function user_set_role()
{
user_ensure_authenticated();
$id = get_current_user_id();
$args = func_get_args();
$key = $args[2];
if ($key == "" or $key != "1" and $key != "2") {
die("Invalid argument!");
}
connect_db();
$view = "SELECT role_id FROM userinfo WHERE user_id='{$id}'";
$list = mysql_query($view);
$row = mysql_fetch_array($list);
$role = $row['role_id'];
if ($role != -1) {
die('Role already set!');
}
$view = "UPDATE userinfo SET role_id=" . $key . " WHERE user_id='" . $id . "'";
$list = mysql_query($view) or die("Update error!");
$GLOBALS['user']['role'] = $key;
save_cookie();
}
case 'update_cookie':
if (!$_POST['cookie']) {
break;
}
$cookie = daddslashes($_POST['cookie']);
if (!preg_match('/BDUSS=(.+?)/', $cookie)) {
showmessage('Cookie 信息不完整,请尝试重新获取', './#baidu_bind', 1);
}
if (!preg_match('/BAIDUID=(.+?)/', $cookie)) {
showmessage('Cookie 信息不完整,请尝试重新获取', './#baidu_bind', 1);
}
if (!verify_cookie($cookie)) {
showmessage('无法登陆百度贴吧,请检查 Cookie 是否填写正确', './#baidu_bind', 1);
}
$cookie = daddslashes($cookie);
save_cookie($uid, $cookie);
showmessage('您的 Cookie 信息已经更新<script type="text/javascript" src="?action=refresh_liked_tieba&formhash=' . $formhash . '"></script>', './#baidu_bind', 1);
break;
case 'update_setting':
if ($_POST['formhash'] != $formhash) {
break;
}
DB::update('member_setting', array('error_mail' => $_POST['error_mail'] ? 1 : 0, 'send_mail' => $_POST['send_mail'] ? 1 : 0, 'zhidao_sign' => $_POST['zhidao_sign'] ? 1 : 0, 'wenku_sign' => $_POST['wenku_sign'] ? 1 : 0), "uid='{$uid}'");
CACHE::save('user_setting_' . $uid, '');
showmessage('设置已经保存', './#setting', 1);
break;
case 'change_password':
if ($_POST['formhash'] != $formhash) {
break;
}
$user = DB::fetch_first("SELECT * FROM member WHERE uid='{$uid}'");
id int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(64) NOT NULL,
module text NOT NULL,
PRIMARY KEY (id),
UNIQUE KEY `name` (`name`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8
');
DB::insert('plugin', array('name' => 'debug_info'));
DB::insert('plugin', array('name' => 'update_log'));
saveSetting('version', '1.13.11.9');
showmessage('成功更新到 1.13.11.9!', './');
} elseif ($current_version == '1.13.11.9') {
runquery("\nALTER TABLE `plugin` ADD `enable` TINYINT(1) NOT NULL DEFAULT '1' AFTER `id`;\nALTER TABLE `plugin` ADD `version` VARCHAR(8) NOT NULL DEFAULT '0';\nALTER TABLE `member_setting` ADD `cookie` TEXT BINARY CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL;\n");
$query = DB::query('SELECT uid, cookie FROM member');
while ($result = DB::fetch($query)) {
save_cookie($result['uid'], $result['cookie']);
}
DB::query('ALTER TABLE `member` DROP `cookie`');
$query = DB::query('SHOW columns FROM `plugin`');
while ($result = DB::fetch($query)) {
if ($result['Field'] == 'module') {
DB::query('ALTER TABLE `plugin` DROP `module`');
}
}
CACHE::clear();
CACHE::update('plugins');
saveSetting('register_limit', 1);
saveSetting('register_check', 1);
saveSetting('jquery_mode', 2);
saveSetting('version', '1.13.12.15');
showmessage('成功更新到 1.13.12.15!', './');
function oauth_sina_callback()
{
include_once 'sinaoauth.inc.php';
$o = new WeiboOAuth(SINA_AKEY, SINA_SKEY, $_SESSION['sinakeys']['oauth_token'], $_SESSION['sinakeys']['oauth_token_secret']);
$last_key = $o->getAccessToken($_REQUEST['oauth_verifier']);
$GLOBALS['user']['sinakey'] = $last_key;
connect_db();
$me = sina_get_credentials() or die("Cound not get data from Sina API");
if (!$me['id']) {
die("Cound not get data from Sina API");
}
$view = "SELECT * FROM accountbindings WHERE site_id='1' AND user_site_id='" . $me['id'] . "'";
$list = mysql_query($view);
$row = mysql_fetch_array($list);
if (!$row) {
include_once "uuid.inc.php";
$v4uuid = str_replace("-", "", UUID::v4());
$add = "INSERT INTO userinfo(nickname, email, microblogs, user_id, role_id, avatar_url) VALUES ('" . $me['name'] . "', '', '1', '{$v4uuid}', '-1', '" . $me['profile_image_url'] . "')";
$added = mysql_query($add) or die("Could not add entry 1");
$add = "INSERT INTO accountbindings(user_id, user_site_id, site_id, secret1, secret2) VALUES ('{$v4uuid}', '" . $me['id'] . "', 1, '" . $GLOBALS['user']['sinakey']['oauth_token'] . "', '" . $GLOBALS['user']['sinakey']['oauth_token_secret'] . "')";
$added = mysql_query($add) or die("Could not add entry 2");
$id = $v4uuid;
$role = -1;
$nick = $me['name'];
} else {
$id = $row['user_id'];
$updatekey = "UPDATE accountbindings SET secret1='" . $GLOBALS['user']['sinakey']['oauth_token'] . "',secret2='" . $GLOBALS['user']['sinakey']['oauth_token_secret'] . "' WHERE user_id='{$id}'";
$result = mysql_query($updatekey);
$view = "SELECT * FROM userinfo WHERE user_id='{$id}'";
$list = mysql_query($view);
$row = mysql_fetch_array($list);
$role = $row['role_id'];
$nick = $row['nickname'];
}
$GLOBALS['user']['nickname'] = $nick;
$GLOBALS['user']['id'] = $id;
$GLOBALS['user']['role'] = $role;
$view = "INSERT INTO log_userlogin(user_id, ipaddress, login_time, useragent, cookies) VALUES('{$id}', '" . $_SERVER["REMOTE_ADDR"] . "', '" . date('Y-m-d H:i:s') . "', '" . $_SERVER["HTTP_USER_AGENT"] . "', '" . $_SERVER["HTTP_COOKIE"] . "')";
$list = mysql_query($view);
save_cookie();
header("Location: " . BASE_URL);
}
