public function doMobileregister() { global $_GPC, $_W; if (checksubmit()) { $weid = $this->_weid; $from_user = $this->_from_user; $set = $this->_set_info; $member = array(); $member['from_user'] = $from_user; $member['username'] = $_GPC['username']; $member['password'] = $_GPC['password']; //print_r($_GPC);exit; if (!preg_match(REGULAR_USERNAME, $member['username'])) { die(json_encode(array("result" => 0, "error" => "必须输入用户名,格式为 3-15 位字符,可以包括汉字、字母(不区分大小写)、数字、下划线和句点。"))); } // if (!preg_match(REGULAR_USERNAME, $member['from_user'])) { // die(json_encode(array("result" => 0, "error" => "微信号码获取失败。"))); //} if (hotel_member_check(array('from_user' => $member['from_user'], 'weid' => $weid))) { die(json_encode(array("result" => 0, "error" => "非常抱歉,此用微信号已经被注册,你可以直接使用注册时的用户名登录,或者更换微信号注册!"))); } if (hotel_member_check(array('username' => $member['username'], 'weid' => $weid))) { die(json_encode(array("result" => 0, "error" => "非常抱歉,此用户名已经被注册,你需要更换注册用户名!"))); } if (istrlen($member['password']) < 6) { die(json_encode(array("result" => 0, "error" => "必须输入密码,且密码长度不得低于6位。"))); } $member['salt'] = random(8); $member['password'] = hotel_member_hash($member['password'], $member['salt']); $member['weid'] = $weid; $member['mobile'] = $_GPC['mobile']; $member['realname'] = $_GPC['realname']; $member['createtime'] = time(); $member['status'] = 1; $member['isauto'] = 0; pdo_insert('hotel2_member', $member); $member['id'] = pdo_insertid(); $member['user_set'] = $set['user']; //注册成功 hotel_set_userinfo(1, $member); $url = $this->createMobileUrl('search'); die(json_encode(array("result" => 1, "url" => $url))); } else { //$css_url = $this->_css_url; include $this->template('register'); } }
public function doWebStores() { global $_W, $_GPC; checklogin(); $action = 'stores'; $title = '门店管理'; $url = $this->createWebUrl($action, array('op' => 'display')); $area = pdo_fetchall("SELECT * FROM " . tablename($this->modulename . '_area') . " where weid = '{$_W['uniacid']}' ORDER BY displayorder DESC"); $operation = !empty($_GPC['op']) ? $_GPC['op'] : 'display'; if ($operation == 'display') { if (checksubmit('submit')) { //排序 if (is_array($_GPC['displayorder'])) { foreach ($_GPC['displayorder'] as $id => $val) { $data = array('displayorder' => intval($_GPC['displayorder'][$id])); pdo_update($this->modulename . '_stores', $data, array('id' => $id)); } } message('操作成功!', $url); } $pindex = max(1, intval($_GPC['page'])); $psize = 15; $where = "WHERE weid = '{$_W['uniacid']}'"; $storeslist = pdo_fetchall("SELECT * FROM " . tablename($this->modulename . '_stores') . " {$where} order by displayorder desc,id desc LIMIT " . ($pindex - 1) * $psize . ",{$psize}"); if (!empty($gifts)) { $total = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename($this->modulename . '_stores') . " {$where}"); $pager = pagination($total, $pindex, $psize); } include $this->template('stores'); } elseif ($operation == 'post') { load()->func('tpl'); $id = intval($_GPC['id']); //门店编号 $reply = pdo_fetch("select * from " . tablename($this->modulename . '_stores') . " where id=:id and weid =:weid", array(':id' => $id, ':weid' => $_W['uniacid'])); if (!empty($id)) { if (empty($reply)) { message('抱歉,数据不存在或是已经删除!', '', 'error'); } else { // if (!empty($reply['thumb_url'])) { // $reply['thumbArr'] = explode('|', $reply['thumb_url']); // } } } $piclist = unserialize($reply['thumb_url']); if (checksubmit('submit')) { $data = array(); $data['weid'] = intval($_W['uniacid']); $data['areaid'] = intval($_GPC['area']); $data['title'] = trim($_GPC['title']); $data['info'] = trim($_GPC['info']); $data['content'] = trim($_GPC['content']); $data['tel'] = trim($_GPC['tel']); $data['logo'] = trim($_GPC['logo']); $data['address'] = trim($_GPC['address']); $data['location_p'] = trim($_GPC['location_p']); $data['location_c'] = trim($_GPC['location_c']); $data['location_a'] = trim($_GPC['location_a']); $data['password'] = trim($_GPC['password']); $data['recharging_password'] = trim($_GPC['recharging_password']); $data['is_show'] = intval($_GPC['is_show']); $data['place'] = trim($_GPC['place']); $data['hours'] = trim($_GPC['hours']); $data['lng'] = trim($_GPC['baidumap']['lng']); $data['lat'] = trim($_GPC['baidumap']['lat']); $data['enable_wifi'] = intval($_GPC['enable_wifi']); $data['enable_card'] = intval($_GPC['enable_card']); $data['enable_room'] = intval($_GPC['enable_room']); $data['enable_park'] = intval($_GPC['enable_park']); $data['is_meal'] = intval($_GPC['is_meal']); $data['is_delivery'] = intval($_GPC['is_delivery']); $data['is_sms'] = intval($_GPC['is_sms']); $data['sendingprice'] = trim($_GPC['sendingprice']); $data['updatetime'] = TIMESTAMP; $data['dateline'] = TIMESTAMP; if (istrlen($data['title']) == 0) { message('没有输入标题.', '', 'error'); } if (istrlen($data['title']) > 30) { message('标题不能多于30个字。', '', 'error'); } // if (istrlen($data['content']) == 0) { // message('没有输入内容.', '', 