1.安装74cms完成后登录总后台在菜单条工具选项中添加uc整合菜单。

在admin/templates/sys/admin_left_tools.htm这个文件中添加

<li >
<a href="admin_uc_setting.php"  target="mainFrame"  >整合UCenter </a>
</li>

2.在admin目录下创建 admin_uc_setting.php这个文件,内容如下

<?php
define('IN_QISHI', true);
require_once(dirname(__FILE__).'/../data/config.php');
require_once(dirname(__FILE__).'/include/admin_common.inc.php');
require_once(ADMIN_ROOT_PATH.'include/admin_uc_fun.php');
$act = !empty($_REQUEST['act']) ? trim($_REQUEST['act']) : 'uc_install';
check_permissions($_SESSION['admin_purview'],"UCenter");
if($act=='uc_install')
{
 //include('data/config.php');
 $UC_config=array(
             'appid'=>UC_APPID,
    'ucapi'=>UC_API,
    'ucip'=>UC_IP,
    'uckey'=>UC_KEY,
    'ucconnect'=>UC_CONNECT,
    'ucdbhost'=>UC_DBHOST,
    'ucdbuser'=>UC_DBUSER,
    'ucdbpw'=>UC_DBPW,
    'ucdbname'=>UC_DBNAME,
    'ucdbtablepre'=>UC_DBTABLEPRE,
 );
 $smarty->assign('uc_config',$UC_config);
 $smarty->assign('pageheader',"74CMS 管理中心 - 整合UCenter");
 $smarty->display('uc/admin_uc_setting.htm');
}
else if($act=='uc_set_save')
{
 //print_r($_POST['uc_config']);
 if(uc_write_config($_POST['uc_config'],dirname(__FILE__).'/../data/config.php')){adminmsg('修改成功!',2);}else{
  adminmsg('修改失败!');
 };
}
?>

3.创建admin_uc_setting.php这个文件中使用的函数文件admin_uc_fun.php,内容如下

<?php
 if(!defined('IN_QISHI'))
 {
  die('Access Denied!');
 }
function uc_open($url, $limit = 0, $post = '', $cookie = '', $bysocket = FALSE, $ip = '', $timeout = 15, $block = true)
{
 $return = '';
 $matches = parse_url($url);
 $host = $matches['host'];
 $path = $matches['path'] ? $matches['path'].($matches['query'] ? '?'.$matches['query'] : '') : '/';
 $port = !empty($matches['port']) ? $matches['port'] : 80;
 if($post)
 {
  $out = "POST $path HTTP/1.0\r\n";
  $out .= "Accept: */*\r\n";
  $out .= "Accept-Language: zh-cn\r\n";
  $out .= "Content-Type: application/x-www-form-urlencoded\r\n";
  $out .= "User-Agent: $_SERVER[HTTP_USER_AGENT]\r\n";
  $out .= "Host: $host\r\n";
  $out .= 'Content-Length: '.strlen($post)."\r\n";
  $out .= "Connection: Close\r\n";
  $out .= "Cache-Control: no-cache\r\n";
  $out .= "Cookie: $cookie\r\n\r\n";
  $out .= $post;
 }else{
  $out = "GET $path HTTP/1.0\r\n";
  $out .= "Accept: */*\r\n";
  $out .= "Accept-Language: zh-cn\r\n";
  $out .= "User-Agent: $_SERVER[HTTP_USER_AGENT]\r\n";
  $out .= "Host: $host\r\n";
  $out .= "Connection: Close\r\n";
  $out .= "Cookie: $cookie\r\n\r\n";
 }
    $fp = @fsockopen(($host ? $host : $ip), $port, $errno, $errstr, $timeout);
 if(!$fp)
 {
  return '';
 }else{
  stream_set_blocking($fp, $block);
  stream_set_timeout($fp, $timeout);
  @fwrite($fp,$out);
  $status = stream_get_meta_data($fp);
  if(!$status['timed_out'])
  {
   while (!feof($fp))
   {
    if(($header = @fgets($fp)) && ($header == "\r\n" ||  $header == "\n"))
    {
     break;
    }
   }

