このリポジトリは2023-09-09にアーカイブされています。 ファイルの閲覧とクローンは可能ですが、プッシュ、イシューの作成、プルリクエストはできません。

908 行
26 KiB
Raw 通常表示 履歴

2018-01-24 01:36:47 +09:00
namespace App\Http\Controllers;
use App\Models\ForUser;
2018-01-24 05:33:53 +09:00
use Illuminate\Support\Facades\DB;
2018-06-23 19:22:16 +09:00
use Illuminate\Support\Facades\File;
2018-06-22 19:43:14 +09:00
use Illuminate\Support\Facades\Storage;
2018-01-24 01:36:47 +09:00
use Illuminate\Http\Request;
2018-03-06 21:34:19 +09:00
use Illuminate\Contracts\Routing\ResponseFactory;
2018-01-24 01:36:47 +09:00
use Illuminate\Support\Facades\Log;
2018-02-07 00:58:54 +09:00
use Tymon\JWTAuth\Facades\JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;
2018-01-24 01:36:47 +09:00
use App\Http\Controllers\AuthController;
2018-03-02 00:59:26 +09:00
2018-01-24 01:36:47 +09:00
class UserController extends Controller {
private $objAuth;
public function __construct() {
$this->objAuth = new AuthController();
// User
public function getUsersOnline() { // /api/rpc/user/user/getusersonline
$cols = $this->getGroupColours()->toArray();
$get = DB::table('users')
->join('usr_details', 'usr_details.user_id', '=', 'users.id')
->join('usr_profile', 'usr_profile.user_id', '=', 'users.id')
->join('usr_perm_id', 'usr_perm_id.user_id', '=', 'users.id')
->orderBy('display_name', 'asc')
->orderBy('username', 'asc')
$res = array();
foreach ($get as $i) {
$showName = "";
$showCol = "";
$showStatus = "";
$showAva = "";
if ($i->display_name !== '') {
$showName = $i->display_name;
else {
$showName = $i->username;
if ($i->name_style !== '') {
$showCol = $i->name_style;
else {
foreach($cols as $cl) {
if ($cl->id === $i->perm_id) {
if ($i->gender === 1) $showCol = $cl->colour_m;
else if ($i->gender === 2) $showCol = $cl->colour_f;
else $showCol = $cl->colour_u;
if ($i->ostatus == 1) {
$showStatus = "green";
else if ($i->ostatus == 2) {
$showStatus = "red";
else if ($i->ostatus == 3) {
$showStatus = "yellow";
else {
$showStatus = "dark";
if (empty($i->avatar)) {
$showAva = "assets/avatars/haznoavaz.png";
else {
$showAva = $i->avatar;
$res[] = array(
'id' => $i->id,
'display_name' => $showName,
'name_style' => $showCol,
'avatar' => $showAva,
'status' => $showStatus,
'ontime' => $i->ontime
2018-06-19 19:17:05 +09:00
return $res;
2018-06-19 19:17:05 +09:00
public function updateUserStatus(Request $request) { // /api/rpc/user/user/updateuserstatus
$check = $this->objAuth->checkLegit($request->username, $request->password);
2018-06-19 19:17:05 +09:00
if ($check != 0) {
return DB::table('usr_profile')
->where('user_id', $check)
'ostatus' => $request->ostatus
2018-06-19 19:17:05 +09:00
public function updateUserOnline(Request $request) { // /api/rpc/user/user/updateuseronline
$check = $this->objAuth->checkLegit($request->username, $request->password);
2018-06-19 19:17:05 +09:00
if ($check != 0) {
