blessing-skin-server/ajax.php

247 lines
8.1 KiB
PHP
Raw Normal View History

<?php
/**
* @Author: printempw
* @Date: 2016-01-16 23:01:33
* @Last Modified by: prpr
2016-02-05 22:08:06 +08:00
* @Last Modified time: 2016-02-05 21:23:27
*
* - login, register, logout
* - upload, change, delete
*
* All ajax requests will be handled here
*/
2016-02-04 23:49:31 +08:00
session_start();
2016-01-17 10:53:10 +08:00
header('Access-Control-Allow-Origin: *');
header('Content-type: application/json');
2016-02-02 21:52:53 +08:00
$dir = dirname(__FILE__);
require "$dir/includes/autoload.inc.php";
database::checkConfig();
2016-02-02 21:52:53 +08:00
if (isset($_POST['uname'])) {
$uname = $_POST['uname'];
if (user::checkValidUname($uname)) {
$user = new user($_POST['uname']);
} else {
2016-02-05 22:08:06 +08:00
utils::raise(1, '无效的用户名。用户名只能包含数字,字母以及下划线。');
}
2016-01-17 15:15:56 +08:00
} else {
2016-02-05 22:08:06 +08:00
utils::raise('1', '空用户名。');
2016-01-17 15:15:56 +08:00
}
$action = isset($_GET['action']) ? $_GET['action'] : null;
$json = null;
/**
* Handle requests from index.php
*/
if ($action == "login") {
if (checkPost()) {
2016-02-02 21:52:53 +08:00
if (!$user->is_registered) {
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = "用户不存在哦";
} else {
2016-02-02 21:52:53 +08:00
if ($user->checkPasswd($_POST['passwd'])) {
$json['errno'] = 0;
2016-02-05 22:08:06 +08:00
$json['msg'] = '登录成功,欢迎回来~';
2016-02-02 21:52:53 +08:00
$json['token'] = $user->getToken();
$_SESSION['token'] = $user->getToken();
} else {
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = "用户名或密码不对哦";
}
}
}
2016-01-17 15:15:56 +08:00
} else if ($action == "register") {
2016-02-03 21:15:29 +08:00
if (checkPost('register')) {
2016-02-02 21:52:53 +08:00
if (!$user->is_registered) {
2016-02-03 21:15:29 +08:00
if (user::checkValidPwd($_POST['passwd'])) {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
// If amount of registered accounts of IP is more than allowed mounts,
2016-02-03 21:15:29 +08:00
// then reject the registration.
if ($user->db->getNumRows('ip', $ip) < REGS_PER_IP) {
// use once md5 to encrypt password
if ($user->register(md5($_POST['passwd']), $ip)) {
$json['errno'] = 0;
2016-02-05 22:08:06 +08:00
$json['msg'] = "注册成功~";
2016-02-03 21:15:29 +08:00
} else {
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = "出现了奇怪的错误。。请联系作者 :(";
2016-02-03 21:15:29 +08:00
}
2016-01-17 10:53:10 +08:00
} else {
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = "你最多只能注册 ".REGS_PER_IP." 个账户哦";
2016-01-17 10:53:10 +08:00
}
}
} else {
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = "这个用户名已经被人注册辣,换一个吧";
2016-01-17 10:53:10 +08:00
}
}
}
function checkPost() {
global $json;
if (!isset($_POST['passwd'])) {
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = "空密码。";
return false;
}
return true;
}
/**
* Handle request from user/index.php
*/
if ($action == "upload") {
2016-02-03 10:27:15 +08:00
if (utils::getValue('token', $_SESSION) == $user->getToken()) {
if (checkFile()) {
2016-02-02 21:52:53 +08:00
if ($file = utils::getValue('skin_file', $_FILES)) {
$model = (isset($_GET['model']) && $_GET['model'] == "steve") ? "steve" : "alex";
if ($user->setTexture($model, $file)) {
2016-02-03 10:32:48 +08:00
$json['skin']['errno'] = 0;
2016-02-05 22:08:06 +08:00
$json['skin']['msg'] = "皮肤上传成功!";
2016-01-17 10:53:10 +08:00
} else {
2016-02-03 10:32:48 +08:00
$json['skin']['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['skin']['msg'] = "出现了奇怪的错误。。请联系作者 :(";
2016-01-17 10:53:10 +08:00
}
}
2016-02-02 21:52:53 +08:00
if ($file = utils::getValue('cape_file', $_FILES)) {
if ($user->setTexture('cape', $file)) {
2016-02-03 10:32:48 +08:00
$json['cape']['errno'] = 0;
2016-02-05 22:08:06 +08:00
$json['cape']['msg'] = "披风上传成功!";
2016-01-17 10:53:10 +08:00
} else {
2016-02-03 10:32:48 +08:00
$json['cape']['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['cape']['msg'] = "出现了奇怪的错误。。请联系作者 :(";
