From b39307b6518e60e6f1eaa841ed0f4b01a350027f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E3=81=A0=E3=81=84=E3=81=A1=E3=81=BE=E3=82=8B?= <98202777+Daichimarukana@users.noreply.github.com> Date: Wed, 22 Apr 2026 01:24:23 +0900 Subject: [PATCH] uwuzu v1.6.12 Hapuego --- abi/addabi.php | 175 +++++---- admin/addadmin.php | 92 ++--- api/me/settings/index.php | 298 +++++++-------- api/ueuse/create.php | 158 +++++--- bookmark/bookmark.php | 37 +- css/home.css | 111 ++++-- delete/delete.php | 18 +- favorite/favorite.php | 31 +- function/delete_apitoken.php | 17 +- function/function.php | 554 ++++++++++++++++------------ function/get_customemoji.php | 107 +++--- function/get_userid.php | 99 ++--- function/reuse.php | 79 ++-- function/settings.php | 345 ++++++++--------- function/ueuse.php | 119 +++--- js/view_function.js | 56 +-- migration/index.php | 204 +++++----- new.php | 92 ++--- nextpage/bookmarktimeline.php | 231 ++++++------ nextpage/followtimeline.php | 203 +++++----- nextpage/foryoutimeline.php | 451 +++++++++++----------- nextpage/localtimeline.php | 199 +++++----- nextpage/notification.php | 173 ++++----- nextpage/searchtimeline.php | 301 +++++++-------- nextpage/ueusetimeline.php | 223 +++++------ nextpage/userliketimeline.php | 209 +++++------ nextpage/usermediatimeline.php | 203 +++++----- nextpage/usertimeline.php | 346 ++++++++--------- server/uwuzuabout.txt | 7 +- server/uwuzuinfo.txt | 4 +- server/uwuzurelease.txt | 11 + settings_admin/api/code_delete.php | 63 ++-- settings_admin/api/update_query.php | 101 ++--- settings_admin/overview_admin.php | 76 ++-- update.json | 37 +- uwuzu_error_code.txt | 5 + 36 files changed, 2851 insertions(+), 2584 deletions(-) diff --git a/abi/addabi.php b/abi/addabi.php index cee4b52..bf30f3e 100644 --- a/abi/addabi.php +++ b/abi/addabi.php @@ -11,6 +11,18 @@ require('../db.php'); require("../function/function.php"); blockedIP($_SERVER['REMOTE_ADDR']); +$pdo = null; +try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option); +} catch(PDOException $e) { + // 接続エラーのときエラー内容を取得する + $error_message[] = $e->getMessage(); +} + if (safetext(isset($_POST['uniqid'])) && safetext(isset($_POST['abitext'])) && safetext(isset($_POST['userid'])) && safetext(isset($_POST['account_id'])) && safetext(isset($_COOKIE['loginkey']))) { $userid = safetext($_POST['userid']); @@ -23,113 +35,100 @@ if (safetext(isset($_POST['uniqid'])) && safetext(isset($_POST['abitext'])) && s if ($is_login === false) { echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; - } + }elseif(is_sameUserid($userid, $is_login["userid"]) === true){ + $abidate = date("Y-m-d H:i:s"); - $abidate = date("Y-m-d H:i:s"); + $query = $pdo->prepare('SELECT * FROM ueuse WHERE uniqid = :uniqid limit 1'); - // データベース接続の設定 - $dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, - PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true, - )); + $query->execute(array(':uniqid' => $postUniqid)); - $query = $dbh->prepare('SELECT * FROM ueuse WHERE uniqid = :uniqid limit 1'); + $result = $query->fetch(); - $query->execute(array(':uniqid' => $postUniqid)); + if($result["account"] === $userid){ + $query = $pdo->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); - $result = $query->fetch(); + $query->execute(array(':userid' => $userid)); - if($result["account"] === $userid){ - // データベース接続の設定 - $dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, - PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true, - )); + $result2 = $query->fetch(); - $query = $dbh->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); - - $query->execute(array(':userid' => $userid)); - - $result2 = $query->fetch(); - - if($result2["loginid"] === $loginid){ - if($result["abi"] == "none" && (!($result2["role"] == "ice"))){ - // 文字数を確認 - if( (int)safetext(file_get_contents($mojisizefile)) < mb_strlen(str_replace("\r\n", "\n", $abitext), 'UTF-8') ) { - $err = "content_to_".safetext(file_get_contents($mojisizefile))."_characters"; - $response = array( - 'error_code' => $err, - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - // 禁止url確認 - if(!(empty($banurl))){ - for($i = 0; $i < count($banurl); $i++) { - if (false !== strpos($abitext, 'https://'.$banurl[$i])) { - $err = "contains_prohibited_url"; - $response = array( - 'error_code' => $err, - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; + if($result2["loginid"] === $loginid){ + if($result["abi"] == "none" && (!($result2["role"] == "ice"))){ + // 文字数を確認 + if( (int)safetext(file_get_contents($mojisizefile)) < mb_strlen(str_replace("\r\n", "\n", $abitext), 'UTF-8') ) { + $err = "content_to_".safetext(file_get_contents($mojisizefile))."_characters"; + $response = array( + 'error_code' => $err, + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } + // 禁止url確認 + if(!(empty($banurl))){ + for($i = 0; $i < count($banurl); $i++) { + if (false !== strpos($abitext, 'https://'.$banurl[$i])) { + $err = "contains_prohibited_url"; + $response = array( + 'error_code' => $err, + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } } } - } - - - try { - $pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS); - - $pdo->beginTransaction(); - - $stmt = $pdo->prepare("UPDATE ueuse SET abi = :abi, abidate = :abidate WHERE uniqid = :uniqid AND account = :userid"); - $stmt->bindValue(':abi', $abitext, PDO::PARAM_STR); - $stmt->bindValue(':abidate', $abidate, PDO::PARAM_STR); - $stmt->bindValue(':uniqid', $postUniqid, PDO::PARAM_STR); - - $stmt->bindValue(':userid', $userid, PDO::PARAM_STR); - // SQLクエリの実行 - $res = $stmt->execute(); - // コミット - $pdo->commit(); + try { + $pdo->beginTransaction(); - $mentionedUsers = get_mentions_userid($abitext); + $stmt = $pdo->prepare("UPDATE ueuse SET abi = :abi, abidate = :abidate WHERE uniqid = :uniqid AND account = :userid"); + $stmt->bindValue(':abi', $abitext, PDO::PARAM_STR); + $stmt->bindValue(':abidate', $abidate, PDO::PARAM_STR); + $stmt->bindValue(':uniqid', $postUniqid, PDO::PARAM_STR); - foreach ($mentionedUsers as $mentionedUser) { - $touserid = safetext($mentionedUser); - $datetime = date("Y-m-d H:i:s"); - $msg = safetext("" . $abitext . ""); - $title = safetext("" . $result2["username"] . "さんにメンションされました!"); - $url = safetext("/!" . $postUniqid . "~" . $userid . ""); - $userchk = 'none'; - $category = 'mention'; - - send_notification($touserid,$userid,$title,$msg,$url,$category); - } + $stmt->bindValue(':userid', $userid, PDO::PARAM_STR); + + // SQLクエリの実行 + $res = $stmt->execute(); - if ($res) { - echo json_encode(['success' => true]); - exit; - } else { - echo json_encode(['success' => false, 'error' => '追加に失敗しました。']); + // コミット + $pdo->commit(); + + $mentionedUsers = get_mentions_userid($abitext); + + foreach ($mentionedUsers as $mentionedUser) { + $touserid = safetext($mentionedUser); + $datetime = date("Y-m-d H:i:s"); + $msg = safetext("" . $abitext . ""); + $title = safetext("" . $result2["username"] . "さんにメンションされました!"); + $url = safetext("/!" . $postUniqid . "~" . $userid . ""); + $userchk = 'none'; + $category = 'mention'; + + send_notification($touserid,$userid,$title,$msg,$url,$category); + } + + if ($res) { + echo json_encode(['success' => true]); + exit; + } else { + echo json_encode(['success' => false, 'error' => '追加に失敗しました。']); + exit; + } + } catch(PDOException $e) { + echo json_encode(['success' => false, 'error' => 'データベースエラー:' . $e->getMessage()]); exit; } - } catch(PDOException $e) { - echo json_encode(['success' => false, 'error' => 'データベースエラー:' . $e->getMessage()]); - exit; + }else{ + echo json_encode(['success' => false, 'error' => 'すでに追記済みです。']); + exit; } - }else{ - echo json_encode(['success' => false, 'error' => 'すでに追記済みです。']); - exit; - } - + + } } + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } } ?> diff --git a/admin/addadmin.php b/admin/addadmin.php index 73af838..087dfec 100644 --- a/admin/addadmin.php +++ b/admin/addadmin.php @@ -142,15 +142,7 @@ if( !empty($_POST['btn_submit']) ) { if ($result) { $iconName = $uploadedPath; } else { - $errnum = $uploadedFile['error']; - if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} - if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} - if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} - if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} - if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} - if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} - if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} - $error_message[] = 'アップロード失敗!(1)エラーコード:' .$uploadedFile['error'].''; + $error_message[] = 'アップロード失敗!(1)エラーコード: ERROR'; } } if(isset($s3result)){ @@ -162,47 +154,45 @@ if( !empty($_POST['btn_submit']) ) { } } else { $uploadedFile = $_FILES['image']; - if(!(empty($uploadedFile['tmp_name']))){ - if(check_mime($uploadedFile['tmp_name'])){ - $extension = convert_mime(check_mime($uploadedFile['tmp_name'])); - delete_exif($extension, $uploadedFile['tmp_name']); - resizeImage($uploadedFile['tmp_name'], 512, 512); + $beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/../usericons/'); + if($beforeUploadError === null){ + if(!(empty($uploadedFile['tmp_name']))){ + if(check_mime($uploadedFile['tmp_name'])){ + $extension = convert_mime(check_mime($uploadedFile['tmp_name'])); + delete_exif($extension, $uploadedFile['tmp_name']); + resizeImage($uploadedFile['tmp_name'], 512, 512); - if(AMS3_CHKS == "true"){ - $s3result = uploadAmazonS3($uploadedFile['tmp_name']); + if(AMS3_CHKS == "true"){ + $s3result = uploadAmazonS3($uploadedFile['tmp_name']); + }else{ + if(check_mime($uploadedFile['tmp_name']) == "image/webp"){ + $newFilename = createUniqId() . '-'.$userid.'.webp'; + }else{ + $newFilename = createUniqId() . '-'.$userid.'.' . $extension; + } + $uploadedPath = 'usericons/' . $newFilename; + $result = move_uploaded_file($uploadedFile['tmp_name'], "../".$uploadedPath); + + if ($result) { + $iconName = $uploadedPath; // 保存されたファイルのパスを使用 + } else { + $beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/../usericons/') ?? "ERROR"; + $error_message[] = 'アップロード失敗!(1)エラーコード:' .$beforeUploadError.''; + } + } + if(isset($s3result)){ + if($s3result == false){ + $error_message[] = 'アップロード失敗!(1)エラーコード: S3ERROR'; + }else{ + $iconName = $s3result; // S3に保存されたファイルのパスを使用 + } + } }else{ - if(check_mime($uploadedFile['tmp_name']) == "image/webp"){ - $newFilename = createUniqId() . '-'.$userid.'.webp'; - }else{ - $newFilename = createUniqId() . '-'.$userid.'.' . $extension; - } - $uploadedPath = 'usericons/' . $newFilename; - $result = move_uploaded_file($uploadedFile['tmp_name'], "../".$uploadedPath); - - if ($result) { - $iconName = $uploadedPath; // 保存されたファイルのパスを使用 - } else { - $errnum = $uploadedFile['error']; - if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} - if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} - if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} - if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} - if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} - if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} - if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} - $error_message[] = 'アップロード失敗!(1)エラーコード:' .$errcode.''; - } + $error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)"; } - if(isset($s3result)){ - if($s3result == false){ - $error_message[] = 'アップロード失敗!(1)エラーコード: S3ERROR'; - }else{ - $iconName = $s3result; // S3に保存されたファイルのパスを使用 - } - } - }else{ - $error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)"; } + }else{ + $error_message[] = 'アップロード失敗!(1)エラーコード:' .$beforeUploadError.''; } } @@ -218,15 +208,7 @@ if( !empty($_POST['btn_submit']) ) { if ($result) { $headName = $uploadedPath; } else { - $errnum = $uploadedFile['error']; - if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} - if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} - if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} - if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} - if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} - if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} - if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} - $error_message[] = 'アップロード失敗!(2)エラーコード:' .$uploadedFile['error'].''; + $error_message[] = 'アップロード失敗!(1)エラーコード: ERROR'; } } if(isset($s3result)){ diff --git a/api/me/settings/index.php b/api/me/settings/index.php index 839ad65..3e686aa 100644 --- a/api/me/settings/index.php +++ b/api/me/settings/index.php @@ -111,18 +111,30 @@ if (isset($_GET['token']) || (!(empty($Get_Post_Json)))) { if (!(empty($post_json["icon"]))) { - $imageData = base64_decode($post_json["icon"], true); + $iconBase64 = $post_json["icon"]; - $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_' . createUniqId()); - file_put_contents($tmpFilePath, $imageData); + if (strpos($iconBase64, ',') !== false) { + $iconBase64 = explode(',', $iconBase64)[1]; + } - $IconFiles = [ - 'name' => 'upload.png', - 'type' => check_mime($tmpFilePath), - 'tmp_name' => $tmpFilePath, - 'error' => UPLOAD_ERR_OK, - 'size' => strlen($imageData), - ]; + $imageData = base64_decode($iconBase64, true); + + if ($imageData === false) { + $error_message[] = 'Base64のデコードに失敗しました!(base64_decode_failed)'; + } else { + $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_' . createUniqId()); + file_put_contents($tmpFilePath, $imageData); + + clearstatcache(true, $tmpFilePath); + + $IconFiles = [ + 'name' => 'upload.png', + 'type' => check_mime($tmpFilePath), + 'tmp_name' => $tmpFilePath, + 'error' => UPLOAD_ERR_OK, + 'size' => filesize($tmpFilePath), + ]; + } } else { $IconFiles = array(); } @@ -131,85 +143,55 @@ if (isset($_GET['token']) || (!(empty($Get_Post_Json)))) { if (isset($IconFiles)) { if (!(empty($IconFiles['name']))) { $uploadedFile = $IconFiles; - if (check_mime($uploadedFile['tmp_name'])) { - $extension = pathinfo($uploadedFile['name'], PATHINFO_EXTENSION); - delete_exif($extension, $uploadedFile['tmp_name']); - resizeImage($uploadedFile['tmp_name'], 512, 512); + $beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/../../../usericons/'); + if($beforeUploadError === null){ + if (check_mime($uploadedFile['tmp_name'])) { + $extension = pathinfo($uploadedFile['name'], PATHINFO_EXTENSION); + delete_exif($extension, $uploadedFile['tmp_name']); + resizeImage($uploadedFile['tmp_name'], 512, 512); - if (AMS3_CHKS == "true") { - $usericonurl = getUserData($pdo, $userid)["iconname"]; - if (filter_var($usericonurl, FILTER_VALIDATE_URL)) { - $s3delresult = deleteAmazonS3($usericonurl); + if (AMS3_CHKS == "true") { + $usericonurl = getUserData($pdo, $userid)["iconname"]; + if (filter_var($usericonurl, FILTER_VALIDATE_URL)) { + $s3delresult = deleteAmazonS3($usericonurl); + } else { + $s3delresult = true; + } + if ($s3delresult == true) { + $s3result = uploadAmazonS3($uploadedFile['tmp_name']); + } else { + $s3result = false; + } } else { - $s3delresult = true; + if (check_mime($uploadedFile['tmp_name']) == "image/webp") { + $newFilename = createUniqId() . '-' . $userid . '.webp'; + } else { + $newFilename = createUniqId() . '-' . $userid . '.' . $extension; + } + $uploadedPath = 'usericons/' . $newFilename; + $result = rename($uploadedFile['tmp_name'], __DIR__ . '/../../../' . $uploadedPath); + + if ($result) { + $iconName = $uploadedPath; // 保存されたファイルのパスを使用 + $currentIconPath = getUserData($pdo, $userid)["iconname"]; + } else { + $beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/../../../usericons/') ?? "ERROR"; + $error_message[] = 'アップロード失敗!(1)エラーコード:' .$beforeUploadError.''; + } } - if ($s3delresult == true) { - $s3result = uploadAmazonS3($uploadedFile['tmp_name']); - } else { - $s3result = false; + if (isset($s3result)) { + if ($s3result == false) { + $error_message[] = 'アップロード失敗!(1)エラーコード: S3ERROR'; + } else { + $iconName = $s3result; // S3に保存されたファイルのパスを使用 + $currentIconPath = getUserData($pdo, $userid)["iconname"]; + } } } else { - if (check_mime($uploadedFile['tmp_name']) == "image/webp") { - $newFilename = createUniqId() . '-' . $userid . '.webp'; - } else { - $newFilename = createUniqId() . '-' . $userid . '.' . $extension; - } - $uploadedPath = 'usericons/' . $newFilename; - $result = rename($uploadedFile['tmp_name'], __DIR__ . '/../../../' . $uploadedPath); - - if ($result) { - $iconName = $uploadedPath; // 保存されたファイルのパスを使用 - $currentIconPath = getUserData($pdo, $userid)["iconname"]; - } else { - $errnum = $uploadedFile['error']; - $errcode = "ERROR"; - - switch ($errnum) { - case 1: - $errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN"; - break; - case 2: - $errcode = "FILE_DEKASUGUI_HTML_KAKUNIN"; - break; - case 3: - $errcode = "FILE_SUKOSHIDAKE_UPLOAD"; - break; - case 4: - $errcode = "FILE_UPLOAD_DEKINAKATTA"; - break; - case 6: - $errcode = "TMP_FOLDER_NAI"; - break; - case 7: - $errcode = "FILE_KAKIKOMI_SIPPAI"; - break; - case 8: - $errcode = "PHPINFO()_KAKUNIN"; - break; - case 0: - // 成功だったのに move_uploaded_file() が失敗した - if (!is_uploaded_file($uploadedFile['tmp_name'])) { - $errcode = "TMP_FILE_NAI"; - } elseif (!is_writable(__DIR__ . '/../../../usericons/')) { - $errcode = "SAVE_FOLDER_KAKIKOMI_KENNAI"; - } else { - $errcode = "MOVE_UPLOAD_FILE_SIPPAI"; - } - break; - } - $error_message[] = 'アップロード失敗!(1)エラーコード:' . $errcode . ''; - } + $error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)"; } - if (isset($s3result)) { - if ($s3result == false) { - $error_message[] = 'アップロード失敗!(1)エラーコード: S3ERROR'; - } else { - $iconName = $s3result; // S3に保存されたファイルのパスを使用 - $currentIconPath = getUserData($pdo, $userid)["iconname"]; - } - } - } else { - $error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)"; + }else{ + $error_message[] = 'アップロード失敗!(1)エラーコード:' .$beforeUploadError.''; } } } @@ -217,107 +199,87 @@ if (isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $add_sql[] = "iconname = :iconname"; } - if (!(empty($post_json["header"]))) { - $imageData = base64_decode($post_json["header"], true); + $headerBase64 = $post_json["header"]; - $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_' . createUniqId()); - file_put_contents($tmpFilePath, $imageData); + if (strpos($headerBase64, ',') !== false) { + $headerBase64 = explode(',', $headerBase64)[1]; + } - $HeadFiles = [ - 'name' => 'upload.png', - 'type' => check_mime($tmpFilePath), - 'tmp_name' => $tmpFilePath, - 'error' => UPLOAD_ERR_OK, - 'size' => strlen($imageData), - ]; + $imageData = base64_decode($headerBase64, true); + + if ($imageData === false) { + $error_message[] = 'Base64のデコードに失敗しました!(base64_decode_failed)'; + } else { + $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_' . createUniqId()); + file_put_contents($tmpFilePath, $imageData); + + clearstatcache(true, $tmpFilePath); + + $HeadFiles = [ + 'name' => 'upload.png', + 'type' => check_mime($tmpFilePath), + 'tmp_name' => $tmpFilePath, + 'error' => UPLOAD_ERR_OK, + 'size' => filesize($tmpFilePath), + ]; + } } else { $HeadFiles = array(); } - if (isset($HeadFiles)) { if (!(empty($HeadFiles['name']))) { $uploadedFile = $HeadFiles; - if (check_mime($uploadedFile['tmp_name'])) { - $extension = pathinfo($uploadedFile['name'], PATHINFO_EXTENSION); - delete_exif($extension, $uploadedFile['tmp_name']); - resizeImage($uploadedFile['tmp_name'], 2048, 1024); + $beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/../../../userheads/'); + if($beforeUploadError === null){ + if (check_mime($uploadedFile['tmp_name'])) { + $extension = pathinfo($uploadedFile['name'], PATHINFO_EXTENSION); + delete_exif($extension, $uploadedFile['tmp_name']); + resizeImage($uploadedFile['tmp_name'], 2048, 1024); - if (AMS3_CHKS == "true") { - $userheadurl = getUserData($pdo, $userid)["headname"]; - if (filter_var($userheadurl, FILTER_VALIDATE_URL)) { - $s3delresult = deleteAmazonS3($userheadurl); + if (AMS3_CHKS == "true") { + $userheadurl = getUserData($pdo, $userid)["headname"]; + if (filter_var($userheadurl, FILTER_VALIDATE_URL)) { + $s3delresult = deleteAmazonS3($userheadurl); + } else { + $s3delresult = true; + } + if ($s3delresult == true) { + $s3result = uploadAmazonS3($uploadedFile['tmp_name']); + } else { + $s3result = false; + } } else { - $s3delresult = true; + if (check_mime($uploadedFile['tmp_name']) == "image/webp") { + $newFilename = createUniqId() . '-' . $userid . '.webp'; + } else { + $newFilename = createUniqId() . '-' . $userid . '.' . $extension; + } + $uploadedPath = 'userheads/' . $newFilename; + $result = rename($uploadedFile['tmp_name'], __DIR__ . '/../../../' . $uploadedPath); + + if ($result) { + $headName = $uploadedPath; // 保存されたファイルのパスを使用 + $currentHeadPath = getUserData($pdo, $userid)["headname"]; + } else { + $beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/../../../userheads/') ?? "ERROR"; + $error_message[] = 'アップロード失敗!(1)エラーコード:' .$beforeUploadError.''; + } } - if ($s3delresult == true) { - $s3result = uploadAmazonS3($uploadedFile['tmp_name']); - } else { - $s3result = false; + if (isset($s3result)) { + if ($s3result == false) { + $error_message[] = 'アップロード失敗!(2)エラーコード: S3ERROR'; + } else { + $headName = $s3result; // S3に保存されたファイルのパスを使用 + $currentHeadPath = getUserData($pdo, $userid)["headname"]; + } } } else { - if (check_mime($uploadedFile['tmp_name']) == "image/webp") { - $newFilename = createUniqId() . '-' . $userid . '.webp'; - } else { - $newFilename = createUniqId() . '-' . $userid . '.' . $extension; - } - $uploadedPath = 'userheads/' . $newFilename; - $result = rename($uploadedFile['tmp_name'], __DIR__ . '/../../../' . $uploadedPath); - - if ($result) { - $headName = $uploadedPath; // 保存されたファイルのパスを使用 - $currentHeadPath = getUserData($pdo, $userid)["headname"]; - } else { - $errnum = $uploadedFile['error']; - $errcode = "ERROR"; - - switch ($errnum) { - case 1: - $errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN"; - break; - case 2: - $errcode = "FILE_DEKASUGUI_HTML_KAKUNIN"; - break; - case 3: - $errcode = "FILE_SUKOSHIDAKE_UPLOAD"; - break; - case 4: - $errcode = "FILE_UPLOAD_DEKINAKATTA"; - break; - case 6: - $errcode = "TMP_FOLDER_NAI"; - break; - case 7: - $errcode = "FILE_KAKIKOMI_SIPPAI"; - break; - case 8: - $errcode = "PHPINFO()_KAKUNIN"; - break; - case 0: - // 成功だったのに move_uploaded_file() が失敗した - if (!is_uploaded_file($uploadedFile['tmp_name'])) { - $errcode = "TMP_FILE_NAI"; - } elseif (!is_writable(__DIR__ . '/../../../usericons/')) { - $errcode = "SAVE_FOLDER_KAKIKOMI_KENNAI"; - } else { - $errcode = "MOVE_UPLOAD_FILE_SIPPAI"; - } - break; - } - $error_message[] = 'アップロード失敗!(2)エラーコード:' . $errcode . ''; - } + $error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)"; } - if (isset($s3result)) { - if ($s3result == false) { - $error_message[] = 'アップロード失敗!(2)エラーコード: S3ERROR'; - } else { - $headName = $s3result; // S3に保存されたファイルのパスを使用 - $currentHeadPath = getUserData($pdo, $userid)["headname"]; - } - } - } else { - $error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)"; + }else{ + $error_message[] = 'アップロード失敗!(2)エラーコード:' .$beforeUploadError.''; } } } diff --git a/api/ueuse/create.php b/api/ueuse/create.php index 69ff998..8ea436f 100644 --- a/api/ueuse/create.php +++ b/api/ueuse/create.php @@ -117,69 +117,117 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { } if(!(empty($post_json["image1"]))){ - $imageData = base64_decode($post_json["image1"],true); - - $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId()); - file_put_contents($tmpFilePath, $imageData); - - $Img1Files = [ - 'name' => 'upload.png', - 'type' => check_mime($tmpFilePath), - 'tmp_name' => $tmpFilePath, - 'error' => UPLOAD_ERR_OK, - 'size' => strlen($imageData), - ]; + $imageBase64 = $post_json["image1"]; + + if (strpos($imageBase64, ',') !== false) { + $imageBase64 = explode(',', $imageBase64)[1]; + } + + $imageData = base64_decode($imageBase64, true); + + if ($imageData === false) { + $error_message[] = 'Base64のデコードに失敗しました!(base64_decode_failed)'; + } else { + $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_' . createUniqId()); + file_put_contents($tmpFilePath, $imageData); + + clearstatcache(true, $tmpFilePath); + + $Img1Files = [ + 'name' => 'upload.png', + 'type' => check_mime($tmpFilePath), + 'tmp_name' => $tmpFilePath, + 'error' => UPLOAD_ERR_OK, + 'size' => filesize($tmpFilePath), + ]; + } } else { $Img1Files = array(); } if(!(empty($post_json["image2"]))){ - $imageData = base64_decode($post_json["image2"],true); - - $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId()); - file_put_contents($tmpFilePath, $imageData); - - $Img2Files = [ - 'name' => 'upload.png', - 'type' => check_mime($tmpFilePath), - 'tmp_name' => $tmpFilePath, - 'error' => UPLOAD_ERR_OK, - 'size' => strlen($imageData), - ]; + $imageBase64 = $post_json["image2"]; + + if (strpos($imageBase64, ',') !