return DB::table('usr_details')
->where('user_id', $check)
'ontime' => time()
public function getUsers(Request $request) { // /api/rpc/user/user/getusers
$getting = array(
'usr_perm_module.name as group_name',
$valid = $this->objAuth->getPermissions($request->username, $request->password);
if ($valid['usr_emailshow'] == 1) {
array_push($getting, 'users.email');
if ($valid['usr_ipshow'] == 1) {
array_push($getting, 'usr_profile.ip_address');
2018-04-18 23:18:59 +09:00
return DB::table('users')
->join('usr_details', 'usr_details.user_id', '=', 'users.id')
->join('usr_profile', 'usr_profile.user_id', '=', 'users.id')
->join('usr_perm_id', 'usr_perm_id.user_id', '=', 'users.id')
->join('usr_perm_module', 'usr_perm_module.id', 'usr_perm_id.perm_id')
2019-02-05 10:36:23 +09:00
->orderBy('usr_details.reg_date', 'asc')
public function getUser($id, Request $request) { // /api/rpc/user/user/getuser/id/uid
$getting = array(
'usr_perm_module.name as group_name',
2019-03-11 19:00:33 +09:00
'usr_profile.post_style as poststyle',
$check = $this->objAuth->checkLegit($request->username, $request->password);
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$cols = $this->getGroupColours()->toArray();
if ($valid['usr_editother'] == 1 || $id == $check) {
array_push($getting, 'users.password');
2018-04-18 23:18:59 +09:00
if ($valid['usr_emailshow'] == 1 || $id == $check) {
array_push($getting, 'users.email');
2018-04-18 23:18:59 +09:00
if ($valid['usr_ipshow'] == 1 || $id == $check) {
array_push($getting, 'usr_profile.ip_address');
if ($valid['usr_canwarn'] == 1 || $id == $check) {
array_push($getting, 'usr_details.strikes');
return DB::table('users')
->join('usr_details', 'usr_details.user_id', '=', 'users.id')
->join('usr_profile', 'usr_profile.user_id', '=', 'users.id')
->join('usr_contacts', 'usr_contacts.user_id', '=', 'users.id')
->join('usr_perm_id', 'usr_perm_id.user_id', '=', 'users.id')
->join('usr_perm_module', 'usr_perm_module.id', 'usr_perm_id.perm_id')
->where('users.id', $id)
public function getExist($username, $email) { // /api/rpc/user/user/getexist/username/email
$isExist = DB::table('users')
->select('username', 'email')
->where('username', mb_strtolower($username))
->orWhere('email', mb_strtolower($email))
return $isExist->count();
public function getPostStyle($id) { // /api/rpc/user/user/getpoststyle/id
return DB::table('users')
->select('header', 'footer')
->where('id', $id)
public function getGroups() { // /api/rpc/user/user/getgroups
return DB::table('usr_perm_module')
->select('id', 'name', 'colour_m', 'colour_f', 'colour_u')
public function getGroupName($id) { // /api/rpc/user/user/getgroupname/id
return DB::table('usr_perm_module')
->join('usr_perm_id', 'usr_perm_id.perm_id', '=', 'usr_perm_module.id')
->where('user_id', $id)
// 'badge' (this is a pipeline feature, please don't uncomment for now!)
