2 Commits

Author SHA1 Message Date
flucout aba885f434 update 3 months ago
flucout 5e1f19de53 支持生成自签SSL证书 3 months ago
  1. 29
      app/command/Clean.php
  2. 96
      app/common.php
  3. 33
      app/controller/Admin.php
  4. 56
      app/controller/Api.php
  5. 10
      app/lib/BtPlugins.php
  6. 484
      app/lib/Btapi.php
  7. 1
      app/lib/ThirdPlugins.php
  8. 52
      app/middleware/AuthAdmin.php
  9. 38
      app/middleware/CheckAdmin.php
  10. 2
      app/middleware/LoadConfig.php
  11. 48
      app/middleware/RefererCheck.php
  12. 31
      app/script/cacert.sh
  13. 2
      app/view/admin/deplist.html
  14. 118
      app/view/admin/index.html
  15. 17
      app/view/admin/layout.html
  16. 6
      app/view/admin/list.html
  17. 6
      app/view/admin/log.html
  18. 12
      app/view/admin/login.html
  19. 13
      app/view/admin/plugins.html
  20. 6
      app/view/admin/pluginswin.html
  21. 6
      app/view/admin/record.html
  22. 2
      app/view/admin/set.html
  23. 86
      app/view/admin/ssl.html
  24. 118
      app/view/dispatch_jump.html
  25. 6
      app/view/index/download.html
  26. 2
      app/view/install/index.html
  27. 12
      install.sql
  28. 7
      route/app.php

29
app/command/Clean.php

@ -68,37 +68,10 @@ class Clean extends Command
if($file == '.' || $file == '..') continue; if($file == '.' || $file == '..') continue;
if(!in_array($file, $file_list)){ if(!in_array($file, $file_list)){
$filepath = $data_dir . 'folder/' . $file; $filepath = $data_dir . 'folder/' . $file;
$this->delete_dir($filepath);
deleteDir($filepath);
$count++; $count++;
} }
} }
$output->writeln($os.'成功清理'.$count.'个历史版本插件目录'); $output->writeln($os.'成功清理'.$count.'个历史版本插件目录');
} }
// 删除文件夹
private function delete_dir($dir){
$rd = opendir($dir);
if (!$rd) {
return false;
}
while (($file = readdir($rd)) !== false) {
if ($file == '.' || $file == '..') {
continue;
}
$file = $dir . '/' . $file;
if (is_dir($file)) {
$this->delete_dir($file);
}
else {
unlink($file);
}
}
closedir($rd);
rmdir($dir);
return true;
}
} }

96
app/common.php

@ -180,6 +180,11 @@ function checkIfActive($string) {
return null; return null;
} }
function checkDomain($domain){
if(empty($domain) || !preg_match('/^[-$a-z0-9_*.]{2,512}$/i', $domain) || (stripos($domain, '.') === false) || substr($domain, -1) == '.' || substr($domain, 0 ,1) == '.' || substr($domain, 0 ,1) == '*' && substr($domain, 1 ,1) != '.' || substr_count($domain, '*')>1 || strpos($domain, '*')>0 || strlen($domain)<4) return false;
return true;
}
function errorlog($msg){ function errorlog($msg){
$handle = fopen(app()->getRootPath()."record.txt", 'a'); $handle = fopen(app()->getRootPath()."record.txt", 'a');
fwrite($handle, date('Y-m-d H:i:s')."\t".$msg."\r\n"); fwrite($handle, date('Y-m-d H:i:s')."\t".$msg."\r\n");
@ -224,4 +229,95 @@ function pemToBase64($pem){
} }
} }
return $encoded; return $encoded;
}
function makeSelfSignSSL(string $commonName, array $domainList, $validity = 3650){
// 加载 CA 证书和私钥
$dir = app()->getBasePath().'script/';
$caCert = file_get_contents($dir.'ca.crt');
$caPrivateKey = file_get_contents($dir.'ca.key');
$opensslConfigFile = sys_get_temp_dir().'/openssl'.time().mt_rand(1000, 9999).'.cnf';
$opensslConfigContent = <<<EOF
[req]
req_extensions = extension_section
x509_extensions = extension_section
distinguished_name = dn
[dn]
[extension_section]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names
[alt_names]
EOF;
$ip_index = 1;
$dns_index = 1;
foreach ($domainList as $value) {
if(empty($value)) continue;
if(filter_var($value, FILTER_VALIDATE_IP)){
$opensslConfigContent .= sprintf("\nIP.%d = %s", $ip_index, $value);
$ip_index++;
}else{
$opensslConfigContent .= sprintf("\nDNS.%d = %s", $dns_index, $value);
$dns_index++;
}
}
if(!file_put_contents($opensslConfigFile, $opensslConfigContent)) return false;
// 生成域名证书的私钥和 CSR
$domainPrivateKey = openssl_pkey_new([
'private_key_bits' => 2048,
'private_key_type' => OPENSSL_KEYTYPE_RSA,
]);
if(!$domainPrivateKey) return false;
$csrConfig = ['digest_alg' => 'sha256', 'config' => $opensslConfigFile];
$domainCsr = openssl_csr_new([
'commonName' => $commonName
], $domainPrivateKey, $csrConfig);
if(!$domainCsr) return false;
// 生成域名证书
$domainCertificate = openssl_csr_sign($domainCsr, $caCert, $caPrivateKey, $validity, $csrConfig);
if(!$domainCertificate) return false;
// 导出域名证书
openssl_x509_export($domainCertificate, $certificate);
openssl_pkey_export($domainPrivateKey, $privateKey);
$certificate .= $caCert;
unlink($opensslConfigFile);
return ['cert' => $certificate, 'key' => $privateKey];
}
function deleteDir($dir){
$rd = opendir($dir);
if (!$rd) {
return false;
}
while (($file = readdir($rd)) !== false) {
if ($file == '.' || $file == '..') {
continue;
}
$file = $dir . '/' . $file;
if (is_dir($file)) {
deleteDir($file);
}
else {
unlink($file);
}
}
closedir($rd);
rmdir($dir);
return true;
} }

