diff --git a/class/Api.php b/class/Api.php
index 49e3fc1..40396e7 100755
--- a/class/Api.php
+++ b/class/Api.php
@@ -1603,6 +1603,22 @@ class Api {
return FALSE;
}
}
+ /**
+ * name:验证订阅,订阅不存在,则阻止
+ */
+ public function check_is_subscribe(){
+ $result = $this->is_subscribe();
+
+ if( $result === FALSE ) {
+ $this->return_json(-2000,'','该功能需要订阅后才能使用!');
+ }
+ else if( $result === TRUE ) {
+ return TRUE;
+ }
+ else{
+ $this->return_json(-2000,'','该功能需要订阅后才能使用!');
+ }
+ }
/**
* 无脑下载更新程序
*/
@@ -1715,21 +1731,181 @@ class Api {
//curl get请求
protected function curl_get($url,$timeout = 10) {
- $curl = curl_init($url);
- #设置useragent
- curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36");
- curl_setopt($curl, CURLOPT_FAILONERROR, true);
- curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
- curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
- #设置超时时间,最小为1s(可选)
- curl_setopt($curl , CURLOPT_TIMEOUT, $timeout);
+ $curl = curl_init($url);
+ #设置useragent
+ curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36");
+ curl_setopt($curl, CURLOPT_FAILONERROR, true);
+ curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
+ curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
+ curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
+ curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
+ #设置超时时间,最小为1s(可选)
+ curl_setopt($curl , CURLOPT_TIMEOUT, $timeout);
- $html = curl_exec($curl);
- curl_close($curl);
- return $html;
-}
+ $html = curl_exec($curl);
+ curl_close($curl);
+ return $html;
+ }
+
+ /**
+ * name:数据库备份接口
+ */
+ public function backup_db(){
+ //验证请求
+ $this->auth($token);
+
+ //验证订阅
+ $this->check_is_subscribe();
+
+ $backup_dir = 'data/backup/';
+
+ //判断目录是否存在,不存在则创建
+ if( !is_dir($backup_dir) ) {
+ try {
+ mkdir($backup_dir,0755);
+ } catch (\Throwable $th) {
+ $this->return_json(-2000,'','备份目录创建失败,请检查目录权限!');
+ }
+ }
+ //尝试拷贝数据库进行备份
+ try {
+ //获取当前版本信息
+ $current_version = explode("-",file_get_contents("version.txt"));
+ $current_version = str_replace("v","",$current_version[0]);
+ $db_name = 'onenav_'.date("YmdHi",time()).'_'.$current_version.'.db3';
+ $backup_db_path = $backup_dir.$db_name;
+ copy('data/onenav.db3',$backup_db_path);
+ $this->return_json(200,$db_name,'success');
+ } catch (\Throwable $th) {
+ $this->return_json(-2000,'','备份目录创建失败,请检查目录权限!');
+ }
+
+ }
+ /**
+ * name:数据库备份列表
+ */
+ public function backup_db_list() {
+ //验证请求
+ $this->auth($token);
+ //验证订阅
+ $this->check_is_subscribe();
+
+ //备份目录
+ $backup_dir = 'data/backup/';
+
+ //遍历备份列表
+ $dbs = scandir($backup_dir);
+ $newdbs = $dbs;
+
+ //去除.和..
