一、修改uc_server/control/user.php文件,代码如下:
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware,use is subject to license terms
$Id: user.php 1059 2011-03-01 07:25:09Z monkey $
*/
!defined('IN_UC') && exit('Access Denied');
define('UC_USER_CHECK_USERNAME_FAILED',-1);
define('UC_USER_USERNAME_BADWORD',-2);
define('UC_USER_USERNAME_EXISTS',-3);
define('UC_USER_EMAIL_FORMAT_ILLEGAL',-4);
define('UC_USER_EMAIL_ACCESS_ILLEGAL',-5);
define('UC_USER_EMAIL_EXISTS',-6);
class usercontrol extends base {
function __construct() {
$this->usercontrol();
}
function usercontrol() {
parent::__construct();
$this->load('user');
}
// -1 未开启
function onsynlogin() {
$this->init_input();
$uid = $this->input('uid');
if($this->app['synlogin']) {
if($this->user = $_ENV['user']->get_user_by_uid($uid)) {
$synstr = '';
foreach($this->cache['apps'] as $appid => $app) {
if($app['synlogin']) {
$synstr .= '<script type="text/javascript" src="'.$app['url'].'/api/'.$app['apifilename'].'?time='.$this->time.'&code='.urlencode($this->authcode('action=synlogin&username='.$this->user['username'].'&uid='.$this->user['uid'].'&password='.$this->user['password']."&time=".$this->time,'ENCODE',$app['authkey'])).'" reload="1"></script>';
if(is_array($app['extra']['extraurl'])) foreach($app['extra']['extraurl'] as $extraurl) {
$synstr .= '<script type="text/javascript" src="'.$extraurl.'/api/'.$app['apifilename'].'?time='.$this->time.'&code='.urlencode($this->authcode('action=synlogin&username='.$this->user['username'].'&uid='.$this->user['uid'].'&password='.$this->user['password']."&time=".$this->time,$app['authkey'])).'" reload="1"></script>';
}
}
}
return $synstr;
}
}
return '';
}
function onsynlogout() {
$this->init_input();
if($this->app['synlogin']) {
$synstr = '';
foreach($this->cache['apps'] as $appid => $app) {
if($app['synlogin']) {
$synstr .= '<script type="text/javascript" src="'.$app['url'].'/api/'.$app['apifilename'].'?time='.$this->time.'&code='.urlencode($this->authcode('action=synlogout&time='.$this->time,$app['authkey'])).'" reload="1"></script>';
if(is_array($app['extra']['extraurl'])) foreach($app['extra']['extraurl'] as $extraurl) {
$synstr .= '<script type="text/javascript" src="'.$extraurl.'/api/'.$app['apifilename'].'?time='.$this->time.'&code='.urlencode($this->authcode('action=synlogout&time='.$this->time,$app['authkey'])).'" reload="1"></script>';
}
}
}
return $synstr;
}
return '';
}
function onregister() {
$this->init_input();
$username = $this->input('username');
$password = $this->input('password');
$email = $this->input('email');
$questionid = $this->input('questionid');
$answer = $this->input('answer');
$regip = $this->input('regip');
if(($status = $this->_check_username($username)) < 0) {
return $status;
}
if(($status = $this->_check_email($email)) < 0) {
return $status;
}
$uid = $_ENV['user']->add_user($username,$password,$email,$questionid,$answer,$regip);
return $uid;
}
function onedit() {
$this->init_input();
$username = $this->input('username');
$oldpw = $this->input('oldpw');
$newpw = $this->input('newpw');
$email = $this->input('email');
$ignoreoldpw = $this->input('ignoreoldpw');
$questionid = $this->input('questionid');
$answer = $this->input('answer');
