/**
* 在未登录论坛帐号,但已登录新浪微博帐号的绑定页面进行用户帐户验证和绑定
*/
function doBindAtNotLog()
{
if (!XWB_plugin::pCfg('is_account_binding')) {
XWB_plugin::showError('新浪微博绑定功能已经关闭!');
}
$this->_chkIsWaitingForReg();
$usernameS = trim((string) XWB_plugin::V('p:siteBindName'));
$password = trim((string) XWB_plugin::V('p:bindPwd'));
$username = XWB_plugin::convertEncoding($usernameS, "UTF8", XWB_S_CHARSET);
if (!empty($questionanswerS)) {
$questionanswer = XWB_plugin::convertEncoding($questionanswerS, "UTF8", XWB_S_CHARSET);
} else {
$questionanswer = '';
}
$uid = 0;
//第1关:数据输入验证关
if (empty($username)) {
$uid = -102;
}
if (empty($password)) {
$uid = -103;
}
$msg = '';
//第2关:用户身份验证关
if ($uid == 0) {
$verify = XWB_plugin::O('siteUserVerifier');
$verifyresult = $verify->verify($username, $password, $questionid, $questionanswer);
$uid = $verifyresult[0];
}
if ($uid > 0) {
$wbApi = XWB_plugin::getWB();
$uInfo = $wbApi->verifyCredentials();
$db = XWB_plugin::getDB();
//第3关:验证微博帐号是否已经在当前站点中绑定,防止用户通过多个浏览器恶意注册用户
$bInfo = $db->fetch_first("SELECT * FROM " . XWB_S_TBPRE . "xwb_bind_info WHERE sina_uid='" . $uInfo['id'] . "' or uid='" . $uid . "'");
if (!empty($bInfo) && is_array($bInfo)) {
$uid = -201;
} else {
$sess = XWB_plugin::getUser();
$sess->setInfo('sina_uid', $uInfo['id']);
$last_key = $sess->getOAuthKey(true);
$inData = array();
$inData['uid'] = $uid;
$inData['sina_uid'] = $uInfo['id'];
$inData['token'] = $last_key['oauth_token'];
$inData['tsecret'] = $last_key['oauth_token_secret'];
$inData['profile'] = '[]';
$sqlF = array();
$sqlV = array();
foreach ($inData as $k => $v) {
$sqlF[] = "`" . $k . "`";
$sqlV[] = "'" . mysql_real_escape_string($v) . "'";
}
$sql = "INSERT INTO " . XWB_S_TBPRE . "xwb_bind_info (" . implode(",", $sqlF) . ") VALUES (" . implode(",", $sqlV) . ") ;";
$rst = $db->query($sql, 'UNBUFFERED');
require_once XWB_P_ROOT . '/lib/xwbSite.inc.php';
xwb_setSiteUserLogin($uid);
setcookie('xwb_tips_type', '', 0);
$sess->setInfo('waiting_site_reg', '0');
jclass('misc')->update_account_bind_info($uid, '', '', 1);
$msg = "绑定 " . XWB_S_TITLE . " 帐号成功。下次你可以继续使用新浪微博帐号登录使用 " . XWB_S_TITLE . " 。";
$msg .= "<br>绑定帐号: <em>" . htmlspecialchars($usernameS) . "</em> ";
//正向绑定(在未登录论坛帐号已登录新浪微博帐号的绑定页面)统计上报
$sess->appendStat('bind', array('uid' => $uInfo['id'], 'type' => 1));
}
}
if ($uid <= 0) {
$msg = $this->_getBindTip($uid);
}
$this->_oScript('xwbSetTips', array($uid, $msg, 1));
}
function authCallBack()
{
if (!XWB_plugin::pCfg('is_account_binding')) {
XWB_plugin::showError('网站管理员关闭了插件功能“新浪微博绑定”。请稍后再试。');
}
//--------------------------------------------------------------------
global $_G;
$sess = XWB_plugin::getUser();
$waiting_site_bind = $sess->getInfo('waiting_site_bind');
if (empty($waiting_site_bind)) {
//XWB_plugin::deny();
$siteUrl = XWB_plugin::siteUrl(0);
XWB_plugin::redirect($siteUrl, 3);
}
$sess->setOAuthKey(array(), true);
//--------------------------------------------------------------------
$wbApi = XWB_plugin::getWB();
$db = XWB_plugin::getDB();
$last_key = $wbApi->getAccessToken(XWB_plugin::V('r:oauth_verifier'));
//print_r($last_key);
if (!isset($last_key['oauth_token']) || !isset($last_key['oauth_token_secret'])) {
$api_error_origin = isset($last_key['error']) ? $last_key['error'] : 'UNKNOWN ERROR. MAYBE SERVER CAN NOT CONNECT TO SINA API SERVER';
