function basic_auth_do()
{
if (!is_login()) {
if (intval(kget('bauth_on')) == 1) {
if (!isset($_SERVER['PHP_AUTH_USER'])) {
//
header('WWW-Authenticate: Basic realm="' . c('site_name') . '"');
header('HTTP/1.0 401 Unauthorized');
echo 'Members Only';
exit;
} else {
if (t($_SERVER['PHP_AUTH_USER']) != t(kget('bauth_username')) || t($_SERVER['PHP_AUTH_PW']) != t(kget('bauth_password'))) {
echo 'Bad username or password. Close browser and try again';
exit;
}
}
}
}
}
/**
* 检查是否存在新版本
*
*
* @param string token , 必填
* @return info array ( 'new' , 'version' , 'info' )
* @author EasyChen
*/
public function check_new_verison($in = false)
{
$last = intval(kget('last_check'));
if ($last > 0 && time() - $last < 60 * 60 && $in) {
// checked in 1 hour
// do nothing
} else {
// set timeout
$ctx = stream_context_create(array('http' => array('timeout' => 3)));
// send domain and uid to help teamtoy.net anti-cc attack
$url = c('teamtoy_url') . '/?a=last_version&domain=' . c('site_domain') . '&uid=' . $user['id'];
if (c('dev_version')) {
$url = $url . '&dev=1';
}
$new = false;
if ($info = @file_get_contents($url, 0, $ctx)) {
$info_array = json_decode($info, true);
if ($new_build = intval($info_array['version'])) {
if ($new_build > local_version()) {
$new = true;
$last_noticed_version = intval(kget('last_notice'));
if ($last_noticed_version > 0) {
if ($new_build > $last_noticed_version) {
$send = 1;
} else {
$send = 0;
}
} else {
$send = 1;
}
if ($send == 1) {
// send notice to current user
$text = __('API_TEXT_NEW_VERSION', $new_build);
if (!$in) {
send_notice(uid(), $text, 10, array('info' => $info_array['desp']));
kset('last_notice', $new_build);
}
}
}
kset('last_check', time());
}
}
if (!$in) {
if ($new) {
return self::send_result(array('new' => 1, 'info' => $info_array['desp'], 'version' => $info_array['version']));
} else {
return self::send_result(array('new' => 0));
}
}
}
}
public function fields_settings()
{
$settings = array();
$settings[] = array('text' => '入', 'value' => 'input', 'desp' => '作为输入参数');
$settings[] = array('text' => '返', 'value' => 'output', 'desp' => '作为返回值');
$settings[] = array('text' => '必', 'value' => 'required', 'desp' => '必填参数');
$settings[] = array('text' => '%', 'value' => 'like', 'desp' => 'Like匹配');
$settings[] = array('text' => '=', 'value' => 'equal', 'desp' => '相等匹配');
$data['settings'] = $settings;
$data['table'] = z(t(v('table')));
$data['field'] = z(t(v('field')));
$data['action'] = z(t(v('action')));
$data['tdid'] = intval(v('tdid'));
$data['title'] = '字段属性设置';
$data['finfo'] = unserialize(kget('msetting_' . $data['table'] . '_' . $data['action'] . '_' . $data['field']));
return render($data, 'ajax');
}
function mail_queue_inbox_icon()
{
if (intval(kget('mqueue_on')) == 1) {
if (intval(kget('mqueue_usettings_' . uid())) == 1) {
?>
<li id="mqueue_settings" class="on"><a href="javascript:mail_settings_toggle();void(0);" title="<?php
echo __('PL_MAIL_QUEUE_TITLE_SHORT');
?>
" ><img src="<?php
echo image('settings.btn.email.png');
?>
"/></a></li>
<?php
} else {
?>
<li id="mqueue_settings" ><a href="javascript:mail_settings_toggle();void(0);" title="<?php
echo __('PL_MAIL_QUEUE_TITLE_SHORT');
?>
" ><img src="<?php
echo image('settings.btn.email.png');
?>
"/></a></li>
<?php
}
}
}
function plugin_dropbox()
{
$data['dropbox_akey'] = kget('dropbox_akey');
$data['dropbox_on'] = kget('dropbox_on');
return render($data, 'ajax', 'plugin', 'dropbox');
