ucenter应用开发笔记之通信篇
2009 十一月 28
前面做了个I feel lucky ,Joya说到验证问题,说只允许wpg成员加入此活动, 我当时由于时间仓促,就只简单地加上个UID填写再加上后台人工审核认证,
现在觉得其实可以有更好的验证办法。
由于WPG会员都有论坛ID,所以可以用UCenter来验证添加链接的人是不是WPG成员。此处不討論这个如何实现,只说一下想法。
下面是简单地做一下通信测试。
应用路径: /var/www/test/mywebsite
1,先到Ucenter后台添加一个新应用:
2,部署相关文件
应用路径: /var/www/test/mywebsite
/var/www/test/mywebsite/config.inc.php.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 | <?php // ============================================================================ define('UC_CONNECT', 'mysql'); define('UC_DBHOST', 'localhost'); define('UC_DBUSER', 'discuz'); define('UC_DBPW', '123456'); define('UC_DBNAME', 'discuz'); define('UC_DBCHARSET', 'utf8'); define('UC_DBTABLEPRE', '`discuz`.uc_'); define('UC_DBCONNECT', '0'); //通信相关 define('UC_KEY', '123456'); define('UC_API', 'http://dz.hacklog.com/UCenter'); define('UC_CHARSET', 'utf-8'); define('UC_IP', '192.168.1.111'); define('UC_APPID', '6'); define('UC_PPP', '20'); //ucexample_2.php 用到的应用程序数据库连接参数 $dbhost = 'localhost'; // 数据库服务器 $dbuser = 'root'; // 数据库用户名 $dbpw = '我不告诉你'; // 数据库密码 $dbname = 'blogshow'; // 数据库名 $pconnect = 0; // 数据库持久连接 0=关闭, 1=打开 $tablepre = ''; // 表名前缀, 同一数据库安装多个论坛请修改此处 $dbcharset = 'utf8'; // MySQL 字符集, 可选 'gbk', 'big5', 'utf8', 'latin1', 留空为按照论坛字符集设定 //同步登录 Cookie 设置 $cookiedomain = ''; // cookie 作用域 $cookiepath = '/'; // cookie 作用路径 |
将discuz目录下的uc_client目录复制到应用目录下。
再在应用目录下新建一名为api的目录,其下建新一名为uc.php的文件:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 | <?php define('UC_CLIENT_VERSION', '1.5.0'); //note UCenter 版本标识 define('UC_CLIENT_RELEASE', '20081031'); define('API_DELETEUSER', 1); //note 用户删除 API 接口开关 define('API_RENAMEUSER', 1); //note 用户改名 API 接口开关 define('API_GETTAG', 1); //note 获取标签 API 接口开关 define('API_SYNLOGIN', 1); //note 同步登录 API 接口开关 define('API_SYNLOGOUT', 1); //note 同步登出 API 接口开关 define('API_UPDATEPW', 1); //note 更改用户密码 开关 define('API_UPDATEBADWORDS', 1); //note 更新关键字列表 开关 define('API_UPDATEHOSTS', 1); //note 更新域名解析缓存 开关 define('API_UPDATEAPPS', 1); //note 更新应用列表 开关 define('API_UPDATECLIENT', 1); //note 更新客户端缓存 开关 define('API_UPDATECREDIT', 1); //note 更新用户积分 开关 define('API_GETCREDITSETTINGS', 1); //note 向 UCenter 提供积分设置 开关 define('API_GETCREDIT', 1); //note 获取用户的某项积分 开关 define('API_UPDATECREDITSETTINGS', 1); //note 更新应用积分设置 开关 define('API_RETURN_SUCCEED', '1'); define('API_RETURN_FAILED', '-1'); define('API_RETURN_FORBIDDEN', '-2'); //note 普通的 http 通知方式 if(!defined('IN_UC')) { error_reporting(0); set_magic_quotes_runtime(0); defined('MAGIC_QUOTES_GPC') || define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc()); require_once '../config.inc.php'; $_DCACHE = $get = $post = array(); $code = @$_GET['code']; parse_str(_authcode($code, 'DECODE', UC_KEY), $get); if(MAGIC_QUOTES_GPC) { $get = _stripslashes($get); } $timestamp = time(); if($timestamp - $get['time'] > 3600) { exit('Authracation has expiried'); } if(empty($get)) { exit('Invalid Request'); } $action = $get['action']; require_once '../uc_client/lib/xml.class.php'; $post = xml_unserialize(file_get_contents('php://input')); if(in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcreditsettings', 'updatecreditsettings'))) { require_once '../include/db_mysql.class.php'; $GLOBALS['db'] = new dbstuff; $GLOBALS['db']->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset); $GLOBALS['tablepre'] = $tablepre; unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect); $uc_note = new uc_note(); exit($uc_note->$get['action']($get, $post)); } else { exit(API_RETURN_FAILED); } //note include 通知方式 } else { require_once '../config.inc.php'; require_once '../include/db_mysql.class.php'; $GLOBALS['db'] = new dbstuff; $GLOBALS['db']->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset); $GLOBALS['tablepre'] = $tablepre; unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect); } class uc_note { var $dbconfig = ''; var $db = ''; var $tablepre = ''; var $appdir = ''; function _serialize($arr, $htmlon = 0) { if(!function_exists('xml_serialize')) { include_once '../uc_client/lib/xml.class.php'; } return xml_serialize($arr, $htmlon); } function uc_note() { $this->appdir = substr(dirname(__FILE__), 0, -3); $this->dbconfig = $this->appdir.'./config.inc.php'; $this->db = $GLOBALS['db']; $this->tablepre = $GLOBALS['tablepre']; } function test($get, $post) { return API_RETURN_SUCCEED; } function deleteuser($get, $post) { $uids = $get['ids']; !API_DELETEUSER && exit(API_RETURN_FORBIDDEN); return API_RETURN_SUCCEED; } function renameuser($get, $post) { $uid = $get['uid']; $usernameold = $get['oldusername']; $usernamenew = $get['newusername']; if(!API_RENAMEUSER) { return API_RETURN_FORBIDDEN; } return API_RETURN_SUCCEED; } function gettag($get, $post) { $name = $get['id']; if(!API_GETTAG) { return API_RETURN_FORBIDDEN; } $return = array(); return $this->_serialize($return, 1); } function synlogin($get, $post) { $uid = $get['uid']; $username = $get['username']; if(!API_SYNLOGIN) { return API_RETURN_FORBIDDEN; } header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); _setcookie('Example_auth', _authcode($uid."\t".$username, 'ENCODE')); } function synlogout($get, $post) { if(!API_SYNLOGOUT) { return API_RETURN_FORBIDDEN; } //note 同步登出 API 接口 header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); _setcookie('Example_auth', '', -86400 * 365); } function updatepw($get, $post) { if(!API_UPDATEPW) { return API_RETURN_FORBIDDEN; } $username = $get['username']; $password = $get['password']; return API_RETURN_SUCCEED; } function updatebadwords($get, $post) { if(!API_UPDATEBADWORDS) { return API_RETURN_FORBIDDEN; } $cachefile = $this->appdir.'./uc_client/data/cache/badwords.php'; $fp = fopen($cachefile, 'w'); $data = array(); if(is_array($post)) { foreach($post as $k => $v) { $data['findpattern'][$k] = $v['findpattern']; $data['replace'][$k] = $v['replacement']; } } $s = "<?php\r\n"; $s .= '$_CACHE[\'badwords\'] = '.var_export($data, TRUE).";\r\n"; fwrite($fp, $s); fclose($fp); return API_RETURN_SUCCEED; } function updatehosts($get, $post) { if(!API_UPDATEHOSTS) { return API_RETURN_FORBIDDEN; } $cachefile = $this->appdir.'./uc_client/data/cache/hosts.php'; $fp = fopen($cachefile, 'w'); $s = "<?php\r\n"; $s .= '$_CACHE[\'hosts\'] = '.var_export($post, TRUE).";\r\n"; fwrite($fp, $s); fclose($fp); return API_RETURN_SUCCEED; } function updateapps($get, $post) { if(!API_UPDATEAPPS) { return API_RETURN_FORBIDDEN; } $UC_API = $post['UC_API']; //note 写 app 缓存文件 $cachefile = $this->appdir.'./uc_client/data/cache/apps.php'; $fp = fopen($cachefile, 'w'); $s = "<?php\r\n"; $s .= '$_CACHE[\'apps\'] = '.var_export($post, TRUE).";\r\n"; fwrite($fp, $s); fclose($fp); //note 写配置文件 if(is_writeable($this->appdir.'./config.inc.php')) { $configfile = trim(file_get_contents($this->appdir.'