xiaoz
/
onenav
mirror of https://github.com/helloxz/onenav.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

20220422

pull/61/head
xiaoz 3 years ago
parent
d3d9a9d8ae
commit
c60ae05ff1
4 changed files with 170 additions and 24 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 129
      class/Api.php
  2. 33
      controller/admin.php
  3. 11
      controller/api.php
  4. 21
      controller/index.php

129
class/Api.php
Unescape View File

@ -15,15 +15,20 @@ class Api {
/** /**
* name:创建分类目录 * name:创建分类目录
*/ */
public function add_category($token,$name,$property = 0,$weight = 0,$description = '',$font_icon = ''){ public function add_category($token,$name,$property = 0,$weight = 0,$description = '',$font_icon = '',$fid = 0){
$this->auth($token); $this->auth($token);
//分类名称不允许为空
if( empty($name) ) {
$this->err_msg(-2000,'分类名称不能为空!');
}
$data = [ $data = [
'name' => htmlspecialchars($name,ENT_QUOTES), 'name' => htmlspecialchars($name,ENT_QUOTES),
'add_time' => time(), 'add_time' => time(),
'weight' => $weight, 'weight' => $weight,
'property' => $property, 'property' => $property,
'description' => htmlspecialchars($description,ENT_QUOTES), 'description' => htmlspecialchars($description,ENT_QUOTES),
'font_icon' => $font_icon 'font_icon' => $font_icon,
'fid' => $fid
]; ];
//插入分类目录 //插入分类目录
$this->db->insert("on_categorys",$data); $this->db->insert("on_categorys",$data);
@ -136,13 +141,17 @@ class Api {
*/ */
protected function auth($token){ protected function auth($token){
//计算正确的token:用户名 + TOKEN //计算正确的token:用户名 + TOKEN
$token_yes = md5(USER.TOKEN); $SecretKey = @$this->db->get('on_options','*',[ 'key' => 'SecretKey' ])['value'];
$token_yes = md5(USER.$SecretKey);
//如果token为空,则验证cookie //如果token为空,则验证cookie
if(empty($token)) { if(empty($token)) {
if( !$this->is_login() ) { if( !$this->is_login() ) {
$this->err_msg(-1002,'Authorization failure!'); $this->err_msg(-1002,'Authorization failure!');
} }
} }
else if ( empty($SecretKey) ) {
$this->err_msg(-2000,'请先生成SecretKey!');
}
else if($token != $token_yes){ else if($token != $token_yes){
$this->err_msg(-1002,'Authorization failure!'); $this->err_msg(-1002,'Authorization failure!');
} }
@ -169,8 +178,8 @@ class Api {
$data = [ $data = [
'fid' => $fid, 'fid' => $fid,
'title' => htmlspecialchars($title,ENT_QUOTES), 'title' => htmlspecialchars($title,ENT_QUOTES),
'url' => $url, 'url' => htmlspecialchars($url,ENT_QUOTES),
'url_standby' => $url_standby, 'url_standby' => htmlspecialchars($url_standby,ENT_QUOTES),
'description' => htmlspecialchars($description,ENT_QUOTES), 'description' => htmlspecialchars($description,ENT_QUOTES),
'add_time' => time(), 'add_time' => time(),
'weight' => $weight, 'weight' => $weight,
@ -315,9 +324,9 @@ class Api {
//$this->check_link($fid,$title,$url); //$this->check_link($fid,$title,$url);
$this->check_link([ $this->check_link([
'fid' => $fid, 'fid' => $fid,
'title' => $title, 'title' => htmlspecialchars($title,ENT_QUOTES),
'url' => $url, 'url' => htmlspecialchars($url,ENT_QUOTES),
'url_standby' => $url_standby 'url_standby' => htmlspecialchars($url_standby,ENT_QUOTES)
]); ]);
//查询ID是否存在 //查询ID是否存在
$count = $this->db->count('on_links',[ 'id' => $id]); $count = $this->db->count('on_links',[ 'id' => $id]);
@ -411,12 +420,16 @@ class Api {
if( empty($url) ){ if( empty($url) ){
$this->err_msg(-1009,'URL cannot be empty!'); $this->err_msg(-1009,'URL cannot be empty!');
} }
//链接不合法 //通过正则匹配链接是否合法,支持http/https/ftp/magnet:?|ed2k|tcp/udp/thunder/rtsp/rtmp/sftp
