last2014/uwuzu-mirror
1
0
Fork 0
mirror of https://github.com/Daichimarukana/uwuzu.git synced 2026-06-05 03:24:41 +00:00
Code Activity

uwuzu v1.4.0 Funium

Browse Source
This commit is contained in:
Daichimarukana
2024-08-18 20:19:53 +09:00
commit ac2e6fe57c
491 changed files with 68446 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api/bot-api.php
+13
View File
@@ -0,0 +1,13 @@
<?php
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
$err = "API_has_been_deleted";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
?>
api/me/index.php
+195
View File
@@ -0,0 +1,195 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
function decode_yajirushi($postText){
$postText = str_replace('&larr;', '←', $postText);
$postText = str_replace('&darr;', '↓', $postText);
$postText = str_replace('&uarr;', '↑', $postText);
$postText = str_replace('&rarr;', '→', $postText);
return $postText;
}
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if(!(empty($_GET['token']))){
$token = safetext($_GET['token']);
}else{
$post_json = json_decode($Get_Post_Json, true);
if(isset($post_json["token"])){
$token = safetext($post_json["token"]);
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if($token == ""){
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$DataQuery = $pdo->prepare("SELECT username,userid,profile,datetime,follow,follower,iconname,headname,role,sacinfo,admin FROM account WHERE userid = :userid");
$DataQuery->bindValue(':userid', $userData["userid"]);
$DataQuery->execute();
$userdata = $DataQuery->fetch();
if (empty($userdata)){
$response = array(
'error_code' => "critical_error_userdata_not_found",
);
}else{
$roles = explode(',', $userdata["role"]);
if(!(empty($roles))){
foreach ($roles as $roleId) {
$Getrole = $pdo->prepare("SELECT roleidname, rolename, roleauth, rolecolor, roleeffect FROM role WHERE roleidname = :role");
$Getrole->bindValue(':role', $roleId);
$Getrole->execute();
$roleData[$roleId] = $Getrole->fetch();
if($roleData[$roleId]['roleeffect'] == '' || $roleData[$roleId]['roleeffect'] == 'none'){
$role_view_effect = "none";
}elseif($roleData[$roleId]['roleeffect'] == 'shine'){
$role_view_effect = "shine";
}elseif($roleData[$roleId]['roleeffect'] == 'rainbow'){
$role_view_effect = "rainbow";
}else{
$role_view_effect = "none";
}
$roleinfo = array(
"name" => decode_yajirushi(htmlspecialchars_decode($roleData[$roleId]['rolename'])),
"color" => decode_yajirushi(htmlspecialchars_decode($roleData[$roleId]['rolecolor'])),
"effect" => decode_yajirushi(htmlspecialchars_decode($role_view_effect)),
"id" => decode_yajirushi(htmlspecialchars_decode($roleData[$roleId]['roleidname'])),
);
$role[] = $roleinfo;
}
}else{
$role[] = "";
}
if(!(empty($userdata["sacinfo"]))){
if($userdata["sacinfo"] == "bot"){
$isBot = true;
}else{
$isBot = false;
}
}else{
$isBot = false;
}
if(!(empty($userdata["admin"]))){
if($userdata["admin"] == "yes"){
$isAdmin = true;
}else{
$isAdmin = false;
}
}else{
$isAdmin = false;
}
if(!(empty($userdata["follow"]))){
$followee = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($userdata["follow"])));
array_shift($followee);
}else{
$followee = array();
}
if(!(empty($userdata["follower"]))){
$follower = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($userdata["follower"])));
array_shift($follower);
}else{
$follower = array();
}
$followcnts = explode(',', $userdata["follow"]);
$userdata["follow_cnt"] = (int)count($followcnts)-1;
$followercnts = explode(',', $userdata["follower"]);
$userdata["follower_cnt"] = (int)count($followercnts)-1;
$allueuse = $pdo->prepare("SELECT account FROM ueuse WHERE account = :userid");
$allueuse->bindValue(':userid', $userdata["userid"]);
$allueuse->execute();
$All_ueuse = $allueuse->rowCount();
$response = array(
'username' => decode_yajirushi(htmlspecialchars_decode($userdata["username"])),
'userid' => decode_yajirushi(htmlspecialchars_decode($userdata["userid"])),
'profile' => decode_yajirushi(htmlspecialchars_decode($userdata["profile"])),
'user_icon' => decode_yajirushi(htmlspecialchars_decode("https://".$domain."/".$userdata["iconname"])),
'user_header' => decode_yajirushi(htmlspecialchars_decode("https://".$domain."/".$userdata["headname"])),
'registered_date' => decode_yajirushi(htmlspecialchars_decode($userdata["datetime"])),
'followee' => $followee,
'followee_cnt' => $userdata["follow_cnt"],
'follower' => $follower,
'follower_cnt' => $userdata["follower_cnt"],
'ueuse_cnt' => $All_ueuse,
'isBot' => $isBot,
'isAdmin' => $isAdmin,
'role' => $role,
'language' => "ja-JP",
);
}
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>
api/migration-api.php
+250
View File
@@ -0,0 +1,250 @@
<?php
require("../function/function.php");
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
function decode_yajirushi($postText){
$postText = str_replace('&larr;', '←', $postText);
$postText = str_replace('&darr;', '↓', $postText);
$postText = str_replace('&uarr;', '↑', $postText);
$postText = str_replace('&rarr;', '→', $postText);
return $postText;
}
function random_iv($length = 16){
return substr(str_shuffle('1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'), 0, $length);
}
$domain = $_SERVER['HTTP_HOST'];
require('../db.php');
$datetime = array();
$pdo = null;
session_start();
// データベースに接続
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option);
} catch (PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_GET['migration_code'])) {
if(isset($_GET['check'])) {
//移行後-----------------------------------------------------------------------------------------------
$migration_code = safetext($_GET['migration_code']);
$check = urldecode($_GET['check']);
$request_domain = safetext($_SERVER['REMOTE_ADDR']);
$migrationQuery = $pdo->prepare("SELECT * FROM migration WHERE migration_code = :migration_code");
$migrationQuery->bindValue(':migration_code', $migration_code);
$migrationQuery->execute();
$migrationData = $migrationQuery->fetch(PDO::FETCH_ASSOC);
if(!(empty($migrationData))){
$UserdataQuery = $pdo->prepare("SELECT userid FROM account WHERE userid = :userid");
$UserdataQuery->bindValue(':userid', $migrationData['account'], PDO::PARAM_STR);
$UserdataQuery->execute();
$UserData = $UserdataQuery->fetch(PDO::FETCH_ASSOC);
$done_chk = openssl_decrypt($check, "AES-256-CBC", $migrationData['encryption_key'], 0, $migrationData['encryption_ivkey']);
//下の文字列はアカウント移行が完了しているかの確認用!変えないで!!!
