nizongfeng
/
ZZWX
1
0
Vork 0
Code Kwesties 0 Pull-aanvragen 0 Publicaties 0 Wiki Activiteit
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
38 MiB
 
 
 
 
 
 
Tree: a9d2062c20
Branches Labels
${ item.name }
Maak branch ${ searchTerm }
van 'a9d2062c20'
${ noResults }
ZZWX/wx/common/service/geetest/GeetestService.php

311 regels
8.6 KiB
Ruw Blame Geschiedenis 

  1. <?php

  2. 

  3. namespace common\service\geetest;

  4. 

  5. use common\util\Util;

  6. 

  7. /**

  8.  * 极验行为式验证安全平台,php 网站主后台包含的库文件

  9.  *

  10.  * @author Tanxu

  11.  */

  12. class GeetestService

  13. {

  14.     const GT_SDK_VERSION = 'php_3.0.0';

  15. 

  16.     public static $connectTimeout = 1;

  17.     public static $socketTimeout = 1;

  18. 

  19.     private $response;

  20. 

  21.     public function __construct()

  22.     {

  23.         $siteConfig = Util::getSiteConfig();

  24.         $captcha_id = $siteConfig['geetest']['id'];

  25.         $private_key = $siteConfig['geetest']['key'];

  26.         $this->captcha_id = $captcha_id;

  27.         $this->private_key = $private_key;

  28.     }

  29. 

  30.     /**

  31.      * 判断极验服务器是否down机

  32.      *

  33.      * @param array $data

  34.      * @return int

  35.      */

  36.     public function pre_process($param, $new_captcha = 1)

  37.     {

  38.         $data = array('gt' => $this->captcha_id,

  39.             'new_captcha' => $new_captcha

  40.         );

  41.         $data = array_merge($data, $param);

  42.         $query = http_build_query($data);

  43.         $url = "http://api.geetest.com/register.php?" . $query;

  44.         $challenge = $this->send_request($url);

  45.         if (strlen($challenge) != 32) {

  46.             $this->failback_process();

  47.             return 0;

  48.         }

  49.         $this->success_process($challenge);

  50.         return 1;

  51.     }

  52. 

  53.     /**

  54.      * @param $challenge

  55.      */

  56.     private function success_process($challenge)

  57.     {

  58.         $challenge = md5($challenge . $this->private_key);

  59.         $result = array(

  60.             'success' => 1,

  61.             'gt' => $this->captcha_id,

  62.             'challenge' => $challenge,

  63.             'new_captcha' => 1

  64.         );

  65.         $this->response = $result;

  66.     }

  67. 

  68.     /**

  69.      *

  70.      */

  71.     private function failback_process()

  72.     {

  73.         $rnd1 = md5(rand(0, 100));

  74.         $rnd2 = md5(rand(0, 100));

  75.         $challenge = $rnd1 . substr($rnd2, 0, 2);

  76.         $result = array(

  77.             'success' => 0,

  78.             'gt' => $this->captcha_id,

  79.             'challenge' => $challenge,

  80.             'new_captcha' => 1

  81.         );

  82.         $this->response = $result;

  83.     }

  84. 

  85.     /**

  86.      * @return mixed

  87.      */

  88.     public function get_response_str()

  89.     {

  90.         return json_encode($this->response);

  91.     }

  92. 

  93.     /**

  94.      * 返回数组方便扩展

  95.      *

  96.      * @return mixed

  97.      */

  98.     public function get_response()

  99.     {

  100.         return $this->response;

  101.     }

  102. 

  103.     /**

  104.      * 正常模式获取验证结果

  105.      *

  106.      * @param string $challenge

  107.      * @param string $validate

  108.      * @param string $seccode

  109.      * @param array $param

  110.      * @return int

  111.      */

  112.     public function success_validate($challenge, $validate, $seccode, $param, $json_format = 1)

  113.     {

  114.         if (!$this->check_validate($challenge, $validate)) {

  115.             return 0;

  116.         }

  117.         $query = array(

  118.             "seccode" => $seccode,

  119.             "timestamp" => time(),

  120.             "challenge" => $challenge,

  121.             "captchaid" => $this->captcha_id,

  122.             "json_format" => $json_format,

  123.             "sdk" => self::GT_SDK_VERSION

  124.         );

  125.         $query = array_merge($query, $param);

  126.         $url = "http://api.geetest.com/validate.php";

  127.         $codevalidate = $this->post_request($url, $query);

  128.         $obj = json_decode($codevalidate, true);

  129.         if ($obj === false) {

  130.             return 0;

  131.         }

  132.         if ($obj['seccode'] == md5($seccode)) {

  133.             return 1;

  134.         } else {

  135.             return 0;

  136.         }

  137.     }

  138. 

  139.     /**

  140.      * 宕机模式获取验证结果

  141.      *

  142.      * @param $challenge

  143.      * @param $validate

  144.      * @param $seccode

  145.      * @return int

  146.      */

  147.     public function fail_validate($challenge, $validate, $seccode)

  148.     {

  149.         if (md5($challenge) == $validate) {

  150.             return 1;

  151.         } else {

  152.             return 0;

  153.         }

  154.     }

  155. 

