fix: 修复配置文件和登录页面安全问题

更新数据库和SMTP密码配置，移除敏感信息移除登录页面的错误提示弹窗，改为注释在应用审核页面添加审核规则提示链接
2025-07-15 21:53:35 +08:00
parent d4dc9e1edc
commit 6b3c60b8b4
3 changed files with 8 additions and 4 deletions
--- a/admin/login.php
+++ b/admin/login.php
@@ -122,7 +122,7 @@ if (!isset($_SESSION['admin'])) {
                    <div class="card blur-bg">
                        <div class="card-header">管理员登录</div>
                        <div class="card-body">
-                            <?php if (isset($error)): ?>
+                            <!-- <?php if (isset($error)): ?>
                                <script>
                                    Swal.fire({
                                        icon: "error",
@@ -130,7 +130,7 @@ if (!isset($_SESSION['admin'])) {
                                        text: "<?php echo addslashes($error); ?>",
                                    });
                                </script>
-                            <?php endif; ?>
+                            <?php endif; ?> -->
                            <form method="post">
                                <div class="form-floating mb-3">
                                    <input type="text" class="form-control" id="username" name="username" required>
--- a/admin/review_apps.php
+++ b/admin/review_apps.php
@@ -186,6 +186,9 @@ if (!($conn instanceof mysqli)) {
    </nav>

    <div class="container mt-4">
+        <div class="alert alert-info">
+            请遵循应用商店的<a href="/docs/app_review_standards.php" target="_blank">审核规则</a>，确保应用符合平台要求。
+        </div>
        <?php if (!empty($success)): ?>
            <div class="alert alert-success"><?php echo $success; ?></div>
        <?php endif; ?>
@@ -321,7 +324,7 @@ function showRejectReason(appId, appName) {
    <!-- Bootstrap JS with Popper -->
    <script src="/js/bootstrap.bundle.js"></script>
    <!-- SweetAlert2 JS -->
-    <script src="/js/sweetalert.js/dist/sweetalert2.all.min.js"></script>
+    <script src="/js/sweetalert.js"></script>
    <script>
    function confirmLogout() {
        Swal.fire({
--- a/config.php
+++ b/config.php
@@ -23,7 +23,8 @@ define('SMTP_FROM_NAME', 'leonmm2@163.com');
 // 管理员账号 - 支持多个账号
 $admin_accounts = [
    ['id' => 1, 'username' => 'Admin', 'password' => ''],
-    ['id' => 2, 'username' => 'Admin2', 'password' => ''],
+    ['id' => 2, 'username' => 'jgzyes', 'password' => ''],
+    ['id' => 3, 'username' => 'zmm', 'password' => ''],
    // 可添加更多管理员账号，格式: ['id' => 数字, 'username' => '用户名', 'password' => '']
 ];