306 lines
11 KiB
PHP
306 lines
11 KiB
PHP
|
<?php
|
||
|
|
||
|
/**
|
||
|
* [Discuz!] (C)2001-2099 Comsenz Inc.
|
||
|
* This is NOT a freeware, use is subject to license terms
|
||
|
*
|
||
|
* $Id: wechat.inc.php 35958 2016-05-24 02:34:37Z nemohou $
|
||
|
*/
|
||
|
if (!defined('IN_DISCUZ')) {
|
||
|
exit('Access Denied');
|
||
|
}
|
||
|
|
||
|
$_G['wechat']['setting'] = unserialize($_G['setting']['mobilewechat']);
|
||
|
define('IN_WECHAT', strpos($_SERVER['HTTP_USER_AGENT'], 'MicroMessenger') !== false);
|
||
|
|
||
|
require_once DISCUZ_ROOT . './source/plugin/wechat/wechat.lib.class.php';
|
||
|
require_once DISCUZ_ROOT . './source/plugin/wechat/wechat.class.php';
|
||
|
require_once DISCUZ_ROOT . './source/plugin/wechat/wsq.class.php';
|
||
|
require_once DISCUZ_ROOT . './source/discuz_version.php';
|
||
|
|
||
|
list($openid, $sid) = explode("\t", authcode(base64_decode($_GET['key']), 'DECODE', $_G['config']['security']['authkey']));
|
||
|
$keyenc = urlencode($_GET['key']);
|
||
|
|
||
|
$ac = $_GET['ac'] ? $_GET['ac'] : 'bind';
|
||
|
if($_GET['fromapp'] == 'index') {
|
||
|
$op = 'access';
|
||
|
} else {
|
||
|
$op = $_GET['op'];
|
||
|
}
|
||
|
|
||
|
$preferer = parse_url($_GET['referer']);
|
||
|
if(!$preferer['host'] || $preferer['host'] != 'wsq.discuz.com' && $preferer['host'] != 'wsq.discuz.qq.com') {
|
||
|
$_GET['referer'] = '';
|
||
|
}
|
||
|
|
||
|
$selfurl = $_G['siteurl'].'plugin.php?id=wechat&mobile=2&key='.$keyenc.($_GET['referer'] ? '&referer='.urlencode($_GET['referer']) : '').($_GET['username'] ? '&username='.urlencode($_GET['username']) : '').'&ac=';
|
||
|
|
||
|
if(!$_G['wechat']['setting']['wechat_qrtype'] && IN_WECHAT && !$openid) {
|
||
|
if($_G['wechat']['setting']['wechat_mtype'] != 2) {
|
||
|
if(!empty($_G['cookie']['wechatopenid'])) {
|
||
|
$openid = authcode($_G['cookie']['wechatopenid'], 'DECODE', $_G['config']['security']['authkey']);
|
||
|
}
|
||
|
if(!$openid) {
|
||
|
showmessage('wechat:wechat_undefined');
|
||
|
}
|
||
|
} else {
|
||
|
$wechat_client = new WeChatClient($_G['wechat']['setting']['wechat_appId'], $_G['wechat']['setting']['wechat_appsecret']);
|
||
|
$openid = !empty($_G['cookie']['wechatopenid']) ? authcode($_G['cookie']['wechatopenid'], 'DECODE', $_G['config']['security']['authkey']) : '';
|
||
|
if(!$openid) {
|
||
|
if(empty($_GET['oauth'])) {
|
||
|
$redirect_uri = $wechat_client->getOauthConnectUri($selfurl.$ac.'&oauth=yes');
|
||
|
dheader('location: '.$redirect_uri);
|
||
|
} else {
|
||
|
$tockeninfo = $wechat_client->getAccessTokenByCode($_GET['code']);
|
||
|
$openid = $tockeninfo['openid'];
|
||
|
dsetcookie('wechatopenid', authcode($openid, 'ENCODE', $_G['config']['security']['authkey']), 86400);
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
} elseif($openid) {
|
||
|
dsetcookie('wechatopenid', authcode($openid, 'ENCODE', $_G['config']['security']['authkey']), 86400);
|
||
|
}
|
||
|
|
||
|
wsq::report('loginevent');
|
||
|
|
||
|
require_once libfile('function/member');
|
||
|
|
||
|
if($openid) {
|
||
|
if($ac == 'qqbind') {
|
||
|
WeChatHook::bindOpenId($_G['uid'], $openid);
|
||
|
wsq::report('bind');
|
||
|
