Ejemplo n.º 1
0
 function sendMsgToOpt()
 {
     foreach ($_POST as $key => $val) {
         $_POST[$key] = strip_tags($val);
     }
     if ($this->system->getConf('comment.verifyCode.msg') == 'on') {
         if (md5(trim($_POST['verifyCode'])) != $_COOKIE['RANDOM_CODE']) {
             $this->splash('failed', 'back', __('验证码录入错误,请重新输入'));
         }
     }
     $this->_verifyMember(false);
     $oMsg =& $this->system->loadModel('resources/shopbbs');
     $nOpId = $oMsg->getOpId();
     $aTemp = array('subject' => $_POST['subject'], 'msg_from' => empty($_POST['msg_from']) && empty($this->member['member_id']) ? __('游客') : $_POST['msg_from'], 'from_type' => isset($this->member) ? 0 : 2, 'to_type' => 1, 'folder' => 'inbox');
     if (!$this->member['member_id']) {
         $aTemp['email'] = $_POST['email'];
     }
     $aTemp['msg_ip'] = remote_addr();
     if ($this->system->getConf('system.message.open') == 'on') {
         $aTemp['is_sec'] = 'false';
     } else {
         $aTemp['is_sec'] = 'true';
     }
     $from = $this->member['member_id'] ? $this->member['member_id'] : 0;
     if ($oMsg->sendMsg($from, $nOpId, $_POST['message'], $aTemp)) {
         $this->splash('success', $this->system->mkUrl("message", "index"), __('提交成功,请等待管理员回复!'));
     } else {
         $this->splash('failed', $this->system->mkUrl("message", "index"), __('留言提交失败!'));
     }
 }
Ejemplo n.º 2
0
function logit($r = '', $status = '200')
{
    global $siteurl, $prefs, $pretext;
    $mydomain = str_replace('www.', '', preg_quote($siteurl, "/"));
    $out['uri'] = @$pretext['request_uri'];
    $out['ref'] = clean_url(str_replace("http://", "", serverSet('HTTP_REFERER')));
    $ip = remote_addr();
    $host = $ip;
    if (!empty($prefs['use_dns'])) {
        // A crude rDNS cache
        if ($h = safe_field('host', 'txp_log', "ip='" . doSlash($ip) . "' limit 1")) {
            $host = $h;
        } else {
            // Double-check the rDNS
            $host = @gethostbyaddr($ip);
            if ($host != $ip and @gethostbyname($host) != $ip) {
                $host = $ip;
            }
        }
    }
    $out['ip'] = $ip;
    $out['host'] = $host;
    $out['status'] = $status;
    $out['method'] = serverSet('REQUEST_METHOD');
    if (preg_match("/^[^\\.]*\\.?{$mydomain}/i", $out['ref'])) {
        $out['ref'] = "";
    }
    if ($r == 'refer') {
        if (trim($out['ref']) != "") {
            insert_logit($out);
        }
    } else {
        insert_logit($out);
    }
}
Ejemplo n.º 3
0
 /**
  * @todo register bad login
  */
 function process()
 {
     global $username, $password;
     $this->kernel->tpl->set_var('login.error', '');
     $this->kernel->tpl->set_var('user.name', '');
     if (isset($GLOBALS['logout'])) {
         $this->kernel->session->logout();
         $this->kernel->user->log('logout');
     }
     if (isset($GLOBALS['cookie_user_name'])) {
         $this->kernel->tpl->set_var('user.name', $GLOBALS['cookie_user_name']);
     }
     if (isset($GLOBALS['submit'])) {
         if (empty($GLOBALS['username']) || empty($GLOBALS['password'])) {
             $this->kernel->tpl->set_var('login.error', $this->kernel->lang['login.error.empty']);
         } else {
             $result = $this->kernel->user->login($username, $password);
             if (empty($result)) {
                 // register bad login
                 $host = remote_addr();
                 $this->kernel->tpl->set_var('login.error', $this->kernel->lang['login.error']);
                 $this->kernel->tpl->set_var('user.name', $username);
             } else {
                 setcookie("cookie_user_name", $username, time() + 360000000, "/");
                 redirect($GLOBALS['PHP_SELF']);
                 exit;
             }
         }
     }
     $this->kernel->tpl->set_file('login_tpl', MODDIR . 'control/tpl/page.login.html');
     return $this->kernel->tpl->process('', 'login_tpl');
 }
Ejemplo n.º 4
0
 function dologin()
 {
     if ($this->system->getConf('system.admin_verycode') || $this->system->getConf('system.admin_error_login_times') > $this->login_times_error) {
         if (strtolower($_POST["verifycode"]) !== strtolower($_SESSION["RANDOM_CODE"])) {
             $_SESSION['loginmsg'] = __("验证码输入错误!");
             header('Location: index.php?ctl=passport&act=login');
             exit;
         }
     }
     $oOpt =& $this->system->loadModel('admin/operator');
     $aResult = $oOpt->tryLogin($_POST);
     if ($aResult) {
         require 'magicvars_sys.php';
         $magic =& $this->system->loadModel('system/magicvars');
         $now_magic_data = $magic->getList('var_name', '', 0, -1);
         $tmp_magic_data = array();
         foreach ($now_magic_data as $m_key => $m_value) {
             $tmp_magic_data[$m_value['var_name']] = 1;
         }
         $import_data = array_diff_key($magicvars, $tmp_magic_data);
         if ($import_data) {
             foreach ($import_data as $me => $i_data) {
                 $magic->insert($i_data);
             }
         }
         if ($_POST['save_login_name']) {
             setcookie("SHOPEX_LOGIN_NAME", $_POST['usrname'], time() + 86400 * 10);
         } else {
             setcookie("SHOPEX_LOGIN_NAME", "");
         }
         $log_info['username'] = $_POST['usrname'];
         $oOpt->operator_logs('operator', $log_info);
         $status =& $this->system->loadModel('system/status');
         $lg_key = $this->system->getConf('system.admin_dontlogincheckip') ? md5(remote_addr() . $aResult['op_id']) : md5($aResult['op_id']);
         $_SESSION['SHOPEX_LG_KEY'] = $lg_key;
         setcookie('SHOPEX_LG_KEY', $lg_key);
         $status->update(1);
         $this->system->op_id = $aResult['op_id'];
         $data['lastlogin'] = time();
         $data['logincount'] = $aResult['logincount'] + 1;
         $oOpt->setLogInfo($data, $aResult['op_id']);
         $this->system->setConf('system.admin_error_login_times', 0);
         if ($_REQUEST['return']) {
             header("Location: index.php#" . $_REQUEST['return']);
         } else {
             header("Location: index.php");
         }
     } else {
