Server : Apache
System : Linux iZ2vcgyutqttsd1p850kl8Z 3.10.0-1160.92.1.el7.x86_64 #1 SMP Tue Jun 20 11:48:01 UTC 2023 x86_64
User : www ( 1000)
PHP Version : 5.6.40
Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
Directory :  /www/wwwroot/saimikebio.com/wechat/
Upload File :
Current Directory [ Writeable ] Root Directory [ Writeable ]


Current File : /www/wwwroot/saimikebio.com/wechat/userinfo.php
<?php
define('IN_ECS', true);
require(dirname(__FILE__) . '/../includes/init.php');
$wxid = !empty($_GET['wxid']) ? $_GET['wxid'] : '';
if(!empty($wxid)) 
{
	access_token($db);
	$ret = $db->getRow("SELECT * FROM ". $GLOBALS['ecs']->table('weixin_config') ." WHERE `id` = 1");
	$access_token = $ret['access_token'];
	$url = "https://api.weixin.qq.com/cgi-bin/user/info?access_token=$access_token&openid=$wxid";
	$res_json = curl_get_contents($url);
	$w_user = json_decode($res_json,TRUE);
	if($w_user['errcode'] == '40001') 
	{
		$access_token = new_access_token($db);
		$url = "https://api.weixin.qq.com/cgi-bin/user/info?access_token=$access_token&openid=$wxid";
		$res_json = curl_get_contents($url);
		$w_user = json_decode($res_json,TRUE);
	}
	if(empty($w_user['nickname'])) 
	{
		if($wxid == 'oo1v-tir7oHXTL42WpwAlNsLTZlc') 
		{
			$db->query( "UPDATE  ". $GLOBALS['ecs']->table('weixin_user') ." SET  `nickname` =  'empty' WHERE `wxid` = '$wxid';");
		}
		exit('nickname is empty');
	}
	$ecs_users = $ecs->prefix.'users';
	$w_sql = "UPDATE  ". $GLOBALS['ecs']->table('weixin_user') ." SET  `nickname` =  '$w_user[nickname]',`sex` =  '$w_user[sex]',`city` =  '$w_user[city]',`country` =  '$w_user[country]',`province` =  '$w_user[province]',`language` =  '$w_user[language]',`headimgurl` =  '$w_user[headimgurl]',`localimgurl` = '$localimgurl', `subscribe_time` =  '$w_user[subscribe_time]' WHERE `wxid` = '$wxid';";
	$db->query($w_sql);
	$headimg = " UPDATE ". $GLOBALS['ecs']->table('users') ." SET `headimg` = '$w_user[headimgurl]'  WHERE `wxid` = '$wxid'";
	$db -> query($headimg);
	$weixin_user_query = $db->getOne("SELECT `uname` FROM " . $GLOBALS['ecs']->table('weixin_user') . " WHERE `wxid` = '$wxid';");
	if($weixin_user_query){
		$user_query = $db->getOne("SELECT `user_name` FROM ".$ecs_users." WHERE `user_name` = '$weixin_user_query' and `wxid` = '$wxid';");
		if(empty($user_query))
		{
			$q_name = $db -> getOne("SELECT `autoreg_name` FROM ". $GLOBALS['ecs']->table('weixin_autoreg') ." WHERE `autoreg_id` = 1");
			if(empty($q_name)){
				$q_name="weixin";
			}
			$rank_id = $db -> getOne("SELECT `rank_id` FROM ". $GLOBALS['ecs']->table('weixin_autoreg') ." WHERE `autoreg_id` = 1");
			$ec_pwd = md5(rand(1000000, 9999999));
			$wxch_user_sql = "INSERT INTO ". $GLOBALS['ecs']->table('users') ." ( `user_name`,`password`,`wxid`,`user_rank`,`reg_time`,`wxch_bd`,`is_validated`) VALUES ('$wxid','$ec_pwd','$wxid','$rank_id'," . gmtime() . ",'ok',1)";
			$db -> query($wxch_user_sql);
			$ecs_user_id = $db -> insert_id();
			$ecs_user_name = $q_name . $ecs_user_id;
			$ecs_update = " UPDATE ". $GLOBALS['ecs']->table('users') ." SET `user_name` = '$ecs_user_name'  WHERE `user_id` = '$ecs_user_id'";
			$db -> query($ecs_update);
			$ecs_update = " UPDATE ". $GLOBALS['ecs']->table('weixin_user') ." SET `uname` = '$ecs_user_name'  WHERE `wxid` = '$wxid'";
			$db -> query($ecs_update);
		}
	}else{
		$user_query = $db->getOne("SELECT `user_name` FROM ".$ecs_users." WHERE `wxid` = '$wxid';");
		if($user_query)
		{
			$ecs_update = " UPDATE ". $GLOBALS['ecs']->table('weixin_user') ." SET `uname` = '$user_query',setp=3  WHERE `wxid` = '$wxid'";
			$db -> query($ecs_update);
		}
	}


