Merge pull request #2 from terrified2025/main

修复了容易被黑掉的bug
Delete ddd.zip
2025-11-19 22:35:50 +08:00 · 2025-10-04 09:58:02 +08:00 · 2025-08-23 00:31:10 +08:00 · 2025-08-23 00:26:40 +08:00
13 changed files with 3563 additions and 2938 deletions
--- a/admin/add_registration.php
+++ b/admin/add_registration.php
@ -1,4 +1,9 @@
 <?php
+session_start();
+require_once '../auth_check.php';
+checkAdminAuth();
+$csrf_token = generateCSRFToken();
+
 // 加载配置
 $config = include '../config.php';

@ -37,6 +42,9 @@ if (!$siteInfo) {
 $success = '';
 $errors = [];
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    // 验证CSRF令牌
+    verifyCSRFToken($_POST['csrf_token'] ?? '');
+    
    // 验证表单数据
    $data = [];

@ -103,7 +111,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {

    // 如果没有错误，保存数据
    if (empty($errors)) {
-        // 生成唯一备案编号 (ICP-年月日-6位ID)
        // 生成8位数字备案编号
        $data['registration_number'] = str_pad(rand(10000000, 99999999), 8, '0', STR_PAD_LEFT);
        $data['created_at'] = date('Y-m-d H:i:s');
@ -338,6 +345,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            <?php endif; ?>

            <form method="post" enctype="multipart/form-data">
+                <input type="hidden" name="csrf_token" value="<?php echo $csrf_token; ?>">
+                
                <div class="form-group">
                    <label for="website_name">网站名称 *</label>
                    <input type="text" id="website_name" name="website_name" required placeholder="请输入网站的名称">
--- a/admin/admin_dashboard.php
+++ b/admin/admin_dashboard.php
@ -1,5 +1,10 @@
 <!DOCTYPE html>
 <?php
+session_start();
+require_once '../auth_check.php';
+checkAdminAuth();
+$csrf_token = generateCSRFToken();
+
 // 加载配置
 $config = include '../config.php';

@ -35,7 +40,10 @@ if (!$siteInfo) {
 }

 // 处理备案状态更新
-if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'update_status' && isset($_POST['id']) && isset($_POST['status'])) {
+if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'update_status') {
+    // 验证CSRF令牌
+    verifyCSRFToken($_POST['csrf_token'] ?? '');
+    
    $id = $_POST['id'];
    $status = $_POST['status'];
    $reason = $_POST['reason'] ?? '';
@ -514,6 +522,7 @@ ensureEmailConfigTableExists($pdo);
            <h3 id="modalTitle">审核操作</h3>
            <form method="post" id="actionForm">
                <input type="hidden" name="action" value="update_status">
+                <input type="hidden" name="csrf_token" value="<?php echo $csrf_token; ?>">
                <input type="hidden" name="id" id="registrationId">
                <input type="hidden" name="status" id="actionStatus">
                
--- a/admin/admin_login.php
+++ b/admin/admin_login.php
@ -1,4 +1,6 @@
 <?php
+session_start();
+
 // 加载配置
 $config = include '../config.php';

@ -8,52 +10,99 @@ function getDatabaseConnection() {
    try {
        if ($config['database_type'] === 'mysql') {
            $dsn = "mysql:host={$config['database_config']['host']};port={$config['database_config']['port']};dbname={$config['database_config']['name']};charset=utf8mb4";
-            return new PDO($dsn, $config['database_config']['user'], $config['database_config']['password']);
+            $pdo = new PDO($dsn, $config['database_config']['user'], $config['database_config']['password']);
        } else if ($config['database_type'] === 'sqlite') {
            $dsn = "sqlite:{$config['database_config']['path']}";
-            return new PDO($dsn);
+            $pdo = new PDO($dsn);
        }
+        $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+        return $pdo;
    } catch (PDOException $e) {
-        die('数据库连接失败: ' . $e->getMessage());
+        die('数据库连接失败');
    }
 }

 // 处理注销请求
 if (isset($_GET['action']) && $_GET['action'] === 'logout') {
-    setcookie('admin_logged_in', '', time() - 3600, '/');
+    session_unset();
+    session_destroy();
    header('Location: admin_login.php');
    exit;
 }

 // 检查是否已登录
-if (isset($_COOKIE['admin_logged_in']) && $_COOKIE['admin_logged_in'] === 'true') {
+if (isset($_SESSION['admin_logged_in']) && $_SESSION['admin_logged_in'] === true) {
    header('Location: admin_dashboard.php');
    exit;
 }

+// 防止暴力破解：记录失败次数
+if (!isset($_SESSION['login_attempts'])) {
+    $_SESSION['login_attempts'] = 0;
+    $_SESSION['last_attempt'] = time();
+}
+
+// 重置计数器（5分钟后）
+if (time() - $_SESSION['last_attempt'] > 300) {
+    $_SESSION['login_attempts'] = 0;
+}
+
 $error = '';
+
 // 处理登录请求
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    // 检查是否超过最大尝试次数（5次）
+    if ($_SESSION['login_attempts'] >= 5) {
+        $error = '登录尝试次数过多，请5分钟后重试';
+    } else {
+        // 验证CSRF令牌
+        if (!isset($_POST['csrf_token']) || $_POST['csrf_token'] !== $_SESSION['csrf_token']) {
+            $error = '安全验证失败，请重新登录';
+        } else {
            $username = $_POST['username'] ?? '';
            $password = $_POST['password'] ?? '';

+            // 输入验证
+            if (empty($username) || empty($password)) {
+                $error = '用户名和密码不能为空';
+            } else {
                // 连接数据库
                $pdo = getDatabaseConnection();

