bozhihouc/SRCMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

SRCMS·轻响应 V1.7正式版

Browse Source 
修复
1. 前台验证码刷新无效问题
2. 前台用户在后台管理界面密码修改逻辑缺陷
3. 前台用户上传附件越权查看漏洞
新增:
1. 用户密码存储加盐
This commit is contained in:
Martin Zhou
2016-12-02 12:24:27 +08:00
parent 15356310a6
commit 3f830d2cee
58 changed files with 1359 additions and 243 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Application/Admin/Controller/LoginController.class.php
View File

@@ -49,9 +49,10 @@ class LoginController extends Controller {
//如果数据更新成功 跳转到后台主页
if($member->save($data)){
session('adminId',$user['id']);
session('username',$user['username']);
session('adminname',$user['username']);
//发送验证码邮件
import('ORG.Net.Mail');
//import('ORG.Net.Mail');
require "./././././ThinkPHP/Library/Org/Net/Mail.class.php";
$ip = get_client_ip();
$time = date("Y-m-d h:i:sa");
$con='您好,您的后台管理账户 '.$username.' 于 '.$time.' 被登录登录IP地址为 '.$ip.' 如果该操作非您本人操作,可能帐号信息已经被泄露,请您及时修改密码。 ';
@@ -78,7 +79,7 @@ class LoginController extends Controller {
public function logout(){
session('adminId',null);
session('username',null);
session('adminname',null);
redirect(U('Login/index'));
}
}

7
Application/Admin/Controller/MemberController.class.php
View File

@@ -78,6 +78,7 @@ class MemberController extends BaseController
}
if (IS_POST) {
$model = D("Member");
$user = M('member')->find(I('id'));
if (!$model->create()) {
$this->error($model->getError());
}else{
@@ -85,17 +86,17 @@ class MemberController extends BaseController
$data = I();
unset($data['password']);
if(I('password') != ""){
$data['password'] = md5(I('password'));
$data['password'] = md5(md5(md5($user['salt']).md5(I('password'))."SR")."CMS");
}
//强制更改超级管理员用户类型
if(C('SUPER_ADMIN_ID') == I('id')){
$data['type'] = 2;
$data['type'] = 1;
}
//更新
if ($model->save($data)) {
$this->success("用户信息更新成功", U('member/index'));
} else {
$this->error("未做任何修改,用户信息更新失败");
$this->error("用户信息更新失败");
}
}
}

46
Application/Admin/Controller/OrderController.class.php
View File

@@ -37,15 +37,57 @@ class OrderController extends BaseController
$this->display();
}
public function update()
{
$id = I('get.id',0,'intval');
//默认显示添加表单
if (!IS_POST) {
$model = M('order')->where('id='.$id)->find();
$this->assign('model',$model);
$this->display();
}
if (IS_POST) {
$model = D("order");
if (!$model->create()) {
$this->error($model->getError());
}else{
if ($model->save()) {
$this->success("更新成功", U('order/index'));
} else {
$this->error("更新失败");
}
}
}
}
public function delete()
{
$id = I('get.id',0,'intval');
$model = M('order');
$result = $model->where("user_id=".$id)->delete();
$result = $model->where("id=".$id)->delete();
if($result){
$this->success("删除成功", U('info/index'));
$this->success("删除成功", U('order/index'));
}else{
$this->error("删除失败");
}
}
/**
* 添加积分
* @param [type] $id [description]
* @return [type] [description]
*/
public function jifen()
{
$user_id = I('post.user_id',0,'intval');
$amount = I('post.amount',0,'intval');
$model = M('member');
$result = $model->where('id='.$user_id)->where('jifen>0')->setDec('jifen',$amount);
if($result){
$this->success("扣除积分成功", U('post/index'));
}else{
$this->error("扣除积分失败:余额不足");
}
}
}

1
Application/Admin/Controller/PostController.class.php
View File

@@ -125,7 +125,6 @@ class PostController extends BaseController
}
}
/**
* 生成session key
*/

2
Application/Admin/Model/MemberModel.class.php
View File

@@ -10,8 +10,6 @@ class MemberModel extends Model{
array('repassword','password','确认密码不正确',0,'confirm'), // 验证确认密码是否和密码一致
array('username','','用户名已存在!',0,'unique',self::MODEL_BOTH), // 在新增的时候验证name字段是否唯一
array('email','','邮箱已存在!',0,'unique',self::MODEL_BOTH), // 在新增的时候验证name字段是否唯一
array('staus',array(0,1),'请勿恶意修改字段',3,'in'), // 当值不为空的时候判断是否在一个范围内
array('type',array(1,2),'请勿恶意修改字段',3,'in'), // 当值不为空的时候判断是否在一个范围内
);
protected $_auto = array(

2
Application/Admin/Model/PostViewModel.class.php
View File

@@ -3,7 +3,7 @@ namespace Admin\Model;
use Think\Model\ViewModel;
class PostViewModel extends ViewModel {
public $viewFields = array(
'post'=>array('id','session','title','content','user_id','cate_id','time','type'),
'post'=>array('id','session','title','content','user_id','cate_id','time','type','visible'),
'category'=>array('name'=>'category_name','title'=>'category_title', '_on'=>'post.cate_id=category.id'),
'member'=>array('username', '_on'=>'post.user_id=member.id'),
);

8
Application/Admin/View/Check/view.html
View File

@@ -6,12 +6,12 @@
<title>安全工单</title>
<meta name="generator" content="Bootply" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href="/dev/Public/Home/css/bootstrap.min.css" rel="stylesheet">
<link href="/dev/Public/Home/index/carousel.css" rel="stylesheet">
<link href="__PUBLIC__/Home/css/bootstrap.min.css" rel="stylesheet">
<link href="__PUBLIC__/Home/index/carousel.css" rel="stylesheet">
<!--[if lt IE 9]>
<script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link href="/dev/Public/Home/css/styles.css" rel="stylesheet">
<link href="__PUBLIC__/Home/css/styles.css" rel="stylesheet">
</head>
<body>
@@ -25,7 +25,7 @@
<span class="yaheiicon-bar"></span>
</button>
<a class="yahei navbar-brand" href="/dev/index.php?m=&c=index&a=index"><strong>安全应急响应中心</strong>
<span class="yahei navbar-brand-subtitle">工单系统</span>
<span class="yahei navbar-brand-subtitle">安全工单</span>
</a>
</div>
<div class="navbar-collapse collapse" id="navbar">

26
Application/Admin/View/Index/index.html
View File

@@ -1,24 +1,40 @@
<include file="Public/header" title="后台主页" />
<include file="Public/header" title="应急响应中心后台主页" />
<div id="page-wrapper">
<div class="row">
<div class="col-lg-12">
<div class="alert alert-success alert-dismissable">
<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
<b><h2>您好!欢迎登陆应急响应中心后台</h2></b>
<span style="font-size:20px">您好!欢迎登陆应急响应中心管理后台</span>
<p>注意:请定期修改您的后台密码,保证安全性!</p>
<p>您可以进行以下操作:</p>
<!--<p>您可以进行以下操作:</p>
<ul>
<li>1.漏洞审核</li>
<li>2.博客更新</li>
<li>3.礼品库更新</li>
<li>3.用户管理</li>
</u/>
</u/>-->
<div class="clearfix"></div>
</div>
</div>
</div><!-- /.row -->
<div class="alert alert-success alert-dismissable">
<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
<p>
<span><strong>最新版本:</strong></span>
<span id="version"></span>
</p>
<p><span><strong>发布日期:</strong></span>
<span id="date"></span>
</p>
<p>
<span><strong>更新简介:</strong></span>
<span id="des"></span>
</p>
<p>
<a href="https://github.com/martinzhou2015">立即下载</a>
</p>
</div>
<div class="row">
<div class="col-lg-3">
<div class="panel panel-info">

4
Application/Admin/View/Order/index.html
View File

@@ -36,9 +36,9 @@
<td>{$v.tel}</td>
<td>{$v.zipcode}</td>
<td><if condition="$v.finish eq 0"><span class="label label-info">未处理</span>
<elseif condition="$v.finish eq 1" /><span class="label label-default">忽略</span>
<elseif condition="$v.finish eq 1" /><span class="label label-default">发货</span>
</if></td>
<td><a href="{:U('info/delete?id=')}{$v.user_id}" style="color:red;" onclick="javascript:return del('您真的确定要删除吗?\n\n删除后将不能恢复!');">删除</a></td>
<td><a href="{:U('order/update?id=')}{$v.id}" target="_Blank">查看</a> | <a href="{:U('order/delete?id=')}{$v.id}" style="color:red;" onclick="javascript:return del('您真的确定要删除吗?\n\n删除后将不能恢复!');">删除</a></td>
</tr>
</foreach>
</tbody>

18
Application/Admin/View/Order/jifen.html Normal file
View File

@@ -0,0 +1,18 @@
<include file="Public/header" title="积分变动" />
<div id="page-wrapper">
<form method="post" action="{:U('order/jifen')}">
<div class="form-group">
<label for="aa">用户名</label>
<label>{$model.gid}</label>
</div>
<div class="form-group">
<label for="bb">扣除积分</label>
<input type="text" name="amount" class="form-control" id="bb" value="" placeholder="填写真实姓名">
</div>
<div class="form-group">
<input type="hidden" name="id" value="{$model.id}">
<button type="submit" class="btn btn-default">更新</button>
</div>
</form>
</div>
<include file="Public/footer" />

66
Application/Admin/View/Order/update.html Normal file
View File

@@ -0,0 +1,66 @@
<include file="Public/header" title="订单详情" />
<div id="page-wrapper">
<form method="post" action="{:U('order/jifen')}">
<div class="form-group">
<label for="bb">目前积分: </label>
<label><foreach name="userM" item="v">{$v.jifen}</foreach></label>
</div>
<div class="form-group">
<label for="bb">扣除积分: </label>
<input type="text" name="amount" class="form-control" id="ee" value="" placeholder="填写扣除积分" value="100">
</div>
<input type="hidden" name="user_id" value="{$model.username}">
<div class="form-group">
<input type="hidden" name="id" value="{$model.id}">
<button type="submit" class="btn btn-default">执行</button>
</div>
</form>
</div>
<div id="page-wrapper">
<form method="post" action="{:U('order/update')}">
<div class="form-group">
<label for="aa">礼品名称</label>
<input type="text" name="gid" class="form-control" id="aa" value="{$model.gid}" placeholder="输入礼品名称">
</div>
<div class="form-group">
<label for="bb">真实姓名</label>
<input type="text" name="realname" class="form-control" id="bb" value="{$model.realname}" placeholder="填写真实姓名">
</div>
<div class="form-group">
<label for="cc">住址</label>
<input type="text" name="location" class="form-control" id="cc" value="{$model.location}" placeholder="填写住址" value="100">
</div>
<div class="form-group">
<label for="cc">联系方式</label>
<input type="text" name="tel" class="form-control" id="dd" value="{$model.tel}" placeholder="填写联系方式" value="100">
</div>
<div class="form-group">
<label for="cc">邮编</label>
<input type="text" name="zipcode" class="form-control" id="ee" value="{$model.zipcode}" placeholder="填写邮编" value="100">
</div>
<div class="form-group">
<label for="cc">支付宝帐号</label>
<input type="text" name="alipay" class="form-control" id="ee" value="{$model.alipay}" placeholder="填写扣除积分" value="100">
</div>
<div class="form-group">
<label>订单状态: </label>
<label class="radio-inline">
<input type="radio" name="finish" id="finish" value="0" <if condition="$post.day eq 0">checked="checked"</if> > 待处理
</label>
<label class="radio-inline">
<input type="radio" name="finish" id="finish" value="1" <if condition="$post.day eq 1">checked="checked"</if>> 已发货
</label>
<label class="radio-inline">
<input type="radio" name="finish" id="finish" value="0" <if condition="$post.day eq 2">checked="checked"</if> > 发货中
</label>
<label class="radio-inline">
<input type="radio" name="finish" id="finish" value="1" <if condition="$post.day eq 3">checked="checked"</if>> 已关闭
</label>
</div>
<div class="form-group">
<input type="hidden" name="id" value="{$model.id}">
<button type="submit" class="btn btn-default">更新</button>
</div>
</form>
</div>
<include file="Public/footer" />

