From 989de97ddebf474cec62d14881071af9e6a2986a Mon Sep 17 00:00:00 2001 From: root Date: Wed, 1 Apr 2020 18:44:50 +0800 Subject: [PATCH] renamed: function/common.php -> common.php modified: index.php renamed: function/heroku.php -> platform/heroku.php renamed: function/normal.php -> platform/normal.php renamed: function/scf.php -> platform/scf.php modified: theme/classic.php --- function/common.php => common.php | 600 ++++++++++++++++++------------ index.php | 8 +- {function => platform}/heroku.php | 10 +- {function => platform}/normal.php | 2 +- {function => platform}/scf.php | 13 +- theme/classic.php | 23 +- 6 files changed, 389 insertions(+), 267 deletions(-) rename function/common.php => common.php (83%) rename {function => platform}/heroku.php (93%) rename {function => platform}/normal.php (96%) rename {function => platform}/scf.php (94%) diff --git a/function/common.php b/common.php similarity index 83% rename from function/common.php rename to common.php index 9290cca..7f3bb59 100644 --- a/function/common.php +++ b/common.php @@ -25,6 +25,9 @@ $Base64Env = [ 'guestup_path', //'usesharepoint', 'sharepointname', + 'shareurl', + 'sharecookie', + 'shareapiurl', //'siteid', 'public_path', //'refresh_token', @@ -77,6 +80,9 @@ $InnerEnv = [ 'usesharepoint', 'sharepointname', 'siteid', + 'shareurl', + 'sharecookie', + 'shareapiurl', 'public_path', 'refresh_token', 'token_expires', @@ -94,11 +100,252 @@ $ShowedInnerEnv = [ //'usesharepoint', //'sharepointname', //'siteid', + //'shareurl', + //'sharecookie', + //'shareapiurl', 'public_path', //'refresh_token', //'token_expires', ]; +function main($path) +{ + global $exts; + global $constStr; + + if (isset($_COOKIE['language'])) $constStr['language'] = $_COOKIE['language']; + if (!$constStr['language']) $constStr['language'] = getConfig('language'); + if ($constStr['language']=='') $constStr['language'] = 'en-us'; + $_SERVER['language'] = $constStr['language']; + $_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path); + + if (getConfig('admin')=='') return install(); + if (getConfig('adminloginpage')=='') { + $adminloginpage = 'admin'; + } else { + $adminloginpage = getConfig('adminloginpage'); + } + if (isset($_GET[$adminloginpage])) { + if (isset($_GET['preview'])) { + $url = $_SERVER['PHP_SELF'] . '?preview'; + } else { + $url = path_format($_SERVER['PHP_SELF'] . '/'); + } + if (getConfig('admin')!='') { + if ($_POST['password1']==getConfig('admin')) { + return adminform('admin',md5($_POST['password1']),$url); + } else return adminform(); + } else { + return output('', 302, [ 'Location' => $url ]); + } + } + if (getConfig('admin')!='') + if ( (isset($_COOKIE['admin'])&&$_COOKIE['admin']==md5(getConfig('admin'))) || (isset($_POST['password1'])&&$_POST['password1']==getConfig('admin')) ) { + $_SERVER['admin']=1; + $_SERVER['needUpdate'] = needUpdate(); + } else { + $_SERVER['admin']=0; + } + if (isset($_GET['setup'])) + if ($_SERVER['admin']) { + // setup Environments. 设置,对环境变量操作 + return EnvOpt($_SERVER['needUpdate']); + } else { + $url = path_format($_SERVER['PHP_SELF'] . '/'); + return output('', 302, [ 'Location' => $url ]); + } + + $_SERVER['base_disk_path'] = $_SERVER['base_path']; + $disktags = explode("|",getConfig('disktag')); +// echo 'count$disk:'.count($disktags); + if (count($disktags)>1) { + if ($path=='/'||$path=='') return output('', 302, [ 'Location' => path_format($_SERVER['base_path'].'/'.$disktags[0].'/') ]); + $_SERVER['disktag'] = $path; + $pos = strpos($path, '/'); + if ($pos>1) $_SERVER['disktag'] = substr($path, 0, $pos); + if (!in_array($_SERVER['disktag'], $disktags)) return message('Please visit from Home Page.', 'Error', 404); + $path = substr($path, strlen('/'.$_SERVER['disktag'])); + if ($_SERVER['disktag']!='') $_SERVER['base_disk_path'] = path_format($_SERVER['base_disk_path']. '/' . $_SERVER['disktag'] . '/'); + } else $_SERVER['disktag'] = $disktags[0]; +// echo 'main.disktag:'.$_SERVER['disktag'].',path:'.