Skip to content

Commit

Permalink
7.1.14
Browse files Browse the repository at this point in the history
  • Loading branch information
showpy committed Dec 9, 2019
1 parent b1d6185 commit 1f8da5c
Show file tree
Hide file tree
Showing 9 changed files with 176 additions and 76 deletions.
50 changes: 24 additions & 26 deletions BTPanel/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -24,15 +24,14 @@
sys.setrecursionlimit(1000000)
cache = SimpleCache()

app = Flask(__name__,template_folder="templates/" + public.GetConfigValue('template'))
sockets = Sockets(app)

import public
import common
import db
import jobs

app = Flask(__name__,template_folder="templates/" + public.GetConfigValue('template'))
sockets = Sockets(app)


dns_client = None
app.config['DEBUG'] = os.path.exists('data/debug.pl')

Expand Down Expand Up @@ -152,7 +151,7 @@ def service_status():
def webssh(ws):
if not check_login():
session.clear()
emit('server_response',"面板会话丢失,请重新登录面板!")
emit('server_response',"SSH_ERROR")
return None
if not 'ssh_obj' in session:
import ssh_terminal
Expand All @@ -179,7 +178,7 @@ def term_open():
key = 'ssh_' + args['host']
if key in session:
return public.getJson(session[key]),json_header
return public.returnMsg(False,'获取失败!')
return public.returnMsg(False,'SSH_INFO_ERROR')
session['ssh_info'] = json.loads(args.data)
key = 'ssh_' + session['ssh_info']['host']
session[key] = session['ssh_info']
Expand All @@ -190,7 +189,7 @@ def term_open():
else:
if os.path.exists(s_file): os.remove(s_file)
if 'ssh_obj' in session: session['ssh_obj']._ssh_info = session['ssh_info']
return public.returnJson(True,'设置成功!');
return public.returnJson(True,'SET_SUCCESS');

@app.route('/reload_mod',methods=method_all)
def reload_mod():
Expand All @@ -202,7 +201,7 @@ def reload_mod():
mod_name = args.mod_name
result = public.reload_mod(mod_name)
if result: return public.returnJson(True,result),json_header
return public.returnJson(False,'重载失败!'),json_header
return public.returnJson(False,'INIT_RELOAD_ERR'),json_header

@app.before_request
def request_check():
Expand All @@ -221,7 +220,7 @@ def request_check():
if public.is_local():
not_networks = ['uninstall_plugin','install_plugin','UpdatePanel']
if request.args.get('action') in not_networks:
return public.returnJson(False,'离线模式下无法使用此功能!'),json_header
return public.returnJson(False,'INIT_REQUEST_CHECK_LOCAL_ERR'),json_header

if app.config['BASIC_AUTH_OPEN']:
if request.path in ['/public','/download','/mail_sys','/hook']: return;
Expand Down Expand Up @@ -601,7 +600,7 @@ def config(pdata = None):
try:
data['wx'] = wxapp.wxapp().get_user_info(None)['msg']
except:
data['wx'] = '当前未绑定微信号'
data['wx'] = 'INIT_WX_NOT_BIND'
data['api'] = ''
data['ipv6'] = '';
sess_out_path = 'data/session_timeout.pl'
Expand All @@ -615,8 +614,8 @@ def config(pdata = None):
if c_obj.get_ipv6_listen(None): data['ipv6'] = 'checked'
if c_obj.get_token(None)['open']: data['api'] = 'checked'
data['basic_auth'] = c_obj.get_basic_auth_stat(None)
data['basic_auth']['value'] = '已关闭'
if data['basic_auth']['open']: data['basic_auth']['value'] = '已开启'
data['basic_auth']['value'] = public.getMsg('CLOSED')
if data['basic_auth']['open']: data['basic_auth']['value'] = public.getMsg('OPENED')
data['debug'] = ''
if app.config['DEBUG']: data['debug'] = 'checked'
data['is_local'] = ''
Expand Down Expand Up @@ -819,7 +818,7 @@ def panel_other(name=None,fun = None,stype=None):
if not name: name = 'coll'
if not public.path_safe_check("%s/%s/%s" % (name,fun,stype)): return abort(404)
if name.find('./') != -1 or not re.match("^[\w-]+$",name): return abort(404)
if not name: return public.returnJson(False,'请传入插件名称!'),json_header
if not name: return public.returnJson(False,'PLUGIN_INPUT_ERR'),json_header
p_path = '/www/server/panel/plugin/' + name
if not os.path.exists(p_path): return abort(404)

