From 3eb2216dac5377bcfbd4f145d384a81cb860bbbe Mon Sep 17 00:00:00 2001
From: koogua <xiaochong0302@gmail.com>
Date: Thu, 10 Dec 2020 15:52:34 +0800
Subject: [PATCH] =?UTF-8?q?!47=20v1.2.1=E9=98=B6=E6=AE=B5=E6=80=A7?=
 =?UTF-8?q?=E5=90=88=E5=B9=B6=20*=20Merge=20branch=20'master'=20of=20gitee?=
 =?UTF-8?q?.com:koogua/course-tencent-cloud=20into=20develop=20*=20Merge?=
 =?UTF-8?q?=20branch=20'demo'=20of=20gitee.com:koogua/course-tencent-cloud?=
 =?UTF-8?q?=20into=20develop=20*=20Merge=20remote-tracking=20branch=20'git?=
 =?UTF-8?q?hub/develop'=20into=20develop=20*=20Merge=20branch=20'develop'?=
 =?UTF-8?q?=20of=20https://gitee.com/koogua/course-tencent-clou=E2=80=A6?=
 =?UTF-8?q?=20*=20=E6=9B=B4=E6=94=B9QQ=E7=99=BB=E5=BD=95=E8=8E=B7=E5=8F=96?=
 =?UTF-8?q?ACCESS=5FTOKEN=E7=9A=84=E8=AF=B7=E6=B1=82=E6=96=B9=E5=BC=8F=20*?=
 =?UTF-8?q?=20Merge=20branch=20'master'=20into=20develop=20*=20Merge=20bra?=
 =?UTF-8?q?nch=20'master'=20of=20gitee.com:koogua/course-tencent-cloud=20i?=
 =?UTF-8?q?nto=20develop=20*=20!44=20v1.2.1=E9=98=B6=E6=AE=B5=E6=80=A7?=
 =?UTF-8?q?=E5=90=88=E5=B9=B6=20*=20=E4=BC=98=E5=8C=96=E5=BC=80=E5=8F=91?=
 =?UTF-8?q?=E7=99=BB=E5=BD=95=E9=80=BB=E8=BE=91=20*=20v1.2.1=E9=98=B6?=
 =?UTF-8?q?=E6=AE=B5=E6=80=A7=E5=90=88=E5=B9=B6=20(#13)=20*=20!43=20v1.2.0?=
 =?UTF-8?q?=E9=98=B6=E6=AE=B5=E6=80=A7=E5=90=88=E5=B9=B6=20*=20Merge=20bra?=
 =?UTF-8?q?nches=20'develop'=20and=20'master'=20of=20https://gitee.com/koo?=
 =?UTF-8?q?gua/cour=E2=80=A6=20*=20=E4=BC=98=E5=8C=96=E5=BC=80=E5=8F=91?=
 =?UTF-8?q?=E7=99=BB=E5=BD=95=EF=BC=8C=E8=AE=A1=E5=88=92=E4=BB=BB=E5=8A=A1?=
 =?UTF-8?q?=E6=89=A7=E8=A1=8C=E8=B7=AF=E5=BE=84=EF=BC=8C=E5=91=A8=E6=9C=9F?=
 =?UTF-8?q?=20*=20!41=20=E4=BF=AE=E5=A4=8D=E8=AF=BE=E7=A8=8B=E5=88=86?=
 =?UTF-8?q?=E7=B1=BB=E6=9C=AA=E8=BF=87=E6=BB=A42=20*=20!39=20=E4=BF=AE?=
 =?UTF-8?q?=E5=A4=8D=E8=AF=BE=E7=A8=8B=E5=88=86=E7=B1=BB=E6=9C=AA=E8=BF=87?=
 =?UTF-8?q?=E6=BB=A4=20*=20Merge=20branch=20'master'=20of=20https://gitee.?=
 =?UTF-8?q?com/koogua/course-tencent-cloud=20into=20demo=20*=20Merge=20bra?=
 =?UTF-8?q?nch=20'master'=20of=20https://gitee.com/koogua/course-tencent-c?=
 =?UTF-8?q?loud=E2=80=A6=20*=20Merge=20branch=20'develop'=20of=20https://g?=
 =?UTF-8?q?itee.com/koogua/course-tencent-clou=E2=80=A6=20*=20=E4=BC=98?=
 =?UTF-8?q?=E5=8C=96=E7=AC=AC=E4=B8=89=E6=96=B9=E7=99=BB=E5=BD=95=EF=BC=8C?=
 =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E6=B3=A8=E5=86=8C=E5=AF=86=E7=A0=81=E5=8A=A0?=
 =?UTF-8?q?=E5=AF=86=E9=97=AE=E9=A2=98=20*=20!33=20=E5=BC=80=E6=94=BE?=
 =?UTF-8?q?=E7=99=BB=E5=BD=95=E9=98=B6=E6=AE=B5=E6=80=A7=E5=90=88=E5=B9=B6?=
 =?UTF-8?q?=20*=20Merge=20branch=20'xiaochong0302/I280IZ'=20of=20https://g?=
