public function notifyAction(Request $request)
{
$this->initUcenter();
$_DCACHE = $get = $post = array();
$code = @$_GET['code'];
parse_str(uc_authcode($code, 'DECODE', UC_KEY), $get);
if (MAGIC_QUOTES_GPC) {
$get = $this->stripslashes($get);
}
$timestamp = time();
if ($timestamp - $get['time'] > 3600) {
return new Response('Authracation has expiried');
}
if (empty($get)) {
return new Response('Invalid Request');
}
// $action = $get['action'];
$this->requireClientFile('lib/xml.class.php');
$xml = file_get_contents('php://input');
$post = xml_unserialize($xml);
if (!in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcreditsettings', 'updatecreditsettings'))) {
return new Response(API_RETURN_FAILED);
}
$method = 'do' . ucfirst($get['action']);
$result = $this->{$method}($request, $get, $post);
return new Response($result);
}
public function authenticateUC()
{
//通过接口判断登录帐号的正确性,返回值为数组
list($uid, $username, $password, $email) = uc_user_login($this->username, $this->password);
setcookie('Example_auth', '', -86400);
if ($uid > 0) {
//用户登陆成功,设置 Cookie,加密直接用 uc_authcode 函数,用户使用自己的函数
setcookie('Example_auth', uc_authcode($uid . "\t" . $username, 'ENCODE'));
//生成同步登录的代码
$ucsynlogin = uc_user_synlogin($uid);
$user = User::model()->findByPk($uid);
$this->_id = $user->id;
$this->setState('email', $user->email);
//$this->setState('role', '管理员');
//保存登录记录
$arr = array('uid' => $user->id, 'login_time' => strtotime('NOW'), 'login_ip' => Yii::app()->request->userHostAddress);
$model = new LoginRecord();
$model->attributes = $arr;
$model->save();
$this->errorCode = self::ERROR_NONE;
} elseif ($uid == -1) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} elseif ($uid == -2) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
}
return !$this->errorCode;
}
function getSynuserUid($cookie_key = 'hk8_auth')
{
if (isset($_COOKIE[$cookie_key])) {
$code = $_COOKIE[$cookie_key];
$uinfo = uc_authcode($code, $operation = 'DECODE');
$info = array();
list($info['uname'], $info['uid']) = explode("\t", $uinfo);
// $info['uname'] = mb_convert_encoding($info['uname'],'UTF-8','GBK');
return $info;
}
return false;
}
/**
* 同步登陆ucenter
* @param $event
*/
public static function syncLogin($event)
{
UcenterInterface::getInstance();
$user = $event->identity;
$ucenterUser = self::getUser($user->username);
//同步登陆ucenter
setcookie('Example_auth', '', -86400);
setcookie('Example_auth', uc_authcode($ucenterUser[0] . "\t" . $ucenterUser[1], 'ENCODE'));
$ucsynlogin = uc_user_synlogin($ucenterUser[0]);
//生成同步登录的代码
$script = '登录成功' . $ucsynlogin . '<br><a href="' . $_SERVER['PHP_SELF'] . '">继续</a>';
\Yii::$app->session->setFlash('syn-login-script', "{$script}");
}
public function index()
{
$get = $post = array();
$code = @$_GET['code'];
parse_str(uc_authcode($code, 'DECODE', UC_KEY), $get);
if (get_magic_quotes_gpc()) {
$get = uc_stripslashes($get);
}
$timestamp = time();
if ($timestamp - $get['time'] > 3600) {
exit('Authracation has expiried');
}
if (empty($get)) {
exit('Invalid Request');
}
$action = $get['action'];
include_once APP_PATH . 'uc_client/lib/xml.class.php';
$post = xml_unserialize(file_get_contents('php://input'));
if (in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcreditsettings', 'updatecreditsettings'))) {
exit($this->{$get}['action']($get, $post));
} else {
exit(API_RETURN_FAILED);
}
}
/**
* UCenter Application Development Example
*
* UCenter simple application, the application without database
* Use the interface function:
* uc_authcode() - optional function to use user centered Cookie encryption
* uc_pm_checknew() - optional, for the global determine whether there is a new short message, to return $newpm variable
*/
include './config.inc.php';
include './uc_client/client.php';
/**
* Get the current user UID and user name
* Cookie decryption directly by uc_authcode function, users use their own functions
*/
if (!empty($_COOKIE['Example_auth'])) {
list($Example_uid, $Example_username) = explode("\t", uc_authcode($_COOKIE['Example_auth'], 'DECODE'));
} else {
$Example_uid = $Example_username = '';
}
/**
* Get the latest PMs
*/
$newpm = uc_pm_checknew($Example_uid);
/**
* Example code for each function
*/
switch (@$_GET['example']) {
case 'login':
//Example code UCenter User login
include 'code/login_nodb.php';
break;
/**
* 登录
*/
public function indexAction()
{
if (!$this->isLogin(1)) {
$this->memberMsg(lang('m-log-0', array('1' => $this->memberinfo['username'])), url('index'));
}
if ($this->isPostForm()) {
$data = $this->post('data');
if ($this->memberconfig['logincode'] && !$this->checkCode($this->post('code'))) {
$this->memberMsg(lang('m-log-1'));
}
if (empty($data['username']) || empty($data['password'])) {
$this->memberMsg(lang('m-log-2'));
}
$member = $this->db->where('username', $data['username'])->get('member')->row_array();
$time = empty($data['cookie']) ? 24 * 3600 : 360 * 24 * 3600;
//会话保存时间。
$backurl = $data['back'] ? urldecode($data['back']) : url('index');
if ($this->memberconfig['uc_use'] == 1) {
