From d5e6bd45ef62e80ac262d21b00d2153b4ca0e8ab Mon Sep 17 00:00:00 2001 From: Last2014 Date: Sun, 31 Aug 2025 16:14:18 +0900 Subject: [PATCH] =?UTF-8?q?Bearer=E8=AA=8D=E8=A8=BC=E3=81=AB=E5=A4=89?= =?UTF-8?q?=E6=9B=B4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- api/favorite/change.php | 42 ++--- api/favorite/get.php | 42 ++--- api/me/index.php | 48 +++--- api/me/notification/index.php | 58 +++---- api/me/notification/read.php | 30 ++-- api/me/settings/index.php | 36 ++-- api/ueuse/bookmark/index.php | 60 +++---- api/ueuse/create.php | 68 ++++---- api/ueuse/delete.php | 46 +++-- api/ueuse/get.php | 64 ++++--- api/ueuse/index.php | 72 ++++---- api/ueuse/mentions.php | 62 ++++--- api/ueuse/replies.php | 62 ++++--- api/ueuse/search.php | 66 ++++---- api/users/follow.php | 42 ++--- api/users/index.php | 53 +++--- api/users/unfollow.php | 42 ++--- function/function.php | 305 +++++++++++++++++++--------------- 18 files changed, 564 insertions(+), 634 deletions(-) diff --git a/api/favorite/change.php b/api/favorite/change.php index 851a6d7..6e1f9d9 100644 --- a/api/favorite/change.php +++ b/api/favorite/change.php @@ -32,25 +32,10 @@ try { } $Get_Post_Json = file_get_contents("php://input"); -if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if(!(empty($_GET['token']))){ - $token = safetext($_GET['token']); - }else{ - $post_json = json_decode($Get_Post_Json, true); - if(isset($post_json["token"])){ - $token = safetext($post_json["token"]); - }else{ - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if($token == ""){ +if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -59,7 +44,16 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } - + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } + session_start(); if( !empty($pdo) ) { @@ -94,7 +88,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } }else{ @@ -103,7 +97,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } } @@ -113,7 +107,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } -?> \ No newline at end of file +?> diff --git a/api/favorite/get.php b/api/favorite/get.php index 9bd39b9..df45b6f 100644 --- a/api/favorite/get.php +++ b/api/favorite/get.php @@ -32,25 +32,10 @@ try { } $Get_Post_Json = file_get_contents("php://input"); -if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if(!(empty($_GET['token']))){ - $token = safetext($_GET['token']); - }else{ - $post_json = json_decode($Get_Post_Json, true); - if(isset($post_json["token"])){ - $token = safetext($post_json["token"]); - }else{ - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if($token == ""){ +if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -59,7 +44,16 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } - + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } + session_start(); if( !empty($pdo) ) { @@ -95,7 +89,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } }else{ @@ -104,7 +98,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } } @@ -114,7 +108,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } -?> \ No newline at end of file +?> diff --git a/api/me/index.php b/api/me/index.php index d98ab59..04be242 100644 --- a/api/me/index.php +++ b/api/me/index.php @@ -23,25 +23,10 @@ try { } $Get_Post_Json = file_get_contents("php://input"); -if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if(!(empty($_GET['token']))){ - $token = safetext($_GET['token']); - }else{ - $post_json = json_decode($Get_Post_Json, true); - if(isset($post_json["token"])){ - $token = safetext($post_json["token"]); - }else{ - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if($token == ""){ +if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -50,14 +35,23 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } - + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } + session_start(); if( !empty($pdo) ) { $AuthData = APIAuth($pdo, $token, "read:me"); if($AuthData[0] === true){ $userdata = $AuthData[2]; - + if (empty($userdata)){ $response = array( 'error_code' => "critical_error_userdata_not_found", @@ -87,7 +81,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { "effect" => decode_yajirushi(htmlspecialchars_decode($role_view_effect)), "id" => decode_yajirushi(htmlspecialchars_decode($roleData[$roleId]['roleidname'])), ); - + $role[] = $roleinfo; } }else{ @@ -125,7 +119,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { }else{ $follower = array(); } - + $followcnts = explode(',', $userdata["follow"]); $userdata["follow_cnt"] = (int)count($followcnts)-1; @@ -135,7 +129,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $allueuse = $pdo->prepare("SELECT account FROM ueuse WHERE account = :userid"); $allueuse->bindValue(':userid', $userdata["userid"]); $allueuse->execute(); - $All_ueuse = $allueuse->rowCount(); + $All_ueuse = $allueuse->rowCount(); $response = array( 'success' => true, @@ -163,7 +157,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } } @@ -173,7 +167,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } -?> \ No newline at end of file +?> diff --git a/api/me/notification/index.php b/api/me/notification/index.php index 8c3fc9b..ed2b2ac 100644 --- a/api/me/notification/index.php +++ b/api/me/notification/index.php @@ -24,25 +24,10 @@ try { } $Get_Post_Json = file_get_contents("php://input"); -if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if(!(empty($_GET['token']))){ - $token = safetext($_GET['token']); - }else{ - $post_json = json_decode($Get_Post_Json, true); - if(isset($post_json["token"])){ - $token = safetext($post_json["token"]); - }else{ - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if($token == ""){ +if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -51,7 +36,16 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } - + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } + if(!(empty($_GET['limit']))){ $limit = (int)$_GET['limit']; }elseif(!(empty($post_json["limit"]))){ @@ -71,7 +65,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $page = 1; } $offset = ($page - 1) * $limit; - + session_start(); if( !empty($pdo) ) { @@ -87,22 +81,22 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { // トランザクション開始 $pdo->beginTransaction(); - + while ($row = $messageQuery->fetch(PDO::FETCH_ASSOC)) { $messages[] = $row; } - + if (!empty($messages)) { $response = array( 'success' => true, ); // ループ外で $response を初期化 - + foreach ($messages as $notificationdata) { $userQuery = $pdo->prepare("SELECT username, userid, iconname, headname, role FROM account WHERE userid = :userid"); $userQuery->bindValue(':userid', $notificationdata["fromuserid"]); $userQuery->execute(); $userData = $userQuery->fetch(); - + if ($userData) { $now_userdata = array( "username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])), @@ -132,7 +126,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { }else{ $valueid = null; } - + $item = [ 'from' => $now_userdata, 'category' => decode_yajirushi(htmlspecialchars_decode($notificationdata["category"])), @@ -142,10 +136,10 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'valueid' => $valueid, 'is_checked' => $userchk, ]; - + $response[] = $item; // ループ内で $response にデータを追加 } - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } else { $err = "notification_not_found"; @@ -153,7 +147,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } }else{ @@ -162,7 +156,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } } @@ -172,7 +166,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } -?> \ No newline at end of file +?> diff --git a/api/me/notification/read.php b/api/me/notification/read.php index 549fa2c..f505c86 100644 --- a/api/me/notification/read.php +++ b/api/me/notification/read.php @@ -23,24 +23,9 @@ try { $Get_Post_Json = file_get_contents("php://input"); if (isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if (!