if(!$ignoreoldpw && $email && ($status = $this->_check_email($email,$username)) < 0) {
return $status;
}
$status = $_ENV['user']->edit_user($username,$oldpw,$newpw,$ignoreoldpw,$answer);
if($newpw && $status > 0) {
$this->load('note');
$_ENV['note']->add('updatepw','username='.urlencode($username).'&password=');
$_ENV['note']->send();
}
return $status;
}
function onlogin() {
$this->init_input();
$isuid = $this->input('isuid');
$username = $this->input('username');
$password = $this->input('password');
$checkques = $this->input('checkques');
$questionid = $this->input('questionid');
$answer = $this->input('answer');
if($isuid == 1) {
$user = $_ENV['user']->get_user_by_uid($username);
} elseif($isuid == 2) {
$user = $_ENV['user']->get_user_by_email($username);
} else {
$user = $_ENV['user']->get_user_by_username($username);
}
$passwordmd5 = preg_match('/^w{32}$/',$password) ? $password : md5($password);
if(empty($user)) {
$status = -1;
} elseif($user['password'] != md5($passwordmd5.$user['salt'])) {
$status = -2;
} elseif($checkques && $user['secques'] != '' && $user['secques'] != $_ENV['user']->quescrypt($questionid,$answer)) {
$status = -3;
} else {
$status = $user['uid'];
}
$merge = $status != -1 && !$isuid && $_ENV['user']->check_mergeuser($username) ? 1 : 0;
return array($status,$user['username'],$user['email'],$merge);
}
function oncheck_email() {
$this->init_input();
$email = $this->input('email');
return $this->_check_email($email);
}
function oncheck_username() {
$this->init_input();
$username = $this->input('username');
if(($status = $this->_check_username($username)) < 0) {
return $status;
} else {
return 1;
}
}
function onget_user() {
$this->init_input();
$username = $this->input('username');
if(!$this->input('isuid')) {
$status = $_ENV['user']->get_user_by_username($username);
} else {
$status = $_ENV['user']->get_user_by_uid($username);
}
if($status) {
return array($status['uid'],$status['username'],$status['email']);
} else {
return 0;
}
}
function ongetprotected() {
$protectedmembers = $this->db->fetch_all("SELECT uid,username FROM ".UC_DBTABLEPRE."protectedmembers GROUP BY username");
return $protectedmembers;
}
function ondelete() {
$this->init_input();
$uid = $this->input('uid');
return $_ENV['user']->delete_user($uid);
}
function ondeleteavatar() {
$this->init_input();
$uid = $this->input('uid');
$_ENV['user']->delete_useravatar($uid);
}
function onaddprotected() {
$this->init_input();
$username = $this->input('username');
$admin = $this->input('admin');
$appid = $this->app['appid'];
$usernames = (array)$username;
foreach($usernames as $username) {
$user = $_ENV['user']->get_user_by_username($username);
$uid = $user['uid'];
$this->db->query("REPLACE INTO ".UC_DBTABLEPRE."protectedmembers SET uid='$uid',username='$username',appid='$appid',dateline='{$this->time}',admin='$admin'",'SILENT');
}
return $this->db->errno() ? -1 : 1;
}
function ondeleteprotected() {
$this->init_input();
$username = $this->input('username');
$appid = $this->app['appid'];
$usernames = (array)$username;
foreach($usernames as $username) {
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."protectedmembers WHERE username='$username' AND appid='$appid'");
}
return $this->db->errno() ? -1 : 1;
}
function onmerge() {
