update

plugins/openresty/index.py

@@ -10,8 +10,9 @@ import re
 
 
 web_dir = os.getcwd() + "/web"
-sys.path.append(web_dir)
-os.chdir(web_dir)
+if os.path.exists(web_dir):
+    sys.path.append(web_dir)
+    os.chdir(web_dir)
 
 import core.mw as mw
 
@@ -132,7 +133,7 @@ def checkAuthEq(file, owner='root'):
 
 
 def confReplace():
-    service_path = os.path.dirname(os.getcwd())
+    service_path = mw.getServerDir()
     content = mw.readFile(getConfTpl())
     content = content.replace('{$SERVER_PATH}', service_path)
 

web/admin/files/__init__.py

@@ -82,6 +82,14 @@ def get_dir():
     dir_list['page'] = mw.getPage({'p':page, 'row': row, 'tojs':'getFiles', 'count': dir_list['count']}, '1,2,3,4,5,6,7,8')
     return dir_list
 
+# 创建目录
+@blueprint.route('/create_dir', endpoint='create_dir', methods=['POST'])
+@panel_login_required
+def create_dir():
+    path = request.form.get('path', '')
+    return file.createDir(path)
+
+
 # 获取站点日志目录
 @blueprint.route('/get_dir_size', endpoint='get_dir_size', methods=['POST'])
 @panel_login_required

web/admin/site/php.py

@@ -0,0 +1,59 @@
+# coding:utf-8
+
+# ---------------------------------------------------------------------------------
+# MW-Linux面板
+# ---------------------------------------------------------------------------------
+# copyright (c) 2018-∞(https://github.com/midoks/mdserver-web) All rights reserved.
+# ---------------------------------------------------------------------------------
+# Author: midoks <midoks@163.com>
+# ---------------------------------------------------------------------------------
+
+import os
+import json
+
+from flask import Blueprint, render_template
+from flask import request
+
+from admin.user_login_check import panel_login_required
+
+from utils.plugin import plugin as MwPlugin
+from utils.site import sites as MwSites
+import utils.site as site
+import core.mw as mw
+import thisdb
+
+from .site import blueprint
+
+@blueprint.route('/get_cli_php_version', endpoint='get_cli_php_version',methods=['POST'])
+@panel_login_required
+def get_cli_php_version():
+    php_dir = mw.getServerDir() + '/php'
+    if not os.path.exists(php_dir):
+        return mw.returnData(False, '未安装PHP,无法设置')
+
+    php_bin = '/usr/bin/php'
+    php_versions = MwSites.instance().getPhpVersion()
+    php_versions = php_versions[1:]
+
+    if len(php_versions) < 1:
+        return mw.returnData(False, '未安装PHP,无法设置')
+
+    if os.path.exists(php_bin) and os.path.islink(php_bin):
+        link_re = os.readlink(php_bin)
+        for v in php_versions:
+            if link_re.find(v['version']) != -1:
+                return mw.returnData({"select": v, "versions": php_versions})
+
+    return {"select": php_versions[0],"versions": php_versions}
+
+@blueprint.route('/set_cli_php_version', endpoint='set_cli_php_version',methods=['POST'])
+@panel_login_required
+def set_cli_php_version():
+    if mw.isAppleSystem():
+        return mw.returnData(False, "开发机不可设置!")
+    version = request.form.get('version', '')
+    return MwSites.instance().setCliPhpVersion(version)
+
+
+
+

web/admin/site/site.py

@@ -167,7 +167,6 @@ def check_web_status():
 def get_php_version():
     return MwSites.instance().getPhpVersion()
 
-
 # 设置网站到期
 @blueprint.route('/set_end_date', endpoint='set_end_date',methods=['POST'])
 @panel_login_required
@@ -206,6 +205,71 @@ def get_rewrite_conf():
     rewrite = MwSites.instance().getRewriteConf(siteName)
     return {'rewrite': rewrite}
 