public function getGroupColours() { // /api/rpc/user/user/getgroupcolours
return DB::table('usr_perm_module')
// Owner
public function getOwnerList() { // /api/rpc/user/owner/getownerlist
$user_data = DB::table('users')
->join('usr_profile', 'usr_profile.user_id', '=', 'users.id')
->orderBy('id', 'asc')
->get(array('id', 'username', 'display_name'));
$result = array();
foreach ($user_data as $u) {
$name = '';
if (!empty($u->display_name)) {
$name = $u->display_name;
else {
$name = $u->username;
array_push($result, [
'value' => $u->id,
'label' => $name,
return $result;
public function countOwnersOfEntry($file_id) { // /api/rpc/user/owner/countownersofentry/id
return DB::table('str_owners')
->where('file_id', $file_id)
public function getOwnersOfEntry($file_id) { // /api/rpc/user/owner/getownersofentry/id
return DB::table('str_owners')
->join('str_file', 'str_owners.file_id', '=', 'str_file.id')
->join('users', 'str_owners.user_id', '=', 'users.id')
->join('usr_details', 'usr_details.user_id', '=', 'str_owners.user_id')
->join('usr_profile', 'usr_profile.user_id', '=', 'str_owners.user_id')
->join('usr_perm_id', 'usr_perm_id.user_id', '=', 'str_owners.user_id')
->where('file_id', $file_id)
public function countEntriesOfOwner($user_id) { // /api/rpc/user/owner/countentriesofowner/id
return DB::table('str_owners')
->where('user_id', $user_id)
public function getEntriesOfOwner($user_id) { // /api/rpc/user/owner/getentriesofowner/id
return DB::table('str_owners')
->join('str_file', 'str_owners.file_id', '=', 'str_file.id')
->join('users', 'str_owners.user_id', '=', 'users.id')
->join('usr_details', 'usr_details.user_id', '=', 'str_owners.user_id')
->join('usr_profile', 'usr_profile.user_id', '=', 'str_owners.user_id')
->join('usr_perm_id', 'usr_perm_id.user_id', '=', 'str_owners.user_id')
->where('user_id', $user_id)
public function getTotalPostCount($id) { // /api/rpc/user/user/gettotalpostcount/id
return DB::table('usr_details')
->where('user_id', $id)
public function getTotalTopicCount($id) { // /api/rpc/user/user/gettotaltopiccount/id
return DB::table('usr_details')
->where('user_id', $id)
public function addOwner(Request $request) { // /api/rpc/user/owner/addowner
$check = $this->objAuth->checkLegit($request->username, $request->password);
if ($check == 0) {
return 'Err!';
else {
$add = DB::table('str_owners')
'user_id' => $request->user_id,
'file_id' => $request->file_id
return \Response::json($add);
public function updateTotalPostCount(Request $request) { // /api/rpc/user/user/updatetotalpostcount
$check = $this->objAuth->checkLegit($request->username, $request->password);
if ($check == 0) {
return 'Err!';
else {
$getPC = $this->getTotalPostCount($check);
return DB::table('usr_details')
->where('user_id', $check)
'total_posts' => $getPC
2018-03-02 00:59:26 +09:00
public function updateTotalTopicCount(Request $request) { // /api/rpc/user/user/updatetotaltopiccount
$check = $this->objAuth->checkLegit($request->username, $request->password);
if ($check == 0) {
return 'Err!';
else {
$getPC = $this->getTotalPostCount($request->user_id);
$getTC = $this->getTotalTopicCount($request->user_id);
return DB::table('usr_details')
->where('user_id', $request->user_id)
'total_posts' => $getPC,
'total_threads' => $getTC
2018-05-02 19:10:05 +09:00
public function getCountries() { // /api/rpc/user/user/getcountries
$flags = File::files('assets/flags');
2018-03-02 00:59:26 +09:00
$res = array();
2018-03-02 00:59:26 +09:00
foreach ($flags as $flag) {
$protocol = isset($_SERVER["HTTPS"]) ? 'https' : 'http';
2018-03-02 00:59:26 +09:00
$res[] = array(
'value' => $flag->getBasename('.png'),
'label' => '<img src="'.$protocol.'://'.$_SERVER['SERVER_NAME'].'/'.$flag->getPathname().'" /> '.$flag->getBasename('.png')
return $res;
2018-02-15 22:43:45 +09:00
public function avatarUpload(Request $request) { // /api/rpc/user/user/avatarupload
$check = $this->objAuth->checkLegit($request->username, $request->password);
2018-02-15 22:43:45 +09:00
if ($check == 0) {
return 'Err!';
2018-02-06 19:51:43 +09:00
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
$user = 0;
if ($valid['usr_editother'] == 1) $user = $request->id;
else $user = $check;
if ($valid['usr_editprofile'] == 1) {
