LeonMMcoset/leonapp
1
1
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects 1 Releases 1 Wiki Activity

feat: 实现管理员权限系统并本地化sweetalert资源

Browse Source 
- 添加管理员权限系统,支持all/say/review三种权限类型
- 为各管理页面添加权限检查逻辑
- 将sweetalert从CDN改为本地资源
- 添加统一的登出确认弹窗和logout.php处理
- 更新config.php中的数据库和SMTP配置
This commit is contained in:
Leonmmcoset
2025-07-15 21:30:51 +08:00
parent 3ca83c8662
commit d4dc9e1edc
20 changed files with 263 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
admin/addapp.php
View File

@@ -2,10 +2,17 @@
require_once '../config.php';
session_start();
// 检查管理员登录状态
// 检查是否已登录
if (!isset($_SESSION['admin'])) {
header('Location: login.php');
exit;
exit();
}
// 检查权限
if ($_SESSION['admin']['permission'] != 'all') {
$redirect = $_SESSION['admin']['permission'] == 'say' ? 'announcements.php' : 'review_apps.php';
header("Location: $redirect");
exit();
}
$success = '';
@@ -96,19 +103,36 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['add_app'])) {
}
?>
<!DOCTYPE html>
<html lang="zh-CN">
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>添加App - <?php echo APP_STORE_NAME; ?></title>
<!-- Bootstrap CSS -->
<link href="../css/bootstrap.min.css" rel="stylesheet">
<!-- 自定义CSS -->
<title>添加应用</title>
<link rel="stylesheet" href="../styles.css">
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<!-- Fluent Design 模糊效果 -->
<style>
.blur-bg {
<script src="/js/sweetalert.js"></script>
</head>
<body>
<div class="admin-header">
<h1>应用管理系统</h1>
<div class="admin-actions">
<span>欢迎, <?php echo htmlspecialchars($_SESSION['admin']['username']); ?></span>
<a href="#" onclick="confirmLogout()" class="logout-btn">登出</a>
</div>
</div>
<script>
function confirmLogout() {
Swal.fire({
title: '确定要登出吗?',
icon: 'question',
showCancelButton: true,
confirmButtonText: '确定',
cancelButtonText: '取消'
}).then((result) => {
if (result.isConfirmed) {
window.location.href = 'logout.php';
}
});
}
</script>
<!DOCTYPE html>\n<html lang="zh-CN">\n<head>\n <meta charset="UTF-8">\n <meta name="viewport" content="width=device-width, initial-scale=1.0">\n <title>添加App - <?php echo APP_STORE_NAME; ?></title>\n <!-- Bootstrap CSS -->\n <link href="../css/bootstrap.min.css" rel="stylesheet">\n <!-- 自定义CSS -->\n <link rel="stylesheet" href="../styles.css">\n <script src="/js/sweetalert.js"></script>\n <script>\n function confirmLogout() {\n Swal.fire({\n title: '确定要登出吗?',\n icon: 'question',\n showCancelButton: true,\n confirmButtonText: '确定',\n cancelButtonText: '取消'\n }).then((result) => {\n if (result.isConfirmed) {\n window.location.href = 'logout.php';\n }\n });\n }\n </script>\n <!-- Fluent Design 模糊效果 -->\n <style>\n .blur-bg {
backdrop-filter: blur(10px);
background-color: rgba(255, 255, 255, 0.5);
}
@@ -153,8 +177,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['add_app'])) {
<a class="nav-link active" aria-current="page" href="addapp.php">添加App</a>
</li>
<li class="nav-item">
<a class="nav-link" href="?logout=true">退出登录</a>
</li>
<a class="nav-link" href="#" onclick="confirmLogout()">退出登录</a>\n </li>
</ul>
</div>
</div>

