新增会员注册短信验证码

新增后台菜单栏hook
优化后台修改管理员密码脚本
优化安装脚本,默认禁用admin模块
优化插件列表参数和分页显示

@@ -74,6 +74,9 @@ class Install extends Command
 
         file_put_contents($installLockFile, 1);
 
+        //后台入口文件
+        $adminFile = ROOT_PATH . 'public' . DS . 'admin.php';
+
         $dbConfigFile = APP_PATH . 'database.php';
         $config = @file_get_contents($dbConfigFile);
         $callback = function ($matches) use ($hostname, $hostport, $username, $password, $database, $prefix) {
@@ -88,6 +91,16 @@ class Install extends Command
         // 写入数据库配置
         file_put_contents($dbConfigFile, $config);
 
+        // 修改后台入口
+        if (is_file($adminFile)) {
+            $x = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+            $adminName = substr(str_shuffle(str_repeat($x, ceil(10 / strlen($x)))), 1, 10) . '.php';
+            rename($adminFile, ROOT_PATH . 'public' . DS . $adminName);
+            $output->highlight("Admin url:http://www.yoursite.com/{$adminName}");
+        }
+        $output->highlight("Admin username:admin");
+        $output->highlight("Admin password:123456");
+
         \think\Cache::rm('__menu__');
 
         $output->info("Install Successed!");

@@ -6,6 +6,7 @@ use app\admin\model\Admin;
 use app\common\controller\Backend;
 use fast\Random;
 use think\Session;
+use think\Validate;
 
 /**
  * 个人配置
@@ -59,10 +60,20 @@ class Profile extends Backend
                 array_flip(array('email', 'nickname', 'password', 'avatar'))
             ));
             unset($v);
+            if (!Validate::is($params['email'], "email")) {
+                $this->error(__("Please input correct email"));
+            }
             if (isset($params['password'])) {
+                if (!Validate::is($params['password'], "/^[\S]{6,16}$/")) {
+                    $this->error(__("Please input correct password"));
+                }
                 $params['salt'] = Random::alnum();
                 $params['password'] = md5(md5($params['password']) . $params['salt']);
             }
+            $exist = Admin::where('email', $params['email'])->where('id', '<>', $this->auth->id)->find();
+            if ($exist) {
+                $this->error(__("Email already exists"));
+            }
             if ($params) {
                 $admin = Admin::get($this->auth->id);
                 $admin->save($params);

@@ -53,6 +53,7 @@ return [
     'Mail vertify type'           => 'SMTP验证方式',
     'Mail from'                   => '发件人邮箱',
     'Name already exist'          => '变量名称已经存在',
+    'Add new config'              => '点击添加新的配置',
     'Send a test message'         => '发送测试邮件',
     'This is a test mail content' => '这是一封来自FastAdmin校验邮件,用于校验邮件配置是否正常!',
     'This is a test mail'         => '这是一封来自FastAdmin的邮件',

@@ -7,4 +7,7 @@ return [
     'Click to edit'                               => '点击编辑',
     'Admin log'                                   => '操作日志',
     'Leave password blank if dont want to change' => '不修改密码请留空',
+    'Please input correct email'                  => '请输入正确的Email地址',
+    'Please input correct password'               => '密码长度不正确',
+    'Email already exists'                        => '邮箱已经存在',
 ];

@@ -7,6 +7,7 @@ use fast\Random;
 use fast\Tree;
 use think\Config;
 use think\Cookie;
+use think\Hook;
 use think\Request;
 use think\Session;
 
@@ -361,6 +362,8 @@ class Auth extends \fast\Auth
      */
     public function getSidebar($params = [], $fixedPage = 'dashboard')
     {
+        // 边栏开始
+        Hook::listen("admin_sidebar_begin", $params);
         $colorArr = ['red', 'green', 'yellow', 'blue', 'teal', 'orange', 'purple'];
         $colorNums = count($colorArr);
         $badgeList = [];

@@ -23,7 +23,7 @@
             <li class="{$vo.active?'active':''}"><a href="#{$vo.name}" data-toggle="tab">{:__($vo.title)}</a></li>
             {/foreach}
             <li>
-                <a href="#addcfg" data-toggle="tab"><i class="fa fa-plus"></i></a>
+                <a href="#addcfg" data-toggle="tab" title="{:__('Add new config')}"><i class="fa fa-plus"></i></a>
             </li>
         </ul>
     </div>

