文章目录[隐藏]
WordPress全渠道柔性供应链系统开发深度教程
引言:全渠道柔性供应链的时代需求
在当今数字化商业环境中,企业面临着多渠道销售、个性化需求和供应链不确定性的多重挑战。WordPress作为全球最流行的内容管理系统,不仅适用于网站建设,更可以通过深度开发构建功能强大的全渠道柔性供应链系统。本教程将引导您从零开始,开发一个能够整合线上线下渠道、具备快速响应能力的供应链管理系统。
系统架构设计
整体架构概览
我们的全渠道柔性供应链系统将采用模块化设计,包含以下核心模块:
- 多渠道订单聚合模块
- 智能库存管理模块
- 供应商协同模块
- 物流配送优化模块
- 数据分析与预测模块
技术栈选择
- 后端:WordPress + 自定义插件开发
- 数据库:MySQL(WordPress默认)
- 前端:React.js + WordPress REST API
- 缓存:Redis
- 消息队列:用于异步处理订单和库存同步
核心模块开发实战
1. 多渠道订单聚合模块
<?php
/**
* 多渠道订单聚合模块
* 文件名:multi-channel-order-manager.php
*/
class MultiChannelOrderManager {
private $order_sources = [];
public function __construct() {
// 初始化订单源配置
$this->order_sources = [
'woocommerce' => [
'enabled' => true,
'sync_interval' => 300 // 5分钟同步一次
],
'shopify' => [
'enabled' => true,
'api_key' => get_option('shopify_api_key'),
'sync_interval' => 300
],
'amazon' => [
'enabled' => true,
'seller_id' => get_option('amazon_seller_id'),
'sync_interval' => 600 // 10分钟同步一次
]
];
}
/**
* 聚合所有渠道订单
* @return array 统一格式的订单数据
*/
public function aggregate_orders() {
$all_orders = [];
foreach ($this->order_sources as $source => $config) {
if ($config['enabled']) {
$method_name = 'fetch_orders_from_' . $source;
if (method_exists($this, $method_name)) {
$orders = $this->$method_name($config);
$all_orders = array_merge($all_orders, $orders);
}
}
}
// 按时间排序
usort($all_orders, function($a, $b) {
return strtotime($b['created_at']) - strtotime($a['created_at']);
});
return $all_orders;
}
/**
* 从WooCommerce获取订单
*/
private function fetch_orders_from_woocommerce($config) {
$args = [
'status' => ['processing', 'completed'],
'date_created' => '>' . (time() - $config['sync_interval']),
'limit' => 50
];
$wc_orders = wc_get_orders($args);
$formatted_orders = [];
foreach ($wc_orders as $order) {
$formatted_orders[] = [
'id' => 'WC_' . $order->get_id(),
'source' => 'woocommerce',
'customer' => $order->get_billing_first_name() . ' ' . $order->get_billing_last_name(),
'total' => $order->get_total(),
'status' => $order->get_status(),
'created_at' => $order->get_date_created()->date('Y-m-d H:i:s'),
'items' => $this->extract_order_items($order)
];
}
return $formatted_orders;
}
/**
* 提取订单商品信息
*/
private function extract_order_items($order) {
$items = [];
foreach ($order->get_items() as $item) {
$product = $item->get_product();
$items[] = [
'product_id' => $product->get_id(),
'sku' => $product->get_sku(),
'name' => $product->get_name(),
'quantity' => $item->get_quantity(),
'price' => $product->get_price()
];
}
return $items;
}
/**
* 统一订单状态更新
*/
public function update_order_status($order_id, $status, $source) {
// 根据订单来源更新对应平台的订单状态
switch($source) {
case 'woocommerce':
$order = wc_get_order(str_replace('WC_', '', $order_id));
$order->update_status($status);
break;
case 'shopify':
// Shopify API调用
$this->update_shopify_order($order_id, $status);
break;
}
// 记录状态变更日志
$this->log_order_status_change($order_id, $status, $source);
}
}
// 初始化订单管理器
$order_manager = new MultiChannelOrderManager();
?>2. 智能库存管理模块
<?php
/**
* 智能库存管理模块
* 文件名:intelligent-inventory.php
*/
class IntelligentInventoryManager {
private $safety_stock_levels = [];
public function __construct() {
// 从数据库加载安全库存配置
$this->load_safety_stock_config();
}
/**