list($uid, $username, $password, $email) = uc_user_login($data['username'], $data['password']);
if ($uid > 0) {
if (empty($member)) {
$auth = rawurlencode(uc_authcode("{$username}\t" . time(), 'ENCODE'));
$this->memberMsg(lang('m-log-3'), url('member/register/active', array('auth' => $auth)) . '&back=' . urlencode($backurl), 1);
}
$ucsynlogin = uc_user_synlogin($uid);
$nickname = $member['nickname'] ? $member['nickname'] : $member['username'];
$this->update_login_info($member);
set_cookie('member_id', $member['id'], $time);
set_cookie('member_code', substr(md5(SITE_MEMBER_COOKIE . $member['id']), 5, 20), $time);
$this->memberMsg(lang('m-log-4') . $ucsynlogin, $backurl, 1);
} elseif ($uid == -1) {
if ($member) {
//注册Ucenter
$uid = uc_user_register($member['username'], $data['password'], $member['email']);
if ($uid > 0) {
$ucsynlogin = uc_user_synlogin($uid);
$nickname = $member['nickname'] ? $member['nickname'] : $member['username'];
$this->update_login_info($member);
set_cookie('member_id', $member['id'], $time);
set_cookie('member_code', substr(md5(SITE_MEMBER_COOKIE . $member['id']), 5, 20), $time);
$this->memberMsg(lang('m-log-4') . $ucsynlogin, $backurl, 1);
} elseif ($uid == -1) {
$this->memberMsg(lang('m-log-5'));
} elseif ($uid == -2) {
$this->memberMsg(lang('m-log-6'));
} else {
$this->memberMsg(lang('m-log-7'));
}
}
$this->memberMsg(lang('m-log-5'));
} elseif ($uid == -2) {
$this->memberMsg(lang('m-log-6'));
} else {
$this->memberMsg(lang('m-log-7'));
}
}
if (empty($member)) {
$this->memberMsg(lang('m-log-8'));
}
if ($member['password'] != md5(md5($data['password']) . $member['salt'] . md5($data['password']))) {
$this->memberMsg(lang('m-log-6'));
}
$this->update_login_info($member);
set_cookie('member_id', $member['id'], $time);
set_cookie('member_code', substr(md5(SITE_MEMBER_COOKIE . $member['id']), 5, 20), $time);
$this->memberMsg(lang('m-log-4'), $backurl, 1);
}
$backurl = $this->get('back') ? $this->get('back') : (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : url('member/'));
$this->view->assign(array('meta_title' => lang('m-log-9') . '-' . $this->site['SITE_NAME'], 'backurl' => urlencode($backurl)));
$this->view->display('member/login');
}
function get_url_code($operation, $getdata, $appid)
{
$app = $this->apps[$appid];
$authkey = $this->db->result_first("SELECT authkey FROM " . UC_DBTABLEPRE . "applications WHERE appid='{$appid}'");
$url = $app['url'];
$action = $this->operations[$operation][1];
$code = urlencode(uc_authcode("{$action}&" . ($getdata ? "{$getdata}&" : '') . "time=" . $this->base->time, 'ENCODE', $authkey));
return $url . "/api/uc.php?code={$code}";
}
/**
* Do all authentication [ OPTIONAL ]
*
* Set $this->cando['external'] = true when implemented
*
* If this function is implemented it will be used to
* authenticate a user - all other DokuWiki internals
* will not be used for authenticating, thus
* implementing the checkPass() function is not needed
* anymore.
*
* The function can be used to authenticate against third
* party cookies or Apache auth mechanisms and replaces
* the auth_login() function
*
* The function will be called with or without a set
* username. If the Username is given it was called
* from the login form and the given credentials might
* need to be checked. If no username was given it
* the function needs to check if the user is logged in
* by other means (cookie, environment).
*
* The function needs to set some globals needed by
* DokuWiki like auth_login() does.
*
* @see auth_login()
*
* @param string $user Username
* @param string $pass Cleartext Password
* @param bool $sticky Cookie should not expire
* @return bool true on successful auth
*/
function trustExternal($user, $pass, $sticky = false)
{
global $USERINFO;
global $conf;
global $lang;
// global $auth;
global $ACT;
$sticky ? $sticky = true : ($sticky = false);
//sanity check
// if (!$auth) return false;
$uid = '';
$username = '';
$password = '';
$email = '';
$checked = false;
if (!empty($user)) {
list($uid, $username, $password, $email) = $this->_uc_user_login($user, $pass);
setcookie($this->cnf['cookie'], '', -86400);
if ($uid > 0) {
$_SERVER['REMOTE_USER'] = $username;
$user_info = $this->_uc_get_user_full($uid, 1);
$this->_uc_setcookie($this->cnf['cookie'], uc_authcode($uid . "\t" . $user_info['password'] . "\t" . $this->_convert_charset($username), 'ENCODE'));
$synlogin = uc_user_synlogin($uid);
// echo uc_user_synlogin($uid);
// echo does not send the output correctly, but function msg() can store the messages in session and output them even the page refreshes.
msg($synlogin, 0);
$checked = true;
} else {
if (!$silent) {
$msg = '';
switch ($login_uid) {
case -1:
$msg = '用户名不存在或者被删除';
break;
case -2:
default:
$msg = $lang['badlogin'];
break;
}
msg($msg, -1);
}
// auth_logoff();
// return false;
$checked = false;
}
} else {
$cookie = $_COOKIE[$this->cnf['cookie']];
if (!empty($cookie)) {
// use password check instead of username check.
