public function process_request($request) { if ($request == 'facebook-login') { $app_id = qa_opt('facebook_app_id'); $app_secret = qa_opt('facebook_app_secret'); $tourl = qa_get('to'); if (!strlen($tourl)) { $tourl = qa_path_absolute(''); } if (strlen($app_id) && strlen($app_secret)) { require_once $this->directory . 'facebook.php'; $facebook = new Facebook(array('appId' => $app_id, 'secret' => $app_secret, 'cookie' => true)); $fb_userid = $facebook->getUser(); if ($fb_userid) { try { $user = $facebook->api('/me?fields=email,name,verified,location,website,about,picture.width(250)'); if (is_array($user)) { qa_log_in_external_user('facebook', $fb_userid, array('email' => @$user['email'], 'handle' => @$user['name'], 'confirmed' => @$user['verified'], 'name' => @$user['name'], 'location' => @$user['location']['name'], 'website' => @$user['website'], 'about' => @$user['bio'], 'avatar' => strlen(@$user['picture']['data']['url']) ? qa_retrieve_url($user['picture']['data']['url']) : null)); } } catch (FacebookApiException $e) { } } else { qa_redirect_raw($facebook->getLoginUrl(array('redirect_uri' => $tourl))); } } qa_redirect_raw($tourl); } }
function process_request($request) { if ($request == 'facebook-login') { $app_id = qa_opt('facebook_app_id'); $app_secret = qa_opt('facebook_app_secret'); $tourl = qa_get('to'); if (!strlen($tourl)) { $tourl = qa_path_absolute(''); } if (strlen($app_id) && strlen($app_secret)) { if (!function_exists('json_decode')) { // work around fact that PHP might not have JSON extension installed require_once $this->directory . 'JSON.php'; function json_decode($json) { $decoder = new Services_JSON(SERVICES_JSON_LOOSE_TYPE); return $decoder->decode($json); } } require_once $this->directory . 'facebook.php'; $facebook = new Facebook(array('appId' => $app_id, 'secret' => $app_secret, 'cookie' => true)); $fb_userid = $facebook->getUser(); if ($fb_userid) { try { $user = $facebook->api('/me?fields=email,name,verified,location,website,about,picture'); if (is_array($user)) { qa_log_in_external_user('facebook', $fb_userid, array('email' => @$user['email'], 'handle' => @$user['name'], 'confirmed' => @$user['verified'], 'name' => @$user['name'], 'location' => @$user['location']['name'], 'website' => @$user['website'], 'about' => @$user['bio'], 'avatar' => strlen(@$user['picture']['data']['url']) ? qa_retrieve_url($user['picture']['data']['url']) : null)); } } catch (FacebookApiException $e) { } } else { qa_redirect_raw($facebook->getLoginUrl(array('redirect_uri' => $tourl))); } } qa_redirect_raw($tourl); } }
// handles can't contain @ symbols $matchusers = qa_db_user_find_by_email($inemailhandle); } else { $matchusers = qa_db_user_find_by_handle($inemailhandle); } if (count($matchusers) == 1) { // if matches more than one (should be impossible), don't log in $inuserid = $matchusers[0]; $userinfo = qa_db_select_with_pending(qa_db_user_account_selectspec($inuserid, true)); if (strtolower(qa_db_calc_passcheck($inpassword, $userinfo['passsalt'])) == strtolower($userinfo['passcheck'])) { // login and redirect require_once QA_INCLUDE_DIR . 'qa-app-users.php'; qa_set_logged_in_user($inuserid, $userinfo['handle'], $inremember ? true : false); $topath = qa_get('to'); if (isset($topath)) { qa_redirect_raw(qa_path_to_root() . $topath); } elseif ($passwordsent) { qa_redirect('account'); } else { qa_redirect('welcome'); } } else { $errors['password'] = qa_lang('users/password_wrong'); } } else { $errors['emailhandle'] = qa_lang('users/user_not_found'); } } else { $pageerror = qa_lang('users/login_limit'); } } else {