$path.' +//'; + $_SERVER['list_path'] = getListpath($_SERVER['HTTP_HOST']); + if ($_SERVER['list_path']=='') $_SERVER['list_path'] = '/'; + $_SERVER['is_guestup_path'] = is_guestup_path($path); + $_SERVER['ajax']=0; + if (isset($_SERVER['HTTP_X_REQUESTED_WITH'])) if ($_SERVER['HTTP_X_REQUESTED_WITH']=='XMLHttpRequest') $_SERVER['ajax']=1; + + config_oauth(); + if ($_SERVER['admin']) if (isset($_GET['AddDisk'])||isset($_GET['authorization_code'])) return get_refresh_token(); + $refresh_token = getConfig('refresh_token'); + //if (!$refresh_token) return get_refresh_token(); + if (!$refresh_token) { + return render_list(); + } else { + if (!($_SERVER['access_token'] = getcache('access_token'))) { + get_access_token($refresh_token); + } + + if ($_SERVER['ajax']) { + if ($_GET['action']=='del_upload_cache'&&substr($_GET['filename'],-4)=='.tmp') { + // del '.tmp' without login. 无需登录即可删除.tmp后缀文件 + error_log('del.tmp:GET,'.json_encode($_GET,JSON_PRETTY_PRINT)); + $tmp = MSAPI('DELETE',path_format(path_format($_SERVER['list_path'] . path_format($path)) . '/' . spurlencode($_GET['filename']) ),'',$_SERVER['access_token']); + $path1 = path_format($_SERVER['list_path'] . path_format($path)); + if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1); + savecache('path_' . $path1, json_decode('{}',true), 1); + return output($tmp['body'],$tmp['stat']); + } + if ($_GET['action']=='uploaded_rename') { + // rename .scfupload file without login. + // 无需登录即可重命名.scfupload后缀文件,filemd5为用户提交,可被构造,问题不大,以后处理 + $oldname = spurlencode($_GET['filename']); + $pos = strrpos($oldname, '.'); + if ($pos>0) $ext = strtolower(substr($oldname, $pos)); + $oldname = path_format(path_format($_SERVER['list_path'] . path_format($path)) . '/' . $oldname . '.scfupload' ); + $data = '{"name":"' . $_GET['filemd5'] . $ext . '"}'; + //echo $oldname .'
'. $data; + $tmp = MSAPI('PATCH',$oldname,$data,$_SERVER['access_token']); + if ($tmp['stat']==409) { + MSAPI('DELETE',$oldname,'',$_SERVER['access_token']); + $tmpbody = json_decode($tmp['body'], true); + $tmpbody['name'] = $_GET['filemd5'] . $ext; + $tmp['body'] = json_encode($tmpbody); + } + $path1 = path_format($_SERVER['list_path'] . path_format($path)); + if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1); + savecache('path_' . $path1, json_decode('{}',true), 1); + return output($tmp['body'],$tmp['stat']); + } + if ($_GET['action']=='upbigfile') return bigfileupload($path); + } + if ($_SERVER['admin']) { + $tmp = adminoperate($path); + if ($tmp['statusCode'] > 0) { + $path1 = path_format($_SERVER['list_path'] . path_format($path)); + if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1); + savecache('path_' . $path1, json_decode('{}',true), 1); + return $tmp; + } + } else { + if ($_SERVER['ajax']) return output(getconstStr('RefreshtoLogin'),401); + } + $_SERVER['ishidden'] = passhidden($path); + if (isset($_GET['thumbnails'])) { + if ($_SERVER['ishidden']<4) { + if (in_array(strtolower(substr($path, strrpos($path, '.') + 1)), $exts['img'])) { + return get_thumbnails_url($path); + } else return output(json_encode($exts['img']),400); + } else return output('',401); + } + + $files = list_files($path); + //echo json_encode(array_keys($files['children']), JSON_PRETTY_PRINT); + if (isset($_GET['random'])&&$_GET['random']!=='') { + if ($_SERVER['ishidden']<4) { + $tmp = []; + foreach (array_keys($files['children']) as $filename) { + if (strtolower(splitlast($filename,'.')[1])==strtolower($_GET['random'])) $tmp[$filename] = $files['children'][$filename][$_SERVER['DownurlStrName']]; + } + $tmp = array_values($tmp); + if (count($tmp)>0) { + if (isset($_GET['url'])) return output($tmp[rand(0,count($tmp)-1)], 200); + return output('', 302, [ 'Location' => $tmp[rand(0,count($tmp)-1)] ]); + } else return output('',404); + } else return output('',401); + } + if (isset($files['file']) && !isset($_GET['preview'])) { + // is file && not preview mode + if ( $_SERVER['ishidden']<4 || (!!getConfig('downloadencrypt')&&$files['name']!=getConfig('passfile')) ) return output('', 302, [ 'Location' => $files[$_SERVER['DownurlStrName']] ]); + } + if ( isset($files['folder']) || isset($files['file']) ) { + return render_list($path, $files); + } else { + if (!isset($files['error'])) { + $files['error']['message'] = json_encode($files, JSON_PRETTY_PRINT); + $files['error']['code'] = 'unknownError'; + $files['error']['stat'] = 500; + } + return message(''.getconstStr('Back').getconstStr('Home').'
