peihaoyu/TaoLer
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

优化后台秘密修改,前台文章评论状态判断

Browse Source
This commit is contained in:
tao 2021-12-25 13:52:30 +08:00
parent 1bb5c995cf
commit b9766d0c7b
9 changed files with 72 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -3,8 +3,8 @@
> TaoLer是一个简单迅捷的轻论坛系统适用于个人或组织区域型信息交流发布平台。 > TaoLer是一个简单迅捷的轻论坛系统适用于个人或组织区域型信息交流发布平台。
* 官网https://www.aieok.com * 官网https://www.aieok.com
* 版本TaoLer 1.8.16 * 版本TaoLer 1.8.17
* 日期2021.12.21 * 日期2021.12.25
webman版新架构已适配90% webman版新架构已适配90%

BIN
addons/gitee - 快捷方式.lnk Normal file
View File

Binary file not shown.

38
app/admin/controller/Admin.php
View File

@ -176,34 +176,18 @@ class Admin extends AdminController
return View::fetch('set/user/repass'); return View::fetch('set/user/repass');
} }
//密码重设 //修改密码
public function repassSet() public function repassSet()
{ {
$admin = AdminModel::find(Session::get('admin_id')); if(Request::isAjax()){
if(Request::isAjax()){ $data = Request::only(['oldPassword','password','repassword']);
$data = Request::param(); $data['admin_id'] = $this->aid;
$salt = substr(md5(strtotime($admin['create_time'])),-6);
$pwd = substr_replace(md5($data['oldPassword']),$salt,0,6); $admin = new AdminModel;
$data['oldPassword'] = md5($pwd); $res = $admin->setpass($data);
if($admin['password'] != $data['oldPassword']){ return $res;
return json(['code'=>-1,'msg'=>'当前密码错误']);
} elseif($data['password'] != $data['repassword']){
return json(['code'=>-1,'msg'=>'两次密码不一致']);
} else {
$password = md5(substr_replace(md5($data['password']),$salt,0,6));
$result = $admin->update([
'id' => $admin['id'],
'password' => $password
]);
if($result){
$res = ['code'=>0,'msg'=>'更新成功'];
} else {
$res = ['code'=>-1,'msg'=>'更新失败'];
}
return json($res);
}
} }
} }
//清除缓存Cache //清除缓存Cache
public function clearCache(){ public function clearCache(){

54
app/admin/model/Admin.php
View File

@ -16,6 +16,12 @@ class Admin extends Model
use SoftDelete; use SoftDelete;
protected $deleteTime = 'delete_time'; protected $deleteTime = 'delete_time';
protected $defaultSoftDelete = 0; protected $defaultSoftDelete = 0;
protected $createTime = 'false';
//自动对password进行md5加密
protected function setPasswordAttr($value){
return md5($value);
}
//管理员关联角色 //管理员关联角色
/* /*
@ -45,17 +51,19 @@ class Admin extends Model
public function login($data) public function login($data)
{ {
//查询用户 //查询用户
$admin = Db::name('admin')->where('username',$data['username'])->where('delete_time',0)->find(); $admin = $this->where('username',$data['username'])->where('delete_time',0)->find();
if(is_null($admin)){ if(is_null($admin)){
return '用户名或密码错误'; return json(['code'=>-1,'msg'=>'用户名或密码错误']);
} }
if($admin['status'] !=1){ if($admin['status'] !=1){
return '用户被禁用或未审核,请联系管理员'; return json(['code' => -1,'msg'=> '用户被禁用或未审核,请联系管理员']);
} }
//对输入的密码字段进行MD5加密再进行数据库的查询 //对输入的密码字段进行MD5加密再进行数据库的查询
$salt = substr(md5($admin['create_time']),-6); $salt = substr(md5($admin['create_time']),-6);
$pwd = substr_replace(md5($data['password']),$salt,0,6); $pwd = substr_replace(md5($data['password']),$salt,0,6);
$data['password'] = md5($pwd); $data['password'] = md5($pwd);
if($admin['password'] == $data['password']){ if($admin['password'] == $data['password']){
//将用户数据写入Session //将用户数据写入Session
@ -77,9 +85,45 @@ class Admin extends Model
); );
//用户名密码正确返回1 //用户名密码正确返回1
return 1; $res = ['code'=>0,'msg'=>'登陆成功', 'url'=>(string) url('index/index')];
} else { } else {
return "用户名或密码错误!"; $res = ['code'=>-1,'msg'=>'用户名或密码错误','url'=>(string) url('admin/login')];
} }
return json($res);
} }
//修改密码
public function setpass($data)
{
$admin = $this->find($data['admin_id']);
$salt = substr(md5($admin['create_time']),-6);
$oldPassword = $this->pass($salt,$data['oldPassword']);
if($oldPassword != $admin['password']){
return json(['code'=>-1,'msg'=>'当前密码错误']);
}
if($data['password'] != $data['repassword']){
return json(['code'=>-1,'msg'=>'两次密码不一致']);
}
$data['password'] = substr_replace(md5($data['password']),$salt,0,6);
$admin->password = $data['password'];
$result = $admin->save();
if($result){
$res = ['code'=>0,'msg'=>'修改密码成功'];
} else {
$res = ['code'=>-1,'msg'=>'修改密码失败'];
}
return json($res);
}
//加密规则 加密字符串,原始秘密
protected function pass($salt, $pass)
{
$pwd = substr_replace(md5($pass),$salt,0,6);
return md5($pwd);
}
} }

