public function notifyAction(Request $request)
{
$this->initUcenter();
$_DCACHE = $get = $post = array();
$code = @$_GET['code'];
parse_str(uc_authcode($code, 'DECODE', UC_KEY), $get);
if (MAGIC_QUOTES_GPC) {
$get = $this->stripslashes($get);
}
$timestamp = time();
if ($timestamp - $get['time'] > 3600) {
return new Response('Authracation has expiried');
}
if (empty($get)) {
return new Response('Invalid Request');
}
// $action = $get['action'];
$this->requireClientFile('lib/xml.class.php');
$xml = file_get_contents('php://input');
$post = xml_unserialize($xml);
if (!in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcreditsettings', 'updatecreditsettings'))) {
return new Response(API_RETURN_FAILED);
}
$method = 'do' . ucfirst($get['action']);
$result = $this->{$method}($request, $get, $post);
return new Response($result);
}
private function parseRequest()
{
$_DCACHE = $get = $post = array();
$code = @$_GET['code'];
parse_str($this->_authcode($code, 'DECODE', UC_KEY), $get);
if (MAGIC_QUOTES_GPC) {
$get = $this->_stripslashes($get);
}
$timestamp = time();
if ($timestamp - $get['time'] > 3600) {
exit('Authracation has expiried');
}
// error_log("get".print_r($get,true));
if (empty($get)) {
exit('Invalid Request');
}
$action = $get['action'];
require_once DISCUZ_ROOT . './uc_client/lib/xml.class.php';
$post = xml_unserialize(file_get_contents('php://input'));
Yii::log($get, 'debug');
Yii::log($post, 'debug');
$_GET = $get;
$_POST = $post;
$this->route = $this->ucController . '/' . $action;
error_log("route" . $this->route);
if (!in_array($action, array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcreditsettings', 'updatecreditsettings'))) {
exit(API_RETURN_FAILED);
}
}
public static function unserialize($arr, $htmlon = 0)
{
if (!function_exists('xml_serialize')) {
include API_ROOT . 'uc_client/lib/xml.class.php';
}
return xml_unserialize($arr, $htmlon);
}
function index()
{
/* 只提供普通的http通知方式 */
error_reporting(0);
set_magic_quotes_runtime(0);
$_DCACHE = $get = $post = array();
$code = @$_GET['code'];
parse_str(_authcode($code, 'DECODE', UC_KEY), $get);
$get = _stripslashes($get);
$timestamp = time();
if ($timestamp - $get['time'] > 3600) {
exit('Authracation has expiried');
}
if (empty($get)) {
exit('Invalid Request');
}
$action = $get['action'];
include ROOT_PATH . '/uc_client/lib/xml.class.php';
$post = xml_unserialize(file_get_contents('php://input'));
if (in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcreditsettings', 'updatecreditsettings'))) {
exit($this->{$get}['action']($get, $post));
} else {
exit(API_RETURN_FAILED);
}
}
public function index()
{
//note 普通的 http 通知方式
if (!defined('IN_UC')) {
error_reporting(0);
set_magic_quotes_runtime(0);
defined('MAGIC_QUOTES_GPC') || define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());
service("Passport");
$_DCACHE = $get = $post = array();
$code = @$_GET['code'];
parse_str(_authcode($code, 'DECODE', UC_KEY), $get);
if (MAGIC_QUOTES_GPC) {
$get = _stripslashes($get);
}
$timestamp = time();
if ($timestamp - $get['time'] > 3600) {
exit('Authracation has expiried');
}
if (empty($get)) {
exit('Invalid Request');
}
$action = $get['action'];
require_once DISCUZ_ROOT . './uc_client/lib/xml.class.php';
$post = xml_unserialize(file_get_contents('php://input'));
if (in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcreditsettings', 'updatecreditsettings'))) {
exit($this->{$get}['action']($get, $post));
} else {
exit(API_RETURN_FAILED);
}
}
}
function __construct()
{
parent::__construct();
define('UC_CLIENT_VERSION', '1.6.0');
define('UC_CLIENT_RELEASE', '20110501');
define('API_DELETEUSER', 1);
define('API_RENAMEUSER', 1);
define('API_GETTAG', 1);
define('API_SYNLOGIN', 1);
define('API_SYNLOGOUT', 1);