' . $files['error']['message'] . '
'.getconstStr('Back').'', $files['error']['code'], $files['error']['stat']); + } + } +} + +function get_access_token($refresh_token) +{ + if (getConfig('Drive_ver')=='shareurl') { + +//if (!$files) $files['body'] = $arr['body']; + //$files['returnhead'] = $arr['returnhead']; + //$files['cookie'] = $arr['returnhead']['Set-Cookie']; +//return $files; + + /*$files['get'] = curl_request( + "https://mfedu-my.sharepoint.com/personal/ysun_ac_stu_office_gy/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1='%2Fpersonal%2Fysun_ac_stu_office_gy%2FDocuments'&RootFolder=%2Fpersonal%2Fysun_ac_stu_office_gy%2FDocuments%2F&TryNewExperienceSingle=TRUE", + '{"parameters":{"__metadata":{"type":"SP.RenderListDataParameters"},"RenderOptions":136967,"AllowMultipleValueFilterForTaxonomyFields":true,"AddRequiredFields":true}}', + ['Accept' => 'application/json;odata=verbose', 'Content-Type' => 'application/json;odata=verbose', 'origin' => 'https://mfedu-my.sharepoint.com', 'Cookie' => $arr['returnhead']['Set-Cookie']], + 1); + $files['get']['body'] = json_decode($files['get']['body'], true); + $_SERVER['access_token'] = splitlast($files['get']['body']['ListSchema']['.driveAccessToken'],'=')[1]; + $_SERVER['api_url'] = $files['get']['body']['ListSchema']['.driveUrl'].'/root'; + + $files = json_decode( curl_request( $_SERVER['api_url'].'?expand=children(select=name,size,file,folder,parentReference,lastModifiedDateTime,@microsoft.graph.downloadUrl,@content.downloadUrl)', false, ['Authorization' => 'Bearer ' . $_SERVER['access_token'], 'Accept' => 'application/json'] )['body'], true); + $files['children']['a']['file'] = $_SERVER['api_url']; + $files['children']['a']['name'] = $_SERVER['api_url']; +*/ + $shareurl = getConfig('shareurl'); + //$url = 'https://mfedu-my.sharepoint.com/:f:/g/personal/ysun_ac_stu_office_gy/EpDIBOaYyExHjfu-PJA46icB40X0FKVwmn_9UDJsRvu3Ug?e=XyRZxP'; + //$url = 'https://2d2-my.sharepoint.com/:f:/g/personal/ysun_host_ac_cn/Ehy8pjSQSoZOtLDs4ZKPiGUBYFt26CjEwG6bw7W5vleNNQ?e=DLZcWF'; + $tmp1 = splitlast($shareurl, '/')[0]; + $account = splitlast($tmp1, '/')[1]; + $tmp1 = splitlast($shareurl, ':')[0]; + $domain = splitlast($tmp1, '/')[0]; + if (!isset($_SERVER['sharecookie'])||$_SERVER['sharecookie']=='') $_SERVER['sharecookie'] = curl_request($shareurl,false, [],1)['returnhead']['Set-Cookie']; + $response = curl_request( + $domain . "/personal/" . $account . "/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1='" . urlencode("/personal/" . $account . "/Documents") . "'&RootFolder=" . urlencode("/personal/" . $account . "/Documents/") . "&TryNewExperienceSingle=TRUE", + '{"parameters":{"__metadata":{"type":"SP.RenderListDataParameters"},"RenderOptions":136967,"AllowMultipleValueFilterForTaxonomyFields":true,"AddRequiredFields":true}}', + [ 'Accept' => 'application/json;odata=verbose', 'Content-Type' => 'application/json;odata=verbose', 'origin' => $domain, 'Cookie' => $_SERVER['sharecookie'] ] + ); + if ($response['stat']==200) $ret = json_decode($response['body'], true); + $_SERVER['access_token'] = splitlast($ret['ListSchema']['.driveAccessToken'],'=')[1]; + $_SERVER['api_url'] = $ret['ListSchema']['.driveUrl'].'/root'; + if (!