2
Application/Admin/View/Post/index.html
View File

@@ -32,7 +32,7 @@
<foreach name="model" item="v">
<tr>
<td>{$v.id}</td>
<td>{$v.title}</td>
<td><a href="{:U('post/update?id=')}{$v.id}">{$v.title}</a></td>
<td>
<if condition="$v.type eq 1"><span class="label label-info">审核中</span>
<elseif condition="$v.type eq 2" /><span class="label label-default">已忽略</span>

6
Application/Admin/View/Post/update.html
View File

@@ -28,6 +28,12 @@
<div class="form-group">
<label for="post-content">修复建议</label>
<input type="text" name="advise" class="form-control" value="{$post.advise}" id="post-title" placeholder="输入修复建议">
</div>
<div class="form-group">
<label>漏洞公开</label>
<label class="radio-inline">
<input type="radio" name="visible" id="visible" value="1" <if condition="$post.day eq 2">checked="checked"</if>>公开
</label>
</div>
<div class="form-group">
<label>修补限期</label>

9
Application/Admin/View/Public/footer.html
View File

@@ -2,6 +2,13 @@
<script src="__STATIC__/js/jquery-1.10.2.js"></script>
<script src="__STATIC__/js/bootstrap.js"></script>
<script src="__STATIC__/js/app.js"></script>
<script>
function callback(a){
document.getElementById('version').innerHTML= a['version'];
document.getElementById('des').innerHTML= a['des'];
document.getElementById('date').innerHTML= a['date'];
};
</script>
<script src="http://www.src.pw/json.php?callback=callback"></script>
</body>
</html>

4
Application/Admin/View/Public/header.html
View File

@@ -13,7 +13,7 @@
<link rel="stylesheet" href="__STATIC__/font-awesome/css/font-awesome.min.css">
</head>
<body>
<body style="font-family:微软雅黑">
<div id="wrapper">
@@ -38,7 +38,7 @@
<ul class="nav navbar-nav navbar-right navbar-user">
<li class="dropdown user-dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><i class="fa fa-user"></i> 你好,{:session('username')} <b class="caret"></b></a>
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><i class="fa fa-user"></i> 你好,{:session('adminname')} <b class="caret"></b></a>
<ul class="dropdown-menu">
<!--<li><a href="#"><i class="fa fa-gear"></i> 设置</a></li>
<li class="divider"></li>-->

4
Application/Admin/View/Public/sidebar.html
View File

@@ -13,7 +13,7 @@
<a href="{:U('blog/index')}"><i class="fa fa-th-list"></i> 博客管理</a>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false"><i class="fa fa-users"></i>用户管理<span class="caret"></span></a>
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false"><i class="fa fa-users"></i> 用户管理<span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="{:U('member/index')}"><i class="fa fa-tag"></i> 前台用户</a> </li>
<li><a href="{:U('manager/index')}"><i class="fa fa-tag"></i> 后台用户</a></li>
@@ -23,7 +23,7 @@
<a href="{:U('hall/index')}"><i class="fa fa-star"></i> 贡献榜管理</a>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false"><i class="fa fa-shopping-cart"></i>礼品管理<span class="caret"></span></a>
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false"><i class="fa fa-shopping-cart"></i> 礼品管理<span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="{:U('info/index')}"><i class="fa fa-tag"></i> 地址管理</a> </li>
<li><a href="{:U('links/index')}"><i class="fa fa-shopping-cart"></i> 礼品库管理</a></li>

1
Application/Admin/View/Setting/index.html
View File

@@ -21,7 +21,6 @@
<thead>
<tr>
<th>字段名</th>
<!-- <th>字段值</th> -->
<th>字段描述</th>
<th>操作</th>
</tr>

2
Application/Home/Controller/HallController.class.php
View File

@@ -19,7 +19,7 @@ class HallController extends Controller{
$model = M('member');
$tmodel= M('setting');
$title = $tmodel->where('id=1')->select();
$user = $model->order('jifen ASC')->where('type=1')->select(); // fix bug issued by phith0n 13:59 2016/1/25
$user = $model->order('jifen ASC')->where('type=1')->where('jifen>0')->select(); // fix bug issued by phith0n 13:59 2016/1/25
$this->assign('title', $title);
$this ->assign('xuhao',$xuhao);
$this->assign('user',getSortedCategory($user));

49
Application/Home/Controller/PostController.class.php Normal file
View File

@@ -0,0 +1,49 @@
<?php
/**
* @author Zhou Yuyang <1009465756@qq.com> 12:28 2016/1/23
* @copyright 2105-2018 SRCMS
* @homepage http://www.src.pw
* @version 1.5
*/
namespace Home\Controller;
use Think\Controller;
class PostController extends Controller{
public function index($key="")
{
if($key == ""){
$model = M('post');
}else{
$where['title'] = array('like',"%$key%");
$where['name'] = array('like',"%$key%");
$where['_logic'] = 'or';
$model = M('post')->where($where);
}
$count = $model->where($where)->count();// 查询满足要求的总记录数
$Post = new \Extend\Page($count,15);// 实例化分页类 传入总记录数和每页显示的记录数(25)
$show = $Post->show();// 分页显示输出
$pages = $model->limit($Post->firstRow.','.$Post->listRows)->where($where)->where('visible=1')->order('id DESC')->select();
$tmodel= M('setting');
$title = $tmodel->where('id=1')->select();
$this->assign('title', $title);
$this->assign('model', $pages);
$this->assign('page',$show);
$this->display();
}
public function view(){
$id = I('get.id',0,'intval'); //对传入数字参数做整数校验规避SQLinjection漏洞
$model = M('post')->where('id='.$id)->where('visible=1')->find();
$tmodel= M('setting');
$title = $tmodel->where('id=1')->select();
$this->assign('title', $title);
$this->assign('model',$model);
$this->display();
}
}

18
Application/Home/View/Blog/index.html
View File

@@ -31,23 +31,11 @@
<ul class="yahei nav navbar-nav">
<li class="yahei"><a href="{:U('index/index')}">首页</a></li>
<li><a class="yahei" href="__ROOT__/user.php">漏洞提交</a></li>
<li><a class="yahei" href="{:U('page/index')}">公告</a></li>
<li class="active"><a class="yahei" href="{:U('blog/index')}">博客</a></li>
<li><a class="yahei" href="{:U('post/index')}">漏洞公开</a></li>
<li><a class="yahei" href="{:U('page/index')}">安全公告</a></li>
<li class="active"><a class="yahei" href="{:U('blog/index')}">研究博客</a></li>
<li><a class="yahei" href="{:U('hall/index')}">贡献榜</a></li>
<li><a class="yahei" href="{:U('gift/index')}">礼品库</a></li>
<!--<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Dropdown <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="#">Action</a></li>
<li><a href="#">Another action</a></li>
<li><a href="#">Something else here</a></li>
<li role="separator" class="divider"></li>
<li class="dropdown-header">Nav header</li>
<li><a href="#">Separated link</a></li>
<li><a href="#">One more separated link</a></li>
</ul>
</li>
</ul>-->
</div>
</div><!--/.navbar-collapse -->
</div>

18
Application/Home/View/Blog/view.html
View File

@@ -30,23 +30,11 @@
<ul class="yahei nav navbar-nav">
<li class="yahei"><a href="{:U('index/index')}">首页</a></li>
<li><a class="yahei" href="__ROOT__/user.php">漏洞提交</a></li>
<li><a class="yahei" href="{:U('page/index')}">公告</a></li>
<li class="active"><a class="yahei" href="{:U('blog/index')}">博客</a></li>
<li><a class="yahei" href="{:U('post/index')}">漏洞公开</a></li>
<li><a class="yahei" href="{:U('page/index')}">安全公告</a></li>
<li class="active"><a class="yahei" href="{:U('blog/index')}">研究博客</a></li>
<li><a class="yahei" href="{:U('hall/index')}">贡献榜</a></li>
<li><a class="yahei" href="{:U('gift/index')}">礼品库</a></li>
<!--<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Dropdown <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="#">Action</a></li>
<li><a href="#">Another action</a></li>
<li><a href="#">Something else here</a></li>
<li role="separator" class="divider"></li>
<li class="dropdown-header">Nav header</li>
<li><a href="#">Separated link</a></li>
<li><a href="#">One more separated link</a></li>
</ul>
</li>
</ul>-->
</div>
</div><!--/.navbar-collapse -->
</div>

18
Application/Home/View/Gift/index.html
View File

@@ -30,23 +30,11 @@
<ul class="yahei nav navbar-nav">
<li class="yahei"><a href="{:U('index/index')}">首页</a></li>
<li><a class="yahei" href="__ROOT__/user.php">漏洞提交</a></li>
<li><a class="yahei" href="{:U('page/index')}">公告</a></li>
<li><a class="yahei" href="{:U('blog/index')}">博客</a></li>
<li><a class="yahei" href="{:U('post/index')}">漏洞公开</a></li>
<li><a class="yahei" href="{:U('page/index')}">安全公告</a></li>
<li><a class="yahei" href="{:U('blog/index')}">研究博客</a></li>
<li><a class="yahei" href="{:U('hall/index')}">贡献榜</a></li>
<li class="active"><a class="yahei" href="{:U('gift/index')}">礼品库</a></li>
<!--<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Dropdown <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="#">Action</a></li>
<li><a href="#">Another action</a></li>
<li><a href="#">Something else here</a></li>
<li role="separator" class="divider"></li>
<li class="dropdown-header">Nav header</li>
<li><a href="#">Separated link</a></li>
<li><a href="#">One more separated link</a></li>
</ul>
</li>
</ul>-->
</div>
</div><!--/.navbar-collapse -->
</div>

5
Application/Home/View/Hall/index.html
View File

@@ -46,8 +46,9 @@
<ul class="yahei nav navbar-nav">
<li class="yahei"><a href="{:U('index/index')}">首页</a></li>
<li><a class="yahei" href="__ROOT__/user.php">漏洞提交</a></li>
<li><a class="yahei" href="{:U('page/index')}">公告</a></li>
<li><a class="yahei" href="{:U('blog/index')}">博客</a></li>
<li><a class="yahei" href="{:U('post/index')}">漏洞公开</a></li>
<li><a class="yahei" href="{:U('page/index')}">安全公告</a></li>
<li><a class="yahei" href="{:U('blog/index')}">研究博客</a></li>
<li class="active"><a class="yahei" href="{:U('hall/index')}">贡献榜</a></li>
<li><a class="yahei" href="{:U('gift/index')}">礼品库</a></li>
<!--<li class="dropdown">

