Skip to content

Commit fe930a4

Browse files
modstartmodstart
committed
feat: release
1 parent 908cb43 commit fe930a4

File tree

111 files changed

+1360
-796
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

111 files changed

+1360
-796
lines changed

SECURITY.md

Lines changed: 57 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,57 @@
1+
# Security Policy
2+
3+
## Supported Versions
4+
5+
We strongly recommend always using the latest version to benefit from the latest security updates.
6+
7+
## Reporting a Vulnerability
8+
9+
We take the security of our software very seriously. If you discover a security vulnerability, please follow these guidelines:
10+
11+
### How to Report
12+
13+
Please **DO NOT** create a public issue for security vulnerabilities.
14+
15+
Instead, report security vulnerabilities by emailing:
16+
17+
📧 **Email**: `modstart@163.com`
18+
19+
### What to Include
20+
21+
When reporting a security vulnerability, please include:
22+
23+
1. **Description**: A clear description of the vulnerability
24+
2. **Steps to Reproduce**: Detailed steps to reproduce the issue
25+
3. **Impact Assessment**: Your assessment of the potential impact
26+
4. **Affected Versions**: Which versions are affected
27+
5. **Proof of Concept**: If applicable, include a PoC or example exploit
28+
6. **Suggested Fix**: If you have ideas on how to fix it (optional)
29+
30+
### Response Process
31+
32+
- **Initial Response**: We aim to respond within 48 hours
33+
- **Status Updates**: We will keep you informed about the progress
34+
- **Disclosure Coordination**: We will coordinate with you on the disclosure timeline
35+
- **Credit**: We will credit you in the release notes (unless you prefer to remain anonymous)
36+
37+
### Responsible Disclosure
38+
39+
We ask that you:
40+
41+
- Give us reasonable time to fix the vulnerability before public disclosure
42+
- Avoid exploiting the vulnerability beyond what is necessary to demonstrate it
43+
- Do not access, modify, or delete data belonging to others
44+
- Do not perform actions that could harm the availability of our services
45+
46+
## Security Updates
47+
48+
Security updates will be announced through:
49+
50+
- GitHub Releases
51+
- Project Documentation
52+
- Email notification to users who have reported issues
53+
54+
## Acknowledgments
55+
56+
We appreciate the security research community and welcome responsible disclosure of security vulnerabilities.
57+

app/Constant/AppConstant.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,6 @@ class AppConstant
66
{
77
const APP = 'cms';
88
const APP_NAME = 'ModStartCMS';
9-
const VERSION = '9.8.0';
9+
const VERSION = '9.9.0';
1010
}
1111