 =?UTF-8?q?itee.com/koogua/course=E2=80=A6=20*=20Merge=20remote-tracking?=
 =?UTF-8?q?=20branch=20'gitee/xiaochong0302/I280IZ'=20into=20xiaocho?=
 =?UTF-8?q?=E2=80=A6=20*=20=E5=88=9D=E6=AD=A5=E5=AE=8C=E6=88=90=E5=BC=80?=
 =?UTF-8?q?=E6=94=BE=E7=99=BB=E5=BD=95=EF=BC=8C=E5=BE=85=E7=BA=BF=E4=B8=8A?=
 =?UTF-8?q?=E6=B5=8B=E8=AF=957=20*=20!31=20=E5=BC=80=E6=94=BE=E7=99=BB?=
 =?UTF-8?q?=E5=BD=95=E7=BA=BF=E4=B8=8A=E6=B5=8B=E8=AF=956=20*=20Merge=20br?=
 =?UTF-8?q?anch=20'demo'=20of=20gitee.com:koogua/course-tencent-cloud=20in?=
 =?UTF-8?q?to=20xiao=E2=80=A6=20*=20=E5=88=9D=E6=AD=A5=E5=AE=8C=E6=88=90?=
 =?UTF-8?q?=E5=BC=80=E6=94=BE=E7=99=BB=E5=BD=95=EF=BC=8C=E5=BE=85=E7=BA=BF?=
 =?UTF-8?q?=E4=B8=8A=E6=B5=8B=E8=AF=956=20*=20!30=20=E5=BC=80=E6=94=BE?=
 =?UTF-8?q?=E7=99=BB=E5=BD=95=E7=BA=BF=E4=B8=8A=E6=B5=8B=E8=AF=955=20*=20!?=
 =?UTF-8?q?29=20=E5=BC=80=E6=94=BE=E7=99=BB=E5=BD=95=E7=BA=BF=E4=B8=8A?=
 =?UTF-8?q?=E6=B5=8B=E8=AF=955=20*=20=E5=88=9D=E6=AD=A5=E5=AE=8C=E6=88=90?=
 =?UTF-8?q?=E5=BC=80=E6=94=BE=E7=99=BB=E5=BD=95=EF=BC=8C=E5=BE=85=E7=BA=BF?=
 =?UTF-8?q?=E4=B8=8A=E6=B5=8B=E8=AF=955=20*=20!28=20=E5=BC=80=E6=94=BE?=
 =?UTF-8?q?=E7=99=BB=E5=BD=95=E7=BA=BF=E4=B8=8A=E6=B5=8B=E8=AF=954=20*=20?=
 =?UTF-8?q?=E5=88=9D=E6=AD=A5=E5=AE=8C=E6=88=90=E5=BC=80=E6=94=BE=E7=99=BB?=
 =?UTF-8?q?=E5=BD=95=EF=BC=8C=E5=BE=85=E7=BA=BF=E4=B8=8A=E6=B5=8B=E8=AF=95?=
 =?UTF-8?q?4=20*=20!27=20=E5=BC=80=E6=94=BE=E7=99=BB=E5=BD=95=E7=BA=BF?=
 =?UTF-8?q?=E4=B8=8A=E6=B5=8B=E8=AF=953=20*=20=E5=88=9D=E6=AD=A5=E5=AE=8C?=
 =?UTF-8?q?=E6=88=90=E5=BC=80=E6=94=BE=E7=99=BB=E5=BD=95=EF=BC=8C=E5=BE=85?=
 =?UTF-8?q?=E7=BA=BF=E4=B8=8A=E6=B5=8B=E8=AF=953=20*=20!26=20=E5=BC=80?=
 =?UTF-8?q?=E6=94=BE=E7=99=BB=E5=BD=95=E7=BA=BF=E4=B8=8A=E6=B5=8B=E8=AF=95?=
 =?UTF-8?q?2=20*=20=E5=88=9D=E6=AD=A5=E5=AE=8C=E6=88=90=E5=BC=80=E6=94=BE?=
 =?UTF-8?q?=E7=99=BB=E5=BD=95=EF=BC=8C=E5=BE=85=E7=BA=BF=E4=B8=8A=E6=B5=8B?=
 =?UTF-8?q?=E8=AF=952=20*=20!25=20=E5=BC=80=E6=94=BE=E7=99=BB=E5=BD=95?=
 =?UTF-8?q?=E7=BA=BF=E4=B8=8A=E6=B5=8B=E8=AF=95=20*=20=E5=88=9D=E6=AD=A5?=
 =?UTF-8?q?=E5=AE=8C=E6=88=90=E5=BC=80=E6=94=BE=E7=99=BB=E5=BD=95=EF=BC=8C?=
 =?UTF-8?q?=E5=BE=85=E7=BA=BF=E4=B8=8A=E6=B5=8B=E8=AF=95=20*=20!24=20?=
 =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E6=B7=BB=E5=8A=A0=E8=AF=BE=E6=97=B6=E5=90=8E?=
 =?UTF-8?q?=E8=BF=9B=E5=85=A5=E7=BC=96=E8=BE=91=E9=A1=B5=E9=9D=A2500?=
 =?UTF-8?q?=E9=94=99=E8=AF=AF=20*=20!22=20=E9=AA=8C=E8=AF=81=E6=9B=B4?=
 =?UTF-8?q?=E6=96=B0h5=E6=94=AF=E4=BB=98=20*=20=E6=9B=B4=E6=96=B0H5?=
 =?UTF-8?q?=E6=94=AF=E4=BB=98=E6=96=B9=E5=BC=8F=20*=20Merge=20remote-track?=
 =?UTF-8?q?ing=20branch=20'remotes/gitee/develop'=20into=20demo=20*=20?=
 =?UTF-8?q?=E6=9B=B4=E6=96=B0H5=E6=94=AF=E4=BB=98=E6=96=B9=E5=BC=8F=20*=20?=