+ for ($i=0; $i < count($dbs); $i++) {
+ if( ($dbs[$i] == '.') || ($dbs[$i] == '..') ) {
+ unset($newdbs[$i]);
+ }
+ }
+
+ //将删除后的数组重新赋值
+ $dbs = $newdbs;
+
+ //获取备份列表个数
+ $num = count($dbs);
+
+ //排序处理,按时间从大到小排序
+ rsort($dbs,2);
+
+ //如果大于10个,则删减为10个
+ if( $num > 10 ) {
+ for ($i=$num; $i > 10; $i--) {
+ //物理删除数据库
+ unlink($backup_dir.$dbs[$i-1]);
+ //删除数组最后一个元素
+ array_pop($dbs);
+ }
+ $count = 10;
+ }
+ else{
+ $count = $num;
+ }
+
+ //声明一个空数组
+ $data = [];
+ //遍历数据库,获取时间,大小
+ foreach ($dbs as $key => $value) {
+ $arr['id'] = $key;
+ $arr['name'] = $value;
+ $arr['mtime'] = date("Y-m-d H:i:s",filemtime($backup_dir.$value));
+ $arr['size'] = (filesize($backup_dir.$value) / 1024).'KB';
+
+ $data[$key] = $arr;
+ }
+
+ $datas = [
+ 'code' => 0,
+ 'msg' => '',
+ 'count' => $count,
+ 'data' => $data
+ ];
+ exit(json_encode($datas));
+ }
+ /**
+ * name:删除单个数据库备份
+ * @param $name:数据库名称
+ */
+ public function del_backup_db($name) {
+ //验证请求
+ $this->auth($token);
+
+ //验证订阅
+ $this->check_is_subscribe();
+
+ //使用正则表达式判断数据库名称是否合法
+ $pattern = '/^onenav_[0-9\-]+_[0-9.]+(db3)$/';
+
+ if( !preg_match_all($pattern,$name) ) {
+ $this->return_json(-2000,'','数据库名称不合法!');
+ }
+
+ //数据库目录
+ $backup_dir = 'data/backup/';
+
+ //删除数据库
+ try {
+ unlink($backup_dir.$name);
+ $this->return_json(200,'',"备份数据库已被删除!");
+ } catch (\Throwable $th) {
+ $this->return_json(-2000,'',"删除失败,请检查目录权限!");
+ }
+ }
+
+ /**
+ * name:恢复数据库备份
+ * @param $name:备份数据库名称
+ */
+ public function restore_db($name) {
+ //验证请求
+ $this->auth($token);
+
+ //验证订阅
+ $this->check_is_subscribe();
+
+ //使用正则表达式判断数据库名称是否合法
+ $pattern = '/^onenav_[0-9\-]+_[0-9.]+(db3)$/';
+
+ if( !preg_match_all($pattern,$name) ) {
+ $this->return_json(-2000,'','数据库名称不合法!');
+ }
+
+ //数据库目录
+ $backup_dir = 'data/backup/';
+
+ //恢复数据库
+ try {
+ copy($backup_dir.$name,'data/onenav.db3');
+ $this->return_json(200,'','数据库已回滚为'.$name);
+ } catch (\Throwable $th) {
+ $this->return_json(-2000,'',"回滚失败,请检查目录权限!");
+ }
+ }
}
diff --git a/controller/admin.php b/controller/admin.php
index 0bc4740..1bd1ad7 100755
--- a/controller/admin.php
+++ b/controller/admin.php
@@ -9,18 +9,18 @@ require('functions/helper.php');
check_auth($site_setting['user'],$site_setting['password']);
//获取版本号
-function get_version(){
- if( file_exists('version.txt') ) {
- $version = @file_get_contents('version.txt');
- return $version;
- }
- else{
- $version = 'null';
- return $version;
- }
-}
+// function get_version(){
+// if( file_exists('version.txt') ) {
+// $version = @file_get_contents('version.txt');
+// return $version;
+// }
+// else{
+// $version = 'null';
+// return $version;
+// }
+// }
//获取版本号
-$version = get_version();
+$version = new_get_version();
$page = empty($_GET['page']) ? 'index' : $_GET['page'];
//如果页面是修改edit_category
@@ -86,6 +86,12 @@ if( $page == 'setting/api' ) {
//查询SecretKey
$SecretKey = $db->get('on_options','*',[ 'key' => 'SecretKey' ])['value'];
+}
+
+//备份页面