                // 查询管理员信息
-    $stmt = $pdo->prepare("SELECT password_hash FROM admins WHERE username = ?");
+                $stmt = $pdo->prepare("SELECT id, password_hash FROM admins WHERE username = ?");
                $stmt->execute([$username]);
                $admin = $stmt->fetch(PDO::FETCH_ASSOC);

                // 验证密码
                if ($admin && password_verify($password, $admin['password_hash'])) {
-        // 设置登录cookie，有效期1小时
-        setcookie('admin_logged_in', 'true', time() + 3600, '/');
+                    // 登录成功，重置尝试次数
+                    $_SESSION['login_attempts'] = 0;
+                    
+                    // 设置会话变量
+                    $_SESSION['admin_logged_in'] = true;
+                    $_SESSION['admin_id'] = $admin['id'];
+                    $_SESSION['admin_username'] = $username;
+                    $_SESSION['last_activity'] = time();
+                    
+                    // 重新生成会话ID
+                    session_regenerate_id(true);
+                    
                    header('Location: admin_dashboard.php');
                    exit;
                } else {
+                    $_SESSION['login_attempts']++;
+                    $_SESSION['last_attempt'] = time();
                    $error = '用户名或密码错误';
                }
+            }
+        }
+    }
+}
+
+// 生成CSRF令牌
+if (!isset($_SESSION['csrf_token'])) {
+    $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
 }
 ?>
 <!DOCTYPE html>
@ -137,23 +186,40 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            margin-top: 15px;
            text-align: center;
        }
+        .info {
+            color: #666;
+            font-size: 0.85rem;
+            margin-top: 20px;
+            text-align: center;
+        }
    </style>
 </head>
 <body>
    <div class="login-container">
        <h1>管理员登录</h1>
        <form method="post" class="login-form">
+            <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>">
+            
            <div class="form-group">
                <label for="username">用户名</label>
-                <input type="text" id="username" name="username" required placeholder="请输入管理员用户名">
+                <input type="text" id="username" name="username" required placeholder="请输入管理员用户名" autocomplete="username">
            </div>
+            
            <div class="form-group">
                <label for="password">密码</label>
-                <input type="password" id="password" name="password" required placeholder="请输入管理员密码">
+                <input type="password" id="password" name="password" required placeholder="请输入管理员密码" autocomplete="current-password">
            </div>
+            
            <button type="submit" class="btn">登录</button>
+            
            <?php if (!empty($error)): ?>
-                <div class="error"><?php echo $error; ?></div>
+                <div class="error"><?php echo htmlspecialchars($error); ?></div>
+            <?php endif; ?>
+            
+            <?php if ($_SESSION['login_attempts'] >= 3): ?>
+                <div class="info">
+                    剩余尝试次数: <?php echo 5 - $_SESSION['login_attempts']; ?>
+                </div>
            <?php endif; ?>
        </form>
    </div>
--- a/admin/approve.php
+++ b/admin/approve.php
@ -1,11 +1,7 @@
 <?php
-// 管理员审核通过备案申请
-
-// 检查是否已登录
-if (!isset($_COOKIE['admin_logged_in']) || $_COOKIE['admin_logged_in'] !== 'true') {
-    header('Location: admin_login.php');
-    exit;
-}
+session_start();
+require_once '../auth_check.php';
+checkAdminAuth();

 // 检查是否提供了申请ID
 if (!isset($_POST['registration_id'])) {
@ -15,8 +11,11 @@ if (!isset($_POST['registration_id'])) {
 $registrationId = $_POST['registration_id'];
 $reason = $_POST['reason'] ?? '审核通过';

-// 加载配置
+// 正确加载配置
 $config = include '../config.php';
+if (!$config || !is_array($config)) {
+    die('配置文件加载失败');
+}

 // 初始化数据库连接
 require_once '../db_init.php';
--- a/admin/manage_admins.php
+++ b/admin/manage_admins.php
@ -1,12 +1,16 @@
 <?php
-// 管理管理员账户脚本
-// 使用方法: 访问此文件并按照提示操作
+session_start();
+require_once '../auth_check.php';
+checkAdminAuth();

 error_reporting(E_ALL);
 ini_set('display_errors', 1);

-// 加载配置
+// 正确加载配置
 $config = include '../config.php';
+if (!$config || !is_array($config)) {
+    die('配置文件加载失败');
+}

 // 数据库连接函数
 function getDatabaseConnection() {
@ -72,6 +76,10 @@ $message = '';
 $success = false;

 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    // 验证CSRF令牌
+    if (!isset($_POST['csrf_token']) || $_POST['csrf_token'] !== $_SESSION['csrf_token']) {
+        $message = '安全验证失败';
+    } else {
        if (isset($_POST['action'])) {
            switch ($_POST['action']) {
                case 'add':
@ -94,17 +102,25 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {

                case 'delete':
                    $id = (int)$_POST['id'];
+                    // 防止删除自己
+                    if ($id == $_SESSION['admin_id']) {
+                        $message = '不能删除当前登录的管理员账户';
+                    } else {
                        $result = deleteAdmin($pdo, $id);
                        $success = $result['success'];
                        $message = $result['message'];
+                    }
                    break;
            }
        }
+    }
 }