Expand Down Expand Up @@ -853,7 +852,7 @@ def panel_other(name=None,fun = None,stype=None):
except:pass
plu = eval('plugin_main.' + name + '_main()')
if not hasattr(plu,fun):
return public.returnJson(False,'指定方法不存在!'),json_header
return public.returnJson(False,'PLUGIN_NOT_FUN'),json_header


#执行插件方法
Expand All @@ -879,7 +878,7 @@ def panel_other(name=None,fun = None,stype=None):
t_path_root = p_path + '/templates/'
t_path = t_path_root + fun + '.html'
if not os.path.exists(t_path):
return public.returnJson(False,'指定模板不存在!'),json_header
return public.returnJson(False,'PLUGIN_NOT_TEMPLATE'),json_header
t_body = public.readFile(t_path)

#处理模板包含
Expand All @@ -896,7 +895,7 @@ def panel_other(name=None,fun = None,stype=None):
else: #直接响应插件返回值,可以是任意flask支持的响应类型
r_type = type(data)
if r_type == dict:
return public.returnJson(False,'错误的返回类型[{}]'.fformat(r_type)),json_header
return public.returnJson(False,public.getMsg('PUBLIC_ERR_RETURN').format(r_type)),json_header
return data
except:
error_info = public.get_error_info()
Expand Down Expand Up @@ -973,11 +972,11 @@ def install():
elif request.method == method_post[0]:
if not os.path.exists('install.pl'): return redirect(ret_login)
get = get_input()
if not hasattr(get,'bt_username'): return '用户名不能为空!';
if not get.bt_username: return '用户名不能为空!'
if not hasattr(get,'bt_password1'): return '密码不能为空!';
if not get.bt_password1: return '密码不能为空!';
if get.bt_password1 != get.bt_password2: return '两次输入的密码不一致,请重新输入!';
if not hasattr(get,'bt_username'): return public.getMsg('INSTALL_USER_EMPTY')
if not get.bt_username: return public.getMsg('INSTALL_USER_EMPTY')
if not hasattr(get,'bt_password1'): return public.getMsg('INSTALL_PASS_EMPTY')
if not get.bt_password1: return public.getMsg('INSTALL_PASS_EMPTY')
if get.bt_password1 != get.bt_password2: return public.getMsg('INSTALL_PASS_CHECK')
public.M('users').where("id=?",(1,)).save('username,password',
(get.bt_username,
public.md5(get.bt_password1.strip())
Expand Down Expand Up @@ -1043,7 +1042,6 @@ def download():
mimetype = "application/octet-stream"
extName = filename.split('.')[-1]
if extName in ['png','gif','jpeg','jpg']: mimetype = None
#if extName in ['mp4','avi']: mimetype = 'multipart/x-mixed-replace'
return send_file(filename,mimetype=mimetype,
as_attachment=True,
attachment_filename=os.path.basename(filename),
Expand Down Expand Up @@ -1081,14 +1079,14 @@ def check_csrf():

def publicObject(toObject,defs,action=None,get = None):
if 'request_token' in session and 'login' in session:
if not check_csrf(): return public.ReturnJson(False,'CSRF校验失败,请重新登录面板'),json_header
if not check_csrf(): return public.ReturnJson(False,'INIT_CSRF_ERR'),json_header

if not get: get = get_input()
if action: get.action = action

if hasattr(get,'path'):
get.path = get.path.replace('//','/').replace('\\','/');
if get.path.find('./') != -1: return public.ReturnJson(False,'不安全的路径'),json_header
if get.path.find('./') != -1: return public.ReturnJson(False,'INIT_PATH_NOT_SAFE'),json_header
if get.path.find('->') != -1:
get.path = get.path.split('->')[0].strip();
if hasattr(get,'sfile'):
Expand All @@ -1097,7 +1095,7 @@ def publicObject(toObject,defs,action=None,get = None):
get.dfile = get.dfile.replace('//','/').replace('\\','/');

if hasattr(toObject,'site_path_check'):
if not toObject.site_path_check(get): return public.ReturnJson(False,'越权的操作!'),json_header
if not toObject.site_path_check(get): return public.ReturnJson(False,'INIT_ACCEPT_NOT'),json_header

return run_exec().run(toObject,defs,get)

