| /**************************二次开发说明************************************** 此模块应用于Dedecms5.7版本,请替换API文件夹的UC.PHP,替换后,通过DEDE注册的用户,
访问论坛系统可以免激活,实现同时登陆同时退出。
*****************************************版权:http://www.zzjIE.com**************/
include_once (dirname(__file__)."/../include/common.inc.PHP");
define('IN_disCUZ',FALSE); define('UC_CLIENT_VERSION','1.5.0'); //note UCenter 版本标识
define('UC_CLIENT_RELEASE','20081031'); define('API_DELETEUSER',1); //note 用户删除 API 接口开关
define('API_REnameUSER',1); //note 用户改名 API 接口开关
define('API_GETTAG',1); //note 获取标签 API 接口开关
define('API_SYNLOGIN',1); //note 同步登录 API 接口开关
define('API_SYNlogoUT',1); //note 同步登出 API 接口开关
define('API_UPDATEPW',1); //note 更改用户密码 开关
define('API_UPDATEBADWORDS',1); //note 更新关键字列表 开关
define('API_UPDATEHOSTS',1); //note 更新域名解析缓存 开关
define('API_UPDATEAPPS',1); //note 更新应用列表 开关
define('API_UPDATECLIENT',1); //note 更新客户端缓存 开关
define('API_UPDATECREDIT',1); //note 更新用户积分 开关
define('API_GETCREDITSETTINGS',1); //note 向 UCenter 提供积分设置 开关
define('API_GETCREDIT',1); //note 获取用户的某项积分 开关
define('API_UPDATECREDITSETTINGS',1); //note 更新应用积分设置 开关 define('API_RETURN_SUCCEED','1');
define('API_RETURN_Failed','-1');
define('API_RETURN_FORBIDDEN','-2'); define('UC_CLIENT_ROOT',DEDEROOT.'/uc_clIEnt'); //note 普通的 http 通知方式
if(!defined('IN_UC'))
{ error_reporting(0);
set_magic_quotes_runtime(0);
defined('MAGIC_QUOTES_GPC') || define('MAGIC_QUOTES_GPC',get_magic_quotes_gpc()); $_DCACHE = $get = $post = array(); $code = @$_GET['code']; parse_str(_authcode($code,'DECODE',UC_KEY),$get);
if(MAGIC_QUOTES_GPC)
{
$get = _stripslashes($get);
} $timestamp = time();
if($timestamp - $get['time'] > 3600) {
exit('Authracation has expirIEd');
}
if(empty($get)) {
exit('InvalID Request');
}
$action = $get['action']; require_once UC_CLIENT_ROOT.'/lib/xml.class.PHP';
$post = xml_unserialize(file_get_contents('PHP://input')); if(in_array($get['action'],array('test','deleteuser','renameuser','gettag','synlogin','synlogout','updatepw','updatebaDWords','updatehosts','updateapps','updateclIEnt','updatecredit','getcreditsettings','updatecreditsettings')))
{
$uc_note = new uc_note();
exit($uc_note->$get['action']($get,$post));
}else{
exit(API_RETURN_Failed);
} //note include 通知方式
} else { exit('InvalID Request');
} class uc_note
{ var $dbconfig = '';
var $db = '';
var $appdir = '';
var $tablepre = 'dede_';
function _serialize($arr,$HTMLon = 0)
{
if(!function_exists('xml_serialize'))
{
include_once UC_CLIENT_ROOT.'/lib/xml.class.PHP';
}
return xml_serialize($arr,$HTMLon);
} function uc_note()
{
$this->appdir = DEDEROOT;
$this->dbconfig = DEDEINC.'/common.inc.PHP';
$this->db = $GLOBALS['dsql'];
$this->tablepre = $GLOBALS['cfg_dbprefix'];
}
function get_uIDs($uIDs)
{
include UC_CLIENT_ROOT.'/clIEnt.PHP';
