优化安全设置，更换接口调用地址（感谢 Ridiculous 的建议

Adoream · Jul 17, 2019 · ea68d2d · ea68d2d
1 parent aa3ec90
commit ea68d2d
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 15 deletions.
diff --git a/Action.php b/Action.php
@@ -40,18 +40,32 @@ public function RouteBan () {
      * @access public
      */
     public function setWebhook () {
-        if (!$this->is_https()) {
-            exit (json_encode (array ('code' => -1, 'msg' => '原地爆炸，螺旋升天')));
-        }
-        $newurl = (($GLOBALS['options']->rewrite) ? $GLOBALS['options']->siteUrl : $GLOBALS['options']->siteUrl . 'index.php/') . 'action/CommentEdit?do=CallBack';
-        $ret = json_decode (Bootstrap::fetch ('https://api.telegram.org/bot' . $_POST['token'] . '/setWebhook', [
-            'url' => $newurl
-        ], 'POST'), true);
+        if ($this->_cfg->mode == 1) {
+            $addUrl = (($GLOBALS['options']->rewrite) ? $GLOBALS['options']->siteUrl : $GLOBALS['options']->siteUrl . 'index.php/') . 'action/CommentEdit?do=' . $GLOBALS['route']['Add'];
+            $delUrl = (($GLOBALS['options']->rewrite) ? $GLOBALS['options']->siteUrl : $GLOBALS['options']->siteUrl . 'index.php/') . 'action/CommentEdit?do=' . $GLOBALS['route']['Del'];
+            $markUrl = (($GLOBALS['options']->rewrite) ? $GLOBALS['options']->siteUrl : $GLOBALS['options']->siteUrl . 'index.php/') . 'action/CommentEdit?do=' . $GLOBALS['route']['Mark'];
 
-        if ($ret['ok'] == true) {
+            $text = <<< EOF
+评论添加： {$addUrl}
+评论删除： {$delUrl}
+评论标记： {$markUrl}
+EOF;
+            $GLOBALS['telegramModel']->sendMessage($this->_cfg->MasterID, $text);
             exit (json_encode (array ('code' => 0)));
         } else {
-            exit (json_encode (array ('code' => -1, 'msg' => $ret['description'])));
+            if (!$this->is_https()) {
+                exit (json_encode (array ('code' => -1, 'msg' => '原地爆炸，螺旋升天')));
+            }
+            $newurl = (($GLOBALS['options']->rewrite) ? $GLOBALS['options']->siteUrl : $GLOBALS['options']->siteUrl . 'index.php/') . 'action/CommentEdit?do=CallBack';
+            $ret = json_decode (Bootstrap::fetch ('https://api.telegram.org/bot' . $_POST['token'] . '/setWebhook', [
+                'url' => $newurl
+            ], 'POST'), true);
+
+            if ($ret['ok'] == true) {
+                exit (json_encode (array ('code' => 0)));
+            } else {
+                exit (json_encode (array ('code' => -1, 'msg' => $ret['description'])));
+            }
         }
     }
 
@@ -158,7 +172,7 @@ public function CallBack () {
 
     public function CommentAdd ($data = NULL) {
         if (empty($data)) {
-            exit (json_encode (array ('code' => -1, 'msg' => '原地爆炸，螺旋升天')));
+            exit (json_encode (array ('code' => -1, 'msg' => '原地爆炸，螺旋升天 (A)')));
         }
         if ($this->_cfg->mode == 0) {
             $cid = $data['cid'];
@@ -239,7 +253,7 @@ public function CommentAdd ($data = NULL) {
 
     public function CommentDel ($data = NULL) {
         if (empty($data)) {
-            exit (json_encode (array ('code' => -1, 'msg' => '原地爆炸，螺旋升天')));
+            exit (json_encode (array ('code' => -1, 'msg' => '原地爆炸，螺旋升天 (D)')));
         }
         if ($this->_cfg->mode == 0) {
             $coid = $data['coid'];
@@ -265,7 +279,7 @@ public function CommentDel ($data = NULL) {
 
