last2014/uwuzu-mirror
1
0
Fork 0
mirror of https://github.com/Daichimarukana/uwuzu.git synced 2026-06-04 19:14:41 +00:00
Code Activity

uwuzu v1.4.14 Funium

Browse Source
This commit is contained in:
Daichimarukana
2025-01-26 16:06:37 +09:00
parent 6bcb912a04
commit bc8b6cd800
18 changed files with 588 additions and 275 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api/ueuse/create.php
+3 -1
View File
@@ -221,6 +221,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$uniqid = safetext(createUniqId()); $uniqid = safetext(createUniqId());
$abi = "none"; $abi = "none";
$nones = "none"; $nones = "none";
$popularity = 0;
// トランザクション開始 // トランザクション開始
$pdo->beginTransaction(); $pdo->beginTransaction();
@@ -228,7 +229,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
try { try {
// SQL作成 // SQL作成
$stmt = $pdo->prepare("INSERT INTO ueuse (username, account, uniqid, rpuniqid, ueuse, photo1, photo2, photo3, photo4, video1, datetime, abi, nsfw) VALUES (:username, :account, :uniqid, :rpuniqid, :ueuse, :photo1, :photo2, :photo3, :photo4, :video1, :datetime, :abi, :nsfw)"); $stmt = $pdo->prepare("INSERT INTO ueuse (username, account, uniqid, rpuniqid, ueuse, photo1, photo2, photo3, photo4, video1, datetime, abi, nsfw, popularity) VALUES (:username, :account, :uniqid, :rpuniqid, :ueuse, :photo1, :photo2, :photo3, :photo4, :video1, :datetime, :abi, :nsfw, :popularity)");
$stmt->bindParam(':username', $username, PDO::PARAM_STR); $stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':account', $userid, PDO::PARAM_STR); $stmt->bindParam(':account', $userid, PDO::PARAM_STR);
@@ -246,6 +247,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$stmt->bindParam(':abi', $abi, PDO::PARAM_STR); $stmt->bindParam(':abi', $abi, PDO::PARAM_STR);
$stmt->bindParam(':nsfw', $nsfw, PDO::PARAM_STR); $stmt->bindParam(':nsfw', $nsfw, PDO::PARAM_STR);
$stmt->bindParam(':popularity', $popularity, PDO::PARAM_INT);
// SQLクエリの実行 // SQLクエリの実行
$res = $stmt->execute(); $res = $stmt->execute();
bookmark/bookmark.php
+2 -2
View File
@@ -66,7 +66,7 @@ if (safetext(isset($_POST['uniqid'])) && safetext(isset($_POST['userid'])) && sa
echo json_encode(['success' => true, 'newbookmark' => 'success']); echo json_encode(['success' => true, 'newbookmark' => 'success']);
exit; exit;
} else { } else {
echo json_encode(['success' => false, 'error' => 'いいねの更新に失敗しました。']); echo json_encode(['success' => false, 'error' => 'ブックマークの更新に失敗しました。']);
exit; exit;
} }
@@ -76,7 +76,7 @@ if (safetext(isset($_POST['uniqid'])) && safetext(isset($_POST['userid'])) && sa
exit; exit;
} }
} catch(PDOException $e) { } catch(PDOException $e) {
echo json_encode(['success' => false, 'error' => 'データベースエラー' . $e->getMessage()]); echo json_encode(['success' => false, 'error' => 'データベースエラー']);
exit; exit;
} }
} }
delete/delete.php
+1 -1
View File
@@ -17,7 +17,7 @@ if (safetext(isset($_POST['uniqid'])) && safetext(isset($_POST['userid'])) && sa
exit; exit;
} }
}else{ }else{
echo json_encode(['success' => false, 'error' => '削除に失敗しました。(sess_err)']); echo json_encode(['success' => false, 'error' => '削除に失敗しました。(ERROR)']);
exit; exit;
} }
?> ?>
function/function.php
+202 -77
View File
@@ -1,25 +1,70 @@
<?php <?php
function blockedIP($ip_addr){ function isIpInCIDR($ip, $cidr){
if (!strpos($cidr, '/')) {
return $ip === $cidr;
}
[$network, $prefixLength] = explode('/', $cidr);
if((filter_var($network, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) || filter_var($network, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) && (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) || filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4))){
$prefixLength = (int)$prefixLength;
$ipBinary = inet_pton($ip);
$networkBinary = inet_pton($network);
if ($ipBinary === false || $networkBinary === false) {
actionLog(null, "error", "isIpInCIDR", null, "invalid_ip_or_network_".$ipBinary."/".$networkBinary, 4);
return false;
}
$totalBits = strlen($networkBinary) * 8;
if ($prefixLength < 0 || $prefixLength > $totalBits) {
actionLog(null, "error", "isIpInCIDR", null, "bad_prefix_length_".$prefixLength, 4);
return false;
}
$mask = str_repeat("\xFF", (int)($prefixLength / 8));
$remainingBits = $prefixLength % 8;
if ($remainingBits > 0) {
$mask .= chr((0xFF << (8 - $remainingBits)) & 0xFF);
}
$mask = str_pad($mask, strlen($networkBinary), "\x00");
return ($ipBinary & $mask) === ($networkBinary & $mask);
}else{
actionLog(null, "error", "isIpInCIDR", null, "bad_ip", 4);
return false;
}
}
function blockedIP($ip_addr) {
// データベースに接続 // データベースに接続
try { try {
$option = array( $pdo = new PDO(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, 'mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false DB_USER,
DB_PASS,
[
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false,
]
); );
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option); } catch (PDOException $e) {
} catch(PDOException $e) { error_log("Database connection failed: " . $e->getMessage());
actionLog(null, "error", "blockedIP", null, $e, 4);
return false; return false;
} }
$search_query = $pdo->prepare('SELECT * FROM ipblock WHERE ipaddr = :ipaddr limit 1'); // IPブロックリストの取得
$search_query->execute(array(':ipaddr' => $ip_addr)); $search_query = $pdo->prepare('SELECT ipaddr FROM ipblock');
$result = $search_query->fetch(); $search_query->execute();
$blocked_ips = $search_query->fetchAll(PDO::FETCH_COLUMN);
if($result > 0){ foreach ($blocked_ips as $blocked_ip) {
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . "/unsupported.php?errcode=IP_BANNED"; if (isIpInCIDR($ip_addr, $blocked_ip)) {
header("Location:".$url.""); $url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . "/unsupported.php?errcode=IP_BANNED";
exit; header("Location: " . $url);
exit;
}
} }
} }
function uwuzuUserLogin($session, $cookie, $ip_addr, $operation_permission = "user") { function uwuzuUserLogin($session, $cookie, $ip_addr, $operation_permission = "user") {
@@ -854,58 +899,60 @@ function send_notification($to,$from,$title,$message,$url,$category){
} }
if(!($to == $from) || $category === "system" || $category === "other"){ if(!($to == $from) || $category === "system" || $category === "other"){
$query = $pdo->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); $to_result = getUserData($pdo, $to);
$query->execute(array(':userid' => $from));
$result = $query->fetch();
$category_list = ["system","favorite","reply","reuse","ueuse","follow","mention","other"]; $category_list = ["system","favorite","reply","reuse","ueuse","follow","mention","other"];
if(in_array($category, $category_list)){ if(in_array($category, $category_list)){
