/**
* Handle an xml request and perform actions based on the type of request
*
* @param string the raw xml request
*
* @return void
**/
public function HandleRequest($xml_response)
{
//mysql_query("INSERT INTO isc_orderlogs(ordervalue) VALUES ( 'xmlresponse: ".print_r($xml_response,true)."')");
list($root, $data) = $this->response->GetParsedXML($xml_response);
$this->response->SetMerchantAuthentication($this->module->GetValue('merchantid'), $this->module->GetValue('merchanttoken'));
$status = $this->response->HttpAuthentication();
if (!$status) {
$GLOBALS['ISC_CLASS_LOG']->LogSystemError($this->logtype, sprintf(GetLang('GoogleCheckoutHandlerInvalidAuth'), isc_html_escape(GetIp())));
die;
}
$this->module->DebugLog($xml_response);
$GLOBALS['ISC_CLASS_LOG']->LogSystemDebug($this->logtype, 'Authenticated request of type ' . isc_html_escape($root) . ' recieved.');
switch ($root) {
case "request-received":
case "error":
case "diagnosis":
case "checkout-redirect":
break;
case "new-order-notification":
$this->module->cartid = $data[$root]['shopping-cart']['merchant-private-data']['VALUE'];
$GLOBALS['ISC_CLASS_LOG']->LogSystemDebug($this->logtype, 'New order notification recieved for cart id: ' . isc_html_escape($this->module->cartid));
$this->CreateOrder();
$this->response->SendAck();
break;
case "order-state-change-notification":
//mysql_query("INSERT INTO isc_orderlogs(ordervalue) VALUES ( '1: ".print_r($data,true)."')");
$this->HandleStateChange($data[$root]);
$this->response->SendAck();
break;
case "charge-amount-notification":
//mysql_query("INSERT INTO isc_orderlogs(ordervalue) VALUES ( '2: ".print_r($data,true)."')");
$this->HandleAmountNotification($root, $data);
$this->response->SendAck();
break;
case "chargeback-amount-notification":
//mysql_query("INSERT INTO isc_orderlogs(ordervalue) VALUES ( '3: ".print_r($data,true)."')");
$this->HandleAmountNotification($root, $data);
$this->response->SendAck();
break;
case "refund-amount-notification":
//mysql_query("INSERT INTO isc_orderlogs(ordervalue) VALUES ( '4: ".print_r($data,true)."')");
$this->HandleAmountNotification($root, $data);
$this->response->SendAck();
break;
case "risk-information-notification":
//mysql_query("INSERT INTO isc_orderlogs(ordervalue) VALUES ( '5: ".print_r($data,true)."')");
$GLOBALS['ISC_CLASS_LOG']->LogSystemSuccess($this->logtype, GetLang('GoogleCheckoutHandlerGotRiskInfo'));
$this->ProcessRiskInformation($data[$root]);
$this->response->SendAck();
break;
case 'merchant-calculation-callback':
//mysql_query("INSERT INTO isc_orderlogs(ordervalue) VALUES ( '6: ".print_r($data,true)."')");
$this->HandleMerchantCallback($data);
break;
default:
//mysql_query("INSERT INTO isc_orderlogs(ordervalue) VALUES ( '7: ".print_r($data,true)."')");
$this->response->SendBadRequestStatus("Invalid or not supported Message");
break;
}
}
public function Add()
{
if ($this->_POST) {
//提交添加
$Data['UserName'] = trim($this->_POST['UserName']);
$PassWord = trim($this->_POST['PassWord']);
$Data['PassWord'] = md5($PassWord);
$Data['EnterpriseName'] = trim($this->_POST['EnterpriseName']);
$Data['ContactName'] = trim($this->_POST['ContactName']);
$Data['ContactTel'] = trim($this->_POST['ContactTel']);