25
admin/announcements.php
View File

@@ -7,6 +7,13 @@ if (!isset($_SESSION['admin']) || !isset($_SESSION['admin']['id'])) {
exit;
}
// 检查权限 - 允许all和say权限
if (!in_array($_SESSION['admin']['permission'], ['all', 'say'])) {
$redirect = $_SESSION['admin']['permission'] == 'say' ? 'announcements.php' : 'review_apps.php';
header("Location: $redirect");
exit();
}
// 处理公告发布
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$title = $_POST['title'] ?? '';
@@ -95,7 +102,7 @@ $result = $conn->query($sql);
<a class="nav-link" href="announcements.php">公告管理</a>
</li>
<li class="nav-item">
<a class="nav-link" href="?logout=true">退出登录</a>
<a class="nav-link" href="#" onclick="confirmLogout()">退出登录</a>
</li>
</ul>
</div>
@@ -103,8 +110,22 @@ $result = $conn->query($sql);
</nav>
<div class="container mt-4">
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script src="/js/sweetalert.js"></script>
<script>
function confirmLogout() {
Swal.fire({
title: '确定要登出吗?',
icon: 'question',
showCancelButton: true,
confirmButtonText: '确定',
cancelButtonText: '取消'
}).then((result) => {
if (result.isConfirmed) {
window.location.href = 'logout.php';
}
});
}
</script>
<?php if (isset($_GET['success'])): ?>
Swal.fire({
icon: "success",

30
admin/editapp.php
View File

@@ -2,10 +2,17 @@
require_once '../config.php';
session_start();
// 检查管理员登录状态
// 检查是否已登录
if (!isset($_SESSION['admin'])) {
header('Location: login.php');
exit;
exit();
}
// 检查权限
if ($_SESSION['admin']['permission'] != 'all') {
$redirect = $_SESSION['admin']['permission'] == 'say' ? 'announcements.php' : 'review_apps.php';
header("Location: $redirect");
exit();
}
// 验证App ID
@@ -122,7 +129,22 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['edit_app'])) {
<link href="../css/bootstrap.min.css" rel="stylesheet">
<!-- 自定义CSS -->
<link rel="stylesheet" href="../styles.css">
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script src="/js/sweetalert.js"></script>
<script>
function confirmLogout() {
Swal.fire({
title: '确定要登出吗?',
icon: 'question',
showCancelButton: true,
confirmButtonText: '确定',
cancelButtonText: '取消'
}).then((result) => {
if (result.isConfirmed) {
window.location.href = 'logout.php';
}
});
}
</script>
<!-- Fluent Design 模糊效果 -->
<style>
.blur-bg {
@@ -151,7 +173,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['edit_app'])) {
<a class="nav-link active" aria-current="page" href="editapp.php?id=<?php echo $appId; ?>">编辑App</a>
</li>
<li class="nav-item">
<a class="nav-link" href="?logout=true">退出登录</a>
<a class="nav-link" href="#" onclick="confirmLogout()">退出登录</a>
</li>
</ul>
</div>

30
admin/index.php
View File

@@ -11,10 +11,17 @@ if (!isset($conn) || !$conn instanceof mysqli) {
$sql = 'SELECT title, content FROM announcements ORDER BY created_at DESC LIMIT 1';
$result = $conn->query($sql);
$announcement = $result ? $result->fetch_assoc() : null;
// 检查管理员登录状态
// 检查是否已登录
if (!isset($_SESSION['admin'])) {
header('Location: login.php');
exit;
exit();
}
// 非全部权限管理员重定向到对应权限页面
if ($_SESSION['admin']['permission'] != 'all') {
$redirect = $_SESSION['admin']['permission'] == 'say' ? 'announcements.php' : 'review_apps.php';
header("Location: $redirect");
exit();
}
// 处理退出登录
@@ -59,7 +66,22 @@ if (!$resultApps) {
<link href="../css/bootstrap.min.css" rel="stylesheet">
<!-- 自定义CSS -->
<link rel="stylesheet" href="../styles.css">
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script src="/js/sweetalert.js"></script>
<script>
function confirmLogout() {
Swal.fire({
title: '确定要登出吗?',
icon: 'question',
showCancelButton: true,
confirmButtonText: '确定',
cancelButtonText: '取消'
}).then((result) => {
if (result.isConfirmed) {
window.location.href = 'logout.php';
}
});
}
</script>
<!-- Fluent Design 模糊效果 -->
<style>
.blur-bg {
@@ -98,7 +120,7 @@ if (!$resultApps) {
<a class="nav-link" href="announcements.php">公告管理</a>
</li>
<li class="nav-item">
<a class="nav-link" href="?logout=true">退出登录</a>
<a class="nav-link" href="#" onclick="confirmLogout()">退出登录</a>
</li>
</ul>
</div>

