update

2025-10-14 22:47:11 +00:00 · 2024-09-27 13:50:20 +08:00 · 2024-09-27 13:50:04 +08:00 · 2024-09-19 21:35:42 +08:00 · 2024-09-08 14:09:06 +08:00 · 2024-09-01 09:32:35 +08:00
39 changed files with 1533 additions and 1007 deletions
--- a/app/command/Clean.php
+++ b/app/command/Clean.php
@@ -68,37 +68,10 @@ class Clean extends Command
            if($file == '.' || $file == '..') continue;
            if(!in_array($file, $file_list)){
                $filepath = $data_dir . 'folder/' . $file;
-                $this->delete_dir($filepath);
+                deleteDir($filepath);
                $count++;
            }
        }
        $output->writeln($os.'成功清理'.$count.'个历史版本插件目录');
    }
-
-    // 删除文件夹
-    private function delete_dir($dir){
-        $rd = opendir($dir);
-        if (!$rd) {
-            return false;
-        }
-
-        while (($file = readdir($rd)) !== false) {
-            if ($file == '.' || $file == '..') {
-                continue;
-            }
-
-            $file = $dir . '/' . $file;
-
-            if (is_dir($file)) {
-                $this->delete_dir($file);
-            }
-            else {
-                unlink($file);
-            }
-        }
-
-        closedir($rd);
-        rmdir($dir);
-        return true;
-    }
 }
--- a/app/command/CleanViteJs.php
+++ b/app/command/CleanViteJs.php
@@ -73,6 +73,7 @@ class CleanViteJs extends Command
            }
        }
        if(substr($content,$start-1,1) == ',') $start--;
+        else if(substr($content,$end+1,1) == ',') $end++;
        return substr($content, $start, $end - $start + 1);
    }
    
@@ -91,6 +92,14 @@ class CleanViteJs extends Command
        }
    }

+    private function str_replace_once($needle, $replace, $haystack) {
+        $pos = strpos($haystack, $needle);
+        if ($pos === false) {
+            return $haystack;
+        }
+        return substr_replace($haystack, $replace, $pos, strlen($needle));
+    }
+    
    private function handlefile($filepath){
        $file = file_get_contents($filepath);
        if(!$file)return;
@@ -129,13 +138,10 @@ class CleanViteJs extends Command
        }

        if(strpos($file, '"calc"') !== false && strpos($file, '"checkConfirm"') !== false){ //main2
-            $file = preg_replace('!,isCalc:\w+,isInput:\w+,isCheck:\w+,!', ',isCalc:!1,isInput:!1,isCheck:!1,', $file);
-            $file = preg_replace('!\w+\(\(\(\)=>"calc"===\w+\.type\|\|"checkConfirm"===\w+\.type\)\)!', '!1', $file);
+            $file = preg_replace('!,isCalc:\w+,isInput:\w+,!', ',isCalc:!1,isInput:!1,', $file);
+            $file = preg_replace('!"calc"===\w+\.type!', '!1', $file);
            $file = preg_replace('!\w+\(\(\(\)=>"input"===\w+\.type\)\)!', '!1', $file);
-            $file = preg_replace('!\w+\(\(\(\)=>"check"===\w+\.type\|\|"checkConfirm"===\w+\.type\)\)!', '!1', $file);
-            $file = preg_replace('!\w+\(\(function\(\)\{return"calc"===\w+\.type\|\|"checkConfirm"===\w+\.type\}\)\)!', '!1', $file);
            $file = preg_replace('!\w+\(\(function\(\)\{return"input"===\w+\.type\}\)\)!', '!1', $file);
-            $file = preg_replace('!\w+\(\(function\(\)\{return"check"===\w+\.type\|\|"checkConfirm"===\w+\.type\}\)\)!', '!1', $file);
            $flag = true;
        }
    
@@ -152,13 +158,13 @@ class CleanViteJs extends Command
            $flag = true;
        }
    
-        /*if(strpos($file, '"bt-waf-gray"')!==false){ //site.popup
-            $code = $this->getExtendCode($file, '"bt-waf-gray"', 2);
+        if(strpos($file, 'svgtofont-left-waf')!==false){ //site.table
+            $code = $this->getExtendCode($file, 'svgtofont-left-waf');
            $code = $this->getExtendCode($file, $code, 1, '[', ']');
            $code = $this->getExtendFunction($file, $code);
            $file = str_replace($code, '""', $file);
            $flag = true;
-        }*/
+        }
    
        if(strpos($file, '"商用SSL证书"')!==false){ //site-ssl
            $code = $this->getExtendFunction($file, '"商用SSL证书"', '{', '}');
@@ -167,6 +173,7 @@ class CleanViteJs extends Command
            $file = str_replace($code, '', $file);
            $file = str_replace('"currentCertInfo":"busSslList"', '"currentCertInfo":"currentCertInfo"', $file);
            $file = preg_replace('!\{(\w+)\.value="busSslList",\w+\(\)\}!', '{$1.value="letsEncryptList"}', $file);
+            $file = preg_replace('!defaultActive:(\w+)\("sslCertificate"\)!', 'defaultActive:$1("EncryptCertificate")', $file);
            $flag = true;
        }
    
@@ -205,9 +212,9 @@ class CleanViteJs extends Command
                $code = $this->getExtendFunction($file, $code);
                $start = strpos($file, $code);
                if(substr($file,$start-1,1) == ':'){
-                    $file = str_replace($code, '{}', $file);
+                    $file = $this->str_replace_once($code, '{}', $file);
                }else{
-                    $file = str_replace($code, '', $file);
+                    $file = $this->str_replace_once($code, '', $file);
                }
                $flag = true;
            }
--- a/app/common.php
+++ b/app/common.php
@@ -180,6 +180,11 @@ function checkIfActive($string) {
 		return null;
 }

