update

web/admin/files/__init__.py

@@ -42,23 +42,7 @@ def save_body():
     path = request.form.get('path', '')
     data = request.form.get('data', '')
     encoding = request.form.get('encoding', '')
-    if not os.path.exists(path):
-        return mw.returnData(False, '文件不存在')
-    try:
-        if encoding == 'ascii':
-            encoding = 'utf-8'
-
-        data = data.encode(encoding, errors='ignore').decode(encoding)
-        fp = open(path, 'w+', encoding=encoding)
-        fp.write(data)
-        fp.close()
-
-        if path.find("web_conf") > 0:
-            mw.restartWeb()
-        mw.writeLog('文件管理', '文件[{1}]保存成功', (path,))
-        return mw.returnData(True, '文件保存成功')
-    except Exception as ex:
-        return mw.returnData(False, '文件保存错误:' + str(ex))
+    return file.saveBody(path,data,encoding)
 
 # 获取文件内容(最新行数)
 @blueprint.route('/get_last_body', endpoint='get_file_last_body', methods=['POST'])

web/admin/site/__init__.py

@@ -126,6 +126,14 @@ def get_host_conf():
     host = MwSites.instance().getHostConf(siteName)
     return {'host': host}
 
+# 设置站点配置
+@blueprint.route('/save_host_conf', endpoint='save_host_conf',methods=['POST'])
+@panel_login_required
+def save_host_conf():
+    path = request.form.get('path', '')
+    data = request.form.get('data', '')
+    encoding = request.form.get('encoding', '')
+    return MwSites.instance().saveHostConf(path,data,encoding)
 
 # 获取站点PHP版本
 @blueprint.route('/get_site_php_version', endpoint='get_site_php_version',methods=['POST'])
@@ -204,6 +212,28 @@ def get_rewrite_conf():
     rewrite = MwSites.instance().getRewriteConf(siteName)
     return {'rewrite': rewrite}
 
+# 获取防盗链信息
+@blueprint.route('/get_security', endpoint='get_security',methods=['POST'])
+@panel_login_required
+def get_security():
+    site_id = request.form.get('id', '')
+    return MwSites.instance().getSecurity(site_id)
+
+# 设置防盗链
+@blueprint.route('/set_security', endpoint='set_security',methods=['POST'])
+@panel_login_required
+def set_security():
+    fix = request.form.get('fix', '')
+    domains = request.form.get('domains', '')
+    status = request.form.get('status', '')
+    name = request.form.get('name', '')
+    none = request.form.get('none', '')
+    site_id = request.form.get('id', '')
+    return MwSites.instance().setSecurity(site_id, fix, domains, status, none)
+
+
+
+
 # 设置默认网站信息
 @blueprint.route('/get_default_site', endpoint='get_default_site',methods=['POST'])
 @panel_login_required

web/core/mw.py

@@ -213,6 +213,43 @@ def writeFile(filename, content, mode='w+'):
         return False
 
 
+def backFile(file, act=None):
+    """
+        @name 备份配置文件
+        @param file 需要备份的文件
+        @param act 如果存在，则备份一份作为默认配置
+    """
+    file_type = "_bak"
+    if act:
+        file_type = "_def"
+
+    # print("cp -p {0} {1}".format(file, file + file_type))
+    execShell("cp -p {0} {1}".format(file, file + file_type))
+
+
+def removeBackFile(file, act=None):
+    """
+        @name 删除备份配置文件
+        @param file 需要删除备份文件
+        @param act 如果存在，则还原默认配置
+    """
+    file_type = "_bak"
+    if act:
+        file_type = "_def"
+    execShell("rm -rf {0}".format(file + file_type))
+
+
+def restoreFile(file, act=None):
+    """
+        @name 还原配置文件
+        @param file 需要还原的文件
+        @param act 如果存在，则还原默认配置
+    """
+    file_type = "_bak"
+    if act:
+        file_type = "_def"
+    execShell("cp -p {1} {0}".format(file, file + file_type))
+
 def systemdCfgDir():
     # ubuntu
     cfg_dir = '/lib/systemd/system'

web/utils/file.py

@@ -47,6 +47,25 @@ def getFileBody(path):
         return mw.returnData(False, '文件未正常打开!')
     return mw.returnData(True, 'OK', data)
 
+def saveBody(path, data, encoding):
+    if not os.path.exists(path):
+        return mw.returnData(False, '文件不存在')
+    try:
+        if encoding == 'ascii':
+            encoding = 'utf-8'
+
+        data = data.encode(encoding, errors='ignore').decode(encoding)
+        fp = open(path, 'w+', encoding=encoding)
+        fp.write(data)
+        fp.close()
+
+        if path.find("web_conf") > 0:
+            mw.restartWeb()
+        mw.writeLog('文件管理', '文件[{1}]保存成功', (path,))
+        return mw.returnData(True, '文件保存成功')
+    except Exception as ex:
+        return mw.returnData(False, '文件保存错误:' + str(ex))
+
 # 获取文件权限描述
 def getFileStatsDesc(
     filename: str | None = None,

web/utils/site.py

@@ -94,6 +94,21 @@ class sites(object):
     def getHostConf(self, siteName):
         return self.vhostPath + '/' + siteName + '.conf'
 
