1

app/api/controller/Forum.php

@@ -0,0 +1,221 @@
+<?php
+declare (strict_types=1);
+
+namespace app\api\controller;
+
+use app\BaseController;
+use app\model\api\ForumPost;
+use app\model\api\ForumComment;
+use app\model\api\User as UserModel;
+use app\Request;
+use library\services\UtilService;
+use think\facade\Db;
+
+/**
+ * 论坛控制器
+ */
+class Forum extends BaseController
+{
+    /**
+     * 检查用户发帖权限
+     * @param int $uid
+     * @return bool
+     */
+    private function checkPostPermission($uid)
+    {
+        $user = Db::name('user')->where('uid', $uid)->find();
+        return !empty($user) && $user['permission'] == 1;
+    }
+
+    /**
+     * 帖子列表
+     * @param Request $request
+     */
+    public function postList(Request $request)
+    {
+        $post = UtilService::getMore([
+            ['page', 1],
+            ['pageSize', 20],
+        ], $request);
+
+        $result = (new ForumPost())->getList((int)$post['page'], (int)$post['pageSize']);
+
+        return app('json')->success($result);
+    }
+
+    /**
+     * 帖子详情
+     * @param Request $request
+     */
+    public function postDetail(Request $request)
+    {
+        $post = UtilService::getMore([
+            ['id', 0, 'empty', '参数错误'],
+        ], $request);
+
+        $detail = (new ForumPost())->getDetail((int)$post['id']);
+
+        if (!$detail) {
+            return app('json')->fail('帖子不存在');
+        }
+
+        return app('json')->success($detail);
+    }
+
+    /**
+     * 发布帖子
+     * @param Request $request
+     */
+    public function createPost(Request $request)
+    {
+        $uid = $request->user['uid'];
+
+        // 检查发帖权限
+        if (!$this->checkPostPermission($uid)) {
+            return app('json')->fail('您没有发帖权限');
+        }
+
+        $postData = UtilService::getMore([
+            ['title', '', 'empty', '请填写标题'],
+            ['content', '', 'empty', '请填写内容'],
+            ['images', []],
+        ], $request);
+
+        // 验证标题长度
+        if (mb_strlen($postData['title']) > 200) {
+            return app('json')->fail('标题不能超过200个字符');
+        }
+
+        // 验证内容长度
+        if (mb_strlen($postData['content']) < 10) {
+            return app('json')->fail('内容不能少于10个字符');
+        }
+
+        $result = (new ForumPost())->createPost($uid, $postData);
+
+        if ($result[0]) {
+            return app('json')->success($result[1]);
+        } else {
+            return app('json')->fail($result[1]);
+        }
+    }
+
+    /**
+     * 我的帖子列表
+     * @param Request $request
+     */
+    public function myPosts(Request $request)
+    {
+        $uid = $request->user['uid'];
+
+        $post = UtilService::getMore([
+            ['page', 1],
+            ['pageSize', 20],
+        ], $request);
+
+        $result = (new ForumPost())->getUserPosts($uid, (int)$post['page'], (int)$post['pageSize']);
+
+        return app('json')->success($result);
+    }
+
+    /**
+     * 评论列表
+     * @param Request $request
+     */
+    public function commentList(Request $request)
+    {
+        $post = UtilService::getMore([
+            ['post_id', 0, 'empty', '参数错误'],
+            ['page', 1],
+            ['pageSize', 20],
+        ], $request);
+
+        $result = (new ForumComment())->getList((int)$post['post_id'], (int)$post['page'], (int)$post['pageSize']);
+
+        return app('json')->success($result);
+    }
+
+    /**
+     * 添加评论
+     * @param Request $request
+     */
+    public function addComment(Request $request)
+    {
+        $uid = $request->user['uid'];
+
+        $postData = UtilService::getMore([
+            ['post_id', 0, 'empty', '参数错误'],
+            ['content', '', 'empty', '请填写评论内容'],
+        ], $request);
+
+        // 验证内容长度
+        if (mb_strlen($postData['content']) < 1) {
+            return app('json')->fail('评论内容不能为空');
+        }
+
+        if (mb_strlen($postData['content']) > 1000) {
+            return app('json')->fail('评论内容不能超过1000个字符');
+        }
+