list($uid, $password, $username) = explode("\t", uc_authcode($cookie, 'DECODE'));
$username = $this->_convert_charset($username, 0);
if ($password && $uid && $username) {
// get session info
$session = $_SESSION[DOKU_COOKIE]['auth'];
if (isset($session) && $session['user'] == $username && $session['pass'] == $password && $session['buid'] == auth_browseruid()) {
$user_info = $session['info'];
$checked = true;
} else {
$user_info = $this->_uc_get_user_full($uid, 1);
if ($uid == $user_info['uid'] && $password == $user_info['password']) {
// he has logged in from other uc apps
$checked = true;
}
}
}
}
}
if ($checked == true) {
$_SERVER['REMOTE_USER'] = $username;
$USERINFO = $user_info;
//FIXME move all references to session
$_SESSION[DOKU_COOKIE]['auth']['user'] = $username;
$_SESSION[DOKU_COOKIE]['auth']['pass'] = $password;
$_SESSION[DOKU_COOKIE]['auth']['buid'] = auth_browseruid();
$_SESSION[DOKU_COOKIE]['auth']['info'] = $user_info;
$_SESSION[DOKU_COOKIE]['auth']['time'] = time();
} else {
// auth_logoff();
// return false;
}
return $checked;
}
function authcode($string, $operation = 'DECODE', $key = '', $expiry = 0)
{
return uc_authcode($string, $operation, $key, $expiry);
}
/**
* 加解密算法.
*
* @$string:加解密原字串
* @$operation:操作,decode为解密;encode为加密
* @$key:加密密钥
* @return:返回加解密后字串
*/
public static function uc_authcode($string, $operation = 'DECODE', $key = '', $expiry = 0)
{
if (!function_exists('uc_authcode')) {
require_once LITHIUM_APP_PATH . '/libraries/uc_client/client.php';
}
return uc_authcode($string, $operation, $key, $expiry);
}
//更新域名解析缓存 开关
define('API_UPDATEAPPS', 1);
//更新应用列表 开关
define('API_UPDATECLIENT', 0);
//更新客户端缓存 开关
define('API_UPDATECREDIT', 0);
//更新用户积分 开关
define('API_GETCREDITSETTINGS', 0);
//向 UCenter 提供积分设置 开关
define('API_UPDATECREDITSETTINGS', 0);
//更新应用积分设置 开关
define('API_RETURN_SUCCEED', '1');
define('API_RETURN_FAILED', '-1');
define('API_RETURN_FORBIDDEN', '-2');
$code = $_GET['code'];
parse_str(uc_authcode($code, 'DECODE', UC_KEY), $get);
if (MAGIC_QUOTES_GPC) {
$get = dstripslashes($get);
}
if (time() - $get['time'] > 3600) {
exit('Authracation has expiried');
}
if (empty($get)) {
exit('Invalid Request');
}
$action = $get['action'];
if ($action == 'test') {
exit(API_RETURN_SUCCEED);
} elseif ($action == 'deleteuser') {
!API_DELETEUSER && exit(API_RETURN_FORBIDDEN);
//用户删除 API 接口
if (!empty($_GET['submit'])) {
if (stripos($_POST['username'], "@")) {
list($uid, $username, $password, $email) = uc_user_login($_POST['username'], $_POST['password'], 2);
} else {
//通过接口判断登录帐号的正确性,返回值为数组
list($uid, $username, $password, $email) = uc_user_login($_POST['username'], $_POST['password']);
}
setcookie('Cta_auth', '', -86400);
if ($uid > 0) {
if (!$db->result_first("SELECT count(*) FROM {$tablepre}members WHERE uid='{$uid}'")) {
//判断用户是否存在于用户表,不存在则跳转到激活页面
$auth = rawurlencode(uc_authcode("{$username}\t" . time(), 'ENCODE'));
echo '您需要需要激活该帐号,才能进入本应用程序<br><a href="' . $_SERVER['PHP_SELF'] . '?fun=register&action=activation&auth=' . $auth . '">继续</a>';
exit;
}
$imei = $db->result_first("SELECT imei FROM {$tablepre}members_imei WHERE uid='{$uid}'");
//用户登陆成功,设置 Cookie,加密直接用 uc_authcode 函数,用户使用自己的函数
//
setcookie('Cta_auth', uc_authcode($uid . "\t" . $username . "\t" . $imei, 'ENCODE'));
//生成同步登录的代码
$ucsynlogin = uc_user_synlogin($uid);
echo '登录成功' . $ucsynlogin . '<br><a href="' . $_SERVER['PHP_SELF'] . '">继续</a>';
exit;
} elseif ($uid == -1) {
echo '用户不存在,或者被删除';
} elseif ($uid == -2) {
echo '密码错';
} else {
echo '未定义';
}
}
* uc_user_login() Must, to judge the effectiveness of the logged on user
* uc_authcode() Optionally, the user center to use encryption and decryption functions Cookie
* uc_user_synlogin() Optional, generate the code synchronization log
*/
if (empty($_POST['submit'])) {
//Login Form
echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '?example=login">';
echo 'Login:'******'<dl><dt>User name</dt><dd><input name="username"></dd>';
echo '<dt>Password</dt><dd><input name="password" type="password"></dd></dl>';
echo '<input name="submit" type="submit"> ';
echo '</form>';
} else {
