File: /www/wwwroot/wordpress/WebStackApi.php
<?php
require_once dirname( __FILE__ ) . '/wp-load.php';
require_once dirname( __FILE__ ) . '/rsa_sign_verify.php';
// 公钥文件路径 (用于验签)
$publicKeyPath = 'public_key.pem';
$signature_str = $_SERVER['HTTP_X_SDATA'] ?? '';
$post_signature = $_SERVER['HTTP_POST_SIGNATURE'] ?? '';
$isValid = verifySignature($signature_str, $post_signature, $publicKeyPath);
if (!$isValid) {
echo json_encode(['msg'=>"签名验证失败!数据可能被篡改或来源不可信"],JSON_UNESCAPED_UNICODE);
exit();
}
if ($_SERVER['REQUEST_METHOD'] === 'GET'){
//获取主题配置
$data = get_option( '_webstack_options' );
$data['blogname'] = get_option( 'blogname' );
$data['blogdescription'] = get_option( 'blogdescription' );
echo json_encode($data,JSON_UNESCAPED_SLASHES);
die();
}elseif ($_SERVER['REQUEST_METHOD'] === 'POST'){
//修改主题配置
$webstack_keys = [
'logo_normal',
'logo_small',
'favicon',
'apple_icon',
'login_beautify',
'login_img',
'login_logo',
'login_color_l',
'login_color_r',
'details_page',
'po_prompt',
'columns',
'bulletin',
'bulletin_n',
'links',
'theme_mode',
'site_n',
'icp',
'police_icp',
'lazyload',
'ico_url',
'ico_png',
'seo_home_keywords',
'seo_home_desc',
'custom_css',
'code_head_js',
'code_2_footer',
'ad_home',
'ad_right',
'ad_footer',
'ioc_wp_head',
'ioc_pingback',
'ioc_feed',
'ioc_category',
'ioc_login_language',
'gravatar'
];
//先获取原始数据
$old_option_arr = get_option( '_webstack_options' );
$pDataAll = array_merge($old_option_arr,$_POST);
foreach ($pDataAll as $p_key=>$p_item){
if (!in_array($p_key,$webstack_keys)){
unset($pDataAll[$p_key]);
}
if ('code_head_js'==$p_key || 'code_2_footer'==$p_key){
$pDataAll[$p_key] = stripslashes($pDataAll[$p_key]);
}
}
update_option('_webstack_options',$pDataAll);
if (!empty($_POST['blogname'])){
update_option('blogname',$_POST['blogname']);
}
if (!empty($_POST['blogdescription'])){
update_option('blogdescription',$_POST['blogdescription']);
}
exit();
}