* 实时库存同步
*/
public function sync_inventory_across_channels($product_id, $quantity_change, $direction = 'decrease') {
// 获取当前产品
$product = wc_get_product($product_id);
if (!$product) {
return false;
}
// 更新本地库存
$current_stock = $product->get_stock_quantity();
if ($direction === 'decrease') {
$new_stock = $current_stock - $quantity_change;
} else {
$new_stock = $current_stock + $quantity_change;
}
// 更新WordPress/WooCommerce库存
wc_update_product_stock($product_id, $new_stock);
// 同步到其他销售渠道
$this->sync_to_external_channels($product_id, $new_stock);
// 检查库存预警
$this->check_stock_alert($product_id, $new_stock);
return true;
}
/**
* 多渠道库存同步
*/
private function sync_to_external_channels($product_id, $quantity) {
$external_channels = [
'shopify' => [
'enabled' => true,
'api_endpoint' => 'https://your-store.myshopify.com/admin/api/2023-01/products/'
],
'amazon' => [
'enabled' => true,
'marketplace_id' => get_option('amazon_marketplace_id')
]
];
foreach ($external_channels as $channel => $config) {
if ($config['enabled']) {
// 这里添加API调用代码
$this->call_channel_inventory_api($channel, $product_id, $quantity, $config);
}
}
}
/**
* 动态安全库存计算
*/
public function calculate_dynamic_safety_stock($product_id, $sales_data) {
// 基于历史销售数据的动态安全库存计算
$lead_time = $this->get_supplier_lead_time($product_id);
$demand_variability = $this->calculate_demand_variability($sales_data);
$service_level = 0.95; // 95%的服务水平
// 使用统计公式计算安全库存
$z_score = $this->get_z_score($service_level);
$safety_stock = $z_score * sqrt($lead_time) * $demand_variability;
// 更新安全库存配置
$this->update_safety_stock($product_id, $safety_stock);
return $safety_stock;
}
/**
* 库存预警系统
*/
private function check_stock_alert($product_id, $current_stock) {
$product = wc_get_product($product_id);
$sku = $product->get_sku();
// 获取该产品的安全库存水平
$safety_stock = $this->get_safety_stock($product_id);
if ($current_stock <= $safety_stock) {
// 触发库存预警
$alert_message = sprintf(
'产品 %s (SKU: %s) 库存低于安全水平。当前库存: %d, 安全库存: %d',
$product->get_name(),
$sku,
$current_stock,
$safety_stock
);
// 发送预警通知
$this->send_stock_alert($alert_message, $product_id);
// 自动创建采购申请
if ($current_stock <= ($safety_stock * 0.5)) {
$this->create_purchase_request($product_id, $safety_stock * 2);
}
}
}
}
?>3. 供应商协同模块
/**
* 供应商协同前端组件
* 文件名:SupplierDashboard.js
*/
import React, { useState, useEffect } from 'react';
import { Card, Table, Button, Modal, message } from 'antd';
const SupplierDashboard = () => {
const [orders, setOrders] = useState([]);
const [inventory, setInventory] = useState([]);
const [loading, setLoading] = useState(false);
const [selectedOrder, setSelectedOrder] = useState(null);
// 列定义
const orderColumns = [
{
title: '订单号',
dataIndex: 'order_number',
key: 'order_number',
},
{
title: '产品名称',
dataIndex: 'product_name',
key: 'product_name',
},
{
title: '数量',
dataIndex: 'quantity',
key: 'quantity',
},
{
title: '要求交货日期',
dataIndex: 'delivery_date',
key: 'delivery_date',
},
{
title: '状态',
dataIndex: 'status',
key: 'status',
render: (status) => (
<span className={`status-${status}`}>
{getStatusText(status)}
</span>
),
},
{
title: '操作',
key: 'action',
render: (_, record) => (
<Button
type="primary"
size="small"
onClick={() => handleOrderAction(record)}
