last2014/uwuzu-mirror
1
0
Fork 0
mirror of https://github.com/Daichimarukana/uwuzu.git synced 2026-06-04 19:14:41 +00:00
Code Activity

uwuzu v1.5.0 Combeny

Browse Source
This commit is contained in:
Daichimarukana
2025-05-03 23:17:23 +09:00
parent 579d8de18d
commit 7c328d03f5
66 changed files with 6498 additions and 3152 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api/favorite/change.php
-2
View File
@@ -6,8 +6,6 @@ require('../../db.php');
//- Base64_mime
require('../../function/function.php');
blockedIP($_SERVER['REMOTE_ADDR']);
//投稿及び返信レート制限↓(分):デフォで60件/分まで
$max_ueuse_rate_limit = 60;
$mojisizefile = "../../server/textsize.txt";
api/favorite/get.php
-2
View File
@@ -6,8 +6,6 @@ require('../../db.php');
//- Base64_mime
require('../../function/function.php');
blockedIP($_SERVER['REMOTE_ADDR']);
//投稿及び返信レート制限↓(分):デフォで60件/分まで
$max_ueuse_rate_limit = 60;
$mojisizefile = "../../server/textsize.txt";
api/sitemap-api.php
+34
View File
@@ -0,0 +1,34 @@
<?php
require('../db.php');
require("../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
header("Content-Type: application/xml; charset=UTF-8");
header("Access-Control-Allow-Origin: *");
$domain = $_SERVER['HTTP_HOST'];
$xml_text = <<<XML
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
<url>
<loc>https://$domain/</loc>
<priority>1.0</priority>
</url>
<url>
<loc>https://$domain/new.php</loc>
<priority>0.8</priority>
</url>
<url>
<loc>https://$domain/login.php</loc>
<priority>0.8</priority>
</url>
</urlset>
XML;
$test_xml = new SimpleXMLElement($xml_text);
echo $test_xml->asXML();
?>
api/ueuse/create.php
+159 -201
View File
@@ -6,8 +6,6 @@ require('../../db.php');
//- Base64_mime
require('../../function/function.php');
blockedIP($_SERVER['REMOTE_ADDR']);
//投稿及び返信レート制限↓(分):デフォで60件/分まで
$max_ueuse_rate_limit = 60;
$mojisizefile = "../../server/textsize.txt";
@@ -88,6 +86,14 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$ueuse = safetext($_GET['text']);
}elseif(!(empty($post_json["text"]))){
$ueuse = safetext($post_json["text"]);
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
//リプライ先取得
if(!(empty($_GET['replyid']))){
@@ -97,6 +103,14 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
}else{
$replyid = "";
}
//リユーズ先取得
if(!(empty($_GET['reuseid']))){
$reuseid = safetext($_GET['reuseid']);
}elseif(!(empty($post_json["reuseid"]))){
$reuseid = safetext($post_json["reuseid"]);
}else{
$reuseid = "";
}
//NSFWの有無
if(!(empty($_GET['nsfw']))){
@@ -117,211 +131,155 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$nsfw = "false";
}
//Base64での画像送信の確認(POSTのみ&デコードは関数(Base64_mime)側でやってくれる)
$img_uid = safetext($userData["userid"]);//UserID必須
if(!(empty($post_json["image1"]))){
$image1 = safetext($post_json["image1"]);
$UploadPath1 = base64_mime($image1,$img_uid);
if($UploadPath1 == false){
$UploadPath1 = "none";
}
}else{
$UploadPath1 = "none";
}
if(!(empty($post_json["image2"]))){
$image2 = safetext($post_json["image2"]);
$UploadPath2 = base64_mime($image2,$img_uid);
if($UploadPath2 == false){
$UploadPath2 = "none";
}
}else{
$UploadPath2 = "none";
}
if(!(empty($post_json["image3"]))){
$image3 = safetext($post_json["image3"]);
$UploadPath3 = base64_mime($image3,$img_uid);
if($UploadPath3 == false){
$UploadPath3 = "none";
}
}else{
$UploadPath3 = "none";
}
if(!(empty($post_json["image4"]))){
$image4 = safetext($post_json["image4"]);
$UploadPath4 = base64_mime($image4,$img_uid);
if($UploadPath4 == false){
$UploadPath4 = "none";
}
}else{
$UploadPath4 = "none";
}
//ここまで-----------------------------------------
$old_datetime = date("Y-m-d H:i:00");
$now_datetime = date("Y-m-d H:i:00",strtotime("+1 minute"));
$rate_Query = $pdo->prepare("SELECT * FROM ueuse WHERE account = :userid AND TIME(datetime) BETWEEN :old_datetime AND :now_datetime");
$rate_Query->bindValue(':userid', $userData["userid"]);
$rate_Query->bindValue(':old_datetime', $old_datetime);
$rate_Query->bindValue(':now_datetime', $now_datetime);
$rate_Query->execute();
$rate_count = $rate_Query->rowCount();
if(!($rate_count > $max_ueuse_rate_limit-1)){
if( empty($ueuse) ) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
} else {
// 文字数を確認
if( (int)safetext(file_get_contents($mojisizefile)) < mb_strlen($ueuse, 'UTF-8') ) {