@@ -5,6 +5,7 @@ namespace app\api\controller;
 use app\common\controller\Api;
 use app\common\library\Sms as Smslib;
 use app\common\model\User;
+use think\Hook;
 
 /**
  * 手机短信接口
@@ -50,11 +51,14 @@ class Sms extends Api
                 $this->error(__('未注册'));
             }
         }
+        if (!Hook::get('sms_send')) {
+            $this->error(__('请在后台插件管理安装短信验证插件'));
+        }
         $ret = Smslib::send($mobile, null, $event);
         if ($ret) {
             $this->success(__('发送成功'));
         } else {
-            $this->error(__('发送失败'));
+            $this->error(__('发送失败，请检查短信配置是否正确'));
         }
     }
 

@@ -96,6 +96,7 @@ class User extends Api
      * @param string $password 密码
      * @param string $email    邮箱
      * @param string $mobile   手机号
+     * @param string $code   验证码
      */
     public function register()
     {
@@ -103,6 +104,7 @@ class User extends Api
         $password = $this->request->request('password');
         $email = $this->request->request('email');
         $mobile = $this->request->request('mobile');
+        $code = $this->request->request('code');
         if (!$username || !$password) {
             $this->error(__('Invalid parameters'));
         }
@@ -112,6 +114,10 @@ class User extends Api
         if ($mobile && !Validate::regex($mobile, "^1\d{10}$")) {
             $this->error(__('Mobile is incorrect'));
         }
+        $ret = Sms::check($mobile, $code, 'register');
+        if (!$ret) {
+            $this->error(__('Captcha is incorrect'));
+        }
         $ret = $this->auth->register($username, $password, $email, $mobile, []);
         if ($ret) {
             $data = ['userinfo' => $this->auth->getUserinfo()];

@@ -57,7 +57,7 @@ return [
     // 默认模块名
     'default_module'         => 'index',
     // 禁止访问模块
-    'deny_module_list'       => ['common'],
+    'deny_module_list'       => ['common', 'admin'],
     // 默认控制器名
     'default_controller'     => 'Index',
     // 默认操作名
@@ -272,7 +272,7 @@ return [
         //自动检测更新
         'checkupdate'         => false,
         //版本号
-        'version'             => '1.0.0.20190705_beta',
+        'version'             => '1.0.0.20190930_beta',
         //API接口地址
         'api_url'             => 'https://api.fastadmin.net',
     ],

@@ -3,6 +3,7 @@
 namespace app\index\controller;
 
 use app\common\controller\Frontend;
+use app\common\library\Sms;
 use think\Config;
 use think\Cookie;
 use think\Hook;
@@ -85,13 +86,13 @@ class User extends Frontend
             $email = $this->request->post('email');
             $mobile = $this->request->post('mobile', '');
             $captcha = $this->request->post('captcha');
+            $code = $this->request->post('code');
             $token = $this->request->post('__token__');
             $rule = [
                 'username'  => 'require|length:3,30',
                 'password'  => 'require|length:6,30',
                 'email'     => 'require|email',
                 'mobile'    => 'regex:/^1\d{10}$/',
-                'captcha'   => 'require|captcha',
                 '__token__' => 'require|token',
             ];
 
@@ -100,8 +101,8 @@ class User extends Frontend
                 'username.length'  => 'Username must be 3 to 30 characters',
                 'password.require' => 'Password can not be empty',
                 'password.length'  => 'Password must be 6 to 30 characters',
-                'captcha.require'  => 'Captcha can not be empty',
-                'captcha.captcha'  => 'Captcha is incorrect',
+                //'captcha.require'  => 'Captcha can not be empty',
+                //'captcha.captcha'  => 'Captcha is incorrect',
                 'email'            => 'Email is incorrect',
                 'mobile'           => 'Mobile is incorrect',
             ];
@@ -110,9 +111,13 @@ class User extends Frontend
                 'password'  => $password,
                 'email'     => $email,
                 'mobile'    => $mobile,
-                'captcha'   => $captcha,
+                //'captcha'   => $captcha,
                 '__token__' => $token,
             ];
+            $ret = Sms::check($mobile, $code, 'register');
+            if (!$ret) {
+                $this->error(__('Captcha is incorrect'));
+            }
             $validate = new Validate($rule, $msg);
             $result = $validate->check($data);
             if (!$result) {

