$smarty->assign('charset', EC_CHARSET);
$smarty->assign('admin_id', $_SESSION['admin_id']);
$smarty->assign('shop_url', urlencode($hhs->url()));
//file_get_content("Auto.php");
$smarty->display('index.htm');
} elseif ($_REQUEST['act'] == 'calculator') {
$smarty->display('calculator.htm');
} elseif ($_REQUEST['act'] == 'clear_cache') {
clear_all_files();
sys_msg($_LANG['caches_cleared']);
} elseif ($_REQUEST['act'] == 'main') {
//开店向导第一步
if (isset($_SESSION['shop_guide']) && $_SESSION['shop_guide'] === true) {
unset($_SESSION['shop_guide']);
//销毁session
hhs_header("Location: ./index.php?act=first\n");
exit;
}
$gd = gd_version();
/* 检查文件目录属性 */
$warning = array();
if ($_CFG['shop_closed']) {
$warning[] = $_LANG['shop_closed_tips'];
}
if (file_exists('../install')) {
$warning[] = $_LANG['remove_install'];
}
if (file_exists('../upgrade')) {
$warning[] = $_LANG['remove_upgrade'];
}
if (file_exists('../demo')) {
$smarty->assign('image_height', $_CFG['image_height']);
$smarty->assign('id', $goods_id);
$smarty->assign('type', 0);
$smarty->assign('cfg', $_CFG);
//$smarty->assign('promotion', get_promotion_info($goods_id));//促销信息
//$smarty->assign('promotion_info', get_promotion_info());
/* 获得商品的信息 */
$goods = get_goods_info($goods_id);
if ($goods['is_mall'] != 1) {
hhs_header("Location: ./\n");
exit;
}
$smarty->assign('d_team_num', $goods['team_num'] - 1);
if ($goods === false) {
/* 如果没有找到任何记录则跳回到首页 */
hhs_header("Location: ./\n");
exit;
} else {
$shop_price = $goods['shop_price'];
//$linked_goods = get_linked_goods($goods_id);
$goods['goods_style_name'] = add_style($goods['goods_name'], $goods['goods_name_style']);
/* 购买该商品可以得到多少钱的优惠劵
if ($goods['bonus_type_id'] > 0)
{
$time = gmtime();
$sql = "SELECT type_money FROM " . $hhs->table('bonus_type') .
" WHERE type_id = '$goods[bonus_type_id]' " .
" AND send_type = '" . SEND_BY_GOODS . "' " .
" AND send_start_date <= '$time'" .
" AND send_end_date >= '$time'";
$goods['bonus_money'] = floatval($db->getOne($sql));
$smarty->assign('record_count', $log_list['record_count']);
$smarty->assign('page_count', $log_list['page_count']);
$sort_flag = sort_flag($log_list['filter']);
$smarty->assign($sort_flag['tag'], $sort_flag['img']);
make_json_result($smarty->fetch('admin_logs.htm'), '', array('filter' => $log_list['filter'], 'page_count' => $log_list['page_count']));
}
/*------------------------------------------------------ */
//-- 批量删除日志记录
/*------------------------------------------------------ */
if ($_REQUEST['act'] == 'batch_drop') {
admin_priv('logs_drop');
$drop_type_date = isset($_POST['drop_type_date']) ? $_POST['drop_type_date'] : '';
/* 按日期删除日志 */
if ($drop_type_date) {
if ($_POST['log_date'] == '0') {
hhs_header("Location: admin_logs.php?act=list\n");
exit;
} elseif ($_POST['log_date'] > '0') {
$where = " WHERE 1 ";
switch ($_POST['log_date']) {
case '1':
$a_week = gmtime() - 3600 * 24 * 7;
$where .= " AND log_time <= '" . $a_week . "'";
break;
case '2':
$a_month = gmtime() - 3600 * 24 * 30;
$where .= " AND log_time <= '" . $a_month . "'";
break;
case '3':
$three_month = gmtime() - 3600 * 24 * 90;
$where .= " AND log_time <= '" . $three_month . "'";
hhs_header("Location: user.php?act=order_detail&order_id={$order_id}\n");
exit;
}
$order_amount = $order['order_amount'] - $order['pay_fee'];
$pay_fee = pay_fee($pay_id, $order_amount);
