20220608

2 years ago · d3c99ad9e1
5 changed files with 169 additions and 4 deletions
--- a/class/Api.php
+++ b/class/Api.php
@ -177,6 +177,12 @@ class Api {
				@@ -177,6 +177,12 @@ class Api {
            if( !$this->is_login() ) {
                $this->err_msg(-1002,'Authorization failure!');
            }
+            else if( $this->is_login() ){
+                return TRUE;
+            }
+            else{
+                $this->err_msg(-1002,'Cookie authorization failure!');
+            }
        }
        else if ( empty($SecretKey) ) {
            $this->err_msg(-2000,'请先生成SecretKey！');
@ -1412,9 +1418,12 @@ class Api {
				@@ -1412,9 +1418,12 @@ class Api {
    /**
     * 用户状态
     */
-    public function check_login(){
-        $status = $this->is_login() ? "true" : "false";
-        $this->return_json(200,$status,"");
+    public function check_login($token){
+        $re = $this->auth($token);
+        
+        if( $re ) {
+            $this->return_json(200,"true","success");
+        }
    }
    /**
     * 验证订阅是否有效
@ -1465,6 +1474,75 @@ class Api {
				@@ -1465,6 +1474,75 @@ class Api {
            $this->return_json(-2000,'','网络请求失败，请重试！');
        }
    }
+    /**
+     * 下载主题
+     */
+    public function down_theme($data) {
+        //主题名称
+        $name = $data['name'];
+        //key-value
+        $key = $data['key'];
+        $value = $data['value'];
+        //拼接主题URL
+        $url = API_URL."/v1/down_theme.php?name=${name}&key=${key}&value=${value}";
+        //验证token是否合法
+        $this->auth($token);
+        //检查主题是否已经存在
+        if ( $data['type'] == 'download' ) {
+            $theme1 = "templates/".$name;
+            $theme2 = "data/templates/".$name;
+
+            if( is_dir($theme1) || is_dir($theme2) ) {
+                $this->return_json(-2000,'','主题已存在，无需重复下载！');
+            }
+        }
+        //如果返回404状态
+        $res = get_headers($url,1);
+        if( strstr($res[0],'404') ) {
+            $this->return_json(-2000,'','远程服务器上不存在此主题！');
+        }
+        //判断主题目录是否存在,如果curl_host是alpine，则视为容器，容器则将主题目录设置为data/templates
+        $curl_host = curl_version()['host'];
+        if( strstr($curl_host,'alpine') ) {
+            $theme_dir = "data/templates";
+        }
+        else{
+            $theme_dir = "templates";
+        }
+        //主题完整压缩包路径
+        $file_name = $theme_dir."/${name}.tar.gz";
+        if( !is_dir($theme_dir) ) {
+            mkdir($theme_dir,0755);
+        }
+        
+        //尝试下载主题
+        try {
+            //下载主题，并设置超时时间为120s
+            $content = $this->curl_get($url,120);
+            //写入主题
+            $re = file_put_contents($theme_dir."/${name}.tar.gz",$content);
+            //如果写入主题失败了，说明权限不粗糙
+            if( !$re ) {
+                $this->return_json(-2000,'','主题写入失败，请检查目录权限！');
+            }
+            else{
+                //解压文件
+                $phar = new PharData($file_name);
+                //路径 要解压的文件 是否覆盖
+                $phar->extractTo($theme_dir."/${name}", null, true);
+                //删除主题
+                unlink($file_name);
+                $this->return_json(200,'','主题下载成功！');
+            }
+
+        } catch (\Throwable $th) {
+            $this->return_json(-2000,'','主题下载失败，请检查目录权限！');
+        }
+        finally{
+            unlink($file_name);
+        }
+
+    }
    /**
     * 验证订阅是否存在
     */
@ -1634,6 +1712,24 @@ class Api {
				@@ -1634,6 +1712,24 @@ class Api {
            $this->return_json(-2000,"","更新失败，版本校验不匹配，请检查目录权限！");
        }
    }
+
+    //curl get请求
+    protected function curl_get($url,$timeout = 10) {
+    $curl = curl_init($url);
+	#设置useragent
+    curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36");
+    curl_setopt($curl, CURLOPT_FAILONERROR, true);
+    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
+    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
+    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
+    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
+    #设置超时时间，最小为1s（可选）
+    curl_setopt($curl , CURLOPT_TIMEOUT, $timeout);
+
+    $html = curl_exec($curl);
+    curl_close($curl);
+    return $html;
+}
    
