From 4d1cb7988ebbec9552105fb735c7d364418e3cf7 Mon Sep 17 00:00:00 2001
From: taoser <changlin_zhao@qq.com>
Date: Fri, 19 Mar 2021 14:38:06 +0800
Subject: [PATCH] =?UTF-8?q?=E5=89=8D=E5=8F=B0=E7=89=88=E6=9C=AC=E6=98=BE?=
 =?UTF-8?q?=E7=A4=BA=EF=BC=8C=E5=90=8E=E5=8F=B0=E5=8F=8D=E9=A6=88=E4=BC=98?=
 =?UTF-8?q?=E5=8C=96=EF=BC=8C=E6=95=B0=E6=8D=AE=E5=BA=93=E5=A4=87=E4=BB=BD?=
 =?UTF-8?q?=E4=BC=98=E5=8C=96?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/Request.php                           |  3 +-
 app/admin/controller/Database.php         | 19 ++++----
 app/admin/controller/Index.php            | 19 +++-----
 app/admin/view/index/home.html            |  5 ++-
 app/admin/view/public/header.html         |  2 +-
 app/common/controller/AdminController.php | 55 ++++++++++++-----------
 config/taoler.php                         |  7 ++-
 extend/taoler/com/Api.php                 |  5 ++-
 public/static/admin/modules/console.js    |  2 +-
 view/taoler/index/public/footer.html      |  2 +-
 10 files changed, 62 insertions(+), 57 deletions(-)

diff --git a/app/Request.php b/app/Request.php
index 01a16f6..6a1b0c3 100644
--- a/app/Request.php
+++ b/app/Request.php
@@ -5,5 +5,6 @@ namespace app;
 class Request extends \think\Request
 {
 	//过滤空格
-	protected $filter = ['trim'];
+	protected $filter = ['trim','htmlspecialchars','strip_tags'];
+	
 }
diff --git a/app/admin/controller/Database.php b/app/admin/controller/Database.php
index aa3e70d..29ef29b 100644
--- a/app/admin/controller/Database.php
+++ b/app/admin/controller/Database.php
@@ -19,12 +19,17 @@ class Database extends AdminController
 		$this->database = Config::get('database.connections.mysql.database');
 		$this->username = Config::get('database.connections.mysql.username');
 		$this->password = Config::get('database.connections.mysql.password');
+		$this->backdir = Config::get('taoler.databasebackdir');
 	}
 	
 	public function index()
 	{
 		if(Request::isAjax()){
-			$backName = Files::getDirName('../data');
+			$backName = Files::getDirName($this->backdir);
+
+			if(empty($backName)){
+                return json(['code'=>-1,'msg'=>'还没有数据']);
+            }
 			
 			$res['count'] = count($backName);
 			if($res['count']){
@@ -38,11 +43,8 @@ class Database extends AdminController
                     ];
 				}
 
-			} else {
-                return json(['code'=>-1,'msg'=>'还没有数据']);
-            }
+			}
 			return json($res);
-			
 		}
 		
 		return View::fetch();
@@ -50,14 +52,11 @@ class Database extends AdminController
 	
 	public function backup()
 	{
-		//halt(app()->getRootPath());
 		//自行判断文件夹
-		$backupdir = '../data';
 		if (isset($_POST['backdir']) && $_POST['backdir'] != '') {
 			$backupdir = $_POST['backdir'];
 		} else {
-			$backupdir = app()->getRootPath() .'data/'. date('Ymdhis');
-			//halt($backupdir);
+			$backupdir = $this->backdir . date('Ymdhis');
 		}
 
 		if (!is_dir($backupdir)) {
@@ -88,7 +87,7 @@ class Database extends AdminController
 	{
 		$name = input('name');
 		//var_dump($name);
-		$dir = app()->getRootPath() .'data/'.$name;
+		$dir = $this->backdir . $name;
 		
