PageRenderTime 42ms CodeModel.GetById 17ms RepoModel.GetById 0ms app.codeStats 0ms

/source/plugin/qqconnect/connect/connect_config.php

https://github.com/jinbo51/DiscuzX
PHP | 156 lines | 121 code | 29 blank | 6 comment | 44 complexity | 3f730ee75fb1ee32b5d3cd2345f9c4d1 MD5 | raw file
Possible License(s): BSD-3-Clause
  1. <?php
  2. /**
  3. * [Discuz!] (C)2001-2099 Comsenz Inc.
  4. * This is NOT a freeware, use is subject to license terms
  5. *
  6. * $Id: connect_config.php 32901 2013-03-21 08:54:21Z liulanbo $
  7. */
  8. if(!defined('IN_DISCUZ')) {
  9. exit('Access Denied');
  10. }
  11. if(empty($_G['uid'])) {
  12. showmessage('to_login', '', array(), array('showmsg' => true, 'login' => 1));
  13. }
  14. $op = !empty($_GET['op']) ? $_GET['op'] : '';
  15. $referer = dreferer();
  16. if(submitcheck('connectsubmit')) {
  17. if($op == 'config') { // debug 修改QQ绑定设置
  18. $ispublisht = !empty($_GET['ispublisht']) ? 1 : 0;
  19. C::t('#qqconnect#common_member_connect')->update($_G['uid'],
  20. array(
  21. 'conispublisht' => $ispublisht,
  22. )
  23. );
  24. if (!$ispublisht) {
  25. dsetcookie('connect_synpost_tip');
  26. }
  27. showmessage('qqconnect:connect_config_success', $referer);
  28. } elseif($op == 'unbind') {
  29. $connect_member = C::t('#qqconnect#common_member_connect')->fetch($_G['uid']);
  30. $_G['member'] = array_merge($_G['member'], $connect_member);
  31. if ($connect_member['conuinsecret']) {
  32. if($_G['member']['conisregister']) {
  33. if($_G['setting']['strongpw']) {
  34. $strongpw_str = array();
  35. if(in_array(1, $_G['setting']['strongpw']) && !preg_match("/\d+/", $_GET['newpassword1'])) {
  36. $strongpw_str[] = lang('member/template', 'strongpw_1');
  37. }
  38. if(in_array(2, $_G['setting']['strongpw']) && !preg_match("/[a-z]+/", $_GET['newpassword1'])) {
  39. $strongpw_str[] = lang('member/template', 'strongpw_2');
  40. }
  41. if(in_array(3, $_G['setting']['strongpw']) && !preg_match("/[A-Z]+/", $_GET['newpassword1'])) {
  42. $strongpw_str[] = lang('member/template', 'strongpw_3');
  43. }
  44. if(in_array(4, $_G['setting']['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['newpassword1'])) {
  45. $strongpw_str[] = lang('member/template', 'strongpw_4');
  46. }
  47. if($strongpw_str) {
  48. showmessage(lang('member/template', 'password_weak').implode(',', $strongpw_str));
  49. }
  50. }
  51. if($_GET['newpassword1'] !== $_GET['newpassword2']) {
  52. showmessage('profile_passwd_notmatch', $referer);
  53. }
  54. if(!$_GET['newpassword1'] || $_GET['newpassword1'] != addslashes($_GET['newpassword1'])) {
  55. showmessage('profile_passwd_illegal', $referer);
  56. }
  57. }
  58. $connectService->connectUserUnbind();
  59. } else { // debug 因为老用户access token等信息,所以没法通知connect,所以直接在本地解绑就行了,不fopen connect
  60. if($_G['member']['conisregister']) {
  61. if($_GET['newpassword1'] !== $_GET['newpassword2']) {
  62. showmessage('profile_passwd_notmatch', $referer);
  63. }
  64. if(!$_GET['newpassword1'] || $_GET['newpassword1'] != addslashes($_GET['newpassword1'])) {
  65. showmessage('profile_passwd_illegal', $referer);
  66. }
  67. }
  68. }
  69. C::t('#qqconnect#common_member_connect')->delete($_G['uid']);
  70. C::t('common_member')->update($_G['uid'], array('conisbind' => 0));
  71. C::t('#qqconnect#connect_memberbindlog')->insert(
  72. array(
  73. 'uid' => $_G['uid'],
  74. 'uin' => $_G['member']['conopenid'],
  75. 'type' => 2,
  76. 'dateline' => $_G['timestamp'],
  77. )
  78. );
  79. if($_G['member']['conisregister']) {
  80. loaducenter();
  81. uc_user_edit(addslashes($_G['member']['username']), null, $_GET['newpassword1'], null, 1);
  82. }
  83. foreach($_G['cookie'] as $k => $v) {
  84. dsetcookie($k);
  85. }
  86. $_G['uid'] = $_G['adminid'] = 0;
  87. $_G['username'] = $_G['member']['password'] = '';
  88. showmessage('qqconnect:connect_config_unbind_success', 'member.php?mod=logging&action=login');
  89. }
  90. } else {
  91. if($_G[inajax] && $op == 'synconfig') {
  92. C::t('#qqconnect#common_member_connect')->update($_G['uid'],
  93. array(
  94. 'conispublisht' => 0,
  95. )
  96. );
  97. dsetcookie('connect_synpost_tip');
  98. } elseif($op == 'weibosign') {
  99. if($_GET['hash'] != formhash()) {
  100. showmessage('submit_invalid');
  101. }
  102. $connectService = Cloud::loadClass('Service_Connect');
  103. $connectService->connectMergeMember();
  104. if($_G['member']['conuin'] && $_G['member']['conuinsecret']) {
  105. $arr = array();
  106. $arr['oauth_consumer_key'] = $_G['setting']['connectappid'];
  107. $arr['oauth_nonce'] = mt_rand();
  108. $arr['oauth_timestamp'] = TIMESTAMP;
  109. $arr['oauth_signature_method'] = 'HMAC_SHA1';
  110. $arr['oauth_token'] = $_G['member']['conuin'];
  111. ksort($arr);
  112. $arr['oauth_signature'] = $connectService->connectGetOauthSignature('http://api.discuz.qq.com/connect/getSignature', $arr, 'GET', $_G['member']['conuinsecret']);
  113. $arr['version'] = 'qzone1.0';
  114. $utilService = Cloud::loadClass('Service_Util');
  115. $result = $connectService->connectOutputPhp('http://api.discuz.qq.com/connect/getSignature?' . $utilService->httpBuildQuery($arr, '', '&'));
  116. if ($result['status'] == 0) {
  117. $connectService->connectAjaxOuputMessage('[wb=' . $result['result']['username'] . ']' . $result['result']['signature_url'] . '[/wb]', 0);
  118. } else {
  119. $connectService->connectAjaxOuputMessage('connect_wbsign_no_account', $result['status']);
  120. }
  121. } else {
  122. $connectService->connectAjaxOuputMessage('connect_wbsign_no_bind', -1);
  123. }
  124. } else {
  125. dheader('location: home.php?mod=spacecp&ac=plugin&id=qqconnect:spacecp');
  126. }
  127. }