+# 获取Rewrite模版名
+@blueprint.route('/get_rewrite_tpl', endpoint='get_rewrite_tpl',methods=['POST'])
+@panel_login_required
+def get_php_version():
+    tplname = request.form.get('tplname', '')
+    return MwSites.instance().getRewriteTpl(tplname)
+
+# 获取网站目录
+@blueprint.route('/get_dir_user_ini', endpoint='get_dir_user_ini',methods=['POST'])
+@panel_login_required
+def get_dir_user_ini():
+    site_id = request.form.get('id', '')
+    return MwSites.instance().getDirUserIni(site_id)
+
+# 设置防跨站攻击
+@blueprint.route('/set_dir_user_ini', endpoint='set_dir_user_ini',methods=['POST'])
+@panel_login_required
+def set_dir_user_ini():
+    path = request.form.get('path', '')
+    run_path = request.form.get('run_path', '')
+    return MwSites.instance().setDirUserIni(path,run_path)
+
+# 网站日志开关
+@blueprint.route('/logs_open', endpoint='logs_open',methods=['POST'])
+@panel_login_required
+def logs_open():
+    site_id = request.form.get('id', '')
+    return MwSites.instance().logsOpen(site_id)
+
+# 设置网站路径
+@blueprint.route('/set_path', endpoint='set_path',methods=['POST'])
+@panel_login_required
+def set_path():
+    site_id = request.form.get('id', '')
+    path = request.form.get('path', '')
+    return MwSites.instance().setSitePath(site_id, path)
+
+
+# 设置网站路径
+@blueprint.route('/set_site_run_path', endpoint='set_site_run_path',methods=['POST'])
+@panel_login_required
+def set_site_run_path():
+    site_id = request.form.get('id', '')
+    run_path = request.form.get('run_path', '')
+    return MwSites.instance().setSiteRunPath(site_id, run_path)
+
+
+
+
+# 设置网站 - 开启密码访问
+@blueprint.route('/set_has_pwd', endpoint='set_has_pwd',methods=['POST'])
+@panel_login_required
+def set_has_pwd():
+    site_id = request.form.get('id', '')
+    username = request.form.get('username', '')
+    password = request.form.get('password', '')
+    return MwSites.instance().setHasPwd(site_id, username, password)
+
+# 设置网站 - 关闭密码访问
+@blueprint.route('/close_has_pwd', endpoint='close_has_pwd',methods=['POST'])
+@panel_login_required
+def close_has_pwd():
+    site_id = request.form.get('id', '')
+    return MwSites.instance().closeHasPwd(site_id)
+
 # 获取防盗链信息
 @blueprint.route('/get_security', endpoint='get_security',methods=['POST'])
 @panel_login_required
@@ -239,34 +303,4 @@ def set_default_site():
     name = request.form.get('name', '')
     return MwSites.instance().setDefaultSite(name)
 
-@blueprint.route('/get_cli_php_version', endpoint='get_cli_php_version',methods=['POST'])
-@panel_login_required
-def get_cli_php_version():
-    php_dir = mw.getServerDir() + '/php'
-    if not os.path.exists(php_dir):
-        return mw.returnData(False, '未安装PHP,无法设置')
-
-    php_bin = '/usr/bin/php'
-    php_versions = MwSites.instance().getPhpVersion()
-    php_versions = php_versions[1:]
-
-    if len(php_versions) < 1:
-        return mw.returnData(False, '未安装PHP,无法设置')
-
-    if os.path.exists(php_bin) and os.path.islink(php_bin):
-        link_re = os.readlink(php_bin)
-        for v in php_versions:
-            if link_re.find(v['version']) != -1:
-                return mw.returnData({"select": v, "versions": php_versions})
-
-    return {"select": php_versions[0],"versions": php_versions}
-
-@blueprint.route('/set_cli_php_version', endpoint='set_cli_php_version',methods=['POST'])
-@panel_login_required
-def set_cli_php_version():
-    if mw.isAppleSystem():
-        return mw.returnData(False, "开发机不可设置!")
-    version = request.form.get('version', '')
-    return MwSites.instance().setCliPhpVersion(version)
-
 

web/admin/site/site_types.py

@@ -52,7 +52,7 @@ def remove_site_type():
     mw.M("sites").where("type_id=?", (site_type_id,)).save("type_id", (0,))
     return mw.returnData(True, "分类已删除!")
 