$ac = 'bind';
|
||
|
}
|
||
|
$wechatuser = C::t('#wechat#common_member_wechat')->fetch_by_openid($openid);
|
||
|
if(!$wechatuser) {
|
||
|
if($_G['uid']) {
|
||
|
clearcookies();
|
||
|
dheader('location: '. $selfurl.$ac);
|
||
|
}
|
||
|
if($_G['wechat']['setting']['wechat_allowregister'] && $_G['wechat']['setting']['wechat_allowfastregister'] && $_G['wechat']['setting']['wechat_mtype'] == 2) {
|
||
|
$authcode = C::t('#wechat#mobile_wechat_authcode')->fetch($sid);
|
||
|
$uid = WeChat::register(WeChat::getnewname($openid), 1);
|
||
|
if($uid) {
|
||
|
WeChatHook::bindOpenId($uid, $openid, 1);
|
||
|
if($sid) {
|
||
|
C::t('#wechat#mobile_wechat_authcode')->update($sid, array('uid' => $uid, 'status' => 1));
|
||
|
}
|
||
|
}
|
||
|
wsq::report('register');
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
if($op == 'access') {
|
||
|
$redirect = WeChat::redirect();
|
||
|
if($redirect) {
|
||
|
dheader('location: '.$redirect);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
if($sid) {
|
||
|
$authcode = C::t('#wechat#mobile_wechat_authcode')->fetch($sid);
|
||
|
|
||
|
if($authcode) {
|
||
|
if($_GET['confirm'] == 'delete') {
|
||
|
C::t('#wechat#mobile_wechat_authcode')->delete($authcode['sid']);
|
||
|
wechat_setloginstatus($authcode['uid'], false);
|
||
|
include template('wechat:wechat_bind_confirm');
|
||
|
exit;
|
||
|
}
|
||
|
if($wechatuser && !$authcode['uid']) {
|
||
|
$member = getuserbyuid($wechatuser['uid'], 1);
|
||
|
if(empty($_GET['confirm']) && (!$_G['wechat']['setting']['wechat_confirmtype'] && $member['adminid'] > 0 || $_G['wechat']['setting']['wechat_confirmtype'] == 1)) {
|
||
|
wsq::report('showauthorized');
|
||
|
include template('wechat:wechat_bind_confirm');
|
||
|
exit;
|
||
|
}
|
||
|
setloginstatus($member, 1296000);
|
||
|
C::t('#wechat#mobile_wechat_authcode')->update($sid, array('uid' => $wechatuser['uid'], 'status' => 1));
|
||
|
wechat_setloginstatus($wechatuser['uid'], true);
|
||
|
wsq::report('authorized');
|
||
|
} elseif($authcode['uid']) {
|
||
|
$member = getuserbyuid($authcode['uid'], 1);
|
||
|
if(empty($_GET['confirm']) && (!$_G['wechat']['setting']['wechat_confirmtype'] && $member['adminid'] > 0 || $_G['wechat']['setting']['wechat_confirmtype'] == 1)) {
|
||
|
wsq::report('showauthorized');
|
||
|
include template('wechat:wechat_bind_confirm');
|
||
|
exit;
|
||
|
}
|
||
|
if($wechatuser) {
|
||
|
C::t('#wechat#common_member_wechat')->delete($wechatuser['uid']);
|
||
|
wsq::report('unbind');
|
||
|
}
|
||
|
setloginstatus($member, 1296000);
|
||
|
C::t('#wechat#mobile_wechat_authcode')->update($sid, array('status' => 1));
|
||
|
WeChatHook::bindOpenId($authcode['uid'], $openid);
|
||
|
wsq::report('bind');
|
||
|
$wechatuser = C::t('#wechat#common_member_wechat')->fetch_by_openid($openid);
|
||
|
wechat_setloginstatus($authcode['uid'], true);
|
||
|
wsq::report('authorized');
|
||
|
}
|
||
|
}
|
||
|
} elseif($wechatuser) {
|
||
|
$member = getuserbyuid($wechatuser['uid'], 1);
|
||
|
setloginstatus($member, 1296000);
|
||
|
wechat_setloginstatus($wechatuser['uid'], true);
|
||
|
}
|
||
|
|
||
|
if($ac == 'bind' && $_G['wechat']['setting']['wechat_qrtype']) {
