更新:优化发帖改帖

zhuchunshu · zhuchunshu · commit c7bdce0e038f · 2022-12-24T15:11:08.000+08:00
diff --git a/app/Middleware/CsrfMiddleware.php b/app/Middleware/CsrfMiddleware.php
@@ -36,7 +36,6 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
         if(request()->isMethod("post") && csrf_token() !== request()->input("_token")) {
             return admin_abort(["msg" => "会话超时,请刷新后重新提交"],419);
         }
-
         return $handler->handle($request);
     }
 
diff --git a/app/Plugins/Topic/resources/views/create.blade.php b/app/Plugins/Topic/resources/views/create.blade.php
@@ -52,13 +52,30 @@
                                 <h3 class="card-title">附加信息</h3>
                             </div>
                             <div class="card-body">
-                               <div class="row">
-                                   @foreach(Itf()->get('topic-create-options') as $k=>$v)
-                                       @if(call_user_func($v['enable'])===true)
-                                           @include($v['view'])
-                                       @endif
-                                   @endforeach
-                               </div>
+                                <div class="row">
+                                    @foreach(Itf()->get('topic-create-options') as $k=>$v)
+                                        @if(call_user_func($v['enable'])===true)
+                                            @include($v['view'])
+                                        @endif
+                                    @endforeach
+                                </div>
+                            </div>
+                        </div>
+                    </div>
+                    <div class="col-12">
+                        <div class="row row-cards">
+                            <div class="col-lg-9">
+                                <div class="card card-body">
+                                    <label for="" class="form-label">验证码</label>
+                                    <div class="input-group">
+                                        <input type="text" name="captcha" class="form-control" placeholder="captcha"
+                                               autocomplete="off" required>
+                                        <span class="input-group-link">
+                                 <img class="captcha" src="{{captcha()->inline()}}" alt=""
+                                      onclick="this.src='/captcha?id='+Math.random()">
+                            </span>
+                                    </div>
+                                </div>
                             </div>
                         </div>
                     </div>
diff --git a/app/Plugins/Topic/resources/views/create/basis.blade.php b/app/Plugins/Topic/resources/views/create/basis.blade.php
@@ -12,7 +12,7 @@
         </option>
         @foreach(\App\Plugins\Topic\src\Models\TopicTag::query()->where('status','=',null)->get() as $topic_tags)
             <option value="{{$topic_tags->id}}"
-                    data-custom-properties="&lt;span class=&quot;badge&quot; style=&quot;background-color: {{$topic_tags->color}} &quot; &gt;{{$topic_tags->icon}}&lt;/span&gt;">
+                    data-custom-properties="&lt;span class=&quot;badge&quot; style=&quot;background-color: {{$topic_tags->color}} &quot; &gt;{{$topic_tags->icon}}&lt;/span&gt;" @if(request()->input('basis.tag') && request()->input('basis.tag')==$topic_tags->id){{"selected"}}@endif>
                 {{$topic_tags->name}}
             </option>
         @endforeach
diff --git a/app/Plugins/Topic/resources/views/create/preview.blade.php b/app/Plugins/Topic/resources/views/create/preview.blade.php
@@ -23,7 +23,7 @@
     <link href="{{ file_hash("css/diy.css") }}" rel="stylesheet"/>
     <link rel="stylesheet" href="{{mix('css/app.css')}}">
     <script>
-        var csrf_token = "{{ recsrf_token() }}";
+        var csrf_token = "{{ csrf_token() }}";
         var ws_url = "{{ws_url()}}";
         var _token = "{{auth()->token()}}";
         var imageUpUrl = "/user/upload/image?_token={{ csrf_token() }}";
diff --git a/app/Plugins/Topic/resources/views/edit.blade.php b/app/Plugins/Topic/resources/views/edit.blade.php
@@ -64,9 +64,26 @@
                             </div>
                         </div>
                     </div>
+                    <div class="col-12">
+                        <div class="row row-cards">
+                            <div class="col-lg-9">
+                                <div class="card card-body">
+                                    <label for="" class="form-label">验证码</label>
+                                    <div class="input-group">
+                                        <input type="text" name="captcha" class="form-control" placeholder="captcha"
+                                               autocomplete="off" required>
+                                        <span class="input-group-link">
+                                 <img class="captcha" src="{{captcha()->inline()}}" alt=""
+                                      onclick="this.src='/captcha?id='+Math.random()">
+                            </span>
+                                    </div>
+                                </div>
+                            </div>
+                        </div>
+                    </div>
                     <div class="col-12">
                         @csrf()
-                        <button class="btn btn-primary" type="submit">提交</button>
+                        <button timeout="1500" auto-event="disabled" class="btn btn-primary" type="submit">提交</button>
                     </div>
                 </div>
             </form>
diff --git a/app/Plugins/Topic/src/Controllers/TopicController.php b/app/Plugins/Topic/src/Controllers/TopicController.php
@@ -24,6 +24,7 @@
 use Hyperf\HttpServer\Annotation\GetMapping;
 use Hyperf\HttpServer\Annotation\Middleware;
 use Hyperf\HttpServer\Annotation\PostMapping;
+use Hyperf\RateLimit\Annotation\RateLimit;
 