$members = explode(",",$uIDs);
empty($members) && exit(API_RETURN_FORBIDDEN);
/*$members_username = array();
foreach($members as $ID)
{
$row = uc_get_user($ID,1);
$members_username[] = $row[1];
}
$comma_temps = implode(",$members_username);
empty($comma_temps) && exit(API_RETURN_FORBIDDEN);
$comma_uIDs = array();*/
//$row = $this->db->Setquery("SELECT mID FROM `dede_member` WHERE userID IN ($comma_temps)");
$this->db->Setquery("SELECT mID FROM `dede_member` WHERE mID IN ($uIDs)");
$this->db->Execute();
while($row = $this->db->GetArray())
{
$comma_uIDs[] = $row['mID'];
}
empty($comma_uIDs) && exit(API_RETURN_FORBIDDEN);
return implode(",$comma_uIDs);
} function test($get,$post)
{
return API_RETURN_SUCCEED;
} function deleteuser($get,$post)
{
$uIDs = $this->get_uIDs($get['IDs']);
!API_DELETEUSER && exit(API_RETURN_FORBIDDEN); //note 用户删除 API 接口
$rs = $this->db->ExecuteNonequery2("DELETE FROM `dede_member` WHERE mID IN ($uIDs) AND matt<>10 limit 1");
if($rs > 0)
{
$this->db->ExecuteNonequery("DELETE FROM `dede_member_tj` WHERE mID IN ($uIDs) limit 1");
$this->db->ExecuteNonequery("DELETE FROM `dede_member_space` WHERE mID IN ($uIDs) limit 1");
$this->db->ExecuteNonequery("DELETE FROM `dede_member_company` WHERE mID IN ($uIDs) limit 1");
$this->db->ExecuteNonequery("DELETE FROM `dede_member_person` WHERE mID IN ($uIDs) limit 1");
//删除用户相关数据
$this->db->ExecuteNonequery("DELETE FROM `dede_member_stow` WHERE mID IN ($uIDs) ");
$this->db->ExecuteNonequery("DELETE FROM `dede_member_flink` WHERE mID IN ($uIDs) ");
$this->db->ExecuteNonequery("DELETE FROM `dede_member_guestbook` WHERE mID IN ($uIDs) ");
$this->db->ExecuteNonequery("DELETE FROM `dede_member_operation` WHERE mID IN ($uIDs) ");
$this->db->ExecuteNonequery("DELETE FROM `dede_member_pms` WHERE toID IN ($uIDs) OR fromID IN ($uIDs) ");
$this->db->ExecuteNonequery("DELETE FROM `dede_member_frIEnds` WHERE mID IN ($uIDs) OR fID IN ($uIDs) ");
$this->db->ExecuteNonequery("DELETE FROM `dede_member_vhistory` WHERE mID IN ($uIDs) OR vID IN ($uIDs) ");
$this->db->ExecuteNonequery("DELETE FROM `dede_Feedback` WHERE mID IN ($uIDs) ");
$this->db->ExecuteNonequery("UPDATE `dede_archives` SET mID='0' WHERE mID IN ($uIDs)");
}
else
{
exit(API_RETURN_FORBIDDEN);
} return API_RETURN_SUCCEED;
} function renameuser($get,$post)
{
$uIDs = $this->get_uIDs($get['IDs']);
$usernameold = $get['oldusername'];
$usernamenew = $get['newusername'];
if(!API_REnameUSER)
{
return API_RETURN_FORBIDDEN;
} //note 获取标签 API 接口
$rs = $this->db->ExecuteNonequery2("UPDATE `dede_member` SET userID='$usernamenew' WHERE userID='$usernamenew' AND matt<>10 limit 1");
if($rs > 0)
{
$this->db->ExecuteNonequery("UPDATE `dede_archives` SET writer='$usernamenew' WHERE writer='$usernamenew'");
