/**
* 检查参数签名
*/
function authSig($request)
{
$method = $request['m'];
$param = $request['p'];
if ($param['signature']) {
$signature = $param['signature'];
unset($param['signature']);
$keys = array_keys($param);
sort($keys);
$s = '';
foreach ($keys as $key) {
$value = $param[$key];
if (is_string($value) || is_numeric($value) || is_bool($value)) {
$s .= '&' . $key . '=' . $value;
}
}
$s = substr($s, 1) . $method . P_VERSION . '~@#1xdaf,dmuopamie%%123.';
$mysig = md5($s);
if ($mysig != $signature) {
glog::info("签名不对[{$mysig}]!=[{$signature}], " . json_encode($request), 'sign');
return array('s' => StatusCode::invalid_siginature, 'msg' => 'invalid signature');
}
$timestamp = $param['timestamp'];
if ($method == 'System.login') {
// 手机设备时间和服务器时间可能有差异,所以第一次请求 System.login 时不验证时间。
return false;
}
// 1. 对 timestamp 做验证 与 服务器当前时间相差太多的 认为是不合法的请求
$now = getApp()->now;
if (abs($now - $timestamp) > 300) {
$ts1 = date('Y-m-d H:i:s', $now);
$ts2 = date('Y-m-d H:i:s', $timestamp);
glog::info("请求时间异常 server[{$ts1}], client[{$ts2}], " . json_encode($request), 'sign');
return false;
return array('s' => StatusCode::invalid_request_time, 'msg' => 'invalid timestamp');
}
// 2. 记录用户上次调用这个接口的时间戳,如果新的 timestamp <= old_timestamp 则认为是不合法的请求
$uid = getApp()->getuid();
$section_id = getApp()->getsec();
if ($uid && $section_id) {
if (model_Util::inBlacklist($uid)) {
//黑名单访问,禁止
glog::info("黑名单中玩家[{$uid}]访问分区[{$section_id}] " . json_encode($request), 'blacklist');
return array('s' => StatusCode::invalid_request_time, 'msg' => "uid[{$uid}] is in blacklist");
}
try {
$redis = DbConfig::getRedis('cache');
$timestamp_key = "sig_{$section_id}_{$uid}_{$method}";
$old_timestamp = $redis->get($timestamp_key);
if (is_numeric($old_timestamp)) {
// 手机端网络超时后重试,后台可能会收到两次同样时间戳的请求 所以 $timestamp == $old_timestamp 还是很有可能的
if ($timestamp < $old_timestamp) {
$ts1 = date('Y-m-d H:i:s', $old_timestamp);
$ts2 = date('Y-m-d H:i:s', $timestamp);
glog::info("请求时间异常, 上次请求[{$ts1}], 本次请求[{$ts2}], " . json_encode($request), 'sign');
return false;
return array('s' => StatusCode::outdated_siginature, 'msg' => 'outdated signature', 'debug' => "old_timestamp: {$old_timestamp}");
} else {
$redis->multi();
$redis->set($timestamp_key, $timestamp);
$redis->expire($timestamp_key, 360);
$redis->exec();
return false;
}
} else {
$redis->multi();
$redis->set($timestamp_key, $timestamp);
$redis->expire($timestamp_key, 360);
$redis->exec();
return false;
}
} catch (Exception $ex) {
error_log("无法连接 cache redis ");
return false;
}
}
return false;
}
glog::info("没有签名," . json_encode($request), 'sign');
return array('s' => StatusCode::invalid_siginature, 'msg' => 'no signature');
}
/**
* 官网支付
*/
private function processWanpay(&$data)
{
$data['source'] = "internal";
if ($data['product_id'] == 'custom' && $data['cash'] < 1000) {
//自定义小于1000最低限额
//glog::info("异常的支付数据,自定义金额小于1000[uid:$uid][section_id:$sec][transaction_id:$transaction_id][product_id:$product_id]", 'payment');
