function isValidID()
{
//Grab the user from the database
global $conn, $userTable, $codeTable;
$addr = $_SERVER['REMOTE_ADDR'] ?: "Unknown";
$cmd = $conn->prepare("select userID from {$codeTable} \n\t\tinner join {$userTable} using(userID) \n\t\twhere addr = '{$addr}' and active = '1'");
$cmd->execute();
$results = $cmd->fetchAll();
if (count($results) === 1) {
require_once $_SERVER['DOCUMENT_ROOT'] . "/cauth/crypto.php";
$_SESSION['userID'] = $results[0]['userID'];
//Update Session Var
$_SESSION['isLogged'] = true;
//Second security layer
$realKey = getUserKey($conn);
//$realKey = sha1($addr); //Use this if you don't have a crypto class
return isset($_COOKIE['uk']) && $realKey !== null && $realKey == $_COOKIE['uk'];
}
return false;
}
function savePackageLable($packageSns)
{
$dispatcher = array('category' => 'direct-express', 'handler' => 'package', 'action' => 'print-label');
$request_data = array('token' => getToken(), 'user_key' => getUserKey(), 'format' => 'classic_a4');
$api_address = getApiBaseAddress() . join("/", $dispatcher);
$api_address .= "?" . http_build_query($request_data);
$api_address .= get_label_params_string($packageSns, 'package_sn');
echo $api_address;
$response = rest_helper($api_address, null, 'GET', 'binary');
$packageSnsStr = join("-", $packageSns);
$fd = fopen("label-{$packageSnsStr}.pdf", 'wb');
fwrite($fd, $response);
fclose($fd);
}
<?php
require "http_request.php";
require "auth.php";
// 参数为要打印标签的包裹处理号列表
$packageSns = array('CET141010TST000087', 'CET141010TST000088', 'CET141010TST000087', 'CET141010TST000088');
$dispatcher = array('category' => 'direct-express', 'handler' => 'package', 'action' => 'print-label');
$request_data = array('token' => getToken(), 'user_key' => getUserKey(), 'format' => 'classic_a4');
$api_address = $api_base . join("/", $dispatcher);
$api_address .= "?" . http_build_query($request_data);
$api_address .= get_repeat_string_params_string($packageSns, 'package_sn');
echo $api_address;
try {
$response = rest_helper($api_address, null, 'GET', 'binary');
$r = json_decode($response);
if ($r === null) {
//throw new Exception("failed to decode $res as json");
//if not json return, save file
$file = "label/label-mutiply-packageSns.pdf";
saveFile($file, $response);
echo "<br />";
echo "save ok " . $file;
} else {
echo "<pre>";
print_r($r);
echo "</pre>";
}
} catch (exception $e) {
echo $e;
}
function saveFile($filename, $response)
$cmd = $conn->prepare("select userID from {$codeTable} where codename = :code");
$cmd->bindParam(":code", $code, PDO::PARAM_STR, 10);
$cmd->execute();
$results = $cmd->fetchAll();
if (count($results) === 1) {
require_once "crypto.php";
//Check if the userID is already assigned
$cmd = $conn->prepare("select codename from {$codeTable} where userID = :userID");
$cmd->bindParam(":userID", $_SESSION['userID'], PDO::PARAM_INT);
$cmd->execute();
$assignedCodes = $cmd->fetchAll();
if ($results[0]['userID'] == $_SESSION['userID']) {
$key = getUserKey($conn);
setcookie("uk", $key, time() + 1000 * 60 * 60 * 24 * 365);
//ms * s * m * h * days
} else {
if (empty($results[0]['userID']) && count($assignedCodes) === 0) {
$cmd = $conn->prepare("update {$codeTable} set userID = \n\t\t\t(select userID from {$userTable} where addr = :addr)\n\t\t\twhere codename = :code limit 1");
$cmd->bindParam(":addr", $_SERVER['REMOTE_ADDR'], PDO::PARAM_STR, 16);
$cmd->bindParam(":code", $code, PDO::PARAM_STR, 10);
$cmd->execute();
//Set userkey
$key = getUserKey($conn);
setcookie("uk", $key, time() + 1000 * 60 * 60 * 24 * 365);
//ms * s * m * h * days
logEvent($conn, $logTable, "Has logged with SeaCode {$code}");
}
}
}
$conn = $altConn = null;
header('Location: login.php');
<?php
header('Content-type: application/json');
chdir("../..");
chdir("database");
require_once "users.php";
chdir("..");
require_once "configuration.php";
/**
* DESCRIPTION: Gets the user id
* PARAMETERS: api/users/getId.php <apikey> <user>
*/
if (isset($_GET['apikey']) and isset($_GET['user'])) {
$auth = (string) $_GET['apikey'];
$user = (string) $_GET['user'];
if ($auth != $apikey) {
echo json_encode(array("result" => "permissionDenied"));
} else {
if (!userExists($user)) {
echo json_encode(array("result" => "invalidUser"));
} else {
$key = getUserKey($user);
$id = getUser($email)["_id"];
echo json_encode(array("result" => "ok", "id" => $id));
}
}
} else {
echo json_encode(array("result" => "missingParams"));
}
<?php
function getApiBaseAddress()
{
$api_base = "http://demo.chukou1.cn/v3/";
return $api_base;
}
function getToken()
{
return '887E99B5F89BB18BEA12B204B620D236';
// 请在这里输入您的Token
}
function getUserKey()
{
return 'wr5qjqh4gj';
//请在这里输入您的UserKey
}
$api_base = getApiBaseAddress();
$token = getToken();
$user_key = getUserKey();
$key = getUserKey($data['store_hash'], $data['user']['email']);
$user = json_decode($redis->get($key), true);
if (empty($user)) {
return 'Invalid user.';
}
return 'Welcome ' . json_encode($user);
});
$app->get('/auth/callback', function (Request $request) use($app) {
$payload = array('client_id' => clientId(), 'client_secret' => clientSecret(), 'redirect_uri' => callbackUrl(), 'grant_type' => 'authorization_code', 'code' => $request->get('code'), 'scope' => $request->get('scope'), 'context' => $request->get('context'));
$client = new Client(bcAuthService());
$req = $client->post('/oauth2/token', array(), $payload, array('exceptions' => false));
$resp = $req->send();
if ($resp->getStatusCode() == 200) {
$data = $resp->json();
list($context, $storeHash) = explode('/', $data['context'], 2);
$key = getUserKey($storeHash, $data['user']['email']);
$redis = new Credis_Client('localhost');
$redis->set($key, json_encode($data['user'], true));
return 'Hello ' . json_encode($data);
} else {
return 'Something went wrong... [' . $resp->getStatusCode() . '] ' . $resp->getBody();
}
});
function verifySignedRequest($signedRequest)
{
list($encodedData, $encodedSignature) = explode('.', $signedRequest, 2);
// decode the data
$signature = base64_decode($encodedSignature);
$jsonStr = base64_decode($encodedData);
$data = json_decode($jsonStr, true);
// confirm the signature
