From d1c501ef7526807d8180e86a261b53c13aa24efa Mon Sep 17 00:00:00 2001 From: xiaoz Date: Thu, 1 Sep 2022 10:13:03 +0800 Subject: [PATCH] add file --- class/Api.php | 201 ++++++++++++++++++++++++-- controller/admin.php | 28 ++-- controller/api.php | 28 ++++ controller/init.php | 6 + controller/login.php | 3 + data/update.log | 14 +- functions/helper.php | 16 +- templates/admin/403.php | 4 +- templates/admin/imp_link.php | 7 +- templates/admin/left.php | 1 + templates/admin/login.php | 4 +- templates/admin/setting/backup.php | 132 +++++++++++++++++ templates/admin/setting/site.php | 13 ++ templates/admin/setting/subscribe.php | 19 ++- templates/admin/setting/theme.php | 34 ++++- templates/admin/static/embed.js | 4 +- templates/admin/static/style.css | 28 ++++ templates/default/index.php | 14 +- version.txt | 2 +- 19 files changed, 514 insertions(+), 44 deletions(-) create mode 100644 templates/admin/setting/backup.php diff --git a/class/Api.php b/class/Api.php index 49e3fc1..de29125 100755 --- a/class/Api.php +++ b/class/Api.php @@ -1603,6 +1603,22 @@ class Api { return FALSE; } } + /** + * name:验证订阅,订阅不存在,则阻止 + */ + public function check_is_subscribe(){ + $result = $this->is_subscribe(); + + if( $result === FALSE ) { + $this->return_json(-2000,'','该功能需要订阅后才能使用!'); + } + else if( $result === TRUE ) { + return TRUE; + } + else{ + $this->return_json(-2000,'','该功能需要订阅后才能使用!'); + } + } /** * 无脑下载更新程序 */ @@ -1715,21 +1731,178 @@ class Api { //curl get请求 protected function curl_get($url,$timeout = 10) { - $curl = curl_init($url); - #设置useragent - curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36"); - curl_setopt($curl, CURLOPT_FAILONERROR, true); - curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); - curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - #设置超时时间,最小为1s(可选) - curl_setopt($curl , CURLOPT_TIMEOUT, $timeout); + $curl = curl_init($url); + #设置useragent + curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36"); + curl_setopt($curl, CURLOPT_FAILONERROR, true); + curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); + curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); + curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); + curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); + #设置超时时间,最小为1s(可选) + curl_setopt($curl , CURLOPT_TIMEOUT, $timeout); - $html = curl_exec($curl); - curl_close($curl); - return $html; -} + $html = curl_exec($curl); + curl_close($curl); + return $html; + } + + /** + * name:数据库备份接口 + */ + public function backup_db(){ + //验证请求 + $this->auth($token); + + //验证订阅 + $this->check_is_subscribe(); + + $backup_dir = 'data/backup/'; + + //判断目录是否存在,不存在则创建 + if( !is_dir($backup_dir) ) { + try { + mkdir($backup_dir,0755); + } catch (\Throwable $th) { + $this->return_json(-2000,'','备份目录创建失败,请检查目录权限!'); + } + } + //尝试拷贝数据库进行备份 + try { + //获取当前版本信息 + $current_version = explode("-",file_get_contents("version.txt")); + $current_version = str_replace("v","",$current_version[0]); + $db_name = 'onenav_'.date("YmdHi",time()).'