+    def saveHostConf(self, path, data, encoding):
+        import utils.file as file
+        mw.backFile(path)
+        rdata = file.saveBody(path, data, encoding)
+
+        if rdata['status']:
+            isError = mw.checkWebConfig()
+            if isError != True:
+                mw.restoreFile(path)
+                msg = 'ERROR: 检测到配置文件有错误,请先排除后再操作<br><br><a style="color:red;">' + isError.replace("\n", '<br>') + '</a>'
+                return mw.returnData(False, msg)
+            mw.restartWeb()
+            mw.removeBackFile(path)
+        return rdata
+
     def getRewriteConf(self, siteName):
         return self.rewritePath + '/' + siteName + '.conf'
 
@@ -294,6 +309,89 @@ class sites(object):
         rewriteList['rewrite'] = sorted(rewriteList['rewrite'])
         return rewriteList
 
+    def getSecurity(self, site_id):
+        info = thisdb.getSitesById(site_id)
+        name = info['name']
+        filename = self.getHostConf(name)
+        conf = mw.readFile(filename)
+        data = {}
+        if conf.find('SECURITY-START') != -1:
+            rep = "#SECURITY-START(\n|.){1,500}#SECURITY-END"
+            tmp = re.search(rep, conf).group()
+            data['fix'] = re.search(r"\(.+\)\$", tmp).group().replace('(', '').replace(')$', '').replace('|', ',')
+
+            data['status'] = False
+            data['none'] = False
+
+            valid_referers = re.search(
+                r"valid_referers\s+(.+);\n", tmp)
+            valid_referers_none = re.search(
+                r"valid_referers\s+none\s+blocked\s+(.+);\n", tmp)
+
+            if valid_referers or valid_referers_none:
+                data['status'] = True
+
+            if valid_referers_none:
+                domain_t = valid_referers_none.groups()[0].split()
+                data['domains'] = ','.join(domain_t)
+                data['none'] = True
+            elif valid_referers:
+                domain_t = valid_referers.groups()[0].split()
+                data['domains'] = ','.join(domain_t)
+                data['none'] = False
+        else:
+            data['fix'] = 'gif|jpg|jpeg|png|bmp|swf|js|css|ttf|woff2'
+            domains = thisdb.getDomainByPid(site_id)
+            tmp = []
+            for domain in domains:
+                tmp.append(domain['name'])
+            data['domains'] = ','.join(tmp)
+            data['status'] = False
+            data['none'] = False
+        return data
+
+    def setSecurity(self, site_id, fix, domains, status, none=''):
+        info = thisdb.getSitesById(site_id)
+        name = info['name']
+
+        if len(fix) < 2:
+            return mw.returnData(False, 'URL后缀不能为空!')
+
+        file = self.getHostConf(name)
+        if os.path.exists(file):
+            conf = mw.readFile(file)
+            if status == 'false':
+                rep = r"\s{0,4}#SECURITY-START(\n|.){1,500}#SECURITY-END\n?"
+                conf = re.sub(rep, '', conf)
+                mw.writeLog('网站管理', '站点[' + name + ']已关闭防盗链设置!')
+            else:
+                rep = r"\s{0,4}#SECURITY-START(\n|.){1,500}#SECURITY-END\n?"
+                conf = re.sub(rep, '', conf)
+
+                valid_referers = domains.strip().replace(',', ' ')
+                if none == 'true':
+                    valid_referers = 'none blocked ' + valid_referers
+
+                pre_path = self.setupPath + "/php/conf"
+                re_path = r"include\s+" + pre_path + "/enable-php-"
+                rconf = r'''#SECURITY-START 防盗链配置
+    location ~ .*\.(%s)$
+    {
+        expires      30d;
+        access_log /dev/null;
+        valid_referers %s;
+        if ($invalid_referer){
+           return 404;
+        }
+    }
+    #SECURITY-END
+    include %s/enable-php-''' % (fix.strip().replace(',', '|'), valid_referers, pre_path)
+                conf = re.sub(re_path, rconf, conf)
+                mw.writeLog('网站管理', '站点[' + name + ']已开启防盗链!')
+            mw.writeFile(file, conf)
+        mw.restartWeb()
+        return mw.returnData(True, '设置成功!')
+
     def getSitePhpVersion(self, siteName):
         conf = mw.readFile(self.getHostConf(siteName))
         rep = r"enable-php-(.*)\.conf"