1
0
mirror of https://github.com/ZeroDream-CN/PHPMC7 synced 2024-11-24 04:52:54 +08:00

v7.3.2105 安全更新发布

增加登录页面 Csrf 验证
修复 Daemon 管理页面显示问题
修复一些操作时的判断问题
修复 AJAX 请求参数构造错误问题
修复控制台字体全绿问题
This commit is contained in:
Akkariin Meiko 2018-09-15 13:25:18 +08:00
parent b0bb258d07
commit 01b9046021
10 changed files with 236 additions and 26 deletions

View File

@ -23,17 +23,17 @@ function ajaxload() {
$("#ping").html(end + " 毫秒"); $("#ping").html(end + " 毫秒");
if(oldlog != htmlobj.responseText) { if(oldlog != htmlobj.responseText) {
$("#debug").html("<code style='color: #FFF;background-color: none;padding: 0px;'>" $("#debug").html("<code style='color: #FFF;background-color: none;padding: 0px;'>"
+ htmlobj.responseText.replace("<", "&lt;").replace(">", "&gt;").replace("\n","<br />") + htmlobj.responseText.replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/\n/g,"<br />")
.replace("INFO]", "<span style='color: #00B100'>信息</span>]").replace("WARN]", "<span style='color: #FF8700'>警告</span>]") .replace(/INFO\]/g, "<span style='color: #00B100'>信息</span>]").replace(/WARN\]/g, "<span style='color: #FF8700'>警告</span>]")
.replace("ERROR]", "<span style='color: #FF0000'>错误</span>]").replace("[Server", "[服务器").replace("thread/", "主线程/") .replace(/ERROR\]/g, "<span style='color: #FF0000'>错误</span>]").replace(/\[Server/g, "[服务器").replace(/thread\//g, "主线程/")
.replace("Done (", "启动完成,耗时 (").replace("s)! For help, type \"help\" or \"?\"", " 秒)!需要帮助,请输入 “help” 或 “?”") .replace("Done (", "启动完成,耗时 (").replace("s)! For help, type \"help\" or \"?\"", " 秒)!需要帮助,请输入 “help” 或 “?”")
.replace("Unknown command. Type \"/help\" for help.", "未知命令,请输入 “help” 查看帮助。") .replace(/Unknown command\. Type \"\/help\" for help\./g, "未知命令,请输入 “help” 查看帮助。")
.replace("Usage:", "使用方法:").replace("Stopping the server", "正在关闭服务器") .replace(/Usage\:/g, "使用方法:").replace(/Stopping the server/g, "正在关闭服务器")
.replace("You need to agree to the EULA in order to run the server. Go to eula.txt for more info.", .replace(/You need to agree to the EULA in order to run the server. Go to eula.txt for more info./,
"<span style='color: #FF8700'>你需要接受 EULA 协议才能开启服务器,编辑服务端的 eula.txt ,将 eula=false 改为 eula=true 并保存即可。</span>") "<span style='color: #FF8700'>你需要接受 EULA 协议才能开启服务器,编辑服务端的 eula.txt ,将 eula=false 改为 eula=true 并保存即可。</span>")
.replace("Stopping server", "正在终止服务器进程").replace("Loading properties", "正在加载配置文件") .replace(/Stopping server/, "正在终止服务器进程").replace(/Loading properties/, "正在加载配置文件")
.replace("Failed to load", "无法加载").replace("Starting minecraft server version", "正在启动 Minecraft 服务器,版本:") .replace(/Failed to load/, "无法加载").replace(/Starting minecraft server version/, "正在启动 Minecraft 服务器,版本:")
.replace("Default game type:", "默认游戏模式:").replace("Container not found", "提示:服务器未在运行状态") .replace(/Default game type:/, "默认游戏模式:").replace("Container not found", "提示:服务器未在运行状态")
.replace("Token Error", "错误:授权验证失败,请检查 Daemon 设置。") + "</code>"); .replace("Token Error", "错误:授权验证失败,请检查 Daemon 设置。") + "</code>");
if(autoflush.checked == true) { if(autoflush.checked == true) {
debug.scrollTop = debug.scrollHeight; debug.scrollTop = debug.scrollHeight;

