Skip to content

Commit 22a9726

Browse files
modstartmodstart
committed
modstart upgrade
1 parent ef64497 commit 22a9726

135 files changed

Lines changed: 3659 additions & 12327 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

app/Constant/AppConstant.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,6 @@ class AppConstant
66
{
77
const APP = 'cms9';
88
const APP_NAME = 'ModStartCMS9';
9-
const VERSION = '8.8.0';
9+
const VERSION = '8.9.0';
1010

1111
}

module/Banner/Asset/style/banner.css

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

module/Member/Admin/Controller/ConfigController.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -135,7 +135,8 @@ public function setting(AdminConfigBuilder $builder)
135135
$builder->number('Member_PasswordLengthMin', '密码最小长度')
136136
->defaultValue(0)
137137
->help('0表示不限制,推荐为8位以上');
138-
138+
$builder->switch('Member_LoginInfoEncrypt', '登录信息加密')
139+
->help('开启后,登录信息请求时将会加密传输');
139140
});
140141
if (ModuleManager::getModuleConfig('Member', 'dataStatisticEnable', false)) {
141142
$builder->layoutPanel('存储上传', function ($builder) {

module/Member/Api/Controller/AuthController.php

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@
1414
use ModStart\Core\Util\CurlUtil;
1515
use ModStart\Core\Util\EventUtil;
1616
use ModStart\Core\Util\RandomUtil;
17+
use ModStart\Core\Util\SecureUtil;
1718
use ModStart\Core\Util\StrUtil;
1819
use ModStart\Misc\Captcha\CaptchaFacade;
1920
use ModStart\Module\ModuleBaseController;
@@ -712,8 +713,8 @@ public function login()
712713
{
713714
$input = InputPackage::buildFromInput();
714715

715-
$username = $input->getTrimString('username');
716-
$password = $input->getTrimString('password');
716+
$username = $input->getTrimStringWithAutoDecrypt('username');
717+
$password = $input->getTrimStringWithAutoDecrypt('password');
717718
if (empty($username)) {
718719
return Response::generate(-1, '请输入用户');
719720
}

module/Member/Docs/release.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
- 新增:VIP 优惠券功能集成,支持折扣券
44
- 新增:可完全自定义上传功能定制的特性 UploadScript Hook
5+
- 新增:用户登录传输用户密码加密
56
- 优化:VIP 开通页面交互形式优化
67

78
---

module/Member/View/pc/inc/loginPanel.blade.php

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,14 +11,19 @@
1111
</div>
1212
<div class="ub-form flat">
1313
<form action="{{modstart_web_url('login')}}" method="post" data-ajax-form>
14+
@if(modstart_config('Member_LoginInfoEncrypt',false))
15+
<input type="hidden" data-encrypt-data name="ek" value="{{\ModStart\Core\Util\RandomUtil::string(8)}}" />
16+
@endif
1417
<div class="line">
1518
<div class="field">
16-
<input type="text" class="form-lg" name="username" placeholder="输入用户" />
19+
<input type="text" class="form-lg" name="username" placeholder="输入用户"
20+
@if(modstart_config('Member_LoginInfoEncrypt',false)) data-encrypt-field="username" @endif/>
1721
</div>
1822
</div>
1923
<div class="line">
2024
<div class="field">
21-
<input type="password" class="form-lg" name="password" placeholder="输入密码" />
25+
<input type="password" class="form-lg" name="password" placeholder="输入密码"
26+
@if(modstart_config('Member_LoginInfoEncrypt',false)) data-encrypt-field="password" @endif/>
2227
</div>
2328
</div>
2429
@if(modstart_config('loginCaptchaEnable',false))

