Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update #22

Merged
merged 15 commits into from
Apr 23, 2019
Merged

update #22

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
d8c632e
减少不必要的ajax请求
laurieryayoi Apr 17, 2019
19d3b84
fix bug
laurieryayoi Apr 17, 2019
7432fc3
添加二步验证
laurieryayoi Apr 19, 2019
e54fab2
minor fix
Anankke Apr 19, 2019
a2c155e
彻底修复小可爱“漏洞”
Anankke Apr 19, 2019
42a3dac
fix static hash
Anankke Apr 19, 2019
79de3aa
Fool proof fix: using latast reset link
Anankke Apr 19, 2019
3b349c7
fix bcrypt and add argon2id
Anankke Apr 20, 2019
a07a32b
删除土豆丝下载链接
laurieryayoi Apr 20, 2019
292fe88
fix switch user
Anankke Apr 21, 2019
43e1900
lint
Anankke Apr 21, 2019
9a4e22d
feat: add database query count to console
5aaee9 Apr 22, 2019
d20d177
fix: fix error service namespace
5aaee9 Apr 22, 2019
163a810
fix: fix error
5aaee9 Apr 22, 2019
92f8c08
fix: fix optTime and connection manager
5aaee9 Apr 22, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 18 additions & 18 deletions app/Controllers/Admin/UserController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -359,41 +359,41 @@ public function delete($request, $response, $args)
$rs['msg'] = "删除成功";
return $response->getBody()->write(json_encode($rs));
}

public function changetouser($request, $response, $args)
{
$userid = $request->getParam('userid');
$adminid = $request->getParam('adminid');
$user = User::find($userid);
$admin = User::find($adminid);
$expire_in = time()+60*60;
$expire_in = time() + 60 * 60;

if (!$admin->is_admin || !$user || !Auth::getUser()->isLogin) {
$rs['ret'] = 0;
$rs['msg'] = "非法请求";
return $response->getBody()->write(json_encode($rs));
}

Utils\Cookie::set([
"uid" => $user->id,
"email" => $user->email,
"key" => Hash::cookieHash($user->pass),
"ip" => md5($_SERVER["REMOTE_ADDR"].Config::get('key').$user.$expire_in),
"expire_in" => $expire_in,
"key" => Hash::cookieHash($user->pass, $expire_in),
"ip" => md5($_SERVER["REMOTE_ADDR"] . Config::get('key') . $user->id . $expire_in),
"expire_in" => $expire_in,
"old_uid" => Utils\Cookie::get('uid'),
"old_email" => Utils\Cookie::get('email'),
"old_key" => Utils\Cookie::get('key'),
"old_ip" => Utils\Cookie::get('ip'),
"old_expire_in" => Utils\Cookie::get('expire_in'),
"old_local" => $request->getParam('local')
], $expire_in);
"old_local" => $request->getParam('local')
], $expire_in);
$rs['ret'] = 1;
$rs['msg'] = "切换成功";
return $response->getBody()->write(json_encode($rs));
}

public function ajax($request, $response, $args)
{
{
//得到排序的方式
$order = $request->getParam('order')[0]['dir'];
//得到排序字段的下标
Expand All @@ -413,7 +413,7 @@ public function ajax($request, $response, $args)
elseif($order_field=='today_traffic'){
$order_field='u +d - last_day_t';
}

$users=array();
$count_filtered=0;

Expand Down Expand Up @@ -443,7 +443,7 @@ function ($query) use ($search) {
->orwhere('protocol','LIKE',"%$search%")
->orwhere('protocol_param','LIKE',"%$search%")
->orwhere('obfs','LIKE',"%$search%")
->orwhere('obfs_param','LIKE',"%$search%");
->orwhere('obfs_param','LIKE',"%$search%");
}
)
->orderByRaw($order_field.' '.$order)
Expand Down Expand Up @@ -474,7 +474,7 @@ function ($query)use($search) {
->orwhere('protocol','LIKE',"%$search%")
->orwhere('protocol_param','LIKE',"%$search%")
->orwhere('obfs','LIKE',"%$search%")
->orwhere('obfs_param','LIKE',"%$search%");
->orwhere('obfs_param','LIKE',"%$search%");
}
)->count();
}
Expand All @@ -484,7 +484,7 @@ function ($query)use($search) {
->get();
$count_filtered = User::count();
}

$data=array();
foreach ($users as $user) {
$tempdata=array();
Expand All @@ -497,7 +497,7 @@ function ($query)use($search) {
$tempdata['remark']=$user->remark;
$tempdata['email']=$user->email;
$tempdata['money']=$user->money;
$tempdata['im_value']=$user->im_value;
$tempdata['im_value']=$user->im_value;
switch($user->im_type) {
case 1:
$tempdata['im_type'] = '微信';
Expand Down Expand Up @@ -531,7 +531,7 @@ function ($query)use($search) {
$tempdata['reg_date']=$user->reg_date;
$tempdata['reg_ip']=$user->reg_ip;
$tempdata['auto_reset_day']=$user->auto_reset_day;
$tempdata['auto_reset_bandwidth']=$user->auto_reset_bandwidth;
$tempdata['auto_reset_bandwidth']=$user->auto_reset_bandwidth;
$tempdata['ref_by']= $user->ref_by;
if ($user->ref_by == 0) {
$tempdata['ref_by_user_name'] = "系统邀请";
Expand All @@ -545,11 +545,11 @@ function ($query)use($search) {
$tempdata['ref_by_user_name'] = $ref_user->user_name;
}
}

$tempdata['top_up']=$user->get_top_up();

array_push($data,$tempdata);
}
}
$info = [
'draw'=> $request->getParam('draw'), // ajax请求次数,作为标识符
'recordsTotal'=>User::count(),
Expand Down
9 changes: 4 additions & 5 deletions app/Controllers/PasswordController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@
* @package App\Controllers
* 密码重置
*/

class PasswordController extends BaseController
{
public function reset()
Expand All @@ -22,7 +21,7 @@ public function reset()

public function handleReset($request, $response, $args)
{
$email = $request->getParam('email');
$email = $request->getParam('email');
// check limit

// send email
Expand Down Expand Up @@ -50,8 +49,8 @@ public function token($request, $response, $args)
public function handleToken($request, $response, $args)
{
$tokenStr = $args['token'];
$password = $request->getParam('password');
$repasswd = $request->getParam('repasswd');
$password = $request->getParam('password');
$repasswd = $request->getParam('repasswd');

if ($password != $repasswd) {
$res['ret'] = 0;
Expand All @@ -66,7 +65,7 @@ public function handleToken($request, $response, $args)
}

// check token
$token = PasswordReset::where('token', $tokenStr)->first();
$token = PasswordReset::where('token', $tokenStr)->orderBy('id', 'desc')->first();
if ($token == null || $token->expire_time < time()) {
$rs['ret'] = 0;
$rs['msg'] = '链接已经失效,请重新获取';
Expand Down
Loading