kevinowino869/mitrobill
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Found lazy way to create api

Browse Source
This commit is contained in:
Ibnu Maksum 2024-03-31 21:23:19 +07:00
parent 4bf6f9c0ac
commit ee73621c85
No known key found for this signature in database
GPG Key ID: 7FC82848810579E5
5 changed files with 50 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
init.php
View File

@ -11,7 +11,9 @@ if (realpath(__FILE__) == realpath($_SERVER['SCRIPT_FILENAME'])) {
die(); die();
} }
$root_path = realpath(dirname(__FILE__)) . DIRECTORY_SEPARATOR; $root_path = realpath(dirname(__FILE__)) . DIRECTORY_SEPARATOR;
$isApi = false; if(!isset($isApi)){
$isApi = false;
}
// on some server, it getting error because of slash is backwards // on some server, it getting error because of slash is backwards
function _autoloader($class) function _autoloader($class)
{ {
@ -243,6 +245,13 @@ function sendWhatsapp($phone, $txt)
function r2($to, $ntype = 'e', $msg = '') function r2($to, $ntype = 'e', $msg = '')
{ {
global $isApi;
if ($isApi) {
showResult(
($ntype=='s')? true : false,
$msg
);
}
if ($msg == '') { if ($msg == '') {
header("location: $to"); header("location: $to");
exit; exit;

42
system/api.php
View File

@ -1,7 +1,7 @@
<?php <?php
/** /**
* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/) * PHP Mikrotik Billing (https://github.com/SiberTech/)
* by https://t.me/ibnux * by https://t.me/ibnux
* *
* This File is for API Access * This File is for API Access
@ -15,9 +15,11 @@ if ($_SERVER['REQUEST_METHOD'] === "OPTIONS" || $_SERVER['REQUEST_METHOD'] === "
die(); die();
} }
$isApi = true;
include "../init.php"; include "../init.php";
$isApi = true; unset($_COOKIE['aid']);
// Dummy Class // Dummy Class
$ui = new class($key) $ui = new class($key)
@ -30,25 +32,34 @@ $ui = new class($key)
{ {
$this->assign[$key] = $value; $this->assign[$key] = $value;
} }
function get($key)
function get($key,)
{ {
if (isset($this->assign[$key])) { if (isset($this->assign[$key])) {
return $this->assign[$key]; return $this->assign[$key];
} }
return ''; return '';
} }
function getTemplateVars($key)
{
if (isset($this->assign[$key])) {
return $this->assign[$key];
}
return '';
}
function getAll()
{
return $this->assign;
}
}; };
$req = _get('r'); $req = _get('r');
# a/c.id.time.md5 # a/c.id.time.md5
# md5(a/c.id.time.$api_secret) # md5(a/c.id.time.$api_secret)
$token = _get('token'); $token = _req('token');
$routes = explode('/', $req); $routes = explode('/', $req);
$handler = $routes[0]; $handler = $routes[0];
if (!empty($token)) { if (!empty($token)) {
if ($token == $config['api_key']) { if ($token == $config['api_key']) {
$admin = ORM::for_table('tbl_users')->where('user_type', 'SuperAdmin')->find_one($id); $admin = ORM::for_table('tbl_users')->where('user_type', 'SuperAdmin')->find_one($id);
if (empty($admin)) { if (empty($admin)) {
@ -59,18 +70,21 @@ if (!empty($token)) {
} }
} else { } else {
# validate token # validate token
list($tipe, $uid, $time, $md5) = explode('.', $token); list($tipe, $uid, $time, $sha1) = explode('.', $token);
if ($md5 != md5($uid . '.' . $time . '.' . $api_secret)) { if (trim($sha1) != sha1($uid . '.' . $time . '.' . $db_password)) {
showResult(false, Lang::T("Token is invalid")); showResult(false, Lang::T("Token is invalid"));
} }
#cek token expiration #cek token expiration
if ($time != 0 && time() > $time) { // 3 bulan
if ($time != 0 && time()-$time > 7776000) {
die("$time != ". (time()-$time));
showResult(false, Lang::T("Token Expired"), [], ['login' => true]); showResult(false, Lang::T("Token Expired"), [], ['login' => true]);
} }
if ($tipe == 'a') { if ($tipe == 'a') {
$_SESSION['aid'] = $uid; $_SESSION['aid'] = $uid;
$admin = Admin::_info();
} else if ($tipe == 'c') { } else if ($tipe == 'c') {
$_SESSION['uid'] = $uid; $_SESSION['uid'] = $uid;
} else { } else {
@ -86,12 +100,22 @@ if (!empty($token)) {
if ($handler == 'isValid') { if ($handler == 'isValid') {
showResult(true, Lang::T("Token is valid")); showResult(true, Lang::T("Token is valid"));
} }
if ($handler == 'me') {
$admin = Admin::_info();
if (!empty($admin['id'])) {
showResult(true, "", $admin);
} else {
showResult(false, Lang::T("Token is invalid"));
}
}
} }
try { try {
$sys_render = File::pathFixer($root_path . 'system/controllers/' . $handler . '.php'); $sys_render = File::pathFixer($root_path . 'system/controllers/' . $handler . '.php');
if (file_exists($sys_render)) { if (file_exists($sys_render)) {
include($sys_render); include($sys_render);
showResult(true, $req, $ui->getAll());
} else { } else {
showResult(false, Lang::T('Command not found')); showResult(false, Lang::T('Command not found'));
} }