+        $result = (new ForumComment())->addComment($uid, (int)$postData['post_id'], $postData['content']);
+
+        if ($result[0]) {
+            return app('json')->success($result[1], $result[2] ?? []);
+        } else {
+            return app('json')->fail($result[1]);
+        }
+    }
+
+    /**
+     * 删除评论
+     * @param Request $request
+     */
+    public function deleteComment(Request $request)
+    {
+        $uid = $request->user['uid'];
+
+        $post = UtilService::getMore([
+            ['id', 0, 'empty', '参数错误'],
+        ], $request);
+
+        $result = (new ForumComment())->deleteComment((int)$post['id'], $uid);
+
+        if ($result[0]) {
+            return app('json')->success($result[1]);
+        } else {
+            return app('json')->fail($result[1]);
+        }
+    }
+
+    /**
+     * 我的评论列表
+     * @param Request $request
+     */
+    public function myComments(Request $request)
+    {
+        $uid = $request->user['uid'];
+
+        $post = UtilService::getMore([
+            ['page', 1],
+            ['pageSize', 20],
+        ], $request);
+
+        $result = (new ForumComment())->getUserComments($uid, (int)$post['page'], (int)$post['pageSize']);
+
+        return app('json')->success($result);
+    }
+
+    /**
+     * 检查发帖权限
+     * @param Request $request
+     */
+    public function checkPermission(Request $request)
+    {
+        $uid = $request->user['uid'];
+        $hasPermission = $this->checkPostPermission($uid);
+
+        return app('json')->success('查询成功', [
+            'has_permission' => $hasPermission
+        ]);
+    }
+}

app/api/route/forum.php

@@ -0,0 +1,48 @@
+<?php
+// +----------------------------------------------------------------------
+// | [ WE CAN DO IT MORE SIMPLE  ]
+// +----------------------------------------------------------------------
+// | Copyright (c) 2018-2020 rights reserved.
+// +----------------------------------------------------------------------
+// | Author: TABLE ME
+// +----------------------------------------------------------------------
+// | Date: 2020-09-05 09:21
+// +----------------------------------------------------------------------
+
+use app\api\middleware\AllowOriginMiddleware;
+use app\api\middleware\SeretKeyMiddleware;
+use app\api\middleware\UserMiddleware;
+use think\facade\Route;
+
+// 公开访问的接口
+Route::group('forum', function () {
+    // 帖子列表
+    Route::rule('postList', 'Forum/postList');
+    // 帖子详情
+    Route::rule('postDetail', 'Forum/postDetail');
+    // 评论列表
+    Route::rule('commentList', 'Forum/commentList');
+})->middleware([
+    AllowOriginMiddleware::class,
+    SeretKeyMiddleware::class,
+]);
+
+// 需要登录的接口
+Route::group('forum', function () {
+    // 发布帖子
+    Route::rule('createPost', 'Forum/createPost');
+    // 我的帖子
+    Route::rule('myPosts', 'Forum/myPosts');
+    // 添加评论
+    Route::rule('addComment', 'Forum/addComment');
+    // 删除评论
+    Route::rule('deleteComment', 'Forum/deleteComment');
+    // 我的评论
+    Route::rule('myComments', 'Forum/myComments');
+    // 检查发帖权限
+    Route::rule('checkPermission', 'Forum/checkPermission');
+})->middleware([
+    AllowOriginMiddleware::class,
+    SeretKeyMiddleware::class,
+    UserMiddleware::class,
+]);

app/model/api/ForumComment.php

@@ -0,0 +1,186 @@
+<?php
+declare (strict_types=1);
+
+namespace app\model\api;
+
+use library\basic\BaseModel;
+use think\Model;
+use think\facade\Db;
+
+/**
+ * 论坛评论模型
+ * @mixin \think\Model
+ */
+class ForumComment extends BaseModel
+{
+    protected $pk = 'id';
+    protected $table = 'forum_comment';
+
+    /**
+     * 获取评论列表
+     * @param int $postId 帖子ID
+     * @param int $page 页码
+     * @param int $pageSize 每页数量
+     * @return array
+     */
+    public function getList($postId, $page = 1, $pageSize = 20)
+    {
+        $pageSize = $pageSize > 50 ? 50 : (int)$pageSize;
+        $page = $page <= 0 ? 1 : (int)$page;
+
+        $where = [
+            ['post_id', '=', $postId],
+            ['status', '=', 1]
+        ];
+
+        $total = $this->where($where)->count();
