DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2112 Commits
3 Branches
110MB
Tree: 0d7e7887a8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0d7e7887a8'
${ noResults }
DedeV6/src/user/api.php

280 lines
9.3KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * @version        $id:api.php 8:38 2010年7月9日 tianya $

  4.  * @package        DedeBIZ.User

  5.  * @copyright      Copyright (c) 2022 DedeBIZ.COM

  6.  * @license        GNU GPL v2 (https://www.dedebiz.com/license)

  7.  * @link           https://www.dedebiz.com

  8.  */

  9. define('AJAXLOGIN', TRUE);

  10. define('IS_DEDEAPI', TRUE);

  11. require_once(dirname(__FILE__)."/config.php");

  12. AjaxHead();

  13. $action = isset($action)? $action : '';

  14. if ($action === 'is_need_check_code') {

  15.     $isNeed = $cfg_ml->isNeedCheckCode($userid);

  16.     echo json_encode(array(

  17.         "code" => 0,

  18.         "msg" => "",

  19.         "data" => array(

  20.             "isNeed" => $isNeed,

  21.         ),

  22.     ));

  23.     exit;

  24. } else if ($action === 'get_old_email') {

  25.     $oldpwd = isset($oldpwd)? $oldpwd : '';

  26.     if (empty($oldpwd)) {

  27.         echo json_encode(array(

  28.             "code" => -1,

  29.             "msg" => "旧密码不能为空",

  30.             "data" => null,

  31.         ));

  32.         exit;

  33.     }

  34.     $row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE mid='".$cfg_ml->M_ID."' ");

  35.     if (function_exists('password_hash') && !empty($row['pwd_new'])) {

  36.         if (!is_array($row) || !password_verify($oldpwd, $row['pwd_new'])) {

  37.             echo json_encode(array(

  38.                 "code" => -1,

  39.                 "msg" => "旧密码校验错误",

  40.                 "data" => null,

  41.             ));

  42.             exit;

  43.         }

  44.     } else {

  45.         if (!is_array($row) || $row['pwd'] != md5($oldpwd)) {

  46.             echo json_encode(array(

  47.                 "code" => -1,

  48.                 "msg" => "旧密码校验错误",

  49.                 "data" => null,

  50.             ));

  51.             exit;

  52.         }

  53.     }

  54.     echo json_encode(array(

  55.         "code" => 0,

  56.         "msg" => "",

  57.         "data" => array(

  58.             "email" => $row['email'],

  59.         ),

  60.     ));

  61. } else if ($action === 'upload') {

  62.     if (!$cfg_ml->IsLogin()) {

  63.         echo json_encode(array(

  64.             "code" => -1,

  65.             "uploaded" => 0,

  66.             "error" => array(

  67.                 "message" => "请登录会员中心",

  68.             ),

  69.         ));

  70.         exit;

  71.     }

  72.     if ($cfg_ml->CheckUserSpaceIsFull()) {

  73.         echo json_encode(array(

  74.             "code" => -1,

  75.             "uploaded" => 0,

  76.             "error" => array(

  77.                 "message" => "您的空间已满,禁止上传新文件",

  78.             ),

  79.         ));

  80.         exit;

  81.     }

  82.     $target_dir = "uploads/";//上传目录

  83.     $type = isset($type)? $type : '';

  84.     //获取允许的扩展

  85.     $mediatype = 0;

  86.     $allowedTypes = array();

  87.     if ($type == 'litpic' || $type == 'face') {

  88.         $mediatype = 1;

  89.         $imgtypes = explode("|", $cfg_imgtype);

  90.         foreach ($imgtypes as $value) {

  91.             $allowedTypes[] = GetMimeTypeOrExtension($value);

  92.         }

  93.     } else if ($type == 'soft') {

  94.         $mediatype = 4;

  95.         $softtypes = explode("|", $cfg_softtype);

  96.         foreach ($softtypes as $value) {

  97.             $allowedTypes[] = GetMimeTypeOrExtension($value);

