st52
/
btcloud
mirror of https://github.com/flucont/btcloud.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
38 Commits
1 Branch
46 Tags
1.8 GiB
Tree: e304e9acc2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e304e9acc2'
${ noResults }
btcloud/app/controller/Api.php

500 lines
19 KiB
Raw Normal View History

update
1 year ago
update
11 months ago
update
1 year ago
update
11 months ago
update
1 year ago
update
1 month ago
update
1 year ago
update
1 month ago
update
1 year ago
update
1 month ago
update
1 year ago
update
1 month ago
update
1 year ago
update
1 month ago
update
1 year ago
update
10 months ago
update
8 months ago
update
10 months ago
update
1 year ago
update
10 months ago
update
1 year ago
update
10 months ago
update
1 year ago
update
10 months ago
update
1 year ago
update
10 months ago
update
1 year ago
update
10 months ago
update
1 year ago
update
10 months ago
update
1 year ago
update
10 months ago
update
1 year ago
update
10 months ago
update
1 year ago
update
10 months ago
支持生成自签SSL证书
1 month ago
update
1 month ago
支持生成自签SSL证书
1 month ago
update
1 month ago
支持生成自签SSL证书
1 month ago
update
1 year ago
  1. <?php
  2. namespace app\controller;
  4. use think\facade\Db;
  5. use app\BaseController;
  6. use app\lib\Plugins;
  8. class Api extends BaseController
  9. {
  11. //获取插件列表
  12. public function get_plugin_list(){
  13. if(!$this->checklist()) return json('你的服务器被禁止使用此云端');
  14. $record = Db::name('record')->where('ip',$this->clientip)->find();
  15. if($record){
  16. Db::name('record')->where('id',$record['id'])->update(['usetime'=>date("Y-m-d H:i:s")]);
  17. }else{
  18. Db::name('record')->insert(['ip'=>$this->clientip, 'addtime'=>date("Y-m-d H:i:s"), 'usetime'=>date("Y-m-d H:i:s")]);
  19. }
  20. $json_arr = Plugins::get_plugin_list();
  21. if(!$json_arr) return json((object)[]);
  22. return json($json_arr);
  23. }
  25. //获取插件列表(win)
  26. public function get_plugin_list_win(){
  27. if(!$this->checklist()) return json('你的服务器被禁止使用此云端');
  28. $record = Db::name('record')->where('ip',$this->clientip)->find();
  29. if($record){
  30. Db::name('record')->where('id',$record['id'])->update(['usetime'=>date("Y-m-d H:i:s")]);
  31. }else{
  32. Db::name('record')->insert(['ip'=>$this->clientip, 'addtime'=>date("Y-m-d H:i:s"), 'usetime'=>date("Y-m-d H:i:s")]);
  33. }
  34. $json_arr = Plugins::get_plugin_list('Windows');
  35. if(!$json_arr) return json((object)[]);
  36. return json($json_arr);
  37. }
  39. //下载插件包
  40. public function download_plugin(){
  41. $plugin_name = input('post.name');
  42. $version = input('post.version');
  43. $os = input('post.os');
  44. if(!$plugin_name || !$version){
  45. return '参数不能为空';
  46. }
  47. if(!in_array($os,['Windows','Linux'])) $os = 'Linux';
  48. if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
  49. return '参数不正确';
  50. }
  51. if(!$this->checklist()) return '你的服务器被禁止使用此云端';
  52. $filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip';
  53. if(file_exists($filepath)){
  54. $filename = $plugin_name.'.zip';
  55. $this->output_file($filepath, $filename);
  56. }else{
  57. return '云端不存在该插件包';
  58. }
  59. }
  61. //下载插件主文件
  62. public function download_plugin_main(){
  63. $plugin_name = input('post.name');
  64. $version = input('post.version');
  65. $os = input('post.os');
  66. if(!$plugin_name || !$version){
  67. return '参数不能为空';
  68. }
  69. if(!in_array($os,['Windows','Linux'])) $os = 'Linux';
  70. if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
  71. return '参数不正确';
  72. }
