First commit

source/plugin/witframe_api/api.inc.php

@@ -0,0 +1,9 @@
+<?php
+
+if (!defined('IN_DISCUZ')) {
+	exit('Access Denied');
+}
+
+require_once DISCUZ_ROOT . './source/plugin/witframe_api/core.php';
+
+Lib\Remote::getInstance()->run();

source/plugin/witframe_api/class/remote.class.php

@@ -0,0 +1,166 @@
+<?php
+
+namespace WitClass;
+
+class Remote {
+
+	private $charset = '';
+
+	public function __construct($charset = '') {
+		if ($charset) {
+			$this->charset = strtolower($charset);
+		}
+	}
+
+	public function paramDecode($key) {
+		if (empty($_POST[$key])) {
+			return array();
+		}
+
+		return $this->iconv(!is_array($_POST[$key]) ? unserialize($_POST[$key]) : $_POST[$key], 'UTF-8', $this->charset);
+	}
+
+	public function check($hash) {
+		require 'config/config_ucenter.php';
+
+		$this->charset = strtolower(UC_CHARSET);
+
+		$t = substr(time(), 0, 7);
+		$code = sha1($hash . UC_KEY . $t);
+		return $code == $_GET['code'];
+	}
+
+	public function output($value) {
+		echo json_encode($this->iconv($value, $this->charset, 'UTF-8'));
+		exit;
+	}
+
+	public function showOutput() {
+		$return = array('ret' => 0);
+
+		$s = ob_get_contents();
+		ob_end_clean();
+		$return['data']['content'] = $s;
+
+		$this->_setSysVar($return['data']);
+		$this->output($return);
+	}
+
+	public function rawOutput() {
+		exit;
+	}
+
+	public function convertOutput($output) {
+		ob_end_clean();
+		$return = array('ret' => 0);
+
+		$this->_setSysVar($return['data'], $output);
+		$tmp = $GLOBALS;
+		foreach ($output as $k => $v) {
+			if (strpos($k, '/') !== false) {
+				$return['data'][$v] = $this->_arrayVar($tmp, $k);
+			} else {
+				$return['data'][$v] = $this->_singleVar($tmp, $k);
+			}
+		}
+
+		$this->output($return);
+	}
+
+	public function sessionDecode($v) {
+		return unserialize(base64_decode($v));
+	}
+
+	private function _sessionEncode($v) {
+		return base64_encode(serialize($v));
+	}
+
+	private function _setSysVar(&$data, &$output = array()) {
+		global $_G;
+		$data['_session'] = $this->_sessionEncode($_COOKIE);
+		$data['_formhash'] = $this->_singleVar($_G, 'formhash');
+		if (isset($output['_attachhash'])) {
+			if (!empty($_G['config']['security']['authkey'])) {
+				$data['_attachhash'] = md5(substr(md5($_G['config']['security']['authkey']), 8) . $_G['uid']);
+			}
+			unset($output['_attachhash']);
+		}
+
+		unset($_G['config'],
+			$_G['setting']['siteuniqueid'],
+			$_G['setting']['ec_tenpay_opentrans_chnid'],
+			$_G['setting']['ec_tenpay_opentrans_key'],
+			$_G['setting']['ec_tenpay_bargainor'],
+			$_G['setting']['ec_tenpay_key'],
+			$_G['setting']['ec_account'],
+			$_G['setting']['ec_contract']);
+	}
+
+	private function _singleVar(&$var, $k) {
+		return isset($var[$k]) ? $var[$k] : null;
+	}
+
+	private function _arrayVar(&$var, $k) {
+		$value = null;
+		$sVar = &$var;
+		$e = explode('/', $k);
+		$count = count($e);
+		foreach ($e as $i => $_k) {
+			if ($_k == '*') {
+				foreach ($sVar as $_k3 => $_v3) {
+					$nKey = implode('/', array_slice($e, $i + 1));
+					$value[$_k3] = $this->_arrayVar($_v3, $nKey);
+				}
+				break;
+			}
+			$isMulti = strpos($_k, ',') !== false;
+			if (!isset($sVar[$_k]) && !$isMulti) {
+				break;
+			}
+			if ($isMulti) {
+				$value = null;
+				foreach (explode(',', $_k) as $_k2) {
+					$value[$_k2] = $this->_singleVar($sVar, $_k2);
+				}
+				break;
+			} else {
+				if ($count - 1 == $i) {
+					$value = $this->_singleVar($sVar, $_k);
+				}
+				$sVar = &$sVar[$_k];
+			}
+		}
+		return $value;
+	}
+
+	public function iconv($variables, $in_charset, $out_charset) {
+		if ($this->charset == 'utf-8') {
+			return $variables;
+		}
+		if (is_string($variables)) {
+			return $this->_iconvStr($variables, $in_charset, $out_charset);
+		}
+		if (is_array($variables)) {
+			foreach ($variables as $k => $v) {
+				if (is_array($v)) {
+					$variables[$k] = $this->iconv($v, $in_charset, $out_charset);
+				} elseif (is_string($v)) {
+					$variables[$k] = $this->_iconvStr($v, $in_charset, $out_charset);
+				}
+			}
+		}
+
+		return $variables;
+	}
+
+	private function _iconvStr($v, $in_charset, $out_charset) {
+		if (function_exists('diconv')) {
+			return diconv($v, $in_charset, $out_charset);
+		} elseif (function_exists('iconv')) {
+			return iconv($in_charset, $out_charset, $v);
+		} else {
+			return $v;
+		}
+	}
+
+}