$stop = false;
   while(!feof($fp) && !$stop)
   {
    $data = fread($fp, ($limit == 0 || $limit > 8192 ? 8192 : $limit));
    $return .= $data;
    if($limit)
    {
     $limit -= strlen($data);
     $stop = $limit <= 0;
    }
   }
  }
  @fclose($fp);
  return $return;
 }
}
function uc_write_config($config, $file)
{
 $success = false;
 if(!empty($config)){
  foreach ($config as $key =>$value){
   $$key=$value;
  }
 }
 //list($appauthkey,
$appid, $ucdbhost, $ucdbname, $ucdbuser, $ucdbpw, $ucdbcharset,
$uctablepre, $uccharset, $ucapi, $ucip) = explode('|', $config);
 if($content = file_get_contents($file))
 {
  $content = trim($content);
  $content = substr($content, -2) == '?>' ? substr($content, 0, -2) : $content;
  $link = mysql_connect($ucdbhost, $ucdbuser, $ucdbpw, 1);
  $uc_connnect = $link && mysql_select_db($ucdbname, $link) ? 'mysql' : '';
  $content = uc_insert_config($content, "/define\('UC_CONNECT',\s*'.*?'\);/i", "define('UC_CONNECT', '$uc_connnect');");
  $content = uc_insert_config($content, "/define\('UC_DBHOST',\s*'.*?'\);/i", "define('UC_DBHOST', '$ucdbhost');");
  $content = uc_insert_config($content, "/define\('UC_DBUSER',\s*'.*?'\);/i", "define('UC_DBUSER', '$ucdbuser');");
  $content = uc_insert_config($content, "/define\('UC_DBPW',\s*'.*?'\);/i", "define('UC_DBPW', '$ucdbpw');");
  $content = uc_insert_config($content, "/define\('UC_DBNAME',\s*'.*?'\);/i", "define('UC_DBNAME', '$ucdbname');");
  $content = uc_insert_config($content, "/define\('UC_DBCHARSET',\s*'.*?'\);/i", "define('UC_DBCHARSET', 'GBK');");
  $content = uc_insert_config($content, "/define\('UC_DBTABLEPRE',\s*'.*?'\);/i", "define('UC_DBTABLEPRE', '$ucdbtablepre');");
  $content = uc_insert_config($content, "/define\('UC_DBCONNECT',\s*'.*?'\);/i", "define('UC_DBCONNECT', '0');");
  $content = uc_insert_config($content, "/define\('UC_KEY',\s*'.*?'\);/i", "define('UC_KEY', '$uckey');");
  $content = uc_insert_config($content, "/define\('UC_API',\s*'.*?'\);/i", "define('UC_API', '$ucapi');");
  $content = uc_insert_config($content, "/define\('UC_CHARSET',\s*'.*?'\);/i", "define('UC_CHARSET', 'gb2312');");
  $content = uc_insert_config($content, "/define\('UC_IP',\s*'.*?'\);/i", "define('UC_IP', '$ucip');");
  $content = uc_insert_config($content, "/define\('UC_APPID',\s*'?.*?'?\);/i", "define('UC_APPID', '$appid');");
  $content = uc_insert_config($content, "/define\('UC_PPP',\s*'?.*?'?\);/i", "define('UC_PPP', '20');");
  $content .= "\r\n".'?>';
  
  if(@file_put_contents($file, $content))
  {
   $success = true;
  }
 }
 return $success;
}
function uc_insert_config($s, $find, $replace)
{
 if(preg_match($find, $s))
 {
  $s = preg_replace($find, $replace, $s);
 }else{
  $s .= "\r\n".$replace;
 }
 return $s;
}
?>

将admin_uc_fun.php这个文件放到admin/include目录下。

4.在admin/templates/下创建uc目录,并创建admin_uc_setting.htm这个文件,文件内容如下;

{#include file="sys/admin_header.htm"#}
<div class="admin_main_nr_dbox">
<div class="toptip">
 <h2>提示:</h2>
 <p>
整合UCenter完毕后自动生成以下配置信息,多数情况修无需编辑此信息。
</p>
</div>
<div class="toptit">编辑UCenter整合信息</div>
 
 
 <table width="100%" border="0" cellspacing="0" cellpadding="4">
 
    <tr>
      <td style=" line-height:220%; color:#666666; padding-left:15px;">
     <form id="form1" name="form1" method="post" action="?act=uc_set_save">
     <table>
<tr>
   <td colspan="2" align="left">应用ID:{#$uc_config.appid#}</td>
</tr>
<tr>
   
<td><input type="text" name="uc_config[appid]"
value="{#$uc_config.appid#}"  class="input_text_200" /></td>
    <td>填写UCenter添加应用的id。</td>
 </tr>
<tr>
   <td colspan="2" align="left">服务端地址:</td>
</tr>
<tr>
  
<td width="200"><input type="text" name="uc_config[ucapi]"
value="{#$uc_config.ucapi#}"  class="input_text_200"/></td>
   <td>在您 UCenter地址或者目录改变的情况下,修改此项,一般情况请不要改动
      例如: http://www.site.com/ucenter (最后不要加'/')。</td>
</tr>
<tr>
    <td colspan="2" align="left">服务端 IP:</td>
</tr>
<tr>
    <td><input type="text" name="uc_config[ucip]" value="{#$uc_config.ucip#}"  class="input_text_200" /></td>
    <td>正常情况下留空即可。如果由于域名解析问题导致 UCenter 与该应用通信失败,请尝试设置为该应用所在服务器的 IP 地址。</td>
 </tr>
<tr>
    <td colspan="2" align="left">通信密钥:</td>
 </tr>
 <tr>
   
<td><input type="text" name="uc_config[uckey]" 
value="{#$uc_config.uckey#}"  class="input_text_200"/></td>
    <td>只允许使用英文字母及数字,限 64 字节。应用端的通信密钥必须与此设置保持一致,否则该应用将无法与 UCenter 正常通信</td>
</tr>
<tr>
    <td colspan="2" align="left">连接方式:</td>
</tr>
    <tr>
        <td>     
       
<select name="uc_config[ucconnect]"
onChange="if(this.value==''){document.getElementById('ucmysql').style.display
= 'none';}else{document.getElementById('ucmysql').style.display = '';}"
style=" width:207px;font-size:12px;">
   <option value="mysql" {#if $uc_config.ucconnect eq 'mysql'#}selected="selected"{#/if#}> 数据库方式(MySQL) </option>
   <option value="" {#if $uc_config.ucconnect eq ''#}selected="selected"{#/if#}> 接口方式(fsockopen) </option>
        </select>
        </td>
        <td>请根据您的服务器网络环境选择适当的连接方式</td>
    </tr>