if($done_chk == "QYrLCSQIHqOLHuhJ"){
$account = safetext($UserData["userid"]);
$pdo->beginTransaction();
try {
$deleteQuery = $pdo->prepare("DELETE FROM migration WHERE account = :account");
$deleteQuery->bindValue(':account',$account, PDO::PARAM_STR);
$res = $deleteQuery->execute();
$res = $pdo->commit();
} catch(Exception $e) {
$pdo->rollBack();
}
$newrole = "ice";
$newtoken = "ice";
$newadmin = "none";
// トランザクション開始
$pdo->beginTransaction();
try {
$stmt = $pdo->prepare("UPDATE account SET role = :role,token = :newtoken,admin = :newadmin WHERE userid = :userid");
$stmt->bindValue(':role', $newrole, PDO::PARAM_STR);
$stmt->bindValue(':newtoken', $newtoken, PDO::PARAM_STR);
$stmt->bindValue(':newadmin', $newadmin, PDO::PARAM_STR);
$stmt->bindValue(':userid', $account, PDO::PARAM_STR);
// SQLクエリの実行
$res = $stmt->execute();
// コミット
$res = $pdo->commit();
} catch (Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
//メール送信はナシ
//------------
$pdo->beginTransaction();
try {
$datetime = date("Y-m-d H:i:s");
$msg = "アカウントの移行が完了したためこのアカウントの不正コピーを防ぐためアカウントを凍結しました!\n引き続きこのアカウントを利用するには管理者に凍結を解除してもらってください!";
$title = "✨アカウントの移行が完了しました!🔄️";
$url = "/rule/serverabout";
$userchk = 'none';
$from_userid = "uwuzu-fromsys";
$stmt = $pdo->prepare("INSERT INTO notification (fromuserid, touserid, msg, url, datetime, userchk, title) VALUES (:fromuserid, :touserid, :msg, :url, :datetime, :userchk, :title)");
$stmt->bindParam(':fromuserid', $from_userid, PDO::PARAM_STR);
$stmt->bindParam(':touserid', $account, PDO::PARAM_STR);
$stmt->bindParam(':msg', $msg, PDO::PARAM_STR);
$stmt->bindParam(':url', $url, PDO::PARAM_STR);
$stmt->bindParam(':userchk', $userchk, PDO::PARAM_STR);
$stmt->bindParam(':title', $title, PDO::PARAM_STR);
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
// SQLクエリの実行
$res2 = $stmt->execute();
// コミット
$res2 = $pdo->commit();
} catch(Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
if ($res) {
$item = array(
'done' => 'success',
);
$noencriptjson = json_encode($item, JSON_UNESCAPED_UNICODE);
$encriptjson = openssl_encrypt($noencriptjson, "AES-256-CBC", $migrationData['encryption_key'], 0, $migrationData['encryption_ivkey']);
$response = array(
'data' => $encriptjson,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
} else {
$err = "migration_bad_success";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else {
$err = "migration_bad_success";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = "migration_notfound";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
//移行データ
$migration_code = safetext($_GET['migration_code']);
$request_domain = safetext($_SERVER['REMOTE_ADDR']);
$migrationQuery = $pdo->prepare("SELECT * FROM migration WHERE migration_code = :migration_code");
$migrationQuery->bindValue(':migration_code', $migration_code);
$migrationQuery->execute();
$migrationData = $migrationQuery->fetch(PDO::FETCH_ASSOC);
if(!(empty($migrationData))){
$UserdataQuery = $pdo->prepare("SELECT * FROM account WHERE userid = :userid");
$UserdataQuery->bindValue(':userid', $migrationData['account'], PDO::PARAM_STR);
$UserdataQuery->execute();
$UserData = $UserdataQuery->fetch(PDO::FETCH_ASSOC);
/*
// 投稿内容の取得(新しい順に1000件取得)
$ueuseQuery = $pdo->prepare("SELECT * FROM ueuse WHERE account = :userid AND rpuniqid = '' ORDER BY datetime DESC LIMIT 1000");
$ueuseQuery->bindValue(':userid', $migrationData['account'], PDO::PARAM_STR);
$ueuseQuery->execute();
$ueuse_array = $ueuseQuery->fetchAll();
*/
if(!(empty($UserData))){
/*
if(!(empty($ueuse_array))){
foreach ($ueuse_array as $value) {
$ueuses = array(
"username" => decode_yajirushi(htmlentities($value['username'], ENT_QUOTES, 'UTF-8', false)),
"account" => decode_yajirushi(htmlentities($value['account'], ENT_QUOTES, 'UTF-8', false)),
"uniqid" => decode_yajirushi(htmlentities($value['uniqid'], ENT_QUOTES, 'UTF-8', false)),
"ueuse" => decode_yajirushi(htmlentities($value['ueuse'], ENT_QUOTES, 'UTF-8', false)),
"datetime" => decode_yajirushi(htmlentities($value['datetime'], ENT_QUOTES, 'UTF-8', false)),
"abi" => decode_yajirushi(htmlentities($value['abi'], ENT_QUOTES, 'UTF-8', false)),
"abidate" => decode_yajirushi(htmlentities($value['abidate'], ENT_QUOTES, 'UTF-8', false)),
"nsfw" => decode_yajirushi(htmlentities($value['nsfw'], ENT_QUOTES, 'UTF-8', false)),
);
$ueuse[] = $ueuses;
}
}else{
$ueuse[] = "";
}
*/
$item = [
"userdata" => array(
"user_name" => safetext($UserData["username"]),
"user_id" => safetext($UserData["userid"]),
"user_icon" => (empty($_SERVER['HTTPS']) ? 'http://' : 'https://').$domain."/".safetext($UserData["iconname"]),
"user_header" => (empty($_SERVER['HTTPS']) ? 'http://' : 'https://').$domain."/".safetext($UserData["headname"]),
"user_profile" => safetext($UserData["profile"]),
"mail_adds" => safetext($UserData["mailadds"]),
),
];
$noencriptjson = json_encode($item, JSON_UNESCAPED_UNICODE);
$encriptjson = openssl_encrypt($noencriptjson, "AES-256-CBC", $migrationData['encryption_key'], 0, $migrationData['encryption_ivkey']);
$response = array(
'data' => $encriptjson,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}else{
$err = "data_notfound";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = "migration_notfound";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "migration_code_notfound";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>
api/serverinfo-api.php
+139
View File
@@ -0,0 +1,139 @@
<?php
require("../function/function.php");
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
$mojisizefile = "../server/textsize.txt";
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
$serverinfofile = '../server/info.txt';
$serverinfo = file_get_contents($serverinfofile);
$domain = $_SERVER['HTTP_HOST'];
$softwarefile = "../server/uwuzuinfo.txt";
$softwaredata = file_get_contents($softwarefile);
$softwaredata = explode( "\n", $softwaredata );
$cnt = count( $softwaredata );
for( $i=0;$i<$cnt;$i++ ){
$uwuzuinfo[$i] = ($softwaredata[$i]);
}
function decode_yajirushi($postText){
$postText = str_replace('&larr;', '←', $postText);
$postText = str_replace('&darr;', '↓', $postText);
$postText = str_replace('&uarr;', '↑', $postText);
$postText = str_replace('&rarr;', '→', $postText);
return $postText;
}
require('../db.php');
$datetime = array();
$pdo = null;
session_start();
// データベースに接続
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option);
} catch (PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
$result = $mysqli->query("SELECT userid FROM account ORDER BY datetime");
/* 結果セットの行数を取得します */
$count1 = $result->num_rows;
$result2 = $mysqli->query("SELECT uniqid FROM ueuse ORDER BY datetime");
/* 結果セットの行数を取得します */
$count2 = $result2->num_rows;
/*-------------------*/
$sql = "SELECT title, note, account, datetime FROM notice ORDER BY datetime DESC";
$notice_array = $pdo->query($sql);
while ($row = $notice_array->fetch(PDO::FETCH_ASSOC)) {
$notices[] = $row;
}
if(safetext($serversettings["serverinfo"]["server_invitation"]) === "true"){
$invitation_code = true;
}else{
$invitation_code = false;
}
if(safetext($serversettings["serverinfo"]["server_account_migration"]) === "true"){
$account_migration = true;
}else{
$account_migration = false;
}
if(!(empty($notices))){
foreach ($notices as $value) {
$notices = array(
"title" => decode_yajirushi(htmlspecialchars_decode($value['title'])),
"note" => decode_yajirushi(htmlspecialchars_decode($value['note'])),
