1

third_party/j7

@@ -1 +1 @@
-Subproject commit 3dd3461706c389688f57b29be81db50a7c550b6c
+Subproject commit b57e9bd11bfad25775906ee002dbcb587784352c

third_party/phpcommon

@@ -1 +1 @@
-Subproject commit 571b6c46137597d3bede13989e284130a070bea0
+Subproject commit daad845e894ca033c4fdd31c9c6f39e1e4040f02

webapp/controller/BaseAuthedController.class.php

@@ -33,6 +33,18 @@ class BaseAuthedController extends BaseController {
     private $sessionId = '';
     private $mysqlConn = null;
 
+    private function isWhiteList()
+    {
+        $whiteList = array(
+            '0x875835829e95fe87e53a2dfcfd9860a735b70754',
+            '0x11299400d87f24e79af8cb8cc5661792bea45300',
+            '0x898a887fa574dd0297f202d66d5a65787acc1316',
+            '0x9b703a5a094df5b1ba4f3dec15810f7c708e31fa',
+            '0xef59f6cc4d190a0ae576c46d4583e92b61174340'
+        );
+        return in_array(myself()->_getOpenId(), $whiteList);
+    }
+
     public function _handlePre()
     {
         $this->accountId = getReqVal('account_id', '');
@@ -59,10 +71,14 @@ class BaseAuthedController extends BaseController {
                 die();
             }
         }
-        /*if (myself()->_getAccountId() == '6513_2006_DamQi5nhRX4iDiloUbbx5XN36syWTJvC') {
-            phpcommon\sendError(1003, 'session expiration');
-            die();
-            }*/
+        if (SERVER_ENV == _ONLINE) {
+            if (phpcommon\cmpVersion(getReqVal('_version', ''), '0.2.0') > 0) {
+                if (!$this->isWhiteList() || myself()->_getChannel() != BC_CHANNEL) {
+                    phpcommon\sendError(1002, '');
+                    die();
+                }
+            }
+        }
     }
 
     protected function updateSession($accountId, $sessionId)