diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..d9ee23c --- /dev/null +++ b/.htaccess @@ -0,0 +1,8 @@ + + Options +FollowSymlinks -Multiviews + RewriteEngine On + + RewriteCond %{REQUEST_FILENAME} !-d + RewriteCond %{REQUEST_FILENAME} !-f + RewriteRule ^(.*)$ index.php?/$1 [QSA,PT,L] + diff --git a/404.html b/404.html new file mode 100644 index 0000000..6f17eaf --- /dev/null +++ b/404.html @@ -0,0 +1,7 @@ + +404 Not Found + +

404 Not Found

+
nginx
+ + \ No newline at end of file diff --git a/addons/.gitkeep b/addons/.gitkeep new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/addons/.gitkeep @@ -0,0 +1 @@ + diff --git a/addons/.htaccess b/addons/.htaccess new file mode 100644 index 0000000..3418e55 --- /dev/null +++ b/addons/.htaccess @@ -0,0 +1 @@ +deny from all \ No newline at end of file diff --git a/addons/alisms/.addonrc b/addons/alisms/.addonrc new file mode 100644 index 0000000..f17ab03 --- /dev/null +++ b/addons/alisms/.addonrc @@ -0,0 +1 @@ +{"files":[],"license":"regular","licenseto":"48387","licensekey":"Pfv3uGdOlHY9JkNs ipSrRrVAtDrrRKmg6Qwqnw==","domains":["iiixo.com"],"licensecodes":[],"validations":["8c705a04d965d13dbbabb413e876acfd"]} \ No newline at end of file diff --git a/addons/alisms/Alisms.php b/addons/alisms/Alisms.php new file mode 100644 index 0000000..4e54b20 --- /dev/null +++ b/addons/alisms/Alisms.php @@ -0,0 +1,86 @@ +mobile($params['mobile']) + ->template($config['template'][$params['event']]) + ->param(['code' => $params['code']]) + ->send(); + return $result; + } + + /** + * 短信发送通知 + * @param array $params 必须包含 mobile,event,msg + * @return boolean + */ + public function smsNotice(&$params) + { + $config = get_addon_config('alisms'); + $alisms = \addons\alisms\library\Alisms::instance(); + if (isset($params['msg'])) { + if (is_array($params['msg'])) { + $param = $params['msg']; + } else { + parse_str($params['msg'], $param); + } + } else { + $param = []; + } + $param = $param ? $param : []; + $params['template'] = isset($params['template']) ? $params['template'] : (isset($params['event']) && isset($config['template'][$params['event']]) ? $config['template'][$params['event']] : ''); + $result = $alisms->mobile($params['mobile']) + ->template($params['template']) + ->param($param) + ->send(); + return $result; + } + + /** + * 检测验证是否正确 + * @param $params + * @return boolean + */ + public function smsCheck(&$params) + { + return true; + } +} diff --git a/addons/alisms/config.php b/addons/alisms/config.php new file mode 100644 index 0000000..d9ce717 --- /dev/null +++ b/addons/alisms/config.php @@ -0,0 +1,73 @@ + 'key', + 'title' => '应用key', + 'type' => 'string', + 'content' => [], + 'value' => 'LTAI5t8WhSffm9KteMHriC8k', + 'rule' => 'required', + 'msg' => '', + 'tip' => '', + 'ok' => '', + 'extend' => '', + ], + [ + 'name' => 'secret', + 'title' => '密钥secret', + 'type' => 'string', + 'content' => [], + 'value' => 'hSnnKORIhdxycXZpCx92wjHM6x92aZ', + 'rule' => 'required', + 'msg' => '', + 'tip' => '', + 'ok' => '', + 'extend' => '', + ], + [ + 'name' => 'sign', + 'title' => '签名', + 'type' => 'string', + 'content' => [], + 'value' => '博创', + 'rule' => 'required', + 'msg' => '', + 'tip' => '', + 'ok' => '', + 'extend' => '', + ], + [ + 'name' => 'template', + 'title' => '短信模板', + 'type' => 'array', + 'content' => [], + 'value' => [ + 'register' => 'SMS_461540415', + 'resetpwd' => 'SMS_114000000', + 'changepwd' => 'SMS_114000000', + 