Browse Source

20220422

pull/61/head
xiaoz 3 years ago
parent
commit
c60ae05ff1
  1. 129
      class/Api.php
  2. 31
      controller/admin.php
  3. 11
      controller/api.php
  4. 21
      controller/index.php

129
class/Api.php

@ -15,15 +15,20 @@ class Api {
/** /**
* name:创建分类目录 * name:创建分类目录
*/ */
public function add_category($token,$name,$property = 0,$weight = 0,$description = '',$font_icon = ''){ public function add_category($token,$name,$property = 0,$weight = 0,$description = '',$font_icon = '',$fid = 0){
$this->auth($token); $this->auth($token);
//分类名称不允许为空
if( empty($name) ) {
$this->err_msg(-2000,'分类名称不能为空!');
}
$data = [ $data = [
'name' => htmlspecialchars($name,ENT_QUOTES), 'name' => htmlspecialchars($name,ENT_QUOTES),
'add_time' => time(), 'add_time' => time(),
'weight' => $weight, 'weight' => $weight,
'property' => $property, 'property' => $property,
'description' => htmlspecialchars($description,ENT_QUOTES), 'description' => htmlspecialchars($description,ENT_QUOTES),
'font_icon' => $font_icon 'font_icon' => $font_icon,
'fid' => $fid
]; ];
//插入分类目录 //插入分类目录
$this->db->insert("on_categorys",$data); $this->db->insert("on_categorys",$data);
@ -136,13 +141,17 @@ class Api {
*/ */
protected function auth($token){ protected function auth($token){
//计算正确的token:用户名 + TOKEN //计算正确的token:用户名 + TOKEN
$token_yes = md5(USER.TOKEN); $SecretKey = @$this->db->get('on_options','*',[ 'key' => 'SecretKey' ])['value'];
$token_yes = md5(USER.$SecretKey);
//如果token为空,则验证cookie //如果token为空,则验证cookie
if(empty($token)) { if(empty($token)) {
if( !$this->is_login() ) { if( !$this->is_login() ) {
$this->err_msg(-1002,'Authorization failure!'); $this->err_msg(-1002,'Authorization failure!');
} }
} }
else if ( empty($SecretKey) ) {
$this->err_msg(-2000,'请先生成SecretKey!');
}
else if($token != $token_yes){ else if($token != $token_yes){
$this->err_msg(-1002,'Authorization failure!'); $this->err_msg(-1002,'Authorization failure!');
} }
@ -169,8 +178,8 @@ class Api {
$data = [ $data = [
'fid' => $fid, 'fid' => $fid,
'title' => htmlspecialchars($title,ENT_QUOTES), 'title' => htmlspecialchars($title,ENT_QUOTES),
'url' => $url, 'url' => htmlspecialchars($url,ENT_QUOTES),
'url_standby' => $url_standby, 'url_standby' => htmlspecialchars($url_standby,ENT_QUOTES),
'description' => htmlspecialchars($description,ENT_QUOTES), 'description' => htmlspecialchars($description,ENT_QUOTES),
'add_time' => time(), 'add_time' => time(),
'weight' => $weight, 'weight' => $weight,
@ -315,9 +324,9 @@ class Api {
//$this->check_link($fid,$title,$url); //$this->check_link($fid,$title,$url);
$this->check_link([ $this->check_link([
'fid' => $fid, 'fid' => $fid,
'title' => $title, 'title' => htmlspecialchars($title,ENT_QUOTES),
'url' => $url, 'url' => htmlspecialchars($url,ENT_QUOTES),
'url_standby' => $url_standby 'url_standby' => htmlspecialchars($url_standby,ENT_QUOTES)
]); ]);
//查询ID是否存在 //查询ID是否存在
$count = $this->db->count('on_links',[ 'id' => $id]); $count = $this->db->count('on_links',[ 'id' => $id]);
@ -411,12 +420,16 @@ class Api {
if( empty($url) ){ if( empty($url) ){
$this->err_msg(-1009,'URL cannot be empty!'); $this->err_msg(-1009,'URL cannot be empty!');
} }
//链接不合法 //通过正则匹配链接是否合法,支持http/https/ftp/magnet:?|ed2k|tcp/udp/thunder/rtsp/rtmp/sftp
if( !filter_var($url, FILTER_VALIDATE_URL) ) { $pattern = "/^(http:\/\/|https:\/\/|ftp:\/\/|ftps:\/\/|magnet:?|ed2k:\/\/|tcp:\/\/|udp:\/\/|thunder:\/\/|rtsp:\/\/|rtmp:\/\/|sftp:\/\/).+/";
