mirror of
https://github.com/Daichimarukana/uwuzu.git
synced 2026-06-04 19:14:41 +00:00
だいちまる
406 lines
18 KiB
PHP
406 lines
18 KiB
PHP
<?php
|
|
|
|
$domain = $_SERVER['HTTP_HOST'];
|
|
require(__DIR__ . '/../../../db.php');
|
|
require(__DIR__ . "/../../../function/function.php");
|
|
blockedIP($_SERVER['REMOTE_ADDR']);
|
|
|
|
header("Content-Type: application/json; charset=utf-8");
|
|
header("Access-Control-Allow-Origin: *");
|
|
|
|
$pdo = null;
|
|
$error_message = array();
|
|
try {
|
|
$option = array(
|
|
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
|
|
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
|
|
);
|
|
$pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option);
|
|
} catch (PDOException $e) {
|
|
// 接続エラーのときエラー内容を取得する
|
|
$error_message[] = $e->getMessage();
|
|
}
|
|
|
|
$Get_Post_Json = file_get_contents("php://input");
|
|
if (isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
|
|
//トークン取得
|
|
if (!(empty($_GET['token']))) {
|
|
$token = safetext($_GET['token']);
|
|
} else {
|
|
$post_json = json_decode($Get_Post_Json, true);
|
|
if (isset($post_json["token"])) {
|
|
$token = safetext($post_json["token"]);
|
|
} else {
|
|
$err = "input_not_found";
|
|
$response = array(
|
|
'error_code' => $err,
|
|
'success' => false
|
|
);
|
|
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
|
exit;
|
|
}
|
|
}
|
|
if ($token == "") {
|
|
$err = "input_not_found";
|
|
$response = array(
|
|
'error_code' => $err,
|
|
'success' => false
|
|
);
|
|
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
|
exit;
|
|
}
|
|
|
|
if (!empty($pdo)) {
|
|
$AuthData = APIAuth($pdo, $token, "write:me");
|
|
if ($AuthData[0] === true) {
|
|
if(file_exists(__DIR__ . "/../../../settings_admin/plugin_settings/amazons3_settings.php")){
|
|
require_once __DIR__ . '/../../../settings_admin/plugin_settings/amazons3_settings.php';
|
|
if(AMS3_CHKS == "true"){
|
|
if(file_exists(__DIR__ . "/../../../plugin/aws/aws-autoloader.php")){
|
|
require_once __DIR__ . '/../../../plugin/aws/aws-autoloader.php';
|
|
}else{
|
|
actionLog(null, "error", "settings", null, "AWS SDK for PHPが見つかりませんでした!", 4);
|
|
}
|
|
}
|
|
}else{
|
|
actionLog(null, "error", "settings", null, "amazons3_settings.phpが見つかりませんでした!", 3);
|
|
}
|
|
|
|
$userData = $AuthData[2];
|
|
$userid = $userData["userid"];
|
|
|
|
$add_sql = array();
|
|
|
|
if (!(empty($_GET['username']))) {
|
|
$username = safetext($_GET['username']);
|
|
} elseif (!(empty($post_json["username"]))) {
|
|
$username = safetext($post_json["username"]);
|
|
} else {
|
|
$username = null;
|
|
}
|
|
|
|
// ユーザーネームの入力チェック
|
|
if (!($username === null)) {
|
|
if (empty($username)) {
|
|
$error_message[] = '表示名を入力してください。(USERNAME_INPUT_PLEASE)';
|
|
} else {
|
|
// 文字数を確認
|
|
if (50 < mb_strlen($username, 'UTF-8')) {
|
|
$error_message[] = 'ユーザーネームは50文字以内で入力してください。(USERNAME_OVER_MAX_COUNT)';
|
|
}
|
|
}
|
|
|
|
$add_sql[] = "username = :username";
|
|
}
|
|
|
|
|
|
