first commit

includes/api_functions.php

@@ -0,0 +1,79 @@
+<?php
+declare(strict_types=1);
+
+// 参数验证函数
+function validateRequestParams(): array {
+    $allowedResolutions = ['UHD', '4K', 'HD'];
+    $allowedCategories = ['美女', '风景', '动物', '游戏'];
+    
+    // 获取并处理参数
+    $params = [
+        'resolution' => isset($_GET['resolution']) 
+            ? strtoupper(trim($_GET['resolution'])) 
+            : null,
+        'category' => isset($_GET['category']) 
+            ? urldecode(trim($_GET['category'])) 
+            : null
+    ];
+
+    // 验证分辨率参数
+    if ($params['resolution'] && !in_array($params['resolution'], $allowedResolutions, true)) {
+        throw new InvalidArgumentException('无效的分辨率参数');
+    }
+
+    // 验证分类参数
+    if ($params['category'] && !in_array($params['category'], $allowedCategories, true)) {
+        throw new InvalidArgumentException('无效的分类参数');
+    }
+
+    return $params;
+}
+
+// 构建图片查询语句
+function buildImageQuery(array $params): string {
+    $query = "SELECT url FROM images WHERE 1=1";
+    
+    if ($params['resolution']) {
+        $query .= " AND resolution = :resolution";
+    }
+    
+    if ($params['category']) {
+        $query .= " AND category = :category";
+    }
+    
+    $query .= " ORDER BY RAND() LIMIT 1";
+    return $query;
+}
+
+// 获取随机图片
+function fetchRandomImage(PDO $pdo, string $query, array $params) {
+    $stmt = $pdo->prepare($query);
+    
+    if ($params['resolution']) {
+        $stmt->bindValue(':resolution', $params['resolution']);
+    }
+    
+    if ($params['category']) {
+        $stmt->bindValue(':category', $params['category']);
+    }
+    
+    $stmt->execute();
+    return $stmt->fetch();
+}
+
+// 标准化JSON响应
+function jsonResponse(array $data): string {
+    return json_encode([
+        'code' => 200,
+        'data' => $data
+    ], JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT);
+}
+
+// 错误响应格式化
+function jsonError(string $message, int $code = 400): string {
+    http_response_code($code);
+    return json_encode([
+        'code' => $code,
+        'error' => $message
+    ], JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT);
+}

includes/auth.php

@@ -0,0 +1,33 @@
+<?php
+session_start();
+require_once __DIR__.'/db.php';
+
+// 登录状态检查
+function isLoggedIn() {
+    return isset($_SESSION['user_id']);
+}
+
+// 登录验证
+function login($username, $password) {
+    global $pdo;
+    
+    $stmt = $pdo->prepare("SELECT * FROM users WHERE username = ?");
+    $stmt->execute([$username]);
+    $user = $stmt->fetch();
+    
+    // SHA256验证
+    if ($user && hash('sha256', $password) === $user['password']) {
+        $_SESSION['user_id'] = $user['id'];
+        $_SESSION['username'] = $user['username'];
+        return true;
+    }
+    return false;
+}
+
+// 强制登录检查
+function requireLogin() {
+    if (!isLoggedIn()) {
+        header("Location: login.php");
+        exit;
+    }
+}

includes/config.php

@@ -0,0 +1,17 @@
+<?php
+// 禁止直接访问
+defined('APP_ROOT') or define('APP_ROOT', dirname(__DIR__));
+
+// 调试模式设置
+define('DEBUG_MODE', true);
+
+// 错误报告设置
+if (DEBUG_MODE) {
+    ini_set('display_errors', '1');
+    ini_set('display_startup_errors', '1');
+    error_reporting(E_ALL);
+} else {
+    ini_set('display_errors', '0');
+    ini_set('log_errors', '1');
+    ini_set('error_log', APP_ROOT.'/logs/error.log');
+}

includes/db.php

@@ -0,0 +1,19 @@
+<?php
+$host = 'localhost';
+$dbname = 'localhost';
+$user = 'localhost';
+$pass = 'localhost';
+
+try {
+    $pdo = new PDO(
+        "mysql:host=$host;dbname=$dbname;charset=utf8mb4",
+        $user,
+        $pass,
+        [
+            PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
+            PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC
+        ]
+    );
+} catch (PDOException $e) {
+    die("数据库连接失败: " . $e->getMessage());
+}