last2014/uwuzu-mirror
1
0
Fork 0
mirror of https://github.com/Daichimarukana/uwuzu.git synced 2026-06-04 19:14:41 +00:00
Code Activity

uwuzu v1.6.0 Hapuego

Browse Source
This commit is contained in:
だいちまる
2025-08-05 13:46:18 +09:00
parent 0d7c0a8879
commit e15b52a205
70 changed files with 7406 additions and 5172 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api/auth.php
+327
View File
@@ -0,0 +1,327 @@
<?php
function random_token($length = 64)
{
return substr(str_shuffle('1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, $length);
}
$domain = $_SERVER['HTTP_HOST'];
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
function random($length){
return substr(str_shuffle('1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'), 0, $length);
}
require('../db.php');
require("../function/function.php");
// 変数の初期化
$datetime = array();
$user_name = null;
$message = array();
$message_data = null;
$error_message = array();
$pdo = null;
$stmt = null;
$res = null;
$option = null;
session_name('uwuzu_s_id');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
session_regenerate_id(true);
// データベースに接続
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "user");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
$notificationcount = $notiData['notification_count'];
if( !empty($pdo) ) {
// データベース接続の設定
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
));
$userQuery = $dbh->prepare("SELECT userid,role,datetime FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $userid);
$userQuery->execute();
$userData = $userQuery->fetch();
}
$is_trueclient = false;
if(!(empty($_GET["session"])) && !(empty($_GET["client"])) && !(empty($_GET["scope"]))){
$is_trueclient = true;
$session_code = safetext($_GET["session"]);
if(strlen($session_code) > 512){
$is_trueclient = false;
}
$client_name = safetext($_GET["client"]);
if(isset($_GET["icon"])){
$client_icon = safetext(urldecode($_GET["icon"]));
}else{
$client_icon = "../img/sysimage/errorimage/emoji_404.png";
}
if(isset($_GET["scope"])){
$client_scope_base = safetext(urldecode($_GET["scope"]));
$client_scope_base = array_unique(array_map('trim', explode(",", $client_scope_base)));
$client_scope = [];
$securityScopes = ["write:me", "write:ueuse", "write:follow", "write:favorite", "write:notifications", "write:bookmark", "read:bookmark"];
$securityScopesView = false;
foreach ($client_scope_base as $scope) {
if (GetAPIScopes($scope)) {
$client_scope[] = GetAPIScopes($scope);
if($securityScopesView === false && in_array($scope, $securityScopes)){
$securityScopesView = true;
}
} else {
$client_scope[] = "未知のスコープ ($scope)";
}
}
}else{
$client_scope[] = "権限なし";
}
if(isset($_GET["about"])){
$client_about = safetext(urldecode($_GET["about"]));
}else{
$client_about = "クライアントによる説明はありません。";
}
if(isset($_GET["callback"])){
$client_callback = safetext(urldecode($_GET["callback"]));
}else{
$client_callback = null;
}
}else{
$is_trueclient = false;
}
if(!(isset($is_done))){
$is_done = false;
}
if($is_trueclient === true){
if( !empty($_POST['allow_submit']) ) {
$tokenQuery = $pdo->prepare("SELECT userid, token FROM api WHERE sessionid = :sessionid");
$tokenQuery->bindValue(':sessionid', $session_code);
$tokenQuery->execute();
$tokenData = $tokenQuery->fetch();
if(!(empty($tokenData["userid"]))){
$error_message[] = "不正なリクエストです。";
}
foreach ($client_scope_base as $scope) {
if (GetAPIScopes($scope)) {
$client_scope_done[] = $scope;
}else{
$client_scope_done = array();
}
}
$client_scope_done = implode(",", $client_scope_done);
if(empty($client_scope_done)){
$error_message[] = "不正な権限要求です。";
}
if($role == "ice"){
$error_message[] = "アカウントが凍結されているためAPIトークンの発行は行えません。";
}
if(empty($error_message)){
$pdo->beginTransaction();
try {
$uniqid = createUniqId();
$token = GenAPIToken();
$datetime = date("Y-m-d H:i:s");
$stmt = $pdo->prepare("INSERT INTO api (uniqid, userid, token, scope, datetime, clientname, sessionid) VALUES (:uniqid, :userid, :token, :scope, :datetime, :clientname, :sessionid)");
$stmt->bindParam(':uniqid', $uniqid, PDO::PARAM_STR);
$stmt->bindParam(':userid', $userid, PDO::PARAM_STR);
$stmt->bindParam(':token', $token, PDO::PARAM_STR);
$stmt->bindParam(':scope', $client_scope_done, PDO::PARAM_STR);
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
$stmt->bindParam(':clientname', $client_name, PDO::PARAM_STR);
$stmt->bindParam(':sessionid', $session_code, PDO::PARAM_STR);
$res = $stmt->execute();
$res = $pdo->commit();
} catch(Exception $e) {
$pdo->rollBack();
}
if($res) {
if(!(empty($client_callback))){
header("Location: ".$client_callback."");
exit;
}else{
$is_done = true;
}
}else{
$is_done = false;
actionLog($userid, "error", "api/auth", $client_name, $e->getMessage(), 3);
$error_message[] = "APIトークンの生成に失敗しました...(REGISTED_DAME)";
}
}
}
}
require('../logout/logout.php');
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../../css/home.css">
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<script src="../js/jquery-min.js"></script>
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>アクセス許可確認 - <?php echo safetext($serversettings["serverinfo"]["server_name"]);?></title>
</head>
<body>
<?php require('../require/leftbox.php');?>
<main>
<?php if( !empty($error_message) ): ?>
<ul class="errmsg">
<?php foreach( $error_message as $value ): ?>
<p>・ <?php echo $value; ?></p>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<form class="formarea" enctype="multipart/form-data" method="post">
<h1>アクセス許可確認</h1>
<?php if($is_trueclient === true && $is_done === false && !($role == "ice")){?>
<p>以下のサービスにあなたのアカウントを使わせてもいいですか...?</p>
<div class="auth_clientbox">
<div class="flexbox">
<img src="<?php echo $client_icon;?>">
<p><?php echo $client_name;?></p>
</div>
<div class="about">
<div class="p2">説明</div>
<p><?php echo nl2br($client_about);?></p>
<div class="p2">要求している権限</div>
<div class="scopebox">
<?php
foreach ($client_scope as $value) {
echo "<p>- " . safetext($value) . "</p>";
}
?>
</div>
</div>
<div class="accountbox">
<div class="p2">ログイン中のアカウント</div>
<div class="flexbox">
<img src="<?php echo localcloudURL($is_login["iconname"]);?>">
<p><?php echo $username."(@".$userid.")";?></p>
</div>
</div>
<?php if(!(empty($client_callback))){?>
<div class="callbackbox">
<div class="p2">許可すると以下のURLにリダイレクトされます</div>
<p><?php echo safetext($client_callback);?></p>
</div>
<?php }?>
</div>
<?php if($securityScopesView === true){?>
<div class="errmsg justfit">
<p>このサービスは<b>あなたに代わってアカウントの操作を行うことや、一部の情報を閲覧することができます</b>。アクセスを許可するかよく考えてください。</p>
</div>
<?php }?>
<div class="btnbox flexbox">
<a href="javascript:history.back();" class="sirobutton">戻る</a>
<input type="submit" class = "irobutton" name="allow_submit" value="許可">
</div>
<?php }elseif($is_trueclient === false){?>
<p>不正なクライアントによるアクセスです。</p>
<div class="btnbox">
<a href="javascript:history.back();" class="sirobutton">戻る</a>
</div>
<?php }elseif($is_done === true){?>
<p>許可が完了しました!<br>
このページを閉じてもとのサービスに戻って大丈夫です。</p>
<?php }elseif($role == "ice"){?>
<p>アカウントが凍結されているため、アクセスの許可は行えません。</p>
<?php }else{?>
<p>不明なエラーです。はじめからやり直してください。</p>
<?php }?>
</form>
</main>
<?php require('../require/rightbox.php');?>
<?php require('../require/botbox.php');?>
<?php require('../require/noscript_modal.php');?>
</body>
</html>
<script>
$(document).ready(function() {
$(function(){
$("input"). keydown(function(e) {
if ((e.which && e.which === 13) || (e.keyCode && e.keyCode === 13)) {
return false;
} else {
return true;
}
});
});
});
</script>
api/favorite/change.php
+20 -26
View File
@@ -1,15 +1,15 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require(__DIR__ . '/../../db.php');
//関数呼び出し
//- Base64_mime
require('../../function/function.php');
require(__DIR__ . '/../../function/function.php');
blockedIP($_SERVER['REMOTE_ADDR']);
$mojisizefile = "../../server/textsize.txt";
$mojisizefile = __DIR__ . "/../../server/textsize.txt";
$banurldomainfile = "../../server/banurldomain.txt";
$banurldomainfile = __DIR__ . "/../../server/banurldomain.txt";
$banurl_info = file_get_contents($banurldomainfile);
$banurl = preg_split("/\r\n|\n|\r/", $banurl_info);
@@ -44,6 +44,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -53,6 +54,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -61,28 +63,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role, follow, follower FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
//本文取得
$AuthData = APIAuth($pdo, $token, "write:favorite");
if($AuthData[0] === true){
$userData = $AuthData[2];
if(!(empty($_GET['uniqid']))){
$fav_uniqid = safetext($_GET['uniqid']);
}elseif(!(empty($post_json["uniqid"]))){
@@ -101,6 +84,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
@@ -108,16 +92,26 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
api/favorite/get.php
+20 -25
View File
@@ -1,15 +1,15 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require(__DIR__ . '/../../db.php');
//関数呼び出し
//- Base64_mime
require('../../function/function.php');
require(__DIR__ . '/../../function/function.php');
blockedIP($_SERVER['REMOTE_ADDR']);
$mojisizefile = "../../server/textsize.txt";
$mojisizefile = __DIR__ . "/../../server/textsize.txt";
$banurldomainfile = "../../server/banurldomain.txt";
$banurldomainfile = __DIR__ . "/../../server/banurldomain.txt";
$banurl_info = file_get_contents($banurldomainfile);
$banurl = preg_split("/\r\n|\n|\r/", $banurl_info);
@@ -44,6 +44,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -53,6 +54,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -61,27 +63,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role, follow, follower FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$AuthData = APIAuth($pdo, $token, "read:ueuse");
if($AuthData[0] === true){
$userData = $AuthData[2];
//本文取得
if(!(empty($_GET['uniqid']))){
$fav_uniqid = safetext($_GET['uniqid']);
@@ -101,6 +85,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
@@ -108,16 +93,26 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
api/me/index.php
+17 -27
View File
@@ -1,8 +1,8 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
require(__DIR__ . '/../../db.php');
require(__DIR__ . "/../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
@@ -35,6 +35,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -44,6 +45,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -52,31 +54,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$DataQuery = $pdo->prepare("SELECT username,userid,profile,datetime,follow,follower,iconname,headname,role,sacinfo,admin FROM account WHERE userid = :userid");
$DataQuery->bindValue(':userid', $userData["userid"]);
$DataQuery->execute();
$userdata = $DataQuery->fetch();
$AuthData = APIAuth($pdo, $token, "read:me");
if($AuthData[0] === true){
$userdata = $AuthData[2];
if (empty($userdata)){
$response = array(
@@ -158,6 +138,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$All_ueuse = $allueuse->rowCount();
$response = array(
'success' => true,
'username' => decode_yajirushi(htmlspecialchars_decode($userdata["username"])),
'userid' => decode_yajirushi(htmlspecialchars_decode($userdata["userid"])),
'profile' => decode_yajirushi(htmlspecialchars_decode($userdata["profile"])),
@@ -175,6 +156,14 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
'language' => "ja-JP",
);
}
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}else{
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
@@ -182,6 +171,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
api/me/notification/index.php
+171
View File
@@ -0,0 +1,171 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require(__DIR__ . '/../../../db.php');
require(__DIR__ . "/../../../function/function.php");
$serversettings_file = __DIR__ . "/../../../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
header("Access-Control-Allow-Origin: *");
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if(!(empty($_GET['token']))){
$token = safetext($_GET['token']);
}else{
$post_json = json_decode($Get_Post_Json, true);
if(isset($post_json["token"])){
$token = safetext($post_json["token"]);
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if($token == ""){
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
if(!(empty($_GET['limit']))){
$limit = (int)$_GET['limit'];
}elseif(!(empty($post_json["limit"]))){
$limit = (int)$post_json["limit"];
}else{
$limit = 25;
}
if($limit > 100){
$limit = 100;
}
if(!(empty($_GET['page']))){
$page = (int)$_GET['page'];
}elseif(!(empty($post_json["page"]))){
$page = (int)$post_json["page"];
}else{
$page = 1;
}
$offset = ($page - 1) * $limit;
session_start();
if( !empty($pdo) ) {
$AuthData = APIAuth($pdo, $token, "read:notifications");
if($AuthData[0] === true){
$userData = $AuthData[2];
$messageQuery = $pdo->prepare("SELECT fromuserid,title,msg,url,datetime,userchk,category FROM notification WHERE touserid = :userid ORDER BY datetime DESC LIMIT :offset, :itemsPerPage");
$messageQuery->bindValue(':userid', $userData["userid"], PDO::PARAM_STR);
$messageQuery->bindValue(':offset', $offset, PDO::PARAM_INT);
$messageQuery->bindValue(':itemsPerPage', $limit, PDO::PARAM_INT);
$messageQuery->execute();
// トランザクション開始
$pdo->beginTransaction();
while ($row = $messageQuery->fetch(PDO::FETCH_ASSOC)) {
$messages[] = $row;
}
if (!empty($messages)) {
$response = array(
'success' => true,
); // ループ外で $response を初期化
foreach ($messages as $notificationdata) {
$userQuery = $pdo->prepare("SELECT username, userid, iconname, headname, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $notificationdata["fromuserid"]);
$userQuery->execute();
$userData = $userQuery->fetch();
if ($userData) {
$now_userdata = array(
"username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])),
"userid" => decode_yajirushi(htmlspecialchars_decode($userData['userid'])),
"user_icon" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['iconname'])))),
"user_header" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['headname'])))),
);
}else if($notificationdata["fromuserid"] === "uwuzu-fromsys"){
$now_userdata = array(
"username" => decode_yajirushi(htmlspecialchars_decode($serversettings["serverinfo"]["server_name"])),
"userid" => "uwuzu-fromsys",
"user_icon" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($serversettings["serverinfo"]["server_icon"])))),
"user_header" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($serversettings["serverinfo"]["server_head"])))),
);
}else{
$now_userdata = array();
}
if($notificationdata["userchk"] === "done"){
$userchk = true;
}else{
$userchk = false;
}
$item = [
'from' => $now_userdata,
'category' => decode_yajirushi(htmlspecialchars_decode($notificationdata["category"])),
'title' => decode_yajirushi(htmlspecialchars_decode($notificationdata["title"])),
'text' => decode_yajirushi(htmlspecialchars_decode($notificationdata["msg"])),
'datetime' => decode_yajirushi(htmlspecialchars_decode($notificationdata["datetime"])),
'is_checked' => $userchk,
];
$response[] = $item; // ループ内で $response にデータを追加
}
echo json_encode($response, JSON_UNESCAPED_UNICODE);
} else {
$err = "notification_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>
api/me/notification/read.php
+123
View File
@@ -0,0 +1,123 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require(__DIR__ . '/../../../db.php');
require(__DIR__ . "/../../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
header("Access-Control-Allow-Origin: *");
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option);
} catch (PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if (isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if (!(empty($_GET['token']))) {
$token = safetext($_GET['token']);
} else {
$post_json = json_decode($Get_Post_Json, true);
if (isset($post_json["token"])) {
$token = safetext($post_json["token"]);
} else {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if ($token == "") {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
if (!(empty($_GET['limit']))) {
$limit = (int)$_GET['limit'];
} elseif (!(empty($post_json["limit"]))) {
$limit = (int)$post_json["limit"];
} else {
$limit = 25;
}
if ($limit > 100) {
$limit = 100;
}
if (!(empty($_GET['page']))) {
$page = (int)$_GET['page'];
} elseif (!(empty($post_json["page"]))) {
$page = (int)$post_json["page"];
} else {
$page = 1;
}
$offset = ($page - 1) * $limit;
session_start();
if (!empty($pdo)) {
$AuthData = APIAuth($pdo, $token, "write:notifications");
if ($AuthData[0] === true) {
$userData = $AuthData[2];
$pdo->beginTransaction();
try {
$stmt = $pdo->prepare("UPDATE notification SET userchk = 'done' WHERE touserid = :userid;");
$stmt->bindValue(':userid', $userData["userid"], PDO::PARAM_STR);
$res = $stmt->execute();
if ($res) {
$pdo->commit();
$response = array(
'success' => true
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
} else {
$pdo->rollBack();
$err = "update_failed";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
} catch (PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
} else {
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
} else {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
api/me/settings/index.php
+443
View File
@@ -0,0 +1,443 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require(__DIR__ . '/../../../db.php');
require(__DIR__ . "/../../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
header("Access-Control-Allow-Origin: *");
$pdo = null;
$error_message = array();
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option);
} catch (PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if (isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if (!(empty($_GET['token']))) {
$token = safetext($_GET['token']);
} else {
$post_json = json_decode($Get_Post_Json, true);
if (isset($post_json["token"])) {
$token = safetext($post_json["token"]);
} else {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if ($token == "") {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
if (!empty($pdo)) {
$AuthData = APIAuth($pdo, $token, "write:me");
if ($AuthData[0] === true) {
if(file_exists(__DIR__ . "/../../../settings_admin/plugin_settings/amazons3_settings.php")){
require_once __DIR__ . '/../../../settings_admin/plugin_settings/amazons3_settings.php';
if(AMS3_CHKS == "true"){
if(file_exists(__DIR__ . "/../../../plugin/aws/aws-autoloader.php")){
require_once __DIR__ . '/../../../plugin/aws/aws-autoloader.php';
}else{
actionLog(null, "error", "settings", null, "AWS SDK for PHPが見つかりませんでした!", 4);
}
}
}else{
actionLog(null, "error", "settings", null, "amazons3_settings.phpが見つかりませんでした!", 3);
}
$userData = $AuthData[2];
$userid = $userData["userid"];
$add_sql = array();
if (!(empty($_GET['username']))) {
$username = safetext($_GET['username']);
} elseif (!(empty($post_json["username"]))) {
$username = safetext($post_json["username"]);
} else {
$username = null;
}
// ユーザーネームの入力チェック
if (!($username === null)) {
if (empty($username)) {
$error_message[] = '表示名を入力してください。(USERNAME_INPUT_PLEASE)';
} else {
// 文字数を確認
if (50 < mb_strlen($username, 'UTF-8')) {
$error_message[] = 'ユーザーネームは50文字以内で入力してください。(USERNAME_OVER_MAX_COUNT)';
}
}
$add_sql[] = "username = :username";
}
if (!(empty($_GET['profile']))) {
$profile = safetext($_GET['profile']);
} elseif (!(empty($post_json["profile"]))) {
$profile = safetext($post_json["profile"]);
} else {
$profile = null;
}
if (!($profile === null)) {
if (1024 < mb_strlen($profile, 'UTF-8')) {
$error_message[] = 'プロフィールは1024文字以内で入力してください。(INPUT_OVER_MAX_COUNT)';
}
$add_sql[] = "profile = :profile";
}
if (!(empty($post_json["icon"]))) {
$imageData = base64_decode($post_json["icon"], true);
$tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_' . createUniqId());
file_put_contents($tmpFilePath, $imageData);
$IconFiles = [
'name' => 'upload.png',
'type' => check_mime($tmpFilePath),
'tmp_name' => $tmpFilePath,
'error' => UPLOAD_ERR_OK,
'size' => strlen($imageData),
];
} else {
$IconFiles = array();
}
if (isset($IconFiles)) {
if (!(empty($IconFiles['name']))) {
$uploadedFile = $IconFiles;
if (check_mime($uploadedFile['tmp_name'])) {
$extension = pathinfo($uploadedFile['name'], PATHINFO_EXTENSION);
delete_exif($extension, $uploadedFile['tmp_name']);
resizeImage($uploadedFile['tmp_name'], 512, 512);
if (AMS3_CHKS == "true") {
$usericonurl = getUserData($pdo, $userid)["iconname"];
if (filter_var($usericonurl, FILTER_VALIDATE_URL)) {
$s3delresult = deleteAmazonS3($usericonurl);
} else {
$s3delresult = true;
}
if ($s3delresult == true) {
$s3result = uploadAmazonS3($uploadedFile['tmp_name']);
} else {
$s3result = false;
}
} else {
if (check_mime($uploadedFile['tmp_name']) == "image/webp") {
$newFilename = createUniqId() . '-' . $userid . '.webp';
} else {
$newFilename = createUniqId() . '-' . $userid . '.' . $extension;
}
$uploadedPath = 'usericons/' . $newFilename;
$result = rename($uploadedFile['tmp_name'], __DIR__ . '/../../../' . $uploadedPath);
if ($result) {
$iconName = $uploadedPath; // 保存されたファイルのパスを使用
$currentIconPath = getUserData($pdo, $userid)["iconname"];
} else {
$errnum = $uploadedFile['error'];
$errcode = "ERROR";
switch ($errnum) {
case 1:
$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";
break;
case 2:
$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";
break;
case 3:
$errcode = "FILE_SUKOSHIDAKE_UPLOAD";
break;
case 4:
$errcode = "FILE_UPLOAD_DEKINAKATTA";
break;
case 6:
$errcode = "TMP_FOLDER_NAI";
break;
case 7:
$errcode = "FILE_KAKIKOMI_SIPPAI";
break;
case 8:
$errcode = "PHPINFO()_KAKUNIN";
break;
case 0:
// 成功だったのに move_uploaded_file() が失敗した
if (!is_uploaded_file($uploadedFile['tmp_name'])) {
$errcode = "TMP_FILE_NAI";
} elseif (!is_writable(__DIR__ . '/../../../usericons/')) {
$errcode = "SAVE_FOLDER_KAKIKOMI_KENNAI";
} else {
$errcode = "MOVE_UPLOAD_FILE_SIPPAI";
}
break;
}
$error_message[] = 'アップロード失敗!(1)エラーコード:' . $errcode . '';
}
}
if (isset($s3result)) {
if ($s3result == false) {
$error_message[] = 'アップロード失敗!(1)エラーコード: S3ERROR';
} else {
$iconName = $s3result; // S3に保存されたファイルのパスを使用
$currentIconPath = getUserData($pdo, $userid)["iconname"];
}
}
} else {
$error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)";
}
}
}
if (!(empty($iconName))) {
$add_sql[] = "iconname = :iconname";
}
if (!(empty($post_json["header"]))) {
$imageData = base64_decode($post_json["header"], true);
$tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_' . createUniqId());
file_put_contents($tmpFilePath, $imageData);
$HeadFiles = [
'name' => 'upload.png',
'type' => check_mime($tmpFilePath),
'tmp_name' => $tmpFilePath,
'error' => UPLOAD_ERR_OK,
'size' => strlen($imageData),
];
} else {
$HeadFiles = array();
}
if (isset($HeadFiles)) {
if (!(empty($HeadFiles['name']))) {
$uploadedFile = $HeadFiles;
if (check_mime($uploadedFile['tmp_name'])) {
$extension = pathinfo($uploadedFile['name'], PATHINFO_EXTENSION);
delete_exif($extension, $uploadedFile['tmp_name']);
resizeImage($uploadedFile['tmp_name'], 2048, 1024);
if (AMS3_CHKS == "true") {
$userheadurl = getUserData($pdo, $userid)["headname"];
if (filter_var($userheadurl, FILTER_VALIDATE_URL)) {
$s3delresult = deleteAmazonS3($userheadurl);
} else {
$s3delresult = true;
}
if ($s3delresult == true) {
$s3result = uploadAmazonS3($uploadedFile['tmp_name']);
} else {
$s3result = false;
}
} else {
if (check_mime($uploadedFile['tmp_name']) == "image/webp") {
$newFilename = createUniqId() . '-' . $userid . '.webp';
} else {
$newFilename = createUniqId() . '-' . $userid . '.' . $extension;
}
$uploadedPath = 'userheads/' . $newFilename;
$result = rename($uploadedFile['tmp_name'], __DIR__ . '/../../../' . $uploadedPath);
if ($result) {
$headName = $uploadedPath; // 保存されたファイルのパスを使用
$currentHeadPath = getUserData($pdo, $userid)["headname"];
} else {
$errnum = $uploadedFile['error'];
$errcode = "ERROR";
switch ($errnum) {
case 1:
$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";
break;
case 2:
$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";
break;
case 3:
$errcode = "FILE_SUKOSHIDAKE_UPLOAD";
break;
case 4:
$errcode = "FILE_UPLOAD_DEKINAKATTA";
break;
case 6:
$errcode = "TMP_FOLDER_NAI";
break;
case 7:
$errcode = "FILE_KAKIKOMI_SIPPAI";
break;
case 8:
$errcode = "PHPINFO()_KAKUNIN";
break;
case 0:
// 成功だったのに move_uploaded_file() が失敗した
if (!is_uploaded_file($uploadedFile['tmp_name'])) {
$errcode = "TMP_FILE_NAI";
} elseif (!is_writable(__DIR__ . '/../../../usericons/')) {
$errcode = "SAVE_FOLDER_KAKIKOMI_KENNAI";
} else {
$errcode = "MOVE_UPLOAD_FILE_SIPPAI";
}
break;
}
$error_message[] = 'アップロード失敗!(2)エラーコード:' . $errcode . '';
}
}
if (isset($s3result)) {
if ($s3result == false) {
$error_message[] = 'アップロード失敗!(2)エラーコード: S3ERROR';
} else {
$headName = $s3result; // S3に保存されたファイルのパスを使用
$currentHeadPath = getUserData($pdo, $userid)["headname"];
}
}
} else {
$error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)";
}
}
}
if (!(empty($headName))) {
$add_sql[] = "headname = :headname";
}
if(empty($add_sql)) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$add_sql = implode(", ", $add_sql);
}
if (empty($error_message)) {
// トランザクション開始
$pdo->beginTransaction();
try {
$stmt = $pdo->prepare("UPDATE account SET ".$add_sql." WHERE userid = :userid;");
// 他の値をセット
if (!(empty($username))) {
$stmt->bindValue(':username', $username, PDO::PARAM_STR);
}
if (!(empty($profile))) {
$stmt->bindValue(':profile', $profile, PDO::PARAM_STR);
}
if (!(empty($iconName))) {
$stmt->bindValue(':iconname', $iconName, PDO::PARAM_STR);
}
if (!(empty($headName))) {
$stmt->bindValue(':headname', $headName, PDO::PARAM_STR);
}
$stmt->bindValue(':userid', $userid, PDO::PARAM_STR);
$res = $stmt->execute();
// コミット
if($res) {
$pdo->commit();
if (!(empty($iconName))) {
if ($currentIconPath && !filter_var($currentIconPath, FILTER_VALIDATE_URL)) {
$filePath = realpath(__DIR__ . '/../../../' . $currentIconPath);
if ($filePath && file_exists($filePath)) {
unlink($filePath);
}
}
}
if (!(empty($headName))) {
if ($currentHeadPath && !filter_var($currentHeadPath, FILTER_VALIDATE_URL)) {
$filePath = realpath(__DIR__ . '/../../../' . $currentHeadPath);
if ($filePath && file_exists($filePath)) {
unlink($filePath);
}
}
}
$response = array(
'success' => true
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
} else {
$pdo->rollBack();
$err = "update_failed";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
} catch (Exception $e) {
$pdo->rollBack();
actionLog($userid, "error", "user-settings-api", null, $e, 4);
$err = "update_failed";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
$stmt = null;
}else{
$err = $error_message;
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
} else {
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
} else {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
api/token/get.php
+100
View File
@@ -0,0 +1,100 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require(__DIR__ . '/../../db.php');
require(__DIR__ . "/../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
header("Access-Control-Allow-Origin: *");
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['session']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if(!(empty($_GET['session']))){
$session_id = safetext($_GET['session']);
}else{
$post_json = json_decode($Get_Post_Json, true);
if(isset($post_json["session"])){
$session_id = safetext($post_json["session"]);
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if($session_id == ""){
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
session_start();
if( !empty($pdo) ) {
$tokenQuery = $pdo->prepare("SELECT userid, token FROM api WHERE sessionid = :sessionid");
$tokenQuery->bindValue(':sessionid', $session_id);
$tokenQuery->execute();
$tokenData = $tokenQuery->fetch();
if(empty($tokenData["userid"])){
$err = "session_invalid";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$userdata = getUserData($pdo, $tokenData["userid"]);
if (empty($userdata)){
$response = array(
'error_code' => "critical_error_userdata_not_found",
'success' => false
);
}else{
DelSessionidAPIToken($pdo, $session_id);
$response = array(
'success' => true,
'username' => decode_yajirushi(htmlspecialchars_decode($userdata["username"])),
'userid' => decode_yajirushi(htmlspecialchars_decode($userdata["userid"])),
'token' => decode_yajirushi(htmlspecialchars_decode($tokenData["token"]))
);
}
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>
api/ueuse/bookmark/index.php
+226
View File
@@ -0,0 +1,226 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require(__DIR__ . '/../../../db.php');
require(__DIR__ . "/../../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
header("Access-Control-Allow-Origin: *");
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
//トークン取得
if(!(empty($_GET['token']))){
$token = safetext($_GET['token']);
}else{
$post_json = json_decode($Get_Post_Json, true);
if(isset($post_json["token"])){
$token = safetext($post_json["token"]);
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}
if($token == ""){
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
if(!(empty($_GET['limit']))){
$limit = (int)$_GET['limit'];
}elseif(!(empty($post_json["limit"]))){
$limit = (int)$post_json["limit"];
}else{
$limit = 25;
}
if($limit > 100){
$limit = 100;
}
if(!(empty($_GET['page']))){
$page = (int)$_GET['page'];
}elseif(!(empty($post_json["page"]))){
$page = (int)$post_json["page"];
}else{
$page = 1;
}
$offset = ($page - 1) * $limit;
session_start();
if( !empty($pdo) ) {
$AuthData = APIAuth($pdo, $token, "read:bookmark");
if($AuthData[0] === true){
$userData = $AuthData[2];
$messages = array();
$allBookmarks = explode(',', $userData['bookmark'] ?? '');
$reversedBookmarks = array_reverse($allBookmarks);
$bookmarkList = array_chunk($reversedBookmarks, $limit);
$list_Page = max(0, (int)$page - 1);
if (!empty($bookmarkList[$list_Page])) {
$currentPageUniqIds = $bookmarkList[$list_Page];
// 名前付きプレースホルダ作成
$placeholders = [];
$params = [];
foreach ($currentPageUniqIds as $i => $uniqid) {
$key = ":uniqid$i";
$placeholders[] = $key;
$params[$key] = $uniqid;
}
$placeholderStr = implode(',', $placeholders);
$sql = "SELECT ueuse.*
FROM ueuse
LEFT JOIN account ON ueuse.account = account.userid
WHERE ueuse.uniqid IN ($placeholderStr) AND account.role != 'ice'
ORDER BY FIELD(ueuse.uniqid, $placeholderStr)";
$stmt = $pdo->prepare($sql);
foreach ($params as $key => $val) {
$stmt->bindValue($key, $val, PDO::PARAM_STR);
}
$stmt->execute();
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
if (!empty($messages)) {
$response = array(
'success' => true,
); // ループ外で $response を初期化
foreach ($messages as $ueusedata) {
if(!(empty($ueusedata["favorite"]))){
$favorite = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite"])));
array_shift($favorite);
}else{
$favorite = array();
}
$favcnts = explode(',', $ueusedata["favorite"]);
$ueusedata["favorite_cnt"] = count($favcnts) - 1;
$userData = getUserData($pdo, $ueusedata["account"]);
if ($userData) {
$now_userdata = array(
"username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])),
"userid" => decode_yajirushi(htmlspecialchars_decode($userData['userid'])),
"user_icon" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['iconname'])))),
"user_header" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['headname'])))),
"is_bot" => $userData['sacinfo'] == 'bot' ? true : false,
);
}
if($ueusedata["nsfw"] == "true"){
$nsfw = true;
}else{
$nsfw = false;
}
if($ueusedata["abi"] == "none"){
$ueusedata["abi"] = "";
}
//リプライ数取得
$rpQuery = $pdo->prepare("SELECT COUNT(*) as reply_count FROM ueuse WHERE rpuniqid = :rpuniqid");
$rpQuery->bindValue(':rpuniqid', $ueusedata['uniqid']);
$rpQuery->execute();
$rpData = $rpQuery->fetch(PDO::FETCH_ASSOC);
if ($rpData){
$ueusedata['reply_count'] = $rpData['reply_count'];
}
//リユーズ数取得
$ruQuery = $pdo->prepare("SELECT COUNT(*) as reuse_count FROM ueuse WHERE ruuniqid = :ruuniqid");
$ruQuery->bindValue(':ruuniqid', $ueusedata['uniqid']);
$ruQuery->execute();
$ruData = $ruQuery->fetch(PDO::FETCH_ASSOC);
if ($ruData){
$ueusedata['reuse_count'] = $ruData['reuse_count'];
}
$item = [
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])),
'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])),
'reuseid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ruuniqid"])),
'text' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ueuse"])),
'account' => $now_userdata,
'photo1' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["photo1"])))),
'photo2' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["photo2"])))),
'photo3' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["photo3"])))),
'photo4' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["photo4"])))),
'video1' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["video1"])))),
'favorite' => $favorite,
'favorite_cnt' => $ueusedata["favorite_cnt"],
'reply_cnt' => $ueusedata["reply_count"],
'reuse_cnt' => $ueusedata["reuse_count"],
'datetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["datetime"])),
'abi' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abi"])),
'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])),
'nsfw' => $nsfw,
];
$response[] = $item; // ループ内で $response にデータを追加
}
echo json_encode($response, JSON_UNESCAPED_UNICODE);
} else {
$err = "ueuse_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>
api/ueuse/create.php
+21 -25
View File
@@ -1,15 +1,15 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require(__DIR__ . '/../../db.php');
//関数呼び出し
//- Base64_mime
require('../../function/function.php');
require(__DIR__ . '/../../function/function.php');
blockedIP($_SERVER['REMOTE_ADDR']);
$mojisizefile = "../../server/textsize.txt";
$mojisizefile = __DIR__ . "/../../server/textsize.txt";
$banurldomainfile = "../../server/banurldomain.txt";
$banurldomainfile = __DIR__ . "/../../server/banurldomain.txt";
$banurl_info = file_get_contents($banurldomainfile);
$banurl = preg_split("/\r\n|\n|\r/", $banurl_info);
@@ -43,6 +43,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -52,6 +53,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -60,27 +62,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$AuthData = APIAuth($pdo, $token, "write:ueuse");
if($AuthData[0] === true){
$userData = $AuthData[2];
//本文取得
if(!(empty($_GET['text']))){
$ueuse = safetext($_GET['text']);
@@ -90,6 +74,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
@@ -213,6 +198,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
if($ueuse_result[0] == true){
$response = array(
'success' => true,
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueuse_result[1])),
'userid' => decode_yajirushi(htmlspecialchars_decode($userData["userid"])),
);
@@ -282,16 +268,26 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
api/ueuse/delete.php
+18 -23
View File
@@ -1,8 +1,8 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
require(__DIR__ . '/../../db.php');
require(__DIR__ . "/../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
@@ -35,6 +35,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -44,6 +45,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -57,6 +59,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
@@ -66,27 +69,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role, loginid FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$AuthData = APIAuth($pdo, $token, "write:ueuse");
if($AuthData[0] === true){
$userData = $AuthData[2];
if (safetext(isset($ueuseid)) && safetext(isset($userData["userid"])) && safetext(isset($userData["loginid"]))){
$postUserid = safetext($userData["userid"]);
$postUniqid = safetext($ueuseid);
@@ -114,16 +99,26 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
api/ueuse/get.php
+52 -30
View File
@@ -1,8 +1,8 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
require(__DIR__ . '/../../db.php');
require(__DIR__ . "/../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
@@ -35,6 +35,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -44,6 +45,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -57,6 +59,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
@@ -66,27 +69,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$AuthData = APIAuth($pdo, $token, "read:ueuse");
if($AuthData[0] === true){
$userData = $AuthData[2];
$sql = "SELECT * FROM ueuse WHERE uniqid = :ueuseid ORDER BY datetime ASC LIMIT 1";
$stmt = $pdo->prepare($sql);
$stmt->bindValue(':ueuseid', $ueuseid, PDO::PARAM_STR);
@@ -99,7 +84,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
}
if (!empty($messages)) {
$response = array(); // ループ外で $response を初期化
$response = array(
'success' => true,
); // ループ外で $response を初期化
foreach ($messages as $ueusedata) {
if(!(empty($ueusedata["favorite"]))){
@@ -111,17 +98,15 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$favcnts = explode(',', $ueusedata["favorite"]);
$ueusedata["favorite_cnt"] = count($favcnts) - 1;
$userQuery = $pdo->prepare("SELECT username, userid, iconname, headname, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $ueusedata["account"]);
$userQuery->execute();
$userData = $userQuery->fetch();
$userData = getUserData($pdo, $ueusedata["account"]);
if ($userData) {
$now_userdata = array(
"username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])),
"userid" => decode_yajirushi(htmlspecialchars_decode($userData['userid'])),
"user_icon" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['iconname'])))),
"user_head" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['headname'])))),
"user_header" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['headname'])))),
"is_bot" => $userData['sacinfo'] == 'bot' ? true : false,
);
}
@@ -130,10 +115,35 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
}else{
$nsfw = false;
}
if($ueusedata["abi"] == "none"){
$ueusedata["abi"] = "";
}
//リプライ数取得
$rpQuery = $pdo->prepare("SELECT COUNT(*) as reply_count FROM ueuse WHERE rpuniqid = :rpuniqid");
$rpQuery->bindValue(':rpuniqid', $ueusedata['uniqid']);
$rpQuery->execute();
$rpData = $rpQuery->fetch(PDO::FETCH_ASSOC);
if ($rpData){
$ueusedata['reply_count'] = $rpData['reply_count'];
}
//リユーズ数取得
$ruQuery = $pdo->prepare("SELECT COUNT(*) as reuse_count FROM ueuse WHERE ruuniqid = :ruuniqid");
$ruQuery->bindValue(':ruuniqid', $ueusedata['uniqid']);
$ruQuery->execute();
$ruData = $ruQuery->fetch(PDO::FETCH_ASSOC);
if ($ruData){
$ueusedata['reuse_count'] = $ruData['reuse_count'];
}
$item = [
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])),
'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])),
'reuseid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ruuniqid"])),
'text' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ueuse"])),
'account' => $now_userdata,
'photo1' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["photo1"])))),
@@ -142,7 +152,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
'photo4' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["photo4"])))),
'video1' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["video1"])))),
'favorite' => $favorite,
'favorite_cnt' => decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite_cnt"])),
'favorite_cnt' => $ueusedata["favorite_cnt"],
'reply_cnt' => $ueusedata["reply_count"],
'reuse_cnt' => $ueusedata["reuse_count"],
'datetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["datetime"])),
'abi' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abi"])),
'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])),
@@ -157,16 +169,26 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "ueuse_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
api/ueuse/index.php
+51 -30
View File
@@ -1,8 +1,8 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
require(__DIR__ . '/../../db.php');
require(__DIR__ . "/../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
@@ -36,6 +36,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -45,6 +46,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -73,27 +75,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$AuthData = APIAuth($pdo, $token, "read:ueuse");
if($AuthData[0] === true){
$userData = $AuthData[2];
$sql = "SELECT ueuse.*
FROM ueuse
LEFT JOIN account ON ueuse.account = account.userid
@@ -113,7 +97,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
}
if (!empty($messages)) {
$response = array(); // ループ外で $response を初期化
$response = array(
'success' => true,
); // ループ外で $response を初期化
foreach ($messages as $ueusedata) {
if(!(empty($ueusedata["favorite"]))){
@@ -125,17 +111,15 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$favcnts = explode(',', $ueusedata["favorite"]);
$ueusedata["favorite_cnt"] = count($favcnts) - 1;
$userQuery = $pdo->prepare("SELECT username, userid, iconname, headname, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $ueusedata["account"]);
$userQuery->execute();
$userData = $userQuery->fetch();
$userData = getUserData($pdo, $ueusedata["account"]);
if ($userData) {
$now_userdata = array(
"username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])),
"userid" => decode_yajirushi(htmlspecialchars_decode($userData['userid'])),
"user_icon" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['iconname'])))),
"user_head" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['headname'])))),
"user_header" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['headname'])))),
"is_bot" => $userData['sacinfo'] == 'bot' ? true : false,
);
}
@@ -144,10 +128,35 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
}else{
$nsfw = false;
}
if($ueusedata["abi"] == "none"){
$ueusedata["abi"] = "";
}
//リプライ数取得
$rpQuery = $pdo->prepare("SELECT COUNT(*) as reply_count FROM ueuse WHERE rpuniqid = :rpuniqid");
$rpQuery->bindValue(':rpuniqid', $ueusedata['uniqid']);
$rpQuery->execute();
$rpData = $rpQuery->fetch(PDO::FETCH_ASSOC);
if ($rpData){
$ueusedata['reply_count'] = $rpData['reply_count'];
}
//リユーズ数取得
$ruQuery = $pdo->prepare("SELECT COUNT(*) as reuse_count FROM ueuse WHERE ruuniqid = :ruuniqid");
$ruQuery->bindValue(':ruuniqid', $ueusedata['uniqid']);
$ruQuery->execute();
$ruData = $ruQuery->fetch(PDO::FETCH_ASSOC);
if ($ruData){
$ueusedata['reuse_count'] = $ruData['reuse_count'];
}
$item = [
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])),
'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])),
'reuseid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ruuniqid"])),
'text' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ueuse"])),
'account' => $now_userdata,
'photo1' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["photo1"])))),
@@ -156,7 +165,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
'photo4' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["photo4"])))),
'video1' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["video1"])))),
'favorite' => $favorite,
'favorite_cnt' => decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite_cnt"])),
'favorite_cnt' => $ueusedata["favorite_cnt"],
'reply_cnt' => $ueusedata["reply_count"],
'reuse_cnt' => $ueusedata["reuse_count"],
'datetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["datetime"])),
'abi' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abi"])),
'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])),
@@ -171,16 +182,26 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "ueuse_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
api/ueuse/mentions.php
+54 -33
View File
@@ -1,8 +1,8 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
require(__DIR__ . '/../../db.php');
require(__DIR__ . "/../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
@@ -36,6 +36,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -45,6 +46,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -73,35 +75,17 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
$AuthData = APIAuth($pdo, $token, "read:ueuse");
if($AuthData[0] === true){
$userData = $AuthData[2];
$Userid = strtolower($userData["userid"]);
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$Userid = $userData["userid"];
$sql = "SELECT * FROM ueuse WHERE ueuse LIKE :keyword OR abi LIKE :keyword ORDER BY datetime DESC LIMIT :offset, :itemsPerPage";
$sql = "SELECT * FROM ueuse WHERE FIND_IN_SET(:keyword, mentions) ORDER BY datetime DESC LIMIT :offset, :itemsPerPage";
$stmt = $pdo->prepare($sql);
$stmt->bindValue(':offset', $offset, PDO::PARAM_INT);
$stmt->bindValue(':itemsPerPage', $limit, PDO::PARAM_INT);
$stmt->bindValue(':keyword', '%@' . $Userid . '%', PDO::PARAM_STR);
$stmt->bindValue(':keyword', '' . $Userid . '', PDO::PARAM_STR);
$stmt->execute();
$message_array = $stmt;
@@ -111,7 +95,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
}
if (!empty($messages)) {
$response = array(); // ループ外で $response を初期化
$response = array(
'success' => true,
); // ループ外で $response を初期化
foreach ($messages as $ueusedata) {
if(!(empty($ueusedata["favorite"]))){
@@ -123,17 +109,15 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$favcnts = explode(',', $ueusedata["favorite"]);
$ueusedata["favorite_cnt"] = count($favcnts) - 1;
$userQuery = $pdo->prepare("SELECT username, userid, iconname, headname, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $ueusedata["account"]);
$userQuery->execute();
$userData = $userQuery->fetch();
$userData = getUserData($pdo, $ueusedata["account"]);
if ($userData) {
$now_userdata = array(
"username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])),
"userid" => decode_yajirushi(htmlspecialchars_decode($userData['userid'])),
"user_icon" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['iconname'])))),
"user_head" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['headname'])))),
"user_header" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['headname'])))),
"is_bot" => $userData['sacinfo'] == 'bot' ? true : false,
);
}
@@ -142,10 +126,35 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
}else{
$nsfw = false;
}
if($ueusedata["abi"] == "none"){
$ueusedata["abi"] = "";
}
//リプライ数取得
$rpQuery = $pdo->prepare("SELECT COUNT(*) as reply_count FROM ueuse WHERE rpuniqid = :rpuniqid");
$rpQuery->bindValue(':rpuniqid', $ueusedata['uniqid']);
$rpQuery->execute();
$rpData = $rpQuery->fetch(PDO::FETCH_ASSOC);
if ($rpData){
$ueusedata['reply_count'] = $rpData['reply_count'];
}
//リユーズ数取得
$ruQuery = $pdo->prepare("SELECT COUNT(*) as reuse_count FROM ueuse WHERE ruuniqid = :ruuniqid");
$ruQuery->bindValue(':ruuniqid', $ueusedata['uniqid']);
$ruQuery->execute();
$ruData = $ruQuery->fetch(PDO::FETCH_ASSOC);
if ($ruData){
$ueusedata['reuse_count'] = $ruData['reuse_count'];
}
$item = [
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])),
'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])),
'reuseid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ruuniqid"])),
'text' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ueuse"])),
'account' => $now_userdata,
'photo1' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["photo1"])))),
@@ -154,7 +163,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
'photo4' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["photo4"])))),
'video1' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["video1"])))),
'favorite' => $favorite,
'favorite_cnt' => decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite_cnt"])),
'favorite_cnt' => $ueusedata["favorite_cnt"],
'reply_cnt' => $ueusedata["reply_count"],
'reuse_cnt' => $ueusedata["reuse_count"],
'datetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["datetime"])),
'abi' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abi"])),
'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])),
@@ -169,16 +180,26 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "ueuse_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
api/ueuse/replies.php
+52 -30
View File
@@ -1,8 +1,8 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
require(__DIR__ . '/../../db.php');
require(__DIR__ . "/../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
@@ -36,6 +36,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -45,6 +46,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -58,6 +60,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
@@ -87,27 +90,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$AuthData = APIAuth($pdo, $token, "read:ueuse");
if($AuthData[0] === true){
$userData = $AuthData[2];
$sql = "SELECT * FROM ueuse WHERE uniqid = :ueuseid OR rpuniqid = :ueuseid ORDER BY datetime ASC LIMIT :offset, :itemsPerPage";
$stmt = $pdo->prepare($sql);
$stmt->bindValue(':ueuseid', $ueuseid, PDO::PARAM_STR);
@@ -122,7 +107,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
}
if (!empty($messages)) {
$response = array(); // ループ外で $response を初期化
$response = array(
'success' => true,
); // ループ外で $response を初期化
foreach ($messages as $ueusedata) {
if(!(empty($ueusedata["favorite"]))){
@@ -134,17 +121,15 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$favcnts = explode(',', $ueusedata["favorite"]);
$ueusedata["favorite_cnt"] = count($favcnts) - 1;
$userQuery = $pdo->prepare("SELECT username, userid, iconname, headname, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $ueusedata["account"]);
$userQuery->execute();
$userData = $userQuery->fetch();
$userData = getUserData($pdo, $ueusedata["account"]);
if ($userData) {
$now_userdata = array(
"username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])),
"userid" => decode_yajirushi(htmlspecialchars_decode($userData['userid'])),
"user_icon" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['iconname'])))),
"user_head" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['headname'])))),
"user_header" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['headname'])))),
"is_bot" => $userData['sacinfo'] == 'bot' ? true : false,
);
}
@@ -153,10 +138,35 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
}else{
$nsfw = false;
}
if($ueusedata["abi"] == "none"){
$ueusedata["abi"] = "";
}
//リプライ数取得
$rpQuery = $pdo->prepare("SELECT COUNT(*) as reply_count FROM ueuse WHERE rpuniqid = :rpuniqid");
$rpQuery->bindValue(':rpuniqid', $ueusedata['uniqid']);
$rpQuery->execute();
$rpData = $rpQuery->fetch(PDO::FETCH_ASSOC);
if ($rpData){
$ueusedata['reply_count'] = $rpData['reply_count'];
}
//リユーズ数取得
$ruQuery = $pdo->prepare("SELECT COUNT(*) as reuse_count FROM ueuse WHERE ruuniqid = :ruuniqid");
$ruQuery->bindValue(':ruuniqid', $ueusedata['uniqid']);
$ruQuery->execute();
$ruData = $ruQuery->fetch(PDO::FETCH_ASSOC);
if ($ruData){
$ueusedata['reuse_count'] = $ruData['reuse_count'];
}
$item = [
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])),
'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])),
'reuseid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ruuniqid"])),
'text' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ueuse"])),
'account' => $now_userdata,
'photo1' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["photo1"])))),
@@ -165,7 +175,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
'photo4' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["photo4"])))),
'video1' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["video1"])))),
'favorite' => $favorite,
'favorite_cnt' => decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite_cnt"])),
'favorite_cnt' => $ueusedata["favorite_cnt"],
'reply_cnt' => $ueusedata["reply_count"],
'reuse_cnt' => $ueusedata["reuse_count"],
'datetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["datetime"])),
'abi' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abi"])),
'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])),
@@ -180,16 +192,26 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "ueuse_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
api/ueuse/search.php
+52 -30
View File
@@ -1,8 +1,8 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
require(__DIR__ . '/../../db.php');
require(__DIR__ . "/../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
@@ -36,6 +36,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -45,6 +46,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -58,6 +60,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
@@ -87,27 +90,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$AuthData = APIAuth($pdo, $token, "read:ueuse");
if($AuthData[0] === true){
$userData = $AuthData[2];
$Userid = $userData["userid"];
$sql = "SELECT * FROM ueuse WHERE ueuse LIKE :keyword OR abi LIKE :keyword ORDER BY datetime DESC LIMIT :offset, :itemsPerPage";
@@ -125,7 +110,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
}
if (!empty($messages)) {
$response = array(); // ループ外で $response を初期化
$response = array(
'success' => true,
); // ループ外で $response を初期化
foreach ($messages as $ueusedata) {
if(!(empty($ueusedata["favorite"]))){
@@ -137,17 +124,15 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$favcnts = explode(',', $ueusedata["favorite"]);
$ueusedata["favorite_cnt"] = count($favcnts) - 1;
$userQuery = $pdo->prepare("SELECT username, userid, iconname, headname, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $ueusedata["account"]);
$userQuery->execute();
$userData = $userQuery->fetch();
$userData = getUserData($pdo, $ueusedata["account"]);
if ($userData) {
$now_userdata = array(
"username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])),
"userid" => decode_yajirushi(htmlspecialchars_decode($userData['userid'])),
"user_icon" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['iconname'])))),
"user_head" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['headname'])))),
"user_header" => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($userData['headname'])))),
"is_bot" => $userData['sacinfo'] == 'bot' ? true : false,
);
}
@@ -156,10 +141,35 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
}else{
$nsfw = false;
}
if($ueusedata["abi"] == "none"){
$ueusedata["abi"] = "";
}
//リプライ数取得
$rpQuery = $pdo->prepare("SELECT COUNT(*) as reply_count FROM ueuse WHERE rpuniqid = :rpuniqid");
$rpQuery->bindValue(':rpuniqid', $ueusedata['uniqid']);
$rpQuery->execute();
$rpData = $rpQuery->fetch(PDO::FETCH_ASSOC);
if ($rpData){
$ueusedata['reply_count'] = $rpData['reply_count'];
}
//リユーズ数取得
$ruQuery = $pdo->prepare("SELECT COUNT(*) as reuse_count FROM ueuse WHERE ruuniqid = :ruuniqid");
$ruQuery->bindValue(':ruuniqid', $ueusedata['uniqid']);
$ruQuery->execute();
$ruData = $ruQuery->fetch(PDO::FETCH_ASSOC);
if ($ruData){
$ueusedata['reuse_count'] = $ruData['reuse_count'];
}
$item = [
'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])),
'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])),
'reuseid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ruuniqid"])),
'text' => decode_yajirushi(htmlspecialchars_decode($ueusedata["ueuse"])),
'account' => $now_userdata,
'photo1' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["photo1"])))),
@@ -168,7 +178,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
'photo4' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["photo4"])))),
'video1' => decode_yajirushi(htmlspecialchars_decode(localcloudURLtoAPI(localcloudURL($ueusedata["video1"])))),
'favorite' => $favorite,
'favorite_cnt' => decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite_cnt"])),
'favorite_cnt' => $ueusedata["favorite_cnt"],
'reply_cnt' => $ueusedata["reply_count"],
'reuse_cnt' => $ueusedata["reuse_count"],
'datetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["datetime"])),
'abi' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abi"])),
'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])),
@@ -183,16 +195,26 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "ueuse_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
api/users/follow.php
+22 -25
View File
@@ -1,15 +1,15 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require(__DIR__ . '/../../db.php');
//関数呼び出し
//- Base64_mime
require('../../function/function.php');
require(__DIR__ . '/../../function/function.php');
blockedIP($_SERVER['REMOTE_ADDR']);
$mojisizefile = "../../server/textsize.txt";
$mojisizefile = __DIR__ . "/../../server/textsize.txt";
$banurldomainfile = "../../server/banurldomain.txt";
$banurldomainfile = __DIR__ . "/../../server/banurldomain.txt";
$banurl_info = file_get_contents($banurldomainfile);
$banurl = preg_split("/\r\n|\n|\r/", $banurl_info);
@@ -44,6 +44,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -53,6 +54,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -61,27 +63,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role, follow, follower FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$AuthData = APIAuth($pdo, $token, "write:follow");
if($AuthData[0] === true){
$userData = $AuthData[2];
//本文取得
if(!(empty($_GET['userid']))){
$follow_userid = safetext($_GET['userid']);
@@ -111,6 +95,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "could_not_complete";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
@@ -118,6 +103,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "you_cant_it_to_yourself";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
@@ -125,6 +111,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "critical_error_userdata_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
@@ -132,16 +119,26 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}else{
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
api/users/index.php
+18 -27
View File
@@ -1,8 +1,8 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require("../../function/function.php");
require(__DIR__ . '/../../db.php');
require(__DIR__ . "/../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
@@ -37,6 +37,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -46,6 +47,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -59,6 +61,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
@@ -68,31 +71,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$DataQuery = $pdo->prepare("SELECT username,userid,profile,datetime,follow,follower,iconname,headname,role,sacinfo,admin FROM account WHERE userid = :userid");
$DataQuery->bindValue(':userid', $userid);
$DataQuery->execute();
$userdata = $DataQuery->fetch();
$AuthData = APIAuth($pdo, $token, "read:users");
if($AuthData[0] === true){
$userdata = $AuthData[2];
if (empty($userdata)){
$response = array(
@@ -174,6 +155,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$All_ueuse = $allueuse->rowCount();
$response = array(
'success' => true,
'username' => decode_yajirushi(htmlspecialchars_decode($userdata["username"])),
'userid' => decode_yajirushi(htmlspecialchars_decode($userdata["userid"])),
'profile' => decode_yajirushi(htmlspecialchars_decode($userdata["profile"])),
@@ -191,6 +173,14 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
'language' => "ja-JP",
);
}
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}else{
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
@@ -198,6 +188,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
api/users/unfollow.php
+22 -26
View File
@@ -1,15 +1,15 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require('../../db.php');
require(__DIR__ . '/../../db.php');
//関数呼び出し
//- Base64_mime
require('../../function/function.php');
require(__DIR__ . '/../../function/function.php');
blockedIP($_SERVER['REMOTE_ADDR']);
$mojisizefile = "../../server/textsize.txt";
$mojisizefile = __DIR__ . "/../../server/textsize.txt";
$banurldomainfile = "../../server/banurldomain.txt";
$banurldomainfile = __DIR__ . "/../../server/banurldomain.txt";
$banurl_info = file_get_contents($banurldomainfile);
$banurl = preg_split("/\r\n|\n|\r/", $banurl_info);
@@ -44,6 +44,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -53,6 +54,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -61,27 +63,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
session_start();
if( !empty($pdo) ) {
$userQuery = $pdo->prepare("SELECT username, userid, role, follow, follower FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$err = "token_invalid";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}elseif($userData["role"] === "ice"){
$err = "this_account_has_been_frozen";
$response = array(
'error_code' => $err,
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}else{
$AuthData = APIAuth($pdo, $token, "write:follow");
if($AuthData[0] === true){
$userData = $AuthData[2];
//本文取得
if(!(empty($_GET['userid']))){
$unfollow_userid = safetext($_GET['userid']);
@@ -100,7 +84,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
if(!(empty($Follow_userdata))){
if(!($userid == $Follow_userdata['userid'])){
$res = follow_user($pdo, $Follow_userdata['userid'], $userid);
$res = unfollow_user($pdo, $Follow_userdata['userid'], $userid);
if($res === true){
//フォロー完了
$response = array(
@@ -112,6 +96,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "could_not_complete";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
@@ -119,6 +104,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "you_cant_it_to_yourself";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -127,6 +113,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "critical_error_userdata_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
@@ -135,18 +122,27 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
}else{
$err = $AuthData[1];
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
api/v1/instance.php
+6 -6
View File
@@ -1,28 +1,28 @@
<?php
require('../../db.php');
require("../../function/function.php");
require(__DIR__ . '/../../db.php');
require(__DIR__ . "/../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
$serversettings_file = "../../server/serversettings.ini";
$serversettings_file = __DIR__ . "/../../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
if(safetext($serversettings["serverinfo"]["server_activitypub"]) === "true"){
header("Content-Type: application/json; charset=utf-8");
header("Access-Control-Allow-Origin: *");
$mojisizefile = "../../server/textsize.txt";
$mojisizefile = __DIR__ . "/../../server/textsize.txt";
$adminfile = safetext($serversettings["serverinfo"]["server_admin"]);
$servernamefile = safetext($serversettings["serverinfo"]["server_name"]);
$serverinfofile = '../../server/info.txt';
$serverinfofile = __DIR__ . '/../../server/info.txt';
$serverinfo = safetext(file_get_contents($serverinfofile));
$contactfile = safetext($serversettings["serverinfo"]["server_admin_mailadds"]);
$domain = $_SERVER['HTTP_HOST'];
$softwarefile = "../../server/uwuzuinfo.txt";
$softwarefile = __DIR__ . "/../../server/uwuzuinfo.txt";
$softwaredata = safetext(file_get_contents($softwarefile));
$onlyuser = safetext($serversettings["serverinfo"]["server_invitation"]);