+        $list = [];
+
+        if ($total > 0) {
+            $list = $this->alias('c')
+                ->field('c.*, u.nickname as author_name, u.avatar as author_avatar')
+                ->leftJoin('user u', 'u.uid = c.uid')
+                ->where($where)
+                ->order('c.create_time', 'asc')
+                ->page($page, $pageSize)
+                ->select();
+
+            if (!empty($list)) {
+                $list = $list->toArray();
+                foreach ($list as &$item) {
+                    if (!empty($item['create_time'])) {
+                        $item['create_time'] = date('Y-m-d H:i:s', $item['create_time']);
+                    }
+                }
+            }
+        }
+
+        return [
+            'list' => $list,
+            'total' => $total,
+            'page' => $page,
+            'pageSize' => $pageSize
+        ];
+    }
+
+    /**
+     * 添加评论
+     * @param int $uid 用户ID
+     * @param int $postId 帖子ID
+     * @param string $content 评论内容
+     * @return array [success, message, data]
+     */
+    public function addComment($uid, $postId, $content)
+    {
+        try {
+            self::beginTrans();
+
+            // 检查帖子是否存在且状态正常
+            $post = Db::name('forum_post')->where('id', $postId)->where('status', 1)->find();
+            if (!$post) {
+                self::rollbackTrans();
+                return [0, '帖子不存在或已被禁用'];
+            }
+
+            $insertData = [
+                'post_id' => $postId,
+                'uid' => $uid,
+                'content' => trim($content),
+                'status' => 1,
+                'create_time' => time(),
+                'update_time' => time(),
+            ];
+
+            $result = $this->insert($insertData);
+
+            if (!$result) {
+                self::rollbackTrans();
+                return [0, '评论失败'];
+            }
+
+            // 更新帖子评论数
+            Db::name('forum_post')->where('id', $postId)->inc('comment_count')->update();
+
+            self::commitTrans();
+            return [1, '评论成功', ['post_id' => $postId]];
+
+        } catch (\Exception $e) {
+            self::rollbackTrans();
+            return [0, '评论失败：' . $e->getMessage()];
+        }
+    }
+
+    /**
+     * 删除评论
+     * @param int $id 评论ID
+     * @param int $uid 用户ID
+     * @return array [success, message]
+     */
+    public function deleteComment($id, $uid)
+    {
+        try {
+            self::beginTrans();
+
+            $comment = $this->where('id', $id)->where('uid', $uid)->find();
+            if (!$comment) {
+                self::rollbackTrans();
+                return [0, '评论不存在或无权删除'];
+            }
+
+            // 删除评论
+            $this->where('id', $id)->delete();
+
+            // 更新帖子评论数
+            Db::name('forum_post')->where('id', $comment['post_id'])->dec('comment_count')->update();
+
+            self::commitTrans();
+            return [1, '删除成功'];
+
+        } catch (\Exception $e) {
+            self::rollbackTrans();
+            return [0, '删除失败：' . $e->getMessage()];
+        }
+    }
+
+    /**
+     * 获取用户评论列表
+     * @param int $uid 用户ID
+     * @param int $page 页码
+     * @param int $pageSize 每页数量
+     * @return array
+     */
+    public function getUserComments($uid, $page = 1, $pageSize = 20)
+    {
+        $pageSize = $pageSize > 50 ? 50 : (int)$pageSize;
+        $page = $page <= 0 ? 1 : (int)$page;
+
+        $total = $this->where('uid', $uid)->count();
+        $list = [];
+
+        if ($total > 0) {
+            $list = $this->alias('c')
+                ->field('c.*, p.title as post_title, p.id as post_id')
+                ->leftJoin('forum_post p', 'p.id = c.post_id')
+                ->where('c.uid', $uid)
+                ->order('c.create_time', 'desc')
+                ->page($page, $pageSize)
+                ->select();
+
+            if (!empty($list)) {
+                $list = $list->toArray();
+                foreach ($list as &$item) {
