{"id":28781,"date":"2024-11-25T14:07:38","date_gmt":"2024-11-25T06:07:38","guid":{"rendered":"https:\/\/fwq.ai\/blog\/28781\/"},"modified":"2024-11-25T14:07:38","modified_gmt":"2024-11-25T06:07:38","slug":"phpcms%e4%b8%8d%e8%83%bd%e5%88%a0%e9%99%a4%e6%a0%8f%e7%9b%ae%e6%80%8e%e4%b9%88%e5%8a%9e","status":"publish","type":"post","link":"https:\/\/fwq.ai\/blog\/28781\/","title":{"rendered":"phpcms\u4e0d\u80fd\u5220\u9664\u680f\u76ee\u600e\u4e48\u529e"},"content":{"rendered":"

\n phpcms\u4e0d\u80fd\u5220\u9664\u680f\u76ee\u662f\u56e0\u4e3a\u7ad9\u70b9\u7ba1\u7406\u5458\u6ca1\u6709\u5220\u9664\u680f\u76ee\u7684\u6743\u9650\uff0c\u5176\u89e3\u51b3\u529e\u6cd5\uff1a\u9996\u5148\u627e\u5230\u5e76\u6253\u5f00\u201cadmin.class.php\u201d\u6587\u4ef6\uff1b\u7136\u540e\u6dfb\u52a0\u7ad9\u70b9\u7ba1\u7406\u5458\u7684\u5220\u9664\u680f\u76ee\u6743\u9650\uff1b\u6700\u540e\u4fee\u6539\u201ccategory.php\u201d\u6587\u4ef6\u5373\u53ef\u3002\n<\/p><\/blockquote>\n

\"phpcms\u4e0d\u80fd\u5220\u9664\u680f\u76ee\u600e\u4e48\u529e\u63d2\u56fe\"<\/p>\n

\u4e0d\u80fd\u5220\u9664\u680f\u76ee?PHPCMS\u7ad9\u70b9\u7ba1\u7406\u5458\u6ca1\u6709\u5220\u9664\u680f\u76ee\u7684\u6743\u9650<\/strong><\/p>\n

phpcms V9\u9664\u8d85\u7ea7\u7ba1\u7406\u5458\u5916\uff0c\u5176\u4ed6\u7ba1\u7406\u5458\u90fd\u6ca1\u6709\u5220\u9664\u548c\u4fee\u6539\u680f\u76ee\u7684\u6743\u9650\uff0c\u8fd9\u53ef\u80fd\u662f\u7cfb\u7edf\u7684\u4e00\u4e2abug\u3002<\/p>\n

\u5206\u6790\uff1a<\/p>\n

PHPCMS v9 \u5728\u5224\u65ad\u6743\u9650\u7684\u65f6\u5019\u53ea\u5224\u65adadmin_role_priv\u8868\u4e2d\u6240\u8bb0\u5f55\u7684\u6743\u9650\u3002\u4e5f\u5c31\u662f\u6211\u4eec\u5728\u8bbe\u7f6e\u89d2\u8272\u7684\u65f6\u5019\u6240\u8fdb\u884c\u7684\u201c\u6743\u9650\u8bbe\u7f6e\u201d\uff0c\u800c\u4e0d\u8003\u8651\u6211\u4eec\u6240\u8bbe\u7f6e\u7684\u201c\u680f\u76ee \u6743\u9650\u201d\u3002\u7531admin:check_priv()\u5728\u53ef\u4ee5\u770b\u51fa\uff0c\u8be5\u65b9\u6cd5\u6ca1\u6709\u5bf9\u680f\u76ee\u6743\u9650\u4f5c\u4efb\u4f55\u8003\u8651\u3002\u6240\u4ee5\u5f53\u6211\u4eec\u4f7f\u7528\u975e\u8d85\u7ba1\u767b\u5f55\u65f6\uff0c\u4fee\u6539\u680f\u76ee\u6216\u5220\u9664\u680f\u76ee\u5c31\u4f1a\u63d0\u793a \u201c\u60a8\u6ca1\u6709\u6743\u9650\u64cd\u4f5c\u8be5\u9879\u201d\u3002<\/p>\n

\u7acb\u5373\u5b66\u4e60<\/span>\u201c\u201d\uff1b<\/p>\n

\u4f4d\u7f6e\uff1aphpcms\/modules\/admin\/classes\/admin.class.php<\/p>\n

\u63a8\u8350\uff1a\u300a\u300b<\/p>\n

\u89e3\u51b3\u529e\u6cd5:<\/p>\n

1.\u627e\u5230\/phpcms\/modules\/admin\/classes\/admin.class.php ,\u5728\u91cc\u9762\u627e\u5230<\/p>\n

