PHP接口上传参数返回参数混淆

PHP接口上传参数返回参数混淆

大家好,又见面了,我是全栈君。

<?php

/**
 *User: 
 *Date: 2021-01-20
 */

class Myapp extends Base_Controller
{
    public function __construct()
    {
        parent::__construct();
//        $this->load->model("myiapp_model");
        $this->pkg = 'com.geekre.org';
        $this->dck = explode(',', file_get_contents('./dck.json'));
    }

    /**
     * 生成所有对应此包名的url路径
     * 上传参数key
     * 下发参数key
     * 1: aes  2: des
     */
    public function myiappAdd()
    {
        $allinfo = array();
        $jmfs = rand(1, 2);

        //获取全部url路由
        $getAlljkurl = $this->getAlljkurl();

        foreach ($getAlljkurl as $urlk => $urlv) {
            $setrandurlpath = $this->setrandurlpath();
            $allinfo[$setrandurlpath]['jmfs'] = $jmfs;
            $allinfo[$setrandurlpath]['oldurl'] = $urlv['url'];

            /**
             * 1. 上传参数
             */
            $filterparams = array();
            if (!empty($urlv['params'])) {
                foreach ($urlv['params'] as $key => $val) {
                    $currentparams = $this->setrandparams();
                    $wn2 = 0;
                    while (in_array($currentparams, $filterparams) && ($wn2 < 100)) {
                        $currentparams = $this->setrandparams();
                        $wn2++;
                    }

                    $allinfo[$setrandurlpath]['params'][$val] = $currentparams;
                    $filterparams[] = $currentparams;
                }
            } else {
                $allinfo[$setrandurlpath]['params'] = array();
            }

            /**
             * 2. 返回参数
             */
            $filterreturnparams = array();
            if (!empty($urlv['returnparams'])) {
                foreach ($urlv['returnparams'] as $key2 => $val2) {
                    $currentparams2 = $this->setrandparams();
                    $wn3 = 0;
                    while (in_array($currentparams2, $filterreturnparams) && ($wn3 < 100)) {
                        $currentparams2 = $this->setrandparams();
                        $wn3++;
                    }

                    $allinfo[$setrandurlpath]['returnparams'][$val2] = $currentparams2;
                    $filterreturnparams[] = $currentparams2;
                }
            } else {
                $allinfo[$setrandurlpath]['returnparams'] = array();
            }

            /**
             * 3.随机code  msg data
             */
            $msgarr = array('code', 'msg', 'data');
            $filterreturnmsg = array();
            foreach ($msgarr as $msgk => $msgv) {
                $currentparams3 = $this->setrandparams();
                $wn5 = 0;
                while (in_array($currentparams3, $filterreturnmsg) && ($wn5 < 100)) {
                    $currentparams3 = $this->setrandparams();
                    $wn5++;
                }

                $allinfo[$setrandurlpath]['msgparams'][$msgv] = $currentparams3;
                $filterreturnmsg[] = $currentparams3;
            }

            //随机生成垃圾字段
            //$allinfo[$setrandurlpath]['ljparams'] = array();
            //$allinfo[$setrandurlpath]['ljmsg'] = array();
            $allinfo[$setrandurlpath]['pkg'] = $this->pkg;

            /**
             * 4. 将随机生成的url生成json文件
             */
            $everyjson = json_encode($allinfo[$setrandurlpath]);
            $everydir = './oelfktjgawp3452/url/' . $setrandurlpath . '.json';
            file_put_contents($everydir, $everyjson);
        }
        //存入包名对应的json文件
        $alljson = json_encode($allinfo);
        $dir = './oelfktjgawp3452/pkg/';
        file_put_contents($dir . $this->pkg . '.json', $alljson);

        $this->show_json(array('code' => 200, 'msg' => '导入路由成功', 'data' => []));
    }

    /**
     * 给包名 追加url
     * @return bool
     * User: 
     * Date: 2021-01-21 10:57
     */
    public function appendUrl()
    {
        $pkg = $this->input->get('pkg');
        if (empty($pkg)) {
            return false;
        }
        $this->pkg = $pkg;
        //追加的时候,这个包是已经存在的包,所以这个包的json文件应该是存在的
        $pkgjsonname = './oelfktjgawp3452/pkg/' . $pkg . '.json';
        if (!file_exists($pkgjsonname)) {
            return false;
        }
        //当前这个包已经有的url
        $pkgjson = file_get_contents($pkgjsonname);
        if (!$pkgjson) {
            return false;
        }