         if (intval($this->system->getConf('system.admin_error_login_time') + 3600) > time()) {
             $this->system->setConf('system.admin_error_login_times', $this->system->getConf('system.admin_error_login_times') + 1);
         } else {
             $this->system->setConf('system.admin_error_login_times', 1);
         }
         $this->system->setConf('system.admin_error_login_time', time());
         $_SESSION['loginmsg'] = __('用户名或密码错误!');
         header('Location: index.php?ctl=passport&act=login');
         exit;
     }
 }
Ejemplo n.º 5
0
 function retry_alias($ali_name)
 {
     $params = array('host_id' => '1', 'alias' => $ali_name, 'ip' => remote_addr());
     $result = $this->native_svc(SAAS_API_URL, 'alias.retry_alias', $params);
     if (!$result) {
         $this->debug_msg();
         return '域名信息读取失败,请稍候再试。';
     }
     if ($result['result'] == 'false') {
         return $this->msg($result['result_msg']);
     }
     return true;
 }
Ejemplo n.º 6
0
 function dazuiLog()
 {
     $system =& $GLOBALS['system'];
     $map = array('date' => date('Y-m-d'), 'worker' => 'shop', 'controller' => isset($system->request['action']['controller']) ? $system->request['action']['controller'] : '-', 'method' => isset($system->request['action']['method']) ? $system->request['action']['method'] : '-', 'query' => isset($system->request['query']) ? $system->request['query'] : '-', 'ip' => remote_addr());
     foreach ($map as $k => $v) {
         $find[] = '/\\{' . $k . '\\}/i';
     }
     $this->file = preg_replace($find, $map, LOG_FILE);
     if (!is_dir($dir = dirname($this->file))) {
         mkdir_p($dir);
     }
     $this->logStr = create_function('$e', 'return "' . preg_replace(array_merge($find, array('/\\{time\\}/i', '/\\{gmt\\}/i', '/\\{code\\}/i', '/\\{msg\\}/i')), array_merge($map, array('".mydate(\'h:i:s\')."', '[".mydate(\'r\')."]', '".str_pad($e[\'code\'],4,0, STR_PAD_LEFT)."', '".str_replace("\\n",\'\\n\',$e[\'msg\'])."')), str_replace('"', '\\"', LOG_FORMAT)) . '";');
 }
Ejemplo n.º 7
0
 function dologin()
 {
     if ($this->system->getConf('system.admin_verycode') || $this->system->getConf('system.admin_error_login_times') > $this->login_times_error) {
         if (strtolower($this->in["verifycode"]) !== strtolower($_SESSION["RANDOM_CODE"])) {
             $_SESSION['loginmsg'] = __("验证码输入错误!");
             header('Location: index.php?ctl=passport&act=login');
             exit;
         }
     }
     $oOpt = $this->system->loadModel('admin/operator');
     $aResult = $oOpt->tryLogin($_POST);
     if ($aResult) {
         if ($_POST['save_login_name']) {
             setcookie("SHOPEX_LOGIN_NAME", $_POST['usrname'], time() + 86400 * 10);
         } else {
             setcookie("SHOPEX_LOGIN_NAME", "");
         }
         $config = unserialize($aResult['config']);
         $oOpt->update(array('lastlogin' => time(), 'lastip' => remote_addr(), 'logincount' => $aResult['logincount'] + 1), array('op_id' => $aResult['op_id']));
         unset($_SESSION["loginmsg"]);
         unset($_SESSION['_PageData']);
         unset($_SESSION['OPID']);
         unset($_SESSION['SUPER']);
         $profile = $this->system->loadModel('adminProfile');
         $status = $this->system->loadModel('system/status');
         $status->update(1);
         $profile->load($aResult['op_id']);
         $_SESSION['OPID'] = $aResult['op_id'];
         $_SESSION['SUPER'] = $aResult['super'];
         $_SESSION['profile'] =& $profile;
         $this->system->session->login();
         if ($_REQUEST['return']) {
             header("Location: index.php#" . $_REQUEST['return']);
         } else {
             header("Location: index.php");
         }
     } else {
         if (intval($this->system->getConf('system.admin_error_login_time') + 3600) > time()) {
             $this->system->setConf('system.admin_error_login_times', $this->system->getConf('system.admin_error_login_times') + 1);
         } else {
             $this->system->setConf('system.admin_error_login_times', 1);
         }
         $this->system->setConf('system.admin_error_login_time', time());
         $_SESSION['loginmsg'] = __('用户名或密码错误!');
         header('Location: index.php?ctl=passport&act=login');
         exit;
     }
 }
Ejemplo n.º 8
0
 /**
  * pagefactory
  *
  * @access public
  * @return void
  */
 function adminPage()
 {
     parent::pageFactory();
     if (defined('CUSTOM_CORE_DIR') && substr(get_class($this), 0, 4) == 'cct_') {
         $this->template_dir = CUSTOM_CORE_DIR . '/admin/view/';
     } else {
         $this->template_dir = CORE_DIR . '/admin/view/';
     }
     $this->system =& $GLOBALS['system'];
     $this->pagedata = array();
     if (DEBUG_TEMPLETE) {
         $o =& $this->system->loadModel('system/template');
         $theme = $this->system->getConf('system.ui.current_theme');
         $o->resetTheme($theme);
     }
     if (!$this->system->_base_link) {
         $this->system->_base_link = $base_url;
         if (!$this->system->getConf('system.seo.emuStatic') || $this->system->getConf('system.seo.emuStatic') == 'false') {
             $this->system->_base_link .= APP_ROOT_PHP . '?';
         }
     }
     $this->_env_vars = array('base_url' => $this->system->_base_link);
     if ($_GET['_ajax']) {
         if (!defined('IN_AJAX')) {
             define('IN_AJAX', true);
             ob_start();
         }
     } else {
         define('IN_AJAX', false);
     }
     if ($_GET['ctl'] != 'passport') {
         $lg_key = $_GET['ctl'] == 'system/comeback' ? $_COOKIE['SHOPEX_LG_KEY'] : $_SESSION['SHOPEX_LG_KEY'];
         if (false === $this->system->op_id || $this->system->op_is_disabled || $lg_key != MD5(remote_addr() . $this->system->op_id)) {
             $this->notAuth();
         } else {
             if (!$this->system->op_is_super) {
                 $oOpt =& $this->system->loadModel('admin/operator', 'config');
                 if (!$oOpt->check_role($this->system->op_id, $this->workground)) {
                     $this->system->responseCode(403);
                     exit;
                 }
             }
         }
     }
     // 是否拥有分销权限 2009-11-20 13:48 wubin
