mirror of
https://github.com/Daichimarukana/uwuzu.git
synced 2026-06-05 03:24:41 +00:00
uwuzu v1.5.0 Combeny
This commit is contained in:
Daichimarukana
+159
-201
@@ -6,8 +6,6 @@ require('../../db.php');
|
||||
//- Base64_mime
|
||||
require('../../function/function.php');
|
||||
blockedIP($_SERVER['REMOTE_ADDR']);
|
||||
//投稿及び返信レート制限↓(分):デフォで60件/分まで
|
||||
$max_ueuse_rate_limit = 60;
|
||||
|
||||
$mojisizefile = "../../server/textsize.txt";
|
||||
|
||||
@@ -88,6 +86,14 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
|
||||
$ueuse = safetext($_GET['text']);
|
||||
}elseif(!(empty($post_json["text"]))){
|
||||
$ueuse = safetext($post_json["text"]);
|
||||
}else{
|
||||
$err = "input_not_found";
|
||||
$response = array(
|
||||
'error_code' => $err,
|
||||
);
|
||||
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
exit;
|
||||
}
|
||||
//リプライ先取得
|
||||
if(!(empty($_GET['replyid']))){
|
||||
@@ -97,6 +103,14 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
|
||||
}else{
|
||||
$replyid = "";
|
||||
}
|
||||
//リユーズ先取得
|
||||
if(!(empty($_GET['reuseid']))){
|
||||
$reuseid = safetext($_GET['reuseid']);
|
||||
}elseif(!(empty($post_json["reuseid"]))){
|
||||
$reuseid = safetext($post_json["reuseid"]);
|
||||
}else{
|
||||
$reuseid = "";
|
||||
}
|
||||
|
||||
//NSFWの有無
|
||||
if(!(empty($_GET['nsfw']))){
|
||||
@@ -117,211 +131,155 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
|
||||
$nsfw = "false";
|
||||
}
|
||||
|
||||
//Base64での画像送信の確認(POSTのみ&デコードは関数(Base64_mime)側でやってくれる)
|
||||
$img_uid = safetext($userData["userid"]);//UserID必須
|
||||
if(!(empty($post_json["image1"]))){
|
||||
$image1 = safetext($post_json["image1"]);
|
||||
$UploadPath1 = base64_mime($image1,$img_uid);
|
||||
if($UploadPath1 == false){
|
||||
$UploadPath1 = "none";
|
||||
}
|
||||
}else{
|
||||
$UploadPath1 = "none";
|
||||
}
|
||||
if(!(empty($post_json["image2"]))){
|
||||
$image2 = safetext($post_json["image2"]);
|
||||
$UploadPath2 = base64_mime($image2,$img_uid);
|
||||
if($UploadPath2 == false){
|
||||
$UploadPath2 = "none";
|
||||
}
|
||||
}else{
|
||||
$UploadPath2 = "none";
|
||||
}
|
||||
if(!(empty($post_json["image3"]))){
|
||||
$image3 = safetext($post_json["image3"]);
|
||||
$UploadPath3 = base64_mime($image3,$img_uid);
|
||||
if($UploadPath3 == false){
|
||||
$UploadPath3 = "none";
|
||||
}
|
||||
}else{
|
||||
$UploadPath3 = "none";
|
||||
}
|
||||
if(!(empty($post_json["image4"]))){
|
||||
$image4 = safetext($post_json["image4"]);
|
||||
$UploadPath4 = base64_mime($image4,$img_uid);
|
||||
if($UploadPath4 == false){
|
||||
$UploadPath4 = "none";
|
||||
}
|
||||
}else{
|
||||
$UploadPath4 = "none";
|
||||
}
|
||||
//ここまで-----------------------------------------
|
||||
|
||||
$old_datetime = date("Y-m-d H:i:00");
|
||||
$now_datetime = date("Y-m-d H:i:00",strtotime("+1 minute"));
|
||||
$rate_Query = $pdo->prepare("SELECT * FROM ueuse WHERE account = :userid AND TIME(datetime) BETWEEN :old_datetime AND :now_datetime");
|
||||
$rate_Query->bindValue(':userid', $userData["userid"]);
|
||||
$rate_Query->bindValue(':old_datetime', $old_datetime);
|
||||
$rate_Query->bindValue(':now_datetime', $now_datetime);
|
||||
$rate_Query->execute();
|
||||
$rate_count = $rate_Query->rowCount();
|
||||
if(!($rate_count > $max_ueuse_rate_limit-1)){
|
||||
if( empty($ueuse) ) {
|
||||
$err = "input_not_found";
|