+                    if (!empty($item['create_time'])) {
+                        $item['create_time'] = date('Y-m-d H:i:s', $item['create_time']);
+                    }
+                }
+            }
+        }
+
+        return [
+            'list' => $list,
+            'total' => $total,
+            'page' => $page,
+            'pageSize' => $pageSize
+        ];
+    }
+}

app/model/api/ForumPost.php

@@ -0,0 +1,188 @@
+<?php
+declare (strict_types=1);
+
+namespace app\model\api;
+
+use library\basic\BaseModel;
+use think\Model;
+
+/**
+ * 论坛帖子模型
+ * @mixin \think\Model
+ */
+class ForumPost extends BaseModel
+{
+    protected $pk = 'id';
+    protected $table = 'forum_post';
+
+    /**
+     * 获取帖子列表
+     * @param int $page 页码
+     * @param int $pageSize 每页数量
+     * @param array $where 筛选条件
+     * @return array
+     */
+    public function getList($page = 1, $pageSize = 20, $where = [])
+    {
+        $pageSize = $pageSize > 50 ? 50 : (int)$pageSize;
+        $page = $page <= 0 ? 1 : (int)$page;
+
+        $where[] = ['status', '=', 1];
+
+        $query = $this->alias('p')
+            ->field('p.*, u.nickname as author_name, u.avatar as author_avatar')
+            ->leftJoin('user u', 'u.uid = p.uid')
+            ->where($where)
+            ->order('p.is_top', 'desc')
+            ->order('p.create_time', 'desc');
+
+        $total = $query->count();
+        $list = [];
+
+        if ($total > 0) {
+            $list = $query->page($page, $pageSize)->select();
+            if (!empty($list)) {
+                $list = $list->toArray();
+                foreach ($list as &$item) {
+                    // 处理图片JSON
+                    if (!empty($item['images'])) {
+                        $item['images'] = json_decode($item['images'], true) ?: [];
+                    } else {
+                        $item['images'] = [];
+                    }
+                    // 格式化时间
+                    if (!empty($item['create_time'])) {
+                        $item['create_time'] = date('Y-m-d H:i:s', $item['create_time']);
+                    }
+                }
+            }
+        }
+
+        return [
+            'list' => $list,
+            'total' => $total,
+            'page' => $page,
+            'pageSize' => $pageSize
+        ];
+    }
+
+    /**
+     * 获取帖子详情
+     * @param int $id 帖子ID
+     * @return array|null
+     */
+    public function getDetail($id)
+    {
+        $post = $this->alias('p')
+            ->field('p.*, u.nickname as author_name, u.avatar as author_avatar')
+            ->leftJoin('user u', 'u.uid = p.uid')
+            ->where('p.id', $id)
+            ->where('p.status', 1)
+            ->find();
+
+        if (empty($post)) {
+            return null;
+        }
+
+        $post = $post->toArray();
+
+        // 处理图片JSON
+        if (!empty($post['images'])) {
+            $post['images'] = json_decode($post['images'], true) ?: [];
+        } else {
+            $post['images'] = [];
+        }
+
+        // 格式化时间
+        if (!empty($post['create_time'])) {
+            $post['create_time'] = date('Y-m-d H:i:s', $post['create_time']);
+        }
+        if (!empty($post['update_time'])) {
+            $post['update_time'] = date('Y-m-d H:i:s', $post['update_time']);
+        }
+
+        // 增加浏览次数
+        $this->where('id', $id)->inc('view_count')->update();
+
+        return $post;
+    }
+
+    /**
+     * 创建帖子
+     * @param int $uid 用户ID
+     * @param array $data 帖子数据
+     * @return array [success, message, data]
+     */
+    public function createPost($uid, $data)
+    {
+        try {
+            self::beginTrans();
+
+            $insertData = [
+                'uid' => $uid,
+                'title' => trim($data['title'] ?? ''),
+                'content' => trim($data['content'] ?? ''),
+                'images' => !empty($data['images']) ? json_encode($data['images'], JSON_UNESCAPED_UNICODE) : '',
+                'status' => 0, // 待审核
+                'create_time' => time(),
