lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-24 12:07:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

prepare for beta8

Browse Source
This commit is contained in:
xiaomlove
2021-06-04 21:04:12 +08:00
parent 9a4ef55b12
commit 34a6c2e1f4
10 changed files with 100 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files
_db/dbstructure_v1.6.sql
+62 -5
View File
@@ -778,7 +778,7 @@ CREATE TABLE `failed_jobs` (
`exception` longtext COLLATE utf8mb4_unicode_ci NOT NULL, `exception` longtext COLLATE utf8mb4_unicode_ci NOT NULL,
`failed_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, `failed_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`id`), PRIMARY KEY (`id`),
UNIQUE KEY `failed_jobs_uuid_unique` (`uuid`) UNIQUE KEY `failed_jobs_uuid_unique` (`uuid`(191))
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
/*!40101 SET character_set_client = @saved_cs_client */; /*!40101 SET character_set_client = @saved_cs_client */;
@@ -1909,6 +1909,34 @@ INSERT INTO `searchbox` VALUES (4,'chd',1,0,1,1,1,0,1,0,10,7,'','','');
/*!40000 ALTER TABLE `searchbox` ENABLE KEYS */; /*!40000 ALTER TABLE `searchbox` ENABLE KEYS */;
UNLOCK TABLES; UNLOCK TABLES;
--
-- Table structure for table `searchbox_fields`
--
DROP TABLE IF EXISTS `searchbox_fields`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `searchbox_fields` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`searchbox_id` int(11) NOT NULL,
`field_type` varchar(255) NOT NULL,
`field_id` int(11) NOT NULL DEFAULT '0',
`created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`update_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`id`),
UNIQUE KEY `uniq_searchbox_type_id` (`searchbox_id`,`field_type`,`field_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Dumping data for table `searchbox_fields`
--
LOCK TABLES `searchbox_fields` WRITE;
/*!40000 ALTER TABLE `searchbox_fields` DISABLE KEYS */;
/*!40000 ALTER TABLE `searchbox_fields` ENABLE KEYS */;
UNLOCK TABLES;
-- --
-- Table structure for table `secondicons` -- Table structure for table `secondicons`
-- --
@@ -1953,8 +1981,8 @@ CREATE TABLE `settings` (
`id` int(11) NOT NULL AUTO_INCREMENT, `id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(255) NOT NULL DEFAULT '', `name` varchar(255) NOT NULL DEFAULT '',
`value` mediumtext, `value` mediumtext,
`created_at` datetime DEFAULT NULL, `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`updated_at` datetime DEFAULT NULL, `updated_at` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`id`), PRIMARY KEY (`id`),
UNIQUE KEY `uniqe_name` (`name`) UNIQUE KEY `uniqe_name` (`name`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8; ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
@@ -2337,6 +2365,35 @@ LOCK TABLES `topics` WRITE;
/*!40000 ALTER TABLE `topics` ENABLE KEYS */; /*!40000 ALTER TABLE `topics` ENABLE KEYS */;
UNLOCK TABLES; UNLOCK TABLES;
--
-- Table structure for table `torrent_secrets`
--
DROP TABLE IF EXISTS `torrent_secrets`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `torrent_secrets` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`uid` int(11) NOT NULL,
`torrent_id` int(11) NOT NULL DEFAULT '0',
`secret` varchar(255) NOT NULL,
`created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`id`),
KEY `idx_uid` (`uid`),
KEY `idx_torrent_id` (`torrent_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Dumping data for table `torrent_secrets`
--
