图片站点服务

<?php
/**
 * 接口基类文件
 * author : php小组
 */
namespace Home\Controller;
use Think\FlException;
use Think\Controller;
use Think\Model;

class BaseController extends Controller{
    
    protected  $isCheck = true;//是否开启签名校验
    protected  $islimit = false;//是否开启接口访问次数限制
    protected  $isiplimit = false;//是否开启ip白名单

    public function __construct(){
        ob_end_clean();
        header('Access-Control-Allow-Origin: *');
        header("Access-Control-Allow-Headers: Origin, X-Requested-With,Pragma,User-Agent, Content-Type, Accept,token,sign,timestamp,version,source,sign");
        header('Access-Control-Allow-Methods:POST');
        $this->run(); 
    }
   
    //执行
    public function run(){ 
        $logs_model     = D('Logs');//日志模型
        $ask_auth_model = D('Askauth'); //请求授权校验模型
        //调用默认response
        $result=get_object_vars($ask_auth_model->getResponse());
        //接受header参数--系统参数
        $systemParam=$ask_auth_model->getAllHeadersParam();
        //接受data数据--业务参数
        $data =I("post.data");
       
        $privatekey = C('apiKey_img');
        try {
            //参数判断
            if(empty($systemParam['token']) || empty($systemParam['timestamp']) || empty($systemParam['version']) || empty($systemParam['sign']) || $systemParam['source']===''  ){
                E("200000","参数错误");
            }
            if(empty($data)){
                E("200001","参数错误");
            }
            if(empty($privatekey)){
                E("200002","参数错误".$systemParam['token']);
            }
            
            $token      = $systemParam['token'];//服务端分配的标识(不同客户端需使用不同的标识)
            $timestamp  = $systemParam['timestamp'];//时间戳,UTC时间,以北京时间东八区(+8)为准
            $version    = $systemParam['version'];//版本号
            $sign       = $systemParam['sign'];//签名
            $source     = $systemParam['source'];//来源(0安卓、1ios、2H5、3pc、4php 、5 java  )
            $data  = json_decode(htmlspecialchars_decode($data),true);//业务参数json格式
            if(empty($data)){
                E("200003","data解析失败");
            }

            if($this->isCheck){//授权
                $auth_result = $ask_auth_model->checkAuth($source,$data,$token,$timestamp,$version,$privatekey,$sign);
                if($auth_result === false){
                    E("200006",'验签失败');
                }
            }
            if($this->isiplimit){//开启ip白名单校验
                //ip白名单校验
                $ip_check_result= $ask_auth_model->illegalip();
                if($ip_check_result == '2'){
                    E("200007",'非法的IP地址!');
                }
            }    
            //时间校验
            $expire_second=C('expire_second');
            $timestamp_t=$timestamp+$expire_second;
            if($timestamp_t<time()){
                E("200008",'请求已经过期');
            }
            if($this->islimit){//开启限制
                //接口访问次数限制
                $as_count_result= $ask_auth_model->ask_count();
                if($as_count_result == '2'){
                    E("200009",'休息一下在访问吧!');
                }   
            }
            
        }catch (FlException $ex) {
            
            $curCode=$ex->getErrorCode();
            $curmsg=$ex->getMessage();
            // todo add log
            $return_data = ['status'=>'1','errorCode'=>$curCode,'msg'=>$curmsg,"result"=>null];
            $source = empty($source)? '':$source;
            $logs_model->Write_Log('请求error',$systemParam,$return_data,$from=$source);
            $this->ajaxReturn($return_data);exit;
            
        }

    }

    //请求成功,插入日志
    public function api_log($return_data){
        $logs_model     = D('Logs');//日志模型
        $ask_auth_model = D('Askauth'); //请求授权校验模型
        //接受header参数--系统参数
        $systemParam=$ask_auth_model->getAllHeadersParam();
        $source     = $systemParam['source'];//来源(0安卓、1ios、2H5、3pc、4php 、5 java  )
        $logs_model->Write_Log('success',$systemParam,$return_data,$from=$source);

    }
    
   
     

/**********************************************************************/


}

 ?>
<?php
namespace Home\Controller;
use Think\Controller;
use Think\Model;


class UploadController extends BaseController {
   
    public function index(){
        $data = array('msg' =>"加载成功!" , 'status'=>'0','result'=>null);
        $this->ajaxReturn($data);
    }