_'.$current_version.'.db3'; + $backup_db_path = $backup_dir.$db_name; + copy('data/onenav.db3',$backup_db_path); + $this->return_json(200,$db_name,'success'); + } catch (\Throwable $th) { + $this->return_json(-2000,'','备份目录创建失败,请检查目录权限!'); + } + + } + /** + * name:数据库备份列表 + */ + public function backup_db_list() { + //验证请求 + $this->auth($token); + //验证订阅 + $this->check_is_subscribe(); + + //备份目录 + $backup_dir = 'data/backup/'; + + //遍历备份列表 + $dbs = scandir($backup_dir); + //去除.和.. + for ($i=0; $i < count($dbs); $i++) { + if( ($dbs[$i] == '.') || ($dbs[$i] == '..') ) { + unset($dbs[$i]); + } + } + + //获取备份列表个数 + $num = count($dbs); + + //排序处理,按时间从大到小排序 + rsort($dbs,1); + + //如果大于10个,则删减为10个 + if( $num > 10 ) { + for ($i=$num; $i > 10; $i--) { + //物理删除数据库 + unlink($backup_dir.$dbs[$i]); + //删除数组最后一个元素 + array_pop($dbs); + } + $count = 10; + } + else{ + $count = $num; + } + + //var_dump($dbs); + + //声明一个空数组 + $data = []; + //遍历数据库,获取时间,大小 + foreach ($dbs as $key => $value) { + $arr['id'] = $key; + $arr['name'] = $value; + $arr['mtime'] = date("Y-m-d H:i:s",filemtime($backup_dir.$value)); + $arr['size'] = (filesize($backup_dir.$value) / 1024).'KB'; + + $data[$key] = $arr; + } + + $datas = [ + 'code' => 0, + 'msg' => '', + 'count' => $count, + 'data' => $data + ]; + exit(json_encode($datas)); + } + /** + * name:删除单个数据库备份 + * @param $name:数据库名称 + */ + public function del_backup_db($name) { + //验证请求 + $this->auth($token); + + //验证订阅 + $this->check_is_subscribe(); + + //使用正则表达式判断数据库名称是否合法 + $pattern = '/^onenav_[0-9\-]+_[0-9.]+(db3)$/'; + + if( !preg_match_all($pattern,$name) ) { + $this->return_json(-2000,'','数据库名称不合法!'); + } + + //数据库目录 + $backup_dir = 'data/backup/'; + + //删除数据库 + try { + unlink($backup_dir.$name); + $this->return_json(200,'',"备份数据库已被删除!"); + } catch (\Throwable $th) { + $this->return_json(-2000,'',"删除失败,请检查目录权限!"); + } + } + + /** + * name:恢复数据库备份 + * @param $name:备份数据库名称 + */ + public function restore_db($name) { + //验证请求 + $this->auth($token); + + //验证订阅 + $this->check_is_subscribe(); + + //使用正则表达式判断数据库名称是否合法 + $pattern = '/^onenav_[0-9\-]+_[0-9.]+(db3)$/'; + + if( !preg_match_all($pattern,$name) ) { + $this->return_json(-2000,'','数据库名称不合法!'); + } + + //数据库目录 + $backup_dir = 'data/backup/'; + + //恢复数据库 + try { + copy($backup_dir.$name,'data/onenav.db3'); + $this->return_json(200,'','数据库已回滚为'.$name); + } catch (\Throwable $th) { + $this->return_json(-2000,'',"回滚失败,请检查目录权限!"); + } + } } diff --git a/controller/admin.php b/controller/admin.php index 0bc4740..1bd1ad7 100755 --- a/controller/admin.php +++ b/controller/admin.php @@ -9,18 +9,18 @@ require('functions/helper.php'); check_auth($site_setting['user'],$site_setting['password']); //获取版本号 -function get_version(){ - if( file_exists('version.txt') ) { - $version = @file_get_contents('version.txt'); - return $version; - } - else{ - $version = 'null'; - return $version; - } -} +// function get_version(){ +// if( file_exists('version.txt') ) { +// $version = @file_get_contents('version.txt'); +// return $version; +// } +// else{ +// $version = 'null'; +// return $version; +// } +// } //获取版本号 -$version = get_version(); +$version = new_get_version(); $page = empty($_GET['page']) ? 