if(in_array($category, explode(',', $result["notification_settings"])) || empty($result["notification_settings"]) || $category === "system" || $category === "other"){ if(in_array($category, explode(',', $to_result["notification_settings"])) || empty($to_result["notification_settings"]) || $category === "system" || $category === "other"){
if(!(empty($pdo))){ //ブロックされてたら送らない
$pdo->beginTransaction(); if(!(in_array($from, explode(',', $to_result["blocklist"])))){
if(!(empty($pdo))){
$pdo->beginTransaction();
try {
$fromuserid = safetext($from);
$touserid = safetext($to);
$datetime = date("Y-m-d H:i:s");
$msg = safetext($message);
$title = safetext($title);
$url = safetext($url);
$userchk = 'none';
$notification_category = safetext($category);
try { // 通知用SQL作成
$fromuserid = safetext($from); $stmt = $pdo->prepare("INSERT INTO notification (fromuserid, touserid, msg, url, datetime, userchk, title, category) VALUES (:fromuserid, :touserid, :msg, :url, :datetime, :userchk, :title, :category)");
$touserid = safetext($to);
$datetime = date("Y-m-d H:i:s");
$msg = safetext($message);
$title = safetext($title);
$url = safetext($url);
$userchk = 'none';
$notification_category = safetext($category);
// 通知用SQL作成 $stmt->bindParam(':fromuserid', $fromuserid, PDO::PARAM_STR);
$stmt = $pdo->prepare("INSERT INTO notification (fromuserid, touserid, msg, url, datetime, userchk, title, category) VALUES (:fromuserid, :touserid, :msg, :url, :datetime, :userchk, :title, :category)"); $stmt->bindParam(':touserid', $touserid, PDO::PARAM_STR);
$stmt->bindParam(':msg', $msg, PDO::PARAM_STR);
$stmt->bindParam(':url', $url, PDO::PARAM_STR);
$stmt->bindParam(':userchk', $userchk, PDO::PARAM_STR);
$stmt->bindParam(':title', $title, PDO::PARAM_STR);
$stmt->bindParam(':category', $notification_category, PDO::PARAM_STR);
$stmt->bindParam(':fromuserid', $fromuserid, PDO::PARAM_STR); $stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
$stmt->bindParam(':touserid', $touserid, PDO::PARAM_STR);
$stmt->bindParam(':msg', $msg, PDO::PARAM_STR);
$stmt->bindParam(':url', $url, PDO::PARAM_STR);
$stmt->bindParam(':userchk', $userchk, PDO::PARAM_STR);
$stmt->bindParam(':title', $title, PDO::PARAM_STR);
$stmt->bindParam(':category', $notification_category, PDO::PARAM_STR);
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR); $res = $stmt->execute();
$res = $stmt->execute(); $res = $pdo->commit();
$res = $pdo->commit(); if($res){
return true;
}else{
$pdo->rollBack();
actionLog($from, "error", "send_notification", $to, "通知の送信に失敗しました(rollBack)", 3);
return false;
}
if($res){ } catch(Exception $e) {
return true;
}else{
$pdo->rollBack(); $pdo->rollBack();
actionLog($from, "error", "send_notification", $to, "通知の送信に失敗しました(rollBack)", 3); actionLog($from, "error", "send_notification", $to, $e, 4);
return false; return false;
} }
}else{
} catch(Exception $e) {
$pdo->rollBack();
actionLog($from, "error", "send_notification", $to, $e, 4);
return false; return false;
} }
}else{ }else{
return false; return true;
} }
}else{ }else{
// 受信しない設定なのでtrue // 受信しない設定なのでtrue
@@ -1221,15 +1268,17 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$
$datetime = date("Y-m-d H:i:s"); $datetime = date("Y-m-d H:i:s");
$uniqid = createUniqId(); $uniqid = createUniqId();
$abi = "none"; $abi = "none";
$popularity = 0;
if(empty($rpUniqid) && empty($ruUniqid)){ if(empty($rpUniqid) && empty($ruUniqid)){
//-----------通常ユーズ-----------
// トランザクション開始 // トランザクション開始
$pdo->beginTransaction(); $pdo->beginTransaction();
try { try {
// SQL作成 // SQL作成
$stmt = $pdo->prepare("INSERT INTO ueuse (username, account, uniqid, ueuse, photo1, photo2, photo3, photo4, video1, datetime, abi, nsfw) VALUES (:username, :account, :uniqid, :ueuse, :photo1, :photo2, :photo3, :photo4, :video1, :datetime, :abi, :nsfw)"); $stmt = $pdo->prepare("INSERT INTO ueuse (username, account, uniqid, ueuse, photo1, photo2, photo3, photo4, video1, datetime, abi, nsfw, popularity) VALUES (:username, :account, :uniqid, :ueuse, :photo1, :photo2, :photo3, :photo4, :video1, :datetime, :abi, :nsfw, :popularity)");
$stmt->bindParam(':username', $username, PDO::PARAM_STR); $stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':account', $userid, PDO::PARAM_STR); $stmt->bindParam(':account', $userid, PDO::PARAM_STR);
@@ -1244,6 +1293,7 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR); $stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
$stmt->bindParam(':nsfw', $save_nsfw, PDO::PARAM_STR); $stmt->bindParam(':nsfw', $save_nsfw, PDO::PARAM_STR);
$stmt->bindParam(':popularity', $popularity, PDO::PARAM_INT);
$stmt->bindParam(':abi', $abi, PDO::PARAM_STR); $stmt->bindParam(':abi', $abi, PDO::PARAM_STR);
@@ -1265,6 +1315,7 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$
actionLog($userid, "error", "send_ueuse", null, $e, 4); actionLog($userid, "error", "send_ueuse", null, $e, 4);
} }
}elseif((!empty($rpUniqid)) && empty($ruUniqid)){ }elseif((!empty($rpUniqid)) && empty($ruUniqid)){
//-----------リプライ-----------
$toUserIdQuery = $pdo->prepare("SELECT account FROM ueuse WHERE uniqid = :ueuseid ORDER BY datetime ASC LIMIT 1"); $toUserIdQuery = $pdo->prepare("SELECT account FROM ueuse WHERE uniqid = :ueuseid ORDER BY datetime ASC LIMIT 1");
$toUserIdQuery->bindValue(':ueuseid', $rpUniqid, PDO::PARAM_STR); $toUserIdQuery->bindValue(':ueuseid', $rpUniqid, PDO::PARAM_STR);
$toUserIdQuery->execute(); $toUserIdQuery->execute();
@@ -1276,12 +1327,13 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$
$touserid = null; $touserid = null;
} }
changePopularity($pdo, $rpUniqid, $userid, 3);
// トランザクション開始 // トランザクション開始
$pdo->beginTransaction(); $pdo->beginTransaction();
try { try {
// SQL作成 // SQL作成
$stmt = $pdo->prepare("INSERT INTO ueuse (username, account, uniqid, rpuniqid, ueuse, photo1, photo2, photo3, photo4, video1, datetime, abi, nsfw) VALUES (:username, :account, :uniqid, :rpuniqid, :ueuse, :photo1, :photo2, :photo3, :photo4, :video1, :datetime, :abi, :nsfw)"); $stmt = $pdo->prepare("INSERT INTO ueuse (username, account, uniqid, rpuniqid, ueuse, photo1, photo2, photo3, photo4, video1, datetime, abi, nsfw, popularity) VALUES (:username, :account, :uniqid, :rpuniqid, :ueuse, :photo1, :photo2, :photo3, :photo4, :video1, :datetime, :abi, :nsfw, :popularity)");
$stmt->bindParam(':username', $username, PDO::PARAM_STR); $stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':account', $userid, PDO::PARAM_STR); $stmt->bindParam(':account', $userid, PDO::PARAM_STR);
@@ -1299,6 +1351,7 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$
$stmt->bindParam(':nsfw', $save_nsfw, PDO::PARAM_STR); $stmt->bindParam(':nsfw', $save_nsfw, PDO::PARAM_STR);
$stmt->bindParam(':abi', $abi, PDO::PARAM_STR); $stmt->bindParam(':abi', $abi, PDO::PARAM_STR);