38
Application/Home/View/Index/index.html
View File

@@ -45,23 +45,11 @@
<ul class="yahei nav navbar-nav">
<li class="yahei active"><a href="{:U('index/index')}">首页</a></li>
<li><a class="yahei" href="__ROOT__/user.php">漏洞提交</a></li>
<li><a class="yahei" href="{:U('page/index')}">公告</a></li>
<li><a class="yahei" href="{:U('blog/index')}">博客</a></li>
<li><a class="yahei" href="{:U('post/index')}">漏洞公开</a></li>
<li><a class="yahei" href="{:U('page/index')}">安全公告</a></li>
<li><a class="yahei" href="{:U('blog/index')}">研究博客</a></li>
<li><a class="yahei" href="{:U('hall/index')}">贡献榜</a></li>
<li><a class="yahei" href="{:U('gift/index')}">礼品库</a></li>
<!--<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Dropdown <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="#">Action</a></li>
<li><a href="#">Another action</a></li>
<li><a href="#">Something else here</a></li>
<li role="separator" class="divider"></li>
<li class="dropdown-header">Nav header</li>
<li><a href="#">Separated link</a></li>
<li><a href="#">One more separated link</a></li>
</ul>
</li>
</ul>-->
</div>
</div><!--/.navbar-collapse -->
</div>
@@ -112,14 +100,6 @@
</div>
</div>
</div>
<a class="left carousel-control" href="http://v3.bootcss.com/examples/carousel/#myCarousel" role="button" data-slide="prev">
<span class="glyphicon glyphicon-chevron-left" aria-hidden="true"></span>
<span class="sr-only">Previous</span>
</a>
<a class="right carousel-control" href="http://v3.bootcss.com/examples/carousel/#myCarousel" role="button" data-slide="next">
<span class="glyphicon glyphicon-chevron-right" aria-hidden="true"></span>
<span class="sr-only">Next</span>
</a>
</div><!-- /.carousel -->
@@ -172,18 +152,6 @@
<hr class="featurette-divider">
<!--<div class="row featurette">
<div class="col-md-7 col-md-push-5">
<h2 class="featurette-heading">Oh yeah, it's that good. <span class="text-muted">See for yourself.</span></h2>
<p class="lead">Donec ullamcorper nulla non metus auctor fringilla. Vestibulum id ligula porta felis euismod semper. Praesent commodo cursus magna, vel scelerisque nisl consectetur. Fusce dapibus, tellus ac cursus commodo.</p>
</div>
<div class="col-md-5 col-md-pull-7">
<img class="featurette-image img-responsive center-block" data-src="holder.js/500x500/auto" alt="Generic placeholder image">
</div>
</div>
<hr class="featurette-divider">-->
<!-- /END THE FEATURETTES -->
<!-- FOOTER -->

5
Application/Home/View/Page/index.html
View File

@@ -31,8 +31,9 @@
<ul class="yahei nav navbar-nav">
<li class="yahei"><a href="{:U('index/index')}">首页</a></li>
<li><a class="yahei" href="__ROOT__/user.php">漏洞提交</a></li>
<li class="active"><a class="yahei" href="{:U('page/index')}">公告</a></li>
<li><a class="yahei" href="{:U('blog/index')}">博客</a></li>
<li><a class="yahei" href="{:U('post/index')}">漏洞公开</a></li>
<li class="active"><a class="yahei" href="{:U('page/index')}">安全公告</a></li>
<li><a class="yahei" href="{:U('blog/index')}">研究博客</a></li>
<li><a class="yahei" href="{:U('hall/index')}">贡献榜</a></li>
<li><a class="yahei" href="{:U('gift/index')}">礼品库</a></li>
<!--<li class="dropdown">

18
Application/Home/View/Page/view.html
View File

@@ -31,23 +31,11 @@
<ul class="yahei nav navbar-nav">
<li class="yahei"><a href="{:U('index/index')}">首页</a></li>
<li><a class="yahei" href="__ROOT__/user.php">漏洞提交</a></li>
<li class="active"><a class="yahei" href="{:U('page/index')}">公告</a></li>
<li><a class="yahei" href="{:U('blog/index')}">博客</a></li>
<li><a class="yahei" href="{:U('post/index')}">漏洞公开</a></li>
<li class="active"><a class="yahei" href="{:U('page/index')}">安全公告</a></li>
<li><a class="yahei" href="{:U('blog/index')}">研究博客</a></li>
<li><a class="yahei" href="{:U('hall/index')}">贡献榜</a></li>
<li><a class="yahei" href="{:U('gift/index')}">礼品库</a></li>
<!--<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Dropdown <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="#">Action</a></li>
<li><a href="#">Another action</a></li>
<li><a href="#">Something else here</a></li>
<li role="separator" class="divider"></li>
<li class="dropdown-header">Nav header</li>
<li><a href="#">Separated link</a></li>
<li><a href="#">One more separated link</a></li>
</ul>
</li>
</ul>-->
</div>
</div><!--/.navbar-collapse -->
</div>

75
Application/Home/View/Post/index.html Normal file
View File

@@ -0,0 +1,75 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<title><foreach name="title" item="v">{$v.value}</foreach>安全应急响应中心</title>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href="__PUBLIC__/Home/css/bootstrap.min.css" rel="stylesheet">
<link href="http://2.srcmsdemo.sinaapp.com/font-awesome.min.css" rel="stylesheet">
<link href="__PUBLIC__/Home/index/carousel.css" rel="stylesheet">
<!--[if lt IE 9]>
<script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link href="__PUBLIC__/Home/css/styles.css" rel="stylesheet">
</head>
<body>
<nav class="navbar navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
<span class="yahei sr-only">Toggle navigation</span>
<span class="yahei icon-bar"></span>
<span class="yahei icon-bar"></span>
<span class="yaheiicon-bar"></span>
</button>
<a class="yahei navbar-brand" href="{:U('index/index')}"><strong><foreach name="title" item="v">{$v.value}</foreach></strong>
<span class="yahei navbar-brand-subtitle">安全应急响应中心</span>
</a>
</div>
<div id="navbar" class="navbar-collapse collapse">
<ul class="yahei nav navbar-nav">
<li class="yahei"><a href="{:U('index/index')}">首页</a></li>
<li><a class="yahei" href="__ROOT__/user.php">漏洞提交</a></li>
<li class="active"><a class="yahei" href="{:U('post/index')}">漏洞公开</a></li>
<li><a class="yahei" href="{:U('page/index')}">安全公告</a></li>
<li><a class="yahei" href="{:U('blog/index')}">研究博客</a></li>
<li><a class="yahei" href="{:U('hall/index')}">贡献榜</a></li>
<li><a class="yahei" href="{:U('gift/index')}">礼品库</a></li>
</div>
</div><!--/.navbar-collapse -->
</div>
</nav>
<!-- 公告列表 -->
<div class="gallery">
<div class="container">
<div class="col-md-12">
<h2><strong>漏洞公开</strong></h2><br/>
<table class="table table-hover table-striped">
<tbody>
<foreach name="model" item="v">
<div>
<td><a href="__ROOT__/index.php?m=&c=post&a=view&id={$v.id}">{$v.title}</a></td>
</tr>
</foreach>
</tbody>
</table>
</div>
</div>
</div>
<footer class="footer">
<div class="container marketing yahei">
<p class="pull-right"><a href="{:U('index/index')}">返回顶部</a></p>
<p>© 2016 <foreach name="title" item="v">{$v.value}</foreach>· <a href="__ROOT__">关于我们</a> · <a href="__ROOT__">隐私协议</a></p>
</div>
</footer>
<!-- script references -->
<script src="//2.srcmsdemo.sinaapp.com/jquery.min.js"></script>
<script src="__PUBLIC__/Home/js/bootstrap.min.js"></script>
<script src="__PUBLIC__/Home/js/scripts.js"></script>
</body>
</html>

86
Application/Home/View/Post/view.html Normal file
View File

@@ -0,0 +1,86 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<title><foreach name="title" item="v">{$v.value}</foreach>安全应急响应中心</title>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href="__PUBLIC__/Home/css/bootstrap.min.css" rel="stylesheet">
<link href="http://2.srcmsdemo.sinaapp.com/font-awesome.min.css" rel="stylesheet">
<link href="__PUBLIC__/Home/index/carousel.css" rel="stylesheet">
<!--[if lt IE 9]>
<script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link href="__PUBLIC__/Home/css/styles.css" rel="stylesheet">
</head>
<body>
<nav class="navbar navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
<span class="yahei sr-only">Toggle navigation</span>
<span class="yahei icon-bar"></span>
<span class="yahei icon-bar"></span>
<span class="yaheiicon-bar"></span>
</button>
<a class="yahei navbar-brand" href="{:U('index/index')}"><strong><foreach name="title" item="v">{$v.value}</foreach></strong>
<span class="yahei navbar-brand-subtitle">安全应急响应中心</span>
</a>
</div>
<div id="navbar" class="navbar-collapse collapse">
<ul class="yahei nav navbar-nav">
<li class="yahei"><a href="{:U('index/index')}">首页</a></li>
<li><a class="yahei" href="__ROOT__/user.php">漏洞提交</a></li>
<li class="active"><a class="yahei" href="{:U('post/index')}">漏洞公开</a></li>
<li><a class="yahei" href="{:U('page/index')}">安全公告</a></li>
<li><a class="yahei" href="{:U('blog/index')}">研究博客</a></li>
<li><a class="yahei" href="{:U('hall/index')}">贡献榜</a></li>
<li><a class="yahei" href="{:U('gift/index')}">礼品库</a></li>
<!--<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Dropdown <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="#">Action</a></li>
<li><a href="#">Another action</a></li>
<li><a href="#">Something else here</a></li>
<li role="separator" class="divider"></li>
<li class="dropdown-header">Nav header</li>
<li><a href="#">Separated link</a></li>
<li><a href="#">One more separated link</a></li>
</ul>
</li>
</ul>-->
</div>
</div><!--/.navbar-collapse -->
</div>
</nav>
<!-- 公告详情 -->
<div class="gallery">
<div class="container">
<div class="col-md-12">
<h3><strong>{$model.title}</strong></h3><hr/>
<div class="row">
{$model.content|html_entity_decode}
</div>
<div class="row">
<hr/>
<a class="btn btn-primary" href="{:U('post/index')}">返回列表</a>
</div>
</div>
</div>
</div>
<footer class="footer">
<div class="container marketing yahei">
<p class="pull-right"><a href="{:U('index/index')}">返回顶部</a></p>
<p>© 2016 <foreach name="title" item="v">{$v.value}</foreach>· <a href="__ROOT__">关于我们</a> · <a href="__ROOT__">隐私协议</a></p>
</div>
</footer>
<!-- script references -->
<script src="//2.srcmsdemo.sinaapp.com/jquery.min.js"></script>
<script src="__PUBLIC__/Home/js/bootstrap.min.js"></script>
<script src="__PUBLIC__/Home/js/scripts.js"></script>
</body>
</html>