}
function sendcloud_mail($to, $subject, $content, $bcc = false)
{
$to = str_replace(',', ';', $to);
$option = array('api_user' => kget('sendcloud_user'), 'api_key' => kget('sendcloud_key'), 'from' => kget('sendcloud_from'), 'to' => $to, 'subject' => $subject, 'html' => $content);
if ($bcc !== false) {
$option['bcc'] = $bcc;
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($ch, CURLOPT_URL, kget('sendcloud_url'));
curl_setopt($ch, CURLOPT_POSTFIELDS, $option);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 3);
$result = curl_exec($ch);
curl_close($ch);
$ret = json_decode($result, 1);
kset('last-sendcloud-info', $result);
return strtolower($ret['message']) == 'success';
}
function is_email_accepted($email)
{
$pattern = '#' . kget('openid_auth_email_pattern') . '#';
return preg_match($pattern, $email);
}
public function index()
{
//print_r( $_REQUEST );
$table = z(t(v('_table')));
$action = z(t(v('_interface')));
if (strlen($table) < 1 || strlen($action) < 1) {
return $this->send_error(LR_API_ARGS_ERROR, 'BAD ARGS');
}
// user define code
if ($my_code = get_var("SELECT `code` FROM `__meta_code` WHERE `table` = '" . s($table) . "' AND `action` = '" . s($action) . "' LIMIT 1")) {
return eval($my_code);
exit;
}
// check table
$tables = get_table_list(db());
if (!in_array($table, $tables)) {
return $this->send_error(LR_API_ARGS_ERROR, 'TABLE NOT EXISTS');
}
if ($table == c('token_table_name') && $action == 'get_token') {
return $this->get_token();
}
$fields = get_fields($table);
$ainfo = unserialize(kget('msetting_' . $table . '_' . $action));
$in_code = kget('iosetting_input_' . $table . '_' . $action);
$out_code = kget('iosetting_output_' . $table . '_' . $action);
// run user defined input fliter
if (strlen($in_code) > 0) {
eval($in_code);
}
if ($ainfo['on'] != 1) {
return $this->send_error(LR_API_ARGS_ERROR, 'API NOT AVAILABLE');
}
if ($ainfo['public'] != 1) {
$this->check_token();
}
$requires = array();
$inputs = array();
$outs = array();
$likes = array();
$equal = array();
foreach ($fields as $field) {
$finfo = unserialize(kget('msetting_' . $table . '_' . $action . '_' . $field));
if ($finfo['required'] == 1) {
$requires[] = $field;
}
if ($finfo['input'] == 1) {
$inputs[] = $field;
}
if ($finfo['output'] == 1) {
$outputs[] = $field;
}
if ($finfo['like'] == 1) {
$likes[] = $field;
}
if ($finfo['equal'] == 1) {
$equals[] = $field;
}
}
// check require
if (count($requires) > 0) {
foreach ($requires as $require) {
if (strlen(v($require)) < 1) {
return $this->send_error(LR_API_ARGS_ERROR, z(t($require)) . ' FIELD REQUIRED');
}
}
}
// build sql
switch ($action) {
case 'insert':
if (count($inputs) < 1) {
$this->send_error(LR_API_ARGS_ERROR, 'INPUT MUST HAS 1 FIELD AT LEAST');
}
if (count($outputs) < 1) {
$this->send_error(LR_API_ARGS_ERROR, 'OUTPUT MUST HAS 1 FIELD AT LEAST');
}
foreach ($inputs as $input) {
$dsql[] = "'" . s(v($input)) . "'";
}
$sql = "INSERT INTO `" . s($table) . "` ( " . rjoin(' , ', '`', $inputs) . " ) VALUES ( " . join(' , ', $dsql) . " )";
//echo $sql;
run_sql($sql);
if (mysql_errno() != 0) {
$this->send_error(LR_API_DB_ERROR, 'DATABASE ERROR ' . mysql_error());
}
$lid = last_id();
if ($lid < 1) {
$this->send_error(LR_API_DB_ERROR, 'DATABASE ERROR ' . mysql_error());
}
if (!($data = get_data("SELECT " . rjoin(' , ', '`', $outputs) . " FROM `" . s($table) . "` WHERE `id` = '" . intval($lid) . "'", db()))) {