//Login account through the interface to check the correctness of the return value is an array
list($uid, $username, $password, $email) = uc_user_login($_POST['username'], $_POST['password']);
setcookie('Example_auth', '', -86400);
if ($uid > 0) {
//User login successfully, setting Cookie, encryption directly uc_authcode function, users use their own functions
setcookie('Example_auth', uc_authcode($uid . "\t" . $username, 'ENCODE'));
//The code generated synchronization log
$ucsynlogin = uc_user_synlogin($uid);
echo 'Login Successful ' . $ucsynlogin . '<br><a href="' . $_SERVER['PHP_SELF'] . '">Continue</a>';
exit;
} elseif ($uid == -1) {
echo 'The user does not exist, or deleted';
} elseif ($uid == -2) {
echo 'Password wrong';
} else {
echo 'Undefined';
}
}
static function getUserByCookie()
{
if (!empty($_COOKIE[self::$authPre . 'auth'])) {
list(self::$uid, self::$username, self::$password, self::$email) = explode("\t", uc_authcode($_COOKIE[self::$authPre . 'auth'], 'DECODE'));
return array('uid' => self::$uid, 'username' => self::$username, 'password' => self::$password, 'email' => self::$email);
} else {
return FALSE;
}
}
$email = $_POST['email'];
$username_ok = filters_username($cyask_user);
if (!$username_ok) {
show_message('regist_name_error', '');
}
$email_ok = uc_user_checkemail($email);
if (!$email_ok) {
show_message('regist_email_error' . abs($email_ok), '');
}
$usernum = uc_user_checkname($cyask_user);
if ($usernum != 1) {
show_message('regist_name_used', '');
} else {
$password = trim($_POST['password']);
$cyask_uid = uc_user_register($cyask_user, $password, $email);
if ($cyask_uid > 0) {
$dblink->query("INSERT INTO {$dbprefix}members(uid,username,email,adminid,groupid) VALUES('{$cyask_uid}','{$cyask_user}','{$email}','5','0')");
list($cyask_uid, $username, $passwd, $email) = uc_user_login($cyask_user, $password);
uc_dsetcookie('auth', uc_authcode($cyask_uid . "\t" . $username . "\t" . $email, 'ENCODE'), 86400 * 365);
$syninfo = uc_user_synlogin($cyask_uid);
show_message('regist_succeed', $url);
} else {
show_message('regist_error', '');
}
}
} else {
exit("url error");
}
} else {
include template('register');
}
<?php
if (!empty($_COOKIE['Cta_auth'])) {
list($Cta_uid, $Cta_username, $Cta_imei) = explode("\t", uc_authcode($_COOKIE['Cta_auth'], 'DECODE'));
} else {
$Cta_uid = $Cta_username = $Cta_imei = '';
}
public function _initialize()
{
if (!F('setting')) {
$setting = M('setting')->select();
$set = array();
foreach ($setting as $k => $v) {
$set[$v['name']] = $v['value'];
}
F('setting', $set);
}
$this->assign('setting', F('setting'));
$this->setting = F('setting');
$setting = F('setting');
$this->sign = $this->setting['is_quora'] == 0 ? '帖子' : '问题';
$this->assign('sign', $this->sign);
$this->setting['ucenter_on'] == 1 && (include CONFIG_PATH . '/uc_config.php') . (include './uc_client/client.php');
$u = M('user');
if (Session::get('uid') == NULL && $this->setting['ucenter_on'] == 1 && isset($_COOKIE['qcs_ucenter'])) {
$name = explode("\t", uc_authcode($_COOKIE['qcs_ucenter'], 'DECODE'));
$i = uc_get_user($name[1]);
$uid = $u->where(array('name' => remove_xss($i[1]), 'email' => remove_xss($i[2])))->getField('id');
Session::set('uid', $uid);
} else {
if (Session::get('uid') == NULL && isset($_COOKIE['qcs_auth'])) {
$id = explode("\t", strcode($_COOKIE['qcs_auth'], $this->setting['auth_key'], 'DECODE'));
$uid = is_numeric($id[0]) ? $id[0] : NULL;
Session::set('uid', $uid);
}
}
$this->uid = Session::get('uid');
$user_arr = $this->uid != NULL ? $u->where(array('id' => $this->uid))->find() : NULL;
/*Using function remove_xss and token to filter all of the dangerous xss POST or GET content or remote data from the browser-start*/
if ($_POST) {
$po = array();
foreach ($_POST as $k => $v) {
$po[$k] = remove_xss(htmlspecialchars($v));
}
$this->post = $po;
$this->post['ha'] != Session::get('ha') && exit('Access denied! hash value');
//对所有post的值均要先验证客户端hash值,防止远程提交
}
if ($_GET) {
$g = array();
foreach ($_GET as $k => $v) {
$g[$k] = remove_xss(htmlspecialchars($v));
}
$this->get = $g;
}
