/** * 判断用户是否已经登陆 */ public final function check_member() { $phpcms_auth = param::get_cookie('auth'); if (ROUTE_M == 'member' && ROUTE_C == 'index' && in_array(ROUTE_A, array('login', 'register', 'mini', 'send_newmail'))) { if ($phpcms_auth && ROUTE_A != 'mini') { showmessage(L('login_success', '', 'member'), 'index.php?m=member&c=index'); } else { return true; } } else { //判断是否存在auth cookie if ($phpcms_auth) { $auth_key = $auth_key = md5(pc_base::load_config('system', 'auth_key') . $_SERVER['HTTP_USER_AGENT']); list($userid, $password) = explode("\t", sys_auth($phpcms_auth, 'DECODE', $auth_key)); //验证用户,获取用户信息 $this->memberinfo = $this->db->get_one(array('userid' => $userid)); //获取用户模型信息 $this->db->set_model($this->memberinfo['modelid']); $this->_member_modelinfo = $this->db->get_one(array('userid' => $userid)); $this->_member_modelinfo = $this->_member_modelinfo ? $this->_member_modelinfo : array(); $this->db->set_model(); if (is_array($this->memberinfo)) { $this->memberinfo = array_merge($this->memberinfo, $this->_member_modelinfo); } if ($this->memberinfo && $this->memberinfo['password'] === $password) { if (!defined('SITEID')) { define('SITEID', $this->memberinfo['siteid']); } if ($this->memberinfo['groupid'] == 1) { param::set_cookie('auth', ''); param::set_cookie('_userid', ''); param::set_cookie('_username', ''); param::set_cookie('_groupid', ''); showmessage(L('userid_banned_by_administrator', '', 'member'), 'index.php?m=member&c=index&a=login'); } elseif ($this->memberinfo['groupid'] == 7) { param::set_cookie('auth', ''); param::set_cookie('_userid', ''); param::set_cookie('_groupid', ''); //设置当前登录待验证账号COOKIE,为重发邮件所用 param::set_cookie('_regusername', $this->memberinfo['username']); param::set_cookie('_reguserid', $this->memberinfo['userid']); param::set_cookie('_reguseruid', $this->memberinfo['phpssouid']); param::set_cookie('email', $this->memberinfo['email']); showmessage(L('need_emial_authentication', '', 'member'), 'index.php?m=member&c=index&a=register&t=2'); } } else { param::set_cookie('auth', ''); param::set_cookie('_userid', ''); param::set_cookie('_username', ''); param::set_cookie('_groupid', ''); } unset($userid, $password, $phpcms_auth, $auth_key); } else { $forward = isset($_GET['forward']) ? urlencode($_GET['forward']) : urlencode(get_url()); showmessage(L('please_login', '', 'member'), 'index.php?m=member&c=index&a=login&forward=' . $forward); } } }
function __construct() { $this->content_db = pc_base::load_model('content_model'); $this->db = pc_base::load_model('content_model'); $this->siteid = isset($_GET['siteid']) && intval($_GET['siteid']) > 0 ? intval(trim($_GET['siteid'])) : (param::get_cookie('siteid') ? param::get_cookie('siteid') : 1); param::set_cookie('siteid', $this->siteid); $this->wap_site = getcache('wap_site', 'wap'); $this->types = getcache('wap_type', 'wap'); $this->wap = $this->wap_site[$this->siteid]; define('WAP_SITEURL', $this->wap['domain'] ? $this->wap['domain'] . 'index.php?' : APP_PATH . 'index.php?m=wap&siteid=' . $this->siteid); // if($this->wap['status']!=1) exit(L('wap_close_status')); }
/** * 附件更新接口. * @param string $content 可传入空,html,数组形式url,url地址,传入空时,以cookie方式记录。 * @param string 传入附件关系表中的组装id * @isurl intval 为本地地址时设为1,以cookie形式管理时设置为2 */ public function api_update($content, $keyid, $isurl = 0) { if (pc_base::load_config('system', 'attachment_stat') == 0) { return false; } $keyid = trim($keyid); $isurl = intval($isurl); if ($isurl == 2 || empty($content)) { $this->api_update_cookie($keyid); } else { $att_index_db = pc_base::load_model('attachment_index_model'); $upload_url = pc_base::load_config('system', 'upload_url'); if (strpos($upload_url, '://') !== false) { $pos = strpos($upload_url, "/", 8); $domain = substr($upload_url, 0, $pos) . '/'; $dir_name = substr($upload_url, $pos + 1); } if ($isurl == 0) { $pattern = '/(href|src)=\\"(.*)\\"/isU'; preg_match_all($pattern, $content, $matches); if (is_array($matches) && !empty($matches)) { $att_arr = array_unique($matches[2]); foreach ($att_arr as $_k => $_v) { $att_arrs[$_k] = md5(str_replace(array($domain, $dir_name), '', $_v)); } } } elseif ($isurl == 1) { if (is_array($content)) { $att_arr = array_unique($content); foreach ($att_arr as $_k => $_v) { $att_arrs[$_k] = md5(str_replace(array($domain, $dir_name), '', $_v)); } } else { $att_arrs[] = md5(str_replace(array($domain, $dir_name), '', $content)); } } $att_index_db->delete(array('keyid' => $keyid)); if (is_array($att_arrs) && !empty($att_arrs)) { foreach ($att_arrs as $r) { $infos = $this->get_one(array('authcode' => $r), 'aid'); if ($infos) { $this->update(array('status' => 1), array('aid' => $infos['aid'])); $att_index_db->insert(array('keyid' => $keyid, 'aid' => $infos['aid'])); } } } } param::set_cookie('att_json', ''); return true; }
