/**
* 开启远程API
*/
function openApi()
{
if (!xwb_token::checkInput('p', $this->tokehash, true)) {
exit(json_encode(array('errno' => 1, 'err' => '令牌验证失败,请返回重试')));
}
$url = trim(XWB_plugin::V('p:url', ''));
if (!$url || strpos($url, 'http') !== 0) {
exit(json_encode(array('errno' => 1, 'err' => '请输入远程API地址')));
}
if (!defined('XWB_LOCAL_API') || '' == XWB_LOCAL_API) {
exit(json_encode(array('errno' => 2, 'err' => '请设置本地API地址')));
}
$stx = XWB_plugin::pCfg('switch_to_xweibo');
$utx = XWB_plugin::pCfg('url_to_xweibo');
if (XWB_plugin::setPCfg(array('switch_to_xweibo' => 1, 'url_to_xweibo' => $url))) {
$api = XWB_plugin::N('apixwb', $url);
$response = $api->setNotice(1, XWB_LOCAL_API, FALSE);
if (!is_array($response) || 0 != $response['errno']) {
XWB_plugin::setPCfg(array('switch_to_xweibo' => $stx, 'url_to_xweibo' => $utx));
} elseif (!empty($response['rst']['baseurl'])) {
XWB_plugin::setPCfg(array('baseurl_to_xweibo' => $response['rst']['baseurl']));
}
exit(json_encode($response));
} else {
exit(json_encode(array('errno' => 1, 'err' => '配置文件无法写入')));
}
}
/**
* 评论回推设置:设置和开启评论回推选项
*/
function doCfg4pushback()
{
if (!defined('XWB_S_IS_ADMIN') || !XWB_S_IS_ADMIN || !XWB_plugin::isRequestBy('POST')) {
XWB_plugin::deny('');
}
$is_pushback_open = 1;
$pushback_to_thread = intval(XWB_plugin::V('p:pushback_to_thread'));
$pushback_to_blog = intval(XWB_plugin::V('p:pushback_to_blog'));
$pushback_to_doing = intval(XWB_plugin::V('p:pushback_to_doing'));
$pushback_to_share = intval(XWB_plugin::V('p:pushback_to_share'));
if (!$pushback_to_thread && !$pushback_to_blog && !$pushback_to_doing && !$pushback_to_share) {
$is_pushback_open = 0;
}
$res = XWB_Plugin::setPCfg(array('is_pushback_open' => $is_pushback_open, 'pushback_to_thread' => $pushback_to_thread, 'pushback_to_blog' => $pushback_to_blog, 'pushback_to_doing' => $pushback_to_doing, 'pushback_to_share' => $pushback_to_share));
if (true == $res) {
$ret = array(1, '设置保存成功。');
} else {
$ret = array(0, '设置保存失败,请检查配置文件app.cfg.php是否具有可写权限?');
}
$this->_oScript('xwbSetTips', $ret);
$pushInstance = XWB_Plugin::O('pushbackCommunicator');
if (1 == $is_pushback_open) {
$pushInstance->setPushback('comment');
} else {
$pushInstance->cancelPushback();
}
}
/**
* 开启远程API
*/
function openApi()
{
$url = XWB_plugin::V('p:url', '');
if (!$url) {
exit(json_encode(array('errno' => 1, 'err' => '请输入远程API地址')));
}
if (!defined('XWB_LOCAL_API') || '' == XWB_LOCAL_API) {
exit(json_encode(array('errno' => 2, 'err' => '请设置本地API地址')));
}
$stx = XWB_plugin::pCfg('switch_to_xweibo');
$utx = XWB_plugin::pCfg('url_to_xweibo');
if (XWB_plugin::setPCfg(array('switch_to_xweibo' => 1, 'url_to_xweibo' => $url))) {
$api = XWB_plugin::N('apixwb', $url);
$response = $api->setNotice(1, XWB_LOCAL_API, FALSE);
if (!is_array($response) || 0 != $response['errno']) {
XWB_plugin::setPCfg(array('switch_to_xweibo' => $stx, 'url_to_xweibo' => $utx));
