st52
/
btcloud
mirror of https://github.com/flucont/btcloud.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
68 Commits
1 Branch
59 Tags
3.0 GiB
Tree: 3d5cb3cddf
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '3d5cb3cddf'
${ noResults }
btcloud/app/controller/Api.php

755 lines
31 KiB
Raw Normal View History

update
2 years ago
修复无法获取宝塔恶意IP
6 months ago
update
2 years ago
update
2 years ago
update
2 years ago
update
13 hours ago
update
2 years ago
update
2 years ago
update
13 hours ago
update
2 years ago
update
13 hours ago
update
2 years ago
update
11 months ago
update
13 hours ago
update
11 months ago
update
2 years ago
update
13 hours ago
update
2 years ago
update
13 hours ago
update
2 years ago
update
13 hours ago
update
2 years ago
update
13 hours ago
update
2 years ago
update
13 hours ago
update
2 years ago
update
11 months ago
update
13 hours ago
update
11 months ago
update
13 hours ago
update
11 months ago
update
13 hours ago
update
11 months ago
update
13 hours ago
update
11 months ago
update
13 hours ago
update
11 months ago
update
2 years ago
update
13 hours ago
update
2 years ago
update
13 hours ago
update
2 years ago
update
13 hours ago
update
1 year ago
update
2 years ago
update
1 year ago
update
2 years ago
update
13 hours ago
update
2 years ago
update
1 year ago
update
13 hours ago
update
2 years ago
update
11 months ago
update
2 years ago
update
13 hours ago
update
2 years ago
update
11 months ago
update
1 year ago
update
10 months ago
update
2 years ago
update
11 months ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
4 months ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
update
2 years ago
修复无法获取宝塔恶意IP
6 months ago
update
2 years ago
update
11 months ago
update
10 months ago
update
2 years ago
update
2 years ago
update
2 years ago
fix
9 months ago
update
2 years ago
update
10 months ago
update
2 years ago
update
2 years ago
支持生成自签SSL证书
1 year ago
update
1 year ago
支持生成自签SSL证书
1 year ago
update
1 year ago
支持生成自签SSL证书
1 year ago
update
2 years ago
  1. <?php
  2. namespace app\controller;
  4. use think\facade\Db;
  5. use think\facade\Cache;
  6. use app\BaseController;
  7. use app\lib\Plugins;
  9. class Api extends BaseController
  10. {
  12. //获取插件列表
  13. public function get_plugin_list(){
  14. if(!$this->checklist()) return json('你的服务器被禁止使用此云端');
  15. $record = Db::name('record')->where('ip',$this->clientip)->find();
  16. if($record){
  17. Db::name('record')->where('id',$record['id'])->update(['usetime'=>date("Y-m-d H:i:s")]);
  18. }else{
  19. Db::name('record')->insert(['ip'=>$this->clientip, 'addtime'=>date("Y-m-d H:i:s"), 'usetime'=>date("Y-m-d H:i:s")]);
  20. }
  21. $json_arr = Plugins::get_plugin_list();
  22. if(!$json_arr) $json_arr = (object)[];
  23. return json($json_arr);
  24. }
  26. //获取插件列表(win)
  27. public function get_plugin_list_win(){
  28. if(!$this->checklist()) return json('你的服务器被禁止使用此云端');
  29. $os_version = input('post.os_version');
  30. $serverid = input('post.serverid');
  31. $uid = input('post.uid');
  32. $record = Db::name('record')->where('ip',$this->clientip)->find();
  33. if($record){
  34. Db::name('record')->where('id',$record['id'])->update(['usetime'=>date("Y-m-d H:i:s")]);
  35. }else{
  36. Db::name('record')->insert(['ip'=>$this->clientip, 'addtime'=>date("Y-m-d H:i:s"), 'usetime'=>date("Y-m-d H:i:s")]);
  37. }
  38. $json_arr = Plugins::get_plugin_list('Windows');
  39. if(!$json_arr) $json_arr = (object)[];
  40. if($os_version == 'windows_go'){
  41. return Plugins::encrypt_plugin_list($json_arr, $serverid, $uid);
  42. }
  43. return json($json_arr);
  44. }
  46. //获取插件列表(aapanel)
  47. public function get_plugin_list_en(){
  48. if(!$this->checklist()) return json('你的服务器被禁止使用此云端');
