Skip to content

Commit

Permalink
7.0.2
Browse files Browse the repository at this point in the history
  • Loading branch information
showpy committed Oct 18, 2019
1 parent fdba689 commit 6831ad7
Show file tree
Hide file tree
Showing 12 changed files with 55 additions and 20 deletions.
22 changes: 18 additions & 4 deletions BTPanel/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,7 @@ def socket_connect(msg=None):
@socketio.on('webssh')
def webssh(msg):
if not check_login():
session.clear()
emit('server_response',"面板会话丢失,请重新登录面板!")
return None
if not 'ssh_obj' in session:
Expand Down Expand Up @@ -145,10 +146,14 @@ def reload_mod():

@app.before_request
def request_check():

if not request.path in ['/safe','/hook','/public']:
ip_check = public.check_ip_panel()
if ip_check: return ip_check

if request.path.find('/static/') != -1 or request.path == '/code':
if not 'login' in session and not 'admin_auth' in session:
session.clear()
if request.path == '/code': return abort(401)
domain_check = public.check_domain_panel()
if domain_check: return domain_check
if public.is_local():
Expand All @@ -175,7 +180,9 @@ def request_end(reques = None):
def send_authenticated():
global local_ip
if not local_ip: local_ip = public.GetLocalIp()
return Response('', 401,{'WWW-Authenticate': 'Basic realm="%s"' % local_ip.strip()})
result = Response('', 401,{'WWW-Authenticate': 'Basic realm="%s"' % local_ip.strip()})
if not 'login' in session and not 'admin_auth' in session: session.clear()
return result

@app.route('/',methods=method_all)
def home():
Expand Down Expand Up @@ -666,6 +673,7 @@ def panel_public():
comm.checkWebType()
comm.GetOS()
result = plu.a(get)
session.clear()
return public.getJson(result),json_header

@app.route('/favicon.ico',methods=method_get)
Expand Down Expand Up @@ -729,7 +737,9 @@ def panel_other(name=None,fun = None,stype=None):
comReturn = comm.local()
if comReturn:
if not is_php:
if not hasattr(plu,'_check'): return public.returnJson(False,'指定插件不支持公共访问!'),json_header
if not hasattr(plu,'_check'):
session.clear()
return public.returnJson(False,'指定插件不支持公共访问!'),json_header
checks = plu._check(args)
r_type = type(checks)
if r_type == Response: return checks
Expand Down Expand Up @@ -806,6 +816,7 @@ def panel_hook():
if not os.path.exists('plugin/webhook'): return public.getJson(public.returnMsg(False,'INIT_WEBHOOK_ERR'));
sys.path.append('plugin/webhook');
import webhook_main
session.clear()
return public.getJson(webhook_main.webhook_main().RunHook(get));

@app.route('/safe',methods=method_all)
Expand All @@ -828,13 +839,16 @@ def panel_safe():
if not hasattr(s,get.data['action']): return public.returnJson(False,'INIT_FUN_NOT_EXISTS');
defs = ('GetServerInfo','add_ssh_limit','remove_ssh_limit','get_ssh_limit','get_login_log','get_panel_limit','add_panel_limit','remove_panel_limit','close_ssh_limit','close_panel_limit','get_system_info','get_service_info','get_ssh_errorlogin')
if not get.data['action'] in defs: return 'False';
return public.getJson(eval('s.' + get.data['action'] + '(get)'));
result = public.getJson(eval('s.' + get.data['action'] + '(get)'));
session.clear()
return result


@app.route('/install',methods=method_all)
def install():
if public.M('config').where("id=?",('1',)).getField('status') == 1:
if os.path.exists('install.pl'): os.remove('install.pl');
session.clear()
return redirect('/login')
ret_login = os.path.join('/',admin_path)
if admin_path == '/' or admin_path == '/bt': ret_login = '/login'
Expand Down
2 changes: 1 addition & 1 deletion BTPanel/static/css/site.css
Original file line number Diff line number Diff line change
Expand Up @@ -1670,7 +1670,7 @@ html .menu .menu_exit:hover {
bottom: 0;
left: 0;
padding: 8px 20px 10px;
position: fixed;
position: absolute;
text-align: right;
width: 100%
}
Expand Down
5 changes: 3 additions & 2 deletions BTPanel/static/js/files.js
Original file line number Diff line number Diff line change
Expand Up @@ -802,8 +802,9 @@ function Batch(type,access){

if(access == 1){
var access = $("#access").val();
var chown = $("#chown").val();
data += '&access='+access+'&user='+chown;
var chown = $("#chown").val();
var all = $("#accept_all").prop("checked") ? 'True' : 'False';
data += '&access='+access+'&user='+chown+"&all="+all;
layer.closeAll();
}
if(type == 4){
Expand Down
4 changes: 2 additions & 2 deletions BTPanel/static/js/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,7 @@ var index = {
crs += 'CPU-' + i + ": " + d[2][i] + '%' + (n1 % 2 == 0?'</br>':' | ');

