コード例 #1
0
 /**
  * 在未登录论坛帐号,但已登录新浪微博帐号的绑定页面进行用户账户验证和绑定
  */
 function doBindAtNotLog()
 {
     if (!XWB_plugin::pCfg('is_account_binding') || !XWB_plugin::isRequestBy('POST')) {
         XWB_plugin::showError('网站管理员关闭了插件功能“新浪微博绑定”。请稍后再试。');
     }
     $this->_chkIsWaitingForReg();
     $usernameS = trim((string) XWB_plugin::V('p:siteBindName'));
     $password = trim((string) XWB_plugin::V('p:bindPwd'));
     $questionid = (int) XWB_plugin::V('p:questionid');
     $questionanswerS = trim((string) XWB_plugin::V('p:questionanswer'));
     $username = XWB_plugin::convertEncoding($usernameS, "UTF8", XWB_S_CHARSET);
     if (!empty($questionanswerS)) {
         $questionanswer = XWB_plugin::convertEncoding($questionanswerS, "UTF8", XWB_S_CHARSET);
     } else {
         $questionanswer = '';
     }
     $uid = 0;
     //第1关:数据输入验证关
     if (empty($username)) {
         $uid = -102;
     }
     if (empty($password)) {
         $uid = -103;
     }
     $msg = '';
     //第2关:用户身份验证关
     if ($uid == 0) {
         $verify = XWB_plugin::O('siteUserVerifier');
         $verifyresult = $verify->verify($username, $password, $questionid, $questionanswer);
         $uid = $verifyresult[0];
     }
     if ($uid > 0) {
         $wbApi = XWB_plugin::getWB();
         $uInfo = $wbApi->verifyCredentials();
         //第3关:验证微博帐号是否已经在当前站点中绑定,防止用户通过多个浏览器恶意注册用户
         $bInfo = XWB_plugin::getBUById($uid, $uInfo['id']);
         //远程API
         if (!empty($bInfo) && is_array($bInfo)) {
             $uid = -201;
         } else {
             $sess = XWB_plugin::getUser();
             $sess->setInfo('sina_uid', $uInfo['id']);
             $last_key = $sess->getOAuthKey(true);
             $rst = XWB_plugin::addBindUser($uid, $uInfo['id'], (string) $last_key['oauth_token'], (string) $last_key['oauth_token_secret'], $uInfo['screen_name']);
             //远程API
             require_once XWB_P_ROOT . '/lib/xwbSite.inc.php';
             xwb_setSiteUserLogin($uid);
             dsetcookie($this->_getBindCookiesName($uid), (string) $uInfo['id'], 604800);
             dsetcookie('xwb_tips_type', '', 0);
             $sess->setInfo('waiting_site_reg', '0');
             $msg = "绑定论坛帐号成功。下次你可以继续使用新浪微博帐号登录使用" . XWB_S_TITLE . "论坛。";
             $msg .= "<br>绑定帐号:  <em>" . htmlspecialchars($usernameS) . "</em>  ";
             //正向绑定(在未登录论坛帐号已登录新浪微博帐号的绑定页面)统计上报
             $sess->appendStat('bind', array('uid' => $uInfo['id'], 'type' => 1));
             //输出UCenter同步JS
             global $_G;
             loaducenter();
             $ucsynlogin = $_G['setting']['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
             $this->_outputUJ($ucsynlogin);
         }
     }
     if ($uid <= 0) {
         $msg = $this->_getBindTip($uid);
     }
     $displayWindow = 0;
     $this->_oScript('xwbSetTips', array($uid, $msg, $displayWindow));
 }
コード例 #2
0
 function authCallBack()
 {
     if (!XWB_plugin::pCfg('is_account_binding')) {
         XWB_plugin::showError('网站管理员关闭了插件功能“新浪微博绑定”。请稍后再试。');
     }
     //--------------------------------------------------------------------
     global $_G;
     $sess = XWB_plugin::getUser();
     $waiting_site_bind = $sess->getInfo('waiting_site_bind');
     if (empty($waiting_site_bind)) {
         //XWB_plugin::deny();
         $siteUrl = XWB_plugin::siteUrl(0);
         XWB_plugin::redirect($siteUrl, 3);
     }
     $sess->setOAuthKey(array(), true);
     //--------------------------------------------------------------------
     $wbApi = XWB_plugin::getWB();
     $db = XWB_plugin::getDB();
     $last_key = $wbApi->getAccessToken(XWB_plugin::V('r:oauth_verifier'));
     //print_r($last_key);
     if (!isset($last_key['oauth_token']) || !isset($last_key['oauth_token_secret'])) {
         $api_error_origin = isset($last_key['error']) ? $last_key['error'] : 'UNKNOWN ERROR. MAYBE SERVER CAN NOT CONNECT TO SINA API SERVER';
         $api_error = isset($last_key['error_CN']) && !empty($last_key['error_CN']) && 'null' != $last_key['error_CN'] ? $last_key['error_CN'] : '';