+// 生成CSRF令牌
+$csrf_token = generateCSRFToken();
+
 // 获取所有管理员
 $admins = getAllAdmins($pdo);
-
 ?>
 <!DOCTYPE html>
 <html lang="zh-CN">
@ -244,14 +260,19 @@ $admins = getAllAdmins($pdo);
                    <?php foreach ($admins as $admin): ?>
                        <tr>
                            <td><?php echo $admin['id']; ?></td>
-                            <td><?php echo $admin['username']; ?></td>
+                            <td><?php echo htmlspecialchars($admin['username']); ?></td>
                            <td><?php echo $admin['created_at']; ?></td>
                            <td>
+                                <?php if ($admin['id'] != $_SESSION['admin_id']): ?>
                                    <form method="post" style="display: inline;">
+                                        <input type="hidden" name="csrf_token" value="<?php echo $csrf_token; ?>">
                                        <input type="hidden" name="action" value="delete">
                                        <input type="hidden" name="id" value="<?php echo $admin['id']; ?>">
                                        <button type="submit" class="btn btn-danger" onclick="return confirm('确定要删除这个管理员账户吗？');">删除</button>
                                    </form>
+                                <?php else: ?>
+                                    <span style="color: #999;">当前账户</span>
+                                <?php endif; ?>
                            </td>
                        </tr>
                    <?php endforeach; ?>
@ -262,6 +283,7 @@ $admins = getAllAdmins($pdo);
        <div class="card">
            <h2>添加新管理员</h2>
            <form method="post">
+                <input type="hidden" name="csrf_token" value="<?php echo $csrf_token; ?>">
                <input type="hidden" name="action" value="add">
                <div class="form-group">
                    <label for="username">用户名</label>
--- a/admin/reject.php
+++ b/admin/reject.php
@ -1,11 +1,7 @@
 <?php
-// 管理员拒绝备案申请
-
-// 检查是否已登录
-if (!isset($_COOKIE['admin_logged_in']) || $_COOKIE['admin_logged_in'] !== 'true') {
-    header('Location: admin_login.php');
-    exit;
-}
+session_start();
+require_once '../auth_check.php';
+checkAdminAuth();

 // 检查是否提供了申请ID
 if (!isset($_POST['registration_id'])) {
@ -19,8 +15,11 @@ if (empty($reason)) {
    die('请提供拒绝原因');
 }

-// 加载配置
+// 正确加载配置
 $config = include '../config.php';
+if (!$config || !is_array($config)) {
+    die('配置文件加载失败');
+}