+if( $page == 'setting/backup' ) {
+
+
}
//如果页面是修改link
diff --git a/controller/api.php b/controller/api.php
index 439c64a..54abbf8 100755
--- a/controller/api.php
+++ b/controller/api.php
@@ -301,6 +301,8 @@ function set_site($api) {
$data['custom_header'] = $_POST['custom_header'];
//获取自定义footer
$data['custom_footer'] = $_POST['custom_footer'];
+ //获取链接模式
+ $data['link_model'] = $_POST['link_model'];
//序列化存储
$value = serialize($data);
@@ -529,4 +531,30 @@ function down_theme() {
$data['type'] = trim( $_REQUEST['type'] );
$api->down_theme($data);
+}
+
+//备份数据库
+function backup_db() {
+ global $api;
+ $api->backup_db();
+}
+
+//数据库备份列表
+function backup_db_list() {
+ global $api;
+ $api->backup_db_list();
+}
+
+//删除单个数据库备份
+function del_backup_db() {
+ global $api;
+ $name = @$_REQUEST['name'];
+ $api->del_backup_db($name);
+}
+
+//回滚数据库
+function restore_db() {
+ global $api;
+ $name = @$_REQUEST['name'];
+ $api->restore_db($name);
}
\ No newline at end of file
diff --git a/controller/init.php b/controller/init.php
index 73a9cbf..b1395ce 100644
--- a/controller/init.php
+++ b/controller/init.php
@@ -12,6 +12,7 @@ function check_env() {
$ext = get_loaded_extensions();
//检查PHP版本,需要大于5.6小于8.0
$php_version = floatval(PHP_VERSION);
+ $uri = $_SERVER["REQUEST_URI"];
if( ( $php_version < 5.6 ) || ( $php_version > 8 ) ) {
exit("当前PHP版本{$php_version}不满足要求,需要5.6 <= PHP <= 7.4");
@@ -25,6 +26,11 @@ function check_env() {
if( file_exists("data/config.php") ) {
exit("配置文件已存在,无需再次初始化!");
}
+ //检查是否是二级目录
+ $pattern = '/\/[a-z0-9\/]+$/';
+ if( preg_match_all($pattern,$uri) ) {
+ exit("暂不支持二级目录安装!");
+ }
return TRUE;
}
diff --git a/controller/login.php b/controller/login.php
index b7b64f7..2d2d6ce 100755
--- a/controller/login.php
+++ b/controller/login.php
@@ -14,6 +14,9 @@ $key = md5($username.$password.'onenav'.$_SERVER['HTTP_USER_AGENT']);
//获取cookie
$cookie = $_COOKIE['key'];
+//获取版本号
+$version = new_get_version();
+
//如果已经登录,直接跳转
if( is_login() ){
header('location:index.php?c=admin');
diff --git a/data/update.log b/data/update.log
index a7b6970..ea27099 100755
--- a/data/update.log
+++ b/data/update.log
@@ -144,4 +144,16 @@ CREATE INDEX on_options_key_IDX ON on_options ("key");
1. 使用新的登录页面
20220609
-1. 其它优化和BUG修复
\ No newline at end of file
+1. 其它优化和BUG修复
+
+20220610
+1. 登录页面的.css/.js 加上版本号
+2. 403页面静态资源本地化
+
+20220830
+1. 去掉默认主题的About链接
+2. 二级目录安装检测提示(需要测试)
+3. 默认主题支持直链模式,其它主题陆续支持
+4. 程序更新完毕后自动跳转到后台首页更新数据库
+5. 主题更新检测
+6. 新增数据库备份功能
\ No newline at end of file
diff --git a/functions/helper.php b/functions/helper.php
index 186e026..b4f41c3 100755
--- a/functions/helper.php
+++ b/functions/helper.php
@@ -63,4 +63,18 @@ function curl_get($url,$timeout = 10) {
$html = curl_exec($curl);
curl_close($curl);
return $html;
-}
\ No newline at end of file
+}
+
+//获取版本号,新写的
+function new_get_version(){
+ if( file_exists('version.txt') ) {
+ $version = @file_get_contents('version.txt');
+ $version = explode("-",$version)[0];