<tr>
        <td colspan="2">
            <table id="ucmysql" >
                <tr>
                    <td colspan="2" align="left">数据库服务器:</td>
                </tr>
                <tr>
                    <td width="200">
                   
<input type="text"   name="uc_config[ucdbhost]"
value="{#$uc_config.ucdbhost#}" 
class="input_text_200"/>                  </td>
                    <td>默认:localhost, 如果 MySQL 端口不是默认的 3306,请填写如下形式:127.0.0.1:端口号</td>
                </tr>
               
                <tr>
                    <td colspan="2" align="left">数据库用户名:</td>
                </tr>
                <tr>
                    <td>
                   
<input type="text"   name="uc_config[ucdbuser]"
value="{#$uc_config.ucdbuser#}" class="input_text_200"/> 
                    </td>
                    <td>登录uc服务端的数据库用户名</td>  
                </tr>
               
                <tr>
                    <td colspan="2" align="left">数据库密码:</td>
                </tr>               
                <tr>
                    <td>
                    <input type="text" name="uc_config[ucdbpw]" value="{#$uc_config.ucdbpw#}" class="input_text_200"/> 
                    </td>
                    <td>登录uc服务端数据库使用的密码</td>  
                </tr>
               
                <tr>
                    <td colspan="2" align="left">数据库名:</td>
                </tr>               
                <tr>
                    <td>
                   
<input type="text"  name="uc_config[ucdbname]"
value="{#$uc_config.ucdbname#}" class="input_text_200"/> 
                    </td>
                    <td>uc服务端的数据库名称。</td>  
                </tr>
               
                <tr>
                    <td colspan="2" align="left">数据库表前缀:</td>
                </tr>               
                <tr>
                    <td>
                   
<input type="text"   name="uc_config[ucdbtablepre]"
value="{#$uc_config.ucdbtablepre#}" class="input_text_200"/> 
                    </td>
                    <td>uc服务端使用的数据库表前缀</td>  
                </tr>
            </table>           
        </td>
    </tr>   
   
    <tr>
        <td colspan="2" align="left">正确的配置信息:</td>
    </tr>
    <tr>
        <td>
           
<textarea  onFocus="this.select()" style="width:200px; height:100px;
font-size:14px; font-family: Arial, Helvetica, sans-serif">
define('UC_CONNECT', '{#$uc_config.ucconnect#}');
define('UC_DBHOST', '{#$uc_config.ucdbhost#}');
define('UC_DBUSER', '{#$uc_config.ucdbuser#}');
define('UC_DBPW', '********');
define('UC_DBNAME', '{#$uc_config.ucdbname#}');
define('UC_DBCHARSET', '{#$uc_config.ucdbcharest#}');
define('UC_DBTABLEPRE', '{#$uc_config.ucdbtablepre#}');
define('UC_DBCONNECT', '0');
define('UC_KEY', '{#$uc_config.uckey#}');
define('UC_API', '{#$uc_config.ucapi#}');
define('UC_CHARSET', '{#$uc_config.uccharest#}');
define('UC_IP', '{#$uc_config.ucip#}');
define('UC_APPID', '{#$uc_config.ucappid#}');
define('UC_PPP', '20');
            </textarea>
        </td>
        <td>当应用的 UCenter 配置信息丢失时可复制左侧的代码到应用的配置文件中</td>
    </tr>
 <tr>
    <td height="88" colspan="2">
      <input name="save" type="submit" class="admin_submit"    value="修改"/></td>
  </tr>
</table>
        </form>
   </td>
    </tr>
  </table>
</div>
{#include file="sys/admin_footer.htm"#}
</body>
</html>

5..在后台工具中配置ucenter的内容,如没出现选项,可更新缓存后。如图:

