From 6bd47b2a13d6da0b7aa61975c19ff79eb486d17e Mon Sep 17 00:00:00 2001 From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com> Date: Wed, 1 Apr 2020 15:49:38 +0800 Subject: [PATCH 1/5] Update purenice.php --- theme/purenice.php | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/theme/purenice.php b/theme/purenice.php index 83a160b..3e8f42d 100644 --- a/theme/purenice.php +++ b/theme/purenice.php @@ -36,23 +36,27 @@ .more-disk a{display:block;float:left;width:20%;height:38px;text-align:center;font-weight: bold;font-size: 18px;line-height:38px;color:#A6AAB4; } .more-disk a:hover, .more-disk a[now]{ color: #3B414B;border-bottom:2px solid #FF7D00;} .list-table{width:100%;border-spacing:0;margin-bottom:20px;} - .list-table tr{display:block;margin:10px 20px;height:60px;background:#ffffff;box-shadow: 0px 4px 26px rgba(0, 0, 0, 0.06);border-radius: 6px;} + .list-table tr{display:block;margin:10px 20px;width:96%;float:left;background:#ffffff;box-shadow: 0px 4px 26px rgba(0, 0, 0, 0.06);border-radius: 6px;} .list-table tr[data-to]:hover{background:#10C971;color:white;} .list-table tr[data-to]:hover a{color:white} - .list-table tr:first-child{background:#F9FAFB;box-shadow:none;} - .list-table td,.list-table th{display:block;float:left;height:60px;line-height:60px;text-align:left;} + .list-table td,.list-table th{display:block;float:left;line-height:60px;text-align:left;} .list-table td button,.list-table th button{cursor:pointer;color:#ffffff;height:30px;background:#FF7D00;padding:0 20px;border-width:0;border-radius:6px;box-shadow: 0px 4px 12px rgba(255, 125, 0, 0.5);} .list-table td.file,.list-table th.file{width:60%;color:#171D33;padding-left:20px;} + .list-table td.file ion-icon{float:left;margin-top:22px;margin-right:5px;} + .list-table td.file:hover>ion-icon,.list-table td.file:hover .operate>ion-icon{color:#fff;} + .list-table td.file a[name="filelist"]{float:left;} + .list-table td.file a[name="filelist"] img{border-radius:6px;margin-top:20px;} .list-table td.updated_at,.list-table th.updated_at{width:25%;} .list-table td.size,.list-table th.size{width:10%;} .list-table .size,.list-table .updated_at{text-align:right} .mask{position:absolute;left:0px;top:0px;width:100%;background-color:#000;filter:alpha(opacity=50);opacity:0.5;z-index:2;} - .operate{display:inline-table;margin:0;margin-right:5px;list-style:none} + .operate{display:inline-table;margin:0;margin-right:5px;list-style:none;float:left;} .operate ul{position:absolute;display:none;background:#fffaaa;border:0;border-radius:5px;margin:0;padding:0 7px;color:#205D67;z-index:1;box-shadow: 0px 0px 10px rgba(0, 0, 0, 0.2);} .operate:hover ul{position:absolute;display:inline-table;} .operate ul li{list-style:none;display:block;line-height:40px;} .list-table tr[data-to]:hover .operate ul li a{color:black} + .list-table tr[data-to]:hover .operate ul li a ion-icon{margin-top:12px;} .operatediv{position:absolute;background-color:#ffffff;z-index:2;border-radius:10px;background-color:#F9FAFB;} .loginstyle{width:250px;height:124px;} @@ -71,10 +75,12 @@ .size, .updated_at{display:none} } .update_notice{position:absolute;color:#A6AAB4;left:10%;margin-top:10px;} - .upload_style{height:60px;margin:20px 20px;background:#ffffff;box-shadow: 0px 4px 26px rgba(0, 0, 0, 0.06);border-radius: 6px;} + .upload_style{height:60px;width:96%;margin:20px;background:#ffffff;box-shadow: 0px 4px 26px rgba(0, 0, 0, 0.06);border-radius: 6px;} .upload_style .file{position: relative;float:left;width:100px;height:60px;;display: inline-block;background: #FF7D00;border-radius: 6px;overflow: hidden;color: #fff;text-decoration: none;text-align:center;line-height: 60px;font-size:14px;pointer-events: none;} .upload_style input[type="file"]{color:#A6AAB4;float:left;height:38px;margin-left:-100px;outline:none;font-size:14px;padding:22px 0 0 38px;} .upload_style input[type="button"]{display:block;color:#fff;float:right;height:60px;width:160px;outline:none;font-size:16px;background:#613EEA;border-radius:6px;} + .upload_style .list-table tr td{line-height:30px;margin:10px 20px;} + .upload_style .list-table tr td button{margin-left:10px;} @@ -174,7 +180,7 @@ $DPvideo = false; if ($_SERVER['is_guestup_path']&&!$_SERVER['admin']) { ?>
- 选择文件 +
@@ -368,7 +374,7 @@ } if ($_SERVER['admin']) { ?>
- 选择文件 + @@ -868,7 +874,7 @@ tr1.setAttribute('data-to',1); var td1=document.createElement('td'); tr1.appendChild(td1); - td1.setAttribute('style','width:30%'); + td1.setAttribute('class','uplist'); td1.setAttribute('id','upfile_td1_'+timea+'_'+i); td1.innerHTML=file.name+'