public function post() { if (isset($_GET['callback']) && !preg_match('/^[a-zA-Z_][a-zA-Z0-9_]+$/', $_GET['callback'])) { unset($_GET['callback']); } $mood_id =& $this->mood_id; $setting =& $this->setting; $cookies = param::get_cookie('mood_id'); $cookie = explode(',', $cookies); if (in_array($this->mood_id, $cookie)) { $this->_show_result(0, L('expressed')); } else { $mood_db = pc_base::load_model('mood_model'); $key = isset($_GET['k']) && intval($_GET['k']) ? intval($_GET['k']) : ''; if (!in_array($key, array(1, 2, 3, 4, 5, 6, 7, 8, 9, 10))) { $this->_show_result(0, L('illegal_parameters')); } $fields = 'n' . $key; if ($data = $mood_db->get_one(array('catid' => $this->catid, 'siteid' => $this->siteid, 'contentid' => $this->contentid))) { $mood_db->update(array('total' => '+=1', $fields => '+=1', 'lastupdate' => SYS_TIME), array('id' => $data['id'])); $data['total']++; $data[$fields]++; } else { $mood_db->insert(array('total' => '1', $fields => '1', 'catid' => $this->catid, 'siteid' => $this->siteid, 'contentid' => $this->contentid, ' lastupdate' => SYS_TIME)); $data['total'] = 1; $data[$fields] = 1; } param::set_cookie('mood_id', $cookies . ',' . $mood_id); foreach ($setting as $k => $v) { $setting[$k]['fields'] = 'n' . $k; if (!isset($data[$setting[$k]['fields']])) { $data[$setting[$k]['fields']] = 0; } if (isset($data['total']) && !empty($data['total'])) { $setting[$k]['per'] = ceil($data[$setting[$k]['fields']] / $data['total'] * 60); } else { $setting[$k]['per'] = 0; } } ob_start(); include template('mood', 'index'); $html = ob_get_contents(); ob_clean(); $this->_show_result(1, $html); } }
public function best_answer_vote() { $id = intval($_POST['id']); $pid = intval($_POST['pid']); $method_id = intval($_POST['result']); if (!in_array($method_id, array(1, 2))) { echo L('submit_failure'); exit; } $cookies = param::get_cookie('best_answer_vote_pids'); $cookie = explode(',', $cookies); if (in_array($pid, $cookie)) { echo L('your_have_vote_best_answer'); exit; } $a = $this->db->get_one("askid={$id} AND siteid=" . SITEID, 'catid,status'); if ($a['status'] != 5) { echo L('submit_failure'); exit; } //检测表 $posts_table_name = $this->db2->posts_table($a['catid']); $this->db2->table_name = $posts_table_name; $r = $this->db2->get_one("pid='{$pid}' AND optimal=1", "candidate,status,optimal"); if ($r['candidate'] == 1 || $r['status'] < 3 || $r['optimal'] != 1 || !$r) { echo L('submit_failure'); exit; } $result = $this->db2->update(array('best_answer_vote_' . $method_id => '+=1'), "pid={$pid} AND optimal=1 AND siteid=" . SITEID); if ($result) { param::set_cookie('best_answer_vote_pids', $cookies . ',' . $pid); echo L('thinks_your_vote'); } else { echo L('your_have_vote'); } }
public function info_publish() { $memberinfo = $this->memberinfo; $grouplist = getcache('grouplist'); $SEO['title'] = L('info_publish', '', 'info'); //判断会员组是否允许投稿 if (!$grouplist[$memberinfo['groupid']]['allowpost']) { showmessage(L('member_group') . L('publish_deny'), HTTP_REFERER); } //判断每日投稿数 $this->content_check_db = pc_base::load_model('content_check_model'); $todaytime = strtotime(date('y-m-d', SYS_TIME)); $_username = $memberinfo['username']; $allowpostnum = $this->content_check_db->count("`inputtime` > {$todaytime} AND `username`='{$_username}'"); if ($grouplist[$memberinfo['groupid']]['allowpostnum'] > 0 && $allowpostnum >= $grouplist[$memberinfo['groupid']]['allowpostnum']) { showmessage(L('allowpostnum_deny') . $grouplist[$memberinfo['groupid']]['allowpostnum'], HTTP_REFERER); } $siteids = getcache('category_content', 'commons'); header("Cache-control: private"); if (isset($_POST['dosubmit'])) { $catid = intval($_POST['info']['catid']); $siteid = $siteids[$catid]; $CATEGORYS = getcache('category_content_' . $siteid, 'commons'); $category = $CATEGORYS[$catid]; $modelid = $category['modelid']; if (!$modelid) { showmessage(L('illegal_parameters'), HTTP_REFERER); } $this->content_db = pc_base::load_model('content_model'); $this->content_db->set_model($modelid); $table_name = $this->content_db->table_name; $fields_sys = $this->content_db->get_fields(); $this->content_db->table_name = $table_name . '_data'; $fields_attr = $this->content_db->get_fields(); $fields = array_merge($fields_sys, $fields_attr); $fields = array_keys($fields); $info = array(); foreach ($_POST['info'] as $_k => $_v) { if (in_array($_k, $fields)) { $info[$_k] = $_v; } } $post_fields = array_keys($_POST['info']); $post_fields = array_intersect_assoc($fields, $post_fields); $setting = string2array($category['setting']); if ($setting['presentpoint'] < 0 && $memberinfo['point'] < abs($setting['presentpoint'])) { showmessage(L('points_less_than', array('point' => $memberinfo['point'], 'need_point' => abs($setting['presentpoint']))), APP_PATH . 'index.php?m=pay&c=deposit&a=pay&exchange=point', 3000); } //判断会员组投稿是否需要审核 if ($grouplist[$memberinfo['groupid']]['allowpostverify'] || !