diff --git a/functions.php b/functions.php
index 19844fd..879009c 100644
--- a/functions.php
+++ b/functions.php
@@ -1616,11 +1616,21 @@ function output_comments_qq_columns( $column_name, $comment_id ){
*/
add_filter( 'get_avatar', 'change_avatar', 10, 3 );
function change_avatar($avatar){
- global $comment;
+ global $comment,$sakura_privkey;
if ($comment) {
if( get_comment_meta( $comment->comment_ID, 'new_field_qq', true )){
$qq_number = get_comment_meta( $comment->comment_ID, 'new_field_qq', true );
- return '
';
+ if(akina_option('qq_avatar_link')=='off'){
+ return '';
+ }elseif(akina_option('qq_avatar_link')=='type_3'){
+ $qqavatar = file_get_contents('http://ptlogin2.qq.com/getface?appid=1006102&imgtype=3&uin='.$qq_number);
+ preg_match('/:\"([^\"]*)\"/i',$qqavatar,$matches);
+ return '
';
+ }else{
+ $encrypted = openssl_encrypt($qq_number, 'aes-128-cbc', $sakura_privkey, 0);
+ $encrypted = urlencode(base64_encode($encrypted));
+ return '
';
+ }
}else{
return $avatar ;
}
@@ -1719,7 +1729,7 @@ add_action('pre_comment_on_post', 'allow_more_tag_in_comment');
* 随机图
*/
function create_sakura_table(){
- global $wpdb;
+ global $wpdb,$sakura_image_array,$sakura_privkey;
$sakura_table_name = $wpdb->base_prefix.'sakura';
require_once(ABSPATH . "wp-admin/includes/upgrade.php");
dbDelta("CREATE TABLE IF NOT EXISTS `" . $sakura_table_name . "` (
@@ -1728,20 +1738,30 @@ function create_sakura_table(){
PRIMARY KEY (`mate_key`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;");
//default data
- $manifest = array(
- "mate_key" => "manifest_json",
- "mate_value" => file_get_contents(get_template_directory()."/manifest/manifest.json")
- );
- $time = array(
- "mate_key" => "json_time",
- "mate_value" => date("Y-m-d H:i:s",time())
- );
if ( !$wpdb->get_var("SELECT COUNT(*) FROM $sakura_table_name WHERE mate_key = 'manifest_json'") ){
+ $manifest = array(
+ "mate_key" => "manifest_json",
+ "mate_value" => file_get_contents(get_template_directory()."/manifest/manifest.json")
+ );
$wpdb->insert($sakura_table_name,$manifest);
}
if ( !$wpdb->get_var("SELECT COUNT(*) FROM $sakura_table_name WHERE mate_key = 'json_time'") ){
+ $time = array(
+ "mate_key" => "json_time",
+ "mate_value" => date("Y-m-d H:i:s",time())
+ );
$wpdb->insert($sakura_table_name,$time);
}
+ if ( !$wpdb->get_var("SELECT COUNT(*) FROM $sakura_table_name WHERE mate_key = 'privkey'") ){
+ $privkey = array(
+ "mate_key" => "privkey",
+ "mate_value" => wp_generate_password(8)
+ );
+ $wpdb->insert($sakura_table_name,$privkey);
+ }
+ //reduce sql query
+ $sakura_image_array = $wpdb->get_var("SELECT `mate_value` FROM `wp_sakura` WHERE `mate_key`='manifest_json'");
+ $sakura_privkey = $wpdb->get_var("SELECT `mate_value` FROM `wp_sakura` WHERE `mate_key`='privkey'");
}
add_action( 'after_setup_theme', 'create_sakura_table' );
diff --git a/inc/api.php b/inc/api.php
index 1450261..970551e 100644
--- a/inc/api.php
+++ b/inc/api.php
@@ -20,18 +20,23 @@ add_action('rest_api_init', function () {
'methods' => 'GET',
'callback' => 'feature_gallery',
));
- register_rest_route('sakura/v1', '/image/manifest', array(
+ register_rest_route('sakura/v1', '/database/update', array(
'methods' => 'POST',
- 'callback' => 'update_manifest_json',
+ 'callback' => 'update_database',
));
register_rest_route('sakura/v1', '/qqinfo/json', array(
'methods' => 'GET',
'callback' => 'get_qq_info',
));
+ register_rest_route('sakura/v1', '/qqinfo/avatar', array(
+ 'methods' => 'GET',
+ 'callback' => 'get_qq_avatar',
+ ));
});
/**
* QQ info
+ * https://sakura.2heng.xin/wp-json/sakura/v1/qqinfo/json
*/
function get_qq_info(WP_REST_Request $request)
{
@@ -337,8 +342,8 @@ EOS;
* @rest api接口路径:https://sakura.2heng.xin/wp-json/sakura/v1/image/cover
*/
function cover_gallery() {