'+size_format(file.size); var td2=document.createElement('td'); From cd56380d39e1e48ff116ef2ebd2d3c100f3b369d Mon Sep 17 00:00:00 2001 From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com> Date: Wed, 1 Apr 2020 17:56:18 +0800 Subject: [PATCH 2/5] Update purenice.php --- theme/purenice.php | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/theme/purenice.php b/theme/purenice.php index 3e8f42d..4ca94cb 100644 --- a/theme/purenice.php +++ b/theme/purenice.php @@ -25,11 +25,11 @@ .list-wrapper{width:80%;margin:0 auto;position:relative;} .list-container{position:relative;} .list-header-container{position:relative;width:100%;} - .list-header-container a.back-link{float:left;color:#ffffff;display:block;margin:10px;height:40px;width:40px;background:#613EEA;line-height:40px;text-decoration:none;text-align:center;border-radius:20px;box-shadow: 0px 4px 12px rgba(97, 62, 234, 0.5);} + .list-header-container a.back-link{position:absolute;float:left;color:#ffffff;display:inline-block;margin:10px;height:40px;width:40px;background:#613EEA;line-height:40px;text-decoration:none;text-align:center;border-radius:20px;box-shadow: 0px 4px 12px rgba(97, 62, 234, 0.5);} .list-header-container a.back-link ion-icon{font-size:20px;} .list-header-container a.back-link:hover{color:white} .list-container,.list-header-container,.list-wrapper,a.back-link:hover,body{color:#24292e} - .table-header{display:block;float:left;margin:10px 0;height:40px;line-height:40px;text-align:left;font-weight:400;color:#A0A4B0;word-break: break-all;word-wrap: break-word;} + .table-header{display:block;float:left;margin:10px 0 0 60px;height:40px;line-height:40px;text-align:left;font-weight:400;color:#A0A4B0;word-break: break-all;word-wrap: break-word;} .fix{height:60px;} .list-body-container{position:relative;left:0;overflow-x:hidden;overflow-y:auto;box-sizing:border-box;} .more-disk{border-bottom:1px solid #E8E9EC;height:40px;white-space:nowrap;overflow:auto;} @@ -75,10 +75,10 @@ .size, .updated_at{display:none} } .update_notice{position:absolute;color:#A6AAB4;left:10%;margin-top:10px;} - .upload_style{height:60px;width:96%;margin:20px;background:#ffffff;box-shadow: 0px 4px 26px rgba(0, 0, 0, 0.06);border-radius: 6px;} - .upload_style .file{position: relative;float:left;width:100px;height:60px;;display: inline-block;background: #FF7D00;border-radius: 6px;overflow: hidden;color: #fff;text-decoration: none;text-align:center;line-height: 60px;font-size:14px;pointer-events: none;} - .upload_style input[type="file"]{color:#A6AAB4;float:left;height:38px;margin-left:-100px;outline:none;font-size:14px;padding:22px 0 0 38px;} - .upload_style input[type="button"]{display:block;color:#fff;float:right;height:60px;width:160px;outline:none;font-size:16px;background:#613EEA;border-radius:6px;} + .upload_style{display:table;height:60px;width:96%;margin:20px;background:#ffffff;box-shadow: 0px 4px 26px rgba(0, 0, 0, 0.06);border-radius: 6px;} + .upload_style .file{position: relative;float:left;width:100px;height:60px;;display: block;background: #FF7D00;border-radius: 6px;overflow: hidden;color: #fff;text-decoration: none;text-align:center;line-height: 60px;font-size:14px;pointer-events: none;} + .upload_style input[type="file"]{display:inline-block;vertical-align:middle;color:#A6AAB4;float:left;height:38px;margin:20px 0 0 20px;outline:none;font-size:14px;text-align:center;} + .upload_style input[type="button"]{display:block;color:#fff;float:right;height:60px;width:160px;outline:none;font-size:16px;background:#613EEA;border-radius:6px;border:0;} .upload_style .list-table tr td{line-height:30px;margin:10px 20px;} .upload_style .list-table tr td button{margin-left:10px;} @@ -180,8 +180,7 @@ $DPvideo = false; if ($_SERVER['is_guestup_path']&&!$_SERVER['admin']) { ?>
- - +
- - +
From 0d9996c6c80d9688a2206c360b4edb510e6b0580 Mon Sep 17 00:00:00 2001 From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com> Date: Wed, 1 Apr 2020 17:57:42 +0800 Subject: [PATCH 3/5] Update onemoe.php --- theme/onemoe.php | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/theme/onemoe.php b/theme/onemoe.php index ea738b0..8567957 100644 --- a/theme/onemoe.php +++ b/theme/onemoe.php @@ -2,7 +2,7 @@ - <?php echo $pretitle; if ($_SERVER['base_disk_path']!=$_SERVER['base_path']) echo ' - ' . getConfig('diskname');?> - <?php echo $_SERVER['sitename'];?> + <?php echo $pretitle; if ($_SERVER['base_disk_path']!=$_SERVER['base_path']) { if (getConfig('diskname')!='') $diskname = getConfig('diskname'); else $diskname = $_SERVER['disktag']; echo ' - ' . $diskname; } ?> - <?php echo $_SERVER['sitename'];?> @@ -10,10 +10,11 @@ - @@ -62,7 +63,7 @@ '.$diskname.' + echo ' '.$diskname.' '; } ?>
