function index($ctx)
{
$ctx->title = '绑定微信账号';
setcookie('no_subscribe_prj', '', time() + 3600);
$user = UC::auth();
if ($user) {
$connect = WxConnect::get_by('user_id', $user['id']);
if ($connect) {
_redirect('/');
}
}
if (!$this->openid) {
if (!$_GET['redirect']) {
// 避免循环跳转
UC::logout();
// 使用域名 axelahome.com, 避免因为跨域导致 session 获取不到问题
$jump = _url('https://axelahome.com/weixin/bind', array('redirect' => 1));
$url = _url('https://axelahome.com/weixin/oauth', array('jump' => $jump));
_redirect($url);
}
_throw("链接已经过期, 请重新获取微信消息!", 200);
} else {
$connect = WxConnect::get_by('wx_openid', $this->openid);
if ($connect) {
_throw('此微信号已经绑定过懒投资账号, 请先解绑!');
}
}
}
function init($ctx)
{
parent::init($ctx);
$ctx->user = UC::auth();
if (!$ctx->user) {
$url = $_SERVER['REQUEST_URI'];
_redirect('login', array('jump' => $url));
return;
}
}
function open_url($ctx)
{
$jump = htmlspecialchars(trim($_GET['jump']));
self::validate_url($jump);
if (!$this->appid || !$this->secret) {
_redirect($jump);
}
// 如果已经登录, 则不需要和weixin交互
$user = UC::auth();
if ($user) {
_redirect($jump);
}
// 使用域名 axelahome.com, 避免因为跨域导致 session 获取不到问题
$callback = _url('https://axelahome.com/weixin/oauth/callback', array('jump' => $jump));
$wx_url = 'https://open.weixin.qq.com/connect/oauth2/authorize';
$wx_url = "{$wx_url}?appid={$this->appid}&redirect_uri={$callback}&response_type=code&scope=snsapi_base&state=1#wechat_redirect";
_redirect($wx_url);
}
function init($ctx)
{
parent::init($ctx);
header('P3P:CP=" OTI DSP COR IVA OUR IND COM "');
$ref = $_SERVER['HTTP_REFERER'];
$allow_domains = array('axelahome.com');
$allow = false;
foreach ($allow_domains as $domain) {
if (preg_match("/^http(s)?:\\/\\/[^\\/]*{$domain}\\//", $ref)) {
$allow = true;
break;
}
}
if (ENV != 'dev' && !$allow) {
_throw("非法的 Referer: " . htmlspecialchars($ref));
}
$ctx->user = UC::auth();
}
