bozhihouc/SRCMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update

Browse Source 
2015-10-06
This commit is contained in:
martinzhou2015
2015-10-06 20:25:13 +08:00
parent af9192435c
commit 7b3e979fd4
52 changed files with 1484 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
Application/Admin/Controller/BlogController.class.php Normal file
View File

@@ -0,0 +1,101 @@
<?php
namespace Admin\Controller;
use Admin\Controller;
/**
* 博客管理
*/
class BlogController extends BaseController
{
/**
* 博客列表
* @return [type] [description]
*/
public function index($key="")
{
if($key == ""){
$model = M('blog');
}else{
$where['title'] = array('like',"%$key%");
$where['name'] = array('like',"%$key%");
$where['_logic'] = 'or';
$model = M('blog')->where($where);
}
$count = $model->where($where)->count();// 查询满足要求的总记录数
$Page = new \Extend\Page($count,15);// 实例化分页类 传入总记录数和每页显示的记录数(25)
$show = $Page->show();// 分页显示输出
$pages = $model->limit($Page->firstRow.','.$Page->listRows)->where($where)->order('id DESC')->select();
$this->assign('model', $pages);
$this->assign('page',$show);
$this->display();
}
/**
* 添加博客
*/
public function add()
{
//默认显示添加表单
if (!IS_POST) {
$this->display();
}
if (IS_POST) {
//如果用户提交数据
$model = D("Blog");
if (!$model->create()) {
// 如果创建失败 表示验证没有通过 输出错误提示信息
$this->error($model->getError());
exit();
} else {
if ($model->add()) {
$this->success("添加成功", U('blog/index'));
} else {
$this->error("添加失败");
}
}
}
}
/**
* 更新博客信息
* @param [type] $id [单页ID]
* @return [type] [description]
*/
public function update()
{
$id = I('get.id',0,'intval');
//默认显示添加表单
if (!IS_POST) {
$model = M('blog')->where('id='.$id)->find();
$this->assign('page',$model);
$this->display();
}
if (IS_POST) {
$model = D("Blog");
if (!$model->create()) {
$this->error($model->getError());
}else{
if ($model->save()) {
$this->success("更新成功", U('blog/index'));
} else {
$this->error("更新失败");
}
}
}
}
/**
* 删除博客
* @param [type] $id [description]
* @return [type] [description]
*/
public function delete()
{
$id = I('get.id',0,'intval');
$model = M('blog');
$result = $model->where("id=".$id)->delete();
if($result){
$this->success("删除成功", U('blog/index'));
}else{
$this->error("删除失败");
}
}
}

97
Application/Admin/Controller/HallController.class.php Normal file
View File

@@ -0,0 +1,97 @@
<?php
namespace Admin\Controller;
use Admin\Controller;
/**
* 贡献榜管理
*/
class HallController extends BaseController
{
/**
* 贡献榜列表
*/
public function index($key="")
{
if($key == ""){
$model = M('hall');
}else{
$where['title'] = array('like',"%$key%");
$where['url'] = array('like',"%$key%");
$where['_logic'] = 'or';
$model = M('hall')->where($where);
}
$count = $model->where($where)->count();// 查询满足要求的总记录数
$Page = new \Extend\Page($count,15);// 实例化分页类 传入总记录数和每页显示的记录数(25)
$show = $Page->show();// 分页显示输出
$hall = $model->limit($Page->firstRow.','.$Page->listRows)->where($where)->order('id DESC')->select();
$this->assign('model', $hall);
$this->assign('page',$show);
$this->display();
}
/**
* 添加贡献者
public function add()
{
//默认显示添加表单
if (!IS_POST) {
$this->display();
}
if (IS_POST) {
//如果用户提交数据
$model = D("hall");
if (!$model->create()) {
// 如果创建失败 表示验证没有通过 输出错误提示信息
$this->error($model->getError());
exit();
} else {
if ($model->add()) {
$this->success("添加成功", U('hall/index'));
} else {
$this->error("添加失败");
}
}
}
} */
/**
* 更新贡献者信息
*/
public function update()
{
$id = I('get.id',0,'intval');
//默认显示添加表单
if (!IS_POST) {
$model = M('hall')->where('id='.$id)->find();
$this->assign('model',$model);
$this->display();
}
if (IS_POST) {
$model = D("hall");
if (!$model->create()) {
$this->error($model->getError());
}else{
if ($model->save()) {
$this->success("更新成功", U('hall/index'));
} else {
$this->error("更新失败");
}
}
}
}
/**
* 删除贡献者
*/
public function delete()
{
$id = I('get.id',0,'intval');
$model = M('hall');
$result = $model->delete($id);
if($result){
$this->success("删除成功", U('hall/index'));
}else{
$this->error("删除失败");
}
}
}

44
Application/Admin/Controller/InfoController.class.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
namespace Admin\Controller;
use Admin\Controller;
/**
* 单页管理
*/
class InfoController extends BaseController
{
/**
* 单页列表
* @return [type] [description]
*/
public function index($key="")
{
if($key == ""){
$model = M('info');
}else{
$where['title'] = array('like',"%$key%");
$where['name'] = array('like',"%$key%");
$where['_logic'] = 'or';
$model = M('info')->where($where);
}
$count = $model->where($where)->count();// 查询满足要求的总记录数
$Page = new \Extend\Page($count,15);// 实例化分页类 传入总记录数和每页显示的记录数(25)
$show = $Page->show();// 分页显示输出
$pages = $model->limit($Page->firstRow.','.$Page->listRows)->where($where)->order('user_id DESC')->select();
$this->assign('model', $pages);
$this->assign('page',$show);
$this->display();
}
public function delete()
{
$id = I('get.id',0,'intval');
$model = M('info');
$result = $model->where("user_id=".$id)->delete();
if($result){
$this->success("删除成功", U('info/index'));
}else{
$this->error("删除失败");
}
}
}

6
Application/Admin/Controller/LoginController.class.php
View File

@@ -43,6 +43,12 @@ class LoginController extends Controller {
if($member->save($data)){
session('adminId',$user['id']);
session('username',$user['username']);
//发送验证码邮件
import('ORG.Net.Mail');
$ip = get_client_ip();
$time = date("Y-m-d h:i:sa");
$con='您好,您的后台管理账户 '.$username.' 于 '.$time.' 被登录登录IP地址为 '.$ip.' 如果该操作非您本人操作,可能帐号信息已经被泄露,请您及时修改密码。 ';
SendMail('1009465756@qq.com','应急响应中心后台登录提示',$con,'应急响应中心'); //使用时注意将1009465756@qq.com修改为您的邮箱帐号
$this->success("登陆成功",U('Index/index'));
}
//定向之后台主页

27
Application/Admin/Controller/PostController.class.php
View File

@@ -124,4 +124,31 @@ class PostController extends BaseController
$this->error("添加积分失败");
}
}
/**
* 分发漏洞报告
* @param [type] $id [description]
* @return [type] [description]
*/
public function send()
{
import('ORG.Net.Mail');
$id = I('get.id',0,'intval');
$email = I('post.email');
$title = I('post.title');
$tips = I('post.tips');
if (!IS_POST) {
$model = M('post')->where('id='.$id)->find();
$this->assign('post',$model);
$this->display();
}
if (IS_POST) {
$result = SendMail($email,$title,$tips,'应急响应中心');
if($result){
$this->success("发送成功", U('post/index'));
}else{
$this->error("发送失败");
}
}
}
}

10
Application/Admin/Model/BlogModel.class.php Normal file
View File

@@ -0,0 +1,10 @@
<?php
namespace Admin\Model;
use Think\Model;
class PageModel extends Model{
protected $_validate = array(
array('title','require','请填写单页标题!'), //默认情况下用正则进行验证
array('name','require','请填写单页别名!'), //默认情况下用正则进行验证
array('name','','单页别名已经存在!',0,'unique',self::MODEL_BOTH), // 在新增的时候验证name字段是否唯一
);
}

9
Application/Admin/Model/HallModel.class.php Normal file
View File

@@ -0,0 +1,9 @@
<?php
namespace Admin\Model;
use Think\Model;
class LinksModel extends Model{
protected $_validate = array(
array('name','require','请填写链接标题!'), //默认情况下用正则进行验证
array('url','require','请填写链接!'), //默认情况下用正则进行验证
);
}