"editor" => decode_yajirushi(htmlspecialchars_decode($value['account'])),
"datetime" => decode_yajirushi(htmlspecialchars_decode($value['datetime'])),
);
$notice[] = $notices;
}
}else{
$notice[] = "";
}
$item = [
"server_info" => array(
"server_name" => safetext($serversettings["serverinfo"]["server_name"]),
"server_icon" => safetext($serversettings["serverinfo"]["server_icon"]),
"server_description" => $serverinfo,
"adminstor" => array(
"name" => safetext($serversettings["serverinfo"]["server_admin"]),
"email" => safetext($serversettings["serverinfo"]["server_admin_mailadds"]),
),
"terms_url" => "https://".$domain."/rule/terms",
"privacy_policy_url" => "https://".$domain."/rule/privacypolicy",
"max_ueuse_length" => (int)safetext(file_get_contents($mojisizefile)),
"invitation_code" => $invitation_code,
"account_migration" => $account_migration,
"usage" => [
"users" => $count1,
"ueuse" => $count2,
],
),
"software" => array(
"name" => "uwuzu",
"version" => "".str_replace("\r", '', $uwuzuinfo[1])."",
"repository" => "https://github.com/Daichimarukana/uwuzu",
),
"server_notice" => $notice,
];
$response = $item; // ループ内で $response にデータを追加
echo json_encode($response, JSON_UNESCAPED_UNICODE);
?>
api/ueuse/create.php
+345
View File
@@ -0,0 +1,345 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
//関数呼び出し
//- Base64_mime
require('../../function/function.php');
//投稿及び返信レート制限↓(分):デフォで60件/分まで
$max_ueuse_rate_limit = 60;
$mojisizefile = "../../server/textsize.txt";
$banurldomainfile = "../../server/banurldomain.txt";
$banurl_info = file_get_contents($banurldomainfile);
$banurl = preg_split("/\r\n|\n|\r/", $banurl_info);
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
function decode_yajirushi($postText){
$postText = str_replace('&larr;', '←', $postText);
$postText = str_replace('&darr;', '↓', $postText);
$postText = str_replace('&uarr;', '↑', $postText);
$postText = str_replace('&rarr;', '→', $postText);
return $postText;
}
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if(!(empty($_GET['token']))){
$token = safetext($_GET['token']);
}else{
$post_json = json_decode($Get_Post_Json, true);
if(isset($post_json["token"])){
$token = safetext($post_json["token"]);
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if($token == ""){
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
//本文取得
if(!(empty($_GET['text']))){
$ueuse = safetext($_GET['text']);
}elseif(!(empty($post_json["text"]))){
$ueuse = safetext($post_json["text"]);
}
//リプライ先取得
if(!(empty($_GET['replyid']))){
$replyid = safetext($_GET['replyid']);
}elseif(!(empty($post_json["replyid"]))){
$replyid = safetext($post_json["replyid"]);
}else{
$replyid = "";
}
//NSFWの有無
if(!(empty($_GET['nsfw']))){
$nsfwchk = safetext($_GET['nsfw']);
if($nsfwchk == "true"){
$nsfw = "true";
}else{
$nsfw = "false";
}
}elseif(!(empty($post_json["nsfw"]))){
$nsfwchk = safetext($post_json["nsfw"]);
if($nsfwchk == true){
$nsfw = "true";
}else{
$nsfw = "false";
}
}else{
$nsfw = "false";
}
//Base64での画像送信の確認(POSTのみ&デコードは関数(Base64_mime)側でやってくれる)
$img_uid = safetext($userData["userid"]);//UserID必須
if(!(empty($post_json["image1"]))){
$image1 = safetext($post_json["image1"]);
$UploadPath1 = base64_mime($image1,$img_uid);
if($UploadPath1 == false){
$UploadPath1 = "none";
}
}else{
$UploadPath1 = "none";
}
if(!(empty($post_json["image2"]))){
$image2 = safetext($post_json["image2"]);
$UploadPath2 = base64_mime($image2,$img_uid);
if($UploadPath2 == false){
$UploadPath2 = "none";
}
}else{
$UploadPath2 = "none";
}
if(!(empty($post_json["image3"]))){
$image3 = safetext($post_json["image3"]);
$UploadPath3 = base64_mime($image3,$img_uid);
if($UploadPath3 == false){
$UploadPath3 = "none";
}
}else{
$UploadPath3 = "none";
}
if(!(empty($post_json["image4"]))){
$image4 = safetext($post_json["image4"]);
$UploadPath4 = base64_mime($image4,$img_uid);
if($UploadPath4 == false){
$UploadPath4 = "none";
}
}else{
$UploadPath4 = "none";
}
//ここまで-----------------------------------------
$old_datetime = date("Y-m-d H:i:00");
$now_datetime = date("Y-m-d H:i:00",strtotime("+1 minute"));
$rate_Query = $pdo->prepare("SELECT * FROM ueuse WHERE account = :userid AND TIME(datetime) BETWEEN :old_datetime AND :now_datetime");
$rate_Query->bindValue(':userid', $userData["userid"]);
$rate_Query->bindValue(':old_datetime', $old_datetime);
$rate_Query->bindValue(':now_datetime', $now_datetime);
$rate_Query->execute();
$rate_count = $rate_Query->rowCount();
if(!($rate_count > $max_ueuse_rate_limit-1)){
if( empty($ueuse) ) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
} else {
// 文字数を確認
if( (int)safetext(file_get_contents($mojisizefile)) < mb_strlen($ueuse, 'UTF-8') ) {
$err = "content_to_".safetext(file_get_contents($mojisizefile))."_characters";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
// 禁止url確認
for($i = 0; $i < count($banurl); $i++) {
if(!($banurl[$i] == "")){
if (false !== strpos($ueuse, 'https://'.$banurl[$i])) {
$err = "contains_prohibited_url";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
}
}
if(!(empty($replyid))){
$rpChkQuery = $pdo->prepare("SELECT * FROM ueuse WHERE uniqid = :rpuniqid");
$rpChkQuery->bindValue(':rpuniqid', $replyid);
$rpChkQuery->execute();
$rpChkcount = $rpChkQuery->rowCount();
if(empty($rpChkcount)){
$err = "no_reply_destination";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
// 書き込み日時を取得
$username = safetext($userData["username"]);
$userid = safetext($userData["userid"]);
$datetime = safetext(date("Y-m-d H:i:s"));
$uniqid = safetext(createUniqId());
$abi = "none";
$nones = "none";
// トランザクション開始
$pdo->beginTransaction();
try {
// SQL作成
$stmt = $pdo->prepare("INSERT INTO ueuse (username, account, uniqid, rpuniqid, ueuse, photo1, photo2, photo3, photo4, video1, datetime, abi, nsfw) VALUES (:username, :account, :uniqid, :rpuniqid, :ueuse, :photo1, :photo2, :photo3, :photo4, :video1, :datetime, :abi, :nsfw)");
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':account', $userid, PDO::PARAM_STR);
$stmt->bindParam(':uniqid', $uniqid, PDO::PARAM_STR);
$stmt->bindParam(':rpuniqid', $replyid, PDO::PARAM_STR);
$stmt->bindParam(':ueuse', $ueuse, PDO::PARAM_STR);
$stmt->bindParam(':photo1', $UploadPath1, PDO::PARAM_STR);
$stmt->bindParam(':photo2', $UploadPath2, PDO::PARAM_STR);
$stmt->bindParam(':photo3', $UploadPath3, PDO::PARAM_STR);
$stmt->bindParam(':photo4', $UploadPath4, PDO::PARAM_STR);
$stmt->bindParam(':video1', $nones, PDO::PARAM_STR);
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
$stmt->bindParam(':abi', $abi, PDO::PARAM_STR);
$stmt->bindParam(':nsfw', $nsfw, PDO::PARAM_STR);
// SQLクエリの実行
$res = $stmt->execute();
// コミット
$res = $pdo->commit();
$mentionedUsers = array_unique(get_mentions_userid($ueuse));
foreach ($mentionedUsers as $mentionedUser) {
$pdo->beginTransaction();
try {
$fromuserid = safetext($userid);
$touserid = safetext($mentionedUser);
$datetime = safetext(date("Y-m-d H:i:s"));
$msg = "" . $ueuse . "";
$title = "" . safetext($username) . "さんにメンションされました!";
$url = "/!" . safetext($uniqid) . "";
$userchk = 'none';
// 通知用SQL作成
$stmt = $pdo->prepare("INSERT INTO notification (fromuserid, touserid, msg, url, datetime, userchk, title) VALUES (:fromuserid, :touserid, :msg, :url, :datetime, :userchk, :title)");
$stmt->bindParam(':fromuserid', $fromuserid, PDO::PARAM_STR);
$stmt->bindParam(':touserid', $touserid, PDO::PARAM_STR);
$stmt->bindParam(':msg', $msg, PDO::PARAM_STR);