 // 初始化数据库连接
 require_once '../db_init.php';
@ -49,7 +48,7 @@ try {

    // 发送邮件通知
    try {
-        $emailUtils = new EmailUtils($config);
+        $emailUtils = new EmailUtils($pdo);
        $emailUtils->sendRejectionEmail($registration);
    } catch (Exception $e) {
        // 邮件发送失败，记录日志但不影响主流程
--- a/admin/settings.php
+++ b/admin/settings.php
@ -0,0 +1,476 @@
+<?php
+session_start();
+require_once '../auth_check.php';
+checkAdminAuth();
+$csrf_token = generateCSRFToken();
+
+// 加载配置
+$config = include '../config.php';
+
+// 数据库连接函数
+function getDatabaseConnection() {
+    global $config;
+    try {
+        if ($config['database_type'] === 'mysql') {
+            $dsn = "mysql:host={$config['database_config']['host']};port={$config['database_config']['port']};dbname={$config['database_config']['name']};charset=utf8mb4";
+            return new PDO($dsn, $config['database_config']['user'], $config['database_config']['password']);
+        } else if ($config['database_type'] === 'sqlite') {
+            $dsn = "sqlite:{$config['database_config']['path']}";
+            return new PDO($dsn);
+        }
+    } catch (PDOException $e) {
+        die('数据库连接失败: ' . $e->getMessage());
+    }
+}
+
+// 连接数据库
+$pdo = getDatabaseConnection();
+
+// 从数据库获取网站信息
+$stmt = $pdo->query("SELECT name, description FROM site_info LIMIT 1");
+$siteInfo = $stmt->fetch(PDO::FETCH_ASSOC);
+
+// 如果找不到网站信息，使用配置文件中的默认值
+if (!$siteInfo) {
+    $siteInfo = [
+        'name' => $config['site_name'] ?? '二次元网站备案系统',
+        'description' => $config['site_description'] ?? '管理和审核网站备案申请'
+    ];
+}
+
+// 从数据库获取邮件配置
+$stmt = $pdo->query("SELECT * FROM email_config LIMIT 1");
+$emailConfig = $stmt->fetch(PDO::FETCH_ASSOC);
+
+// 如果找不到邮件配置，使用默认值
+if (!$emailConfig) {
+    $emailConfig = [
+        'smtp_host' => '',
+        'smtp_port' => 465,
+        'smtp_username' => '',
+        'smtp_password' => '',
+        'smtp_encryption' => 'ssl',
+        'from_email' => '',
+        'from_name' => $siteInfo['name']
+    ];
+}
+
+// 处理表单提交
+$success = '';
+$errors = [];
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    // 验证CSRF令牌
+    verifyCSRFToken($_POST['csrf_token'] ?? '');
+    
+    // 处理站点设置
+    $siteName = trim($_POST['site_name']);
+    $siteDescription = trim($_POST['site_description']);
+
+    // 处理邮件设置
+    $smtpHost = trim($_POST['smtp_host']);
+    $smtpPort = (int)$_POST['smtp_port'];
+    $smtpUsername = trim($_POST['smtp_username']);
+    $smtpPassword = trim($_POST['smtp_password']);
+    $smtpEncryption = $_POST['smtp_encryption'];
+    $fromEmail = trim($_POST['from_email']);
+    $fromName = trim($_POST['from_name']);
+
+    // 验证必填字段
+    if (empty($siteName)) {
+        $errors[] = '站点名称不能为空';
+    }
+
+    if (empty($smtpHost) || empty($smtpUsername) || empty($smtpPassword) || empty($fromEmail)) {
+        $errors[] = '邮件配置的必填字段不能为空';
+    }
+
+    if (empty($errors)) {
+        try {
+            // 开始事务
+            $pdo->beginTransaction();
+
+            // 更新站点信息
+            if ($siteInfo) {
+                $stmt = $pdo->prepare("UPDATE site_info SET name = ?, description = ?");
+                $stmt->execute([$siteName, $siteDescription]);
+            } else {
+                $stmt = $pdo->prepare("INSERT INTO site_info (name, description) VALUES (?, ?)");
+                $stmt->execute([$siteName, $siteDescription]);
+            }
+
+            // 更新邮件配置
+            if ($emailConfig) {
+                $stmt = $pdo->prepare("UPDATE email_config SET smtp_host = ?, smtp_port = ?, smtp_username = ?, smtp_password = ?, smtp_encryption = ?, from_email = ?, from_name = ?");
+                $stmt->execute([$smtpHost, $smtpPort, $smtpUsername, $smtpPassword, $smtpEncryption, $fromEmail, $fromName]);
+            } else {
+                $stmt = $pdo->prepare("INSERT INTO email_config (smtp_host, smtp_port, smtp_username, smtp_password, smtp_encryption, from_email, from_name) VALUES (?, ?, ?, ?, ?, ?, ?)");
+                $stmt->execute([$smtpHost, $smtpPort, $smtpUsername, $smtpPassword, $smtpEncryption, $fromEmail, $fromName]);
+            }
+
+            // 提交事务
+            $pdo->commit();
+
+            $success = '设置已成功保存';
+
+            // 更新本地变量以反映更改
+            $siteInfo['name'] = $siteName;
+            $siteInfo['description'] = $siteDescription;
+            $emailConfig = [
+                'smtp_host' => $smtpHost,
+                'smtp_port' => $smtpPort,
+                'smtp_username' => $smtpUsername,
+                'smtp_password' => $smtpPassword,
+                'smtp_encryption' => $smtpEncryption,
+                'from_email' => $fromEmail,
+                'from_name' => $fromName
+            ];
+        } catch (PDOException $e) {
+            // 回滚事务
+            $pdo->rollBack();
+            $errors[] = '保存设置失败: ' . $e->getMessage();
+        }
+    }
+}
+
+// 确保email_config表存在
+function ensureEmailConfigTableExists($pdo) {
+    try {
+        // 根据数据库类型选择自增关键字
+        global $config;
+        $auto_increment = ($config['database_type'] === 'mysql') ? 'AUTO_INCREMENT' : 'AUTOINCREMENT';
+        $int_type = ($config['database_type'] === 'mysql') ? 'INT' : 'INTEGER';
+
+        $pdo->exec("CREATE TABLE IF NOT EXISTS email_config (
+            id $int_type PRIMARY KEY $auto_increment,
+            smtp_host VARCHAR(255) NOT NULL,
+            smtp_port INTEGER NOT NULL,
+            smtp_username VARCHAR(255) NOT NULL,
+            smtp_password VARCHAR(255) NOT NULL,
+            smtp_encryption VARCHAR(10) NOT NULL,
+            from_email VARCHAR(255) NOT NULL,
+            from_name VARCHAR(255) NOT NULL,
+            updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+        )");
+    } catch (PDOException $e) {
+        die('创建email_config表失败: ' . $e->getMessage());
+    }
+}
+
+// 确保表存在
+ensureEmailConfigTableExists($pdo);
+?>
+<html lang="zh-CN">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>系统设置 - <?php echo $siteInfo['name']; ?></title>
+    <style>
+        * {
+            margin: 0;
+            padding: 0;
+            box-sizing: border-box;
+        }
+        body {
+            background-color: #f0f2f5;
+            color: #333;
+            line-height: 1.6;