/*Using function remove_xss and token to filter all of the dangerous xss POST or GET content or remote data from the browser-end*/
import("ORG.Util.Page");
if ($this->get['noticeid']) {
$notify = M('notice');
$n = $notify->where(array('id' => $this->get['noticeid']))->find();
if ($n != NULL && $n['uid'] == $this->uid) {
$notify->where(array('id' => $this->get['noticeid']))->delete();
$u->where(array('id' => $this->uid))->setDec('newnotice');
if ($user_arr != NULL) {
$user_arr['newnotice'] = $user_arr['newnotice'] - 1;
}
}
}
if ($this->get['msgid'] != NULL) {
$Newmsg = M('newmsg');
$newmsg = $Newmsg->where(array('id' => $this->get['msgid']))->find();
if ($newmsg != NULL && $newmsg['uid'] == $this->uid) {
$Newmsg->where(array('id' => $this->get['msgid']))->delete();
$msgcount = $Newmsg->where(array('uid' => $this->uid))->count();
$u->where(array('id' => $this->uid))->save(array('newmsg' => $msgcount));
if ($user_arr != NULL) {
$user_arr['newmsg'] = $user_arr['newmsg'] - 1;
}
}
}
$this->assign('user', $user_arr);
$this->username = $user_arr['name'];
if (!F('category')) {
$category = M('category')->select();
F('category', $category);
}
!Session::get('ha') && Session::set('ha', md5(rand(0, 99999) . uniqid()));
//生成HASH值防止远程提交,所有post值均要传递此参数,否则首先被阻止
$this->assign('ha', Session::get('ha'));
if ($this->uid != NULL) {
if ($user_arr['newnotice'] != 0) {
if (Session::get('inform') == NULL) {
$notice = M('notice')->where(array('uid' => $this->uid))->limit(5)->select();
$a = M('answer');
$notice_content = '';
foreach ($notice as $k => $v) {
if ($v['aid'] == 0) {
$notice_content .= '<a href="' . U('Question/view?qid=' . $v['qid'] . '¬iceid=' . $v['id']) . '">' . $v['title'] . '<div class="a_list">' . $v['content'] . '</div></a>';
} else {
$bestanswer = $a->where(array('id' => $v['aid']))->getField('bestanswer');
$map['id'] = array('lt', $v['aid']);
$map['qid'] = $v['qid'];
$ga = $a->where($map)->count();
$pa = floor($ga / $setting['reply_per_page']) + 1;
if ($bestanswer == 1) {
$notice_content .= '<a href="' . U('Question/view?qid=' . $v['qid'] . '¬iceid=' . $v['id'] . '¬icepage=1&p=1') . '#qcs_0">' . $v['title'] . '<div class="a_list">' . $v['content'] . '</div></a>';
//when question has bestanswer
} else {
$notice_content .= '<a href="' . U('Question/view?qid=' . $v['qid'] . '¬iceid=' . $v['id'] . '¬icepage=' . $pa . '&p=' . $pa) . '#qcs_' . $ga % $setting['reply_per_page'] . '">' . $v['title'] . '<div class="a_list">' . $v['content'] . '</div></a>';
}
}
}
Session::set('inform', $notice_content);
}
} else {
if (Session::get('inform') != NULL) {
Session::set('inform', NULL);
}
}
if ($user_arr['newmsg'] != 0) {
if (Session::get('message') == NULL) {
$msg = M('newmsg')->where(array('uid' => $this->uid))->limit(10)->select();
$message = '';
foreach ($msg as $k => $v) {
$message .= '<a href="' . U('User/letterview?lid=' . $v['letterid'] . '&msgid=' . $v['id']) . '">' . $v['name'] . '给您发了一封站内信</a>';
}
Session::set('message', $message);
}
} else {
if (Session::get('message') != NULL) {
Session::set('message', NULL);
}
}
}
if (!S('side_no_reply')) {
$list = M('question')->where('answercount=0')->limit($this->setting['side_list_count'])->order('id desc')->select();
$result = NULL;
if ($list == NULL) {
$result = '<div class="no_focus_user">暂无未解决' . $this->sign . '</div>';
} else {
foreach ($list as $k => $v) {
$result .= '<a href="' . U('Question/view?qid=' . $v['id']) . '" class="side_list">' . $v['title'] . '</a>';
}
}
S('side_no_reply', $result, $this->setting['side_list_cachetime']);
}
if (!S('side_hot_user')) {
$avatar_list = M('user')->order('score DESC')->limit(9)->field('id')->select();
S('side_hot_user', $avatar_list, $this->setting['side_list_cachetime']);
}
if (!S('side_recommend_question')) {
$list = M('question')->limit($this->setting['side_list_count'])->order('recommendcount desc')->select();
$result = NULL;
if ($list == NULL) {
$result = '<div class="no_focus_user">暂无热门' . $this->sign . '</div>';
} else {
foreach ($list as $k => $v) {
$result .= '<a href="' . U('question/view?qid=' . $v['id']) . '" class="side_list">' . $v['title'] . '</a>';