if (isset($request->filename)) {
if (!is_dir("assets/avatars/".$check)) {
if (!mkdir("assets/avatars/".$check, 0755, true)) {
return "Could not make folder ".$check."<br />";
$img_dir = "assets/avatars/".$check."/";
$image = $img_dir . $request->filename;
$imageFileType = array(
if (!in_array($request->filetype, $imageFileType)) {
return "Only JPG, PNG, JPEG, and GIF are allowed.";
$fname = 'assets/avatars/'.$user.'/'.$request->filename;
$data = base64_decode(preg_replace('#^data:image/\w+;base64,#i', '', $request->thefile));
Storage::disk('public')->put($fname, $data);
return $request->filename;
else {
return 'Permission denied.';
2018-04-18 00:28:21 +09:00
2018-04-18 00:28:21 +09:00
public function editUser(Request $request) { // /api/rpc/user/user/edit
$check = $this->objAuth->checkLegit($request->username, $request->password);
2018-02-15 00:54:43 +09:00
if ($check == 0) {
return 'Err!';
2018-01-24 01:36:47 +09:00
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
if ($valid['usr_editprofile'] == 1) {
if (isset($request->newPassword)) {
->where('id', $request->id)
'password' => $request->newPassword
2018-03-06 21:00:35 +09:00
if (isset($request->email)) {
->where('id', $request->id)
'email' => $request->email
if (
isset($request->website_link) ||
isset($request->website_name) ||
isset($request->youtube_link) ||
isset($request->youtube_name) ||
isset($request->niconico) ||
isset($request->pixiv) ||
isset($request->discord) ||
isset($request->mastodon) ||
) {
->where('user_id', $request->id)
'website_link' => ($request->website_link != '' ? $request->website_link : ''),
'website_name' => ($request->website_name != '' ? $request->website_name : ''),
'youtube_link' => ($request->youtube_link != '' ? $request->youtube_link : ''),
'youtube_name' => ($request->youtube_name != '' ? $request->youtube_name : ''),
'niconico' => ($request->niconico != '' ? $request->niconico : ''),
'pixiv' => ($request->pixiv != '' ? $request->pixiv : ''),
'discord' => ($request->discord != '' ? $request->discord : ''),
'mastodon' => ($request->mastodon != '' ? $request->mastodon : ''),
'twitter' => ($request->twitter != '' ? $request->twitter : '')
2018-03-06 21:34:19 +09:00
if (isset($request->group) && $valid['usr_editother']) {
->where('user_id', $request->id)
'perm_id' => $request->group
2018-02-16 23:09:35 +09:00
if (isset($request->avatar)) {
->where('user_id', $request->id)
'avatar' => ($request->avatar != '' ? $request->avatar : '')
2018-06-23 19:22:16 +09:00
if (isset($request->avatarRemove)) {
if ($request->avatarRemove) {
->where('user_id', $request->id)
'avatar' => ''
if (
isset($request->gender) ||
isset($request->aboutSelf) ||
isset($request->signature) ||
2019-03-11 19:00:33 +09:00
isset($request->poststyle) ||
isset($request->nameStyle) ||
isset($request->displayName) ||
isset($request->memberTitle) ||
isset($request->birthDay) ||
) {
->where('user_id', $request->id)
'gender' => $request->gender,
'bio' => ($request->aboutSelf != '' ? $request->aboutSelf : ''),
2019-03-11 19:00:33 +09:00
'post_style' => ($request->poststyle != '' ? $request->poststyle : ''),
'signature' => ($request->signature != '' ? $request->signature : ''),
'name_style' => ($request->nameStyle != '' ? $request->nameStyle : ''),
'display_name' => ($request->displayName != '' ? $request->displayName : ''),
'member_title' => ($request->memberTitle != '' ? $request->memberTitle : ''),
'birthday' => ($request->birthDay != 0 ? $request->birthDay : 0),
'country' => $request->country
2018-06-23 19:22:16 +09:00
return 'Success!';
else {
return 'Permission denied.';
2018-06-23 19:22:16 +09:00
public function countComments($id) { // /api/rpc/user/comment/count/id
return DB::table('usr_comments')
->where('profile_id', $id)
public function getComments ($id, Request $request) { // /api/rpc/user/comment/get/id
$cols = $this->getGroupColours()->toArray();
$valid = $this->objAuth->getPermissions($request->username, $request->password);
if ($valid['usr_viewcomment'] == 1) {
$come = array();
$get = DB::table('usr_comments')
->where('profile_id', $id)
->where('reply_id', 0)
->orderBy('usr_comments.postdate', 'asc')
'usr_comments.id as come_id',
// Foreach, new getter but check on replies, and only if isDel is 0.
