diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php index 1f5aaeb..049566d 100644 --- a/app/Http/Controllers/AuthController.php +++ b/app/Http/Controllers/AuthController.php @@ -18,8 +18,8 @@ class AuthController extends Controller { $this->objPermission = new PermissionController(); } - public function checkSelf(Request $request) { // /api/auth/checkself - $check = $this->checkLegit($request->kero_token); + public function checkSelf(Request $r) { // /api/auth/checkself + $check = $this->checkLegit($r->kero_token); return array($check); } @@ -37,8 +37,8 @@ class AuthController extends Controller { return $check->id; } - public function getPerms(Request $request) { // /api/auth/getpermissions - $check = $this->getPermissions($request->kero_token); + public function getPerms(Request $r) { // /api/auth/getpermissions + $check = $this->getPermissions($r->kero_token); return array($check); } @@ -236,17 +236,17 @@ class AuthController extends Controller { } } - public function register(Request $request) { + public function register(Request $r) { $ip = $_SERVER['REMOTE_ADDR']; // Anti-spam here. - if (!empty($request)) { + if (!empty($r)) { // Check username. //// Exists? $existUser = DB::table('users') ->select('id') - ->where('username', $request->username) + ->where('username', $r->username) ->first(); if ($existUser != 0) { @@ -254,18 +254,18 @@ class AuthController extends Controller { } //// Empty? - if (empty($request->username)) { + if (empty($r->username)) { return array('Username is empty.'); } //// Valid? - if (preg_match("/^[a-zA-Z0-9]+$/", $request->username) == 0) { + if (preg_match("/^[a-zA-Z0-9]+$/", $r->username) == 0) { return array('Please use English characters only.'); } // Check password. //// Empty? - if (empty($request->password)) { + if (empty($r->password)) { return array('Password is empty.'); } @@ -273,7 +273,7 @@ class AuthController extends Controller { //// Exists? $existEmail = DB::table('users') ->select('id') - ->where('email', $request->email) + ->where('email', $r->email) ->first(); if ($existEmail != 0) { @@ -281,17 +281,17 @@ class AuthController extends Controller { } //// Empty? - if (empty($request->email)) { + if (empty($r->email)) { return array('Email is empty.'); } //// Valid? - if (!filter_var($request->email, FILTER_VALIDATE_EMAIL)) { + if (!filter_var($r->email, FILTER_VALIDATE_EMAIL)) { return array('Email is invalid.'); } $salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647)); - $passwd = hash('sha256', $request->password . $salt); + $passwd = hash('sha256', $r->password . $salt); for ($round = 0; $round < 65536; $round++) { $passwd = hash('sha256', $passwd . $salt); @@ -299,8 +299,8 @@ class AuthController extends Controller { $addUser = DB::table('users') ->insertGetId([ - 'username' => $request->username, - 'email' => $request->email, + 'username' => $r->username, + 'email' => $r->email, 'password' => $passwd, 'salt' => $salt, 'remember_token' => '', @@ -336,7 +336,7 @@ class AuthController extends Controller { DB::table('usr_profile') ->insert([ 'user_id' => $addUser, - 'gender' => ($request->gender ? $request->gender : 0), + 'gender' => ($r->gender ? $r->gender : 0), 'member_title' => '', 'website_address' => '', 'website_name' => '', @@ -353,7 +353,7 @@ class AuthController extends Controller { 'name_style' => '', 'display_name' => '', 'yt_channel' => '', - 'country' => ($request->country ? $request->country : 'ASEAN'), + 'country' => ($r->country ? $r->country : 'ASEAN'), 'date_format' => '', 'isClock24' => 0, 'isShowSeconds' => 0, @@ -381,11 +381,11 @@ class AuthController extends Controller { return array(); } - public function login(Request $request) { - if (!empty($request)) { + public function login(Request $r) { + if (!empty($r)) { $checkName = DB::table('users') ->select('*') - ->where('username', $request->username) + ->where('username', $r->username) ->first( 'id', 'username', @@ -395,7 +395,7 @@ class AuthController extends Controller { ); // $checkName = json_decode(json_encode($checkName), true); - $checkPass = hash('sha256', $request->password . $checkName->salt); + $checkPass = hash('sha256', $r->password . $checkName->salt); for ($round = 0; $round < 65536; $round++) { $checkPass = hash('sha256', $checkPass . $checkName->salt); @@ -444,8 +444,8 @@ class AuthController extends Controller { else return 1; } - public function SendReset(Request $request) { - $exist = $this->CheckEmail($request->email); + public function SendReset(Request $r) { + $exist = $this->CheckEmail($r->email); if ($exist == 0) { return 0; @@ -453,12 +453,12 @@ class AuthController extends Controller { else { $check = DB::table('usr_resets') ->select('token') - ->where('email', $request->email) + ->where('email', $r->email) ->count(); if ($check > 0) { DB::table('usr_resets') - ->where('email', $request->email) + ->where('email', $r->email) ->delete(); } @@ -467,7 +467,7 @@ class AuthController extends Controller { DB::table('usr_resets') ->insert([ - 'email' => $request->email, + 'email' => $r->email, 'token' => $token, 'due_date' => $due ]); @@ -478,7 +478,7 @@ class AuthController extends Controller { $user = DB::table('users') ->select('username') - ->where('email', $request->email) + ->where('email', $r->email) ->first(); $mess = str_replace('{user}', $user->username, $get->message); @@ -489,13 +489,13 @@ class AuthController extends Controller { $headers = "MIME-Version: 1.0"."\r\n"; $headers .= "Content-Type: text/plain; charset=ISO-2022-JP"."\r\n"; - $headers .= "To: ".$request->email."\r\n"; + $headers .= "To: ".$r->email."\r\n"; $headers .= "From: ".mb_convert_encoding($get->sendname,"ISO-2022-JP","AUTO")." <".$get->sender.">"."\r\n"; mb_language("ja"); $res = mail( - $request->email, + $r->email, $subj, $mess2, $headers, @@ -527,20 +527,20 @@ class AuthController extends Controller { } } - public function PasswordReset(Request $request) { - if (empty($request->password)) { + public function PasswordReset(Request $r) { + if (empty($r->password)) { return 0; } $salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647)); - $passwd = hash('sha256', $request->password . $salt); + $passwd = hash('sha256', $r->password . $salt); for ($round = 0; $round < 65536; $round++) { $passwd = hash('sha256', $passwd . $salt); } $res = DB::table('users') - ->where('email', $request->email) + ->where('email', $r->email) ->update([ 'password' => $passwd, 'salt' => $salt @@ -549,15 +549,15 @@ class AuthController extends Controller { return 1; } - public function recover(Request $request) { - $user = User::where('email', $request->email)->first(); + public function recover(Request $r) { + $user = User::where('email', $r->email)->first(); if (!$user) { $error_message = "Your email address was not found."; return response()->json(['success' => false, 'error' => ['email'=> $error_message]], 401); } try { - Password::sendResetLink($request->only('email'), function (Message $message) { + Password::sendResetLink($r->only('email'), function (Message $message) { $message->subject('Your Password Reset Link'); }); } catch (\Exception $e) { @@ -570,10 +570,10 @@ class AuthController extends Controller { ]); } - public function checkAuth(Request $request) { + public function checkAuth(Request $r) { $get = DB::table('users') ->select('id', 'kero_token') - ->where('kero_token', $request->kero_token) + ->where('kero_token', $r->kero_token) ->first(); $get = json_decode(json_encode($get), true); diff --git a/app/Http/Controllers/BoardController.php b/app/Http/Controllers/BoardController.php index b0c11a1..0a6f4e0 100644 --- a/app/Http/Controllers/BoardController.php +++ b/app/Http/Controllers/BoardController.php @@ -43,14 +43,14 @@ class BoardController extends Controller { ->get(); } - public function checkRead($for, $top, $username, $password) { - $check = $this->objAuth->checkLegit($username, $password); + public function checkRead($for, $top, $kero_token) { + $check = $this->objAuth->checkLegit($kero_token); if ($check == 0) { $yetToRead = false; } else { - $valid = $this->objAuth->getPermissions($username, $password); + $valid = $this->objAuth->getPermissions($kero_token); $yetToRead = false; if ($valid['for_canview']) { @@ -66,14 +66,14 @@ class BoardController extends Controller { $isRead[] = array('id' => $top); } - foreach ($isRead as $r) { + foreach ($isRead as $read) { $rid = 0; if ($for != 0) { - $rid = $r->id; + $rid = $read->id; } else { - $rid = $r['id']; + $rid = $read['id']; } $get = DB::table('for_read') @@ -105,14 +105,14 @@ class BoardController extends Controller { return $yetToRead; } - public function markReadAll (Request $request) { - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function markReadAll (Request $r) { + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Guests can\'t read'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_canview']) { $tid = DB::table('for_threads') @@ -126,8 +126,8 @@ class BoardController extends Controller { ->count(); if ($chk) { - $request->top_id = $t->id; - $this->readTopic($request); + $r->top_id = $t->id; + $this->readTopic($r); } else { $getPost = DB::table('for_posts') @@ -154,19 +154,19 @@ class BoardController extends Controller { } } - public function markReadCat (Request $request) { - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function markReadCat (Request $r) { + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Guests can\'t read'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_canview']) { $fid = DB::table('for_forums') ->select('id') - ->where('cat_id', $request->cat_id) + ->where('cat_id', $r->cat_id) ->get(); foreach ($fid as $f) { @@ -182,8 +182,8 @@ class BoardController extends Controller { ->count(); if ($chk) { - $request->top_id = $t->id; - $this->readTopic($request); + $r->top_id = $t->id; + $this->readTopic($r); } else { $getPost = DB::table('for_posts') @@ -211,19 +211,19 @@ class BoardController extends Controller { } } - public function markRead (Request $request) { - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function markRead (Request $r) { + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Guests can\'t read'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_canview']) { $tid = DB::table('for_threads') ->select('id') - ->where('for_id', $request->for_id) + ->where('for_id', $r->for_id) ->get(); foreach ($tid as $t) { @@ -233,8 +233,8 @@ class BoardController extends Controller { ->count(); if ($chk) { - $request->top_id = $t->id; - $this->readTopic($request); + $r->top_id = $t->id; + $this->readTopic($r); } else { $getPost = DB::table('for_posts') @@ -261,25 +261,25 @@ class BoardController extends Controller { } } - public function readTopic(Request $request) { // /api/rpc/board/topic/read - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function readTopic(Request $r) { // /api/rpc/board/topic/read + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Guests can\'t read'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_canview']) { $getRead = DB::table('for_read') ->select('view_time') ->where('user_id', $check) - ->where('top_id', $request->top_id) + ->where('top_id', $r->top_id) ->first(); $getPost = DB::table('for_posts') ->select('post_date') - ->where('top_id', $request->top_id) + ->where('top_id', $r->top_id) ->orderBy('post_date', 'desc') ->limit(1) ->first(); @@ -287,7 +287,7 @@ class BoardController extends Controller { if ($getRead->view_time < $getPost->post_date) { DB::table('for_read') ->where('user_id', $check) - ->where('top_id', $request->top_id) + ->where('top_id', $r->top_id) ->update([ 'view_time' => $getPost->post_date ]); @@ -303,20 +303,20 @@ class BoardController extends Controller { } } - public function addCategory(Request $request) { // /api/rpc/board/category/add - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function addCategory(Request $r) { // /api/rpc/board/category/add + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_catmod'] == 1) { $add = DB::table('for_category') ->insertGetId([ - 'title' => $request->title, - 'order' => $request->order + 'title' => $r->title, + 'order' => $r->order ]); return $add; @@ -327,37 +327,37 @@ class BoardController extends Controller { } } - public function editCategory(Request $request) { // /api/rpc/board/category/edit - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editCategory(Request $r) { // /api/rpc/board/category/edit + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_catmod'] == 1) { return DB::table('for_category') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'id' => $request->id, - 'title' => $request->title + 'id' => $r->id, + 'title' => $r->title ]); } } } - public function deleteCategory(Request $request) { // /api/rpc/board/category/delete - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function deleteCategory(Request $r) { // /api/rpc/board/category/delete + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_catmod'] == 1) { - return DB::table('for_category')->where('id', $request->id)->delete(); + return DB::table('for_category')->where('id', $r->id)->delete(); } } } @@ -407,30 +407,30 @@ class BoardController extends Controller { ->get(); } - public function addForum(Request $request) { // /api/rpc/board/forum/add - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function addForum(Request $r) { // /api/rpc/board/forum/add + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_formod'] == 1) { $add = DB::table('for_forums') ->insertGetId([ 'last_uid' => 