$this->db->ExecuteNonequery("UPDATE `dede_member_pms` SET floginID=REPLACE(floginID,'\t$usernameold','\t$usernamenew'),tologinID=REPLACE(tologinID,'\t$usernamenew')");
$row = $this->db->Getone("SHOW table STATUS");
$db_tables = $row['name']; unset($row);
if(in_array($this->tablepre.'guestbook',$db_tables))
{
$this->db->ExecuteNonequery("UPDATE `dede_guestbook` SET uname='$usernamenew' WHERE uname='$usernamenew'");
}
if(in_array($this->tablepre.'story_books',$db_tables))
{
$this->db->ExecuteNonequery("UPDATE `dede_story_books` SET author='$usernamenew' WHERE author='$usernamenew'");
}
if(in_array($this->tablepre.'groups',$db_tables))
{
$this->db->ExecuteNonequery("UPDATE `dede_groups` SET creater='$usernamenew' WHERE creater='$usernamenew'");
$this->db->ExecuteNonequery("UPDATE `dede_group_threads` SET author='$usernamenew' WHERE author='$usernamenew'");
$this->db->ExecuteNonequery("UPDATE `dede_group_user` SET username='$usernamenew' WHERE username='$usernamenew'");
$this->db->ExecuteNonequery("UPDATE `dede_group_posts` SET author='$usernamenew' WHERE author='$usernamenew'");
$this->db->ExecuteNonequery("UPDATE `dede_group_guestbook` SET uname='$usernamenew' WHERE uname='$usernamenew'");
$this->db->ExecuteNonequery("UPDATE `dede_groups` SET ismaster=REPLACE(ismaster,'\t$usernamenew')");
}
return API_RETURN_SUCCEED;
}
else
{
return API_RETURN_FORBIDDEN;
}
} function gettag($get,$post)
{
$name = $get['ID'];
if(!API_GETTAG)
{
return API_RETURN_FORBIDDEN;
} //note 获取标签 API 接口 $name = trim($name);
if(empty($name) || !preg_match('/^([\x7f-\xff_-]|\w|\s)+$/',$name) || strlen($name) > 20)
{
return API_RETURN_Failed;
} $row = $this->db->Getone("SELECT `total`,`ID` FROM `dede_tagindex` WHERE `tag`='$name'");
if(!is_array($row))
{
return API_RETURN_Failed;
}
$tpp = $row['total'] > 10 ? 10 : $row['total'];
$IDs = array();
$this->db->Setquery("SELECT aID FROM `dede_tagList` WHERE `tID`='$row[ID]' AND arcrank>-1");
$this->db->Execute();
while($row = $this->db->GetArray())
{
$IDs[] = $row['aID'];
}
if(empty($IDs))
{
return API_RETURN_Failed;
}
$aIDs = implode(",$IDs);
include_once DEDEINC.'/channelunit.func.PHP';
$archives_List = array();
$this->db->Setquery("SELECT arc.*,tp.typedir,tp.typename,tp.isdefault,tp.defaultname,tp.namerule,tp.namerule2,tp.ispart,tp.moresite,tp.siteurl,tp.sitepath
FROM `dede_archives` arc left JOIN `dede_arctype` tp ON arc.typeID=tp.ID WHERE arc.ID IN($aIDs) ORDER BY ID DESC liMIT $tpp");
$this->db->Execute();
while($row = $this->db->GetArray())
{
$row['url'] = GetfileUrl($row['ID'],$row['typeID'],$row['senddate'],$row['Title'],$row['ismake'],$row['arcrank'],$row['namerule'],$row['typedir'],$row['money'],$row['filename'],$row['moresite'],$row['siteurl'],$row['sitepath']); $row['url'] = !ereg('http:',$row['url']) ? $GLOBALS['cfg_basehost'].$row['url'] : $row['url'];
