/** * 解析一个静态资源的内容 * */ public static function parseResourceFile() { $pathinfo = Route::getPathInfo(); array_shift($pathinfo); $resource = implode('/', $pathinfo); if ($GLOBALS['debug'] && IS_MULTI_MODULES) { $pos = strpos($resource, '/'); $file = APP_MODULES_PATH . DIRECTORY_SEPARATOR . substr($resource, 0, $pos) . DIRECTORY_SEPARATOR . Config::get('modules_static_path_name') . substr($resource, $pos); if (is_file($file)) { Response::sendContentTypeBySubFix(substr($resource, strrpos($resource, '.') + 1)); exit(file_get_contents($file)); } else { Response::sendHttpStatus(404); } } }
/** * 防止csrf跨站攻击 * * @param int $type 检测类型 0不检查,1、只检查post,2、post get都检查 */ public static function checkCsrf($type = 1) { if ($type !== 0 && isset($_SERVER['HTTP_REFERER']) && !strpos($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) { if ($type == 1) { if (!empty($_POST)) { Response::sendHttpStatus(403); throwException(Lang::get('_ILLEGAL_REQUEST_')); } } else { Response::sendHttpStatus(403); throwException(Lang::get('_ILLEGAL_REQUEST_')); } } }