suwako
/
076server
アーカイブ
1
0
フォーク 0
コード イシュー プルリクエスト プロジェクト リリース Wiki アクティビティ

トークンでしょ

このコミットが含まれているのは:
テクニカル諏訪子 2019-05-25 09:52:37 +09:00
5948c206e8
コミット eeafe40e0b
8個のファイルの変更843行の追加843行の削除
統計情報を表示 Patchファイルをダウンロード Diffファイルをダウンロード すべてのファイルを展開 すべてのファイルを折り畳む

78
app/Http/Controllers/AuthController.php
ファイルの表示

@ -18,8 +18,8 @@ class AuthController extends Controller {
$this->objPermission = new PermissionController();
}
public function checkSelf(Request $request) { // /api/auth/checkself
$check = $this->checkLegit($request->kero_token);
public function checkSelf(Request $r) { // /api/auth/checkself
$check = $this->checkLegit($r->kero_token);
return array($check);
}
@ -37,8 +37,8 @@ class AuthController extends Controller {
return $check->id;
}
public function getPerms(Request $request) { // /api/auth/getpermissions
$check = $this->getPermissions($request->kero_token);
public function getPerms(Request $r) { // /api/auth/getpermissions
$check = $this->getPermissions($r->kero_token);
return array($check);
}
@ -236,17 +236,17 @@ class AuthController extends Controller {
}
}
public function register(Request $request) {
public function register(Request $r) {
$ip = $_SERVER['REMOTE_ADDR'];
// Anti-spam here.
if (!empty($request)) {
if (!empty($r)) {
// Check username.
//// Exists?
$existUser = DB::table('users')
->select('id')
->where('username', $request->username)
->where('username', $r->username)
->first();
if ($existUser != 0) {
@ -254,18 +254,18 @@ class AuthController extends Controller {
}
//// Empty?
if (empty($request->username)) {
if (empty($r->username)) {
return array('Username is empty.');
}
//// Valid?
if (preg_match("/^[a-zA-Z0-9]+$/", $request->username) == 0) {
if (preg_match("/^[a-zA-Z0-9]+$/", $r->username) == 0) {
return array('Please use English characters only.');
}
// Check password.
//// Empty?
if (empty($request->password)) {
if (empty($r->password)) {
return array('Password is empty.');
}
@ -273,7 +273,7 @@ class AuthController extends Controller {
//// Exists?
$existEmail = DB::table('users')
->select('id')
->where('email', $request->email)
->where('email', $r->email)
->first();
if ($existEmail != 0) {
@ -281,17 +281,17 @@ class AuthController extends Controller {
}
//// Empty?
if (empty($request->email)) {
if (empty($r->email)) {
return array('Email is empty.');
}
//// Valid?
if (!filter_var($request->email, FILTER_VALIDATE_EMAIL)) {
if (!filter_var($r->email, FILTER_VALIDATE_EMAIL)) {
return array('Email is invalid.');
}
$salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
$passwd = hash('sha256', $request->password . $salt);
$passwd = hash('sha256', $r->password . $salt);
for ($round = 0; $round < 65536; $round++) {
$passwd = hash('sha256', $passwd . $salt);
@ -299,8 +299,8 @@ class AuthController extends Controller {
$addUser = DB::table('users')
->insertGetId([
'username' => $request->username,
'email' => $request->email,
'username' => $r->username,
'email' => $r->email,
'password' => $passwd,
'salt' => $salt,
'remember_token' => '',
@ -336,7 +336,7 @@ class AuthController extends Controller {
DB::table('usr_profile')
->insert([
'user_id' => $addUser,
'gender' => ($request->gender ? $request->gender : 0),
'gender' => ($r->gender ? $r->gender : 0),
'member_title' => '',
'website_address' => '',
'website_name' => '',
@ -353,7 +353,7 @@ class AuthController extends Controller {
'name_style' => '',
'display_name' => '',
'yt_channel' => '',
'country' => ($request->country ? $request->country : 'ASEAN'),
'country' => ($r->country ? $r->country : 'ASEAN'),
'date_format' => '',
'isClock24' => 0,
'isShowSeconds' => 0,
@ -381,11 +381,11 @@ class AuthController extends Controller {
return array();
}
public function login(Request $request) {
if (!empty($request)) {
public function login(Request $r) {
if (!empty($r)) {
$checkName = DB::table('users')
->select('*')
->where('username', $request->username)
->where('username', $r->username)
->first(
'id',
'username',
@ -395,7 +395,7 @@ class AuthController extends Controller {
);
// $checkName = json_decode(json_encode($checkName), true);
$checkPass = hash('sha256', $request->password . $checkName->salt);
$checkPass = hash('sha256', $r->password . $checkName->salt);
for ($round = 0; $round < 65536; $round++) {
$checkPass = hash('sha256', $checkPass . $checkName->salt);
@ -444,8 +444,8 @@ class AuthController extends Controller {
else return 1;
}
public function SendReset(Request $request) {
$exist = $this->CheckEmail($request->email);
public function SendReset(Request $r) {
$exist = $this->CheckEmail($r->email);
if ($exist == 0) {
return 0;
@ -453,12 +453,12 @@ class AuthController extends Controller {
else {
$check = DB::table('usr_resets')
->select('token')
->where('email', $request->email)
->where('email', $r->email)
->count();
if ($check > 0) {
DB::table('usr_resets')
->where('email', $request->email)
->where('email', $r->email)
->delete();
}
@ -467,7 +467,7 @@ class AuthController extends Controller {
DB::table('usr_resets')
->insert([
'email' => $request->email,
'email' => $r->email,
'token' => $token,
'due_date' => $due
]);
@ -478,7 +478,7 @@ class AuthController extends Controller {
$user = DB::table('users')
->select('username')
->where('email', $request->email)
->where('email', $r->email)
->first();
$mess = str_replace('{user}', $user->username, $get->message);
@ -489,13 +489,13 @@ class AuthController extends Controller {
$headers = "MIME-Version: 1.0"."\r\n";
$headers .= "Content-Type: text/plain; charset=ISO-2022-JP"."\r\n";
$headers .= "To: ".$request->email."\r\n";
$headers .= "To: ".$r->email."\r\n";
$headers .= "From: ".mb_convert_encoding($get->sendname,"ISO-2022-JP","AUTO")." <".$get->sender.">"."\r\n";
mb_language("ja");
$res = mail(
$request->email,
$r->email,
$subj,
$mess2,
$headers,
@ -527,20 +527,20 @@ class AuthController extends Controller {
}
}
public function PasswordReset(Request $request) {
if (empty($request->password)) {
public function PasswordReset(Request $r) {
if (empty($r->password)) {
return 0;
}
$salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
$passwd = hash('sha256', $request->password . $salt);
$passwd = hash('sha256', $r->password . $salt);
for ($round = 0; $round < 65536; $round++) {
$passwd = hash('sha256', $passwd . $salt);
}
$res = DB::table('users')
->where('email', $request->email)
->where('email', $r->email)
->update([
'password' => $passwd,
'salt' => $salt
@ -549,15 +549,15 @@ class AuthController extends Controller {
return 1;
}
public function recover(Request $request) {
$user = User::where('email', $request->email)->first();
public function recover(Request $r) {
$user = User::where('email', $r->email)->first();
if (!$user) {
$error_message = "Your email address was not found.";
return response()->json(['success' => false, 'error' => ['email'=> $error_message]], 401);
}
try {
Password::sendResetLink($request->only('email'), function (Message $message) {
Password::sendResetLink($r->only('email'), function (Message $message) {
$message->subject('Your Password Reset Link');
});
} catch (\Exception $e) {
@ -570,10 +570,10 @@ class AuthController extends Controller {
]);
}
public function checkAuth(Request $request) {
public function checkAuth(Request $r) {
$get = DB::table('users')
->select('id', 'kero_token')
->where('kero_token', $request->kero_token)
->where('kero_token', $r->kero_token)
->first();
$get = json_decode(json_encode($get), true);