|
||
|
if(!$_G['uid'] && IN_WECHAT && $_G['wechat']['setting']['wechat_allowfastregister']) {
|
||
|
$ac = 'wxregister';
|
||
|
}
|
||
|
list($_GET['username'], $wxopenid) = explode("\t", base64_decode($_GET['username']));
|
||
|
$_GET['username'] = substr(WeChatEmoji::clear($_GET['username']), 0, 15);
|
||
|
}
|
||
|
|
||
|
if($ac == 'bind') {
|
||
|
define('IN_MOBILE', 2);
|
||
|
|
||
|
if($_G['wechat']['setting']['wechat_qrtype'] && $_GET['referer']) {
|
||
|
$_GET['referer'] = str_replace('&state=siteregister', '&state=backlogin', $_GET['referer']);
|
||
|
dheader('location: '.$_GET['referer']);
|
||
|
}
|
||
|
|
||
|
if($_G['wechat']['setting']['wechat_mtype'] == 2) {
|
||
|
$defaultusername = WeChat::getnewname($openid);
|
||
|
} else {
|
||
|
$defaultusername = $_G['wechat']['setting']['wechat_qrtype'] ? $_GET['username'] : 'wx_'.random(5);
|
||
|
}
|
||
|
$defaultusername = htmlspecialchars($defaultusername);
|
||
|
|
||
|
$connecturl = $_G['setting']['connect']['allow'] && !$_G['setting']['bbclosed'] ? $_G['siteurl'].'connect.php?mod=login&op=init&referer='.urlencode($selfurl.'qqbind').'&statfrom=login_simple' : '';
|
||
|
|
||
|
if(IN_WECHAT) {
|
||
|
if(!$_G['uid']) {
|
||
|
include template('wechat:wechat_bind');
|
||
|
} else {
|
||
|
$redirect = WeChat::redirect();
|
||
|
if($redirect) {
|
||
|
dheader('location: '.$redirect);
|
||
|
} else {
|
||
|
dheader('location: '.$_G['siteurl']);
|
||
|
}
|
||
|
}
|
||
|
} else {
|
||
|
dheader('location: '.$_G['siteurl'].'member.php?mod=logging&action=login&referer='.dreferer());
|
||
|
}
|
||
|
} elseif($ac == 'login' && submitcheck('submit')) {
|
||
|
if(!($loginperm = logincheck($_GET['username']))) {
|
||
|
showmessage('login_strike');
|
||
|
}
|
||
|
|
||
|
if(!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) {
|
||
|
showmessage('profile_passwd_illegal');
|
||
|
}
|
||
|
|
||
|
if(DISCUZ_VERSION < 'X3.0') {
|
||
|
$_GET['username'] = WeChatEmoji::clear($_GET['username']);
|
||
|
}
|
||
|
$result = userlogin($_GET['username'], $_GET['password'], $_GET['questionid'], $_GET['answer'], $_G['setting']['autoidselect'] ? 'auto' : $_GET['loginfield'], $_G['clientip']);
|
||
|
|
||
|
if($result['status'] <= 0) {
|
||
|
loginfailed($_GET['username']);
|
||
|
failedip();
|
||
|
showmessage('login_invalid', '', array('loginperm' => $loginperm - 1));
|
||
|
}
|
||
|
|
||
|
if(!$_G['wechat']['setting']['wechat_qrtype']) {
|
||
|
if($wechatuser) {
|
||
|
if($result['member']['uid'] != $wechatuser['uid']) {
|
||
|
showmessage('wechat:wechat_openid_exists');
|
||
|
}
|
||
|
wechat_setloginstatus($result['member']['uid'], true);
|
||
|
} else {
|
||
|
WeChatHook::bindOpenId($result['member']['uid'], $openid);
|
||
|
wsq::report('bind');
|
||
|
}
|
||
|
setloginstatus($result['member'], 1296000);
|
||
|
|
||
|
showmessage('wechat:wechat_member_bind_succeed', $selfurl.'bind');
|
||
|
} else {
|
||
|
C::t('#wechat#common_member_wechatmp')->insert(array('uid' => $result['member']['uid'], 'openid' => $_GET['wxopenid'], 'status' => 1), false, true);
|
||
|
wsq::report('bind');
|
||
|
$url = wsq::wxuserregisterUrl($result['member']['uid']);
|
||
|
