1<?php
2/**
3 * uc api for dokuwiki
4 * @author daxingplay<daxingplay@gmail.com>
5 * @link <https://github.com/daxingplay/dokuwiki-plugin-authucenter>
6 */
7
8error_reporting(0);
9
10define('UC_CLIENT_VERSION', '1.6.0');
11define('UC_CLIENT_RELEASE', '20110501');
12
13define('API_DELETEUSER', 0);        //note 用户删除 API 接口开关
14define('API_RENAMEUSER', 0);        //note 用户改名 API 接口开关
15define('API_GETTAG', 0);        //note 获取标签 API 接口开关
16define('API_SYNLOGIN', 1);      //note 同步登录 API 接口开关
17define('API_SYNLOGOUT', 1);     //note 同步登出 API 接口开关
18define('API_UPDATEPW', 0);      //note 更改用户密码 开关
19define('API_UPDATEBADWORDS', 0);    //note 更新关键字列表 开关
20define('API_UPDATEHOSTS', 1);       //note 更新域名解析缓存 开关
21define('API_UPDATEAPPS', 1);        //note 更新应用列表 开关
22define('API_UPDATECLIENT', 1);      //note 更新客户端缓存 开关
23define('API_UPDATECREDIT', 0);      //note 更新用户积分 开关
24define('API_GETCREDITSETTINGS', 0); //note 向 UCenter 提供积分设置 开关
25define('API_GETCREDIT', 0);     //note 获取用户的某项积分 开关
26define('API_UPDATECREDITSETTINGS', 0);  //note 更新应用积分设置 开关
27define('API_ADDFEED', 0);
28define('API_RETURN_SUCCEED', '1');
29define('API_RETURN_FAILED', '-1');
30define('API_RETURN_FORBIDDEN', '-2');
31
32define('IN_DOKU', true);
33define('IN_API', true);
34define('CURSCRIPT', 'api');
35
36if(!defined('IN_UC')) {
37    define('DOKU_ROOT', dirname(dirname(__FILE__)).'/');
38    require_once DOKU_ROOT.'./conf/uc.auth.php';
39
40    $get = $post = array();
41
42    $code = @$_GET['code'];
43    parse_str(authcode($code, 'DECODE', UC_KEY), $get);
44
45    $timestamp = time();
46    if($timestamp - $get['time'] > 3600) {
47        exit('Authorization has expired');
48    }
49    if(empty($get)) {
50        exit('Invalid Request');
51    }
52
53    include_once DOKU_ROOT.'./uc_client/lib/xml.class.php';
54    $post = xml_unserialize(file_get_contents('php://input'));
55
56    if(in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcredit', 'getcreditsettings', 'updatecreditsettings', 'addfeed'))) {
57        $uc_note = new uc_note();
58        echo $uc_note->$get['action']($get, $post);
59        exit();
60    } else {
61        exit(API_RETURN_FAILED);
62    }
63} else {
64    exit('Access denied.');
65}
66
67class uc_note {
68
69    var $dbconfig = '';
70    var $db = '';
71    var $tablepre = '';
72    var $appdir = '';
73
74    function _serialize($arr, $htmlon = 0) {
75        if(!function_exists('xml_serialize')) {
76            include_once DOKU_ROOT.'./uc_client/lib/xml.class.php';
77        }
78        return xml_serialize($arr, $htmlon);
79    }
80
81    function uc_note() {
82
83    }
84
85    function test($get, $post) {
86        return API_RETURN_SUCCEED;
87    }
88
89    function deleteuser($get, $post) {
90        // global $_G;
91        if(!API_DELETEUSER) {
92            return API_RETURN_FORBIDDEN;
93        }
94
95        return API_RETURN_SUCCEED;
96    }
97
98    function renameuser($get, $post) {
99        // global $_G;
100
101        if(!API_RENAMEUSER) {
102            return API_RETURN_FORBIDDEN;
103        }
104
105        return API_RETURN_SUCCEED;
106    }
107
108    function gettag($get, $post) {
109        // global $_G;
110        if(!API_GETTAG) {
111            return API_RETURN_FORBIDDEN;
112        }
113        return $this->_serialize(array($get['id'], array()), 1);
114    }
115
116    function synlogin($get, $post) {
117        // global $_G;
118        if(!API_SYNLOGIN) {
119            return API_RETURN_FORBIDDEN;
120        }
121
122        header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
123
124        // FIXME
125        $cookietime = 31536000;
126        $uid = intval($get['uid']);
127        $username = $get['username'];
128        $password_e = $get['password'];
129        $time = $get['time'];
130        // $member = uc_get_user($uid, 1);
