You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

435 lines
18 KiB

1 year ago
1 year ago
  1. <?php
  2. namespace app\controller;
  3. use app\BaseController;
  4. use think\facade\Db;
  5. use think\facade\View;
  6. use think\facade\Request;
  7. use think\facade\Cache;
  8. use app\lib\Btapi;
  9. use app\lib\Plugins;
  10. class Admin extends BaseController
  11. {
  12. public function verifycode()
  13. {
  14. return captcha();
  15. }
  16. public function login(){
  17. if(request()->islogin){
  18. return redirect('/admin');
  19. }
  20. if(request()->isAjax()){
  21. $username = input('post.username',null,'trim');
  22. $password = input('post.password',null,'trim');
  23. $code = input('post.code',null,'trim');
  24. if(empty($username) || empty($password)){
  25. return json(['code'=>-1, 'msg'=>'用户名或密码不能为空']);
  26. }
  27. if(!captcha_check($code)){
  28. return json(['code'=>-1, 'msg'=>'验证码错误']);
  29. }
  30. if($username == config_get('admin_username') && $password == config_get('admin_password')){
  31. Db::name('log')->insert(['uid' => 0, 'action' => '登录后台', 'data' => 'IP:'.$this->clientip, 'addtime' => date("Y-m-d H:i:s")]);
  32. $session = md5($username.config_get('admin_password'));
  33. $expiretime = time()+2562000;
  34. $token = authcode("{$username}\t{$session}\t{$expiretime}", 'ENCODE', config_get('syskey'));
  35. cookie('admin_token', $token, ['expire' => $expiretime, 'httponly' => true]);
  36. config_set('admin_lastlogin', date('Y-m-d H:i:s'));
  37. return json(['code'=>0]);
  38. }else{
  39. return json(['code'=>-1, 'msg'=>'用户名或密码错误']);
  40. }
  41. }
  42. return view();
  43. }
  44. public function logout()
  45. {
  46. cookie('admin_token', null);
  47. return redirect('/admin/login');
  48. }
  49. public function index()
  50. {
  51. $stat = ['total'=>0, 'free'=>0, 'pro'=>0, 'ltd'=>0, 'third'=>0];
  52. $json_arr = Plugins::get_plugin_list();
  53. if($json_arr){
  54. foreach($json_arr['list'] as $plugin){
  55. $stat['total']++;
  56. if($plugin['type']==10) $stat['third']++;
  57. elseif($plugin['type']==12) $stat['ltd']++;
  58. elseif($plugin['type']==8) $stat['pro']++;
  59. elseif($plugin['type']==5 || $plugin['type']==6 || $plugin['type']==7) $stat['free']++;
  60. }
  61. }
  62. $stat['runtime'] = Db::name('config')->where('key','runtime')->value('value') ?? '<font color="red">未运行</font>';
  63. $stat['record_total'] = Db::name('record')->count();
  64. $stat['record_isuse'] = Db::name('record')->whereTime('usetime', '>=', strtotime('-7 days'))->count();
  65. View::assign('stat', $stat);
  66. $tmp = 'version()';
  67. $mysqlVersion = Db::query("select version()")[0][$tmp];
  68. $info = [
  69. 'framework_version' => app()::VERSION,
  70. 'php_version' => PHP_VERSION,
  71. 'mysql_version' => $mysqlVersion,
  72. 'software' => $_SERVER['SERVER_SOFTWARE'],
  73. 'os' => php_uname(),
  74. 'date' => date("Y-m-d H:i:s"),
  75. ];
  76. View::assign('info', $info);
  77. return view();
  78. }
  79. public function set(){
  80. if(request()->isAjax()){
  81. $params = Request::param();
  82. foreach ($params as $key => $value) {
  83. config_set($key, $value);
  84. }
  85. cache('configs', NULL);
  86. return json(['code'=>0]);
  87. }
  88. $mod = input('param.mod', 'sys');
  89. View::assign('mod', $mod);
  90. View::assign('conf', config('sys'));
  91. $runtime = Db::name('config')->where('key','runtime')->value('value') ?? '<font color="red">未运行</font>';
  92. View::assign('runtime', $runtime);
  93. return view();
  94. }
  95. public function setaccount(){
  96. $params = Request::param();
  97. if(isset($params['username']))$params['username']=trim($params['username']);
  98. if(isset($params['oldpwd']))$params['oldpwd']=trim($params['oldpwd']);
  99. if(isset($params['newpwd']))$params['newpwd']=trim($params['newpwd']);
  100. if(isset($params['newpwd2']))$params['newpwd2']=trim($params['newpwd2']);
