fix: 规范模版、规范接口、修复issues BUG

src/main/java/net/mingsoft/basic/action/web/EditorAction.java

-/**
- * The MIT License (MIT)
- * Copyright (c) 2012-2022 铭软科技(mingsoft.net)
- * Permission is hereby granted, free of charge, to any person obtaining a copy of
- * this software and associated documentation files (the "Software"), to deal in
- * the Software without restriction, including without limitation the rights to
- * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
- * the Software, and to permit persons to whom the Software is furnished to do so,
- * subject to the following conditions:
-
- * The above copyright notice and this permission notice shall be included in all
- * copies or substantial portions of the Software.
-
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
- * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
- * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
- * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
- * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
- */
-
-
-package net.mingsoft.basic.action.web;
-
-import cn.hutool.core.io.FileUtil;
-import com.alibaba.fastjson.JSON;
-import com.alibaba.fastjson.JSONObject;
-import com.mingsoft.ueditor.MsUeditorActionEnter;
-import net.mingsoft.basic.util.BasicUtil;
-import net.mingsoft.config.MSProperties;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
-import springfox.documentation.annotations.ApiIgnore;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.util.Map;
-
-/**
- * 临时修复：百度编辑器上传，会在下一版本合并
- *
- * @author 铭软开发团队
- * @date 2019年7月16日
- * 历史修订 2022-1-21 新增normalize(),
- * editor()方法过滤非法上传路径
- */
-@ApiIgnore
-@Controller("ueAction")
-@RequestMapping("/static/plugins/ueditor/{version}/jsp")
-public class EditorAction {
-
-    @ResponseBody
-    @RequestMapping(value = "editor", method = {RequestMethod.GET, RequestMethod.POST})
-    public String editor(HttpServletRequest request, HttpServletResponse response, String jsonConfig) {
-        String uploadFloderPath = MSProperties.upload.path;
-        String rootPath = BasicUtil.getRealPath(uploadFloderPath);
-        jsonConfig = jsonConfig.replace("{ms.upload}", "/" + uploadFloderPath);
-        //过滤非法上传路径
-        Map<String, Object> map = (Map<String, Object>) JSONObject.parse(jsonConfig);
-        String imagePathFormat = (String) map.get("imagePathFormat");
-        imagePathFormat = FileUtil.normalize(imagePathFormat);
-
-        String filePathFormat = (String) map.get("filePathFormat");
-        filePathFormat = FileUtil.normalize(filePathFormat);
-
-        String videoPathFormat = (String) map.get("videoPathFormat");
-        videoPathFormat = FileUtil.normalize(videoPathFormat);
-
-        map.put("imagePathFormat", imagePathFormat);
-        map.put("filePathFormat", filePathFormat);
-        map.put("videoPathFormat", videoPathFormat);
-
-        jsonConfig = JSONObject.toJSONString(map);
-        MsUeditorActionEnter actionEnter = new MsUeditorActionEnter(request, rootPath, jsonConfig, BasicUtil.getRealPath(""));
-        String json = actionEnter.exec();
-        Map jsonMap = JSON.parseObject(json,Map.class);
-        jsonMap.put("url","/".concat(uploadFloderPath).concat(jsonMap.get("url")+""));
-        return JSONObject.toJSONString(jsonMap);
-    }
-
-}

src/main/java/net/mingsoft/cms/action/ContentAction.java

@@ -85,14 +85,15 @@ public class ContentAction extends BaseAction {
 	 * 返回主界面index
 	 */
 	@GetMapping("/index")
-	public String index(HttpServletResponse response,HttpServletRequest request){
+	public String index(){
 		return "/cms/content/index";
 	}
+
 	/**
 	 * 返回主界面main
 	 */
 	@GetMapping("/main")
-	public String main(HttpServletResponse response,HttpServletRequest request){
+	public String main(){
 		return "/cms/content/main";
 	}
 
