补充 银行卡信息数据库
网上找了一番,发现有网站提供了这种服务,如下
http://www.yinhangkadata.com/
http://www.yinhangkahao.com/
这个查询都做了IP的限制,一个IP只能查询几次。突然想到了这种方式可能存在的bug,可以任意伪造来源IP。这个漏洞真是喜闻乐见啊。
调用方法:
$BankCard = new BankCard();
$cardInfo = $BankCard->query(‘6222021207020181225’);
返回结果:
array(5) {
[“bank_name”]=>
string(12) “工商银行”
[“card_name”]=>
string(10) “E时代卡”
[“card_type”]=>
string(9) “借记卡”
[“province”]=>
string(9) “浙江省”
[“city”]=>
string(6) “台州”
}
以下是代码实现:
查询类:
namespace Common\Util;
use Org\Net\HttpClient;
class BankCard {
private $target;
private $error;
public function getError()
{
return $this->error;
}
public function __construct()
{
$this->target = "http://www.yinhangkahao.com/pc.asp";
}
public function query($card){
$httpClient = new HttpClient();
$result = $httpClient->get($this->target.'?card='.$card,array('headers'=>array('X-FORWARDED-FOR:'.$this->getId(),'timeout:5')));
trace($result);
$result = str_replace(array("\r\n", "\r", "\n","(", ")"), "", $result);
$data =array();
if(preg_match('/<p>(.{2,50})(\d{8}) -- (.*?) -- (.*?)<\/p>/i', $result, $matches)) {
$data['bank_name']= $matches[1];
$data['card_name']= $matches[3];
$data['card_type']= $matches[4];
}
if(preg_match('/<font color=red>(.*?) -- (.*?)<\/font>/i', $result, $matches)) {
$data['province']= $matches[1];
$data['city']= $matches[2];
}
if(count($data)>0){
return $data;
}
return false;
}
private function getId(){
$ip_long = array(
array('607649792', '608174079'), //36.56.0.0-36.63.255.255
array('1038614528', '1039007743'), //61.232.0.0-61.237.255.255
array('1783627776', '1784676351'), //106.80.0.0-106.95.255.255
array('2035023872', '2035154943'), //121.76.0.0-121.77.255.255
array('2078801920', '2079064063'), //123.232.0.0-123.235.255.255
array('-1950089216', '-1948778497'), //139.196.0.0-139.215.255.255
array('-1425539072', '-1425014785'), //171.8.0.0-171.15.255.255
array('-1236271104', '-1235419137'), //182.80.0.0-182.92.255.255
array('-770113536', '-768606209'), //210.25.0.0-210.47.255.255
array('-569376768', '-564133889'), //222.16.0.0-222.95.255.255
);
$rand_key = mt_rand(0, 9);
$ip= long2ip(mt_rand($ip_long[$rand_key][0], $ip_long[$rand_key][1]));
return $ip;
}
}
http请求帮助类:
namespace Org\Net;
/**
* @property string $cookieFile path to file that stores cookies
*
* @property-read string $lastError last request error.
* @property-read array $info information about the last transfer.
* @property-read integer $httpCode last received HTTP code.
* @property-read string $effectiveUrl last effective url.
* @property-read array $cookies current cookies.
*/
class HttpClient
{
public $useragent = 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; en)';
/**
* When true, HttpClient creates temporary file for cookies.
* @var boolean
*/
public $useRandomCookieFile = false;
public $randomCookieFilePrefix = 'phphc';
protected $_cookieFile = null;
public $lastpageFile = null;
protected $defaults = array(
'url' => '',
'post' => null,
'headers' => null,
'ref' => '',
'header' => false,
'nobody' => false,
'timeout' => 15,
'tofile' => null,
'attempts_max' => 1,
'attempts_delay' => 10,
);
protected $ch;
function init()
{
if ( $this->useRandomCookieFile )
$this->setRandomCookieFile();
}
public static function from($params = array())
{
$client = new self();
foreach ($params as $key => $val)
$client->$key = $val;
$client->init();
return $client;
}
public function __get($name)
{
$getter='get'.$name;
if(method_exists($this,$getter))
return $this->$getter();
throw new Exception('Property "' . get_class($this) . '.' . $name . '" is not defined.');
}
/**
* Runs http request to get responce headers.
* @param string $url request url.
* @param array $params request params.
* @return string|boolean returns response in the usual case, true when
* result goes to file and false if request failed.
* @throws CException when "tofile" is defined and file is not writeable.
*/
public function head($url, $params = array())
{
$params['url'] = $url;
$params['header'] = true;
$params['nobody'] = true;
return $this->request($params);
}
/**
* Runs http GET request.
* @param string $url request url.
* @param array $params request params.
* @return string|boolean returns response in the usual case, true when
* result goes to file and false if request failed.
* @throws CException when "tofile" is defined and file is not writeable.
*/
public function get($url, $params = array())
{
$params['url'] = $url;
return $this->request($params);
}
/**
* Runs http POST request.
* @param string $url request url.
* @param array $post post data.
* @param array $params request params.
* @return string|boolean returns response in the usual case, true when
* result goes to file and false if request failed.
* @throws CException when "tofile" is defined and file is not writeable.
*/
public function post($url, $post = array(), $params = array())
{
$params['url'] = $url;
$params['post'] = $post;
return $this->request($params);
}
/**
* Downloads file.
* @param string $url request url.
* @param string $dest file destination.
* @param array $params request params.
* @return boolean true when file is downloaded and false if downloading
* failed.
* @throws CException when $dest file is not writeable.