     $this->pagedata['distribute'] = $this->system->getConf('certificate.distribute');
 }
Ejemplo n.º 9
0
 /**
  * shop
  *
  * @access public
  * @return void
  */
 function run()
 {
     if (isset($_GET['gOo'])) {
         $urlTools =& $this->loadModel('utility/url');
         if ($url = $urlTools->oldVersionShopEx($_GET)) {
             $this->compactUrl($url);
         }
     }
     ob_start();
     define('IN_SHOP', true);
     $_COOKIE = $_COOKIE[COOKIE_PFIX];
     $request = $this->parseRequest();
     $this->lang = $request['lang'] ? $request['lang'] : DEFAULT_LANG;
     $request['money'] = $request['member_lv'] . $request['cur'];
     $this->request =& $request;
     $GLOBALS['runtime'] = $request;
     if (isset($request['member'])) {
         foreach ($request['member'] as $k => $v) {
             $GLOBALS['runtime'][$k] = $v;
         }
     }
     $cacheAble = !(count($_POST) > 0);
     if (defined('BLACKLIST')) {
         $blackList = preg_split('/[\\s,]+/', BLACKLIST);
         require_once CORE_DIR . '/func_ext.php';
         if ($this->match_network($blackList, remote_addr())) {
             $this->_succ = true;
             header('Connection: close', true, 401);
             echo '<h1>Access Denied</h1>';
             exit;
         }
     }
     if (isset($_GET['ctl'])) {
         $page =& $this->_frontend($request, array('controller' => $_GET['ctl'], 'method' => isset($_GET['act']) ? $_GET['act'] : 'index', 'args' => isset($_GET['p']) ? $_GET['p'] : null));
     } elseif (!$cacheAble || !$this->cache->get($ident = implode('|', $request), $page)) {
         register_shutdown_function(array(&$this, 'shutdown'));
         $this->co_start();
         $page =& $this->_frontend($request);
         if ($cacheAble && $page['cache']) {
             $this->cache->set($ident, $page, $this->co_end());
         }
     }
     $this->display($page);
     exit;
 }
Ejemplo n.º 10
0
/**
 * Writes a record to the visitor log using the current visitor's information.
 *
 * This function is used by log_hit(). See it before trying to use this one.
 *
 * The hit is ignore if $r is set to 'refer' and the HTTP REFERER header is empty.
 *
 * @param  string   $r      Type of record to write, e.g. refer
 * @param  int      $status HTTP status code
 * @access private
 * @see    log_hit()
 */
function logit($r = '', $status = 200)
{
    global $prefs, $pretext;
    if (!isset($pretext['request_uri'])) {
        return;
    }
    $host = $ip = (string) remote_addr();
    $protocol = false;
    $referer = serverSet('HTTP_REFERER');
    if ($referer) {
        foreach (do_list(LOG_REFERER_PROTOCOLS) as $option) {
            if (strpos($referer, $option . '://') === 0) {
                $protocol = $option;
                $referer = substr($referer, strlen($protocol) + 3);
                break;
            }
        }
        if (!$protocol || $protocol === 'https' && PROTOCOL !== 'https://') {
            $referer = '';
        } elseif (preg_match('/^[^\\.]*\\.?' . preg_quote(preg_replace('/^www\\./', '', SITE_HOST), '/') . '/i', $referer)) {
            $referer = '';
        } else {
            $referer = $protocol . '://' . clean_url($referer);
        }
    }
    if ($r == 'refer' && !$referer) {
        return;
    }
    if (!empty($prefs['use_dns'])) {
        // A crude rDNS cache.
        if (($h = safe_field('host', 'txp_log', "ip='" . doSlash($ip) . "' limit 1")) !== false) {
            $host = $h;
        } else {
            // Double-check the rDNS.
            $host = @gethostbyaddr($ip);
            if ($host !== $ip && @gethostbyname($host) !== $ip) {
                $host = $ip;
            }
        }
    }
    insert_logit(array('uri' => $pretext['request_uri'], 'ip' => $ip, 'host' => $host, 'status' => $status, 'method' => serverSet('REQUEST_METHOD'), 'ref' => $referer));
}
Ejemplo n.º 11
0
 function toSubmit($payment)
 {
     $merId = $this->getConf($payment['M_OrderId'], 'member_id');
     $ikey = $this->getConf($payment['M_OrderId'], 'PrivateKey');
     $payment['M_Currency'] = "1";
     //$order->M_Currency = "1";
     $orderdate = date("Ymd", $payment['M_Time']);
     //$order->M_Time
     $payment['M_Amount'] = number_format($payment['M_Amount'], $this->system->getConf('site.decimal_digit'), ".", "") * 100;
     $v_orderid = $merId . $orderdate . substr($payment['M_OrderId'], -10);
     $subject = $payment['M_OrderNO'];
     $spbill_create_ip = remote_addr();
     $bank_type = $payment['payExtend']['bankId'] ? $payment['payExtend']['bankId'] : 0;
     $charset = $this->system->loadModel('utility/charset');
     $desc = $charset->utf2local($subject, 'zh');
     $sp_billno = $charset->utf2local($subject, 'zh');
     $str = "cmdno=1&date=" . $orderdate . "&bargainor_id=" . $merId . "&transaction_id=" . $v_orderid . "&sp_billno=" . $sp_billno . "&total_fee=" . $payment['M_Amount'] . "&fee_type=" . $payment['M_Currency'] . "&return_url=" . $this->callbackUrl . "&attach=" . $payment['M_OrderId'] . "&spbill_create_ip=" . $spbill_create_ip . "&key=" . $ikey;
     $md5string = strtoupper(md5($str));
     $return["cmdno"] = "1";
     $return["date"] = $orderdate;
     $return["bank_type"] = $bank_type;
     $return["desc"] = $subject;
     $return["purchaser_id"] = "";
     $return["bargainor_id"] = $merId;
     $return["transaction_id"] = $v_orderid;
     //$payment['M_OrderId'];
     $return["sp_billno"] = $payment['M_OrderNO'];
     //$order->M_OrderNO;
     $return["total_fee"] = $payment['M_Amount'];
     //$order->M_Amount;
     $return["fee_type"] = $payment['M_Currency'];
     //$order->M_Currency;
     $return["return_url"] = $this->callbackUrl;
     $return["attach"] = $payment['M_OrderId'];
     $return["spbill_create_ip"] = $spbill_create_ip;
     $return["sign"] = $md5string;
     return $return;
 }
Ejemplo n.º 12
0
 function create($data)
 {
     $data['refund_id'] = $this->gen_id();
     $data['t_ready'] = time();
     $data['t_sent'] = time();
     $data['ip'] = remote_addr();
     if ($data['pay_type'] == 'deposit') {
         //todo预存款
         //            $this->money=$money;
     }
