From 3d35b59f7be39d864efa5915b028cb1e54ed6d5f Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Wed, 5 Jun 2024 19:22:04 +0800 Subject: [PATCH 01/15] 1 --- webapp/controller/MailController.class.php | 77 ++++++++-------------- 1 file changed, 28 insertions(+), 49 deletions(-) diff --git a/webapp/controller/MailController.class.php b/webapp/controller/MailController.class.php index df06b363..c3b11c77 100644 --- a/webapp/controller/MailController.class.php +++ b/webapp/controller/MailController.class.php @@ -17,57 +17,41 @@ class MailController extends BaseAuthedController { $this->awardService = new services\AwardService(); } - public function getAttachment() + public function getAttachmentCb() { - $mailIds = getReqVal('mail_ids', ''); + $timestamp = getReqVal('timestamp', ''); + $signStr = getReqVal('sign', ''); + $data = file_get_contents('php://input'); + $dataJson = json_decode($data, true); - $response = ''; - { - $params = array( - 'c' => 'Mail', - 'a' => 'getAttachment', - 'account_id' => myself()->_getAccountId(), - 'session_id' => myself()->_getSessionId(), - 'mail_ids' => $mailIds - ); + $localSignStr = md5($data . MAIL_KEY . $timestamp); + if ($localSignStr != $signStr) { + myself()->_rspErr(500, 'server internal error 3, url:'); + return; + } + if (empty($dataJson)) { + myself()->_rspErr(500, 'server internal error 4, url:'); + return; + } + if ($dataJson['account_id'] != myself()->_getAccountId()) { + myself()->_rspErr(500, 'server internal error 2, url:'); + return; + } - $url = self::getMailServerUrl(); - if (!phpcommon\HttpClient::get - ($url, - $params, - $response)) { - myself()->_rspErr(500, 'server internal error 3, url:' . $url); - die(); - return; - } - } - error_log($mailIds); - error_log($response); - error_log($url); - $rspObj = json_decode($response, true); - if ($rspObj && $rspObj['errcode'] == 0) { - $this->procAttachments($rspObj['attachments']); - $rspObj['award'] = $this->awardService->toDto(); - $rspObj['property_chg'] = $this->propertyChgService->toDto(); - } - echo json_encode($rspObj); + $this->procAttachments($dataJson); + myself()->_rspData(array( + 'award' => $this->awardService->toDto(), + 'property_chg' => $this->propertyChgService->toDto() + )); } - private function procAttachments($attachments) + private function procAttachments($dataJson) { - $mailHash = array(); - { - foreach ($attachments as $item) { - if (!array_key_exists($item['mailid'], $mailHash)) { - $mailHash[$item['mailid']] = array(); - } - array_push($mailHash[$item['mailid']], $item); - } - } - foreach ($mailHash as $key => $val) { - $mailId = $key; + $mailHash = $dataJson['mails']; + foreach ($mailHash as $val) { + $mailId = $val['mailid']; $items = array(); - foreach ($val as $item) { + foreach ($val['attachments'] as $item) { array_push($items, array( 'item_id' => $item['itemid'], 'item_num' => $item['itemnum'], @@ -116,9 +100,4 @@ class MailController extends BaseAuthedController { } } - private static function getMailServerUrl() - { - return MAIL_URL; - } - } From fe2df1481a49713068722772afa0cbbe94abc453 Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Wed, 5 Jun 2024 19:24:50 +0800 Subject: [PATCH 02/15] 1 --- webapp/controller/MailController.class.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/webapp/controller/MailController.class.php b/webapp/controller/MailController.class.php index c3b11c77..62a49bd0 100644 --- a/webapp/controller/MailController.class.php +++ b/webapp/controller/MailController.class.php @@ -37,6 +37,10 @@ class MailController extends BaseAuthedController { myself()->_rspErr(500, 'server internal error 2, url:'); return; } + if (abs($timestamp - myself()->_getNowTime()) > 60) { + myself()->_rspErr(500, 'server internal error 5, url:'); + return; + } $this->procAttachments($dataJson); myself()->_rspData(array( From 294d5566bc1239139bc36a873b6d84ddb4b17924 Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Thu, 