  101. if(empty($params['username'])) return json(['code'=>-1, 'msg'=>'用户名不能为空']);
  102. config_set('admin_username', $params['username']);
  103. if(!empty($params['oldpwd']) && !empty($params['newpwd']) && !empty($params['newpwd2'])){
  104. if(config_get('admin_password') != $params['oldpwd']){
  105. return json(['code'=>-1, 'msg'=>'旧密码不正确']);
  106. }
  107. if($params['newpwd'] != $params['newpwd2']){
  108. return json(['code'=>-1, 'msg'=>'两次新密码输入不一致']);
  109. }
  110. config_set('admin_password', $params['newpwd']);
  111. }
  112. cache('configs', NULL);
  113. cookie('admin_token', null);
  114. return json(['code'=>0]);
  115. }
  116. public function testbturl(){
  117. $bt_type = input('post.bt_type/d');
  118. if($bt_type == 1){
  119. $bt_surl = input('post.bt_surl');
  120. if(!$bt_surl)return json(['code'=>-1, 'msg'=>'参数不能为空']);
  121. $res = get_curl($bt_surl . 'api/SetupCount');
  122. if(strpos($res, 'ok')!==false){
  123. return json(['code'=>0, 'msg'=>'第三方云端连接测试成功!']);
  124. }else{
  125. return json(['code'=>-1, 'msg'=>'第三方云端连接测试失败']);
  126. }
  127. }else{
  128. $bt_url = input('post.bt_url');
  129. $bt_key = input('post.bt_key');
  130. if(!$bt_url || !$bt_key)return json(['code'=>-1, 'msg'=>'参数不能为空']);
  131. $btapi = new Btapi($bt_url, $bt_key);
  132. $result = $btapi->get_config();
  133. if($result && isset($result['status']) && ($result['status']==1 || isset($result['sites_path']))){
  134. $result = $btapi->get_user_info();
  135. if($result && isset($result['username'])){
  136. return json(['code'=>0, 'msg'=>'面板连接测试成功!']);
  137. }else{
  138. return json(['code'=>-1, 'msg'=>'面板连接测试成功,但未安装专用插件']);
  139. }
  140. }else{
  141. return json(['code'=>-1, 'msg'=>isset($result['msg'])?$result['msg']:'面板地址无法连接']);
  142. }
  143. }
  144. }
  145. public function plugins(){
  146. $typelist = [];
  147. $json_arr = Plugins::get_plugin_list();
  148. if($json_arr){
  149. foreach($json_arr['type'] as $type){
  150. if($type['title'] == '一键部署') continue;
  151. $typelist[$type['id']] = $type['title'];
  152. }
  153. }
  154. View::assign('typelist', $typelist);
  155. return view();
  156. }
  157. public function pluginswin(){
  158. $typelist = [];
  159. $json_arr = Plugins::get_plugin_list('Windows');
  160. if($json_arr){
  161. foreach($json_arr['type'] as $type){
  162. if($type['title'] == '一键部署') continue;
  163. $typelist[$type['id']] = $type['title'];
  164. }
  165. }
  166. View::assign('typelist', $typelist);
  167. return view();
  168. }
  169. public function plugins_data(){
  170. $type = input('post.type/d');
  171. $keyword = input('post.keyword', null, 'trim');
  172. $os = input('get.os');
  173. if(!$os) $os = 'Linux';
  174. $json_arr = Plugins::get_plugin_list($os);
  175. if(!$json_arr) return json([]);
  176. $typelist = [];
  177. foreach($json_arr['type'] as $row){
  178. $typelist[$row['id']] = $row['title'];
  179. }
  180. $list = [];
  181. foreach($json_arr['list'] as $plugin){
  182. if($type > 0 && $plugin['type']!=$type) continue;
  183. if(!empty($keyword) && $keyword != $plugin['name'] && stripos($plugin['title'], $keyword)===false) continue;
  184. $versions = [];
  185. foreach($plugin['versions'] as $version){
  186. $ver = $version['m_version'].'.'.$version['version'];
  187. if(isset($version['download'])){
  188. $status = false;
  189. if(file_exists(get_data_dir().'plugins/other/'.$version['download'])){
  190. $status = true;
  191. }
  192. $versions[] = ['status'=>$status, 'type'=>1, 'version'=>$ver, 'download'=>$version['download'], 'md5'=>$version['md5']];
  193. }else{
  194. $status = false;
  195. if(file_exists(get_data_dir($os).'plugins/package/'.$plugin['name'].'-'.$ver.'.zip')){
  196. $status = true;
  197. }
  198. $versions[] = ['status'=>$status, 'type'=>0, 'version'=>$ver];
  199. }
  200. }
  201. if($plugin['name'] == 'obs') $plugin['ps'] = substr($plugin['ps'],0,strpos($plugin['ps'],'<a '));