||||
$response = array(
|
||||
'error_code' => $err,
|
||||
);
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
exit;
|
||||
} else {
|
||||
// 文字数を確認
|
||||
if( (int)safetext(file_get_contents($mojisizefile)) < mb_strlen($ueuse, 'UTF-8') ) {
|
||||
$err = "content_to_".safetext(file_get_contents($mojisizefile))."_characters";
|
||||
$response = array(
|
||||
'error_code' => $err,
|
||||
);
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
exit;
|
||||
}
|
||||
// 禁止url確認
|
||||
for($i = 0; $i < count($banurl); $i++) {
|
||||
if(!($banurl[$i] == "")){
|
||||
if (false !== strpos($ueuse, 'https://'.$banurl[$i])) {
|
||||
$err = "contains_prohibited_url";
|
||||
$response = array(
|
||||
'error_code' => $err,
|
||||
);
|
||||
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
if(!(empty($replyid))){
|
||||
$rpChkQuery = $pdo->prepare("SELECT * FROM ueuse WHERE uniqid = :rpuniqid");
|
||||
$rpChkQuery->bindValue(':rpuniqid', $replyid);
|
||||
$rpChkQuery->execute();
|
||||
$rpChkcount = $rpChkQuery->rowCount();
|
||||
if(empty($rpChkcount)){
|
||||
$err = "no_reply_destination";
|
||||
$response = array(
|
||||
'error_code' => $err,
|
||||
);
|
||||
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
// 書き込み日時を取得
|
||||
$username = safetext($userData["username"]);
|
||||
$userid = safetext($userData["userid"]);
|
||||
$datetime = safetext(date("Y-m-d H:i:s"));
|
||||
$uniqid = safetext(createUniqId());
|
||||
$abi = "none";
|
||||
$nones = "none";
|
||||
$popularity = 0;
|
||||
|
||||
// トランザクション開始
|
||||
$pdo->beginTransaction();
|
||||
|
||||
try {
|
||||
|
||||
// SQL作成
|
||||
$stmt = $pdo->prepare("INSERT INTO ueuse (username, account, uniqid, rpuniqid, ueuse, photo1, photo2, photo3, photo4, video1, datetime, abi, nsfw, popularity) VALUES (:username, :account, :uniqid, :rpuniqid, :ueuse, :photo1, :photo2, :photo3, :photo4, :video1, :datetime, :abi, :nsfw, :popularity)");
|
||||
$imageData = base64_decode($post_json["image1"],true);
|
||||
|
||||
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':account', $userid, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':uniqid', $uniqid, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':rpuniqid', $replyid, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':ueuse', $ueuse, PDO::PARAM_STR);
|
||||
$tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId());
|
||||
file_put_contents($tmpFilePath, $imageData);
|
||||
|
||||
$Img1Files = [
|
||||
'name' => 'upload.png',
|
||||
'type' => check_mime($tmpFilePath),
|
||||
'tmp_name' => $tmpFilePath,
|
||||
'error' => UPLOAD_ERR_OK,
|
||||
'size' => strlen($imageData),
|
||||
];
|
||||
} else {
|
||||
$Img1Files = array();
|
||||
}
|
||||
|
||||
$stmt->bindParam(':photo1', $UploadPath1, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':photo2', $UploadPath2, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':photo3', $UploadPath3, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':photo4', $UploadPath4, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':video1', $nones, PDO::PARAM_STR);
|
||||
if(!(empty($post_json["image2"]))){
|
||||
$imageData = base64_decode($post_json["image2"],true);
|
||||
|
||||
$tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId());
|
||||
file_put_contents($tmpFilePath, $imageData);
|
||||
|
||||
$Img2Files = [
|
||||
'name' => 'upload.png',
|