6.在plus目录下ajax_user.php找到这个文件,在文件内容替换成

<?php
define('IN_QISHI', true);
require_once(dirname(dirname(__FILE__)).'/include/plus.common.inc.php');
include_once(QISHI_ROOT_PATH.'api/uc_client/client.php');//引入uc
$act = !empty($_REQUEST['act']) ? trim($_REQUEST['act']) : '';
//获取用户数据
function getpassport($username, $password) {
 $passport = array();
 $ucresult = uc_user_login($username, $password);
 if($ucresult[0] > 0) {
  $passport['uid'] = $ucresult[0];
  $passport['username'] = $ucresult[1];
  $passport['email'] = $ucresult[3];
 }
 return $passport;
}
if($act =='do_login')
{
 $username=isset($_REQUEST['username'])?trim($_REQUEST['username']):"";
 $password=isset($_REQUEST['password'])?trim($_REQUEST['password']):"";
 $expire=isset($_POST['expire'])?intval($_POST['expire']):"";
 $account_type=1;
 if (preg_match("/^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$/",$username))
 {
 $account_type=2;
 }
 elseif (preg_match("/^(13|15|18)\d{9}$/",$username))
 {
 $account_type=3;
 }
 $url=isset($_POST['url'])?$_POST['url']:"";
 if (strcasecmp(QISHI_DBCHARSET,"utf8")!=0)
 {
 $username=iconv("utf-8",QISHI_DBCHARSET,$username);
 $password=iconv("utf-8",QISHI_DBCHARSET,$password);
 }
 $captcha=get_cache('captcha');
 if ($captcha['verify_userlogin']=="1")
 {
  $postcaptcha=$_POST['postcaptcha'];
  if ($captcha['captcha_lang']=="cn" && strcasecmp(QISHI_DBCHARSET,"utf8")!=0)
  {
  $postcaptcha=iconv("utf-8",QISHI_DBCHARSET,$postcaptcha);
  }
  if
(empty($postcaptcha) || empty($_SESSION['imageCaptcha_content']) ||
strcasecmp($_SESSION['imageCaptcha_content'],$postcaptcha)!=0)
  {
  unset($_SESSION['imageCaptcha_content']);
  exit("errcaptcha");
  }
 }
 require_once(QISHI_ROOT_PATH.'include/fun_user.php');
 if ($username && $password)
 {
  $user=get_user_inusername($username);
  if(empty($user)){
   //修改64-72行同步获取用户源
   if(!$passport = getpassport($username, $password)) {
    exit("login_failure_please_re_login");
   }else{
    user_register($passport['username'],$password,2,$passport['email'],true,$passport['uid']);
   }
  }
  $login=user_login($username,$password,$account_type,true,$expire);
  $url=$url?$url:$login['qs_login'];
  if ($login['qs_login'])
  {
   /*uc同步登录*/
   if(defined('UC_API')){
    $login['uc_login']=uc_user_synlogin($_SESSION['uid']);
   }
   exit($login['uc_login']."<script
language=\"javascript\"
type=\"text/javascript\">window.location.href=\"".$url."\";</script>");
  }
  else
  {
   exit("err");
  }
 }
 exit("err");
}
elseif ($act=='do_reg')
{
 $captcha=get_cache('captcha');
 if ($captcha['verify_userreg']=="1")
 {
  $postcaptcha=$_POST['postcaptcha'];
  if ($captcha['captcha_lang']=="cn" && strcasecmp(QISHI_DBCHARSET,"utf8")!=0)
  {
  $postcaptcha=iconv("utf-8",QISHI_DBCHARSET,$postcaptcha);
  }
  if
(empty($postcaptcha) || empty($_SESSION['imageCaptcha_content']) ||
strcasecmp($_SESSION['imageCaptcha_content'],$postcaptcha)!=0)
  {
  exit("err");
  }
 }
 require_once(QISHI_ROOT_PATH.'include/fun_user.php');
 $username = isset($_POST['username'])?trim($_POST['username']):exit("err");
 $password = isset($_POST['password'])?trim($_POST['password']):exit("err");
 $member_type = isset($_POST['member_type'])?intval($_POST['member_type']):exit("err");
 $email = isset($_POST['email'])?trim($_POST['email']):exit("err");
 if (strcasecmp(QISHI_DBCHARSET,"utf8")!=0)
 {
 $username=iconv("utf-8",QISHI_DBCHARSET,$username);
 $password=iconv("utf-8",QISHI_DBCHARSET,$password);
 }
 $register=user_register($username,$password,$member_type,$email);
 if ($register>0)
 { 
  $ucjs="";
  $login_js=user_login($username,$password);
  /*uc注册*/
  if(defined('UC_API')){
   $uid=uc_user_register($username,$password,$email);
   if($uid>0)$ucjs=uc_user_synlogin($uid);//uc登录通知
  }
  $mailconfig=get_cache('mailconfig');
  if ($mailconfig['set_reg']=="1")
  {
   dfopen($_CFG['site_domain'].$_CFG['site_dir']."plus/asyn_mail.php?uid=".$_SESSION['uid']."&key=".asyn_userkey($_SESSION['uid'])."&sendemail=".$email."&sendusername=".$username."&sendpassword=".$password."&act=reg");
  }
  //$ucjs=$login_js['uc_login'];
  $qsurl=$login_js['qs_login'];
  $qsjs="<script language=\"javascript\" type=\"text/javascript\">window.location.href=\"".$qsurl."\";</script>";
   if ($ucjs || $qsurl)
   {
       exit($ucjs.$qsjs);
   }
   else
   {
   exit("err");
   }
 }
 else
 {
 exit("err");
 }
}
elseif($act =='check_usname')
{
 require_once(QISHI_ROOT_PATH.'include/fun_user.php');
 $usname=trim($_REQUEST['usname']);
 if (strcasecmp(QISHI_DBCHARSET,"utf8")!=0)
 {
  $usname=iconv("utf-8",QISHI_DBCHARSET,$usname);
 }
 if(defined('UC_API')){
  if(uc_user_checkname($usname)>0){
   exit("true");
  }else{
   exit("false");
  }
 }else{
  $user=get_user_inusername($usname);
  empty($user)?exit("true"):exit("false");
 }
}
elseif($act == 'check_email')
{
 require_once(QISHI_ROOT_PATH.'include/fun_user.php');
 $email=trim($_REQUEST['email']);
 if (strcasecmp(QISHI_DBCHARSET,"utf8")!=0)
 {
 $email=iconv("utf-8",QISHI_DBCHARSET,$email);
 }
 if(defined('UC_API')){
  if(uc_user_checkemail($email)>0){
   exit("true");
  }else{
   exit("false");
  }
 }else{
  $user=get_user_inemail($email);
  empty($user)?exit("true"):exit("false");
 }
}
elseif ($act=="top_loginform")
{
 $contents='';
 if ($_COOKIE['QS']['username'] && $_COOKIE['QS']['password'])
 {
  $tpl='../templates/'.$_CFG['template_dir']."plus/top_login_success.htm";
 }
 else
 { 
  $tpl='../templates/'.$_CFG['template_dir']."plus/top_login_form.htm";
 }
  $contents=file_get_contents($tpl);
  $contents=str_replace('{#$activate_username#}',$_SESSION['activate_username'],$contents);
  $contents=str_replace('{#$site_name#}',$_CFG['site_name'],$contents);
  $contents=str_replace('{#$username#}',$_COOKIE['QS']['username'],$contents);
  $contents=str_replace('{#$site_template#}',$_CFG['site_template'],$contents);
  $contents=str_replace('{#$user_url#}',url_rewrite('QS_login'),$contents);
  $contents=str_replace('{#$reg_url#}',$_CFG['site_dir']."user/user_reg.php",$contents);
  $contents=str_replace('{#$activate_url#}',$_CFG['site_dir']."user/user_reg.php?act=activate",$contents);
  if
($_SESSION['username'] && $_SESSION['uid'] &&
empty($_SESSION['uqqid']) && $_CFG['qq_apiopen']=="1")
  {
   $html="&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<img
src=\"{$_CFG['site_template']}images/75.gif\"
align=\"absmiddle\"/>";
   $html.="<a href=\"{$_CFG['site_dir']}user/qqconnect.php?act=binding\" >绑定QQ帐号</a>";
   $contents=str_replace('{#$qqconnect#}',$html,$contents);
  }
  elseif (empty($_COOKIE['QS']['username']) && $_CFG['qq_apiopen']=="1")
  {
   $html="&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<img
src=\"{$_CFG['site_template']}images/75.gif\"
align=\"absmiddle\"/>";
   $html.="<a href=\"{$_CFG['site_dir']}user/qqconnect.php\" >用QQ帐号登录</a>";
   $contents=str_replace('{#$qqconnect#}',$html,$contents);
  }
  else
  {
   $contents=str_replace('{#$qqconnect#}',"",$contents);
  }
  exit($contents);
}
elseif ($act=="loginform")
{
 $contents='';
 if ($_COOKIE['QS']['username'] && $_COOKIE['QS']['password'])
 {
  $tpl='../templates/'.$_CFG['template_dir']."plus/login_success.htm";
 }
 else
 {
  $tpl='../templates/'.$_CFG['template_dir']."plus/login_form.htm";
 }
  $contents=file_get_contents($tpl);
  $contents=str_replace('{#$activate_username#}',$_SESSION['activate_username'],$contents);
  $contents=str_replace('{#$site_name#}',$_CFG['site_name'],$contents);
  $contents=str_replace('{#$username#}',$_COOKIE['QS']['username'],$contents);
  $contents=str_replace('{#$site_template#}',$_CFG['site_template'],$contents);
  $contents=str_replace('{#$user_url#}',url_rewrite('QS_login'),$contents);
  $contents=str_replace('{#$reg_url#}',$_CFG['site_dir']."user/user_reg.php",$contents);
  $contents=str_replace('{#$activate_url#}',$_CFG['site_dir']."user/user_reg.php?act=activate",$contents);
  exit($contents);
}
?>