14
admin/login.php
View File

@@ -15,7 +15,8 @@ if (!isset($_SESSION['admin'])) {
if ($username === $account['username'] && $password === $account['password']) {
$_SESSION['admin'] = [
'id' => $account['id'],
'username' => $account['username']
'username' => $account['username'],
'permission' => $account['permission']
];
$adminFound = true;
@@ -35,7 +36,14 @@ if (!isset($_SESSION['admin'])) {
ini_set('session.gc_maxlifetime', $cookie_lifetime);
}
header('Location: index.php');
// 根据权限设置重定向页面
$redirectPage = 'index.php';
if ($_SESSION['admin']['permission'] == 'say') {
$redirectPage = 'announcements.php';
} elseif ($_SESSION['admin']['permission'] == 'review') {
$redirectPage = 'review_apps.php';
}
header("Location: $redirectPage");
exit();
}
}
@@ -77,7 +85,7 @@ if (!isset($_SESSION['admin'])) {
}
}
</style>
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script src="/js/sweetalert.js"></script>
</head>
<body class="page-transition">
<!-- 导航栏 -->

28
admin/logout.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
require_once '../config.php';
session_start();
// 销毁所有会话变量
$_SESSION = [];
// 如果使用了基于cookie的会话也需要删除cookie
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(
session_name(),
'',
time() - 42000,
$params["path"],
$params["domain"],
$params["secure"],
$params["httponly"]
);
}
// 销毁会话
session_destroy();
// 使用Sweet Alert弹窗提示并跳转登录页
echo '<script src="/js/sweetalert.js"></script>';
echo '<script>Swal.fire({title: "登出成功", text: "您已安全登出系统", icon: "success", timer: 1500, showConfirmButton: false}).then(() => { window.location.href = "login.php"; });</script>';
exit();

29
admin/manage_developers.php
View File

@@ -4,10 +4,17 @@ require_once '../config.php';
// 设置会话cookie路径为根目录以确保跨目录访问
session_set_cookie_params(0, '/');
session_start();
// 检查管理员登录状态
// 检查是否已登录
if (!isset($_SESSION['admin'])) {
header('Location: login.php');
exit;
exit();
}
// 检查权限
if ($_SESSION['admin']['permission'] != 'all') {
$redirect = $_SESSION['admin']['permission'] == 'say' ? 'announcements.php' : 'review_apps.php';
header("Location: $redirect");
exit();
}
// 处理退出登录
@@ -41,7 +48,7 @@ if (isset($_GET['logout'])) {
<a class="nav-link active" aria-current="page" href="manage_developers.php">管理开发者</a>
</li>
<li class="nav-item">
<a class="nav-link" href="?logout=true">退出登录</a>
<a class="nav-link" href="#" onclick="confirmLogout()">退出登录</a>
</li>
</ul>
</div>
@@ -206,6 +213,22 @@ if (!$stmt) {
}
</style>
<script src="/js/sweetalert.js"></script>
<script>
function confirmLogout() {
Swal.fire({
title: '确定要登出吗?',
icon: 'question',
showCancelButton: true,
confirmButtonText: '确定',
cancelButtonText: '取消'
}).then((result) => {
if (result.isConfirmed) {
window.location.href = 'logout.php';
}
});
}
</script>
</head>
<body>
<!-- Bootstrap JS Bundle with Popper -->

