From 6831ad764adff67d85ff011a3526aa1836fc2fab Mon Sep 17 00:00:00 2001 From: "bt.cn" <287962566@qq.com> Date: Fri, 18 Oct 2019 09:42:51 +0800 Subject: [PATCH] 7.0.2 --- BTPanel/__init__.py | 22 ++++++++++++++++++---- BTPanel/static/css/site.css | 2 +- BTPanel/static/js/files.js | 5 +++-- BTPanel/static/js/index.js | 4 ++-- BTPanel/static/js/public.js | 2 +- BTPanel/templates/default/index.html | 2 +- BTPanel/templates/default/layout.html | 2 +- class/common.py | 13 ++++++++++--- class/config.py | 3 ++- class/files.py | 9 ++++++--- class/jobs.py | 10 ++++++++++ class/panelPlugin.py | 1 - 12 files changed, 55 insertions(+), 20 deletions(-) diff --git a/BTPanel/__init__.py b/BTPanel/__init__.py index 11889fd3..47d53e02 100644 --- a/BTPanel/__init__.py +++ b/BTPanel/__init__.py @@ -103,6 +103,7 @@ def socket_connect(msg=None): @socketio.on('webssh') def webssh(msg): if not check_login(): + session.clear() emit('server_response',"面板会话丢失,请重新登录面板!") return None if not 'ssh_obj' in session: @@ -145,10 +146,14 @@ def reload_mod(): @app.before_request def request_check(): - if not request.path in ['/safe','/hook','/public']: ip_check = public.check_ip_panel() if ip_check: return ip_check + + if request.path.find('/static/') != -1 or request.path == '/code': + if not 'login' in session and not 'admin_auth' in session: + session.clear() + if request.path == '/code': return abort(401) domain_check = public.check_domain_panel() if domain_check: return domain_check if public.is_local(): @@ -175,7 +180,9 @@ def request_end(reques = None): def send_authenticated(): global local_ip if not local_ip: local_ip = public.GetLocalIp() - return Response('', 401,{'WWW-Authenticate': 'Basic realm="%s"' % local_ip.strip()}) + result = Response('', 401,{'WWW-Authenticate': 'Basic realm="%s"' % local_ip.strip()}) + if not 'login' in session and not 'admin_auth' in session: session.clear() + return result @app.route('/',methods=method_all) def home(): @@ -666,6 +673,7 @@ def panel_public(): comm.checkWebType() comm.GetOS() result = plu.a(get) + session.clear() return public.getJson(result),json_header @app.route('/favicon.ico',methods=method_get) @@ -729,7 +737,9 @@ def panel_other(name=None,fun = None,stype=None): comReturn = comm.local() if comReturn: if not is_php: - if not hasattr(plu,'_check'): return public.returnJson(False,'指定插件不支持公共访问!'),json_header + if not hasattr(plu,'_check'): + session.clear() + return public.returnJson(False,'指定插件不支持公共访问!'),json_header checks = plu._check(args) r_type = type(checks) if r_type == Response: return checks @@ -806,6 +816,7 @@ def panel_hook(): if not os.path.exists('plugin/webhook'): return public.getJson(public.returnMsg(False,'INIT_WEBHOOK_ERR')); sys.path.append('plugin/webhook'); import webhook_main + session.clear() return public.getJson(webhook_main.webhook_main().RunHook(get)); @app.route('/safe',methods=method_all) @@ -828,13 +839,16 @@ def panel_safe(): if not hasattr(s,get.data['action']): return public.returnJson(False,'INIT_FUN_NOT_EXISTS'); defs = ('GetServerInfo','add_ssh_limit','remove_ssh_limit','get_ssh_limit','get_login_log','get_panel_limit','add_panel_limit','remove_panel_limit','close_ssh_limit','close_panel_limit','get_system_info','get_service_info','get_ssh_errorlogin') if not