@@ -480,6 +481,12 @@ ', 302, [ 'Location' => $url ]); + } + + $_SERVER['base_disk_path'] = $_SERVER['base_path']; + $disktags = explode("|",getConfig('disktag')); +// echo 'count$disk:'.count($disktags); + if (count($disktags)>1) { + if ($path=='/'||$path=='') return output('', 302, [ 'Location' => path_format($_SERVER['base_path'].'/'.$disktags[0].'/') ]); + $_SERVER['disktag'] = $path; + $pos = strpos($path, '/'); + if ($pos>1) $_SERVER['disktag'] = substr($path, 0, $pos); + if (!in_array($_SERVER['disktag'], $disktags)) return message('Please visit from Home Page.', 'Error', 404); + $path = substr($path, strlen('/'.$_SERVER['disktag'])); + if ($_SERVER['disktag']!='') $_SERVER['base_disk_path'] = path_format($_SERVER['base_disk_path']. '/' . $_SERVER['disktag'] . '/'); + } else $_SERVER['disktag'] = $disktags[0]; +// echo 'main.disktag:'.$_SERVER['disktag'].',path:'.$path.' +//'; + $_SERVER['list_path'] = getListpath($_SERVER['HTTP_HOST']); + if ($_SERVER['list_path']=='') $_SERVER['list_path'] = '/'; + $_SERVER['is_guestup_path'] = is_guestup_path($path); + $_SERVER['ajax']=0; + if (isset($_SERVER['HTTP_X_REQUESTED_WITH'])) if ($_SERVER['HTTP_X_REQUESTED_WITH']=='XMLHttpRequest') $_SERVER['ajax']=1; + + config_oauth(); + if ($_SERVER['admin']) if (isset($_GET['AddDisk'])||isset($_GET['authorization_code'])) return get_refresh_token(); + $refresh_token = getConfig('refresh_token'); + //if (!$refresh_token) return get_refresh_token(); + if (!$refresh_token) { + return render_list(); + } else { + if (!($_SERVER['access_token'] = getcache('access_token'))) { + get_access_token($refresh_token); + } + + if ($_SERVER['ajax']) { + if ($_GET['action']=='del_upload_cache'&&substr($_GET['filename'],-4)=='.tmp') { + // del '.tmp' without login. 无需登录即可删除.tmp后缀文件 + error_log('del.tmp:GET,'.json_encode($_GET,JSON_PRETTY_PRINT)); + $tmp = MSAPI('DELETE',path_format(path_format($_SERVER['list_path'] . path_format($path)) . '/' . spurlencode($_GET['filename']) ),'',$_SERVER['access_token']); + $path1 = path_format($_SERVER['list_path'] . path_format($path)); + if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1); + savecache('path_' . $path1, json_decode('{}',true), 1); + return output($tmp['body'],$tmp['stat']); + } + if ($_GET['action']=='uploaded_rename') { + // rename .scfupload file without login. + // 无需登录即可重命名.scfupload后缀文件,filemd5为用户提交,可被构造,问题不大,以后处理 + $oldname = spurlencode($_GET['filename']); + $pos = strrpos($oldname, '.'); + if ($pos>0) $ext = strtolower(substr($oldname, $pos)); + $oldname = path_format(path_format($_SERVER['list_path'] . path_format($path)) . '/' . $oldname . '.scfupload' ); + $data = '{"name":"' . $_GET['filemd5'] . $ext . '"}'; + //echo $oldname .'
'. $data; + $tmp = MSAPI('PATCH',$oldname,$data,$_SERVER['access_token']); + if ($tmp['stat']==409) { + MSAPI('DELETE',$oldname,'',$_SERVER['access_token']); + $tmpbody = json_decode($tmp['body'], true); + $tmpbody['name'] = $_GET['filemd5'] . $ext; + $tmp['body'] = json_encode($tmpbody); + } + $path1 = path_format($_SERVER['list_path'] . path_format($path)); + if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1); + savecache('path_' . $path1, json_decode('{}',true), 1); + return output($tmp['body'],$tmp['stat']); + } + if ($_GET['action']=='upbigfile') return bigfileupload($path); + } + if ($_SERVER['admin']) { + $tmp = adminoperate($path); + if ($tmp['statusCode'] > 0) { + $path1 = path_format($_SERVER['list_path'] . path_format($path)); + if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1); + savecache('path_' . $path1, json_decode('{}',true), 1); + return $tmp; + } + } else { + if ($_SERVER['ajax']) return output(getconstStr('RefreshtoLogin'),401); + } + $_SERVER['ishidden'] = passhidden($path); + if (isset($_GET['thumbnails'])) { + if ($_SERVER['ishidden']<4) { + if (in_array(strtolower(substr($path, strrpos($path, '.') + 1)), $exts['img'])) { + return get_thumbnails_url($path); + } else return output(json_encode($exts['img']),400); + } else return output('',401); + } + + $files = list_files($path); + //echo json_encode(array_keys($files['children']), JSON_PRETTY_PRINT); + if (isset($_GET['random'])&&$_GET['random']!=='') { + if ($_SERVER['ishidden']<4) { + $tmp = []; + foreach (array_keys($files['children']) as $filename) { + if (strtolower(splitlast($filename,'.')[1])==strtolower($_GET['random'])) $tmp[$filename] = $files['children'][$filename][$_SERVER['DownurlStrName']]; + } + $tmp = array_values($tmp); + if (count($tmp)>0) { + if (isset($_GET['url'])) return output($tmp[rand(0,count($tmp)-1)], 200); + return output('', 302, [ 'Location' => $tmp[rand(0,count($tmp)-1)] ]); + } else return output('',404); + } else return output('',401); + } + if (isset($files['file']) && !isset($_GET['preview'])) { + // is file && not preview mode + if ( $_SERVER['ishidden']<4 || (!!getConfig('downloadencrypt')&&$files['name']!=getConfig('passfile')) ) return output('', 302, [ 'Location' => $files[$_SERVER['DownurlStrName']] ]); + } + if ( isset($files['folder']) || isset($files['file']) ) { + return render_list($path, $files); + } else { + if (!isset($files['error'])) { + $files['error']['message'] = json_encode($files, JSON_PRETTY_PRINT); + $files['error']['code'] = 'unknownError'; + $files['error']['stat'] = 500; + } + return message(''.getconstStr('Back').getconstStr('Home').'