'error'); // } // if (istrlen(trim($data['content'])) > 1000) { // message('内容过多请重新输入.', '', 'error'); // } if (istrlen($data['tel']) == 0) { message('没有输入联系电话.', '', 'error'); } if (istrlen($data['address']) == 0) { //message('请输入地址。', '', 'error'); } if (is_array($_GPC['thumbs'])) { $data['thumb_url'] = serialize($_GPC['thumbs']); } if (!empty($reply)) { unset($data['dateline']); pdo_update($this->modulename . '_stores', $data, array('id' => $id, 'weid' => $_W['uniacid'])); } else { pdo_insert($this->modulename . '_stores', $data); } message('操作成功!', $url); } include $this->template('stores'); } elseif ($operation == 'delete') { $id = intval($_GPC['id']); $store = pdo_fetch("SELECT id FROM " . tablename($this->modulename . '_stores') . " WHERE id = '{$id}'"); if (empty($store)) { message('抱歉,不存在或是已经被删除!', $this->createWebUrl('stores', array('op' => 'display')), 'error'); } pdo_delete($this->modulename . '_stores', array('id' => $id, 'weid' => $_W['uniacid'])); message('删除成功!', $this->createWebUrl('stores', array('op' => 'display')), 'success'); } }
function cutstr($string, $length, $havedot = false, $charset = '') { global $_W; if (empty($charset)) { $charset = $_W['charset']; } if (strtolower($charset) == 'gbk') { $charset = 'gbk'; } else { $charset = 'utf8'; } if (istrlen($string, $charset) <= $length) { return $string; } if (function_exists('mb_strcut')) { $string = mb_substr($string, 0, $length, $charset); } else { $pre = '{%'; $end = '%}'; $string = str_replace(array('&', '"', '<', '>'), array($pre . '&' . $end, $pre . '"' . $end, $pre . '<' . $end, $pre . '>' . $end), $string); $strcut = ''; $strlen = strlen($string); if ($charset == 'utf8') { $n = $tn = $noc = 0; while ($n < $strlen) { $t = ord($string[$n]); if ($t == 9 || $t == 10 || 32 <= $t && $t <= 126) { $tn = 1; $n++; $noc++; } elseif (194 <= $t && $t <= 223) { $tn = 2; $n += 2; $noc++; } elseif (224 <= $t && $t <= 239) { $tn = 3; $n += 3; $noc++; } elseif (240 <= $t && $t <= 247) { $tn = 4; $n += 4; $noc++; } elseif (248 <= $t && $t <= 251) { $tn = 5; $n += 5; $noc++; } elseif ($t == 252 || $t == 253) { $tn = 6; $n += 6; $noc++; } else { $n++; } if ($noc >= $length) { break; } } if ($noc > $length) { $n -= $tn; } $strcut = substr($string, 0, $n); } else { while ($n < $strlen) { $t = ord($string[$n]); if ($t > 127) { $tn = 2; $n += 2; $noc++; } else { $tn = 1; $n++; $noc++; } if ($noc >= $length) { break; } } if ($noc > $length) { $n -= $tn; } $strcut = substr($string, 0, $n); } $string = str_replace(array($pre . '&' . $end, $pre . '"' . $end, $pre . '<' . $end, $pre . '>' . $end), array('&', '"', '<', '>'), $strcut); } if ($havedot) { $string = $string . "..."; } return $string; }
public function fm_qrcode($value = 'http://012wz.com', $filename = '', $pathname = '', $logo, $scqrcode = array('errorCorrectionLevel' => 'H', 'matrixPointSize' => '4', 'margin' => '5')) { global $_W; $uniacid = !empty($_W['uniacid']) ? $_W['uniacid'] : $_W['acid']; require_once '../framework/library/qrcode/phpqrcode.php'; load()->func('file'); $filename = empty($filename) ? date("YmdHis") . '' . random(10) : date("YmdHis") . '' . random(istrlen($filename)); if (!empty($pathname)) { $dfileurl = 'attachment/images/' . $uniacid . '/qrcode/cache/' . date("Ymd") . '/' . $pathname; $fileurl = '../' . $dfileurl; } else { $dfileurl = 'attachment/images/' . $uniacid . '/qrcode/cache/' . date("Ymd"); $fileurl = '../' . $dfileurl; } mkdirs($fileurl); $fileurl = empty($pathname) ? $fileurl . '/' . $filename . '.png' : $fileurl . '/' . $filename . '.png'; QRcode::png($value, $fileurl, $scqrcode['errorCorrectionLevel'], $scqrcode['matrixPointSize'], $scqrcode['margin']); $dlogo = $_W['attachurl'] . 'headimg_' . $uniacid . '.jpg?uniacid=' . $uniacid; if (!$logo) { $logo = toimage($dlogo); } $QR = $_W['siteroot'] . $dfileurl . '/' . $filename . '.png'; if ($logo !== FALSE) { $QR = imagecreatefromstring(file_get_contents($QR)); $logo = imagecreatefromstring(file_get_contents($logo)); $QR_width = imagesx($QR); $QR_height = imagesy($QR); $logo_width = imagesx($logo); $logo_height = imagesy($logo); $logo_qr_width = $QR_width / 5; $scale = $logo_width / $logo_qr_width; $logo_qr_height = $logo_height / $scale; $from_width = ($QR_width - $logo_qr_width) / 2; imagecopyresampled($QR, $logo, $from_width, $from_width, 0, 0, $logo_qr_width, $logo_qr_height, $logo_width, $logo_height); } if (!empty($pathname)) { $dfileurllogo = 'attachment/images/' . $uniacid . '/qrcode/fm_qrcode/' . date("Ymd") . '/' . $pathname; $fileurllogo = '../' . $dfileurllogo; } else { $dfileurllogo = 'attachment/images/' . $uniacid . '/qrcode/fm_qrcode'; $fileurllogo = '../' . $dfileurllogo; } mkdirs($fileurllogo); $fileurllogo = empty($pathname) ? $fileurllogo . '/' . $filename . '_logo.png' : $fileurllogo . '/' . $filename . '_logo.png'; imagepng($QR, $fileurllogo); return $fileurllogo; }
