www.gusucode.com > Ectouch手机端网购商城系统PHP版源码程序 > ectouch/api/uc.php
<?php
/**
* ECTouch Open Source Project
* ============================================================================
* Copyright (c) 2012-2014 http://ectouch.cn All rights reserved.
* ----------------------------------------------------------------------------
* 文件名称:uc.php
* ----------------------------------------------------------------------------
* 功能描述:UCenter API
* ----------------------------------------------------------------------------
* Licensed ( http://www.ectouch.cn/docs/license.txt )
* ----------------------------------------------------------------------------
*/
define('IN_ECTOUCH',true);
define('UC_CLIENT_VERSION', '1.6.0'); // note UCenter 版本标识
define('UC_CLIENT_RELEASE', '20110501');
define('API_DELETEUSER', 1); // note 用户删除 API 接口开关
define('API_RENAMEUSER', 1); // note 用户改名 API 接口开关
define('API_GETTAG', 1); // note 获取标签 API 接口开关
define('API_SYNLOGIN', 1); // note 同步登录 API 接口开关
define('API_SYNLOGOUT', 1); // note 同步登出 API 接口开关
define('API_UPDATEPW', 1); // note 更改用户密码 开关
define('API_UPDATEBADWORDS', 1); // note 更新关键字列表 开关
define('API_UPDATEHOSTS', 1); // note 更新域名解析缓存 开关
define('API_UPDATEAPPS', 1); // note 更新应用列表 开关
define('API_UPDATECLIENT', 1); // note 更新客户端缓存 开关
define('API_UPDATECREDIT', 1); // note 更新用户积分 开关
define('API_GETCREDITSETTINGS', 1); // note 向 UCenter 提供积分设置 开关
define('API_GETCREDIT', 1); // note 获取用户的某项积分 开关
define('API_UPDATECREDITSETTINGS', 1); // note 更新应用积分设置 开关
define('API_RETURN_SUCCEED', '1');
define('API_RETURN_FAILED', '-1');
define('API_RETURN_FORBIDDEN', '-2');
define('EC_CHARSET', 'utf-8');
define('ROOT_PATH', realpath(dirname(__FILE__) . '/../') . '/');
define('BASE_PATH', ROOT_PATH . 'include/');
/* 加载常用函数 */
require(BASE_PATH . 'Common.php');
/* 默认配置 */
C(load_file(BASE_PATH . 'Convention.php'));
/* 数据库配置 */
C('DB', load_file(ROOT_PATH . 'data/config.php'));
/* 设置时区 */
date_default_timezone_set(C('DEFAULT_TIMEZONE'));
/* 项目函数 */
load_file(ROOT_PATH . 'include/base/function.php');
/* 初始化数据库类 */
require (ROOT_PATH . 'include/EcModel.class.php');
$db = new EcModel(C('DB'));
/* 初始化session */
require (ROOT_PATH . 'include/library/EcsApiSession.class.php');
$sess_name = defined("SESS_NAME") ? SESS_NAME : 'ECS_ID';
$sess = new EcsApiSession($db, $db->pre .'sessions', $db->pre . 'sessions_data', $sess_name);
/* 载入系统参数 */
$_CFG = load_config_uc();
C('CFG', $_CFG);
/* 初始化用户插件 */
$user = init_users();
header('Content-type: text/html; charset=' . EC_CHARSET);
// 数据验证
if (! defined('IN_UC')) {
error_reporting(0);
set_magic_quotes_runtime(0);
defined('MAGIC_QUOTES_GPC') || define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());
$_DCACHE = $get = $post = array();
$code = @$_GET['code'];
parse_str(_authcode($code, 'DECODE', UC_KEY), $get);
if (MAGIC_QUOTES_GPC) {
$get = _stripslashes($get);
}
$timestamp = time();
if ($timestamp - $get['time'] > 3600) {
exit('Authracation has expiried');
}
if (empty($get)) {
exit('Invalid Request');
}
}
$action = $get['action'];
include (ROOT_PATH . 'plugins/uc_client/lib/xml.class.php');
$post = xml_unserialize(file_get_contents('php://input'));
if (in_array($get['action'], array(
'test',
'deleteuser',
'renameuser',
'gettag',
'synlogin',
'synlogout',
'updatepw',
'updatebadwords',
'updatehosts',
'updateapps',
'updateclient',
'updatecredit',
'getcreditsettings',
'updatecreditsettings'
))) {
$uc_note = new uc_note();
exit($uc_note->$get['action']($get, $post));
} else {
exit(API_RETURN_FAILED);
}
