/**
* 检查 token 对应的用户是否有权限访问接口
*
* @param string $token 用于API权限验证的 token
* @param string $action 控制器类名及方法(不包含命名空间)
* @param \App\Http\Request $req HTTP 请求对象
* @return array
*/
public function valid_token($token, $action, &$req = null) : array
{
if (!$token || strlen($token) !== 32) {
return [-101, '请提供有效的 token'];
}
$dateline = time();
$uid = mem_get('api_' . $token);
if ($uid === false) {
$m_al = new ApiLogin();
$api_login = $m_al->find(['token' => $token, 'dateline >=' => $dateline - self::CACHE_TIME], 'uid, token, dateline');
if ($api_login) {
$uid = $api_login['uid'];
mem_set('api_' . $token, $uid, self::CACHE_TIME);
} else {
return [-102, 'token不匹配'];
}
}
// 检查权限
$key_rights = 'api_rights_' . $uid;
$key_allowed_ip = 'api_allowed_ip_' . $uid;
$uid_rights = mem_get($key_rights);
$allowed_ip = mem_get($key_allowed_ip);
if ($uid_rights === false) {
$m_au = new ApiUser();
$api_user = $m_au->find(['uid' => $uid], 'rights, allowed_ip');
if (!$api_user) {
return [-103, 'token 对应的用户不存在'];
}
$uid_rights = $api_user['rights'];
$allowed_ip = $api_user['allowed_ip'];
mem_set($key_rights, $uid_rights, self::CACHE_TIME);
mem_set($key_allowed_ip, $allowed_ip, self::CACHE_TIME);
}
list($controller, $method) = explode(':', $action, 2);
if (!$this->check_rights($uid_rights, $controller, $method)) {
return [-104, '您没有权限访问该接口'];
}
// 检查IP是否允许
$ip = $_SERVER['REMOTE_ADDR'];
if ($allowed_ip && strpos($allowed_ip, $ip) === false) {
return [-105, '您的IP无权限访问接口'];
}
$req = $this->set_extra_args($req, $uid_rights, $action);
return [0, $uid];
}
function sendVitality($user, $session, $badges)
{
//echo "session";
//print_r($session);
$badge_names = array("agg.twitter" => "Tweetoo", "avatars" => "Beharupia", "buzz" => "Buzzooka", "y.mybloglog" => "BloggY!", "socialite" => "Socialite", "newbie1" => "Newbie");
$badge_desc = array("agg.twitter" => "You've shared 5 twitter updates!", "avatars" => "You've created a Yahoo! avatar", "buzz" => "You've buzed up 3 times", "y.mybloglog" => "You've shared 10 blog updates", "socialite" => "You've updates from 8 different sources", "newbie1" => "Congrats! On sharing your updates");
foreach ($badges as $source => $count) {
$mem_key = "{$user->guid}:{$source}";
if (!record($user->guid, $source)) {
continue;
}
$title = "just unlocked the badge " . $badge_names[$source] . " on Updatesville";
$description = $badge_desc[$source];
$imgURL = "http://hacks.saurabhsahni.com/updatesville/icons/{$source}.png";
$imgWidth = "64";
$imgHeight = "67";
$iconURL = "http://hacks.saurabhsahni.com/updatesville/vitality_bigger2.gif";
$link = "http://pulse.yahoo.com/y/apps/7BNRkt42/";
// $updatesQuery = "INSERT INTO social.updates(guid,title,description,imgURL,imgWidth,imgHeight,iconURL,link) values ('{$user->guid}','$title','$description','$imgURL','$imgWidth','$imgHeight','$iconURL','$link')";
// error_log($updatesQuery);
// $updates = $session->query($updatesQuery);
$updates = $user->insertUpdate(md5($source), $title, $link, $description, $imgURL, $imgWidth, $imgHeight, $iconURL, time());
mem_set($mem_key, "1");
// echo $updatesQuery;
// print_r($updates);
// error_log(print_r($updates,true));
}
}
function query_cache($sql, $cache_key = '', $cache_time = '3600', $isupdate = '0')
{
$is_cache = 0;
$t1 = microtime(1);
if ($cache_key) {
if (strpos($cache_key, '_')) {
$mem_sql_key = $cache_key;
} else {
$mem_sql_key = $cache_key . "_" . md5($sql);
}
} else {
$mem_sql_key = md5($sql);
}
$arrs = mem_get($mem_sql_key);
if (!is_array($arrs) || $isupdate) {
if ($isupdate) {
unset($arrs);
if ($isupdate == 2) {
mem_delete($mem_sql_key);
return;
}
}
if (!$this->link) {
$this->connect();
}
$arrs = array();
if ($query = mysqli_query($this->link, $sql)) {
if ($mem_sql_key == $cache_key) {
$arrs = $this->fetch_array($query);
} else {
while ($arr = $this->fetch_array($query)) {
$arrs[] = $arr;
}
}
/****add by jeffy.woo*****/
} else {
$this->halt('MySQL Query Error', $sql);
/****add by jeffy.woo*****/
}
mem_set($mem_sql_key, $arrs, $cache_time);
} else {
$is_cache = 1;
}
if (isset($_COOKIE['admin_auth']) || ENV != 'prod') {
$t2 = microtime(1);
$spendtime = number_format(($t2 - $t1) * 1000, 1);
if ($is_cache) {
$this->query_cache_num++;
$this->query_cache_time += $spendtime;
$this->queryinfo .= $spendtime . "ms --- Cache {$sql}<br>";
} else {
$this->query_db_num++;
$this->query_db_time += $spendtime;
$this->queryinfo .= $spendtime . "ms --- {$sql}<br>";
}
}
return $arrs;
}
define("CONSUMER_SECRET", "c42a4292e6ebdeca8fa69dd12d0480e636140346");
define("APP_ID", "7BNRkt42");
// Enable debugging. Errors are reported to Web server's error log.
// YahooLogger::setDebug(true);
// Initializes session and redirects user to Yahoo! to sign in and
// then authorize app
$yahoo_session = YahooSession::requireSession(CONSUMER_KEY, CONSUMER_SECRET, APP_ID);
if ($yahoo_session == NULL) {
fatal_error("yahoo_session");
}
$fren_updates_key = "fren:v1:updates";
$fren_updates = mem_get($fren_updates_key);
if (!$fren_updates) {
$data_orig = $yahoo_session->query('select * from social.updates.search where source="APP.7BNRkt42" limit 10');
$fren_updates = $data_orig->query->results->update;
mem_set($fren_updates_key, $fren_updates, 3600);
}
$leaders = doEverything($yahoo_session);
foreach ($leaders as $leader) {
$me = $leader;
break;
}
$badge_names = array("agg.twitter" => "Tweetoo", "avatars" => "Beharupia", "buzz" => "Buzzooka", "y.mybloglog" => "BloggY!", "socialite" => "Socialite", "newbie1" => "Newbie");
$badge_desc = array("agg.twitter" => "You've shared 5 twitter updates!", "avatars" => "You've creating a Yahoo! avatar", "buzz" => "You've buzed up 3 times", "y.mybloglog" => "You've sharing 10 blog updates", "socialite" => "You've updates from 8 different sources", "newbie1" => "Congrats! On sharing your updates");
krsort($leaders);
track($me["nickname"], $me["guid"], $me["count"]);
// $me=array("count"=>20);
?>
<style>
h1 {
color:#E57F3E;