>
更新状态
</Button>
),
},
];
// 获取供应商订单数据
const fetchSupplierOrders = async () => {
setLoading(true);
try {
const response = await fetch('/wp-json/supplier/v1/orders', {
headers: {
'X-WP-Nonce': wpApiSettings.nonce
}
});
const data = await response.json();
setOrders(data);
} catch (error) {
message.error('获取订单数据失败');
} finally {
setLoading(false);
}
};
// 处理订单状态更新
const handleOrderAction = (order) => {
setSelectedOrder(order);
// 显示状态更新模态框
Modal.confirm({
title: '更新订单状态',
content: (
<div>
<p>订单号: {order.order_number}</p>
<select
className="status-select"
defaultValue={order.status}
onChange={(e) => updateOrderStatus(order.id, e.target.value)}
>
<option value="pending">待处理</option>
<option value="confirmed">已确认</option>
<option value="in_production">生产中</option>
<option value="ready_for_shipment">待发货</option>
<option value="shipped">已发货</option>
</select>
</div>
),
onOk: () => {
// 确认更新
updateOrderStatus(order.id, document.querySelector('.status-select').value);
}
});
};
// 更新订单状态API调用
const updateOrderStatus = async (orderId, status) => {
try {
const response = await fetch(`/wp-json/supplier/v1/orders/${orderId}`, {
method: 'PUT',
headers: {
'Content-Type': 'application/json',
'X-WP-Nonce': wpApiSettings.nonce
},
body: JSON.stringify({ status })
});
if (response.ok) {
message.success('订单状态更新成功');
fetchSupplierOrders(); // 刷新数据
}
} catch (error) {
message.error('更新失败');
}
};
useEffect(() => {
fetchSupplierOrders();
}, []);
return (
<div className="supplier-dashboard">
<Card title="待处理订单" style={{ marginBottom: 20 }}>
<Table
columns={orderColumns}
dataSource={orders}
loading={loading}
rowKey="id"
pagination={{ pageSize: 10 }}
/>
</Card>
<Card title="库存水平">
{/* 库存图表组件 */}
<InventoryChart data={inventory} />
</Card>
</div>
);
};
export default SupplierDashboard;系统集成与优化
REST API端点创建
<?php
/**
* 自定义REST API端点
* 文件名:supplier-rest-api.php
*/
add_action('rest_api_init', function() {
// 供应商订单端点
register_rest_route('supplier/v1', '/orders', [
[
'methods' => 'GET',
'callback' => 'get_supplier_orders',
'permission_callback' => 'check_supplier_permission'
],
[
'methods' => 'POST',
'callback' => 'create_supplier_order',
'permission_callback' => 'check_supplier_permission'
]
]);
// 库存同步端点
register_rest_route('inventory/v1', '/sync', [
'methods' => 'POST',
'callback' => 'sync_inventory',
'permission_callback' => 'check_api_key'
]);
// 物流跟踪端点
register_rest_route('logistics/v1', '/track', [
'methods' => 'GET',
'callback' => 'track_shipment',
'args' => [
'tracking_number' => [
'required' => true,
'validate_callback' => function($param) {
return !empty($param);
}
]
]
]);
});
/**
* 获取供应商订单
*/
function get_supplier_orders($request) {
$supplier_id = get_current_user_id();
global $wpdb;
$orders = $wpdb->get_results($wpdb->prepare(
"SELECT * FROM {$wpdb->prefix}supplier_orders
WHERE supplier_id = %d AND status != 'completed'
ORDER BY required_date ASC",
$supplier_id
));
return rest_ensure_response($orders);
}
/**
* 库存同步处理
*/
function sync_inventory($request) {
$params = $request->get_json_params();
$product_id = intval($params['product_id']);
$quantity = intval($params['quantity']);
$channel = sanitize_text_field($params['channel']);
// 调用库存管理器
