-
Notifications
You must be signed in to change notification settings - Fork 70
/
Copy pathtransfer.php
67 lines (46 loc) · 1.62 KB
/
transfer.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
<?php
session_start();
unset($_SESSION['nick']);
unset($_SESSION['authenticated_user_id']);
unset($_SESSION['app_unique_key']);
unset($_SESSION['appKey']);
unset($_SESSION['appSecret']);
unset($_SESSION['topsession']);
$root_directory = dirname(__FILE__)."/";
require($root_directory.'include/init.php');
$top_appkey = $_GET['top_appkey'];
$top_parameters = $_GET['top_parameters'];
$top_session = $_GET['top_session'];
$top_sign = $_GET['top_sign'];
if(empty($top_sign)){
header("Location: Login.php");
}
$appKey =$top_appkey;
$appSecret ="12a22f00e474ded4c59a6d0a5e0cee67";
$md5 = md5( $top_appkey . $top_parameters . $top_session . $appSecret, true );
$sign = base64_encode( $md5 );
if ( $sign != $top_sign ) {
echo "<script>alert(\"signature invalid.\");window.location.href=\"Login.php\"</script>";
die;
}
$_SESSION['sign'] = $sign;
$parameters = array();
parse_str( base64_decode( $top_parameters ), $parameters );
/* $now = time();
$ts = $parameters['ts'] / 1000;
if ( $ts > ( $now + 60 * 10 ) || $now > ( $ts + 60 * 30 ) ) {
echo "<script>alert(\"request out of date.\");window.location.href=\"Login.php\"</script>";die;
} */
$_SESSION['topsession'] = $_REQUEST['top_session'];
$_SESSION['nick'] = iconv_ec("GBK","UTF-8",$parameters['visitor_nick']);
$userid = getUserIDByNick($_SESSION['nick']);
if($userid == 0){
$userid = InsertNickInfo($_SESSION['nick']);
}
$_SESSION['authenticated_user_id'] = $userid;
$_SESSION['app_unique_key'] = $application_unique_key;
$_SESSION['appKey'] = $appKey;
$_SESSION['appSecret'] = $appSecret;
$_SESSION['authenticated_user_language'] = 'zh_cn';
header("Location: main.php");
?>