修复API接口编写不规范的问题

2025-08-03 19:19:49 +08:00 · 2020-03-18 13:47:11 +08:00 · 2020-03-18 13:47:11 +08:00 · 8fe755c5cd
commit 8fe755c5cd
parent 368818acd0
4 changed files with 88 additions and 59 deletions
--- a/api.php
+++ b/api.php
@ -1,55 +0,0 @@
-<?php
-/*
- * API接口
- * Author: 孙锡源
- * Version: 2.0.0
- * Author URI:https://www.ibadboy.net/
- * License: GPLv3 or later
- * License URI: http://www.gnu.org/licenses/gpl-3.0.html
- */
-
-require_once('../../../wp-config.php');
-require_once('../../../wp-includes/option.php');
-require_once('../../../wp-includes/capabilities.php');
-
-header('Content-Type:application/json; charset=utf-8');
-
-if (current_user_can('manage_options')) {
-    if (array_key_exists('get_config', $_GET)) {
-        success('', get_option('wp_china_yes_options'));
-    }
-
-    if (( ! array_key_exists('api_server', $_POST) && ! array_key_exists('download_server', $_POST)) ||
-        ( ! array_key_exists('community', $_POST) && ! array_key_exists('custom_api_server', $_POST) && ! array_key_exists('custom_download_server', $_POST))) {
-        error('参数错误', - 1);
-    }
-
-    $options                           = array();
-    $options['community']              = sanitize_text_field(trim($_POST['community']));
-    $options['custom_api_server']      = sanitize_text_field(trim($_POST['custom_api_server']));
-    $options['custom_download_server'] = sanitize_text_field(trim($_POST['custom_download_server']));
-    $options["api_server"]             = sanitize_text_field(trim($_POST['api_server']));
-    $options["download_server"]        = sanitize_text_field(trim($_POST['download_server']));
-    update_option("wp_china_yes_options", $options);
-    success('', $options);
-}
-
-error('登录失效或其他错误，请尝试刷新页面', - 3);
-
-function success($message = '', $data = []) {
-    echo json_encode([
-        'code'    => 0,
-        'message' => $message,
-        'data'    => $data
-    ], JSON_UNESCAPED_UNICODE);
-    exit;
-}
-
-function error($message = '', $code = - 1) {
-    header('Status:500');
-    echo json_encode([
-        'code'    => $code,
-        'message' => $message
-    ], JSON_UNESCAPED_UNICODE);
-    exit;
-}
--- a/index.php
+++ b/index.php
@ -41,6 +41,18 @@ class WP_CHINA_YES {
                __CLASS__,
                'admin_menu'
            ));
+            add_action('init', array(
+                __CLASS__,
+                'set_cookie'
+            ));
+            add_action('wp_ajax_wpcy_get_config', array(
+                __CLASS__,
+                'get_config'
+            ));
+            add_action('wp_ajax_wpcy_set_config', array(
+                __CLASS__,
+                'set_config'
+            ));