         XWB_plugin::LOG("[WEIBO CLASS]\t[ERROR]\t#{$wbApi->req_error_count}\t{$api_error}\t{$wbApi->last_req_url}\tERROR ARRAY:\r\n" . print_r($last_key, 1));
         XWB_plugin::showError("服务器获取Access Token失败;请稍候再试。<br />错误原因:{$api_error}[{$api_error_origin}]");
     }
     $sess->setOAuthKey($last_key, true);
     $wbApi->setConfig();
     $uInfo = $wbApi->verifyCredentials();
     $sess->setInfo('sina_uid', $uInfo['id']);
     $sess->setInfo('sina_name', $uInfo['screen_name']);
     //print_r($uInfo);
     //--------------------------------------------------------------------
     /// 此帐号是否已经在当前站点中绑定
     $sinaHasBinded = false;
     $stat_is_bind_type = 0;
     if (defined('XWB_S_UID') && XWB_S_UID > 0) {
         $bInfo = XWB_plugin::getBUById(XWB_S_UID, $uInfo['id']);
     } else {
         $bInfo = XWB_plugin::getBindUser($uInfo['id'], 'sina_uid');
         //远程API
     }
     if (!is_array($bInfo) && (defined('XWB_S_UID') && XWB_S_UID > 0)) {
         $bInfo = XWB_plugin::getBindUser(XWB_S_UID, 'site_uid');
         //登录状态下再查一次API,确保没有绑定
     }
     if (!empty($bInfo) && is_array($bInfo)) {
         $sinaHasBinded = true;
         dsetcookie($this->_getBindCookiesName($bInfo['uid']), (string) $bInfo['sina_uid'], 604800);
         //核查存储的access token是否有更新,有更新则进行自动更新
         if ($bInfo['sina_uid'] == $uInfo['id'] && ($bInfo['token'] != $last_key['oauth_token'] || $bInfo['tsecret'] != $last_key['oauth_token_secret'])) {
             XWB_plugin::updateBindUser($bInfo['uid'], $bInfo['sina_uid'], (string) $last_key['oauth_token'], (string) $last_key['oauth_token_secret'], $uInfo['screen_name']);
             //远程API
         }
     }
     //--------------------------------------------------------------------
     /// 决定在首页中显示什么浮层
     $tipsType = '';
     //xwb_tips_type
     //已在论坛登录
     if (defined('XWB_S_UID') && XWB_S_UID) {
         if ($sinaHasBinded) {
             //$sinaHasBinded为true时,$bInfo必定存在
             if (XWB_S_UID != $bInfo['uid'] || $bInfo['sina_uid'] != $uInfo['id']) {
                 $tipsType = 'hasBinded';
                 $sess->clearToken();
             } else {
                 $tipsType = 'autoLogin';
             }
         } else {
             //远程API
             $rst = XWB_plugin::addBindUser(XWB_S_UID, $uInfo['id'], (string) $last_key['oauth_token'], (string) $last_key['oauth_token_secret'], $uInfo['screen_name']);
             if (!$rst) {
                 echo "DB ERROR";
                 exit;
                 return false;
             }
             $tipsType = 'bind';
             dsetcookie($this->_getBindCookiesName(XWB_S_UID), (string) $uInfo['id'], 604800);
             //正向绑定统计上报
             $sess->appendStat('bind', array('uid' => $uInfo['id'], 'type' => 1));
         }
     } else {
         //从 wb 登录后 检查用户是否绑定,如果绑定了 则在附属站点自
         if ($sinaHasBinded) {
             require_once XWB_P_ROOT . '/lib/xwbSite.inc.php';
             $result = xwb_setSiteUserLogin((int) $bInfo['uid']);
             if (false == $result) {
                 dsetcookie($this->_getBindCookiesName($bInfo['uid']), -1, 604800);
                 XWB_plugin::delBindUser($bInfo['uid']);
                 //远程API
                 $tipsType = 'siteuserNotExist';
             } else {
                 $stat_is_bind_type = 1;
                 $tipsType = 'autoLogin';
             }
         } else {
             //已登录WB,没有附属站点的帐号 引导注册
             $sess->setInfo('waiting_site_reg', '1');
             $tipsType = 'reg';
         }
     }
     //--------------------------------------------------------------------
     //bind的页面需要跳转,故需要使用cookies记录
     if ($tipsType == 'bind') {
         dsetcookie('xwb_tips_type', $tipsType, 0);
     }
     //$sess->setInfo('xwb_tips_type', $tipsType);
     $sess->setInfo('waiting_site_bind', 0);
     //使用sina微博帐号登录成功(不管是否绑定)统计上报
     $sess->appendStat('login', array('uid' => $uInfo['id'], 'is_bind' => $stat_is_bind_type));
     //所有跟站点相关的对接,必须放到_showBinging
     $this->_showBinging($tipsType);
 }