'index' : $_GET['page']; //如果页面是修改edit_category @@ -86,6 +86,12 @@ if( $page == 'setting/api' ) { //查询SecretKey $SecretKey = $db->get('on_options','*',[ 'key' => 'SecretKey' ])['value']; +} + +//备份页面 +if( $page == 'setting/backup' ) { + + } //如果页面是修改link diff --git a/controller/api.php b/controller/api.php index 439c64a..54abbf8 100755 --- a/controller/api.php +++ b/controller/api.php @@ -301,6 +301,8 @@ function set_site($api) { $data['custom_header'] = $_POST['custom_header']; //获取自定义footer $data['custom_footer'] = $_POST['custom_footer']; + //获取链接模式 + $data['link_model'] = $_POST['link_model']; //序列化存储 $value = serialize($data); @@ -529,4 +531,30 @@ function down_theme() { $data['type'] = trim( $_REQUEST['type'] ); $api->down_theme($data); +} + +//备份数据库 +function backup_db() { + global $api; + $api->backup_db(); +} + +//数据库备份列表 +function backup_db_list() { + global $api; + $api->backup_db_list(); +} + +//删除单个数据库备份 +function del_backup_db() { + global $api; + $name = @$_REQUEST['name']; + $api->del_backup_db($name); +} + +//回滚数据库 +function restore_db() { + global $api; + $name = @$_REQUEST['name']; + $api->restore_db($name); } \ No newline at end of file diff --git a/controller/init.php b/controller/init.php index 73a9cbf..074f227 100644 --- a/controller/init.php +++ b/controller/init.php @@ -12,6 +12,7 @@ function check_env() { $ext = get_loaded_extensions(); //检查PHP版本,需要大于5.6小于8.0 $php_version = floatval(PHP_VERSION); + $uri = $_SERVER["REQUEST_URI"]; if( ( $php_version < 5.6 ) || ( $php_version > 8 ) ) { exit("当前PHP版本{$php_version}不满足要求,需要5.6 <= PHP <= 7.4"); @@ -25,6 +26,11 @@ function check_env() { if( file_exists("data/config.php") ) { exit("配置文件已存在,无需再次初始化!"); } + //检查是否是二级目录 + $pattern = '/\/[a-z0-9]+$/'; + if( preg_match_all($pattern,$uri) ) { + exit("暂不支持二级目录安装!"); + } return TRUE; } diff --git a/controller/login.php b/controller/login.php index b7b64f7..2d2d6ce 100755 --- a/controller/login.php +++ b/controller/login.php @@ -14,6 +14,9 @@ $key = md5($username.$password.'onenav'.$_SERVER['HTTP_USER_AGENT']); //获取cookie $cookie = $_COOKIE['key']; +//获取版本号 +$version = new_get_version(); + //如果已经登录,直接跳转 if( is_login() ){ header('location:index.php?c=admin'); diff --git a/data/update.log b/data/update.log index a7b6970..d5b0ca1 100755 --- a/data/update.log +++ b/data/update.log @@ -144,4 +144,16 @@ CREATE INDEX on_options_key_IDX ON on_options ("key"); 1. 使用新的登录页面 20220609 -1. 其它优化和BUG修复 \ No newline at end of file +1. 其它优化和BUG修复 + +20220610 +1. 登录页面的.css/.js 加上版本号 +2. 403页面静态资源本地化 + +20220830 +1. 去掉默认主题的About链接 +2. 二级目录安装检测提示(需要测试) +3. 默认主题支持直链模式,其它主题陆续支持 +4. 程序更新完毕后自动跳转到后台首页更新数据库(需要测试) +5. 主题更新检测 +6. 