$err = "content_to_".safetext(file_get_contents($mojisizefile))."_characters";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
// 禁止url確認
for($i = 0; $i < count($banurl); $i++) {
if(!($banurl[$i] == "")){
if (false !== strpos($ueuse, 'https://'.$banurl[$i])) {
$err = "contains_prohibited_url";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
}
}
if(!(empty($replyid))){
$rpChkQuery = $pdo->prepare("SELECT * FROM ueuse WHERE uniqid = :rpuniqid");
$rpChkQuery->bindValue(':rpuniqid', $replyid);
$rpChkQuery->execute();
$rpChkcount = $rpChkQuery->rowCount();
if(empty($rpChkcount)){
$err = "no_reply_destination";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
// 書き込み日時を取得
$username = safetext($userData["username"]);
$userid = safetext($userData["userid"]);
$datetime = safetext(date("Y-m-d H:i:s"));
$uniqid = safetext(createUniqId());
$abi = "none";
$nones = "none";
$popularity = 0;
// トランザクション開始
$pdo->beginTransaction();
try {
// SQL作成
$stmt = $pdo->prepare("INSERT INTO ueuse (username, account, uniqid, rpuniqid, ueuse, photo1, photo2, photo3, photo4, video1, datetime, abi, nsfw, popularity) VALUES (:username, :account, :uniqid, :rpuniqid, :ueuse, :photo1, :photo2, :photo3, :photo4, :video1, :datetime, :abi, :nsfw, :popularity)");
$imageData = base64_decode($post_json["image1"],true);
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':account', $userid, PDO::PARAM_STR);
$stmt->bindParam(':uniqid', $uniqid, PDO::PARAM_STR);
$stmt->bindParam(':rpuniqid', $replyid, PDO::PARAM_STR);
$stmt->bindParam(':ueuse', $ueuse, PDO::PARAM_STR);
$tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId());
file_put_contents($tmpFilePath, $imageData);
$Img1Files = [
'name' => 'upload.png',
'type' => check_mime($tmpFilePath),
'tmp_name' => $tmpFilePath,
'error' => UPLOAD_ERR_OK,
'size' => strlen($imageData),
];
} else {
$Img1Files = array();
}
$stmt->bindParam(':photo1', $UploadPath1, PDO::PARAM_STR);
$stmt->bindParam(':photo2', $UploadPath2, PDO::PARAM_STR);
$stmt->bindParam(':photo3', $UploadPath3, PDO::PARAM_STR);
$stmt->bindParam(':photo4', $UploadPath4, PDO::PARAM_STR);
$stmt->bindParam(':video1', $nones, PDO::PARAM_STR);
if(!(empty($post_json["image2"]))){
$imageData = base64_decode($post_json["image2"],true);
$tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId());
file_put_contents($tmpFilePath, $imageData);
$Img2Files = [
'name' => 'upload.png',
'type' => check_mime($tmpFilePath),
'tmp_name' => $tmpFilePath,
'error' => UPLOAD_ERR_OK,
'size' => strlen($imageData),
];
} else {
$Img2Files = array();
}
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
if(!(empty($post_json["image3"]))){
$imageData = base64_decode($post_json["image3"],true);
$tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId());
file_put_contents($tmpFilePath, $imageData);
$Img3Files = [
'name' => 'upload.png',
'type' => check_mime($tmpFilePath),
'tmp_name' => $tmpFilePath,
'error' => UPLOAD_ERR_OK,
'size' => strlen($imageData),
];
} else {
$Img3Files = array();
}
$stmt->bindParam(':abi', $abi, PDO::PARAM_STR);
$stmt->bindParam(':nsfw', $nsfw, PDO::PARAM_STR);
$stmt->bindParam(':popularity', $popularity, PDO::PARAM_INT);
// SQLクエリの実行
$res = $stmt->execute();
// コミット
$res = $pdo->commit();
$mentionedUsers = array_unique(get_mentions_userid($ueuse));
foreach ($mentionedUsers as $mentionedUser) {
$pdo->beginTransaction();
try {
$fromuserid = safetext($userid);
$touserid = safetext($mentionedUser);
$datetime = safetext(date("Y-m-d H:i:s"));
$msg = "" . $ueuse . "";
$title = "" . safetext($username) . "さんにメンションされました!";
$url = "/!" . safetext($uniqid) . "";
$userchk = 'none';
// 通知用SQL作成
$stmt = $pdo->prepare("INSERT INTO notification (fromuserid, touserid, msg, url, datetime, userchk, title) VALUES (:fromuserid, :touserid, :msg, :url, :datetime, :userchk, :title)");
$stmt->bindParam(':fromuserid', $fromuserid, PDO::PARAM_STR);
$stmt->bindParam(':touserid', $touserid, PDO::PARAM_STR);
$stmt->bindParam(':msg', $msg, PDO::PARAM_STR);
$stmt->bindParam(':url', $url, PDO::PARAM_STR);
$stmt->bindParam(':userchk', $userchk, PDO::PARAM_STR);
$stmt->bindParam(':title', $title, PDO::PARAM_STR);
