1. 完善后台功能，验证文件、安全域名功能完成

shinn-lancelot · Aug 25, 2018 · ceee6e7 · ceee6e7
1 parent 0a0443c
commit ceee6e7
Show file tree

Hide file tree

Showing 13 changed files with 1,163 additions and 42 deletions.
diff --git a/.gitignore b/.gitignore
@@ -2,4 +2,5 @@
 .DS_Store
 /.cache
 /.vscode
-*.txt
+*.txt
+domainName.json
diff --git a/admin.php b/admin.php
@@ -164,12 +164,12 @@
                 <div class="logo"></div>
                 <a href="./verify.php">
                     <div class="btn btn-size">
-                        <p>添加微信公众号授权登录txt验证内容</p>
+                        <p>添加微信公众号授权登录域名验证文件内容</p>
                     </div>
                 </a>
-                <a href="">
+                <a href="./safeDomainName.php">
                     <div class="btn btn-size">
-                        <p>添加接口允许域名</p>
+                        <p>添加接口调用安全域名</p>
                     </div>
                 </a>
                 <a href="">
@@ -214,7 +214,6 @@
                 } else {
                     logoutState = 1;
                 }
-
             } else {
                 console.log(xhr.readyState);
             }

diff --git a/asset/image/back.png b/asset/image/back.png
diff --git a/common/addSafeDomainName.php b/common/addSafeDomainName.php
@@ -0,0 +1,47 @@
+<?php
+
+if (strtolower($_SERVER['REQUEST_METHOD']) == 'post') {
+    $res['code'] = 0;
+    $res['message'] = '提交失败！';
+
+    session_start();
+    $user = isset($_SESSION['wop_admin_user']) ? $_SESSION['wop_admin_user'] : '';
+    if (empty($user)) {
+        $res['code'] = -1;
+        $res['message'] = '登陆过期！';
+        echo json_encode($res);
+        exit();
+    }
+
+    $domainName = strip_tags(trim($_POST['domain_name']));
+
+    if (empty($domainName)) {
+        echo json_encode($res);
+        exit();
+    }
+
+    $domainNameArr = array();
+    $file = './domainName.json';
+    if (file_exists($file)) {
+        $domainNameArr = json_decode(file_get_contents($file), true);
+    }
+
+    $hasDomainName = false;
+    if (count($domainNameArr)) {
+        foreach ($domainNameArr as $key=>$value) {
+            if ($value == $domainName) {
+                $hasDomainName = true;
+                break;
+            }
+        }
+    }
+
+    if (!$hasDomainName) {
+        array_unshift($domainNameArr, $domainName);
+        file_put_contents('./domainName.json', json_encode($domainNameArr));
+    }
+
+    $res['code'] = 1;
+    $res['message'] = '提交成功！';
+    echo json_encode($res);
+}
diff --git a/common/clearDomainName.php b/common/clearDomainName.php
@@ -0,0 +1,51 @@
+<?php
+
+if (strtolower($_SERVER['REQUEST_METHOD']) == 'post') {
+    $res['code'] = 0;
+    $res['message'] = '移除失败！';
+
+    session_start();
+    $user = isset($_SESSION['wop_admin_user']) ? $_SESSION['wop_admin_user'] : '';
+    if (empty($user)) {
+        $res['code'] = -1;
+        $res['message'] = '登陆过期！';
+        echo json_encode($res);
+        exit();
+    }
+
+    $domainName = strip_tags(trim($_POST['domain_name']));
+
+    if (empty($domainName)) {
+        echo json_encode($res);
+        exit();
+    }
+
+    $domainNameArr = array();
+    $file = './domainName.json';
+    if (file_exists($file)) {
+        $domainNameArr = json_decode(file_get_contents($file), true);
+    }
+
+    $hasDomainName = false;
+    if (count($domainNameArr)) {
+        foreach ($domainNameArr as $key=>$value) {
+            if ($value == $domainName) {
+                $hasDomainName = true;
+                unset($domainNameArr[$key]);
+                break;
+            }
+        }
+    }
+
+    if (!$hasDomainName) {
+        $res['message'] = '域名不存在!';
+        echo json_encode($res);
+        exit();
+    }
+
+    file_put_contents('./domainName.json', json_encode($domainNameArr));
+
+    $res['code'] = 1;
+    $res['message'] = '移除成功！';
+    echo json_encode($res);
+}
diff --git a/common/clearVerify.php b/common/clearVerify.php
@@ -0,0 +1,35 @@
+<?php
+
+if (strtolower($_SERVER['REQUEST_METHOD']) == 'post') {
+    $res['code'] = 0;
+    $res['message'] = '移除失败！';
+
+    session_start();
+    $user = isset($_SESSION['wop_admin_user']) ? $_SESSION['wop_admin_user'] : '';
+    if (empty($user)) {
+        $res['code'] = -1;
+        $res['message'] = '登陆过期！';
+        echo json_encode($res);
+        exit();
+    }
+
+    $verify = strip_tags(trim($_POST['verify']));
+
+    if (empty($verify)) {
+        echo json_encode($res);
+        exit();
+    }
+
+    $file = $_SERVER['DOCUMENT_ROOT'] . '/' . $verify;
+    if (!file_exists($file)) {
+        $res['message'] = '验证文件不存在!';
+        echo json_encode($res);
+        exit();
+    }
+
+    unlink($file);
+
+    $res['code'] = 1;
+    $res['message'] = '移除成功！';
+    echo json_encode($res);
+}
diff --git a/common/loginHandle.php b/common/loginHandle.php
@@ -19,21 +19,29 @@
 
