57 lines
1.7 KiB
PHP
57 lines
1.7 KiB
PHP
<?php
|
||
// 图片审核 API:通过/拒绝 pictures_pending 中的图片
|
||
session_start();
|
||
header('Content-Type: application/json; charset=utf-8');
|
||
|
||
$ADMIN_PASSWORD = 'my123123';
|
||
$pendingDir = __DIR__ . '/../pictures_pending';
|
||
$picturesRoot = __DIR__ . '/../pictures/images/user';
|
||
|
||
function out($ok, $msg, $extra = []) {
|
||
echo json_encode(array_merge(['ok'=>$ok,'msg'=>$msg], $extra), JSON_UNESCAPED_UNICODE);
|
||
exit;
|
||
}
|
||
|
||
$authed = !empty($_SESSION['admin_ok']);
|
||
if (!$authed) {
|
||
$pwd = trim($_POST['password'] ?? '');
|
||
if ($pwd === $ADMIN_PASSWORD) $authed = true;
|
||
}
|
||
if (!$authed) out(false, '未授权或密码错误');
|
||
|
||
$action = $_POST['action'] ?? '';
|
||
$file = basename($_POST['file'] ?? '');
|
||
if (!$action || !$file) out(false, '缺少必要参数');
|
||
|
||
$pendingPath = $pendingDir . '/' . $file;
|
||
if (!is_file($pendingPath)) out(false, '待审核文件不存在');
|
||
|
||
if ($action === 'reject') {
|
||
$ok = @unlink($pendingPath);
|
||
@unlink($pendingPath . '.json');
|
||
out(!!$ok, $ok ? '已拒绝并删除' : '删除失败');
|
||
}
|
||
|
||
if ($action === 'approve') {
|
||
$dateDir = date('Y-m-d');
|
||
$dstDir = $picturesRoot . '/' . $dateDir;
|
||
if (!is_dir($dstDir)) @mkdir($dstDir, 0777, true);
|
||
|
||
$ext = strtolower(pathinfo($file, PATHINFO_EXTENSION));
|
||
if (!in_array($ext, ['jpg','jpeg','png','gif','webp'])) $ext = 'jpg';
|
||
$newName = 'image_' . date('Ymd_His') . '_' . mt_rand(1000,9999) . '.' . $ext;
|
||
$dstPath = $dstDir . '/' . $newName;
|
||
|
||
$ok = @rename($pendingPath, $dstPath);
|
||
@rename($pendingPath . '.json', $dstPath . '.json');
|
||
if (!$ok) out(false, '转存失败');
|
||
|
||
// 相对路径(供前端或日志显示)
|
||
$rel = 'pictures/images/user/' . $dateDir . '/' . $newName;
|
||
out(true, '审核通过,已入库', ['path' => $rel]);
|
||
}
|
||
|
||
out(false, '未知操作');
|
||
?>
|
||
|