== false) { + $imageBase64 = explode(',', $imageBase64)[1]; + } + + $imageData = base64_decode($imageBase64, true); + + if ($imageData === false) { + $error_message[] = 'Base64のデコードに失敗しました!(base64_decode_failed)'; + } else { + $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_' . createUniqId()); + file_put_contents($tmpFilePath, $imageData); + + clearstatcache(true, $tmpFilePath); + + $Img2Files = [ + 'name' => 'upload.png', + 'type' => check_mime($tmpFilePath), + 'tmp_name' => $tmpFilePath, + 'error' => UPLOAD_ERR_OK, + 'size' => filesize($tmpFilePath), + ]; + } } else { $Img2Files = array(); } if(!(empty($post_json["image3"]))){ - $imageData = base64_decode($post_json["image3"],true); - - $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId()); - file_put_contents($tmpFilePath, $imageData); - - $Img3Files = [ - 'name' => 'upload.png', - 'type' => check_mime($tmpFilePath), - 'tmp_name' => $tmpFilePath, - 'error' => UPLOAD_ERR_OK, - 'size' => strlen($imageData), - ]; + $imageBase64 = $post_json["image3"]; + + if (strpos($imageBase64, ',') !== false) { + $imageBase64 = explode(',', $imageBase64)[1]; + } + + $imageData = base64_decode($imageBase64, true); + + if ($imageData === false) { + $error_message[] = 'Base64のデコードに失敗しました!(base64_decode_failed)'; + } else { + $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_' . createUniqId()); + file_put_contents($tmpFilePath, $imageData); + + clearstatcache(true, $tmpFilePath); + + $Img3Files = [ + 'name' => 'upload.png', + 'type' => check_mime($tmpFilePath), + 'tmp_name' => $tmpFilePath, + 'error' => UPLOAD_ERR_OK, + 'size' => filesize($tmpFilePath), + ]; + } } else { $Img3Files = array(); } if(!(empty($post_json["image4"]))){ - $imageData = base64_decode($post_json["image4"],true); - - $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId()); - file_put_contents($tmpFilePath, $imageData); - - $Img4Files = [ - 'name' => 'upload.png', - 'type' => check_mime($tmpFilePath), - 'tmp_name' => $tmpFilePath, - 'error' => UPLOAD_ERR_OK, - 'size' => strlen($imageData), - ]; + $imageBase64 = $post_json["image4"]; + + if (strpos($imageBase64, ',') !== false) { + $imageBase64 = explode(',', $imageBase64)[1]; + } + + $imageData = base64_decode($imageBase64, true); + + if ($imageData === false) { + $error_message[] = 'Base64のデコードに失敗しました!(base64_decode_failed)'; + } else { + $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_' . createUniqId()); + file_put_contents($tmpFilePath, $imageData); + + clearstatcache(true, $tmpFilePath); + + $Img4Files = [ + 'name' => 'upload.png', + 'type' => check_mime($tmpFilePath), + 'tmp_name' => $tmpFilePath, + 'error' => UPLOAD_ERR_OK, + 'size' => filesize($tmpFilePath), + ]; + } } else { $Img4Files = array(); } @@ -193,8 +241,18 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $video1 = array(); - $ueuse_result = send_ueuse($userData["userid"],$replyid,$reuseid,$ueuse,$Img1Files,$Img2Files,$Img3Files,$Img4Files,$video1,$nsfw,$isAIBWM, "../"); - + if(empty($error_message)){ + $ueuse_result = send_ueuse($userData["userid"],$replyid,$reuseid,$ueuse,$Img1Files,$Img2Files,$Img3Files,$Img4Files,$video1,$nsfw,$isAIBWM, "../"); + }else{ + $err = $error_message; + $response = array( + 'error_code' => $err, + 'success' => false + ); + + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } if($ueuse_result[0] == true){ $response = array( diff --git a/bookmark/bookmark.php b/bookmark/bookmark.php index efdcb8c..185890e 100644 --- a/bookmark/bookmark.php +++ b/bookmark/bookmark.php @@ -14,27 +14,19 @@ if (safetext(isset($_POST['uniqid'])) && safetext(isset($_POST['userid'])) && sa if ($is_login === false) { echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; - } + }elseif(is_sameUserid($userId, $is_login["userid"]) === true){ + try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); + } catch (PDOException $e) { + // 接続エラーのときエラー内容を取得する + $error_message[] = $e->getMessage(); + } - try { - $option = array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::MYSQL_ATTR_MULTI_STATEMENTS => false - ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); - } catch (PDOException $e) { - // 接続エラーのときエラー内容を取得する - $error_message[] = $e->getMessage(); - } - - // データベース接続の設定 - $dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, - PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true, - )); - - $query = $dbh->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); + $query = $pdo->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); $query->execute(array(':userid' => $userId)); @@ -99,6 +91,11 @@ if (safetext(isset($_POST['uniqid'])) && safetext(isset($_POST['userid'])) && sa exit; } } + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; + } + } else { echo json_encode(['success' => false, 'error' => '必要なパラメータが提供されていません。']); exit; diff --git a/css/home.css b/css/home.css index f8abb51..77cebd7 100644 --- a/css/home.css +++ b/css/home.css @@ -1395,6 +1395,19 @@ main h1 { font-weight: bold; } +.ueuse .chotto_small { + line-height: 16px; + overflow-wrap: break-word; + margin-top: auto; + margin-bottom: auto; + margin-left: 0px; + font-size: 12px; + color: var(--text-color); + text-decoration: none; + font-family: var(--Text-fonts), sans-serif; + font-weight: normal; +} + .ueuse p img { margin-top: auto; margin-bottom: auto; @@ -4700,6 +4713,48 @@ label>input { opacity: 1; } +.notification .codeblock { + width: calc(100% - 12px); + margin-left: 0px; + margin-right: 0px; + padding-left: 6px; + padding-right: 6px; + padding-top: 3px; + padding-bottom: 3px; + background-color: #DDDDDD; + color: #323232; + border-radius: 5px; + font-size: calc(100% - 2px); + text-decoration: none; + font-family: var(--Mono-fonts), sans-serif; + font-weight: bold; + vertical-align: top; +} + +.notification .codeblock code { + white-space: pre-wrap; + word-break: break-word; +} + +.notification .unixtime { + width: fit-content; + margin-left: 4px; + margin-right: 4px; + padding-left: 6px; + padding-right: 6px; + padding-top: 3px; + padding-bottom: 3px; + background-color: #F5F5F5; + border: solid 1px #CCC; + color: #323232; + border-radius: 25px; + font-size: calc(100% - 2px); + text-decoration: none; + font-family: var(--Mono-fonts), sans-serif; + font-weight: bold; + vertical-align: top; +} + .notification h1 { overflow-wrap: break-word; margin-top: auto; @@ -4791,6 +4846,19 @@ label>input { font-weight: bold; } +.notification .chotto_small { + line-height: 16px; + overflow-wrap: break-word; + margin-top: auto; + margin-bottom: auto; + margin-left: 0px; + font-size: 12px; + color: var(--text-color); + text-decoration: none; + font-family: var(--Text-fonts), sans-serif; + font-weight: normal; +} + .notification p img { margin-top: auto; margin-bottom: auto; @@ -8410,11 +8478,11 @@ noscript .noscript_modal .inner .center_text p { } .ueuse p { - color: var(--background-color); + color: var(--dark-text-color); } .ru a p { - color: var(--background-color); + color: var(--dark-text-color); } .ueuse .inline { @@ -8444,25 +8512,29 @@ noscript .noscript_modal .inner .center_text p { .ueuse h1 { - color: var(--background-color); + color: var(--dark-text-color); } .ueuse h2 { - color: var(--background-color); + color: var(--dark-text-color); } .ueuse h3 { - color: var(--background-color); + color: var(--dark-text-color); } .ueuse center { - color: var(--background-color); + color: var(--dark-text-color); } .ueuse a { color: var(--main-color); } + .ueuse .chotto_small { + color: var(--dark-text-color); + } + .ueuse .flebox .time { color: var(--dark-subtext-color); } @@ -9188,21 +9260,8 @@ noscript .noscript_modal .inner .center_text p { } .notification .inline { - width: fit-content; - margin-left: 4px; - margin-right: 4px; - padding-left: 6px; - padding-right: 6px; - padding-top: 3px; - padding-bottom: 3px; - background-color: #DDDDDD; - color: #323232; - border-radius: 5px; - font-size: calc(100% - 2px); - text-decoration: none; - font-family: var(--Mono-fonts), sans-serif; - font-weight: bold; - vertical-align: top; + background-color: #323232; + color: #F5F5F5; } .notification h1 { @@ -9263,6 +9322,16 @@ noscript .noscript_modal .inner .center_text p { color: var(--main-color); } + .notification .chotto_small { + color: var(--dark-text-color); + } + + .notification .unixtime { + background-color: #323232; + border: solid 1px #CCC; + color: #F5F5F5; + } + .tokonone p { color: var(--dark-subtext-color); } diff --git a/delete/delete.php b/delete/delete.php index 940bce4..fd10056 100644 --- a/delete/delete.php +++ b/delete/delete.php @@ -14,15 +14,17 @@ if (safetext(isset($_POST['uniqid'])) && safetext(isset($_POST['userid'])) && sa if ($is_login === false) { echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; - } - - - $result = delete_ueuse($postUniqid, $postUserid, $loginid); - if($result[0] === true){ - echo json_encode(['success' => true]); - exit; + }elseif(is_sameUserid($postUserid, $is_login["userid"]) === true){ + $result = delete_ueuse($postUniqid, $postUserid, $loginid); + if($result[0] === true){ + echo json_encode(['success' => true]); + exit; + }else{ + echo json_encode(['success' => false, 'error' => '削除に失敗しました。']); + exit; + } }else{ - echo json_encode(['success' => false, 'error' => '削除に失敗しました。']); + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; } }else{ diff --git a/favorite/favorite.php b/favorite/favorite.php index a00085c..6d57404 100644 --- a/favorite/favorite.php +++ b/favorite/favorite.php @@ -14,18 +14,17 @@ if (safetext(isset($_POST['uniqid'])) && safetext(isset($_POST['userid'])) && sa if ($is_login === false) { echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; - } - - try { - $option = array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::MYSQL_ATTR_MULTI_STATEMENTS => false - ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); - } catch (PDOException $e) { - // 接続エラーのときエラー内容を取得する - $error_message[] = $e->getMessage(); - } + }elseif(is_sameUserid($userId, $is_login["userid"]) === true){ + try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); + } catch (PDOException $e) { + // 接続エラーのときエラー内容を取得する + $error_message[] = $e->getMessage(); + } // データベース接続の設定 $query = $pdo->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); @@ -45,8 +44,12 @@ if (safetext(isset($_POST['uniqid'])) && safetext(isset($_POST['userid'])) && sa exit; } } - } else { - echo json_encode(['success' => false, 'error' => '必要なパラメータが提供されていません。']); + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; } +} else { + echo json_encode(['success' => false, 'error' => '必要なパラメータが提供されていません。']); + exit; +} ?> diff --git a/function/delete_apitoken.php b/function/delete_apitoken.php index c7d8ac6..d7e195b 100644 --- a/function/delete_apitoken.php +++ b/function/delete_apitoken.php @@ -26,13 +26,16 @@ if (safetext(isset($_POST['uniqid'])) && safetext(isset($_POST['userid'])) && sa if ($is_login === false) { echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; - } - - if(DelAPIToken($pdo, $uniqid)){ - echo json_encode(['success' => true, 'message' => 'アクセストークンが削除されました。']); - exit; - } else { - echo json_encode(['success' => false, 'error' => 'アクセストークンの削除に失敗しました。']); + }elseif(is_sameUserid($userid, $is_login["userid"]) === true){ + if(DelAPIToken($pdo, $uniqid)){ + echo json_encode(['success' => true, 'message' => 'アクセストークンが削除されました。']); + exit; + } else { + echo json_encode(['success' => false, 'error' => 'アクセストークンの削除に失敗しました。']); + exit; + } + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; } } else { diff --git a/function/function.php b/function/function.php index c7e9dc6..9fb5640 100644 --- a/function/function.php +++ b/function/function.php @@ -320,12 +320,14 @@ function uwuzuUserLoginCheck($loginid, $loginkey, $operation_permission = "user" if(hash_equals($loginkey, $userLoginKey)){ if($operation_permission == "admin"){ if($loginResponse["admin"] == "yes"){ - $is_login = true; + // true + $is_login = $loginResponse; }else{ $is_login = false; } }else{ - $is_login = true; + // true + $is_login = $loginResponse; } }else{ $is_login = false; @@ -339,6 +341,9 @@ function uwuzuUserLoginCheck($loginid, $loginkey, $operation_permission = "user" return false; } } +function is_sameUserid($userid_a, $userid_b){ + return strtolower($userid_a) == strtolower($userid_b); +} //---------UNIQID-MAKER--------- function Legacy_createUniqId(){ list($msec, $sec) = explode(" ", microtime()); @@ -424,6 +429,51 @@ function delete_exif($extension, $path){ } //----------EXIF_Delete---------- //----------Check_Extension------ +// アップロードエラーチェッカー +function check_upload_error($uploadedFile, $saveFolder){ + $saveFolder = realpath($saveFolder); + $errcode = null; + $errnum = $uploadedFile["error"]; + switch ($errnum) { + case 1: + $errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN"; + break; + case 2: + $errcode = "FILE_DEKASUGUI_HTML_KAKUNIN"; + break; + case 3: + $errcode = "FILE_SUKOSHIDAKE_UPLOAD"; + break; + case 4: + $errcode = "FILE_UPLOAD_DEKINAKATTA"; + break; + case 6: + $errcode = "TMP_FOLDER_NAI"; + break; + case 7: + $errcode = "FILE_KAKIKOMI_SIPPAI"; + break; + case 8: + $errcode = "PHPINFO()_KAKUNIN"; + break; + case 0: + if(empty($uploadedFile['name'])){ + $errcode = "FILE_NAME_NAI"; + }elseif(empty($uploadedFile['size']) || $uploadedFile['size'] == 0){ + $errcode = "FILE_SIZE_NAI"; + }else{ + if (!file_exists($uploadedFile['tmp_name'])) { + $errcode = "TMP_FILE_NAI"; + } elseif (!is_writable($saveFolder)) { + $errcode = "SAVE_FOLDER_KAKIKOMI_KENNAI"; + } else { + $errcode = null; + } + } + break; + } + return $errcode; +} //ファイル形式チェック(画像かどうか) function check_mime($tmp_name){ $finfo = new finfo(); @@ -1450,56 +1500,53 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$ } else { // アップロードされたファイル情報 $uploadedFile = $photo1; + $beforeUploadError = check_upload_error($uploadedFile, __DIR__."/../ueuseimages/"); + if($beforeUploadError === null){ + if(!(empty($uploadedFile['tmp_name']))){ + if(check_mime($uploadedFile['tmp_name'])){ + // アップロードされたファイルの拡張子を取得 + $extension = convert_mime(check_mime($uploadedFile['tmp_name'])); + delete_exif($extension, $uploadedFile['tmp_name']); + resizeImage($uploadedFile['tmp_name'], 8192, 8192); - if(!(empty($uploadedFile['tmp_name']))){ - if(check_mime($uploadedFile['tmp_name'])){ - // アップロードされたファイルの拡張子を取得 - $extension = convert_mime(check_mime($uploadedFile['tmp_name'])); - delete_exif($extension, $uploadedFile['tmp_name']); - resizeImage($uploadedFile['tmp_name'], 8192, 8192); - - if($aibwm === true){ - AIBlockWaterMark($uploadedFile['tmp_name'], $userid); - } - if(AMS3_CHKS == "true"){ - $s3result = uploadAmazonS3($uploadedFile['tmp_name']); - }else{ - if(check_mime($uploadedFile['tmp_name']) == "image/webp"){ - $extension = 'webp'; + if($aibwm === true){ + AIBlockWaterMark($uploadedFile['tmp_name'], $userid); } - // 新しいファイル名を生成(uniqid + 拡張子) - $newFilename = createUniqId() . '-'.$userid.'.' . $extension; - // 保存先のパスを生成 - $uploadedPath = '../ueuseimages/' . $newFilename; - // ファイルを移動 - $result = move_uploaded_file($uploadedFile['tmp_name'], __DIR__."/".$uploadedPath); - - if ($result) { - $save_photo1 = $uploadedPath; // 保存されたファイルのパスを使用 - } else { - $errnum = $uploadedFile['error']; - if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} - if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} - if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} - if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} - if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} - if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} - if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} - $error_message[] = 'アップロード失敗!(1)エラーコード:' .$errcode.''; - } - } - if(isset($s3result)){ - if($s3result == false){ - $error_message[] = 'アップロード失敗!(1)エラーコード: S3ERROR'; + if(AMS3_CHKS == "true"){ + $s3result = uploadAmazonS3($uploadedFile['tmp_name']); }else{ - $save_photo1 = $s3result; // S3に保存されたファイルのパスを使用 + if(check_mime($uploadedFile['tmp_name']) == "image/webp"){ + $extension = 'webp'; + } + // 新しいファイル名を生成(uniqid + 拡張子) + $newFilename = createUniqId() . '-'.$userid.'.' . $extension; + // 保存先のパスを生成 + $uploadedPath = '../ueuseimages/' . $newFilename; + // ファイルを移動 + $result = rename($uploadedFile['tmp_name'], __DIR__."/".$uploadedPath); + + if ($result) { + $save_photo1 = $uploadedPath; // 保存されたファイルのパスを使用 + } else { + $beforeUploadError = check_upload_error($uploadedFile, __DIR__."/../ueuseimages/") ?? "ERROR"; + $error_message[] = 'アップロード失敗!(1)エラーコード:' .$beforeUploadError.''; + } } + if(isset($s3result)){ + if($s3result == false){ + $error_message[] = 'アップロード失敗!(1)エラーコード: S3ERROR'; + }else{ + $save_photo1 = $s3result; // S3に保存されたファイルのパスを使用 + } + } + }else{ + $error_message[] = "使用できない画像形式です。(SORRY_FILE_HITAIOU)"; } }else{ - $error_message[] = "使用できない画像形式です。(SORRY_FILE_HITAIOU)"; + $error_message[] = "ファイルがアップロードできませんでした。(FILE_UPLOAD_DEKINAKATTA)"; } }else{ - $error_message[] = "ファイルがアップロードできませんでした。(FILE_UPLOAD_DEKINAKATTA)"; + $error_message[] = 'アップロード失敗!(1)エラーコード:' .$beforeUploadError.''; } } @@ -1511,54 +1558,51 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$ } // アップロードされたファイル情報 $uploadedFile2 = $photo2; - - if(!(empty($uploadedFile2['tmp_name']))){ - if(check_mime($uploadedFile2['tmp_name'])){ - // アップロードされたファイルの拡張子を取得 - $extension2 = convert_mime(check_mime($uploadedFile2['tmp_name'])); - delete_exif($extension2, $uploadedFile2['tmp_name']); - resizeImage($uploadedFile2['tmp_name'], 8192, 8192); - if($aibwm === true){ - AIBlockWaterMark($uploadedFile2['tmp_name'], $userid); - } - if(AMS3_CHKS == "true"){ - $s3result = uploadAmazonS3($uploadedFile2['tmp_name']); - }else{ - if(check_mime($uploadedFile2['tmp_name']) == "image/webp"){ - $extension2 = 'webp'; + $beforeUploadError = check_upload_error($uploadedFile2, __DIR__."/../ueuseimages/"); + if($beforeUploadError === null){ + if(!(empty($uploadedFile2['tmp_name']))){ + if(check_mime($uploadedFile2['tmp_name'])){ + // アップロードされたファイルの拡張子を取得 + $extension2 = convert_mime(check_mime($uploadedFile2['tmp_name'])); + delete_exif($extension2, $uploadedFile2['tmp_name']); + resizeImage($uploadedFile2['tmp_name'], 8192, 8192); + if($aibwm === true){ + AIBlockWaterMark($uploadedFile2['tmp_name'], $userid); } - // 新しいファイル名を生成(uniqid + 拡張子) - $newFilename2 = createUniqId() . '-'.$userid.'.' . $extension2; - // 保存先のパスを生成 - $uploadedPath2 = '../ueuseimages/' . $newFilename2; - // ファイルを移動 - $result2 = move_uploaded_file($uploadedFile2['tmp_name'], __DIR__."/".$uploadedPath2); - if ($result2) { - $save_photo2 = $uploadedPath2; // 保存されたファイルのパスを使用 - } else { - $errnum = $uploadedFile2['error']; - if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} - if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} - if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} - if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} - if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} - if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} - if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} - $error_message[] = 'アップロード失敗!(2)エラーコード:' .$errcode.''; - } - } - if(isset($s3result)){ - if($s3result == false){ - $error_message[] = 'アップロード失敗!(2)エラーコード: S3ERROR'; + if(AMS3_CHKS == "true"){ + $s3result = uploadAmazonS3($uploadedFile2['tmp_name']); }else{ - $save_photo2 = $s3result; // S3に保存されたファイルのパスを使用 + if(check_mime($uploadedFile2['tmp_name']) == "image/webp"){ + $extension2 = 'webp'; + } + // 新しいファイル名を生成(uniqid + 拡張子) + $newFilename2 = createUniqId() . '-'.$userid.'.' . $extension2; + // 保存先のパスを生成 + $uploadedPath2 = '../ueuseimages/' . $newFilename2; + // ファイルを移動 + $result2 = rename($uploadedFile2['tmp_name'], __DIR__."/".$uploadedPath2); + if ($result2) { + $save_photo2 = $uploadedPath2; // 保存されたファイルのパスを使用 + } else { + $beforeUploadError = check_upload_error($uploadedFile2, __DIR__."/../ueuseimages/") ?? "ERROR"; + $error_message[] = 'アップロード失敗!(2)エラーコード:' .$beforeUploadError.''; + } } + if(isset($s3result)){ + if($s3result == false){ + $error_message[] = 'アップロード失敗!(2)エラーコード: S3ERROR'; + }else{ + $save_photo2 = $s3result; // S3に保存されたファイルのパスを使用 + } + } + }else{ + $error_message[] = "使用できない画像形式です。(SORRY_FILE_HITAIOU)"; } }else{ - $error_message[] = "使用できない画像形式です。(SORRY_FILE_HITAIOU)"; + $error_message[] = "ファイルがアップロードできませんでした。(FILE_UPLOAD_DEKINAKATTA)"; } }else{ - $error_message[] = "ファイルがアップロードできませんでした。(FILE_UPLOAD_DEKINAKATTA)"; + $error_message[] = 'アップロード失敗!(2)エラーコード:' .$beforeUploadError.''; } } @@ -1570,54 +1614,51 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$ } // アップロードされたファイル情報 $uploadedFile3 = $photo3; - - if(!(empty($uploadedFile3['tmp_name']))){ - if(check_mime($uploadedFile3['tmp_name'])){ - // アップロードされたファイルの拡張子を取得 - $extension3 = convert_mime(check_mime($uploadedFile3['tmp_name'])); - delete_exif($extension3, $uploadedFile3['tmp_name']); - resizeImage($uploadedFile3['tmp_name'], 8192, 8192); - if($aibwm === true){ - AIBlockWaterMark($uploadedFile3['tmp_name'], $userid); - } - if(AMS3_CHKS == "true"){ - $s3result = uploadAmazonS3($uploadedFile3['tmp_name']); - }else{ - if(check_mime($uploadedFile3['tmp_name']) == "image/webp"){ - $extension3 = 'webp'; + $beforeUploadError = check_upload_error($uploadedFile3, __DIR__."/../ueuseimages/"); + if($beforeUploadError === null){ + if(!(empty($uploadedFile3['tmp_name']))){ + if(check_mime($uploadedFile3['tmp_name'])){ + // アップロードされたファイルの拡張子を取得 + $extension3 = convert_mime(check_mime($uploadedFile3['tmp_name'])); + delete_exif($extension3, $uploadedFile3['tmp_name']); + resizeImage($uploadedFile3['tmp_name'], 8192, 8192); + if($aibwm === true){ + AIBlockWaterMark($uploadedFile3['tmp_name'], $userid); } - // 新しいファイル名を生成(uniqid + 拡張子) - $newFilename3 = createUniqId() . '-'.$userid.'.' . $extension3; - // 保存先のパスを生成 - $uploadedPath3 = '../ueuseimages/' . $newFilename3; - // ファイルを移動 - $result3 = move_uploaded_file($uploadedFile3['tmp_name'], __DIR__."/".$uploadedPath3); - if ($result3) { - $save_photo3 = $uploadedPath3; // 保存されたファイルのパスを使用 - } else { - $errnum = $uploadedFile3['error']; - if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} - if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} - if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} - if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} - if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} - if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} - if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} - $error_message[] = 'アップロード失敗!(3)エラーコード:' .$errcode.''; - } - } - if(isset($s3result)){ - if($s3result == false){ - $error_message[] = 'アップロード失敗!(3)エラーコード: S3ERROR'; + if(AMS3_CHKS == "true"){ + $s3result = uploadAmazonS3($uploadedFile3['tmp_name']); }else{ - $save_photo3 = $s3result; // S3に保存されたファイルのパスを使用 + if(check_mime($uploadedFile3['tmp_name']) == "image/webp"){ + $extension3 = 'webp'; + } + // 新しいファイル名を生成(uniqid + 拡張子) + $newFilename3 = createUniqId() . '-'.$userid.'.' . $extension3; + // 保存先のパスを生成 + $uploadedPath3 = '../ueuseimages/' . $newFilename3; + // ファイルを移動 + $result3 = rename($uploadedFile3['tmp_name'], __DIR__."/".$uploadedPath3); + if ($result3) { + $save_photo3 = $uploadedPath3; // 保存されたファイルのパスを使用 + } else { + $beforeUploadError = check_upload_error($uploadedFile3, __DIR__."/../ueuseimages/") ?? "ERROR"; + $error_message[] = 'アップロード失敗!(3)エラーコード:' .$beforeUploadError.''; + } } + if(isset($s3result)){ + if($s3result == false){ + $error_message[] = 'アップロード失敗!(3)エラーコード: S3ERROR'; + }else{ + $save_photo3 = $s3result; // S3に保存されたファイルのパスを使用 + } + } + }else{ + $error_message[] = "使用できない画像形式です。(SORRY_FILE_HITAIOU)"; } }else{ - $error_message[] = "使用できない画像形式です。(SORRY_FILE_HITAIOU)"; + $error_message[] = "ファイルがアップロードできませんでした。(FILE_UPLOAD_DEKINAKATTA)"; } }else{ - $error_message[] = "ファイルがアップロードできませんでした。(FILE_UPLOAD_DEKINAKATTA)"; + $error_message[] = 'アップロード失敗!(3)エラーコード:' .$beforeUploadError.''; } } @@ -1629,53 +1670,51 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$ } // アップロードされたファイル情報 $uploadedFile4 = $photo4; - if(!(empty($uploadedFile4['tmp_name']))){ - if(check_mime($uploadedFile4['tmp_name'])){ - // アップロードされたファイルの拡張子を取得 - $extension4 = convert_mime(check_mime($uploadedFile4['tmp_name'])); - delete_exif($extension4, $uploadedFile4['tmp_name']); - resizeImage($uploadedFile4['tmp_name'], 8192, 8192); - if($aibwm === true){ - AIBlockWaterMark($uploadedFile4['tmp_name'], $userid); - } - if(AMS3_CHKS == "true"){ - $s3result = uploadAmazonS3($uploadedFile4['tmp_name']); - }else{ - if(check_mime($uploadedFile4['tmp_name']) == "image/webp"){ - $extension4 = 'webp'; + $beforeUploadError = check_upload_error($uploadedFile4, __DIR__."