$stmt->bindParam(':popularity', $popularity, PDO::PARAM_INT);
// SQLクエリの実行 // SQLクエリの実行
$res = $stmt->execute(); $res = $stmt->execute();
@@ -1319,6 +1372,7 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$
actionLog($userid, "error", "send_ueuse", null, $e, 4); actionLog($userid, "error", "send_ueuse", null, $e, 4);
} }
}elseif(empty($rpUniqid) && (!empty($ruUniqid))){ }elseif(empty($rpUniqid) && (!empty($ruUniqid))){
//-----------リユーズ-----------
$toUserIdQuery = $pdo->prepare("SELECT account FROM ueuse WHERE uniqid = :ueuseid ORDER BY datetime ASC LIMIT 1"); $toUserIdQuery = $pdo->prepare("SELECT account FROM ueuse WHERE uniqid = :ueuseid ORDER BY datetime ASC LIMIT 1");
$toUserIdQuery->bindValue(':ueuseid', $ruUniqid, PDO::PARAM_STR); $toUserIdQuery->bindValue(':ueuseid', $ruUniqid, PDO::PARAM_STR);
$toUserIdQuery->execute(); $toUserIdQuery->execute();
@@ -1329,12 +1383,15 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$
}else{ }else{
$touserid = null; $touserid = null;
} }
changePopularity($pdo, $ruUniqid, $userid, 2);
// トランザクション開始 // トランザクション開始
$pdo->beginTransaction(); $pdo->beginTransaction();
try { try {
// SQL作成 // SQL作成
$stmt = $pdo->prepare("INSERT INTO ueuse (username, account, uniqid, ruuniqid, ueuse, photo1, photo2, photo3, photo4, video1, datetime, abi, nsfw) VALUES (:username, :account, :uniqid, :ruuniqid, :ueuse, :photo1, :photo2, :photo3, :photo4, :video1, :datetime, :abi, :nsfw)"); $stmt = $pdo->prepare("INSERT INTO ueuse (username, account, uniqid, ruuniqid, ueuse, photo1, photo2, photo3, photo4, video1, datetime, abi, nsfw, popularity) VALUES (:username, :account, :uniqid, :ruuniqid, :ueuse, :photo1, :photo2, :photo3, :photo4, :video1, :datetime, :abi, :nsfw, :popularity)");
$stmt->bindParam(':username', $username, PDO::PARAM_STR); $stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':account', $userid, PDO::PARAM_STR); $stmt->bindParam(':account', $userid, PDO::PARAM_STR);
@@ -1352,6 +1409,7 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$
$stmt->bindParam(':nsfw', $save_nsfw, PDO::PARAM_STR); $stmt->bindParam(':nsfw', $save_nsfw, PDO::PARAM_STR);
$stmt->bindParam(':abi', $abi, PDO::PARAM_STR); $stmt->bindParam(':abi', $abi, PDO::PARAM_STR);
$stmt->bindParam(':popularity', $popularity, PDO::PARAM_INT);
// SQLクエリの実行 // SQLクエリの実行
@@ -1502,6 +1560,20 @@ function delete_ueuse($uniqid, $userid, $account_id){
} }
} }
$ru_tree_Chkquery = $pdo->prepare('SELECT * FROM ueuse WHERE uniqid = :ruuniqid limit 1');
$ru_tree_Chkquery->execute(array(':ruuniqid' => $result["ruuniqid"]));
$result4 = $ru_tree_Chkquery->fetch();
if($result4 > 0){
changePopularity($pdo, $result["ruuniqid"], $userid, -2);
}
$rp_tree_Chkquery = $pdo->prepare('SELECT * FROM ueuse WHERE uniqid = :rpuniqid limit 1');
$rp_tree_Chkquery->execute(array(':rpuniqid' => $result["rpuniqid"]));
$result5 = $rp_tree_Chkquery->fetch();
if($result5 > 0){
changePopularity($pdo, $result["rpuniqid"], $userid, -3);
}
try { try {
// 削除クエリを実行 // 削除クエリを実行
$deleteQuery = $pdo->prepare("DELETE FROM ueuse WHERE uniqid = :uniqid AND account = :userid"); $deleteQuery = $pdo->prepare("DELETE FROM ueuse WHERE uniqid = :uniqid AND account = :userid");
@@ -1581,6 +1653,7 @@ function follow_user($pdo, $to_userid, $userid){
return false; return false;
} }
}else{ }else{
$pdo->rollBack();
return true; return true;
} }
} catch (Exception $e) { } catch (Exception $e) {
@@ -1644,6 +1717,7 @@ function unfollow_user($pdo, $to_userid, $userid){
return false; return false;
} }
}else{ }else{
$pdo->rollBack();
return true; return true;
} }
} catch (Exception $e) { } catch (Exception $e) {
@@ -1703,6 +1777,7 @@ function block_user($pdo, $to_userid, $userid){
return false; return false;
} }
}else{ }else{
$pdo->rollBack();
return true; return true;
} }
} catch (Exception $e) { } catch (Exception $e) {
@@ -1756,6 +1831,7 @@ function unblock_user($pdo, $to_userid, $userid){
return false; return false;
} }
}else{ }else{
$pdo->rollBack();
return true; return true;
} }
} catch (Exception $e) { } catch (Exception $e) {
@@ -1771,31 +1847,80 @@ function unblock_user($pdo, $to_userid, $userid){
return false; return false;
} }
} }
function changePopularity($pdo, $uniqid, $userid, $change_range){
if (!(empty($pdo)) && !(empty($uniqid))){
if(is_numeric($change_range)){
$pdo->beginTransaction();
try {
// 投稿のいいね情報を取得
$stmt = $pdo->prepare("SELECT popularity FROM ueuse WHERE uniqid = :uniqid");
$stmt->bindValue(':uniqid', $uniqid, PDO::PARAM_STR);
$stmt->execute();
$post = $stmt->fetch(PDO::FETCH_ASSOC);
if (!(empty($post))) {
$new_popularity = (int)$post['popularity'] + (int)$change_range;
if($new_popularity >= 2147483647){
$new_popularity = 2147483647;
}
$updateQuery = $pdo->prepare("UPDATE ueuse SET popularity = :popularity WHERE uniqid = :uniqid");
$updateQuery->bindValue(':popularity', $new_popularity, PDO::PARAM_INT);
$updateQuery->bindValue(':uniqid', $uniqid, PDO::PARAM_STR);
$res = $updateQuery->execute();
if ($res) {
$pdo->commit();
return true;
} else {
$pdo->rollBack();
actionLog($userid, "error", "changePopularity", $uniqid, "いいねに失敗しました", 3);
return false;
}
} else {
$pdo->rollBack();
return false;
}
} catch(PDOException $e) {
actionLog($userid, "error", "changePopularity", $uniqid, $e, 4);
return false;
}
}else{
actionLog($userid, "error", "changePopularity", $uniqid, "不正な変更値です", 4);
return false;
}
}
}
function addFavorite($pdo, $uniqid, $userid){ function addFavorite($pdo, $uniqid, $userid){
if (!(empty($pdo)) && !(empty($uniqid)) && !(empty($userid))){ if (!(empty($pdo)) && !(empty($uniqid)) && !(empty($userid))){
$pdo->beginTransaction(); // 投稿のいいね情報を取得
try { $stmt = $pdo->prepare("SELECT account,ueuse,favorite FROM ueuse WHERE uniqid = :uniqid");
// 投稿のいいね情報を取得 $stmt->bindValue(':uniqid', $uniqid, PDO::PARAM_STR);
$stmt = $pdo->prepare("SELECT account,ueuse,favorite FROM ueuse WHERE uniqid = :uniqid"); $stmt->execute();
$stmt->bindValue(':uniqid', $uniqid, PDO::PARAM_STR); $post = $stmt->fetch(PDO::FETCH_ASSOC);
$stmt->execute();
$post = $stmt->fetch(PDO::FETCH_ASSOC);
if (!(empty($post))) { if (!(empty($post))) {
$favoriteList = explode(',', $post['favorite']); $favoriteList = explode(',', $post['favorite']);
$index = array_search($userid, $favoriteList); $index = array_search($userid, $favoriteList);
if ($index === false) { if ($index === false) {
// ユーザーIDを追加 // ユーザーIDを追加
$favoriteList[] = $userid; $favoriteList[] = $userid;
send_notification(safetext($post['account']),$userid,"".$userid."さんがいいねしました!",safetext($post['ueuse']),"/!".$uniqid."","favorite"); send_notification(safetext($post['account']),$userid,"".$userid."さんがいいねしました!",safetext($post['ueuse']),"/!".$uniqid."","favorite");
} else { //1いいねでスコアが1増加
