给指定URL添加访问控制

Author Avatar
Whark 5月 24, 2017

给指定URL添加访问控制

应用场景为某一直播页面,需要设置访问权限,Nginx根据路由设置访问权限的方式,在微信中无法正常使用,而该应用场景,主要为微信上观看直播,所以使用PHP来实现单页面授权。

<?php
/**
 * 给指定URL添加访问控制
 */
error_reporting(0);
session_start();
$html = <<<html
<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <style>
        #input-text &#123;
            width: auto;
            padding: 0.5em 1em;
            border: 1px solid #ccc;
            border-radius: 0.2em;
            height: auto;
            font-size: 2em;
        &#125;
        #input-submit &#123;
            color: #fff;
            background-color: #337ab7;
            border-color: #2e6da4;
            margin-left: 1em;
            padding: 0.4em 1em;
            border: 1px solid transparent;
            border-radius: 0.2em;
            font-size: 2em;
        &#125;
    </style>
</head>
<div class="text-center" style="padding-top: 20%;text-align: center">
    <form action="live_url" method="post">
    <input id="input-text" type="password" placeholder="请输入访问密码:" name="live_auth"/>
    <input id="input-submit" type="submit" value="进入">
    </form>
</div>
html;
/**
 * 给特定页面进行密码验证
 */
 /*********** Solution One *********/

$url = [
    '/20180328',
    '/20180329'
];
$auth_name = [
    'live_auth0328',
    'live_auth0329',
];
$auth_passwd = [
    '12345678',
    '123456',
];

$key = '';
if (!empty($_POST)) &#123;
    // POST字段匹配
    $postDataKey = array_keys($_POST)[0];
    $key = array_search($postDataKey, $auth_name, true);
&#125;

$path = parse_url( $_SERVER['REQUEST_URI'] )['path'];
$key = $key ?: array_search( $path, $url, true);

if ($key !== '' && $key !== FALSE) &#123;
    if (isset($_POST[$auth_name[$key]]) && $_POST[$auth_name[$key]] === $auth_passwd[$key]) &#123;
        $_SESSION[$auth_name[$key]] = '1';
    &#125;
    if ($path === $url[$key]) &#123;
        if (!isset($_SESSION[$auth_name[$key]]) || $_SESSION[$auth_name[$key]] !== '1') &#123;
            $html = str_replace('live_auth', $auth_name[$key], $html);
            $html = str_replace('live_url', $url[$key], $html);
            echo $html;die;
        &#125;
    &#125;
&#125;

/*********** Solution Two *********/
/*
//20180328
$url = '/20180328';
$auth_name = 'live_auth0328';
$auth_passwd = '12345678';
if (isset($_POST[$auth_name]) && $_POST[$auth_name] === $auth_passwd) &#123;
    $_SESSION[$auth_name] = '1';
&#125;
if (parse_url( $_SERVER['REQUEST_URI'] )['path'] === $url) &#123;
    if (!isset($_SESSION[$auth_name]) || $_SESSION[$auth_name] !== '1') &#123;
        $html = str_replace('live_auth', $auth_name, $html);
        $html = str_replace('live_url', $url, $html);
        echo $html;die;
    &#125;
&#125;

//20180329
$url = '/20180329';
$auth_name = 'live_auth0329';
$auth_passwd = '123456';
if (isset($_POST[$auth_name]) && $_POST[$auth_name] === $auth_passwd) &#123;
    $_SESSION[$auth_name] = '1';
&#125;
if (parse_url( $_SERVER['REQUEST_URI'] )['path'] === $url) &#123;
    if (!isset($_SESSION[$auth_name]) || $_SESSION[$auth_name] !== '1') &#123;
        $html = str_replace('live_auth', $auth_name, $html);
        $html = str_replace('live_url', $url, $html);
        echo $html;die;
    &#125;
&#125;
*/
expand_less