$_SERVER['access_token']) { + error_log($domain . "/personal/" . $account . "/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1='" . urlencode("/personal/" . $account . "/Documents") . "'&RootFolder=" . urlencode("/personal/" . $account . "/Documents/") . "&TryNewExperienceSingle=TRUE"); + error_log('failed to get access_token. response' . json_encode($ret)); + throw new Exception($response['stat'].', failed to get access_token.'.$response['body']); + } + error_log('Get access token:'.json_encode($ret, JSON_PRETTY_PRINT)); + savecache('access_token', $_SERVER['access_token']); + if (getConfig('sharecookie')==''||getConfig('shareapiurl')=='') setConfig([ 'sharecookie' => $_SERVER['sharecookie'], 'shareapiurl' => $_SERVER['api_url'] ]); + } else { + $response = curl_request( $_SERVER['oauth_url'] . 'token', 'client_id='. $_SERVER['client_id'] .'&client_secret='. $_SERVER['client_secret'] .'&grant_type=refresh_token&requested_token_use=on_behalf_of&refresh_token=' . $refresh_token ); + if ($response['stat']==200) $ret = json_decode($response['body'], true); + if (!isset($ret['access_token'])) { + error_log($_SERVER['oauth_url'] . 'token'.'?client_id='. $_SERVER['client_id'] .'&client_secret='. $_SERVER['client_secret'] .'&grant_type=refresh_token&requested_token_use=on_behalf_of&refresh_token=' . $refresh_token); + error_log('failed to get access_token. response' . json_encode($ret)); + throw new Exception($response['stat'].', failed to get access_token.'.$response['body']); + } + error_log('Get access token:'.json_encode($ret, JSON_PRETTY_PRINT)); + $_SERVER['access_token'] = $ret['access_token']; + savecache('access_token', $_SERVER['access_token'], $ret['expires_in'] - 300); + if (time()>getConfig('token_expires')) setConfig([ 'refresh_token' => $ret['refresh_token'], 'token_expires' => time()+7*24*60*60 ]); + } +} + +function list_files($path) +{ + $path = path_format($path); + if ($_SERVER['is_guestup_path']&&!$_SERVER['admin']) { + $files = json_decode('{"folder":{}}', true); + } elseif (!getConfig('downloadencrypt')) { + if ($_SERVER['ishidden']==4) $files = json_decode('{"folder":{}}', true); + else $files = fetch_files($path); + } else { + $files = fetch_files($path); + } + return $files; +} + function isHideFile($name) { $FunctionalityFile = [ @@ -139,6 +386,12 @@ function config_oauth() $_SERVER['sitename'] = getConfig('sitename'); if (empty($_SERVER['sitename'])) $_SERVER['sitename'] = getconstStr('defaultSitename'); $_SERVER['redirect_uri'] = 'https://scfonedrive.github.io'; + if (getConfig('Drive_ver')=='shareurl') { + $_SERVER['api_url'] = getConfig('shareapiurl'); + $_SERVER['sharecookie'] = getConfig('sharecookie'); + $_SERVER['DownurlStrName'] = '@content.downloadUrl'; + return 0; + } if (getConfig('Drive_ver')=='MS') { // MS // https://portal.azure.com @@ -169,6 +422,7 @@ function config_oauth() } $_SERVER['client_secret'] = urlencode($_SERVER['client_secret']); $_SERVER['scope'] = urlencode($_SERVER['scope']); + $_SERVER['DownurlStrName'] = '@microsoft.graph.downloadUrl'; } function get_siteid($access_token) @@ -336,7 +590,7 @@ function gethiddenpass($path,$passfile) $ispassfile = fetch_files(path_format($path . '/' . urlencode($passfile))); //echo $path . '
' . json_encode($ispassfile, JSON_PRETTY_PRINT) . '