} elseif (!empty($response['rst']['baseurl'])) {
XWB_plugin::setPCfg(array('baseurl_to_xweibo' => $response['rst']['baseurl']));
}
exit(json_encode($response));
} else {
exit(json_encode(array('errno' => 1, 'err' => '配置文件无法写入')));
}
}
<?php
/*
* @version $Id: newarticle.hack.php 453 2010-12-23 04:36:02Z yaoying $
*/
if (!defined('IS_IN_XWB_PLUGIN')) {
exit('Access Denied!');
}
global $_G;
$aid = isset($GLOBALS['aid']) ? (int) $GLOBALS['aid'] : 0;
$subject = isset($_POST['title']) ? (string) $_POST['title'] : '';
if ($aid >= 1) {
if (XWB_plugin::V('p:syn')) {
$xp_publish = XWB_plugin::N('xwb_plugins_publish');
register_shutdown_function(array(&$xp_publish, 'articleSync'), (int) $aid, $subject);
}
}
/**
* 获取当前请求的 route 名称
* @param boolen $is_acc 是否以数组返回。默认为否
* @return string|mixed
*/
function getRequestRoute($is_acc = false)
{
$m = XWB_plugin::V("g:" . XWB_R_GET_VAR_NAME);
$m = !empty($m) ? $m : XWB_R_DEF_MOD;
if (!$is_acc) {
return $m;
} else {
$r = XWB_plugin::_parseRoute($m);
return array('path' => $r[1], 'class' => $r[2], 'function' => $r[3]);
}
}
/**
* Exchange the request token and secret for an access token and
* secret, to sign API calls.
*
* @return array
*/
function getAccessToken($oauth_verifier = FALSE, $oauth_token = false, $useType = 'string')
{
$parameters = array();
$parameters["client_id"] = XWB_APP_KEY;
$parameters["client_secret"] = XWB_APP_SECRET_KEY;
$parameters["grant_type"] = "authorization_code";
$parameters["code"] = XWB_plugin::V('r:code');
$parameters["redirect_uri"] = XWB_plugin::getEntryURL('xwbAuth.authCallBack');
$token = $this->oAuthRequest($this->accessTokenURL(), 'POST', $parameters, true);
$token['oauth_token'] = $token['access_token'];
$token['oauth_token_secret'] = "";
return $token;
}
/**
* 帖子转发
*/
function doShare()
{
if (!XWB_plugin::pCfg('is_rebutton_display')) {
XWB_plugin::showError('新浪微博资料页功能已经关闭!');
}
/* 判断是否外部转发 */
if (!isset($_SESSION['forshare']) || TRUE !== $_SESSION['forshare']) {
XWB_plugin::showError('禁止外部转发');
}
/* 销毁 SESSION['forshare'] 变量*/
unset($_SESSION['forshare']);
/* 判断转发时间间隔 */
$shareTime = intval(XWB_plugin::pCfg('wbx_share_time'));
if ($shareTime >= time() - intval(@$_SESSION['sharetime'])) {
XWB_plugin::showError("转发过快,转发间隔为 {$shareTime} 秒");
}
/* 获取用户信息 */
$rst = $this->_getUserInfo();
if (isset($rst['error_no']) && 0 < $rst['error_no']) {
$this->_showTip($rst['error']);
}
/* 获取传递信息 */
$message = trim(strval(XWB_plugin::V('p:message')));
$pic = trim(strval(XWB_plugin::V('p:share_pic')));
if (empty($message)) {
$this->_showTip('错误:转发信息不能为空.', $rst);
}
/* 转发主题 */
$xp_publish = XWB_plugin::N('xwb_plugins_publish');
$ret = $xp_publish->sendShare($message, $pic);
/* 写入 SESSION 发布时间 */
$_SESSION['sharetime'] = time();
/* 错误处理 */
if ($ret === false || $ret === null) {
$this->_showTip('错误:系统错误!', $rst);
}
if (isset($ret['error_code']) && isset($ret['error'])) {