/../ueuseimages/"); + if($beforeUploadError === null){ + if(!(empty($uploadedFile4['tmp_name']))){ + if(check_mime($uploadedFile4['tmp_name'])){ + // アップロードされたファイルの拡張子を取得 + $extension4 = convert_mime(check_mime($uploadedFile4['tmp_name'])); + delete_exif($extension4, $uploadedFile4['tmp_name']); + resizeImage($uploadedFile4['tmp_name'], 8192, 8192); + if($aibwm === true){ + AIBlockWaterMark($uploadedFile4['tmp_name'], $userid); } - // 新しいファイル名を生成(uniqid + 拡張子) - $newFilename4 = createUniqId() . '-'.$userid.'.' . $extension4; - // 保存先のパスを生成 - $uploadedPath4 = '../ueuseimages/' . $newFilename4; - // ファイルを移動 - $result4 = move_uploaded_file($uploadedFile4['tmp_name'], __DIR__."/".$uploadedPath4); - if ($result4) { - $save_photo4 = $uploadedPath4; // 保存されたファイルのパスを使用 - } else { - $errnum = $uploadedFile4['error']; - if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} - if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} - if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} - if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} - if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} - if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} - if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} - $error_message[] = 'アップロード失敗!(4)エラーコード:' .$errcode.''; - } - } - if(isset($s3result)){ - if($s3result == false){ - $error_message[] = 'アップロード失敗!(1)エラーコード: S3ERROR'; + if(AMS3_CHKS == "true"){ + $s3result = uploadAmazonS3($uploadedFile4['tmp_name']); }else{ - $save_photo4 = $s3result; // S3に保存されたファイルのパスを使用 + if(check_mime($uploadedFile4['tmp_name']) == "image/webp"){ + $extension4 = 'webp'; + } + // 新しいファイル名を生成(uniqid + 拡張子) + $newFilename4 = createUniqId() . '-'.$userid.'.' . $extension4; + // 保存先のパスを生成 + $uploadedPath4 = '../ueuseimages/' . $newFilename4; + // ファイルを移動 + $result4 = rename($uploadedFile4['tmp_name'], __DIR__."/".$uploadedPath4); + if ($result4) { + $save_photo4 = $uploadedPath4; // 保存されたファイルのパスを使用 + } else { + $beforeUploadError = check_upload_error($uploadedFile4, __DIR__."/../ueuseimages/") ?? "ERROR"; + $error_message[] = 'アップロード失敗!(3)エラーコード:' .$beforeUploadError.''; + } } + if(isset($s3result)){ + if($s3result == false){ + $error_message[] = 'アップロード失敗!(4)エラーコード: S3ERROR'; + }else{ + $save_photo4 = $s3result; // S3に保存されたファイルのパスを使用 + } + } + }else{ + $error_message[] = "使用できない画像形式です。(SORRY_FILE_HITAIOU)"; } }else{ - $error_message[] = "使用できない画像形式です。(SORRY_FILE_HITAIOU)"; + $error_message[] = "ファイルがアップロードできませんでした。(FILE_UPLOAD_DEKINAKATTA)"; } }else{ - $error_message[] = "ファイルがアップロードできませんでした。(FILE_UPLOAD_DEKINAKATTA)"; + $error_message[] = 'アップロード失敗!(4)エラーコード:' .$beforeUploadError.''; } } @@ -1684,46 +1723,43 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$ } else { // アップロードされたファイル情報 $uploadedVideo = $video1; - - if(!(empty($uploadedVideo['tmp_name']))){ - if(check_mime_video($uploadedVideo['tmp_name'])){ - if(AMS3_CHKS == "true"){ - $s3result = uploadAmazonS3($uploadedVideo['tmp_name']); - }else{ - // アップロードされたファイルの拡張子を取得 - $extensionVideo = convert_mime(check_mime_video($uploadedVideo['tmp_name'])); - // 正しい拡張子の場合、新しいファイル名を生成 - $newFilenameVideo = createUniqId() . '-'.$userid.'.' . $extensionVideo; - // 保存先のパスを生成 - $uploadedPathVideo = '../ueusevideos/' . $newFilenameVideo; - // ファイルを移動 - $resultVideo = move_uploaded_file($uploadedVideo['tmp_name'], __DIR__."/".$uploadedPathVideo); - if ($resultVideo) { - $save_video1 = $uploadedPathVideo; // 保存されたファイルのパスを使用 - } else { - $errnum = $uploadedVideo['error']; - if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} - if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} - if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} - if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} - if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} - if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} - if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} - $error_message[] = 'アップロード失敗!(5)エラーコード:' .$errcode.''; - } - } - if(isset($s3result)){ - if($s3result == false){ - $error_message[] = 'アップロード失敗!(5)エラーコード: S3ERROR'; + $beforeUploadError = check_upload_error($uploadedVideo, __DIR__.'/../ueusevideos/'); + if($beforeUploadError === null){ + if(!(empty($uploadedVideo['tmp_name']))){ + if(check_mime_video($uploadedVideo['tmp_name'])){ + if(AMS3_CHKS == "true"){ + $s3result = uploadAmazonS3($uploadedVideo['tmp_name']); }else{ - $save_video1 = $s3result; // S3に保存されたファイルのパスを使用 + // アップロードされたファイルの拡張子を取得 + $extensionVideo = convert_mime(check_mime_video($uploadedVideo['tmp_name'])); + // 正しい拡張子の場合、新しいファイル名を生成 + $newFilenameVideo = createUniqId() . '-'.$userid.'.' . $extensionVideo; + // 保存先のパスを生成 + $uploadedPathVideo = '../ueusevideos/' . $newFilenameVideo; + // ファイルを移動 + $resultVideo = rename($uploadedVideo['tmp_name'], __DIR__."/".$uploadedPathVideo); + if ($resultVideo) { + $save_video1 = $uploadedPathVideo; // 保存されたファイルのパスを使用 + } else { + $beforeUploadError = check_upload_error($uploadedVideo, __DIR__."/../ueusevideos/") ?? "ERROR"; + $error_message[] = 'アップロード失敗!(3)エラーコード:' .$beforeUploadError.''; + } } + if(isset($s3result)){ + if($s3result == false){ + $error_message[] = 'アップロード失敗!(5)エラーコード: S3ERROR'; + }else{ + $save_video1 = $s3result; // S3に保存されたファイルのパスを使用 + } + } + } else { + $error_message[] = '対応していないファイル形式です!(SORRY_FILE_HITAIOU)'; } - } else { - $error_message[] = '対応していないファイル形式です!(SORRY_FILE_HITAIOU)'; + }else{ + $error_message[] = "ファイルがアップロードできませんでした。(FILE_UPLOAD_DEKINAKATTA)"; } }else{ - $error_message[] = "ファイルがアップロードできませんでした。(FILE_UPLOAD_DEKINAKATTA)"; + $error_message[] = 'アップロード失敗!(5)エラーコード:' .$beforeUploadError.''; } } @@ -3716,53 +3752,73 @@ function GetActivityPubJson($url) { } function GetActivityPubUser($userid, $domain) { - $webfingerUrl = "https://$domain/.well-known/webfinger?resource=acct:$userid@$domain"; + if (is_not_private_url("https://".$domain."/")) { + $webfingerUrl = "https://$domain/.well-known/webfinger?resource=acct:$userid@$domain"; - $webfingerJson = GetActivityPubJson($webfingerUrl); + $webfingerJson = GetActivityPubJson($webfingerUrl); - if (!$webfingerJson || empty($webfingerJson['links'])) { - return ['error' => 'Failed to fetch WebFinger']; - } - - $actorUrl = null; - foreach ($webfingerJson['links'] as $link) { - if ($link['rel'] === 'self' && $link['type'] === 'application/activity+json') { - $actorUrl = $link['href']; - break; + if (!$webfingerJson || empty($webfingerJson['links'])) { + return ['error' => 'Failed to fetch WebFinger']; } + + $actorUrl = null; + foreach ($webfingerJson['links'] as $link) { + if ($link['rel'] === 'self' && $link['type'] === 'application/activity+json') { + $actorUrl = $link['href']; + break; + } + } + + if (!$actorUrl) { + return ['error' => 'Actor URL not found']; + } + + $actorJson = GetActivityPubJson($actorUrl); + if (!$actorJson) { + return ['error' => 'Failed to fetch actor']; + } + + $summaryHtml = $actorJson['summary'] ?? ''; + $withNewlines = preg_replace('//i', "\n", $summaryHtml); + $plainText = strip_tags($withNewlines); + + + return [ + 'userid' => $actorJson['preferredUsername'] ?? null, + 'username' => $actorJson['name'] ?? null, + 'profile' => $plainText ?? null, + 'id' => $actorJson['id'] ?? null, + 'inbox' => $actorJson['inbox'] ?? null, + 'outbox' => $actorJson['outbox'] ?? null, + 'followers' => $actorJson['followers'] ?? null, + 'iconname' => $actorJson['icon']['url'] ?? "../img/deficon/icon.png", + 'headname' => $actorJson['image']['url'] ?? "../img/defhead/head.png", + 'datetime' => $actorJson['published'] ?? null, + 'role' => 'user', + 'other_settings' => '{}', + 'follow' => '', + 'follower' => '', + 'raw' => $actorJson + ]; + }else{ + return [ + 'userid' => null, + 'username' => null, + 'profile' => null, + 'id' => null, + 'inbox' => null, + 'outbox' => null, + 'followers' => null, + 'iconname' => "../img/deficon/icon.png", + 'headname' => "../img/defhead/head.png", + 'datetime' => null, + 'role' => 'user', + 'other_settings' => '{}', + 'follow' => '', + 'follower' => '', + 'raw' => '' + ]; } - - if (!$actorUrl) { - return ['error' => 'Actor URL not found']; - } - - $actorJson = GetActivityPubJson($actorUrl); - if (!$actorJson) { - return ['error' => 'Failed to fetch actor']; - } - - $summaryHtml = $actorJson['summary'] ?? ''; - $withNewlines = preg_replace('//i', "\n", $summaryHtml); - $plainText = strip_tags($withNewlines); - - - return [ - 'userid' => $actorJson['preferredUsername'] ?? null, - 'username' => $actorJson['name'] ?? null, - 'profile' => $plainText ?? null, - 'id' => $actorJson['id'] ?? null, - 'inbox' => $actorJson['inbox'] ?? null, - 'outbox' => $actorJson['outbox'] ?? null, - 'followers' => $actorJson['followers'] ?? null, - 'iconname' => $actorJson['icon']['url'] ?? "../img/deficon/icon.png", - 'headname' => $actorJson['image']['url'] ?? "../img/defhead/head.png", - 'datetime' => $actorJson['published'] ?? null, - 'role' => 'user', - 'other_settings' => '{}', - 'follow' => '', - 'follower' => '', - 'raw' => $actorJson - ]; } function FormatUeuseItem(array $value, string $myblocklist, string $mybookmark, $pdo, string $userId): ?array { @@ -4219,5 +4275,15 @@ function sqlBlockAccountList($column, $myblocklist){ ]; } +function is_not_private_url($url) { + $parts = parse_url($url); + if (!isset($parts['host'])) return false; + + $ip = gethostbyname($parts['host']); + if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) === false) { + return false; + } + return true; +} ?> \ No newline at end of file diff --git a/function/get_customemoji.php b/function/get_customemoji.php index 170da1c..d7b5ef5 100644 --- a/function/get_customemoji.php +++ b/function/get_customemoji.php @@ -15,60 +15,63 @@ if (safetext(isset($_POST['emoji'])) && safetext(isset($_POST['userid'])) && saf if ($is_login === false) { echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; - } - - // データベースに接続 - try { - $option = array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::MYSQL_ATTR_MULTI_STATEMENTS => false - ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); - } catch (PDOException $e) { - // 接続エラーのときエラー内容を取得する - $error_message[] = $e->getMessage(); - } - - if (!empty($pdo)) { - // カンマ区切りまたは1つのユーザーID文字列を処理 - $emojis = array_unique(array_filter(explode(',', $emoji))); - - $results = []; - - if (count($emojis) > 0) { - // プレースホルダを作成 - $placeholders = implode(',', array_fill(0, count($emojis), '?')); - $stmt = $pdo->prepare("SELECT emojifile, emojiname FROM emoji WHERE emojiname IN ($placeholders)"); - $stmt->execute($emojis); - - $fetched = []; - while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) { - $fetched[$row['emojiname']] = [ - 'emojipath' => filter_var($row["emojifile"], FILTER_VALIDATE_URL) ? $row["emojifile"] : "../" . $row["emojifile"], - 'emojiname' => $row['emojiname'] - ]; - } - - foreach ($emojis as $name) { - if (isset($fetched[$name])) { - $results[$name] = $fetched[$name]; - } else { - $results[$name] = null; - } - } + }elseif(is_sameUserid($userid, $is_login["userid"]) === true){ + // データベースに接続 + try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); + } catch (PDOException $e) { + // 接続エラーのときエラー内容を取得する + $error_message[] = $e->getMessage(); } - echo json_encode([ - "success" => true, - "emojis" => $results - ], JSON_UNESCAPED_UNICODE); - } else { - $item = array( - "success" => false, - "emojipath" => null, - "emojiname" => null, - ); - echo json_encode($item, JSON_UNESCAPED_UNICODE); + if (!empty($pdo)) { + // カンマ区切りまたは1つのユーザーID文字列を処理 + $emojis = array_unique(array_filter(explode(',', $emoji))); + + $results = []; + + if (count($emojis) > 0) { + // プレースホルダを作成 + $placeholders = implode(',', array_fill(0, count($emojis), '?')); + $stmt = $pdo->prepare("SELECT emojifile, emojiname FROM emoji WHERE emojiname IN ($placeholders)"); + $stmt->execute($emojis); + + $fetched = []; + while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) { + $fetched[$row['emojiname']] = [ + 'emojipath' => filter_var($row["emojifile"], FILTER_VALIDATE_URL) ? $row["emojifile"] : "../" . $row["emojifile"], + 'emojiname' => $row['emojiname'] + ]; + } + + foreach ($emojis as $name) { + if (isset($fetched[$name])) { + $results[$name] = $fetched[$name]; + } else { + $results[$name] = null; + } + } + } + + echo json_encode([ + "success" => true, + "emojis" => $results + ], JSON_UNESCAPED_UNICODE); + } else { + $item = array( + "success" => false, + "emojipath" => null, + "emojiname" => null, + ); + echo json_encode($item, JSON_UNESCAPED_UNICODE); + } + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } }else{ $item = array( diff --git a/function/get_userid.php b/function/get_userid.php index a468a92..c264116 100644 --- a/function/get_userid.php +++ b/function/get_userid.php @@ -15,55 +15,58 @@ if (safetext(isset($_POST['get_account'])) && safetext(isset($_POST['userid'])) if ($is_login === false) { echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; - } - - // データベースに接続 - try { - $option = array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::MYSQL_ATTR_MULTI_STATEMENTS => false - ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); - } catch (PDOException $e) { - // 接続エラーのときエラー内容を取得する - $error_message[] = $e->getMessage(); - } - - if (!empty($pdo)) { - // カンマ区切りまたは1つのユーザーID文字列を処理 - $usernames = array_unique(array_filter(explode(',', $get_account))); - $lower_usernames = array_map('mb_strtolower', $usernames); - - $results = []; - - if (count($lower_usernames) > 0) { - $placeholders = implode(',', array_fill(0, count($lower_usernames), '?')); - $stmt = $pdo->prepare("SELECT userid, username FROM account WHERE LOWER(userid) IN ($placeholders)"); - $stmt->execute($lower_usernames); - - $fetched = []; - while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) { - $fetched[mb_strtolower($row['userid'])] = [ - 'userid' => $row['userid'], - 'username' => $row['username'] - ]; - } - - foreach ($usernames as $name) { - $lower = mb_strtolower($name); - $results[$name] = $fetched[$lower] ?? null; - } + }elseif(is_sameUserid($userId, $is_login["userid"]) === true){ + // データベースに接続 + try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); + } catch (PDOException $e) { + // 接続エラーのときエラー内容を取得する + $error_message[] = $e->getMessage(); } - - echo json_encode([ - "success" => true, - "users" => $results - ], JSON_UNESCAPED_UNICODE); - } else { - echo json_encode([ - "success" => false, - "users" => null - ], JSON_UNESCAPED_UNICODE); + + if (!empty($pdo)) { + // カンマ区切りまたは1つのユーザーID文字列を処理 + $usernames = array_unique(array_filter(explode(',', $get_account))); + $lower_usernames = array_map('mb_strtolower', $usernames); + + $results = []; + + if (count($lower_usernames) > 0) { + $placeholders = implode(',', array_fill(0, count($lower_usernames), '?')); + $stmt = $pdo->prepare("SELECT userid, username FROM account WHERE LOWER(userid) IN ($placeholders)"); + $stmt->execute($lower_usernames); + + $fetched = []; + while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) { + $fetched[mb_strtolower($row['userid'])] = [ + 'userid' => $row['userid'], + 'username' => $row['username'] + ]; + } + + foreach ($usernames as $name) { + $lower = mb_strtolower($name); + $results[$name] = $fetched[$lower] ?? null; + } + } + + echo json_encode([ + "success" => true, + "users" => $results + ], JSON_UNESCAPED_UNICODE); + } else { + echo json_encode([ + "success" => false, + "users" => null + ], JSON_UNESCAPED_UNICODE); + } + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } }else{ $item = array( diff --git a/function/reuse.php b/function/reuse.php index d78611b..0fd39aa 100644 --- a/function/reuse.php +++ b/function/reuse.php @@ -27,54 +27,57 @@ if (safetext(isset($_POST['uniqid'])) && safetext(isset($_POST['reusetext'])) && if ($is_login === false) { echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; - } + }elseif(is_sameUserid($userid, $is_login["userid"]) === true){ + $reusedate = date("Y-m-d H:i:s"); - $reusedate = date("Y-m-d H:i:s"); + //ユーズの情報を取得 + $query = $pdo->prepare('SELECT * FROM ueuse WHERE uniqid = :uniqid limit 1'); + $query->execute(array(':uniqid' => $postUniqid)); + $result = $query->fetch(); - //ユーズの情報を取得 - $query = $pdo->prepare('SELECT * FROM ueuse WHERE uniqid = :uniqid limit 1'); - $query->execute(array(':uniqid' => $postUniqid)); - $result = $query->fetch(); + //ユーザーの認証情報を取得 + $query = $pdo->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); + $query->execute(array(':userid' => $userid)); + $result2 = $query->fetch(); + if($result2["loginid"] === $loginid){ + if(!($result2["role"] == "ice")){ + $nsfw_chk = "false"; + + $photo1 = ""; + $photo2 = ""; + $photo3 = ""; + $photo4 = ""; + $video1 = ""; + + $rpUniqid = ""; - //ユーザーの認証情報を取得 - $query = $pdo->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); - $query->execute(array(':userid' => $userid)); - $result2 = $query->fetch(); - if($result2["loginid"] === $loginid){ - if(!($result2["role"] == "ice")){ - $nsfw_chk = "false"; - - $photo1 = ""; - $photo2 = ""; - $photo3 = ""; - $photo4 = ""; - $video1 = ""; - - $rpUniqid = ""; + $AIBWM = false; + if(!(empty($result["ueuse"]))){ + $ruUniqid = $postUniqid; + }else{ + $ruUniqid = $result["ruuniqid"]; + } + $ueuse_result = send_ueuse($userid,$rpUniqid,$ruUniqid,$reusetext,$photo1,$photo2,$photo3,$photo4,$video1,$nsfw_chk,$AIBWM); - $AIBWM = false; - if(!(empty($result["ueuse"]))){ - $ruUniqid = $postUniqid; + if($ueuse_result[0] == true){ + echo json_encode(['success' => true]); + exit; + }else{ + echo json_encode(['success' => false, 'error' => $ueuse_result[1]]); + exit; + } }else{ - $ruUniqid = $result["ruuniqid"]; - } - $ueuse_result = send_ueuse($userid,$rpUniqid,$ruUniqid,$reusetext,$photo1,$photo2,$photo3,$photo4,$video1,$nsfw_chk,$AIBWM); - - if($ueuse_result[0] == true){ - echo json_encode(['success' => true]); - exit; - }else{ - echo json_encode(['success' => false, 'error' => $ueuse_result[1]]); - exit; + echo json_encode(['success' => false, 'error' => 'お使いのアカウントではリユーズができません。']); + exit; } }else{ - echo json_encode(['success' => false, 'error' => 'お使いのアカウントではリユーズができません。']); - exit; + echo json_encode(['success' => false, 'error' => 'リユーズに失敗しました。']); + exit; } }else{ - echo json_encode(['success' => false, 'error' => 'リユーズに失敗しました。']); + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; - } + } } else { echo json_encode(['success' => false, 'error' => '必要なパラメータが提供されていません。']); exit; diff --git a/function/settings.php b/function/settings.php index 3f1ce9a..c07ed35 100644 --- a/function/settings.php +++ b/function/settings.php @@ -38,192 +38,193 @@ if (safetext(isset($_POST['userid'])) && safetext(isset($_POST['account_id'])) & if ($is_login === false) { echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; - } + }elseif(is_sameUserid($userid, $is_login["userid"]) === true){ + $userid = $is_login["userid"]; + + $settings_type = safetext($_POST['settings_type']); - $settings_type = safetext($_POST['settings_type']); + if($settings_type == "icon"){ + if(isset($_FILES["data"])){ + if (!(empty($_FILES['data']['name']))) { + $uploadedFile = $_FILES['data']; + $beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/../usericons/'); + if($beforeUploadError === null){ + if(check_mime($uploadedFile['tmp_name'])){ + $extension = convert_mime(check_mime($uploadedFile['tmp_name'])); + delete_exif($extension, $uploadedFile['tmp_name']); + resizeImage($uploadedFile['tmp_name'], 512, 512); - if($settings_type == "icon"){ - if(isset($_FILES["data"])){ - if (!(empty($_FILES['data']['name']))) { - $uploadedFile = $_FILES['data']; - if(check_mime($uploadedFile['tmp_name'])){ - $extension = convert_mime(check_mime($uploadedFile['tmp_name'])); - delete_exif($extension, $uploadedFile['tmp_name']); - resizeImage($uploadedFile['tmp_name'], 512, 512); - - if(AMS3_CHKS == "true"){ - $usericonurl = getUserData($pdo, $userid)["iconname"]; - if(filter_var($usericonurl, FILTER_VALIDATE_URL)){ - $s3delresult = deleteAmazonS3($usericonurl); + if(AMS3_CHKS == "true"){ + $usericonurl = getUserData($pdo, $userid)["iconname"]; + if(filter_var($usericonurl, FILTER_VALIDATE_URL)){ + $s3delresult = deleteAmazonS3($usericonurl); + }else{ + $s3delresult = true; + } + if($s3delresult == true){ + $s3result = uploadAmazonS3($uploadedFile['tmp_name']); + }else{ + $s3result = false; + } + }else{ + if(check_mime($uploadedFile['tmp_name']) == "image/webp"){ + $newFilename = createUniqId() . '-'.$userid.'.webp'; + }else{ + $newFilename = createUniqId() . '-'.$userid.'.' . $extension; + } + $uploadedPath = 'usericons/' . $newFilename; + $result = move_uploaded_file($uploadedFile['tmp_name'], '../'.$uploadedPath); + + if ($result) { + $iconName = $uploadedPath; // 保存されたファイルのパスを使用 + } else { + $beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/../usericons/') ?? "ERROR"; + $error_message[] = 'アップロード失敗!(1)エラーコード:' .$beforeUploadError.''; + } + } + if(isset($s3result)){ + if($s3result == false){ + $error_message[] = 'アップロード失敗!(1)エラーコード: S3ERROR'; + }else{ + $iconName = $s3result; // S3に保存されたファイルのパスを使用 + } + } }else{ - $s3delresult = true; - } - if($s3delresult == true){ - $s3result = uploadAmazonS3($uploadedFile['tmp_name']); - }else{ - $s3result = false; + $error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)"; } }else{ - if(check_mime($uploadedFile['tmp_name']) == "image/webp"){ - $newFilename = createUniqId() . '-'.$userid.'.webp'; - }else{ - $newFilename = createUniqId() . '-'.$userid.'.' . $extension; - } - $uploadedPath = 'usericons/' . $newFilename; - $result = move_uploaded_file($uploadedFile['tmp_name'], '../'.$uploadedPath); - - if ($result) { - $iconName = $uploadedPath; // 保存されたファイルのパスを使用 - } else { - $errnum = $uploadedFile['error']; - if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} - if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} - if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} - if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} - if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} - if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} - if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} - $error_message[] = 'アップロード失敗!(1)エラーコード:' .$errcode.''; - } - } - if(isset($s3result)){ - if($s3result == false){ - $error_message[] = 'アップロード失敗!(1)エラーコード: S3ERROR'; - }else{ - $iconName = $s3result; // S3に保存されたファイルのパスを使用 - } - } - }else{ - $error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)"; - } - }else{ - $error_message[] = 'アイコン画像を選択してください(PHOTO_SELECT_PLEASE)'; - } - - if(empty($error_message)) { - $currentIconPath = getUserData($pdo, $userid)["iconname"]; - - $pdo->beginTransaction(); - try { - $stmt = $pdo->prepare("UPDATE account SET iconname = :iconname WHERE userid = :userid"); - $stmt->bindValue(':iconname', $iconName, PDO::PARAM_STR); - $stmt->bindValue(':userid', $userid, PDO::PARAM_STR); - $res = $stmt->execute(); - $res = $pdo->commit(); - } catch (Exception $e) { - $pdo->rollBack(); - } - - if ($res) { - if ($currentIconPath) { - unlink('../' . $currentIconPath); - } - echo json_encode(['success' => true]); - exit; - } else { - echo json_encode(['success' => false, 'error' => '更新に失敗しました']); - exit; - } - - // プリペアドステートメントを削除 - $stmt = null; - }else{ - echo json_encode(['success' => false, 'error' => $error_message[0]]); - exit; - } - } - } - - if($settings_type == "header"){ - if(isset($_FILES["data"])){ - if (!(empty($_FILES['data']['name']))) { - $uploadedFile = $_FILES['data']; - if(check_mime($uploadedFile['tmp_name'])){ - $extension = pathinfo($uploadedFile['name'], PATHINFO_EXTENSION); - delete_exif($extension, $uploadedFile['tmp_name']); - resizeImage($uploadedFile['tmp_name'], 2048, 1024); - - if(AMS3_CHKS == "true"){ - $userheadurl = getUserData($pdo, $userid)["headname"]; - if(filter_var($userheadurl, FILTER_VALIDATE_URL)){ - $s3delresult = deleteAmazonS3($userheadurl); - }else{ - $s3delresult = true; - } - if($s3delresult == true){ - $s3result = uploadAmazonS3($uploadedFile['tmp_name']); - }else{ - $s3result = false; - } - }else{ - if(check_mime($uploadedFile['tmp_name']) == "image/webp"){ - $newFilename = createUniqId() . '-'.$userid.'.webp'; - }else{ - $newFilename = createUniqId() . '-'.$userid.'.' . $extension; - } - $uploadedPath = 'userheads/' . $newFilename; - $result = move_uploaded_file($uploadedFile['tmp_name'], '../'.