From af739cbe44d2b8ef146a0cefdfd83151571d409a Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Thu, 24 Nov 2022 10:27:19 +0800 Subject: [PATCH 1/4] 1 --- third_party/phpcommon | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/third_party/phpcommon b/third_party/phpcommon index 571b6c46..daad845e 160000 --- a/third_party/phpcommon +++ b/third_party/phpcommon @@ -1 +1 @@ -Subproject commit 571b6c46137597d3bede13989e284130a070bea0 +Subproject commit daad845e894ca033c4fdd31c9c6f39e1e4040f02 From 6e94e5248b6c5f57ea49a347f35e24fffcf0f1e7 Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Thu, 24 Nov 2022 10:31:45 +0800 Subject: [PATCH 2/4] 1 --- webapp/controller/BaseAuthedController.class.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/webapp/controller/BaseAuthedController.class.php b/webapp/controller/BaseAuthedController.class.php index 1b902984..7c4efcf9 100644 --- a/webapp/controller/BaseAuthedController.class.php +++ b/webapp/controller/BaseAuthedController.class.php @@ -63,6 +63,10 @@ class BaseAuthedController extends BaseController { phpcommon\sendError(1003, 'session expiration'); die(); }*/ + if (phpcommon\cmpVersion(getReqVal('_version', ''), '0.2.0') > 0) { + phpcommon\sendError(1002, ''); + die(); + } } protected function updateSession($accountId, $sessionId) From d69efe9b53a5409534c3ca23ea3a64684f885a29 Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Thu, 24 Nov 2022 10:34:47 +0800 Subject: [PATCH 3/4] 1 --- webapp/controller/BaseAuthedController.class.php | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/webapp/controller/BaseAuthedController.class.php b/webapp/controller/BaseAuthedController.class.php index 7c4efcf9..4262f686 100644 --- a/webapp/controller/BaseAuthedController.class.php +++ b/webapp/controller/BaseAuthedController.class.php @@ -59,13 +59,11 @@ class BaseAuthedController extends BaseController { die(); } } - /*if (myself()->_getAccountId() == '6513_2006_DamQi5nhRX4iDiloUbbx5XN36syWTJvC') { - phpcommon\sendError(1003, 'session expiration'); - die(); - }*/ - if (phpcommon\cmpVersion(getReqVal('_version', ''), '0.2.0') > 0) { - phpcommon\sendError(1002, ''); - die(); + if (SERVER_ENV == _ONLINE) { + if (phpcommon\cmpVersion(getReqVal('_version', ''), '0.2.0') > 0) { + phpcommon\sendError(1002, ''); + die(); + } } } From a848c90efb75aeaecbb39f7b02d8e6721f669396 Mon Sep 17 00:00:00 2001 From: aozhiwei Date: Thu, 24 Nov 2022 10:42:24 +0800 Subject: [PATCH 4/4] 1 --- .../controller/BaseAuthedController.class.php | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/webapp/controller/BaseAuthedController.class.php b/webapp/controller/BaseAuthedController.class.php index 4262f686..e95fa366 100644 --- a/webapp/controller/BaseAuthedController.class.php +++ b/webapp/controller/BaseAuthedController.class.php @@ -33,6 +33,18 @@ class BaseAuthedController extends BaseController { private $sessionId = ''; private $mysqlConn = null; + private function isWhiteList() + { + $whiteList = array( + '0x875835829e95fe87e53a2dfcfd9860a735b70754', + '0x11299400d87f24e79af8cb8cc5661792bea45300', + '0x898a887fa574dd0297f202d66d5a65787acc1316', + '0x9b703a5a094df5b1ba4f3dec15810f7c708e31fa', + '0xef59f6cc4d190a0ae576c46d4583e92b61174340' + ); + return in_array(myself()->_getOpenId(), $whiteList); + } + public function _handlePre() { $this->accountId = getReqVal('account_id', ''); @@ -61,8 +73,10 @@ class BaseAuthedController extends BaseController { } if (SERVER_ENV == _ONLINE) { if (phpcommon\cmpVersion(getReqVal('_version', ''), '0.2.0') > 0) { - phpcommon\sendError(1002, ''); - die(); + if (!$this->isWhiteList() || myself()->_getChannel() != BC_CHANNEL) { + phpcommon\sendError(1002, ''); + die(); + } } } }