示例#1
0
function main()
{
    $member = authOpenAPIMember();
    if ($member === false) {
        echo 'sign not true';
        die;
        bitch;
        die;
    }
    /** @var $wpdb wpdb */
    global $wpdb;
    $wp_user_id = $wpdb->get_var($wpdb->prepare("SELECT `user_id` FROM {$wpdb->usermeta} WHERE `meta_key` = 'vkapi_uid' AND `meta_value` = %s LIMIT 1", $member['id']));
    if ($wp_user_id !== null) {
        wp_set_auth_cookie($wp_user_id);
        do_action('wp_login', $wp_user_id);
        echo 'Ok';
    } else {
        oauth_new_user($member['id']);
    }
}
示例#2
0
function checkAuth()
{
    // Check vk user id from cookies and render login page if not present
    $member = authOpenAPIMember();
    if ($member === FALSE) {
        global $page;
        include 'templates/_non_member.php';
        exit;
    }
    // Load user info from persistent memcache
    global $PMC;
    $member['info'] = $PMC->get("id{$member['id']}");
    if ($member['info']) {
        // Set page user variables
        set('info', $member['info']);
        set('photo', $member['info']['photo']);
        set('name', "{$member['info']['first_name']} {$member['info']['last_name']}");
    }
    // Load user balance from money engine
    $balance = get_balance("USR", $member['id'], null);
    if ($balance == 'NO_ACCOUNT') {
        // Create account
        if (create_account("USR", $member['id'], null, $member['id'], ip2long(getRealIpAddr()), null, null, '')) {
            $balance = get_balance("USR", $member['id'], null);
        } else {
            $balance = FALSE;
        }
    }
    $member['balance'] = $balance;
    if ($balance) {
        // Set page balance variables
        list($bal, $cur, $lock) = explode(':', $balance);
        set('balance', sprintf("%.02f", round($bal / 100, 2)));
        set('locked', sprintf("%.02f", round($lock / 100, 2)));
    }
    return $member;
}
         ksort($session);
         $sign = '';
         foreach ($session as $key => $value) {
             if ($key != 'sig') {
                 $sign .= $key . '=' . $value;
             }
         }
         $sign .= "VM0JPbVTfFIZF4Qfyc6H";
         $sign = md5($sign);
         if ($session['sig'] == $sign && $session['expire'] > time()) {
             $member = array('id' => intval($session['mid']), 'secret' => $session['secret'], 'sid' => $session['sid']);
         }
     }
     return $member;
 }
 $member = authOpenAPIMember();
 $user_info = json_decode($_POST["user_json"]);
 if ($member !== FALSE && $member["id"] == $user_info->uid) {
     $uid = $user_info->uid;
     $first_name = $user_info->first_name;
     $last_name = $user_info->last_name;
     $photo = $user_info->photo_100;
     $sex = $user_info->sex;
     $requst = "SELECT * FROM users WHERE user_id_sn =%d AND social_network =%s";
     $result = $mysqli->query($requst, $uid, 'vk');
     if ($result->num_rows == 1) {
         $mysqli->query("UPDATE users SET first_name=%s, last_name=%s, photo=%s WHERE user_id_sn=%d", $first_name, $last_name, $photo, $uid);
         $_SESSION["user_id"] = $uid;
         $_SESSION["snetwork"] = "vk";
         setcookie("user_id", $uid, time() + 3600, '/');
         setcookie("snetwork", "vk", time() + 3600, '/');
示例#4
0
function route_post_order_action($local_id)
{
    global $MC_Text;
    if (!preg_match('/^\\d+$/', $local_id)) {
        status(HTTP_NOT_FOUND);
        exit;
    }
    $member = authOpenAPIMember();
    if ($member === FALSE) {
        status(HTTP_FORBIDDEN);
        exit;
    }
    $uid = $member['id'];
    $order = get_order($local_id);
    if ($order === FALSE) {
        status(HTTP_NOT_FOUND);
        exit;
    }
    $response = array();
    $act = $_POST['act'];
    switch ($act) {
        case 'cancel':
            if ($order['uid'] != $member['id']) {
                status(HTTP_FORBIDDEN);
                exit;
            }
            if (($order['flags'] & FLAG_DELETED) == FLAG_DELETED) {
                return json_error('ORDER_CANCELLED');
            }
            if (($order['flags'] & FLAG_REPLIED) == FLAG_REPLIED) {
                return json_error('ORDER_COMMITTED');
            }
            // Start and lock 'reverse-order' transaction
            $temp = start_order_transaction($uid, -$order['amount']);
            if ($temp === FALSE) {
                return json_error('START_TRANS');
            }
            // Set order 'DELETED' flag
            $res = $MC_Text->increment("flags-1_{$local_id}", FLAG_DELETED);
            if ($res === FALSE) {
                // Cancel transaction
                delete_temp_transaction($temp);
                return json_error('CANCEL_ORDER');
            }
            // Commit 'reverse-order' transaction
            commit_transaction($temp);
            $response['ok'] = TRUE;
            // Send to common queue
            enqueue(array('cancel' => $local_id), '');
            // Refresh balance
            $response['balance'] = formatBalance('USR', $uid);
            $response['order_balance'] = formatBalance('ORD', $uid);
            // Send to user's queue
            enqueue(array('cancel' => $local_id, 'balance' => $response['balance']), $uid);
            break;
        case 'commit':
            # Prevent from committing own orders
            #if ($order['uid'] == $member['id']) {
            #    status(HTTP_FORBIDDEN);
            #    exit;
            #}
            if (($order['flags'] & FLAG_DELETED) == FLAG_DELETED) {
                return json_error('ORDER_CANCELLED');
            }
            if (($order['flags'] & FLAG_REPLIED) == FLAG_REPLIED) {
                return json_error('ORDER_COMMITTED');
            }
            // Start and lock 'commit-order' transaction
            $temp = start_commit_order_transaction($uid, $order['uid'], $order['amount']);
            if ($temp === FALSE) {
                return json_error('START_TRANS');
            }
            // Set order 'COMMITTED' flag
            $resp = $MC_Text->increment("flags-1_{$local_id}", FLAG_REPLIED);
            if ($resp === FALSE) {
                // Cancel transaction
                delete_temp_transaction($temp);
                return json_error('COMMIT_ORDER');
            }
            // Commit 'commit-order' transaction
            $resp = commit_transaction($temp);
            # TODO: Store transaction id in the order
            $response['ok'] = TRUE;
            // Refresh balance
            $response['balance'] = formatBalance('USR', $uid);
            $response['order_balance'] = formatBalance('ORD', $uid);
            $author = $order['uid'];
            // Send to user's queue
            if ($uid != $author) {
                enqueue(array('commit' => $local_id, 'balance' => $response['balance']), $uid);
            }
            // Send to common queue
            enqueue(array('commit' => $local_id), '');
            // Render author's html
            global $i;
            global $page;
            $i = get_order($local_id);
            $page = array('member' => array('id' => $author));
            ob_start();
            include 'templates/_order.php';
            $html = ob_get_clean();
            // Send to author's queue
            $data = array('commit' => $local_id, 'order' => $i, 'html' => $html);
            if ($author == $uid) {
                $data['balance'] = $response['balance'];
            }
            enqueue($data, $author);
            break;
        default:
            status(HTTP_BAD_REQUEST);
            exit;
    }
    send_header('Content-Type: application/json; charset=utf-8');
    echo json_encode($response);
}