public function doWebbusment() { global $_W, $_GPC; checklogin(); load()->func('tpl'); $uniacid = $_W['uniacid']; $op = $_GPC['op'] ? $_GPC['op'] : 'display'; if ($op == 'display') { $pindex = max(1, intval($_GPC['page'])); $psize = 20; $goodses = pdo_fetchall("SELECT * FROM " . tablename('eso_sale_busment') . " WHERE uniacid = '{$_W['uniacid']}' ORDER BY uid DESC LIMIT " . ($pindex - 1) * $psize . ',' . $psize); $total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('eso_sale_busment') . " WHERE uniacid = '{$_W['uniacid']}'"); $pager = pagination($total, $pindex, $psize); include $this->template('busment_show'); } elseif ($op == 'add') { $uid = intval($_GPC['uid']); if (!empty($uid)) { $sql = 'SELECT * FROM ' . tablename('eso_sale_busment') . ' WHERE uid=:uid AND uniacid=:uniacid LIMIT 1'; $params = array(':uid' => $uid, ':uniacid' => $_W['uniacid']); $goods = pdo_fetch($sql, $params); if (empty($goods)) { message('未找到指定的商户.', $this->createWebUrl('busment')); } } if (checksubmit()) { $data = $_GPC['goods']; // 获取打包值 empty($data['title']) && message('请填写商户名称'); empty($data['bond']) && message('请填写商户保证金'); empty($data['username']) && message('请填写登陆账号'); empty($data['password']) && message('请填写登陆密码'); if (empty($goods)) { //添加管理人员 load()->model('user'); $user = array(); $user['username'] = trim($data['username']); if (!preg_match(REGULAR_USERNAME, $user['username'])) { message('必须输入用户名,格式为 3-15 位字符,可以包括汉字、字母(不区分大小写)、数字、下划线和句点。'); } if (user_check(array('username' => $user['username']))) { message('非常抱歉,此用户名已经被注册,你需要更换注册名称!'); } $user['password'] = $data['password']; if (istrlen($user['password']) < 8) { message('必须输入密码,且密码长度不得低于8位。'); } $user['remark'] = ''; $user['groupid'] = 1; $uid = user_register($user); //分配权限 $per_data['uniacid'] = $_W['uniacid']; $per_data['uid'] = $uid; $per_data['url'] = 'c=home&a=welcome&do=ext&m=feng_business'; $ret = pdo_insert('users_permission', $per_data); //分配所属公众号 $acc_data['uniacid'] = $_W['uniacid']; $acc_data['uid'] = $uid; $acc_data['role'] = 'operator'; $ret = pdo_insert('uni_account_users', $acc_data); //保存商户信息 $bus_data['uniacid'] = $_W['uniacid']; $bus_data['title'] = $data['title']; $bus_data['bond'] = $data['bond']; $bus_data['status'] = $data['status']; $bus_data['createtime'] = time(); $bus_data['uid'] = $uid; $ret = pdo_insert('eso_sale_busment', $bus_data); } else { $bus_data['title'] = $data['title']; $bus_data['bond'] = $data['bond']; $bus_data['status'] = $data['status']; $ret = pdo_update('eso_sale_busment', $bus_data, array('uid' => $uid)); } if (!empty($ret)) { message('商户信息保存成功', $this->createWebUrl('busment', array('op' => 'add', 'uid' => $uid)), 'success'); } else { message('商户信息保存失败'); } } include $this->template('busment_add'); } elseif ($op == 'delete') { $uid = intval($_GPC['uid']); if (empty($uid)) { message('未找到指定商户'); } $result = pdo_delete('users', array('uid' => $uid)); $result = pdo_delete('users_permission', array('uid' => $uid)); $result = pdo_delete('uni_account_users', array('uid' => $uid)); $result = pdo_delete('eso_sale_busment', array('uid' => $uid, 'uniacid' => $_W['uniacid'])); if (intval($result) == 1) { message('删除商户成功.', $this->createWebUrl('busment'), 'success'); } else { message('删除商户失败.'); } } }
public function doWebMusic() { global $_W, $_GPC; checklogin(); $action = 'music'; $title = '音乐管理'; $url = $this->createWebUrl($action, array('op' => 'display')); load()->func('tpl'); $where = "WHERE weid = '{$_W['weid']}'"; $operation = !empty($_GPC['op']) ? $_GPC['op'] : 'display'; if ($operation == 'display') { if (checksubmit('submit')) { //排序 if (is_array($_GPC['displayorder'])) { foreach ($_GPC['displayorder'] as $id => $val) { $data = array('displayorder' => intval($_GPC['displayorder'][$id])); pdo_update($this->modulename . '_music', $data, array('mid' => $id, 'weid' => $_W['weid'])); } } message('操作成功!', $url); } $keyword = trim($_GPC['keyword']); if (!empty($keyword)) { $where = " WHERE (singer like '%{$keyword}%' OR title like '%{$keyword}%') AND weid=" . $_W['weid']; } $pindex = max(1, intval($_GPC['page'])); $psize = 15; $list = pdo_fetchall("SELECT * FROM " . tablename($this->modulename . '_music') . " {$where} order by displayorder desc,mid desc LIMIT " . ($pindex - 1) * $psize . ",{$psize}"); if (!empty($list)) { $total = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename($this->modulename . '_music') . " {$where}"); $pager = pagination($total, $pindex, $psize); } include $this->template('music'); } elseif ($operation == 'post') { $id = intval($_GPC['id']); $reply = pdo_fetch("select * from " . tablename($this->modulename . '_music') . " where mid=:mid and weid =:weid", array(':mid' => $id, ':weid' => $_W['weid'])); if (!empty($id)) { if (empty($reply)) { message('抱歉,数据不存在或是已经删除!', '', 'error'); } } if (!empty($reply)) { if (!empty($reply['cover'])) { if (strpos($reply['cover'], 'http') === false) { $cover = $_W['attachurl'] . $reply['cover']; } else { $cover = $reply['cover']; } } else { $cover = ''; } if (strpos($reply['url'], 'http') === false) { $music_url = $_W['attachurl'] . $reply['url']; } else { $music_url = $reply['url']; } } else { $cover = ''; } if (checksubmit('submit')) { $data = array('weid' => intval($_W['weid']), 'url' => trim($_GPC['url']), 'title' => trim($_GPC['title']), 'singer' => trim($_GPC['singer']), 'intro' => trim($_GPC['intro']), 'cover' => trim($_GPC['cover']), 'status' => 1, 'dateline' => TIMESTAMP); if (istrlen($data['title']) == 0) { message('没有输入标题.', '', 'error'); } if (istrlen($data['title']) > 30) { message('标题不能多于30个字。', '', 'error'); } if (istrlen($data['url']) == 0) { message('没有网址.', '', 'error'); } if (istrlen($data['singer']) == 0) { message('没有输入歌手.', '', 'error'); } if (istrlen($data['intro']) == 0) { message('请输入歌曲介绍.', '', 'error'); } if (!empty($reply)) { unset($data['dateline']); pdo_update($this->modulename . '_music', $data, array('mid' => $id, 'weid' => $_W['weid'])); } else { pdo_insert($this->modulename . '_music', $data); } message('操作成功!', $url); } include $this->template('music'); } elseif ($operation == 'delete') { $id = intval($_GPC['id']); $music = pdo_fetch("SELECT mid FROM " . tablename($this->modulename . '_music') . " WHERE mid = '{$id}'"); if (empty($music)) { message('抱歉,不存在或是已经被删除!', $this->createWebUrl('music', array('op' => 'display')), 'error'); } $row_count = pdo_delete($this->modulename . '_music', array('mid' => $id, 'weid' => $_W['weid'])); if ($row_count > 0) { pdo_delete($this->modulename . '_music_user', array('mid' => $id, 'weid' => $_W['weid'])); } message('删除成功!', $this->createWebUrl('music', array('op' => 'display')), 'success'); } }
if(empty($member) || in_array($m['uid'], $founders)) { message('访问错误.'); } $do = $_GPC['do']; $dos = array('edit', 'deny', 'delete', 'auth', 'revo', 'revos'); $do = in_array($do, $dos) ? $do: 'edit'; if($do == 'edit') { if(checksubmit('profile')) { require_once IA_ROOT . '/source/model/member.mod.php'; $nMember = array(); $nMember['uid'] = $uid; $nMember['password'] = $_GPC['password']; $nMember['salt'] = $member['salt']; if(!empty($nMember['password']) && istrlen($nMember['password']) < 8) { message('必须输入密码,且密码长度不得低于8位。'); } $nMember['lastip'] = $_GPC['lastip']; $nMember['lastvisit'] = $_GPC['lastvisit']; $nMember['remark'] = $_GPC['remark']; if(member_update($nMember) !== false) { message('保存用户资料成功!', 'refresh'); } message('保存用户资料失败,请稍候重试或联系网站管理员解决!'); } require model('wechat'); $wechats = wechat_search("`uid`='{$uid}'"); $sql = "SELECT `mid` FROM " . tablename('members_modules') . ' WHERE `uid`=:uid'; $mids = pdo_fetchall($sql, array(':uid' => $uid));
/** * [Weizan System] Copyright (c) 2014 012WZ.COM * Weizan is NOT a free software, it under the license terms, visited http://www.qdaygroup.com/ for more details. */ defined('IN_IA') or exit('Access Denied'); $_W['page']['title'] = '添加用户 - 用户管理 - 用户管理'; if (checksubmit()) { load()->model('user'); $user = array(); $user['username'] = trim($_GPC['username']); if (!preg_match(REGULAR_USERNAME, $user['username'])) { message('必须输入用户名,格式为 3-15 位字符,可以包括汉字、字母(不区分大小写)、数字、下划线和句点。'); } if (user_check(array('username' => $user['username']))) { message('非常抱歉,此用户名已经被注册,你需要更换注册名称!'); } $user['password'] = $_GPC['password']; if (istrlen($user['password']) < 8) { message('必须输入密码,且密码长度不得低于8位。'); } $user['remark'] = $_GPC['remark']; $user['groupid'] = intval($_GPC['groupid']) ? intval($_GPC['groupid']) : message('请选择所属用户组'); $uid = user_register($user); if ($uid > 0) { unset($user['password']); message('用户增加成功!', url('user/edit', array('uid' => $uid))); } message('增加用户失败,请稍候重试或联系网站管理员解决!'); } $groups = pdo_fetchall("SELECT id, name FROM " . tablename('users_group') . " ORDER BY id ASC"); template('user/create');
if (empty($setting['register']['open'])) { message('本站暂未开启注册功能,请联系管理员!'); } $extendfields = pdo_fetchall("SELECT field, title, description, required FROM " . tablename('profile_fields') . " WHERE available = '1' AND showinregister = '1' ORDER BY displayorder DESC"); if (checksubmit()) { load()->model('user'); $member = array(); $member['username'] = trim($_GPC['username']); if (!preg_match(REGULAR_USERNAME, $member['username'])) { message('必须输入用户名,格式为 3-15 位字符,可以包括汉字、字母(不区分大小写)、数字、下划线和句点。'); } if (user_check(array('username' => $member['username']))) { message('非常抱歉,此用户名已经被注册,你需要更换注册名称!'); } $member['password'] = $_GPC['password']; if (istrlen($member['password']) < 8) { message('必须输入密码,且密码长度不得低于8位。'); } $profile = array(); if (!empty($extendfields)) { foreach ($extendfields as $row) { if (!empty($row['required']) && empty($_GPC[$row['field']])) { message('“' . $row['title'] . '”此项为必填项,请返回填写完整!'); } $profile[$row['field']] = $_GPC[$row['field']]; } } if (!empty($setting['register']['code'])) { $code = $_GPC['code']; $hash = md5($code . $_W['config']['setting']['authkey']); if ($_GPC['__code'] != $hash) {
