Exemple #1
0
func VerifyAndMapParams(r *http.Request) (bool, map[string]string) {
	defer recoverAction()
	bytes, _ := ioutil.ReadAll(r.Body)
	strp := string(bytes)
	// fmt.Println("strp", strp)
	if strp == "" {
		return false, nil
	}
	sid := DefaultSid
	arr := strings.Split(strp, "&")
	if len(arr) <= 1 {
		return false, nil
	}
	marr := make(map[string]string)
	var tmp = []string{"", ""}
	for _, v := range arr {
		tmp = strings.Split(v, "=")
		if len(tmp) < 2 {
			return false, nil
		}
		if tmp[0] == "submit" {
			continue
		}
		marr[tmp[0]] = tmp[1]
	}
	if marr["sid"] == "" {
		return false, nil
	}
	tmpstr := ""
	tmparr := make(map[string][]byte)
	for k, v := range marr {
		tmparr[k] = []byte(v)
	}
	sarr := NewMapSorter(tmparr)
	sort.Sort(sarr)
	for _, v := range sarr {
		if v.Key != "sid" {
			tmpstr = tmpstr + v.Key + "=" + string(v.Val) + "&"
		}
	}
	csid := common.MD5f(tmpstr + sid)
	if csid == marr["sid"] {
		return true, marr
	} else {
		common.LogNetWarn(r, "csid == marr[sid]", csid, marr["sid"], tmpstr+sid)
		return false, marr
	}
}
Exemple #2
0
func HandlerCore(w http.ResponseWriter, r *http.Request) {
	defer recoverAction()
	resInfo := business.ReturnInfo{}
	resInfo.Status = business.ReturnArgumentInvalid
	var cmd string
	for {
		if r.Method != "POST" {
			common.LogNetWarn(r, "r.Method != POST ", r.Method, r.RequestURI)
			break
		}
		success, params := VerifyAndMapParams(r)
		if !success {
			common.LogNetWarn(r, "VerifyAndMapParams(r) fail")
			if params != nil {
				cmd = params["cmd"]
			}
			resInfo.Status = business.ReturnSIDInvalid
			break
		}
		var controllerName, actionName string
		cmd = params["cmd"]
		cmds := strings.Split(cmd, "_")
		if len(cmds) == 2 {
			controllerName = strings.ToLower(cmds[0])
			actionName = cmds[1]
		} else {
			common.LogNetWarn(r, "len(cmds) != 2 ", cmd)
			break
		}
		var controller interface{}
		if controllerName == "b" {
			controller = &BrowseController{}
		} else {
			common.LogNetWarn(r, "controllerName error ", controllerName)
			break
		}
		reflectCon := reflect.ValueOf(controller)
		reflectMethod := reflectCon.MethodByName(actionName)
		if !reflectMethod.IsValid() {
			common.LogNetWarn(r, "reflectMethod.InValid() ", actionName)
			break
		}
		if strings.Index(ActionNameList, actionName) == -1 {
			common.LogNetWarn(r, "actionName error", actionName)
			break
		}
		//方法输入输出检测是开发时需要 正式可以干掉
		// methodType := reflectMethod.Type()
		// if methodType.NumIn() != 2 || methodType.NumOut() != 1 {
		// 	common.LogNetWarn(r, "methodType.NumIn() != 2 || methodType.NumOut() != 1 ", methodType.NumIn(), methodType.NumOut())
		// 	break
		// }
		// if methodType.In(0) != paramsType || methodType.In(1) != requestType || methodType.Out(0) != returnInfoType {
		// 	common.LogNetWarn(r, "t.In(0) != paramsType || t.In(1) != requestType || t.Out(0) != returnInfoType", methodType.In(0), methodType.In(1), methodType.Out(0))
		// 	break
		// }
		// if actionName == "Contentlist" {
		// 	actionName = actionName + "_" + params["ctype"]
		// }
		// Configtools.Redisclient.Hincrby(fmt.Sprintf("apistat:%s", time.Now().Format("06010215")), actionName, 1)
		res := reflectMethod.Call([]reflect.Value{reflect.ValueOf(params), reflect.ValueOf(r)})
		if len(res) > 0 {
			resInfo = res[0].Interface().(business.ReturnInfo)
		}
		if len(res) > 1 && !res[1].IsNil() {
			err := res[1].Interface().(error)
			common.LogNetWarn(r, fmt.Sprintf("reflectMethod.Call %v", err))
		}
		break
	}
	OutputJson(w, resInfo, cmd)
}