  49. $record = Db::name('record')->where('ip',$this->clientip)->find();
  50. if($record){
  51. Db::name('record')->where('id',$record['id'])->update(['usetime'=>date("Y-m-d H:i:s")]);
  52. }else{
  53. Db::name('record')->insert(['ip'=>$this->clientip, 'addtime'=>date("Y-m-d H:i:s"), 'usetime'=>date("Y-m-d H:i:s")]);
  54. }
  55. $json_arr = Plugins::get_plugin_list('en');
  56. if(!$json_arr) $json_arr = (object)[];
  57. return json($json_arr);
  58. }
  60. //下载插件包
  61. public function download_plugin(){
  62. $plugin_name = input('param.name');
  63. $version = input('param.version');
  64. $os = input('param.os');
  65. if(!$plugin_name || !$version){
  66. return json(['status'=>false, 'msg'=>'参数不能为空']);
  67. }
  68. if(!in_array($os,['Windows','Linux'])) $os = 'Linux';
  69. if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
  70. return json(['status'=>false, 'msg'=>'参数不正确']);
  71. }
  72. if(!$this->checklist()) return json(['status'=>false, 'msg'=>'你的服务器被禁止使用此云端']);
  73. $filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip';
  74. if(file_exists($filepath)){
  75. $filename = $plugin_name.'.zip';
  76. $this->output_file($filepath, $filename);
  77. }else{
  78. return json(['status'=>false, 'msg'=>'云端不存在该插件包']);
  79. }
  80. }
  82. //下载插件包aapanel
  83. public function download_plugin_en(){
  84. $plugin_name = input('param.name');
  85. $version = input('param.version');
  86. if(!$plugin_name || !$version){
  87. return json(['status'=>false, 'msg'=>'参数不能为空']);
  88. }
  89. if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
  90. return json(['status'=>false, 'msg'=>'参数不正确']);
  91. }
  92. if(!$this->checklist()) return json(['status'=>false, 'msg'=>'你的服务器被禁止使用此云端']);
  93. $filepath = get_data_dir('en').'plugins/package/'.$plugin_name.'-'.$version.'.zip';
  94. if(file_exists($filepath)){
  95. $filename = $plugin_name.'.zip';
  96. $this->output_file($filepath, $filename);
  97. }else{
  98. return json(['status'=>false, 'msg'=>'云端不存在该插件包']);
  99. }
  100. }
  102. //下载插件主文件
  103. public function download_plugin_main(){
  104. $plugin_name = input('post.name');
  105. $version = input('post.version');
  106. $os = input('post.os');
  107. if(!$plugin_name || !$version){
  108. return json(['status'=>false, 'msg'=>'参数不能为空']);
  109. }
  110. if(!in_array($os,['Windows','Linux'])) $os = 'Linux';
  111. if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
  112. return json(['status'=>false, 'msg'=>'参数不正确']);
  113. }
  114. if(!$this->checklist()) return json(['status'=>false, 'msg'=>'你的服务器被禁止使用此云端']);
  115. $filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip';
  116. $mainfilepath = get_data_dir($os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
  117. if(file_exists($mainfilepath)){
  118. $filename = $plugin_name.'_main.py';
  119. $this->output_file($mainfilepath, $filename);
  120. }elseif(file_exists($filepath)){
  121. $zip = new \ZipArchive;
  122. if ($zip->open($filepath) === true){
  123. echo $zip->getFromName($plugin_name.'/'.$plugin_name.'_main.py');
  124. }else{
  125. return json(['status'=>false, 'msg'=>'插件包解压缩失败']);
  126. }
  127. }else{
  128. return json(['status'=>false, 'msg'=>'云端不存在该插件主文件']);
  129. }
  130. }
  132. //下载插件其他文件
  133. public function download_plugin_other(){
  134. $fname = input('get.fname');
  135. if(!$fname){
  136. $fname = input('get.filename');
  137. if(!$fname){
  138. return json(['status'=>false, 'msg'=>'参数不能为空']);
  139. }
  140. }
  141. if(strpos(dirname($fname),'.')!==false)return json(['status'=>false, 'msg'=>'参数不正确']);
  142. if(!$this->checklist()) return json(['status'=>false, 'msg'=>'你的服务器被禁止使用此云端']);
  143. $filepath = get_data_dir().'plugins/other/'.$fname;