@@ -109,23 +110,10 @@ public class ContentAction extends BaseAction {
     	@ApiImplicitParam(name = "contentAuthor", value = "文章作者", required =false,paramType="query"),
     	@ApiImplicitParam(name = "contentSource", value = "文章来源", required =false,paramType="query"),
     	@ApiImplicitParam(name = "contentDatetime", value = "发布时间", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "contentSort", value = "自定义顺序", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "contentImg", value = "文章缩略图", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "contentDescription", value = "描述", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "contentKeyword", value = "关键字", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "contentDetails", value = "文章内容", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "contentUrl", value = "文章跳转链接地址", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "appid", value = "文章管理的应用id", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "createBy", value = "创建人", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "createDate", value = "创建时间", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "updateBy", value = "修改人", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "updateDate", value = "修改时间", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "del", value = "删除标记", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "id", value = "编号", required =false,paramType="query"),
     })
 	@PostMapping("/list")
 	@ResponseBody
-	public ResultData list(@ModelAttribute @ApiIgnore ContentBean content, HttpServletResponse response, HttpServletRequest request, @ApiIgnore ModelMap model, BindingResult result) {
+	public ResultData list(@ModelAttribute @ApiIgnore ContentBean content) {
 		BasicUtil.startPage();
 		List contentList = contentBiz.query(content);
 		return ResultData.build().success(new EUListBean(contentList,(int) BasicUtil.endPage(contentList).getTotal()));
@@ -135,7 +123,7 @@ public class ContentAction extends BaseAction {
 	 * 返回编辑界面content_form
 	 */
 	@GetMapping("/form")
-	public String form(@ModelAttribute ContentEntity content, HttpServletResponse response, HttpServletRequest request, ModelMap model){
+	public String form(@ModelAttribute ContentEntity content, ModelMap model){
 		model.addAttribute("appId", BasicUtil.getApp().getAppId());
 		return "/cms/content/form";
 	}
@@ -144,17 +132,18 @@ public class ContentAction extends BaseAction {
 	 * 获取文章
 	 * @param content 文章实体
 	 */
-	@ApiOperation(value = "获取文章列表接口")
+	@ApiOperation(value = "获取文章详情接口")
     @ApiImplicitParam(name = "id", value = "编号", required =true,paramType="query")
 	@GetMapping("/get")
 	@ResponseBody
-	public ResultData get(@ModelAttribute @ApiIgnore ContentEntity content, HttpServletResponse response, HttpServletRequest request, @ApiIgnore ModelMap model){
+	public ResultData get(@ModelAttribute @ApiIgnore ContentEntity content){
 		if(content.getId()==null) {
 			return ResultData.build().error();
 		}
 		ContentEntity _content = contentBiz.getById(content.getId());
 		return ResultData.build().success(_content);
 	}
+
 	/**
 	 * 获取文章
 	 * @param content 文章实体
@@ -174,6 +163,12 @@ public class ContentAction extends BaseAction {
 		return ResultData.build().success(list.size() > 0 ? list.get(0) : null);
 	}
 
+
+
+	/**
+	* 保存文章
+	* @param content 文章实体
+	*/
 	@ApiOperation(value = "保存文章列表接口")
 	@ApiImplicitParams({
 			@ApiImplicitParam(name = "contentTitle", value = "文章标题", required =true,paramType="query"),
@@ -189,24 +184,12 @@ public class ContentAction extends BaseAction {
 			@ApiImplicitParam(name = "contentKeyword", value = "关键字", required =false,paramType="query"),
 			@ApiImplicitParam(name = "contentDetails", value = "文章内容", required =false,paramType="query"),
 			@ApiImplicitParam(name = "contentUrl", value = "文章跳转链接地址", required =false,paramType="query"),
-		@ApiImplicitParam(name = "appid", value = "文章管理的应用id", required =false,paramType="query"),
-		@ApiImplicitParam(name = "createBy", value = "创建人", required =false,paramType="query"),
-		@ApiImplicitParam(name = "createDate", value = "创建时间", required =false,paramType="query"),
-		@ApiImplicitParam(name = "updateBy", value = "修改人", required =false,paramType="query"),
-		@ApiImplicitParam(name = "updateDate", value = "修改时间", required =false,paramType="query"),
-		@ApiImplicitParam(name = "del", value = "删除标记", required =false,paramType="query"),
-		@ApiImplicitParam(name = "id", value = "编号", required =false,paramType="query"),
 	})
-
-	/**
-	* 保存文章
-	* @param content 文章实体
-	*/
 	@PostMapping("/save")
 	@ResponseBody
 	@LogAnn(title = "保存文章", businessType = BusinessTypeEnum.INSERT)
 	@RequiresPermissions("cms:content:save")
-	public ResultData save(@ModelAttribute @ApiIgnore ContentEntity content, HttpServletResponse response, HttpServletRequest request) {
+	public ResultData save(@ModelAttribute @ApiIgnore ContentEntity content) {
 		//验证文章标题的值是否合法
 		if(StringUtil.isBlank(content.getContentTitle())){
 			return ResultData.build().error(getResString("err.empty", this.getResString("content.title")));
@@ -235,11 +218,15 @@ public class ContentAction extends BaseAction {
 	 * @param contents 文章实体
 	 */
 	@ApiOperation(value = "批量删除文章列表接口")
+	@ApiImplicitParams({
+			@ApiImplicitParam(name = "contents", value = "文章集合", allowMultiple = true, dataType = "ContentEntity", required = true)
+
+	})
 	@PostMapping("/delete")
 	@ResponseBody
 	@LogAnn(title = "删除文章", businessType = BusinessTypeEnum.DELETE)
 	@RequiresPermissions("cms:content:del")
-	public ResultData delete(@RequestBody List<ContentEntity> contents, HttpServletResponse response, HttpServletRequest request) {
+	public ResultData delete(@RequestBody List<ContentEntity> contents) {
 		List<String> ids = new ArrayList<>();
 		for(int i = 0;i<contents.size();i++){
 			ids.add(contents.get(i).getId());
@@ -260,6 +247,7 @@ public class ContentAction extends BaseAction {
 		contentBiz.removeByIds(ids);
 		return ResultData.build().success();
 	}
+
 	/**
 	*	更新文章列表
 	* @param content 文章实体
@@ -280,20 +268,12 @@ public class ContentAction extends BaseAction {
 		@ApiImplicitParam(name = "contentKeyword", value = "关键字", required =false,paramType="query"),
 		@ApiImplicitParam(name = "contentDetails", value = "文章内容", required =false,paramType="query"),
 		@ApiImplicitParam(name = "contentUrl", value = "文章跳转链接地址", required =false,paramType="query"),
-		@ApiImplicitParam(name = "appid", value = "文章管理的应用id", required =false,paramType="query"),
-		@ApiImplicitParam(name = "createBy", value = "创建人", required =false,paramType="query"),
-		@ApiImplicitParam(name = "createDate", value = "创建时间", required =false,paramType="query"),
-		@ApiImplicitParam(name = "updateBy", value = "修改人", required =false,paramType="query"),
-		@ApiImplicitParam(name = "updateDate", value = "修改时间", required =false,paramType="query"),
-		@ApiImplicitParam(name = "del", value = "删除标记", required =false,paramType="query"),
-		@ApiImplicitParam(name = "id", value = "编号", required =false,paramType="query"),
 	})
 	@PostMapping("/update")
 	@ResponseBody
 	@LogAnn(title = "更新文章", businessType = BusinessTypeEnum.UPDATE)
 	@RequiresPermissions("cms:content:update")
-	public ResultData update(@ModelAttribute @ApiIgnore ContentEntity content, HttpServletResponse response,
-                             HttpServletRequest request) {
+	public ResultData update(@ModelAttribute @ApiIgnore ContentEntity content) {
 		//验证文章标题的值是否合法
 		if(StringUtil.isBlank(content.getContentTitle())){
 			return ResultData.build().error(getResString("err.empty", this.getResString("content.title")));