'changemobile' => 'SMS_114000000', + 'profile' => 'SMS_114000000', + 'notice' => 'SMS_114000000', + 'mobilelogin' => 'SMS_114000000', + 'bind' => 'SMS_114000000', + ], + 'rule' => 'required', + 'msg' => '', + 'tip' => '', + 'ok' => '', + 'extend' => '', + ], + [ + 'name' => '__tips__', + 'title' => '温馨提示', + 'type' => 'string', + 'content' => [], + 'value' => '应用key和密钥你可以通过 https://ak-console.aliyun.com/?spm=a2c4g.11186623.2.13.fd315777PX3tjy#/accesskey 获取', + 'rule' => 'required', + 'msg' => '', + 'tip' => '', + 'ok' => '', + 'extend' => '', + ], +]; diff --git a/addons/alisms/controller/Index.php b/addons/alisms/controller/Index.php new file mode 100644 index 0000000..dd298eb --- /dev/null +++ b/addons/alisms/controller/Index.php @@ -0,0 +1,73 @@ + '注册', + 'resetpwd' => '重置密码', + 'changepwd' => '修改密码', + 'changemobile' => '修改手机号', + 'profile' => '修改个人信息', + 'notice' => '通知', + 'mobilelogin' => '移动端登录', + 'bind' => '绑定账号', + ]; + + public function _initialize() + { + if (!\app\admin\library\Auth::instance()->id) { + $this->error('暂无权限浏览'); + } + parent::_initialize(); + } + + //首页 + public function index() + { + $this->view->assign('templateList', $this->templateList); + return $this->view->fetch(); + } + + //发送测试短信 + public function send() + { + $config = get_addon_config('alisms'); + $mobile = $this->request->post('mobile'); + $template = $this->request->post('template'); + $sign = $this->request->post('sign', ''); + + if (!$mobile) { + $this->error('手机号不能为空'); + } + + $templateArr = $config['template'] ?? []; + if (!isset($templateArr[$template]) || !$templateArr[$template]) { + $this->error('后台未配置对应的模板CODE'); + } + $template = $templateArr[$template]; + $sign = $sign ? $sign : $config['sign']; + $param = (array)json_decode($this->request->post('param', '', 'trim')); + $param = ['code' => mt_rand(1000, 9999)]; + $alisms = new \addons\alisms\library\Alisms(); + $ret = $alisms->mobile($mobile) + ->template($template) + ->sign($sign) + ->param($param) + ->send(); + if ($ret) { + $this->success("发送成功"); + } else { + $this->error("发送失败!失败原因:" . $alisms->getError()); + } + } + +} diff --git a/addons/alisms/info.ini b/addons/alisms/info.ini new file mode 100644 index 0000000..2d7a340 --- /dev/null +++ b/addons/alisms/info.ini @@ -0,0 +1,10 @@ +name = alisms +title = 阿里云短信发送 +intro = 阿里云短信发送插件 +author = FastAdmin +website = https://www.fastadmin.net +version = 1.0.10 +state = 1 +url = /addons/alisms +license = regular +licenseto = 48387 diff --git a/addons/alisms/library/Alisms.php b/addons/alisms/library/Alisms.php new file mode 100644 index 0000000..d01f25c --- /dev/null +++ b/addons/alisms/library/Alisms.php @@ -0,0 +1,170 @@ +config = array_merge($this->config, $config); + } + $this->config = array_merge($this->config, is_array($options) ? $options : []); + } + + /** + * 单例 + * @param array $options 参数 + * @return Alisms + */ + public static function instance($options = []) + { + if (is_null(self::$instance)) { + self::$instance = new static($options); + } + + return self::$instance; + } + + /** + * 设置签名 + * @param string $sign + * @return Alisms + */ + public function sign($sign = '') + { + $this->_params['SignName'] = $sign; + return $this; + } + + /** + * 设置参数 + * @param array $param + * @return Alisms + */ + public function param(array $param = []) + { + foreach ($param as $k => &$v) { + $v = (string)$v; + } + unset($v); + $param = array_filter($param); + $this->_params['TemplateParam'] = $param ? json_encode($param) : '{}'; + return $this; + } + + /** + * 设置模板 + * @param string $code 短信模板 + * @return Alisms + */ + public function template($code = '') + { + $this->_params['TemplateCode'] = $code; + return $this; + } + + /** + * 接收手机 + * @param string $mobile 手机号码 + * @return Alisms + */ + public function mobile($mobile = '') + { + $this->_params['PhoneNumbers'] = $mobile; + return $this; + } + + /** + * 立即发送 + * @return boolean + */ + public function send() + { + $this->error = ''; + $params = $this->_params(); + $params['Signature'] = $this->_signed($params); + $response = $this->_curl($params); + if ($response !== false) { + $res = (array)json_decode($response, true); + if (isset($res['Code']) && $res['Code'] == 'OK') { + return true; + } + $this->error = isset($res['Message']) ? $res['Message'] : 'InvalidResult'; + } else { + $this->error = 'InvalidResult'; + } + return false; + } + + /** + * 获取错误信息 + * @return string + */ + public function getError() + { + return $this->error; + } + + private function _params() + { + return array_merge([ + 'AccessKeyId' => $this->config['key'], + 'SignName' => isset($this->config['sign']) ? $this->config['sign'] : '', + 'Action' => 'SendSms', + 'Format' => 'JSON', + 'Version' => '2017-05-25', + 'SignatureVersion' => '1.0', + 'SignatureMethod' => 'HMAC-SHA1', + 'SignatureNonce' => uniqid(), + 'Timestamp' => gmdate('Y-m-d\TH:i:s\Z'), + ], $this->_params); + } + + private function percentEncode($string) + { + $string = urlencode($string); + $string = preg_replace('/\+/', '%20', $string); + $string = preg_replace('/\*/', '%2A', $string); + $string = preg_replace('/%7E/', '~', $string); + return $string; + } + + private function _signed($params) + { + $sign = $this->config['secret']; + ksort($params); + $canonicalizedQueryString = ''; + foreach ($params as $key => $value) { + $canonicalizedQueryString .= '&' . $this->percentEncode($key) . '=' . $this->percentEncode($value); + } + $stringToSign = 'GET&%2F&' . $this->percentencode(substr($canonicalizedQueryString, 1)); + $signature = base64_encode(hash_hmac('sha1', $stringToSign, $sign . '&', true)); + return $signature; + } + + private function _curl($params) + { + $uri = 'http://dysmsapi.aliyuncs.com/?' . http_build_query($params); + $ch = curl_init(); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); + curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); + curl_setopt($ch, CURLOPT_URL, $uri); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); + curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.98 Safari/537.36"); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); + curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); + $reponse = curl_exec($ch); + curl_close($ch); + return $reponse; + } +} diff --git a/addons/alisms/view/index/index.html b/addons/alisms/view/index/index.html new file mode 100644 index 0000000..eec81e9 --- /dev/null +++ b/addons/alisms/view/index/index.html @@ -0,0 +1,62 @@ + + + + + 阿里云短信发送示例 - {$site.name} + + + + + + + + + + + +
+
+
温馨提示:仅用于测试插件是否能正常发送短信
+
+
+ 阿里云短信发送测试 +
+ +
+ +
+
+
+ +
+ +
+
+
+
+ + +
+
+
+
+
+