342
app/Http/Controllers/BoardController.php
ファイルの表示

@ -43,14 +43,14 @@ class BoardController extends Controller {
->get();
}
public function checkRead($for, $top, $username, $password) {
$check = $this->objAuth->checkLegit($username, $password);
public function checkRead($for, $top, $kero_token) {
$check = $this->objAuth->checkLegit($kero_token);
if ($check == 0) {
$yetToRead = false;
}
else {
$valid = $this->objAuth->getPermissions($username, $password);
$valid = $this->objAuth->getPermissions($kero_token);
$yetToRead = false;
if ($valid['for_canview']) {
@ -66,14 +66,14 @@ class BoardController extends Controller {
$isRead[] = array('id' => $top);
}
foreach ($isRead as $r) {
foreach ($isRead as $read) {
$rid = 0;
if ($for != 0) {
$rid = $r->id;
$rid = $read->id;
}
else {
$rid = $r['id'];
$rid = $read['id'];
}
$get = DB::table('for_read')
@ -105,14 +105,14 @@ class BoardController extends Controller {
return $yetToRead;
}
public function markReadAll (Request $request) {
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function markReadAll (Request $r) {
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Guests can\'t read';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_canview']) {
$tid = DB::table('for_threads')
@ -126,8 +126,8 @@ class BoardController extends Controller {
->count();
if ($chk) {
$request->top_id = $t->id;
$this->readTopic($request);
$r->top_id = $t->id;
$this->readTopic($r);
}
else {
$getPost = DB::table('for_posts')
@ -154,19 +154,19 @@ class BoardController extends Controller {
}
}
public function markReadCat (Request $request) {
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function markReadCat (Request $r) {
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Guests can\'t read';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_canview']) {
$fid = DB::table('for_forums')
->select('id')
->where('cat_id', $request->cat_id)
->where('cat_id', $r->cat_id)
->get();
foreach ($fid as $f) {
@ -182,8 +182,8 @@ class BoardController extends Controller {
->count();
if ($chk) {
$request->top_id = $t->id;
$this->readTopic($request);
$r->top_id = $t->id;
$this->readTopic($r);
}
else {
$getPost = DB::table('for_posts')
@ -211,19 +211,19 @@ class BoardController extends Controller {
}
}
public function markRead (Request $request) {
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function markRead (Request $r) {
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Guests can\'t read';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_canview']) {
$tid = DB::table('for_threads')
->select('id')
->where('for_id', $request->for_id)
->where('for_id', $r->for_id)
->get();
foreach ($tid as $t) {
@ -233,8 +233,8 @@ class BoardController extends Controller {
->count();
if ($chk) {
$request->top_id = $t->id;
$this->readTopic($request);
$r->top_id = $t->id;
$this->readTopic($r);
}
else {
$getPost = DB::table('for_posts')
@ -261,25 +261,25 @@ class BoardController extends Controller {
}
}
public function readTopic(Request $request) { // /api/rpc/board/topic/read
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function readTopic(Request $r) { // /api/rpc/board/topic/read
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Guests can\'t read';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_canview']) {
$getRead = DB::table('for_read')
->select('view_time')
->where('user_id', $check)
->where('top_id', $request->top_id)
->where('top_id', $r->top_id)
->first();
$getPost = DB::table('for_posts')
->select('post_date')
->where('top_id', $request->top_id)
->where('top_id', $r->top_id)
->orderBy('post_date', 'desc')
->limit(1)
->first();
@ -287,7 +287,7 @@ class BoardController extends Controller {
if ($getRead->view_time < $getPost->post_date) {
DB::table('for_read')
->where('user_id', $check)
->where('top_id', $request->top_id)
->where('top_id', $r->top_id)
->update([
'view_time' => $getPost->post_date
]);
@ -303,20 +303,20 @@ class BoardController extends Controller {
}
}
public function addCategory(Request $request) { // /api/rpc/board/category/add
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function addCategory(Request $r) { // /api/rpc/board/category/add
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_catmod'] == 1) {
$add = DB::table('for_category')
->insertGetId([
'title' => $request->title,
'order' => $request->order
'title' => $r->title,
'order' => $r->order
]);
return $add;
@ -327,37 +327,37 @@ class BoardController extends Controller {
}
}
public function editCategory(Request $request) { // /api/rpc/board/category/edit
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function editCategory(Request $r) { // /api/rpc/board/category/edit
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_catmod'] == 1) {
return DB::table('for_category')
->where('id', $request->id)
->where('id', $r->id)
->update([
'id' => $request->id,
'title' => $request->title
'id' => $r->id,
'title' => $r->title
]);
}
}
}
public function deleteCategory(Request $request) { // /api/rpc/board/category/delete
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function deleteCategory(Request $r) { // /api/rpc/board/category/delete
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_catmod'] == 1) {
return DB::table('for_category')->where('id', $request->id)->delete();
return DB::table('for_category')->where('id', $r->id)->delete();
}
}
}
@ -407,30 +407,30 @@ class BoardController extends Controller {
->get();
}
public function addForum(Request $request) { // /api/rpc/board/forum/add
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function addForum(Request $r) { // /api/rpc/board/forum/add
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_formod'] == 1) {
$add = DB::table('for_forums')
->insertGetId([
'last_uid' => 0,
'cat_id' => $request->cat_id,
'title' => $request->title,
'description' => $request->description,
'cat_id' => $r->cat_id,
'title' => $r->title,
'description' => $r->description,
'threads' => 0,
'posts' => 0,
'last_date' => 0,
'min_power' => 0,
'permission' => 0,
'readonly' => $request->ro,
'post_count_freeze' => $request->pcf,
'order' => $request->order,
'readonly' => $r->ro,
'post_count_freeze' => $r->pcf,
'order' => $r->order,
'parent' => 0
]);
@ -442,40 +442,40 @@ class BoardController extends Controller {
}
}
public function editForum(Request $request) { // /api/rpc/board/forum/edit
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function editForum(Request $r) { // /api/rpc/board/forum/edit
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_formod'] == 1) {
return DB::table('for_forums')
->where('id', $request->id)
->where('id', $r->id)
->update([
'cat_id' => $request->cat_id,
'title' => $request->title,
'description' => $request->description,
'readonly' => $request->ro,
'post_count_freeze' => $request->pcf
'cat_id' => $r->cat_id,
'title' => $r->title,
'description' => $r->description,
'readonly' => $r->ro,
'post_count_freeze' => $r->pcf
]);
}
}
}
public function deleteForum(Request $request) { // /api/rpc/board/forum/delete
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function deleteForum(Request $r) { // /api/rpc/board/forum/delete
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_formod'] == 1) {
return DB::table('for_forums')->where('id', $request->id)->delete();
return DB::table('for_forums')->where('id', $r->id)->delete();
}
}
}
@ -726,7 +726,7 @@ class BoardController extends Controller {
return $get;
}
public function getPostsofUser($user_id, $from, $to, Request $request) {
public function getPostsofUser($user_id, $from, $to, Request $r) {
$getting = array(
'for_posts.id',
'top_id',
@ -752,7 +752,7 @@ class BoardController extends Controller {
'country'
);
// $valid = $this->objAuth->getPermissions($request->username, $request->password);
// $valid = $this->objAuth->getPermissions($r->kero_token);
return DB::table('for_posts')
->join('users', 'for_posts.user_id', '=', 'users.id')
@ -766,7 +766,7 @@ class BoardController extends Controller {
->get($getting);
}
public function getUserPosts($top_id, $from, $to, Request $request) { // /api/rpc/board/post/getuserposts/top/from/to
public function getUserPosts($top_id, $from, $to, Request $r) { // /api/rpc/board/post/getuserposts/top/from/to
$getting = array(
'for_posts.id',
'top_id',
@ -793,7 +793,7 @@ class BoardController extends Controller {
'country'
);
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
return DB::table('for_posts')
->join('users', 'for_posts.user_id', '=', 'users.id')
@ -807,7 +807,7 @@ class BoardController extends Controller {
->get($getting);
}
public function getUserPost($id, Request $request) { // /api/rpc/board/post/getuserpost/id
public function getUserPost($id, Request $r) { // /api/rpc/board/post/getuserpost/id
$getting = array(
'for_posts.id',
'top_id',
@ -834,7 +834,7 @@ class BoardController extends Controller {
'country'
);
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
return DB::table('for_posts')
->join('users', 'for_posts.user_id', '=', 'users.id')
@ -846,17 +846,17 @@ class BoardController extends Controller {
->get($getting);
}
public function addTopic(Request $request) { // /api/rpc/board/topic/add
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function addTopic(Request $r) { // /api/rpc/board/topic/add
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_post'] == 1) {
$fpc = $this->getPostCountFreeze($request->for_id);
$fpc = $this->getPostCountFreeze($r->for_id);
if ($fpc === 0) {
$next = $this->getNextPostCount($check);
@ -866,8 +866,8 @@ class BoardController extends Controller {
}
$addTopic = DB::table('for_threads')
->insertGetId([
'for_id' => $request->for_id,
'title' => $request->title,
'for_id' => $r->for_id,
'title' => $r->title,
'started_by' => $check,
'replies' => 0,
'views' => 0,
@ -885,12 +885,12 @@ class BoardController extends Controller {
'top_id' => $addTopic,
'user_id' => $check,
'post_date' => time(),
'message' => $request->message,
'message' => $r->message,
'delete' => 0,
'lastedit' => 0,
'ipaddress' => $request->ipaddress,
'ipaddress' => $r->ipaddress,
'delreason' => '',
'nolayout' => $request->nolayout,
'nolayout' => $r->nolayout,
'postcount' => $next
]);
@ -902,17 +902,17 @@ class BoardController extends Controller {
}
}
public function addPost(Request $request) { // /api/rpc/board/post/add
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function addPost(Request $r) { // /api/rpc/board/post/add
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_post'] == 1) {
$fid = $this->getForumIdFromTopic($request->top_id);
$fid = $this->getForumIdFromTopic($r->top_id);
$fpc = $this->getPostCountFreeze($fid);
if ($fpc === 0) {
@ -923,19 +923,19 @@ class BoardController extends Controller {
}
$add = DB::table('for_posts')
->insertGetId([
'top_id' => $request->top_id,
'top_id' => $r->top_id,
'user_id' => $check,
'post_date' => time(),
'message' => $request->message,
'message' => $r->message,
'delete' => 0,
'lastedit' => 0,
'ipaddress' => $request->ipaddress,
'ipaddress' => $r->ipaddress,
'delreason' => '',
'nolayout' => $request->nolayout,
'nolayout' => $r->nolayout,
'postcount' => $next
]);
return $this->browseTopicPosts('p', $add, 0, 15, $request);
return $this->browseTopicPosts('p', $add, 0, 15, $r);
}
else {
return 'Permission denied.';
@ -943,56 +943,56 @@ class BoardController extends Controller {
}
}
public function editPost(Request $request) { // /api/rpc/board/post/edit
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function editPost(Request $r) { // /api/rpc/board/post/edit
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_editother'] == 1 || $valid['for_editown'] == 1) { // TODO: differenciate own from other.
