From bcb48fcfedc9721538e4d39f83b14b56eb32b853 Mon Sep 17 00:00:00 2001
From: Karson <karsonzhang@163.com>
Date: Wed, 31 May 2017 16:13:14 +0800
Subject: [PATCH] 修复在分层控制器下的权限验证错误 修复表单在提交后未返回token时导致的客户端错误

---
 application/common/controller/Backend.php | 2 +-
 public/assets/js/require-form.js          | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/application/common/controller/Backend.php b/application/common/controller/Backend.php
index 91f658a..6dff0b6 100644
--- a/application/common/controller/Backend.php
+++ b/application/common/controller/Backend.php
@@ -117,7 +117,7 @@ class Backend extends Controller
             if (!$this->auth->match($this->noNeedRight))
             {
                 // 判断控制器和方法判断是否有对应权限
-                $path = $this->request->path();
+                $path = str_replace('.', '/', $this->request->path());
                 $path = substr($path, 0, 1) == '/' ? $path : '/' . $path;
                 if (!$this->auth->check($path))
                 {
diff --git a/public/assets/js/require-form.js b/public/assets/js/require-form.js
index 3209ae2..807ecba 100755
--- a/public/assets/js/require-form.js
+++ b/public/assets/js/require-form.js
@@ -51,7 +51,7 @@ define(['jquery', 'bootstrap', 'backend', 'toastr', 'upload', 'validator'], func
                                 }
                                 Toastr.success(msg ? msg : __('Operation completed'));
                             } else {
-                                if (typeof data.token !== 'undefined') {
+                                if (data && typeof data === 'object' && typeof data.token !== 'undefined') {
                                     $("input[name='__token__']").val(data.token);
                                 }
                                 Toastr.error(msg ? msg : __('Operation failed'));
--
libgit2 0.24.0