Skip to content

Commit e253436

Browse files
runrongerrunronger
committed
添加表单令牌验证
1 parent 5562850 commit e253436

23 files changed

+12523
-94
lines changed

application/admin/controller/Advertisement.php

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -39,9 +39,10 @@ public function advertisementList()
3939
public function advertisementEdit(Request $request)
4040
{
4141
if ($request->isPost()){
42-
$token = $request->token('__token__');
43-
$validate = new Validate();
44-
$pass = $validate->check($token);
42+
$validate = new Validate([
43+
'__token__' => 'token',
44+
]);
45+
$pass = $validate->check($request->post());
4546
if ($pass){
4647
$id = $request->post('id');
4748
$adType = trim($request->post('adType'));
@@ -194,9 +195,10 @@ public function advertisementType()
194195
public function advertisementTypeEdit(Request $request)
195196
{
196197
if ($request->isPost()){
197-
$token = $request->token('__token__');
198-
$validate = new Validate();
199-
$pass = $validate->check($token);
198+
$validate = new Validate([
199+
'__token__' => 'token',
200+
]);
201+
$pass = $validate->check($request->post());
200202
if ($pass){
201203
$id = $request->post('id');
202204
$advertisementType = trim($request->post('advertisementType'));

application/admin/controller/Article.php

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -96,9 +96,10 @@ public function search(Request $request)
9696
public function articleEdit(Request $request)
9797
{
9898
if ($request->isPost()){
99-
$token = $request->post('__token__');
100-
$validate = new Validate($this->rule);
101-
$pass = $validate->check($token);
99+
$validate = new Validate([
100+
'__token__' => 'token',
101+
]);
102+
$pass = $validate->check($request->post());
102103
if ($pass){
103104
$id = $request->post('id');
104105
$articleType = $request->post('articleType');
@@ -282,9 +283,10 @@ public function typeList(Request $request)
282283
public function typeEdit(Request $request)
283284
{
284285
if ($request->isPost()){
285-
$token = $request->post('__token__');
286-
$validate = new Validate($this->rule);
287-
$pass = $validate->check($token);
286+
$validate = new Validate([
287+
'__token__' => 'token',
288+
]);
289+
$pass = $validate->check($request->post());
288290
if ($pass){
289291
$id = $request->post('id');
290292
$articleType = trim($request->post('articleType'));

application/admin/controller/Config.php

Lines changed: 51 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -2,22 +2,22 @@
22

33
namespace app\admin\controller;
44

5-
use app\admin\model\FrontendMenu;
65
use think\Request;
76
use think\Validate;
87
use think\Session;
98
use app\admin\model\Config as ConfigModel;
109
use app\admin\model\Site;
10+
use app\admin\model\FrontendMenu;
1111
class Config extends Base
1212
{
1313

1414
public function webSet(Request $request)
1515
{
1616
if ($request->isPost()){
17-
// dump($request->post());
18-
$token = $request->token('__token__');
19-
$validate = new Validate();
20-
$pass = $validate->check($token);
17+
$validate = new Validate([
18+
'__token__' => 'token',
19+
]);
20+
$pass = $validate->check($request->post());
2121
if ($pass){
2222
$configTitle = trim($request->post('configTitle'));
2323
$configKeywords = trim($request->post('configKeywords'));
@@ -48,10 +48,10 @@ public function webSet(Request $request)
4848
public function siteSet(Request $request)
4949
{
5050
if ($request->isPost()){
51-
// dump($request->post());
52-
$token = $request->token('__token__');
53-
$validate = new Validate();
54-
$pass = $validate->check($token);
51+
$validate = new Validate([
52+
'__token__' => 'token',
53+
]);
54+
$pass = $validate->check($request->post());
5555
if ($pass){
5656
$siteURL = trim($request->post('siteURL'));
5757
$siteName = trim($request->post('siteName'));
@@ -78,7 +78,9 @@ public function siteSet(Request $request)
7878

7979
public function frontendMenu(Request $request)
8080
{
81-
//
81+
$frontMenu = new FrontendMenu();
82+
$result = $frontMenu->getMenuList();
83+
// dump($result);
8284
return $this->fetch();
8385
}
8486

@@ -97,13 +99,45 @@ public function backendMenu()
9799
*/
98100
public function frontendEdit(Request $request)
99101
{
100-
//
101-
$frontMuen = new FrontendMenu();
102-
$menuList = $frontMuen->getAllMenu();
103-
$this->assign('menuList',$menuList);
104-
$tag['edit'] = 0;
105-
$this->assign('tag',$tag);
106-
return $this->fetch();
102+
if ($request->isPost()){
103+
$validate = new Validate([
104+
'__token__' => 'token',
105+
]);
106+
$pass = $validate->check($request->post());
107+
if (true == $pass){
108+
$menuId = $request->post('menuId');
109+
$menuUrl = trim($request->post('menuUrl'));
110+
$menuName = trim($request->post('menuName'));
111+
$menuNumber = trim($request->post('menuNumber'));
112+
$frontMuen = new FrontendMenu();
113+
$hasUse = $frontMuen->where('url',$menuUrl)->find();
114+
if ($hasUse){
115+
$this->error(lang('is_have'));
116+
}
117+
$frontMuen -> number = $menuNumber;
118+
$frontMuen -> url = $menuUrl;
119+
$frontMuen -> name = $menuName;
120+
$frontMuen -> parent_id = $menuId;
121+
$frontMuen -> author = Session::get('ADMIN_PASS')->user_name;
122+
$frontMuen -> is_delete = 0;
123+
$frontMuen -> create_time = date("Y-m-d H:i:s",time());
124+
$result = $frontMuen->save();
125+
if (1 == $result){
126+
$this->success(lang('success'),url('/admin/config/frontendMenu'));
127+
}else{
128+
$this->error(lang('error'));
129+
}
130+
}else{
131+
return $pass;
132+
}
133+
}else{
134+
// $frontMuen = new FrontendMenu();
135+
$menuList = FrontendMenu::getAllMenu();
136+
$this->assign('menuList',$menuList);
137+
$tag['edit'] = 0;
138+
$this->assign('tag',$tag);
139+
return $this->fetch();
140+
}
107141
}
108142