if (!(empty($_GET['profile']))) {
|
|
$profile = safetext($_GET['profile']);
|
|
} elseif (!(empty($post_json["profile"]))) {
|
|
$profile = safetext($post_json["profile"]);
|
|
} else {
|
|
$profile = null;
|
|
}
|
|
|
|
if (!($profile === null)) {
|
|
if (1024 < mb_strlen($profile, 'UTF-8')) {
|
|
$error_message[] = 'プロフィールは1024文字以内で入力してください。(INPUT_OVER_MAX_COUNT)';
|
|
}
|
|
$add_sql[] = "profile = :profile";
|
|
}
|
|
|
|
|
|
if (!(empty($post_json["icon"]))) {
|
|
$iconBase64 = $post_json["icon"];
|
|
|
|
if (strpos($iconBase64, ',') !== false) {
|
|
$iconBase64 = explode(',', $iconBase64)[1];
|
|
}
|
|
|
|
$imageData = base64_decode($iconBase64, true);
|
|
|
|
if ($imageData === false) {
|
|
$error_message[] = 'Base64のデコードに失敗しました!(base64_decode_failed)';
|
|
} else {
|
|
$tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_' . createUniqId());
|
|
file_put_contents($tmpFilePath, $imageData);
|
|
|
|
clearstatcache(true, $tmpFilePath);
|
|
|
|
$IconFiles = [
|
|
'name' => 'upload.png',
|
|
'type' => check_mime($tmpFilePath),
|
|
'tmp_name' => $tmpFilePath,
|
|
'error' => UPLOAD_ERR_OK,
|
|
'size' => filesize($tmpFilePath),
|
|
];
|
|
}
|
|
} else {
|
|
$IconFiles = array();
|
|
}
|
|
|
|
|
|
if (isset($IconFiles)) {
|
|
if (!(empty($IconFiles['name']))) {
|
|
$uploadedFile = $IconFiles;
|
|
$beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/../../../usericons/');
|
|
if($beforeUploadError === null){
|
|
if (check_mime($uploadedFile['tmp_name'])) {
|
|
$extension = pathinfo($uploadedFile['name'], PATHINFO_EXTENSION);
|
|
delete_exif($extension, $uploadedFile['tmp_name']);
|
|
resizeImage($uploadedFile['tmp_name'], 512, 512);
|
|
|
|
if (AMS3_CHKS == "true") {
|
|
$usericonurl = getUserData($pdo, $userid)["iconname"];
|
|
if (filter_var($usericonurl, FILTER_VALIDATE_URL)) {
|
|
$s3delresult = deleteAmazonS3($usericonurl);
|
|
} else {
|
|
$s3delresult = true;
|
|
}
|
|
if ($s3delresult == true) {
|
|
$s3result = uploadAmazonS3($uploadedFile['tmp_name']);
|
|
} else {
|
|
$s3result = false;
|
|
}
|
|
} else {
|
|
if (check_mime($uploadedFile['tmp_name']) == "image/webp") {
|
|
$newFilename = createUniqId() . '-' . $userid . '.webp';
|
|
} else {
|
|
$newFilename = createUniqId() . '-' . $userid . '.' . $extension;
|
|
}
|
|
$uploadedPath = 'usericons/' . $newFilename;
|
|
$result = rename($uploadedFile['tmp_name'], __DIR__ . '/../../../' . $uploadedPath);
|
|
|
|
if ($result) {
|
|
$iconName = $uploadedPath; // 保存されたファイルのパスを使用
|
|
$currentIconPath = getUserData($pdo, $userid)["iconname"];
|
|
} else {
|
|
$beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/../../../usericons/') ?? "ERROR";
|
|
$error_message[] = 'アップロード失敗!(1)エラーコード:' .$beforeUploadError.'';
|
|
}
|
|
}
|
|
if (isset($s3result)) {
|
|
if ($s3result == false) {
|
|
$error_message[] = 'アップロード失敗!(1)エラーコード: S3ERROR';
|
|
} else {
|
|
$iconName = $s3result; // S3に保存されたファイルのパスを使用
|
|
$currentIconPath = getUserData($pdo, $userid)["iconname"];