$ecs_url = str_replace('/api', '', $ecs->url());
class uc_note
{
var $db = '';
var $tablepre = '';
var $appdir = '';
function _serialize($arr, $htmlon = 0)
{
if (! function_exists('xml_serialize')) {
include (ROOT_PATH . 'plugins/uc_client/lib/xml.class.php');
}
return xml_serialize($arr, $htmlon);
}
function uc_note()
{
$this->appdir = ROOT_PATH;
$this->db = $GLOBALS['db'];
}
function test($get, $post)
{
return API_RETURN_SUCCEED;
}
function deleteuser($get, $post)
{
$uids = $get['ids'];
if (! API_DELETEUSER) {
return API_RETURN_FORBIDDEN;
}
if (delete_user($uids)) {
return API_RETURN_SUCCEED;
}
}
function renameuser($get, $post)
{
$uid = $get['uid'];
$usernameold = $get['oldusername'];
$usernamenew = $get['newusername'];
if (! API_RENAMEUSER) {
return API_RETURN_FORBIDDEN;
}
$this->db->query("UPDATE {pre}users SET user_name='$usernamenew' WHERE user_id='$uid'");
$this->db->query("UPDATE {pre}affiliate_log SET user_name='$usernamenew' WHERE user_name='$usernameold'");
$this->db->query("UPDATE {pre}comment SET user_name='$usernamenew' WHERE user_name='$usernameold'");
$this->db->query("UPDATE {pre}feedback SET user_name='$usernamenew' WHERE user_name='$usernameold'");
clear_cache_files();
return API_RETURN_SUCCEED;
}
function gettag($get, $post)
{
$name = $get['id'];
if (! API_GETTAG) {
return API_RETURN_FORBIDDEN;
}
$tags = fetch_tag($name);
$return = array(
$name,
$tags
);
include_once (ROOT_PATH . 'plugins/uc_client/client.php');
return uc_serialize($return, 1);
}
function synlogin($get, $post)
{
$uid = intval($get['uid']);
$username = $get['username'];
if (! API_SYNLOGIN) {
return API_RETURN_FORBIDDEN;
}
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
set_login($uid, $username);
}
function synlogout($get, $post)
{
if (! API_SYNLOGOUT) {
return API_RETURN_FORBIDDEN;
}
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
set_cookie();
set_session();
}
function updatepw($get, $post)
{
if (! API_UPDATEPW) {
return API_RETURN_FORBIDDEN;
}
$username = $get['username'];
// $password = md5($get['password']);
$newpw = md5(time() . rand(100000, 999999));
$this->db->query("UPDATE {pre}users SET password='$newpw' WHERE user_name='$username'");
return API_RETURN_SUCCEED;
}
function updatebadwords($get, $post)
{
if (! API_UPDATEBADWORDS) {
return API_RETURN_FORBIDDEN;
}
$cachefile = $this->appdir . 'plugins/uc_client/data/cache/badwords.php';
$fp = fopen($cachefile, 'w');
$data = array();
if (is_array($post)) {
foreach ($post as $k => $v) {
$data['findpattern'][$k] = $v['findpattern'];
$data['replace'][$k] = $v['replacement'];
}
}
$s = "<?php\r\n";
$s .= '$_CACHE[\'badwords\'] = ' . var_export($data, TRUE) . ";\r\n";
fwrite($fp, $s);
fclose($fp);
return API_RETURN_SUCCEED;
}
function updatehosts($get, $post)
{
if (! API_UPDATEHOSTS) {
return API_RETURN_FORBIDDEN;
}
$cachefile = $this->appdir . 'plugins/uc_client/data/cache/hosts.php';
$fp = fopen($cachefile, 'w');
$s = "<?php\r\n";
$s .= '$_CACHE[\'hosts\'] = ' . var_export($post, TRUE) . ";\r\n";
fwrite($fp, $s);
fclose($fp);
return API_RETURN_SUCCEED;
}
function updateapps($get, $post)
{
if (! API_UPDATEAPPS) {
return API_RETURN_FORBIDDEN;
}
$UC_API = $post['UC_API'];
$cachefile = $this->appdir . 'plugins/uc_client/data/cache/apps.php';
$fp = fopen($cachefile, 'w');
$s = "<?php\r\n";
$s .= '$_CACHE[\'apps\'] = ' . var_export($post, TRUE) . ";\r\n";
fwrite($fp, $s);
fclose($fp);
// clear_cache_files();
return API_RETURN_SUCCEED;
}
function updateclient($get, $post)
{
if (! API_UPDATECLIENT) {
return API_RETURN_FORBIDDEN;