View File

@ -127,11 +127,10 @@
}; };
function createDaemon() { function createDaemon() {
var htmlobj = $.ajax({ var htmlobj = $.ajax({
url: "?", url: "?action=createdaemon",
async:true, async:true,
timeout:5000, timeout:5000,
data: { data: {
action: "createdaemon",
name: $("#name").val(), name: $("#name").val(),
host: $("#host").val(), host: $("#host").val(),
pass: $("#pass").val(), pass: $("#pass").val(),
@ -151,11 +150,10 @@
} }
function updateDaemon() { function updateDaemon() {
var htmlobj = $.ajax({ var htmlobj = $.ajax({
url: "?", url: "?action=updatedaemon",
async:true, async:true,
timeout:5000, timeout:5000,
data: { data: {
action: "updatedaemon",
id: selected, id: selected,
name: $("#modify_name").val(), name: $("#modify_name").val(),
host: $("#modify_host").val(), host: $("#modify_host").val(),
@ -177,11 +175,10 @@
function deleteDaemon() { function deleteDaemon() {
if(confirm("您确定要删除此 Daemon 吗?此操作不可恢复!")) { if(confirm("您确定要删除此 Daemon 吗?此操作不可恢复!")) {
var htmlobj = $.ajax({ var htmlobj = $.ajax({
url: "?", url: "?action=deletedaemon",
async:true, async:true,
timeout:5000, timeout:5000,
data: { data: {
action: "deletedaemon",
id: selected id: selected
}, },
error: function() { error: function() {

View File

@ -62,10 +62,17 @@
}, },
data: { data: {
username: urname, username: urname,
password: passwd password: passwd,
csrf_token: "{CSRF_TOKEN}"
} }
}); });
}; };
window.onkeydown = function(event){
if(event.keyCode == 13) {
login();
return false;
}
};
</script> </script>
<div class="content"> <div class="content">
<div class="top-logo"> <div class="top-logo">

View File

@ -0,0 +1,24 @@
<?php
class Csrf {
public function isemptyCsrfToken() {
SESSION_START();
return $_SESSION['token'] == "";
}
public function createCsrfToken() {
SESSION_START();
$_SESSION['token'] = md5(uniqid(rand(0, 10000000), TRUE));
}
public function verifyCsrfToken($data) {
SESSION_START();
if(empty($_SESSION['token'])) {
return false;
}
if(empty($data['csrf_token'])) {
return false;
}
return $data['csrf_token'] == $_SESSION['token'];
}
}

View File

@ -147,7 +147,7 @@ class Daemon {
while($rw = mysqli_fetch_row($rs)) { while($rw = mysqli_fetch_row($rs)) {
$data .= "<div class='server-hover' onclick='selectDaemon({$rw[0]}, this)'> $data .= "<div class='server-hover' onclick='selectDaemon({$rw[0]}, this)'>
<h5>{$rw[1]}</h5> <h5>{$rw[1]}</h5>
<p>{$rw[3]} | 操作系统:{$rw[4]}</p> <p>{$rw[5]} | 操作系统:{$rw[4]}</p>
</div>"; </div>";
} }
mysqli_close($conn); mysqli_close($conn);