(empty($_GET['token']))) { - $token = safetext($_GET['token']); - } else { - $post_json = json_decode($Get_Post_Json, true); - if (isset($post_json["token"])) { - $token = safetext($post_json["token"]); - } else { - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if ($token == "") { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -49,6 +34,15 @@ if (isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } if (!(empty($_GET['limit']))) { $limit = (int)$_GET['limit']; diff --git a/api/me/settings/index.php b/api/me/settings/index.php index 839ad65..6904eb3 100644 --- a/api/me/settings/index.php +++ b/api/me/settings/index.php @@ -7,7 +7,7 @@ blockedIP($_SERVER['REMOTE_ADDR']); header("Content-Type: application/json; charset=utf-8"); header("Access-Control-Allow-Origin: *"); - + $pdo = null; $error_message = array(); try { @@ -23,24 +23,9 @@ try { $Get_Post_Json = file_get_contents("php://input"); if (isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if (!(empty($_GET['token']))) { - $token = safetext($_GET['token']); - } else { - $post_json = json_decode($Get_Post_Json, true); - if (isset($post_json["token"])) { - $token = safetext($post_json["token"]); - } else { - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if ($token == "") { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -49,6 +34,15 @@ if (isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } if (!empty($pdo)) { $AuthData = APIAuth($pdo, $token, "write:me"); @@ -65,7 +59,7 @@ if (isset($_GET['token']) || (!(empty($Get_Post_Json)))) { }else{ actionLog(null, "error", "settings", null, "amazons3_settings.phpが見つかりませんでした!", 3); } - + $userData = $AuthData[2]; $userid = $userData["userid"]; @@ -359,7 +353,7 @@ if (isset($_GET['token']) || (!(empty($Get_Post_Json)))) { if (!(empty($headName))) { $stmt->bindValue(':headname', $headName, PDO::PARAM_STR); } - + $stmt->bindValue(':userid', $userid, PDO::PARAM_STR); $res = $stmt->execute(); diff --git a/api/ueuse/bookmark/index.php b/api/ueuse/bookmark/index.php index 588d64c..44d6bc0 100644 --- a/api/ueuse/bookmark/index.php +++ b/api/ueuse/bookmark/index.php @@ -24,25 +24,10 @@ try { } $Get_Post_Json = file_get_contents("php://input"); -if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if(!(empty($_GET['token']))){ - $token = safetext($_GET['token']); - }else{ - $post_json = json_decode($Get_Post_Json, true); - if(isset($post_json["token"])){ - $token = safetext($post_json["token"]); - }else{ - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if($token == ""){ +if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -51,7 +36,16 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } - + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } + if(!(empty($_GET['limit']))){ $limit = (int)$_GET['limit']; }elseif(!(empty($post_json["limit"]))){ @@ -71,7 +65,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $page = 1; } $offset = ($page - 1) * $limit; - + session_start(); if( !empty($pdo) ) { @@ -112,12 +106,12 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $stmt->execute(); $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); } - + if (!empty($messages)) { $response = array( 'success' => true, ); // ループ外で $response を初期化 - + foreach ($messages as $ueusedata) { if(!(empty($ueusedata["favorite"]))){ $favorite = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite"]))); @@ -129,7 +123,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $ueusedata["favorite_cnt"] = count($favcnts) - 1; $userData = getUserData($pdo, $ueusedata["account"]); - + if ($userData) { $now_userdata = array( "username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])), @@ -155,7 +149,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $rpQuery->bindValue(':rpuniqid', $ueusedata['uniqid']); $rpQuery->execute(); $rpData = $rpQuery->fetch(PDO::FETCH_ASSOC); - + if ($rpData){ $ueusedata['reply_count'] = $rpData['reply_count']; } @@ -165,11 +159,11 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $ruQuery->bindValue(':ruuniqid', $ueusedata['uniqid']); $ruQuery->execute(); $ruData = $ruQuery->fetch(PDO::FETCH_ASSOC); - + if ($ruData){ $ueusedata['reuse_count'] = $ruData['reuse_count']; } - + $item = [ 'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])), 'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])), @@ -190,10 +184,10 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])), 'nsfw' => $nsfw, ]; - + $response[] = $item; // ループ内で $response にデータを追加 } - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } else { $err = "ueuse_not_found"; @@ -201,7 +195,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } }else{ @@ -210,7 +204,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } } @@ -220,7 +214,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } -?> \ No newline at end of file +?> diff --git a/api/ueuse/create.php b/api/ueuse/create.php index 69ff998..e278872 100644 --- a/api/ueuse/create.php +++ b/api/ueuse/create.php @@ -31,25 +31,10 @@ try { } $Get_Post_Json = file_get_contents("php://input"); -if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if(!(empty($_GET['token']))){ - $token = safetext($_GET['token']); - }else{ - $post_json = json_decode($Get_Post_Json, true); - if(isset($post_json["token"])){ - $token = safetext($post_json["token"]); - }else{ - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if($token == ""){ +if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -58,7 +43,16 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } - + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } + session_start(); if( !empty($pdo) ) { @@ -76,7 +70,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } @@ -115,13 +109,13 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { }else{ $nsfw = "false"; } - + if(!(empty($post_json["image1"]))){ $imageData = base64_decode($post_json["image1"],true); - + $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId()); file_put_contents($tmpFilePath, $imageData); - + $Img1Files = [ 'name' => 'upload.png', 'type' => check_mime($tmpFilePath), @@ -135,10 +129,10 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { if(!(empty($post_json["image2"]))){ $imageData = base64_decode($post_json["image2"],true); - + $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId()); file_put_contents($tmpFilePath, $imageData); - + $Img2Files = [ 'name' => 'upload.png', 'type' => check_mime($tmpFilePath), @@ -152,10 +146,10 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { if(!(empty($post_json["image3"]))){ $imageData = base64_decode($post_json["image3"],true); - + $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId()); file_put_contents($tmpFilePath, $imageData); - + $Img3Files = [ 'name' => 'upload.png', 'type' => check_mime($tmpFilePath), @@ -169,10 +163,10 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { if(!(empty($post_json["image4"]))){ $imageData = base64_decode($post_json["image4"],true); - + $tmpFilePath = tempnam(sys_get_temp_dir(), 'upload_'.createUniqId()); file_put_contents($tmpFilePath, $imageData); - + $Img4Files = [ 'name' => 'upload.png', 'type' => check_mime($tmpFilePath), @@ -183,7 +177,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { } else { $Img4Files = array(); } - + $settingsJson = getUserData($pdo, $userData["userid"])["other_settings"]; if(!(empty($settingsJson))){ $isAIBWM = val_OtherSettings("isAIBlockWaterMark", $settingsJson); @@ -202,7 +196,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueuse_result[1])), 'userid' => decode_yajirushi(htmlspecialchars_decode($userData["userid"])), ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); }else{ $errcode = $ueuse_result[1][0]; @@ -216,7 +210,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { case strpos($errcode, 'INPUT_OVER_MAX_COUNT' ) !==false: $err = "content_to_".safetext(file_get_contents($mojisizefile))."