From 3a9d1fc6657ca3ef28d3e34650d8efe13774eadb Mon Sep 17 00:00:00 2001 From: printempw Date: Tue, 16 Aug 2016 22:52:00 +0800 Subject: [PATCH] add logging in with your owned player names --- app/Controllers/AdminController.php | 54 ++++++++--------- app/Controllers/AuthController.php | 20 ++++--- app/Controllers/ClosetController.php | 10 ++-- app/Controllers/HomeController.php | 10 ++-- app/Controllers/PlayerController.php | 60 ++++++++++--------- app/Controllers/SkinlibController.php | 6 +- app/Controllers/TextureController.php | 25 +++++--- app/Controllers/UserController.php | 12 ++-- app/Middlewares/CheckLoggedInMiddleware.php | 12 ++-- app/Middlewares/CheckPostMiddleware.php | 5 +- .../RedirectIfLoggedInMiddleware.php | 8 +-- app/Models/Closet.php | 22 +++---- app/Models/Player.php | 16 +++-- app/Models/User.php | 9 +-- app/Services/Storage.php | 5 ++ app/Services/Utils.php | 9 +-- app/Services/Validate.php | 2 +- assets/src/js/auth.js | 30 +++++----- assets/src/js/user.js | 4 +- assets/src/js/utils.js | 52 +--------------- resources/views/admin/master.tpl | 2 +- resources/views/auth/login.tpl | 2 +- resources/views/index.tpl | 2 +- resources/views/skinlib/master.tpl | 2 +- resources/views/user/master.tpl | 2 +- 25 files changed, 175 insertions(+), 206 deletions(-) diff --git a/app/Controllers/AdminController.php b/app/Controllers/AdminController.php index c6621787..b4790c3e 100644 --- a/app/Controllers/AdminController.php +++ b/app/Controllers/AdminController.php @@ -37,7 +37,7 @@ class AdminController extends BaseController public function update() { - if (\Utils::getValue('action', $_GET) == "check") { + if (Utils::getValue('action', $_GET) == "check") { $updater = new \Updater(\App::getVersion()); if ($updater->newVersionAvailable()) { View::json([ @@ -59,18 +59,15 @@ class AdminController extends BaseController if ($filter == "") { $users = UserModel::orderBy('uid'); - $total_pages = ceil($users->count() / 30); - $users = $users->skip(($page - 1) * 30)->take(30)->get(); - } else if ($filter == "email") { + } elseif ($filter == "email") { $users = UserModel::like('email', $q)->orderBy('uid'); - $total_pages = ceil($users->count() / 30); - $users = $users->skip(($page - 1) * 30)->take(30)->get(); - } else if ($filter == "nickname") { + } elseif ($filter == "nickname") { $users = UserModel::like('nickname', $q)->orderBy('uid'); - $total_pages = ceil($users->count() / 30); - $users = $users->skip(($page - 1) * 30)->take(30)->get(); } + $total_pages = ceil($users->count() / 30); + $users = $users->skip(($page - 1) * 30)->take(30)->get(); + echo View::make('admin.users')->with('users', $users) ->with('filter', $filter) ->with('q', $q) @@ -89,18 +86,15 @@ class AdminController extends BaseController if ($filter == "") { $players = PlayerModel::orderBy('uid'); - $total_pages = ceil($players->count() / 30); - $players = $players->skip(($page - 1) * 30)->take(30)->get(); - } else if ($filter == "player_name") { + } elseif ($filter == "player_name") { $players = PlayerModel::like('player_name', $q)->orderBy('uid'); - $total_pages = ceil($players->count() / 30); - $players = $players->skip(($page - 1) * 30)->take(30)->get(); - } else if ($filter == "uid") { + } elseif ($filter == "uid") { $players = PlayerModel::where('uid', $q)->orderBy('uid'); - $total_pages = ceil($players->count() / 30); - $players = $players->skip(($page - 1) * 30)->take(30)->get(); } + $total_pages = ceil($players->count() / 30); + $players = $players->skip(($page - 1) * 30)->take(30)->get(); + echo View::make('admin.players')->with('players', $players) ->with('filter', $filter) ->with('q', $q) @@ -125,9 +119,9 @@ class AdminController extends BaseController View::json('修改配色成功', 0); } - $user = new User(Utils::getValue('uid', $_POST)); - - $current_user = new User(0, ['email' => $_SESSION['email']]); + $user = new User(Utils::getValue('uid', $_POST)); + // current user + $cur_user = new User($_SESSION['uid']); if (!$user->is_registered) throw new E('用户不存在', 1); @@ -142,7 +136,7 @@ class AdminController extends BaseController if ($user->setEmail($_POST['email'])) View::json('邮箱修改成功', 0); - } if ($action == "nickname") { + } elseif ($action == "nickname") { Validate::checkPost(['nickname']); if (Utils::convertString($_POST['nickname']) != $_POST['nickname']) @@ -151,7 +145,7 @@ class AdminController extends BaseController if ($user->setNickName($_POST['nickname'])) View::json('昵称已成功设置为 '.