$stmt->bindParam(':url', $url, PDO::PARAM_STR);
$stmt->bindParam(':userchk', $userchk, PDO::PARAM_STR);
$stmt->bindParam(':title', $title, PDO::PARAM_STR);
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
// SQLクエリの実行
$res = $stmt->execute();
// コミット
$res = $pdo->commit();
} catch(Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
}
} catch(Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
if( $res ) {
$response = array(
'uniqid' => decode_yajirushi(htmlspecialchars_decode($uniqid)),
'userid' => decode_yajirushi(htmlspecialchars_decode($userid)),
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
} else {
$err = "db_error_".$e->getMessage();
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
// プリペアドステートメントを削除
$stmt = null;
}else{
$err = "over_rate_limit";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>
api/ueuse/delete.php
+211
View File
@@ -0,0 +1,211 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
function decode_yajirushi($postText){
$postText = str_replace('&larr;', '←', $postText);
$postText = str_replace('&darr;', '↓', $postText);
$postText = str_replace('&uarr;', '↑', $postText);
$postText = str_replace('&rarr;', '→', $postText);
return $postText;
}
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if(!(empty($_GET['token']))){
$token = safetext($_GET['token']);
}else{
$post_json = json_decode($Get_Post_Json, true);
if(isset($post_json["token"])){
$token = safetext($post_json["token"]);
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if($token == ""){
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
if(!(empty($_GET['uniqid']))){
$ueuseid = $_GET['uniqid'];
}elseif(!(empty($post_json["uniqid"]))){
$ueuseid = $post_json["uniqid"];
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$query = $pdo->prepare('SELECT * FROM ueuse WHERE uniqid = :uniqid limit 1');
$query->execute(array(':uniqid' => $ueuseid));
$result = $query->fetch();
if(!(empty($result))){
if($result["account"] === $userData["userid"]){
$Userid = $userData["userid"];
$photo_query = $pdo->prepare("SELECT * FROM ueuse WHERE account = :userid AND uniqid = :uniqid");
$photo_query->bindValue(':userid', $Userid);
$photo_query->bindValue(':uniqid', $ueuseid);
$photo_query->execute();
$photo_and_video = $photo_query->fetch();
if(!($photo_and_video["photo1"] == "none")){
$photoDelete1 = glob("../".$photo_and_video["photo1"]); // 「-ユーザーID.拡張子」というパターンを検索
foreach ($photoDelete1 as $photo1) {
if (is_file($photo1)) {
unlink($photo1);
}
}
}
if(!($photo_and_video["photo2"] == "none")){
$photoDelete2 = glob("../".$photo_and_video["photo2"]); // 「-ユーザーID.拡張子」というパターンを検索
foreach ($photoDelete2 as $photo2) {
if (is_file($photo2)) {
unlink($photo2);
}
}
}
if(!($photo_and_video["photo3"] == "none")){
$photoDelete3 = glob("../".$photo_and_video["photo3"]); // 「-ユーザーID.拡張子」というパターンを検索
foreach ($photoDelete3 as $photo3) {
if (is_file($photo3)) {
unlink($photo3);
}
}
}
if(!($photo_and_video["photo4"] == "none")){
$photoDelete4 = glob("../".$photo_and_video["photo4"]); // 「-ユーザーID.拡張子」というパターンを検索
foreach ($photoDelete4 as $photo4) {
if (is_file($photo4)) {
unlink($photo4);
}
}
}
if(!($photo_and_video["video1"] == "none")){
$videoDelete1 = glob("../".$photo_and_video["video1"]); // 「-ユーザーID.拡張子」というパターンを検索
foreach ($videoDelete1 as $video1) {
if (is_file($video1)) {
unlink($video1);
}
}
}
try {
$deleteQuery = $pdo->prepare("DELETE FROM ueuse WHERE uniqid = :uniqid AND account = :userid");
$deleteQuery->bindValue(':uniqid', $ueuseid, PDO::PARAM_STR);
$deleteQuery->bindValue(':userid', $Userid, PDO::PARAM_STR);
$res = $deleteQuery->execute();
if ($res) {
$response = array(
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueuseid)),
'userid' => decode_yajirushi(htmlspecialchars_decode($userData["userid"])),
'success' => true
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
} else {
$response = array(
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueuseid)),
'userid' => decode_yajirushi(htmlspecialchars_decode($Userid)),
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
} catch(PDOException $e) {
$response = array(
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueuseid)),
'userid' => decode_yajirushi(htmlspecialchars_decode($userData["userid"])),
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
} else {
$err = "ueuse_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>
api/ueuse/get.php
+180
View File
@@ -0,0 +1,180 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
function decode_yajirushi($postText){
$postText = str_replace('&larr;', '←', $postText);
$postText = str_replace('&darr;', '↓', $postText);
$postText = str_replace('&uarr;', '↑', $postText);
$postText = str_replace('&rarr;', '→', $postText);
return $postText;
}
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if(!(empty($_GET['token']))){
$token = safetext($_GET['token']);
}else{
$post_json = json_decode($Get_Post_Json, true);
if(isset($post_json["token"])){
$token = safetext($post_json["token"]);
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if($token == ""){
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
if(!(empty($_GET['uniqid']))){
$ueuseid = $_GET['uniqid'];
}elseif(!(empty($post_json["uniqid"]))){
$ueuseid = $post_json["uniqid"];
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$sql = "SELECT * FROM ueuse WHERE uniqid = :ueuseid ORDER BY datetime ASC LIMIT 1";
$stmt = $pdo->prepare($sql);
$stmt->bindValue(':ueuseid', $ueuseid, PDO::PARAM_STR);
$stmt->execute();
$message_array = $stmt;
while ($row = $message_array->fetch(PDO::FETCH_ASSOC)) {
$messages[] = $row;
}
if (!empty($messages)) {
$response = array(); // ループ外で $response を初期化
foreach ($messages as $ueusedata) {
if(!(empty($ueusedata["favorite"]))){
$favorite = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite"])));
array_shift($favorite);
}else{
$favorite = array();
}
$favcnts = explode(',', $ueusedata["favorite"]);
$ueusedata["favorite_cnt"] = count($favcnts) - 1;
$userQuery = $pdo->prepare("SELECT username, userid, iconname, headname, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $ueusedata["account"]);
$userQuery->execute();
$userData = $userQuery->fetch();
if ($userData) {
$now_userdata = array(
"username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])),
"userid" => decode_yajirushi(htmlspecialchars_decode($userData['userid'])),
"user_icon" => decode_yajirushi(htmlspecialchars_decode("https://".$domain."/".$userData['iconname'])),
"user_head" => decode_yajirushi(htmlspecialchars_decode("https://".$domain."/".$userData['headname'])),
);
}
if($ueusedata["nsfw"] == "true"){
$nsfw = true;
}else{
$nsfw = false;
}
$item = [
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])),
'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])),
'text' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ueuse"])),
'account' => $now_userdata,
'photo1' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo1"]))),
'photo2' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo2"]))),
'photo3' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo3"]))),
'photo4' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo4"]))),
'video1' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["video1"]))),
'favorite' => $favorite,
'favorite_cnt' => decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite_cnt"])),
'datetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["datetime"])),
