صفحهٔ اصلی گشت‌و‌گذار راهنما
ثبت نام ورود
zxt
/
admin_consumer
1
0
انشعاب 0
پرونده‌ها مشکلات 0 درخواست واکشی 0 ویکی
درخت: 554651c220
شاخه‌ها تگ‌ها
admin_consumer
/
app
/
Middleware
/
Auth
/
SensitiveMiddleware.php

SensitiveMiddleware.php 3.2 KB
تاريخچه خام

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788 
  1. <?php
    2. 

  2. 

  3. declare(strict_types=1);
    4. 

  4. 

  5. namespace App\Middleware\Auth;
    6. 

  6. 

  7. use App\Tools\PublicData;
    8. 

  8. use Hyperf\HttpServer\Contract\RequestInterface;
    9. 

  9. use Hyperf\HttpServer\Contract\ResponseInterface as HttpResponse;
    10. 

  10. use Psr\Container\ContainerInterface;
    11. 

  11. use Psr\Http\Message\ResponseInterface;
    12. 

  12. use Psr\Http\Message\ServerRequestInterface;
    13. 

  13. use Psr\Http\Server\MiddlewareInterface;
    14. 

  14. use Psr\Http\Server\RequestHandlerInterface;
    15. 

  15. use Hyperf\HttpMessage\Stream\SwooleStream;
    16. 

  16. use Hyperf\Di\Annotation\Inject;
    17. 

  17. use Hyperf\Redis\Redis;
    18. 

  18. //use Swoole\Http\Request;
    19. 

  19. class SensitiveMiddleware implements MiddlewareInterface
    20. 

  20. {
    21. 

  21.     protected ContainerInterface $container;
    22. 

  22. 

  23.     protected RequestInterface $request;
    24. 

  24. 

  25.     protected HttpResponse $response;
    26. 

  26.     #[Inject]
    27. 

  27.     protected Redis $redis;
    28. 

  28.     const STREAM_URL = [
    29. 

  29.         '/news/addArticle',
    30. 

  30.         '/news/updateArticle'
    31. 

  31.     ];
    32. 

  32.     public function __construct( RequestInterface $request, HttpResponse $response)
    33. 

  33.     {
    34. 

  34.         $this->request = $request;
    35. 

  35.         $this->response = $response;
    36. 

  36.     }
    37. 

  37. 

  38.     public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
    39. 

  39.     {
    40. 

  40.         $uri = $request->getUri();
    41. 

  41.         // 获取接口路径(不包含查询参数)
    42. 

  42.         $path = $uri->getPath();
    43. 

  43.         try {
    44. 

  44.             if($path && in_array($path,self::STREAM_URL)){
    45. 

  45.                 $badWords = $this->redis->sMembers('black_word'); //黑名单
    46. 

  46.                 $whiteWords = $this->redis->sMembers('white_word');//白名单
    47. 

  47.                 // 获取所有请求参数并拼接成文本
    48. 

  48.                 $params = $this->request->all();
    49. 

  49.                 $concatenated = "";
    50. 

  50.                 if($params){
    51. 

  51.                     foreach ($params as $value) {
    52. 

  52.                         if (is_array($value)) {
    53. 

  53.                             // 如果值是数组,将数组元素用逗号连接
    54. 

  54.                             $concatenated.= json_encode($value);
    55. 

  55.                         } else {
    56. 

  56.                             // 如果不是数组,直接拼接
    57. 

  57.                             $concatenated.= $value;
    58. 

  58.                         }
    59. 

  59.                     }
    60. 

  60.                 }
    61. 

  61.                 // 遍历违禁词,检查是否在文本中存在
    62. 

  62.                 foreach ($badWords as $badWord) {
    63. 

  63.                     // 判断该违禁词是否在白名单中,如果在则跳过
    64. 

  64.                     if (in_array($badWord, $whiteWords)) {
    65. 

  65.                         continue;
    66. 

  66.                     }
    67. 

  67.                     if (str_contains($concatenated, $badWord)) {
    68. 

  68.                         // 处理找到违禁词的情况,例如返回错误信息
    69. 

  69.                         $message = '发现违禁词: '. $badWord;
    70. 

  70.                         return $this->response->json(
    71. 

  71.                             [
    72. 

  72.                                 'code' => 0,
    73. 

  73.                                 'data' => [],
    74. 

  74.                                 'message' => $message
    75. 

  75.                             ]
    76. 

  76.                         );
    77. 

  77.                     }
    78. 

  78.                 }
    79. 

  79.             }else{
    80. 

  80.                 return $handler->handle($request);
    81. 

  81.             }
    82. 

  82.         }catch (\Exception $e){
    83. 

  83.             var_dump("错误消息:",$e->getMessage(),$e->getCode());
    84. 

  84.             return $handler->handle($request);
    85. 

  85.         }
    86. 

  86.         return false;
    87. 

  87.     }
    88. 

  88. }
    89.