diff --git a/third_party/j7 b/third_party/j7 index 3dd34617..b57e9bd1 160000 --- a/third_party/j7 +++ b/third_party/j7 @@ -1 +1 @@ -Subproject commit 3dd3461706c389688f57b29be81db50a7c550b6c +Subproject commit b57e9bd11bfad25775906ee002dbcb587784352c diff --git a/third_party/phpcommon b/third_party/phpcommon index 571b6c46..daad845e 160000 --- a/third_party/phpcommon +++ b/third_party/phpcommon @@ -1 +1 @@ -Subproject commit 571b6c46137597d3bede13989e284130a070bea0 +Subproject commit daad845e894ca033c4fdd31c9c6f39e1e4040f02 diff --git a/webapp/controller/BaseAuthedController.class.php b/webapp/controller/BaseAuthedController.class.php index 1b902984..e95fa366 100644 --- a/webapp/controller/BaseAuthedController.class.php +++ b/webapp/controller/BaseAuthedController.class.php @@ -33,6 +33,18 @@ class BaseAuthedController extends BaseController { private $sessionId = ''; private $mysqlConn = null; + private function isWhiteList() + { + $whiteList = array( + '0x875835829e95fe87e53a2dfcfd9860a735b70754', + '0x11299400d87f24e79af8cb8cc5661792bea45300', + '0x898a887fa574dd0297f202d66d5a65787acc1316', + '0x9b703a5a094df5b1ba4f3dec15810f7c708e31fa', + '0xef59f6cc4d190a0ae576c46d4583e92b61174340' + ); + return in_array(myself()->_getOpenId(), $whiteList); + } + public function _handlePre() { $this->accountId = getReqVal('account_id', ''); @@ -59,10 +71,14 @@ class BaseAuthedController extends BaseController { die(); } } - /*if (myself()->_getAccountId() == '6513_2006_DamQi5nhRX4iDiloUbbx5XN36syWTJvC') { - phpcommon\sendError(1003, 'session expiration'); - die(); - }*/ + if (SERVER_ENV == _ONLINE) { + if (phpcommon\cmpVersion(getReqVal('_version', ''), '0.2.0') > 0) { + if (!$this->isWhiteList() || myself()->_getChannel() != BC_CHANNEL) { + phpcommon\sendError(1002, ''); + die(); + } + } + } } protected function updateSession($accountId, $sessionId)