exit; } $Message = ''; //下面是回调页面的处理 if (!$OauthObject->GetAccessToken($CurProtocol . $_SERVER['HTTP_HOST'] . $Config['WebsitePath'], $AppID, $AppInfo['AppSecret'], $Code)) { AlertMsg('400 Bad Request', '400 Bad Request', 400); } if (!$OauthObject->GetOpenID()) { AlertMsg('400 Bad Request', '400 Bad Request', 400); } // 非Post页,储存AccessToken $_SESSION[$Prefix . 'OauthAccessToken'] = $OauthObject->AccessToken; // 释放session防止阻塞 session_write_close(); $OauthUserID = $DB->single("SELECT UserID FROM " . $Prefix . "app_users \n\t\tWHERE AppID=:AppID AND OpenID = :OpenID", array('AppID' => $AppID, 'OpenID' => $OauthObject->OpenID)); $OauthObject->GetUserInfo(); CheckOpenID(); } if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (!ReferCheck(Request('Post', 'FormHash')) || empty($_SESSION[$Prefix . 'OauthAccessToken']) || !$State || empty($_SESSION[$Prefix . 'OauthState']) || $State != $_SESSION[$Prefix . 'OauthState']) { AlertMsg($Lang['Error_Unknown_Referer'], $Lang['Error_Unknown_Referer'], 403); } // 读入Access Token $OauthObject->AccessToken = $_SESSION[$Prefix . 'OauthAccessToken']; // 释放session防止阻塞 session_write_close(); if (!$OauthObject->GetOpenID()) { AlertMsg('400 Bad Request', '400 Bad Request', 400); } $OauthUserInfo = $OauthObject->GetUserInfo(); CheckOpenID();