26
admin/manage_tags.php
View File

@@ -2,6 +2,13 @@
require_once '../config.php';
require_once 'login.php'; // 确保管理员已登录
// 检查权限
if ($_SESSION['admin']['permission'] != 'all') {
$redirect = $_SESSION['admin']['permission'] == 'say' ? 'announcements.php' : 'review_apps.php';
header("Location: $redirect");
exit();
}
// 处理标签添加
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['add_tag'])) {
$name = trim($_POST['tag_name']);
@@ -61,6 +68,22 @@ $tagsResult = $conn->query("SELECT * FROM tags ORDER BY created_at DESC");
<title>标签管理 - 应用商店后台</title>
<link href="../css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="../styles.css">
<script src="/js/sweetalert.js"></script>
<script>
function confirmLogout() {
Swal.fire({
title: '确定要登出吗?',
icon: 'question',
showCancelButton: true,
confirmButtonText: '确定',
cancelButtonText: '取消'
}).then((result) => {
if (result.isConfirmed) {
window.location.href = 'logout.php';
}
});
}
</script>
</head>
<body>
<div class="container mt-5">
@@ -152,5 +175,8 @@ $tagsResult = $conn->query("SELECT * FROM tags ORDER BY created_at DESC");
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js"></script>
<li class="nav-item">
<a class="nav-link" href="#" onclick="confirmLogout()">退出登录</a>
</li>
</body>
</html>

11
admin/manage_versions.php
View File

@@ -2,10 +2,17 @@
require_once '../config.php';
session_start();
// 检查管理员登录状态
// 检查是否已登录
if (!isset($_SESSION['admin'])) {
header('Location: login.php');
exit;
exit();
}
// 检查权限
if ($_SESSION['admin']['permission'] != 'all') {
$redirect = $_SESSION['admin']['permission'] == 'say' ? 'announcements.php' : 'review_apps.php';
header("Location: $redirect");
exit();
}
// 验证App ID

33
admin/review_apps.php
View File

@@ -6,10 +6,17 @@ use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
session_start();
// 检查管理员登录状态
// 检查是否已登录
if (!isset($_SESSION['admin'])) {
header('Location: login.php');
exit;
exit();
}
// 检查权限 - 允许all和review权限
if (!in_array($_SESSION['admin']['permission'], ['all', 'review'])) {
$redirect = $_SESSION['admin']['permission'] == 'say' ? 'announcements.php' : 'review_apps.php';
header("Location: $redirect");
exit();
}
$success = '';
@@ -133,7 +140,7 @@ if (!($conn instanceof mysqli)) {
<!-- Bootstrap CSS -->
<link href="../css/bootstrap.min.css" rel="stylesheet">
<!-- SweetAlert2 CSS -->
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/sweetalert2@11/dist/sweetalert2.min.css">
<link rel="stylesheet" href="/js/sweetalert.js/dist/sweetalert2.min.css">
<!-- 自定义CSS -->
<link rel="stylesheet" href="../styles.css">
<!-- Fluent Design 模糊效果 -->
@@ -171,7 +178,7 @@ if (!($conn instanceof mysqli)) {
<a class="nav-link active" aria-current="page" href="review_apps.php">应用审核</a>
</li>
<li class="nav-item">
<a class="nav-link" href="?logout=true">退出登录</a>
<a class="nav-link" onclick="confirmLogout()">退出登录</a>
</li>
</ul>
</div>
@@ -314,6 +321,22 @@ function showRejectReason(appId, appName) {
<!-- Bootstrap JS with Popper -->
<script src="/js/bootstrap.bundle.js"></script>
<!-- SweetAlert2 JS -->
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11/dist/sweetalert2.all.min.js"></script>
<script src="/js/sweetalert.js/dist/sweetalert2.all.min.js"></script>
<script>
function confirmLogout() {
Swal.fire({
title: '确认退出登录?',
icon: 'question',
showCancelButton: true,
confirmButtonText: '确认',
cancelButtonText: '取消',
reverseButtons: true
}).then((result) => {
if (result.isConfirmed) {
window.location.href = 'logout.php';
}
});
}
</script>
</body>
</html>