$uploadedPath); - - if ($result) { - $headName = $uploadedPath; // 保存されたファイルのパスを使用 - } else { - $errnum = $uploadedFile['error']; - if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} - if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} - if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} - if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} - if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} - if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} - if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} - $error_message[] = 'アップロード失敗!(2)エラーコード:' .$errcode.''; - } - } - if(isset($s3result)){ - if($s3result == false){ - $error_message[] = 'アップロード失敗!(2)エラーコード: S3ERROR'; - }else{ - $headName = $s3result; // S3に保存されたファイルのパスを使用 - } + $error_message[] = 'アップロード失敗!(1)エラーコード:' .$beforeUploadError.''; } }else{ - $error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)"; + $error_message[] = 'アイコン画像を選択してください(PHOTO_SELECT_PLEASE)'; } - }else{ - $error_message[] = 'アイコン画像を選択してください(PHOTO_SELECT_PLEASE)'; - } - - if(empty($error_message)) { - $currentHeadPath = getUserData($pdo, $userid)["headname"]; + + if(empty($error_message)) { + $currentIconPath = getUserData($pdo, $userid)["iconname"]; + + $pdo->beginTransaction(); + try { + $stmt = $pdo->prepare("UPDATE account SET iconname = :iconname WHERE userid = :userid"); + $stmt->bindValue(':iconname', $iconName, PDO::PARAM_STR); + $stmt->bindValue(':userid', $userid, PDO::PARAM_STR); + $res = $stmt->execute(); + $res = $pdo->commit(); + } catch (Exception $e) { + $pdo->rollBack(); + } - $pdo->beginTransaction(); - try { - $stmt = $pdo->prepare("UPDATE account SET headname = :headname WHERE userid = :userid"); - $stmt->bindValue(':headname', $headName, PDO::PARAM_STR); - $stmt->bindValue(':userid', $userid, PDO::PARAM_STR); - $res = $stmt->execute(); - $res = $pdo->commit(); - } catch (Exception $e) { - $pdo->rollBack(); - } - - if ($res) { - if ($currentHeadPath) { - unlink('../' . $currentHeadPath); + if ($res) { + if ($currentIconPath) { + unlink('../' . $currentIconPath); + } + echo json_encode(['success' => true]); + exit; + } else { + echo json_encode(['success' => false, 'error' => '更新に失敗しました']); + exit; } - echo json_encode(['success' => true]); - exit; - } else { - echo json_encode(['success' => false, 'error' => '更新に失敗しました']); + + // プリペアドステートメントを削除 + $stmt = null; + }else{ + echo json_encode(['success' => false, 'error' => $error_message[0]]); exit; } - - // プリペアドステートメントを削除 - $stmt = null; - }else{ - echo json_encode(['success' => false, 'error' => $error_message[0]]); - exit; } } + + if($settings_type == "header"){ + if(isset($_FILES["data"])){ + if (!(empty($_FILES['data']['name']))) { + $uploadedFile = $_FILES['data']; + $beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/../userheads/'); + if($beforeUploadError === null){ + if(check_mime($uploadedFile['tmp_name'])){ + $extension = convert_mime(check_mime($uploadedFile['tmp_name'])); + delete_exif($extension, $uploadedFile['tmp_name']); + resizeImage($uploadedFile['tmp_name'], 2048, 1024); + + if(AMS3_CHKS == "true"){ + $userheadurl = getUserData($pdo, $userid)["headname"]; + if(filter_var($userheadurl, FILTER_VALIDATE_URL)){ + $s3delresult = deleteAmazonS3($userheadurl); + }else{ + $s3delresult = true; + } + if($s3delresult == true){ + $s3result = uploadAmazonS3($uploadedFile['tmp_name']); + }else{ + $s3result = false; + } + }else{ + if(check_mime($uploadedFile['tmp_name']) == "image/webp"){ + $newFilename = createUniqId() . '-'.$userid.'.webp'; + }else{ + $newFilename = createUniqId() . '-'.$userid.'.' . $extension; + } + $uploadedPath = 'userheads/' . $newFilename; + $result = move_uploaded_file($uploadedFile['tmp_name'], '../'.$uploadedPath); + + if ($result) { + $headName = $uploadedPath; // 保存されたファイルのパスを使用 + } else { + $beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/../userheads/') ?? "ERROR"; + $error_message[] = 'アップロード失敗!(2)エラーコード:' .$beforeUploadError.''; + } + } + if(isset($s3result)){ + if($s3result == false){ + $error_message[] = 'アップロード失敗!(2)エラーコード: S3ERROR'; + }else{ + $headName = $s3result; // S3に保存されたファイルのパスを使用 + } + } + }else{ + $error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)"; + } + }else{ + $error_message[] = 'アップロード失敗!(2)エラーコード:' .$beforeUploadError.''; + } + }else{ + $error_message[] = 'アイコン画像を選択してください(PHOTO_SELECT_PLEASE)'; + } + + if(empty($error_message)) { + $currentHeadPath = getUserData($pdo, $userid)["headname"]; + + $pdo->beginTransaction(); + try { + $stmt = $pdo->prepare("UPDATE account SET headname = :headname WHERE userid = :userid"); + $stmt->bindValue(':headname', $headName, PDO::PARAM_STR); + $stmt->bindValue(':userid', $userid, PDO::PARAM_STR); + $res = $stmt->execute(); + $res = $pdo->commit(); + } catch (Exception $e) { + $pdo->rollBack(); + } + + if ($res) { + if ($currentHeadPath) { + unlink('../' . $currentHeadPath); + } + echo json_encode(['success' => true]); + exit; + } else { + echo json_encode(['success' => false, 'error' => '更新に失敗しました']); + exit; + } + + // プリペアドステートメントを削除 + $stmt = null; + }else{ + echo json_encode(['success' => false, 'error' => $error_message[0]]); + exit; + } + } + } + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } } else { diff --git a/function/ueuse.php b/function/ueuse.php index 31391f3..ef4c641 100644 --- a/function/ueuse.php +++ b/function/ueuse.php @@ -27,74 +27,77 @@ if (safetext(isset($_POST['ueuse'])) && safetext(isset($_POST['userid'])) && saf if ($is_login === false) { echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; - } + }elseif(is_sameUserid($userid, $is_login["userid"]) === true){ + //ユーザーの認証情報を取得 + $query = $pdo->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); + $query->execute(array(':userid' => $userid)); + $result2 = $query->fetch(); + if($result2["loginid"] === $loginid){ + if(!($result2["role"] == "ice")){ + if(!(empty($result2["other_settings"]))){ + $isAIBWM = val_OtherSettings("isAIBlockWaterMark", $result2["other_settings"]); + }else{ + $isAIBWM = false; + } - //ユーザーの認証情報を取得 - $query = $pdo->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); - $query->execute(array(':userid' => $userid)); - $result2 = $query->fetch(); - if($result2["loginid"] === $loginid){ - if(!($result2["role"] == "ice")){ - if(!(empty($result2["other_settings"]))){ - $isAIBWM = val_OtherSettings("isAIBlockWaterMark", $result2["other_settings"]); - }else{ - $isAIBWM = false; - } + if(isset($nsfw_chk) && $nsfw_chk == "true"){ + $nsfw_chk = "true"; + }else{ + $nsfw_chk = "false"; + } - if(isset($nsfw_chk) && $nsfw_chk == "true"){ - $nsfw_chk = "true"; - }else{ - $nsfw_chk = "false"; - } + if(isset($_FILES['upload_images'])){ + $photo1 = $_FILES['upload_images']; + }else{ + $photo1 = null; + } + if(isset($_FILES['upload_images2'])){ + $photo2 = $_FILES['upload_images2']; + }else{ + $photo2 = null; + } + if(isset($_FILES['upload_images3'])){ + $photo3 = $_FILES['upload_images3']; + }else{ + $photo3 = null; + } + if(isset($_FILES['upload_images4'])){ + $photo4 = $_FILES['upload_images4']; + }else{ + $photo4 = null; + } + if(isset($_FILES['upload_videos1'])){ + $video1 = $_FILES['upload_videos1']; + }else{ + $video1 = null; + } - if(isset($_FILES['upload_images'])){ - $photo1 = $_FILES['upload_images']; - }else{ - $photo1 = null; - } - if(isset($_FILES['upload_images2'])){ - $photo2 = $_FILES['upload_images2']; - }else{ - $photo2 = null; - } - if(isset($_FILES['upload_images3'])){ - $photo3 = $_FILES['upload_images3']; - }else{ - $photo3 = null; - } - if(isset($_FILES['upload_images4'])){ - $photo4 = $_FILES['upload_images4']; - }else{ - $photo4 = null; - } - if(isset($_FILES['upload_videos1'])){ - $video1 = $_FILES['upload_videos1']; - }else{ - $video1 = null; - } + if(isset($_POST['rpuniqid'])){ + $rpUniqid = safetext($_POST['rpuniqid']); + }else{ + $rpUniqid = ""; + } - if(isset($_POST['rpuniqid'])){ - $rpUniqid = safetext($_POST['rpuniqid']); - }else{ - $rpUniqid = ""; - } + $ruUniqid = ""; + $ueuse_result = send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$photo4,$video1,$nsfw_chk,$isAIBWM); - $ruUniqid = ""; - $ueuse_result = send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$photo4,$video1,$nsfw_chk,$isAIBWM); - - if($ueuse_result[0] == true){ - echo json_encode(['success' => true]); - exit; + if($ueuse_result[0] == true){ + echo json_encode(['success' => true]); + exit; + }else{ + echo json_encode(['success' => false, 'error' => $ueuse_result[1]]); + exit; + } }else{ - echo json_encode(['success' => false, 'error' => $ueuse_result[1]]); - exit; + echo json_encode(['success' => false, 'error' => 'お使いのアカウントではユーズができません。']); + exit; } }else{ - echo json_encode(['success' => false, 'error' => 'お使いのアカウントではユーズができません。']); - exit; + echo json_encode(['success' => false, 'error' => 'ユーズに失敗しました。']); + exit; } }else{ - echo json_encode(['success' => false, 'error' => 'ユーズに失敗しました。']); + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; } } else { diff --git a/js/view_function.js b/js/view_function.js index c7a637f..0be371c 100644 --- a/js/view_function.js +++ b/js/view_function.js @@ -355,21 +355,20 @@ function formatMarkdown(text) { // a_link text = text.replace(/(https:\/\/[\w!?\/+\-_~;.,*&@#$%()+|https:\/\/[ぁ-んァ-ヶ一ー-龠々\w\-\/?=&%.]+)/g, function (url) { - const escapedUrl = url; - const no_https_link = escapedUrl.replace("https://", ""); + const no_https_link = url.replace("https://", ""); let linkText = no_https_link; - if (no_https_link.length > 48) { linkText = no_https_link.substring(0, 48) + '...'; } - - return `${linkText}`; + const html = `${linkText}`; + return createPlaceholder(html); }); // ハッシュタグ text = text.replace(/(^|[^a-zA-Z0-9_])#([a-zA-Z0-9ぁ-んァ-ン一-龥ー_]+)/gu, function (match, before, tag) { const encodedTag = encodeURIComponent("#" + tag); - return `${before}#${tag}`; + const html = `${before}#${tag}`; + return createPlaceholder(html); }); // 独自構文 @@ -390,6 +389,7 @@ function formatMarkdown(text) { .replace(/~~(.+?)~~/g, '$1') .replace(/^>>> ?(.*)$/gm, '$1') .replace(/\|\|(.+?)\|\|/g, '$1') + .replace(/^-# (.+)/gm, '

$1

') .replace(/^# (.+)/gm, '

$1

') .replace(/^## (.+)/gm, '

$1

') .replace(/^### (.+)/gm, '

$1

') @@ -412,17 +412,17 @@ function formatMarkdown(text) { return final; } -function YouTube_and_nicovideo_Links(postText) { +async function YouTube_and_nicovideo_Links(postText) { const urlPattern = /(https:\/\/[^\s<>\[\]'"“”]+)/g; const urls = postText.match(urlPattern); let embedCode = ''; if (!urls) return null; - let embeddedOnce = false; // ← 埋め込みが1回されたかどうか + let embeddedOnce = false; - urls.forEach(url => { - if (embeddedOnce) return; // ← すでに埋め込みしたらスキップ + for (const url of urls) { + if (embeddedOnce) return; try { const parsed = new URL(url); @@ -452,7 +452,6 @@ function YouTube_and_nicovideo_Links(postText) { embedCode = `
`; embeddedOnce = true; } - } else if (['nicovideo.jp', 'nico.ms'].includes(host)) { if (parsed.pathname.includes('/watch/')) { videoId = parsed.pathname.split('/watch/')[1]; @@ -471,13 +470,24 @@ function YouTube_and_nicovideo_Links(postText) { embedCode = `
`; embeddedOnce = true; } - } else { - embedCode = null + }else if (['soundcloud.com', 'on.soundcloud.com'].includes(host)) { + const oembedUrl = `https://soundcloud.com/oembed?format=json&maxheight=400&url=${encodeURIComponent(url)}`; + + const response = await $.ajax({ + url: oembedUrl, + method: 'GET', + dataType: 'json' + }); + + if (response && response.html) { + embedCode = `
${response.html}
`; + embeddedOnce = true; + } } } catch (e) { // 無視 } - }); + }; return embedCode; } @@ -946,23 +956,25 @@ async function createUeuseHtml(ueuse, selectedUniqid = null) { if (ueuse["type"] == "Reuse") { if (ueuse["ueuse"].length > 0) { - if (YouTube_and_nicovideo_Links(ueuse["ueuse"])) { - contentHtml = contentHtml + YouTube_and_nicovideo_Links(ueuse["ueuse"]); + const embed = await YouTube_and_nicovideo_Links(ueuse["ueuse"]); + if (embed) { + contentHtml = contentHtml + embed; } } else { if (ueuse["reuse"] != null) { - if (YouTube_and_nicovideo_Links(ueuse["reuse"]["ueuse"])) { - contentHtml = contentHtml + YouTube_and_nicovideo_Links(ueuse["reuse"]["ueuse"]); + const embed = await YouTube_and_nicovideo_Links(ueuse["reuse"]["ueuse"]); + if (embed) { + contentHtml = contentHtml + embed; } } - } - } else { - if (YouTube_and_nicovideo_Links(ueuse["ueuse"])) { - contentHtml = contentHtml + YouTube_and_nicovideo_Links(ueuse["ueuse"]); + const embed = await YouTube_and_nicovideo_Links(ueuse["ueuse"]); + if (embed) { + contentHtml = contentHtml + embed; } } + var favbox = `
diff --git a/migration/index.php b/migration/index.php index 4b47113..b484df8 100644 --- a/migration/index.php +++ b/migration/index.php @@ -78,9 +78,13 @@ if( !empty($_POST['btn_submit']) ) { if(empty($domain)) { $error_message[] = '移行元のサーバードメインを入力してください。(INPUT_PLEASE)'; }else{ - $domain_response = @file_get_contents("https://".$domain."/"); - if (empty($domain_response)) { - $error_message[] = '入力されたドメインに接続できませんでした。(INPUT_PLEASE)'; + if (is_not_private_url("https://".$domain."/")) { + $domain_response = @file_get_contents("https://".$domain."/"); + if (empty($domain_response)) { + $error_message[] = '入力されたドメインに接続できませんでした。(INPUT_PLEASE)'; + } + }else{ + $error_message[] = '入力されたドメインに接続できませんでした。(BAD_REQUEST)'; } } @@ -203,110 +207,118 @@ if( !empty($_POST['btn_submit']) ) { if($json_account_data == false){ $error_message[] = "アカウントの移行を最初からやり直してください。(MIGRATION_SORRY)"; }else{ - //アイコン&ヘッダー - $icondata = file_get_contents($json_account_data["userdata"]["user_icon"]); - $finfo = finfo_open(FILEINFO_MIME_TYPE); - $mime_type = finfo_buffer($finfo, $icondata); - $safe_img_mime = [ - "image/gif" => 'gif', - "image/jpeg" => 'jpg', - "image/png" => 'png', - "image/svg+xml" => 'svg', - "image/webp" => 'webp', - "image/bmp" => 'bmp', - "image/x-icon" => 'ico', - "image/tiff" => 'tiff' - ]; - if(isset($safe_img_mime[$mime_type])){ - $extension = $safe_img_mime[$mime_type]; - $temp_file = tempnam(sys_get_temp_dir(), 'img'); - file_put_contents($temp_file, $icondata); + if (is_not_private_url("https://".$json_account_data["userdata"]["user_icon"]."/")) { + $icondata = file_get_contents($json_account_data["userdata"]["user_icon"]); + $finfo = finfo_open(FILEINFO_MIME_TYPE); + $mime_type = finfo_buffer($finfo, $icondata); + $safe_img_mime = [ + "image/gif" => 'gif', + "image/jpeg" => 'jpg', + "image/png" => 'png', + "image/svg+xml" => 'svg', + "image/webp" => 'webp', + "image/bmp" => 'bmp', + "image/x-icon" => 'ico', + "image/tiff" => 'tiff' + ]; + if(isset($safe_img_mime[$mime_type])){ + $extension = $safe_img_mime[$mime_type]; + $temp_file = tempnam(sys_get_temp_dir(), 'img'); + file_put_contents($temp_file, $icondata); - delete_exif($extension, $temp_file); + delete_exif($extension, $temp_file); - // リサイズ - resizeImage($temp_file, 512, 512); + // リサイズ + resizeImage($temp_file, 512, 512); - if(check_mime($temp_file) == "image/webp"){ - // 新しいファイル名を生成(uniqid + 拡張子) - $newFilename = createUniqId() . '-'.$new_userid.'.webp'; - }else{ - // 新しいファイル名を生成(uniqid + 拡張子) - $newFilename = createUniqId() . '-'.$new_userid.'.' . $extension; - } - - // 保存先のパスを生成 - $uploadedPath = 'usericons/' . $newFilename; - - // ファイルを移動 - $result = copy($temp_file, "../".$uploadedPath); - - if ($result) { - $iconName = $uploadedPath; // 保存されたファイルのパスを使用 - } else { - $errnum = $uploadedFile['error']; - if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} - if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} - if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} - if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} - if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} - if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} - if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} - $error_message[] = 'アップロード失敗!(1)エラーコード:' .$uploadedFile['error'].''; + if(check_mime($temp_file) == "image/webp"){ + // 新しいファイル名を生成(uniqid + 拡張子) + $newFilename = createUniqId() . '-'.$new_userid.'.webp'; + }else{ + // 新しいファイル名を生成(uniqid + 拡張子) + $newFilename = createUniqId() . '-'.$new_userid.'.' . $extension; + } + + // 保存先のパスを生成 + $uploadedPath = 'usericons/' . $newFilename; + + // ファイルを移動 + $result = copy($temp_file, "../".$uploadedPath); + + if ($result) { + $iconName = $uploadedPath; // 保存されたファイルのパスを使用 + } else { + $errnum = $uploadedFile['error']; + if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} + if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} + if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} + if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} + if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} + if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} + if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} + $error_message[] = 'アップロード失敗!(1)エラーコード:' .$uploadedFile['error'].''; + } } + }else{ + $error_message[] = '入力されたドメインに接続できませんでした。(BAD_REQUEST)'; } + //------------------ - $headdata = file_get_contents($json_account_data["userdata"]["user_header"]); - $finfo = finfo_open(FILEINFO_MIME_TYPE); - $mime_type = finfo_buffer($finfo, $headdata); - $safe_img_mime = [ - "image/gif" => 'gif', - "image/jpeg" => 'jpg', - "image/png" => 'png', - "image/svg+xml" => 'svg', - "image/webp" => 'webp', - "image/bmp" => 'bmp', - "image/x-icon" => 'ico', - "image/tiff" => 'tiff' - ]; - if(isset($safe_img_mime[$mime_type])){ - $extension = $safe_img_mime[$mime_type]; - $temp_file = tempnam(sys_get_temp_dir(), 'img'); - file_put_contents($temp_file, $headdata); + if (is_not_private_url("https://".$json_account_data["userdata"]["user_header"]."/")) { + $headdata = file_get_contents($json_account_data["userdata"]["user_header"]); + $finfo = finfo_open(FILEINFO_MIME_TYPE); + $mime_type = finfo_buffer($finfo, $headdata); + $safe_img_mime = [ + "image/gif" => 'gif', + "image/jpeg" => 'jpg', + "image/png" => 'png', + "image/svg+xml" => 'svg', + "image/webp" => 'webp', + "image/bmp" => 'bmp', + "image/x-icon" => 'ico', + "image/tiff" => 'tiff' + ]; + if(isset($safe_img_mime[$mime_type])){ + $extension = $safe_img_mime[$mime_type]; + $temp_file = tempnam(sys_get_temp_dir(), 'img'); + file_put_contents($temp_file, $headdata); - delete_exif($extension, $temp_file); + delete_exif($extension, $temp_file); - // リサイズ - resizeImage($temp_file, 2048, 1024); + // リサイズ + resizeImage($temp_file, 2048, 1024); - if(check_mime($temp_file) == "image/webp"){ - // 新しいファイル名を生成(uniqid + 拡張子) - $newFilename = createUniqId() . '-'.$new_userid.'.webp'; - }else{ - // 新しいファイル名を生成(uniqid + 拡張子) - $newFilename = createUniqId() . '-'.$new_userid.'.' . $extension; - } - - // 保存先のパスを生成 - $uploadedPath = 'userheads/' . $newFilename; - - // ファイルを移動 - $result = copy($temp_file, "../".$uploadedPath); - - if ($result) { - $headName = $uploadedPath; // 保存されたファイルのパスを使用 - } else { - $errnum = $uploadedFile['error']; - if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} - if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} - if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} - if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} - if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} - if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} - if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} - $error_message[] = 'アップロード失敗!(2)エラーコード:' .$uploadedFile['error'].''; + if(check_mime($temp_file) == "image/webp"){ + // 新しいファイル名を生成(uniqid + 拡張子) + $newFilename = createUniqId() . '-'.$new_userid.'.webp'; + }else{ + // 新しいファイル名を生成(uniqid + 拡張子) + $newFilename = createUniqId() . '-'.$new_userid.'.' . $extension; + } + + // 保存先のパスを生成 + $uploadedPath = 'userheads/' . $newFilename; + + // ファイルを移動 + $result = copy($temp_file, "../".$uploadedPath); + + if ($result) { + $headName = $uploadedPath; // 保存されたファイルのパスを使用 + } else { + $errnum = $uploadedFile['error']; + if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} + if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} + if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} + if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} + if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} + if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} + if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} + $error_message[] = 'アップロード失敗!(2)エラーコード:' .$uploadedFile['error'].''; + } } + }else{ + $error_message[] = '入力されたドメインに接続できませんでした。(BAD_REQUEST)'; } $query = $pdo->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); diff --git a/new.php b/new.php index 1182dc8..39b3d67 100644 --- a/new.php +++ b/new.php @@ -171,15 +171,7 @@ if( !empty($_POST['btn_submit']) ) { if ($result) { $iconName = $uploadedPath; } else { - $errnum = $uploadedFile['error']; - if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} - if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} - if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} - if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} - if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} - if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} - if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} - $error_message[] = 'アップロード失敗!(1)エラーコード:' .$uploadedFile['error'].''; + $error_message[] = 'アップロード失敗!(1)エラーコード: ERROR'; } } if(isset($s3result)){ @@ -191,47 +183,45 @@ if( !empty($_POST['btn_submit']) ) { } } else { $uploadedFile = $_FILES['image']; - if(!(empty($uploadedFile['tmp_name']))){ - if(check_mime($uploadedFile['tmp_name'])){ - $extension = convert_mime(check_mime($uploadedFile['tmp_name'])); - delete_exif($extension, $uploadedFile['tmp_name']); - resizeImage($uploadedFile['tmp_name'], 512, 512); + $beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/usericons/'); + if($beforeUploadError === null){ + if(!(empty($uploadedFile['tmp_name']))){ + if(check_mime($uploadedFile['tmp_name'])){ + $extension = convert_mime(check_mime($uploadedFile['tmp_name'])); + delete_exif($extension, $uploadedFile['tmp_name']); + resizeImage($uploadedFile['tmp_name'], 512, 512); - if(AMS3_CHKS == "true"){ - $s3result = uploadAmazonS3($uploadedFile['tmp_name']); + if(AMS3_CHKS == "true"){ + $s3result = uploadAmazonS3($uploadedFile['tmp_name']); + }else{ + if(check_mime($uploadedFile['tmp_name']) == "image/webp"){ + $newFilename = createUniqId() . '-'.$userid.'.webp'; + }else{ + $newFilename = createUniqId() . '-'.$userid.'.' . $extension; + } + $uploadedPath = 'usericons/' . $newFilename; + $result = move_uploaded_file($uploadedFile['tmp_name'], $uploadedPath); + + if ($result) { + $iconName = $uploadedPath; // 保存されたファイルのパスを使用 + } else { + $beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/usericons/') ?? "ERROR"; + $error_message[] = 'アップロード失敗!(1)エラーコード:' .$beforeUploadError.''; + } + } + if(isset($s3result)){ + if($s3result == false){ + $error_message[] = 'アップロード失敗!(1)エラーコード: S3ERROR'; + }else{ + $iconName = $s3result; // S3に保存されたファイルのパスを使用 + } + } }else{ - if(check_mime($uploadedFile['tmp_name']) == "image/webp"){ - $newFilename = createUniqId() . '-'.$userid.'.webp'; - }else{ - $newFilename = createUniqId() . '-'.$userid.'.' . $extension; - } - $uploadedPath = 'usericons/' . $newFilename; - $result = move_uploaded_file($uploadedFile['tmp_name'], $uploadedPath); - - if ($result) { - $iconName = $uploadedPath; // 保存されたファイルのパスを使用 - } else { - $errnum = $uploadedFile['error']; - if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} - if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} - if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} - if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} - if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} - if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} - if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} - $error_message[] = 'アップロード失敗!(1)エラーコード:' .$errcode.''; - } + $error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)"; } - if(isset($s3result)){ - if($s3result == false){ - $error_message[] = 'アップロード失敗!(1)エラーコード: S3ERROR'; - }else{ - $iconName = $s3result; // S3に保存されたファイルのパスを使用 - } - } - }else{ - $error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)"; } + }else{ + $error_message[] = 'アップロード失敗!(1)エラーコード:' .$beforeUploadError.''; } } @@ -247,15 +237,7 @@ if( !empty($_POST['btn_submit']) ) { if ($result) { $headName = $uploadedPath; } else { - $errnum = $uploadedFile['error']; - if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";} - if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";} - if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";} - if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";} - if($errnum === 6){$errcode = "TMP_FOLDER_NAI";} - if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";} - if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";} - $error_message[] = 'アップロード失敗!(2)エラーコード:' .