$error_code_se = substr($ret['error'], 0, 5);
if ('400' == $ret['error_code'] && '40025' == $error_code_se) {
$ret['error'] = '错误:不能发布相同的微博!';
} else {
$ret['error'] = '错误:系统错误!';
}
$this->_showTip($ret['error'], $rst);
}
$this->_showTip('转发成功!', $rst);
}
function authCallBack()
{
if (!XWB_plugin::pCfg('is_account_binding')) {
XWB_plugin::showError('网站管理员关闭了插件功能“新浪微博绑定”。请稍后再试。');
}
//--------------------------------------------------------------------
global $_G;
$sess = XWB_plugin::getUser();
$waiting_site_bind = $sess->getInfo('waiting_site_bind');
if (empty($waiting_site_bind)) {
//XWB_plugin::deny();
$siteUrl = XWB_plugin::siteUrl(0);
XWB_plugin::redirect($siteUrl, 3);
}
$sess->setOAuthKey(array(), true);
//--------------------------------------------------------------------
$wbApi = XWB_plugin::getWB();
$db = XWB_plugin::getDB();
$last_key = $wbApi->getAccessToken(XWB_plugin::V('r:oauth_verifier'));
//print_r($last_key);
if (!isset($last_key['oauth_token']) || !isset($last_key['oauth_token_secret'])) {
$api_error_origin = isset($last_key['error']) ? $last_key['error'] : 'UNKNOWN ERROR. MAYBE SERVER CAN NOT CONNECT TO SINA API SERVER';
$api_error = isset($last_key['error_CN']) && !empty($last_key['error_CN']) && 'null' != $last_key['error_CN'] ? $last_key['error_CN'] : '';
XWB_plugin::LOG("[WEIBO CLASS]\t[ERROR]\t#{$wbApi->req_error_count}\t{$api_error}\t{$wbApi->last_req_url}\tERROR ARRAY:\r\n" . print_r($last_key, 1));
XWB_plugin::showError("服务器获取Access Token失败;请稍候再试。<br />错误原因:{$api_error}[{$api_error_origin}]");
}
$sess->setOAuthKey($last_key, true);
$wbApi->setConfig();
$uInfo = $wbApi->verifyCredentials();
$sess->setInfo('sina_uid', $uInfo['id']);
$sess->setInfo('sina_name', $uInfo['screen_name']);
//print_r($uInfo);
//--------------------------------------------------------------------
/// 此帐号是否已经在当前站点中绑定
$sinaHasBinded = false;
$stat_is_bind_type = 0;
if (defined('XWB_S_UID') && XWB_S_UID > 0) {
$bInfo = XWB_plugin::getBUById(XWB_S_UID, $uInfo['id']);
} else {
$bInfo = XWB_plugin::getBindUser($uInfo['id'], 'sina_uid');
//远程API
}
if (!is_array($bInfo) && (defined('XWB_S_UID') && XWB_S_UID > 0)) {
$bInfo = XWB_plugin::getBindUser(XWB_S_UID, 'site_uid');
//登录状态下再查一次API,确保没有绑定
}
if (!empty($bInfo) && is_array($bInfo)) {
$sinaHasBinded = true;
dsetcookie($this->_getBindCookiesName($bInfo['uid']), (string) $bInfo['sina_uid'], 604800);
//核查存储的access token是否有更新,有更新则进行自动更新
if ($bInfo['sina_uid'] == $uInfo['id'] && ($bInfo['token'] != $last_key['oauth_token'] || $bInfo['tsecret'] != $last_key['oauth_token_secret'])) {
XWB_plugin::updateBindUser($bInfo['uid'], $bInfo['sina_uid'], (string) $last_key['oauth_token'], (string) $last_key['oauth_token_secret'], $uInfo['screen_name']);
//远程API
}
}
//--------------------------------------------------------------------
/// 决定在首页中显示什么浮层
$tipsType = '';