if(!empty($row['url']))
{
$archives_List[] = array('Title' => $row['Title'],'writer' => $row['writer'],'pubdate' => $row['pubdate'],'url' => $row['url']);
}
} $return = array($name,$archives_List);
return $this->_serialize($return,1);
} function synlogin($get,$post)
{
$uID = $get['uID'];
$username = $get['username'];
if(!API_SYNLOGIN)
{
return API_RETURN_FORBIDDEN;
} //note 同步登录 API 接口
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
$result = $this->db->Getone("SELECT mID,pwd FROM `dede_member` WHERE `userID` like '$username' AND matt<>10");
if(is_array($result))
{
include_once DEDEINC.'/memberlogin.class.PHP';
$cfg_ml = new MemberLogin(86400);
$cfg_ml->PutLoginInfo($result['mID']);
}
else
{
//如果没有激活,则自动添加该用户到数据库,并设置已激活状态的cookie
//会员的默认金币
$dfscores = 0;
$dfmoney = 0;
$dfrank = $this->db->Getone("Select money,scores From `dede_arcrank` where rank='10' ");
if(is_array($dfrank))
{
$dfmoney = $dfrank['money'];
$dfscores = $dfrank['scores'];
}
$jointime = time();
$logintime = time();
$joinip = $get['regip'];
$loginip = $get['regip'];
$pwd = $get['password'];
$spaceSta = ($cfg_mb_spacesta < 0 ? $cfg_mb_spacesta : 0);
$mtype='个人';
$email=$get['email'];
$inquery = "INSERT INTO `dede_member` (`mtype`,`userID`,`pwd`,`uname`,`sex`,`rank`,`money`,`email`,`scores`,
`matt`,`spacesta`,`face`,`safequestion`,`safeanswer`,`jointime`,`joinip`,`logintime`,`loginip` )
VALUES ('$mtype','$username','$pwd','保密','10','$dfmoney','$email','$dfscores',
'0','$spaceSta','','$jointime','$joinip','$logintime','$loginip'); ";
if($this->db->ExecuteNonequery($inquery))
{
$mID = $this->db->GetLastID();
//写入默认会员详细资料
$space='person';
//写入默认统计数据
$membertjquery = "INSERT INTO `dede_member_tj` (`mID`,`article`,`album`,`archives`,`homecount`,`pagecount`,`Feedback`,`frIEnd`,`stow`)
VALUES ('$mID','0','0'); ";
$this->db->ExecuteNonequery($membertjquery);
//写入默认空间配置数据
$spacequery = "Insert Into `dede_member_space`(`mID`,`pagesize`,`matt`,`spacename`,`spacelogo`,`spacestyle`,`sign`,`spacenews`)
Values('$mID','$username的空间','$space',''); ";
$this->db->ExecuteNonequery($spacequery);
//写入其它默认数据
$this->db->ExecuteNonequery("INSERT INTO `dede_member_flink`(mID,Title,url) VALUES('$mID','织梦内容管理系统','http://www.Dedecms.com'); ");
include_once DEDEINC.'/membermodel.cls.PHP';
$membermodel = new membermodel($mtype);
$modID=$membermodel->modID;
$modelform = $this->db->getone("select * from dede_member_model where ID='$modID' ");
$this->db->ExecuteNonequery("INSERT INTO `{$membermodel->table}` (`mID`) VALUES ('$mID');");
//----------------------------------------------
//模拟登录
//---------------------------
include_once DEDEINC.'/memberlogin.class.PHP';
$cfg_ml = new MemberLogin(7*3600);