module/AdminManager/View/widget/serverInfo.blade.php

Lines changed: 29 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -8,35 +8,35 @@
88
<div class="body">
99
<div class="row">
1010
<div class="col-md-12">
11-
<div class="tw-flex ub-border-bottom tw-p-2">
12-
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">安全公告</div>
11+
<div class="tw-flex tw-p-2">
12+
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">📢 安全公告</div>
1313
<div class="tw-flex-grow" data-system-notice></div>
1414
</div>
1515
</div>
1616
<div class="col-lg-4 col-md-6">
17-
<div class="tw-flex ub-border-bottom tw-p-2">
18-
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">MSCore</div>
19-
<div class="tw-flex-grow">V{{\ModStart\ModStart::$version}} ( With <b>{{strtoupper(ModStart\ModStart::env())}}</b> )</div>
17+
<div class="tw-flex tw-p-2">
18+
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">🚀 系统内核</div>
19+
<div class="tw-flex-grow">ModStart V{{\ModStart\ModStart::$version}} ( <b>{{strtoupper(ModStart\ModStart::env())}}</b> )</div>
2020
</div>
2121
</div>
2222
<div class="col-lg-4 col-md-6">
23-
<div class="tw-flex ub-border-bottom tw-p-2">
24-
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">操作系统</div>
23+
<div class="tw-flex tw-p-2">
24+
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">🖥️ 操作系统</div>
2525
<div class="tw-flex-grow">{{PHP_OS}}</div>
2626
</div>
2727
</div>
2828
<div class="col-lg-4 col-md-6">
29-
<div class="tw-flex ub-border-bottom tw-p-2">
30-
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">PHP版本</div>
29+
<div class="tw-flex tw-p-2">
30+
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">🐘 PHP版本</div>
3131
<div class="tw-flex-grow">
3232
V{{PHP_VERSION}}
3333
{{PHP_INT_SIZE == 8 ? '64' : '32'}}
3434
</div>
3535
</div>
3636
</div>
3737
<div class="col-lg-4 col-md-6">
38-
<div class="tw-flex ub-border-bottom tw-p-2">
39-
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">HTTP服务</div>
38+
<div class="tw-flex tw-p-2">
39+
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">🌐 运行环境</div>
4040
<div class="tw-flex-grow">
4141
@if(PHP_SAPI=='fpm-fcgi')
4242
Nginx(FPM)
@@ -51,41 +51,35 @@
5151
</div>
5252
</div>
5353
<div class="col-lg-4 col-md-6">
54-
<div class="tw-flex ub-border-bottom tw-p-2">
55-
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">文件上传限制</div>
56-
<div class="tw-flex-grow">{{@ini_get('upload_max_filesize')}}</div>
57-
</div>
58-
</div>
59-
<div class="col-lg-4 col-md-6">
60-
<div class="tw-flex ub-border-bottom tw-p-2">
61-
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">表单提交限制</div>
62-
<div class="tw-flex-grow">{{@ini_get('post_max_size')}}</div>
63-
</div>
64-
</div>
65-
<div class="col-lg-4 col-md-6">
66-
<div class="tw-flex ub-border-bottom tw-p-2">
67-
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">最大提交数量</div>
68-
<div class="tw-flex-grow">{{@ini_get('max_file_uploads')}}</div>
69-
</div>
70-
</div>
71-
<div class="col-lg-4 col-md-6">
72-
<div class="tw-flex ub-border-bottom tw-p-2">
73-
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">分配内存限制</div>
54+
<div class="tw-flex tw-p-2">
55+
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">🧠 内存限制</div>
7456
<div class="tw-flex-grow">{{@ini_get('memory_limit')}}</div>
7557
</div>
7658
</div>
7759
<div class="col-lg-4 col-md-6">
78-
<div class="tw-flex ub-border-bottom tw-p-2">
79-
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">时区</div>
60+
<div class="tw-flex tw-p-2">
61+
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">🌍 服务器时区</div>
8062
<div class="tw-flex-grow">{{date_default_timezone_get()}}</div>
8163
</div>
8264
</div>
8365
<div class="col-lg-4 col-md-6">
84-
<div class="tw-flex ub-border-bottom tw-p-2">
85-
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">服务器时间</div>
66+
<div class="tw-flex tw-p-2">
67+
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">🕒 服务器时间</div>
8668
<div class="tw-flex-grow" data-server-time>-</div>
8769
</div>
8870
</div>
71+
<div class="col-lg-12 col-md-12">
72+
<div class="tw-flex tw-p-2">
73+
<div class="tw-w-24 tw-flex-shrink-0 tw-font-bold">📂 服务器参数</div>
74+
<div class="tw-flex-grow">
75+
<div>
76+
<code>upload_max_filesize({{@ini_get('upload_max_filesize')}})</code>
77+
<code>post_max_size({{@ini_get('post_max_size')}})</code>
78+
<code>max_file_uploads({{@ini_get('max_file_uploads')}})</code>
79+
</div>
80+
</div>
81+
</div>
82+
</div>
8983
</div>
9084
<script type="text/javascript">
9185
// 请勿删除,用于获取最新的安全通告(比如框架、模块有重大缺陷的应急通知等)

module/CaptchaTecmz/Docs/release.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,9 @@
1+
## 1.4.2 验证码SDK文件下载路径优化
2+
3+
- 优化:智能验证码SDK文件下载路径优化
4+
5+
---
6+
17
## 1.4.1 验证码功能优化
28

