add openapi plugin and fixed some bugs

Author: qt06

control/common_control.class.php

@@ -554,7 +554,7 @@ protected function check_access($forum, $action) {
 	// 检查是否登录
 	public function check_login() {
 		if(empty($this->_user['uid'])) {
-			$this->message('您还没有登录，请先登录。', -1); // .print_r($_COOKIE, 1)
+			$this->message('您还没有登录，请先登录。', 0); // .print_r($_COOKIE, 1)
 		}
 	}
 

control/index_control.class.php

@@ -159,6 +159,40 @@ public function article() {
 	public function blog() {
 
 	}
+public function on_forumlist() {
+$arr = array();
+foreach($this->conf['forumarr'] as $fid => $name) {
+		$forum = $this->mcache->read('forum', $fid);
+		$ismod = $this->is_mod($forum, $this->_user);
+		$arradd1 = !empty($forum['typecates'][1]) && (empty($forum['typecates_mod'][1]) || $forum['typecates_mod'][1] && $ismod) ? array('0'=>$forum['typecates'][1].'▼') : array();
+		$arradd2 = !empty($forum['typecates'][2]) && (empty($forum['typecates_mod'][2]) || $forum['typecates_mod'][2] && $ismod) ? array('0'=>$forum['typecates'][2].'▼') : array();
+		$arradd3 = !empty($forum['typecates'][3]) && (empty($forum['typecates_mod'][3]) || $forum['typecates_mod'][3] && $ismod) ? array('0'=>$forum['typecates'][3].'▼') : array();
+		$arradd4 = !empty($forum['typecates'][4]) && (empty($forum['typecates_mod'][4]) || $forum['typecates_mod'][4] && $ismod) ? array('0'=>$forum['typecates'][4].'▼') : array();
+		$typearr1 = empty($forum['types'][1]) || empty($arradd1) ? array() : $arradd1 + (array)$forum['types'][1];
+		$typearr2 = empty($forum['types'][2]) || empty($arradd2) ? array() : $arradd2 + (array)$forum['types'][2];
+		$typearr3 = empty($forum['types'][3]) || empty($arradd3) ? array() : $arradd3 + (array)$forum['types'][3];
+		$typearr4 = empty($forum['types'][4]) || empty($arradd4) ? array() : $arradd4 + (array)$forum['types'][4];
+$ta = array('fid' => $fid, 'name' => $name, 'types' => array());
+$ta['types']['typeid1'] = array();
+foreach($typearr1 as $k => $v) {
+$ta['types']['typeid1'][] = array('id'=>$k, 'name' => $v);
+}
+$ta['types']['typeid2'] = array();
+foreach($typearr2 as $k => $v) {
+$ta['types']['typeid2'][] = array('id'=>$k, 'name' => $v);
+}
+$ta['types']['typeid3'] = array();
+foreach($typearr3 as $k => $v) {
+$ta['types']['typeid3'][] = array('id'=>$k, 'name' => $v);
+}
+$ta['types']['typeid4'] = array();
+foreach($typearr4 as $k => $v) {
+$ta['types']['typeid4'][] = array('id'=>$k, 'name' => $v);
+}
+$arr[] = $ta;
+}
+$this->message($arr);
+}
 
 	private function get_toplist($forum = array()) {
 		$fidtids = array();

control/post_control.class.php

@@ -152,7 +152,7 @@ public function on_thread() {
 
 				$tid = $thread['tid'] = $this->thread->create($thread);
 				if(!$thread['tid']) {
-					$this->message('发帖过程中保存数据错误，请联系管理员。');
+					$this->message('发帖过程中保存数据错误，请联系管理员。', 0);
 				}
 
 				// hook post_thread_create_after.php
@@ -270,7 +270,7 @@ public function on_post() {
 
 		// 帖子回复数不能超过 10000
 		if($thread['posts'] > 10000) {
-			$this->message('该帖子回复数已经达到10000，不能再回复了，再起话题吧！');
+			$this->message('该帖子回复数已经达到10000，不能再回复了，再起话题吧！', 0);
 		}
 
 		// 版块权限检查
@@ -611,7 +611,7 @@ public function on_delete() {
 
 		// 检查是否为 post 提交
 		if(!core::gpc('formhash', 'P')) {
-			$this->message('非法请求！');
+			$this->message('非法请求！', 0);
 		}
 
 		$this->check_login();

control/user_control.class.php

@@ -39,7 +39,7 @@ public function on_login() {
 
 			if(empty($email)) {
 				$error['email'] = '请填写用户名或Email';
-				$this->message($error);
+				$this->message($error['email'], 0);
 			}
 
 			// hook user_login_check_before.php
@@ -49,7 +49,7 @@ public function on_login() {
 				if(empty($userdb)) {
 					$error['email'] = '用户名/Email 不存在';
 					log::write('EMAIL不存在:'.$email, 'login.php');
-					$this->message($error);
+					$this->message($error['email'], 0);
 				}
 			}
 			$uid = $userdb['uid'];
@@ -58,7 +58,7 @@ public function on_login() {
 				$error['password'] = '密码错误!';
 				$log_password = '******'.substr($password, 6);
 				log::write("密码错误：$email - $log_password", 'login.php');
-				$this->message($error);
+				$this->message($error['password'], 0);
 			}
 
