Browse Source

20220527

pull/81/head
xiaoz 3 years ago
parent
commit
a1349ef696
  1. 309
      class/Api.php
  2. 14
      controller/admin.php
  3. 53
      controller/api.php

309
class/Api.php

@ -5,6 +5,7 @@
* author:xiaoz<xiaoz93@outlook.com> * author:xiaoz<xiaoz93@outlook.com>
* blog:xiaoz.me * blog:xiaoz.me
*/ */
define("API_URL","http://down.onenav.top");
class Api { class Api {
protected $db; protected $db;
public function __construct($db){ public function __construct($db){
@ -738,53 +739,81 @@ class Api {
$limit = $data['limit']; $limit = $data['limit'];
$token = $data['token']; $token = $data['token'];
$offset = ($data['page'] - 1) * $data['limit']; $offset = ($data['page'] - 1) * $data['limit'];
$fid = @$data['category_id']; //$fid = @$data['category_id'];
$count = $this->db->count('on_links','*');
//如果存在分类ID,则根据分类ID进行查询 //如果成功登录,但token为空
if ($data['category_id'] != null) { if( ($this->is_login()) && (empty($token)) ){
$sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = on_links.fid) AS category_name FROM on_links ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
$cid_sql = "WHERE fid = $fid"; }
//统计链接总数
$count = $this->db->count('on_links','*',[ //如果token验证通过
'fid' => $fid elseif( (!empty($token)) && ($this->auth($token)) ) {
]); $sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = on_links.fid) AS category_name FROM on_links ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
} }
//如果即没有登录成功,又没有token,则默认为游客,游客查询链接属性为公有,分类为公有,不查询私有
else{ else{
//统计链接总数,没有分类ID的情况 $c_sql = "SELECT COUNT(*) AS num FROM on_links WHERE property = 0 AND fid IN (SELECT id FROM on_categorys WHERE property = 0)";
$count = $this->db->count('on_links','*'); $count = $this->db->query($c_sql)->fetchAll()[0]['num'];
$count = intval($count);
$sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = on_links.fid) AS category_name FROM on_links WHERE property = 0 AND fid IN (SELECT id FROM on_categorys WHERE property = 0) ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
} }
//原生查询
$datas = $this->db->query($sql)->fetchAll();
$datas = [
'code' => 0,
'msg' => '',
'count' => $count,
'data' => $datas
];
exit(json_encode($datas));
}
/**
* 查询某个分类下面的链接
* 接收一个数组作为参数
*/
public function q_category_link($data){
$limit = $data['limit'];
$token = $data['token'];
$offset = ($data['page'] - 1) * $data['limit'];
$fid = @$data['category_id'];
//$fid = @$data['category_id'];
$count = $this->db->count('on_links','*',[
'fid' => $fid
]);
//如果FID是空的,则直接终止
if( empty($fid) ) {
$datas = [
'code' => -2000,
'msg' => '分类ID不能为空!',
'count' => 0,
'data' => []
];
exit(json_encode($datas));
}
//如果成功登录,但token为空 //如果成功登录,但token为空
if( ($this->is_login()) && (empty($token)) ){ if( ($this->is_login()) && (empty($token)) ){
$sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = on_links.fid) AS category_name FROM on_links ${cid_sql} ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}"; $sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = on_links.fid) AS category_name FROM on_links WHERE fid = $fid ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
} }
//如果token验证通过 //如果token验证通过
elseif( (!empty($token)) && ($this->auth($token)) ) { elseif( (!empty($token)) && ($this->auth($token)) ) {
$sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = on_links.fid) AS category_name FROM on_links ${cid_sql} ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}"; $sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = on_links.fid) AS category_name FROM on_links WHERE fid = $fid ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
} }
//如果即没有登录成功,又没有token,则默认为游客 //如果即没有登录成功,又没有token,则默认为游客,游客查询链接属性为公有,分类为公有,不查询私有
else{ else{
$cid_sql = empty($fid) ? null : "AND fid = $fid"; $c_sql = "SELECT COUNT(*) AS num FROM on_links WHERE property = 0 AND fid = $fid";
if($cid_sql == null) { $count = $this->db->query($c_sql)->fetchAll()[0]['num'];
//统计链接总数,不存在分类ID的情况 $count = intval($count);
$count = $this->db->count('on_links','*',[ 'property' => 0 ]);
}
else{
//统计链接总数,存在分类ID的情况
$count = $this->db->count('on_links','*',[
'property' => 0,
'fid' => $fid
]);
}
$sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = on_links.fid) AS category_name FROM on_links WHERE property = 0 ${cid_sql} ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}"; $sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = on_links.fid) AS category_name FROM on_links WHERE property = 0 AND fid IN (SELECT id FROM on_categorys WHERE property = 0) ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
} }
//打印SQL
//echo $sql;
//如果查询的总数大于limit,则以limit为准
//$count = ( $count > $limit) ? $limit : $count;
//原生查询 //原生查询
$datas = $this->db->query($sql)->fetchAll(); $datas = $this->db->query($sql)->fetchAll();
@ -810,6 +839,16 @@ class Api {
//var_dump($link_info); //var_dump($link_info);
//如果是公开链接,则直接返回 //如果是公开链接,则直接返回
if ( $link_info['property'] == "0" ) { if ( $link_info['property'] == "0" ) {
//链接是公开的,但是分类是私有的,则不显示
$category_property = $this->db->get("on_categorys","property",[