  202. $list[] = [
  203. 'id' => $plugin['id'],
  204. 'name' => $plugin['name'],
  205. 'title' => $plugin['title'],
  206. 'type' => $plugin['type'],
  207. 'typename' => $typelist[$plugin['type']],
  208. 'desc' => str_replace('target="_blank"','target="_blank" rel="noopener noreferrer"',$plugin['ps']),
  209. 'price' => $plugin['price'],
  210. 'author' => isset($plugin['author']) ? $plugin['author'] : '官方',
  211. 'versions' => $versions
  212. ];
  213. }
  214. return json($list);
  215. }
  216. public function download_plugin(){
  217. $name = input('post.name', null, 'trim');
  218. $version = input('post.version', null, 'trim');
  219. $os = input('post.os');
  220. if(!$os) $os = 'Linux';
  221. if(!$name || !$version) return json(['code'=>-1, 'msg'=>'参数不能为空']);
  222. try{
  223. Plugins::download_plugin($name, $version, $os);
  224. Db::name('log')->insert(['uid' => 0, 'action' => '下载插件', 'data' => $name.'-'.$version.' os:'.$os, 'addtime' => date("Y-m-d H:i:s")]);
  225. return json(['code'=>0,'msg'=>'下载成功']);
  226. }catch(\Exception $e){
  227. return json(['code'=>-1, 'msg'=>$e->getMessage()]);
  228. }
  229. }
  230. public function refresh_plugins(){
  231. $os = input('get.os');
  232. if(!$os) $os = 'Linux';
  233. try{
  234. Plugins::refresh_plugin_list($os);
  235. Db::name('log')->insert(['uid' => 0, 'action' => '刷新插件列表', 'data' => '刷新'.$os.'插件列表成功', 'addtime' => date("Y-m-d H:i:s")]);
  236. return json(['code'=>0,'msg'=>'获取最新插件列表成功!']);
  237. }catch(\Exception $e){
  238. return json(['code'=>-1, 'msg'=>$e->getMessage()]);
  239. }
  240. }
  241. public function record(){
  242. return view();
  243. }
  244. public function record_data(){
  245. $ip = input('post.ip', null, 'trim');
  246. $offset = input('post.offset/d');
  247. $limit = input('post.limit/d');
  248. $select = Db::name('record');
  249. if(!empty($ip)){
  250. $select->where('ip', $ip);
  251. }
  252. $total = $select->count();
  253. $rows = $select->order('id','desc')->limit($offset, $limit)->select();
  254. return json(['total'=>$total, 'rows'=>$rows]);
  255. }
  256. public function log(){
  257. return view();
  258. }
  259. public function log_data(){
  260. $action = input('post.action', null, 'trim');
  261. $offset = input('post.offset/d');
  262. $limit = input('post.limit/d');
  263. $select = Db::name('log');
  264. if(!empty($action)){
  265. $select->where('action', $action);
  266. }
  267. $total = $select->count();
  268. $rows = $select->order('id','desc')->limit($offset, $limit)->select();
  269. return json(['total'=>$total, 'rows'=>$rows]);
  270. }
  271. public function list(){
  272. $type = input('param.type', 'black');
  273. View::assign('type', $type);
  274. View::assign('typename', $type=='white'?'白名单':'黑名单');
  275. return view();
  276. }
  277. public function list_data(){
  278. $type = input('param.type', 'black');
  279. $ip = input('post.ip', null, 'trim');
  280. $offset = input('post.offset/d');
  281. $limit = input('post.limit/d');
  282. $tablename = $type == 'black' ? 'black' : 'white';
  283. $select = Db::name($tablename);
  284. if(!empty($ip)){
  285. $select->where('ip', $ip);
  286. }
  287. $total = $select->count();
  288. $rows = $select->order('id','desc')->limit($offset, $limit)->select();
  289. return json(['total'=>$total, 'rows'=>$rows]);
  290. }
  291. public function list_op(){
  292. $type = input('param.type', 'black');
  293. $tablename = $type == 'black' ? 'black' : 'white';
  294. $act = input('post.act', null);
  295. if($act == 'get'){
  296. $id = input('post.id/d');
  297. if(!$id) return json(['code'=>-1, 'msg'=>'no id']);
  298. $data = Db::name($tablename)->where('id', $id)->find();
  299. return json(['code'=>0, 'data'=>$data]);
  300. }elseif($act == 'add'){
  301. $ip = input('post.ip', null, 'trim');
  302. if(!$ip) return json(['code'=>-1, 'msg'=>'IP不能为空']);