+                'update_time' => time(),
+            ];
+
+            $result = $this->insert($insertData);
+
+            if (!$result) {
+                self::rollbackTrans();
+                return [0, '发布失败'];
+            }
+
+            self::commitTrans();
+            return [1, '发布成功，等待审核'];
+
+        } catch (\Exception $e) {
+            self::rollbackTrans();
+            return [0, '发布失败：' . $e->getMessage()];
+        }
+    }
+
+    /**
+     * 获取用户发布的帖子列表
+     * @param int $uid 用户ID
+     * @param int $page 页码
+     * @param int $pageSize 每页数量
+     * @return array
+     */
+    public function getUserPosts($uid, $page = 1, $pageSize = 20)
+    {
+        $pageSize = $pageSize > 50 ? 50 : (int)$pageSize;
+        $page = $page <= 0 ? 1 : (int)$page;
+
+        $total = $this->where('uid', $uid)->count();
+        $list = [];
+
+        if ($total > 0) {
+            $list = $this->where('uid', $uid)
+                ->order('create_time', 'desc')
+                ->page($page, $pageSize)
+                ->select()
+                ->toArray();
+
+            foreach ($list as &$item) {
+                if (!empty($item['images'])) {
+                    $item['images'] = json_decode($item['images'], true) ?: [];
+                } else {
+                    $item['images'] = [];
+                }
+                if (!empty($item['create_time'])) {
+                    $item['create_time'] = date('Y-m-d H:i:s', $item['create_time']);
+                }
+            }
+        }
+
+        return [
+            'list' => $list,
+            'total' => $total,
+            'page' => $page,
+            'pageSize' => $pageSize
+        ];
+    }
+}

app/system/controller/Forum.php

@@ -0,0 +1,439 @@
+<?php
+
+namespace app\system\controller;
+
+use app\model\api\ForumPost;
+use app\model\api\ForumComment;
+use think\Request;
+use think\facade\Db;
+
+/**
+ * 后台论坛管理控制器
+ */
+class Forum
+{
+    // ==================== 帖子管理 ====================
+
+    /**
+     * 帖子列表
+     */
+    public function postList(Request $request)
+    {
+        $page = $request->param('page', 1);
+        $pageSize = $request->param('pageSize', 10);
+        $status = $request->param('status', '');
+        $title = $request->param('title', '');
+        $uid = $request->param('uid', '');
+
+        $where = [];
+        if ($status !== '' && in_array((string)$status, ['-1', '0', '1'])) {
+            $where[] = ['p.status', '=', (int)$status];
+        }
+        if ($title) {
+            $where[] = ['p.title', 'like', "%{$title}%"];
+        }
+        if ($uid) {
+            $where[] = ['p.uid', '=', (int)$uid];
+        }
+
+        $query = Db::name('forum_post')
+            ->alias('p')
+            ->field('p.*, u.nickname as author_name, u.mobile as author_mobile')
+            ->leftJoin('user u', 'u.uid = p.uid')
+            ->where($where)
+            ->order('p.create_time', 'desc');
+
+        $count = $query->count();
+        $list = $query->page($page, $pageSize)->select();
+
+        if (!empty($list)) {
+            $list = $list->toArray();
+            foreach ($list as &$item) {
+                if (!empty($item['create_time'])) {
+                    $item['create_time'] = date('Y-m-d H:i:s', $item['create_time']);
+                }
+                if (!empty($item['update_time'])) {
+                    $item['update_time'] = date('Y-m-d H:i:s', $item['update_time']);
+                }
+            }
+        }
+
+        return app('json')->success(['list' => $list, 'count' => $count]);
+    }
+
+    /**
+     * 帖子详情
+     */
+    public function postDetail(Request $request)
+    {
+        $id = $request->param('id');
+        $post = Db::name('forum_post')
+            ->alias('p')
+            ->field('p.*, u.nickname as author_name, u.mobile as author_mobile')
+            ->leftJoin('user u', 'u.uid = p.uid')
+            ->where('p.id', $id)
+            ->find();
+
+        if (!$post) {