$setting['workflowid']) { $info['status'] = 99; } else { $info['status'] = 1; } $info['username'] = $memberinfo['username']; $this->content_db->siteid = $siteid; $id = $this->content_db->add_content($info); //检查投稿奖励或扣除积分 $flag = $catid . '_' . $id; if ($setting['presentpoint'] > 0) { pc_base::load_app_class('receipts', 'pay', 0); receipts::point($setting['presentpoint'], $memberinfo['userid'], $memberinfo['username'], $flag, 'selfincome', L('contribute_add_point'), $memberinfo['username']); } else { pc_base::load_app_class('spend', 'pay', 0); spend::point($setting['presentpoint'], L('contribute_del_point'), $memberinfo['userid'], $memberinfo['username'], '', '', $flag); } //缓存结果 $model_cache = getcache('model', 'commons'); $infos = array(); foreach ($model_cache as $modelid => $model) { if ($model['siteid'] == $siteid) { $datas = array(); $this->content_db->set_model($modelid); $datas = $this->content_db->select(array('username' => $memberinfo['username'], 'sysadd' => 0), 'id,catid,title,url,username,sysadd,inputtime,status', 100, 'id DESC'); } } setcache('member_' . $memberinfo['userid'] . '_' . $siteid, $infos, 'content'); //缓存结果 END if ($info['status'] == 99) { showmessage(L('contributors_success'), APP_PATH . 'index.php?m=member&c=content&a=info_top&id=' . $id . '&catid=' . $catid . '&msg=1'); } else { showmessage(L('contributors_checked'), APP_PATH . 'index.php?m=member&c=content&a=info_top&id=' . $id . '&catid=' . $catid . '&msg=1'); } } else { $show_header = $show_dialog = $show_validator = ''; $step = $step_1 = $step_2 = $step_3 = $step_4; $temp_language = L('news', '', 'content'); $sitelist = getcache('sitelist', 'commons'); /* if(!isset($_GET['siteid']) && count($sitelist)>1) { include template('member', 'content_publish_select_model'); exit; } */ //设置cookie 在附件添加处调用 param::set_cookie('module', 'content'); $siteid = intval($_GET['siteid']); //获取信息模型类别、区域、城市信息 $info_linkageid = getinfocache('info_linkageid'); $cityid = getcity(trim($_GET['city']), 'linkageid'); $cityname = getcity(trim($_GET['city']), 'name'); $citypinyin = getcity(trim($_GET['city']), 'pinyin'); $zone = intval($_GET['zone']); $zone_name = get_linkage($zone, $info_linkageid, '', 0); if (!$siteid) { $siteid = 1; } $CATEGORYS = getcache('category_content_' . $siteid, 'commons'); $priv_db = pc_base::load_model('category_priv_model'); //加载栏目权限表数据模型 foreach ($CATEGORYS as $catid => $cat) { if ($cat['siteid'] == $siteid && $cat['child'] == 0 && $cat['type'] == 0 && $priv_db->get_one(array('catid' => $catid, 'roleid' => $memberinfo['groupid'], 'is_admin' => 0, 'action' => 'add'))) { break; } } $catid = $_GET['catid'] ? intval($_GET['catid']) : $catid; if (!$catid) { showmessage(L('category') . L('publish_deny'), APP_PATH . 'index.php?m=member'); } //判断本栏目是否允许投稿 if (!$priv_db->get_one(array('catid' => $catid, 'roleid' => $memberinfo['groupid'], 'is_admin' => 0, 'action' => 'add'))) { showmessage(L('category') . L('publish_deny'), APP_PATH . 'index.php?m=member'); } $category = $CATEGORYS[$catid]; if ($category['siteid'] != $siteid) { showmessage(L('site_no_category'), '?m=member&c=content&a=info_publish'); } $setting = string2array($category['setting']); if ($zone == 0 && !isset($_GET['catid'])) { $step = 1; include template('member', 'info_content_publish_select'); exit; } elseif ($zone == 0 && $category['child']) { $step = 2; $step_1 = '<a href="' . APP_PATH . 'index.php?m=member&c=content&a=info_publish&siteid=' . $siteid . '&city=' . $citypinyin . '">' . $category['catname'] . '</a>'; include template('member', 'info_content_publish_select'); exit; } elseif ($zone == 0 && isset($_GET['catid'])) { $step = 3; $step_1 = '<a href="' . APP_PATH . 'index.php?m=member&c=content&a=info_publish&siteid=' . $siteid . '">' . $CATEGORYS[$category['parentid']]['catname'] . '</a>'; $step_2 = '<a href="' . APP_PATH . 'index.php?m=member&c=content&a=info_publish&siteid=' . $siteid . '&city=' . $citypinyin . '&catid=' . $category['parentid'] . '">' . $category['catname'] . '</a>'; $zone_arrchild = show_linkage($info_linkageid, $cityid, $cityid); include template('member', 'info_content_publish_select'); exit; } elseif ($zone !== 0 && get_linkage_level($info_linkageid, $zone, 'child') && !$_GET['jumpstep']) { $step = 4; $step_1 = '<a href="' . APP_PATH . 'index.php?m=member&c=content&a=info_publish&siteid=' . $siteid . '&city=' . $citypinyin . '">' . $CATEGORYS[$category['parentid']]['catname'] . '</a>'; $step_2 = '<a href="' . APP_PATH . 'index.php?m=member&c=content&a=info_publish&siteid=' . $siteid . '&city=' . $citypinyin . '&catid=' . $category['parentid'] . '">' . $category['catname'] . '</a>'; $step_3 = '<a href="' . APP_PATH . 'index.php?m=member&c=content&a=info_publish&siteid=' . $siteid . '&city=' . $citypinyin . '&catid=' . $catid . '">' . $zone_name . '</a>'; $zone_arrchild = get_linkage_level($info_linkageid, $zone, 'arrchildinfo'); include template('member', 'info_content_publish_select'); exit; } if ($setting['presentpoint'] < 0 && $memberinfo['point'] < abs($setting['presentpoint'])) { showmessage(L('points_less_than', array('point' => $memberinfo['point'], 'need_point' => abs($setting['presentpoint']))), APP_PATH . 'index.php?m=pay&c=deposit&a=pay&exchange=point', 3000); } if ($category['type'] != 0) { showmessage(L('illegal_operation')); } $modelid = $category['modelid']; require CACHE_MODEL_PATH . 'content_form.class.php'; $content_form = new content_form($modelid, $catid, $CATEGORYS); $data = array('zone' => $zone, 'city' => $cityid); $forminfos_data = $content_form->get($data); $forminfos = array(); foreach ($forminfos_data as $_fk => $_fv) { if ($_fv['isomnipotent']) { continue; } if ($_fv['formtype'] == 'omnipotent') { foreach ($forminfos_data as $_fm => $_fm_value) { if ($_fm_value['isomnipotent']) { $_fv['form'] = str_replace('{' . $_fm . '}', $_fm_value['form'], $_fv['form']); } } } $forminfos[$_fk] = $_fv; } $formValidator = $content_form->formValidator; //去掉栏目id unset($forminfos['catid']); $workflowid = $setting['workflowid']; header("Cache-control: private"); include template('member', 'info_content_publish'); } }