}
}
S('side_recommend_question', $result, $this->setting['side_list_cachetime']);
}
}
if (empty($_SERVER['HTTP_HOST'])) {
$baseurl = "http://{$_SERVER['HTTP_HOST']}" . substr($tmp, 0, strrpos($tmp, '/'));
} else {
$baseurl = "http://{$_SERVER['HTTP_HOST']}" . substr($tmp, 0, strrpos($tmp, '/'));
}
if ($gzipcompress && function_exists('ob_gzhandler') && CURSCRIPT != 'wap') {
ob_start('ob_gzhandler');
} else {
$gzipcompress = 0;
ob_start();
}
$dblink = new db_sql();
$dblink->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
$_DCOOKIE = $_DCACHE = array();
list($cyask_uid, $username, $email) = explode("\t", uc_authcode($_COOKIE['auth'], 'DECODE'));
define('FORMHASH', form_hash());
$styleid = $_DCOOKIE['styleid'] ? $_DCOOKIE['styleid'] : 1;
$cyask_adminid = 0;
if ($cyask_uid) {
$query = $dblink->query("SELECT username,password,adminid,groupid FROM {$dbprefix}members WHERE uid={$cyask_uid}");
$members = $dblink->fetch_array($query);
if (empty($members)) {
$members = array();
list($uid, $uname, $email) = uc_get_user($cyask_uid, 1);
$dblink->query("INSERT INTO {$dbprefix}members(uid,username,email,adminid,groupid,regdate) VALUES('{$cyask_uid}','{$username}','{$email}','5','0','" . time() . "')");
$cyask_user = $username;
unset($uid, $uname);
$adminid = '5';
$groupid = 0;
$cyask_adminid = $adminid == 1 || $groupid == 3 ? 1 : 0;
function register()
{
if (isset($_POST)) {
$_POST = setHtmlspecialchars(setFormString($_POST));
}
if ($this->check_login()) {
header('location:' . u('index/index'));
}
//引入配置文件、类库
$this->require_uc();
if (isset($_POST['dosubmit'])) {
if ($this->setting['ucenterlogin']) {
//检查UCENTER中是否有此用户
$ucresult = uc_user_checkname(trim($_POST['name']));
if ($ucresult == -1) {
$this->assign('err', array('err' => 0, 'msg' => '用户名不合法!'));
} elseif ($ucresult == -2) {
$this->assign('err', array('err' => 0, 'msg' => '包含要允许注册的词语!'));
} elseif ($ucresult == -3) {
$this->assign('err', array('err' => 0, 'msg' => '用户名已经存在!'));
}
}
$data = $this->user_mod->create();
$this->assign('data', $data);
$flag = true;
if ($_SESSION['verify'] == md5(trim($_POST['verify']))) {
if ($this->user_mod->where("name='" . trim($data['name']) . "'")->count()) {
$this->assign('err', array('err' => 0, 'msg' => '昵称已存在!'));
$flag = false;
} else {
if (strlen(trim($data['email'])) > 0) {
if ($this->user_mod->where("email='" . trim($data['email']) . "'")->count()) {
$this->assign('err', array('err' => 0, 'msg' => '邮箱已经存在!'));
$flag = false;
}
}
}
} else {
$this->assign('err', array('err' => 0, 'msg' => '验证码不正确!'));
$flag = false;
}
if ($flag) {
if ($this->setting['ucenterlogin']) {
$uid = uc_user_register($_POST['name'], $_POST['passwd'], $_POST['email']);
}
$data['ip'] = $_SERVER['REMOTE_ADDR'];
$data['add_time'] = time();
$data['passwd'] = md5(trim($data['passwd']));
$data['user_info']['sex'] = $_POST['sex'];
$data['user_info']['integral'] = $this->setting['user_register_score'];
if ($this->setting['ucenterlogin']) {
if ($uid <= 0) {
if ($uid == -1) {
$this->assign('err', array('err' => 0, 'msg' => '用户名不合法!'));
} elseif ($uid == -2) {
$this->assign('err', array('err' => 0, 'msg' => '包含要允许注册的词语!'));
} elseif ($uid == -3) {
$this->assign('err', array('err' => 0, 'msg' => '用户名已经存在!'));
} elseif ($uid == -4) {
$this->assign('err', array('err' => 0, 'msg' => 'Email 格式有误!'));
} elseif ($uid == -5) {
$this->assign('err', array('err' => 0, 'msg' => 'Email 不允许注册'));
} elseif ($uid == -6) {
$this->assign('err', array('err' => 0, 'msg' => '该 Email 已经被注册'));
} else {
$this->assign('err', array('err' => 0, 'msg' => '未定义'));
}
} else {
$id = $this->user_mod->relation('user_info')->add($data);
//用户登陆成功,设置 Cookie,加密直接用 uc_authcode 函数,用户使用自己的函数
setcookie('Ucenter_auth', uc_authcode($uid . "\t" . $data['name'], 'ENCODE'));
}
} else {
$id = $this->user_mod->relation('user_info')->add($data);
}
//$_SESSION['user_id']=$id; //注册以后同步dengl
/*
发送站内信
array(to_user,form_user,title,content,date)
注册短信:尊敬的[name]您好:欢迎注册[WEBTITLE],凡是通过[WEBTITLE]提供的链接去淘宝购物进行购物,
都将享受到1%到50%成交额的返现,推广其他用户,即可获取被推广用户返现额的[tg]%的推广佣金,
推广越多挣钱越轻松。祝您购物愉快!也欢迎您把我们的网站告诉更多的淘宝买家,谢谢!
