st52
/
btcloud
mirror of https://github.com/flucont/btcloud.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
65 Commits
1 Branch
56 Tags
2.7 GiB
Branch: main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
btcloud/app/controller/Api.php

719 lines
26 KiB
Raw Permalink Normal View History

update
2 years ago
修复无法获取宝塔恶意IP
3 months ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
7 months ago
update
2 years ago
update
1 year ago
update
2 years ago
update
7 months ago
update
2 years ago
update
1 year ago
update
2 years ago
update
1 year ago
update
2 years ago
update
1 year ago
update
2 years ago
update
1 year ago
update
2 years ago
update
7 months ago
update
2 years ago
update
7 months ago
update
11 months ago
update
7 months ago
update
2 years ago
update
7 months ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
4 days ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
修复无法获取宝塔恶意IP
3 months ago
update
2 years ago
update
7 months ago
update
7 months ago
update
2 years ago
update
2 years ago
update
2 years ago
fix
5 months ago
update
2 years ago
update
7 months ago
update
2 years ago
update
2 years ago
支持生成自签SSL证书
1 year ago
update
1 year ago
支持生成自签SSL证书
1 year ago
update
1 year ago
支持生成自签SSL证书
1 year ago
update
2 years ago
  1. <?php
  2. namespace app\controller;
  4. use think\facade\Db;
  5. use think\facade\Cache;
  6. use app\BaseController;
  7. use app\lib\Plugins;
  9. class Api extends BaseController
  10. {
  12. //获取插件列表
  13. public function get_plugin_list(){
  14. if(!$this->checklist()) return json('你的服务器被禁止使用此云端');
  15. $record = Db::name('record')->where('ip',$this->clientip)->find();
  16. if($record){
  17. Db::name('record')->where('id',$record['id'])->update(['usetime'=>date("Y-m-d H:i:s")]);
  18. }else{
  19. Db::name('record')->insert(['ip'=>$this->clientip, 'addtime'=>date("Y-m-d H:i:s"), 'usetime'=>date("Y-m-d H:i:s")]);
  20. }
  21. $json_arr = Plugins::get_plugin_list();
  22. if(!$json_arr) return json((object)[]);
  23. return json($json_arr);
  24. }
  26. //获取插件列表(win)
  27. public function get_plugin_list_win(){
  28. if(!$this->checklist()) return json('你的服务器被禁止使用此云端');
  29. $record = Db::name('record')->where('ip',$this->clientip)->find();
  30. if($record){
  31. Db::name('record')->where('id',$record['id'])->update(['usetime'=>date("Y-m-d H:i:s")]);
  32. }else{
  33. Db::name('record')->insert(['ip'=>$this->clientip, 'addtime'=>date("Y-m-d H:i:s"), 'usetime'=>date("Y-m-d H:i:s")]);
  34. }
  35. $json_arr = Plugins::get_plugin_list('Windows');
  36. if(!$json_arr) return json((object)[]);
  37. return json($json_arr);
  38. }
  40. //获取插件列表(aapanel)
  41. public function get_plugin_list_en(){
  42. if(!$this->checklist()) return json('你的服务器被禁止使用此云端');
  43. $record = Db::name('record')->where('ip',$this->clientip)->find();
  44. if($record){
  45. Db::name('record')->where('id',$record['id'])->update(['usetime'=>date("Y-m-d H:i:s")]);
  46. }else{
  47. Db::name('record')->insert(['ip'=>$this->clientip, 'addtime'=>date("Y-m-d H:i:s"), 'usetime'=>date("Y-m-d H:i:s")]);
  48. }
  49. $json_arr = Plugins::get_plugin_list('en');
  50. if(!$json_arr) return json((object)[]);
  51. return json($json_arr);
  52. }
  54. //下载插件包
  55. public function download_plugin(){
  56. $plugin_name = input('post.name');
  57. $version = input('post.version');
  58. $os = input('post.os');
  59. if(!$plugin_name || !$version){
  60. return '参数不能为空';
  61. }
  62. if(!in_array($os,['Windows','Linux'])) $os = 'Linux';