// ユーザーIDを削除 changePopularity($pdo, $uniqid, $userid, 1);
array_splice($favoriteList, $index, 1); } else {
} // ユーザーIDを削除
array_splice($favoriteList, $index, 1);
//1いいね解除でスコアが1減る
changePopularity($pdo, $uniqid, $userid, -1);
}
$pdo->beginTransaction();
try {
// 新しいいいね情報を更新 // 新しいいいね情報を更新
$newFavorite = implode(',', $favoriteList); $newFavorite = implode(',', $favoriteList);
$updateQuery = $pdo->prepare("UPDATE ueuse SET favorite = :favorite WHERE uniqid = :uniqid"); $updateQuery = $pdo->prepare("UPDATE ueuse SET favorite = :favorite WHERE uniqid = :uniqid");
@@ -1811,13 +1936,13 @@ function addFavorite($pdo, $uniqid, $userid){
actionLog($userid, "error", "addFavorite", $uniqid, "いいねに失敗しました", 3); actionLog($userid, "error", "addFavorite", $uniqid, "いいねに失敗しました", 3);
return [false, "いいねに失敗しました", $post['favorite']]; return [false, "いいねに失敗しました", $post['favorite']];
} }
} else { } catch(PDOException $e) {
$pdo->rollBack(); actionLog($userid, "error", "addFavorite", $uniqid, $e, 4);
return [false, "投稿が見つかりませんでした", null]; return [false, "データベースエラー", null];
} }
} catch(PDOException $e) { } else {
actionLog($userid, "error", "addFavorite", $uniqid, $e, 4); $pdo->rollBack();
return [false, "データベースエラー", null]; return [false, "投稿が見つかりませんでした", null];
} }
} }
} }
home/index.php
+32 -11
View File
@@ -1091,24 +1091,45 @@ $(document).ready(function() {
if($("#error").length){ if($("#error").length){
$("#error").hide(); $("#error").hide();
} }
EmojiClickEvent();
}, },
error: function (xhr, textStatus, errorThrown) { // エラーと判定された場合 error: function (xhr, textStatus, errorThrown) { // エラーと判定された場合
isEmojiLoading = false; isEmojiLoading = false;
$("#error").show(); $("#error").show();
EmojiClickEvent();
}, },
}); });
} }
function EmojiClickEvent() {
$(".one_emoji").click(function (event) { var last_cursor_at = 0;
event.preventDefault(); $('body').on('click', '.one_emoji', function(event) {
var children = $(this).children("img"); event.preventDefault();
var custom_emojiname = children.attr("title");
$("#ueuse").val($("#ueuse").val() + custom_emojiname); var children = $(this).children("img");
}); var custom_emojiname = children.attr("title");
}
var input = $("#ueuse").get(0);
var now_ueuse = $("#ueuse").val();
var cursor_at = (input && input.selectionStart !== undefined) ? input.selectionStart : last_cursor_at;
var front = now_ueuse.slice(0, cursor_at);
var back = now_ueuse.slice(cursor_at);
$("#ueuse").val(front + custom_emojiname + back);
last_cursor_at = cursor_at + custom_emojiname.length;
// 挿入後にフォーカスとカーソルを維持
$("#ueuse").focus();
if (input) {
input.setSelectionRange(last_cursor_at, last_cursor_at);
}
});
$("#ueuse").on("click keyup", function() {
var input = $(this).get(0);
if (input && input.selectionStart !== undefined) {
last_cursor_at = input.selectionStart;
}
});
}); });
</script> </script>
</html> </html>
js/nsfw_event.js
+1 -1
View File
@@ -78,7 +78,7 @@ function isHarmfulContent(text, examples, keywords, similarityThreshold = 0.7) {
nonHarmfulCharCount -= harmfulText.length; nonHarmfulCharCount -= harmfulText.length;
} }
if (harmfulCharCount > nonHarmfulCharCount) { if (harmfulCharCount > nonHarmfulCharCount || harmfulCharCount > 6) {
return true; return true;
} else { } else {
return false; return false;
js/unsupported.js
+1
View File
@@ -81,6 +81,7 @@ if (navigator.cookieEnabled) {
} }
/*Main Access check*/ /*Main Access check*/
if (user_agent_browser == 'Microsoft_Internet_Explorer' || user_agent_browser == 'NintendoBrowser') { if (user_agent_browser == 'Microsoft_Internet_Explorer' || user_agent_browser == 'NintendoBrowser') {
user_agent_access = 'bad'; user_agent_access = 'bad';
errcode = 'UNSUPPORTED_BROWSER'; errcode = 'UNSUPPORTED_BROWSER';
nextpage/bookmark.php
+19 -16
View File
@@ -57,30 +57,33 @@ if (isset($_GET['userid']) && isset($_GET['account_id'])) {
$bookmarkQuery->execute(); $bookmarkQuery->execute();
$bookmarkData = $bookmarkQuery->fetch(); $bookmarkData = $bookmarkQuery->fetch();
$bookmark = $bookmarkData['bookmark']; $bookmark = $bookmarkData['bookmark'];
$bookmarkList = explode(',', $bookmark); $bookmarkList = array_chunk(array_reverse(explode(',', $bookmark)),$itemsPerPage);
// フォローしているユーザーの投稿を取得し、日時順に並び替える // フォローしているユーザーの投稿を取得し、日時順に並び替える
$messages = array(); // 初期化 $messages = array(); // 初期化
foreach ($bookmarkList as $bookmarkUniqId) { $list_Page = (int)$pageNumber - 1;
$sql = "SELECT ueuse.*
FROM ueuse
LEFT JOIN account ON ueuse.account = account.userid
WHERE uniqid = :bookmarkUniqId AND account.role != 'ice'
ORDER BY ueuse.datetime DESC
LIMIT :offset, :itemsPerPage";
$stmt = $pdo->prepare($sql); if(!(empty($bookmarkList[$list_Page]))){
$stmt->bindValue(':bookmarkUniqId', $bookmarkUniqId, PDO::PARAM_STR); foreach ($bookmarkList[$list_Page] as $bookmarkUniqId) {
$stmt->bindValue(':offset', $offset, PDO::PARAM_INT); $sql = "SELECT ueuse.*
$stmt->bindValue(':itemsPerPage', $itemsPerPage, PDO::PARAM_INT); FROM ueuse
$stmt->execute(); LEFT JOIN account ON ueuse.account = account.userid
WHERE uniqid = :bookmarkUniqId AND account.role != 'ice'
ORDER BY ueuse.datetime DESC";
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) { $stmt = $pdo->prepare($sql);
$messages[] = $row; $stmt->bindValue(':bookmarkUniqId', $bookmarkUniqId, PDO::PARAM_STR);
$stmt->execute();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$messages[] = $row;
}
} }
}else{
$messages = [];
} }
$messages = array_reverse($messages);
// ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える // ユーザー情報を取得して、$messages内のusernameをuserDataのusernameに置き換える
foreach ($messages as &$message) { foreach ($messages as &$message) {
$userQuery = $pdo->prepare("SELECT username, userid, profile, role, iconname, headname, sacinfo FROM account WHERE userid = :userid"); $userQuery = $pdo->prepare("SELECT username, userid, profile, role, iconname, headname, sacinfo FROM account WHERE userid = :userid");
nextpage/foryoupage.php
+2 -6
View File
@@ -94,11 +94,7 @@ if (isset($_GET['userid']) && isset($_GET['account_id'])) {
$get_day = $get_day * (2 ** floor($pageNumber / 3)); $get_day = $get_day * (2 ** floor($pageNumber / 3));
$pop_sql = "SELECT $pop_sql = "SELECT
ueuse.*, ueuse.*
(LENGTH(ueuse.favorite) - LENGTH(REPLACE(ueuse.favorite, ',', '')) - 1) AS favorite_count,
(SELECT COUNT(*) FROM ueuse AS reuse WHERE reuse.ruuniqid = ueuse.uniqid) AS reuse_count,
((LENGTH(ueuse.favorite) - LENGTH(REPLACE(ueuse.favorite, ',', '')) - 1) +
(SELECT COUNT(*) FROM ueuse AS reuse WHERE reuse.ruuniqid = ueuse.uniqid)) AS total_score
FROM FROM
ueuse ueuse
LEFT JOIN account ON ueuse.account = account.userid LEFT JOIN account ON ueuse.account = account.userid
@@ -109,7 +105,7 @@ if (isset($_GET['userid']) && isset($_GET['account_id'])) {