     if ($payCfg = $this->db->selectrow('SELECT pay_type,fee,custom_name FROM sdb_payment_cfg WHERE id=' . intval($data['payment']))) {
         $data['paycost'] = $payCfg['fee'] * $data['money'];
         //$this->bank = $payCfg['pay_type'];
         $data['paymethod'] = $payCfg['custom_name'];
     }
     $rs = $this->db->query('select * from sdb_refunds where 0=1');
     $sql = $this->db->getInsertSQL($rs, $data);
     if ($this->db->exec($sql)) {
         return $data['refund_id'];
     } else {
         return false;
     }
 }
Ejemplo n.º 13
0
 function _init($payment_id)
 {
     $aPayment = $this->payment->getPaymentById($payment_id);
     if ($aPayment['id'] < 1) {
         $this->splash('failed', $_SERVER["HTTP_REFERER"], __('支付失败:请选择支付方式!'));
     } elseif ($aPayment['pay_type'] == 'offline') {
         if ($this->member['member_id']) {
             $this->splash('failed', $this->system->mkUrl("member", "orderdetail", array($_POST['order_id'])), __('订单已成功提交了:') . $aPayment['custom_name']);
         } else {
             $this->splash('failed', $this->system->mkUrl("order", "index", array($_POST['order_id'])), __('订单已成功提交了:') . $aPayment['custom_name']);
         }
     } else {
         if ($aPayment['pay_type'] == 'deposit') {
             $this->_verifyMember();
             $this->payment->pay_type = 'deposit';
         } else {
             $this->payment->pay_type = 'online';
         }
         $this->payment->fee = $aPayment['fee'];
         $this->payment->type = $aPayment['pay_type'];
         $this->payment->bank = $aPayment['pay_type'];
         $aPayment['config'] = unserialize($aPayment['config']);
         $this->payment->config = $aPayment['config'];
         $this->payment->account = $aPayment['config']['member_id'];
         $this->payment->payment = $payment_id;
         $this->payment->paymethod = $aPayment['custom_name'];
         $this->payment->status = 'ready';
         $this->payment->ip = remote_addr();
         $this->payment->t_begin = time();
         $this->payment->memo = __('会员支付自动生成');
     }
 }
Ejemplo n.º 14
0
            // if registration is open log the user in
            if ($ps->conf['main']['registration'] == 'open') {
                $cms->session->online_status(1, $userinfo['userid']);
            }
            // display the registration confirmation
            $basename = basename(__FILE__, '.php') . '_confirmation';
            $cms->theme->add_css('css/forms.css');
            $cms->full_page($basename, $basename, $basename . '_header', $basename . '_footer');
            exit;
        } else {
            $ps->db->rollback();
        }
    }
} else {
    if ($ps->conf['main']['uniqueid'] == 'ipaddr') {
        $form->set('uniqueid', remote_addr());
    }
}
if ($ps->conf['main']['security']['csrf_protection']) {
    $cms->session->key($form->key());
}
// assign variables to the theme
$cms->theme->assign(array('errors' => $form->errors(), 'form' => $form->values(), 'uniqueid_label' => $uniqueid_label, 'form_key' => $ps->conf['main']['security']['csrf_protection'] ? $cms->session->key() : ''));
// display the output
$basename = basename(__FILE__, '.php');
$cms->theme->add_css('css/forms.css');
$cms->theme->add_js('js/forms.js');
$cms->full_page($basename, $basename, $basename . '_header', $basename . '_footer');
// validator functions --------------------------------------------------------------------------
function password_match($var, $value, &$form)
{
Ejemplo n.º 15
0
 function toReply($comment_id)
 {
     $this->begin('index.php?ctl=goods/discuss&act=detail&p[0]=' . $comment_id);
     $objComment =& $this->system->loadModel('comment/comment');
     $aComment = $objComment->getFieldById($comment_id, array('*'));
     $aData['comment'] = $_POST['reply_content'];
     $aData['for_comment_id'] = $comment_id;
     $aData['goods_id'] = $aComment['goods_id'];
     $aData['object_type'] = $aComment['object_type'];
     $aData['author_id'] = $this->system->op_id;
     $aData['author'] = __('管理员') . '[' . $this->system->op_name . ']';
     $aData['time'] = time();
     $aData['lastreply'] = time();
     $aData['display'] = 'true';
     $aData['ip'] = remote_addr();
     $this->end($objComment->toReply($aData), __('回复成功!'));
 }
Ejemplo n.º 16
0
 function toCreate()
 {
     $this->payment_id = $this->gen_id();
     $this->t_begin = time();
     $this->t_end = time();
     $this->ip = remote_addr();
     //如何网关实际是不支付外币交易的,但又选择了外币支付,则支付单中的实际支付金额,就是本位币金额。
     if (!$this->cur_trading && $this->currency != 'CNY') {
         $this->cur_money = $this->money;
     }
     $oCur =& $this->system->loadModel('system/cur');
     if ($payCfg = $this->db->selectrow('SELECT pay_type,fee,custom_name FROM sdb_payment_cfg WHERE id=' . intval($this->payment))) {
         $this->paycost = $oCur->formatNumber($this->paycost, false);
         $this->paymethod = $payCfg['custom_name'];
     }
     $aRs = $this->db->query('SELECT * FROM sdb_payments WHERE 0=1');
     $sSql = $this->db->GetInsertSQL($aRs, $this);
     if ($this->db->exec($sSql)) {
         return $this->payment_id;
     } else {
         return false;
     }
 }
Ejemplo n.º 17
0
 /**
  *	return false if no user exists
  *	return user info else
  *
  *	update lasthost, lastip if user exists
  */
 function login($username, $password)
 {
     global $g_user_id;
     $password = md5($password);
     $username = $this->kernel->db->addSlashes($username);
     $tmp = $this->kernel->db->selectRow("SELECT *\n\t\t\t\t\t\t\tFROM fu_users \n\t\t\t\t\t\t\tWHERE username='******' AND password='******' AND active!=0");
     if ($tmp) {
         $this->load($tmp);
         // get hostname
         $host = remote_addr();
         $this->kernel->db->query("UPDATE fu_users \n\t\t\t\t\t\t\tSET lasthost='{$host}', lastlogin=NOW() \n\t\t\t\t\t\t\tWHERE id='{$this->id}'");
         $this->log("login from {$host}");
         $g_user_id = $this->id;
         session_register('g_user_id');
         // get group info
         return true;
     } else {
         return false;
     }
 }
Ejemplo n.º 18
0
function store_data_text()
{
    global $mirrorconfig;
    global $privateconfig;
    $cookie = fetch_cookie();
    # Validated for certain safety measures.
    $tokens = param_val("tokens", "/^[a-zA-Z0-9 ,]+\$/");
    if ($_POST["nobots"] != "serious") {
        header("HTTP/1.1 500 Internal server error");
        print htmlentities("nobots value wrong, received \"" . $_POST["nobots"] . "\"");
        exit(1);
    }
    if ($_POST["purpose"] == "-") {
        header("HTTP/1.1 400 Bad Request");
        print htmlentities("'purpose' must be specified to post this comment.");
        exit(1);
    }
    $message = sprintf("%-15s: %s\n", "contact", $_POST["contact"]);
    $message .= sprintf("%-15s: %s\n", "purpose", $_POST["purpose"]);
    $message .= sprintf("%-15s: %s\n", "tokens", $_POST["tokens"]);
    $message .= sprintf("%-15s: %s\n", "score_transition", $_POST["score_transition"]);
    $message .= sprintf("%-15s: %s\n", "score_strict", $_POST["score_strict"]);
    $message .= sprintf("%-15s: %s\n", "a", $_POST["a"]);
    $message .= sprintf("%-15s: %s\n", "aaaa", $_POST["aaaa"]);
    if (preg_match("/ok|slow/", $_POST["ds4"])) {
        $message .= sprintf("%-15s: %s (via ipv4)\n", "ds", $_POST["ds4"]);
    } else {
        if (preg_match("/ok|slow/", $_POST["ds6"])) {
            $message .= sprintf("%-15s: %s (via ipv6)\n", "ds", $_POST["ds6"]);
        } else {
            $message .= sprintf("%-15s: %s (via ipv4)\n", "ds", $_POST["ds4"]);
            $message .= sprintf("%-15s: %s (via ipv6)\n", "ds", $_POST["ds6"]);
        }
    }
    $message .= sprintf("%-15s: %s\n", "dsmtu", $_POST["dsmtu"]);
    $message .= sprintf("%-15s: %s\n", "ipv4", $_POST["ipv4"]);
    $message .= sprintf("%-15s: %s\n", "ipv6", $_POST["ipv6"]);
    $message .= sprintf("%-15s: %s\n", "v6mtu", $_POST["v6mtu"]);
    $message .= sprintf("%-15s: %s\n", "v6ns", $_POST["v6ns"]);
    $message .= "----------------------------\n";
    $message .= sprintf("%-15s: %s\n", "ip4", $_POST["ip4"]);
    $message .= sprintf("%-15s: %s %s\n", "ip6", $_POST["ip6"], $_POST["ip6subtype"]);
    $message .= sprintf("%-15s: %s\n", "remote_addr", remote_addr());
    $message .= sprintf("%-15s: %s\n", "user-agent", $_SERVER["HTTP_USER_AGENT"]);
    $message .= sprintf("%-15s: %s\n", "referer", $_SERVER["HTTP_REFERER"]);
    $message .= sprintf("%-15s: %s\n", "subdomain", $_POST["subdomain"]);
    $message .= "\n\nNotes\n--------------\n" . $_POST["notes"];
    if ($privateconfig["google_translate"]["enable"]) {
        $message .= "\n\nTranslated\n---------\n" . translate($_POST["notes"]);
    }
    $message .= "\n\nComments\n--------------\n" . $_POST["comments"];
    #  print_r($_SERVER);
    $charset = "UTF-8";
    #  header("Content-type: text/html; charset=$charset");
    ?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Test your IPv6.</title>
   <link REL="SHORTCUT ICON"   HREF="http://test-ipv6.com/images/favicon.ico">
  <META http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<?php 
    $contact = trim($_POST["contact"]);
    $result = filter_var($contact, FILTER_VALIDATE_EMAIL);
    if ($result) {
        $replyto = "Reply-to: {$contact}\r\n";
    } else {
        $replyto = "";
        $contact = "";
    }
    mail($mirrorconfig["site"]["mailto"], $mirrorconfig["site"]["name"] . " feedback [{$contact}]", $message, $replyto . "Content-type: text/plain; charset={$charset}");
    print "Feedback sent; thank you for your assistance.<p>";
    print "If you included contact details, you may be contacted for further information, by " . $mirrorconfig["site"]["contact"] . "</hr>";
    print "<pre><code>";
    print "To: " . $mirrorconfig["site"]["mailto"] . "\n\n";
    print htmlentities($message, ENT_COMPAT, "UTF-8");
    print "</code></pre>";
    print "</body>";
}
Ejemplo n.º 19
0
function remote_addr_as_int()
{
    $addr = remote_addr();
    return ip2long($addr);
}
Ejemplo n.º 20
0
 public function msg_pack()
 {
     $data['ip'] = remote_addr();
     $data['url'] = $this->system->base_url();
     $data['login_time'] = mktime();
     $data['certificate_id'] = $this->getCerti();
     $data['shopname'] = $this->system->getConf("system.shopname");
     $data['ac'] = $this->make_shopex_ac($data, "ShopEx_LOG");
     return $data;
 }
Ejemplo n.º 21
0
 function addMemberByAdmin($aData)
 {
     if (empty($aData['uname'])) {
         trigger_error(__('保存失败:未输入会员名称'), E_USER_ERROR);
         return false;
     }
     $aInfo = $this->db->selectrow("SELECT uname,email FROM sdb_members WHERE uname = " . $this->db->quote($aData['uname']) . " OR email = " . intval($aData['email']));
     //----------获得插件
     $pObj = $this->system->loadModel("member/passport");
     if ($pObj->_verify()) {
         $obj =& $pObj->_load();
     }
     //--------
     if ($aInfo['uname'] == $aData['uname']) {
         trigger_error(__('保存失败:存在相同会员名称'), E_USER_ERROR);
         return false;
     }
     if (empty($aData['password'])) {
         trigger_error(__('保存失败:密码输入不正确'), E_USER_ERROR);
         return false;
     } elseif (strlen($aData['password']) < 4) {
         trigger_error(__('保存失败:密码不能小于4位'), E_USER_ERROR);
         return false;
     }
     if (empty($aData['psw_confirm'])) {
         trigger_error(__('保存失败:确认密码不能为空'), E_USER_ERROR);
         return false;
     } elseif (strlen($aData['psw_confirm']) < 4) {
         trigger_error(__('保存失败:确认密码不能小于4位'), E_USER_ERROR);
         return false;
     }
     if ($aData['psw_confirm'] != $aData['password']) {
         trigger_error(__('保存失败:两次密码输入不一致'), E_USER_ERROR);
         return false;
     }
     if (empty($aData['email'])) {
         trigger_error(__('保存失败:Email输入不正确'), E_USER_ERROR);
         return false;
     }
     if ($this->checkusertouc($aData['uname'], $aData['password'], $aData['email'], $uid, $message)) {
         if (!empty($message)) {
             trigger_error($message, E_USER_ERROR);
         } else {
             $aData['member_id'] = $uid;
         }
     }
     //----------
     /*        if($aInfo['email'] == $aData['email']){
                 trigger_error(__('保存失败:存在相同Email会员'), E_USER_ERROR);
                 return false;
             }*/
     $aData['regtime'] = time();
     $aData['password'] = md5($aData['password']);
     $aData['reg_ip'] = remote_addr();
     $aRs = $this->db->query("SELECT * FROM sdb_members WHERE 0");
     $sSql = $this->db->getInsertSql($aRs, $aData);
     //$aData['member_id'] = $insertID;
     //$MemAttr = $this->db->query("SELECT * FROM sdb_member_attr WHERE 0");
     //$sSql = $this->db->getInsertSql($aRs,$aData);
     if ($this->db->exec($sSql)) {
         $insertID = $this->db->lastInsertId();
         $status = $this->system->loadModel('system/status');
         $status->add('MEMBER_REG');
         return $insertID;
     } else {
         return '';
     }
 }
Ejemplo n.º 22
0
 function f2b_log_pingbacks($call)
 {
     if ('pingback.ping' == $call) {
         f2b_openlog(LOG_USER, 'WP_FAIL2BAN_PINGBACK_LOG');
         syslog(LOG_INFO, "Pingback requested from " . remote_addr());
     }
 }
Ejemplo n.º 23
0
 /**
  * save
  * 保存订单,用于新建或者修改
  *
  * @param mixed $doCreate 是否为新建订单
  * @access public
  * @return void todo:目前只适用于添加!!!
  */
 function save(&$trading, $doCreate = false, &$postInfo)
 {
     $data = $trading;
     $objDelivery =& $this->system->loadModel('trading/reship');
     $oCur =& $this->system->loadModel('system/cur');
     $aShipping = $objDelivery->getDlTypeById($trading['shipping_id']);
     //        $aArea = $objDelivery->getDlAreaById($trading['area']);
     $data['shipping'] = $aShipping['dt_name'];
     //        $data['shipping_area'] = $aArea['name']; 废弃字段
     $data['acttime'] = time();
     $data['createtime'] = time();
     $data['last_change_time'] = time();
     $data['ip'] = remote_addr();
     $trading['totalPrice'] = $oCur->formatNumber($trading['totalPrice'], false);
     $trading['pmt_b']['totalPrice'] = $oCur->formatNumber($trading['pmt_b']['totalPrice'], false);
     $data['total_amount'] = $trading['totalPrice'] + $trading['cost_freight'] + $trading['cost_protect'];
     $data['pmt_amount'] = $trading['pmt_b']['totalPrice'] - $trading['totalPrice'];
     $data['cost_item'] = $trading['totalPrice'] + $data['pmt_amount'];
     if ($trading['is_tax'] && $this->system->getConf('site.trigger_tax')) {
         $data['is_tax'] = 'true';
         $data['cost_tax'] = $trading['totalPrice'] * $this->system->getConf('site.tax_ratio');
         $data['cost_tax'] = $oCur->formatNumber($data['cost_tax'], false);
         $data['total_amount'] += $data['cost_tax'];
     }
     if ($trading['payment'] > 0) {
         if ($data['method']) {
             $data['cost_payment'] = $data['fee'];
         } else {
             $data['cost_payment'] = $data['fee'] * $data['total_amount'];
         }
         $data['cost_payment'] = $oCur->formatNumber($data['cost_payment'], false);
         $data['total_amount'] += $data['cost_payment'];
     }
     $newNum = $this->getOrderDecimal($data['total_amount']);
     $data['discount'] = floatval($data['total_amount'] - $newNum);
     $data['total_amount'] = $newNum;
     $data['final_amount'] = $data['total_amount'] * $data['cur_rate'];
     $data['final_amount'] = $oCur->formatNumber($data['final_amount'], false);
     $data['score_g'] = intval($data['totalGainScore']);
     $data['score_u'] = intval($data['totalConsumeScore']);
     $data['score_e'] = intval($newNum);
     if ($trading['payment'] != "-1") {
         //----检测该支付方式是否还有子选项,如快钱选择银行
         $payment = $this->system->loadModel('trading/payment');
         $payment->recgextend($data, $postInfo, $extendInfo);
         $data['extend'] = serialize($extendInfo);
         //------------------------------------------------
     }
     //+判断是否有远端商品
     if (true || $this->system->getConf('certificate.distribute')) {
         //检测付款前的订单状态,如果是刚付款立即发货
         if (!empty($trading['products']) && is_array($trading['products'])) {
             foreach ($trading['products'] as $product) {
                 $_where_bns[] = sprintf('\'%s\'', addslashes($product['bn']));
             }
             $_sql = sprintf('select local_bn,supplier_id
                              from sdb_supplier_pdtbn
                              where local_bn in(%s) and `default`=\'true\'', implode(',', $_where_bns));
             $_remote_product = $this->db->select($_sql);
             $_remote_product = array_change_key($_remote_product, 'local_bn');
             if ($_remote_product) {
                 $data['is_has_remote_pdts'] = 'true';
             }
         }
     }
     //----------------
     $rs = $this->db->exec('SELECT * FROM sdb_orders WHERE order_id=' . $data['order_id']);
     $sql = $this->db->getUpdateSql($rs, $data, $doCreate);
     $this->_info['order_id'] = $data['order_id'];
     //会员id
     if (!$this->db->exec($sql)) {
         return false;
     } elseif ($doCreate) {
         $this->addLog(__('订单创建'), $this->op_id ? $this->op_id : null, $this->op_name ? $this->op_name : null, __('添加'));
     }
     $status =& $this->system->loadModel('system/status');
     $status->add('ORDER_NEW');
     $status->count_order_to_pay();
     $status->count_order_new();
     //+商品------------------------------------------------------------
     if (!empty($trading['products']) && is_array($trading['products'])) {
         $objGoods =& $this->system->loadModel('trading/goods');
         foreach ($trading['products'] as $product) {
             $product['order_id'] = $data['order_id'];
             $product['bn'] = $product['bn'];
             $product['name'] = $product['name'];
             $product['addon'] = serialize($product['addon']);
             $product['minfo'] = serialize($product['minfo']);
             $product['supplier_id'] = $_remote_product[$product['bn']]['supplier_id'];
             $rs = $this->db->query('SELECT * FROM sdb_order_items WHERE 0=1');
             $sqlString = $this->db->GetInsertSQL($rs, $product);
             if ($sqlString) {
                 $this->db->exec($sqlString);
             }
             $objGoods->updateRank($product['goods_id'], 'buy_count', $product['nums']);
             //购买次数统计
             //冻结库存
             if ($this->freez_time() == 'order') {
                 if (intval($product['nums']) >= 0) {
                     $this->db->exec("UPDATE sdb_products SET freez = freez + " . intval($product['nums']) . " WHERE product_id = " . intval($product['product_id']));
                 }
                 $this->db->exec("UPDATE sdb_products SET freez = " . intval($product['nums']) . " WHERE product_id = " . intval($product['product_id']) . " AND freez IS NULL");
             }
         }
     }
     //+捆绑商品------------------------------------------------------------
     if (is_array($trading['package']) && count($trading['package'])) {
         foreach ($trading['package'] as $pkgData) {
             $pkgData['order_id'] = $data['order_id'];
             $pkgData['product_id'] = $pkgData['goods_id'];
             $pkg[] = $pkgData['goods_id'];
             $pkgData['is_type'] = 'pkg';
             $pkgData['addon'] = serialize($pkgData['addon']);
             $rs = $this->db->query('SELECT * FROM sdb_order_items WHERE order_id=' . $pkgData['order_id'] . ' AND is_type = \'pkg\' AND product_id=' . intval($pkgData['goods_id']));
             $sqlString = $this->db->GetUpdateSQL($rs, $pkgData, true);
             $this->db->exec($sqlString);
         }
         $this->db->exec('DELETE FROM sdb_order_items WHERE order_id=' . $pkgData['order_id'] . ' AND is_type = \'pkg\' AND product_id NOT IN(' . implode(',', $pkg) . ')');
     }
     //+促销信息------------------------------------------------------------
     if ($trading['pmt_o']['pmt_ids']) {
         //促销
         $sSql = 'INSERT INTO sdb_order_pmt (pmt_id,pmt_describe,order_id) select pmt_id,pmt_describe,\'' . $data['order_id'] . '\' FROM sdb_promotion WHERE pmt_id in(' . implode(',', $trading['pmt_o']['pmt_ids']) . ')';
         $this->db->exec($sSql);
         foreach ($trading['pmt_o']['pmt_ids'] as $k => $pmtId) {
             $sSql = 'UPDATE sdb_order_pmt SET pmt_amount=' . floatval($trading['pmt_o']['pmt_money'][$k]) . ' WHERE pmt_id=' . intval($pmtId) . ' AND order_id=' . $this->db->quote($data['order_id']);
             $this->db->exec($sSql);
         }
     }
     if ($trading['products']) {
         $pre_pmtOrder = array();
         foreach ($trading['products'] as $v) {
             if ($v['pmt_id']) {
                 $pre_pmtOrder[$v['pmt_id']] += $v['price'] - $v['_pmt']['price'];
             }
         }
         $aPmtIds = array_keys($pre_pmtOrder);
         if (!empty($aPmtIds)) {
             $sSql = 'SELECT pmt_id,pmt_describe FROM sdb_promotion WHERE pmt_id IN(' . implode(',', $aPmtIds) . ')';
             $aPmtOrder = $this->db->select($sSql);
             foreach ($aPmtOrder as $k => $v) {
                 $v['pmt_amount'] = $pre_pmtOrder[$v['pmt_id']];
                 $v['order_id'] = $data['order_id'];
                 $rs = $this->db->query('select * from sdb_order_pmt where 0=1');
                 $sqlString = $this->db->GetInsertSQL($rs, $v);
                 $this->db->exec($sqlString);
             }
         }
     }
     //+积分处理------------------------------------------------------------
     $oMemberPoint =& $this->system->loadModel('trading/memberPoint');
     $oGift =& $this->system->loadModel('trading/gift');
     $aGiftData = array();
     if ($data['score_u'] >= 0) {
         if (!$oMemberPoint->payAllConsumePoint($data['member_id'], $data['order_id'])) {
         } else {
             //+赠品处理------------------------------------------------------------
             if (is_array($trading['gift_e']) && count($trading['gift_e'])) {
                 foreach ($trading['gift_e'] as $giftId => $v) {
                     $giftId = $v['gift_id'];
                     $aGiftData[$giftId] = array('gift_id' => $giftId, 'name' => $v['name'], 'nums' => $v['nums'], 'point' => $v['point']);
                     if ($this->freez_time() == 'order') {
                         if (!$oGift->freezStock($v['gift_id'], $v['nums'])) {
                             //兑换赠品缺货
                         }
                     }
                 }
             }
         }
     }
     if (is_array($trading['gift_p']) && count($trading['gift_p'])) {
         foreach ($trading['gift_p'] as $v) {
             $giftId = $v['gift_id'];
             if (isset($aGiftData[$giftId])) {
                 $aGiftData[$giftId]['nums'] += $v['nums'];
             } else {
                 $aGiftData[$giftId] = array('gift_id' => $giftId, 'name' => $v['name'], 'nums' => $v['nums'], 'point' => $v['point']);
             }
         }
     }
     if ($aGiftData) {
         foreach ($aGiftData as $item) {
             $oGift =& $this->system->loadModel('trading/gift');
             $item['order_id'] = $data['order_id'];
             $rs = $this->db->query('select * from sdb_gift_items where 0=1');
             $sqlString = $this->db->GetInsertSQL($rs, $item);
             $this->db->exec($sqlString);