if( !filter_var($url, FILTER_VALIDATE_URL) ) { $pattern = "/^(http:\/\/|https:\/\/|ftp:\/\/|ftps:\/\/|magnet:?|ed2k:\/\/|tcp:\/\/|udp:\/\/|thunder:\/\/|rtsp:\/\/|rtmp:\/\/|sftp:\/\/).+/";
// if( !filter_var($url, FILTER_VALIDATE_URL) ) {
// $this->err_msg(-1010,'URL is not valid!');
// }
if ( !preg_match($pattern,$url) ) {
$this->err_msg(-1010,'URL is not valid!'); $this->err_msg(-1010,'URL is not valid!');
} }
//备用链接不合法 //备用链接不合法
if ( ( !empty($url_standby) ) && ( !filter_var($url_standby, FILTER_VALIDATE_URL) ) ) { if ( ( !empty($url_standby) ) && ( !preg_match($pattern, $url_standby) ) ) {
$this->err_msg(-1010,'URL is not valid!'); $this->err_msg(-1010,'URL is not valid!');
} }
return true; return true;
@ -425,16 +438,30 @@ class Api {
* 查询分类目录 * 查询分类目录
*/ */
public function category_list($page,$limit){ public function category_list($page,$limit){
$token = @$_POST['token'];
$offset = ($page - 1) * $limit; $offset = ($page - 1) * $limit;
//如果成功登录,则查询所有 //如果成功登录,则查询所有
if( $this->is_login() ){ if( $this->is_login() ){
$sql = "SELECT * FROM on_categorys ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}"; $sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = a.fid LIMIT 1) AS fname FROM on_categorys as a ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
//统计总数
$count = $this->db->count('on_categorys','*');
}
//如果存在token,则验证
else if( !empty($token) ) {
$this->auth($token);
//查询所有分类
$sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = a.fid LIMIT 1) AS fname FROM on_categorys as a ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
//统计总数
$count = $this->db->count('on_categorys','*');
} }
else{ else{
$sql = "SELECT * FROM on_categorys WHERE property = 0 ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}"; $sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = a.fid LIMIT 1) AS fname FROM on_categorys as a WHERE property = 0 ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
//统计总数
$count = $this->db->count('on_categorys','*',[
"property" => 0
]);
} }
//统计总数
$count = $this->db->count('on_categorys','*');
//原生查询 //原生查询
$datas = $this->db->query($sql)->fetchAll(); $datas = $this->db->query($sql)->fetchAll();
$datas = [ $datas = [
@ -445,6 +472,27 @@ class Api {
]; ];
exit(json_encode($datas)); exit(json_encode($datas));
} }
/**
* 生成
*/
public function create_sk() {
//验证是否登录
$this->auth('');
$sk = md5(USER.USER.time());
$result = $this->set_option_bool('SecretKey',$sk);
if( $result ){
$datas = [
'code' => 0,
'data' => $sk
];
exit(json_encode($datas));
}
else{
$this->err_msg(-2000,'SecretKey生成失败!');
}
}
/** /**
* 查询链接 * 查询链接
* 接收一个数组作为参数 * 接收一个数组作为参数
@ -618,7 +666,7 @@ class Api {
//检查链接是否合法 //检查链接是否合法
//链接不合法 //链接不合法
if( !filter_var($url, FILTER_VALIDATE_URL) ) { if( !filter_var($url, FILTER_VALIDATE_URL) ) {
$this->err_msg(-1010,'URL is not valid!'); $this->err_msg(-1010,'只支持识别http/https协议的链接!');
} }
//获取网站标题 //获取网站标题
$c = curl_init(); $c = curl_init();
@ -896,6 +944,55 @@ class Api {
} }
} }
/**
* 更新option,返回BOOL值
*/
protected function set_option_bool($key,$value = '') {
$key = htmlspecialchars(trim($key));
//如果key是空的
if( empty($key) ) {
return FALSE;
}
$count = $this->db->count("on_options", [
"key" => $key
]);
//如果数量是0,则插入,否则就是更新
if( $count === 0 ) {
try {
$this->db->insert("on_options",[
"key" => $key,
"value" => $value
]);
$data = [
"code" => 0,
"data" => "设置成功!"
];
return TRUE;
} catch (\Throwable $th) {
return FALSE;
}
}
//更新数据
else if( $count === 1 ) {
try {
$this->db->update("on_options",[
"value" => $value
],[
"key" => $key
]);
$data = [
"code" => 0,
"data" => "设置已更新!"
];
return TRUE;
} catch (\Throwable $th) {
return FALSE;
}
}
}
} }

