A8=E4=B8=8D=E5=88=B0?= =?UTF-8?q?admin=E7=9A=84403=E6=96=87=E4=BB=B6=E8=80=8C=E7=9B=B4=E6=8E=A5?= =?UTF-8?q?=E6=8A=A5=E9=94=99=E7=9A=84=E6=83=85=E5=86=B5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/plugin/admin/app/middleware/AccessControl.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/plugin/admin/app/middleware/AccessControl.php b/src/plugin/admin/app/middleware/AccessControl.php index 1aebaa6..f9779d8 100644 --- a/src/plugin/admin/app/middleware/AccessControl.php +++ b/src/plugin/admin/app/middleware/AccessControl.php @@ -21,6 +21,11 @@ class AccessControl implements MiddlewareInterface $controller = $request->controller; $action = $request->action; + $plugin=$request->plugin; + $app=$request->app; + $request->plugin='admin'; + $request->app=''; + $code = 0; $msg = ''; if (!Auth::canAccess($controller, $action, $code, $msg)) { @@ -42,6 +47,8 @@ EOF } } else { + $request->plugin=$plugin; + $request->app=$app; $response = $request->method() == 'OPTIONS' ? response('') : $handler($request); } @@ -49,4 +56,4 @@ EOF } -} \ No newline at end of file +} From 47047b9c653734c06232b9fb38b343d7f0788375 Mon Sep 17 00:00:00 2001 From: qnnp-me Date: Sat, 4 Mar 2023 20:00:30 +0800 Subject: [PATCH 2/6] =?UTF-8?q?=E9=81=BF=E5=85=8D=E6=8E=A5=E5=85=A5admin?= =?UTF-8?q?=E7=9A=84=E6=97=B6=E5=80=99=E6=97=A0=E6=9D=83=E9=99=90=E7=9A=84?= =?UTF-8?q?=E6=83=85=E5=86=B5=E4=B8=8B=E8=B0=83=E7=94=A8=E4=B8=8D=E5=88=B0?= =?UTF-8?q?admin=E7=9A=84403=E6=96=87=E4=BB=B6=E8=80=8C=E7=9B=B4=E6=8E=A5?= =?UTF-8?q?=E6=8A=A5=E9=94=99=E7=9A=84=E6=83=85=E5=86=B5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/plugin/admin/app/middleware/AccessControl.php | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/src/plugin/admin/app/middleware/AccessControl.php b/src/plugin/admin/app/middleware/AccessControl.php index 90b7bfd..081d0ee 100644 --- a/src/plugin/admin/app/middleware/AccessControl.php +++ b/src/plugin/admin/app/middleware/AccessControl.php @@ -21,11 +21,6 @@ class AccessControl implements MiddlewareInterface $controller = $request->controller; $action = $request->action; - $plugin=$request->plugin; - $app=$request->app; - $request->plugin='admin'; - $request->app=''; - $code = 0; $msg = ''; if (!Auth::canAccess($controller, $action, $code, $msg)) { @@ -42,14 +37,13 @@ class AccessControl implements MiddlewareInterface EOF ); } else { + $request->app = ''; $request->plugin = 'admin'; $response = view('common/error/403')->withStatus(403); } } } else { - $request->plugin=$plugin; - $request->app=$app; $response = $request->method() == 'OPTIONS' ? response('') : $handler($request); } From dc8c32e6789c4029cb7040a33331cbe0fab8b6e9 Mon Sep 17 00:00:00 2001 From: walkor Date: Tue, 7 Mar 2023 12:42:33 +0800 Subject: [PATCH 3/6] Update InstallController.php --- src/plugin/admin/app/controller/InstallController.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/plugin/admin/app/controller/InstallController.php b/src/plugin/admin/app/controller/InstallController.php index a6fcf8b..d62caa1 100644 --- a/src/plugin/admin/app/controller/InstallController.php +++ b/src/plugin/admin/app/controller/InstallController.php @@ -198,15 +198,17 @@ EOF; if ($password != $password_confirm) { return $this->json(1, '两次密码不一致'); } - if (Admin::first()) { - return $this->json(1, '后台已经安装完毕,无法通过此页面创建管理员'); - } if (!is_file($config_file = base_path() . '/plugin/admin/config/database.php')) { return $this->json(1, '请先完成第一步数据库配置'); } $config = include $config_file; $connection = $config['connections']['mysql']; $pdo = $this->getPdo($connection['host'], $connection['username'], $connection['password'], $connection['port'], $connection['database']); + + if ($pdo->query('select * from `wa_admins`')->fetchAll()) { + return $this->json(1, '后台已经安装完毕,无法通过此页面创建管理员'); + } + $smt = $pdo->prepare("insert into `wa_admins` (`username`, `password`, `nickname`, `created_at`, `updated_at`) values (:username, :password, :nickname, :created_at, :updated_at)"); $time = date('Y-m-d H:i:s'); $data = [ From af61b6a96b4eda53f5db93783d60fb6e5671bd1d Mon Sep 17 00:00:00 2001 From: walkor Date: Wed, 8 Mar 2023 15:03:55 +0800 Subject: [PATCH 4/6] Update TableController.php --- src/plugin/admin/app/controller/TableController.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/plugin/admin/app/controller/TableController.php b/src/plugin/admin/app/controller/TableController.php index 66ee09a..bed149b 100644 --- a/src/plugin/admin/app/controller/TableController.php +++ b/src/plugin/admin/app/controller/TableController.php @@ -103,6 +103,7 @@ class TableController extends Base $primary_key_count = 0; foreach ($columns as $index => $item) { + $columns[$index]['field'] = trim($item['field']); if (!$item['field']) { unset($columns[$index]); continue; @@ -207,6 +208,7 @@ class TableController extends Base $primary_key_count = $auto_increment_count = 0; foreach ($columns as $index => $item) { + $columns[$index]['field'] = trim($item['field']); if (!$item['field']) { unset($columns[$index]); continue; From 07ef5cf7552793d1fa96e307471c6deafddf43f8 Mon Sep 17 00:00:00 2001 From: walkor Date: Wed, 8 Mar 2023 21:19:42 +0800 Subject: [PATCH 5/6] Update functions.php --- src/plugin/admin/app/functions.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/src/plugin/admin/app/functions.php b/src/plugin/admin/app/functions.php index 47b0879..1fed316 100644 --- a/src/plugin/admin/app/functions.php +++ b/src/plugin/admin/app/functions.php @@ -3,11 +3,9 @@ * Here is your custom functions. */ -use app\model\User; +use plugin\admin\app\model\User; use plugin\admin\app\model\Admin; use plugin\admin\app\model\AdminRole; -use plugin\admin\app\model\Role; -use plugin\admin\app\model\Rule; /** * 当前管理员id @@ -138,4 +136,4 @@ function refresh_user_session(bool $force = false) unset($user['password']); $user['session_last_update_time'] = $time_now; $session->set('user', $user); -} \ No newline at end of file +} From c8414d2e0b2e58e80a6d6ac8fe9181ad37426bea Mon Sep 17 00:00:00 2001 From: walkor Date: Fri, 10 Mar 2023 21:40:36 +0800 Subject: [PATCH 6/6] Update Middleware.php --- src/plugin/admin/api/Middleware.php | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/src/plugin/admin/api/Middleware.php b/src/plugin/admin/api/Middleware.php index 02cc844..20d5540 100644 --- a/src/plugin/admin/api/Middleware.php +++ b/src/plugin/admin/api/Middleware.php @@ -1,13 +1,14 @@ expectsJson()) { $response = json(['code' => $code, 'msg' => $msg, 'type' => 'error']); } else { - $response = \response($msg, 401); + if ($code === 401) { + $response = response(<< + if (self !== top) { + parent.location.reload(); + } + +EOF + ); + } else { + $request->app = ''; + $request->plugin = 'admin'; + $response = view('common/error/403')->withStatus(403); + } } } else { $response = $request->method() == 'OPTIONS' ? response('') : $handler($request); @@ -38,4 +52,4 @@ class Middleware implements MiddlewareInterface return $response; } -} \ No newline at end of file +}