Expand Down Expand Up @@ -1209,7 +1207,7 @@ def internalerror(e):
errorStr = errorStr.format(public.getMsg('PAGE_ERR_500_TITLE'),
str(e),
'<pre>'+public.get_error_info() + '</pre>',
'以上调试信息仅在开发者模式显示','版本号: ' + public.version())
public.getMsg('INIT_DEBUG_INFO'),public.getMsg('INIT_VERSION_LAST') + public.version())
except IndexError:pass
return errorStr,500

Expand Down
13 changes: 7 additions & 6 deletions BTPanel/static/js/public.js
Original file line number Diff line number Diff line change
Expand Up @@ -1019,7 +1019,7 @@ var aceEditor = {
if(obj['p'] === undefined) obj['p'] = 1;
if(obj['showRow'] === undefined) obj['showRow'] = 200;
if(obj['sort'] === undefined) obj['sort'] = 'name';
if(obj['reverse'] === undefined) obj['reverse'] = false;
if(obj['reverse'] === undefined) obj['reverse'] = 'False';
$.post("/files?action=GetDir&tojs=GetFiles",{p:obj.p,showRow:obj.showRow,sort:obj.sort,reverse:obj.reverse,path:obj.path}, function(res) {
layer.close(loadT);
if(callback) callback(res);
Expand Down Expand Up @@ -3076,17 +3076,18 @@ function GetReloads() {
}
a++;
$.post("/files?action=GetTaskSpeed", "", function (h) {
if (h.task == undefined) {
$(".cmdlist").html(lan.bt.task_not_list);
return
}

if (h.status === false) {
clearInterval(speed);
speed = null;
a = 0;
return
}

if(h.task == undefined) {
$(".cmdlist").html(lan.bt.task_not_list);
return
}

var b = "";
var d = "";
$("#task").text(h.task.length);
Expand Down
21 changes: 20 additions & 1 deletion BTPanel/static/language/Simplified_Chinese/public.json
Original file line number Diff line number Diff line change
Expand Up @@ -324,5 +324,24 @@
"NGINX_CONF_MSG1": "SSL相关配置,请勿删除或修改下一行带注释的404规则",
"NGINX_CONF_MSG2": "错误页配置,可以注释、删除或修改",
"NGINX_CONF_MSG3": "PHP引用配置,可以注释或修改",
"NGINX_CONF_MSG4": "URL重写规则引用,修改后将导致面板设置的伪静态规则失效"
"NGINX_CONF_MSG4": "URL重写规则引用,修改后将导致面板设置的伪静态规则失效",
"SSH_ERROR": "面板会话丢失,请重新登录面板!",
"SSH_INFO_ERROR": "获取失败!",
"INIT_RELOAD_ERR": "重载失败!",
"INIT_REQUEST_CHECK_LOCAL_ERR": "离线模式下无法使用此功能!",
"INIT_WX_NOT_BIND": "当前未绑定微信号",
"CLOSED": "已关闭",
"OPENED": "已开启",
"PLUGIN_INPUT_ERR": "请传入插件名称!",
"PLUGIN_NOT_FUN": "指定方法不存在!",
"PLUGIN_NOT_TEMPLATE": "指定模板不存在!",
"PUBLIC_ERR_RETURN": "错误的返回类型[{}]",
"INSTALL_USER_EMPTY": "用户名不能为空!",
"INSTALL_PASS_EMPTY": "密码不能为空!",
"INSTALL_PASS_CHECK": "两次输入的密码不一致,请重新输入!",
"INIT_CSRF_ERR": "CSRF校验失败,请重新登录面板",
"INIT_PATH_NOT_SAFE": "不安全的路径",
"INIT_ACCEPT_NOT": "越权的操作!",
"INIT_DEBUG_INFO": "以上调试信息仅在开发者模式显示",
"INIT_VERSION_LAST": "版本号: "
}
40 changes: 38 additions & 2 deletions class/firewalls.py
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,19 @@ def FirewallReload(self):
else:
public.ExecShell('/etc/init.d/iptables save')
public.ExecShell('/etc/init.d/iptables restart')

#取防火墙状态
def CheckFirewallStatus(self):
if self.__isUfw:
public.ExecShell("")

if self.__isFirewalld:
res = public.ExecShell("systemctl status firewalld")[0]
if res.find('active (running)') != -1: return 1
if res.find('disabled') != -1: return -1
if res.find('inactive (dead)') != -1: return 0
else:
public.ExecShell("systemctl status firewalld")[0]

