yanglc
/
OneManager-php
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update index.php

pull/13/head
qkqpttgf 2020-01-01 13:39:07 +08:00 committed by GitHub
parent 390135690a
commit 3d26fd63c3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 143 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

207
index.php
View File

@ -1,73 +1,158 @@
<?php <?php
include 'vendor/autoload.php';
include 'conststr.php'; include 'conststr.php';
include 'functions.php';
echo '<pre>' . json_encode($_SERVER, JSON_PRETTY_PRINT) . '</pre>'; //echo '<pre>'. json_encode($_SERVER, JSON_PRETTY_PRINT).'</pre>';
//echo '<pre>'. json_encode($_GET, JSON_PRETTY_PRINT).'</pre>';
if (!isset($_SERVER['REDIRECT_URL'])) $_SERVER['REDIRECT_URL'] = '/index.php'; if (!isset($_SERVER['REDIRECT_URL'])) $_SERVER['REDIRECT_URL'] = '/index.php';
if ($_SERVER['REDIRECT_URL']=='') $_SERVER['REDIRECT_URL']='/';
$path = $_SERVER['REDIRECT_URL']; $path = $_SERVER['REDIRECT_URL'];
//echo 'path:'. $path; //echo 'path:'. $path;
$_GET = getGET(); $_GET = getGET();
//echo '<pre>'. json_encode($_GET, JSON_PRETTY_PRINT).'</pre>';
function getGET() $re = main();
{ $sendHeaders = array();
$getstr = substr(urldecode($_SERVER['REQUEST_URI']), strlen(urldecode($_SERVER['REDIRECT_URL']))); foreach ($re['headers'] as $headerName => $headerVal) {
while (substr($getstr,0,1)=='/' || substr($getstr,0,1)=='?') $getstr = substr($getstr,1); header($headerName . ': ' . $headerVal, true);
$getstrarr = explode("&",$getstr);
foreach ($getstrarr as $getvalues) if ($getvalues!='') {
$pos = strpos($getvalues,"=");
//echo $pos;
if ($pos>0) {
$getarry[urldecode(substr($getvalues,0,$pos))] = urldecode(substr($getvalues,$pos+1));
} else $getarry[urldecode($getvalues)] = true;
} }
if (isset($getarry)) { http_response_code($re['statusCode']);
return $getarry; echo $re['body'];
function main()
{
global $exts;
global $constStr;
config_oauth();
$_SERVER['list_path'] = getListpath($_SERVER['HTTP_HOST']);
if ($_SERVER['list_path']=='') $_SERVER['list_path'] = '/';
$_SERVER['is_guestup_path'] = is_guestup_path($path);
$_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path);
$_SERVER['ajax']=0;
if (isset($_SERVER['HTTP_X_REQUESTED_WITH'])) if ($_SERVER['HTTP_X_REQUESTED_WITH']=='XMLHttpRequest') $_SERVER['ajax']=1;
$refresh_token = getConfig('refresh_token');
if (!$refresh_token) return get_refresh_token();
if (getConfig('adminloginpage')=='') {
$adminloginpage = 'admin';
} else {
$adminloginpage = getConfig('adminloginpage');
}
if ($_GET[$adminloginpage]) {
if ($_GET['preview']) {
$url = $_SERVER['PHP_SELF'] . '?preview';
} else {
$url = path_format($_SERVER['PHP_SELF'] . '/');
}
if (getConfig('admin')!='') {
if ($_POST['password1']==getConfig('admin')) {
return adminform($_SERVER['function_name'].'admin',md5($_POST['password1']),$url);
} else return adminform();
} else {
return output('', 302, [ 'Location' => $url ]);
}
}
if (getConfig('admin')!='')
if ($_COOKIE['admin']==md5(getConfig('admin')) || $_POST['password1']==getConfig('admin') ) {
$_SERVER['admin']=1;
$_SERVER['needUpdate'] = needUpdate();
} else {
$_SERVER['admin']=0;
}
if ($_GET['setup'])
if ($_SERVER['admin']) {
// setup Environments. 设置,对环境变量操作
return EnvOpt($_SERVER['function_name'], $_SERVER['needUpdate']);
} else {
$url = path_format($_SERVER['PHP_SELF'] . '/');
return output('<script>alert(\''.$constStr['SetSecretsFirst'][$constStr['language']].'\');</script>', 302, [ 'Location' => $url ]);
}
$_SERVER['retry'] = 0;
$cache = null;
$cache = new \Doctrine\Common\Cache\FilesystemCache(sys_get_temp_dir(), '.Onedrive');
if (!($_SERVER['access_token'] = $cache->fetch('access_token'))) {
$ret = json_decode(curl_request(
$_SERVER['oauth_url'] . 'token',
'client_id='. $_SERVER['client_id'] .'&client_secret='. $_SERVER['client_secret'] .'&grant_type=refresh_token&requested_token_use=on_behalf_of&refresh_token=' . $refresh_token
), true);
if (!isset($ret['access_token'])) {
error_log('failed to get access_token. response' . json_encode($ret));
throw new Exception('failed to get access_token.');
}
$_SERVER['access_token'] = $ret['access_token'];
$cache->save('access_token', $_SERVER['access_token'], $ret['expires_in'] - 60);
}
if ($_SERVER['ajax']) {
if ($_GET['action']=='del_upload_cache'&&substr($_GET['filename'],-4)=='.tmp') {
// del '.tmp' without login. 无需登录即可删除.tmp后缀文件
$tmp = MSAPI('DELETE',path_format(path_format($_SERVER['list_path'] . path_format($path)) . '/' . spurlencode($_GET['filename']) ),'',$_SERVER['access_token']);
