feat: 实现挂机修仙、排行榜、大厅重构与全站留言板系统
- (Phase 8) 后台各维度管理与配置 - (Phase 9) 全自动静默挂机修仙升级 - (Phase 9) 四大维度风云排行榜页面 - (Phase 10) 全站留言板与悄悄话私信功能 - 运行 Pint 代码格式化
This commit is contained in:
@@ -0,0 +1,33 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* 文件功能:后台首页控制台
|
||||
*
|
||||
* @author ChatRoom Laravel
|
||||
*
|
||||
* @version 1.0.0
|
||||
*/
|
||||
|
||||
namespace App\Http\Controllers\Admin;
|
||||
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Models\Room;
|
||||
use App\Models\User;
|
||||
use Illuminate\View\View;
|
||||
|
||||
class DashboardController extends Controller
|
||||
{
|
||||
/**
|
||||
* 显示后台首页与全局统计
|
||||
*/
|
||||
public function index(): View
|
||||
{
|
||||
$stats = [
|
||||
'total_users' => User::count(),
|
||||
'total_rooms' => Room::count(),
|
||||
// 更多统计指标以后再发掘
|
||||
];
|
||||
|
||||
return view('admin.dashboard', compact('stats'));
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,76 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* 文件功能:后台 SQL 探针
|
||||
* (替代原版 SQL.ASP,严格限制为只读模式)
|
||||
*
|
||||
* @author ChatRoom Laravel
|
||||
*
|
||||
* @version 1.0.0
|
||||
*/
|
||||
|
||||
namespace App\Http\Controllers\Admin;
|
||||
|
||||
use App\Http\Controllers\Controller;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\View\View;
|
||||
|
||||
class SqlController extends Controller
|
||||
{
|
||||
/**
|
||||
* 显示 SQL 执行沙盒界面
|
||||
*/
|
||||
public function index(): View
|
||||
{
|
||||
return view('admin.sql.index', ['results' => null, 'query' => '', 'columns' => []]);
|
||||
}
|
||||
|
||||
/**
|
||||
* 极度受限地执行 SQL (仅限 SELECT)
|
||||
*/
|
||||
public function execute(Request $request): View
|
||||
{
|
||||
$request->validate([
|
||||
'query' => 'required|string|min:6',
|
||||
]);
|
||||
|
||||
$sql = trim($request->input('query'));
|
||||
|
||||
// 安全拦截:绝不允许含有 update/delete/insert/truncate/drop 等破坏性指令
|
||||
// 我们只允许查询,所以要求必须以 SELECT 起手,或者 EXPLAIN/SHOW
|
||||
if (! preg_match('/^(SELECT|EXPLAIN|SHOW|DESCRIBE)\s/i', $sql)) {
|
||||
return view('admin.sql.index', [
|
||||
'results' => null,
|
||||
'columns' => [],
|
||||
'query' => $sql,
|
||||
'error' => '安全保护触发:本探针只允许执行 SELECT / SHOW 等只读查询!',
|
||||
]);
|
||||
}
|
||||
|
||||
try {
|
||||
$results = DB::select($sql);
|
||||
|
||||
// 提取表头
|
||||
$columns = [];
|
||||
if (! empty($results)) {
|
||||
$firstRow = (array) $results[0];
|
||||
$columns = array_keys($firstRow);
|
||||
}
|
||||
|
||||
return view('admin.sql.index', [
|
||||
'results' => $results,
|
||||
'columns' => $columns,
|
||||
'query' => $sql,
|
||||
'error' => null,
|
||||
]);
|
||||
} catch (\Exception $e) {
|
||||
return view('admin.sql.index', [
|
||||
'results' => null,
|
||||
'columns' => [],
|
||||
'query' => $sql,
|
||||
'error' => 'SQL 执行发生异常: '.$e->getMessage(),
|
||||
]);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,60 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* 文件功能:系统参数配置控制器
|
||||
* (替代原版 VIEWSYS.ASP / SetSYS.ASP)
|
||||
*
|
||||
* @author ChatRoom Laravel
|
||||
*
|
||||
* @version 1.0.0
|
||||
*/
|
||||
|
||||
namespace App\Http\Controllers\Admin;
|
||||
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Models\SysParam;
|
||||
use App\Services\ChatStateService;
|
||||
use Illuminate\Http\RedirectResponse;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\View\View;
|
||||
|
||||
class SystemController extends Controller
|
||||
{
|
||||
public function __construct(
|
||||
private readonly ChatStateService $chatState
|
||||
) {}
|
||||
|
||||
/**
|
||||
* 显示全局参数配置表单
|
||||
*/
|
||||
public function edit(): View
|
||||
{
|
||||
// 读取数据库中最新的参数
|
||||
$params = SysParam::all()->pluck('body', 'alias')->toArray();
|
||||
|
||||
// 为后台界面准备的文案对照 (可动态化或硬编码)
|
||||
$descriptions = SysParam::all()->pluck('guidetxt', 'alias')->toArray();
|
||||
|
||||
return view('admin.system.edit', compact('params', 'descriptions'));
|
||||
}
|
||||
|
||||
/**
|
||||
* 更新全局参数,并刷新全站 Cache 缓存
|
||||
*/
|
