kubbo/chuanqi-client-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

优化API接口代码,增强数据库连接安全性与代码可读性

Browse Source
This commit is contained in:
Kubbo
2024-12-22 15:48:03 +08:00
parent f21a71eb6f
commit 5b0873b4d4
2 changed files with 32 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
api.php
View File

@@ -962,38 +962,51 @@ switch ($act) {
break;
}
case 'bind':
$stmt1 = $mySQLi->prepare('insert into `player_connect_threeparty` (player_id, type, connect_id) values(?, `linuxdo`, ?)');
$stmt1->bind_param('ssisiissis', input('account'), input('connect_id'));
$stmt1->execute();
$stmt1->close();
$stmt2 = $mySQLi->prepare('select password from player where username=?');
$stmt2->bind_param('s', input('account'));
$stmt2->execute();
$result = $stmt2->get_result();
$mySQLi = new mysqli($_CONFIG_DB['db_host'], $_CONFIG_DB['db_user'], $_CONFIG_DB['db_password'], $_CONFIG_DB['db_name'], $_CONFIG_DB['db_port']);
if ($mySQLi->connect_errno)
returnJson(['code' => 1, 'msg' => $mySQLi->connect_error]);
$mySQLi->set_charset($_CONFIG_DB['db_charset']);
$stmt = $mySQLi->prepare('insert into `player_connect_threeparty` (username, type, connect_id) values(?, `linuxdo`, ?)');
$stmt->bind_param('ss', input('account'), input('connect_id'));
$stmt->execute();
$stmt->close();
$stmt = $mySQLi->prepare('select password from player where username=?');
$stmt->bind_param('s', input('account'));
$stmt->execute();
$result = $stmt->get_result();
$data = $result->fetch_array();
$result->free_result();
$stmt2->close();
returnJson($data);
$stmt->close();
$mySQLi->close();
break;
case 'link':
$stmt = $mySQLi->prepare('select player_id from player_connect_threeparty where type=`linuxdo` and connect_id=?');
$stmt->bind_param('s', input('connect_id'));
$connectId = input('connect_id');
$tpType = 'linuxdo';
$mySQLi = new mysqli($_CONFIG_DB['db_host'], $_CONFIG_DB['db_user'], $_CONFIG_DB['db_password'], $_CONFIG_DB['db_name'], $_CONFIG_DB['db_port']);
if ($mySQLi->connect_errno)
returnJson(['code' => 1, 'msg' => $mySQLi->connect_error]);
$mySQLi->set_charset($_CONFIG_DB['db_charset']);
$stmt = $mySQLi->prepare('select username from player_connect_threeparty where type=? and connect_id=? limit 1');
$stmt->bind_param('ss', $tpType , $connectId);
$stmt->execute();
$result = $stmt->get_result();
$row = $result->fetch_array();
$stmt->close();
if (!empty($row)) {
$getPlayer = $mySQLi->prepare('select username,password from player where id=? limit 1');
$getPlayer->bind_param('ass', $row['player_id']);
$getPlayer = $mySQLi->prepare('select username,password from `player` where id=? limit 1');
$getPlayer->bind_param('s', $row['username']);
$getPlayer->execute();
$res = $getPlayer->get_result();
$account = $res->fetch_array();
returnJson(['code' => 0, 'data' => $res]);
$res->free_result();
$getPlayer->close();
} else {
returnJson(['code' => '1']);
}
$stmt->close();
$mySQLi->close();
break;
default:
echo 'success';
}
}

8
linuxdo.php
View File

@@ -83,13 +83,11 @@ if (isset($getTokenArr['access_token'])) {
$checkLink = get_curl("/api?act=check&connect_id=" . $getUserArr['username']);
$getCheckLink = json_decode($checkLink, true);
} else {
$err = json_encode($getTokenArr);
}
?>
<!DOCTYPE HTML>
<html>
@@ -157,7 +155,7 @@ if (isset($getTokenArr['access_token'])) {
<input type="hidden" id="linuxdo" value="<?= $getUserArr['username'] ?>">
<?php if (!empty($err)) { ?>
授权发生异常:<?= $err ?>
<?php } elseif (empty($row)) { ?>
<?php } elseif ($getCheckLink['code'] == '1') { ?>
<div
style="width:400px;position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);display:flex;justify-content:center;align-items:center;flex-direction:column;">
当前尚未有你的游戏账号,请选择<br>
@@ -174,4 +172,4 @@ if (isset($getTokenArr['access_token'])) {
<?php } ?>
</body>
</html>
</html>