//echo json_encode(array('s'=>StatusCode::exception,'msg'=>'error2'));
//die;
}
if (intval($data['cash']) < 6) {
glog::info("异常的支付数据,转换到元小于6![uid:{$uid}][section_id:{$sec}][transaction_id:{$transaction_id}][product_id:{$product_id}]", 'payment');
echo json_encode(array('s' => StatusCode::exception, 'msg' => 'error3'));
die;
}
}
/**
* @auther lifei@playcarb.com
* 发放燕子坞活动 未领奖励
*/
public static function action_award_yanziwu()
{
$app = getApp();
$now = $app->now;
//活动界面关闭后才发送奖励
$config = $app->getActivityConfig('act_yanziwuqiangqin_20130425');
if ($now <= $config['end_t']) {
//self::showError("",__LINE__);
self::showError("activity not finished!", __LINE__);
}
$sections = array_keys(getApp()->getSectionConfig());
if (empty($sections)) {
self::showError("get section config error!", __LINE__);
}
$start_md = date('md', $config['start_t']);
$redis = DbConfig::getRedis('rank');
//时间肯定超过12、21、24了不判断时间
//所有区
foreach ($sections as $sec) {
echo "===============分区:{$sec}==========================\n";
//检查各个时段的排行榜奖励
for ($i = 1; $i <= 3; $i++) {
$redis_key = "act_yanziwuqiangqin_" . $start_md . "_" . $sec . "_" . $i;
//查询各个时段排行榜
$list = self::getQiangQinRank(0, 19, $redis, $redis_key, $config, $sec);
if (empty($list)) {
echo "warning:第{$i}段,分区:{$sec}的排行为空!\n";
continue;
}
echo "=============当前时段:{$i}=============";
echo $redis_key . "\n";
print_r($list);
foreach ((array) $list as $v) {
//判断玩家是否领取过
$uid = $user_key = $v['id'];
$player = new model_Player($uid, $sec);
//玩家存的是带年的
$start_ymd = date('Ymd', $config['start_t']);
$player_data = $player->getFields(array('qiyu.yanziwuqiangqin_' . $start_ymd));
$player_pos = $player_data['qiyu']['yanziwuqiangqin_' . $start_ymd];
if (!empty($player_pos[$i])) {
//领过了
echo "warning:====玩家{$uid}/{$sec}领过第{$i}段奖励了!\n";
continue;
}
//判断奖励
//玩家自己的排名
$rank = $redis->zrevrank($redis_key, "{$user_key}");
echo "====玩家{$uid}/{$sec}===当前排名:{$rank}\n";
if ($rank === false) {
echo "warning:====玩家{$uid}/{$sec}排名错误为假!\n";
continue;
}
// 确定该玩家是否在前20,计算并列20的情况
$my_num = 0;
if ($rank >= 20) {
// 玩家自己的积分
$my_num = $redis->zscore($redis_key, $user_key);
// 玩家正好与第20名的积分相同
if ($my_num == $list[count($list) - 1]['num']) {
// 奖励list中最后一名相同的奖励
$award_config = PL_Config_Numeric::get('yanziwuaward', $list[count($list) - 1]['rank'], false);
}
} else {
// 如果在前20名,那么list中一定存在该玩家信息
foreach ($list as $val) {
if ($val['id'] == $uid) {
$my_rank = $val['rank'];
$my_num = $val['num'];
}
}
$award_config = PL_Config_Numeric::get('yanziwuaward', $my_rank, false);
}
//24点必须大于2000
if ($i == 3 && $my_num < 2000) {
continue;
}
echo "{$sec}=={$uid}开始发第{$i}段奖..\n";
$log['action'] = __CLASS__ . '.' . __FUNCTION__;
//print_r($award_config);
self::awardQiangQin($award_config, $i, $my_num, $player_pos, &$player, $config, &$log, $rank, $uid, $sec);
// 标记已经领取
$player_pos[$i] = 1;
$player->objectPut('qiyu', 'yanziwuqiangqin_' . date('Ymd', $config['start_t']), $player_pos);
$result = $player->commit();
$log['ret'] = $result;
glog::stat($log);
}
//print_r($list);
}
}
}