View File

@ -7,6 +7,7 @@ class Event {
SESSION_START(); SESSION_START();
$_SESSION['user'] = $Data['username']; $_SESSION['user'] = $Data['username'];
echo "Successful"; echo "Successful";
PHPMC::Csrf()->createCsrfToken();
exit; exit;
} else { } else {
$Option = new Option(); $Option = new Option();
@ -247,6 +248,16 @@ class Event {
if(!preg_match("/^[0-9]+$/", $data['owner'])) { if(!preg_match("/^[0-9]+$/", $data['owner'])) {
PHPMC::Error()->Println("请填写字段:服务器所有者"); PHPMC::Error()->Println("请填写字段:服务器所有者");
} }
$Server = new Server();
$Server->setServer($data['name']);
if($Server->uuid !== null) {
PHPMC::Error()->Println("相同名字的服务器已经存在。");
}
$Server->unselectServer();
$Server->setServer($data['port'], $data['daemon']);
if($Server->uuid !== null) {
PHPMC::Error()->Println("相同端口、相同 Daemon 的服务器已经存在。");
}
$Daemon = new Daemon(); $Daemon = new Daemon();
if($Daemon->setDaemon($data['daemon']) == null) { if($Daemon->setDaemon($data['daemon']) == null) {
PHPMC::Error()->Println("Daemon 不存在,请检查参数是否正确。"); PHPMC::Error()->Println("Daemon 不存在,请检查参数是否正确。");
@ -285,9 +296,24 @@ class Event {
if(!preg_match("/^[0-9]+$/", $data['owner'])) { if(!preg_match("/^[0-9]+$/", $data['owner'])) {
PHPMC::Error()->Println("请填写字段:服务器所有者"); PHPMC::Error()->Println("请填写字段:服务器所有者");
} }
$Server = new Server();
$Server2 = new Server();
$Server->setServer($data['id']);
if($Server->uuid == null) {
PHPMC::Error()->Println("Server Not Found");
}
$Server2->setServer($data['name']);
if($Server2->uuid !== null) {
PHPMC::Error()->Println("相同名字的服务器已经存在。");
}
$Server2->unselectServer();
$Server2->setServer($data['port'], $Server->daemon);
if($Server->uuid !== null) {
PHPMC::Error()->Println("相同端口、相同 Daemon 的服务器已经存在。");
}
PHPMC::Server()->updateServer($data['id'], $data['name'], $data['maxram'], $data['jar'], $data['startcommand'], PHPMC::Server()->updateServer($data['id'], $data['name'], $data['maxram'], $data['jar'], $data['startcommand'],
$data['stopcommand'], $data['owner'], "normal", $data['port'], $data['ftppass']); $data['stopcommand'], $data['owner'], "normal", $data['port'], $data['ftppass']);
echo "服务器设置更改成功!"; echo "服务器设置更改成功,您需要刷新网页后设置才会生效。";
exit; exit;
} }
@ -340,8 +366,12 @@ class Event {
if(!preg_match("/^[a-z]+$/", $data['type'])) { if(!preg_match("/^[a-z]+$/", $data['type'])) {
PHPMC::Error()->Println("请填写字段:服务器操作系统类型"); PHPMC::Error()->Println("请填写字段:服务器操作系统类型");
} }
$Daemon = new Daemon();
if($Daemon->setDaemon($data['id']) == null) {
PHPMC::Error()->Println("Daemon Not Found");
}
PHPMC::Daemon()->updateDaemon($data['id'], $data['name'], $data['host'], $data['pass'], $data['fqdn'], $data['type']); PHPMC::Daemon()->updateDaemon($data['id'], $data['name'], $data['host'], $data['pass'], $data['fqdn'], $data['type']);
echo "Daemon 设置更改成功!"; echo "Daemon 设置更改成功,您需要刷新网页后设置才会生效。";
exit; exit;
} }
@ -374,6 +404,14 @@ class Event {
if(!preg_match("/^[A-Za-z0-9\_\-\;\:]+$/", $data['permission'])) { if(!preg_match("/^[A-Za-z0-9\_\-\;\:]+$/", $data['permission'])) {