33
app/controller/Admin.php

@ -400,4 +400,37 @@ class Admin extends BaseController
Cache::clear(); Cache::clear();
return json(['code'=>0,'msg'=>'succ']); return json(['code'=>0,'msg'=>'succ']);
} }
public function ssl(){
if(request()->isAjax()){
$domain_list = input('post.domain_list', null, 'trim');
$common_name = input('post.common_name', null, 'trim');
$validity = input('post.validity/d');
if(empty($domain_list) || empty($validity)){
return json(['code'=>-1, 'msg'=>'参数不能为空']);
}
$array = explode("\n", $domain_list);
$domain_list = [];
foreach($array as $domain){
$domain = trim($domain);
if(empty($domain)) continue;
if(!checkDomain($domain)) return json(['code'=>-1, 'msg'=>'域名或IP格式不正确:'.$domain]);
$domain_list[] = $domain;
}
if(empty($domain_list)) return json(['code'=>-1, 'msg'=>'域名列表不能为空']);
if(empty($common_name)) $common_name = $domain_list[0];
$result = makeSelfSignSSL($common_name, $domain_list, $validity);
if(!$result){
return json(['code'=>-1, 'msg'=>'生成证书失败']);
}
return json(['code'=>0, 'msg'=>'生成证书成功', 'cert'=>$result['cert'], 'key'=>$result['key']]);
}
$dir = app()->getBasePath().'script/';
$ssl_path = app()->getRootPath().'public/ssl/baota_root.pfx';
$ssl_path_mac = app()->getRootPath().'public/ssl/baota_root.crt';
$isca = file_exists($dir.'ca.crt') && file_exists($dir.'ca.key') && file_exists($ssl_path) && file_exists($ssl_path_mac);
View::assign('isca', $isca);
return view();
}
} }

56
app/controller/Api.php

@ -48,7 +48,7 @@ class Api extends BaseController
if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){ if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
return '参数不正确'; return '参数不正确';
} }
if(!$this->checklist()) '你的服务器被禁止使用此云端';
if(!$this->checklist()) return '你的服务器被禁止使用此云端';
$filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip'; $filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip';
if(file_exists($filepath)){ if(file_exists($filepath)){
$filename = $plugin_name.'.zip'; $filename = $plugin_name.'.zip';
@ -70,19 +70,21 @@ class Api extends BaseController
if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){ if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
return '参数不正确'; return '参数不正确';
} }
if(!$this->checklist()) '你的服务器被禁止使用此云端';
$filepath = get_data_dir($os).'plugins/main/'.$plugin_name.'-'.$version.'.dat';
if(file_exists($filepath)){
if(!$this->checklist()) return '你的服务器被禁止使用此云端';
$filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip';
$mainfilepath = get_data_dir($os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
if(file_exists($mainfilepath)){
$filename = $plugin_name.'_main.py'; $filename = $plugin_name.'_main.py';
$this->output_file($filepath, $filename);
}else{
$filepath = get_data_dir($os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
if(file_exists($filepath)){
$filename = $plugin_name.'_main.py';
$this->output_file($filepath, $filename);
$this->output_file($mainfilepath, $filename);
}elseif(file_exists($filepath)){
$zip = new \ZipArchive;
if ($zip->open($filepath) === true){
echo $zip->getFromName($plugin_name.'/'.$plugin_name.'_main.py');
}else{ }else{
return '云端不存在该插件主文件';
return '插件包解压缩失败';
} }
}else{
return '云端不存在该插件主文件';
} }
} }
@ -464,4 +466,36 @@ class Api extends BaseController
fclose($handle); fclose($handle);
return json(['status'=>false, 'msg'=>'不支持当前操作']); return json(['status'=>false, 'msg'=>'不支持当前操作']);
} }
//生成自签名SSL证书
public function bt_cert(){
$data = input('post.data');
$param = json_decode($data, true);
if(!$param || !isset($param['action']) || !isset($param['domain'])) return json(['status'=>false, 'msg'=>'参数错误']);
$dir = app()->getBasePath().'script/';
$ssl_path = app()->getRootPath().'public/ssl/baota_root.pfx';
$isca = file_exists($dir.'ca.crt') && file_exists($dir.'ca.key') && file_exists($ssl_path);
if(!$isca) return json(['status'=>false, 'msg'=>'CA证书不存在']);
if($param['action'] == 'get_domain_cert'){
if(!$this->checklist()) return json(['status'=>false, 'msg'=>'你的服务器被禁止使用此云端']);
$domain = $param['domain'];
if(empty($domain)) return json(['status'=>false, 'msg'=>'域名不能为空']);
$domain_list = explode(',', $domain);
foreach($domain_list as $d){
if(!checkDomain($d)) return json(['status'=>false, 'msg'=>'域名或IP格式不正确:'.$d]);
}
$common_name = $domain_list[0];
$validity = 3650;
$result = makeSelfSignSSL($common_name, $domain_list, $validity);
if(!$result){
return json(['status'=>false, 'msg'=>'生成证书失败']);
}
$ca_pfx = base64_encode(file_get_contents($ssl_path));
return json(['status'=>true, 'msg'=>'生成证书成功', 'cert'=>$result['cert'], 'key'=>$result['key'], 'pfx'=>$ca_pfx, 'password'=>'']);
}else{
return json(['status'=>false, 'msg'=>'不支持当前操作']);
}
}
} }

10
app/lib/BtPlugins.php

@ -11,7 +11,7 @@ class BtPlugins
private $os; private $os;
//需屏蔽的插件名称列表 //需屏蔽的插件名称列表
private static $block_plugins = ['dns'];
private static $block_plugins = ['dns','bt_boce','ssl_verify'];
public function __construct($os){ public function __construct($os){
$this->os = $os; $this->os = $os;
@ -72,9 +72,10 @@ class BtPlugins
$zip = new ZipArchive; $zip = new ZipArchive;
if ($zip->open($filepath) === true) if ($zip->open($filepath) === true)
{ {
$zip->extractTo(get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version);
$plugins_dir = get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version;
$zip->extractTo($plugins_dir, $plugin_name.'/'.$plugin_name.'_main.py');
$zip->close(); $zip->close();
$main_filepath = get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
$main_filepath = $plugins_dir.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
if(file_exists($main_filepath) && filesize($main_filepath)>10){ if(file_exists($main_filepath) && filesize($main_filepath)>10){
if(!strpos(file_get_contents($main_filepath), 'import ')){ //加密py文件,需要解密 if(!strpos(file_get_contents($main_filepath), 'import ')){ //加密py文件,需要解密
$this->decode_plugin_main($plugin_name, $version, $main_filepath); $this->decode_plugin_main($plugin_name, $version, $main_filepath);
@ -84,6 +85,7 @@ class BtPlugins
$zip->close(); $zip->close();
} }
} }
deleteDir($plugins_dir);
}else{ }else{
unlink($filepath); unlink($filepath);
throw new Exception('插件包解压缩失败'); throw new Exception('插件包解压缩失败');
@ -197,6 +199,8 @@ class BtPlugins
$data = str_replace('\'https://www.bt.cn/api/bt_waf/reportInterceptFail', 'public.GetConfigValue(\'home\')+\'/api/bt_waf/reportInterceptFail', $data); $data = str_replace('\'https://www.bt.cn/api/bt_waf/reportInterceptFail', 'public.GetConfigValue(\'home\')+\'/api/bt_waf/reportInterceptFail', $data);
$data = str_replace('\'https://www.bt.cn/api/v2/contact/nps/questions', 'public.GetConfigValue(\'home\')+\'/panel/notpro', $data); $data = str_replace('\'https://www.bt.cn/api/v2/contact/nps/questions', 'public.GetConfigValue(\'home\')+\'/panel/notpro', $data);
$data = str_replace('\'https://www.bt.cn/api/v2/contact/nps/submit', 'public.GetConfigValue(\'home\')+\'/panel/notpro', $data); $data = str_replace('\'https://www.bt.cn/api/v2/contact/nps/submit', 'public.GetConfigValue(\'home\')+\'/panel/notpro', $data);
$data = str_replace('\'http://www.bt.cn/api/Auth', 'public.GetConfigValue(\'home\')+\'/api/Auth', $data);
$data = str_replace('\'https://www.bt.cn/api/Auth', 'public.GetConfigValue(\'home\')+\'/api/Auth', $data);
file_put_contents($main_filepath, $data); file_put_contents($main_filepath, $data);
} }

