forked from kevinowino869/mitrobill
Found lazy way to create api
This commit is contained in:
Ibnu Maksum
@ -1,7 +1,7 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
|
||||
* PHP Mikrotik Billing (https://github.com/SiberTech/)
|
||||
* by https://t.me/ibnux
|
||||
*
|
||||
* This File is for API Access
|
||||
@ -15,9 +15,11 @@ if ($_SERVER['REQUEST_METHOD'] === "OPTIONS" || $_SERVER['REQUEST_METHOD'] === "
|
||||
die();
|
||||
}
|
||||
|
||||
$isApi = true;
|
||||
|
||||
include "../init.php";
|
||||
|
||||
$isApi = true;
|
||||
unset($_COOKIE['aid']);
|
||||
|
||||
// Dummy Class
|
||||
$ui = new class($key)
|
||||
@ -30,25 +32,34 @@ $ui = new class($key)
|
||||
{
|
||||
$this->assign[$key] = $value;
|
||||
}
|
||||
|
||||
function get($key,)
|
||||
function get($key)
|
||||
{
|
||||
if (isset($this->assign[$key])) {
|
||||
return $this->assign[$key];
|
||||
}
|
||||
return '';
|
||||
}
|
||||
function getTemplateVars($key)
|
||||
{
|
||||
if (isset($this->assign[$key])) {
|
||||
return $this->assign[$key];
|
||||
}
|
||||
return '';
|
||||
}
|
||||
function getAll()
|
||||
{
|
||||
return $this->assign;
|
||||
}
|
||||
};
|
||||
|
||||
$req = _get('r');
|
||||
# a/c.id.time.md5
|
||||
# md5(a/c.id.time.$api_secret)
|
||||
$token = _get('token');
|
||||
$token = _req('token');
|
||||
$routes = explode('/', $req);
|
||||
$handler = $routes[0];
|
||||
|
||||
if (!empty($token)) {
|
||||
|
||||
if ($token == $config['api_key']) {
|
||||
$admin = ORM::for_table('tbl_users')->where('user_type', 'SuperAdmin')->find_one($id);
|
||||
if (empty($admin)) {
|
||||
@ -59,18 +70,21 @@ if (!empty($token)) {
|
||||
}
|
||||
} else {
|
||||
# validate token
|
||||
list($tipe, $uid, $time, $md5) = explode('.', $token);
|
||||
if ($md5 != md5($uid . '.' . $time . '.' . $api_secret)) {
|
||||
list($tipe, $uid, $time, $sha1) = explode('.', $token);
|
||||
if (trim($sha1) != sha1($uid . '.' . $time . '.' . $db_password)) {
|
||||
showResult(false, Lang::T("Token is invalid"));
|
||||
}
|
||||
|
||||
#cek token expiration
|
||||
if ($time != 0 && time() > $time) {
|
||||
// 3 bulan
|
||||
if ($time != 0 && time()-$time > 7776000) {
|
||||
die("$time != ". (time()-$time));
|
||||
showResult(false, Lang::T("Token Expired"), [], ['login' => true]);
|
||||
}
|
||||
|
||||
if ($tipe == 'a') {
|
||||
$_SESSION['aid'] = $uid;
|
||||
$admin = Admin::_info();
|
||||
} else if ($tipe == 'c') {
|
||||
$_SESSION['uid'] = $uid;
|
||||
} else {
|
||||
@ -86,12 +100,22 @@ if (!empty($token)) {
|
||||
if ($handler == 'isValid') {
|
||||
showResult(true, Lang::T("Token is valid"));
|
||||
}
|
||||
|
||||
if ($handler == 'me') {
|
||||
$admin = Admin::_info();
|
||||
if (!empty($admin['id'])) {
|
||||
showResult(true, "", $admin);
|
||||
} else {
|
||||
showResult(false, Lang::T("Token is invalid"));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
try {
|
||||
$sys_render = File::pathFixer($root_path . 'system/controllers/' . $handler . '.php');
|
||||
if (file_exists($sys_render)) {
|
||||
include($sys_render);
|
||||
showResult(true, $req, $ui->getAll());
|
||||
} else {
|
||||
showResult(false, Lang::T('Command not found'));
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user