}
$cachefile = $this->appdir . 'plugins/uc_client/data/cache/settings.php';
$fp = fopen($cachefile, 'w');
$s = "<?php\r\n";
$s .= '$_CACHE[\'settings\'] = ' . var_export($post, TRUE) . ";\r\n";
fwrite($fp, $s);
fclose($fp);
return API_RETURN_SUCCEED;
}
function updatecredit($get, $post)
{
if (! API_UPDATECREDIT) {
return API_RETURN_FORBIDDEN;
}
$cfg = unserialize($GLOBALS['_CFG']['integrate_config']);
$credit = intval($get['credit']);
$amount = intval($get['amount']);
$uid = intval($get['uid']);
$points = array(
0 => 'rank_points',
1 => 'pay_points'
);
$sql = "UPDATE {pre}users SET {$points[$credit]} = {$points[$credit]} + '$amount' WHERE user_id = $uid";
$this->db->query($sql);
if ($this->db->affected_rows() <= 0) {
return API_RETURN_FAILED;
}
$sql = "INSERT INTO {pre}account_log (user_id, {$points[$credit]}, change_time, change_desc, change_type)" . " VALUES ('$uid', '$amount', '" . gmtime() . "', '" . $cfg['uc_lang']['exchange'] . "', '99')";
$this->db->query($sql);
return API_RETURN_SUCCEED;
}
function getcredit($get, $post)
{
if (! API_GETCREDIT) {
return API_RETURN_FORBIDDEN;
}
/*
* $uid = intval($get['uid']); $credit = intval($get['credit']); return $credit >= 1 && $credit <= 8 ? $this->db->result_first("SELECT extcredits$credit FROM ".$this->tablepre."members WHERE uid='$uid'") : 0;
*/
}
function getcreditsettings($get, $post)
{
if (! API_GETCREDITSETTINGS) {
return API_RETURN_FORBIDDEN;
}
$cfg = unserialize($GLOBALS['_CFG']['integrate_config']);
$credits = $cfg['uc_lang']['credits'];
include_once (ROOT_PATH . 'plugins/uc_client/client.php');
return uc_serialize($credits);
}
function updatecreditsettings($get, $post)
{
if (! API_UPDATECREDITSETTINGS) {
return API_RETURN_FORBIDDEN;
}
$outextcredits = array();
foreach ($get['credit'] as $appid => $credititems) {
if ($appid == UC_APPID) {
foreach ($credititems as $value) {
$outextcredits[] = array(
'appiddesc' => $value['appiddesc'],
'creditdesc' => $value['creditdesc'],
'creditsrc' => $value['creditsrc'],
'title' => $value['title'],
'unit' => $value['unit'],
'ratio' => $value['ratio']
);
}
}
}
$this->db->query("UPDATE {pre}shop_config SET value='" . serialize($outextcredits) . "' WHERE code='points_rule'");
return API_RETURN_SUCCEED;
}
}
/**
* 删除用户接口函数
*
* @access public
* @param int $uids
* @return void
*/
function delete_user($uids = '')
{
if (empty($uids)) {
return;
} else {
$uids = stripslashes($uids);
$sql = "DELETE FROM {pre}users WHERE user_id IN ($uids)";
$result = $GLOBALS['db']->query($sql);
return true;
}
}
/**
* 设置用户登陆
*
* @access public
* @param int $uid
* @return void
*/
function set_login($user_id = '', $user_name = '')
{
if (empty($user_id)) {
return;
} else {
$sql = "SELECT user_name, email FROM {pre}users WHERE user_id='$user_id' LIMIT 1";
$row = $GLOBALS['db']->query($sql);
$row = reset($row);
if ($row) {
set_cookie($user_id, $row['user_name'], $row['email']);
set_session($user_id, $row['user_name'], $row['email']);
update_user_info();
} else {
include_once (ROOT_PATH . 'plugins/uc_client/client.php');
if ($data = uc_get_user($user_name)) {
list ($uid, $uname, $email) = $data;
$sql = "REPLACE INTO {pre}users (user_id, user_name, email) VALUES('$uid', '$uname', '$email')";
$GLOBALS['db']->query($sql);
set_login($uid);
} else {
return false;
}
}
}
}
/**
* 设置cookie
*
* @access public
* @param
*
* @return void
*/
function set_cookie($user_id = '', $user_name = '', $email = '')
{
if (empty($user_id)) {
/* 摧毁cookie */
$time = time() - 3600;
setcookie('ECS[user_id]', '', $time);
