Merge pull request #119 from helloxz/dev

0.9.28

.htaccess

@@ -1,5 +1,4 @@
 RewriteEngine On
 RewriteRule '^click\/(.*)$' /index.php?c=click&id=$1 [L] 
 RewriteRule '^api\/(.*)?(.*)$' /index.php?c=api&method=$1&$2 [L] 
-RewriteRule login /index.php?c=login [NC,L]
 RewriteRule .*.(db3|rar|gz|json)$ - [F]

class/Api.php

@@ -176,7 +176,9 @@ protected function auth($token){
         $token_yes = md5(USER.$SecretKey);
         //获取header中的X-token
         $xtoken = $_SERVER['HTTP_X_TOKEN'];
-        if( $xtoken === $token_yes ) {
+
+        //如果通过header传递token，且验证通过
+        if( !empty($xtoken) && ($xtoken === $token_yes) ) {
             return TRUE;
         }
         //如果token为空，则验证cookie
@@ -204,7 +206,7 @@ protected function auth($token){
     /**
      * name:添加链接
      */
-    public function add_link($token,$fid,$title,$url,$description = '',$weight = 0,$property = 0,$url_standby = ''){
+    public function add_link($token,$fid,$title,$url,$description = '',$weight = 0,$property = 0,$url_standby = '',$font_icon = ''){
         $this->auth($token);
         $fid = intval($fid);
         //检测链接是否合法
@@ -227,6 +229,11 @@ public function add_link($token,$fid,$title,$url,$description = '',$weight = 0,$
             'weight'        =>  $weight,
             'property'      =>  $property
         ];
+
+        //如果$font_icon不为空，才一起追加写入数据库
+        if( !empty($font_icon) ) {
+            $data['font_icon'] = $font_icon;
+        }
         //插入数据库
         $re = $this->db->insert('on_links',$data);
         //返回影响行数
@@ -531,6 +538,75 @@ public function upload($token,$type){
             }
         }
     }
+
+    /**
+     * 图标上传
+     * type:上传类型
+     */
+    public function uploadImages($token){
+        $this->auth($token);
+        //获取icon名称
+        $icon_name = $_POST['icon_name'];
+        //获取老文件名称，然后删除
+        $old_pic = $_POST['old_pic'];
+        //如果老文件名称合法，则删除
+        $pattern = "/^data\/upload\/[0-9]+\/[0-9a-zA-Z]+\.(jpg|jpeg|png|bmp|gif|svg)$/";
+        //如果名称不合法，则终止执行
+        if( preg_match($pattern,$old_pic) ){
+            @unlink($old_pic);
+        }
+
+        //如果名称是空的
+        if( empty($icon_name) ) {
+            $this->return_json(-2000,'','获取图标名称失败！');
+        }
+
+        if ($_FILES["file"]["error"] > 0)
+        {
+            //$this->err_msg(-1015,'File upload failed!');
+            $this->return_json(-2000,'','File upload failed!');
+        }
+        else
+        {
+            //根据时间生成文件名
+            $filename = $_FILES["file"]["name"];
+            //获取文件后缀
+            $suffix = explode('.',$filename);
+            $suffix = strtolower(end($suffix));
+
+            //临时文件位置
+            $temp = $_FILES["file"]["tmp_name"];
+            if( $suffix != 'ico' && $suffix != 'jpg' && $suffix != 'jpeg' && $suffix != 'png' && $suffix != 'bmp' && $suffix != 'gif' && $suffix != 'svg' ) {
+                //删除临时文件
+                @unlink($filename);
+                @unlink($temp);
+                $this->return_json(-2000,'','Unsupported file suffix name!');
+            }
+
+            //上传路径，格式为data/upload/202212/1669689755.png
+            $upload_path = "data/upload/".date( "Ym", time() ).'/'.$icon_name.'.'.$suffix;
+
+            //如果目录不存在，则创建
+            $upload_dir = dirname($upload_path);
+            if( !is_dir( $upload_dir ) ) {
+                //递归创建目录
+                mkdir($upload_dir,0755,true);
+            }
+
+            //$newfilename = 'upload/'.time().'.'.$suffix;
+            //移动临时文件到指定上传路径
+            if( move_uploaded_file($temp,$upload_path) ) {
+                $data = [
+                    'file_name' =>  $upload_path
+                ];
+                $this->return_json(200,$data,'success');
+            }
+            else{
+                $this->return_json(-2000,'','上传失败，请检查目录权限！');
+            }
+        }
+    }
+
     /**
      * 导出HTML链接进行备份
      */
@@ -568,9 +644,15 @@ public function export_link(){
     /**
      * name:修改链接
      */
-    public function edit_link($token,$id,$fid,$title,$url,$description = '',$weight = 0,$property = 0,$url_standby = ''){
+    public function edit_link($token,$id,$fid,$title,$url,$description = '',$weight = 0,$property = 0,$url_standby = '',$font_icon = ''){
         $this->auth($token);
         $fid = intval($fid);
+        /**
+         * name：获取更新类型
+         * description：主要是因为兼容部分之前老的接口，老的接口不用变动，只能从OneNav后台添加图标，因此增加type判断是否是OneNav后台
+         * console:指从OneNav后台进行更新
+         */
+        $type = trim($_GET['type']);
         //检测链接是否合法
         //$this->check_link($fid,$title,$url);
         $this->check_link([
@@ -596,6 +678,14 @@ public function edit_link($token,$id,$fid,$title,$url,$description = '',$weight
             'weight'        =>  $weight,
             'property'      =>  $property
         ];
+
+        if( !empty($font_icon) ) {
+            $data['font_icon'] = $font_icon;
+        }
+        //如果是从OneNav后台更新，则无论如何都要加上font_icon
+        if( $type === 'console' ) {
+            $data['font_icon'] = $font_icon;
+        }
         //插入数据库
         $re = $this->db->update('on_links',$data,[ 'id' => $id]);
         //返回影响行数
@@ -824,9 +914,9 @@ public function q_category_link($data){
             $sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = on_links.fid) AS category_name  FROM on_links WHERE fid = $fid ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
         }
         //通过header获取token成功
-        else if( $this->auth("") ) {
-            $sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = on_links.fid) AS category_name  FROM on_links WHERE fid = $fid ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
-        }
+        // else if( $this->auth("") ) {
+        //     $sql = "SELECT *,(SELECT name FROM on_categorys WHERE id = on_links.fid) AS category_name  FROM on_links WHERE fid = $fid ORDER BY weight DESC,id DESC LIMIT {$limit} OFFSET {$offset}";
+        // }
 