'abi' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abi"])),
'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])),
'nsfw' => $nsfw,
];
$response[] = $item; // ループ内で $response にデータを追加
}
echo json_encode($response, JSON_UNESCAPED_UNICODE);
} else {
$err = "ueuse_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>
api/ueuse/index.php
+194
View File
@@ -0,0 +1,194 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
function decode_yajirushi($postText){
$postText = str_replace('&larr;', '←', $postText);
$postText = str_replace('&darr;', '↓', $postText);
$postText = str_replace('&uarr;', '↑', $postText);
$postText = str_replace('&rarr;', '→', $postText);
return $postText;
}
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if(!(empty($_GET['token']))){
$token = safetext($_GET['token']);
}else{
$post_json = json_decode($Get_Post_Json, true);
if(isset($post_json["token"])){
$token = safetext($post_json["token"]);
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if($token == ""){
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
if(!(empty($_GET['limit']))){
$limit = (int)$_GET['limit'];
}elseif(!(empty($post_json["limit"]))){
$limit = (int)$post_json["limit"];
}else{
$limit = 25;
}
if($limit > 100){
$limit = 100;
}
if(!(empty($_GET['page']))){
$page = (int)$_GET['page'];
}elseif(!(empty($post_json["page"]))){
$page = (int)$post_json["page"];
}else{
$page = 1;
}
$offset = ($page - 1) * $limit;
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$sql = "SELECT ueuse.*
FROM ueuse
LEFT JOIN account ON ueuse.account = account.userid
WHERE ueuse.rpuniqid = '' AND account.role != 'ice'
ORDER BY ueuse.datetime DESC
LIMIT :offset, :itemsPerPage";
$stmt = $pdo->prepare($sql);
$stmt->bindValue(':offset', $offset, PDO::PARAM_INT);
$stmt->bindValue(':itemsPerPage', $limit, PDO::PARAM_INT);
$stmt->execute();
$message_array = $stmt;
while ($row = $message_array->fetch(PDO::FETCH_ASSOC)) {
$messages[] = $row;
}
if (!empty($messages)) {
$response = array(); // ループ外で $response を初期化
foreach ($messages as $ueusedata) {
if(!(empty($ueusedata["favorite"]))){
$favorite = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite"])));
array_shift($favorite);
}else{
$favorite = array();
}
$favcnts = explode(',', $ueusedata["favorite"]);
$ueusedata["favorite_cnt"] = count($favcnts) - 1;
$userQuery = $pdo->prepare("SELECT username, userid, iconname, headname, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $ueusedata["account"]);
$userQuery->execute();
$userData = $userQuery->fetch();
if ($userData) {
$now_userdata = array(
"username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])),
"userid" => decode_yajirushi(htmlspecialchars_decode($userData['userid'])),
"user_icon" => decode_yajirushi(htmlspecialchars_decode("https://".$domain."/".$userData['iconname'])),
"user_head" => decode_yajirushi(htmlspecialchars_decode("https://".$domain."/".$userData['headname'])),
);
}
if($ueusedata["nsfw"] == "true"){
$nsfw = true;
}else{
$nsfw = false;
}
$item = [
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])),
'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])),
'text' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ueuse"])),
'account' => $now_userdata,
'photo1' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo1"]))),
'photo2' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo2"]))),
'photo3' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo3"]))),
'photo4' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo4"]))),
'video1' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["video1"]))),
'favorite' => $favorite,
'favorite_cnt' => decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite_cnt"])),
'datetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["datetime"])),
'abi' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abi"])),
'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])),
'nsfw' => $nsfw,
];
$response[] = $item; // ループ内で $response にデータを追加
}
echo json_encode($response, JSON_UNESCAPED_UNICODE);
} else {
$err = "ueuse_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>
api/ueuse/mentions.php
+192
View File
@@ -0,0 +1,192 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
function decode_yajirushi($postText){
$postText = str_replace('&larr;', '←', $postText);
$postText = str_replace('&darr;', '↓', $postText);
$postText = str_replace('&uarr;', '↑', $postText);
$postText = str_replace('&rarr;', '→', $postText);
return $postText;
}
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if(!(empty($_GET['token']))){
$token = safetext($_GET['token']);
}else{
$post_json = json_decode($Get_Post_Json, true);
if(isset($post_json["token"])){
$token = safetext($post_json["token"]);
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if($token == ""){
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
if(!(empty($_GET['limit']))){
$limit = (int)$_GET['limit'];
}elseif(!(empty($post_json["limit"]))){
$limit = (int)$post_json["limit"];
}else{
$limit = 25;
}
if($limit > 100){
$limit = 100;
}
if(!(empty($_GET['page']))){
$page = (int)$_GET['page'];
}elseif(!(empty($post_json["page"]))){
$page = (int)$post_json["page"];
}else{
$page = 1;
}
$offset = ($page - 1) * $limit;
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$Userid = $userData["userid"];
$sql = "SELECT * FROM ueuse WHERE ueuse LIKE :keyword OR abi LIKE :keyword ORDER BY datetime DESC LIMIT :offset, :itemsPerPage";
$stmt = $pdo->prepare($sql);
$stmt->bindValue(':offset', $offset, PDO::PARAM_INT);
$stmt->bindValue(':itemsPerPage', $limit, PDO::PARAM_INT);
$stmt->bindValue(':keyword', '%@' . $Userid . '%', PDO::PARAM_STR);
$stmt->execute();
$message_array = $stmt;
while ($row = $message_array->fetch(PDO::FETCH_ASSOC)) {
$messages[] = $row;
}
if (!empty($messages)) {
$response = array(); // ループ外で $response を初期化
foreach ($messages as $ueusedata) {
if(!(empty($ueusedata["favorite"]))){
$favorite = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite"])));
array_shift($favorite);
}else{
$favorite = array();
}
$favcnts = explode(',', $ueusedata["favorite"]);
$ueusedata["favorite_cnt"] = count($favcnts) - 1;
$userQuery = $pdo->prepare("SELECT username, userid, iconname, headname, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $ueusedata["account"]);
$userQuery->execute();
$userData = $userQuery->fetch();
if ($userData) {
$now_userdata = array(
"username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])),
"userid" => decode_yajirushi(htmlspecialchars_decode($userData['userid'])),
"user_icon" => decode_yajirushi(htmlspecialchars_decode("https://".$domain."/".$userData['iconname'])),
"user_head" => decode_yajirushi(htmlspecialchars_decode("https://".$domain."/".$userData['headname'])),
);
}
if($ueusedata["nsfw"] == "true"){
$nsfw = true;
}else{
$nsfw = false;
}
$item = [
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])),
'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])),
'text' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ueuse"])),
'account' => $now_userdata,
'photo1' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo1"]))),
'photo2' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo2"]))),
'photo3' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo3"]))),
'photo4' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo4"]))),
'video1' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["video1"]))),
'favorite' => $favorite,