return DB::table('for_posts')
->where('id', $request->id)
->where('id', $r->id)
->update([
'lastedit' => time(),
'message' => $request->message,
'nolayout' => $request->nolayout
'message' => $r->message,
'nolayout' => $r->nolayout
]);
}
}
}
public function deletePost(Request $request) { // /api/rpc/board/post/delete
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function deletePost(Request $r) { // /api/rpc/board/post/delete
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_del'] == 1) {
$s = db::table('for_posts')
->select('delete')
->where('id', $request->id)
->where('id', $r->id)
->first()->delete;
if ($s === 1) {
$request->delreason = '';
$r->delreason = '';
}
DB::table('for_posts')
->where('id', $request->id)
->where('id', $r->id)
->update([
'delete' => ($s == 0 ? 1 : 0),
'delreason' => $request->delreason
'delreason' => $r->delreason
]);
return array(
'delete' => ($s == 0 ? 1 : 0),
'delreason' => $request->delreason
'delreason' => $r->delreason
);
}
else {
@ -1001,23 +1001,23 @@ class BoardController extends Controller {
}
}
public function lockTopic(Request $request) { // /api/rpc/board/topic/lock
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function lockTopic(Request $r) { // /api/rpc/board/topic/lock
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_locky'] == 1) {
$s = db::table('for_threads')
->select('lock')
->where('id', $request->id)
->where('id', $r->id)
->first()->lock;
DB::table('for_threads')
->where('id', $request->id)
->where('id', $r->id)
->update([
'lock' => ($s == 0 ? 1 : 0)
]);
@ -1030,18 +1030,18 @@ class BoardController extends Controller {
}
}
public function unlockTopic(Request $request) { // /api/rpc/board/topic/unlock
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function unlockTopic(Request $r) { // /api/rpc/board/topic/unlock
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_locky'] == 1) {
return DB::table('for_threads')
->where('id', $request->id)
->where('id', $r->id)
->update([
'lock' => 0
]);
@ -1052,25 +1052,25 @@ class BoardController extends Controller {
}
}
public function moveTopic(Request $request) { // /api/rpc/board/topic/move
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function moveTopic(Request $r) { // /api/rpc/board/topic/move
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_move'] == 1) {
$res = DB::table('for_threads')
->where('id', $request->id)
->where('id', $r->id)
->update([
'for_id' => $request->new_id
'for_id' => $r->new_id
]);
$for = DB::table('for_forums')
->select('title', 'cat_id')
->where('id', $request->new_id)
->where('id', $r->new_id)
->first();
$cat = DB::table('for_category')
@ -1079,7 +1079,7 @@ class BoardController extends Controller {
->first();
return array([
'fid' => $request->new_id,
'fid' => $r->new_id,
'ftit' => $for->title,
'cid' => $for->cat_id,
'ctit' => $cat->title
@ -1091,38 +1091,38 @@ class BoardController extends Controller {
}
}
public function splitPost(Request $request) { // /api/rpc/board/post/split
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function splitPost(Request $r) { // /api/rpc/board/post/split
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_split'] == 1) {
$uid = DB::table('for_posts')
->select('user_id')
->where('id', $request->id)
->where('id', $r->id)
->first();
$add = DB::table('for_threads')
->insertGetId([
'for_id' => $request->forId,
'title' => $request->title,
'for_id' => $r->forId,
'title' => $r->title,
'started_by' => $uid->user_id,
'replies' => 0,
'views' => 0,
'last_date' => 0,
'last_uid' => 0,
'sticky' => $request->sticky,
'sticky' => $r->sticky,
'poll' => 0,
'read' => '',
'lock' => $request->lock
'lock' => $r->lock
]);
DB::table('for_posts')
->where('id', $request->id)
->where('id', $r->id)
->update([
'top_id' => $add,
]);
@ -1135,24 +1135,24 @@ class BoardController extends Controller {
}
}
public function mergeTopic(Request $request) { // /api/rpc/board/topic/merge
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function mergeTopic(Request $r) { // /api/rpc/board/topic/merge
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_mergepost'] == 1) {
DB::table('for_posts')
->where('top_id', $request->id)
->where('top_id', $r->id)
->update([
'top_id' => $request->alt_id
'top_id' => $r->alt_id
]);
DB::table('for_threads')
->where('id', $request->id)
->where('id', $r->id)
->delete();
return 'Success!';
@ -1163,23 +1163,23 @@ class BoardController extends Controller {
}
}
public function pinTopic(Request $request) { // /api/rpc/board/topic/pin
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function pinTopic(Request $r) { // /api/rpc/board/topic/pin
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_sticky'] == 1) {
$s = DB::table('for_threads')
->select('sticky')
->where('id', $request->id)
->where('id', $r->id)
->first();
DB::table('for_threads')
->where('id', $request->id)
->where('id', $r->id)
->update([
'sticky' => ($s->sticky == 0 ? 1 : 0)
]);
@ -1192,18 +1192,18 @@ class BoardController extends Controller {
}
}
public function unpinTopic(Request $request) { // /api/rpc/board/topic/unpin
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function unpinTopic(Request $r) { // /api/rpc/board/topic/unpin
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_sticky'] == 1) {
return DB::table('for_threads')
->where('id', $request->id)
->where('id', $r->id)
->update([
'sticky' => 0
]);
@ -1211,14 +1211,14 @@ class BoardController extends Controller {
}
}
public function getReadCategories (Request $request) { // /api/rpc/board/topic/getreadcategories
public function getReadCategories (Request $r) { // /api/rpc/board/topic/getreadcategories
}
public function getReadForums (Request $request) { // /api/rpc/board/topic/getreadforums
public function getReadForums (Request $r) { // /api/rpc/board/topic/getreadforums
}
public function getReadTopics (Request $request) { // /api/rpc/board/topic/getreadtopics
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function getReadTopics (Request $r) { // /api/rpc/board/topic/getreadtopics
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
@ -1247,24 +1247,24 @@ class BoardController extends Controller {
}
}
public function markForumRead ($id, Request $request) { // /api/rpc/board/topic/markforumread/fid
public function markForumRead ($id, Request $r) { // /api/rpc/board/topic/markforumread/fid
}
public function markTopicRead ($id, Request $request) { // /api/rpc/board/topic/marktopicread/tid
public function markTopicRead ($id, Request $r) { // /api/rpc/board/topic/marktopicread/tid
}
public function undeletePost(Request $request) { // /api/rpc/board/post/undelete
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function undeletePost(Request $r) { // /api/rpc/board/post/undelete
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['for_del'] == 1) {
return DB::table('for_posts')
->where('id', $request->id)
->where('id', $r->id)
->update([
'delete' => 0,
'delreason' => ''
@ -1283,7 +1283,7 @@ class BoardController extends Controller {
->count();
}
public function browseCategories(Request $request) { // /api/rpc/board/browse/browsecategories
public function browseCategories(Request $r) { // /api/rpc/board/browse/browsecategories
$cats = $this->getCategories()->toArray();
$cols = $this->objUser->getGroupColours()->toArray();
@ -1297,13 +1297,13 @@ class BoardController extends Controller {
$resF = array();
foreach($fors as $f) {
$read = $this->checkRead($f['id'], 0, $request->username, $request->password);
$read = $this->checkRead($f['id'], 0, $r->kero_token);
$ldet = $this->getLastPostOfForum($f['id']);
$topicsuu = DB::table('for_threads')->where('for_id', $f['id'])->count();
$replysuu = $this->countPostsInForum($f['id']);
if ($ldet['uid'] != 0) {
$user = $this->objUser->getUser($ldet['uid'], $request)->toArray();
$user = $this->objUser->getUser($ldet['uid'], $r)->toArray();
$showName = "";
$showCol = "";
@ -1362,20 +1362,20 @@ class BoardController extends Controller {
return $res;
}
public function browseForums($id, $from, $to, Request $request) { // /api/rpc/board/browse/browseforums/id/from/to
public function browseForums($id, $from, $to, Request $r) { // /api/rpc/board/browse/browseforums/id/from/to
$fors = $this->getForums($id);
$cols = $this->objUser->getGroupColours()->toArray();
$res = array();
foreach($fors as $f) {
$read = $this->checkRead($f['id'], 0, $request->username, $request->password);
$read = $this->checkRead($f['id'], 0, $r->kero_token);
$ldet = $this->getLastPostOfForum($f['id']);
$topicsuu = DB::table('for_threads')->where('for_id', $f['id'])->count();
$replysuu = $this->countPostsInForum($f['id']);
if ($f['last_uid'] != 0) {
$user = $this->objUser->getUser($ldet['uid'], $request)->toArray();
$user = $this->objUser->getUser($ldet['uid'], $r)->toArray();
$showName = "";
$showCol = "";
@ -1437,7 +1437,7 @@ class BoardController extends Controller {
);
}
public function browseTopics($mode, $id, $from, $to, Request $request) { // /api/rpc/board/browse/browsetopicsmode/id/from/to
public function browseTopics($mode, $id, $from, $to, Request $r) { // /api/rpc/board/browse/browsetopicsmode/id/from/to
$topsUP = $this->getTopicsUnpinned($id, $from, $to);
$topsPN = $this->getTopicsPinned($id, $from, $to);
$topsUS = $this->getTopicsUser($id, $from, $to);
@ -1464,14 +1464,14 @@ class BoardController extends Controller {
$i = 0;
foreach($tops as $t) {
$read = $this->checkRead(0, $t->id, $request->username, $request->password);
$read = $this->checkRead(0, $t->id, $r->kero_token);
$replysuu = DB::table('for_posts')->where('top_id', $t->id)->count();
$fplp = $this->getFirstAndLastPosts($t->id);
$userFD = $fplp['first']['date'];
$userLD = $fplp['last']['date'];
$userFirst = $this->objUser->getUser($fplp['first']['uid'], $request)->toArray();
$userLast = $this->objUser->getUser($fplp['last']['uid'], $request)->toArray();
$userFirst = $this->objUser->getUser($fplp['first']['uid'], $r)->toArray();
$userLast = $this->objUser->getUser($fplp['last']['uid'], $r)->toArray();
$showNameF = "";
$showColF = "";
$showNameL = "";
@ -1745,14 +1745,14 @@ class BoardController extends Controller {
return $string;
}
public function browseTopicPosts($tp, $id, $from, $to, Request $request) { // /api/rpc/board/browse/browsetopicposts/tp/id/from/to
public function browseTopicPosts($tp, $id, $from, $to, Request $r) { // /api/rpc/board/browse/browsetopicposts/tp/id/from/to
// Load group colours.
$ucol = $this->objUser->getGroupColours();
// All the user posts' user IDs.
if ($tp == 't') $uid = $this->getUserPosts($id, $from, $to, $request);
else if ($tp == 'p') $uid = $this->getUserPost($id, $request);
else $uid = $this->getPostsOfUser($id, $from, $to, $request);
if ($tp == 't') $uid = $this->getUserPosts($id, $from, $to, $r);
else if ($tp == 'p') $uid = $this->getUserPost($id, $r);
else $uid = $this->getPostsOfUser($id, $from, $to, $r);
$udat = array();
$key = 0;
$ldate = 0;
@ -1822,7 +1822,7 @@ class BoardController extends Controller {
$key++;
}
$check = $this->objAuth->checkLegit($request->username, $request->password);
$check = $this->objAuth->checkLegit($r->kero_token);
if ($tp == 't' && $check != 0) {
$view = DB::table('for_threads')
@ -1860,9 +1860,9 @@ class BoardController extends Controller {
return $udat;
}
public function browsePermissions($uid, Request $request) { // /api/rpc/board/browse/browsepermissions/uid
public function browsePermissions($uid, Request $r) { // /api/rpc/board/browse/browsepermissions/uid
// Get user ID.
$perm = $this->objUser->getUser($uid, $request);
$perm = $this->objUser->getUser($uid, $r);
// Does the user ID exist? Grand the appropriate rights. Otherwise, use guest.
if ($uid != 0) {