"id" => $link_info['fid']
]);
$category_property = intval($category_property);
//分类属性为1,则说明是私有链接,则未认证用户不允许查询
if( $category_property === 1 ){
//进行认证
$this->auth($token);
}
$datas = [ $datas = [
'code' => 0, 'code' => 0,
'data' => $link_info 'data' => $link_info
@ -1162,6 +1201,64 @@ class Api {
$this->err_msg(-2000,"写入配置失败!"); $this->err_msg(-2000,"写入配置失败!");
} }
} }
/**
* 删除主题
*/
public function delete_theme($name) {
//验证授权
$this->auth($token);
//正则判断主题名称是否合法
$pattern = "/^[a-zA-Z0-9][a-zA-Z0-9-_]+[a-zA-Z0-9]$/";
if ( !preg_match($pattern,$name) ) {
$this->return_json(-2000,'',"主题名称不合法!");
}
//如果是默认主题,则不允许删除
if( ($name === 'default') || ($name === 'admin') ) {
$this->return_json(-2000,'',"默认主题不允许删除!");
}
//查询当前使用中的主题
$current_theme = $this->db->get('on_options','value',[ 'key' => "theme" ]);
//如果是当前使用中的主题也不允许删除
if ( $current_theme == $name ) {
$this->return_json(-2000,'',"使用中的主题不允许删除!");
}
//删除主题
$this->deldir("templates/".$name);
$this->deldir("data/templates/".$name);
//判断主题文件夹是否还存在
if( is_dir("templates/".$name) || is_dir("data/templates/".$name) ) {
$this->return_json(-2000,'',"删除失败,可能是权限不足!");
}
else{
$this->return_json(200,'',"主题已删除!");
}
}
/**
* 删除一个目录
*/
protected function deldir($dir) {
//先删除目录下的文件:
$dh=opendir($dir);
while ($file=readdir($dh)) {
if($file!="." && $file!="..") {
$fullpath=$dir."/".$file;
if(!is_dir($fullpath)) {
unlink($fullpath);
} else {
$this->deldir($fullpath);
}
}
}
closedir($dh);
//删除当前文件夹:
if(rmdir($dir)) {
return true;
} else {
return false;
}
}
/** /**
* 获取主题参数 * 获取主题参数
*/ */
@ -1319,6 +1416,154 @@ class Api {
$status = $this->is_login() ? "true" : "false"; $status = $this->is_login() ? "true" : "false";
$this->return_json(200,$status,""); $this->return_json(200,$status,"");
} }
/**
* 验证订阅是否有效
*/
public function check_subscribe() {
//验证token是否合法
$this->auth($token);
//获取订阅信息
//获取当前站点信息
$subscribe = $this->db->get('on_options','value',[ 'key' => "s_subscribe" ]);
$domain = $_SERVER['HTTP_HOST'];
$subscribe = unserialize($subscribe);
//api请求地址
$api_url = API_URL."/v1/check_subscribe.php?order_id=".$subscribe['order_id']."&email=".$subscribe['email']."&domain=".$domain;
try {
#GET HTTPS
$curl = curl_init($api_url);
#设置useragent
#curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)");
curl_setopt($curl, CURLOPT_FAILONERROR, true);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
#设置超时时间,最小为1s(可选)
curl_setopt($curl , CURLOPT_TIMEOUT, 5);
$html = curl_exec($curl);
curl_close($curl);
//解析json
$data = json_decode($html);
//var_dump($data->data->end_time);
//echo strtotime($data->data->end_time);
//var_dump($data->code);
//如果状态码返回200,并且订阅没有到期
if( (intval($data->code) === 200) && ( $data->data->end_time > ( strtotime( date("Y-m-d",time()) ) )) ) {
$this->return_json(200,$data->data,'success');
}
else if( intval($data->code === -1000 ) ) {
$this->return_json(-2000,'',$data->msg);
}
else{
$this->return_json(-2000,'',"请求接口失败!");
}
} catch (\Throwable $th) {
$this->return_json(-2000,'','网络请求失败!');
}
}
/**
* 无脑下载更新程序
*/
public function down_updater() {
$url = API_URL."/update.tar.gz";
// echo $url;
// exit;
try {
//检查本地是否存在更新程序
$curl = curl_init($url);
#设置useragent
#curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)");
curl_setopt($curl, CURLOPT_FAILONERROR, true);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
#设置超时时间,最小为1s(可选)
curl_setopt($curl , CURLOPT_TIMEOUT, 60);
$html = curl_exec($curl);
curl_close($curl);
//var_dump($html);
//return $html;
//写入文件
file_put_contents("update.tar.gz",$html);
//解压覆盖文件
//解压文件
$phar = new PharData('update.tar.gz');
//路径 要解压的文件 是否覆盖
$phar->extractTo('./', null, true);
return TRUE;
} catch (\Throwable $th) {
$this->return_json(-2000,"","更新程序下载失败!");
}
finally{
//再次判断更新程序是否存在
if( is_file("update.php") ) {
//判断是否大约0
$file_size = filesize("update.php");
if( $file_size < 100 ) {
$this->return_json(-2000,"","更新程序异常,请检查目录权限!");
}
else{
return TRUE;
}
}
else{
$this->return_json(-2000,"","更新程序下载失败,请检查目录权限!");
}
}
}
/**更新升级程序 */
public function up_updater() {
//如果不存在,则下载更新程序
if( !is_file("update.php") ) {
if ( $this->down_updater() ) {
$this->return_json(200,"","更新程序准备就绪!");
}
}
//如果存在更新程序,验证大小,大小不匹配时进行更新
if( is_file("update.tar.gz") ) {
//获取header头
$header = get_headers(API_URL."/update.tar.gz",1);
$lentgh = $header['Content-Length'];
//获取文件大小
$file_size = filesize("update.tar.gz");
//如果本地文件大小和远程文件大小不一致,则下载更新
if ( $file_size != $lentgh ) {
$this->down_updater();
}
else {
$this->return_json(200,"","更新程序准备就绪!");
}
}
else if( is_file("update.php") ) {
$this->return_json(200,"","更新程序准备就绪!");
}
}
/**
* 校验更新程序
*/
public function check_version($version) {
//获取当前版本信息
$current_version = explode("-",file_get_contents("version.txt"));
$current_version = str_replace("v","",$current_version[0]);
//获取用户传递的版本
//$version = $_REQUEST['version'];
if( $version == $current_version ) {
$this->return_json(200,"","success");
}
else{
$this->return_json(-2000,"","更新失败,版本校验不匹配,请检查目录权限!");
}
}
} }