131        if($username) {
132            // uc_setcookie($conf['auth']['uc']['cookie'], authcode("$member[password]\t$member[uid]", 'ENCODE'), $cookietime);
133            uc_setcookie(DW_UC_COOKIE_NAME, authcode("$uid\t$password_e\t$username", 'ENCODE'), $cookietime, true);
134        }
135    }
136
137    function synlogout($get, $post) {
138        global $_G, $conf;
139
140        if(!API_SYNLOGOUT) {
141            return API_RETURN_FORBIDDEN;
142        }
143
144        header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
145
146        uc_setcookie(DW_UC_COOKIE_NAME, '', -31536000);
147    }
148
149    function updatepw($get, $post) {
150        global $_G;
151
152        if(!API_UPDATEPW) {
153            return API_RETURN_FORBIDDEN;
154        }
155
156        return API_RETURN_SUCCEED;
157    }
158
159    function updatebadwords($get, $post) {
160        global $_G;
161
162        if(!API_UPDATEBADWORDS) {
163            return API_RETURN_FORBIDDEN;
164        }
165
166        return API_RETURN_SUCCEED;
167    }
168
169    function updatehosts($get, $post) {
170        global $_G;
171
172        if(!API_UPDATEHOSTS) {
173            return API_RETURN_FORBIDDEN;
174        }
175
176        $cachefile = DOKU_ROOT.'./uc_client/data/cache/hosts.php';
177        $fp = fopen($cachefile, 'w');
178        $s = "<?php\r\n";
179        $s .= '$_CACHE[\'hosts\'] = '.var_export($post, TRUE).";\r\n";
180        fwrite($fp, $s);
181        fclose($fp);
182
183        return API_RETURN_SUCCEED;
184    }
185
186    function updateapps($get, $post) {
187        global $_G;
188
189        if(!API_UPDATEAPPS) {
190            return API_RETURN_FORBIDDEN;
191        }
192
193        $UC_API = '';
194        if($post['UC_API']) {
195            $UC_API = $post['UC_API'];
196            unset($post['UC_API']);
197        }
198
199        $cachefile = DOKU_ROOT.'./uc_client/data/cache/apps.php';
200        $fp = fopen($cachefile, 'w');
201        $s = "<?php\r\n";
202        $s .= '$_CACHE[\'apps\'] = '.var_export($post, TRUE).";\r\n";
203        fwrite($fp, $s);
204        fclose($fp);
205
206        if($UC_API && is_writeable(DOKU_ROOT.'./conf/uc.conf.php')) {
207            if(preg_match('/^https?:\/\//is', $UC_API)) {
208                $configfile = trim(file_get_contents(DOKU_ROOT.'./conf/uc.conf.php'));
209                $configfile = substr($configfile, -2) == '?>' ? substr($configfile, 0, -2) : $configfile;
210                $configfile = preg_replace("/define\('UC_API',\s*'.*?'\);/i", "define('UC_API', '".addslashes($UC_API)."');", $configfile);
211                if($fp = @fopen(DOKU_ROOT.'./config/conf/uc.conf.php', 'w')) {
212                    @fwrite($fp, trim($configfile));
213                    @fclose($fp);
214                }
215            }
216        }
217        return API_RETURN_SUCCEED;
218    }
219
220    function updateclient($get, $post) {
221        global $_G;
222
223        if(!API_UPDATECLIENT) {
224            return API_RETURN_FORBIDDEN;
225        }
226
227        $cachefile = DOKU_ROOT.'./uc_client/data/cache/settings.php';
228        $fp = fopen($cachefile, 'w');
229        $s = "<?php\r\n";
230        $s .= '$_CACHE[\'settings\'] = '.var_export($post, TRUE).";\r\n";
231        fwrite($fp, $s);
232        fclose($fp);
233
234        return API_RETURN_SUCCEED;
235    }
236
237    function updatecredit($get, $post) {
238        global $_G;
239
240        if(!API_UPDATECREDIT) {
241            return API_RETURN_FORBIDDEN;
242        }
243
244        return API_RETURN_SUCCEED;
245    }
246
247    // function getcredit($get, $post) {
248        // global $_G;
249//
250        // if(!API_GETCREDIT) {
251            // return API_RETURN_FORBIDDEN;
252        // }
253        // $uid = intval($get['uid']);