  63. if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
  64. return '参数不正确';
  65. }
  66. if(!$this->checklist()) return '你的服务器被禁止使用此云端';
  67. $filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip';
  68. if(file_exists($filepath)){
  69. $filename = $plugin_name.'.zip';
  70. $this->output_file($filepath, $filename);
  71. }else{
  72. return '云端不存在该插件包';
  73. }
  74. }
  76. //下载插件包aapanel
  77. public function download_plugin_en(){
  78. $plugin_name = input('post.name');
  79. $version = input('post.version');
  80. if(!$plugin_name || !$version){
  81. return '参数不能为空';
  82. }
  83. if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
  84. return '参数不正确';
  85. }
  86. if(!$this->checklist()) return '你的服务器被禁止使用此云端';
  87. $filepath = get_data_dir('en').'plugins/package/'.$plugin_name.'-'.$version.'.zip';
  88. if(file_exists($filepath)){
  89. $filename = $plugin_name.'.zip';
  90. $this->output_file($filepath, $filename);
  91. }else{
  92. return '云端不存在该插件包';
  93. }
  94. }
  96. //下载插件主文件
  97. public function download_plugin_main(){
  98. $plugin_name = input('post.name');
  99. $version = input('post.version');
  100. $os = input('post.os');
  101. if(!$plugin_name || !$version){
  102. return '参数不能为空';
  103. }
  104. if(!in_array($os,['Windows','Linux'])) $os = 'Linux';
  105. if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
  106. return '参数不正确';
  107. }
  108. if(!$this->checklist()) return '你的服务器被禁止使用此云端';
  109. $filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip';
  110. $mainfilepath = get_data_dir($os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
  111. if(file_exists($mainfilepath)){
  112. $filename = $plugin_name.'_main.py';
  113. $this->output_file($mainfilepath, $filename);
  114. }elseif(file_exists($filepath)){
  115. $zip = new \ZipArchive;
  116. if ($zip->open($filepath) === true){
  117. echo $zip->getFromName($plugin_name.'/'.$plugin_name.'_main.py');
  118. }else{
  119. return '插件包解压缩失败';
  120. }
  121. }else{
  122. return '云端不存在该插件主文件';
  123. }
  124. }
  126. //下载插件其他文件
  127. public function download_plugin_other(){
  128. $fname = input('get.fname');
  129. if(!$fname){
  130. $fname = input('get.filename');
  131. if(!$fname){
  132. return json(['status'=>false, 'msg'=>'参数不能为空']);
  133. }
  134. }
  135. if(strpos(dirname($fname),'.')!==false)return json(['status'=>false, 'msg'=>'参数不正确']);
  136. if(!$this->checklist()) return json(['status'=>false, 'msg'=>'你的服务器被禁止使用此云端']);
  137. $filepath = get_data_dir().'plugins/other/'.$fname;
  138. if(file_exists($filepath)){
  139. $filename = basename($fname);
  140. $this->output_file($filepath, $filename);
  141. }else{
  142. return json(['status'=>false, 'msg'=>'云端不存在该插件文件']);
  143. }
  144. }
  146. public function get_update_logs(){
  147. $type = input('get.type');
  148. if($type == 'Windows'){
  149. $version = config_get('new_version_win');
  150. $data = [
  151. [
  152. 'title' => 'Linux面板'.$version,
  153. 'body' => config_get('update_msg_win'),
  154. 'addtime' => config_get('update_date_win')
  155. ]
  156. ];
  157. }else{
  158. $version = config_get('new_version');
  159. $data = [
  160. [
  161. 'title' => 'Linux面板'.$version,
  162. 'body' => config_get('update_msg'),
  163. 'addtime' => config_get('update_date')
  164. ]
  165. ];
  166. }
  167. return jsonp($data);
  168. }
  170. public function get_version(){
  171. $version = config_get('new_version');
  172. return $version;
  173. }
  175. public function get_version_win(){