 #[Controller(prefix: '/topic')]
 #[Middleware(\App\Plugins\User\src\Middleware\AuthMiddleware::class)]
@@ -100,6 +101,7 @@ public function edit($topic_id)
     }
 
     #[PostMapping(path: '/topic/update')]
+    #[RateLimit(create:1, capacity:1, consume:1)]
     public function edit_post()
     {
         $quanxian = false;
diff --git a/app/Plugins/Topic/src/Handler/Topic/Middleware/Create/CaptchaMiddleware.php b/app/Plugins/Topic/src/Handler/Topic/Middleware/Create/CaptchaMiddleware.php
@@ -0,0 +1,26 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * This file is part of zhuchunshu.
+ * @link     https://github.com/zhuchunshu
+ * @document https://github.com/zhuchunshu/super-forum
+ * @contact  laravel@88.com
+ * @license  https://github.com/zhuchunshu/super-forum/blob/master/LICENSE
+ */
+namespace App\Plugins\Topic\src\Handler\Topic\Middleware\Create;
+
+use App\Plugins\Topic\src\Handler\Topic\Middleware\MiddlewareInterface;
+
+#[\App\Plugins\Topic\src\Annotation\Topic\CreateFirstMiddleware]
+class CaptchaMiddleware implements MiddlewareInterface
+{
+    public function handler($data, \Closure $next)
+    {
+        if (! captcha()->check(request()->input('captcha'))) {
+            unset($data['basis']['content']);
+            return redirect()->with('danger', '验证码错误')->url('topic/create?' . http_build_query($data))->go();
+        }
+        return $next($data);
+    }
+}
diff --git a/app/Plugins/Topic/src/Handler/Topic/Middleware/Create/CreateMiddleware.php b/app/Plugins/Topic/src/Handler/Topic/Middleware/Create/CreateMiddleware.php
@@ -36,6 +36,7 @@ public function handler($data, \Closure $next)
                 'title' => 'required|string|min:' . get_options('topic_create_title_min', 1) . '|max:' . get_options('topic_create_title_max', 200),
                 'tag' => 'required|exists:topic_tag,id',
             ],
+            [],
             [
                 'content' => '内容',
                 'title' => '标题',
diff --git a/app/Plugins/Topic/src/Handler/Topic/Middleware/Update/CaptchaMiddleware.php b/app/Plugins/Topic/src/Handler/Topic/Middleware/Update/CaptchaMiddleware.php
@@ -0,0 +1,25 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * This file is part of zhuchunshu.
+ * @link     https://github.com/zhuchunshu
+ * @document https://github.com/zhuchunshu/super-forum
+ * @contact  laravel@88.com
+ * @license  https://github.com/zhuchunshu/super-forum/blob/master/LICENSE
+ */
+namespace App\Plugins\Topic\src\Handler\Topic\Middleware\Update;
+
+use App\Plugins\Topic\src\Handler\Topic\Middleware\MiddlewareInterface;
+
+#[\App\Plugins\Topic\src\Annotation\Topic\UpdateFirstMiddleware]
+class CaptchaMiddleware implements MiddlewareInterface
+{
+    public function handler($data, \Closure $next)
+    {
+        if (! captcha()->check(request()->input('captcha'))) {
+            return redirect()->url('/' . $data['basis']['topic_id'] . '.html')->with('danger', '验证码错误')->go();
+        }
+        return $next($data);
+    }
+}
diff --git a/app/Plugins/Topic/src/Handler/Topic/Middleware/Update/UpdateMiddleware.php b/app/Plugins/Topic/src/Handler/Topic/Middleware/Update/UpdateMiddleware.php
@@ -38,6 +38,7 @@ public function handler($data, \Closure $next)
                 'title' => 'required|string|min:' . get_options('topic_create_title_min', 1) . '|max:' . get_options('topic_create_title_max', 200),
                 'tag' => 'required|exists:topic_tag,id',
             ],
+            [],
             [
                 'topic_id' => '帖子id',
                 'content' => '正文内容',
diff --git a/app/Themes/CodeFec/resources/views/app.blade.php b/app/Themes/CodeFec/resources/views/app.blade.php
@@ -16,7 +16,7 @@
     <link href="{{ file_hash("css/diy.css") }}" rel="stylesheet" />
     <link rel="stylesheet" href="{{mix('css/app.css')}}">
     <script>
-        var csrf_token = "{{ recsrf_token() }}";
+        var csrf_token = "{{ csrf_token() }}";
         var ws_url = "{{ws_url()}}";
         var _token = "{{auth()->token()}}";
         var imageUpUrl = "/user/upload/image?_token={{ csrf_token() }}";
diff --git a/app/Themes/CodeFec/resources/views/topic/show/content.blade.php b/app/Themes/CodeFec/resources/views/topic/show/content.blade.php
@@ -17,7 +17,7 @@
                         {{__('app.essence')}}
                     </div>
                 @endif
-                <div class="row">
+                <div class="row" style="margin-top: -10px">
                     {{--                    标题--}}
                     <div class="col-md-12" id="title">
                         <h1 data-bs-toggle="tooltip" data-bs-placement="left" title="{{__('topic.title')}}">
diff --git a/app/Themes/CodeFec/resources/views/user/sign.blade.php b/app/Themes/CodeFec/resources/views/user/sign.blade.php
@@ -22,7 +22,7 @@
     <link rel="stylesheet" href="{{mix("plugins/Core/css/core.css")}}">
     <link href="{{ file_hash("css/diy.css") }}" rel="stylesheet" />
     <script>
-        var csrf_token = "{{ recsrf_token() }}";
+        var csrf_token = "{{ csrf_token() }}";
         var ws_url = "{{ws_url()}}";
         var login_token = "{{auth()->token()}}";
     </script>
diff --git a/app/View/Component/CsrfToken.php b/app/View/Component/CsrfToken.php
@@ -10,7 +10,7 @@ class CsrfToken extends Component
     public $token;
     public function __construct()
     {
-        $this->token = recsrf_token();
+        $this->token = csrf_token();
     }
     public function render()
     {
diff --git a/app/helpers.php b/app/helpers.php
@@ -498,15 +498,27 @@ function csrf_token()
     }
 }
 