-# 添加网站分类
+# 修改网站分类
 @blueprint.route('/modify_site_type_name', endpoint='modify_site_type_name',methods=['POST'])
 @panel_login_required
 def modify_site_type_name():
@@ -67,7 +67,7 @@ def modify_site_type_name():
     mw.M('site_types').where('id=?', (site_type_id,)).setField('name', name)
     return mw.returnData(True, "修改成功!")
 
-# 添加网站分类
+# 设置网站分类
 @blueprint.route('/set_site_type', endpoint='set_site_type',methods=['POST'])
 @panel_login_required
 def set_site_type():

web/core/mw.py

@@ -288,7 +288,11 @@ def md5(content):
     except Exception as ex:
         return False
 
-
+def hasPwd(password):
+    # 加密密码字符
+    import crypt
+    return crypt.crypt(password, password)
+    
 def getFileMd5(filename):
     # 文件的MD5值
     if not os.path.isfile(filename):

web/static/app/site.js

@@ -351,30 +351,30 @@ function webAddPage(type) {
 
 //修改网站目录
 function webPathEdit(id){
-	$.post('/site/get_dir_user_ini','&id='+id, function(data){
-		var userini = data['data'];
-		var webpath = userini['path'];
-		var siteName = userini['name'];
-		var runPath = userini['runPath']['runPath'];
-		var userinicheckeds = userini.userini?'checked':'';
-		var logscheckeds = userini.logs?'checked':'';
-		var opt = ''
+	$.post('/site/get_dir_user_ini','id='+id, function(data){
+		var data = data['data'];
+		var site_path = data['path'];
+		var site_name = data['name'];
+		var run_path = data['run_path']['run_path'];
+		var user_ini_checked = data.user_ini?'checked':'';
+		var logs_checked = data.logs?'checked':'';
+		var opt = '';
 		var selected = '';
-		for(var i=0;i<userini.runPath.dirs.length;i++){
+		for(var i=0;i<data.run_path.dirs.length;i++){
 			selected = '';
-			if(userini.runPath.dirs[i] == userini.runPath.runPath){ 
+			if(data.run_path.dirs[i] == data.run_path.path){ 
 				selected = 'selected';
 			}
-			opt += '<option value="'+ userini.runPath.dirs[i] +'" '+selected+'>'+ userini.runPath.dirs[i] +'</option>'
+			opt += '<option value="'+ data.run_path.dirs[i] +'" '+selected+'>'+ data.run_path.dirs[i] +'</option>';
 		}
-		var webPathHtml = "<div class='webedit-box soft-man-con'>\
+		var content = "<div class='webedit-box soft-man-con'>\
 					<div class='label-input-group ptb10'>\
-						<input type='checkbox' name='userini' id='userini'"+userinicheckeds+" /><label class='mr20' for='userini' style='font-weight:normal'>防跨站攻击(open_basedir)</label>\
-						<input type='checkbox' name='logs' id='logs'"+logscheckeds+" /><label for='logs' style='font-weight:normal'>写访问日志</label>\
+						<input type='checkbox' name='userini' id='userini'"+user_ini_checked+" /><label class='mr20' for='userini' style='font-weight:normal'>防跨站攻击(open_basedir)</label>\
+						<input type='checkbox' name='logs' id='logs'"+logs_checked+" /><label for='logs' style='font-weight:normal'>写访问日志</label>\
 					</div>\
 					<div class='line mt10'>\
 						<span class='mr5'>网站目录</span>\
-						<input class='bt-input-text mr5' type='text' style='width:50%' placeholder='网站根目录' value='"+webpath+"' name='webdir' id='inputPath'>\
+						<input class='bt-input-text mr5' type='text' style='width:50%' placeholder='网站根目录' value='"+site_path+"' name='webdir' id='inputPath'>\
 						<span onclick='changePath(&quot;inputPath&quot;)' class='glyphicon glyphicon-folder-open cursor mr20'></span>\
 						<button class='btn btn-success btn-sm' onclick='setSitePath("+id+")'>保存</button>\
 					</div>\
@@ -389,11 +389,11 @@ function webPathEdit(id){
 					</ul>"
 					+'<div class="user_pw_tit" style="margin-top: -8px;padding-top: 11px;">'
 						+'<span class="tit">密码访问</span>'
-						+'<span class="btswitch-p"><input '+(userini.pass?'checked':'')+' class="btswitch btswitch-ios" id="pathSafe" type="checkbox">'
+						+'<span class="btswitch-p"><input '+(data.pass?'checked':'')+' class="btswitch btswitch-ios" id="pathSafe" type="checkbox">'
 							+'<label class="btswitch-btn phpmyadmin-btn" for="pathSafe" onclick="pathSafe('+id+')"></label>'
 						+'</span>'
 					+'</div>'
-					+'<div class="user_pw" style="margin-top: 10px;display:'+(userini.pass?'block;':'none;')+'">'
+					+'<div class="user_pw" style="margin-top: 10px;display:'+(data.pass?'block;':'none;')+'">'
 						+'<p><span>授权账号</span><input id="username_get" class="bt-input-text" name="username_get" value="" type="text" placeholder="不修改请留空"></p>'
 						+'<p><span>访问密码</span><input id="password_get_1" class="bt-input-text" name="password_get_1" value="" type="password" placeholder="不修改请留空"></p>'
 						+'<p><span>重复密码</span><input id="password_get_2" class="bt-input-text" name="password_get_1" value="" type="password" placeholder="不修改请留空"></p>'
@@ -401,14 +401,11 @@ function webPathEdit(id){
 					+'</div>'
 				+'</div>';
 