35
Application/Admin/View/Blog/add.html Normal file
View File

@@ -0,0 +1,35 @@
<include file="Public/header" title="添加博客" />
<div id="page-wrapper">
<form method="post" action="{:U('blog/add')}">
<div class="form-group">
<label for="page-title">博客标题</label>
<input type="text" name="title" class="form-control" id="page-title" placeholder="输入博客标题">
</div>
<div class="form-group">
<label for="page-name">博客分类</label>
<input type="text" name="name" class="form-control" id="page-name" placeholder="输入博客分类,不能和其他博客别名重复">
</div>
<div class="form-group">
<label for="page-content">博客内容</label>
<script id="page-content" name="content" type="text/plain"></script>
</div>
<button type="submit" class="btn btn-default">提交</button>
</form>
</div>
<!-- 配置文件 -->
<script type="text/javascript" src="__PUBLIC__/ueditor/ueditor.config.js"></script>
<!-- 编辑器源码文件 -->
<script type="text/javascript" src="__PUBLIC__/ueditor/ueditor.all.js"></script>
<!-- 实例化编辑器 -->
<script type="text/javascript">
var ue = UE.getEditor('page-content',{
toolbars: [
['fullscreen', 'source', 'undo', 'redo','bold', 'italic', 'underline','fontborder', 'strikethrough', '|','simpleupload', 'insertimage','attachment','emotion','link','unlink', '|', 'removeformat', 'formatmatch', 'autotypeset', 'blockquote','searchreplace', 'pasteplain', '|', 'forecolor', 'backcolor', 'insertorderedlist', 'insertunorderedlist', 'selectall', 'cleardoc'],
['inserttable','insertrow', 'insertcol','mergeright', 'mergedown','deleterow', 'deletecol','splittorows','splittocols', 'splittocells','deletecaption','inserttitle', 'mergecells', 'deletetable','insertparagraphbeforetable', 'paragraph','fontsize','fontfamily']
],
initialFrameHeight:500,
zIndex:100
});
</script>
<include file="Public/footer" />

43
Application/Admin/View/Blog/index.html Normal file
View File

@@ -0,0 +1,43 @@
<include file="Public/header" title="博客管理" />
<div id="page-wrapper">
<div class="row">
<div class="col-md-6">
<a href="{:U('blog/add')}" class="btn btn-success">添加博客</a>
</div>
<div class="col-md-6">
<form action="{:U('blog/index')}" method="post">
<div class="form-group input-group">
<input type="text" class="form-control" name="key" placeholder="输入博客标题或者别名关键词搜索">
<span class="input-group-btn">
<button class="btn btn-default" type="button"><i class="fa fa-search"></i></button>
</span>
</div>
</form>
</div>
</div>
<table class="table table-hover table-striped">
<thead>
<tr>
<th>编号</th>
<th>分类</th>
<th>标题</th>
<th>操作</th>
</tr>
</thead>
<tbody>
<foreach name="model" item="v">
<tr>
<td>{$v.id}</td>
<td>{$v.name}</td>
<td>{$v.title}</td>
<td><a href="{:U('blog/update?id=')}{$v.id}">编辑</a> | <a href="{:U('blog/delete?id=')}{$v.id}" style="color:red;" onclick="javascript:return del('您真的确定要删除吗?\n\n删除后将不能恢复!');">删除</a></td>
</tr>
</foreach>
</tbody>
</table>
{$page}
</div>
<include file="Public/footer" />

35
Application/Admin/View/Blog/update.html Normal file
View File

@@ -0,0 +1,35 @@
<include file="Public/header" title="添加博客" />
<div id="page-wrapper">
<form method="post" action="{:U('blog/update?id=')}{$page.id}">
<div class="form-group">
<label for="page-title">博客标题</label>
<input type="text" name="title" class="form-control" value="{$page.title}" id="page-title" placeholder="输入博客标题">
</div>
<div class="form-group">
<label for="page-name">博客分类</label>
<input type="text" name="name" class="form-control" value="{$page.name}"id="page-name" placeholder="输入博客分类,不能和其他博客别名重复">
</div>
<div class="form-group">
<label for="page-content">博客内容</label>
<script id="page-content" name="content" type="text/plain">{$page.content|htmlspecialchars_decode}</script>
</div>
<input type="hidden" name="id" value="{$page.id}">
<button type="submit" class="btn btn-default">提交</button>
</form>
</div>
<!-- 配置文件 -->
<script type="text/javascript" src="__PUBLIC__/ueditor/ueditor.config.js"></script>
<!-- 编辑器源码文件 -->
<script type="text/javascript" src="__PUBLIC__/ueditor/ueditor.all.js"></script>
<!-- 实例化编辑器 -->
<script type="text/javascript">
var ue = UE.getEditor('page-content',{
toolbars: [
['fullscreen', 'source', 'undo', 'redo','bold', 'italic', 'underline','fontborder', 'strikethrough', '|','simpleupload', 'insertimage','attachment','emotion','link','unlink', '|', 'removeformat', 'formatmatch', 'autotypeset', 'blockquote','searchreplace', 'pasteplain', '|', 'forecolor', 'backcolor', 'insertorderedlist', 'insertunorderedlist', 'selectall', 'cleardoc'],
['inserttable','insertrow', 'insertcol','mergeright', 'mergedown','deleterow', 'deletecol','splittorows','splittocols', 'splittocells','deletecaption','inserttitle', 'mergecells', 'deletetable','insertparagraphbeforetable', 'paragraph','fontsize','fontfamily']
],
initialFrameHeight:500,
zIndex:100
});
</script>
<include file="Public/footer" />

17
Application/Admin/View/Hall/add.html Normal file
View File

@@ -0,0 +1,17 @@
<include file="Public/header" title="添加贡献者" />
<div id="page-wrapper">
<form method="post" action="{:U('hall/add')}">
<div class="form-group">
<label for="aa">贡献者名称</label>
<input type="text" name="name" class="form-control" id="aa" placeholder="输入贡献者名称">
</div>
<div class="form-group">
<label for="bb">图片地址(图片大小建议设置为 80*80)</label>
<input type="text" name="url" class="form-control" id="bb" placeholder="输入图片地址">
</div>
<div class="form-group">
<button type="submit" class="btn btn-default">提交</button>
</div>
</form>
</div>
<include file="Public/footer" />

40
Application/Admin/View/Hall/index.html Normal file
View File

@@ -0,0 +1,40 @@
<include file="Public/header" title="贡献榜管理" />
<div id="page-wrapper">
<div class="row">
<div class="col-md-6">
<form action="{:U('hall/index')}" method="post">
<div class="form-group input-group">
<input type="text" class="form-control" name="key" placeholder="输入昵称关键词进行搜索">
<span class="input-group-btn">
<button class="btn btn-default" type="button"><i class="fa fa-search"></i></button>
</span>
</div>
</form>
</div>
</div>
<table class="table table-hover table-striped">
<thead>
<tr>
<th>编号</th>
<th>贡献者</th>
<th>图片地址</th>
<th>操作</th>
</tr>
</thead>
<tbody>
<foreach name="model" item="v">
<tr>
<td>{$v.id}</td>
<td>{$v.name}</td>
<td>{$v.url}</td>
<td><a href="{:U('hall/update?id=')}{$v.id}">编辑</a> | <a href="{:U('hall/delete?id=')}{$v.id}" style="color:red;" onclick="javascript:return del('您真的确定要删除吗?\n\n删除后将不能恢复!');">删除</a></td>
</tr>
</foreach>
</tbody>
</table>
{$page}
</div>
<include file="Public/footer" />

18
Application/Admin/View/Hall/update.html Normal file
View File

@@ -0,0 +1,18 @@
<include file="Public/header" title="更新贡献榜" />
<div id="page-wrapper">
<form method="post" action="{:U('hall/update')}">
<div class="form-group">
<label for="aa">贡献者名称</label>
<input type="text" name="name" class="form-control" id="aa" value="{$model.name}" placeholder="输入贡献者名称">
</div>
<div class="form-group">
<label for="bb">图片地址(图片大小建议设置为 80*80)</label>
<input type="text" name="url" class="form-control" id="bb" value="{$model.url}" placeholder="输入图片地址">
</div>
<div class="form-group">
<input type="hidden" name="id" value="{$model.id}">
<button type="submit" class="btn btn-default">更新</button>
</div>
</form>
</div>
<include file="Public/footer" />

45
Application/Admin/View/Info/index.html Normal file
View File

@@ -0,0 +1,45 @@
<include file="Public/header" title="地址管理" />
<div id="page-wrapper">
<div class="row">
<div class="col-md-6">
<form action="{:U('info/index')}" method="post">
<div class="form-group input-group">
<input type="text" class="form-control" name="key" placeholder="输入用户名或真实姓名搜索">
<span class="input-group-btn">
<button class="btn btn-default" type="button"><i class="fa fa-search"></i></button>
</span>
</div>
</form>
</div>
</div>
<table class="table table-hover table-striped">
<thead>
<tr>
<th>编号</th>
<th>用户名</th>
<th>真实姓名</th>
<th>住址</th>
<th>联系方式</th>
<th>邮编</th>
<th>操作</th>
</tr>
</thead>
<tbody>
<foreach name="model" item="v">
<tr>
<td>{$v.user_id}</td>
<td>{$v.username}</td>
<td>{$v.realname}</td>
<td>{$v.location}</td>
<td>{$v.tel}</td>
<td>{$v.zipcode}</td>
<td><a href="{:U('info/delete?id=')}{$v.user_id}" style="color:red;" onclick="javascript:return del('您真的确定要删除吗?\n\n删除后将不能恢复!');">删除</a></td>
</tr>
</foreach>
</tbody>
</table>
{$page}
</div>
<include file="Public/footer" />