$Data['ContactEmail'] = trim($this->_POST['ContactEmail']);
$Data['ContactAddress'] = trim($this->_POST['ContactAddress']);
$Data['Remarks'] = trim($this->_POST['Remarks']);
$Data['RegTime'] = time();
$Data['FromIP'] = GetIp();
$Data['FengXinAgentPriceID'] = trim($this->_POST['FengXinAgentPriceID']);
$Data['GBaoPenAgentPriceID'] = trim($this->_POST['GBaoPenAgentPriceID']);
if (strlen($Data['PassWord']) < 3 || strlen($PassWord) < 6) {
$this->__Message('信息填写不完整!');
}
$AgentModule = new AgentModule();
$AgentInfo = $AgentModule->GetOneInfoByArrayKeys(array('UserName' => $Data['UserName']));
if (!empty($AgentInfo)) {
$this->__Message('该用户名已经被使用过!');
}
if ($Data['EnterpriseName'] == '' || $Data['ContactName'] == '' || $Data['ContactTel'] == '') {
$this->__Message('信息填写不完整!');
}
if ($AgentModule->InsertArray($Data)) {
$this->__Message('添加代理商成功!', UrlRewriteSimple($this->MyModule, 'Lists', true), '继续操作');
} else {
$this->__Message('添加代理商失败,请再一次尝试!');
}
} else {
include 'Include/LevelArray.php';
$AgentPriceModule = new AgentPriceModule();
//风信代理
$LevelArray = $AgentPriceModule->GetLists('where ProjectID=7');
$this->LevelArray = $LevelArray;
//G宝盆代理
$GBaoPenLevelArray = $AgentPriceModule->GetLists('where ProjectID=1');
$this->GBaoPenLevelArray = $GBaoPenLevelArray;
}
}
function GetIpLookup($ip = '')
{
if (empty($ip)) {
$ip = GetIp();
}
$res = @file_get_contents('http://int.dpool.sina.com.cn/iplookup/iplookup.php?format=js&ip=' . $ip);
if (empty($res)) {
return false;
}
$jsonMatches = array();
preg_match('#\\{.+?\\}#', $res, $jsonMatches);
if (!isset($jsonMatches[0])) {
return false;
}
$json = json_decode($jsonMatches[0], true);
if (isset($json['ret']) && $json['ret'] == 1) {
$json['ip'] = $ip;
unset($json['ret']);
} else {
return false;
}
return $json;
}
for ($i = 1; $i < 13; $i++) {
if ($i == 1) {
$id_session = substr($allchars, rand(0, 35), 1);
}
$id_session .= substr($allchars, rand(0, 35), 1);
}
$queryOTROID = "SELECT * FROM kdc_usuarios WHERE id_session = '{$id_session}'";
$ResultOTROID = mysql_query($queryOTROID) or die("mysql_query failed (index.php)<BR>" . $queryOTROID . "<br>" . mysql_error());
$num_filas_otro_id = mysql_num_rows($ResultOTROID);
} while ($num_filas_otro_id != 0);
if ($RowSEL['camuflaje'] == 0) {
$online = 1;
} else {
$online = 0;
}
$queryUPD = "UPDATE kdc_usuarios SET id_session='" . $id_session . "', online = " . $online . ", last_conex = " . time() . ", ip = '" . GetIp() . "', navegador = " . $nav . " WHERE id_u = " . $RowSEL['id_u'];
$ResultUPD = mysql_query($queryUPD);
if (time() - $RowSEL['last_conex'] > $RowCONF['session_usuarios'] * 60) {
$queryUPD = "UPDATE kdc_usuarios SET visitas = visitas + 1 WHERE id_u = " . $RowSEL['id_u'];
$ResultUPD = mysql_query($queryUPD);
}
$queryDEL = "DELETE FROM kdc_usuarios_invitados WHERE id_session = '" . $id_session_invitados . "'";
$ResultDEL = mysql_query($queryDEL);
setcookie("ssivtd");
setcookie("ssivtd", $id_session, time() + 20 * 60, "", "", 0);
?>
<script>window.opener.location="kdc.php?id_session=<?php
echo $id_session;
?>
";window.close();</script>
<?php
}
} else {
$querySELMAX = "SELECT id_inv FROM kdc_usuarios_invitados ORDER BY id_inv";
$ResultSELMAX = mysql_query($querySELMAX);
