修复.. 漏洞

2 years ago · 76da053491
3 changed files with 41 additions and 7 deletions
--- a/fssc/fssc
+++ b/fssc/fssc
--- a/fssc/internal/handler/webconsole.go
+++ b/fssc/internal/handler/webconsole.go
@ -17,6 +17,9 @@ func WebConsole(w http.ResponseWriter, r *http.Request) {
 	isfile := r.URL.Query().Get("file")
 	// 路径
 	urlpath := r.URL.Query().Get("p")
+	if urlpath == "Li4=" {
+		urlpath = ""
+	}
 	//文件名
 	fname := r.URL.Query().Get("f")
 	//转码
--- a/fssc/web/wbconsole.tmpl
+++ b/fssc/web/wbconsole.tmpl
@ -87,17 +87,19 @@
 					<p>
 						<a href="./console" class="btn btn-primary btn-sm">home</a>
 						<a href="?p={{b64en $.Relpath}}&f=&file=1" class="btn btn-success btn-sm">返回上层</a>
+						<a href="javascript:void(0);" class="btn btn-success btn-sm" id="slall">全选</a>
+						<a href="">同步</a>
 					</p>
 				</div>
-
+				<form action="/sendZip" method="post" class="form-inline">
 				<!-- List group -->
 				<ul class="list-group">
 				{{ range .Files }}
 					<li class="list-group-item optzone">
 						<div class="col-md-8">
-
+						   <input class="mfile" type="checkbox" name="zipfiles" value="{{.Name}}">
 							{{ if .IsDir }}
-			
+							
 							<span class="icon folder-icon"></span>
 							<a href="?p={{b64en $.UrlPath}}&f={{b64en .Name }}&file=0">{{ .Name }}</a>
 							{{ else }}
@ -115,6 +117,7 @@
 					</li>
 				{{ end }}
 				</ul>
+				</form>
 			</div>
 		</div>

@ -141,13 +144,18 @@
 			<div class="panel">
 				<div class="panel-heading">运行状态</div>
 				<div class="panel-body" >
-					<ul class="list-group flist" id="rstatus"></ul>
+					<ul class="list-group flist" id="rstatus">
+						<li class="list-group-item">控制台ip：{{.Loip}}，监视目录：{{.Rundir}}</li>
+					</ul>
 				</div>
 			</div>
 		</div>
 	</div>

 	<script type="text/javascript">
+	    var chkall = true;
+    	var chknum=0;
+
 		$(function(){
 			// click function 
 			$("#entsip").on("click",function(){
@ -171,11 +179,18 @@
 					$.each(res.data.list,function(k,v){
 						html+="<li class=\"list-group-item optzone\"><div class=\"col-md-8\">";
 						if(v.dirflag){
-							html +="<span class=\"icon folder-icon\"></span>"+v.fname;
+							html +="<span class=\"icon folder-icon\"></span>"+v.fname+"</div>";
 						}else{
-							html +="<span class=\"icon file-icon\"></span>"+v.fname;
+							html +="<span class=\"icon file-icon\"></span>"+v.fname+"</div>";
+						}
+						/*
+						if(!v.dirflag){
+							html+="<div class=\"col-md-4\"><a href=\"#\" class=\"btn btn-primary btn-sm\">同步</a></div>";
+						}else {
+							html+="<div class=\"col-md-4\"></div>";
 						}
-						html+="</div><div class=\"col-md-4\"><a href=\"#\" class=\"btn btn-primary btn-sm\">同步</a></div></li>";
+						*/
+						html+="</li>";
 					})
 					// append to html
 					$("#tgsc").html(html)
@ -190,6 +205,22 @@
 				$("#rstatus").append(hprex)
 			}

+			//全选按钮设置点击事件
+			$("#slall").click(function () {
+				//1、循环设置其它多选框选中状态，跟标识用的变量一样
+				$(".mfile").prop("checked", chkall);
+				// down button toggle
+				if(chkall ||chknum>2){
+					$("#tropt").show()
+					chknum +=1
+				}else{
+					$("#tropt").hide()
+					chknum -=1
+				}
+				//2、标识的变量取反
+				chkall = !chkall;
+			})
+
 		});
 	</script>
 </body>