source/plugin/witframe_api/core.php

@@ -0,0 +1,134 @@
+<?php
+
+namespace Lib;
+
+if (!defined('IN_DISCUZ')) {
+	exit('Access Denied');
+}
+
+require_once DISCUZ_ROOT . './source/plugin/witframe_api/lib/crypt.php';
+
+use C;
+use Crypt;
+use Exception;
+
+spl_autoload_register(function ($class) {
+	if (substr($class, 0, 4) == 'Lib\\') {
+		$f = strtolower(substr($class, 4));
+		if (!preg_match('/^\w+$/', $f)) {
+			return false;
+		}
+		require_once DISCUZ_ROOT . './source/plugin/witframe_api/lib/' . $f . '.php';
+	}
+}, true, true);
+
+class Core {
+	const WitApiURL = 'https://api.witframe.com/lib';
+
+	const CoreClass = 'Lib\Core\Core';
+	const SignExpire = 600;
+
+	const SettingKey = 'witframe_v1';
+
+	const Type_StaticMethod = 0;
+	const Type_NewClass = 1;
+	const Type_ObjMethod = 2;
+	const Type_ApisMethod = 3;
+
+	public static function RequestWit($class, $func, $param, $type = self::Type_StaticMethod) {
+		try {
+			if(!function_exists('curl_init') || !function_exists('curl_exec')) {
+				throw new Exception('CURL is not enabled');
+			}
+
+			$baseConf = self::GetSetting();
+			if($baseConf) {
+				if(empty($baseConf['witUid'])) {
+					throw new Exception('witUid is not exists, check conf/config.ini');
+				}
+				if(empty($baseConf['witPid'])) {
+					throw new Exception('witPid is not exists, check conf/config.ini');
+				}
+				if(empty($baseConf['witSecretId'])) {
+					throw new Exception('witSecretId is not exists, check conf/config.ini');
+				}
+				if(empty($baseConf['witSecretKey'])) {
+					throw new Exception('witSecretKey is not exists, check conf/config.ini');
+				}
+			} else {
+				$secretId = substr(time(), 0, 7);
+				$secretKey = md5($secretId);
+				$baseConf = array(
+					'witUid' => "0",
+					'witSecretId' => $secretId,
+					'witSecretKey' => $secretKey,
+					'witPid' => "0",
+					'ver' => 0,
+				);
+			}
+
+			$requestBody = array(
+				'witUid' => $baseConf['witUid'],
+				'witPid' => $baseConf['witPid'],
+				'class' => $class,
+				'func' => $func,
+				'param' => $param,
+				'type' => $type,
+			);
+			$requestBody['t'] = time();
+			$requestBody['sign'] = self::_getSign($baseConf['witSecretId'], $baseConf['witSecretKey'], $requestBody);
+
+			$ch = curl_init();
+			curl_setopt($ch, CURLOPT_URL, self::WitApiURL);
+			curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+			curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+			curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
+			curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($requestBody));
+			$response = curl_exec($ch);
+			if(!$response) {
+				throw new Exception($class.'::'.$func.'() response error');
+			}
+			$responseBody = json_decode($response, true);
+			if(!$responseBody) {
+				throw new Exception($class.'::'.$func.'() response error');
+			}
+			if($func == 'Discuz_GetConf') {
+				if($responseBody['errCode']) {
+					self::SetSetting(array());
+					return array();
+				}
+				if(empty($baseConf['witUid']) || empty($baseConf['ver']) ||
+					!empty($responseBody['data']['ver']) && $responseBody['data']['ver'] > $baseConf['ver']) {
+					self::SetSetting($responseBody['data']);
+				}
+			}
+			if($responseBody['errCode']) {
+				throw new Exception($class.'::'.$func.'() response '.$responseBody['message'], $responseBody['errCode']);
+			}
+		} catch(Exception $e) {
+			writelog('witframe', $e->getCode().': '.$e->getMessage());
+			return array();
+		}
+		return $responseBody['data'];
+	}
+
+	public static function GetSetting() {
+		global $_G;
+		if (!empty($_G['setting'][self::SettingKey])) {
+			return unserialize($_G['setting'][self::SettingKey]);
+		}
+		return array();
+	}
+
+	public static function SetSetting($data) {
+		C::t('common_setting')->update_batch(array(self::SettingKey => $data));
+		require_once libfile('function/cache');
+		updatecache('setting');
+	}
+
+	private static function _getSign($witSecretId, $witSecretKey, $data) {
+		$srcStr = $witSecretId . '|' . serialize($data);
+		return Crypt::encode($witSecretKey, 'sha1', $srcStr);
+	}
+
+}

source/plugin/witframe_api/discuz_plugin_witframe_api.xml

@@ -0,0 +1,76 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<root>
+	<item id="Title"><![CDATA[Discuz! Plugin]]></item>
+	<item id="Version"><![CDATA[X3.4]]></item>
+	<item id="Time"><![CDATA[2022-12-02 16:40]]></item>
+	<item id="From"><![CDATA[Discuz! Board (http://localhost/discuzx/upload/)]]></item>
+	<item id="Data">
+		<item id="plugin">
+			<item id="available"><![CDATA[1]]></item>
+			<item id="adminid"><![CDATA[0]]></item>
+			<item id="name"><![CDATA[WitFrame API]]></item>
+			<item id="identifier"><![CDATA[witframe_api]]></item>
+			<item id="description"><![CDATA[]]></item>
+			<item id="datatables"><![CDATA[]]></item>
+			<item id="directory"><![CDATA[witframe_api/]]></item>
+			<item id="copyright"><![CDATA[WITFRAME]]></item>
+			<item id="version"><![CDATA[1.6]]></item>
+			<item id="__modules">
+				<item id="0">
+					<item id="name"><![CDATA[location]]></item>
+					<item id="param"><![CDATA[]]></item>
+					<item id="menu"><![CDATA[平台入口]]></item>
+					<item id="url"><![CDATA[]]></item>
+					<item id="type"><![CDATA[3]]></item>
+					<item id="adminid"><![CDATA[0]]></item>
+					<item id="displayorder"><![CDATA[0]]></item>
+					<item id="navtitle"><![CDATA[]]></item>
+					<item id="navicon"><![CDATA[]]></item>
+					<item id="navsubname"><![CDATA[]]></item>
+					<item id="navsuburl"><![CDATA[]]></item>
+				</item>
+				<item id="1">
+					<item id="name"><![CDATA[remote]]></item>
+					<item id="param"><![CDATA[]]></item>
+					<item id="menu"><![CDATA[平台入口]]></item>
+					<item id="url"><![CDATA[]]></item>
+					<item id="type"><![CDATA[11]]></item>
+					<item id="adminid"><![CDATA[0]]></item>
+					<item id="displayorder"><![CDATA[0]]></item>
+					<item id="navtitle"><![CDATA[]]></item>
+					<item id="navicon"><![CDATA[]]></item>
+					<item id="navsubname"><![CDATA[]]></item>
+					<item id="navsuburl"><![CDATA[]]></item>
+				</item>
+				<item id="2">
+					<item id="name"><![CDATA[remote]]></item>
+					<item id="param"><![CDATA[]]></item>
+					<item id="menu"><![CDATA[]]></item>
+					<item id="url"><![CDATA[]]></item>
+					<item id="type"><![CDATA[28]]></item>
+					<item id="adminid"><![CDATA[0]]></item>
+					<item id="displayorder"><![CDATA[0]]></item>
+					<item id="navtitle"><![CDATA[]]></item>
+					<item id="navicon"><![CDATA[]]></item>
+					<item id="navsubname"><![CDATA[]]></item>
+					<item id="navsuburl"><![CDATA[]]></item>
+				</item>
+				<item id="3">
+					<item id="name"><![CDATA[setting]]></item>
+					<item id="param"><![CDATA[]]></item>
+					<item id="menu"><![CDATA[设置]]></item>
+					<item id="url"><![CDATA[]]></item>
+					<item id="type"><![CDATA[3]]></item>
+					<item id="adminid"><![CDATA[0]]></item>
+					<item id="displayorder"><![CDATA[0]]></item>
+					<item id="navtitle"><![CDATA[]]></item>
+					<item id="navicon"><![CDATA[]]></item>
+					<item id="navsubname"><![CDATA[]]></item>
+					<item id="navsuburl"><![CDATA[]]></item>
+				</item>
+			</item>
+		</item>
+		<item id="version"><![CDATA[X3.2,X3.3,X3.4,X3.5,W1.0]]></item>
+		<item id="installfile"><![CDATA[install.php]]></item>
+	</item>
+</root>