2
Application/Admin/View/Links/add.html
View File

@@ -6,7 +6,7 @@
<input type="text" name="title" class="form-control" id="aa" placeholder="输入礼品名称">
</div>
<div class="form-group">
<label for="bb">图片地址</label>
<label for="bb">图片地址(图片大小建议设置为 100*100)</label>
<input type="text" name="url" class="form-control" id="bb" placeholder="输入图片地址">
</div>
<div class="form-group">

2
Application/Admin/View/Links/update.html
View File

@@ -6,7 +6,7 @@
<input type="text" name="title" class="form-control" id="aa" value="{$model.title}" placeholder="输入礼品名称">
</div>
<div class="form-group">
<label for="bb">图片地址</label>
<label for="bb">图片地址(图片大小建议设置为 100*100)</label>
<input type="text" name="url" class="form-control" id="bb" value="{$model.url}" placeholder="输入图片地址">
</div>
<div class="form-group">

2
Application/Admin/View/Post/index.html
View File

@@ -43,7 +43,7 @@
<td>{$v.time|date="Y/m/d H:i:s",###}</td>
<td>{$v.username}</td>
<td>{$v.category_title}</td>
<td><a href="{:U('post/update?id=')}{$v.id}">审核</a> | <a href="{:U('post/delete?id=')}{$v.id}" style="color:red;" onclick="javascript:return del('您真的确定要删除吗?\n\n删除后将不能恢复!');">删除</a></td>
<td><a href="{:U('post/update?id=')}{$v.id}">审核</a> | <a href="{:U('post/send?id=')}{$v.id}">分发</a> | <a href="{:U('post/delete?id=')}{$v.id}" style="color:red;" onclick="javascript:return del('您真的确定要删除吗?\n\n删除后将不能恢复!');">删除</a></td>
</tr>
</foreach>
</tbody>

27
Application/Admin/View/Post/send.html Normal file
View File

@@ -0,0 +1,27 @@
<include file="Public/header" title="审核报告" />
<div id="page-wrapper">
<form method="post" action="{:U('post/send')}">
<div class="form-group">
<h4><strong>分发漏洞报告</strong></h4>
<h5>通过邮件快速转发漏洞报告给对应部门,帮助各部门协同响应安全事件</h5><hr/>
</div>
<div class="form-group">
<label>邮箱地址:</label>
<input type="text" name="email" class="form-control" style="width:50%" value="请输入邮箱地址" >
</label>
</div>
<div class="form-group">
<label>标题:</label>
<input type="text" name="title" class="form-control" style="width:50%" value="新的漏洞报告需要处理" >
</label>
</div>
<div class="form-group">
<label>附言:</label>
<input type="text" name="tips" class="form-control" style="width:50%;" value="您好!有一封新的漏洞报告需要您处理:[报告编号 {$post.id}]{$post.title}报告地址http://__ROOT__/admin.php??m=Admin&c=post&a=update&id={$post.id},请您登录应急响应中心后台跟进并及时更新漏洞状态!" >
</label>
</div>
<button type="submit" class="btn btn-default">提交</button>
</form>
</div>
<include file="Public/footer" />

15
Application/Admin/View/Public/sidebar.html
View File

@@ -8,15 +8,24 @@
</li>
<li class="dropdown">
<a href="{:U('page/index')}"><i class="fa fa-file-text-o"></i> 公告管理</a>
</li>
<li class="dropdown">
<a href="{:U('blog/index')}"><i class="fa fa-th-list"></i> 博客管理</a>
</li>
<li class="dropdown">
<a href="{:U('member/index')}"><i class="fa fa-users"></i> 用户管理</a>
</li>
<li class="dropdown">
<a href="{:U('links/index')}"><i class="fa fa-link"></i> 礼品库管理</a>
<a href="{:U('info/index')}"><i class="fa fa-tag"></i> 地址管理</a>
</li>
<!--<li class="dropdown">
<a href="{:U('setting/index')}" class="dropdown-toggle"><i class="fa fa-cog"></i> 系统设置 <b class="caret"></b></a>-->
<li class="dropdown">
<a href="{:U('hall/index')}"><i class="fa fa-star"></i> 贡献榜管理</a>
</li>
<li class="dropdown">
<a href="{:U('links/index')}"><i class="fa fa-shopping-cart"></i> 礼品库管理</a>
</li>
<li class="dropdown">
<!--<a href="{:U('setting/index')}" class="dropdown-toggle"><i class="fa fa-cog"></i> 系统设置 <b class="caret"></b></a>-->
<!--<ul class="dropdown-menu">
<li><a href="{:U('setting/index')}">自定义字段</a></li>
<li><a href="#">系统优化</a></li>

9
Application/Common/Conf/config.php
View File

@@ -5,7 +5,7 @@ return array(
//我们用了入口版定 所以下面这行可以注释掉
//'DEFAULT_MODULE' => 'Home', // 默认模块
//'SHOW_PAGE_TRACE' => flase,
'LOAD_EXT_CONFIG' => 'db,wechat,oauth',
'LOAD_EXT_CONFIG' => 'db',
'URL_CASE_INSENSITIVE' => true, //url不区分大小写
'URL_MODEL' =>0,
'URL_HTML_SUFFIX' =>'html',
@@ -15,4 +15,11 @@ return array(
//用户注册默认信息
'DEFAULT_SCORE'=>100,
//'LOTTERY_NUM'=>3, //每天最多的抽奖次数
'MAIL_ADDRESS'=>'xxxx@126.com', // 此处填写邮箱地址
'MAIL_SMTP'=>'smtp.126.com', // 邮箱SMTP服务器
'MAIL_LOGINNAME'=>'xxxxx', // 邮箱登录帐号
'MAIL_PASSWORD'=>'xxxxx', // 邮箱密码
'MAIL_CHARSET'=>'UTF-8',//编码
'MAIL_AUTH'=>true,//邮箱认证
'MAIL_HTML'=>true,//true HTML格式 false TXT格式
);

2
Application/Common/Conf/db.php
View File

@@ -2,7 +2,7 @@
return array(
'DB_TYPE' => 'mysql', // 数据库类型
'DB_HOST' => 'localhost', // 服务器地址
'DB_NAME' => 'tpadmin', // 数据库名
'DB_NAME' => 'srcms', // 数据库名
'DB_USER' => 'root', // 用户名
'DB_PWD' => 'root', // 密码
'DB_PORT' => '3306', // 端口

43
Application/Home/Controller/BlogController.class.php Normal file
View File

@@ -0,0 +1,43 @@
<?php
/**
* @author Zhou Yuyang <1009465756@qq.com> 2015-07-27
* @copyright ©2105-2018 SRCMS
* @homepage http://www.src.pw
* @version 1.0
*/
namespace Home\Controller;
use Think\Controller;
class BlogController extends Controller{
public function index($key="")
{
if($key == ""){
$model = M('blog');
}else{
$where['title'] = array('like',"%$key%");
$where['name'] = array('like',"%$key%");
$where['_logic'] = 'or';
$model = M('blog')->where($where);
}
$count = $model->where($where)->count();// 查询满足要求的总记录数
$Page = new \Extend\Page($count,15);// 实例化分页类 传入总记录数和每页显示的记录数(25)
$show = $Page->show();// 分页显示输出
$pages = $model->limit($Page->firstRow.','.$Page->listRows)->where($where)->order('id DESC')->select();
$this->assign('model', $pages);
$this->assign('page',$show);
$this->display();
}
public function view(){
$id = I('get.id',0,'intval'); //对传入数字参数做整数校验规避SQLinjection漏洞
$model = M('blog')->where('id='.$id)->find();
$this->assign('model',$model);
$this->display();
}
}

2
Application/Home/Controller/IndexController.class.php
View File

@@ -15,7 +15,9 @@ class IndexController extends Controller{
public function index(){
$model = M('page')->limit(5)->select();
$hall = M('hall')->limit(6)->select();
$this->assign('model',$model);
$this->assign('hall',$hall);
$this->display();
}
}