2016-01-17 10:53:10 +08:00
}
}
}
} else {
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = "无效的 token请先登录。";
2016-01-17 10:53:10 +08:00
}
} else if ($action == "model") {
if (utils::getValue('token', $_SESSION) == $user->getToken()) {
$new_model = ($user->getPreference() == "default") ? "slim" : "default";
$user->setPreference($new_model);
2016-01-17 15:15:56 +08:00
$json['errno'] = 0;
2016-02-05 22:08:06 +08:00
$json['msg'] = "优先模型已经更改为 ".$user->getPreference()."";
2016-01-17 15:15:56 +08:00
} else {
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = "无效的 token请先登录。";
2016-01-17 15:15:56 +08:00
}
}
function checkFile() {
global $json;
2016-02-02 21:52:53 +08:00
if (!(utils::getValue('skin_file', $_FILES) || utils::getValue('cape_file', $_FILES))) {
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = "什么文件都没有诶?";
return false;
}
/**
* Check for skin_file
*/
2016-02-02 21:52:53 +08:00
if ((utils::getValue('skin_file', $_FILES)["type"] == "image/png") || (utils::getValue('skin_file', $_FILES)["type"] == "image/x-png")) {
// if error occured while uploading file
2016-02-02 21:52:53 +08:00
if (utils::getValue('skin_file', $_FILES)["error"] > 0) {
2016-01-17 12:20:09 +08:00
$json['errno'] = 1;
2016-02-02 21:52:53 +08:00
$json['msg'] = utils::getValue('skin_file', $_FILES)["error"];
return false;
}
} else {
2016-02-02 21:52:53 +08:00
if (utils::getValue('skin_file', $_FILES)) {
2016-01-17 15:15:56 +08:00
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = '错误的皮肤文件类型。';
2016-01-17 15:15:56 +08:00
return false;
} else {
2016-02-03 10:32:48 +08:00
$json['skin']['errno'] = 0;
2016-02-05 22:08:06 +08:00
$json['skin']['msg'] = '什么文件都没有诶?';
2016-01-17 15:15:56 +08:00
}
}
/**
* Check for cape_file
*/
2016-02-02 21:52:53 +08:00
if ((utils::getValue('cape_file', $_FILES)["type"] == "image/png") || (utils::getValue('cape_file', $_FILES)["type"] == "image/x-png")) {
// if error occured while uploading file
2016-02-02 21:52:53 +08:00
if (utils::getValue('cape_file', $_FILES)["error"] > 0) {
2016-01-17 12:20:09 +08:00
$json['errno'] = 1;
2016-02-02 21:52:53 +08:00
$json['msg'] = utils::getValue('cape_file', $_FILES)["error"];
return false;
}
} else {
2016-02-02 21:52:53 +08:00
if (utils::getValue('cape_file', $_FILES)) {
2016-01-17 15:15:56 +08:00
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = '错误的披风文件类型。';
2016-01-17 15:15:56 +08:00
return false;
} else {
2016-02-03 10:32:48 +08:00
$json['cape']['errno'] = 0;
2016-02-05 22:08:06 +08:00
$json['cape']['msg'] = '什么文件都没有诶?';
2016-01-17 15:15:56 +08:00
}
}
return true;
}
/**
* Handle requests from user/profile.php
*/
if ($action == "change") {
if (checkPost()) {
if (isset($_POST['new_passwd'])) {
if ($user->checkPasswd($_POST['passwd'])) {
$user->changePasswd($_POST['new_passwd']);
$json['errno'] = 0;
2016-02-05 22:08:06 +08:00
$json['msg'] = "密码更改成功。请重新登录。";
} else {
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = "原密码不对哦?";
}
} else {
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = "新密码呢?";
}
}
} else if ($action == "delete") {
if (isset($_SESSION['token']) && $_SESSION['token'] == $user->getToken()) {
if (checkPost()) {
2016-02-03 20:28:02 +08:00
if ($user->checkPasswd($_POST['passwd'])) {
session_destroy();
$user->unRegister();
$json['errno'] = 0;
2016-02-05 22:08:06 +08:00
$json['msg'] = "账号已经成功删除,再见~";
2016-02-03 20:28:02 +08:00
} else {
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = "错误的密码。";
2016-02-03 20:28:02 +08:00
}
}
} else {
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = "无效的 token请先登录。";
}
} else if ($action == "logout") {
if (utils::getValue('token', $_SESSION)) {
session_destroy();
$json['errno'] = 0;
2016-02-05 22:08:06 +08:00
$json['msg'] = 'Session 成功销毁。';
} else {
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = '并没有任何有效的 session。';
}
}
if (!$action) {
$json['errno'] = 1;
2016-02-05 22:08:06 +08:00
$json['msg'] = "无效的参数。不要乱 POST 玩哦。";
}
echo json_encode($json);