/**
* (non-PHPdoc)
* @see \tfc\mvc\interfaces\Action::run()
*/
public function run()
{
$cookie = new Cookie('cookie');
//var_dump($cookie->get('state'));
$httpReferer = $cookie->get('http_referer', 'index.php');
var_dump($httpReferer);
// 98683de26fdf0b3173de67f3c0d4c9b8
// 98683de26fdf0b3173de67f3c0d4c9b8
}
/**
* (non-PHPdoc)
* @see \tfc\mvc\interfaces\Action::run()
*/
public function run()
{
$req = Ap::getRequest();
$cookie = new Cookie('cookie');
$appid = Cfg::getApp('appid', 'qq', 'extlogin');
$appkey = Cfg::getApp('appkey', 'qq', 'extlogin');
$callback = Options::getSiteUrl() . '/index.php?r=member/data/qqcallback';
if ($cookie->get('state') !== $req->getParam('state')) {
exit('The state does not match. You may be a victim of CSRF.');
}
$tokenUrl = 'https://graph.qq.com/oauth2.0/token?grant_type=authorization_code' . '&client_id=' . $appid . '&redirect_uri=' . urlencode($callback) . '&client_secret=' . $appkey . '&code=' . $req->getParam('code');
$response = file_get_contents($tokenUrl);
if (strpos($response, 'callback') !== false) {
$lpos = strpos($response, '(');
$rpos = strrpos($response, ')');
$response = substr($response, $lpos + 1, $rpos - $lpos - 1);
$msg = json_decode($response);
if (isset($msg->error)) {
echo '<h3>error:</h3>' . $msg->error;
echo '<h3>msg :</h3>' . $msg->error_description;
exit;
}
}
$params = array();
parse_str($response, $params);
$graphUrl = 'https://graph.qq.com/oauth2.0/me?access_token=' . $params['access_token'];
$str = file_get_contents($graphUrl);
if (strpos($str, 'callback') !== false) {
$lpos = strpos($str, '(');
$rpos = strrpos($str, ')');
$str = substr($str, $lpos + 1, $rpos - $lpos - 1);
}
$user = json_decode($str);
if (isset($user->error)) {
echo '<h3>error:</h3>' . $user->error;
echo '<h3>msg :</h3>' . $user->error_description;
exit;
}
$openid = $user->openid;
$mod = Model::getInstance('Account', 'member');
$ret = $mod->extlogin(DataAccount::PARTNER_QQ, $openid);
if ($ret['err_no'] === DataAccount::SUCCESS_LOGIN_NUM) {
$httpReferer = HttpCookie::get('http_referer', 'index.php');
HttpCookie::remove('http_referer');
Ap::getResponse()->location($httpReferer);
} else {
Ap::getResponse()->location('index.php?r=member/show/login');
}
}
/**
* (non-PHPdoc)
* @see \tfc\mvc\interfaces\Action::run()
*/
public function run()
{
$cookie = new Cookie('cookie');
$httpReferer = Ap::getRequest()->getTrim('http_referer');
if ($httpReferer === '') {
$httpReferer = 'index.php';
}
HttpCookie::add('http_referer', $httpReferer);
$appid = Cfg::getApp('appid', 'wechat', 'extlogin');
$callback = Options::getSiteUrl() . '/index.php?r=member/data/wechatcallback';
$scope = 'snsapi_base';
$state = md5(uniqid(rand(), TRUE));
//CSRF protection
$cookie->add('state', $state);
$loginUrl = 'https://open.weixin.qq.com/connect/oauth2/authorize?response_type=code' . '&appid=' . $appid . '&redirect_uri=' . urlencode($callback) . '&state=' . $state . '&scope=' . $scope . '#wechat_redirect';
Ap::getResponse()->location($loginUrl);
}
/**
* (non-PHPdoc)
* @see \tfc\mvc\interfaces\Action::run()
*/
public function run()
{
$cookie = new Cookie('cookie');
$httpReferer = Ap::getRequest()->getTrim('http_referer');
if ($httpReferer === '') {
$httpReferer = 'index.php';
}
HttpCookie::add('http_referer', $httpReferer);
$appid = Cfg::getApp('appid', 'qq', 'extlogin');
$callback = Options::getSiteUrl() . '/index.php?r=member/data/qqcallback';
$scope = 'get_user_info';
$state = md5(uniqid(rand(), TRUE));
//CSRF protection
$cookie->add('state', $state);
$loginUrl = 'https://graph.qq.com/oauth2.0/authorize?response_type=code' . '&client_id=' . $appid . '&redirect_uri=' . urlencode($callback) . '&state=' . $state . '&scope=' . $scope;
Ap::getResponse()->location($loginUrl);
}
/**
* (non-PHPdoc)
* @see \tfc\mvc\interfaces\Action::run()
*/
public function run()
{
$req = Ap::getRequest();
$cookie = new Cookie('cookie');
$appid = Cfg::getApp('appid', 'wechat', 'extlogin');
$appsecret = Cfg::getApp('appsecret', 'wechat', 'extlogin');
if ($cookie->get('state') !== $req->getParam('state')) {
exit('The state does not match. You may be a victim of CSRF.');
}
$tokenUrl = 'https://api.weixin.qq.com/sns/oauth2/access_token?grant_type=authorization_code' . '&appid=' . $appid . '&secret=' . $appsecret . '&code=' . $req->getParam('code');
$resource = curl_init();
curl_setopt($resource, CURLOPT_URL, $tokenUrl);
curl_setopt($resource, CURLOPT_HEADER, 0);
curl_setopt($resource, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($resource, CURLOPT_NOSIGNAL, 1);
curl_setopt($resource, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
$result = curl_exec($resource);
if ($result === false) {
$errNo = curl_errno($resource);
$errMsg = curl_error($resource);
curl_close($resource);
echo '<h3>error:</h3>' . $errNo;
echo '<h3>msg :</h3>' . $errMsg;
exit;
}
curl_close($resource);
$user = json_decode($result);
$openid = $user->openid;
$mod = Model::getInstance('Account', 'member');
$ret = $mod->extlogin(DataAccount::PARTNER_WECHAT, $openid);
if ($ret['err_no'] === DataAccount::SUCCESS_LOGIN_NUM) {
$httpReferer = HttpCookie::get('http_referer', 'index.php');
HttpCookie::remove('http_referer');
Ap::getResponse()->location($httpReferer);
} else {
Ap::getResponse()->location('index.php?r=member/show/login');
}
}