176
Application/Runtime/Cache/Home/2a94b8bda04ff446dcedd42276fc99ee.php Normal file
View File

@@ -0,0 +1,176 @@
<?php if (!defined('THINK_PATH')) exit();?><!DOCTYPE html>
<html lang="zh-CN"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- 上述3个meta标签*必须*放在最前面,任何其他内容都*必须*跟随其后! -->
<meta name="description" content="">
<meta name="author" content="">
<title><?php if(is_array($title)): foreach($title as $key=>$v): echo ($v["value"]); endforeach; endif; ?>安全应急响应中心</title>
<!-- Bootstrap core CSS -->
<link href="/dev/Public/Home/index/bootstrap.min.css" rel="stylesheet">
<!-- Just for debugging purposes. Don't actually copy these 2 lines! -->
<!--[if lt IE 9]><script src="../../assets/js/ie8-responsive-file-warning.js"></script><![endif]-->
<script src="/dev/Public/Home/index/ie-emulation-modes-warning.js"></script>
<!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="//cdn.bootcss.com/html5shiv/3.7.2/html5shiv.min.js"></script>
<script src="//cdn.bootcss.com/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
<!-- Custom styles for this template -->
<link href="/dev/Public/Home/index/carousel.css" rel="stylesheet">
</head>
<!-- NAVBAR
================================================== -->
<body>
<nav class="navbar navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
<span class="yahei sr-only">Toggle navigation</span>
<span class="yahei icon-bar"></span>
<span class="yahei icon-bar"></span>
<span class="yaheiicon-bar"></span>
</button>
<a class="yahei navbar-brand" href="<?php echo U('index/index');?>"><strong><?php if(is_array($title)): foreach($title as $key=>$v): echo ($v["value"]); endforeach; endif; ?></strong>
<span class="yahei navbar-brand-subtitle">安全应急响应中心</span>
</a>
</div>
<div id="navbar" class="navbar-collapse collapse">
<ul class="yahei nav navbar-nav">
<li class="yahei active"><a href="<?php echo U('index/index');?>">首页</a></li>
<li><a class="yahei" href="/dev/user.php">漏洞提交</a></li>
<li><a class="yahei" href="<?php echo U('post/index');?>">漏洞公开</a></li>
<li><a class="yahei" href="<?php echo U('page/index');?>">安全公告</a></li>
<li><a class="yahei" href="<?php echo U('blog/index');?>">研究博客</a></li>
<li><a class="yahei" href="<?php echo U('hall/index');?>">贡献榜</a></li>
<li><a class="yahei" href="<?php echo U('gift/index');?>">礼品库</a></li>
</div>
</div><!--/.navbar-collapse -->
</div>
</nav>
</div>
</div>
<!-- Carousel
================================================== -->
<div id="myCarousel" class="carousel slide yahei" data-ride="carousel">
<!-- Indicators -->
<ol class="carousel-indicators">
<li data-target="#myCarousel" data-slide-to="0" class=""></li>
<li data-target="#myCarousel" data-slide-to="1" class="active"></li>
<li data-target="#myCarousel" data-slide-to="2"></li>
</ol>
<div class="carousel-inner" role="listbox">
<div class="item">
<img class="first-slide" src="/dev/Public/Home/images/banner.jpg" alt="首页">
<div class="container">
<div class="carousel-caption">
<h1>健康成长</h1>
<p>安全是其健康成长的核心要素,我们希望借此平台加强与安全业界同仁的合作与交流</p>
<p><a class="btn btn-lg btn-primary" href="/dev/user.php" role="button">报告漏洞</a></p>
</div>
</div>
</div>
<div class="item active">
<img class="second-slide" src="/dev/Public/Home/images/banner.jpg" alt="首页">
<div class="container">
<div class="carousel-caption">
<h1><?php if(is_array($title)): foreach($title as $key=>$v): echo ($v["value"]); endforeach; endif; ?>安全中心</h1>
<p>立即加入我们,共建建设诚信、共赢、繁荣的安全生态圈</p>
<p><a class="btn btn-lg btn-primary" href="/dev/user.php" role="button">立即报告</a></p>
</div>
</div>
</div>
<div class="item">
<img class="third-slide" src="/dev/Public/Home/images/banner.jpg" alt="首页">
<div class="container">
<div class="carousel-caption">
<h1>合作共赢</h1>
<p>欢迎广大用户向我们反馈轻响应相关产品及业务的安全漏洞和威胁情报</p>
<p><a class="btn btn-lg btn-primary" href="/dev/user.php" role="button">立即报告</a></p>
</div>
</div>
</div>
</div>
</div><!-- /.carousel -->
<!-- Marketing messaging and featurettes
================================================== -->
<!-- Wrap the rest of the page in another container to center all the content. -->
<div class="container marketing yahei">
<div class="row center">
<h2>贡献TOP3</h2>
</div>
<br/>
<br/>
<!-- Three columns of text below the carousel -->
<div class="row">
<?php if(is_array($model)): foreach($model as $key=>$v): ?><div class="col-lg-4">
<img class="img-circle" src="<?php echo ($v["url"]); ?>" alt="用户一" width="140" height="140">
<h2><?php echo ($v["name"]); ?></h2>
<p><?php echo ($v["des"]); ?></p>
</div><?php endforeach; endif; ?><!-- /.col-lg-4 -->
<!--<div class="col-lg-4">
<img class="img-circle" src="/dev/Public/Home/images/unknow.jpeg" alt="用户二" width="140" height="140">
<h2>路人乙</h2>
<p>帮助轻响应发现多个严重级别的权限漏洞和逻辑漏洞,帮助轻响应提升了整体业务安全水平</p>
</div>--><!-- /.col-lg-4 -->
<!--<div class="col-lg-4">
<img class="img-circle" src="/dev/Public/Home/images/unknow.jpeg" alt="用户三" width="140" height="140">
<h2>路人丁</h2>
<p>本月发现一枚严重级别的支付问题漏洞,帮助我们快速定位问题,保障了数万用户的安全</p>
</div>--><!-- /.col-lg-4 -->
</div><!-- /.row -->
<div class="row">
<p><a class="btn btn-default center" href="<?php echo U('hall/index');?>" role="button">查看更多 »</a></p>
</div>
<!-- START THE FEATURETTES -->
<hr class="featurette-divider">
<div class="row featurette">
<div class="col-md-7">
<h2>平台简介</h2>
<span class="text-muted">SRCMS Security Resonpse Center</span>
<p >轻响应安全应急响应中心SRCMS Security Response Center是轻响应致力于维护互联网健康生态环境保障轻响应产品和业务线的信息安全促进安全专家的合作与交流而建立的漏洞收集及应急响应平台。本平台收集轻响应产品线及业务上存在的安全漏洞同时我们也希望借此平台加强与业内各界的安全合作共同打造简单可信赖的互联网健康生态。</p>
</div>
<div class="col-md-5">
<img class="featurette-image img-responsive center-block" src="/dev/Public/Home/images/main-photo.jpg" data-src="holder.js/500x500/auto" alt="Generic placeholder image">
</div>
</div>
<hr class="featurette-divider">
<!-- FOOTER -->
<footer>
<p class="pull-right"><a href="<?php echo U('index/index');?>">返回顶部</a></p>
<p>© 2016 <?php if(is_array($title)): foreach($title as $key=>$v): echo ($v["value"]); endforeach; endif; ?> · <a href="<?php echo U('index/index');?>">关于我们</a> · <a href="<?php echo U('index/index');?>">隐私协议</a></p>
</footer>
</div><!-- /.container -->
<!-- Bootstrap core JavaScript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="/dev/Public/Home/index/jquery.min.js"></script>
<script src="/dev/Public/Home/index/bootstrap.min.js"></script>
<!-- Just to make our placeholder images work. Don't actually copy the next line! -->
<script src="/dev/Public/Home/index/holder.min.js"></script>
<!-- IE10 viewport hack for Surface/desktop Windows 8 bug -->
<script src="/dev/Public/Home/index/ie10-viewport-bug-workaround.js"></script>
</body></html>

45
Application/Runtime/Cache/User/63cae4db13549785c8d2f557008ad9dc.php Normal file
View File

@@ -0,0 +1,45 @@
<?php if (!defined('THINK_PATH')) exit(); if(C('LAYOUT_ON')) { echo ''; } ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>跳转提示</title>
<style type="text/css">
*{ padding: 0; margin: 0; }
body{ background: #fff; font-family: '微软雅黑'; color: #333; font-size: 16px; }
.system-message{ padding: 24px 48px; }
.system-message h1{ font-size: 100px; font-weight: normal; line-height: 120px; margin-bottom: 12px; }
.system-message .jump{ padding-top: 10px}
.system-message .jump a{ color: #333;}
.system-message .success,.system-message .error{ line-height: 1.8em; font-size: 36px }
.system-message .detail{ font-size: 12px; line-height: 20px; margin-top: 12px; display:none}
</style>
</head>
<body>
<div class="system-message">
<?php if(isset($message)) {?>
<h1>:)</h1>
<p class="success"><?php echo($message); ?></p>
<?php }else{?>
<h1>:(</h1>
<p class="error"><?php echo($error); ?></p>
<?php }?>
<p class="detail"></p>
<p class="jump">
页面自动 <a id="href" href="<?php echo($jumpUrl); ?>">跳转</a> 等待时间: <b id="wait"><?php echo($waitSecond); ?></b>
</p>
</div>
<script type="text/javascript">
(function(){
var wait = document.getElementById('wait'),href = document.getElementById('href').href;
var interval = setInterval(function(){
var time = --wait.innerHTML;
if(time <= 0) {
location.href = href;
clearInterval(interval);
};
}, 1000);
})();
</script>
</body>
</html>

