} else {
$links[] = array('text' => $_LANG['return_edit'], 'href' => 'flashplay.php?act=edit&id=' . $id);
sys_msg($_LANG['src_empty'], 0, $links);
}
}
if (strpos($rt['src'], 'http') === false && $rt['src'] != $src) {
@unlink(ROOT_PATH . $rt['src']);
}
$flashdb[$id] = array('src' => $src, 'url' => $_POST['img_url'], 'text' => $_POST['img_text']);
put_flash_xml($flashdb);
set_flash_data($_CFG['flash_theme'], $error_msg = '');
$links[] = array('text' => $_LANG['go_url'], 'href' => 'flashplay.php?act=list');
sys_msg($_LANG['edit_ok'], 0, $links);
}
} elseif ($_REQUEST['act'] == 'install') {
check_authz_json('flash_manage');
$flash_theme = trim($_GET['flashtpl']);
if ($_CFG['flash_theme'] != $flash_theme) {
$sql = "UPDATE " . $GLOBALS['ecs']->table('shop_config') . " SET value = '{$flash_theme}' WHERE code = 'flash_theme'";
if ($db->query($sql, 'SILENT')) {
clear_all_files();
//清除模板编译文件
$error_msg = '';
if (set_flash_data($flash_theme, $error_msg)) {
make_json_error($error_msg);
} else {
make_json_result($flash_theme, $_LANG['install_success']);
}
} else {
make_json_error($db->error());
}
$id = intval($_GET['id']);
/* 鑾峰彇鍒犻櫎鐨勬爣绛剧殑鍚嶇О */
$tag_name = $db->getOne("SELECT tag_words FROM " . $ecs->table('tag') . " WHERE tag_id = '{$id}'");
$sql = "DELETE FROM " . $ecs->table('tag') . " WHERE tag_id = '{$id}'";
$result = $GLOBALS['db']->query($sql);
if ($result) {
/* 绠$悊鍛樻棩蹇 */
admin_log(addslashes($tag_name), 'remove', 'tag_manage');
$url = 'tag_manage.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
ecs_header("Location: {$url}\n");
exit;
} else {
make_json_error($db->error());
}
} elseif ($_REQUEST['act'] == "edit_tag_name") {
check_authz_json('tag_manage');
$name = json_str_iconv(trim($_POST['val']));
$id = intval($_POST['id']);
if (!tag_is_only($name, $id)) {
make_json_error(sprintf($_LANG['tagword_exist'], $name));
} else {
edit_tag($name, $id);
make_json_result(stripslashes($name));
}
}
/**
* 鍒ゆ柇鍚屼竴鍟嗗搧鐨勬爣绛炬槸鍚﹀敮涓€
*
* @param $name 鏍囩?鍚
* @param $id 鏍囩?id
* @return bool
/*------------------------------------------------------ */
if ($_REQUEST['act'] == 'query') {
$list = get_bookinglist();
$smarty->assign('booking_list', $list['item']);
$smarty->assign('filter', $list['filter']);
$smarty->assign('record_count', $list['record_count']);
$smarty->assign('page_count', $list['page_count']);
$sort_flag = sort_flag($list['filter']);
$smarty->assign($sort_flag['tag'], $sort_flag['img']);
make_json_result($smarty->fetch('booking_list.htm'), '', array('filter' => $list['filter'], 'page_count' => $list['page_count']));
}
/*------------------------------------------------------ */
//-- 删除缺货登记
/*------------------------------------------------------ */
if ($_REQUEST['act'] == 'remove') {
check_authz_json('booking');
$id = intval($_GET['id']);
$db->query("DELETE FROM " . $ecs->table('booking_goods') . " WHERE rec_id='{$id}'");
$url = 'goods_booking.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
ecs_header("Location: {$url}\n");
exit;
}
/*------------------------------------------------------ */
//-- 显示详情
/*------------------------------------------------------ */
if ($_REQUEST['act'] == 'detail') {
$id = intval($_REQUEST['id']);
$smarty->assign('send_fail', !empty($_REQUEST['send_ok']));
$smarty->assign('booking', get_booking_info($id));
$smarty->assign('ur_here', $_LANG['detail']);
$smarty->assign('action_link', array('text' => $_LANG['06_undispose_booking'], 'href' => 'goods_booking.php?act=list_all'));
{
make_json_result('', $_LANG['sendemail_success'] . $email);
}
else
{
make_json_error(join("\n", $err->_message));
}
}
/*------------------------------------------------------ */
//-- 删除上传文件
/*------------------------------------------------------ */
elseif ($_REQUEST['act'] == 'del')
{
/* 检查权限 */
check_authz_json('shop_config');
/* 取得参数 */
$code = trim($_GET['code']);
$filename = $_CFG[$code];
//删除文件
@unlink($filename);
//更新设置
update_configure($code, '');
/* 记录日志 */
admin_log('', 'edit', 'shop_config');
$exc->edit("is_open = '0'", $id);
}
}
/* 批量显示 */
if ($_POST['type'] == 'button_show') {
check_authz_json('article_manage');
