Inicio Explorar Ayuda
Registro Iniciar sesión
zhengchengwu
/
renren
Seguir 1
Destacar 0
Fork 0
Código Incidencias 0 Peticiones pull 0 Lanzamientos 0 Wiki Activity
人人商城
11 Commits
1 Ramas
Rama: master
Ramas Etiquetas
${ item.name }
Crear rama ${ searchTerm }
desde 'master'
${ noResults }
renren/app/source/auth/session.ctrl.php

session.ctrl.php 4.5KB
Enlace permanente Histórico Original

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140 
  1. <?php

  2. /**

  3.  * [WeEngine System] Copyright (c) 2014 WE7.CC

  4.  * WeEngine is NOT a free software, it under the license terms, visited http://www.we7.cc/ for more details.

  5.  */

  6. 

  7. defined('IN_IA') or exit('Access Denied');

  8. 

  9. load()->model('mc');

  10. 

  11. $dos = array('openid', 'userinfo', 'check');

  12. $do = in_array($do, $dos) ? $do : 'openid';

  13. 

  14. $account_api = WeAccount::create();

  15. if ($do == 'openid') {

  16. 	

  17. 	$code = $_GPC['code'];

  18. 	$openid = $_GPC['openid'];

  19. 	

  20. 	if (empty($openid) && !empty($_W['openid'])) {

  21. 		$openid = $_W['openid'];

  22. 	}

  23. 	

  24. 	if (empty($_W['account']['oauth']) || (empty($code) && empty($openid))) {

  25. 		exit('通信错误,请在微信中重新发起请求');

  26. 	}

  27. 	

  28. 	if (!empty($openid)) {

  29. 		$_SESSION['openid'] = $oauth['openid'];

  30. 		$fans = mc_fansinfo($openid);

  31. 		if (!empty($fans)) {

  32. 			$account_api->result(0, '', array('sessionid' => $_W['session_id'], 'userinfo' => $fans));

  33. 		} else {

  34. 			$account_api->result(1, 'openid不存在');

  35. 		}

  36. 	}

  37. 	$oauth = $account_api->getOauthInfo($code);

  38. 	if (!empty($oauth) && !is_error($oauth)) {

  39. 		$_SESSION['openid'] = $oauth['openid'];

  40. 		$_SESSION['session_key'] = $oauth['session_key'];

  41. 				$fans = mc_fansinfo($oauth['openid']);

  42. 		if (empty($fans)) {

  43. 			$record = array(

  44. 				'openid' => $oauth['openid'],

  45. 				'uid' => 0,

  46. 				'acid' => $_W['acid'],

  47. 				'uniacid' => $_W['uniacid'],

  48. 				'salt' => random(8),

  49. 				'updatetime' => TIMESTAMP,

  50. 				'nickname' => '',

  51. 				'follow' => '1',

  52. 				'followtime' => TIMESTAMP,

  53. 				'unfollowtime' => 0,

  54. 				'tag' => '',

  55. 			);

  56. 			$email = md5($oauth['openid']).'@we7.cc';

  57. 			$email_exists_member = pdo_getcolumn('mc_members', array('email' => $email), 'uid');

  58. 			if (!empty($email_exists_member)) {

  59. 				$uid = $email_exists_member;

  60. 			} else {

  61. 				$default_groupid = pdo_fetchcolumn('SELECT groupid FROM ' .tablename('mc_groups') . ' WHERE uniacid = :uniacid AND isdefault = 1', array(':uniacid' => $_W['uniacid']));

  62. 				$data = array(

  63. 					'uniacid' => $_W['uniacid'],

  64. 					'email' => $email,

  65. 					'salt' => random(8),

  66. 					'groupid' => $default_groupid,

  67. 					'createtime' => TIMESTAMP,

  68. 					'password' => md5($message['from'] . $data['salt'] . $_W['config']['setting']['authkey']),

  69. 					'nickname' => '',

  70. 					'avatar' => '',

  71. 					'gender' => '',

  72. 					'nationality' => '',

  73. 					'resideprovince' => '',

  74. 					'residecity' => '',

  75. 				);

  76. 				pdo_insert('mc_members', $data);

  77. 				$uid = pdo_insertid();

  78. 			}

  79. 			$record['uid'] = $uid;

  80. 			$_SESSION['uid'] = $uid;

  81. 			pdo_insert('mc_mapping_fans', $record);

  82. 		}

  83. 		$account_api->result(0, '', array('sessionid' => $_W['session_id'], 'userinfo' => $fans, 'openid' => $oauth['openid']));

  84. 	} else {

  85. 		$account_api->result(1, $oauth['message']);

  86. 	}

  87. } elseif ($do == 'userinfo') {

  88. 	$encrypt_data = $_GPC['encryptedData'];

  89. 	$iv = $_GPC['iv'];

  90. 	if (empty($_SESSION['session_key']) || empty($encrypt_data) || empty($iv)) {

  91. 		$account_api->result(1, '请先登录');

  92. 	}

  93. 	$sign = sha1($_POST['rawData'].$_SESSION['session_key']);

  94. 	if ($sign !== $_GPC['signature']) {

  95. 		$account_api->result(1, '签名错误');

  96. 	}

  97. 

  98. 	$userinfo = $account_api->pkcs7Encode($encrypt_data, $iv);

  99. 	$userinfo['nickname'] = $userinfo['nickName'];

  100. 	$_SESSION['userinfo'] = base64_encode(iserializer($userinfo));

  101. 

  102. 	$fans = mc_fansinfo($userinfo['openId']);

  103. 	$fans_update = array(

  104. 		'nickname' => $userinfo['nickName'],

  105. 		'unionid' => $userinfo['unionId'],

  106. 		'tag' => base64_encode(iserializer(array(

  107. 			'subscribe' => 1,

  108. 			'openid' => $userinfo['openId'],

  109. 			'nickname' => $userinfo['nickName'],

  110. 			'sex' => $userinfo['gender'],

  111. 			'language' => $userinfo['language'],

  112. 			'city' => $userinfo['city'],

  113. 			'province' => $userinfo['province'],

  114. 			'country' => $userinfo['country'],

  115. 			'headimgurl' => $userinfo['avatarUrl'],

  116. 		))),

  117. 	);

  118. 			if (!empty($userinfo['unionId'])) {

  119. 		$union_fans = pdo_get('mc_mapping_fans', array('unionid' => $userinfo['unionId'], 'openid !=' => $userinfo['openId']));

  120. 		if (!empty($union_fans['uid'])) {

  121. 			if (!empty($fans['uid'])) {

  122. 				

  123. 			}

  124. 			$fans_update['uid'] = $union_fans['uid'];

  125. 			$_SESSION['uid'] = $union_fans['uid'];

  126. 		}

  127. 	}

  128. 	pdo_update('mc_mapping_fans', $fans_update, array('fanid' => $fans['fanid']));

  129. 	pdo_update('mc_members', array('nickname' => $userinfo['nickName'], 'avatar' => $userinfo['avatarUrl'], 'gender' => $userinfo['gender']), array('uid' => $fans['uid']));

  130. 	$member = mc_fetch($fans['uid']);

  131. 	unset($member['password']);

  132. 	unset($member['salt']);

  133. 	$account_api->result(0, '', $member);

  134. } elseif ($do == 'check') {

  135. 	if (!empty($_W['openid'])) {

  136. 		$account_api->result(0);

  137. 	} else {

  138. 		$account_api->result(1, 'session失效,请重新发起登录请求');

  139. 	}

  140. }