@@ -2,12 +2,13 @@
 
 return [
     'Title'           => '标题',
+    'CRUD'            => '一键CRUD',
     'Auth tips'       => '基于完善的Auth权限控制管理、无限父子级权限分组、可自由分配子级权限、一个管理员可同时属于多个组别',
     'Responsive tips' => '基于Bootstrap和AdminLTE进行二次开发,手机、平板、PC均自动适配,无需要担心兼容性问题',
     'Languages tips'  => '不仅仅后台开发支持多语言,同时视图部分和JS部分仍然共享同一个语言包,语法相同且自动加载',
     'Module tips'     => '控制器、模型、视图、JS一一对应,使用RequireJS进行JS模块化管理,采用Bower进行前端包组件管理',
-    'CRUD tips'       => '控制台进行一键生成控制器、模型、视图和JS文件,一键生成API文档,一键生成后台权限节点和菜单栏',
-    'Extension tips'  => 'FastAdmin提供强大的扩展中心，可直接在线安装和卸载插件，同时支持命令行一键操作',
+    'CRUD tips'       => '可使用命令行一键生成控制器、模型、视图和JS文件,一键生成API文档,一键生成回收站，一键生成后台权限节点和菜单栏',
+    'Extension tips'  => 'FastAdmin提供强大丰富的应用(插件)市场，可直接在线安装和卸载用户(插件)，同时支持命令行一键操作',
     'Do not hesitate' => '不要犹豫',
     'Start to act'    => '开始行动',
 ];

@@ -63,7 +63,6 @@
                             <div class="header-content-inner">
                                 <h1>FastAdmin</h1>
                                 <h3>{:__('The fastest framework based on ThinkPHP5 and Bootstrap')}</h3>
-                                <a href="{:url('admin/index/login')}" class="btn btn-warning btn-xl page-scroll">{:__('Go to Dashboard')}</a>
                                 <a href="{:url('index/user/index')}" class="btn btn-outline btn-xl page-scroll">{:__('Go to Member center')}</a>
                             </div>
                         </div>
@@ -147,7 +146,7 @@
         <footer>
             <div class="container">
                 <!-- FastAdmin是开源程序，建议在您的网站底部保留一个FastAdmin的链接 -->
-                <p>&copy; 2017-2018 <a href="https://www.fastadmin.net" target="_blank">FastAdmin</a>. All Rights Reserved.</p>
+                <p>&copy; 2017-2019 <a href="https://www.fastadmin.net" target="_blank">FastAdmin</a>. All Rights Reserved.</p>
                 <ul class="list-inline">
                     <li>
                         <a href="https://gitee.com/karson/fastadmin">{:__('Gitee')}</a>

@@ -61,7 +61,7 @@
 
         <footer class="footer" style="clear:both">
             <!-- FastAdmin是开源程序，建议在您的网站底部保留一个FastAdmin的链接 -->
-            <p class="copyright">Copyright&nbsp;©&nbsp;2017-2019 Powered by <a href="https://www.fastadmin.net" target="_blank">FastAdmin</a> All Rights Reserved {$site.name|htmlentities} {:__('Copyrights')} <a href="http://www.miibeian.gov.cn" target="_blank">{$site.beian|htmlentities}</a></p>
+            <p class="copyright">Copyright&nbsp;©&nbsp;2017-2019 Powered by <a href="https://www.fastadmin.net" target="_blank">FastAdmin</a> All Rights Reserved <a href="http://www.beian.miit.gov.cn" target="_blank">{$site.beian|htmlentities}</a></p>
         </footer>
 
         {include file="common/script" /}

@@ -37,10 +37,10 @@
                 <div class="form-group">
                     <label class="control-label">{:__('Captcha')}</label>
                     <div class="controls">
-                        <div class="input-group input-group-lg">
-                            <input type="text" name="captcha" class="form-control" placeholder="{:__('Captcha')}" data-rule="required;length(4)" style="border-radius: 0;" />
-                            <span class="input-group-addon" style="padding:0;border:none;">
-                                <img src="{:captcha_src()}" width="140" height="42" onclick="this.src = '{:captcha_src()}?r=' + Math.random();"/>
+                        <div class="input-group">
+                            <input type="text" name="code" class="form-control input-lg" data-rule="required;length(4);integer[+];remote({:url('api/validate/check_sms_correct')}, event=register, mobile:#mobile)" />
+                            <span class="input-group-btn" style="padding:0;border:none;">
+                                <a href="javascript:;" class="btn btn-info btn-captcha btn-lg" data-url="{:url('api/sms/send')}" data-type="mobile" data-event="register">发送验证码</a>
                             </span>
                         </div>
                         <p class="help-block"></p>