  73. if(!$this->checklist()) return '你的服务器被禁止使用此云端';
  74. $filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip';
  75. $mainfilepath = get_data_dir($os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
  76. if(file_exists($mainfilepath)){
  77. $filename = $plugin_name.'_main.py';
  78. $this->output_file($mainfilepath, $filename);
  79. }elseif(file_exists($filepath)){
  80. $zip = new \ZipArchive;
  81. if ($zip->open($filepath) === true){
  82. echo $zip->getFromName($plugin_name.'/'.$plugin_name.'_main.py');
  83. }else{
  84. return '插件包解压缩失败';
  85. }
  86. }else{
  87. return '云端不存在该插件主文件';
  88. }
  89. }
  91. //下载插件其他文件
  92. public function download_plugin_other(){
  93. $fname = input('get.fname');
  94. if(!$fname){
  95. return json(['status'=>false, 'msg'=>'参数不能为空']);
  96. }
  97. if(strpos(dirname($fname),'.')!==false)return json(['status'=>false, 'msg'=>'参数不正确']);
  98. if(!$this->checklist()) return json(['status'=>false, 'msg'=>'你的服务器被禁止使用此云端']);
  99. $filepath = get_data_dir().'plugins/other/'.$fname;
  100. if(file_exists($filepath)){
  101. $filename = basename($fname);
  102. $this->output_file($filepath, $filename);
  103. }else{
  104. return json(['status'=>false, 'msg'=>'云端不存在该插件文件']);
  105. }
  106. }
  108. public function get_update_logs(){
  109. $type = input('get.type');
  110. if($type == 'Windows'){
  111. $version = config_get('new_version_win');
  112. $data = [
  113. [
  114. 'title' => 'Linux面板'.$version,
  115. 'body' => config_get('update_msg_win'),
  116. 'addtime' => config_get('update_date_win')
  117. ]
  118. ];
  119. }else{
  120. $version = config_get('new_version');
  121. $data = [
  122. [
  123. 'title' => 'Linux面板'.$version,
  124. 'body' => config_get('update_msg'),
  125. 'addtime' => config_get('update_date')
  126. ]
  127. ];
  128. }
  129. return jsonp($data);
  130. }
  132. public function get_version(){
  133. $version = config_get('new_version');
  134. return $version;
  135. }
  137. public function get_version_win(){
  138. $version = config_get('new_version_win');
  139. return $version;
  140. }
  142. //安装统计
  143. public function setup_count(){
  144. return 'ok';
  145. }
  147. //检测更新
  148. public function check_update(){
  149. $version = config_get('new_version');
  150. $down_url = request()->root(true).'/install/update/LinuxPanel-'.$version.'.zip';
  151. $data = [
  152. 'force' => false,
  153. 'version' => $version,
  154. 'downUrl' => $down_url,
  155. 'updateMsg' => config_get('update_msg'),
  156. 'uptime' => config_get('update_date'),
  157. 'is_beta' => 0,
  158. 'adviser' => -1,
  159. 'btb' => '',
  160. 'beta' => [
  161. 'version' => $version,
  162. 'downUrl' => $down_url,
  163. 'updateMsg' => config_get('update_msg'),
  164. 'uptime' => config_get('update_date'),
  165. ]
  166. ];
  167. return json($data);
  168. }
  170. //检测更新(win)
  171. public function check_update_win(){
  172. $version = config_get('new_version_win');
  173. $down_url = request()->root(true).'/win/panel/panel_'.$version.'.zip';
  174. $data = [
  175. 'force' => false,
  176. 'version' => $version,
  177. 'downUrl' => $down_url,
  178. 'updateMsg' => config_get('update_msg_win'),
  179. 'uptime' => config_get('update_date_win'),
  180. 'is_beta' => 0,
  181. 'py_version' => '3.8.6',
  182. 'adviser' => -1,
  183. 'is_rec' => -1,
  184. 'btb' => '',
  185. 'beta' => [
  186. 'py_version' => '3.8.6',
  187. 'version' => $version,
  188. 'downUrl' => $down_url,
  189. 'updateMsg' => config_get('update_msg_win'),
  190. 'uptime' => config_get('update_date_win'),