254        // $credit = intval($get['credit']);
255        // $_G['uid'] = $uid;
256        // return getuserprofile('extcredits'.$credit);
257    // }
258
259    // function getcreditsettings($get, $post) {
260        // global $_G;
261//
262        // if(!API_GETCREDITSETTINGS) {
263            // return API_RETURN_FORBIDDEN;
264        // }
265//
266        // $credits = array();
267        // foreach($_G['setting']['extcredits'] as $id => $extcredits) {
268            // $credits[$id] = array(strip_tags($extcredits['title']), $extcredits['unit']);
269        // }
270//
271        // return $this->_serialize($credits);
272    // }
273
274    function updatecreditsettings($get, $post) {
275        global $_G;
276
277        if(!API_UPDATECREDITSETTINGS) {
278            return API_RETURN_FORBIDDEN;
279        }
280        return API_RETURN_SUCCEED;
281    }
282
283    function addfeed($get, $post) {
284        global $_G;
285
286        if(!API_ADDFEED) {
287            return API_RETURN_FORBIDDEN;
288        }
289        return API_RETURN_SUCCEED;
290    }
291}
292
293function authcode($string, $operation = 'DECODE', $key = '', $expiry = 0) {
294
295    $ckey_length = 4;
296
297    $key = md5($key ? $key : UC_KEY);
298    $keya = md5(substr($key, 0, 16));
299    $keyb = md5(substr($key, 16, 16));
300    $keyc = $ckey_length ? ($operation == 'DECODE' ? substr($string, 0, $ckey_length): substr(md5(microtime()), -$ckey_length)) : '';
301
302    $cryptkey = $keya.md5($keya.$keyc);
303    $key_length = strlen($cryptkey);
304
305    $string = $operation == 'DECODE' ? base64_decode(substr($string, $ckey_length)) : sprintf('%010d', $expiry ? $expiry + time() : 0).substr(md5($string.$keyb), 0, 16).$string;
306    $string_length = strlen($string);
307
308    $result = '';
309    $box = range(0, 255);
310
311    $rndkey = array();
312    for($i = 0; $i <= 255; $i++) {
313        $rndkey[$i] = ord($cryptkey[$i % $key_length]);
314    }
315
316    for($j = $i = 0; $i < 256; $i++) {
317        $j = ($j + $box[$i] + $rndkey[$i]) % 256;
318        $tmp = $box[$i];
319        $box[$i] = $box[$j];
320        $box[$j] = $tmp;
321    }
322
323    for($a = $j = $i = 0; $i < $string_length; $i++) {
324        $a = ($a + 1) % 256;
325        $j = ($j + $box[$a]) % 256;
326        $tmp = $box[$a];
327        $box[$a] = $box[$j];
328        $box[$j] = $tmp;
329        $result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256]));
330    }
331
332    if($operation == 'DECODE') {
333        if((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26).$keyb), 0, 16)) {
334            return substr($result, 26);
335        } else {
336            return '';
337        }
338    } else {
339        return $keyc.str_replace('=', '', base64_encode($result));
340    }
341
342}
343
344function uc_serialize($arr, $htmlon = 0) {
345    include_once UC_CLIENT_ROOT.'./lib/xml.class.php';
346    return xml_serialize($arr, $htmlon);
347}
348
349function uc_unserialize($s) {
350    include_once UC_CLIENT_ROOT.'./lib/xml.class.php';
351    return xml_unserialize($s);
352}
353
354function uc_setcookie($var, $value = '', $life = 0, $httponly = false) {
355
356    global $timestamp;
357
358    $_COOKIE[$var] = $value;
359
360    if($value == '' || $life < 0) {
361        $value = '';
362        $life = -1;
363    }
364
365    $life = $life > 0 ? $timestamp + $life : ($life < 0 ? $timestamp - 31536000 : 0);
366    $path = $httponly && PHP_VERSION < '5.2.0' ? DW_UC_COOKIE_PATH.'; HttpOnly' : DW_UC_COOKIE_PATH;
367
368    $secure = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
369    if(PHP_VERSION < '5.2.0') {
370        setcookie($var, $value, $life, $path, DW_UC_COOKIE_DOMAIN, $secure);
371    } else {
372        setcookie($var, $value, $life, $path, DW_UC_COOKIE_DOMAIN, $secure, $httponly);
373    }
374}
375?>