if (mysql_num_rows($ResultSELMAX)) {
while ($RowSELMAX = mysql_fetch_array($ResultSELMAX)) {
$id_inv = $RowSELMAX['id_inv'];
}
$id_inv++;
} else {
$id_inv = 1;
}
$queryCONF = "SELECT * FROM kdc_configuracion WHERE id=1";
$ResultCONF = mysql_query($queryCONF);
if ($RowCONF = mysql_fetch_array($ResultCONF)) {
$queryINS = "INSERT INTO kdc_usuarios_invitados (id_inv, id_session, ip, nombre, last_conex, skin) VALUES (" . $id_inv . ", '" . $id_session . "', '" . GetIp() . "', 'Invitado', " . time() . ", " . $RowCONF['estilo'] . ")";
$ResultINS = mysql_query($queryINS);
}
}
} else {
$queryINV3 = "SELECT * FROM kdc_usuarios_invitados";
$ResultINV3 = mysql_query($queryINV3);
while ($RowINV3 = mysql_fetch_array($ResultINV3)) {
if (time() - $RowINV3['last_conex'] > $RowCONF['session_invitados'] * 60) {
$queryDEL = "DELETE FROM kdc_usuarios_invitados WHERE id_inv = " . $RowINV3['id_inv'];
$ResultDEL = mysql_query($queryDEL);
}
}
}
}
//Calculo del maximo numero usuario online(registrados y invitados), del día
public function pageStart($setPlugin = false)
{
global $setting, $db, $req, $cache;
ob_start();
ob_implicit_flush(false);
$setting['cookie']['prefix'] .= substr(md5($_SERVER["USERNAME"] . $_SERVER["COMPUTERNAME"] . $_SERVER["OS"]), 0, 4) . "_";
if ($setting['session']['mode'] == "sess_file") {
$setting['session']['path'] = ROOT_PATH . "/" . $setting['path']['cache'] . "/session/" . date("Ymd") . "/";
}
$req = $this->getInstance("MyReq", $setting['cookie'], $setting['session']);
$db = $this->getInstance("MySQL", $setting['db']['host'], $setting['db']['user'], $setting['db']['pass'], $setting['db']['charset']);
$cache = $this->getInstance("MyCache", $setting['web']['cache_mode']);
includeCache("website");
includeCache("user_group");
includeCache("user_type");
$setting['info'] = array();
$setting['info']['time'] = $_SERVER['REQUEST_TIME'];
$setting['info']['time_start'] = GetMicrotime();
$setting['info']['self'] = strtolower(basename($req->getServer("PHP_SELF")));
$setting['info']['web'] = null;
$host = $req->getServer("HTTP_HOST");
for ($i = 0, $m = count($GLOBALS['website']); $i < $m; $i++) {
if (strpos("," . $GLOBALS['website'][$i]['host'] . ",", "," . $host . ",") !== false) {
$GLOBALS['website'][$i]['host'] = $host;
$setting['web']['url'] = "http://" . $host;
$setting['info']['web'] = $GLOBALS['website'][$i];
break;
}
}
if (is_null($setting['info']['web'])) {
$setting['info']['web'] = $GLOBALS['website'][0];
}
if ($setting['info']['web'] === false) {
$setting['info']['web'] = getParaInfo("website", "web_id", 1);
}
$setting_sub = getSubSetting($setting['info']['web']['web_id']);
$setting_sub['web']['url'] = $setting['web']['url'];
$setting['db_sub'] = $setting_sub['db'];
if ($setting['db']['name'] == $setting_sub['db']['name']) {
$setting['db']['pre_sub'] = $setting_sub['db']['pre'];
} else {
$setting['db']['pre_sub'] = $setting_sub['db']['name'] . "." . $setting_sub['db']['pre'];
}
unset($setting_sub['db']);
$setting = arrayMerge($setting, $setting_sub);
$req->init($setting['cookie'], $setting['session']);
if ($setPlugin) {
$this->setPlugin();
}
$this->getLanguage(ROOT_PATH . "/source/language/");
$setting['language'] = $this->language;
