/** * @param $appid * @param $appkey * @return mixed */ function curl_check($appid, $appkey) { if (!$appid || !$appkey) { $err = ErrorCode::BadRequest; header("HTTP/1.0 " . $err . " " . ConvertErrCodeToMsg($err) . " ", true); echo "Argument Error.\r\n"; exit; } $sql = 'select * from Apps where appid=? and secret=?'; $app = db_read($sql, array(new dbpara('i', $appid), new dbpara('s', $appkey))); if ($app) { $ua = $app[0]["cURLAgent"]; $cua = $_SERVER["HTTP_USER_AGENT"]; $err = ErrorCode::Accepted; if (strlen($ua) != 0 && strcmp($ua, $cua) != 0) { header("HTTP/1.0 " . $err . " " . ConvertErrCodeToMsg($err) . " ", true); echo "User-Agent Check Error.\r\n"; exit; } else { return $app[0]; } } else { $err = ErrorCode::Accepted; header("HTTP/1.0 " . $err . " " . ConvertErrCodeToMsg($err) . " ", true); echo "App Auth Error.\r\n"; exit; } }
function user_check($uid, $upwd) { $sql = 'select * from Users where name=? and password=?'; $user = db_read($sql, array(new dbpara('s', $uid), new dbpara('s', $upwd))); if ($user) { return $user[0]; } else { $err = ErrorCode::Accepted; header("HTTP/1.0 " . $err . " " . ConvertErrCodeToMsg($err) . " ", true); echo "User Auth Error.\r\n"; exit; } }
/** * @param $appid * @param $appkeys * @return mixed */ function web_check($appid, $appkey) { if (!$appid || !$appkey) { $err = ErrorCode::BadRequest; header("HTTP/1.0 " . $err . " " . ConvertErrCodeToMsg($err) . " ", true); echo "Argument Error.\r\n"; exit; } $sql = 'select * from Apps where appid=? and secret=?'; $app = db_read($sql, array(new dbpara('i', $appid), new dbpara('s', $appkey))); if ($app) { $err = ErrorCode::Accepted; return $app[0]; } else { $err = ErrorCode::Accepted; header("HTTP/1.0 " . $err . " " . ConvertErrCodeToMsg($err) . " ", true); echo "App Auth Error.\r\n"; exit; } }
} } //APP CHECK $app = web_check(intval($id), $key); if (strcmp($app["apptype"], "Web") != 0) { echo 'NOT WEBAPP<br/>'; echo "<a href=\"javascript:history.go(-1)\">Go Back</a>"; exit; } $appuri = parse_url($app["returnUrl"]); //REF CHECK if ($ref) { $uri = parse_url($ref); if (strcmp($uri["host"], $appuri["host"]) != 0) { $err = ErrorCode::BadRequest; header("HTTP/1.0 " . $err . " " . ConvertErrCodeToMsg($err), true); echo 'REFERER ERROR<br/>'; echo "<a href=\"javascript:history.go(-1)\">Go Back</a>"; exit; } } ?> <?php include_once $_SERVER["DOCUMENT_ROOT"] . "/include/common/mui.php"; ?> <!DOCTYPE html> <html> <head> <title><?php echo cp::loginmsg($app["appname"]);