$cfg_ml->PutLoginInfo($mID);
}
}
} function synlogout($get,$post)
{
if(!API_SYNlogoUT)
{
return API_RETURN_FORBIDDEN;
} //note 同步登出 API 接口
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
include_once DEDEINC.'/memberlogin.class.PHP';
$cfg_ml = new MemberLogin();
$cfg_ml->Exitcookie();
} function updatepw($get,$post)
{
if(!API_UPDATEPW)
{
return API_RETURN_FORBIDDEN;
}
$username = $get['username'];
$password = $get['password'];
//note 修改密码 API 接口
$newpw = md5($password);
$this->db->ExecuteNonequery("UPDATE `dede_member` SET `pwd`='$newpw' WHERE `userID`='$username'");
return API_RETURN_SUCCEED;
} function updatebaDWords($get,$post)
{
if(!API_UPDATEBADWORDS)
{
return API_RETURN_FORBIDDEN;
} $row = $this->db->Getone("SELECT `value` FROM `dede_sysconfig` WHERE `varname`='cfg_replacestr'");
$baDWords = isset($row['value']) ? explode(",$row['value']) : array();
if(is_array($post))
{
foreach($post as $k => $v)
{
if(in_array($v['find'],$baDWords)) continue;
$baDWords[] = $v['find'];
}
} $baDWords_comma = !empty($baDWords) ? implode(",$baDWords) : '';
$this->db->ExecuteNonequery("UPDATE `dede_sysconfig` SET `value`='$baDWords_comma' WHERE `varname`='cfg_replacestr'");
$cachefile = DEDEDATA.'/config.cache.inc.PHP';
if(!is_writeable($cachefile))
{
return API_RETURN_FORBIDDEN;
} $fp = fopen($cachefile,'w');
$this->db->Setquery("SELECT `varname`,`type`,`value`,`groupID` From `dede_sysconfig` order by aID asc ");
$this->db->Execute();
$s = ' while($row = $this->db->GetArray())
{
$s .= '$'.$row['varname'].' = '.($row['type']=='number' ? $row['value'] : "'".str_replace("'",$row['value'])."'").";\r\n";
}
$s .= '?>';
fwrite($fp,$s);
fclose($fp);
return API_RETURN_SUCCEED;
} function updatehosts($get,$post)
{
if(!API_UPDATEHOSTS)
{
return API_RETURN_FORBIDDEN;
}
//note 理新HOST缓存 API 接口
$cachefile = UC_CLIENT_ROOT.'/data/cache/hosts.PHP';
$fp = fopen($cachefile,'w');
$s = " $s .= '$_CACHE[\'hosts\'] = '.var_export($post,TRUE).";\r\n";
fwrite($fp,$s);
fclose($fp);
return API_RETURN_SUCCEED;
} function updateapps($get,$post)
{
if(!API_UPDATEAPPS)
{
return API_RETURN_FORBIDDEN;
}
$UC_API = $post['UC_API']; //note 写 app 缓存文件
$cachefile = UC_CLIENT_ROOT.'/data/cache/apps.PHP';
$fp = fopen($cachefile,'w');
$s = " $s .= '$_CACHE[\'apps\'] = '.var_export($post,$s);
fclose($fp); return API_RETURN_SUCCEED;
} function updateclIEnt($get,$post)
{
if(!API_UPDATECLIENT)
{
return API_RETURN_FORBIDDEN;
}
$cachefile = UC_CLIENT_ROOT.'/data/cache/settings.PHP';
$fp = fopen($cachefile,'w');
$s = ' $s .= '$_CACHE[\'settings\'] = '.var_export($post,$s);
fclose($fp);
return API_RETURN_SUCCEED;
} function updatecredit($get,$post)
{
if(!API_UPDATECREDIT)
{
return API_RETURN_FORBIDDEN;
}
/*
note 更新积分
discuz 默认8个积分表达,而Dedecms只有一个积分字段,scores.注意money不能做积分来用.