$api_error = isset($last_key['error_CN']) && !empty($last_key['error_CN']) && 'null' != $last_key['error_CN'] ? $last_key['error_CN'] : '';
XWB_plugin::LOG("[WEIBO CLASS]\t[ERROR]\t#{$wbApi->req_error_count}\t{$api_error}\t{$wbApi->last_req_url}\tERROR ARRAY:\r\n" . print_r($last_key, 1));
XWB_plugin::showError("服务器获取Access Token失败;请稍候再试。<br />错误原因:{$api_error}[{$api_error_origin}]");
}
$sess->setOAuthKey($last_key, true);
$wbApi->setConfig();
$uInfo = $wbApi->verifyCredentials();
$sess->setInfo('sina_uid', $uInfo['id']);
$sess->setInfo('sina_name', $uInfo['screen_name']);
//print_r($uInfo);
//--------------------------------------------------------------------
/// 此帐号是否已经在当前站点中绑定
$sinaHasBinded = false;
$stat_is_bind_type = 0;
if (defined('XWB_S_UID') && XWB_S_UID > 0) {
$bInfo = XWB_plugin::getBUById(XWB_S_UID, $uInfo['id']);
} else {
$bInfo = XWB_plugin::getBindUser($uInfo['id'], 'sina_uid');
//远程API
}
if (!is_array($bInfo) && (defined('XWB_S_UID') && XWB_S_UID > 0)) {
$bInfo = XWB_plugin::getBindUser(XWB_S_UID, 'site_uid');
//登录状态下再查一次API,确保没有绑定
}
if (!empty($bInfo) && is_array($bInfo)) {
$sinaHasBinded = true;
dsetcookie($this->_getBindCookiesName($bInfo['uid']), (string) $bInfo['sina_uid'], 604800);
//核查存储的access token是否有更新,有更新则进行自动更新
if ($bInfo['sina_uid'] == $uInfo['id'] && ($bInfo['token'] != $last_key['oauth_token'] || $bInfo['tsecret'] != $last_key['oauth_token_secret'])) {
XWB_plugin::updateBindUser($bInfo['uid'], $bInfo['sina_uid'], (string) $last_key['oauth_token'], (string) $last_key['oauth_token_secret'], $uInfo['screen_name']);
//远程API
}
}
//--------------------------------------------------------------------
/// 决定在首页中显示什么浮层
$tipsType = '';
//xwb_tips_type
//已在论坛登录
if (defined('XWB_S_UID') && XWB_S_UID) {
if ($sinaHasBinded) {
//$sinaHasBinded为true时,$bInfo必定存在
if (XWB_S_UID != $bInfo['uid'] || $bInfo['sina_uid'] != $uInfo['id']) {
$tipsType = 'hasBinded';
$sess->clearToken();
} else {
$tipsType = 'autoLogin';
}
} else {
//远程API
$rst = XWB_plugin::addBindUser(XWB_S_UID, $uInfo['id'], (string) $last_key['oauth_token'], (string) $last_key['oauth_token_secret'], $uInfo['screen_name']);
if (!$rst) {
echo "DB ERROR";
exit;
return false;
}
$tipsType = 'bind';
dsetcookie($this->_getBindCookiesName(XWB_S_UID), (string) $uInfo['id'], 604800);
//正向绑定统计上报
$sess->appendStat('bind', array('uid' => $uInfo['id'], 'type' => 1));
}
} else {
//从 wb 登录后 检查用户是否绑定,如果绑定了 则在附属站点自
if ($sinaHasBinded) {
require_once XWB_P_ROOT . '/lib/xwbSite.inc.php';
$result = xwb_setSiteUserLogin((int) $bInfo['uid']);
if (false == $result) {
dsetcookie($this->_getBindCookiesName($bInfo['uid']), -1, 604800);
XWB_plugin::delBindUser($bInfo['uid']);
//远程API
$tipsType = 'siteuserNotExist';
} else {
$stat_is_bind_type = 1;
$tipsType = 'autoLogin';
}
} else {
//已登录WB,没有附属站点的帐号 引导注册
$sess->setInfo('waiting_site_reg', '1');
$tipsType = 'reg';
}
}
//--------------------------------------------------------------------
//bind的页面需要跳转,故需要使用cookies记录
if ($tipsType == 'bind') {
dsetcookie('xwb_tips_type', $tipsType, 0);
}
//$sess->setInfo('xwb_tips_type', $tipsType);
$sess->setInfo('waiting_site_bind', 0);
//使用sina微博帐号登录成功(不管是否绑定)统计上报
$sess->appendStat('login', array('uid' => $uInfo['id'], 'is_bind' => $stat_is_bind_type));
