diff --git a/admin/.htaccess b/admin/.htaccess new file mode 100644 index 0000000..0001e23 --- /dev/null +++ b/admin/.htaccess @@ -0,0 +1 @@ +#php_value auto_prepend_file "Manager.php" \ No newline at end of file diff --git a/admin/Alert.php b/admin/Alert.php index 18a5a5f..e8948d7 100644 --- a/admin/Alert.php +++ b/admin/Alert.php @@ -19,6 +19,19 @@ function response_with_click($message, $class, $script) EOF; } +function response($message, $class) +{ + echo << + $message + + +EOF; + +} + function response_with_href($message, $class, $href) { response_with_click($message, $class, <<getManagerResult(); + $manager->setLastIp(get_remote_ip()); + $manager->setLastTime(date(default_format)); + DbUtil::update("update manager set last_ip=?,last_time=? where manager_name=?", "sss", $manager->getLastIp(), $manager->getLastTime(), $manager->getManagerName()); + + // 跳转到首页 + if ($_SERVER["SCRIPT_NAME"] == "/admin/Manager.php") { + info_res($msg, "/admin/Login.php"); + } else { + response($msg, "alert-info"); + } + + // 登陆身份有效期半小时 + setcookie("login_token", $manager->loginToken(), time() + 60 * 15, "/"); +} + +function check_login() +{ + if (!empty($_COOKIE["login_token"]) and !empty($_COOKIE["manager_name"])) { + $manager_result = new QueryManager(); + DbUtil::query("select * from manager where manager_name=?", $manager_result, array($_COOKIE["manager_name"])); +// 验证cookie身份信息有效性 + if (empty($manager_result) or $_COOKIE["login_token"] != $manager_result->getManagerResult()->loginToken()) { + setcookie("manager_name", "", time() - 3600, "/"); + setcookie("login_token", "", time() - 3600, "/"); +// error_res("非法验证,请重新登陆", "/admin/Manager.php"); + } else { + try { + update_token($manager_result, "您已登录,自动跳转到首页"); + return true; + } catch (Exception $e) { + error($e); +// error_res("管理员身份验证异常,请联系管理员", "/admin/Manager.php"); + } + + } + } +// else { +// info_res("您尚未登陆,跳转到登陆页", "/admin/Manager.php"); +// } + return false; +} + + diff --git a/admin/Manager.php b/admin/Manager.php new file mode 100644 index 0000000..f98007c --- /dev/null +++ b/admin/Manager.php @@ -0,0 +1,102 @@ + + + + +
+
+
+
+
+ 管理员账号 +
+ +
+ 管理员账号不为空 +
+
+
+
+ 管理员密码 +
+ +
+ 管理员密码不为空 +
+
+ + +
+
+
+ + +EOF; + + } + +//else if (!empty($_COOKIE["login_token"]) and !empty($_COOKIE["manager_name"])) { +// $manager_result = new QueryManager(); +// DbUtil::query("select * from manager where manager_name=?", $manager_result, array($_COOKIE["manager_name"])); +//// 验证cookie身份信息有效性 +// if (empty($manager_result) or $_COOKIE["login_token"] != $manager_result->getManagerResult()->loginToken()) { +// setcookie("manager_name", "", time() - 3600); +// setcookie("login_token", "", time() - 3600); +// error_res("非法验证,请重新登陆", "/admin/Manager.php"); +// } else { +// try { +// update_token($manager_result,"您已登录,自动跳转到首页"); +// } catch (Exception $e) { +// error($e); +// error_res("管理员身份验证异常,请联系管理员", "/admin/Manager.php"); +// } +// +// } +//} + else if (empty($_POST["manager_name"])) { + error_res(array("status" => false, "msg" => "管理员不能为空"), "/admin/Manager.php"); + } else if (empty($_POST["manager_pwd"])) { + error_res(array("status" => false, "msg" => "管理员密码不能为空"), "/admin/Manager.php"); + } else { + $manager_result = new QueryManager(); + DbUtil::query("select * from manager where manager_name=? and manager_pwd=?", $manager_result, array($_POST["manager_name"], md5($_POST["manager_pwd"]))); + if (empty($manager_result->getManagerResult())) { + error_res("登陆失败,管理员或密码错误", "/admin/Manager.php"); + } else { + update_token($manager_result, "验证成功,自动跳转到首页"); + setcookie("manager_name", $manager_result->getManagerResult()->getManagerName(), time() + 60 * 15, "/"); + } + } +} \ No newline at end of file diff --git a/admin/Question.php b/admin/Question.php index f675561..3b03fe5 100644 --- a/admin/Question.php +++ b/admin/Question.php @@ -22,7 +22,7 @@ require_once __ROOT__ . "/admin/Alert.php"; getMenu("题目管理"); -if (empty($_POST) && empty($_GET)) { +if (empty($_REQUEST)) { echo << diff --git a/admin/WasteSorting.php