  144. if(file_exists($filepath)){
  145. $filename = basename($fname);
  146. $this->output_file($filepath, $filename);
  147. }else{
  148. return json(['status'=>false, 'msg'=>'云端不存在该插件文件']);
  149. }
  150. }
  152. public function get_plugin_auth(){
  153. $productids = ["8","9","10","11","12","13","14","15","16","17","18","19","20","22","23","24","25","26","28","32","33","42","44","45","47","55","65","69","75","82","83","85","90","91","97","99","101","107","108","110","118","121","127","128","132","135","136","140","143","144","151","154","156","161","163","167","173","179","183","185","190","192","195","197","200","201","202","203","204","205","206","207","208","212","213","214","215","216","217","218","219","220","221","222","223","224","225","226","227","228","229","230","231","232","233","234","235","236","237","238","239","241","243","244","245","246","247","248","249","250","251","252","253","254","255","256","257","258","259","261","262","263","264","265","266","267","268","269","270","271","272","273","274","275","276","277","278","279","280","281","282","283","284","285","286","287","289","292","293","295","296","297","298","299","300","301","302","303","304","305","306","307","308","309","310","311","312","313","314","315","316","317","318","319","320","321","322","323","324","325","326","327","328","329","330","331","332","334","335","336","337","338","339","340","341","342","343","344","345","346","347","348","349","350","351","352","353","354","355","356","357","358","359","360","361","362","363","364","365","366","368","369","371","372","373","374","375","376","377","378","379","380","381","382","383","384","385","386","387","388","389","390","391","392","393","394","397","398","400","401","406","408","409","411","413","415","419","423","425","427","429","430","1111111","100000001","100000005","100000007","100000008","100000009","100000010","100000012","100000014","100000015","100000016","100000017","100000035","100000036","100000039","100000040","100000041","100000042","100000045","100000053","100000054","100000056","100000057","100000058","100000059","100000062","100000063","100000067","100000069","100000070","100000076","100000077","100000078","100000079","100000080","100000084","100000085","100000088","100000089","100000090","100000091","100000092","100000093","100000094","100000095","100000096","100000097","100000098"];
  154. $os_version = input('post.os_version');
  155. $address = input('post.address','');
  156. $uid = input('post.uid','');
  157. $username = input('post.username','');
  158. $serverid = input('post.serverid','');
  159. $mac = input('post.mac','');
  160. $data = ['ip'=>$address, 'uid'=>$uid, 'username'=>$username, 'serverid'=>$serverid, 'lasttime'=>time(), 'pro'=>-1, 'skey'=>'', 'ltd'=>strtotime('+10 year'), 'list'=>[]];
  161. foreach($productids as $pid){
  162. $data['list'][$pid] = strtotime('+10 year');
  163. }
  164. return Plugins::encrypt_plugin_list($data, $serverid, $uid);
  165. }
  167. public function get_plugin_auth_win(){
  168. $productids = ["49","50","51","52","53","54","56","57","58","59","60","61","67","68","72","76","80","84","88","89","92","93","119","120","133","134","137","138","139","142","145","146","150","168","169","170","172","176","184","396","404","414","420","422","424","426","428","100000001","100000018","100000019","100000024","100000026","100000027","100000028","100000031","100000039","100000043","100000047","100000048","100000049","100000051","100000052","100000060","100000061","100000064","100000067","100000075"];
  169. $os_version = input('post.os_version');
  170. $address = input('post.address','');
  171. $uid = input('post.uid','');
  172. $username = input('post.username','');
  173. $serverid = input('post.serverid','');