define('API_UPDATEPW', 1);
define('API_UPDATEBADWORDS', 1);
define('API_UPDATEHOSTS', 1);
define('API_UPDATEAPPS', 1);
define('API_UPDATECLIENT', 1);
define('API_UPDATECREDIT', 1);
define('API_GETCREDIT', 1);
define('API_GETCREDITSETTINGS', 1);
define('API_UPDATECREDITSETTINGS', 1);
define('API_ADDFEED', 1);
define('API_RETURN_SUCCEED', '1');
define('API_RETURN_FAILED', '-1');
define('API_RETURN_FORBIDDEN', '1');
define('IN_API', true);
define('CURSCRIPT', 'api');
if (!defined('IN_UC')) {
// require_once '../source/class/class_core.php';
Vendor("source.class.class_core");
$discuz = C::app();
$discuz->init();
require DISCUZ_ROOT . './config/config_ucenter.php';
$get = $post = array();
$code = @$_GET['code'];
parse_str(authcode($code, 'DECODE', UC_KEY), $get);
if (time() - $get['time'] > 3600) {
exit('Authracation has expiried');
}
if (empty($get)) {
exit('Invalid Request');
}
include_once DISCUZ_ROOT . './uc_client/lib/xml.class.php';
$post = xml_unserialize(file_get_contents('php://input'));
if (in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcredit', 'getcreditsettings', 'updatecreditsettings', 'addfeed'))) {
$uc_note = new uc_note();
echo $uc_note->{$get}['action']($get, $post);
exit;
} else {
exit(API_RETURN_FAILED);
}
} else {
exit;
}
}
public function api(UcenterNoteApi $note)
{
$code = Request::get('code');
parse_str(Helper::authcode($code, 'DECODE', Config::get('ucenter.key')), $get);
Request::server('REQUEST_TIME') - $get['time'] > 3600 && exit('Authracation has expiried');
empty($get) && exit('Invalid Request');
$action = $get['action'];
$_input = file_get_contents('php://input');
$post = $_input ? xml_unserialize($_input) : [];
$allowActions = ['test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcreditsettings', 'updatecreditsettings', 'getcredit'];
if (in_array($action, $allowActions)) {
$return = call_user_func([$note, $action], $get, $post);
return response($return);
} else {
return response(self::API_RETURN_FAILED);
}
}
/**
* 解析请求
* @return boolean
*/
public function initRequest()
{
$code = @$_GET['code'];
parse_str(_uc_authcode($code, 'DECODE', UC_KEY), $get);
if (get_magic_quotes_gpc()) {
$get = _uc_stripslashes($get);
}
if (empty($get)) {
$this->error = '非法请求';
return false;
}
$timestamp = time();
if ($timestamp - $get['time'] > 3600) {
$this->error = '请求有效期已过';
return false;
}
$this->code = $code;
$this->action = parse_name($get['action'], '1');
$this->post = xml_unserialize(file_get_contents('php://input'));
}
function updatedata($appid, $data) {
$appid = intval($appid);
include_once UC_ROOT.'lib/xml.class.php';
$data = xml_unserialize($data);
$this->base->load('app');
$data[0] = addslashes($data[0]);
$datanew = array();
if(is_array($data[1])) {
foreach($data[1] as $r) {
$datanew[] = $_ENV['misc']->array2string($r);
}
}
$tmp = $_ENV['app']->get_apps('type', "appid='$appid'");
$datanew = addslashes($tmp[0]['type']."\t".implode("\t", $datanew));
if(!empty($data[0])) {
$return = $this->db->result_first("SELECT count(*) FROM ".UC_DBTABLEPRE."tags WHERE tagname='$data[0]' AND appid='$appid'");
if($return) {
$this->db->query("UPDATE ".UC_DBTABLEPRE."tags SET data='$datanew', expiration='".$this->base->time."' WHERE tagname='$data[0]' AND appid='$appid'");
} else {
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."tags (tagname, appid, data, expiration) VALUES ('$data[0]', '$appid', '$datanew', '".$this->base->time."')");
}
}
}
function unserialize($s)
{
if (file_exists(UC_ROOT . RELEASE_ROOT . './lib/xml.class.php')) {
include_once UC_ROOT . RELEASE_ROOT . './lib/xml.class.php';
} else {
include_once UC_ROOT . './lib/xml.class.php';
}
return xml_unserialize($s);
}
function sync_unserialize($s, $release_root)
{
if (!function_exists('xml_unserialize')) {