78
app/Http/Controllers/ImageController.php
ファイルの表示

@ -23,8 +23,8 @@ class ImageController extends Controller {
$this->objUser = new UserController();
}
public function getUserWithUploads(Request $request) { // /api/rpc/image/get/userwithuploads
$valid = $this->objAuth->getPermissions($request->username, $request->password);
public function getUserWithUploads(Request $r) { // /api/rpc/image/get/userwithuploads
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['img_viewimg'] == 1) {
$cols = $this->objUser->getGroupColours()->toArray();
@ -37,7 +37,7 @@ class ImageController extends Controller {
$protocol = isset($_SERVER["HTTPS"]) ? 'https' : 'http';
if ($usr != 0) {
$user = $this->objUser->getUser($usr, $request)->toArray();
$user = $this->objUser->getUser($usr, $r)->toArray();
$showName = "";
$showCol = "";
@ -78,8 +78,8 @@ class ImageController extends Controller {
}
}
public function getAll(Request $request) { // /api/rpc/image/get/all
$valid = $this->objAuth->getPermissions($request->username, $request->password);
public function getAll(Request $r) { // /api/rpc/image/get/all
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['img_viewimg'] == 1) {
$cols = $this->objUser->getGroupColours()->toArray();
@ -92,7 +92,7 @@ class ImageController extends Controller {
$protocol = isset($_SERVER["HTTPS"]) ? 'https' : 'http';
if ($usr[3] != 0) {
$user = $this->objUser->getUser($usr[3], $request)->toArray();
$user = $this->objUser->getUser($usr[3], $r)->toArray();
$showName = "";
$showCol = "";
@ -135,14 +135,14 @@ class ImageController extends Controller {
}
}
public function getOwn(Request $request) { // /api/rpc/image/get/own
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function getOwn(Request $r) { // /api/rpc/image/get/own
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['img_viewimg'] == 1) {
$cols = $this->objUser->getGroupColours()->toArray();
@ -159,7 +159,7 @@ class ImageController extends Controller {
$protocol = isset($_SERVER["HTTPS"]) ? 'https' : 'http';
if ($usr[3] == $check) {
$user = $this->objUser->getUser($usr[3], $request)->toArray();
$user = $this->objUser->getUser($usr[3], $r)->toArray();
$showName = "";
$showCol = "";
@ -207,8 +207,8 @@ class ImageController extends Controller {
}
}
public function getUser($id, Request $request) { // /api/rpc/image/get/user/id
$valid = $this->objAuth->getPermissions($request->username, $request->password);
public function getUser($id, Request $r) { // /api/rpc/image/get/user/id
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['img_viewimg'] == 1) {
$cols = $this->objUser->getGroupColours()->toArray();
@ -221,7 +221,7 @@ class ImageController extends Controller {
$protocol = isset($_SERVER["HTTPS"]) ? 'https' : 'http';
if ($usr[3] != 0) {
$user = $this->objUser->getUser($usr[3], $request)->toArray();
$user = $this->objUser->getUser($usr[3], $r)->toArray();
$showName = "";
$showCol = "";
@ -264,14 +264,14 @@ class ImageController extends Controller {
}
}
public function getOther(Request $request) { // /api/rpc/image/get/other
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function getOther(Request $r) { // /api/rpc/image/get/other
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['img_viewimg'] == 1) {
$cols = $this->objUser->getGroupColours()->toArray();
@ -294,7 +294,7 @@ class ImageController extends Controller {
$protocol = isset($_SERVER["HTTPS"]) ? 'https' : 'http';
if ($usr != $check) {
$user = $this->objUser->getUser($usr, $request)->toArray();
$user = $this->objUser->getUser($usr, $r)->toArray();
$showName = "";
$showCol = "";
@ -344,34 +344,34 @@ class ImageController extends Controller {
}
}
public function viewImage(Request $request) { // /api/rpc/image/view
$valid = $this->objAuth->getPermissions($request->username, $request->password);
public function viewImage(Request $r) { // /api/rpc/image/view
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['img_viewimg'] == 1) {
$protocol = isset($_SERVER["HTTPS"]) ? 'https' : 'http';
if (!isset($request->id) || !isset($request->name)) {
if (!isset($r->id) || !isset($r->name)) {
return 'Err!';
}
return $protocol.'://'.$_SERVER['SERVER_NAME'].'/assets/images/'.$request->id.'/'.$request->name;
return $protocol.'://'.$_SERVER['SERVER_NAME'].'/assets/images/'.$r->id.'/'.$r->name;
}
else {
return 'Permission denied.';
}
}
public function uploadImage(Request $request) { // /api/rpc/image/upload
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function uploadImage(Request $r) { // /api/rpc/image/upload
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['img_addimg'] == 1) {
if (isset($request->filename)) {
if (isset($r->filename)) {
if (!is_dir("assets/images/".$check)) {
if (!mkdir("assets/images/".$check, 0755, true)) {
return "Could not make folder ".$check."<br />";
@ -379,22 +379,22 @@ class ImageController extends Controller {
}
$img_dir = "assets/images/".$check."/";
$image = $img_dir . $request->filename;
$image = $img_dir . $r->filename;
$imageFileType = array(
'image/png',
'image/jpeg',
'image/gif'
);
if (!in_array($request->filetype, $imageFileType)) {
if (!in_array($r->filetype, $imageFileType)) {
return "Only JPG, PNG, JPEG, and GIF are allowed.";
}
$fname = 'assets/images/'.$check.'/'.$request->filename;
$data = base64_decode(preg_replace('#^data:image/\w+;base64,#i', '', $request->thefile));
$fname = 'assets/images/'.$check.'/'.$r->filename;
$data = base64_decode(preg_replace('#^data:image/\w+;base64,#i', '', $r->thefile));
Storage::disk('public')->put($fname, $data);
return $request->filename;
return $r->filename;
}
}
else {
@ -408,29 +408,29 @@ class ImageController extends Controller {
return (count(scandir($dir)) == 2);
}
public function removeImage(Request $request) { // /api/rpc/image/remove
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function removeImage(Request $r) { // /api/rpc/image/remove
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['img_delotherimg'] == 1) {
if (isset($request->name)) {
$fname = 'assets/images/'.$request->id.'/'.$request->name;
if (isset($r->name)) {
$fname = 'assets/images/'.$r->id.'/'.$r->name;
unlink('storage/'.$fname);
if ($this->is_dir_empty('storage/assets/images/'.$request->id)) rmdir('storage/assets/images/'.$request->id);
if ($this->is_dir_empty('storage/assets/images/'.$r->id)) rmdir('storage/assets/images/'.$r->id);
return 'Deleted';
}
}
else {
if (isset($request->name)) {
if ($check == $request->id) {
if (isset($r->name)) {
if ($check == $r->id) {
if ($valid['img_delownimg'] == 1) {
$fname = 'assets/images/'.$check.'/'.$request->name;
$fname = 'assets/images/'.$check.'/'.$r->name;
unlink('storage/'.$fname);
if ($this->is_dir_empty('storage/assets/images/'.$check)) rmdir('storage/assets/images/'.$check);