            if (empty(get_option('wp_china_yes_options'))) {
                self::wp_china_yes_activate();
@ -242,4 +254,55 @@ EOT;
        $iframe_str      = str_replace('/wp-content/plugins', $plugin_root_url, $iframe_str);
        echo $iframe_str;
    }
-}
+
+    public static function set_cookie() {
+        if ( ! isset($_COOKIE['wp-china-yes']) && current_user_can('manage_options')) {
+            setcookie('wp-china-yes', json_encode([
+                'get_config' => wp_create_nonce('wpcy_get_config'),
+                'set_config' => wp_create_nonce('wpcy_set_config')
+            ], JSON_UNESCAPED_UNICODE), time() + 1209600, COOKIEPATH, COOKIE_DOMAIN, false);
+        }
+    }
+
+    public static function get_config() {
+        self::success('', get_option('wp_china_yes_options'));
+    }
+
+    public static function set_config() {
+        if (( ! array_key_exists('api_server', $_POST) && ! array_key_exists('download_server', $_POST)) ||
+            ( ! array_key_exists('community', $_POST) && ! array_key_exists('custom_api_server', $_POST) && ! array_key_exists('custom_download_server', $_POST))) {
+            self::error('参数错误', - 1);
+        }
+
+        $options                           = array();
+        $options['community']              = sanitize_text_field(trim($_POST['community']));
+        $options['custom_api_server']      = sanitize_text_field(trim($_POST['custom_api_server']));
+        $options['custom_download_server'] = sanitize_text_field(trim($_POST['custom_download_server']));
+        $options["api_server"]             = sanitize_text_field(trim($_POST['api_server']));
+        $options["download_server"]        = sanitize_text_field(trim($_POST['download_server']));
+        update_option("wp_china_yes_options", $options);
+        self::success('', $options);
+    }
+
+    private static function success($message = '', $data = []) {
+        header('Content-Type:application/json; charset=utf-8');
+
+        echo json_encode([
+            'code'    => 0,
+            'message' => $message,
+            'data'    => $data
+        ], JSON_UNESCAPED_UNICODE);
+        exit;
+    }
+
+    private static function error($message = '', $code = - 1) {
+        header('Content-Type:application/json; charset=utf-8');
+        header('Status:500');
+
+        echo json_encode([
+            'code'    => $code,
+            'message' => $message
+        ], JSON_UNESCAPED_UNICODE);
+        exit;
+    }
+}
--- a/readme.md
+++ b/readme.md
@ -38,7 +38,7 @@ Master上的是开发中的版本，可能存在BUG。推荐安装最新稳定
 - [ ] 社区源宕机切换提示
 
 ### v2.0.2
- - [ ] 修复API接口编写不规范的问题
+ - [x] 修复API接口编写不规范的问题
 
 ### v2.0.1
 - [x] 修复插件无法运行在使用子目录部署的WordPress上的问题
--- a/settings.html
+++ b/settings.html
@ -106,12 +106,25 @@
 <script src="https://static.ibadboy.net/element/static/js/index.js"></script>
 <script src="https://static.ibadboy.net/element/static/js/axios.min.js"></script>
 <script>
+  function getCookie(name) {
+    let arr, reg = new RegExp("(^| )" + name + "=([^;]*)(;|$)");
+    arr = document.cookie.match(reg);
+    if (arr)
+      return (decodeURIComponent(arr[2]));
+    else
+      return null;
+  }
+
  new Vue({
    el: '#app',
    data() {
      return {
        external_api: {},
        server_desc: '',
+        token: {
+          get_config: '',
+          set_config: ''
+        },
        mirrors_form: {
          community: '0',
          custom_api_server: '',
@ -132,7 +145,11 @@
      getConfig() {
        let vm = this;
        let root_url = window.location.href.split('wp-content')[0];
-        axios.get(root_url + 'wp-content/plugins/wp-china-yes/api.php?get_config')
+        let data = new FormData();
+        data.append('_ajax_nonce', this.token.get_config);
+        data.append('action', 'wpcy_get_config');
+
+        axios.post(root_url + 'wp-admin/admin-ajax.php', data)
            .then(function (response) {
              vm.mirrors_form = response.data.data;
            })
@ -171,6 +188,8 @@
          });

          let data = new FormData();
+          data.append('_ajax_nonce', this.token.set_config);
+          data.append('action', 'wpcy_set_config');
          data.append('community', vm.mirrors_form.community);
          data.append('custom_api_server', vm.mirrors_form.custom_api_server);
          data.append('custom_download_server', vm.mirrors_form.custom_download_server);
@ -178,7 +197,7 @@
          data.append('download_server', vm.mirrors_form.download_server);

          let root_url = window.location.href.split('wp-content')[0];
-          axios.post(root_url + 'wp-content/plugins/wp-china-yes/api.php', data)
+          axios.post(root_url + 'wp-admin/admin-ajax.php', data)
              .then(function (response) {
                vm.$message({
                  message: '保存成功',
@ -204,6 +223,8 @@
    created: function () {
      document.getElementById("body").style.display = "inline";

+      this.token = JSON.parse(getCookie('wp-china-yes'));
+
      this.getConfig();
    }
  })