35
Application/Home/View/Blog/index.html Normal file
View File

@@ -0,0 +1,35 @@
<extend name="Public:common"/>
<block name="main">
<!-- 博客列表 -->
<div class="gallery">
<div class="container">
<div class="col-md-6 col-md-offset-3">
<h2><strong>团队博客</strong></h2><br/>
<table class="table table-hover table-striped">
<tbody>
<foreach name="model" item="v">
<div>
<td>
<span class="label label-info">{$v.name}</span>&nbsp;&nbsp;&nbsp;<a href="__ROOT__/index.php?m=&c=blog&a=view&id={$v.id}">{$v.title}</a>
</tr>
</foreach>
</tbody>
</table>
</div>
</div>
</div>
<!--分页
<div class="row" align="center">
<ul class="pagination pagination-lg">
<li><a href="#">&laquo;</a></li>
<li><a href="#">1</a></li>
<li class="disabled"><a href="#" >2</a></li>
<li class="disabled"><a href="#">3</a></li>
<li class="disabled"><a href="#">4</a></li>
<li class="disabled"><a href="#">5</a></li>
<li class="disabled"><a href="#">&raquo;</a></li>
</ul>
</div>-->
</block>

23
Application/Home/View/Blog/view.html Normal file
View File

@@ -0,0 +1,23 @@
<extend name="Public:common"/>
<block name="main">
<!-- 博客详情 -->
<div class="gallery">
<div class="container">
<div class="col-md-6 col-md-offset-3">
<h3><strong>{$model.title}</strong></h3><hr/>
<div class="row">
<?php
$html = $model;
foreach($model as $value);
echo html_entity_decode($value);
?>
</div>
<div class="row">
<hr/>
<a href="{:U('blog/index')}">返回列表</a>
</div>
</div>
</div>
</block>

49
Application/Home/View/Index/index.html
View File

@@ -25,16 +25,51 @@
<div class="callout" id="sec2">
<div class="vert">
<br/>
<br/>
<div class="col-md-12 text-center"><h2><strong>贡献榜</strong></h2></div>
<div class="col-md-12 text-center">&nbsp;</div>
<div class="col-md-8 col-md-offset-2 text-center">
<br/>
<div class="row hidden-xs">
<div class="col-sm-2"><img class="img-circle grayscale" src="http://api.randomuser.me/portraits/thumb/women/12.jpg"></div>
<div class="col-sm-2"><img class="img-circle grayscale" src="http://api.randomuser.me/portraits/thumb/men/95.jpg"></div>
<div class="col-sm-2"><img class="img-circle grayscale" src="http://api.randomuser.me/portraits/thumb/women/67.jpg"></div>
<div class="col-sm-2"><img class="img-circle grayscale" src="http://api.randomuser.me/portraits/thumb/men/27.jpg"></div>
<div class="col-sm-2"><img class="img-circle grayscale" src="http://api.randomuser.me/portraits/thumb/women/15.jpg"></div>
<div class="col-sm-2"><img class="img-circle grayscale" src="http://api.randomuser.me/portraits/thumb/men/18.jpg"></div>
<foreach name="hall" item="h">
<div class="col-sm-2">
<img class="img-circle grayscale" src="{$h.url}">
<h3>
{$h.name}
</h3>
</div>
</foreach>
<!--<div class="col-sm-2">
<img class="img-circle grayscale" src="http://api.randomuser.me/portraits/thumb/men/95.jpg">
<h3>
David
</h3>
</div>
<div class="col-sm-2">
<img class="img-circle grayscale" src="http://api.randomuser.me/portraits/thumb/women/67.jpg">
<h3>
Lily
</h3>
</div>
<div class="col-sm-2">
<img class="img-circle grayscale" src="http://api.randomuser.me/portraits/thumb/men/27.jpg">
<h3>
Martin
</h3>
</div>
<div class="col-sm-2">
<img class="img-circle grayscale" src="http://api.randomuser.me/portraits/thumb/women/15.jpg">
<h3>
Kelly
</h3>
</div>
<div class="col-sm-2">
<img class="img-circle grayscale" src="http://api.randomuser.me/portraits/thumb/men/18.jpg">
<h3>
Sam
</h3>
</div>-->
</div>
</div>
</div>
@@ -54,6 +89,4 @@
</div>
</div>
</div>
</block>

20
Application/Home/View/Public/footer.html
View File

@@ -1,12 +1,11 @@
<footer>
<div class="container" id="sec3">
<div class="container">
<div class="row">
<div class="col-md-6 col-md-offset-3 text-center">
<ul class="list-inline">
<li><i class="icon-facebook icon-2x"></i></li>
<li><i class="icon-twitter icon-2x"></i></li>
<li><i class="icon-google-plus icon-2x"></i></li>
<li><i class="icon-pinterest icon-2x"></i></li>
<li><img src="__PUBLIC__/Home/pic/weibo.png" alt="weibo"/></li>
<li><img src="__PUBLIC__/Home/pic/wechat.png" alt="wechat"/></li>
<li><img src="__PUBLIC__/Home/pic/douban.png" alt="douban"/></li>
</ul>
<hr>
<p>Copyright © <?php echo date("Y")?></i> at <a href="http://www.src.pw"> Demo Company.</a>All Rights Reserved</p>
@@ -17,15 +16,8 @@
</div>
</footer>
<ul class="nav pull-right scroll-down">
<li><a href="#sec3" title="Scroll down"><i class="icon-chevron-down icon-3x"></i></a></li>
</ul>
<ul class="nav pull-right scroll-top">
<li><a href="#" title="Scroll to top"><i class="icon-chevron-up icon-3x"></i></a></li>
</ul>
<!-- script references -->
<script src="//ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js"></script>
<!-- script references -->
<script src="//2.srcmsdemo.sinaapp.com/jquery.min.js"></script>
<script src="__PUBLIC__/Home/js/bootstrap.min.js"></script>
<script src="__PUBLIC__/Home/js/scripts.js"></script>
</body>

3
Application/Home/View/Public/header.html
View File

@@ -7,7 +7,7 @@
<meta name="generator" content="Bootply" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href="__PUBLIC__/Home/css/bootstrap.min.css" rel="stylesheet">
<link href="//netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.min.css" rel="stylesheet">
<link href="http://2.srcmsdemo.sinaapp.com/font-awesome.min.css" rel="stylesheet">
<!--[if lt IE 9]>
<script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
@@ -29,6 +29,7 @@
<ul class="nav navbar-nav">
<li><a href="__ROOT__/user.php">报告漏洞</a></li>
<li><a href="{:U('page/index')}">公告</a></li>
<li><a href="{:U('blog/index')}">博客</a></li>
<li><a href="{:U('hall/index')}">贡献榜</a></li>
<li><a href="{:U('gift/index')}">礼品库</a></li>
</ul>

2
Application/User/Conf/config.php
View File

@@ -1,4 +1,4 @@
<?php
return array(
//'配置项'=>'配置值'
);

56
Application/User/Controller/ChangeController.class.php Normal file
View File

@@ -0,0 +1,56 @@
<?php
namespace User\Controller;
use Think\Controller;
/**
* @author Zhou Yuyang <1009465756@qq.com> 2015-08-03
* @copyright ©2105-2018 SRCMS
* @homepage http://www.src.pw
* @version 1.0
*/
class ChangeController extends BaseController{
/**
* 显示更改密码页面
* @return [type] [description]
*/
public function index()
{
$this->display();
}
/**
* 修改密码流程
*/
public function change()
{
//验证请求方式
if(!IS_POST)$this->error("非法请求");
$member = M('member');
$id = session('userId');
$oldpassword =I('post.oldpassword','','md5');
$password =I('post.password','','md5');
//验证原密码
$user = $member->where(array('id'=>$id,'password'=>$oldpassword))->find();
if(!$user) {
$this->error('邮箱不存在 :(') ;
}
//验证账户是否管理员
if($user['type'] == 2){
$this->error('前台无法修改管理员密码 :(') ;
}
$member-> password=$password;
$result = $member->where(array('id'=>$id,'password'=>$oldpassword))->save();
if($result){
$this->success("修改成功",U('login/logout'));
}else{
$this->error('修改失败 :(') ;
}
}
}