+            return app('json')->fail('帖子不存在');
+        }
+
+        if (!empty($post['create_time'])) {
+            $post['create_time'] = date('Y-m-d H:i:s', $post['create_time']);
+        }
+        if (!empty($post['update_time'])) {
+            $post['update_time'] = date('Y-m-d H:i:s', $post['update_time']);
+        }
+        if (!empty($post['images'])) {
+            $post['images'] = json_decode($post['images'], true) ?: [];
+        }
+
+        return app('json')->success(['list' => [$post], 'count' => 1]);
+    }
+
+    /**
+     * 审核帖子
+     */
+    public function auditPost(Request $request)
+    {
+        $id = $request->param('id');
+        $status = $request->param('status', '');
+
+        if (!$id) {
+            return app('json')->fail('参数错误');
+        }
+
+        if (!in_array((string)$status, ['-1', '1'])) {
+            return app('json')->fail('状态值错误');
+        }
+
+        $post = Db::name('forum_post')->where('id', $id)->find();
+        if (!$post) {
+            return app('json')->fail('帖子不存在');
+        }
+
+        Db::name('forum_post')->where('id', $id)->update([
+            'status' => (int)$status,
+            'update_time' => time()
+        ]);
+
+        $msg = $status == 1 ? '审核通过' : '审核拒绝';
+        return app('json')->success($msg . '成功');
+    }
+
+    /**
+     * 设置帖子置顶
+     */
+    public function setTop(Request $request)
+    {
+        $id = $request->param('id');
+        $isTop = $request->param('is_top', 0);
+
+        if (!$id) {
+            return app('json')->fail('参数错误');
+        }
+
+        Db::name('forum_post')->where('id', $id)->update([
+            'is_top' => (int)$isTop,
+            'update_time' => time()
+        ]);
+
+        return app('json')->success('设置成功');
+    }
+
+    /**
+     * 编辑帖子
+     */
+    public function updatePost(Request $request)
+    {
+        $id = $request->param('id');
+        $title = $request->param('title', '');
+        $content = $request->param('content', '');
+
+        if (!$id) {
+            return app('json')->fail('参数错误');
+        }
+
+        $post = Db::name('forum_post')->where('id', $id)->find();
+        if (!$post) {
+            return app('json')->fail('帖子不存在');
+        }
+
+        $updateData = ['update_time' => time()];
+        if ($title !== '') {
+            $updateData['title'] = trim($title);
+        }
+        if ($content !== '') {
+            $updateData['content'] = trim($content);
+        }
+
+        Db::name('forum_post')->where('id', $id)->update($updateData);
+
+        return app('json')->success('修改成功');
+    }
+
+    /**
+     * 删除帖子
+     */
+    public function deletePost(Request $request)
+    {
+        $id = $request->param('id');
+
+        if (!$id) {
+            return app('json')->fail('参数错误');
+        }
+
+        $post = Db::name('forum_post')->where('id', $id)->find();
+        if (!$post) {
+            return app('json')->fail('帖子不存在');
+        }
+
+        Db::startTrans();
+        try {
+            // 删除帖子
+            Db::name('forum_post')->where('id', $id)->delete();
+            // 删除相关评论
+            Db::name('forum_comment')->where('post_id', $id)->delete();
+            Db::commit();
+            return app('json')->success('删除成功');
+        } catch (\Exception $e) {
+            Db::rollback();
+            return app('json')->fail('删除失败');
+        }
+    }
+
+    // ==================== 评论管理 ====================
+
+    /**
+     * 评论列表
+     */
+    public function commentList(Request $request)
+    {
+        $page = $request->param('page', 1);
+        $pageSize = $request->param('pageSize', 10);
+        $status = $request->param('status', '');
+        $postId = $request->param('post_id', '');
+        $content = $request->param('content', '');
+
+        $where = [];
+        if ($status !== '' && in_array((string)$status, ['-1', '0', '1'])) {
+            $where[] = ['c.status', '=', (int)$status];
+        }
+        if ($postId) {