+        }
+        .container {
+            max-width: 800px;
+            margin: 0 auto;
+            padding: 20px;
+        }
+        .header-frosted {
+            position: fixed;
+            top: 0;
+            left: 0;
+            right: 0;
+            background: rgba(255, 255, 255, 0.7);
+            backdrop-filter: blur(10px);
+            -webkit-backdrop-filter: blur(10px);
+            color: #333;
+            padding: 15px 20px;
+            display: flex;
+            justify-content: space-between;
+            align-items: center;
+            box-shadow: 0 2px 10px rgba(0,0,0,0.1);
+            z-index: 1000;
+        }
+        .header-nav {
+            display: flex;
+            gap: 20px;
+        }
+        .header-nav span {
+            cursor: pointer;
+            color: #7873f5;
+            font-weight: bold;
+            transition: color 0.3s ease;
+        }
+        .header-nav span:hover {
+            color: #605acf;
+        }
+        header {
+            background: linear-gradient(135deg, #ff6ec7, #7873f5);
+            color: white;
+            padding: 80px 0 40px;
+            text-align: center;
+            border-radius: 10px;
+            margin-bottom: 30px;
+            box-shadow: 0 4px 12px rgba(0,0,0,0.1);
+            margin-top: 60px;
+        }
+        h1 {
+            font-size: 2rem;
+            margin-bottom: 10px;
+        }
+        .card {
+            background: white;
+            border-radius: 10px;
+            padding: 30px;
+            margin-bottom: 30px;
+            box-shadow: 0 2px 10px rgba(0,0,0,0.05);
+        }
+        h2 {
+            color: #7873f5;
+            margin-bottom: 20px;
+            padding-bottom: 10px;
+            border-bottom: 2px solid #f0f0f0;
+        }
+        .form-group {
+            margin-bottom: 20px;
+        }
+        label {
+            display: block;
+            margin-bottom: 8px;
+            font-weight: bold;
+            color: #555;
+        }
+        input[type="text"],
+        input[type="email"],
+        input[type="password"],
+        textarea,
+        select {
+            width: 100%;
+            padding: 12px;
+            border: 1px solid #ddd;
+            border-radius: 6px;
+            font-size: 1rem;
+            transition: border 0.3s ease;
+        }
+        input[type="text"]:focus,
+        input[type="email"]:focus,
+        input[type="password"]:focus,
+        textarea:focus,
+        select:focus {
+            border-color: #7873f5;
+            outline: none;
+            box-shadow: 0 0 0 3px rgba(120, 115, 245, 0.2);
+        }
+        textarea {
+            height: 150px;
+            resize: vertical;
+        }
+        .btn {
+            display: inline-block;
+            background: #7873f5;
+            color: white;
+            padding: 12px 25px;
+            border-radius: 30px;
+            text-decoration: none;
+            font-weight: bold;
+            transition: background 0.3s ease;
+            border: none;
+            cursor: pointer;
+            font-size: 1rem;
+        }
+        .btn:hover {
+            background: #605acf;
+        }
+        .btn-container {
+            text-align: center;
+            margin-top: 30px;
+        }
+        .back-link {
+            display: inline-block;
+            margin-top: 15px;
+            color: #7873f5;
+            text-decoration: none;
+        }
+        .back-link:hover {
+            text-decoration: underline;
+        }
+        .error {
+            color: #e74c3c;
+            font-size: 0.9rem;
+            margin-top: 5px;
+        }
+        .success {
+            color: #2ecc71;
+            padding: 15px;
+            background: #f1f9f1;
+            border-radius: 6px;
+            margin-bottom: 20px;
+            border-left: 4px solid #2ecc71;
+        }
+        .logout-btn {
+            background: #e74c3c;
+            color: white;
+            border: none;
+            padding: 8px 15px;
+            border-radius: 30px;
+            cursor: pointer;
+            font-weight: bold;
+            transition: background 0.3s ease;
+        }
+        .logout-btn:hover {
+            background: #c0392b;
+        }
+        .tab-container {
+            margin-bottom: 20px;
+        }
+        .tab {
+            display: inline-block;
+            padding: 10px 20px;
+            background: #f0f0f0;
+            border-radius: 5px 5px 0 0;
+            cursor: pointer;
+            font-weight: bold;
+            color: #777;
+            transition: all 0.3s ease;
+        }
+        .tab.active {
+            background: white;
+            color: #7873f5;
+            border-top: 2px solid #7873f5;
+        }
+        .tab-content {
+            display: none;
+            background: white;
+            padding: 20px;
+            border-radius: 0 5px 5px 5px;
+            box-shadow: 0 2px 5px rgba(0,0,0,0.1);
+        }
+        .tab-content.active {
+            display: block;
+        }
+    </style>
+    <script>
+        document.addEventListener('DOMContentLoaded', function() {
+            // 选项卡切换
+            const tabs = document.querySelectorAll('.tab');
+            tabs.forEach(tab => {
+                tab.addEventListener('click', function() {
+                    // 移除所有active类
+                    document.querySelectorAll('.tab').forEach(t => t.classList.remove('active'));
+                    document.querySelectorAll('.tab-content').forEach(c => c.classList.remove('active'));
+
+                    // 添加active类到当前选项卡
+                    this.classList.add('active');
+                    const target = this.getAttribute('data-target');
+                    document.getElementById(target).classList.add('active');
+                });
+            });
+        });
+    </script>
+</head>
+<body>
+    <div class="header-frosted">
+        <h3><?php echo $siteInfo['name']; ?> - 管理员面板</h3>
+        <div class="header-nav">
+            <span onclick="window.location.href='admin_dashboard.php'">控制面板</span>
+            <span onclick="window.location.href='admin_dashboard.php?view=all'">所有备案</span>
