$explode[3]) { $data['user_id'] = ''; $data['code'] = '401'; $data['message'] = 'Token已过期,请重新登录'; return $data; } if (($true_signature == $explode[4])) { $data['user_id'] = $explode[0]; $data['code'] = '200'; $data['message'] = 'Token合法'; return $data; } else { $data['user_id'] = ''; $data['code'] = '400'; $data['message'] = 'Token不合法'; return $data; } } else { $data['user_id'] = ''; $data['code'] = '400'; $data['message'] = 'Token不合法'; return $data; } } //生成登录记录 function save_log_response($source_flag='web', $account, $response_result){ # 储存纪录并输出 #echo date("Y-m-d"); $file_path = "account_log/" . $account . "-" . date("Y-m-d") . ".ini"; $data = serialize($response_result). date("H:i:s") . "\n"; $fp = fopen($file_path,"a"); # 如果档案不存在择尝试建立再写入 fwrite($fp, $data); fclose($fp); if ($source_flag == "web"){ // header("Location: custom-create.php?function_list=" . serialize($response_result) . // "&token=" . $response_result["token"]); #请输入使用者名称密码 // exit(); return true; }else{ // echo json_encode($response_result, JSON_UNESCAPED_UNICODE); return false; } /* if ($source_flag == "app"){ echo json_encode($response_result, JSON_UNESCAPED_UNICODE); }elseif ($source_flag == "web"){ header("Location: api-account-reply-functions.php?function_list=" . serialize($response_result) . "&token=" . $response_result["token"]); #请输入使用者名称密码 exit(); } */ } //生成token function CreateToken($user_id, $user_name) { date_default_timezone_set("Asia/Taipei"); $start_time = date("Y-m-d H:i:s"); $end_time = date('Y-m-d H:i:s',strtotime('+24 hour')); #设定24小时 $info = $user_id . '.' . base64_encode(urlencode($user_name)) . '.' . $start_time . '.' . $end_time; //设置token过期时间为一天 $encryption_code = "MASADA!^***"; //根据以上信息信息生成签名（密钥为 SIGNATURE 自定义全局常量) $signature = hash_hmac('md5', $info, $encryption_code); //最后将这两部分拼接起来，得到最终的Token字符串 return $token = $info . '.' . $signature; } //生成菜单 /** * 將模擬帳號寫入token */ function FakeToken($fake_user_id, $token) { date_default_timezone_set("Asia/Taipei"); $encryption_code = "MASADA!^***"; $time = date("Y-m-d H:i:s"); $explode = explode('.', $token); $info = $fake_user_id . '.' . $explode[1] . '.' . $explode[2] . '.' . $explode[3]; // 欲模擬帳號.本人帳號.有效開始時間.失效時間 $signature = hash_hmac('md5', $info, $encryption_code); return $token = $info . '.' . $signature; } function menu ($from='tw',$type){ $function_type = array( "tw" => array( # F角色菜单 "F" => array( "language" => "tw", "type" => "manage", "list" => array( array("name" => "批量导入", "path" => "http://192.168.0.12/wms/excel-upload"), ), "note" => "none", "token" => "" ), ) ); return $function_type[$from][$type]; } /** * 依帳號類別檢視功能目錄 */ function menu_v2($atype="") { global $link; if (!$atype) return; $sql = "select main_menu, sub_menu, sub_menu_eng, mlink from menu where accounttype = '$atype' and status = 'Y' order by main_menu_seq, sub_menu_seq"; $res = mysqli_query($link, $sql); while ($row = mysqli_fetch_assoc($res)) { $arr[$row["main_menu"]][$row["sub_menu"]][$row["sub_menu_eng"]] = $row["mlink"]; } mysqli_free_result($res); $str = json_encode($arr, JSON_UNESCAPED_UNICODE); return $str; } /** * 依帳號檢視功能目錄 * 管理者可看到全部選單 * 其餘人員依account_auth決定可檢視的選單 */ function menu_v3($aid="", $accounttype) { global $link; if (!$aid) return; $str = ""; $arr = $menu_arr = []; $sql_cmd = ($accounttype == "E") ? "" : "where status = 'Y'"; $sql = "select main_menu, sub_menu, sub_menu_eng, mlink from menu $sql_cmd order by main_menu_seq, sub_menu_seq"; $res = mysqli_query($link, $sql); while ($row = mysqli_fetch_assoc($res)) { $menu_arr[$row["mlink"]]["main_menu"] = $row["main_menu"]; $menu_arr[$row["mlink"]]["sub_menu"] = $row["sub_menu"]; $menu_arr[$row["mlink"]]["sub_menu_eng"] = $row["sub_menu_eng"]; } mysqli_free_result($res); $sql = "select permission from account_auth where accountid = '$aid'"; $res = mysqli_query($link, $sql); $row = mysqli_fetch_row($res); $permission = empty($row)? json_encode([]): $row[0]; // $permission = $row[0]; //P0044 修改于2023/6/13 16:30 $permission_arr = json_decode($permission, true); foreach ($menu_arr as $key => $val) { if (($accounttype == "E") || !empty($permission_arr[$key])) { $arr[$val["main_menu"]][$val["sub_menu"]][$val["sub_menu_eng"]] = $key; } } if (!empty($arr)) $str = json_encode($arr, JSON_UNESCAPED_UNICODE); /* if ($permission_arr) { foreach ($menu_arr as $key => $val) { if ($permission_arr[$key]) { $arr[$val["main_menu"]][$val["sub_menu"]][$val["sub_menu_eng"]] = $key; } } if (!empty($arr)) $str = json_encode($arr, JSON_UNESCAPED_UNICODE); } */ mysqli_free_result($res); return $str; /* $str = ""; $sql = "select a.id, a.accountid, m.auth_content from account a, menu_auth m where a.accountid = '$aid' and a.accountid = m.accountid and m.status = 'Y'"; $res = mysqli_query($link, $sql); if ($row = mysqli_fetch_row($res)) { list($id, $accountid, $auth_content) = $row; $auth_arr = json_decode($auth_content, true); $menuid_arr = array_keys($auth_arr); if ($menuid_arr) { $arr = []; $menuid_str = implode(",", $menuid_arr); $sql2 = "select id, main_menu, sub_menu, sub_menu_eng, link from menu_tree where id in ($menuid_str) and status = 'Y' order by main_menu_seq, sub_menu_seq"; $res2 = mysqli_query($link, $sql2); while ($row2 = mysqli_fetch_assoc($res2)) { $arr[$row2["main_menu"]][$row2["sub_menu"]][$row2["sub_menu_eng"]] = $row2["link"]; // R+W if ($auth_arr[$row2["id"]] == "N") $arr[$row2["main_menu"]][$row2["sub_menu"]][$row2["sub_menu_eng"]] = "";//"/wms/forbidden.php"; // R } mysqli_free_result($res2); $str = json_encode($arr, JSON_UNESCAPED_UNICODE); } } mysqli_free_result($res); return $str; */ } }