//所有跟站点相关的对接,必须放到_showBinging
$this->_showBinging($tipsType);
}
/**
* 在未登录论坛帐号,但已登录新浪微博帐号的绑定页面进行用户账户验证和绑定
*/
function doBindAtNotLog()
{
if (!XWB_plugin::pCfg('is_account_binding') || !XWB_plugin::isRequestBy('POST')) {
XWB_plugin::showError('网站管理员关闭了插件功能“新浪微博绑定”。请稍后再试。');
}
$this->_chkIsWaitingForReg();
$usernameS = trim((string) XWB_plugin::V('p:siteBindName'));
$password = trim((string) XWB_plugin::V('p:bindPwd'));
$questionid = (int) XWB_plugin::V('p:questionid');
$questionanswerS = trim((string) XWB_plugin::V('p:questionanswer'));
$username = XWB_plugin::convertEncoding($usernameS, "UTF8", XWB_S_CHARSET);
if (!empty($questionanswerS)) {
$questionanswer = XWB_plugin::convertEncoding($questionanswerS, "UTF8", XWB_S_CHARSET);
} else {
$questionanswer = '';
}
$uid = 0;
//第1关:数据输入验证关
if (empty($username)) {
$uid = -102;
}
if (empty($password)) {
$uid = -103;
}
$msg = '';
//第2关:用户身份验证关
if ($uid == 0) {
$verify = XWB_plugin::O('siteUserVerifier');
$verifyresult = $verify->verify($username, $password, $questionid, $questionanswer);
$uid = $verifyresult[0];
}
if ($uid > 0) {
$wbApi = XWB_plugin::getWB();
$uInfo = $wbApi->verifyCredentials();
//第3关:验证微博帐号是否已经在当前站点中绑定,防止用户通过多个浏览器恶意注册用户
$bInfo = XWB_plugin::getBUById($uid, $uInfo['id']);
//远程API
if (!empty($bInfo) && is_array($bInfo)) {
$uid = -201;
} else {
$sess = XWB_plugin::getUser();
$sess->setInfo('sina_uid', $uInfo['id']);
$last_key = $sess->getOAuthKey(true);
$rst = XWB_plugin::addBindUser($uid, $uInfo['id'], (string) $last_key['oauth_token'], (string) $last_key['oauth_token_secret'], $uInfo['screen_name']);
//远程API
require_once XWB_P_ROOT . '/lib/xwbSite.inc.php';
xwb_setSiteUserLogin($uid);
dsetcookie($this->_getBindCookiesName($uid), (string) $uInfo['id'], 604800);
dsetcookie('xwb_tips_type', '', 0);
$sess->setInfo('waiting_site_reg', '0');
$msg = "绑定论坛帐号成功。下次你可以继续使用新浪微博帐号登录使用" . XWB_S_TITLE . "论坛。";
$msg .= "<br>绑定帐号: <em>" . htmlspecialchars($usernameS) . "</em> ";
//正向绑定(在未登录论坛帐号已登录新浪微博帐号的绑定页面)统计上报
$sess->appendStat('bind', array('uid' => $uInfo['id'], 'type' => 1));
//输出UCenter同步JS
global $_G;
loaducenter();
$ucsynlogin = $_G['setting']['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
$this->_outputUJ($ucsynlogin);
}
}
if ($uid <= 0) {
$msg = $this->_getBindTip($uid);
}
$displayWindow = 0;
$this->_oScript('xwbSetTips', array($uid, $msg, $displayWindow));
}
function authCallBack()
{
if (!XWB_plugin::pCfg('is_account_binding')) {
XWB_plugin::showError('新浪微博绑定功能已经关闭!');
}
//--------------------------------------------------------------------
$sess = XWB_plugin::getUser();
$waiting_site_bind = $sess->getInfo('waiting_site_bind');
if (empty($waiting_site_bind)) {
//XWB_plugin::deny();
$siteUrl = XWB_plugin::siteUrl(0);
XWB_plugin::redirect($siteUrl, 3);
}
//--------------------------------------------------------------------
$wbApi = XWB_plugin::getWB();
$db = XWB_plugin::getDB();
$last_key = $wbApi->getAccessToken(XWB_plugin::V('r:oauth_verifier'));
$sess->setOAuthKey(array(), true);
// print_r($last_key);
if (!isset($last_key['oauth_token']) || !isset($last_key['oauth_token_secret'])) {
$api_error_origin = isset($last_key['error']) ? $last_key['error'] : 'UNKNOWN ERROR. MAYBE SERVER CAN NOT CONNECT TO SINA API SERVER';