+ + + + + + + diff --git a/addons/qingdong/model/Staff.php b/addons/qingdong/model/Staff.php index 0fb05f5..af53d3e 100644 --- a/addons/qingdong/model/Staff.php +++ b/addons/qingdong/model/Staff.php @@ -44,7 +44,7 @@ class Staff Extends Model { 'salt' => $changed['salt']??'', 'avatar' => $changed['img'], 'email' => $changed['email'], - 'cid' => $changed['cid'], + 'cid' => isset($changed['cid']) ? $changed['cid'] : 0, ]; if(isset($changed['admin_id']) && $changed['admin_id']){ diff --git a/application/admin/controller/Index.php b/application/admin/controller/Index.php index d5f6771..4e0701f 100644 --- a/application/admin/controller/Index.php +++ b/application/admin/controller/Index.php @@ -14,6 +14,7 @@ use app\admin\model\MemberGroup; use app\admin\model\MemberGroupAccess; use app\admin\model\User; use app\common\controller\Backend; +use app\common\library\Sms as Smslib; use fast\Random; use think\Cache; use think\Config; @@ -177,15 +178,21 @@ class Index extends Backend public function sendSms() { $mobile = $this->request->get('mobile', ''); + if(!$mobile){ $this->error("请输入手机号"); } + + if (!$mobile || !\think\Validate::regex($mobile, "^1\d{10}$")) { + $this->error(__('手机号不正确')); + } //生成验证码 - $random = 8888; -// rand(1000,9999) - //发送验证码 - $flag = 1; - if(!$flag){ + $random = rand(1000,9999); +// + + $ret = Smslib::send($mobile, $random, 'register'); + + if(!$ret){ $this->error("验证码发送失败,请稍后重试!"); } diff --git a/application/admin/controller/auth/Admin.php b/application/admin/controller/auth/Admin.php index a7dc6da..6c27b82 100644 --- a/application/admin/controller/auth/Admin.php +++ b/application/admin/controller/auth/Admin.php @@ -131,6 +131,8 @@ class Admin extends Backend $params['salt'] = Random::alnum(); $params['password'] = md5(md5($params['password']) . $params['salt']); $params['avatar'] = '/assets/img/avatar.png'; //设置新管理员默认头像。 + //获取id + $result = $this->model->validate('Admin.add')->save($params); if ($result === false) { exception($this->model->getError()); diff --git a/application/admin/library/Auth.php b/application/admin/library/Auth.php index c688069..599ba0a 100644 --- a/application/admin/library/Auth.php +++ b/application/admin/library/Auth.php @@ -96,7 +96,6 @@ class Auth extends \fast\Auth $admin->logintime = time(); $admin->loginip = request()->ip(); $admin->token = Random::uuid(); - $admin->save(); Session::set("admin", $admin->toArray()); return true; @@ -542,7 +541,6 @@ class Auth extends \fast\Auth // 读取管理员当前拥有的权限节点 $userRule = $this->getRuleList2(); - $selected = $referer = []; $refererUrl = Session::get('referer'); // 必须将结果集转换为数组 diff --git a/application/admin/validate/Admin.php b/application/admin/validate/Admin.php index e7682a2..c91e006 100644 --- a/application/admin/validate/Admin.php +++ b/application/admin/validate/Admin.php @@ -11,7 +11,7 @@ class Admin extends Validate * 验证规则 */ protected $rule = [ - 'username' => 'require|regex:\w{3,30}|unique:admin,cid', + 'username' => 'require|regex:\w{3,30}|unique:admin,username', 'nickname' => 'require', 'password' => 'require|regex:\S{32}', // 'email' => 'require|email|unique:admin,email', diff --git a/application/common/controller/Backend.php b/application/common/controller/Backend.php index e692def..6c55789 100644 --- a/application/common/controller/Backend.php +++ b/application/common/controller/Backend.php @@ -167,14 +167,14 @@ class Backend extends Controller $this->error(__('Please login first'), url('index/register', ['url' => $url])); } - // 判断是否需要验证权限 - if (!$this->auth->match($this->noNeedRight)) { - // 判断控制器和方法是否有对应权限 - if (!$this->auth->check($path) ) { - Hook::listen('admin_nopermission', $this); - $this->error(__('You have no permission'), ''); - } - } +// // 判断是否需要验证权限 +// if (!