if (!isset($_POST['checkboxes']) || !is_array($_POST['checkboxes'])) {
sys_msg($_LANG['no_select_article'], 1);
}
foreach ($_POST['checkboxes'] as $key => $id) {
$exc->edit("is_open = '1'", $id);
}
}
/* 批量移动分类 */
if ($_POST['type'] == 'move_to') {
check_authz_json('article_manage');
if (!isset($_POST['checkboxes']) || !is_array($_POST['checkboxes'])) {
sys_msg($_LANG['no_select_article'], 1);
}
if (!$_POST['target_cat']) {
sys_msg($_LANG['no_select_act'], 1);
}
foreach ($_POST['checkboxes'] as $key => $id) {
$exc->edit("cat_id = '" . $_POST['target_cat'] . "'", $id);
}
}
}
/* 清除缓存 */
clear_cache_files();
$lnk[] = array('text' => $_LANG['back_list'], 'href' => 'article.php?act=list');
sys_msg($_LANG['batch_handle_ok'], 0, $lnk);
check_authz_json('ad_manage');
$id = intval($_POST['id']);
$ad_name = json_str_iconv(trim($_POST['val']));
/* 检查广告名称是否重复 */
if ($exc->num('ad_name', $ad_name, $id) != 0) {
make_json_error(sprintf($_LANG['ad_name_exist'], $ad_name));
} else {
if ($exc->edit("ad_name = '{$ad_name}'", $id)) {
admin_log($ad_name, 'edit', 'ads');
make_json_result(stripslashes($ad_name));
} else {
make_json_error($db->error());
}
}
} elseif ($_REQUEST['act'] == 'remove') {
check_authz_json('ad_manage');
$id = intval($_GET['id']);
$img = $exc->get_name($id, 'ad_code');
$exc->drop($id);
if (strpos($img, 'http://') === false && strpos($img, 'https://') === false) {
$img_name = basename($img);
@unlink(ROOT_PATH . DATA_DIR . '/afficheimg/' . $img_name);
}
admin_log('', 'remove', 'ads');
$url = 'ads.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
ecs_header("Location: {$url}\n");
exit;
}
/* 获取广告数据列表 */
function get_adslist()
{
make_json_error('NO ORDER ID');
exit;
}
$sql = 'UPDATE ' . $GLOBALS['ecs']->table('order_info') . " SET invoice_no='{$no}' WHERE order_id = '{$order_id}'";
if ($GLOBALS['db']->query($sql)) {
if (empty($no)) {
make_json_result('N/A');
} else {
make_json_result(stripcslashes($no));
}
} else {
make_json_error($GLOBALS['db']->errorMsg());
}
} elseif ($_REQUEST['act'] == 'edit_pay_note') {
/* 检查权限 */
check_authz_json('order_edit');
$no = empty($_POST['val']) ? 'N/A' : json_str_iconv(trim($_POST['val']));
$no = $no == 'N/A' ? '' : $no;
$order_id = empty($_POST['id']) ? 0 : intval($_POST['id']);
if ($order_id == 0) {
make_json_error('NO ORDER ID');
exit;
}
$sql = 'UPDATE ' . $GLOBALS['ecs']->table('order_info') . " SET pay_note='{$no}' WHERE order_id = '{$order_id}'";
if ($GLOBALS['db']->query($sql)) {
if (empty($no)) {
make_json_result('N/A');
} else {
make_json_result(stripcslashes($no));
}
} else {
}
$users =& init_users();
if ($users->edit_user($id, $username)) {
if ($_CFG['integrate_code'] != 'ecshop') {
/* 更新商城会员表 */
$db->query('UPDATE ' . $ecs->table('users') . " SET user_name = '{$username}' WHERE user_id = '{$id}'");
}
admin_log(addslashes($username), 'edit', 'users');
make_json_result(stripcslashes($username));
} else {
$msg = $users->error == ERR_USERNAME_EXISTS ? $GLOBALS['_LANG']['username_exists'] : $GLOBALS['_LANG']['edit_user_failed'];
make_json_error($msg);
}
} elseif ($_REQUEST['act'] == 'edit_email') {
/* 检查权限 */
check_authz_json('users_manage');
$id = empty($_REQUEST['id']) ? 0 : intval($_REQUEST['id']);
$email = empty($_REQUEST['val']) ? '' : json_str_iconv(trim($_REQUEST['val']));
$users =& init_users();
$sql = "SELECT user_name FROM " . $ecs->table('users') . " WHERE user_id = '{$id}'";
$username = $db->getOne($sql);
if (is_email($email)) {
if ($users->edit_user(array('username' => $username, 'email' => $email))) {
admin_log(addslashes($username), 'edit', 'users');
make_json_result(stripcslashes($email));
} else {
$msg = $users->error == ERR_EMAIL_EXISTS ? $GLOBALS['_LANG']['email_exists'] : $GLOBALS['_LANG']['edit_user_failed'];
make_json_error($msg);
}
} else {
make_json_error($GLOBALS['_LANG']['invalid_email']);
$smarty->assign('priv_arr', $priv_arr);
$smarty->assign('user_id', $_GET['id']);
assign_query_info();
$smarty->display('role_info.htm');
} elseif ($_REQUEST['act'] == 'update') {
/* 更新管理员的权限 */
$act_list = @join(",", $_POST['action_code']);