新增数据库备份功能 \ No newline at end of file diff --git a/functions/helper.php b/functions/helper.php index 186e026..b4f41c3 100755 --- a/functions/helper.php +++ b/functions/helper.php @@ -63,4 +63,18 @@ function curl_get($url,$timeout = 10) { $html = curl_exec($curl); curl_close($curl); return $html; -} \ No newline at end of file +} + +//获取版本号,新写的 +function new_get_version(){ + if( file_exists('version.txt') ) { + $version = @file_get_contents('version.txt'); + $version = explode("-",$version)[0]; + $version = str_replace("v","",$version); + return $version; + } + else{ + $version = 'null'; + return $version; + } +} diff --git a/templates/admin/403.php b/templates/admin/403.php index e9b46b4..4c579a8 100755 --- a/templates/admin/403.php +++ b/templates/admin/403.php @@ -7,7 +7,7 @@ - +
@@ -20,7 +20,7 @@
-
Powered by xiaoz
+
Powered by OneNav
diff --git a/templates/admin/imp_link.php b/templates/admin/imp_link.php index fa1265b..e4c6e4f 100755 --- a/templates/admin/imp_link.php +++ b/templates/admin/imp_link.php @@ -5,7 +5,12 @@
-
仅支持 .html 格式导入,导入时会自动创建不存在的分类,使用前请参考帮助文档
+
+
    +
  1. 仅支持 .html 格式导入,导入时会自动创建不存在的分类,使用前请参考帮助文档
    2. +
  2. 导入前,建议先备份数据库
    3. +
+
diff --git a/templates/admin/left.php b/templates/admin/left.php index 3386ced..0a65ec5 100755 --- a/templates/admin/left.php +++ b/templates/admin/left.php @@ -31,6 +31,7 @@
站点设置
主题设置
过渡页面
+
数据备份
获取API
diff --git a/templates/admin/login.php b/templates/admin/login.php index 965fa44..626d3a7 100644 --- a/templates/admin/login.php +++ b/templates/admin/login.php @@ -5,7 +5,7 @@ - + OneNav管理员登录 @@ -98,5 +98,5 @@ - + \ No newline at end of file diff --git a/templates/admin/setting/backup.php b/templates/admin/setting/backup.php new file mode 100644 index 0000000..c894216 --- /dev/null +++ b/templates/admin/setting/backup.php @@ -0,0 +1,132 @@ + + + + +
+ +
+ +
+
+
    +
  1. 订阅用户可以对数据库进行本地备份和回滚
    2. +
  2. 备份数据库仅保存最近10份数据
    3. +
  3. 该功能仅辅助备份使用,无法确保100%数据安全,因此定期对整个站点打包备份仍然是必要的
    4. +
+
+
+ +
+ +
+ + + + + + + +
+
+
+ + + + + \ No newline at end of file diff --git a/templates/admin/setting/site.php b/templates/admin/setting/site.php index 6e0f8ff..ec254c1 100644 --- a/templates/admin/setting/site.php +++ b/templates/admin/setting/site.php @@ -44,6 +44,19 @@
+
+ +
+ + + + + + + +
+
+
diff --git a/templates/admin/setting/subscribe.php b/templates/admin/setting/subscribe.php index c90dc95..08875dd 100644 --- a/templates/admin/setting/subscribe.php +++ b/templates/admin/setting/subscribe.php @@ -15,6 +15,7 @@
  • 3. 可享受一对一售后服务(仅限高级版和商业版)
  • 4. 可帮助OneNav持续发展,让OneNav变得更加美好
  • 5. 更多高级功能(自定义版权、广告管理等)
    • +
  • 6. 数据库备份
    • @@ -176,11 +177,25 @@ //校验新版本 $.get("/index.php?c=api&method=check_version",{version:new_version},function(data,status){ if(data.code == 200) { - update_status("100%","更新完成,请前往后台检查更新数据库!"); - $("#update_log").append("更新完成,请前往后台检查更新数据库
    "); + update_status("100%","更新完成,5s后自动跳转到后台首页检查数据库更新!"); + $("#update_log").append("更新完成,5s后自动跳转到后台首页检查数据库更新!