if ($release_root && file_exists(UC_ROOT . $release_root . './lib/xml.class.php')) {
include UC_ROOT . $release_root . './lib/xml.class.php';
} else {
include UC_ROOT . './lib/xml.class.php';
}
}
return xml_unserialize($s);
}
function get_plugin_by_name($pluginname)
{
$dir = UC_ROOT . './plugin';
$s = file_get_contents($dir . '/' . $pluginname . '/plugin.xml');
return xml_unserialize($s, TRUE);
}
<?php
require_once "alipayadd.config.php";
require_once "lib/alipay_notify.class.php";
$alipayNotify = new AlipayNotify($aliapy_config);
$verify_result = $alipayNotify->verifyNotify();
if ($verify_result) {
//验证成功
$receive_address = get_magic_quotes_gpc() ? stripslashes($_POST['receive_address']) : $_POST['receive_address'];
$ali_address = array();
$receive_address = xml_unserialize($receive_address);
if ($receive_address) {
$ali_address['prov'] = $receive_address['receiveAddress']['prov'];
$ali_address['city'] = $receive_address['receiveAddress']['city'];
$ali_address['area'] = $receive_address['receiveAddress']['area'];
$ali_address['address'] = $receive_address['receiveAddress']['address'];
$ali_address['fullname'] = $receive_address['receiveAddress']['fullname'];
$ali_address['mobile_phone'] = $receive_address['receiveAddress']['mobile_phone'];
$ali_address['post'] = $receive_address['receiveAddress']['post'];
}
if ($ali_address) {
Session::Set('ali_add', $ali_address);
redirect(get_loginpage(WEB_ROOT . '/index.php'));
} else {
Session::Set('error', '获取物流地址失败');
redirect(get_loginpage(WEB_ROOT . '/index.php'));
}
} else {
//验证失败
//如要调试,请看alipay_notify.php页面的verifyNotify函数,比对sign和mysign的值是否相等,或者检查$veryfy_result有没有返回true
echo "验证失败";
$_DCACHE = $get = $post = array();
$code = isset($GLOBALS['code']) ? $GLOBALS['code'] : '';
$get = $GLOBALS;
parse_str(_authcode($code, 'DECODE', UC_KEY), $get);
if (MAGIC_QUOTES_GPC) {
$get = _stripslashes($get);
}
if (SYS_TIME - $get['time'] > 3600) {
exit('Authracation has expiried');
}
if (empty($get)) {
exit('Invalid Request');
}
require_once WWW_ROOT . './api/uc_client/lib/xml.class.php';
$post = file_get_contents('php://input');
$post = xml_unserialize($post);
if (in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcreditsettings', 'updatecreditsettings'))) {
$uc_note = new uc_note();
header('Content-type: text/html; charset=' . CHARSET);
echo $uc_note->{$get}['action']($get, $post);
exit;
} else {
exit(API_RETURN_FAILED);
}
class uc_note
{
private $member, $uc_db, $applist;
function __construct()
{
//$this->uc_db = load_class('db', 'core', 'uc_mysql_config');
define('M', 'member');
function fetch_plugins()
{
$plugindir = UC_ROOT . './plugin';
$d = opendir($plugindir);
while ($f = readdir($d)) {
if ($f != '.' && $f != '..' && is_dir($plugindir . '/' . $f)) {
$pluginxml = $plugindir . $f . '/plugin.xml';
$plugins[] = xml_unserialize($pluginxml);
}
}
}
/**
* 得到受保护的用户名列表
* 本接口函数用于获得被保护的用户列表。
*
* @return array
*/
public function userGetProtected()
{
$response = $this->apiPost('user', 'deleteprotected', ['1' => 1]);
return xml_unserialize($response);
}
/**
Opens a socket to the platform server and writes data over socket
*/
function post_xhg($data, $post_server = "127.0.0.1", $post_path = "/folder/file.php", $post_port = "80", $post_timeout = "10", $post_content_type = "text/xml")
{
//open socket
$f = fsockopen($post_server, $post_port, $post_timeout);
if ($f) {
//Set the read timeout on the socket
stream_set_timeout($f, 5, 0);
$fd = "POST {$post_path} HTTP/1.0\n";
$fd .= "Content-Type: {$post_content_type}; charset=utf-8\n";
$fd .= "Content-length: " . strlen($data) . "\n\n";
$fd .= "{$data}\n\n";
fputs($f, $fd);
$info = stream_get_meta_data($f);
$str = "";
while (!feof($f) && !$info['timed_out']) {
$info = stream_get_meta_data($f);
$str .= fread($f, 1024);
}
//Discard HTML headers and only read XML
$response = substr($str, strpos($str, "\r\n\r\n"), strlen($str));
if ($response) {
//Create an array of the XML
$content_array = xml_unserialize($response);
//Extract data from array into variables
$status_code = $content_array['Response attr']['status_code'];
$seq_no = $content_array['Response']['Data']['field']['1 attr']['value'];
//Ensure that 200 OK exists
if (!strstr($str, '200 OK')) {
$err_msg = 'Invalid HTTP return code Higate XHG';
return false;
}
if ($info['timed_out'] != 1) {
if ($status_code != '0') {
$err_msg = get_text_between($str, "<field name='reason' value='", "'");
return false;
}
if (strstr($str, 'ERROR')) {
$err_msg = 'Error message from Higate. [enable debugging for more details]';
return false;
}
} else {
$err_msg = 'Error. Read timeout from ' . $post_server;
return false;
}
fclose($f);
}
}
return true;
}
function action_updateclient()
{
!API_UPDATECLIENT && exit(API_RETURN_FORBIDDEN);
$post = xml_unserialize(file_get_contents('php://input'));
$cachefile = CORE_DIR . '/lib/uc_client/data/cache/settings.php';
$fp = fopen($cachefile, 'w');
$s = "<?php\r\n";
$s .= '$_CACHE[\'settings\'] = ' . var_export($post, TRUE) . ";\r\n";
fwrite($fp, $s);
fclose($fp);
//更新客户端缓存
exit(API_RETURN_SUCCEED);
}
function Upgrade()
{
$id = jget('id', 'int');
$plugin_info = jlogic('plugin')->getpluginbyid($id);
if ($plugin_info['available'] == 1) {
$this->Messager("升级失败(此插件启动中,如升级请先关闭本插件)", 'admin.php?mod=plugin');
}
$plugindir = $plugin_info['identifier'];
$nowver = !empty($plugin_info['version']) ? $plugin_info['version'] : 0;
$filedir = PLUGIN_DIR . '/' . $plugindir;
$xml_url = $filedir . '/jishigou_plugin_' . $plugindir . '.xml';
$fp = fopen($xml_url, 'r');
$xmldata = fread($fp, filesize($xml_url));
$plugindata_all = xml_unserialize($xmldata);
$upgradefile = $plugindata_all['upgradefile'];
$newver = $plugindata_all['Data']['plugin']['version'];
$upgrade = $newver > $nowver ? true : false;
$data = array();
$data['version'] = $newver;
if ($upgrade) {
if ($upgradefile) {
if (file_exists($filedir . '/' . $upgradefile)) {
include $filedir . '/' . $upgradefile;
$sqls = str_replace("\r", "\n", str_replace("{jishigou}", TABLE_PREFIX, $sql));
foreach (explode(";\n", trim($sqls)) as $sql) {
$query = trim($sql);
if (!empty($query)) {
$this->DatabaseHandler->Query($query);
}
}
} else {
$this->Messager("升级失败(升级文件" . $upgradefile . "丢失,无法升级)", 'admin.php?mod=plugin');
}
}
jtable('plugin')->update($data, array('pluginid' => $id));
$this->Messager("插件已经从" . $nowver . "成功升级到" . $newver, 'admin.php?mod=plugin');
} else {
$this->Messager("此插件无需升级,请上传新版本后再执行本操作", 'admin.php?mod=plugin');
}
}
function sendone($appid, $noteid = 0, $note = '')
{
require_once UC_ROOT . './lib/xml.class.php';
$return = FALSE;
$app = $this->apps[$appid];
if ($noteid) {
$note = $this->_get_note_by_id($noteid);
}
$this->base->load('misc');
$apifilename = isset($app['apifilename']) && $app['apifilename'] ? $app['apifilename'] : 'uc.php';
if ($app['extra']['apppath'] && @(include $app['extra']['apppath'] . './api/' . $apifilename)) {
$uc_note = new uc_note();
$method = $note['operation'];
if (is_string($method) && !empty($method)) {
parse_str($note['getdata'], $note['getdata']);
if (get_magic_quotes_gpc()) {
$note['getdata'] = $this->base->dstripslashes($note['getdata']);
}
$note['postdata'] = xml_unserialize($note['postdata']);
$response = $uc_note->{$method}($note['getdata'], $note['postdata']);
}
unset($uc_note);
} else {
$url = $this->get_url_code($note['operation'], $note['getdata'], $appid);
$note['postdata'] = str_replace(array("\n", "\r"), '', $note['postdata']);
$response = trim($_ENV['misc']->dfopen2($url, 0, $note['postdata'], '', 1, $app['ip'], UC_NOTE_TIMEOUT, TRUE));