|
|
}
|
|
}
|
|
} else {
|
|
$error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)";
|
|
}
|
|
}else{
|
|
$error_message[] = 'アップロード失敗!(1)エラーコード:' .$beforeUploadError.'';
|
|
}
|
|
}
|
|
}
|
|
if (!(empty($iconName))) {
|
|
$add_sql[] = "iconname = :iconname";
|
|
}
|
|
|
|
if (!(empty($post_json["header"]))) {
|
|
$headerBase64 = $post_json["header"];
|
|
|
|
if (strpos($headerBase64, ',') !== false) {
|
|
$headerBase64 = explode(',', $headerBase64)[1];
|
|
}
|
|
|
|
$imageData = base64_decode($headerBase64, true);
|
|
|
|
if ($imageData === false) {
|
|
$error_message[] = 'Base64のデコードに失敗しました!(base64_decode_failed)';
|
|
} else {
|
|
$tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_' . createUniqId());
|
|
file_put_contents($tmpFilePath, $imageData);
|
|
|
|
clearstatcache(true, $tmpFilePath);
|
|
|
|
$HeadFiles = [
|
|
'name' => 'upload.png',
|
|
'type' => check_mime($tmpFilePath),
|
|
'tmp_name' => $tmpFilePath,
|
|
'error' => UPLOAD_ERR_OK,
|
|
'size' => filesize($tmpFilePath),
|
|
];
|
|
}
|
|
} else {
|
|
$HeadFiles = array();
|
|
}
|
|
|
|
if (isset($HeadFiles)) {
|
|
if (!(empty($HeadFiles['name']))) {
|
|
$uploadedFile = $HeadFiles;
|
|
$beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/../../../userheads/');
|
|
if($beforeUploadError === null){
|
|
if (check_mime($uploadedFile['tmp_name'])) {
|
|
$extension = pathinfo($uploadedFile['name'], PATHINFO_EXTENSION);
|
|
delete_exif($extension, $uploadedFile['tmp_name']);
|
|
resizeImage($uploadedFile['tmp_name'], 2048, 1024);
|
|
|
|
if (AMS3_CHKS == "true") {
|
|
$userheadurl = getUserData($pdo, $userid)["headname"];
|
|
if (filter_var($userheadurl, FILTER_VALIDATE_URL)) {
|
|
$s3delresult = deleteAmazonS3($userheadurl);
|
|
} else {
|
|
$s3delresult = true;
|
|
}
|
|
if ($s3delresult == true) {
|
|
$s3result = uploadAmazonS3($uploadedFile['tmp_name']);
|
|
} else {
|
|
$s3result = false;
|
|
}
|
|
} else {
|
|
if (check_mime($uploadedFile['tmp_name']) == "image/webp") {
|
|
$newFilename = createUniqId() . '-' . $userid . '.webp';
|
|
} else {
|
|
$newFilename = createUniqId() . '-' . $userid . '.' . $extension;
|
|
}
|
|
$uploadedPath = 'userheads/' . $newFilename;
|
|
$result = rename($uploadedFile['tmp_name'], __DIR__ . '/../../../' . $uploadedPath);
|
|
|
|
if ($result) {
|
|
$headName = $uploadedPath; // 保存されたファイルのパスを使用
|
|
$currentHeadPath = getUserData($pdo, $userid)["headname"];
|
|
} else {
|
|
$beforeUploadError = check_upload_error($uploadedFile, __DIR__.'/../../../userheads/') ?? "ERROR";
|
|
$error_message[] = 'アップロード失敗!(1)エラーコード:' .$beforeUploadError.'';
|
|
}
|
|
}
|
|
if (isset($s3result)) {
|
|
if ($s3result == false) {
|
|
$error_message[] = 'アップロード失敗!(2)エラーコード: S3ERROR';
|
|
} else {
|
|
$headName = $s3result; // S3に保存されたファイルのパスを使用
|
|
$currentHeadPath = getUserData($pdo, $userid)["headname"];
|
|
}
|
|
}
|
|
} else {
|
|
$error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)";
|
|
}
|
|
}else{
|
|