setcookie('ECS[username]', '', $time);
setcookie('ECS[email]', '', $time);
} else {
/* 设置cookie */
$time = time() + 3600 * 24 * 30;
setcookie("ECS[user_id]", $user_id, $time, $GLOBALS['cookie_path'], $GLOBALS['cookie_domain']);
setcookie("ECS[username]", $user_name, $time, $GLOBALS['cookie_path'], $GLOBALS['cookie_domain']);
setcookie("ECS[email]", $email, $time, $GLOBALS['cookie_path'], $GLOBALS['cookie_domain']);
}
}
/**
* 设置指定用户SESSION
*
* @access public
* @param
*
* @return void
*/
function set_session($user_id = '', $user_name = '', $email = '')
{
if (empty($user_id)) {
$GLOBALS['sess']->destroy_session();
} else {
$_SESSION['user_id'] = $user_id;
$_SESSION['user_name'] = $user_name;
$_SESSION['email'] = $email;
}
}
/**
* 获取EC的TAG数据
*
* @access public
* @param string $tagname
* @param int $num
* 获取的数量 默认取最新的100条
* @return array
*/
function fetch_tag($tagname, $num = 100)
{
$rewrite = intval($GLOBALS['_CFG']['rewrite']) > 0;
$sql = "SELECT t.*, u.user_name, g.goods_name, g.goods_img, g.shop_price FROM {pre}tag as t, {pre}users as u, {pre}goods as g WHERE tag_words = '$tagname' AND t.user_id = u.user_id AND g.goods_id = t.goods_id ORDER BY t.tag_id DESC LIMIT " . $num;
$arr = $GLOBALS['db']->query($sql);
$tag_list = array();
foreach ($arr as $k => $v) {
$tag_list[$k]['goods_name'] = $v['goods_name'];
$tag_list[$k]['uid'] = $v['user_id'];
$tag_list[$k]['username'] = $v['user_name'];
$tag_list[$k]['dateline'] = time();
$tag_list[$k]['url'] = $GLOBALS['ecs_url'] . 'goods.php?id=' . $v['goods_id'];
$tag_list[$k]['image'] = $GLOBALS['ecs_url'] . $v['goods_img'];
$tag_list[$k]['goods_price'] = $v['shop_price'];
}
return $tag_list;
}
/**
* uc自带函数1
*
* @access public
* @param string $string
*
* @return string $string
*/
function _setcookie($var, $value, $life = 0, $prefix = 1)
{
global $cookiepre, $cookiedomain, $cookiepath, $timestamp, $_SERVER;
setcookie(($prefix ? $cookiepre : '') . $var, $value, $life ? $timestamp + $life : 0, $cookiepath, $cookiedomain, $_SERVER['SERVER_PORT'] == 443 ? 1 : 0);
}
/**
* uc自带函数2
*
* @access public
*
* @return string $string
*/
function _authcode($string, $operation = 'DECODE', $key = '', $expiry = 0)
{
$ckey_length = 4;
$key = md5($key ? $key : UC_KEY);
$keya = md5(substr($key, 0, 16));
$keyb = md5(substr($key, 16, 16));
$keyc = $ckey_length ? ($operation == 'DECODE' ? substr($string, 0, $ckey_length) : substr(md5(microtime()), - $ckey_length)) : '';
$cryptkey = $keya . md5($keya . $keyc);
$key_length = strlen($cryptkey);
$string = $operation == 'DECODE' ? base64_decode(substr($string, $ckey_length)) : sprintf('%010d', $expiry ? $expiry + time() : 0) . substr(md5($string . $keyb), 0, 16) . $string;
$string_length = strlen($string);
$result = '';
$box = range(0, 255);
$rndkey = array();
for ($i = 0; $i <= 255; $i ++) {
$rndkey[$i] = ord($cryptkey[$i % $key_length]);
}
for ($j = $i = 0; $i < 256; $i ++) {
$j = ($j + $box[$i] + $rndkey[$i]) % 256;
$tmp = $box[$i];
$box[$i] = $box[$j];
$box[$j] = $tmp;
}
for ($a = $j = $i = 0; $i < $string_length; $i ++) {
$a = ($a + 1) % 256;
$j = ($j + $box[$a]) % 256;
$tmp = $box[$a];
$box[$a] = $box[$j];
$box[$j] = $tmp;
$result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256]));
}
if ($operation == 'DECODE') {
if ((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26) . $keyb), 0, 16)) {
return substr($result, 26);
} else {
return '';
}
} else {
return $keyc . str_replace('=', '', base64_encode($result));
}
}
/**
* uc自带函数3
*
* @access public
* @param string $string
*
