通行证 | 71街

discuz 7.2 嵌套外站用户通行证详解0+

54,681 views / 2009.11.22 / 1:01 上午

当我们使用discuz架设论坛的时候，往往需要把全站用户打通，即让其它产品线的用户与论坛无缝衔接起来。下面我来介绍下具体实现步骤。

Step 1
修改/register.php，在最开始加入：

require_once './include/common.inc.php';
 header("location:http://passport.通行证注册url/register.php?forward=" . $boardurl);
 exit;
 .....

目的是屏蔽discuz的注册入口，让用户调转到统一的通行证注册页面去。

同时不要忘记修改/include/js/common.js中的函数showWindow:

function showWindow(k, url, mode, cache) {
 if(k == 'register'){
 location.href='/register.php';
 return false;
 }
 ....

这样注册入口就全都跳转到通行证的注册页面了。

Step 2
在include/common.inc.php最后添加上判断代码，假定统一通行证的用户cookie为$_COOKIE[“UserInfo”]：

if(!$discuz_uid){
if($_COOKIE["UserInfo"]){
parse_str($_COOKIE["UserInfo"],$cookie_info);  //解析出用户信息，让dologin.php的处理
header("location:http://".$_SERVER["HTTP_HOST"]."/ dologin.php");
}
}

Step 3
下面是关键内容。在论坛根目录下创建dologin.php,内容及功能解释如下：

<?php
 
require_once './include/common.inc.php';
require_once DISCUZ_ROOT . './uc_client/client.php';
 
// COOKIE验证
if ($_COOKIE["UserInfo"]) {
//用户如果已经登录过，下面用统一通行证的cookie处理方法解析出用户信息
$username = .....;
$password = ......;
$email = ......;
$ResultCode = "0";
} else {
// 如果从论坛登录，则需要统一通行证验证
$username = $_POST["username"];
$password = $_POST["password"];
// 验证
$ResultCode = ....//如果验证成功返回0
$email = ....;//从通行证取到用户email
}
 
if ($ResultCode == "0") {
// 先看DZ用户表里是否有这条,如果有,且密码不一样，则更新密码（防止出现通行证用户修改密码后,DZ不能登陆）;没有新插入一条
if ($loginfield == 'uid') {
$isuid = 1;
} elseif ($loginfield == 'email') {
$isuid = 2;
} else {
$isuid = 0;
}
 
$ucresult = uc_user_login($username, $password, $isuid, 1, $questionid, $answer);
list($tmp['uid'], $tmp['username'], $tmp['password'], $tmp['email'], $duplicate) = daddslashes($ucresult, 1);
$ucresult = $tmp;
 
if ($duplicate && $ucresult['uid'] > 0) {
if ($olduid = $db -> result_first("SELECT uid FROM {$tablepre}members WHERE username='" . addslashes($ucresult['username']) . "'")) {
require_once DISCUZ_ROOT . './include/membermerge.func.php';
membermerge($olduid, $ucresult['uid']);
uc_user_merge_remove($ucresult['username']);
} else {
return 0;
}
}
 
if ($ucresult['uid'] == -1) {
// 用户不存在，或者被删除
$uid = uc_user_register($username, $password, $email, $questionid, $answer, $onlineip);
if ($uid <= 0) {
fail();
}
 
$inviteconfig = array();
$query = $db -> query("SELECT * FROM {$tablepre}settings WHERE variable IN ('bbrules', 'bbrulestxt', 'welcomemsg', 'welcomemsgtitle', 'welcomemsgtxt', 'inviteconfig')");
while ($setting = $db -> fetch_array($query)) {
$$setting['variable'] = $setting['value'];
}
$invitecode = $regstatus > 1 && $invitecode ? dhtmlspecialchars($invitecode) : '';
if ($regstatus > 1) {
$inviterewardcredit = $inviteaddcredit = $invitedaddcredit = '';
@extract(unserialize($inviteconfig));
}
 