+function checkDomain($domain){
+	if(empty($domain) || !preg_match('/^[-$a-z0-9_*.]{2,512}$/i', $domain) || (stripos($domain, '.') === false) || substr($domain, -1) == '.' || substr($domain, 0 ,1) == '.' || substr($domain, 0 ,1) == '*' && substr($domain, 1 ,1) != '.' || substr_count($domain, '*')>1 || strpos($domain, '*')>0 || strlen($domain)<4) return false;
+	return true;
+}
+
 function errorlog($msg){
 	$handle = fopen(app()->getRootPath()."record.txt", 'a');
 	fwrite($handle, date('Y-m-d H:i:s')."\t".$msg."\r\n");
@@ -225,3 +230,94 @@ function pemToBase64($pem){
    }
    return $encoded;
 }
+
+function makeSelfSignSSL(string $commonName, array $domainList, $validity = 3650){
+	// 加载 CA 证书和私钥
+	$dir = app()->getBasePath().'script/';
+	$caCert = file_get_contents($dir.'ca.crt');
+	$caPrivateKey = file_get_contents($dir.'ca.key');
+
+	$opensslConfigFile = sys_get_temp_dir().'/openssl'.time().mt_rand(1000, 9999).'.cnf';
+	$opensslConfigContent = <<<EOF
+[req]
+req_extensions = extension_section
+x509_extensions	= extension_section
+distinguished_name = dn
+
+[dn]
+
+[extension_section]
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+subjectAltName = @alt_names
+
+[alt_names]
+EOF;
+	$ip_index = 1;
+	$dns_index = 1;
+	foreach ($domainList as $value) {
+		if(empty($value)) continue;
+		if(filter_var($value, FILTER_VALIDATE_IP)){
+			$opensslConfigContent .= sprintf("\nIP.%d = %s", $ip_index, $value);
+			$ip_index++;
+		}else{
+			$opensslConfigContent .= sprintf("\nDNS.%d = %s", $dns_index, $value);
+			$dns_index++;
+		}
+	}
+
+	if(!file_put_contents($opensslConfigFile, $opensslConfigContent)) return false;
+
+	// 生成域名证书的私钥和 CSR
+	$domainPrivateKey = openssl_pkey_new([
+		'private_key_bits' => 2048,
+		'private_key_type' => OPENSSL_KEYTYPE_RSA,
+	]);
+	if(!$domainPrivateKey) return false;
+
+	$csrConfig = ['digest_alg' => 'sha256', 'config' => $opensslConfigFile];
+
+	$domainCsr = openssl_csr_new([
+		'commonName' => $commonName
+	], $domainPrivateKey, $csrConfig);
+	if(!$domainCsr) return false;
+
+	// 生成域名证书
+	$domainCertificate = openssl_csr_sign($domainCsr, $caCert, $caPrivateKey, $validity, $csrConfig);
+	if(!$domainCertificate) return false;
+
+	// 导出域名证书
+	openssl_x509_export($domainCertificate, $certificate);
+	openssl_pkey_export($domainPrivateKey, $privateKey);
+	$certificate .= $caCert;
+
+	unlink($opensslConfigFile);
+
+	return ['cert' => $certificate, 'key' => $privateKey];
+}
+
+function deleteDir($dir){
+	$rd = opendir($dir);
+	if (!$rd) {
+		return false;
+	}
+
+	while (($file = readdir($rd)) !== false) {
+		if ($file == '.' || $file == '..') {
+			continue;
+		}
+
+		$file = $dir . '/' . $file;
+
+		if (is_dir($file)) {
+			deleteDir($file);
+		}
+		else {
+			unlink($file);
+		}
+	}
+
+	closedir($rd);
+	rmdir($dir);
+	return true;
+}
--- a/app/controller/Admin.php
+++ b/app/controller/Admin.php
@@ -400,4 +400,37 @@ class Admin extends BaseController
        Cache::clear();
        return json(['code'=>0,'msg'=>'succ']);
    }
+
+    public function ssl(){
+        if(request()->isAjax()){
+            $domain_list = input('post.domain_list', null, 'trim');
+            $common_name = input('post.common_name', null, 'trim');
+            $validity = input('post.validity/d');
+            if(empty($domain_list) || empty($validity)){
+                return json(['code'=>-1, 'msg'=>'参数不能为空']);
+            }
+            $array = explode("\n", $domain_list);
+            $domain_list = [];
+            foreach($array as $domain){
+                $domain = trim($domain);
+                if(empty($domain)) continue;
+                if(!checkDomain($domain)) return json(['code'=>-1, 'msg'=>'域名或IP格式不正确:'.$domain]);
+                $domain_list[] = $domain;
+            }
+            if(empty($domain_list)) return json(['code'=>-1, 'msg'=>'域名列表不能为空']);
+            if(empty($common_name)) $common_name = $domain_list[0];
+            $result = makeSelfSignSSL($common_name, $domain_list, $validity);
+            if(!$result){
+                return json(['code'=>-1, 'msg'=>'生成证书失败']);
+            }
+            return json(['code'=>0, 'msg'=>'生成证书成功', 'cert'=>$result['cert'], 'key'=>$result['key']]);
+        }
+
+        $dir = app()->getBasePath().'script/';
+        $ssl_path = app()->getRootPath().'public/ssl/baota_root.pfx';
+        $ssl_path_mac = app()->getRootPath().'public/ssl/baota_root.crt';
+        $isca = file_exists($dir.'ca.crt') && file_exists($dir.'ca.key') && file_exists($ssl_path) && file_exists($ssl_path_mac);
+        View::assign('isca', $isca);
+        return view();
+    }
 }
--- a/app/controller/Api.php
+++ b/app/controller/Api.php
@@ -48,7 +48,7 @@ class Api extends BaseController
        if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
            return '参数不正确';
        }
-        if(!$this->checklist()) '你的服务器被禁止使用此云端';
+        if(!$this->checklist()) return '你的服务器被禁止使用此云端';
        $filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip';
        if(file_exists($filepath)){
            $filename = $plugin_name.'.zip';
@@ -70,19 +70,21 @@ class Api extends BaseController
        if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
            return '参数不正确';
        }
-        if(!$this->checklist()) '你的服务器被禁止使用此云端';
-        $filepath = get_data_dir($os).'plugins/main/'.$plugin_name.'-'.$version.'.dat';
-        if(file_exists($filepath)){
+        if(!$this->checklist()) return '你的服务器被禁止使用此云端';
+        $filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip';
+        $mainfilepath = get_data_dir($os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
+        if(file_exists($mainfilepath)){
            $filename = $plugin_name.'_main.py';
-            $this->output_file($filepath, $filename);
-        }else{
-            $filepath = get_data_dir($os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
-            if(file_exists($filepath)){
-                $filename = $plugin_name.'_main.py';
-                $this->output_file($filepath, $filename);
+            $this->output_file($mainfilepath, $filename);
+        }elseif(file_exists($filepath)){
+            $zip = new \ZipArchive;
+            if ($zip->open($filepath) === true){
+                echo $zip->getFromName($plugin_name.'/'.$plugin_name.'_main.py');
            }else{
-                return '云端不存在该插件主文件';
+                return '插件包解压缩失败';
            }
+        }else{
+            return '云端不存在该插件主文件';
        }
    }

@@ -137,6 +139,18 @@ class Api extends BaseController
        return $version;
    }

+    public function get_panel_version(){
+        $version = config_get('new_version');
+        $file = app()->getRootPath().'public/install/update/LinuxPanel-'.$version.'.zip';
+        $hash = hash_file('sha256', $file);
+        $data = [
+            'version' => $version,
+            'hash' => $hash,
+            'update_time' => filemtime($file),
+        ];
+        return json($data);
+    }
+
    //安装统计
    public function setup_count(){
        return 'ok';
@@ -464,4 +478,36 @@ class Api extends BaseController
        fclose($handle);
        return json(['status'=>false, 'msg'=>'不支持当前操作']);
    }
+
+    //生成自签名SSL证书
+    public function bt_cert(){
+        $data = input('post.data');
+        $param = json_decode($data, true);
+        if(!$param || !isset($param['action']) || !isset($param['domain'])) return json(['status'=>false, 'msg'=>'参数错误']);
+
+        $dir = app()->getBasePath().'script/';
+        $ssl_path = app()->getRootPath().'public/ssl/baota_root.pfx';
+        $isca = file_exists($dir.'ca.crt') && file_exists($dir.'ca.key') && file_exists($ssl_path);
+        if(!$isca) return json(['status'=>false, 'msg'=>'CA证书不存在']);
+
+        if($param['action'] == 'get_domain_cert'){
+            if(!$this->checklist()) return json(['status'=>false, 'msg'=>'你的服务器被禁止使用此云端']);
+            $domain = $param['domain'];
+            if(empty($domain)) return json(['status'=>false, 'msg'=>'域名不能为空']);
+            $domain_list = explode(',', $domain);
+            foreach($domain_list as $d){
+                if(!checkDomain($d)) return json(['status'=>false, 'msg'=>'域名或IP格式不正确:'.$d]);
+            }
+            $common_name = $domain_list[0];
+            $validity = 3650;
+            $result = makeSelfSignSSL($common_name, $domain_list, $validity);
+            if(!$result){
+                return json(['status'=>false, 'msg'=>'生成证书失败']);
+            }
+            $ca_pfx = base64_encode(file_get_contents($ssl_path));
+            return json(['status'=>true, 'msg'=>'生成证书成功', 'cert'=>$result['cert'], 'key'=>$result['key'], 'pfx'=>$ca_pfx, 'password'=>'']);
+        }else{
+            return json(['status'=>false, 'msg'=>'不支持当前操作']);
+        }
+    }
 }
--- a/app/lib/BtPlugins.php
+++ b/app/lib/BtPlugins.php
@@ -11,7 +11,7 @@ class BtPlugins
    private $os;
    