+ $version = str_replace("v","",$version);
+ return $version;
+ }
+ else{
+ $version = 'null';
+ return $version;
+ }
+}
diff --git a/templates/admin/403.php b/templates/admin/403.php
index e9b46b4..4c579a8 100755
--- a/templates/admin/403.php
+++ b/templates/admin/403.php
@@ -7,7 +7,7 @@
-
+
@@ -20,7 +20,7 @@
-
+
diff --git a/templates/admin/imp_link.php b/templates/admin/imp_link.php
index fa1265b..e4c6e4f 100755
--- a/templates/admin/imp_link.php
+++ b/templates/admin/imp_link.php
@@ -5,7 +5,12 @@
-
仅支持
.html 格式导入,导入时会自动创建不存在的分类,使用前请参考
帮助文档 。
+
+
+ - 仅支持 .html 格式导入,导入时会自动创建不存在的分类,使用前请参考帮助文档 。
+ - 导入前,建议先备份数据库
+
+
diff --git a/templates/admin/left.php b/templates/admin/left.php
index 3386ced..0a65ec5 100755
--- a/templates/admin/left.php
+++ b/templates/admin/left.php
@@ -31,6 +31,7 @@
站点设置
主题设置
过渡页面
+
数据备份
获取API
diff --git a/templates/admin/login.php b/templates/admin/login.php
index 965fa44..626d3a7 100644
--- a/templates/admin/login.php
+++ b/templates/admin/login.php
@@ -5,7 +5,7 @@
-
+
OneNav管理员登录
@@ -98,5 +98,5 @@
-
+
\ No newline at end of file
diff --git a/templates/admin/setting/backup.php b/templates/admin/setting/backup.php
new file mode 100644
index 0000000..c894216
--- /dev/null
+++ b/templates/admin/setting/backup.php
@@ -0,0 +1,132 @@
+
+
+
+
+
+
+
+
+
+
+
+ - 订阅用户可以对数据库进行本地备份和回滚
+ - 备份数据库仅保存最近10份数据
+ - 该功能仅辅助备份使用,无法确保100%数据安全,因此定期对整个站点打包备份仍然是必要的
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/templates/admin/setting/site.php b/templates/admin/setting/site.php
index 6e0f8ff..ec254c1 100644
--- a/templates/admin/setting/site.php
+++ b/templates/admin/setting/site.php
@@ -44,6 +44,19 @@
+
+
diff --git a/templates/admin/setting/subscribe.php b/templates/admin/setting/subscribe.php
index c90dc95..08875dd 100644
--- a/templates/admin/setting/subscribe.php
+++ b/templates/admin/setting/subscribe.php
@@ -15,6 +15,7 @@
3. 可享受一对一售后服务(仅限高级版和商业版)
4. 可帮助OneNav持续发展,让OneNav变得更加美好
5. 更多高级功能(自定义版权、广告管理等)
+ 6. 数据库备份
@@ -176,11 +177,25 @@
//校验新版本
$.get("/index.php?c=api&method=check_version",{version:new_version},function(data,status){
if(data.code == 200) {
- update_status("100%","更新完成,请前往后台检查
更新数据库!");
- $("#update_log").append("更新完成,请前往后台检查
更新数据库!
");
+ update_status("100%","更新完成,5s后自动跳转到后台首页检查数据库更新!");
+ $("#update_log").append("更新完成,5s后自动跳转到后台首页检查数据库更新!
");
//$("#btn_update").show();
//$("#btn_updating").hide();
$("#btn_updating").show();
+ //备份数据库
+ $.get("/index.php?c=api&method=backup_db",function(data,status){
+ if( data.code == 200 ) {
+ console.log('数据库备份成功!');
+ //3s后跳转到后台首页,方便更新数据库
+ setTimeout(() => {
+ window.location = "/index.php?c=admin";
+ }, 5000);
+ }
+ else{
+ layer.msg('数据库备份失败,请检查目录权限',{icon:5});
+ }
+ });
+
}
else {
update_error(data.msg);
diff --git a/templates/admin/setting/theme.php b/templates/admin/setting/theme.php
index 0fdf775..4253c7c 100644
--- a/templates/admin/setting/theme.php
+++ b/templates/admin/setting/theme.php
@@ -22,7 +22,10 @@