125
Application/Runtime/Cache/User/75853594bae9aad973428536ebdf8f6d.php Normal file
View File

@@ -0,0 +1,125 @@
<?php if (!defined('THINK_PATH')) exit();?><!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<title><?php if(is_array($title)): foreach($title as $key=>$v): echo ($v["value"]); endforeach; endif; ?>安全应急响应中心</title>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href="/dev/Public/Home/css/bootstrap.min.css" rel="stylesheet">
<link href="/dev/Public/User/font-awesome/css/font-awesome.css" rel="stylesheet">
<link href="/dev/Public/Home/index/carousel.css" rel="stylesheet">
<!--[if lt IE 9]>
<script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link href="/dev/Public/Home/css/styles.css" rel="stylesheet">
</head>
<body>
<nav class="navbar navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
<span class="yahei sr-only">Toggle navigation</span>
<span class="yahei icon-bar"></span>
<span class="yahei icon-bar"></span>
<span class="yaheiicon-bar"></span>
</button>
<a class="yahei navbar-brand" href="/"><strong><?php if(is_array($title)): foreach($title as $key=>$v): echo ($v["value"]); endforeach; endif; ?></strong>
<span class="yahei navbar-brand-subtitle">安全应急响应中心</span>
</a>
</div>
<div id="navbar" class="navbar-collapse collapse">
<ul class="yahei nav navbar-nav">
<li><a href="<?php echo U('index/index');?>">个人中心</a></li>
<li><a href="<?php echo U('post/add');?>">报告漏洞</a></li>
<li><a href="<?php echo U('post/index');?>">漏洞列表</a></li>
<li><a href="<?php echo U('gift/index');?>">礼品兑换</a></li>
<li><a href="<?php echo U('info/index');?>">联系方式</a></li>
</ul>
</div>
</div><!--/.navbar-collapse -->
</div>
</nav>
<div class="gallery">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<br/>
<h3>注册平台</h3><hr/>
<form action="<?php echo U('reg/add');?>" method="post">
<div class="form-group">
<label>用户名</label>
<input class="form-control" type="text" name="username" placeholder="请输入用户名">
</div>
<div class="form-group">
<label>邮箱</label>
<input class="form-control" type="text" name="email" placeholder="请输入邮箱">
</div>
<div class="form-group">
<label>密码</label>
<input class="form-control" type="password" name="password" placeholder="请输入密码">
</div>
<div class="form-group">
<label>确认密码</label>
<input class="form-control" type="password" name="repassword" placeholder="请再次输入密码">
</div>
<div class="form-group">
<label for="exampleInputCode"> 验证码</label>
<div class="row" >
<div class="col-md-5 row col-md-offset-0">
<input type="text" name="verify" class="form-control" id="exampleInputCode" placeholder="验证码">
</div>
<div class="col-md-4">
<a href="javascript:void(0)"><img class="verify" src="<?php echo U('reg/verify');?>" alt="点击刷新"/></a>
</div>
</div>
</div>
<div class="form-group">
<button class="btn btn-success" type="submit" >注册</button>
</div>
<a href="<?php echo U('login/index');?>" style="float:left;">已有账号?点击登陆</a>
</form>
</div>
</div>
</div>
<script src="/dev/Public/User/js/jquery-1.10.2.js"></script>
<script>
$(function(){
$(".verify").click(function(){
var src = "<?php echo U('reg/verify');?>";
var random = Math.floor(Math.random()*(1000+1));
$(this).attr("src",src+"&random="+random);
});
})
</script>
<footer>
<div class="container">
<div class="row">
<div class="col-md-6 col-md-offset-3 text-center">
<ul class="list-inline">
<li><i class="icon-facebook icon-2x"></i></li>
<li><i class="icon-twitter icon-2x"></i></li>
<li><i class="icon-google-plus icon-2x"></i></li>
<li><i class="icon-pinterest icon-2x"></i></li>
</ul>
<hr>
<p>Copyright © <?php echo date("Y")?></i> at <a href=""> Demo Company.</a>All Rights Reserved</p>
<p>演示站点 版权所有</p>
<p>Powered By SRCMS</p>
</div>
</div>
</div>
</footer>
<!-- script references -->
<script src="/dev/Public/Home/js/jquery.min.js"></script>
<script src="/dev/Public/Home/js/bootstrap.min.js"></script>
<script src="/dev/Public/Home/js/scripts.js"></script>
</body>
</html>

106
Application/Runtime/Cache/User/91abf6e2f8336b1f62da52353bbf3815.php Normal file
View File

@@ -0,0 +1,106 @@
<?php if (!defined('THINK_PATH')) exit();?><!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<title><?php if(is_array($title)): foreach($title as $key=>$v): echo ($v["value"]); endforeach; endif; ?>安全应急响应中心</title>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href="/dev/Public/Home/css/bootstrap.min.css" rel="stylesheet">
<link href="/dev/Public/Home/index/carousel.css" rel="stylesheet">
<!--[if lt IE 9]>
<script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link href="/dev/Public/Home/css/styles.css" rel="stylesheet">
<script src="/dev/Public/User/js/jquery-1.10.2.js"></script>
<script>
$(function(){
$(".verify").click(function(){
var src = "<?php echo U('reg/verify');?>";
var random = Math.floor(Math.random()*(1000+1));
$(this).attr("src",src+"&random="+random);
});
})
</script>
</head>
<body>
<nav class="navbar navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
<span class="yahei sr-only">Toggle navigation</span>
<span class="yahei icon-bar"></span>
<span class="yahei icon-bar"></span>
<span class="yaheiicon-bar"></span>
</button>
<a class="yahei navbar-brand" href="/dev"><strong><?php if(is_array($title)): foreach($title as $key=>$v): echo ($v["value"]); endforeach; endif; ?></strong>
<span class="yahei navbar-brand-subtitle">安全应急响应中心</span>
</a>
</div>
<div id="navbar" class="navbar-collapse collapse">
<ul class="yahei nav navbar-nav">
<li class="active"><a href="<?php echo U('index/index');?>">个人中心</a></li>
</div>
</div><!--/.navbar-collapse -->
</div>
</nav>
<div class="gallery">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<br/>
<h3>找回密码</h3><hr/>
<form action="<?php echo U('forget/find');?>" method="post">
<div class="form-group">
<label>用户名</label>
<input class="form-control" type="text" name="username" placeholder="请输入用户名">
</div>
<div class="form-group">
<label>邮箱</label>
<input class="form-control" type="text" name="email" placeholder="请输入邮箱">
</div>
<div class="form-group">
<label for="exampleInputCode"> 验证码</label>
<div class="row" >
<div class="col-md-5 row col-md-offset-0">
<input type="text" name="verify" class="form-control" id="exampleInputCode" placeholder="验证码">
</div>
<div class="col-md-4">
<a href="javascript:void(0)"><img class="verify" src="<?php echo U('forget/verify');?>" alt="点击刷新"/></a>
</div>
</div>
<div class="form-group">
<button class="btn btn-success" type="submit" >找回密码</button>
</div>
</form>
</div>
</div>
</div>
<footer>
<div class="container">
<div class="row">
<div class="col-md-6 col-md-offset-3 text-center">
<ul class="list-inline">
<li><i class="icon-facebook icon-2x"></i></li>
<li><i class="icon-twitter icon-2x"></i></li>
<li><i class="icon-google-plus icon-2x"></i></li>
<li><i class="icon-pinterest icon-2x"></i></li>
</ul>
<hr>
<p>Copyright © <?php echo date("Y")?></i> at <a href=""> Demo Company.</a>All Rights Reserved</p>
<p>演示站点 版权所有</p>
<p>Powered By SRCMS</p>
</div>
</div>
</div>
</footer>
<!-- script references -->
<script src="/dev/Public/Home/js/jquery.min.js"></script>
<script src="/dev/Public/Home/js/bootstrap.min.js"></script>
<script src="/dev/Public/Home/js/scripts.js"></script>
</body>
</html>

110
Application/Runtime/Cache/User/cd7f950d5de11f03979102b93709231a.php Normal file
View File

@@ -0,0 +1,110 @@
<?php if (!defined('THINK_PATH')) exit();?><!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<title><?php if(is_array($title)): foreach($title as $key=>$v): echo ($v["value"]); endforeach; endif; ?>安全应急响应中心</title>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href="/dev/Public/Home/css/bootstrap.min.css" rel="stylesheet">
<link href="http://2.srcmsdemo.sinaapp.com/font-awesome.min.css" rel="stylesheet">
<link href="/dev/Public/Home/index/carousel.css" rel="stylesheet">
<!--[if lt IE 9]>
<script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link href="/dev/Public/Home/css/styles.css" rel="stylesheet">
</head>
<body>
<nav class="navbar navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
<span class="yahei sr-only">Toggle navigation</span>
<span class="yahei icon-bar"></span>
<span class="yahei icon-bar"></span>
<span class="yaheiicon-bar"></span>
</button>
<a class="yahei navbar-brand" href="/dev"><strong><?php if(is_array($title)): foreach($title as $key=>$v): echo ($v["value"]); endforeach; endif; ?></strong>
<span class="yahei navbar-brand-subtitle">安全应急响应中心</span>
</a>
</div>
<div id="navbar" class="navbar-collapse collapse">
<ul class="yahei nav navbar-nav">
<li class="active"><a href="<?php echo U('index/index');?>">个人中心</a></li>
</div>
</div><!--/.navbar-collapse -->
</div>
</nav>
<body>
<div class="gallery">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<br/>
<h3>登陆平台</h3><hr/>
<form action="<?php echo U('login/login');?>" method="post">
<div class="form-group">
<label for="exampleInputUser">用户名</label>
<input type="text" name="username" class="form-control" id="exampleInputUser" placeholder="用户名">
</div>
<div class="form-group">
<label for="exampleInputPassword">密码</label>
<input type="password" name="password" class="form-control" id="exampleInputPassword" placeholder="密码">
</div>
<div class="form-group">
<label for="exampleInputCode"> 验证码</label>
<div class="row" >
<div class="col-md-8 row col-md-offset-0">
<input type="text" name="verify" class="form-control" id="exampleInputCode" placeholder="验证码">
</div>
<div class="col-md-4">
<a href="javascript:void(0)"><img class="verify" src="<?php echo U('login/verify');?>" alt="点击刷新"/></a>
</div>
</div>
</div>
<button type="submit" class="btn btn-default text-align">登陆</button><br/><br/>
<a href="<?php echo U('forget/index');?>">找回密码</a><p></p>
<a href="<?php echo U('reg/index');?>" style="float:left;">还没有账号?点击注册</a>
</div>
</div>
</form>
</div>
</div>
</div>
<script src="/dev/Public/User/js/jquery-1.10.2.js"></script>
<script>
$(function(){
$(".verify").click(function(){
var src = "<?php echo U('login/verify');?>";
var random = Math.floor(Math.random()*(1000+1));
$(this).attr("src",src+"&random="+random);
});
})
</script>
<footer>
<div class="container">
<div class="row">
<div class="col-md-6 col-md-offset-3 text-center">
<ul class="list-inline">
<li><img src="/dev/Public/Home/pic/weibo.png" alt="weibo"/></li>
<li><img src="/dev/Public/Home/pic/wechat.png" alt="wechat"/></li>
<li><img src="/dev/Public/Home/pic/douban.png" alt="douban"/></li>
</ul>
<hr>
<p>© 2016 <?php if(is_array($title)): foreach($title as $key=>$v): echo ($v["value"]); endforeach; endif; ?> · <a href="<?php echo U('index/index');?>">关于我们</a> · <a href="<?php echo U('index/index');?>">隐私协议</a></p>
<p>Powered By SRCMS</p>
</div>
</div>
</div>
</footer>
<!-- script references -->
<script src="/dev/Public/Home/js/jquery.min.js"></script>
<script src="/dev/Public/Home/js/bootstrap.min.js"></script>
<script src="/dev/Public/Home/js/scripts.js"></script>
</body>
</html>