664
app/Http/Controllers/InvoiceController.php
ファイルの表示

ファイル差分が大きすぎるため省略します 差分を読み込み

4
app/Http/Controllers/PackageController.php
ファイルの表示

@ -22,8 +22,8 @@ class PackageController extends Controller {
$this->objPermission = new PermissionController();
}
public function get(Request $request) { // /api/rpc/pack/get
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function get(Request $r) { // /api/rpc/pack/get
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'err!';

198
app/Http/Controllers/SiteController.php
ファイルの表示

@ -23,12 +23,12 @@ class SiteController extends Controller {
}
// Posts
public function getPosts(Request $request) { // /api/rpc/site/post/get/all
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function getPosts(Request $r) { // /api/rpc/site/post/get/all
$check = $this->objAuth->checkLegit($r->kero_token);
// Load group colours.
$ucol = $this->objUser->getGroupColours();
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
// Load content.
if ($valid['blg_editpost']) {
@ -188,9 +188,9 @@ class SiteController extends Controller {
return $res;
}
public function getPost($slug, Request $request) { // /api/rpc/site/post/get/slug/slug
$check = $this->objAuth->checkLegit($request->username, $request->password);
$valid = $this->objAuth->getPermissions($request->username, $request->password);
public function getPost($slug, Request $r) { // /api/rpc/site/post/get/slug/slug
$check = $this->objAuth->checkLegit($r->kero_token);
$valid = $this->objAuth->getPermissions($r->kero_token);
// Load group colours.
$ucol = $this->objUser->getGroupColours();
@ -301,24 +301,24 @@ class SiteController extends Controller {
return $res;
}
public function newPost(Request $request) { // /api/rpc/site/post/new
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function newPost(Request $r) { // /api/rpc/site/post/new
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return \Response::json(array('error' => 'ログインされませんでした。'));
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['blg_addpost'] == 1) {
$pubdate = 0;
if ($request->public_status == 1) {
if ($request->publish_date <= time()) {
if ($r->public_status == 1) {
if ($r->publish_date <= time()) {
return \Response::json(array('error' => '投稿日より公開日の方がもっと古いだと不許可です。'));
}
else {
$pubdate = $request->publish_date;
$pubdate = $r->publish_date;
}
}
else {
@ -329,14 +329,14 @@ class SiteController extends Controller {
->insert([
'user_id' => $check,
'isPost' => 1,
'title' => $request->title,
'slug' => $request->slug,
'title' => $r->title,
'slug' => $r->slug,
'post_date' => time(),
'publish_date' => $pubdate,
'sortorder' => 0,
'public_status' => $request->public_status,
'public_status' => $r->public_status,
'isMenu' => 0,
'message' => $request->message
'message' => $r->message
]);
return \Response::json($add);
@ -347,23 +347,23 @@ class SiteController extends Controller {
}
}
public function editPost(Request $request) { // /api/rpc/site/post/edit
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function editPost(Request $r) { // /api/rpc/site/post/edit
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return \Response::json(array('error' => 'ログインされませんでした。'));
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['blg_editpost'] == 1) {
return DB::table('blg_content')
->where('id', $request->id)
->where('id', $r->id)
->update([
'title' => $request->title,
'slug' => $request->slug,
'public_status' => $request->public_status,
'message' => $request->message
'title' => $r->title,
'slug' => $r->slug,
'public_status' => $r->public_status,
'message' => $r->message
]);
}
else {
@ -372,17 +372,17 @@ class SiteController extends Controller {
}
}
public function deletePost(Request $request) { // /api/rpc/site/post/delete
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function deletePost(Request $r) { // /api/rpc/site/post/delete
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return \Response::json(array('error' => 'ログインされませんでした。'));
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['blg_delpost'] == 1) {
return DB::table('blg_content')->where('id', $request->id)->delete();
return DB::table('blg_content')->where('id', $r->id)->delete();
}
else {
return \Response::json(array('error' => '不許可。'));
@ -560,31 +560,31 @@ class SiteController extends Controller {
return $res;
}
public function newComment(Request $request) { // /api/rpc/site/comment/new
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function newComment(Request $r) { // /api/rpc/site/comment/new
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return \Response::json(array('error' => 'ログインされませんでした。'));
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['blg_addcomment'] == 1) {
$add = DB::table('blg_comments')
->insertGetId([
'user_id' => $check,
'content_id' => $request->content_id,
'content_id' => $r->content_id,
'votes' => 0,
'post_date' => time(),
'last_date' => 0,
'isDeleted' => 0,
'message' => $request->message,
'ip_address' => $request->ip_address
'message' => $r->message,
'ip_address' => $r->ip_address
]);
$g = DB::table('blg_content')->select('slug', 'user_id')->where('id', $request->content_id)->first();
$g = DB::table('blg_content')->select('slug', 'user_id')->where('id', $r->content_id)->first();
if ($check != $g->user_id) $this->objUser->addNotification($request, $g->user_id, 1, '新規ブログコメント', 'blog/'.$g->slug, 'comment-'.$add);
if ($check != $g->user_id) $this->objUser->addNotification($r, $g->user_id, 1, '新規ブログコメント', 'blog/'.$g->slug, 'comment-'.$add);
return \Response::json($add);
}
@ -594,30 +594,30 @@ class SiteController extends Controller {
}
}
public function editComment(Request $request) { // /api/rpc/site/comment/edit
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function editComment(Request $r) { // /api/rpc/site/comment/edit
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return \Response::json(array('error' => 'ログインされませんでした。'));
}
else {
$owner = DB::table('blg_comments')->select('user_id')->where('id', $request->id)->where('user_id', $request->user)->get()->toArray();
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$owner = DB::table('blg_comments')->select('user_id')->where('id', $r->id)->where('user_id', $r->user)->get()->toArray();
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['blg_editcomment'] == 1) {
return DB::table('blg_comments')
->where('id', $request->id)
->where('id', $r->id)
->update([
'last_date' => time(),
'message' => $request->message
'message' => $r->message
]);
}
else if ($valid['blg_delcomment'] == 1 && $owner[0]->user_id == $check) {
return DB::table('blg_comments')
->where('id', $request->id)
->where('id', $r->id)
->update([
'last_date' => time(),
'message' => $request->message
'message' => $r->message
]);
}
else {
@ -626,20 +626,20 @@ class SiteController extends Controller {
}
}
public function removeComment(Request $request) { // /api/rpc/site/comment/remove
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function removeComment(Request $r) { // /api/rpc/site/comment/remove
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return \Response::json(array('error' => 'ログインされませんでした。'));
}
else {
$owner = DB::table('blg_comments')->select('user_id')->where('id', $request->id)->where('user_id', $request->user)->get()->toArray();
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$owner = DB::table('blg_comments')->select('user_id')->where('id', $r->id)->where('user_id', $r->user)->get()->toArray();
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['blg_delcomment'] == 1) {
$get = DB::table('blg_comments')
->select('isDeleted')
->where('id', $request->id)
->where('id', $r->id)
->get();
$mod = 0;
@ -650,7 +650,7 @@ class SiteController extends Controller {
}
return DB::table('blg_comments')
->where('id', $request->id)
->where('id', $r->id)
->update([
'isDeleted' => $mod
]);
@ -658,7 +658,7 @@ class SiteController extends Controller {
else if ($valid['blg_delowncomment'] == 1 && $owner[0]->user_id == $check) {
$get = DB::table('blg_comments')
->select('isDeleted')
->where('id', $request->id)
->where('id', $r->id)
->get();
foreach ($get as $i) {
@ -666,7 +666,7 @@ class SiteController extends Controller {
}
return DB::table('blg_comments')
->where('id', $request->id)
->where('id', $r->id)
->update([
'isDeleted' => 1
]);
@ -677,19 +677,19 @@ class SiteController extends Controller {
}
}
public function voteComment(Request $request) { // /api/rpc/site/comment/vote
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function voteComment(Request $r) { // /api/rpc/site/comment/vote
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return \Response::json(array('error' => 'ログインされませんでした。'));
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['blg_addcomment'] == 1) {
$get = DB::table('blg_comments')
->select('votes')
->where('id', $request->id)
->where('id', $r->id)
->get();
$mod = 0;
@ -699,9 +699,9 @@ class SiteController extends Controller {
}
return DB::table('blg_comments')
->where('id', $request->id)
->where('id', $r->id)
->update([
'votes' => $request->votemod
'votes' => $r->votemod
]);
}
else {
@ -771,8 +771,8 @@ class SiteController extends Controller {
->get();
}
public function getPage($slug, Request $request) { // /api/rpc/site/page/get/slug/slug
$valid = $this->objAuth->getPermissions($request->username, $request->password);
public function getPage($slug, Request $r) { // /api/rpc/site/page/get/slug/slug
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['blg_editpage'] == 1) {
return DB::table('blg_content')
@ -793,14 +793,14 @@ class SiteController extends Controller {
}
}
public function newPage(Request $request) { // /api/rpc/site/page/new
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function newPage(Request $r) { // /api/rpc/site/page/new
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return \Response::json(array('error' => 'ログインされませんでした。'));
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['blg_addpage'] == 1) {
$lorder = DB::table('blg_content')
@ -813,14 +813,14 @@ class SiteController extends Controller {
->insert([
'user_id' => 0,
'isPost' => 0,
'title' => $request->title,
'slug' => $request->slug,
'title' => $r->title,
'slug' => $r->slug,
'post_date' => 0,
'publish_date' => 0,
'sortorder' => ($request->isMenu == 1 ? $lorder : 0),
'public_status' => $request->public_status,
'isMenu' => ($request->isMenu ? 1 : 0),
'message' => $request->message
'sortorder' => ($r->isMenu == 1 ? $lorder : 0),
'public_status' => $r->public_status,
'isMenu' => ($r->isMenu ? 1 : 0),
'message' => $r->message
]);
return \Response::json($add);
@ -831,24 +831,24 @@ class SiteController extends Controller {
}
}
public function editPage(Request $request) { // /api/rpc/site/page/edit
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function editPage(Request $r) { // /api/rpc/site/page/edit
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return \Response::json(array('error' => 'ログインされませんでした。'));
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['blg_editpage'] == 1) {
return DB::table('blg_content')
->where('id', $request->id)
->where('id', $r->id)
->update([
'title' => $request->title,
'slug' => $request->slug,
'public_status' => $request->public_status,
'isMenu' => $request->isMenu,
'message' => $request->message
'title' => $r->title,
'slug' => $r->slug,
'public_status' => $r->public_status,
'isMenu' => $r->isMenu,
'message' => $r->message
]);
}
else {
@ -857,17 +857,17 @@ class SiteController extends Controller {
}
}
public function deletePage(Request $request) { // /api/rpc/site/page/delete
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function deletePage(Request $r) { // /api/rpc/site/page/delete
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return \Response::json(array('error' => 'ログインされませんでした。'));
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['blg_delpage'] == 1) {
return DB::table('blg_content')->where('id', $request->id)->delete();
return DB::table('blg_content')->where('id', $r->id)->delete();
}
else {
return \Response::json(array('error' => '不許可。'));
@ -893,19 +893,19 @@ class SiteController extends Controller {
return false;
}
public function newPortfolioCategory(Request $request) { // /api/rpc/site/portfolio/newcategory
public function newPortfolioCategory(Request $r) { // /api/rpc/site/portfolio/newcategory
return false;
}
public function editPortfolioCategory(Request $request) { // /api/rpc/site/portfolio/editcategory
public function editPortfolioCategory(Request $r) { // /api/rpc/site/portfolio/editcategory
return false;
}
public function removePortfolioCategory(Request $request) { // /api/rpc/site/portfolio/removecategory
public function removePortfolioCategory(Request $r) { // /api/rpc/site/portfolio/removecategory
return false;
}
public function deletePortfolioCategory(Request $request) { // /api/rpc/site/portfolio/deletecategory
public function deletePortfolioCategory(Request $r) { // /api/rpc/site/portfolio/deletecategory
return false;
}
@ -918,19 +918,19 @@ class SiteController extends Controller {
return false;
}
public function newPortfolioItem(Request $request) { // /api/rpc/site/portfolio/newitem
public function newPortfolioItem(Request $r) { // /api/rpc/site/portfolio/newitem
return false;
}
public function editPortfolioItem(Request $request) { // /api/rpc/site/portfolio/edititem
public function editPortfolioItem(Request $r) { // /api/rpc/site/portfolio/edititem
return false;
}
public function removePortfolioItem(Request $request) { // /api/rpc/site/portfolio/removeitem
public function removePortfolioItem(Request $r) { // /api/rpc/site/portfolio/removeitem
return false;
}
public function deletePortfolioItem(Request $request) { // /api/rpc/site/portfolio/deleteitem
public function deletePortfolioItem(Request $r) { // /api/rpc/site/portfolio/deleteitem
return false;
}
@ -941,17 +941,17 @@ class SiteController extends Controller {
->get();
}
public function setSettings(Request $request) { // /api/rpc/site/admin/setsettings
public function setSettings(Request $r) { // /api/rpc/site/admin/setsettings
return DB::table('blg_settings')
->update([
'sitename' => $request->sitename,
'description' => $request->description,
'tags' => $request->tags,
'blog_status' => $request->blog_status,
'homepage' => $request->homepage,
'announcement' => $request->announcement,
'theme' => $request->theme,
'locale' => $request->locale
'sitename' => $r->sitename,
'description' => $r->description,
'tags' => $r->tags,
'blog_status' => $r->blog_status,
'homepage' => $r->homepage,
'announcement' => $r->announcement,
'theme' => $r->theme,
'locale' => $r->locale
]);
}
}