source/plugin/witframe_api/install.php

@@ -0,0 +1,11 @@
+<?php
+
+if(!defined('IN_DISCUZ')) {
+	exit('Access Denied');
+}
+
+require_once DISCUZ_ROOT . './source/plugin/witframe_api/core.php';
+
+Lib\Site::Discuz_GetConf($_G['setting']['siteuniqueid']);
+
+$finish = TRUE;

source/plugin/witframe_api/lib/api.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace Lib;
+
+if (!defined('IN_DISCUZ')) {
+	exit('Access Denied');
+}
+
+class Api {
+
+	public static function __callStatic($name, $arguments) {
+		$return = Core::RequestWit(__CLASS__, $name, $arguments, Core::Type_NewClass);
+		if (!isset($return['obj'])) {
+			return null;
+		}
+		return new Api_Obj($return['obj']);
+	}
+
+}
+
+class Api_Obj {
+
+	public function __construct($obj) {
+		$this->obj = $obj;
+	}
+
+	public function __call($name, $arguments) {
+		$return = Core::RequestWit($this->obj, $name, $arguments, Core::Type_ObjMethod);
+		$this->obj = $return['obj'];
+		return $return['return'];
+	}
+
+}

source/plugin/witframe_api/lib/apis.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace Lib;
+
+use Exception;
+
+if (!defined('IN_DISCUZ')) {
+	exit('Access Denied');
+}
+
+class Apis {
+
+	public static function __callStatic($name, $arguments) {
+		list($plugin, $identifier, $interface, $action) = explode('_', $name);
+		if (!preg_match('/^[A-Z]\w+$/', $plugin) ||
+			!preg_match('/^\w+$/', $identifier) ||
+			!preg_match('/^\w+$/', $interface)) {
+			throw new Exception('plugin identifier is invalid', -1);
+		}
+
+		if (!$action) {
+			$action = 'index';
+		} elseif (!preg_match('/^\w+$/', $action)) {
+			throw new Exception('plugin identifier is invalid', -1);
+		}
+
+		return Core::RequestWit(__CLASS__, $name, $arguments, Core::Type_ApisMethod);
+	}
+
+}