@@ -62,6 +62,15 @@ define(['jquery', 'bootstrap', 'backend', 'table', 'form', 'template'], function
             // 初始化表格
             table.bootstrapTable({
                 url: $.fn.bootstrapTable.defaults.extend.index_url,
+                queryParams: function (params) {
+                    var userinfo = Controller.api.userinfo.get();
+                    $.extend(params, {
+                        uid: userinfo ? userinfo.id : '',
+                        token: userinfo ? userinfo.token : '',
+                        version: Config.fastadmin.version
+                    });
+                    return params;
+                },
                 columns: [
                     [
                         {field: 'id', title: 'ID', operate: false, visible: false},
@@ -144,8 +153,7 @@ define(['jquery', 'bootstrap', 'backend', 'table', 'form', 'template'], function
                 commonSearch: true,
                 searchFormVisible: true,
                 searchFormTemplate: 'searchformtpl',
-                pageSize: 12,
-                pagination: false,
+                pageSize: 30,
             });
 
             // 为表格绑定事件

@@ -23,15 +23,15 @@ define('INSTALL_PATH', APP_PATH . 'admin' . DS . 'command' . DS . 'Install' . DS
 // 判断文件或目录是否有写的权限
 function is_really_writable($file)
 {
-    if (DIRECTORY_SEPARATOR == '/' AND @ ini_get("safe_mode") == FALSE) {
+    if (DIRECTORY_SEPARATOR == '/' AND @ ini_get("safe_mode") == false) {
         return is_writable($file);
     }
-    if (!is_file($file) OR ($fp = @fopen($file, "r+")) === FALSE) {
-        return FALSE;
+    if (!is_file($file) OR ($fp = @fopen($file, "r+")) === false) {
+        return false;
     }
 
     fclose($fp);
-    return TRUE;
+    return true;
 }
 
 $sitename = "FastAdmin";
@@ -59,31 +59,40 @@ $errInfo = '';
 //数据库配置文件
 $dbConfigFile = APP_PATH . 'database.php';
 
+//后台入口文件
+$adminFile = ROOT_PATH . 'public' . DS . 'admin.php';
+
 // 锁定的文件
 $lockFile = INSTALL_PATH . 'install.lock';
 if (is_file($lockFile)) {
     $errInfo = "当前已经安装{$sitename}，如果需要重新安装，请手动移除application/admin/command/Install/install.lock文件";
-} else if (version_compare(PHP_VERSION, '5.5.0', '<')) {
-    $errInfo = "当前版本(" . PHP_VERSION . ")过低，请使用PHP5.5以上版本";
-} else if (!extension_loaded("PDO")) {
-    $errInfo = "当前未开启PDO，无法进行安装";
-} else if (!is_really_writable($dbConfigFile)) {
-    $open_basedir = ini_get('open_basedir');
-    if ($open_basedir) {
-        $dirArr = explode(PATH_SEPARATOR, $open_basedir);
-        if ($dirArr && in_array(__DIR__, $dirArr)) {
-            $errInfo = '当前服务器因配置了open_basedir，导致无法读取父目录<br><a href="https://forum.fastadmin.net/thread/1145?ref=install" target="_blank">点击查看解决办法</a>';
-        }
-    }
-    if (!$errInfo) {
-        $errInfo = '当前权限不足，无法写入配置文件application/database.php<br><a href="https://forum.fastadmin.net/thread/1145?ref=install" target="_blank">点击查看解决办法</a>';
-    }
 } else {
-    $dirArr = [];
-    foreach ($checkDirs as $k => $v) {
-        if (!is_dir(ROOT_PATH . $v)) {
-            $errInfo = '当前代码仅包含核心代码，请前往官网下载完整包或资源包覆盖后再尝试安装，<a href="https://www.fastadmin.net/download.html?ref=install" target="_blank">立即前往下载</a>';
-            break;
+    if (version_compare(PHP_VERSION, '5.5.0', '<')) {
+        $errInfo = "当前版本(" . PHP_VERSION . ")过低，请使用PHP5.5以上版本";
+    } else {
+        if (!extension_loaded("PDO")) {
+            $errInfo = "当前未开启PDO，无法进行安装";
+        } else {
+            if (!is_really_writable($dbConfigFile)) {
+                $open_basedir = ini_get('open_basedir');
+                if ($open_basedir) {
+                    $dirArr = explode(PATH_SEPARATOR, $open_basedir);
+                    if ($dirArr && in_array(__DIR__, $dirArr)) {
+                        $errInfo = '当前服务器因配置了open_basedir，导致无法读取父目录<br><a href="https://forum.fastadmin.net/thread/1145?ref=install" target="_blank">点击查看解决办法</a>';
+                    }
+                }
+                if (!$errInfo) {
+                    $errInfo = '当前权限不足，无法写入配置文件application/database.php<br><a href="https://forum.fastadmin.net/thread/1145?ref=install" target="_blank">点击查看解决办法</a>';
+                }
+            } else {
+                $dirArr = [];
+                foreach ($checkDirs as $k => $v) {
+                    if (!is_dir(ROOT_PATH . $v)) {
+                        $errInfo = '当前代码仅包含核心代码，请前往官网下载完整包或资源包覆盖后再尝试安装，<a href="https://www.fastadmin.net/download.html?ref=install" target="_blank">立即前往下载</a>';
+                        break;
+                    }
+                }
+            }
         }
     }
 }
@@ -110,22 +119,19 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
     $adminPasswordConfirmation = isset($_POST['adminPasswordConfirmation']) ? $_POST['adminPasswordConfirmation'] : '123456';
     $adminEmail = isset($_POST['adminEmail']) ? $_POST['adminEmail'] : 'admin@admin.com';
 
