reconstruct ajax

2026-04-14 20:40:49 +08:00 · 2023-05-07 08:38:46 +08:00
parent 72f260c76a
commit 744d1ef05c
1 changed files with 154 additions and 172 deletions
--- a/public/ajax.php
+++ b/public/ajax.php
@@ -6,181 +6,163 @@ loggedinorreturn();
 $action = $_POST['action'] ?? 'noAction';
 $params = $_POST['params'] ?? [];
-const ALLOWED_ACTION = [
+class AjaxInterface{
    'toggleUserMedalStatus',
    'attendanceRetroactive',
    'getPtGen',
    'addClaim',
    'removeClaim',
    'removeUserLeechWarn',
    'getOffer',
    'approvalModal',
    'approval',
    'addSeedBoxRecord',
    'removeSeedBoxRecord',
    'removeHitAndRun',
    'consumeBenefit',
    'clearShoutBox',
    'buyMedal',
    'giftMedal',
    'saveUserMedal',
 ];
 if(!in_array($action,ALLOWED_ACTION)){
    do_log('hack attempt '.print_r($CURUSER,true),'error');
    $action = 'noAction';
 }
 function noAction()
 {
    throw new \RuntimeException("no Action");
 }
-
+    public static function toggleUserMedalStatus($params)
-try {
+    {
-    $result = call_user_func($action, $params);
+        global $CURUSER;
-    exit(json_encode(success($result)));
+        $rep = new \App\Repositories\MedalRepository();
-} catch (\Throwable $exception) {
+        return $rep->toggleUserMedalStatus($params['id'], $CURUSER['id']);
    exit(json_encode(fail($exception->getMessage(), $_POST)));
 }
 function toggleUserMedalStatus($params)
 {
    global $CURUSER;
    $rep = new \App\Repositories\MedalRepository();
    return $rep->toggleUserMedalStatus($params['id'], $CURUSER['id']);
 }
 function attendanceRetroactive($params)
 {
    global $CURUSER;
    $rep = new \App\Repositories\AttendanceRepository();
    return $rep->retroactive($CURUSER['id'], $params['timestamp']);
 }
 function getPtGen($params)
 {
    $rep = new Nexus\PTGen\PTGen();
    $result = $rep->generate($params['url']);
    if ($rep->isRawPTGen($result)) {
        return $result;
    } elseif ($rep->isIyuu($result)) {
        return $result['data'];
    } else {
        return '';
    }
-}
+    
-
+    
-function addClaim($params)
+    public static function attendanceRetroactive($params)
-{
+    {
-    global $CURUSER;
+        global $CURUSER;
-    $rep = new \App\Repositories\ClaimRepository();
+        $rep = new \App\Repositories\AttendanceRepository();
-    return $rep->store($CURUSER['id'], $params['torrent_id']);
+        return $rep->retroactive($CURUSER['id'], $params['timestamp']);
-}
+    }
-
+    
-function removeClaim($params)
+    public static function getPtGen($params)
-{
+    {
-    global $CURUSER;
+        $rep = new Nexus\PTGen\PTGen();
-    $rep = new \App\Repositories\ClaimRepository();
+        $result = $rep->generate($params['url']);
-    return $rep->delete($params['id'], $CURUSER['id']);
+        if ($rep->isRawPTGen($result)) {
-}
+            return $result;
-
+        } elseif ($rep->isIyuu($result)) {
-function removeUserLeechWarn($params)
+            return $result['data'];
-{
+        } else {
-    global $CURUSER;
+            return '';
    $rep = new \App\Repositories\UserRepository();
    return $rep->removeLeechWarn($CURUSER['id'], $params['uid']);
 }
 function getOffer($params)
 {
    $offer = \App\Models\Offer::query()->findOrFail($params['id']);
    return $offer->toArray();
 }
 function approvalModal($params)
 {
    global $CURUSER;
    $rep = new \App\Repositories\TorrentRepository();
    return $rep->buildApprovalModal($CURUSER['id'], $params['torrent_id']);
 }
 function approval($params)
 {
    global $CURUSER;
    foreach (['torrent_id', 'approval_status',] as $field) {
        if (!isset($params[$field])) {
            throw new \InvalidArgumentException("Require $field");
        }
    }
-    $rep = new \App\Repositories\TorrentRepository();
+    
-    return $rep->approval($CURUSER['id'], $params);
+    public static function addClaim($params)
-}
+    {
-
+        global $CURUSER;
-function addSeedBoxRecord($params)
+        $rep = new \App\Repositories\ClaimRepository();
-{
+        return $rep->store($CURUSER['id'], $params['torrent_id']);
-    global $CURUSER;
+    }
-    $rep = new \App\Repositories\SeedBoxRepository();
+    
-    $params['uid'] = $CURUSER['id'];
+    public static function removeClaim($params)
-    $params['type'] = \App\Models\SeedBoxRecord::TYPE_USER;
+    {
-    $params['status'] = \App\Models\SeedBoxRecord::STATUS_UNAUDITED;
+        global $CURUSER;
-    return $rep->store($params);
+        $rep = new \App\Repositories\ClaimRepository();
-}
+        return $rep->delete($params['id'], $CURUSER['id']);
-
+    }
-function removeSeedBoxRecord($params)
+    
-{
+    public static function removeUserLeechWarn($params)
-    global $CURUSER;
+    {
-    $rep = new \App\Repositories\SeedBoxRepository();
+        global $CURUSER;
-    return $rep->delete($params['id'], $CURUSER['id']);
+        $rep = new \App\Repositories\UserRepository();
-}
