function api_logout() { $_arr_notifyInput = $this->obj_notify->notify_input("get"); if ($_arr_notifyInput["alert"] != "ok") { $this->obj_notify->halt_re($_arr_notifyInput); } $_arr_notifyInput["code"] = fn_htmlcode($_arr_notifyInput["code"], "decode", "crypt"); $_arr_signature = $this->obj_sso->sso_verify(array_merge($this->arr_data, $_arr_notifyInput), $_arr_notifyInput["signature"]); if ($_arr_signature["alert"] != "y050403") { $this->obj_notify->halt_re($_arr_signature); } $_tm_diff = $_arr_notifyInput["time"] - time(); if ($_tm_diff > 1800 || $_tm_diff < -1800) { $_arr_return = array("alert" => "x220213"); $this->obj_notify->halt_re($_arr_return); } $_arr_decode = $this->obj_sso->sso_decode($_arr_notifyInput["code"]); $_arr_appChk = $this->obj_notify->app_chk($_arr_decode["app_id"], $_arr_decode["app_key"]); if ($_arr_appChk["alert"] != "ok") { $this->obj_notify->halt_re($_arr_appChk); } fn_ssin_end(); $_arr_return = array("alert" => "y020406"); $this->obj_notify->halt_re($_arr_return, false, true); }
function decrypt($string, $key_priv) { //$string = preg_replace("/\s+/i", "", $string); $string = fn_htmlcode($string, "decode", "crypt"); $string = urldecode($string); $string = base64_decode($string); $string = $this->get_key($string, $key_priv); $_str_return = ""; for ($_iii = 0; $_iii < strlen($string); $_iii++) { $_str_md5 = $string[$_iii]; $_str_return .= $string[++$_iii] ^ $_str_md5; } return $_str_return; }
/** * api_encode function. * * @access public * @return void */ function api_encode() { $this->app_check("post"); $_arr_data = validateStr(fn_post("data"), 1, 0); switch ($_arr_data["status"]) { case "too_short": $_arr_return = array("alert" => "x050222"); $this->obj_api->halt_re($_arr_return); break; case "ok": $_str_data = fn_htmlcode($_arr_data["str"], "decode"); break; } $_arr_sign = array("act_post" => $GLOBALS["act_post"], "data" => $_str_data); if (!$this->obj_sign->sign_check(array_merge($this->appRequest, $_arr_sign), $this->appRequest["signature"])) { $_arr_return = array("alert" => "x050403"); $this->obj_api->halt_re($_arr_return); } $_str_code = $this->obj_crypt->encrypt($_str_data, $this->appRow["app_key"]); $_arr_return = array("code" => $_str_code, "alert" => "y050405"); $this->obj_api->halt_re($_arr_return); }
/** api 编辑表单验证 * input_edit_api function. * * @access public * @return void */ function input_edit_api() { $_arr_userGet = $this->input_get_by("post"); if ($_arr_userGet["alert"] != "ok") { return $_arr_userGet; } $this->apiEdit = $_arr_userGet; $this->apiEdit["user_check_pass"] = fn_getSafe(fn_post("user_check_pass"), "txt", ""); if ($this->apiEdit["user_check_pass"] == true) { $_arr_userPass = $this->chk_user_pass(fn_post("user_pass")); if ($_arr_userPass["alert"] != "ok") { return $_arr_userPass; } $this->apiEdit["user_pass"] = $_arr_userPass["user_pass"]; } if (fn_post("user_pass_new")) { $this->apiEdit["user_pass_new"] = fn_post("user_pass_new"); $this->apiEdit["user_rand"] = fn_rand(6); $this->apiEdit["user_pass_do"] = fn_baigoEncrypt($this->apiEdit["user_pass_new"], $this->apiEdit["user_rand"], true); } if (fn_post("user_mail_new")) { $_arr_userMailNew = $this->chk_user_mail(fn_post("user_mail_new")); if ($_arr_userMailNew["alert"] != "ok") { return $_arr_userMailNew; } $this->apiEdit["user_mail_new"] = $_arr_userMailNew["user_mail"]; } $_arr_userNick = $this->chk_user_nick(fn_post("user_nick")); if ($_arr_userNick["alert"] != "ok") { return $_arr_userNick; } $this->apiEdit["user_nick"] = $_arr_userNick["user_nick"]; $_str_userContact = fn_getSafe(fn_post("user_contact"), "txt", ""); $this->apiEdit["user_contactStr"] = $_str_userContact; $_str_userContact = fn_htmlcode($_str_userContact, "decode", "json"); $_arr_userContact = json_decode($_str_userContact, true); $this->apiEdit["user_contact"] = fn_jsonEncode($_arr_userContact, "encode"); $_str_userExtend = fn_getSafe(fn_post("user_extend"), "txt", ""); $this->apiEdit["user_extendStr"] = $_str_userExtend; $_str_userExtend = fn_htmlcode($_str_userExtend, "decode", "json"); $_arr_userExtend = json_decode($_str_userExtend, true); $this->apiEdit["user_extend"] = fn_jsonEncode($_arr_userExtend, "encode"); $this->apiEdit["alert"] = "ok"; return $this->apiEdit; }
