fix: fix the fixes

2025-05-29 01:49:21 +08:00 · 2020-04-07 01:56:27 +08:00 · 2020-04-07 01:56:27 +08:00 · 777b91817c
commit 777b91817c
parent 9abded81ec
2 changed files with 32 additions and 11 deletions
--- a/inc/api.php
+++ b/inc/api.php
@ -214,7 +214,7 @@ function get_qq_avatar() {
 }

 function bgm_bilibili() {
-    if (!check_ajax_referer('wp_rest', 'r', false)) {
+    if (!check_ajax_referer('wp_rest', '_wpnonce', false)) {
        $output = array(
            'status' => 403,
            'success' => false,
@ -233,7 +233,16 @@ function bgm_bilibili() {
 function meting_aplayer() {
    $type = $_GET['type'];
    $id = $_GET['id'];
-    if (check_ajax_referer('wp_rest', '_wpnonce', false) || !wp_verify_nonce($_GET['meting_pnonce'], $type . '#:' . $id)) {
+    $wpnonce = $_GET['_wpnonce'];
+    $meting_pnonce = $_GET['meting_pnonce'];
+    if ((isset($wpnonce) && !check_ajax_referer('wp_rest', $wpnonce, false)) || (isset($nonce) && !wp_verify_nonce($nonce, $type . '#:' . $id))) {
+        $output = array(
+            'status' => 403,
+            'success' => false,
+            'message' => 'Unauthorized client.'
+        );
+        $response = new WP_REST_Response($output, 403);
+    } else {
        $Meting_API = new \Sakura\API\Aplayer();
        $data = $Meting_API->get_data($type, $id);
        if ($type === 'playlist') {
@ -244,18 +253,10 @@ function meting_aplayer() {
            $response->set_headers(array('cache-control' => 'max-age=3600'));
            echo $data;
        } else {
-            $data = str_replace('http://', 'https://', $data);
            $response = new WP_REST_Response();
            $response->set_status(301);
            $response->header('Location', $data);
        }
-    } else {
-        $output = array(
-            'status' => 403,
-            'success' => false,
-            'message' => 'Unauthorized client.'
-        );
-        $response = new WP_REST_Response($output, 403);
    }
    return $response;
 }
--- a/inc/classes/Aplayer.php
+++ b/inc/classes/Aplayer.php
@ -27,6 +27,7 @@ class Aplayer
            case 'song':
                $data = $api->format(true)->song($id);
                $data = json_decode($data, true)["url"];
+                $data = $this->song_url($data);
                break;
            // case 'album':
            //     $data = $api->format(true)->album($id);
@ -46,11 +47,12 @@ class Aplayer
                break;
            // case 'search':
            //     $data = $api->format(true)->search($id);
-            //     $data=json_decode($data, true)["url"];
+            //     $data=json_decode($data, true);
            //     break;
            default:
                $data = $api->format(true)->url($id);
                $data = json_decode($data, true)["url"];
+                $data = $this->song_url($data);
                break;
        }
        return $data;
@ -78,6 +80,24 @@ class Aplayer
        return $playlist;
    }

+    private function song_url($url){
+        $server = $this->server;
+        if ($server == 'netease') {
+            $url = str_replace('://m7c.', '://m7.', $url);
+            $url = str_replace('://m8c.', '://m8.', $url);
+            $url = str_replace('http://m8.', 'https://m9.', $url);
+            $url = str_replace('http://m7.', 'https://m9.', $url);
+            $url = str_replace('http://m10.', 'https://m10.', $url);
+        }elseif ($server == 'xiami') {
+            $url = str_replace('http://', 'https://', $url);
+        }elseif ($server == 'baidu') {
+            $url = str_replace('http://zhangmenshiting.qianqian.com', 'https://gss3.baidu.com/y0s1hSulBw92lNKgpU_Z2jR7b2w6buu', $url);
+        }else{
+            $url = $url;
+        }
+        return $url;
+    }
+
    private function format_lyric($data) {
        $server = $this->server;
        $data = json_decode($data, true);