$uploadedFile['error'].''; + $error_message[] = 'アップロード失敗!(1)エラーコード: ERROR'; } } if(isset($s3result)){ diff --git a/nextpage/bookmarktimeline.php b/nextpage/bookmarktimeline.php index 372efde..b21a524 100644 --- a/nextpage/bookmarktimeline.php +++ b/nextpage/bookmarktimeline.php @@ -14,135 +14,138 @@ if (safetext(isset($_POST['page'])) && safetext(isset($_POST['userid'])) && safe if ($is_login === false) { echo json_encode(['success' => false, 'error' => 'bad_request']); exit; - } - - // データベースに接続 - try { - $option = array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::MYSQL_ATTR_MULTI_STATEMENTS => false - ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); - } catch (PDOException $e) { - // 接続エラーのときエラー内容を取得する - $error_message[] = $e->getMessage(); - } - - if (!empty($pdo)) { - $myUserData = getUserData($pdo, $userId); - $myblocklist = safetext($myUserData["blocklist"]); - $mybookmark = safetext($myUserData["bookmark"]); - - $itemsPerPage = 15; // 1ページあたりのユーズ数 - $pageNumber = $page; - if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ - $pageNumber = 1; + }elseif(is_sameUserid($userId, $is_login["userid"]) === true){ + // データベースに接続 + try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); + } catch (PDOException $e) { + // 接続エラーのときエラー内容を取得する + $error_message[] = $e->getMessage(); } - $messages = array(); - - $bookmarkQuery = $pdo->prepare("SELECT bookmark FROM account WHERE userid = :userid"); - $bookmarkQuery->bindValue(':userid', $userId); - $bookmarkQuery->execute(); - $bookmarkData = $bookmarkQuery->fetch(); + if (!empty($pdo)) { + $myUserData = getUserData($pdo, $userId); + $myblocklist = safetext($myUserData["blocklist"]); + $mybookmark = safetext($myUserData["bookmark"]); - $allBookmarks = explode(',', $bookmarkData['bookmark'] ?? ''); - $reversedBookmarks = array_reverse($allBookmarks); - $bookmarkList = array_chunk($reversedBookmarks, $itemsPerPage); - - $list_Page = max(0, (int)$pageNumber - 1); - $messages = []; - - $blocked_accounts = sqlBlockAccountList('account', $myblocklist); - - if (!empty($bookmarkList[$list_Page])) { - $currentPageUniqIds = $bookmarkList[$list_Page]; - - // 名前付きプレースホルダ作成 - $placeholders = []; - $params = []; - foreach ($currentPageUniqIds as $i => $uniqid) { - $key = ":uniqid$i"; - $placeholders[] = $key; - $params[$key] = $uniqid; + $itemsPerPage = 15; // 1ページあたりのユーズ数 + $pageNumber = $page; + if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ + $pageNumber = 1; } - $placeholderStr = implode(',', $placeholders); - $sql = "SELECT ueuse.* - FROM ueuse - LEFT JOIN account ON ueuse.account = account.userid - WHERE ueuse.uniqid IN ($placeholderStr) AND account.role != 'ice' {$blocked_accounts['sql']} - ORDER BY FIELD(ueuse.uniqid, $placeholderStr)"; + $messages = array(); + + $bookmarkQuery = $pdo->prepare("SELECT bookmark FROM account WHERE userid = :userid"); + $bookmarkQuery->bindValue(':userid', $userId); + $bookmarkQuery->execute(); + $bookmarkData = $bookmarkQuery->fetch(); - $stmt = $pdo->prepare($sql); - foreach ($params as $key => $val) { - $stmt->bindValue($key, $val, PDO::PARAM_STR); - } - foreach ($blocked_accounts['params'] as $ph => $val) { - $stmt->bindValue($ph, $val, PDO::PARAM_STR); - } - $stmt->execute(); - $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); - } + $allBookmarks = explode(',', $bookmarkData['bookmark'] ?? ''); + $reversedBookmarks = array_reverse($allBookmarks); + $bookmarkList = array_chunk($reversedBookmarks, $itemsPerPage); - // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える - $messages = getDatasUeuse($pdo, $messages); - //adsystem------------------ + $list_Page = max(0, (int)$pageNumber - 1); + $messages = []; - $message['ads'] = "false"; + $blocked_accounts = sqlBlockAccountList('account', $myblocklist); - $today = date("Y-m-d H:i:s"); + if (!empty($bookmarkList[$list_Page])) { + $currentPageUniqIds = $bookmarkList[$list_Page]; - $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); - $adsQuery->bindValue(':today', $today); - $adsQuery->execute(); - $adsresult = $adsQuery->fetch(); - if(!(empty($adsresult))){ - $message['ads'] = "true"; - $message['ads_url'] = $adsresult["url"]; - $message['ads_img_url'] = $adsresult["image_url"]; - $message['ads_memo'] = $adsresult["memo"]; - } - //-------------------------- - - $ueuseItems = array(); - if(!empty($messages)){ - foreach ($messages as $value) { - $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); - if ($formatted !== null) { - $ueuseItems[] = $formatted; + // 名前付きプレースホルダ作成 + $placeholders = []; + $params = []; + foreach ($currentPageUniqIds as $i => $uniqid) { + $key = ":uniqid$i"; + $placeholders[] = $key; + $params[$key] = $uniqid; } + $placeholderStr = implode(',', $placeholders); + + $sql = "SELECT ueuse.* + FROM ueuse + LEFT JOIN account ON ueuse.account = account.userid + WHERE ueuse.uniqid IN ($placeholderStr) AND account.role != 'ice' {$blocked_accounts['sql']} + ORDER BY FIELD(ueuse.uniqid, $placeholderStr)"; + + $stmt = $pdo->prepare($sql); + foreach ($params as $key => $val) { + $stmt->bindValue($key, $val, PDO::PARAM_STR); + } + foreach ($blocked_accounts['params'] as $ph => $val) { + $stmt->bindValue($ph, $val, PDO::PARAM_STR); + } + $stmt->execute(); + $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); } - if($message['ads'] === "true"){ - $adsystem = array( - "type" => "Ads", - "url" => $message['ads_url'], - "imgurl" => $message['ads_img_url'], - "memo" => $message['ads_memo'], + // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える + $messages = getDatasUeuse($pdo, $messages); + //adsystem------------------ + + $message['ads'] = "false"; + + $today = date("Y-m-d H:i:s"); + + $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); + $adsQuery->bindValue(':today', $today); + $adsQuery->execute(); + $adsresult = $adsQuery->fetch(); + if(!(empty($adsresult))){ + $message['ads'] = "true"; + $message['ads_url'] = $adsresult["url"]; + $message['ads_img_url'] = $adsresult["image_url"]; + $message['ads_memo'] = $adsresult["memo"]; + } + //-------------------------- + + $ueuseItems = array(); + if(!empty($messages)){ + foreach ($messages as $value) { + $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); + if ($formatted !== null) { + $ueuseItems[] = $formatted; + } + } + + if($message['ads'] === "true"){ + $adsystem = array( + "type" => "Ads", + "url" => $message['ads_url'], + "imgurl" => $message['ads_img_url'], + "memo" => $message['ads_memo'], + ); + }else{ + $adsystem = null; + } + + $item = array( + "success" => true, + "ueuses" => $ueuseItems, + "ads" => $adsystem, ); - }else{ - $adsystem = null; - } - - $item = array( - "success" => true, - "ueuses" => $ueuseItems, - "ads" => $adsystem, - ); - - echo json_encode($item, JSON_UNESCAPED_UNICODE); - }else{ - $item = array( - "success" => false, - "ueuses" => null, - "ads" => null, - "error" => "no_ueuse", - ); - echo json_encode($item, JSON_UNESCAPED_UNICODE); - } - $pdo = null; + echo json_encode($item, JSON_UNESCAPED_UNICODE); + }else{ + $item = array( + "success" => false, + "ueuses" => null, + "ads" => null, + "error" => "no_ueuse", + ); + echo json_encode($item, JSON_UNESCAPED_UNICODE); + } + + $pdo = null; + } + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } }else{ $item = array( diff --git a/nextpage/followtimeline.php b/nextpage/followtimeline.php index 6f54c36..c5c1366 100644 --- a/nextpage/followtimeline.php +++ b/nextpage/followtimeline.php @@ -14,121 +14,124 @@ if (safetext(isset($_POST['page'])) && safetext(isset($_POST['userid'])) && safe if ($is_login === false) { echo json_encode(['success' => false, 'error' => 'bad_request']); exit; - } - - // データベースに接続 - try { - $option = array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::MYSQL_ATTR_MULTI_STATEMENTS => false - ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); - } catch (PDOException $e) { - // 接続エラーのときエラー内容を取得する - $error_message[] = $e->getMessage(); - } - - if (!empty($pdo)) { - $myUserData = getUserData($pdo, $userId); - $myblocklist = safetext($myUserData["blocklist"]); - $mybookmark = safetext($myUserData["bookmark"]); - - $itemsPerPage = 15; // 1ページあたりのユーズ数 - $pageNumber = $page; - if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ - $pageNumber = 1; + }elseif(is_sameUserid($userId, $is_login["userid"]) === true){ + // データベースに接続 + try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); + } catch (PDOException $e) { + // 接続エラーのときエラー内容を取得する + $error_message[] = $e->getMessage(); } - $offset = ($pageNumber - 1) * $itemsPerPage; - $followList = getFolloweeList($pdo, $userId); - $messages = array(); // 初期化 + if (!empty($pdo)) { + $myUserData = getUserData($pdo, $userId); + $myblocklist = safetext($myUserData["blocklist"]); + $mybookmark = safetext($myUserData["bookmark"]); - // 空ならエラー回避 - if (!(empty($followList))){ - $placeholders = implode(',', array_fill(0, count($followList), '?')); - - $sql = "SELECT ueuse.* - FROM ueuse - LEFT JOIN account ON ueuse.account = account.userid - WHERE ueuse.rpuniqid = '' - AND account.role != 'ice' - AND ueuse.account IN ($placeholders) - ORDER BY ueuse.datetime DESC - LIMIT ? OFFSET ?"; - - $stmt = $pdo->prepare($sql); - - $i = 1; - foreach ($followList as $uid) { - $stmt->bindValue($i++, $uid, PDO::PARAM_STR); + $itemsPerPage = 15; // 1ページあたりのユーズ数 + $pageNumber = $page; + if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ + $pageNumber = 1; } - $stmt->bindValue($i++, $itemsPerPage, PDO::PARAM_INT); - $stmt->bindValue($i++, $offset, PDO::PARAM_INT); + $offset = ($pageNumber - 1) * $itemsPerPage; - $stmt->execute(); - $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); - }else{ - $messages = []; - } - - // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える - $messages = getDatasUeuse($pdo, $messages); - //adsystem------------------ + $followList = getFolloweeList($pdo, $userId); + $messages = array(); // 初期化 - $message['ads'] = "false"; + // 空ならエラー回避 + if (!(empty($followList))){ + $placeholders = implode(',', array_fill(0, count($followList), '?')); - $today = date("Y-m-d H:i:s"); + $sql = "SELECT ueuse.* + FROM ueuse + LEFT JOIN account ON ueuse.account = account.userid + WHERE ueuse.rpuniqid = '' + AND account.role != 'ice' + AND ueuse.account IN ($placeholders) + ORDER BY ueuse.datetime DESC + LIMIT ? OFFSET ?"; - $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); - $adsQuery->bindValue(':today', $today); - $adsQuery->execute(); - $adsresult = $adsQuery->fetch(); - if(!(empty($adsresult))){ - $message['ads'] = "true"; - $message['ads_url'] = $adsresult["url"]; - $message['ads_img_url'] = $adsresult["image_url"]; - $message['ads_memo'] = $adsresult["memo"]; - } - //-------------------------- + $stmt = $pdo->prepare($sql); - $ueuseItems = array(); - if(!empty($messages)){ - foreach ($messages as $value) { - $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); - if ($formatted !== null) { - $ueuseItems[] = $formatted; + $i = 1; + foreach ($followList as $uid) { + $stmt->bindValue($i++, $uid, PDO::PARAM_STR); } - } + $stmt->bindValue($i++, $itemsPerPage, PDO::PARAM_INT); + $stmt->bindValue($i++, $offset, PDO::PARAM_INT); - if($message['ads'] === "true"){ - $adsystem = array( - "type" => "Ads", - "url" => $message['ads_url'], - "imgurl" => $message['ads_img_url'], - "memo" => $message['ads_memo'], - ); + $stmt->execute(); + $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); }else{ - $adsystem = null; + $messages = []; } + + // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える + $messages = getDatasUeuse($pdo, $messages); + //adsystem------------------ - $item = array( - "success" => true, - "ueuses" => $ueuseItems, - "ads" => $adsystem, - ); - - echo json_encode($item, JSON_UNESCAPED_UNICODE); - }else{ - $item = array( - "success" => false, - "ueuses" => null, - "ads" => null, - "error" => "no_ueuse", - ); - echo json_encode($item, JSON_UNESCAPED_UNICODE); - } + $message['ads'] = "false"; + + $today = date("Y-m-d H:i:s"); + + $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); + $adsQuery->bindValue(':today', $today); + $adsQuery->execute(); + $adsresult = $adsQuery->fetch(); + if(!(empty($adsresult))){ + $message['ads'] = "true"; + $message['ads_url'] = $adsresult["url"]; + $message['ads_img_url'] = $adsresult["image_url"]; + $message['ads_memo'] = $adsresult["memo"]; + } + //-------------------------- + + $ueuseItems = array(); + if(!empty($messages)){ + foreach ($messages as $value) { + $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); + if ($formatted !== null) { + $ueuseItems[] = $formatted; + } + } + + if($message['ads'] === "true"){ + $adsystem = array( + "type" => "Ads", + "url" => $message['ads_url'], + "imgurl" => $message['ads_img_url'], + "memo" => $message['ads_memo'], + ); + }else{ + $adsystem = null; + } + + $item = array( + "success" => true, + "ueuses" => $ueuseItems, + "ads" => $adsystem, + ); - $pdo = null; + echo json_encode($item, JSON_UNESCAPED_UNICODE); + }else{ + $item = array( + "success" => false, + "ueuses" => null, + "ads" => null, + "error" => "no_ueuse", + ); + echo json_encode($item, JSON_UNESCAPED_UNICODE); + } + + $pdo = null; + } + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } }else{ $item = array( diff --git a/nextpage/foryoutimeline.php b/nextpage/foryoutimeline.php index f85fe4d..734e023 100644 --- a/nextpage/foryoutimeline.php +++ b/nextpage/foryoutimeline.php @@ -14,259 +14,262 @@ if (safetext(isset($_POST['page'])) && safetext(isset($_POST['userid'])) && safe if ($is_login === false) { echo json_encode(['success' => false, 'error' => 'bad_request']); exit; - } - - // データベースに接続 - try { - $option = array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::MYSQL_ATTR_MULTI_STATEMENTS => false - ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); - } catch (PDOException $e) { - // 接続エラーのときエラー内容を取得する - $error_message[] = $e->getMessage(); - } - - if (!empty($pdo)) { - $myUserData = getUserData($pdo, $userId); - $myblocklist = safetext($myUserData["blocklist"]); - $mybookmark = safetext($myUserData["bookmark"]); - - $itemsPerPage = 15; // 1ページあたりのユーズ数 - $pageNumber = $page; - if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ - $pageNumber = 1; - } - $offset = ($pageNumber - 1) * $itemsPerPage; - - $messages = array(); - - $blocked_accounts = sqlBlockAccountList('account', $myblocklist); - - //------------------------------------------すべてのユーズを取得---------------------------------------------- - $all_sql = "SELECT ueuse.* - FROM ueuse - LEFT JOIN account ON ueuse.account = account.userid - WHERE ueuse.rpuniqid = '' AND account.role != 'ice' {$blocked_accounts['sql']} - ORDER BY ueuse.datetime DESC - LIMIT :offset, :itemsPerPage"; - - $all_stmt = $pdo->prepare($all_sql); - foreach ($blocked_accounts['params'] as $ph => $val) { - $all_stmt->bindValue($ph, $val, PDO::PARAM_STR); - } - $all_stmt->bindValue(':offset', $offset, PDO::PARAM_INT); - $all_stmt->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); - $all_stmt->execute(); - - $all_messages = $all_stmt->fetchAll(PDO::FETCH_ASSOC); - if(empty($all_messages)){ - $all_messages = []; + }elseif(is_sameUserid($userId, $is_login["userid"]) === true){ + // データベースに接続 + try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); + } catch (PDOException $e) { + // 接続エラーのときエラー内容を取得する + $error_message[] = $e->getMessage(); } - //------------------------------------------人気なユーズを取得(バズってるやつ)---------------------------------------------- - $day_count_sql = "SELECT ueuse.* - FROM ueuse - LEFT JOIN account ON ueuse.account = account.userid - WHERE ueuse.datetime >= NOW() - INTERVAL 7 DAY AND ueuse.rpuniqid = '' AND account.role != 'ice' - ORDER BY ueuse.datetime DESC - LIMIT 1000"; - $cnt_stmt = $pdo->prepare($day_count_sql); - $Before7daysPosts = $cnt_stmt->fetchAll(PDO::FETCH_ASSOC); + if (!empty($pdo)) { + $myUserData = getUserData($pdo, $userId); + $myblocklist = safetext($myUserData["blocklist"]); + $mybookmark = safetext($myUserData["bookmark"]); - // 結果が15件に満たない場合 - $postCount = count($Before7daysPosts); - if($postCount < 15){ - $get_day = 90; - }elseif($postCount > 15 && $postCount < 150){ - $get_day = 31; - }elseif($postCount > 150 && $postCount < 750){ - $get_day = 7; - }elseif($postCount > 750){ - $get_day = 5; - }else{ - $get_day = 2; - } + $itemsPerPage = 15; // 1ページあたりのユーズ数 + $pageNumber = $page; + if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ + $pageNumber = 1; + } + $offset = ($pageNumber - 1) * $itemsPerPage; - $get_day = $get_day * (2 ** floor($pageNumber / 3)); + $messages = array(); - $pop_sql = "SELECT - ueuse.* - FROM - ueuse - LEFT JOIN account ON ueuse.account = account.userid - WHERE - ueuse.datetime >= NOW() - INTERVAL :getday DAY - AND - ueuse.rpuniqid = '' - AND - account.role != 'ice' - {$blocked_accounts['sql']} - ORDER BY - ueuse.popularity DESC - LIMIT :offset, :itemsPerPage; - "; - - $pop_stmt = $pdo->prepare($pop_sql); - foreach ($blocked_accounts['params'] as $ph => $val) { - $pop_stmt->bindValue($ph, $val, PDO::PARAM_STR); - } - $pop_stmt->bindValue(':getday', $get_day, PDO::PARAM_INT); - $pop_stmt->bindValue(':offset', $offset, PDO::PARAM_INT); - $pop_stmt->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); - $pop_stmt->execute(); - - $pop_messages = $pop_stmt->fetchAll(PDO::FETCH_ASSOC); - if(empty($pop_messages)){ - $pop_messages = []; - } - - //------------------------------------------フォローしているユーザーから取得---------------------------------------------- - $followList = getFolloweeList($pdo, $userId); - - foreach ($followList as $followUserId) { - $flw_sql = "SELECT ueuse.* + $blocked_accounts = sqlBlockAccountList('account', $myblocklist); + + //------------------------------------------すべてのユーズを取得---------------------------------------------- + $all_sql = "SELECT ueuse.* FROM ueuse LEFT JOIN account ON ueuse.account = account.userid - WHERE ueuse.rpuniqid = '' AND account.role != 'ice' AND ueuse.account = :follow_account AND ueuse.datetime >= NOW() - INTERVAL :getday DAY {$blocked_accounts['sql']} + WHERE ueuse.rpuniqid = '' AND account.role != 'ice' {$blocked_accounts['sql']} ORDER BY ueuse.datetime DESC LIMIT :offset, :itemsPerPage"; - $flw_stmt = $pdo->prepare($flw_sql); + $all_stmt = $pdo->prepare($all_sql); foreach ($blocked_accounts['params'] as $ph => $val) { - $flw_stmt->bindValue($ph, $val, PDO::PARAM_STR); + $all_stmt->bindValue($ph, $val, PDO::PARAM_STR); } - $flw_stmt->bindValue(':getday', $get_day, PDO::PARAM_INT); - $flw_stmt->bindValue(':offset', $offset, PDO::PARAM_INT); - $flw_stmt->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); - $flw_stmt->bindValue(':follow_account', $followUserId, PDO::PARAM_STR); - $flw_stmt->execute(); + $all_stmt->bindValue(':offset', $offset, PDO::PARAM_INT); + $all_stmt->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); + $all_stmt->execute(); - while ($row = $flw_stmt->fetch(PDO::FETCH_ASSOC)) { - $flw_messages[] = $row; + $all_messages = $all_stmt->fetchAll(PDO::FETCH_ASSOC); + if(empty($all_messages)){ + $all_messages = []; } - } - if(!(empty($flw_messages))){ - usort($flw_messages, function($a, $b) { - return strtotime($b['datetime']) - strtotime($a['datetime']); - }); - }else{ - $flw_messages = []; - } - //------------------------------------------いいねやリユーズを頻繁にするような好きっぽそうなユーザーの投稿を取得-------------------------------------- - $fav_sql = "SELECT ueuse.*, - (LENGTH(ueuse.favorite) - LENGTH(REPLACE(ueuse.favorite, ',', '')) - 1) AS favorite_count - FROM ueuse - WHERE FIND_IN_SET(:userid, ueuse.favorite) > 0 - ORDER BY ueuse.datetime DESC - LIMIT 100 - "; - $fav_stmt = $pdo->prepare($fav_sql); - $fav_stmt->bindValue(':userid', $userId, PDO::PARAM_STR); - $fav_stmt->execute(); - $fav_ueuse_lists = $fav_stmt->fetchAll(PDO::FETCH_ASSOC); + //------------------------------------------人気なユーズを取得(バズってるやつ)---------------------------------------------- + $day_count_sql = "SELECT ueuse.* + FROM ueuse + LEFT JOIN account ON ueuse.account = account.userid + WHERE ueuse.datetime >= NOW() - INTERVAL 7 DAY AND ueuse.rpuniqid = '' AND account.role != 'ice' + ORDER BY ueuse.datetime DESC + LIMIT 1000"; + $cnt_stmt = $pdo->prepare($day_count_sql); + $Before7daysPosts = $cnt_stmt->fetchAll(PDO::FETCH_ASSOC); - if (!empty($fav_ueuse_lists)) { - $many_fav_accounts = array_column($fav_ueuse_lists, 'account'); - $many_fav_account_counts = array_count_values($many_fav_accounts); - arsort($many_fav_account_counts); - $top_fav_accounts = array_slice($many_fav_account_counts, 0, 15, true); + // 結果が15件に満たない場合 + $postCount = count($Before7daysPosts); + if($postCount < 15){ + $get_day = 90; + }elseif($postCount > 15 && $postCount < 150){ + $get_day = 31; + }elseif($postCount > 150 && $postCount < 750){ + $get_day = 7; + }elseif($postCount > 750){ + $get_day = 5; + }else{ + $get_day = 2; + } - $favget_messages = []; - $favget_sql = "SELECT ueuse.* + $get_day = $get_day * (2 ** floor($pageNumber / 3)); + + $pop_sql = "SELECT + ueuse.* + FROM + ueuse + LEFT JOIN account ON ueuse.account = account.userid + WHERE + ueuse.datetime >= NOW() - INTERVAL :getday DAY + AND + ueuse.rpuniqid = '' + AND + account.role != 'ice' + {$blocked_accounts['sql']} + ORDER BY + ueuse.popularity DESC + LIMIT :offset, :itemsPerPage; + "; + + $pop_stmt = $pdo->prepare($pop_sql); + foreach ($blocked_accounts['params'] as $ph => $val) { + $pop_stmt->bindValue($ph, $val, PDO::PARAM_STR); + } + $pop_stmt->bindValue(':getday', $get_day, PDO::PARAM_INT); + $pop_stmt->bindValue(':offset', $offset, PDO::PARAM_INT); + $pop_stmt->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); + $pop_stmt->execute(); + + $pop_messages = $pop_stmt->fetchAll(PDO::FETCH_ASSOC); + if(empty($pop_messages)){ + $pop_messages = []; + } + + //------------------------------------------フォローしているユーザーから取得---------------------------------------------- + $followList = getFolloweeList($pdo, $userId); + + foreach ($followList as $followUserId) { + $flw_sql = "SELECT ueuse.* FROM ueuse LEFT JOIN account ON ueuse.account = account.userid - WHERE ueuse.rpuniqid = '' AND account.role != 'ice' AND ueuse.account = :fav_account AND ueuse.datetime >= NOW() - INTERVAL :getday DAY {$blocked_accounts['sql']} + WHERE ueuse.rpuniqid = '' AND account.role != 'ice' AND ueuse.account = :follow_account AND ueuse.datetime >= NOW() - INTERVAL :getday DAY {$blocked_accounts['sql']} ORDER BY ueuse.datetime DESC LIMIT :offset, :itemsPerPage"; - $favget_stmt = $pdo->prepare($favget_sql); - foreach ($blocked_accounts['params'] as $ph => $val) { - $favget_stmt->bindValue($ph, $val, PDO::PARAM_STR); - } - $favget_stmt->bindValue(':getday', $get_day, PDO::PARAM_INT); - $favget_stmt->bindValue(':offset', $offset, PDO::PARAM_INT); - $favget_stmt->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); + $flw_stmt = $pdo->prepare($flw_sql); + foreach ($blocked_accounts['params'] as $ph => $val) { + $flw_stmt->bindValue($ph, $val, PDO::PARAM_STR); + } + $flw_stmt->bindValue(':getday', $get_day, PDO::PARAM_INT); + $flw_stmt->bindValue(':offset', $offset, PDO::PARAM_INT); + $flw_stmt->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); + $flw_stmt->bindValue(':follow_account', $followUserId, PDO::PARAM_STR); + $flw_stmt->execute(); - foreach ($top_fav_accounts as $favUserId => $count) { - $favget_stmt->bindValue(':fav_account', $favUserId, PDO::PARAM_STR); - $favget_stmt->execute(); - $favget_messages = array_merge($favget_messages, $favget_stmt->fetchAll(PDO::FETCH_ASSOC)); - } - } else { - $favget_messages = []; - } - - // 基本的には人気・フォロー中・いいねする事が多いユーザーのユーズでTLを構成するけど全部出きったらLTLと同じにする - $messages = array_merge($pop_messages, $flw_messages, $favget_messages); - if (empty($messages)) { - $messages = $all_messages; - } elseif (count($messages) < 15) { - $messages = array_merge($messages, $all_messages); - } - $messages = array_slice(array_unique($messages, SORT_REGULAR), 0, 15); - shuffle($messages); - - // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える - $messages = getDatasUeuse($pdo, $messages); - //adsystem------------------ - - $message['ads'] = "false"; - - $today = date("Y-m-d H:i:s"); - - $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); - $adsQuery->bindValue(':today', $today); - $adsQuery->execute(); - $adsresult = $adsQuery->fetch(); - if(!(empty($adsresult))){ - $message['ads'] = "true"; - $message['ads_url'] = $adsresult["url"]; - $message['ads_img_url'] = $adsresult["image_url"]; - $message['ads_memo'] = $adsresult["memo"]; - } - //-------------------------- - - $ueuseItems = array(); - if(!empty($messages)){ - foreach ($messages as $value) { - $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); - if ($formatted !