fix auth

2019-12-01 17:44:29 +08:00 · 2019-12-01 17:44:29 +08:00 · c26c98b653
parent 19a337ed17
commit c26c98b653
1 changed files with 29 additions and 23 deletions
--- a/inc/api.php
+++ b/inc/api.php
@ -311,31 +311,37 @@ function feature_gallery() {
 * update manifest.json rest api
 * @rest api接口路径：https://sakura.2heng.xin/wp-json/sakura/v1/image/json
 */
-function update_manifest_json(WP_REST_Request $request) {
+function update_manifest_json() {
-    if (is_admin()) {
+    $username = $_SERVER['PHP_AUTH_USER'];
-        $sakura_table_name = $wpdb->base_prefix.'sakura';
+    $password = $_SERVER['PHP_AUTH_PW'];
-        $manifest = array(
+    $user = wp_authenticate($username, $password);
-            "key" => "manifest_json",
+    if (is_a($user, 'WP_User')) {
-            "value" => file_get_contents($_FILES["manifest_json"]["tmp_name"])
+        if (in_array('administrator', (array) $user->roles)) {
-        );
+            global $wpdb;
-        $time = array(
+            $sakura_table_name = $wpdb->base_prefix.'sakura';
-            "key" => "json_time",
+            $manifest = array(
-            "value" => date("Y-m-d H:i:s",time())
+                "key" => "manifest_json",
-        );
+                "value" => file_get_contents($_FILES["manifest"]["tmp_name"])
            );
            $time = array(
                "key" => "json_time",
                "value" => date("Y-m-d H:i:s",time())
            );
-        $wpdb->query("DELETE FROM `wp_sakura` WHERE `key`='manifest_json'");
+            $wpdb->query("DELETE FROM `wp_sakura` WHERE `key` ='manifest_json'");
-        $wpdb->query("DELETE FROM `wp_sakura` WHERE `key`='json_time'");
+            $wpdb->query("DELETE FROM `wp_sakura` WHERE `key` ='json_time'");
-        $wpdb->insert($sakura_table_name,$manifest);
+            $wpdb->insert($sakura_table_name,$manifest);
-        $wpdb->insert($sakura_table_name,$time);
+            $wpdb->insert($sakura_table_name,$time);
-        $output = array(
+            $output = array(
-            'status' => 200,
+                'status' => 200,
-            'success' => true,
+                'success' => true,
-            'message' => 'manifest.json has been stored into database'
+                'message' => 'manifest.json has been stored into database'
-        );
+            );
-        $result = new WP_REST_Response($output, 200);
+            $result = new WP_REST_Response($output, 200);
-        $result->set_headers(array('Content-Type' => 'application/json'));
+            $result->set_headers(array('Content-Type' => 'application/json'));
-        return $result;
+            return $result;
        }
    } else {
        $output = array(
            'status' => 401,