function qa_redirect($request, $params = null, $rooturl = null, $neaturls = null, $anchor = null) { if (qa_to_override(__FUNCTION__)) { $args = func_get_args(); return qa_call_override(__FUNCTION__, $args); } qa_redirect_raw(qa_path($request, $params, $rooturl, $neaturls, $anchor)); }
<?php /** **author:future *新建百科 */ require_once 'base.php'; require_once 'console.php'; $postid = $_POST['postid']; deletePost($postid); qa_redirect_raw('console_page.php');
} </style> <link rel="stylesheet" type="text/css" href="/view/css/editor.css"> <script type="text/javascript" src="/view/js/zh.js"></script> <script type="text/javascript" src="/view/js/styles.js"></script> </head> <body> <?php isset($_GET['postid']) ? $postid = $_GET['postid'] : ($postid = ''); isset($_GET['action']) ? $action = $_GET['action'] : ($action = ''); isset($_GET['type']) ? $type = $_GET['type'] : ($type = 'ques'); // if ($postid != null) { $ques = qa_post_get_full($postid); } else { qa_redirect_raw('/'); } //如果没有设置帖子id,转到首页 require 'header.php'; ?> <!--side fixed end--> <div class="m-content"> <div class="content"> <section class="left-side"> <div class="ency-body"> <div class="ency-title"> <?php echo $ques['title']; ?>
// handles can't contain @ symbols $matchusers = qa_db_user_find_by_email($inemailhandle); } else { $matchusers = qa_db_user_find_by_handle($inemailhandle); } if (count($matchusers) == 1) { // if matches more than one (should be impossible), don't log in $inuserid = $matchusers[0]; $userinfo = qa_db_select_with_pending(qa_db_user_account_selectspec($inuserid, true)); if (strtolower(qa_db_calc_passcheck($inpassword, $userinfo['passsalt'])) == strtolower($userinfo['passcheck'])) { // login and redirect require_once QA_INCLUDE_DIR1 . 'app/users.php'; qa_set_logged_in_user($inuserid, $userinfo['handle'], !empty($inremember)); $topath = qa_get('to'); if (isset($topath)) { qa_redirect_raw($root_url . $topath); // path already provided as URL fragment } elseif ($passwordsent) { qa_redirect('account'); } else { qa_redirect(''); } } else { $errors['password'] = qa_lang('users/password_wrong'); } } else { $errors['emailhandle'] = qa_lang('users/user_not_found'); } } } else { $pageerror = qa_lang('users/login_limit');
$matchusers = qa_db_user_find_by_email($inemailhandle); } if (count($matchusers) == 1) { // if matches more than one (should be impossible), don't log in $inuserid = $matchusers[0]; $userinfo = qa_db_select_with_pending(qa_db_user_account_selectspec($inuserid, true)); // verify user is registered for the category / course if (mp_db_users_verify_permission($userinfo['userid'], $incategory) != 0) { // user is allowed to access the category, now check password if (strtolower(qa_db_calc_passcheck($inpassword, $userinfo['passsalt'])) == strtolower($userinfo['passcheck'])) { // login and redirect require_once QA_INCLUDE_DIR . 'qa-app-users.php'; qa_set_logged_in_user($inuserid, $userinfo['handle'], $inremember ? true : false, null, $incategory); $topath = qa_get('to'); if (isset($topath)) { qa_redirect_raw($qa_root_url_relative . $topath); } elseif ($passwordsent) { qa_redirect('account'); } else { qa_redirect(''); } } else { $errors['password'] = qa_lang('users/password_wrong'); } } else { $errors['category'] = 'Your userid is not registered for this category'; } } else { $errors['emailhandle'] = qa_lang('users/user_not_found'); } }