$req->SessionStart($GLOBALS['sess_handle']);
$max_count = count($this->func_start);
for ($i = 0; $i < $max_count; $i++) {
call_user_func($this->func_start[$i]);
}
if (checkSign(1)) {
return;
}
$username = $req->getSession("username");
if (empty($username) || $username == "Guest") {
$this->logcheck();
}
$req->setSession("url", "http://" . $req->getServer("HTTP_HOST") . $req->getServer("URL"));
$req->setSession("ip", GetIp());
$setting['info']['user'] = array();
$setting['info']['user']['name'] = $req->getSession("username");
$setting['info']['user']['group'] = getParaInfo("user_group", "group_id", $req->getSession('usergroup'));
$setting['info']['user']['type'] = getParaInfo("user_type", "type_id", $req->getSession('usertype'));
if ($setting['info']['user']['type'] === false) {
$setting['info']['user']['type'] = array('type_id' => '1', 'type_name' => 'Guest', 'view_lvl' => '0');
}
$this->regAjax("reset_psw", "MyStep::ajax_reset_psw");
}
<tr valign=top>
<td class="table_left">
</td>
<td class="table_center">
<?php
if ($_POST) {
$params['host'] = '213.37.50.43';
$params['port'] = 25;
$params['helo'] = exec('hostname');
$params['auth'] = TRUE;
$params['user'] = '******';
$params['pass'] = '******';
$send_params['recipients'] = array('*****@*****.**');
$send_params['headers'] = array('From: "www.loskamikazes.com" <' . $_POST['su_correo'] . '>', 'To: rafaellllknives@yahoo.es', 'Subject: ' . $_POST['asunto']);
$send_params['from'] = $_POST['su_correo'];
$send_params['body'] = "Remitente: " . $_POST['su_correo'] . "\nIP: " . GetIp() . "\n\n" . $_POST['texto'];
if (is_object($smtp = smtp::connect($params)) and $smtp->send($send_params)) {
} else {
$error = 1;
}
if ($error == 1) {
?>
<table cellpadding=0 cellspacing=0 border=0 width="100%" style="text-align:center">
<tr>
<td class="normal">
<label style="color: red; font-size: 20px;">Error al enviar el e-mail</label>
</td>
</tr>
</table>
<?php
} else {
<?php
$id = $req->getGet("id");
$agent = strtolower($req->getServer('HTTP_USER_AGENT'));
if (is_numeric($id) && strpos($agent, "spider") === false && strpos($agent, "bot") === false) {
$goto_url = $db->result($setting['db']['pre'] . "ad_show", "ad_url", array("id", "n=", $id));
if (!empty($goto_url)) {
$if_click = $req->getCookie("img_click_" . $id);
if (!empty($if_click)) {
$new_ip = 0;
} else {
$req->setCookie("img_click_" . $id, "Y", 3600 * 24);
WriteFile(dirname(__FILE__) . "/ipdata/{$id}.csv", "click," . GetIp() . "," . date("Y-m-d H:i:s") . "\n", "ab");
$new_ip = 1;
}
$db->update($setting['db']['pre'] . "ad_show", array("click" => "+1", "ip_click" => "+" . $new_ip), array("id", "n=", $id));
} else {
$goto_url = "/";
}
} else {
$goto_url = "/";
}
$mystep->pageEnd();
/**
* Handle an xml request and perform actions based on the type of request
*
* @param string the raw xml request
*
* @return void
**/
public function HandleRequest($xml_response)
{
list($root, $data) = $this->response->GetParsedXML($xml_response);
if(!empty($data[$root]['serial-number']))
$this->serial = $data[$root]['serial-number'];
$this->response->SetMerchantAuthentication($this->module->GetValue('merchantid'), $this->module->GetValue('merchanttoken'));