src/main/java/net/mingsoft/cms/action/web/CategoryAction.java

@@ -66,31 +66,10 @@ public class CategoryAction extends net.mingsoft.cms.action.BaseAction{
 	@ApiOperation(value = "查询分类列表接口")
 	@ApiImplicitParams({
     	@ApiImplicitParam(name = "categoryTitle", value = "栏目管理名称", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "categoryId", value = "所属栏目", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "categoryType", value = "栏目管理属性", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "categorySort", value = "自定义顺序", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "categoryListUrl", value = "列表模板", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "categoryUrl", value = "内容模板", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "categoryKeyword", value = "栏目管理关键字", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "categoryDescrip", value = "栏目管理描述", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "categoryImg", value = "缩略图", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "categoryDiyUrl", value = "自定义链接", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "mdiyModelId", value = "栏目管理的内容模型id", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "categoryDatetime", value = "类别发布时间", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "dictId", value = "字典对应编号", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "categoryFlag", value = "栏目属性", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "categoryPath", value = "栏目路径", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "categoryParentId", value = "父类型编号", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "createBy", value = "创建人", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "createDate", value = "创建时间", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "updateBy", value = "修改人", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "updateDate", value = "修改时间", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "del", value = "删除标记", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "id", value = "编号", required =false,paramType="query"),
     })
-	@RequestMapping(value="/list",method = {RequestMethod.GET, RequestMethod.POST})
+	@PostMapping(value="/list")
 	@ResponseBody
-	public ResultData list(@ModelAttribute @ApiIgnore CategoryEntity category,HttpServletResponse response, HttpServletRequest request,@ApiIgnore ModelMap model,BindingResult result) {
+	public ResultData list(@ModelAttribute @ApiIgnore CategoryEntity category) {
 		BasicUtil.startPage();
 		List categoryList = categoryBiz.query(category);
 		return ResultData.build().success(new EUListBean(categoryList,(int)BasicUtil.endPage(categoryList).getTotal()));
@@ -105,7 +84,7 @@ public class CategoryAction extends net.mingsoft.cms.action.BaseAction{
     @ApiImplicitParam(name = "id", value = "编号", required =true,paramType="query")
 	@GetMapping("/get")
 	@ResponseBody
-	public ResultData get(@ModelAttribute @ApiIgnore CategoryEntity category,HttpServletResponse response, HttpServletRequest request,@ApiIgnore ModelMap model){
+	public ResultData get(@ModelAttribute @ApiIgnore CategoryEntity category){
 		if(category.getId()==null) {
 			return ResultData.build().error();
 		}

src/main/java/net/mingsoft/cms/action/web/ContentAction.java

@@ -69,8 +69,9 @@ public class ContentAction extends net.mingsoft.cms.action.BaseAction{
 	private IHistoryLogBiz historyLogBiz;
 