0, - 'cat_id' => $request->cat_id, - 'title' => $request->title, - 'description' => $request->description, + 'cat_id' => $r->cat_id, + 'title' => $r->title, + 'description' => $r->description, 'threads' => 0, 'posts' => 0, 'last_date' => 0, 'min_power' => 0, 'permission' => 0, - 'readonly' => $request->ro, - 'post_count_freeze' => $request->pcf, - 'order' => $request->order, + 'readonly' => $r->ro, + 'post_count_freeze' => $r->pcf, + 'order' => $r->order, 'parent' => 0 ]); @@ -442,40 +442,40 @@ class BoardController extends Controller { } } - public function editForum(Request $request) { // /api/rpc/board/forum/edit - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editForum(Request $r) { // /api/rpc/board/forum/edit + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_formod'] == 1) { return DB::table('for_forums') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'cat_id' => $request->cat_id, - 'title' => $request->title, - 'description' => $request->description, - 'readonly' => $request->ro, - 'post_count_freeze' => $request->pcf + 'cat_id' => $r->cat_id, + 'title' => $r->title, + 'description' => $r->description, + 'readonly' => $r->ro, + 'post_count_freeze' => $r->pcf ]); } } } - public function deleteForum(Request $request) { // /api/rpc/board/forum/delete - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function deleteForum(Request $r) { // /api/rpc/board/forum/delete + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_formod'] == 1) { - return DB::table('for_forums')->where('id', $request->id)->delete(); + return DB::table('for_forums')->where('id', $r->id)->delete(); } } } @@ -726,7 +726,7 @@ class BoardController extends Controller { return $get; } - public function getPostsofUser($user_id, $from, $to, Request $request) { + public function getPostsofUser($user_id, $from, $to, Request $r) { $getting = array( 'for_posts.id', 'top_id', @@ -752,7 +752,7 @@ class BoardController extends Controller { 'country' ); - // $valid = $this->objAuth->getPermissions($request->username, $request->password); + // $valid = $this->objAuth->getPermissions($r->kero_token); return DB::table('for_posts') ->join('users', 'for_posts.user_id', '=', 'users.id') @@ -766,7 +766,7 @@ class BoardController extends Controller { ->get($getting); } - public function getUserPosts($top_id, $from, $to, Request $request) { // /api/rpc/board/post/getuserposts/top/from/to + public function getUserPosts($top_id, $from, $to, Request $r) { // /api/rpc/board/post/getuserposts/top/from/to $getting = array( 'for_posts.id', 'top_id', @@ -793,7 +793,7 @@ class BoardController extends Controller { 'country' ); - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); return DB::table('for_posts') ->join('users', 'for_posts.user_id', '=', 'users.id') @@ -807,7 +807,7 @@ class BoardController extends Controller { ->get($getting); } - public function getUserPost($id, Request $request) { // /api/rpc/board/post/getuserpost/id + public function getUserPost($id, Request $r) { // /api/rpc/board/post/getuserpost/id $getting = array( 'for_posts.id', 'top_id', @@ -834,7 +834,7 @@ class BoardController extends Controller { 'country' ); - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); return DB::table('for_posts') ->join('users', 'for_posts.user_id', '=', 'users.id') @@ -846,17 +846,17 @@ class BoardController extends Controller { ->get($getting); } - public function addTopic(Request $request) { // /api/rpc/board/topic/add - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function addTopic(Request $r) { // /api/rpc/board/topic/add + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_post'] == 1) { - $fpc = $this->getPostCountFreeze($request->for_id); + $fpc = $this->getPostCountFreeze($r->for_id); if ($fpc === 0) { $next = $this->getNextPostCount($check); @@ -866,8 +866,8 @@ class BoardController extends Controller { } $addTopic = DB::table('for_threads') ->insertGetId([ - 'for_id' => $request->for_id, - 'title' => $request->title, + 'for_id' => $r->for_id, + 'title' => $r->title, 'started_by' => $check, 'replies' => 0, 'views' => 0, @@ -885,12 +885,12 @@ class BoardController extends Controller { 'top_id' => $addTopic, 'user_id' => $check, 'post_date' => time(), - 'message' => $request->message, + 'message' => $r->message, 'delete' => 0, 'lastedit' => 0, - 'ipaddress' => $request->ipaddress, + 'ipaddress' => $r->ipaddress, 'delreason' => '', - 'nolayout' => $request->nolayout, + 'nolayout' => $r->nolayout, 'postcount' => $next ]); @@ -902,17 +902,17 @@ class BoardController extends Controller { } } - public function addPost(Request $request) { // /api/rpc/board/post/add - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function addPost(Request $r) { // /api/rpc/board/post/add + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_post'] == 1) { - $fid = $this->getForumIdFromTopic($request->top_id); + $fid = $this->getForumIdFromTopic($r->top_id); $fpc = $this->getPostCountFreeze($fid); if ($fpc === 0) { @@ -923,19 +923,19 @@ class BoardController extends Controller { } $add = DB::table('for_posts') ->insertGetId([ - 'top_id' => $request->top_id, + 'top_id' => $r->top_id, 'user_id' => $check, 'post_date' => time(), - 'message' => $request->message, + 'message' => $r->message, 'delete' => 0, 'lastedit' => 0, - 'ipaddress' => $request->ipaddress, + 'ipaddress' => $r->ipaddress, 'delreason' => '', - 'nolayout' => $request->nolayout, + 'nolayout' => $r->nolayout, 'postcount' => $next ]); - return $this->browseTopicPosts('p', $add, 0, 15, $request); + return $this->browseTopicPosts('p', $add, 0, 15, $r); } else { return 'Permission denied.'; @@ -943,56 +943,56 @@ class BoardController extends Controller { } } - public function editPost(Request $request) { // /api/rpc/board/post/edit - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editPost(Request $r) { // /api/rpc/board/post/edit + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_editother'] == 1 || $valid['for_editown'] == 1) { // TODO: differenciate own from other. return DB::table('for_posts') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ 'lastedit' => time(), - 'message' => $request->message, - 'nolayout' => $request->nolayout + 'message' => $r->message, + 'nolayout' => $r->nolayout ]); } } } - public function deletePost(Request $request) { // /api/rpc/board/post/delete - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function deletePost(Request $r) { // /api/rpc/board/post/delete + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_del'] == 1) { $s = db::table('for_posts') ->select('delete') - ->where('id', $request->id) + ->where('id', $r->id) ->first()->delete; if ($s === 1) { - $request->delreason = ''; + $r->delreason = ''; } DB::table('for_posts') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ 'delete' => ($s == 0 ? 1 : 0), - 'delreason' => $request->delreason + 'delreason' => $r->delreason ]); return array( 'delete' => ($s == 0 ? 1 : 0), - 'delreason' => $request->delreason + 'delreason' => $r->delreason ); } else { @@ -1001,23 +1001,23 @@ class BoardController extends Controller { } } - public function lockTopic(Request $request) { // /api/rpc/board/topic/lock - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function lockTopic(Request $r) { // /api/rpc/board/topic/lock + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_locky'] == 1) { $s = db::table('for_threads') ->select('lock') - ->where('id', $request->id) + ->where('id', $r->id) ->first()->lock; DB::table('for_threads') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ 'lock' => ($s == 0 ? 1 : 0) ]); @@ -1030,18 +1030,18 @@ class BoardController extends Controller { } } - public function unlockTopic(Request $request) { // /api/rpc/board/topic/unlock - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function unlockTopic(Request $r) { // /api/rpc/board/topic/unlock + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_locky'] == 1) { return DB::table('for_threads') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ 'lock' => 0 ]); @@ -1052,25 +1052,25 @@ class BoardController extends Controller { } } - public function moveTopic(Request $request) { // /api/rpc/board/topic/move - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function moveTopic(Request $r) { // /api/rpc/board/topic/move + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_move'] == 1) { $res = DB::table('for_threads') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'for_id' => $request->new_id + 'for_id' => $r->new_id ]); $for = DB::table('for_forums') ->select('title', 'cat_id') - ->where('id', $request->new_id) + ->where('id', $r->new_id) ->first(); $cat = DB::table('for_category') @@ -1079,7 +1079,7 @@ class BoardController extends Controller { ->first(); return array([ - 'fid' => $request->new_id, + 'fid' => $r->new_id, 'ftit' => $for->title, 'cid' => $for->cat_id, 'ctit' => $cat->title @@ -1091,38 +1091,38 @@ class BoardController extends Controller { } } - public function splitPost(Request $request) { // /api/rpc/board/post/split - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function splitPost(Request $r) { // /api/rpc/board/post/split + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_split'] == 1) { $uid = DB::table('for_posts') ->select('user_id') - ->where('id', $request->id) + ->where('id', $r->id) ->first(); $add = DB::table('for_threads') ->insertGetId([ - 'for_id' => $request->forId, - 'title' => $request->title, + 'for_id' => $r->forId, + 'title' => $r->title, 'started_by' => $uid->user_id, 'replies' => 0, 'views' => 0, 'last_date' => 0, 'last_uid' => 0, - 'sticky' => $request->sticky, + 'sticky' => $r->sticky, 'poll' => 0, 'read' => '', - 'lock' => $request->lock + 'lock' => $r->lock ]); DB::table('for_posts') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ 'top_id' => $add, ]); @@ -1135,24 +1135,24 @@ class BoardController extends Controller { } } - public function mergeTopic(Request $request) { // /api/rpc/board/topic/merge - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function mergeTopic(Request $r) { // /api/rpc/board/topic/merge + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_mergepost'] == 1) { DB::table('for_posts') - ->where('top_id', $request->id) + ->where('top_id', $r->id) ->update([ - 'top_id' => $request->alt_id + 'top_id' => $r->alt_id ]); DB::table('for_threads') - ->where('id', $request->id) + ->where('id', $r->id) ->delete(); return 'Success!'; @@ -1163,23 +1163,23 @@ class BoardController extends Controller { } } - public function pinTopic(Request $request) { // /api/rpc/board/topic/pin - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function pinTopic(Request $r) { // /api/rpc/board/topic/pin + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_sticky'] == 1) { $s = DB::table('for_threads') ->select('sticky') - ->where('id', $request->id) + ->where('id', $r->id) ->first(); DB::table('for_threads') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ 'sticky' => ($s->sticky == 0 ? 1 : 0) ]); @@ -1192,18 +1192,18 @@ class BoardController extends Controller { } } - public function unpinTopic(Request $request) { // /api/rpc/board/topic/unpin - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function unpinTopic(Request $r) { // /api/rpc/board/topic/unpin + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_sticky'] == 1) { return DB::table('for_threads') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ 'sticky' => 0 ]); @@ -1211,14 +1211,14 @@ class BoardController extends Controller { } } - public function getReadCategories (Request $request) { // /api/rpc/board/topic/getreadcategories + public function getReadCategories (Request $r) { // /api/rpc/board/topic/getreadcategories } - public function getReadForums (Request $request) { // /api/rpc/board/topic/getreadforums + public function getReadForums (Request $r) { // /api/rpc/board/topic/getreadforums } - public function getReadTopics (Request $request) { // /api/rpc/board/topic/getreadtopics - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getReadTopics (Request $r) { // /api/rpc/board/topic/getreadtopics + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; @@ -1247,24 +1247,24 @@ class BoardController extends Controller { } } - public function markForumRead ($id, Request $request) { // /api/rpc/board/topic/markforumread/fid + public function markForumRead ($id, Request $r) { // /api/rpc/board/topic/markforumread/fid } - public function markTopicRead ($id, Request $request) { // /api/rpc/board/topic/marktopicread/tid + public function markTopicRead ($id, Request $r) { // /api/rpc/board/topic/marktopicread/tid } - public function undeletePost(Request $request) { // /api/rpc/board/post/undelete - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function undeletePost(Request $r) { // /api/rpc/board/post/undelete + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['for_del'] == 1) { return DB::table('for_posts') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ 'delete' => 0, 'delreason' => '' @@ -1283,7 +1283,7 @@ class BoardController extends Controller { ->count(); } - public function browseCategories(Request $request) { // /api/rpc/board/browse/browsecategories + public function browseCategories(Request $r) { // /api/rpc/board/browse/browsecategories $cats = $this->getCategories()->toArray(); $cols = $this->objUser->getGroupColours()->toArray(); @@ -1297,13 +1297,13 @@ class BoardController extends Controller { $resF = array(); foreach($fors as $f) { - $read = $this->checkRead($f['id'], 0, $request->username, $request->password); + $read = $this->checkRead($f['id'], 0, $r->kero_token); $ldet = $this->getLastPostOfForum($f['id']); $topicsuu = DB::table('for_threads')->where('for_id', $f['id'])->count(); $replysuu = $this->countPostsInForum($f['id']); if ($ldet['uid'] != 0) { - $user = $this->objUser->getUser($ldet['uid'], $request)->toArray(); + $user = $this->objUser->getUser($ldet['uid'], $r)->toArray(); $showName = ""; $showCol = ""; @@ -1362,20 +1362,20 @@ class BoardController extends Controller { return $res; } - public function browseForums($id, $from, $to, Request $request) { // /api/rpc/board/browse/browseforums/id/from/to + public function browseForums($id, $from, $to, Request $r) { // /api/rpc/board/browse/browseforums/id/from/to $fors = $this->getForums($id); $cols = $this->objUser->getGroupColours()->toArray(); $res = array(); foreach($fors as $f) { - $read = $this->checkRead($f['id'], 0, $request->username, $request->password); + $read = $this->checkRead($f['id'], 0, $r->kero_token); $ldet = $this->getLastPostOfForum($f['id']); $topicsuu = DB::table('for_threads')->where('for_id', $f['id'])->count(); $replysuu = $this->countPostsInForum($f['id']); if ($f['last_uid'] != 0) { - $user = $this->objUser->getUser($ldet['uid'], $request)->toArray(); + $user = $this->objUser->getUser($ldet['uid'], $r)->toArray(); $showName = ""; $showCol = ""; @@ -1437,7 +1437,7 @@ class BoardController extends Controller { ); } - public function browseTopics($mode, $id, $from, $to, Request $request) { // /api/rpc/board/browse/browsetopicsmode/id/from/to + public function browseTopics($mode, $id, $from, $to, Request $r) { // /api/rpc/board/browse/browsetopicsmode/id/from/to $topsUP = $this->getTopicsUnpinned($id, $from, $to); $topsPN = $this->getTopicsPinned($id, $from, $to); $topsUS = $this->getTopicsUser($id, $from, $to); @@ -1464,14 +1464,14 @@ class BoardController extends Controller { $i = 0; foreach($tops as $t) { - $read = $this->checkRead(0, $t->id, $request->username, $request->password); + $read = $this->checkRead(0, $t->id, $r->kero_token); $replysuu = DB::table('for_posts')->where('top_id', $t->id)->count(); $fplp = $this->getFirstAndLastPosts($t->id); $userFD = $fplp['first']['date']; $userLD = $fplp['last']['date']; - $userFirst = $this->objUser->getUser($fplp['first']['uid'], $request)->toArray(); - $userLast = $this->objUser->getUser($fplp['last']['uid'], $request)->toArray(); + $userFirst = $this->objUser->getUser($fplp['first']['uid'], $r)->toArray(); + $userLast = $this->objUser->getUser($fplp['last']['uid'], $r)->toArray(); $showNameF = ""; $showColF = ""; $showNameL = ""; @@ -1745,14 +1745,14 @@ class BoardController extends Controller { return $string; } - public function browseTopicPosts($tp, $id, $from, $to, Request $request) { // /api/rpc/board/browse/browsetopicposts/tp/id/from/to + public function browseTopicPosts($tp, $id, $from, $to, Request $r) { // /api/rpc/board/browse/browsetopicposts/tp/id/from/to // Load group colours. $ucol = $this->objUser->getGroupColours(); // All the user posts' user IDs. - if ($tp == 't') $uid = $this->getUserPosts($id, $from, $to, $request); - else if ($tp == 'p') $uid = $this->getUserPost($id, $request); - else $uid = $this->getPostsOfUser($id, $from, $to, $request); + if ($tp == 't') $uid = $this->getUserPosts($id, $from, $to, $r); + else if ($tp == 'p') $uid = $this->getUserPost($id, $r); + else $uid = $this->getPostsOfUser($id, $from, $to, $r); $udat = array(); $key = 0; $ldate = 0; @@ -1822,7 +1822,7 @@ class BoardController extends Controller { $key++; } - $check = $this->objAuth->checkLegit($request->username, $request->password); + $check = $this->objAuth->checkLegit($r->kero_token); if ($tp == 't' && $check != 0) { $view = DB::table('for_threads') @@ -1860,9 +1860,9 @@ class BoardController extends Controller { return $udat; } - public function browsePermissions($uid, Request $request) { // /api/rpc/board/browse/browsepermissions/uid + public function browsePermissions($uid, Request $r) { // /api/rpc/board/browse/browsepermissions/uid // Get user ID. - $perm = $this->objUser->getUser($uid, $request); + $perm = $this->objUser->getUser($uid, $r); // Does the user ID exist? Grand the appropriate rights. Otherwise, use guest. if ($uid != 0) { diff --git a/app/Http/Controllers/ImageController.php b/app/Http/Controllers/ImageController.php index cd75158..41809cd 100644 --- a/app/Http/Controllers/ImageController.php +++ b/app/Http/Controllers/ImageController.php @@ -23,8 +23,8 @@ class ImageController extends Controller { $this->objUser = new UserController(); } - public function getUserWithUploads(Request $request) { // /api/rpc/image/get/userwithuploads - $valid = $this->objAuth->getPermissions($request->username, $request->password); + public function getUserWithUploads(Request $r) { // /api/rpc/image/get/userwithuploads + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['img_viewimg'] == 1) { $cols = $this->objUser->getGroupColours()->toArray(); @@ -37,7 +37,7 @@ class ImageController extends Controller { $protocol = isset($_SERVER["HTTPS"]) ? 'https' : 'http'; if ($usr != 0) { - $user = $this->objUser->getUser($usr, $request)->toArray(); + $user = $this->objUser->getUser($usr, $r)->toArray(); $showName = ""; $showCol = ""; @@ -78,8 +78,8 @@ class ImageController extends Controller { } } - public function getAll(Request $request) { // /api/rpc/image/get/all - $valid = $this->objAuth->getPermissions($request->username, $request->password); + public function getAll(Request $r) { // /api/rpc/image/get/all + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['img_viewimg'] == 1) { $cols = $this->objUser->getGroupColours()->toArray(); @@ -92,7 +92,7 @@ class ImageController extends Controller { $protocol = isset($_SERVER["HTTPS"]) ? 'https' : 'http'; if ($usr[3] != 0) { - $user = $this->objUser->getUser($usr[3], $request)->toArray(); + $user = $this->objUser->getUser($usr[3], $r)->toArray(); $showName = ""; $showCol = ""; @@ -135,14 +135,14 @@ class ImageController extends Controller { } } - public function getOwn(Request $request) { // /api/rpc/image/get/own - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getOwn(Request $r) { // /api/rpc/image/get/own + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['img_viewimg'] == 1) { $cols = $this->objUser->getGroupColours()->toArray(); @@ -159,7 +159,7 @@ class ImageController extends Controller { $protocol = isset($_SERVER["HTTPS"]) ? 'https' : 'http'; if ($usr[3] == $check) { - $user = $this->objUser->getUser($usr[3], $request)->toArray(); + $user = $this->objUser->getUser($usr[3], $r)->toArray(); $showName = ""; $showCol = ""; @@ -207,8 +207,8 @@ class ImageController extends Controller { } } - public function getUser($id, Request $request) { // /api/rpc/image/get/user/id - $valid = $this->objAuth->getPermissions($request->username, $request->password); + public function getUser($id, Request $r) { // /api/rpc/image/get/user/id + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['img_viewimg'] == 1) { $cols = $this->objUser->getGroupColours()->toArray(); @@ -221,7 +221,7 @@ class ImageController extends Controller { $protocol = isset($_SERVER["HTTPS"]) ? 'https' : 'http'; if ($usr[3] != 0) { - $user = $this->objUser->getUser($usr[3], $request)->toArray(); + $user = $this->objUser->getUser($usr[3], $r)->toArray(); $showName = ""; $showCol = ""; @@ -264,14 +264,14 @@ class ImageController extends Controller { } } - public function getOther(Request $request) { // /api/rpc/image/get/other - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getOther(Request $r) { // /api/rpc/image/get/other + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['img_viewimg'] == 1) { $cols = $this->objUser->getGroupColours()->toArray(); @@ -294,7 +294,7 @@ class ImageController extends Controller { $protocol = isset($_SERVER["HTTPS"]) ? 'https' : 'http'; if ($usr != $check) { - $user = $this->objUser->getUser($usr, $request)->toArray(); + $user = $this->objUser->getUser($usr, $r)->toArray(); $showName = ""; $showCol = ""; @@ -344,34 +344,34 @@ class ImageController extends Controller { } } - public function viewImage(Request $request) { // /api/rpc/image/view - $valid = $this->objAuth->getPermissions($request->username, $request->password); + public function viewImage(Request $r) { // /api/rpc/image/view + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['img_viewimg'] == 1) { $protocol = isset($_SERVER["HTTPS"]) ? 'https' : 'http'; - if (!isset($request->id) || !isset($request->name)) { + if (!isset($r->id) || !isset($r->name)) { return 'Err!'; } - return $protocol.'://'.$_SERVER['SERVER_NAME'].'/assets/images/'.$request->id.'/'.$request->name; + return $protocol.'://'.$_SERVER['SERVER_NAME'].'/assets/images/'.$r->id.'/'.$r->name; } else { return 'Permission denied.'; } } - public function uploadImage(Request $request) { // /api/rpc/image/upload - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function uploadImage(Request $r) { // /api/rpc/image/upload + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['img_addimg'] == 1) { - if (isset($request->filename)) { + if (isset($r->filename)) { if (!is_dir("assets/images/".$check)) { if (!mkdir("assets/images/".$check, 0755, true)) { return "Could not make folder ".$check."
"; @@ -379,22 +379,22 @@ class ImageController extends Controller { } $img_dir = "assets/images/".$check."/"; - $image = $img_dir . $request->filename; + $image = $img_dir . $r->filename; $imageFileType = array( 'image/png', 'image/jpeg', 'image/gif' ); - if (!in_array($request->filetype, $imageFileType)) { + if (!in_array($r->filetype, $imageFileType)) { return "Only JPG, PNG, JPEG, and GIF are allowed."; } - $fname = 'assets/images/'.$check.'/'.$request->filename; - $data = base64_decode(preg_replace('#^data:image/\w+;base64,#i', '', $request->thefile)); + $fname = 'assets/images/'.$check.'/'.$r->filename; + $data = base64_decode(preg_replace('#^data:image/\w+;base64,#i', '', $r->thefile)); Storage::disk('public')->put($fname, $data); - return $request->filename; + return $r->filename; } } else { @@ -408,29 +408,29 @@ class ImageController extends Controller { return (count(scandir($dir)) == 2); } - public function removeImage(Request $request) { // /api/rpc/image/remove - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function removeImage(Request $r) { // /api/rpc/image/remove + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['img_delotherimg'] == 1) { - if (isset($request->name)) { - $fname = 'assets/images/'.$request->id.'/'.$request->name; + if (isset($r->name)) { + $fname = 'assets/images/'.$r->id.'/'.$r->name; unlink('storage/'.$fname); - if ($this->is_dir_empty('storage/assets/images/'.$request->id)) rmdir('storage/assets/images/'.$request->id); + if ($this->is_dir_empty('storage/assets/images/'.$r->id)) rmdir('storage/assets/images/'.$r->id); return 'Deleted'; } } else { - if (isset($request->name)) { - if ($check == $request->id) { + if (isset($r->name)) { + if ($check == $r->id) { if ($valid['img_delownimg'] == 1) { - $fname = 'assets/images/'.$check.'/'.$request->name; + $fname = 'assets/images/'.$check.'/'.$r->name; unlink('storage/'.$fname); if ($this->is_dir_empty('storage/assets/images/'.$check)) rmdir('storage/assets/images/'.$check); diff --git a/app/Http/Controllers/InvoiceController.php b/app/Http/Controllers/InvoiceController.php index cac56e4..b4fd69f 100644 --- a/app/Http/Controllers/InvoiceController.php +++ b/app/Http/Controllers/InvoiceController.php @@ -23,14 +23,14 @@ class InvoiceController extends Controller { } // Company - public function getCompanies(Request $request) { // /api/rpc/invoice/company/getall - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getCompanies(Request $r) { // /api/rpc/invoice/company/getall + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) { return DB::table('inv_company') @@ -55,14 +55,14 @@ class InvoiceController extends Controller { } } - public function getCompany($id, Request $request) { // /api/rpc/invoice/company/get/id - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getCompany($id, Request $r) { // /api/rpc/invoice/company/get/id + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_mancompany'] == 1) { if ($valid['inv_manuser'] == 0) { @@ -118,30 +118,30 @@ class InvoiceController extends Controller { } } - public function newCompany(Request $request) { // /api/rpc/invoice/company/new - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function newCompany(Request $r) { // /api/rpc/invoice/company/new + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) { $add = DB::table('inv_company') ->insertGetId([ - 'user_id' => $request->user_id, - 'name' => $request->name, - 'compreg' => ($request->compreg ? $request->compreg : ''), - 'taxnr' => ($request->taxnr ? $request->taxnr : ''), - 'bank_number' => $request->bank_number, - 'bank_name' => $request->bank_name, - 'bank_recipient' => $request->bank_recipient, - 'logo' => ($request->logo ? $request->logo : ''), - 'payterm' => $request->payterm, - 'date_format' => $request->date_format, - 'comment1' => $request->comment1, - 'comment2' => $request->comment2 + 'user_id' => $r->user_id, + 'name' => $r->name, + 'compreg' => ($r->compreg ? $r->compreg : ''), + 'taxnr' => ($r->taxnr ? $r->taxnr : ''), + 'bank_number' => $r->bank_number, + 'bank_name' => $r->bank_name, + 'bank_recipient' => $r->bank_recipient, + 'logo' => ($r->logo ? $r->logo : ''), + 'payterm' => $r->payterm, + 'date_format' => $r->date_format, + 'comment1' => $r->comment1, + 'comment2' => $r->comment2 ]); return $add; @@ -152,33 +152,33 @@ class InvoiceController extends Controller { } } - public function editCompany(Request $request) { // /api/rpc/invoice/company/edit - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editCompany(Request $r) { // /api/rpc/invoice/company/edit + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_mancompany'] == 1) { if ($valid['inv_manuser'] == 0) { if ($companyId != 0) { DB::table('inv_company') - ->where('id', $request->id) + ->where('id', $r->id) ->where('user_id', $check) ->update([ - 'name' => $request->name, - 'compreg' => ($request->compreg ? $request->compreg : ''), - 'taxnr' => ($request->taxnr ? $request->taxnr : ''), - 'bank_number' => $request->bank_number, - 'bank_name' => $request->bank_name, - 'bank_recipient' => $request->bank_recipient, - 'logo' => ($request->logo ? $request->logo : ''), - 'payterm' => $request->payterm, - 'date_format' => $request->date_format, - 'comment1' => $request->comment1, - 'comment2' => $request->comment2 + 'name' => $r->name, + 'compreg' => ($r->compreg ? $r->compreg : ''), + 'taxnr' => ($r->taxnr ? $r->taxnr : ''), + 'bank_number' => $r->bank_number, + 'bank_name' => $r->bank_name, + 'bank_recipient' => $r->bank_recipient, + 'logo' => ($r->logo ? $r->logo : ''), + 'payterm' => $r->payterm, + 'date_format' => $r->date_format, + 'comment1' => $r->comment1, + 'comment2' => $r->comment2 ]); } else { @@ -187,20 +187,20 @@ class InvoiceController extends Controller { } else if ($valid['inv_manuser'] == 1) { DB::table('inv_company') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'user_id' => $request->user_id, - 'name' => $request->name, - 'compreg' => ($request->compreg ? $request->compreg : ''), - 'taxnr' => ($request->taxnr ? $request->taxnr : ''), - 'bank_number' => $request->bank_number, - 'bank_name' => $request->bank_name, - 'bank_recipient' => $request->bank_recipient, - 'logo' => ($request->logo ? $request->logo : ''), - 'payterm' => $request->payterm, - 'date_format' => $request->date_format, - 'comment1' => $request->comment1, - 'comment2' => $request->comment2 + 'user_id' => $r->user_id, + 'name' => $r->name, + 'compreg' => ($r->compreg ? $r->compreg : ''), + 'taxnr' => ($r->taxnr ? $r->taxnr : ''), + 'bank_number' => $r->bank_number, + 'bank_name' => $r->bank_name, + 'bank_recipient' => $r->bank_recipient, + 'logo' => ($r->logo ? $r->logo : ''), + 'payterm' => $r->payterm, + 'date_format' => $r->date_format, + 'comment1' => $r->comment1, + 'comment2' => $r->comment2 ]); } } @@ -210,17 +210,17 @@ class InvoiceController extends Controller { } } - public function deleteCompany(Request $request) { // /api/rpc/invoice/company/delete - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function deleteCompany(Request $r) { // /api/rpc/invoice/company/delete + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) { - DB::table('inv_company')->where('id', $request->id)->delete(); + DB::table('inv_company')->where('id', $r->id)->delete(); return 'Done.'; } @@ -231,14 +231,14 @@ class InvoiceController extends Controller { } // Contacts - public function getContacts(Request $request) { // /api/rpc/invoice/contacts/getall - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getContacts(Request $r) { // /api/rpc/invoice/contacts/getall + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_mancontact'] == 1) { $data = array( @@ -252,12 +252,12 @@ class InvoiceController extends Controller { ); if ($valid['inv_manuser'] == 1) { - if (isset($request->emp)) { + if (isset($r->emp)) { $get = DB::table('inv_contacts') ->join('inv_employers', 'inv_employers.contact_id', 'inv_contacts.id') ->get($data); } - else if (isset($request->cus)) { + else if (isset($r->cus)) { $get = DB::table('inv_contacts') ->join('inv_clients', 'inv_clients.contact_id', 'inv_contacts.id') ->get($data); @@ -300,14 +300,14 @@ class InvoiceController extends Controller { } } - public function getContact($id, Request $request) { // /api/rpc/invoice/contacts/get/id - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getContact($id, Request $r) { // /api/rpc/invoice/contacts/get/id + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_mancontact'] == 1) { if ($valid['inv_manuser'] == 1) { @@ -391,41 +391,41 @@ class InvoiceController extends Controller { } } - public function newContact(Request $request) { // /api/rpc/invoice/contacts/new - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function newContact(Request $r) { // /api/rpc/invoice/contacts/new + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_mancontact'] == 1) { if ($valid['inv_manuser'] == 1) { $add = DB::table('inv_contacts') ->insertGetId([ - 'user_id' => $request->user_id, - 'company_name' => $request->company_name, - 'name' => $request->name, - 'fulladdress' => $request->fulladdress, - 'phone' => $request->phone, - 'website' => $request->website, - 'email' => $request->email, - 'custom' => $request->custom + 'user_id' => $r->user_id, + 'company_name' => $r->company_name, + 'name' => $r->name, + 'fulladdress' => $r->fulladdress, + 'phone' => $r->phone, + 'website' => $r->website, + 'email' => $r->email, + 'custom' => $r->custom ]); - if ($request->isCustomer) { + if ($r->isCustomer) { DB::table('inv_clients') ->insert([ - 'user_id' => $request->user_id, + 'user_id' => $r->user_id, 'contact_id' => $add ]); } - if ($request->isEmployer) { + if ($r->isEmployer) { DB::table('inv_employers') ->insert([ - 'user_id' => $request->user_id, + 'user_id' => $r->user_id, 'contact_id' => $add ]); } @@ -433,16 +433,16 @@ class InvoiceController extends Controller { else { $add = DB::table('inv_contacts') ->insertGetId([ - 'company_name' => $request->company_name, - 'name' => $request->name, - 'fulladdress' => $request->fulladdress, - 'phone' => $request->phone, - 'website' => $request->website, - 'email' => $request->email, - 'custom' => $request->custom + 'company_name' => $r->company_name, + 'name' => $r->name, + 'fulladdress' => $r->fulladdress, + 'phone' => $r->phone, + 'website' => $r->website, + 'email' => $r->email, + 'custom' => $r->custom ]); - if ($request->isCustomer) { + if ($r->isCustomer) { DB::table('inv_clients') ->insert([ 'user_id' => $check, @@ -450,7 +450,7 @@ class InvoiceController extends Controller { ]); } - if ($request->isEmployer) { + if ($r->isEmployer) { DB::table('inv_employers') ->insert([ 'user_id' => $check, @@ -467,104 +467,104 @@ class InvoiceController extends Controller { } } - public function editContact(Request $request) { // /api/rpc/invoice/contacts/edit - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editContact(Request $r) { // /api/rpc/invoice/contacts/edit + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_mancontact'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_contacts') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'user_id' => $request->user_id, - 'company_name' => $request->company_name, - 'name' => $request->name, - 'fulladdress' => $request->fulladdress, - 'phone' => $request->phone, - 'website' => $request->website, - 'email' => $request->email, - 'custom' => $request->custom + 'user_id' => $r->user_id, + 'company_name' => $r->company_name, + 'name' => $r->name, + 'fulladdress' => $r->fulladdress, + 'phone' => $r->phone, + 'website' => $r->website, + 'email' => $r->email, + 'custom' => $r->custom ]); $emp = DB::table('inv_employers') ->select('id') - ->where('contact_id', $request->id) + ->where('contact_id', $r->id) ->get(); if ($emp->count()) { - if (!$request->isEmployer) { - DB::table('inv_employers')->where('contact_id', $request->id)->delete(); + if (!$r->isEmployer) { + DB::table('inv_employers')->where('contact_id', $r->id)->delete(); } } else { - if ($request->isEmployer) { + if ($r->isEmployer) { DB::table('inv_employers') - ->where('id', $request->id) + ->where('id', $r->id) ->insert([ - 'user_id' => $request->user_id, - 'contact_id' => $request->id + 'user_id' => $r->user_id, + 'contact_id' => $r->id ]); } } $cus = DB::table('inv_clients') ->select('id') - ->where('contact_id', $request->id) + ->where('contact_id', $r->id) ->get(); if ($cus->count()) { - if (!$request->isCustomer) { - DB::table('inv_clients')->where('contact_id', $request->id)->delete(); + if (!$r->isCustomer) { + DB::table('inv_clients')->where('contact_id', $r->id)->delete(); } } else { - if ($request->isCustomer) { + if ($r->isCustomer) { DB::table('inv_clients') - ->where('id', $request->id) + ->where('id', $r->id) ->insert([ - 'user_id' => $request->user_id, - 'contact_id' => $request->id + 'user_id' => $r->user_id, + 'contact_id' => $r->id ]); } } } else { DB::table('inv_contacts') - ->where('id', $request->id) + ->where('id', $r->id) ->where('user_id', $check) ->update([ - 'company_name' => $request->company_name, - 'name' => $request->name, - 'fulladdress' => $request->fulladdress, - 'phone' => $request->phone, - 'website' => $request->website, - 'email' => $request->email, - 'custom' => $request->custom + 'company_name' => $r->company_name, + 'name' => $r->name, + 'fulladdress' => $r->fulladdress, + 'phone' => $r->phone, + 'website' => $r->website, + 'email' => $r->email, + 'custom' => $r->custom ]); $emp = DB::table('inv_employers') ->select('id') ->where('user_id', $check) - ->where('contact_id', $request->id) + ->where('contact_id', $r->id) ->get(); if ($emp->count()) { - if (!$request->isEmployer) { - DB::table('inv_employers')->where('contact_id', $request->id)->where('user_id', $check)->delete(); + if (!$r->isEmployer) { + DB::table('inv_employers')->where('contact_id', $r->id)->where('user_id', $check)->delete(); } } else { - if ($request->isEmployer) { + if ($r->isEmployer) { DB::table('inv_employers') - ->where('id', $request->id) + ->where('id', $r->id) ->where('user_id', $check) ->insert([ - 'contact_id' => $request->id + 'contact_id' => $r->id ]); } } @@ -572,21 +572,21 @@ class InvoiceController extends Controller { $cus = DB::table('inv_clients') ->select('id') ->where('user_id', $check) - ->where('contact_id', $request->id) + ->where('contact_id', $r->id) ->get(); if ($cus->count()) { - if (!$request->isCustomer) { - DB::table('inv_clients')->where('contact_id', $request->id)->where('user_id', $check)->delete(); + if (!$r->isCustomer) { + DB::table('inv_clients')->where('contact_id', $r->id)->where('user_id', $check)->delete(); } } else { - if ($request->isCustomer) { + if ($r->isCustomer) { DB::table('inv_clients') - ->where('id', $request->id) + ->where('id', $r->id) ->where('user_id', $check) ->insert([ - 'contact_id' => $request->id + 'contact_id' => $r->id ]); } } @@ -600,25 +600,25 @@ class InvoiceController extends Controller { } } - public function deleteContact(Request $request) { // /api/rpc/invoice/contacts/delete - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function deleteContact(Request $r) { // /api/rpc/invoice/contacts/delete + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_mancontact'] == 1) { if ($valid['inv_manuser'] == 1) { - DB::table('inv_contacts')->where('id', $request->id)->delete(); - DB::table('inv_employers')->where('contact_id', $request->id)->delete(); - DB::table('inv_clients')->where('contact_id', $request->id)->delete(); + DB::table('inv_contacts')->where('id', $r->id)->delete(); + DB::table('inv_employers')->where('contact_id', $r->id)->delete(); + DB::table('inv_clients')->where('contact_id', $r->id)->delete(); } else { - DB::table('inv_contacts')->where('id', $request->id)->where('user_id', $check)->delete(); - DB::table('inv_employers')->where('contact_id', $request->id)->where('user_id', $check)->delete(); - DB::table('inv_clients')->where('contact_id', $request->id)->where('user_id', $check)->delete(); + DB::table('inv_contacts')->where('id', $r->id)->where('user_id', $check)->delete(); + DB::table('inv_employers')->where('contact_id', $r->id)->where('user_id', $check)->delete(); + DB::table('inv_clients')->where('contact_id', $r->id)->where('user_id', $check)->delete(); } return 'Done.'; @@ -630,14 +630,14 @@ class InvoiceController extends Controller { } // Invoices - public function getInvoices(Request $request) { // /api/rpc/invoice/invoices/getall - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getInvoices(Request $r) { // /api/rpc/invoice/invoices/getall + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); $format = DB::table('inv_company') ->select('date_format') @@ -713,14 +713,14 @@ class InvoiceController extends Controller { } } - public function getInvoice($id, Request $request) { // /api/rpc/invoice/invoices/get/id - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getInvoice($id, Request $r) { // /api/rpc/invoice/invoices/get/id + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { @@ -1068,38 +1068,38 @@ class InvoiceController extends Controller { } } - public function newInvoiceItem(Request $request) { // /api/rpc/invoice/invoices/newitem - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function newInvoiceItem(Request $r) { // /api/rpc/invoice/invoices/newitem + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_invoice_items') ->insert([ - 'user_id' => $request->user_id, - 'invoice_id' => $request->inv, - 'service_id' => $request->service_id, - 'period_id' => $request->period_id, - 'product_id' => $request->product_id, - 'from_time' => $request->from_time, - 'to_time' => $request->to_time + 'user_id' => $r->user_id, + 