/**
* 解析一个静态资源的内容
*
*/
public static function parseResourceFile()
{
$pathinfo = Route::getPathInfo();
array_shift($pathinfo);
$resource = implode('/', $pathinfo);
if ($GLOBALS['debug'] && IS_MULTI_MODULES) {
$pos = strpos($resource, '/');
$file = APP_MODULES_PATH . DIRECTORY_SEPARATOR . substr($resource, 0, $pos) . DIRECTORY_SEPARATOR . Config::get('modules_static_path_name') . substr($resource, $pos);
if (is_file($file)) {
Response::sendContentTypeBySubFix(substr($resource, strrpos($resource, '.') + 1));
exit(file_get_contents($file));
} else {
Response::sendHttpStatus(404);
}
}
}
/**
* 防止csrf跨站攻击
*
* @param int $type 检测类型 0不检查,1、只检查post,2、post get都检查
*/
public static function checkCsrf($type = 1)
{
if ($type !== 0 && isset($_SERVER['HTTP_REFERER']) && !strpos($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) {
if ($type == 1) {
if (!empty($_POST)) {
Response::sendHttpStatus(403);
throwException(Lang::get('_ILLEGAL_REQUEST_'));
}
} else {
Response::sendHttpStatus(403);
throwException(Lang::get('_ILLEGAL_REQUEST_'));
}
}
}