  174. $mac = input('post.mac','');
  175. $data = ['ip'=>$address, 'uid'=>$uid, 'username'=>$username, 'serverid'=>$serverid, 'lasttime'=>time(), 'pro'=>-1, 'skey'=>'', 'ltd'=>strtotime('+10 year'), 'list'=>[]];
  176. foreach($productids as $pid){
  177. $data['list'][$pid] = strtotime('+10 year');
  178. }
  179. return Plugins::encrypt_plugin_list($data, $serverid, $uid);
  180. }
  182. public function get_update_logs(){
  183. $type = input('get.type');
  184. if($type == 'Windows'){
  185. $version = config_get('new_version_win');
  186. $data = [
  187. [
  188. 'title' => 'Linux面板'.$version,
  189. 'body' => config_get('update_msg_win'),
  190. 'addtime' => config_get('update_date_win')
  191. ]
  192. ];
  193. }else{
  194. $version = config_get('new_version');
  195. $data = [
  196. [
  197. 'title' => 'Linux面板'.$version,
  198. 'body' => config_get('update_msg'),
  199. 'addtime' => config_get('update_date')
  200. ]
  201. ];
  202. }
  203. return jsonp($data);
  204. }
  206. public function get_version(){
  207. $version = config_get('new_version');
  208. return $version;
  209. }
  211. public function get_version_win(){
  212. $version = config_get('new_version_win');
  213. return $version;
  214. }
  216. public function get_version_en(){
  217. $version = config_get('new_version_en');
  218. return $version;
  219. }
  221. public function get_panel_version(){
  222. $version = config_get('new_version');
  223. $file = app()->getRootPath().'public/install/update/LinuxPanel-'.$version.'.zip';
  224. $hash = hash_file('sha256', $file);
  225. $data = [
  226. 'version' => $version,
  227. 'hash' => $hash,
  228. 'update_time' => filemtime($file),
  229. ];
  230. return json($data);
  231. }
  233. public function get_panel_version_v2(){
  234. $version = config_get('new_version');
  235. $down_url = request()->root(true).'/install/update/LinuxPanel-'.$version.'.zip';
  236. $data = [
  237. 'OfficialVersion' => [
  238. 'version' => $version,
  239. 'downUrl' => $down_url,
  240. 'updateMsg' => config_get('update_msg'),
  241. 'uptime' => config_get('update_date'),
  242. ],
  243. 'OfficialVersionLatest' => [],
  244. 'AccountVersion' => [],
  245. ];
  246. return json($data);
  247. }
  249. //安装统计
  250. public function setup_count(){
  251. return 'ok';
  252. }
  254. //检测更新
  255. public function check_update(){
  256. $version = config_get('new_version');
  257. $down_url = request()->root(true).'/install/update/LinuxPanel-'.$version.'.zip';
  258. $data = [
  259. 'force' => false,
  260. 'version' => $version,
  261. 'downUrl' => $down_url,
  262. 'updateMsg' => config_get('update_msg'),
  263. 'uptime' => config_get('update_date'),
  264. 'is_beta' => 0,
  265. 'adviser' => -1,
  266. 'btb' => '',
  267. 'beta' => [
  268. 'version' => $version,
  269. 'downUrl' => $down_url,
  270. 'updateMsg' => config_get('update_msg'),
  271. 'uptime' => config_get('update_date'),
  272. ]
  273. ];
  274. return json($data);
  275. }
  277. //检测更新(win)
  278. public function check_update_win(){
  279. $version = config_get('new_version_win');
  280. $down_url = request()->root(true).'/win/panel/panel_'.$version.'.zip';
  281. $data = [
  282. 'force' => false,
  283. 'version' => $version,
  284. 'downUrl' => $down_url,
  285. 'updateMsg' => config_get('update_msg_win'),
  286. 'uptime' => config_get('update_date_win'),
  287. 'is_beta' => 0,
  288. 'py_version' => '3.8.6',
  289. 'adviser' => -1,
  290. 'is_rec' => -1,
  291. 'btb' => '',
  292. 'beta' => [
  293. 'py_version' => '3.8.6',
  294. 'version' => $version,
  295. 'downUrl' => $down_url,
  296. 'updateMsg' => config_get('update_msg_win'),
  297. 'uptime' => config_get('update_date_win'),
  298. ]
  299. ];