<?php /** **author:future *删除问答 */ require_once 'base.php'; require_once 'console.php'; $postid = $_POST['postid']; $from = $_POST['from']; if ($_POST['doanswer']) { $type = 'A'; } if ($_POST['doask']) { $type = 'Q'; } deleteQA($postid, $type); qa_redirect_raw('console_page.php?type=qa');
<script src="/view/js/responsive-nav.js"></script> <script src="/view/js/bootstrap.min.js"></script> </head> <body> <?php require_once '../bmf/bk_base.php'; require_once '../bmf/qa_base.php'; require 'header.php'; isset($_GET['class1']) ? $class1 = $_GET['class1'] : ($class1 = ''); isset($_GET['class2']) ? $class2 = $_GET['class2'] : ($class2 = ''); isset($_GET['postid']) ? $page = $_GET['postid'] : ($page = 1); $post = getPost($page); while ($post == null) { $post = nextPost($page); if ($page == getPostCount()) { qa_redirect_raw('/baikedetail/1.html'); } break; } // isset($_GET['class2'])? $class2 = $_GET['class2']:$class1=null; ?> <div class="m-content"> <div class="content"> <section class="left-side"> <div class="bread-nav"> <span class="bread-big"><a href="/baikemain/1.html">购房百科</a></span> <span class="bread-small"> >> <?php if ($class1 == null) { switch ($post['isbase']) { case 2:
$userid = qa_create_new_user($inemail, $inpassword, $inhandle); //创建user // qa_db_user_set_flag($userid, QA_USER_FLAGS_EMAIL_CONFIRMED, false); foreach ($userfields as $userfield) { qa_db_user_profile_set($userid, $userfield['title'], $inprofile[$userfield['fieldid']]); } // qa_set_logged_in_user($userid, $inhandle); sendNewConfirm($userid); $topath = qa_get('to'); if (isset($topath)) { qa_redirect_raw("/" . $topath); } else { qa_redirect_raw('/'); } } else { qa_redirect_raw('/view/register.php?email=' . urlencode($errors['email']) . '&handle=' . urlencode($errors['handle'])); } } function getNewConfirmUrl($userid, $handle) { require_once QA_INCLUDE_DIR . 'db/users.php'; $emailcode = qa_db_user_rand_emailcode(); qa_db_user_set($userid, 'emailcode', $emailcode); return "http://" . $_SERVER['HTTP_HOST'] . "/bmf/verify.php?c=" . $emailcode . "&u=" . $handle; } function sendNewConfirm($userid) { require_once QA_INCLUDE_DIR . 'db/users.php'; require_once QA_INCLUDE_DIR . 'db/selects.php'; require_once QA_INCLUDE_DIR . 'app/emails.php'; $userinfo = qa_db_select_with_pending(qa_db_user_account_selectspec($userid, true));
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT ,3); curl_setopt($ch, CURLOPT_TIMEOUT, 20);*/ // curl_setopt($ch, CURLOPT_VERBOSE, 1); // curl_setopt($ch, CURLOPT_STDERR, $fp); /*$server_output = curl_exec ($ch); curl_close ($ch); print_r($server_output);*/ // die(); // $verifylogin = new verifylogin; // $verifylogin.super_log_into_admin(11,1); if (isset($topath)) { qa_redirect_raw(qa_path_to_root() . $topath); } elseif (isset($extpath)) { qa_redirect_raw($mainurl . $extpath . '/'); } elseif ($passwordsent) { qa_redirect('account'); } else { qa_redirect(''); } } else { $errors['password'] = qa_lang('users/password_wrong'); } } else { $errors['emailhandle'] = qa_lang('users/user_not_found'); } } } else { $pageerror = qa_lang('users/login_limit'); }
