diff --git a/function/function.php b/function/function.php index e75b1d4..9759b3c 100644 --- a/function/function.php +++ b/function/function.php @@ -2374,12 +2374,31 @@ function getFolloweeList($pdo, $userid){ $all_followee = $query->fetchAll(PDO::FETCH_COLUMN); if($all_followee){ - return $all_followee; + $valid_followees = []; + foreach ($all_followee as $followee_id){ + $userData = getUserData($pdo, $followee_id); + if($userData){ + $valid_followees[] = $followee_id; + } else { + unfollow_user($pdo, $followee_id, $userid); + } + } + return $valid_followees; }else{ $userdata = getUserData($pdo, $userid); $followeeIds = array_filter(explode(',', $userdata['follow'])); if($followeeIds){ - return $followeeIds; + $valid_followees = []; + foreach ($followeeIds as $followee_id){ + $userData = getUserData($pdo, $followee_id); + + if($userData){ + $valid_followees[] = $followee_id; + } else { + unfollow_user($pdo, $followee_id, $userid); + } + } + return $valid_followees; }else{ return array(); } @@ -2396,12 +2415,32 @@ function getFollowerList($pdo, $userid){ $all_follower = $query->fetchAll(PDO::FETCH_COLUMN); if($all_follower){ - return $all_follower; + $valid_followers = []; + foreach ($all_follower as $follower_id){ + $userData = getUserData($pdo, $follower_id); + + if($userData){ + $valid_followers[] = $follower_id; + } else { + unfollow_user($pdo, $userid, $follower_id); + } + } + return $valid_followers; }else{ $userdata = getUserData($pdo, $userid); $followerIds = array_filter(explode(',', $userdata['follower'])); if($followerIds){ - return $followerIds; + $valid_followers = []; + foreach ($followerIds as $follower_id){ + $userData = getUserData($pdo, $follower_id); + + if($userData){ + $valid_followers[] = $follower_id; + } else { + unfollow_user($pdo, $userid, $follower_id); + } + } + return $valid_followers; }else{ return array(); } @@ -2672,19 +2711,11 @@ function deleteUser($pdo, $userid, $step, $job_uniqid){ if($step == "delete_follow"){ if(changeJob($pdo, $userid, $job_uniqid, "delete_follow", "running")){ - // フォロー・フォロワー情報を削除したい全てのアカウントを取得 - $flw_query = $pdo->prepare("SELECT * - FROM account - WHERE FIND_IN_SET(:userid, follow) > 0 - OR FIND_IN_SET(:userid, follower) > 0; - "); - $flw_query->bindValue(':userid', $userid, PDO::PARAM_STR); - $flw_query->execute(); - $flw_accounts = $flw_query->fetchAll(); + $flw_accounts = array_merge(getFolloweeList($pdo, $userid),getFollowerList($pdo, $userid)); foreach ($flw_accounts as $account) { - unfollow_user($pdo, $account['userid'], $userid); - unfollow_user($pdo, $userid, $account['userid']); + unfollow_user($pdo, $account, $userid); + unfollow_user($pdo, $userid, $account); } // ユーザーIDを削除したい全てのアカウントを取得 @@ -3585,39 +3616,44 @@ function val_AddOtherSettings($dataname, $data, $jsontext){ } //ユーザーのOther_Settingsが既にあるかないか(なければ空のJSONを追加) function is_OtherSettings($pdo, $userid, $add = true){ - $other_settings = getUserData($pdo, $userid)["other_settings"]; - if(empty($other_settings)){ - if($add === true){ - $new_data = []; - $new_json = json_encode($new_data); + $other_settings = getUserData($pdo, $userid); + if($other_settings){ + if(empty($other_settings["other_settings"])){ + if($add === true){ + $new_data = []; + $new_json = json_encode($new_data); - $pdo->beginTransaction(); - try { - // UPDATE文を実行してフォロー情報を更新 - $updateQuery = $pdo->prepare("UPDATE account SET other_settings = :other_settings WHERE userid = :userid"); - $updateQuery->bindValue(':other_settings', $new_json, PDO::PARAM_STR); - $updateQuery->bindValue(':userid', $userid, PDO::PARAM_STR); - $res = $updateQuery->execute(); + $pdo->beginTransaction(); + try { + // UPDATE文を実行してフォロー情報を更新 + $updateQuery = $pdo->prepare("UPDATE account SET other_settings = :other_settings WHERE userid = :userid"); + $updateQuery->bindValue(':other_settings', $new_json, PDO::PARAM_STR); + $updateQuery->bindValue(':userid', $userid, PDO::PARAM_STR); + $res = $updateQuery->execute(); - if($res){ - $pdo->commit(); - return true; - }else{ + if($res){ + $pdo->commit(); + return true; + }else{ + // ロールバック + $pdo->rollBack(); + actionLog($userid, "error", "is_OtherSettings", null, "空のOtherSettingsを追加できませんでした", 3); + return false; + } + } catch (Exception $e) { // ロールバック $pdo->rollBack(); - actionLog($userid, "error", "is_OtherSettings", null, "空のOtherSettingsを追加できませんでした", 3); + actionLog($userid, "error", "is_OtherSettings", null, $e, 4); return false; } - } catch (Exception $e) { - // ロールバック - $pdo->rollBack(); - actionLog($userid, "error", "is_OtherSettings", null, $e, 4); + }else{ return false; } }else{ - return false; + return true; } }else{ + //unfollow_userの救済だーー!!! return true; } } diff --git a/passrecovery/badrecovery.php b/passrecovery/badrecovery.php index 953809e..8fcc98c 100644 --- a/passrecovery/badrecovery.php +++ b/passrecovery/badrecovery.php @@ -1,4 +1,15 @@ 0, + 'path' => '/', + 'domain' => '', + 'secure' => true, + 'httponly' => true, + 'samesite' => 'Lax' +]); +session_start(); + require('../db.php'); require("../function/function.php"); diff --git a/passrecovery/donerecovery.php b/passrecovery/donerecovery.php index b0ab676..353ed22 100644 --- a/passrecovery/donerecovery.php +++ b/passrecovery/donerecovery.php @@ -1,4 +1,15 @@ 0, + 'path' => '/', + 'domain' => '', + 'secure' => true, + 'httponly' => true, + 'samesite' => 'Lax' +]); +session_start(); + require('../db.php'); require("../function/function.php"); diff --git a/server/uwuzuinfo.txt b/server/uwuzuinfo.txt index 3f641a2..24319fd 100644 --- a/server/uwuzuinfo.txt +++ b/server/uwuzuinfo.txt @@ -1,4 +1,4 @@ uwuzu -1.6.5 -2025/10/27 +1.6.6 +2025/11/08 daichimarukana,putonfps \ No newline at end of file diff --git a/server/uwuzurelease.txt b/server/uwuzurelease.txt index a66cb48..6f89d47 100644 --- a/server/uwuzurelease.txt +++ b/server/uwuzurelease.txt @@ -1,6 +1,12 @@ ## リリースノートだぜぇぇぇぇぇぇい!!!!!!! ここにはuwuzuの更新情報を載せてくぜぇ~!(いやまてテンションおかしいだろ...) +## Version 1.6.6 (Hapuego) +2025/11/08 +fix: アカウント削除時にフォロー情報が削除されない問題を修正しました! +fix: パスワードの回復機能にあるちっちゃいバグを修正しました! +chg: ユーザープロフィールページをちょっと高速化しました! + ## Version 1.6.5 (Hapuego) 2025/10/27 fix: ユーズに返信をするページにて、選択しているユーズがどれかを表示する点が表示されない問題を修正しました! @@ -42,6 +48,7 @@ new: ブルートフォースアタックからアカウントを保護するた - last_attack_datetime:指定なし:最終ログイン失敗日時 - blocked_until_datetime:指定なし:ブロック終了日時 - datetime(datetime):指定なし:最初の失敗ログイン記録日時 +uwuzu_database.sqlは更新済みです。 ## Version 1.6.4 (Hapuego) 2025/08/20 diff --git a/update.json b/update.json index 5d59ebc..4a39ba3 100644 --- a/update.json +++ b/update.json @@ -1,71 +1,16 @@ { "software": "uwuzu", - "version": "1.6.5", - "release_date": "2025/10/27", - "release_notes": "このアップデートでは、ログインに関する重大な脆弱性及びフォローの仕組みの改修、その他様々なバグの修正が含まれます。\n早急なアップデートを強く推奨します!!!!!\nなお、このアップデートでは事前にDB構造の更新が必要です。\n詳細はリリースノートをご確認ください。", + "version": "1.6.6", + "release_date": "2025/11/08", + "release_notes": "このアップデートでは、フォローに関するバグの修正などが含まれます。