90
app/Http/Controllers/StoreController.php
ファイルの表示

@ -39,20 +39,20 @@ class StoreController extends Controller {
));
}
public function newGame(Request $request) { // /api/rpc/store/games/newgame
public function newGame(Request $r) { // /api/rpc/store/games/newgame
$add = DB::table('str_games')
->insert([
'name' => $request->name
'name' => $r->name
]);
return \Response::json($add);
}
public function editGame(Request $request) { // /api/rpc/store/games/editgame
public function editGame(Request $r) { // /api/rpc/store/games/editgame
return DB::table('str_games')
->where('id', $request->id)
->where('id', $r->id)
->update([
'name' => $request->name
'name' => $r->name
]);
}
@ -141,23 +141,23 @@ class StoreController extends Controller {
));
}
public function newCategory(Request $request) { // /api/rpc/store/category/newcategory
public function newCategory(Request $r) { // /api/rpc/store/category/newcategory
$add = DB::table('str_category')
->insert([
'name' => $request->name,
'game_id' => $request->game_id,
'min_screenshots' => $request->min_screenshots
'name' => $r->name,
'game_id' => $r->game_id,
'min_screenshots' => $r->min_screenshots
]);
return \Response::json($add);
}
public function editCategory(Request $request) { // /api/rpc/store/category/editcategory
public function editCategory(Request $r) { // /api/rpc/store/category/editcategory
return DB::table('str_category')
->where('id', $request->id)
->where('id', $r->id)
->update([
'name' => $request->name,
'min_screenshots' => $request->min_screenshots
'name' => $r->name,
'min_screenshots' => $r->min_screenshots
]);
}
@ -313,10 +313,10 @@ class StoreController extends Controller {
->get();
}
public function updateDownloadCount(Request $request) { // /api/rpc/store/entry/updatedownloadcount
public function updateDownloadCount(Request $r) { // /api/rpc/store/entry/updatedownloadcount
return DB::table('str_file')
->where('id', $request->id)
->update(['downloads', $request->downloads]);
->where('id', $r->id)
->update(['downloads', $r->downloads]);
}
public function FileSizeConvert($bytes) {
@ -479,8 +479,8 @@ class StoreController extends Controller {
->count();
}
public function makedir(Request $request) {
$id = $request->id;
public function makedir(Request $r) {
$id = $r->id;
if (!mkdir($this->storePath.'/'.$id, 0755, true)) {
Log::error('File MKDIR failed: ');
@ -493,29 +493,29 @@ class StoreController extends Controller {
}
}
public function uploadEntry(Request $request) { // /api/rpc/store/entry/upload
public function uploadEntry(Request $r) { // /api/rpc/store/entry/upload
header('Access-Control-Allow-Origin: *');
$id = $request->id;
$id = $r->id;
Log::info('Name: '.$request->file('imgfile')); //TMP
Log::info('Type: '.gettype($request->file('imgfile'))); // TMP
Log::info('Name: '.$r->file('imgfile')); //TMP
Log::info('Type: '.gettype($r->file('imgfile'))); // TMP
$request->file('upfile')->move(public_path('storage/store'.$id), $request->file('imgfile')->getClientOriginalName);
$request->file('imgfile')->move(public_path('storage/store'.$id.'/screens'), $request->file('imgfile')->getClientOriginalName);
$r->file('upfile')->move(public_path('storage/store'.$id), $r->file('imgfile')->getClientOriginalName);
$r->file('imgfile')->move(public_path('storage/store'.$id.'/screens'), $r->file('imgfile')->getClientOriginalName);
exit(); // TMP
$add = DB::table('str_file')
->insert([
'game_id' => intval($request->game_id),
'cat_id' => intval($request->cat_id),
'title' => $request->title,
'version' => $request->version,
'video' => (!empty($request->video) ? $request->video : ''),
'description' => $request->description,
'game_id' => intval($r->game_id),
'cat_id' => intval($r->cat_id),
'title' => $r->title,
'version' => $r->version,
'video' => (!empty($r->video) ? $r->video : ''),
'description' => $r->description,
'changelog' => '',
'warningnote' => (!empty($request->warningnote) ? $request->warningnote : ''),
'submit_date' => intval($request->submit_date),
'warningnote' => (!empty($r->warningnote) ? $r->warningnote : ''),
'submit_date' => intval($r->submit_date),
'last_date' => intval(0),
'views' => intval(0),
'downloads' => intval(0),
@ -530,29 +530,29 @@ class StoreController extends Controller {
return \Response::json($add);
}
public function updateEntry(Request $request) { // /api/rpc/store/entry/update
public function updateEntry(Request $r) { // /api/rpc/store/entry/update
return DB::table('str_file')
->where('id', $request->id)
->where('id', $r->id)
->update([
'cat_id' => $request->cat_id,
'title' => $request->title,
'version' => $request->version,
'description' => $request->description,
'changelog' => $request->changelog,
'warningnote' => $request->warningnote,
'last_date' => $request->last_date
'cat_id' => $r->cat_id,
'title' => $r->title,
'version' => $r->version,
'description' => $r->description,
'changelog' => $r->changelog,
'warningnote' => $r->warningnote,
'last_date' => $r->last_date
]);
}
public function restoreEntry(Request $request) { // /api/rpc/store/entry/restore
public function restoreEntry(Request $r) { // /api/rpc/store/entry/restore
return DB::table('str_file')
->where('id', $request->id)
->where('id', $r->id)
->update(['isApproved' => 1]);
}
public function removeEntry(Request $request) { // /api/rpc/store/entry/remove
public function removeEntry(Request $r) { // /api/rpc/store/entry/remove
return DB::table('str_file')
->where('id', $request->id)
->where('id', $r->id)
->update(['isApproved' => 0]);
}