        $pkgarr = json_decode($pkgjson, true);
        $pkgurlarr = [];
        foreach ($pkgarr as $k => $v) {
            array_push($pkgurlarr, $v['oldurl']);
        }
        $oldjmfs = isset($v['jmfs']) ? $v['jmfs'] : rand(1, 2);
        //获取目前所有的url
        $allurl = $this->getAlljkurl();

        //需要追加生成的url
        $diffurlarr = [];
        foreach ($allurl as $k => $v) {
            if (!in_array($v['url'], $pkgurlarr)) {
                array_push($diffurlarr, $v);
            }
        }
        if (empty($diffurlarr)) {
            echo "没有需要追加的路由";
            exit;
        }

        //循环生成额外的随机路由
        foreach ($diffurlarr as $urlk => $urlv) {
            $setrandurlpath = $this->setrandurlpath();

            $allinfo[$setrandurlpath]['jmfs'] = $oldjmfs; //1==aes  2==des 保持和之前的加密方式一致
            $allinfo[$setrandurlpath]['oldurl'] = $urlv['url'];
            $filterparams = array();
            if (!empty($urlv['params'])) {
                foreach ($urlv['params'] as $key => $val) {
                    $currentparams = $this->setrandparams();
                    $wn2 = 0;
                    while (in_array($currentparams, $filterparams) && ($wn2 < 100)) {
                        $currentparams = $this->setrandparams();
                        $wn2++;
                    }
                    $allinfo[$setrandurlpath]['params'][$val] = $currentparams;
                    $filterparams[] = $currentparams;
                }
            } else {
                $allinfo[$setrandurlpath]['params'] = array();
            }

            $filterreturnparams = array();
            if (!empty($urlv['returnparams'])) {
                foreach ($urlv['returnparams'] as $key2 => $val2) {
                    $currentparams2 = $this->setrandparams();
                    $wn3 = 0;
                    while (in_array($currentparams2, $filterreturnparams) && ($wn3 < 100)) {
                        $currentparams2 = $this->setrandparams();
                        $wn3++;
                    }
                    $allinfo[$setrandurlpath]['returnparams'][$val2] = $currentparams2;
                    $filterreturnparams[] = $currentparams2;
                }
            } else {
                $allinfo[$setrandurlpath]['returnparams'] = array();
            }

            //随机code  msg data
            $msgarr = array('code', 'msg', 'data');
            $filterreturnmsg = array();
            foreach ($msgarr as $msgk => $msgv) {
                $currentparams3 = $this->setrandparams();
                $wn5 = 0;
                while (in_array($currentparams3, $filterreturnmsg) && ($wn5 < 100)) {
                    $currentparams3 = $this->setrandparams();
                    $wn5++;
                }
                $allinfo[$setrandurlpath]['msgparams'][$msgv] = $currentparams3;
                $filterreturnmsg[] = $currentparams3;
            }

            //随机生成垃圾字段
            //$allinfo[$setrandurlpath]['ljparams'] = array();
            //$allinfo[$setrandurlpath]['ljmsg'] = array();
            $allinfo[$setrandurlpath]['pkg'] = $pkg;

            //将随机生成的url生成json文件
            $everyjson = json_encode($allinfo[$setrandurlpath]);
            $everydir = './oelfktjgawp3452/url/' . $setrandurlpath . '.json';
            file_put_contents($everydir, $everyjson);
        }

        //将pkg目录下的对应的json文件备份,并将追加的路由写入文件
        $pkgdir = './oelfktjgawp3452/pkg/';
        //创建备份目录
        $bakdir = $pkgdir . 'bak/';
        $res = true;
        if (!file_exists($bakdir) && !is_dir($bakdir)) {
            $res = mkdir($bakdir, 0777, true);
        }

        //pkg 目录下的json文件
        $pkgfilejson = $pkgdir . $pkg . '.json';

        if (file_exists($pkgfilejson) && $res) {
            $bakfilename = $bakdir . $pkg . date('YmdHis') . '.json';
            $jsonstr = file_get_contents($pkgfilejson);
            $jsonarr = json_decode($jsonstr, true);
            foreach ($allinfo as $k => $v) {
                $jsonarr[$k] = $v;
            }
            if (rename($pkgfilejson, $bakfilename)) {
                $r = file_put_contents($pkgfilejson, json_encode($jsonarr));
            }
            if ($r) {
                echo "成功写入文件,文件名为" . $pkgfilejson;
                die();
            }
        }
        echo "写入文件失败";
        die();
    }

    //生成随机参数
    public function setrandparams()
    {
        $arr = $this->dck;
        $count = count($arr) - 1;
        $params = $arr[rand(0, $count)];
        unset($arr);
        return $params;
    }


