From 98cc8da28549bae866a6e20ab1facdbe1ceb1e3b Mon Sep 17 00:00:00 2001
From: xiaochong0302 <xiaochong0302@gmail.com>
Date: Mon, 2 Dec 2024 17:14:31 +0800
Subject: [PATCH] =?UTF-8?q?1.=E7=B2=BE=E7=AE=80AccountSearchTrait=202.?=
 =?UTF-8?q?=E4=BC=98=E5=8C=96CsrfToken=203.=E4=BC=98=E5=8C=96kg=5Fsetting?=
 =?UTF-8?q?=204.=E4=BF=AE=E6=AD=A3CommentInfo?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Services/Traits/AccountSearchTrait.php    | 37 +++++++++----------
 app/Http/Home/Controllers/Controller.php      |  3 +-
 app/Library/CsrfToken.php                     |  2 +-
 app/Library/Helper.php                        |  7 +++-
 app/Repos/Chapter.php                         |  4 ++
 app/Services/Auth/Admin.php                   |  2 +
 app/Services/Auth/Home.php                    |  2 +
 app/Services/Logic/Comment/CommentInfo.php    |  6 +--
 app/Validators/Security.php                   |  4 +-
 9 files changed, 39 insertions(+), 28 deletions(-)

diff --git a/app/Http/Admin/Services/Traits/AccountSearchTrait.php b/app/Http/Admin/Services/Traits/AccountSearchTrait.php
index 3f393083..86a8382d 100644
--- a/app/Http/Admin/Services/Traits/AccountSearchTrait.php
+++ b/app/Http/Admin/Services/Traits/AccountSearchTrait.php
@@ -15,31 +15,28 @@ trait AccountSearchTrait
 
     protected function handleAccountSearchParams($params)
     {
+        $key = null;
+
+        if (isset($params['user_id'])) {
+            $key = 'user_id';
+        } elseif (isset($params['owner_id'])) {
+            $key = 'owner_id';
+        }
+
+        if ($key == null) return $params;
+
         $accountRepo = new AccountRepo();
 
         /**
          * 兼容用户编号｜手机号码｜邮箱地址查询
          */
-        if (!empty($params['user_id'])) {
-            if (CommonValidator::phone($params['user_id'])) {
-                $account = $accountRepo->findByPhone($params['user_id']);
-                $params['user_id'] = $account ? $account->id : -1000;
-            } elseif (CommonValidator::email($params['user_id'])) {
-                $account = $accountRepo->findByEmail($params['user_id']);
-                $params['user_id'] = $account ? $account->id : -1000;
-            }
-        }
-
-        /**
-         * 兼容用户编号｜手机号码｜邮箱地址查询
-         */
-        if (!empty($params['owner_id'])) {
-            if (CommonValidator::phone($params['owner_id'])) {
-                $account = $accountRepo->findByPhone($params['owner_id']);
-                $params['owner_id'] = $account ? $account->id : -1000;
-            } elseif (CommonValidator::email($params['owner_id'])) {
-                $account = $accountRepo->findByEmail($params['owner_id']);
-                $params['owner_id'] = $account ? $account->id : -1000;
+        if (!empty($params[$key])) {
+            if (CommonValidator::phone($params[$key])) {
+                $account = $accountRepo->findByPhone($params[$key]);
+                $params[$key] = $account ? $account->id : -1000;
+            } elseif (CommonValidator::email($params[$key])) {
+                $account = $accountRepo->findByEmail($params[$key]);
+                $params[$key] = $account ? $account->id : -1000;
             }
         }
 
diff --git a/app/Http/Home/Controllers/Controller.php b/app/Http/Home/Controllers/Controller.php
index fb73c7cc..8ceeeb3f 100644
--- a/app/Http/Home/Controllers/Controller.php
+++ b/app/Http/Home/Controllers/Controller.php
@@ -15,6 +15,7 @@ use App\Services\Auth\Home as HomeAuth;
 use App\Services\Service as AppService;
 use App\Traits\Response as ResponseTrait;
 use App\Traits\Security as SecurityTrait;
+use Phalcon\Config;
 use Phalcon\Mvc\Dispatcher;
 
 class Controller extends \Phalcon\Mvc\Controller
@@ -46,7 +47,7 @@ class Controller extends \Phalcon\Mvc\Controller
     protected $contactInfo;
 