    //需屏蔽的插件名称列表
-    private static $block_plugins = ['dns'];
+    private static $block_plugins = ['dns','bt_boce','ssl_verify'];

    public function __construct($os){
        $this->os = $os;
@@ -72,9 +72,10 @@ class BtPlugins
                    $zip = new ZipArchive;
                    if ($zip->open($filepath) === true)
                    {
-                        $zip->extractTo(get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version);
+                        $plugins_dir = get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version;
+                        $zip->extractTo($plugins_dir, $plugin_name.'/'.$plugin_name.'_main.py');
                        $zip->close();
-                        $main_filepath = get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
+                        $main_filepath = $plugins_dir.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
                        if(file_exists($main_filepath) && filesize($main_filepath)>10){
                            if(!strpos(file_get_contents($main_filepath), 'import ')){ //加密py文件，需要解密
                                $this->decode_plugin_main($plugin_name, $version, $main_filepath);
@@ -84,6 +85,7 @@ class BtPlugins
                                $zip->close();
                            }
                        }
+                        deleteDir($plugins_dir);
                    }else{
                        unlink($filepath);
                        throw new Exception('插件包解压缩失败');
@@ -197,6 +199,8 @@ class BtPlugins
        $data = str_replace('\'https://www.bt.cn/api/bt_waf/reportInterceptFail', 'public.GetConfigValue(\'home\')+\'/api/bt_waf/reportInterceptFail', $data);
        $data = str_replace('\'https://www.bt.cn/api/v2/contact/nps/questions', 'public.GetConfigValue(\'home\')+\'/panel/notpro', $data);
        $data = str_replace('\'https://www.bt.cn/api/v2/contact/nps/submit', 'public.GetConfigValue(\'home\')+\'/panel/notpro', $data);
+        $data = str_replace('\'http://www.bt.cn/api/Auth', 'public.GetConfigValue(\'home\')+\'/api/Auth', $data);
+        $data = str_replace('\'https://www.bt.cn/api/Auth', 'public.GetConfigValue(\'home\')+\'/api/Auth', $data);

        file_put_contents($main_filepath, $data);
    }
--- a/app/lib/ThirdPlugins.php
+++ b/app/lib/ThirdPlugins.php
@@ -65,7 +65,6 @@ class ThirdPlugins
                $zip = new ZipArchive;
                if ($zip->open($filepath) === true)
                {
-                    $zip->extractTo(get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version);
                    $zip->close();
                    return true;
                }else{
--- a/app/middleware/LoadConfig.php
+++ b/app/middleware/LoadConfig.php
@@ -5,6 +5,7 @@ namespace app\middleware;

 use think\facade\Db;
 use think\facade\Config;
+use think\facade\View;

 class LoadConfig
 {
@@ -31,6 +32,7 @@ class LoadConfig
        $res = Db::name('config')->cache('configs',0)->column('value','key');
        Config::set($res, 'sys');

+        View::assign('cdnpublic', '//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/');
        return $next($request)->header([
            'Cache-Control' => 'no-store, no-cache, must-revalidate',
            'Pragma' => 'no-cache',
--- a/app/script/cacert.sh
+++ b/app/script/cacert.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+OPENSSL_CHECK=$(which openssl)
+if [ "$?" != "0" ]; then
+	echo "未安装OpenSSL"
+	exit 1
+fi
+
+if [ ! -f ca.key ] && [ ! -f ca.crt ]; then
+	openssl genrsa -out ca.key 2048
+	openssl req -new -x509 -utf8 -days 3650 -extensions v3_ca -subj "/C=CN/O=宝塔面板/CN=宝塔面板" -key ca.key -out ca.crt
+fi
+
+openssl genrsa -out server.key 2048
+openssl req -new -nodes -key server.key -subj "/C=CN/O=BTPanel/CN=BTPanel" -out server.csr
+openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 3650 -extensions req_ext
+
+cat ca.crt >> server.crt
+
+openssl pkcs12 -export -out baota_root.pfx -inkey server.key -in server.crt -password pass:
+if [ "$?" != "0" ]; then
+	echo "生成CA根证书失败"
+	exit 1
+fi
+
+mkdir -p ../../public/ssl
+\cp baota_root.pfx ../../public/ssl/baota_root.pfx
+\cp ca.crt ../../public/ssl/baota_root.crt
+rm -f server.crt server.key server.csr
+
+echo "生成CA根证书成功"
--- a/app/script/convert.sh
+++ b/app/script/convert.sh
@@ -1,7 +1,7 @@
 #!/bin/bash

-Linux_Version="9.1.0"
-Windows_Version="8.0.0"
+Linux_Version="9.2.0"
+Windows_Version="8.2.0"
 Btm_Version="2.3.0"

 FILES=(
--- a/app/view/admin/deplist.html
+++ b/app/view/admin/deplist.html
@@ -16,7 +16,7 @@
 	</div>
 </div>
 </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
 <script>
 function refresh_deplist(os){
    var confirm = layer.confirm('是否确定从宝塔官方获取最新一键部署列表？', {
--- a/app/view/admin/layout.html
+++ b/app/view/admin/layout.html
@@ -5,15 +5,15 @@
  <meta name="renderer" content="webkit">
  <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0, user-scalable=no" />
  <title>{block name="title"}标题{/block}</title>
-  <link href="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet" />
-  <link href="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet" />
+  <link href="{$cdnpublic}twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet" />
+  <link href="{$cdnpublic}font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet" />
  <link href="/static/css/bootstrap-table.css" rel="stylesheet" />
-  <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/modernizr/2.8.3/modernizr.min.js"></script>
-  <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/2.1.4/jquery.min.js"></script>
-  <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/twitter-bootstrap/3.4.1/js/bootstrap.min.js"></script>
+  <script src="{$cdnpublic}modernizr/2.8.3/modernizr.min.js"></script>
+  <script src="{$cdnpublic}jquery/2.1.4/jquery.min.js"></script>
+  <script src="{$cdnpublic}twitter-bootstrap/3.4.1/js/bootstrap.min.js"></script>
  <!--[if lt IE 9]>
-    <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/html5shiv/3.7.3/html5shiv.min.js"></script>
-    <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/respond.js/1.4.2/respond.min.js"></script>
+    <script src="{$cdnpublic}html5shiv/3.7.3/html5shiv.min.js"></script>
+    <script src="{$cdnpublic}respond.js/1.4.2/respond.min.js"></script>
  <![endif]-->
 </head>
 <body>
@@ -51,6 +51,9 @@
          <li class="{:checkIfActive('log')}">
            <a href="/admin/log"><i class="fa fa-calendar"></i> 操作日志</a>
          </li>
+          <li class="{:checkIfActive('ssl')}">
+            <a href="/admin/ssl"><i class="fa fa-expeditedssl"></i> 自签SSL</a>
+          </li>
          <li class="{:checkIfActive('set')}">
            <a href="#" class="dropdown-toggle" data-toggle="dropdown"><i class="fa fa-cog"></i> 系统设置<b
                class="caret"></b></a>
--- a/app/view/admin/list.html
+++ b/app/view/admin/list.html
@@ -42,9 +42,9 @@
 	  </table>
 	</div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
 <script src="/static/js/custom.js"></script>
 <script>
 function setEnable(id,enable) {
--- a/app/view/admin/log.html
+++ b/app/view/admin/log.html
@@ -23,9 +23,9 @@
 	  </table>
 	</div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
 <script src="/static/js/custom.js"></script>
 <script>