如有不同可查看代码仔细进行替换。

7.在user目录下找到login.php的文件,在if($act == 'logout')27行后添加

if(defined('UC_API')){
  $logoutjs.=uc_user_synlogout();
 }这个,以同步登出。

8.在api目录下建立uc.php文件,如有此文件可,相应进行内容对比替换。内容如下

<?php
define('IN_QISHI', TRUE);
include_once (dirname(__FILE__)."/../include/common.inc.php");
require_once(QISHI_ROOT_PATH.'include/mysql.class.php');
$qsdb = new mysql($dbhost,$dbuser,$dbpass,$dbname);
unset($dbhost,$dbuser,$dbpass,$dbname);
define('UC_CLIENT_VERSION', '1.5.0'); //note UCenter 版本标识
define('UC_CLIENT_RELEASE', '20081031');
define('API_DELETEUSER', 1);  //note 用户删除 API 接口开关
define('API_RENAMEUSER', 1);  //note 用户改名 API 接口开关
define('API_GETTAG', 1);  //note 获取标签 API 接口开关
define('API_SYNLOGIN', 1);  //note 同步登录 API 接口开关
define('API_SYNLOGOUT', 1);  //note 同步登出 API 接口开关
define('API_UPDATEPW', 1);  //note 更改用户密码 开关
define('API_UPDATEBADWORDS', 1); //note 更新关键字列表 开关
define('API_UPDATEHOSTS', 1);  //note 更新域名解析缓存 开关
define('API_UPDATEAPPS', 1);  //note 更新应用列表 开关
define('API_UPDATECLIENT', 1);  //note 更新客户端缓存 开关
define('API_UPDATECREDIT', 1);  //note 更新用户积分 开关
define('API_GETCREDITSETTINGS', 1); //note 向 UCenter 提供积分设置 开关
define('API_GETCREDIT', 1);  //note 获取用户的某项积分 开关
define('API_UPDATECREDITSETTINGS', 1); //note 更新应用积分设置 开关
define('API_RETURN_SUCCEED', '1');
define('API_RETURN_FAILED', '-1');
define('API_RETURN_FORBIDDEN', '-2');
define('UC_CLIENT_ROOT', QISHI_ROOT_PATH.'api/uc_client');
//note 普通的 http 通知方式
if(!defined('IN_UC'))
{
 error_reporting(0);
 set_magic_quotes_runtime(0);
 defined('MAGIC_QUOTES_GPC') || define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());

