function twt_logout($p)
{
$username = base_protect($p['username']);
$auth_key = base_protect($p['auth_key']);
$u = user_getBySQL("WHERE `type`='native' AND `username`='{$username}' LIMIT 1");
if (count($u) != 1) {
return $this->result('用户未找到,这也有可能是由于数据库失败引起的');
}
$u = $u[0];
if ($auth_key != $this->calc_auth_key($u)) {
return $this->result('AuthKey未匹配');
}
$this->lock->unlock($u['type'] . '@' . $u['uid'], 'account.session');
}
function auth_check($domain, $did, $auth, $level = 1)
{
if (!user_isLogin()) {
return false;
}
$auth = base_protect($auth);
$domain = base_protect($domain);
$did = (int) $did;
$level = (int) $level;
if (auth_checkSession($domain, $did, $auth, $level)) {
return true;
}
load_model('user.func');
$user = user_getById($_SESSION['twt_uid']);
if (!$user) {
return false;
}
$query = 'SELECT * FROM ' . table('authmap') . ' WHERE ' . '((`ownertype`="group" AND `ownerid`="' . $user['gid'] . '")' . ' OR ' . '(`ownertype`="user" AND `ownerid`="' . $user['uid'] . '"))' . ' AND `domain`="' . $domain . '"' . ' AND `did`="' . $did . '"' . ' AND `auth`="' . $auth . '"' . ' ORDER BY `iscancel` DESC LIMIT 1';
// echo $query;
global $db;
$result = $db->sql($query);
$row = $db->getRow($result);
if (!$row) {
return -1;
}
if ($row['iscancel'] != '0') {
return -2;
}
if ($row['level'] < $level) {
return -3;
}
if ($row['bindtype'] == 'group') {
return 2;
}
auth_setSession($row['domain'], $row['did'], $row['auth'], $row['level']);
return 1;
}
function download_insert($insertarr)
{
$insertarr = base_protect($insertarr);
return inserttable('download', $insertarr);
}
function group_insert($insertarr)
{
$insertarr = base_protect($insertarr);
return inserttable('group', $insertarr);
}
function column_insert($table, $insertarr)
{
$insertarr = base_protect($insertarr);
return inserttable($table, $insertarr);
}
function category_insert($insertarr)
{
$insertarr = base_protect($insertarr);
return inserttable('category', $insertarr);
}
function news_insert($insertarr)
{
$insertarr = base_protect($insertarr);
return inserttable('news', $insertarr);
}
function item_insert($insertarr)
{
$insertarr = base_protect($insertarr);
return inserttable('item', $insertarr);
}
function updatetable($tablename, $setsqlarr, $wheresqlarr, $autoprotect = true)
{
global $db;
$setsql = $comma = '';
foreach ($setsqlarr as $set_key => $set_value) {
//fix
$setsql .= $comma . '`' . $set_key . '`' . '=\'' . $set_value . '\'';
$comma = ', ';
}
$where = $comma = '';
if (empty($wheresqlarr)) {
$where = '1';
} elseif (is_array($wheresqlarr)) {
foreach ($wheresqlarr as $key => $value) {
if ($autoprotect) {
$value = base_protect($value);
}
$where .= $comma . '`' . $key . '`' . '=\'' . $value . '\'';
$comma = ' AND ';
}
} else {
$where = $wheresqlarr;
}
$query = 'UPDATE ' . table($tablename) . ' SET ' . $setsql . ' WHERE ' . $where;
//print_R("<br/>");
//print_R($query);
// echo 'UPDATE '.table($tablename).' SET '.$setsql.' WHERE '.$where;
$flag = $db->sql('UPDATE ' . table($tablename) . ' SET ' . $setsql . ' WHERE ' . $where);
// echo 'flag='.$flag;
return $flag;
}
function update_array($table, $setarr, $where)
{
$wherearr = base_protect($where);
$setarr = base_protect($setarr);
return updatetable($table, $setarr, $wherearr) ? true : false;
}
