/** * 开启远程API */ function openApi() { if (!xwb_token::checkInput('p', $this->tokehash, true)) { exit(json_encode(array('errno' => 1, 'err' => '令牌验证失败,请返回重试'))); } $url = trim(XWB_plugin::V('p:url', '')); if (!$url || strpos($url, 'http') !== 0) { exit(json_encode(array('errno' => 1, 'err' => '请输入远程API地址'))); } if (!defined('XWB_LOCAL_API') || '' == XWB_LOCAL_API) { exit(json_encode(array('errno' => 2, 'err' => '请设置本地API地址'))); } $stx = XWB_plugin::pCfg('switch_to_xweibo'); $utx = XWB_plugin::pCfg('url_to_xweibo'); if (XWB_plugin::setPCfg(array('switch_to_xweibo' => 1, 'url_to_xweibo' => $url))) { $api = XWB_plugin::N('apixwb', $url); $response = $api->setNotice(1, XWB_LOCAL_API, FALSE); if (!is_array($response) || 0 != $response['errno']) { XWB_plugin::setPCfg(array('switch_to_xweibo' => $stx, 'url_to_xweibo' => $utx)); } elseif (!empty($response['rst']['baseurl'])) { XWB_plugin::setPCfg(array('baseurl_to_xweibo' => $response['rst']['baseurl'])); } exit(json_encode($response)); } else { exit(json_encode(array('errno' => 1, 'err' => '配置文件无法写入'))); } }
/** * 评论回推设置:设置和开启评论回推选项 */ function doCfg4pushback() { if (!defined('XWB_S_IS_ADMIN') || !XWB_S_IS_ADMIN || !XWB_plugin::isRequestBy('POST')) { XWB_plugin::deny(''); } $is_pushback_open = 1; $pushback_to_thread = intval(XWB_plugin::V('p:pushback_to_thread')); $pushback_to_blog = intval(XWB_plugin::V('p:pushback_to_blog')); $pushback_to_doing = intval(XWB_plugin::V('p:pushback_to_doing')); $pushback_to_share = intval(XWB_plugin::V('p:pushback_to_share')); if (!$pushback_to_thread && !$pushback_to_blog && !$pushback_to_doing && !$pushback_to_share) { $is_pushback_open = 0; } $res = XWB_Plugin::setPCfg(array('is_pushback_open' => $is_pushback_open, 'pushback_to_thread' => $pushback_to_thread, 'pushback_to_blog' => $pushback_to_blog, 'pushback_to_doing' => $pushback_to_doing, 'pushback_to_share' => $pushback_to_share)); if (true == $res) { $ret = array(1, '设置保存成功。'); } else { $ret = array(0, '设置保存失败,请检查配置文件app.cfg.php是否具有可写权限?'); } $this->_oScript('xwbSetTips', $ret); $pushInstance = XWB_Plugin::O('pushbackCommunicator'); if (1 == $is_pushback_open) { $pushInstance->setPushback('comment'); } else { $pushInstance->cancelPushback(); } }
/** * 开启远程API */ function openApi() { $url = XWB_plugin::V('p:url', ''); if (!$url) { exit(json_encode(array('errno' => 1, 'err' => '请输入远程API地址'))); } if (!defined('XWB_LOCAL_API') || '' == XWB_LOCAL_API) { exit(json_encode(array('errno' => 2, 'err' => '请设置本地API地址'))); } $stx = XWB_plugin::pCfg('switch_to_xweibo'); $utx = XWB_plugin::pCfg('url_to_xweibo'); if (XWB_plugin::setPCfg(array('switch_to_xweibo' => 1, 'url_to_xweibo' => $url))) { $api = XWB_plugin::N('apixwb', $url); $response = $api->setNotice(1, XWB_LOCAL_API, FALSE); if (!is_array($response) || 0 != $response['errno']) { XWB_plugin::setPCfg(array('switch_to_xweibo' => $stx, 'url_to_xweibo' => $utx)); } elseif (!empty($response['rst']['baseurl'])) { XWB_plugin::setPCfg(array('baseurl_to_xweibo' => $response['rst']['baseurl'])); } exit(json_encode($response)); } else { exit(json_encode(array('errno' => 1, 'err' => '配置文件无法写入'))); } }