$this->init_input();
$oldusername = $this->input('oldusername');
$newusername = $this->input('newusername');
$uid = $this->input('uid');
$password = $this->input('password');
$email = $this->input('email');
if(($status = $this->_check_username($newusername)) < 0) {
return $status;
}
$uid = $_ENV['user']->add_user($newusername,$uid);
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."mergemembers WHERE appid='".$this->app['appid']."' AND username='$oldusername'");
return $uid;
}
function onmerge_remove() {
$this->init_input();
$username = $this->input('username');
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."mergemembers WHERE appid='".$this->app['appid']."' AND username='$username'");
return NULL;
}
function _check_username($username) {
$username = addslashes(trim(stripslashes($username)));
if(!$_ENV['user']->check_username($username)) {
return UC_USER_CHECK_USERNAME_FAILED;
} elseif(!$_ENV['user']->check_usernamecensor($username)) {
return UC_USER_USERNAME_BADWORD;
} elseif($_ENV['user']->check_usernameexists($username)) {
return UC_USER_USERNAME_EXISTS;
}
return 1;
}
function _check_email($email,$username = '') {
if(!$_ENV['user']->check_emailformat($email)) {
return UC_USER_EMAIL_FORMAT_ILLEGAL;
} elseif(!$_ENV['user']->check_emailaccess($email)) {
return UC_USER_EMAIL_ACCESS_ILLEGAL;
} elseif(!$this->settings['doublee'] && $_ENV['user']->check_emailexists($email,$username)) {
return UC_USER_EMAIL_EXISTS;
} else {
return 1;
}
}
function ongetcredit($arr) {
$this->init_input();
$appid = $this->input('appid');
$uid = $this->input('uid');
$credit = $this->input('credit');
$this->load('note');
$this->load('misc');
$app = $this->cache['apps'][$appid];
$apifilename = isset($app['apifilename']) && $app['apifilename'] ? $app['apifilename'] : 'uc.php';
if($app['extra']['apppath'] && @include $app['extra']['apppath'].'./api/'.$apifilename) {
$uc_note = new uc_note();
return $uc_note->getcredit(array('uid' => $uid,'credit' => $credit),'');
} else {
$url = $_ENV['note']->get_url_code('getcredit',"uid=$uid&credit=$credit",$appid);
return $_ENV['misc']->dfopen($url,'',1,$app['ip'],UC_NOTE_TIMEOUT);
}
}
//返回的内容为保存该文件的临时位置,camera.swf会通过返回的网址来读取图片
function onuploadavatar() {
@header("Expires: 0");
@header("Cache-Control: private,post-check=0,pre-check=0,max-age=0",FALSE);
@header("Pragma: no-cache");
//header("Content-type: application/xml; charset=utf-8");
$this->init_input(getgpc('agent','G'));
$uid = $this->input('uid');
if(empty($uid)) {
return -1;
}
if(empty($_FILES['Filedata'])) {
return -3;
}
list($width,$height,$type,$attr) = getimagesize($_FILES['Filedata']['tmp_name']);
if(!in_array($type,array(1,2,3,6))) {
@unlink($_FILES['Filedata']['tmp_name']);
return -4;
}
$imgtype = array(1 => '.gif',2 => '.jpg',3 => '.png');
$filetype = $imgtype[$type];
if(!$filetype) $filetype = '.jpg';
//头像临时存放路径
$tmpavatar = UC_DATADIR.'./tmp/upload'.$uid.$filetype;
file_exists($tmpavatar) && @unlink($tmpavatar);
if(@copy($_FILES['Filedata']['tmp_name'],$tmpavatar) || @move_uploaded_file($_FILES['Filedata']['tmp_name'],$tmpavatar)) {
@unlink($_FILES['Filedata']['tmp_name']);
list($width,$attr) = getimagesize($tmpavatar);
if($width < 10 || $height < 10 || $type == 4) {