 	/**
-	 * 查询文章列表
-	 * @param content 文章实体
+	 * 查询文章列表接口
+	 * @param content 文章
+	 * @return
 	 */
 	@ApiOperation(value = "查询文章列表接口")
 	@ApiImplicitParams({
@@ -81,23 +82,10 @@ public class ContentAction extends net.mingsoft.cms.action.BaseAction{
     	@ApiImplicitParam(name = "contentAuthor", value = "文章作者", required =false,paramType="query"),
     	@ApiImplicitParam(name = "contentSource", value = "文章来源", required =false,paramType="query"),
     	@ApiImplicitParam(name = "contentDatetime", value = "发布时间", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "contentSort", value = "自定义顺序", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "contentImg", value = "文章缩略图", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "contentDescription", value = "描述", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "contentKeyword", value = "关键字", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "contentDetails", value = "文章内容", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "contentUrl", value = "文章跳转链接地址", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "appid", value = "文章管理的应用id", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "createBy", value = "创建人", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "createDate", value = "创建时间", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "updateBy", value = "修改人", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "updateDate", value = "修改时间", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "del", value = "删除标记", required =false,paramType="query"),
-    	@ApiImplicitParam(name = "id", value = "编号", required =false,paramType="query"),
     })
 	@PostMapping("/list")
 	@ResponseBody
-	public ResultData list(@ModelAttribute @ApiIgnore ContentBean content, HttpServletResponse response, HttpServletRequest request, @ApiIgnore ModelMap model, BindingResult result) {
+	public ResultData list(@ModelAttribute @ApiIgnore ContentBean content) {
 		BasicUtil.startPage();
 		List contentList = contentBiz.query(content);
 		return ResultData.build().success(new EUListBean(contentList,(int)BasicUtil.endPage(contentList).getTotal()));
@@ -105,14 +93,15 @@ public class ContentAction extends net.mingsoft.cms.action.BaseAction{
 
 
 	/**
-	 * 获取文章
-	 * @param content 文章实体
+	 * 获取文章列表接口
+	 * @param content 文章
+	 * @return
 	 */
 	@ApiOperation(value = "获取文章列表接口")
     @ApiImplicitParam(name = "id", value = "编号", required =true,paramType="query")
 	@GetMapping("/get")
 	@ResponseBody
-	public ResultData get(@ModelAttribute @ApiIgnore ContentEntity content,HttpServletResponse response, HttpServletRequest request,@ApiIgnore ModelMap model){
+	public ResultData get(@ModelAttribute @ApiIgnore ContentEntity content){
 		if(content.getId()==null) {
 			return ResultData.build().error();
 		}
@@ -120,11 +109,16 @@ public class ContentAction extends net.mingsoft.cms.action.BaseAction{
 		return ResultData.build().success(_content);
 	}
 
+	/**
+	 * 查看文章点击数
+	 * @param contentId 文章编号
+	 * @return
+	 */
 	@ApiOperation(value = "查看文章点击数")
 	@ApiImplicitParam(name = "contentId", value = "文章编号", required = true,paramType="path")
 	@GetMapping(value = "/{contentId}/hit")
 	@ResponseBody
-	public String hit(@PathVariable @ApiIgnore String contentId, HttpServletRequest request, HttpServletResponse response){
+	public String hit(@PathVariable @ApiIgnore String contentId) {
 		if(StringUtils.isEmpty(contentId)){
 			return "document.write(0)";
 		}