33
controller/admin.php
Unescape View File

@ -22,20 +22,43 @@ $version = get_version();
$page = empty($_GET['page']) ? 'index' : $_GET['page']; $page = empty($_GET['page']) ? 'index' : $_GET['page'];
//如果页面是修改edit_category //如果页面是修改edit_category
if ($page == 'edit_category') { if ( $page == 'edit_category' ) {
//获取id //获取id
$id = intval($_GET['id']); $id = intval($_GET['id']);
//查询单条分类信息 //查询单条分类信息
$category = $db->get('on_categorys','*',[ 'id' => $id ]); $sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = a.fid LIMIT 1) AS fname FROM on_categorys AS a WHERE id = $id";
$category_one = $db->query($sql)->fetchAll()[0];
//$category_one = $db->get('on_categorys','*',[ 'id' => $id ]);
//查询父级分类
$categorys = $db->select('on_categorys','*',[
'fid' => 0,
'ORDER' => ['weight' => 'DESC']
]);
//checked按钮 //checked按钮
if( $category['property'] == 1 ) { if( $category_one['property'] == 1 ) {
$category['checked'] = 'checked'; $category_one['checked'] = 'checked';
} }
else{ else{
$category['checked'] = ''; $category_one['checked'] = '';
} }
} }
//添加分类页面
if ( $page == 'add_category' ) {
//查询父级分类
$categorys = $db->select('on_categorys','*',[
'fid' => 0,
'ORDER' => ['weight' => 'DESC']
]);
}
//API设置页面
if( $page == 'setting/api' ) {
//查询SecretKey
$SecretKey = $db->get('on_options','*',[ 'key' => 'SecretKey' ])['value'];
}
//如果页面是修改link //如果页面是修改link
if ($page == 'edit_link') { if ($page == 'edit_link') {
//查询所有分类信息,用于分类框选择 //查询所有分类信息,用于分类框选择

11
controller/api.php
Unescape View File

@ -36,6 +36,8 @@ function add_category($api){
$name = $_POST['name']; $name = $_POST['name'];
//获取私有属性 //获取私有属性
$property = empty($_POST['property']) ? 0 : 1; $property = empty($_POST['property']) ? 0 : 1;
//获取分级ID
$fid = intval($_POST['fid']);
//获取权重 //获取权重
$weight = empty($_POST['weight']) ? 0 : intval($_POST['weight']); $weight = empty($_POST['weight']) ? 0 : intval($_POST['weight']);
//获取描述 //获取描述
@ -44,7 +46,7 @@ function add_category($api){
$description = htmlspecialchars($description); $description = htmlspecialchars($description);
//获取字体图标 //获取字体图标
$font_icon = htmlspecialchars($_POST['font_icon'],ENT_QUOTES); $font_icon = htmlspecialchars($_POST['font_icon'],ENT_QUOTES);
$api->add_category($token,$name,$property,$weight,$description,$font_icon); $api->add_category($token,$name,$property,$weight,$description,$font_icon,$fid);
} }
/** /**
* 修改分类目录入口 * 修改分类目录入口
@ -259,6 +261,8 @@ function set_site($api) {
$data['description'] = htmlspecialchars($_POST['description']); $data['description'] = htmlspecialchars($_POST['description']);
//获取自定义header //获取自定义header
$data['custom_header'] = $_POST['custom_header']; $data['custom_header'] = $_POST['custom_header'];
//获取自定义footer
$data['custom_footer'] = $_POST['custom_footer'];
//序列化存储 //序列化存储
$value = serialize($data); $value = serialize($data);
@ -284,3 +288,8 @@ function set_transition_page($api) {
$api->set_option('s_transition_page',$value); $api->set_option('s_transition_page',$value);
} }
//生成create_sk
function create_sk($api) {
$api->create_sk();
}

21
controller/index.php
Unescape View File

@ -2,13 +2,30 @@
/** /**
* 首页模板入口 * 首页模板入口
*/ */
//如果已经登录,获取所有分类和链接 //如果已经登录,获取所有分类和链接
if( is_login() ){ if( is_login() ){
//查询分类目录 //查询所有分类目录
$categorys = $db->select('on_categorys','*',[ $categorys = $db->select('on_categorys','*',[
"ORDER" => ["weight" => "DESC"] "ORDER" => ["weight" => "DESC"]
]); ]);
//查询一级分类目录,分类fid为0的都是一级分类
$category_parent = $db->select('on_categorys','*',[
"fid" => 0,
"ORDER" => ["weight" => "DESC"]
]);
//根据分类ID查询二级分类,分类fid大于0的都是二级分类
function get_category_sub($id) {
global $db;
$id = intval($id);
$category_sub = $db->select('on_categorys','*',[
"fid" => $id,
"ORDER" => ["weight" => "DESC"]
]);
return $category_sub;
}
//根据category id查询链接 //根据category id查询链接
function get_links($fid) { function get_links($fid) {
global $db; global $db;

Write Preview
Loading…
Cancel
Save