'; if (isset($ispassfile['file'])) { - $arr = curl_request($ispassfile['@microsoft.graph.downloadUrl']); + $arr = curl_request($ispassfile[$_SERVER['DownurlStrName']]); if ($arr['stat']==200) { $passwordf=explode("\n",$arr['body']); $password=$passwordf[0]; @@ -427,7 +681,7 @@ function message($message, $title = 'Message', $statusCode = 200) function needUpdate() { - $current_ver = file_get_contents(__DIR__ . '/../version'); + $current_ver = file_get_contents(__DIR__ . '/version'); $current_ver = substr($current_ver, strpos($current_ver, '.')+1); $current_ver = explode(urldecode('%0A'),$current_ver)[0]; $current_ver = explode(urldecode('%0D'),$current_ver)[0]; @@ -526,7 +780,7 @@ function bigfileupload($path) $getoldupinfo=fetch_files(path_format($path . '/' . $cachefilename)); //echo json_encode($getoldupinfo, JSON_PRETTY_PRINT); if (isset($getoldupinfo['file'])&&$getoldupinfo['size']<5120) { - $getoldupinfo_j = curl_request($getoldupinfo['@microsoft.graph.downloadUrl']); + $getoldupinfo_j = curl_request($getoldupinfo[$_SERVER['DownurlStrName']]); $getoldupinfo = json_decode($getoldupinfo_j['body'], true); if ( json_decode( curl_request($getoldupinfo['uploadUrl'])['body'], true)['@odata.context']!='' ) return output($getoldupinfo_j['body'], $getoldupinfo_j['stat']); } @@ -541,194 +795,6 @@ function bigfileupload($path) return output('error', 400); } -function main($path) -{ - global $exts; - global $constStr; -//echo 'main.enterpath:'.$path.' -//'; - if (isset($_COOKIE['language'])) $constStr['language'] = $_COOKIE['language']; - if (!$constStr['language']) $constStr['language'] = getConfig('language'); - if ($constStr['language']=='') $constStr['language'] = 'en-us'; - $_SERVER['language'] = $constStr['language']; - $_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path); - - if (getConfig('admin')=='') return install(); - if (getConfig('adminloginpage')=='') { - $adminloginpage = 'admin'; - } else { - $adminloginpage = getConfig('adminloginpage'); - } - if (isset($_GET[$adminloginpage])) { - if (isset($_GET['preview'])) { - $url = $_SERVER['PHP_SELF'] . '?preview'; - } else { - $url = path_format($_SERVER['PHP_SELF'] . '/'); - } - if (getConfig('admin')!='') { - if ($_POST['password1']==getConfig('admin')) { - return adminform('admin',md5($_POST['password1']),$url); - } else return adminform(); - } else { - return output('', 302, [ 'Location' => $url ]); - } - } - if (getConfig('admin')!='') - if ( (isset($_COOKIE['admin'])&&$_COOKIE['admin']==md5(getConfig('admin'))) || (isset($_POST['password1'])&&$_POST['password1']==getConfig('admin')) ) { - $_SERVER['admin']=1; - $_SERVER['needUpdate'] = needUpdate(); - } else { - $_SERVER['admin']=0; - } - if (isset($_GET['setup'])) - if ($_SERVER['admin']) { - // setup Environments. 设置,对环境变量操作 - return EnvOpt($_SERVER['needUpdate']); - } else { - $url = path_format($_SERVER['PHP_SELF'] . '/'); - return output('', 302, [ 'Location' => $url ]); - } - - $_SERVER['base_disk_path'] = $_SERVER['base_path']; - $disktags = explode("|",getConfig('disktag')); -// echo 'count$disk:'.count($disktags); - if (count($disktags)>1) { - if ($path=='/'||$path=='') return output('', 302, [ 'Location' => path_format($_SERVER['base_path'].'/'.$disktags[0].'