source/plugin/witframe_api/lib/crypt.php

@@ -0,0 +1,101 @@
+<?php
+
+if (!defined('IN_DISCUZ')) {
+	exit('Access Denied');
+}
+
+class Crypt {
+
+	protected static $_key = null;
+
+	protected static $_hashAlgorithm = 'md5';
+
+	protected static $_supportedMhashAlgorithms = array('adler32', ' crc32', 'crc32b', 'gost',
+		'haval128', 'haval160', 'haval192', 'haval256', 'md4', 'md5', 'ripemd160',
+		'sha1', 'sha256', 'tiger', 'tiger128', 'tiger160');
+
+	const STRING = 'string';
+	const BINARY = 'binary';
+
+	protected static $_supportedAlgosMhash = array(
+		'adler32',
+		'crc32',
+		'crc32b',
+		'gost',
+		'haval128',
+		'haval160',
+		'haval192',
+		'haval256',
+		'md4',
+		'md5',
+		'ripemd160',
+		'sha1',
+		'sha256',
+		'tiger',
+		'tiger128',
+		'tiger160'
+	);
+
+	public static function encode($key, $hash, $data, $output = self::STRING) {
+
+		if (!isset($key) || empty($key)) {
+			throw new Exception('provided key is null or empty');
+		}
+		self::$_key = $key;
+
+		self::_setHashAlgorithm($hash);
+
+		return self::_hash($data, $output);
+	}
+
+	protected static function _setHashAlgorithm($hash) {
+
+		if (!isset($hash) || empty($hash)) {
+			throw new Exception('provided hash string is null or empty');
+		}
+
+		$hash = strtolower($hash);
+		$hashSupported = false;
+
+		if (function_exists('hash_algos') && in_array($hash, hash_algos())) {
+			$hashSupported = true;
+		}
+
+		if ($hashSupported === false && function_exists('mhash') && in_array($hash, self::$_supportedAlgosMhash)) {
+			$hashSupported = true;
+		}
+
+		if ($hashSupported === false) {
+			throw new Exception('hash algorithm provided is not supported on this PHP installation; please enable the hash or mhash extensions');
+		}
+
+		self::$_hashAlgorithm = $hash;
+	}
+
+	protected static function _hash($data, $output = self::STRING) {
+
+		if (function_exists('hash_hmac')) {
+			if ($output == self::BINARY) {
+				return hash_hmac(self::$_hashAlgorithm, $data, self::$_key, 1);
+			}
+			return hash_hmac(self::$_hashAlgorithm, $data, self::$_key);
+		}
+
+		if (function_exists('mhash')) {
+			if ($output == self::BINARY) {
+				return mhash(self::_getMhashDefinition(self::$_hashAlgorithm), $data, self::$_key);
+			}
+			$bin = mhash(self::_getMhashDefinition(self::$_hashAlgorithm), $data, self::$_key);
+			return bin2hex($bin);
+		}
+	}
+
+	protected static function _getMhashDefinition($hashAlgorithm) {
+
+		for ($i = 0; $i <= mhash_count(); $i++) {
+			$types[mhash_get_hash_name($i)] = $i;
+		}
+		return $types[strtoupper($hashAlgorithm)];
+	}
+
+}