14
controller/admin.php

@ -241,6 +241,20 @@ if( $page == 'setting/site' ) {
$site = unserialize($site); $site = unserialize($site);
} }
//站点订阅页面
if( $page == 'setting/subscribe' ) {
//获取当前站点信息
$subscribe = $db->get('on_options','value',[ 'key' => "s_subscribe" ]);
$subscribe = unserialize($subscribe);
//获取当前版本信息
$current_version = explode("-",file_get_contents("version.txt"));
$current_version = str_replace("v","",$current_version[0]);
}
//过渡页设置页面 //过渡页设置页面
if( $page == 'setting/transition_page' ) { if( $page == 'setting/transition_page' ) {
//获取当前站点信息 //获取当前站点信息

53
controller/api.php

@ -160,6 +160,25 @@ function link_list($api){
$api->link_list($data); $api->link_list($data);
} }
/**
* 查询分类下的链接
*/
function q_category_link($api){
$page = empty(intval($_REQUEST['page'])) ? 1 : intval($_REQUEST['page']);
$limit = empty(intval($_REQUEST['limit'])) ? 10 : intval($_REQUEST['limit']);
//获取token
$token = $_POST['token'];
//获取分类ID
$category_id = empty($_REQUEST['category_id']) ? null : intval($_REQUEST['category_id']);
$data = [
'page' => $page,
'limit' => $limit,
'token' => $token,
'category_id' => $category_id
];
$api->q_category_link($data);
}
/** /**
* 获取链接标题、描述等信息 * 获取链接标题、描述等信息
*/ */
@ -280,6 +299,34 @@ function set_site($api) {
$api->set_option('s_site',$value); $api->set_option('s_site',$value);
} }
//设置订阅信息
function set_subscribe($api) {
//获取订单ID
$data['order_id'] = htmlspecialchars( trim($_REQUEST['order_id']) );
//获取邮箱
$data['email'] = htmlspecialchars( trim($_REQUEST['email']) );
//到期时间
$data['end_time'] = htmlspecialchars( trim($_REQUEST['end_time']) );
//序列化存储
$value = serialize($data);
//序列化存储到数据库
$api->set_option('s_subscribe',$value);
}
//检查订阅信息
function check_subscribe($api) {
$api->check_subscribe();
}
//检查更新程序
function up_updater($api) {
$api->up_updater();
}
//验证当前版本是否匹配
function check_version($api) {
$version = $_REQUEST['version'];
$api->check_version($version);
}
//设置过渡页面 //设置过渡页面
function set_transition_page($api) { function set_transition_page($api) {
@ -407,4 +454,10 @@ EOF;
//获取用户登录状态 //获取用户登录状态
function check_login($api) { function check_login($api) {
$api->check_login(); $api->check_login();
}
//删除主题
function delete_theme($api) {
$name = $_REQUEST['name'];
$api->delete_theme($name);
} }
Loading…
Cancel
Save