== null) { - $ueuseItems[] = $formatted; + while ($row = $flw_stmt->fetch(PDO::FETCH_ASSOC)) { + $flw_messages[] = $row; } } - - if($message['ads'] === "true"){ - $adsystem = array( - "type" => "Ads", - "url" => $message['ads_url'], - "imgurl" => $message['ads_img_url'], - "memo" => $message['ads_memo'], - ); + if(!(empty($flw_messages))){ + usort($flw_messages, function($a, $b) { + return strtotime($b['datetime']) - strtotime($a['datetime']); + }); }else{ - $adsystem = null; + $flw_messages = []; } - $item = array( - "success" => true, - "ueuses" => $ueuseItems, - "ads" => $adsystem, - ); - - echo json_encode($item, JSON_UNESCAPED_UNICODE); - }else{ - $item = array( - "success" => false, - "ueuses" => null, - "ads" => null, - "error" => "no_ueuse", - ); - echo json_encode($item, JSON_UNESCAPED_UNICODE); - } + //------------------------------------------いいねやリユーズを頻繁にするような好きっぽそうなユーザーの投稿を取得-------------------------------------- + $fav_sql = "SELECT ueuse.*, + (LENGTH(ueuse.favorite) - LENGTH(REPLACE(ueuse.favorite, ',', '')) - 1) AS favorite_count + FROM ueuse + WHERE FIND_IN_SET(:userid, ueuse.favorite) > 0 + ORDER BY ueuse.datetime DESC + LIMIT 100 + "; + $fav_stmt = $pdo->prepare($fav_sql); + $fav_stmt->bindValue(':userid', $userId, PDO::PARAM_STR); + $fav_stmt->execute(); + $fav_ueuse_lists = $fav_stmt->fetchAll(PDO::FETCH_ASSOC); + + if (!empty($fav_ueuse_lists)) { + $many_fav_accounts = array_column($fav_ueuse_lists, 'account'); + $many_fav_account_counts = array_count_values($many_fav_accounts); + arsort($many_fav_account_counts); + $top_fav_accounts = array_slice($many_fav_account_counts, 0, 15, true); + + $favget_messages = []; + $favget_sql = "SELECT ueuse.* + FROM ueuse + LEFT JOIN account ON ueuse.account = account.userid + WHERE ueuse.rpuniqid = '' AND account.role != 'ice' AND ueuse.account = :fav_account AND ueuse.datetime >= NOW() - INTERVAL :getday DAY {$blocked_accounts['sql']} + ORDER BY ueuse.datetime DESC + LIMIT :offset, :itemsPerPage"; + + $favget_stmt = $pdo->prepare($favget_sql); + foreach ($blocked_accounts['params'] as $ph => $val) { + $favget_stmt->bindValue($ph, $val, PDO::PARAM_STR); + } + $favget_stmt->bindValue(':getday', $get_day, PDO::PARAM_INT); + $favget_stmt->bindValue(':offset', $offset, PDO::PARAM_INT); + $favget_stmt->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); + + foreach ($top_fav_accounts as $favUserId => $count) { + $favget_stmt->bindValue(':fav_account', $favUserId, PDO::PARAM_STR); + $favget_stmt->execute(); + $favget_messages = array_merge($favget_messages, $favget_stmt->fetchAll(PDO::FETCH_ASSOC)); + } + } else { + $favget_messages = []; + } + + // 基本的には人気・フォロー中・いいねする事が多いユーザーのユーズでTLを構成するけど全部出きったらLTLと同じにする + $messages = array_merge($pop_messages, $flw_messages, $favget_messages); + if (empty($messages)) { + $messages = $all_messages; + } elseif (count($messages) < 15) { + $messages = array_merge($messages, $all_messages); + } + $messages = array_slice(array_unique($messages, SORT_REGULAR), 0, 15); + shuffle($messages); + + // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える + $messages = getDatasUeuse($pdo, $messages); + //adsystem------------------ + + $message['ads'] = "false"; + + $today = date("Y-m-d H:i:s"); + + $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); + $adsQuery->bindValue(':today', $today); + $adsQuery->execute(); + $adsresult = $adsQuery->fetch(); + if(!(empty($adsresult))){ + $message['ads'] = "true"; + $message['ads_url'] = $adsresult["url"]; + $message['ads_img_url'] = $adsresult["image_url"]; + $message['ads_memo'] = $adsresult["memo"]; + } + //-------------------------- + + $ueuseItems = array(); + if(!empty($messages)){ + foreach ($messages as $value) { + $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); + if ($formatted !== null) { + $ueuseItems[] = $formatted; + } + } + + if($message['ads'] === "true"){ + $adsystem = array( + "type" => "Ads", + "url" => $message['ads_url'], + "imgurl" => $message['ads_img_url'], + "memo" => $message['ads_memo'], + ); + }else{ + $adsystem = null; + } + + $item = array( + "success" => true, + "ueuses" => $ueuseItems, + "ads" => $adsystem, + ); - $pdo = null; + echo json_encode($item, JSON_UNESCAPED_UNICODE); + }else{ + $item = array( + "success" => false, + "ueuses" => null, + "ads" => null, + "error" => "no_ueuse", + ); + echo json_encode($item, JSON_UNESCAPED_UNICODE); + } + + $pdo = null; + } + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } }else{ $item = array( diff --git a/nextpage/localtimeline.php b/nextpage/localtimeline.php index 7e17b9a..d9c8508 100644 --- a/nextpage/localtimeline.php +++ b/nextpage/localtimeline.php @@ -14,118 +14,121 @@ if (safetext(isset($_POST['page'])) && safetext(isset($_POST['userid'])) && safe if ($is_login === false) { echo json_encode(['success' => false, 'error' => 'bad_request']); exit; - } - - // データベースに接続 - try { - $option = array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::MYSQL_ATTR_MULTI_STATEMENTS => false - ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); - } catch (PDOException $e) { - // 接続エラーのときエラー内容を取得する - $error_message[] = $e->getMessage(); - } - - if (!empty($pdo)) { - $myUserData = getUserData($pdo, $userId); - $myblocklist = safetext($myUserData["blocklist"]); - $mybookmark = safetext($myUserData["bookmark"]); - - $itemsPerPage = 15; // 1ページあたりのユーズ数 - $pageNumber = $page; - if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ - $pageNumber = 1; - } - $offset = ($pageNumber - 1) * $itemsPerPage; - - $blocked_accounts = sqlBlockAccountList('account', $myblocklist); - - $messages = array(); - - $sql = "SELECT ueuse.* - FROM ueuse - LEFT JOIN account ON ueuse.account = account.userid - WHERE ueuse.rpuniqid = '' AND account.role != 'ice' {$blocked_accounts['sql']} - ORDER BY ueuse.datetime DESC - LIMIT :offset, :itemsPerPage"; - - $stmt = $pdo->prepare($sql); - - foreach ($blocked_accounts['params'] as $ph => $val) { - $stmt->bindValue($ph, $val, PDO::PARAM_STR); + }elseif(is_sameUserid($userId, $is_login["userid"]) === true){ + // データベースに接続 + try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); + } catch (PDOException $e) { + // 接続エラーのときエラー内容を取得する + $error_message[] = $e->getMessage(); } - $stmt->bindValue(':offset', $offset, PDO::PARAM_INT); - $stmt->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); - $stmt->execute(); - $message_array = $stmt; + if (!empty($pdo)) { + $myUserData = getUserData($pdo, $userId); + $myblocklist = safetext($myUserData["blocklist"]); + $mybookmark = safetext($myUserData["bookmark"]); - while ($row = $message_array->fetch(PDO::FETCH_ASSOC)) { - $messages[] = $row; - } + $itemsPerPage = 15; // 1ページあたりのユーズ数 + $pageNumber = $page; + if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ + $pageNumber = 1; + } + $offset = ($pageNumber - 1) * $itemsPerPage; - // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える + $blocked_accounts = sqlBlockAccountList('account', $myblocklist); - $messages = getDatasUeuse($pdo, $messages); + $messages = array(); + + $sql = "SELECT ueuse.* + FROM ueuse + LEFT JOIN account ON ueuse.account = account.userid + WHERE ueuse.rpuniqid = '' AND account.role != 'ice' {$blocked_accounts['sql']} + ORDER BY ueuse.datetime DESC + LIMIT :offset, :itemsPerPage"; - //adsystem------------------ + $stmt = $pdo->prepare($sql); + + foreach ($blocked_accounts['params'] as $ph => $val) { + $stmt->bindValue($ph, $val, PDO::PARAM_STR); + } - $message['ads'] = "false"; + $stmt->bindValue(':offset', $offset, PDO::PARAM_INT); + $stmt->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); + $stmt->execute(); + $message_array = $stmt; - $today = date("Y-m-d H:i:s"); + while ($row = $message_array->fetch(PDO::FETCH_ASSOC)) { + $messages[] = $row; + } - $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); - $adsQuery->bindValue(':today', $today); - $adsQuery->execute(); - $adsresult = $adsQuery->fetch(); - if(!(empty($adsresult))){ - $message['ads'] = "true"; - $message['ads_url'] = $adsresult["url"]; - $message['ads_img_url'] = $adsresult["image_url"]; - $message['ads_memo'] = $adsresult["memo"]; - } - //-------------------------- + // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える - $ueuseItems = array(); - if(!empty($messages)){ - foreach ($messages as $value) { - $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); - if ($formatted !== null) { - $ueuseItems[] = $formatted; + $messages = getDatasUeuse($pdo, $messages); + + //adsystem------------------ + + $message['ads'] = "false"; + + $today = date("Y-m-d H:i:s"); + + $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); + $adsQuery->bindValue(':today', $today); + $adsQuery->execute(); + $adsresult = $adsQuery->fetch(); + if(!(empty($adsresult))){ + $message['ads'] = "true"; + $message['ads_url'] = $adsresult["url"]; + $message['ads_img_url'] = $adsresult["image_url"]; + $message['ads_memo'] = $adsresult["memo"]; + } + //-------------------------- + + $ueuseItems = array(); + if(!empty($messages)){ + foreach ($messages as $value) { + $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); + if ($formatted !== null) { + $ueuseItems[] = $formatted; + } } - } - if($message['ads'] === "true"){ - $adsystem = array( - "type" => "Ads", - "url" => $message['ads_url'], - "imgurl" => $message['ads_img_url'], - "memo" => $message['ads_memo'], + if($message['ads'] === "true"){ + $adsystem = array( + "type" => "Ads", + "url" => $message['ads_url'], + "imgurl" => $message['ads_img_url'], + "memo" => $message['ads_memo'], + ); + }else{ + $adsystem = null; + } + + $item = array( + "success" => true, + "ueuses" => $ueuseItems, + "ads" => $adsystem, ); - }else{ - $adsystem = null; - } - - $item = array( - "success" => true, - "ueuses" => $ueuseItems, - "ads" => $adsystem, - ); - - echo json_encode($item, JSON_UNESCAPED_UNICODE); - }else{ - $item = array( - "success" => false, - "ueuses" => null, - "ads" => null, - "error" => "no_ueuse", - ); - echo json_encode($item, JSON_UNESCAPED_UNICODE); - } - $pdo = null; + echo json_encode($item, JSON_UNESCAPED_UNICODE); + }else{ + $item = array( + "success" => false, + "ueuses" => null, + "ads" => null, + "error" => "no_ueuse", + ); + echo json_encode($item, JSON_UNESCAPED_UNICODE); + } + + $pdo = null; + } + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } }else{ $item = array( diff --git a/nextpage/notification.php b/nextpage/notification.php index 3fca8c7..6af0ca0 100644 --- a/nextpage/notification.php +++ b/nextpage/notification.php @@ -29,115 +29,118 @@ if (safetext(isset($_POST['page'])) && safetext(isset($_POST['userid'])) && safe if ($is_login === false) { echo json_encode(['success' => false, 'error' => 'bad_request']); exit; - } + }elseif(is_sameUserid($userid, $is_login["userid"]) === true){ + $myblocklist = getUserData($pdo, $userid)["blocklist"]; - $myblocklist = getUserData($pdo, $userid)["blocklist"]; + $itemsPerPage = 15; // 1ページあたりの投稿数 + $pageNumber = safetext(isset($_POST['page'])) ? safetext(intval($_POST['page'])) : 1; + if ($pageNumber <= 0 || (!(is_numeric($pageNumber)))) { + $pageNumber = 1; + } + $offset = ($pageNumber - 1) * $itemsPerPage; - $itemsPerPage = 15; // 1ページあたりの投稿数 - $pageNumber = safetext(isset($_POST['page'])) ? safetext(intval($_POST['page'])) : 1; - if ($pageNumber <= 0 || (!(is_numeric($pageNumber)))) { - $pageNumber = 1; - } - $offset = ($pageNumber - 1) * $itemsPerPage; + $messages = array(); - $messages = array(); + if (!empty($pdo)) { + $messageQuery = $pdo->prepare("SELECT fromuserid,title,msg,url,datetime,userchk FROM notification WHERE touserid = :userid ORDER BY datetime DESC LIMIT :offset, :itemsPerPage"); + $messageQuery->bindValue(':userid', $userid, PDO::PARAM_STR); + $messageQuery->bindValue(':offset', $offset, PDO::PARAM_INT); + $messageQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); + $messageQuery->execute(); + $message_array = $messageQuery->fetchAll(); - if (!empty($pdo)) { - $messageQuery = $pdo->prepare("SELECT fromuserid,title,msg,url,datetime,userchk FROM notification WHERE touserid = :userid ORDER BY datetime DESC LIMIT :offset, :itemsPerPage"); - $messageQuery->bindValue(':userid', $userid, PDO::PARAM_STR); - $messageQuery->bindValue(':offset', $offset, PDO::PARAM_INT); - $messageQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); - $messageQuery->execute(); - $message_array = $messageQuery->fetchAll(); + // トランザクション開始 + $pdo->beginTransaction(); - // トランザクション開始 - $pdo->beginTransaction(); + // SQL作成 + $stmt = $pdo->prepare("UPDATE notification SET userchk = 'done' WHERE touserid = :userid;"); - // SQL作成 - $stmt = $pdo->prepare("UPDATE notification SET userchk = 'done' WHERE touserid = :userid;"); + $stmt->bindValue(':userid', $userid, PDO::PARAM_STR); - $stmt->bindValue(':userid', $userid, PDO::PARAM_STR); + $res = $stmt->execute(); + $res = $pdo->commit(); - $res = $stmt->execute(); - $res = $pdo->commit(); - - if (!empty($message_array)) { - foreach ($message_array as $value) { - $value["servericon"] = safetext($serversettings["serverinfo"]["server_icon"]); - if (!(empty($value['fromuserid']))) { - if (!($value['fromuserid'] == "uwuzu-fromsys")) { - $userQuery = $pdo->prepare("SELECT username,iconname FROM account WHERE userid = :userid"); - $userQuery->bindValue(':userid', $value['fromuserid']); - $userQuery->execute(); - $user_array = $userQuery->fetch(); - if (!(empty($user_array))) { - $value['fromusericon'] = filter_var($user_array["iconname"], FILTER_VALIDATE_URL) ? $user_array["iconname"] : "../" . $user_array["iconname"]; - $value['fromusername'] = $user_array["username"]; - } else { - $value['fromusericon'] = "../img/deficon/icon.png"; - $value['fromusername'] = "でふぉると"; - } - }else{ - if(!empty($value["servericon"])){ - $value['fromusericon'] = safetext($value["servericon"]); - $value['fromusername'] = "uwuzu"; + if (!empty($message_array)) { + foreach ($message_array as $value) { + $value["servericon"] = safetext($serversettings["serverinfo"]["server_icon"]); + if (!(empty($value['fromuserid']))) { + if (!($value['fromuserid'] == "uwuzu-fromsys")) { + $userQuery = $pdo->prepare("SELECT username,iconname FROM account WHERE userid = :userid"); + $userQuery->bindValue(':userid', $value['fromuserid']); + $userQuery->execute(); + $user_array = $userQuery->fetch(); + if (!(empty($user_array))) { + $value['fromusericon'] = filter_var($user_array["iconname"], FILTER_VALIDATE_URL) ? $user_array["iconname"] : "../" . $user_array["iconname"]; + $value['fromusername'] = $user_array["username"]; + } else { + $value['fromusericon'] = "../img/deficon/icon.png"; + $value['fromusername'] = "でふぉると"; + } }else{ - $value['fromusericon'] = "../img/uwuzuicon.png"; - $value['fromusername'] = "uwuzu"; + if(!empty($value["servericon"])){ + $value['fromusericon'] = safetext($value["servericon"]); + $value['fromusername'] = "uwuzu"; + }else{ + $value['fromusericon'] = "../img/uwuzuicon.png"; + $value['fromusername'] = "uwuzu"; + } } } + + if($value["userchk"] === "done"){ + $value["userchk"] = true; + }else{ + $value["userchk"] = false; + } + + $formatted = [ + "type" => "notification", + "datetime" => $value["datetime"], + "userid" => $value["fromuserid"], + "userdata" => [ + "userid" => $value["fromuserid"], + "username" => $value["fromusername"], + "iconurl" => $value['fromusericon'], + ], + "message" => $value["msg"], + "url" => $value["url"], + "title" => $value["title"], + "is_read" => $value["userchk"], + ]; + + if ($formatted !== null) { + $notificationItems[] = $formatted; + } } - if($value["userchk"] === "done"){ - $value["userchk"] = true; - }else{ - $value["userchk"] = false; - } + $item = array( + "success" => true, + "notifications" => $notificationItems + ); - $formatted = [ - "type" => "notification", - "datetime" => $value["datetime"], - "userid" => $value["fromuserid"], - "userdata" => [ - "userid" => $value["fromuserid"], - "username" => $value["fromusername"], - "iconurl" => $value['fromusericon'], - ], - "message" => $value["msg"], - "url" => $value["url"], - "title" => $value["title"], - "is_read" => $value["userchk"], - ]; - - if ($formatted !== null) { - $notificationItems[] = $formatted; - } + echo json_encode($item, JSON_UNESCAPED_UNICODE); + } else { + $item = array( + "success" => false, + "notifications" => null, + "error" => "no_notification", + ); + echo json_encode($item, JSON_UNESCAPED_UNICODE); } - $item = array( - "success" => true, - "notifications" => $notificationItems - ); - echo json_encode($item, JSON_UNESCAPED_UNICODE); + $pdo = null; } else { $item = array( "success" => false, "notifications" => null, - "error" => "no_notification", + "error" => "bad_request", ); echo json_encode($item, JSON_UNESCAPED_UNICODE); } - - - $pdo = null; - } else { - $item = array( - "success" => false, - "notifications" => null, - "error" => "bad_request", - ); - echo json_encode($item, JSON_UNESCAPED_UNICODE); + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } } else { $item = array( diff --git a/nextpage/searchtimeline.php b/nextpage/searchtimeline.php index ca30f9e..24b04bd 100644 --- a/nextpage/searchtimeline.php +++ b/nextpage/searchtimeline.php @@ -15,156 +15,174 @@ if (safetext(isset($_POST['page'])) && safetext(isset($_POST['userid'])) && safe if ($is_login === false) { echo json_encode(['success' => false, 'error' => 'bad_request']); exit; - } - - // データベースに接続 - try { - $option = array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::MYSQL_ATTR_MULTI_STATEMENTS => false - ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); - } catch (PDOException $e) { - // 接続エラーのときエラー内容を取得する - $error_message[] = $e->getMessage(); - } - - if (!empty($pdo)) { - $myUserData = getUserData($pdo, $userId); - $myblocklist = safetext($myUserData["blocklist"]); - $mybookmark = safetext($myUserData["bookmark"]); - - $itemsPerPage = 15; // 1ページあたりのユーズ数 - $pageNumber = $page; - if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ - $pageNumber = 1; + }elseif(is_sameUserid($userId, $is_login["userid"]) === true){ + // データベースに接続 + try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); + } catch (PDOException $e) { + // 接続エラーのときエラー内容を取得する + $error_message[] = $e->getMessage(); } - $offset = ($pageNumber - 1) * $itemsPerPage; - $messages = array(); - - if (!empty($keyword)) { - $aduserinfoQuery = $pdo->prepare("SELECT username,userid,loginid,admin,role,sacinfo,blocklist,bookmark FROM account WHERE userid = :userid"); - $aduserinfoQuery->bindValue(':userid', safetext($userId)); - $aduserinfoQuery->execute(); - $res = $aduserinfoQuery->fetch(); - $myblocklist = safetext($res["blocklist"]); - $mybookmark = safetext($res["bookmark"]); + if (!empty($pdo)) { + $myUserData = getUserData($pdo, $userId); + $myblocklist = safetext($myUserData["blocklist"]); + $mybookmark = safetext($myUserData["bookmark"]); - $keywordPattern = '/from:@(\w+)\s+(.+)/'; - if (preg_match($keywordPattern, $keyword, $matches)) { - $username = $matches[1]; - $searchKeyword = $matches[2]; - - $messageQuery = $pdo->prepare("SELECT * FROM ueuse WHERE account = :username AND (ueuse LIKE :searchKeyword OR abi LIKE :searchKeyword) ORDER BY datetime DESC LIMIT :offset, :itemsPerPage"); - $messageQuery->bindValue(':username', $username, PDO::PARAM_STR); - $messageQuery->bindValue(':searchKeyword', '%' . $searchKeyword . '%', PDO::PARAM_STR); - $messageQuery->bindValue(':offset', $offset, PDO::PARAM_INT); - $messageQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); - $messageQuery->execute(); - $message_array = $messageQuery->fetchAll(); - } else { - $messageQuery = $pdo->prepare("SELECT * FROM ueuse WHERE ueuse LIKE :keyword OR abi LIKE :keyword ORDER BY datetime DESC LIMIT :offset, :itemsPerPage"); - $messageQuery->bindValue(':keyword', '%' . $keyword . '%', PDO::PARAM_STR); - $messageQuery->bindValue(':offset', $offset, PDO::PARAM_INT); - $messageQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); - $messageQuery->execute(); - $message_array = $messageQuery->fetchAll(); + $itemsPerPage = 15; // 1ページあたりのユーズ数 + $pageNumber = $page; + if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ + $pageNumber = 1; } + $offset = ($pageNumber - 1) * $itemsPerPage; - $user_keyword = str_replace('@', '', $keyword); - $usersQuery = $pdo->prepare("SELECT * FROM account WHERE username LIKE :keyword OR userid LIKE :keyword OR profile LIKE :keyword ORDER BY datetime DESC LIMIT :offset, :itemsPerPage"); - $usersQuery->bindValue(':offset', $offset, PDO::PARAM_INT); - $usersQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); - $usersQuery->bindValue(':keyword', '%' . $user_keyword . '%', PDO::PARAM_STR); - $usersQuery->execute(); - $users_array = $usersQuery->fetchAll(); - - $users = array(); - foreach ($users_array as $row) { - $users[] = $row; - } - $messages = array(); - foreach ($message_array as $row) { - $messages[] = $row; - } + + if (!empty($keyword)) { + $aduserinfoQuery = $pdo->prepare("SELECT username,userid,loginid,admin,role,sacinfo,blocklist,bookmark FROM account WHERE userid = :userid"); + $aduserinfoQuery->bindValue(':userid', safetext($userId)); + $aduserinfoQuery->execute(); + $res = $aduserinfoQuery->fetch(); + $myblocklist = safetext($res["blocklist"]); + $mybookmark = safetext($res["bookmark"]); - // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える - $messages = getDatasUeuse($pdo, $messages); - //adsystem------------------ + $keywordPattern = '/from:@(\w+)\s+(.+)/'; + if (preg_match($keywordPattern, $keyword, $matches)) { + $username = $matches[1]; + $searchKeyword = $matches[2]; - $message['ads'] = "false"; - - $today = date("Y-m-d H:i:s"); - - $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); - $adsQuery->bindValue(':today', $today); - $adsQuery->execute(); - $adsresult = $adsQuery->fetch(); - if(!(empty($adsresult))){ - $message['ads'] = "true"; - $message['ads_url'] = $adsresult["url"]; - $message['ads_img_url'] = $adsresult["image_url"]; - $message['ads_memo'] = $adsresult["memo"]; - } - //-------------------------- - $ueuseItems = array(); - if(!empty($messages)){ - foreach ($messages as $value) { - $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); - if ($formatted !== null) { - $ueuseItems[] = $formatted; - } + $messageQuery = $pdo->prepare("SELECT * FROM ueuse WHERE account = :username AND (ueuse LIKE :searchKeyword OR abi LIKE :searchKeyword) ORDER BY datetime DESC LIMIT :offset, :itemsPerPage"); + $messageQuery->bindValue(':username', $username, PDO::PARAM_STR); + $messageQuery->bindValue(':searchKeyword', '%' . $searchKeyword . '%', PDO::PARAM_STR); + $messageQuery->bindValue(':offset', $offset, PDO::PARAM_INT); + $messageQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); + $messageQuery->execute(); + $message_array = $messageQuery->fetchAll(); + } else { + $messageQuery = $pdo->prepare("SELECT * FROM ueuse WHERE ueuse LIKE :keyword OR abi LIKE :keyword ORDER BY datetime DESC LIMIT :offset, :itemsPerPage"); + $messageQuery->bindValue(':keyword', '%' . $keyword . '%', PDO::PARAM_STR); + $messageQuery->bindValue(':offset', $offset, PDO::PARAM_INT); + $messageQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); + $messageQuery->execute(); + $message_array = $messageQuery->fetchAll(); } - if($message['ads'] === "true"){ - $adsystem = array( - "type" => "Ads", - "url" => $message['ads_url'], - "imgurl" => $message['ads_img_url'], - "memo" => $message['ads_memo'], - ); + $user_keyword = str_replace('@', '', $keyword); + $usersQuery = $pdo->prepare("SELECT * FROM account WHERE username LIKE :keyword OR userid LIKE :keyword OR profile LIKE :keyword ORDER BY datetime DESC LIMIT :offset, :itemsPerPage"); + $usersQuery->bindValue(':offset', $offset, PDO::PARAM_INT); + $usersQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); + $usersQuery->bindValue(':keyword', '%' . $user_keyword . '%', PDO::PARAM_STR); + $usersQuery->execute(); + $users_array = $usersQuery->fetchAll(); + + $users = array(); + foreach ($users_array as $row) { + $users[] = $row; + } + + $messages = array(); + foreach ($message_array as $row) { + $messages[] = $row; + } + + // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える + $messages = getDatasUeuse($pdo, $messages); + //adsystem------------------ + + $message['ads'] = "false"; + + $today = date("Y-m-d H:i:s"); + + $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); + $adsQuery->bindValue(':today', $today); + $adsQuery->execute(); + $adsresult = $adsQuery->fetch(); + if(!