_characters"; break; - case strpos($errcode, 'INPUT_CONTAINS_PROHIBITED_URL' ) !==false: + case strpos($errcode, 'INPUT_CONTAINS_PROHIBITED_URL' ) !==false: $err = "contains_prohibited_url"; break; case strpos($errcode, 'FILE_DEKASUGUI_PHP_INI_KAKUNIN' ) !==false: @@ -270,7 +264,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } }else{ @@ -279,7 +273,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } } @@ -289,7 +283,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } -?> \ No newline at end of file +?> diff --git a/api/ueuse/delete.php b/api/ueuse/delete.php index 84a3a7d..8e77e9c 100644 --- a/api/ueuse/delete.php +++ b/api/ueuse/delete.php @@ -23,25 +23,10 @@ try { } $Get_Post_Json = file_get_contents("php://input"); -if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if(!(empty($_GET['token']))){ - $token = safetext($_GET['token']); - }else{ - $post_json = json_decode($Get_Post_Json, true); - if(isset($post_json["token"])){ - $token = safetext($post_json["token"]); - }else{ - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if($token == ""){ +if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -50,6 +35,15 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } if(!(empty($_GET['uniqid']))){ $ueuseid = $_GET['uniqid']; @@ -61,11 +55,11 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } - + session_start(); if( !empty($pdo) ) { @@ -76,7 +70,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $postUserid = safetext($userData["userid"]); $postUniqid = safetext($ueuseid); $loginid = safetext($userData["loginid"]); - + $result = delete_ueuse($postUniqid, $postUserid, $loginid); if($result[0] === true){ $response = array( @@ -101,7 +95,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } }else{ @@ -110,7 +104,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } } @@ -120,7 +114,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } -?> \ No newline at end of file +?> diff --git a/api/ueuse/get.php b/api/ueuse/get.php index 40608df..e1b713c 100644 --- a/api/ueuse/get.php +++ b/api/ueuse/get.php @@ -23,25 +23,10 @@ try { } $Get_Post_Json = file_get_contents("php://input"); -if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if(!(empty($_GET['token']))){ - $token = safetext($_GET['token']); - }else{ - $post_json = json_decode($Get_Post_Json, true); - if(isset($post_json["token"])){ - $token = safetext($post_json["token"]); - }else{ - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if($token == ""){ +if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -50,6 +35,15 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } if(!(empty($_GET['uniqid']))){ $ueuseid = $_GET['uniqid']; @@ -61,11 +55,11 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } - + session_start(); if( !empty($pdo) ) { @@ -77,17 +71,17 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $stmt->bindValue(':ueuseid', $ueuseid, PDO::PARAM_STR); $stmt->execute(); $message_array = $stmt; - + while ($row = $message_array->fetch(PDO::FETCH_ASSOC)) { - + $messages[] = $row; } - + if (!empty($messages)) { $response = array( 'success' => true, ); // ループ外で $response を初期化 - + foreach ($messages as $ueusedata) { if(!(empty($ueusedata["favorite"]))){ $favorite = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite"]))); @@ -99,7 +93,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $ueusedata["favorite_cnt"] = count($favcnts) - 1; $userData = getUserData($pdo, $ueusedata["account"]); - + if ($userData) { $now_userdata = array( "username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])), @@ -125,7 +119,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $rpQuery->bindValue(':rpuniqid', $ueusedata['uniqid']); $rpQuery->execute(); $rpData = $rpQuery->fetch(PDO::FETCH_ASSOC); - + if ($rpData){ $ueusedata['reply_count'] = $rpData['reply_count']; } @@ -135,11 +129,11 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $ruQuery->bindValue(':ruuniqid', $ueusedata['uniqid']); $ruQuery->execute(); $ruData = $ruQuery->fetch(PDO::FETCH_ASSOC); - + if ($ruData){ $ueusedata['reuse_count'] = $ruData['reuse_count']; } - + $item = [ 'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])), 'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])), @@ -160,10 +154,10 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])), 'nsfw' => $nsfw, ]; - + $response[] = $item; // ループ内で $response にデータを追加 } - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } else { $err = "ueuse_not_found"; @@ -171,7 +165,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } }else{ @@ -180,7 +174,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } } @@ -190,7 +184,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } -?> \ No newline at end of file +?> diff --git a/api/ueuse/index.php b/api/ueuse/index.php index e8caf60..559ad62 100644 --- a/api/ueuse/index.php +++ b/api/ueuse/index.php @@ -24,25 +24,10 @@ try { } $Get_Post_Json = file_get_contents("php://input"); -if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if(!(empty($_GET['token']))){ - $token = safetext($_GET['token']); - }else{ - $post_json = json_decode($Get_Post_Json, true); - if(isset($post_json["token"])){ - $token = safetext($post_json["token"]); - }else{ - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if($token == ""){ +if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -51,7 +36,16 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } - + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } + if(!(empty($_GET['limit']))){ $limit = (int)$_GET['limit']; }elseif(!(empty($post_json["limit"]))){ @@ -71,18 +65,18 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $page = 1; } $offset = ($page - 1) * $limit; - + session_start(); if( !empty($pdo) ) { $AuthData = APIAuth($pdo, $token, "read:ueuse"); if($AuthData[0] === true){ $userData = $AuthData[2]; - $sql = "SELECT ueuse.* - FROM ueuse - LEFT JOIN account ON ueuse.account = account.userid + $sql = "SELECT ueuse.* + FROM ueuse + LEFT JOIN account ON ueuse.account = account.userid WHERE ueuse.rpuniqid = '' AND account.role != 'ice' - ORDER BY ueuse.datetime DESC + ORDER BY ueuse.datetime DESC LIMIT :offset, :itemsPerPage"; $stmt = $pdo->prepare($sql); @@ -90,17 +84,17 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $stmt->bindValue(':itemsPerPage', $limit, PDO::PARAM_INT); $stmt->execute(); $message_array = $stmt; - + while ($row = $message_array->fetch(PDO::FETCH_ASSOC)) { - + $messages[] = $row; } - + if (!empty($messages)) { $response = array( 'success' => true, ); // ループ外で $response を初期化 - + foreach ($messages as $ueusedata) { if(!(empty($ueusedata["favorite"]))){ $favorite = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite"]))); @@ -112,7 +106,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $ueusedata["favorite_cnt"] = count($favcnts) - 1; $userData = getUserData($pdo, $ueusedata["account"]); - + if ($userData) { $now_userdata = array( "username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])), @@ -138,7 +132,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $rpQuery->bindValue(':rpuniqid', $ueusedata['uniqid']); $rpQuery->execute(); $rpData = $rpQuery->fetch(PDO::FETCH_ASSOC); - + if ($rpData){ $ueusedata['reply_count'] = $rpData['reply_count']; } @@ -148,11 +142,11 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $ruQuery->bindValue(':ruuniqid', $ueusedata['uniqid']); $ruQuery->execute(); $ruData = $ruQuery->fetch(PDO::FETCH_ASSOC); - + if ($ruData){ $ueusedata['reuse_count'] = $ruData['reuse_count']; } - + $item = [ 'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])), 'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])), @@ -173,10 +167,10 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])), 'nsfw' => $nsfw, ]; - + $response[] = $item; // ループ内で $response にデータを追加 } - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } else { $err = "ueuse_not_found"; @@ -184,7 +178,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } }else{ @@ -193,7 +187,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } } @@ -203,7 +197,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } -?> \ No newline at end of file +?> diff --git a/api/ueuse/mentions.php b/api/ueuse/mentions.php index db4ddbb..6c3acb0 100644 --- a/api/ueuse/mentions.php +++ b/api/ueuse/mentions.php @@ -24,25 +24,10 @@ try { } $Get_Post_Json = file_get_contents("php://input"); -if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if(!(empty($_GET['token']))){ - $token = safetext($_GET['token']); - }else{ - $post_json = json_decode($Get_Post_Json, true); - if(isset($post_json["token"])){ - $token = safetext($post_json["token"]); - }else{ - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if($token == ""){ +if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -51,6 +36,15 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } if(!(empty($_GET['limit']))){ $limit = (int)$_GET['limit']; @@ -71,7 +65,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $page = 1; } $offset = ($page - 1) * $limit; - + session_start(); if( !empty($pdo) ) { @@ -88,17 +82,17 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $stmt->bindValue(':keyword', '' . $Userid . '', PDO::PARAM_STR); $stmt->execute(); $message_array = $stmt; - + while ($row = $message_array->fetch(PDO::FETCH_ASSOC)) { - + $messages[] = $row; } - + if (!empty($messages)) { $response = array( 'success' => true, ); // ループ外で $response を初期化 - + foreach ($messages as $ueusedata) { if(!(empty($ueusedata["favorite"]))){ $favorite = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite"]))); @@ -110,7 +104,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $ueusedata["favorite_cnt"] = count($favcnts) - 1; $userData = getUserData($pdo, $ueusedata["account"]); - + if ($userData) { $now_userdata = array( "username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])), @@ -136,7 +130,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $rpQuery->bindValue(':rpuniqid', $ueusedata['uniqid']); $rpQuery->execute(); $rpData = $rpQuery->fetch(PDO::FETCH_ASSOC); - + if ($rpData){ $ueusedata['reply_count'] = $rpData['reply_count']; } @@ -146,11 +140,11 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $ruQuery->bindValue(':ruuniqid', $ueusedata['uniqid']); $ruQuery->execute(); $ruData = $ruQuery->fetch(PDO::FETCH_ASSOC); - + if ($ruData){ $ueusedata['reuse_count'] = $ruData['reuse_count']; } - + $item = [ 'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])), 'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])), @@ -171,10 +165,10 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])), 'nsfw' => $nsfw, ]; - + $response[] = $item; // ループ内で $response にデータを追加 } - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } else { $err = "ueuse_not_found"; @@ -182,7 +176,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } }else{ @@ -191,7 +185,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } } @@ -201,7 +195,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } -?> \ No newline at end of file +?> diff --git a/api/ueuse/replies.php b/api/ueuse/replies.php index c46d94c..892ff45 100644 --- a/api/ueuse/replies.php +++ b/api/ueuse/replies.php @@ -24,25 +24,10 @@ try { } $Get_Post_Json = file_get_contents("php://input"); -if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if(!(empty($_GET['token']))){ - $token = safetext($_GET['token']); - }else{ - $post_json = json_decode($Get_Post_Json, true); - if(isset($post_json["token"])){ - $token = safetext($post_json["token"]); - }else{ - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if($token == ""){ +if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -51,6 +36,15 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } if(!(empty($_GET['uniqid']))){ $ueuseid = $_GET['uniqid']; @@ -62,7 +56,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } @@ -86,7 +80,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $page = 1; } $offset = ($page - 1) * $limit; - + session_start(); if( !empty($pdo) ) { @@ -100,16 +94,16 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $stmt->bindValue(':itemsPerPage', $limit, PDO::PARAM_INT); $stmt->execute(); $message_array = $stmt; - + while ($row = $message_array->fetch(PDO::FETCH_ASSOC)) { $messages[] = $row; } - + if (!empty($messages)) { $response = array( 'success' => true, ); // ループ外で $response を初期化 - + foreach ($messages as $ueusedata) { if(!(empty($ueusedata["favorite"]))){ $favorite = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite"]))); @@ -119,7 +113,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { } $favcnts = explode(',', $ueusedata["favorite"]); $ueusedata["favorite_cnt"] = count($favcnts) - 1; - + if ($userData) { $now_userdata = array( "username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])), @@ -145,7 +139,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $rpQuery->bindValue(':rpuniqid', $ueusedata['uniqid']); $rpQuery->execute(); $rpData = $rpQuery->fetch(PDO::FETCH_ASSOC); - + if ($rpData){ $ueusedata['reply_count'] = $rpData['reply_count']; } @@ -155,11 +149,11 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $ruQuery->bindValue(':ruuniqid', $ueusedata['uniqid']); $ruQuery->execute(); $ruData = $ruQuery->fetch(PDO::FETCH_ASSOC); - + if ($ruData){ $ueusedata['reuse_count'] = $ruData['reuse_count']; } - + $item = [ 'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])), 'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])), @@ -180,10 +174,10 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])), 'nsfw' => $nsfw, ]; - + $response[] = $item; // ループ内で $response にデータを追加 } - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } else { $err = "ueuse_not_found"; @@ -191,7 +185,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } }else{ @@ -200,7 +194,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } } @@ -210,7 +204,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } -?> \ No newline at end of file +?> diff --git a/api/ueuse/search.php b/api/ueuse/search.php index 96f002e..bd3ec25 100644 --- a/api/ueuse/search.php +++ b/api/ueuse/search.php @@ -24,25 +24,10 @@ try { } $Get_Post_Json = file_get_contents("php://input"); -if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if(!(empty($_GET['token']))){ - $token = safetext($_GET['token']); - }else{ - $post_json = json_decode($Get_Post_Json, true); - if(isset($post_json["token"])){ - $token = safetext($post_json["token"]); - }else{ - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if($token == ""){ +if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -51,7 +36,16 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } - + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } + if(!(empty($_GET['keyword']))){ $keyword = $_GET['keyword']; }elseif(!(empty($post_json["keyword"]))){ @@ -62,7 +56,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } @@ -86,7 +80,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $page = 1; } $offset = ($page - 1) * $limit; - + session_start(); if( !empty($pdo) ) { @@ -103,17 +97,17 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $stmt->bindValue(':keyword', '%' . $keyword . '%', PDO::PARAM_STR); $stmt->execute(); $message_array = $stmt; - + while ($row = $message_array->fetch(PDO::FETCH_ASSOC)) { - + $messages[] = $row; } - + if (!empty($messages)) { $response = array( 'success' => true, ); // ループ外で $response を初期化 - + foreach ($messages as $ueusedata) { if(!