         //如果token验证通过
         elseif( (!empty($token)) && ($this->auth($token)) ) {
@@ -2183,6 +2273,38 @@ public function site_info() {
 
         $this->return_json(200,$site,'success');
     }
+
+    /**
+     * name：删除链接图标
+     */
+    public function del_link_icon(){
+        //验证授权
+        $this->auth($token);
+
+        //获取图标路径
+        $icon_path = trim($_POST['icon_path']);
+        //正则判断路径是否合法
+        $pattern = "/^data\/upload\/[0-9]+\/[0-9a-zA-Z]+\.(jpg|jpeg|png|bmp|gif|svg)$/";
+        //如果名称不合法，则终止执行
+        if( !preg_match($pattern,$icon_path) ){
+            $this->return_json(-2000,'','非法路径！');
+        }
+
+        //继续执行
+        //检查图标是否存在
+        if( !is_file($icon_path) ) {
+            $this->return_json(-2000,'','图标文件不存在，无需删除！');
+        }
+
+        //执行删除操作
+        if( unlink($icon_path) ) {
+            $this->return_json(200,'','success');
+        }
+        else{
+            $this->return_json(-2000,'','图标删除失败，请检查目录权限！');
+        }
+    }
 
 }
 
+

controller/api.php

@@ -107,8 +107,9 @@ function add_link($api){
     $description = empty($_POST['description']) ? '' : $_POST['description'];
     $weight = empty($_POST['weight']) ? 0 : intval($_POST['weight']);
     $property = empty($_POST['property']) ? 0 : 1;
-
-    $api->add_link($token,$fid,$title,$url,$description,$weight,$property,$url_standby);
+    $font_icon = empty($_POST['font_icon']) ? '' : $_POST['font_icon'];
+
+    $api->add_link($token,$fid,$title,$url,$description,$weight,$property,$url_standby,$font_icon);
 
 }
 /**
@@ -128,8 +129,9 @@ function edit_link($api){
     $description = empty($_POST['description']) ? '' : $_POST['description'];
     $weight = empty($_POST['weight']) ? 0 : intval($_POST['weight']);
     $property = empty($_POST['property']) ? 0 : 1;
-
-    $api->edit_link($token,$id,$fid,$title,$url,$description,$weight,$property,$url_standby);
+    $font_icon = empty($_POST['font_icon']) ? '' : $_POST['font_icon'];
+
+    $api->edit_link($token,$id,$fid,$title,$url,$description,$weight,$property,$url_standby,$font_icon);
 