60
Application/User/Controller/ForgetController.class.php Normal file
View File

@@ -0,0 +1,60 @@
<?php
namespace User\Controller;
use Think\Controller;
/**
* @author Zhou Yuyang <1009465756@qq.com> 2015-07-27
* @copyright ©2105-2018 SRCMS
* @homepage http://www.src.pw
* @version 1.0
*/
class ForgetController extends Controller {
//显示找回密码页面
public function index(){
$this->display();
}
//找回密码逻辑
public function find(){
if(!IS_POST)$this->error("非法请求");
$member = M('member');
$email =I('post.email','','email');
$username =I('post.username');
//$code = I('verify','','strtolower');
//验证验证码是否正确
//if(!($this->check_verify($code))){
//$this->error('验证码错误');
//}
//验证输入邮箱是否存在
$user = $member->where(array('username'=>$username,'email'=>$email))->find();
if(!$user) {
$this->error('邮箱不存在 :(') ;
}
//验证账户是否被禁用
if($user['status'] == 0){
$this->error('账号被禁用,无法找回密码 :(') ;
}
if($user['type'] == 2){
$this->error('前台无法重置管理员密码 :(') ;
}
//发送验证码邮件
import('ORG.Net.Mail');
$str = '1234567890abcdefghijklmnopqrstuvwxyz';
$passwd=$str[rand(0,35)].$str[rand(0,35)].$str[rand(0,35)].$str[rand(0,35)].$str[rand(0,35)].$str[rand(0,35)];
$content = md5($passwd);
$member = M('member');
$member-> password=$content;
$member ->where(array('username'=>$username,'email'=>$email))->save();
$con='您好您正在找回密码,您的临时新密码为'.$passwd.'请您妥善保管,登陆平台后请及时修改密码';
if(SendMail($email,'找回密码',$con,'应急响应中心')){
$this->success("发送成功",U('login/index'));
}else{
$this->error('账号被禁用 :(') ;
}
}
}

78
Application/User/Controller/InfoController.class.php Normal file
View File

@@ -0,0 +1,78 @@
<?php
namespace User\Controller;
use Think\Controller;
/**
* @author Zhou Yuyang <1009465756@qq.com> 2015-08-02
* @copyright ©2105-2018 SRCMS
* @homepage http://www.src.pw
* @version 1.0
*/
class InfoController extends BaseController{
public function index(){
$id = session('userId');
$info = M('info')->where('user_id='.$id)->select();
$this->assign('info',$info);
$this->display();
}
/**
* 添加联系方式
*/
public function add()
{
//默认显示添加表单
if (!IS_POST) {
$this->display();
}
if (IS_POST) {
//如果用户提交数据
$model = D("info");
$model->user_id = 1;
$model->username = 1;
if (!$model->create()) {
// 如果创建失败 表示验证没有通过 输出错误提示信息
$this->error($model->getError());
exit();
} else {
if ($model->add()) {
$this->success("添加成功", U('info/index'));
} else {
$this->error("添加失败");
}
}
}
}
/**
* 更新联系方式
*/
public function update()
{
//默认显示添加表单
if (!IS_POST) {
$this->display();
}
if (IS_POST) {
//如果用户提交数据
$model = D("info");
$model->user_id = 1;
$model->username = 1;
if (!$model->create()) {
// 如果创建失败 表示验证没有通过 输出错误提示信息
$this->error($model->getError());
exit();
} else {
if ($model->save()) {
$this->success("更新成功", U('info/index'));
} else {
$this->error("更新失败");
}
}
}
}
}

2
Application/User/Controller/PostController.class.php
View File

@@ -9,7 +9,7 @@ use Think\Controller;
* @version 1.0
*/
class PostController extends Controller
class PostController extends BaseController
{
/**
* 漏洞报告列表

11
Application/User/Model/ChangeModel.class.php Normal file
View File

@@ -0,0 +1,11 @@
<?php
namespace User\Model;
use Think\Model;
class ChangeModel extends Model{
protected $_validate = array(
array('oldpassword','require','请填写旧密码!'), //默认情况下用正则进行验证
array('password','require','请填写密码!','','',self::MODEL_INSERT), //默认情况下用正则进行验证
array('repassword','password','确认密码不正确',0,'confirm'), // 验证确认密码是否和密码一致
);
}

25
Application/User/Model/InfoModel.class.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
namespace User\Model;
use Think\Model;
class InfoModel extends Model{
protected $_validate = array(
array('realname','require','请填写真实姓名'), //默认情况下用正则进行验证
array('zipcode','require','请填写邮编'), //默认情况下用正则进行验证
array('location','require','请填写地址'), //默认情况下用正则进行验证
array('tel','require','请填写联系电话'), //默认情况下用正则进行验证
);
protected $_auto = array (
array('user_id','getUid',1,'callback'), // 对update_time字段在更新的时候写入当前用户ID
array('username','getUsername',1,'callback'), // 对update_time字段在更新的时候写入当前用户名
);
protected function getUid(){
return session('userId');
}
protected function getUsername(){
return session('username');
}
}

32
Application/User/View/Change/index.html Normal file
View File

@@ -0,0 +1,32 @@
<extend name="Public:common" />
<block name="main">
<div class="gallery">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<br/>
<h3>更改密码</h3><hr/>
<form action="{:U('change/change')}" method="post">
<div class="form-group">
<label>旧密码</label>
<input class="form-control" type="text" name="oldpassword" placeholder="请输入旧密码">
</div>
<div class="form-group">
<label>密码</label>
<input class="form-control" type="password" name="password" placeholder="请输入新密码">
</div>
<div class="form-group">
<label>确认密码</label>
<input class="form-control" type="password" name="repassword" placeholder="请再次输入新密码">
</div>
<div class="form-group">
<button class="btn btn-success" type="submit">提交</button>
</div>
</form>
</div>
</div>
</div>
</block>

96
Application/User/View/Forget/index.html Normal file
View File

@@ -0,0 +1,96 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<title>应急响应中心</title>
<meta name="generator" content="Bootply" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href="__PUBLIC__/Home/css/bootstrap.min.css" rel="stylesheet">
<link href="//netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.min.css" rel="stylesheet">
<!--[if lt IE 9]>
<script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link href="__PUBLIC__/Home/css/styles.css" rel="stylesheet">
</head>
<body>
<div class="navbar navbar-fixed-top navbar-bold" data-spy="affix" data-offset-top="1000">
<div class="container">
<div class="navbar-header">
<a href="__ROOT__/index.php" class="navbar-brand">应急响应中心</a>
<a class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</a>
</div>
<div class="navbar-collapse collapse" id="navbar">
<ul class="nav navbar-nav">
<li><a href="{:U('index/index')}">个人中心</a></li>
<!--<li><a href="{:U('post/index')}">漏洞列表</a></li>
<li><a href="{:U('post/add')}">报告漏洞</a></li>
<li><a href="__ROOT__/index.php?m=&c=page&a=index">公告</a></li>
<li><a href="__ROOT__/index.php?m=&c=hall&a=index">贡献榜</a></li>
<li><a href="__ROOT__/index.php?m=&c=gift&a=index">礼品库</a></li>-->
</ul>
</div>
</div>
</div>
<div class="gallery">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<br/>
<h3>找回密码</h3><hr/>
<form action="{:U('forget/find')}" method="post">
<div class="form-group">
<label>用户名</label>
<input class="form-control" type="text" name="username" placeholder="请输入用户名">
</div>
<div class="form-group">
<label>邮箱</label>
<input class="form-control" type="text" name="email" placeholder="请输入邮箱">
</div>
<div class="form-group">
<button class="btn btn-success" type="submit" >找回密码</button>
</div>
</form>
</div>
</div>
</div>
<footer>
<div class="container">
<div class="row">
<div class="col-md-6 col-md-offset-3 text-center">
<ul class="list-inline">
<li><i class="icon-facebook icon-2x"></i></li>
<li><i class="icon-twitter icon-2x"></i></li>
<li><i class="icon-google-plus icon-2x"></i></li>
<li><i class="icon-pinterest icon-2x"></i></li>
</ul>
<hr>
<p>Copyright © <?php echo date("Y")?></i> at <a href="http://www.bootply.com"> Demo Company.</a>All Rights Reserved</p>
<p>演示站点 版权所有</p>
<p>Powered By SRCMS</p>
</div>
</div>
</div>
</footer>
<ul class="nav pull-right scroll-down">
<li><a href="#" title="Scroll down"><i class="icon-chevron-down icon-3x"></i></a></li>
</ul>
<ul class="nav pull-right scroll-top">
<li><a href="#" title="Scroll to top"><i class="icon-chevron-up icon-3x"></i></a></li>
</ul>
<!-- script references -->
<script src="//ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js"></script>
<script src="__PUBLIC__/Home/js/bootstrap.min.js"></script>
<script src="__PUBLIC__/Home/js/scripts.js"></script>
</body>
</html>

7
Application/User/View/Index/index.html
View File

@@ -7,13 +7,8 @@
<hr style="width:80%" class="col-md-offset-0"/>
<h4><strong>尊敬的 <?php echo session('username')?>, 欢迎您进入漏洞报告平台 !</strong></h4>
<br/>
<button class="btn btn-default text-align"><a href="{:U('login/logout')}">退出登录</a></button><br/>
<button class="btn btn-default text-align"><a href="{:U('login/logout')}">退出登录</a></button>&nbsp;&nbsp;&nbsp;<button class="btn btn-default text-align"><a href="{:U('change/index')}">修改密码</a></button><br/>
<div class="row">
<div class="col-sm-4 col-sm-offset-4 text-center">
</div>
</div>
</div>
</block>