  300. return json($data);
  301. }
  303. //检测更新(aapanel)
  304. public function check_update_en(){
  305. $version = config_get('new_version_en');
  306. $down_url = request()->root(true).'/install/update/LinuxPanel_EN-'.$version.'.zip';
  307. $data = [
  308. 'force' => false,
  309. 'version' => $version,
  310. 'downUrl' => $down_url,
  311. 'updateMsg' => config_get('update_msg_en'),
  312. 'uptime' => config_get('update_date_en'),
  313. 'is_beta' => 0,
  314. 'btb' => '',
  315. 'beta' => [
  316. 'version' => $version,
  317. 'downUrl' => $down_url,
  318. 'updateMsg' => config_get('update_msg_en'),
  319. 'uptime' => config_get('update_date_en'),
  320. ]
  321. ];
  322. return json($data);
  323. }
  325. //宝塔云监控获取最新版本
  326. public function btm_latest_version(){
  327. $data = [
  328. 'version' => config_get('new_version_btm'),
  329. 'description' => config_get('update_msg_btm'),
  330. 'create_time' => config_get('update_date_btm')
  331. ];
  332. return json($data);
  333. }
  335. //宝塔云监控更新日志
  336. public function btm_update_history(){
  337. $data = [
  338. [
  339. 'version' => config_get('new_version_btm'),
  340. 'description' => config_get('update_msg_btm'),
  341. 'create_time' => config_get('update_date_btm')
  342. ]
  343. ];
  344. return json($data);
  345. }
  347. //宝塔云WAF最新版本
  348. public function btwaf_latest_version(){
  349. $type = input('?post.type') ? input('post.type') : 0;
  350. if($type == 1){
  351. $data = [
  352. 'version' => '1.1',
  353. 'description' => '暂无更新日志',
  354. 'create_time' => 1705315163,
  355. ];
  356. }else{
  357. $data = [
  358. 'version' => '3.0',
  359. 'description' => '暂无更新日志',
  360. 'create_time' => 1705315163,
  361. ];
  362. }
  363. $data = bin2hex(json_encode($data));
  364. return json(['status'=>true,'err_no'=>0,'msg'=>'获取成功','data'=>$data]);
  365. }
  367. //宝塔云控版本信息
  368. public function cloudc_version_info(){
  369. return json(['status'=>true,'msg'=>'获取成功','data'=>[
  370. 'version' => '1.0.5',
  371. 'download' => '',
  372. 'uptime' => '2025/06/16',
  373. 'upmsg' => '暂无更新日志'
  374. ]]);
  375. }
  377. //宝塔云控版本信息
  378. public function cloudc_get_version(){
  379. return json(['status'=>true,'msg'=>'','oid'=>'','data'=>[
  380. 'officialVersion' => [
  381. 'version' => '1.0.5',
  382. 'download' => '',
  383. 'uptime' => '2025/06/16',
  384. 'updateMsg' => '暂无更新日志'
  385. ],
  386. ]]);
  387. }
  389. //宝塔云控授权信息
  390. public function cloudc_order_status(){
  391. $data = [
  392. 'status' => true,
  393. 'msg' => '获取成功',
  394. 'oid' => '',
  395. 'data' => [
  396. 'id' => 1,
  397. 'address' => real_ip(),
  398. 'buytime' => time(),
  399. 'endtime' => time() + 86400 * 3650,
  400. 'num' => 9999,
  401. 'max_num' => 9999,
  402. 'pid' => 100000023,
  403. 'renew_price' => 0,
  404. 'state' => 1,
  405. ]
  406. ];
  407. return json($data);
  408. }
  410. //获取内测版更新日志
  411. public function get_beta_logs(){
  412. return json(['beta_ps'=>'当前暂无内测版', 'list'=>[]]);
  413. }
  415. //检查用户绑定是否正确
  416. public function check_auth_key(){
  417. return '1';
  418. }
  420. //从云端验证域名是否可访问
  421. public function check_domain(){
  422. $domain = input('post.domain',null,'trim');
  423. $ssl = input('post.ssl/d');
  424. if(!$domain) return json(['status'=>false, 'msg'=>'域名不能为空']);
  425. if(!strpos($domain,'.')) return json(['status'=>false, 'msg'=>'域名格式不正确']);
  426. $domain = str_replace('*.','',$domain);
  427. $ip = gethostbyname($domain);
  428. if(!$ip || $ip == $domain){
  429. return json(['status'=>false, 'msg'=>'无法访问']);
  430. }else{
  431. return json(['status'=>true, 'msg'=>'访问正常']);
  432. }
  433. }
  435. //同步时间
  436. public function get_time(){
  437. return time();
  438. }
  440. //同步时间