$this->send_error(LR_API_DB_ERROR, 'DATABASE ERROR ' . mysql_error());
} else {
if (strlen($out_code) > 0) {
eval($out_code);
}
$this->send_result($data);
}
break;
case 'update':
if (count($inputs) < 1) {
return $this->send_error(LR_API_ARGS_ERROR, 'INPUT MUST HAS 1 FIELD AT LEAST');
}
if (count($requires) < 1) {
return $this->send_error(LR_API_ARGS_ERROR, 'REQUIRE MUST HAS 1 FIELD AT LEAST');
}
foreach ($inputs as $input) {
if (!in_array($input, $likes) && !in_array($input, $equals)) {
if (isset($_REQUEST[$input])) {
$dsql[] = " `" . s($input) . "` = '" . s(v($input)) . "' ";
}
} else {
if (in_array($input, $likes)) {
$wsql[] = " `" . s($input) . "` LIKE '%" . s(v($input)) . "%' ";
} else {
$wsql[] = " `" . s($input) . "` = '" . s(v($input)) . "' ";
}
}
}
if (!isset($dsql) || !isset($wsql)) {
return $this->send_error(LR_API_ARGS_ERROR, 'INPUT AND LIKE/EQUALS MUST HAS 1 FIELD AT LEAST');
}
$sql = "UPDATE `" . s($table) . "` SET " . join(' , ', $dsql) . ' WHERE ' . join(' AND ', $wsql);
//echo $sql ;
run_sql($sql);
if (mysql_errno() != 0) {
$this->send_error(LR_API_DB_ERROR, 'DATABASE ERROR ' . mysql_error());
}
$lid = intval(v('id'));
if ($lid < 1) {
$this->send_error(LR_API_DB_ERROR, 'DATABASE ERROR ' . mysql_error());
}
if (!($data = get_data("SELECT " . rjoin(' , ', '`', $outputs) . " FROM `" . s($table) . "` WHERE `id` = '" . intval($lid) . "'"))) {
$this->send_error(LR_API_DB_ERROR, 'DATABASE ERROR ' . mysql_error());
} else {
if (strlen($out_code) > 0) {
eval($out_code);
}
$this->send_result($data);
}
break;
case 'remove':
if (count($inputs) < 1) {
return $this->send_error(LR_API_ARGS_ERROR, 'INPUT MUST HAS 1 FIELD AT LEAST');
}
if (count($requires) < 1) {
return $this->send_error(LR_API_ARGS_ERROR, 'REQUIRE MUST HAS 1 FIELD AT LEAST');
}
foreach ($inputs as $input) {
if (in_array($input, $likes)) {
$wsql[] = " `" . s($input) . "` LIKE '%" . s(v($input)) . "%' ";
} elseif (in_array($input, $equals)) {
$wsql[] = " `" . s($input) . "` = '" . s(v($input)) . "' ";
}
}
if (!isset($wsql)) {
return $this->send_error(LR_API_ARGS_ERROR, 'INPUT AND LIKE/EQUALS MUST HAS 1 FIELD AT LEAST');
}
if (count($outputs) > 0) {
$sql = "SELECT " . rjoin(',', '`', $outputs) . " FROM `" . s($table) . "` WHERE " . join(' AND ', $wsql);
$data = get_line($sql);
if (mysql_errno() != 0) {
return $this->send_error(LR_API_DB_ERROR, 'DATABASE ERROR ' . mysql_error());
}
}
$sql = "DELETE FROM `" . s($table) . "` WHERE " . join(' AND ', $wsql);
run_sql($sql);
if (mysql_errno() != 0) {
$this->send_error(LR_API_DB_ERROR, 'DATABASE ERROR ' . mysql_error());
} else {
if (count($outputs) < 1) {
return $this->send_result(array('msg' => 'ok'));
} else {
if (strlen($out_code) > 0) {
eval($out_code);
}
return $this->send_result($data);
}
}
break;
case 'list':
default:
$since_id = intval(v('since_id'));
$max_id = intval(v('max_id'));
$count = intval(v('count'));
$order = strtolower(z(t(v('ord'))));
$by = strtolower(z(t(v('by'))));
if ($order == 'asc') {
$ord = ' ASC ';
} else {
$ord = ' DESC ';
}
if (strlen($by) > 0) {
$osql = ' ORDER BY `' . s($by) . '` ' . $ord . ' ';
} else {
$osql = '';
}
if ($count < 1) {
$count = 10;
}
if ($count > 100) {
$count = 100;
}
if (count($outputs) < 1) {
$this->send_error(LR_API_ARGS_ERROR, 'OUTPUT MUST HAS 1 FIELD AT LEAST');
}
$sql = "SELECT " . rjoin(',', '`', $outputs) . " FROM `" . s($table) . "` WHERE 1 ";
if ($since_id > 0) {