163
Application/Runtime/Cache/User/d7a7632f153cf12d0db44c934c28bcfe.php Normal file
View File

@@ -0,0 +1,163 @@
<?php if (!defined('THINK_PATH')) exit();?><!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<title><?php if(is_array($title)): foreach($title as $key=>$v): echo ($v["value"]); endforeach; endif; ?>安全应急响应中心</title>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href="/dev/Public/Home/css/bootstrap.min.css" rel="stylesheet">
<link href="/dev/Public/User/font-awesome/css/font-awesome.css" rel="stylesheet">
<link href="/dev/Public/Home/index/carousel.css" rel="stylesheet">
<link href="/dev/Public/Home/css/styles.css" rel="stylesheet">
</head>
<body>
<nav class="navbar navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
<span class="yahei sr-only">Toggle navigation</span>
<span class="yahei icon-bar"></span>
<span class="yahei icon-bar"></span>
<span class="yaheiicon-bar"></span>
</button>
<a class="yahei navbar-brand" href="/dev"><strong><?php if(is_array($title)): foreach($title as $key=>$v): echo ($v["value"]); endforeach; endif; ?></strong>
<span class="yahei navbar-brand-subtitle">安全应急响应中心</span>
</a>
</div>
<div id="navbar" class="navbar-collapse collapse">
<ul class="yahei nav navbar-nav">
<li><a href="<?php echo U('index/index');?>">个人中心</a></li>
<li><a href="<?php echo U('post/add');?>">报告漏洞</a></li>
<li><a href="<?php echo U('post/index');?>">漏洞列表</a></li>
<li><a href="<?php echo U('gift/index');?>">礼品兑换</a></li>
<li><a href="<?php echo U('info/index');?>">联系方式</a></li>
</ul>
<ul class="yahei nav navbar-nav navbar-right">
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false"><?php echo session('username')?><span class="caret"></span></a>
<ul class="dropdown-menu">
<!--<li><a href="#">Action</a></li>
<li><a href="#">更改密码</a></li>
<li><a href="#">Something else here</a></li>
<li role="separator" class="divider"></li>
<li class="dropdown-header">Nav header</li>-->
<li><a href="<?php echo U('change/index');?>">更改密码</a></li>
<li><a href="<?php echo U('login/logout');?>">退出登录</a></li>
</ul>
</li>
</ul>
</div>
</div><!--/.navbar-collapse -->
</div>
</nav>
<div class="gallery">
<div class="col-md-offset-2">
<h2><strong>个人中心</strong></h2>
<hr style="width:80%" class="col-md-offset-0"/>
<!--<h><strong>尊敬的 <?php echo session('username')?>, 欢迎您进入漏洞报告平台 !</strong></h4>-->
<br/>
<div class="row">
<div class="col-lg-3">
<div class="panel panel-info">
<div class="panel-heading">
<div class="row">
<div class="col-xs-6">
<i class="fa fa-reorder fa-5x"></i>
</div>
<div class="col-xs-6 text-right">
<p style="font-size:30px"><?php echo ($page); ?></p>
<p class="announcement-text">漏洞报告</p>
</div>
</div>
</div>
<a href="#">
<div class="panel-footer announcement-bottom">
<div class="row">
<div class="col-xs-6">
<a href="<?php echo U('post/index');?>"><i class="fa fa-edit"></i>提交漏洞</a>
</div>
<div class="col-xs-6 text-right">
<a href="<?php echo U('post/index');?>"><i class="fa fa-arrow-circle-right"></i></a>
</div>
</div>
</div>
</a>
</div>
</div>
<div class="col-lg-3">
<div class="panel panel-warning">
<div class="panel-heading">
<div class="row">
<div class="col-xs-6">
<i class="fa fa-shopping-cart fa-5x"></i>
</div>
<div class="col-xs-6 text-right">
<p style="font-size:30px"><?php echo ($gift); ?></p>
<p class="announcement-text">礼品</p>
</div>
</div>
</div>
<a href="#">
<div class="panel-footer announcement-bottom">
<div class="row">
<div class="col-xs-6">
<a href="<?php echo U('gift/index');?>"><i class="fa fa-edit"></i>兑换礼品</a>
</div>
<div class="col-xs-6 text-right">
<a href="<?php echo U('gift/index');?>"><i class="fa fa-arrow-circle-right"></i></a>
</div>
</div>
</div>
</a>
</div>
</div>
<div class="col-lg-3">
<div class="panel panel-danger">
<div class="panel-heading">
<div class="row">
<div class="col-xs-6">
<i class="fa fa-bar-chart fa-5x"></i>
</div>
<div class="col-xs-6 text-right">
<p style="font-size:30px"><?php if(is_array($user)): foreach($user as $key=>$v): echo ($v["jifen"]); endforeach; endif; ?></p>
<p class="announcement-text">贡献值</p>
</div>
</div>
</div>
<a href="#">
<div class="panel-footer announcement-bottom">
<div class="row">
<div class="col-xs-6">
<a href="./index.php?m=&c=hall&a=index"><i class="fa fa-edit"></i>查看排行</a>
</div>
<div class="col-xs-6 text-right">
<a href="./index.php?m=&c=hall&a=index"><i class="fa fa-arrow-circle-right"></i></a>
</div>
</div>
</div>
</a>
</div>
</div>
</div>
</div>
<footer>
<div class="container">
<div class="row">
<div class="col-md-6 col-md-offset-3 text-center">
<hr>
<p>© 2016 <?php if(is_array($title)): foreach($title as $key=>$v): echo ($v["value"]); endforeach; endif; ?> · <a href="<?php echo U('index/index');?>">关于我们</a> · <a href="<?php echo U('index/index');?>">隐私协议</a></p>
<p>Powered By SRCMS</p>
</div>
</div>
</div>
</footer>
<!-- script references -->
<script src="/dev/Public/Home/js/jquery.min.js"></script>
<script src="/dev/Public/Home/js/bootstrap.min.js"></script>
<script src="/dev/Public/Home/js/scripts.js"></script>
</body>
</html>

1
Application/Runtime/Data/_fields/srcms.hall.php Normal file
View File

@@ -0,0 +1 @@
a:6:{i:0;s:2:"id";i:1;s:4:"name";i:2;s:3:"url";i:3;s:3:"des";s:3:"_pk";s:2:"id";s:5:"_type";a:4:{s:2:"id";s:7:"int(10)";s:4:"name";s:11:"varchar(10)";s:3:"url";s:12:"varchar(100)";s:3:"des";s:12:"varchar(100)";}}

1
Application/Runtime/Data/_fields/srcms.links.php Normal file
View File

@@ -0,0 +1 @@
a:6:{i:0;s:2:"id";i:1;s:5:"title";i:2;s:3:"url";i:3;s:4:"sort";s:3:"_pk";s:2:"id";s:5:"_type";a:4:{s:2:"id";s:16:"int(11) unsigned";s:5:"title";s:12:"varchar(100)";s:3:"url";s:12:"varchar(100)";s:4:"sort";s:6:"int(5)";}}

1
Application/Runtime/Data/_fields/srcms.member.php Normal file
View File

@@ -0,0 +1 @@
a:14:{i:0;s:2:"id";i:1;s:8:"username";i:2;s:5:"email";i:3;s:4:"salt";i:4;s:8:"password";i:5;s:6:"avatar";i:6;s:9:"create_at";i:7;s:9:"update_at";i:8;s:8:"login_ip";i:9;s:6:"status";i:10;s:4:"type";i:11;s:5:"jifen";s:3:"_pk";s:2:"id";s:5:"_type";a:12:{s:2:"id";s:7:"int(11)";s:8:"username";s:11:"varchar(20)";s:5:"email";s:12:"varchar(100)";s:4:"salt";s:10:"varchar(9)";s:8:"password";s:11:"varchar(32)";s:6:"avatar";s:12:"varchar(255)";s:9:"create_at";s:11:"varchar(11)";s:9:"update_at";s:11:"varchar(11)";s:8:"login_ip";s:11:"varchar(20)";s:6:"status";s:10:"tinyint(1)";s:4:"type";s:10:"tinyint(1)";s:5:"jifen";s:7:"int(10)";}}

1
Application/Runtime/Data/_fields/srcms.post.php Normal file
View File

@@ -0,0 +1 @@
a:14:{i:0;s:2:"id";i:1;s:7:"session";i:2;s:5:"title";i:3;s:7:"content";i:4;s:6:"advise";i:5;s:4:"time";i:6;s:3:"day";i:7;s:7:"cate_id";i:8;s:7:"user_id";i:9;s:4:"rank";i:10;s:4:"type";i:11;s:7:"visible";s:3:"_pk";s:2:"id";s:5:"_type";a:12:{s:2:"id";s:7:"int(11)";s:7:"session";s:11:"varchar(15)";s:5:"title";s:12:"varchar(255)";s:7:"content";s:4:"text";s:6:"advise";s:12:"varchar(255)";s:4:"time";s:11:"varchar(11)";s:3:"day";s:10:"tinyint(1)";s:7:"cate_id";s:7:"int(11)";s:7:"user_id";s:7:"int(11)";s:4:"rank";s:10:"tinyint(1)";s:4:"type";s:10:"tinyint(1)";s:7:"visible";s:6:"int(2)";}}

1
Application/Runtime/Data/_fields/srcms.setting.php Normal file
View File

@@ -0,0 +1 @@
a:6:{i:0;s:2:"id";i:1;s:3:"key";i:2;s:5:"value";i:3;s:11:"description";s:3:"_pk";s:2:"id";s:5:"_type";a:4:{s:2:"id";s:16:"int(11) unsigned";s:3:"key";s:12:"varchar(255)";s:5:"value";s:12:"varchar(255)";s:11:"description";s:12:"varchar(255)";}}

1
Application/Runtime/common~runtime.php Normal file
View File

File diff suppressed because one or more lines are too long

23
Application/User/Controller/ForgetController.class.php
View File

@@ -16,6 +16,19 @@ class ForgetController extends Controller {
$title = $tmodel->where('id=1')->select();
$this->assign('title', $title);
$this->display();
}
//验证码
public function verify(){
ob_clean();
$Verify = new \Think\Verify();
$Verify->codeSet = '123456789abcdefghijklmnopqrst';
$Verify->fontSize = 20;
$Verify->length = 4;
$Verify->entry();
}
protected function check_verify($code){
$verify = new \Think\Verify();
return $verify->check($code);
}
//找回密码逻辑
public function find(){
@@ -23,11 +36,11 @@ class ForgetController extends Controller {
$member = M('member');
$email =I('post.email','','email');
$username =I('post.username');
//$code = I('verify','','strtolower');
$code = I('verify','','strtolower');
//验证验证码是否正确
//if(!($this->check_verify($code))){
//$this->error('验证码错误');
//}
if(!($this->check_verify($code))){
$this->error('验证码错误');
}
//验证输入邮箱是否存在
$user = $member->where(array('username'=>$username,'email'=>$email))->find();
@@ -55,7 +68,7 @@ class ForgetController extends Controller {
if(SendMail($email,'找回密码',$con,'应急响应中心')){
$this->success("发送成功",U('login/index'));
}else{
$this->error('账号被禁用 :(') ;
$this->error('密码找回邮件发送失败,请重试 :(') ;
}
}

2
Application/User/Controller/GiftController.class.php
View File

@@ -40,7 +40,7 @@ class GiftController extends BaseController{
$model = D("order");
$model->user_id = 1;
$model->username = 1;
if (!$model->field('username,email,password,repassword,gid')->create()) {
if (!$model->field('username,gid,tel,alipay,realname,location,zipcode')->create()) {
// 如果创建失败 表示验证没有通过 输出错误提示信息
$this->error($model->getError());
exit();