get.data['action'] in defs: return 'False'; - return public.getJson(eval('s.' + get.data['action'] + '(get)')); + result = public.getJson(eval('s.' + get.data['action'] + '(get)')); + session.clear() + return result @app.route('/install',methods=method_all) def install(): if public.M('config').where("id=?",('1',)).getField('status') == 1: if os.path.exists('install.pl'): os.remove('install.pl'); + session.clear() return redirect('/login') ret_login = os.path.join('/',admin_path) if admin_path == '/' or admin_path == '/bt': ret_login = '/login' diff --git a/BTPanel/static/css/site.css b/BTPanel/static/css/site.css index beea5f24..bd379d03 100644 --- a/BTPanel/static/css/site.css +++ b/BTPanel/static/css/site.css @@ -1670,7 +1670,7 @@ html .menu .menu_exit:hover { bottom: 0; left: 0; padding: 8px 20px 10px; - position: fixed; + position: absolute; text-align: right; width: 100% } diff --git a/BTPanel/static/js/files.js b/BTPanel/static/js/files.js index 139d3888..4be3b26f 100644 --- a/BTPanel/static/js/files.js +++ b/BTPanel/static/js/files.js @@ -802,8 +802,9 @@ function Batch(type,access){ if(access == 1){ var access = $("#access").val(); - var chown = $("#chown").val(); - data += '&access='+access+'&user='+chown; + var chown = $("#chown").val(); + var all = $("#accept_all").prop("checked") ? 'True' : 'False'; + data += '&access='+access+'&user='+chown+"&all="+all; layer.closeAll(); } if(type == 4){ diff --git a/BTPanel/static/js/index.js b/BTPanel/static/js/index.js index ceed72e7..49a6f233 100644 --- a/BTPanel/static/js/index.js +++ b/BTPanel/static/js/index.js @@ -145,7 +145,7 @@ var index = { crs += 'CPU-' + i + ": " + d[2][i] + '%' + (n1 % 2 == 0?'
':' | '); } - layer.tips(d[3] +"
"+ crs, _this.find('.cicle'), { time: 0, tips: [1, '#999'] }); + layer.tips(d[3] + "
" + d[5] + "个物理CPU," + d[4] + "个物理核心," + d[4]+"线程
"+ crs, _this.find('.cicle'), { time: 0, tips: [1, '#999'] }); }, function () { layer.closeAll('tips'); }); @@ -230,7 +230,7 @@ var index = { var load_arr = [{ title: '运行堵塞', val: 100, color: '#dd2f00' }, { title: '运行缓慢', val: 90, color: '#ff9900' }, { title: '运行正常', val: 70, color: '#20a53a' }, { title: '运行流畅', val: 30, color: '#20a53a' }]; var _cpubox = $('.cpubox'), _membox = $('.membox'), _loadbox = $('.loadbox') - index.set_val(_cpubox, { usage: net.cpu[0], title: net.cpu[5] * net.cpu[4] + '核' + net.cpu[1]+'线程', items: pub_arr }) + index.set_val(_cpubox, { usage: net.cpu[0], title: net.cpu[1]+' 核心', items: pub_arr }) index.set_val(_membox, { usage: (net.mem.memRealUsed * 100 / net.mem.memTotal).toFixed(1), items: pub_arr, title: net.mem.memRealUsed + '/' + net.mem.memTotal + '(MB)' }) bt.set_cookie('memSize', net.mem.memTotal) diff --git a/BTPanel/static/js/public.js b/BTPanel/static/js/public.js index 403df2f2..3fe2f753 100644 --- a/BTPanel/static/js/public.js +++ b/BTPanel/static/js/public.js @@ -2679,7 +2679,7 @@ function show_ssh_login(is_config) {
验证方式
\
密码
\ \ -
\ +
\

仅支持登录本服务器,如需登录其他服务器,可以使用【堡塔云控平台】进行多机管理

\
'; ssh_login = layer.open({ diff --git a/BTPanel/templates/default/index.html b/BTPanel/templates/default/index.html index ec8d4ef9..fcededea 100644 --- a/BTPanel/templates/default/index.html +++ b/BTPanel/templates/default/index.html @@ -139,7 +139,7 @@

{{data['lan']['S2']}}

- +