$_POST['nickname'], 0); - } else if ($action == "password") { + } elseif ($action == "password") { Validate::checkPost(['password']); if (\Validate::password($_POST['password'])) { @@ -159,15 +153,15 @@ class AdminController extends BaseController View::json('密码修改成功', 0); } - } else if ($action == "score") { + } elseif ($action == "score") { Validate::checkPost(['score']); if ($user->setScore($_POST['score'])) View::json('积分修改成功', 0); - } else if ($action == "ban") { + } elseif ($action == "ban") { if ($user->getPermission() == "1") { - if ($current_user->getPermission() != "2") + if ($cur_user->getPermission() != "2") View::json('非超级管理员无法封禁普通管理员'); } elseif ($user->getPermission() == "2") { View::json('超级管理员无法被封禁'); @@ -183,8 +177,8 @@ class AdminController extends BaseController ]); } - } else if ($action == "admin") { - if ($current_user->getPermission() != "2") + } elseif ($action == "admin") { + if ($cur_user->getPermission() != "2") View::json('非超级管理员无法进行此操作'); if ($user->getPermission() == "2") @@ -200,12 +194,12 @@ class AdminController extends BaseController ]); } - } else if ($action == "delete") { + } elseif ($action == "delete") { if ($user->delete()) View::json('账号已被成功删除', 0); } else { - throw new E('Illegal parameters', 1); + throw new E('非法参数', 1); } } @@ -258,7 +252,7 @@ class AdminController extends BaseController if (PlayerModel::where('pid', $_POST['pid'])->delete()) View::json('角色已被成功删除', 0); } else { - throw new E('Illegal parameters', 1); + throw new E('非法参数', 1); } } diff --git a/app/Controllers/AuthController.php b/app/Controllers/AuthController.php index 8526c60a..ea409637 100644 --- a/app/Controllers/AuthController.php +++ b/app/Controllers/AuthController.php @@ -22,9 +22,9 @@ class AuthController extends BaseController public function handleLogin() { // instantiate user - $user = ($_SESSION['auth_type'] = 'email') ? - new User(0, ['email' => $_POST['email']]) : - new User(0, ['username' => $_POST['username']]); + $user = ($_SESSION['auth_type'] == 'email') ? + new User(null, ['email' => $_POST['email']]) : + new User(null, ['username' => $_POST['username']]); if (Utils::getValue('login_fails', $_SESSION) > 3) { if (strtolower(Utils::getValue('captcha', $_POST)) != strtolower($_SESSION['phrase'])) @@ -40,8 +40,10 @@ class AuthController extends BaseController $_SESSION['uid'] = $user->uid; $_SESSION['token'] = $user->getToken(); - setcookie('uid', $user->uid, time()+3600, '/'); - setcookie('token', $user->getToken(), time()+3600, '/'); + $time = $_POST['keep'] == true ? 86400 : 3600; + + setcookie('uid', $user->uid, time()+$time, '/'); + setcookie('token', $user->getToken(), time()+$time, '/'); View::json([ 'errno' => 0, @@ -64,11 +66,13 @@ class AuthController extends BaseController public function logout() { if (isset($_SESSION['token'])) { - session_destroy(); + $user = new User($_SESSION['uid']); setcookie('uid', $user->uid, time()-3600, '/'); setcookie('token', $user->getToken(), time()-3600, '/'); + session_destroy(); + View::json('登出成功~', 0); } else { throw new E('并没有有效的 session', 1); @@ -89,7 +93,7 @@ class AuthController extends BaseController if (strtolower(Utils::getValue('captcha', $_POST)) != strtolower($_SESSION['phrase'])) View::json('验证码填写错误', 1); - $user = new User(0, ['email' => $_POST['email']]); + $user = new User(null, ['email' => $_POST['email']]); if (!$user->is_registered) { if (Option::get('user_can_register') == 1) { @@ -143,7 +147,7 @@ class AuthController extends BaseController if (isset($_SESSION['last_mail_time']) && (time() - $_SESSION['last_mail_time']) < 60) View::json('你邮件发送得太频繁啦,过 60 秒后再点发送吧', 1); - $user = new User(0, ['email' => $_POST['email']]); + $user = new User(null, ['email' => $_POST['email']]); if (!$user->is_registered) View::json('该邮箱尚未注册', 1); diff --git a/app/Controllers/ClosetController.php b/app/Controllers/ClosetController.php index c80b8369..a06cec9f 100644 --- a/app/Controllers/ClosetController.php +++ b/app/Controllers/ClosetController.php @@ -12,11 +12,11 @@ use Option; class ClosetController extends BaseController { - public $closet; + private $closet; - function __construct() + public function __construct() { - $this->closet = new Closet((new User(0, ['email' => $_SESSION['email']]))->uid); + $this->closet = new Closet($_SESSION['uid']); } public function index() @@ -33,7 +33,7 @@ class ClosetController extends BaseController ->with('page', $page) ->with('category', $category) ->with('total_pages', $total_pages) - ->with('user', (new User(0, ['email' => $_SESSION['email']]))) + ->with('user', (new User($_SESSION['uid']))) ->render(); } @@ -58,7 +58,7 @@ class ClosetController extends BaseController public function remove() { if (!is_numeric(\Utils::getValue('tid', $_POST))) - throw new E('Invalid parameters.', 1); + throw new E('非法参数', 1); if ($this->closet->remove($_POST['tid'])) { $t = Texture::find($_POST['tid']); diff --git a/app/Controllers/HomeController.php b/app/Controllers/HomeController.php index 66cd2a20..62514e04 100644 --- a/app/Controllers/HomeController.php +++ b/app/Controllers/HomeController.php @@ -9,20 +9,20 @@ class HomeController extends BaseController public function index() { - if (isset($_COOKIE['email']) && isset($_COOKIE['token'])) { - $user = new User($_COOKIE['email']); + if (isset($_COOKIE['uid']) && isset($_COOKIE['token'])) { + $user = new User($_COOKIE['uid']); if ($_COOKIE['token'] == $user->getToken() && $user->getPermission() != "-1") { - $_SESSION['email'] = $_COOKIE['email']; + $_SESSION['uid'] = $_COOKIE['uid']; $_SESSION['token'] = $_COOKIE['token']; } else { // delete cookies - setcookie("email", "", time() - 3600, '/'); + setcookie("uid", "", time() - 3600, '/'); setcookie("token", "", time() - 3600, '/'); } } - $user = isset($_SESSION['email']) ? new User(0, ['email' => $_SESSION['email']]) : null; + $user = isset($_SESSION['uid']) ? new User($_SESSION['uid']) : null; echo \View::make('index')->with('user', $user); } diff --git a/app/Controllers/PlayerController.php b/app/Controllers/PlayerController.php index e4ce416a..18bf76a4 100644 --- a/app/Controllers/PlayerController.php +++ b/app/Controllers/PlayerController.php @@ -16,8 +16,12 @@ class PlayerController extends BaseController { private $player = null; - function __construct() + private $user = null; + + public function __construct() { + $this->user = new User($_SESSION['uid']); + if (isset($_POST['pid'])) { $this->player = new Player($_POST['pid']); if (!$this->player) @@ -27,7 +31,7 @@ class PlayerController extends BaseController public function index() { - echo View::make('user.player')->with('players', (new User(0, ['email' => $_SESSION['email']]))->getPlayers()->toArray())->with('user', new User(0, ['email' => $_SESSION['email']])); + echo View::make('user.player')->with('players', $this->user->getPlayers()->toArray())->with('user', $this->user); } public function add() @@ -46,19 +50,17 @@ class PlayerController extends BaseController if (!PlayerModel::where('player_name', $player_name)->get()->isEmpty()) View::json('该角色名已经被其他人注册掉啦', 6); - $user = new User(0, ['email' => $_SESSION['email']]); - - if ($user->getScore() < Option::get('score_per_player')) + if ($this->user->getScore() < Option::get('score_per_player')) View::json('积分不够添加角色啦', 7); $player = new PlayerModel(); - $player->uid = $user->uid; + $player->uid = $this->user->uid; $player->player_name = $player_name; $player->preference = "default"; $player->last_modified = Utils::getTimeFormatted(); $player->save(); - $user->setScore(Option::get('score_per_player'), 'minus'); + $this->user->setScore(Option::get('score_per_player'), 'minus'); View::json('成功添加了角色 '.$player_name.'', 0); @@ -66,17 +68,17 @@ class PlayerController extends BaseController public function delete() { - $player_name = $this->player->eloquent_model->player_name; - $this->player->eloquent_model->delete(); + $player_name = $this->player->model->player_name; + $this->player->model->delete(); - (new User(0, ['email' => $_SESSION['email']]))->setScore(Option::get('score_per_player'), 'plus'); + $this->user->setScore(Option::get('score_per_player'), 'plus'); View::json('角色 '.$player_name.' 已被删除', 0); } public function show() { - echo json_encode($this->player->eloquent_model->toArray(), JSON_NUMERIC_CHECK); + echo json_encode($this->player->model->toArray(), JSON_NUMERIC_CHECK); } public function rename() @@ -84,7 +86,7 @@ class PlayerController extends BaseController $new_player_name = Utils::getValue('new_player_name', $_POST); if (!$new_player_name) - throw new E('Invalid parameters', 1); + throw new E('非法参数', 1); if (!Validate::playerName($new_player_name)) { @@ -95,10 +97,10 @@ class PlayerController extends BaseController if (!PlayerModel::where('player_name', $new_player_name)->get()->isEmpty()) View::json('此角色名已被他人使用,换一个吧~', 6); - $old_player_name = $this->player->eloquent_model->player_name; - $this->player->eloquent_model->player_name = $new_player_name; - $this->player->eloquent_model->last_modified = Utils::getTimeFormatted(); - $this->player->eloquent_model->save(); + $old_player_name = $this->player->model->player_name; + $this->player->model->player_name = $new_player_name; + $this->player->model->last_modified = Utils::getTimeFormatted(); + $this->player->model->save(); View::json('角色 '.$old_player_name.' 已更名为 '.$_POST['new_player_name'], 0); } @@ -111,34 +113,34 @@ class PlayerController extends BaseController $tid = Utils::getValue('tid', $_POST); if (!is_numeric($tid)) - throw new E('Invalid parameters.', 1); + throw new E('非法参数', 1); if (!($texture = Texture::find($tid))) View::json('Unexistent texture.', 6); $field_name = "tid_".$texture->type; - $this->player->eloquent_model->$field_name = $tid; - $this->player->eloquent_model->last_modified = Utils::getTimeFormatted(); - $this->player->eloquent_model->save(); + $this->player->model->$field_name = $tid; + $this->player->model->last_modified = Utils::getTimeFormatted(); + $this->player->model->save(); - View::json('材质已成功应用至角色 '.$this->player->eloquent_model->player_name.'', 0); + View::json('材质已成功应用至角色 '.