src/main/java/net/mingsoft/cms/action/web/MCmsAction.java

@@ -151,10 +151,10 @@ public class MCmsAction extends net.mingsoft.cms.action.BaseAction {
             map.put(k, v.toString().replaceAll("('|\"|\\\\)", "\\\\$1"));
         });
         //获取栏目编号
-        int typeId = BasicUtil.getInt(ParserUtil.TYPE_ID, 0);
+        String typeId = BasicUtil.getString(ParserUtil.TYPE_ID);
         int size = BasicUtil.getInt("size", 10);
         ContentBean contentBean = new ContentBean();
-        contentBean.setCategoryId(String.valueOf(typeId));
+        contentBean.setCategoryId(typeId);
         //获取文章总数
         List<CategoryBean> columnArticles = contentBiz.queryIdsByCategoryIdForParser(contentBean);
         //判断栏目下是否有文章
@@ -203,7 +203,7 @@ public class MCmsAction extends net.mingsoft.cms.action.BaseAction {
     @ResponseBody
     public String view(String orderby, String order, HttpServletRequest req, HttpServletResponse resp) {
         //参数文章编号
-        ContentEntity article = (ContentEntity) contentBiz.getEntity(BasicUtil.getInt(ParserUtil.ID));
+        ContentEntity article = contentBiz.getById(BasicUtil.getString(ParserUtil.ID));
         if (ObjectUtil.isNull(article)) {
             throw new BusinessException(this.getResString("err.empty", this.getResString("id")));
         }
@@ -219,7 +219,7 @@ public class MCmsAction extends net.mingsoft.cms.action.BaseAction {
         //用于详情上下页获取当前文章列表对应的分类，根据文章查询只能获取自身分类
         String typeId = BasicUtil.getString(ParserUtil.TYPE_ID, article.getCategoryId());
         //根据文章编号查询栏目详情模版
-        CategoryEntity column = (CategoryEntity) categoryBiz.getEntity(Integer.parseInt(typeId));
+        CategoryEntity column = categoryBiz.getById(typeId);
         //解析后的内容
         String content = "";
         Map map = BasicUtil.assemblyRequestMap();

src/main/java/net/mingsoft/cms/dao/ICategoryDao.xml

@@ -106,7 +106,7 @@
 			</if>
 			and
 			(
-				find_in_set('${id}',CATEGORY_PARENT_IDS)>0
+				find_in_set(#{id},CATEGORY_PARENT_IDS)>0
 				or id=#{id}
 			)
 			and del=0

src/main/java/net/mingsoft/cms/dao/IContentDao.xml

@@ -63,7 +63,6 @@
 		<result column="category_img" property="categoryImg" /><!--缩略图 -->
 		<result column="category_diy_url" property="categoryDiyUrl" /><!--自定义链接 -->
 		<result column="mdiy_model_id" property="mdiyModelId" /><!--栏目管理的内容模型id -->
-		<result column="category_datetime" property="categoryDatetime" /><!--类别发布时间 -->
 		<result column="dict_id" property="dictId" /><!--字典对应编号 -->
 		<result column="category_flag" property="categoryFlag" /><!--栏目属性 -->
 		<result column="category_path" property="categoryPath" /><!--栏目路径 -->
@@ -182,14 +181,14 @@
 		</select>
 
 
-		<!--删除-->
+		<!--删除 防止脏数据-->
 		<delete id="deleteEntity" parameterType="int">
-			update  cms_content set del=1  where id=#{id}
+			delete from cms_content where id=#{id}
 		</delete>
 
-		<!--删除-->
+		<!--删除 防止脏数据-->
 		<delete id="deleteEntityByCategoryIds" >
-			update  cms_content set del=1
+			delete from cms_content
 			<where>
 				category_id in <foreach collection="ids" item="item" index="index"
 							open="(" separator="," close=")">#{item}</foreach>
@@ -198,7 +197,7 @@
 