b/admin/WasteSorting.php index 6898c69..877e28e 100644 --- a/admin/WasteSorting.php +++ b/admin/WasteSorting.php @@ -9,7 +9,7 @@ require_once __ROOT__ . "/admin/Alert.php"; getMenu("题目管理"); -if (empty($_POST) && empty($_GET)) { +if (empty($_REQUEST)) { echo << diff --git a/config.php b/config.php index fe94053..0f96054 100644 --- a/config.php +++ b/config.php @@ -11,4 +11,6 @@ define("default_format", "Y-m-d H:i:s"); //根目录 //define("__ROOT__", dirname(__FILE__)); -define("__ROOT__", "D:/JetBrains/PhpstormProjects/WasteSorting"); \ No newline at end of file +//define("__ROOT__", "D:/JetBrains/PhpstormProjects/WasteSorting"); + +//define("__ROOT__", $_SERVER["DOCUMENT_ROOT"]); \ No newline at end of file diff --git a/database/Query.php b/database/Query.php index 63a6fb1..062fa83 100644 --- a/database/Query.php +++ b/database/Query.php @@ -4,6 +4,7 @@ require_once __ROOT__ . "/entity/ApiToken.php"; require_once __ROOT__ . "/entity/Garbage.php"; require_once __ROOT__ . "/entity/Question.php"; require_once __ROOT__ . "/entity/Answer.php"; +require_once __ROOT__ . "/entity/Manager.php"; require_once __ROOT__ . "/database/DbUtil.php"; //Token查询 abstract class AbstractTokenQuery implements DoExcute @@ -240,6 +241,7 @@ class QueryGarbageWithCategory implements DoExcute } } +//查询某个垃圾分类数据量 class QueryGarbageCount implements DoExcute { @@ -269,4 +271,37 @@ class QueryGarbageCount implements DoExcute } -} \ No newline at end of file +} + +//查询管理 +class QueryManager implements DoExcute +{ + + private $manager_result; + + public function bind_param(mysqli_stmt $stmt, array $param = null) + { + if (!empty($param)) { + $stmt->bind_param(str_repeat("s", count($param)), $param[0], ...array_slice($param, 1)); + } + } + + public function doResult(mysqli_stmt $stmt) + { + $stmt->bind_result($col1, $col2, $col3, $col4); + while ($stmt->fetch()) { + $this->manager_result = new Manager($col1, $col2, $col3, $col4); + } + } + + /** + * @return mixed + */ + public function getManagerResult() + { + return $this->manager_result; + } + + +} + diff --git a/entity/Manager.php b/entity/Manager.php new file mode 100644 index 0000000..5d31a49 --- /dev/null +++ b/entity/Manager.php @@ -0,0 +1,96 @@ +manager_name = $manager_name; + $this->manager_pwd = $manager_pwd; + $this->last_ip = $last_ip; + $this->last_time = $last_time; + } + + /** + * @return mixed + */ + public function getManagerName() + { + return $this->manager_name; + } + + /** + * @return mixed + */ + public function getManagerPwd() + { + return $this->manager_pwd; + } + + /** + * @return mixed + */ + public function getLastIp() + { + return $this->last_ip; + } + + /** + * @return mixed + */ + public function getLastTime() + { + return $this->last_time; + } + + public function loginToken() + { + return md5($this->last_ip . $this->last_time); + } + + /** + * @param mixed $manager_name + */ + public function setManagerName($manager_name): void + { + $this->manager_name = $manager_name; + } + + /** + * @param mixed $manager_pwd + */ + public function setManagerPwd($manager_pwd): void + { + $this->manager_pwd = $manager_pwd; + } + + /** + * @param mixed $last_ip + */ + public function setLastIp($last_ip): void + { + $this->last_ip = $last_ip; + } + + /** + * @param mixed $last_time + */ + public function setLastTime($last_time): void + { + $this->last_time = $last_time; + } + + +} \ No newline at end of file diff --git a/index.php b/index.php index 9486155..6cb68e9 100644 --- a/index.php +++ b/index.php @@ -2,15 +2,33 @@ require_once "config.php"; require_once __ROOT__ . "/head.php"; + +getMenu("后台管理"); + +require_once __ROOT__ . "/admin/Login.php"; + +if (!check_login()) { + error_res("您尚未登陆,跳转到登陆页", "/admin/Manager.php"); + return; +} + + require_once __ROOT__ . "/entity/Menu.php"; //菜单信息 $menus = array("API" => new Menu("百度API配置", "/admin/ApiConfig.php"), new Menu("垃圾分类", "/admin/WasteSorting.php"), new Menu("题目管理", "/admin/Question.php")); -getMenu("后台管理"); + echo << +function logout() { + if(confirm("确认退出?")){ + + } +} +