/') ]); - $_SERVER['disktag'] = $path; - $pos = strpos($path, '/'); - if ($pos>1) $_SERVER['disktag'] = substr($path, 0, $pos); - if (!in_array($_SERVER['disktag'], $disktags)) return message('Please visit from Home Page.', 'Error', 404); - $path = substr($path, strlen('/'.$_SERVER['disktag'])); - if ($_SERVER['disktag']!='') $_SERVER['base_disk_path'] = path_format($_SERVER['base_disk_path']. '/' . $_SERVER['disktag'] . '/'); - } else $_SERVER['disktag'] = $disktags[0]; -// echo 'main.disktag:'.$_SERVER['disktag'].',path:'.$path.' -//'; - $_SERVER['list_path'] = getListpath($_SERVER['HTTP_HOST']); - if ($_SERVER['list_path']=='') $_SERVER['list_path'] = '/'; - $_SERVER['is_guestup_path'] = is_guestup_path($path); - $_SERVER['ajax']=0; - if (isset($_SERVER['HTTP_X_REQUESTED_WITH'])) if ($_SERVER['HTTP_X_REQUESTED_WITH']=='XMLHttpRequest') $_SERVER['ajax']=1; - - config_oauth(); - if ($_SERVER['admin']) if (isset($_GET['AddDisk'])||isset($_GET['authorization_code'])) return get_refresh_token(); - $refresh_token = getConfig('refresh_token'); - //if (!$refresh_token) return get_refresh_token(); - if (!$refresh_token) { - return render_list(); - } else { - if (!($_SERVER['access_token'] = getcache('access_token'))) { - $response = curl_request( $_SERVER['oauth_url'] . 'token', 'client_id='. $_SERVER['client_id'] .'&client_secret='. $_SERVER['client_secret'] .'&grant_type=refresh_token&requested_token_use=on_behalf_of&refresh_token=' . $refresh_token ); - if ($response['stat']==200) $ret = json_decode($response['body'], true); - if (!isset($ret['access_token'])) { - error_log($_SERVER['oauth_url'] . 'token'.'?client_id='. $_SERVER['client_id'] .'&client_secret='. $_SERVER['client_secret'] .'&grant_type=refresh_token&requested_token_use=on_behalf_of&refresh_token=' . $refresh_token); - error_log('failed to get access_token. response' . json_encode($ret)); - throw new Exception($response['stat'].', failed to get access_token.'.$response['body']); - } - error_log('Get access token:'.json_encode($ret, JSON_PRETTY_PRINT)); - $_SERVER['access_token'] = $ret['access_token']; - savecache('access_token', $_SERVER['access_token'], $ret['expires_in'] - 300); - if (time()>getConfig('token_expires')) setConfig([ 'refresh_token' => $ret['refresh_token'], 'token_expires' => time()+7*24*60*60 ]); - } - - if ($_SERVER['ajax']) { - if ($_GET['action']=='del_upload_cache'&&substr($_GET['filename'],-4)=='.tmp') { - // del '.tmp' without login. 无需登录即可删除.tmp后缀文件 - error_log('del.tmp:GET,'.json_encode($_GET,JSON_PRETTY_PRINT)); - $tmp = MSAPI('DELETE',path_format(path_format($_SERVER['list_path'] . path_format($path)) . '/' . spurlencode($_GET['filename']) ),'',$_SERVER['access_token']); - $path1 = path_format($_SERVER['list_path'] . path_format($path)); - if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1); - savecache('path_' . $path1, json_decode('{}',true), 1); - return output($tmp['body'],$tmp['stat']); - } - if ($_GET['action']=='uploaded_rename') { - // rename .scfupload file without login. - // 无需登录即可重命名.scfupload后缀文件,filemd5为用户提交,可被构造,问题不大,以后处理 - $oldname = spurlencode($_GET['filename']); - $pos = strrpos($oldname, '.'); - if ($pos>0) $ext = strtolower(substr($oldname, $pos)); - $oldname = path_format(path_format($_SERVER['list_path'] . path_format($path)) . '/' . $oldname . '.scfupload' ); - $data = '{"name":"' . $_GET['filemd5'] . $ext . '"}'; - //echo $oldname .'