$this->player->model->player_name.'', 0); } public function clearTexture() { - $this->player->eloquent_model->preference = "default"; - $this->player->eloquent_model->tid_steve = ""; - $this->player->eloquent_model->tid_alex = ""; - $this->player->eloquent_model->tid_cape = ""; + $this->player->model->preference = "default"; + $this->player->model->tid_steve = ""; + $this->player->model->tid_alex = ""; + $this->player->model->tid_cape = ""; - $this->player->eloquent_model->last_modified = Utils::getTimeFormatted(); + $this->player->model->last_modified = Utils::getTimeFormatted(); - $this->player->eloquent_model->save(); + $this->player->model->save(); - View::json('角色 '.$this->player->eloquent_model->player_name.' 的材质已被成功重置', 0); + View::json('角色 '.$this->player->model->player_name.' 的材质已被成功重置', 0); } public function setPreference() @@ -146,7 +148,7 @@ class PlayerController extends BaseController if (!isset($_POST['preference']) || ($_POST['preference'] != "default" && $_POST['preference'] != "slim")) { - throw new E('Invalid parameters.', 1); + throw new E('非法参数', 1); } $this->player->setPreference($_POST['preference']); diff --git a/app/Controllers/SkinlibController.php b/app/Controllers/SkinlibController.php index 64a59862..8cef14d2 100644 --- a/app/Controllers/SkinlibController.php +++ b/app/Controllers/SkinlibController.php @@ -17,7 +17,7 @@ class SkinlibController extends BaseController function __construct() { - $this->user = isset($_SESSION['email']) ? new User(0, ['email' => $_SESSION['email']]) : null; + $this->user = isset($_SESSION['uid']) ? new User($_SESSION['uid']) : null; } public function index() @@ -228,7 +228,7 @@ class SkinlibController extends BaseController View::json('你还没有选择任何文件哟', 1); if (!isset($_POST['public']) || ($_POST['public'] != 0 && $_POST['public'] != 1)) - View::json('Invalid parameters.', 1); + View::json('非法参数', 1); if ($_FILES['file']['type'] == "image/png" || $_FILES['file']['type'] == "image/x-png") { @@ -246,7 +246,7 @@ class SkinlibController extends BaseController if ($ratio != 2) View::json("不是有效的披风文件(宽 {$size[0]},高 {$size[1]})", 1); } else { - View::json('Invalid parameters.', 1); + View::json('非法参数', 1); } } else { diff --git a/app/Controllers/TextureController.php b/app/Controllers/TextureController.php index 1dc2ab94..d5bc7163 100644 --- a/app/Controllers/TextureController.php +++ b/app/Controllers/TextureController.php @@ -72,7 +72,7 @@ class TextureController extends BaseController public function avatar($base64_email, $size = 128) { - $user = new User(0, ['email' => base64_decode($base64_email)]); + $user = new User(null, ['email' => base64_decode($base64_email)]); echo $user->getAvatar((int)$size); } @@ -85,15 +85,22 @@ class TextureController extends BaseController { // output image directly if ($t = Texture::find($tid)) { - header('Content-Type: image/png'); - if ($t->type == "cape") { - $png = Minecraft::generatePreviewFromCape(BASE_DIR."/textures/".$t->hash, $size); - imagepng($png); - imagedestroy($png); + $filename = BASE_DIR."/textures/".$t->hash; + + if (\Storage::exist($filename)) { + header('Content-Type: image/png'); + + if ($t->type == "cape") { + $png = Minecraft::generatePreviewFromCape($filename, $size); + imagepng($png); + imagedestroy($png); + } else { + $png = Minecraft::generatePreviewFromSkin($filename, $size); + imagepng($png); + imagedestroy($png); + } } else { - $png = Minecraft::generatePreviewFromSkin(BASE_DIR."/textures/".$t->hash, $size); - imagepng($png); - imagedestroy($png); + Http::abort(404, '该材质文件已被删除'); } } else { // Default Steve Skin: https://minecraft.net/images/steve.png diff --git a/app/Controllers/UserController.php b/app/Controllers/UserController.php index 367a6c5b..90dc61e1 100644 --- a/app/Controllers/UserController.php +++ b/app/Controllers/UserController.php @@ -16,7 +16,7 @@ class UserController extends BaseController function __construct() { $this->action = isset($_GET['action']) ? $_GET['action'] : ""; - $this->user = new User(0, ['email' => $_SESSION['email']]); + $this->user = new User($_SESSION['uid']); } public function index() @@ -47,7 +47,7 @@ class UserController extends BaseController { // handle changing nickname if ($this->action == "nickname") { - if (!isset($_POST['new_nickname'])) throw new E('Invalid parameters.'); + if (!isset($_POST['new_nickname'])) throw new E('非法参数'); if (Utils::convertString($_POST['new_nickname']) != $_POST['new_nickname']) View::json('无效的昵称。昵称中包含了奇怪的字符。', 1); @@ -57,7 +57,7 @@ class UserController extends BaseController // handle changing password } elseif ($this->action == "password") { if (!(isset($_POST['current_password']) && isset($_POST['new_password']))) - throw new E('Invalid parameters.'); + throw new E('非法参数'); if (!$this->user->checkPasswd($_POST['current_password'])) View::json('原密码错误', 1); @@ -69,7 +69,7 @@ class UserController extends BaseController // handle changing email } elseif ($this->action == "email") { if (!