public function doCardForm() { global $_W, $_GPC; checklogin(); $action = 'card'; $title = $this->actions_titles[$action]; $url = create_url('site/module', array('do' => $action, 'name' => $this->modulename)); $id = intval($_GPC['id']); $reply = pdo_fetch("select * from " . tablename('icard_card') . " where id =" . $id); if (empty($reply)) { message('非法参数!', $url, 'error'); } $user = pdo_fetch("select * from " . tablename('icard_user') . " where from_user ='******'from_user'] . "'"); if (empty($user)) { message($reply['from_user'] . '用户不存在!', $url, 'error'); } $level = $this->get_user_level($reply['weid'], $reply['total_score']); if (checksubmit('submit')) { $data = array(); $data['username'] = trim($_GPC['username']); $data['tel'] = trim($_GPC['tel']); $data['address'] = trim($_GPC['address']); $data['birthday'] = strtotime($_GPC['birthday']); $data['sex'] = intval($_GPC['sex']); $data['age'] = intval($_GPC['age']); if (istrlen($data['username']) == 0) { message('没有输入姓名.', '', 'error'); } if (istrlen($data['username']) > 16) { message('姓名输入过长.', '', 'error'); } if (!empty($reply)) { pdo_update('icard_user', $data, array('id' => $user['id'])); } message('操作成功!', $url); } include $this->template('card_form'); }
load()->model('setting'); load()->func('tpl'); $do = $_GPC['do']; $dos = array('delete', 'edit'); $do = in_array($do, $dos) ? $do : 'edit'; $uid = intval($_GPC['uid']); $user = user_single($uid); $founders = explode(',', $_W['config']['setting']['founder']); if ($do == 'edit') { if (empty($user)) { message('访问错误, 未找到指定操作员.', url('user/display'), 'error'); } $extendfields = pdo_fetchall("SELECT field, title, description, required FROM " . tablename('profile_fields') . " WHERE available = '1' AND showinregister = '1'"); if (checksubmit('profile_submit')) { $_GPC['password'] = trim($_GPC['password']); if (!empty($record['password']) && istrlen($record['password']) < 8) { message('必须输入密码,且密码长度不得低于8位。'); } $_GPC['groupid'] = intval($_GPC['groupid']); if (empty($_GPC['groupid'])) { message('请选择所属用户组'); } load()->model('user'); $record = array(); $record['uid'] = $uid; $record['password'] = $_GPC['password']; $record['salt'] = $user['salt']; $record['groupid'] = intval($_GPC['groupid']); $record['remark'] = $_GPC['remark']; user_update($record); if (!empty($_GPC['birth'])) {
public function doWebStores() { global $_W, $_GPC; $weid = $this->_weid; $GLOBALS['frames'] = $this->getNaveMenu(); $action = 'stores'; $title = '门店管理'; $url = $this->createWebUrl($action, array('op' => 'display')); $area = pdo_fetchall("SELECT * FROM " . tablename($this->table_area) . " where weid = :weid ORDER BY displayorder DESC", array(':weid' => $weid)); $shoptype = pdo_fetchall("SELECT * FROM " . tablename($this->table_type) . " where weid = :weid ORDER BY displayorder DESC", array(':weid' => $weid)); $operation = !empty($_GPC['op']) ? $_GPC['op'] : 'display'; if ($operation == 'display') { if (checksubmit('submit')) { //排序 if (is_array($_GPC['displayorder'])) { foreach ($_GPC['displayorder'] as $id => $val) { $data = array('displayorder' => intval($_GPC['displayorder'][$id])); pdo_update($this->table_stores, $data, array('id' => $id)); } } message('操作成功!', $url); } $pindex = max(1, intval($_GPC['page'])); $psize = 10; $where = "WHERE weid = '{$_W['uniacid']}'"; $storeslist = pdo_fetchall("SELECT * FROM " . tablename($this->table_stores) . " {$where} order by displayorder desc,id desc LIMIT " . ($pindex - 1) * $psize . ",{$psize}"); if (!empty($storeslist)) { $total = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename($this->table_stores) . " {$where}"); $pager = pagination($total, $pindex, $psize); } } elseif ($operation == 'post') { load()->func('tpl'); $id = intval($_GPC['id']); //门店编号 $reply = pdo_fetch("select * from " . tablename($this->table_stores) . " where id=:id and weid =:weid", array(':id' => $id, ':weid' => $_W['uniacid'])); if (empty($reply)) { $reply['begintime'] = "09:00"; $reply['endtime'] = "18:00"; } $piclist = unserialize($reply['thumb_url']); if (checksubmit('submit')) { $data = array('weid' => intval($_W['uniacid']), 'areaid' => intval($_GPC['area']), 'typeid' => intval($_GPC['type']), 'title' => trim($_GPC['title']), 'info' => trim($_GPC['info']), 'content' => trim($_GPC['content']), 'tel' => trim($_GPC['tel']), 'announce' => trim($_GPC['announce']), 'logo' => trim($_GPC['logo']), 'address' => trim($_GPC['address']), 'location_p' => trim($_GPC['location_p']), 'location_c' => trim($_GPC['location_c']), 'location_a' => trim($_GPC['location_a']), 'lng' => trim($_GPC['baidumap']['lng']), 'lat' => trim($_GPC['baidumap']['lat']), 'password' => trim($_GPC['password']), 'recharging_password' => trim($_GPC['recharging_password']), 'is_show' => intval($_GPC['is_show']), 'place' => trim($_GPC['place']), 'hours' => trim($_GPC['hours']), 'consume' => trim($_GPC['consume']), 