  98.         }

  99.     } else if ($type == 'media') {

  100.         $mediatype = 3;

  101.         $mediatypes = explode("|", $cfg_mediatype);

  102.         foreach ($mediatypes as $value) {

  103.             $allowedTypes[] = GetMimeTypeOrExtension($value);

  104.         }

  105.     } else {

  106.         echo json_encode(array(

  107.             "code" => -1,

  108.             "uploaded" => 0,

  109.             "error" => array(

  110.                 "message" => "未定义文件类型",

  111.             ),

  112.         ));

  113.         exit;

  114.     }

  115.     $ff = isset($_FILES['file'])? $_FILES['file'] : $_FILES['imgfile'];

  116.     $uploadedFile = $ff['tmp_name'];

  117.     if (!function_exists('mime_content_type')) {

  118.         echo json_encode(array(

  119.             "code" => -1,

  120.             "uploaded" => 0,

  121.             "error" => array(

  122.                 "message" => "系统不支持fileinfo组件,建议php.ini中开启",

  123.             ),

  124.         ));

  125.         exit;

  126.     }

  127.     $fileType = mime_content_type($uploadedFile);

  128.     if (!in_array($fileType, $allowedTypes)) {

  129.         echo json_encode(array(

  130.             "code" => -1,

  131.             "uploaded" => 0,

  132.             "error" => array(

  133.                 "message" => "不支持该文件格式",

  134.             ),

  135.         ));

  136. 

  137.         exit;

  138.     }

  139.     //获取扩展名

  140.     $exts = GetMimeTypeOrExtension($fileType, 1);

  141.     $width = 0;

  142.     $height = 0;

  143.     if ($mediatype === 1) {

  144.         $imgSize = getimagesize($uploadedFile);

  145.         if (!$imgSize) {

  146.             echo json_encode(array(

  147.                 "code" => -1,

  148.                 "uploaded" => 0,

  149.                 "error" => array(

  150.                     "message" => "无法获取图片正常尺寸",

  151.                 ),

  152.             ));

  153.             exit;

  154.         }

  155.         $width = $imgSize[0];

  156.         $height = $imgSize[1];

  157.     }

  158.     if (!is_dir($cfg_basedir.$cfg_user_dir."/{$cfg_ml->M_ID}")) {

  159.         MkdirAll($cfg_basedir.$cfg_user_dir."/{$cfg_ml->M_ID}", $cfg_dir_purview);

  160.     }

  161.     //头像特殊处理

  162.     $fsize = filesize($ff["tmp_name"]);

  163.     if ($type === "face") {

  164.         $target_file = $cfg_basedir.$cfg_user_dir."/{$cfg_ml->M_ID}/newface.png";

  165.         $target_url = $cfg_mediasurl.'/userup'."/{$cfg_ml->M_ID}/newface.png";

  166.         if ($fsize > ($cfg_max_face * 1024)) {

  167.             echo json_encode(array(

  168.                 "code" => -1,

  169.                 "uploaded" => 0,

  170.                 "error" => array(

  171.                     "message" => "上传头像不能超过{$cfg_max_face}KB",

  172.                 ),

  173.                 $rkey => null,

  174.             ));

  175.             exit;

  176.         }

  177.     } else {

  178.         if ($fsize > ($cfg_mb_upload_size * 1024)) {

  179.             echo json_encode(array(

  180.                 "code" => -1,

  181.                 "uploaded" => 0,

  182.                 "error" => array(

  183.                     "message" => "上传头像不能超过{$cfg_max_face}KB",

  184.                 ),

  185.                 $rkey => null,

  186.             ));

  187.             exit;

  188.         }

  189.         $nowtme = time();

  190.         $rnd = $nowtme.'-'.mt_rand(1000,9999);

  191.         $target_file = $cfg_basedir.$cfg_user_dir."/{$cfg_ml->M_ID}/".$rnd.".".$exts;

