Recently, thinkphp5 has been used to develop a website domain name authorization and version update system. Let’s talk about the functions first, and then the knowledge points.
1. Only the domain name and ip can be authorized individually or in combination.
2. Support multi-domain and multi-ip authorization.
3. Piracy tracking and reporting
4. Version update function. The update package can be deployed on a separate domain name, for example, the update package can be placed on a separate server.
After deployment, the client clicks Update to automatically update from the current version to the latest version
5. Upgrade log
6. Client integration code package
7. Encrypted communication mechanism to prevent tampering in the middle.
8. Authorized self-service inquiry
The knowledge points involved and the problems encountered when doing it:
1. The communication between the client and the server should be encrypted, and at least a signature should be added, otherwise it is easy to be modified and hijacked.
2. Authorization is best to restrict IP at the same time, because if only the domain name is restricted, the client may directly overwrite an authorized domain name in the public place to bypass.
3. Randomly verify authorization to increase security.
4. Unzip the compressed package. Do not use the class that comes with PHP. If the file name is a mixture of Chinese and English, there will be garbled characters, and there is basically no solution.
Use pclzip, a php decompression class written by a foreigner.
5. After the upgrade, delete the compressed package to prevent the client from spreading.
Others will be added when I think of them. . .
Demonstration Note:
In order to prevent malicious attacks, all add, modify and delete operations will prompt success, but will not actually be executed!
Address:
http://demo.auth.zhiyunzhushou.com/adminUsername
: admindemoPassword
: q1w2e3r4Security
Code: zhiyunzhushou.com
The source code is completely available for commercial use and secondary development, the source code is fully open source, 480 yuan, if you need it, contact me qq: 30445977