/**
* 验证用户信息并种cookie
* @param $access_token
*/
private function _user_login($access_token)
{
if (empty($access_token)) {
$this->_apf->get_response()->redirect('/');
exit;
}
$data = array("oauth_token" => $access_token, "getinfo" => true);
$oauth = $this->_apf->get_config('oauth2');
$curlObj = new APF_Http_Client_Curl('post');
$curlObj->set_url($oauth['oauth_login_url']);
$curlObj->set_attribute(CURLOPT_POST, TRUE);
$curlObj->set_attribute(CURLOPT_POSTFIELDS, $data);
//不需要验证CURL证书
$curlObj->set_attribute(CURLOPT_SSL_VERIFYPEER, false);
$curlObj->set_attribute(CURLOPT_SSL_VERIFYHOST, false);
if ($curlObj->execute()) {
$user_info = $curlObj->get_response_text();
if (empty($user_info)) {
$this->_check_error();
exit;
}
$cookie_cfg = $this->_apf->get_config('cookie');
$cookie_value = Util_AuthorCrypt::encrypt($user_info, $cookie_cfg['key']);
$this->_apf->get_response()->set_cookie($cookie_cfg['name'], $cookie_value, time() + $cookie_cfg['expires'], $cookie_cfg['path'], $cookie_cfg['domain']);
$this->_apf->get_response()->redirect('/');
exit;
} else {
$this->_check_error();
exit;
}
}
public static function is_auth($cookie)
{
$request = APF::get_instance()->get_request();
if ($cookie) {
$is_flash = @$request->get_parameter("is_flash");
if ($is_flash) {
$browser = $request->get_parameter("user_agent");
} else {
$browser = $_SERVER['HTTP_USER_AGENT'];
}
$iBugsecques = APF::get_instance()->get_config('iBugSecques');
$cookieStr = Util_AuthorCrypt::decrypt($cookie, md5($browser . $iBugsecques));
if (empty($cookieStr)) {
return false;
}
$cookieArr = explode("\t", $cookieStr);
@(list($user_id, $username, $cookietime) = $cookieArr);
if (empty($user_id) || empty($username)) {
return false;
}
$request->set_user_id($user_id);
$request->set_username($username);
return true;
} else {
return false;
}
}
public function __construct()
{
$this->request = APF::get_instance()->get_request();
$this->response = APF::get_instance()->get_response();
$cookie_cfg = APF::get_instance()->get_config('cookie');
$cookie_value = Bll_Cookie::get($cookie_cfg['name']);
$user_info_str = Util_AuthorCrypt::decrypt($cookie_value, $cookie_cfg['key']);
$user_info_arr = json_decode($user_info_str, true);
$this->userInfo = $user_info_arr[0];
Db_Pdo::get_instance();
}
public function handle_request()
{
$params = APF::get_instance()->get_request()->get_parameters();
$cookiename = @$params['cn'];
$x_size = $params['x'];
$y_size = $params['y'];
$num_size = $params['s'];
//添加字符数量
$font_num = isset($params['n']) ? $params['n'] : 4;
$x1 = $params['x1'];
$y1 = $params['y1'];
$x2 = $params['x2'];
$y2 = $params['y2'];
$seccode = $this->random($font_num, 1);
$md5seccode = Util_AuthorCrypt::encrypt($seccode, md5($_SERVER['HTTP_USER_AGENT']));
// if('askquestionreg'==$cookiename){
// $objMem=APF_Cache_Factory::get_instance()->get_memcache();
// $strGUID=APF::get_instance()->get_request()->get_cookie('aQQ_ajkguid');
// $objMem->set('askquestionreg_'.$strGUID,$md5seccode,0,90);
// }
APF::get_instance()->get_response()->set_cookie($cookiename, $md5seccode, 30 * 60);
header("Content-type: image/png");
$im = imagecreatetruecolor($x_size, $y_size);
$white = imagecolorallocate($im, 255, 255, 255);
$grey = imagecolorallocate($im, 128, 128, 128);
$black = imagecolorallocate($im, 0, 0, 0);
imagefilledrectangle($im, 0, 0, $x_size, $y_size, $white);
$font = APF::get_instance()->get_config("FontsUrl");
//var_dump($font);exit;
imagettftext($im, $num_size, 2, $x1, $y1, $grey, $font, $seccode);
imagettftext($im, $num_size, 2, $x2, $y2, $black, $font, $seccode);
for ($i = 0; $i < 600; $i++) {
$randcolor = ImageColorallocate($im, rand(0, 255), rand(0, 255), rand(0, 255));
imagesetpixel($im, rand() % $x_size, rand() % $y_size, $randcolor);
}
imagepng($im);
imagedestroy($im);
return false;
}
private function auth()
{
$apf = APF::get_instance();
$request = $apf->get_request();
$oauth = $apf->get_config('oauth2');
$cookie_cfg = $apf->get_config('cookie');
$cookie_info = $request->get_cookie($cookie_cfg['name']);
if (empty($cookie_info)) {
//未登录
$this->_remember_current_url();
$oauth_code = array('client_id' => $oauth['client_id'], 'response_type' => 'code', 'curl' => true);
$url = $oauth['oauth_code_url'];
$curlObj = new APF_Http_Client_Curl();
$curlObj->set_url($url . '?' . http_build_query($oauth_code));
//不需要验证CURL证书
$curlObj->set_attribute(CURLOPT_SSL_VERIFYPEER, false);
$curlObj->set_attribute(CURLOPT_SSL_VERIFYHOST, false);
/*var_dump($url);echo "<br>";
var_dump("ouauthcode".$oauth_code);
var_dump($curlObj);
var_dump($curlObj->execute());*/
if ($curlObj->execute()) {
$checkRes = json_decode($curlObj->get_response_text(), true);
if (empty($checkRes['code'])) {
//验证失败
$this->_check_error();
exit;
}
$token_data = array('client_id' => $oauth['client_id'], 'client_secret' => $oauth['client_secret'], 'grant_type' => 'authorization_code', 'code' => $checkRes['code']);
$token_url = $oauth['oauth_token_url'] . '?' . http_build_query($token_data);
$apf->get_instance()->get_response()->redirect($token_url);
exit;
} else {
$this->_check_error();
exit;
}
} else {
$user_info_str = Util_AuthorCrypt::decrypt($cookie_info, $cookie_cfg['key']);
$user_info_arr = json_decode($user_info_str, true);
if (!empty($user_info_arr['user_id']) && is_numeric($user_info_arr['user_id'])) {
//已登录
$request->setUserId($user_info_arr['user_id']);
$request->setUserName($user_info_arr['name']);
$request->setUserEmail($user_info_arr['email']);
$request->setCityName($user_info_arr['city_name']);
$request->setUserCode($user_info_arr['code']);
$request->setUserJob($user_info_arr['job_name']);
$request->setUserInfo($user_info_arr);
//上一个返回地址
$return_url = $this->_get_referer_url();
if ($return_url) {
$apf->get_response()->redirect('http://' . $return_url);
}
} else {
//无效cookie
$this->_remember_current_url();
$apf->get_response()->redirect('/logout');
exit;
}
}
}
public function handle_request_internal()
{
$request = APF::get_instance()->get_request();
$params = $request->get_parameters();
$channel = intval($params['channel']);
if ($channel < 0 && $channel > 3) {
$channel = 0;
}
$sid = $this->getSid($channel);
if ($this->isBrokerLogin()) {
$request->set_attribute("url", $params['url']);
$request->set_attribute("sid", $sid);
$request->set_attribute("loginok", "ok");
return "Broker_Loginok";
}
if ($params["cityid"] && intval($params["cityid"]) > 10) {
$defaultCityId = $params["cityid"];
} else {
$defaultCityId = 11;
}
if ($params["selectcityid"]) {
$defaultCityId = $params["selectcityid"];
}
//得到可以选择主营业务的城市id列表
$mainBusinessAvailableCity = APF::get_instance()->get_config("main_business_available", "multicity");
if (isset($params['action'])) {
$strAction = $params['action'];
}
if ($strAction == "register") {
$preg = "/^(1|2)\\d{10}/";
if (!preg_match($preg, $params['mobile'])) {
$this->regError['mobile'] = Const_Register::REGISTER_MOBILE_FORMAT;
}
$mobile = Bll_Security_Member::dhtmlspecialchars(trim($params['mobile']));