 =?UTF-8?q?!20=20=E9=AA=8C=E8=AF=81=E6=9B=B4=E6=96=B0h5=E6=94=AF=E4=BB=98?=
 =?UTF-8?q?=20*=20=E6=9B=B4=E6=96=B0H5=E6=94=AF=E4=BB=98=E6=96=B9=E5=BC=8F?=
 =?UTF-8?q?=20*=20v1.2.0=E9=98=B6=E6=AE=B5=E6=80=A7=E5=90=88=E5=B9=B6=20(#?=
 =?UTF-8?q?11)=20*=20Merge=20remote-tracking=20branch=20'remotes/gitee/mas?=
 =?UTF-8?q?ter'=20into=20develop=20*=20Merge=20pull=20request=20#10=20from?=
 =?UTF-8?q?=20xiaochong0302/develop=20*=20Merge=20branch=20'develop'=20of?=
 =?UTF-8?q?=20https://gitee.com/koogua/course-tencent-clou=E2=80=A6=20*=20?=
 =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E5=BE=AE=E4=BF=A1H5=E6=94=AF=E4=BB=98?=
 =?UTF-8?q?=E9=9C=80=E8=A6=81=E7=9A=84Referer=E5=A4=B4=E4=BF=A1=E6=81=AF?=
 =?UTF-8?q?=20*=20Merge=20pull=20request=20#8=20from=20xiaochong0302/devel?=
 =?UTF-8?q?op=20*=20!16=20v1.2.0=E9=98=B6=E6=AE=B5=E6=80=A7=E5=90=88?=
 =?UTF-8?q?=E5=B9=B6=20*=20=E5=88=A0=E9=99=A4=E8=B0=83=E8=AF=95=E6=96=AD?=
 =?UTF-8?q?=E7=82=B9=E4=BB=A3=E7=A0=81=20*=20=E5=88=A0=E9=99=A4=E9=87=8D?=
 =?UTF-8?q?=E5=A4=8D=E7=9A=84signature=E6=96=B9=E6=B3=95=20*=20Merge=20bra?=
 =?UTF-8?q?nch=20'develop'=20of=20https://gitee.com/koogua/course-tencent-?=
 =?UTF-8?q?clou=E2=80=A6=20*=20demo=E5=90=8E=E5=8F=B0=E5=A2=9E=E5=8A=A0?=
 =?UTF-8?q?=E7=BB=9F=E8=AE=A1=20*=20Merge=20pull=20request=20#5=20from=20x?=
 =?UTF-8?q?iaochong0302/develop=20*=20Merge=20pull=20request=20#3=20from?=
 =?UTF-8?q?=20xiaochong0302/develop=20*=20!5=20=E6=9B=B4=E6=96=B0=E7=89=88?=
 =?UTF-8?q?=E6=9C=AC=E5=8F=B71.1.0=20*=20!4=20v1.1.0=E7=89=88=E6=9C=ACdeve?=
 =?UTF-8?q?lop->demo=20*=20Merge=20branch=20'develop'=20into=20demo=20*=20?=
 =?UTF-8?q?1.=E5=A2=9E=E5=8A=A0changelog.md=20*=20Merge=20branch=20'develo?=
 =?UTF-8?q?p'=20into=20demo=20*=20Merge=20branch=20'develop'=20into=20demo?=
 =?UTF-8?q?=20*=20Merge=20branch=20'develop'=20into=20demo=20*=20!1=20?=
 =?UTF-8?q?=E7=B2=BE=E7=AE=80=E4=BC=98=E5=8C=96=E4=BB=A3=E7=A0=81=20*=20Me?=
 =?UTF-8?q?rge=20branch=20'develop'=20into=20demo=20*=20=E5=90=88=E5=B9=B6?=
 =?UTF-8?q?=E4=BF=AE=E6=94=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/Http/Admin/Controllers/Controller.php       | 11 +++++++++++
 app/Http/Admin/Services/Setting.php             |  8 ++++++++
 app/Http/Admin/Views/templates/main.volt        |  6 ++++++
 app/Http/Home/Controllers/ConnectController.php |  8 +++++---
 app/Services/OAuth/QQ.php                       |  2 +-
 5 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/app/Http/Admin/Controllers/Controller.php b/app/Http/Admin/Controllers/Controller.php
index 058bfa77..25899d50 100644
--- a/app/Http/Admin/Controllers/Controller.php
+++ b/app/Http/Admin/Controllers/Controller.php
@@ -21,6 +21,17 @@ class Controller extends \Phalcon\Mvc\Controller
 
     public function beforeExecuteRoute(Dispatcher $dispatcher)
     {
+        /**
+         * demo分支拒绝数据提交
+         */
+        if ($this->isNotSafeRequest()) {
+            $dispatcher->forward([
+                'controller' => 'public',
+                'action' => 'forbidden',
+            ]);
+            return false;
+        }
+
         if ($this->isNotSafeRequest()) {
             $this->checkHttpReferer();
             $this->checkCsrfToken();
diff --git a/app/Http/Admin/Services/Setting.php b/app/Http/Admin/Services/Setting.php
index 3d2130fd..d6d46164 100644
--- a/app/Http/Admin/Services/Setting.php
+++ b/app/Http/Admin/Services/Setting.php
@@ -87,8 +87,16 @@ class Setting extends Service
 
         $result = [];
 
+        /**
+         * demo分支过滤敏感数据
+         */
         if ($items->count() > 0) {
             foreach ($items as $item) {
+                $case1 = preg_match('/(id|auth|key|secret|password|pwd)$/', $item->item_key);
+                $case2 = $this->dispatcher->getControllerName() == 'setting';
+                if ($case1 && $case2) {
+                    $item->item_value = '***';
+                }
                 $result[$item->item_key] = $item->item_value;
             }
         }
diff --git a/app/Http/Admin/Views/templates/main.volt b/app/Http/Admin/Views/templates/main.volt
index 6b70ff60..8803b2a0 100644
--- a/app/Http/Admin/Views/templates/main.volt
+++ b/app/Http/Admin/Views/templates/main.volt
@@ -23,5 +23,11 @@
 {% block include_js %}{% endblock %}
 {% block inline_js %}{% endblock %}
 
+{% set site = setting('site') %}
+
+{% if site['analytics_enabled'] == 1 %}
+    {{ site['analytics_script'] }}
+{% endif %}
+
 </body>
 </html>
\ No newline at end of file
diff --git a/app/Http/Home/Controllers/ConnectController.php b/app/Http/Home/Controllers/ConnectController.php
index 10c11e4c..708e3e81 100644
--- a/app/Http/Home/Controllers/ConnectController.php
+++ b/app/Http/Home/Controllers/ConnectController.php
@@ -117,11 +117,13 @@ class ConnectController extends Controller
         $openUser = $service->getOpenUserInfo($code, $state, $provider);
         $connect = $service->getConnectRelation($openUser['id'], $openUser['provider']);
 
-        if ($connect) {
-            if ($this->authUser->id > 0) {
+        if ($this->authUser->id > 0) {
+            if ($openUser) {
                 $service->bindUser($openUser);
                 return $this->response->redirect(['for' => 'home.uc.account']);
-            } else {
+            }
+        } else {
+            if ($connect && $connect->deleted == 0) {
                 $service->authLogin($connect);
                 return $this->response->redirect(['for' => 'home.index']);
             }
diff --git a/app/Services/OAuth/QQ.php b/app/Services/OAuth/QQ.php
index 2c59f144..4e2ba114 100644
--- a/app/Services/OAuth/QQ.php
+++ b/app/Services/OAuth/QQ.php
@@ -36,7 +36,7 @@ class QQ extends OAuth
             'grant_type' => 'authorization_code',
         ];
 
-        $response = $this->httpPost(self::ACCESS_TOKEN_URL, $params);
+        $response = $this->httpGet(self::ACCESS_TOKEN_URL, $params);
 
         $this->accessToken = $this->parseAccessToken($response);