AND AND
account.role != 'ice' account.role != 'ice'
ORDER BY ORDER BY
total_score DESC ueuse.popularity DESC
LIMIT :offset, :itemsPerPage; LIMIT :offset, :itemsPerPage;
"; ";
others/index.php
+45 -43
View File
@@ -145,20 +145,51 @@ if( !empty($_POST['btn_submit']) ) {
} }
} }
// フォロー・フォロワー情報を削除したい全てのアカウントを取得
$flw_query = $pdo->prepare("SELECT *
FROM account
WHERE follow LIKE :pattern1
OR follow LIKE :pattern2
OR follow LIKE :pattern3
OR follower LIKE :pattern1
OR follower LIKE :pattern2
OR follower LIKE :pattern3
");
$flw_query->bindValue(':pattern1', "%,$userid,%", PDO::PARAM_STR); // 中間に位置する場合
$flw_query->bindValue(':pattern2', "%,$userid", PDO::PARAM_STR); // 末尾に位置する場合
$flw_query->bindValue(':pattern3', "$userid,%", PDO::PARAM_STR); // 先頭に位置する場合
$flw_query->execute();
$flw_accounts = $flw_query->fetchAll();
foreach ($flw_accounts as $account) {
unfollow_user($pdo, $account['userid'], $userid);
unfollow_user($pdo, $userid, $account['userid']);
}
// ユーザーIDを削除したい全てのアカウントを取得
$blk_query = $pdo->prepare("SELECT *
FROM account
WHERE blocklist LIKE :pattern1
OR blocklist LIKE :pattern2
OR blocklist LIKE :pattern3
");
$blk_query->bindValue(':pattern1', "%,$userid,%", PDO::PARAM_STR); // 中間に位置する場合
$blk_query->bindValue(':pattern2', "%,$userid", PDO::PARAM_STR); // 末尾に位置する場合
$blk_query->bindValue(':pattern3', "$userid,%", PDO::PARAM_STR); // 先頭に位置する場合
$blk_query->execute();
$blk_accounts = $blk_query->fetchAll();
foreach ($blk_accounts as $account) {
unblock_user($pdo, $userid, $account['userid']);
}
$pdo->beginTransaction();
try { try {
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS);
// 投稿削除クエリを実行 // 投稿削除クエリを実行
$deleteQuery = $pdo->prepare("DELETE FROM ueuse WHERE account = :userid"); $deleteQuery = $pdo->prepare("DELETE FROM ueuse WHERE account = :userid");
$deleteQuery->bindValue(':userid', $userid, PDO::PARAM_STR); $deleteQuery->bindValue(':userid', $userid, PDO::PARAM_STR);
$res = $deleteQuery->execute(); $res = $deleteQuery->execute();
// アカウント削除クエリを実行
$deleteQuery = $pdo->prepare("DELETE FROM account WHERE userid = :userid");
$deleteQuery->bindValue(':userid', $userid, PDO::PARAM_STR);
$res = $deleteQuery->execute();
// 通知削除クエリを実行(自分宛ての通知) // 通知削除クエリを実行(自分宛ての通知)
$deleteQuery = $pdo->prepare("DELETE FROM notification WHERE touserid = :touserid"); $deleteQuery = $pdo->prepare("DELETE FROM notification WHERE touserid = :touserid");
$deleteQuery->bindValue(':touserid', $userid, PDO::PARAM_STR); $deleteQuery->bindValue(':touserid', $userid, PDO::PARAM_STR);
@@ -169,40 +200,7 @@ if( !empty($_POST['btn_submit']) ) {
$deleteQuery->bindValue(':fromuserid', $userid, PDO::PARAM_STR); $deleteQuery->bindValue(':fromuserid', $userid, PDO::PARAM_STR);
$res = $deleteQuery->execute(); $res = $deleteQuery->execute();
// ユーザーIDを削除したい全てのアカウントを取得 // いいねの削除
$query = $pdo->prepare("SELECT * FROM account WHERE follow LIKE :pattern1 OR follow LIKE :pattern2 OR follow LIKE :pattern3 OR follower LIKE :pattern1 OR follower LIKE :pattern2 OR follower LIKE :pattern3");
$query->bindValue(':pattern1', "%,$userid,%", PDO::PARAM_STR);
$query->bindValue(':pattern2', "%,$userid", PDO::PARAM_STR);
$query->bindValue(':pattern3', "$userid,%", PDO::PARAM_STR);
$query->execute();
$accounts = $query->fetchAll();
foreach ($accounts as $account) {
// フォローの更新
if (strpos($account['follow'], ",$userid,") !== false || strpos($account['follow'], ",$userid") !== false || strpos($account['follow'], "$userid,") !== false) {
$followList = explode(',', $account['follow']);
$followList = array_diff($followList, array($userid));
$newFollowList = implode(',', $followList);
$updateFollowQuery = $pdo->prepare("UPDATE account SET follow = :follow WHERE userid = :userid");
$updateFollowQuery->bindValue(':follow', $newFollowList, PDO::PARAM_STR);
$updateFollowQuery->bindValue(':userid', $account['userid'], PDO::PARAM_STR);
$updateFollowQuery->execute();
}
// フォロワーの更新
if (strpos($account['follower'], ",$userid,") !== false || strpos($account['follower'], ",$userid") !== false || strpos($account['follower'], "$userid,") !== false) {
$followerList = explode(',', $account['follower']);
$followerList = array_diff($followerList, array($userid));
$newFollowerList = implode(',', $followerList);
$updateFollowerQuery = $pdo->prepare("UPDATE account SET follower = :follower WHERE userid = :userid");
$updateFollowerQuery->bindValue(':follower', $newFollowerList, PDO::PARAM_STR);
$updateFollowerQuery->bindValue(':userid', $account['userid'], PDO::PARAM_STR);
$updateFollowerQuery->execute();
}
}
$query = $pdo->prepare("SELECT * FROM ueuse WHERE favorite LIKE :pattern1 OR favorite LIKE :pattern2 OR favorite LIKE :pattern3"); $query = $pdo->prepare("SELECT * FROM ueuse WHERE favorite LIKE :pattern1 OR favorite LIKE :pattern2 OR favorite LIKE :pattern3");
$query->bindValue(':pattern1', "%,$userid,%", PDO::PARAM_STR); $query->bindValue(':pattern1', "%,$userid,%", PDO::PARAM_STR);
$query->bindValue(':pattern2', "%,$userid", PDO::PARAM_STR); $query->bindValue(':pattern2', "%,$userid", PDO::PARAM_STR);
@@ -224,11 +222,15 @@ if( !empty($_POST['btn_submit']) ) {
} }
} }
$deleteQuery = $pdo->prepare("DELETE FROM account WHERE userid = :userid");
$deleteQuery->bindValue(':userid', $userid, PDO::PARAM_STR);
$res = $deleteQuery->execute();
$pdo->commit();
} catch (Exception $e) { } catch (Exception $e) {
// エラーが発生した時はロールバック // エラーが発生した時はロールバック
$pdo->rollBack(); $pdo->rollBack();
actionLog($userid, "error", "deleteAccount", null, $e, 4);
} }
if ($res) { if ($res) {
@@ -451,7 +453,7 @@ require('../logout/logout.php');
<hr> <hr>
<h1>アカウント削除</h1> <h1>アカウント削除</h1>
<p>アカウント誤削除を防ぐため下の入力ボックスにご自身のユーザーIDを入力する必要があります。</p> <p>アカウント誤削除を防ぐため下の入力ボックスにご自身のユーザーIDを入力する必要があります。</p>
<?php if($res["admin"] === "yes"){?> <?php if($is_Admin === "yes"){?>
<p class="errmsg">あなたはこのサーバーの管理者のようです。<br>管理者アカウントの移行は済んでいますか?<br>アカウントを削除しても大丈夫なのですか...?</p> <p class="errmsg">あなたはこのサーバーの管理者のようです。<br>管理者アカウントの移行は済んでいますか?<br>アカウントを削除しても大丈夫なのですか...?</p>
<?php }?> <?php }?>
<div> <div>
server/uwuzuinfo.txt
+2 -2
View File
@@ -1,4 +1,4 @@
uwuzu uwuzu
1.4.13 1.4.14
2025/01/14 2025/01/26
daichimarukana,putonfps daichimarukana,putonfps
server/uwuzurelease.txt
+17
View File
@@ -1,6 +1,23 @@
## リリースノートだぜぇぇぇぇぇぇい!!!!!!! ## リリースノートだぜぇぇぇぇぇぇい!!!!!!!
ここにはuwuzuの更新情報を載せてくぜぇ~!(いやまてテンションおかしいだろ...) ここにはuwuzuの更新情報を載せてくぜぇ~!(いやまてテンションおかしいだろ...)
## Version 1.4.14 (Funium)
2025/01/26
fix: その他ページでのバグを修正しました。
fix: 通知のバグを修正しました。
fix: 絵文字ピッカーでワンクリックで複数個絵文字が入力されてしまう問題を修正しました。
fix: フォロー・フォロー解除の操作が完全に終了していないにもかかわらず、正常に終了したと返してしまう問題を修正しました。
fix: アカウント削除・BANに関するバグを修正しました!
chg: ブロックしているユーザーから通知が送信されないようにしました!
chg: IPブロック機能でCIDR表記に対応しました!
chg: 絵文字ピッカーでカーソル位置に絵文字を入力させるようにしました!
chg: おすすめタイムラインの動作を大幅に高速化しました!
