防盗链 ok

6 years ago · f070071a3b
parent 790d58929b
commit f070071a3b
4 changed files with 88 additions and 16 deletions
--- a/class/core/site_api.py
+++ b/class/core/site_api.py
@ -225,6 +225,58 @@ class site_api:
            'TYPE_SITE', 'SITE_NETLIMIT_CLOSE_SUCCESS', (siteName,))
        return public.returnJson(True, '已关闭流量限制!')
    def getSecurity(self, sid, name):
        filename = self.getHostConf(name)
        conf = public.readFile(filename)
        data = {}
        if conf.find('SECURITY-START') != -1:
            rep = "#SECURITY-START(\n|.){1,500}#SECURITY-END"
            tmp = re.search(rep, conf).group()
            data['fix'] = re.search(
                "\(.+\)\$", tmp).group().replace('(', '').replace(')$', '').replace('|', ',')
            data['domains'] = ','.join(re.search(
                "valid_referers\s+none\s+blocked\s+(.+);\n", tmp).groups()[0].split())
            data['status'] = True
        else:
            data['fix'] = 'jpg,jpeg,gif,png,js,css'
            domains = public.M('domain').where(
                'pid=?', (sid,)).field('name').select()
            tmp = []
            for domain in domains:
                tmp.append(domain['name'])
            data['domains'] = ','.join(tmp)
            data['status'] = False
        return public.getJson(data)
    def setSecurity(self, sid, name, fix, domains, status):
        if len(fix) < 2:
            return public.returnJson(False, 'URL后缀不能为空!')
        file = self.getHostConf(name)
        if os.path.exists(file):
            conf = public.readFile(file)
            if conf.find('SECURITY-START') != -1:
                rep = "\s{0,4}#SECURITY-START(\n|.){1,500}#SECURITY-END\n?"
                conf = re.sub(rep, '', conf)
                public.writeLog('网站管理', '站点[' + name + ']已关闭防盗链设置!')
            else:
                rconf = '''#SECURITY-START 防盗链配置
    location ~ .*\.(%s)$
    {
        expires      30d;
        access_log /dev/null;
        valid_referers none blocked %s;
        if ($invalid_referer){
           return 404;
        }
    }
    #SECURITY-END
    include enable-php-''' % (fix.strip().replace(',', '|'), domains.strip().replace(',', ' '))
                conf = re.sub("include\s+enable-php-", rconf, conf)
                public.writeLog('网站管理', '站点[' + name + ']已开启防盗链!')
            public.writeFile(file, conf)
        public.restartWeb()
        return public.returnJson(True, '设置成功!')
    def getPhpVersion(self):
        phpVersions = ('00', '52', '53', '54', '55',
                       '56', '70', '71', '72', '73', '74')
--- a/route/site.py
+++ b/route/site.py
@ -74,6 +74,23 @@ def closeLimitNet():
    return site_api.site_api().closeLimitNet(sid)
@site.route('get_security', methods=['POST'])
 def getSecurity():
    sid = request.form.get('id', '').encode('utf-8')
    name = request.form.get('name', '').encode('utf-8')
    return site_api.site_api().getSecurity(sid, name)
@site.route('set_security', methods=['POST'])
 def setSecurity():
    fix = request.form.get('fix', '').encode('utf-8')
    domains = request.form.get('domains', '').encode('utf-8')
    status = request.form.get('status', '').encode('utf-8')
    name = request.form.get('name', '').encode('utf-8')
    sid = request.form.get('id', '').encode('utf-8')
    return site_api.site_api().setSecurity(sid, name, fix, domains, status)
@site.route('get_logs', methods=['POST'])
 def getLogs():
    siteName = request.form.get('siteName', '').encode('utf-8')
--- a/static/app/firewall.js
+++ b/static/app/firewall.js
@ -11,17 +11,12 @@ setTimeout(function(){
 },1500);
-function closeLogs(){
+
 	$.post('/files?action=CloseLogs','',function(rdata){
 		$("#logSize").html(rdata.msg);
 		layer.msg(lan.firewall.empty,{icon:1});
 	},'json');
 }
 $(function(){
 	// start 
 	$.post('/firewall/get_www_path',function(data){
-
+		var html ='<span>Web日志:</span><a href="javascript:openPath(\''+data['path']+'\');">点击进入目录</a>\