-    if ($adminPassword !== $adminPasswordConfirmation) {
-        echo "两次输入的密码不一致";
-        exit;
-    } else if (!preg_match("/^\w+$/", $adminUsername)) {
-        echo "用户名只能输入字母、数字、下划线";
+    if (!preg_match("/^\w{3,12}$/", $adminUsername)) {
+        echo "用户名只能由3-12位数字、字母、下划线组合";
         exit;
-    } else if (!preg_match("/^[\S]+$/", $adminPassword)) {
-        echo "密码不能包含空格";
-        exit;
-    } else if (strlen($adminUsername) < 3 || strlen($adminUsername) > 12) {
-        echo "用户名请输入3~12位字符";
+    }
+    if (!preg_match("/^[\S]{6,16}$/", $adminPassword)) {
+        echo "密码长度必须在6-16位之间，不能包含空格";
         exit;
-    } else if (strlen($adminPassword) < 6 || strlen($adminPassword) > 16 || stripos($adminPassword, ' ') !== false) {
-        echo "密码请输入6~16位字符,不能包含空格";
+    }
+    if ($adminPassword !== $adminPasswordConfirmation) {
+        echo "两次输入的密码不一致";
         exit;
     }
+
     try {
         //检测能否读取安装文件
         $sql = @file_get_contents(INSTALL_PATH . 'fastadmin.sql');
@@ -177,7 +183,14 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
         $newSalt = substr(md5(uniqid(true)), 0, 6);
         $newPassword = md5(md5($adminPassword) . $newSalt);
         $pdo->query("UPDATE {$mysqlPrefix}admin SET username = '{$adminUsername}', email = '{$adminEmail}',password = '{$newPassword}', salt = '{$newSalt}' WHERE username = 'admin'");
-        echo "success";
+
+        $adminName = '';
+        if (is_file($adminFile)) {
+            $x = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+            $adminName = substr(str_shuffle(str_repeat($x, ceil(10 / strlen($x)))), 1, 10) . '.php';
+            rename($adminFile, ROOT_PATH . 'public' . DS . $adminName);
+        }
+        echo "success|{$adminName}";
     } catch (PDOException $e) {
         $err = $e->getMessage();
     } catch (Exception $e) {
@@ -202,16 +215,18 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
             margin: 0;
             padding: 0;
             line-height: 1.5;
+            -webkit-font-smoothing: antialiased;
+            -moz-osx-font-smoothing: grayscale;
         }
 
         body, input, button {
-            font-family: 'Open Sans', sans-serif;
-            font-size: 16px;
+            font-family: 'Source Sans Pro', 'Helvetica Neue', Helvetica, 'Microsoft Yahei', Arial, sans-serif;
+            font-size: 14px;
             color: #7E96B3;
         }
 
         .container {
-            max-width: 515px;
+            max-width: 480px;
             margin: 0 auto;
             padding: 20px;
             text-align: center;
@@ -236,6 +251,7 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
             font-weight: normal;
             color: #3C5675;
             margin-bottom: 0;
+            margin-top: 0;
         }
 
         form {
@@ -300,7 +316,16 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
             opacity: 0.5;
         }
 