LOCK TABLES `torrent_secrets` WRITE;
/*!40000 ALTER TABLE `torrent_secrets` DISABLE KEYS */;
/*!40000 ALTER TABLE `torrent_secrets` ENABLE KEYS */;
UNLOCK TABLES;
-- --
-- Table structure for table `torrents` -- Table structure for table `torrents`
-- --
@@ -2381,7 +2438,7 @@ CREATE TABLE `torrents` (
`promotion_until` datetime DEFAULT NULL, `promotion_until` datetime DEFAULT NULL,
`anonymous` enum('yes','no') NOT NULL DEFAULT 'no', `anonymous` enum('yes','no') NOT NULL DEFAULT 'no',
`url` int(10) unsigned DEFAULT NULL, `url` int(10) unsigned DEFAULT NULL,
`pos_state` enum('normal','sticky') NOT NULL DEFAULT 'normal', `pos_state` varchar(32) NOT NULL DEFAULT 'normal',
`cache_stamp` tinyint(3) unsigned NOT NULL DEFAULT '0', `cache_stamp` tinyint(3) unsigned NOT NULL DEFAULT '0',
`picktype` enum('hot','classic','recommended','normal') NOT NULL DEFAULT 'normal', `picktype` enum('hot','classic','recommended','normal') NOT NULL DEFAULT 'normal',
`picktime` datetime DEFAULT NULL, `picktime` datetime DEFAULT NULL,
@@ -2703,4 +2760,4 @@ UNLOCK TABLES;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
-- Dump completed on 2021-05-14 0:29:10 -- Dump completed on 2021-06-04 21:00:26
app/Http/Middleware/Permission.php
+4 -5
View File
@@ -18,14 +18,13 @@ class Permission
*/ */
public function handle(Request $request, Closure $next) public function handle(Request $request, Closure $next)
{ {
/** @var User $user */
$user = $request->user(); $user = $request->user();
$targetClass = User::CLASS_MODERATOR; if (!$user || !$user->canAccessAdmin()) {
$log = sprintf('user: %s, class: %s, target class: %s', $user->id, $user->class, $targetClass); do_log("denied!");
if (!$user || $user->class < $targetClass) {
do_log("$log, denied!");
throw new UnauthorizedException('Unauthorized!'); throw new UnauthorizedException('Unauthorized!');
} }
do_log("$log, allow!"); do_log("allow!");
return $next($request); return $next($request);
} }
} }
app/Models/User.php
+10
View File
@@ -247,4 +247,14 @@ class User extends Authenticatable
return $this->update($update); return $this->update($update);
} }
public function canAccessAdmin()
{
$targetClass = self::CLASS_MODERATOR;
if (!$this->class || $this->class < $targetClass) {
do_log(sprintf('user: %s, no class or class < %s, can not access admin.', $this->id, $targetClass));
return false;
}
return true;
}
} }
app/Repositories/AuthenticateRepository.php
+5 -1
View File
@@ -4,6 +4,7 @@ namespace App\Repositories;
use App\Http\Resources\UserResource; use App\Http\Resources\UserResource;
use App\Models\User; use App\Models\User;
use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\DB;
use Illuminate\Validation\UnauthorizedException;
class AuthenticateRepository extends BaseRepository class AuthenticateRepository extends BaseRepository
{ {
@@ -11,10 +12,13 @@ class AuthenticateRepository extends BaseRepository
{ {
$user = User::query() $user = User::query()
->where('username', $username) ->where('username', $username)
->first(array_merge(User::$commonFields, ['secret', 'passhash'])); ->first(array_merge(User::$commonFields, ['class', 'secret', 'passhash']));
if (!$user || md5($user->secret . $password . $user->secret) != $user->passhash) { if (!$user || md5($user->secret . $password . $user->secret) != $user->passhash) {
throw new \InvalidArgumentException('Username or password invalid.'); throw new \InvalidArgumentException('Username or password invalid.');