||||
'type' => check_mime($tmpFilePath),
|
||||
'tmp_name' => $tmpFilePath,
|
||||
'error' => UPLOAD_ERR_OK,
|
||||
'size' => strlen($imageData),
|
||||
];
|
||||
} else {
|
||||
$Img2Files = array();
|
||||
}
|
||||
|
||||
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
|
||||
if(!(empty($post_json["image3"]))){
|
||||
$imageData = base64_decode($post_json["image3"],true);
|
||||
|
||||
$tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId());
|
||||
file_put_contents($tmpFilePath, $imageData);
|
||||
|
||||
$Img3Files = [
|
||||
'name' => 'upload.png',
|
||||
'type' => check_mime($tmpFilePath),
|
||||
'tmp_name' => $tmpFilePath,
|
||||
'error' => UPLOAD_ERR_OK,
|
||||
'size' => strlen($imageData),
|
||||
];
|
||||
} else {
|
||||
$Img3Files = array();
|
||||
}
|
||||
|
||||
$stmt->bindParam(':abi', $abi, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':nsfw', $nsfw, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':popularity', $popularity, PDO::PARAM_INT);
|
||||
|
||||
// SQLクエリの実行
|
||||
$res = $stmt->execute();
|
||||
|
||||
// コミット
|
||||
$res = $pdo->commit();
|
||||
|
||||
$mentionedUsers = array_unique(get_mentions_userid($ueuse));
|
||||
|
||||
foreach ($mentionedUsers as $mentionedUser) {
|
||||
|
||||
$pdo->beginTransaction();
|
||||
|
||||
try {
|
||||
$fromuserid = safetext($userid);
|
||||
$touserid = safetext($mentionedUser);
|
||||
$datetime = safetext(date("Y-m-d H:i:s"));
|
||||
$msg = "" . $ueuse . "";
|
||||
$title = "" . safetext($username) . "さんにメンションされました!";
|
||||
$url = "/!" . safetext($uniqid) . "";
|
||||
$userchk = 'none';
|
||||
|
||||
// 通知用SQL作成
|
||||
$stmt = $pdo->prepare("INSERT INTO notification (fromuserid, touserid, msg, url, datetime, userchk, title) VALUES (:fromuserid, :touserid, :msg, :url, :datetime, :userchk, :title)");
|
||||
|
||||
$stmt->bindParam(':fromuserid', $fromuserid, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':touserid', $touserid, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':msg', $msg, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':url', $url, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':userchk', $userchk, PDO::PARAM_STR);
|
||||
$stmt->bindParam(':title', $title, PDO::PARAM_STR);
|
||||
|
||||
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
|
||||
|
||||
// SQLクエリの実行
|
||||
$res = $stmt->execute();
|
||||
|
||||
// コミット
|
||||
$res = $pdo->commit();
|
||||
|
||||
} catch(Exception $e) {
|
||||
|
||||
// エラーが発生した時はロールバック
|
||||
$pdo->rollBack();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
} catch(Exception $e) {
|
||||
|
||||
// エラーが発生した時はロールバック
|
||||
$pdo->rollBack();
|
||||
}
|
||||
|
||||
if( $res ) {
|
||||
$response = array(
|
||||
'uniqid' => decode_yajirushi(htmlspecialchars_decode($uniqid)),
|
||||
'userid' => decode_yajirushi(htmlspecialchars_decode($userid)),
|
||||
);
|
||||
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
} else {
|
||||
$err = "db_error_".$e->getMessage();
|
||||
$response = array(
|
||||
'error_code' => $err,
|
||||
);
|
||||
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
}
|
||||
|
||||
// プリペアドステートメントを削除
|
||||
$stmt = null;
|
||||
if(!(empty($post_json["image4"]))){
|
||||
$imageData = base64_decode($post_json["image4"],true);
|
||||
|
||||
$tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId());
|
||||
file_put_contents($tmpFilePath, $imageData);
