From 494ee8c0978e63888d7035213d116c05088bdf24 Mon Sep 17 00:00:00 2001
From: xiaoz <xiaoz93@outlook.com>
Date: Wed, 7 Apr 2021 14:56:11 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0403=E9=A1=B5=E9=9D=A2?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .htaccess                   |  3 ++-
 controller/click.php        | 13 ++++++++++---
 data/.htaccess              |  2 --
 templates/admin/403.php     | 28 ++++++++++++++++++++++++++++
 templates/default/index.php |  2 +-
 version.txt                 |  2 +-
 6 files changed, 42 insertions(+), 8 deletions(-)
 delete mode 100644 data/.htaccess
 create mode 100644 templates/admin/403.php

diff --git a/.htaccess b/.htaccess
index 938af1c..39f777c 100644
--- a/.htaccess
+++ b/.htaccess
@@ -1,4 +1,5 @@
 RewriteEngine On
 RewriteRule '^click\/(.*)$' /index.php?c=click&id=$1 [L] 
 RewriteRule '^api\/(.*)?(.*)$' /index.php?c=api&method=$1&$2 [L] 
-RewriteRule login /index.php?c=login [NC,L]
\ No newline at end of file
+RewriteRule login /index.php?c=login [NC,L]
+RewriteRule .*.(db3|rar|gz|json)$ - [F]
\ No newline at end of file
diff --git a/controller/click.php b/controller/click.php
index ccf656b..2809e42 100644
--- a/controller/click.php
+++ b/controller/click.php
@@ -7,7 +7,9 @@ $id = intval($_GET['id']);
 
 //如果链接为空
 if(empty($id)) {
-    exit('无效ID！');
+    $msg = '<p>无效ID！</p>';
+    require('templates/admin/403.php');
+    exit();
 }
 
 //查询链接信息
@@ -17,7 +19,9 @@ $link = $db->get('on_links',['id','fid','url','property','click'],[
 
 //如果查询失败
 if( !$link ){
-    exit('无效ID！');
+    $msg = '<p>无效ID！</p>';
+    require('templates/admin/403.php');
+    exit();
 }
 
 //查询该ID的父及ID信息
@@ -61,5 +65,8 @@ elseif( is_login() ) {
 }
 //其它情况则没有权限
 else{
-    exit('无权限！');
+    $msg = '<p>很抱歉，该页面是私有的，您无权限访问此页面。</p>
+    <p>如果您是管理员，请尝试登录OneNav后台并重新访问。</p>';
+    require('templates/admin/403.php');
+    exit();
 }
\ No newline at end of file
diff --git a/data/.htaccess b/data/.htaccess
deleted file mode 100644
index baa56e5..0000000
--- a/data/.htaccess
+++ /dev/null
@@ -1,2 +0,0 @@
-order allow,deny
-deny from all
\ No newline at end of file
diff --git a/templates/admin/403.php b/templates/admin/403.php
new file mode 100644
index 0000000..e9b46b4
--- /dev/null
+++ b/templates/admin/403.php
@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<html lang="zh-cn" xmlns="http://www.w3.org/1999/xhtml">
+<head>
+	<meta charset="utf-8" />
+	<title>403 error</title>
+	<meta name="author" content="xiaoz" />
+	<meta name="keywords" content="" />
+	<meta name="description" content="" />
+	<meta name="viewport" content="width=device-width, initial-scale=1.0">
+	<link rel="stylesheet" href="https://lib.sinaapp.com/js/bootstrap/4.3.1/css/bootstrap.min.css" type="" media=""/>
+</head>
+<body>
+	<div class="container" style = "margin-top:2em;">
+		<div class="row">
+			<div class="col-sm-6 offset-sm-3">
+				<div class="xcdn-title">
+					<svg t="1587806027367" class="icon" viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="1138" width="6rem" height="6rem"><path d="M132.8 837.824c-8.533333 15.04-8.234667 15.509333 10.24 15.509333h737.92c18.453333 0 18.752-0.512 10.24-15.509333L519.722667 181.824c-8.405333-14.869333-7.04-14.869333-15.445334 0L132.8 837.802667zM593.962667 139.733333L965.461333 795.733333c41.002667 72.469333-1.258667 142.933333-84.501333 142.933334H143.04c-83.306667 0-125.461333-70.506667-84.48-142.890667l371.477333-656c41.088-72.597333 122.88-72.576 163.946667 0zM512 789.333333a42.666667 42.666667 0 1 0 0-85.333333 42.666667 42.666667 0 0 0 0 85.333333z m-42.666667-384v213.333334a42.666667 42.666667 0 1 0 85.333334 0V405.333333a42.666667 42.666667 0 1 0-85.333334 0z" p-id="1139" fill="#d81e06"></path></svg><h1>403 error</h1>
+				</div>
+				<div class="xcdn-content">
+					<?php echo $msg; ?>
+				</div>
+				<hr>
+				<div class="xcdn-footer">Powered by <a href="https://www.xiaoz.me/" title = "小z博客" rel = "nofollow" target = "_blank">xiaoz</a></div>
+			</div>
+		</div>
+	</div>
+</body>
+</html>
diff --git a/templates/default/index.php b/templates/default/index.php
index 7f01028..e93cfe3 100644
--- a/templates/default/index.php
+++ b/templates/default/index.php
@@ -66,7 +66,7 @@
 	<?php
 		if( is_login() ) {
 	?>	
-	<div class="right-button" style="position: fixed;right:10px;bottom:80px;z-index:99;">
+	<div class="right-button mdui-hidden-xs" style="position: fixed;right:10px;bottom:80px;z-index:99;">
 		<div>
 		<button title = "快速添加链接" id = "add" class="mdui-fab mdui-color-theme-accent mdui-ripple mdui-fab-mini"><i class="mdui-icon material-icons">add</i></button>
 		</div>
diff --git a/version.txt b/version.txt
index 204253b..a18e2bc 100644
--- a/version.txt
+++ b/version.txt
@@ -1 +1 @@
-v0.9.10-20210406
\ No newline at end of file
+v0.9.10-20210407
\ No newline at end of file