$sql = "UPDATE " . $ecs->table('role') . " SET action_list = '{$act_list}', role_name = '" . $_POST['user_name'] . "', role_describe = '" . $_POST['role_describe'] . " ' " . "WHERE role_id = '{$_POST['id']}'";
$db->query($sql);
$user_sql = "UPDATE " . $ecs->table('admin_user') . " SET action_list = '{$act_list}' " . "WHERE role_id = '{$_POST['id']}'";
$db->query($user_sql);
/* 提示信息 */
$link[] = array('text' => $_LANG['back_admin_list'], 'href' => 'role.php?act=list');
sys_msg($_LANG['edit'] . " " . $_POST['user_name'] . " " . $_LANG['action_succeed'], 0, $link);
} elseif ($_REQUEST['act'] == 'remove') {
check_authz_json('admin_drop');
$id = intval($_GET['id']);
$num_sql = "SELECT count(*) FROM " . $ecs->table('admin_user') . " WHERE role_id = '{$_GET['id']}'";
$remove_num = $db->getOne($num_sql);
if ($remove_num > 0) {
make_json_error($_LANG['remove_cannot_user']);
} else {
$exc->drop($id);
$url = 'role.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
}
ecs_header("Location: {$url}\n");
exit;
}
/* 获取角色列表 */
function get_role_list()
{
$url = 'attribute.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
ecs_header("Location: {$url}\n");
exit;
} elseif ($_REQUEST['act'] == 'get_attr_num') {
check_authz_json('attr_manage');
$id = intval($_GET['attr_id']);
$sql = "SELECT COUNT(*) " . " FROM " . $ecs->table('goods_attr') . " AS a, " . $ecs->table('goods') . " AS g " . " WHERE g.goods_id = a.goods_id AND g.is_delete = 0 AND attr_id = '{$id}' ";
$goods_num = $db->getOne($sql);
if ($goods_num > 0) {
$drop_confirm = sprintf($_LANG['notice_drop_confirm'], $goods_num);
} else {
$drop_confirm = $_LANG['drop_confirm'];
}
make_json_result(array('attr_id' => $id, 'drop_confirm' => $drop_confirm));
} elseif ($_REQUEST['act'] == 'get_attr_groups') {
check_authz_json('attr_manage');
$cat_id = intval($_GET['cat_id']);
$groups = get_attr_groups($cat_id);
make_json_result($groups);
}
/*------------------------------------------------------ */
//-- PRIVATE FUNCTIONS
/*------------------------------------------------------ */
/**
* 获取属性列表
*
* @return array
*/
function get_attrlist()
{
/* 查询条件 */
$links[] = array('text' => $_LANG['navigator'], 'href' => 'navigator.php?act=list');
sys_msg($_LANG['edit_ok'], 0, $links);
}
} elseif ($_REQUEST['act'] == 'del') {
$id = (int) $_GET['id'];
$row = $db->getRow("SELECT ctype,cid,type FROM " . $GLOBALS['ecs']->table('nav') . " WHERE id = '{$id}' LIMIT 1");
if ($row['type'] == 'middle' && $row['ctype'] && $row['cid']) {
set_show_in_nav($row['ctype'], $row['cid'], 0);
}
$sql = " DELETE FROM " . $GLOBALS['ecs']->table('nav') . " WHERE id='{$id}' LIMIT 1";
$db->query($sql);
clear_cache_files();
ecs_header("Location: navigator.php?act=list\n");
exit;
} elseif ($_REQUEST['act'] == 'edit_sort_order') {
check_authz_json('nav');
$id = intval($_POST['id']);
$order = json_str_iconv(trim($_POST['val']));
/* 检查输入的值是否合法 */
if (!preg_match("/^[0-9]+\$/", $order)) {
make_json_error(sprintf($_LANG['enter_int'], $order));
} else {
if ($exc->edit("vieworder = '{$order}'", $id)) {
clear_cache_files();
make_json_result(stripslashes($order));
} else {
make_json_error($db->error());
}
}
}
/*------------------------------------------------------ */
make_json_error($_LANG['backup_failed']);
}
}
/*------------------------------------------------------ */
//-- 载入指定库项目的内容
/*------------------------------------------------------ */
if ($_REQUEST['act'] == 'load_library') {
$library = load_library($_CFG['template'], trim($_GET['lib']));
$message = $library['mark'] & 7 ? '' : $_LANG['library_not_written'];
make_json_result($library['html'], $message);
}
/*------------------------------------------------------ */
//-- 更新库项目内容
/*------------------------------------------------------ */
if ($_REQUEST['act'] == 'update_library') {
check_authz_json('library_manage');
$html = stripslashes(json_str_iconv($_POST['html']));
$lib_file = '../themes/' . $_CFG['template'] . '/library/' . $_POST['lib'] . '.lbi';
$lib_file = str_replace("0xa", '', $lib_file);
// 过滤 0xa 非法字符
$org_html = str_replace("", '', file_get_contents($lib_file));
