优化后台管理日志记录

application/admin/behavior/AdminLog.php

@@ -4,7 +4,7 @@ namespace app\admin\behavior;
 
 class AdminLog
 {
-    public function run(&$params)
+    public function run(&$response)
     {
         //只记录POST请求的日志
         if (request()->isPost() && config('fastadmin.auto_record_log')) {

application/admin/controller/auth/Adminlog.php

@@ -53,6 +53,7 @@ class Adminlog extends Backend
                         $query->where('admin_id', 'in', $childrenAdminIds);
                     }
                 })
+                ->field('content,useragent', true)
                 ->order($sort, $order)
                 ->paginate($limit);
 

application/admin/model/AdminLog.php

@@ -41,8 +41,8 @@ class AdminLog extends Model
 
     /**
      * 记录日志
-     * @param string $title
-     * @param string $content
+     * @param string $title   日志标题
+     * @param string $content 日志内容
      */
     public static function record($title = '', $content = '')
     {
@@ -50,6 +50,9 @@ class AdminLog extends Model
         $admin_id = $auth->isLogin() ? $auth->id : 0;
         $username = $auth->isLogin() ? $auth->username : __('Unknown');
 
+        // 设置过滤函数
+        request()->filter('trim,strip_tags,htmlspecialchars');
+
         $controllername = Loader::parseName(request()->controller());
         $actionname = strtolower(request()->action());
         $path = str_replace('.', '/', $controllername) . '/' . $actionname;
@@ -60,12 +63,12 @@ class AdminLog extends Model
                 }
             }
         }
-        $content = $content ? $content : self::$content;
+        $content = $content ?: self::$content;
         if (!$content) {
-            $content = request()->param('', null, 'trim,strip_tags,htmlspecialchars');
+            $content = request()->param('') ?: file_get_contents("php://input");
             $content = self::getPureContent($content);
         }
-        $title = $title ? $title : self::$title;
+        $title = $title ?: self::$title;
         if (!$title) {
             $title = [];
             $breadcrumb = Auth::instance()->getBreadcrumb($path);
@@ -77,18 +80,18 @@ class AdminLog extends Model
         self::create([
             'title'     => $title,
             'content'   => !is_scalar($content) ? json_encode($content, JSON_UNESCAPED_UNICODE) : $content,
-            'url'       => substr(request()->url(), 0, 1500),
+            'url'       => substr(xss_clean(strip_tags(request()->url())), 0, 1500),
             'admin_id'  => $admin_id,
             'username'  => $username,
             'useragent' => substr(request()->server('HTTP_USER_AGENT'), 0, 255),
-            'ip'        => request()->ip()
+            'ip'        => xss_clean(strip_tags(request()->ip()))
         ]);
     }
 
     /**
      * 获取已屏蔽关键信息的数据
      * @param $content
-     * @return false|string
+     * @return array
      */
     protected static function getPureContent($content)
     {

public/assets/js/backend/auth/adminlog.js

@@ -29,7 +29,6 @@ define(['jquery', 'bootstrap', 'backend', 'table', 'form'], function ($, undefin
                         {field: 'title', title: __('Title'), operate: 'LIKE %...%', placeholder: '模糊搜索'},
                         {field: 'url', title: __('Url'), formatter: Table.api.formatter.url},
                         {field: 'ip', title: __('IP'), events: Table.api.events.ip, formatter: Table.api.formatter.search},
-                        {field: 'browser', title: __('Browser'), operate: false, formatter: Controller.api.formatter.browser},
                         {field: 'createtime', title: __('Create time'), formatter: Table.api.formatter.datetime, operate: 'RANGE', addclass: 'datetimerange', sortable: true},
                         {
                             field: 'operate', title: __('Operate'), table: table,