}
layer.tips(d[3] +"</br>"+ crs, _this.find('.cicle'), { time: 0, tips: [1, '#999'] });
layer.tips(d[3] + "</br>" + d[5] + "个物理CPU," + d[4] + "个物理核心," + d[4]+"线程</br>"+ crs, _this.find('.cicle'), { time: 0, tips: [1, '#999'] });
}, function () {
layer.closeAll('tips');
});
Expand Down Expand Up @@ -230,7 +230,7 @@ var index = {
var load_arr = [{ title: '运行堵塞', val: 100, color: '#dd2f00' }, { title: '运行缓慢', val: 90, color: '#ff9900' }, { title: '运行正常', val: 70, color: '#20a53a' }, { title: '运行流畅', val: 30, color: '#20a53a' }];
var _cpubox = $('.cpubox'), _membox = $('.membox'), _loadbox = $('.loadbox')

index.set_val(_cpubox, { usage: net.cpu[0], title: net.cpu[5] * net.cpu[4] + '核' + net.cpu[1]+'线程', items: pub_arr })
index.set_val(_cpubox, { usage: net.cpu[0], title: net.cpu[1]+' 核心', items: pub_arr })
index.set_val(_membox, { usage: (net.mem.memRealUsed * 100 / net.mem.memTotal).toFixed(1), items: pub_arr, title: net.mem.memRealUsed + '/' + net.mem.memTotal + '(MB)' })
bt.set_cookie('memSize', net.mem.memTotal)

Expand Down
2 changes: 1 addition & 1 deletion BTPanel/static/js/public.js
Original file line number Diff line number Diff line change
Expand Up @@ -2679,7 +2679,7 @@ function show_ssh_login(is_config) {
<div class="line "><span class="tname">验证方式</span><div class="info-r "><button class="ssh_check_s2" id="pass_check" onclick="pass_check()">密码验证</button><button id="rsa_check" class="ssh_check_s1" onclick="rsa_check()">私钥验证</button></div></div>\
<div class="line ssh_passwd"><span class="tname">密码</span><div class="info-r "><input name="ssh_passwd" readonly="readonly" class="bt-input-text mr5" type="password" style="width:330px" value="" autocomplete="off"></div></div>\
<div class="line ssh_pkey" style="display:none;"><span class="tname">私钥</span><div class="info-r "><textarea name="ssh_pkey" class="bt-input-text mr5" style="width:330px;height:80px;" ></textarea></div></div>\
<div class="line "><span class="tname"></span><div class="info-r "><input style="margin-top: 1px;width: 16px;" name="ssh_is_save" id="ssh_is_save" class="bt-input-text mr5" type="checkbox" ><label style="position: absolute;margin-top: 7px;margin-left: 5px;" for="ssh_is_save">记住密码,下次使用宝塔终端将自动登录</label></div></div>\
<div class="line "><span class="tname"></span><div class="info-r "><input style="margin-top: 1px;width: 16px;" name="ssh_is_save" id="ssh_is_save" class="bt-input-text mr5" type="checkbox" ><label style="position: absolute;margin-left: 5px;" for="ssh_is_save">记住密码,下次使用宝塔终端将自动登录</label></div></div>\
<p style="color: red;margin-top: 10px;text-align: center;">仅支持登录本服务器,如需登录其他服务器,可以使用<a class="btlink" href="https://www.bt.cn/platform" target="_blank">【堡塔云控平台】</a>进行多机管理</p>\
<div class="bt-form-submit-btn"><button type="button" class="btn btn-sm btn-danger" onclick="'+ (is_config ? 'layer.close(ssh_login)' :'layer.closeAll()')+'">关闭</button><button type="button" class="btn btn-sm btn-success ssh-login" onclick="send_ssh_info('+is_config+')">'+(is_config?'确定':'登录SSH')+'</button></div></div>';
ssh_login = layer.open({
Expand Down
2 changes: 1 addition & 1 deletion BTPanel/templates/default/index.html
Original file line number Diff line number Diff line change
Expand Up @@ -139,7 +139,7 @@ <h4 class="c9 f15">{{data['lan']['S2']}}</h4>