public function edit() { //设置cookie 在附件添加处调用 param::set_cookie('module', 'content'); if (isset($_POST['dosubmit']) || isset($_POST['dosubmit_continue'])) { define('INDEX_HTML', true); $id = $_POST['info']['id'] = intval($_POST['id']); $catid = $_POST['info']['catid'] = intval($_POST['info']['catid']); if (trim($_POST['info']['title']) == '') { showmessage(L('title_is_empty')); } $modelid = $this->categorys[$catid]['modelid']; $this->db->set_model($modelid); $this->db->edit_content($_POST['info'], $id); if (isset($_POST['dosubmit'])) { showmessage(L('update_success') . L('2s_close'), 'blank', '', '', 'function set_time() {$("#secondid").html(1);}setTimeout("set_time()", 500);setTimeout("window.close()", 1200);'); } else { showmessage(L('update_success'), HTTP_REFERER); } } else { $show_header = $show_dialog = $show_validator = ''; //从数据库获取内容 $id = intval($_GET['id']); if (!isset($_GET['catid']) || !$_GET['catid']) { showmessage(L('missing_part_parameters')); } $catid = $_GET['catid'] = intval($_GET['catid']); $this->model = getcache('model', 'commons'); param::set_cookie('catid', $catid); $category = $this->categorys[$catid]; $modelid = $category['modelid']; $this->db->table_name = $this->db->db_tablepre . $this->model[$modelid]['tablename']; $r = $this->db->get_one(array('id' => $id)); $this->db->table_name = $this->db->table_name . '_data'; $r2 = $this->db->get_one(array('id' => $id)); if (!$r2) { showmessage(L('subsidiary_table_datalost'), 'blank'); } $data = array_merge($r, $r2); $data = array_map('htmlspecialchars_decode', $data); require CACHE_MODEL_PATH . 'content_form.class.php'; $content_form = new content_form($modelid, $catid, $this->categorys); $forminfos = $content_form->get($data); $formValidator = $content_form->formValidator; include $this->admin_tpl('content_edit'); } header("Cache-control: private"); }
/** * QQ微博登录 */ public function public_qq_login() { define('QQ_AKEY', pc_base::load_config('system', 'qq_akey')); define('QQ_SKEY', pc_base::load_config('system', 'qq_skey')); pc_base::load_app_class('qqoauth', '', 0); $this->_session_start(); if (isset($_GET['callback']) && trim($_GET['callback'])) { $o = new WeiboOAuth(QQ_AKEY, QQ_SKEY, $_SESSION['keys']['oauth_token'], $_SESSION['keys']['oauth_token_secret']); $_SESSION['last_key'] = $o->getAccessToken($_REQUEST['oauth_verifier']); if (!empty($_SESSION['last_key']['name'])) { //检查connect会员是否绑定,已绑定直接登录,未绑定提示注册/绑定页面 $where = array('connectid' => $_REQUEST['openid'], 'from' => 'qq'); $r = $this->db->get_one($where); //connect用户已经绑定本站用户 if (!empty($r)) { //读取本站用户信息,执行登录操作 $password = $r['password']; $this->_init_phpsso(); $synloginstr = $this->client->ps_member_synlogin($r['phpssouid']); $userid = $r['userid']; $groupid = $r['groupid']; $username = $r['username']; $nickname = empty($r['nickname']) ? $username : $r['nickname']; $this->db->update(array('lastip' => ip(), 'lastdate' => SYS_TIME, 'nickname' => $me['name']), array('userid' => $userid)); if (!$cookietime) { $get_cookietime = param::get_cookie('cookietime'); } $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0); $cookietime = $_cookietime ? TIME + $_cookietime : 0; $phpcms_auth = sys_auth($userid . "\t" . $password, 'ENCODE', get_auth_key('login')); param::set_cookie('auth', $phpcms_auth, $cookietime); param::set_cookie('_userid', $userid, $cookietime); param::set_cookie('_username', $username, $cookietime); param::set_cookie('_groupid', $groupid, $cookietime); param::set_cookie('cookietime', $_cookietime, $cookietime); param::set_cookie('_nickname', $nickname, $cookietime); param::set_cookie('_from', 'snda'); $forward = isset($_GET['forward']) && !empty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index'; showmessage(L('login_success') . $synloginstr, $forward); } else { //弹出绑定注册页面 $_SESSION = array(); $_SESSION['connectid'] = $_REQUEST['openid']; $_SESSION['from'] = 'qq'; $connect_username = $_SESSION['last_key']['name']; //加载用户模块配置 $member_setting = getcache('member_setting'); if (!$member_setting['allowregister']) { showmessage(L('deny_register'), 'index.php?m=member&c=index&a=login'); } //获取用户siteid $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1; //过滤非当前站点会员模型 $modellist = getcache('member_model', 'commons'); foreach ($modellist as $k => $v) { if ($v['siteid'] != $siteid || $v['disabled']) { unset($modellist[$k]); } } if (empty($modellist)) { showmessage(L('site_have_no_model') . L('deny_register'), HTTP_REFERER); } $modelid = 10; //设定默认值 if (array_key_exists($modelid, $modellist)) { //获取会员模型表单 require CACHE_MODEL_PATH . 