注册送积分:恭喜您,您获得本站注册赠送积分[ZSJIFEN]。
*/
$patterns[0] = "/\\[name\\]/";
$patterns[1] = "/\\[WEBTITLE\\]/";
$patterns[2] = "/\\[tg\\]/";
$replacements[2] = $data['name'];
$replacements[1] = $this->setting['site_name'];
$replacements[0] = $this->setting["cashback_rate"];
$map['key'] = 'msg_zhuce';
$msgtitle = "用户注册短信";
$fromUser = getAdminUserName();
$content = M("user_setmsg")->where($map)->find();
$msgcontent = preg_replace($patterns, $replacements, $content);
$sendmsg = array("to_user" => "{$data['name']}", "from_user" => "{$fromUser}", "title" => "{$msgtitle}", "content" => "{$msgcontent['val']}", "date" => time());
parent::sendMsg($sendmsg);
//送积分
$map['key'] = 'msg_zsjifen';
$msgtitle = "赠送积分短信";
$jifen = M('setting')->where("name='user_register_score'")->find();
$content = M("user_setmsg")->where($map)->find();
$msgcontent = str_replace("[ZSJIFEN]", $jifen['data'], $content);
$sendmsg = array("to_user" => "{$data['name']}", "from_user" => "{$fromUser}", "title" => "{$msgtitle}", "content" => "{$msgcontent['val']}", "date" => time());
parent::sendMsg($sendmsg);
// $last_time=$data['add_time'];
// $key=md5($id.$data['name'].$last_time);
// cookie('user[id]',$id);
// cookie('user[name]',$data['name']);
// cookie('user[login_time]',$last_time);
// cookie('user[key]',$key);
//
//设置本程序cookie
$last_time = time();
$key = md5($id . $data['name'] . $last_time);
cookie('user[id]', $id, 3600 * 24 * 7);
cookie('user[name]', $data['name'], 3600 * 24 * 7);
cookie('user[login_time]', $last_time, 3600 * 24 * 7);
cookie('user[key]', $key, 3600 * 24 * 7);
// if($this->setting['ucenterlogin']){
// echo $ucsynlogin = uc_user_synlogin($uid); //生成同步登录的代码
// }
//如果购买商品的时候跳转过来的则跳转回购买商品页面
if (isset($_GET['item_id']) && intval($_GET['item_id']) != '') {
$item_id = intval($_GET['item_id']);
header('location:' . u('item/index', array('id' => $item_id)));
} else {
header('location:' . u('uc/index'));
}
}
}
$this->display();
}
echo 'Registration:';
echo '<dl><dt>User name</dt><dd><input name="username"></dd>';
echo '<dt>Password</dt><dd><input name="password"></dd>';
echo '<dt>Email</dt><dd><input name="email"></dd></dl>';
echo '<input name="submit" type="submit">';
echo '</form>';
} else {
//Registered user information in UCenter
$uid = uc_user_register($_POST['username'], $_POST['password'], $_POST['email']);
if ($uid <= 0) {
if ($uid == -1) {
echo 'Username illegal';
} elseif ($uid == -2) {
echo 'Contains not allowed words for registration';
} elseif ($uid == -3) {
echo 'User name already exists';
} elseif ($uid == -4) {
echo 'Email format is incorrect';
} elseif ($uid == -5) {
echo 'This Email does not allowed for registration';
} elseif ($uid == -6) {
echo 'This Email is already registered';
} else {
echo 'Undefined';
}
} else {
//Registration is successful, set the Cookie, encryption directly uc_authcode function, users use their own functions
setcookie('Example_auth', uc_authcode($uid . "\t" . $_POST['username'], 'ENCODE'));
echo 'Registration success<br><a href="' . $_SERVER['PHP_SELF'] . '">Continue</a>';
}
}
public function register()
{
if (empty($_POST['submit'])) {
//注册表单
echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
if ($_GET['action'] == 'activation') {
echo 'activate:';
list($activeuser) = explode("\t", uc_authcode($_GET['auth'], 'DECODE'));
echo '<input type="hidden" name="activation" value="' . $activeuser . '">';
echo '<dl><dt>Username</dt><dd>' . $activeuser . '</dd></dl>';
} else {
echo 'Register:';
echo '<dl><dt>Username</dt><dd><input name="username"></dd>';
echo '<dt>Password</dt><dd><input name="password"></dd>';
echo '<dt>Email</dt><dd><input name="email"></dd></dl>';
}
echo '<input name="submit" type="submit">';
echo '</form>';
} else {
//在UCenter注册用户信息
$username = '';
if (!empty($_POST['activation']) && ($activeuser = uc_get_user($_POST['activation']))) {
list($uid, $username) = $activeuser;
} else {
$sql = "SELECT uid FROM example_members WHERE username='******'username']}'";
$query = $this->db->query($sql);
$res = $query->row();
if (uc_get_user($_POST['username']) && !$res->uid) {
//判断需要注册的用户如果是需要激活的用户,则需跳转到登录页面验证
echo 'The user does not need to register, please activate the user<br><a href="' . $_SERVER['PHP_SELF'] . '">continue</a>';
exit;
}
$uid = uc_user_register($_POST['username'], $_POST['password'], $_POST['email']);
if ($uid <= 0) {
if ($uid == -1) {
echo 'The username is invalid';
} elseif ($uid == -2) {
echo 'Contains words that is not allowed to register';
} elseif ($uid == -3) {
echo 'Username Already exists';
} elseif ($uid == -4) {
echo 'Email format is incorrect';
} elseif ($uid == -5) {
echo 'This email is not allowed to register';
} elseif ($uid == -6) {
echo 'Email has been registered';
} else {
echo 'undefined';
}
} else {
$username = $_POST['username'];
}
}
if ($username) {
$data = array('uid' => $uid, 'username' => $username, 'admin' => '0');
$this->db->insert('example_members', $data);
//注册成功,设置 Cookie,加密直接用 uc_authcode 函数,用户使用自己的函数
