function index($ctx) { $ctx->title = '绑定微信账号'; setcookie('no_subscribe_prj', '', time() + 3600); $user = UC::auth(); if ($user) { $connect = WxConnect::get_by('user_id', $user['id']); if ($connect) { _redirect('/'); } } if (!$this->openid) { if (!$_GET['redirect']) { // 避免循环跳转 UC::logout(); // 使用域名 axelahome.com, 避免因为跨域导致 session 获取不到问题 $jump = _url('https://axelahome.com/weixin/bind', array('redirect' => 1)); $url = _url('https://axelahome.com/weixin/oauth', array('jump' => $jump)); _redirect($url); } _throw("链接已经过期, 请重新获取微信消息!", 200); } else { $connect = WxConnect::get_by('wx_openid', $this->openid); if ($connect) { _throw('此微信号已经绑定过懒投资账号, 请先解绑!'); } } }
function init($ctx) { parent::init($ctx); $ctx->user = UC::auth(); if (!$ctx->user) { $url = $_SERVER['REQUEST_URI']; _redirect('login', array('jump' => $url)); return; } }
function open_url($ctx) { $jump = htmlspecialchars(trim($_GET['jump'])); self::validate_url($jump); if (!$this->appid || !$this->secret) { _redirect($jump); } // 如果已经登录, 则不需要和weixin交互 $user = UC::auth(); if ($user) { _redirect($jump); } // 使用域名 axelahome.com, 避免因为跨域导致 session 获取不到问题 $callback = _url('https://axelahome.com/weixin/oauth/callback', array('jump' => $jump)); $wx_url = 'https://open.weixin.qq.com/connect/oauth2/authorize'; $wx_url = "{$wx_url}?appid={$this->appid}&redirect_uri={$callback}&response_type=code&scope=snsapi_base&state=1#wechat_redirect"; _redirect($wx_url); }
function init($ctx) { parent::init($ctx); header('P3P:CP=" OTI DSP COR IVA OUR IND COM "'); $ref = $_SERVER['HTTP_REFERER']; $allow_domains = array('axelahome.com'); $allow = false; foreach ($allow_domains as $domain) { if (preg_match("/^http(s)?:\\/\\/[^\\/]*{$domain}\\//", $ref)) { $allow = true; break; } } if (ENV != 'dev' && !$allow) { _throw("非法的 Referer: " . htmlspecialchars($ref)); } $ctx->user = UC::auth(); }