 		<!--批量删除-->
 		<delete id="delete" >
-			update  cms_content set del=1
+			delete from cms_content
 			<where>
 				id in <foreach collection="ids" item="item" index="index"
 										 open="(" separator="," close=")">#{item}</foreach>
@@ -218,12 +217,12 @@
 			ct.del=0
 			<if test="contentTitle != null and contentTitle != ''"> and  content_title like CONCAT(CONCAT('%',#{contentTitle}),'%')</if>
 			<if test="categoryId != null and categoryId != ''"> 	and (ct.category_id=#{categoryId} or ct.category_id in
-				(select id FROM cms_category where find_in_set('${categoryId}',CATEGORY_PARENT_IDS)>0))</if>
+				(select id FROM cms_category where find_in_set(#{categoryId},CATEGORY_PARENT_IDS)>0))</if>
 			<if test="contentType != null and contentType != ''">
 				and
 				<foreach item="item" index="index" collection="contentType.split(',')" open="(" separator="or"
 						 close=")">
-					FIND_IN_SET('${item}',ct.content_type)>0
+					FIND_IN_SET(#{item},ct.content_type)>0
 				</foreach>
 			</if>
 			<if test="contentDisplay != null and contentDisplay != ''"> and content_display=#{contentDisplay}</if>
@@ -257,7 +256,7 @@
 			<!-- 查询子栏目数据 -->
 			<if test="categoryId!=null and  categoryId!='' and categoryType==1">
 				and (ct.category_id=#{categoryId} or ct.category_id in
-				(select id FROM cms_category where find_in_set('${categoryId}',CATEGORY_PARENT_IDS)>0))
+				(select id FROM cms_category where find_in_set(#{categoryId},CATEGORY_PARENT_IDS)>0))
 			</if>
 			<if test="categoryId!=null and  categoryId!='' and categoryType==2">
 				and ct.category_id=#{categoryId}
@@ -308,7 +307,7 @@
 		left join cms_category c
 		ON a.category_id
 		= c.id
-		<if test="tableName!=null and tableName!='' and diyMap!=null">left join ${tableName} d on d.link_id=a.id
+		<if test="tableName!=null and tableName!='' and diyList!=null">left join ${tableName} d on d.link_id=a.id
 		</if>
 		<where>
 			a.del=0
@@ -326,7 +325,7 @@
 			</if>
 			<if test="map.content_type!=null">
 				and <foreach item="item" index="index" collection="map.content_type.split(',')"  open="(" separator="or" close=")">
-					FIND_IN_SET('${item}',a.content_type)>0
+					FIND_IN_SET(#{item},a.content_type)>0
 				</foreach>
 			</if>
 			<if test="map.content_description!=null">
@@ -347,10 +346,10 @@
 					and a.content_datetime &lt; to_date(#{map.content_datetime_end}, 'yyyy-mm-dd hh24:mi:ss')
 				</if>
 			</if>
-			<if test="tableName!=null and tableName!='' and diyMap!=null">
+			<if test="tableName!=null and tableName!='' and diyList!=null">
 				<foreach item="item" index="index" collection="diyList" open=""
 						 separator="" close="">
-					and d.${field.key} like CONCAT(CONCAT('%',#{item.value}),'%')
+					and d.${item.key} like CONCAT(CONCAT('%',#{item.value}),'%')
 				</foreach>
 			</if>
 		</where>

src/main/java/net/mingsoft/config/WebConfig.java

@@ -21,12 +21,20 @@
 
 package net.mingsoft.config;
 
+import cn.hutool.core.util.StrUtil;
 import com.alibaba.druid.pool.DruidDataSource;
 import com.alibaba.druid.support.spring.stat.BeanTypeAutoProxyCreator;
+import com.alibaba.fastjson.JSON;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.fasterxml.jackson.databind.DeserializationFeature;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import net.mingsoft.basic.filter.XSSEscapeFilter;
 import net.mingsoft.basic.interceptor.ActionInterceptor;
+import net.mingsoft.mdiy.biz.IConfigBiz;
+import net.mingsoft.mdiy.entity.ConfigEntity;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
 import org.springframework.context.annotation.Bean;
@@ -41,6 +49,7 @@ import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 import java.io.File;
+import java.util.Arrays;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -52,6 +61,8 @@ import java.util.concurrent.TimeUnit;
 @Configuration
 public class WebConfig implements WebMvcConfigurer {
 
+    @Autowired(required = false)
+    private IConfigBiz configBiz;
 
     @Bean
     public ActionInterceptor actionInterceptor() {
@@ -84,19 +95,20 @@ public class WebConfig implements WebMvcConfigurer {
     @Override
     public void addResourceHandlers(ResourceHandlerRegistry registry) {
         String uploadMapping = MSProperties.upload.mapping;
-        String uploadFloderPath = MSProperties.upload.path;
+        String uploadFolderPath = MSProperties.upload.path;
         String template = MSProperties.upload.template;
         String htmlDir = MSProperties.htmlDir;
-        registry.addResourceHandler(uploadMapping).addResourceLocations(File.separator + uploadFloderPath + File.separator, "file:" + uploadFloderPath + File.separator);
-        registry.addResourceHandler("/template/**").addResourceLocations(File.separator + template + File.separator, "file:" + template + File.separator);
+        // 上传路径映射 这里的映射不能使用File.separator Windows会存在映射问题
+        registry.addResourceHandler(uploadMapping).addResourceLocations("/" + uploadFolderPath + "/", "file:" + uploadFolderPath + "/");
+        registry.addResourceHandler("/" + template + "/**").addResourceLocations("/" + template + "/", "file:" + template + "/");
         registry.addResourceHandler("/"+htmlDir+"/**").addResourceLocations("/"+htmlDir+"/", "file:"+htmlDir+"/");
         //三种映射方式 webapp下、当前目录下、jar内
         registry.addResourceHandler("/app/**").addResourceLocations("/app/", "file:app/", "classpath:/app/");
         registry.addResourceHandler("/static/**").addResourceLocations("/static/", "file:static/", "classpath:/static/", "classpath:/META-INF/resources/");
         registry.addResourceHandler("/api/**").addResourceLocations("/api/", "file:api/", "classpath:/api/");
-        if (new File(uploadFloderPath).isAbsolute()) {
+        if (new File(uploadFolderPath).isAbsolute()) {
             //如果指定了绝对路径，上传的文件都映射到uploadMapping下
-            registry.addResourceHandler(uploadMapping).addResourceLocations("file:" + uploadFloderPath + File.separator
+            registry.addResourceHandler(uploadMapping).addResourceLocations("file:" + uploadFolderPath + "/"
                     //映射其他路径文件
                     //,file:F://images
             );
@@ -117,19 +129,27 @@ public class WebConfig implements WebMvcConfigurer {
 