--- a/app/view/admin/login.html
+++ b/app/view/admin/login.html
@@ -5,12 +5,12 @@
  <meta name="renderer" content="webkit">
  <meta name="viewport" content="width=device-width, initial-scale=1"/>
  <title>管理员登录</title>
-  <link href="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet"/>
-  <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/modernizr/2.8.3/modernizr.min.js"></script>
-  <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/2.1.4/jquery.min.js"></script>
+  <link href="{$cdnpublic}twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet"/>
+  <script src="{$cdnpublic}modernizr/2.8.3/modernizr.min.js"></script>
+  <script src="{$cdnpublic}jquery/2.1.4/jquery.min.js"></script>
  <!--[if lt IE 9]>
-    <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/html5shiv/3.7.3/html5shiv.min.js"></script>
-    <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/respond.js/1.4.2/respond.min.js"></script>
+    <script src="{$cdnpublic}html5shiv/3.7.3/html5shiv.min.js"></script>
+    <script src="{$cdnpublic}respond.js/1.4.2/respond.min.js"></script>
  <![endif]-->
 </head>
 <body>
@@ -63,7 +63,7 @@
      </div>
    </div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
 <script>
 function submitlogin(){
    var user = $("input[name='user']").val();
--- a/app/view/admin/plugins.html
+++ b/app/view/admin/plugins.html
@@ -69,9 +69,9 @@ td{overflow: hidden;text-overflow: ellipsis;white-space: nowrap;max-width:340px;
 	  </table>
 	</div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
 <script src="/static/js/custom.js"></script>
 <script>

@@ -157,8 +157,13 @@ function download_item(){
        layer.alert('成功下载'+$.downloadCount+'个插件包！', {icon:1}, function(){layer.closeAll();searchSubmit();});
        return;
    }
-    $.downloadCount++;
    var plugin = $.preDownload[0];
+    if(plugin.name == 'firewall'){
+        $.preDownload.shift();
+		download_item();
+        return;
+    }
+    $.downloadCount++;
    var ii = layer.msg('['+$.downloadCount+'/'+$.preDownloadCount+']正在下载'+plugin.name+'-'+plugin.version, {icon: 16, shade:0.1, time: 0});
    $.ajax({
 		type : 'POST',
--- a/app/view/admin/pluginswin.html
+++ b/app/view/admin/pluginswin.html
@@ -69,9 +69,9 @@ td{overflow: hidden;text-overflow: ellipsis;white-space: nowrap;max-width:340px;
 	  </table>
 	</div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
 <script src="/static/js/custom.js"></script>
 <script>

@@ -163,7 +163,7 @@ function download_item(){
    $.ajax({
 		type : 'POST',
 		url : '/admin/download_plugin',
-        data: { name:plugin.name, version:plugin.version},
+        data: { name:plugin.name, version:plugin.version, os:'Windows'},
 		dataType : 'json',
 		success : function(data) {
            layer.close(ii)
--- a/app/view/admin/record.html
+++ b/app/view/admin/record.html
@@ -23,9 +23,9 @@
 	  </table>
 	</div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
 <script src="/static/js/custom.js"></script>
 <script>

--- a/app/view/admin/set.html
+++ b/app/view/admin/set.html
@@ -279,7 +279,7 @@ $("select[name='wbt_type']").change(function(){
 	</div>
 </div>
 {/if}
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
 <script>
 $(document).ready(function(){
 	var items = $("select[default]");
--- a/app/view/admin/ssl.html
+++ b/app/view/admin/ssl.html
@@ -0,0 +1,86 @@
+{extend name="admin/layout" /}
+{block name="title"}自签名SSL证书生成{/block}
+{block name="main"}
+<style>
+.control-label[is-required]:before {
+    content: "*";
+    color: #f56c6c;
+    margin-right: 4px;
+}
+</style>
+<div class="container" style="padding-top:70px;">
+<div class="col-sm-12 col-md-10 col-lg-8 center-block" style="float: none;">
+<div class="panel panel-primary">
+<div class="panel-heading"><h3 class="panel-title">自签名SSL证书生成</h3></div>
+<div class="panel-body">
+    {if $isca}
+    <div class="alert alert-warning" style="word-break:break-all;">下载CA证书并导入，可解决浏览器不安全提醒。<br/>Windows：<a href="/ssl/baota_root.pfx">baota_root.pfx</a>（密码为空），Mac/Linux：<a href="/ssl/baota_root.crt">baota_root.crt</a></div>
+  <form onsubmit="return makeSSL(this)" method="post" class="form" role="form">
+	<div class="form-group">
+      <label is-required="true" class="control-label">域名列表：</label>
+      <textarea class="form-control" name="domain_list" rows="6" placeholder="每行一个域名/IP，支持通配符" required></textarea>
+    </div>
+	<div class="form-group">
+      <label class="control-label">通用名称：</label>
+      <input type="text" name="common_name" value="" placeholder="留空则为域名列表第一个域名" class="form-control"/>
+    </div>
+    <div class="form-group">
+      <label is-required="true" class="control-label">有效天数：</label>
+      <input type="number" name="validity" value="3650" class="form-control" required/>
+    </div>
+	<div class="form-group text-center">
+	  <input type="submit" name="submit" value="生成自签名证书" class="btn btn-success btn-block"/>
+	</div>
+    <div class="form-group row" id="result" style="display:none;">
+        <div class="col-md-6">
+            <label class="control-label">SSL证书：</label>
+            <textarea class="form-control" name="ssl_cert" rows="5" onclick="copy(this)" title="点击复制"></textarea>
+        </div>
+        <div class="col-md-6">
+            <label class="control-label">SSL证书私钥：</label>
+            <textarea class="form-control" name="ssl_key" rows="5" onclick="copy(this)" title="点击复制"></textarea>
+        </div>
+    </div>
+  </form>
+    {else}
+    <div class="alert alert-danger" role="alert">你还没有生成CA证书，无法生成SSL证书！</div>
+    <div class="alert alert-info" style="word-break:break-all;">执行以下命令，生成自签名CA证书。然后，可通过接口或当前页面生成SSL证书，用于面板访问。</div>
+    <div class="list-group-item" style="word-break:break-all;">cd {:app()->getRootPath()}app/script && chmod +x cacert.sh && ./cacert.sh</div><br/>
+    {/if}
+</div>
+</div>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script>
+function makeSSL(obj){
+    var ii = layer.load(2, {shade:[0.1,'#fff']});
+	$.ajax({
+		type : 'POST',
+		url : '/admin/ssl',
+		data : $(obj).serialize(),
+		dataType : 'json',
+		success : function(data) {
+			layer.close(ii);
+			if(data.code == 0){
+                $("textarea[name='ssl_cert']").val(data.cert);
+                $("textarea[name='ssl_key']").val(data.key);
+                $("#result").show();
+                layer.msg('SSL证书生成成功', {icon:1, time:800});
+			}else{
+				layer.alert(data.msg, {icon: 2})
+			}
+		},
+		error:function(data){
+            layer.close(ii);
+			layer.msg('服务器错误');
+		}
+	});
+    return false;
+}
+function copy(obj){
+    if($(obj).val() == '') return;
+    $(obj).select();
+    document.execCommand("Copy");
+    layer.msg('复制成功', {icon:1, time:500});
+}
+</script>
+{/block}
--- a/app/view/index/download.html
+++ b/app/view/index/download.html
@@ -193,10 +193,10 @@
 			</div>
 		</div>
 		 
