PHP接口上传参数返回参数混淆

<?php

/**
 *User: 
 *Date: 2021-01-20
 */

class Myapp extends Base_Controller
{
    public function __construct()
    {
        parent::__construct();
//        $this->load->model("myiapp_model");
        $this->pkg = 'com.geekre.org';
        $this->dck = explode(',', file_get_contents('./dck.json'));
    }

    /**
     * 生成所有对应此包名的url路径
     * 上传参数key
     * 下发参数key
     * 1: aes  2: des
     */
    public function myiappAdd()
    {
        $allinfo = array();
        $jmfs = rand(1, 2);

        //获取全部url路由
        $getAlljkurl = $this->getAlljkurl();

        foreach ($getAlljkurl as $urlk => $urlv) {
            $setrandurlpath = $this->setrandurlpath();
            $allinfo[$setrandurlpath]['jmfs'] = $jmfs;
            $allinfo[$setrandurlpath]['oldurl'] = $urlv['url'];

            /**
             * 1. 上传参数
             */
            $filterparams = array();
            if (!empty($urlv['params'])) {
                foreach ($urlv['params'] as $key => $val) {
                    $currentparams = $this->setrandparams();
                    $wn2 = 0;
                    while (in_array($currentparams, $filterparams) && ($wn2 < 100)) {
                        $currentparams = $this->setrandparams();
                        $wn2++;
                    }

                    $allinfo[$setrandurlpath]['params'][$val] = $currentparams;
                    $filterparams[] = $currentparams;
                }
            } else {
                $allinfo[$setrandurlpath]['params'] = array();
            }

            /**
             * 2. 返回参数
             */
            $filterreturnparams = array();
            if (!empty($urlv['returnparams'])) {
                foreach ($urlv['returnparams'] as $key2 => $val2) {
                    $currentparams2 = $this->setrandparams();
                    $wn3 = 0;
                    while (in_array($currentparams2, $filterreturnparams) && ($wn3 < 100)) {
                        $currentparams2 = $this->setrandparams();
                        $wn3++;
                    }

                    $allinfo[$setrandurlpath]['returnparams'][$val2] = $currentparams2;
                    $filterreturnparams[] = $currentparams2;
                }
            } else {
                $allinfo[$setrandurlpath]['returnparams'] = array();
            }

            /**
             * 3.随机code  msg data
             */
            $msgarr = array('code', 'msg', 'data');
            $filterreturnmsg = array();
            foreach ($msgarr as $msgk => $msgv) {
                $currentparams3 = $this->setrandparams();
                $wn5 = 0;
                while (in_array($currentparams3, $filterreturnmsg) && ($wn5 < 100)) {
                    $currentparams3 = $this->setrandparams();
                    $wn5++;
                }

                $allinfo[$setrandurlpath]['msgparams'][$msgv] = $currentparams3;
                $filterreturnmsg[] = $currentparams3;
            }

            //随机生成垃圾字段
            //$allinfo[$setrandurlpath]['ljparams'] = array();
            //$allinfo[$setrandurlpath]['ljmsg'] = array();
            $allinfo[$setrandurlpath]['pkg'] = $this->pkg;

            /**
             * 4. 将随机生成的url生成json文件
             */
            $everyjson = json_encode($allinfo[$setrandurlpath]);
            $everydir = './oelfktjgawp3452/url/' . $setrandurlpath . '.json';
            file_put_contents($everydir, $everyjson);
        }
        //存入包名对应的json文件
        $alljson = json_encode($allinfo);
        $dir = './oelfktjgawp3452/pkg/';
        file_put_contents($dir . $this->pkg . '.json', $alljson);

        $this->show_json(array('code' => 200, 'msg' => '导入路由成功', 'data' => []));
    }

    /**
     * 给包名 追加url
     * @return bool
     * User: 
     * Date: 2021-01-21 10:57
     */
    public function appendUrl()
    {
        $pkg = $this->input->get('pkg');
        if (empty($pkg)) {
            return false;
        }
        $this->pkg = $pkg;
        //追加的时候,这个包是已经存在的包,所以这个包的json文件应该是存在的
        $pkgjsonname = './oelfktjgawp3452/pkg/' . $pkg . '.json';
        if (!file_exists($pkgjsonname)) {
            return false;
        }
        //当前这个包已经有的url
        $pkgjson = file_get_contents($pkgjsonname);
        if (!$pkgjson) {
            return false;
        }

        $pkgarr = json_decode($pkgjson, true);
        $pkgurlarr = [];
        foreach ($pkgarr as $k => $v) {
            array_push($pkgurlarr, $v['oldurl']);
        }
        $oldjmfs = isset($v['jmfs']) ? $v['jmfs'] : rand(1, 2);
        //获取目前所有的url
        $allurl = $this->getAlljkurl();

        //需要追加生成的url
        $diffurlarr = [];
        foreach ($allurl as $k => $v) {
            if (!in_array($v['url'], $pkgurlarr)) {
                array_push($diffurlarr, $v);
            }
        }
        if (empty($diffurlarr)) {
            echo "没有需要追加的路由";
            exit;
        }

        //循环生成额外的随机路由
        foreach ($diffurlarr as $urlk => $urlv) {
            $setrandurlpath = $this->setrandurlpath();

            $allinfo[$setrandurlpath]['jmfs'] = $oldjmfs; //1==aes  2==des 保持和之前的加密方式一致
            $allinfo[$setrandurlpath]['oldurl'] = $urlv['url'];
            $filterparams = array();
            if (!empty($urlv['params'])) {
                foreach ($urlv['params'] as $key => $val) {
                    $currentparams = $this->setrandparams();
                    $wn2 = 0;
                    while (in_array($currentparams, $filterparams) && ($wn2 < 100)) {
                        $currentparams = $this->setrandparams();
                        $wn2++;
                    }
                    $allinfo[$setrandurlpath]['params'][$val] = $currentparams;
                    $filterparams[] = $currentparams;
                }
            } else {
                $allinfo[$setrandurlpath]['params'] = array();
            }

            $filterreturnparams = array();
            if (!empty($urlv['returnparams'])) {
                foreach ($urlv['returnparams'] as $key2 => $val2) {
                    $currentparams2 = $this->setrandparams();
                    $wn3 = 0;
                    while (in_array($currentparams2, $filterreturnparams) && ($wn3 < 100)) {
                        $currentparams2 = $this->setrandparams();
                        $wn3++;
                    }
                    $allinfo[$setrandurlpath]['returnparams'][$val2] = $currentparams2;
                    $filterreturnparams[] = $currentparams2;
                }
            } else {
                $allinfo[$setrandurlpath]['returnparams'] = array();
            }

            //随机code  msg data
            $msgarr = array('code', 'msg', 'data');
            $filterreturnmsg = array();
            foreach ($msgarr as $msgk => $msgv) {
                $currentparams3 = $this->setrandparams();
                $wn5 = 0;
                while (in_array($currentparams3, $filterreturnmsg) && ($wn5 < 100)) {
                    $currentparams3 = $this->setrandparams();
                    $wn5++;
                }
                $allinfo[$setrandurlpath]['msgparams'][$msgv] = $currentparams3;
                $filterreturnmsg[] = $currentparams3;
            }

            //随机生成垃圾字段
            //$allinfo[$setrandurlpath]['ljparams'] = array();
            //$allinfo[$setrandurlpath]['ljmsg'] = array();
            $allinfo[$setrandurlpath]['pkg'] = $pkg;

            //将随机生成的url生成json文件
            $everyjson = json_encode($allinfo[$setrandurlpath]);
            $everydir = './oelfktjgawp3452/url/' . $setrandurlpath . '.json';
            file_put_contents($everydir, $everyjson);
        }

        //将pkg目录下的对应的json文件备份,并将追加的路由写入文件
        $pkgdir = './oelfktjgawp3452/pkg/';
        //创建备份目录
        $bakdir = $pkgdir . 'bak/';
        $res = true;
        if (!file_exists($bakdir) && !is_dir($bakdir)) {
            $res = mkdir($bakdir, 0777, true);
        }

        //pkg 目录下的json文件
        $pkgfilejson = $pkgdir . $pkg . '.json';

        if (file_exists($pkgfilejson) && $res) {
            $bakfilename = $bakdir . $pkg . date('YmdHis') . '.json';
            $jsonstr = file_get_contents($pkgfilejson);
            $jsonarr = json_decode($jsonstr, true);
            foreach ($allinfo as $k => $v) {
                $jsonarr[$k] = $v;
            }
            if (rename($pkgfilejson, $bakfilename)) {
                $r = file_put_contents($pkgfilejson, json_encode($jsonarr));
            }
            if ($r) {
                echo "成功写入文件,文件名为" . $pkgfilejson;
                die();
            }
        }
        echo "写入文件失败";
        die();
    }

    //生成随机参数
    public function setrandparams()
    {
        $arr = $this->dck;
        $count = count($arr) - 1;
        $params = $arr[rand(0, $count)];
        unset($arr);
        return $params;
    }


    //全部需要加密混淆的url参数
    public function getAlljkurl()
    {
        $res = array(
            array(
                'url' => 'v1/user/register ',
                'params' => array(
                    'email', 'password'
                ),
                'returnparams' => array(
                    'data'
                ),
            ),
            array(
                'url' => 'v1/user/login ',
                'params' => array(
                    'email', 'password'
                ),
                'returnparams' => array(
                    'data'
                ),
            ),
            array(
                'url' => 'v1/user/view ',
                'params' => array(
                    'username', 'email', 'token'
                ),
                'returnparams' => array(
                    'data'
                ),
            ),

        );

        return $res;
    }

    //生成随机路径
    public function setrandurlpath()
    {
        $arr = $this->dck;
        $count = count($arr) - 1;
        $prev = $arr[rand(0, $count)];
        $urlpath = $prev;
        $pkgarr = explode('.', $this->pkg);
        unset($pkgarr[0]);
        shuffle($pkgarr);

        $pkgcount = count($pkgarr) - 1;
        $pkgcount = ($pkgcount > 4) ? 4 : $pkgcount;
        $dircount = rand(0, $pkgcount);
        for ($i = 0; $i <= $dircount; $i++) {
            $name = $pkgarr[$i];
            $urlpath .= '-' . $name;
        }
        $urlpath = trim($urlpath, '-');
        $urlarr = explode('-', $urlpath);
        shuffle($urlarr);
        $urlpath = implode('-', $urlarr);
        unset($arr);
        //$this->show_json(array($urlpath));
        return $urlpath;
    }
}

实现效果:

 

数据字典文件 点击下载  dck.json

posted @ 2021-01-21 11:38  码农编程进阶笔记  阅读(39)  评论(0编辑  收藏  举报
返回顶部 有事您Q我