  176. $version = config_get('new_version_win');
  177. return $version;
  178. }
  180. public function get_version_en(){
  181. $version = config_get('new_version_en');
  182. return $version;
  183. }
  185. public function get_panel_version(){
  186. $version = config_get('new_version');
  187. $file = app()->getRootPath().'public/install/update/LinuxPanel-'.$version.'.zip';
  188. $hash = hash_file('sha256', $file);
  189. $data = [
  190. 'version' => $version,
  191. 'hash' => $hash,
  192. 'update_time' => filemtime($file),
  193. ];
  194. return json($data);
  195. }
  197. public function get_panel_version_v2(){
  198. $version = config_get('new_version');
  199. $down_url = request()->root(true).'/install/update/LinuxPanel-'.$version.'.zip';
  200. $data = [
  201. 'OfficialVersion' => [
  202. 'version' => $version,
  203. 'downUrl' => $down_url,
  204. 'updateMsg' => config_get('update_msg'),
  205. 'uptime' => config_get('update_date'),
  206. ],
  207. 'OfficialVersionLatest' => [],
  208. 'AccountVersion' => [],
  209. ];
  210. return json($data);
  211. }
  213. //安装统计
  214. public function setup_count(){
  215. return 'ok';
  216. }
  218. //检测更新
  219. public function check_update(){
  220. $version = config_get('new_version');
  221. $down_url = request()->root(true).'/install/update/LinuxPanel-'.$version.'.zip';
  222. $data = [
  223. 'force' => false,
  224. 'version' => $version,
  225. 'downUrl' => $down_url,
  226. 'updateMsg' => config_get('update_msg'),
  227. 'uptime' => config_get('update_date'),
  228. 'is_beta' => 0,
  229. 'adviser' => -1,
  230. 'btb' => '',
  231. 'beta' => [
  232. 'version' => $version,
  233. 'downUrl' => $down_url,
  234. 'updateMsg' => config_get('update_msg'),
  235. 'uptime' => config_get('update_date'),
  236. ]
  237. ];
  238. return json($data);
  239. }
  241. //检测更新(win)
  242. public function check_update_win(){
  243. $version = config_get('new_version_win');
  244. $down_url = request()->root(true).'/win/panel/panel_'.$version.'.zip';
  245. $data = [
  246. 'force' => false,
  247. 'version' => $version,
  248. 'downUrl' => $down_url,
  249. 'updateMsg' => config_get('update_msg_win'),
  250. 'uptime' => config_get('update_date_win'),
  251. 'is_beta' => 0,
  252. 'py_version' => '3.8.6',
  253. 'adviser' => -1,
  254. 'is_rec' => -1,
  255. 'btb' => '',
  256. 'beta' => [
  257. 'py_version' => '3.8.6',
  258. 'version' => $version,
  259. 'downUrl' => $down_url,
  260. 'updateMsg' => config_get('update_msg_win'),
  261. 'uptime' => config_get('update_date_win'),
  262. ]
  263. ];
  264. return json($data);
  265. }
  267. //检测更新(aapanel)
  268. public function check_update_en(){
  269. $version = config_get('new_version_en');
  270. $down_url = request()->root(true).'/install/update/LinuxPanel_EN-'.$version.'.zip';
  271. $data = [
  272. 'force' => false,
  273. 'version' => $version,
  274. 'downUrl' => $down_url,
  275. 'updateMsg' => config_get('update_msg_en'),
  276. 'uptime' => config_get('update_date_en'),
  277. 'is_beta' => 0,
  278. 'btb' => '',
  279. 'beta' => [
  280. 'version' => $version,
  281. 'downUrl' => $down_url,
  282. 'updateMsg' => config_get('update_msg_en'),
  283. 'uptime' => config_get('update_date_en'),
  284. ]
  285. ];
  286. return json($data);
  287. }
  289. //宝塔云监控获取最新版本
  290. public function btm_latest_version(){
  291. $data = [
  292. 'version' => config_get('new_version_btm'),
  293. 'description' => config_get('update_msg_btm'),