-		$("#webedit-con").html(webPathHtml);		
+		$("#webedit-con").html(content);		
 		$("#userini").change(function(){
-			$.post('/site/set_dir_user_ini',{
-				'path':webpath,
-				'runPath':runPath,
-			},function(userini){
-				layer.msg(userini.msg+'<p style="color:red;">注意：设置防跨站需要重启PHP才能生效!</p>',{icon:userini.status?1:2});
-				tryRestartPHP(siteName);
+			$.post('/site/set_dir_user_ini',{'path':site_path,'run_path':run_path,},function(userini){
+				layer.msg(data.msg+'<p style="color:red;">注意：设置防跨站需要重启PHP才能生效!</p>',{icon:data.status?1:2});
+				tryRestartPHP(site_name);
 			},'json');
 		});
 		
@@ -458,10 +455,9 @@ function setPathSafe(id){
 function setSiteRunPath(id){
 	var NewPath = $("#runPath").val();
 	var loadT = layer.msg(lan.public.the,{icon:16,time:10000,shade: [0.3, '#000']});
-	$.post('/site/set_site_run_path','id='+id+'&runPath='+NewPath,function(rdata){
+	$.post('/site/set_site_run_path','id='+id+'&run_path='+NewPath,function(rdata){
 		layer.close(loadT);
-		var ico = rdata.status?1:2;
-		layer.msg(rdata.msg,{icon:ico});
+		layer.msg(rdata.msg,{icon:rdata.status?1:2});
 	},'json');
 }
 
@@ -2898,7 +2894,7 @@ function tryRestartPHP(siteName){
 		var phpversion = data.phpversion;
 
 		if (phpversion == "00"){
-			return
+			return;
 		}
 		
 		var php_sign = 'php';
@@ -2915,11 +2911,10 @@ function tryRestartPHP(siteName){
 		var reqData = {name: php_sign, func:'restart'}
 		reqData['version'] = phpversion;
 