-		<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/jquery.min.js" type="text/javascript" charset="utf-8"></script>
-		<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js" type="text/javascript" charset="utf-8"></script>
+		<script src="{$cdnpublic}jquery/3.6.0/jquery.min.js" type="text/javascript" charset="utf-8"></script>
+		<script src="{$cdnpublic}layer/3.5.1/layer.js" type="text/javascript" charset="utf-8"></script>
 		
-<script type="text/javascript" src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/clipboard.js/1.7.1/clipboard.min.js"></script>
+<script type="text/javascript" src="{$cdnpublic}clipboard.js/1.7.1/clipboard.min.js"></script>
 <script type="text/javascript" src="/static/js/dx.js"></script>
 <script>
 	$(function () {
--- a/install.sql
+++ b/install.sql
@@ -12,15 +12,15 @@ INSERT INTO `cloud_config` (`key`, `value`) VALUES
 ('bt_key', ''),
 ('whitelist', '0'),
 ('download_page', '1'),
-('new_version', '8.0.5'),
+('new_version', '9.2.0'),
 ('update_msg', '暂无更新日志'),
-('update_date', '2024-01-12'),
-('new_version_win', '7.9.0'),
+('update_date', '2024-09-13'),
+('new_version_win', '8.1.0'),
 ('update_msg_win', '暂无更新日志'),
-('update_date_win', '2023-07-20'),
-('new_version_btm', '2.2.9'),
+('update_date_win', '2024-07-17'),
+('new_version_btm', '2.3.0'),
 ('update_msg_btm', '暂无更新日志'),
-('update_date_btm', '2023-08-11'),
+('update_date_btm', '2024-04-24'),
 ('updateall_type', '0'),
 ('syskey', 'UqP94LtI8eWAIgCP');

@@ -48,7 +48,7 @@ CREATE TABLE `cloud_white` (
 DROP TABLE IF EXISTS `cloud_record`;
 CREATE TABLE `cloud_record` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
-  `ip` varchar(200) NOT NULL,
+  `ip` varchar(20) NOT NULL,
  `addtime` datetime NOT NULL,
  `usetime` datetime NOT NULL,
  PRIMARY KEY (`id`),
--- a/public/install/install_6.0.sh
+++ b/public/install/install_6.0.sh
@@ -235,6 +235,12 @@ Set_Centos7_Repo(){
 			tar -xvzf el7repo.tar.gz -C /etc/yum.repos.d/
 		fi
 	fi
+
+	yum install unzip -y
+	if [ "$?" != "0" ] ;then
+		sed -i "s/vault.epel.cloud/mirrors.cloud.tencent.com/g" /etc/yum.repos.d/*.repo
+	fi
+
 }
 # Set_Centos7_Repo(){
 # 		if [ -z "${download_Url}" ];then
@@ -280,6 +286,10 @@ Set_Centos8_Repo(){
 		rm -f /etc/yum.repos.d/*.repo
 		tar -xvzf el8repo.tar.gz -C /etc/yum.repos.d/
 	fi
+	yum install unzip -y
+	if [ "$?" != "0" ] ;then
+		sed -i "s/vault.epel.cloud/mirrors.cloud.tencent.com/g" /etc/yum.repos.d/*.repo
+	fi
 }
 get_node_url(){
 	if [ ! -f /bin/curl ];then
--- a/public/install/src/panel6.zip
+++ b/public/install/src/panel6.zip
--- a/public/install/update/LinuxPanel-9.2.0.zip
+++ b/public/install/update/LinuxPanel-9.2.0.zip
--- a/public/install/update6.sh
+++ b/public/install/update6.sh
@@ -18,17 +18,18 @@ if [ ! -f "/www/server/panel/pyenv/bin/python3" ];then
 	echo "请截图发帖至论坛www.bt.cn/bbs求助"
 	exit 0;
 fi
-Centos6Check=$(cat /etc/redhat-release | grep ' 6.' | grep -iE 'centos|Red Hat')
-if [ "${Centos6Check}" ];then
-	echo "Centos6不支持升级宝塔面板，建议备份数据重装更换Centos7/8安装宝塔面板"
-	exit 1
-fi 

-
-Centos8Check=$(cat /etc/redhat-release | grep ' 8.' | grep -iE 'centos|Red Hat')
-if [ "${Centos8Check}" ];then
-	if [ ! -f "/usr/bin/python" ] && [ -f "/usr/bin/python3" ] && [ ! -d "/www/server/panel/pyenv" ]; then
-		ln -sf /usr/bin/python3 /usr/bin/python
+if [ -f "/etc/redhat-release" ];then
+	Centos6Check=$(cat /etc/redhat-release | grep ' 6.' | grep -iE 'centos|Red Hat')
+	if [ "${Centos6Check}" ];then
+		echo "Centos6不支持升级宝塔面板，建议备份数据重装更换Centos7/8安装宝塔面板"
+		exit 1
+	fi 
+	Centos8Check=$(cat /etc/redhat-release | grep ' 8.' | grep -iE 'centos|Red Hat')
+	if [ "${Centos8Check}" ];then
+		if [ ! -f "/usr/bin/python" ] && [ -f "/usr/bin/python3" ] && [ ! -d "/www/server/panel/pyenv" ]; then
+			ln -sf /usr/bin/python3 /usr/bin/python
+		fi
 	fi
 fi