$inventory_manager = new IntelligentInventoryManager();
$result = $inventory_manager->sync_inventory_across_channels(
$product_id,
$quantity,
$params['operation'] ?? 'decrease'
);
return rest_ensure_response([
'success' => $result,
'message' => $result ? '库存同步成功' : '同步失败',
'timestamp' => current_time('mysql')
]);
}
?>性能优化策略
<?php
/**
* 系统性能优化
* 文件名:performance-optimizer.php
*/
class SupplyChainPerformanceOptimizer {
/**
* 数据库查询优化
*/
public static function optimize_database_queries() {
global $wpdb;
// 添加必要的索引
$indexes = [
"CREATE INDEX idx_order_status ON {$wpdb->prefix}orders(status)",
"CREATE INDEX idx_inventory_product ON {$wpdb->prefix}inventory(product_id, warehouse_id)",
"CREATE INDEX idx_supplier_performance ON {$wpdb->prefix}supplier_orders(supplier_id, delivery_date)"
];
foreach ($indexes as $sql) {
$wpdb->query($sql);
}
// 优化订单查询缓存
self::setup_order_cache();
}
/**
* 设置订单缓存
*/
private static function setup_order_cache() {
wp_cache_add_global_groups(['supply_chain_orders']);
// 使用Redis进行缓存
if (class_exists('Redis')) {
$redis = new Redis();
$redis->connect('127.0.0.1', 6379);
$redis->setOption(Redis::OPT_SERIALIZER, Redis::SERIALIZER_PHP);
}
}
/**
* 批量处理优化
*/
public static function batch_process_orders($order_ids, $operation) {
// 使用事务处理批量订单
global $wpdb;
$wpdb->query('START TRANSACTION');
try {
foreach ($order_ids as $order_id) {
switch ($operation) {
case 'fulfill':
self::fulfill_order($order_id);
break;
case 'cancel':
self::cancel_order($order_id);
break;
case 'update_status':
self::update_order_status_batch($order_id);
break;
}
}
$wpdb->query('COMMIT');
return true;
} catch (Exception $e) {
$wpdb->query('ROLLBACK'); error_log('批量处理失败: ' . $e->getMessage());
return false;
}
}
/**
* 异步任务处理
*/
public static function process_async_task($task_name, $data) {
// 将任务推送到消息队列
$queue_result = wp_queue_push($task_name, $data);
if ($queue_result) {
// 触发后台处理
wp_schedule_single_event(time() + 1, 'process_supply_chain_queue');
return true;
}
return false;
}}
?>
## 数据分析与预测模块
数据分析与预测模块
文件名:demand_forecast.py
import pandas as pd
import numpy as np
from sklearn.ensemble import RandomForestRegressor
from sklearn.model_selection import train_test_split
import joblib
import mysql.connector
class DemandForecastSystem:
def __init__(self, db_config):
"""初始化预测系统"""
self.db_config = db_config
self.model = None
self.feature_columns = [
'day_of_week', 'month', 'year',
'is_holiday', 'promotion_flag',
'historical_avg', 'trend_factor'
]
def fetch_sales_data(self, product_id, days=365):
"""从数据库获取销售数据"""
conn = mysql.connector.connect(**self.db_config)
query = """
SELECT
DATE(order_date) as date,
SUM(quantity) as quantity,
AVG(unit_price) as avg_price,
COUNT(DISTINCT order_id) as order_count
FROM orders
WHERE product_id = %s
AND order_date >= DATE_SUB(NOW(), INTERVAL %s DAY)
GROUP BY DATE(order_date)
ORDER BY date
"""
df = pd.read_sql(query, conn, params=[product_id, days])
conn.close()
return df
def prepare_features(self, df):
"""准备特征数据"""
df['date'] = pd.to_datetime(df['date'])
df['day_of_week'] = df['date'].dt.dayofweek
df['month'] = df['date'].dt.month
df['year'] = df['date'].dt.year
df['is_holiday'] = self.check_holiday(df['date'])
