修改 Chevereto 使其 API 支持相册、描述

这是一篇存档

文件路径:app/app/routes/overrides/route.api.php

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
<?php
 
/* --------------------------------------------------------------------
 
  Chevereto
 
  @author   Rodolfo Berrios A. <http://rodolfoberrios.com/>
            <inbox@rodolfoberrios.com>
 
  Copyright (C) Rodolfo Berrios A. All rights reserved.
   
  BY USING THIS SOFTWARE YOU DECLARE TO ACCEPT THE CHEVERETO EULA
 
  --------------------------------------------------------------------- */
 
  /* API v1 : PLEASE NOTE
      
     This API v1 is currently just a bridge to port to Chevereto 3 the API from Chevereto 2.
     From now on Chevereto 2 API will be named API v1
      
     In future releases there will be an API v2 which will add methods like create user, create albums, etc.
      
  */
   
$route = function($handler) {
    try {
        $version = $handler->request[0];
        $action = $handler->request[1];
         
        if(is_null(CHV\getSetting('api_v1_key')) or CHV\getSetting('api_v1_key') == '') {
            throw new Exception("API v1 key can't be null. Go to your dashboard and set the API v1 key.", 0);
        }
         
        // Change CHV\getSetting('api_v1_key') to 'something' if you want to use 'something' as key
        if(!G\timing_safe_compare(CHV\getSetting('api_v1_key'), $_REQUEST['key'])) {
            throw new Exception("Invalid API v1 key.", 100);
        }
         
        if(!in_array($version, [1])) {
            throw new Exception('Invalid API version.', 110);
        }
         
        $version_to_actions = [
            1 => ['upload']
        ];
         
        if(!in_array($action, $version_to_actions[$version])) {
            throw new Exception('Invalid API action.', 120);
        }
         
        // API V1 upload
        $source = isset($_FILES['source']) ? $_FILES['source'] : $_REQUEST['source'];
         
        if(is_null($source)) {
            throw new Exception('Empty upload source.', 130);
        }
 
        if($_FILES['source']['tmp_name']) { // File?
            $source = $_FILES['source'];
            $type = 'file';
        } else {
            if(!G\is_image_url($source) && !G\is_url($source)) {
             
                // Base64 comes from POST?
                if($_SERVER['REQUEST_METHOD'] !== 'POST') {
                    throw new Exception('Upload using base64 source must be done using POST method.', 130);
                }
                 
                // Fix the $source base64 string
                $source = trim(preg_replace('/\s+/', '', $source));
                 
                // From _GET source should be urlencoded base64
                if(!G\timing_safe_compare(base64_encode(base64_decode($source)), $source)){
                    throw new Exception('Invalid base64 string.', 120);
                }
                 
                // Set the API temp file       
                $api_temp_file = @tempnam(sys_get_temp_dir(), 'chvtemp');
                 
                if(!$api_temp_file or !@is_writable($api_temp_file)) {
                    throw new UploadException("Can't get a tempnam.", 200);
                }
                     
                $fh = fopen($api_temp_file, 'w');
                stream_filter_append($fh, 'convert.base64-decode', STREAM_FILTER_WRITE);
                if(!@fwrite($fh, $source)) {
                    throw new Exception('Invalid base64 string.', 130);
                } else {
                    // Since all the validations works with $_FILES, we're going to emulate it.
                    $source = array(
                        'name'      => G\random_string(12).'.jpg',
                        'type'      => 'image/jpeg',
                        'tmp_name'  => $api_temp_file,
                        'error'     => 'UPLOAD_ERR_OK',
                        'size'      => '1'
                    );
                }
                fclose($fh);
            }
        }
         
        // CHV\Image::uploadToWebsite($source, 'username', [params]) to inject API uploads to a given username
        // 上传到用户 telegrambot 的相册 Telegram
        // 修改 class.image.php isDuplicatedUpload 函数,将 SQL 查询中的 IP、日期条件删除
        // 使用 ID 访问图片,在 route.image.php 33L 后添加:if(((int)$handler->request[0]) > 10) $id = $handler->request[0];
        $album_id = 21;
        if(isset($_REQUEST["album_id"])) {
            $album_id = (int)$_REQUEST["album_id"];
            if($album_id < 0) $album_id = 21;
        }
        $uploaded_id = CHV\Image::uploadToWebsite($source, 'telegrambot', ['album_id' => $album_id, 'description' => (string)urldecode($_REQUEST['description'])]);
        $json_array['status_code'] = 200;
        $json_array['success'] = array('message' => 'image uploaded', 'code' => 200);
        $json_array['image'] = CHV\Image::formatArray(CHV\Image::getSingle($uploaded_id, false, false), true);
 
        // print_r($source);
        // G\Render\json_output($source['tmp_name']);
        // die();
        // $api_temp_file
        // G\Render\json_output(Image::isDuplicatedUpload(md5_file($api_temp_file)));
        //
 
         
        if($version == 1) {
            switch($_REQUEST['format']) {
                default:
                case 'json':
                    G\Render\json_output($json_array);
                break;
                case 'txt':
                    echo $json_array['image']['url'];
                break;
                case 'redirect':
                    if($json_array['status_code'] == 200) {
                        $redirect_url = $json_array['image']['url_viewer'];
                        header("Location: $redirect_url");
                    } else {
                        die($json_array['status_code']);
                    }
                break;
            }
            die();
        } else {
            G\Render\json_output($json_array);
        }
         
    } catch(Exception $e) {
        $json_array = G\json_error($e);
        if($version == 1) {
            switch($_REQUEST['format']) {
                default:
                case 'json':
                    G\Render\json_output($json_array);
                    break;
                case 'txt':
                case 'redirect':
                    die($json_array['error']['message']);
                    break;
            }
        } else {
            G\Render\json_output($json_array);
        }
         
    }
};

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注

这个站点使用 Akismet 来减少垃圾评论。了解你的评论数据如何被处理