484
app/lib/Btapi.php

@ -1,243 +1,243 @@
<?php
namespace app\lib;
use Exception;
class Btapi
{
private $BT_KEY; //接口密钥
private $BT_PANEL; //面板地址
public function __construct($bt_panel, $bt_key){
$this->BT_PANEL = $bt_panel;
$this->BT_KEY = $bt_key;
}
//获取面板配置信息
public function get_config(){
$url = $this->BT_PANEL.'/config?action=get_config';
$p_data = $this->GetKeyData();
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//获取已登录用户信息
public function get_user_info(){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_user_info';
$p_data = $this->GetKeyData();
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//从云端获取插件列表
public function get_plugin_list(){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_plugin_list';
$p_data = $this->GetKeyData();
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//下载插件包,返回文件路径
public function get_plugin_filename($plugin_name, $version){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=download_plugin';
$p_data = $this->GetKeyData();
$p_data['plugin_name'] = $plugin_name;
$p_data['version'] = $version;
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//下载插件主程序文件,返回文件路径
public function get_plugin_main_filename($plugin_name, $version){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=download_plugin_main';
$p_data = $this->GetKeyData();
$p_data['plugin_name'] = $plugin_name;
$p_data['version'] = $version;
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//解密插件主程序py代码,返回文件路径
public function get_decode_plugin_main($plugin_name, $version){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=decode_plugin_main';
$p_data = $this->GetKeyData();
$p_data['plugin_name'] = $plugin_name;
$p_data['version'] = $version;
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//下载插件其他文件,返回文件路径
public function get_plugin_other_filename($fname){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=download_plugin_other';
$p_data = $this->GetKeyData();
$p_data['fname'] = $fname;
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//下载文件
public function download($filename, $localpath){
$url = $this->BT_PANEL.'/download';
$p_data = $this->GetKeyData();
$p_data['filename'] = $filename;
$result = $this->curl_download($url.'?'.http_build_query($p_data), $localpath);
return $result;
}
//获取文件base64
public function get_file($filename){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_file';
$p_data = $this->GetKeyData();
$p_data['filename'] = $filename;
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//购买第三方插件
public function create_plugin_other_order($pid){
$url = $this->BT_PANEL.'/auth?action=create_plugin_other_order';
$p_data = $this->GetKeyData();
$p_data['pid'] = $pid;
$p_data['cycle'] = '999';
$p_data['type'] = '0';
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//获取一键部署列表
public function get_deplist(){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_deplist';
$p_data = $this->GetKeyData();
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//BTWAF-获取蜘蛛列表
public function btwaf_getspiders(){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=btwaf_getspiders';
$p_data = $this->GetKeyData();
$result = $this->curl($url,$p_data);
$result = str_replace("\u0000", '', $result);
$data = json_decode($result,true);
return $data;
}
private function GetKeyData(){
$now_time = time();
$p_data = array(
'request_token' => md5($now_time.''.md5($this->BT_KEY)),
'request_time' => $now_time
);
return $p_data;
}
private function curl($url, $data = null, $timeout = 60)
{
//定义cookie保存位置
$cookie_file=app()->getRuntimePath().md5($this->BT_PANEL).'.cookie';
if(!file_exists($cookie_file)){
touch($cookie_file);
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
if($data){
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
}
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$output = curl_exec($ch);
curl_close($ch);
return $output;
}
private function curl_download($url, $localpath, $timeout = 300)
{
//定义cookie保存位置
$cookie_file=app()->getRuntimePath().md5($this->BT_PANEL).'.cookie';
if(!file_exists($cookie_file)){
touch($cookie_file);
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
$fp = fopen($localpath, 'w+');
curl_setopt($ch, CURLOPT_FILE, $fp);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_exec($ch);
if (curl_errno($ch)) {
$message = curl_error($ch);
curl_close($ch);
fclose($fp);
throw new Exception('下载文件失败:'.$message);
}
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
if($httpcode>299){
curl_close($ch);
fclose($fp);
throw new Exception('下载文件失败:HTTPCODE-'.$httpcode);
}
curl_close($ch);
fclose($fp);
return true;
}
<?php
namespace app\lib;
use Exception;
class Btapi
{
private $BT_KEY; //接口密钥
private $BT_PANEL; //面板地址
public function __construct($bt_panel, $bt_key){
$this->BT_PANEL = $bt_panel;
$this->BT_KEY = $bt_key;
}
//获取面板配置信息
public function get_config(){
$url = $this->BT_PANEL.'/config?action=get_config';
$p_data = $this->GetKeyData();
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//获取已登录用户信息
public function get_user_info(){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_user_info';
$p_data = $this->GetKeyData();
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//从云端获取插件列表
public function get_plugin_list(){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_plugin_list';
$p_data = $this->GetKeyData();
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//下载插件包,返回文件路径
public function get_plugin_filename($plugin_name, $version){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=download_plugin';
$p_data = $this->GetKeyData();
$p_data['plugin_name'] = $plugin_name;
$p_data['version'] = $version;
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//下载插件主程序文件,返回文件路径
public function get_plugin_main_filename($plugin_name, $version){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=download_plugin_main';
$p_data = $this->GetKeyData();
$p_data['plugin_name'] = $plugin_name;
$p_data['version'] = $version;
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//解密插件主程序py代码,返回文件路径
public function get_decode_plugin_main($plugin_name, $version){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=decode_plugin_main';
$p_data = $this->GetKeyData();
$p_data['plugin_name'] = $plugin_name;
$p_data['version'] = $version;
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//下载插件其他文件,返回文件路径
public function get_plugin_other_filename($fname){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=download_plugin_other';
$p_data = $this->GetKeyData();
$p_data['fname'] = $fname;
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//下载文件
public function download($filename, $localpath){
$url = $this->BT_PANEL.'/download';
$p_data = $this->GetKeyData();
$p_data['filename'] = $filename;
$result = $this->curl_download($url.'?'.http_build_query($p_data), $localpath);
return $result;
}
//获取文件base64
public function get_file($filename){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_file';
$p_data = $this->GetKeyData();
$p_data['filename'] = $filename;
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//购买第三方插件
public function create_plugin_other_order($pid){
$url = $this->BT_PANEL.'/auth?action=create_plugin_other_order';
$p_data = $this->GetKeyData();
$p_data['pid'] = $pid;
$p_data['cycle'] = '999';
$p_data['type'] = '0';
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//获取一键部署列表
public function get_deplist(){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_deplist';
$p_data = $this->GetKeyData();
$result = $this->curl($url,$p_data);
$data = json_decode($result,true);
return $data;
}
//BTWAF-获取蜘蛛列表
public function btwaf_getspiders(){
$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=btwaf_getspiders';
$p_data = $this->GetKeyData();
$result = $this->curl($url,$p_data);
$result = str_replace("\u0000", '', $result);
$data = json_decode($result,true);
return $data;
}
private function GetKeyData(){
$now_time = time();
$p_data = array(
'request_token' => md5($now_time.''.md5($this->BT_KEY)),
'request_time' => $now_time
);
return $p_data;
}
private function curl($url, $data = null, $timeout = 60)
{
//定义cookie保存位置
$cookie_file=app()->getRuntimePath().md5($this->BT_PANEL).'.cookie';
if(!file_exists($cookie_file)){
touch($cookie_file);
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
if($data){
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
}
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$output = curl_exec($ch);
curl_close($ch);
return $output;
}
private function curl_download($url, $localpath, $timeout = 300)
{
//定义cookie保存位置
$cookie_file=app()->getRuntimePath().md5($this->BT_PANEL).'.cookie';
if(!file_exists($cookie_file)){
touch($cookie_file);
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
$fp = fopen($localpath, 'w+');
curl_setopt($ch, CURLOPT_FILE, $fp);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_exec($ch);
if (curl_errno($ch)) {
$message = curl_error($ch);
curl_close($ch);
fclose($fp);
throw new Exception('下载文件失败:'.$message);
}
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
if($httpcode>299){
curl_close($ch);
fclose($fp);
throw new Exception('下载文件失败:HTTPCODE-'.$httpcode);
}
curl_close($ch);
fclose($fp);
return true;
}
} }

1
app/lib/ThirdPlugins.php

@ -65,7 +65,6 @@ class ThirdPlugins
$zip = new ZipArchive; $zip = new ZipArchive;
if ($zip->open($filepath) === true) if ($zip->open($filepath) === true)
{ {
$zip->extractTo(get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version);
$zip->close(); $zip->close();
return true; return true;
}else{ }else{

52
app/middleware/AuthAdmin.php

@ -1,26 +1,26 @@
<?php
declare (strict_types=1);
namespace app\middleware;
class AuthAdmin
{
public function handle($request, \Closure $next)
{
$islogin = false;
$cookie = cookie('admin_token');
if($cookie){
$token=authcode($cookie, 'DECODE', config_get('syskey'));
if($token){
list($user, $sid, $expiretime) = explode("\t", $token);
$session=md5(config_get('admin_username').config_get('admin_password'));
if($session==$sid && $expiretime>time()) {
$islogin = true;
}
}
}
request()->islogin = $islogin;
return $next($request);
}
}
<?php
declare (strict_types=1);
namespace app\middleware;
class AuthAdmin
{
public function handle($request, \Closure $next)
{
$islogin = false;
$cookie = cookie('admin_token');
if($cookie){
$token=authcode($cookie, 'DECODE', config_get('syskey'));
if($token){
list($user, $sid, $expiretime) = explode("\t", $token);
$session=md5(config_get('admin_username').config_get('admin_password'));
if($session==$sid && $expiretime>time()) {
$islogin = true;
}
}
}
request()->islogin = $islogin;
return $next($request);
}
}

38
app/middleware/CheckAdmin.php

@ -1,19 +1,19 @@
<?php
declare (strict_types=1);
namespace app\middleware;
class CheckAdmin
{
public function handle($request, \Closure $next)
{
if (!request()->islogin) {
if ($request->isAjax() || !$request->isGet()) {
return json(['code'=>-1, 'msg'=>'未登录'])->code(401);
}
return redirect((string)url('/admin/login'));
}
return $next($request);
}
}
<?php
declare (strict_types=1);
namespace app\middleware;
class CheckAdmin
{
public function handle($request, \Closure $next)
{
if (!request()->islogin) {
if ($request->isAjax() || !$request->isGet()) {
return json(['code'=>-1, 'msg'=>'未登录'])->code(401);
}
return redirect((string)url('/admin/login'));
}
return $next($request);
}
}

2
app/middleware/LoadConfig.php

@ -5,6 +5,7 @@ namespace app\middleware;
use think\facade\Db; use think\facade\Db;
use think\facade\Config; use think\facade\Config;
use think\facade\View;
class LoadConfig class LoadConfig
{ {
@ -31,6 +32,7 @@ class LoadConfig
$res = Db::name('config')->cache('configs',0)->column('value','key'); $res = Db::name('config')->cache('configs',0)->column('value','key');
Config::set($res, 'sys'); Config::set($res, 'sys');
View::assign('cdnpublic', '//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/');
return $next($request)->header([ return $next($request)->header([
'Cache-Control' => 'no-store, no-cache, must-revalidate', 'Cache-Control' => 'no-store, no-cache, must-revalidate',
'Pragma' => 'no-cache', 'Pragma' => 'no-cache',

48
app/middleware/RefererCheck.php

@ -1,24 +1,24 @@
<?php
declare (strict_types=1);
namespace app\middleware;
use think\facade\View;
class RefererCheck
{
/**
* 处理请求
*
* @param \think\Request $request
* @param \Closure $next
* @return Response
*/
public function handle($request, \Closure $next)
{
if(!checkRefererHost()){
return response('Access Denied', 403);
}
return $next($request);
}
}
<?php
declare (strict_types=1);
namespace app\middleware;
use think\facade\View;
class RefererCheck
{
/**
* 处理请求
*
* @param \think\Request $request
* @param \Closure $next
* @return Response
*/
public function handle($request, \Closure $next)
{
if(!checkRefererHost()){
return response('Access Denied', 403);
}
return $next($request);
}
}

31
app/script/cacert.sh

@ -0,0 +1,31 @@
#!/bin/bash
OPENSSL_CHECK=$(which openssl)
if [ "$?" != "0" ]; then
echo "未安装OpenSSL"
exit 1
fi
if [ ! -f ca.key ] && [ ! -f ca.crt ]; then
openssl genrsa -out ca.key 2048
openssl req -new -x509 -utf8 -days 3650 -extensions v3_ca -subj "/C=CN/O=宝塔面板/CN=宝塔面板" -key ca.key -out ca.crt
fi
openssl genrsa -out server.key 2048
openssl req -new -nodes -key server.key -subj "/C=CN/O=BTPanel/CN=BTPanel" -out server.csr
openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 3650 -extensions req_ext
cat ca.crt >> server.crt
openssl pkcs12 -export -out baota_root.pfx -inkey server.key -in server.crt -password pass:
if [ "$?" != "0" ]; then
echo "生成CA根证书失败"
exit 1
fi
mkdir -p ../../public/ssl
\cp baota_root.pfx ../../public/ssl/baota_root.pfx
\cp ca.crt ../../public/ssl/baota_root.crt
rm -f server.crt server.key server.csr
echo "生成CA根证书成功"

2
app/view/admin/deplist.html

@ -16,7 +16,7 @@
</div> </div>
</div> </div>
</div> </div>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
<script> <script>
function refresh_deplist(os){ function refresh_deplist(os){
var confirm = layer.confirm('是否确定从宝塔官方获取最新一键部署列表?', { var confirm = layer.confirm('是否确定从宝塔官方获取最新一键部署列表?', {

118
app/view/admin/index.html

@ -1,60 +1,60 @@
{extend name="admin/layout" /}
{block name="title"}宝塔第三方云端管理中心{/block}
{block name="main"}
<style>
.table>tbody>tr>td{white-space: normal;}
.query-title {
background-color:#f5fafe;
word-break: keep-all;
}
.query-result{
word-break: break-all;
}
</style>
<div class="container" style="padding-top:70px;">
<div class="col-xs-12 col-sm-10 col-md-8 center-block" style="float: none;">
<div class="panel panel-primary">
<div class="panel-heading"><h3 class="panel-title">后台管理首页</h3></div>
<div class="list-group">
<div class="list-group-item"><span class="glyphicon glyphicon-stats"></span> <b>宝塔插件统计:</b>共有 {$stat.total} 个,其中免费插件 {$stat.free} 个,专业版插件 {$stat.pro} 个,企业版插件 {$stat.ltd} 个,第三方插件 {$stat.third} 个</div>
<div class="list-group-item"><span class="glyphicon glyphicon-tint"></span> <b>使用记录统计:</b>历史总共数量:{$stat.record_total},正在使用数量:{$stat.record_isuse}</div>
<div class="list-group-item"><span class="glyphicon glyphicon-time"></span> <b>任务运行情况:</b>上次运行时间:{$stat.runtime|raw}&nbsp;&nbsp;<a href="/admin/set/mod/task" class="btn btn-xs btn-info">查看详情</a></div>
<div class="list-group-item"><span class="glyphicon glyphicon-cog"></span> <b>常用功能入口:</b><a href="/admin/plugins" class="btn btn-xs btn-default">插件列表</a>&nbsp;<a href="/admin/record" class="btn btn-xs btn-default">使用记录</a>&nbsp;<a href="/admin/list" class="btn btn-xs btn-default">黑白名单</a>&nbsp;<a href="/download" class="btn btn-xs btn-default" target="_blank">安装脚本</a></div>
</div>
</div>
<div class="panel panel-info">
<div class="panel-heading">
<h3 class="panel-title">服务器信息</h3>
</div>
<table class="table table-bordered">
<tbody>
<tr>
<td class="query-title">框架版本</td>
<td class="query-result">{$info.framework_version}</td>
</tr>
<tr>
<td class="query-title">PHP版本</td>
<td class="query-result">{$info.php_version}</td>
</tr>
<tr>
<td class="query-title">MySQL版本</td>
<td class="query-result">{$info.mysql_version}</td>
</tr>
<tr>
<td class="query-title">WEB软件</td>
<td class="query-result">{$info.software}</td>
</tr>
<tr>
<td class="query-title">操作系统</td>
<td class="query-result">{$info.os}</td>
</tr>
<tr>
<td class="query-title">服务器时间</td>
<td class="query-result">{$info.date}</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
{extend name="admin/layout" /}
{block name="title"}宝塔第三方云端管理中心{/block}
{block name="main"}
<style>
.table>tbody>tr>td{white-space: normal;}
.query-title {
background-color:#f5fafe;
word-break: keep-all;
}
.query-result{
word-break: break-all;
}
</style>
<div class="container" style="padding-top:70px;">
<div class="col-xs-12 col-sm-10 col-md-8 center-block" style="float: none;">
<div class="panel panel-primary">
<div class="panel-heading"><h3 class="panel-title">后台管理首页</h3></div>
<div class="list-group">
<div class="list-group-item"><span class="glyphicon glyphicon-stats"></span> <b>宝塔插件统计:</b>共有 {$stat.total} 个,其中免费插件 {$stat.free} 个,专业版插件 {$stat.pro} 个,企业版插件 {$stat.ltd} 个,第三方插件 {$stat.third} 个</div>
<div class="list-group-item"><span class="glyphicon glyphicon-tint"></span> <b>使用记录统计:</b>历史总共数量:{$stat.record_total},正在使用数量:{$stat.record_isuse}</div>
<div class="list-group-item"><span class="glyphicon glyphicon-time"></span> <b>任务运行情况:</b>上次运行时间:{$stat.runtime|raw}&nbsp;&nbsp;<a href="/admin/set/mod/task" class="btn btn-xs btn-info">查看详情</a></div>
<div class="list-group-item"><span class="glyphicon glyphicon-cog"></span> <b>常用功能入口:</b><a href="/admin/plugins" class="btn btn-xs btn-default">插件列表</a>&nbsp;<a href="/admin/record" class="btn btn-xs btn-default">使用记录</a>&nbsp;<a href="/admin/list" class="btn btn-xs btn-default">黑白名单</a>&nbsp;<a href="/download" class="btn btn-xs btn-default" target="_blank">安装脚本</a></div>
</div>
</div>
<div class="panel panel-info">
<div class="panel-heading">
<h3 class="panel-title">服务器信息</h3>
</div>
<table class="table table-bordered">
<tbody>
<tr>
<td class="query-title">框架版本</td>
<td class="query-result">{$info.framework_version}</td>
</tr>
<tr>
<td class="query-title">PHP版本</td>
<td class="query-result">{$info.php_version}</td>
</tr>
<tr>
<td class="query-title">MySQL版本</td>
<td class="query-result">{$info.mysql_version}</td>
</tr>
<tr>
<td class="query-title">WEB软件</td>
<td class="query-result">{$info.software}</td>
</tr>
<tr>
<td class="query-title">操作系统</td>
<td class="query-result">{$info.os}</td>
</tr>
<tr>
<td class="query-title">服务器时间</td>
<td class="query-result">{$info.date}</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
{/block} {/block}

17
app/view/admin/layout.html

@ -5,15 +5,15 @@
<meta name="renderer" content="webkit"> <meta name="renderer" content="webkit">
<meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0, user-scalable=no" /> <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0, user-scalable=no" />
<title>{block name="title"}标题{/block}</title> <title>{block name="title"}标题{/block}</title>
<link href="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet" />
<link href="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet" />
<link href="{$cdnpublic}twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet" />
<link href="{$cdnpublic}font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet" />
<link href="/static/css/bootstrap-table.css" rel="stylesheet" /> <link href="/static/css/bootstrap-table.css" rel="stylesheet" />
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/modernizr/2.8.3/modernizr.min.js"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/2.1.4/jquery.min.js"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/twitter-bootstrap/3.4.1/js/bootstrap.min.js"></script>
<script src="{$cdnpublic}modernizr/2.8.3/modernizr.min.js"></script>
<script src="{$cdnpublic}jquery/2.1.4/jquery.min.js"></script>
<script src="{$cdnpublic}twitter-bootstrap/3.4.1/js/bootstrap.min.js"></script>
<!--[if lt IE 9]> <!--[if lt IE 9]>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/html5shiv/3.7.3/html5shiv.min.js"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/respond.js/1.4.2/respond.min.js"></script>
<script src="{$cdnpublic}html5shiv/3.7.3/html5shiv.min.js"></script>
<script src="{$cdnpublic}respond.js/1.4.2/respond.min.js"></script>
<![endif]--> <![endif]-->
</head> </head>
<body> <body>
@ -51,6 +51,9 @@
<li class="{:checkIfActive('log')}"> <li class="{:checkIfActive('log')}">
<a href="/admin/log"><i class="fa fa-calendar"></i> 操作日志</a> <a href="/admin/log"><i class="fa fa-calendar"></i> 操作日志</a>
</li> </li>
<li class="{:checkIfActive('ssl')}">
<a href="/admin/ssl"><i class="fa fa-expeditedssl"></i> 自签SSL</a>
</li>
<li class="{:checkIfActive('set')}"> <li class="{:checkIfActive('set')}">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><i class="fa fa-cog"></i> 系统设置<b <a href="#" class="dropdown-toggle" data-toggle="dropdown"><i class="fa fa-cog"></i> 系统设置<b
class="caret"></b></a> class="caret"></b></a>

6
app/view/admin/list.html

@ -42,9 +42,9 @@
</table> </table>
</div> </div>
</div> </div>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
<script src="/static/js/custom.js"></script> <script src="/static/js/custom.js"></script>
<script> <script>
function setEnable(id,enable) { function setEnable(id,enable) {

6
app/view/admin/log.html

@ -23,9 +23,9 @@
</table> </table>
</div> </div>
</div> </div>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
<script src="/static/js/custom.js"></script> <script src="/static/js/custom.js"></script>
<script> <script>

12
app/view/admin/login.html

@ -5,12 +5,12 @@
<meta name="renderer" content="webkit"> <meta name="renderer" content="webkit">
<meta name="viewport" content="width=device-width, initial-scale=1"/> <meta name="viewport" content="width=device-width, initial-scale=1"/>
<title>管理员登录</title> <title>管理员登录</title>
<link href="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet"/>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/modernizr/2.8.3/modernizr.min.js"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/2.1.4/jquery.min.js"></script>
<link href="{$cdnpublic}twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet"/>
<script src="{$cdnpublic}modernizr/2.8.3/modernizr.min.js"></script>
<script src="{$cdnpublic}jquery/2.1.4/jquery.min.js"></script>
<!--[if lt IE 9]> <!--[if lt IE 9]>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/html5shiv/3.7.3/html5shiv.min.js"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/respond.js/1.4.2/respond.min.js"></script>
<script src="{$cdnpublic}html5shiv/3.7.3/html5shiv.min.js"></script>
<script src="{$cdnpublic}respond.js/1.4.2/respond.min.js"></script>
<![endif]--> <![endif]-->
</head> </head>
<body> <body>
@ -63,7 +63,7 @@
</div> </div>
</div> </div>
</div> </div>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
<script> <script>
function submitlogin(){ function submitlogin(){
var user = $("input[name='user']").val(); var user = $("input[name='user']").val();

13
app/view/admin/plugins.html

@ -69,9 +69,9 @@ td{overflow: hidden;text-overflow: ellipsis;white-space: nowrap;max-width:340px;
</table> </table>
</div> </div>
</div> </div>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
<script src="/static/js/custom.js"></script> <script src="/static/js/custom.js"></script>
<script> <script>
@ -157,8 +157,13 @@ function download_item(){
layer.alert('成功下载'+$.downloadCount+'个插件包!', {icon:1}, function(){layer.closeAll();searchSubmit();}); layer.alert('成功下载'+$.downloadCount+'个插件包!', {icon:1}, function(){layer.closeAll();searchSubmit();});
return; return;
} }
$.downloadCount++;
var plugin = $.preDownload[0]; var plugin = $.preDownload[0];
if(plugin.name == 'firewall'){
$.preDownload.shift();
download_item();
return;
}
$.downloadCount++;
var ii = layer.msg('['+$.downloadCount+'/'+$.preDownloadCount+']正在下载'+plugin.name+'-'+plugin.version, {icon: 16, shade:0.1, time: 0}); var ii = layer.msg('['+$.downloadCount+'/'+$.preDownloadCount+']正在下载'+plugin.name+'-'+plugin.version, {icon: 16, shade:0.1, time: 0});
$.ajax({ $.ajax({
type : 'POST', type : 'POST',

6
app/view/admin/pluginswin.html

@ -69,9 +69,9 @@ td{overflow: hidden;text-overflow: ellipsis;white-space: nowrap;max-width:340px;
</table> </table>
</div> </div>
</div> </div>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
<script src="/static/js/custom.js"></script> <script src="/static/js/custom.js"></script>
<script> <script>

6
app/view/admin/record.html

@ -23,9 +23,9 @@
</table> </table>
</div> </div>
</div> </div>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
<script src="/static/js/custom.js"></script> <script src="/static/js/custom.js"></script>
<script> <script>

2
app/view/admin/set.html

@ -279,7 +279,7 @@ $("select[name='wbt_type']").change(function(){
</div> </div>
</div> </div>
{/if} {/if}
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
<script> <script>
$(document).ready(function(){ $(document).ready(function(){
var items = $("select[default]"); var items = $("select[default]");

86
app/view/admin/ssl.html

@ -0,0 +1,86 @@
{extend name="admin/layout" /}
{block name="title"}自签名SSL证书生成{/block}
{block name="main"}
<style>
.control-label[is-required]:before {
content: "*";
color: #f56c6c;
margin-right: 4px;
}
</style>
<div class="container" style="padding-top:70px;">
<div class="col-sm-12 col-md-10 col-lg-8 center-block" style="float: none;">
<div class="panel panel-primary">
<div class="panel-heading"><h3 class="panel-title">自签名SSL证书生成</h3></div>
<div class="panel-body">
{if $isca}
<div class="alert alert-warning" style="word-break:break-all;">下载CA证书并导入,可解决浏览器不安全提醒。<br/>Windows:<a href="/ssl/baota_root.pfx">baota_root.pfx</a>(密码为空),Mac/Linux:<a href="/ssl/baota_root.crt">baota_root.crt</a></div>
<form onsubmit="return makeSSL(this)" method="post" class="form" role="form">
<div class="form-group">
<label is-required="true" class="control-label">域名列表:</label>
<textarea class="form-control" name="domain_list" rows="6" placeholder="每行一个域名/IP,支持通配符" required></textarea>
</div>
<div class="form-group">
<label class="control-label">通用名称:</label>
<input type="text" name="common_name" value="" placeholder="留空则为域名列表第一个域名" class="form-control"/>
</div>
<div class="form-group">
<label is-required="true" class="control-label">有效天数:</label>
<input type="number" name="validity" value="3650" class="form-control" required/>
</div>
<div class="form-group text-center">
<input type="submit" name="submit" value="生成自签名证书" class="btn btn-success btn-block"/>
</div>
<div class="form-group row" id="result" style="display:none;">
<div class="col-md-6">
<label class="control-label">SSL证书:</label>
<textarea class="form-control" name="ssl_cert" rows="5" onclick="copy(this)" title="点击复制"></textarea>
</div>
<div class="col-md-6">
<label class="control-label">SSL证书私钥:</label>
<textarea class="form-control" name="ssl_key" rows="5" onclick="copy(this)" title="点击复制"></textarea>
</div>
</div>
</form>
{else}
<div class="alert alert-danger" role="alert">你还没有生成CA证书,无法生成SSL证书!</div>
<div class="alert alert-info" style="word-break:break-all;">执行以下命令,生成自签名CA证书。然后,可通过接口或当前页面生成SSL证书,用于面板访问。</div>
<div class="list-group-item" style="word-break:break-all;">cd {:app()->getRootPath()}app/script && chmod +x cacert.sh && ./cacert.sh</div><br/>
{/if}
</div>
</div>
<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
<script>
function makeSSL(obj){
var ii = layer.load(2, {shade:[0.1,'#fff']});
$.ajax({
type : 'POST',
url : '/admin/ssl',
data : $(obj).serialize(),
dataType : 'json',
success : function(data) {
layer.close(ii);
if(data.code == 0){
$("textarea[name='ssl_cert']").val(data.cert);
$("textarea[name='ssl_key']").val(data.key);
$("#result").show();
layer.msg('SSL证书生成成功', {icon:1, time:800});
}else{
layer.alert(data.msg, {icon: 2})
}
},
error:function(data){
layer.close(ii);
layer.msg('服务器错误');
}
});
return false;
}
function copy(obj){
if($(obj).val() == '') return;
$(obj).select();
document.execCommand("Copy");
layer.msg('复制成功', {icon:1, time:500});
}
</script>
{/block}

118
app/view/dispatch_jump.html

@ -1,60 +1,60 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>温馨提示</title>
<meta name="viewport" content="initial-scale=1, maximum-scale=1, user-scalable=no, width=device-width">
<meta name="renderer" content="webkit"/>
<style type="text/css">
*{box-sizing:border-box;margin:0;padding:0;font-family:Lantinghei SC,Open Sans,Arial,Hiragino Sans GB,Microsoft YaHei,"微软雅黑",STHeiti,WenQuanYi Micro Hei,SimSun,sans-serif;-webkit-font-smoothing:antialiased}
body{padding:70px 0;background:#edf1f4;font-weight:400;font-size:1pc;-webkit-text-size-adjust:none;color:#333}
a{outline:0;color:#3498db;text-decoration:none;cursor:pointer}
.system-message{margin:20px 5%;padding:40px 20px;background:#fff;box-shadow:1px 1px 1px hsla(0,0%,39%,.1);text-align:center}
.system-message h1{margin:0;margin-bottom:9pt;color:#444;font-weight:400;font-size:40px}
.system-message .jump,.system-message .image{margin:20px 0;padding:0;padding:10px 0;font-weight:400}
.system-message .jump{font-size:14px}
.system-message .jump a{color:#333}
.system-message p{font-size:9pt;line-height:20px}
.system-message .btn{display:inline-block;margin-right:10px;width:138px;height:2pc;border:1px solid #44a0e8;border-radius:30px;color:#44a0e8;text-align:center;font-size:1pc;line-height:2pc;margin-bottom:5px;}
.success .btn{border-color:#69bf4e;color:#69bf4e}
.error .btn{border-color:#ff8992;color:#ff8992}
.info .btn{border-color:#3498db;color:#3498db}
.copyright p{width:100%;color:#919191;text-align:center;font-size:10px}
.system-message .btn-grey{border-color:#bbb;color:#bbb}
.clearfix:after{clear:both;display:block;visibility:hidden;height:0;content:"."}
@media (max-width:768px){body {padding:20px 0;}}
@media (max-width:480px){.system-message h1{font-size:30px;}}
</style>
</head>
<body>
<div class="system-message {$code}">
<div class="image">
<img src="/static/images/{$code}.svg" alt="" width="150" />
</div>
<h1>{$msg}</h1>
{if $url}
<p class="jump">
页面将在 <span id="wait">{$wait}</span> 秒后自动跳转
</p>
{/if}
<p class="clearfix">
<a href="javascript:history.go(-1);" class="btn btn-grey">返回上一页</a>
{if $url}
<a href="{$url}" class="btn btn-primary">立即跳转</a>
{/if}
</p>
</div>
<script type="text/javascript">
(function () {
var wait = document.getElementById('wait');
var interval = setInterval(function () {
var time = --wait.innerHTML;
if (time <= 0) {
location.href = "{$url}";
clearInterval(interval);
}
}, 1000);
})();
</script>
</body>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>温馨提示</title>
<meta name="viewport" content="initial-scale=1, maximum-scale=1, user-scalable=no, width=device-width">
<meta name="renderer" content="webkit"/>
<style type="text/css">
*{box-sizing:border-box;margin:0;padding:0;font-family:Lantinghei SC,Open Sans,Arial,Hiragino Sans GB,Microsoft YaHei,"微软雅黑",STHeiti,WenQuanYi Micro Hei,SimSun,sans-serif;-webkit-font-smoothing:antialiased}
body{padding:70px 0;background:#edf1f4;font-weight:400;font-size:1pc;-webkit-text-size-adjust:none;color:#333}
a{outline:0;color:#3498db;text-decoration:none;cursor:pointer}
.system-message{margin:20px 5%;padding:40px 20px;background:#fff;box-shadow:1px 1px 1px hsla(0,0%,39%,.1);text-align:center}
.system-message h1{margin:0;margin-bottom:9pt;color:#444;font-weight:400;font-size:40px}
.system-message .jump,.system-message .image{margin:20px 0;padding:0;padding:10px 0;font-weight:400}
.system-message .jump{font-size:14px}
.system-message .jump a{color:#333}
.system-message p{font-size:9pt;line-height:20px}
.system-message .btn{display:inline-block;margin-right:10px;width:138px;height:2pc;border:1px solid #44a0e8;border-radius:30px;color:#44a0e8;text-align:center;font-size:1pc;line-height:2pc;margin-bottom:5px;}
.success .btn{border-color:#69bf4e;color:#69bf4e}
.error .btn{border-color:#ff8992;color:#ff8992}
.info .btn{border-color:#3498db;color:#3498db}
.copyright p{width:100%;color:#919191;text-align:center;font-size:10px}
.system-message .btn-grey{border-color:#bbb;color:#bbb}
.clearfix:after{clear:both;display:block;visibility:hidden;height:0;content:"."}
@media (max-width:768px){body {padding:20px 0;}}
@media (max-width:480px){.system-message h1{font-size:30px;}}
</style>
</head>
<body>
<div class="system-message {$code}">
<div class="image">
<img src="/static/images/{$code}.svg" alt="" width="150" />
</div>
<h1>{$msg}</h1>
{if $url}
<p class="jump">
页面将在 <span id="wait">{$wait}</span> 秒后自动跳转
</p>
{/if}
<p class="clearfix">
<a href="javascript:history.go(-1);" class="btn btn-grey">返回上一页</a>
{if $url}
<a href="{$url}" class="btn btn-primary">立即跳转</a>
{/if}
</p>
</div>
<script type="text/javascript">
(function () {
var wait = document.getElementById('wait');
var interval = setInterval(function () {
var time = --wait.innerHTML;
if (time <= 0) {
location.href = "{$url}";
clearInterval(interval);
}
}, 1000);
})();
</script>
</body>
</html> </html>

6
app/view/index/download.html

@ -193,10 +193,10 @@
</div> </div>
</div> </div>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/jquery.min.js" type="text/javascript" charset="utf-8"></script>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js" type="text/javascript" charset="utf-8"></script>
<script src="{$cdnpublic}jquery/3.6.0/jquery.min.js" type="text/javascript" charset="utf-8"></script>
<script src="{$cdnpublic}layer/3.5.1/layer.js" type="text/javascript" charset="utf-8"></script>
<script type="text/javascript" src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/clipboard.js/1.7.1/clipboard.min.js"></script>
<script type="text/javascript" src="{$cdnpublic}clipboard.js/1.7.1/clipboard.min.js"></script>
<script type="text/javascript" src="/static/js/dx.js"></script> <script type="text/javascript" src="/static/js/dx.js"></script>
<script> <script>
$(function () { $(function () {

2
app/view/install/index.html

@ -217,7 +217,7 @@
</form> </form>
</div> </div>
</div> </div>
<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/2.1.4/jquery.min.js"></script>
<script src="{$cdnpublic}jquery/2.1.4/jquery.min.js"></script>
<script> <script>
$(function () { $(function () {
$('form').on('submit', function (e) { $('form').on('submit', function (e) {

12
install.sql

@ -12,15 +12,15 @@ INSERT INTO `cloud_config` (`key`, `value`) VALUES
('bt_key', ''), ('bt_key', ''),
('whitelist', '0'), ('whitelist', '0'),
('download_page', '1'), ('download_page', '1'),
('new_version', '8.0.5'),
('new_version', '9.1.0'),
('update_msg', '暂无更新日志'), ('update_msg', '暂无更新日志'),
('update_date', '2024-01-12'),
('new_version_win', '7.9.0'),
('update_date', '2024-07-15'),
('new_version_win', '8.1.0'),
('update_msg_win', '暂无更新日志'), ('update_msg_win', '暂无更新日志'),
('update_date_win', '2023-07-20'),
('new_version_btm', '2.2.9'),
('update_date_win', '2024-07-17'),
('new_version_btm', '2.3.0'),
('update_msg_btm', '暂无更新日志'), ('update_msg_btm', '暂无更新日志'),
('update_date_btm', '2023-08-11'),
('update_date_btm', '2024-04-24'),
('updateall_type', '0'), ('updateall_type', '0'),
('syskey', 'UqP94LtI8eWAIgCP'); ('syskey', 'UqP94LtI8eWAIgCP');

7
route/app.php

@ -12,7 +12,7 @@ Route::post('/down/download_plugin', 'api/download_plugin');
Route::post('/down/download_plugin_main', 'api/download_plugin_main'); Route::post('/down/download_plugin_main', 'api/download_plugin_main');
Route::post('/panel/get_soft_list_status', 'api/return_success'); Route::post('/panel/get_soft_list_status', 'api/return_success');
Route::post('/panel/get_unbinding', 'api/return_success'); Route::post('/panel/get_unbinding', 'api/return_success');
Route::post('/bt_cert', 'api/return_error');
Route::post('/bt_cert', 'api/bt_cert');
Route::post('/Auth/GetAuthToken', 'api/get_auth_token'); Route::post('/Auth/GetAuthToken', 'api/get_auth_token');
Route::post('/Auth/GetBindCode', 'api/return_error'); Route::post('/Auth/GetBindCode', 'api/return_error');
Route::any('/bt_monitor/update_history', 'api/btm_update_history'); Route::any('/bt_monitor/update_history', 'api/btm_update_history');
@ -119,6 +119,10 @@ Route::group('api', function () {
Route::post('/bt_waf/reportInterceptFail', 'api/return_empty'); Route::post('/bt_waf/reportInterceptFail', 'api/return_empty');
Route::any('/panel/get_spider', 'api/get_spider'); Route::any('/panel/get_spider', 'api/get_spider');
Route::post('/Auth/GetSocre', 'api/get_ssl_list');
Route::post('/Auth/SetSocre', 'api/get_ssl_list');
Route::post('/Auth/SubmitScore', 'api/get_ssl_list');
Route::miss('api/return_error'); Route::miss('api/return_error');
}); });
@ -146,6 +150,7 @@ Route::group('admin', function () {
Route::get('/deplist', 'admin/deplist'); Route::get('/deplist', 'admin/deplist');
Route::get('/refresh_deplist', 'admin/refresh_deplist'); Route::get('/refresh_deplist', 'admin/refresh_deplist');
Route::get('/cleancache', 'admin/cleancache'); Route::get('/cleancache', 'admin/cleancache');
Route::any('/ssl', 'admin/ssl');
})->middleware(\app\middleware\CheckAdmin::class); })->middleware(\app\middleware\CheckAdmin::class);

Loading…
Cancel
Save