 			// hook user_login_check_after.php
@@ -130,6 +130,9 @@ public function on_create() {
 
 			// check 数据格式
 			$error['email'] = $this->user->check_email($email);
+			if(array_filter($error)) {
+				$this->message($error['email'], 0);
+			}
 			$error['email_exists'] = $this->user->check_email_exists($email);
 
 			// 如果email存在
@@ -147,6 +150,9 @@ public function on_create() {
 			$error['password'] = $this->user->check_password($password);
 			$error['password2'] = $this->user->check_password2($password, $password2);
 
+			if(array_filter($error)) {
+				$this->message(implode(' | ',$error), 0);
+			}
 			$groupid = $this->conf['reg_email_on'] ? 6 : 11;
 			$salt = $this->user->randString(9);
 			$user = array(

plugin/openapi/common_control_after.php

@@ -0,0 +1,11 @@
+	protected function init_app() {
+		if($this->appkey) {
+			$app = $this->open_app->get_app_by_appkey($this->appkey);
+			if(empty($app)) {
+				$this->appkey = NULL;
+				$this->seckey = NULL;
+			}
+			$this->app = $app;
+		}
+	}
+

plugin/openapi/common_control_before.php

@@ -0,0 +1,3 @@
+	public $appkey= NULL;
+	public $seckey = NULL;
+	public $app = array();

plugin/openapi/common_control_construct_after.php

@@ -0,0 +1,7 @@
+	if($this->format == "json") $_GET["ajax"] = 1;
+	$this->appkey = core::gpc("appkey","R");
+	$this->seckey = core::gpc("seckey","R");
+if(core::gpc("auth","R")) {
+$auth = core::gpc("auth","R");
+$_GET[$this->conf['cookie_pre'] . 'auth'] = $auth;
+}

plugin/openapi/common_control_init_after.php

@@ -0,0 +1 @@
+		$this->init_app();

plugin/openapi/conf.php

@@ -0,0 +1,10 @@
+<?php
+
+return 	array (
+	'name' => '开放API',		// 插件名
+	'brief' => '开放API',
+	'version' => '1.0.0',		// 插件版本
+	'bbs_version' => '1.1.0',		// 插件支持的 Xiuno BBS 版本
+	'cateid' => 4,
+);
+?>

plugin/openapi/form_submit_after.php

@@ -0,0 +1,3 @@
+		if($this->seckey && isset($this->app['seckey'])) {
+			return $this->seckey == $this->app['seckey'];
+		}

plugin/openapi/install.php

@@ -0,0 +1,50 @@
+<?php
+!defined('FRAMEWORK_PATH') && exit('FRAMEWORK_PATH not defined.');
+$db_table = array(
+	'open_app'=>array (
+		array('aid', 'int(10)'),
+		array('uid', 'int(10)'),
+		array('username', 'varchar(16)'),
+		array('created', 'int(10)'),
+		array('modified', 'int(10)'),
+		array('name', 'varchar(16)'),
+		array('screenname', 'varchar(16)'),
+		array('type', 'varchar(16)'),
+		array('description', 'varchar(200)'),
+		array('appkey', 'varchar(200)'),
+		array('seckey', 'varchar(200)'),
+		array('verify', 'tinyint(1)')
+	),
+	'open_user'=>array (
+		array('uid', 'int(10)'),
+		array('username', 'varchar(16)'),
+		array('subject', 'varchar(100)'),
+		array('content', 'longtext')
+	)
+);
+
+$db_index = array(
+	'open_app'=>array(
+array('aid'=>1),
+array('uid'=>1),
+array('name'=>1),
+array('screenname'=>1),
+array('type'=>1),
+array('appkey'=>1),
+array('seckey'=>1)
+),
+	'open_user'=>array(array('uid'=>1))
+);
+
+			$db = $this->user->db;
+			foreach($db_table as $table=>$cols) {
+				$db->table_drop($table);
+				$db->table_create($table, $cols);
+			}
+			
+			//
+			foreach($db_index as $table=>$indexes) {
+				foreach($indexes as $index) {
+					$db->index_create($table, $index);
+				}
+			}