# 计算移动平均
df['historical_avg'] = df['quantity'].rolling(window=7, min_periods=1).mean()
# 趋势因子
df['trend_factor'] = self.calculate_trend(df['quantity'])
return df
def train_forecast_model(self, product_id):
"""训练预测模型"""
# 获取历史数据
sales_data = self.fetch_sales_data(product_id)
if len(sales_data) < 30:
print("数据不足,使用简单预测")
return self.simple_forecast(sales_data)
# 准备特征
df = self.prepare_features(sales_data)
# 分割特征和目标变量
X = df[self.feature_columns].fillna(0)
y = df['quantity']
# 分割训练集和测试集
X_train, X_test, y_train, y_test = train_test_split(
X, y, test_size=0.2, random_state=42
)
# 训练随机森林模型
self.model = RandomForestRegressor(
n_estimators=100,
max_depth=10,
random_state=42
)
self.model.fit(X_train, y_train)
# 评估模型
score = self.model.score(X_test, y_test)
print(f"模型R²分数: {score:.3f}")
# 保存模型
joblib.dump(self.model, f'models/product_{product_id}_forecast.pkl')
return self.model
def predict_demand(self, product_id, future_days=30):
"""预测未来需求"""
# 加载或训练模型
model_path = f'models/product_{product_id}_forecast.pkl'
try:
self.model = joblib.load(model_path)
except:
self.model = self.train_forecast_model(product_id)
# 生成未来日期
future_dates = pd.date_range(
start=pd.Timestamp.now(),
periods=future_days,
freq='D'
)
# 准备未来特征
future_df = pd.DataFrame({'date': future_dates})
future_df = self.prepare_features(future_df)
# 预测
predictions = self.model.predict(future_df[self.feature_columns].fillna(0))
# 创建结果DataFrame
result_df = pd.DataFrame({
'date': future_dates,
'predicted_demand': predictions,
'product_id': product_id
})
return result_df
def calculate_reorder_point(self, product_id, lead_time_days=7):
"""计算再订货点"""
# 获取预测需求
predictions = self.predict_demand(product_id, lead_time_days * 2)
# 计算提前期内的预期需求
lead_time_demand = predictions['predicted_demand'].head(lead_time_days).sum()
# 获取服务水平对应的Z值(95%服务水平)
z_score = 1.645
# 计算需求标准差
historical_data = self.fetch_sales_data(product_id)
demand_std = historical_data['quantity'].std()
# 计算安全库存
safety_stock = z_score * demand_std * np.sqrt(lead_time_days)
# 再订货点 = 提前期需求 + 安全库存
reorder_point = lead_time_demand + safety_stock
return {
'reorder_point': round(reorder_point, 2),
'safety_stock': round(safety_stock, 2),
'lead_time_demand': round(lead_time_demand, 2),
'current_stock': self.get_current_stock(product_id)
}
## 系统部署与监控
### Docker部署配置
docker-compose.yml
version: '3.8'
services:
wordpress:
image: wordpress:latest
container_name: supply-chain-wordpress
ports:
- "8080:80"
environment:
WORDPRESS_DB_HOST: mysql
WORDPRESS_DB_USER: ${DB_USER}
WORDPRESS_DB_PASSWORD: ${DB_PASSWORD}
WORDPRESS_DB_NAME: ${DB_NAME}
volumes:
- ./wp-content:/var/www/html/wp-content
- ./uploads.ini:/usr/local/etc/php/conf.d/uploads.ini
depends_on:
- mysql
networks:
- supply-chain-network
mysql:
image: mysql:8.0
container_name: supply-chain-mysql
environment:
MYSQL_DATABASE: ${DB_NAME}
MYSQL_USER: ${DB_USER}
MYSQL_PASSWORD: ${DB_PASSWORD}
MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD}
volumes:
- mysql-data:/var/lib/mysql
- ./mysql-init:/docker-entrypoint-initdb.d
networks:
- supply-chain-network
redis:
image: redis:alpine
container_name: supply-chain-redis
ports:
- "6379:6379"
volumes:
- redis-data:/data
networks:
- supply-chain-network
php-worker:
build:
context: .