 		$res = Files::delDir($dir);
 		
diff --git a/app/admin/controller/Index.php b/app/admin/controller/Index.php
index 43f947f..59c16c9 100644
--- a/app/admin/controller/Index.php
+++ b/app/admin/controller/Index.php
@@ -23,14 +23,12 @@ class Index extends AdminController
 */	
 	public function __construct()
 	{
-        // 控制器初始化显示左侧导航菜单
+        //控制器初始化显示左侧导航菜单
         parent::initialize();
 
 		$this->sys_version = Config::get('taoler.version');
-		$this->sys = Db::name('system')->where('id',1)->find();
-        //域名转换为无http协议
-        $www = stripos($this->sys['domain'],'://') ? substr(stristr($this->sys['domain'],'://'),3) : $this->sys['domain'];
-		$this->domain = Request::scheme().'://'. $www;
+		$this->sys = $this->getSystem();
+		$this->domain = $this->getHttpUrl($this->sys['domain']);
 		$this->api = $this->sys['api_url'];
 		if(empty($this->api)){
 			$baseUrl = $this->sys['base_url'];
@@ -162,17 +160,14 @@ class Index extends AdminController
 	public function cunsult()
 	{
 		$url = $this->api.'/v1/reply';
-		
 		//$mail = Db::name('system')->where('id',1)->value('auth_mail');	//	bug邮件发送
 		if(Request::isAjax()){
-			$data = Request::only(['type','title','content']);
-
-			$data['poster'] = 3;	//公共id
-
+			$data = Request::only(['type','title','content','post']);
+			//halt($data);
 			$apiRes = Api::urlPost($url,$data);
-
+			$data['poster'] = Session::get('admin_id');
+			unset($data['post']);
 			if($apiRes){
-                //halt($data);
 				$res = Cunsult::create($data);
 				if($res->id){
 					//$result = mailto($mail,$data['title'],'我的问题类型是'.$data['type'].$data['content']);
diff --git a/app/admin/view/index/home.html b/app/admin/view/index/home.html
index 0397bc2..ddf4869 100644
--- a/app/admin/view/index/home.html
+++ b/app/admin/view/index/home.html
@@ -172,7 +172,10 @@
 							<textarea id="L_content" name="content" required lay-verify="content" autocomplete="off"  class="layui-textarea"></textarea>
 							</div>
 						</div>
-						<div class="layui-form-item">						
+						<div class="layui-form-item layui-hide">
+							<input type="text" name="post" lay-verify="required" autocomplete="off" class="layui-input layui-hide" value="{$insurl}">
+						</div>
+						<div class="layui-form-item">
 							<button type="submit" class="layui-btn " lay-filter="cunsult-add" lay-submit id="cunsult-add">立即发布</button>	  
 						</div>
 					</div>
diff --git a/app/admin/view/public/header.html b/app/admin/view/public/header.html
index 38515d7..20b8e06 100644
--- a/app/admin/view/public/header.html
+++ b/app/admin/view/public/header.html
@@ -7,7 +7,7 @@
             </a>
           </li>
           <li class="layui-nav-item layui-hide-xs" lay-unselect>
-            <a href="{$Request.scheme}://www.{$Request.rootDomain}" target="_blank" title="前台">
+            <a href="{$domain}" target="_blank" title="前台">
               <i class="layui-icon layui-icon-website"></i>
             </a>
           </li>
diff --git a/app/common/controller/AdminController.php b/app/common/controller/AdminController.php
index 7c0ffca..ddb8acf 100644
--- a/app/common/controller/AdminController.php
+++ b/app/common/controller/AdminController.php
@@ -67,6 +67,8 @@ abstract class AdminController
 		//权限auth检查
 		//$this->checkAuth();
 		$this->getMenu();
+		//系统配置
+		$this->getIndexUrl();
 	}
 
     /**
@@ -159,32 +161,6 @@ abstract class AdminController
         //return View::assign('menus', $menus);
     }
 	