} }
if (!$user->canAccessAdmin()) {
throw new UnauthorizedException('Unauthorized!');
}
$tokenName = __METHOD__ . __LINE__; $tokenName = __METHOD__ . __LINE__;
$token = DB::transaction(function () use ($user, $tokenName) { $token = DB::transaction(function () use ($user, $tokenName) {
$user->tokens()->delete(); $user->tokens()->delete();
lang/chs/lang_torrents.php
+1 -1
View File
@@ -47,7 +47,7 @@ $lang_torrents = array
'text_s_bookmarked_torrent' => "收藏的种子", 'text_s_bookmarked_torrent' => "收藏的种子",
'text_s_not_bookmarked_torrent' => "未收藏的种子", 'text_s_not_bookmarked_torrent' => "未收藏的种子",
'head_torrents' => "种子", 'head_torrents' => "种子",
'head_music' => "音乐", 'head_special' => "特别",
'text_movies_and_tvs' => "电影 & 电视:", 'text_movies_and_tvs' => "电影 & 电视:",
'text_games_and_appz' => "游戏 & 程序:", 'text_games_and_appz' => "游戏 & 程序:",
'text_others' => "其它:", 'text_others' => "其它:",
lang/cht/lang_torrents.php
+1 -1
View File
@@ -47,7 +47,7 @@ $lang_torrents = array
'text_s_bookmarked_torrent' => "收藏的種子", 'text_s_bookmarked_torrent' => "收藏的種子",
'text_s_not_bookmarked_torrent' => "未收藏的種子", 'text_s_not_bookmarked_torrent' => "未收藏的種子",
'head_torrents' => "種子", 'head_torrents' => "種子",
'head_music' => "音樂", 'head_special' => "特別",
'text_movies_and_tvs' => "電影 & 電視:", 'text_movies_and_tvs' => "電影 & 電視:",
'text_games_and_appz' => "游戲 & 程序:", 'text_games_and_appz' => "游戲 & 程序:",
'text_others' => "其它:", 'text_others' => "其它:",
lang/en/lang_torrents.php
+1 -1
View File
@@ -47,7 +47,7 @@ $lang_torrents = array
'text_s_bookmarked_torrent' => "'s Bookmarked Torrents", 'text_s_bookmarked_torrent' => "'s Bookmarked Torrents",
'text_s_not_bookmarked_torrent' => "'s NOT Bookmarked Torrents", 'text_s_not_bookmarked_torrent' => "'s NOT Bookmarked Torrents",
'head_torrents' => "Torrents", 'head_torrents' => "Torrents",
'head_music' => "Music", 'head_special' => "Special",
'text_movies_and_tvs' => "Movies & TVs:", 'text_movies_and_tvs' => "Movies & TVs:",
'text_games_and_appz' => "Games & Appz:", 'text_games_and_appz' => "Games & Appz:",
'text_others' => "Others:", 'text_others' => "Others:",
nexus/Install/settings.default.php
+3 -2
View File
@@ -153,14 +153,15 @@
'addoffer' => '0', 'addoffer' => '0',
'offermanage' => '13', 'offermanage' => '13',
'upload' => '2', 'upload' => '2',
'uploadspecial' => '0', 'uploadspecial' => '12',
'movetorrent' => '0', 'movetorrent' => '13',
'chrmanage' => '13', 'chrmanage' => '13',
'viewinvite' => '13', 'viewinvite' => '13',
'buyinvite' => '5', 'buyinvite' => '5',
'seebanned' => '12', 'seebanned' => '12',
'againstoffer' => '1', 'againstoffer' => '1',
'userbar' => '2', 'userbar' => '2',
'view_special_torrent' => '4',
), ),
'tweak' => 'tweak' =>
array ( array (
public/settings.php
+12 -12
View File
@@ -55,7 +55,7 @@ if ($action == 'savesettings_main') // save main
$Cache->delete_value('stats_torrents', true); $Cache->delete_value('stats_torrents', true);
$Cache->delete_value('peers_count', true); $Cache->delete_value('peers_count', true);
$actiontime = date("F j, Y, g:i a"); $actiontime = date("F j, Y, g:i a");
write_log("Tracker MAIN settings updated by $CURUSER[username]. $actiontime",'mod'); write_log("Tracker MAIN settings updated by {$CURUSER['username']}. $actiontime",'mod');
go_back(); go_back();
} }
elseif ($action == 'savesettings_basic') // save basic elseif ($action == 'savesettings_basic') // save basic
@@ -71,7 +71,7 @@ elseif ($action == 'savesettings_basic') // save basic