このアップデートによりDBの更新が必要です。
データベースのueuseテーブルにpopularity(int(11))というカラムを追加してください。
chg: ユーザーを傷つけてしまうおそれのある投稿を未然に防ぐ機能を強化しました!
new: 管理者が個別でユーザーに通知を送信できる機能を実装しました!
uwuzu_database.sqlは更新済みです。
## Version 1.4.13 (Funium) ## Version 1.4.13 (Funium)
2025/01/14 2025/01/14
fix: 正しい認証情報があるのにもかかわらずログアウトされてしまう問題を修正しました。 fix: 正しい認証情報があるのにもかかわらずログアウトされてしまう問題を修正しました。
settings_admin/actionlog_admin.php
+1 -1
View File
@@ -150,7 +150,7 @@ if (!empty($pdo)) {
<p>ターゲット: <?php echo safetext($value["target"]);?></p> <p>ターゲット: <?php echo safetext($value["target"]);?></p>
<hr> <hr>
<p>内容</p> <p>内容</p>
<p><?php echo safetext($value["content"]);?></p> <p><?php echo nl2br(safetext($value["content"]));?></p>
<hr> <hr>
</details> </details>
</div> </div>
settings_admin/ipblock_admin.php
+37 -5
View File
@@ -108,12 +108,25 @@ if (!empty($pdo)) {
if( !empty($_POST['ip_btn_submit']) ) { if( !empty($_POST['ip_btn_submit']) ) {
$ipaddr = safetext($_POST['ipaddr']); $ipaddr = safetext($_POST['ipaddr']);
if (strpos($ipaddr, '/')) {
[$network, $prefixLength] = explode('/', $ipaddr);
}else{
$network = $ipaddr;
$prefixLength = null;
}
$note = safetext($_POST['note']); $note = safetext($_POST['note']);
if(filter_var($ipaddr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) || filter_var($ipaddr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)){ if(filter_var($network, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) || filter_var($network, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)){
$search_query = $pdo->prepare('SELECT * FROM ipblock WHERE ipaddr = :ipaddr limit 1'); $search_query = $pdo->prepare('SELECT * FROM ipblock WHERE ipaddr = :ipaddr limit 1');
$search_query->execute(array(':ipaddr' => $ipaddr)); if(!(empty($prefixLength))){
$pre_ip = $network."/".$prefixLength;
$search_query->execute(array(':ipaddr' => $pre_ip));
}else{
$search_query->execute(array(':ipaddr' => $network));
}
$result = $search_query->fetch(); $result = $search_query->fetch();
if($result > 0){ if($result > 0){
@@ -158,9 +171,21 @@ if( !empty($_POST['ip_btn_submit']) ) {
if( !empty($_POST['ip_del_submit']) ) { if( !empty($_POST['ip_del_submit']) ) {
$ipaddr = safetext($_POST['del_ipaddr']); $ipaddr = safetext($_POST['del_ipaddr']);
if(filter_var($ipaddr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) || filter_var($ipaddr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)){ if (strpos($ipaddr, '/')) {
[$network, $prefixLength] = explode('/', $ipaddr);
}else{
$network = $ipaddr;
$prefixLength = null;
}
if(filter_var($network, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) || filter_var($network, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)){
$search_query = $pdo->prepare('SELECT * FROM ipblock WHERE ipaddr = :ipaddr limit 1'); $search_query = $pdo->prepare('SELECT * FROM ipblock WHERE ipaddr = :ipaddr limit 1');
$search_query->execute(array(':ipaddr' => $ipaddr)); if(!(empty($prefixLength))){
$pre_ip = $network."/".$prefixLength;
$search_query->execute(array(':ipaddr' => $pre_ip));
}else{
$search_query->execute(array(':ipaddr' => $network));
}
$result = $search_query->fetch(); $result = $search_query->fetch();
if($result > 0){ if($result > 0){
@@ -168,6 +193,12 @@ if( !empty($_POST['ip_del_submit']) ) {
try{ try{
$deleteQuery = $pdo->prepare("DELETE FROM ipblock WHERE ipaddr = :ipaddr"); $deleteQuery = $pdo->prepare("DELETE FROM ipblock WHERE ipaddr = :ipaddr");
$deleteQuery->bindValue(':ipaddr', $ipaddr, PDO::PARAM_STR); $deleteQuery->bindValue(':ipaddr', $ipaddr, PDO::PARAM_STR);
if(!(empty($prefixLength))){
$pre_ip = $network."/".$prefixLength;
$deleteQuery->bindValue(':ipaddr', $pre_ip, PDO::PARAM_STR);
}else{
$deleteQuery->bindValue(':ipaddr', $network, PDO::PARAM_STR);
}
$res = $deleteQuery->execute(); $res = $deleteQuery->execute();
$res = $pdo->commit(); $res = $pdo->commit();
} catch (Exception $e) { } catch (Exception $e) {
@@ -229,7 +260,8 @@ require('../logout/logout.php');
<p>IPアドレスのブロック機能です。</p> <p>IPアドレスのブロック機能です。</p>
<div> <div>
<p>IPアドレス</p> <p>IPアドレス</p>
<div class="p2">IPv4とIPv6に対応しています。</div> <div class="p2">IPv4とIPv6に対応しています。<br>
CIDR表記にも対応しています。</div>
<input id="ipaddr" placeholder="000.000.000.000" class="inbox" type="text" name="ipaddr"> <input id="ipaddr" placeholder="000.000.000.000" class="inbox" type="text" name="ipaddr">
</div> </div>
<div> <div>
settings_admin/userinfo.php
+158 -75
View File
@@ -119,6 +119,35 @@ if (!empty($pdo)) {
$upload_cnt1 = $result->rowCount(); $upload_cnt1 = $result->rowCount();
} }
if( !empty($_POST['send_notification_submit']) ) {
$notice_title = safetext($_POST['notice_title']);
$notice_msg = safetext($_POST['notice_msg']);
if(empty($notice_title)){
$error_message[] = "通知のタイトルを空欄にすることはできません。(INPUT_PLEASE)";
}elseif(mb_strlen($notice_title) > 128){
$error_message[] = "通知のタイトルを512文字以上にすることはできません。(INPUT_OVER_MAX_COUNT)";
}
if(empty($notice_msg)){
$error_message[] = "通知の本文を空欄にすることはできません。(INPUT_PLEASE)";
}elseif(mb_strlen($notice_msg) > 128){
$error_message[] = "通知の本文を16777216文字以上にすることはできません。(INPUT_OVER_MAX_COUNT)";
}
if(empty($error_message)){
$url = safetext("/rule/serverabout");
$response = send_notification($userdata['userid'], "uwuzu-fromsys", $notice_title, $notice_msg, $url, "system");
if($response == true){
actionLog($userid, "info", "send_notification_submit", $userdata['userid'], $userdata['userid']."さんに".$userid."さんが通知を送信しました。\n".$notice_msg, 0);
header("Location:useradmin");
exit;
}else{
actionLog($userid, "error", "send_notification_submit", $userdata['userid'], $userdata['userid']."さんに".$userid."さんが通知を送信できませんでした。\n".$notice_msg, 4);
header("Location:useradmin");
exit;
}
}
}
if( !empty($_POST['send_ice_submit']) ) { if( !empty($_POST['send_ice_submit']) ) {
$notice_msg = $_POST['notice_msg']; $notice_msg = $_POST['notice_msg'];
@@ -366,81 +395,92 @@ if( !empty($_POST['send_ban_submit']) ) {
try { try {
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS); // フォロー・フォロワー情報を削除したい全てのアカウントを取得
$flw_query = $pdo->prepare("SELECT *
FROM account
WHERE follow LIKE :pattern1
OR follow LIKE :pattern2
OR follow LIKE :pattern3
OR follower LIKE :pattern1
OR follower LIKE :pattern2
OR follower LIKE :pattern3
");
$flw_query->bindValue(':pattern1', "%,$userId2,%", PDO::PARAM_STR); // 中間に位置する場合
$flw_query->bindValue(':pattern2', "%,$userId2", PDO::PARAM_STR); // 末尾に位置する場合
$flw_query->bindValue(':pattern3', "$userId2,%", PDO::PARAM_STR); // 先頭に位置する場合
$flw_query->execute();
$flw_accounts = $flw_query->fetchAll();
// 投稿削除クエリを実行 foreach ($flw_accounts as $account) {
$deleteQuery = $pdo->prepare("DELETE FROM ueuse WHERE account = :userid"); unfollow_user($pdo, $account['userid'], $userId2);
$deleteQuery->bindValue(':userid', $userId2, PDO::PARAM_STR); unfollow_user($pdo, $userId2, $account['userid']);
$res = $deleteQuery->execute();
// アカウント削除クエリを実行
$deleteQuery = $pdo->prepare("DELETE FROM account WHERE userid = :userid");