$groupinfo = $db -> fetch_first("SELECT groupid, allownickname, allowcstatus, allowcusbbcode, allowsigbbcode, allowsigimgcode, maxsigsize FROM {$tablepre}usergroups WHERE " . ($regverify ? "groupid='8'" : "creditshigher<=" . intval($initcredits) . " AND " . intval($initcredits) . "<creditslower LIMIT 1"));
 
$secques = $questionid > 0 ? random(8) : '';
$idstring = random(6);
$authstr = $regverify == 1 ? "$timestamp\t2\t$idstring" : '';
$password = md5(random(10));
$db -> query("INSERT INTO {$tablepre}members (uid, username, password, secques, adminid, groupid, regip, regdate, lastvisit, lastactivity, posts, credits, extcredits1, extcredits2, extcredits3, extcredits4, extcredits5, extcredits6, extcredits7, extcredits8, email, showemail, timeoffset, pmsound, invisible, newsletter)
VALUES ('$uid', '$username', '$password', '$secques', '0', '$groupinfo[groupid]', '$onlineip', '$timestamp', '$timestamp', '$timestamp', '0', $initcredits, '$email', '0', '9999', '1', '0', '1')");
 
$db -> query("REPLACE INTO {$tablepre}memberfields (uid, authstr $fieldadd1) VALUES ('$uid', '$authstr' $fieldadd2)");
} elseif ($ucresult['uid'] == -2) {
// 密码错
if (!uc_user_edit($username, '', $password, $email, 1)) {
fail();
}
list($uid, $username, $email) = uc_get_user($username);
} else {
$uid = $ucresult['uid'];
}
 
$member = $db -> fetch_first("SELECT m.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques,
m.email, m.adminid, m.groupid, m.styleid, m.lastvisit, m.lastpost, u.allowinvisible
FROM {$tablepre}members m LEFT JOIN {$tablepre}usergroups u USING (groupid)
WHERE m.uid='$ucresult[uid]'");
 
if (!$member) {
// 需要激活
fail();
}
 
$member['discuz_userss'] = $member['discuz_user'];
$member['discuz_user'] = addslashes($member['discuz_user']);
foreach($member as $var => $value) {
$GLOBALS[$var] = $value;
}
 
if (addslashes($member['email']) != $ucresult['email']) {
$db -> query("UPDATE {$tablepre}members SET email='$ucresult[email]' WHERE uid='$ucresult[uid]'");
}
 
if ($questionid > 0 && empty($member['discuz_secques'])) {
$GLOBALS['discuz_secques'] = random(8);
$db -> query("UPDATE {$tablepre}members SET secques='$GLOBALS[discuz_secques]' WHERE uid='$ucresult[uid]'");
}
 
$GLOBALS['styleid'] = $member['styleid'] ? $member['styleid'] : $_DCACHE['settings']['styleid'];
 
$cookietime = intval(isset($_POST['cookietime']) ? $_POST['cookietime'] : 0);
 
dsetcookie('cookietime', $cookietime, 31536000);
dsetcookie('auth', authcode("$member[discuz_pw]\t$member[discuz_secques]\t$member[discuz_uid]", 'ENCODE'), $cookietime, 1, true);
dsetcookie('loginuser');
dsetcookie('activationauth');
dsetcookie('pmnum');
 
$GLOBALS['sessionexists'] = 0;
 
if ($_DCACHE['settings']['frameon'] && $_DCOOKIE['frameon'] == 'yes') {
$GLOBALS['extrahead'] .= '<script>if(top != self) {parent.leftmenu.location.reload();}</script>';
}
 