//xwb_tips_type
//已在论坛登录
if (defined('XWB_S_UID') && XWB_S_UID) {
if ($sinaHasBinded) {
//$sinaHasBinded为true时,$bInfo必定存在
if (XWB_S_UID != $bInfo['uid'] || $bInfo['sina_uid'] != $uInfo['id']) {
$tipsType = 'hasBinded';
$sess->clearToken();
} else {
$tipsType = 'autoLogin';
}
} else {
//远程API
$rst = XWB_plugin::addBindUser(XWB_S_UID, $uInfo['id'], (string) $last_key['oauth_token'], (string) $last_key['oauth_token_secret'], $uInfo['screen_name']);
if (!$rst) {
echo "DB ERROR";
exit;
return false;
}
$tipsType = 'bind';
dsetcookie($this->_getBindCookiesName(XWB_S_UID), (string) $uInfo['id'], 604800);
//正向绑定统计上报
$sess->appendStat('bind', array('uid' => $uInfo['id'], 'type' => 1));
}
} else {
//从 wb 登录后 检查用户是否绑定,如果绑定了 则在附属站点自
if ($sinaHasBinded) {
require_once XWB_P_ROOT . '/lib/xwbSite.inc.php';
$result = xwb_setSiteUserLogin((int) $bInfo['uid']);
if (false == $result) {
dsetcookie($this->_getBindCookiesName($bInfo['uid']), -1, 604800);
XWB_plugin::delBindUser($bInfo['uid']);
//远程API
$tipsType = 'siteuserNotExist';
} else {
$stat_is_bind_type = 1;
$tipsType = 'autoLogin';
}
} else {
//已登录WB,没有附属站点的帐号 引导注册
$sess->setInfo('waiting_site_reg', '1');
$tipsType = 'reg';
}
}
//--------------------------------------------------------------------
//bind的页面需要跳转,故需要使用cookies记录
if ($tipsType == 'bind') {
dsetcookie('xwb_tips_type', $tipsType, 0);
}
//$sess->setInfo('xwb_tips_type', $tipsType);
$sess->setInfo('waiting_site_bind', 0);
//使用sina微博帐号登录成功(不管是否绑定)统计上报
$sess->appendStat('login', array('uid' => $uInfo['id'], 'is_bind' => $stat_is_bind_type));
//所有跟站点相关的对接,必须放到_showBinging
$this->_showBinging($tipsType);
}
<?php
/**
*[JishiGou] (C)2005 - 2099 Cenwor Inc.
*
* This is NOT a freeware, use is subject to license terms
*
* @Filename newtopic.hack.php $
*
* @Author 狐狸<*****@*****.**> $
*
* @version $Id: newtopic.hack.php 3699 2013-05-27 07:26:39Z wuliyong $
*/
if (!defined('IS_IN_XWB_PLUGIN')) {
exit('Access Denied!');
}
if (XWB_plugin::isUserBinded() && XWB_plugin::V('p:syn_to_sina')) {
$xp_publish = XWB_plugin::N('xwb_plugins_publish');
$xp_publish->topic((int) ($tid ? $tid : $GLOBALS['jsg_tid']), (int) ($totid ? $totid : $GLOBALS['jsg_totid']), (string) $GLOBALS['jsg_message'], (string) $GLOBALS['jsg_imageid']);
}
function authCallBack()
{
if (!XWB_plugin::pCfg('is_account_binding')) {
XWB_plugin::showError('新浪微博绑定功能已经关闭!');
}
//--------------------------------------------------------------------
$sess = XWB_plugin::getUser();
$waiting_site_bind = $sess->getInfo('waiting_site_bind');
if (empty($waiting_site_bind)) {
//XWB_plugin::deny();
$siteUrl = XWB_plugin::siteUrl(0);
XWB_plugin::redirect($siteUrl, 3);
}
//--------------------------------------------------------------------
$wbApi = XWB_plugin::getWB();
$db = XWB_plugin::getDB();
$last_key = $wbApi->getAccessToken(XWB_plugin::V('r:oauth_verifier'));
$sess->setOAuthKey(array(), true);
// print_r($last_key);
if (!isset($last_key['oauth_token']) || !isset($last_key['oauth_token_secret'])) {
$api_error_origin = isset($last_key['error']) ? $last_key['error'] : 'UNKNOWN ERROR. MAYBE SERVER CAN NOT CONNECT TO SINA API SERVER';
$api_error = isset($last_key['error_CN']) && !empty($last_key['error_CN']) && 'null' != $last_key['error_CN'] ? $last_key['error_CN'] : '';
XWB_plugin::LOG("[WEIBO CLASS]\t[ERROR]\t#{$wbApi->req_error_count}\t{$api_error}\t{$wbApi->last_req_url}\tERROR ARRAY:\r\n" . print_r($last_key, 1));
XWB_plugin::showError("服务器获取Access Token失败;请稍候再试。<br />错误原因:{$api_error}[{$api_error_origin}]");
}
$sess->setOAuthKey($last_key, true);
$wbApi->setConfig();
$uInfo = $wbApi->verifyCredentials();
$sess->setInfo('sina_uid', $uInfo['id']);
$sess->setInfo('sina_name', $uInfo['screen_name']);
//print_r($uInfo);
//--------------------------------------------------------------------
/// 此帐号是否已经在当前站点中绑定
$sinaHasBinded = false;
if (defined('XWB_S_UID') && XWB_S_UID > 0) {
$bInfo = $db->fetch_first("SELECT * FROM " . XWB_S_TBPRE . "xwb_bind_info WHERE sina_uid='" . $uInfo['id'] . "' OR uid='" . XWB_S_UID . "'");
} else {
$bInfo = $db->fetch_first("SELECT * FROM " . XWB_S_TBPRE . "xwb_bind_info WHERE sina_uid='" . $uInfo['id'] . "'");
}
if (!empty($bInfo) && is_array($bInfo)) {
$sinaHasBinded = true;
//核查存储的access token是否有更新,有更新则进行自动更新
if ($bInfo['token'] != $last_key['oauth_token'] || $bInfo['tsecret'] != $last_key['oauth_token_secret']) {
$db->query("UPDATE " . XWB_S_TBPRE . "xwb_bind_info SET token='" . (string) $last_key['oauth_token'] . "', tsecret='" . (string) $last_key['oauth_token_secret'] . "' WHERE sina_uid='" . $uInfo['id'] . "'");
}
}
//--------------------------------------------------------------------
/// 决定在首页中显示什么浮层
$tipsType = '';
//xwb_tips_type
//已在论坛登录
if (defined('XWB_S_UID') && XWB_S_UID) {
if ($sinaHasBinded) {
$tipsType = 'hasBinded';
$sess->clearToken();
} else {
$inData = array();
$inData['uid'] = XWB_S_UID;
$inData['sina_uid'] = $uInfo['id'];
$inData['token'] = $last_key['oauth_token'];
$inData['tsecret'] = $last_key['oauth_token_secret'];
$inData['profile'] = '[]';
$sqlF = array();
$sqlV = array();
foreach ($inData as $k => $v) {
$sqlF[] = "`" . $k . "`";
$sqlV[] = "'" . mysql_real_escape_string($v) . "'";
}
$sql = "REPLACE INTO " . XWB_S_TBPRE . "xwb_bind_info (" . implode(",", $sqlF) . ") VALUES (" . implode(",", $sqlV) . ") ;";
$rst = $db->query($sql, 'UNBUFFERED');
jclass('misc')->update_account_bind_info(XWB_S_UID, '', '', 1);
if (!$rst) {
echo "DB ERROR";
exit;
return false;
}
$tipsType = 'bind';
//正向绑定统计上报
$sess->appendStat('bind', array('uid' => $uInfo['id'], 'type' => 1));
}
} else {
//从 wb 登录后 检查用户是否绑定,如果绑定了 则在附属站点自
if ($sinaHasBinded) {
require_once XWB_P_ROOT . '/lib/xwbSite.inc.php';
$result = xwb_setSiteUserLogin((int) $bInfo['uid']);