plugin/openapi/open_app.class.php

@@ -0,0 +1,60 @@
+<?php
+
+/*
+ * Copyright (C) zdsr.com
+ */
+
+class open_app extends base_model{
+	
+	function __construct(&$conf) {
+		parent::__construct($conf);
+		$this->table = 'open_app';
+		$this->primarykey = array('aid');
+		$this->maxcol = 'aid';
+		
+		// hook open_app_construct_end.php
+	}
+	
+	public function get_app_by_appkey($appkey) {
+		// 根据非主键取数据
+		$applist = $this->index_fetch( array('appkey'=>$appkey), array(), 0, 1);
+		return $applist ? array_pop($applist) : array();
+	}
+
+	public function get_applist($start = 0,$limit = 100) {
+			$applist = $this->index_fetch(array(), array('created'=>-1), $start, $limit);
+			return $applist;
+	}
+	
+	// 用来显示给用户
+	public function format(&$app) {
+		if(empty($app)) return;
+		$app['created_fmt'] = misc::humandate($app['created']);
+		$app['modified_fmt'] = misc::humandate($app['modified']);
+	}
+
+	public function check_name_exists($name) {
+		$app = $this->index_fetch(array('name'=>$name),array(),0,1);
+		return $app ? '该应用名称已存在。' : '';
+	}
+
+	public function check_screenname_exists($screenname) {
+		$app = $this->index_fetch(array('screenname'=>$screenname),array(),0,1);
+		return $app ? '该显示名称已存在。' : '';
+	}
+
+	public function generate_appkey() {
+		return time();
+	}
+
+	public function generate_seckey() {
+		return md5(rand(100,999) . time());
+	}
+
+	public function html_safe($doc) {
+		return xn_html_safe::filter($doc);
+	}
+
+	// hook open_app_model_end.php
+}
+?>

plugin/openapi/open_control.class.php

@@ -0,0 +1,74 @@
+<?php
+
+/*
+ * Copyright (C) zdsr.com
+ */
+
+!defined('FRAMEWORK_PATH') && exit('FRAMEWORK_PATH not defined.');
+
+include BBS_PATH.'control/common_control.class.php';
+
+class open_control extends common_control {
+	
+	function __construct(&$conf) {
+		parent::__construct($conf);
+		$this->_title[] = ($this->conf['seo_title'] ? $this->conf['seo_title'] : $this->conf['app_name']) . '开放平台';
+		//$this->_seo_keywords = $this->conf['seo_keywords'];
+		//$this->_seo_description = $this->conf['seo_description'];
+	}
+
+	public function on_index() {
+		$applist = $this->open_app->get_applist();
+		foreach($applist as &$app) {
+			$this->open_app->format($app);
+		}
+$this->format == "json" && $this->json($applist);
+		$this->view->assign("applist",$applist);
+		$this->view->display("open_index.htm");
+	}
+
+	public function on_view() {
+		$aid = core::gpc("aid");
+		$app = $this->open_app->read($aid);
+		$this->format == "json" && $this->json($app);
+		$this->view->assign("app",$app);
+		$this->view->display("open_view.htm");
+	}
+
+	public function on_create() {
+		$this->check_login();
+		if($this->form_submit()) {
+				$error = array();
+			$name = core::gpc("name","P");
+			$screenname = core::gpc("screenname","P");
+			$error['name'] = $this->open_app->check_name_exists($name);
+				$error['screenname'] = $this->open_app->check_screenname_exists($screenname);
+				if(array_filter($error)) $this->message($error);
+			$description = core::gpc("description","P");
+			$type = core::gpc("type","P");
+			$created = time();
+			$modified = time();
+			$appkey = $this->open_app->generate_appkey();
+			$seckey = $this->open_app->generate_seckey();
+			$arr = array(
+				'uid'=>$this->_user['uid'],
+				'username'=>$this->_user['username'],
+				'created'=>$created,
+				'modified'=>$modified,
+				'name'=>$name,
+				'screenname'=>$screenname,
+				'type'=>$type,
+				'description'=>$description,
+				'appkey'=>$appkey,
+				'seckey'=>$seckey,
+				'verify'=>0
+			);
+			$aid = $this->open_app->create($arr);
+			$this->message("应用创建完成。",1,"?open-index.htm");
+		}
+		array_unshift($this->_title,'创建新应用');
+		$this->view->display("open_create.htm");
+	}
+	//end class
+}
+?>

plugin/openapi/open_create.htm

@@ -0,0 +1,38 @@
+<!--{include header.htm}-->
+
+<div class="width">
+	<div class="div">
+		<div class="header"><span class="icon"></span>创建新应用 > $conf[app_name]开放平台</div>
+		<div class="body">
+			<div style="margin-top: 8px; line-height: 12px; margin-bottom: 4px;">
+<form action="?open-create.htm" method="post" id="create_app">
+	<input type="hidden" name="FORM_HASH" value="{FORM_HASH}" />
+<p><label for="name">应用名称：</label>
+<input type="text" id="name" name="name" />
+<span>应用名称，建议使用字母</span>
+</p>
+<p><label for="screenname">显示名称：</label>
+<input type="text" id="screenname" name="screenname" />
+<span>用于显示给用户</span>
+</p>
+<p><label for="type"> 应用类型：</label>
+<select id="type" name="type">
+<option value="exe">独立exe执行程序</option>
+<option value="dll">dll调用</option>
+<option value="url">url网页应用</option>
+</select>
+</p>
+<p><label for="description">应用描述：</label>
+<input type="text" id="description" name="description" />
+</p>
+<p><button type="submit">提交申请</button></p>
+</form>
+			</div>
+		</div>
+		<div class="footer"></div>
+	</div>
+</div>
+
+<!--{include footer.htm}-->
+</body>
+</html>