'. $data; - $tmp = MSAPI('PATCH',$oldname,$data,$_SERVER['access_token']); - if ($tmp['stat']==409) { - MSAPI('DELETE',$oldname,'',$_SERVER['access_token']); - $tmpbody = json_decode($tmp['body'], true); - $tmpbody['name'] = $_GET['filemd5'] . $ext; - $tmp['body'] = json_encode($tmpbody); - } - $path1 = path_format($_SERVER['list_path'] . path_format($path)); - if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1); - savecache('path_' . $path1, json_decode('{}',true), 1); - return output($tmp['body'],$tmp['stat']); - } - if ($_GET['action']=='upbigfile') return bigfileupload($path); - } - if ($_SERVER['admin']) { - $tmp = adminoperate($path); - if ($tmp['statusCode'] > 0) { - $path1 = path_format($_SERVER['list_path'] . path_format($path)); - if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1); - savecache('path_' . $path1, json_decode('{}',true), 1); - return $tmp; - } - } else { - if ($_SERVER['ajax']) return output(getconstStr('RefreshtoLogin'),401); - } - $_SERVER['ishidden'] = passhidden($path); - if (isset($_GET['thumbnails'])) { - if ($_SERVER['ishidden']<4) { - if (in_array(strtolower(substr($path, strrpos($path, '.') + 1)), $exts['img'])) { - return get_thumbnails_url($path); - } else return output(json_encode($exts['img']),400); - } else return output('',401); - } - - $files = list_files($path); - //echo json_encode(array_keys($files['children']), JSON_PRETTY_PRINT); - if (isset($_GET['random'])&&$_GET['random']!=='') { - if ($_SERVER['ishidden']<4) { - $tmp = []; - foreach (array_keys($files['children']) as $filename) { - if (strtolower(splitlast($filename,'.')[1])==strtolower($_GET['random'])) $tmp[$filename] = $files['children'][$filename]['@microsoft.graph.downloadUrl']; - } - $tmp = array_values($tmp); - if (count($tmp)>0) { - if (isset($_GET['url'])) return output($tmp[rand(0,count($tmp)-1)], 200); - return output('', 302, [ 'Location' => $tmp[rand(0,count($tmp)-1)] ]); - } else return output('',404); - } else return output('',401); - } - if (isset($files['file']) && !isset($_GET['preview'])) { - // is file && not preview mode - if ( $_SERVER['ishidden']<4 || (!!getConfig('downloadencrypt')&&$files['name']!=getConfig('passfile')) ) return output('', 302, [ 'Location' => $files['@microsoft.graph.downloadUrl'] ]); - } - if ( isset($files['folder']) || isset($files['file']) ) { - return render_list($path, $files); - } else { - if (!isset($files['error'])) { - $files['error']['message'] = json_encode($files, JSON_PRETTY_PRINT); - $files['error']['code'] = 'unknownError'; - $files['error']['stat'] = 500; - } - return message(''.getconstStr('Back').getconstStr('Home').'
' . $files['error']['message'] . '
'.getconstStr('Back').'', $files['error']['code'], $files['error']['stat']); - } - } -} - -function list_files($path) -{ - $path = path_format($path); - if ($_SERVER['is_guestup_path']&&!$_SERVER['admin']) { - $files = json_decode('{"folder":{}}', true); - } elseif (!getConfig('downloadencrypt')) { - if ($_SERVER['ishidden']==4) $files = json_decode('{"folder":{}}', true); - else $files = fetch_files($path); - } else { - $files = fetch_files($path); - } - return $files; -} - function adminform($name = '', $pass = '', $path = '') { $statusCode = 401; @@ -990,10 +1056,10 @@ function fetch_files($path = '/') if ($parentpath=='') $parentpath = '/'; $filename = $pos[1]; if ($parentfiles = getcache('path_' . $parentpath)) { - if (isset($parentfiles['children'][$filename]['@microsoft.graph.downloadUrl'])) { + if (isset($parentfiles['children'][$filename][$_SERVER['DownurlStrName']])) { if (in_array(splitlast($filename,'.')[1], $exts['txt'])) { if (!(isset($parentfiles['children'][$filename]['content'])&&$parentfiles['children'][$filename]['content']['stat']==200)) { - $content1 = curl_request($parentfiles['children'][$filename]['@microsoft.graph.downloadUrl']); + $content1 = curl_request($parentfiles['children'][$filename][$_SERVER['DownurlStrName']]); $parentfiles['children'][$filename]['content'] = $content1; savecache('path_' . $parentpath, $parentfiles); } @@ -1007,16 +1073,16 @@ function fetch_files($path = '/') $url .