6 Jun 2024 11:49:31 +0800 Subject: [PATCH 03/15] 1 --- doc/AANft.py | 57 ++++++++++++++++++++++++++++++++++++++++++++++++++ doc/_common.py | 11 ++++++++++ 2 files changed, 68 insertions(+) create mode 100644 doc/AANft.py diff --git a/doc/AANft.py b/doc/AANft.py new file mode 100644 index 00000000..93d56e59 --- /dev/null +++ b/doc/AANft.py @@ -0,0 +1,57 @@ +import _common + +class AANft(object): + + def __init__(self): + self.apis = [ + { + 'name': '/hero/home_meta/:net_id', + 'desc': '获取英雄nft元信息主页', + 'group': '!AANft', + 'url': 'https://nft-test.kingsome.cn/hero/home_meta/:net_id', + 'params': [ + [':net_id', '', '链id'], + ], + 'response': [ + _common.NftHomeMeta(), + ] + }, + { + 'name': '/gold_bullion/home_meta/:net_id', + 'desc': '获取金砖nft元信息主页', + 'group': '!AANft', + 'url': 'https://nft-test.kingsome.cn/gold_bullion/home_meta/:net_id', + 'params': [ + [':net_id', '', '链id'], + ], + 'response': [ + _common.NftHomeMeta(), + ] + }, + { + 'name': '/hero/meta/:net_id/:token_id', + 'desc': '获取英雄nft元信息', + 'group': '!AANft', + 'url': 'https://nft-test.kingsome.cn/hero/meta/:net_id/:token_id', + 'params': [ + [':net_id', '', '链id'], + [':token_id', '', 'tokenId'], + ], + 'response': [ + _common.NftHomeMeta(), + ] + }, + { + 'name': '/gold_bullion/meta/:net_id/:token_id', + 'desc': '获取金砖nft元信息', + 'group': '!AANft', + 'url': 'https://nft-test.kingsome.cn/gold_bullion/meta/:net_id/:token_id', + 'params': [ + [':net_id', '', '链id'], + [':token_id', '', 'tokenId'], + ], + 'response': [ + _common.NftHomeMeta(), + ] + }, + ] diff --git a/doc/_common.py b/doc/_common.py index 00bd81f0..e871f05d 100644 --- a/doc/_common.py +++ b/doc/_common.py @@ -1669,3 +1669,14 @@ class MFTransactionRequest(object): ['to', '', '调用的目标合约地址'], ['data', '', '包含报文相关的字节字符串'], ] + +class NftHomeMeta(object): + + def __init__(self): + self.fields = [ + ['name', '', 'nft名字'], + ['symbol', '', 'symbol'], + ['description', '', 'nft描述'], + ['image', '', 'nft图片地址'], + ['external_link', '', 'nft链接'], + ] From 3ee8252ec9fff96eec44a44a759fa8f7b34dca1e Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Thu, 6 Jun 2024 15:33:35 +0800 Subject: [PATCH 04/15] 1 --- doc/AANft.py | 4 +-- doc/_common.py | 28 +++++++++++++++++++ .../controller/OutAppNftController.class.php | 3 ++ 3 files changed, 33 insertions(+), 2 deletions(-) diff --git a/doc/AANft.py b/doc/AANft.py index 93d56e59..6f517b10 100644 --- a/doc/AANft.py +++ b/doc/AANft.py @@ -38,7 +38,7 @@ class AANft(object): [':token_id', '', 'tokenId'], ], 'response': [ - _common.NftHomeMeta(), + _common.NftHeroMeta(), ] }, { @@ -51,7 +51,7 @@ class AANft(object): [':token_id', '', 'tokenId'], ], 'response': [ - _common.NftHomeMeta(), + _common.NftHeroMeta(), ] }, ] diff --git a/doc/_common.py b/doc/_common.py index e871f05d..074855b7 100644 --- a/doc/_common.py +++ b/doc/_common.py @@ -1680,3 +1680,31 @@ class NftHomeMeta(object): ['image', '', 'nft图片地址'], ['external_link', '', 'nft链接'], ] + +class NftAttribute(object): + + def __init__(self): + self.fields = [ + ['trait_type', '', '属性名'], + ['value', '', '属性值'], + ] + +class NftHeroMeta(object): + + def __init__(self): + self.fields = [ + ['name', '', 'nft名字'], + ['description', '', 'nft描述'], + ['image', '', 'nft图片地址'], + ['!attrigutes', [NftAttribute()], 'nft属性'], + ] + +class NftGoldBullionMeta(object): + + def __init__(self): + self.fields = [ + ['name', '', 'nft名字'], + ['description', '', 'nft描述'], + ['image', '', 'nft图片地址'], + ['!attrigutes', [NftAttribute()], 'nft属性'], + ] diff --git a/webapp/controller/OutAppNftController.class.php b/webapp/controller/OutAppNftController.class.php index c9a1a8b4..5ef7eb33 100644 --- a/webapp/controller/OutAppNftController.class.php +++ b/webapp/controller/OutAppNftController.class.php @@ -2,9 +2,11 @@ use phpcommon\SqlHelper; require_once('models/Nft.php'); require_once('models/User.php'); +require_once('models/Hero.php'); use models\Nft; use models\User; +use models\Hero; class OutAppNftController extends BaseController { public function getNftList(){ @@ -189,6 +191,7 @@ class OutAppNftController extends BaseController { } break; } + error_log(json_encode($info)); myself()->_rspData($info); } From ae9ee69626cf0f80a4a971606968dbd36f3529b7 Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Fri, 7 Jun 2024 10:06:00 +0800 Subject: [PATCH 05/15] 1 --- webapp/controller/BaseAuthedController.class.