<?php /* * @version $Id: newarticle.hack.php 453 2010-12-23 04:36:02Z yaoying $ */ if (!defined('IS_IN_XWB_PLUGIN')) { exit('Access Denied!'); } global $_G; $aid = isset($GLOBALS['aid']) ? (int) $GLOBALS['aid'] : 0; $subject = isset($_POST['title']) ? (string) $_POST['title'] : ''; if ($aid >= 1) { if (XWB_plugin::V('p:syn')) { $xp_publish = XWB_plugin::N('xwb_plugins_publish'); register_shutdown_function(array(&$xp_publish, 'articleSync'), (int) $aid, $subject); } }
/** * 获取当前请求的 route 名称 * @param boolen $is_acc 是否以数组返回。默认为否 * @return string|mixed */ function getRequestRoute($is_acc = false) { $m = XWB_plugin::V("g:" . XWB_R_GET_VAR_NAME); $m = !empty($m) ? $m : XWB_R_DEF_MOD; if (!$is_acc) { return $m; } else { $r = XWB_plugin::_parseRoute($m); return array('path' => $r[1], 'class' => $r[2], 'function' => $r[3]); } }
/** * Exchange the request token and secret for an access token and * secret, to sign API calls. * * @return array */ function getAccessToken($oauth_verifier = FALSE, $oauth_token = false, $useType = 'string') { $parameters = array(); $parameters["client_id"] = XWB_APP_KEY; $parameters["client_secret"] = XWB_APP_SECRET_KEY; $parameters["grant_type"] = "authorization_code"; $parameters["code"] = XWB_plugin::V('r:code'); $parameters["redirect_uri"] = XWB_plugin::getEntryURL('xwbAuth.authCallBack'); $token = $this->oAuthRequest($this->accessTokenURL(), 'POST', $parameters, true); $token['oauth_token'] = $token['access_token']; $token['oauth_token_secret'] = ""; return $token; }
/** * 帖子转发 */ function doShare() { if (!XWB_plugin::pCfg('is_rebutton_display')) { XWB_plugin::showError('新浪微博资料页功能已经关闭!'); } /* 判断是否外部转发 */ if (!isset($_SESSION['forshare']) || TRUE !== $_SESSION['forshare']) { XWB_plugin::showError('禁止外部转发'); } /* 销毁 SESSION['forshare'] 变量*/ unset($_SESSION['forshare']); /* 判断转发时间间隔 */ $shareTime = intval(XWB_plugin::pCfg('wbx_share_time')); if ($shareTime >= time() - intval(@$_SESSION['sharetime'])) { XWB_plugin::showError("转发过快,转发间隔为 {$shareTime} 秒"); } /* 获取用户信息 */ $rst = $this->_getUserInfo(); if (isset($rst['error_no']) && 0 < $rst['error_no']) { $this->_showTip($rst['error']); } /* 获取传递信息 */ $message = trim(strval(XWB_plugin::V('p:message'))); $pic = trim(strval(XWB_plugin::V('p:share_pic'))); if (empty($message)) { $this->_showTip('错误:转发信息不能为空.', $rst); } /* 转发主题 */ $xp_publish = XWB_plugin::N('xwb_plugins_publish'); $ret = $xp_publish->sendShare($message, $pic); /* 写入 SESSION 发布时间 */ $_SESSION['sharetime'] = time(); /* 错误处理 */ if ($ret === false || $ret === null) { $this->_showTip('错误:系统错误!', $rst); } if (isset($ret['error_code']) && isset($ret['error'])) { $error_code_se = substr($ret['error'], 0, 5); if ('400' == $ret['error_code'] && '40025' == $error_code_se) { $ret['error'] = '错误:不能发布相同的微博!'; } else { $ret['error'] = '错误:系统错误!'; } $this->_showTip($ret['error'], $rst); } $this->_showTip('转发成功!', $rst); }