module/Member/View/pc/loginDialog.blade.php

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -32,14 +32,19 @@
3232
</div>
3333
<div class="ub-form flat">
3434
<form action="{{\ModStart\Core\Input\Request::currentPageUrl()}}" method="post" data-ajax-form>
35+
@if(modstart_config('Member_LoginInfoEncrypt',false))
36+
<input type="hidden" data-encrypt-data name="ek" value="{{\ModStart\Core\Util\RandomUtil::string(8)}}" />
37+
@endif
3538
<div class="line">
3639
<div class="field">
37-
<input type="text" class="form-lg" name="username" placeholder="输入用户" />
40+
<input type="text" class="form-lg" name="username" placeholder="输入用户"
41+
@if(modstart_config('Member_LoginInfoEncrypt',false)) data-encrypt-field="username" @endif />
3842
</div>
3943
</div>
4044
<div class="line">
4145
<div class="field">
42-
<input type="password" class="form-lg" name="password" placeholder="输入密码" />
46+
<input type="password" class="form-lg" name="password" placeholder="输入密码"
47+
@if(modstart_config('Member_LoginInfoEncrypt',false)) data-encrypt-field="password" @endif />
4348
</div>
4449
</div>
4550
@if(modstart_config('loginCaptchaEnable',false))

module/Member/View/pc/memberProfile/avatar.blade.php

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -88,7 +88,7 @@ class="tw-h-48 tw-rounded-lg"
8888
</div>
8989
</div>
9090
<div data-box-tool class="margin-bottom">
91-
<button type="button" class="btn btn-round btn-round" id="avatarImageUpload">
91+
<button type="button" class="btn btn-round" id="avatarImageUpload">
9292
<i class="iconfont icon-upload"></i>
9393
选择图片
9494
</button>
@@ -97,22 +97,22 @@ class="tw-h-48 tw-rounded-lg"
9797
<img id="editingPreview" style="max-width:80%;max-height:300px;"/>
9898
</div>
9999
<div data-box-editing class="margin-bottom pb-page-hidden">
100-
<a href="javascript:;" class="btn btn-round btn-round" id="avatarBack">
100+
<a href="javascript:;" class="btn btn-round" id="avatarBack">
101101
<i class="iconfont icon-direction-left"></i>
102102
返回
103103
</a>
104-
<a href="javascript:;" class="btn btn-round btn-round" id="avatarImageReupload">
104+
<a href="javascript:;" class="btn btn-round" id="avatarImageReupload">
105105
<i class="iconfont icon-upload"></i>
106106
重新选择
107107
</a>
108-
<a href="javascript:;" class="btn btn-round btn-round" id="avatarZoomOut">
108+
<a href="javascript:;" class="btn btn-round" id="avatarZoomOut">
109109
<i class="iconfont icon-zoom-out"></i>
110110
</a>
111-
<a href="javascript:;" class="btn btn-round btn-round" id="avatarZoomIn">
111+
<a href="javascript:;" class="btn btn-round" id="avatarZoomIn">
112112
<i class="iconfont icon-zoom-in"></i>
113113
</a>
114-
<a href="javascript:;" class="btn btn-round btn-round btn-primary" id="avatarSave">
115-
<i class="uk-icon-save"></i> 保存头像
114+
<a href="javascript:;" class="btn btn-round btn-primary" id="avatarSave">
115+
<i class="iconfont icon-save"></i> 保存头像
116116
</a>
117117
</div>
118118
</div>

module/Member/Web/Controller/AuthController.php

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
namespace Module\Member\Web\Controller;
55

66
use Illuminate\Support\Facades\Input;
7+
use Illuminate\Support\Facades\Log;
78
use Illuminate\Support\Facades\Session;
89
use ModStart\Core\Exception\BizException;
910
use ModStart\Core\Input\InputPackage;
@@ -350,6 +351,11 @@ public function oauthLogin($oauthType = null)
350351
{
351352
$input = InputPackage::buildFromInput();
352353

354+
$refer = Request::headerReferer();
355+
if (empty($refer)) {
356+
357+
}
358+
353359
/** @deprecated delete at 2024-06-29 */
354360
$view = $input->getBoolean('view', false);
355361
if ($view) {

0 commit comments

Comments
 (0)