'invoice_id' => $r->inv, + 'service_id' => $r->service_id, + 'period_id' => $r->period_id, + 'product_id' => $r->product_id, + 'from_time' => $r->from_time, + 'to_time' => $r->to_time ]); } else { DB::table('inv_invoice_items') ->insert([ 'user_id' => $check, - 'invoice_id' => $request->inv, - 'service_id' => $request->service_id, - 'period_id' => $request->period_id, - 'product_id' => $request->product_id, - 'from_time' => $request->from_time, - 'to_time' => $request->to_time + 'invoice_id' => $r->inv, + 'service_id' => $r->service_id, + 'period_id' => $r->period_id, + 'product_id' => $r->product_id, + 'from_time' => $r->from_time, + 'to_time' => $r->to_time ]); } @@ -1111,32 +1111,32 @@ class InvoiceController extends Controller { } } - public function newInvoice(Request $request) { // /api/rpc/invoice/invoices/new - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function newInvoice(Request $r) { // /api/rpc/invoice/invoices/new + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { $lastInv = DB::table('inv_invoices') ->where('year', date('Y')) - ->where('user_id', $request->user_id) + ->where('user_id', $r->user_id) ->count(); $add = DB::table('inv_invoices') ->insertGetId([ - 'user_id' => $request->user_id, - 'customer' => $request->customer, - 'employer' => $request->employer, + 'user_id' => $r->user_id, + 'customer' => $r->customer, + 'employer' => $r->employer, 'year' => date('Y'), 'inv_number' => $lastInv + 1, 'revision' => 0, 'make_date' => time(), - 'invtype' => $request->invtype, + 'invtype' => $r->invtype, 'tax_id' => 0 ]); } @@ -1149,13 +1149,13 @@ class InvoiceController extends Controller { $add = DB::table('inv_invoices') ->insertGetId([ 'user_id' => $check, - 'customer' => $request->customer, - 'employer' => $request->employer, + 'customer' => $r->customer, + 'employer' => $r->employer, 'year' => date('Y'), 'inv_number' => $lastInv + 1, 'revision' => 0, 'make_date' => time(), - 'invtype' => $request->invtype, + 'invtype' => $r->invtype, 'tax_id' => 0 ]); } @@ -1168,39 +1168,39 @@ class InvoiceController extends Controller { } } - public function editInvoiceItem(Request $request) { // /api/rpc/invoice/invoices/edititem - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editInvoiceItem(Request $r) { // /api/rpc/invoice/invoices/edititem + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_invoice_items') - ->where('id', $request->id) - ->where('invoice_id', $request->inv) + ->where('id', $r->id) + ->where('invoice_id', $r->inv) ->update([ - 'service_id' => $request->service_id, - 'period_id' => $request->period_id, - 'product_id' => $request->product_id, - 'from_time' => $request->from_time, - 'to_time' => $request->to_time + 'service_id' => $r->service_id, + 'period_id' => $r->period_id, + 'product_id' => $r->product_id, + 'from_time' => $r->from_time, + 'to_time' => $r->to_time ]); } else { DB::table('inv_invoice_items') - ->where('id', $request->id) + ->where('id', $r->id) ->where('user_id', $check) - ->where('invoice_id', $request->inv) + ->where('invoice_id', $r->inv) ->update([ - 'service_id' => $request->service_id, - 'period_id' => $request->period_id, - 'product_id' => $request->product_id, - 'from_time' => $request->from_time, - 'to_time' => $request->to_time + 'service_id' => $r->service_id, + 'period_id' => $r->period_id, + 'product_id' => $r->product_id, + 'from_time' => $r->from_time, + 'to_time' => $r->to_time ]); } } @@ -1210,41 +1210,41 @@ class InvoiceController extends Controller { } } - public function editInvoice(Request $request) { // /api/rpc/invoice/invoices/edit - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editInvoice(Request $r) { // /api/rpc/invoice/invoices/edit + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { $rev = DB::table('inv_invoices') ->select('revision') - ->where('id', $request->id) + ->where('id', $r->id) ->get(); if ($valid['inv_manuser'] == 1) { DB::table('inv_invoices') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'user_id' => $request->user_id, - 'customer' => $request->customer, - 'employer' => $request->employer, - 'invtype' => $request->invtype, + 'user_id' => $r->user_id, + 'customer' => $r->customer, + 'employer' => $r->employer, + 'invtype' => $r->invtype, 'tax_id' => 0, 'revision' => $rev[0]->revision + 1 ]); } else { DB::table('inv_invoices') - ->where('id', $request->id) + ->where('id', $r->id) ->where('user_id', $check) ->update([ - 'customer' => $request->customer, - 'employer' => $request->employer, - 'invtype' => $request->invtype, + 'customer' => $r->customer, + 'employer' => $r->employer, + 'invtype' => $r->invtype, 'tax_id' => 0, 'revision' => $rev[0]->revision + 1 ]); @@ -1258,21 +1258,21 @@ class InvoiceController extends Controller { } } - public function deleteInvoice(Request $request) { // /api/rpc/invoice/invoices/delete - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function deleteInvoice(Request $r) { // /api/rpc/invoice/invoices/delete + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { - DB::table('inv_invoices')->where('id', $request->id)->delete(); + DB::table('inv_invoices')->where('id', $r->id)->delete(); } else { - DB::table('inv_invoices')->where('id', $request->id)->where('user_id', $check)->delete(); + DB::table('inv_invoices')->where('id', $r->id)->where('user_id', $check)->delete(); } return 'Done.'; @@ -1284,14 +1284,14 @@ class InvoiceController extends Controller { } // Periods - public function getPeriods(Request $request) { // /api/rpc/invoice/periods/getall - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getPeriods(Request $r) { // /api/rpc/invoice/periods/getall + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { @@ -1326,14 +1326,14 @@ class InvoiceController extends Controller { } } - public function getPeriod($id, Request $request) { // /api/rpc/invoice/periods/get/id - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getPeriod($id, Request $r) { // /api/rpc/invoice/periods/get/id + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { @@ -1369,34 +1369,34 @@ class InvoiceController extends Controller { } } - public function newPeriod(Request $request) { // /api/rpc/invoice/periods/new - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function newPeriod(Request $r) { // /api/rpc/invoice/periods/new + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { $add = DB::table('inv_periods') ->insertGetId([ - 'user_id' => $request->user_id, - 'name' => $request->name, - 'price' => $request->price, - 'intervals' => $request->intervals, - 'period' => $request->period + 'user_id' => $r->user_id, + 'name' => $r->name, + 'price' => $r->price, + 'intervals' => $r->intervals, + 'period' => $r->period ]); } else { $add = DB::table('inv_periods') ->insertGetId([ 'user_id' => $check, - 'name' => $request->name, - 'price' => $request->price, - 'intervals' => $request->intervals, - 'period' => $request->period + 'name' => $r->name, + 'price' => $r->price, + 'intervals' => $r->intervals, + 'period' => $r->period ]); } @@ -1408,36 +1408,36 @@ class InvoiceController extends Controller { } } - public function editPeriod(Request $request) { // /api/rpc/invoice/periods/edit - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editPeriod(Request $r) { // /api/rpc/invoice/periods/edit + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_periods') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'user_id' => $request->user_id, - 'name' => $request->name, - 'price' => $request->price, - 'intervals' => $request->intervals, - 'period' => $request->period + 'user_id' => $r->user_id, + 'name' => $r->name, + 'price' => $r->price, + 'intervals' => $r->intervals, + 'period' => $r->period ]); } else { DB::table('inv_periods') - ->where('id', $request->id) + ->where('id', $r->id) ->where('user_id', $check) ->update([ - 'name' => $request->name, - 'price' => $request->price, - 'intervals' => $request->intervals, - 'period' => $request->period + 'name' => $r->name, + 'price' => $r->price, + 'intervals' => $r->intervals, + 'period' => $r->period ]); } @@ -1449,21 +1449,21 @@ class InvoiceController extends Controller { } } - public function deletePeriod(Request $request) { // /api/rpc/invoice/periods/delete - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function deletePeriod(Request $r) { // /api/rpc/invoice/periods/delete + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { - DB::table('inv_periods')->where('id', $request->id)->delete(); + DB::table('inv_periods')->where('id', $r->id)->delete(); } else { - DB::table('inv_periods')->where('id', $request->id)->where('user_id', $check)->delete(); + DB::table('inv_periods')->where('id', $r->id)->where('user_id', $check)->delete(); } return 'Done.'; @@ -1475,14 +1475,14 @@ class InvoiceController extends Controller { } // Products - public function getProducts(Request $request) { // /api/rpc/invoice/products/getall - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getProducts(Request $r) { // /api/rpc/invoice/products/getall + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { @@ -1513,14 +1513,14 @@ class InvoiceController extends Controller { } } - public function getProduct($id, Request $request) { // /api/rpc/invoice/products/get/id - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getProduct($id, Request $r) { // /api/rpc/invoice/products/get/id + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { @@ -1556,30 +1556,30 @@ class InvoiceController extends Controller { } } - public function newProduct(Request $request) { // /api/rpc/invoice/products/new - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function newProduct(Request $r) { // /api/rpc/invoice/products/new + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { $add = DB::table('inv_products') ->insertGetId([ - 'user_id' => $request->user_id, - 'name' => $request->name, - 'price' => $request->price + 'user_id' => $r->user_id, + 'name' => $r->name, + 'price' => $r->price ]); } else { $add = DB::table('inv_products') ->insertGetId([ 'user_id' => $check, - 'name' => $request->name, - 'price' => $request->price + 'name' => $r->name, + 'price' => $r->price ]); } @@ -1591,32 +1591,32 @@ class InvoiceController extends Controller { } } - public function editProduct(Request $request) { // /api/rpc/invoice/products/edit - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editProduct(Request $r) { // /api/rpc/invoice/products/edit + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_products') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'user_id' => $request->user_id, - 'name' => $request->name, - 'price' => $request->price + 'user_id' => $r->user_id, + 'name' => $r->name, + 'price' => $r->price ]); } else { DB::table('inv_products') - ->where('id', $request->id) + ->where('id', $r->id) ->where('user_id', $check) ->update([ - 'name' => $request->name, - 'price' => $request->price + 'name' => $r->name, + 'price' => $r->price ]); } @@ -1628,21 +1628,21 @@ class InvoiceController extends Controller { } } - public function deleteProduct(Request $request) { // /api/rpc/invoice/products/delete - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function deleteProduct(Request $r) { // /api/rpc/invoice/products/delete + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { - DB::table('inv_products')->where('id', $request->id)->delete(); + DB::table('inv_products')->where('id', $r->id)->delete(); } else { - DB::table('inv_products')->where('id', $request->id)->where('user_id', $check)->delete(); + DB::table('inv_products')->where('id', $r->id)->where('user_id', $check)->delete(); } return 'Done.'; @@ -1654,14 +1654,14 @@ class InvoiceController extends Controller { } // Services - public function getServices(Request $request) { // /api/rpc/invoice/services/getall - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getServices(Request $r) { // /api/rpc/invoice/services/getall + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { @@ -1692,14 +1692,14 @@ class InvoiceController extends Controller { } } - public function getService($id, Request $request) { // /api/rpc/invoice/services/get/id - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getService($id, Request $r) { // /api/rpc/invoice/services/get/id + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { @@ -1722,30 +1722,30 @@ class InvoiceController extends Controller { } } - public function newService(Request $request) { // /api/rpc/invoice/services/new - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function newService(Request $r) { // /api/rpc/invoice/services/new + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { $add = DB::table('inv_services') ->insertGetId([ - 'user_id' => $request->user_id, - 'name' => $request->name, - 'price' => $request->price + 'user_id' => $r->user_id, + 'name' => $r->name, + 'price' => $r->price ]); } else { $add = DB::table('inv_services') ->insertGetId([ 'user_id' => $check, - 'name' => $request->name, - 'price' => $request->price + 'name' => $r->name, + 'price' => $r->price ]); } @@ -1757,33 +1757,33 @@ class InvoiceController extends Controller { } } - public function editService(Request $request) { // /api/rpc/invoice/services/edit - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editService(Request $r) { // /api/rpc/invoice/services/edit + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_services') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'user_id' => $request->user_id, - 'name' => $request->name, - 'price' => $request->price + 'user_id' => $r->user_id, + 