-	/**创建目录
-	* This function creates recursive directories if it doesn't already exist
-	*
-	* @param String  The path that should be created
-	* 
-	* @return  void
-	*/
-	protected function create_dir($path)
-	{
-	  if (!is_dir($path))
-	  {
-		$directory_path = "";
-		$directories = explode("/",$path);
-		array_pop($directories);
-	   
-		foreach($directories as $directory)
-		{
-		  $directory_path .= $directory."/";
-		  if (!is_dir($directory_path))
-		  {
-			mkdir($directory_path);
-			chmod($directory_path, 0777);
-		  }
-		}
-	  }
-	}
 	//清除缓存Cache
 	public function clearData(){
         $dir = app()->getRootPath().'runtime/admin/temp';
@@ -196,5 +172,32 @@ abstract class AdminController
             return json(['code'=>0,'msg'=>'清除成功']);
         }
     }
+	
+	//显示网站设置
+    protected function getSystem()
+    {
+        //1.系统配置信息
+		return Db::name('system')->cache('system',3600)->find(1);
+       
+    }
+	
+	//域名协议转换 把数据库中的带HTTP或不带协议的域名转换为当前协议的域名前缀
+	protected function getHttpUrl($url)
+	{
+		//域名转换为无http协议
+        $www = stripos($url,'://') ? substr(stristr($url,'://'),3) : $url;
+		$htpw = Request::scheme().'://'. $www;
+		return  $htpw;
+	}
+	
+	//得到当前系统安装前台域名
+	
+	protected function getIndexUrl()
+	{
+		$sysUrl = $this->getSystem();
+		$domain = $this->getHttpUrl($sysUrl['domain']);
+		View::assign(['domain'=>$domain,'insurl'=>$sysUrl['domain']]);
+	}
+
 
 }
\ No newline at end of file
diff --git a/config/taoler.php b/config/taoler.php
index 88e5d49..d74a58a 100644
--- a/config/taoler.php
+++ b/config/taoler.php
@@ -5,6 +5,9 @@
 
 return [
     //版本配置
-    'version'	=> '1.6.7',
-	'salt'		=> 'taoler'
+    'version'	=> '1.6.10',
+	//加盐
+	'salt'		=> 'taoler',
+	//数据库备份目录
+	'databasebackdir' => app()->getRootPath() .'data/'
 ];
\ No newline at end of file
diff --git a/extend/taoler/com/Api.php b/extend/taoler/com/Api.php
index 4255766..025a688 100644
--- a/extend/taoler/com/Api.php
+++ b/extend/taoler/com/Api.php
@@ -14,9 +14,10 @@ class Api
 		curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
 		curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 20);
 		curl_setopt($ch,CURLOPT_POST, 1);
-		curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
+		curl_setopt($ch, CURLOPT_HEADER, 0);           // 显示返回的Header区域内容
+		curl_setopt($ch, CURLOPT_POSTFIELDS,$data);
         curl_setopt($ch, CURLOPT_TIMEOUT, 30);         // 设置超时限制 防止死循环
-        //curl_setopt($ch, CURLOPT_HEADER, 0);           // 显示返回的Header区域内容
+        
         //curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);   // 获取的信息以文件流的形式返回
 		$res = curl_exec($ch);
 		$httpCode = curl_getinfo($ch,CURLINFO_HTTP_CODE);
diff --git a/public/static/admin/modules/console.js b/public/static/admin/modules/console.js
index f5a1280..0be40fb 100644
--- a/public/static/admin/modules/console.js
+++ b/public/static/admin/modules/console.js
@@ -188,7 +188,7 @@ layui.define(function(exports){
     var $ = layui.$
     ,table = layui.table;
     
-	//动态
+	//动态news
     table.render({
       elem: '#LAY-index-topnews'
       ,url: indexNews //接口
diff --git a/view/taoler/index/public/footer.html b/view/taoler/index/public/footer.html
index e89e1c4..191e02e 100644
--- a/view/taoler/index/public/footer.html
+++ b/view/taoler/index/public/footer.html
@@ -1,5 +1,5 @@
 <div class="fly-footer html5plus-hide">
-  <p> Copyright &copy; {:date('Y')}{$sysInfo.copyright|raw}</p>
+  <p> Copyright &copy; {:date('Y')}{$sysInfo.copyright|raw}v{:config('taoler.version')}</p>
   <p>
     <a href="#" target="_blank">站务反馈</a>
     <a href="#" target="_blank">获取本站源码</a>