33
Application/User/View/Info/add.html Normal file
View File

@@ -0,0 +1,33 @@
<extend name="Public:common" />
<block name="main">
<div class="gallery">
<div class="col-md-offset-2">
<h2><strong>联系方式</strong></h2>
<hr style="width:80%" class="col-md-offset-0"/>
<h5><strong>请您准确填写您的联系方式,以便我们能够准确为您邮寄兑换的礼品。</strong></h5><br/>
<form method="post" action="{:U('info/add')}">
<div class="form-group">
<label>姓名:</label>
<input type="text" name="realname" class="form-control" style="width:50%" placeholder="请输入姓名">
</div>
<div class="form-group">
<label>邮编:</label>
<input type="text" name="zipcode" class="form-control" style="width:50%" placeholder="请输入邮编">
</div>
<div class="form-group">
<label>住址:</label>
<input type="text" name="location" class="form-control" style="width:50%" placeholder="请输入住址">
</div>
<div class="form-group">
<label>电话:</label>
<input type="text" name="tel" class="form-control" style="width:50%" placeholder="请输入电话">
</div>
<!--<div class="form-group">
<input type="hidden" name="user_id" value="">
</div>-->
<button type="submit" class="btn btn-default">提交</button>
</form>
</div>
</block>

42
Application/User/View/Info/index.html Normal file
View File

@@ -0,0 +1,42 @@
<extend name="Public:common" />
<block name="main">
<div class="gallery">
<div class="col-md-offset-2">
<h2><strong>联系方式</strong></h2>
<hr style="width:80%" class="col-md-offset-0"/>
<h5><strong>请您准确填写您的联系方式,以便我们能够准确为您邮寄兑换的礼品。</strong></h5><br/>
<div class="row">
<a href="{:U('info/add')}" class="btn btn-success <?php $exsit= D('info'); if($exsit->where('user_id='.session('userId'))->count()){echo 'disabled';}; ?>">添加</a>
<a href="{:U('info/update')}" class="btn btn-success <?php $exsit= D('info'); if($exsit->where('user_id='.session('userId'))->count()){}else{echo 'disabled';}; ?>">更新</a>
</div>
<br/>
<div class="row">
<table class="table table-hover table-striped" style="width:80%" >
<tbody>
<foreach name="info" item="v">
<tr>
<th>姓名:</th>
<td>{$v.realname}</td>
</tr>
<tr>
<th>邮编:</th>
<td>{$v.zipcode}</td>
</tr>
<tr>
<th>住址:</th>
<td>{$v.location}</td>
</tr>
<tr>
<th>电话:</th>
<td>{$v.tel}</td>
</tr>
</foreach>
</tbody>
</table>
</div>
</div>
</block>

33
Application/User/View/Info/update.html Normal file
View File

@@ -0,0 +1,33 @@
<extend name="Public:common" />
<block name="main">
<div class="gallery">
<div class="col-md-offset-2">
<h2><strong>联系方式</strong></h2>
<hr style="width:80%" class="col-md-offset-0"/>
<h5><strong>请您准确填写您的联系方式,以便我们能够准确为您邮寄兑换的礼品。</strong></h5><br/>
<form method="post" action="{:U('info/update')}">
<div class="form-group">
<label>姓名:</label>
<input type="text" name="realname" class="form-control" style="width:50%" placeholder="请输入姓名">
</div>
<div class="form-group">
<label>邮编:</label>
<input type="text" name="zipcode" class="form-control" style="width:50%" placeholder="请输入邮编">
</div>
<div class="form-group">
<label>住址:</label>
<input type="text" name="location" class="form-control" style="width:50%" placeholder="请输入住址">
</div>
<div class="form-group">
<label>电话:</label>
<input type="text" name="tel" class="form-control" style="width:50%" placeholder="请输入电话">
</div>
<!--<div class="form-group">
<input type="hidden" name="user_id" value="">
</div>-->
<button type="submit" class="btn btn-default">提交</button>
</form>
</div>
</block>

19
Application/User/View/Login/index.html
View File

@@ -66,6 +66,7 @@
</div>
</div>
<button type="submit" class="btn btn-default text-align">登陆</button><br/><br/>
<a href="{:U('forget/index')}">找回密码</a><p></p>
<a href="{:U('reg/index')}" style="float:left;">还没有账号?点击注册</a>
</div>
</div>
@@ -90,13 +91,12 @@
<div class="row">
<div class="col-md-6 col-md-offset-3 text-center">
<ul class="list-inline">
<li><i class="icon-facebook icon-2x"></i></li>
<li><i class="icon-twitter icon-2x"></i></li>
<li><i class="icon-google-plus icon-2x"></i></li>
<li><i class="icon-pinterest icon-2x"></i></li>
<li><img src="__PUBLIC__/Home/pic/weibo.png" alt="weibo"/></li>
<li><img src="__PUBLIC__/Home/pic/wechat.png" alt="wechat"/></li>
<li><img src="__PUBLIC__/Home/pic/douban.png" alt="douban"/></li>
</ul>
<hr>
<p>Copyright © <?php echo date("Y")?></i> at <a href="http://www.bootply.com"> Demo Company.</a>All Rights Reserved</p>
<p>Copyright © <?php echo date("Y")?></i> at <a href="http://www.src.pw"> Demo Company.</a>All Rights Reserved</p>
<p>演示站点 版权所有</p>
<p>Powered By SRCMS</p>
</div>
@@ -104,15 +104,10 @@
</div>
</footer>
<ul class="nav pull-right scroll-down">
<li><a href="#" title="Scroll down"><i class="icon-chevron-down icon-3x"></i></a></li>
</ul>
<ul class="nav pull-right scroll-top">
<li><a href="#" title="Scroll to top"><i class="icon-chevron-up icon-3x"></i></a></li>
</ul>
<!-- script references -->
<script src="//ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js"></script>
<script src="//2.srcmsdemo.sinaapp.com/jquery.min.js"></script>
<script src="__PUBLIC__/Home/js/bootstrap.min.js"></script>
<script src="__PUBLIC__/Home/js/scripts.js"></script>
</body>

18
Application/User/View/Public/footer.html
View File

@@ -3,10 +3,9 @@
<div class="row">
<div class="col-md-6 col-md-offset-3 text-center">
<ul class="list-inline">
<li><i class="icon-facebook icon-2x"></i></li>
<li><i class="icon-twitter icon-2x"></i></li>
<li><i class="icon-google-plus icon-2x"></i></li>
<li><i class="icon-pinterest icon-2x"></i></li>
<li><img src="__PUBLIC__/Home/pic/weibo.png" alt="weibo"/></li>
<li><img src="__PUBLIC__/Home/pic/wechat.png" alt="wechat"/></li>
<li><img src="__PUBLIC__/Home/pic/douban.png" alt="douban"/></li>
</ul>
<hr>
<p>Copyright © <?php echo date("Y")?></i> at <a href="http://www.src.pw"> Demo Company.</a>All Rights Reserved</p>
@@ -17,16 +16,5 @@
</div>
</footer>
<ul class="nav pull-right scroll-down">
<li><a href="#" title="Scroll down"><i class="icon-chevron-down icon-3x"></i></a></li>
</ul>
<ul class="nav pull-right scroll-top">
<li><a href="#" title="Scroll to top"><i class="icon-chevron-up icon-3x"></i></a></li>
</ul>
<!-- script references -->
<script src="//ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js"></script>
<script src="__PUBLIC__/Home/js/bootstrap.min.js"></script>
<script src="__PUBLIC__/Home/js/scripts.js"></script>
</body>
</html>

3
Application/User/View/Public/header.html
View File

@@ -30,7 +30,8 @@
<li><a href="{:U('index/index')}">个人中心</a></li>
<li><a href="{:U('post/index')}">漏洞列表</a></li>
<li><a href="{:U('post/add')}">报告漏洞</a></li>
<!--<li><a href="{:U('gift/index')}">礼品库</a></li>-->
<li><a href="{:U('gift/index')}">礼品兑换</a></li>
<li><a href="{:U('info/index')}">联系方式</a></li>
</ul>
</div>
</div>

2
Application/User/View/Reg/index.html
View File

@@ -82,7 +82,7 @@
<li><i class="icon-pinterest icon-2x"></i></li>
</ul>
<hr>
<p>Copyright © <?php echo date("Y")?></i> at <a href="http://www.bootply.com"> Demo Company.</a>All Rights Reserved</p>
<p>Copyright © <?php echo date("Y")?></i> at <a href="http://www.src.pw"> Demo Company.</a>All Rights Reserved</p>
<p>演示站点 版权所有</p>
<p>Powered By SRCMS</p>
</div>