*/
public function download($url, $dest, $params = array())
{
$params['url'] = $url;
$params['tofile'] = $dest;
return $this->request($params);
}
/**
* Runs http request.
* @param array $params request params.
* @return string|boolean returns response in the usual case, true when
* result goes to file and false if request failed.
* @throws CException when "tofile" is defined and file is not writeable.
*/
public function request($params)
{
$params = array_merge($this->defaults, $params);
if (isset($this->ch)) {
curl_close($this->ch);
$this->ch = null;
}
$ch = $this->createCurl($params);
if( isset($params['tofile']) ) {
$tofile = fopen($params['tofile'], 'wb');
if ( !$tofile )
throw new CException(__CLASS__ . " couldn't open file '{$params['tofile']}' for edit.");
curl_setopt($ch, CURLOPT_FILE, $tofile);
}
// // Debug code
// echo
// '<b>' . $params['url'] . '</b>' .
// '<pre>' . var_export($params['post'], true) . '</pre>';
do {
// Do http request
$res = curl_exec($ch);
} while (
$res === FALSE && //
--$params['attempts_max'] != 0 &&
sleep($params['attempts_delay']) !== FALSE
);
if ( isset($params['tofile']) ) {
fclose($tofile);
if ($res === FALSE)
unlink($params['tofile']);
}
$this->ch = $ch;
// Saving response content into lastpageFile
if ( $this->lastpageFile != null )
file_put_contents($this->lastpageFile, $res);
return $res;
}
/**
* Creates multiple request
* @param array $requests requests parameters [key] => [params array]
* @param array $defaults default request paremeters
* @return array http request results array [key] => [result string]
* Requests array keys are used to differ results
*/
public function multiRequest($requests, $defaults = array())
{
if ( empty($requests) )
return array();
$defaults = array_merge($this->defaults, $defaults);
$mh = curl_multi_init();
$handles = array();
foreach ($requests as $key => $request) {
$params = array_merge($defaults, $request);
$ch = $this->createCurl($params);
curl_multi_add_handle($mh, $ch);
$handles[$key] = $ch;
}
$active = null;
do {
$mrc = curl_multi_exec($mh, $active);
} while ($mrc == CURLM_CALL_MULTI_PERFORM);
while ($active && $mrc == CURLM_OK) {
if (curl_multi_select($mh) != -1) {
do {
$mrc = curl_multi_exec($mh, $active);
} while ($mrc == CURLM_CALL_MULTI_PERFORM);
}
}
$results = array();
foreach ($handles as $key => $ch) {
$results[$key] = curl_multi_getcontent($ch);
curl_multi_remove_handle($mh, $ch);
}
curl_multi_close($mh);
return $results;
}
protected function createCurl($params)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $params['url']);
curl_setopt($ch, CURLOPT_HEADER, $params['header']);
curl_setopt($ch,CURLOPT_HTTPHEADER, $params['headers']);
curl_setopt($ch, CURLOPT_TIMEOUT, $params['timeout']);
curl_setopt($ch, CURLOPT_USERAGENT, $this->useragent);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, !isset($params['tofile']));
curl_setopt($ch, CURLOPT_NOBODY, $params['nobody']);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_ENCODING, '');
if (!empty($params['ref'])) {
curl_setopt($ch, CURLOPT_REFERER, $params['ref']);
}
if($params['post'] !== null) {
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params['post']);
}
if($params['headers'] !== null) {
curl_setopt($ch, CURLOPT_HTTPHEADER, $params['headers']);
}
$cookieFile = $this->getCookieFile();
if($cookieFile !== null) {
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookieFile);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieFile);
}
return $ch;
}
# Getters #
public function getCookieFile()
{
return $this->_cookieFile;
}
/**
* Returns last request error
* @return string
*/
public function getLastError()
{
return isset($this->ch) ? curl_error($this->ch) : null;
}
/**
* Returns information about the last transfer.
* @see curl_getinfo
* @param integer $opt
* @return mixed
*/
public function getInfo($opt = null)
{
return isset($this->ch) ? curl_getinfo($this->ch, $opt) : null;
}
/**
* Last received HTTP code.
* @return integer
*/
public function getHttpCode()
{
return $this->getInfo(CURLINFO_HTTP_CODE);
}
/**
* Last effective url.
* @return string
*/
public function getEffectiveUrl()
{
return $this->getInfo(CURLINFO_EFFECTIVE_URL);
}
/**
* Current cookies.
* Warning! This function has side effects - you can't call getInfo() of
* getLastError() after calling this function.
* @return array
*/
public function getCookies()
{
if (!$this->getCookieFile())
return array();
unset($this->ch);
$text = file_get_contents($this->getCookieFile());
$cookies = array();
foreach (explode("\n", $text) as $line) {
$parts = explode("\t", $line);
if (count($parts) === 7)
$cookies[$parts[5]] = $parts[6];
}
return $cookies;
}
# Setters #
public function setCookieFile($fname, $clear = true)
{
$this->_cookieFile = $fname;
if ( $clear )
$this->clearCookieFile();
}
public function setRandomCookieFile()
{
$fileName = tempnam(sys_get_temp_dir(), $this->randomCookieFilePrefix);
$this->setCookieFile($fileName, true);
}
# Actions #
/**
* Creates and clears cookie file
*/
public function clearCookieFile()
{
$cookieFile = $this->getCookieFile();
if ($cookieFile !== null)
file_put_contents($cookieFile, '');
}
public function __destruct()
{
unset($this->ch);
$cookieFile = $this->getCookieFile();
if ($cookieFile !== null)
unlink($cookieFile);
}
}