-		// console.log(reqData);
 		var loadT = layer.msg('尝试自动重启PHP['+phpversion+']...', { icon: 16, time: 0, shade: 0.3 });
 		$.post('/plugins/run', reqData, function(data) {
 			layer.close(loadT);
-	        layer.msg(data.msg,{icon:data.status?1:2,time:3000,shade: [0.3, '#000']});
+	        layer.msg( 'PHP['+phpversion+']'+(data.status?'重启成功!':'重启失败!'),{icon:data.status?1:2,time:3000,shade: [0.3, '#000']});
 	    },'json');
 	},'json');
 }

web/thisdb/site_types.py

@@ -12,6 +12,15 @@ __FIELD = 'id,name'
 
 import core.mw as mw
 
+def addSiteTypes(name):
+    return mw.M('site_types').add("name", (name,))
+
+def getSiteTypesCount():
+    return mw.M('site_types').count()
+
+def getSiteTypesCountByName(name):
+    return mw.M('site_types').where('name=?', (name,)).count()
+
 def getSiteTypesList():
     # .debug(True)
     return mw.M('site_types').field(__FIELD).order("id asc").select()

web/thisdb/sites.py

@@ -78,6 +78,7 @@ def deleteSitesById(site_id):
 def setSitesData(site_id,
     edate: str | None = None,
     ps: str | None = None,
+    path: str | None = None,
 ):
     update_data = {}
     if edate is not None:
@@ -85,5 +86,8 @@ def setSitesData(site_id,
     if ps is not None:
         update_data['ps'] = ps
 
+    if path is not None:
+        update_data['path'] = path
+
     return mw.M('sites').where('id=?',(site_id,)).update(update_data)
 

web/utils/file.py

@@ -17,6 +17,61 @@ from admin import model
 import core.mw as mw
 import thisdb
 
+def setFileAccept(filename):
+    auth = 'www:www'
+    if mw.getOs() == 'darwin':
+        user = mw.execShell("who | sed -n '2, 1p' |awk '{print $1}'")[0].strip()
+        auth = user + ':staff'
+    os.system('chown -R ' + auth + ' ' + filename)
+    os.system('chmod -R 755 ' + filename)
+
+def createDir(path):
+    try:
+        if not checkFileName(path):
+            return mw.returnData(False, '目录名中不能包含特殊字符!')
+        if os.path.exists(path):
+            return mw.returnData(False, '指定目录已存在!')
+        os.makedirs(path)
+        setFileAccept(path)
+        msg = mw.getInfo('创建目录[{1}]成功!', (path,))
+        mw.writeLog('文件管理', msg)
+        return mw.returnData(True, '目录创建成功!')
+    except Exception as e:
+        print(e)
+        return mw.returnData(False, '目录创建失败!')
+
+# 检查敏感目录
+def checkDir(path):
+    path = path.replace('//', '/')
+    if path[-1:] == '/':
+        path = path[:-1]
+
+    sense_dir = ('',
+        '/',
+        '/*',
+        '/www',
+        '/root',
+        '/boot',
+        '/bin',
+        '/etc',
+        '/home',
+        '/dev',
+        '/sbin',
+        '/var',
+        '/usr',
+        '/tmp',
+        '/sys',
+        '/proc',
+        '/media',
+        '/mnt',
+        '/opt',
+        '/lib',
+        '/srv',
+        '/selinux',
+        '/www/server',
+        mw.getRootDir())
+    return not path in sense_dir
+
 def getFileBody(path):
     if not os.path.exists(path):
         return mw.returnData(False, '文件不存在', (path,))

web/utils/site.py

@@ -187,7 +187,7 @@ class sites(object):
         return mw.returnData(True, '添加成功')
 
 
-    def deleteWSLogs(self, webname):
+    def deleteALlLogs(self, webname):
         assLogPath = mw.getLogsDir() + '/' + webname + '.log'
         errLogPath = mw.getLogsDir() + '/' + webname + '.error.log'
         confFile = self.setupPath + '/nginx/vhost/' + webname + '.conf'
@@ -216,13 +216,12 @@ class sites(object):
 
     def delete(self, site_id, path):
         info = thisdb.getSitesById(site_id)
-        print(info)
         webname = info['name']
-        self.deleteWSLogs(webname)
+        self.deleteALlLogs(webname)
 
         if path == '1':
-            rootPath = mw.getWwwDir() + '/' + webname
-            mw.execShell('rm -rf ' + rootPath)
+            web_root_path = mw.getWwwDir() + '/' + webname
+            mw.execShell('rm -rf ' + web_root_path)
 