' . $files['error']['message'] . '
'.getconstStr('Back').'', $files['error']['code'], $files['error']['stat']); + } + } +} + +function get_access_token($refresh_token) +{ + if (getConfig('Drive_ver')=='shareurl') { + +//if (!$files) $files['body'] = $arr['body']; + //$files['returnhead'] = $arr['returnhead']; + //$files['cookie'] = $arr['returnhead']['Set-Cookie']; +//return $files; + + /*$files['get'] = curl_request( + "https://mfedu-my.sharepoint.com/personal/ysun_ac_stu_office_gy/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1='%2Fpersonal%2Fysun_ac_stu_office_gy%2FDocuments'&RootFolder=%2Fpersonal%2Fysun_ac_stu_office_gy%2FDocuments%2F&TryNewExperienceSingle=TRUE", + '{"parameters":{"__metadata":{"type":"SP.RenderListDataParameters"},"RenderOptions":136967,"AllowMultipleValueFilterForTaxonomyFields":true,"AddRequiredFields":true}}', + ['Accept' => 'application/json;odata=verbose', 'Content-Type' => 'application/json;odata=verbose', 'origin' => 'https://mfedu-my.sharepoint.com', 'Cookie' => $arr['returnhead']['Set-Cookie']], + 1); + $files['get']['body'] = json_decode($files['get']['body'], true); + $_SERVER['access_token'] = splitlast($files['get']['body']['ListSchema']['.driveAccessToken'],'=')[1]; + $_SERVER['api_url'] = $files['get']['body']['ListSchema']['.driveUrl'].'/root'; + + $files = json_decode( curl_request( $_SERVER['api_url'].'?expand=children(select=name,size,file,folder,parentReference,lastModifiedDateTime,@microsoft.graph.downloadUrl,@content.downloadUrl)', false, ['Authorization' => 'Bearer ' . $_SERVER['access_token'], 'Accept' => 'application/json'] )['body'], true); + $files['children']['a']['file'] = $_SERVER['api_url']; + $files['children']['a']['name'] = $_SERVER['api_url']; +*/ + $shareurl = getConfig('shareurl'); + //$url = 'https://mfedu-my.sharepoint.com/:f:/g/personal/ysun_ac_stu_office_gy/EpDIBOaYyExHjfu-PJA46icB40X0FKVwmn_9UDJsRvu3Ug?e=XyRZxP'; + //$url = 'https://2d2-my.sharepoint.com/:f:/g/personal/ysun_host_ac_cn/Ehy8pjSQSoZOtLDs4ZKPiGUBYFt26CjEwG6bw7W5vleNNQ?e=DLZcWF'; + $tmp1 = splitlast($shareurl, '/')[0]; + $account = splitlast($tmp1, '/')[1]; + $tmp1 = splitlast($shareurl, ':')[0]; + $domain = splitlast($tmp1, '/')[0]; + if (!isset($_SERVER['sharecookie'])||$_SERVER['sharecookie']=='') $_SERVER['sharecookie'] = curl_request($shareurl,false, [],1)['returnhead']['Set-Cookie']; + $response = curl_request( + $domain . "/personal/" . $account . "/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1='" . urlencode("/personal/" . $account . "/Documents") . "'&RootFolder=" . urlencode("/personal/" . $account . "/Documents/") . "&TryNewExperienceSingle=TRUE", + '{"parameters":{"__metadata":{"type":"SP.RenderListDataParameters"},"RenderOptions":136967,"AllowMultipleValueFilterForTaxonomyFields":true,"AddRequiredFields":true}}', + [ 'Accept' => 'application/json;odata=verbose', 'Content-Type' => 'application/json;odata=verbose', 'origin' => $domain, 'Cookie' => $_SERVER['sharecookie'] ] + ); + if ($response['stat']==200) $ret = json_decode($response['body'], true); + $_SERVER['access_token'] = splitlast($ret['ListSchema']['.driveAccessToken'],'=')[1]; + $_SERVER['api_url'] = $ret['ListSchema']['.driveUrl'].'/root'; + if (!$_SERVER['access_token']) { + error_log($domain . "/personal/" . $account . "/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1='" . urlencode("/personal/" . $account . "/Documents") . "'&RootFolder=" . urlencode("/personal/" . $account . "/Documents/") . "&TryNewExperienceSingle=TRUE"); + error_log('failed to get access_token. response' . json_encode($ret)); + throw new Exception($response['stat'].', failed to get access_token.'.$response['body']); + } + error_log('Get access token:'.json_encode($ret, JSON_PRETTY_PRINT)); + savecache('access_token', $_SERVER['access_token']); + if (getConfig('sharecookie')==''||getConfig('shareapiurl')=='') setConfig([ 'sharecookie' => $_SERVER['sharecookie'], 'shareapiurl' => $_SERVER['api_url'] ]); + } else { + $response = curl_request( $_SERVER['oauth_url'] . 'token', 'client_id='. $_SERVER['client_id'] .'&client_secret='. $_SERVER['client_secret'] .'&grant_type=refresh_token&requested_token_use=on_behalf_of&refresh_token=' . $refresh_token ); + if ($response['stat']==200) $ret = json_decode($response['body'], true); + if (!isset($ret['access_token'])) { + error_log($_SERVER['oauth_url'] . 'token'.'