 }

--- a/controller/admin.php
+++ b/controller/admin.php
@ -67,6 +67,8 @@ if ( $page == "setting/theme_config" ){
				@@ -67,6 +67,8 @@ if ( $page == "setting/theme_config" ){
    $current_configs = file_get_contents($theme_dir."/config.json");
    
    $current_configs = json_decode($current_configs);
+
+    
    //var_dump($current_configs);
 }

@ -232,6 +234,16 @@ if( $page == 'setting/theme' ) {
				@@ -232,6 +234,16 @@ if( $page == 'setting/theme' ) {
    $themes = $data;
    //获取当前主题
    $current_them = $db->get('on_options','value',[ 'key'  =>  "theme" ]);
+
+    //获取在线主题列表
+    $theme_list = curl_get("https://onenav.xiaoz.top/v1/theme_list.php");
+    $theme_list = json_decode($theme_list)->data;
+    //var_dump($theme_list);
+    //去重一下
+    foreach ($themes as $key => $value) {
+        unset($theme_list->$key);
+    }
+    
 }

 //站点设置页面
--- a/controller/api.php
+++ b/controller/api.php
@ -510,11 +510,23 @@ EOF;
				@@ -510,11 +510,23 @@ EOF;

 //获取用户登录状态
 function check_login($api) {
-    $api->check_login();
+    $token = trim($_REQUEST['token']);
+    $api->check_login($token);
 }

 //删除主题
 function delete_theme($api) {
    $name = $_REQUEST['name'];
    $api->delete_theme($name);
+}
+
+//下载主题
+function down_theme() {
+    global $api;
+    $data['name'] = trim($_REQUEST['name']);
+    $data['key'] = trim( $_REQUEST['key'] );
+    $data['value'] = trim( $_REQUEST['value'] );
+    $data['type'] = trim( $_REQUEST['type'] );
+
+    $api->down_theme($data);
 }
--- a/controller/bing.php
+++ b/controller/bing.php
@ -0,0 +1,27 @@
				@@ -0,0 +1,27 @@
+<?php
+/**
+ * name:bing壁纸
+ */
+header('Content-Type:application/json; charset=utf-8');
+// 载入辅助函数
+require('functions/helper.php');
+//获取当前主机名
+$host = $_SERVER['HTTP_HOST'];
+//获取reffrer
+$referer = $_SERVER['HTTP_REFERER'];
+
+//如果referer和主机名不匹配，则禁止调用
+if ( ( !empty($referer) ) && ( !strstr($referer,$host)  ) ) {
+    exit('调用失败');
+}
+session_start();
+
+//如果session不为空，则使用session数据
+if ( empty( $_SESSION['bing_data'] ) ) {
+    $bing_data = curl_get("https://www.bing.com/HPImageArchive.aspx?format=js&idx=0&n=8",8);
+    $_SESSION['bing_data'] = $bing_data;
+    echo $bing_data;
+}
+else{
+    echo $_SESSION['bing_data'];
+}
--- a/functions/helper.php
+++ b/functions/helper.php
@ -45,4 +45,22 @@ function g_extend_js() {
				@@ -45,4 +45,22 @@ function g_extend_js() {
    else{
        echo '';
    }
+}
+
+//curl get请求
+function curl_get($url,$timeout = 10) {
+    $curl = curl_init($url);
+	#设置useragent
+    curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36");
+    curl_setopt($curl, CURLOPT_FAILONERROR, true);
+    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
+    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
+    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
+    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
+    #设置超时时间，最小为1s（可选）
+    curl_setopt($curl , CURLOPT_TIMEOUT, $timeout);
+
+    $html = curl_exec($curl);
+    curl_close($curl);
+    return $html;
 }