From 254fd4ccf7345d005cc1b7ef62f6aac166598bb7 Mon Sep 17 00:00:00 2001 From: Ibnu Maksum Date: Mon, 1 Apr 2024 13:01:21 +0700 Subject: [PATCH] fix rest api, need to change every variable to readable --- init.php | 13 +++++++++---- system/api.php | 13 +++++++------ system/autoload/Admin.php | 6 +++++- system/controllers/admin.php | 10 +++++----- 4 files changed, 26 insertions(+), 16 deletions(-) diff --git a/init.php b/init.php index 85bfd3c6..d3ef00c7 100644 --- a/init.php +++ b/init.php @@ -73,8 +73,11 @@ ORM::configure('return_result_sets', true); if ($_app_stage != 'Live') { ORM::configure('logging', true); } - -define('U', APP_URL . '/index.php?_route='); +if($isApi){ + define('U', APP_URL . '/system/api.php?r='); +}else{ + define('U', APP_URL . '/index.php?_route='); +} // notification message if (file_exists($UPLOAD_PATH . DIRECTORY_SEPARATOR . "notifications.json")) { @@ -224,8 +227,10 @@ function alphanumeric($str, $tambahan = "") function showResult($success, $message = '', $result = [], $meta = []) { - header("Content-Type: Application/json; charset=utf-8"); - die(json_encode(array('success' => $success, 'message' => $message, 'result' => $result, 'meta' => $meta))); + header("Content-Type: Application/json"); + $json = json_encode(['success' => $success, 'message' => $message, 'result' => $result, 'meta' => $meta]); + echo $json; + die(); } function sendTelegram($txt) diff --git a/system/api.php b/system/api.php index f6367daf..d51c619f 100644 --- a/system/api.php +++ b/system/api.php @@ -1,7 +1,7 @@ 7776000) { - die("$time != ". (time()-$time)); + if ($time != 0 && time() - $time > 7776000) { + die("$time != " . (time() - $time)); showResult(false, Lang::T("Token Expired"), [], ['login' => true]); } @@ -109,6 +107,9 @@ if (!empty($token)) { showResult(false, Lang::T("Token is invalid")); } } +}else{ + unset($_COOKIE); + unset($_SESSION); } try { diff --git a/system/autoload/Admin.php b/system/autoload/Admin.php index cab30813..c39ee81c 100644 --- a/system/autoload/Admin.php +++ b/system/autoload/Admin.php @@ -32,10 +32,14 @@ class Admin global $db_password; if (isset($aid)) { $time = time(); - setcookie('aid', $aid . '.' . $time . '.' . sha1($aid . '.' . $time . '.' . $db_password), time() + 86400 * 7); + $token = $aid . '.' . $time . '.' . sha1($aid . '.' . $time . '.' . $db_password); + setcookie('aid', $token, time() + 86400 * 7); + return $token; } + return ''; } + public static function removeCookie() { if (isset($_COOKIE['aid'])) { diff --git a/system/controllers/admin.php b/system/controllers/admin.php index 0d2faf00..e8064bd0 100644 --- a/system/controllers/admin.php +++ b/system/controllers/admin.php @@ -6,7 +6,7 @@ **/ if(Admin::getID()){ - r2(U.'dashboard'); + r2(U.'dashboard', "s", Lang::T("You are already logged in")); } if (isset($routes['1'])) { @@ -26,7 +26,7 @@ switch ($do) { $d_pass = $d['password']; if (Password::_verify($password, $d_pass) == true) { $_SESSION['aid'] = $d['id']; - Admin::setCookie($d['id']); + $token = Admin::setCookie($d['id']); $d->last_login = date('Y-m-d H:i:s'); $d->save(); _log($username . ' ' . Lang::T('Login Successful'), $d['user_type'], $d['id']); @@ -40,13 +40,13 @@ switch ($do) { _alert(Lang::T('Login Successful'),'success', "dashboard"); } else { _log($username . ' ' . Lang::T('Failed Login'), $d['user_type']); - _alert(Lang::T('Invalid Username or Password'),'danger', "admin"); + _alert(Lang::T('Invalid Username or Password').".",'danger', "admin"); } } else { - _alert(Lang::T('Invalid Username or Password'),'danger', "admin"); + _alert(Lang::T('Invalid Username or Password')."..",'danger', "admin"); } } else { - _alert(Lang::T('Invalid Username or Password'),'danger', "admin"); + _alert(Lang::T('Invalid Username or Password')."...",'danger', "admin"); } break;