admin/38443-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
38443-vm/api_v1_servers.php
Flatlogic Bot 05c351eb39 Autosave: 20260218-141308
2026-02-18 14:13:08 +00:00

107 lines
4.3 KiB
PHP
Raw Blame History

<?php
require_once 'auth/session.php';
requireLogin();
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$action = $_POST['action'] ?? 'create';
$user_id = $_SESSION['user_id'];
if ($action === 'refresh_invite_code') {
header('Content-Type: application/json');
$server_id = $_POST['server_id'] ?? 0;
require_once 'includes/permissions.php';
if (Permissions::hasPermission($user_id, $server_id, Permissions::MANAGE_SERVER)) {
$new_code = generateSecureInviteCode();
$expiry_ts = time() + 1800; // 30 minutes
$expires_at = date('Y-m-d H:i:s', $expiry_ts);
$stmt = db()->prepare("UPDATE servers SET invite_code = ?, invite_code_expires_at = ? WHERE id = ?");
$stmt->execute([$new_code, $expires_at, $server_id]);
echo json_encode(['success' => true, 'invite_code' => $new_code, 'expires_at' => $expires_at, 'expiry_timestamp' => $expiry_ts]);
} else {
echo json_encode(['success' => false, 'error' => 'Permission denied']);
}
exit;
}
if ($action === 'join') {
$invite_code = $_POST['invite_code'] ?? '';
$stmt = db()->prepare("SELECT id, invite_code_expires_at FROM servers WHERE invite_code = ?");
$stmt->execute([$invite_code]);
$server = $stmt->fetch();
if ($server) {
if (!empty($server['invite_code_expires_at']) && strtotime($server['invite_code_expires_at']) < time()) {
die("Invite code has expired.");
}
$stmt = db()->prepare("INSERT IGNORE INTO server_members (server_id, user_id) VALUES (?, ?)");
$stmt->execute([$server['id'], $user_id]);
header('Location: index.php?server_id=' . $server['id']);
exit;
} else {
die("Invalid invite code.");
}
}
if ($action === 'update') {
$server_id = $_POST['server_id'] ?? 0;
$name = $_POST['name'] ?? '';
$icon_url = $_POST['icon_url'] ?? '';
$theme_color = $_POST['theme_color'] ?? null;
if ($theme_color === '') $theme_color = null;
require_once 'includes/permissions.php';
if (Permissions::hasPermission($user_id, $server_id, Permissions::MANAGE_SERVER)) {
$stmt = db()->prepare("UPDATE servers SET name = ?, icon_url = ?, theme_color = ? WHERE id = ?");
$stmt->execute([$name, $icon_url, $theme_color, $server_id]);
}
header('Location: index.php?server_id=' . $server_id);
exit;
}
if ($action === 'delete') {
$server_id = $_POST['server_id'] ?? 0;
$stmt = db()->prepare("DELETE FROM servers WHERE id = ? AND owner_id = ?");
$stmt->execute([$server_id, $user_id]);
header('Location: index.php');
exit;
}
$name = $_POST['name'] ?? '';
$icon_url = $_POST['icon_url'] ?? '';
if ($name) {
try {
$db = db();
$db->beginTransaction();
// Create server
$invite_code = generateSecureInviteCode();
$expires_at = date('Y-m-d H:i:s', time() + 1800);
$stmt = $db->prepare("INSERT INTO servers (name, owner_id, invite_code, invite_code_expires_at, icon_url) VALUES (?, ?, ?, ?, ?)");
$stmt->execute([$name, $user_id, $invite_code, $expires_at, $icon_url]);
$server_id = $db->lastInsertId();
// Add owner as member
$stmt = $db->prepare("INSERT INTO server_members (server_id, user_id) VALUES (?, ?)");
$stmt->execute([$server_id, $user_id]);
// Create default channel
$stmt = $db->prepare("INSERT INTO channels (server_id, name, type) VALUES (?, 'general', 'text')");
$stmt->execute([$server_id]);
// Create default @everyone role
$stmt = $db->prepare("INSERT INTO roles (server_id, name, color, permissions, position) VALUES (?, '@everyone', '#99aab5', 0, 0)");
$stmt->execute([$server_id]);
$db->commit();
header('Location: index.php?server_id=' . $server_id);
exit;
} catch (Exception $e) {
$db->rollBack();
die("Error creating server: " . $e->getMessage());
}
}
}
header('Location: index.php');
Reference in New Issue View Git Blame Copy Permalink