\n詳細はリリースノートをご確認ください。", "notices": "アップデート前にデータのバックアップを行うことをおすすめします!", "files": { "overwrite": [ "/function/function.php", - "/ueuse/index.php", - "/admin/addadmin.php", - "/admin/index.php", - "/api/auth.php", - "/api/me/index.php", - "/api/ueuse/replies.php", - "/api/users/index.php", - "/api/users/unfollow.php", - "/bookmark/index.php", - "/emoji/index.php", - "/home/index.php", - "/js/view_function.js", - "/migration/index.php", - "/new.php", - "/addauthcode.php", - "/authcodechk.php", - "/authlogin.php", - "/check.php", - "/login.php", - "/success.php", - "/uwuzu_error_code.txt", - "/css/home.css", - "/abi/addabi.php", - "/nextpage/bookmarktimeline.php", - "/nextpage/followtimeline.php", - "/nextpage/foryoutimeline.php", - "/nextpage/localtimeline.php", - "/nextpage/searchtimeline.php", - "/nextpage/ueusetimeline.php", - "/notice/addnotice.php", - "/notice/index.php", - "/notification/index.php", - "/others/account_migration.php", - "/others/account_migration_done.php", - "/others/index.php", - "/others/token.php", - "/search/index.php", - "/settings/addauthcode.php", - "/settings/index.php", - "/settings/success.php", - "/settings_admin/actionlog_admin.php", - "/settings_admin/ad_admin.php", - "/settings_admin/addemoji_admin.php", - "/settings_admin/codeadmin.php", - "/settings_admin/customize_admin.php", - "/settings_admin/ipblock_admin.php", - "/settings_admin/jobs_admin.php", - "/settings_admin/maintenance_admin.php", - "/settings_admin/moderation_admin.php", - "/settings_admin/overview_admin.php", - "/settings_admin/plugin_admin.php", - "/settings_admin/role_admin.php", - "/settings_admin/serveradmin.php", - "/settings_admin/update_admin.php", - "/settings_admin/useradmin.php", - "/settings_admin/userinfo.php", + "/passrecovery/badrecovery.php", + "/passrecovery/donerecovery.php", "/user/index.php", - "/user/report.php", - "/user/success.php", + "/server/uwuzuabout.txt", "/server/uwuzuinfo.txt", "/server/uwuzurelease.txt" ], diff --git a/user/index.php b/user/index.php index 70cb8b2..afcf753 100644 --- a/user/index.php +++ b/user/index.php @@ -155,35 +155,27 @@ if (!empty($pdo)) { $ueuse_cnt = $allueuse->rowCount(); //-------フォロワー取得--------- - $follower_userdata = array(); - if(!(empty($follower))){ - foreach ($follower as $follower_userid) { - $follower_userQuery = $pdo->prepare("SELECT username, userid, iconname, headname, sacinfo FROM account WHERE userid = :userid"); - $follower_userQuery->bindValue(':userid', $follower_userid); - $follower_userQuery->execute(); - $follower_userinfo = $follower_userQuery->fetch(); - if ($follower_userinfo) { - $follower_userdata[] = $follower_userinfo; - } - } + if ($follower != false) { + $placeholders_follower = str_repeat('?,', count($follower) - 1) . '?'; + $get_follower_sql = "SELECT username, userid, iconname, headname, sacinfo FROM account WHERE userid IN ($placeholders_follower)"; + $follower_userQuery = $pdo->prepare($get_follower_sql); + $follower_userQuery->execute($follower); + + $follower_userdata = $follower_userQuery->fetchAll(PDO::FETCH_ASSOC); } //-------フォロー取得--------- - $follow_userdata = array(); - if(!(empty($follow))){ - foreach ($follow as $follow_userid) { - $follow_userQuery = $pdo->prepare("SELECT username, userid, iconname, headname, sacinfo FROM account WHERE userid = :userid"); - $follow_userQuery->bindValue(':userid', $follow_userid); - $follow_userQuery->execute(); - $follow_userinfo = $follow_userQuery->fetch(); - if ($follow_userinfo) { - $follow_userdata[] = $follow_userinfo; - } - } + if ($follow != false) { + $placeholders_follow = str_repeat('?,', count($follow) - 1) . '?'; + $get_follow_sql = "SELECT username, userid, iconname, headname, sacinfo FROM account WHERE userid IN ($placeholders_follow)"; + $follow_userQuery = $pdo->prepare($get_follow_sql); + $follow_userQuery->execute($follow); + + $follow_userdata = $follow_userQuery->fetchAll(PDO::FETCH_ASSOC); } if(filter_var($userdata['iconname'], FILTER_VALIDATE_URL)){