Server : Apache
System : Linux iZ2vcgyutqttsd1p850kl8Z 3.10.0-1160.92.1.el7.x86_64 #1 SMP Tue Jun 20 11:48:01 UTC 2023 x86_64
User : www ( 1000)
PHP Version : 5.6.40
Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
Directory :  /www/wwwroot/saimikebio.com/includes/website/
Upload File :
Current Directory [ Writeable ] Root Directory [ Writeable ]


Current File : /www/wwwroot/saimikebio.com/includes/website/tb_callback.php
<?php
header("Content-type:text/html; charset=UTF-8;");
define('IN_ECS', true);
require_once 'config/taobao_config.php';
session_start();

if( !isset($_GET["state"])||empty($_GET["state"])||!isset($_GET["code"])||empty($_GET["code"]) )
{
	echo "<span style='font-size:12px;line-height:24px;'>请求非法或超时!&nbsp;&nbsp;<a href='/index.php'>返回首页</a></span>";
	exit;
}
else
{
	//参数验证
	if( $_GET["state"]!=$_SESSION["tb_state"] )
	{
		//echo "网站获取用于第三方应用防止CSRF攻击失败。";
		echo "<span style='font-size:12px;line-height:24px;'>请求非法或超时!&nbsp;&nbsp;<a href='/index.php'>返回首页</a></span>";
		exit;
	}
	
	$code = $_GET["code"]; // 通过访问https://oauth.taobao.com/authorize获取code

	$redirect_url =  "http://".$_SERVER["HTTP_HOST"]. $_SERVER["REQUEST_URI"];

	// 请求参数
	$postfields = array (
			'grant_type' => "authorization_code",
			'client_id' => APP_KEY,
			'client_secret' => APP_SECRET,
			'code' => $code,
			'redirect_uri' => $redirect_url
	);
	
	$url = 'https://oauth.taobao.com/token';
	
	$token = json_decode ( curl ( $url, $postfields ) );
	$access_token = $token->access_token;
	$_SESSION['tb_access_token'] = $access_token;

	//保存用户信息
	$user_info['user_id'] = $token -> taobao_user_id;
	$user_info['name'] = urldecode($token -> taobao_user_nick);
	/*$user_info['user_domain'] = "";
	$user_info['user_profile'] = "";
	$user_info['user_token'] = $token -> access_token;
	$user_info['user_type'] = "taobao";*/
	$_SESSION['user_info'] = $user_info;
	
	//$uname = $token -> taobao_user_nick;
	//$openid = $token -> taobao_user_id;
	//$sign = md5($uname.$openid.substr($openid, 2, 4));
			
	$go_url = "../../user.php?act=other_login&type=tb";
	
	header("location:".$go_url);
}
 
 //POST请求函数
function curl($url, $postFields = null)
{
	$ch = curl_init ();
	curl_setopt ( $ch, CURLOPT_URL, $url );
	curl_setopt ( $ch, CURLOPT_FAILONERROR, false );
	curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, true );
	
	if (is_array ( $postFields ) && 0 < count ( $postFields )) {
		$postBodyString = "";
		foreach ( $postFields as $k => $v ) {
			$postBodyString .= "$k=" . urlencode ( $v ) . "&";
		}
		unset ( $k, $v );
		curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, 0 );
		curl_setopt ( $ch, CURLOPT_SSL_VERIFYHOST, 0 );
		curl_setopt ( $ch, CURLOPT_POST, true );
		curl_setopt ( $ch, CURLOPT_POSTFIELDS, substr ( $postBodyString, 0, - 1 ) );
	}
	$reponse = curl_exec ( $ch );
	if (curl_errno ( $ch )) {
		throw new Exception ( curl_error ( $ch ), 0 );
	} else {
		$httpStatusCode = curl_getinfo ( $ch, CURLINFO_HTTP_CODE );
		if (200 !== $httpStatusCode) {
			throw new Exception ( $reponse, $httpStatusCode );
		}
	}
	curl_close ( $ch );
	return $reponse;
}
 
?>