@@ -48,10 +49,61 @@ fi

 download_Url=$D_NODE_URL

+
+Set_Centos7_Repo(){
+    if [ -f "/etc/yum.repos.d/docker-ce.repo" ];then
+        mv /etc/yum.repos.d/docker-ce.repo /etc/yum.repos.d/docker-ce.repo_backup
+    fi
+	MIRROR_CHECK=$(cat /etc/yum.repos.d/CentOS-Base.repo |grep "[^#]mirror.centos.org")
+	if [ "${MIRROR_CHECK}" ] && [ "${is64bit}" == "64" ];then
+		\cp -rpa /etc/yum.repos.d/ /etc/yumBak
+		sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*.repo
+		sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.epel.cloud|g' /etc/yum.repos.d/CentOS-*.repo
+	fi
+
+	TSU_MIRROR_CHECK=$(cat /etc/yum.repos.d/CentOS-Base.repo |grep "tuna.tsinghua.edu.cn")
+	if [ "${TSU_MIRROR_CHECK}" ];then
+		\cp -rpa /etc/yum.repos.d/ /etc/yumBak
+		sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*.repo
+		sed -i 's|#baseurl=https://mirrors.tuna.tsinghua.edu.cn|baseurl=http://vault.epel.cloud|g' /etc/yum.repos.d/CentOS-*.repo
+		sed -i 's|#baseurl=http://mirrors.tuna.tsinghua.edu.cn|baseurl=http://vault.epel.cloud|g' /etc/yum.repos.d/CentOS-*.repo
+	fi
+	
+	ALI_CLOUD_CHECK=$(grep Alibaba /etc/motd)
+	Tencent_Cloud=$(cat /etc/hostname |grep -E VM-[0-9]+-[0-9]+)
+	if [ "${ALI_CLOUD_CHECK}" ] || [ "${Tencent_Cloud}" ];then
+		return
+	fi
+	
+	yum install tree -y
+	if [ "$?" != "0" ] ;then
+		TAR_CHECK=$(which tree)
+		if [ "$?" == "0" ] ;then
+			\cp -rpa /etc/yum.repos.d/ /etc/yumBak
+			if [ -z "${download_Url}" ];then
+				download_Url="http://download.bt.cn"
+			fi
+			curl -Ss --connect-timeout 5 -m 60 -O ${download_Url}/src/el7repo.tar.gz
+			rm -f /etc/yum.repos.d/*.repo
+			tar -xvzf el7repo.tar.gz -C /etc/yum.repos.d/
+		fi
+	fi
+
+	yum install tree -y
+	if [ "$?" != "0" ] ;then
+		sed -i "s/vault.epel.cloud/mirrors.cloud.tencent.com/g" /etc/yum.repos.d/*.repo
+	fi
+}
+if [ -f "/etc/redhat-release" ];then
+	Centos7Check=$(cat /etc/redhat-release | grep ' 7.' | grep -iE 'centos|Red Hat')
+	if [ "${Centos7Check}" ];then
+		Set_Centos7_Repo
+	fi
+fi
 setup_path=/www
 version=$(curl -Ss --connect-timeout 5 -m 2 $Btapi_Url/api/panel/get_version)
 if [ -z "$VERSION_CHECK" ];then
-	version='9.1.0'
+	version='9.2.0'
 fi
 armCheck=$(uname -m|grep arm)
 if [ "${armCheck}" ];then
@@ -144,10 +196,10 @@ if [ -z "${GEOIP_C}" ];then
 	btpip install geoip2==4.7.0
 fi

-PANDAS_C=$(echo $pip_list|grep pandas)
-if [ -z "${PANDAS_C}" ];then
-	btpip install pandas
-fi
+# PANDAS_C=$(echo $pip_list|grep pandas)
+# if [ -z "${PANDAS_C}" ];then
+# 	btpip install pandas
+# fi

 pymysql=$(echo "$pip_list"|grep pycryptodome)
 if [ "$pymysql" = "" ];then
--- a/public/static/file/kaixin.zip
+++ b/public/static/file/kaixin.zip
--- a/public/win/panel/panel_8.2.0.zip
+++ b/public/win/panel/panel_8.2.0.zip
--- a/route/app.php
+++ b/route/app.php
@@ -12,7 +12,7 @@ Route::post('/down/download_plugin', 'api/download_plugin');
 Route::post('/down/download_plugin_main', 'api/download_plugin_main');
 Route::post('/panel/get_soft_list_status', 'api/return_success');
 Route::post('/panel/get_unbinding', 'api/return_success');
-Route::post('/bt_cert', 'api/return_error');
+Route::post('/bt_cert', 'api/bt_cert');
 Route::post('/Auth/GetAuthToken', 'api/get_auth_token');
 Route::post('/Auth/GetBindCode', 'api/return_error');
 Route::any('/bt_monitor/update_history', 'api/btm_update_history');
@@ -39,6 +39,7 @@ Route::group('api', function () {
    Route::get('/getUpdateLogs', 'api/get_update_logs');
    Route::get('/panel/get_version', 'api/get_version');
    Route::get('/wpanel/get_version', 'api/get_version_win');
+    Route::get('/panel/get_panel_version', 'api/get_panel_version');
    Route::get('/SetupCount', 'api/setup_count');
    Route::any('/panel/updateLinux', 'api/check_update');
    Route::any('/wpanel/updateWindows', 'api/check_update_win');
@@ -119,6 +120,13 @@ Route::group('api', function () {
    Route::post('/bt_waf/reportInterceptFail', 'api/return_empty');
    Route::any('/panel/get_spider', 'api/get_spider');

+    Route::post('/Auth/GetSocre', 'api/get_ssl_list');
+    Route::post('/Auth/SetSocre', 'api/get_ssl_list');
+    Route::post('/Auth/SubmitScore', 'api/get_ssl_list');
+
+    Route::post('/Cert_cloud_deploy/get_cert_list', 'api/return_success');
+    Route::post('/Cert_cloud_deploy/del_cert', 'api/return_success');
+
    Route::miss('api/return_error');
 });

@@ -146,6 +154,7 @@ Route::group('admin', function () {
    Route::get('/deplist', 'admin/deplist');
    Route::get('/refresh_deplist', 'admin/refresh_deplist');
    Route::get('/cleancache', 'admin/cleancache');
+    Route::any('/ssl', 'admin/ssl');

 })->middleware(\app\middleware\CheckAdmin::class);

--- a/wiki/files/linux/PluginLoader.py
+++ b/wiki/files/linux/PluginLoader.py
@@ -1,53 +1,54 @@
 #coding: utf-8
+# +-------------------------------------------------------------------
+# | 宝塔Linux面板
+# +-------------------------------------------------------------------
+# | Copyright (c) 2015-2099 宝塔软件(http://bt.cn) All rights reserved.
+# +-------------------------------------------------------------------
+# | Author: hwliang <hwl@bt.cn>
+# +-------------------------------------------------------------------
+
+#+--------------------------------------------------------------------
+#|   插件和模块加载器
+#+--------------------------------------------------------------------
+
 import public,os,sys,json

-#获取插件列表(0/1)
-def get_plugin_list(force = 0):
-    api_root_url = 'https://api.bt.cn'
-    api_url = api_root_url+ '/panel/get_plugin_list'
-    cache_file = 'data/plugin_list.json'
-    
-    if force==0 and os.path.exists(cache_file):
-        jsonData = public.readFile(cache_file)
-        softList = json.loads(jsonData)
-    else:
-        try:
-            jsonData = public.HttpGet(api_url)
-        except Exception as ex:
-            raise public.error_conn_cloud(str(ex))
-        softList = json.loads(jsonData)
-        if type(softList)!=dict or 'list' not in softList:
-            if type(softList)==str:
-                raise Exception(softList)
-            else:
-                raise Exception('云端插件列表获取失败')
-        public.writeFile(cache_file, jsonData)
-    return softList
-
-#获取授权状态() 返回：0.免费版 1.专业版 2.企业版 -1.获取失败
-def get_auth_state():
-    try:
-        softList = get_plugin_list()
-        if softList['ltd'] > -1:
-            return 2
-        elif softList['pro'] > -1:
-            return 1
-        else:
-            return 0
-    except:
-        return -1
-
-#执行插件方法(插件名,方法名,参数)
-def plugin_run(plugin_name, def_name, args):
+def plugin_run(plugin_name,def_name,args):
+    '''
+        @name 执行插件方法
+        @param plugin_name<string> 插件名称
+        @param def_name<string> 方法名称
+        @param args<dict_obj> 参数对像
+        @return mixed
+    '''
    if not plugin_name or not def_name: return public.returnMsg(False,'插件名称和插件方法名称不能为空!')
-    if not path_check(plugin_name) or not path_check(def_name): return public.returnMsg(False,'插件名或方法名不能包含特殊符号!')
-    p_path = public.get_plugin_path(plugin_name)
-    if not os.path.exists(p_path + '/index.php') and not os.path.exists(p_path + '/%s_main.py' % plugin_name): return public.returnMsg(False,'插件不存在!')
    
