From 090322677230736552d526595b4c839107546626 Mon Sep 17 00:00:00 2001 From: filesite Date: Fri, 14 Jun 2024 22:30:28 +0800 Subject: [PATCH] bug fix: wrong request limit check key --- .../tajian/controller/FrontapiController.php | 39 ++++++++++++------- 1 file changed, 26 insertions(+), 13 deletions(-) diff --git a/themes/tajian/controller/FrontapiController.php b/themes/tajian/controller/FrontapiController.php index 4b87cac..11ec3a9 100644 --- a/themes/tajian/controller/FrontapiController.php +++ b/themes/tajian/controller/FrontapiController.php @@ -51,10 +51,11 @@ Class FrontApiController extends SiteController { */ public function actionAddfav() { $ip = $this->getUserIp(); + $check_key = "addfav_{$ip}"; $check_time = 60; //1 分钟内 $max_time_in_minutes = 10; //最多 10 次 - $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + $isUserGotRequestLimit = $this->requestLimit($check_key, $max_time_in_minutes, $check_time); if ($isUserGotRequestLimit) { $this->logError("Request limit got, ip: {$ip}"); throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); @@ -564,10 +565,11 @@ eof; //获取短信验证码 public function actionSendsmscode() { $ip = $this->getUserIp(); + $check_key = "sendsmscode_{$ip}"; $check_time = 300; //5 分钟内 $max_time_in_minutes = 3; //最多 3 次 - $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + $isUserGotRequestLimit = $this->requestLimit($check_key, $max_time_in_minutes, $check_time); if ($isUserGotRequestLimit) { $this->logError("Request limit got, ip: {$ip}"); throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); @@ -632,10 +634,11 @@ eof; //新用户注册 public function actionCreateuser() { $ip = $this->getUserIp(); + $check_key = "createuser_{$ip}"; $check_time = 120; //2 分钟内 $max_time_in_minutes = 5; //最多 5 次 - $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + $isUserGotRequestLimit = $this->requestLimit($check_key, $max_time_in_minutes, $check_time); if ($isUserGotRequestLimit) { $this->logError("Request limit got, ip: {$ip}"); throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); @@ -704,10 +707,11 @@ eof; //用户登录 public function actionLoginuser() { $ip = $this->getUserIp(); + $check_key = "login_{$ip}"; $check_time = 120; //2 分钟内 $max_time_in_minutes = 5; //最多 5 次 - $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + $isUserGotRequestLimit = $this->requestLimit($check_key, $max_time_in_minutes, $check_time); if ($isUserGotRequestLimit) { $this->logError("Request limit got, ip: {$ip}"); throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); @@ -758,10 +762,11 @@ eof; //昵称设置 public function actionSetnickname() { $ip = $this->getUserIp(); + $check_key = "setnickname_{$ip}"; $check_time = 120; //2 分钟内 $max_time_in_minutes = 5; //最多 5 次 - $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + $isUserGotRequestLimit = $this->requestLimit($check_key, $max_time_in_minutes, $check_time); if ($isUserGotRequestLimit) { $this->logError("Request limit got, ip: {$ip}"); throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); @@ -816,10 +821,11 @@ eof; //分类管理 public function actionSavetags() { $ip = $this->getUserIp(); + $check_key = "savetags_{$ip}"; $check_time = 120; //2 分钟内 $max_time_in_minutes = 10; //最多 10 次 - $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + $isUserGotRequestLimit = $this->requestLimit($check_key, $max_time_in_minutes, $check_time); if ($isUserGotRequestLimit) { $this->logError("Request limit got, ip: {$ip}"); throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); @@ -905,10 +911,11 @@ eof; //删除分类 public function actionDeletetag() { $ip = $this->getUserIp(); + $check_key = "deltag_{$ip}"; $check_time = 120; //2 分钟内 $max_time_in_minutes = 10; //最多 10 次 - $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + $isUserGotRequestLimit = $this->requestLimit($check_key, $max_time_in_minutes, $check_time); if ($isUserGotRequestLimit) { $this->logError("Request limit got, ip: {$ip}"); throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); @@ -965,10 +972,11 @@ eof; //添加分类 public function actionAddtag() { $ip = $this->getUserIp(); + $check_key = "addtag_{$ip}"; $check_time = 120; //2 分钟内 $max_time_in_minutes = 15; //最多 15 次 - $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + $isUserGotRequestLimit = $this->requestLimit($check_key, $max_time_in_minutes, $check_time); if ($isUserGotRequestLimit) { $this->logError("Request limit got, ip: {$ip}"); throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); @@ -1045,10 +1053,11 @@ eof; //视频管理:把视频从分类中删除、添加视频到某个分类、删除视频 public function actionDeletefav() { $ip = $this->getUserIp(); + $check_key = "delfav_{$ip}"; $check_time = 120; //2 分钟内 $max_time_in_minutes = 60; //最多 60 次 - $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + $isUserGotRequestLimit = $this->requestLimit($check_key, $max_time_in_minutes, $check_time); if ($isUserGotRequestLimit) { $this->logError("Request limit got, ip: {$ip}"); throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); @@ -1121,10 +1130,11 @@ eof; public function actionUpdatefavstag() { $ip = $this->getUserIp(); + $check_key = "updatefavtag_{$ip}"; $check_time = 120; //2 分钟内 $max_time_in_minutes = 60; //最多 60 次 - $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + $isUserGotRequestLimit = $this->requestLimit($check_key, $max_time_in_minutes, $check_time); if ($isUserGotRequestLimit) { $this->logError("Request limit got, ip: {$ip}"); throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); @@ -1187,10 +1197,11 @@ eof; //创建收藏夹 public function actionCreatedir() { $ip = $this->getUserIp(); + $check_key = "createdir_{$ip}"; $check_time = 120; //2 分钟内 $max_time_in_minutes = 30; //最多 30 次 - $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + $isUserGotRequestLimit = $this->requestLimit($check_key, $max_time_in_minutes, $check_time); if ($isUserGotRequestLimit) { $this->logError("Request limit got, ip: {$ip}"); throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); @@ -1259,10 +1270,11 @@ eof; //账号共享接口 public function actionSharedir() { $ip = $this->getUserIp(); + $check_key = "sharedir_{$ip}"; $check_time = 120; //2 分钟内 $max_time_in_minutes = 10; //最多 10 次 - $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + $isUserGotRequestLimit = $this->requestLimit($check_key, $max_time_in_minutes, $check_time); if ($isUserGotRequestLimit) { $this->logError("Request limit got, ip: {$ip}"); throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...'); @@ -1334,10 +1346,11 @@ eof; //删除一个账号共享 public function actionDelsharedir() { $ip = $this->getUserIp(); + $check_key = "delsharedir_{$ip}"; $check_time = 120; //2 分钟内 $max_time_in_minutes = 10; //最多 10 次 - $isUserGotRequestLimit = $this->requestLimit($ip, $max_time_in_minutes, $check_time); + $isUserGotRequestLimit = $this->requestLimit($check_key, $max_time_in_minutes, $check_time); if ($isUserGotRequestLimit) { $this->logError("Request limit got, ip: {$ip}"); throw new Exception('Oops,操作太快了,请喝杯咖啡休息会吧...');