From 4bf6f9c0ac1c9c059877d25b119e37a895db4398 Mon Sep 17 00:00:00 2001
From: Ibnu Maksum <ibnumaksum@gmail.com>
Date: Sat, 30 Mar 2024 12:04:30 +0700
Subject: [PATCH] Fix API Structure

---
 init.php       | 25 ++++++++--------
 system/api.php | 77 +++++++++++++++++++++++---------------------------
 2 files changed, 48 insertions(+), 54 deletions(-)

diff --git a/init.php b/init.php
index a2442cb2..e8b6a2de 100644
--- a/init.php
+++ b/init.php
@@ -197,19 +197,15 @@ function _log($description, $type = '', $userid = '0')
     $d->userid = $userid;
     if (!empty($_SERVER['HTTP_CF_CONNECTING_IP']))   //to check ip is pass from cloudflare tunnel
     {
-      $d->ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
-    }
-    elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))   //to check ip is pass from proxy
+        $d->ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
+    } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))   //to check ip is pass from proxy
     {
-      $d->ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
-    }
-	elseif (!empty($_SERVER['HTTP_CLIENT_IP']))   //to check ip from share internet
+        $d->ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
+    } elseif (!empty($_SERVER['HTTP_CLIENT_IP']))   //to check ip from share internet
     {
-      $d->ip = $_SERVER['HTTP_CLIENT_IP'];
-    }
-    else
-    {
-      $d->ip = $_SERVER["REMOTE_ADDR"];
+        $d->ip = $_SERVER['HTTP_CLIENT_IP'];
+    } else {
+        $d->ip = $_SERVER["REMOTE_ADDR"];
     }
     $d->save();
 }
@@ -224,6 +220,11 @@ function alphanumeric($str, $tambahan = "")
     return preg_replace("/[^a-zA-Z0-9" . $tambahan . "]+/", "", $str);
 }
 
+function showResult($success, $message = '', $result = [], $meta = [])
+{
+    header("Content-Type: Application/json; charset=utf-8");
+    die(json_encode(array('success' => $success, 'message' => $message, 'result' => $result, 'meta' => $meta)));
+}
 
 function sendTelegram($txt)
 {
@@ -257,7 +258,7 @@ function _alert($text, $type = 'success', $url = "home", $time = 3)
     global $ui, $isApi;
     if ($isApi) {
         showResult(
-            ($type=='success')? true : false,
+            ($type == 'success') ? true : false,
             $text
         );
     }
diff --git a/system/api.php b/system/api.php
index cbcccf9e..ac464724 100644
--- a/system/api.php
+++ b/system/api.php
@@ -31,9 +31,9 @@ $ui = new class($key)
         $this->assign[$key] = $value;
     }
 
-    function get($key, )
+    function get($key,)
     {
-        if(isset($this->assign[$key])){
+        if (isset($this->assign[$key])) {
             return $this->assign[$key];
         }
         return '';
@@ -47,59 +47,52 @@ $token = _get('token');
 $routes = explode('/', $req);
 $handler = $routes[0];
 
-if(empty($token)){
-    showResult(false, Lang::T("Token is invalid"));
-}
+if (!empty($token)) {
 
-if($token == $config['api_key']){
-    $admin = ORM::for_table('tbl_users')->where('user_type','SuperAdmin')->find_one($id);
-    if(empty($admin)){
-        $admin = ORM::for_table('tbl_users')->where('user_type','Admin')->find_one($id);
-        if(empty($admin)){
+    if ($token == $config['api_key']) {
+        $admin = ORM::for_table('tbl_users')->where('user_type', 'SuperAdmin')->find_one($id);
+        if (empty($admin)) {
+            $admin = ORM::for_table('tbl_users')->where('user_type', 'Admin')->find_one($id);
+            if (empty($admin)) {
+                showResult(false, Lang::T("Token is invalid"));
+            }
+        }
+    } else {
+        # validate token
+        list($tipe, $uid, $time, $md5) = explode('.', $token);
+        if ($md5 != md5($uid . '.' . $time . '.' . $api_secret)) {
             showResult(false, Lang::T("Token is invalid"));
         }
-    }
-}else{
-    # validate token
-    list($tipe, $uid, $time, $md5) = explode('.', $token);
-    if ($md5 != md5($uid . '.' . $time . '.' . $api_secret)) {
-        showResult(false, Lang::T("Token is invalid"));
+
+        #cek token expiration
+        if ($time != 0 && time() > $time) {
+            showResult(false, Lang::T("Token Expired"), [], ['login' => true]);
+        }
+
+        if ($tipe == 'a') {
+            $_SESSION['aid'] = $uid;
+        } else if ($tipe == 'c') {
+            $_SESSION['uid'] = $uid;
+        } else {
+            showResult(false, Lang::T("Unknown Token"), [], ['login' => true]);
+        }
     }
 
-    #cek token expiration
-    if ($time != 0 && time() > $time) {
-        showResult(false, Lang::T("Token Expired"), [], ['login' => true]);
+    if (!isset($handler) || empty($handler)) {
+        showResult(true, Lang::T("Token is valid"));
     }
 
-    if($tipe=='a'){
-        $_SESSION['aid'] = $uid;
-    }else if($tipe=='c'){
-        $_SESSION['uid'] = $uid;
-    }else{
-        showResult(false, Lang::T("Unknown Token"), [], ['login' => true]);
+
+    if ($handler == 'isValid') {
+        showResult(true, Lang::T("Token is valid"));
     }
 }
 
-if(!isset($handler) || empty($handler)){
-    showResult(true, Lang::T("Token is valid"));
-}
-
-
-if($handler == 'isValid'){
-    showResult(true, Lang::T("Token is valid"));
-}
-
-function showResult($success, $message = '', $result = [], $meta = [])
-{
-    header("Content-Type: Application/json; charset=utf-8");
-    die(json_encode(array('success' => $success, 'message' => $message, 'result' => $result, 'meta' => $meta)));
-}
-
 try {
-    $sys_render = File::pathFixer($root_path.'system/controllers/' . $handler . '.php');
+    $sys_render = File::pathFixer($root_path . 'system/controllers/' . $handler . '.php');
     if (file_exists($sys_render)) {
         include($sys_render);
-    }else{
+    } else {
         showResult(false, Lang::T('Command not found'));
     }
 } catch (Exception $e) {