(isset($_POST['new_email']) && isset($_POST['password']))) - throw new E('Invalid parameters.'); + throw new E('非法参数'); if (!filter_var($_POST['new_email'], FILTER_VALIDATE_EMAIL)) { View::json('邮箱格式错误', 3); @@ -84,7 +84,7 @@ class UserController extends BaseController // handle deleting account } elseif ($this->action == "delete") { if (!isset($_POST['password'])) - throw new E('Invalid parameters.'); + throw new E('非法参数'); if (!$this->user->checkPasswd($_POST['password'])) View::json('密码错误', 1); @@ -109,7 +109,7 @@ class UserController extends BaseController if ($result) { if ($result->type == "cape") throw new E('披风可不能设置为头像哦~', 1); - if ((new User(0, ['email' => $_SESSION['email']]))->setAvatar($_POST['tid'])) { + if ((new User($_SESSION['uid']))->setAvatar($_POST['tid'])) { View::json('设置成功!', 0); } } else { diff --git a/app/Middlewares/CheckLoggedInMiddleware.php b/app/Middlewares/CheckLoggedInMiddleware.php index 842dc65a..071ea251 100644 --- a/app/Middlewares/CheckLoggedInMiddleware.php +++ b/app/Middlewares/CheckLoggedInMiddleware.php @@ -11,24 +11,24 @@ class CheckLoggedInMiddleware implements IMiddleware { public function handle(Request $request) { - if (isset($_COOKIE['email']) && isset($_COOKIE['token'])) { - $_SESSION['email'] = $_COOKIE['email']; + if (isset($_COOKIE['uid']) && isset($_COOKIE['token'])) { + $_SESSION['uid'] = $_COOKIE['uid']; $_SESSION['token'] = $_COOKIE['token']; } - if (isset($_SESSION['email'])) { - $user = new User(0, ['email' => $_SESSION['email']]); + if (isset($_SESSION['uid'])) { + $user = new User($_SESSION['uid']); if ($_SESSION['token'] != $user->getToken()) \Http::redirect('../auth/login', '无效的 token,请重新登录~'); if ($user->getPermission() == "-1") { // delete cookies - setcookie("email", "", time() - 3600, '/'); + setcookie("uid", "", time() - 3600, '/'); setcookie("token", "", time() - 3600, '/'); session_destroy(); - throw new E('你已经被本站封禁啦,请联系管理员解决', -1, true); + throw new E('你已经被本站封禁啦,请联系管理员解决', 5, true); } return $user; diff --git a/app/Middlewares/CheckPostMiddleware.php b/app/Middlewares/CheckPostMiddleware.php index 18351ac9..81737f9b 100644 --- a/app/Middlewares/CheckPostMiddleware.php +++ b/app/Middlewares/CheckPostMiddleware.php @@ -6,6 +6,7 @@ use \Pecee\Http\Middleware\IMiddleware; use \Pecee\Http\Request; use App\Exceptions\E; use Validate; +use Utils; use View; class CheckPostMiddleware implements IMiddleware @@ -14,12 +15,12 @@ class CheckPostMiddleware implements IMiddleware { if (Utils::getValue('email', $_POST) != "") { if (!Validate::email($_POST['email'])) { - View::json('邮箱格式错误', 3); + View::json('邮箱或角色名格式错误', 3); } $_SESSION['auth_type'] = 'email'; } elseif (Utils::getValue('username', $_POST) != "") { if (!Validate::playerName($_POST['username'])) { - View::json('角色名格式错误', 3); + View::json('邮箱或角色名格式错误', 3); } $_SESSION['auth_type'] = 'username'; } else { diff --git a/app/Middlewares/RedirectIfLoggedInMiddleware.php b/app/Middlewares/RedirectIfLoggedInMiddleware.php index 07baf9a2..b5e09f91 100644 --- a/app/Middlewares/RedirectIfLoggedInMiddleware.php +++ b/app/Middlewares/RedirectIfLoggedInMiddleware.php @@ -10,13 +10,13 @@ class RedirectIfLoggedInMiddleware implements IMiddleware { public function handle(Request $request) { - if (isset($_COOKIE['email']) && isset($_COOKIE['token'])) { - $_SESSION['email'] = $_COOKIE['email']; + if (isset($_COOKIE['uid']) && isset($_COOKIE['token'])) { + $_SESSION['uid'] = $_COOKIE['uid']; $_SESSION['token'] = $_COOKIE['token']; } - if (isset($_SESSION['email'])) { - if ($_SESSION['token'] != (new User(0, ['email' => $_SESSION['email']]))->getToken()) + if (isset($_SESSION['uid'])) { + if ($_SESSION['token'] != (new User($_SESSION['uid']))->getToken()) { $_SESSION['msg'] = "无效的 token,请重新登录~"; } else { diff --git a/app/Models/Closet.php b/app/Models/Closet.php index e4f2dcad..f7c860c6 100644 --- a/app/Models/Closet.php +++ b/app/Models/Closet.php @@ -13,7 +13,7 @@ class Closet * Instance of App\Models\ClosetModel * @var null */ - private $eloquent_model = null; + private $model = null; /** * Textures array generated from json @@ -40,10 +40,10 @@ class Closet function __construct($uid) { $this->uid = $uid; - $this->eloquent_model = ClosetModel::find($uid); + $this->model = ClosetModel::find($uid); - if ($this->eloquent_model) { - $this->textures = json_decode($this->eloquent_model->textures, true); + if ($this->model) { + $this->textures = json_decode($this->model->textures, true); $this->textures = is_null($this->textures) ? [] : $this->textures; $textures_invalid = []; @@ -71,9 +71,9 @@ class Closet unset($textures_invalid); } else { - $this->eloquent_model = new ClosetModel(); - $this->eloquent_model->uid = $uid; - $this->eloquent_model->save(); + $this->model = new ClosetModel(); + $this->model->uid = $uid; + $this->model->save(); } } @@ -102,8 +102,8 @@ class Closet 