109143
/**

application/admin/controller/Gallery.php

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -48,9 +48,10 @@ public function photoList()
4848
public function photoEdit(Request $request)
4949
{
5050
if ($request->isPost()){
51-
$token = $request->token('__token__');
52-
$validate = new Validate();
53-
$pass = $validate->check($token);
51+
$validate = new Validate([
52+
'__token__' => 'token',
53+
]);
54+
$pass = $validate->check($request->post());
5455
if ($pass){
5556
$galleryType = $request->post('photoType');
5657
$fileUrl = $request->post('photoImage/a');
@@ -152,9 +153,10 @@ public function galleryList()
152153
public function galleryEdit(Request $request)
153154
{
154155
if ($request->isPost()){
155-
$token = $request->token('__token__');
156-
$validate = new Validate();
157-
$pass = $validate->check($token);
156+
$validate = new Validate([
157+
'__token__' => 'token',
158+
]);
159+
$pass = $validate->check($request->post());
158160
if ($pass){
159161
$id = $request->post('id');
160162
$galleryType = $request->post('galleryType');

application/admin/model/FrontendMenu.php

Lines changed: 19 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -3,32 +3,41 @@
33
namespace app\admin\model;
44

55
use think\Model;
6-
6+
use think\Db;
77
class FrontendMenu extends Model
88
{
99
//
1010
protected $autoWriteTimestamp = false;
1111

12-
public function getAllMenu()
12+
/**
13+
* 获取目录列表
14+
* @return array
15+
* @throws \think\db\exception\DataNotFoundException
16+
* @throws \think\db\exception\ModelNotFoundException
17+
* @throws \think\exception\DbException
18+
*/
19+
public static function getAllMenu()
1320
{
1421
//获取顶级类目
15-
$topMenu = $this->field('id,name')->where(['is_delete'=>0,'parent_id'=>0])->select();
16-
// $result = [];
22+
$topMenu = Db::table('cn_frontend_menu')->field('id,name')->where(['is_delete'=>0,'parent_id'=>0])->select();
23+
$result = [];
1724
foreach ( $topMenu as $v) {
1825
$result[$v['id']] = $v ;
1926
}
2027
//获取子目录
21-
$subsetMenu = $this->field('id,name,parent_id')->where(['is_delete'=>0])
28+
$subsetMenu = Db::table('cn_frontend_menu')->field('id,name,parent_id')->where(['is_delete'=>0])
2229
->where('parent_id','>','0')->select();
23-
dump($subsetMenu);
24-
dump($this->getLastSql());
2530
foreach ($subsetMenu as $vv){
26-
$result[$vv['parent_id']]['subset'][] = $vv;
31+
$result[$vv['parent_id']]['subset'][]=$vv;
2732
}
28-
// dump($result);
29-
return $result;
33+
return $result;
3034
}
3135

36+
public function getMenuList()
37+
{
38+
$list = $topMenu = Db::table('cn_frontend_menu')->where(['is_delete'=>0,'parent_id'=>0])->select();
39+
// dump($list);
40+
}
3241

3342

3443
}

application/admin/validate/Token.php

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
<?php
2+
/**
3+
* Created by PhpStorm.
4+
* User: rong
5+
* Date: 18-6-11
6+
* Time: 下午2:22
7+
*/
8+
namespace app\admin\validate;
9+
10+
use think\Request;
11+
use think\Validate;
12+
class Token extends Validate
13+
{
14+
15+
16+
public function checkToken()
17+
{
18+
$result = parent::check(Request::instance()->input(),[
19+
'__token__' => 'token',
20+
]);
21+
if (true !== $result){
22+
// 验证失败 输出错误信息
23+
return ajaxReturn($result);
24+
}else{
25+
return $result;
26+
}
27+
}
28+
29+
30+
31+
32+
33+
34+
35+
36+
37+
}

static/admin/js/public.js

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -566,6 +566,27 @@ var App = function () {
566566
},
567567
};
568568
}();
569+
570+
(function (a, b) {
571+
a.fn.admin_tree = function (d) {
572+
var c = {
573+
"open-icon": "fa fa-folder-open",
574+
"close-icon": "fa fa-folder",
575+
selectable: true,
576+
"selected-icon": "fa fa-check",
577+
"unselected-icon": "tree-dot"
578+
};
579+
c = a.extend({}, c, d);
580+
this.each(function () {
581+
var e = a(this);
582+
e.html('<div class = "tree-folder" style="display:none;"> <div class="tree-folder-header"> <i class="' + c["close-icon"] + '"></i> <div class="tree-folder-name"></div> </div> <div class="tree-folder-content"></div> <div class="tree-loader" style="display:none"></div> </div> <div class="tree-item" style="display:none;"> ' + (c["unselected-icon"] == null ? "" : '<i class="' + c["unselected-icon"] + '"></i>') + ' <div class="tree-item-name"></div> </div>');
583+
e.addClass(c.selectable == true ? "tree-selectable" : "tree-unselectable");
584+
e.tree(c)
585+
});
586+
return this
587+
}
588+
})(window.jQuery);
589+
569590
(function () {
570591
this.Theme = (function () {
571592
function Theme() {

0 commit comments

Comments
 (0)