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
// SQLクエリの実行
$res = $stmt->execute();
// コミット
$res = $pdo->commit();
} catch(Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
}
} catch(Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
if( $res ) {
$response = array(
'uniqid' => decode_yajirushi(htmlspecialchars_decode($uniqid)),
'userid' => decode_yajirushi(htmlspecialchars_decode($userid)),
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
} else {
$err = "db_error_".$e->getMessage();
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
// プリペアドステートメントを削除
$stmt = null;
if(!(empty($post_json["image4"]))){
$imageData = base64_decode($post_json["image4"],true);
$tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId());
file_put_contents($tmpFilePath, $imageData);
$Img4Files = [
'name' => 'upload.png',
'type' => check_mime($tmpFilePath),
'tmp_name' => $tmpFilePath,
'error' => UPLOAD_ERR_OK,
'size' => strlen($imageData),
];
} else {
$Img4Files = array();
}
$settingsJson = getUserData($pdo, $userData["userid"])["other_settings"];
if(!(empty($settingsJson))){
$isAIBWM = val_OtherSettings("isAIBlockWaterMark", $settingsJson);
}else{
$err = "over_rate_limit";
$isAIBWM = false;
}
$video1 = array();
$ueuse_result = send_ueuse($userData["userid"],$replyid,$reuseid,$ueuse,$Img1Files,$Img2Files,$Img3Files,$Img4Files,$video1,$nsfw,$isAIBWM, "../");
if($ueuse_result[0] == true){
$response = array(
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueuse_result[1])),
'userid' => decode_yajirushi(htmlspecialchars_decode($userData["userid"])),
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}else{
$errcode = $ueuse_result[1][0];
switch (true) {
case strpos($errcode, 'ACCOUNT_HAS_BEEN_FROZEN' ) !==false:
$err = "this_account_has_been_frozen";
break;
case strpos($errcode, 'INPUT_PLEASE' ) !==false:
$err = "input_not_found";
break;
case strpos($errcode, 'INPUT_OVER_MAX_COUNT' ) !==false:
$err = "content_to_".safetext(file_get_contents($mojisizefile))."_characters";
break;
case strpos($errcode, 'INPUT_CONTAINS_PROHIBITED_URL' ) !==false:
$err = "contains_prohibited_url";
break;
case strpos($errcode, 'FILE_DEKASUGUI_PHP_INI_KAKUNIN' ) !==false:
$err = "upload_error";
break;
case strpos($errcode, 'FILE_DEKASUGUI_HTML_KAKUNIN' ) !==false:
$err = "upload_error";
break;
case strpos($errcode, 'FILE_SUKOSHIDAKE_UPLOAD' ) !==false:
$err = "upload_error";
break;
case strpos($errcode, 'FILE_UPLOAD_DEKINAKATTA' ) !==false:
$err = "upload_error";
break;
case strpos($errcode, 'TMP_FOLDER_NAI' ) !==false:
$err = "upload_error";
break;
case strpos($errcode, 'FILE_KAKIKOMI_SIPPAI' ) !==false:
$err = "upload_error";
break;
case strpos($errcode, 'PHPINFO()_KAKUNIN' ) !==false:
$err = "upload_error";
break;
case strpos($errcode, 'S3ERROR' ) !==false:
$err = "upload_error";
break;
case strpos($errcode, 'SORRY_FILE_HITAIOU' ) !==false:
$err = "upload_error";
break;
case strpos($errcode, 'FILE_UPLOAD_DEKINAKATTA' ) !==false:
$err = "upload_error";
break;
case strpos($errcode, 'PHOTO_SELECT_PLEASE' ) !==false:
$err = "upload_error";
break;
case strpos($errcode, 'REGISTERED_DAME' ) !==false:
$err = "could_not_complete";
break;
case strpos($errcode, 'OVER_RATE_LIMIT' ) !==false:
$err = "over_rate_limit";
break;
case strpos($errcode, 'ERROR' ) !==false:
$err = "could_not_complete";
break;
default:
$err = "could_not_complete";
break;
}
$response = array(
'error_code' => $err,
);
api/users/follow.php
-2
View File
@@ -6,8 +6,6 @@ require('../../db.php');
//- Base64_mime
require('../../function/function.php');
blockedIP($_SERVER['REMOTE_ADDR']);
//投稿及び返信レート制限↓(分):デフォで60件/分まで
$max_ueuse_rate_limit = 60;
$mojisizefile = "../../server/textsize.txt";
api/users/unfollow.php
-2
View File
@@ -6,8 +6,6 @@ require('../../db.php');
//- Base64_mime
require('../../function/function.php');
blockedIP($_SERVER['REMOTE_ADDR']);
//投稿及び返信レート制限↓(分):デフォで60件/分まで
$max_ueuse_rate_limit = 60;
$mojisizefile = "../../server/textsize.txt";
api/v1/instance.php
+1 -1
View File
@@ -1,5 +1,5 @@
<?php
require('../db.php');
require('../../db.php');
require("../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
$serversettings_file = "../../server/serversettings.ini";