Skip to content

Commit

Permalink
feat: 修复漏洞并新增报修处理
Browse files Browse the repository at this point in the history
  • Loading branch information
@SilianZ
SilianZ committed Oct 17, 2024
1 parent 9c0ccc5 commit e4ac7d1
Show file tree
Hide file tree
Showing 8 changed files with 207 additions and 125 deletions.
42 changes: 20 additions & 22 deletions src/App.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ const signIn = () => {
window.location.href = "/admin/login";
};
onMounted(() => {
onMounted(async () => {
const color =
localStorage.getItem("color") ||
(window.matchMedia("(prefers-color-scheme: dark)").matches
Expand All @@ -66,27 +66,25 @@ onMounted(() => {
}
const token = sessionStorage.getItem("token");
if (!token) return;
verifyAdmin(token).then((res: { success: boolean; message: string }) => {
if (res.success) {
isAdmin.value = true;
items.value.push({
label: "Admin",
icon: "pi pi-user",
items: [
{
label: "Reservation Management",
icon: "pi pi-list-check",
url: "/admin/reservations",
},
{
label: "Policy Settings",
icon: "pi pi-building-columns",
url: "/admin/policy",
},
],
});
}
});
if (await verifyAdmin(token)) {
isAdmin.value = true;
items.value.push({
label: "Admin",
icon: "pi pi-user",
items: [
{
label: "Reservation Management",
icon: "pi pi-list-check",
url: "/admin/reservations",
},
{
label: "Policy Settings",
icon: "pi pi-building-columns",
url: "/admin/policy",
},
],
});
}
});
</script>

Expand Down
67 changes: 45 additions & 22 deletions src/api/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,19 +136,20 @@ export async function postLogin(user: string, password: string, token: string) {
}
}

export async function verifyAdmin(token: string) {
export async function verifyAdmin(token: string): Promise<boolean> {
const data = new FormData();
data.set("token", token);
try {
const res = await axios.post<{ success: boolean }>(
"/api/verify_admin.php",
data,
);
return res.data;
return res.data.success;
} catch (err) {
if (axios.isAxiosError(err) && err.response) {
return err.response.data;
return err.response.data.success;
}
return false;
}
}

Expand Down Expand Up @@ -183,7 +184,7 @@ export async function postAdminReservation(token: string) {
return res.data;
}

export async function postAccept(token: string, id: number) {
export async function postReservationAccept(token: string, id: number) {
const data = new FormData();
data.set("token", token);
data.set("Id", id.toString());
Expand All @@ -200,7 +201,7 @@ export async function postAccept(token: string, id: number) {
}
}

export async function postReject(token: string, id: number, reason: string) {
export async function postReservationReject(token: string, id: number, reason: string) {
const data = new FormData();
data.set("token", token);
data.set("Id", id.toString());
Expand Down Expand Up @@ -229,7 +230,7 @@ export async function postPolicy(token: string) {
return res.data;
}

export async function postResume(token: string, id: number) {
export async function postPolicyResume(token: string, id: number) {
const data = new FormData();
data.set("token", token);
data.set("id", id.toString());
Expand All @@ -240,7 +241,7 @@ export async function postResume(token: string, id: number) {
return res.data;
}

export async function postPause(token: string, id: number) {
export async function postPolicyPause(token: string, id: number) {
const data = new FormData();
data.set("token", token);
data.set("id", id.toString());
Expand All @@ -251,7 +252,7 @@ export async function postPause(token: string, id: number) {
return res.data;
}

export async function postDelete(token: string, id: number) {
export async function postPolicyDelete(token: string, id: number) {
const data = new FormData();
data.set("token", token);
data.set("id", id.toString());
Expand All @@ -262,7 +263,7 @@ export async function postDelete(token: string, id: number) {
return res.data;
}

export async function postAdd(
export async function postPolicyAdd(
token: string,
room: number,
days: number[],
Expand Down Expand Up @@ -337,10 +338,10 @@ export async function uploadCOS(
}

export async function getCOS(filePath: string) {
const data = new FormData()
data.set("file_key", filePath)
const res = await axios.post<string>("/api/cos_preview_url_gen.php", data)
return res.data
const data = new FormData();
data.set("file_key", filePath);
const res = await axios.post<string>("/api/cos_preview_url_gen.php", data);
return res.data;
}

export async function postMaintenance(
Expand Down Expand Up @@ -371,17 +372,39 @@ export async function postMaintenance(
}
}
}
function delay(ms: number) {
return new Promise((resolve) => setTimeout(resolve, ms));
}

export async function getMaintenance(token?: string) {
const res = token
? await axios.post<{ success: boolean; data: MaintenanceInfo[] }>("/api/get_repair.php", new URLSearchParams({ token }))
: await axios.get<{ success: boolean; data: MaintenanceInfo[] }>("/api/inquiry_repair.php");
const { data } = res
export async function getMaintenance(token: string) {
console.log(token);
const res =
token == ""
? await axios.get<{ success: boolean; data: MaintenanceInfo[] }>(
"/api/inquiry_repair.php",
)
: await axios.post<{ success: boolean; data: MaintenanceInfo[] }>(
"/api/get_repair.php",
new URLSearchParams({ token }),
);
const { data } = res;
data.data = await Promise.all(
data.data.map(async (item) => ({
...item,
filePath: await getCOS(item.filePath),
}))
data.data.map(async (item, index) => {
await delay(index * 100);
return {
...item,
filePath: await getCOS(item.filePath),
};
}),
);
return data;
}

export async function postMaintenanceAction(token: string, id: number, action: number) {
const data = new FormData()
data.set("token", token)
data.set("id", id.toString())
data.set("action", action.toString())
const res = await axios.post<{ success: boolean, message: string}>("/api/process_repair.php", data)
return res.data
}
12 changes: 6 additions & 6 deletions src/views/Homeview.vue
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
<script setup lang="ts">
// import Dialog from "primevue/dialog";
// import { ref } from "vue";
// const visible = ref(true);
import Dialog from "primevue/dialog";
import { ref } from "vue";
const visible = ref(true);
import router from "../router/router";
import Button from "primevue/button";
</script>

<template>
<!-- <Dialog
<Dialog
v-model:visible="visible"
header="Announcement"
class="w-[25rem]"
Expand All @@ -24,7 +24,7 @@ import Button from "primevue/button";
if you want to sumbit a room application!
</p>
</div>
</Dialog> -->
</Dialog>
<div class="flex flex-col items-center justify-center" id="home-container">
<h1 class="text-center">HFI Utility Center</h1>
<h3 class="text-center">by MAKERs'</h3>
Expand Down Expand Up @@ -79,7 +79,7 @@ b {
font-weight: bold;
}
@media screen and (max-width: 720px) {
@media screen and (max-width: 820px) {
h1 {
font-size: 2.3rem;
}
Expand Down
20 changes: 10 additions & 10 deletions src/views/LoginView.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,16 +29,16 @@ const onClickEvent = () => {
loading.value = false;
return;
}
if (cf_token.value == "") {
toast.add({
severity: "error",
summary: "Error",
detail: "Please verify that you are not a robot.",
life: 3000,
});
loading.value = false;
return;
}
// if (cf_token.value == "") {
// toast.add({
// severity: "error",
// summary: "Error",
// detail: "Please verify that you are not a robot.",
// life: 3000,
// });
// loading.value = false;
// return;
// }
postLogin(user.value, password.value, cf_token.value).then(
(res: { success: boolean; message: string; token?: string }) => {
if (res.success) {
Expand Down
Loading

0 comments on commit e4ac7d1

Please sign in to comment.