(empty($ueusedata["favorite"]))){ $favorite = preg_split("/,/", decode_yajirushi(htmlspecialchars_decode($ueusedata["favorite"]))); @@ -125,7 +119,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $ueusedata["favorite_cnt"] = count($favcnts) - 1; $userData = getUserData($pdo, $ueusedata["account"]); - + if ($userData) { $now_userdata = array( "username" => decode_yajirushi(htmlspecialchars_decode($userData['username'])), @@ -151,7 +145,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $rpQuery->bindValue(':rpuniqid', $ueusedata['uniqid']); $rpQuery->execute(); $rpData = $rpQuery->fetch(PDO::FETCH_ASSOC); - + if ($rpData){ $ueusedata['reply_count'] = $rpData['reply_count']; } @@ -161,11 +155,11 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $ruQuery->bindValue(':ruuniqid', $ueusedata['uniqid']); $ruQuery->execute(); $ruData = $ruQuery->fetch(PDO::FETCH_ASSOC); - + if ($ruData){ $ueusedata['reuse_count'] = $ruData['reuse_count']; } - + $item = [ 'uniqid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["uniqid"])), 'replyid' => decode_yajirushi(htmlspecialchars_decode($ueusedata["rpuniqid"])), @@ -186,10 +180,10 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'abidatetime' => decode_yajirushi(htmlspecialchars_decode($ueusedata["abidate"])), 'nsfw' => $nsfw, ]; - + $response[] = $item; // ループ内で $response にデータを追加 } - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } else { $err = "ueuse_not_found"; @@ -197,7 +191,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } }else{ @@ -206,7 +200,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } } @@ -216,7 +210,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } -?> \ No newline at end of file +?> diff --git a/api/users/follow.php b/api/users/follow.php index 13f73a9..6e5dfc6 100644 --- a/api/users/follow.php +++ b/api/users/follow.php @@ -32,25 +32,10 @@ try { } $Get_Post_Json = file_get_contents("php://input"); -if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if(!(empty($_GET['token']))){ - $token = safetext($_GET['token']); - }else{ - $post_json = json_decode($Get_Post_Json, true); - if(isset($post_json["token"])){ - $token = safetext($post_json["token"]); - }else{ - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if($token == ""){ +if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -59,7 +44,16 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } - + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } + session_start(); if( !empty($pdo) ) { @@ -121,7 +115,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } }else{ @@ -130,7 +124,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } } @@ -140,7 +134,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } -?> \ No newline at end of file +?> diff --git a/api/users/index.php b/api/users/index.php index f4d5fc0..5e91a0b 100644 --- a/api/users/index.php +++ b/api/users/index.php @@ -24,26 +24,10 @@ try { } $Get_Post_Json = file_get_contents("php://input"); -if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - - //トークン取得 - if(!(empty($_GET['token']))){ - $token = safetext($_GET['token']); - }else{ - $post_json = json_decode($Get_Post_Json, true); - if(isset($post_json["token"])){ - $token = safetext($post_json["token"]); - }else{ - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if($token == ""){ +if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -52,7 +36,16 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } - + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } + if(!(empty($_GET['userid']))){ $userid = $_GET['userid']; }elseif(!(empty($post_json["userid"]))){ @@ -63,18 +56,18 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } - + session_start(); if( !empty($pdo) ) { $AuthData = APIAuth($pdo, $token, "read:users"); if($AuthData[0] === true){ $userdata = $AuthData[2]; - + if (empty($userdata)){ $response = array( 'error_code' => "critical_error_userdata_not_found", @@ -104,7 +97,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { "effect" => decode_yajirushi(htmlspecialchars_decode($role_view_effect)), "id" => decode_yajirushi(htmlspecialchars_decode($roleData[$roleId]['roleidname'])), ); - + $role[] = $roleinfo; } }else{ @@ -142,7 +135,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { }else{ $follower = array(); } - + $followcnts = explode(',', $userdata["follow"]); $userdata["follow_cnt"] = (int)count($followcnts)-1; @@ -152,7 +145,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { $allueuse = $pdo->prepare("SELECT account FROM ueuse WHERE account = :userid"); $allueuse->bindValue(':userid', $userdata["userid"]); $allueuse->execute(); - $All_ueuse = $allueuse->rowCount(); + $All_ueuse = $allueuse->rowCount(); $response = array( 'success' => true, @@ -180,7 +173,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } } @@ -190,7 +183,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } -?> \ No newline at end of file +?> diff --git a/api/users/unfollow.php b/api/users/unfollow.php index 0d71346..e6d2fb5 100644 --- a/api/users/unfollow.php +++ b/api/users/unfollow.php @@ -32,25 +32,10 @@ try { } $Get_Post_Json = file_get_contents("php://input"); -if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { - //トークン取得 - if(!(empty($_GET['token']))){ - $token = safetext($_GET['token']); - }else{ - $post_json = json_decode($Get_Post_Json, true); - if(isset($post_json["token"])){ - $token = safetext($post_json["token"]); - }else{ - $err = "input_not_found"; - $response = array( - 'error_code' => $err, - 'success' => false - ); - echo json_encode($response, JSON_UNESCAPED_UNICODE); - exit; - } - } - if($token == ""){ +if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { + // トークン取得 + $token = getAPIToken(); + if($token == "_ERR:INPUT_NOT_FOUND"){ $err = "input_not_found"; $response = array( 'error_code' => $err, @@ -59,7 +44,16 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } - + if($token == "_ERR:FORMAT_FIFFERENT"){ + $err = "token_invalid"; + $response = array( + 'error_code' => $err, + 'success' => false + ); + echo json_encode($response, JSON_UNESCAPED_UNICODE); + exit; + } + session_start(); if( !empty($pdo) ) { @@ -124,7 +118,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } @@ -134,7 +128,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); } } @@ -144,8 +138,8 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) { 'error_code' => $err, 'success' => false ); - + echo json_encode($response, JSON_UNESCAPED_UNICODE); exit; } -?> \ No newline at end of file +?> diff --git a/function/function.php b/function/function.php index 7e07bdd..7d63d49 100644 --- a/function/function.php +++ b/function/function.php @@ -12,14 +12,14 @@ function isIpInCIDR($ip, $cidr){ $networkBinary = inet_pton($network); if ($ipBinary === false || $networkBinary === false) { - actionLog(null, "error", "isIpInCIDR", null, "invalid_ip_or_network_".$ipBinary."/".$networkBinary, 4); + actionLog(null, "error", "isIpInCIDR", null, "invalid_ip_or_network_".$ipBinary."/".$networkBinary, 4); return false; } $totalBits = strlen($networkBinary) * 8; if ($prefixLength < 0 || $prefixLength > $totalBits) { - actionLog(null, "error", "isIpInCIDR", null, "bad_prefix_length_".$prefixLength, 4); + actionLog(null, "error", "isIpInCIDR", null, "bad_prefix_length_".