'name' => $r->name, + 'price' => $r->price ]); } else { DB::table('inv_services') - ->where('id', $request->id) + ->where('id', $r->id) ->where('user_id', $check) ->update([ 'user_id' => $check, - 'name' => $request->name, - 'price' => $request->price + 'name' => $r->name, + 'price' => $r->price ]); } @@ -1795,21 +1795,21 @@ class InvoiceController extends Controller { } } - public function deleteService(Request $request) { // /api/rpc/invoice/services/delete - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function deleteService(Request $r) { // /api/rpc/invoice/services/delete + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { - DB::table('inv_services')->where('id', $request->id)->delete(); + DB::table('inv_services')->where('id', $r->id)->delete(); } else { - DB::table('inv_services')->where('id', $request->id)->where('user_id', $check)->delete(); + DB::table('inv_services')->where('id', $r->id)->where('user_id', $check)->delete(); } return 'Done.'; @@ -1821,14 +1821,14 @@ class InvoiceController extends Controller { } // Tax - public function getTaxes(Request $request) { // /api/rpc/invoice/taxes/getall - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getTaxes(Request $r) { // /api/rpc/invoice/taxes/getall + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { @@ -1859,14 +1859,14 @@ class InvoiceController extends Controller { } } - public function getTax($id, Request $request) { // /api/rpc/invoice/taxes/get/id - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getTax($id, Request $r) { // /api/rpc/invoice/taxes/get/id + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { @@ -1889,30 +1889,30 @@ class InvoiceController extends Controller { } } - public function newTax(Request $request) { // /api/rpc/invoice/taxes/new - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function newTax(Request $r) { // /api/rpc/invoice/taxes/new + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { $add = DB::table('inv_taxes') ->insertGetId([ - 'user_id' => $request->user_id, - 'name' => $request->name, - 'percentage' => $request->percentage + 'user_id' => $r->user_id, + 'name' => $r->name, + 'percentage' => $r->percentage ]); } else { $add = DB::table('inv_taxes') ->insertGetId([ 'user_id' => $check, - 'name' => $request->name, - 'percentage' => $request->percentage + 'name' => $r->name, + 'percentage' => $r->percentage ]); } @@ -1924,33 +1924,33 @@ class InvoiceController extends Controller { } } - public function editTax(Request $request) { // /api/rpc/invoice/taxes/edit - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editTax(Request $r) { // /api/rpc/invoice/taxes/edit + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_taxes') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'user_id' => $request->user_id, - 'name' => $request->name, - 'percentage' => $request->percentage + 'user_id' => $r->user_id, + 'name' => $r->name, + 'percentage' => $r->percentage ]); } else { DB::table('inv_taxes') - ->where('id', $request->id) + ->where('id', $r->id) ->where('user_id', $check) ->update([ 'user_id' => $check, - 'name' => $request->name, - 'percentage' => $request->percentage + 'name' => $r->name, + 'percentage' => $r->percentage ]); } @@ -1962,21 +1962,21 @@ class InvoiceController extends Controller { } } - public function deleteTax(Request $request) { // /api/rpc/invoice/taxes/delete - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function deleteTax(Request $r) { // /api/rpc/invoice/taxes/delete + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { - DB::table('inv_taxes')->where('id', $request->id)->delete(); + DB::table('inv_taxes')->where('id', $r->id)->delete(); } else { - DB::table('inv_taxes')->where('id', $request->id)->where('user_id', $check)->delete(); + DB::table('inv_taxes')->where('id', $r->id)->where('user_id', $check)->delete(); } return 'Done.'; diff --git a/app/Http/Controllers/PackageController.php b/app/Http/Controllers/PackageController.php index df5f462..6fc458b 100644 --- a/app/Http/Controllers/PackageController.php +++ b/app/Http/Controllers/PackageController.php @@ -22,8 +22,8 @@ class PackageController extends Controller { $this->objPermission = new PermissionController(); } - public function get(Request $request) { // /api/rpc/pack/get - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function get(Request $r) { // /api/rpc/pack/get + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'err!'; diff --git a/app/Http/Controllers/SiteController.php b/app/Http/Controllers/SiteController.php index f636ef8..908f706 100644 --- a/app/Http/Controllers/SiteController.php +++ b/app/Http/Controllers/SiteController.php @@ -23,12 +23,12 @@ class SiteController extends Controller { } // Posts - public function getPosts(Request $request) { // /api/rpc/site/post/get/all - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function getPosts(Request $r) { // /api/rpc/site/post/get/all + $check = $this->objAuth->checkLegit($r->kero_token); // Load group colours. $ucol = $this->objUser->getGroupColours(); - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); // Load content. if ($valid['blg_editpost']) { @@ -188,9 +188,9 @@ class SiteController extends Controller { return $res; } - public function getPost($slug, Request $request) { // /api/rpc/site/post/get/slug/slug - $check = $this->objAuth->checkLegit($request->username, $request->password); - $valid = $this->objAuth->getPermissions($request->username, $request->password); + public function getPost($slug, Request $r) { // /api/rpc/site/post/get/slug/slug + $check = $this->objAuth->checkLegit($r->kero_token); + $valid = $this->objAuth->getPermissions($r->kero_token); // Load group colours. $ucol = $this->objUser->getGroupColours(); @@ -301,24 +301,24 @@ class SiteController extends Controller { return $res; } - public function newPost(Request $request) { // /api/rpc/site/post/new - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function newPost(Request $r) { // /api/rpc/site/post/new + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return \Response::json(array('error' => 'ログインされませんでした。')); } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['blg_addpost'] == 1) { $pubdate = 0; - if ($request->public_status == 1) { - if ($request->publish_date <= time()) { + if ($r->public_status == 1) { + if ($r->publish_date <= time()) { return \Response::json(array('error' => '投稿日より公開日の方がもっと古いだと不許可です。')); } else { - $pubdate = $request->publish_date; + $pubdate = $r->publish_date; } } else { @@ -329,14 +329,14 @@ class SiteController extends Controller { ->insert([ 'user_id' => $check, 'isPost' => 1, - 'title' => $request->title, - 'slug' => $request->slug, + 'title' => $r->title, + 'slug' => $r->slug, 'post_date' => time(), 'publish_date' => $pubdate, 'sortorder' => 0, - 'public_status' => $request->public_status, + 'public_status' => $r->public_status, 'isMenu' => 0, - 'message' => $request->message + 'message' => $r->message ]); return \Response::json($add); @@ -347,23 +347,23 @@ class SiteController extends Controller { } } - public function editPost(Request $request) { // /api/rpc/site/post/edit - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editPost(Request $r) { // /api/rpc/site/post/edit + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return \Response::json(array('error' => 'ログインされませんでした。')); } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['blg_editpost'] == 1) { return DB::table('blg_content') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'title' => $request->title, - 'slug' => $request->slug, - 'public_status' => $request->public_status, - 'message' => $request->message + 'title' => $r->title, + 'slug' => $r->slug, + 'public_status' => $r->public_status, + 'message' => $r->message ]); } else { @@ -372,17 +372,17 @@ class SiteController extends Controller { } } - public function deletePost(Request $request) { // /api/rpc/site/post/delete - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function deletePost(Request $r) { // /api/rpc/site/post/delete + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return \Response::json(array('error' => 'ログインされませんでした。')); } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['blg_delpost'] == 1) { - return DB::table('blg_content')->where('id', $request->id)->delete(); + return DB::table('blg_content')->where('id', $r->id)->delete(); } else { return \Response::json(array('error' => '不許可。')); @@ -560,31 +560,31 @@ class SiteController extends Controller { return $res; } - public function newComment(Request $request) { // /api/rpc/site/comment/new - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function newComment(Request $r) { // /api/rpc/site/comment/new + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return \Response::json(array('error' => 'ログインされませんでした。')); } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['blg_addcomment'] == 1) { $add = DB::table('blg_comments') ->insertGetId([ 'user_id' => $check, - 'content_id' => $request->content_id, + 'content_id' => $r->content_id, 'votes' => 0, 'post_date' => time(), 'last_date' => 0, 'isDeleted' => 0, - 'message' => $request->message, - 'ip_address' => $request->ip_address + 'message' => $r->message, + 'ip_address' => $r->ip_address ]); - $g = DB::table('blg_content')->select('slug', 'user_id')->where('id', $request->content_id)->first(); + $g = DB::table('blg_content')->select('slug', 'user_id')->where('id', $r->content_id)->first(); - if ($check != $g->user_id) $this->objUser->addNotification($request, $g->user_id, 1, '新規ブログコメント', 'blog/'.$g->slug, 'comment-'.$add); + if ($check != $g->user_id) $this->objUser->addNotification($r, $g->user_id, 1, '新規ブログコメント', 'blog/'.$g->slug, 'comment-'.$add); return \Response::json($add); } @@ -594,30 +594,30 @@ class SiteController extends Controller { } } - public function editComment(Request $request) { // /api/rpc/site/comment/edit - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editComment(Request $r) { // /api/rpc/site/comment/edit + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return \Response::json(array('error' => 'ログインされませんでした。')); } else { - $owner = DB::table('blg_comments')->select('user_id')->where('id', $request->id)->where('user_id', $request->user)->get()->toArray(); - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $owner = DB::table('blg_comments')->select('user_id')->where('id', $r->id)->where('user_id', $r->user)->get()->toArray(); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['blg_editcomment'] == 1) { return DB::table('blg_comments') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ 'last_date' => time(), - 'message' => $request->message + 'message' => $r->message ]); } else if ($valid['blg_delcomment'] == 1 && $owner[0]->user_id == $check) { return DB::table('blg_comments') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ 'last_date' => time(), - 'message' => $request->message + 'message' => $r->message ]); } else { @@ -626,20 +626,20 @@ class SiteController extends Controller { } } - public function removeComment(Request $request) { // /api/rpc/site/comment/remove - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function removeComment(Request $r) { // /api/rpc/site/comment/remove + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return \Response::json(array('error' => 'ログインされませんでした。')); } else { - $owner = DB::table('blg_comments')->select('user_id')->where('id', $request->id)->where('user_id', $request->user)->get()->toArray(); - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $owner = DB::table('blg_comments')->select('user_id')->where('id', $r->id)->where('user_id', $r->user)->get()->toArray(); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['blg_delcomment'] == 1) { $get = DB::table('blg_comments') ->select('isDeleted') - ->where('id', $request->id) + ->where('id', $r->id) ->get(); $mod = 0; @@ -650,7 +650,7 @@ class SiteController extends Controller { } return DB::table('blg_comments') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ 'isDeleted' => $mod ]); @@ -658,7 +658,7 @@ class SiteController extends Controller { else if ($valid['blg_delowncomment'] == 1 && $owner[0]->user_id == $check) { $get = DB::table('blg_comments') ->select('isDeleted') - ->where('id', $request->id) + ->where('id', $r->id) ->get(); foreach ($get as $i) { @@ -666,7 +666,7 @@ class SiteController extends Controller { } return DB::table('blg_comments') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ 'isDeleted' => 1 ]); @@ -677,19 +677,19 @@ class SiteController extends Controller { } } - public function voteComment(Request $request) { // /api/rpc/site/comment/vote - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function voteComment(Request $r) { // /api/rpc/site/comment/vote + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return \Response::json(array('error' => 'ログインされませんでした。')); } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['blg_addcomment'] == 1) { $get = DB::table('blg_comments') ->select('votes') - ->where('id', $request->id) + ->where('id', $r->id) ->get(); $mod = 0; @@ -699,9 +699,9 @@ class SiteController extends Controller { } return DB::table('blg_comments') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'votes' => $request->votemod + 'votes' => $r->votemod ]); } else { @@ -771,8 +771,8 @@ class SiteController extends Controller { ->get(); } - public function getPage($slug, Request $request) { // /api/rpc/site/page/get/slug/slug - $valid = $this->objAuth->getPermissions($request->username, $request->password); + public function getPage($slug, Request $r) { // /api/rpc/site/page/get/slug/slug + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['blg_editpage'] == 1) { return DB::table('blg_content') @@ -793,14 +793,14 @@ class SiteController extends Controller { } } - public function newPage(Request $request) { // /api/rpc/site/page/new - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function newPage(Request $r) { // /api/rpc/site/page/new + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return \Response::json(array('error' => 'ログインされませんでした。')); } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['blg_addpage'] == 1) { $lorder = DB::table('blg_content') @@ -813,14 +813,14 @@ class SiteController extends Controller { ->insert([ 'user_id' => 0, 'isPost' => 0, - 'title' => $request->title, - 'slug' => $request->slug, + 'title' => $r->title, + 'slug' => $r->slug, 'post_date' => 0, 'publish_date' => 0, - 'sortorder' => ($request->isMenu == 1 ? $lorder : 0), - 'public_status' => $request->public_status, - 'isMenu' => ($request->isMenu ? 