|
||||
|
||||
$Img4Files = [
|
||||
'name' => 'upload.png',
|
||||
'type' => check_mime($tmpFilePath),
|
||||
'tmp_name' => $tmpFilePath,
|
||||
'error' => UPLOAD_ERR_OK,
|
||||
'size' => strlen($imageData),
|
||||
];
|
||||
} else {
|
||||
$Img4Files = array();
|
||||
}
|
||||
|
||||
$settingsJson = getUserData($pdo, $userData["userid"])["other_settings"];
|
||||
if(!(empty($settingsJson))){
|
||||
$isAIBWM = val_OtherSettings("isAIBlockWaterMark", $settingsJson);
|
||||
}else{
|
||||
$err = "over_rate_limit";
|
||||
$isAIBWM = false;
|
||||
}
|
||||
|
||||
$video1 = array();
|
||||
|
||||
$ueuse_result = send_ueuse($userData["userid"],$replyid,$reuseid,$ueuse,$Img1Files,$Img2Files,$Img3Files,$Img4Files,$video1,$nsfw,$isAIBWM, "../");
|
||||
|
||||
|
||||
if($ueuse_result[0] == true){
|
||||
$response = array(
|
||||
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueuse_result[1])),
|
||||
'userid' => decode_yajirushi(htmlspecialchars_decode($userData["userid"])),
|
||||
);
|
||||
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
}else{
|
||||
$errcode = $ueuse_result[1][0];
|
||||
switch (true) {
|
||||
case strpos($errcode, 'ACCOUNT_HAS_BEEN_FROZEN' ) !==false:
|
||||
$err = "this_account_has_been_frozen";
|
||||
break;
|
||||
case strpos($errcode, 'INPUT_PLEASE' ) !==false:
|
||||
$err = "input_not_found";
|
||||
break;
|
||||
case strpos($errcode, 'INPUT_OVER_MAX_COUNT' ) !==false:
|
||||
$err = "content_to_".safetext(file_get_contents($mojisizefile))."_characters";
|
||||
break;
|
||||
case strpos($errcode, 'INPUT_CONTAINS_PROHIBITED_URL' ) !==false:
|
||||
$err = "contains_prohibited_url";
|
||||
break;
|
||||
case strpos($errcode, 'FILE_DEKASUGUI_PHP_INI_KAKUNIN' ) !==false:
|
||||
$err = "upload_error";
|
||||
break;
|
||||
case strpos($errcode, 'FILE_DEKASUGUI_HTML_KAKUNIN' ) !==false:
|
||||
$err = "upload_error";
|
||||
break;
|
||||
case strpos($errcode, 'FILE_SUKOSHIDAKE_UPLOAD' ) !==false:
|
||||
$err = "upload_error";
|
||||
break;
|
||||
case strpos($errcode, 'FILE_UPLOAD_DEKINAKATTA' ) !==false:
|
||||
$err = "upload_error";
|
||||
break;
|
||||
case strpos($errcode, 'TMP_FOLDER_NAI' ) !==false:
|
||||
$err = "upload_error";
|
||||
break;
|
||||
case strpos($errcode, 'FILE_KAKIKOMI_SIPPAI' ) !==false:
|
||||
$err = "upload_error";
|
||||
break;
|
||||
case strpos($errcode, 'PHPINFO()_KAKUNIN' ) !==false:
|
||||
$err = "upload_error";
|
||||
break;
|
||||
case strpos($errcode, 'S3ERROR' ) !==false:
|
||||
$err = "upload_error";
|
||||
break;
|
||||
case strpos($errcode, 'SORRY_FILE_HITAIOU' ) !==false:
|
||||
$err = "upload_error";
|
||||
break;
|
||||
case strpos($errcode, 'FILE_UPLOAD_DEKINAKATTA' ) !==false:
|
||||
$err = "upload_error";
|
||||
break;
|
||||
case strpos($errcode, 'PHOTO_SELECT_PLEASE' ) !==false:
|
||||
$err = "upload_error";
|
||||
break;
|
||||
case strpos($errcode, 'REGISTERED_DAME' ) !==false:
|
||||
$err = "could_not_complete";
|
||||
break;
|
||||
case strpos($errcode, 'OVER_RATE_LIMIT' ) !==false:
|
||||
$err = "over_rate_limit";
|
||||
break;
|
||||
case strpos($errcode, 'ERROR' ) !==false:
|
||||
$err = "could_not_complete";
|
||||
break;
|
||||
default:
|
||||
$err = "could_not_complete";
|
||||
break;
|
||||
}
|
||||
|
||||
$response = array(
|
||||
'error_code' => $err,
|
||||
);
|
||||
|
||||
Reference in New Issue
Block a user