+if (! function_exists('csrf_token')) {
+    function csrf_token()
+    {
+        if (! session()->has('csrf_token')) {
+            session()->set('csrf_token', Str::random());
+        }
+        if (! cache()->has('csrf_token.' . session()->get('csrf_token'))) {
+            cache()->set('csrf_token.' . session()->get('csrf_token'), Str::random());
+        }
+        return cache()->get('csrf_token.' . session()->get('csrf_token'));
+    }
+}
+
 if (! function_exists('recsrf_token')) {
     function recsrf_token()
     {
-        return csrf_token();
-//        if(!session()->has("csrf_token")){
-//            session()->set("csrf_token",Str::random());
-//        }
-//        cache()->set("csrf_token".session()->get("csrf_token"),Str::random(),300);
-//        return cache()->get("csrf_token".session()->get("csrf_token"));
+        if (! session()->has('csrf_token')) {
+            session()->set('csrf_token', Str::random());
+        }
+        cache()->set('csrf_token.' . session()->get('csrf_token'), Str::random());
+        return cache()->get('csrf_token.' . session()->get('csrf_token'));
     }
 }
 
diff --git a/public/js/alpine.js b/public/js/alpine.js
diff --git a/public/mix-manifest.json b/public/mix-manifest.json
diff --git a/resources/js/alpine.js b/resources/js/alpine.js
diff --git a/resources/views/app.blade.php b/resources/views/app.blade.php
diff --git a/webpack.mix.js b/webpack.mix.js