if (@file_exists($lib_file) === true && @file_put_contents($lib_file, $html)) {
@file_put_contents('../temp/backup/library/' . $_CFG['template'] . '-' . $_POST['lib'] . '.lbi', $org_html);
make_json_result('', $_LANG['update_lib_success']);
} else {
make_json_error(sprintf($_LANG['update_lib_failed'], 'themes/' . $_CFG['template'] . '/library'));
}
}
/*------------------------------------------------------ */
//-- 还原库项目
/*------------------------------------------------------ */
$val_array[1] = 0;
}
$sql = "INSERT INTO " . $hhs->table('package_goods') . " (package_id, goods_id, product_id, goods_number, admin_id) " . "VALUES ('{$package_id}', '" . $val_array[0] . "', '" . $val_array[1] . "', '{$number}', '{$_SESSION['admin_id']}')";
$db->query($sql, 'SILENT');
}
$arr = get_package_goods($package_id);
$opt = array();
foreach ($arr as $val) {
$opt[] = array('value' => $val['g_p'], 'text' => $val['goods_name'], 'data' => '');
}
clear_cache_files();
make_json_result($opt);
} elseif ($_REQUEST['act'] == 'drop_package_goods') {
include_once ROOT_PATH . 'includes/cls_json.php';
$json = new JSON();
check_authz_json('package_manage');
$fittings = $json->decode($_GET['drop_ids']);
$arguments = $json->decode($_GET['JSON']);
$package_id = $arguments[0];
$goods = array();
$g_p = array();
foreach ($fittings as $val) {
$val_array = explode('_', $val);
if (isset($val_array[1]) && $val_array[1] > 0) {
$g_p['product_id'][] = $val_array[1];
$g_p['goods_id'][] = $val_array[0];
} else {
$goods[] = $val_array[0];
}
}
if (!empty($goods)) {
if ($exc_cat->num("cat_name", $cat_name) != 0) {
make_json_error($_LANG['catname_exist']);
} else {
$sql = "INSERT INTO " . $ecs->table('article_cat') . " (cat_name, cat_type) VALUES ('{$cat_name}', 0)";
$db->query($sql);
admin_log($cat_name, 'add', 'shophelpcat');
ecs_header("Location: shophelp.php?act=query\n");
exit;
}
} else {
make_json_error($_LANG['js_languages']['no_catname']);
}
ecs_header("Location: shophelp.php?act=list_cat\n");
exit;
} elseif ($_REQUEST['act'] == 'edit_title') {
check_authz_json('shophelp_manage');
$id = intval($_POST['id']);
$title = json_str_iconv(trim($_POST['val']));
/* 检查文章标题是否有重名 */
if ($exc_article->num('title', $title, $id) == 0) {
if ($exc_article->edit("title = '{$title}'", $id)) {
clear_cache_files();
admin_log($title, 'edit', 'shophelp');
make_json_result(stripslashes($title));
}
} else {
make_json_error(sprintf($_LANG['articlename_exist'], $title));
}
}
/* 获得网店帮助文章分类 */
function get_shophelp_list()
$db->query($sql);
clear_cache_files();
make_json_result(number_format($val, 2));
} elseif ($_REQUEST['act'] == 'edit_restrict_amount') {
check_authz_json('group_by');
$id = intval($_POST['id']);
$val = intval($_POST['val']);
$sql = "SELECT ext_info FROM " . $ecs->table('goods_activity') . " WHERE act_id = '{$id}' AND act_type = '" . GAT_GROUP_BUY . "'";
$ext_info = unserialize($db->getOne($sql));
$ext_info['restrict_amount'] = $val;
$sql = "UPDATE " . $ecs->table('goods_activity') . " SET ext_info = '" . serialize($ext_info) . "'" . " WHERE act_id = '{$id}'";
$db->query($sql);
clear_cache_files();
make_json_result($val);
} elseif ($_REQUEST['act'] == 'remove') {
check_authz_json('group_by');
$id = intval($_GET['id']);
/* 取得团购活动信息 */
$group_buy = group_buy_info($id);
/* 如果团购活动已经有订单,不能删除 */
if ($group_buy['valid_order'] > 0) {
make_json_error($_LANG['error_exist_order']);
}
/* 删除团购活动 */
$sql = "DELETE FROM " . $ecs->table('goods_activity') . " WHERE act_id = '{$id}' LIMIT 1";
$db->query($sql);
admin_log(addslashes($group_buy['goods_name']) . '[' . $id . ']', 'remove', 'group_buy');
clear_cache_files();
$url = 'group_buy.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
ecs_header("Location: {$url}\n");
exit;
} elseif ($_REQUEST['act'] == 'batch_remove') {
admin_priv('exchange_goods');
if (!isset($_POST['checkboxes']) || !is_array($_POST['checkboxes'])) {
sys_msg($_LANG['no_select_goods'], 1);
}
$count = 0;
foreach ($_POST['checkboxes'] as $key => $id) {
if ($exc->drop($id)) {
admin_log($id, 'remove', 'exchange_goods');
$count++;
}
}