7
system/controllers/admin.php
View File

@ -30,6 +30,13 @@ switch ($do) {
$d->last_login = date('Y-m-d H:i:s'); $d->last_login = date('Y-m-d H:i:s');
$d->save(); $d->save();
_log($username . ' ' . Lang::T('Login Successful'), $d['user_type'], $d['id']); _log($username . ' ' . Lang::T('Login Successful'), $d['user_type'], $d['id']);
if ($isApi) {
if ($token) {
showResult(true, Lang::T('Login Successful'), ['token' => "a.".$token]);
} else {
showResult(false, Lang::T('Invalid Username or Password'));
}
}
_alert(Lang::T('Login Successful'),'success', "dashboard"); _alert(Lang::T('Login Successful'),'success', "dashboard");
} else { } else {
_log($username . ' ' . Lang::T('Failed Login'), $d['user_type']); _log($username . ' ' . Lang::T('Failed Login'), $d['user_type']);

6
system/controllers/plan.php
View File

@ -59,9 +59,6 @@ switch ($action) {
} }
$log .= "DONE : $plan[username], $plan[namebp], $plan[type], $plan[routers]<br>"; $log .= "DONE : $plan[username], $plan[namebp], $plan[type], $plan[routers]<br>";
} }
if ($isApi) {
showResult(true, $log);
}
r2(U . 'plan/list', 's', $log); r2(U . 'plan/list', 's', $log);
case 'list': case 'list':
$ui->assign('xfooter', '<script type="text/javascript" src="ui/lib/c/plan.js"></script>'); $ui->assign('xfooter', '<script type="text/javascript" src="ui/lib/c/plan.js"></script>');
@ -75,9 +72,6 @@ switch ($action) {
$d = Paginator::findMany($query); $d = Paginator::findMany($query);
} }
run_hook('view_list_billing'); #HOOK run_hook('view_list_billing'); #HOOK
if ($isApi) {
showResult(true, $action, $d, ['search' => $search]);
}
$ui->assign('d', $d); $ui->assign('d', $d);
$ui->assign('search', $search); $ui->assign('search', $search);
$ui->display('plan.tpl'); $ui->display('plan.tpl');

15
system/controllers/settings.php
View File

@ -336,12 +336,6 @@ switch ($action) {
$admins[$adm['id']] = $adm['fullname']; $admins[$adm['id']] = $adm['fullname'];
} }
} }
if ($isApi) {
showResult(true, $action, [
'admins' => $d,
'roots' => $admins
], ['search' => $search]);
}
$ui->assign('admins', $admins); $ui->assign('admins', $admins);
$ui->assign('d', $d); $ui->assign('d', $d);
$ui->assign('search', $search); $ui->assign('search', $search);
@ -380,15 +374,6 @@ switch ($action) {
if ($d['user_type'] == 'Sales') { if ($d['user_type'] == 'Sales') {
$ui->assign('agent', ORM::for_table('tbl_users')->where('id', $d['root'])->find_array()[0]); $ui->assign('agent', ORM::for_table('tbl_users')->where('id', $d['root'])->find_array()[0]);
} }
if ($isApi) {
unset($d['password']);
$agent = $ui->get('agent');
if ($agent) unset($agent['password']);
showResult(true, $action, [
'admin' => $d,
'agent' => $agent
], ['search' => $search]);
}
$ui->assign('d', $d); $ui->assign('d', $d);
$ui->assign('_title', $d['username']); $ui->assign('_title', $d['username']);
$ui->display('users-view.tpl'); $ui->display('users-view.tpl');