source/plugin/witframe_api/lib/remote.php

@@ -0,0 +1,133 @@
+<?php
+
+namespace Lib;
+
+use C;
+
+if (!defined('IN_DISCUZ')) {
+	exit('Access Denied');
+}
+
+require_once DISCUZ_ROOT . './source/plugin/witframe_api/class/remote.class.php';
+loaducenter();
+
+class Remote {
+
+	const Ret_Success = 0;
+	const Ret_AuthFail = -1;
+	const Ret_ParamFail = -2;
+
+	const AuthExpire = 300;
+
+	var $method = '';
+	var $get = array();
+	var $post = array();
+	var $r;
+
+	private static $_instance;
+
+	public static function getInstance() {
+		self::$_instance = new self();
+		return self::$_instance;
+	}
+
+	public function run() {
+		$get = $post = array();
+
+		if (empty($_GET['code'])) {
+			$this->_return(self::Ret_AuthFail);
+		}
+		parse_str(authcode($_GET['code'], 'DECODE', UC_KEY), $get);
+
+		if (time() - $get['t'] > self::AuthExpire) {
+			$this->_return(self::Ret_AuthFail);
+		}
+
+		if (empty($get['action'])) {
+			$this->_return(self::Ret_ParamFail);
+		}
+
+		$this->method = '_action_' . $get['action'];
+		if (!method_exists($this, $this->method)) {
+			$this->_return(self::Ret_ParamFail);
+		}
+
+		$this->get = $get;
+		$this->post = !empty($_POST) ? $_POST : array();
+
+		$this->r = new \WitClass\Remote(UC_CHARSET);
+
+		return call_user_func(array($this, $this->method));
+	}
+
+	private function _action_test() {
+		$this->_return(self::Ret_Success, array('time' => time()));
+	}
+
+	private function _action_getUser() {
+		$user = array();
+		if (!empty($this->get['username'])) {
+			$this->get['username'] = $this->r->iconv($this->get['username'], 'UTF-8', UC_CHARSET);
+			$user = uc_get_user($this->get['username']);
+		} elseif (!empty($this->get['uid'])) {
+			$user = uc_get_user($this->get['uid'], 1);
+		}
+		if (!$user) {
+			$this->_return(self::Ret_Success);
+		}
+		$return = array('errCode' => 0);
+		list($return['uid'], $return['username'], $return['email']) = $user;
+		$return['avatar'] = $this->_getAvatar($return['uid']);
+		$return['count'] = C::t('common_member_count')->fetch($return['uid']);
+		$this->_return(self::Ret_Success, $return);
+	}
+
+	private function _action_getSiteInfo() {
+		global $_G;
+		$return['siteName'] = $_G['setting']['bbname'];
+		$return['extcredits'] = $_G['setting']['extcredits'];
+		$this->_return(self::Ret_Success, $return);
+	}
+
+	private function _action_login() {
+		if (empty($this->get['password'])) {
+			$this->_return(self::Ret_ParamFail);
+		}
+		$name = '';
+		$isUid = 0;
+		if (!empty($this->get['username'])) {
+			$name = $this->get['username'];
+		} elseif (!empty($this->get['uid'])) {
+			$name = $this->get['uid'];
+			$isUid = 1;
+		} elseif (!empty($this->get['email'])) {
+			$name = $this->get['email'];
+			$isUid = 2;
+		} else {
+			$this->_return(self::Ret_ParamFail);
+		}
+		$user = uc_user_login($name, $this->get['password'], $isUid);
+		if (!$user) {
+			$this->_return(self::Ret_Success);
+		}
+		list($status) = $user;
+		if ($status <= 0) {
+			$this->_return(self::Ret_Success, array('errCode' => $status));
+		}
+		$return = array('errCode' => 0);
+		list($return['uid'], $return['username'], , $return['email']) = $user;
+		$return['avatar'] = $this->_getAvatar($return['uid']);
+		$this->_return(self::Ret_Success, $return);
+	}
+
+	private function _getAvatar($uid) {
+		return UC_API . '/avatar.php?uid=' . $uid . '&size=middle';
+	}
+
+	private function _return($ret, $data = array()) {
+		$this->r->output(array(
+			'ret' => $ret,
+			'data' => $data,
+		));
+	}
+}

source/plugin/witframe_api/lib/site.php

@@ -0,0 +1,15 @@
+<?php
+
+namespace Lib;
+
+if (!defined('IN_DISCUZ')) {
+	exit('Access Denied');
+}
+
+class Site {
+
+	public static function __callStatic($name, $arguments) {
+		return Core::RequestWit(__CLASS__, $name, $arguments, Core::Type_StaticMethod);
+	}
+
+}

source/plugin/witframe_api/location.inc.php

@@ -0,0 +1,24 @@
+<?php
+
+if (!defined('IN_DISCUZ')) {
+	exit('Access Denied');
+}
+
+require_once DISCUZ_ROOT . './source/plugin/witframe_api/core.php';
+
+$conf = Lib\Site::Discuz_GetConf($_G['setting']['siteuniqueid']);
+
+if (!$conf) {
+	cpmsg('&#x65E0;&#x6CD5;&#x8BBF;&#x95EE; WitFrame!&#xFF0C;&#x8BF7;&#x68C0;&#x67E5;&#x7F51;&#x7EDC;');
+}
+
+$ret = Lib\Site::Discuz_LoginWit($_G['setting']['siteuniqueid']);
+
+if (!$ret) {
+	cpmsg('&#x65E0;&#x6CD5;&#x8BBF;&#x95EE; WitFrame!&#xFF0C;&#x8BF7;&#x68C0;&#x67E5;&#x7F51;&#x7EDC;');
+}
+
+?>
+<div class="infobox">
+	<h4 class="infotitle2"><a href="<?php echo $ret['url']; ?>" target="_blank">&#x70B9;&#x6B64;&#x8BBF;&#x95EE; WitFrame!</a></h4>
+</div>