    //全部需要加密混淆的url参数
    public function getAlljkurl()
    {
        $res = array(
            array(
                'url' => 'v1/user/register ',
                'params' => array(
                    'email', 'password'
                ),
                'returnparams' => array(
                    'data'
                ),
            ),
            array(
                'url' => 'v1/user/login ',
                'params' => array(
                    'email', 'password'
                ),
                'returnparams' => array(
                    'data'
                ),
            ),
            array(
                'url' => 'v1/user/view ',
                'params' => array(
                    'username', 'email', 'token'
                ),
                'returnparams' => array(
                    'data'
                ),
            ),

        );

        return $res;
    }

    //生成随机路径
    public function setrandurlpath()
    {
        $arr = $this->dck;
        $count = count($arr) - 1;
        $prev = $arr[rand(0, $count)];
        $urlpath = $prev;
        $pkgarr = explode('.', $this->pkg);
        unset($pkgarr[0]);
        shuffle($pkgarr);

        $pkgcount = count($pkgarr) - 1;
        $pkgcount = ($pkgcount > 4) ? 4 : $pkgcount;
        $dircount = rand(0, $pkgcount);
        for ($i = 0; $i <= $dircount; $i++) {
            $name = $pkgarr[$i];
            $urlpath .= '-' . $name;
        }
        $urlpath = trim($urlpath, '-');
        $urlarr = explode('-', $urlpath);
        shuffle($urlarr);
        $urlpath = implode('-', $urlarr);
        unset($arr);
        //$this->show_json(array($urlpath));
        return $urlpath;
    }
}

实现效果:

PHP接口上传参数返回参数混淆

 

数据字典文件 点击下载  dck.json

版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。

发布者:全栈程序员-用户IM,转载请注明出处:https://javaforall.cn/111597.html原文链接:https://javaforall.cn

【正版授权,激活自己账号】: Jetbrains全家桶Ide使用,1年售后保障,每天仅需1毛

【官方授权 正版激活】: 官方授权 正版激活 支持Jetbrains家族下所有IDE 使用个人JB账号...

(0)


相关推荐

  • CSS样式表的引入方式

    CSS样式表的引入方式CSS初识CSS(CascadingStyleSheets)美化样式CSS通常称为CSS样式表或层叠样式表(级联样式表),主要用于设置HTML页面中的文本内容(字体、大小、对齐方式等)、图片的外形(宽高、边框样式、边距等)以及版面的布局等外观显示样式。CSS以HTML为基础,提供了丰富的功能,如字体、颜色、背景的控制及整体排版等CSS的优点1.内容与表现分离。2.网页的表现统一,容易修改。3.丰富的样式,使得页面布局更加灵活4.减少网页的代码量,增加网页的浏览速度。5.运用独立于页面

  • ViewStub用法介绍

    ViewStub用法介绍在开发应用程序的时候,经常会遇到这样的情况,会在运行时动态根据条件来决定显示哪个View或某个布局。那么最通常的想法就是把可能用到的View都写在上面,先把它们的可见性都设为View.GONE,然后在代码中动态的更改它的可见性。这样的做法的优点是逻辑简单而且控制起来比较灵活。但是它的缺点就是,耗费资源。虽然把View的初始可见View.GONE但是在Inflate布局的时候View仍然会被Infl

  • pycharm输入不了中文_pycharm可以设置成中文吗

    pycharm输入不了中文_pycharm可以设置成中文吗ubuntu18.04中PyCharm当全拼输入2~3个汉字时,会被强行打断,然后就无法继续输入(也无法切换中英文),并且汉字下会有下划线。点击菜单“Help|EditCustomVMoptions…”添加-Drecreate.x11.input.method=true到最后一行重启编辑器…

  • flex垂直居中,最简单的方法之一

    flex垂直居中,最简单的方法之一display:flex;align-items:center;

  • Python字符串删除、截取,删除某个字符、片段[通俗易懂]

    Python字符串删除、截取,删除某个字符、片段[通俗易懂]各种字符串删除操作删除字符串某一片段删除、替换指定字符删除字符串某一片段使用字符串切片,如:str1=’1abcd.txt’str2=str1[1:-4]print(str2)Out:’abcd’索引[x,y],当某一项为0时,可以省略不写索引[x,y],当某一项为负数时,代表倒数索引删除、替换指定字符使用replace(),如:删除:replace(‘指定字符’,”),是通过将指定字符替换为空实现的str1=’abkcd’str2=str1.replac

  • svm 算法通俗介绍

    svm 算法通俗介绍http://blog.csdn.net/v_july_v/article/details/7624837作者:July、pluskid;致谢:白石、JerryLead出处:结构之法算法之道blog

发表回复

您的电子邮箱地址不会被公开。

关注全栈程序员社区公众号