/**
* 构造函数
*/
function sitePushback2share()
{
$this->_userConfig['ip'] = DB::mysqli_escape(XWB_plugin::getIP());
$this->_userConfig['uid'] = (int) XWB_plugin::pCfg('pushback_uid');
$this->_userConfig['username'] = DB::mysqli_escape(XWB_plugin::convertEncoding((string) XWB_plugin::pCfg('pushback_username'), 'UTF-8', XWB_S_CHARSET));
$this->_userConfig['timestamp'] = (int) TIMESTAMP;
//DZ已有的变量,直接使用之
if ($this->_userConfig['uid'] < 1) {
$this->_userConfig['uid'] = 0;
$this->_userConfig['username'] = '******';
}
}
/**
* 进行身份验证
* 请保证传参所用字符集和论坛字符集一致,否则请先自行转换再传参
* @param string $username
* @param string $password
* @param int $questionid
* @param string $answer
* @param boolen $isuid 使用UID验证么?
* @return array
* 第一个数组下标($return[0])若大于0,则表示验证成功的登录uid。否则为错误信息:
* -1:UC用户不存在,或者被删除
* -2:密码错
* -3:安全提问错
* -4:用户没有在dz注册
* 第二个数组下标($return[1])若大于等于0,则表示验证成功的adminid;
* 否则为-1,表示验证失败
*/
function verify($username, $password, $questionid = '', $answer = '', $isuid = 0)
{
$return = array(0 => -1, 1 => -1);
$ip = XWB_plugin::getIP();
/**
* 校验用户输入错误密码的次数
*/
$failedlogins = $this->db->fetch_first("select * from " . XWB_S_TBPRE . "failedlogins where `ip`='{$ip}'");
if ($failedlogins && $failedlogins['count'] >= 5) {
$return[0] = -5;
return $return;
}
/**
* 校验用户输入的用户名和密码是否正确
*/
if (true === UCENTER) {
//加载Ucenter客户端文件
include_once ROOT_PATH . './api/uc_client/client.php';
$uc_result = uc_user_login($username, $password, $isuid, 0, $questionid, $answer);
$ucuid = $uc_result[0];
if ($ucuid < 1) {
$return[0] = $ucuid;
return $return;
}
}
$member = $this->db->fetch_first("SELECT `uid`, `password`, `nickname`, `username`, `role_type`, `salt` FROM " . XWB_S_TBPRE . "members WHERE `nickname`='{$username}'");
if ($member) {
/**
* 在记事狗系统中比对用户输入的密码
*/
if ($member['password'] == jsg_member_password($password, $member['salt'])) {
$return[0] = (int) $member['uid'];
$return[1] = 'admin' == $member['role_type'] ? 1 : 0;
} else {
$return[0] = -2;
/**
* 更新密码输入错误的次数
*/
if ($failedlogins) {
$this->db->query("update " . XWB_S_TBPRE . "failedlogins set `count`='" . (max(1, (int) $failedlogins['count']) + 1) . "', `lastupdate`='" . time() . "' where `ip`='{$ip}'");
} else {
$this->db->query("insert into " . XWB_S_TBPRE . "failedlogins (`ip`,`count`,`lastupdate`) values ('{$ip}','1','" . time() . "')");
}
}
}
return $return;
}
/**
* 生成统计上报url(当$html参数为true时,可使用返回的内容,通过客户端进行上报)
* @param string $type stat类型
* @param array $args stat参数
* @param bool 生成html?默认为否
* @param bool 是否产生random?默认为是
* @return string
*/
function statUrl($type, $args = array(), $html = false, $random = true)
{
if (defined('XWB_P_STAT_DISABLE')) {
return '';
}
$statUrl = 'http://beacon.x.weibo.com/a.gif';
//stat参数公用部分添加
$args['pjt'] = XWB_P_PROJECT;
$args['dsz'] = XWB_S_VERSION;
$args['ver'] = XWB_P_VERSION;
$args['xt'] = $type;
$args['akey'] = isset($args['akey']) ? $args['akey'] : XWB_APP_KEY;
$args['ip'] = XWB_plugin::getIP();
//新浪用户uid,最好强制传值,否则会异步计算错误
if (!isset($args['uid'])) {
$args['uid'] = XWB_plugin::getBindInfo("sina_uid");
}