3
Application/User/Controller/IndexController.class.php
View File

@@ -11,15 +11,16 @@ use Think\Controller;
class IndexController extends BaseController {
public function index(){
echo waf('111111');
$id = session('userId');
$tmodel= M('setting');
$gCount = M('links')->count();
$title = $tmodel->where('id=1')->select();
$page = M('post')->where('user_id='.$id)->count();
$user = M('member')->where('id='.$id)->select();
$this->assign('title', $title);
$this->assign('page',$page);
$this->assign('user',$user);
$this->assign('gift',$gCount);
$this->display();
}
}

16
Application/User/Controller/LoginController.class.php
View File

@@ -21,22 +21,23 @@ class LoginController extends Controller {
public function login(){
if(!IS_POST)$this->error("非法请求");
$member = M('member');
$username =I('username');
$password =I('password','','md5');
$username = I('username','','htmlspecialchars');
$password = I('password');
$code = I('verify','','strtolower');
//验证验证码是否正确
if(!($this->check_verify($code))){
$this->error('验证码错误');
}
//验证账号密码是否正确
$user = $member->where(array('username'=>$username,'password'=>$password))->find();
if(!$user) {
$user = $member->where(array('username'=>$username))->find();
if($user['password'] != md5(md5(md5($user['salt']).md5($password)."SR")."CMS")) {
$this->error('账号或密码错误 :(') ;
}
//验证账户是否被禁用
// 验证账户是否被禁用
if($user['status'] == 0){
$this->error('账号被禁用,请联系超级管理员 :(') ;
$this->error('账号被禁用,请联系网站管理员 :(') ;
}
//更新登陆信息
@@ -50,6 +51,7 @@ class LoginController extends Controller {
if($member->save($data)){
session('userId',$user['id']);
session('username',$user['username']);
// session('token',md5(time().$user['salt']));
$this->success("登陆成功",U('Index/index'));
}
//定向之后台主页

68
Application/User/Controller/RegController.class.php
View File

@@ -26,6 +26,20 @@ class RegController extends Controller{
$this->display();
}
//验证码
public function verify(){
ob_clean();
$Verify = new \Think\Verify();
$Verify->codeSet = '123456789abcdefghijklmnopqrst';
$Verify->fontSize = 20;
$Verify->length = 4;
$Verify->entry();
}
protected function check_verify($code){
$verify = new \Think\Verify();
return $verify->check($code);
}
/**
* 添加用户
*/
@@ -37,18 +51,56 @@ class RegController extends Controller{
}
if (IS_POST) {
//如果用户提交数据
$model = D("Member");
if (!$model->field('username,email,password,repassword')->create()) {
// 如果创建失败 表示验证没有通过 输出错误提示信息
$this->error($model->getError());
exit();
} else {
if ($model->add()) {
$data['salt'] = "";
$chars = 'abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ';
for($num=0;$num<8;$num++)
{
$RandNum = rand(0,strlen($chars)-1);
$data['salt'] .= $chars[$RandNum];
}
$data['username'] = I('username');
$data['email']= I('email');
$data['password'] = I('password');
$repassword= I('repassword');
if($data['password'] != $repassword){ $this->error("两次密码不一致!");}
$code = I('verify','','strtolower');
//验证验证码是否正确
if(!($this->check_verify($code))){
$this->error('验证码错误');
}
$data['password'] = md5(md5(md5($data['salt']).md5($data['password'])."SR")."CMS"); //“SR”和“CMS”可修改
$data['create_at']=time();
$model = M("Member");
if ($model->where(array('username'=>$data['username']))->find()){
$this->error('用户名重复');
}
if ($model->where(array('email'=>$data['email']))->find()){
$this->error('邮箱重复');
}
if ($model->field('username,email,salt,password,create_at')->data($data)->add()) {
$user = $model->where(array('username'=>$data['username']))->find();
//更新登陆信息
$date =array(
'id' => $user['id'],
'update_at' => time(),
'login_ip' => get_client_ip(),
);
if($model->save($date)){
session('userId',$user['id']);
session('username',$user['username']);
session('token',md5(time().$user['salt']));
}
$this->success("注册成功", U('index/index'));
} else {
$this->error("注册失败");
}
}
}
}
}

1
Application/User/View/Change/index.html
View File

@@ -23,7 +23,6 @@
<div class="form-group">
<button class="btn btn-success" type="submit">提交</button>
</div>
</form>
</div>
</div>

68
Application/User/View/Forget/index.html
View File

@@ -3,40 +3,47 @@
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<title>应急响应中心</title>
<meta name="generator" content="Bootply" />
<title><foreach name="title" item="v">{$v.value}</foreach>安全应急响应中心</title>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href="__PUBLIC__/Home/css/bootstrap.min.css" rel="stylesheet">
<link href="//netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.min.css" rel="stylesheet">
<link href="__PUBLIC__/Home/index/carousel.css" rel="stylesheet">
<!--[if lt IE 9]>
<script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link href="__PUBLIC__/Home/css/styles.css" rel="stylesheet">
<script src="__PUBLIC__/User/js/jquery-1.10.2.js"></script>
<script>
$(function(){
$(".verify").click(function(){
var src = "{:U('reg/verify')}";
var random = Math.floor(Math.random()*(1000+1));
$(this).attr("src",src+"&random="+random);
});
})
</script>
</head>
<body>
<div class="navbar navbar-fixed-top navbar-bold" data-spy="affix" data-offset-top="1000">
<nav class="navbar navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<a href="__ROOT__/index.php" class="navbar-brand">应急响应中心</a>
<a class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
<span class="yahei sr-only">Toggle navigation</span>
<span class="yahei icon-bar"></span>
<span class="yahei icon-bar"></span>
<span class="yaheiicon-bar"></span>
</button>
<a class="yahei navbar-brand" href="__ROOT__"><strong><foreach name="title" item="v">{$v.value}</foreach></strong>
<span class="yahei navbar-brand-subtitle">安全应急响应中心</span>
</a>
</div>
<div class="navbar-collapse collapse" id="navbar">
<ul class="nav navbar-nav">
<li><a href="{:U('index/index')}">个人中心</a></li>
<!--<li><a href="{:U('post/index')}">漏洞列表</a></li>
<li><a href="{:U('post/add')}">报告漏洞</a></li>
<li><a href="__ROOT__/index.php?m=&c=page&a=index">公告</a></li>
<li><a href="__ROOT__/index.php?m=&c=hall&a=index">贡献榜</a></li>
<li><a href="__ROOT__/index.php?m=&c=gift&a=index">礼品库</a></li>-->
</ul>
<div id="navbar" class="navbar-collapse collapse">
<ul class="yahei nav navbar-nav">
<li class="active"><a href="{:U('index/index')}">个人中心</a></li>
</div>
</div><!--/.navbar-collapse -->
</div>
</div>
</nav>
<div class="gallery">
<div class="row">
@@ -53,6 +60,16 @@
<label>邮箱</label>
<input class="form-control" type="text" name="email" placeholder="请输入邮箱">
</div>
<div class="form-group">
<label for="exampleInputCode"> 验证码</label>
<div class="row" >
<div class="col-md-5 row col-md-offset-0">
<input type="text" name="verify" class="form-control" id="exampleInputCode" placeholder="验证码">
</div>
<div class="col-md-4">
<a href="javascript:void(0)"><img class="verify" src="{:U('forget/verify')}" alt="点击刷新"/></a>
</div>
</div>
<div class="form-group">
<button class="btn btn-success" type="submit" >找回密码</button>
</div>
@@ -73,7 +90,7 @@
<li><i class="icon-pinterest icon-2x"></i></li>
</ul>
<hr>
<p>Copyright © <?php echo date("Y")?></i> at <a href="http://www.bootply.com"> Demo Company.</a>All Rights Reserved</p>
<p>Copyright © <?php echo date("Y")?></i> at <a href=""> Demo Company.</a>All Rights Reserved</p>
<p>演示站点 版权所有</p>
<p>Powered By SRCMS</p>
</div>
@@ -81,15 +98,8 @@
</div>
</footer>
<ul class="nav pull-right scroll-down">
<li><a href="#" title="Scroll down"><i class="icon-chevron-down icon-3x"></i></a></li>
</ul>
<ul class="nav pull-right scroll-top">
<li><a href="#" title="Scroll to top"><i class="icon-chevron-up icon-3x"></i></a></li>
</ul>
<!-- script references -->
<script src="//ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js"></script>
<script src="__PUBLIC__/Home/js/jquery.min.js"></script>
<script src="__PUBLIC__/Home/js/bootstrap.min.js"></script>
<script src="__PUBLIC__/Home/js/scripts.js"></script>
</body>

2
Application/User/View/Gift/add.html
View File

@@ -43,7 +43,7 @@
</foreach>
</div>
<div class="form-group">
<input type="text" name="username" class="form-control" style="display:none; width:50%" value="<?php echo session('username')?>">
<input type="text" name="username" class="form-control" style="display:none; width:50%" value="<?php echo session('userId')?>">
</div>
<button type="submit" class="btn btn-default">提交</button>
</form>

3
Application/User/View/Index/index.html
View File

@@ -7,7 +7,6 @@
<hr style="width:80%" class="col-md-offset-0"/>
<!--<h><strong>尊敬的 <?php echo session('username')?>, 欢迎您进入漏洞报告平台 !</strong></h4>-->
<br/>
<!--<button class="btn btn-default text-align"><a href="{:U('login/logout')}">退出登录</a></button>&nbsp;&nbsp;&nbsp;<button class="btn btn-default text-align"><a href="{:U('change/index')}">修改密码</a></button><br/>-->
<div class="row">
<div class="col-lg-3">
<div class="panel panel-info">
@@ -44,7 +43,7 @@
<i class="fa fa-shopping-cart fa-5x"></i>
</div>
<div class="col-xs-6 text-right">
<p style="font-size:30px">3</p>
<p style="font-size:30px">{$gift}</p>
<p class="announcement-text">礼品</p>
</div>
</div>

2
Application/User/View/Login/index.html
View File

@@ -103,7 +103,7 @@
<!-- script references -->
<script src="//2.srcmsdemo.sinaapp.com/jquery.min.js"></script>
<script src="__PUBLIC__/Home/js/jquery.min.js"></script>
<script src="__PUBLIC__/Home/js/bootstrap.min.js"></script>
<script src="__PUBLIC__/Home/js/scripts.js"></script>
</body>

2
Application/User/View/Post/add.html
View File

@@ -37,7 +37,7 @@
<script type="text/javascript">
var ue = UE.getEditor('post-content',{
toolbars: [
['source', '|','insertimage','attachment','emotion','link','unlink', '|', 'selectall', 'cleardoc'],
['source', '|','simpleupload','emotion','link','unlink', '|', 'selectall', 'cleardoc'],
],
initialFrameHeight:500,
zIndex:100

2
Application/User/View/Public/footer.html
View File

@@ -11,7 +11,7 @@
</footer>
<!-- script references -->
<script src="//2.srcmsdemo.sinaapp.com/jquery.min.js"></script>
<script src="__PUBLIC__/Home/js/jquery.min.js"></script>
<script src="__PUBLIC__/Home/js/bootstrap.min.js"></script>
<script src="__PUBLIC__/Home/js/scripts.js"></script>
</body>