function authCallBack() { if (!XWB_plugin::pCfg('is_account_binding')) { XWB_plugin::showError('网站管理员关闭了插件功能“新浪微博绑定”。请稍后再试。'); } //-------------------------------------------------------------------- global $_G; $sess = XWB_plugin::getUser(); $waiting_site_bind = $sess->getInfo('waiting_site_bind'); if (empty($waiting_site_bind)) { //XWB_plugin::deny(); $siteUrl = XWB_plugin::siteUrl(0); XWB_plugin::redirect($siteUrl, 3); } $sess->setOAuthKey(array(), true); //-------------------------------------------------------------------- $wbApi = XWB_plugin::getWB(); $db = XWB_plugin::getDB(); $last_key = $wbApi->getAccessToken(XWB_plugin::V('r:oauth_verifier')); //print_r($last_key); if (!isset($last_key['oauth_token']) || !isset($last_key['oauth_token_secret'])) { $api_error_origin = isset($last_key['error']) ? $last_key['error'] : 'UNKNOWN ERROR. MAYBE SERVER CAN NOT CONNECT TO SINA API SERVER'; $api_error = isset($last_key['error_CN']) && !empty($last_key['error_CN']) && 'null' != $last_key['error_CN'] ? $last_key['error_CN'] : ''; XWB_plugin::LOG("[WEIBO CLASS]\t[ERROR]\t#{$wbApi->req_error_count}\t{$api_error}\t{$wbApi->last_req_url}\tERROR ARRAY:\r\n" . print_r($last_key, 1)); XWB_plugin::showError("服务器获取Access Token失败;请稍候再试。<br />错误原因:{$api_error}[{$api_error_origin}]"); } $sess->setOAuthKey($last_key, true); $wbApi->setConfig(); $uInfo = $wbApi->verifyCredentials(); $sess->setInfo('sina_uid', $uInfo['id']); $sess->setInfo('sina_name', $uInfo['screen_name']); //print_r($uInfo); //-------------------------------------------------------------------- /// 此帐号是否已经在当前站点中绑定 $sinaHasBinded = false; $stat_is_bind_type = 0; if (defined('XWB_S_UID') && XWB_S_UID > 0) { $bInfo = XWB_plugin::getBUById(XWB_S_UID, $uInfo['id']); } else { $bInfo = XWB_plugin::getBindUser($uInfo['id'], 'sina_uid'); //远程API } if (!is_array($bInfo) && (defined('XWB_S_UID') && XWB_S_UID > 0)) { $bInfo = XWB_plugin::getBindUser(XWB_S_UID, 'site_uid'); //登录状态下再查一次API,确保没有绑定 } if (!empty($bInfo) && is_array($bInfo)) { $sinaHasBinded = true; dsetcookie($this->_getBindCookiesName($bInfo['uid']), (string) $bInfo['sina_uid'], 604800); //核查存储的access token是否有更新,有更新则进行自动更新 if ($bInfo['sina_uid'] == $uInfo['id'] && ($bInfo['token'] != $last_key['oauth_token'] || $bInfo['tsecret'] != $last_key['oauth_token_secret'])) { XWB_plugin::updateBindUser($bInfo['uid'], $bInfo['sina_uid'], (string) $last_key['oauth_token'], (string) $last_key['oauth_token_secret'], $uInfo['screen_name']); //远程API } } //-------------------------------------------------------------------- /// 决定在首页中显示什么浮层 $tipsType = ''; //xwb_tips_type //已在论坛登录 if (defined('XWB_S_UID') && XWB_S_UID) { if ($sinaHasBinded) { //$sinaHasBinded为true时,$bInfo必定存在 if (XWB_S_UID != $bInfo['uid'] || $bInfo['sina_uid'] != $uInfo['id']) { $tipsType = 'hasBinded'; $sess->clearToken(); } else { $tipsType = 'autoLogin'; } } else { //远程API $rst = XWB_plugin::addBindUser(XWB_S_UID, $uInfo['id'], (string) $last_key['oauth_token'], (string) $last_key['oauth_token_secret'], $uInfo['screen_name']); if (!$rst) { echo "DB ERROR"; exit; return false; } $tipsType = 'bind'; dsetcookie($this->_getBindCookiesName(XWB_S_UID), (string) $uInfo['id'], 604800); //正向绑定统计上报 $sess->appendStat('bind', array('uid' => $uInfo['id'], 'type' => 1)); } } else { //从 wb 登录后 检查用户是否绑定,如果绑定了 则在附属站点自 if ($sinaHasBinded) { require_once XWB_P_ROOT . '/lib/xwbSite.inc.php'; $result = xwb_setSiteUserLogin((int) $bInfo['uid']); if (false == $result) { dsetcookie($this->_getBindCookiesName($bInfo['uid']), -1, 604800); XWB_plugin::delBindUser($bInfo['uid']); //远程API $tipsType = 'siteuserNotExist'; } else { $stat_is_bind_type = 1; $tipsType = 'autoLogin'; } } else { //已登录WB,没有附属站点的帐号 引导注册 $sess->setInfo('waiting_site_reg', '1'); $tipsType = 'reg'; } } //-------------------------------------------------------------------- //bind的页面需要跳转,故需要使用cookies记录 if ($tipsType == 'bind') { dsetcookie('xwb_tips_type', $tipsType, 0); } //$sess->setInfo('xwb_tips_type', $tipsType); $sess->setInfo('waiting_site_bind', 0); //使用sina微博帐号登录成功(不管是否绑定)统计上报 $sess->appendStat('login', array('uid' => $uInfo['id'], 'is_bind' => $stat_is_bind_type)); //所有跟站点相关的对接,必须放到_showBinging $this->_showBinging($tipsType); }
<?php /** *[JishiGou] (C)2005 - 2099 Cenwor Inc. * * This is NOT a freeware, use is subject to license terms * * @Filename newtopic.hack.php $ * * @Author 狐狸<*****@*****.**> $ * * @version $Id: newtopic.hack.php 3699 2013-05-27 07:26:39Z wuliyong $ */ if (!defined('IS_IN_XWB_PLUGIN')) { exit('Access Denied!'); } if (XWB_plugin::isUserBinded() && XWB_plugin::V('p:syn_to_sina')) { $xp_publish = XWB_plugin::N('xwb_plugins_publish'); $xp_publish->topic((int) ($tid ? $tid : $GLOBALS['jsg_tid']), (int) ($totid ? $totid : $GLOBALS['jsg_totid']), (string) $GLOBALS['jsg_message'], (string) $GLOBALS['jsg_imageid']); }
function authCallBack() { if (!XWB_plugin::pCfg('is_account_binding')) { XWB_plugin::showError('新浪微博绑定功能已经关闭!'); } //-------------------------------------------------------------------- $sess = XWB_plugin::getUser(); $waiting_site_bind = $sess->getInfo('waiting_site_bind'); if (empty($waiting_site_bind)) { //XWB_plugin::deny(); $siteUrl = XWB_plugin::siteUrl(0); XWB_plugin::redirect($siteUrl, 3); } //-------------------------------------------------------------------- $wbApi = XWB_plugin::getWB(); $db = XWB_plugin::getDB(); $last_key = $wbApi->getAccessToken(XWB_plugin::V('r:oauth_verifier')); $sess->setOAuthKey(array(), true); // print_r($last_key); if (!isset($last_key['oauth_token']) || !isset($last_key['oauth_token_secret'])) { $api_error_origin = isset($last_key['error']) ? $last_key['error'] : 'UNKNOWN ERROR. MAYBE SERVER CAN NOT CONNECT TO SINA API SERVER'; $api_error = isset($last_key['error_CN']) && !empty($last_key['error_CN']) && 'null' != $last_key['error_CN'] ? $last_key['error_CN'] : ''; XWB_plugin::LOG("[WEIBO CLASS]\t[ERROR]\t#{$wbApi->req_error_count}\t{$api_error}\t{$wbApi->last_req_url}\tERROR ARRAY:\r\n" . print_r($last_key, 1)); XWB_plugin::showError("服务器获取Access Token失败;请稍候再试。<br />错误原因:{$api_error}[{$api_error_origin}]"); } $sess->setOAuthKey($last_key, true); $wbApi->setConfig(); $uInfo = $wbApi->verifyCredentials(); $sess->setInfo('sina_uid', $uInfo['id']); $sess->setInfo('sina_name', $uInfo['screen_name']); //print_r($uInfo); //-------------------------------------------------------------------- /// 此帐号是否已经在当前站点中绑定 $sinaHasBinded = false; if (defined('XWB_S_UID') && XWB_S_UID > 0) { $bInfo = $db->fetch_first("SELECT * FROM " . XWB_S_TBPRE . "xwb_bind_info WHERE sina_uid='" . $uInfo['id'] . "' OR uid='" . XWB_S_UID . "'"); } else { $bInfo = $db->fetch_first("SELECT * FROM " . XWB_S_TBPRE . "xwb_bind_info WHERE sina_uid='" . $uInfo['id'] . "'"); } if (!empty($bInfo) && is_array($bInfo)) { $sinaHasBinded = true; //核查存储的access token是否有更新,有更新则进行自动更新 if ($bInfo['token'] != $last_key['oauth_token'] || $bInfo['tsecret'] != $last_key['oauth_token_secret']) { $db->query("UPDATE " . XWB_S_TBPRE . "xwb_bind_info SET token='" . (string) $last_key['oauth_token'] . "', tsecret='" . (string) $last_key['oauth_token_secret'] . "' WHERE sina_uid='" . $uInfo['id'] . "'"); } } //-------------------------------------------------------------------- /// 决定在首页中显示什么浮层 $tipsType = ''; //xwb_tips_type //已在论坛登录 if (defined('XWB_S_UID') && XWB_S_UID) { if ($sinaHasBinded) { $tipsType = 'hasBinded'; $sess->clearToken(); } else { $inData = array(); $inData['uid'] = XWB_S_UID; $inData['sina_uid'] = $uInfo['id']; $inData['token'] = $last_key['oauth_token']; $inData['tsecret'] = $last_key['oauth_token_secret']; $inData['profile'] = '[]'; $sqlF = array(); $sqlV = array(); foreach ($inData as $k => $v) { $sqlF[] = "`" . $k . "`"; $sqlV[] = "'" . mysql_real_escape_string($v) . "'"; } $sql = "REPLACE INTO " . XWB_S_TBPRE . "xwb_bind_info (" . implode(",", $sqlF) . ") VALUES (" . implode(",", $sqlV) . ") ;"; $rst = $db->query($sql, 'UNBUFFERED'); jclass('misc')->update_account_bind_info(XWB_S_UID, '', '', 1); if (!$rst) { echo "DB ERROR"; exit; return false; } $tipsType = 'bind'; //正向绑定统计上报 $sess->appendStat('bind', array('uid' => $uInfo['id'], 'type' => 1)); } } else { //从 wb 登录后 检查用户是否绑定,如果绑定了 则在附属站点自 if ($sinaHasBinded) { require_once XWB_P_ROOT . '/lib/xwbSite.inc.php'; $result = xwb_setSiteUserLogin((int) $bInfo['uid']); if (!