 }
 
@@ -239,6 +241,14 @@ function upload($api){
     $type = $_GET['type'];
     $api->upload($token,$type);
 }
+// 上传图标
+function uploadImages(){
+    global $api;
+    //获取token
+    $token = empty( $_POST['token'] ) ? $_GET['token'] : $_POST['token'];
+    //获取上传类型
+    $api->uploadImages($token);
+}
 //书签导入
 function imp_link($api) {
     //获取token
@@ -623,4 +633,10 @@ function del_share() {
 function site_info() {
     global $api;
     $api->site_info();
+}
+
+//删除图标
+function del_link_icon() {
+    global $api;
+    $api->del_link_icon();
 }

controller/click.php

@@ -13,7 +13,7 @@
 }
 
 //查询链接信息
-$link = $db->get('on_links',['id','fid','url','url_standby','property','click','title','description'],[
+$link = $db->get('on_links',['id','fid','url','url_standby','property','click','title','description','font_icon'],[
     'id'    =>  $id
 ]);
 

controller/index.php

@@ -149,12 +149,28 @@ function base64($url){
 $template = $db->get("on_options","value",[
     "key"   =>  "theme"
 ]);
+//获取用户传递的主题参数
+$theme = trim( @$_GET['theme'] );
+//如果用户传递了主题参数
+if( !empty($theme) ) {
+    //获取所有主题
+    $themes = get_all_themes();
+
+    //查找主题是否存在
+    if( array_search($theme,$themes) !== FALSE ) {
+        //改变默认主题
+        $template = $theme;
+    }
+    else{
+        //主题不存在，终止执行
+        exit("<h1>主题参数错误！</h1>");
+    }
+}
 //获取当前站点信息
 $site = $db->get('on_options','value',[ 'key'  =>  "s_site" ]);
 $site = unserialize($site);
 
 //获取主题配置信息
-//获取主题配置
 if( file_exists("templates/".$template."/config.json") ) {
     $config_file = "templates/".$template."/config.json";
 }
@@ -189,6 +205,53 @@ function base64($url){
     $tpl_dir = 'data/templates/';
 }
 
+//定义搜索引擎
+$search_engines = [
+    "baidu"     =>  [
+        "name"  =>  "百度",
+        "url"   =>  "https://www.baidu.com/s?ie=utf-8&word="
+    ],
+    "google"    =>  [
+        "name"  =>  "Google",
+        "url"   =>  "https://www.google.com/search?q="
+    ],
+    "bing"      =>  [
+        "name"  =>  "必应",
+        "url"   =>  "https://cn.bing.com/search?FORM=BESBTB&q="
+    ],
+    "sogou"     =>  [
+        "name"  =>  "搜狗",
+        "url"   =>  "https://www.sogou.com/web?query="
+    ],
+    "360"       =>  [
+        "name"  =>  "360搜索",
+        "url"   =>  "https://www.so.com/s?ie=utf-8&fr=none&src=360sou_newhome&ssid=&q="
+    ],
+    "zhihu"     =>  [
+        "name"  =>  "知乎",
+        "url"   =>  "https://www.zhihu.com/search?type=content&q="
+    ],
+    "weibo"     =>  [
+        "name"  =>  "微博",
+        "url"   =>  "https://s.weibo.com/weibo?q="
+    ] 
+];
 
-require($tpl_dir.$template.'/index.php');
-?>
+//获取主题的最低版本要求
+$info_json = @file_get_contents($tpl_dir.$template."/info.json");
+
+if( $info_json ) {
+    $info = json_decode($info_json);
+
+    $min_version = @$info->require->min;
+    //获取到了最低版本
+    if( !empty($min_version) ) {
+        //如果主程序不满足主题要求
+        if( new_get_version() <  $min_version ) {
+            $onenav_version = new_get_version();
+            exit($template."主题要求最低OneNav版本为：".$min_version."，您当前OneNav版本为：".$onenav_version."，请先<a title = 'OneNav升级说明' href = 'https://dwz.ovh/br5wt' target = '_blank'>升级OneNav版本！</a>");
+        }
+    }
+}
+//载入主题
+require($tpl_dir.$template.'/index.php');

data/update.log

@@ -173,4 +173,11 @@ CREATE INDEX on_options_key_IDX ON on_options ("key");
 4. 其它优化和BUG修复
 
 20221117
-1. 修复获取分类目录失败的BUG
+1. 修复获取分类目录失败的BUG
+
+20221129
+1. 新增链接自定义图标支持
+2. 修复书签分享私有链接无法查看的BUG
+3. 带上?theme=参数可以指定主题
+4. 新增heimdall主题
+5. 新增OneNav主程序是否满足主题要求的检测

db/sql/20221129.sql

@@ -0,0 +1 @@
+ALTER TABLE on_links ADD font_icon TEXT(512);