     // 密码盐
     $salt = md5('shinn_lancelot');
-    $res = json_decode(file_get_contents('./user.json'), true);
+
+    $userArr = array();
+    $file = './user.json';
+    if (file_exists($file)) {
+        $userArr = json_decode(file_get_contents('./user.json'), true);
+    }
+
     $hasUser = false;
-    foreach ($res as $key=>$value) {
-        if ($value['user'] == $user) {
-            $hasUser = true;
-            if ($value['password'] == md5($password . $salt)) {
-                session_start();
-                $_SESSION['wop_admin_user'] = $user;
+    if (count($userArr) > 0) {
+        foreach ($userArr as $key=>$value) {
+            if ($value['user'] == $user) {
+                $hasUser = true;
+                if ($value['password'] == md5($password . $salt)) {
+                    session_start();
+                    $_SESSION['wop_admin_user'] = $user;
 
-                $res['code'] = 1;
-                $res['message'] = '登录成功！';
-            } else {
-                $res['message'] = '密码错误！';
+                    $res['code'] = 1;
+                    $res['message'] = '登录成功！';
+                } else {
+                    $res['message'] = '密码错误！';
+                }
+                break;
             }
-            break;
         }
     }
     if (!$hasUser) {

diff --git a/common/verifyHandle.php b/common/verifyHandle.php
@@ -4,6 +4,15 @@
     $res['code'] = 0;
     $res['message'] = '提交失败！';
 
+    session_start();
+    $user = isset($_SESSION['wop_admin_user']) ? $_SESSION['wop_admin_user'] : '';
+    if (empty($user)) {
+        $res['code'] = -1;
+        $res['message'] = '登陆过期！';
+        echo json_encode($res);
+        exit();
+    }
+
     $filePrefix = 'MP_verify_';
     $callBackUrl = $_SERVER['HTTP_HOST'];
 

diff --git a/login.php b/login.php
@@ -206,12 +206,12 @@
                 <div class="input-box">
                     <i class="icon icon-user"></i>
                     <input type="text" class="field" name="user" id="user" value="" placeholder="用户名">
-                    <i class="icon icon-clear"></i>
+                    <i class="icon icon-clear" title="移除"></i>
                 </div>
                 <div class="input-box">
                     <i class="icon icon-password"></i>
                     <input type="password" class="field" name="password" id="password" value="" placeholder="密码">
-                    <i class="icon icon-clear"></i>
+                    <i class="icon icon-clear" title="移除"></i>
                 </div>
                 <div class="field disable" id="login_btn">
                     <p>登录</p>
@@ -275,7 +275,6 @@
                 } else {
                     loginState = 1;
                 }
-
             } else {
                 console.log(xhr.readyState);
             }