  441. public function get_win_date(){
  442. return date("Y-m-d H:i:s");
  443. }
  445. //查询是否专业版(废弃)
  446. public function is_pro(){
  447. return json(['endtime'=>true, 'code'=>1]);
  448. }
  450. //获取产品推荐信息
  451. public function get_plugin_remarks(){
  452. return json(['list'=>[], 'pro_list'=>[], 'kfqq'=>'', 'kf'=>'', 'qun'=>'']);
  453. }
  455. //获取指定插件评分
  456. public function get_plugin_socre(){
  457. return json(['total'=>0, 'split'=>[0,0,0,0,0],'page'=>"<div><span class='Pcurrent'>1</span><span class='Pcount'>共计0条数据</span></div>",'data'=>[]]);
  458. }
  460. //提交插件评分
  461. public function plugin_score(){
  462. return json(['status'=>true, 'msg'=>'您的评分已成功提交,感谢您的支持!']);
  463. }
  465. //获取IP地址
  466. public function get_ip_address(){
  467. return $this->clientip;
  468. }
  470. //绑定账号
  471. public function get_auth_token(){
  472. if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
  473. $reqData = hex2bin(input('post.data'));
  474. parse_str($reqData, $arr);
  475. $serverid = $arr['serverid'];
  476. $userinfo = ['uid'=>1, 'username'=>'Administrator', 'address'=>'127.0.0.1', 'serverid'=>$serverid, 'access_key'=>random(48), 'secret_key'=>random(48), 'ukey'=>md5(time()), 'state'=>1];
  477. $data = bin2hex(json_encode($userinfo));
  478. return json(['status'=>true, 'msg'=>'登录成功!', 'data'=>$data]);
  479. }
  481. //绑定账号新
  482. public function authorization_login(){
  483. if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
  484. $reqData = hex2bin(input('post.data'));
  485. parse_str($reqData, $arr);
  486. $serverid = $arr['serverid'];
  487. $userinfo = ['uid'=>1, 'username'=>'Administrator', 'ip'=>'127.0.0.1', 'server_id'=>$serverid, 'access_key'=>random(48), 'secret_key'=>random(48)];
  488. $data = bin2hex(json_encode($userinfo));
  489. return json(['status'=>true, 'err_no'=>0, 'msg'=>'账号绑定成功', 'data'=>$data]);
  490. }
  492. //刷新授权信息
  493. public function authorization_info(){
  494. if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
  495. $reqData = hex2bin(input('post.data'));
  496. parse_str($reqData, $arr);
  497. $id = isset($arr['id'])&&$arr['id']>0?$arr['id']:1;
  498. $userinfo = ['id'=>$id, 'product'=>$arr['product'], 'status'=>2, 'clients'=>9999, 'durations'=>0, 'end_time'=>strtotime('+10 year')];
  499. $data = bin2hex(json_encode($userinfo));
  500. return json(['status'=>true, 'err_no'=>0, 'data'=>$data]);
  501. }
  503. //刷新授权信息
  504. public function update_license(){
  505. if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']);
  506. $reqData = hex2bin(input('post.data'));
  507. parse_str($reqData, $arr);
  508. if(!isset($arr['product']) || !isset($arr['serverid'])) return json(['status'=>false, 'msg'=>'缺少参数']);
  510. $license_data = ['product'=>$arr['product'], 'uid'=>random(32), 'phone'=>'138****8888', 'auth_id'=>random(32), 'server_id'=>substr($arr['serverid'], 0, 32), 'auth'=>['apis'=>[], 'menu'=>[], 'extra'=>['type'=>3,'location'=>-1,'smart_cc'=>-1,'site'=>0]], 'pages'=>[], 'end_time'=>strtotime('+10 year')];
  511. $json = json_encode($license_data);
  513. [$public_key, $private_key] = generateKeyPairs();
  514. $public_key = pemToBase64($public_key);
  516. $key1 = random(32);
  517. $key2 = substr($public_key, 0, 32);
  518. $encrypted1 = licenseEncrypt($json, $key1);
  519. $encrypted2 = licenseEncrypt($key1, $key2);
  520. $sign_data = $encrypted1.'.'.$encrypted2;
  521. openssl_sign($sign_data, $signature, $private_key, OPENSSL_ALGO_SHA256);
  522. $signature = base64_encode($signature);
  524. $license = base64_encode($sign_data.'.'.$signature);
  525. $data = bin2hex(json_encode(['public_key'=>$public_key, 'license'=>$license]));
  526. return json(['status'=>true, 'err_no'=>0, 'msg'=>'授权获取成功', 'data'=>$data]);