+        return $rep->removeLeechWarn($CURUSER['id'], $params['uid']);
-
+    }
-function removeHitAndRun($params)
+    
-{
+    public static function getOffer($params)
-    global $CURUSER;
+    {
-    $rep = new \App\Repositories\BonusRepository();
+        $offer = \App\Models\Offer::query()->findOrFail($params['id']);
-    return $rep->consumeToCancelHitAndRun($CURUSER['id'], $params['id']);
+        return $offer->toArray();
-}
+    }
-
+    
-function consumeBenefit($params)
+    public static function approvalModal($params)
-{
+    {
-    global $CURUSER;
+        global $CURUSER;
-    $rep = new \App\Repositories\UserRepository();
+        $rep = new \App\Repositories\TorrentRepository();
-    return $rep->consumeBenefit($CURUSER['id'], $params);
+        return $rep->buildApprovalModal($CURUSER['id'], $params['torrent_id']);
-}
+    }
-
+    
-function clearShoutBox($params)
+    public static function approval($params)
-{
+    {
-    global $CURUSER;
+        global $CURUSER;
-    user_can('sbmanage', true);
+        foreach (['torrent_id', 'approval_status',] as $field) {
-    \Nexus\Database\NexusDB::table('shoutbox')->delete();
+            if (!isset($params[$field])) {
-    return true;
+                throw new \InvalidArgumentException("Require $field");
-}
+            }
-
+        }
-function buyMedal($params)
+        $rep = new \App\Repositories\TorrentRepository();
-{
+        return $rep->approval($CURUSER['id'], $params);
-    global $CURUSER;
+    }
-    $rep = new \App\Repositories\BonusRepository();
+    
-    return $rep->consumeToBuyMedal($CURUSER['id'], $params['medal_id']);
+    public static function addSeedBoxRecord($params)
-}
+    {
-
+        global $CURUSER;
-function giftMedal($params)
+        $rep = new \App\Repositories\SeedBoxRepository();
-{
+        $params['uid'] = $CURUSER['id'];
-    global $CURUSER;
+        $params['type'] = \App\Models\SeedBoxRecord::TYPE_USER;
-    $rep = new \App\Repositories\BonusRepository();
+        $params['status'] = \App\Models\SeedBoxRecord::STATUS_UNAUDITED;
-    return $rep->consumeToGiftMedal($CURUSER['id'], $params['medal_id'], $params['uid']);
+        return $rep->store($params);
-}
+    }
-
+    
-function saveUserMedal($params)
+    public static function removeSeedBoxRecord($params)
-{
+    {
-    global $CURUSER;
+        global $CURUSER;
-    $data = [];
+        $rep = new \App\Repositories\SeedBoxRepository();
-    foreach ($params as $param) {
+        return $rep->delete($params['id'], $CURUSER['id']);
-        $fieldAndId = explode('_', $param['name']);
+    }
-        $field = $fieldAndId[0];
+    
-        $id = $fieldAndId[1];
+    public static function removeHitAndRun($params)
-        $value = $param['value'];
+    {
-        $data[$id][$field] = $value;
+        global $CURUSER;
        $rep = new \App\Repositories\BonusRepository();
        return $rep->consumeToCancelHitAndRun($CURUSER['id'], $params['id']);
    }
    public static function consumeBenefit($params)
    {
        global $CURUSER;
        $rep = new \App\Repositories\UserRepository();
        return $rep->consumeBenefit($CURUSER['id'], $params);
    }
    public static function clearShoutBox($params)
    {
        global $CURUSER;
        user_can('sbmanage', true);
        \Nexus\Database\NexusDB::table('shoutbox')->delete();
        return true;
    }
    public static function buyMedal($params)
    {
        global $CURUSER;
        $rep = new \App\Repositories\BonusRepository();
        return $rep->consumeToBuyMedal($CURUSER['id'], $params['medal_id']);
    }
    public static function giftMedal($params)
    {
        global $CURUSER;
        $rep = new \App\Repositories\BonusRepository();
        return $rep->consumeToGiftMedal($CURUSER['id'], $params['medal_id'], $params['uid']);
    }
    public static function saveUserMedal($params)
    {
        global $CURUSER;
        $data = [];
        foreach ($params as $param) {
            $fieldAndId = explode('_', $param['name']);
            $field = $fieldAndId[0];
            $id = $fieldAndId[1];
            $value = $param['value'];
            $data[$id][$field] = $value;
        }
    //    dd($params, $data);
        $rep = new \App\Repositories\MedalRepository();
        return $rep->saveUserMedal($CURUSER['id'], $data);
    }
-//    dd($params, $data);
+}
-    $rep = new \App\Repositories\MedalRepository();
+
-    return $rep->saveUserMedal($CURUSER['id'], $data);
+$class = 'AjaxInterface';
 $reflection = new ReflectionClass($class);
 try {
    if($reflection->hasMethod($action)&&$reflection->getMethod($action)->isStatic()) {
        $result = $class::$action($params);
        exit(json_encode(success($result)));
    } else {
        do_log('hack attempt '.print_r($CURUSER, true), 'error');
        throw new \RuntimeException("no Action");
    }
 }catch(\Throwable $exception){
    exit(json_encode(fail($exception->getMessage(), $_POST)));
 }