-
Notifications
You must be signed in to change notification settings - Fork 401
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3,174 changed files
with
385,498 additions
and
0 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,165 @@ | ||
<?php | ||
|
||
/** | ||
* 共享账号登录;支持限定账户,部门,权限组; | ||
* | ||
* 1. 引入代码调用;(会引入整套kod的库; 侵入性; 函数名重名用命名空间处理) | ||
* include('../../../config/config.php'); | ||
* Action('user.sso')->check('adminer'); | ||
* | ||
* 2. 通用CAS模式单点登陆; (可跨站点跨服务器,不同服务之间调用); 可用其他语言实现类似逻辑; | ||
* include('../../../app/api/KodSSO.class.php'); | ||
* KodSSO::check('adminer'); // 不同站需要传入kod站点的名称; | ||
* | ||
* | ||
* 流程: | ||
* 1. 有cookie kodTokenApi; 请求kod的认证接口; 返回[ok] 则继续; | ||
* 2. 没有cookie kodTokenApi则跳转到kod登陆界面; kod登陆成功则带上kodToken跳转到该应用url; 再次验证kodToken成功则完成; | ||
*/ | ||
class KodSSO{ | ||
public static function check($appName,$host=""){ | ||
if(!$host){$host = self::appHost();} | ||
$key = 'kodTokenApi'; | ||
$token = isset($_COOKIE[$key]) ? $_COOKIE[$key] : ''; | ||
$token = isset($_GET[$key]) ? $_GET[$key] : $token; | ||
if($token && self::checkToken($appName,$host,$token)){ | ||
if(isset($_GET[$key])){ // 首次登陆成功跳转回来; | ||
$path = str_replace(self::host(),'',self::appHost()); | ||
setcookie($key,$token, time()+3600*5,'/'.trim($path,'/'),false,false,true); | ||
|
||
// 跳转到之前url; 去除url带入的token; | ||
$linkBefore = self::urlRemoveKey(self::thisUrl(),$key); | ||
header('Location: '.$linkBefore);exit; | ||
} | ||
return; | ||
} | ||
|
||
$link = rawurlencode(self::thisUrl()); | ||
$url = $host.'?user/sso/apiLogin&appName='.$appName.'&callbackUrl='.$link; | ||
header('Location: '.$url);exit; | ||
} | ||
public static function checkToken($appName,$host,$token){ | ||
if(!$token) return false; | ||
$timeStart = microtime(true); | ||
$uri = 'user/sso/apiCheckToken&accessToken='.$token.'&appName='.$appName; | ||
$res = ''; | ||
$phpBin = self::phpBin(); | ||
if($phpBin && function_exists('shell_exec')){ | ||
$BASIC_PATH = str_replace('\\','/',dirname(dirname(dirname(__FILE__)))).'/'; | ||
$command = $phpBin.' '.$BASIC_PATH.'index.php '.escapeshellarg($uri); | ||
$res = shell_exec($command); | ||
}else{ | ||
echo "shell_exec is disabled; please open it";exit; | ||
} | ||
if(!$res || substr(trim($res),0,1) != '[' ){ // 避免命令行调用返回错误的问题; | ||
$context = stream_context_create(array( | ||
'http' => array('timeout' => 2,'method'=>"GET"), | ||
"ssl" => array("verify_peer"=>false,"verify_peer_name"=>false) | ||
)); | ||
$res = file_get_contents($host.'?'.$uri,false,$context); | ||
} | ||
// var_dump(microtime(true) - $timeStart,$res);exit; | ||
if(trim($res) === '[ok]') return true; | ||
if(!strstr($res,'[error]:')){echo $res;exit;} | ||
return false; | ||
} | ||
|
||
|
||
// 获取当前php执行目录; | ||
private static function phpBin(){ | ||
if(defined('PHP_BINARY') && @file_exists(PHP_BINARY)){ | ||
$php = str_replace('-fpm','',PHP_BINARY); | ||
if(file_exists($php)) return $php; | ||
} | ||
if(!defined('PHP_BINDIR')) return false; // PHP_BINDIR,PHP_BINARY | ||
$includePath = get_include_path();// php_ini_loaded_file();//php.ini path; | ||
$includePath = substr($includePath,strpos($includePath,'/')); | ||
|
||
$isWindow = strtoupper(substr(PHP_OS, 0,3)) === 'WIN'; | ||
$binFile = $isWindow ? 'php.exe':'php'; | ||
$checkPath = array( | ||
PHP_BINDIR.'/', | ||
dirname(dirname($includePath)).'/bin/', | ||
dirname(dirname(dirname($includePath))).'/bin/', | ||
); | ||
foreach ($checkPath as $path) { | ||
if(file_exists($path.$binFile)) return $path.$binFile; | ||
} | ||
return 'php'; | ||
} | ||
|
||
private static function urlRemoveKey($url,$key){ | ||
$parse = parse_url($url); | ||
parse_str($parse['query'],$get); | ||
unset($get[$key]); | ||
$query = http_build_query($get); | ||
$query = $query ? '?'.$query : ''; | ||
$port = (isset($parse['port']) && $parse['port'] != '80' ) ? ':'.$parse['port']:''; | ||
return $parse['scheme'].'://'.$parse['host'].$port.$parse['path'].$query; | ||