     public function CommentMark ($data = NULL) {
         if (empty($data)) {
-            exit (json_encode (array ('code' => -1, 'msg' => '原地爆炸，螺旋升天')));
+            exit (json_encode (array ('code' => -1, 'msg' => '原地爆炸，螺旋升天 (M)')));
         }
         if ($this->_cfg->mode == 0) {
             $coid = $data['coid'];

diff --git a/Plugin.php b/Plugin.php
@@ -6,7 +6,7 @@
  * 
  * @package Comment2Telegram
  * @author Sora Jin
- * @version 1.3.0
+ * @version 1.3.1
  * @link https://jcl.moe
  */
 class Comment2Telegram_Plugin implements Typecho_Plugin_Interface {
@@ -73,7 +73,7 @@ public static function config (Typecho_Widget_Helper_Form $form) {
         $form->addInput($Token->addRule('required', _t('您必须填写一个正确的Token')));
         $MasterID = new Typecho_Widget_Helper_Form_Element_Text('MasterID', NULL, NULL, _t('MasterID'), _t('Telergam Master ID'));
         $form->addInput($MasterID->addRule('required', _t('您必须填写一个正确的 Telegram ID')));
-        echo '<style>.typecho-option-submit button[type="submit"]{display:none!important}</style><script>window.onload=function(){$(".typecho-option-submit li").append("<div class=\"description\"><button class=\"btn primary\" id=\"save\">保存设置</button></div>");$("button#save").click(function(){var b=$(this),a=$(b).text();$(b).attr("disabled","disabled");if($("input[name=Token]").val()==""){$(b).text("请填写Bot Token");setTimeout(function(){$(b).text(a);$(b).removeAttr("disabled")},2000);return}if($("input[name=MasterID]").val()==""){$(b).text("请填写Bot Token");setTimeout(function(){$(b).text(a);$(b).removeAttr("disabled")},2000);return}$.ajax({type:"POST",url:window.location.origin+"/action/CommentEdit?do=setWebhook",dataType:"json",data:{token:$("input[name=Token]").val()},success:function(d,e,c){if(d.code=="0"){$(b).text("已 Reset Webhook");setTimeout(function(){$(b).text(\'正在保存设置\');$(\'.typecho-option-submit button[type="submit"]\').click()},2000)}else{$(b).text("失败："+d.msg)}}})})}</script>';
+        echo '<style>.typecho-option-submit button[type="submit"]{display:none!important}</style><script>window.onload=function(){$(".typecho-option-submit li").append("<div class=\"description\"><button class=\"btn primary\" id=\"save\">保存设置</button></div>");$("input[name=mode]").on("change",function(){if($(this).val()==1){$(".description").append("<div class=\"outDeal\">保存后将会往你的 TG 中发送接口信息</div>")}else if($(this).val()==0){if($(".outDeal").length>0){$(".outDeal").remove()}}});$("button#save").click(function(){var b=$(this),a=$(b).text();$(b).attr("disabled","disabled");if($("input[name=Token]").val()==""){$(b).text("请填写Bot Token");setTimeout(function(){$(b).text(a);$(b).removeAttr("disabled")},2000);return}if($("input[name=MasterID]").val()==""){$(b).text("请填写Bot Token");setTimeout(function(){$(b).text(a);$(b).removeAttr("disabled")},2000);return}$.ajax({type:"POST",url:window.location.origin+"/action/CommentEdit?do=setWebhook",dataType:"json",data:{mode:$("input[name=mode]").val(),token:$("input[name=Token]").val()},success:function(d,e,c){if(d.code=="0"){$(b).text("已 Reset Webhook");setTimeout(function(){$(b).text("正在保存设置");$(".typecho-option-submit button[type=\"submit\"]").click()},2000)}else{$(b).text("失败："+d.msg)}}})})}</script>';
     }
 
     /**

diff --git a/lib/Const.php b/lib/Const.php
@@ -1,6 +1,6 @@
 <?php
 class Plugin_Const {
-    const VERSION = '1.3.0';
+    const VERSION = '1.3.1';
 
     const EMAIL_SENT_API = 'https://api.aim.moe/SendEmail';