diff --git a/Application/Admin/Controller/CategoryController.class.php b/Application/Admin/Controller/CategoryController.class.php index c681f62..189fe7a 100644 --- a/Application/Admin/Controller/CategoryController.class.php +++ b/Application/Admin/Controller/CategoryController.class.php @@ -90,8 +90,9 @@ class CategoryController extends BaseController * @param [type] $id [description] * @return [type] [description] */ - public function delete($id) + public function delete() { + $id = I('get.id',0,'intval'); $model = M('category'); //查询属于这个分类的文章 $posts = M('post')->where('cate_id='.$id)->select(); diff --git a/Application/Admin/Controller/LinksController.class.php b/Application/Admin/Controller/LinksController.class.php index 5cb49e2..e17393b 100644 --- a/Application/Admin/Controller/LinksController.class.php +++ b/Application/Admin/Controller/LinksController.class.php @@ -60,8 +60,9 @@ class LinksController extends BaseController * @param [type] $id [链接ID] * @return [type] [description] */ - public function update($id) + public function update() { + $id = I('get.id',0,'intval'); //默认显示添加表单 if (!IS_POST) { $model = M('links')->where('id='.$id)->find(); @@ -86,8 +87,9 @@ class LinksController extends BaseController * @param [type] $id [description] * @return [type] [description] */ - public function delete($id) + public function delete() { + $id = I('get.id',0,'intval'); $model = M('links'); $result = $model->delete($id); if($result){ diff --git a/Application/Admin/Controller/MemberController.class.php b/Application/Admin/Controller/MemberController.class.php index c240784..aa2e570 100644 --- a/Application/Admin/Controller/MemberController.class.php +++ b/Application/Admin/Controller/MemberController.class.php @@ -97,8 +97,9 @@ class MemberController extends BaseController * @param [type] $id [description] * @return [type] [description] */ - public function delete($id) + public function delete() { + $id = I('get.id',0,'intval'); if(C('SUPER_ADMIN_ID') == $id) $this->error("超级管理员不可禁用!"); $model = M('member'); //查询status字段值 diff --git a/Application/Admin/Controller/PageController.class.php b/Application/Admin/Controller/PageController.class.php index 672eb4a..b3e013f 100644 --- a/Application/Admin/Controller/PageController.class.php +++ b/Application/Admin/Controller/PageController.class.php @@ -60,9 +60,10 @@ class PageController extends BaseController * @param [type] $id [单页ID] * @return [type] [description] */ - public function update($id) + public function update() { - //默认显示添加表单 + $id = I('get.id',0,'intval'); + //默认显示添加表单 if (!IS_POST) { $model = M('page')->where('id='.$id)->find(); $this->assign('page',$model); @@ -86,8 +87,9 @@ class PageController extends BaseController * @param [type] $id [description] * @return [type] [description] */ - public function delete($id) + public function delete() { + $id = I('get.id',0,'intval'); $model = M('page'); $result = $model->where("id=".$id)->delete(); if($result){ diff --git a/Application/Admin/Controller/PostController.class.php b/Application/Admin/Controller/PostController.class.php index 19be799..e2c1c88 100644 --- a/Application/Admin/Controller/PostController.class.php +++ b/Application/Admin/Controller/PostController.class.php @@ -67,8 +67,9 @@ class PostController extends BaseController * @param [type] $id [文章ID] * @return [type] [description] */ - public function update($id) + public function update() { + $id = I('get.id',0,'intval'); //默认显示添加表单 if (!IS_POST) { $model = M('post')->where('id='.$id)->find(); @@ -94,8 +95,9 @@ class PostController extends BaseController * @param [type] $id [description] * @return [type] [description] */ - public function delete($id) + public function delete() { + $id = I('get.id',0,'intval'); $model = M('post'); $result = $model->where("id=".$id)->delete(); if($result){ @@ -112,8 +114,8 @@ class PostController extends BaseController */ public function jifen() { - $user_id = I('post.user_id'); - $amount = I('post.amount'); + $user_id = I('post.user_id',0,'intval'); + $amount = I('post.amount',0,'intval'); $model = M('member'); $result = $model->where('id='.$user_id)->setInc('jifen',$amount); if($result){ diff --git a/Application/Admin/Controller/SettingController.class.php b/Application/Admin/Controller/SettingController.class.php index e8fedb4..fe2b273 100644 --- a/Application/Admin/Controller/SettingController.class.php +++ b/Application/Admin/Controller/SettingController.class.php @@ -91,7 +91,7 @@ class SettingController extends BaseController public function delete($id) { $model = M('setting'); - + //验证通过 $result = $model->delete($id); if($result){ diff --git a/Application/Home/Controller/PageController.class.php b/Application/Home/Controller/PageController.class.php index 7eee310..bdf0cbd 100644 --- a/Application/Home/Controller/PageController.class.php +++ b/Application/Home/Controller/PageController.class.php @@ -34,7 +34,8 @@ class PageController extends Controller{ } - public function view($id){ + public function view(){ + $id = I('get.id',0,'intval'); //对传入数字参数做整数校验,规避SQLinjection漏洞 $model = M('page')->where('id='.$id)->find(); $this->assign('model',$model); $this->display(); diff --git a/Application/Home/View/Index/index.html b/Application/Home/View/Index/index.html index 507fc06..5bf00bd 100644 --- a/Application/Home/View/Index/index.html +++ b/Application/Home/View/Index/index.html @@ -23,47 +23,7 @@ - - -
+

贡献榜

 
@@ -90,7 +50,6 @@

{$v.title}

-
diff --git a/Application/Home/View/Page/index.html b/Application/Home/View/Page/index.html index 1c803ab..1eb0172 100644 --- a/Application/Home/View/Page/index.html +++ b/Application/Home/View/Page/index.html @@ -2,7 +2,6 @@ -
diff --git a/Application/Home/View/Public/footer.html b/Application/Home/View/Public/footer.html index 0a2ab0a..f84cf3c 100644 --- a/Application/Home/View/Public/footer.html +++ b/Application/Home/View/Public/footer.html @@ -1,5 +1,5 @@
-
+
    @@ -18,7 +18,7 @@
    -
    • +
    • diff --git a/Application/User/Controller/GiftController.class.php b/Application/User/Controller/GiftController.class.php new file mode 100644 index 0000000..fbe1df1 --- /dev/null +++ b/Application/User/Controller/GiftController.class.php @@ -0,0 +1,19 @@ + 2015-07-27 + * @copyright ©2105-2018 SRCMS + * @homepage http://www.src.pw + * @version 1.0 + */ + +class GiftController extends BaseController{ + + public function index(){ + $gift = M('links')->select(); + $this->assign('gift',$gift); + $this->display(); + } +} diff --git a/Application/User/View/Public/header.html b/Application/User/View/Public/header.html index c3cbdef..78f12cc 100644 --- a/Application/User/View/Public/header.html +++ b/Application/User/View/Public/header.html @@ -30,9 +30,7 @@
  • 个人中心
  • 漏洞列表
  • 报告漏洞
    • - +
diff --git a/DB/tpadmin.sql b/DB/tpadmin.sql index 256eb77..ea65df9 100644 --- a/DB/tpadmin.sql +++ b/DB/tpadmin.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- 主机: localhost --- 生成日期: 2015 年 07 月 28 日 15:49 +-- 生成日期: 2015 年 07 月 28 日 16:42 -- 服务器版本: 5.5.40 -- PHP 版本: 5.3.29