?client_id='. $_SERVER['client_id'] .'&client_secret='. $_SERVER['client_secret'] .'&grant_type=refresh_token&requested_token_use=on_behalf_of&refresh_token=' . $refresh_token); + error_log('failed to get access_token. response' . json_encode($ret)); + throw new Exception($response['stat'].', failed to get access_token.'.$response['body']); + } + error_log('Get access token:'.json_encode($ret, JSON_PRETTY_PRINT)); + $_SERVER['access_token'] = $ret['access_token']; + savecache('access_token', $_SERVER['access_token'], $ret['expires_in'] - 300); + if (time()>getConfig('token_expires')) setConfig([ 'refresh_token' => $ret['refresh_token'], 'token_expires' => time()+7*24*60*60 ]); + } +} + +function list_files($path) +{ + $path = path_format($path); + if ($_SERVER['is_guestup_path']&&!$_SERVER['admin']) { + $files = json_decode('{"folder":{}}', true); + } elseif (!getConfig('downloadencrypt')) { + if ($_SERVER['ishidden']==4) $files = json_decode('{"folder":{}}', true); + else $files = fetch_files($path); + } else { + $files = fetch_files($path); + } + return $files; +} + function isHideFile($name) { $FunctionalityFile = [ @@ -139,6 +386,12 @@ function config_oauth() $_SERVER['sitename'] = getConfig('sitename'); if (empty($_SERVER['sitename'])) $_SERVER['sitename'] = getconstStr('defaultSitename'); $_SERVER['redirect_uri'] = 'https://scfonedrive.github.io'; + if (getConfig('Drive_ver')=='shareurl') { + $_SERVER['api_url'] = getConfig('shareapiurl'); + $_SERVER['sharecookie'] = getConfig('sharecookie'); + $_SERVER['DownurlStrName'] = '@content.downloadUrl'; + return 0; + } if (getConfig('Drive_ver')=='MS') { // MS // https://portal.azure.com @@ -169,6 +422,7 @@ function config_oauth() } $_SERVER['client_secret'] = urlencode($_SERVER['client_secret']); $_SERVER['scope'] = urlencode($_SERVER['scope']); + $_SERVER['DownurlStrName'] = '@microsoft.graph.downloadUrl'; } function get_siteid($access_token) @@ -336,7 +590,7 @@ function gethiddenpass($path,$passfile) $ispassfile = fetch_files(path_format($path . '/' . urlencode($passfile))); //echo $path . '
' . json_encode($ispassfile, JSON_PRETTY_PRINT) . '
'; if (isset($ispassfile['file'])) { - $arr = curl_request($ispassfile['@microsoft.graph.downloadUrl']); + $arr = curl_request($ispassfile[$_SERVER['DownurlStrName']]); if ($arr['stat']==200) { $passwordf=explode("\n",$arr['body']); $password=$passwordf[0]; @@ -427,7 +681,7 @@ function message($message, $title = 'Message', $statusCode = 200) function needUpdate() { - $current_ver = file_get_contents(__DIR__ . '/../version'); + $current_ver = file_get_contents(__DIR__ . '/version'); $current_ver = substr($current_ver, strpos($current_ver, '.')+1); $current_ver = explode(urldecode('%0A'),$current_ver)[0]; $current_ver = explode(urldecode('%0D'),$current_ver)[0]; @@ -526,7 +780,7 @@ function bigfileupload($path) $getoldupinfo=fetch_files(path_format($path . '/' . $cachefilename)); //echo json_encode($getoldupinfo, JSON_PRETTY_PRINT); if (isset($getoldupinfo['file'])&&$getoldupinfo['size']<5120) { - $getoldupinfo_j = curl_request($getoldupinfo['@microsoft.graph.downloadUrl']); + $getoldupinfo_j = curl_request($getoldupinfo[$_SERVER['DownurlStrName']]); $getoldupinfo = json_decode($getoldupinfo_j['body'], true); if ( json_decode( curl_request($getoldupinfo['uploadUrl'])['body'], true)['@odata.context']!='' ) return output($getoldupinfo_j['body'], $getoldupinfo_j['stat']); } @@ -541,194 +795,6 @@ function bigfileupload($path) return output('error', 400); } -function main($path) -{ - global $exts; - global $constStr; -//echo 'main.enterpath:'.$path.' -//'; - if (isset($_COOKIE['language'])) $constStr['language'] = $_COOKIE['language']; - if (!$constStr['language']) $constStr['language'] = getConfig('language'); - if ($constStr['language']=='') $constStr['language'] = 'en-us'; - $_SERVER['language'] = $constStr['language']; - $_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path); - - if (getConfig('admin')=='') return install(); - if (getConfig('adminloginpage')=='') { - $adminloginpage = 'admin'; - } else { - $adminloginpage = getConfig('adminloginpage'); - } - if (isset($_GET[$adminloginpage])) { - if (isset($_GET['preview'])) { - $url = $_SERVER['PHP_SELF'] . '?preview'; - } else { - $url = path_format($_SERVER['PHP_SELF'] . '/'); - } - if (getConfig('admin')!