$_DCACHE = $get = $post = array();

$code = @$_GET['code'];

parse_str(_authcode($code, 'DECODE', UC_KEY), $get);
 
 if(MAGIC_QUOTES_GPC)
 {
  $get = _stripslashes($get);
 }

$timestamp = time();
 if($timestamp - $get['time'] > 3600) {
  exit('Authracation has expiried');
 }
 if(empty($get)) {
  exit('Invalid Request');
 }
 $action = $get['action'];

require_once UC_CLIENT_ROOT.'/lib/xml.class.php';
 $post = xml_unserialize(file_get_contents('php://input'));

if(in_array($get['action'],
array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin',
'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps',
'updateclient', 'updatecredit', 'getcreditsettings',
'updatecreditsettings')))
 {
  $uc_note = new uc_note();
  exit($uc_note->$get['action']($get, $post));
 }else{
  exit(API_RETURN_FAILED);
 }
//note include 通知方式
} else {

exit('Invalid Request');
}

class uc_note
{

var $dbconfig = '';
 var $db = '';
 var $appdir = '';
 var $tablepre = '';
 
 function _serialize($arr, $htmlon = 0)
 {
  if(!function_exists('xml_serialize'))
  {
   include_once UC_CLIENT_ROOT.'/lib/xml.class.php';
  }
  return xml_serialize($arr, $htmlon);
 }

function uc_note()
 {
  $this->appdir = QISHI_ROOT_PATH;
  $this->dbconfig = QISHI_ROOT_PATH.'data/config.php';
  $this->db = $GLOBALS['qsdb'];
  $this->tablepre = $GLOBALS['pre'];
 }

function test($get, $post)
 {
  return API_RETURN_SUCCEED;
 }

function deleteuser($get, $post)
 {
  !API_DELETEUSER && exit(API_RETURN_FORBIDDEN);
  /* include_once(QISHI_ROOT_PATH.'api/uc_client/client.php');
  $uc_uid_arr=explode(",",$uids);
  foreach($uc_uid_arr as $uc_uid)
  {
  $uc_user_arr=uc_get_user(intval($uc_uid),1);
  $usname_arr[]=$uc_user_arr[1];
  }
  //file_put_contents("test.txt",  var_export($usname_arr, true), LOCK_EX);
  foreach($usname_arr as $usname)
  {
  $this->db->query("DELETE FROM ".table('members')." WHERE username='".$usname."'");
  } */
  return API_RETURN_SUCCEED;
 }
 function renameuser($get, $post) {
  $uid = $get['uid'];
  $usernameold = $get['oldusername'];
  $usernamenew = $get['newusername'];
  if(!API_RENAMEUSER) {
   return API_RETURN_FORBIDDEN;
  }

return API_RETURN_SUCCEED;
 }
 
 function synlogin($get,$post)
 {
  global $QS_cookiedomain,$QS_cookiepath;
  $username = $get['username'];
  if(!API_SYNLOGIN)
  {
   return API_RETURN_FORBIDDEN;
  }
  //note 同步登录 API 接口\
  header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
  $result=$this->db->getone("SELECT * FROM ".$this->tablepre."members WHERE username='".$username."' LIMIT 1 ");
  if(is_array($result))
  {
   setcookie('QS[uid]',$result['uid'], time()+3600*24,$QS_cookiepath,$QS_cookiedomain);
   setcookie('QS[username]',$result['username'], time()+3600*24,$QS_cookiepath,$QS_cookiedomain);
   setcookie('QS[password]',$result['password'], time()+3600*24,$QS_cookiepath,$QS_cookiedomain);
  }
  else
  {
  $_SESSION['activate_username']=$username;
  $_SESSION['uid'] = '';
  $_SESSION['username'] = '';
  $_SESSION['utype']='';
  setcookie('QS[uid]','', time()-3600,$QS_cookiepath,$QS_cookiedomain);
  setcookie('QS[username]','', time()-3600,$QS_cookiepath,$QS_cookiedomain);
  setcookie('QS[password]','', time()-3600,$QS_cookiepath,$QS_cookiedomain);
  setcookie('QS[utype]','', time()-3600,$QS_cookiepath,$QS_cookiedomain);
  file_put_contents("1.txt",  var_export($_SESSION, true), LOCK_EX);
  }
 }
 function synlogout($get, $post)
 {
  global $QS_cookiepath,$QS_cookiedomain;
  if(!API_SYNLOGOUT)
  {
   return API_RETURN_FORBIDDEN;
  }
  //note 同步登出 API 接口
  header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
  $_SESSION['uid'] = '';
  $_SESSION['username'] = '';
  $_SESSION['utype']='';
  setcookie('QS[uid]','', time()-3600,$QS_cookiepath,$QS_cookiedomain);
  setcookie('QS[username]','', time()-3600,$QS_cookiepath,$QS_cookiedomain);
  setcookie('QS[password]','', time()-3600,$QS_cookiepath,$QS_cookiedomain);
  setcookie('QS[utype]','', time()-3600,$QS_cookiepath,$QS_cookiedomain);
  $_SESSION['activate_username']="";
 }
 function updatepw($get, $post)//当用户更改用户密码时,此接口负责接受 UCenter 发来的新密码。
 {
  if(!API_UPDATEPW)
  {
   return API_RETURN_FORBIDDEN;
  }
  //note 修改密码 API 接口
  $username = $get['username'];
  $password = $get['password'];
  if ($username && $password)
  {
  $result=$this->db->getone("SELECT * FROM ".$this->tablepre."members WHERE username='".$username."' LIMIT 1 ");
  $md5password=md5(md5($password).$result['pwd_hash']);
  $this->db->query("UPDATE 
".$this->tablepre."members SET password='".$md5password."' WHERE
username='".$username."' LIMIT 1 ");
  }
  return API_RETURN_SUCCEED;
 }