  192.         $target_url = $cfg_mediasurl.'/userup'."/{$cfg_ml->M_ID}/".$rnd.".".$exts;

  193.         $row = $dsql->GetOne("SELECT aid,title,url FROM `#@__uploads` WHERE url LIKE '$target_url' AND mid='".$cfg_ml->M_ID."'; ");

  194.         $uptime = time();

  195.         if (is_array($row)) {

  196.             $query = "UPDATE `#@__uploads` SET mediatype={$mediatype},width='{$width}',height='{$height}',filesize='{$fsize}',uptime='$uptime' WHERE aid='{$row['aid']}'; ";

  197.             $dsql->ExecuteNoneQuery($query);

  198.         } else {

  199.             $inquery = "INSERT INTO `#@__uploads`(url,mediatype,width,height,playtime,filesize,uptime,mid) VALUES ('$target_url','$mediatype','".$width."','".$height."','0','".$fsize."','$uptime','".$cfg_ml->M_ID."'); ";

  200.             $dsql->ExecuteNoneQuery($inquery);

  201.         }

  202.     }

  203.     $rkey = $ck == 1? "url" : "data";

  204.     if (move_uploaded_file($ff["tmp_name"], $target_file)) {

  205.         if ($mediatype === 1) {

  206.             //图片自动裁剪

  207.             require_once DEDEINC."/libraries/imageresize.class.php";

  208.             try {

  209.                 $image = new ImageResize($target_file);

  210.                 if ($type === "face") {

  211.                     $image->crop(150, 150);

  212.                 } else {

  213.                     $image->resize($cfg_ddimg_width, $cfg_ddimg_height);

  214.                 }

  215.                 $image->save($target_file);

  216.                 echo json_encode(array(

  217.                     "code" => 0,

  218.                     "uploaded" => 1,

  219.                     "msg" => "上传成功",

  220.                     $rkey => $target_url,

  221.                 ));

  222.             } catch (ImageResizeException $e) {

  223.                 echo json_encode(array(

  224.                     "code" => -1,

  225.                     "uploaded" => 0,

  226.                     "error" => array(

  227.                         "message" => "自动裁剪图片失败",

  228.                     ),

  229.                     $rkey => null,

  230.                 ));

  231.             }

  232.         } else {

  233.             echo json_encode(array(

  234.                 "code" => 0,

  235.                 "uploaded" => 1,

  236.                 "msg" => "上传成功",

  237.                 $rkey => $target_url,

  238.             ));

  239.         }

  240.     } else {

  241.         echo json_encode(array(

  242.             "code" => -1,

  243.             "uploaded" => 0,

  244.             "error" => array(

  245.                 "message" => "上传失败",

  246.             ),

  247.             $rkey => null,

  248.         ));

  249.     }

  250. } else {

  251.     $format = isset($format) ? "json" : "";

  252.     if (!$cfg_ml->IsLogin()) {

  253.         if ($format === 'json') {

  254.             echo json_encode(array(

  255.                 "code" => -1,

  256.                 "msg" => "请登录会员中心",

  257.                 $rkey => null,

  258.             ));

  259.         } else {

  260.             echo "";

  261.         }

  262.         exit;

  263.     }

  264.     $uid  = $cfg_ml->M_LoginID;

  265.     !$cfg_ml->fields['face'] && $face = ($cfg_ml->fields['sex'] == '女') ? 'dfgirl' : 'dfboy';

  266.     if ($format === 'json') {

  267.         echo json_encode(array(

  268.             "code" => 200,

  269.             "msg" => "",

  270.             "data" => array(

  271.                 "username" => $cfg_ml->M_UserName,

  272.                 "myurl" => $myurl,

  273.                 "facepic" => $cfg_ml->fields['face'],

  274.                 "memberurl" => $cfg_memberurl,

  275.             ),

  276.         ));

  277.         exit;

  278.     }

  279. }

  280. ?>