写了一个api接口，想审核后才让人能使用，求实现思路，多谢-PHP Tutorial-php.cn

Home

Backend Development

PHP Tutorial

写了一个api接口，想审核后才让人能使用，求实现思路，多谢

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 13, 2016 am 10:36 AM

contentfilegethttpreferer

【急】写了一个api接口，想审核后才让人能使用，求实现思路，谢谢
接口是这样调用的$this->file_get_content("http://127.0.0.40/api.php?goods_id=XXXX");

接口的文件就是print_R了一些数组

想使用我接口的人，要我审核域名才能使用

我网上查了一些方法，如下面的
$parse_url=parse_url($_SERVER[HTTP_REFERER]);
$url_from=$parse_url[host];
这个可以获得来源网址，但是要通过超链接点击，才能获取，file_get_content这样好是不能使用的

请高手，指点下，分享下思路方法，谢谢！

QQ：614944530

------解决方案--------------------
那你就用最简单的登录验证，先传递帐号密码帐号密码通过后直接给出结果
------解决方案--------------------
验证ip吧 HTTP_REFERER都可以伪造的
------解决方案--------------------
file_get_content这个不太靠谱，用curl或者fsocketopen吧
------解决方案--------------------
审核就登录，别无他法，都是搞IT的，讲技术细节，不是迷信。
------解决方案--------------------

探讨
验证ip吧 HTTP_REFERER都可以伪造的

------解决方案--------------------
$this->file_get_content
如果这是在执行你的服务器上的方法，那么既然能执行，自然就已经有了权限
如果这是执行他自己的代码，也就是你的服务。你把接口都提供给人家了，还说每日权限吗？

------解决方案--------------------
1. file_get_content是可以加上header的,当然也可以加HTTP_REFERER
2. HTTP_REFERER是不可靠的

------解决方案--------------------
感觉用账号密码比较方便
------解决方案--------------------
先传登录信息，调用API
------解决方案--------------------
设置一个ip-ticket的key-value对，然后发布给用户，这样就只能从指定的ip，用指定的ticket来访问了呗...
要么就学google，完全没限制，只限制每日访问次数...哈哈

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Explain the concept of a PHP session in simple terms.Apr 26, 2025 am 12:09 AM

PHPsessionstrackuserdataacrossmultiplepagerequestsusingauniqueIDstoredinacookie.Here'showtomanagethemeffectively:1)Startasessionwithsession_start()andstoredatain$_SESSION.2)RegeneratethesessionIDafterloginwithsession_regenerate_id(true)topreventsessi

How do you loop through all the values stored in a PHP session?Apr 26, 2025 am 12:06 AM

In PHP, iterating through session data can be achieved through the following steps: 1. Start the session using session_start(). 2. Iterate through foreach loop through all key-value pairs in the $_SESSION array. 3. When processing complex data structures, use is_array() or is_object() functions and use print_r() to output detailed information. 4. When optimizing traversal, paging can be used to avoid processing large amounts of data at one time. This will help you manage and use PHP session data more efficiently in your actual project.

Explain how to use sessions for user authentication.Apr 26, 2025 am 12:04 AM

The session realizes user authentication through the server-side state management mechanism. 1) Session creation and generation of unique IDs, 2) IDs are passed through cookies, 3) Server stores and accesses session data through IDs, 4) User authentication and status management are realized, improving application security and user experience.

Give an example of how to store a user's name in a PHP session.Apr 26, 2025 am 12:03 AM

Tostoreauser'snameinaPHPsession,startthesessionwithsession_start(),thenassignthenameto$_SESSION['username'].1)Usesession_start()toinitializethesession.2)Assigntheuser'snameto$_SESSION['username'].Thisallowsyoutoaccessthenameacrossmultiplepages,enhanc

What are some common problems that can cause PHP sessions to fail?Apr 25, 2025 am 12:16 AM

Reasons for PHPSession failure include configuration errors, cookie issues, and session expiration. 1. Configuration error: Check and set the correct session.save_path. 2.Cookie problem: Make sure the cookie is set correctly. 3.Session expires: Adjust session.gc_maxlifetime value to extend session time.

How do you debug session-related issues in PHP?Apr 25, 2025 am 12:12 AM

Methods to debug session problems in PHP include: 1. Check whether the session is started correctly; 2. Verify the delivery of the session ID; 3. Check the storage and reading of session data; 4. Check the server configuration. By outputting session ID and data, viewing session file content, etc., you can effectively diagnose and solve session-related problems.

What happens if session_start() is called multiple times?Apr 25, 2025 am 12:06 AM

Multiple calls to session_start() will result in warning messages and possible data overwrites. 1) PHP will issue a warning, prompting that the session has been started. 2) It may cause unexpected overwriting of session data. 3) Use session_status() to check the session status to avoid repeated calls.

How do you configure the session lifetime in PHP?Apr 25, 2025 am 12:05 AM

Configuring the session lifecycle in PHP can be achieved by setting session.gc_maxlifetime and session.cookie_lifetime. 1) session.gc_maxlifetime controls the survival time of server-side session data, 2) session.cookie_lifetime controls the life cycle of client cookies. When set to 0, the cookie expires when the browser is closed.

See all articles