'level' => intval($_GPC['level']), 'enable_wifi' => intval($_GPC['enable_wifi']), 'enable_card' => intval($_GPC['enable_card']), 'enable_room' => intval($_GPC['enable_room']), 'enable_park' => intval($_GPC['enable_park']), 'is_meal' => intval($_GPC['is_meal']), 'is_delivery' => intval($_GPC['is_delivery']), 'is_sms' => intval($_GPC['is_sms']), 'is_hot' => intval($_GPC['is_hot']), 'sendingprice' => trim($_GPC['sendingprice']), 'dispatchprice' => trim($_GPC['dispatchprice']), 'freeprice' => trim($_GPC['freeprice']), 'begintime' => trim($_GPC['begintime']), 'endtime' => trim($_GPC['endtime']), 'updatetime' => TIMESTAMP, 'dateline' => TIMESTAMP); if (istrlen($data['title']) == 0) { message('没有输入标题.', '', 'error'); } if (istrlen($data['title']) > 30) { message('标题不能多于30个字。', '', 'error'); } if (istrlen($data['tel']) == 0) { // message('没有输入联系电话.', '', 'error'); } if (istrlen($data['address']) == 0) { //message('请输入地址。', '', 'error'); } if (is_array($_GPC['thumbs'])) { $data['thumb_url'] = serialize($_GPC['thumbs']); } if (!empty($id)) { unset($data['dateline']); pdo_update($this->table_stores, $data, array('id' => $id, 'weid' => $_W['uniacid'])); } else { pdo_insert($this->table_stores, $data); } message('操作成功!', $url); } } elseif ($operation == 'delete') { $id = intval($_GPC['id']); $store = pdo_fetch("SELECT id FROM " . tablename($this->table_stores) . " WHERE id = '{$id}'"); if (empty($store)) { message('抱歉,不存在或是已经被删除!', $this->createWebUrl('stores', array('op' => 'display')), 'error'); } pdo_delete($this->table_stores, array('id' => $id, 'weid' => $_W['uniacid'])); message('删除成功!', $this->createWebUrl('stores', array('op' => 'display')), 'success'); } include $this->template('stores'); }
function get_html($text, $length = 255) { if (istrlen($text) > $length) { $text = cutstr(strip_tags($text), $length, true); } else { $text = cutstr(strip_tags($text), $length); } return $text; }
public function doWebList() { global $_W, $_GPC; load()->func('file'); $foo = !empty($_GPC['foo']) ? $_GPC['foo'] : 'display'; $category = pdo_fetchall("SELECT * FROM " . tablename('album_category') . " WHERE weid = '{$_W['uniacid']}' ORDER BY parentid ASC, displayorder DESC", array(), 'id'); if (!empty($category)) { $children = ''; foreach ($category as $cid => $cate) { if (!empty($cate['parentid'])) { $children[$cate['parentid']][$cate['id']] = array($cate['id'], $cate['name']); } } } load()->func('tpl'); if ($foo == 'create') { $id = intval($_GPC['id']); if (!empty($id)) { $sql = 'SELECT * FROM ' . tablename('album') . ' WHERE `id` = :id AND `weid` = :weid'; $params = array(':id' => $id, ':weid' => $_W['uniacid']); $item = pdo_fetch($sql, $params); if (empty($item)) { message('抱歉,相册不存在或是已经删除!', '', 'error'); } } if (checksubmit('submit')) { if (empty($_GPC['title'])) { message('请输入相册名称!'); } $data = array('weid' => $_W['uniacid'], 'title' => $_GPC['title'], 'content' => $_GPC['content'], 'displayorder' => intval($_GPC['displayorder']), 'isview' => intval($_GPC['isview']), 'type' => intval($_GPC['type']), 'thumb' => $_GPC['thumb'], 'pcate' => intval($_GPC['pcate']), 'ccate' => intval($_GPC['ccate'])); if (empty($id)) { $data['createtime'] = TIMESTAMP; pdo_insert('album', $data); } else { pdo_update('album', $data, array('id' => $id)); } message('相册更新成功!', $this->createWebUrl('list', array('foo' => 'display')), 'success'); } include $this->template('album'); } elseif ($foo == 'display') { $pindex = max(1, intval($_GPC['page'])); $psize = 12; $condition = ''; if (!empty($_GPC['keyword'])) { $condition .= " AND title LIKE '%{$_GPC['keyword']}%'"; } if (!empty($_GPC['cate_2'])) { $cid = intval($_GPC['cate_2']); $condition .= " AND ccate = '{$cid}'"; } elseif (!empty($_GPC['cate_1'])) { $cid = intval($_GPC['cate_1']); $condition .= " AND pcate = '{$cid}'"; } if (istrlen($_GPC['isview']) > 0) { $condition .= " AND isview = '" . intval($_GPC['isview']) . "'"; } $list = pdo_fetchall("SELECT * FROM " . tablename('album') . " WHERE weid = '{$_W['uniacid']}' {$condition} ORDER BY displayorder DESC, id DESC LIMIT " . ($pindex - 1) * $psize . ',' . $psize); $total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('album') . " WHERE weid = '{$_W['uniacid']}' {$condition}"); $pager = pagination($total, $pindex, $psize); if (!empty($list)) { foreach ($list as &$row) { $row['total'] = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename('album_photo') . " WHERE albumid = :albumid", array(':albumid' => $row['id'])); } } include $this->template('album'); } elseif ($foo == 'photo') { $id = intval($_GPC['albumid']); $sql = 'SELECT * FROM ' . tablename('album') . ' WHERE `id` = :id AND `weid` = :weid'; $params = array(':id' => $id, ':weid' => $_W['uniacid']); $album = pdo_fetch($sql, $params); if (empty($album)) { message('相册不存在或是已经被删除!'); } if (checksubmit('submit')) { if (!empty($_GPC['attachment-new'])) { foreach ($_GPC['attachment-new'] as $index => $row) { if (empty($row)) { continue; } $data = array('weid' => $_W['uniacid'], 'albumid' => intval($_GPC['albumid']), 'title' => $_GPC['title-new'][$index], 'description' => $_GPC['description-new'][$index], 'attachment' => $_GPC['attachment-new'][$index], 'displayorder' => $_GPC['displayorder-new'][$index]); pdo_insert('album_photo', $data); } } if (!empty($_GPC['attachment'])) { foreach ($_GPC['attachment'] as $index => $row) { if (empty($row)) { continue; } $data = array('weid' => $_W['uniacid'], 'albumid' => intval($_GPC['albumid']), 'title' => $_GPC['title'][$index], 'description' => $_GPC['description'][$index], 'attachment' => $_GPC['attachment'][$index], 'displayorder' => $_GPC['displayorder'][$index]); pdo_update('album_photo', $data, array('id' => $index)); } } message('相册更新成功!', $this->createWebUrl('list', array('foo' => 'photo', 'albumid' => $album['id']))); } if (checksubmit('delete')) { pdo_delete('album_photo', array('albumid' => $id)); message('全部照片已成功删除', referer(), 'success'); } $sql = 'SELECT * FROM ' . tablename('album_photo') . ' WHERE `albumid` = :albumid ORDER BY `displayorder`'; $params = array(':albumid' => $album['id']); if (empty($album['type'])) { $sql .= ' DESC'; } else { $sql .= ' ASC'; } $photos = pdo_fetchall($sql, $params); include $this->template('album'); } elseif ($foo == 'delete') { $type = $_GPC['type']; $id = intval($_GPC['id']); if ($type == 'photo') { if (!empty($id)) { $sql = 'SELECT `id`, `attachment` FROM ' . tablename('album_photo') . ' WHERE `id` = :id AND `weid` = :weid'; $params = array(':id' => $id, ':weid' => $_W['uniacid']); $item = pdo_fetch($sql, $params); if (empty($item)) { message('图片不存在或是已经被删除!'); } pdo_delete('album_photo', array('id' => $item['id'])); } else { $item['attachment'] = $_GPC['attachment']; } file_delete($item['attachment']); } elseif ($type == 'album') { $sql = 'SELECT * FROM ' . tablename('album') . ' WHERE `id` = :id AND `weid` = :weid'; $params = array(':id' => $id, ':weid' => $_W['uniacid']); $album = pdo_fetch($sql, $params); if (empty($album)) { message('相册不存在或是已经被删除!'); } $photos = pdo_fetchall("SELECT id, attachment FROM " . tablename('album_photo') . " WHERE albumid = :albumid", array(':albumid' => $id)); if (!empty($photos)) { foreach ($photos as $row) { file_delete($row['attachment']); } } pdo_delete('album', array('id' => $id)); pdo_delete('album_photo', array('albumid' => $id)); } message('删除成功!', referer(), 'success'); } elseif ($foo == 'cover') { $id = intval($_GPC['albumid']); $attachment = $_GPC['thumb']; if (empty($attachment)) { message('抱歉,参数错误,请重试!', '', 'error'); } $sql = 'SELECT * FROM ' . tablename('album') . ' WHERE `id` = :id AND `weid` = :weid'; $params = array(':id' => $id, ':weid' => $_W['uniacid']); $item = pdo_fetch($sql, $params); if (empty($item)) { message('抱歉,相册不存在或是已经删除!', '', 'error'); } pdo_update('album', array('thumb' => $attachment), array('id' => $id)); message('设置封面成功!', '', 'success'); } }
public function doStoresForm() { global $_GPC, $_W; checklogin(); $action = 'stores'; $title = $this->actions_titles[$action]; $url = create_url('site/module', array('do' => $action, 'name' => $this->modulename)); $id = intval($_GPC['id']); //门店编号 $reply = pdo_fetch("select * from " . tablename($this->modulename . '_stores') . " where id=:id and weid =:weid", array(':id' => $id, ':weid' => $_W['weid'])); if (!empty($id)) { if (empty($reply)) { message('抱歉,数据不存在或是已经删除!', '', 'error'); } else { if (!empty($reply['thumb_url'])) { $reply['thumbArr'] = explode('|', $reply['thumb_url']); } } } if (checksubmit('submit')) { $data = array(); $data['weid'] = intval($_W['weid']); $data['title'] = trim($_GPC['title']); $data['info'] = trim($_GPC['info']); $data['content'] = trim($_GPC['content']); $data['tel'] = trim($_GPC['tel']); $data['address'] = trim($_GPC['address']); $data['location_p'] = trim($_GPC['location_p']); $data['location_c'] = trim($_GPC['location_c']); $data['location_a'] = trim($_GPC['location_a']); $data['password'] = trim($_GPC['password']); $data['recharging_password'] = trim($_GPC['recharging_password']); $data['is_show'] = intval($_GPC['is_show']); $data['place'] = trim($_GPC['place']); $data['hours'] = trim($_GPC['hours']); $data['lng'] = trim($_GPC['lng']); $data['lat'] = trim($_GPC['lat']); $data['enable_wifi'] = intval($_GPC['enable_wifi']); $data['enable_card'] = intval($_GPC['enable_card']); $data['enable_room'] = intval($_GPC['enable_room']); $data['enable_park'] = intval($_GPC['enable_park']); $data['thumb_url'] = implode('|', $_GPC['thumb_url']); $data['updatetime'] = TIMESTAMP; $data['dateline'] = TIMESTAMP; if (istrlen($data['title']) == 0) { message('没有输入标题.', '', 'error'); } if (istrlen($data['title']) > 30) { message('标题不能多于30个字。', '', 'error'); } if (istrlen($data['content']) == 0) { message('没有输入内容.', '', 'error'); } if (istrlen(trim($data['content'])) > 