$lnk[] = array('text' => $_LANG['back_list'], 'href' => 'exchange_goods.php?act=list');
sys_msg(sprintf($_LANG['batch_remove_succeed'], $count), 0, $lnk);
} elseif ($_REQUEST['act'] == 'remove') {
check_authz_json('exchange_goods');
$id = intval($_GET['id']);
if ($exc->drop($id)) {
admin_log($id, 'remove', 'article');
clear_cache_files();
}
$url = 'exchange_goods.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
ecs_header("Location: {$url}\n");
exit;
} elseif ($_REQUEST['act'] == 'search_goods') {
include_once ROOT_PATH . 'includes/cls_json.php';
$json = new JSON();
$filters = $json->decode($_GET['JSON']);
$arr = get_goods_list($filters);
make_json_result($arr);
}
$val = isset($_REQUEST['val']) ? json_str_iconv(trim($_REQUEST['val'])) : '';
check_authz_json('reg_fields');
if (is_numeric($val)) {
if ($exc->edit("dis_order = '{$val}'", $id)) {
/* 管理员日志 */
admin_log($val, 'edit', 'reg_fields');
clear_cache_files();
make_json_result(stripcslashes($val));
} else {
make_json_error($db->error());
}
} else {
make_json_error($_LANG['order_not_num']);
}
} elseif ($_REQUEST['act'] == 'toggle_dis') {
check_authz_json('reg_fields');
$id = intval($_POST['id']);
$is_dis = intval($_POST['val']);
if ($exc->edit("display = '{$is_dis}'", $id)) {
clear_cache_files();
make_json_result($is_dis);
}
} elseif ($_REQUEST['act'] == 'toggle_need') {
check_authz_json('reg_fields');
$id = intval($_POST['id']);
$is_need = intval($_POST['val']);
if ($exc->edit("is_need = '{$is_need}'", $id)) {
clear_cache_files();
make_json_result($is_need);
}
}
$id = intval($_POST['id']);
$val = json_str_iconv(trim($_POST['val']));
/* 取得该区域所属的配送id */
$shipping_id = $exc->get_name($id, 'shipping_id');
/* 检查是否有重复的配送区域名称 */
if (!$exc->is_only('shipping_area_name', $val, $id, "shipping_id = '{$shipping_id}'")) {
make_json_error($_LANG['repeat_area_name']);
}
/* 更新名称 */
$exc->edit("shipping_area_name = '{$val}'", $id);
/* 记录日志 */
admin_log($val, 'edit', 'shipping_area');
/* 返回 */
make_json_result(stripcslashes($val));
} elseif ($_REQUEST['act'] == 'remove_area') {
check_authz_json('shiparea_manage');
$id = intval($_GET['id']);
$name = $exc->get_name($id);
$shipping_id = $exc->get_name($id, 'shipping_id');
$exc->drop($id);
$db->query('DELETE FROM ' . $ecs->table('area_region') . ' WHERE shipping_area_id=' . $id);
admin_log($name, 'remove', 'shipping_area');
$list = get_shipping_area_list($shipping_id);
$smarty->assign('areas', $list);
make_json_result($smarty->fetch('shipping_area_list.htm'));
}
/**
* 取得配送区域列表
* @param int $shipping_id 配送id
*/
function get_shipping_area_list($shipping_id)
$smarty->assign('ur_here', $_LANG['08_unreply_msg']);
$smarty->assign('full_page', 1);
$smarty->display('msg_list.htm');
} elseif ($_REQUEST['act'] == 'query') {
$msg_list = msg_list();
$smarty->assign('msg_list', $msg_list['msg_list']);
$smarty->assign('filter', $msg_list['filter']);
$smarty->assign('record_count', $msg_list['record_count']);
$smarty->assign('page_count', $msg_list['page_count']);
$sort_flag = sort_flag($msg_list['filter']);
$smarty->assign($sort_flag['tag'], $sort_flag['img']);
make_json_result($smarty->fetch('msg_list.htm'), '', array('filter' => $msg_list['filter'], 'page_count' => $msg_list['page_count']));
} elseif ($_REQUEST['act'] == 'remove') {
$msg_id = intval($_REQUEST['id']);
/* 检查权限 */
check_authz_json('feedback_priv');
$msg_title = $exc->get_name($msg_id);
$img = $exc->get_name($msg_id, 'message_img');
if ($exc->drop($msg_id)) {
/* 删除图片 */
if (!empty($img)) {
@unlink(ROOT_PATH . DATA_DIR . '/feedbackimg/' . $img);
}
$sql = "DELETE FROM " . $ecs->table('feedback') . " WHERE parent_id = '{$msg_id}' LIMIT 1";
$db->query($sql, 'SILENT');
admin_log(addslashes($msg_title), 'remove', 'message');
$url = 'user_msg.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
ecs_header("Location: {$url}\n");
exit;
} else {
make_json_error($GLOBALS['db']->error());
$order = intval($_POST['val']);
$name = $exc->get_name($id);
if ($exc->edit("sort_order = '{$order}'", $id)) {
admin_log(addslashes($name), 'edit', 'brand');
make_json_result($order);
} else {