dockerfile: Dockerfile.worker
container_name: supply-chain-worker
volumes:
- ./wp-content:/var/www/html/wp-content
depends_on:
- redis
- mysql
networks:
- supply-chain-network
command: php /var/www/html/worker.php
monitoring:
image: grafana/grafana:latest
container_name: supply-chain-monitoring
ports:
- "3000:3000"
environment:
GF_SECURITY_ADMIN_PASSWORD: ${GRAFANA_PASSWORD}
volumes:
- grafana-data:/var/lib/grafana
- ./grafana/provisioning:/etc/grafana/provisioning
networks:
- supply-chain-network
networks:
supply-chain-network:
driver: bridge
volumes:
mysql-data:
redis-data:
grafana-data:
### 系统监控脚本
<?php
/**
- 系统健康监控
- 文件名:health-monitor.php
*/
class SupplyChainHealthMonitor {
private $alert_thresholds = [
'order_queue_size' => 1000,
'inventory_sync_delay' => 300, // 5分钟
'api_error_rate' => 0.05, // 5%
'database_connections' => 80
];
/**
* 执行全面健康检查
*/
public function perform_health_check() {
$health_status = [
'timestamp' => current_time('mysql'),
'overall_status' => 'healthy',
'components' => []
];
// 检查数据库连接
$health_status['components']['database'] = $this->check_database_health();
// 检查Redis连接
$health_status['components']['redis'] = $this->check_redis_health();
// 检查订单队列
$health_status['components']['order_queue'] = $this->check_order_queue();
// 检查API响应时间
$health_status['components']['api_performance'] = $this->check_api_performance();
// 检查库存同步状态
$health_status['components']['inventory_sync'] = $this->check_inventory_sync();
// 确定整体状态
foreach ($health_status['components'] as $component) {
if ($component['status'] === 'critical') {
$health_status['overall_status'] = 'critical';
$this->trigger_alert($component);
break;
} elseif ($component['status'] === 'warning') {
$health_status['overall_status'] = 'warning';
}
}
// 记录健康状态
$this->log_health_status($health_status);
return $health_status;
}
/**
* 检查数据库健康状态
*/
private function check_database_health() {
global $wpdb;
$start_time = microtime(true);
// 测试查询
$result = $wpdb->get_var("SELECT COUNT(*) FROM {$wpdb->prefix}posts");
$query_time = (microtime(true) - $start_time) * 1000; // 毫秒
// 检查连接数
$connections = $wpdb->get_var("SHOW STATUS LIKE 'Threads_connected'");
$connections = intval($connections);
$status = 'healthy';
$message = '数据库运行正常';
if ($query_time > 1000) { // 查询超过1秒
$status = 'warning';
$message = '数据库查询缓慢';
}
if ($connections > $this->alert_thresholds['database_connections']) {
$status = 'critical';
$message = '数据库连接数过高';
}
return [
'status' => $status,
'message' => $message,
'metrics' => [
'query_time_ms' => round($query_time, 2),
'connections' => $connections,
'table_count' => $result
]
];
}
/**
* 检查订单队列状态
*/
private function check_order_queue() {
global $wpdb;
// 获取待处理订单数量
$pending_orders = $wpdb->get_var(
"SELECT COUNT(*) FROM {$wpdb->prefix}orders
WHERE status IN ('pending', 'processing')"
);
// 获取同步失败的订单
$failed_syncs = $wpdb->get_var(
"SELECT COUNT(*) FROM {$wpdb->prefix}order_sync_log
WHERE sync_status = 'failed'
AND sync_time > DATE_SUB(NOW(), INTERVAL 1 HOUR)"
);
$status = 'healthy';
$message = '订单队列正常';
if ($pending_orders > $this->alert_thresholds['order_queue_size']) {
$status = 'warning';
$message = '待处理订单数量较多';
}
if ($failed_syncs > 10) {
$status = 'critical';
$message = '订单同步频繁失败';
}
return [
'status' => $status,
'message' => $message,
'metrics' => [
