!47 v1.2.1阶段性合并

* Merge branch 'master' of gitee.com:koogua/course-tencent-cloud into develop * Merge branch 'demo' of gitee.com:koogua/course-tencent-cloud into develop * Merge remote-tracking branch 'github/develop' into develop * Merge branch 'develop' of https://gitee.com/koogua/course-tencent-clou… * 更改QQ登录获取ACCESS_TOKEN的请求方式 * Merge branch 'master' into develop * Merge branch 'master' of gitee.com:koogua/course-tencent-cloud into develop * !44 v1.2.1阶段性合并 * 优化开发登录逻辑 * v1.2.1阶段性合并 (#13) * !43 v1.2.0阶段性合并 * Merge branches 'develop' and 'master' of https://gitee.com/koogua/cour… * 优化开发登录，计划任务执行路径，周期 * !41 修复课程分类未过滤2 * !39 修复课程分类未过滤 * Merge branch 'master' of https://gitee.com/koogua/course-tencent-cloud into demo * Merge branch 'master' of https://gitee.com/koogua/course-tencent-cloud… * Merge branch 'develop' of https://gitee.com/koogua/course-tencent-clou… * 优化第三方登录，修复注册密码加密问题 * !33 开放登录阶段性合并 * Merge branch 'xiaochong0302/I280IZ' of https://gitee.com/koogua/course… * Merge remote-tracking branch 'gitee/xiaochong0302/I280IZ' into xiaocho… * 初步完成开放登录，待线上测试7 * !31 开放登录线上测试6 * Merge branch 'demo' of gitee.com:koogua/course-tencent-cloud into xiao… * 初步完成开放登录，待线上测试6 * !30 开放登录线上测试5 * !29 开放登录线上测试5 * 初步完成开放登录，待线上测试5 * !28 开放登录线上测试4 * 初步完成开放登录，待线上测试4 * !27 开放登录线上测试3 * 初步完成开放登录，待线上测试3 * !26 开放登录线上测试2 * 初步完成开放登录，待线上测试2 * !25 开放登录线上测试 * 初步完成开放登录，待线上测试 * !24 修复添加课时后进入编辑页面500错误 * !22 验证更新h5支付 * 更新H5支付方式 * Merge remote-tracking branch 'remotes/gitee/develop' into demo * 更新H5支付方式 * !20 验证更新h5支付 * 更新H5支付方式 * v1.2.0阶段性合并 (#11) * Merge remote-tracking branch 'remotes/gitee/master' into develop * Merge pull request #10 from xiaochong0302/develop * Merge branch 'develop' of https://gitee.com/koogua/course-tencent-clou… * 增加微信H5支付需要的Referer头信息 * Merge pull request #8 from xiaochong0302/develop * !16 v1.2.0阶段性合并 * 删除调试断点代码 * 删除重复的signature方法 * Merge branch 'develop' of https://gitee.com/koogua/course-tencent-clou… * demo后台增加统计 * Merge pull request #5 from xiaochong0302/develop * Merge pull request #3 from xiaochong0302/develop * !5 更新版本号1.1.0 * !4 v1.1.0版本develop->demo * Merge branch 'develop' into demo * 1.增加changelog.md * Merge branch 'develop' into demo * Merge branch 'develop' into demo * Merge branch 'develop' into demo * !1 精简优化代码 * Merge branch 'develop' into demo * 合并修改
2025-06-25 04:07:17 +08:00 · 2020-12-10 15:52:34 +08:00 · 2020-12-10 15:52:34 +08:00 · 3eb2216dac
commit 3eb2216dac
parent 76b0d2b706
5 changed files with 31 additions and 4 deletions
--- a/app/Http/Admin/Controllers/Controller.php
+++ b/app/Http/Admin/Controllers/Controller.php
@ -21,6 +21,17 @@ class Controller extends \Phalcon\Mvc\Controller

    public function beforeExecuteRoute(Dispatcher $dispatcher)
    {
+        /**
+         * demo分支拒绝数据提交
+         */
+        if ($this->isNotSafeRequest()) {
+            $dispatcher->forward([
+                'controller' => 'public',
+                'action' => 'forbidden',
+            ]);
+            return false;
+        }
+
        if ($this->isNotSafeRequest()) {
            $this->checkHttpReferer();
            $this->checkCsrfToken();
--- a/app/Http/Admin/Services/Setting.php
+++ b/app/Http/Admin/Services/Setting.php
@ -87,8 +87,16 @@ class Setting extends Service

        $result = [];

+        /**
+         * demo分支过滤敏感数据
+         */
        if ($items->count() > 0) {
            foreach ($items as $item) {
+                $case1 = preg_match('/(id|auth|key|secret|password|pwd)$/', $item->item_key);
+                $case2 = $this->dispatcher->getControllerName() == 'setting';
+                if ($case1 && $case2) {
+                    $item->item_value = '***';
+                }
                $result[$item->item_key] = $item->item_value;
            }
        }
--- a/app/Http/Admin/Views/templates/main.volt
+++ b/app/Http/Admin/Views/templates/main.volt
@ -23,5 +23,11 @@
 {% block include_js %}{% endblock %}
 {% block inline_js %}{% endblock %}

+{% set site = setting('site') %}
+
+{% if site['analytics_enabled'] == 1 %}
+    {{ site['analytics_script'] }}
+{% endif %}
+
 </body>
 </html>
--- a/app/Http/Home/Controllers/ConnectController.php
+++ b/app/Http/Home/Controllers/ConnectController.php
@ -117,11 +117,13 @@ class ConnectController extends Controller
        $openUser = $service->getOpenUserInfo($code, $state, $provider);
        $connect = $service->getConnectRelation($openUser['id'], $openUser['provider']);

-        if ($connect) {
        if ($this->authUser->id > 0) {
+            if ($openUser) {
                $service->bindUser($openUser);
                return $this->response->redirect(['for' => 'home.uc.account']);
+            }
        } else {
+            if ($connect && $connect->deleted == 0) {
                $service->authLogin($connect);
                return $this->response->redirect(['for' => 'home.index']);
            }
--- a/app/Services/OAuth/QQ.php
+++ b/app/Services/OAuth/QQ.php
@ -36,7 +36,7 @@ class QQ extends OAuth
            'grant_type' => 'authorization_code',
        ];

-        $response = $this->httpPost(self::ACCESS_TOKEN_URL, $params);
+        $response = $this->httpGet(self::ACCESS_TOKEN_URL, $params);

        $this->accessToken = $this->parseAccessToken($response);