make_json_error(sprintf($_LANG['brandedit_fail'], $name));
}
} elseif ($_REQUEST['act'] == 'toggle_show') {
check_authz_json('brand_manage');
$id = intval($_POST['id']);
$val = intval($_POST['val']);
$exc->edit("is_show='{$val}'", $id);
make_json_result($val);
} elseif ($_REQUEST['act'] == 'remove') {
check_authz_json('brand_manage');
$id = intval($_GET['id']);
/* 删除该品牌的图标 */
$sql = "SELECT brand_logo FROM " . $ecs->table('brand') . " WHERE brand_id = '{$id}'";
$logo_name = $db->getOne($sql);
if (!empty($logo_name)) {
@unlink(ROOT_PATH . DATA_DIR . '/brandlogo/' . $logo_name);
}
$exc->drop($id);
/* 更新商品的品牌编号 */
$sql = "UPDATE " . $ecs->table('goods') . " SET brand_id=0 WHERE brand_id='{$id}'";
$db->query($sql);
$url = 'brand.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
ecs_header("Location: {$url}\n");
exit;
} elseif ($_REQUEST['act'] == 'drop_logo') {
// 修改状态
if (isset($_POST['unfreeze'])) {
/* 解冻 */
log_account_change($auction['last_bid']['bid_user'], $auction['deposit'], -1 * $auction['deposit'], 0, 0, sprintf($_LANG['unfreeze_auction_deposit'], $auction['act_name']));
} else {
/* 扣除 */
log_account_change($auction['last_bid']['bid_user'], 0, -1 * $auction['deposit'], 0, 0, sprintf($_LANG['deduct_auction_deposit'], $auction['act_name']));
}
/* 记日志 */
admin_log($auction['act_name'], 'edit', 'auction');
/* 清除缓存 */
clear_cache_files();
/* 提示信息 */
sys_msg($_LANG['settle_deposit_ok']);
} elseif ($_REQUEST['act'] == 'search_goods') {
check_authz_json('auction');
include_once ROOT_PATH . 'includes/cls_json.php';
$json = new JSON();
$filter = $json->decode($_GET['JSON']);
$arr['goods'] = get_goods_list($filter);
if (!empty($arr['goods'][0]['goods_id'])) {
$arr['products'] = get_good_products($arr['goods'][0]['goods_id']);
}
make_json_result($arr);
} elseif ($_REQUEST['act'] == 'search_products') {
include_once ROOT_PATH . 'includes/cls_json.php';
$json = new JSON();
$filters = $json->decode($_GET['JSON']);
if (!empty($filters->goods_id)) {
$arr['products'] = get_good_products($filters->goods_id);
}
check_authz_json('goods_manage');
$product_id = intval($_POST['id']);
$product_sn = json_str_iconv(trim($_POST['val']));
$product_sn = $_LANG['n_a'] == $product_sn ? '' : $product_sn;
if (check_product_sn_exist($product_sn, $product_id)) {
make_json_error($_LANG['sys']['wrong'] . $_LANG['exist_same_product_sn']);
}
/* 修改 */
$sql = "UPDATE " . $ecs->table('products') . " SET product_sn = '{$product_sn}' WHERE product_id = '{$product_id}'";
$result = $db->query($sql);
if ($result) {
clear_cache_files();
make_json_result($product_sn);
}
} elseif ($_REQUEST['act'] == 'edit_product_number') {
check_authz_json('goods_manage');
$product_id = intval($_POST['id']);
$product_number = intval($_POST['val']);
/* 货品库存 */
$product = get_product_info($product_id, 'product_number, goods_id');
/* 修改货品库存 */
$sql = "UPDATE " . $ecs->table('products') . " SET product_number = '{$product_number}' WHERE product_id = '{$product_id}'";
$result = $db->query($sql);
if ($result) {
/* 修改商品库存 */
if (update_goods_stock($product['goods_id'], $product_number - $product['product_number'])) {
clear_cache_files();
make_json_result($product_number);
}
}
} elseif ($_REQUEST['act'] == 'product_add_execute') {
check_authz_json('friendlink');
$id = intval($_GET['id']);
/* 获取链子LOGO,并删除 */
$link_logo = $exc->get_name($id, "link_logo");
if (strpos($link_logo, 'http://') === false && strpos($link_logo, 'https://') === false) {
$img_name = basename($link_logo);
@unlink(ROOT_PATH . DATA_DIR . '/afficheimg/' . $img_name);
}
$exc->drop($id);
clear_cache_files();
admin_log('', 'remove', 'friendlink');
$url = 'friend_link.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
ecs_header("Location: {$url}\n");
exit;
} elseif ($_REQUEST['act'] == 'edit_show_order') {
check_authz_json('friendlink');
$id = intval($_POST['id']);
$order = json_str_iconv(trim($_POST['val']));
/* 检查输入的值是否合法 */
if (!preg_match("/^[0-9]+\$/", $order)) {
make_json_error(sprintf($_LANG['enter_int'], $order));
} else {
if ($exc->edit("show_order = '{$order}'", $id)) {
clear_cache_files();
make_json_result(stripslashes($order));