$prefixLength, 4); return false; } @@ -33,7 +33,7 @@ function isIpInCIDR($ip, $cidr){ return ($ipBinary & $mask) === ($networkBinary & $mask); }else{ - actionLog(null, "error", "isIpInCIDR", null, "bad_ip", 4); + actionLog(null, "error", "isIpInCIDR", null, "bad_ip", 4); return false; } } @@ -318,13 +318,13 @@ function uwuzuUserLoginCheck($loginid, $loginkey, $operation_permission = "user" } } //---------UNIQID-MAKER--------- -function Legacy_createUniqId(){ - list($msec, $sec) = explode(" ", microtime()); - $hashCreateTime = $sec.floor($msec*1000000); - - $hashCreateTime = strrev($hashCreateTime); - - return base_convert($hashCreateTime,10,36); +function Legacy_createUniqId(){ + list($msec, $sec) = explode(" ", microtime()); + $hashCreateTime = $sec.floor($msec*1000000); + + $hashCreateTime = strrev($hashCreateTime); + + return base_convert($hashCreateTime,10,36); } function createUniqId($randDigits = 6) { $msec_time = (int)(microtime(true) * 1000); @@ -393,7 +393,7 @@ function delete_exif($extension, $path){ $h = imagesy($gd); $gd_out = imagecreatetruecolor($w,$h); imagecopyresampled($gd_out, $gd, 0,0,0,0, $w,$h,$w,$h); - $exif = exif_read_data($path); + $exif = exif_read_data($path); $gd_out = rotate($gd_out, $exif); imagejpeg($gd_out, $path); imagedestroy($gd_out); @@ -493,35 +493,35 @@ function base64_mime($Base64,$userid){ } } //APIユーズと通常ユーズ統合時に使うのでけさない -function base64_to_files($Base64, $userid) { +function base64_to_files($Base64, $userid) { // Base64デコード - $decodedData = base64_decode($Base64); + $decodedData = base64_decode($Base64); if ($decodedData === false) { return false; } // MIMEタイプの検出 - $finfo = finfo_open(FILEINFO_MIME_TYPE); - $mime_type = finfo_buffer($finfo, $decodedData); + $finfo = finfo_open(FILEINFO_MIME_TYPE); + $mime_type = finfo_buffer($finfo, $decodedData); finfo_close($finfo); // 許可されているMIMEタイプと拡張子の対応 - $safe_img_mime = [ - "image/gif" => 'gif', - "image/jpeg" => 'jpg', - "image/png" => 'png', - "image/webp" => 'webp', - "image/bmp" => 'bmp', - ]; - - if (!(isset($safe_img_mime[$mime_type]))) { + $safe_img_mime = [ + "image/gif" => 'gif', + "image/jpeg" => 'jpg', + "image/png" => 'png', + "image/webp" => 'webp', + "image/bmp" => 'bmp', + ]; + + if (!(isset($safe_img_mime[$mime_type]))) { return false; } $extension = $safe_img_mime[$mime_type]; // 一時ファイルを作成 - $temp_file = tempnam(sys_get_temp_dir(), 'img'); + $temp_file = tempnam(sys_get_temp_dir(), 'img'); file_put_contents($temp_file, $decodedData); // 必要に応じてEXIFデータを削除 @@ -533,7 +533,7 @@ function base64_to_files($Base64, $userid) { } // ファイル名とアップロードパスを生成 - $newFilename = createUniqId() . '-' . $userid . '.' . $extension; + $newFilename = createUniqId() . '-' . $userid . '.' . $extension; // $_FILES形式の配列を作成して返す return [ @@ -546,7 +546,7 @@ function base64_to_files($Base64, $userid) { } function resizeImage($filePath, $maxWidth, $maxHeight) { - if (file_exists($filePath)) { + if (file_exists($filePath)) { // 元の画像タイプを取得 $imageType = check_mime($filePath); // 画像タイプに応じてリソースを作成 @@ -566,7 +566,7 @@ function resizeImage($filePath, $maxWidth, $maxHeight) { list($originalWidth, $originalHeight) = getimagesize($filePath); if ($originalWidth <= $maxWidth && $originalHeight <= $maxHeight) { - imagewebp($originalImage, $filePath, 90); + imagewebp($originalImage, $filePath, 90); imagedestroy($originalImage); return true; } @@ -643,11 +643,11 @@ function uploadAmazonS3($tmp_name){ $url = AMS3_BASE_URLS . '/' . $key; return $url; }else{ - actionLog(null, "error", "uploadAmazonS3", null, "アップロードに失敗しました", 4); + actionLog(null, "error", "uploadAmazonS3", null, "アップロードに失敗しました", 4); return false; } } catch (Aws\S3\Exception\S3Exception $e) { - actionLog(null, "error", "uploadAmazonS3", null, $e->getMessage(), 4); + actionLog(null, "error", "uploadAmazonS3", null, $e->getMessage(), 4); return false; } } @@ -688,15 +688,15 @@ function deleteAmazonS3($url){ if($result){ return true; }else{ - actionLog(null, "error", "deleteAmazonS3", null, "削除に失敗しました", 4); + actionLog(null, "error", "deleteAmazonS3", null, "削除に失敗しました", 4); return false; } }else{ - actionLog(null, "error", "deleteAmazonS3", null, $key."が既に削除されていました", 1); + actionLog(null, "error", "deleteAmazonS3", null, $key."が既に削除されていました", 1); return true; } } catch (Aws\S3\Exception\S3Exception $e) { - actionLog(null, "error", "deleteAmazonS3", null, $e->getMessage(), 4); + actionLog(null, "error", "deleteAmazonS3", null, $e->getMessage(), 4); return false; } } @@ -794,29 +794,29 @@ function replaceProfileEmojiImages($postText) { return $postTextWithImages; } // ユーズ内の絵文字やhashtagを画像に置き換える -function replaceEmojisWithImages($postText) { - $postText = str_replace(''', '\'', $postText); +function replaceEmojisWithImages($postText) { + $postText = str_replace(''', '\'', $postText); - $emojiPattern = '/:(\w+):/'; - $postTextWithImages = preg_replace_callback($emojiPattern, function($matches) { - $emojiName = $matches[1]; - $dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, - PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true, - )); - $emoji_Query = $dbh->prepare("SELECT emojifile, emojiname FROM emoji WHERE emojiname = :emojiname"); - $emoji_Query->bindValue(':emojiname', $emojiName); - $emoji_Query->execute(); - $emoji_row = $emoji_Query->fetch(); - if(empty($emoji_row["emojifile"])){ - $emoji_path = "img/sysimage/errorimage/emoji_404.png"; - return ":".$emojiName.":"; - }else{ - $emoji_path = $emoji_row["emojifile"]; - return ":$emojiName:"; - } - }, $postText); + $emojiPattern = '/:(\w+):/'; + $postTextWithImages = preg_replace_callback($emojiPattern, function($matches) { + $emojiName = $matches[1]; + $dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, + PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true, + )); + $emoji_Query = $dbh->prepare("SELECT emojifile, emojiname FROM emoji WHERE emojiname = :emojiname"); + $emoji_Query->bindValue(':emojiname', $emojiName); + $emoji_Query->execute(); + $emoji_row = $emoji_Query->fetch(); + if(empty($emoji_row["emojifile"])){ + $emoji_path = "img/sysimage/errorimage/emoji_404.png"; + return ":".$emojiName.":"; + }else{ + $emoji_path = $emoji_row["emojifile"]; + return ":$emojiName:"; + } + }, $postText); $urlPattern = '/https?:\/\/[^\s]+/'; $urlPlaceholders = []; @@ -827,33 +827,33 @@ function replaceEmojisWithImages($postText) { }, $postTextWithImages); $usernamePattern = '/@(\w+)/'; - $postTextWithUsernames = preg_replace_callback($usernamePattern, function($matches) { - $username = $matches[1]; + $postTextWithUsernames = preg_replace_callback($usernamePattern, function($matches) { + $username = $matches[1]; - $dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array( - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, - PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true, - )); + $dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, + PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true, + )); - $mentionsuserQuery = $dbh->prepare("SELECT username, userid FROM account WHERE userid = :userid"); - $mentionsuserQuery->bindValue(':userid', $username); - $mentionsuserQuery->execute(); - $mentionsuserData = $mentionsuserQuery->fetch(); + $mentionsuserQuery = $dbh->prepare("SELECT username, userid FROM account WHERE userid = :userid"); + $mentionsuserQuery->bindValue(':userid', $username); + $mentionsuserQuery->execute(); + $mentionsuserData = $mentionsuserQuery->fetch(); - if(empty($mentionsuserData)){ - return "@".$username.""; - }else{ - return "@".replaceProfileEmojiImages(htmlentities($mentionsuserData["username"], ENT_QUOTES, 'UTF-8', false)).""; - } + if(empty($mentionsuserData)){ + return "@".$username.""; + }else{ + return "@".replaceProfileEmojiImages(htmlentities($mentionsuserData["username"], ENT_QUOTES, 'UTF-8', false)).""; + } }, $postTextWithPlaceholders); $postTextWithUrlsRestored = str_replace(array_keys($urlPlaceholders), array_values($urlPlaceholders), $postTextWithUsernames); - $hashtagsPattern = '/#([\p{Han}\p{Hiragana}\p{Katakana}A-Za-z0-9ー_!]+)/u'; - $postTextWithHashtags = preg_replace_callback($hashtagsPattern, function($matches) { - $hashtags = $matches[1]; - return "" . '#' . $hashtags . ""; + $hashtagsPattern = '/#([\p{Han}\p{Hiragana}\p{Katakana}A-Za-z0-9ー_!]+)/u'; + $postTextWithHashtags = preg_replace_callback($hashtagsPattern, function($matches) { + $hashtags = $matches[1]; + return "" . '#' . $hashtags . ""; }, $postTextWithUrlsRestored); return $postTextWithHashtags; @@ -869,7 +869,7 @@ function replaceURLsWithLinks($postText, $maxLength = 48) { return ''.$truncatedLink.''; } else { return ''.