1000) { message('内容过多请重新输入.', '', 'error'); } if (istrlen($data['tel']) == 0) { message('没有输入联系电话.', '', 'error'); } if (istrlen($data['address']) == 0) { message('请输入地址。', '', 'error'); } // if (istrlen($data['password']) == 0) { // message('没有输入确认密码.','','error'); // } // if (istrlen($data['password']) > 16) { // message('确认密码不能大于16个字符.','','error'); // } // if (istrlen($data['recharging_password']) == 0) { // message('没有输入充值密码.','','error'); // } // if (istrlen($data['recharging_password']) > 16) { // message('充值密码不能大于16个字符.','','error'); // } if (!empty($_FILES['logo']['tmp_name'])) { file_delete($_GPC['logo_old']); $upload = file_upload($_FILES['logo']); if (is_error($upload)) { message($upload['message'], '', 'error'); } $data['logo'] = $upload['path']; } if (!empty($reply)) { unset($data['dateline']); pdo_update($this->modulename . '_stores', $data, array('id' => $id, 'weid' => $_W['weid'])); } else { pdo_insert($this->modulename . '_stores', $data); } message('操作成功!', $url); } include $this->template('stores_form'); }
public function doWebUser() { global $_W, $_GPC; $operation = !empty($_GPC['op']) ? $_GPC['op'] : 'display'; if ($operation == 'display') { $pindex = max(1, intval($_GPC['page'])); $psize = 20; $where = ''; if (isset($_GPC['status']) && $_GPC['status'] !== '') { $where .= " AND a.status = '" . intval($_GPC['status']) . "'"; } if (!empty($_GPC['username'])) { $where .= " AND a.username LIKE '%{$_GPC['username']}%'"; } if (!empty($_GPC['group'])) { $where .= " AND a.groupid = '{$_GPC['group']}'"; } $where .= "AND b.agent_uid = {$_W['uid']}"; $sql = 'SELECT * FROM ' . tablename('members') . ' a LEFT JOIN ' . tablename('agent_user') . ' b ON a.uid=b.uid WHERE 1 ' . $where . " LIMIT " . ($pindex - 1) * $psize . ',' . $psize; $list = pdo_fetchall($sql); $total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('members') . ' a LEFT JOIN ' . tablename('agent_user') . ' b ON a.uid=b.uid WHERE 1 ' . $where); $pager = pagination($total, $pindex, $psize); $founders = explode(',', $_W['config']['setting']['founder']); foreach ($members as &$m) { $m['founder'] = in_array($m['uid'], $founders); } $usergroups = pdo_fetchall("SELECT id, name FROM " . tablename('members_group'), array(), 'id'); } elseif ($operation == 'post') { $id = intval($_GPC['id']); $agent_uid = intval($_W['uid']); $extendfields = pdo_fetchall("SELECT field, title, description, required FROM " . tablename('profile_fields') . " WHERE available = '1' AND showinregister = '1'"); if (!empty($id)) { $member = pdo_fetch("SELECT * FROM " . tablename('members') . " WHERE uid = :uid", array(':uid' => $id)); if (empty($member)) { message('抱歉,用户不存在或是已经删除!', '', 'error'); } } if (checksubmit('profile_submit')) { $nMember = array(); $nMember['uid'] = $id; $nMember['password'] = $_GPC['password']; $nMember['groupid'] = intval($_GPC['groupid']); if (!empty($nMember['password']) && istrlen($nMember['password']) < 8) { message('必须输入密码,且密码长度不得低于8位。'); } $nMember['lastip'] = $_GPC['lastip']; $nMember['lastvisit'] = strtotime($_GPC['lastvisit']); $nMember['remark'] = $_GPC['remark']; if ($member['groupid'] != $nMember['groupid']) { # 扣钱 $balance = pdo_fetch("SELECT * FROM " . tablename('agent') . " WHERE uid = :uid", array(':uid' => $agent_uid)); $reduce_money = pdo_fetch("SELECT * FROM " . tablename('agent_payment') . " WHERE agent_uid = :uid AND group_id = :group_id", array(':uid' => $agent_uid, ':group_id' => $nMember['groupid'])); if (empty($reduce_money) || $balance['balance'] < $reduce_money['amount_needs']) { message('余额不足,不能修改分组。'); } $new_balance = $balance['balance'] - $reduce_money['amount_needs']; pdo_update('agent', array('balance' => $new_balance), array('uid' => $agent_uid)); $log = array(); $log['agent_uid'] = $agent_uid; $log['datetime'] = time(); $log['log'] = "修改用户" . $id . "分组:" . $member['groupid'] . " --> " . $nMember['groupid']; pdo_insert('agent_log', $log); } member_update($nMember); if (!empty($extendfields)) { foreach ($extendfields as $row) { if ($row['field'] != 'profile') { $profile[$row['field']] = $_GPC[$row['field']]; } } if (!empty($profile)) { $exists = pdo_fetchcolumn("SELECT uid FROM " . tablename('members_profile') . " WHERE uid = :uid", array(':uid' => $id)); if (!empty($exists)) { pdo_update('members_profile', $profile, array('uid' => $id)); } else { $profile['uid'] = $id; pdo_insert('members_profile', $profile); } } } message('用户信息更新成功!', create_url('site/module/user', array('name' => 'agent', 'op' => 'display')), 'success'); } if (!empty($extendfields)) { foreach ($extendfields as $row) { $fields[] = $row['field']; } $member['profile'] = pdo_fetch("SELECT `" . implode("`,`", $fields) . "` FROM " . tablename('members_profile') . " WHERE uid = :uid", array(':uid' => $id)); } $groups = pdo_fetchall("SELECT id, name FROM " . tablename('members_group') . " ORDER BY id ASC"); } include $this->template('user'); }