7 years ago · f035876bfb
--- a/application/admin/controller/Ajax.php
+++ b/application/admin/controller/Ajax.php
@@ -65,10 +65,16 @@ class Ajax extends Backend
 
				         $suffix = strtolower(pathinfo($fileInfo['name'], PATHINFO_EXTENSION));
			
 
				         $suffix = $suffix ? $suffix : 'file';
			
 
				 
			
 
				-        $mimetypeArr = explode(',', $upload['mimetype']);
			
 
				+        $mimetypeArr = explode(',', strtolower($upload['mimetype']));
			
 
				         $typeArr = explode('/', $fileInfo['type']);
			
 
				+
			
 
				         //验证文件后缀
			
 
				-        if ($upload['mimetype'] !== '*' && !in_array($suffix, $mimetypeArr) && !in_array($fileInfo['type'], $mimetypeArr) && !in_array($typeArr[0] . '/*', $mimetypeArr)) {
			
 
				+        if ($upload['mimetype'] !== '*' &&
			
 
				+            (
			
 
				+                !in_array($suffix, $mimetypeArr)
			
 
				+                || (stripos($typeArr[0] . '/', $upload['mimetype']) !== false && (!in_array($fileInfo['type'], $mimetypeArr) && !in_array($typeArr[0] . '/*', $mimetypeArr)))
			
 
				+            )
			
 
				+        ) {
			
 
				             $this->error(__('Uploaded file format is limited'));
			
 
				         }
			
 
				         $replaceArr = [
			
--- a/application/api/controller/Common.php
+++ b/application/api/controller/Common.php
@@ -75,11 +75,16 @@ class Common extends Api
 
				         $suffix = strtolower(pathinfo($fileInfo['name'], PATHINFO_EXTENSION));
			
 
				         $suffix = $suffix ? $suffix : 'file';
			
 
				 
			
 
				-        $mimetypeArr = explode(',', $upload['mimetype']);
			
 
				+        $mimetypeArr = explode(',', strtolower($upload['mimetype']));
			
 
				         $typeArr = explode('/', $fileInfo['type']);
			
 
				+
			
 
				         //验证文件后缀
			
 
				-        if ($upload['mimetype'] !== '*' && !in_array($suffix, $mimetypeArr) && !in_array($fileInfo['type'], $mimetypeArr) && !in_array($typeArr[0] . '/*', $mimetypeArr))
			
 
				-        {
			
 
				+        if ($upload['mimetype'] !== '*' &&
			
 
				+            (
			
 
				+                !in_array($suffix, $mimetypeArr)
			
 
				+                || (stripos($typeArr[0] . '/', $upload['mimetype']) !== false && (!in_array($fileInfo['type'], $mimetypeArr) && !in_array($typeArr[0] . '/*', $mimetypeArr)))
			
 
				+            )
			
 
				+        ) {
			
 
				             $this->error(__('Uploaded file format is limited'));
			
 
				         }
			
 
				         $replaceArr = [
			
--- a/application/common/library/Auth.php
+++ b/application/common/library/Auth.php
@@ -416,7 +416,7 @@ class Auth
 
				         $data = $this->_user->toArray();
			
 
				         $allowFields = $this->getAllowFields();
			
 
				         $userinfo = array_intersect_key($data, array_flip($allowFields));
			
 
				-        $userinfo['token'] = $this->getToken();
			
 
				+        $userinfo = array_merge($userinfo, Token::get($this->_token));
			
 
				         return $userinfo;
			
 
				     }
			
 
				 
			
--- a/application/common/library/token/driver/Mysql.php
+++ b/application/common/library/token/driver/Mysql.php
@@ -47,7 +47,7 @@ class Mysql extends Driver
 
				      */
			
 
				     public function set($token, $user_id, $expire = null)
			
 
				     {
			
 
				-        $expiretime = !is_null($expire) ? time() + $expire : ($expire === 0 ? 0 : time() + $this->options['expire']);
			
 
				+        $expiretime = !is_null($expire) && $expire !== 0 ? time() + $expire : 0;
			
 
				         $token = $this->getEncryptedToken($token);
			
 
				         $this->handler->insert(['token' => $token, 'user_id' => $user_id, 'createtime' => time(), 'expiretime' => $expiretime]);
			
 
				         return TRUE;
			