$ucsynlogin = $allowsynlogin ? uc_user_synlogin($discuz_uid) : '';
if (!empty($inajax)) {
$msgforward = unserialize($msgforward);
$mrefreshtime = intval($msgforward['refreshtime']) * 1000;
include_once DISCUZ_ROOT . './forumdata/cache/cache_usergroups.php';
$usergroups = $_DCACHE['usergroups'][$groupid]['grouptitle'];
$message = 1;
include template('login');
} else {
if ($groupid == 8) {
showmessage('login_succeed_inactive_member', 'memcp.php');
} else {
showmessage('login_succeed', dreferer());
}
}
} else {
fail();
}
 
function fail() {
showmessage('undefined_action', null, 'HALTED');
}
 
?>

<?php require_once './include/common.inc.php'; require_once DISCUZ_ROOT . './uc_client/client.php'; // COOKIE验证 if ($_COOKIE["UserInfo"]) { //用户如果已经登录过，下面用统一通行证的cookie处理方法解析出用户信息 $username = .....; $password = ......; $email = ......; $ResultCode = "0"; } else { // 如果从论坛登录，则需要统一通行证验证 $username = $_POST["username"]; $password = $_POST["password"]; // 验证 $ResultCode = ....//如果验证成功返回0 $email = ....;//从通行证取到用户email } if ($ResultCode == "0") { // 先看DZ用户表里是否有这条,如果有,且密码不一样，则更新密码（防止出现通行证用户修改密码后,DZ不能登陆）;没有新插入一条 if ($loginfield == 'uid') { $isuid = 1; } elseif ($loginfield == 'email') { $isuid = 2; } else { $isuid = 0; } $ucresult = uc_user_login($username, $password, $isuid, 1, $questionid, $answer); list($tmp['uid'], $tmp['username'], $tmp['password'], $tmp['email'], $duplicate) = daddslashes($ucresult, 1); $ucresult = $tmp; if ($duplicate && $ucresult['uid'] > 0) { if ($olduid = $db -> result_first("SELECT uid FROM {$tablepre}members WHERE username='" . addslashes($ucresult['username']) . "'")) { require_once DISCUZ_ROOT . './include/membermerge.func.php'; membermerge($olduid, $ucresult['uid']); uc_user_merge_remove($ucresult['username']); } else { return 0; } } if ($ucresult['uid'] == -1) { // 用户不存在，或者被删除 $uid = uc_user_register($username, $password, $email, $questionid, $answer, $onlineip); if ($uid <= 0) { fail(); } $inviteconfig = array(); $query = $db -> query("SELECT * FROM {$tablepre}settings WHERE variable IN ('bbrules', 'bbrulestxt', 'welcomemsg', 'welcomemsgtitle', 'welcomemsgtxt', 'inviteconfig')"); while ($setting = $db -> fetch_array($query)) { $$setting['variable'] = $setting['value']; } $invitecode = $regstatus > 1 && $invitecode ? dhtmlspecialchars($invitecode) : ''; if ($regstatus > 1) { $inviterewardcredit = $inviteaddcredit = $invitedaddcredit = ''; @extract(unserialize($inviteconfig)); } $groupinfo = $db -> fetch_first("SELECT groupid, allownickname, allowcstatus, allowcusbbcode, allowsigbbcode, allowsigimgcode, maxsigsize FROM {$tablepre}usergroups WHERE " . ($regverify ? "groupid='8'" : "creditshigher<=" . intval($initcredits) . " AND " . intval($initcredits) . "<creditslower LIMIT 1")); $secques = $questionid > 0 ? random(8) : ''; $idstring = random(6); $authstr = $regverify == 1 ? "$timestamp\t2\t$idstring" : ''; $password = md5(random(10)); $db -> query("INSERT INTO {$tablepre}members (uid, username, password, secques, adminid, groupid, regip, regdate, lastvisit, lastactivity, posts, credits, extcredits1, extcredits2, extcredits3, extcredits4, extcredits5, extcredits6, extcredits7, extcredits8, email, showemail, timeoffset, pmsound, invisible, newsletter) VALUES ('$uid', '$username', '$password', '$secques', '0', '$groupinfo[groupid]', '$onlineip', '$timestamp', '$timestamp', '$timestamp', '0', $initcredits, '$email', '0', '9999', '1', '0', '1')"); $db -> query("REPLACE INTO {$tablepre}memberfields (uid, authstr $fieldadd1) VALUES ('$uid', '$authstr' $fieldadd2)"); } elseif ($ucresult['uid'] == -2) { // 密码错 if (!uc_user_edit($username, '', $password, $email, 1)) { fail(); } list($uid, $username, $email) = uc_get_user($username); } else { $uid = $ucresult['uid']; } $member = $db -> fetch_first("SELECT m.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques, m.email, m.adminid, m.groupid, m.styleid, m.lastvisit, m.lastpost, u.allowinvisible FROM {$tablepre}members m LEFT JOIN {$tablepre}usergroups u USING (groupid) WHERE m.uid='$ucresult[uid]'"); if (!$member) { // 需要激活 fail(); } $member['discuz_userss'] = $member['discuz_user']; $member['discuz_user'] = addslashes($member['discuz_user']); foreach($member as $var => $value) { $GLOBALS[$var] = $value; } if (addslashes($member['email']) != $ucresult['email']) { $db -> query("UPDATE {$tablepre}members SET email='$ucresult[email]' WHERE uid='$ucresult[uid]'"); } if ($questionid > 0 && empty($member['discuz_secques'])) { $GLOBALS['discuz_secques'] = random(8); $db -> query("UPDATE {$tablepre}members SET secques='$GLOBALS[discuz_secques]' WHERE uid='$ucresult[uid]'"); } $GLOBALS['styleid'] = $member['styleid'] ? $member['styleid'] : $_DCACHE['settings']['styleid']; $cookietime = intval(isset($_POST['cookietime']) ? $_POST['cookietime'] : 0); dsetcookie('cookietime', $cookietime, 31536000); dsetcookie('auth', authcode("$member[discuz_pw]\t$member[discuz_secques]\t$member[discuz_uid]", 'ENCODE'), $cookietime, 1, true); dsetcookie('loginuser'); dsetcookie('activationauth'); dsetcookie('pmnum'); $GLOBALS['sessionexists'] = 0; if ($_DCACHE['settings']['frameon'] && $_DCOOKIE['frameon'] == 'yes') { $GLOBALS['extrahead'] .= '<script>if(top != self) {parent.leftmenu.location.reload();}</script>'; } $ucsynlogin = $allowsynlogin ? uc_user_synlogin($discuz_uid) : ''; if (!empty($inajax)) { $msgforward = unserialize($msgforward); $mrefreshtime = intval($msgforward['refreshtime']) * 1000; include_once DISCUZ_ROOT . './forumdata/cache/cache_usergroups.php'; $usergroups = $_DCACHE['usergroups'][$groupid]['grouptitle']; $message = 1; include template('login'); } else { if ($groupid == 8) { showmessage('login_succeed_inactive_member', 'memcp.php'); } else { showmessage('login_succeed', dreferer()); } } } else { fail(); } function fail() { showmessage('undefined_action', null, 'HALTED'); } ?>

Step 4

在用户登录时，要清掉通行证的cookie。需要修改logging.php

if($action == 'logout' && !empty($formhash)) {
 
if($_DCACHE['settings']['frameon'] && $_DCOOKIE['frameon'] == 'yes') {
 
$extrahead .= '<script>if(top != self) {parent.leftmenu.location.reload();}</script>';
 
}
 
if($formhash != FORMHASH) {
 
showmessage('logout_succeed', dreferer());
 
}
 
$ucsynlogout = $allowsynlogin ? uc_user_synlogout() : '';
 
clearcookies();
 
setcookie("UserInfo", "", time() - 3600, "/", ".xxx.com", 1); //删除通行证那边的cookie

上面四步完成后，清掉discuz的数据和模板缓存就大功告成了。

Categories: 感悟 Tags: discuz, php, 通行证

71街

discuz 7.2 嵌套外站用户通行证详解0+

关于71街

随机文章

推荐酷站

管理

71街

discuz 7.2 嵌套外站用户通行证详解0+

关于71街

随机文章

关键词

推荐酷站

管理