$this->auth->match($this->noNeedRight)) { +// // 判断控制器和方法是否有对应权限 +// if (!$this->auth->check($path) ) { +// Hook::listen('admin_nopermission', $this); +// $this->error(__('You have no permission'), ''); +// } +// } } // 非选项卡时重定向 diff --git a/application/config.php b/application/config.php index 92ebcb7..18d9e27 100644 --- a/application/config.php +++ b/application/config.php @@ -308,6 +308,6 @@ return [ 'key' => '00b7691d86d96aebd21dd9e138f90840', 'cert_path' => ROOT_PATH.'cert/apiclient_cert.pem', // 证书文件路径 'key_path' => ROOT_PATH.'cert/apiclient_key.pem',// 密钥文件路径 - 'notify_url' => 'http://shunshicrm.iiixo.com/pay/api/pay/notify', // 支付回调通知URL + 'notify_url' => 'http://shunshicrm.iiixo.com/api/pay/notify', // 支付回调通知URL ], ]; diff --git a/application/extra/addons.php b/application/extra/addons.php index faf38dd..b666515 100644 --- a/application/extra/addons.php +++ b/application/extra/addons.php @@ -3,6 +3,15 @@ return [ 'autoload' => false, 'hooks' => [ + 'sms_send' => [ + 'alisms', + ], + 'sms_notice' => [ + 'alisms', + ], + 'sms_check' => [ + 'alisms', + ], 'upgrade' => [ 'qingdong', ], diff --git a/application/extra/site.php b/application/extra/site.php index 01eda2c..5a75ea2 100644 --- a/application/extra/site.php +++ b/application/extra/site.php @@ -12,7 +12,7 @@ return array ( 'backend' => 'zh-cn', 'frontend' => 'zh-cn', ), - 'fixedpage' => 'dashboard', + 'fixedpage' => 'qingdong/dashboard', 'categorytype' => array ( 'default' => 'Default', diff --git a/extend/fast/Auth.php b/extend/fast/Auth.php index 5d3fd2d..8178f2d 100644 --- a/extend/fast/Auth.php +++ b/extend/fast/Auth.php @@ -156,7 +156,7 @@ class Auth return $groups[$uid]; } - if($uid<1000000){ + if(!defined('CID') || CID==0 ){ // 执行查询 $user_groups = Db::name($this->config['auth_group_access']) ->alias('aga') @@ -260,7 +260,7 @@ class Auth } //如果是企业账户 并且 该账户拥有企业全部权限 - if($ism && $uid>=1000000 && count($ids) == 1 && $ids[0] == "*"){ + if(!!defined('CID') && CID>0 && $ism && $uid>=1000000 && count($ids) == 1 && $ids[0] == "*"){ //获取公司的权限 $userInfo = Db::name("qingdong_staff")->where("admin_id",$uid)->find(); $groupInfo = Db::name("company")->where("id",$userInfo['cid'])->find(); diff --git a/index.html b/index.html new file mode 100644 index 0000000..86aeca2 --- /dev/null +++ b/index.html @@ -0,0 +1,39 @@ + + + + + 恭喜,站点创建成功! + + + +
+

恭喜, 站点创建成功!

+

这是默认index.html,本页面由系统自动生成

+ +
+ + \ No newline at end of file diff --git a/public/assets/js/require-backend.js b/public/assets/js/require-backend.js index 4f1e2c0..4a2bfc4 100644 --- a/public/assets/js/require-backend.js +++ b/public/assets/js/require-backend.js @@ -50,7 +50,7 @@ require.config({ 'template': '../libs/art-template/dist/template-native', 'selectpage': '../libs/fastadmin-selectpage/selectpage', 'citypicker': '../libs/fastadmin-citypicker/dist/js/city-picker.min', - 'citypicker-data': '../libs/fastadmin-citypicker/dist/js/city-picker.data' + 'citypicker-data': '../libs/fastadmin-citypicker/dist/js/city-picker.data', }, // shim依赖配置 shim: { diff --git a/route/app.php b/route/app.php index 7c9a446..c9f8eec 100644 --- a/route/app.php +++ b/route/app.php @@ -4,4 +4,4 @@ // 注册路由到index模块的News控制器的read操作 use think\Route; -Route::rule('pay/notify','/api/pay/complate'); \ No newline at end of file +Route::rule('pay/notify','admin/qingdong/product/member/complate'); \ No newline at end of file