  191. ]
  192. ];
  193. return json($data);
  194. }
  196. //宝塔云监控获取最新版本
  197. public function btm_latest_version(){
  198. $data = [
  199. 'version' => config_get('new_version_btm'),
  200. 'description' => config_get('update_msg_btm'),
  201. 'create_time' => config_get('update_date_btm')
  202. ];
  203. return json($data);
  204. }
  206. //宝塔云监控更新日志
  207. public function btm_update_history(){
  208. $data = [
  209. [
  210. 'version' => config_get('new_version_btm'),
  211. 'description' => config_get('update_msg_btm'),
  212. 'create_time' => config_get('update_date_btm')
  213. ]
  214. ];
  215. return json($data);
  216. }
  218. //宝塔云WAF最新版本
  219. public function btwaf_latest_version(){
  220. $type = input('?post.type') ? input('post.type') : 0;
  221. if($type == 1){
  222. $data = [
  223. 'version' => '1.1',
  224. 'description' => '暂无更新日志',
  225. 'create_time' => 1705315163,
  226. ];
  227. }else{
  228. $data = [
  229. 'version' => '3.0',
  230. 'description' => '暂无更新日志',
  231. 'create_time' => 1705315163,
  232. ];
  233. }
  234. $data = bin2hex(json_encode($data));
  235. return json(['status'=>true,'err_no'=>0,'msg'=>'获取成功','data'=>$data]);
  236. }
  238. //获取内测版更新日志
  239. public function get_beta_logs(){
  240. return json(['beta_ps'=>'当前暂无内测版', 'list'=>[]]);
  241. }
  243. //检查用户绑定是否正确
  244. public function check_auth_key(){
  245. return '1';
  246. }
  248. //从云端验证域名是否可访问
  249. public function check_domain(){
  250. $domain = input('post.domain',null,'trim');
  251. $ssl = input('post.ssl/d');
  252. if(!$domain) return json(['status'=>false, 'msg'=>'域名不能为空']);
  253. if(!strpos($domain,'.')) return json(['status'=>false, 'msg'=>'域名格式不正确']);
  254. $domain = str_replace('*.','',$domain);
  255. $ip = gethostbyname($domain);
  256. if(!$ip || $ip == $domain){
  257. return json(['status'=>false, 'msg'=>'无法访问']);
  258. }else{
  259. return json(['status'=>true, 'msg'=>'访问正常']);
  260. }
  261. }
  263. //同步时间
  264. public function get_time(){
  265. return time();
  266. }
  268. //同步时间
  269. public function get_win_date(){
  270. return date("Y-m-d H:i:s");
  271. }
  273. //查询是否专业版(废弃)
  274. public function is_pro(){
  275. return json(['endtime'=>true, 'code'=>1]);
  276. }
  278. //获取产品推荐信息
  279. public function get_plugin_remarks(){
  280. return json(['list'=>[], 'pro_list'=>[], 'kfqq'=>'', 'kf'=>'', 'qun'=>'']);
  281. }
  283. //获取指定插件评分
  284. public function get_plugin_socre(){
  285. return json(['total'=>0, 'split'=>[0,0,0,0,0],'page'=>"<div><span class='Pcurrent'>1</span><span class='Pcount'>共计0条数据</span></div>",'data'=>[]]);
  286. }
  288. //提交插件评分
  289. public function plugin_score(){
  290. return json(['status'=>true, 'msg'=>'您的评分已成功提交,感谢您的支持!']);
  291. }
  293. //获取IP地址
  294. public function get_ip_address(){
  295. return $this->clientip;
  296. }
  298. //绑定账号
  299. public function get_auth_token(){
  300. if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
  301. $reqData = hex2bin(input('post.data'));
  302. parse_str($reqData, $arr);
  303. $serverid = $arr['serverid'];
  304. $userinfo = ['uid'=>1, 'username'=>'Administrator', 'address'=>'127.0.0.1', 'serverid'=>$serverid, 'access_key'=>random(48), 'secret_key'=>random(48), 'ukey'=>md5(time()), 'state'=>1];
  305. $data = bin2hex(json_encode($userinfo));
  306. return json(['status'=>true, 'msg'=>'登录成功!', 'data'=>$data]);
  307. }
  309. //绑定账号新
  310. public function authorization_login(){
  311. if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
  312. $reqData = hex2bin(input('post.data'));