+            <span onclick="window.location.href='admin_dashboard.php?view=pending'">待审核备案</span>
+            <span onclick="window.location.href='add_registration.php'">添加备案</span>
+            <span onclick="window.location.href='settings.php'">系统设置</span>
+            <button class="logout-btn" onclick="window.location.href='admin_login.php?action=logout'">退出登录</button>
+        </div>
+    </div>
+    <div class="container">
+        <header>
+            <h1><?php echo $siteInfo['name']; ?> - 系统设置</h1>
+            <p>配置站点信息和邮件设置</p>
+        </header>
+
+        <div class="card">
+            <h2>系统设置</h2>
+
+            <?php if ($success): ?>
+                <div class="success"><?php echo $success; ?></div>
+            <?php endif; ?>
+
+            <?php if (!empty($errors)): ?>
+                <?php foreach ($errors as $error): ?>
+                    <div class="error"><?php echo $error; ?></div>
+                <?php endforeach; ?>
+            <?php endif; ?>
+
+            <div class="tab-container">
+                <div class="tab active" data-target="site-settings">站点设置</div>
+                <div class="tab" data-target="email-settings">邮件设置</div>
+            </div>
+
+            <form method="post">
+                <input type="hidden" name="csrf_token" value="<?php echo $csrf_token; ?>">
+                
+                <div id="site-settings" class="tab-content active">
+                    <div class="form-group">
+                        <label for="site_name">站点名称 *</label>
+                        <input type="text" id="site_name" name="site_name" required value="<?php echo htmlspecialchars($siteInfo['name']); ?>">
+                    </div>
+
+                    <div class="form-group">
+                        <label for="site_description">站点描述</label>
+                        <textarea id="site_description" name="site_description"><?php echo htmlspecialchars($siteInfo['description']); ?></textarea>
+                    </div>
+                </div>
+
+                <div id="email-settings" class="tab-content">
+                    <div class="form-group">
+                        <label for="smtp_host">SMTP 服务器 *</label>
+                        <input type="text" id="smtp_host" name="smtp_host" required value="<?php echo htmlspecialchars($emailConfig['smtp_host']); ?>">
+                    </div>
+
+                    <div class="form-group">
+                        <label for="smtp_port">SMTP 端口 *</label>
+                        <input type="text" id="smtp_port" name="smtp_port" required value="<?php echo htmlspecialchars($emailConfig['smtp_port']); ?>">
+                    </div>
+
+                    <div class="form-group">
+                        <label for="smtp_encryption">加密方式 *</label>
+                        <select id="smtp_encryption" name="smtp_encryption" required>
+                            <option value="ssl" <?php echo $emailConfig['smtp_encryption'] === 'ssl' ? 'selected' : ''; ?>>SSL</option>
+                            <option value="tls" <?php echo $emailConfig['smtp_encryption'] === 'tls' ? 'selected' : ''; ?>>TLS</option>
+                            <option value="none" <?php echo $emailConfig['smtp_encryption'] === 'none' ? 'selected' : ''; ?>>无</option>
+                        </select>
+                    </div>
+
+                    <div class="form-group">
+                        <label for="smtp_username">SMTP 用户名 *</label>
+                        <input type="text" id="smtp_username" name="smtp_username" required value="<?php echo htmlspecialchars($emailConfig['smtp_username']); ?>">
+                    </div>
+
+                    <div class="form-group">
+                        <label for="smtp_password">SMTP 密码 *</label>
+                        <input type="password" id="smtp_password" name="smtp_password" required value="<?php echo htmlspecialchars($emailConfig['smtp_password']); ?>">
+                    </div>
+
+                    <div class="form-group">
+                        <label for="from_email">发件人邮箱 *</label>
+                        <input type="email" id="from_email" name="from_email" required value="<?php echo htmlspecialchars($emailConfig['from_email']); ?>">
+                    </div>
+
+                    <div class="form-group">
+                        <label for="from_name">发件人名称 *</label>
+                        <input type="text" id="from_name" name="from_name" required value="<?php echo htmlspecialchars($emailConfig['from_name']); ?>">
+                    </div>
+                </div>
+
+                <div class="btn-container">
+                    <button type="submit" class="btn">保存设置</button>
+                    <a href="admin_dashboard.php" class="back-link">返回控制面板</a>
+                </div>
+            </form>
+        </div>
+    </div>
+</body>
+</html>
--- a/auth_check.php
+++ b/auth_check.php
@ -0,0 +1,44 @@
+<?php
+// 统一身份验证和安全检查模块
+session_start();
+
+// 验证管理员登录状态
+function checkAdminAuth() {
+    // 检查 session 而不是 cookie
+    if (!isset($_SESSION['admin_logged_in']) || $_SESSION['admin_logged_in'] !== true) {
+        header('Location: /admin/admin_login.php');
+        exit;
+    }
+    
+    // 检查会话超时（1小时）
+    if (isset($_SESSION['last_activity']) && (time() - $_SESSION['last_activity'] > 3600)) {
+        session_unset();
+        session_destroy();
+        header('Location: /admin/admin_login.php?timeout=1');
+        exit;
+    }
+    
+    $_SESSION['last_activity'] = time();
+    
+    // 重新生成会话ID以防止会话固定攻击
+    if (!isset($_SESSION['regenerated'])) {
+        session_regenerate_id(true);
+        $_SESSION['regenerated'] = true;
+    }
+}
+
+// 生成CSRF令牌
+function generateCSRFToken() {
+    if (!isset($_SESSION['csrf_token'])) {
+        $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
+    }
+    return $_SESSION['csrf_token'];
+}
+
+// 验证CSRF令牌
+function verifyCSRFToken($token) {
+    if (!isset($_SESSION['csrf_token']) || $token !== $_SESSION['csrf_token']) {
+        die('CSRF token validation failed');
+    }
+}
+?>
--- a/db_init.php
+++ b/db_init.php
@ -1,9 +1,15 @@
 <?php
 // 数据库初始化脚本
-// 这个脚本用于创建必要的数据库表结构
+// 安全检查：如果系统已安装，禁止访问
+if (file_exists('.installed')) {
+    die('系统已安装。数据库初始化已被禁用。');
+}