@unlink($tmpavatar);
return -2;
}
} else {
@unlink($_FILES['Filedata']['tmp_name']);
return -4;
}
$avatarurl = UC_DATAURL.'/tmp/upload'.$uid.$filetype;
//返回临时头像的url路径
return $avatarurl;
}
function onrectavatar() {
@header("Expires: 0");
@header("Cache-Control: private,FALSE);
@header("Pragma: no-cache");
header("Content-type: application/xml; charset=utf-8");
$this->init_input(getgpc('agent'));
$uid = $this->input('uid');
if(empty($uid)) {
return '<root><message type="error" value="-1" /></root>';
}
$home = $this->get_home($uid);//返回头像的三个目录:"00/00/12","/avatar/"."00/00/12"."/45_small.jpg"
if(!is_dir(UC_DATADIR.'./avatar/'.$home)) {
$this->set_home($uid,UC_DATADIR.'./avatar/');//如果没有的话,则创建目录
}
$avatartype = getgpc('avatartype','G') == 'real' ? 'real' : 'virtual';
//UC_DATADIR:d:/wamp/www/discuz3/uc_server/data/
//获取大中小头像的全路径
$bigavatarfile = UC_DATADIR.'./avatar/'.$this->get_avatar($uid,'big',$avatartype);
$middleavatarfile = UC_DATADIR.'./avatar/'.$this->get_avatar($uid,'middle',$avatartype);
$smallavatarfile = UC_DATADIR.'./avatar/'.$this->get_avatar($uid,'small',$avatartype);
//getgpc:获取 $_GET、$_POST、$_COOKIE中数据
$bigavatar = $this->flashdata_decode(getgpc('avatar1','P'));//$_POST
$middleavatar = $this->flashdata_decode(getgpc('avatar2','P'));
$smallavatar = $this->flashdata_decode(getgpc('avatar3','P'));
if(!$bigavatar || !$middleavatar || !$smallavatar) {
return '<root><message type="error" value="-2" /></root>';
}
$success = 1;
//写入二进制数据到图片文件,$bigavatar:二进制数据内容
$fp = @fopen($bigavatarfile,'wb');
@fwrite($fp,$bigavatar);
@fclose($fp);
$fp = @fopen($middleavatarfile,$middleavatar);
@fclose($fp);
$fp = @fopen($smallavatarfile,$smallavatar);//将二进制头像数据信息写入头像文件
@fclose($fp);
/******************************************************************/
$ftps=new Ftp();//实例化一个ftp对象,下面有这个类的定义 //上传头像成功的同时将头像同步到远程服务器
$ftps->connect("127.0.0.1","ftp的用户名","ftp的密码","ftp的端口",true,false);//true-开启了被动模式 false-没有使用ssl连接
$ftps->put("/domains/goodbaobao.taobao.com/public_html/data/avatar/".$this->get_avatar($uid,$avatartype),$bigavatarfile);
$ftps->put("/domains/goodbaobao.taobao.com/public_html/data/avatar/".$this->get_avatar($uid,$middleavatarfile);
$ftps->put("/domains/goodbaobao.taobao.com/public_html/data/avatar/".$this->get_avatar($uid,$smallavatarfile);
$ftps->close();
/******************************************************************/
$biginfo = @getimagesize($bigavatarfile);
$middleinfo = @getimagesize($middleavatarfile);
$smallinfo = @getimagesize($smallavatarfile);
if(!$biginfo || !$middleinfo || !$smallinfo || $biginfo[2] == 4 || $middleinfo[2] == 4 || $smallinfo[2] == 4) {
file_exists($bigavatarfile) && unlink($bigavatarfile);
file_exists($middleavatarfile) && unlink($middleavatarfile);
file_exists($smallavatarfile) && unlink($smallavatarfile);
$success = 0;
}
$filetype = '.jpg';
@unlink(UC_DATADIR.'./tmp/upload'.$uid.$filetype);
if($success) {
return '<?xml version="1.0" ?><root><face success="1"/></root>';
} else {
return '<?xml version="1.0" ?><root><face success="0"/></root>';
}
}
function flashdata_decode($s) {
$r = '';
$l = strlen($s);
for($i=0; $i<$l; $i=$i+2) {
$k1 = ord($s[$i]) - 48;
$k1 -= $k1 > 9 ? 7 : 0;
$k2 = ord($s[$i+1]) - 48;
$k2 -= $k2 > 9 ? 7 : 0;
$r .= chr($k1 << 4 | $k2);
