code

main_new_version.php

@@ -331,7 +331,7 @@ switch ($action) {
             $color = common::getItemStyle($type,$k);
             $total = $total + $v['total'];
             $ContainerCounSeries_return[] = array("name"=>strval($k),"type"=>"bar","emphasis" => array("focus" =>"none"),
-                "stack" =>"总计","data" =>$v['data'],"itemStyle" =>array("color" =>$color));
+                "stack" =>"总计","data" =>$v['data'],"itemStyle" =>array("color" =>$color),"barWidth"=>"10%");
             $max_all = $max_all +  $v['max'];
         }
         //计算Y坐标的间隔

service/login.class.php

@@ -36,22 +36,25 @@ class login {
     
         } else {
             $uname = common::check_input($_POST['uname']);
-            $is_verify = common::check_input($_POST['verifcation_code']);
-            //首先校用户登录
-            $AES_encrypted = $this->AES_encrypted($is_verify);
-            $secret_key = common::excuteOneSql("select secret_key from customer_service_secret_key 
-                    where secret_key = '$is_verify' 
-                    and create_time >= current_date - INTERVAL '3 months' limit 1");
-            //记录这次的密钥记录
-            common::excuteUpdateSql("INSERT INTO public.customer_service_secret_key(secret_key, create_time)VALUES ('$is_verify', now());");
-            if(!empty($AES_encrypted) && empty($secret_key)){
-            }else{
-                $data = array(
-                    'msg' => 'verifcation_error',
-                    'data' => ''
-                );
-                common::echo_json_encode(400, $data);
-                exit();
+            //如是是token登录，则不用验证密码和verifcation_code
+            if(!(isset($_POST['token']))){
+                $is_verify = common::check_input($_POST['verifcation_code']);
+                //首先校用户登录
+                $AES_encrypted = $this->AES_encrypted($is_verify);
+                $secret_key = common::excuteOneSql("select secret_key from customer_service_secret_key 
+                        where secret_key = '$is_verify' 
+                        and create_time >= current_date - INTERVAL '3 months' limit 1");
+                //记录这次的密钥记录
+                common::excuteUpdateSql("INSERT INTO public.customer_service_secret_key(secret_key, create_time)VALUES ('$is_verify', now());");
+                if(!empty($AES_encrypted) && empty($secret_key)){
+                }else{
+                    $data = array(
+                        'msg' => 'verifcation_error',
+                        'data' => ''
+                    );
+                    common::echo_json_encode(400, $data);
+                    exit();
+                }
             }
 
             $sql = $this->getLoginSql($uname);
@@ -130,6 +133,27 @@ class login {
 				if ($noCheckPwd) {
 
 				}else{
+                    //如是是token登录，则不用验证密码
+                    if(isset($_POST['token']) && !empty($_POST['token'])){
+                        $is_verify = $_POST['token'];
+                        $AES_encrypted = $this->AES_encrypted($is_verify);
+                        $secret_key = common::excuteOneSql("select secret_key from customer_service_secret_key 
+                            where secret_key = '$is_verify' 
+                            and create_time >= current_date - INTERVAL '3 months' limit 1");
+                        //记录这次的密钥记录
+                        common::excuteUpdateSql("INSERT INTO public.customer_service_secret_key(secret_key, create_time)VALUES ('$is_verify', now());");
+                        //密钥解析失败或者有重复的记录这提示登录失败
+                        if(!(!empty($AES_encrypted) && empty($secret_key))){
+                            $data = array(
+                                'msg' => 'Invalid token',
+                                'login_version' => $rs["login_version"],
+                                'data' => ''
+                            );
+                            common::echo_json_encode(400, $data);
+                            exit();
+                        }
+
+                    }else{
                     if ($rs['password'] != $_POST['psw']) {    
                         common::excuteUpdateSql("update public.ra_online_user set error_login_count=error_login_count+1, error_login_time=now() where lower(user_login) = '" . strtolower($uname) . "'");
                         $data = array(
@@ -140,6 +164,7 @@ class login {
                         common::echo_json_encode(400, $data);
                         $this->failedLogin($uname, 'Password is wrong');
                         exit();
+                    }
                     }
 				}
                    
@@ -1486,10 +1511,14 @@ class login {
         return $sql;
     }
 
-    private function AES_encrypted($encrypted_string){
+    private function AES_encrypted($encrypted_string,$isbase64_encode = true){
         $key = 'fT5!R1k$7Mv@4Q9X'; // 16 bytes key
         $iv = '1234567890123456'; // 16 bytes IV
-        $decrypted = openssl_decrypt(base64_decode($encrypted_string), 'AES-128-CBC', $key, OPENSSL_RAW_DATA, $iv);
+        if($isbase64_encode){
+            $decrypted = openssl_decrypt(base64_decode($encrypted_string), 'AES-128-CBC', $key, OPENSSL_RAW_DATA, $iv);
+        }else{
+            $decrypted = openssl_decrypt($encrypted_string, 'AES-128-CBC', $key, OPENSSL_RAW_DATA, $iv);
+        }
         return $decrypted;
     }
 }