/** * ajax_notify function. * * @access public * @return void */ function ajax_notify() { $_num_appId = fn_getSafe(fn_post("app_id_notify"), "int", 0); if ($_num_appId < 1) { $this->obj_ajax->halt_alert("x050203"); } if (!isset($this->adminLogged["admin_allow"]["app"]["browse"]) && !$this->is_super) { $this->obj_ajax->halt_alert("x050301"); } $_arr_appRow = $this->mdl_app->mdl_read($_num_appId); if ($_arr_appRow["alert"] != "y050102") { $this->obj_ajax->halt_alert($_arr_appRow["alert"]); } $_tm_time = time(); $_str_echo = fn_rand(); $_arr_data = array("act_get" => "test", "time" => $_tm_time, "echostr" => $_str_echo, "app_id" => $_arr_appRow["app_id"], "app_key" => $_arr_appRow["app_key"]); $_arr_data["signature"] = $this->obj_sign->sign_make($_arr_data); if (stristr($_arr_appRow["app_url_notify"], "?")) { $_str_conn = "&"; } else { $_str_conn = "?"; } $_arr_notify = fn_http($_arr_appRow["app_url_notify"] . $_str_conn . "mod=notify", $_arr_data, "get"); if ($_arr_notify["ret"] == $_str_echo) { $_str_alert = "y050401"; } else { $_str_alert = "x050401"; $_arr_targets[] = array("app_id" => $_num_appId); $_str_targets = json_encode($_arr_targets); $_str_notify = fn_htmlcode($_arr_notify["ret"]); //exit($_str_notify); $_arr_logData = array("log_targets" => $_str_targets, "log_target_type" => "app", "log_title" => $this->log["app"]["notifyTest"], "log_result" => $_str_notify, "log_type" => "admin"); $this->mdl_log->mdl_submit($_arr_logData, $this->adminLogged["admin_id"]); //exit("test"); } $this->obj_ajax->halt_alert($_str_alert); }
/** 读取 * mdl_read function. * * @access public * @param mixed $str_app * @param string $str_by (default: "app_id") * @param int $num_notId (default: 0) * @return void */ function mdl_read($str_app, $str_by = "app_id", $num_notId = 0) { $_arr_appSelect = array("app_id", "app_name", "app_url_notify", "app_url_sync", "app_key", "app_note", "app_status", "app_time", "app_ip_allow", "app_ip_bad", "app_sync", "app_allow"); if (is_numeric($str_app)) { $_str_sqlWhere = $str_by . "=" . $str_app; } else { $_str_sqlWhere = $str_by . "='" . $str_app . "'"; } if ($num_notId > 0) { $_str_sqlWhere .= " AND app_id<>" . $num_notId; } $_arr_appRows = $this->obj_db->select(BG_DB_TABLE . "app", $_arr_appSelect, $_str_sqlWhere, "", "", 1, 0); //检查本地表是否存在记录 if (isset($_arr_appRows[0])) { //用户名不存在则返回错误 $_arr_appRow = $_arr_appRows[0]; } else { return array("alert" => "x050102"); } if (isset($_arr_appRow["app_allow"])) { $_arr_appRow["app_allow"] = fn_jsonDecode($_arr_appRow["app_allow"], "no"); } else { $_arr_appRow["app_allow"] = array(); } if (!$_arr_appRow["app_url_sync"]) { $_arr_appRow["app_url_sync"] = $_arr_appRow["app_url_notify"]; } $_arr_appRow["app_url_notify"] = fn_htmlcode($_arr_appRow["app_url_notify"], "decode", "url"); $_arr_appRow["app_url_sync"] = fn_htmlcode($_arr_appRow["app_url_sync"], "decode", "url"); $_arr_appRow["alert"] = "y050102"; return $_arr_appRow; }
/** 同步登录 * sso_sync_login function. * * @access public * @param mixed $num_userId * @return void */ function sso_sync_login($num_userId) { $_arr_sso = array("act_post" => "login", "user_id" => $num_userId); $_arr_ssoData = array_merge($this->arr_data, $_arr_sso); $_arr_ssoData["signature"] = $this->sso_signature($_arr_ssoData); $_arr_get = fn_http(BG_SSO_URL . "?mod=sync", $_arr_ssoData, "post"); //提交 $_arr_result = $this->result_process($_arr_get); if (isset($_arr_result["urlRows"]) && is_array($_arr_result["urlRows"])) { foreach ($_arr_result["urlRows"] as $_key => $_value) { $_arr_result["urlRows"][$_key] = fn_htmlcode(urldecode($_value), "decode", "url"); } } return $_arr_result; }
function fn_forward($str_forward, $method = "encode") { switch ($method) { case "decode": $str_forward = fn_htmlcode($str_forward, "decode", "crypt"); $str_forward = urldecode($str_forward); $str_forward = fn_htmlcode($str_forward, "decode", "base64"); $str_forward = base64_decode($str_forward); $str_forward = fn_htmlcode($str_forward, "decode", "url"); return $str_forward; break; default: return urlencode(base64_encode($str_forward)); break; } }