foreach ($get as $g) {
$user = $this->getUser($g->user_id, $request)->toArray();
$showName = "";
$showCol = "";
if ($user[0]->display_name !== '') {
$showName = $user[0]->display_name;
2018-06-22 19:43:14 +09:00
else {
$showName = $user[0]->username;
2018-06-22 19:43:14 +09:00
if ($user[0]->name_style !== '') {
$showCol = $user[0]->name_style;
2018-04-17 16:31:31 +09:00
else {
foreach($cols as $cl) {
if ($cl->id === $user[0]->perm_id) {
if ($user[0]->gender === 1) $showCol = $cl->colour_m;
else if ($user[0]->gender === 2) $showCol = $cl->colour_f;
else $showCol = $cl->colour_u;
2018-04-17 16:31:31 +09:00
2018-04-17 16:31:31 +09:00
2018-08-03 14:28:41 +09:00
setlocale(LC_ALL, 'ja_JP.utf8');
2018-08-03 14:28:41 +09:00
$come[] = array(
'come_id' => $g->come_id,
'user_id' => $g->user_id,
'name' => $showName,
'avatar' => ($user[0]->avatar != '' ? $user[0]->avatar : 'assets/avatars/haznoavaz.png'),
'col' => $showCol,
'message' => $g->message,
2019-02-26 18:25:41 +09:00
'postdate' => strftime('%Y/%m/%d(%a) %H:%M:%S %Z', $g->postdate),
'isEdit' => $g->isEdit,
'isDel' => $g->isDel
2018-08-03 14:28:41 +09:00
return $come;
2018-08-03 14:28:41 +09:00
else {
return 'Permission denied.';
public function getReplies ($id, Request $request) { // /api/rpc/user/comment/reply/id
$cols = $this->getGroupColours()->toArray();
$valid = $this->objAuth->getPermissions($request->username, $request->password);
if ($valid['usr_viewcomment'] == 1) {
$come = array();
$get = DB::table('usr_comments')
->where('reply_id', $id)
->orderBy('usr_comments.postdate', 'asc')
'usr_comments.id as come_id',
// Foreach, new getter but check on replies, and only if isDel is 0.
foreach ($get as $g) {
$user = $this->getUser($g->user_id, $request)->toArray();
$showName = "";
$showCol = "";
if ($user[0]->display_name !== '') {
$showName = $user[0]->display_name;
2018-08-03 14:28:41 +09:00
else {
$showName = $user[0]->username;
2018-08-03 14:28:41 +09:00
if ($user[0]->name_style !== '') {
$showCol = $user[0]->name_style;
2018-08-03 14:28:41 +09:00
else {
foreach($cols as $cl) {
if ($cl->id === $user[0]->perm_id) {
if ($user[0]->gender === 1) $showCol = $cl->colour_m;
else if ($user[0]->gender === 2) $showCol = $cl->colour_f;
else $showCol = $cl->colour_u;
2018-08-03 14:28:41 +09:00
setlocale(LC_ALL, 'ja_JP.utf8');
$come[] = array(
'reply_id' => $g->reply_id,
'come_id' => $g->come_id,
'user_id' => $g->user_id,
'name' => $showName,
'avatar' => ($user[0]->avatar != '' ? $user[0]->avatar : 'assets/avatars/haznoavaz.png'),
'col' => $showCol,
'message' => $g->message,
2019-02-26 18:25:41 +09:00
'postdate' => strftime('%Y/%m/%d(%a) %H:%M:%S %Z', $g->postdate),
'isEdit' => $g->isEdit,
'isDel' => $g->isDel
return $come;
else {
return 'Permission denied.';
2018-08-03 14:28:41 +09:00
2018-08-03 14:28:41 +09:00
public function addComment (Request $request) { // /api/rpc/user/comment/add
$check = $this->objAuth->checkLegit($request->username, $request->password);
2018-08-03 14:28:41 +09:00
if ($check == 0) {
return 'Err!';
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
if ($valid['usr_addcomment'] == 1) {
$add = DB::table('usr_comments')
2019-03-17 07:00:22 +09:00
