blackteay/ApiAdmin
1
0
Fork 0
mirror of https://gitee.com/apiadmin/ApiAdmin.git synced 2025-05-24 22:09:41 +08:00
Code Issues Projects Releases Wiki Activity

modified 修复安全性验证

Browse Source
This commit is contained in:
zhaoxiang 2018-07-19 13:40:31 +08:00
parent a9fa3c9019
commit 87eb2af8e7
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
application/admin/controller/InterfaceList.php
View File

@ -73,6 +73,10 @@ class InterfaceList extends Base {
*/ */
public function add() { public function add() {
$postData = $this->request->post(); $postData = $this->request->post();
if (!preg_match("/^[A-Za-z0-9\/]+$/", $postData['apiClass'])) {
return $this->buildFailed(ReturnCode::DB_SAVE_ERROR, '真实类名只允许填写字母,数字和/');
}
$res = AdminList::create($postData); $res = AdminList::create($postData);
if ($res === false) { if ($res === false) {
return $this->buildFailed(ReturnCode::DB_SAVE_ERROR, '操作失败'); return $this->buildFailed(ReturnCode::DB_SAVE_ERROR, '操作失败');
@ -98,6 +102,7 @@ class InterfaceList extends Base {
return $this->buildFailed(ReturnCode::DB_SAVE_ERROR, '操作失败'); return $this->buildFailed(ReturnCode::DB_SAVE_ERROR, '操作失败');
} else { } else {
cache('ApiInfo:' . $hash, null); cache('ApiInfo:' . $hash, null);
return $this->buildSuccess([]); return $this->buildSuccess([]);
} }
} }
@ -109,11 +114,16 @@ class InterfaceList extends Base {
*/ */
public function edit() { public function edit() {
$postData = $this->request->post(); $postData = $this->request->post();
if (!preg_match("/^[A-Za-z0-9\/]+$/", $postData['apiClass'])) {
return $this->buildFailed(ReturnCode::DB_SAVE_ERROR, '真实类名只允许填写字母,数字和/');
}
$res = AdminList::update($postData); $res = AdminList::update($postData);
if ($res === false) { if ($res === false) {
return $this->buildFailed(ReturnCode::DB_SAVE_ERROR, '操作失败'); return $this->buildFailed(ReturnCode::DB_SAVE_ERROR, '操作失败');
} else { } else {
cache('ApiInfo:' . $postData['hash'], null); cache('ApiInfo:' . $postData['hash'], null);
return $this->buildSuccess([]); return $this->buildSuccess([]);
} }
} }
@ -178,6 +188,7 @@ class InterfaceList extends Base {
} }
file_put_contents($apiRoutePath, $tplStr); file_put_contents($apiRoutePath, $tplStr);
return $this->buildSuccess([]); return $this->buildSuccess([]);
} }
} }