<?php include 'api_common.inc.php'; $timestamp = time() * 1000; //debug if (!empty($_GET['fid'])) { exit(urlencode(base64_encode(des_encrypt("{$_GET['fid']}|{$timestamp}0|username", $TRIPLEDES_KEY, $TRIPLEDES_IV)))); } if (empty($_GET['encode_profile']) || empty($_GET['name']) || empty($_GET['username']) || empty($_GET['token'])) { exit('Missing encode_profile/name/username/token'); } $encode_profile = trim($_GET['encode_profile']); $name = trim($_GET['name']); $encodeArr = explode('|', des_decrypt(base64_decode($encode_profile), $TRIPLEDES_KEY, $TRIPLEDES_IV)); if (sizeof($encodeArr) != 3 || $encodeArr[2] != $_GET['username'] || $encodeArr[1] < $timestamp) { exit('Unauthorized or out-of-date'); } $url = API_CLOUDPLAY . "/private/2/file/{$encodeArr[0]}/download_url?download_inner=0&download_expire=864000"; $rs = json_decode(send_get($url), 1); if (!empty($rs['data'])) { $rs['data'] = str_replace('http://sw3.pplive.cn', '', $rs['data']); $rs['data'] = str_replace('http://swift.pplive.cn', '', $rs['data']); if (strpos($_SERVER["HTTP_USER_AGENT"], "MSIE") || strpos($_SERVER["HTTP_USER_AGENT"], 'rv:11')) { $name = urlencode(urlencode($name)); } else { $name = urlencode($name); } $rs['data'] = str_replace('.ppc?', ".ppc.{$name}.mp4?", $rs['data']); header("Location: {$rs['data']}"); }
<?php include 'api_common.inc.php'; //检查传参 if (empty($_POST['token']) || empty($_FILES['upload']) || empty($_GET['app']) || empty($_GET['tk'])) { scriptReturn('', 'token,upload,app,tk can not be empty', 403); } //检查token parse_str(des_decrypt(base64_decode(urldecode($_POST['token'])), $TRIPLEDES_KEY, $TRIPLEDES_IV), $session); if (empty($session)) { scriptReturn('', 'token error', 403); } //检查是否是正常文件 if ($_FILES["upload"]["error"] > 0) { scriptReturn('', '未选择文件', 422); } //图片大小不能超过4M,像素宽高不能超过4000 if (filesize($_FILES['upload']['tmp_name']) > 4 * 1024 * 1024) { scriptReturn('', '图片大小不能超过4M', 422); } $imageInfo = getimagesize($_FILES['upload']['tmp_name']); if (!$imageInfo || $imageInfo[0] > 4000 || $imageInfo[1] > 4000) { scriptReturn('', '图片像素宽高不能超过4000', 422); } //上传处理 $fileExt = pathinfo($_FILES['upload']['name'], PATHINFO_EXTENSION); $target = UPLOAD_DIR . "/" . basename($_FILES['upload']['tmp_name']) . ".{$fileExt}"; //如果需要裁剪图片则裁剪,不需要直接保存 if (isset($_POST['x']) && isset($_POST['y']) && !empty($_POST['w']) && !empty($_POST['h']) && !empty($_POST['iw'])) { cropImage($target, $_FILES['upload']['tmp_name'], $_POST['x'], $_POST['y'], $_POST['w'], $_POST['h'], $_POST['iw']); } else {