'add_at' => time() ); - $this->eloquent_model->textures = json_encode($this->textures); - return $this->eloquent_model->save(); + $this->model->textures = json_encode($this->textures); + return $this->model->save(); } /** @@ -131,8 +131,8 @@ class Closet foreach ($this->textures as $item) { if ($item['tid'] == $tid) { array_splice($this->textures, $offset, 1); - $this->eloquent_model->textures = json_encode($this->textures); - return $this->eloquent_model->save(); + $this->model->textures = json_encode($this->textures); + return $this->model->save(); } $offset++; } diff --git a/app/Models/Player.php b/app/Models/Player.php index 3c1e6aba..b7036c87 100644 --- a/app/Models/Player.php +++ b/app/Models/Player.php @@ -16,21 +16,24 @@ class Player /** * Construct player with pid or playername - * @param int $pid + * + * @param int $pid * @param string $player_name */ public function __construct($pid, $player_name = "") { if ($player_name == "") { - $this->pid = $pid; + $this->pid = $pid; $this->model = PlayerModel::find($pid); } else { $this->model = PlayerModel::where('player_name', $player_name)->first(); - @$this->pid = $this->model->pid; } - if (!$this->model) + if (!$this->model) { \Http::abort(404, '角色不存在'); + } else { + $this->pid = $this->model->pid; + } $this->player_name = $this->model->player_name; @@ -40,6 +43,7 @@ class Player /** * Get textures of player + * * @param string $type steve|alex|cape, 'skin' for texture of preferred model * @return string sha256-hash of texture file */ @@ -58,7 +62,7 @@ class Player { if (!isset($tids['tid_steve']) && !isset($tids['tid_alex']) && !isset($tids['tid_cape'])) { - throw new E('Invalid parameters.', 1); + throw new E('非法参数', 1); } $this->model->tid_steve = isset($tids['tid_steve']) ? $tids['tid_steve'] : $this->model['tid_steve']; @@ -74,7 +78,7 @@ class Player if ($this->getTexture($type) != "") { $filename = BASE_DIR."/textures/".$this->getTexture($type); - if (file_exists($filename)) { + if (\Storage::exist($filename)) { header('Content-Type: image/png'); // Cache friendly header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $this->getLastModified()).' GMT'); diff --git a/app/Models/User.php b/app/Models/User.php index 9bedbfeb..5765fddb 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -47,18 +47,19 @@ class User * @param int $uid * @param array $info */ - public function __construct($uid, Array $info) + public function __construct($uid, Array $info = []) { // Construct user with uid|email|player_name - if ($uid != 0) { + if ($uid !== null) { $this->uid = $uid; $this->model = UserModel::find($uid); } else { if (isset($info['email'])) { - $this->email = Utils::convertString($email); + $this->email = Utils::convertString($info['email']); $this->model = UserModel::where('email', $this->email)->first(); } elseif (isset($info['username'])) { - $this->uid = PlayerModel::where('player_name', $info['username'])->first()['uid']; + $player = PlayerModel::where('player_name', $info['username'])->first(); + $this->uid = $player ? $player['uid'] : 0; $this->model = UserModel::find($this->uid); } else { throw new \InvalidArgumentException('Invalid arguments'); diff --git a/app/Services/Storage.php b/app/Services/Storage.php index 192b0fc1..a358c787 100644 --- a/app/Services/Storage.php +++ b/app/Services/Storage.php @@ -29,6 +29,11 @@ class Storage return fread(fopen($filename, 'r'), filesize($filename)); } + public static function exist($filename) + { + return file_exists($filename); + } + /** * Remove a file * diff --git a/app/Services/Utils.php b/app/Services/Utils.php index be0a1bdf..15e86c5a 100644 --- a/app/Services/Utils.php +++ b/app/Services/Utils.php @@ -21,10 +21,11 @@ class Utils * * @param string $key * @param array $array - * @return string|boolean + * @param string $default + * @return string */ - public static function getValue($key, $array) { - return array_key_exists($key, $array) ? $array[$key] : false; + public static function getValue($key, $array, $default = "") { + return array_key_exists($key, $array) ? $array[$key] : $default; } /** @@ -49,7 +50,7 @@ class Utils public static function getNameOrEmail(\App\Models\User $user) { - return ($user->getNickName() == '') ? $_SESSION['email'] : $user->getNickName(); + return ($user->getNickName() == '') ? $user->email : $user->getNickName(); } public static function getAvatarFname(\App\Models\User $user) diff --git a/app/Services/Validate.php b/app/Services/Validate.php index 01331e7c..84fa03da 100644 --- a/app/Services/Validate.php +++ b/app/Services/Validate.php @@ -17,7 +17,7 @@ class Validate foreach ($keys as $key) { if (!isset($_POST[$key])) { if ($silent) return false; - throw new E('Invalid parameters.', 1); + throw new E('非法参数', 1); } } return true; diff --git a/assets/src/js/auth.js b/assets/src/js/auth.js index d1d2734f..2f1617e3 100644 --- a/assets/src/js/auth.js +++ b/assets/src/js/auth.js @@ -2,7 +2,7 @@ * @Author: printempw * @Date: 2016-07-17 10:54:22 * @Last Modified by: printempw - * @Last Modified time: 2016-08-14 13:22:35 + * @Last Modified time: 2016-08-16 22:23:42 */ 'use strict'; @@ -21,17 +21,22 @@ function freshCaptcha() { var login_fails = 0; $('#login-button').click(function() { - var data = new Object(); + var data = new Object(); + var email_or_uname = $('#email_or_username').val(); - data.email = $("#email").val(); - data.password = $("#password").val(); + if (/\S+@\S+\.