-        #error, .error, #success, .success {
+        .form-buttons {
+            height: 52px;
+            line-height: 52px;
+        }
+
+        .form-buttons .btn {
+            margin-right: 5px;
+        }
+
+        #error, .error, #success, .success, #warmtips, .warmtips {
             background: #D83E3E;
             color: #fff;
             padding: 15px 20px;
@@ -316,13 +341,29 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
             color: white;
             text-decoration: underline;
         }
+
+        #warmtips {
+            background: #ffcdcd;
+            font-size: 14px;
+            color: #e74c3c;
+        }
+
+        #warmtips a {
+            background: #ffffff7a;
+            display: block;
+            height: 30px;
+            line-height: 30px;
+            margin-top: 10px;
+            color: #e21a1a;
+            border-radius: 3px;
+        }
     </style>
 </head>
 
 <body>
 <div class="container">
     <h1>
-        <svg width="100px" height="120px" viewBox="0 0 768 830" version="1.1" xmlns="http://www.w3.org/2000/svg"
+        <svg width="80px" height="96px" viewBox="0 0 768 830" version="1.1" xmlns="http://www.w3.org/2000/svg"
              xmlns:xlink="http://www.w3.org/1999/xlink">
             <g id="logo" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">
                 <path d="M64.433651,605.899968 C20.067302,536.265612 0,469.698785 0,389.731348 C0,174.488668 171.922656,0 384,0 C596.077344,0 768,174.488668 768,389.731348 C768,469.698785 747.932698,536.265612 703.566349,605.899968 C614.4,753.480595 441.6,870.4 384,870.4 C326.4,870.4 153.6,753.480595 64.433651,605.899968 L64.433651,605.899968 Z"
@@ -336,7 +377,7 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
     <div>
 
         <p>若你在安装中遇到麻烦可点击 <a href="<?php echo $link['doc']; ?>" target="_blank">安装文档</a> <a
-                    href="<?php echo $link['forum']; ?>" target="_blank">交流社区</a> <a
+                    href="<?php echo $link['forum']; ?>" target="_blank">问答社区</a> <a
                     href="<?php echo $link['qqun']; ?>">QQ交流群</a></p>
         <!--<p><?php echo $sitename; ?>还支持在命令行php think install一键安装</p>-->
 
@@ -348,6 +389,7 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
             <?php endif; ?>
             <div id="error" style="display:none"></div>
             <div id="success" style="display:none"></div>
+            <div id="warmtips" style="display:none"></div>
 
             <div class="form-group">
                 <div class="form-field">
@@ -417,18 +459,28 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
 
                 $('form').on('submit', function (e) {
                     e.preventDefault();
-
+                    var form = this;
                     var $button = $(this).find('button')
                         .text('安装中...')
                         .prop('disabled', true);
 
                     $.post('', $(this).serialize())
                         .done(function (ret) {
-                            if (ret === 'success') {
+                            if (ret.substr(0, 7) === 'success') {
+                                var retArr = ret.split(/\|/);
                                 $('#error').hide();
-                                $("#success").text("安装成功！开始你的<?php echo $sitename; ?>之旅吧！").show();
-                                $('<a class="btn" href="./">访问首页</a> <a class="btn" href="./index.php/admin/index/login" style="background:#18bc9c">访问后台</a>').insertAfter($button);
+                                $(".form-group", form).remove();
                                 $button.remove();
+                                $("#success").text("安装成功！开始你的<?php echo $sitename; ?>之旅吧！").show();
+
+                                $buttons = $(".form-buttons", form);
+                                $('<a class="btn" href="./">访问首页</a>').appendTo($buttons);
+
+                                if (typeof retArr[1] !== 'undefined' && retArr[1] !== '') {
+                                    var url = location.href.replace(/install\.php/, retArr[1]);
+                                    $("#warmtips").html('温馨提示：请将以下后台登录入口添加到你的收藏夹，为了你的安全，不要泄漏或发送给他人！如有泄漏请及时修改！<a href="' + url + '">' + url + '</a>').show();
+                                    $('<a class="btn" href="' + url + '" id="btn-admin" style="background:#18bc9c">访问后台</a>').appendTo($buttons);
+                                }
                                 localStorage.setItem("fastep", "installed");
                             } else {
                                 $('#error').show().text(ret);