7
admin/system_info.php
View File

@@ -55,6 +55,13 @@
exit;
}
// 检查权限
if ($_SESSION['admin']['permission'] != 'all') {
$redirect = $_SESSION['admin']['permission'] == 'say' ? 'announcements.php' : 'review_apps.php';
header("Location: $redirect");
exit();
}
// 获取上传文件和图片信息
function get_uploaded_files_info() {
$uploaded_files = [];

4
app.php
View File

@@ -137,8 +137,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['rating'])) {
<!-- Font Awesome -->
<link rel="stylesheet" href="/css/all.min.css">
<!-- SweetAlert2 -->
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/sweetalert2@11/dist/sweetalert2.min.css">
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11/dist/sweetalert2.all.min.js"></script>
<link rel="stylesheet" href="/js/sweetalert.js/dist/sweetalert2.min.css">
<script src="/js/sweetalert.js/dist/sweetalert2.all.min.js"></script>
<!-- 本地 Chart.js -->
<script src="js/charts.js"></script>
<!-- 自定义CSS -->

1
config.php
View File

@@ -23,6 +23,7 @@ define('SMTP_FROM_NAME', 'leonmm2@163.com');
// 管理员账号 - 支持多个账号
$admin_accounts = [
['id' => 1, 'username' => 'Admin', 'password' => ''],
['id' => 2, 'username' => 'Admin2', 'password' => ''],
// 可添加更多管理员账号,格式: ['id' => 数字, 'username' => '用户名', 'password' => '']
];

2
developer/dashboard.php
View File

@@ -48,7 +48,7 @@ if (!($conn instanceof mysqli)) {
<!-- 自定义CSS -->
<link rel="stylesheet" href="../styles.css">
<!-- SweetAlert2 -->
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script src="/js/sweetalert.js"></script>
<style>
.blur-bg {
backdrop-filter: blur(10px);

2
developer/upload_app.php
View File

@@ -289,7 +289,7 @@ if (!($conn instanceof mysqli)) {
<link href="../css/bootstrap.min.css" rel="stylesheet">
<!-- 自定义CSS -->
<link rel="stylesheet" href="../styles.css">
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script src="/js/sweetalert.js"></script>
<!-- Fluent Design 模糊效果 -->
<style>
.blur-bg {

2
developer/version_control.php
View File

@@ -224,7 +224,7 @@ if (!$verStmt) {
<title>版本控制 - <?php echo htmlspecialchars($app['name']); ?></title>
<link href="../css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="../styles.css">
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script src="/js/sweetalert.js"></script>
<style>
.blur-bg {
backdrop-filter: blur(10px);

2
history_announcements.php
View File

@@ -32,7 +32,7 @@ if (!isset($conn) || !$conn instanceof mysqli) {
<link rel="stylesheet" href="styles.css">
<!-- Font Awesome -->
<link rel="stylesheet" href="/css/all.min.css">
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script src="/js/sweetalert.js"></script>
<!-- Fluent Design 模糊效果 -->
<style>
.blur-bg {

2
index.php
View File

@@ -33,7 +33,7 @@ if (!isset($conn) || !$conn instanceof mysqli) {
<link rel="stylesheet" href="styles.css">
<!-- Font Awesome -->
<link rel="stylesheet" href="/css/all.min.css">
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script src="/js/sweetalert.js"></script>
<!-- Fluent Design 模糊效果 -->
<style>
.blur-bg {

6
js/sweetalert.js Normal file
View File

File diff suppressed because one or more lines are too long

2
thanks.php
View File

@@ -159,7 +159,7 @@ require_once 'config.php';
&copy; <?php echo date('Y'); ?> <?php echo APP_STORE_NAME; ?>. 保留所有权利。
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script src="/js/sweetalert.js"></script>
<script src="/js/bootstrap.bundle.js"></script>
</body>
</html>