$no_https_link.''; - } + } }else{ return $link; } @@ -994,7 +994,7 @@ function to_null($value) { "ruuniqid" => "", "abi" => "none", ]; - + foreach ($null_conditions as $key => $invalid_value) { if (isset($value[$key]) && $value[$key] === $invalid_value) { $value[$key] = null; @@ -1136,12 +1136,12 @@ function get_mentions_userid($postText) { PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true, )); - + $mention_userQuery = $dbh->prepare("SELECT username, userid FROM account WHERE userid = :userid"); $mention_userQuery->bindValue(':userid', $mention_username); $mention_userQuery->execute(); - $mention_userData = $mention_userQuery->fetch(); - + $mention_userData = $mention_userQuery->fetch(); + if (!empty($mention_userData)) { $mentionedUsers[] = strtolower($mention_username); } @@ -1184,7 +1184,7 @@ function send_notification($to,$from,$title,$message,$url,$category,$valueid = n }else{ $save_valueid = ""; } - if(!(empty($pdo))){ + if(!(empty($pdo))){ $pdo->beginTransaction(); try { $fromuserid = safetext($from); @@ -1196,10 +1196,10 @@ function send_notification($to,$from,$title,$message,$url,$category,$valueid = n $userchk = 'none'; $notification_category = safetext($category); $notification_id = GenNotificationId($touserid, $fromuserid, $title, $msg, $url, $notification_category); - + // 通知用SQL作成 $stmt = $pdo->prepare("INSERT INTO notification (fromuserid, touserid, msg, url, datetime, userchk, title, category, notificationid, valueid) VALUES (:fromuserid, :touserid, :msg, :url, :datetime, :userchk, :title, :category, :notificationid, :valueid)"); - + $stmt->bindParam(':fromuserid', $fromuserid, PDO::PARAM_STR); $stmt->bindParam(':touserid', $touserid, PDO::PARAM_STR); $stmt->bindParam(':msg', $msg, PDO::PARAM_STR); @@ -1210,13 +1210,13 @@ function send_notification($to,$from,$title,$message,$url,$category,$valueid = n $stmt->bindParam(':notificationid', $notification_id, PDO::PARAM_STR); $stmt->bindParam(':valueid', $save_valueid, PDO::PARAM_STR); - + $stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR); - + $res = $stmt->execute(); - + $res = $pdo->commit(); - + if($res){ return true; }else{ @@ -1224,7 +1224,7 @@ function send_notification($to,$from,$title,$message,$url,$category,$valueid = n actionLog($from, "error", "send_notification", $to, "通知の送信に失敗しました(rollBack)", 3); return false; } - + } catch(Exception $e) { $pdo->rollBack(); actionLog($from, "error", "send_notification", $to, $e, 4); @@ -1268,7 +1268,7 @@ function delete_notification($to,$from,$title,$message,$url,$category){ $category_list = ["system","favorite","reply","reuse","ueuse","follow","mention","other", "login"]; if(in_array($category, $category_list)){ if(in_array($category, explode(',', $to_result["notification_settings"])) || empty($to_result["notification_settings"]) || $category === "system" || $category === "other"){ - if(!(empty($pdo))){ + if(!(empty($pdo))){ $fromuserid = safetext($from); $touserid = safetext($to); $msg = safetext($message); @@ -1282,7 +1282,7 @@ function delete_notification($to,$from,$title,$message,$url,$category){ $deleteQuery = $pdo->prepare("DELETE FROM notification WHERE notificationid = :notificationid"); $deleteQuery->bindValue(':notificationid', $notification_id, PDO::PARAM_STR); $res = $deleteQuery->execute(); - + if ($res) { $res = $pdo->commit(); return true; @@ -1368,7 +1368,7 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$ return [false, "DB_ERROR"]; } - if(!(empty($pdo))){ + if(!(empty($pdo))){ $uniqid = createUniqId();//最初に決めちゃう if(empty(getUeuseData($pdo, $uniqid))){ @@ -1403,13 +1403,13 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$ } } } - + // 改行ユーズ確認 if(preg_match('/^\s+$/u', $ueuse) === 1){ $error_message[] = '内容を入力してください。(INPUT_PLEASE)'; } } - + $old_datetime = date("Y-m-d H:i:00"); $now_datetime = date("Y-m-d H:i:00",strtotime("+1 minute")); $rate_Query = $pdo->prepare("SELECT * FROM ueuse WHERE account = :userid AND TIME(datetime) BETWEEN :old_datetime AND :now_datetime"); @@ -1419,7 +1419,7 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$ $rate_Query->execute(); $rate_count = $rate_Query->rowCount(); if(!($rate_count > $max_ueuse_rate_limit-1)){ - if(empty($error_message)) { + if(empty($error_message)) { if (empty($photo1['name'])) { $save_photo1 = "none"; } else { @@ -1448,7 +1448,7 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$ $uploadedPath = '../ueuseimages/' . $newFilename; // ファイルを移動 $result = move_uploaded_file($uploadedFile['tmp_name'], __DIR__."/".$uploadedPath); - + if ($result) { $save_photo1 = $uploadedPath; // 保存されたファイルのパスを使用 } else { @@ -1624,7 +1624,7 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$ // 保存先のパスを生成 $uploadedPath4 = '../ueuseimages/' . $newFilename4; // ファイルを移動 - $result4 = move_uploaded_file($uploadedFile4['tmp_name'], __DIR__."/".$uploadedPath4); + $result4 = move_uploaded_file($uploadedFile4['tmp_name'], __DIR__."/".$uploadedPath4); if ($result4) { $save_photo4 = $uploadedPath4; // 保存されたファイルのパスを使用 } else { @@ -1702,7 +1702,7 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$ } } - if(empty($error_message)) { + if(empty($error_message)) { // 書き込み日時を取得 $datetime = date("Y-m-d H:i:s"); $abi = "none"; @@ -1719,7 +1719,7 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$ // SQL作成 $stmt = $pdo->prepare("INSERT INTO ueuse (username, account, uniqid, ueuse, photo1, photo2, photo3, photo4, video1, datetime, abi, nsfw, popularity, mentions) VALUES (:username, :account, :uniqid, :ueuse, :photo1, :photo2, :photo3, :photo4, :video1, :datetime, :abi, :nsfw, :popularity, :mentions)"); - + $stmt->bindParam(':username', $username, PDO::PARAM_STR); $stmt->bindParam(':account', $userid, PDO::PARAM_STR); $stmt->bindParam(':uniqid', $uniqid, PDO::PARAM_STR); @@ -1759,7 +1759,7 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$ $toUserIdQuery = $pdo->prepare("SELECT account FROM ueuse WHERE uniqid = :ueuseid ORDER BY datetime ASC LIMIT 1"); $toUserIdQuery->bindValue(':ueuseid', $rpUniqid, PDO::PARAM_STR); $toUserIdQuery->execute(); - $toUserId_res = $toUserIdQuery->fetch(); + $toUserId_res = $toUserIdQuery->fetch(); if(!(empty($toUserId_res))){ $touserid = $toUserId_res["account"]; @@ -1770,7 +1770,7 @@ function send_ueuse($userid,$rpUniqid,$ruUniqid,$ueuse,$photo1,$photo2,$photo3,$ changePopularity($pdo, $rpUniqid, $userid, 3); // トランザクション開始 $pdo->beginTransaction(); - + try { // SQL作成 $stmt = $pdo->prepare("INSERT INTO ueuse (username, account, uniqid, rpuniqid, ueuse, photo1, photo2, photo3, photo4, video1, datetime, abi, nsfw, popularity, mentions) VALUES (:username, :account, :uniqid, :rpuniqid, :ueuse, :photo1, :photo2, :photo3, :photo4, :video1, :datetime, :abi, :nsfw, :popularity, :mentions)"); @@ -1922,7 +1922,7 @@ function delete_ueuse($uniqid, $userid, $account_id){ $postUserid = safetext($userid); $postUniqid = safetext($uniqid); $loginid = safetext($account_id); - + try { $option = array( PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, @@ -1934,24 +1934,24 @@ function delete_ueuse($uniqid, $userid, $account_id){ $error_message[] = $e->getMessage(); actionLog($userid, "error", "delete_ueuse", null, $e, 4); } - + $query = $pdo->prepare('SELECT * FROM ueuse WHERE uniqid = :uniqid limit 1'); $query->execute(array(':uniqid' => $postUniqid)); $result = $query->fetch(); - + if($result > 0){ if($result["account"] === $postUserid){ $query = $pdo->prepare('SELECT * FROM account WHERE userid = :userid limit 1'); $query->execute(array(':userid' => $postUserid)); $result2 = $query->fetch(); - + if($result2["loginid"] === $loginid){ $photo_query = $pdo->prepare("SELECT * FROM ueuse WHERE account = :userid AND uniqid = :uniqid"); $photo_query->bindValue(':userid', $postUserid); $photo_query->bindValue(':uniqid', $postUniqid); $photo_query->execute(); $photo_and_video = $photo_query->fetch(); - + if(!