$error_message[] = 'アップロード失敗!(2)エラーコード:' .$beforeUploadError.'';
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!(empty($headName))) {
|
|
$add_sql[] = "headname = :headname";
|
|
}
|
|
|
|
if(empty($add_sql)) {
|
|
$err = "input_not_found";
|
|
$response = array(
|
|
'error_code' => $err,
|
|
'success' => false
|
|
);
|
|
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
|
exit;
|
|
}else{
|
|
$add_sql = implode(", ", $add_sql);
|
|
}
|
|
|
|
if (empty($error_message)) {
|
|
// トランザクション開始
|
|
$pdo->beginTransaction();
|
|
|
|
try {
|
|
|
|
$stmt = $pdo->prepare("UPDATE account SET ".$add_sql." WHERE userid = :userid;");
|
|
|
|
// 他の値をセット
|
|
if (!(empty($username))) {
|
|
$stmt->bindValue(':username', $username, PDO::PARAM_STR);
|
|
}
|
|
if (!(empty($profile))) {
|
|
$stmt->bindValue(':profile', $profile, PDO::PARAM_STR);
|
|
}
|
|
if (!(empty($iconName))) {
|
|
$stmt->bindValue(':iconname', $iconName, PDO::PARAM_STR);
|
|
}
|
|
if (!(empty($headName))) {
|
|
$stmt->bindValue(':headname', $headName, PDO::PARAM_STR);
|
|
}
|
|
|
|
$stmt->bindValue(':userid', $userid, PDO::PARAM_STR);
|
|
$res = $stmt->execute();
|
|
|
|
// コミット
|
|
if($res) {
|
|
$pdo->commit();
|
|
if (!(empty($iconName))) {
|
|
if ($currentIconPath && !filter_var($currentIconPath, FILTER_VALIDATE_URL)) {
|
|
$filePath = realpath(__DIR__ . '/../../../' . $currentIconPath);
|
|
if ($filePath && file_exists($filePath)) {
|
|
unlink($filePath);
|
|
}
|
|
}
|
|
}
|
|
if (!(empty($headName))) {
|
|
if ($currentHeadPath && !filter_var($currentHeadPath, FILTER_VALIDATE_URL)) {
|
|
$filePath = realpath(__DIR__ . '/../../../' . $currentHeadPath);
|
|
if ($filePath && file_exists($filePath)) {
|
|
unlink($filePath);
|
|
}
|
|
}
|
|
}
|
|
|
|
$response = array(
|
|
'success' => true
|
|
);
|
|
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
|
exit;
|
|
} else {
|
|
$pdo->rollBack();
|
|
$err = "update_failed";
|
|
$response = array(
|
|
'error_code' => $err,
|
|
'success' => false
|
|
);
|
|
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
|
exit;
|
|
}
|
|
} catch (Exception $e) {
|
|
$pdo->rollBack();
|
|
actionLog($userid, "error", "user-settings-api", null, $e, 4);
|
|
$err = "update_failed";
|
|
$response = array(
|
|
'error_code' => $err,
|
|
'success' => false
|
|
);
|
|
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
|
exit;
|
|
}
|
|
|
|
$stmt = null;
|
|
}else{
|
|
$err = $error_message;
|
|
$response = array(
|
|
'error_code' => $err,
|
|
'success' => false
|
|
);
|
|
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
|
exit;
|
|
}
|
|
} else {
|
|
$err = $AuthData[1];
|
|
$response = array(
|
|
'error_code' => $err,
|
|
'success' => false
|
|
);
|
|
|
|
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
|
exit;
|
|
}
|
|
}
|
|
} else {
|
|
$err = "input_not_found";
|
|
$response = array(
|
|
'error_code' => $err,
|
|
'success' => false
|
|
);
|
|
|
|
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
|
exit;
|
|
}
|