     //XSS过滤器
     @Bean
-    public FilterRegistrationBean xssFilterRegistration() {
+    public FilterRegistrationBean xssFilterRegistration(@Value("${ms.xss.xssEnable:false}") boolean xssEnable,
+                                                        @Value("${ms.xss.filterUrl}") String filterUrl,
+                                                        @Value("${ms.xss.excludeUrl}") String excludeUrl) {
         XSSEscapeFilter xssFilter = new XSSEscapeFilter();
+        Map<String, String> initParameters = new HashMap();
         FilterRegistrationBean registration = new FilterRegistrationBean();
         registration.setName("XSSFilter");
-        registration.addUrlPatterns("/*");
-        registration.setOrder(Ordered.HIGHEST_PRECEDENCE);
-        xssFilter.includes.add(".*/search.do");
-        Map<String, String> initParameters = new HashMap();
-        boolean enable = true;
+        registration.addUrlPatterns(new String[]{"/*"});
+        registration.setOrder(-2147483648);
+        xssFilter.includes.add("/**");
+        xssFilter.excludes.add(MSProperties.manager.path + "/**");
+        if (filterUrl != null && StrUtil.isNotBlank(filterUrl.toString())) {
+            xssFilter.includes.addAll(Arrays.asList(filterUrl.toString().split(",")));
+        }
+        if (excludeUrl != null && StrUtil.isNotBlank(excludeUrl.toString())) {
+            xssFilter.excludes.addAll(Arrays.asList(excludeUrl.toString().split(",")));
+        }
         initParameters.put("isIncludeRichText", "false");
         registration.setInitParameters(initParameters);
         registration.setFilter(xssFilter);
-        registration.setEnabled(enable);
+        registration.setEnabled(xssEnable);
         return registration;
     }
 
@@ -184,5 +204,15 @@ public class WebConfig implements WebMvcConfigurer {
         return pool;
     }
 
+    public Map getMap(String configName) {
+        if (!StringUtils.isEmpty(configName) && !StringUtils.isEmpty(configName)) {
+            ConfigEntity configEntity = new ConfigEntity();
+            configEntity.setConfigName(configName);
+            configEntity = (ConfigEntity)this.configBiz.getOne(new QueryWrapper(configEntity));
+            return configEntity != null && !StringUtils.isEmpty(configEntity.getConfigData()) ? (Map) JSON.parseObject(configEntity.getConfigData(), HashMap.class) : null;
+        } else {
+            return null;
+        }
+    }
 
 }

src/main/webapp/WEB-INF/manager/cms/content/form.ftl

 <!DOCTYPE html>
 <html>
 <head>
-    <title>文章1</title>
+    <title>文章</title>
     <#include "../../include/head-file.ftl">
     <script src="${base}/static/mdiy/index.js"></script>
 </head>

src/main/webapp/template/1/default/about.htm

@@ -6,7 +6,7 @@
  </head>
  <body>
   <div id="app" v-cloak>
-   <#include "nav.htm" />
+   <#include "header.htm" />
    <div class="news">
     <div class="body">
      <div class="left">