} | ||
public static function thisUrl(){ | ||
return rtrim(self::host(),'/').'/'.ltrim($_SERVER['REQUEST_URI'],'/'); | ||
} | ||
public static function appHost(){ | ||
$BASIC_PATH = str_replace('\\','/',dirname(dirname(dirname(__FILE__)))).'/'; | ||
$WEB_ROOT = self::webrootPath($BASIC_PATH); | ||
return self::host().str_replace($WEB_ROOT,'',$BASIC_PATH); //程序根目录 | ||
} | ||
//解决部分主机不兼容问题 | ||
public static function webrootPath($basicPath){ | ||
$index = self::pathClear($basicPath.'index.php'); | ||
$uri = self::pathClear($_SERVER["DOCUMENT_URI"]); | ||
// 兼容 index.php/explorer/list/path; 路径模式; | ||
if($uri){//DOCUMENT_URI存在的情况; | ||
$uriPath = substr($uri,0,strpos($uri,'/index.php')); | ||
$uri = $uriPath.'/index.php'; | ||
} | ||
|
||
if( substr($index,- strlen($uri) ) == $uri){ | ||
$path = substr($index,0,strlen($index)-strlen($uri)); | ||
return rtrim($path,'/').'/'; | ||
} | ||
$uri = self::pathClear($_SERVER["SCRIPT_NAME"]); | ||
if( substr($index,- strlen($uri) ) == $uri){ | ||
$path = substr($index,0,strlen($index)-strlen($uri)); | ||
return rtrim($path,'/').'/'; | ||
} | ||
|
||
// 子目录sso调用情况兼容; | ||
if($_SERVER['SCRIPT_FILENAME'] && $_SERVER["DOCUMENT_URI"]){ | ||
$index = self::pathClear($_SERVER['SCRIPT_FILENAME']); | ||
$uri = self::pathClear($_SERVER["DOCUMENT_URI"]); | ||
// 兼容 index.php/test/todo 情况; | ||
if( strstr($uri,'.php/')){ | ||
$uri = substr($uri,0,strpos($uri,'.php/')).'.php'; | ||
} | ||
if( substr($index,- strlen($uri) ) == $uri){ | ||
$path = substr($index,0,strlen($index)-strlen($uri)); | ||
return rtrim($path,'/').'/'; | ||
} | ||
} | ||
return $_SERVER['DOCUMENT_ROOT']; | ||
} | ||
public static function host(){ | ||
$protocol = "http://"; | ||
if( (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || | ||
(isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') || | ||
$_SERVER['SERVER_PORT'] === 443 | ||
){ | ||
$protocol = 'https://'; | ||
} | ||
|
||
$url_host = $_SERVER['SERVER_NAME'].($_SERVER['SERVER_PORT']=='80' ? '' : ':'.$_SERVER['SERVER_PORT']); | ||
$host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $url_host; | ||
$host = isset($_SERVER['HTTP_X_FORWARDED_HOST']) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : $host;//proxy | ||
return rtrim($protocol.$host,'/').'/'; | ||
} | ||
public static function pathClear($path){ | ||
$path = str_replace('\\','/',trim($path)); | ||
$path = preg_replace('/\/+/', '/', $path); | ||
if (strstr($path,'../')) { | ||
$path = preg_replace('/\/\.+\//', '/', $path); | ||
} | ||
return $path; | ||
} | ||
} |
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
<?php | ||
|
||
class adminAnalysis extends Controller{ | ||
function __construct() { | ||
parent::__construct(); | ||
$this->model = Model('Analysis'); | ||
} | ||
|
||
public function option(){ | ||
$list = array('user', 'file', 'access', 'server'); | ||
$type = Input::get('type','in',null,$list); | ||
$result = $this->model->option($type); | ||
show_json($result); | ||
} | ||
|
||
public function chart(){ | ||
$data = Input::getArray(array( | ||
'userID' => array("check"=>"int","default"=>null), | ||
'groupID' => array("check"=>"int","default"=>null), | ||
)); | ||
$result = $this->model->fileChart($data); | ||
show_json($result); | ||
} | ||
|
||
// 计划任务写入记录:regist、store | ||
public function record(){ | ||
$type = Input::get('type','in',null,array('regist', 'store')); | ||
$result = $this->model->record($type); | ||
|
||
$msg = !!$result ? LNG('explorer.success') : LNG('explorer.error'); | ||
show_json($msg,!!$result); | ||
} | ||
|
||
// 列表:用户空间、部门空间 | ||
public function table(){ | ||
$type = Input::get('type','in',null,array('user', 'group')); | ||
$result = $this->model->listTable($type); | ||
show_json($result); | ||
} | ||
|
||
/** | ||
* 趋势:userTrend、storeTrend | ||
* userTrend: 每日增长(regist,写计划任务)、每日登录(log) | ||
* storeTrend: 使用空间、时间使用——计划任务 | ||
