关于接口的统一验证

核心基类调用统一验证：

<?php
namespace App\Controller;
use FrameWork\Lib\Controller;
use FrameWork\Extend\DES;

/**
* 控制器到父类做一些公共到业务处理
* Class CommonController
* @package App\Controller
*/
class CommonController extends Controller{

public $_data = [];

public function __construct( )
{

//common控制器不允许直接访问
if( __CONTROLLER__ == 'Common' ){
exit('not allow access');
}

//执行父类的构造方法
parent::__construct();

//获取参数
$this -> _data = getAllParam( func_get_args() );

//过滤url参数
$this -> _data = html_encode(array_merge( $_GET , $_POST , $this -> _data ));

//清空数据，控制器不允许使用 get post 防止，xss攻击等
unset( $_POST );
unset( $_GET );
$_POST = null;
$_GET = null;

//部分方法不需要自动去调用实例化
//格式 index/index 控制器/方法名
$not_check_param_action = [
'Index/index'
];
//        var_dump(111);exit;

//        $this -> checkSign();

//        var_dump( __CONTROLLER__ .'/'.__ACTION__);exit;

$not_check_param_action = array_map( 'strtolower' , $not_check_param_action );

//        var_dump(( __ACTION__ ));exit;

//        自动去调用检查参数的类
if( !in_array( strtolower(__CONTROLLER__ .'/'.__ACTION__) , $not_check_param_action   ) ){
//            拼装检查参数类
$check_controller = __CONTROLLER__. 'Param';
//            var_dump($check_controller);exit;

//找到对应的方法
$check_action = __ACTION__ ;

//反射检查参数类
$ReflectionClass = new \ReflectionClass( 'App\Param\\'.$check_controller);

//获取检查参数的方法
$ReflectionMethod = $ReflectionClass->getMethod($check_action);

//实例化格式化类
$Instance = $ReflectionClass->newInstance();

//格式化数据类型
$arr['data'] = $ReflectionMethod->invokeArgs( $Instance , array($this ->_data ) );
dump($arr);exit;
//            if( $arr ){
//
//            }
}

}

/**
* 成功的返回
* @param array $data 要返回的数据
* @param string $msg 提示信息
* @param int $status 状态值
*/
public function success( $data = [] , $msg = 'success'  , $status = 0  ){

$arr = [
'status' => $status,
'msg' => $msg,
'data' => $data
];

$this -> output( $arr );
}

/**
* 失败的返回
* @param array $data 要返回的数据
* @param string $msg 提示信息
* @param int $status 状态值
*/
public function fail(  $status = 0 , $msg = '' , $data = []  ){

$arr = [
'status' => $status,
'msg' => $msg,
'data' => $data
];

$this -> output( $arr );

}

/**
* 统一的输出
*/
public  function output( array $arr = []){

echo json_encode($arr);
exit;
}

/**
* 获取输出图片验证码的链接
*/
public function checkVcode(){
$verify_code = $this ->_data['vcode'];
session_id($this -> _data['randstr']);
session_start();
//        var_dump();
if( $verify_code == $_SESSION['vcode'] ){
$this -> success();
}else{
$this -> fail(  1000 , '验证码错误' );
}

}

/**
* 处理接收到的参数
*/
public  function checkSign( ){
//        echo md5(1) , '<hr/>' , md5('1');exit;\
//        $value = md5(1);
//        var_dump( in_array( $value , C('APP_LIST') ) );
//        exit;
//        dump(C('APP_LIST.c4ca4238a0b923820dcc509a6f75849b'));exit;
if(  !empty( $this -> _data['data'] ) ){

$conf = array(
//des加密的密钥
'des_secret_key' => 'abcd',
//des加密的需要的iv
'des_secret_iv' => '44542858',
);
//            $encrypt_data = DES::encode( json_encode(  $param  ) , $conf['des_secret_key'] , $conf['des_secret_iv']);
$decode = Des::decode($this -> _data['data'] ,  $conf['des_secret_key'] , $conf['des_secret_iv'] );

//服务端验签
$decode = json_decode( $decode , true );

dump($decode);exit;

ksort( $decode );
$decode['user_name'] ='lisi';