(empty($adsresult))){ + $message['ads'] = "true"; + $message['ads_url'] = $adsresult["url"]; + $message['ads_img_url'] = $adsresult["image_url"]; + $message['ads_memo'] = $adsresult["memo"]; + } + //-------------------------- + $ueuseItems = array(); + if(!empty($messages)){ + foreach ($messages as $value) { + $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); + if ($formatted !== null) { + $ueuseItems[] = $formatted; + } + } + + if($message['ads'] === "true"){ + $adsystem = array( + "type" => "Ads", + "url" => $message['ads_url'], + "imgurl" => $message['ads_img_url'], + "memo" => $message['ads_memo'], + ); + }else{ + $adsystem = null; + } }else{ $adsystem = null; } - }else{ - $adsystem = null; - } - $userItems = array(); - if(!empty($users)){ - foreach ($users as $value) { - $followerCount = count(getFollowerList($pdo, $value["userid"])); - $followCount = count(getFolloweeList($pdo, $value["userid"])); + $userItems = array(); + if(!empty($users)){ + foreach ($users as $value) { + $followerCount = count(getFollowerList($pdo, $value["userid"])); + $followCount = count(getFolloweeList($pdo, $value["userid"])); - $user = array( - "type" => "User", - "userid" => $value["userid"], - "userdata" => array( + $user = array( + "type" => "User", "userid" => $value["userid"], - "username" => $value["username"], - "headurl" => filter_var($value['headname'], FILTER_VALIDATE_URL) - ? $value['headname'] - : "../" . $value['headname'], - "iconurl" => filter_var($value['iconname'], FILTER_VALIDATE_URL) - ? $value['iconname'] - : "../" . $value['iconname'], - "role" => $value["role"], - "sacinfo" => $value["sacinfo"], - "follower_cnt" => $followerCount, - "follow_cnt" => $followCount, - "datetime" => $value["datetime"], - "profile" => $value["profile"], - ), - ); + "userdata" => array( + "userid" => $value["userid"], + "username" => $value["username"], + "headurl" => filter_var($value['headname'], FILTER_VALIDATE_URL) + ? $value['headname'] + : "../" . $value['headname'], + "iconurl" => filter_var($value['iconname'], FILTER_VALIDATE_URL) + ? $value['iconname'] + : "../" . $value['iconname'], + "role" => $value["role"], + "sacinfo" => $value["sacinfo"], + "follower_cnt" => $followerCount, + "follow_cnt" => $followCount, + "datetime" => $value["datetime"], + "profile" => $value["profile"], + ), + ); - $userItems[] = $user; + $userItems[] = $user; + } } - } - $ueuses = array_merge($userItems, $ueuseItems); - if (empty($ueuses)) { + $ueuses = array_merge($userItems, $ueuseItems); + if (empty($ueuses)) { + $item = array( + "success" => false, + "ueuses" => null, + "ads" => null, + "error" => "no_ueuse", + ); + echo json_encode($item, JSON_UNESCAPED_UNICODE); + }else{ + $item = array( + "success" => true, + "ueuses" => $ueuses, + "ads" => $adsystem, + ); + + echo json_encode($item, JSON_UNESCAPED_UNICODE); + } + + $pdo = null; + }else{ $item = array( "success" => false, "ueuses" => null, @@ -172,26 +190,11 @@ if (safetext(isset($_POST['page'])) && safetext(isset($_POST['userid'])) && safe "error" => "no_ueuse", ); echo json_encode($item, JSON_UNESCAPED_UNICODE); - }else{ - $item = array( - "success" => true, - "ueuses" => $ueuses, - "ads" => $adsystem, - ); - - echo json_encode($item, JSON_UNESCAPED_UNICODE); } - - $pdo = null; - }else{ - $item = array( - "success" => false, - "ueuses" => null, - "ads" => null, - "error" => "no_ueuse", - ); - echo json_encode($item, JSON_UNESCAPED_UNICODE); } + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } }else{ $item = array( diff --git a/nextpage/ueusetimeline.php b/nextpage/ueusetimeline.php index 7b46d19..6a59873 100644 --- a/nextpage/ueusetimeline.php +++ b/nextpage/ueusetimeline.php @@ -15,134 +15,137 @@ if (safetext(isset($_POST['page'])) && safetext(isset($_POST['userid'])) && safe if ($is_login === false) { echo json_encode(['success' => false, 'error' => 'bad_request']); exit; - } - - if(empty($uniqid)){ - echo json_encode(['success' => false, 'error' => 'no_ueuse']); - exit; - } - - // データベースに接続 - try { - $option = array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::MYSQL_ATTR_MULTI_STATEMENTS => false - ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); - } catch (PDOException $e) { - // 接続エラーのときエラー内容を取得する - $error_message[] = $e->getMessage(); - } - - if (!empty($pdo)) { - $myUserData = getUserData($pdo, $userId); - $myblocklist = safetext($myUserData["blocklist"]); - $mybookmark = safetext($myUserData["bookmark"]); - - $itemsPerPage = 15; // 1ページあたりのユーズ数 - $pageNumber = $page; - if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ - $pageNumber = 1; + }elseif(is_sameUserid($userId, $is_login["userid"]) === true){ + if(empty($uniqid)){ + echo json_encode(['success' => false, 'error' => 'no_ueuse']); + exit; } - $offset = ($pageNumber - 1) * $itemsPerPage; - $messages = array(); - $blocked_accounts = sqlBlockAccountList('account', $myblocklist); - - $messageQuery = $pdo->prepare("SELECT * FROM ueuse WHERE (uniqid = :ueuseid OR rpuniqid = :rpueuseid) {$blocked_accounts['sql']} ORDER BY datetime ASC LIMIT :offset, :itemsPerPage"); - foreach ($blocked_accounts['params'] as $ph => $val) { - $messageQuery->bindValue($ph, $val, PDO::PARAM_STR); + // データベースに接続 + try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); + } catch (PDOException $e) { + // 接続エラーのときエラー内容を取得する + $error_message[] = $e->getMessage(); } - $messageQuery->bindValue(':ueuseid', $uniqid, PDO::PARAM_STR); - $messageQuery->bindValue(':rpueuseid', $uniqid, PDO::PARAM_STR); - $messageQuery->bindValue(':offset', $offset, PDO::PARAM_INT); - $messageQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); - $messageQuery->execute(); - $message_array = $messageQuery->fetchAll(); + + if (!empty($pdo)) { + $myUserData = getUserData($pdo, $userId); + $myblocklist = safetext($myUserData["blocklist"]); + $mybookmark = safetext($myUserData["bookmark"]); + + $itemsPerPage = 15; // 1ページあたりのユーズ数 + $pageNumber = $page; + if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ + $pageNumber = 1; + } + $offset = ($pageNumber - 1) * $itemsPerPage; + + $messages = array(); + $blocked_accounts = sqlBlockAccountList('account', $myblocklist); - $messages = array(); + $messageQuery = $pdo->prepare("SELECT * FROM ueuse WHERE (uniqid = :ueuseid OR rpuniqid = :rpueuseid) {$blocked_accounts['sql']} ORDER BY datetime ASC LIMIT :offset, :itemsPerPage"); + foreach ($blocked_accounts['params'] as $ph => $val) { + $messageQuery->bindValue($ph, $val, PDO::PARAM_STR); + } + $messageQuery->bindValue(':ueuseid', $uniqid, PDO::PARAM_STR); + $messageQuery->bindValue(':rpueuseid', $uniqid, PDO::PARAM_STR); + $messageQuery->bindValue(':offset', $offset, PDO::PARAM_INT); + $messageQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); + $messageQuery->execute(); + $message_array = $messageQuery->fetchAll(); + + $messages = array(); - foreach ($message_array as $row) { - if(!(empty($row["rpuniqid"]))){ - if(!($row["rpuniqid"] == $uniqid)){ - $up_messageQuery = $pdo->prepare("SELECT * FROM ueuse WHERE uniqid = :ueuseid {$blocked_accounts['sql']} ORDER BY datetime ASC LIMIT :offset, :itemsPerPage"); - foreach ($blocked_accounts['params'] as $ph => $val) { - $up_messageQuery->bindValue($ph, $val, PDO::PARAM_STR); - } - $up_messageQuery->bindValue(':ueuseid', $row["rpuniqid"]); - $up_messageQuery->bindValue(':offset', $offset, PDO::PARAM_INT); - $up_messageQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); - $up_messageQuery->execute(); - $up_messageData = $up_messageQuery->fetchAll(); - if(!(empty($up_messageData))){ - foreach ($up_messageData as $up_row) { - $up_row["up_uniqid"] = $up_row["uniqid"]; - $messages[] = $up_row; + foreach ($message_array as $row) { + if(!(empty($row["rpuniqid"]))){ + if(!($row["rpuniqid"] == $uniqid)){ + $up_messageQuery = $pdo->prepare("SELECT * FROM ueuse WHERE uniqid = :ueuseid {$blocked_accounts['sql']} ORDER BY datetime ASC LIMIT :offset, :itemsPerPage"); + foreach ($blocked_accounts['params'] as $ph => $val) { + $up_messageQuery->bindValue($ph, $val, PDO::PARAM_STR); + } + $up_messageQuery->bindValue(':ueuseid', $row["rpuniqid"]); + $up_messageQuery->bindValue(':offset', $offset, PDO::PARAM_INT); + $up_messageQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); + $up_messageQuery->execute(); + $up_messageData = $up_messageQuery->fetchAll(); + if(!(empty($up_messageData))){ + foreach ($up_messageData as $up_row) { + $up_row["up_uniqid"] = $up_row["uniqid"]; + $messages[] = $up_row; + } } } } + $messages[] = $row; } - $messages[] = $row; - } - // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える - $messages = getDatasUeuse($pdo, $messages); - //adsystem------------------ + // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える + $messages = getDatasUeuse($pdo, $messages); + //adsystem------------------ - $message['ads'] = "false"; + $message['ads'] = "false"; - $today = date("Y-m-d H:i:s"); + $today = date("Y-m-d H:i:s"); - $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); - $adsQuery->bindValue(':today', $today); - $adsQuery->execute(); - $adsresult = $adsQuery->fetch(); - if(!(empty($adsresult))){ - $message['ads'] = "true"; - $message['ads_url'] = $adsresult["url"]; - $message['ads_img_url'] = $adsresult["image_url"]; - $message['ads_memo'] = $adsresult["memo"]; - } - //-------------------------- + $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); + $adsQuery->bindValue(':today', $today); + $adsQuery->execute(); + $adsresult = $adsQuery->fetch(); + if(!(empty($adsresult))){ + $message['ads'] = "true"; + $message['ads_url'] = $adsresult["url"]; + $message['ads_img_url'] = $adsresult["image_url"]; + $message['ads_memo'] = $adsresult["memo"]; + } + //-------------------------- - $ueuseItems = array(); - if(!empty($messages)){ - foreach ($messages as $value) { - $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); - if ($formatted !== null) { - $ueuseItems[] = $formatted; + $ueuseItems = array(); + if(!empty($messages)){ + foreach ($messages as $value) { + $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); + if ($formatted !== null) { + $ueuseItems[] = $formatted; + } } - } - if($message['ads'] === "true"){ - $adsystem = array( - "type" => "Ads", - "url" => $message['ads_url'], - "imgurl" => $message['ads_img_url'], - "memo" => $message['ads_memo'], + if($message['ads'] === "true"){ + $adsystem = array( + "type" => "Ads", + "url" => $message['ads_url'], + "imgurl" => $message['ads_img_url'], + "memo" => $message['ads_memo'], + ); + }else{ + $adsystem = null; + } + + $item = array( + "success" => true, + "ueuses" => $ueuseItems, + "ads" => $adsystem, ); - }else{ - $adsystem = null; - } - - $item = array( - "success" => true, - "ueuses" => $ueuseItems, - "ads" => $adsystem, - ); - - echo json_encode($item, JSON_UNESCAPED_UNICODE); - }else{ - $item = array( - "success" => false, - "ueuses" => null, - "ads" => null, - "error" => "no_ueuse", - ); - echo json_encode($item, JSON_UNESCAPED_UNICODE); - } - $pdo = null; + echo json_encode($item, JSON_UNESCAPED_UNICODE); + }else{ + $item = array( + "success" => false, + "ueuses" => null, + "ads" => null, + "error" => "no_ueuse", + ); + echo json_encode($item, JSON_UNESCAPED_UNICODE); + } + + $pdo = null; + } + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } }else{ $item = array( diff --git a/nextpage/userliketimeline.php b/nextpage/userliketimeline.php index 041375b..9413650 100644 --- a/nextpage/userliketimeline.php +++ b/nextpage/userliketimeline.php @@ -48,119 +48,122 @@ if (safetext(isset($_POST['page'])) && safetext(isset($_POST['userid'])) && safe if ($is_login === false) { echo json_encode(['success' => false, 'error' => 'bad_request']); exit; - } - - // データベースに接続 - try { - $option = array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::MYSQL_ATTR_MULTI_STATEMENTS => false - ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); - } catch (PDOException $e) { - // 接続エラーのときエラー内容を取得する - $error_message[] = $e->getMessage(); - } - - if (!empty($pdo)) { - $myUserData = getUserData($pdo, $userId); - $myblocklist = safetext($myUserData["blocklist"]); - $mybookmark = safetext($myUserData["bookmark"]); - - $itemsPerPage = 15; // 1ページあたりのユーズ数 - $pageNumber = $page; - if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ - $pageNumber = 1; - } - $offset = ($pageNumber - 1) * $itemsPerPage; - - $messages = array(); - - $userQuery = $pdo->prepare("SELECT username, userid, profile, role, follower FROM account WHERE userid = :userid"); - $userQuery->bindValue(':userid', $uwuzuid); - $userQuery->execute(); - $userData = $userQuery->fetch(); - $message_array = []; - - $sql = "SELECT ueuse.* - FROM ueuse - LEFT JOIN account ON ueuse.account = account.userid - WHERE FIND_IN_SET(:userid, REPLACE(ueuse.favorite, ' ', '')) > 0 - AND account.role != 'ice' - ORDER BY ueuse.datetime DESC - LIMIT :offset, :itemsPerPage"; - - $stmt = $pdo->prepare($sql); - $stmt->bindValue(':userid', $uwuzuid, PDO::PARAM_STR); - $stmt->bindValue(':offset', $offset, PDO::PARAM_INT); - $stmt->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); - $stmt->execute(); - $results = $stmt->fetchAll(); - - // 結果を追加 - $message_array = array_merge($message_array, $results); - foreach ($message_array as $row) { - $messages[] = $row; + }elseif(is_sameUserid($userId, $is_login["userid"]) === true){ + // データベースに接続 + try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); + } catch (PDOException $e) { + // 接続エラーのときエラー内容を取得する + $error_message[] = $e->getMessage(); } - // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える - $messages = getDatasUeuse($pdo, $messages); - //adsystem------------------ + if (!empty($pdo)) { + $myUserData = getUserData($pdo, $userId); + $myblocklist = safetext($myUserData["blocklist"]); + $mybookmark = safetext($myUserData["bookmark"]); - $message['ads'] = "false"; + $itemsPerPage = 15; // 1ページあたりのユーズ数 + $pageNumber = $page; + if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ + $pageNumber = 1; + } + $offset = ($pageNumber - 1) * $itemsPerPage; - $today = date("Y-m-d H:i:s"); + $messages = array(); + + $userQuery = $pdo->prepare("SELECT username, userid, profile, role, follower FROM account WHERE userid = :userid"); + $userQuery->bindValue(':userid', $uwuzuid); + $userQuery->execute(); + $userData = $userQuery->fetch(); + $message_array = []; - $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); - $adsQuery->bindValue(':today', $today); - $adsQuery->execute(); - $adsresult = $adsQuery->fetch(); - if(!(empty($adsresult))){ - $message['ads'] = "true"; - $message['ads_url'] = $adsresult["url"]; - $message['ads_img_url'] = $adsresult["image_url"]; - $message['ads_memo'] = $adsresult["memo"]; - } - //-------------------------- + $sql = "SELECT ueuse.* + FROM ueuse + LEFT JOIN account ON ueuse.account = account.userid + WHERE FIND_IN_SET(:userid, REPLACE(ueuse.favorite, ' ', '')) > 0 + AND account.role != 'ice' + ORDER BY ueuse.datetime DESC + LIMIT :offset, :itemsPerPage"; - $ueuseItems = array(); - if(!empty($messages)){ - foreach ($messages as $value) { - $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); - if ($formatted !== null) { - $ueuseItems[] = $formatted; + $stmt = $pdo->prepare($sql); + $stmt->bindValue(':userid', $uwuzuid, PDO::PARAM_STR); + $stmt->bindValue(':offset', $offset, PDO::PARAM_INT); + $stmt->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); + $stmt->execute(); + $results = $stmt->fetchAll(); + + // 結果を追加 + $message_array = array_merge($message_array, $results); + foreach ($message_array as $row) { + $messages[] = $row; + } + + // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える + $messages = getDatasUeuse($pdo, $messages); + //adsystem------------------ + + $message['ads'] = "false"; + + $today = date("Y-m-d H:i:s"); + + $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); + $adsQuery->bindValue(':today', $today); + $adsQuery->execute(); + $adsresult = $adsQuery->fetch(); + if(!(empty($adsresult))){ + $message['ads'] = "true"; + $message['ads_url'] = $adsresult["url"]; + $message['ads_img_url'] = $adsresult["image_url"]; + $message['ads_memo'] = $adsresult["memo"]; + } + //-------------------------- + + $ueuseItems = array(); + if(!empty($messages)){ + foreach ($messages as $value) { + $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); + if ($formatted !== null) { + $ueuseItems[] = $formatted; + } } - } - if($message['ads'] === "true"){ - $adsystem = array( - "type" => "Ads", - "url" => $message['ads_url'], - "imgurl" => $message['ads_img_url'], - "memo" => $message['ads_memo'], + if($message['ads'] === "true"){ + $adsystem = array( + "type" => "Ads", + "url" => $message['ads_url'], + "imgurl" => $message['ads_img_url'], + "memo" => $message['ads_memo'], + ); + }else{ + $adsystem = null; + } + + $item = array( + "success" => true, + "ueuses" => $ueuseItems, + "ads" => $adsystem, ); - }else{ - $adsystem = null; - } - - $item = array( - "success" => true, - "ueuses" => $ueuseItems, - "ads" => $adsystem, - ); - - echo json_encode($item, JSON_UNESCAPED_UNICODE); - }else{ - $item = array( - "success" => false, - "ueuses" => null, - "ads" => null, - "error" => "no_ueuse", - ); - echo json_encode($item, JSON_UNESCAPED_UNICODE); - } - $pdo = null; + echo json_encode($item, JSON_UNESCAPED_UNICODE); + }else{ + $item = array( + "success" => false, + "ueuses" => null, + "ads" => null, + "error" => "no_ueuse", + ); + echo json_encode($item, JSON_UNESCAPED_UNICODE); + } + + $pdo = null; + } + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } }else{ $item = array( diff --git a/nextpage/usermediatimeline.php b/nextpage/usermediatimeline.php index c58714d..0e610e9 100644 --- a/nextpage/usermediatimeline.php +++ b/nextpage/usermediatimeline.php @@ -48,116 +48,119 @@ if (safetext(isset($_POST['page'])) && safetext(isset($_POST['userid'])) && safe if ($is_login === false) { echo json_encode(['success' => false, 'error' => 'bad_request']); exit; - } - - // データベースに接続 - try { - $option = array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::MYSQL_ATTR_MULTI_STATEMENTS => false - ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); - } catch (PDOException $e) { - // 接続エラーのときエラー内容を取得する - $error_message[] = $e->getMessage(); - } - - if (!empty($pdo)) { - $myUserData = getUserData($pdo, $userId); - $myblocklist = safetext($myUserData["blocklist"]); - $mybookmark = safetext($myUserData["bookmark"]); - - $itemsPerPage = 15; // 1ページあたりのユーズ数 - $pageNumber = $page; - if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ - $pageNumber = 1; - } - $offset = ($pageNumber - 1) * $itemsPerPage; - - $messages = array(); - - $userQuery = $pdo->prepare("SELECT username, userid, profile, role, follower FROM account WHERE userid = :userid"); - $userQuery->bindValue(':userid', $uwuzuid); - $userQuery->execute(); - $userData = $userQuery->fetch(); - - $messageQuery = $pdo->prepare("SELECT * FROM ueuse WHERE account = :userid AND rpuniqid = '' AND ( - (photo1 IS NOT NULL AND photo1 != '' AND photo1 != 'none') OR - (photo2 IS NOT NULL AND photo2 != '' AND photo2 != 'none') OR - (photo3 IS NOT NULL AND photo3 != '' AND photo3 != 'none') OR - (photo4 IS NOT NULL AND photo4 != '' AND photo4 != 'none') OR - (video1 IS NOT NULL AND video1 != '' AND video1 != 'none') - ) ORDER BY datetime DESC LIMIT :offset, :itemsPerPage"); - - $messageQuery->bindValue(':userid', $uwuzuid); - $messageQuery->bindValue(':offset', $offset, PDO::PARAM_INT); - $messageQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); - $messageQuery->execute(); - $message_array = $messageQuery->fetchAll(); - - $messages = array(); - foreach ($message_array as $row) { - $messages[] = $row; + }elseif(is_sameUserid($userId, $is_login["userid"]) === true){ + // データベースに接続 + try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); + } catch (PDOException $e) { + // 接続エラーのときエラー内容を取得する + $error_message[] = $e->getMessage(); } - // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える - $messages = getDatasUeuse($pdo, $messages); - //adsystem------------------ + if (!empty($pdo)) { + $myUserData = getUserData($pdo, $userId); + $myblocklist = safetext($myUserData["blocklist"]); + $mybookmark = safetext($myUserData["bookmark"]); - $message['ads'] = "false"; + $itemsPerPage = 15; // 1ページあたりのユーズ数 + $pageNumber = $page; + if($pageNumber <= 0 || (!(is_numeric($pageNumber)))){ + $pageNumber = 1; + } + $offset = ($pageNumber - 1) * $itemsPerPage; - $today = date("Y-m-d H:i:s"); + $messages = array(); + + $userQuery = $pdo->prepare("SELECT username, userid, profile, role, follower FROM account WHERE userid = :userid"); + $userQuery->bindValue(':userid', $uwuzuid); + $userQuery->execute(); + $userData = $userQuery->fetch(); + + $messageQuery = $pdo->prepare("SELECT * FROM ueuse WHERE account = :userid AND rpuniqid = '' AND ( + (photo1 IS NOT NULL AND photo1 != '' AND photo1 != 'none') OR + (photo2 IS NOT NULL AND photo2 != '' AND photo2 != 'none') OR + (photo3 IS NOT NULL AND photo3 != '' AND photo3 != 'none') OR + (photo4 IS NOT NULL AND photo4 != '' AND photo4 != 'none') OR + (video1 IS NOT NULL AND video1 != '' AND video1 != 'none') + ) ORDER BY datetime DESC LIMIT :offset, :itemsPerPage"); + + $messageQuery->bindValue(':userid', $uwuzuid); + $messageQuery->bindValue(':offset', $offset, PDO::PARAM_INT); + $messageQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); + $messageQuery->execute(); + $message_array = $messageQuery->fetchAll(); + + $messages = array(); + foreach ($message_array as $row) { + $messages[] = $row; + } - $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); - $adsQuery->bindValue(':today', $today); - $adsQuery->execute(); - $adsresult = $adsQuery->fetch(); - if(!(empty($adsresult))){ - $message['ads'] = "true"; - $message['ads_url'] = $adsresult["url"]; - $message['ads_img_url'] = $adsresult["image_url"]; - $message['ads_memo'] = $adsresult["memo"]; - } - //-------------------------- + // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える + $messages = getDatasUeuse($pdo, $messages); + //adsystem------------------ - $ueuseItems = array(); - if(!empty($messages)){ - foreach ($messages as $value) { - $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); - if ($formatted !== null) { - $ueuseItems[] = $formatted; + $message['ads'] = "false"; + + $today = date("Y-m-d H:i:s"); + + $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); + $adsQuery->bindValue(':today', $today); + $adsQuery->execute(); + $adsresult = $adsQuery->fetch(); + if(!(empty($adsresult))){ + $message['ads'] = "true"; + $message['ads_url'] = $adsresult["url"]; + $message['ads_img_url'] = $adsresult["image_url"]; + $message['ads_memo'] = $adsresult["memo"]; + } + //-------------------------- + + $ueuseItems = array(); + if(!empty($messages)){ + foreach ($messages as $value) { + $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); + if ($formatted !== null) { + $ueuseItems[] = $formatted; + } } - } - if($message['ads'] === "true"){ - $adsystem = array( - "type" => "Ads", - "url" => $message['ads_url'], - "imgurl" => $message['ads_img_url'], - "memo" => $message['ads_memo'], + if($message['ads'] === "true"){ + $adsystem = array( + "type" => "Ads", + "url" => $message['ads_url'], + "imgurl" => $message['ads_img_url'], + "memo" => $message['ads_memo'], + ); + }else{ + $adsystem = null; + } + + $item = array( + "success" => true, + "ueuses" => $ueuseItems, + "ads" => $adsystem, ); - }else{ - $adsystem = null; - } - - $item = array( - "success" => true, - "ueuses" => $ueuseItems, - "ads" => $adsystem, - ); - - echo json_encode($item, JSON_UNESCAPED_UNICODE); - }else{ - $item = array( - "success" => false, - "ueuses" => null, - "ads" => null, - "error" => "no_ueuse", - ); - echo json_encode($item, JSON_UNESCAPED_UNICODE); - } - $pdo = null; + echo json_encode($item, JSON_UNESCAPED_UNICODE); + }else{ + $item = array( + "success" => false, + "ueuses" => null, + "ads" => null, + "error" => "no_ueuse", + ); + echo json_encode($item, JSON_UNESCAPED_UNICODE); + } + + $pdo = null; + } + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } }else{ $item = array( diff --git a/nextpage/usertimeline.php b/nextpage/usertimeline.php index 6def194..929d118 100644 --- a/nextpage/usertimeline.php +++ b/nextpage/usertimeline.php @@ -41,208 +41,212 @@ if (safetext(isset($_POST['page'])) && safetext(isset($_POST['userid'])) && safe if ($is_login === false) { echo json_encode(['success' => false, 'error' => 'bad_request']); exit; - } - - // データベースに接続 - try { - $option = array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::MYSQL_ATTR_MULTI_STATEMENTS => false - ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); - } catch (PDOException $e) { - // 接続エラーのときエラー内容を取得する - $error_message[] = $e->getMessage(); - } - - if (!empty($pdo)) { - $myUserData = getUserData($pdo, $userId); - $myblocklist = safetext($myUserData["blocklist"]); - $mybookmark = safetext($myUserData["bookmark"]); - - $itemsPerPage = 15; // 1ページあたりのユーズ数 - $pageNumber = $page; - if ($pageNumber <= 0 || (!