PHPMC::Error()->Println("请填写字段:用户权限"); PHPMC::Error()->Println("请填写字段:用户权限");
} }
$Profile = new Profile($data['username']);
if($Profile->username == $data['username'] && $Profile->id !== $data['id']) {
PHPMC::Error()->Println("此用户名已经存在。");
}
$Profile = new Profile($data['email']);
if($Profile->email == $data['email'] && $Profile->id !== $data['id']) {
PHPMC::Error()->Println("此邮箱已经存在。");
}
$password = password_hash(md5($data['password']), PASSWORD_BCRYPT); $password = password_hash(md5($data['password']), PASSWORD_BCRYPT);
PHPMC::User()->createUser($data['username'], $password, $data['email'], $data['permission']); PHPMC::User()->createUser($data['username'], $password, $data['email'], $data['permission']);
echo "用户创建成功!"; echo "用户创建成功!";
@ -393,13 +431,25 @@ class Event {
if(!preg_match("/^[A-Za-z0-9\_\-\;\:]+$/", $data['permission'])) { if(!preg_match("/^[A-Za-z0-9\_\-\;\:]+$/", $data['permission'])) {
PHPMC::Error()->Println("请填写字段:用户权限"); PHPMC::Error()->Println("请填写字段:用户权限");
} }
$Profile = new Profile($data['id']);
if($Profile->username == null) {
PHPMC::Error()->Println("User Not Found");
}
$Profile = new Profile($data['username']);
if($Profile->username == $data['username'] && $Profile->id !== $data['id']) {
PHPMC::Error()->Println("此用户名已经存在。");
}
$Profile = new Profile($data['email']);
if($Profile->email == $data['email'] && $Profile->id !== $data['id']) {
PHPMC::Error()->Println("此邮箱已经存在。");
}
if(empty($data['password'])) { if(empty($data['password'])) {
PHPMC::User()->updateUser($data['id'], $data['username'], false, $data['email'], $data['permission']); PHPMC::User()->updateUser($data['id'], $data['username'], false, $data['email'], $data['permission']);
} else { } else {
$password = password_hash(md5($data['password']), PASSWORD_BCRYPT); $password = password_hash(md5($data['password']), PASSWORD_BCRYPT);
PHPMC::User()->updateUser($data['id'], $data['username'], $password, $data['email'], $data['permission']); PHPMC::User()->updateUser($data['id'], $data['username'], $password, $data['email'], $data['permission']);
} }
echo "用户设置更改成功!"; echo "用户设置更改成功,您需要刷新网页后设置才会生效。";
exit; exit;
} }
@ -408,7 +458,7 @@ class Event {
PHPMC::Error()->Println("请填写字段:用户 ID"); PHPMC::Error()->Println("请填写字段:用户 ID");
} }
$Profile = new Profile($data['id']); $Profile = new Profile($data['id']);
if($Daemon->setDaemon($data['id']) == null) { if($Profile->username == null) {
PHPMC::Error()->Println("User Not Found"); PHPMC::Error()->Println("User Not Found");
} }
if(PHPMC::Server()->getCountsByOwner($data['id']) > 0) { if(PHPMC::Server()->getCountsByOwner($data['id']) > 0) {
@ -433,7 +483,7 @@ class Event {
PHPMC::Error()->Println("请填写字段:系统主题"); PHPMC::Error()->Println("请填写字段:系统主题");
} }
PHPMC::Option()->saveConfig($data['SiteName'], $data['Description'], $data['Theme']); PHPMC::Option()->saveConfig($data['SiteName'], $data['Description'], $data['Theme']);
echo "系统设置更改成功"; echo "系统设置更改成功,您需要刷新网页后设置才会生效。";
exit; exit;
} }