262
DB/srcms.sql Normal file
View File

@@ -0,0 +1,262 @@
-- phpMyAdmin SQL Dump
-- version phpStudy 2014
-- http://www.phpmyadmin.net
--
-- 主机: localhost
-- 生成日期: 2015 年 10 月 06 日 18:50
-- 服务器版本: 5.5.40
-- PHP 版本: 5.3.29
SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
--
-- 数据库: `srcms`
--
-- --------------------------------------------------------
--
-- 表的结构 `blog`
--
CREATE TABLE IF NOT EXISTS `blog` (
`id` int(10) NOT NULL AUTO_INCREMENT,
`title` varchar(100) NOT NULL,
`name` varchar(100) NOT NULL,
`content` text NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=gbk AUTO_INCREMENT=2 ;
--
-- 转存表中的数据 `blog`
--
INSERT INTO `blog` (`id`, `title`, `name`, `content`) VALUES
(1, '示例博客', '移动安全', '&lt;p&gt;示例博客内容&lt;/p&gt;');
-- --------------------------------------------------------
--
-- 表的结构 `category`
--
CREATE TABLE IF NOT EXISTS `category` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`pid` int(11) DEFAULT NULL COMMENT '父分类ID',
`name` varchar(20) DEFAULT NULL COMMENT '分类别名',
`title` varchar(100) DEFAULT NULL COMMENT '分类标题',
`keywords` varchar(255) DEFAULT NULL COMMENT '分类关键词',
`description` varchar(255) DEFAULT NULL COMMENT '分类描述',
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=16 ;
--
-- 转存表中的数据 `category`
--
INSERT INTO `category` (`id`, `pid`, `name`, `title`, `keywords`, `description`) VALUES
(1, 0, 'default', '默认分类', '默认分类', '默认分类描述'),
(2, 0, 'Webvul', 'Web漏洞', '', ''),
(3, 0, 'PC Clinet', 'PC客户端漏洞', '', ''),
(4, 0, 'Sever', '服务器漏洞', '', ''),
(5, 0, 'Mobile Clinet', '移动客户端漏洞', '', ''),
(6, 2, 'SQLinjection', 'SQL注入', '', ''),
(7, 2, 'XSS', 'XSS', '', ''),
(8, 2, 'CSRF', 'CSRF', '', ''),
(9, 5, 'IOS', 'IOS', '', ''),
(10, 5, 'wordpress', 'Android', 'Android', ''),
(11, 3, 'Overflow', '溢出', '', ''),
(12, 3, 'DDOS', '拒绝服务', '', ''),
(13, 7, 'DOM XSS', '基于DOM的XSS', '', ''),
(14, 7, 'Stored XSS', '存储型XSS', '', ''),
(15, 2, 'Logic', '逻辑漏洞', '', '');
-- --------------------------------------------------------
--
-- 表的结构 `hall`
--
CREATE TABLE IF NOT EXISTS `hall` (
`id` int(10) NOT NULL,
`name` varchar(10) NOT NULL,
`url` varchar(100) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=gbk;
--
-- 转存表中的数据 `hall`
--
INSERT INTO `hall` (`id`, `name`, `url`) VALUES
(0, 'Lucy', 'http://api.randomuser.me/portraits/thumb/women/12.jpg'),
(1, 'David', 'http://api.randomuser.me/portraits/thumb/men/95.jpg'),
(2, 'Lily', 'http://api.randomuser.me/portraits/thumb/women/67.jpg'),
(3, 'Martin', 'http://api.randomuser.me/portraits/thumb/men/27.jpg'),
(4, 'Kelly', 'http://api.randomuser.me/portraits/thumb/women/15.jpg'),
(5, 'Sam', 'http://api.randomuser.me/portraits/thumb/men/18.jpg');
-- --------------------------------------------------------
--
-- 表的结构 `info`
--
CREATE TABLE IF NOT EXISTS `info` (
`user_id` int(11) NOT NULL,
`username` varchar(20) NOT NULL,
`realname` varchar(20) CHARACTER SET gbk NOT NULL,
`location` varchar(50) CHARACTER SET gbk NOT NULL,
`tel` varchar(11) CHARACTER SET gbk NOT NULL,
`zipcode` varchar(6) CHARACTER SET gbk NOT NULL,
PRIMARY KEY (`user_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
--
-- 转存表中的数据 `info`
--
INSERT INTO `info` (`user_id`, `username`, `realname`, `location`, `tel`, `zipcode`) VALUES
(1, 'admin', '周三', '江苏', '18190112345', '214191'),
(2, 'martin', '王二', '江苏', '18712345612', '214000');
-- --------------------------------------------------------
--
-- 表的结构 `links`
--
CREATE TABLE IF NOT EXISTS `links` (
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`title` varchar(100) DEFAULT NULL,
`url` varchar(100) DEFAULT NULL,
`sort` int(5) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=5 ;
--
-- 转存表中的数据 `links`
--
INSERT INTO `links` (`id`, `title`, `url`, `sort`) VALUES
(1, 'iPhone6', 'http://2.srcmsdemo.sinaapp.com/iphone.jpg', 100),
(2, 'iPhone6 Plus', 'http://2.srcmsdemo.sinaapp.com/iphone.jpg', 100),
(3, 'MacBook', 'http://2.srcmsdemo.sinaapp.com/iphone.jpg', 100),
(4, 'MacBook Air', 'http://2.srcmsdemo.sinaapp.com/iphone.jpg', 100);
-- --------------------------------------------------------
--
-- 表的结构 `member`
--
CREATE TABLE IF NOT EXISTS `member` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(20) DEFAULT NULL,
`email` varchar(100) DEFAULT NULL,
`password` varchar(32) DEFAULT NULL,
`avatar` varchar(255) DEFAULT NULL COMMENT '头像',
`create_at` varchar(11) DEFAULT '0',
`update_at` varchar(11) DEFAULT '0',
`login_ip` varchar(20) DEFAULT NULL,
`status` tinyint(1) DEFAULT '1' COMMENT '0:禁止登陆 1:正常',
`type` tinyint(1) DEFAULT '1' COMMENT '1:前台用户 2:管理员 ',
`jifen` int(10) NOT NULL,
PRIMARY KEY (`id`),
KEY `username` (`username`) USING BTREE,
KEY `password` (`password`) USING BTREE
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=3 ;
--
-- 转存表中的数据 `member`
--
INSERT INTO `member` (`id`, `username`, `email`, `password`, `avatar`, `create_at`, `update_at`, `login_ip`, `status`, `type`, `jifen`) VALUES
(1, 'admin', '1009465756@qq.com', '21232f297a57a5a743894a0e4a801fc3', NULL, '1436679338', '315763479', '0.0.0.0', 1, 2, 0),
(2, 'martin', '1009465756@qq.com', '21232f297a57a5a743894a0e4a801fc3', NULL, '1438016593', '1440839143', '0.0.0.0', 1, 1, 105);
-- --------------------------------------------------------
--
-- 表的结构 `page`
--
CREATE TABLE IF NOT EXISTS `page` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`title` varchar(100) NOT NULL,
`name` varchar(100) DEFAULT NULL,
`content` text,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=4 ;
--
-- 转存表中的数据 `page`
--
INSERT INTO `page` (`id`, `title`, `name`, `content`) VALUES
(1, '2015年应急响应中心漏洞奖励细节', 'SRC--001', '&lt;p&gt;&lt;span style=&quot;font-size: 18px;&quot;&gt;&lt;strong&gt;基本原则&lt;/strong&gt;&lt;/span&gt;&lt;/p&gt;&lt;p&gt;我们对于保护用户利益,帮助小米安全提升的白帽子黑客,我们给予感谢和回馈。&lt;/p&gt;&lt;p&gt;我们反对和谴责一切以漏洞测试为借口,利用安全漏洞进行破坏、损害用户利益的黑客行为,包括但不限于利用漏洞盗取用户资料、入侵业务系统、修改、窃取相关系统资料、恶意传播漏洞或数据。对于发生上述行为的、我们司将追究其法律责任。&lt;/p&gt;&lt;p&gt;&lt;br/&gt;&lt;/p&gt;&lt;p&gt;&lt;span style=&quot;font-size: 18px;&quot;&gt;&lt;strong&gt;漏洞处理流程&lt;/strong&gt;&lt;/span&gt;&lt;/p&gt;&lt;p&gt;对于每一个级别的漏洞,我们会根据漏洞利用的技术难度、漏洞造成的影响等进行综合考虑,分成不同的层次,并给与相应积分。&lt;/p&gt;&lt;p&gt;根据漏洞出现的业务等级,漏洞危害程度分为高危、中危、低危、忽略四个级别,每个级别涵盖的漏洞以及评分标准如下:&lt;/p&gt;&lt;p&gt;&lt;br/&gt;&lt;/p&gt;&lt;p&gt;&lt;strong&gt;高危:&lt;/strong&gt;&lt;/p&gt;&lt;p&gt;直接获取系统权限服务器权限、客户端权限的漏洞。包括但不限于远程任意命令执行、代码执行、任意文件上传获取Webshell、缓冲区溢出、SQL注入获取系统权限、服务器解析漏洞、文件包含漏洞等。&lt;/p&gt;&lt;p&gt;严重的逻辑设计缺陷。包括但不限于任意账号登陆、任意账号密码修改、短信邮件验证的绕过。&lt;/p&gt;&lt;p&gt;严重的敏感信息泄露。包括但不限于严重的SQL注入、任意文件包含等。&lt;/p&gt;&lt;p&gt;越权访问。包括但不限于绕过验证直接访问后台、后台登录弱口令、SSH弱口令数据库弱口令等。&lt;/p&gt;&lt;p&gt;&lt;br/&gt;&lt;/p&gt;&lt;p&gt;&lt;strong&gt;中危:&lt;/strong&gt;&lt;/p&gt;&lt;p&gt;需要交互才能获取用户身份信息的漏洞。包括存储型XSS等。&lt;/p&gt;&lt;p&gt;普通逻辑设计缺陷。包括但不限于无限制短信邮件等发送等。&lt;/p&gt;&lt;p&gt;非重点产品线、利用难度较大的SQL注入漏洞等。&lt;/p&gt;&lt;p&gt;&lt;br/&gt;&lt;/p&gt;&lt;p&gt;&lt;strong&gt;低危:&lt;/strong&gt;&lt;/p&gt;&lt;p&gt;一般信息泄露漏洞。包括但不限于路径泄露、SVN文件泄露、LOG文件泄露、Phpinfo等。&lt;/p&gt;&lt;p&gt;无法利用或者难以利用的漏洞包括但不限于反射型XSS和只能弹自己的XSS。&lt;/p&gt;&lt;p&gt;&lt;br/&gt;&lt;/p&gt;&lt;p&gt;&lt;strong&gt;忽略:&lt;/strong&gt;&lt;/p&gt;&lt;p&gt;不涉及安全问题的bug。包括但不限于产品功能缺陷、页面乱码、样式混编等。&lt;/p&gt;&lt;p&gt;无法重现的漏洞、不能直接体现漏洞的其他问题。包括但不限于纯属用户猜测的问题。&lt;/p&gt;&lt;p&gt;&lt;br/&gt;&lt;/p&gt;'),
(2, '2015年应急响应中心漏洞收集流程', 'SRC--002', '&lt;p&gt;&lt;strong&gt;白帽子定义:&lt;/strong&gt;&lt;/p&gt;&lt;p&gt;白帽子指通过先知平台参与漏洞提交过程的安全专家,能够识别计算机系统或网络系统中的安全漏洞,但并不会恶意利用,而是公布漏洞,帮助厂商在被其他人恶意利用之前修补漏洞,维护计算机和互联网安全。&lt;/p&gt;&lt;p&gt;&lt;br/&gt;&lt;/p&gt;&lt;p&gt;&lt;strong&gt;漏洞收集流程:&lt;/strong&gt;&lt;/p&gt;&lt;p&gt;1. 登录并完善资料&lt;/p&gt;&lt;p&gt;白帽子使用应急响应中心账号登录平台并完善资料,请确保资料真实有效,并及时更新。&lt;/p&gt;&lt;p&gt;&lt;br/&gt;&lt;/p&gt;&lt;p&gt;2. 提交漏洞&lt;/p&gt;&lt;p&gt;白帽子根据漏洞提交页面指引,提交安全漏洞信息。请务必详尽,漏洞描述越具体,越便于我们准确进行应急响应。&lt;/p&gt;&lt;p&gt;&lt;br/&gt;&lt;/p&gt;&lt;p&gt;3. 审核漏洞&lt;/p&gt;&lt;p&gt;漏洞提交后48小时内法定节假日顺延我们会对收到的漏洞按照《漏洞验收标准》进行评估同时确定奖励额度。&lt;/p&gt;&lt;p&gt;&lt;br/&gt;&lt;/p&gt;');
-- --------------------------------------------------------
--
-- 表的结构 `post`
--
CREATE TABLE IF NOT EXISTS `post` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`title` varchar(255) DEFAULT NULL,
`content` text,
`time` varchar(11) DEFAULT '0',
`cate_id` int(11) DEFAULT NULL,
`user_id` int(11) DEFAULT NULL,
`type` tinyint(1) DEFAULT '1' COMMENT '1:普通,2:置顶,3:热门,4:推荐',
PRIMARY KEY (`id`),
KEY `cate_id` (`cate_id`),
KEY `user_id` (`user_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=2 ;
--
-- 转存表中的数据 `post`
--
INSERT INTO `post` (`id`, `title`, `content`, `time`, `cate_id`, `user_id`, `type`) VALUES
(1, '示例漏洞报告', '&lt;p&gt;这里是示例漏洞报告的内容.&lt;/p&gt;', '1438043542', 2, 2, 1);
-- --------------------------------------------------------
--
-- 表的结构 `setting`
--
CREATE TABLE IF NOT EXISTS `setting` (
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`key` varchar(255) NOT NULL DEFAULT '',
`value` varchar(255) NOT NULL DEFAULT '',
`description` varchar(255) DEFAULT NULL,
PRIMARY KEY (`id`),
KEY `key` (`key`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=7 ;
--
-- 转存表中的数据 `setting`
--
INSERT INTO `setting` (`id`, `key`, `value`, `description`) VALUES
(1, 'site-name', '演示站点', '站点名'),
(2, 'site-keywords', '关键词1,关键词2', '关键词'),
(3, 'site-description', '站点描述信息', '站点描述'),
(4, 'site-tongji', '&lt;script&gt; console.log(&quot;统计代码&quot;)&lt;/script&gt;', '统计代码'),
(5, 'site-icp', '123456', 'ICP备案号'),
(6, 'site-url', 'http://www.src.pw', '站点地址');
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;