@@ -66,7 +66,7 @@ class Mysql extends Driver
 
				                 //返回未加密的token给客户端使用
			
 
				                 $data['token'] = $token;
			
 
				                 //返回剩余有效时间
			
 
				-                $data['expired_in'] = $this->getExpiredIn($data['expiretime']);
			
 
				+                $data['expires_in'] = $this->getExpiredIn($data['expiretime']);
			
 
				                 return $data;
			
 
				             } else {
			
 
				                 self::delete($token);
			
--- a/application/config.php
+++ b/application/config.php
@@ -260,7 +260,7 @@ return [
 
				         //是否开启前台会员中心
			
 
				         'usercenter'          => true,
			
 
				         //登录验证码
			
 
				-        'login_captcha'       => true,
			
 
				+        'login_captcha'       => false,
			
 
				         //登录失败超过10则1天后重试
			
 
				         'login_failure_retry' => true,
			
 
				         //是否同一账号同一时间只能在一个地方登录
			
@@ -270,7 +270,7 @@ return [
 
				         //自动检测更新
			
 
				         'checkupdate'         => false,
			
 
				         //版本号
			
 
				-        'version'             => '1.0.0.20180406_beta',
			
 
				+        'version'             => '1.0.0.20180417_beta',
			
 
				         //API接口地址
			
 
				         'api_url'             => 'https://api.fastadmin.net',
			
 
				     ],
			
--- a/application/extra/upload.php
+++ b/application/extra/upload.php
@@ -21,7 +21,7 @@ return [
 
				     /**
			
 
				      * 可上传的文件类型
			
 
				      */
			
 
				-    'mimetype'  => '*',
			
 
				+    'mimetype'  => 'jpg,png,bmp,jpeg,gif,zip,rar,xls,xlsx',
			
 
				     /**
			
 
				      * 是否支持批量上传
			
 
				      */
			
--- a/public/assets/js/require-backend.min.js
+++ b/public/assets/js/require-backend.min.js
@@ -9701,7 +9701,7 @@ define('table',['jquery', 'bootstrap', 'moment', 'moment/locale/zh-cn', 'bootstr
 
				                     return html;
			
 
				                 },
			
 
				                 url: function (value, row, index) {
			
 
				-                    return '<div class="input-group input-group-sm" style="width:250px;"><input type="text" class="form-control input-sm" value="' + value + '"><span class="input-group-btn input-group-sm"><a href="' + value + '" target="_blank" class="btn btn-default btn-sm"><i class="fa fa-link"></i></a></span></div>';
			
 
				+                    return '<div class="input-group input-group-sm" style="width:250px;margin:0 auto;"><input type="text" class="form-control input-sm" value="' + value + '"><span class="input-group-btn input-group-sm"><a href="' + value + '" target="_blank" class="btn btn-default btn-sm"><i class="fa fa-link"></i></a></span></div>';
			
 
				                 },
			
 
				                 search: function (value, row, index) {
			
 
				                     return '<a href="javascript:;" class="searchit" data-field="' + this.field + '" data-value="' + value + '">' + value + '</a>';
			
--- a/public/assets/js/require-table.js
+++ b/public/assets/js/require-table.js
@@ -397,7 +397,7 @@ define(['jquery', 'bootstrap', 'moment', 'moment/locale/zh-cn', 'bootstrap-table
 
				                     return html;
			
 
				                 },
			
 
				                 url: function (value, row, index) {
			
 
				-                    return '<div class="input-group input-group-sm" style="width:250px;"><input type="text" class="form-control input-sm" value="' + value + '"><span class="input-group-btn input-group-sm"><a href="' + value + '" target="_blank" class="btn btn-default btn-sm"><i class="fa fa-link"></i></a></span></div>';
			
 
				+                    return '<div class="input-group input-group-sm" style="width:250px;margin:0 auto;"><input type="text" class="form-control input-sm" value="' + value + '"><span class="input-group-btn input-group-sm"><a href="' + value + '" target="_blank" class="btn btn-default btn-sm"><i class="fa fa-link"></i></a></span></div>';
			
 
				                 },
			
 
				                 search: function (value, row, index) {
			
 
				                     return '<a href="javascript:;" class="searchit" data-field="' + this.field + '" data-value="' + value + '">' + value + '</a>';