= ':' . $path; if (substr($url,-1)=='/') $url=substr($url,0,-1); } - $url .= '?expand=children(select=name,size,file,folder,parentReference,lastModifiedDateTime,@microsoft.graph.downloadUrl)'; + $url .= '?expand=children(select=name,size,file,folder,parentReference,lastModifiedDateTime,'.$_SERVER['DownurlStrName'].')'; $retry = 0; $arr = []; while ($retry<3&&!$arr['stat']) { - $arr = curl_request($url, false, ['Authorization' => 'Bearer ' . $_SERVER['access_token']]); + $arr = curl_request($url, false, ['Authorization' => 'Bearer ' . $_SERVER['access_token']],1); $retry++; } if ($arr['stat']<500) { $files = json_decode($arr['body'], true); - // echo $path . '
' . json_encode($files, JSON_PRETTY_PRINT) . '
'; + //echo $path . '
' . json_encode($arr, JSON_PRETTY_PRINT) . '
'; if (isset($files['folder'])) { if ($files['folder']['childCount']>200) { // files num > 200 , then get nextlink @@ -1072,7 +1138,7 @@ function fetch_files_children($files, $path, $page) // down cache file get jump info. 下载cache文件获取跳页链接 $cachefile = fetch_files(path_format($path1 . '/' .$cachefilename)); if ($cachefile['size']>0) { - $pageinfo = curl_request($cachefile['@microsoft.graph.downloadUrl'])['body']; + $pageinfo = curl_request($cachefile[$_SERVER['DownurlStrName']])['body']; $pageinfo = json_decode($pageinfo,true); for ($page4=1;$page4<$maxpage;$page4++) { savecache('nextlink_' . $path . '_page_' . $page4, $pageinfo['nextlink_' . $path . '_page_' . $page4]); @@ -1089,9 +1155,9 @@ function fetch_files_children($files, $path, $page) if ($path !== '/') { $url .= ':' . $path; if (substr($url,-1)=='/') $url=substr($url,0,-1); - $url .= ':/children?$select=name,size,file,folder,parentReference,lastModifiedDateTime,@microsoft.graph.downloadUrl'; + $url .= ':/children?$select=name,size,file,folder,parentReference,lastModifiedDateTime,'.$_SERVER['DownurlStrName']; } else { - $url .= '/children?$select=name,size,file,folder,parentReference,lastModifiedDateTime,@microsoft.graph.downloadUrl'; + $url .= '/children?$select=name,size,file,folder,parentReference,lastModifiedDateTime,'.$_SERVER['DownurlStrName']; } $children = json_decode(curl_request($url, false, ['Authorization' => 'Bearer ' . $_SERVER['access_token']])['body'], true); // echo $url . '
' . json_encode($children, JSON_PRETTY_PRINT) . '
'; @@ -1275,7 +1341,7 @@ function get_refresh_token() } } if (isset($_GET['install0'])) { - if ($_POST['disktag_add']!='' && ($_POST['Drive_ver']=='MS' || $_POST['Drive_ver']=='CN')) { + if ($_POST['disktag_add']!='') { if (in_array($_COOKIE['disktag'], $CommonEnv)) { return message('Do not input ' . $envs . '
', 'Error', 201); } @@ -1283,14 +1349,19 @@ function get_refresh_token() $tmp['disktag_add'] = $_POST['disktag_add']; $tmp['diskname'] = $_POST['diskname']; $tmp['Drive_ver'] = $_POST['Drive_ver']; - if ($_POST['Drive_custom']=='on') { - $tmp['Drive_custom'] = $_POST['Drive_custom']; - $tmp['client_id'] = $_POST['client_id']; - $tmp['client_secret'] = $_POST['client_secret']; - } - if ($_POST['usesharepoint']=='on') { - $tmp['usesharepoint'] = $_POST['usesharepoint']; - $tmp['sharepointname'] = $_POST['sharepointname']; + if ($_POST['Drive_ver']=='shareurl') { + $tmp['shareurl'] = $_POST['shareurl']; + $tmp['refresh_token'] = 1; + } else { + if ($_POST['Drive_custom']=='on') { + $tmp['Drive_custom'] = $_POST['Drive_custom']; + $tmp['client_id'] = $_POST['client_id']; + $tmp['client_secret'] = $_POST['client_secret']; + } + if ($_POST['usesharepoint']=='on') { + $tmp['usesharepoint'] = $_POST['usesharepoint']; + $tmp['sharepointname'] = $_POST['sharepointname']; + } } $response = setConfigResponse( setConfig($tmp, $_COOKIE['disktag']) ); if (api_error($response)) { @@ -1299,6 +1370,7 @@ function get_refresh_token() } else { $title = getconstStr('MayinEnv'); $html = getconstStr('Wait') . ' 3s'; + if ($_POST['Drive_ver']=='shareurl') $html = getconstStr('Wait') . ' 3s'; } return message($html, $title, 201); } @@ -1317,19 +1389,21 @@ function get_refresh_token() '.getconstStr('OnedriveDiskName').':

-
- +
+
+

-
- + +
+
-
-