} }
saveSetting('basic', $BASIC); saveSetting('basic', $BASIC);
$actiontime = date("F j, Y, g:i a"); $actiontime = date("F j, Y, g:i a");
write_log("Tracker basic settings updated by $CURUSER[username]. $actiontime",'mod'); write_log("Tracker basic settings updated by {$CURUSER['username']}. $actiontime",'mod');
go_back(); go_back();
} }
elseif ($action == 'savesettings_code') // save database elseif ($action == 'savesettings_code') // save database
@@ -85,7 +85,7 @@ elseif ($action == 'savesettings_code') // save database
} }
saveSetting('code', $CODE); saveSetting('code', $CODE);
$actiontime = date("F j, Y, g:i a"); $actiontime = date("F j, Y, g:i a");
write_log("Tracker code settings updated by $CURUSER[username]. $actiontime",'mod'); write_log("Tracker code settings updated by {$CURUSER['username']}. $actiontime",'mod');
go_back(); go_back();
} }
elseif ($action == 'savesettings_bonus') // save bonus elseif ($action == 'savesettings_bonus') // save bonus
@@ -107,7 +107,7 @@ elseif ($action == 'savesettings_bonus') // save bonus
ksort($BONUS['attendance_continuous']); ksort($BONUS['attendance_continuous']);
saveSetting('bonus', $BONUS); saveSetting('bonus', $BONUS);
$actiontime = date("F j, Y, g:i a"); $actiontime = date("F j, Y, g:i a");
write_log("Tracker bonus settings updated by $CURUSER[username]. $actiontime",'mod'); write_log("Tracker bonus settings updated by {$CURUSER['username']}. $actiontime",'mod');
go_back(); go_back();
} }
elseif ($action == 'savesettings_account') // save account elseif ($action == 'savesettings_account') // save account
@@ -122,7 +122,7 @@ elseif ($action == 'savesettings_account') // save account
} }
saveSetting('account', $ACCOUNT); saveSetting('account', $ACCOUNT);
$actiontime = date("F j, Y, g:i a"); $actiontime = date("F j, Y, g:i a");
write_log("Tracker account settings updated by $CURUSER[username]. $actiontime",'mod'); write_log("Tracker account settings updated by {$CURUSER['username']}. $actiontime",'mod');
go_back(); go_back();
} }
elseif($action == 'savesettings_torrent') // save account elseif($action == 'savesettings_torrent') // save account
@@ -137,7 +137,7 @@ elseif($action == 'savesettings_torrent') // save account
saveSetting('torrent', $TORRENT); saveSetting('torrent', $TORRENT);
$actiontime = date("F j, Y, g:i a"); $actiontime = date("F j, Y, g:i a");
write_log("Tracker torrent settings updated by $CURUSER[username]. $actiontime",'mod'); write_log("Tracker torrent settings updated by {$CURUSER['username']}. $actiontime",'mod');
go_back(); go_back();
} }
elseif ($action == 'savesettings_smtp') // save smtp elseif ($action == 'savesettings_smtp') // save smtp
@@ -158,7 +158,7 @@ elseif ($action == 'savesettings_smtp') // save smtp
} }
saveSetting('smtp', $SMTP); saveSetting('smtp', $SMTP);
$actiontime = date("F j, Y, g:i a"); $actiontime = date("F j, Y, g:i a");
write_log("Tracker SMTP settings updated by $CURUSER[username]. $actiontime",'mod'); write_log("Tracker SMTP settings updated by {$CURUSER['username']}. $actiontime",'mod');
go_back(); go_back();
} }
elseif ($action == 'savesettings_security') // save security elseif ($action == 'savesettings_security') // save security
@@ -181,7 +181,7 @@ elseif ($action == 'savesettings_security') // save security
} }
saveSetting('security', $SECURITY); saveSetting('security', $SECURITY);
$actiontime = date("F j, Y, g:i a"); $actiontime = date("F j, Y, g:i a");