    "); //$("#btn_update").show(); //$("#btn_updating").hide(); $("#btn_updating").show(); + //备份数据库 + $.get("/index.php?c=api&method=backup_db",function(data,status){ + if( data.code == 200 ) { + console.log('数据库备份成功!'); + //3s后跳转到后台首页,方便更新数据库 + setTimeout(() => { + window.location = "/index.php?c=admin"; + }, 5000); + } + else{ + layer.msg('数据库备份失败,请检查目录权限',{icon:5}); + } + }); + } else { update_error(data.msg); diff --git a/templates/admin/setting/theme.php b/templates/admin/setting/theme.php index 0fdf775..4253c7c 100644 --- a/templates/admin/setting/theme.php +++ b/templates/admin/setting/theme.php @@ -22,7 +22,10 @@
    - - version ?> + + - version ?> + +

    @@ -198,6 +201,35 @@ function update_theme(name,version){ } +//遍历所有主题,检查是否有更新 +function check_update(){ + //请求远程主题列表 + $.get("https://onenav.xiaoz.top/v1/theme_list.php",function(data,status){ + let result = data.data; + //console.log(result.5iux); + for (const obj in result) { + //获取主题名称 + let value = $("#" + obj).text(); + //如果获取到的数据为空 + if( value == '' ) { + continue; + } + //console.log(obj); + //获取最新版本 + let latest_version = result[obj].version; + //获取当前版本 + let current_version = value.split(' - ')[1]; + //如果存在最新版本 + if( latest_version > current_version ) { + console.log("#" + obj + ".renewable"); + $("#" + obj + " .renewable").append(`(可更新至${latest_version})`); + } + } + }); +} +check_update(); + + layer.photos({ photos: '#layer-photos' ,anim: 5 //0-6的选择,指定弹出图片动画类型,默认随机(请注意,3.0之前的版本用shift参数) diff --git a/templates/admin/static/embed.js b/templates/admin/static/embed.js index 3c977f0..abcb4e5 100755 --- a/templates/admin/static/embed.js +++ b/templates/admin/static/embed.js @@ -294,7 +294,7 @@ layui.use(['element','table','layer','form','upload','iconHhysFa'], function(){ //初始化设置onenav密码 form.on('submit(init_onenav)', function(data){ - console.log(data.field.username); + //console.log(data.field.username); let username = data.field.username; let password = data.field.password; @@ -302,7 +302,7 @@ layui.use(['element','table','layer','form','upload','iconHhysFa'], function(){ //正则验证用户名、密码 var u_patt = /^[0-9a-z]{3,32}$/; if ( !u_patt.test(username) ) { - layer.msg("用户名需要3-32位的字母或数字组合!", {icon: 5}); + layer.msg("用户名需要3-32位的小写字母或数字组合!", {icon: 5}); return false; } //正则验证密码 diff --git a/templates/admin/static/style.css b/templates/admin/static/style.css index e5cb755..fbccb48 100755 --- a/templates/admin/static/style.css +++ b/templates/admin/static/style.css @@ -100,6 +100,34 @@ -ms-box-sizing: border-box; /*IE8*/ box-sizing: border-box; } + +.page-msg{ + width:100%; + color: #FF5722; + border-left: 3px solid #FF5722; + background-color: #F0F0F0; + padding:0.8em; + border-radius: 1px; + margin-bottom:2em; + -moz-box-sizing: border-box; /*Firefox3.5+*/ + -webkit-box-sizing: border-box; /*Safari3.2+*/ + -o-box-sizing: border-box; /*Opera9.6*/ + -ms-box-sizing: border-box; /*IE8*/ + box-sizing: border-box; +} + +.page-msg a{ + color:#01AAED; +} + +.page-msg ol li{ + list-style-type:decimal; +} + +.page-msg ol{ + margin-left: 1.5em; +} + .setting-msg a{ color:#01AAED; } diff --git a/templates/default/index.php b/templates/default/index.php index 5af60d7..c7bd228 100755 --- a/templates/default/index.php +++ b/templates/default/index.php @@ -136,11 +136,6 @@
    - -
  • -
    About
    -
    • -     - +