     /**
-     * @var array
+     * @var Config
      */
     protected $websocketInfo;
 
diff --git a/app/Library/CsrfToken.php b/app/Library/CsrfToken.php
index e5ba0e95..fe09c600 100644
--- a/app/Library/CsrfToken.php
+++ b/app/Library/CsrfToken.php
@@ -36,7 +36,7 @@ class CsrfToken
         $content = [
             $this->getExpiredTime(),
             $this->fixed,
-            Text::random(8),
+            Text::random(Text::RANDOM_ALNUM, 8),
         ];
 
         $text = implode($this->delimiter, $content);
diff --git a/app/Library/Helper.php b/app/Library/Helper.php
index 62795846..6718aed4 100644
--- a/app/Library/Helper.php
+++ b/app/Library/Helper.php
@@ -190,9 +190,10 @@ function kg_site_url()
  *
  * @param string $section
  * @param string $key
+ * @param mixed $defaultValue
  * @return mixed
  */
-function kg_setting($section, $key = null)
+function kg_setting($section, $key = null, $defaultValue = null)
 {
     $cache = new SettingCache();
 
@@ -200,7 +201,9 @@ function kg_setting($section, $key = null)
 
     if (!$key) return $settings;
 
-    return $settings[$key] ?? null;
+    if (isset($settings[$key])) return $settings[$key];
+
+    return $defaultValue;
 }
 
 /**
diff --git a/app/Repos/Chapter.php b/app/Repos/Chapter.php
index 144f8f6e..a672b89d 100644
--- a/app/Repos/Chapter.php
+++ b/app/Repos/Chapter.php
@@ -40,6 +40,10 @@ class Chapter extends Repository
             $query->andWhere('course_id = :course_id:', ['course_id' => $where['course_id']]);
         }
 
+        if (isset($where['model'])) {
+            $query->andWhere('model = :model:', ['model' => $where['model']]);
+        }
+
         if (isset($where['published'])) {
             $query->andWhere('published = :published:', ['published' => $where['published']]);
         }
diff --git a/app/Services/Auth/Admin.php b/app/Services/Auth/Admin.php
index 6eeffc01..46937572 100644
--- a/app/Services/Auth/Admin.php
+++ b/app/Services/Auth/Admin.php
@@ -33,6 +33,8 @@ class Admin extends AuthService
         ];
 
         $this->session->set($authKey, $authInfo);
+
+        return $authInfo;
     }
 
     public function clearAuthInfo()
diff --git a/app/Services/Auth/Home.php b/app/Services/Auth/Home.php
index a5a92a34..6fe16715 100644
--- a/app/Services/Auth/Home.php
+++ b/app/Services/Auth/Home.php
@@ -36,6 +36,8 @@ class Home extends AuthService
         ];
 
         $this->session->set($authKey, $authInfo);
+
+        return $authInfo;
     }
 
     public function clearAuthInfo()
diff --git a/app/Services/Logic/Comment/CommentInfo.php b/app/Services/Logic/Comment/CommentInfo.php
index 04f873a6..0101b33f 100644
--- a/app/Services/Logic/Comment/CommentInfo.php
+++ b/app/Services/Logic/Comment/CommentInfo.php
@@ -9,7 +9,7 @@ namespace App\Services\Logic\Comment;
 
 use App\Models\Comment as CommentModel;
 use App\Models\User as UserModel;
-use App\Repos\AnswerLike as AnswerLikeRepo;
+use App\Repos\CommentLike as CommentLikeRepo;
 use App\Services\Logic\CommentTrait;
 use App\Services\Logic\Service as LogicService;
 use App\Services\Logic\User\ShallowUserInfo;
@@ -84,9 +84,9 @@ class CommentInfo extends LogicService
 
             $me['logged'] = 1;
 
-            $likeRepo = new AnswerLikeRepo();
+            $likeRepo = new CommentLikeRepo();
 
-            $like = $likeRepo->findAnswerLike($comment->id, $user->id);
+            $like = $likeRepo->findCommentLike($comment->id, $user->id);
 
             if ($like && $like->deleted == 0) {
                 $me['liked'] = 1;
diff --git a/app/Validators/Security.php b/app/Validators/Security.php
index f93db36b..411077db 100644
--- a/app/Validators/Security.php
+++ b/app/Validators/Security.php
@@ -22,7 +22,7 @@ class Security extends Validator
         $postToken = $this->request->getPost('csrf_token');
 
         if (in_array($route->getName(), $this->getCsrfWhitelist())) {
-            return;
+            return true;
         }
 
         $service = new CsrfTokenService();
@@ -38,6 +38,8 @@ class Security extends Validator
         if (!$result) {
             throw new BadRequestException('security.invalid_csrf_token');
         }
+
+        return true;
     }
 
     public function checkHttpReferer()