39
- 优化:验证码功能优化

module/CaptchaTecmz/View/captcha.blade.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
<input type="hidden" name="captchaKey"/>
33
<div class="pb-captcha-box"></div>
44
</div>
5-
<script src="https://api.tecmz.com/lib/captcha/base-1.0.0.js?20200410"></script>
5+
<script src="https://api-cdn.tecmz.com/lib/captcha/base-1.0.0.js?20200410"></script>
66
<script>
77
$(function () {
88
window.tsCaptcha = window.TSCaptcha.init({

module/CaptchaTecmz/config.json

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -9,17 +9,15 @@
99
"laravel9"
1010
],
1111
"types": [
12-
"PC",
13-
"Mobile",
14-
"Admin"
12+
"Arch"
1513
],
1614
"tags": [
1715
"安全"
1816
],
19-
"version": "1.4.1",
17+
"version": "1.4.2",
2018
"author": "ModStart",
2119
"description": "提供智能验证码验证服务",
2220
"providers": [],
2321
"config": {},
24-
"modstartVersion": ">=4.1.0"
25-
}
22+
"modstartVersion": ">=4.1.3"
23+
}

module/Member/Admin/Controller/ConfigController.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -150,6 +150,10 @@ public function setting(AdminConfigBuilder $builder)
150150
});
151151
});
152152
}
153+
$builder->layoutPanel('功能设置', function ($builder) {
154+
/** @var HasFields $builder */
155+
$builder->switch('Member_GroupShowEnable', '显示用户分组')->help('启用后用户中心显示用户分组信息');
156+
});
153157
$builder->formClass('wide');
154158
$builder->contentFixedBottomContentSave();
155159
$builder->disableBoxWrap(true);

module/Member/Admin/Controller/MemberGroupController.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ protected function crud(AdminCRUDBuilder $builder)
2626
$builder->text('title', '名称');
2727
$builder->text('description', '描述');
2828
$builder->switch('isDefault', '默认')->optionsYesNo()->help('');
29-
$builder->switch('showFront', '前台显示')->optionsYesNo()->help('');
29+
//$builder->switch('showFront', '前台显示')->optionsYesNo()->help('');
3030
$builder->display('created_at', L('Created At'))->listable(false);
3131
$builder->display('updated_at', L('Updated At'))->listable(false);
3232
})

module/Member/Admin/Controller/MemberVipSetController.php

Lines changed: 17 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,8 @@
1111
use ModStart\Core\Dao\ModelUtil;
1212
use ModStart\Core\Input\Response;
1313
use ModStart\Core\Util\RandomUtil;
14+
use ModStart\Field\AbstractField;
15+
use ModStart\Field\AutoRenderedFieldValue;
1416
use ModStart\Form\Form;
1517
use ModStart\Grid\GridFilter;
1618
use ModStart\Module\ModuleManager;
@@ -25,9 +27,10 @@ class MemberVipSetController extends Controller
2527

2628
protected function crud(AdminCRUDBuilder $builder)
2729
{
30+
$mode = $builder->mode();
2831
$builder
2932
->init(MemberVipSet::class)
30-
->field(function ($builder) {
33+
->field(function ($builder) use ($mode) {
3134
/** @var HasFields $builder */
3235
$builder->layoutPanel('基础信息', function ($builder) {
3336
/** @var HasFields $builder */
@@ -53,9 +56,19 @@ protected function crud(AdminCRUDBuilder $builder)
5356
}
5457
});
5558
foreach (MemberVipBiz::all() as $biz) {
56-
$builder->layoutPanel($biz->title(), function ($builder) use ($biz) {
57-
$biz->vipField($builder);
58-
});
59+
if (in_array($mode, [AdminCRUDBuilder::MODE_DETAIL, AdminCRUDBuilder::MODE_GRID])) {
60+
$builder->display('_' . $biz->name(), $biz->title())
61+
->hookRendering(function (AbstractField $field, $item, $index) use ($biz) {
62+
$item = $item->toArray();
63+
$html = $biz->vipFieldShow($item);
64+
return AutoRenderedFieldValue::make($html);
65+
});
66+
} else {
67+
$builder->layoutPanel($biz->title(), function ($builder) use ($biz) {
68+
/** @var HasFields $builder */
69+
$biz->vipField($builder);
70+
});
71+
}
5972
}
6073
$builder->display('created_at', L('Created At'))->listable(false);
6174
$builder->display('updated_at', L('Updated At'))->listable(false);

module/Member/Api/Controller/MemberVipController.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -119,7 +119,7 @@ public function buy()
119119
MemberVipPayCenterBiz::NAME,
120120
$memberVipOrder['id'],
121121
$memberVipOrder['payFee'],
122-
'购买会员'
122+
'开通VIP'
123123
);
124124
}
125125

0 commit comments

Comments
 (0)