'favorite_cnt' => decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite_cnt"])),
'datetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["datetime"])),
'abi' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abi"])),
'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])),
'nsfw' => $nsfw,
];
$response[] = $item; // ループ内で $response にデータを追加
}
echo json_encode($response, JSON_UNESCAPED_UNICODE);
} else {
$err = "ueuse_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>
api/ueuse/replies.php
+203
View File
@@ -0,0 +1,203 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
function decode_yajirushi($postText){
$postText = str_replace('&larr;', '←', $postText);
$postText = str_replace('&darr;', '↓', $postText);
$postText = str_replace('&uarr;', '↑', $postText);
$postText = str_replace('&rarr;', '→', $postText);
return $postText;
}
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if(!(empty($_GET['token']))){
$token = safetext($_GET['token']);
}else{
$post_json = json_decode($Get_Post_Json, true);
if(isset($post_json["token"])){
$token = safetext($post_json["token"]);
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if($token == ""){
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
if(!(empty($_GET['uniqid']))){
$ueuseid = $_GET['uniqid'];
}elseif(!(empty($post_json["uniqid"]))){
$ueuseid = $post_json["uniqid"];
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
if(!(empty($_GET['limit']))){
$limit = (int)$_GET['limit'];
}elseif(!(empty($post_json["limit"]))){
$limit = (int)$post_json["limit"];
}else{
$limit = 25;
}
if($limit > 100){
$limit = 100;
}
if(!(empty($_GET['page']))){
$page = (int)$_GET['page'];
}elseif(!(empty($post_json["page"]))){
$page = (int)$post_json["page"];
}else{
$page = 1;
}
$offset = ($page - 1) * $limit;
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$sql = "SELECT * FROM ueuse WHERE uniqid = :ueuseid OR rpuniqid = :ueuseid ORDER BY datetime ASC LIMIT :offset, :itemsPerPage";
$stmt = $pdo->prepare($sql);
$stmt->bindValue(':ueuseid', $ueuseid, PDO::PARAM_STR);
$stmt->bindValue(':offset', $offset, PDO::PARAM_INT);
$stmt->bindValue(':itemsPerPage', $limit, PDO::PARAM_INT);
$stmt->execute();
$message_array = $stmt;
while ($row = $message_array->fetchAll(PDO::FETCH_ASSOC)) {
$messages[] = $row;
}
if (!empty($messages)) {
$response = array(); // ループ外で $response を初期化
foreach ($messages as $ueusedata) {
if(!(empty($ueusedata["favorite"]))){
$favorite = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite"])));
array_shift($favorite);
}else{
$favorite = array();
}
$favcnts = explode(',', $ueusedata["favorite"]);
$ueusedata["favorite_cnt"] = count($favcnts) - 1;
$userQuery = $pdo->prepare("SELECT username, userid, iconname, headname, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $ueusedata["account"]);
$userQuery->execute();
$userData = $userQuery->fetch();
if ($userData) {
$now_userdata = array(
"username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])),
"userid" => decode_yajirushi(htmlspecialchars_decode($userData['userid'])),
"user_icon" => decode_yajirushi(htmlspecialchars_decode("https://".$domain."/".$userData['iconname'])),
"user_head" => decode_yajirushi(htmlspecialchars_decode("https://".$domain."/".$userData['headname'])),
);
}
if($ueusedata["nsfw"] == "true"){
$nsfw = true;
}else{
$nsfw = false;
}
$item = [
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])),
'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])),
'text' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ueuse"])),
'account' => $now_userdata,
'photo1' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo1"]))),
'photo2' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo2"]))),
'photo3' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo3"]))),
'photo4' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo4"]))),
'video1' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["video1"]))),
'favorite' => $favorite,
'favorite_cnt' => decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite_cnt"])),
'datetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["datetime"])),
'abi' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abi"])),
'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])),
'nsfw' => $nsfw,
];
$response[] = $item; // ループ内で $response にデータを追加
}
echo json_encode($response, JSON_UNESCAPED_UNICODE);
} else {
$err = "ueuse_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>
api/ueuse/search.php
+206
View File
@@ -0,0 +1,206 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
function decode_yajirushi($postText){
$postText = str_replace('&larr;', '←', $postText);
$postText = str_replace('&darr;', '↓', $postText);
$postText = str_replace('&uarr;', '↑', $postText);
$postText = str_replace('&rarr;', '→', $postText);
return $postText;
}
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if(!(empty($_GET['token']))){
$token = safetext($_GET['token']);
}else{
$post_json = json_decode($Get_Post_Json, true);
if(isset($post_json["token"])){
$token = safetext($post_json["token"]);
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if($token == ""){
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
if(!(empty($_GET['keyword']))){
$keyword = $_GET['keyword'];
}elseif(!(empty($post_json["keyword"]))){
$keyword = $post_json["keyword"];
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
if(!(empty($_GET['limit']))){
$limit = (int)$_GET['limit'];
}elseif(!(empty($post_json["limit"]))){
$limit = (int)$post_json["limit"];
}else{
$limit = 25;
}
if($limit > 100){
$limit = 100;
}
if(!(empty($_GET['page']))){
$page = (int)$_GET['page'];
}elseif(!(empty($post_json["page"]))){
$page = (int)$post_json["page"];
}else{
$page = 1;
}
$offset = ($page - 1) * $limit;
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$Userid = $userData["userid"];
$sql = "SELECT * FROM ueuse WHERE ueuse LIKE :keyword OR abi LIKE :keyword ORDER BY datetime DESC LIMIT :offset, :itemsPerPage";
$stmt = $pdo->prepare($sql);
$stmt->bindValue(':offset', $offset, PDO::PARAM_INT);
$stmt->bindValue(':itemsPerPage', $limit, PDO::PARAM_INT);
$stmt->bindValue(':keyword', '%' . $keyword . '%', PDO::PARAM_STR);
$stmt->execute();
$message_array = $stmt;
while ($row = $message_array->fetch(PDO::FETCH_ASSOC)) {
$messages[] = $row;
}
if (!empty($messages)) {
$response = array(); // ループ外で $response を初期化
foreach ($messages as $ueusedata) {
if(!(empty($ueusedata["favorite"]))){
$favorite = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite"])));
array_shift($favorite);
}else{
$favorite = array();
}
$favcnts = explode(',', $ueusedata["favorite"]);
$ueusedata["favorite_cnt"] = count($favcnts) - 1;
$userQuery = $pdo->prepare("SELECT username, userid, iconname, headname, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $ueusedata["account"]);
$userQuery->execute();
$userData = $userQuery->fetch();
if ($userData) {
$now_userdata = array(
"username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])),
"userid" => decode_yajirushi(htmlspecialchars_decode($userData['userid'])),
"user_icon" => decode_yajirushi(htmlspecialchars_decode("https://".$domain."/".$userData['iconname'])),
"user_head" => decode_yajirushi(htmlspecialchars_decode("https://".$domain."/".$userData['headname'])),
);
}
if($ueusedata["nsfw"] == "true"){
$nsfw = true;
}else{
$nsfw = false;
}
$item = [
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])),