$wsql = " AND `id` > '" . intval($since_id) . "' ";
} elseif ($max_id > 0) {
$wsql = " AND `id` < '" . intval($max_id) . "' ";
}
if (count($inputs) > 0 && count($likes) + count($equals) > 0) {
// AND `xxx` == $xxx
if (count($likes) > 0) {
foreach ($likes as $like) {
if (z(t(v($like))) != '') {
$wwsql[] = " AND `" . s($like) . "` LIKE '%" . s(v($like)) . "%' ";
}
}
}
if (count($equals) > 0) {
foreach ($equals as $equal) {
if (z(t(v($equal))) != '') {
$wwsql[] = " AND `" . s($equal) . "` = '" . s(v($equal)) . "' ";
}
}
}
if (isset($wwsql)) {
$wsql = $wsql . join(' ', $wwsql);
}
}
$sql = $sql . $wsql . $osql . " LIMIT " . $count;
//echo $sql;
if ($idata = get_data($sql)) {
$first = reset($idata);
$max_id = $first['id'];
$min_id = $first['id'];
foreach ($idata as $item) {
if ($item['id'] > $max_id) {
$max_id = $item['id'];
}
if ($item['id'] < $min_id) {
$min_id = $item['id'];
}
}
$data = array('items' => $idata, 'max_id' => $max_id, 'min_id' => $min_id);
} else {
$data = $idata;
}
if (mysql_errno() != 0) {
return $this->send_error(LR_API_DB_ERROR, 'DATABASE ERROR ' . mysql_error());
} else {
if (strlen($out_code) > 0) {
eval($out_code);
}
return $this->send_result($data);
}
}
//return $this->send_error( LR_API_ARGS_ERROR , 'FIELD NOT EXISTS' );
}
public function lp3()
{
// 首先获取所有表
if ($tables = get_table_list(db())) {
$data['tables'] = $tables;
}
$data['actions'] = $actions = array('list', 'insert', 'remove', 'update');
foreach ($tables as $table) {
foreach ($actions as $action) {
$data['in_code'][$table][$action] = kget('iosetting_input_' . $table . '_' . $action);
$data['out_code'][$table][$action] = kget('iosetting_output_' . $table . '_' . $action);
$data['ainfo'][$table][$action] = unserialize(kget('msetting_' . $table . '_' . $action));
$data['in_code'][$table][$action] = kget('iosetting_input_' . $table . '_' . $action);
$data['out_code'][$table][$action] = kget('iosetting_output_' . $table . '_' . $action);
$fields = get_fields($table);
foreach ($fields as $field) {
$finfo = unserialize(kget('msetting_' . $table . '_' . $action . '_' . $field));
if ($finfo['required'] == 1) {
$data['requires'][$table][$action][] = $field;
}
if ($finfo['input'] == 1) {
$data['inputs'][$table][$action][] = $field;
}
if ($finfo['output'] == 1) {
$data['outputs'][$table][$action][] = $field;
}
if ($finfo['like'] == 1) {
$data['likes'][$table][$action][] = $field;
}
if ($finfo['equal'] == 1) {
$data['equals'][$table][$action][] = $field;
}
}
}
// 取得自定义接口
$data['my_actions'] = get_data("SELECT * FROM `__meta_code` WHERE `table` = '" . s($table) . "' ORDER BY `id` DESC");
}
ob_start();
@extract($data);
require AROOT . 'meta/api.sample.php';
$code = ob_get_contents();
ob_end_clean();
$code = "<?php \r\n" . $code . '?>';
include AROOT . 'function/phpbeautifier/PhpBeautifier.inc';
$beautify = new PhpBeautifier();
$beautify->tokenSpace = true;
//put space between tokens
$beautify->blockLine = true;
//put empty lines between blocks of code (if, while etc)
$beautify->optimize = false;
//optimize strings (for now), if a double quoted string does not contain variables of special carachters transform it to a single quoted string to save parsing time
if (v('read') == 1) {
highlight_string($beautify->process($code));
} else {
echo $beautify->process($code);
}
//echo $code;
/*
$smarty->assign( 'data' , $data );
echo $smarty->fetch( AROOT . 'meta/api.sample.php' );
*/
//echo 'lp3';
}