Original file line number	Diff line number	Diff line change
`@@ -36,7 +36,6 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface`
`36`	`36`	`if(request()->isMethod("post") && csrf_token() !== request()->input("_token")) {`
`37`	`37`	`return admin_abort(["msg" => "会话超时,请刷新后重新提交"],419);`
`38`	`38`	`}`
`39`		`-`
`40`	`39`	`return $handler->handle($request);`
`41`	`40`	`}`
`42`	`41`
Original file line number	Diff line number	Diff line change
`@@ -24,6 +24,7 @@`
`24`	`24`	`use Hyperf\HttpServer\Annotation\GetMapping;`
`25`	`25`	`use Hyperf\HttpServer\Annotation\Middleware;`
`26`	`26`	`use Hyperf\HttpServer\Annotation\PostMapping;`
	`27`	`+use Hyperf\RateLimit\Annotation\RateLimit;`
`27`	`28`
`28`	`29`	`#[Controller(prefix: '/topic')]`
`29`	`30`	`#[Middleware(\App\Plugins\User\src\Middleware\AuthMiddleware::class)]`
`@@ -100,6 +101,7 @@ public function edit($topic_id)`
`100`	`101`	`}`
`101`	`102`
`102`	`103`	`#[PostMapping(path: '/topic/update')]`
	`104`	`+ #[RateLimit(create:1, capacity:1, consume:1)]`
`103`	`105`	`public function edit_post()`
`104`	`106`	`{`
`105`	`107`	`$quanxian = false;`
Original file line number	Diff line number	Diff line change
`@@ -36,6 +36,7 @@ public function handler($data, \Closure $next)`
`36`	`36`	`'title' => 'required\|string\|min:' . get_options('topic_create_title_min', 1) . '\|max:' . get_options('topic_create_title_max', 200),`
`37`	`37`	`'tag' => 'required\|exists:topic_tag,id',`
`38`	`38`	`],`
	`39`	`+ [],`
`39`	`40`	`[`
`40`	`41`	`'content' => '内容',`
`41`	`42`	`'title' => '标题',`
Original file line number	Diff line number	Diff line change
`@@ -38,6 +38,7 @@ public function handler($data, \Closure $next)`
`38`	`38`	`'title' => 'required\|string\|min:' . get_options('topic_create_title_min', 1) . '\|max:' . get_options('topic_create_title_max', 200),`
`39`	`39`	`'tag' => 'required\|exists:topic_tag,id',`
`40`	`40`	`],`
	`41`	`+ [],`
`41`	`42`	`[`
`42`	`43`	`'topic_id' => '帖子id',`
`43`	`44`	`'content' => '正文内容',`
Original file line number	Diff line number	Diff line change
`@@ -10,7 +10,7 @@ class CsrfToken extends Component`
`10`	`10`	`public $token;`
`11`	`11`	`public function __construct()`
`12`	`12`	`{`
`13`		`- $this->token = recsrf_token();`
	`13`	`+ $this->token = csrf_token();`
`14`	`14`	`}`
`15`	`15`	`public function render()`
`16`	`16`	`{`
-Original file line number
+Diff line change
     "/js/app.js": "/js/app.js?id=5f4131c4a24b6dabd927",
     "/js/install.js": "/js/install.js?id=e2a427dad25f612dc8fb",
     "/js/vue.js": "/js/vue.js?id=c0ed491e9d9bbd0212ac",
 -    "/js/alpine.js": "/js/alpine.js?id=3b24a5041f6ceb43ef89",
     "/js/admin/login.js": "/js/admin/login.js?id=da1c592d350b030d748d",
     "/js/admin/EditFile.js": "/js/admin/EditFile.js?id=4d5216bc31a8a5907c6c",
     "/js/admin/error.js": "/js/admin/error.js?id=766b20ab83ddf9c42848",
     "/js/admin/index.js": "/js/admin/index.js?id=505f34d21dc046de3d56",
     "/js/admin/pay.js": "/js/admin/pay.js?id=476f7157fca67c342d8c",
     "/plugins/User/js/order.js": "/plugins/User/js/order.js?id=75d4436e905e45647c23",
 -    "/plugins/Core/js/app.js": "/plugins/Core/js/app.js?id=802dc3d10d90c4074bfb",
 +    "/plugins/Core/js/app.js": "/plugins/Core/js/app.js?id=36611f1c6cc8ab6ed9cb",
     "/plugins/Topic/js/topic.js": "/plugins/Topic/js/topic.js?id=2441d18b977cde255036",
     "/plugins/Topic/js/core.js": "/plugins/Topic/js/core.js?id=931e8d42fabe735b4daf",
     "/plugins/Topic/css/app.css": "/plugins/Topic/css/app.css?id=7a04749a2ef2c33ea28f",
-Original file line number
+Diff line change
     <link rel="stylesheet" href="{{ mix('css/app.css') }}">
     <link rel="icon" href="{{get_options('theme_common_icon','/logo.svg')}}" type="image/x-icon" />
     <link rel="shortcut icon" href="{{get_options('theme_common_icon','/logo.svg')}}" type="image/x-icon" />
 -    <script>var csrf_token="{{recsrf_token()}}";</script>
 +    <script>var csrf_token="{{csrf_token()}}";</script>
     <link rel="stylesheet" href="{{ mix('iziToast/css/iziToast.min.css') }}">
     <script src="{{ mix('iziToast/js/iziToast.min.js') }}"></script>
     <!-- 自定义CSS -->
-Original file line number
+Diff line change
 // vue.js
 mix.js(resources_path("js/vue.js"), "js").vue({version: 3})
 -mix.js(resources_path("js/alpine.js"), "js")
     .webpackConfig((webpack) => {
         return {
             plugins: [