    /****
    *  图片上传: 单图  from_data
    *  service_type --业务类型--必传:
    *  1 前台 - 用户头像
    *  2 管理后台 - 广告图片
    *  3 管理后台 - 商品图片
    *  4 管理管理后台 - 商品详情
    *  5 前台 - 打款凭证(大额订单)
    *  6 管理后台 - icon图标
    *  7 前台 - 店铺logo
    *  8 管理后台 - APP开屏广告
    *  9 店铺二维码 - 前台
    ******/
    public  function  file_one(){
        $data = I("post.data");
        $data  = json_decode(htmlspecialchars_decode($data),true);//业务参数json格式
        if(empty($data['service_type']) ){
            //必传字段为空
            $data = array('status' => '1','errorCode' => '300100', 'msg' =>"请选择业务类型",'result'=>null);
            $this->ajaxReturn($data);
        }
        if(empty($_FILES['file_name'])){//请选择你要上传得文件
            $data = array('status' => '1','errorCode' => '300101', 'msg' =>"请选择你要上传得文件",'result'=>null);
            $this->ajaxReturn($data);    
        }
        $ext = $data['ext'];
        $receivename = $data['receivename'];
        $service_type = $data['service_type'];
        $size_check = false;  //是否开启尺寸验证
        $file_type = array('jpg', 'gif', 'png', 'jpeg','tmp');
        $file_maxSize = '5242880'; //5M
        $file_width = '100';
        $file_height = '100';
        switch ($service_type) {
            case '1': //用户头像  
                $folder_path ="/server/user/"; 
                $file_maxSize = '13631488';  //13M
                break;
            case '2':  //广告图片: 文件命名不能带有ad : 小米会屏蔽
                $folder_path ="/server/billboard/"; break;
            case '3':  //商品图片
                $folder_path ="/server/goods/"; break;
            case '4':  //商品详情
                $folder_path ="/server/detail/"; break;
            case '5':  //打款凭证(大额订单)
                $folder_path ="/server/large/"; 
                $file_maxSize='13631488'; //13M 
                break;
            case '6':  //icon图标
                $folder_path ="/server/icon/"; break;
            case '7': //店铺logo 前台
                $folder_path ="/server/store/"; break;
            case '8': //APP开屏广告
                $folder_path ="/server/peacock/"; break;
            case '9': //店铺二维码
                $folder_path ="/server/qrcode/"; break;
            case '10': //商品分类
                $folder_path ="/server/goodcate/"; break;
            case '11': //商品品牌
                $folder_path ="/server/goodbrand/"; break;
            case '12': //提现附件
                $folder_path ="/server/annexes/"; break;
            case '13': //富文本编辑器
                $folder_path ="/server/text/"; break;
            default:
                $folder_path ='';break;
                
        }
        
        $Upload_model = D('Upload');
        $result = $Upload_model->upload_put_img('file_name',$size_check,$file_type,$file_maxSize,$file_width,$file_height,$folder_path,$service_type,$ext,$receivename);
        if($result['status'] == '1'){
            $status = '1';
            $errorCode = '300102';
            $msg = $result['msg'];
            $result = null;
        }else{
            $status = '0';
            $errorCode = '0';
            $msg = '操作成功!';
            $result = array(
                'filepath'=>$result['filepath'],
                'fileview'=>$result['fileview']
            );
        }
        $return_data = array('status'=>$status,'errorCode'=>$errorCode,'msg'=>$msg,'result'=>$result);
        //写入请求日志
        $this->api_log($return_data);
        $this->ajaxReturn($return_data);

    }





}
<?php
namespace Home\Model;
use Think\Model;
/****
 * 请求授权模型
 */
class AskauthModel extends Model
{
    Protected $autoCheckFields = false; 
    /**
     * @title 签名函数
     * @param $paramArr 系统参数
     * @param $token TOKEN
     * @return string 返回签名
     */
    public function createSign ($paramArr,$apiKey) {
        ksort($paramArr);
        $sign='';
        foreach ($paramArr as $key => $val) {
            if ($key != '' && $val != '') {
                $sign .= $key."=".$val."&";
            }
        }
        $sign=rtrim($sign,"&");
        $sign.=$apiKey;
        $sign=strtolower($sign); //转为小写
        $sign = md5($sign);
        return $sign;
    }