// if( !filter_var($url, FILTER_VALIDATE_URL) ) {
// $this->err_msg(-1010,'URL is not valid!');
// }
if ( !preg_match($pattern,$url) ) {
$this->err_msg(-1010,'URL is not valid!'); $this->err_msg(-1010,'URL is not valid!');
} }
//备用链接不合法 //备用链接不合法
if ( ( !empty($url_standby) ) && ( !filter_var($url_standby, FILTER_VALIDATE_URL) ) ) { if ( ( !empty($url_standby) ) && ( !preg_match($pattern, $url_standby) ) ) {
$this->err_msg(-1010,'URL is not valid!'); $this->err_msg(-1010,'URL is not valid!');
} }
return true; return true;
@ -425,16 +438,30 @@ class Api {
* 查询分类目录 * 查询分类目录
*/ */
public function category_list($page,$limit){ public function category_list($page,$limit){
$token = @$_POST['token'];
$offset = ($page - 1) * $limit; $offset = ($page - 1) * $limit;
//如果成功登录,则查询所有 //如果成功登录,则查询所有
if( $this->is_login() ){ if( $this->is_login() ){
$sql = "SELECT * FROM on_categorys ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}"; $sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = a.fid LIMIT 1) AS fname FROM on_categorys as a ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
} //统计总数
else{ $count = $this->db->count('on_categorys','*');
$sql = "SELECT * FROM on_categorys WHERE property = 0 ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
} }
//如果存在token,则验证
else if( !empty($token) ) {
$this->auth($token);
//查询所有分类
$sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = a.fid LIMIT 1) AS fname FROM on_categorys as a ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
//统计总数 //统计总数
$count = $this->db->count('on_categorys','*'); $count = $this->db->count('on_categorys','*');
}
else{
$sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = a.fid LIMIT 1) AS fname FROM on_categorys as a WHERE property = 0 ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
//统计总数
$count = $this->db->count('on_categorys','*',[
"property" => 0
]);
}
//原生查询 //原生查询
$datas = $this->db->query($sql)->fetchAll(); $datas = $this->db->query($sql)->fetchAll();
$datas = [ $datas = [
@ -445,6 +472,27 @@ class Api {
]; ];
exit(json_encode($datas)); exit(json_encode($datas));
} }
/**
* 生成
*/
public function create_sk() {
//验证是否登录
$this->auth('');
$sk = md5(USER.USER.time());
$result = $this->set_option_bool('SecretKey',$sk);
if( $result ){
$datas = [
'code' => 0,
'data' => $sk
];
exit(json_encode($datas));
}
else{
$this->err_msg(-2000,'SecretKey生成失败!');
}
}
/** /**
* 查询链接 * 查询链接
* 接收一个数组作为参数 * 接收一个数组作为参数
@ -618,7 +666,7 @@ class Api {
//检查链接是否合法 //检查链接是否合法
//链接不合法 //链接不合法
if( !filter_var($url, FILTER_VALIDATE_URL) ) { if( !filter_var($url, FILTER_VALIDATE_URL) ) {
$this->err_msg(-1010,'URL is not valid!'); $this->err_msg(-1010,'只支持识别http/https协议的链接!');
} }
//获取网站标题 //获取网站标题
$c = curl_init(); $c = curl_init();
@ -896,6 +944,55 @@ class Api {
} }
} }
/**
* 更新option,返回BOOL值
*/
protected function set_option_bool($key,$value = '') {
$key = htmlspecialchars(trim($key));
//如果key是空的
if( empty($key) ) {
return FALSE;
}
$count = $this->db->count("on_options", [
"key" => $key
]);
//如果数量是0,则插入,否则就是更新
if( $count === 0 ) {
try {
$this->db->insert("on_options",[
"key" => $key,
"value" => $value
]);
$data = [
"code" => 0,
"data" => "设置成功!"
];
return TRUE;
} catch (\Throwable $th) {
return FALSE;
}
}
//更新数据
else if( $count === 1 ) {
try {
$this->db->update("on_options",[
"value" => $value
],[
"key" => $key
]);
$data = [
"code" => 0,
"data" => "设置已更新!"
];
return TRUE;
} catch (\Throwable $th) {
return FALSE;
}
}
}
} }