}
}
}
/* 获取友情链接数据列表 */
function get_links_list()
{
$rank_name = $exc->get_name($rank_id);
admin_log(addslashes($rank_name), 'edit', 'user_rank');
clear_cache_files();
make_json_result($val);
} else {
make_json_error($val);
}
} elseif ($_REQUEST['act'] == 'toggle_special') {
check_authz_json('user_rank');
$rank_id = intval($_POST['id']);
$is_special = intval($_POST['val']);
if ($exc->edit("special_rank = '{$is_special}'", $rank_id)) {
$rank_name = $exc->get_name($rank_id);
admin_log(addslashes($rank_name), 'edit', 'user_rank');
make_json_result($is_special);
} else {
make_json_error($db->error());
}
} elseif ($_REQUEST['act'] == 'toggle_showprice') {
check_authz_json('user_rank');
$rank_id = intval($_POST['id']);
$is_show = intval($_POST['val']);
if ($exc->edit("show_price = '{$is_show}'", $rank_id)) {
$rank_name = $exc->get_name($rank_id);
admin_log(addslashes($rank_name), 'edit', 'user_rank');
clear_cache_files();
make_json_result($is_show);
} else {
make_json_error($db->error());
}
}
* 网站地址: http://www.ecshop.com;
* ----------------------------------------------------------------------------
* 这不是一个自由软件!您只能在不用于商业目的的前提下对程序代码进行修改和
* 使用;不允许对程序代码以任何形式任何目的的再发布。
* ============================================================================
* $Author: liubo $
* $Id: sale_order.php 17217 2011-01-19 06:29:08Z liubo $
*/
define('IN_ECS', true);
require dirname(__FILE__) . '/includes/init.php';
require_once ROOT_PATH . 'includes/lib_order.php';
require_once ROOT_PATH . 'languages/' . $_CFG['lang'] . '/admin/statistic.php';
$smarty->assign('lang', $_LANG);
if (isset($_REQUEST['act']) && ($_REQUEST['act'] == 'query' || $_REQUEST['act'] == 'download')) {
/* 检查权限 */
check_authz_json('sale_order_stats');
if (strstr($_REQUEST['start_date'], '-') === false) {
$_REQUEST['start_date'] = local_date('Y-m-d', $_REQUEST['start_date']);
$_REQUEST['end_date'] = local_date('Y-m-d', $_REQUEST['end_date']);
}
/* 下载报表 */
if ($_REQUEST['act'] == 'download') {
$goods_order_data = get_sales_order(false);
$goods_order_data = $goods_order_data['sales_order_data'];
$filename = $_REQUEST['start_date'] . '_' . $_REQUEST['end_date'] . 'sale_order';
header("Content-type: application/vnd.ms-excel; charset=utf-8");
header("Content-Disposition: attachment; filename={$filename}.xls");
$data = "{$_LANG['sell_stats']}\t\n";
$data .= "{$_LANG['order_by']}\t{$_LANG['goods_name']}\t{$_LANG['goods_sn']}\t{$_LANG['sell_amount']}\t{$_LANG['sell_sum']}\t{$_LANG['percent_count']}\n";
foreach ($goods_order_data as $k => $row) {
$order_by = $k + 1;
/* 模板赋值 */
$ur_here_lang = $_REQUEST['is_pay_ok'] == '1' ? '已完结佣金列表' : '未处理佣金列表';
$smarty->assign('ur_here', $ur_here_lang);
// 当前导航
$smarty->assign('full_page', 1);
// 翻页参数
$smarty->assign('supplier_list', $result['result']);
$smarty->assign('filter', $result['filter']);
$smarty->assign('record_count', $result['record_count']);
$smarty->assign('page_count', $result['page_count']);
$smarty->assign('sort_suppliers_id', '<img src="images/sort_desc.gif">');
/* 显示模板 */
assign_query_info();
$smarty->display('supplier_rebate_list.htm');
} elseif ($_REQUEST['act'] == 'query') {
check_authz_json('supplier_manage');
$result = rebate_list();
$smarty->assign('supplier_list', $result['result']);
$smarty->assign('filter', $result['filter']);
$smarty->assign('record_count', $result['record_count']);
$smarty->assign('page_count', $result['page_count']);
/* 排序标记 */
$sort_flag = sort_flag($result['filter']);
$smarty->assign($sort_flag['tag'], $sort_flag['img']);
make_json_result($smarty->fetch('supplier_rebate_list.htm'), '', array('filter' => $result['filter'], 'page_count' => $result['page_count']));
} elseif ($_REQUEST['act'] == 'view') {
/* 检查权限 */
admin_priv('supplier_manage');
/* 取得供货商返佣信息 */
$id = $_REQUEST['id'];
$is_pay_ok = $_REQUEST['is_pay_ok'] ? intval($_REQUEST['is_pay_ok']) : 0;
make_json_error($_LANG['region_name_empty']);
}
$msg = '';
/* 查看区域是否重复 */
$parent_id = $exc->get_name($id, 'parent_id');
if (!$exc->is_only('region_name', $region_name, $id, "parent_id = '{$parent_id}'")) {
