这是一篇存档
文件路径:app/app/routes/overrides/route.api.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 | <?php /* -------------------------------------------------------------------- Chevereto @author Rodolfo Berrios A. <http://rodolfoberrios.com/> <inbox@rodolfoberrios.com> Copyright (C) Rodolfo Berrios A. All rights reserved. BY USING THIS SOFTWARE YOU DECLARE TO ACCEPT THE CHEVERETO EULA --------------------------------------------------------------------- */ /* API v1 : PLEASE NOTE This API v1 is currently just a bridge to port to Chevereto 3 the API from Chevereto 2. From now on Chevereto 2 API will be named API v1 In future releases there will be an API v2 which will add methods like create user, create albums, etc. */ $route = function ( $handler ) { try { $version = $handler ->request[0]; $action = $handler ->request[1]; if ( is_null (CHV\getSetting( 'api_v1_key' )) or CHV\getSetting( 'api_v1_key' ) == '' ) { throw new Exception( "API v1 key can't be null. Go to your dashboard and set the API v1 key." , 0); } // Change CHV\getSetting('api_v1_key') to 'something' if you want to use 'something' as key if (!G\timing_safe_compare(CHV\getSetting( 'api_v1_key' ), $_REQUEST [ 'key' ])) { throw new Exception( "Invalid API v1 key." , 100); } if (!in_array( $version , [1])) { throw new Exception( 'Invalid API version.' , 110); } $version_to_actions = [ 1 => [ 'upload' ] ]; if (!in_array( $action , $version_to_actions [ $version ])) { throw new Exception( 'Invalid API action.' , 120); } // API V1 upload $source = isset( $_FILES [ 'source' ]) ? $_FILES [ 'source' ] : $_REQUEST [ 'source' ]; if ( is_null ( $source )) { throw new Exception( 'Empty upload source.' , 130); } if ( $_FILES [ 'source' ][ 'tmp_name' ]) { // File? $source = $_FILES [ 'source' ]; $type = 'file' ; } else { if (!G\is_image_url( $source ) && !G\is_url( $source )) { // Base64 comes from POST? if ( $_SERVER [ 'REQUEST_METHOD' ] !== 'POST' ) { throw new Exception( 'Upload using base64 source must be done using POST method.' , 130); } // Fix the $source base64 string $source = trim(preg_replace( '/\s+/' , '' , $source )); // From _GET source should be urlencoded base64 if (!G\timing_safe_compare( base64_encode ( base64_decode ( $source )), $source )){ throw new Exception( 'Invalid base64 string.' , 120); } // Set the API temp file $api_temp_file = @tempnam(sys_get_temp_dir(), 'chvtemp' ); if (! $api_temp_file or !@ is_writable ( $api_temp_file )) { throw new UploadException( "Can't get a tempnam." , 200); } $fh = fopen ( $api_temp_file , 'w' ); stream_filter_append( $fh , 'convert.base64-decode' , STREAM_FILTER_WRITE); if (!@fwrite( $fh , $source )) { throw new Exception( 'Invalid base64 string.' , 130); } else { // Since all the validations works with $_FILES, we're going to emulate it. $source = array ( 'name' => G\random_string(12). '.jpg' , 'type' => 'image/jpeg' , 'tmp_name' => $api_temp_file , 'error' => 'UPLOAD_ERR_OK' , 'size' => '1' ); } fclose( $fh ); } } // CHV\Image::uploadToWebsite($source, 'username', [params]) to inject API uploads to a given username // 上传到用户 telegrambot 的相册 Telegram // 修改 class.image.php isDuplicatedUpload 函数,将 SQL 查询中的 IP、日期条件删除 // 使用 ID 访问图片,在 route.image.php 33L 后添加:if(((int)$handler->request[0]) > 10) $id = $handler->request[0]; $album_id = 21; if (isset( $_REQUEST [ "album_id" ])) { $album_id = (int) $_REQUEST [ "album_id" ]; if ( $album_id < 0) $album_id = 21; } $uploaded_id = CHV\Image::uploadToWebsite( $source , 'telegrambot' , [ 'album_id' => $album_id , 'description' => (string)urldecode( $_REQUEST [ 'description' ])]); $json_array [ 'status_code' ] = 200; $json_array [ 'success' ] = array ( 'message' => 'image uploaded' , 'code' => 200); $json_array [ 'image' ] = CHV\Image::formatArray(CHV\Image::getSingle( $uploaded_id , false, false), true); // print_r($source); // G\Render\json_output($source['tmp_name']); // die(); // $api_temp_file // G\Render\json_output(Image::isDuplicatedUpload(md5_file($api_temp_file))); // if ( $version == 1) { switch ( $_REQUEST [ 'format' ]) { default : case 'json' : G\Render\json_output( $json_array ); break ; case 'txt' : echo $json_array [ 'image' ][ 'url' ]; break ; case 'redirect' : if ( $json_array [ 'status_code' ] == 200) { $redirect_url = $json_array [ 'image' ][ 'url_viewer' ]; header( "Location: $redirect_url" ); } else { die ( $json_array [ 'status_code' ]); } break ; } die (); } else { G\Render\json_output( $json_array ); } } catch (Exception $e ) { $json_array = G\json_error( $e ); if ( $version == 1) { switch ( $_REQUEST [ 'format' ]) { default : case 'json' : G\Render\json_output( $json_array ); break ; case 'txt' : case 'redirect' : die ( $json_array [ 'error' ][ 'message' ]); break ; } } else { G\Render\json_output( $json_array ); } } }; |