'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])),
'text' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ueuse"])),
'account' => $now_userdata,
'photo1' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo1"]))),
'photo2' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo2"]))),
'photo3' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo3"]))),
'photo4' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["photo4"]))),
'video1' => decode_yajirushi(htmlspecialchars_decode(str_replace('../', 'https://' . $_SERVER['HTTP_HOST'] . '/', $ueusedata["video1"]))),
'favorite' => $favorite,
'favorite_cnt' => decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite_cnt"])),
'datetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["datetime"])),
'abi' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abi"])),
'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])),
'nsfw' => $nsfw,
];
$response[] = $item; // ループ内で $response にデータを追加
}
echo json_encode($response, JSON_UNESCAPED_UNICODE);
} else {
$err = "ueuse_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>
api/users/follow.php
+217
View File
@@ -0,0 +1,217 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
//関数呼び出し
//- Base64_mime
require('../../function/function.php');
//投稿及び返信レート制限↓(分):デフォで60件/分まで
$max_ueuse_rate_limit = 60;
$mojisizefile = "../../server/textsize.txt";
$banurldomainfile = "../../server/banurldomain.txt";
$banurl_info = file_get_contents($banurldomainfile);
$banurl = preg_split("/\r\n|\n|\r/", $banurl_info);
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
function decode_yajirushi($postText){
$postText = str_replace('&larr;', '←', $postText);
$postText = str_replace('&darr;', '↓', $postText);
$postText = str_replace('&uarr;', '↑', $postText);
$postText = str_replace('&rarr;', '→', $postText);
return $postText;
}
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if(!(empty($_GET['token']))){
$token = safetext($_GET['token']);
}else{
$post_json = json_decode($Get_Post_Json, true);
if(isset($post_json["token"])){
$token = safetext($post_json["token"]);
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if($token == ""){
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role, follow, follower FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
//本文取得
if(!(empty($_GET['userid']))){
$follow_userid = safetext($_GET['userid']);
}elseif(!(empty($post_json["userid"]))){
$follow_userid = safetext($post_json["userid"]);
}
if(!(empty($follow_userid))){
$DataQuery = $pdo->prepare("SELECT username,userid,follow,follower FROM account WHERE userid = :userid");
$DataQuery->bindValue(':userid', $follow_userid);
$DataQuery->execute();
$Follow_userdata = $DataQuery->fetch();
$userid = $userData["userid"];
if(!(empty($Follow_userdata))){
if(!($userid == $Follow_userdata['userid'])){
$followerList = explode(',', $Follow_userdata['follower']);
if (!(in_array($userid, $followerList))) {
// 自分が相手をフォローしていない場合、相手のfollowerカラムと自分のfollowカラムを更新
$followerList[] = $userid;
$newFollowerList = implode(',', $followerList);
// UPDATE文を実行してフォロー情報を更新
$updateQuery = $pdo->prepare("UPDATE account SET follower = :follower WHERE userid = :userid");
$updateQuery->bindValue(':follower', $newFollowerList, PDO::PARAM_STR);
$updateQuery->bindValue(':userid', $Follow_userdata['userid'], PDO::PARAM_STR);
$res = $updateQuery->execute();
// 自分のfollowカラムを更新
$updateQuery = $pdo->prepare("UPDATE account SET follow = CONCAT_WS(',', follow, :follow) WHERE userid = :userid");
$updateQuery->bindValue(':follow', $Follow_userdata["userid"], PDO::PARAM_STR);
$updateQuery->bindValue(':userid', $userid, PDO::PARAM_STR);
$res_follow = $updateQuery->execute();
$datetime = date("Y-m-d H:i:s");
$pdo->beginTransaction();
try {
$fromuserid = safetext($userid);
$touserid = safetext($Follow_userdata["userid"]);
$datetime = safetext(date("Y-m-d H:i:s"));
$msg = safetext("".$userid."さんにフォローされました。");
$title = safetext("🎉".$userid."さんにフォローされました!🎉");
$url = safetext("/@" . $userid . "");
$userchk = safetext('none');
// 通知用SQL作成
$stmt = $pdo->prepare("INSERT INTO notification (fromuserid, touserid, msg, url, datetime, userchk, title) VALUES (:fromuserid, :touserid, :msg, :url, :datetime, :userchk, :title)");
$stmt->bindParam(':fromuserid', $fromuserid, PDO::PARAM_STR);
$stmt->bindParam(':touserid', $touserid, PDO::PARAM_STR);
$stmt->bindParam(':msg', $msg, PDO::PARAM_STR);
$stmt->bindParam(':url', $url, PDO::PARAM_STR);
$stmt->bindParam(':userchk', $userchk, PDO::PARAM_STR);
$stmt->bindParam(':title', $title, PDO::PARAM_STR);
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
// SQLクエリの実行
$res = $stmt->execute();
// コミット
$res = $pdo->commit();
} catch(Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
if ($res && $res_follow) {
//フォロー完了
$response = array(
'userid' => decode_yajirushi(htmlspecialchars_decode($Follow_userdata["userid"])),
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
} else {
$err = "db_error_".$e->getMessage();
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
$stmt = null;
}else{
$err = "already_been_completed";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = "you_cant_it_to_yourself";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = "critical_error_userdata_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>
api/users/index.php
+211
View File
@@ -0,0 +1,211 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
function decode_yajirushi($postText){
$postText = str_replace('&larr;', '←', $postText);
$postText = str_replace('&darr;', '↓', $postText);
$postText = str_replace('&uarr;', '↑', $postText);
$postText = str_replace('&rarr;', '→', $postText);
return $postText;
}
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if(!(empty($_GET['token']))){
$token = safetext($_GET['token']);
}else{
$post_json = json_decode($Get_Post_Json, true);
if(isset($post_json["token"])){
$token = safetext($post_json["token"]);
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if($token == ""){
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
if(!(empty($_GET['userid']))){
$userid = $_GET['userid'];
}elseif(!(empty($post_json["userid"]))){
$userid = $post_json["userid"];
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$DataQuery = $pdo->prepare("SELECT username,userid,profile,datetime,follow,follower,iconname,headname,role,sacinfo,admin FROM account WHERE userid = :userid");
$DataQuery->bindValue(':userid', $userid);
$DataQuery->execute();
$userdata = $DataQuery->fetch();
if (empty($userdata)){
$response = array(
'error_code' => "critical_error_userdata_not_found",
);
}else{
$roles = explode(',', $userdata["role"]);
if(!(empty($roles))){
foreach ($roles as $roleId) {
$Getrole = $pdo->prepare("SELECT roleidname, rolename, roleauth, rolecolor, roleeffect FROM role WHERE roleidname = :role");
$Getrole->bindValue(':role', $roleId);
$Getrole->execute();
$roleData[$roleId] = $Getrole->fetch();
if($roleData[$roleId]['roleeffect'] == '' || $roleData[$roleId]['roleeffect'] == 'none'){
$role_view_effect = "none";
}elseif($roleData[$roleId]['roleeffect'] == 'shine'){
$role_view_effect = "shine";
}elseif($roleData[$roleId]['roleeffect'] == 'rainbow'){
$role_view_effect = "rainbow";
}else{
$role_view_effect = "none";
}
$roleinfo = array(
"name" => decode_yajirushi(htmlspecialchars_decode($roleData[$roleId]['rolename'])),
"color" => decode_yajirushi(htmlspecialchars_decode($roleData[$roleId]['rolecolor'])),