#添加屏蔽IP
def AddDropAddress(self,get):
Expand Down Expand Up @@ -112,11 +125,14 @@ def AddAcceptPort(self,get):
src_port = get.port
get.port = get.port.replace('-',':')
rep = "^\d{1,5}(:\d{1,5})?$"
if not re.search(rep,get.port): return public.returnMsg(False,'PORT_CHECK_RANGE');
if not re.search(rep,get.port):
return public.returnMsg(False,'PORT_CHECK_RANGE');

import time
port = get.port
ps = get.ps
is_exists = public.M('firewall').where("port=? or port=?",(port,src_port)).count()
if is_exists: return public.returnMsg(False,'端口已经放行过了!')
notudps = ['80','443','8888','888','39000:40000','21','22']
if self.__isUfw:
public.ExecShell('ufw allow ' + port + '/tcp');
Expand All @@ -135,7 +151,27 @@ def AddAcceptPort(self,get):
if not is_exists: public.M('firewall').add('port,ps,addtime',(port,ps,addtime))
self.FirewallReload()
return public.returnMsg(True,'ADD_SUCCESS')



#添加放行端口
def AddAcceptPortAll(self,port,ps):
import re
port = port.replace('-',':')
rep = "^\d{1,5}(:\d{1,5})?$"
if not re.search(rep,port):
return False
if self.__isUfw:
public.ExecShell('ufw allow ' + port + '/tcp');
public.ExecShell('ufw allow ' + port + '/udp');
else:
if self.__isFirewalld:
port = port.replace(':','-');
public.ExecShell('firewall-cmd --permanent --zone=public --add-port='+port+'/tcp')
public.ExecShell('firewall-cmd --permanent --zone=public --add-port='+port+'/udp')
else:
public.ExecShell('iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport '+port+' -j ACCEPT')
public.ExecShell('iptables -I INPUT -p tcp -m state --state NEW -m udp --dport '+port+' -j ACCEPT')
return True

#删除放行端口
def DelAcceptPort(self,get):
Expand Down
10 changes: 5 additions & 5 deletions class/http_requests.py
Original file line number Diff line number Diff line change
Expand Up @@ -277,8 +277,8 @@ def _str_headers(self,headers):
#构造适用于CURL的post参数
def _str_post(self,pdata,headers):
str_pdata = ''
if headers['Content-Type'].find('application/jose') != -1 \
or headers['Content-Type'].find('application/josn') != -1:
if headers.find('application/jose') != -1 \
or headers.find('application/josn') != -1:
if type(pdata) == dict:
pdata = json.dumps(pdata)
if type(pdata) == bytes:
Expand Down Expand Up @@ -373,9 +373,9 @@ def get_stype(s_type):
#获取请求头
def get_headers(headers):
if type(headers) != dict: headers = {}
if 'Content-type' in headers:
headers['Content-type'] = DEFAULT_HEADERS['Content-type']
if 'User-Agent' in headers:
#if not 'Content-type' in headers:
# headers['Content-type'] = DEFAULT_HEADERS['Content-type']
if not 'User-Agent' in headers:
headers['User-Agent'] = DEFAULT_HEADERS['User-Agent']
return headers

Expand Down
35 changes: 33 additions & 2 deletions class/jobs.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,6 @@
# +-------------------------------------------------------------------
import time,public,db,os,sys,json,re
os.chdir('/www/server/panel')
exec_tips = None
from BTPanel import cache

def control_init():
sql = db.Sql().dbfile('system')
Expand Down Expand Up @@ -67,6 +65,39 @@ def control_init():
remove_tty1()
clean_hook_log()
run_new()
clean_max_log('/www/server/cron',1024*1024*5,20)


#检测端口放行是否同步
def check_firewall():
data = public.M('firewall').field('port,ps').select()
import firewalld,firewalls
fs = firewalls.firewalls()
accept_ports = firewalld.firewalld().GetAcceptPortList()

port_list = []
for port_info in accept_ports:
if port_info['port'] in port_list:
continue
port_list.append(port_info['port'])

print(port_list)
n = 0
for p in data:
if p['port'].find('.') != -1:
continue
if p['port'] in port_list:
continue
print(p['port'])
print(fs.AddAcceptPortAll(p['port'],p['ps']))
n+=1

#重载
if n: fs.FirewallReload()





#尝试启动新架构
def run_new():
Expand Down
Loading

0 comments on commit 1f8da5c

Please sign in to comment.