$api_error = isset($last_key['error_CN']) && !empty($last_key['error_CN']) && 'null' != $last_key['error_CN'] ? $last_key['error_CN'] : '';
XWB_plugin::LOG("[WEIBO CLASS]\t[ERROR]\t#{$wbApi->req_error_count}\t{$api_error}\t{$wbApi->last_req_url}\tERROR ARRAY:\r\n" . print_r($last_key, 1));
XWB_plugin::showError("服务器获取Access Token失败;请稍候再试。<br />错误原因:{$api_error}[{$api_error_origin}]");
}
$sess->setOAuthKey($last_key, true);
$wbApi->setConfig();
$uInfo = $wbApi->verifyCredentials();
$sess->setInfo('sina_uid', $uInfo['id']);
$sess->setInfo('sina_name', $uInfo['screen_name']);
//print_r($uInfo);
//--------------------------------------------------------------------
/// 此帐号是否已经在当前站点中绑定
$sinaHasBinded = false;
if (defined('XWB_S_UID') && XWB_S_UID > 0) {
$bInfo = $db->fetch_first("SELECT * FROM " . XWB_S_TBPRE . "xwb_bind_info WHERE sina_uid='" . $uInfo['id'] . "' OR uid='" . XWB_S_UID . "'");
} else {
$bInfo = $db->fetch_first("SELECT * FROM " . XWB_S_TBPRE . "xwb_bind_info WHERE sina_uid='" . $uInfo['id'] . "'");
}
if (!empty($bInfo) && is_array($bInfo)) {
$sinaHasBinded = true;
//核查存储的access token是否有更新,有更新则进行自动更新
if ($bInfo['token'] != $last_key['oauth_token'] || $bInfo['tsecret'] != $last_key['oauth_token_secret']) {
$db->query("UPDATE " . XWB_S_TBPRE . "xwb_bind_info SET token='" . (string) $last_key['oauth_token'] . "', tsecret='" . (string) $last_key['oauth_token_secret'] . "' WHERE sina_uid='" . $uInfo['id'] . "'");
}
}
//--------------------------------------------------------------------
/// 决定在首页中显示什么浮层
$tipsType = '';
//xwb_tips_type
//已在论坛登录
if (defined('XWB_S_UID') && XWB_S_UID) {
if ($sinaHasBinded) {
$tipsType = 'hasBinded';
$sess->clearToken();
} else {
$inData = array();
$inData['uid'] = XWB_S_UID;
$inData['sina_uid'] = $uInfo['id'];
$inData['token'] = $last_key['oauth_token'];
$inData['tsecret'] = $last_key['oauth_token_secret'];
$inData['profile'] = '[]';
$sqlF = array();
$sqlV = array();
foreach ($inData as $k => $v) {
$sqlF[] = "`" . $k . "`";
$sqlV[] = "'" . mysql_real_escape_string($v) . "'";
}
$sql = "REPLACE INTO " . XWB_S_TBPRE . "xwb_bind_info (" . implode(",", $sqlF) . ") VALUES (" . implode(",", $sqlV) . ") ;";
$rst = $db->query($sql, 'UNBUFFERED');
jclass('misc')->update_account_bind_info(XWB_S_UID, '', '', 1);
if (!$rst) {
echo "DB ERROR";
exit;
return false;
}
$tipsType = 'bind';
//正向绑定统计上报
$sess->appendStat('bind', array('uid' => $uInfo['id'], 'type' => 1));
}
} else {
//从 wb 登录后 检查用户是否绑定,如果绑定了 则在附属站点自
if ($sinaHasBinded) {
require_once XWB_P_ROOT . '/lib/xwbSite.inc.php';
$result = xwb_setSiteUserLogin((int) $bInfo['uid']);
if (!$result) {
$db->query("DELETE FROM " . XWB_S_TBPRE . "xwb_bind_info WHERE sina_uid='" . $uInfo['id'] . "'");
$tipsType = 'siteuserNotExist';
} else {
$tipsType = 'autoLogin';
}
} else {
//已登录WB,没有附属站点的帐号 引导注册
$sess->setInfo('waiting_site_reg', '1');
$tipsType = 'reg';
}
}
//--------------------------------------------------------------------
//bind的页面需要跳转,故需要使用cookies记录
if ($tipsType == 'bind') {
setcookie('xwb_tips_type', $tipsType, 0);
}
//$sess->setInfo('xwb_tips_type', $tipsType);
$sess->setInfo('waiting_site_bind', 0);
//使用sina微博帐号登录成功(不管是否绑定)统计上报
$sess->appendStat('login', array('uid' => $uInfo['id']));
//所有跟站点相关的对接,必须放到_showBinging
$this->_showBinging($tipsType);
}