* @return string $string
*/
function _stripslashes($string)
{
if (is_array($string)) {
foreach ($string as $key => $val) {
$string[$key] = _stripslashes($val);
}
} else {
$string = stripslashes($string);
}
return $string;
}
/**
* 载入配置信息
*
* @access public
* @return array
*/
function load_config_uc()
{
$arr = array();
$sql = 'SELECT code, value FROM {pre}shop_config WHERE parent_id > 0';
$res = $GLOBALS['db']->query($sql);
foreach ($res as $row) {
$arr[$row['code']] = $row['value'];
}
/* 对数值型设置处理 */
$arr['watermark_alpha'] = intval($arr['watermark_alpha']);
$arr['market_price_rate'] = floatval($arr['market_price_rate']);
$arr['integral_scale'] = floatval($arr['integral_scale']);
// $arr['integral_percent'] = floatval($arr['integral_percent']);
$arr['cache_time'] = intval($arr['cache_time']);
$arr['thumb_width'] = intval($arr['thumb_width']);
$arr['thumb_height'] = intval($arr['thumb_height']);
$arr['image_width'] = intval($arr['image_width']);
$arr['image_height'] = intval($arr['image_height']);
$arr['best_number'] = ! empty($arr['best_number']) && intval($arr['best_number']) > 0 ? intval($arr['best_number']) : 3;
$arr['new_number'] = ! empty($arr['new_number']) && intval($arr['new_number']) > 0 ? intval($arr['new_number']) : 3;
$arr['hot_number'] = ! empty($arr['hot_number']) && intval($arr['hot_number']) > 0 ? intval($arr['hot_number']) : 3;
$arr['promote_number'] = ! empty($arr['promote_number']) && intval($arr['promote_number']) > 0 ? intval($arr['promote_number']) : 3;
$arr['top_number'] = intval($arr['top_number']) > 0 ? intval($arr['top_number']) : 10;
$arr['history_number'] = intval($arr['history_number']) > 0 ? intval($arr['history_number']) : 5;
$arr['comments_number'] = intval($arr['comments_number']) > 0 ? intval($arr['comments_number']) : 5;
$arr['article_number'] = intval($arr['article_number']) > 0 ? intval($arr['article_number']) : 5;
$arr['page_size'] = intval($arr['page_size']) > 0 ? intval($arr['page_size']) : 10;
$arr['bought_goods'] = intval($arr['bought_goods']);
$arr['goods_name_length'] = intval($arr['goods_name_length']);
$arr['top10_time'] = intval($arr['top10_time']);
$arr['goods_gallery_number'] = intval($arr['goods_gallery_number']) ? intval($arr['goods_gallery_number']) : 5;
$arr['no_picture'] = ! empty($arr['no_picture']) ? str_replace('../', './', $arr['no_picture']) : 'images/no_picture.gif'; // 修改默认商品图片的路径
$arr['qq'] = ! empty($arr['qq']) ? $arr['qq'] : '';
$arr['ww'] = ! empty($arr['ww']) ? $arr['ww'] : '';
$arr['default_storage'] = isset($arr['default_storage']) ? intval($arr['default_storage']) : 1;
$arr['min_goods_amount'] = isset($arr['min_goods_amount']) ? floatval($arr['min_goods_amount']) : 0;
$arr['one_step_buy'] = empty($arr['one_step_buy']) ? 0 : 1;
$arr['invoice_type'] = empty($arr['invoice_type']) ? array(
'type' => array(),
'rate' => array()
) : unserialize($arr['invoice_type']);
$arr['show_order_type'] = isset($arr['show_order_type']) ? $arr['show_order_type'] : 0; // 显示方式默认为列表方式
$arr['help_open'] = isset($arr['help_open']) ? $arr['help_open'] : 1; // 显示方式默认为列表方式
$ecs_version = C('ecs_version');
if (! isset($ecs_version)) {
/* 如果没有版本号则默认为2.7.3 */
C('ecs_version', 'v2.7.3');
}
// 限定语言项
$lang_array = array(
'zh_cn',
'zh_tw',
'en_us'
);
if (empty($arr['lang']) || ! in_array($arr['lang'], $lang_array)) {
$arr['lang'] = 'zh_cn'; // 默认语言为简体中文
}
if (empty($arr['integrate_code'])) {
$arr['integrate_code'] = 'ecshop'; // 默认的会员整合插件为 ecshop
}
foreach ($arr AS $key=>$vo) {
$config[strtoupper($key)] = $vo;
}
return $config;
}
?>