do fixes bug to qq login oauth bugs
Showing
2 changed files
with
5 additions
and
12 deletions
| @@ -38,7 +38,7 @@ class Oauth{ | @@ -38,7 +38,7 @@ class Oauth{ | ||
| 38 | // $this->recorder->write('state',$state); | 38 | // $this->recorder->write('state',$state); |
| 39 | //$_SESSION['qqstate'] = $state; | 39 | //$_SESSION['qqstate'] = $state; |
| 40 | 40 | ||
| 41 | - Session::start('yohobuy_qq_session', null, 'yohobuy.com')->__set('qqstate', $state); | 41 | + setcookie('_QQ_STATE', $state, 0, '/', '.yohobuy.com'); |
| 42 | 42 | ||
| 43 | //-------构造请求参数列表 | 43 | //-------构造请求参数列表 |
| 44 | $keysArr = array( | 44 | $keysArr = array( |
| @@ -59,8 +59,7 @@ class Oauth{ | @@ -59,8 +59,7 @@ class Oauth{ | ||
| 59 | 59 | ||
| 60 | //--------验证state防止CSRF攻击 | 60 | //--------验证state防止CSRF攻击 |
| 61 | // if($_GET['state'] != $state){ | 61 | // if($_GET['state'] != $state){ |
| 62 | - $state = Session::start('yohobuy_qq_session', null, 'yohobuy.com')->__get('qqstate'); | ||
| 63 | - echo $state, '+++', $_GET['state']; | 62 | + $state = isset($_COOKIE['_QQ_STATE']) ? $_COOKIE['_QQ_STATE'] : null; |
| 64 | if ($_GET['state'] != $state) { | 63 | if ($_GET['state'] != $state) { |
| 65 | $this->error->showError("30001"); | 64 | $this->error->showError("30001"); |
| 66 | } | 65 | } |
| @@ -8,8 +8,6 @@ | @@ -8,8 +8,6 @@ | ||
| 8 | 8 | ||
| 9 | require_once(QC_CLASS_PATH . 'ErrorCase.class.php'); | 9 | require_once(QC_CLASS_PATH . 'ErrorCase.class.php'); |
| 10 | 10 | ||
| 11 | -use Hood\Session; | ||
| 12 | - | ||
| 13 | class Recorder | 11 | class Recorder |
| 14 | { | 12 | { |
| 15 | 13 | ||
| @@ -27,13 +25,9 @@ class Recorder | @@ -27,13 +25,9 @@ class Recorder | ||
| 27 | if (empty($this->inc)) { | 25 | if (empty($this->inc)) { |
| 28 | $this->error->showError("20001"); | 26 | $this->error->showError("20001"); |
| 29 | } | 27 | } |
| 28 | + | ||
| 29 | + self::$data = array(); | ||
| 30 | 30 | ||
| 31 | - $userData = Session::start('yohobuy_qq_session', null, 'yohobuy.com')->__get('QC_userData'); | ||
| 32 | - if (empty($userData)) { | ||
| 33 | - self::$data = array(); | ||
| 34 | - } else { | ||
| 35 | - self::$data = $userData; | ||
| 36 | - } | ||
| 37 | // if(empty($_SESSION['QC_userData'])){ | 31 | // if(empty($_SESSION['QC_userData'])){ |
| 38 | // self::$data = array(); | 32 | // self::$data = array(); |
| 39 | // }else{ | 33 | // }else{ |
| @@ -71,8 +65,8 @@ class Recorder | @@ -71,8 +65,8 @@ class Recorder | ||
| 71 | 65 | ||
| 72 | function __destruct() | 66 | function __destruct() |
| 73 | { | 67 | { |
| 68 | + self::$data = null; | ||
| 74 | //$_SESSION['QC_userData'] = self::$data; | 69 | //$_SESSION['QC_userData'] = self::$data; |
| 75 | - Session::start('yohobuy_qq_session', null, 'yohobuy.com')->__set('QC_userData', self::$data); | ||
| 76 | } | 70 | } |
| 77 | 71 | ||
| 78 | } | 72 | } |
-
Please register or login to post a comment