         # ssl
         ssl_dir = self.sslDir + '/' + webname
@@ -243,13 +242,13 @@ class sites(object):
         binding_list = thisdb.getBindingListBySiteId(site_id)
         for x in binding_list:
             tag = mw.getLogsDir() + "/" + webname + "_" + x['domain']
-            wlog = tag + ".log"
-            wlog_error = tag + ".error.log"
+            site_log = tag + ".log"
+            site_error = tag + ".error.log"
 
-            if os.path.exists(wlog):
-                mw.execShell('rm -rf ' + wlog)
-            if os.path.exists(wlog_error):
-                mw.execShell('rm -rf ' + wlog_error)
+            if os.path.exists(site_log):
+                mw.execShell('rm -rf ' + site_log)
+            if os.path.exists(site_error):
+                mw.execShell('rm -rf ' + site_error)
 
         thisdb.deleteBindingBySiteId(site_id)
         mw.restartWeb()
@@ -274,6 +273,22 @@ class sites(object):
         content = content.replace('{$LOGPATH}', logsPath)
         mw.writeFile(vhost_file, content)
 
+        # 和反代配置冲突 && 默认伪静态为空
+#         rewrite_content = '''
+# location /{
+#     if ($PHP_ENV != "1"){
+#         break;
+#     }
+
+#     if (!-e $request_filename) {
+#        rewrite  ^(.*)$  /index.php/$1  last;
+#        break;
+#     }
+# }
+# '''
+        rewrite_file = self.getRewriteConf(self.siteName)
+        mw.writeFile(rewrite_file, '')
+
     # 设置网站过期
     def setEndDate(self, site_id, end_date):
         info = thisdb.getSitesById(site_id)
@@ -299,6 +314,13 @@ class sites(object):
         data =  thisdb.getDomainByPid(pid)
         return data
 
+    # 获取模版名内容
+    def getRewriteTpl(self, tplname):
+        file = mw.getPanelDir() + '/rewrite/nginx/' + tplname + '.conf'
+        if not os.path.exists(file):
+            return mw.returnData(False, '模版不存在!')
+        return mw.returnData(True, 'OK', file)
+
     def getRewriteList(self):
         rewriteList = {}
         rewriteList['rewrite'] = []
@@ -309,6 +331,237 @@ class sites(object):
         rewriteList['rewrite'] = sorted(rewriteList['rewrite'])
         return rewriteList
 
