function isValidID() { //Grab the user from the database global $conn, $userTable, $codeTable; $addr = $_SERVER['REMOTE_ADDR'] ?: "Unknown"; $cmd = $conn->prepare("select userID from {$codeTable} \n\t\tinner join {$userTable} using(userID) \n\t\twhere addr = '{$addr}' and active = '1'"); $cmd->execute(); $results = $cmd->fetchAll(); if (count($results) === 1) { require_once $_SERVER['DOCUMENT_ROOT'] . "/cauth/crypto.php"; $_SESSION['userID'] = $results[0]['userID']; //Update Session Var $_SESSION['isLogged'] = true; //Second security layer $realKey = getUserKey($conn); //$realKey = sha1($addr); //Use this if you don't have a crypto class return isset($_COOKIE['uk']) && $realKey !== null && $realKey == $_COOKIE['uk']; } return false; }
function savePackageLable($packageSns) { $dispatcher = array('category' => 'direct-express', 'handler' => 'package', 'action' => 'print-label'); $request_data = array('token' => getToken(), 'user_key' => getUserKey(), 'format' => 'classic_a4'); $api_address = getApiBaseAddress() . join("/", $dispatcher); $api_address .= "?" . http_build_query($request_data); $api_address .= get_label_params_string($packageSns, 'package_sn'); echo $api_address; $response = rest_helper($api_address, null, 'GET', 'binary'); $packageSnsStr = join("-", $packageSns); $fd = fopen("label-{$packageSnsStr}.pdf", 'wb'); fwrite($fd, $response); fclose($fd); }
<?php require "http_request.php"; require "auth.php"; // 参数为要打印标签的包裹处理号列表 $packageSns = array('CET141010TST000087', 'CET141010TST000088', 'CET141010TST000087', 'CET141010TST000088'); $dispatcher = array('category' => 'direct-express', 'handler' => 'package', 'action' => 'print-label'); $request_data = array('token' => getToken(), 'user_key' => getUserKey(), 'format' => 'classic_a4'); $api_address = $api_base . join("/", $dispatcher); $api_address .= "?" . http_build_query($request_data); $api_address .= get_repeat_string_params_string($packageSns, 'package_sn'); echo $api_address; try { $response = rest_helper($api_address, null, 'GET', 'binary'); $r = json_decode($response); if ($r === null) { //throw new Exception("failed to decode $res as json"); //if not json return, save file $file = "label/label-mutiply-packageSns.pdf"; saveFile($file, $response); echo "<br />"; echo "save ok " . $file; } else { echo "<pre>"; print_r($r); echo "</pre>"; } } catch (exception $e) { echo $e; } function saveFile($filename, $response)
$cmd = $conn->prepare("select userID from {$codeTable} where codename = :code"); $cmd->bindParam(":code", $code, PDO::PARAM_STR, 10); $cmd->execute(); $results = $cmd->fetchAll(); if (count($results) === 1) { require_once "crypto.php"; //Check if the userID is already assigned $cmd = $conn->prepare("select codename from {$codeTable} where userID = :userID"); $cmd->bindParam(":userID", $_SESSION['userID'], PDO::PARAM_INT); $cmd->execute(); $assignedCodes = $cmd->fetchAll(); if ($results[0]['userID'] == $_SESSION['userID']) { $key = getUserKey($conn); setcookie("uk", $key, time() + 1000 * 60 * 60 * 24 * 365); //ms * s * m * h * days } else { if (empty($results[0]['userID']) && count($assignedCodes) === 0) { $cmd = $conn->prepare("update {$codeTable} set userID = \n\t\t\t(select userID from {$userTable} where addr = :addr)\n\t\t\twhere codename = :code limit 1"); $cmd->bindParam(":addr", $_SERVER['REMOTE_ADDR'], PDO::PARAM_STR, 16); $cmd->bindParam(":code", $code, PDO::PARAM_STR, 10); $cmd->execute(); //Set userkey $key = getUserKey($conn); setcookie("uk", $key, time() + 1000 * 60 * 60 * 24 * 365); //ms * s * m * h * days logEvent($conn, $logTable, "Has logged with SeaCode {$code}"); } } } $conn = $altConn = null; header('Location: login.php');
<?php header('Content-type: application/json'); chdir("../.."); chdir("database"); require_once "users.php"; chdir(".."); require_once "configuration.php"; /** * DESCRIPTION: Gets the user id * PARAMETERS: api/users/getId.php <apikey> <user> */ if (isset($_GET['apikey']) and isset($_GET['user'])) { $auth = (string) $_GET['apikey']; $user = (string) $_GET['user']; if ($auth != $apikey) { echo json_encode(array("result" => "permissionDenied")); } else { if (!userExists($user)) { echo json_encode(array("result" => "invalidUser")); } else { $key = getUserKey($user); $id = getUser($email)["_id"]; echo json_encode(array("result" => "ok", "id" => $id)); } } } else { echo json_encode(array("result" => "missingParams")); }
<?php function getApiBaseAddress() { $api_base = "http://demo.chukou1.cn/v3/"; return $api_base; } function getToken() { return '887E99B5F89BB18BEA12B204B620D236'; // 请在这里输入您的Token } function getUserKey() { return 'wr5qjqh4gj'; //请在这里输入您的UserKey } $api_base = getApiBaseAddress(); $token = getToken(); $user_key = getUserKey();
$key = getUserKey($data['store_hash'], $data['user']['email']); $user = json_decode($redis->get($key), true); if (empty($user)) { return 'Invalid user.'; } return 'Welcome ' . json_encode($user); }); $app->get('/auth/callback', function (Request $request) use($app) { $payload = array('client_id' => clientId(), 'client_secret' => clientSecret(), 'redirect_uri' => callbackUrl(), 'grant_type' => 'authorization_code', 'code' => $request->get('code'), 'scope' => $request->get('scope'), 'context' => $request->get('context')); $client = new Client(bcAuthService()); $req = $client->post('/oauth2/token', array(), $payload, array('exceptions' => false)); $resp = $req->send(); if ($resp->getStatusCode() == 200) { $data = $resp->json(); list($context, $storeHash) = explode('/', $data['context'], 2); $key = getUserKey($storeHash, $data['user']['email']); $redis = new Credis_Client('localhost'); $redis->set($key, json_encode($data['user'], true)); return 'Hello ' . json_encode($data); } else { return 'Something went wrong... [' . $resp->getStatusCode() . '] ' . $resp->getBody(); } }); function verifySignedRequest($signedRequest) { list($encodedData, $encodedSignature) = explode('.', $signedRequest, 2); // decode the data $signature = base64_decode($encodedSignature); $jsonStr = base64_decode($encodedData); $data = json_decode($jsonStr, true); // confirm the signature