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/webapp/controller/BaseAuthedController.class.php b/webapp/controller/BaseAuthedController.class.php index e80ed888..62f1bf0e 100644 --- a/webapp/controller/BaseAuthedController.class.php +++ b/webapp/controller/BaseAuthedController.class.php @@ -171,13 +171,14 @@ class BaseAuthedController extends BaseController { $userDb = $this->_getOrmUserInfo(); $this->address = $userDb['address']; $this->addressActived = true; + /* if (SERVER_ENV != _ONLINE && empty($this->address)) { $this->address = strtolower('0xa9ecB9F3A0b54d31ce4a035C89EC7Da4110beB59'); if (myself()->_getAccountId() == '6513_2006_3WOWIsmpcihK1KTnNP1Ky5MBOh7rt6Rl') { ///$this->address = strtolower('0x0bb52209756e8d157f2e551a9adb8d9019b688b1'); $this->address = strtolower('0xbd2d6de4b70d370954b187c95dddfbd00f4129ff'); } - } + }*/ } return $this->address; } From 16ec8694c7f9145d6330235da0a71e89ee81dfc3 Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Fri, 7 Jun 2024 10:13:30 +0800 Subject: [PATCH 06/15] 1 --- third_party/phpcommon | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/third_party/phpcommon b/third_party/phpcommon index 11fd0160..c9c3eb2b 160000 --- a/third_party/phpcommon +++ b/third_party/phpcommon @@ -1 +1 @@ -Subproject commit 11fd016051f98589781dc1f0c2375ffd0c1a8814 +Subproject commit c9c3eb2baac856f0b8a4d31cbd9806dc146d433d From b4f80c78c2ced819b7bc6171e09f5322e898371e Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Fri, 7 Jun 2024 10:15:43 +0800 Subject: [PATCH 07/15] 1 --- webapp/controller/UserController.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/webapp/controller/UserController.class.php b/webapp/controller/UserController.class.php index 173d50a2..e14a0d12 100644 --- a/webapp/controller/UserController.class.php +++ b/webapp/controller/UserController.class.php @@ -904,7 +904,7 @@ class UserController extends BaseAuthedController { public function updateAddressBind() { - if (myself()->_getChannel() != BC_POLY_CHANNEL) { + if (myself()->_getChannel() != IMTBL_CHANNEL) { phpcommon\sendError(1, 'token error'); die(); return; From 1a867e053f4962605968d3194b3a5716b9b75810 Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Fri, 7 Jun 2024 10:21:25 +0800 Subject: [PATCH 08/15] 1 --- doc/AALogin.py | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/doc/AALogin.py b/doc/AALogin.py index 91502826..e0de2772 100644 --- a/doc/AALogin.py +++ b/doc/AALogin.py @@ -128,3 +128,21 @@ class AALogin(object): ] }, ] + self.internalApis = [ + { + 'method': 'POST', + 'name': 'verifyJwt', + 'desc': 'jwt验证', + 'group': '!AALogin', + 'url': 'https://login-test.kingsome.cn/webapp/index.php?c=Login&a=verifyJwt', + 'is_json_params': True, + 'params': [ + ['data', '', 'jwt'], + ], + 'response': [ + _common.RspHead(), + ['account_id', '', 'account_id'], + ['address', '', 'address'], + ] + }, + ] From e36f46a9e9a35bcf85eacebbf1c3fc13b9bd450a Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Fri, 7 Jun 2024 10:48:57 +0800 Subject: [PATCH 09/15] 1 --- doc/User.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/doc/User.py b/doc/User.py index 6bed9734..6adc06e8 100644 --- a/doc/User.py +++ b/doc/User.py @@ -152,12 +152,16 @@ class User(object): ] }, { + 'method': 'POST', 'name': 'updateAddressBind', 'desc': '更新钱包绑定信息', 'group': 'User', 'url': 'webapp/index.php?c=User&a=updateAddressBind', - 'params': [ + 'is_json_params': True, + 'request_params': [ _common.ReqHead(), + ], + 'params': [ ['jwt', '', 'jwt数据'], ], 'response': [ From 74fbdf4cf932e683941f98a8bc4c329f6e96d8dc Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Fri, 7 Jun 2024 11:15:10 +0800 Subject: [PATCH 10/15] 1 --- doc/AALogin.py | 2 +- webapp/controller/UserController.class.php | 40 +++++----------------- 2 files changed, 10 insertions(+), 32 deletions(-) diff --git a/doc/AALogin.py b/doc/AALogin.py index e0de2772..7f0209e0 100644 --- a/doc/AALogin.py +++ b/doc/AALogin.py @@ -137,7 +137,7 @@ class AALogin(object): 'url': 'https://login-test.kingsome.cn/webapp/index.php?c=Login&a=verifyJwt', 'is_json_params': True, 'params': [ - ['data', '', 'jwt'], + ['jwt', '', 'jwt'], ], 'response': [ _common.RspHead(), diff --git a/webapp/controller/UserController.class.php b/webapp/controller/UserController.class.php index e14a0d12..a0f03a83 100644 --- a/webapp/controller/UserController.class.php +++ b/webapp/controller/UserController.class.php @@ -909,49 +909,27 @@ class UserController extends BaseAuthedController { die(); return; } - error_log(json_encode($_REQUEST)); - $jwt = getReqVal('jwt', ''); - - $arr = explode('.', $jwt); - if (count($arr) < 3) { - phpcommon\sendError(1, 'token error'); - die(); + $data = json_decode(file_get_contents('php://input'), true); + if (empty($data)) { + phpcommon\rspErr(100, 'data error'); return; } - $header = base64_decode($arr[0]); - $payload = base64_decode($arr[1]); - $sign = base64_decode($arr[2]); - $data = json_decode($payload, true); - - $subIdxPre = ''; - $subIdx = getXVal($data, 'version', ''); - if (!empty($subIdx)) { - $subIdxPre = 's' . $subIdx . '_'; - } - { - $jwtAccountId = BC_POLY_CHANNEL . '_' . myself()->_getGameId() . '_' . - $subIdxPre . $data['plat'] . '_' . $data['openid']; - if ($jwtAccountId != myself()->_getAccountId()) { - myself()->_rspErr(1, 'token error3'); - return; - } - } - - //$url = 'https://pay.cebggame.com/wallet/info?'; - $url = 'https://oauth-svr.cebggame.com/test/wallet/info?'; $params = array( - 'token' => $jwt + 'jwt' => $data['jwt'] ); $response = ''; if (!phpcommon\HttpClient::get - ($url, + (LOGIN_URL, $params, $response)) { myself()->_rspErr(500, 'server internal error'); - die(); return; } error_log($response); + if (empty($response)) { + myself()->_rspErr(500, 'server internal error'); + return; + } $rspObj = json_decode($response, true); if (empty($rspObj['data']['address'])) { User::Update(array( From 563792fc6e3ad436d3227dbe27afd2b87452a7f5 Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Fri, 7 Jun 2024 11:19:45 +0800 Subject: [PATCH 11/15] 1 --- webapp/controller/UserController.class.php | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/webapp/controller/UserController.class.php b/webapp/controller/UserController.class.php index a0f03a83..c70ae526 100644 --- a/webapp/controller/UserController.class.php +++ b/webapp/controller/UserController.class.php @@ -931,25 +931,25 @@ class UserController extends BaseAuthedController { return; } $rspObj = json_decode($response, true); - if (empty($rspObj['data']['address'])) { + if ($rspObj['errcode'] != 0) { + myself()->_rspErr(500, 'server internal error'); + return; + } + if ($rspObj['account_id'] != myself()->_getAccountId()) { + myself()->_rspErr(500, 'server internal error'); + return; + } + if (empty($rspObj['address'])) { User::Update(array( 'address' => null )); myself()->_rspOk(); - die(); return; } - $address = strtolower($rspObj['data']['address']); + $address = strtolower($rspObj['address']); $oldUser = User::findByAddress($address); if ($oldUser) { if ($oldUser['account_id'] != myself()->_getAccountId()) { - if (!phpcommon\isSameSeriesAccount( - $oldUser['account_id'], - myself()->_getAccountId() - )) { - myself()->_rspErr(1, 'is not SameSeriesAccount'); - return; - } User::updateOther( $oldUser['account_id'], array( From eb78ba444eea2f6a55dfba83b6acf05843059d80 Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Fri, 7 Jun 2024 11:29:08 +0800 Subject: [PATCH 12/15] 1 --- webapp/controller/UserController.class.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/webapp/controller/UserController.class.php b/webapp/controller/UserController.class.php index c70ae526..6efab9ee 100644 --- a/webapp/controller/UserController.class.php +++ b/webapp/controller/UserController.class.php @@ -917,10 +917,11 @@ class UserController extends BaseAuthedController { $params = array( 'jwt' => $data['jwt'] ); + $url = LOGIN_URL + '?a=Login&c=verifyJwt'; $response = ''; - if (!phpcommon\HttpClient::get - (LOGIN_URL, - $params, + if (!phpcommon\HttpClient::postContent + ($url, + json_encode($params), $response)) { myself()->_rspErr(500, 'server internal error'); return; From 907544cdcad89e41a460ae7298e5fc723c804bad Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Fri, 7 Jun 2024 13:42:55 +0800 Subject: [PATCH 13/15] 1 --- webapp/controller/UserController.class.php | 1 + 1 file changed, 1 insertion(+) diff --git a/webapp/controller/UserController.class.php b/webapp/controller/UserController.class.php index 6efab9ee..4536c77f 100644 --- a/webapp/controller/UserController.class.php +++ b/webapp/controller/UserController.class.php @@ -904,6 +904,7 @@ class UserController extends BaseAuthedController { public function updateAddressBind() { + error_log(2222); if (myself()->_getChannel() != IMTBL_CHANNEL) { phpcommon\sendError(1, 'token error'); die(); From 7870b8aeefde56889d5aeeb5509a57b9230a8c8d Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Fri, 7 Jun 2024 14:04:07 +0800 Subject: [PATCH 14/15] 1 --- webapp/controller/UserController.class.php | 23 ++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/webapp/controller/UserController.class.php b/webapp/controller/UserController.class.php index 4536c77f..3e770b88 100644 --- a/webapp/controller/UserController.class.php +++ b/webapp/controller/UserController.class.php @@ -918,23 +918,38 @@ class UserController extends BaseAuthedController { $params = array( 'jwt' => $data['jwt'] ); - $url = LOGIN_URL + '?a=Login&c=verifyJwt'; + $url = LOGIN_URL . '?a=Login&c=verifyJwt'; $response = ''; if (!phpcommon\HttpClient::postContent ($url, json_encode($params), $response)) { - myself()->_rspErr(500, 'server internal error'); + echo json_encode(array( + 'errcode' => 500, + 'errmsg' => "server internal error", + 'is_retry' => 1, + 'retry_time' => 15 + )); return; } error_log($response); if (empty($response)) { - myself()->_rspErr(500, 'server internal error'); + echo json_encode(array( + 'errcode' => 500, + 'errmsg' => "server internal error", + 'is_retry' => 1, + 'retry_time' => 20 + )); return; } $rspObj = json_decode($response, true); if ($rspObj['errcode'] != 0) { - myself()->_rspErr(500, 'server internal error'); + echo json_encode(array( + 'errcode' => 500, + 'errmsg' => "server internal error", + 'is_retry' => 1, + 'retry_time' => 30 + )); return; } if ($rspObj['account_id'] != myself()->_getAccountId()) { From 5e27f903d92842d712e84d5f8d19fa5e63041745 Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Fri, 7 Jun 2024 14:24:55 +0800 Subject: [PATCH 15/15] 1 --- webapp/controller/UserController.class.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/webapp/controller/UserController.class.php b/webapp/controller/UserController.class.php index 3e770b88..e434095e 100644 --- a/webapp/controller/UserController.class.php +++ b/webapp/controller/UserController.class.php @@ -904,7 +904,6 @@ class UserController extends BaseAuthedController { public function updateAddressBind() { - error_log(2222); if (myself()->_getChannel() != IMTBL_CHANNEL) { phpcommon\sendError(1, 'token error'); die(); @@ -918,7 +917,7 @@ class UserController extends BaseAuthedController { $params = array( 'jwt' => $data['jwt'] ); - $url = LOGIN_URL . '?a=Login&c=verifyJwt'; + $url = LOGIN_URL . '?c=Login&a=verifyJwt'; $response = ''; if (!phpcommon\HttpClient::postContent ($url,