View File

@ -1,5 +1,5 @@
<?php <?php
define("PHPMC_VERSION", "7.3.1709"); // Don't Change This! define("PHPMC_VERSION", "7.3.2105"); // Don't Change This!
include(ROOT . "/include/core/PHPMC/Event.php"); include(ROOT . "/include/core/PHPMC/Event.php");
include(ROOT . "/include/core/PHPMC/User.php"); include(ROOT . "/include/core/PHPMC/User.php");
include(ROOT . "/include/core/PHPMC/Utils.php"); include(ROOT . "/include/core/PHPMC/Utils.php");
@ -12,6 +12,7 @@ include(ROOT . "/include/core/PHPMC/Http.php");
include(ROOT . "/include/core/PHPMC/Option.php"); include(ROOT . "/include/core/PHPMC/Option.php");
include(ROOT . "/include/core/PHPMC/Permission.php"); include(ROOT . "/include/core/PHPMC/Permission.php");
include(ROOT . "/include/core/PHPMC/Update.php"); include(ROOT . "/include/core/PHPMC/Update.php");
include(ROOT . "/include/core/PHPMC/Csrf.php");
class PHPMC { class PHPMC {
public static function Event() { public static function Event() {
return new Event(); return new Event();
@ -37,6 +38,10 @@ class PHPMC {
return new Http(); return new Http();
} }
public static function Csrf() {
return new Csrf();
}
public static function Option() { public static function Option() {
return new Option(); return new Option();
} }

View File

@ -10,6 +10,7 @@ class Profile {
if(!empty($username) && preg_match("/^[A-Za-z0-9\-\_]+$/", $username)) { if(!empty($username) && preg_match("/^[A-Za-z0-9\-\_]+$/", $username)) {
$db = Config::MySQL(); $db = Config::MySQL();
$conn = mysqli_connect($db['host'], $db['user'], $db['pass'], $db['name'], $db['port']); $conn = mysqli_connect($db['host'], $db['user'], $db['pass'], $db['name'], $db['port']);
// Method 1 通过用户名查找用户
$rs = mysqli_fetch_array(mysqli_query($conn, "SELECT * FROM `{$db['name']}`.`users` WHERE `username`='{$username}'")); $rs = mysqli_fetch_array(mysqli_query($conn, "SELECT * FROM `{$db['name']}`.`users` WHERE `username`='{$username}'"));
if($rs) { if($rs) {
$this->id = $rs['id']; $this->id = $rs['id'];
@ -17,12 +18,28 @@ class Profile {
$this->email = $rs['email']; $this->email = $rs['email'];
$this->permission = $rs['permission']; $this->permission = $rs['permission'];
} else { } else {
// Method 2 通过用户 ID 查找用户
$rs = mysqli_fetch_array(mysqli_query($conn, "SELECT * FROM `{$db['name']}`.`users` WHERE `id`='{$username}'")); $rs = mysqli_fetch_array(mysqli_query($conn, "SELECT * FROM `{$db['name']}`.`users` WHERE `id`='{$username}'"));
if($rs) { if($rs) {
$this->id = $rs['id']; $this->id = $rs['id'];
$this->username = $rs['username']; $this->username = $rs['username'];
$this->email = $rs['email']; $this->email = $rs['email'];
$this->permission = $rs['permission']; $this->permission = $rs['permission'];
} else {
// Method 3 通过用户邮箱查找用户
$rs = mysqli_fetch_array(mysqli_query($conn, "SELECT * FROM `{$db['name']}`.`users` WHERE `email`='{$username}'"));
if($rs) {
$this->id = $rs['id'];
$this->username = $rs['username'];
$this->email = $rs['email'];
$this->permission = $rs['permission'];
} else {
// 未找到任何数据,返回 null
$this->id = null;
$this->username = null;
$this->email = null;
$this->permission = null;
}
} }
} }
} }