$order_amount += $pay_fee;
$sql = "UPDATE " . $hhs->table('order_info') . " SET pay_id='{$pay_id}', pay_name='{$payment_info['pay_name']}', pay_fee='{$pay_fee}', order_amount='{$order_amount}'" . " WHERE order_id = '{$order_id}'";
$db->query($sql);
/* 跳转 */
hhs_header("Location: user.php?act=order_detail&order_id={$order_id}\n");
exit;
} elseif ($action == 'save_order_address') {
include_once ROOT_PATH . 'includes/lib_transaction.php';
$address = array('consignee' => isset($_POST['consignee']) ? compile_str(trim($_POST['consignee'])) : '', 'email' => isset($_POST['email']) ? compile_str(trim($_POST['email'])) : '', 'address' => isset($_POST['address']) ? compile_str(trim($_POST['address'])) : '', 'zipcode' => isset($_POST['zipcode']) ? compile_str(make_semiangle(trim($_POST['zipcode']))) : '', 'tel' => isset($_POST['tel']) ? compile_str(trim($_POST['tel'])) : '', 'mobile' => isset($_POST['mobile']) ? compile_str(trim($_POST['mobile'])) : '', 'sign_building' => isset($_POST['sign_building']) ? compile_str(trim($_POST['sign_building'])) : '', 'best_time' => isset($_POST['best_time']) ? compile_str(trim($_POST['best_time'])) : '', 'order_id' => isset($_POST['order_id']) ? intval($_POST['order_id']) : 0);
if (save_order_address($address, $user_id)) {
hhs_header('Location: user.php?act=order_detail&order_id=' . $address['order_id'] . "\n");
exit;
} else {
$err->show($_LANG['order_list_lnk'], 'user.php?act=order_list');
}
} elseif ($action == 'bonus') {
include_once ROOT_PATH . 'includes/lib_transaction.php';
$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
$record_count = $db->getOne("SELECT COUNT(*) FROM " . $hhs->table('user_bonus') . " WHERE user_id = '{$user_id}'");
$smarty->assign('send_bouns', $_REQUEST['send_bouns']);
//$pager = get_pager('user.php', array('act' => $action), $record_count, $page);
$bonus = get_user_bouns_list2($user_id);
if ($_REQUEST['status'] == 'not_start') {
$smarty->assign('status', 'not_start');
$arr = $bonus['not_start'];
$bonus = array();
$goods_link = $hhs->url() . 'goods.php?id=' . $booking_info['goods_id'];
$smarty->assign('user_name', $booking_info['link_man']);
$smarty->assign('goods_link', $goods_link);
$smarty->assign('goods_name', $booking_info['goods_name']);
$smarty->assign('dispose_note', $dispose_note);
$smarty->assign('shop_name', "<a href='" . $hhs->url() . "'>" . $_CFG['shop_name'] . '</a>');
$smarty->assign('send_date', date('Y-m-d'));
$content = $smarty->fetch('str:' . $template['template_content']);
/* 发送邮件 */
if (send_mail($booking_info['link_man'], $booking_info['email'], $template['template_subject'], $content, $template['is_html'])) {
$send_ok = 0;
} else {
$send_ok = 1;
}
}
hhs_header("Location: ?act=detail&id=" . $_REQUEST['rec_id'] . "&send_ok={$send_ok}\n");
exit;
}
/**
* 获取订购信息
*
* @access public
*
* @return array
*/
function get_bookinglist()
{
/* 查询条件 */
$filter['keywords'] = empty($_REQUEST['keywords']) ? '' : trim($_REQUEST['keywords']);
if (isset($_REQUEST['is_ajax']) && $_REQUEST['is_ajax'] == 1) {
$filter['keywords'] = json_str_iconv($filter['keywords']);
/* 添加到购物车 */
if (add_package_to_cart($package->package_id, $package->number)) {
$result['content'] = insert_cart_info();
} else {
$result['message'] = $err->last_message();
$result['error'] = $err->error_no;
$result['package_id'] = stripslashes($package->package_id);