+            $where[] = ['c.post_id', '=', (int)$postId];
+        }
+        if ($content) {
+            $where[] = ['c.content', 'like', "%{$content}%"];
+        }
+
+        $query = Db::name('forum_comment')
+            ->alias('c')
+            ->field('c.*, u.nickname as author_name, u.mobile as author_mobile, p.title as post_title')
+            ->leftJoin('user u', 'u.uid = c.uid')
+            ->leftJoin('forum_post p', 'p.id = c.post_id')
+            ->where($where)
+            ->order('c.create_time', 'desc');
+
+        $count = $query->count();
+        $list = $query->page($page, $pageSize)->select();
+
+        if (!empty($list)) {
+            $list = $list->toArray();
+            foreach ($list as &$item) {
+                if (!empty($item['create_time'])) {
+                    $item['create_time'] = date('Y-m-d H:i:s', $item['create_time']);
+                }
+            }
+        }
+
+        return app('json')->success(['list' => $list, 'count' => $count]);
+    }
+
+    /**
+     * 审核评论
+     */
+    public function auditComment(Request $request)
+    {
+        $id = $request->param('id');
+        $status = $request->param('status', '');
+
+        if (!$id) {
+            return app('json')->fail('参数错误');
+        }
+
+        if (!in_array((string)$status, ['-1', '1'])) {
+            return app('json')->fail('状态值错误');
+        }
+
+        $comment = Db::name('forum_comment')->where('id', $id)->find();
+        if (!$comment) {
+            return app('json')->fail('评论不存在');
+        }
+
+        Db::name('forum_comment')->where('id', $id)->update([
+            'status' => (int)$status,
+            'update_time' => time()
+        ]);
+
+        $msg = $status == 1 ? '审核通过' : '审核拒绝';
+        return app('json')->success($msg . '成功');
+    }
+
+    /**
+     * 删除评论
+     */
+    public function deleteComment(Request $request)
+    {
+        $id = $request->param('id');
+
+        if (!$id) {
+            return app('json')->fail('参数错误');
+        }
+
+        $comment = Db::name('forum_comment')->where('id', $id)->find();
+        if (!$comment) {
+            return app('json')->fail('评论不存在');
+        }
+
+        Db::startTrans();
+        try {
+            // 删除评论
+            Db::name('forum_comment')->where('id', $id)->delete();
+            // 更新帖子评论数
+            Db::name('forum_post')->where('id', $comment['post_id'])->dec('comment_count')->update();
+            Db::commit();
+            return app('json')->success('删除成功');
+        } catch (\Exception $e) {
+            Db::rollback();
+            return app('json')->fail('删除失败');
+        }
+    }
+
+    // ==================== 用户权限管理 ====================
+
+    /**
+     * 用户权限列表
+     */
+    public function userPermissionList(Request $request)
+    {
+        $page = $request->param('page', 1);
+        $pageSize = $request->param('pageSize', 10);
+        $nickname = $request->param('nickname', '');
+        $mobile = $request->param('mobile', '');
+        $permission = $request->param('permission', '');
+
+        $where = [];
+        if ($nickname) {
+            $where[] = ['nickname', 'like', "%{$nickname}%"];
+        }
+        if ($mobile) {
+            $where[] = ['mobile', 'like', "%{$mobile}%"];
+        }
+        if ($permission !== '' && in_array((string)$permission, ['0', '1'])) {
+            $where[] = ['permission', '=', (int)$permission];
+        }
+
+        $query = Db::name('user')
+            ->field('uid, nickname, mobile, avatar, permission, regtime')
+            ->where($where)
+            ->order('uid', 'desc');
+
+        $count = $query->count();
+        $list = $query->page($page, $pageSize)->select();
+
+        if (!empty($list)) {
+            $list = $list->toArray();
+            foreach ($list as &$item) {
+                if (!empty($item['regtime'])) {
+                    $item['regtime'] = date('Y-m-d H:i:s', $item['regtime']);
+                }
+            }
+        }
+