='') { - if ($_POST['password1']==getConfig('admin')) { - return adminform('admin',md5($_POST['password1']),$url); - } else return adminform(); - } else { - return output('', 302, [ 'Location' => $url ]); - } - } - if (getConfig('admin')!='') - if ( (isset($_COOKIE['admin'])&&$_COOKIE['admin']==md5(getConfig('admin'))) || (isset($_POST['password1'])&&$_POST['password1']==getConfig('admin')) ) { - $_SERVER['admin']=1; - $_SERVER['needUpdate'] = needUpdate(); - } else { - $_SERVER['admin']=0; - } - if (isset($_GET['setup'])) - if ($_SERVER['admin']) { - // setup Environments. 设置,对环境变量操作 - return EnvOpt($_SERVER['needUpdate']); - } else { - $url = path_format($_SERVER['PHP_SELF'] . '/'); - return output('', 302, [ 'Location' => $url ]); - } - - $_SERVER['base_disk_path'] = $_SERVER['base_path']; - $disktags = explode("|",getConfig('disktag')); -// echo 'count$disk:'.count($disktags); - if (count($disktags)>1) { - if ($path=='/'||$path=='') return output('', 302, [ 'Location' => path_format($_SERVER['base_path'].'/'.$disktags[0].'/') ]); - $_SERVER['disktag'] = $path; - $pos = strpos($path, '/'); - if ($pos>1) $_SERVER['disktag'] = substr($path, 0, $pos); - if (!in_array($_SERVER['disktag'], $disktags)) return message('Please visit from Home Page.', 'Error', 404); - $path = substr($path, strlen('/'.$_SERVER['disktag'])); - if ($_SERVER['disktag']!='') $_SERVER['base_disk_path'] = path_format($_SERVER['base_disk_path']. '/' . $_SERVER['disktag'] . '/'); - } else $_SERVER['disktag'] = $disktags[0]; -// echo 'main.disktag:'.$_SERVER['disktag'].',path:'.$path.' -//'; - $_SERVER['list_path'] = getListpath($_SERVER['HTTP_HOST']); - if ($_SERVER['list_path']=='') $_SERVER['list_path'] = '/'; - $_SERVER['is_guestup_path'] = is_guestup_path($path); - $_SERVER['ajax']=0; - if (isset($_SERVER['HTTP_X_REQUESTED_WITH'])) if ($_SERVER['HTTP_X_REQUESTED_WITH']=='XMLHttpRequest') $_SERVER['ajax']=1; - - config_oauth(); - if ($_SERVER['admin']) if (isset($_GET['AddDisk'])||isset($_GET['authorization_code'])) return get_refresh_token(); - $refresh_token = getConfig('refresh_token'); - //if (!$refresh_token) return get_refresh_token(); - if (!$refresh_token) { - return render_list(); - } else { - if (!($_SERVER['access_token'] = getcache('access_token'))) { - $response = curl_request( $_SERVER['oauth_url'] . 'token', 'client_id='. $_SERVER['client_id'] .'&client_secret='. $_SERVER['client_secret'] .'&grant_type=refresh_token&requested_token_use=on_behalf_of&refresh_token=' . $refresh_token ); - if ($response['stat']==200) $ret = json_decode($response['body'], true); - if (!isset($ret['access_token'])) { - error_log($_SERVER['oauth_url'] . 'token'.'?client_id='. $_SERVER['client_id'] .'&client_secret='. $_SERVER['client_secret'] .'&grant_type=refresh_token&requested_token_use=on_behalf_of&refresh_token=' . $refresh_token); - error_log('failed to get access_token. response' . json_encode($ret)); - throw new Exception($response['stat'].', failed to get access_token.'.$response['body']); - } - error_log('Get access token:'.json_encode($ret, JSON_PRETTY_PRINT)); - $_SERVER['access_token'] = $ret['access_token']; - savecache('access_token', $_SERVER['access_token'], $ret['expires_in'] - 300); - if (time()>getConfig('token_expires')) setConfig([ 'refresh_token' => $ret['refresh_token'], 'token_expires' => time()+7*24*60*60 ]); - } - - if ($_SERVER['ajax']) { - if ($_GET['action']=='del_upload_cache'&&substr($_GET['filename'],-4)=='.tmp') { - // del '.tmp' without login. 无需登录即可删除.tmp后缀文件 - error_log('del.tmp:GET,'.json_encode($_GET,JSON_PRETTY_PRINT)); - $tmp = MSAPI('DELETE',path_format(path_format($_SERVER['list_path'] . path_format($path)) . '/' . spurlencode($_GET['filename']) ),'',$_SERVER['access_token']); - $path1 = path_format($_SERVER['list_path'] . path_format($path)); - if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1); - savecache('path_' . $path1, json_decode('{}',true), 1); - return output($tmp['body'],$tmp['stat']); - } - if ($_GET['action']=='uploaded_rename') { - // rename .scfupload file without login. - // 无需登录即可重命名.scfupload后缀文件,filemd5为用户提交,可被构造,问题不大,以后处理 - $oldname = spurlencode($_GET['filename']); - $pos = strrpos($oldname, '.'); - if ($pos>0) $ext = strtolower(substr($oldname, $pos)); - $oldname = path_format(path_format($_SERVER['list_path'] . path_format($path)) . '/' . $oldname . '.scfupload' ); - $data = '{"name":"' . $_GET['filemd5'] . $ext . '"}'; - //echo $oldname .'