($photo_and_video["photo1"] == "none")){ if(filter_var($photo_and_video["photo1"], FILTER_VALIDATE_URL)){ if(AMS3_CHKS == "true"){ @@ -2022,11 +2022,11 @@ function delete_ueuse($uniqid, $userid, $account_id){ } } } - + $ruChkquery = $pdo->prepare('SELECT * FROM ueuse WHERE ruuniqid = :uniqid AND ueuse = "" limit 1'); $ruChkquery->execute(array(':uniqid' => $postUniqid)); $result3 = $ruChkquery->fetch(); - + if($result3 > 0){ // トランザクション開始 $pdo->beginTransaction(); @@ -2035,7 +2035,7 @@ function delete_ueuse($uniqid, $userid, $account_id){ $rudeleteQuery = $pdo->prepare("DELETE FROM ueuse WHERE ruuniqid = :uniqid AND ueuse = ''"); $rudeleteQuery->bindValue(':uniqid', $postUniqid, PDO::PARAM_STR); $res = $rudeleteQuery->execute(); - + if (!($res)){ $pdo->rollBack(); $error_message[] = "リユーズの削除ができませんでした。"; @@ -2049,7 +2049,7 @@ function delete_ueuse($uniqid, $userid, $account_id){ actionLog($userid, "error", "delete_ueuse", null, $e, 4); } } - + $ru_tree_Chkquery = $pdo->prepare('SELECT * FROM ueuse WHERE uniqid = :ruuniqid limit 1'); $ru_tree_Chkquery->execute(array(':ruuniqid' => $result["ruuniqid"])); $result4 = $ru_tree_Chkquery->fetch(); @@ -2072,9 +2072,9 @@ function delete_ueuse($uniqid, $userid, $account_id){ $deleteQuery->bindValue(':uniqid', $postUniqid, PDO::PARAM_STR); $deleteQuery->bindValue(':userid', $postUserid, PDO::PARAM_STR); $res = $deleteQuery->execute(); - + if ($res) { - $pdo->commit(); + $pdo->commit(); return [true, "削除に成功しました!"]; } else { $pdo->rollBack(); @@ -2381,7 +2381,7 @@ function deleteUser($pdo, $userid, $step, $job_uniqid){ $res = $stmt->execute(); if ($res) { - $pdo->commit(); + $pdo->commit(); send_notification($userid, "uwuzu-fromsys", "🗑️アカウントの削除が開始されました🗑️", "アカウントの削除が開始されました!\n今後、アカウントのデータは順次削除されます。\n削除には時間がかかります。\n\nログアウトしてお待ち下さい。\n\nアカウントの復旧はできません。", "/others", "system", $userid); if(changeJob($pdo, $userid, $job_uniqid, "delete_ueuse", "waiting")){ @@ -2417,7 +2417,7 @@ function deleteUser($pdo, $userid, $step, $job_uniqid){ if($step == "delete_ueuse"){ if(changeJob($pdo, $userid, $job_uniqid, "delete_ueuse", "running")){ // ユーズを直近100件取得 - $getUeuse_query = $pdo->prepare("SELECT * FROM ueuse WHERE account = :userid ORDER BY datetime DESC LIMIT 50"); + $getUeuse_query = $pdo->prepare("SELECT * FROM ueuse WHERE account = :userid ORDER BY datetime DESC LIMIT 50"); $getUeuse_query->bindValue(':userid', $userid, PDO::PARAM_STR); $getUeuse_query->execute(); $getUeuse = $getUeuse_query->fetchAll(); @@ -2475,11 +2475,11 @@ function deleteUser($pdo, $userid, $step, $job_uniqid){ if($step == "delete_follow"){ if(changeJob($pdo, $userid, $job_uniqid, "delete_follow", "running")){ // フォロー・フォロワー情報を削除したい全てのアカウントを取得 - $flw_query = $pdo->prepare("SELECT * - FROM account + $flw_query = $pdo->prepare("SELECT * + FROM account WHERE FIND_IN_SET(:userid, follow) > 0 OR FIND_IN_SET(:userid, follower) > 0; - "); + "); $flw_query->bindValue(':userid', $userid, PDO::PARAM_STR); $flw_query->execute(); $flw_accounts = $flw_query->fetchAll(); @@ -2490,10 +2490,10 @@ function deleteUser($pdo, $userid, $step, $job_uniqid){ } // ユーザーIDを削除したい全てのアカウントを取得 - $blk_query = $pdo->prepare("SELECT * - FROM account + $blk_query = $pdo->prepare("SELECT * + FROM account WHERE FIND_IN_SET(:userid, blocklist) > 0; - "); + "); $blk_query->bindValue(':userid', $userid, PDO::PARAM_STR); $blk_query->execute(); $blk_accounts = $blk_query->fetchAll(); @@ -2503,10 +2503,10 @@ function deleteUser($pdo, $userid, $step, $job_uniqid){ } //いいねを外したいすべてのユーズを取得 - $fav_ueuse_query = $pdo->prepare("SELECT * - FROM ueuse + $fav_ueuse_query = $pdo->prepare("SELECT * + FROM ueuse WHERE FIND_IN_SET(:userid, favorite) > 0; - "); + "); $fav_ueuse_query->bindValue(':userid', $userid, PDO::PARAM_STR); $fav_ueuse_query->execute(); $fav_ueuse_ueuses = $fav_ueuse_query->fetchAll(); @@ -2570,18 +2570,18 @@ function deleteUser($pdo, $userid, $step, $job_uniqid){ } } - $pdo->beginTransaction(); + $pdo->beginTransaction(); try { // 投稿削除クエリを実行 $deleteQuery = $pdo->prepare("DELETE FROM ueuse WHERE account = :userid"); $deleteQuery->bindValue(':userid', $userid, PDO::PARAM_STR); $res = $deleteQuery->execute(); - + // 通知削除クエリを実行(自分宛ての通知) $deleteQuery = $pdo->prepare("DELETE FROM notification WHERE touserid = :touserid"); $deleteQuery->bindValue(':touserid', $userid, PDO::PARAM_STR); $res = $deleteQuery->execute(); - + // 通知削除クエリを実行(自分からの通知) $deleteQuery = $pdo->prepare("DELETE FROM notification WHERE fromuserid = :fromuserid"); $deleteQuery->bindValue(':fromuserid', $userid, PDO::PARAM_STR); @@ -2596,7 +2596,7 @@ function deleteUser($pdo, $userid, $step, $job_uniqid){ $deleteQuery = $pdo->prepare("DELETE FROM account WHERE userid = :userid"); $deleteQuery->bindValue(':userid', $userid, PDO::PARAM_STR); $res = $deleteQuery->execute(); - + if($res) { // コミット $pdo->commit(); @@ -2665,7 +2665,7 @@ function changePopularity($pdo, $uniqid, $userid, $change_range){ }else{ actionLog($userid, "error", "changePopularity", $uniqid, "不正な変更値です", 4); return false; - } + } } } function addFavorite($pdo, $uniqid, $userid){ @@ -2685,13 +2685,13 @@ function addFavorite($pdo, $uniqid, $userid){ $favoriteList[] = $userid; send_notification(safetext($post['account']),$userid,"".$userid."さんがいいねしました!",safetext($post['ueuse']),"/!".$uniqid."","favorite", $uniqid); - + //1いいねでスコアが1増加 changePopularity($pdo, $uniqid, $userid, 1); } else { // ユーザーIDを削除 array_splice($favoriteList, $index, 1); - + //1いいね解除でスコアが1減る changePopularity($pdo, $uniqid, $userid, -1); @@ -2773,7 +2773,7 @@ function getUeuseData($pdo, $uniqid) { $rpQuery->bindValue(':rpuniqid', $ueuseDatas['uniqid']); $rpQuery->execute(); $rpData = $rpQuery->fetch(PDO::FETCH_ASSOC); - + if ($rpData){ $ueuseDatas['reply_count'] = $rpData['reply_count']; } @@ -2783,7 +2783,7 @@ function getUeuseData($pdo, $uniqid) { $ruQuery->bindValue(':ruuniqid', $ueuseDatas['uniqid']); $ruQuery->execute(); $ruData = $ruQuery->fetch(PDO::FETCH_ASSOC); - + if ($ruData){ $ueuseDatas['reuse_count'] = $ruData['reuse_count']; } @@ -3181,7 +3181,7 @@ function val_AddOtherSettings($dataname, $data, $jsontext){ $ret = false; } } - + return $ret; } //ユーザーのOther_Settingsが既にあるかないか(なければ空のJSONを追加) @@ -3521,7 +3521,7 @@ function DelAPIToken($pdo, $uniqid){ $deleteQuery = $pdo->prepare("DELETE FROM api WHERE uniqid = :uniqid"); $deleteQuery->bindValue(':uniqid', $uniqid, PDO::PARAM_STR); $res = $deleteQuery->execute(); - + if ($res) { $res = $pdo->commit(); return true; @@ -3572,7 +3572,7 @@ function DelSessionidAPIToken($pdo, $session){ $pdo->rollBack(); actionLog($tokenData["userid"], "error", "DelSessionidAPIToken", $tokenData["uniqid"], $e, 4); return false; - } + } }else{ actionLog($tokenData["userid"], "error", "DelSessionidAPIToken", $tokenData["uniqid"], "セッションIDが存在しません。", 3); return false; @@ -3680,7 +3680,7 @@ function getDatasUeuse(PDO $pdo, array $messages): array { $parts = array_filter($parts, fn($v) => $v !== ''); $favCount = count($parts); } - + $message['favorite_count'] = $favCount; } unset($message); @@ -3688,4 +3688,37 @@ function getDatasUeuse(PDO $pdo, array $messages): array { return $messages; } -?> \ No newline at end of file +function getAPIToken() { + // 従来の方法(body/URLパラメータ) + $Get_Post_Json = file_get_contents("php://input"); + if(isset($_GET["token"]) || !empty($Get_Post_Json)) { + if(empty($_GET["token"])){ + $post_json = json_decode($Get_Post_Json, true); + if(isset($post_json["token"])){ + return safetext($post_json["token"]); + }else{ + return "_ERR:INPUT_NOT_FOUND"; + } + }else{ + return safetext($_GET["token"]); + } + }elseif(empty($_GET["token"])){ + return "_ERR:INPUT_NOT_FOUND"; + }elseif(empty($_SERVER["HTTP_AUTHORIZATION"])){ + return "_ERR:INPUT_NOT_FOUND"; + }else{ + $token = strstr($_SERVER["HTTP_AUTHORIZATION"],"Bearer "); + if($token == false){ + return "_ERR:FORMAT_FIFFERENT"; + }else{ + $token = str_replace(" ","",$token); + if ($token == "") { + return "_ERR:FORMAT_FIFFERENT"; + } else { + return $token; + } + } + } +} + +?>