3
Application/User/View/Public/header.html
View File

@@ -8,9 +8,6 @@
<link href="__PUBLIC__/Home/css/bootstrap.min.css" rel="stylesheet">
<link href="__PUBLIC__/User/font-awesome/css/font-awesome.css" rel="stylesheet">
<link href="__PUBLIC__/Home/index/carousel.css" rel="stylesheet">
<!--[if lt IE 9]>
<script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link href="__PUBLIC__/Home/css/styles.css" rel="stylesheet">
</head>
<body>

54
Application/User/View/Reg/index.html
View File

@@ -12,6 +12,7 @@
<script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link href="__PUBLIC__/Home/css/styles.css" rel="stylesheet">
</head>
<body>
<nav class="navbar navbar-default navbar-fixed-top">
@@ -23,7 +24,7 @@
<span class="yahei icon-bar"></span>
<span class="yaheiicon-bar"></span>
</button>
<a class="yahei navbar-brand" href="__ROOT__"><strong><foreach name="title" item="v">{$v.value}</foreach></strong>
<a class="yahei navbar-brand" href="/"><strong><foreach name="title" item="v">{$v.value}</foreach></strong>
<span class="yahei navbar-brand-subtitle">安全应急响应中心</span>
</a>
</div>
@@ -35,20 +36,7 @@
<li><a href="{:U('gift/index')}">礼品兑换</a></li>
<li><a href="{:U('info/index')}">联系方式</a></li>
</ul>
<ul class="yahei nav navbar-nav navbar-right">
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false"><?php echo session('username')?><span class="caret"></span></a>
<ul class="dropdown-menu">
<!--<li><a href="#">Action</a></li>
<li><a href="#">更改密码</a></li>
<li><a href="#">Something else here</a></li>
<li role="separator" class="divider"></li>
<li class="dropdown-header">Nav header</li>-->
<li><a href="{:U('change/index')}">更改密码</a></li>
<li><a href="{:U('login/logout')}">退出登录</a></li>
</ul>
</li>
</ul>
</div>
</div><!--/.navbar-collapse -->
</div>
@@ -77,6 +65,17 @@
<label>确认密码</label>
<input class="form-control" type="password" name="repassword" placeholder="请再次输入密码">
</div>
<div class="form-group">
<label for="exampleInputCode"> 验证码</label>
<div class="row" >
<div class="col-md-5 row col-md-offset-0">
<input type="text" name="verify" class="form-control" id="exampleInputCode" placeholder="验证码">
</div>
<div class="col-md-4">
<a href="javascript:void(0)"><img class="verify" src="{:U('reg/verify')}" alt="点击刷新"/></a>
</div>
</div>
</div>
<div class="form-group">
<button class="btn btn-success" type="submit" >注册</button>
</div>
@@ -87,6 +86,18 @@
</div>
</div>
<script src="__PUBLIC__/User/js/jquery-1.10.2.js"></script>
<script>
$(function(){
$(".verify").click(function(){
var src = "{:U('reg/verify')}";
var random = Math.floor(Math.random()*(1000+1));
$(this).attr("src",src+"&random="+random);
});
})
</script>
<footer>
<div class="container">
<div class="row">
@@ -98,24 +109,17 @@
<li><i class="icon-pinterest icon-2x"></i></li>
</ul>
<hr>
<p>Copyright © <?php echo date("Y")?></i> at <a href="http://www.src.pw"> Demo Company.</a>All Rights Reserved</p>
<p>Copyright © <?php echo date("Y")?></i> at <a href=""> Demo Company.</a>All Rights Reserved</p>
<p>演示站点 版权所有</p>
<p>Powered By SRCMS</p>
</div>
</div>
</div>
</footer>
<ul class="nav pull-right scroll-down">
<li><a href="#" title="Scroll down"><i class="icon-chevron-down icon-3x"></i></a></li>
</ul>
<ul class="nav pull-right scroll-top">
<li><a href="#" title="Scroll to top"><i class="icon-chevron-up icon-3x"></i></a></li>
</ul>
<!-- script references -->
<script src="//ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js"></script>
<script src="__PUBLIC__/Home/js/jquery.min.js"></script>
<script src="__PUBLIC__/Home/js/bootstrap.min.js"></script>
<script src="__PUBLIC__/Home/js/scripts.js"></script>
</body>
</html>

47
DB/srcms.sql
View File

@@ -3,7 +3,7 @@
-- http://www.phpmyadmin.net
--
-- 主机: localhost
-- 生成日期: 2016 年 01 月 26 日 14:02
-- 生成日期: 2016 年 1202 日 12:16
-- 服务器版本: 5.5.40
-- PHP 版本: 5.3.29
@@ -123,7 +123,7 @@ CREATE TABLE IF NOT EXISTS `info` (
--
INSERT INTO `info` (`user_id`, `username`, `realname`, `location`, `tel`, `zipcode`, `alipay`) VALUES
(1, 'admin', '周三&lt;input&gt;', '北京市百度科技大厦', '15176528910', '10092@', ''),
(1, 'user', '王二', '北京大学', '1001', '1@qq.c', '1@qq.com'),
(2, 'admin2', '王二', '江苏', '18712345612', '214000', '1009465@qq.com');
-- --------------------------------------------------------
@@ -145,10 +145,10 @@ CREATE TABLE IF NOT EXISTS `links` (
--
INSERT INTO `links` (`id`, `title`, `url`, `sort`) VALUES
(1, 'iPhone6', 'http://2.srcmsdemo.sinaapp.com/iphone.jpg', 100),
(2, 'iPhone6 Plus', 'http://2.srcmsdemo.sinaapp.com/iphone.jpg', 100),
(3, 'MacBook', 'http://2.srcmsdemo.sinaapp.com/iphone.jpg', 100),
(4, 'MacBook Air', 'http://2.srcmsdemo.sinaapp.com/iphone.jpg', 100);
(1, 'iPhone6', 'http://1.srcms.applinzi.com/iphone.jpg', 100),
(2, 'iPhone6 Plus', 'http://1.srcms.applinzi.com/iphone.jpg', 100),
(3, 'MacBook', 'http://1.srcms.applinzi.com/iphone.jpg', 100),
(4, 'MacBook Air', 'http://1.srcms.applinzi.com/iphone.jpg', 100);
-- --------------------------------------------------------
@@ -172,7 +172,7 @@ CREATE TABLE IF NOT EXISTS `manager` (
--
INSERT INTO `manager` (`id`, `username`, `email`, `password`, `login_ip`, `create_at`, `update_at`) VALUES
(1, 'admin', '100946575@qq.com', '21232f297a57a5a743894a0e4a801fc3', '0.0.0.0', '1453778451', '1453787197');
(1, 'admin', '100946575@qq.com', '21232f297a57a5a743894a0e4a801fc3', '0.0.0.0', '1453778451', '1480648405');
-- --------------------------------------------------------
@@ -184,6 +184,7 @@ CREATE TABLE IF NOT EXISTS `member` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(20) DEFAULT NULL,
`email` varchar(100) DEFAULT NULL,
`salt` varchar(9) NOT NULL,
`password` varchar(32) DEFAULT NULL,
`avatar` varchar(255) DEFAULT NULL COMMENT '头像',
`create_at` varchar(11) DEFAULT '0',
@@ -214,7 +215,14 @@ CREATE TABLE IF NOT EXISTS `order` (
`gid` varchar(100) NOT NULL,
`finish` int(2) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=2 ;
--
-- 转存表中的数据 `order`
--
INSERT INTO `order` (`id`, `username`, `realname`, `zipcode`, `location`, `tel`, `alipay`, `gid`, `finish`) VALUES
(1, '1', '王二', '1@qq.c', '北京大学', 1001, '1@qq.com', 'iPhone6', 1);
-- --------------------------------------------------------
@@ -256,10 +264,20 @@ CREATE TABLE IF NOT EXISTS `post` (
`user_id` int(11) DEFAULT NULL,
`rank` tinyint(1) NOT NULL,
`type` tinyint(1) DEFAULT '1' COMMENT '1:普通,2:置顶,3:热门,4:推荐',
`visible` int(2) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`),
KEY `cate_id` (`cate_id`),
KEY `user_id` (`user_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=4 ;
--
-- 转存表中的数据 `post`
--
INSERT INTO `post` (`id`, `session`, `title`, `content`, `advise`, `time`, `day`, `cate_id`, `user_id`, `rank`, `type`, `visible`) VALUES
(1, '4a5e3249c99651c', '漏洞漏洞', '&lt;p&gt;漏洞啊&lt;/p&gt;', '修补啊', '1453799758', 3, 6, 1, 4, 1, 1),
(2, '43eb5b1522075c3', '漏洞2', '&lt;p&gt;漏洞2&lt;/p&gt;', '', '1454464294', 1, 6, 1, 4, 1, 0),
(3, '44070a764435658', '漏洞3', '&lt;p&gt;漏洞3&lt;br/&gt;&lt;/p&gt;', '', '1454474524', 0, 13, 1, 0, 1, 0);
-- --------------------------------------------------------
@@ -274,19 +292,18 @@ CREATE TABLE IF NOT EXISTS `setting` (
`description` varchar(255) DEFAULT NULL,
PRIMARY KEY (`id`),
KEY `key` (`key`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=7 ;
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=6 ;
--
-- 转存表中的数据 `setting`
--
INSERT INTO `setting` (`id`, `key`, `value`, `description`) VALUES
(1, 'site-name', 'SRCMS·轻响应', '站点名'),
(2, 'site-keywords', '关键词1,关键词2', '关键词'),
(3, 'site-description', '站点描述信息', '站点描述'),
(1, 'sitename', 'SRCMS·轻响应', '站点名'),
(2, 'houtaiqq', '1009465756', '安全工单QQ'),
(3, 'kefuqq', '1009465756', '前台客服QQ'),
(4, 'site-tongji', '&lt;script&gt; console.log(&quot;统计代码&quot;)&lt;/script&gt;', '统计代码'),
(5, 'site-icp', '示ICP证 100000号', 'ICP备案号'),
(6, 'site-url', 'http://www.src.pw', '站点地址');
(5, 'site-introduce', '<p >华软安全应急响应中心HR Security Response Center是轻响应致力于维护华软内网健康生态环境保障内务产品和网络的信息安全促进同学们的合作与交流而建立的漏洞收集及应急响应平台。本平台收集华软产品线及业务上存在的安全漏洞同时我们也希望借此平台加强同学们的网络安全意识共同打造简单可信赖的华软内网健康生态。</p>', '站点介绍');
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;

BIN
Public/Home/images/iphone.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.4 KiB

6
Public/Home/js/jquery.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

2
admin.php
View File

@@ -18,7 +18,7 @@ if(version_compare(PHP_VERSION,'5.3.0','<')) die('require PHP > 5.3.0 !');
define('BIND_MODULE','Admin');
// 开启调试模式 建议开发阶段开启 部署阶段注释或者设为false
define('APP_DEBUG',False);
define('APP_DEBUG',True);
// 定义应用目录
define('APP_PATH','./Application/');