232
app/Http/Controllers/UserController.php
ファイルの表示

@ -105,20 +105,20 @@ class UserController extends Controller {
return $res;
}
public function updateUserStatus(Request $request) { // /api/rpc/user/user/updateuserstatus
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function updateUserStatus(Request $r) { // /api/rpc/user/user/updateuserstatus
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check != 0) {
return DB::table('usr_profile')
->where('user_id', $check)
->update([
'ostatus' => $request->ostatus
'ostatus' => $r->ostatus
]);
}
}
public function updateUserOnline(Request $request) { // /api/rpc/user/user/updateuseronline
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function updateUserOnline(Request $r) { // /api/rpc/user/user/updateuseronline
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check != 0) {
return DB::table('usr_details')
@ -129,7 +129,7 @@ class UserController extends Controller {
}
}
public function getUsers(Request $request) { // /api/rpc/user/user/getusers
public function getUsers(Request $r) { // /api/rpc/user/user/getusers
$getting = array(
'users.id',
'usr_perm_module.name as group_name',
@ -143,7 +143,7 @@ class UserController extends Controller {
'usr_profile.country'
);
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['usr_emailshow'] == 1) {
array_push($getting, 'users.email');
@ -162,7 +162,7 @@ class UserController extends Controller {
->get($getting);
}
public function getUser($id, Request $request) { // /api/rpc/user/user/getuser/id/uid
public function getUser($id, Request $r) { // /api/rpc/user/user/getuser/id/uid
$getting = array(
'users.id',
'users.username',
@ -194,8 +194,8 @@ class UserController extends Controller {
'usr_contacts.twitter'
);
$check = $this->objAuth->checkLegit($request->username, $request->password);
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$check = $this->objAuth->checkLegit($r->kero_token);
$valid = $this->objAuth->getPermissions($r->kero_token);
$cols = $this->getGroupColours()->toArray();
if ($valid['usr_editother'] == 1 || $id == $check) {
@ -372,8 +372,8 @@ class UserController extends Controller {
->first()->total_threads;
}
public function addOwner(Request $request) { // /api/rpc/user/owner/addowner
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function addOwner(Request $r) { // /api/rpc/user/owner/addowner
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
@ -381,16 +381,16 @@ class UserController extends Controller {
else {
$add = DB::table('str_owners')
->insert([
'user_id' => $request->user_id,
'file_id' => $request->file_id
'user_id' => $r->user_id,
'file_id' => $r->file_id
]);
return \Response::json($add);
}
}
public function updateTotalPostCount(Request $request) { // /api/rpc/user/user/updatetotalpostcount
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function updateTotalPostCount(Request $r) { // /api/rpc/user/user/updatetotalpostcount
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
@ -407,20 +407,20 @@ class UserController extends Controller {
}
}
public function updateTotalTopicCount(Request $request) { // /api/rpc/user/user/updatetotaltopiccount
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function updateTotalTopicCount(Request $r) { // /api/rpc/user/user/updatetotaltopiccount
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$getPC = $this->getTotalPostCount($request->user_id);
$getTC = $this->getTotalTopicCount($request->user_id);
$getPC = $this->getTotalPostCount($r->user_id);
$getTC = $this->getTotalTopicCount($r->user_id);
$getPC++;
$getTC++;
return DB::table('usr_details')
->where('user_id', $request->user_id)
->where('user_id', $r->user_id)
->update([
'total_posts' => $getPC,
'total_threads' => $getTC
@ -445,21 +445,21 @@ class UserController extends Controller {
return $res;
}
public function avatarUpload(Request $request) { // /api/rpc/user/user/avatarupload
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function avatarUpload(Request $r) { // /api/rpc/user/user/avatarupload
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
$user = 0;
if ($valid['usr_editother'] == 1) $user = $request->id;
if ($valid['usr_editother'] == 1) $user = $r->id;
else $user = $check;
if ($valid['usr_editprofile'] == 1) {
if (isset($request->filename)) {
if (isset($r->filename)) {
if (!is_dir("assets/avatars/".$check)) {
if (!mkdir("assets/avatars/".$check, 0755, true)) {
return "Could not make folder ".$check."<br />";
@ -467,22 +467,22 @@ class UserController extends Controller {
}
$img_dir = "assets/avatars/".$check."/";
$image = $img_dir . $request->filename;
$image = $img_dir . $r->filename;
$imageFileType = array(
'image/png',
'image/jpeg',
'image/gif'
);
if (!in_array($request->filetype, $imageFileType)) {
if (!in_array($r->filetype, $imageFileType)) {
return "Only JPG, PNG, JPEG, and GIF are allowed.";
}
$fname = 'assets/avatars/'.$user.'/'.$request->filename;
$data = base64_decode(preg_replace('#^data:image/\w+;base64,#i', '', $request->thefile));
$fname = 'assets/avatars/'.$user.'/'.$r->filename;
$data = base64_decode(preg_replace('#^data:image/\w+;base64,#i', '', $r->thefile));
Storage::disk('public')->put($fname, $data);
return $request->filename;
return $r->filename;
}
}
else {
@ -491,77 +491,77 @@ class UserController extends Controller {
}
}
public function editUser(Request $request) { // /api/rpc/user/user/edit
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function editUser(Request $r) { // /api/rpc/user/user/edit
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['usr_editprofile'] == 1) {
if (isset($request->newPassword)) {
if (isset($r->newPassword)) {
DB::table('users')
->where('id', $request->id)
->where('id', $r->id)
->update([
'password' => $request->newPassword
'password' => $r->newPassword
]);
}
if (isset($request->email)) {
if (isset($r->email)) {
DB::table('users')
->where('id', $request->id)
->where('id', $r->id)
->update([
'email' => $request->email
'email' => $r->email
]);
}
if (
isset($request->website_link) ||
isset($request->website_name) ||
isset($request->youtube_link) ||
isset($request->youtube_name) ||
isset($request->niconico) ||
isset($request->pixiv) ||
isset($request->discord) ||
isset($request->mastodon) ||
isset($request->twitter)
isset($r->website_link) ||
isset($r->website_name) ||
isset($r->youtube_link) ||
isset($r->youtube_name) ||
isset($r->niconico) ||
isset($r->pixiv) ||
isset($r->discord) ||
isset($r->mastodon) ||
isset($r->twitter)
) {
DB::table('usr_contacts')
->where('user_id', $request->id)
->where('user_id', $r->id)
->update([
'website_link' => ($request->website_link != '' ? $request->website_link : ''),
'website_name' => ($request->website_name != '' ? $request->website_name : ''),
'youtube_link' => ($request->youtube_link != '' ? $request->youtube_link : ''),
'youtube_name' => ($request->youtube_name != '' ? $request->youtube_name : ''),
'niconico' => ($request->niconico != '' ? $request->niconico : ''),
'pixiv' => ($request->pixiv != '' ? $request->pixiv : ''),
'discord' => ($request->discord != '' ? $request->discord : ''),
'mastodon' => ($request->mastodon != '' ? $request->mastodon : ''),
'twitter' => ($request->twitter != '' ? $request->twitter : '')
'website_link' => ($r->website_link != '' ? $r->website_link : ''),
'website_name' => ($r->website_name != '' ? $r->website_name : ''),
'youtube_link' => ($r->youtube_link != '' ? $r->youtube_link : ''),
'youtube_name' => ($r->youtube_name != '' ? $r->youtube_name : ''),
'niconico' => ($r->niconico != '' ? $r->niconico : ''),
'pixiv' => ($r->pixiv != '' ? $r->pixiv : ''),