$r =$privdb-&gt;get_one(array('m'=&gt;ROUTE_M,'c'=&gt;ROUTE_C,'a'=&gt;$action,'roleid'=&gt;$_SESSION['roleid'],'siteid'=&gt;$siteid));<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
\u5927\u6982\u5728177\u884c\u4e0a,\u7136\u540e\u5728\u8be5\u53e5\u4e0b\u9762\u52a0\u4e0a\uff1a<\/p>\n
\/\/\u6dfb\u52a0\u7ad9\u70b9\u7ba1\u7406\u5458\u7684\u5220\u9664\u680f\u76ee\u6743\u9650 by\uff1a\u9192\u6728\nif(ROUTE_C == 'category'){\n$catid = $_GET['catid'] ? $_GET['catid'] : $_POST['catid'];\n\/\/\u83b7\u53d6\u89d2\u8272\u5f53\u524d\u6743\u9650\u8bbe\u7f6e\npc_base::load_app_class('role_cat', '', 0);\n$priv = role_cat::get_roleid($_SESSION['roleid'], $siteid);\nif($priv[$catid][$action]) $r = true;\n}<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
\"phpcms\u4e0d\u80fd\u5220\u9664\u680f\u76ee\u600e\u4e48\u529e\u63d2\u56fe1\"<\/p>\n
2.\u5728 \/phpcms\/modules\/admin\/category.php\u4e2d\u627e\u5230<\/p>\n
foreach ($arrchildid_arr as $arr_v) {\n$this-&gt;update_priv($arr_v, $_POST['priv_groupid'], 0);\n}<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
\u6539\u4e3a\uff1a<\/p>\n
foreach ($arrchildid_arr as $arr_v) {\n$this-&gt;update_priv($arr_v, $_POST['priv_roleid']); \/\/\u6dfb\u52a0\u7ad9\u70b9\u7ba1\u7406\u5458\u7684\u5220\u9664\u680f\u76ee\u6743\u9650 by\uff1a\u9192\u6728\n$this-&gt;update_priv($arr_v, $_POST['priv_groupid'], 0);\n}<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
\"phpcms\u4e0d\u80fd\u5220\u9664\u680f\u76ee\u600e\u4e48\u529e\u63d2\u56fe2\"<\/p>\n
\u63d0\u793a\uff1a<\/p>\n
\u8bb0\u7740\u5728\u6dfb\u52a0\u8d27\u4fee\u6539\u680f\u76ee\u65f6\u5019\u52fe\u9009\u76f8\u5e94\u7684\u5220\u9664\u8d27\u4fee\u6539\u6743\u9650\u3002<\/p>\n
\u4ee5\u4e0a\u5c31\u662f\u4e0d\u80fd\u5220\u9664\u680f\u76ee\u600e\u4e48\u529e\u7684\u8be6\u7ec6\u5185\u5bb9\uff0c\u66f4\u591a\u8bf7\u5173\u6ce8\u7c73\u4e91\u5176\u5b83\u76f8\u5173\u6587\u7ae0\uff01<\/p>\n","protected":false},"excerpt":{"rendered":"
phpcms\u4e0d\u80fd\u5220\u9664\u680f\u76ee\u662f\u56e0\u4e3a\u7ad9\u70b9\u7ba1\u7406\u5458\u6ca1\u6709\u5220\u9664\u680f\u76ee\u7684\u6743\u9650\uff0c\u5176\u89e3\u51b3\u529e\u6cd5\uff1a\u9996\u5148\u627e\u5230\u5e76\u6253\u5f00\u201cadmin.class.php\u201d\u6587\u4ef6\uff1b\u7136\u540e\u6dfb\u52a0\u7ad9\u70b9\u7ba1\u7406\u5458\u7684\u5220\u9664\u680f\u76ee\u6743\u9650\uff1b\u6700\u540e\u4fee\u6539\u201ccategory.php\u201d\u6587\u4ef6\u5373\u53ef\u3002 \u4e0d\u80fd\u5220\u9664\u680f\u76ee?PHPCMS\u7ad9\u70b9\u7ba1\u7406\u5458\u6ca1\u6709\u5220\u9664\u680f\u76ee\u7684\u6743\u9650 phpcms V9\u9664\u8d85\u7ea7\u7ba1\u7406\u5458\u5916\uff0c\u5176\u4ed6\u7ba1\u7406\u5458\u90fd\u6ca1\u6709\u5220\u9664\u548c\u4fee\u6539\u680f\u76ee\u7684\u6743\u9650\uff0c\u8fd9\u53ef\u80fd\u662f\u7cfb\u7edf\u7684\u4e00\u4e2abug\u3002 \u5206\u6790\uff1a PHPCMS v9 \u5728\u5224\u65ad\u6743\u9650\u7684\u65f6\u5019\u53ea\u5224\u65adadmin_role_priv\u8868\u4e2d\u6240\u8bb0\u5f55\u7684\u6743\u9650\u3002\u4e5f\u5c31\u662f\u6211\u4eec\u5728\u8bbe\u7f6e\u89d2\u8272\u7684\u65f6\u5019\u6240\u8fdb\u884c\u7684\u201c\u6743\u9650\u8bbe\u7f6e\u201d\uff0c\u800c\u4e0d\u8003\u8651\u6211\u4eec\u6240\u8bbe\u7f6e\u7684\u201c\u680f\u76ee \u6743\u9650\u201d\u3002\u7531admin:check_priv()\u5728\u53ef\u4ee5\u770b\u51fa\uff0c\u8be5\u65b9\u6cd5\u6ca1\u6709\u5bf9\u680f\u76ee\u6743\u9650\u4f5c\u4efb\u4f55\u8003\u8651\u3002\u6240\u4ee5\u5f53\u6211\u4eec\u4f7f\u7528\u975e\u8d85\u7ba1\u767b\u5f55\u65f6\uff0c\u4fee\u6539\u680f\u76ee\u6216\u5220\u9664\u680f\u76ee\u5c31\u4f1a\u63d0\u793a \u201c\u60a8\u6ca1\u6709\u6743\u9650\u64cd\u4f5c\u8be5\u9879\u201d\u3002 \u7acb\u5373\u5b66\u4e60\u201c\u201d\uff1b \u4f4d\u7f6e\uff1aphpcms\/modules\/admin\/classes\/admin.class.php \u63a8\u8350\uff1a\u300a\u300b \u89e3\u51b3\u529e\u6cd5: 1.\u627e\u5230\/phpcms\/modules\/admin\/classes\/admin.class.php ,\u5728\u91cc\u9762\u627e\u5230 $r =$privdb-&gt;get_one(array(‘m’=&gt;ROUTE_M,’c’=&gt;ROUTE_C,’a’=&gt;$action,’roleid’=&gt;$_SESSION[‘roleid’],’siteid’=&gt;$siteid)); \u767b\u5f55\u540e\u590d\u5236 \u5927\u6982\u5728177\u884c\u4e0a,\u7136\u540e\u5728\u8be5\u53e5\u4e0b\u9762\u52a0\u4e0a\uff1a \/\/\u6dfb\u52a0\u7ad9\u70b9\u7ba1\u7406\u5458\u7684\u5220\u9664\u680f\u76ee\u6743\u9650 by\uff1a\u9192\u6728 if(ROUTE_C == ‘category’){ $catid = $_GET[‘catid’] ? $_GET[‘catid’] : $_POST[‘catid’]; \/\/\u83b7\u53d6\u89d2\u8272\u5f53\u524d\u6743\u9650\u8bbe\u7f6e pc_base::load_app_class(‘role_cat’, ”, 0); $priv = role_cat::get_roleid($_SESSION[‘roleid’], $siteid); if($priv[$catid][$action]) $r = true; } \u767b\u5f55\u540e\u590d\u5236 2.\u5728 \/phpcms\/modules\/admin\/category.php\u4e2d\u627e\u5230 foreach ($arrchildid_arr as $arr_v) { $this-&gt;update_priv($arr_v, $_POST[‘priv_groupid’], 0); } \u767b\u5f55\u540e\u590d\u5236 \u6539\u4e3a\uff1a foreach ($arrchildid_arr as $arr_v) { $this-&gt;update_priv($arr_v, $_POST[‘priv_roleid’]); \/\/\u6dfb\u52a0\u7ad9\u70b9\u7ba1\u7406\u5458\u7684\u5220\u9664\u680f\u76ee\u6743\u9650 by\uff1a\u9192\u6728 $this-&gt;update_priv($arr_v, $_POST[‘priv_groupid’], 0); } \u767b\u5f55\u540e\u590d\u5236 \u63d0\u793a\uff1a \u8bb0\u7740\u5728\u6dfb\u52a0\u8d27\u4fee\u6539\u680f\u76ee\u65f6\u5019\u52fe\u9009\u76f8\u5e94\u7684\u5220\u9664\u8d27\u4fee\u6539\u6743\u9650\u3002 \u4ee5\u4e0a\u5c31\u662f\u4e0d\u80fd\u5220\u9664\u680f\u76ee\u600e\u4e48\u529e\u7684\u8be6\u7ec6\u5185\u5bb9\uff0c\u66f4\u591a\u8bf7\u5173\u6ce8\u7c73\u4e91\u5176\u5b83\u76f8\u5173\u6587\u7ae0\uff01<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[],"class_list":["post-28781","post","type-post","status-publish","format-standard","hentry","category-cms"],"_links":{"self":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/28781","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/comments?post=28781"}],"version-history":[{"count":0,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/28781\/revisions"}],"wp:attachment":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/media?parent=28781"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/categories?post=28781"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/tags?post=28781"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}