-    is_php = os.path.exists(p_path + '/index.php')
+    # 获取插件目录
+    plugin_path = public.get_plugin_path(plugin_name)
+    is_php = os.path.exists(os.path.join(plugin_path,'index.php'))
+
+    # 检查插件目录是否合法
+    if is_php:
+        plugin_file = os.path.join(plugin_path,'index.php')
+    else:
+        plugin_file = os.path.join(plugin_path, plugin_name + '_main.py')
+    if not public.path_safe_check(plugin_file): return public.returnMsg(False,'插件路径不合法')
+
+    # 检查插件入口文件是否存在
+    if not os.path.exists(plugin_file): return public.returnMsg(False,'指定插件入口文件不存在')
+
+    # 添加插件目录到系统路径
+    public.sys_path_append(plugin_path)
+
    if not is_php:
-        public.package_path_append(p_path)
-        plugin_main = __import__(plugin_name + '_main')
+        # 引用插件入口文件
+        _name = "{}_main".format(plugin_name)
+        plugin_main = __import__(_name)
+
+        # 检查类名是否符合规范
+        if not hasattr(plugin_main,_name):
+            return public.returnMsg(False,'指定插件入口文件不符合规范')
+        
        try:
            if sys.version_info[0] == 2:
                reload(plugin_main)
@@ -56,77 +57,161 @@ def plugin_run(plugin_name, def_name, args):
                reload(plugin_main)
        except:
            pass
-        plu = eval('plugin_main.' + plugin_name + '_main()')
-        if not hasattr(plu, def_name):
+        
+        # 实例化插件类
+        plugin_obj = getattr(plugin_main,_name)()
+
+        # 检查方法是否存在
+        if not hasattr(plugin_obj,def_name):
            return public.returnMsg(False,'在[%s]插件中找不到[%s]方法' % (plugin_name,def_name))
        
-    if 'plugin_get_object' in args and args.plugin_get_object == 1:
-        if not is_php:
-            return getattr(plu, def_name)
-        else:
+        if args is not None and 'plugin_get_object' in args and args.plugin_get_object == 1:
+            return getattr(plugin_obj, def_name)
+        
+        # 执行方法
+        return getattr(plugin_obj,def_name)(args)
+    else:
+        if args is not None and 'plugin_get_object' in args and args.plugin_get_object == 1:
            return None
-    else:
-        if not is_php:
-            data = eval('plu.' + def_name + '(args)')
-        else:
-            import panelPHP
-            args.s = def_name
-            args.name = plugin_name
-            data = panelPHP.panelPHP(plugin_name).exec_php_script(args)
-        return data
+        import panelPHP
+        args.s = def_name
+        args.name = plugin_name
+        return panelPHP.panelPHP(plugin_name).exec_php_script(args)
    
-#执行模块方法(模块名,方法名,参数)
-def module_run(mod_name, def_name, args):
-    if not mod_name or not def_name: return public.returnMsg(False,'模块名称和模块方法名称不能为空!')
-    if not path_check(mod_name) or not path_check(def_name): return public.returnMsg(False,'模块名或方法名不能包含特殊符号!')

+def get_module_list():
+    '''
+        @name 获取模块列表
+        @return list    
+    '''
+    module_list = []
+    class_path = public.get_class_path()
+    for name in os.listdir(class_path):
+        path = os.path.join(class_path,name)
+        # 过滤无效文件
+        if not name or name.endswith('.py') or name[0] == '.' or not name.endswith('Model') or os.path.isfile(path):continue
+        module_list.append(name)
+    return module_list
+
+def module_run(module_name,def_name,args):
+    '''
+        @name 执行模块方法
+        @param module_name<string> 模块名称
+        @param def_name<string> 方法名称
+        @param args<dict_obj> 参数对像
+        @return mixed
+    '''
+    if not module_name or not def_name: return public.returnMsg(False,'模块名称和模块方法名称不能为空!')
+    model_index = args.get('model_index',None)
+    class_path = public.get_class_path()
+    panel_path = public.get_panel_path()
+    
+    module_file = None
    if 'model_index' in args:
-        if args.model_index:
-            mod_file = "{}/{}Model/{}Model.py".format(public.get_class_path(),args.model_index,mod_name)
+        # 新模块目录
+        if model_index in ['mod']:
+            module_file = os.path.join(panel_path,'mod','project',module_name + 'Mod.py')
+        elif model_index:
+            # 旧模块目录
+            module_file = os.path.join(class_path,model_index+"Model",module_name + 'Model.py')
        else:
-            mod_file = "{}/projectModel/{}Model.py".format(public.get_class_path(),mod_name)
+            module_file = os.path.join(class_path,"projectModel",module_name + 'Model.py')
    else:
+        # 如果没指定模块名称，则遍历所有模块目录
        module_list = get_module_list()
-        for module_dir in module_list:
-            mod_file = "{}/{}/{}Model.py".format(public.get_class_path(),module_dir,mod_name)
-            if os.path.exists(mod_file): break
+        for name in module_list:
+            module_file = os.path.join(class_path,name,module_name + 'Model.py')
+            if os.path.exists(module_file): break
    
-    if not os.path.exists(mod_file):
-        return public.returnMsg(False,'模块[%s]不存在' % mod_name)
+    # 判断模块入口文件是否存在
+    if not os.path.exists(module_file):
+        return public.returnMsg(False,'模块[%s]不存在' % module_name)
    
-    def_object = public.get_script_object(mod_file)
-    if not def_object: return public.returnMsg(False,'模块[%s]不存在!' % mod_name)
+    # 判断模块路径是否合法
+    if not public.path_safe_check(module_file):
+        return public.returnMsg(False,'模块路径不合法')
+    
+    def_object = public.get_script_object(module_file)
+    if not def_object: return public.returnMsg(False,'模块[%s]不存在' % module_name)
+
+    # 模块实例化并返回方法对象
    try:
        run_object = getattr(def_object.main(),def_name,None)
    except:
-        return public.returnMsg(False,'模块入口实例化失败' % mod_name)
-    if not run_object: return public.returnMsg(False,'在[%s]模块中找不到[%s]方法' % (mod_name,def_name))
+        return public.returnMsg(False,'模块[%s]入口实例化失败' % module_name)
+    if not run_object: return public.returnMsg(False,'在[%s]模块中找不到[%s]方法' % (module_name,def_name))
+
    if 'module_get_object' in args and args.module_get_object == 1:
        return run_object
+    
+    # 执行方法
    result = run_object(args)
    return result
    
-#获取模块文件夹列表
-def get_module_list():
-    list = []
-    class_path = public.get_class_path()
-    f_list = os.listdir(class_path)
-    for fname in f_list:
-        f_path = class_path+'/'+fname
-        if os.path.isdir(f_path) and len(fname) > 6 and fname.find('.') == -1 and fname.find('Model') != -1:
-            list.append(fname)
-    return list