'discord' => ($r->discord != '' ? $r->discord : ''),
'mastodon' => ($r->mastodon != '' ? $r->mastodon : ''),
'twitter' => ($r->twitter != '' ? $r->twitter : '')
]);
}
if (isset($request->group) && $valid['usr_editother']) {
if (isset($r->group) && $valid['usr_editother']) {
DB::table('usr_perm_id')
->where('user_id', $request->id)
->where('user_id', $r->id)
->update([
'perm_id' => $request->group
'perm_id' => $r->group
]);
}
if (isset($request->avatar)) {
if (isset($r->avatar)) {
DB::table('usr_profile')
->where('user_id', $request->id)
->where('user_id', $r->id)
->update([
'avatar' => ($request->avatar != '' ? $request->avatar : '')
'avatar' => ($r->avatar != '' ? $r->avatar : '')
]);
}
if (isset($request->avatarRemove)) {
if ($request->avatarRemove) {
if (isset($r->avatarRemove)) {
if ($r->avatarRemove) {
DB::table('usr_profile')
->where('user_id', $request->id)
->where('user_id', $r->id)
->update([
'avatar' => ''
]);
@ -569,28 +569,28 @@ class UserController extends Controller {
}
if (
isset($request->gender) ||
isset($request->aboutSelf) ||
isset($request->signature) ||
isset($request->poststyle) ||
isset($request->nameStyle) ||
isset($request->displayName) ||
isset($request->memberTitle) ||
isset($request->birthDay) ||
isset($request->country)
isset($r->gender) ||
isset($r->aboutSelf) ||
isset($r->signature) ||
isset($r->poststyle) ||
isset($r->nameStyle) ||
isset($r->displayName) ||
isset($r->memberTitle) ||
isset($r->birthDay) ||
isset($r->country)
) {
DB::table('usr_profile')
->where('user_id', $request->id)
->where('user_id', $r->id)
->update([
'gender' => $request->gender,
'bio' => ($request->aboutSelf != '' ? $request->aboutSelf : ''),
'post_style' => ($request->poststyle != '' ? $request->poststyle : ''),
'signature' => ($request->signature != '' ? $request->signature : ''),
'name_style' => ($request->nameStyle != '' ? $request->nameStyle : ''),
'display_name' => ($request->displayName != '' ? $request->displayName : ''),
'member_title' => ($request->memberTitle != '' ? $request->memberTitle : ''),
'birthday' => ($request->birthDay != 0 ? $request->birthDay : 0),
'country' => $request->country
'gender' => $r->gender,
'bio' => ($r->aboutSelf != '' ? $r->aboutSelf : ''),
'post_style' => ($r->poststyle != '' ? $r->poststyle : ''),
'signature' => ($r->signature != '' ? $r->signature : ''),
'name_style' => ($r->nameStyle != '' ? $r->nameStyle : ''),
'display_name' => ($r->displayName != '' ? $r->displayName : ''),
'member_title' => ($r->memberTitle != '' ? $r->memberTitle : ''),
'birthday' => ($r->birthDay != 0 ? $r->birthDay : 0),
'country' => $r->country
]);
}
@ -608,9 +608,9 @@ class UserController extends Controller {
->count();
}
public function getComments ($id, Request $request) { // /api/rpc/user/comment/get/id
public function getComments ($id, Request $r) { // /api/rpc/user/comment/get/id
$cols = $this->getGroupColours()->toArray();
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['usr_viewcomment'] == 1) {
$come = array();
@ -629,7 +629,7 @@ class UserController extends Controller {
// Foreach, new getter but check on replies, and only if isDel is 0.
foreach ($get as $g) {
$user = $this->getUser($g->user_id, $request)->toArray();
$user = $this->getUser($g->user_id, $r)->toArray();
$showName = "";
$showCol = "";
@ -675,9 +675,9 @@ class UserController extends Controller {
}
}
public function getReplies ($id, Request $request) { // /api/rpc/user/comment/reply/id
public function getReplies ($id, Request $r) { // /api/rpc/user/comment/reply/id
$cols = $this->getGroupColours()->toArray();
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['usr_viewcomment'] == 1) {
$come = array();
@ -696,7 +696,7 @@ class UserController extends Controller {
// Foreach, new getter but check on replies, and only if isDel is 0.
foreach ($get as $g) {
$user = $this->getUser($g->user_id, $request)->toArray();
$user = $this->getUser($g->user_id, $r)->toArray();
$showName = "";
$showCol = "";
@ -743,28 +743,28 @@ class UserController extends Controller {
}
}
public function addComment (Request $request) { // /api/rpc/user/comment/add
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function addComment (Request $r) { // /api/rpc/user/comment/add
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['usr_addcomment'] == 1) {
$add = DB::table('usr_comments')
->insertGetId([
'user_id' => $check,
'profile_id' => $request->profile_id,
'reply_id' => ($request->reply_id > 0 ? $request->reply_id : 0),
'profile_id' => $r->profile_id,
'reply_id' => ($r->reply_id > 0 ? $r->reply_id : 0),
'postdate' => time(),
'message' => $request->message,
'message' => $r->message,
'isEdit' => 0,
'isDel' => 0
]);
if ($check != $request->profile_id) $this->addNotification($request, $request->profile_id, 2, '新規プロファイルコメント', 'profile/'.$request->profile_id, 'comment-'.$add);
if ($check != $r->profile_id) $this->addNotification($r, $r->profile_id, 2, '新規プロファイルコメント', 'profile/'.$r->profile_id, 'comment-'.$add);
return \Response::json($add);
}
@ -774,20 +774,20 @@ class UserController extends Controller {
}
}
public function editComment (Request $request) { // /api/rpc/user/comment/edit
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function editComment (Request $r) { // /api/rpc/user/comment/edit
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['usr_editowncomment'] == 1) {
DB::table('usr_comments')
->where('profile_id', $request->profile_id)
->where('profile_id', $r->profile_id)
->update([
'message' => $request->message,
'message' => $r->message,
'isEdit' => 1
]);
@ -799,18 +799,18 @@ class UserController extends Controller {
}
}
public function deleteComment (Request $request) { // /api/rpc/user/comment/delete
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function deleteComment (Request $r) { // /api/rpc/user/comment/delete
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['usr_delcomment'] == 1) {
DB::table('usr_comments')
->where('id', $request->id)
->where('id', $r->id)
->update([
'isDel' => 1
]);
@ -823,18 +823,18 @@ class UserController extends Controller {
}
}
public function undeleteComment (Request $request) { // /api/rpc/user/comment/undelete
$check = $this->objAuth->checkLegit($request->username, $request->password);
public function undeleteComment (Request $r) { // /api/rpc/user/comment/undelete
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check == 0) {
return 'Err!';
}
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$valid = $this->objAuth->getPermissions($r->kero_token);
if ($valid['usr_delcomment'] == 1) {
DB::table('usr_comments')
->where('id', $request->id)
->where('id', $r->id)
->update([
'isDel' => 0
]);
@ -848,7 +848,7 @@ class UserController extends Controller {
}
public function getNotification(Request $r) { // /api/rpc/user/notification/get
$check = $this->objAuth->checkLegit($r->username, $r->password);
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check != 0) {
$get = DB::table('usr_notification')
@ -878,7 +878,7 @@ class UserController extends Controller {
}
public function addNotification(Request $r, $uid, $aid, $txt, $sec, $goto) { // /api/rpc/user/notification/add
$check = $this->objAuth->checkLegit($r->username, $r->password);
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check != 0) {
$add = DB::table('usr_notification')
@ -895,7 +895,7 @@ class UserController extends Controller {
}
public function delNotification(Request $r) { // /api/rpc/user/notification/del
$check = $this->objAuth->checkLegit($r->username, $r->password);
$check = $this->objAuth->checkLegit($r->kero_token);
if ($check != 0) {
return DB::table('usr_notification')