View File

@ -16,14 +16,16 @@ class Server {
public $uuid; public $uuid;
/** /**
* 选择要操作的服务器 * 选择要操作的服务器,这里写的很杂
* *
* @param $server 服务器 ID * @param $server 服务器 ID
* @param $daemon 服务器所在 Daemon
*/ */
public function setServer($server) { public function setServer($server, $daemon = false) {
$this->server = $server; $this->server = $server;
$db = Config::MySQL(); $db = Config::MySQL();
$conn = mysqli_connect($db['host'], $db['user'], $db['pass'], $db['name'], $db['port']); $conn = mysqli_connect($db['host'], $db['user'], $db['pass'], $db['name'], $db['port']);
// Method 1 通过服务器 ID 查找服务器
$rs = mysqli_fetch_array(mysqli_query($conn, "SELECT * FROM `{$db['name']}`.`servers` WHERE `id`='" . $this->server . "'")); $rs = mysqli_fetch_array(mysqli_query($conn, "SELECT * FROM `{$db['name']}`.`servers` WHERE `id`='" . $this->server . "'"));
if($rs) { if($rs) {
$this->id = $rs['id']; $this->id = $rs['id'];
@ -38,7 +40,106 @@ class Server {
$this->port = $rs['port']; $this->port = $rs['port'];
$this->ftppass = $rs['ftppass']; $this->ftppass = $rs['ftppass'];
$this->uuid = $rs['uuid']; $this->uuid = $rs['uuid'];
} else {
// Method 2 通过服务器 UUID 查找服务器
$rs = mysqli_fetch_array(mysqli_query($conn, "SELECT * FROM `{$db['name']}`.`servers` WHERE `uuid`='" . $this->server . "'"));
if($rs) {
$this->id = $rs['id'];
$this->name = $rs['name'];
$this->daemon = $rs['daemon'];
$this->maxram = $rs['maxram'];
$this->jar = $rs['jar'];
$this->startcommand = $rs['startcommand'];
$this->stopcommand = $rs['stopcommand'];
$this->owner = $rs['owner'];
$this->status = $rs['status'];
$this->port = $rs['port'];
$this->ftppass = $rs['ftppass'];
$this->uuid = $rs['uuid'];
} else {
// Method 3 通过服务器名字查找服务器
$rs = mysqli_fetch_array(mysqli_query($conn, "SELECT * FROM `{$db['name']}`.`servers` WHERE `name`='" . $this->server . "'"));
if($rs) {
$this->id = $rs['id'];
$this->name = $rs['name'];
$this->daemon = $rs['daemon'];
$this->maxram = $rs['maxram'];
$this->jar = $rs['jar'];
$this->startcommand = $rs['startcommand'];
$this->stopcommand = $rs['stopcommand'];
$this->owner = $rs['owner'];
$this->status = $rs['status'];
$this->port = $rs['port'];
$this->ftppass = $rs['ftppass'];
$this->uuid = $rs['uuid'];
} else {
// Method 4 通过服务器端口查找服务器
if($daemon) {
$rs = mysqli_fetch_array(mysqli_query($conn, "SELECT * FROM `{$db['name']}`.`servers` WHERE `port`='" . $this->server . "' AND `daemon`='{$daemon}'"));
if($rs) {
$this->id = $rs['id'];
$this->name = $rs['name'];
$this->daemon = $rs['daemon'];
$this->maxram = $rs['maxram'];
$this->jar = $rs['jar'];
$this->startcommand = $rs['startcommand'];
$this->stopcommand = $rs['stopcommand'];
$this->owner = $rs['owner'];
$this->status = $rs['status'];
$this->port = $rs['port'];
$this->ftppass = $rs['ftppass'];
$this->uuid = $rs['uuid'];
} else {
// 未找到任何数据,返回 null
$this->id = null;
$this->name = null;
$this->daemon = null;
$this->maxram = null;
$this->jar = null;
$this->startcommand = null;
$this->stopcommand = null;
$this->owner = null;
$this->status = null;
$this->port = null;
$this->ftppass = null;
$this->uuid = null;
} }
} else {
// 未找到任何数据,返回 null
$this->id = null;
$this->name = null;
$this->daemon = null;
$this->maxram = null;
$this->jar = null;
$this->startcommand = null;
$this->stopcommand = null;
$this->owner = null;
$this->status = null;
$this->port = null;
$this->ftppass = null;
$this->uuid = null;
}
}
}
}
}
/**
* 取消选择服务器
*/
public function unselectServer() {
$this->id = null;
$this->name = null;
$this->daemon = null;
$this->maxram = null;
$this->jar = null;
$this->startcommand = null;
$this->stopcommand = null;
$this->owner = null;
$this->status = null;
$this->port = null;
$this->ftppass = null;
$this->uuid = null;
} }
/** /**
@ -57,11 +158,13 @@ class Server {
* @return Boolean 创建状态 * @return Boolean 创建状态
*/ */
public function createServer($name, $daemon, $maxram, $jar, $startcommand, $stopcommand, $owner, $status, $port, $ftppass) { public function createServer($name, $daemon, $maxram, $jar, $startcommand, $stopcommand, $owner, $status, $port, $ftppass) {
$uuid = md5(md5(time() . rand(0, 999999))); $uuid = md5(uniqid(rand(0, 10000000), TRUE));
$db = Config::MySQL(); $db = Config::MySQL();
$conn = mysqli_connect($db['host'], $db['user'], $db['pass'], $db['name'], $db['port']); $conn = mysqli_connect($db['host'], $db['user'], $db['pass'], $db['name'], $db['port']);
mysqli_query($conn, "INSERT INTO `{$db['name']}`.`servers` (`id`, `name`, `daemon`, `maxram`, `jar`, `startcommand`, `stopcommand`, `owner`, `status`, `port`, `uuid`, `ftppass`) " mysqli_query($conn, "INSERT INTO `{$db['name']}`.`servers` (`id`, `name`, `daemon`, `maxram`, `jar`, `startcommand`, `stopcommand`, `owner`, `status`, `port`, `uuid`, `ftppass`) "
. "VALUES (NULL, '{$name}', '{$daemon}', '{$maxram}', '{$jar}', '{$startcommand}', '{$stopcommand}', '{$owner}', '{$status}', '{$port}', '{$uuid}', '{$ftppass}')"); . "VALUES (NULL, '{$name}', '{$daemon}', '{$maxram}', '{$jar}', '{$startcommand}', '{$stopcommand}', '{$owner}', '{$status}', '{$port}', '{$uuid}', '{$ftppass}')");
$this->setServer($uuid);
$this->Init();
return true; return true;
} }