$status = $this->response->HttpAuthentication();
if(!$status) {
$GLOBALS['ISC_CLASS_LOG']->LogSystemError($this->logtype, sprintf(GetLang('GoogleCheckoutHandlerInvalidAuth'), isc_html_escape(GetIp())));
die();
}
$this->module->DebugLog($xml_response);
$GLOBALS['ISC_CLASS_LOG']->LogSystemDebug($this->logtype, 'Authenticated request of type '.isc_html_escape($root).' recieved.');
switch ($root) {
case "request-received":
case "error":
case "diagnosis":
case "checkout-redirect":
{
break;
}
case "new-order-notification":
{
$this->module->cartid = $data[$root]['shopping-cart']['merchant-private-data']['VALUE'];
$GLOBALS['ISC_CLASS_LOG']->LogSystemDebug($this->logtype, 'New order notification recieved for cart id: '.isc_html_escape($this->module->cartid));
$this->CreateOrder();
$this->SendAck();
break;
}
case "order-state-change-notification":
{
$this->HandleStateChange($data[$root]);
$this->SendAck();
break;
}
case "authorization-amount-notification":
{
$this->HandleAuthorizationAmountNotification($root, $data);
$this->SendAck();
break;
}
case "charge-amount-notification":
{
$this->HandleAmountNotification($root, $data);
$this->SendAck();
break;
}
case "chargeback-amount-notification":
{
$this->HandleAmountNotification($root, $data);
$this->SendAck();
break;
}
case "refund-amount-notification":
{
$this->HandleAmountNotification($root, $data);
$this->SendAck();
break;
}
case "risk-information-notification":
{
$GLOBALS['ISC_CLASS_LOG']->LogSystemSuccess($this->logtype, GetLang('GoogleCheckoutHandlerGotRiskInfo'));
$this->HandleRiskNotification($root, $data);
$this->SendAck();
break;
}
case 'merchant-calculation-callback':
{
$this->HandleMerchantCallback($data);
break;
}
default:
{
$this->response->SendBadRequestStatus("Invalid or not supported Message");
break;
}
}
}
}
}
$update = base64_encode(serialize($update_info));
WriteFile($cache_file, $update, "wb");
}
if (empty($cs)) {
$cs = $setting['gen']['charset'];
}
client_info("update");
$mydb = new MyDB();
$mydb->init("update", ROOT_PATH . "/" . $setting['path']['cache'] . "/update/");
if (!$mydb->checkTBL()) {
$db_setting = array(array("date", 10), array("idx", 40), array("ver_remote", 30), array("ver_local", 30), array("remote_ip", 50), array("referer", 200), array("charset", 20));
$mydb->createTBL($db_setting);
}
$data = array(date("Y-m-d H:i:s"), md5($v . $ms_version['ver'] . $cs), $v, $ms_version['ver'], GetIp(), $_SERVER["HTTP_REFERER"], $cs);
$mydb->insertDate($data);
$mydb->closeTBL();
echo $update;
break;
case "u_update":
if ($version_u > $v) {
$u_info = array_shift($version);
$u_info['content'] = array();
for ($i = 0, $m = count($u_info['file']); $i < $m; $i++) {
if (file_exists(ROOT_PATH . "/" . $u_info['file'][$i])) {
if (is_dir(ROOT_PATH . "/" . $u_info['file'][$i])) {
$u_info['content'][$i] = ".";
} else {
$u_info['content'][$i] = GetFile(ROOT_PATH . "/" . $u_info['file'][$i]);
$path_parts = pathinfo($u_info['file'][$i]);
?>
&id_firma=<?php
echo $id_firma;
?>
&op=G" method="post" name="form_firmar">
<?php
$queryEDIT = "SELECT * FROM kdc_firmas WHERE id_firma = '" . $id_firma . "'";
$ResultEDIT = mysql_query($queryEDIT);
if ($RowEDIT = mysql_fetch_array($ResultEDIT)) {
if ($id_session == $RowEDIT['id_session']) {