make_json_error($_LANG['region_name_exist']);
}
if ($exc->edit("region_name = '{$region_name}'", $id)) {
admin_log($region_name, 'edit', 'area');
make_json_result(stripslashes($region_name));
} else {
make_json_error($db->error());
}
} elseif ($_REQUEST['act'] == 'drop_area') {
check_authz_json('area_manage');
$id = intval($_REQUEST['id']);
$sql = "SELECT * FROM " . $ecs->table('region') . " WHERE region_id = '{$id}'";
$region = $db->getRow($sql);
// /* 如果底下有下级区域,不能删除 */
// $sql = "SELECT COUNT(*) FROM " . $ecs->table('region') . " WHERE parent_id = '$id'";
// if ($db->getOne($sql) > 0)
// {
// make_json_error($_LANG['parent_id_exist']);
// }
$region_type = $region['region_type'];
$delete_region[] = $id;
$new_region_id = $id;
if ($region_type < 6) {
for ($i = 1; $i < 6 - $region_type; $i++) {
$new_region_id = new_region_id($new_region_id);
check_authz_json('stock_out_type');
$id = intval($_REQUEST['id']);
/*add by hg for date 2014-03-26 判断代理商是否非法操作商品*/
//static_goods($_REQUEST['goods_id']);
/*end*/
if ($exc->edit("if_delete = 1", $id)) {
clear_cache_files();
//$goods_name = $exc->get_name($goods_id);
//admin_log(addslashes($goods_name), 'trash', 'goods'); // 记录日志
$url = 'stock_out_type.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
ecs_header("Location: {$url}\n");
exit;
}
} elseif ($_REQUEST['act'] == 'restore_type') {
$id = intval($_REQUEST['id']);
check_authz_json('stock_out_type');
// 检查权限
$exc->edit("if_delete = 0, add_time = '" . gmtime() . "'", $id);
clear_cache_files();
//$goods_name = $exc->get_name($goods_id);
//admin_log(addslashes($goods_name), 'restore', 'goods'); // 记录日志
$url = 'stock_out_type.php?act=query&' . str_replace('act=restore_type', '', $_SERVER['QUERY_STRING']);
ecs_header("Location: {$url}\n");
exit;
}
/* 获得出库类型列表 */
function get_typelist()
{
$result = get_filter();
if ($result === false) {
$filter = array();
if ($_REQUEST['act'] == 'toggle_is_show') {
check_authz_json('cat_manage');
$id = intval($_POST['id']);
$val = intval($_POST['val']);
if (cat_update($id, array('is_show' => $val)) != false) {
clear_cache_files();
make_json_result($val);
} else {
make_json_error($db->error());
}
}
/*------------------------------------------------------ */
//-- 删除商品分类
/*------------------------------------------------------ */
if ($_REQUEST['act'] == 'remove') {
check_authz_json('cat_manage');
/* 初始化分类ID并取得分类名称 */
$cat_id = intval($_GET['id']);
$cat_name = $db->getOne('SELECT cat_name FROM ' . $ecs->table('category') . " WHERE cat_id='{$cat_id}'");
/* 当前分类下是否有子分类 */
$cat_count = $db->getOne('SELECT COUNT(*) FROM ' . $ecs->table('category') . " WHERE parent_id='{$cat_id}'");
/* 当前分类下是否存在商品 */
$goods_count = $db->getOne('SELECT COUNT(*) FROM ' . $ecs->table('goods') . " WHERE cat_id='{$cat_id}'");
/* 如果不存在下级子分类和商品,则删除之 */
if ($cat_count == 0 && $goods_count == 0) {
/* 删除分类 */
$sql = 'DELETE FROM ' . $ecs->table('category') . " WHERE cat_id = '{$cat_id}'";
if ($db->query($sql)) {
$db->query("DELETE FROM " . $ecs->table('nav') . "WHERE ctype = 'c' AND cid = '" . $cat_id . "' AND type = 'middle'");
clear_cache_files();
admin_log($cat_name, 'remove', 'category');
exit;
} elseif ($_REQUEST['act'] == 'edit_name') {
check_authz_json('supplier_rank');
$id = intval($_REQUEST['id']);
$val = empty($_REQUEST['val']) ? '' : json_str_iconv(trim($_REQUEST['val']));
if ($exc->is_only('rank_name', $val, $id)) {
if ($exc->edit("rank_name = '{$val}'", $id)) {
/* 管理员日志 */
clear_cache_files();
make_json_result(stripcslashes($val));
} else {
make_json_error($db->error());
}
} else {
make_json_error(sprintf($_LANG['rank_name_exists'], htmlspecialchars($val)));
}
} elseif ($_REQUEST['act'] == 'edit_sort') {
check_authz_json('supplier_rank');
$rank_id = empty($_REQUEST['id']) ? 0 : intval($_REQUEST['id']);
$val = empty($_REQUEST['val']) ? 0 : intval($_REQUEST['val']);
if ($val < 0 || $val > 255) {
make_json_error($_LANG['js_languages']['sort_order_invalid']);
}
if ($exc->edit("sort_order = '{$val}'", $rank_id)) {
$rank_name = $exc->get_name($rank_id);
clear_cache_files();
make_json_result($val);
} else {
make_json_error($val);
}
}