$result) { $db->query("DELETE FROM " . XWB_S_TBPRE . "xwb_bind_info WHERE sina_uid='" . $uInfo['id'] . "'"); $tipsType = 'siteuserNotExist'; } else { $tipsType = 'autoLogin'; } } else { //已登录WB,没有附属站点的帐号 引导注册 $sess->setInfo('waiting_site_reg', '1'); $tipsType = 'reg'; } } //-------------------------------------------------------------------- //bind的页面需要跳转,故需要使用cookies记录 if ($tipsType == 'bind') { setcookie('xwb_tips_type', $tipsType, 0); } //$sess->setInfo('xwb_tips_type', $tipsType); $sess->setInfo('waiting_site_bind', 0); //使用sina微博帐号登录成功(不管是否绑定)统计上报 $sess->appendStat('login', array('uid' => $uInfo['id'])); //所有跟站点相关的对接,必须放到_showBinging $this->_showBinging($tipsType); }
/** * 验算二次tokenhash是否正确 * @param string $type 类型,可选值:g/p/c/r * @return bool */ function checkSecFormhash($type = 'p') { if (XWB_plugin::V($type . ':' . XWB_TOKEN_NAME) != xwb_token::makeSecFormhash()) { return false; } else { return true; } }
function setSync() { $uid = max(0, (int) MEMBER_ID); if ($uid < 1) { $this->Messager("请先<a href='index.php?mod=login'>点此登录</a>或者<a href='index.php?mod=member'>点此注册</a>一个帐号", null); } $setting = (int) $this->Get['setting']; if ('sina' == $this->Get['type']) { define('IS_IN_XWB_PLUGIN', true); define('XWB_P_ROOT', ROOT_PATH . 'include/ext/xwb/'); require_once XWB_P_ROOT . 'sina.php'; require_once XWB_P_ROOT . 'lib/core.class.php'; if (XWB_S_UID < 1 || !XWB_plugin::pCfg('is_account_binding')) { XWB_plugin::showError('新浪微博绑定功能已经关闭!'); } $tojishigou = XWB_plugin::V('G:tojishigou'); $reply_tojishigou = XWB_plugin::V('G:reply_tojishigou'); $profile = XWB_plugin::O('xwbUserProfile'); $profile->set(array('bind_setting' => (int) $setting, 'synctopic_tojishigou' => (int) $tojishigou, 'syncreply_tojishigou' => (int) $reply_tojishigou)); $r = jclass('misc')->update_account_bind_info(XWB_S_UID, '', '', 1); } elseif ('qq' == $this->Get['type']) { $this->DatabaseHandler->Query("update " . TABLE_PREFIX . "qqwb_bind_info set `synctoqq`='{$setting}' where `uid`='{$uid}'"); $r = jclass('misc')->update_account_bind_info($uid, '', '', 1); } elseif ('renren' == $this->Get['type'] && !$setting) { $r = $this->DatabaseHandler->Query("delete from " . TABLE_PREFIX . "renren_bind_info where `uid`='{$uid}'"); } elseif ('kaixin' == $this->Get['type']) { $this->DatabaseHandler->Query("delete from " . TABLE_PREFIX . "kaixin_bind_info where `uid`='{$uid}'"); } json_result('ok', $setting ? 0 : 1); }
<?php /* * @version $Id: newblog.hack.php 453 2010-12-23 04:36:02Z yaoying $ */ if (!defined('IS_IN_XWB_PLUGIN')) { exit('Access Denied!'); } global $_G; $blogid = isset($GLOBALS['newblog']['blogid']) ? (int) $GLOBALS['newblog']['blogid'] : 0; if ($blogid > 0 && XWB_plugin::V('p:syn')) { $xp_publish = XWB_plugin::N('xwb_plugins_publish'); register_shutdown_function(array(&$xp_publish, 'blogSync'), $blogid, (string) $GLOBALS['newblog']['subject']); }