$checkMobileRes = Bll_Broker_Register::CheckMobile(array('mobile' => $mobile));
if ($checkMobileRes) {
$this->regError['mobile'] = Const_Register::REGISTER_MOBILE_CHECK;
} else {
$checkUserMobile = Bll_Broker_Register::checkUserMobile(array('mobile' => $mobile));
if ($checkUserMobile) {
$this->regError['mobile'] = Const_Register::REGISTER_USER_MOBILE_CHECK;
}
}
if (preg_match("/['\"&<>\\s]/i", $params['password'])) {
$this->regError['password'] = Const_Register::PROFILE_PASSWORD_ILLEGAL;
}
if (preg_match("/['\"&<>\\s]/i", $params['truename']) || $params['truename'] == "") {
$this->regError['truename'] = Const_Register::PROFILE_PASSWORD_ILLEGAL;
}
$checkPwd = Bll_Security_Member::dhtmlspecialchars(trim($params['checkpwd']));
$password = Bll_Security_Member::dhtmlspecialchars(trim($params['password']));
$passwordLength = strlen($password);
if ($passwordLength < 6 || $passwordLength > 16) {
$this->regError['password'] = Const_Register::PROFILE_PASSWORD_LENGTH;
}
if ($checkPwd != $password) {
$this->regError['passwd_notmatch'] = Const_Register::PROFILE_PASSWORD_NOT_MATCH;
}
$selectcityid = intval($params['selectcityid']);
$companyId = intval($params['companyid']);
$selectareaid = intval($params['selectareaid']);
$selectblockid = intval($params['selectblockid']);
if ($selectcityid < 11) {
$this->regError['city'] = Const_Register::REGISTER_CITY_CHECK;
}
$openRegisterCity = APF::get_instance()->get_config("open_register_city", "multicity");
if (!empty($openRegisterCity) && empty($openRegisterCity[$selectcityid])) {
$this->regError['city'] = Const_Register::REGISTER_CITY_CHECK_OPEN;
}
if ($companyId == 0) {
$this->regError['company'] = Const_Register::REGISTER_COMPANY_CHECK;
}
if ($companyId < 1) {
$companyId = 0;
}
if ($selectareaid <= 0 || $selectblockid <= 0) {
$this->regError['city'] = Const_Register::REGISTER_BLOCK_CHECK;
}
if ($params['storeid'] == "") {
$this->regError['store'] = Const_Register::REGISTER_STORE_CHECK;
}
if (empty($params['storeid'])) {
$storeid = 0;
} else {
$storeid = $params['storeid'];
}
//验证主营业务数据是否合法
$params['mainbusiness'] = (int) $params['mainbusiness'];
if (!isset($params['mainbusiness'])) {
$this->regError['main_business'] = Const_Register::MAIN_BUSSINESS_EMPTY;
} elseif ($params['mainbusiness'] < 1 || $params['mainbusiness'] > 2) {
$this->regError['main_business'] = Const_Register::MAIN_BUSSINESS_INVALID;
} elseif ($params['mainbusiness'] == 2) {
//检查该城市是否有权限选择主营业务
$businessAccess = in_array($selectcityid, $mainBusinessAvailableCity);
if ($businessAccess === false) {
$request->set_attribute("url", $params['url']);
$request->set_attribute("sid", $sid);
$request->set_attribute("error", Const_Register::MAIN_BUSSINESS_ACCESS);
$request->set_attribute("loginok", "ok");
return "Broker_Loginok";
}
}
$truename = Bll_Security_Member::dhtmlspecialchars(trim($params['truename']));
//验证cookie
$regCookie = $request->get_cookie('anjukereg');
$verifyCode = Util_AuthorCrypt::decrypt($regCookie, md5($_SERVER['HTTP_USER_AGENT']));
if ($verifyCode != $params['code']) {
$this->regError['seccodeverify'] = Const_Register::SUBMIT_SEC_CODE_INVALID;
}
if (count($this->regError) > 0) {
$request->set_attribute("regerror", $this->regError);
} else {
$selectblockid = $selectblockid == 0 ? $selectareaid : $selectblockid;
$getAreaInfo = Model_City_TypeCode::getAreaInfoByTypeId($selectblockid, $selectcityid);
$areaCode = $getAreaInfo['typeCode'];
if (!$areaCode) {