  294. 'create_time' => config_get('update_date_btm')
  295. ];
  296. return json($data);
  297. }
  299. //宝塔云监控更新日志
  300. public function btm_update_history(){
  301. $data = [
  302. [
  303. 'version' => config_get('new_version_btm'),
  304. 'description' => config_get('update_msg_btm'),
  305. 'create_time' => config_get('update_date_btm')
  306. ]
  307. ];
  308. return json($data);
  309. }
  311. //宝塔云WAF最新版本
  312. public function btwaf_latest_version(){
  313. $type = input('?post.type') ? input('post.type') : 0;
  314. if($type == 1){
  315. $data = [
  316. 'version' => '1.1',
  317. 'description' => '暂无更新日志',
  318. 'create_time' => 1705315163,
  319. ];
  320. }else{
  321. $data = [
  322. 'version' => '3.0',
  323. 'description' => '暂无更新日志',
  324. 'create_time' => 1705315163,
  325. ];
  326. }
  327. $data = bin2hex(json_encode($data));
  328. return json(['status'=>true,'err_no'=>0,'msg'=>'获取成功','data'=>$data]);
  329. }
  331. //宝塔云控版本信息
  332. public function cloudc_version_info(){
  333. return json(['status'=>true,'msg'=>'获取成功','data'=>[
  334. 'version' => '1.0.5',
  335. 'download' => '',
  336. 'uptime' => '2025/06/16',
  337. 'upmsg' => '暂无更新日志'
  338. ]]);
  339. }
  341. //宝塔云控版本信息
  342. public function cloudc_get_version(){
  343. return json(['status'=>true,'msg'=>'','oid'=>'','data'=>[
  344. 'officialVersion' => [
  345. 'version' => '1.0.5',
  346. 'download' => '',
  347. 'uptime' => '2025/06/16',
  348. 'updateMsg' => '暂无更新日志'
  349. ],
  350. ]]);
  351. }
  353. //宝塔云控授权信息
  354. public function cloudc_order_status(){
  355. $data = [
  356. 'status' => true,
  357. 'msg' => '获取成功',
  358. 'oid' => '',
  359. 'data' => [
  360. 'id' => 1,
  361. 'address' => real_ip(),
  362. 'buytime' => time(),
  363. 'endtime' => time() + 86400 * 3650,
  364. 'num' => 9999,
  365. 'max_num' => 9999,
  366. 'pid' => 100000023,
  367. 'renew_price' => 0,
  368. 'state' => 1,
  369. ]
  370. ];
  371. return json($data);
  372. }
  374. //获取内测版更新日志
  375. public function get_beta_logs(){
  376. return json(['beta_ps'=>'当前暂无内测版', 'list'=>[]]);
  377. }
  379. //检查用户绑定是否正确
  380. public function check_auth_key(){
  381. return '1';
  382. }
  384. //从云端验证域名是否可访问
  385. public function check_domain(){
  386. $domain = input('post.domain',null,'trim');
  387. $ssl = input('post.ssl/d');
  388. if(!$domain) return json(['status'=>false, 'msg'=>'域名不能为空']);
  389. if(!strpos($domain,'.')) return json(['status'=>false, 'msg'=>'域名格式不正确']);
  390. $domain = str_replace('*.','',$domain);
  391. $ip = gethostbyname($domain);
  392. if(!$ip || $ip == $domain){
  393. return json(['status'=>false, 'msg'=>'无法访问']);
  394. }else{
  395. return json(['status'=>true, 'msg'=>'访问正常']);
  396. }
  397. }
  399. //同步时间
  400. public function get_time(){
  401. return time();
  402. }
  404. //同步时间
  405. public function get_win_date(){
  406. return date("Y-m-d H:i:s");
  407. }
  409. //查询是否专业版(废弃)
  410. public function is_pro(){
  411. return json(['endtime'=>true, 'code'=>1]);
  412. }
  414. //获取产品推荐信息
  415. public function get_plugin_remarks(){
  416. return json(['list'=>[], 'pro_list'=>[], 'kfqq'=>'', 'kf'=>'', 'qun'=>'']);
  417. }
  419. //获取指定插件评分
  420. public function get_plugin_socre(){
  421. return json(['total'=>0, 'split'=>[0,0,0,0,0],'page'=>"<div><span class='Pcurrent'>1</span><span class='Pcount'>共计0条数据</span></div>",'data'=>[]]);
  422. }
  424. //提交插件评分
  425. public function plugin_score(){
  426. return json(['status'=>true, 'msg'=>'您的评分已成功提交,感谢您的支持!']);