  313. parse_str($reqData, $arr);
  314. $serverid = $arr['serverid'];
  315. $userinfo = ['uid'=>1, 'username'=>'Administrator', 'ip'=>'127.0.0.1', 'server_id'=>$serverid, 'access_key'=>random(48), 'secret_key'=>random(48)];
  316. $data = bin2hex(json_encode($userinfo));
  317. return json(['status'=>true, 'err_no'=>0, 'msg'=>'账号绑定成功', 'data'=>$data]);
  318. }
  320. //刷新授权信息
  321. public function authorization_info(){
  322. if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
  323. $reqData = hex2bin(input('post.data'));
  324. parse_str($reqData, $arr);
  325. $id = isset($arr['id'])&&$arr['id']>0?$arr['id']:1;
  326. $userinfo = ['id'=>$id, 'product'=>$arr['product'], 'status'=>2, 'clients'=>9999, 'durations'=>0, 'end_time'=>strtotime('+10 year')];
  327. $data = bin2hex(json_encode($userinfo));
  328. return json(['status'=>true, 'err_no'=>0, 'data'=>$data]);
  329. }
  331. //刷新授权信息
  332. public function update_license(){
  333. if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
  334. $reqData = hex2bin(input('post.data'));
  335. parse_str($reqData, $arr);
  336. if(!isset($arr['product']) || !isset($arr['serverid'])) return json(['status'=>false, 'msg'=>'缺少参数']);
  338. $license_data = ['product'=>$arr['product'], 'uid'=>random(32), 'phone'=>'138****8888', 'auth_id'=>random(32), 'server_id'=>substr($arr['serverid'], 0, 32), 'auth'=>['apis'=>[], 'menu'=>[], 'extra'=>['type'=>3,'location'=>-1,'smart_cc'=>-1,'site'=>0]], 'pages'=>[], 'end_time'=>strtotime('+10 year')];
  339. $json = json_encode($license_data);
  341. [$public_key, $private_key] = generateKeyPairs();
  342. $public_key = pemToBase64($public_key);
  344. $key1 = random(32);
  345. $key2 = substr($public_key, 0, 32);
  346. $encrypted1 = licenseEncrypt($json, $key1);
  347. $encrypted2 = licenseEncrypt($key1, $key2);
  348. $sign_data = $encrypted1.'.'.$encrypted2;
  349. openssl_sign($sign_data, $signature, $private_key, OPENSSL_ALGO_SHA256);
  350. $signature = base64_encode($signature);
  352. $license = base64_encode($sign_data.'.'.$signature);
  353. $data = bin2hex(json_encode(['public_key'=>$public_key, 'license'=>$license]));
  354. return json(['status'=>true, 'err_no'=>0, 'msg'=>'授权获取成功', 'data'=>$data]);
  355. }
  357. public function is_obtained_btw_trial(){
  358. $data = ['is_obtained'=>0];
  359. $data = bin2hex(json_encode($data));
  360. return json(['status'=>true, 'err_no'=>0, 'data'=>$data, 'msg'=>'检测成功']);
  361. }
  363. //一键部署列表
  364. public function get_deplist(){
  365. $os = input('post.os');
  366. $json_arr = Plugins::get_deplist($os);
  367. if(!$json_arr) return json([]);
  368. return json($json_arr);
  369. }
  371. //获取宝塔SSL列表
  372. public function get_ssl_list(){
  373. $data = bin2hex('[]');
  374. return json(['status'=>true, 'msg'=>'', 'data'=>$data]);
  375. }
  377. public function return_success(){
  378. return json(['status'=>true, 'msg'=>1, 'data'=>(object)[]]);
  379. }
  381. public function return_error(){
  382. return json(['status'=>false, 'msg'=>'不支持当前操作']);
  383. }
  385. public function return_error2(){
  386. return json(['success'=>false, 'res'=>'不支持当前操作']);
  387. }
  389. public function return_empty(){
  390. return '';
  391. }
  393. public function return_empty_array(){
  394. return json([]);
  395. }
  397. public function return_page_data(){
  398. return json(['page'=>"<div><span class='Pcurrent'>1</span><span class='Pnumber'>1/0</span><span class='Pline'>从1-1000条</span><span class='Pcount'>共计0条数据</span></div>", 'data'=>[]]);
  399. }
  401. //获取所有蜘蛛IP列表