15
Public/Home/css/styles.css
View File

@@ -1,13 +1,10 @@
/* -- custom css for Bootstrap 3.x --*/
/* move special fonts to HTML head for better performance */
@import url('http://fonts.googleapis.com/css?family=Open+Sans:200,300,400,600');
html,
body {
height: 100%;
width: 100%;
font-family:'Open Sans','Helvetica Neue',Helvetica,Arial,sans-serif;
font-family:;
}
/* fix bs3 horizontal scrollbar bug */
@@ -65,7 +62,7 @@ img.grayscale {
.navbar-bold {
background-color:#11cc45;
font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;
font-family:;
}
.navbar-bold li a:hover, .navbar-bold li.active {
@@ -85,7 +82,7 @@ img.grayscale {
color:#fff;
margin-left:-5px;
margin-bottom:5px;
font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;
font-family:;
}
.header .lead {
@@ -95,7 +92,7 @@ img.grayscale {
.header {
height: 80%;
background: #11cc45 url('http://www.bootply.com/assets/example/pt_squares_lg.png') repeat center center fixed;
background: #11cc45 url('http://2.srcmsdemo.sinaapp.com/pt_squares_lg.png') repeat center center fixed;
}
.blurb {
@@ -108,7 +105,7 @@ img.grayscale {
}
.bright {
background: #7fbbda url('http://www.bootply.com/assets/example/bg_suburb.jpg') no-repeat center center fixed;
background: #7fbbda url('http://2.srcmsdemo.sinaapp.com/bg_suburb.jpg') no-repeat center center fixed;
color:#fff;
}
@@ -143,7 +140,7 @@ img.grayscale {
padding-top:7%;
height: 100%;
width: 100%;
background: url('http://www.bootply.com/assets/example/bg_suburb.jpg') no-repeat center center fixed;
background: url('http://2.srcmsdemo.sinaapp.com/bg_suburb.jpg') no-repeat center center fixed;
-webkit-background-size: cover;
-moz-background-size: cover;
-o-background-size: cover;

BIN
Public/Home/pic/douban.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.0 KiB

BIN
Public/Home/pic/tencent.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 849 B

BIN
Public/Home/pic/wechat.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

BIN
Public/Home/pic/weibo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.6 KiB

1
ThinkPHP/Library/Org/Net/Mail.class.php Normal file
View File

File diff suppressed because one or more lines are too long