function user_set_role() { user_ensure_authenticated(); $id = get_current_user_id(); $args = func_get_args(); $key = $args[2]; if ($key == "" or $key != "1" and $key != "2") { die("Invalid argument!"); } connect_db(); $view = "SELECT role_id FROM userinfo WHERE user_id='{$id}'"; $list = mysql_query($view); $row = mysql_fetch_array($list); $role = $row['role_id']; if ($role != -1) { die('Role already set!'); } $view = "UPDATE userinfo SET role_id=" . $key . " WHERE user_id='" . $id . "'"; $list = mysql_query($view) or die("Update error!"); $GLOBALS['user']['role'] = $key; save_cookie(); }
case 'update_cookie': if (!$_POST['cookie']) { break; } $cookie = daddslashes($_POST['cookie']); if (!preg_match('/BDUSS=(.+?)/', $cookie)) { showmessage('Cookie 信息不完整,请尝试重新获取', './#baidu_bind', 1); } if (!preg_match('/BAIDUID=(.+?)/', $cookie)) { showmessage('Cookie 信息不完整,请尝试重新获取', './#baidu_bind', 1); } if (!verify_cookie($cookie)) { showmessage('无法登陆百度贴吧,请检查 Cookie 是否填写正确', './#baidu_bind', 1); } $cookie = daddslashes($cookie); save_cookie($uid, $cookie); showmessage('您的 Cookie 信息已经更新<script type="text/javascript" src="?action=refresh_liked_tieba&formhash=' . $formhash . '"></script>', './#baidu_bind', 1); break; case 'update_setting': if ($_POST['formhash'] != $formhash) { break; } DB::update('member_setting', array('error_mail' => $_POST['error_mail'] ? 1 : 0, 'send_mail' => $_POST['send_mail'] ? 1 : 0, 'zhidao_sign' => $_POST['zhidao_sign'] ? 1 : 0, 'wenku_sign' => $_POST['wenku_sign'] ? 1 : 0), "uid='{$uid}'"); CACHE::save('user_setting_' . $uid, ''); showmessage('设置已经保存', './#setting', 1); break; case 'change_password': if ($_POST['formhash'] != $formhash) { break; } $user = DB::fetch_first("SELECT * FROM member WHERE uid='{$uid}'");
id int(11) NOT NULL AUTO_INCREMENT, `name` varchar(64) NOT NULL, module text NOT NULL, PRIMARY KEY (id), UNIQUE KEY `name` (`name`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 '); DB::insert('plugin', array('name' => 'debug_info')); DB::insert('plugin', array('name' => 'update_log')); saveSetting('version', '1.13.11.9'); showmessage('成功更新到 1.13.11.9!', './'); } elseif ($current_version == '1.13.11.9') { runquery("\nALTER TABLE `plugin` ADD `enable` TINYINT(1) NOT NULL DEFAULT '1' AFTER `id`;\nALTER TABLE `plugin` ADD `version` VARCHAR(8) NOT NULL DEFAULT '0';\nALTER TABLE `member_setting` ADD `cookie` TEXT BINARY CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL;\n"); $query = DB::query('SELECT uid, cookie FROM member'); while ($result = DB::fetch($query)) { save_cookie($result['uid'], $result['cookie']); } DB::query('ALTER TABLE `member` DROP `cookie`'); $query = DB::query('SHOW columns FROM `plugin`'); while ($result = DB::fetch($query)) { if ($result['Field'] == 'module') { DB::query('ALTER TABLE `plugin` DROP `module`'); } } CACHE::clear(); CACHE::update('plugins'); saveSetting('register_limit', 1); saveSetting('register_check', 1); saveSetting('jquery_mode', 2); saveSetting('version', '1.13.12.15'); showmessage('成功更新到 1.13.12.15!', './');
function oauth_sina_callback() { include_once 'sinaoauth.inc.php'; $o = new WeiboOAuth(SINA_AKEY, SINA_SKEY, $_SESSION['sinakeys']['oauth_token'], $_SESSION['sinakeys']['oauth_token_secret']); $last_key = $o->getAccessToken($_REQUEST['oauth_verifier']); $GLOBALS['user']['sinakey'] = $last_key; connect_db(); $me = sina_get_credentials() or die("Cound not get data from Sina API"); if (!$me['id']) { die("Cound not get data from Sina API"); } $view = "SELECT * FROM accountbindings WHERE site_id='1' AND user_site_id='" . $me['id'] . "'"; $list = mysql_query($view); $row = mysql_fetch_array($list); if (!$row) { include_once "uuid.inc.php"; $v4uuid = str_replace("-", "", UUID::v4()); $add = "INSERT INTO userinfo(nickname, email, microblogs, user_id, role_id, avatar_url) VALUES ('" . $me['name'] . "', '', '1', '{$v4uuid}', '-1', '" . $me['profile_image_url'] . "')"; $added = mysql_query($add) or die("Could not add entry 1"); $add = "INSERT INTO accountbindings(user_id, user_site_id, site_id, secret1, secret2) VALUES ('{$v4uuid}', '" . $me['id'] . "', 1, '" . $GLOBALS['user']['sinakey']['oauth_token'] . "', '" . $GLOBALS['user']['sinakey']['oauth_token_secret'] . "')"; $added = mysql_query($add) or die("Could not add entry 2"); $id = $v4uuid; $role = -1; $nick = $me['name']; } else { $id = $row['user_id']; $updatekey = "UPDATE accountbindings SET secret1='" . $GLOBALS['user']['sinakey']['oauth_token'] . "',secret2='" . $GLOBALS['user']['sinakey']['oauth_token_secret'] . "' WHERE user_id='{$id}'"; $result = mysql_query($updatekey); $view = "SELECT * FROM userinfo WHERE user_id='{$id}'"; $list = mysql_query($view); $row = mysql_fetch_array($list); $role = $row['role_id']; $nick = $row['nickname']; } $GLOBALS['user']['nickname'] = $nick; $GLOBALS['user']['id'] = $id; $GLOBALS['user']['role'] = $role; $view = "INSERT INTO log_userlogin(user_id, ipaddress, login_time, useragent, cookies) VALUES('{$id}', '" . $_SERVER["REMOTE_ADDR"] . "', '" . date('Y-m-d H:i:s') . "', '" . $_SERVER["HTTP_USER_AGENT"] . "', '" . $_SERVER["HTTP_COOKIE"] . "')"; $list = mysql_query($view); save_cookie(); header("Location: " . BASE_URL); }