}
}
die($json->encode($result));
} else {
/* 标记购物流程为普通商品 */
$_SESSION['flow_type'] = CART_GENERAL_GOODS;
/* 如果是一步购物,跳到结算中心 */
if ($_CFG['one_step_buy'] == '1') {
hhs_header("Location: flows.php?step=checkout\n");
exit;
}
/* 取得商品列表,计算合计 */
$cart_goods = get_cart_goods();
$smarty->assign('goods_list', $cart_goods['goods_list']);
$smarty->assign('total', $cart_goods['total']);
//购物车的描述的格式化
$smarty->assign('shopping_money', sprintf($_LANG['shopping_money'], $cart_goods['total']['goods_price']));
$smarty->assign('market_price_desc', sprintf($_LANG['than_market_price'], $cart_goods['total']['market_price'], $cart_goods['total']['saving'], $cart_goods['total']['save_rate']));
// 显示收藏夹内的商品
if ($_SESSION['user_id'] > 0) {
require_once ROOT_PATH . 'includes/lib_clips.php';
$collection_goods = get_collection_goods($_SESSION['user_id']);
$smarty->assign('collection_goods', $collection_goods);
}
}
$db->query($sql);
clear_cache_files();
$links[] = array('text' => $_LANG['navigator'], 'href' => 'navigator.php?act=list');
sys_msg($_LANG['edit_ok'], 0, $links);
}
} elseif ($_REQUEST['act'] == 'del') {
$id = (int) $_GET['id'];
$row = $db->getRow("SELECT ctype,cid,type FROM " . $GLOBALS['hhs']->table('nav') . " WHERE id = '{$id}' LIMIT 1");
if ($row['type'] == 'middle' && $row['ctype'] && $row['cid']) {
set_show_in_nav($row['ctype'], $row['cid'], 0);
}
$sql = " DELETE FROM " . $GLOBALS['hhs']->table('nav') . " WHERE id='{$id}' LIMIT 1";
$db->query($sql);
clear_cache_files();
hhs_header("Location: navigator.php?act=list\n");
exit;
} elseif ($_REQUEST['act'] == 'edit_sort_order') {
check_authz_json('nav');
$id = intval($_POST['id']);
$order = json_str_iconv(trim($_POST['val']));
/* 检查输入的值是否合法 */
if (!preg_match("/^[0-9]+\$/", $order)) {
make_json_error(sprintf($_LANG['enter_int'], $order));
} else {
if ($exc->edit("vieworder = '{$order}'", $id)) {
clear_cache_files();
make_json_result(stripslashes($order));
} else {
make_json_error($db->error());
}
include_once ROOT_PATH . 'includes/lib_clips.php';
include_once ROOT_PATH . 'includes/lib_transaction.php';
include_once ROOT_PATH . 'includes/lib_order.php';
$sql = "select * from " . $hhs->table('users') . " where user_id=" . $_SESSION['user_id'];
$user_info = $db->getRow($sql);
$send_id = isset($_REQUEST['send_id']) ? trim($_REQUEST['send_id']) : 0;
if (!empty($send_id)) {
$sql = "select * from " . $hhs->table('send_bonus_type') . " where send_id=" . $send_id;
$send_bonus_type = $db->getRow($sql);
if (empty($send_bonus_type)) {
echo 'send_id参数错误';
exit;
}
if ($send_bonus_type['user_id'] == $_SESSION['user_id']) {
//发放者打开
hhs_header("Location:user.php");
exit;
}
$sql = "select * from " . $hhs->table('user_bonus') . " where send_id=" . $send_id . " and user_id=0 ";
$user_bonus = $db->getAll($sql);
if (empty($user_bonus)) {
//已经领完
$smarty->assign('status', 1);
$smarty->display('share_bonus.dwt');
exit;
} else {
//未领完
$sql = "select * from " . $hhs->table('user_bonus') . " where send_id=" . $send_id . " and user_id= " . $_SESSION['user_id'];
$temp = $db->getRow($sql);
if (!empty($temp)) {
//已经领取过一次
if ($key == $old_rule_index) {
$tmp_rule[$rule_index] = $from_val . ':' . $to_val;
} else {
$tmp_rule[$key] = $val;
}
}
$rule = $tmp_rule;
}
} else {
/* 删除rule */
unset($rule[$rule_index]);
}
