From 6937ece14859e9dabefa7a62f6ee516c3c377501 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E8=83=A1?= <3203164629@qq.com> Date: Fri, 23 Jun 2023 02:57:28 +0000 Subject: [PATCH 1/5] =?UTF-8?q?=E4=BC=98=E5=8C=96XH=E9=80=9A=E7=94=A8?= =?UTF-8?q?=E7=99=BB=E5=BD=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小胡 <3203164629@qq.com> --- user/sso/xhlogin.php | 124 +++++++++++++++++++++++++------------------ 1 file changed, 73 insertions(+), 51 deletions(-) diff --git a/user/sso/xhlogin.php b/user/sso/xhlogin.php index 7343f4b..7bfb5d5 100644 --- a/user/sso/xhlogin.php +++ b/user/sso/xhlogin.php @@ -1,66 +1,88 @@ fetch_by_username($username)) || ($user=C::t('user')->fetch_by_email($email))){//用户已经存在时 - if ($user['adminid']) showmessage('为了安全,禁止管理员通过这种方式登录'); + $result = getuserbyuid($user['uid'], 1); + if($result['status']>0){ + //写入日志 + writelog('loginlog', '尝试XH通用登录失败,此用户已停用'); + showmessage('此用户已停用,请联系管理员'); + } + if ($user['adminid']) { + //写入日志 + writelog('loginlog', '管理员尝试XH通用登录失败'); + showmessage('为了安全,禁止管理员通过这种方式登录'); + return; + } $idstring = explode('_', $user['emailsenddate']); - if ($idstring[0] == (time() - $idstring[1]) < 86400) { - dsetcookie('auth', authcode("{$user['password']}\t{$user['uid']}", 'ENCODE'), 0, 1, true); + if ($idstring[0] == (time() - $idstring[1]) < 86400) { + dsetcookie('auth', authcode("{$user['password']}\t{$user['uid']}", 'ENCODE'), 0, 1, true); + } + writelog('loginlog', 'XH通用登录成功'); + showmessage('Login_success',$_G['siteurl']); + }else{ + require_once libfile('function/user','','user'); + if(!check_username($username)) showmessage(lang('user_name_sensitive')); + $password=$_G['setting']['quick_password']; + $user=uc_add_user($username, $password, $email); + $uid=$user['uid']; + if($uid<1) showmessage(lang('import_failure')); + $base = array( + 'uid' => $uid, + 'adminid' => 0, + 'groupid' =>9, + 'regdate' => TIMESTAMP, + 'emailstatus' => 1, + ); + if($_GET['mobile']){ + if(!preg_match("/^\d+$/",$_GET['mobile'])){ + }elseif(C::t('user')->fetch_by_phone($_GET['mobile']) ) { + }else{ + $base['phone']=$_GET['mobile']; + } + } + if($_GET['weixinid']){ + if(!preg_match("/^[a-zA-Z\d_]{5,}$/i",$_GET['weixinid'])){ + }elseif(C::t('user')->fetch_by_weixinid($_GET['weixinid'])) { + }else{ + $base['weixinid']=$_GET['weixinid']; + } + } + $sitename=$_G['setting']['sitename']; + C::t('user')->update($uid,$base); + + $idstring = explode('_', $user['emailsenddate']); + + if ($idstring[0] == (time() - $idstring[1]) < 86400) { + + dsetcookie('auth', authcode("{$user['password']}\t{$user['uid']}", 'ENCODE'), 0, 1, true); + + } + writelog('loginlog', 'XH通用登录成功'); + showmessage('Login_success',$_G['siteurl']); + } } - showmessage('Login_success',$_G['siteurl']); -}else{ -if($_G['setting']['bbclosed']) showmessage(lang('site_closed_please_admin'));//判断站点是否关闭 -require_once libfile('function/user','','user'); -if(!check_username($username)) showmessage(lang('user_name_sensitive')); - $password=$_G['setting']['quick_password']; - $user=uc_add_user($username, $password, $email); - $uid=$user['uid']; - if($uid<1) showmessage(lang('import_failure')); - $base = array( - 'uid' => $uid, - 'adminid' => 0, - 'groupid' =>9, - 'regdate' => TIMESTAMP, - 'emailstatus' => 1, - ); - if($_GET['mobile']){ - if(!preg_match("/^\d+$/",$_GET['mobile'])){ - }elseif(C::t('user')->fetch_by_phone($_GET['mobile']) ) { - }else{ - $base['phone']=$_GET['mobile']; - } - } - if($_GET['weixinid']){ - if(!preg_match("/^[a-zA-Z\d_]{5,}$/i",$_GET['weixinid'])){ - }elseif(C::t('user')->fetch_by_weixinid($_GET['weixinid'])) { - }else{ - $base['weixinid']=$_GET['weixinid']; - } - } - $sitename=$_G['setting']['sitename']; - C::t('user')->update($uid,$base); - - $idstring = explode('_', $user['emailsenddate']); - - if ($idstring[0] == (time() - $idstring[1]) < 86400) { - - dsetcookie('auth', authcode("{$user['password']}\t{$user['uid']}", 'ENCODE'), 0, 1, true); - - } - showmessage('Login_success',$_G['siteurl']); - } -} -}else{ + }else{ + //写入日志 + writelog('loginlog', '尝试XH通用登录失败,未开启XH通用登录'); showmessage('未开启XH通用登录'); } From 049339f8212fefec834d130095fa9bdb2f1e8941 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E8=83=A1?= <3203164629@qq.com> Date: Fri, 23 Jun 2023 03:27:46 +0000 Subject: [PATCH 2/5] =?UTF-8?q?=E4=BC=98=E5=8C=96XH=E9=80=9A=E7=94=A8?= =?UTF-8?q?=E7=99=BB=E5=BD=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小胡 <3203164629@qq.com> --- user/sso/xhlogin.php | 36 +++++++++++++++++++++++------------- 1 file changed, 23 insertions(+), 13 deletions(-) diff --git a/user/sso/xhlogin.php b/user/sso/xhlogin.php index 7bfb5d5..6feea0d 100644 --- a/user/sso/xhlogin.php +++ b/user/sso/xhlogin.php @@ -21,22 +21,28 @@ if($_G['setting']['quick_login']){ return; } if(($user=C::t('user')->fetch_by_username($username)) || ($user=C::t('user')->fetch_by_email($email))){//用户已经存在时 + if ($user['adminid']) { + //写入日志 + writelog('loginlog', '管理员尝试XH通用登录失败'); + showmessage('为了安全,禁止管理员通过这种方式登录'); + return; + } $result = getuserbyuid($user['uid'], 1); if($result['status']>0){ //写入日志 writelog('loginlog', '尝试XH通用登录失败,此用户已停用'); showmessage('此用户已停用,请联系管理员'); } - if ($user['adminid']) { - //写入日志 - writelog('loginlog', '管理员尝试XH通用登录失败'); - showmessage('为了安全,禁止管理员通过这种方式登录'); - return; - } - $idstring = explode('_', $user['emailsenddate']); - if ($idstring[0] == (time() - $idstring[1]) < 86400) { - dsetcookie('auth', authcode("{$user['password']}\t{$user['uid']}", 'ENCODE'), 0, 1, true); + //设置登录 + setloginstatus($result, $_GET['cookietime'] ? 2592000 : 0); + + if($_G['member']['lastip'] && $_G['member']['lastvisit']) { + + dsetcookie('lip', $_G['member']['lastip'].','.$_G['member']['lastvisit']); } + + //记录登录 + C::t('user_status')->update($_G['uid'], array('lastip' => $_G['clientip'], 'lastvisit' =>TIMESTAMP, 'lastactivity' => TIMESTAMP)); writelog('loginlog', 'XH通用登录成功'); showmessage('Login_success',$_G['siteurl']); }else{ @@ -70,13 +76,17 @@ if($_G['setting']['quick_login']){ $sitename=$_G['setting']['sitename']; C::t('user')->update($uid,$base); - $idstring = explode('_', $user['emailsenddate']); + //设置登录 + $result = getuserbyuid($user['uid'], 1); + setloginstatus($result, $_GET['cookietime'] ? 