$request->set_attribute("url", $params['url']);
$request->set_attribute("sid", $sid);
$request->set_attribute("error", "发现不恰当行为,区域板块不存在。");
$request->set_attribute("loginok", "ok");
return "Broker_Loginok";
}
$clientIp = $request->get_client_ip();
$brd = intval(trim($params['brd']));
$ext = "";
if ($brd) {
$ext = json_encode(array("brokerId" => $brd));
}
$ppcConfig = APF::get_instance()->get_config("ppc_city_config", "ppc");
$postData = array("j_password" => $password, "trueName" => $truename, "cityId" => $selectcityid, "areaCode" => $areaCode, "companyId" => $companyId, "storeId" => $storeid, "userMobile" => $mobile, "channel" => $channel, "regip" => $clientIp, "ext" => $ext, 'clientPort' => intval($_SERVER['REMOTE_PORT']), "isPPC" => $ppcConfig[$selectcityid] ? "true" : "false", "mainBussiness" => $params['mainbusiness']);
$registerRes = Bll_Broker_Register::register($postData);
if ($registerRes && $registerRes['status'] == "ok") {
//记录经纪人的主营业务类型
$mainBusinessDate = array('broker_id' => $registerRes['broker']['brokerId'], 'member_id' => $registerRes['broker']['userId'], 'type' => $params['mainbusiness']);
$addMainBusiness = $this->store_main_business($mainBusinessDate);
//存储经纪人主营业务失败
if ($addMainBusiness['status'] === false) {
$request->set_attribute("url", $params['url']);
$request->set_attribute("sid", $sid);
$request->set_attribute("error", $addMainBusiness['mesg']);
$request->set_attribute("loginok", "ok");
return "Broker_Loginok";
}
$UserId = $registerRes['broker']['userId'];
$this->success($UserId);
} else {
$request->set_attribute("url", $params['url']);
$request->set_attribute("sid", $sid);
$request->set_attribute("error", "服务器忙,请稍后再试。");
$request->set_attribute("loginok", "ok");
return "Broker_Loginok";
}
}
}
$cfsByPinYin = $this->getAllCityInfo();
foreach ($cfsByPinYin as $key => $val) {
foreach ($val as $k => $v) {
if ($defaultCityId == $v['cityId']) {
$defaultCityName = $v['cityName'];
}
}
}
$request->set_attribute("defaultcityid", $defaultCityId);
$request->set_attribute("channel", $channel);
$request->set_attribute("defaultcityname", $defaultCityName);
$hotCity = APF::get_instance()->get_config("hot_city", "multicity");
$request->set_attribute("hotcity", $hotCity);
$request->set_attribute("cfsbypinyin", $cfsByPinYin);
//设置可以选择主营业务的城市id列表
$request->set_attribute("mainbusinessavailablecity", json_encode($mainBusinessAvailableCity));
//设置my domain
$ajk_base_domain = APF::get_instance()->get_config('anjuke_base_domain');
$ajk_domain = 'http://my.' . $ajk_base_domain;
$request->set_attribute("ajkdomain", $ajk_domain);
if (!empty($params["selectcityid"]) && !empty($params["selectareaid"])) {
$daoinfo = Model_City_TypeCode::getAreaInfoByCityId(intval($params['selectcityid']));
foreach ($daoinfo as $info) {
if ($info["typeId"] == $params["selectareaid"]) {
$params["areaname"] = $info["typeName"];
break;
}
}
if (!empty($params["selectblockid"])) {
$daoinfo = Model_City_TypeCode::getArrayAreaInfoByParentId(intval($params['selectareaid']));
foreach ($daoinfo as $info) {
if ($info["typeId"] == $params["selectblockid"]) {
$params["blockname"] = $info["typeName"];
break;
}
}
}
}
$request->set_attribute("params", $params);
return "Broker_Register";
}
private function get_cookie_val($uid, $username, $iBugsecques, $cookie_time)
{
$browser = $_SERVER['HTTP_USER_AGENT'];
$tmp = Util_AuthorCrypt::encrypt("{$uid}\t{$username}\t{$cookie_time}", md5($browser . $iBugsecques));
return $tmp;
}