- global $wpdb;
- $img_array = json_decode($wpdb->get_var("SELECT `mate_value` FROM `wp_sakura` WHERE `mate_key`='manifest_json'"), true);
+ global $wpdb,$sakura_image_array;
+ $img_array = json_decode($sakura_image_array, true);
$img = array_rand($img_array);
$img_domain = akina_option('cover_cdn') ? akina_option('cover_cdn') : get_template_directory_uri();
if(strpos($_SERVER['HTTP_ACCEPT'], 'image/webp')) {
@@ -358,8 +363,8 @@ function cover_gallery() {
* @rest api接口路径:https://sakura.2heng.xin/wp-json/sakura/v1/image/feature
*/
function feature_gallery() {
- global $wpdb;
- $img_array = json_decode($wpdb->get_var("SELECT `mate_value` FROM `wp_sakura` WHERE `mate_key`='manifest_json'"), true);
+ global $wpdb,$sakura_image_array;
+ $img_array = json_decode($sakura_image_array, true);
$img = array_rand($img_array);
$img_domain = akina_option('cover_cdn') ? akina_option('cover_cdn') : get_template_directory_uri();
if(strpos($_SERVER['HTTP_ACCEPT'], 'image/webp')) {
@@ -375,10 +380,10 @@ function feature_gallery() {
}
/*
- * update manifest.json rest api
- * @rest api接口路径:https://sakura.2heng.xin/wp-json/sakura/v1/image/json
+ * update database rest api
+ * @rest api接口路径:https://sakura.2heng.xin/wp-json/sakura/v1/database/update
*/
-function update_manifest_json() {
+function update_database() {
$username = $_SERVER['PHP_AUTH_USER'];
$password = $_SERVER['PHP_AUTH_PW'];
$user = wp_authenticate($username, $password);
@@ -386,24 +391,26 @@ function update_manifest_json() {
if (in_array('administrator', (array) $user->roles)) {
global $wpdb;
$sakura_table_name = $wpdb->base_prefix.'sakura';
- $manifest = array(
- "key" => "manifest_json",
- "value" => file_get_contents($_FILES["manifest"]["tmp_name"])
- );
- $time = array(
- "key" => "json_time",
- "value" => date("Y-m-d H:i:s",time())
- );
-
- $wpdb->query("DELETE FROM `wp_sakura` WHERE `mate_key` ='manifest_json'");
- $wpdb->query("DELETE FROM `wp_sakura` WHERE `mate_key` ='json_time'");
- $wpdb->insert($sakura_table_name,$manifest);
- $wpdb->insert($sakura_table_name,$time);
+ if(isset($_FILES["manifest"])) {
+ $manifest = array(
+ "key" => "manifest_json",
+ "value" => file_get_contents($_FILES["manifest"]["tmp_name"])
+ );
+ $time = array(
+ "key" => "json_time",
+ "value" => date("Y-m-d H:i:s",time())
+ );
+ $wpdb->query("DELETE FROM `wp_sakura` WHERE `mate_key` ='manifest_json'");
+ $wpdb->query("DELETE FROM `wp_sakura` WHERE `mate_key` ='json_time'");
+ $wpdb->insert($sakura_table_name,$manifest);
+ $wpdb->insert($sakura_table_name,$time);
+ $message = "manifest.json has been stored into database.";
+ }
$output = array(
'status' => 200,
'success' => true,
- 'message' => 'manifest.json has been stored into database'
+ 'message' => $message
);
$result = new WP_REST_Response($output, 200);
$result->set_headers(array('Content-Type' => 'application/json'));
@@ -420,3 +427,29 @@ function update_manifest_json() {
return $result;
}
}
+
+/**
+ * QQ头像链接解密
+ * https://sakura.2heng.xin/wp-json/sakura/v1/qqinfo/avatar
+ */
+function get_qq_avatar(){
+ global $sakura_privkey;
+ $encrypted=$_GET["qq"];
+ if(isset($encrypted)){
+ $encrypted = urldecode(base64_decode($encrypted));
+ $qq_number = openssl_decrypt($encrypted, 'aes-128-cbc', $sakura_privkey, 0);
+ preg_match('/^\d{3,}$/', $qq_number, $matches);
+ $imgurl='https://q2.qlogo.cn/headimg_dl?dst_uin='.$matches[0].'&spec=100';
+ if(akina_option('qq_avatar_link')=='type_2'){
+ $imgdata = file_get_contents($imgurl);
+ header("Content-type: image/jpeg");
+ header("Cache-Control: max-age=86400");
+ echo $imgdata;
+ }else{
+ $response = new WP_REST_Response();
+ $response->set_status(301);
+ $response->header('Location', $imgurl);
+ return $response;
+ }
+ }
+}
diff --git a/manifest/README.md b/manifest/README.md