-// 加载配置
+// 正确加载配置
 $config = include 'config.php';
+if (!$config || !is_array($config)) {
+    die('配置文件加载失败');
+}

 // 数据库连接函数
 function getDatabaseConnection() {
@ -24,7 +30,6 @@ function getDatabaseConnection() {
 // 连接数据库
 $pdo = getDatabaseConnection();

-// 创建表的SQL语句
 // 根据数据库类型选择合适的自增语法
 $autoIncrement = $config['database_type'] === 'mysql' ? 'AUTO_INCREMENT' : 'AUTOINCREMENT';

@ -68,36 +73,7 @@ try {
    foreach ($queries as $query) {
        $pdo->exec($query);
    }
-
-    // 初始化管理员账户
-    $stmt = $pdo->prepare("SELECT COUNT(*) FROM admins");
-    $stmt->execute();
-    $count = $stmt->fetchColumn();
-
-    if ($count === 0) {
-        // 创建默认管理员账户
-        $username = $config['admin']['username'];
-        $password = $config['admin']['password'];
-        $passwordHash = password_hash($password, PASSWORD_DEFAULT);
-
-        $stmt = $pdo->prepare("INSERT INTO admins (username, password_hash) VALUES (?, ?)");
-        $stmt->execute([$username, $passwordHash]);
-
-        echo "管理员账户已创建！用户名: $username, 密码: $password <br>";
-        echo "请登录后立即修改密码！<br>";
-    }
-
-    // 初始化网站信息
-    $stmt = $pdo->prepare("SELECT COUNT(*) FROM site_info");
-    $stmt->execute();
-    $count = $stmt->fetchColumn();
-
-    if ($count === 0) {
-        $stmt = $pdo->prepare("INSERT INTO site_info (name, description) VALUES (?, ?)");
-        $stmt->execute([$config['site_name'], $config['site_description']]);
-    }
-
-    // 表结构初始化完成
+    echo "数据库表结构初始化完成<br>";
 } catch (PDOException $e) {
    die('创建表结构失败: ' . $e->getMessage());
 }
--- a/index.php
+++ b/index.php
@ -2,14 +2,15 @@
 <?php
 // 检查是否已安装
 if (!file_exists('config.php')) {
-    // 调试信息
-    error_log('index.php: config.php不存在，重定向到install.php');
    header('Location: install.php');
    exit;
 }

-// 加载配置
+// 正确加载配置
 $config = include 'config.php';
+if (!$config || !is_array($config)) {
+    die('配置文件加载失败');
+}
 ?>
 <?php include 'common_header.php'; ?>

@ -29,12 +30,11 @@ $config = include 'config.php';
            line-height: 1.6;
            background-color: #f0f2f5;
        }
-        /* 页眉样式已移至common_header.php */
        .container {
            max-width: 1200px;
            margin: 0 auto;
            padding: 20px;
-            margin-top: 90px; /* 为固定的页眉留出空间 */
+            margin-top: 90px;
        }
        h1 {
            font-size: 2.5rem;
@ -56,18 +56,15 @@ $config = include 'config.php';
            box-shadow: 0 2px 10px rgba(0,0,0,0.05);
            transition: transform 0.3s ease, box-shadow 0.3s ease;
        }
-
        .form-group {
            margin-bottom: 20px;
        }
-
        label {
            display: block;
            margin-bottom: 8px;
            font-weight: bold;
            color: #555;
        }
-
        input[type="text"],
        select {
            width: 100%;
@ -77,14 +74,12 @@ $config = include 'config.php';
            font-size: 1rem;
            transition: border 0.3s ease;
        }
-
        input[type="text"]:focus,
        select:focus {
            border-color: #7873f5;
            outline: none;
            box-shadow: 0 0 0 3px rgba(120, 115, 245, 0.2);
        }
-
        .btn-container {
            text-align: center;
            margin-top: 30px;
@ -152,7 +147,6 @@ $config = include 'config.php';
    </style>
 </head>
 <body>
-
    <div class="container">
        <div class="card">
            <h2>备案查询</h2>
@ -177,8 +171,6 @@ $config = include 'config.php';
                </div>
            </form>
        </div>
-
-        <!-- 页脚已删除 -->
    </div>
 </body>
 </html>
--- a/install.php
+++ b/install.php
@ -1,9 +1,11 @@
 <?php
-// 安装程序
+// 检查是否已安装（通过锁文件）
+if (file_exists('.installed')) {
+    die('系统已安装。如需重新安装，请删除 .installed 文件。');
+}
+
 // 检查是否已安装，允许通过?force=1参数强制进入安装
 if (file_exists('config.php') && (!isset($_GET['force']) || $_GET['force'] !== '1')) {
-    // 调试信息
-    error_log('install.php: config.php存在，重定向到index.php');
    header('Location: index.php');
    exit;
 }
@ -66,7 +68,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {

    // 如果没有错误，创建配置文件
    if (empty($errors)) {
-        // 创建配置文件
        // 生成密码哈希
        $password_hash = password_hash($admin_password, PASSWORD_DEFAULT);

@ -135,11 +136,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $stmt = $pdo->prepare("INSERT INTO site_info (name, description) VALUES (?, ?)");
            $stmt->execute([$site_name, $site_description]);

-            // 创建配置文件内容
+            // 创建配置文件内容（不包含明文密码）
            $config_content = <<<EOT
 <?php
 /**
 * 网站备案系统配置文件
+ * 安装时间: " . date('Y-m-d H:i:s') . "
 */

 return [
@ -170,13 +172,7 @@ EOT;
            $config_content .= <<<EOT
    ],

-    // 管理员账户
-    'admin' => [
-        'username' => '$admin_username',
-        'password' => '$admin_password' // 安装后会自动加密
-    ],
-
-    // 邮件配置
+    // 邮件配置（请在系统设置中配置）
    'email' => [
        'smtp_host' => '',
        'smtp_port' => 465,
@ -196,6 +192,15 @@ EOT;
                    mkdir('data', 0755);
                }

