gary_wms/wms/IncludeCommon.php

<?php
class IncludeCommon
{
	function CheckToken($token) {
		date_default_timezone_set("Asia/Taipei");
		$encryption_code = "MASADA!^***";
		$time = date("Y-m-d H:i:s");

		if (!isset($token) || empty($token)) {
			$data['code'] = '400';
			$data['message'] = '非法请求';
			return $data;
		}
		//对比token
		$explode = explode('.', $token); //以.分割token为数组
		if (!empty($explode[0]) && !empty($explode[1]) && !empty($explode[2]) && !empty($explode[3]) && !empty($explode[4])) {
			$info = $explode[0] . '.' . $explode[1] . '.' . $explode[2] . '.' . $explode[3]; //信息部分
			$true_signature = hash_hmac('md5', $info, $encryption_code); //正确的签名
			if ($time > $explode[3]) {
				$data['user_id'] = '';
				$data['code'] = '401';
				$data['message'] = 'Token已过期,请重新登录';
				return $data;
			}
			if (($true_signature == $explode[4])) {
				$data['user_id'] = $explode[0];
				$data['code'] = '200';
				$data['message'] = 'Token合法';
				return $data;
			} else {
				$data['user_id'] = '';
				$data['code'] = '400';
				$data['message'] = 'Token不合法';
				return $data;
			}
		} else {
			$data['user_id'] = '';
			$data['code'] = '400';
			$data['message'] = 'Token不合法';
			return $data;
		}
	}
//生成登录记录
	function save_log_response($source_flag='web', $account, $response_result){
		# 储存纪录并输出
		#echo date("Y-m-d");
		$file_path = "account_log/" . $account . "-" . date("Y-m-d") . ".ini";
		$data = serialize($response_result). date("H:i:s") . "\n";
		$fp = fopen($file_path,"a"); # 如果档案不存在择尝试建立再写入
		fwrite($fp, $data);
		fclose($fp);
		if ($source_flag == "web"){
//			header("Location: custom-create.php?function_list=" . serialize($response_result) .
//				"&token=" . $response_result["token"]); #请输入使用者名称密码
//			exit();
			return true;
		}else{
//			echo json_encode($response_result, JSON_UNESCAPED_UNICODE);
			return false;
		}

		/*
		if ($source_flag == "app"){
			echo json_encode($response_result, JSON_UNESCAPED_UNICODE);
		}elseif ($source_flag == "web"){
			header("Location: api-account-reply-functions.php?function_list=" . serialize($response_result) .
			"&token=" . $response_result["token"]); #请输入使用者名称密码
			exit();
		}
		*/
	}

//生成token
	function CreateToken($user_id, $user_name) {
		date_default_timezone_set("Asia/Taipei");
		$start_time = date("Y-m-d H:i:s");
		$end_time = date('Y-m-d H:i:s',strtotime('+24 hour')); #设定24小时
		$info = $user_id . '.' . base64_encode(urlencode($user_name)) . '.' . $start_time . '.' . $end_time; //设置token过期时间为一天
		$encryption_code = "MASADA!^***";
		//根据以上信息信息生成签名（密钥为 SIGNATURE 自定义全局常量)
		$signature = hash_hmac('md5', $info, $encryption_code);
		//最后将这两部分拼接起来，得到最终的Token字符串
		return $token = $info . '.' . $signature;
	}
//生成菜单

    /**
     * 將模擬帳號寫入token
     */
    function FakeToken($fake_user_id, $token) {
        date_default_timezone_set("Asia/Taipei");
        $encryption_code = "MASADA!^***";
        $time = date("Y-m-d H:i:s");
        $explode = explode('.', $token);
        $info = $fake_user_id . '.' . $explode[1] . '.' . $explode[2] . '.' . $explode[3];  // 欲模擬帳號.本人帳號.有效開始時間.失效時間
        $signature = hash_hmac('md5', $info, $encryption_code);
        return $token = $info . '.' . $signature;
    }

	function menu ($from='tw',$type){
		$function_type = array(
			"tw" => array(
				# F角色菜单
				"F" => array(
					"language" => "tw",
					"type" => "manage",
					"list" => array(
						array("name" => "批量导入", "path" => "http://192.168.0.12/wms/excel-upload"),
					),
					"note" => "none",
					"token" => ""
				),
			)
		);
        

		 return  $function_type[$from][$type];

