@ -15,15 +15,20 @@ class Api {
@@ -15,15 +15,20 @@ class Api {
/**
* name:创建分类目录
*/
public function add_category($token,$name,$property = 0,$weight = 0,$description = '',$font_icon = ''){
public function add_category($token,$name,$property = 0,$weight = 0,$description = '',$font_icon = '',$fid = 0 ){
$this->auth($token);
//分类名称不允许为空
if( empty($name) ) {
$this->err_msg(-2000,'分类名称不能为空!');
}
$data = [
'name' => htmlspecialchars($name,ENT_QUOTES),
'add_time' => time(),
'weight' => $weight,
'property' => $property,
'description' => htmlspecialchars($description,ENT_QUOTES),
'font_icon' => $font_icon
'font_icon' => $font_icon,
'fid' => $fid
];
//插入分类目录
$this->db->insert("on_categorys",$data);
@ -136,13 +141,17 @@ class Api {
@@ -136,13 +141,17 @@ class Api {
*/
protected function auth($token){
//计算正确的token:用户名 + TOKEN
$token_yes = md5(USER.TOKEN);
$SecretKey = @$this->db->get('on_options','*',[ 'key' => 'SecretKey' ])['value'];
$token_yes = md5(USER.$SecretKey);
//如果token为空,则验证cookie
if(empty($token)) {
if( !$this->is_login() ) {
$this->err_msg(-1002,'Authorization failure!');
}
}
else if ( empty($SecretKey) ) {
$this->err_msg(-2000,'请先生成SecretKey!');
}
else if($token != $token_yes){
$this->err_msg(-1002,'Authorization failure!');
}
@ -169,8 +178,8 @@ class Api {
@@ -169,8 +178,8 @@ class Api {
$data = [
'fid' => $fid,
'title' => htmlspecialchars($title,ENT_QUOTES),
'url' => $url,
'url_standby' => $url_standby,
'url' => htmlspecialchars( $url,ENT_QUOTES),
'url_standby' => htmlspecialchars( $url_standby,ENT_QUOTES),
'description' => htmlspecialchars($description,ENT_QUOTES),
'add_time' => time(),
'weight' => $weight,
@ -315,9 +324,9 @@ class Api {
@@ -315,9 +324,9 @@ class Api {
//$this->check_link($fid,$title,$url);
$this->check_link([
'fid' => $fid,
'title' => $title,
'url' => $url,
'url_standby' => $url_standby
'title' => htmlspecialchars( $title,ENT_QUOTES),
'url' => htmlspecialchars( $url,ENT_QUOTES),
'url_standby' => htmlspecialchars( $url_standby,ENT_QUOTES)
]);
//查询ID是否存在
$count = $this->db->count('on_links',[ 'id' => $id]);
@ -411,12 +420,16 @@ class Api {
@@ -411,12 +420,16 @@ class Api {
if( empty($url) ){
$this->err_msg(-1009,'URL cannot be empty!');
}
//链接不合法
if( !filter_var($url, FILTER_VALIDATE_URL) ) {
//通过正则匹配链接是否合法,支持http/https/ftp/magnet:?|ed2k|tcp/udp/thunder/rtsp/rtmp/sftp
$pattern = "/^(http:\/\/|https:\/\/|ftp:\/\/|ftps:\/\/|magnet:?|ed2k:\/\/|tcp:\/\/|udp:\/\/|thunder:\/\/|rtsp:\/\/|rtmp:\/\/|sftp:\/\/).+/";
// if( !filter_var($url, FILTER_VALIDATE_URL) ) {
// $this->err_msg(-1010,'URL is not valid!');
// }
if ( !preg_match($pattern,$url) ) {
$this->err_msg(-1010,'URL is not valid!');
}
//备用链接不合法
if ( ( !empty($url_standby) ) & & ( !filter_var($url_standby, FILTER_VALIDATE_URL) ) ) {
if ( ( !empty($url_standby) ) & & ( !preg_match($pattern, $url_standby ) ) ) {
$this->err_msg(-1010,'URL is not valid!');
}
return true;
@ -425,16 +438,30 @@ class Api {
@@ -425,16 +438,30 @@ class Api {
* 查询分类目录
*/
public function category_list($page,$limit){
$token = @$_POST['token'];
$offset = ($page - 1) * $limit;
//如果成功登录,则查询所有
if( $this->is_login() ){
$sql = "SELECT * FROM on_categorys ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
}
else{
$sql = "SELECT * FROM on_categorys WHERE property = 0 ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
$sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = a.fid LIMIT 1) AS fname FROM on_categorys as a ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
//统计总数
$count = $this->db->count('on_categorys','*');
}
//如果存在token,则验证
else if( !empty($token) ) {
$this->auth($token);
//查询所有分类
$sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = a.fid LIMIT 1) AS fname FROM on_categorys as a ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
//统计总数
$count = $this->db->count('on_categorys','*');
}
else{
$sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = a.fid LIMIT 1) AS fname FROM on_categorys as a WHERE property = 0 ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
//统计总数
$count = $this->db->count('on_categorys','*',[
"property" => 0
]);
}
//原生查询
$datas = $this->db->query($sql)->fetchAll();
$datas = [
@ -445,6 +472,27 @@ class Api {
@@ -445,6 +472,27 @@ class Api {
];
exit(json_encode($datas));
}
/**
* 生成
*/
public function create_sk() {
//验证是否登录
$this->auth('');
$sk = md5(USER.USER.time());
$result = $this->set_option_bool('SecretKey',$sk);
if( $result ){
$datas = [
'code' => 0,
'data' => $sk
];
exit(json_encode($datas));
}
else{
$this->err_msg(-2000,'SecretKey生成失败!');
}
}
/**
* 查询链接
* 接收一个数组作为参数
@ -618,7 +666,7 @@ class Api {
@@ -618,7 +666,7 @@ class Api {
//检查链接是否合法
//链接不合法
if( !filter_var($url, FILTER_VALIDATE_URL) ) {
$this->err_msg(-1010,'URL is not valid !');
$this->err_msg(-1010,'只支持识别http/https协议的链接 !');
}
//获取网站标题
$c = curl_init();
@ -896,6 +944,55 @@ class Api {
@@ -896,6 +944,55 @@ class Api {
}
}
/**
* 更新option,返回BOOL值
*/
protected function set_option_bool($key,$value = '') {
$key = htmlspecialchars(trim($key));
//如果key是空的
if( empty($key) ) {
return FALSE;
}
$count = $this->db->count("on_options", [
"key" => $key
]);
//如果数量是0,则插入,否则就是更新
if( $count === 0 ) {
try {
$this->db->insert("on_options",[
"key" => $key,
"value" => $value
]);
$data = [
"code" => 0,
"data" => "设置成功!"
];
return TRUE;
} catch (\Throwable $th) {
return FALSE;
}
}
//更新数据
else if( $count === 1 ) {
try {
$this->db->update("on_options",[
"value" => $value
],[
"key" => $key
]);
$data = [
"code" => 0,
"data" => "设置已更新!"
];
return TRUE;
} catch (\Throwable $th) {
return FALSE;
}
}
}
}