$sql = "UPDATE " . $hhs->table('shop_config') . " SET value ='" . serialize($rule) . "' WHERE code='points_rule'";
$db->query($sql);
clear_cache_files();
hhs_header("Location: integrate.php?act=points_set\n");
exit;
}
if ($_REQUEST['act'] == 'save_points') {
$keys = array_keys($_POST);
$cfg = array();
foreach ($keys as $key) {
if (is_array($_POST[$key])) {
$cfg[$key]['bbs_points'] = empty($_POST[$key]['bbs_points']) ? 0 : intval($_POST[$key]['bbs_points']);
$cfg[$key]['fee_points'] = empty($_POST[$key]['fee_points']) ? 0 : intval($_POST[$key]['fee_points']);
$cfg[$key]['pay_points'] = empty($_POST[$key]['pay_points']) ? 0 : intval($_POST[$key]['pay_points']);
$cfg[$key]['rank_points'] = empty($_POST[$key]['rank_points']) ? 0 : intval($_POST[$key]['rank_points']);
}
}
$sql = "SELECT COUNT(*) FROM " . $hhs->table('shop_config') . " WHERE code='points_set'";
if ($db->getOne($sql) == 0) {
$link = "http://" . $_SERVER['HTTP_HOST'] . "/share.php?team_sign=" . $team_info['team_sign'];
$smarty->assign('link', $link);
$smarty->assign('link2', urlencode($link));
$smarty->assign('group_share_ads', $_CFG['group_share_ads']);
$smarty->display('share.dwt');
} elseif ($act == 'link') {
$arr = array('error' => 0);
$share_status = isset($_POST['share_status']) ? $_POST['share_status'] : 1;
$share_type = isset($_POST['share_type']) ? $_POST['share_type'] : 1;
$link_url = isset($_POST['link_url']) ? $_POST['link_url'] : '';
$sql = "insert into " . $hhs->table('share_info') . " (user_id,share_status,share_type,link_url,add_time) value ('{$_SESSION['user_id']}','{$share_status}','{$share_type}'," . " '{$link_url}'," . gmtime() . " ) ";
$r = $db->query($sql);
if ($r) {
echo json_encode($arr);
die;
}
} elseif ($act == 'toalipay') {
$order_id = isset($_REQUEST['order_id']) ? $_REQUEST['order_id'] : '';
if (empty($order_id)) {
die('参数错误');
}
$sql = " SELECT * FROM " . $hhs->table('order_info') . " where order_id=" . $order_id;
$order = $db->getRow($sql);
if (!empty($order['team_sign']) && $order['team_status'] != 0 && !empty($order['pay_time'])) {
hhs_header("location:share.php?team_sign=" . $order['team_sign']);
exit;
} else {
hhs_header("location:user.php?act=order_detail&order_id=" . $order['order_id']);
exit;
}
}
if (send_mail($message_info['user_name'], $message_info['user_email'], $template['template_subject'], $content, $template['is_html'])) {
$send_ok = 0;
} else {
$send_ok = 1;
}
}
hhs_header("Location: ?act=view&id=" . $_REQUEST['msg_id'] . "&send_ok={$send_ok}\n");
exit;
} elseif ($_REQUEST['act'] == 'drop_file') {
/* 删除上传的文件 */
$file = $_GET['file'];
$file = str_replace('/', '', $file);
@unlink('../' . DATA_DIR . '/feedbackimg/' . $file);
/* 更新数据库 */
$db->query("UPDATE " . $hhs->table('feedback') . " SET message_img = '' WHERE msg_id = '{$_GET['id']}'");
hhs_header("Location: user_msg.php?act=view&id=" . $_GET['id'] . "\n");
exit;
}
/**
*
*
* @access public
* @param
*
* @return void
*/
function msg_list()
{
/* 过滤条件 */
$filter['keywords'] = empty($_REQUEST['keywords']) ? '' : trim($_REQUEST['keywords']);
if (isset($_REQUEST['is_ajax']) && $_REQUEST['is_ajax'] == 1) {
$rt = $flashdb[$id];
} else {
$links[] = array('text' => $_LANG['go_url'], 'href' => 'flashplay.php?act=list');
sys_msg($_LANG['id_error'], 0, $links);
}
if (strpos($rt['src'], 'http') === false) {
@unlink(ROOT_PATH . $rt['src']);
}
$temp = array();