View File

@ -37,6 +37,7 @@ class Loader {
$str = str_replace("{USERNAME}", $Profile->username, $str); $str = str_replace("{USERNAME}", $Profile->username, $str);
$str = str_replace("{USERMAIL}", $Profile->email, $str); $str = str_replace("{USERMAIL}", $Profile->email, $str);
$str = str_replace("{AVATAR_HASH}", md5($Profile->email), $str); $str = str_replace("{AVATAR_HASH}", md5($Profile->email), $str);
$str = str_replace("{CSRF_TOKEN}", $_SESSION['token'], $str);
preg_match_all("/\{User\:(.*)\}/U", $str, $arr); preg_match_all("/\{User\:(.*)\}/U", $str, $arr);
for($i = 0;$i < count($arr[0]);$i++) { for($i = 0;$i < count($arr[0]);$i++) {
$User = new User(); $User = new User();
@ -75,6 +76,9 @@ class Loader {
* *
**/ **/
public function router() { public function router() {
if(PHPMC::Csrf()->isemptyCsrfToken()) {
PHPMC::Csrf()->createCsrfToken();
}
$Option = new Option(); $Option = new Option();
if(preg_match("/^[A-Za-z0-9\-\_]+$/", $_GET["page"])) { if(preg_match("/^[A-Za-z0-9\-\_]+$/", $_GET["page"])) {
PHPMC::Permission()->checkSession("page:" . $_GET['page']); PHPMC::Permission()->checkSession("page:" . $_GET['page']);
@ -83,6 +87,9 @@ class Loader {
} elseif($_GET['action']) { } elseif($_GET['action']) {
switch($_GET['action']) { switch($_GET['action']) {
case 'login': case 'login':
if(!PHPMC::Csrf()->verifyCsrfToken($_POST)) {
PHPMC::Error()->Println("Csrf 验证失败,请刷新页面重试。");
}
PHPMC::Event()->LoginEvent($_POST); PHPMC::Event()->LoginEvent($_POST);
break; break;
case 'logout': case 'logout':