+        return app('json')->success(['list' => $list, 'count' => $count]);
+    }
+
+    /**
+     * 设置用户发帖权限
+     */
+    public function setUserPermission(Request $request)
+    {
+        $uid = $request->param('uid');
+        $permission = $request->param('permission', '');
+
+        if (!$uid) {
+            return app('json')->fail('参数错误');
+        }
+
+        if (!in_array((string)$permission, ['0', '1'])) {
+            return app('json')->fail('权限值错误');
+        }
+
+        $user = Db::name('user')->where('uid', $uid)->find();
+        if (!$user) {
+            return app('json')->fail('用户不存在');
+        }
+
+        Db::name('user')->where('uid', $uid)->update([
+            'permission' => (int)$permission
+        ]);
+
+        $msg = $permission == 1 ? '开通' : '关闭';
+        return app('json')->success($msg . '发帖权限成功');
+    }
+
+    /**
+     * 批量设置用户发帖权限
+     */
+    public function batchSetPermission(Request $request)
+    {
+        $uids = $request->param('uids', '');
+        $permission = $request->param('permission', '');
+
+        if (!$uids) {
+            return app('json')->fail('请选择用户');
+        }
+
+        if (!in_array((string)$permission, ['0', '1'])) {
+            return app('json')->fail('权限值错误');
+        }
+
+        $uidArr = explode(',', $uids);
+        $uidArr = array_filter(array_map('intval', $uidArr));
+
+        if (empty($uidArr)) {
+            return app('json')->fail('用户ID格式错误');
+        }
+
+        Db::name('user')->whereIn('uid', $uidArr)->update([
+            'permission' => (int)$permission
+        ]);
+
+        $msg = $permission == 1 ? '开通' : '关闭';
+        return app('json')->success($msg . '发帖权限成功');
+    }
+
+    // ==================== 统计 ====================
+
+    /**
+     * 论坛统计
+     */
+    public function statistics(Request $request)
+    {
+        $postCount = Db::name('forum_post')->count();
+        $postPendingCount = Db::name('forum_post')->where('status', 0)->count();
+        $postNormalCount = Db::name('forum_post')->where('status', 1)->count();
+        $commentCount = Db::name('forum_comment')->count();
+        $commentPendingCount = Db::name('forum_comment')->where('status', 0)->count();
+        $userWithPermission = Db::name('user')->where('permission', 1)->count();
+
+        return app('json')->success([
+            'post_count' => $postCount,
+            'post_pending' => $postPendingCount,
+            'post_normal' => $postNormalCount,
+            'comment_count' => $commentCount,
+            'comment_pending' => $commentPendingCount,
+            'user_with_permission' => $userWithPermission
+        ]);
+    }
+}

app/system/route/forum.php

@@ -0,0 +1,35 @@
+<?php
+
+use think\facade\Route;
+use app\system\middleware\AllowOriginMiddleware;
+use app\system\middleware\AdminAuthTokenMiddleware;
+use app\system\middleware\AdminCkeckRoleMiddleware;
+
+// 论坛后台管理路由
+Route::group('forum', function () {
+    // 帖子管理
+    Route::get('post/list', 'Forum/postList');        // 帖子列表
+    Route::get('post/detail', 'Forum/postDetail');     // 帖子详情
+    Route::post('post/audit', 'Forum/auditPost');       // 审核帖子
+    Route::post('post/setTop', 'Forum/setTop');         // 设置置顶
+    Route::post('post/update', 'Forum/updatePost');     // 编辑帖子
+    Route::post('post/delete', 'Forum/deletePost');     // 删除帖子
+
+    // 评论管理
+    Route::get('comment/list', 'Forum/commentList');    // 评论列表
+    Route::post('comment/audit', 'Forum/auditComment');  // 审核评论
+    Route::post('comment/delete', 'Forum/deleteComment'); // 删除评论
+
+    // 用户权限管理
+//    Route::get('user/list', 'Forum/userPermissionList');           // 用户权限列表
+//    Route::post('user/permission', 'Forum/setUserPermission');    // 设置用户权限
+//    Route::post('user/batchPermission', 'Forum/batchSetPermission'); // 批量设置权限
+
+    // 统计
+    Route::get('statistics', 'Forum/statistics');        // 论坛统计
+
+})->middleware([
+    AllowOriginMiddleware::class,
+    AdminAuthTokenMiddleware::class,
+    AdminCkeckRoleMiddleware::class
+]);