(is_numeric($pageNumber)))) { - $pageNumber = 1; + }elseif(is_sameUserid($userId, $is_login["userid"]) === true){ + // データベースに接続 + try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); + } catch (PDOException $e) { + // 接続エラーのときエラー内容を取得する + $error_message[] = $e->getMessage(); } - $offset = ($pageNumber - 1) * $itemsPerPage; - $messages = array(); + if (!empty($pdo)) { + $myUserData = getUserData($pdo, $userId); + $myblocklist = safetext($myUserData["blocklist"]); + $mybookmark = safetext($myUserData["bookmark"]); - if ($is_local === true) { - $userQuery = $pdo->prepare("SELECT username, userid, profile, role, follower FROM account WHERE userid = :userid"); - $userQuery->bindValue(':userid', $uwuzuid); - $userQuery->execute(); - $userData = $userQuery->fetch(); - - $messageQuery = $pdo->prepare("SELECT * FROM ueuse WHERE account = :userid AND rpuniqid = ''ORDER BY datetime DESC LIMIT :offset, :itemsPerPage"); - $messageQuery->bindValue(':userid', $uwuzuid); - $messageQuery->bindValue(':offset', $offset, PDO::PARAM_INT); - $messageQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); - $messageQuery->execute(); - $message_array = $messageQuery->fetchAll(); - - foreach ($message_array as $row) { - $messages[] = $row; + $itemsPerPage = 15; // 1ページあたりのユーズ数 + $pageNumber = $page; + if ($pageNumber <= 0 || (!(is_numeric($pageNumber)))) { + $pageNumber = 1; } + $offset = ($pageNumber - 1) * $itemsPerPage; - // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える - $messages = getDatasUeuse($pdo, $messages); - } elseif($userData != null) { - $activity_base = GetActivityPubJson($userData['outbox']); - $pageUrl = $activity_base['first'] ?? null; + $messages = array(); - $pageNumber = max(1, (int)$page); // 1ページ目以上に固定 - $currentPageData = null; + if ($is_local === true) { + $userQuery = $pdo->prepare("SELECT username, userid, profile, role, follower FROM account WHERE userid = :userid"); + $userQuery->bindValue(':userid', $uwuzuid); + $userQuery->execute(); + $userData = $userQuery->fetch(); - for ($i = 1; $i <= $pageNumber; $i++) { - if (!$pageUrl) break; + $messageQuery = $pdo->prepare("SELECT * FROM ueuse WHERE account = :userid AND rpuniqid = ''ORDER BY datetime DESC LIMIT :offset, :itemsPerPage"); + $messageQuery->bindValue(':userid', $uwuzuid); + $messageQuery->bindValue(':offset', $offset, PDO::PARAM_INT); + $messageQuery->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); + $messageQuery->execute(); + $message_array = $messageQuery->fetchAll(); - $currentPageData = GetActivityPubJson($pageUrl); - - // 目的のページに達していなければ next をたどる - if ($i < $pageNumber) { - $pageUrl = $currentPageData['next'] ?? null; - } - } - $orderedItems = $currentPageData['orderedItems'] ?? []; - - $createItems = array_filter($orderedItems, function ($item) { - return isset($item['type']) && $item['type'] === 'Create'; - }); - $createItems = array_values($createItems); - - foreach ($createItems as $item) { - // object がURLなら取得 - $object = $item['object'] ?? null; - if (is_string($object)) { - $object = GetActivityPubJson($object); + foreach ($message_array as $row) { + $messages[] = $row; } - // nullや不正なobjectはスキップ - if (!is_array($object)) continue; + // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える + $messages = getDatasUeuse($pdo, $messages); + } elseif($userData != null) { + $activity_base = GetActivityPubJson($userData['outbox']); + $pageUrl = $activity_base['first'] ?? null; - $contentHtml = $object['content'] ?? ''; - $withNewlines = preg_replace('//i', "\n", $contentHtml); - $plainContent = strip_tags($withNewlines); + $pageNumber = max(1, (int)$page); // 1ページ目以上に固定 + $currentPageData = null; - $photos = []; - $video = null; + for ($i = 1; $i <= $pageNumber; $i++) { + if (!$pageUrl) break; - if (!empty($object['attachment'])) { - $attachments = is_array($object['attachment']) ? $object['attachment'] : [$object['attachment']]; + $currentPageData = GetActivityPubJson($pageUrl); - foreach ($attachments as $att) { - if (!is_array($att)) continue; + // 目的のページに達していなければ next をたどる + if ($i < $pageNumber) { + $pageUrl = $currentPageData['next'] ?? null; + } + } + $orderedItems = $currentPageData['orderedItems'] ?? []; - $mediaType = $att['mediaType'] ?? ''; - $url = $att['url'] ?? ($att['href'] ?? null); + $createItems = array_filter($orderedItems, function ($item) { + return isset($item['type']) && $item['type'] === 'Create'; + }); + $createItems = array_values($createItems); - if (!$url) continue; + foreach ($createItems as $item) { + // object がURLなら取得 + $object = $item['object'] ?? null; + if (is_string($object)) { + $object = GetActivityPubJson($object); + } - // 画像(mediaTypeで判定) - if (str_starts_with($mediaType, 'image/')) { - if (count($photos) < 4) { - $photos[] = $url; + // nullや不正なobjectはスキップ + if (!is_array($object)) continue; + + $contentHtml = $object['content'] ?? ''; + $withNewlines = preg_replace('//i', "\n", $contentHtml); + $plainContent = strip_tags($withNewlines); + + $photos = []; + $video = null; + + if (!empty($object['attachment'])) { + $attachments = is_array($object['attachment']) ? $object['attachment'] : [$object['attachment']]; + + foreach ($attachments as $att) { + if (!is_array($att)) continue; + + $mediaType = $att['mediaType'] ?? ''; + $url = $att['url'] ?? ($att['href'] ?? null); + + if (!$url) continue; + + // 画像(mediaTypeで判定) + if (str_starts_with($mediaType, 'image/')) { + if (count($photos) < 4) { + $photos[] = $url; + } + } + + // 動画(mediaTypeで判定) + if (str_starts_with($mediaType, 'video/') && !$video) { + $video = $url; } } + } - // 動画(mediaTypeで判定) - if (str_starts_with($mediaType, 'video/') && !$video) { - $video = $url; - } + $messages[] = [ + "rpuniqid" => "", + "ruuniqid" => "", + "uniqid" => "", + "datetime" => date("Y-m-d H:i:s", strtotime($object["published"] ?? "now")), + "account" => $userData["userid"] . "@" . $activity_domain, + "username" => $userData["username"], + "iconname" => $userData["iconname"], + "headname" => $userData["headname"] ?? null, + "role" => $userData["role"] ?? "user", + "sacinfo" => "", + "ueuse" => $plainContent, + "photo1" => $photos[0] ?? null, + "photo2" => $photos[1] ?? null, + "photo3" => $photos[2] ?? null, + "photo4" => $photos[3] ?? null, + "video1" => $video, + "nsfw" => $object["sensitive"] ?? false, + "favorite" => "", + "favorite_count" => 0, + "reply_count" => 0, + "reuse_count" => 0, + "abi" => "", + "abidate" => null, + "activitypub" => true, + ]; + } + }else{ + $message = array(); + } + + + //adsystem------------------ + + $message['ads'] = "false"; + + $today = date("Y-m-d H:i:s"); + + $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); + $adsQuery->bindValue(':today', $today); + $adsQuery->execute(); + $adsresult = $adsQuery->fetch(); + if (!(empty($adsresult))) { + $message['ads'] = "true"; + $message['ads_url'] = $adsresult["url"]; + $message['ads_img_url'] = $adsresult["image_url"]; + $message['ads_memo'] = $adsresult["memo"]; + } + //-------------------------- + + $ueuseItems = array(); + if (!empty($messages)) { + foreach ($messages as $value) { + $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); + if ($formatted !== null) { + $ueuseItems[] = $formatted; } } - $messages[] = [ - "rpuniqid" => "", - "ruuniqid" => "", - "uniqid" => "", - "datetime" => date("Y-m-d H:i:s", strtotime($object["published"] ?? "now")), - "account" => $userData["userid"] . "@" . $activity_domain, - "username" => $userData["username"], - "iconname" => $userData["iconname"], - "headname" => $userData["headname"] ?? null, - "role" => $userData["role"] ?? "user", - "sacinfo" => "", - "ueuse" => $plainContent, - "photo1" => $photos[0] ?? null, - "photo2" => $photos[1] ?? null, - "photo3" => $photos[2] ?? null, - "photo4" => $photos[3] ?? null, - "video1" => $video, - "nsfw" => $object["sensitive"] ?? false, - "favorite" => "", - "favorite_count" => 0, - "reply_count" => 0, - "reuse_count" => 0, - "abi" => "", - "abidate" => null, - "activitypub" => true, - ]; - } - }else{ - $message = array(); - } - - - //adsystem------------------ - - $message['ads'] = "false"; - - $today = date("Y-m-d H:i:s"); - - $adsQuery = $pdo->prepare("SELECT * FROM ads WHERE start_date < :today AND limit_date > :today ORDER BY rand()"); - $adsQuery->bindValue(':today', $today); - $adsQuery->execute(); - $adsresult = $adsQuery->fetch(); - if (!(empty($adsresult))) { - $message['ads'] = "true"; - $message['ads_url'] = $adsresult["url"]; - $message['ads_img_url'] = $adsresult["image_url"]; - $message['ads_memo'] = $adsresult["memo"]; - } - //-------------------------- - - $ueuseItems = array(); - if (!empty($messages)) { - foreach ($messages as $value) { - $formatted = FormatUeuseItem($value, $myblocklist, $mybookmark, $pdo, $userId); - if ($formatted !== null) { - $ueuseItems[] = $formatted; + if ($message['ads'] === "true") { + $adsystem = array( + "type" => "Ads", + "url" => $message['ads_url'], + "imgurl" => $message['ads_img_url'], + "memo" => $message['ads_memo'], + ); + } else { + $adsystem = null; } - } - if ($message['ads'] === "true") { - $adsystem = array( - "type" => "Ads", - "url" => $message['ads_url'], - "imgurl" => $message['ads_img_url'], - "memo" => $message['ads_memo'], + $item = array( + "success" => true, + "ueuses" => $ueuseItems, + "ads" => $adsystem, ); + + echo json_encode($item, JSON_UNESCAPED_UNICODE); } else { - $adsystem = null; + $item = array( + "success" => false, + "ueuses" => null, + "ads" => null, + "error" => "no_ueuse", + ); + echo json_encode($item, JSON_UNESCAPED_UNICODE); } - $item = array( - "success" => true, - "ueuses" => $ueuseItems, - "ads" => $adsystem, - ); - - echo json_encode($item, JSON_UNESCAPED_UNICODE); - } else { - $item = array( - "success" => false, - "ueuses" => null, - "ads" => null, - "error" => "no_ueuse", - ); - echo json_encode($item, JSON_UNESCAPED_UNICODE); + $pdo = null; } - - $pdo = null; + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } + } else { $item = array( "success" => false, diff --git a/server/uwuzuabout.txt b/server/uwuzuabout.txt index 5cda558..c1969de 100644 --- a/server/uwuzuabout.txt +++ b/server/uwuzuabout.txt @@ -2,7 +2,8 @@ 使っている方ならわかると思いますが普通のSNSです! これと言った大きな特徴もなく、平凡で、なんとも言えないSNSです… あっ!特徴かもしれないのが誰でもサーバーを建てられることです!!! -詳細はdocs.uwuzu.xyzを確認してください! +SNSを作れるソフトウェアみたいな...? +よければ詳細はdocs.uwuzu.comを確認してください! ### 1.1 uwuzuのよみは? uwuzuの読みはゆずです。 @@ -28,7 +29,7 @@ uwuzuはPHPとJS、HTML(プログラミング言語じゃないか)、CSSで作 使用している画像は友人またはGoogle Icons様より使わせて頂いております! ## 5. サーバーの建て方 -docs.uwuzu.xyzをご確認いただくかgithubのreadme.mdをよんでください! +docs.uwuzu.comをご確認いただくかgithubのreadme.mdをよんでください! ## 6. Android、iOS、その他OS向けのアプリについて 残念ですが今現在は公式アプリ等はなく、Webブラウザからお楽しみいただけます。 @@ -98,4 +99,4 @@ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ## 更新情報 編集者 : daichimarukana -最終更新日 : 2025/08/05 0:45 \ No newline at end of file +最終更新日 : 2026/04/05 16:32 \ No newline at end of file diff --git a/server/uwuzuinfo.txt b/server/uwuzuinfo.txt index f24546d..6496d61 100644 --- a/server/uwuzuinfo.txt +++ b/server/uwuzuinfo.txt @@ -1,4 +1,4 @@ uwuzu -1.6.11 -2026/01/05 +1.6.12 +2026/04/22 daichimarukana,putonfps \ No newline at end of file diff --git a/server/uwuzurelease.txt b/server/uwuzurelease.txt index e191f1a..e1930fc 100644 --- a/server/uwuzurelease.txt +++ b/server/uwuzurelease.txt @@ -1,6 +1,17 @@ ## リリースノートだぜぇぇぇぇぇぇい!!!!!!! ここにはuwuzuの更新情報を載せてくぜぇ~!(いやまてテンションおかしいだろ...) +## Version 1.6.12 (Hapuego) +2026/01/05 +fix: 設定画面でヘッダーの更新時にアイコンに関するエラーが発生してしまう可能性のある問題を修正しました! +fix: 設定変更APIでアイコン・ヘッダーの更新失敗時にエラーが正常に返されない恐れのある問題を修正しました! +fix: APIを通じて画像を投稿できない恐れのある問題を修正しました! +fix: レンタルサーバーなどの環境で正常にサーバーの残り空き容量などが取得できず、エラーが起きてしまう恐れのある問題を修正しました! +fix: ユーズに含まれているURLに「_」(アンダーバー)が含まれていた際に「_」が一件のみでも斜体判定となってしまいURLが正しく変換されない問題を修正しました! +fix: 重大な脆弱性を修正しました。 +new: Markdownを強化し、小さく表示「-# [ここにテキスト]」を実装しました! +new: Soundcloud埋め込みに対応しました! + ## Version 1.6.11 (Hapuego) 2026/01/05 fix: 背景透過画像が投稿できない問題を修正しました! diff --git a/settings_admin/api/code_delete.php b/settings_admin/api/code_delete.php index 0842f71..e013b33 100644 --- a/settings_admin/api/code_delete.php +++ b/settings_admin/api/code_delete.php @@ -16,45 +16,48 @@ if (safetext(isset($_POST['code'])) && safetext(isset($_POST['userid'])) && safe if ($is_login === false) { echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; - } + }elseif(is_sameUserid($postUserid, $is_login["userid"]) === true){ + try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); + } catch (PDOException $e) { + // 接続エラーのときエラー内容を取得する + $error_message[] = $e->getMessage(); + } - try { - $option = array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::MYSQL_ATTR_MULTI_STATEMENTS => false - ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); - } catch (PDOException $e) { - // 接続エラーのときエラー内容を取得する - $error_message[] = $e->getMessage(); - } + $query = $pdo->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); - $query = $pdo->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); + $query->execute(array(':userid' => $postUserid)); - $query->execute(array(':userid' => $postUserid)); + $result2 = $query->fetch(); - $result2 = $query->fetch(); + if($result2["loginid"] === $loginid){ + if($result2["admin"] === "yes"){ + try { + // 削除クエリを実行 + $deleteQuery = $pdo->prepare("DELETE FROM invitation WHERE code = :code"); + $deleteQuery->bindValue(':code', $postCode, PDO::PARAM_STR); + $res = $deleteQuery->execute(); - if($result2["loginid"] === $loginid){ - if($result2["admin"] === "yes"){ - try { - // 削除クエリを実行 - $deleteQuery = $pdo->prepare("DELETE FROM invitation WHERE code = :code"); - $deleteQuery->bindValue(':code', $postCode, PDO::PARAM_STR); - $res = $deleteQuery->execute(); - - if ($res) { - echo json_encode(['success' => true]); - exit; - } else { - echo json_encode(['success' => false, 'error' => '削除に失敗しました。']); + if ($res) { + echo json_encode(['success' => true]); + exit; + } else { + echo json_encode(['success' => false, 'error' => '削除に失敗しました。']); + exit; + } + } catch(PDOException $e) { + echo json_encode(['success' => false, 'error' => 'データベースエラー:' . $e->getMessage()]); exit; } - } catch(PDOException $e) { - echo json_encode(['success' => false, 'error' => 'データベースエラー:' . $e->getMessage()]); - exit; } } + }else{ + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } }else{ echo json_encode(['success' => false, 'error' => '削除に失敗しました。(sess_err)']); diff --git a/settings_admin/api/update_query.php b/settings_admin/api/update_query.php index f0180ae..5eb35de 100644 --- a/settings_admin/api/update_query.php +++ b/settings_admin/api/update_query.php @@ -16,77 +16,80 @@ if (isset($_FILES['update_zip']) && isset($_POST['userid']) && isset($_POST['acc if ($is_login === false) { echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); exit; - } + }elseif(is_sameUserid($postUserid, $is_login["userid"]) === true){ + try { + $option = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::MYSQL_ATTR_MULTI_STATEMENTS => false + ); + $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); + } catch (PDOException $e) { + $error_message[] = $e->getMessage(); + } - try { - $option = array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::MYSQL_ATTR_MULTI_STATEMENTS => false - ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option); - } catch (PDOException $e) { - $error_message[] = $e->getMessage(); - } + if(empty($error_message)){ + $query = $pdo->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); + $query->execute(array(':userid' => $postUserid)); + $result2 = $query->fetch(); - if(empty($error_message)){ - $query = $pdo->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); - $query->execute(array(':userid' => $postUserid)); - $result2 = $query->fetch(); + if($result2["loginid"] === $loginid){ + if($result2["admin"] === "yes"){ - if($result2["loginid"] === $loginid){ - if($result2["admin"] === "yes"){ + $uploadDir = sys_get_temp_dir(); + $uploadFile = $uploadDir . '/' . basename($_FILES['update_zip']['name']); - $uploadDir = sys_get_temp_dir(); - $uploadFile = $uploadDir . '/' . basename($_FILES['update_zip']['name']); + if (move_uploaded_file($_FILES['update_zip']['tmp_name'], $uploadFile)) { + $extractPath = $uploadDir . '/uwuzu_update_' . createUniqId(); - if (move_uploaded_file($_FILES['update_zip']['tmp_name'], $uploadFile)) { - $extractPath = $uploadDir . '/uwuzu_update_' . createUniqId(); + $zip = new ZipArchive; + if ($zip->open($uploadFile) == true) { + $zip->extractTo($extractPath); + $zip->close(); - $zip = new ZipArchive; - if ($zip->open($uploadFile) == true) { - $zip->extractTo($extractPath); - $zip->close(); - - // JSONファイルを読み込む - $jsonFile = $extractPath . '/update.json'; - if (file_exists($jsonFile)) { - $jsonData = json_decode(file_get_contents($jsonFile), true); - if (json_last_error() === JSON_ERROR_NONE) { - $response = [ - 'success' => true, - 'software_name' => safetext($jsonData['software']) ?? '名前がありません', - 'version' => safetext($jsonData['version']) ?? 'バージョン情報がありません', - 'release_notes' => safetext($jsonData['release_notes']) ?? 'リリースノートが見つかりません。', - 'notices' => safetext($jsonData['notices']) ?? '注意事項が見つかりません。', - 'file_path' => safetext($extractPath) - ]; - echo json_encode($response); + // JSONファイルを読み込む + $jsonFile = $extractPath . '/update.json'; + if (file_exists($jsonFile)) { + $jsonData = json_decode(file_get_contents($jsonFile), true); + if (json_last_error() === JSON_ERROR_NONE) { + $response = [ + 'success' => true, + 'software_name' => safetext($jsonData['software']) ?? '名前がありません', + 'version' => safetext($jsonData['version']) ?? 'バージョン情報がありません', + 'release_notes' => safetext($jsonData['release_notes']) ?? 'リリースノートが見つかりません。', + 'notices' => safetext($jsonData['notices']) ?? '注意事項が見つかりません。', + 'file_path' => safetext($extractPath) + ]; + echo json_encode($response); + } else { + echo json_encode(['success' => false, 'error' => 'JSONファイルの読み込みに失敗しました。(ROADING_JSON_ERROR)']); + } } else { echo json_encode(['success' => false, 'error' => 'JSONファイルの読み込みに失敗しました。(ROADING_JSON_ERROR)']); } } else { - echo json_encode(['success' => false, 'error' => 'JSONファイルの読み込みに失敗しました。(ROADING_JSON_ERROR)']); + echo json_encode(['success' => false, 'error' => '読み込みに失敗しました。1(ROADING_ERROR)']); } - } else { - echo json_encode(['success' => false, 'error' => '読み込みに失敗しました。1(ROADING_ERROR)']); - } - if (file_exists($uploadFile)) { - if (is_file($uploadFile)) { - unlink($uploadFile); + if (file_exists($uploadFile)) { + if (is_file($uploadFile)) { + unlink($uploadFile); + } } + }else{ + echo json_encode(['success' => false, 'error' => 'ファイルの移動に失敗しました。(ROADING_ERROR)']); } }else{ - echo json_encode(['success' => false, 'error' => 'ファイルの移動に失敗しました。(ROADING_ERROR)']); + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); } }else{ echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); } }else{ - echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + echo json_encode(['success' => false, 'error' => 'データベースの接続に失敗しました。(ERROR)']); } }else{ - echo json_encode(['success' => false, 'error' => 'データベースの接続に失敗しました。(ERROR)']); + echo json_encode(['success' => false, 'error' => '認証に失敗しました。(AUTH_INVALID)']); + exit; } }else{ echo json_encode(['success' => false, 'error' => '読み込みに失敗しました。2(ROADING_ERROR)']); diff --git a/settings_admin/overview_admin.php b/settings_admin/overview_admin.php index 1ca607b..e8b7cb2 100644 --- a/settings_admin/overview_admin.php +++ b/settings_admin/overview_admin.php @@ -171,37 +171,59 @@ if(!empty($pdo)){ if(function_exists("disk_free_space")){ if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { - $disk = true; - $totalRaw = disk_total_space('C:'); - $diskTotal = ($totalRaw > 0) ? (int)$totalRaw / 1024 / 1024 : 0; - $diskFree = (int)disk_free_space('C:') / 1024 / 1024; - $diskUmari = $diskTotal - $diskFree; + $totalRaw = @disk_total_space('C:'); + if($totalRaw !== false){ + $disk = true; + $diskTotal = ($totalRaw > 0) ? (int)$totalRaw / 1024 / 1024 : 0; + $diskFree = (int)disk_free_space('C:') / 1024 / 1024; + $diskUmari = $diskTotal - $diskFree; - if ($diskTotal > 0 && ($diskFree / $diskTotal < 0.1)) { - $disk_over90p = true; - } else { - $disk_over90p = false; - } - - $loadAve = null; + if ($diskTotal > 0 && ($diskFree / $diskTotal < 0.1)) { + $disk_over90p = true; + } else { + $disk_over90p = false; + } + + $loadAve = null; + }else{ + $disk = false; + $diskFree = 5000; + $diskUmari = 5000; + $diskTotal = 10000; + $disk_over90p = false; + $loadAve = null; + } } else { - $disk = true; - $totalRaw = disk_total_space('/'); - $diskTotal = ($totalRaw > 0) ? (int)$totalRaw / 1024 / 1024 : 0; - $diskFree = (int)disk_free_space('/') / 1024 / 1024; - $diskUmari = $diskTotal - $diskFree; + $totalRaw = @disk_total_space('/'); + if($totalRaw !== false){ + $disk = true; + $diskTotal = ($totalRaw > 0) ? (int)$totalRaw / 1024 / 1024 : 0; + $diskFree = (int)disk_free_space('/') / 1024 / 1024; + $diskUmari = $diskTotal - $diskFree; - if ($diskTotal > 0 && ($diskFree / $diskTotal < 0.1)) { - $disk_over90p = true; - } else { - $disk_over90p = false; - } + if ($diskTotal > 0 && ($diskFree / $diskTotal < 0.1)) { + $disk_over90p = true; + } else { + $disk_over90p = false; + } - if(function_exists("sys_getloadavg")){ - $loadAve = sys_getloadavg()[0]; - } else { - $loadAve = null; - } + if(function_exists("sys_getloadavg")){ + $loadAve = sys_getloadavg()[0]; + } else { + $loadAve = null; + } + }else{ + $disk = false; + $diskFree = 5000; + $diskUmari = 5000; + $diskTotal = 10000; + $disk_over90p = false; + if(function_exists("sys_getloadavg")){ + $loadAve = sys_getloadavg()[0]; + }else{ + $loadAve = null; + } + } } } else { $disk = false; diff --git a/update.json b/update.json index cabb1bf..4d62eb2 100644 --- a/update.json +++ b/update.json @@ -1,12 +1,43 @@ { "software": "uwuzu", - "version": "1.6.11", - "release_date": "2026/01/05", - "release_notes": "このアップデートには、背景透過画像が投稿できないバグの修正が含まれます!\n詳細はリリースノートをご確認ください。", + "version": "1.6.12", + "release_date": "2026/04/22", + "release_notes": "このアップデートには、とっても重大な脆弱性の修正が含まれます!また、一部新機能の追加、バグ修正が含まれます。\n詳細はリリースノートをご確認ください。", "notices": "アップデート前にデータのバックアップを行うことをおすすめします!", "files": { "overwrite": [ + "/admin/addadmin.php", + "/api/me/settings/index.php", + "/api/ueuse/create.php", + "/css/home.css", + "/js/view_function.js", + "/new.php", + "/settings_admin/overview_admin.php", + "/uwuzu_error_code.txt", + "/abi/addabi.php", + "/bookmark/bookmark.php", + "/delete/delete.php", + "/favorite/favorite.php", + "/function/delete_apitoken.php", "/function/function.php", + "/function/get_customemoji.php", + "/function/get_userid.php", + "/function/reuse.php", + "/function/settings.php", + "/function/ueuse.php", + "/migration/index.php", + "/nextpage/bookmarktimeline.php", + "/nextpage/followtimeline.php", + "/nextpage/foryoutimeline.php", + "/nextpage/localtimeline.php", + "/nextpage/notification.php", + "/nextpage/searchtimeline.php", + "/nextpage/ueusetimeline.php", + "/nextpage/userliketimeline.php", + "/nextpage/usermediatimeline.php", + "/nextpage/usertimeline.php", + "/settings_admin/api/code_delete.php", + "/settings_admin/api/update_query.php", "/server/uwuzuabout.txt", "/server/uwuzuinfo.txt", "/server/uwuzurelease.txt" diff --git a/uwuzu_error_code.txt b/uwuzu_error_code.txt index 78a31e8..5f37e2c 100644 --- a/uwuzu_error_code.txt +++ b/uwuzu_error_code.txt @@ -32,15 +32,20 @@ could_not_complete - 処理を完了できなかった場合に表示されま user_not_frozen_cant_be_banned - APIからユーザーをBANしようとした際に、ユーザーが事前に凍結されていない場合に発生するエラーです。 method_not_allowed - 禁止されたHTTPメゾットで要求があった場合に表示されます。 this_API_is_ws_only - WebsocketAPIがWebsocket以外の方法でアクセスされた場合に表示されます。 +base64_decode_failed - Base64デコードに失敗した場合に表示されます。 ----------(UWUZU ERR CODE)---------- FILE_DEKASUGUI_PHP_INI_KAKUNIN - php.iniで設定されているファイルサイズ上限を上回っている時に表示されます。 FILE_DEKASUGUI_HTML_KAKUNIN - HTMLフォームで指定されているファイルサイズ上限を上回っている時に表示されます。 FILE_SUKOSHIDAKE_UPLOAD - アップロードされたファイルが一部のみアップロードされた場合に表示されます。 FILE_UPLOAD_DEKINAKATTA - ファイルのアップロードができない場合に表示されます。 +FILE_NAME_NAI - ファイル名が無い場合に表示されます。 +FILE_PATH_NAI - ファイルパスが無い場合に表示されます。 +FILE_SIZE_NAI - ファイルサイズが無い場合に表示されます。 TMP_FOLDER_NAI - テンポラリフォルダがない場合に表示されます。 FILE_KAKIKOMI_SIPPAI - 記憶装置へのファイル書き込みに失敗した場合に表示されます。 PHPINFO()_KAKUNIN - PHPの拡張モジュールによりアップロードが中止された場合に表示されます。 +SAVE_FOLDER_KAKIKOMI_KENNAI - フォルダへの書き込み権が無い場合に表示されます。 INVITATION_CODE_INPUT_PLEASE - 招待コードが入力されていない時に表示されます。 INVITATION_CODE_SHIYOUZUMI - 招待コードが使用済みの場合に表示されます。