  527. }
  529. public function is_obtained_btw_trial(){
  530. $data = ['is_obtained'=>0];
  531. $data = bin2hex(json_encode($data));
  532. return json(['status'=>true, 'err_no'=>0, 'data'=>$data, 'msg'=>'检测成功']);
  533. }
  535. //一键部署列表
  536. public function get_deplist(){
  537. $os = input('post.os');
  538. $json_arr = Plugins::get_deplist($os);
  539. if(!$json_arr) return json([]);
  540. return json($json_arr);
  541. }
  543. //获取宝塔SSL列表
  544. public function get_ssl_list(){
  545. $data = bin2hex('[]');
  546. return json(['status'=>true, 'msg'=>'', 'data'=>$data]);
  547. }
  549. //获取堡塔云WAF恶意IP库
  550. public function get_malicious_ip_list()
  551. {
  552. $cacheKey = 'malicious_ip_list';
  554. // 尝试从缓存获取
  555. if (Cache::has($cacheKey)) {
  556. return json(json_decode(Cache::get($cacheKey), true));
  557. }
  558. $url = 'https://api.bt.cn/bt_waf/get_malicious_ip';
  559. $postData = json_encode([
  560. 'x_bt_token' => 'MzI3YjAzOGQ3Yjk3NjUxYjVlMDkyMGFm'
  561. ]);
  563. $ch = curl_init();
  564. curl_setopt($ch, CURLOPT_URL, $url);
  565. curl_setopt($ch, CURLOPT_POST, 1);
  566. curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
  567. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  568. curl_setopt($ch, CURLOPT_HTTPHEADER, [
  569. 'Content-Type: application/json',
  570. 'Content-Length: ' . strlen($postData)
  571. ]);
  573. $response = curl_exec($ch);
  574. if (curl_errno($ch)) {
  575. return json(['status'=>true, 'msg'=>'', 'data'=>bin2hex('[]')]);
  576. }
  577. curl_close($ch);
  578. Cache::set($cacheKey, $response, 86400); //缓存一天
  580. return json(json_decode($response, true));
  581. }
  583. public function return_success(){
  584. return json(['status'=>true, 'msg'=>1, 'data'=>(object)[]]);
  585. }
  587. public function return_error(){
  588. return json(['status'=>false, 'msg'=>'不支持当前操作']);
  589. }
  591. public function return_error2(){
  592. return json(['success'=>false, 'res'=>'不支持当前操作']);
  593. }
  595. public function return_empty(){
  596. return '';
  597. }
  599. public function return_empty_array(){
  600. return json([]);
  601. }
  603. public function return_page_data(){
  604. return json(['page'=>"<div><span class='Pcurrent'>1</span><span class='Pnumber'>1/0</span><span class='Pline'>从1-1000条</span><span class='Pcount'>共计0条数据</span></div>", 'data'=>[]]);
  605. }
  607. public function nps_check(){
  608. return json(['err_no'=>0, 'success'=>true, 'res'=>true, 'nonce'=>time()]);
  609. }
  611. public function nps_questions(){
  612. return json(['err_no'=>0, 'success'=>true, 'res'=>[], 'nonce'=>time()]);
  613. }
  615. public function nps_submit(){
  616. return json(['err_no'=>0, 'success'=>true, 'res'=>'Success', 'nonce'=>time()]);
  617. }
  619. public function get_user_give_away(){
  620. return json(['no_exceed_limit'=>false, 'user_give'=>true]);
  621. }
  623. //获取所有蜘蛛IP列表
  624. public function btwaf_getspiders(){
  625. try{
  626. $result = Plugins::btwaf_getspiders();
  627. return json($result);
  628. }catch(\Exception $e){
  629. return json(['status'=>false, 'msg'=>$e->getMessage()]);
  630. }
  631. }
  633. //分类获取蜘蛛IP列表
  634. public function get_spider(){
  635. $type = input('get.spider/d');
  636. if(!$type) return json([]);
  637. $result = Plugins::get_spider($type);
  638. return json($result);
  639. }
  641. //获取堡塔恶意情报IP库
  642. public function btwaf_getmalicious(){
  643. try{
  644. $result = Plugins::btwaf_getmalicious();
  645. return json($result);
  646. }catch(\Exception $e){
  647. return json(['success'=>false, 'res'=>$e->getMessage()]);
  648. }
  649. }
  651. //检查是否国内IP
  652. public function check_cnip(){
  653. $clientip = bindec(decbin(ip2long($this->clientip)));