  427. }
  429. //获取IP地址
  430. public function get_ip_address(){
  431. return $this->clientip;
  432. }
  434. //绑定账号
  435. public function get_auth_token(){
  436. if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
  437. $reqData = hex2bin(input('post.data'));
  438. parse_str($reqData, $arr);
  439. $serverid = $arr['serverid'];
  440. $userinfo = ['uid'=>1, 'username'=>'Administrator', 'address'=>'127.0.0.1', 'serverid'=>$serverid, 'access_key'=>random(48), 'secret_key'=>random(48), 'ukey'=>md5(time()), 'state'=>1];
  441. $data = bin2hex(json_encode($userinfo));
  442. return json(['status'=>true, 'msg'=>'登录成功!', 'data'=>$data]);
  443. }
  445. //绑定账号新
  446. public function authorization_login(){
  447. if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
  448. $reqData = hex2bin(input('post.data'));
  449. parse_str($reqData, $arr);
  450. $serverid = $arr['serverid'];
  451. $userinfo = ['uid'=>1, 'username'=>'Administrator', 'ip'=>'127.0.0.1', 'server_id'=>$serverid, 'access_key'=>random(48), 'secret_key'=>random(48)];
  452. $data = bin2hex(json_encode($userinfo));
  453. return json(['status'=>true, 'err_no'=>0, 'msg'=>'账号绑定成功', 'data'=>$data]);
  454. }
  456. //刷新授权信息
  457. public function authorization_info(){
  458. if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
  459. $reqData = hex2bin(input('post.data'));
  460. parse_str($reqData, $arr);
  461. $id = isset($arr['id'])&&$arr['id']>0?$arr['id']:1;
  462. $userinfo = ['id'=>$id, 'product'=>$arr['product'], 'status'=>2, 'clients'=>9999, 'durations'=>0, 'end_time'=>strtotime('+10 year')];
  463. $data = bin2hex(json_encode($userinfo));
  464. return json(['status'=>true, 'err_no'=>0, 'data'=>$data]);
  465. }
  467. //刷新授权信息
  468. public function update_license(){
  469. if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
  470. $reqData = hex2bin(input('post.data'));
  471. parse_str($reqData, $arr);
  472. if(!isset($arr['product']) || !isset($arr['serverid'])) return json(['status'=>false, 'msg'=>'缺少参数']);
  474. $license_data = ['product'=>$arr['product'], 'uid'=>random(32), 'phone'=>'138****8888', 'auth_id'=>random(32), 'server_id'=>substr($arr['serverid'], 0, 32), 'auth'=>['apis'=>[], 'menu'=>[], 'extra'=>['type'=>3,'location'=>-1,'smart_cc'=>-1,'site'=>0]], 'pages'=>[], 'end_time'=>strtotime('+10 year')];
  475. $json = json_encode($license_data);
  477. [$public_key, $private_key] = generateKeyPairs();
  478. $public_key = pemToBase64($public_key);
  480. $key1 = random(32);
  481. $key2 = substr($public_key, 0, 32);
  482. $encrypted1 = licenseEncrypt($json, $key1);
  483. $encrypted2 = licenseEncrypt($key1, $key2);
  484. $sign_data = $encrypted1.'.'.$encrypted2;
  485. openssl_sign($sign_data, $signature, $private_key, OPENSSL_ALGO_SHA256);
  486. $signature = base64_encode($signature);
  488. $license = base64_encode($sign_data.'.'.$signature);
  489. $data = bin2hex(json_encode(['public_key'=>$public_key, 'license'=>$license]));
  490. return json(['status'=>true, 'err_no'=>0, 'msg'=>'授权获取成功', 'data'=>$data]);
  491. }
  493. public function is_obtained_btw_trial(){
  494. $data = ['is_obtained'=>0];
  495. $data = bin2hex(json_encode($data));
  496. return json(['status'=>true, 'err_no'=>0, 'data'=>$data, 'msg'=>'检测成功']);
  497. }
  499. //一键部署列表
  500. public function get_deplist(){
  501. $os = input('post.os');
  502. $json_arr = Plugins::get_deplist($os);
  503. if(!$json_arr) return json([]);
  504. return json($json_arr);
  505. }
  507. //获取宝塔SSL列表