$this->session->set_userdata('user', array('username' => uc_authcode($uid . "\t" . $username, 'ENCODE')));
$ucsynlogin = uc_user_synlogin($uid);
echo 'Reitster successfully!<br><a href="login">continue</a>' . $ucsynlogin;
exit;
}
}
}
/**
* 激活Ucenter用户
*/
public function activeAction()
{
list($username) = explode("\t", uc_authcode($this->get('auth'), 'DECODE'));
if (empty($username)) {
$this->memberMsg(lang('m-pms-13'));
}
if ($this->isPostForm()) {
$uc_user_info = uc_get_user($username);
$data['email'] = $uc_user_info[2];
$data['regip'] = client::get_user_ip();
$data['avatar'] = UC_API . '/avatar.php?uid=' . $uc_user_info[0] . '&size=middle';
$data['status'] = $this->memberconfig['status'] ? 0 : 1;
$data['modelid'] = $this->post('modelid');
$data['modelid'] = !isset($data['modelid']) || empty($data['modelid']) ? $this->memberconfig['modelid'] : $data['modelid'];
$data['groupid'] = 1;
$data['regdate'] = time();
$data['username'] = $username;
if (!isset($this->membermodel[$data['modelid']])) {
$this->memberMsg(lang('m-reg-17'));
}
if ($member = $this->member->getOne('username=?', $username, 'id')) {
$userid = $member['id'];
} else {
$userid = $this->member->insert($data);
}
if ($userid) {
set_cookie('member_id', $userid, 24 * 3600);
set_cookie('member_code', substr(md5(SITE_MEMBER_COOKIE . $userid), 5, 20), $time);
$this->memberMsg(lang('m-reg-21'), $this->post('back') ? html_entity_decode(urldecode($this->post('back'))) : url('member/'), 1);
} else {
$this->memberMsg(lang('m-reg-22'));
}
}
$this->view->assign(array('backurl' => urlencode($this->get('back')), 'username' => $username, 'meta_title' => lang('m-reg-23') . '-' . $this->site['SITE_NAME'], 'membermodel' => $this->membermodel));
$this->view->display('member/active');
}
define("UC_DBNAME", $MOD['uc_dbname']);
define("UC_DBPRE", $MOD['uc_dbpre']);
define("UC_KEY", $MOD['uc_key']);
define('UC_APPID', $MOD['uc_appid']);
define("UC_API", $MOD['uc_api']);
define("UC_IP", $MOD['uc_ip']);
define("UC_DBTABLEPRE", $MOD['uc_dbpre']);
define("UC_CONNECT", $MOD['uc_mysql'] ? 'mysql' : '');
define('UC_DBCHARSET', $MOD['uc_charset']);
define('API_RETURN_SUCCEED', 1);
define('API_UPDATEPW', 1);
define('API_UPDATECREDIT', 1);
define('API_GETCREDITSETTINGS', 1);
define('API_UPDATECREDITSETTINGS', 1);
require_once DT_ROOT . '/api/ucenter/client.php';
parse_str(uc_authcode($code, 'DECODE', UC_KEY), $uc_arr);
//cache_write('uc'.date('Y-m-d-H-i-s', $DT_TIME).'.php', $uc_arr);
if ($DT_TIME - intval($uc_arr['time']) > 3600) {
exit('Authracation Has Expiried');
}
if (empty($uc_arr)) {
exit('Invalid Request');
}
$action = $uc_arr['action'];
switch ($action) {
case 'test':
exit('1');
break;
case 'synlogin':
$username = $uc_arr['username'];
if ($_username == $username) {
function uc_api_input($data)
{
$s = urlencode(uc_authcode($data . '&agent=' . md5($_SERVER['HTTP_USER_AGENT']) . "&time=" . time(), 'ENCODE', UC_KEY));
return $s;
}
public function actlogin()
{
setcookie('LoginCookie', '', time() - 10 * 60, "/");
//uc登录
require_once "./config.inc.php";
require "./uc_client/client.php";
//uc登录
//list($uid, $username, $password, $email) = uc_user_login(text($arr['username']), $arr['password']);
if (false !== strpos($_POST['sUserName'], "@")) {
$data['user_email'] = text($_POST['sUserName']);
} else {
$data['user_name'] = text($_POST['sUserName']);
$data['user_phone'] = text($_POST['sUserName']);
$data['_logic'] = 'OR';
}
$localuser = M('members')->field('id,user_name,user_pass,is_ban')->where($data)->find();
//var_dump($localuser);die;
if ($localuser) {
list($uid, $username, $password, $email) = uc_user_login(text($localuser['user_name']), $_POST['sPassword']);
//echo "1";die;
} else {
list($uid, $username, $password, $email) = uc_user_login(text($_POST['sUserName']), $_POST['sPassword']);
//echo "0";die;
}
//var_dump($uid);die;
if ($localuser['is_ban'] == 1) {
ajaxmsg("您的帐户已被冻结,请联系客服处理!", 0);
}
if ($uid > 0) {
//echo "eurer";die;
if (!$localuser) {
//echo "54656";die;
$regdata['txtUser'] = text($_POST['sUserName']);
$regdata['txtPwd'] = text($_POST['sPassword']);
$regdata['txtEmail'] = $email;
$newuid = $this->ucreguser($regdata);
//var_dump($newuid);die;
if (is_numeric($newuid) && $newuid > 0) {
//用户登录成功,设置 Cookie,加密直接用 uc_authcode 函数,用户使用自己的函数
setcookie('LoginCookie', uc_authcode($uid . "\t" . $username, 'ENCODE'));
//生成同步登录的代码
$ucsynlogin = uc_user_synlogin($uid);
//echo json_encode($ucsynlogin);exit;
//$this->success("登录成功",);
header('Location: http://www.baidu.com/');
} else {
//ajaxmsg($newuid,0);
$this->error("登录失败");
}
} else {
//echo "2";die;
session('u_id', $localuser['id']);
session('u_user_name', $localuser['user_name']);
$ucsynlogin = uc_user_synlogin($uid);
//echo json_encode($ucsynlogin);exit;
header('Location: http://qfw.taoweikeji.com/M/Member/member');
}
} elseif ($uid == -1) {
//ajaxmsg("用户不存在,或被删除!",0);
$this->error("用户不存在,或被删除!");
} elseif ($uid == -2) {
//ajaxmsg("密码错误!",0);
$this->error("密码错误");
} else {
//ajaxmsg("未知错误!",0);
$this->error("未知错误!");
}
}