/** * ユーザのオートログイン * * @param string $session_id * * @return array */ function service_user_autologin($session_id) { // セッションを取得 $users = select_sessions(array('select' => 'user_id, keep', 'where' => array('id = :id AND expire > :expire', array('id' => $session_id, 'expire' => localdate('Y-m-d H:i:s'))))); $session = false; $user_id = null; if (!empty($users)) { // セッションを更新 $new_session_id = rand_string(); $resource = update_sessions(array('set' => array('id' => $new_session_id, 'agent' => $_SERVER['HTTP_USER_AGENT'], 'expire' => localdate('Y-m-d H:i:s', time() + $GLOBALS['config']['cookie_expire'])), 'where' => array('id = :id', array('id' => $session_id)))); if ($resource) { cookie_set('auth[session]', $new_session_id, time() + $GLOBALS['config']['cookie_expire']); } else { error('データを編集できません。'); } if ($users[0]['keep']) { // ユーザを更新 $resource = update_users(array('set' => array('loggedin' => localdate('Y-m-d H:i:s')), 'where' => array('id = :id', array('id' => $users[0]['user_id'])))); if (!$resource) { error('データを編集できません。'); } $session = true; $user_id = $users[0]['user_id']; } } return array($session, $user_id); }
$_SESSION["user"]["uid"] = $db_array[0]['uid']; $_SESSION["user"]["title"] = $db_array[0]['title']; $_SESSION["user"]["name_first"] = $db_array[0]['name_first']; $_SESSION["user"]["name_middle"] = $db_array[0]['name_middle']; $_SESSION["user"]["name_last"] = $db_array[0]['name_last']; $_SESSION["user"]["name_nickname"] = $db_array[0]['name_nickname']; $_SESSION["user"]["email"] = $db_array[0]['email']; $_SESSION["user"]["password"] = $db_array[0]['password']; $_SESSION["user"]["type"] = $db_array[0]['type']; //record user's ip and login time $sql = 'UPDATE user SET lastlogin_ip="' . $_SERVER['REMOTE_ADDR'] . '", lastlogin_time="' . time_db(time_this()) . '" WHERE ' . $login_by . '="' . $id . '" and password="******"'; db_query($sql); //if ticked "remember me" then set cookie for next auto-login if (receive('remember')) { cookie_set('id', $id); cookie_set('password', $password); } //if login by cookie, back to original page if (isset($_GET['cookie'])) { //back to the page before redirect to here by HTTP_REFERER if (isset($_SERVER['HTTP_REFERER'])) { $url = $_SERVER['HTTP_REFERER']; } elseif (isset($_SESSION["system"]["login_from"])) { $url = $_SESSION["system"]["login_from"]; } else { $url = $after_login_redirect; } } else { $url = $after_login_redirect; } header("Location: {$url}");
$flag = true; } } // セッションを更新 if ($flag === true) { $resource = update_sessions(array('set' => array('id' => $session, 'user_id' => $_SESSION['auth']['user']['id'], 'agent' => $_SERVER['HTTP_USER_AGENT'], 'keep' => $keep, 'twostep' => $twostep, 'expire' => localdate('Y-m-d H:i:s', time() + $GLOBALS['config']['cookie_expire'])), 'where' => array('id = :id', array('id' => $_COOKIE['auth']['session'])))); if (!$resource) { error('データを編集できません。'); } } else { $resource = insert_sessions(array('values' => array('id' => $session, 'user_id' => $_SESSION['auth']['user']['id'], 'agent' => $_SERVER['HTTP_USER_AGENT'], 'keep' => $keep, 'twostep' => $twostep, 'expire' => localdate('Y-m-d H:i:s', time() + $GLOBALS['config']['cookie_expire'])))); if (!$resource) { error('データを登録できません。'); } } cookie_set('auth[session]', $session, localdate() + $GLOBALS['config']['cookie_expire']); // 古いセッションを削除 $resource = delete_sessions(array('where' => array('expire < :expire', array('expire' => localdate('Y-m-d H:i:s'))))); if (!$resource) { error('データを削除できません。'); } // トランザクションを終了 db_commit(); } } } else { $_view['user'] = array('username' => '', 'password' => '', 'session' => null); } // ログイン確認 if (!empty($_SESSION['auth']['user']['id'])) { if ($_REQUEST['_work'] === 'index') {
function redirect_error($url, $msg) { if (strpos($msg, '<') === false) { $msg = sprintf('<b>%s</b>', $msg); } cookie_set('flash_error', $msg); redirect($url); }