index c34eb2b..10c0fab 100644
--- a/manifest/README.md
+++ b/manifest/README.md
@@ -24,6 +24,8 @@ pip3 install Pillow
pip install Pillow --user
```
+用同样的方法安装`requests`
+
### 运行
把图片文件放到 `gallary` 目录,Windows 可直接双击 manifest.py,或者和其他操作系统一样,在 Terminal、Powershell、CMD 中运行:
diff --git a/manifest/manifest.py b/manifest/manifest.py
index 4504583..9828390 100644
--- a/manifest/manifest.py
+++ b/manifest/manifest.py
@@ -43,47 +43,59 @@ class Single(object):
'webp': [self.webp, self.webp_th]
}
- #这个最好新建一个类
- def upload_manifest(self):
- username = input('Enter your username: ')
- password = input('Enter your password: ')
- url = input('Enter your rest api url: ')
- data_string = username + ':' + password
+ def main(self):
+ self.hash()
+ # if os.path.exists(self.jpeg) and os.path.exists(self.webp):
+ self.optimize()
+ self.manifest()
+ return self.mani
+
+
+class Upload2Wordpress(object):
+ def __init__(self, username, password, url):
+ self.username = username
+ self.password = password
+ self.url = url
+
+ def upload(self, file, field):
+ data_string = self.username + ':' + self.password
token = base64.b64encode(data_string.encode()).decode('utf-8')
headers = {
'Authorization': 'Basic ' + token,
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97"
}
- files = {'manifest': open('manifest.json', mode="rb")}
- reply = requests.post(url, headers=headers, files=files)
+ files = {field: open(file, mode="rb")}
+ reply = requests.post(self.url, headers=headers, files=files)
print(json.loads(reply.content)['message'])
def main(self):
- self.hash()
- # if os.path.exists(self.jpeg) and os.path.exists(self.webp):
- self.optimize()
- self.thumbnail()
- self.manifest()
- return self.mani
+ print('start uploading `manifest.json`...')
+ self.upload('manifest.json', 'manifest')
-def main():
+
+def gen_manifest_json():
onlyfiles = [f for f in os.listdir('gallary') if os.path.isfile(os.path.join('gallary', f))]
id = 1
Manifest = {}
-
for f in onlyfiles:
- worker = Single(f, Manifest)
- Manifest = worker.main()
- print(str(id) + '/' + str(len(onlyfiles)))
- id += 1
-
+ worker = Single(f, Manifest)
+ Manifest = worker.main()
+ print(str(id) + '/' + str(len(onlyfiles)))
+ id += 1
with open('manifest.json', 'w+') as json_file:
json.dump(Manifest, json_file)
- up_json = Single(f, Manifest)
- up_json.upload_manifest()
+
+def main():
+ gen_manifest_json()
+ username = input('Enter your username: ')
+ password = input('Enter your password: ')
+ url = input('Enter your rest api url: ')
+ upload = Upload2Wordpress(username, password, url)
+ upload.main()
+
if __name__ == '__main__':
main()
- key = input('`manifest.json` saved. Press any key to quit.')
+ key = input('`manifest.json` saved. Press any key to quit.')
quit()
diff --git a/options.php b/options.php
index a9171a7..4d1f00a 100644
--- a/options.php
+++ b/options.php
@@ -1135,6 +1135,19 @@ function optionsframework_options() {
'std' => '0',
'type' => 'checkbox');
+ $options[] = array(
+ 'name' => __('QQ avatar link encryption', 'sakura'),/*QQ头像链接加密*/
+ 'desc' => __('Do not display the user\'s qq avatar links directly.', 'sakura'),/*不直接暴露用户qq头像链接*/
+ 'id' => 'qq_avatar_link',
+ 'std' => "off",
+ 'type' => "radio",
+ 'options' => array(
+ 'off' => __('Off (default)', 'sakura'),/*关闭(默认)*/
+ 'type_1' => __('use redirect (general security)', 'sakura'),/*使用 重定向(安全性一般)'*/
+ 'type_2' => __('fetch data at backend (high security)', 'sakura'),/*后端获取数据(安全性高)*/
+ 'type_3' => __('fetch data at backend (high security,slow)', 'sakura'),/*后端获取数据(安全性高, 慢)*/
+ ));
+
$options[] = array(
'name' => __('Comment UA infomation', 'sakura'),/*评论UA信息*/
'desc' => __('Check to enable, display the user\'s browser, operating system information', 'sakura'),/*勾选开启,显示用户的浏览器,操作系统信息*/