www.gusucode.com > baigo CMS PHP开源网站管理系统 v1.2.2源码程序 > baigocms_v1.2.2/bg_sso/core/control/api/sync.class.php
<?php /*----------------------------------------------------------------- !!!!警告!!!! 以下为系统文件,请勿修改 -----------------------------------------------------------------*/ //不能非法包含或直接执行 if(!defined("IN_BAIGO")) { exit("Access Denied"); } include_once(BG_PATH_FUNC . "http.func.php"); //载入开放平台类 include_once(BG_PATH_FUNC . "baigocode.func.php"); //载入开放平台类 include_once(BG_PATH_CLASS . "sync.class.php"); //载入模板类 include_once(BG_PATH_MODEL . "app.class.php"); //载入后台用户类 include_once(BG_PATH_MODEL . "belong.class.php"); include_once(BG_PATH_MODEL . "user.class.php"); //载入后台用户类 include_once(BG_PATH_MODEL . "log.class.php"); //载入管理帐号模型 /*-------------用户类-------------*/ class API_SYNC { private $obj_sync; private $log; private $mdl_user; private $appAllow; private $appRows; private $appRequest; function __construct() { //构造函数 $this->obj_sync = new CLASS_SYNC(); $this->obj_sync->chk_install(); $this->log = $this->obj_sync->log; //初始化 AJAX 基对象 $this->mdl_user = new MODEL_USER(); //设置管理组模型 $this->mdl_app = new MODEL_APP(); //设置管理组模型 $this->mdl_belong = new MODEL_BELONG(); $this->mdl_log = new MODEL_LOG(); //设置管理员模型 } function api_login() { $this->app_check("get"); $_arr_userId = validateStr($this->appRequest["user_id"], 1, 0, "str", "int"); switch ($_arr_userId["status"]) { case "too_short": $_arr_return = array( "alert" => "x010217", ); $this->obj_sync->halt_re($_arr_return); break; case "format_err": $_arr_return = array( "alert" => "x010218", ); $this->obj_sync->halt_re($_arr_return); break; case "ok": $_num_userId = $_arr_userId["str"]; break; } $_arr_userRow = $this->mdl_user->mdl_read($_num_userId); if ($_arr_userRow["alert"] != "y010102") { $this->obj_sync->halt_re($_arr_userRow); } if ($_arr_userRow["user_status"] == "disable") { $_arr_return = array( "alert" => "x010401", ); $this->obj_api->halt_re($_arr_return); } unset($_arr_userRow["user_pass"], $_arr_userRow["user_mail"], $_arr_userRow["user_nick"], $_arr_userRow["user_note"], $_arr_userRow["user_rand"], $_arr_userRow["user_status"], $_arr_userRow["user_time"], $_arr_userRow["user_time_login"], $_arr_userRow["user_ip"]); $_arr_urlRows = array(); foreach ($this->appRows as $_key=>$_value) { $_arr_userRow["app_id"] = $_value["app_id"]; $_arr_userRow["app_key"] = $_value["app_key"]; $_str_key = fn_rand(6); $_str_code = $this->obj_sync->sync_encode($_arr_userRow, $_str_key); $_tm_time = time(); $_str_rand = fn_rand(); $_str_sign = fn_baigoSignMk($_tm_time, $_str_rand, $_value["app_id"], $_value["app_key"]); if (stristr($_value["app_url_sync"], "?")) { $_str_conn = "&"; } else { $_str_conn = "?"; } $_str_url = $_value["app_url_sync"] . $_str_conn . "mod=sync"; $_arr_data = array( "act_get" => "login", "time" => $_tm_time, "random" => $_str_rand, "signature" => $_str_sign, "code" => $_str_code, "key" => $_str_key, ); $_arr_urlRows[] = urlencode($_str_url . "&" . http_build_query($_arr_data)); } $_arr_return = array( "alert" => "y100401", "urlRows" => $_arr_urlRows, ); $this->obj_sync->halt_re($_arr_return); } function api_logout() { $this->app_check("get"); $_arr_userId = validateStr($this->appRequest["user_id"], 1, 0, "str", "int"); switch ($_arr_userId["status"]) { case "too_short": $_arr_return = array( "alert" => "x010217", ); $this->obj_sync->halt_re($_arr_return); break; case "format_err": $_arr_return = array( "alert" => "x010218", ); $this->obj_sync->halt_re($_arr_return); break; case "ok": $_num_userId = $_arr_userId["str"]; break; } $_arr_userRow = $this->mdl_user->mdl_read($_num_userId); if ($_arr_userRow["alert"] != "y010102") { $this->obj_sync->halt_re($_arr_userRow); } if ($_arr_userRow["user_status"] == "disable") { $_arr_return = array( "alert" => "x010401", ); $this->obj_api->halt_re($_arr_return); } unset($_arr_userRow["user_pass"], $_arr_userRow["user_mail"], $_arr_userRow["user_nick"], $_arr_userRow["user_note"], $_arr_userRow["user_rand"], $_arr_userRow["user_status"], $_arr_userRow["user_time"], $_arr_userRow["user_time_login"], $_arr_userRow["user_ip"]); $_str_key = fn_rand(6); $_arr_code = $_arr_userRow; $_arr_urlRows = array(); foreach ($this->appRows as $_key=>$_value) { $_tm_time = time(); $_str_rand = fn_rand(); $_str_sign = fn_baigoSignMk($_tm_time, $_str_rand, $_value["app_id"], $_value["app_key"]); $_arr_code["app_id"] = $_value["app_id"]; $_arr_code["app_key"] = $_value["app_key"]; $_str_code = $this->obj_sync->sync_encode($_arr_code, $_str_key); if (stristr($_value["app_url_sync"], "?")) { $_str_conn = "&"; } else { $_str_conn = "?"; } $_str_url = $_value["app_url_sync"] . $_str_conn . "mod=sync"; $_arr_data = array( "act_get" => "logout", "time" => $_tm_time, "random" => $_str_rand, "signature" => $_str_sign, "code" => $_str_code, "key" => $_str_key, ); $_arr_urlRows[] = urlencode($_str_url . "&" . http_build_query($_arr_data)); } $_arr_return = array( "alert" => "y100402", "urlRows" => $_arr_urlRows, ); $this->obj_sync->halt_re($_arr_return); } /** * app_check function. * * @access private * @param mixed $num_appId * @param string $str_method (default: "get") * @return void */ private function app_check($str_method = "get") { $this->appRequest = $this->obj_sync->sync_fetch(); if ($this->appRequest["alert"] != "ok") { $this->obj_sync->halt_re($this->appRequest); } $_arr_logTarget[] = array( "app_id" => $this->appRequest["app_id"] ); $this->appRow = $this->mdl_app->mdl_read($this->appRequest["app_id"]); if ($this->appRow["alert"] != "y050102") { $_arr_logType = array("app", "read"); $this->log_do($_arr_logTarget, "app", $this->appRow, $_arr_logType); $this->obj_sync->halt_re($this->appRow); } $_arr_appChk = $this->obj_sync->app_chk($this->appRequest, $this->appRow); if ($_arr_appChk["alert"] != "ok") { $_arr_logType = array("app", "check"); $this->log_do($_arr_logTarget, "app", $_arr_appChk, $_arr_logType); $this->obj_sync->halt_re($_arr_appChk); } $_arr_search = array( "status" => "enable", "sync" => "on", "has_notice" => true, "not_ids" => array($this->appRequest["app_id"]), ); $this->appRows = $this->mdl_app->mdl_list(100, 0, $_arr_search); } /** * log_do function. * * @access private * @param mixed $arr_logResult * @param mixed $str_logType * @return void */ private function log_do($arr_logTarget, $str_targetType, $arr_logResult, $arr_logType) { $_str_targets = json_encode($arr_logTarget); $_str_result = json_encode($arr_logResult); $this->mdl_log->mdl_submit($_str_targets, $str_targetType, $this->log[$arr_logType[0]][$arr_logType[1]], $_str_result, "app", $this->appRequest["app_id"]); } }