}
return $r;
}
}
//ftp类:头像上传成功的同时将头像同步上传到远程服务器
class Ftp {
//FTP 连接资源
private $link;
//FTP连接时间
public $link_time;
//错误代码
private $err_code = 0;
//传送模式{文本模式:FTP_ASCII,二进制模式:FTP_BINARY}
public $mode = FTP_BINARY;
/**
* 连接FTP服务器
* @param string $host 服务器地址
* @param string $username用户名
* @param string $password密码
* @param integer $port 服务器端口,默认值为21
* @param boolean $pasv 是否开启被动模式
* @param boolean $ssl 是否使用SSL连接
* @param integer $timeout 超时时间
*/
public function connect($host,$username = '',$password = '',$port = '21',$pasv = false,$ssl = false,$timeout = 30) {
$start = time();
if ($ssl) {
if (!$this->link = @ftp_ssl_connect($host,$port,$timeout)) {
$this->err_code = 1;
return false;
}
} else {
if (!$this->link = @ftp_connect($host,$timeout)) {
$this->err_code = 1;
return false;
}
}
if (@ftp_login($this->link,$username,$password)) {
if ($pasv)
ftp_pasv($this->link,true);
$this->link_time = time() - $start;
return true;
} else {
$this->err_code = 1;
return false;
}
register_shutdown_function(array(&$this,'close'));
}
/**
* 创建文件夹
* @param string $dirname 目录名,
*/
public function mkdir($dirname) {
if (!$this->link) {
$this->err_code = 2;
return false;
}
$dirname = $this->ck_dirname($dirname);
$nowdir = '/';
foreach ($dirname as $v) {
if ($v && !$this->chdir($nowdir . $v)) {
if ($nowdir)
$this->chdir($nowdir);
@ftp_mkdir($this->link,$v);
}
if ($v)
$nowdir .= $v . '/';
}
return true;
}
/**
* 上传文件
* @param string $remote 远程存放地址
* @param string $local 本地存放地址
*/
public function put($remote,$local) {
if (!$this->link) {
$this->err_code = 2;
return false;
}
$dirname = pathinfo($remote,PATHINFO_DIRNAME);
if (!$this->chdir($dirname)) {
$this->mkdir($dirname);
}
if (@ftp_put($this->link,$remote,$local,$this->mode)) {
return true;
} else {
$this->err_code = 7;
return false;
}
}
/**
* 删除文件夹
* @param string $dirname 目录地址
* @param boolean $enforce 强制删除
*/
public function rmdir($dirname,$enforce = false) {
if (!$this->link) {
$this->err_code = 2;
return false;
}
$list = $this->nlist($dirname);
if ($list && $enforce) {
$this->chdir($dirname);
foreach ($list as $v) {
$this->f_delete($v);
}
} elseif ($list && !$enforce) {
$this->err_code = 3;
return false;
}
@ftp_rmdir($this->link,$dirname);
return true;
}
/**
* 删除指定文件
* @param string $filename 文件名
*/
public function f_delete($filename) {
if (!$this->link) {
$this->err_code = 2;
return false;
}
if (@ftp_delete($this->link,$filename)) {
return true;
} else {
$this->err_code = 4;
return false;
}
}
/**
* 返回给定目录的文件列表
* @param string $dirname 目录地址
* @return array 文件列表数据
*/
public function nlist($dirname) {
if (!$this->link) {
$this->err_code = 2;
return false;
}
if ($list = @ftp_nlist($this->link,$dirname)) {
return $list;
} else {
$this->err_code = 5;
return false;
}
}
/**
* 在 FTP 服务器上改变当前目录
* @param string $dirname 修改服务器上当前目录
*/
public function chdir($dirname) {
if (!$this->link) {
$this->err_code = 2;
return false;
}
if (@ftp_chdir($this->link,$dirname)) {
return true;
} else {
$this->err_code = 6;
return false;
}
}
/**
* 获取错误信息
*/
public function get_error() {
if (!$this->err_code)
return false;
$err_msg = array(
'1' => 'Server can not connect',
'2' => 'Not connect to server',
'3' => 'Can not delete non-empty folder',
'4' => 'Can not delete file',