'member_form.class.php'; $member_form = new member_form($modelid); $this->db->set_model($modelid); $forminfos = $forminfos_arr = $member_form->get(); //万能字段过滤 foreach ($forminfos as $field => $info) { if ($info['isomnipotent']) { unset($forminfos[$field]); } else { if ($info['formtype'] == 'omnipotent') { foreach ($forminfos_arr as $_fm => $_fm_value) { if ($_fm_value['isomnipotent']) { $info['form'] = str_replace('{' . $_fm . '}', $_fm_value['form'], $info['form']); } } $forminfos[$field]['form'] = $info['form']; } } } $formValidator = $member_form->formValidator; } include template('member', 'connect'); } } else { showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login'); } } else { $oauth_callback = APP_PATH . 'index.php?m=member&c=index&a=public_qq_login&callback=1'; $oauth_nonce = md5(SYS_TIME); $oauth_signature_method = 'HMAC-SHA1'; $oauth_timestamp = SYS_TIME; $oauth_version = '1.0'; $url = "https://open.t.qq.com/cgi-bin/request_token?oauth_callback={$oauth_callback}&oauth_consumer_key=" . QQ_AKEY . "&oauth_nonce={$oauth_nonce}&oauth_signature=" . QQ_SKEY . "&oauth_signature_method=HMAC-SHA1&oauth_timestamp={$oauth_timestamp}&oauth_version={$oauth_version}"; $o = new WeiboOAuth(QQ_AKEY, QQ_SKEY); $keys = $o->getRequestToken(array('callback' => $oauth_callback)); $_SESSION['keys'] = $keys; $aurl = $o->getAuthorizeURL($keys['oauth_token'], false, $oauth_callback); include template('member', 'connect_qq'); } }
public function log_out() { param::set_cookie('username', ''); param::set_cookie('userid', ''); }
public function public_edit_info() { $userid = $_SESSION['userid']; if(isset($_POST['dosubmit'])) { $admin_fields = array('email','realname','lang'); $info = array(); $info = $_POST['info']; if(trim($info['lang'])=='') $info['lang'] = 'zh-cn'; foreach ($info as $k=>$value) { if (!in_array($k, $admin_fields)){ unset($info[$k]); } } $this->db->update($info,array('userid'=>$userid)); param::set_cookie('sys_lang', $info['lang'],SYS_TIME+86400*30); showmessage(L('operation_success'),HTTP_REFERER); } else { $info = $this->db->get_one(array('userid'=>$userid)); extract($info); $lang_dirs = glob(PC_PATH.'languages/*'); $dir_array = array(); foreach($lang_dirs as $dirs) { $dir_array[] = str_replace(PC_PATH.'languages/','',$dirs); } include $this->admin_tpl('admin_edit_info'); } }
if (!$cookietime) { $get_cookietime = param::get_cookie('cookietime'); } $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0); $cookietime = $_cookietime ? TIME + $_cookietime : 0; $phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $_SERVER['HTTP_USER_AGENT']); $phpcms_auth = sys_auth($userid . "\t" . $password, 'ENCODE', $phpcms_auth_key); header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); param::set_cookie('auth', $phpcms_auth, $cookietime); param::set_cookie('_userid', $userid, $cookietime); param::set_cookie('_username', $username, $cookietime); param::set_cookie('_nickname', $nickname, $cookietime); param::set_cookie('_groupid', $groupid, $cookietime); param::set_cookie('cookietime', $_cookietime, $cookietime); exit('1'); } /** * 同步退出 */ if ($action == 'synlogout') { header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); pc_base::load_sys_class('param', '', 0); param::set_cookie('auth', ''); param::set_cookie('_userid', ''); param::set_cookie('_username', ''); param::set_cookie('_nickname', ''); param::set_cookie('_groupid', ''); param::set_cookie('cookietime', ''); exit('1'); //执行本系统退出操作 }
/** * @设置网站模式 设置了模式后,后台仅出现在此模式中的菜单 */ public function public_set_model() { $model = $_GET['site_model']; if (!$model) { param::set_cookie('site_model', ''); } else { $models = pc_base::load_config('model_config'); if (in_array($model, array_keys($models))) { param::set_cookie('site_model', $model); } else { param::set_cookie('site_model', ''); } } $menudb = pc_base::load_model('menu_model'); $where = array('parentid' => 0, 'display' => 1); if ($model) { $where[$model] = 1; } $result = $menudb->select($where, 'id', 1000, 'listorder ASC'); $menuids = array(); if (is_array($result)) { foreach ($result as $r) { $menuids[] = $r['id']; } } exit(json_encode($menuids)); }
/** * 设置站点ID COOKIE */ public function public_set_siteid() { $siteid = isset($_GET['siteid']) && intval($_GET['siteid']) ? intval($_GET['siteid']) : exit('0'); param::set_cookie('siteid', $siteid); exit('1'); }
<?php defined('IN_PHPCMS') or exit('No permission resources.'); param::set_cookie('username', ''); param::set_cookie('userid', '');
/** * 盛大通行证登陆 */ public function public_snda_login() { $this->_session_start(); $ticket = $_GET['ticket']; if(!empty($ticket)) { $callback_url = urlencode(APP_PATH.'index.php?m=member&c=index&a=public_snda_login'); $snda_res = $this->_snda_get_appid(); $appid = $snda_res['appid']; $cas_url ="http://gw.sdo.com/cas/validate/?service=$callback_url&ticket=$ticket&appid=$appid&appArea=0"; $result = @file_get_contents($cas_url); $result = json_decode($result, 1); if(isset($result['error']) && $result['error'] == 0 && is_numeric($result['data']['uid'])) { $userid = $result['data']['uid']; } elseif(isset($result['error']) && $result['errno'] == -1) { showmessage(L('invalid_appid'), 'index.php?m=member&c=index&a=login'); } else { showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login'); } if(!empty($userid)) { //检查connect会员是否绑定,已绑定直接登录,未绑定提示注册/绑定页面 $where = array('connectid'=>$userid, 'from'=>'snda'); $r = $this->db->get_one($where); //connect用户已经绑定本站用户 if(!empty($r)) { //读取本站用户信息,执行登录操作 $password = $r['password']; $this->_init_phpsso(); $synloginstr = $this->client->ps_member_synlogin($r['phpssouid']); $userid = $r['userid']; $groupid = $r['groupid']; $username = $r['username']; $nickname = empty($r['nickname']) ? $username : $r['nickname']; $this->db->update(array('lastip'=>ip(), 'lastdate'=>SYS_TIME, 'nickname'=>$me['name']), array('userid'=>$userid)); if(!$cookietime) $get_cookietime = param::get_cookie('cookietime'); $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0); $cookietime = $_cookietime ? TIME + $_cookietime : 0; $phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key').$this->http_user_agent); $phpcms_auth = sys_auth($userid."\t".$password, 'ENCODE', $phpcms_auth_key); param::set_cookie('auth', $phpcms_auth, $cookietime); param::set_cookie('_userid', $userid, $cookietime); param::set_cookie('_username', $username, $cookietime); param::set_cookie('_groupid', $groupid, $cookietime); param::set_cookie('cookietime', $_cookietime, $cookietime); param::set_cookie('_nickname', $nickname, $cookietime); param::set_cookie('_from', 'snda'); $forward = isset($_GET['forward']) && !empty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index'; showmessage(L('login_success').$synloginstr, $forward); } else { //弹出绑定注册页面 $_SESSION['connectid'] = $userid; $_SESSION['from'] = 'snda'; $connect_username = $userid; include template('member', 'connect'); } } } else { showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login'); } }
$sso_info['type'] = 'phpcms_v9'; $data = http_build_query($sso_info); $needmod = 'admin'; $remote_url = $sso_url . 'api.php?op=install&' . $data; $remote_var = $sso_url . 'api.php'; if (remote_file_exists($remote_var)) { $returnid = @file_get_contents($remote_url); } if ($returnid == '-1') { $reg_sso_status = 'PHPSSO缺少传递参数'; } elseif ($returnid == '-2') { $reg_sso_status = 'PHPSSO用户名不存在或者密码错误,请检查'; } elseif ($returnid > 0) { $reg_sso = array('phpsso' => '1', 'phpsso_appid' => $returnid, 'phpsso_api_url' => $sso_url, 'phpsso_auth_key' => $sso_info['authkey']); set_config($reg_sso, 'system'); param::set_cookie('reg_sso_succ', $returnid); } elseif ($returnid == '-4') { $reg_sso_status = '请删除phpsso_server/caches/phpsso_install.lock'; } else { $reg_sso_status = 'PHPSSO 的 URL 地址可能填写错误,请检查!'; } } $chmod_file = $install_phpsso == 1 ? 'chmod.txt' : 'chmod_unsso.txt'; $selectmod = $needmod . $selectmod; $selectmods = explode(',', $selectmod); $files = file(PHPCMS_PATH . "install/" . $chmod_file); foreach ($files as $_k => $file) { $file = str_replace('*', '', $file); $file = trim($file); if (is_dir(PHPCMS_PATH . $file)) { $is_dir = '1';
public function pay() { $memberinfo = $this->memberinfo; $pay_types = $this->handle->get_paytype(); $trade_sn = create_sn(); param::set_cookie('trade_sn',$trade_sn); $show_validator = 1; include template('pay', 'deposit'); }
public function support() { $id = isset($_GET['id']) && intval($_GET['id']) ? intval($_GET['id']) : $this->_show_msg(L('illegal_parameters'), HTTP_REFERER); if (param::get_cookie('reviews_' . $id)) { $this->_show_msg(L('dragonforce'), HTTP_REFERER); } $reviews = pc_base::load_app_class('reviews'); if ($reviews->support($this->reviewsid, $id)) { param::set_cookie('reviews_' . $id, $id, SYS_TIME + 3600); } $this->_show_msg($reviews->get_error(), $reviews->msg_code == 0 ? HTTP_REFERER : '', $reviews->msg_code == 0 ? 1 : 0); }
/** * 删除swfupload上传的json格式cookie */ public function swfupload_json_del() { $arr['aid'] = intval($_GET['aid']); $arr['src'] = trim($_GET['src']); $arr['filename'] = urlencode($_GET['filename']); $json_str = json_encode($arr); $att_arr_exist = param::get_cookie('att_json'); $att_arr_exist = str_replace(array($json_str, '||||'), array('', '||'), $att_arr_exist); $att_arr_exist = preg_replace('/^\\|\\|||\\|\\|$/i', '', $att_arr_exist); param::set_cookie('att_json', $att_arr_exist); }
public function public_qq_login2() { $appid = pc_base::load_config('system', 'qq_appid'); $appkey = pc_base::load_config('system', 'qq_appkey'); $callback = pc_base::load_config('system', 'qq_callback'); pc_base::load_app_class('qqapi', '', 0); $info = new qqapi($appid, $appkey, $callback); $this->_session_start(); if (!isset($_GET['oauth_token'])) { $info->redirect_to_login(); } else { $info->get_openid(); if (!empty($_SESSION['openid'])) { $r = $this->db->get_one(array('connectid' => $_SESSION['openid'], 'from' => 'qq')); if (!empty($r)) { //登陆 $password = $r['password']; $this->_init_phpsso(); $synloginstr = $this->client->ps_member_synlogin($r['phpssouid']); $userid = $r['userid']; $groupid = $r['groupid']; $username = $r['username']; $nickname = empty($r['nickname']) ? $username : $r['nickname']; $this->db->update(array('lastip' => ip(), 'lastdate' => SYS_TIME, 'nickname' => $me['name']), array('userid' => $userid)); if (!$cookietime) { $get_cookietime = param::get_cookie('cookietime'); } $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0); $cookietime = $_cookietime ? TIME + $_cookietime : 0; $phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $this->http_user_agent); $phpcms_auth = sys_auth($userid . "\t" . $password, 'ENCODE', $phpcms_auth_key); param::set_cookie('auth', $phpcms_auth, $cookietime); param::set_cookie('_userid', $userid, $cookietime); param::set_cookie('_username', $username, $cookietime); param::set_cookie('_groupid', $groupid, $cookietime); param::set_cookie('cookietime', $_cookietime, $cookietime); param::set_cookie('_nickname', $nickname, $cookietime); $forward = isset($_GET['forward']) && !empty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index'; showmessage(L('login_success') . $synloginstr, $forward); } else { $user = $info->get_user_info(); $_SESSION['connectid'] = $_SESSION['openid']; $_SESSION['from'] = 'qq'; $connect_username = $user['nickname']; include template('member', 'connect'); } } } }
/** * 按照模型搜索 */ public function init() { $grouplist = getcache('grouplist', 'member'); $_groupid = param::get_cookie('_groupid'); if (!$_groupid) { $_groupid = 8; } if (!$grouplist[$_groupid]['allowsearch']) { if ($_groupid == 8) { showmessage(L('guest_not_allowsearch')); } else { showmessage(''); } } if (!isset($_GET['catid'])) { showmessage(L('missing_part_parameters')); } $catid = intval($_GET['catid']); $siteids = getcache('category_content', 'commons'); $siteid = $siteids[$catid]; $this->categorys = getcache('category_content_' . $siteid, 'commons'); if (!isset($this->categorys[$catid])) { showmessage(L('missing_part_parameters')); } if (isset($_GET['info']['catid']) && $_GET['info']['catid']) { $catid = intval($_GET['info']['catid']); } else { $_GET['info']['catid'] = 0; } $modelid = $this->categorys[$catid]['modelid']; $modelid = intval($modelid); if (!$modelid) { showmessage(L('illegal_parameters')); } //搜索间隔 $minrefreshtime = getcache('common', 'commons'); $minrefreshtime = intval($minrefreshtime['minrefreshtime']); $minrefreshtime = $minrefreshtime ? $minrefreshtime : 5; if (param::get_cookie('search_cookie') && param::get_cookie('search_cookie') > SYS_TIME - 2) { showmessage(L('search_minrefreshtime', array('min' => $minrefreshtime)), 'index.php?m=content&c=search&catid=' . $catid, $minrefreshtime * 1280); } else { param::set_cookie('search_cookie', SYS_TIME + 2); } //搜索间隔 $CATEGORYS = $this->categorys; //产生表单 pc_base::load_sys_class('form', '', 0); $fields = getcache('model_field_' . $modelid, 'model'); $forminfos = array(); foreach ($fields as $field => $r) { if ($r['issearch']) { if ($r['formtype'] == 'catid') { $r['form'] = form::select_category('', $_GET['info']['catid'], 'name="info[catid]"', L('please_select_category'), $modelid, 0, 1); } elseif ($r['formtype'] == 'number') { $r['form'] = "<input type='text' name='{$field}_start' id='{$field}_start' value='' size=5 class='input-text'/> - <input type='text' name='{$field}_end' id='{$field}_start' value='' size=5 class='input-text'/>"; } elseif ($r['formtype'] == 'datetime') { $r['form'] = form::date("info[{$field}]"); } elseif ($r['formtype'] == 'box') { $options = explode("\n", $r['options']); foreach ($options as $_k) { $v = explode("|", $_k); $option[$v[1]] = $v[0]; } switch ($r['boxtype']) { case 'radio': $string = form::radio($option, $value, "name='info[{$field}]' id='{$field}'"); break; case 'checkbox': $string = form::radio($option, $value, "name='info[{$field}]' id='{$field}'"); break; case 'select': $string = form::select($option, $value, "name='info[{$field}]' id='{$field}'"); break; case 'multiple': $string = form::select($option, $value, "name='info[{$field}]' id='{$field}'"); break; } $r['form'] = $string; } elseif ($r['formtype'] == 'typeid') { $types = getcache('type_content', 'commons'); $types_array = array(L('no_limit')); foreach ($types as $_k => $_v) { if ($modelid == $_v['modelid']) { $types_array[$_k] = $_v['name']; } } $r['form'] = form::select($types_array, 0, "name='info[{$field}]' id='{$field}'"); } elseif ($r['formtype'] == 'linkage') { $setting = string2array($r['setting']); $value = $_GET['info'][$field]; $r['form'] = menu_linkage($setting['linkageid'], $field, $value); } elseif (in_array($r['formtype'], array('text', 'keyword', 'textarea', 'editor', 'title', 'author', 'omnipotent'))) { $value = safe_replace($_GET['info'][$field]); $r['form'] = "<input type='text' name='info[{$field}]' id='{$field}' value='" . $value . "' class='input-text search-text'/>"; } else { continue; } $forminfos[$field] = $r; } } //----------- if (isset($_GET['dosubmit'])) { $siteid = $this->categorys[$catid]['siteid']; $siteurl = siteurl($siteid); $this->db->set_model($modelid); $tablename = $this->db->table_name; $page = max(intval($_GET['page']), 1); $sql = "SELECT * FROM `{$tablename}` a,`{$tablename}_data` b WHERE a.id=b.id AND a.status=99"; $sql_count = "SELECT COUNT(*) AS num FROM `{$tablename}` a,`{$tablename}_data` b WHERE a.id=b.id AND a.status=99"; //构造搜索SQL $where = ''; foreach ($fields as $field => $r) { if ($r['issearch']) { $table_nickname = $r['issystem'] ? 'a' : 'b'; if ($r['formtype'] == 'catid') { if ($_GET['info']['catid']) { $where .= " AND {$table_nickname}.catid='{$catid}'"; } } elseif ($r['formtype'] == 'number') { $start = "{$field}_start"; $end = "{$field}_end"; if ($_GET[$start]) { $start = intval($_GET[$start]); $where .= " AND {$table_nickname}.{$field}>'{$start}'"; } if ($_GET[$end]) { $end = intval($_GET[$end]); $where .= " AND {$table_nickname}.{$field}<'{$end}'"; } } elseif ($r['formtype'] == 'datetime') { if ($_GET['info'][$field]) { $start = strtotime($_GET['info'][$field]); if ($start) { $where .= " AND {$table_nickname}.{$field}>'{$start}'"; } } } elseif ($r['formtype'] == 'box') { if ($_GET['info'][$field]) { $field_value = safe_replace($_GET['info'][$field]); switch ($r['boxtype']) { case 'radio': $where .= " AND {$table_nickname}.`{$field}`='{$field_value}'"; break; case 'checkbox': $where .= " AND {$table_nickname}.`{$field}` LIKE '%,{$field_value},%'"; break; case 'select': $where .= " AND {$table_nickname}.`{$field}`='{$field_value}'"; break; case 'multiple': $where .= " AND {$table_nickname}.`{$field}` LIKE '%,{$field_value},%'"; break; } } } elseif ($r['formtype'] == 'typeid') { if ($_GET['info'][$field]) { $typeid = intval($_GET['info'][$field]); $where .= " AND {$table_nickname}.`{$field}`='{$typeid}'"; } } elseif ($r['formtype'] == 'linkage') { if ($_GET['info'][$field]) { $linkage = intval($_GET['info'][$field]); $where .= " AND {$table_nickname}.`{$field}`='{$linkage}'"; } } elseif (in_array($r['formtype'], array('text', 'keyword', 'textarea', 'editor', 'title', 'author', 'omnipotent'))) { if ($_GET['info'][$field]) { $keywords = safe_replace($_GET['info'][$field]); $where .= " AND {$table_nickname}.`{$field}` LIKE '%{$keywords}%'"; } } else { continue; } } } //----------- if ($where == '') { showmessage(L('please_enter_content_to_search')); } $pagesize = 20; $offset = intval($pagesize * ($page - 1)); $sql_count .= $where; $this->db->query($sql_count); $total = $this->db->fetch_array(); $total = $total[0]['num']; if ($total != 0) { $sql .= $where; $order = ''; $order = $_GET['orderby'] == 'a.id DESC' ? 'a.id DESC' : 'a.id ASC'; $sql .= ' ORDER BY ' . $order; $sql .= " LIMIT {$offset},{$pagesize}"; $this->db->query($sql); $datas = $this->db->fetch_array(); $pages = pages($total, $page, $pagesize); } else { $datas = array(); $pages = ''; } } $SEO = seo($siteid, $catid, $keywords); include template('content', 'search'); }
/** * 盛大通行证登陆 */ public function public_snda_login() { $ticket = $_GET['ticket']; if (!empty($ticket)) { $callback_url = urlencode(APP_PATH . 'index.php?m=member&c=index&a=public_snda_login'); $snda_res = $this->_snda_get_appid(); $appid = $snda_res['appid']; $cas_url = "http://gw.sdo.com/cas/validate/?service={$callback_url}&ticket={$ticket}&appid={$appid}&appArea=0"; $result = @file_get_contents($cas_url); $result = json_decode($result, 1); if (isset($result['error']) && $result['error'] == 0 && is_numeric($result['data']['uid'])) { $userid = $result['data']['uid']; } elseif (isset($result['error']) && $result['errno'] == -1) { showmessage(L('invalid_appid'), 'index.php?m=member&c=index&a=login'); } else { showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login'); } if (!empty($userid)) { $this->_init_phpsso(); $status = $this->client->ps_get_member_info('snda_' . $userid, 2); //如果sso中有用户 if ($status != '-1') { $memberinfo = unserialize($status); //接口返回序列化,进行判断 } else { //sso中无此用户,注册用户 $status = $this->client->ps_member_register('snda_' . $userid, md5($userid), $userid . '@sdo.com', ip()); if ($status > 0) { $memberinfo['uid'] = $status; $info['phpssouid'] = $status; //取phpsso密码随机数 $info['username'] = '******' . $userid; $info['password'] = md5($userid); $info['email'] = ''; $info['nickname'] = ''; $info['modelid'] = 10; $info['regip'] = ip(); $info['groupid'] = $this->_get_usergroup_bypoint(); $info['regdate'] = $info['lastdate'] = SYS_TIME; $this->db->insert($info); } } if (isset($memberinfo['uid']) && is_numeric($memberinfo['uid'])) { //查询帐号信息 $r = $this->db->get_one(array('phpssouid' => $memberinfo['uid'])); $password = $r['password']; $synloginstr = $this->client->ps_member_synlogin($r['phpssouid']); $userid = $r['userid']; $groupid = $r['groupid']; $username = $r['username']; $nickname = empty($r['nickname']) ? $username : $r['nickname']; $this->db->update(array('lastip' => ip(), 'lastdate' => SYS_TIME, 'nickname' => $me['name']), array('userid' => $userid)); if (!$cookietime) { $get_cookietime = param::get_cookie('cookietime'); } $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0); $cookietime = $_cookietime ? TIME + $_cookietime : 0; $phpcms_auth_key = md5(pc_base::load_config('system', 'auth_key') . $this->http_user_agent); $phpcms_auth = sys_auth($userid . "\t" . $password, 'ENCODE', $phpcms_auth_key); param::set_cookie('auth', $phpcms_auth, $cookietime); param::set_cookie('_userid', $userid, $cookietime); param::set_cookie('_username', $username, $cookietime); param::set_cookie('_groupid', $groupid, $cookietime); param::set_cookie('cookietime', $_cookietime, $cookietime); param::set_cookie('_nickname', $nickname, $cookietime); param::set_cookie('_from', 'snda'); $forward = isset($_GET['forward']) && !empty($_GET['forward']) ? $_GET['forward'] : 'index.php?m=member&c=index'; showmessage(L('login_success') . $synloginstr, $forward); } } } else { showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login'); } }