showmessage('wechat:wechat_member_bind_succeed', $url);
|
||
|
}
|
||
|
} elseif(($ac == 'register' && submitcheck('submit') || $ac == 'wxregister') && $_G['wechat']['setting']['wechat_allowregister']) {
|
||
|
if($wechatuser) {
|
||
|
showmessage('wechat:wechat_openid_exists');
|
||
|
} else {
|
||
|
if($_G['wechat']['setting']['wechat_qrtype']) {
|
||
|
$mpmember = C::t('#wechat#common_member_wechatmp')->fetch_by_openid($wxopenid ? $wxopenid : $_GET['wxopenid']);
|
||
|
$mpmembers = C::t('common_member')->fetch_all(array_keys($mpmember));
|
||
|
if ($mpmembers) {
|
||
|
$memberfirst = array_shift($mpmembers);
|
||
|
$member = getuserbyuid($memberfirst['uid'], 1);
|
||
|
if($member) {
|
||
|
setloginstatus($member, 1296000);
|
||
|
$url = wsq::wxuserregisterUrl($memberfirst['uid']);
|
||
|
if ($ac == 'wxregister') {
|
||
|
dheader('location: ' . $url);
|
||
|
} else {
|
||
|
showmessage('wechat:wechat_member_register_succeed', $url);
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
if(DISCUZ_VERSION < 'X3.0' && $_G['inajax']) {
|
||
|
$_GET['username'] = WeChatEmoji::clear($_GET['username']);
|
||
|
}
|
||
|
if($ac == 'wxregister') {
|
||
|
loaducenter();
|
||
|
$user = uc_get_user($_GET['username']);
|
||
|
if(!empty($user)) {
|
||
|
$_GET['username'] = cutstr($_GET['username'], 7, '').'_'.random(5);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
$uid = WeChat::register($_GET['username'], $ac == 'wxregister');
|
||
|
|
||
|
if($uid && $_GET['avatar']) {
|
||
|
WeChat::syncAvatar($uid, $_GET['avatar']);
|
||
|
}
|
||
|
|
||
|
if(!$_G['wechat']['setting']['wechat_qrtype']) {
|
||
|
WeChatHook::bindOpenId($uid, $openid, 1);
|
||
|
wsq::report('register');
|
||
|
showmessage('wechat:wechat_member_register_succeed', $selfurl.'bind&confirm=yes');
|
||
|
} else {
|
||
|
C::t('#wechat#common_member_wechatmp')->insert(array('uid' => $uid, 'openid' => $wxopenid ? $wxopenid : $_GET['wxopenid'], 'status' => 0), false, true);
|
||
|
wsq::report('register');
|
||
|
$url = wsq::wxuserregisterUrl($uid);
|
||
|
if($ac == 'wxregister') {
|
||
|
dheader('location: '.$url);
|
||
|
} else {
|
||
|
showmessage('wechat:wechat_member_register_succeed', $url);
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
} elseif($ac == 'logout') {
|
||
|
if($_GET['hash'] == formhash()) {
|
||
|
wechat_setloginstatus($_G['uid'], false);
|
||
|
clearcookies();
|
||
|
}
|
||
|
mobile_core::result(array());
|
||
|
} elseif($ac == 'unbind') {
|
||
|
if($_GET['hash'] == formhash()) {
|
||
|
if($wechatuser) {
|
||
|
C::t('#wechat#common_member_wechat')->delete($wechatuser['uid']);
|
||
|
wsq::report('unbind');
|
||
|
}
|
||
|
clearcookies();
|
||
|
}
|
||
|
mobile_core::result(array());
|
||
|
} elseif($ac == 'unbindmp') {
|
||
|
if($_G['wechat']['setting']['wechat_qrtype'] && $_GET['hash'] == formhash()) {
|
||
|
C::t('#wechat#common_member_wechatmp')->delete($_GET['uid']);
|
||
|
}
|
||
|
mobile_core::result(array());
|
||
|
} else {
|
||
|
showmessage('undefined_action');
|
||
|
}
|
||
|
|
||
|
function wechat_setloginstatus($uid, $login) {
|
||
|
C::t('#wechat#common_member_wechat')->update($uid, array('status' => $login ? 2 : 1));
|
||
|
}
|