  654. $json_file = app()->getBasePath().'lib/cn.json';
  655. $arr = json_decode(file_get_contents($json_file), true);
  656. if(!$arr) return 'False';
  657. foreach($arr as $ip_arr){
  658. if($clientip >= $ip_arr[0] && $clientip <= $ip_arr[1]){
  659. return 'True';
  660. }
  661. }
  662. return 'False';
  663. }
  665. //邮件配额
  666. public function email_user_surplus(){
  667. $data = [
  668. 'free' => ['surplus' => '120000', 'total' => '120000', 'used' => '0'],
  669. 'period' => ['surplus' => '2000000', 'total' => '2000000', 'used' => '0'],
  670. ];
  671. return json(['success'=>true, 'msg'=>'获取成功', 'res'=>$data]);
  672. }
  674. //检查黑白名单
  675. private function checklist(){
  676. if(config_get('whitelist') == 1){
  677. if(Db::name('white')->where('ip', $this->clientip)->where('enable', 1)->find()){
  678. return true;
  679. }
  680. return false;
  681. }else{
  682. if(Db::name('black')->where('ip', $this->clientip)->where('enable', 1)->find()){
  683. return false;
  684. }
  685. return true;
  686. }
  687. }
  689. //下载大文件
  690. private function output_file($filepath, $filename){
  691. $filesize = filesize($filepath);
  692. $filemd5 = md5_file($filepath);
  694. ob_clean();
  695. header("Content-Type: application/octet-stream");
  696. header("Content-Disposition: attachment; filename={$filename}.zip");
  697. header("Content-Length: {$filesize}");
  698. header("File-size: {$filesize}");
  699. header("Content-md5: {$filemd5}");
  701. $read_buffer = 1024 * 100;
  702. $handle = fopen($filepath, 'rb');
  703. $sum_buffer = 0;
  704. while(!feof($handle) && $sum_buffer<$filesize) {
  705. echo fread($handle, min($read_buffer, ($filesize - $sum_buffer) + 1));
  706. $sum_buffer += $read_buffer;
  707. flush();
  708. }
  709. fclose($handle);
  710. exit;
  711. }
  713. public function logerror(){
  714. $content = date('Y-m-d H:i:s')."\r\n";
  715. $content.=$_SERVER['REQUEST_METHOD'].' '.$_SERVER['REQUEST_URI']."\r\n";
  716. if($_SERVER['REQUEST_METHOD'] == 'POST'){
  717. $content.=file_get_contents('php://input')."\r\n";
  718. }
  719. $handle = fopen(app()->getRootPath()."record.txt", 'a');
  720. fwrite($handle, $content."\r\n");
  721. fclose($handle);
  722. return json(['status'=>false, 'msg'=>'不支持当前操作']);
  723. }
  725. //生成自签名SSL证书
  726. public function bt_cert(){
  727. $data = input('post.data');
  728. $param = json_decode($data, true);
  729. if(!$param || !isset($param['action']) || !isset($param['domain'])) return json(['status'=>false, 'msg'=>'参数错误']);
  731. $dir = app()->getBasePath().'script/';
  732. $ssl_path = app()->getRootPath().'public/ssl/baota_root.pfx';
  733. $isca = file_exists($dir.'ca.crt') && file_exists($dir.'ca.key') && file_exists($ssl_path);
  734. if(!$isca) return json(['status'=>false, 'msg'=>'CA证书不存在']);
  736. if($param['action'] == 'get_domain_cert'){
  737. if(!$this->checklist()) return json(['status'=>false, 'msg'=>'你的服务器被禁止使用此云端']);
  738. $domain = $param['domain'];
  739. if(empty($domain)) return json(['status'=>false, 'msg'=>'域名不能为空']);
  740. $domain_list = explode(',', $domain);
  741. foreach($domain_list as $d){
  742. if(!checkDomain($d)) return json(['status'=>false, 'msg'=>'域名或IP格式不正确:'.$d]);
  743. }
  744. $common_name = $domain_list[0];
  745. $validity = 3650;
  746. $result = makeSelfSignSSL($common_name, $domain_list, $validity);
  747. if(!$result){
  748. return json(['status'=>false, 'msg'=>'生成证书失败']);
  749. }
  750. $ca_pfx = base64_encode(file_get_contents($ssl_path));
  751. return json(['status'=>true, 'msg'=>'生成证书成功', 'cert'=>$result['cert'], 'key'=>$result['key'], 'pfx'=>$ca_pfx, 'password'=>'']);
  752. }else{
  753. return json(['status'=>false, 'msg'=>'不支持当前操作']);
  754. }
  755. }
  756. }