    /**
    * @title 校验
    * @param $source TOKEN
    * @param $data TOKEN
    * @param $token TOKEN
    * @param $timestamp TOKEN
    * @param $version TOKEN
    * @param $privatekey TOKEN
    * @param $sign TOKEN
    */
    public function checkAuth($source,$data,$token,$timestamp,$version,$privatekey,$sign){

        if($source==2){
            $datas=stripslashes(json_encode($data, JSON_UNESCAPED_UNICODE));
        }else{
            $datas=json_encode($data, JSON_UNESCAPED_UNICODE);
        }
        //系统参数
        $paramArr=array(
            'token'=>$token,
            'timestamp'=>$timestamp,
            'version'=>$version,
            'source'=>$source,
            'data'=>$datas,
        );
        //按规则拼接为字符串
        $str = $this->createSign($paramArr,$privatekey);
        
        // print_r($paramArr);
        // print_r($str);
        // echo "---";
        // echo $sign;
        // exit;
        if($str !== $sign){
            return false;
        }
        return true;
    }

    /**
    * 获取所有 以 HTTP开头的header参数
    * @return array
    */
    public function getAllHeadersParam(){
        $headers = array();
        foreach($_SERVER as $key=>$value){
            if(substr($key, 0, 5)==='HTTP_'){
                $key = substr($key, 5);
                $key = str_replace('_', ' ', $key);
                $key = str_replace(' ', '-', $key);
                $key = strtolower($key);
                $headers[$key] = $value;
            }
        }
        return $headers;
    }

    /**
     * @desc 返回respon
    */
    public function getResponse(){
        $statsEntity=array(
            "status"=>0,
            "errorCode"=>0,
            "msg"=>"成功",
            "result"=>null
        );
        return $statsEntity;
    }
    
    /**
     * 非法IP限制访问
     * @param array $config
     * @return void
     */
    public function illegalip(){
        $remote_ip = sys_get_client_ip();
        $array_ip_allow = C('ip_allow');
        if(in_array($remote_ip, $array_ip_allow)){
            return 1; //true
        }
        return 2; //false
    }

  
    //限制请求接口次数
    public  function ask_count(){
        $client_ip = sys_get_client_ip();
        $ask_url = sys_GetCurUrl();
        $limit_num = C('api_ask_limit'); //限制次数
        $limit_time = C('api_ask_time'); //有效时间内,单位:秒
        $now_time = time();
        $youxiao_time = $now_time - $limit_time;
        $ipwhere['creatime'] = array('EGT',date('Y-m-d H:i:s',$youxiao_time));
        $ipwhere['ip_name'] = $client_ip;
        $ipwhere['ask_url'] = $ask_url;
        $check_result = M('log_ip_ask')->where($ipwhere)->count();  
        if($check_result !=='0'){  
            if($check_result >= $limit_num){  
                return 2; //false 已经超出了限制次数
            }  
        }
        //执行插入
        $add_data = array(
            'ip_name'=>$client_ip,
            'ask_url'=>$ask_url,
            'creatime'=>date('Y-m-d H:i:s',time())
        );
        $result = M('log_ip_ask')->data($add_data)->add();
        if($result){
            return 1; //true
        }else{
            return 3; //true
        }

        
    }







}
<?php
namespace Home\Model;
use Think\Model;
/****
 * 操作日志
 */
class LogsModel extends Model
{
    Protected $autoCheckFields = false; 
    /**
     * 写入日志
     *
     * @param type $message 状态信息: 成功还是失败
     * @param type $param   请求参数
     * @param type $return  返回参数
     * @param type $from    来源
     *
     * @return boolean
     */
    public function Write_Log($message,$systemParam,$return_data,$from) {
        $from=$this->source($from);
        if(empty($message) || empty($systemParam) || empty($return_data)  || empty($from) ){
            return false;
        }
        $log_arr = array(
            'message' => $message,
            'create_time' => date('Y-m-d H:i:s'),
            'ask_ip' => sys_get_client_ip(),
            'ask_from' => $from,
            'ask_content'=>json_encode($systemParam),
            'return_content'=>json_encode($return_data),
        );
        
        $log_resulet = M("log_system")->data($log_arr)->add();
        if ($log_resulet){
            return true;
        }else{
            return false;
        }
 
    }
    //请求来源判定
    private function source($source){
        switch ($source){
            case '0':$result='android';break;
            case '1':$result='ios';break;
            case '2':$result='H5';break;
            case '3':$result='pc';break;
            case '4':$result='php';break;
            case '5':$result='java';break;
            default: $result='other';
        }
        return $result;
    }

}

 

posted @ 2018-04-06 22:13  飞鹰学习  阅读(219)  评论(0编辑  收藏  举报