$deleteQuery->bindValue(':userid', $userId2, PDO::PARAM_STR);
$res = $deleteQuery->execute();
// 通知削除クエリを実行
$deleteQuery = $pdo->prepare("DELETE FROM notification WHERE touserid = :touserid");
$deleteQuery->bindValue(':touserid', $userId2, PDO::PARAM_STR);
$res = $deleteQuery->execute();
// 通知削除クエリを実行(自分からの通知)
$deleteQuery = $pdo->prepare("DELETE FROM notification WHERE fromuserid = :fromuserid");
$deleteQuery->bindValue(':fromuserid', $userId2, PDO::PARAM_STR);
$res = $deleteQuery->execute();
// ユーザーIDを削除したい全てのアカウントを取得
$query = $pdo->prepare("SELECT * FROM account WHERE follow LIKE :pattern1 OR follow LIKE :pattern2 OR follow LIKE :pattern3 OR follower LIKE :pattern1 OR follower LIKE :pattern2 OR follower LIKE :pattern3");
$query->bindValue(':pattern1', "%,$userid,%", PDO::PARAM_STR);
$query->bindValue(':pattern2', "%,$userid", PDO::PARAM_STR);
$query->bindValue(':pattern3', "$userid,%", PDO::PARAM_STR);
$query->execute();
$accounts = $query->fetchAll();
foreach ($accounts as $account) {
// フォローの更新
if (strpos($account['follow'], ",$userid,") !== false || strpos($account['follow'], ",$userid") !== false || strpos($account['follow'], "$userid,") !== false) {
$followList = explode(',', $account['follow']);
$followList = array_diff($followList, array($userid));
$newFollowList = implode(',', $followList);
$updateFollowQuery = $pdo->prepare("UPDATE account SET follow = :follow WHERE userid = :userid");
$updateFollowQuery->bindValue(':follow', $newFollowList, PDO::PARAM_STR);
$updateFollowQuery->bindValue(':userid', $account['userid'], PDO::PARAM_STR);
$updateFollowQuery->execute();
}
// フォロワーの更新
if (strpos($account['follower'], ",$userid,") !== false || strpos($account['follower'], ",$userid") !== false || strpos($account['follower'], "$userid,") !== false) {
$followerList = explode(',', $account['follower']);
$followerList = array_diff($followerList, array($userid));
$newFollowerList = implode(',', $followerList);
$updateFollowerQuery = $pdo->prepare("UPDATE account SET follower = :follower WHERE userid = :userid");
$updateFollowerQuery->bindValue(':follower', $newFollowerList, PDO::PARAM_STR);
$updateFollowerQuery->bindValue(':userid', $account['userid'], PDO::PARAM_STR);
$updateFollowerQuery->execute();
}
} }
$query = $pdo->prepare("SELECT * FROM ueuse WHERE favorite LIKE :pattern1 OR favorite LIKE :pattern2 OR favorite LIKE :pattern3"); // ユーザーIDを削除したい全てのアカウントを取得
$query->bindValue(':pattern1', "%,$userid,%", PDO::PARAM_STR); $blk_query = $pdo->prepare("SELECT *
$query->bindValue(':pattern2', "%,$userid", PDO::PARAM_STR); FROM account
$query->bindValue(':pattern3', "$userid,%", PDO::PARAM_STR); WHERE blocklist LIKE :pattern1
$query->execute(); OR blocklist LIKE :pattern2
$accounts = $query->fetchAll(); OR blocklist LIKE :pattern3
");
$blk_query->bindValue(':pattern1', "%,$userId2,%", PDO::PARAM_STR); // 中間に位置する場合
$blk_query->bindValue(':pattern2', "%,$userId2", PDO::PARAM_STR); // 末尾に位置する場合
$blk_query->bindValue(':pattern3', "$userId2,%", PDO::PARAM_STR); // 先頭に位置する場合
$blk_query->execute();
$blk_accounts = $blk_query->fetchAll();
foreach ($accounts as $account) { foreach ($blk_accounts as $account) {
// いいねの更新 unblock_user($pdo, $userId2, $account['userid']);
if (strpos($account['favorite'], ",$userid,") !== false || strpos($account['favorite'], ",$userid") !== false || strpos($account['favorite'], "$userid,") !== false) { }
$favoriteList = explode(',', $account['favorite']);
$favoriteList = array_diff($favoriteList, array($userid));
$newFavoriteList = implode(',', $favoriteList);
$updateFavoriteQuery = $pdo->prepare("UPDATE ueuse SET favorite = :favorite WHERE uniqid = :uniqid"); $pdo->beginTransaction();
$updateFavoriteQuery->bindValue(':favorite', $newFavoriteList, PDO::PARAM_STR); try {
$updateFavoriteQuery->bindValue(':uniqid', $account['uniqid'], PDO::PARAM_STR); // 投稿削除クエリを実行
$updateFavoriteQuery->execute(); $deleteQuery = $pdo->prepare("DELETE FROM ueuse WHERE account = :userid");
$deleteQuery->bindValue(':userid', $userId2, PDO::PARAM_STR);
$res = $deleteQuery->execute();
// 通知削除クエリを実行(自分宛ての通知)
$deleteQuery = $pdo->prepare("DELETE FROM notification WHERE touserid = :touserid");
$deleteQuery->bindValue(':touserid', $userId2, PDO::PARAM_STR);
$res = $deleteQuery->execute();
// 通知削除クエリを実行(自分からの通知)
$deleteQuery = $pdo->prepare("DELETE FROM notification WHERE fromuserid = :fromuserid");
$deleteQuery->bindValue(':fromuserid', $userId2, PDO::PARAM_STR);
$res = $deleteQuery->execute();
// いいねの削除
$query = $pdo->prepare("SELECT * FROM ueuse WHERE favorite LIKE :pattern1 OR favorite LIKE :pattern2 OR favorite LIKE :pattern3");
$query->bindValue(':pattern1', "%,$userId2,%", PDO::PARAM_STR);
$query->bindValue(':pattern2', "%,$userId2", PDO::PARAM_STR);
$query->bindValue(':pattern3', "$userId2,%", PDO::PARAM_STR);
$query->execute();
$accounts = $query->fetchAll();
foreach ($accounts as $account) {
// いいねの更新
if (strpos($account['favorite'], ",$userId2,") !== false || strpos($account['favorite'], ",$userId2") !== false || strpos($account['favorite'], "$userId2,") !== false) {
$favoriteList = explode(',', $account['favorite']);
$favoriteList = array_diff($favoriteList, array($userId2));
$newFavoriteList = implode(',', $favoriteList);
$updateFavoriteQuery = $pdo->prepare("UPDATE ueuse SET favorite = :favorite WHERE uniqid = :uniqid");
$updateFavoriteQuery->bindValue(':favorite', $newFavoriteList, PDO::PARAM_STR);
$updateFavoriteQuery->bindValue(':uniqid', $account['uniqid'], PDO::PARAM_STR);
$updateFavoriteQuery->execute();
}
} }
$deleteQuery = $pdo->prepare("DELETE FROM account WHERE userid = :userid");
$deleteQuery->bindValue(':userid', $userId2, PDO::PARAM_STR);
$res = $deleteQuery->execute();
$pdo->commit();
} catch (Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
actionLog($userId2, "error", "deleteAccount", null, $e, 4);
} }
//BAN通知メール //BAN通知メール
@@ -576,18 +616,35 @@ require('../logout/logout.php');
<hr> <hr>
<div class="p2">アカウント操作</div> <div class="p2">アカウント操作</div>
<div class="banzone"> <div class="banzone">
<button id="notification_btn" class="waterbtn">通知</button>
<?php if($roleId === "ice"){?> <?php if($roleId === "ice"){?>
<button id="water" class="waterbtn">解凍</button> <button id="water_btn" class="waterbtn">解凍</button>
<?php }else{?> <?php }else{?>
<button id="ice" class="icebtn">凍結</button> <button id="ice_btn" class="icebtn">凍結</button>
<?php }?> <?php }?>
<button id="ban" class="banbtn">BAN</button> <button id="ban_btn" class="banbtn">BAN</button>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
<div id="account_NotificationModal" class="modal">
<div class="modal-content">
<h1>通知を送信しますか?</h1>
<p><?php echo safetext($userdata['username']); ?>さんのアカウントに個別で通知を送信しますか?<br>送信時、送信元のアカウントはシステムアカウントとなります。<br><?php echo safetext($userdata['username']); ?>さんがすべての通知をオフにしていても通知されます。</p>
<form method="post" id="deleteForm">
<input class="inbox" id="notice_title" placeholder="通知のタイトル" name="notice_title" value=""/>