source/plugin/witframe_api/page.remote.php

@@ -0,0 +1,63 @@
+<?php
+
+chdir('../../../');
+
+define('IN_WITFRAME_API_REMOTE', 1);
+define('DISCUZ_OUTPUTED', 1);
+define('IN_WITFRAME_API_REMOTE_DEBUG', !empty($_GET['_debug']) ? 1 : 0);
+
+
+require_once './source/plugin/witframe_api/class/remote.class.php';
+
+if (!empty($_POST)) {
+	$r = new WitClass\Remote();
+	if (empty($_POST['_script_'])) {
+		$r->output(array(
+			'ret' => -1,
+		));
+	}
+
+	if (!preg_match('/^\w+$/', $_POST['_script_'])) {
+		$r->output(array(
+			'ret' => -2,
+		));
+	}
+
+	$script = $_POST['_script_'];
+	$session = !empty($_POST['_session_']) ? $_POST['_session_'] : '';
+	if (!$r->check($script . $session)) {
+		$r->output(array(
+			'ret' => -4,
+		));
+	}
+
+	$output = !empty($_POST['_output_']) ? $_POST['_output_'] : array();
+	$rawOutput = !empty($_POST['_raw_']);
+	$_GET = $r->paramDecode('_get_');
+	$cookies = $session ? $r->sessionDecode($session) : array();
+	foreach ($cookies as $k => $v) {
+		$_COOKIE[$k] = $v;
+		setcookie($k, $v);
+	}
+	$_POST = $r->paramDecode('_post_');
+
+	$shutdownFunc = 'showOutput';
+	if($rawOutput) {
+		$shutdownFunc = 'rawOutput';
+	} elseif($output) {
+		$shutdownFunc = 'convertOutput';
+	}
+
+	register_shutdown_function(array($r, $shutdownFunc), $output);
+
+	try {
+		require './' . $script . '.php';
+	} catch (Exception $e) {
+		$r->output(array(
+			'ret' => -3,
+		));
+	}
+} else {
+	$_GET['id'] = 'witframe_api:api';
+	require './plugin.php';
+}

source/plugin/witframe_api/remote.class.php

@@ -0,0 +1,19 @@
+<?php
+
+if (!defined('IN_DISCUZ')) {
+	exit('Access Denied');
+}
+
+class base_plugin_witframe_api {
+	function global_witframe_api() {
+		if (defined('IN_WITFRAME_API_REMOTE')) {
+			exit;
+		}
+	}
+}
+
+class plugin_witframe_api extends base_plugin_witframe_api {
+}
+
+class mobileplugin_witframe_api extends plugin_witframe_api {
+}

source/plugin/witframe_api/setting.inc.php

@@ -0,0 +1,33 @@
+<?php
+
+if (!defined('IN_DISCUZ')) {
+    exit('Access Denied');
+}
+
+require_once DISCUZ_ROOT . './source/plugin/witframe_api/core.php';
+
+$conf = Lib\Core::GetSetting();
+
+$mask = '****************';
+
+if (submitcheck('editsubmit')) {
+    $settingnew = !empty($_GET['settingnew']) ? $_GET['settingnew'] : array();
+    $settingnew['ver'] = !empty($conf['ver']) && $conf['ver'] > 1 ? $conf['ver'] : 1;
+    if (strpos($settingnew['witSecretKey'], $mask) !== false) {
+        $settingnew['witSecretKey'] = $conf['witSecretKey'];
+    }
+    Lib\Core::SetSetting($settingnew);
+    cpmsg('&#x8BBE;&#x7F6E;&#x5DF2;&#x66F4;&#x65B0;', 'action=plugins&operation=config&do=' . $pluginid . '&identifier=witframe_api&pmod=setting', 'succeed');
+}
+
+$conf['witSecretKey'] = $conf['witSecretKey'] ? substr($conf['witSecretKey'], 0, 3) . $mask . substr($conf['witSecretKey'], -3) : '';
+
+showtableheader();
+showformheader('plugins&operation=config&do=' . $pluginid . '&identifier=witframe_api&pmod=setting', '');
+showsetting('witUid', 'settingnew[witUid]', $conf['witUid'], 'text');
+showsetting('witSecretId', 'settingnew[witSecretId]', $conf['witSecretId'], 'text');
+showsetting('witSecretKey', 'settingnew[witSecretKey]', $conf['witSecretKey'], 'text');
+showsetting('witPid', 'settingnew[witPid]', $conf['witPid'], 'text');
+showsubmit('editsubmit');
+showformfooter();
+showtablefooter();

source/plugin/witframe_api/test.inc.php

@@ -0,0 +1,5 @@
+<?php
+
+if (!defined('IN_DISCUZ')) {
+	exit('Access Denied');
+}