 		var html ='<span>Web日志:</span><a href="javascript:openPath(\''+data['path']+'\');">'+data['path']+'</a>\
 				<em id="logSize">0KB</em>\
 				<button class="btn btn-default btn-sm" onclick="closeLogs();">清空</button>';
 		$('#firewall_weblog').html(html);
@ -30,8 +25,16 @@ $(function(){
 			$("#logSize").html(rdata.msg);
 		},'json');
 	},'json');
 	// end
 });
 function closeLogs(){
 	$.post('/files?action=CloseLogs','',function(rdata){
 		$("#logSize").html(rdata.msg);
 		layer.msg(lan.firewall.empty,{icon:1});
 	},'json');
 }
 $("#firewalldType").change(function(){
 	var type = $(this).val();
 	var w = '120px';
--- a/static/app/site.js
+++ b/static/app/site.js
@ -997,7 +997,7 @@ function webEdit(id,website,endTime,addtime){
 	+"<p onclick=\"phpVersion('"+website+"')\" title='PHP版本'>PHP版本</p>"
 	+"<p onclick=\"To301('"+website+"')\" title='"+lan.site.site_menu_10+"'>"+lan.site.site_menu_10+"</p>"
 	+"<p onclick=\"Proxy('"+website+"')\" title='"+lan.site.site_menu_12+"'>"+lan.site.site_menu_11+"</p>"
-	+"<p id='site_"+id+"' onclick=\"Security('"+id+"','"+website+"')\" title='"+lan.site.site_menu_12+"'>"+lan.site.site_menu_12+"</p>"
+	+"<p id='site_"+id+"' onclick=\"security('"+id+"','"+website+"')\" title='"+lan.site.site_menu_12+"'>"+lan.site.site_menu_12+"</p>"
 	+"<p id='site_"+id+"' onclick=\"getSiteLogs('"+website+"')\" title='查看站点请求日志'>响应日志</p>";
 	layer.open({
 		type: 1,
@ -1056,14 +1056,14 @@ function getSiteLogs(siteName){
 //防盗链
-function Security(id,name){
+function security(id,name){
 	var loadT = layer.msg(lan.site.the_msg,{icon:16,time:0,shade: [0.3, '#000']});
-	$.post('/site?action=GetSecurity',{id:id,name:name},function(rdata){
+	$.post('/site/get_security',{id:id,name:name},function(rdata){
 		layer.close(loadT);
 		var mbody = '<div>'
 					+'<p style="margin-bottom:8px"><span style="display: inline-block; width: 60px;">URL后缀</span><input class="bt-input-text" type="text" name="sec_fix" value="'+rdata.fix+'" style="margin-left: 5px;width: 425px;height: 30px;margin-right:10px;'+(rdata.status?'background-color: #eee;':'')+'" placeholder="多个请用逗号隔开,例：png,jpeg,jpg,gif,zip" '+(rdata.status?'readonly':'')+'></p>'
 					+'<p style="margin-bottom:8px"><span style="display: inline-block; width: 60px;">许可域名</span><input class="bt-input-text" type="text" name="sec_domains" value="'+rdata.domains+'" style="margin-left: 5px;width: 425px;height: 30px;margin-right:10px;'+(rdata.status?'background-color: #eee;':'')+'" placeholder="支持通配符,多个域名请用逗号隔开,例：*.test.com,test.com" '+(rdata.status?'readonly':'')+'></p>'
-					+'<div class="label-input-group ptb10"><label style="font-weight:normal"><input type="checkbox" name="sec_status" onclick="SetSecurity(\''+name+'\','+id+')" '+(rdata.status?'checked':'')+'>启用防盗链</label></div>'
+					+'<div class="label-input-group ptb10"><label style="font-weight:normal"><input type="checkbox" name="sec_status" onclick="setSecurity(\''+name+'\','+id+')" '+(rdata.status?'checked':'')+'>启用防盗链</label></div>'
 					+'<ul class="help-info-text c7 ptb10">'
 						+'<li>默认允许资源被直接访问,即不限制HTTP_REFERER为空的请求</li>'
 						+'<li>多个URL后缀与域名请使用逗号(,)隔开,如: png,jpeg,zip,js</li>'
@ -1071,11 +1071,11 @@ function Security(id,name){
 					+'</ul>'
 				+'</div>'
 		$("#webedit-con").html(mbody);
-	});
+	},'json');
 }
 //设置防盗链
-function SetSecurity(name,id){
+function setSecurity(name,id){
 	var data = {
 		fix:$("input[name='sec_fix']").val(),
 		domains:$("input[name='sec_domains']").val(),
@ -1084,11 +1084,11 @@ function SetSecurity(name,id){
 		id:id
 	}
 	var loadT = layer.msg(lan.site.the_msg,{icon:16,time:0,shade: [0.3, '#000']});
-	$.post('/site?action=SetSecurity',data,function(rdata){
+	$.post('/site/set_security',data,function(rdata){
 		layer.close(loadT);
 		layer.msg(rdata.msg,{icon:rdata.status?1:2});
 		if(rdata.status) setTimeout(function(){Security(id,name);},1000);
-	});
+	},'json');
 }