function updatehosts($get, $post)//当 UCenter 的域名解析设置变更时,此接口负责通知所有应用程序更新后的域名解析设置内容。
 {
  if(!API_UPDATEHOSTS)
  {
   return API_RETURN_FORBIDDEN;
  }
  //note 理新HOST缓存 API 接口
  $cachefile = UC_CLIENT_ROOT.'/data/cache/hosts.php';
  $fp = fopen($cachefile, 'w');
  $s = "<?php\r\n";
  $s .= '$_CACHE[\'hosts\'] = '.var_export($post, TRUE).";\r\n";
  fwrite($fp, $s);
  fclose($fp);
  return API_RETURN_SUCCEED;
 }

function updateapps($get, $post)//当 UCenter 的应用程序列表变更时,此接口负责通知所有应用程序更新后的应用程序列表。
 {
  if(!API_UPDATEAPPS)
  {
   return API_RETURN_FORBIDDEN;
  }
  $UC_API = $post['UC_API'];

//note 写 app 缓存文件
  $cachefile = UC_CLIENT_ROOT.'/data/cache/apps.php';
  $fp = fopen($cachefile, 'w');
  $s = "<?php\r\n";
  $s .= '$_CACHE[\'apps\'] = '.var_export($post, TRUE).";\r\n";
  fwrite($fp, $s);
  fclose($fp);

return API_RETURN_SUCCEED;
 }

function updateclient($get, $post)//当 UCenter 的基本设置信息变更时,此接口负责通知所有应用程序更新后的基本设置内容。
 {
  if(!API_UPDATECLIENT)
  {
   return API_RETURN_FORBIDDEN;
  }
  $cachefile = UC_CLIENT_ROOT.'/data/cache/settings.php';
  $fp = fopen($cachefile, 'w');
  $s = '<?php'."\r\n";
  $s .= '$_CACHE[\'settings\'] = '.var_export($post, TRUE).";\r\n";
  fwrite($fp, $s);
  fclose($fp);
  
  return API_RETURN_SUCCEED;
 }

}
function _authcode($string, $operation = 'DECODE', $key = '', $expiry = 0) {
 $ckey_length = 4;

$key = md5($key ? $key : UC_KEY);
 $keya = md5(substr($key, 0, 16));
 $keyb = md5(substr($key, 16, 16));
 $keyc
= $ckey_length ? ($operation == 'DECODE' ? substr($string, 0,
$ckey_length): substr(md5(microtime()), -$ckey_length)) : '';

$cryptkey = $keya.md5($keya.$keyc);
 $key_length = strlen($cryptkey);

$string
= $operation == 'DECODE' ? base64_decode(substr($string, $ckey_length))
: sprintf('%010d', $expiry ? $expiry + time() :
0).substr(md5($string.$keyb), 0, 16).$string;
 $string_length = strlen($string);

$result = '';
 $box = range(0, 255);

$rndkey = array();
 for($i = 0; $i <= 255; $i++) {
  $rndkey[$i] = ord($cryptkey[$i % $key_length]);
 }

for($j = $i = 0; $i < 256; $i++) {
  $j = ($j + $box[$i] + $rndkey[$i]) % 256;
  $tmp = $box[$i];
  $box[$i] = $box[$j];
  $box[$j] = $tmp;
 }

for($a = $j = $i = 0; $i < $string_length; $i++) {
  $a = ($a + 1) % 256;
  $j = ($j + $box[$a]) % 256;
  $tmp = $box[$a];
  $box[$a] = $box[$j];
  $box[$j] = $tmp;
  $result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256]));
 }

if($operation == 'DECODE') {
  if((substr($result,
0, 10) == 0 || substr($result, 0, 10) - time() > 0) &&
substr($result, 10, 16) == substr(md5(substr($result, 26).$keyb), 0,
16)) {
   return substr($result, 26);
  } else {
    return '';
   }
 } else {
  return $keyc.str_replace('=', '', base64_encode($result));
 }

