uwuzu v1.6.0 Hapuego

2026-06-04 19:14:41 +00:00 · 2025-08-05 13:46:18 +09:00
parent 0d7c0a8879
commit e15b52a205
70 changed files with 7406 additions and 5172 deletions
@@ -1,8 +1,8 @@
 <?php

 $domain = $_SERVER['HTTP_HOST'];
-require('../../db.php');
-require("../../function/function.php");
+require(__DIR__ . '/../../db.php');
+require(__DIR__ . "/../../function/function.php");
 blockedIP($_SERVER['REMOTE_ADDR']);

 header("Content-Type: application/json; charset=utf-8");
@@ -35,6 +35,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
            $err = "input_not_found";
            $response = array(
                'error_code' => $err,
+                'success' => false
            );
            echo json_encode($response, JSON_UNESCAPED_UNICODE);
            exit;
@@ -44,6 +45,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
        $err = "input_not_found";
        $response = array(
            'error_code' => $err,
+            'success' => false
        );
        echo json_encode($response, JSON_UNESCAPED_UNICODE);
        exit;
@@ -57,6 +59,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
        $err = "input_not_found";
        $response = array(
            'error_code' => $err,
+            'success' => false
        );
        
        echo json_encode($response, JSON_UNESCAPED_UNICODE);
@@ -66,27 +69,9 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
    session_start();

    if( !empty($pdo) ) {
-        $userQuery = $pdo->prepare("SELECT username, userid, role, loginid FROM account WHERE token = :token");
-        $userQuery->bindValue(':token', $token);
-        $userQuery->execute();
-        $userData = $userQuery->fetch();
-
-        if(empty($userData["userid"])){
-            $err = "token_invalid";
-            $response = array(
-                'error_code' => $err,
-            );
-            echo json_encode($response, JSON_UNESCAPED_UNICODE);
-            exit;
-        }elseif($userData["role"] === "ice"){
-            $err = "this_account_has_been_frozen";
-            $response = array(
-                'error_code' => $err,
-            );
-            
-            echo json_encode($response, JSON_UNESCAPED_UNICODE);
-            exit;
-        }else{
+        $AuthData = APIAuth($pdo, $token, "write:ueuse");
+        if($AuthData[0] === true){
+            $userData = $AuthData[2];
            if (safetext(isset($ueuseid)) && safetext(isset($userData["userid"])) && safetext(isset($userData["loginid"]))){
                $postUserid = safetext($userData["userid"]);
                $postUniqid = safetext($ueuseid);
@@ -114,16 +99,26 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
                $err = "input_not_found";
                $response = array(
                    'error_code' => $err,
+                    'success' => false
                );
                
                echo json_encode($response, JSON_UNESCAPED_UNICODE);
            }
+        }else{
+            $err = $AuthData[1];
+            $response = array(
+                'error_code' => $err,
+                'success' => false
+            );
+            
+            echo json_encode($response, JSON_UNESCAPED_UNICODE);
        }
    }
 }else{
    $err = "input_not_found";
    $response = array(
        'error_code' => $err,
+        'success' => false
    );
     
    echo json_encode($response, JSON_UNESCAPED_UNICODE);