'pending_orders' => $pending_orders,
'failed_syncs_last_hour' => $failed_syncs
]
];
}
/**
* 触发警报
*/
private function trigger_alert($component) {
$alert_message = sprintf(
"[供应链系统警报] %s - %sn时间: %sn指标: %s",
$component['status'],
$component['message'],
current_time('mysql'),
json_encode($component['metrics'])
);
// 发送邮件警报
wp_mail(
get_option('admin_email'),
'供应链系统健康警报',
$alert_message
);
// 发送Slack通知
$this->send_slack_alert($alert_message);
// 记录到日志
error_log($alert_message);
}
/**
* 发送Slack警报
*/
private function send_slack_alert($message) {
$webhook_url = get_option('slack_webhook_url');
if (!$webhook_url) {
return;
}
$payload = [
'text' => $message,
'username' => '供应链监控机器人',
'icon_emoji' => ':warning:',
'channel' => '#system-alerts'
];
wp_remote_post($webhook_url, [
'body' => json_encode($payload),
'headers' => ['Content-Type' => 'application/json']
]);
}}
// 定时执行健康检查
add_action('hourly_health_check', 'run_system_health_check');
function run_system_health_check() {
$monitor = new SupplyChainHealthMonitor();
$status = $monitor->perform_health_check();
// 如果状态异常,立即执行详细检查
if ($status['overall_status'] !== 'healthy') {
$monitor->perform_detailed_diagnosis();
}}
?>
## 安全与权限管理
<?php
/**
- 安全与权限管理模块
- 文件名:security-manager.php
*/
class SupplyChainSecurityManager {
/**
* API请求验证
*/
public static function validate_api_request($request) {
// 检查API密钥
$api_key = $request->get_header('X-API-Key');
if (!$api_key) {
return new WP_Error(
'missing_api_key',
'API密钥缺失',
['status' => 401]
);
}
// 验证API密钥
$valid_key = get_option('supply_chain_api_key');
if (!hash_equals($valid_key, $api_key)) {
return new WP_Error(
'invalid_api_key',
'无效的API密钥',
['status' => 403]
);
}
// 检查请求频率限制
if (!self::check_rate_limit($api_key)) {
return new WP_Error(
'rate_limit_exceeded',
'请求频率超限',
['status' => 429]
);
}
return true;
}
/**
* 请求频率限制
*/
private static function check_rate_limit($api_key, $limit = 100, $window = 60) {
$transient_key = 'api_rate_limit_' . md5($api_key);
$requests = get_transient($transient_key);
if (!$requests) {
$requests = 1;
set_transient($transient_key, $requests, $window);
return true;
}
if ($requests >= $limit) {
return false;
}
$requests++;
set_transient($transient_key, $requests, $window);
return true;
}
/**
* 数据加密
*/
public static function encrypt_data($data, $key = null) {
if (!$key) {
$key = defined('NONCE_KEY') ? NONCE_KEY : 'default_key';
}
$method = 'AES-256-CBC';
$iv_length = openssl_cipher_iv_length($method);
$iv = openssl_random_pseudo_bytes($iv_length);
$encrypted = openssl_encrypt(
json_encode($data),
$method,
$key,
OPENSSL_RAW_DATA,
$iv
);
$hmac = hash_hmac('sha256', $encrypted, $key, true);
return base64_encode($iv . $hmac . $encrypted);
}
/**
* 数据解密
*/
public static function decrypt_data($encrypted_data, $key = null) {
if (!$key) {
$key = defined('NONCE_KEY') ? NONCE_KEY : 'default_key';
}
$data = base64_decode($encrypted_data);
$method = 'AES-256-CBC';
$iv_length = openssl_cipher_iv_length($method);
$iv = substr($data, 0, $iv_length);
$hmac = substr($data, $iv_length, 32);
$encrypted = substr($data, $iv_length + 32);
$calculated_hmac = hash_hmac('sha256', $encrypted, $key, true);
if (!hash_equals($hmac, $calculated_hmac)) {
return new WP_Error('invalid_hmac', '数据完整性验证失败');
}
$decrypted = openssl_decrypt(
$encrypted,
$method,
