kevinowino869/mitrobill
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix rest api, need to change every variable to readable

Browse Source
This commit is contained in:
Ibnu Maksum 2024-04-01 13:01:21 +07:00
parent ee73621c85
commit 254fd4ccf7
No known key found for this signature in database
GPG Key ID: 7FC82848810579E5
4 changed files with 26 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
init.php
View File

@ -73,8 +73,11 @@ ORM::configure('return_result_sets', true);
if ($_app_stage != 'Live') {
ORM::configure('logging', true);
}
define('U', APP_URL . '/index.php?_route=');
if($isApi){
define('U', APP_URL . '/system/api.php?r=');
}else{
define('U', APP_URL . '/index.php?_route=');
}
// notification message
if (file_exists($UPLOAD_PATH . DIRECTORY_SEPARATOR . "notifications.json")) {
@ -224,8 +227,10 @@ function alphanumeric($str, $tambahan = "")
function showResult($success, $message = '', $result = [], $meta = [])
{
header("Content-Type: Application/json; charset=utf-8");
die(json_encode(array('success' => $success, 'message' => $message, 'result' => $result, 'meta' => $meta)));
header("Content-Type: Application/json");
$json = json_encode(['success' => $success, 'message' => $message, 'result' => $result, 'meta' => $meta]);
echo $json;
die();
}
function sendTelegram($txt)

13
system/api.php
View File

@ -1,7 +1,7 @@
<?php
/**
* PHP Mikrotik Billing (https://github.com/SiberTech/)
* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
* by https://t.me/ibnux
*
* This File is for API Access
@ -19,8 +19,6 @@ $isApi = true;
include "../init.php";
unset($_COOKIE['aid']);
// Dummy Class
$ui = new class($key)
{
@ -71,14 +69,14 @@ if (!empty($token)) {
} else {
# validate token
list($tipe, $uid, $time, $sha1) = explode('.', $token);
if (trim($sha1) != sha1($uid . '.' . $time . '.' . $db_password)) {
if (trim($sha1) != sha1($uid . '.' . $time . '.' . $api_secret)) {
showResult(false, Lang::T("Token is invalid"));
}
#cek token expiration
// 3 bulan
if ($time != 0 && time()-$time > 7776000) {
die("$time != ". (time()-$time));
if ($time != 0 && time() - $time > 7776000) {
die("$time != " . (time() - $time));
showResult(false, Lang::T("Token Expired"), [], ['login' => true]);
}
@ -109,6 +107,9 @@ if (!empty($token)) {
showResult(false, Lang::T("Token is invalid"));
}
}
}else{
unset($_COOKIE);
unset($_SESSION);
}
try {

6
system/autoload/Admin.php
View File

@ -32,10 +32,14 @@ class Admin
global $db_password;
if (isset($aid)) {
$time = time();
setcookie('aid', $aid . '.' . $time . '.' . sha1($aid . '.' . $time . '.' . $db_password), time() + 86400 * 7);
$token = $aid . '.' . $time . '.' . sha1($aid . '.' . $time . '.' . $db_password);
setcookie('aid', $token, time() + 86400 * 7);
return $token;
}
return '';
}
public static function removeCookie()
{
if (isset($_COOKIE['aid'])) {

10
system/controllers/admin.php
View File

@ -6,7 +6,7 @@
**/
if(Admin::getID()){
r2(U.'dashboard');
r2(U.'dashboard', "s", Lang::T("You are already logged in"));
}
if (isset($routes['1'])) {
@ -26,7 +26,7 @@ switch ($do) {
$d_pass = $d['password'];
if (Password::_verify($password, $d_pass) == true) {
$_SESSION['aid'] = $d['id'];
Admin::setCookie($d['id']);
$token = Admin::setCookie($d['id']);
$d->last_login = date('Y-m-d H:i:s');
$d->save();
_log($username . ' ' . Lang::T('Login Successful'), $d['user_type'], $d['id']);
@ -40,13 +40,13 @@ switch ($do) {
_alert(Lang::T('Login Successful'),'success', "dashboard");
} else {
_log($username . ' ' . Lang::T('Failed Login'), $d['user_type']);
_alert(Lang::T('Invalid Username or Password'),'danger', "admin");
_alert(Lang::T('Invalid Username or Password').".",'danger', "admin");
}
} else {
_alert(Lang::T('Invalid Username or Password'),'danger', "admin");
_alert(Lang::T('Invalid Username or Password')."..",'danger', "admin");
}
} else {
_alert(Lang::T('Invalid Username or Password'),'danger', "admin");
_alert(Lang::T('Invalid Username or Password')."...",'danger', "admin");
}
break;