<hr>
<textarea id="notice_msg" placeholder="<?php echo safetext($userdata['username']); ?>さんへのメッセージ" name="notice_msg"></textarea>
<div class="btn_area">
<input type="submit" id="deleteButton4" class="fbtn_no" name="send_notification_submit" value="送信">
<input type="button" id="cancelButton4" class="fbtn" value="キャンセル">
</div>
</form>
</div>
</div>
<div id="account_IceModal" class="modal"> <div id="account_IceModal" class="modal">
<div class="modal-content"> <div class="modal-content">
<h1>このアカウントを凍結しますか?</h1> <h1>このアカウントを凍結しますか?</h1>
@@ -635,13 +692,39 @@ require('../logout/logout.php');
</body> </body>
<script> <script>
$(document).ready(function() { $(document).ready(function() {
var modal4 = document.getElementById('account_NotificationModal');
var deleteButton4 = document.getElementById('deleteButton4');
var cancelButton4 = document.getElementById('cancelButton4'); // 追加
var modalMain = $('.modal-content');
$(document).on('click', '#notification_btn', function (event) {
modal4.style.display = 'block';
modalMain.addClass("slideUp");
modalMain.removeClass("slideDown");
deleteButton4.addEventListener('click', () => {
modalMain.removeClass("slideUp");
modalMain.addClass("slideDown");
window.setTimeout(function(){
modal4.style.display = 'none';
}, 150);
});
cancelButton3.addEventListener('click', () => { // 追加
modalMain.removeClass("slideUp");
modalMain.addClass("slideDown");
window.setTimeout(function(){
modal4.style.display = 'none';
}, 150);
});
});
var modal3 = document.getElementById('account_WaterModal'); var modal3 = document.getElementById('account_WaterModal');
var deleteButton3 = document.getElementById('deleteButton3'); var deleteButton3 = document.getElementById('deleteButton3');
var cancelButton3 = document.getElementById('cancelButton3'); // 追加 var cancelButton3 = document.getElementById('cancelButton3'); // 追加
var modalMain = $('.modal-content'); var modalMain = $('.modal-content');
$(document).on('click', '.waterbtn', function (event) { $(document).on('click', '#water_btn', function (event) {
modal3.style.display = 'block'; modal3.style.display = 'block';
modalMain.addClass("slideUp"); modalMain.addClass("slideUp");
modalMain.removeClass("slideDown"); modalMain.removeClass("slideDown");
@@ -669,7 +752,7 @@ $(document).ready(function() {
var cancelButton = document.getElementById('cancelButton'); // 追加 var cancelButton = document.getElementById('cancelButton'); // 追加
var modalMain = $('.modal-content'); var modalMain = $('.modal-content');
$(document).on('click', '.icebtn', function (event) { $(document).on('click', '#ice_btn', function (event) {
modal.style.display = 'block'; modal.style.display = 'block';
modalMain.addClass("slideUp"); modalMain.addClass("slideUp");
modalMain.removeClass("slideDown"); modalMain.removeClass("slideDown");
@@ -696,7 +779,7 @@ $(document).ready(function() {
var cancelButton2 = document.getElementById('cancelButton2'); // 追加 var cancelButton2 = document.getElementById('cancelButton2'); // 追加
var modalMain = $('.modal-content'); var modalMain = $('.modal-content');
$(document).on('click', '.banbtn', function (event) { $(document).on('click', '#ban_btn', function (event) {
modal2.style.display = 'block'; modal2.style.display = 'block';
modalMain.addClass("slideUp"); modalMain.addClass("slideUp");
modalMain.removeClass("slideDown"); modalMain.removeClass("slideDown");
ueuse/index.php
+32 -11
View File
@@ -929,24 +929,45 @@ $(document).ready(function() {
if($("#error").length){ if($("#error").length){
$("#error").hide(); $("#error").hide();
} }
EmojiClickEvent();
}, },
error: function (xhr, textStatus, errorThrown) { // エラーと判定された場合 error: function (xhr, textStatus, errorThrown) { // エラーと判定された場合
isEmojiLoading = false; isEmojiLoading = false;
$("#error").show(); $("#error").show();
EmojiClickEvent();
}, },
}); });
} }
function EmojiClickEvent() {
$(".one_emoji").click(function (event) { var last_cursor_at = 0;
event.preventDefault(); $('body').on('click', '.one_emoji', function(event) {
var children = $(this).children("img"); event.preventDefault();
var custom_emojiname = children.attr("title");
$("#ueuse").val($("#ueuse").val() + custom_emojiname); var children = $(this).children("img");
}); var custom_emojiname = children.attr("title");
}
var input = $("#ueuse").get(0);
var now_ueuse = $("#ueuse").val();
var cursor_at = (input && input.selectionStart !== undefined) ? input.selectionStart : last_cursor_at;
var front = now_ueuse.slice(0, cursor_at);
var back = now_ueuse.slice(cursor_at);
$("#ueuse").val(front + custom_emojiname + back);
last_cursor_at = cursor_at + custom_emojiname.length;
// 挿入後にフォーカスとカーソルを維持
$("#ueuse").focus();
if (input) {
input.setSelectionRange(last_cursor_at, last_cursor_at);
}
});
$("#ueuse").on("click keyup", function() {
var input = $(this).get(0);
if (input && input.selectionStart !== undefined) {
last_cursor_at = input.selectionStart;
}
});
}); });
</script> </script>
update.json
+19 -10
View File
@@ -1,18 +1,27 @@
{ {
"software": "uwuzu", "software": "uwuzu",
"version": "1.4.13", "version": "1.4.14",
"release_date": "2025/01/14", "release_date": "2025/01/26",
"release_notes": "このアップデートでは管理者向けメニューのバグ修正と脆弱性の修正が含まれます。", "release_notes": "このアップデートではいくつかのバグ修正と個別でユーザーに通知を送信する新機能が含まれます。",
"notices": "アップデートの前にデータのバックアップを行うことをおすすめします!", "notices": "アップデートの前にベースの構造の更新をしてください!加えて、データのバックアップを行うことをおすすめします!",
"files": { "files": {
"overwrite": [ "overwrite": [
"/api/ueuse/create.php",
"/bookmark/bookmark.php",
"/bookmark/index.php",
"/delete/delete.php",
"/function/function.php", "/function/function.php",
"/img/tutorial_image/image2.png", "/home/index.php",
"/require/botbox.php", "/js/nsfw_event.js",
"/require/tutorial.php", "/js/unsupported.js",
"/check.php", "/nextpage/bookmark.php",
"/login.php", "/nextpage/foryoupage.php",
"/others/index.php",
"/settings_admin/actionlog_admin.php",
"/settings_admin/ipblock_admin.php",
"/settings_admin/userinfo.php",
"/ueuse/index.php",
"/user/index.php",
"/server/uwuzuabout.txt", "/server/uwuzuabout.txt",
"/server/uwuzuinfo.txt", "/server/uwuzuinfo.txt",
"/server/uwuzurelease.txt" "/server/uwuzurelease.txt"
uwuzu_database.sql
+3 -2
View File
@@ -3,7 +3,7 @@
-- https://www.phpmyadmin.net/ -- https://www.phpmyadmin.net/
-- --
-- ホスト: 127.0.0.1 -- ホスト: 127.0.0.1
-- 生成日時: 2025-01-12 11:11:44 -- 生成日時: 2025-01-26 07:32:55
-- サーバのバージョン: 10.4.32-MariaDB -- サーバのバージョン: 10.4.32-MariaDB
-- PHP のバージョン: 8.2.12 -- PHP のバージョン: 8.2.12
@@ -234,7 +234,8 @@ CREATE TABLE `ueuse` (
`favorite` mediumtext NOT NULL, `favorite` mediumtext NOT NULL,
`abi` mediumtext NOT NULL, `abi` mediumtext NOT NULL,
`abidate` datetime NOT NULL, `abidate` datetime NOT NULL,
`nsfw` varchar(32) NOT NULL `nsfw` varchar(32) NOT NULL,
`popularity` int(11) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci; ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
-- --