extcredits1 extcredits2 extcredits3 extcredits4 extcredits5 extcredits6 extcredits7 extcredits8
*/
$credit = intval($get['credit']);
$fileds = $credit > 1 ? 'money' : 'scores';
$amount = $get['amount'];
$uID = $get['uID'];
include UC_CLIENT_ROOT.'/clIEnt.PHP';
$data = uc_get_user($uID,1);
$username = $data[1];
$result = $this->db->Getone("SELECT mID FROM `dede_member` WHERE userID='$username'");
if(is_array($result))
{
$this->db->ExecuteNonequery("UPDATE `dede_member` SET `$fileds`=`$fileds`+'$amount' WHERE mID='$result[mID]'");
}
return API_RETURN_SUCCEED;
} function getcredit($get,$post)
{
if(!API_GETCREDIT)
{
return API_RETURN_FORBIDDEN;
}
include UC_CLIENT_ROOT.'/clIEnt.PHP';
$data = uc_get_user($uID,1);
$username = $data[1];
$credit = intval($get['credit']);
$fileds = $credit > 1 ? 'money' : 'scores';
$result = $this->db->Getone("SELECT `$fileds` AS credit FROM `dede_member` WHERE userID='$username'");
echo is_array($result) ? $result['credit'] : 0;
} function getcreditsettings($get,$post)
{
if(!API_GETCREDITSETTINGS)
{
return API_RETURN_FORBIDDEN;
}
//这里支持Dedecms积分,金币设置
$credits[1] = array(strip_Tags('积分'),'分');
$credits[2] = array(strip_Tags('金币'),'枚');
return $this->_serialize($credits);
} function updatecreditsettings($get,$post)
{
if(!API_UPDATECREDITSETTINGS)
{
return API_RETURN_FORBIDDEN;
}
$credit = $get['credit'];
$outextcredits = array();
if($credit && is_array($credit)) {
foreach($credit as $appID => $credititems) {
foreach($credititems as $value) {
if($value['appIDdesc']!=UC_APPID) continue;
$outextcredits[$appID][] = array(
'appIDdesc' => $value['appIDdesc'],
'creditdesc' => $value['creditdesc'],
'creditsrc' => $value['creditsrc'],
'Title' => $value['Title'],
'unit' => $value['unit'],
'ratiosrc' => $value['ratiosrc'],
'ratiodesc' => $value['ratiodesc'],
'ratio' => $value['ratio']
);
}
}
}
$_CACHE = " $fp = @fopen(DEDEDATA.'/credits.inc.PHP','w');
@fwrite($fp,$_CACHE);
@fclose($fp);
return API_RETURN_SUCCEED;
}
}
function _authcode($string,$operation = 'DECODE',$key = '',$expiry = 0) {
$ckey_length = 4; $key = md5($key ? $key : UC_KEY);
$keya = md5(substr($key,16));
$keyb = md5(substr($key,16,16));
$keyc = $ckey_length ? ($operation == 'DECODE' ? substr($string,$ckey_length): substr(md5(microtime()),-$ckey_length)) : ''; $cryptkey = $keya.md5($keya.$keyc);
$key_length = strlen($cryptkey); $string = $operation == 'DECODE' ? base64_decode(substr($string,$ckey_length)) : sprintf('%010d',$expiry ? $expiry + time() : 0).substr(md5($string.$keyb),16).$string;
$string_length = strlen($string); $result = '';
$Box = range(0,255); $rndkey = array();
for($i = 0; $i <= 255; $i++) {
$rndkey[$i] = ord($cryptkey[$i % $key_length]);
} for($j = $i = 0; $i < 256; $i++) {
$j = ($j + $Box[$i] + $rndkey[$i]) % 256;
$tmp = $Box[$i];
$Box[$i] = $Box[$j];
$Box[$j] = $tmp;
} for($a = $j = $i = 0; $i < $string_length; $i++) {
$a = ($a + 1) % 256;
$j = ($j + $Box[$a]) % 256;
$tmp = $Box[$a];
$Box[$a] = $Box[$j];
$Box[$j] = $tmp;
$result .= chr(ord($string[$i]) ^ ($Box[($Box[$a] + $Box[$j]) % 256]));
} if($operation == 'DECODE') {
if((substr($result,10) == 0 || substr($result,10) - time() > 0) && substr($result,10,16) == substr(md5(substr($result,26).$keyb),16)) {
return substr($result,26);
} else {
return '';
}
} else {
return $keyc.str_replace('=',base64_encode($result));
} } function _stripslashes($string) {
if(is_array($string)) {
foreach($string as $key => $val) {
$string[$key] = _stripslashes($val);
}
} else {
$string = stripslashes($string);
}
return $string;
} ?> |
微信扫一扫
支付宝扫一扫
评论列表(0条)