foreach ($flashdb as $key => $val) {
if ($key != $id) {
$temp[] = $val;
}
}
put_flash_xml($temp);
hhs_header("Location: flashplay.php?act=list\n");
exit;
} elseif ($_REQUEST['act'] == 'add') {
admin_priv('flash_manage');
if (empty($_POST['step'])) {
$url = isset($_GET['url']) ? $_GET['url'] : 'http://';
$src = isset($_GET['src']) ? $_GET['src'] : '';
$sort = 0;
$rt = array('act' => 'add', 'img_url' => $url, 'img_src' => $src, 'img_sort' => $sort);
assign_query_info();
$smarty->assign('action_link', array('text' => $_LANG['go_url'], 'href' => 'flashplay.php?act=list'));
$smarty->assign('rt', $rt);
$smarty->assign('ur_here', $_LANG['add_picad']);
$smarty->display('flashplay_add.htm');
} elseif ($_POST['step'] == 2) {
if (!empty($_FILES['img_file_src']['name'])) {
/**
* 用户进行密码找回操作时,发送一封确认邮件
*
* @access public
* @param string $uid 用户ID
* @param string $user_name 用户帐号
* @param string $email 用户Email
* @param string $code key
*
* @return boolen $result;
*/
function send_pwd_email($uid, $user_name, $email, $code)
{
if (empty($uid) || empty($user_name) || empty($email) || empty($code)) {
hhs_header("Location: user.php?act=get_password\n");
exit;
}
/* 设置重置邮件模板所需要的内容信息 */
$template = get_mail_template('send_password');
$reset_email = $GLOBALS['hhs']->url() . 'user.php?act=get_password&uid=' . $uid . '&code=' . $code;
$GLOBALS['smarty']->assign('user_name', $user_name);
$GLOBALS['smarty']->assign('reset_email', $reset_email);
$GLOBALS['smarty']->assign('shop_name', $GLOBALS['_CFG']['shop_name']);
$GLOBALS['smarty']->assign('send_date', date('Y-m-d'));
$GLOBALS['smarty']->assign('sent_date', date('Y-m-d'));
$content = $GLOBALS['smarty']->fetch('str:' . $template['template_content']);
/* 发送确认重置密码的确认邮件 */
if (send_mail($user_name, $email, $template['template_subject'], $content, $template['is_html'])) {
return true;
} else {
return false;
}
}
if (!empty($_REQUEST['is_ajax'])) {
make_json_error($_LANG['priv_error']);
} else {
hhs_header("Location: privilege.php?act=login\n");
}
exit;
}
}
$smarty->assign('token', $_CFG['token']);
if ($_REQUEST['act'] != 'login' && $_REQUEST['act'] != 'signin' && $_REQUEST['act'] != 'forget_pwd' && $_REQUEST['act'] != 'reset_pwd' && $_REQUEST['act'] != 'check_order') {
$admin_path = preg_replace('/:\\d+/', '', $hhs->url()) . ADMIN_PATH;
if (!empty($_SERVER['HTTP_REFERER']) && strpos(preg_replace('/:\\d+/', '', $_SERVER['HTTP_REFERER']), $admin_path) === false) {
if (!empty($_REQUEST['is_ajax'])) {
make_json_error($_LANG['priv_error']);
} else {
hhs_header("Location: privilege.php?act=login\n");
}
exit;
}
}
/* 管理员登录后可在任何页面使用 act=phpinfo 显示 phpinfo() 信息 */
if ($_REQUEST['act'] == 'phpinfo' && function_exists('phpinfo')) {
phpinfo();
exit;
}
//header('Cache-control: private');
header('content-type: text/html; charset=' . EC_CHARSET);
header('Expires: Fri, 14 Mar 1980 20:53:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache, must-revalidate');
header('Pragma: no-cache');
$smarty->assign('order_info', $order_info);
$sql = "select count(*) from " . $hhs->table("share_pay_info") . " where order_id=" . $order_id . " and user_id=" . $_SESSION['user_id'] . " and is_paid=1";
$pay_c = $db->getOne($sql);
if ($order_info['pay_status'] == 2 && $pay_c > 0) {
$smarty->assign('imgUrl', $user_info['headimgurl']);
//'http://'.$_SERVER['HTTP_HOST']."/".$goods_list[0]['goods_thumb']