  508. public function get_ssl_list(){
  509. $data = bin2hex('[]');
  510. return json(['status'=>true, 'msg'=>'', 'data'=>$data]);
  511. }
  513. //获取堡塔云WAF恶意IP库
  514. public function get_malicious_ip_list()
  515. {
  516. $cacheKey = 'malicious_ip_list';
  518. // 尝试从缓存获取
  519. if (Cache::has($cacheKey)) {
  520. return json(json_decode(Cache::get($cacheKey), true));
  521. }
  522. $url = 'https://api.bt.cn/bt_waf/get_malicious_ip';
  523. $postData = json_encode([
  524. 'x_bt_token' => 'MzI3YjAzOGQ3Yjk3NjUxYjVlMDkyMGFm'
  525. ]);
  527. $ch = curl_init();
  528. curl_setopt($ch, CURLOPT_URL, $url);
  529. curl_setopt($ch, CURLOPT_POST, 1);
  530. curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
  531. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  532. curl_setopt($ch, CURLOPT_HTTPHEADER, [
  533. 'Content-Type: application/json',
  534. 'Content-Length: ' . strlen($postData)
  535. ]);
  537. $response = curl_exec($ch);
  538. if (curl_errno($ch)) {
  539. return json(['status'=>true, 'msg'=>'', 'data'=>bin2hex('[]')]);
  540. }
  541. curl_close($ch);
  542. Cache::set($cacheKey, $response, 86400); //缓存一天
  544. return json(json_decode($response, true));
  545. }
  547. public function return_success(){
  548. return json(['status'=>true, 'msg'=>1, 'data'=>(object)[]]);
  549. }
  551. public function return_error(){
  552. return json(['status'=>false, 'msg'=>'不支持当前操作']);
  553. }
  555. public function return_error2(){
  556. return json(['success'=>false, 'res'=>'不支持当前操作']);
  557. }
  559. public function return_empty(){
  560. return '';
  561. }
  563. public function return_empty_array(){
  564. return json([]);
  565. }
  567. public function return_page_data(){
  568. return json(['page'=>"<div><span class='Pcurrent'>1</span><span class='Pnumber'>1/0</span><span class='Pline'>从1-1000条</span><span class='Pcount'>共计0条数据</span></div>", 'data'=>[]]);
  569. }
  571. public function nps_check(){
  572. return json(['err_no'=>0, 'success'=>true, 'res'=>true, 'nonce'=>time()]);
  573. }
  575. public function nps_questions(){
  576. return json(['err_no'=>0, 'success'=>true, 'res'=>[], 'nonce'=>time()]);
  577. }
  579. public function nps_submit(){
  580. return json(['err_no'=>0, 'success'=>true, 'res'=>'Success', 'nonce'=>time()]);
  581. }
  583. public function get_user_give_away(){
  584. return json(['no_exceed_limit'=>false, 'user_give'=>true]);
  585. }
  587. //获取所有蜘蛛IP列表
  588. public function btwaf_getspiders(){
  589. try{
  590. $result = Plugins::btwaf_getspiders();
  591. return json($result);
  592. }catch(\Exception $e){
  593. return json(['status'=>false, 'msg'=>$e->getMessage()]);
  594. }
  595. }
  597. //分类获取蜘蛛IP列表
  598. public function get_spider(){
  599. $type = input('get.spider/d');
  600. if(!$type) return json([]);
  601. $result = Plugins::get_spider($type);
  602. return json($result);
  603. }
  605. //获取堡塔恶意情报IP库
  606. public function btwaf_getmalicious(){
  607. try{
  608. $result = Plugins::btwaf_getmalicious();
  609. return json($result);
  610. }catch(\Exception $e){
  611. return json(['success'=>false, 'res'=>$e->getMessage()]);
  612. }
  613. }
  615. //检查是否国内IP
  616. public function check_cnip(){
  617. $clientip = bindec(decbin(ip2long($this->clientip)));
  618. $json_file = app()->getBasePath().'lib/cn.json';
  619. $arr = json_decode(file_get_contents($json_file), true);
  620. if(!$arr) return 'False';
  621. foreach($arr as $ip_arr){
  622. if($clientip >= $ip_arr[0] && $clientip <= $ip_arr[1]){