function check_login() { $action = null; $key = null; if (!empty($_GET['hauth_start'])) { $key = trim(strip_tags($_GET['hauth_start'])); $action = 'process'; } else { if (!empty($_GET['hauth_done'])) { $key = trim(strip_tags($_GET['hauth_done'])); $action = 'process'; } else { if (!empty($_GET['login'])) { $key = trim(strip_tags($_GET['login'])); $action = 'login'; } else { if (isset($_GET['fb_source']) && $_GET['fb_source'] == 'appcenter' && isset($_SERVER['HTTP_REFERER']) && stristr($_SERVER['HTTP_REFERER'], 'www.facebook.com') !== false && isset($_GET['fb_appcenter']) && $_GET['fb_appcenter'] == '1' && isset($_GET['code'])) { // allow AppCenter users to login directly $key = 'facebook'; $action = 'login'; } } } } if ($key == null || strcasecmp($key, $this->provider) != 0) { return false; } if ($action == 'login') { // handle the login // after login come back to the same page $loginCallback = qa_path('', array(), qa_opt('site_url')); require_once $this->directory . 'Hybrid/Auth.php'; require_once $this->directory . 'qa-open-utils.php'; // prepare the configuration of HybridAuth $config = $this->getConfig($loginCallback); $topath = qa_get('to'); if (!isset($topath)) { $topath = ''; // redirect to front page } try { // try to login $hybridauth = new Hybrid_Auth($config); $adapter = $hybridauth->authenticate($this->provider); // if ok, create/refresh the user account $user = $adapter->getUserProfile(); $duplicates = 0; if (!empty($user)) { $duplicates = qa_log_in_external_user($key, $user->identifier, array('email' => @$user->email, 'handle' => @$user->displayName, 'confirmed' => !empty($user->emailVerified), 'name' => @$user->displayName, 'location' => @$user->region, 'website' => @$user->webSiteURL, 'about' => @$user->description, 'avatar' => strlen(@$user->photoURL) ? qa_retrieve_url($user->photoURL) : null)); } if ($duplicates > 0) { qa_redirect('logins', array('confirm' => '1', 'to' => $topath)); } else { qa_redirect_raw(qa_opt('site_url') . $topath); } } catch (Exception $e) { // not really interested in the error message - for now // however, in case we have errors 6 or 7, then we have to call logout to clean everything up if ($e->getCode() == 6 || $e->getCode() == 7) { $adapter->logout(); } $qry = 'provider=' . $this->provider . '&code=' . $e->getCode(); if (strstr($topath, '?') === false) { $topath .= '?' . $qry; } else { $topath .= '&' . $qry; } // redirect qa_redirect_raw(qa_opt('site_url') . $topath); } } if ($action == 'process') { require_once "Hybrid/Auth.php"; require_once "Hybrid/Endpoint.php"; Hybrid_Endpoint::process(); } return false; }
// if matches more than one (should be impossible), don't log in $inuserid = $matchusers[0]; $userinfo = qa_db_select_with_pending(qa_db_user_account_selectspec($inuserid, true)); if (strtolower(qa_db_calc_passcheck($inpassword, $userinfo['passsalt'])) == strtolower($userinfo['passcheck'])) { // login and redirect require_once QA_INCLUDE_DIR . 'app/users.php'; qa_set_logged_in_user($inuserid, $userinfo['handle'], !empty($inremember)); $topath = qa_get('to'); //设置登陆后要跳回的页面 if (isset($topath)) { qa_redirect_raw(qa_path_to_root() . $topath); } else { qa_redirect_raw('/'); } } else { $errors['password'] = qa_lang('users/password_wrong'); } qa_redirect_raw('/view/login.php?password='******'password']); } else { $errors['emailhandle'] = qa_lang('users/user_not_found'); qa_redirect_raw('/view/login.php?emailhandle=' . $errors['emailhandle']); } } else { $pageerror = qa_lang('users/login_limit'); qa_redirect_raw('/view/login.php'); } } else { //如果用户名或密码为空,返回登陆 $inemailhandle = qa_get('e'); qa_redirect_raw('/view/login.php'); }