\S+/.test($('#email_or_username').val())) { + data.email = email_or_uname; + } else { + data.username = email_or_uname; + } - if (data.email == "") { - showMsg('你还没有填写邮箱哦'); - $('#email').focus(); + data.password = $('#password').val(); + data.keep = $('#keep').prop('checked') ? true : false; + + if (email_or_uname == "") { + showMsg('你还没有填写邮箱/角色名哦'); + $('#email_or_username').focus(); // check valid email address - } else if (!/\S+@\S+\.\S+/.test(data.email)) { - showMsg('邮箱格式不正确!', 'warning'); } else if (data.password == "") { showMsg('密码要好好填哦'); $('#password').focus(); @@ -56,13 +61,6 @@ $('#login-button').click(function() { }, success: function(json) { if (json.errno == 0) { - - // 7 days - var time = $('#keep').prop('checked') ? 604800 : null; - - docCookies.setItem('email', data.email, time, '/'); - docCookies.setItem('token', json.token, time, '/'); - swal({ type: 'success', html: json.msg diff --git a/assets/src/js/user.js b/assets/src/js/user.js index f1b12e33..2ffbaf5f 100644 --- a/assets/src/js/user.js +++ b/assets/src/js/user.js @@ -2,7 +2,7 @@ * @Author: printempw * @Date: 2016-07-16 10:02:24 * @Last Modified by: printempw - * @Last Modified time: 2016-08-15 12:36:21 + * @Last Modified time: 2016-08-16 22:13:55 */ 'use strict'; @@ -355,6 +355,8 @@ function deletePlayer(pid) { swal({ type: 'success', html: json.msg + }).then(function() { + $('tr#'+pid).remove(); }); } else { swal({ diff --git a/assets/src/js/utils.js b/assets/src/js/utils.js index 289fd2ac..db09f8c6 100644 --- a/assets/src/js/utils.js +++ b/assets/src/js/utils.js @@ -2,7 +2,7 @@ * @Author: printempw * @Date: 2016-07-16 09:02:32 * @Last Modified by: printempw - * @Last Modified time: 2016-08-15 22:20:12 + * @Last Modified time: 2016-08-16 18:01:22 */ function showModal(msg, title, type, callback) { @@ -54,9 +54,6 @@ function logout(with_out_confirm, callback) { url: "../auth/logout", dataType: "json", success: function(json) { - docCookies.removeItem("email", "/"); - docCookies.removeItem("token", "/"); - swal({ type: 'success', html: json.msg @@ -71,55 +68,8 @@ function logout(with_out_confirm, callback) { url: "../auth/logout", dataType: "json", success: function(json) { - docCookies.removeItem("email", "/"); - docCookies.removeItem("token", "/"); - if (callback) callback(json); } }); } } - -/** - * cookie.js - * https://developer.mozilla.org/en-US/docs/DOM/document.cookie - */ -var docCookies = { - getItem: function (sKey) { - if (!sKey) { return null; } - return decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*" + encodeURIComponent(sKey).replace(/[\-\.\+\*]/g, "\\$&") + "\\s*\\=\\s*([^;]*).*$)|^.*$"), "$1")) || null; - }, - setItem: function (sKey, sValue, vEnd, sPath, sDomain, bSecure) { - if (!sKey || /^(?:expires|max\-age|path|domain|secure)$/i.test(sKey)) { return false; } - var sExpires = ""; - if (vEnd) { - switch (vEnd.constructor) { - case Number: - sExpires = vEnd === Infinity ? "; expires=Fri, 31 Dec 9999 23:59:59 GMT" : "; max-age=" + vEnd; - break; - case String: - sExpires = "; expires=" + vEnd; - break; - case Date: - sExpires = "; expires=" + vEnd.toUTCString(); - break; - } - } - document.cookie = encodeURIComponent(sKey) + "=" + encodeURIComponent(sValue) + sExpires + (sDomain ? "; domain=" + sDomain : "") + (sPath ? "; path=" + sPath : "") + (bSecure ? "; secure" : ""); - return true; - }, - removeItem: function (sKey, sPath, sDomain) { - if (!this.hasItem(sKey)) { return false; } - document.cookie = encodeURIComponent(sKey) + "=; expires=Thu, 01 Jan 1970 00:00:00 GMT" + (sDomain ? "; domain=" + sDomain : "") + (sPath ? "; path=" + sPath : ""); - return true; - }, - hasItem: function (sKey) { - if (!sKey) { return false; } - return (new RegExp("(?:^|;\\s*)" + encodeURIComponent(sKey).replace(/[\-\.\+\*]/g, "\\$&") + "\\s*\\=")).test(document.cookie); - }, - keys: function () { - var aKeys = document.cookie.replace(/((?:^|\s*;)[^\=]+)(?=;|$)|^\s*|\s*(?:\=[^;]*)?(?:\1|$)/g, "").split(/\s*(?:\=[^;]*)?;\s*/); - for (var nLen = aKeys.length, nIdx = 0; nIdx < nLen; nIdx++) { aKeys[nIdx] = decodeURIComponent(aKeys[nIdx]); } - return aKeys; - } -}; diff --git a/resources/views/admin/master.tpl b/resources/views/admin/master.tpl index b1874308..7eb4d443 100644 --- a/resources/views/admin/master.tpl +++ b/resources/views/admin/master.tpl @@ -56,7 +56,7 @@
  • User Image -

