canglan
d6dec878bd
- 后端从 Python FastAPI 重写为 Go Gin(端口 56789) - 多班级完全隔离 - 超级管理员独立登录 - 课代表作业管理、排行榜分项排行 - 角色加减分上下限可配置 - 家长改密功能(可开关) - 周度/月度重置功能 - MySQL 5.7 兼容 - 43轮代码审查+全部修复 - Apache 2.0 许可证
105 lines
2.8 KiB
PHP
105 lines
2.8 KiB
PHP
<?php
|
||
/**
|
||
* 执行单个升级步骤(代理至后端 API)
|
||
*/
|
||
require_once __DIR__ . '/../config.php';
|
||
|
||
header('Content-Type: application/json; charset=utf-8');
|
||
|
||
// 验证登录和权限(admin 班主任 或 super_admin)
|
||
if (!isset($_SESSION['user_id']) || !in_array($_SESSION['user_type'], ['admin', 'super_admin'])) {
|
||
http_response_code(401);
|
||
echo json_encode(['success' => false, 'error' => '未授权']);
|
||
exit();
|
||
}
|
||
|
||
$userType = $_SESSION['user_type'];
|
||
$role = $_SESSION['role'] ?? '';
|
||
if ($userType === 'admin' && $role !== '班主任') {
|
||
http_response_code(403);
|
||
echo json_encode(['success' => false, 'error' => '权限不足']);
|
||
exit();
|
||
}
|
||
|
||
// 只接受 POST
|
||
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
||
http_response_code(400);
|
||
echo json_encode(['success' => false, 'error' => '无效请求']);
|
||
exit();
|
||
}
|
||
|
||
$input = json_decode(file_get_contents('php://input'), true);
|
||
$stepVersion = $input['version'] ?? '';
|
||
if (empty($stepVersion)) {
|
||
http_response_code(400);
|
||
echo json_encode(['success' => false, 'error' => '缺少版本号参数']);
|
||
exit();
|
||
}
|
||
|
||
// 从 session 获取 JWT token
|
||
$token = $_SESSION['jwt_token'] ?? '';
|
||
if (empty($token)) {
|
||
http_response_code(401);
|
||
echo json_encode(['success' => false, 'error' => '会话已过期,请重新登录']);
|
||
exit();
|
||
}
|
||
|
||
// 调用后端 API
|
||
$apiUrl = API_BASE_URL . '/api/upgrade/step';
|
||
|
||
$ch = curl_init();
|
||
curl_setopt_array($ch, [
|
||
CURLOPT_URL => $apiUrl,
|
||
CURLOPT_RETURNTRANSFER => true,
|
||
CURLOPT_POST => true,
|
||
CURLOPT_POSTFIELDS => json_encode(['version' => $stepVersion]),
|
||
CURLOPT_TIMEOUT => API_TIMEOUT,
|
||
CURLOPT_HTTPHEADER => [
|
||
'Authorization: Bearer ' . $token,
|
||
'Content-Type: application/json'
|
||
],
|
||
CURLOPT_SSL_VERIFYPEER => true,
|
||
CURLOPT_SSL_VERIFYHOST => 2
|
||
]);
|
||
|
||
$apiResponse = curl_exec($ch);
|
||
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
|
||
curl_close($ch);
|
||
|
||
if (empty($apiResponse)) {
|
||
http_response_code(500);
|
||
echo json_encode([
|
||
'success' => false,
|
||
'version' => $stepVersion,
|
||
'error' => '无法连接升级服务'
|
||
]);
|
||
exit();
|
||
}
|
||
|
||
$result = json_decode($apiResponse, true);
|
||
if (!$result) {
|
||
http_response_code(500);
|
||
echo json_encode([
|
||
'success' => false,
|
||
'version' => $stepVersion,
|
||
'error' => '升级服务返回数据格式错误'
|
||
]);
|
||
exit();
|
||
}
|
||
|
||
// 后端返回非200或 success=false 时,提取实际错误信息
|
||
if ($httpCode !== 200 || !isset($result['success']) || !$result['success']) {
|
||
$errorMsg = $result['message'] ?? ($result['error'] ?? '升级失败');
|
||
http_response_code(500);
|
||
echo json_encode([
|
||
'success' => false,
|
||
'version' => $stepVersion,
|
||
'error' => $errorMsg
|
||
]);
|
||
exit();
|
||
}
|
||
|
||
// 转发后端返回的数据
|
||
$data = $result['data'] ?? [];
|
||
echo json_encode($data);
|