2592000 : 0); - if ($idstring[0] == (time() - $idstring[1]) < 86400) { + if($_G['member']['lastip'] && $_G['member']['lastvisit']) { - dsetcookie('auth', authcode("{$user['password']}\t{$user['uid']}", 'ENCODE'), 0, 1, true); + dsetcookie('lip', $_G['member']['lastip'].','.$_G['member']['lastvisit']); + } - } + //记录登录 + C::t('user_status')->update($_G['uid'], array('lastip' => $_G['clientip'], 'lastvisit' =>TIMESTAMP, 'lastactivity' => TIMESTAMP)); writelog('loginlog', 'XH通用登录成功'); showmessage('Login_success',$_G['siteurl']); } From e3f9cdfef756e19b056fcdff220ee758c9b1d4ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E8=83=A1?= <3203164629@qq.com> Date: Fri, 23 Jun 2023 09:42:56 +0000 Subject: [PATCH 3/5] update README.md. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小胡 <3203164629@qq.com> --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index dc4a366..576bdd0 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ ### 官方网站:http://dzzoffice.com ### 小胡版插件获取地址:https://gitee.com/xh2002/projects -### Dzzoffice笔记:https://thoughts.teambition.com/sharespace/64546633db084500410d69c7 +### 【金山文档】 Dzzoffice笔记:https://www.kdocs.cn/l/ccpEhPqsY3na ### DzzOffice 介绍: DzzOffice是一款云存储与应用管理工具,可用于个人、团队网盘和企业OA等。它部署简单,支持多种云存储的接入,并具有强大的文件共享功能以及丰富的成员权限管理。通过将存储文件与云端各类应用的交互,来实现在线协同办公,提高工作效率。 From 412ba26eeb4cffd5751a1824b08feee728ce26b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E8=83=A1?= <3203164629@qq.com> Date: Mon, 26 Jun 2023 12:02:14 +0000 Subject: [PATCH 4/5] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=82=B9=E5=87=BB?= =?UTF-8?q?=E6=8C=89=E9=92=AE=E7=9A=84=E6=95=88=E6=9E=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小胡 <3203164629@qq.com> --- static/css/checkbox.css | 6 ------ 1 file changed, 6 deletions(-) diff --git a/static/css/checkbox.css b/static/css/checkbox.css index 9879fa5..83ec97b 100644 --- a/static/css/checkbox.css +++ b/static/css/checkbox.css @@ -128,12 +128,6 @@ -o-transform: scale(1,1); transform: scale(1,1); } - -.checkbox-custom input[type=radio]:focus+label::before, .checkbox-custom input[type=checkbox]:focus+label::before { - outline: thin dotted; - outline: 0.36em auto -webkit-focus-ring-color; - outline-offset: -2px; -} .checkbox-primary input[type=radio]:checked+label::before, .checkbox-primary input[type=checkbox]:checked+label::before { background-color: #4C89FB; border-color: #4C89FB; From 451295a3aa01b8af090fcd9a1bcf3675329220c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E8=83=A1?= <3203164629@qq.com> Date: Wed, 28 Jun 2023 05:20:14 +0000 Subject: [PATCH 5/5] =?UTF-8?q?=E6=9B=B4=E6=8D=A2=E7=AC=94=E8=AE=B0?= =?UTF-8?q?=E5=9C=B0=E5=9D=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小胡 <3203164629@qq.com> --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 576bdd0..3146977 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ ### 官方网站:http://dzzoffice.com ### 小胡版插件获取地址:https://gitee.com/xh2002/projects -### 【金山文档】 Dzzoffice笔记:https://www.kdocs.cn/l/ccpEhPqsY3na +### 【金山文档】 Dzzoffice笔记:https://p.kdocs.cn/s/VBM22BAAB4 ### DzzOffice 介绍: DzzOffice是一款云存储与应用管理工具,可用于个人、团队网盘和企业OA等。它部署简单,支持多种云存储的接入,并具有强大的文件共享功能以及丰富的成员权限管理。通过将存储文件与云端各类应用的交互,来实现在线协同办公,提高工作效率。