panel-api-tech/set_temp.php at master · BiliPL/panel-api-tech · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<?php
include 'config.php';
include 'functions.php';

/** @var array $config */

header('Content-Type: application/json');

// 🔐 Start sesji i walidacja CSRF
if (session_status() === PHP_SESSION_NONE) {
    session_start();
}

if ($_SERVER['REQUEST_METHOD'] !== 'POST' ||
    !isset($_POST['csrf_token']) ||
    $_POST['csrf_token'] !== ($_SESSION['csrf_token'] ?? '')
) {
    http_response_code(403);
    echo json_encode(['success' => false, 'error' => 'Nieprawidłowy token CSRF']);
    exit;
}

$auth = login($config['username'], $config['password']);

if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($auth['token'])) {
    $userId   = $_POST['user_id'] ?? '';
    $udid     = $_POST['udid'] ?? '';
    $zoneId   = (int) ($_POST['zone_id'] ?? 0);
    $parentId = (int) ($_POST['parent_id'] ?? 0);
    $rawTemp  = str_replace(',', '.', $_POST['set_temp'] ?? '');

    if ($userId && $udid && is_numeric($rawTemp)) {
        $setTemp = (int) round(floatval($rawTemp) * 10);

        if ($setTemp >= 100 && $setTemp <= 300) {
            $payload = json_encode([
                'mode' => [
                    'mode' => 'constantTemp',
                    'id' => $zoneId,
                    'parentId' => $parentId,
                    'constTempTime' => 0,
                    'setTemperature' => $setTemp,
                    'scheduleIndex' => 0
                ]
            ]);

            $url = "https://emodul.eu/api/v1/users/{$userId}/modules/{$udid}/zones";
            $ch = curl_init($url);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
            curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
            curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
            curl_setopt($ch, CURLOPT_HTTPHEADER, [
                'Authorization: Bearer ' . $auth['token'],
                'Content-Type: application/json',
                'Accept: application/json'
            ]);
            $response = curl_exec($ch);
            $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
            curl_close($ch);

            if ($httpCode === 200) {
                echo json_encode(['success' => true]);
                exit;
            }
        }
    }
}

http_response_code(400);
echo json_encode(['success' => false, 'error' => 'Nie udało się ustawić temperatury']);