1
app/common/model/User.php
View File

@ -155,6 +155,7 @@ class User extends Model
$user = $this->find($data['user_id']); $user = $this->find($data['user_id']);
$salt = substr(md5($user['create_time']),-6); $salt = substr(md5($user['create_time']),-6);
$pwd = substr_replace(md5($data['nowpass']),$salt,0,6); $pwd = substr_replace(md5($data['nowpass']),$salt,0,6);
//原注册密码加密规则
$data['nowpass'] = md5($pwd); $data['nowpass'] = md5($pwd);
$result = $data['nowpass'] == $user['password']; $result = $data['nowpass'] == $user['password'];
if(!$result){ if(!$result){

10
app/index/controller/Article.php
View File

@ -84,12 +84,12 @@ class Article extends BaseController
$page = input('page') ? input('page') : 1; $page = input('page') ? input('page') : 1;
$article = new ArticleModel(); $article = new ArticleModel();
$artDetail = $article->getArtDetail($id); $artDetail = $article->getArtDetail($id);
$arId = $artDetail->cate->id; if(is_null($artDetail)){
$tpl = Db::name('cate')->where('id',$arId)->value('detpl');
if(!$artDetail){
// 抛出 HTTP 异常 // 抛出 HTTP 异常
throw new \think\exception\HttpException(404, '异常消息'); throw new \think\exception\HttpException(404, '异常消息');
} }
$arId = $artDetail->cate->id;
$tpl = Db::name('cate')->where('id',$arId)->value('detpl');
$comments = $artDetail->comments()->where('status',1)->order(['cai'=>'asc','create_time'=>'asc'])->paginate(['list_rows'=>10, 'page'=>$page]); $comments = $artDetail->comments()->where('status',1)->order(['cai'=>'asc','create_time'=>'asc'])->paginate(['list_rows'=>10, 'page'=>$page]);
//$comment = new \app\common\model\Comment(); //$comment = new \app\common\model\Comment();
//$comments = $comment->getComment($id); //$comments = $comment->getComment($id);
@ -119,6 +119,10 @@ class Article extends BaseController
//获取评论 //获取评论
$data = Request::only(['content','article_id','user_id']); $data = Request::only(['content','article_id','user_id']);
$sendId = $data['user_id']; $sendId = $data['user_id'];
$art = Db::name('article')->field('id,status,is_reply,delete_time')->find($data['article_id']);
if($art['delete_time'] != 0 || $art['status'] != 1 || $art['is_reply'] != 1){
return json(['code'=>-1, 'msg'=>'评论不可用状态']);
}
if(empty($data['content'])){ if(empty($data['content'])){
return json(['code'=>0, 'msg'=>'评论不能为空!']); return json(['code'=>0, 'msg'=>'评论不能为空!']);
} }

2
config/taoler.php
View File

@ -7,7 +7,7 @@ return [
//应用名,此项不可更改 //应用名,此项不可更改
'appname' => 'TaoLer', 'appname' => 'TaoLer',
//版本配置 //版本配置
'version' => '1.8.15', 'version' => '1.8.17',
//加盐 //加盐
'salt' => 'taoler', 'salt' => 'taoler',
//数据库备份目录 //数据库备份目录

2
view/taoler/index/public/.gitignore vendored
View File

@ -1 +1 @@
user-nav.html !.gitignore

6
view/taoler/index/public/user-nav.html
View File

@ -23,12 +23,6 @@
{:lang('my message')} {:lang('my message')}
</a> </a>
</li> </li>
<li class="layui-nav-item {if($Request.action=='key')}layui-this{/if}">
<a href="{:url('Api/key')}">
<i class="layui-icon layui-icon-vercode"></i>
{:lang('my auth')}
</a>
</li>
<li class="layui-nav-item"> <li class="layui-nav-item">
<a href="{:url('user/home',['id'=>session('user_id')])}"> <a href="{:url('user/home',['id'=>session('user_id')])}">
<i class="layui-icon layui-icon-home"></i> <i class="layui-icon layui-icon-home"></i>