./config.inc.php')); $configfile = substr($configfile, -2) == '?>' ? substr($configfile, 0, -2) : $configfile; $configfile = preg_replace("/define\('UC_API',\s*'.*?'\);/i", "define('UC_API', '$UC_API');", $configfile); if($fp = @fopen($this->appdir.'./config.inc.php', 'w')) { @fwrite($fp, trim($configfile)); @fclose($fp); } } return API_RETURN_SUCCEED; } function updateclient($get, $post) { if(!API_UPDATECLIENT) { return API_RETURN_FORBIDDEN; } $cachefile = $this->appdir.'./uc_client/data/cache/settings.php'; $fp = fopen($cachefile, 'w'); $s = "<?php\r\n"; $s .= '$_CACHE[\'settings\'] = '.var_export($post, TRUE).";\r\n"; fwrite($fp, $s); fclose($fp); return API_RETURN_SUCCEED; } function updatecredit($get, $post) { if(!API_UPDATECREDIT) { return API_RETURN_FORBIDDEN; } $credit = $get['credit']; $amount = $get['amount']; $uid = $get['uid']; return API_RETURN_SUCCEED; } function getcredit($get, $post) { if(!API_GETCREDIT) { return API_RETURN_FORBIDDEN; } } function getcreditsettings($get, $post) { if(!API_GETCREDITSETTINGS) { return API_RETURN_FORBIDDEN; } $credits = array(); return $this->_serialize($credits); } function updatecreditsettings($get, $post) { if(!API_UPDATECREDITSETTINGS) { return API_RETURN_FORBIDDEN; } return API_RETURN_SUCCEED; } } //note 使用该函数前需要 require_once $this->appdir.'./config.inc.php'; function _setcookie($var, $value, $life = 0, $prefix = 1) { global $cookiepre, $cookiedomain, $cookiepath, $timestamp, $_SERVER; setcookie(($prefix ? $cookiepre : '').$var, $value, $life ? $timestamp + $life : 0, $cookiepath, $cookiedomain, $_SERVER['SERVER_PORT'] == 443 ? 1 : 0); } function _authcode($string, $operation = 'DECODE', $key = '', $expiry = 0) { $ckey_length = 4; $key = md5($key ? $key : UC_KEY); $keya = md5(substr($key, 0, 16)); $keyb = md5(substr($key, 16, 16)); $keyc = $ckey_length ? ($operation == 'DECODE' ? substr($string, 0, $ckey_length): substr(md5(microtime()), -$ckey_length)) : ''; $cryptkey = $keya.md5($keya.$keyc); $key_length = strlen($cryptkey); $string = $operation == 'DECODE' ? base64_decode(substr($string, $ckey_length)) : sprintf('%010d', $expiry ? $expiry + time() : 0).substr(md5($string.$keyb), 0, 16).$string; $string_length = strlen($string); $result = ''; $box = range(0, 255); $rndkey = array(); for($i = 0; $i <= 255; $i++) { $rndkey[$i] = ord($cryptkey[$i % $key_length]); } for($j = $i = 0; $i < 256; $i++) { $j = ($j + $box[$i] + $rndkey[$i]) % 256; $tmp = $box[$i]; $box[$i] = $box[$j]; $box[$j] = $tmp; } for($a = $j = $i = 0; $i < $string_length; $i++) { $a = ($a + 1) % 256; $j = ($j + $box[$a]) % 256; $tmp = $box[$a]; $box[$a] = $box[$j]; $box[$j] = $tmp; $result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256])); } if($operation == 'DECODE') { if((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26).$keyb), 0, 16)) { return substr($result, 26); } else { return ''; } } else { return $keyc.str_replace('=', '', base64_encode($result)); } } function _stripslashes($string) { if(is_array($string)) { foreach($string as $key => $val) { $string[$key] = _stripslashes($val); } } else { $string = stripslashes($string); } return $string; } |
另外应用下的include目录下还有一个mysql数据库类,可以简单地使用discuz的,这里不再帖出了。
通信成功:
若出现UCenter应用“正在连接…” ,一般是由于数据库配置不正确导致的。
应用通讯失败的排查方法
![Discuz!7.0实现PHP代码高亮[原创]](http://static.ihacklog.com/wp-files/2009/04/editor-21x150.gif)
2 Responses
Post a comment
beiz
uc的那个example很不错
借鉴下 会有很大的帮助
恩,这个想法不错