$args['uid'] = !is_numeric($args['uid']) || 1 > $args['uid'] ? '' : $args['uid'];
if (true === $random) {
$args['random'] = rand(1, 999999);
}
$statUrl .= '?' . http_build_query($args);
if (defined('XWB_P_DEBUG') && true == XWB_P_DEBUG) {
$logmsg = "上报的URL为:" . $statUrl;
XWB_plugin::LOG($logmsg, 'statRecord', false);
}
if (false == $html) {
return $statUrl;
} else {
return '<img src="' . $statUrl . '" style="display:none" />';
}
}
/**
* 生成一个session id校验
* @uses XWB_P_ROOT , XWB_plugin
* @param string $id
*/
function generateSessionHash($id)
{
$key = '';
if (!empty($_SERVER['HTTP_USER_AGENT'])) {
$key .= $_SERVER['HTTP_USER_AGENT'];
}
$key = XWB_P_ROOT . XWB_plugin::getIP() . $id;
return sprintf('%08x', crc32($key));
}
/**
* Format and sign an OAuth / API request
* 目前仅支持get和post方法
*
* @return array
*/
function oAuthRequest($url, $method, $parameters, $useType = true, $multi = false)
{
$request = ns_OAuthRequest::from_consumer_and_token($this->token, $method, $url, $parameters);
$method = strtoupper($method);
switch ($method) {
case 'GET':
$this->last_req_url = $request->to_url();
$this->http->setUrl($request->to_url());
break;
case 'POST':
$this->last_req_url = $request->get_normalized_http_url();
$this->http->setUrl($request->get_normalized_http_url());
$this->http->setData($request->to_postdata($multi));
if ($multi) {
$header_array = array();
$header_array2 = array();
if ($multi) {
$header_array2 = array("Content-Type: multipart/form-data; boundary=" . $GLOBALS['__CLASS']['ns_OAuthRequest']['__STATIC']['boundary'], "Expect: ");
}
foreach ($header_array as $k => $v) {
array_push($header_array2, $k . ': ' . $v);
}
if (!defined('CURLOPT_HTTPHEADER')) {
define('CURLOPT_HTTPHEADER', 10023);
}
$config = array(CURLOPT_HTTPHEADER => $header_array2);
$this->http->setConfig($config);
}
break;
default:
trigger_error('WRONG REQUEST METHOD IN WEIBO CLASS!', E_USER_ERROR);
break;
}
$this->http->setHeader('API-RemoteIP', (string) XWB_plugin::getIP());
$time_start = microtime();
$result = $this->http->request(strtolower($method));
$time_end = microtime();
$time_process = array_sum(explode(" ", $time_end)) - array_sum(explode(" ", $time_start));
if ($useType === false || $useType === true) {
$result = xwb_util_json::decode($result, true);
}
$code = $this->http->getState();
if (200 != $code) {
$this->_delBindCheck(isset($result['error']) ? (string) $result['error'] : (string) $result);
$this->req_error_count++;
}
if (defined('XWB_DEV_LOG_ALL_RESPOND') && XWB_DEV_LOG_ALL_RESPOND == true) {
$this->logRespond($this->last_req_url, $method, (int) $code, $result, array('param' => $parameters, 'time_process' => $time_process, 'triggered_error' => $this->http->get_triggered_error(), 'base_string' => $request->base_string, 'key_string' => $request->key_string));
}
if (200 != $code) {
if (0 == $code) {
$result = array("error_code" => "50000", "error" => "timeout");
}
if ($useType === true) {
if (!is_array($result)) {
$result = array('error' => (string) $result, 'error_code' => $code);
}
$this->setError($result);
}
}
return $result;
}