$sign_str = md5( json_encode( $decode ) . C('APP_KEY') );

if( $sign_str != $this -> _data['sign'] ){
$this->fail( 1000 , '验签失败');
}

}
//
}
}

    检测接口参数的基类

<?php
namespace App\Param;
use App\Status\ParamStatus as Param;
/**
* 缺少参数的提示
*/
class BaseCheck
{

/**
* 根据模块检测是否缺少参数
*/
public function checkParam(&$data, $template)
{
//遍历判断是否传递必须参数,并且对参数进行强制类型转换
foreach ($template as $key => $value) {

//必传参数缺少
if ($value['is_must'] == 1) {
if (!isset($data[$key])) {
$error = array('mark' => $value['error'] , 'msg' => $value['error_msg'] );
break;
} else {
//强制类型转换
$this -> f( $value['type'] , $data[$key] );
if ( !empty( $value['enum_array'] ) && !in_array($data[$key], $value['enum_array'])) {
// $error = array('mark' => Param::PARAM_ERROR, 'msg' => sprintf(Param::PARAM_ERROR_MSG, $key));
$error = array('mark' => $value['error'] , 'msg' => $value['error_msg'] );
break;
}
}
}else{
if( isset( $data[$key] ) ){
//强制类型转换
$this -> f( $value['type'] , $data[$key] );

//参数是否正确
if ( !empty( $value['enum_array'] ) && !in_array($data[$key], $value['enum_array'])) {
// $error = array('mark' => 1, 'msg' => sprintf(Param::PARAM_ERROR_MSG, $key));
$error = array('mark' => $value['error'] , 'msg' => $value['error_msg'] );
break;
}else{
$error = array('mark' => 0, 'msg' => 'ok' );
}
}else{
$error = array('mark' => 0, 'msg' => 'ok2' );
continue;
}
}
}

return $error;
}

/**
* 按照定义格式格式化参数
* @param unknown $f
* @param unknown $val
*/
private function f(&$f,&$val){

switch (strtoupper($f)){
case 'PASS' :;break;
case 'I': $val = intval($val);break;
case 'S': $val = strval($val);break;
case 'F': $val = floatval($val);break;
case 'D': $val = doubleval($val);break;
case 'T10': $val = (string) $val;break;
case 'T13': $val = (string) $val * 1000 ;break;
case 'DOC2X' : $val = decimalFormat( $val , 2 );break;
case 'DOC4X' : $val = decimalFormat( $val , 4 );break;
case 'DOC6X' : $val = decimalFormat( $val , 6 );break;
case 'DOC8X' : $val = decimalFormat( $val , 8 );break;
}
}

}对应接口对于的检测类，通过定义模版验证基类

<?php
namespace App\Param;
use App\Param\BaseCheck;
use App\Status\UserStatus;

/**
* Class UserParam
* @package App\Param
*/
final class UserParam extends BaseCheck{

function login( $data = [] ){

$check_param_template = array(

/**
* type 表示类型
* is_must 表示是否必须[1、必须]
* enum 表示参数必须在数组的值之中
*/
'user_name' => array(
'type' => 's',
'is_must' => 1,
'error'=> UserStatus::USER_NAME_IS_NULL,
'error_msg'=>UserStatus::USER_NAME_IS_NULL_MSG,
),
'psd' => array(
'type' => 'i',
'is_must' => 1 ,
'enum_array' =&
4000
gt; array(
),
'error'=> UserStatus::USER_PSD_IS_NULL,
'error_msg'=>UserStatus::USER_PSD_IS_NULL_MSG,
),'sex' => array(
'type' => 'i',
'is_must' =>0 ,
'enum_array' => array(
),
'error'=> '12',
'error_msg'=>'性别不能为空',
),
'status' => array(
'type' => 'i',
'is_must' => 0 ,
'enum_array' => array(
1,2
),
'error'=> UserStatus::NAME_STATUS_IS_ERROR,
'error_msg'=>UserStatus::NAME_STATUS_IS_ERROR_MSG,
)
);

return  $this -> checkParam( $data , $check_param_template );

}

}