+                // 创建安装锁文件
+                file_put_contents('.installed', date('Y-m-d H:i:s'));
+                
+                // 尝试删除安装文件
+                @unlink(__FILE__);
+                
+                // 如果存在db_init.php，也删除它
+                @unlink('db_init.php');
+
                // 安装完成，显示提示页面
                echo '<!DOCTYPE html>
                <html lang="zh-CN">
@ -239,16 +244,47 @@ EOT;
                        .btn:hover {
                            background-color: #45a049;
                        }
+                        .permissions {
+                            text-align: left;
+                            background: #f9f9f9;
+                            padding: 15px;
+                            border-radius: 5px;
+                            margin: 20px 0;
+                        }
+                        .permissions h3 {
+                            margin-top: 0;
+                        }
+                        .permissions code {
+                            background: #eee;
+                            padding: 2px 5px;
+                            border-radius: 3px;
+                        }
                    </style>
                </head>
                <body>
                    <div class="container">
                        <h1>安装完成！</h1>
                        <div class="warning">
-                        <p>重要安全提示：请立即删除服务器上的 install.php 文件！</p>
-                        <p>该文件包含敏感信息，可能被未授权用户利用。</p>
+                            <p>重要：请立即设置正确的文件权限！</p>
                        </div>
-                    <p>安装已成功完成，您的网站备案系统已准备就绪。</p>
+                        <div class="permissions">
+                            <h3>请在服务器上执行以下命令：</h3>
+                            <p>1. 设置目录权限：</p>
+                            <p><code>chmod 755 /path/to/your/site</code></p>
+                            <p><code>chmod 750 /path/to/your/site/data</code></p>
+                            <p><code>chmod 640 /path/to/your/site/config.php</code></p>
+                            <p><code>chmod 640 /path/to/your/site/.htaccess</code></p>
+                            <p><code>chmod 640 /path/to/your/site/.installed</code></p>
+                            <br>
+                            <p>2. 设置文件所有者（假设Web服务器用户为www-data）：</p>
+                            <p><code>chown -R your-user:www-data /path/to/your/site</code></p>
+                            <br>
+                            <p>3. 如果install.php和db_init.php未自动删除，请手动删除：</p>
+                            <p><code>rm -f /path/to/your/site/install.php</code></p>
+                            <p><code>rm -f /path/to/your/site/db_init.php</code></p>
+                        </div>
+                        <p>管理员账户已创建：<strong>' . htmlspecialchars($admin_username) . '</strong></p>
+                        <p>请妥善保管您的登录凭据。</p>
                        <a href="index.php" class="btn">前往首页</a>
                    </div>
                </body>
@ -278,7 +314,7 @@ EOT;
        }

        body {
-            font-family: \'ZD\', sans-serif;
+            font-family: 'ZD', sans-serif;
            line-height: 1.6;
            color: #333;
            background-color: #f5f5f5;
--- a/register.php
+++ b/register.php
@ -5,8 +5,11 @@ if (!file_exists('config.php')) {
    exit;
 }

-// 加载配置
+// 正确加载配置
 $config = include 'config.php';
+if (!$config || !is_array($config)) {
+    die('配置文件加载失败');
+}

 // 初始化数据库连接
 require_once 'db_init.php';
@ -60,7 +63,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        $errors[] = '网站地址不能为空';
    } else {
        $website = trim($_POST['website_url']);
-        $website = preg_replace('#^https?://#', '', $website); // 统一格式
+        $website = preg_replace('#^https?://#', '', $website);
        $data['website_url'] = $website;
    }

@ -73,11 +76,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {

    // 如果没有错误，保存数据
    if (empty($errors)) {
-        // 生成唯一备案编号 (ICP-年月日-6位ID)
        // 生成8位数字备案编号
        $data['registration_number'] = str_pad(rand(10000000, 99999999), 8, '0', STR_PAD_LEFT);
        $data['created_at'] = date('Y-m-d H:i:s');
-        $data['status'] = 'pending'; // 默认为待审核
+        $data['status'] = 'pending';
        $data['reason'] = '';

        try {
@ -236,7 +238,7 @@ if (!$siteInfo) {
            max-height: 200px;
        }
    }
-    </style>
+</style>
 </head>
 <body>
    <div class="header-content">
@ -305,10 +307,6 @@ if (!$siteInfo) {
            </div>
        </form>
    </div>
-    </div>
-
-    <!-- common_footer.php 文件不存在，已移除引用 -->
-
 </div>
 </body>
 </html>
--- a/search.php
+++ b/search.php
@ -5,8 +5,11 @@ if (!file_exists('config.php')) {
    exit;
 }

-// 加载配置
+// 正确加载配置
 $config = include 'config.php';
+if (!$config || !is_array($config)) {
+    die('配置文件加载失败');
+}
 ?>
 <?php include 'common_header.php'; ?>

@ -168,23 +171,20 @@ $config = include 'config.php';

            <div class="btn-container">
                <button type="submit" class="btn">查询</button>
+                <a href="index.php" class="back-link">返回首页</a>
            </div>
-                <span class="back-link">返回首页</span>
        </form>

        <div class="search-results">
            <?php
-// 加载配置
-$config = include 'config.php';
+            // 设置默认配置值
+            $site_name = $config['site_name'] ?? '网站备案系统';
+            $site_description = $config['site_description'] ?? 'ICP备案管理平台';

-// 设置默认配置值
-$site_name = $config['site_name'] ?? '网站备案系统';
-$site_description = $config['site_description'] ?? 'ICP备案管理平台';
+            // 初始化数据库连接
+            require_once 'db_init.php';

-// 初始化数据库连接
-require_once 'db_init.php';
-
-// 处理查询请求
+            // 处理查询请求
            if (isset($_GET['search_query']) && !empty($_GET['search_query'])) {
                $search_type = $_GET['search_type'];
                $search_query = trim($_GET['search_query']);
@ -252,7 +252,6 @@ require_once 'db_init.php';
            ?>
        </div>
    </div>
-
 </div>
 </body>
 </html>
Author	SHA1	Message	Date
UISNBLOON	c67f0eabfe	Merge pull request #2 from terrified2025/main 修复了容易被黑掉的bug	2025-10-04 09:58:02 +08:00
terrified2025	24b4dd868c	Delete ddd.zip	2025-08-23 00:31:10 +08:00
terrified2025	bc57760643	Add files via upload	2025-08-23 00:26:40 +08:00