"effect" => decode_yajirushi(htmlspecialchars_decode($role_view_effect)),
"id" => decode_yajirushi(htmlspecialchars_decode($roleData[$roleId]['roleidname'])),
);
$role[] = $roleinfo;
}
}else{
$role[] = "";
}
if(!(empty($userdata["sacinfo"]))){
if($userdata["sacinfo"] == "bot"){
$isBot = true;
}else{
$isBot = false;
}
}else{
$isBot = false;
}
if(!(empty($userdata["admin"]))){
if($userdata["admin"] == "yes"){
$isAdmin = true;
}else{
$isAdmin = false;
}
}else{
$isAdmin = false;
}
if(!(empty($userdata["follow"]))){
$followee = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($userdata["follow"])));
array_shift($followee);
}else{
$followee = array();
}
if(!(empty($userdata["follower"]))){
$follower = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($userdata["follower"])));
array_shift($follower);
}else{
$follower = array();
}
$followcnts = explode(',', $userdata["follow"]);
$userdata["follow_cnt"] = (int)count($followcnts)-1;
$followercnts = explode(',', $userdata["follower"]);
$userdata["follower_cnt"] = (int)count($followercnts)-1;
$allueuse = $pdo->prepare("SELECT account FROM ueuse WHERE account = :userid");
$allueuse->bindValue(':userid', $userdata["userid"]);
$allueuse->execute();
$All_ueuse = $allueuse->rowCount();
$response = array(
'username' => decode_yajirushi(htmlspecialchars_decode($userdata["username"])),
'userid' => decode_yajirushi(htmlspecialchars_decode($userdata["userid"])),
'profile' => decode_yajirushi(htmlspecialchars_decode($userdata["profile"])),
'user_icon' => decode_yajirushi(htmlspecialchars_decode("https://".$domain."/".$userdata["iconname"])),
'user_header' => decode_yajirushi(htmlspecialchars_decode("https://".$domain."/".$userdata["headname"])),
'registered_date' => decode_yajirushi(htmlspecialchars_decode($userdata["datetime"])),
'followee' => $followee,
'followee_cnt' => $userdata["follow_cnt"],
'follower' => $follower,
'follower_cnt' => $userdata["follower_cnt"],
'ueuse_cnt' => $All_ueuse,
'isBot' => $isBot,
'isAdmin' => $isAdmin,
'role' => $role,
'language' => "ja-JP",
);
}
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>
api/users/unfollow.php
+195
View File
@@ -0,0 +1,195 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
//関数呼び出し
//- Base64_mime
require('../../function/function.php');
//投稿及び返信レート制限↓(分):デフォで60件/分まで
$max_ueuse_rate_limit = 60;
$mojisizefile = "../../server/textsize.txt";
$banurldomainfile = "../../server/banurldomain.txt";
$banurl_info = file_get_contents($banurldomainfile);
$banurl = preg_split("/\r\n|\n|\r/", $banurl_info);
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
function decode_yajirushi($postText){
$postText = str_replace('&larr;', '←', $postText);
$postText = str_replace('&darr;', '↓', $postText);
$postText = str_replace('&uarr;', '↑', $postText);
$postText = str_replace('&rarr;', '→', $postText);
return $postText;
}
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if(!(empty($_GET['token']))){
$token = safetext($_GET['token']);
}else{
$post_json = json_decode($Get_Post_Json, true);
if(isset($post_json["token"])){
$token = safetext($post_json["token"]);
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if($token == ""){
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role, follow, follower FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
//本文取得
if(!(empty($_GET['userid']))){
$unfollow_userid = safetext($_GET['userid']);
}elseif(!(empty($post_json["userid"]))){
$unfollow_userid = safetext($post_json["userid"]);
}
if(!(empty($unfollow_userid))){
$DataQuery = $pdo->prepare("SELECT username,userid,follow,follower FROM account WHERE userid = :userid");
$DataQuery->bindValue(':userid', $unfollow_userid);
$DataQuery->execute();
$Follow_userdata = $DataQuery->fetch();
$userid = $userData["userid"];
$myfollowlist = $userData["follow"];
if(!(empty($Follow_userdata))){
if(!($userid == $Follow_userdata['userid'])){
$followerList = explode(',', $Follow_userdata['follower']);
if (in_array($userid, $followerList)) {
// 自分が相手をフォローしている場合、相手のfollowerカラムと自分のfollowカラムを更新
$followerList = array_diff($followerList, array($userid));
$newFollowerList = implode(',', $followerList);
// UPDATE文を実行してフォロー情報を更新
$updateQuery = $pdo->prepare("UPDATE account SET follower = :follower WHERE userid = :userid");
$updateQuery->bindValue(':follower', $newFollowerList, PDO::PARAM_STR);
$updateQuery->bindValue(':userid', $Follow_userdata['userid'], PDO::PARAM_STR);
$res = $updateQuery->execute();
$myflwlist = explode(',', $myfollowlist);
$delfollowList = array_diff($myflwlist, array($Follow_userdata['userid']));
$deluserid = implode(',', $delfollowList);
// 自分のfollowカラムから相手のユーザーIDを削除
$updateQuery = $pdo->prepare("UPDATE account SET follow = :follow WHERE userid = :userid");
$updateQuery->bindValue(':follow', $deluserid, PDO::PARAM_STR);
$updateQuery->bindValue(':userid', $userid, PDO::PARAM_STR);
$res_follow = $updateQuery->execute();
if ($res && $res_follow) {
$response = array(
'userid' => decode_yajirushi(htmlspecialchars_decode($Follow_userdata["userid"])),
'success' => true
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
} else {
$err = "db_error_".$e->getMessage();
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
$stmt = null;
}else{
$err = "already_been_completed";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}else{
$err = "you_cant_it_to_yourself";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}else{
$err = "critical_error_userdata_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
?>
api/v1/index.php
+5
View File
@@ -0,0 +1,5 @@
<?php
$url = "instance";
header("Location:".$url."");
exit;
?>
api/v1/instance.php
+64
View File
@@ -0,0 +1,64 @@
<?php
require("../../function/function.php");
$serversettings_file = "../../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
function decode_yajirushi($postText){
$postText = str_replace('&larr;', '←', $postText);
$postText = str_replace('&darr;', '↓', $postText);
$postText = str_replace('&uarr;', '↑', $postText);
$postText = str_replace('&rarr;', '→', $postText);
return $postText;
}
if(safetext($serversettings["serverinfo"]["server_activitypub"]) === "true"){
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
$mojisizefile = "../../server/textsize.txt";
$adminfile = safetext($serversettings["serverinfo"]["server_admin"]);
$servernamefile = safetext($serversettings["serverinfo"]["server_name"]);
$serverinfofile = '../../server/info.txt';
$serverinfo = safetext(file_get_contents($serverinfofile));
$contactfile = safetext($serversettings["serverinfo"]["server_admin_mailadds"]);
$domain = $_SERVER['HTTP_HOST'];
$softwarefile = "../../server/uwuzuinfo.txt";
$softwaredata = safetext(file_get_contents($softwarefile));
$onlyuser = safetext($serversettings["serverinfo"]["server_invitation"]);
$server_head = safetext($serversettings["serverinfo"]["server_head"]);
$softwaredata = explode( "\n", $softwaredata );
$cnt = count( $softwaredata );
for( $i=0;$i<$cnt;$i++ ){
$uwuzuinfo[$i] = ($softwaredata[$i]);
}
if($onlyuser === "true"){
$openregit = false;
}elseif($onlyuser === "false"){
$openregit = true;
}else{
$openregit = false;
}
$item = array(
"uri" => $domain,
"email" => $contactfile,
"title" => "uwuzu",
"version" =>str_replace("\r", '', $uwuzuinfo[1]),
"thumbnail" => $server_head,
"description" => $serverinfo,
);
echo json_encode($item, JSON_UNESCAPED_UNICODE);
}else{
header("HTTP/1.1 410 Gone");
}
?>