}
$returnsucceed = $response != '' && ($response == 1 || is_array(xml_unserialize($response)));
$closedsqladd = $this->_close_note($note, $this->apps, $returnsucceed, $appid) ? ",closed='1'" : '';
//
if ($returnsucceed) {
if ($this->operations[$note['operation']][2]) {
$this->base->load($this->operations[$note['operation']][2]);
$func = $this->operations[$note['operation']][3];
$_ENV[$this->operations[$note['operation']][2]]->{$func}($appid, $response);
}
$this->db->query("UPDATE " . UC_DBTABLEPRE . "notelist SET app{$appid}='1', totalnum=totalnum+1, succeednum=succeednum+1, dateline='{$this->base->time}' {$closedsqladd} WHERE noteid='{$note['noteid']}'", 'SILENT');
$return = TRUE;
} else {
$this->db->query("UPDATE " . UC_DBTABLEPRE . "notelist SET app{$appid} = app{$appid}-'1', totalnum=totalnum+1, dateline='{$this->base->time}' {$closedsqladd} WHERE noteid='{$note['noteid']}'", 'SILENT');
$return = FALSE;
}
return $return;
}
private function hg_unserialize($s)
{
include_once 'xml.class.php';
return xml_unserialize($s);
}
public static function unserialize($xml, $htmlOn = 0)
{
if (!function_exists('xml_serialize')) {
require APPPATH . '../uc_client/lib/xml.class.php';
}
return xml_unserialize($xml, $htmlOn);
}
$code = @$_GET['code'];
parse_str(_authcode($code, 'DECODE', UC_KEY), $get);
if (MAGIC_QUOTES_GPC) {
$get = _stripslashes($get);
}
//时间戳验证
$timestamp = time();
// if($timestamp - $get['time'] > 3600) {
// exit('Authracation has expiried');
// }
if (empty($get)) {
exit('Invalid Request');
}
$action = $get['action'];
require_once DISCUZ_ROOT . './uc_client/lib/xml.class.php';
$post = xml_unserialize(file_get_contents('php://input'));
// 调试用-写log
// $log_message = "============================ \n "
// .date('Y-m-d H:i:s')." \n ".$_SERVER['REQUEST_URI']
// ." \n ".var_export($get,true)." \n ".var_export($post,true)." \n ";
// $log_file = DISCUZ_ROOT."/uc_log.txt";
// $result = error_log($log_message,3,$log_file);
if (UC_SYNC == 0) {
exit(API_RETURN_FAILED);
}
if (in_array($get['action'], array('test', 'face', 'deleteuser', 'renameuser', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcreditsettings', 'updatecreditsettings'))) {
require_once DISCUZ_ROOT . './uc_client/lib/db.class.php';
//UC的数据库连接
$GLOBALS['db'] = new ucclient_db();
$GLOBALS['db']->connect(UC_DBHOST, UC_DBUSER, UC_DBPW, UC_DBNAME, UC_DBCONNECT, true, UC_DBCHARSET);
$GLOBALS['tablepre'] = UC_DBTABLEPRE;
function xml2array($xml) {
$arr = xml_unserialize($xml, 1);
preg_match('/<error errorCode="(\d+)" errorMessage="([^\/]+)" \/>/', $xml, $match);
$arr['error'] = array('errorcode' => $match[1], 'errormessage' => $match[2]);
return $arr;
}
function uc_unserialize($s)
{
include_once '../uc_client/lib/xml.class.php';
return xml_unserialize($s);
}
function uc_unserialize($s)
{
include_once UC_ROOT . './lib/xml.class.php';
return xml_unserialize($s);
}
define('UC_CHARSET', $uc['charset']);
define('UC_KEY', $uc['key']);
define('UC_API', $uc['api']);
define('UC_APPID', $uc['appid']);
define('UC_IP', $uc['ip']);
$get = $post = array();
parse_str(authcode($query['code'], 'DECODE', UC_KEY), $get);
if (TIMESTAMP - $get['time'] > 3600) {
exit('Authracation has expiried');
}
if (empty($get)) {
exit('Invalid Request');
}
include_once IA_ROOT . '/framework/library/uc/lib/xml.class.php';
$input = file_get_contents('php://input');
$post = xml_unserialize($input);
if (in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcredit', 'getcreditsettings', 'updatecreditsettings', 'addfeed'))) {
$note = new uc_note();
echo $note->{$get}['action']($get, $post);
exit;
} else {
exit(API_RETURN_FAILED);
}
}
}
}
class uc_note
{
function _serialize($arr, $htmlon = 0)
{
return xml_serialize($arr, $htmlon);