1 : 0), - 'message' => $request->message + 'sortorder' => ($r->isMenu == 1 ? $lorder : 0), + 'public_status' => $r->public_status, + 'isMenu' => ($r->isMenu ? 1 : 0), + 'message' => $r->message ]); return \Response::json($add); @@ -831,24 +831,24 @@ class SiteController extends Controller { } } - public function editPage(Request $request) { // /api/rpc/site/page/edit - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editPage(Request $r) { // /api/rpc/site/page/edit + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return \Response::json(array('error' => 'ログインされませんでした。')); } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['blg_editpage'] == 1) { return DB::table('blg_content') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'title' => $request->title, - 'slug' => $request->slug, - 'public_status' => $request->public_status, - 'isMenu' => $request->isMenu, - 'message' => $request->message + 'title' => $r->title, + 'slug' => $r->slug, + 'public_status' => $r->public_status, + 'isMenu' => $r->isMenu, + 'message' => $r->message ]); } else { @@ -857,17 +857,17 @@ class SiteController extends Controller { } } - public function deletePage(Request $request) { // /api/rpc/site/page/delete - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function deletePage(Request $r) { // /api/rpc/site/page/delete + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return \Response::json(array('error' => 'ログインされませんでした。')); } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['blg_delpage'] == 1) { - return DB::table('blg_content')->where('id', $request->id)->delete(); + return DB::table('blg_content')->where('id', $r->id)->delete(); } else { return \Response::json(array('error' => '不許可。')); @@ -893,19 +893,19 @@ class SiteController extends Controller { return false; } - public function newPortfolioCategory(Request $request) { // /api/rpc/site/portfolio/newcategory + public function newPortfolioCategory(Request $r) { // /api/rpc/site/portfolio/newcategory return false; } - public function editPortfolioCategory(Request $request) { // /api/rpc/site/portfolio/editcategory + public function editPortfolioCategory(Request $r) { // /api/rpc/site/portfolio/editcategory return false; } - public function removePortfolioCategory(Request $request) { // /api/rpc/site/portfolio/removecategory + public function removePortfolioCategory(Request $r) { // /api/rpc/site/portfolio/removecategory return false; } - public function deletePortfolioCategory(Request $request) { // /api/rpc/site/portfolio/deletecategory + public function deletePortfolioCategory(Request $r) { // /api/rpc/site/portfolio/deletecategory return false; } @@ -918,19 +918,19 @@ class SiteController extends Controller { return false; } - public function newPortfolioItem(Request $request) { // /api/rpc/site/portfolio/newitem + public function newPortfolioItem(Request $r) { // /api/rpc/site/portfolio/newitem return false; } - public function editPortfolioItem(Request $request) { // /api/rpc/site/portfolio/edititem + public function editPortfolioItem(Request $r) { // /api/rpc/site/portfolio/edititem return false; } - public function removePortfolioItem(Request $request) { // /api/rpc/site/portfolio/removeitem + public function removePortfolioItem(Request $r) { // /api/rpc/site/portfolio/removeitem return false; } - public function deletePortfolioItem(Request $request) { // /api/rpc/site/portfolio/deleteitem + public function deletePortfolioItem(Request $r) { // /api/rpc/site/portfolio/deleteitem return false; } @@ -941,17 +941,17 @@ class SiteController extends Controller { ->get(); } - public function setSettings(Request $request) { // /api/rpc/site/admin/setsettings + public function setSettings(Request $r) { // /api/rpc/site/admin/setsettings return DB::table('blg_settings') ->update([ - 'sitename' => $request->sitename, - 'description' => $request->description, - 'tags' => $request->tags, - 'blog_status' => $request->blog_status, - 'homepage' => $request->homepage, - 'announcement' => $request->announcement, - 'theme' => $request->theme, - 'locale' => $request->locale + 'sitename' => $r->sitename, + 'description' => $r->description, + 'tags' => $r->tags, + 'blog_status' => $r->blog_status, + 'homepage' => $r->homepage, + 'announcement' => $r->announcement, + 'theme' => $r->theme, + 'locale' => $r->locale ]); } } diff --git a/app/Http/Controllers/StoreController.php b/app/Http/Controllers/StoreController.php index eb39cc8..7650d69 100644 --- a/app/Http/Controllers/StoreController.php +++ b/app/Http/Controllers/StoreController.php @@ -39,20 +39,20 @@ class StoreController extends Controller { )); } - public function newGame(Request $request) { // /api/rpc/store/games/newgame + public function newGame(Request $r) { // /api/rpc/store/games/newgame $add = DB::table('str_games') ->insert([ - 'name' => $request->name + 'name' => $r->name ]); return \Response::json($add); } - public function editGame(Request $request) { // /api/rpc/store/games/editgame + public function editGame(Request $r) { // /api/rpc/store/games/editgame return DB::table('str_games') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'name' => $request->name + 'name' => $r->name ]); } @@ -141,23 +141,23 @@ class StoreController extends Controller { )); } - public function newCategory(Request $request) { // /api/rpc/store/category/newcategory + public function newCategory(Request $r) { // /api/rpc/store/category/newcategory $add = DB::table('str_category') ->insert([ - 'name' => $request->name, - 'game_id' => $request->game_id, - 'min_screenshots' => $request->min_screenshots + 'name' => $r->name, + 'game_id' => $r->game_id, + 'min_screenshots' => $r->min_screenshots ]); return \Response::json($add); } - public function editCategory(Request $request) { // /api/rpc/store/category/editcategory + public function editCategory(Request $r) { // /api/rpc/store/category/editcategory return DB::table('str_category') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'name' => $request->name, - 'min_screenshots' => $request->min_screenshots + 'name' => $r->name, + 'min_screenshots' => $r->min_screenshots ]); } @@ -313,10 +313,10 @@ class StoreController extends Controller { ->get(); } - public function updateDownloadCount(Request $request) { // /api/rpc/store/entry/updatedownloadcount + public function updateDownloadCount(Request $r) { // /api/rpc/store/entry/updatedownloadcount return DB::table('str_file') - ->where('id', $request->id) - ->update(['downloads', $request->downloads]); + ->where('id', $r->id) + ->update(['downloads', $r->downloads]); } public function FileSizeConvert($bytes) { @@ -479,8 +479,8 @@ class StoreController extends Controller { ->count(); } - public function makedir(Request $request) { - $id = $request->id; + public function makedir(Request $r) { + $id = $r->id; if (!mkdir($this->storePath.'/'.$id, 0755, true)) { Log::error('File MKDIR failed: '); @@ -493,29 +493,29 @@ class StoreController extends Controller { } } - public function uploadEntry(Request $request) { // /api/rpc/store/entry/upload + public function uploadEntry(Request $r) { // /api/rpc/store/entry/upload header('Access-Control-Allow-Origin: *'); - $id = $request->id; + $id = $r->id; - Log::info('Name: '.$request->file('imgfile')); //TMP - Log::info('Type: '.gettype($request->file('imgfile'))); // TMP + Log::info('Name: '.$r->file('imgfile')); //TMP + Log::info('Type: '.gettype($r->file('imgfile'))); // TMP - $request->file('upfile')->move(public_path('storage/store'.$id), $request->file('imgfile')->getClientOriginalName); - $request->file('imgfile')->move(public_path('storage/store'.$id.'/screens'), $request->file('imgfile')->getClientOriginalName); + $r->file('upfile')->move(public_path('storage/store'.$id), $r->file('imgfile')->getClientOriginalName); + $r->file('imgfile')->move(public_path('storage/store'.$id.'/screens'), $r->file('imgfile')->getClientOriginalName); exit(); // TMP $add = DB::table('str_file') ->insert([ - 'game_id' => intval($request->game_id), - 'cat_id' => intval($request->cat_id), - 'title' => $request->title, - 'version' => $request->version, - 'video' => (!empty($request->video) ? $request->video : ''), - 'description' => $request->description, + 'game_id' => intval($r->game_id), + 'cat_id' => intval($r->cat_id), + 'title' => $r->title, + 'version' => $r->version, + 'video' => (!empty($r->video) ? $r->video : ''), + 'description' => $r->description, 'changelog' => '', - 'warningnote' => (!empty($request->warningnote) ? $request->warningnote : ''), - 'submit_date' => intval($request->submit_date), + 'warningnote' => (!empty($r->warningnote) ? $r->warningnote : ''), + 'submit_date' => intval($r->submit_date), 'last_date' => intval(0), 'views' => intval(0), 'downloads' => intval(0), @@ -530,29 +530,29 @@ class StoreController extends Controller { return \Response::json($add); } - public function updateEntry(Request $request) { // /api/rpc/store/entry/update + public function updateEntry(Request $r) { // /api/rpc/store/entry/update return DB::table('str_file') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'cat_id' => $request->cat_id, - 'title' => $request->title, - 'version' => $request->version, - 'description' => $request->description, - 'changelog' => $request->changelog, - 'warningnote' => $request->warningnote, - 'last_date' => $request->last_date + 'cat_id' => $r->cat_id, + 'title' => $r->title, + 'version' => $r->version, + 'description' => $r->description, + 'changelog' => $r->changelog, + 'warningnote' => $r->warningnote, + 'last_date' => $r->last_date ]); } - public function restoreEntry(Request $request) { // /api/rpc/store/entry/restore + public function restoreEntry(Request $r) { // /api/rpc/store/entry/restore return DB::table('str_file') - ->where('id', $request->id) + ->where('id', $r->id) ->update(['isApproved' => 1]); } - public function removeEntry(Request $request) { // /api/rpc/store/entry/remove + public function removeEntry(Request $r) { // /api/rpc/store/entry/remove return DB::table('str_file') - ->where('id', $request->id) + ->where('id', $r->id) ->update(['isApproved' => 0]); } diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php index 451ceed..83f1d10 100644 --- a/app/Http/Controllers/UserController.php +++ b/app/Http/Controllers/UserController.php @@ -105,20 +105,20 @@ class UserController extends Controller { return $res; } - public function updateUserStatus(Request $request) { // /api/rpc/user/user/updateuserstatus - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function updateUserStatus(Request $r) { // /api/rpc/user/user/updateuserstatus + $check = $this->objAuth->checkLegit($r->kero_token); if ($check != 0) { return DB::table('usr_profile') ->where('user_id', $check) ->update([ - 'ostatus' => $request->ostatus + 'ostatus' => $r->ostatus ]); } } - public function updateUserOnline(Request $request) { // /api/rpc/user/user/updateuseronline - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function updateUserOnline(Request $r) { // /api/rpc/user/user/updateuseronline + $check = $this->objAuth->checkLegit($r->kero_token); if ($check != 0) { return DB::table('usr_details') @@ -129,7 +129,7 @@ class UserController extends Controller { } } - public function getUsers(Request $request) { // /api/rpc/user/user/getusers + public function getUsers(Request $r) { // /api/rpc/user/user/getusers $getting = array( 'users.id', 'usr_perm_module.name as group_name', @@ -143,7 +143,7 @@ class UserController extends Controller { 'usr_profile.country' ); - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['usr_emailshow'] == 1) { array_push($getting, 'users.email'); @@ -162,7 +162,7 @@ class UserController extends Controller { ->get($getting); } - public function getUser($id, Request $request) { // /api/rpc/user/user/getuser/id/uid + public function getUser($id, Request $r) { // /api/rpc/user/user/getuser/id/uid $getting = array( 'users.id', 'users.username', @@ -194,8 +194,8 @@ class UserController extends Controller { 'usr_contacts.twitter' ); - $check = $this->objAuth->checkLegit($request->username, $request->password); - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $check = $this->objAuth->checkLegit($r->kero_token); + $valid = $this->objAuth->getPermissions($r->kero_token); $cols = $this->getGroupColours()->toArray(); if ($valid['usr_editother'] == 1 || $id == $check) { @@ -372,8 +372,8 @@ class UserController extends Controller { ->first()->total_threads; } - public function addOwner(Request $request) { // /api/rpc/user/owner/addowner - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function addOwner(Request $r) { // /api/rpc/user/owner/addowner + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; @@ -381,16 +381,16 @@ class UserController extends Controller { else { $add = DB::table('str_owners') ->insert([ - 'user_id' => $request->user_id, - 'file_id' => $request->file_id + 'user_id' => $r->user_id, + 'file_id' => $r->file_id ]); return \Response::json($add); } } - public function updateTotalPostCount(Request $request) { // /api/rpc/user/user/updatetotalpostcount - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function updateTotalPostCount(Request $r) { // /api/rpc/user/user/updatetotalpostcount + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; @@ -407,20 +407,20 @@ class UserController extends Controller { } } - public function updateTotalTopicCount(Request $request) { // /api/rpc/user/user/updatetotaltopiccount - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function updateTotalTopicCount(Request $r) { // /api/rpc/user/user/updatetotaltopiccount + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $getPC = $this->getTotalPostCount($request->user_id); - $getTC = $this->getTotalTopicCount($request->user_id); + $getPC = $this->getTotalPostCount($r->user_id); + $getTC = $this->getTotalTopicCount($r->user_id); $getPC++; $getTC++; return DB::table('usr_details') - ->where('user_id', $request->user_id) + ->where('user_id', $r->user_id) ->update([ 'total_posts' => $getPC, 'total_threads' => $getTC @@ -445,21 +445,21 @@ class UserController extends Controller { return $res; } - public function avatarUpload(Request $request) { // /api/rpc/user/user/avatarupload - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function avatarUpload(Request $r) { // /api/rpc/user/user/avatarupload + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); $user = 0; - if ($valid['usr_editother'] == 1) $user = $request->id; + if ($valid['usr_editother'] == 1) $user = $r->id; else $user = $check; if ($valid['usr_editprofile'] == 1) { - if (isset($request->filename)) { + if (isset($r->filename)) { if (!is_dir("assets/avatars/".$check)) { if (!mkdir("assets/avatars/".$check, 0755, true)) { return "Could not make folder ".$check."
"; @@ -467,22 +467,22 @@ class UserController extends Controller { } $img_dir = "assets/avatars/".$check."/"; - $image = $img_dir . $request->filename; + $image = $img_dir . $r->filename; $imageFileType = array( 'image/png', 'image/jpeg', 'image/gif' ); - if (!in_array($request->filetype, $imageFileType)) { + if (!in_array($r->filetype, $imageFileType)) { return "Only JPG, PNG, JPEG, and GIF are allowed."; } - $fname = 'assets/avatars/'.$user.'/'.$request->filename; - $data = base64_decode(preg_replace('#^data:image/\w+;base64,#i', '', $request->thefile)); + $fname = 'assets/avatars/'.$user.'/'.$r->filename; + $data = base64_decode(preg_replace('#^data:image/\w+;base64,#i', '', $r->thefile)); Storage::disk('public')->put($fname, $data); - return $request->filename; + return $r->filename; } } else { @@ -491,77 +491,77 @@ class UserController extends Controller { } } - public function editUser(Request $request) { // /api/rpc/user/user/edit - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editUser(Request $r) { // /api/rpc/user/user/edit + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['usr_editprofile'] == 1) { - if (isset($request->newPassword)) { + if (isset($r->newPassword)) { DB::table('users') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'password' => $request->newPassword + 'password' => $r->newPassword ]); } - if (isset($request->email)) { + if (isset($r->email)) { DB::table('users') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ - 'email' => $request->email + 'email' => $r->email ]); } if ( - isset($request->website_link) || - isset($request->website_name) || - isset($request->youtube_link) || - isset($request->youtube_name) || - isset($request->niconico) || - isset($request->pixiv) || - isset($request->discord) || - isset($request->mastodon) || - isset($request->twitter) + isset($r->website_link) || + isset($r->website_name) || + isset($r->youtube_link) || + isset($r->youtube_name) || + isset($r->niconico) || + isset($r->pixiv) || + isset($r->discord) || + isset($r->mastodon) || + isset($r->twitter) ) { DB::table('usr_contacts') - ->where('user_id', $request->id) + ->where('user_id', $r->id) ->update([ - 'website_link' => ($request->website_link != '' ? $request->website_link : ''), - 'website_name' => ($request->website_name != '' ? $request->website_name : ''), - 'youtube_link' => ($request->youtube_link != '' ? $request->youtube_link : ''), - 'youtube_name' => ($request->youtube_name != '' ? $request->youtube_name : ''), - 'niconico' => ($request->niconico != '' ? $request->niconico : ''), - 'pixiv' => ($request->pixiv != '' ? $request->pixiv : ''), - 'discord' => ($request->discord != '' ? $request->discord : ''), - 'mastodon' => ($request->mastodon != '' ? $request->mastodon : ''), - 'twitter' => ($request->twitter != '' ? $request->twitter : '') + 'website_link' => ($r->website_link != '' ? $r->website_link : ''), + 'website_name' => ($r->website_name != '' ? $r->website_name : ''), + 'youtube_link' => ($r->youtube_link != '' ? $r->youtube_link : ''), + 'youtube_name' => ($r->youtube_name != '' ? $r->youtube_name : ''), + 'niconico' => ($r->niconico != '' ? $r->niconico : ''), + 'pixiv' => ($r->pixiv != '' ? $r->pixiv : ''), + 'discord' => ($r->discord != '' ? $r->discord : ''), + 'mastodon' => ($r->mastodon != '' ? $r->mastodon : ''), + 'twitter' => ($r->twitter != '' ? $r->twitter : '') ]); } - if (isset($request->group) && $valid['usr_editother']) { + if (isset($r->group) && $valid['usr_editother']) { DB::table('usr_perm_id') - ->where('user_id', $request->id) + ->where('user_id', $r->id) ->update([ - 'perm_id' => $request->group + 'perm_id' => $r->group ]); } - if (isset($request->avatar)) { + if (isset($r->avatar)) { DB::table('usr_profile') - ->where('user_id', $request->id) + ->where('user_id', $r->id) ->update([ - 'avatar' => ($request->avatar != '' ? $request->avatar : '') + 'avatar' => ($r->avatar != '' ? $r->avatar : '') ]); } - if (isset($request->avatarRemove)) { - if ($request->avatarRemove) { + if (isset($r->avatarRemove)) { + if ($r->avatarRemove) { DB::table('usr_profile') - ->where('user_id', $request->id) + ->where('user_id', $r->id) ->update([ 'avatar' => '' ]); @@ -569,28 +569,28 @@ class UserController extends Controller { } if ( - isset($request->gender) || - isset($request->aboutSelf) || - isset($request->signature) || - isset($request->poststyle) || - isset($request->nameStyle) || - isset($request->displayName) || - isset($request->memberTitle) || - isset($request->birthDay) || - isset($request->country) + isset($r->gender) || + isset($r->aboutSelf) || + isset($r->signature) || + isset($r->poststyle) || + isset($r->nameStyle) || + isset($r->displayName) || + isset($r->memberTitle) || + isset($r->birthDay) || + isset($r->country) ) { DB::table('usr_profile') - ->where('user_id', $request->id) + ->where('user_id', $r->id) ->update([ - 'gender' => $request->gender, - 'bio' => ($request->aboutSelf != '' ? $request->aboutSelf : ''), - 'post_style' => ($request->poststyle != '' ? $request->poststyle : ''), - 'signature' => ($request->signature != '' ? $request->signature : ''), - 'name_style' => ($request->nameStyle != '' ? $request->nameStyle : ''), - 'display_name' => ($request->displayName != '' ? $request->displayName : ''), - 'member_title' => ($request->memberTitle != '' ? $request->memberTitle : ''), - 'birthday' => ($request->birthDay != 0 ? $request->birthDay : 0), - 'country' => $request->country + 'gender' => $r->gender, + 'bio' => ($r->aboutSelf != '' ? $r->aboutSelf : ''), + 'post_style' => ($r->poststyle != '' ? $r->poststyle : ''), + 'signature' => ($r->signature != '' ? $r->signature : ''), + 'name_style' => ($r->nameStyle != '' ? $r->nameStyle : ''), + 'display_name' => ($r->displayName != '' ? $r->displayName : ''), + 'member_title' => ($r->memberTitle != '' ? $r->memberTitle : ''), + 'birthday' => ($r->birthDay != 0 ? $r->birthDay : 0), + 'country' => $r->country ]); } @@ -608,9 +608,9 @@ class UserController extends Controller { ->count(); } - public function getComments ($id, Request $request) { // /api/rpc/user/comment/get/id + public function getComments ($id, Request $r) { // /api/rpc/user/comment/get/id $cols = $this->getGroupColours()->toArray(); - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['usr_viewcomment'] == 1) { $come = array(); @@ -629,7 +629,7 @@ class UserController extends Controller { // Foreach, new getter but check on replies, and only if isDel is 0. foreach ($get as $g) { - $user = $this->getUser($g->user_id, $request)->toArray(); + $user = $this->getUser($g->user_id, $r)->toArray(); $showName = ""; $showCol = ""; @@ -675,9 +675,9 @@ class UserController extends Controller { } } - public function getReplies ($id, Request $request) { // /api/rpc/user/comment/reply/id + public function getReplies ($id, Request $r) { // /api/rpc/user/comment/reply/id $cols = $this->getGroupColours()->toArray(); - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['usr_viewcomment'] == 1) { $come = array(); @@ -696,7 +696,7 @@ class UserController extends Controller { // Foreach, new getter but check on replies, and only if isDel is 0. foreach ($get as $g) { - $user = $this->getUser($g->user_id, $request)->toArray(); + $user = $this->getUser($g->user_id, $r)->toArray(); $showName = ""; $showCol = ""; @@ -743,28 +743,28 @@ class UserController extends Controller { } } - public function addComment (Request $request) { // /api/rpc/user/comment/add - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function addComment (Request $r) { // /api/rpc/user/comment/add + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['usr_addcomment'] == 1) { $add = DB::table('usr_comments') ->insertGetId([ 'user_id' => $check, - 'profile_id' => $request->profile_id, - 'reply_id' => ($request->reply_id > 0 ? $request->reply_id : 0), + 'profile_id' => $r->profile_id, + 'reply_id' => ($r->reply_id > 0 ? $r->reply_id : 0), 'postdate' => time(), - 'message' => $request->message, + 'message' => $r->message, 'isEdit' => 0, 'isDel' => 0 ]); - if ($check != $request->profile_id) $this->addNotification($request, $request->profile_id, 2, '新規プロファイルコメント', 'profile/'.$request->profile_id, 'comment-'.$add); + if ($check != $r->profile_id) $this->addNotification($r, $r->profile_id, 2, '新規プロファイルコメント', 'profile/'.$r->profile_id, 'comment-'.$add); return \Response::json($add); } @@ -774,20 +774,20 @@ class UserController extends Controller { } } - public function editComment (Request $request) { // /api/rpc/user/comment/edit - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function editComment (Request $r) { // /api/rpc/user/comment/edit + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['usr_editowncomment'] == 1) { DB::table('usr_comments') - ->where('profile_id', $request->profile_id) + ->where('profile_id', $r->profile_id) ->update([ - 'message' => $request->message, + 'message' => $r->message, 'isEdit' => 1 ]); @@ -799,18 +799,18 @@ class UserController extends Controller { } } - public function deleteComment (Request $request) { // /api/rpc/user/comment/delete - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function deleteComment (Request $r) { // /api/rpc/user/comment/delete + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['usr_delcomment'] == 1) { DB::table('usr_comments') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ 'isDel' => 1 ]); @@ -823,18 +823,18 @@ class UserController extends Controller { } } - public function undeleteComment (Request $request) { // /api/rpc/user/comment/undelete - $check = $this->objAuth->checkLegit($request->username, $request->password); + public function undeleteComment (Request $r) { // /api/rpc/user/comment/undelete + $check = $this->objAuth->checkLegit($r->kero_token); if ($check == 0) { return 'Err!'; } else { - $valid = $this->objAuth->getPermissions($request->username, $request->password); + $valid = $this->objAuth->getPermissions($r->kero_token); if ($valid['usr_delcomment'] == 1) { DB::table('usr_comments') - ->where('id', $request->id) + ->where('id', $r->id) ->update([ 'isDel' => 0 ]); @@ -848,7 +848,7 @@ class UserController extends Controller { } public function getNotification(Request $r) { // /api/rpc/user/notification/get - $check = $this->objAuth->checkLegit($r->username, $r->password); + $check = $this->objAuth->checkLegit($r->kero_token); if ($check != 0) { $get = DB::table('usr_notification') @@ -878,7 +878,7 @@ class UserController extends Controller { } public function addNotification(Request $r, $uid, $aid, $txt, $sec, $goto) { // /api/rpc/user/notification/add - $check = $this->objAuth->checkLegit($r->username, $r->password); + $check = $this->objAuth->checkLegit($r->kero_token); if ($check != 0) { $add = DB::table('usr_notification') @@ -895,7 +895,7 @@ class UserController extends Controller { } public function delNotification(Request $r) { // /api/rpc/user/notification/del - $check = $this->objAuth->checkLegit($r->username, $r->password); + $check = $this->objAuth->checkLegit($r->kero_token); if ($check != 0) { return DB::table('usr_notification')