$smarty->assign('title', "找人代付");
$smarty->assign('desc', "付款成功!订单编号:" . $order_info['order_sn']);
//
$link = "http://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
$smarty->assign('link', $link);
$smarty->assign('link2', urlencode($link));
$smarty->assign('is_success', 1);
} else {
$smarty->assign('is_success', 0);
hhs_header("location:index.php");
exit;
}
$smarty->display('share_success.dwt');
} elseif ($act == 'to_confirm') {
$wxdesc = $_REQUEST['wxdesc'];
$share_pay_type = $_REQUEST['share_pay_type'];
$sql = "update " . $hhs->table('order_info') . " set wxdesc='{$wxdesc}',share_pay_type='{$share_pay_type}' where order_id=" . $order_id;
$db->query($sql);
$order_info = order_info($order_id);
$smarty->assign('progress', number_format($order_info['money_paid'] * 100 / ($order_info['money_paid'] + $order_info['order_amount']), 2));
$smarty->assign('order_info', $order_info);
$smarty->assign('imgUrl', $user_info['headimgurl']);
//'http://'.$_SERVER['HTTP_HOST']."/".$goods_list[0]['goods_thumb']
$smarty->assign('title', "代付");
$smarty->assign('desc', mb_substr($order_info['wxdesc'], 0, 30, 'utf-8'));
} elseif ($_REQUEST['act'] == 'remove') {
check_authz_json('group_by');
$id = intval($_GET['id']);
/* 取得团购活动信息 */
$group_buy = group_buy_info($id);
/* 如果团购活动已经有订单,不能删除 */
if ($group_buy['valid_order'] > 0) {
make_json_error($_LANG['error_exist_order']);
}
/* 删除团购活动 */
$sql = "DELETE FROM " . $hhs->table('goods_activity') . " WHERE act_id = '{$id}' LIMIT 1";
$db->query($sql);
admin_log(addslashes($group_buy['goods_name']) . '[' . $id . ']', 'remove', 'group_buy');
clear_cache_files();
$url = 'group_buy.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
hhs_header("Location: {$url}\n");
exit;
}
/*
* 取得团购活动列表
* @return array
*/
function group_buy_list()
{
$result = get_filter();
if ($result === false) {
/* 过滤条件 */
$filter['keyword'] = empty($_REQUEST['keyword']) ? '' : trim($_REQUEST['keyword']);
if (isset($_REQUEST['is_ajax']) && $_REQUEST['is_ajax'] == 1) {
$filter['keyword'] = json_str_iconv($filter['keyword']);
}
if (isset($_REQUEST['cat_id']) && $_REQUEST['cat_id'] < 0) {
$article_id = $db->getOne("SELECT article_id FROM " . $hhs->table('article') . " WHERE cat_id = '" . intval($_REQUEST['cat_id']) . "' ");
}
/*------------------------------------------------------ */
//-- PROCESSOR
/*------------------------------------------------------ */
$cache_id = sprintf('%X', crc32($_REQUEST['id'] . '-' . $_CFG['lang']));
if (!$smarty->is_cached('article.dwt', $cache_id)) {
/* 文章详情 */
$article = get_article_info($article_id);
if (empty($article)) {
hhs_header("Location: ./\n");
exit;
}
if (!empty($article['link']) && $article['link'] != 'http://' && $article['link'] != 'https://') {
hhs_header("location:{$article['link']}\n");
exit;
}
$smarty->assign('news', get_shop_news());
$smarty->assign('id', $article_id);
$smarty->assign('article', $article);
$smarty->assign('keywords', htmlspecialchars($article['keywords']));
$smarty->assign('description', htmlspecialchars($article['description']));
$catlist = array();
foreach (get_article_parent_cats($article['cat_id']) as $k => $v) {
$catlist[] = $v['cat_id'];
}
assign_template('a', $catlist);
$position = assign_ur_here($article['cat_id'], $article['title']);
$smarty->assign('page_title', $position['title']);
// 页面标题