+    # 取日志状态
+    def getLogsStatus(self, siteName):
+        filename = self.getHostConf(siteName)
+        conf = mw.readFile(filename)
+        if conf.find('#ErrorLog') != -1:
+            return False
+        if conf.find("access_log  off") != -1:
+            return False
+        return True
+
+    # 取目录加密状态
+    def getHasPwd(self, siteName):
+        filename = self.getHostConf(siteName)
+        conf = mw.readFile(filename)
+        if conf.find('#AUTH_START') != -1:
+            return True
+        return False
+
+    # 取当站点前运行目录
+    def getSiteRunPath(self, site_name, site_path):
+        filename = self.getHostConf(site_name)
+        if os.path.exists(filename):
+            conf = mw.readFile(filename)
+            rep = r'\s*root\s*(.+);'
+            path = re.search(rep, conf).groups()[0]
+
+        data = {}
+        if site_path == path:
+            data['path'] = '/'
+        else:
+            data['path'] = path.replace(site_path, '')
+
+        dirnames = []
+        dirnames.append('/')
+        for filename in os.listdir(site_path):
+            try:
+                file_path = site_path + '/' + filename
+                if os.path.islink(file_path):
+                    continue
+                if os.path.isdir(file_path):
+                    dirnames.append('/' + filename)
+            except:
+                pass
+
+        data['dirs'] = dirnames
+        return data
+
+    def getDirUserIni(self, site_id):
+
+        info = thisdb.getSitesById(site_id)
+
+        path = info['path']
+        name = info['name']
+        data = {}
+        data['logs'] = self.getLogsStatus(name)
+        data['run_path'] = self.getSiteRunPath(name, path)
+
+        data['user_ini'] = False
+        if os.path.exists(path + '/.user.ini'):
+            data['user_ini'] = True
+
+        if data['run_path']['path'] != '/':
+            user_ini = path + data['run_path']['path'] + '/.user.ini'
+            if os.path.exists(user_ini):
+                data['userini'] = True
+
+        data['pass'] = self.getHasPwd(name)
+        data['path'] = path
+        data['name'] = name
+        return mw.returnData(True, 'OK', data)
+
+    # 清除多余user.ini
+    def delUserInI(self, path, up=0):
+        filename = path + '/.user.ini'
+        if os.path.exists(filename):
+            mw.execShell("which chattr && chattr -i " + filename)
+            os.remove(filename)
+        
+        for f in os.listdir(path):
+            try:
+                npath = path + '/' + f
+                if os.path.isdir(npath):
+                    if up < 100:
+                        self.delUserInI(npath, up + 1)
+
+                user_ini = npath + '/.user.ini'
+                print('ff:',user_ini)
+                if not os.path.exists(user_ini):
+                    continue
+                mw.execShell('which chattr && chattr -i ' + user_ini)
+                os.remove(user_ini)
+            except:
+                continue
+        return True
+
+
+    # 设置目录防御
+    def addDirUserIni(self, site_path, run_path):
+        new_path = site_path + run_path
+        filename = new_path + '/.user.ini'
+        if os.path.exists(filename):
+            return mw.returnData(True, '已打开防跨站设置!')
+
+        open_path = 'open_basedir={}/:{}/'.format(new_path, site_path)
+        if run_path == '/' or run_path == '':
+            open_path = 'open_basedir={}/'.format(site_path)
+
+        mw.writeFile(filename, open_path + ':/www/server/php:/tmp/:/proc/')
+        mw.execShell("which chattr && chattr +i " + filename)
+
+    def setDirUserIni(self, site_path, run_path):
+        filename = site_path + '/.user.ini'
+        if os.path.exists(filename):
+            self.delUserInI(site_path)
+            return mw.returnData(True, '已清除防跨站设置!')
+        self.addDirUserIni(site_path, run_path)
+        return mw.returnData(True, '已打开防跨站设置!')
+
+    def logsOpen(self, site_id):
+        info = thisdb.getSitesById(site_id)
+        name = info['name']
+
+        filename = self.getHostConf(name)
+        if os.path.exists(filename):
+            conf = mw.readFile(filename)
+            rep = self.logsPath + '/' + name + '.log'
+            if conf.find(rep) != -1:
+                conf = conf.replace(rep + ' main', 'off')
+            else:
+                conf = conf.replace('access_log  off', 'access_log  ' + rep + ' main')
+            mw.writeFile(filename, conf)
+
+        mw.restartWeb()
+        return mw.returnData(True, '操作成功!')
+
+    def setSitePath(self, site_id, path):
+        path = self.getPath(path)
+        if path == "" or site_id == '0':
+            return mw.returnData(False,  "目录不能为空!")
+
+        import utils.file as file
+        if not file.checkDir(path):
+            return mw.returnData(False,  "不能以系统关键目录作为站点目录")
+
+        info = thisdb.getSitesById(site_id)
+        if info['path'] == path:
+            return mw.returnData(False,  "与原路径一致，无需修改!")
+        conf_file = self.getHostConf(info['name'])
+        content = mw.readFile(conf_file)
+        if content:
+            content = content.replace(info['path'], path)
+            mw.writeFile(file, content)
+
+        thisdb.setSitesData(site_id, path=path)
+        msg = mw.getInfo('修改网站[{1}]物理路径成功!', (info['name'],))
+        mw.writeLog('网站管理', msg)
+        mw.restartWeb()
+        return mw.returnData(True,  "设置成功!")
+
+    # 设置当前站点运行目录
+    def setSiteRunPath(self, site_id, run_path):
+        info = thisdb.getSitesById(site_id)
+        site_name = info['name']
+        site_path = info['path']
+
+        new_path = site_path + run_path
+
+        # 处理Nginx
+        filename = self.getHostConf(site_name)
+        if os.path.exists(filename):
+            conf = mw.readFile(filename)
+            rep = r'\s*root\s*(.+);'
+            path = re.search(rep, conf).groups()[0]
+            conf = conf.replace(path, new_path)
+            mw.writeFile(filename, conf)
+
+        self.setSitePath(site_path, run_path)
+        mw.restartWeb()
+        return mw.returnData(True, '设置成功!')
+
+    # 设置目录加密
+    def setHasPwd(self, site_id, username, password):
+        if len(username.strip()) == 0 or len(password.strip()) == 0:
+            return mw.returnData(False, '用户名或密码不能为空!')
+
+        info = thisdb.getSitesById(site_id)
+        siteName = info['name']
+        filename = self.passPath + '/' + siteName + '.pass'
+        passconf = username + ':' + mw.hasPwd(password)
+
+        configFile = self.getHostConf(siteName)
+        # 处理Nginx配置
+        conf = mw.readFile(configFile)
+        if conf:
+            rep = '#error_page   404   /404.html;'
+            if conf.find(rep) == -1:
+                rep = '#error_page 404/404.html;'
+            data = '''
+    #AUTH_START
+    auth_basic "Authorization";
+    auth_basic_user_file %s;
+    #AUTH_END''' % (filename,)
+            conf = conf.replace(rep, rep + data)
+            mw.writeFile(configFile, conf)
+        # 写密码配置
+        passDir = self.passPath
+        if not os.path.exists(passDir):
+            mw.execShell('mkdir -p ' + passDir)
+        mw.writeFile(filename, passconf)
+
+        msg = mw.getInfo('设置网站[{1}]为需要密码认证!', (siteName,))
+        mw.writeLog("网站管理", msg)
+        mw.restartWeb()
+        return mw.returnData(True, '设置成功!')
+
+    # 取消目录加密
+    def closeHasPwd(self, site_id):
+        info = thisdb.getSitesById(site_id)
+        siteName = info['name']
+        configFile = self.getHostConf(siteName)
+        if os.path.exists(configFile):
+            conf = mw.readFile(configFile)
+            rep = r"\n\s*#AUTH_START(.|\n){1,200}#AUTH_END"
+            conf = re.sub(rep, '', conf)
+            mw.writeFile(configFile, conf)
+
+        msg = mw.getInfo('清除网站[{1}]的密码认证!', (siteName,))
+        mw.writeLog("网站管理", msg)
+        mw.restartWeb()
+        return mw.returnData(True, '设置成功!')
+
     def getSecurity(self, site_id):
         info = thisdb.getSitesById(site_id)
         name = info['name']
@@ -323,10 +576,8 @@ class sites(object):
             data['status'] = False
             data['none'] = False
 
-            valid_referers = re.search(
-                r"valid_referers\s+(.+);\n", tmp)
-            valid_referers_none = re.search(
-                r"valid_referers\s+none\s+blocked\s+(.+);\n", tmp)
+            valid_referers = re.search(r"valid_referers\s+(.+);\n", tmp)
+            valid_referers_none = re.search(r"valid_referers\s+none\s+blocked\s+(.+);\n", tmp)
 
             if valid_referers or valid_referers_none:
                 data['status'] = True
@@ -592,11 +843,16 @@ class sites(object):
             return mw.returnData(False, "分类名称不能为空")
         if len(name) > 18:
             return mw.returnData(False, "分类名称长度不能超过6个汉字或18位字母")
-        if mw.M('site_types').count() >= 10:
+
+        all_count = thisdb.getSiteTypesCount()
+        if all_count >= 10:
             return mw.returnData(False, '最多添加10个分类!')
-        if mw.M('site_types').where('name=?', (name,)).count() > 0:
+
+        name_count = thisdb.getSiteTypesCountByName(name)
+        if name_count > 0:
             return mw.returnData(False, "指定分类名称已存在!")
-        mw.M('site_types').add("name", (name,))
+
+        thisdb.addSiteTypes(name)
         return mw.returnData(True, '添加成功!')