  303. if(Db::name($tablename)->where('ip', $ip)->find()){
  304. return json(['code'=>-1, 'msg'=>'该IP已存在']);
  305. }
  306. Db::name($tablename)->insert([
  307. 'ip' => $ip,
  308. 'enable' => 1,
  309. 'addtime' => date("Y-m-d H:i:s")
  310. ]);
  311. return json(['code'=>0, 'msg'=>'succ']);
  312. }elseif($act == 'edit'){
  313. $id = input('post.id/d');
  314. $ip = input('post.ip', null, 'trim');
  315. if(!$id || !$ip) return json(['code'=>-1, 'msg'=>'IP不能为空']);
  316. if(Db::name($tablename)->where('ip', $ip)->where('id', '<>', $id)->find()){
  317. return json(['code'=>-1, 'msg'=>'该IP已存在']);
  318. }
  319. Db::name($tablename)->where('id', $id)->update([
  320. 'ip' => $ip
  321. ]);
  322. return json(['code'=>0, 'msg'=>'succ']);
  323. }elseif($act == 'enable'){
  324. $id = input('post.id/d');
  325. $enable = input('post.enable/d');
  326. if(!$id) return json(['code'=>-1, 'msg'=>'no id']);
  327. Db::name($tablename)->where('id', $id)->update([
  328. 'enable' => $enable
  329. ]);
  330. return json(['code'=>0, 'msg'=>'succ']);
  331. }elseif($act == 'del'){
  332. $id = input('post.id/d');
  333. if(!$id) return json(['code'=>-1, 'msg'=>'no id']);
  334. Db::name($tablename)->where('id', $id)->delete();
  335. return json(['code'=>0, 'msg'=>'succ']);
  336. }
  337. return json(['code'=>-1, 'msg'=>'no act']);
  338. }
  339. public function deplist(){
  340. $deplist_linux = get_data_dir().'config/deployment_list.json';
  341. $deplist_win = get_data_dir('Windows').'config/deployment_list.json';
  342. $deplist_linux_time = file_exists($deplist_linux) ? date("Y-m-d H:i:s", filemtime($deplist_linux)) : '不存在';
  343. $deplist_win_time = file_exists($deplist_win) ? date("Y-m-d H:i:s", filemtime($deplist_win)) : '不存在';
  344. View::assign('deplist_linux_time', $deplist_linux_time);
  345. View::assign('deplist_win_time', $deplist_win_time);
  346. return view();
  347. }
  348. public function refresh_deplist(){
  349. $os = input('get.os');
  350. if(!$os) $os = 'Linux';
  351. try{
  352. Plugins::refresh_deplist($os);
  353. Db::name('log')->insert(['uid' => 0, 'action' => '刷新一键部署列表', 'data' => '刷新'.$os.'一键部署列表成功', 'addtime' => date("Y-m-d H:i:s")]);
  354. return json(['code'=>0,'msg'=>'获取最新一键部署列表成功!']);
  355. }catch(\Exception $e){
  356. return json(['code'=>-1, 'msg'=>$e->getMessage()]);
  357. }
  358. }
  359. public function cleancache(){
  360. Cache::clear();
  361. return json(['code'=>0,'msg'=>'succ']);
  362. }
  363. public function ssl(){
  364. if(request()->isAjax()){
  365. $domain_list = input('post.domain_list', null, 'trim');
  366. $common_name = input('post.common_name', null, 'trim');
  367. $validity = input('post.validity/d');
  368. if(empty($domain_list) || empty($validity)){
  369. return json(['code'=>-1, 'msg'=>'参数不能为空']);
  370. }
  371. $array = explode("\n", $domain_list);
  372. $domain_list = [];
  373. foreach($array as $domain){
  374. $domain = trim($domain);
  375. if(empty($domain)) continue;
  376. if(!checkDomain($domain)) return json(['code'=>-1, 'msg'=>'域名或IP格式不正确:'.$domain]);
  377. $domain_list[] = $domain;
  378. }
  379. if(empty($domain_list)) return json(['code'=>-1, 'msg'=>'域名列表不能为空']);
  380. if(empty($common_name)) $common_name = $domain_list[0];
  381. $result = makeSelfSignSSL($common_name, $domain_list, $validity);
  382. if(!$result){
  383. return json(['code'=>-1, 'msg'=>'生成证书失败']);
  384. }
  385. return json(['code'=>0, 'msg'=>'生成证书成功', 'cert'=>$result['cert'], 'key'=>$result['key']]);
  386. }
  387. $dir = app()->getBasePath().'script/';
  388. $ssl_path = app()->getRootPath().'public/ssl/baota_root.pfx';
  389. $ssl_path_mac = app()->getRootPath().'public/ssl/baota_root.crt';
  390. $isca = file_exists($dir.'ca.crt') && file_exists($dir.'ca.key') && file_exists($ssl_path) && file_exists($ssl_path_mac);
  391. View::assign('isca', $isca);
  392. return view();
  393. }
  394. }