* @return void | ||
*/ | ||
public function trend(){ | ||
$data = Input::getArray(array( | ||
'type' => array('check' => 'require', 'default' => 'user'), // user/store | ||
'time' => array('check' => 'require', 'default' => 'day'), // day/week/month/year | ||
)); | ||
$result = $this->model->trend($data['type'], $data['time']); | ||
show_json($result); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
<?php | ||
/* | ||
* @link http://kodcloud.com/ | ||
* @author warlee | e-mail:[email protected] | ||
* @copyright warlee 2014.(Shanghai)Co.,Ltd | ||
* @license http://kodcloud.com/tools/license/license.txt | ||
*/ | ||
|
||
//权限组管理 | ||
class adminAuth extends Controller{ | ||
private $model; | ||
function __construct() { | ||
parent::__construct(); | ||
$this->model = Model('Auth'); | ||
} | ||
|
||
/** | ||
* 根据所在部门获取用户列表 | ||
*/ | ||
public function get() { | ||
$result = $this->model->listData(); | ||
show_json($result,true); | ||
} | ||
|
||
/** | ||
* 添加用户 | ||
*/ | ||
public function add() { | ||
$data = Input::getArray(array( | ||
"name" => array("check"=>"require"), | ||
"display" => array("check"=>"int","default"=>0), | ||
"auth" => array("check"=>"int"), | ||
"label" => array("check"=>"require"), | ||
)); | ||
$res = $this->model->add($data); | ||
$msg = $res ? LNG('explorer.success') : LNG('explorer.error') . '! ' . LNG('explorer.pathExists'); | ||
show_json($msg,!!$res); | ||
} | ||
|
||
/** | ||
* 编辑 | ||
*/ | ||
public function edit() { | ||
$data = Input::getArray(array( | ||
"id" => array("check"=>"int"), | ||
"name" => array("check"=>"require","default"=>null), | ||
"display" => array("check"=>"int","default"=>null), | ||
"auth" => array("check"=>"int","default"=>null), | ||
"label" => array("check"=>"require","default"=>null), | ||
// "sort" => array("check"=>"require","default"=>0), | ||
)); | ||
$res = $this->model->update($data['id'],$data); | ||
$msg = $res ? LNG('explorer.success') : LNG('explorer.error') . '! ' . LNG('explorer.pathExists'); | ||
return show_json($msg,!!$res); | ||
} | ||
|
||
/** | ||
* 删除 | ||
*/ | ||
public function remove() { | ||
$id = Input::get('id','int'); | ||
// 判断是否被使用 | ||
$cnt1 = Model('SourceAuth')->where(array('authID' => $id))->count(); | ||
$cnt2 = Model('user_group')->where(array('authID' => $id))->count(); | ||
$cnt = (int) $cnt1 + (int) $cnt2; | ||
if($cnt) show_json(LNG('admin.auth.delErrTips'), false); | ||
$res = $this->model->remove($id); | ||
$msg = $res ? LNG('explorer.success') : LNG('explorer.error'); | ||
show_json($msg,!!$res); | ||
} | ||
|
||
// 移动排序、拖拽排序 | ||
public function sort() { | ||
$ids = Input::get('ids', 'require'); | ||
$ids = explode(',', $ids); | ||
foreach($ids as $i => $id) { | ||
$this->model->sort($id,array("sort"=> $i)); | ||
} | ||
show_json(LNG('explorer.success')); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
<?php | ||
/** | ||
* 自动执行 | ||
*/ | ||
class adminAutoRun extends Controller { | ||
function __construct() { | ||
parent::__construct(); | ||
} | ||
|
||
public function index(){ | ||
$this->logBind(); | ||
} | ||
public function logBind(){ | ||
// 退出时在请求出记录,其他在出执行结果后记录 | ||
if(ACTION == 'user.index.logout'){ | ||
if($user = Session::get('kodUser')) { | ||
$data = array( | ||
'code' => true, | ||
'data' => array( | ||
'userID' => $user['userID'], | ||
'name' => $user['name'], | ||
'nickName' => $user['nickName'], | ||
) | ||
); | ||
$this->log($data); | ||
} | ||
return; | ||
} | ||
Hook::bind('show_json','admin.AutoRun.log'); | ||
Hook::bind('explorer.fileDownload','admin.AutoRun.log'); | ||
} | ||
|
||
public function log($data){ | ||
if(isset($data['code']) && !$data['code']) return false; | ||
if(!isset($data['data']) || !is_array($data)){ | ||
$data = array('data' => $data); | ||
} | ||
$info = isset($data['info']) ? $data['info'] : null; | ||
ActionCall('admin.log.log',$data['data'], $info); | ||
} | ||
} |
Oops, something went wrong.