kevinowino869/mitrobill
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Found lazy way to create api

Browse Source
This commit is contained in:
Ibnu Maksum 2024-03-31 21:23:19 +07:00
parent 4bf6f9c0ac
commit ee73621c85
No known key found for this signature in database
GPG Key ID: 7FC82848810579E5
5 changed files with 50 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
init.php
View File

@ -11,7 +11,9 @@ if (realpath(__FILE__) == realpath($_SERVER['SCRIPT_FILENAME'])) {
die();
}
$root_path = realpath(dirname(__FILE__)) . DIRECTORY_SEPARATOR;
$isApi = false;
if(!isset($isApi)){
$isApi = false;
}
// on some server, it getting error because of slash is backwards
function _autoloader($class)
{
@ -243,6 +245,13 @@ function sendWhatsapp($phone, $txt)
function r2($to, $ntype = 'e', $msg = '')
{
global $isApi;
if ($isApi) {
showResult(
($ntype=='s')? true : false,
$msg
);
}
if ($msg == '') {
header("location: $to");
exit;

42
system/api.php
View File

@ -1,7 +1,7 @@
<?php
/**
* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
* PHP Mikrotik Billing (https://github.com/SiberTech/)
* by https://t.me/ibnux
*
* This File is for API Access
@ -15,9 +15,11 @@ if ($_SERVER['REQUEST_METHOD'] === "OPTIONS" || $_SERVER['REQUEST_METHOD'] === "
die();
}
$isApi = true;
include "../init.php";
$isApi = true;
unset($_COOKIE['aid']);
// Dummy Class
$ui = new class($key)
@ -30,25 +32,34 @@ $ui = new class($key)
{
$this->assign[$key] = $value;
}
function get($key,)
function get($key)
{
if (isset($this->assign[$key])) {
return $this->assign[$key];
}
return '';
}
function getTemplateVars($key)
{
if (isset($this->assign[$key])) {
return $this->assign[$key];
}
return '';
}
function getAll()
{
return $this->assign;
}
};
$req = _get('r');
# a/c.id.time.md5
# md5(a/c.id.time.$api_secret)
$token = _get('token');
$token = _req('token');
$routes = explode('/', $req);
$handler = $routes[0];
if (!empty($token)) {
if ($token == $config['api_key']) {
$admin = ORM::for_table('tbl_users')->where('user_type', 'SuperAdmin')->find_one($id);
if (empty($admin)) {
@ -59,18 +70,21 @@ if (!empty($token)) {
}
} else {
# validate token
list($tipe, $uid, $time, $md5) = explode('.', $token);
if ($md5 != md5($uid . '.' . $time . '.' . $api_secret)) {
list($tipe, $uid, $time, $sha1) = explode('.', $token);
if (trim($sha1) != sha1($uid . '.' . $time . '.' . $db_password)) {
showResult(false, Lang::T("Token is invalid"));
}
#cek token expiration
if ($time != 0 && time() > $time) {
// 3 bulan
if ($time != 0 && time()-$time > 7776000) {
die("$time != ". (time()-$time));
showResult(false, Lang::T("Token Expired"), [], ['login' => true]);
}
if ($tipe == 'a') {
$_SESSION['aid'] = $uid;
$admin = Admin::_info();
} else if ($tipe == 'c') {
$_SESSION['uid'] = $uid;
} else {
@ -86,12 +100,22 @@ if (!empty($token)) {
if ($handler == 'isValid') {
showResult(true, Lang::T("Token is valid"));
}
if ($handler == 'me') {
$admin = Admin::_info();
if (!empty($admin['id'])) {
showResult(true, "", $admin);
} else {
showResult(false, Lang::T("Token is invalid"));
}
}
}
try {
$sys_render = File::pathFixer($root_path . 'system/controllers/' . $handler . '.php');
if (file_exists($sys_render)) {
include($sys_render);
showResult(true, $req, $ui->getAll());
} else {
showResult(false, Lang::T('Command not found'));
}

7
system/controllers/admin.php
View File

@ -30,6 +30,13 @@ switch ($do) {
$d->last_login = date('Y-m-d H:i:s');
$d->save();
_log($username . ' ' . Lang::T('Login Successful'), $d['user_type'], $d['id']);
if ($isApi) {
if ($token) {
showResult(true, Lang::T('Login Successful'), ['token' => "a.".$token]);
} else {
showResult(false, Lang::T('Invalid Username or Password'));
}
}
_alert(Lang::T('Login Successful'),'success', "dashboard");
} else {
_log($username . ' ' . Lang::T('Failed Login'), $d['user_type']);

6
system/controllers/plan.php
View File

@ -59,9 +59,6 @@ switch ($action) {
}
$log .= "DONE : $plan[username], $plan[namebp], $plan[type], $plan[routers]<br>";
}
if ($isApi) {
showResult(true, $log);
}
r2(U . 'plan/list', 's', $log);
case 'list':
$ui->assign('xfooter', '<script type="text/javascript" src="ui/lib/c/plan.js"></script>');
@ -75,9 +72,6 @@ switch ($action) {
$d = Paginator::findMany($query);
}
run_hook('view_list_billing'); #HOOK
if ($isApi) {
showResult(true, $action, $d, ['search' => $search]);
}
$ui->assign('d', $d);
$ui->assign('search', $search);
$ui->display('plan.tpl');

15
system/controllers/settings.php
View File

@ -336,12 +336,6 @@ switch ($action) {
$admins[$adm['id']] = $adm['fullname'];
}
}
if ($isApi) {
showResult(true, $action, [
'admins' => $d,
'roots' => $admins
], ['search' => $search]);
}
$ui->assign('admins', $admins);
$ui->assign('d', $d);
$ui->assign('search', $search);
@ -380,15 +374,6 @@ switch ($action) {
if ($d['user_type'] == 'Sales') {
$ui->assign('agent', ORM::for_table('tbl_users')->where('id', $d['root'])->find_array()[0]);
}
if ($isApi) {
unset($d['password']);
$agent = $ui->get('agent');
if ($agent) unset($agent['password']);
showResult(true, $action, [
'admin' => $d,
'agent' => $agent
], ['search' => $search]);
}
$ui->assign('d', $d);
$ui->assign('_title', $d['username']);
$ui->display('users-view.tpl');