	$user_query = $db->getOne("SELECT `wxid` FROM ".$ecs_users." WHERE `wxid` = `user_name` AND wxid = '$wxid';");
	$w_users = "UPDATE  ".$ecs_users." SET  `user_name` =  '$w_user[nickname]'  WHERE `wxid` = `user_name` AND `wxch_bd` = 'no' AND `wxid` = '$wxid';";
	$users_sql = "SELECT `wxid` FROM ".$ecs_users." WHERE `user_name` = '$w_user[nickname]';";
	$users_q = $db->getOne($users_sql);
	if(empty($users_q)) 
	{
		if(strlen($user_query) == 28) 
		{
			$db->query($w_users);
		}
	}
	else 
	{
		$users_sql = "SELECT `wxid` FROM ".$ecs_users." WHERE `user_name` = '$w_user[nickname]' AND `wxid` = '$wxid';";
		$users_q = $db->getOne($users_sql);
		if(empty($users_q)) 
		{
			$w_user1 = $w_user[nickname]. mt_rand(1, 999);
			$users_sql = "SELECT `wxid` FROM ".$ecs_users." WHERE `user_name` =  '$w_user1' AND `wxid` = '$wxid';";
			$users_q = $db->getOne($users_sql);
			if(empty($users_q)) 
			{
				$w_users = "UPDATE  ".$ecs_users." SET  `user_name` =  '$w_user1'  WHERE `wxch_bd` = 'no' AND `wxid` = '$wxid';";
				$db->query($w_users);
			}
		}
	}
	echo $w_users;
}
function wxch_file($upload) 
{
	$dir = date('Ymdh');
	$img_path = 'images'. '/' . $dir . '/';
	$dir = ROOT_PATH . 'images'. '/' . $dir . '/';
	if (!file_exists($dir)) 
	{
		if (!make_dir($dir)) 
		{
			$this->error_msg = sprintf($GLOBALS['_LANG']['directory_readonly'], $dir);
			$this->error_no = ERR_DIRECTORY_READONLY;
			return false;
		}
	}
	$file_name = random_filename();
	$path_name = $dir.$file_name;
	file_put_contents($path_name,$upload);
	$img_name = $img_path.$file_name;
	return $img_name;
}
function random_filename() 
{
	$str = '';
	for($i = 0; $i < 9; $i++) 
	{
		$str .= mt_rand(0, 9);
	}
	return gmtime() . $str.'.jpg';
}
function access_token($db) 
{
	$ret = $db->getRow("SELECT * FROM ". $GLOBALS['ecs']->table('weixin_config') ." WHERE `id` = 1");
	$appid = $ret['appid'];
	$appsecret = $ret['appsecret'];
	$access_token = $ret['access_token'];
	$dateline = $ret['dateline'];
	$time = time();
	if(($time - $dateline) >= 7200) 
	{
		$url = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=$appid&secret=$appsecret";
		$ret_json = curl_get_contents($url);
		echo 1;
		$ret = json_decode($ret_json);
		if($ret->access_token)
		{
			$db->query("UPDATE ". $GLOBALS['ecs']->table('weixin_config') ." SET `access_token` = '$ret->access_token',`dateline` = '$time' WHERE `id` =1;");
		}
	}
	elseif(empty($access_token)) 
	{
		$url = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=$appid&secret=$appsecret";
		echo 2;
		$ret_json = curl_get_contents($url);
		$ret = json_decode($ret_json);
		if($ret->access_token)
		{
			$db->query("UPDATE ". $GLOBALS['ecs']->table('weixin_config') ." SET `access_token` = '$ret->access_token',`dateline` = '$time' WHERE `id` =1;");
		}
	}
}
function new_access_token($db) 
{
	$ret = $db->getRow("SELECT * FROM ". $GLOBALS['ecs']->table('weixin_config') ." WHERE `id` = 1");
	$appid = $ret['appid'];
	$appsecret = $ret['appsecret'];
	$url = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=$appid&secret=$appsecret";
	$ret_json = curl_get_contents($url);
	$ret = json_decode($ret_json);
	if($ret->access_token)
	{
		$db->query("UPDATE ". $GLOBALS['ecs']->table('weixin_config') ." SET `access_token` = '$ret->access_token',`dateline` = '$time' WHERE `id` =1;");
	}
	return $ret->access_token;
}
function curl_get_contents($url) 
{
	$ch = curl_init();
	curl_setopt($ch, CURLOPT_URL, $url);
	curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:26.0) Gecko/20100101 Firefox/26.0");
	curl_setopt($ch, CURLOPT_REFERER,$url);
	curl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
	$r = curl_exec($ch);
	curl_close($ch);
	return $r;
}
?>