if (!$result) {
$db->query("DELETE FROM " . XWB_S_TBPRE . "xwb_bind_info WHERE sina_uid='" . $uInfo['id'] . "'");
$tipsType = 'siteuserNotExist';
} else {
$tipsType = 'autoLogin';
}
} else {
//已登录WB,没有附属站点的帐号 引导注册
$sess->setInfo('waiting_site_reg', '1');
$tipsType = 'reg';
}
}
//--------------------------------------------------------------------
//bind的页面需要跳转,故需要使用cookies记录
if ($tipsType == 'bind') {
setcookie('xwb_tips_type', $tipsType, 0);
}
//$sess->setInfo('xwb_tips_type', $tipsType);
$sess->setInfo('waiting_site_bind', 0);
//使用sina微博帐号登录成功(不管是否绑定)统计上报
$sess->appendStat('login', array('uid' => $uInfo['id']));
//所有跟站点相关的对接,必须放到_showBinging
$this->_showBinging($tipsType);
}
/**
* 验算二次tokenhash是否正确
* @param string $type 类型,可选值:g/p/c/r
* @return bool
*/
function checkSecFormhash($type = 'p')
{
if (XWB_plugin::V($type . ':' . XWB_TOKEN_NAME) != xwb_token::makeSecFormhash()) {
return false;
} else {
return true;
}
}
function setSync()
{
$uid = max(0, (int) MEMBER_ID);
if ($uid < 1) {
$this->Messager("请先<a href='index.php?mod=login'>点此登录</a>或者<a href='index.php?mod=member'>点此注册</a>一个帐号", null);
}
$setting = (int) $this->Get['setting'];
if ('sina' == $this->Get['type']) {
define('IS_IN_XWB_PLUGIN', true);
define('XWB_P_ROOT', ROOT_PATH . 'include/ext/xwb/');
require_once XWB_P_ROOT . 'sina.php';
require_once XWB_P_ROOT . 'lib/core.class.php';
if (XWB_S_UID < 1 || !XWB_plugin::pCfg('is_account_binding')) {
XWB_plugin::showError('新浪微博绑定功能已经关闭!');
}
$tojishigou = XWB_plugin::V('G:tojishigou');
$reply_tojishigou = XWB_plugin::V('G:reply_tojishigou');
$profile = XWB_plugin::O('xwbUserProfile');
$profile->set(array('bind_setting' => (int) $setting, 'synctopic_tojishigou' => (int) $tojishigou, 'syncreply_tojishigou' => (int) $reply_tojishigou));
$r = jclass('misc')->update_account_bind_info(XWB_S_UID, '', '', 1);
} elseif ('qq' == $this->Get['type']) {
$this->DatabaseHandler->Query("update " . TABLE_PREFIX . "qqwb_bind_info set `synctoqq`='{$setting}' where `uid`='{$uid}'");
$r = jclass('misc')->update_account_bind_info($uid, '', '', 1);
} elseif ('renren' == $this->Get['type'] && !$setting) {
$r = $this->DatabaseHandler->Query("delete from " . TABLE_PREFIX . "renren_bind_info where `uid`='{$uid}'");
} elseif ('kaixin' == $this->Get['type']) {
$this->DatabaseHandler->Query("delete from " . TABLE_PREFIX . "kaixin_bind_info where `uid`='{$uid}'");
}
json_result('ok', $setting ? 0 : 1);
}
<?php
/*
* @version $Id: newblog.hack.php 453 2010-12-23 04:36:02Z yaoying $
*/
if (!defined('IS_IN_XWB_PLUGIN')) {
exit('Access Denied!');
}
global $_G;
$blogid = isset($GLOBALS['newblog']['blogid']) ? (int) $GLOBALS['newblog']['blogid'] : 0;
if ($blogid > 0 && XWB_plugin::V('p:syn')) {
$xp_publish = XWB_plugin::N('xwb_plugins_publish');
register_shutdown_function(array(&$xp_publish, 'blogSync'), $blogid, (string) $GLOBALS['newblog']['subject']);
}