  402. public function btwaf_getspiders(){
  403. try{
  404. $result = Plugins::btwaf_getspiders();
  405. return json($result);
  406. }catch(\Exception $e){
  407. return json(['status'=>false, 'msg'=>$e->getMessage()]);
  408. }
  409. }
  411. //分类获取蜘蛛IP列表
  412. public function get_spider(){
  413. $type = input('get.spider/d');
  414. if(!$type) return json([]);
  415. $result = Plugins::get_spider($type);
  416. return json($result);
  417. }
  419. //检查黑白名单
  420. private function checklist(){
  421. if(config_get('whitelist') == 1){
  422. if(Db::name('white')->where('ip', $this->clientip)->where('enable', 1)->find()){
  423. return true;
  424. }
  425. return false;
  426. }else{
  427. if(Db::name('black')->where('ip', $this->clientip)->where('enable', 1)->find()){
  428. return false;
  429. }
  430. return true;
  431. }
  432. }
  434. //下载大文件
  435. private function output_file($filepath, $filename){
  436. $filesize = filesize($filepath);
  437. $filemd5 = md5_file($filepath);
  439. ob_clean();
  440. header("Content-Type: application/octet-stream");
  441. header("Content-Disposition: attachment; filename={$filename}.zip");
  442. header("Content-Length: {$filesize}");
  443. header("File-size: {$filesize}");
  444. header("Content-md5: {$filemd5}");
  446. $read_buffer = 1024 * 100;
  447. $handle = fopen($filepath, 'rb');
  448. $sum_buffer = 0;
  449. while(!feof($handle) && $sum_buffer<$filesize) {
  450. echo fread($handle, min($read_buffer, ($filesize - $sum_buffer) + 1));
  451. $sum_buffer += $read_buffer;
  452. flush();
  453. }
  454. fclose($handle);
  455. exit;
  456. }
  458. public function logerror(){
  459. $content = date('Y-m-d H:i:s')."\r\n";
  460. $content.=$_SERVER['REQUEST_METHOD'].' '.$_SERVER['REQUEST_URI']."\r\n";
  461. if($_SERVER['REQUEST_METHOD'] == 'POST'){
  462. $content.=file_get_contents('php://input')."\r\n";
  463. }
  464. $handle = fopen(app()->getRootPath()."record.txt", 'a');
  465. fwrite($handle, $content."\r\n");
  466. fclose($handle);
  467. return json(['status'=>false, 'msg'=>'不支持当前操作']);
  468. }
  470. //生成自签名SSL证书
  471. public function bt_cert(){
  472. $data = input('post.data');
  473. $param = json_decode($data, true);
  474. if(!$param || !isset($param['action']) || !isset($param['domain'])) return json(['status'=>false, 'msg'=>'参数错误']);
  476. $dir = app()->getBasePath().'script/';
  477. $ssl_path = app()->getRootPath().'public/ssl/baota_root.pfx';
  478. $isca = file_exists($dir.'ca.crt') && file_exists($dir.'ca.key') && file_exists($ssl_path);
  479. if(!$isca) return json(['status'=>false, 'msg'=>'CA证书不存在']);
  481. if($param['action'] == 'get_domain_cert'){
  482. if(!$this->checklist()) return json(['status'=>false, 'msg'=>'你的服务器被禁止使用此云端']);
  483. $domain = $param['domain'];
  484. if(empty($domain)) return json(['status'=>false, 'msg'=>'域名不能为空']);
  485. $domain_list = explode(',', $domain);
  486. foreach($domain_list as $d){
  487. if(!checkDomain($d)) return json(['status'=>false, 'msg'=>'域名或IP格式不正确:'.$d]);
  488. }
  489. $common_name = $domain_list[0];
  490. $validity = 3650;
  491. $result = makeSelfSignSSL($common_name, $domain_list, $validity);
  492. if(!$result){
  493. return json(['status'=>false, 'msg'=>'生成证书失败']);
  494. }
  495. $ca_pfx = base64_encode(file_get_contents($ssl_path));
  496. return json(['status'=>true, 'msg'=>'生成证书成功', 'cert'=>$result['cert'], 'key'=>$result['key'], 'pfx'=>$ca_pfx, 'password'=>'']);
  497. }else{
  498. return json(['status'=>false, 'msg'=>'不支持当前操作']);
  499. }
  500. }
  501. }