src/main/webapp/template/1/default/index.htm

@@ -2,11 +2,12 @@
  <head>
   <meta charset="utf-8">
   <title>{ms:global.name/}</title>
+  <script src="/static/mdiy/index.js"></script>
   <#include "head-file.htm" />
  </head>
  <body>
   <div id="app" v-cloak>
-   <#include "nav.htm" />
+   <#include "header.htm" />
    <div class="ms-banner">
     <swiper class="ms-vue-awesome-swiper" :options="{
 slidesPerView : 1,
@@ -99,7 +100,33 @@ var app = new Vue({
     el: '#app',
     watch:{
     },
-    data: {
+    data:function() {
+     return {
+      loading:false,
+      saveDisabled: false,
+      verifCode: ms.base + "/code",
+      //表单数据
+      form: {
+       // 姓名
+       leaveName:'',
+       // 电话
+       leavePhone:'',
+       // 留言内容
+       textareaMsg:''
+      },
+      rules:{
+       rand_code: [{
+          required: true,
+          message: '验证码不能为空',
+          trigger: 'blur'
+       }, {
+         min: 4,
+         max: 4,
+         message: '请输入4位验证码',
+         trigger: 'blur'
+        }]
+      },
+     }
     },
     methods: {
        switchShow:function(arr){
@@ -111,8 +138,37 @@ var app = new Vue({
                }
            })
        },
+       save: function() {
+         var that = this;
+         that.saveDisabled = true;
+         that.formModel.save(function(res) {
+          if (res.result) {
+           that.$notify({
+            title: '成功',
+            type: 'success',
+            message: '保存成功!'
+           });
+
+          } else {
+           that.$notify({
+            title: '失败',
+            message: res.msg,
+            type: 'warning'
+           });
+          }
+          that.saveDisabled = false;
+         });
+       },
+       code: function () {
+        this.verifCode = ms.base + "/code?t=" + (new Date).getTime();
+       }
     },
     created(){
+      var that = this;
+      URLS["post"].formURL["save"] = "/mdiy/formData/save.do";
+      ms.mdiy.model.post("formModel", { "modelName": "留言版" }).then(function(obj) {
+       that.formModel = obj;
+      });
     }
 })
 </script>

src/main/webapp/template/1/default/nav.htm

-<#assign ids=field.parentids>
-<#assign typeid=field.typeid>
-<div class="ms-nav">
- <div class="body">
-  <div class="logo">
-   <img title="" alt="" src="{ms:global.host/}/{@ms:file global.logo/}" class="logo-pic">
-   <img title="" alt="" src="https://www.mingsoft.net//template/1/ms/images/1596437934982.png" class="logo-desc">
-  </div>
-  <div @click="switchShow([&quot;1605172743000_96378&quot;]);" class="nav-h5">
-   <i class="iconfont icon-caidan nav-h5-icon"></i>
-   <div id="key_1605172743000_96378" class="nav-h5-body" style="display: none">
-    <a href="{ms:global.host/}" class="nav-h5-item"> 首页 </a>
-    {ms:channel flag='nav' type='top'}
-    <a href="<#if field.type==3>{ms:global.url/}${field.typeurl}<#else>{ms:global.url/}${field.typelink}</#if>" class="nav-h5-item <#if typeid==field.typeid || (ids?has_content && ids?index_of('${field.typeid}') gt -1)> sel</#if>">
-     ${field.typetitle}
-    </a>
-    {/ms:channel}
-   </div>
-  </div>
-  <div class="nav-item">
-   <a href="{ms:global.host/}" class="item"> 首页 </a>
-
-   {ms:channel flag='nav' type='top'}
-   <a href="<#if field.type==3>{ms:global.url/}${field.typeurl}<#else>{ms:global.url/}${field.typelink}</#if>" class="item<#if typeid==field.typeid || (ids?has_content && ids?index_of('${field.typeid}') gt -1)> sel</#if>">
-    ${field.typetitle}
-   </a>
-   {/ms:channel}
-  </div>
-  <div class="nav-search">
-   <!--搜索-start-->
-   <form id="searchDataForm" action="{ms:global.host/}/mcms/search.do" method="post" class="ms-search-input">
-    <div class="ms-search-input-div">
-     <!--输入框 - start -->
-     <input class="ms-input" name="content_title" placeholder="输入搜索关键字">
-     <!--输入框 -end -->
-    </div>
-    <div class="ms-search-button" onclick="document.getElementById('searchDataForm').submit();">
-     <i class="iconfont icon-fangdajing"></i>
-    </div>
-   </form>
-   <!--搜索-end-->
-  </div>
- </div>
-</div>

src/main/webapp/template/1/default/news-list.htm

@@ -6,7 +6,7 @@
  </head>
  <body>
   <div id="app" v-cloak>
-   <#include "nav.htm" />
+   <#include "header.htm" />
    <div class="news">
     <div class="body">
      <div class="left">

src/main/webapp/template/1/default/product-detail.htm

@@ -6,7 +6,7 @@
  </head> 
  <body> 
   <div id="app" v-cloak> 
-   <#include "nav.htm" /> 
+   <#include "header.htm" />
    <div class="content"> 
     <div class="body">
      <div class="left">

src/main/webapp/template/1/default/product-list.htm

@@ -6,7 +6,7 @@
  </head> 
  <body> 
   <div id="app" v-cloak> 
-   <#include "nav.htm" /> 
+   <#include "header.htm" />
    <div class="content">
 
     <div class="body">

src/main/webapp/template/1/default/search.htm

@@ -6,7 +6,7 @@
  </head>
  <body>
   <div id="app" v-cloak>
-   <#include "nav.htm" />
+   <#include "header.htm" />
    <div class="search">
     <div class="body">
      <span> 关键字 <span style="color: red">{ms:search.content_title/}</span> </span>