-#检查路径是否合法
-def path_check(path):
-    list = ["./","..",",",";",":","?","'","\"","<",">","|","\\","\n","\r","\t","\b","\a","\f","\v","*","%","&","$","#","@","!","~","`","^","(",")","+","=","{","}","[","]"]
-    for i in path:
-        if i in list:
-            return False
-    return True
+def get_plugin_list(upgrade_force = False):
+    '''
+        @name 获取插件列表
+        @param upgrade_force<bool> 是否强制重新获取列表
+        @return dict
+    '''
+
+    api_root_url = 'https://api.bt.cn'
+    api_url = api_root_url+ '/panel/get_plugin_list'
+    panel_path = public.get_panel_path()
+    data_path = os.path.join(panel_path,'data')
+
+    if not os.path.exists(data_path):
+        os.makedirs(data_path,384)
+
+    plugin_list = {}
+    plugin_list_file = os.path.join(data_path,'plugin_list.json')
+    if os.path.exists(plugin_list_file) and not upgrade_force:
+        plugin_list_body = public.readFile(plugin_list_file)
+        try:
+            plugin_list = json.loads(plugin_list_body)
+        except:
+            plugin_list = {}
+    
+    if not os.path.exists(plugin_list_file) or upgrade_force or not plugin_list:
+        try:
+            res = public.HttpGet(api_url)
+        except Exception as ex:
+            raise public.error_conn_cloud(str(ex))
+        if not res: raise Exception(False,'云端插件列表获取失败')
+
+        plugin_list = json.loads(res)
+        if type(plugin_list)!=dict or 'list' not in plugin_list:
+            if type(plugin_list)==str:
+                raise Exception(plugin_list)
+            else:
+                raise Exception('云端插件列表获取失败')
+        public.writeFile(plugin_list_file,json.dumps(plugin_list))
+        
+    return plugin_list
+
+
+def start_total():
+    '''
+        @name 启动统计服务
+        @return dict
+    '''
+    pass
+
+def get_soft_list(args):
+    '''
+        @name 获取软件列表
+        @param args<dict_obj> 参数对像
+        @return dict
+    '''
+    pass

-#数据加密
 def db_encrypt(data):
+    '''
+        @name 数据库加密
+        @param args<dict_obj> 参数对像
+        @return dict
+    '''
    try:
        key = __get_db_sgin()
        iv = __get_db_iv()
@@ -143,8 +228,12 @@ def db_encrypt(data):
    }
    return result

-#数据解密
 def db_decrypt(data):
+    '''
+        @name 数据库解密
+        @param args<dict_obj> 参数对像
+        @return dict
+    '''
    try:
        key = __get_db_sgin()
        iv = __get_db_iv()
@@ -215,3 +304,49 @@ def __aes_encrypt(data, key, iv):
    encryptedbytes = aes.encrypt(data)
    en_text = base64.b64encode(encryptedbytes)
    return en_text.decode('utf-8')
+
+def plugin_end():
+    '''
+        @name 插件到期处理
+        @return dict
+    '''
+    pass
+
+def daemon_task():
+    '''
+        @name 后台任务守护
+        @return dict
+    '''
+    pass
+
+def daemon_panel():
+    '''
+        @name 面板守护
+        @return dict
+    '''
+    pass
+
+def flush_auth_key():
+    '''
+        @name 刷新授权密钥
+        @return dict
+    '''
+    pass
+
+def get_auth_state():
+    '''
+        @name 获取授权状态
+        @return 返回：0.免费版 1.专业版 2.企业版 -1.获取失败
+    '''
+    try:
+        softList = get_plugin_list()
+        if softList['ltd'] > -1:
+            return 2
+        elif softList['pro'] > -1:
+            return 1
+        else:
+            return 0
+    except:
+        return -1
+
+ 
--- a/wiki/files/win/bt.js
+++ b/wiki/files/win/bt.js
@@ -66,6 +66,31 @@ if("undefined" != typeof bt && bt.hasOwnProperty("compute_confirm")){
 		});
 	}
 }
+if("undefined" != typeof bt && bt.hasOwnProperty("input_confirm")){
+    bt.input_confirm = function (config, callback) {
+		layer.open({
+			type: 1,
+			title: config.title,
+			area: '430px',
+			closeBtn: 2,
+			shadeClose: true,
+			btn: [lan['public'].ok, lan['public'].cancel],
+			content:
+				'<div class="bt-form hint_confirm pd30">\
+						<div class="hint_title">\
+							<i class="hint-confirm-icon"></i>\
+							<div class="hint_con">' +
+				config.msg +
+				'</div>\
+						</div>\
+				</div>',
+			yes: function (layers, index) {
+                layer.close(layers);
+                if (callback) callback();
+			},
+		});
+	}
+}
 if("undefined" != typeof database && database.hasOwnProperty("del_database")){
    database.del_database = function (wid, dbname,obj, callback) {
        var title = '',
--- a/wiki/update.md
+++ b/wiki/update.md
@@ -20,6 +20,10 @@

 - 全局搜索替换 https://download.bt.cn/install/update6.sh => http://www.example.com/install/update6.sh

+  http://download.bt.cn/install/update6.sh => http://www.example.com/install/update6.sh
+
+  http://download.bt.cn/install/update/ => http://www.example.com/install/update/
+
 - 搜索并删除提交异常报告的代码 bt_error/index.php

 - class/ajax.py 文件 \# 是否执行升级程序 下面的 public.get_url() 改成 public.GetConfigValue('home')
@@ -72,7 +76,7 @@
  
  plugin_bin.pl 改成 plugin_list.json
  
- class/plugin_deployment.py 文件，SetupPackage方法内替换 public.GetConfigValue('home') => 'https://www.bt.cn'
+- class/plugin_deployment.py 文件，__setup_php_environment方法和GetJarPath方法内替换 public.GetConfigValue('home') => 'https://www.bt.cn'

 - class/config.py 文件，get_nps方法内data['nps'] = False改成True，get_nps_new方法下面加上 return public.returnMsg(False, "获取问卷失败")

@@ -119,6 +123,8 @@
  <script src="/static/bt.js"></script>
  ```

+  在 BTPanel/templates/default/software.html 的 \<script\>window.vite_public_request_token 前面加入
+
 - [可选]去除创建网站自动创建的垃圾文件：在class/panelSite.py，分别删除

  htaccess = self.sitePath + '/.htaccess'
--- a/wiki/updatewin.md
+++ b/wiki/updatewin.md
@@ -16,6 +16,8 @@ Windows版宝塔由于加密文件太多，无法全部解密，因此无法做

 - 全局搜索替换 https://www.bt.cn/api/ => http://www.example.com/api/（需排除ipsModel.py）

+- 全局搜索替换 http://www.bt.cn/api/ => http://www.example.com/api/
+
 - 全局搜索替换 https://download.bt.cn/win/panel/data/setup.py => http://www.example.com/win/panel/data/setup.py

 - class/panel_update.py 文件 public.get_url() =>  'http://www.example.com'
@@ -48,6 +50,8 @@ Windows版宝塔由于加密文件太多，无法全部解密，因此无法做

  删除 p = threading.Thread(target=update_software_list) 以及下面2行

+- tools.py，删除#尝试删除本地hosts文件中的宝塔域名解析
+
 - 去除面板日志上报：script/site_task.py 文件

  - 删除最下面 logs_analysis() 这1行
Author	SHA1	Message	Date
flucout	ba7e07f18a	update	2024-09-27 13:50:20 +08:00
flucout	25292b8e34	update	2024-09-27 13:50:04 +08:00
flucout	d80c0e9e44	update	2024-09-19 21:35:42 +08:00
flucout	247e486181	fix	2024-09-08 14:09:06 +08:00
flucout	d856d3bc1c	update	2024-09-01 09:32:35 +08:00
flucout	e304e9acc2	update	2024-08-31 19:54:50 +08:00
flucout	aba885f434	update	2024-08-13 20:29:20 +08:00
flucout	5e1f19de53	支持生成自签SSL证书	2024-08-13 17:23:31 +08:00
flucout	57cbf9315c	wiki	2024-08-10 22:55:52 +08:00
flucout	4608d4899b	update	2024-08-10 22:30:50 +08:00
flucout	272f3bfe97	update	2024-07-27 13:10:39 +08:00