	}

    /**
     * 依帳號類別檢視功能目錄
     */
    function menu_v2($atype="") {
        global $link;

        if (!$atype) return;
        $sql = "select main_menu, sub_menu, sub_menu_eng, mlink from menu where accounttype = '$atype' and status = 'Y' order by main_menu_seq, sub_menu_seq";
        $res = mysqli_query($link, $sql);
        while ($row = mysqli_fetch_assoc($res)) {
            $arr[$row["main_menu"]][$row["sub_menu"]][$row["sub_menu_eng"]] = $row["mlink"];
        }
        mysqli_free_result($res);
        $str = json_encode($arr, JSON_UNESCAPED_UNICODE);
        return $str;
    }

    /**
     * 依帳號檢視功能目錄
     * 管理者可看到全部選單
     * 其餘人員依account_auth決定可檢視的選單
     */
    function menu_v3($aid="", $accounttype) {
        global $link;

        if (!$aid) return;
        $str = "";
        $arr = $menu_arr = [];

        $sql_cmd = ($accounttype == "E") ? "" : "where status = 'Y'";
        $sql = "select main_menu, sub_menu, sub_menu_eng, mlink from menu $sql_cmd order by main_menu_seq, sub_menu_seq";
     
        $res = mysqli_query($link, $sql);
        while ($row = mysqli_fetch_assoc($res)) {
            $menu_arr[$row["mlink"]]["main_menu"] = $row["main_menu"];
            $menu_arr[$row["mlink"]]["sub_menu"] = $row["sub_menu"];
            $menu_arr[$row["mlink"]]["sub_menu_eng"] = $row["sub_menu_eng"];
        }
        mysqli_free_result($res);

        $sql = "select permission from account_auth where accountid = '$aid'";
        $res = mysqli_query($link, $sql);
        $row = mysqli_fetch_row($res);
        $permission = empty($row)? json_encode([]): $row[0];  // $permission = $row[0]; //P0044 修改于2023/6/13 16:30
	     
        $permission_arr = json_decode($permission, true);
        foreach ($menu_arr as $key => $val) {
            if (($accounttype == "E") || !empty($permission_arr[$key])) {
                $arr[$val["main_menu"]][$val["sub_menu"]][$val["sub_menu_eng"]] = $key;
            }
        }
        if (!empty($arr)) $str = json_encode($arr, JSON_UNESCAPED_UNICODE);
        /*
        if ($permission_arr) {
            foreach ($menu_arr as $key => $val) {
                if ($permission_arr[$key]) {
                    $arr[$val["main_menu"]][$val["sub_menu"]][$val["sub_menu_eng"]] = $key;
                }
            }
            if (!empty($arr)) $str = json_encode($arr, JSON_UNESCAPED_UNICODE);
        }
        */
        mysqli_free_result($res);

        return $str;
        /*
        $str = "";
        $sql = "select a.id, a.accountid, m.auth_content from account a, menu_auth m where a.accountid = '$aid' and a.accountid = m.accountid and m.status = 'Y'";
        $res = mysqli_query($link, $sql);
        if ($row = mysqli_fetch_row($res)) {
            list($id, $accountid, $auth_content) = $row;
            $auth_arr = json_decode($auth_content, true);
            $menuid_arr = array_keys($auth_arr);
            if ($menuid_arr) {
                $arr = [];
                $menuid_str = implode(",", $menuid_arr);
                $sql2 = "select id, main_menu, sub_menu, sub_menu_eng, link from menu_tree where id in ($menuid_str) and status = 'Y' order by main_menu_seq, sub_menu_seq";
                $res2 = mysqli_query($link, $sql2);
                while ($row2 = mysqli_fetch_assoc($res2)) {
                    $arr[$row2["main_menu"]][$row2["sub_menu"]][$row2["sub_menu_eng"]] = $row2["link"]; // R+W
                    if ($auth_arr[$row2["id"]] == "N") $arr[$row2["main_menu"]][$row2["sub_menu"]][$row2["sub_menu_eng"]] = "";//"/wms/forbidden.php"; // R
                }
                mysqli_free_result($res2);
                $str = json_encode($arr, JSON_UNESCAPED_UNICODE);
            }
        }
        mysqli_free_result($res);

        return $str;
        */
    }
}