<script type="text/javascript" src="/static/js/jquery.dragsort-0.5.2.min.js"></script>
<script type="text/javascript" src="/static/js/echarts.min.js"></script>
<script type="text/javascript" src="/static/js/index.js?version={{g['version']}}"></script>
<script type="text/javascript" src="/static/js/index.js?f={{g['version']}}"></script>
<script type="text/javascript" src="/static/js/soft.js?version={{g['version']}}"></script>
<script type="text/javascript">
$(".btpro span").click(function(){
Expand Down
2 changes: 1 addition & 1 deletion BTPanel/templates/default/layout.html
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
<title>{{g.title}}</title>
<link rel="shortcut icon" href="/static/favicon.ico" type="image/x-icon" />
<link href="/static/bootstrap-3.3.5/css/bootstrap.min.css" rel="stylesheet">
<link href="/static/css/site.css?date={{g['version']}}" rel="stylesheet">
<link href="/static/css/site.css?f={{g['version']}}" rel="stylesheet">
<link href="/static/codemirror/lib/codemirror.css" rel="stylesheet">
<!--[if lte IE 9]>
<script src="/static/js/requestAnimationFrame.js"></script>
Expand Down
13 changes: 10 additions & 3 deletions class/common.py
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ def init(self):
if ua:
ua = ua.lower();
if ua.find('spider') != -1 or ua.find('bot') != -1: return redirect('https://www.baidu.com');
g.version = '7.0.1'
g.version = '7.0.2'
g.title = public.GetConfigValue('title')
g.uri = request.path
session['version'] = g.version;
Expand Down Expand Up @@ -98,9 +98,13 @@ def check_login(self):
api_check = True
if not 'login' in session:
api_check = self.get_sk()
if api_check: return api_check
if api_check:
session.clear()
return api_check
else:
if session['login'] == False: return redirect('/login')
if session['login'] == False:
session.clear()
return redirect('/login')
if api_check:
try:
sess_out_path = 'data/session_timeout.pl'
Expand All @@ -113,6 +117,7 @@ def check_login(self):
os.remove(sess_input_path)
session['login'] = False;
cache.set('dologin',True)
session.clear()
return redirect('/login')
public.writeFile(sess_input_path,str(int(time.time())))
except:pass
Expand All @@ -122,8 +127,10 @@ def check_login(self):
token = public.readFile(filename).strip()
if 'login_token' in session:
if session['login_token'] != token:
session.clear()
return redirect('/login?dologin=True')
except:
session.clear()
return redirect('/login')

#获取sk
Expand Down
3 changes: 2 additions & 1 deletion class/config.py
Original file line number Diff line number Diff line change
Expand Up @@ -427,7 +427,8 @@ def SetTemplates(self,get):
#设置面板SSL
def SetPanelSSL(self,get):
if hasattr(get,"email"):
rep_mail = "^[a-zA-Z0-9_-]+@[a-zA-Z0-9_-]+(\.[a-zA-Z0-9_-]+)+$"
#rep_mail = "^[a-zA-Z0-9_-]+@[a-zA-Z0-9_-]+(\.[a-zA-Z0-9_-]+)+$"
rep_mail = "[\w!#$%&'*+/=?^_`{|}~-]+(?:\.[\w!#$%&'*+/=?^_`{|}~-]+)*@(?:[\w](?:[\w-]*[\w])?\.)+[\w](?:[\w-]*[\w])?"
if not re.search(rep_mail,get.email):
return public.returnMsg(False,'邮箱格式不合法')
import setPanelLets
Expand Down
9 changes: 6 additions & 3 deletions class/files.py
Original file line number Diff line number Diff line change
Expand Up @@ -781,7 +781,7 @@ def GetFileBody(self,get) :
return public.returnMsg(False,'FILE_NOT_EXISTS',(get.path,))
public.writeFile(get.path,'');

if os.path.getsize(get.path) > 2097152: return public.returnMsg(False,u'不能在线编辑大于2MB的文件!');
if os.path.getsize(get.path) > 3145928: return public.returnMsg(False,u'不能在线编辑大于3MB的文件!');
if not os.path.isfile(get.path): return public.returnMsg(False,'这不是一个文件!')
fp = open(get.path,'rb')
data = {}
Expand Down Expand Up @@ -1016,8 +1016,11 @@ def SetBatchData(self,get):
if sys.version_info[0] == 2: key = key.encode('utf-8')
filename = get.path+'/'+key
if not self.CheckDir(filename): return public.returnMsg(False,'FILE_DANGER');
os.system('chmod -R '+get.access+" '"+filename+"'")
os.system('chown -R '+get.user+':'+get.user+" '"+filename+"'")
ret = ' -R '
if 'all' in get:
if get.all == 'False': ret = ''
os.system('chmod '+ret+get.access+" '"+filename+"'")
os.system('chown '+ret+get.user+':'+get.user+" '"+filename+"'")
except:
continue;
public.WriteLog('TYPE_FILE','FILE_ALL_ACCESS')
Expand Down
10 changes: 10 additions & 0 deletions class/jobs.py
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,16 @@ def clean_hook_log():
if name[-4:] != ".log": continue;
clean_max_log(path+'/' + name,524288)

#清理PHP日志
def clean_php_log():
path = '/www/server/panel/php'
if not os.path.exists(path): return False
for name in os.listdir(path):
filename = path + '/var/log/php-fpm.log'
if os.path.exists(filename): clean_max_log(filename)
filename = path + '/var/log/slow.log'
if os.path.exists(filename): clean_max_log(filename)

#清理大日志
def clean_max_log(log_file,max_size = 104857600,old_line = 100):
if not os.path.exists(log_file): return False
Expand Down
1 change: 0 additions & 1 deletion class/panelPlugin.py
Original file line number Diff line number Diff line change
Expand Up @@ -262,7 +262,6 @@ def get_cloud_list(self,get=None):
if not softList or focre > 0:
self.clean_panel_log()
cloudUrl = public.GetConfigValue('home') + '/api/panel/get_soft_list_test'
print(cloudUrl)
import panelAuth
pdata = panelAuth.panelAuth().create_serverid(None)
listTmp = public.httpPost(cloudUrl,pdata,10)
Expand Down

0 comments on commit 6831ad7

Please sign in to comment.