优化API接口代码,增强数据库连接安全性与代码可读性
This commit is contained in:
45
api.php
45
api.php
@@ -962,38 +962,51 @@ switch ($act) {
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case 'bind':
|
case 'bind':
|
||||||
$stmt1 = $mySQLi->prepare('insert into `player_connect_threeparty` (player_id, type, connect_id) values(?, `linuxdo`, ?)');
|
$mySQLi = new mysqli($_CONFIG_DB['db_host'], $_CONFIG_DB['db_user'], $_CONFIG_DB['db_password'], $_CONFIG_DB['db_name'], $_CONFIG_DB['db_port']);
|
||||||
$stmt1->bind_param('ssisiissis', input('account'), input('connect_id'));
|
if ($mySQLi->connect_errno)
|
||||||
$stmt1->execute();
|
returnJson(['code' => 1, 'msg' => $mySQLi->connect_error]);
|
||||||
$stmt1->close();
|
$mySQLi->set_charset($_CONFIG_DB['db_charset']);
|
||||||
$stmt2 = $mySQLi->prepare('select password from player where username=?');
|
$stmt = $mySQLi->prepare('insert into `player_connect_threeparty` (username, type, connect_id) values(?, `linuxdo`, ?)');
|
||||||
$stmt2->bind_param('s', input('account'));
|
$stmt->bind_param('ss', input('account'), input('connect_id'));
|
||||||
$stmt2->execute();
|
$stmt->execute();
|
||||||
$result = $stmt2->get_result();
|
$stmt->close();
|
||||||
|
$stmt = $mySQLi->prepare('select password from player where username=?');
|
||||||
|
$stmt->bind_param('s', input('account'));
|
||||||
|
$stmt->execute();
|
||||||
|
$result = $stmt->get_result();
|
||||||
$data = $result->fetch_array();
|
$data = $result->fetch_array();
|
||||||
$result->free_result();
|
$result->free_result();
|
||||||
$stmt2->close();
|
|
||||||
returnJson($data);
|
returnJson($data);
|
||||||
|
$stmt->close();
|
||||||
|
$mySQLi->close();
|
||||||
break;
|
break;
|
||||||
case 'link':
|
case 'link':
|
||||||
$stmt = $mySQLi->prepare('select player_id from player_connect_threeparty where type=`linuxdo` and connect_id=?');
|
$connectId = input('connect_id');
|
||||||
$stmt->bind_param('s', input('connect_id'));
|
$tpType = 'linuxdo';
|
||||||
|
$mySQLi = new mysqli($_CONFIG_DB['db_host'], $_CONFIG_DB['db_user'], $_CONFIG_DB['db_password'], $_CONFIG_DB['db_name'], $_CONFIG_DB['db_port']);
|
||||||
|
if ($mySQLi->connect_errno)
|
||||||
|
returnJson(['code' => 1, 'msg' => $mySQLi->connect_error]);
|
||||||
|
$mySQLi->set_charset($_CONFIG_DB['db_charset']);
|
||||||
|
$stmt = $mySQLi->prepare('select username from player_connect_threeparty where type=? and connect_id=? limit 1');
|
||||||
|
$stmt->bind_param('ss', $tpType , $connectId);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$result = $stmt->get_result();
|
$result = $stmt->get_result();
|
||||||
$row = $result->fetch_array();
|
$row = $result->fetch_array();
|
||||||
$stmt->close();
|
|
||||||
|
|
||||||
if (!empty($row)) {
|
if (!empty($row)) {
|
||||||
$getPlayer = $mySQLi->prepare('select username,password from player where id=? limit 1');
|
$getPlayer = $mySQLi->prepare('select username,password from `player` where id=? limit 1');
|
||||||
$getPlayer->bind_param('ass', $row['player_id']);
|
$getPlayer->bind_param('s', $row['username']);
|
||||||
$getPlayer->execute();
|
$getPlayer->execute();
|
||||||
$res = $getPlayer->get_result();
|
$res = $getPlayer->get_result();
|
||||||
$account = $res->fetch_array();
|
$account = $res->fetch_array();
|
||||||
returnJson(['code' => 0, 'data' => $res]);
|
returnJson(['code' => 0, 'data' => $res]);
|
||||||
|
$res->free_result();
|
||||||
|
$getPlayer->close();
|
||||||
} else {
|
} else {
|
||||||
returnJson(['code' => '1']);
|
returnJson(['code' => '1']);
|
||||||
}
|
}
|
||||||
|
$stmt->close();
|
||||||
|
$mySQLi->close();
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
echo 'success';
|
echo 'success';
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -83,13 +83,11 @@ if (isset($getTokenArr['access_token'])) {
|
|||||||
$checkLink = get_curl("/api?act=check&connect_id=" . $getUserArr['username']);
|
$checkLink = get_curl("/api?act=check&connect_id=" . $getUserArr['username']);
|
||||||
|
|
||||||
$getCheckLink = json_decode($checkLink, true);
|
$getCheckLink = json_decode($checkLink, true);
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
$err = json_encode($getTokenArr);
|
$err = json_encode($getTokenArr);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<!DOCTYPE HTML>
|
<!DOCTYPE HTML>
|
||||||
<html>
|
<html>
|
||||||
@@ -157,7 +155,7 @@ if (isset($getTokenArr['access_token'])) {
|
|||||||
<input type="hidden" id="linuxdo" value="<?= $getUserArr['username'] ?>">
|
<input type="hidden" id="linuxdo" value="<?= $getUserArr['username'] ?>">
|
||||||
<?php if (!empty($err)) { ?>
|
<?php if (!empty($err)) { ?>
|
||||||
授权发生异常:<?= $err ?>
|
授权发生异常:<?= $err ?>
|
||||||
<?php } elseif (empty($row)) { ?>
|
<?php } elseif ($getCheckLink['code'] == '1') { ?>
|
||||||
<div
|
<div
|
||||||
style="width:400px;position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);display:flex;justify-content:center;align-items:center;flex-direction:column;">
|
style="width:400px;position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);display:flex;justify-content:center;align-items:center;flex-direction:column;">
|
||||||
当前尚未有你的游戏账号,请选择<br>
|
当前尚未有你的游戏账号,请选择<br>
|
||||||
@@ -174,4 +172,4 @@ if (isset($getTokenArr['access_token'])) {
|
|||||||
<?php } ?>
|
<?php } ?>
|
||||||
</body>
|
</body>
|
||||||
|
|
||||||
</html>
|
</html>
|
||||||
|
|||||||
Reference in New Issue
Block a user