  623. return 'True';
  624. }
  625. }
  626. return 'False';
  627. }
  629. //邮件配额
  630. public function email_user_surplus(){
  631. $data = [
  632. 'free' => ['surplus' => '120000', 'total' => '120000', 'used' => '0'],
  633. 'period' => ['surplus' => '2000000', 'total' => '2000000', 'used' => '0'],
  634. ];
  635. return json(['success'=>true, 'msg'=>'获取成功', 'res'=>$data]);
  636. }
  638. //检查黑白名单
  639. private function checklist(){
  640. if(config_get('whitelist') == 1){
  641. if(Db::name('white')->where('ip', $this->clientip)->where('enable', 1)->find()){
  642. return true;
  643. }
  644. return false;
  645. }else{
  646. if(Db::name('black')->where('ip', $this->clientip)->where('enable', 1)->find()){
  647. return false;
  648. }
  649. return true;
  650. }
  651. }
  653. //下载大文件
  654. private function output_file($filepath, $filename){
  655. $filesize = filesize($filepath);
  656. $filemd5 = md5_file($filepath);
  658. ob_clean();
  659. header("Content-Type: application/octet-stream");
  660. header("Content-Disposition: attachment; filename={$filename}.zip");
  661. header("Content-Length: {$filesize}");
  662. header("File-size: {$filesize}");
  663. header("Content-md5: {$filemd5}");
  665. $read_buffer = 1024 * 100;
  666. $handle = fopen($filepath, 'rb');
  667. $sum_buffer = 0;
  668. while(!feof($handle) && $sum_buffer<$filesize) {
  669. echo fread($handle, min($read_buffer, ($filesize - $sum_buffer) + 1));
  670. $sum_buffer += $read_buffer;
  671. flush();
  672. }
  673. fclose($handle);
  674. exit;
  675. }
  677. public function logerror(){
  678. $content = date('Y-m-d H:i:s')."\r\n";
  679. $content.=$_SERVER['REQUEST_METHOD'].' '.$_SERVER['REQUEST_URI']."\r\n";
  680. if($_SERVER['REQUEST_METHOD'] == 'POST'){
  681. $content.=file_get_contents('php://input')."\r\n";
  682. }
  683. $handle = fopen(app()->getRootPath()."record.txt", 'a');
  684. fwrite($handle, $content."\r\n");
  685. fclose($handle);
  686. return json(['status'=>false, 'msg'=>'不支持当前操作']);
  687. }
  689. //生成自签名SSL证书
  690. public function bt_cert(){
  691. $data = input('post.data');
  692. $param = json_decode($data, true);
  693. if(!$param || !isset($param['action']) || !isset($param['domain'])) return json(['status'=>false, 'msg'=>'参数错误']);
  695. $dir = app()->getBasePath().'script/';
  696. $ssl_path = app()->getRootPath().'public/ssl/baota_root.pfx';
  697. $isca = file_exists($dir.'ca.crt') && file_exists($dir.'ca.key') && file_exists($ssl_path);
  698. if(!$isca) return json(['status'=>false, 'msg'=>'CA证书不存在']);
  700. if($param['action'] == 'get_domain_cert'){
  701. if(!$this->checklist()) return json(['status'=>false, 'msg'=>'你的服务器被禁止使用此云端']);
  702. $domain = $param['domain'];
  703. if(empty($domain)) return json(['status'=>false, 'msg'=>'域名不能为空']);
  704. $domain_list = explode(',', $domain);
  705. foreach($domain_list as $d){
  706. if(!checkDomain($d)) return json(['status'=>false, 'msg'=>'域名或IP格式不正确:'.$d]);
  707. }
  708. $common_name = $domain_list[0];
  709. $validity = 3650;
  710. $result = makeSelfSignSSL($common_name, $domain_list, $validity);
  711. if(!$result){
  712. return json(['status'=>false, 'msg'=>'生成证书失败']);
  713. }
  714. $ca_pfx = base64_encode(file_get_contents($ssl_path));
  715. return json(['status'=>true, 'msg'=>'生成证书成功', 'cert'=>$result['cert'], 'key'=>$result['key'], 'pfx'=>$ca_pfx, 'password'=>'']);
  716. }else{
  717. return json(['status'=>false, 'msg'=>'不支持当前操作']);
  718. }
  719. }
  720. }