'5' => 'Can not get file list',
'6' => 'Can not change the current directory on the server',
'7' => 'Can not upload files'
);
return $err_msg[$this->err_code];
}
/**
* 检测目录名
* @param string $url 目录
* @return 由 / 分开的返回数组
*/
private function ck_dirname($url) {
$url = str_replace('','/',$url);
$urls = explode('/',$url);
return $urls;
}
/**
* 关闭FTP连接
*/
public function close() {
return @ftp_close($this->link);
}
}
?>
二、uc_server/avatar.php文件代码如下:
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware,use is subject to license terms
$Id: avatar.php 1059 2011-03-01 07:25:09Z monkey $
*/
error_reporting(0);
define('UC_API',strtolower(($_SERVER['HTTPS'] == 'on' ? 'https' : 'http').'://'.$_SERVER['HTTP_HOST'].substr($_SERVER['PHP_SELF'],strrpos($_SERVER['PHP_SELF'],'/'))));
$uid = isset($_GET['uid']) ? $_GET['uid'] : 0;
$size = isset($_GET['size']) ? $_GET['size'] : '';
$random = isset($_GET['random']) ? $_GET['random'] : '';
$type = isset($_GET['type']) ? $_GET['type'] : '';
$check = isset($_GET['check_file_exists']) ? $_GET['check_file_exists'] : '';
$avatar = './data/avatar/'.get_avatar($uid,$size,$type);
if(my_file_exists('http://www.jiaoyuonline.com'.$avatar)) {//weiyanhui添加了一层dirname
if($check) {
echo 1;
exit;
}
$random = !empty($random) ? rand(1000,9999) : '';
$avatar_url = empty($random) ? $avatar : $avatar.'?random='.$random;
} else {
if($check) {
echo 0;
exit;
}
$size = in_array($size,array('big','small')) ? $size : 'middle';
$avatar_url = 'images/noavatar_'.$size.'.gif';
}
if(empty($random)) {
header("HTTP/1.1 301 Moved Permanently");
header("Last-Modified:".date('r'));
header("Expires: ".date('r',time() + 86400));
}
header('Location: '.'http://www.aaaa.com/'.$avatar_url);//返回的远程服务器上的头像信息
exit;
function get_avatar($uid,$size = 'middle',$type = '') {
$size = in_array($size,'small')) ? $size : 'middle';
$uid = abs(intval($uid));
$uid = sprintf("%09d",$uid);
$dir1 = substr($uid,3);
$dir2 = substr($uid,2);
$dir3 = substr($uid,5,2);
$typeadd = $type == 'real' ? '_real' : '';
return $dir1.'/'.$dir2.'/'.$dir3.'/'.substr($uid,-2).$typeadd."_avatar_$size.jpg";
}
function my_file_exists($file)
{
if(preg_match('/^http:///',$file)){
//远程文件
if(ini_get('allow_url_fopen')){
if(@fopen($file,'r')) return true;
}
else{
$parseurl=parse_url($file);
$host=$parseurl['host'];
$path=$parseurl['path'];
$fp=fsockopen($host,80,$errno,$errstr,10);
if(!$fp)return false;
fputs($fp,"GET {$path} HTTP/1.1 rnhost:{$host}rnrn");
if(preg_match('/HTTP/1.1 200/',fgets($fp,1024))) return true;
}
return false;
}
return file_exists($file);
}
?>
三、后台设置远程附件:
四、sql修改:
update pre_forum_attachment_0 set remote = '1';
update pre_forum_attachment_1 set remote = '1';
update pre_forum_attachment_2 set remote = '1';
update pre_forum_attachment_3 set remote = '1';
update pre_forum_attachment_4 set remote = '1';
update pre_forum_attachment_5 set remote = '1';
update pre_forum_attachment_6 set remote = '1';
update pre_forum_attachment_7 set remote = '1';
update pre_forum_attachment_8 set remote = '1';
update pre_forum_attachment_9 set remote = '1';
update pre_portal_article_title set remote=1;
update pre_portal_attachment set remote=1;
update pre_portal_topic_pic set remote=1;
update pre_home_pic set remote=remote+1;
五、效果如下: