baogq
/
ATJ_MES_WEB_HS
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

修复个人信息修改漏洞

Browse Source
master
RuoYi 6 years ago committed by Limy
parent 29b590d369
commit a1396faaea
4 changed files with 48 additions and 37 deletions
Show Stats Download Patch File Download Diff File

68
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java
Unescape Escape View File

@ -1,13 +1,11 @@
package com.ruoyi.web.controller.system;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
@ -17,6 +15,7 @@ import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.base.AjaxResult;
import com.ruoyi.common.config.Global;
import com.ruoyi.common.enums.BusinessType;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.framework.shiro.service.SysPasswordService;
import com.ruoyi.framework.util.FileUploadUtils;
import com.ruoyi.framework.util.ShiroUtils;
@ -66,54 +65,63 @@ public class SysProfileController extends BaseController
public boolean checkPassword(String password)
{
SysUser user = getSysUser();
String encrypt = new Md5Hash(user.getLoginName() + password + user.getSalt()).toHex().toString();
if (user.getPassword().equals(encrypt))
if (passwordService.matches(user, password))
{
return true;
}
return false;
}
@GetMapping("/resetPwd/{userId}")
public String resetPwd(@PathVariable("userId") Long userId, ModelMap mmap)
@GetMapping("/resetPwd")
public String resetPwd(ModelMap mmap)
{
mmap.put("user", userService.selectUserById(userId));
SysUser user = getSysUser();
mmap.put("user", userService.selectUserById(user.getUserId()));
return prefix + "/resetPwd";
}
@Log(title = "重置密码", businessType = BusinessType.UPDATE)
@PostMapping("/resetPwd")
@ResponseBody
public AjaxResult resetPwd(SysUser user)
public AjaxResult resetPwd(String oldPassword, String newPassword)
{
user.setSalt(ShiroUtils.randomSalt());
user.setPassword(passwordService.encryptPassword(user.getLoginName(), user.getPassword(), user.getSalt()));
int rows = userService.resetUserPwd(user);
if (rows > 0)
SysUser user = getSysUser();
if (StringUtils.isNotEmpty(newPassword) && passwordService.matches(user, oldPassword))
{
setSysUser(userService.selectUserById(user.getUserId()));
return success();
user.setSalt(ShiroUtils.randomSalt());
user.setPassword(passwordService.encryptPassword(user.getLoginName(), newPassword, user.getSalt()));
if (userService.resetUserPwd(user) > 0)
{
setSysUser(userService.selectUserById(user.getUserId()));
return success();
}
return error();
}
else
{
return error("修改密码失败,旧密码错误");
}
return error();
}
/**
*
*/
@GetMapping("/edit/{userId}")
public String edit(@PathVariable("userId") Long userId, ModelMap mmap)
@GetMapping("/edit")
public String edit(ModelMap mmap)
{
mmap.put("user", userService.selectUserById(userId));
SysUser user = getSysUser();
mmap.put("user", userService.selectUserById(user.getUserId()));
return prefix + "/edit";
}
/**
*
*/
@GetMapping("/avatar/{userId}")
public String avatar(@PathVariable("userId") Long userId, ModelMap mmap)
@GetMapping("/avatar")
public String avatar(ModelMap mmap)
{
mmap.put("user", userService.selectUserById(userId));
SysUser user = getSysUser();
mmap.put("user", userService.selectUserById(user.getUserId()));
return prefix + "/avatar";
}
@ -125,9 +133,14 @@ public class SysProfileController extends BaseController
@ResponseBody
public AjaxResult update(SysUser user)
{
if (userService.updateUserInfo(user) > 0)
SysUser currentUser = getSysUser();
currentUser.setUserName(user.getUserName());
currentUser.setEmail(user.getEmail());
currentUser.setPhonenumber(user.getPhonenumber());
currentUser.setSex(user.getSex());
if (userService.updateUserInfo(currentUser) > 0)
{
setSysUser(userService.selectUserById(user.getUserId()));
setSysUser(userService.selectUserById(currentUser.getUserId()));
return success();
}
return error();
@ -139,17 +152,18 @@ public class SysProfileController extends BaseController
@Log(title = "个人信息", businessType = BusinessType.UPDATE)
@PostMapping("/updateAvatar")
@ResponseBody
public AjaxResult updateAvatar(SysUser user, @RequestParam("avatarfile") MultipartFile file)
public AjaxResult updateAvatar(@RequestParam("avatarfile") MultipartFile file)
{
SysUser currentUser = getSysUser();
try
{
if (!file.isEmpty())
{
String avatar = FileUploadUtils.upload(Global.getAvatarPath(), file);
user.setAvatar(avatar);
if (userService.updateUserInfo(user) > 0)
currentUser.setAvatar(avatar);
if (userService.updateUserInfo(currentUser) > 0)
{
setSysUser(userService.selectUserById(user.getUserId()));
setSysUser(userService.selectUserById(currentUser.getUserId()));
return success();
}
}

2
ruoyi-admin/src/main/resources/templates/system/user/profile/avatar.html
Unescape Escape View File

@ -4,7 +4,6 @@
<title>用户头像修改</title>
<link th:href="@{/ajax/libs/cropbox/cropbox.css}" rel="stylesheet"/>
<body class="white-bg">
<input name="userId" id="userId" type="hidden" th:value="${user.userId}" />
<div class="container">
<div class="imageBox">
<div class="thumbBox"></div>
@ -68,7 +67,6 @@ function submitHandler() {
var img = cropper.getBlob();
var formdata = new FormData();
formdata.append("avatarfile", img);
formdata.append("userId", $("#userId").val());
$.ajax({
url: ctx + "system/user/profile/updateAvatar",
data: formdata,

7
ruoyi-admin/src/main/resources/templates/system/user/profile/profile.html
Unescape Escape View File

@ -58,20 +58,19 @@
<div th:include="include::footer"></div>
<script>
var userId = [[${user.userId}]];
/*用户信息-修改*/
function edit() {
var url = ctx + "system/user/profile/edit/" + userId;
var url = ctx + 'system/user/profile/edit';
$.modal.open("修改用户", url);
}
/*用户管理-重置密码*/
function resetPwd() {
var url = ctx + 'system/user/profile/resetPwd/' + userId;
var url = ctx + 'system/user/profile/resetPwd';
$.modal.open("重置密码", url, '800', '500');
}
/*用户管理-头像*/
function avatar() {
var url = ctx + 'system/user/profile/avatar/' + userId;
var url = ctx + 'system/user/profile/avatar';
$.modal.open("修改头像", url);
}
</script>

8
ruoyi-admin/src/main/resources/templates/system/user/profile/resetPwd.html
Unescape Escape View File

@ -21,7 +21,7 @@
<div class="form-group">
<label class="col-sm-3 control-label">新密码:</label>
<div class="col-sm-8">
<input class="form-control" type="password" name="password" id="password">
<input class="form-control" type="password" name="newPassword" id="newPassword">
</div>
</div>
<div class="form-group">
@ -51,14 +51,14 @@
}
}
},
password: {
newPassword: {
required: true,
minlength: 5,
maxlength: 20
},
confirm: {
required: true,
equalTo: "#password"
equalTo: "#newPassword"
}
},
messages: {
@ -66,7 +66,7 @@
required: "请输入原密码",
remote: "原密码错误"
},
password: {
newPassword: {
required: "请输入新密码",
minlength: "密码不能小于6个字符",
maxlength: "密码不能大于20个字符"

Write Preview
Loading…
Cancel
Save