return output($tmp['body'],$tmp['stat']);
}
if ($_GET['action']=='uploaded_rename') {
// rename .scfupload file without login.
// 无需登录即可重命名.scfupload后缀文件filemd5为用户提交可被构造问题不大以后处理
$oldname = spurlencode($_GET['filename']);
$pos = strrpos($oldname, '.');
if ($pos>0) $ext = strtolower(substr($oldname, $pos));
$oldname = path_format(path_format($_SERVER['list_path'] . path_format($path)) . '/' . $oldname . '.scfupload' );
$data = '{"name":"' . $_GET['filemd5'] . $ext . '"}';
//echo $oldname .'<br>'. $data;
$tmp = MSAPI('PATCH',$oldname,$data,$_SERVER['access_token']);
if ($tmp['stat']==409) MSAPI('DELETE',$oldname,'',$_SERVER['access_token'])['body'];
return output($tmp['body'],$tmp['stat']);
}
if ($_GET['action']=='upbigfile') return bigfileupload($path);
}
if ($_SERVER['admin']) {
$tmp = adminoperate($path);
if ($tmp['statusCode'] > 0) {
$path1 = path_format($_SERVER['list_path'] . path_format($path));
$cache->save('path_' . $path1, json_decode('{}',true), 1);
return $tmp;
}
} else {
if ($_SERVER['ajax']) return output($constStr['RefleshtoLogin'][$constStr['language']],401);
}
$_SERVER['ishidden'] = passhidden($path);
if ($_GET['thumbnails']) {
if ($_SERVER['ishidden']<4) {
if (in_array(strtolower(substr($path, strrpos($path, '.') + 1)), $exts['img'])) {
return get_thumbnails_url($path);
} else return output(json_encode($exts['img']),400);
} else return output('',401);
}
$files = list_files($path);
if (isset($files['file']) && !$_GET['preview']) {
// is file && not preview mode
if ($_SERVER['ishidden']<4) return output('', 302, [ 'Location' => $files['@microsoft.graph.downloadUrl'] ]);
}
if ( isset($files['folder']) || isset($files['file']) ) {
return render_list($path, $files);
} else {
return output('<div style="margin:8px;">' . $files['error']['message'] . '</div>', 404);
}
}
function list_files($path)
{
$path = path_format($path);
if ($_SERVER['is_guestup_path']&&!$_SERVER['admin']) {
$files = json_decode('{"folder":{}}', true);
} elseif ($_SERVER['ishidden']==4) {
$files = json_decode('{"folder":{}}', true);
} else {
$files = fetch_files($path);
}
if ( isset($files['folder']) || isset($files['file']) || isset($files['error']) ) {
return $files;
} else {
echo 'Error $files' . json_encode($files, JSON_PRETTY_PRINT);
$_SERVER['retry']++;
if ($_SERVER['retry'] < 3) {
return list_files($path);
} else return ''; } else return '';
} }
//echo '<pre>' . json_encode($_GET, JSON_PRETTY_PRINT) . '</pre>';
function getconfig($str)
{
$envs = json_decode(file_get_contents('config.json'));
return $envs[$str];
}
config_oauth();
function config_oauth()
{
global $constStr;
$constStr['language'] = $_COOKIE['language'];
if ($constStr['language']=='') $constStr['language'] = getconfig('language');
if ($constStr['language']=='') $constStr['language'] = 'en-us';
$_SERVER['sitename'] = getconfig('sitename');
if (empty($_SERVER['sitename'])) $_SERVER['sitename'] = $constStr['defaultSitename'][$constStr['language']];
$_SERVER['redirect_uri'] = 'https://scfonedrive.github.io';
if (getconfig('Onedrive_ver')=='MS') {
// MS
// https://portal.azure.com
$_SERVER['client_id'] = '4da3e7f2-bf6d-467c-aaf0-578078f0bf7c';
$_SERVER['client_secret'] = '7/+ykq2xkfx:.DWjacuIRojIaaWL0QI6';
$_SERVER['oauth_url'] = 'https://login.microsoftonline.com/common/oauth2/v2.0/';
$_SERVER['api_url'] = 'https://graph.microsoft.com/v1.0/me/drive/root';
$_SERVER['scope'] = 'https://graph.microsoft.com/Files.ReadWrite.All offline_access';
}
if (getenv('Onedrive_ver')=='CN') {
// CN
// https://portal.azure.cn
$_SERVER['client_id'] = '04c3ca0b-8d07-4773-85ad-98b037d25631';
$_SERVER['client_secret'] = 'h8@B7kFVOmj0+8HKBWeNTgl@pU/z4yLB';
$_SERVER['oauth_url'] = 'https://login.partner.microsoftonline.cn/common/oauth2/v2.0/';
$_SERVER['api_url'] = 'https://microsoftgraph.chinacloudapi.cn/v1.0/me/drive/root';
$_SERVER['scope'] = 'https://microsoftgraph.chinacloudapi.cn/Files.ReadWrite.All offline_access';
}
if (getenv('Onedrive_ver')=='MSC') {
// MS Customer
// https://portal.azure.com
$_SERVER['client_id'] = getconfig('client_id');
$_SERVER['client_secret'] = getconfig('client_secret');
$_SERVER['oauth_url'] = 'https://login.microsoftonline.com/common/oauth2/v2.0/';
$_SERVER['api_url'] = 'https://graph.microsoft.com/v1.0/me/drive/root';
$_SERVER['scope'] = 'https://graph.microsoft.com/Files.ReadWrite.All offline_access';
}
$_SERVER['client_secret'] = urlencode($_SERVER['client_secret']);
$_SERVER['scope'] = urlencode($_SERVER['scope']);
} }
?>