31
controller/admin.php

@ -26,14 +26,37 @@ if ($page == 'edit_category') {
//获取id //获取id
$id = intval($_GET['id']); $id = intval($_GET['id']);
//查询单条分类信息 //查询单条分类信息
$category = $db->get('on_categorys','*',[ 'id' => $id ]); $sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = a.fid LIMIT 1) AS fname FROM on_categorys AS a WHERE id = $id";
$category_one = $db->query($sql)->fetchAll()[0];
//$category_one = $db->get('on_categorys','*',[ 'id' => $id ]);
//查询父级分类
$categorys = $db->select('on_categorys','*',[
'fid' => 0,
'ORDER' => ['weight' => 'DESC']
]);
//checked按钮 //checked按钮
if( $category['property'] == 1 ) { if( $category_one['property'] == 1 ) {
$category['checked'] = 'checked'; $category_one['checked'] = 'checked';
} }
else{ else{
$category['checked'] = ''; $category_one['checked'] = '';
}
} }
//添加分类页面
if ( $page == 'add_category' ) {
//查询父级分类
$categorys = $db->select('on_categorys','*',[
'fid' => 0,
'ORDER' => ['weight' => 'DESC']
]);
}
//API设置页面
if( $page == 'setting/api' ) {
//查询SecretKey
$SecretKey = $db->get('on_options','*',[ 'key' => 'SecretKey' ])['value'];
} }
//如果页面是修改link //如果页面是修改link

11
controller/api.php

@ -36,6 +36,8 @@ function add_category($api){
$name = $_POST['name']; $name = $_POST['name'];
//获取私有属性 //获取私有属性
$property = empty($_POST['property']) ? 0 : 1; $property = empty($_POST['property']) ? 0 : 1;
//获取分级ID
$fid = intval($_POST['fid']);
//获取权重 //获取权重
$weight = empty($_POST['weight']) ? 0 : intval($_POST['weight']); $weight = empty($_POST['weight']) ? 0 : intval($_POST['weight']);
//获取描述 //获取描述
@ -44,7 +46,7 @@ function add_category($api){
$description = htmlspecialchars($description); $description = htmlspecialchars($description);
//获取字体图标 //获取字体图标
$font_icon = htmlspecialchars($_POST['font_icon'],ENT_QUOTES); $font_icon = htmlspecialchars($_POST['font_icon'],ENT_QUOTES);
$api->add_category($token,$name,$property,$weight,$description,$font_icon); $api->add_category($token,$name,$property,$weight,$description,$font_icon,$fid);
} }
/** /**
* 修改分类目录入口 * 修改分类目录入口
@ -259,6 +261,8 @@ function set_site($api) {
$data['description'] = htmlspecialchars($_POST['description']); $data['description'] = htmlspecialchars($_POST['description']);
//获取自定义header //获取自定义header
$data['custom_header'] = $_POST['custom_header']; $data['custom_header'] = $_POST['custom_header'];
//获取自定义footer
$data['custom_footer'] = $_POST['custom_footer'];
//序列化存储 //序列化存储
$value = serialize($data); $value = serialize($data);
@ -284,3 +288,8 @@ function set_transition_page($api) {
$api->set_option('s_transition_page',$value); $api->set_option('s_transition_page',$value);
} }
//生成create_sk
function create_sk($api) {
$api->create_sk();
}

21
controller/index.php

@ -2,13 +2,30 @@
/** /**
* 首页模板入口 * 首页模板入口
*/ */
//如果已经登录,获取所有分类和链接 //如果已经登录,获取所有分类和链接
if( is_login() ){ if( is_login() ){
//查询分类目录 //查询所有分类目录
$categorys = $db->select('on_categorys','*',[ $categorys = $db->select('on_categorys','*',[
"ORDER" => ["weight" => "DESC"] "ORDER" => ["weight" => "DESC"]
]); ]);
//查询一级分类目录,分类fid为0的都是一级分类
$category_parent = $db->select('on_categorys','*',[
"fid" => 0,
"ORDER" => ["weight" => "DESC"]
]);
//根据分类ID查询二级分类,分类fid大于0的都是二级分类
function get_category_sub($id) {
global $db;
$id = intval($id);
$category_sub = $db->select('on_categorys','*',[
"fid" => $id,
"ORDER" => ["weight" => "DESC"]
]);
return $category_sub;
}
//根据category id查询链接 //根据category id查询链接
function get_links($fid) { function get_links($fid) {
global $db; global $db;

Loading…
Cancel
Save