'user_id' => $check,
'profile_id' => $request->profile_id,
'reply_id' => ($request->reply_id > 0 ? $request->reply_id : 0),
'postdate' => time(),
'message' => $request->message,
'isEdit' => 0,
'isDel' => 0
2019-03-17 07:00:22 +09:00
if ($check != $request->profile_id) $this->addNotification($request, $request->profile_id, 2, '新規プロファイルコメント', 'profile/'.$request->profile_id, 'comment-'.$add);
return \Response::json($add);
else {
return 'Permission denied.';
2018-08-03 14:28:41 +09:00
public function editComment (Request $request) { // /api/rpc/user/comment/edit
$check = $this->objAuth->checkLegit($request->username, $request->password);
2018-08-03 14:28:41 +09:00
if ($check == 0) {
return 'Err!';
2018-08-03 14:28:41 +09:00
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
if ($valid['usr_editowncomment'] == 1) {
->where('profile_id', $request->profile_id)
'message' => $request->message,
'isEdit' => 1
return 'Success!';
else {
return 'Permission denied.';
2018-08-03 14:28:41 +09:00
public function deleteComment (Request $request) { // /api/rpc/user/comment/delete
$check = $this->objAuth->checkLegit($request->username, $request->password);
2018-08-03 14:28:41 +09:00
if ($check == 0) {
return 'Err!';
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
if ($valid['usr_delcomment'] == 1) {
->where('id', $request->id)
'isDel' => 1
return 'Success!';
else {
return 'Permission denied.';
2018-08-03 14:28:41 +09:00
public function undeleteComment (Request $request) { // /api/rpc/user/comment/undelete
$check = $this->objAuth->checkLegit($request->username, $request->password);
2018-08-03 14:28:41 +09:00
if ($check == 0) {
return 'Err!';
else {
$valid = $this->objAuth->getPermissions($request->username, $request->password);
if ($valid['usr_delcomment'] == 1) {
->where('id', $request->id)
'isDel' => 0
return 'Success!';
else {
return 'Permission denied.';
2018-08-03 14:28:41 +09:00
2019-03-17 07:00:22 +09:00
public function getNotification(Request $r) { // /api/rpc/user/notification/get
$check = $this->objAuth->checkLegit($r->username, $r->password);
if ($check != 0) {
$get = DB::table('usr_notification')
->select('id', 'app_id', 'text', 'section', 'goto')
->where('user_id', $check)
$res = array();
foreach ($get as $g) {
$prot = DB::table('sys_settings')->select('protocol')->first()->protocol;
$goto = DB::table('sys_apps')->select('url')->where('id', $g->app_id)->first()->url;
$res[] = array(
'id' => $g->id,
'text' => $g->text,
'url' => 'http'.($prot == 1 ? 's' : '').'://'.$goto.'/#/'.$g->section
return $res;
else {
return array();
public function addNotification(Request $r, $uid, $aid, $txt, $sec, $goto) { // /api/rpc/user/notification/add
$check = $this->objAuth->checkLegit($r->username, $r->password);
if ($check != 0) {
$add = DB::table('usr_notification')
'user_id' => $uid,
'app_id' => $aid,
'text' => $txt,
'section' => $sec,
'goto' => $goto
return 1;
public function delNotification(Request $r) { // /api/rpc/user/notification/del
$check = $this->objAuth->checkLegit($r->username, $r->password);
if ($check != 0) {
return DB::table('usr_notification')
->where('id', $r->id)
->where('user_id', $check)
2018-01-24 01:36:47 +09:00