if ($op == "G" and $_POST) {
$queryUPD = "UPDATE kdc_firmas SET ";
$queryUPD .= " autor='" . $_POST['autor'] . "'";
$queryUPD .= ", asunto='" . $_POST['asunto'] . "'";
$queryUPD .= ", texto='" . $_POST['texto2'] . "'";
$queryUPD .= ", ip='" . GetIp() . "'";
$querySELUSU = "SELECT * FROM kdc_usuarios WHERE id_session = '" . $id_session . "'";
$ResultSELUSU = mysql_query($querySELUSU);
if ($RowSELUSU = mysql_fetch_array($ResultSELUSU)) {
$queryUPD .= ", usuario = " . $RowSELUSU['id_u'];
}
$queryUPD .= " WHERE id_firma = '" . $id_firma . "'";
$ResultUPD = mysql_query($queryUPD);
?>
<script>window.opener.location.reload();</script>
<script>window.close();</script>
<?php
}
?>
<table cellpadding=0 cellspacing=0 border=0 width="100%">
<tr>
}
}
if ($id_session != "") {
$querySEL = "SELECT * FROM kdc_usuarios WHERE id_session = '" . $id_session . "'";
$ResultSEL = mysql_query($querySEL);
if ($RowSEL = mysql_fetch_array($ResultSEL)) {
$queryCONF = "SELECT * FROM kdc_configuracion WHERE id=1";
$ResultCONF = mysql_query($queryCONF);
if ($RowCONF = mysql_fetch_array($ResultCONF)) {
if ($op == "G" and $_POST) {
$queryINS = "INSERT INTO kdc_mensajes_comunidad SET fecha = " . time();
$queryINS .= ", id_u='" . $RowSEL['id_u'] . "'";
$queryINS .= ", asunto='" . $_POST['asunto'] . "'";
$queryINS .= ", texto='" . $_POST['texto2'] . "'";
$queryINS .= ", id_session='" . $id_session . "'";
$queryINS .= ", ip='" . GetIp() . "'";
$ResultINS = mysql_query($queryINS);
?>
<script>window.opener.frames['mensajes_registro'].location.reload();</script>
<script>window.close();</script>
<?php
}
?>
<script type='text/javascript' src='js/funciones.js'></script>
<script type='text/javascript' src='js/caracteres.js'></script>
<script type='text/javascript' src='js/x_core.js'></script>
<?php
include "funciones/vista_preliminar.php";
?>
<?php
$queryCONF = "SELECT * FROM kdc_configuracion WHERE id = 1";
$ResultCONF = mysql_query($queryCONF);
if ($RowCONF = mysql_fetch_array($ResultCONF)) {
$querySEL = "SELECT * FROM kdc_usuarios";
$ResultSEL = mysql_query($querySEL);
while ($RowSEL = mysql_fetch_array($ResultSEL)) {
if (time() - $RowSEL['last_conex'] > $RowCONF['session_usuarios'] * 60) {
$id_u = $RowSEL['id_u'];
$queryUPD = "UPDATE kdc_usuarios SET online = 0, id_session='' WHERE id_u = {$id_u}";
$ResultUPD = mysql_query($queryUPD);
}
}
//eliminamos la posibilidad que una firma de pueda volver a editar una vez pasado el tiempo de session
$queryUPD = "UPDATE kdc_firmas SET id_session = '' WHERE (fecha + 1200) < " . time();
$ResultUPD = mysql_query($queryUPD);
$queryUPD = "UPDATE kdc_mensajes_comunidad SET id_session = '' WHERE (fecha + 1200) < " . time();
$ResultUPD = mysql_query($queryUPD);
if ($id_session != "") {
$querySEL = "SELECT * FROM kdc_usuarios WHERE id_session = '" . $id_session . "'";
$ResultSEL = mysql_query($querySEL);
if ($RowSEL = mysql_fetch_array($ResultSEL)) {
$queryUPD = "UPDATE kdc_usuarios SET last_conex = " . time() . ", ip = '" . GetIp() . "' WHERE id_u = " . $RowSEL['id_u'];
$ResultUPD = mysql_query($queryUPD);
setcookie("ssivtd", $id_session, time() + 20 * 60, "", "", 0);
setcookie("amtvst", "1", time() + 20 * 60, "", "", 0);
}
}
}