||||
public function update(Request $request): RedirectResponse
|
||||
{
|
||||
$data = $request->except(['_token', '_method']);
|
||||
|
||||
foreach ($data as $alias => $body) {
|
||||
SysParam::updateOrCreate(
|
||||
['alias' => $alias],
|
||||
['body' => $body]
|
||||
);
|
||||
|
||||
// 写入 Cache 保证极速读取
|
||||
$this->chatState->setSysParam($alias, $body);
|
||||
}
|
||||
|
||||
return redirect()->route('admin.system.edit')->with('success', '系统参数已成功更新并生效!');
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,114 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* 文件功能:后台用户大盘管理控制器
|
||||
* (替代原版 gl/ 下的各种管理面)
|
||||
*
|
||||
* @author ChatRoom Laravel
|
||||
*
|
||||
* @version 1.0.0
|
||||
*/
|
||||
|
||||
namespace App\Http\Controllers\Admin;
|
||||
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Models\User;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use Illuminate\Http\RedirectResponse;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Support\Facades\Hash;
|
||||
use Illuminate\View\View;
|
||||
|
||||
class UserManagerController extends Controller
|
||||
{
|
||||
/**
|
||||
* 显示拥护列表及搜索
|
||||
*/
|
||||
public function index(Request $request): View
|
||||
{
|
||||
$query = User::query();
|
||||
|
||||
if ($request->filled('username')) {
|
||||
$query->where('username', 'like', '%'.$request->input('username').'%');
|
||||
}
|
||||
|
||||
// 分页获取用户
|
||||
$users = $query->orderBy('id', 'desc')->paginate(20);
|
||||
|
||||
return view('admin.users.index', compact('users'));
|
||||
}
|
||||
|
||||
/**
|
||||
* 修改用户资料、等级或密码 (AJAX 或表单)
|
||||
*/
|
||||
public function update(Request $request, int $id): JsonResponse|RedirectResponse
|
||||
{
|
||||
$targetUser = User::findOrFail($id);
|
||||
$currentUser = Auth::user();
|
||||
|
||||
// 越权防护:不能修改 等级大于或等于自己 的目标(除非修改自己)
|
||||
if ($targetUser->id !== $currentUser->id && $targetUser->user_level >= $currentUser->user_level) {
|
||||
return response()->json(['status' => 'error', 'message' => '权限不足:您无法修改同级或高级管理人员资料。'], 403);
|
||||
}
|
||||
|
||||
$validated = $request->validate([
|
||||
'sex' => 'sometimes|in:男,女,保密',
|
||||
'user_level' => 'sometimes|integer|min:0',
|
||||
'headface' => 'sometimes|string|max:50',
|
||||
'sign' => 'sometimes|string|max:255',
|
||||
'password' => 'nullable|string|min:6',
|
||||
]);
|
||||
|
||||
// 如果传了且没超权,直接赋予
|
||||
if (isset($validated['user_level'])) {
|
||||
// 不能把自己或别人提权到超过自己的等级
|
||||
if ($validated['user_level'] > $currentUser->user_level && $currentUser->id !== $targetUser->id) {
|
||||
return response()->json(['status' => 'error', 'message' => '您不能将别人提升至超过您的等级!'], 403);
|
||||
}
|
||||
$targetUser->user_level = $validated['user_level'];
|
||||
}
|
||||
|
||||
if (isset($validated['sex'])) {
|
||||
$targetUser->sex = $validated['sex'];
|
||||
}
|
||||
if (isset($validated['headface'])) {
|
||||
$targetUser->headface = $validated['headface'];
|
||||
}
|
||||
if (isset($validated['sign'])) {
|
||||
$targetUser->sign = $validated['sign'];
|
||||
}
|
||||
|
||||
if (! empty($validated['password'])) {
|
||||
$targetUser->password = Hash::make($validated['password']);
|
||||
}
|
||||
|
||||
$targetUser->save();
|
||||
|
||||
if ($request->wantsJson()) {
|
||||
return response()->json(['status' => 'success', 'message' => '用户资料已强行更新完毕!']);
|
||||
}
|
||||
|
||||
return back()->with('success', '用户资料已更新!');
|
||||
}
|
||||
|
||||
/**
|
||||
* 物理删除杀封用户
|
||||
*/
|
||||
public function destroy(Request $request, int $id): RedirectResponse
|
||||
{
|
||||
$targetUser = User::findOrFail($id);
|
||||
$currentUser = Auth::user();
|
||||
|
||||
// 越权防护
|
||||
if ($targetUser->id !== $currentUser->id && $targetUser->user_level >= $currentUser->user_level) {
|
||||
abort(403, '权限不足:无法删除同级或高级账号!');
|
||||
}
|
||||
|
||||
$targetUser->delete();
|
||||
|
||||
// 可选:触发解散名下房间等
|
||||
|
||||
return back()->with('success', '目标已被物理删除。');
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user