Gestionnaire de fichiers - Editer - /home/pack/api-secure/get_logs.php
Arrière
<?php /** * PACK BEACON – SECURE API * Get Logs by User * Path: /api-secure/get_logs.php * * ใช้สำหรับ: * - ดึง logs ของผู้ใช้ หรือ logs ทั้งหมด (เฉพาะ admin) * * Input: * - user_id (ถ้า admin ไม่ต้องส่งก็ได้) * * Secure: * - Token + Timestamp + Signature */ require_once __DIR__ . "/config-secure.php"; require_once __DIR__ . "/auth-secure.php"; require_method("POST"); // Load secure JSON payload list($raw, $input) = require_secure_json(); /* ============================================================ Read Input ============================================================ */ $user_id = intval($input["user_id"] ?? 0); /* ============================================================ If user is NOT admin → return only his own logs ============================================================ */ if ($AUTH_ROLE != "admin") { // บังคับว่าต้องเป็น user ของตัวเองเท่านั้น if ($user_id != $AUTH_USER_ID) { api_json([ "status" => "error", "message" => "Permission denied – you can view only your own logs" ]); } $filter = "WHERE logs.user_id = " . intval($AUTH_USER_ID); } else { // ----- ADMIN MODE ----- if ($user_id > 0) { // admin ขอเฉพาะของ user $filter = "WHERE logs.user_id = $user_id"; } else { // admin ดูทั้งหมด $filter = ""; } } /* ============================================================ Query Logs ============================================================ */ $sql = " SELECT logs.*, users.fullname, beacons.uuid, beacons.major, beacons.minor FROM logs LEFT JOIN users ON logs.user_id = users.id LEFT JOIN beacons ON logs.beacon_id = beacons.id $filter ORDER BY logs.id DESC LIMIT 200 "; $result = $conn->query($sql); $logs = []; while ($row = $result->fetch_assoc()) { $logs[] = [ "id" => intval($row["id"]), "user_id" => $row["user_id"], "user_name" => $row["fullname"], "beacon_id" => $row["beacon_id"], "beacon" => ($row["uuid"]) ? $row["uuid"] . " / " . $row["major"] . " / " . $row["minor"] : null, "message" => $row["message"], "created_at"=> $row["created_at"] ]; } /* ============================================================ Response ============================================================ */ api_json([ "status" => "success", "count" => count($logs), "logs" => $logs ]);
| ver. 1.4 |
Github
|
.
| PHP 7.4.33 | Génération de la page: 0.34 |
proxy
|
phpinfo
|
Réglages