'. $data; - $tmp = MSAPI('PATCH',$oldname,$data,$_SERVER['access_token']); - if ($tmp['stat']==409) { - MSAPI('DELETE',$oldname,'',$_SERVER['access_token']); - $tmpbody = json_decode($tmp['body'], true); - $tmpbody['name'] = $_GET['filemd5'] . $ext; - $tmp['body'] = json_encode($tmpbody); - } - $path1 = path_format($_SERVER['list_path'] . path_format($path)); - if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1); - savecache('path_' . $path1, json_decode('{}',true), 1); - return output($tmp['body'],$tmp['stat']); - } - if ($_GET['action']=='upbigfile') return bigfileupload($path); - } - if ($_SERVER['admin']) { - $tmp = adminoperate($path); - if ($tmp['statusCode'] > 0) { - $path1 = path_format($_SERVER['list_path'] . path_format($path)); - if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1); - savecache('path_' . $path1, json_decode('{}',true), 1); - return $tmp; - } - } else { - if ($_SERVER['ajax']) return output(getconstStr('RefreshtoLogin'),401); - } - $_SERVER['ishidden'] = passhidden($path); - if (isset($_GET['thumbnails'])) { - if ($_SERVER['ishidden']<4) { - if (in_array(strtolower(substr($path, strrpos($path, '.') + 1)), $exts['img'])) { - return get_thumbnails_url($path); - } else return output(json_encode($exts['img']),400); - } else return output('',401); - } - - $files = list_files($path); - //echo json_encode(array_keys($files['children']), JSON_PRETTY_PRINT); - if (isset($_GET['random'])&&$_GET['random']!=='') { - if ($_SERVER['ishidden']<4) { - $tmp = []; - foreach (array_keys($files['children']) as $filename) { - if (strtolower(splitlast($filename,'.')[1])==strtolower($_GET['random'])) $tmp[$filename] = $files['children'][$filename]['@microsoft.graph.downloadUrl']; - } - $tmp = array_values($tmp); - if (count($tmp)>0) { - if (isset($_GET['url'])) return output($tmp[rand(0,count($tmp)-1)], 200); - return output('', 302, [ 'Location' => $tmp[rand(0,count($tmp)-1)] ]); - } else return output('',404); - } else return output('',401); - } - if (isset($files['file']) && !isset($_GET['preview'])) { - // is file && not preview mode - if ( $_SERVER['ishidden']<4 || (!!getConfig('downloadencrypt')&&$files['name']!=getConfig('passfile')) ) return output('', 302, [ 'Location' => $files['@microsoft.graph.downloadUrl'] ]); - } - if ( isset($files['folder']) || isset($files['file']) ) { - return render_list($path, $files); - } else { - if (!isset($files['error'])) { - $files['error']['message'] = json_encode($files, JSON_PRETTY_PRINT); - $files['error']['code'] = 'unknownError'; - $files['error']['stat'] = 500; - } - return message(''.getconstStr('Back').getconstStr('Home').'