  156.     /**

  157.      * @param $challenge

  158.      * @param $validate

  159.      * @return bool

  160.      */

  161.     private function check_validate($challenge, $validate)

  162.     {

  163.         if (strlen($validate) != 32) {

  164.             return false;

  165.         }

  166.         if (md5($this->private_key . 'geetest' . $challenge) != $validate) {

  167.             return false;

  168.         }

  169. 

  170.         return true;

  171.     }

  172. 

  173.     /**

  174.      * GET 请求

  175.      *

  176.      * @param $url

  177.      * @return mixed|string

  178.      */

  179.     private function send_request($url)

  180.     {

  181. 

  182.         if (function_exists('curl_exec')) {

  183.             $ch = curl_init();

  184.             curl_setopt($ch, CURLOPT_URL, $url);

  185.             curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, self::$connectTimeout);

  186.             curl_setopt($ch, CURLOPT_TIMEOUT, self::$socketTimeout);

  187.             curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

  188.             $curl_errno = curl_errno($ch);

  189.             $data = curl_exec($ch);

  190.             curl_close($ch);

  191.             if ($curl_errno > 0) {

  192.                 return 0;

  193.             } else {

  194.                 return $data;

  195.             }

  196.         } else {

  197.             $opts = array(

  198.                 'http' => array(

  199.                     'method' => "GET",

  200.                     'timeout' => self::$connectTimeout + self::$socketTimeout,

  201.                 )

  202.             );

  203.             $context = stream_context_create($opts);

  204.             $data = @file_get_contents($url, false, $context);

  205.             if ($data) {

  206.                 return $data;

  207.             } else {

  208.                 return 0;

  209.             }

  210.         }

  211.     }

  212. 

  213.     /**

  214.      *

  215.      * @param       $url

  216.      * @param array $postdata

  217.      * @return mixed|string

  218.      */

  219.     private function post_request($url, $postdata = '')

  220.     {

  221.         if (!$postdata) {

  222.             return false;

  223.         }

  224. 

  225.         $data = http_build_query($postdata);

  226.         if (function_exists('curl_exec')) {

  227.             $ch = curl_init();

  228.             curl_setopt($ch, CURLOPT_URL, $url);

  229.             curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

  230.             curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, self::$connectTimeout);

  231.             curl_setopt($ch, CURLOPT_TIMEOUT, self::$socketTimeout);

  232. 

  233.             //不可能执行到的代码

  234.             if (!$postdata) {

  235.                 curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);

  236.             } else {

  237.                 curl_setopt($ch, CURLOPT_POST, 1);

  238.                 curl_setopt($ch, CURLOPT_POSTFIELDS, $data);

  239.             }

  240.             $data = curl_exec($ch);

  241. 

  242.             if (curl_errno($ch)) {

  243.                 $err = sprintf("curl[%s] error[%s]", $url, curl_errno($ch) . ':' . curl_error($ch));

  244.                 $this->triggerError($err);

  245.             }

  246. 

  247.             curl_close($ch);

  248.         } else {

  249.             if ($postdata) {

  250.                 $opts = array(

  251.                     'http' => array(

  252.                         'method' => 'POST',

  253.                         'header' => "Content-type: application/x-www-form-urlencoded\r\n" . "Content-Length: " . strlen($data) . "\r\n",

  254.                         'content' => $data,

  255.                         'timeout' => self::$connectTimeout + self::$socketTimeout

  256.                     )

  257.                 );

  258.                 $context = stream_context_create($opts);

  259.                 $data = file_get_contents($url, false, $context);

  260.             }

  261.         }

  262. 

  263.         return $data;

  264.     }

  265. 

  266. 

  267.     /**

  268.      * @param $err

  269.      */

  270.     private function triggerError($err)

  271.     {

  272.         trigger_error($err);

  273.     }

  274. 

  275.     /**

  276.      * Des:

  277.      * Name: checkGee

  278.      * @param $geetest_challenge

  279.      * @param $geetest_validate

  280.      * @param $geetest_seccode

  281.      * @return array

  282.      * @author 倪宗锋

  283.      */

  284.     public function checkGee($geetest_challenge, $geetest_validate, $geetest_seccode)

  285.     {

  286.         if (empty($geetest_challenge) || empty($geetest_validate) || empty($geetest_seccode)) {

  287.             return Util::returnArrEr('请先完成验证!');

  288.         }

  289.         session_start();

  290.         $data = array(

  291.             "user_id" => $_SESSION['user_id'], # 网站用户id

  292.             "client_type" => "web", #web:电脑上的浏览器;h5:手机上的浏览器,包括移动应用内完全内置的web_view;native:通过原生SDK植入APP应用的方式

  293.             "ip_address" => "127.0.0.1" # 请在此处传输用户请求验证时所携带的IP

  294.         );

  295.         if ($_SESSION['gtserver'] == 1) {   //服务器正常

  296.             $result = $this->success_validate($geetest_challenge, $geetest_validate, $geetest_seccode, $data);

  297.             if ($result) {

  298.                 return Util::returnArrSu();

  299.             } else {

  300.                 return Util::returnArrEr('请先完成验证!');

  301.             }

  302.         } else {  //服务器宕机,走failback模式

  303.             if ($this->fail_validate($_POST['geetest_challenge'], $_POST['geetest_validate'], $_POST['geetest_seccode'])) {

  304.                 return Util::returnArrSu();

  305.             } else {

  306.                 return Util::returnArrEr('请先完成验证!');

  307.             }

  308.         }

  309.     }

  310. }