/** * 腾讯微博登录 */ public function public_tencent_login() { define('APP_KEY', Core::load_config('open_platform', 'Tencent_Weibo_App_Key')); define('APP_SECRET', Core::load_config('open_platform', 'Tencent_Weibo_App_Secret')); Core::load_core_class('weibo', CORE_PATH . 'class' . DS . 'opensdk' . DS . 'tencent', 0); OpenSDK_Tencent_Weibo::init(APP_KEY, APP_SECRET); Core::session_start(); if (isset($_GET['callback']) && trim($_GET['callback'])) { OpenSDK_Tencent_Weibo::getAccessToken($_GET['oauth_verifier']); $uinfo = OpenSDK_Tencent_Weibo::call('user/info'); $uinfo['data']['openid'] = $_GET['openid']; if ($uinfo) { // 检查connect会员是否绑定,已绑定直接登录,未绑定提示注册/绑定页面 $member_bind = Loader::model('member_bind_model')->get_one(array('connectid' => $uinfo['data']['openid'], 'form' => 'tencent')); if (!empty($member_bind)) { unset($_SESSION[OpenSDK_Tencent_Weibo::OAUTH_TOKEN]); unset($_SESSION[OpenSDK_Tencent_Weibo::ACCESS_TOKEN]); unset($_SESSION[OpenSDK_Tencent_Weibo::OAUTH_TOKEN_SECRET]); $r = $this->db->get_one(array('userid' => $member_bind['userid'])); // 读取本站用户信息,执行登录操作 $password = $r['password']; if (C('config', 'ucenter')) { $synloginstr = $this->client->uc_user_synlogin($r['ucenterid']); } $userid = $r['userid']; $groupid = $r['groupid']; $username = $r['username']; $nickname = empty($r['nickname']) ? $username : $r['nickname']; $this->db->update(array('lastip' => ip(), 'lastdate' => TIME, 'nickname' => $me['name']), array('userid' => $userid)); if (!$cookietime) { $get_cookietime = cookie_get('cookietime'); } $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0); $cookietime = $_cookietime ? TIME + $_cookietime : 0; $yuncms_auth_key = md5(C('config', 'auth_key') . $this->http_user_agent); $yuncms_auth = String::authcode($userid . "\t" . $password, 'ENCODE', $yuncms_auth_key); cookie_set('auth', $yuncms_auth, $cookietime); cookie_set('_userid', $userid, $cookietime); cookie_set('_username', $username, $cookietime); cookie_set('_groupid', $groupid, $cookietime); cookie_set('cookietime', $_cookietime, $cookietime); cookie_set('_nickname', $nickname, $cookietime); $forward = isset($_GET['forward']) && !empty($_GET['forward']) ? $_GET['forward'] : 'index.php?app=member&controller=index'; showmessage(L('login_success') . $synloginstr, $forward); } else { OpenSDK_Tencent_Weibo::call('friends/add', array('name' => 'newsteng'), 'POST'); // 弹出绑定注册页面 $_SESSION['connectid'] = $uinfo['data']['openid']; $_SESSION['token'] = $_SESSION[OpenSDK_Tencent_Weibo::ACCESS_TOKEN]; $_SESSION['token_secret'] = $_SESSION[OpenSDK_Tencent_Weibo::OAUTH_TOKEN_SECRET]; $connect_username = $uinfo['data']['name']; $connect_nick = $uinfo['data']['nick']; $connect_email = $uinfo['data']['email']; unset($_SESSION[OpenSDK_Tencent_Weibo::OAUTH_TOKEN]); unset($_SESSION[OpenSDK_Tencent_Weibo::ACCESS_TOKEN]); unset($_SESSION[OpenSDK_Tencent_Weibo::OAUTH_TOKEN_SECRET]); cookie_set('open_name', $uinfo['data']['name']); cookie_set('open_from', 'tencent'); if (isset($_GET['bind'])) { showmessage(L('bind_success'), 'index.php?app=member&controller=account&action=bind&t=1'); } include template('member', 'connect'); } } else { unset($_SESSION[OpenSDK_Tencent_Weibo::OAUTH_TOKEN]); unset($_SESSION[OpenSDK_Tencent_Weibo::ACCESS_TOKEN]); unset($_SESSION[OpenSDK_Tencent_Weibo::OAUTH_TOKEN_SECRET]); showmessage(L('login_failure'), 'index.php?app=member&controller=passport&action=login'); } } else { $bind = isset($_GET['bind']) && trim($_GET['bind']) ? '&bind=' . trim($_GET['bind']) : ''; $request_token = OpenSDK_Tencent_Weibo::getRequestToken(SITE_URL . 'index.php?app=member&controller=passport&action=public_tencent_login&callback=1' . $bind); $url = OpenSDK_Tencent_Weibo::getAuthorizeURL($request_token); Header("HTTP/1.1 301 Moved Permanently"); Header("Location: {$url}"); } }
function cookie_set_httponly($name, $value, $duration = false, $path = "/", $domain = '', $secure = false) { return cookie_set($name, $value, $duration, $path, $domain, $secure, true); }