' . $files['error']['message'] . '
'.getconstStr('Back').'', $files['error']['code'], $files['error']['stat']); - } - } -} - -function list_files($path) -{ - $path = path_format($path); - if ($_SERVER['is_guestup_path']&&!$_SERVER['admin']) { - $files = json_decode('{"folder":{}}', true); - } elseif (!getConfig('downloadencrypt')) { - if ($_SERVER['ishidden']==4) $files = json_decode('{"folder":{}}', true); - else $files = fetch_files($path); - } else { - $files = fetch_files($path); - } - return $files; -} - function adminform($name = '', $pass = '', $path = '') { $statusCode = 401; @@ -990,10 +1056,10 @@ function fetch_files($path = '/') if ($parentpath=='') $parentpath = '/'; $filename = $pos[1]; if ($parentfiles = getcache('path_' . $parentpath)) { - if (isset($parentfiles['children'][$filename]['@microsoft.graph.downloadUrl'])) { + if (isset($parentfiles['children'][$filename][$_SERVER['DownurlStrName']])) { if (in_array(splitlast($filename,'.')[1], $exts['txt'])) { if (!(isset($parentfiles['children'][$filename]['content'])&&$parentfiles['children'][$filename]['content']['stat']==200)) { - $content1 = curl_request($parentfiles['children'][$filename]['@microsoft.graph.downloadUrl']); + $content1 = curl_request($parentfiles['children'][$filename][$_SERVER['DownurlStrName']]); $parentfiles['children'][$filename]['content'] = $content1; savecache('path_' . $parentpath, $parentfiles); } @@ -1007,16 +1073,16 @@ function fetch_files($path = '/') $url .= ':' . $path; if (substr($url,-1)=='/') $url=substr($url,0,-1); } - $url .= '?expand=children(select=name,size,file,folder,parentReference,lastModifiedDateTime,@microsoft.graph.downloadUrl)'; + $url .= '?expand=children(select=name,size,file,folder,parentReference,lastModifiedDateTime,'.$_SERVER['DownurlStrName'].')'; $retry = 0; $arr = []; while ($retry<3&&!$arr['stat']) { - $arr = curl_request($url, false, ['Authorization' => 'Bearer ' . $_SERVER['access_token']]); + $arr = curl_request($url, false, ['Authorization' => 'Bearer ' . $_SERVER['access_token']],1); $retry++; } if ($arr['stat']<500) { $files = json_decode($arr['body'], true); - // echo $path . '
' . json_encode($files, JSON_PRETTY_PRINT) . '
'; + //echo $path . '
' . json_encode($arr, JSON_PRETTY_PRINT) . '
'; if (isset($files['folder'])) { if ($files['folder']['childCount']>200) { // files num > 200 , then get nextlink @@ -1072,7 +1138,7 @@ function fetch_files_children($files, $path, $page) // down cache file get jump info. 下载cache文件获取跳页链接 $cachefile = fetch_files(path_format($path1 . '/' .$cachefilename)); if ($cachefile['size']>0) { - $pageinfo = curl_request($cachefile['@microsoft.graph.downloadUrl'])['body']; + $pageinfo = curl_request($cachefile[$_SERVER['DownurlStrName']])['body']; $pageinfo = json_decode($pageinfo,true); for ($page4=1;$page4<$maxpage;$page4++) { savecache('nextlink_' . $path . '_page_' . $page4, $pageinfo['nextlink_' . $path . '_page_' . $page4]); @@ -1089,9 +1155,9 @@ function fetch_files_children($files, $path, $page) if ($path !== '/') { $url .= ':' . $path; if (substr($url,-1)=='/') $url=substr($url,0,-1); - $url .= ':/children?$select=name,size,file,folder,parentReference,lastModifiedDateTime,@microsoft.graph.downloadUrl'; + $url .= ':/children?$select=name,size,file,folder,parentReference,lastModifiedDateTime,'.$_SERVER['DownurlStrName']; } else { - $url .= '/children?$select=name,size,file,folder,parentReference,lastModifiedDateTime,@microsoft.graph.downloadUrl'; + $url .= '/children?$select=name,size,file,folder,parentReference,lastModifiedDateTime,'.$_SERVER['DownurlStrName']; } $children = json_decode(curl_request($url, false, ['Authorization' => 'Bearer ' . $_SERVER['access_token']])['body'], true); // echo $url . '
' . json_encode($children, JSON_PRETTY_PRINT) . '
'; @@ -1275,7 +1341,7 @@ function get_refresh_token() } } if (isset($_GET['install0'])) { - if ($_POST['disktag_add']!='' && ($_POST['Drive_ver']=='MS' || $_POST['Drive_ver']=='CN')) { + if ($_POST['disktag_add']!='') { if (in_array($_COOKIE['disktag'], $CommonEnv)) { return message('Do not input ' . $envs . '
', 'Error', 201); } @@ -1283,14 +1349,19 @@ function get_refresh_token() $tmp['disktag_add'] = $_POST['disktag_add']; $tmp['diskname'] = $_POST['diskname']; $tmp['Drive_ver'] = $_POST['Drive_ver']; - if ($_POST['Drive_custom']=='on') { - $tmp['Drive_custom'] = $_POST['Drive_custom']; - $tmp['client_id'] = $_POST['client_id']; - $tmp['client_secret'] = $_POST['client_secret']; - } - if ($_POST['usesharepoint']=='on') { - $tmp['usesharepoint'] = $_POST['usesharepoint']; - $tmp['sharepointname'] = $_POST['sharepointname']; + if ($_POST['Drive_ver']=='shareurl') { + $tmp['shareurl'] = $_POST['shareurl']; + $tmp['refresh_token'] = 1; + } else { + if ($_POST['Drive_custom']=='on') { + $tmp['Drive_custom'] = $_POST['Drive_custom']; + $tmp['client_id'] = $_POST['client_id']; + $tmp['client_secret'] = $_POST['client_secret']; + } + if ($_POST['usesharepoint']=='on') { + $tmp['usesharepoint'] = $_POST['usesharepoint']; + $tmp['sharepointname'] = $_POST['sharepointname']; + } } $response = setConfigResponse( setConfig($tmp, $_COOKIE['disktag']) ); if (api_error($response)) { @@ -1299,6 +1370,7 @@ function get_refresh_token() } else { $title = getconstStr('MayinEnv'); $html = getconstStr('Wait') . ' 3s'; + if ($_POST['Drive_ver']=='shareurl') $html = getconstStr('Wait') . ' 3s'; } return message($html, $title, 201); } @@ -1317,19 +1389,21 @@ function get_refresh_token() '.getconstStr('OnedriveDiskName').':

-
- +
+
+

-
- + +
+
-
-