write_log("Tracker SECURITY settings updated by $CURUSER[username]. $actiontime",'mod'); write_log("Tracker SECURITY settings updated by {$CURUSER['username']}. $actiontime",'mod');
go_back(); go_back();
} }
elseif ($action == 'savesettings_authority') // save user authority elseif ($action == 'savesettings_authority') // save user authority
@@ -196,7 +196,7 @@ elseif ($action == 'savesettings_authority') // save user authority
saveSetting('authority', $AUTHORITY); saveSetting('authority', $AUTHORITY);
$actiontime = date("F j, Y, g:i a"); $actiontime = date("F j, Y, g:i a");
write_log("Tracker USER AUTHORITY settings updated by $CURUSER[username]. $actiontime",'mod'); write_log("Tracker USER AUTHORITY settings updated by {$CURUSER['username']}. $actiontime",'mod');
go_back(); go_back();
} }
elseif ($action == 'savesettings_tweak') // save tweak elseif ($action == 'savesettings_tweak') // save tweak
@@ -210,7 +210,7 @@ elseif ($action == 'savesettings_tweak') // save tweak
} }
saveSetting('tweak', $TWEAK); saveSetting('tweak', $TWEAK);
$actiontime = date("F j, Y, g:i a"); $actiontime = date("F j, Y, g:i a");
write_log("Tracker TWEAK settings updated by $CURUSER[username]. $actiontime",'mod'); write_log("Tracker TWEAK settings updated by {$CURUSER['username']}. $actiontime",'mod');
go_back(); go_back();
} }
elseif ($action == 'savesettings_attachment') // save attachment elseif ($action == 'savesettings_attachment') // save attachment
@@ -225,7 +225,7 @@ elseif ($action == 'savesettings_attachment') // save attachment
saveSetting('attachment', $ATTACHMENT); saveSetting('attachment', $ATTACHMENT);
$actiontime = date("F j, Y, g:i a"); $actiontime = date("F j, Y, g:i a");
write_log("Tracker ATTACHMENT settings updated by $CURUSER[username]. $actiontime",'mod'); write_log("Tracker ATTACHMENT settings updated by {$CURUSER['username']}. $actiontime",'mod');
go_back(); go_back();
} }
elseif ($action == 'savesettings_advertisement') // save advertisement elseif ($action == 'savesettings_advertisement') // save advertisement
@@ -240,7 +240,7 @@ elseif ($action == 'savesettings_advertisement') // save advertisement
saveSetting('advertisement', $ADVERTISEMENT); saveSetting('advertisement', $ADVERTISEMENT);
$actiontime = date("F j, Y, g:i a"); $actiontime = date("F j, Y, g:i a");
write_log("Tracker ADVERTISEMENT settings updated by $CURUSER[username]. $actiontime",'mod'); write_log("Tracker ADVERTISEMENT settings updated by {$CURUSER['username']}. $actiontime",'mod');
go_back(); go_back();
} }
elseif ($action == 'tweaksettings') // tweak settings elseif ($action == 'tweaksettings') // tweak settings
public/torrents.php
+1 -1
View File
@@ -885,7 +885,7 @@ if (isset($searchstr))
stdhead($lang_torrents['head_search_results_for'].$searchstr_ori); stdhead($lang_torrents['head_search_results_for'].$searchstr_ori);
elseif ($sectiontype == $browsecatmode) elseif ($sectiontype == $browsecatmode)
stdhead($lang_torrents['head_torrents']); stdhead($lang_torrents['head_torrents']);
else stdhead($lang_torrents['head_music']); else stdhead($lang_torrents['head_special']);
print("<table width=\"97%\" class=\"main\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr><td class=\"embedded\">"); print("<table width=\"97%\" class=\"main\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr><td class=\"embedded\">");
displayHotAndClassic(); displayHotAndClassic();