From 679ea299d9ccd162177301a81a89485ac59af88e Mon Sep 17 00:00:00 2001 From: filesite Date: Wed, 18 Sep 2024 21:51:16 +0800 Subject: [PATCH] add lan ip and white ip check for admin functions --- conf/app.php | 10 +++++++++ controller/Controller.php | 2 +- plugins/Common.php | 23 +++++++++++++++++++++ themes/beauty/controller/ListController.php | 3 ++- themes/beauty/controller/SiteController.php | 13 ++++++++++-- themes/beauty/views/site/index.php | 4 ++++ themes/beauty/views/site/player.php | 2 ++ 7 files changed, 53 insertions(+), 4 deletions(-) diff --git a/conf/app.php b/conf/app.php index 456929e..2c31d3a 100644 --- a/conf/app.php +++ b/conf/app.php @@ -69,6 +69,16 @@ $configs = array( 'defaultMenuStatusInPC' => 'closed', //PC下左侧目录默认状态,可选值:opened, closed + //开启局域网ip拥有管理权限,如:保存目录、视频封面图 + //默认只支持192.168网段以及本机(127.0.0.1、localhost) + 'adminForLanIps' => true, + + //拥有管理权限的ip白名单 + 'adminWhiteIps' => array( + '127.0.0.1', + '192.168.1.105', + ), + /* //视频皮肤配置 'videoblog' => array( diff --git a/controller/Controller.php b/controller/Controller.php index 402feab..3d0aca2 100644 --- a/controller/Controller.php +++ b/controller/Controller.php @@ -192,7 +192,7 @@ Class Controller { if (!empty($ips)) { for ($i = 0; $i < count($ips); $i++) { - if (!preg_match("/^(10│172\.16│192\.168)\./", $ips[$i])) { + if (!preg_match("/^(10|172\.16|192\.168)\./", $ips[$i])) { $ip = $ips[$i]; break; } diff --git a/plugins/Common.php b/plugins/Common.php index 63c303b..cd65d46 100644 --- a/plugins/Common.php +++ b/plugins/Common.php @@ -691,4 +691,27 @@ Class Common { return $authed; } + //判断当前用户IP是否拥有管理权限 + public static function isAdminIp($ip) { + $admin = false; + + $localhostIps = array( + '127.0.0.1', + 'localhost', + ); + + if ( !empty(FSC::$app['config']['adminForLanIps']) && ( + preg_match("/^(10|172\.16|192\.168)\./", $ip) + || + in_array($ip, $localhostIps) + ) + ) { + $admin = true; + }else if (!empty(FSC::$app['config']['adminWhiteIps']) && in_array($ip, FSC::$app['config']['adminWhiteIps'])) { + $admin = true; + } + + return $admin; + } + } \ No newline at end of file diff --git a/themes/beauty/controller/ListController.php b/themes/beauty/controller/ListController.php index 8e0e1b2..1c7e31b 100644 --- a/themes/beauty/controller/ListController.php +++ b/themes/beauty/controller/ListController.php @@ -226,11 +226,12 @@ Class ListController extends Controller { //获取目录面包屑 $breadcrumbs = $this->getBreadcrumbs($currentDir, $cachedParentData, $scanner); + $isAdminIp = Common::isAdminIp($this->getUserIp()); //判断是否拥有管理权限 $viewName = '//site/index'; //共享视图 $params = compact( 'cateId', 'dirTree', 'scanResults', 'menus', 'htmlReadme', 'breadcrumbs', 'htmlCateReadme', - 'mp3File', 'page', 'pageSize', 'cacheDataId', 'copyright', 'showType' + 'mp3File', 'page', 'pageSize', 'cacheDataId', 'copyright', 'showType', 'isAdminIp' ); return $this->render($viewName, $params, $pageTitle); } diff --git a/themes/beauty/controller/SiteController.php b/themes/beauty/controller/SiteController.php index 7bc2185..c18bf07 100644 --- a/themes/beauty/controller/SiteController.php +++ b/themes/beauty/controller/SiteController.php @@ -214,12 +214,13 @@ Class SiteController extends Controller { return $this->renderJson(compact('page', 'pageSize', 'videos')); } + $isAdminIp = Common::isAdminIp($this->getUserIp()); //判断是否拥有管理权限 $viewName = 'index'; $params = compact( 'page', 'pageSize', 'cacheDataId', 'showType', 'dirTree', 'scanResults', 'menus', 'htmlReadme', 'htmlCateReadme', 'mp3File', 'copyright', - 'alertWarning' + 'alertWarning', 'isAdminIp' ); return $this->render($viewName, $params, $pageTitle); } @@ -373,6 +374,9 @@ Class SiteController extends Controller { if (empty($cateId) || empty($url)) { $code = 0; $msg = '参数不能为空'; + }else if (Common::isAdminIp($this->getUserIp()) == false) { + $code = 0; + $msg = '403 Forbidden,禁止访问'; }else { $cacheKey = $this->getCacheKey($cateId, 'snap'); $img_id = ''; //为保持数据格式一致,图片id传空 @@ -579,13 +583,15 @@ Class SiteController extends Controller { $copyright = $readmeFile['copyright']; } + $isAdminIp = Common::isAdminIp($this->getUserIp()); //判断是否拥有管理权限 + $pageTitle = "正在播放:{$videoFilename}"; $this->layout = 'player'; $viewName = 'player'; $params = compact( 'videoUrl', 'videoId', 'videoFilename', 'cateId', 'cacheParentDataId', 'page', 'pageSize', - 'copyright' + 'copyright', 'isAdminIp' ); return $this->render($viewName, $params, $pageTitle); } @@ -628,6 +634,9 @@ Class SiteController extends Controller { if (empty($videoId) || empty($metaData)) { $code = 0; $msg = '参数不能为空'; + }else if (Common::isAdminIp($this->getUserIp()) == false) { + $code = 0; + $msg = '403 Forbidden,禁止访问'; }else { $cacheKey = $this->getCacheKey($videoId, 'vmeta'); $cacheSubDir = 'video'; diff --git a/themes/beauty/views/site/index.php b/themes/beauty/views/site/index.php index 97ecad4..af28312 100644 --- a/themes/beauty/views/site/index.php +++ b/themes/beauty/views/site/index.php @@ -86,6 +86,10 @@ if (empty($selectedId) && !empty($viewData['menus'])) { $btnSetSnap = ''; } +if (empty($viewData['isAdminIp'])) { + $btnSetSnap = ''; +} + if (!empty($category['files'])) { $total = Html::getDataTotal($category['files'], $supportedExts); //翻页支持 } diff --git a/themes/beauty/views/site/player.php b/themes/beauty/views/site/player.php index f7519c4..6c74a56 100644 --- a/themes/beauty/views/site/player.php +++ b/themes/beauty/views/site/player.php @@ -41,10 +41,12 @@
+ + download icon 下载视频