    {{ $_SESSION['email'] }}

    +

    {{ $user->email }}

  • diff --git a/resources/views/auth/login.tpl b/resources/views/auth/login.tpl index 96f670b0..da4c75b6 100644 --- a/resources/views/auth/login.tpl +++ b/resources/views/auth/login.tpl @@ -14,7 +14,7 @@
    - +
    diff --git a/resources/views/index.tpl b/resources/views/index.tpl index ca638bd1..d8f1301a 100644 --- a/resources/views/index.tpl +++ b/resources/views/index.tpl @@ -58,7 +58,7 @@
  • User Image -

    {{ $_SESSION['email'] }}

    +

    {{ $user->email }}

  • diff --git a/resources/views/skinlib/master.tpl b/resources/views/skinlib/master.tpl index ec578b85..c378884b 100644 --- a/resources/views/skinlib/master.tpl +++ b/resources/views/skinlib/master.tpl @@ -90,7 +90,7 @@
  • User Image -

    {{ $_SESSION['email'] }}

    +

    {{ $user->email }}

  • diff --git a/resources/views/user/master.tpl b/resources/views/user/master.tpl index ad83cae9..2ca592fc 100644 --- a/resources/views/user/master.tpl +++ b/resources/views/user/master.tpl @@ -54,7 +54,7 @@
  • User Image -

    {{ $_SESSION['email'] }}

    +

    {{ $user->email }}