}

function _stripslashes($string) {
 if(is_array($string)) {
  foreach($string as $key => $val) {
   $string[$key] = _stripslashes($val);
  }
 } else {
  $string = stripslashes($string);
 }
 return $string;
}
?>

9.在目录下放uc_client文件夹。及内容。后可进行测试。

版本测试通过define('QISHI_VERSION','3.2'),
代码包下载地址
 
此代码供参考,如有不能实现功能者可留言,共同研究探讨。

注意如果74cms不能同步dzx2.5看看是不是禁止了cookie。

骑士cms(74cms)个人版 整合UC的更多相关文章

  1. 骑士CMS<6.0.48 模板注入文件包含漏洞复现及遇到的坑

    1.坑 payload:variable=1&tpl=<?php phpinfo(); ob_flush();?>/r/n<qscms/company_show 列表名=&q ...

  2. 怎么修复网站漏洞 骑士cms的漏洞修复方案

    骑士CMS是国内公司开发的一套开源人才网站系统,使用PHP语言开发以及mysql数据库的架构,2019年1月份被某安全组织检测出漏洞,目前最新版本4.2存在高危网站漏洞,通杀SQL注入漏洞,利用该网站 ...

  3. drupal7整合Discuz康盛UC用户中心ucenter,ucuser模块

    drupal7整合Discuz康盛UC用户中心ucenter,ucuser模块Drupal7整合UC用户心的模块,ucenter,康盛这个用户中心我就不多说了哈.参考了以前不知在哪里下载的一个drup ...

  4. 骑士cms-通读全文-代码审计

    版本号:3.5.1 下载地址:http://103.45.101.75:66/2/201412/74cms.rar 1.审计方法 通读审计 1.1查看文件结构 首先需要看看有哪些文件和文件夹,寻找名称 ...

  5. 帝国cms7.0整合百度编辑器ueditor教程

    帝国cms7.0整合百度编辑器ueditor教程开始 1.根据自己使用的帝国cms版本编码下载对应的ueditor版本 下载地址 http://ueditor.baidu.com/website/do ...

  6. 帝国cms7.5整合百度编辑器ueditor教程

    1.根据自己使用的帝国cms版本编码下载对应的ueditor版本 下载地址 http://ueditor.baidu.com/website/download.html#ueditor 2.解压附件, ...

  7. [红日安全]Web安全Day3 - CSRF实战攻防

    本文由红日安全成员: Once 编写,如有不当,还望斧正. 大家好,我们是红日安全-Web安全攻防小组.此项目是关于Web安全的系列文章分享,还包含一个HTB靶场供大家练习,我们给这个项目起了一个名字 ...

  8. ecshop init.php文件分析(转)

    <?php /** * ECSHOP 前台公用文件 */ //防止非法调用 defined-判断常量是否已定义,如果没返回false if (!defined('IN_ECS')) { die( ...

  9. ecshop init.php文件分析

    1.  ecshop init.php文件分析 2.  <?php  3.   4.  /**  5.  * ECSHOP 前台公用文件  6.  * ===================== ...

随机推荐

  1. javascript学习笔记之DOM与表单

    DOM(文档对象模型),猫叔了一个层次化的节点树 一.DOM NODE相关公共属性与方法 DOM中所有节点都实现了NODE接口,该接口的公共属性和方法如下: 1.节点基本属性 1)NodeType 节 ...

  2. iOS 瀑布流的基本原理

    /** * 源代码链接 * 链接: https://pan.baidu.com/s/1nvLamEX 密码: kya5 */ #import <UIKit/UIKit.h> @interf ...

  3. strip和stripe

  4. 关于Android Context一些总结

    1.首先什么是context? 文档语焉不详,说是resource什么的,反正是没看懂,实际上可以认为它是一个指向parent对象的指针,受到那个parent对象的控制. 2.为什么需要context ...

  5. PAT 解题报告 1050. String Subtraction (20)

    1050. String Subtraction (20) Given two strings S1 and S2, S = S1 - S2 is defined to be the remainin ...

  6. CSS之CSS hack

    由于不同的浏览器对CSS的支持及解析结果不一样,还由于CSS中的优先级的关系.我们就可以根据这个来针对不同的浏览器来写不同的CSS. CSS Hack大致有3种表现形式,CSS类内部Hack.选择器H ...

  7. PostgreSQL Errors and Messages

    使用RAISE语句来报告消息并抛出错误 RAISE [ level ] ’format’ [, expression [, ... ]] [ USING option = expression [, ...

  8. Lintcode: Kth Smallest Number in Sorted Matrix

    Find the kth smallest number in at row and column sorted matrix. Example Given k = 4 and a matrix: [ ...

  9. navicat的简单应用

    首先  创建连接 主机名 : 可以不写名称随意 主机名/IP地址:localhost或者127.0.0.1 都是本机的意思 端口:默认3306   尽量不要改怕与其余端口重复,如有重名端口系统会报错 ...

  10. $.getJSON异步请求和同步请求

    先说一下我遇到的问题吧,我之前的一个函数想调用上一个函数的返回值,但是它的返回值一直为空,后来翻了一些资料才明白是异步请求在作怪,不多说,看例子,这是我之前有返回值函数的代码: function ge ...