添加接口校验

Application/Common/Common/function.php

@@ -411,3 +411,39 @@ function S_cms($key, $field='', $column='', $sort='', $limit='')
 
 
     return $datas;
     return $datas;
 }
 }
+
+//随机生成字符串
+function createNonceStr($length = 8) 
+{
+    $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+    $str = "";
+
+    for ($i = 0; $i < $length; $i++) {
+        $str .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
+    }
+
+    return $str;
+}
+
+ /**
+  * 生成签名
+  * @param $timeStamp 时间戳
+  * @param $randomStr 随机字符串
+  * @return string 返回签名
+  */
+function createSignature($timestamp, $random)
+{
+    $arr['timestamp'] = $timestamp;
+    $arr['random']    = $random;
+    $arr['token']     = C('API_TOKEN'); // token
+      
+    sort($arr, SORT_STRING); // 按照首字母大小写顺序排序
+      
+    $str = implode($arr); // 拼接成字符串
+
+    $signature = sha1($str); // 进行加密
+     
+    return strtoupper($signature); // 转换成大写
+}
+
+

Application/Common/Conf/config.php

@@ -37,4 +37,5 @@ return array(
     'HOME_TEMPLATE_REDIS' => 'home_template_datas',
     'HOME_TEMPLATE_REDIS' => 'home_template_datas',
     'H5_HOME_TEMPLATE_REDIS' => 'h5_home_template_datas',
     'H5_HOME_TEMPLATE_REDIS' => 'h5_home_template_datas',
 
 
+    'API_TOKEN' => 'zbPx8gDXDfIh3ZoJcO4EH', // api接口token 
 );
 );
\ No newline at end of file

Application/Home/Controller/BaseController.class.php

@@ -54,4 +54,24 @@ class BaseController extends Controller
             return $data;exit;
             return $data;exit;
         }
         }
     }
     }
+
+    // 校验接口
+    protected function checkApi($request)
+    {
+        $timestamp = I('request.timestamp', '');
+        $random    = I('request.random', '');
+        $signature = I('request.signature', '');
+
+        if (!$timestamp && !$random && !$signature) return false;
+
+        if ($timestamp < time() - 300) return false;
+
+        $sign = createSignature($timestamp, $random);
+
+        if ($signature != $sign) return false; 
+
+        return true;
+    }
+
+
 }
 }
\ No newline at end of file

Application/Home/Controller/CmsController.class.php

@@ -8,6 +8,10 @@ class CmsController extends BaseController
     // 获取热门商品
     // 获取热门商品
 	public function getHotGoods()
 	public function getHotGoods()
 	{
 	{
+        $res = $this->checkApi(); // 接口校验
+
+        if ($res === false) return $this->jsonReturn(11001, '接口校验失败');
+
         $datas = $this->apiBaseCache('pc_hot_goods', '', 5); // 热门商品
         $datas = $this->apiBaseCache('pc_hot_goods', '', 5); // 热门商品
 
 
         return $this->jsonReturn(0, '', $datas['data']);
         return $this->jsonReturn(0, '', $datas['data']);
@@ -27,7 +31,7 @@ class CmsController extends BaseController
             'err_msg' => $msg,
             'err_msg' => $msg,
             'data' => $extend,
             'data' => $extend,
         );
         );
-        
+
         if(isset($_GET['callback']) && !empty($_GET['callback'])){
         if(isset($_GET['callback']) && !empty($_GET['callback'])){
             echo  $_GET['callback'].'('.json_encode($data).')';exit;
             echo  $_GET['callback'].'('.json_encode($data).')';exit;
         }else{
         }else{