         }
     }
     //+优惠券------------------------------------------------------------
     if (is_array($trading['coupon_u']) && !empty($trading['coupon_u'])) {
         $oCoupon =& $this->system->loadModel('trading/coupon');
         foreach ($trading['coupon_u'] as $code => $v) {
             $aTmp = $this->db->selectRow('select cpns_name from sdb_coupons where cpns_id=' . intval($v['cpns_id']));
             $aData = array('order_id' => $data['order_id'], 'cpns_id' => $v['cpns_id'], 'memc_code' => $code, 'cpns_name' => $aTmp['cpns_name'], 'cpns_type' => $v['cpns_type']);
             $rs = $this->db->query('select * from sdb_coupons_u_items where 0=1');
             $sqlString = $this->db->GetInsertSQL($rs, $aData);
             $this->db->exec($sqlString);
             $oCoupon->applyMemberCoupon($v['cpns_id'], $code, $data['order_id'], $data['member_id']);
         }
     }
     if (is_array($trading['coupon_p']) && !empty($trading['coupon_p'])) {
         foreach ($trading['coupon_p'] as $code => $v) {
             $aData = array('order_id' => $data['order_id'], 'cpns_id' => $v['cpns_id'], 'cpns_name' => $v['cpns_name'], 'nums' => $v['nums']);
             $rs = $this->db->query('select * from sdb_coupons_p_items where 0=1');
             $sqlString = $this->db->GetInsertSQL($rs, $aData);
             $this->db->exec($sqlString);
         }
     }
     $data['is_tax'] = $data['is_tax'] ? true : false;
     $this->fireEvent('create', $data, $data['member_id']);
     //订单生成成功事件
     if ($data['total_amount'] == 0) {
         $pdata['order_id'] = $data['order_id'];
         $pdata['member_id'] = $data['member_id'];
         $pdata['money'] = 0;
         $this->payed($pdata);
     }
     return $data['order_id'];
 }
Ejemplo n.º 24
0
 function _sess_write()
 {
     if ($this->closed) {
         return;
     }
     $id = $this->sess_id;
     if ($_SESSION['profile']) {
         $s =& $_SESSION['profile'];
         unset($s->system);
     }
     $pkg = defined('__PKG__') ? __PKG__ : '';
     $aRs = $this->db->exec("SELECT * FROM sdb_op_sessions WHERE sess_id='" . $id . "'", true, true);
     $aTemp = array('sess_id' => $id, 'last_time' => time(), 'pkg' => $pkg, 'sess_data' => $_SESSION, 'ip' => remote_addr());
     $aIgnoreCtl = array('sfile' => 1, 'dashboard' => 1, 'profile/setting' => 1, 'passport' => 1);
     if (!isset($aIgnoreCtl[$this->system->request['action']['controller']])) {
         $aTemp['ctl'] = $this->system->request['action']['controller'];
         $aTemp['act'] = $this->system->request['action']['method'];
     }
     $sql = $this->db->GetUpdateSql($aRs, $aTemp, true);
     $this->system->log('session:' . $sql);
     if (!$sql || $this->db->exec($sql, true, true)) {
         return true;
     } else {
         return false;
     }
 }
Ejemplo n.º 25
0
 function PlugUserUpdate($userdb)
 {
     $data['password'] = $userdb['password'];
     $data['email'] = $userdb['email'];
     $data['reg_ip'] = remote_addr();
     $data['regtime'] = $userdb['time'];
     $rs = $this->db->exec('SELECT * FROM sdb_members where uname=' . $this->db->quote($userdb['username']));
     $sql = $this->db->getUpdateSQL($rs, $data);
     if (!$sql || $this->db->exec($sql)) {
     } else {
         return false;
     }
 }
Ejemplo n.º 26
0
 function toSubmit($payment)
 {
     $merId = $this->getConf($payment["M_OrderId"], 'member_id');
     $keyPass = $this->getConf($payment["M_OrderId"], 'keyPass');
     $icbcno = $this->getConf($payment["M_OrderId"], 'icbcno');
     $icbcFile = $this->getConf($payment["M_OrderId"], 'icbcFile');
     $keyFile = $this->getConf($payment["M_OrderId"], 'keyFile');
     $certFile = $this->getConf($payment["M_OrderId"], 'certFile');
     $charset = $this->system->loadModel('utility/charset');
     if (is_dir(dirname(__FILE__) . "/../../../home/upload/icbc/")) {
         $realpath = dirname(__FILE__) . "/../../../home/upload/icbc/";
     } elseif (is_dir(dirname(__FILE__) . "/../../../cert/icbc/")) {
         $realpath = dirname(__FILE__) . "/../../../cert/icbc/";
     }
     $key = $realpath . $keyFile;
     //私钥文件
     $cert = $realpath . $certFile;
     //公钥文件
     $icbc = $realpath . $icbcFile;
     if (!file_exists($key)) {
         die("ICBC key file not found!");
     }
     if (!file_exists($cert)) {
         die("ICBC Cert file not found!");
     }
     //接口名称固定为“ICBC_PERBANK_B2C”
     $aREQ["interfaceName"] = "ICBC_PERBANK_B2C";
     //接口版本目前为“1.0.0.0”
     $aREQ["interfaceVersion"] = "1.0.0.11";
     //商城代码,ICBC提供
     $aREQ["merID"] = $merId;
     //商户帐号,ICBC提供
     $aREQ["merAcct"] = $icbcno;
     //接收银行通知地址,目前只支持http协议80端口
     $aREQ["merURL"] = $this->callbackUrl;
     //HS方式实时发送通知;AG方式不发送通知;
     $aREQ["notifyType"] = "HS";
     //订单号商户端产生,一天内不能重复,拼接上订单号和支付号。
     $aREQ["orderid"] = $payment['M_OrderId'] . "-" . $payment['M_Time'];
     //$payment['M_OrderNO']."-".substr(trim($payment['M_OrderId']),0,10);
     //金额以分为单位
     $aREQ["amount"] = $payment['M_Amount'] * 100;
     //币种目前只支持人民币,代码为“001”
     $aREQ["curType"] = "001";
     //对于HS方式“0”:发送成功或者失败信息;“1”,只发送交易成功信息。
     $aREQ["resultType"] = 0;
     //商户reference
     //$aREQ["merReference"] = 0;
     //客户端IP
     $aREQ["merCustomIp"] = remote_addr();
     //14位时间戳
     $aREQ["orderDate"] = date("YmdHis", empty($payment['M_Time']) ? time() : $payment['M_Time']);
     //$aREQ["orderDate"] = "20080620".date("His",time());
     $aREQ["verifyJoinFlag"] = "0";
     //以上五个字段用于客户支付页面显示
     $aREQ["goodsID"] = "";
     //网关只认GB2312
     $aREQ["goodsName"] = $payment['M_OrderNO'];
     //$aREQ["goodsName"]  = "中文";
     //$convert = new iconvex();
     //$aREQ["goodsName"]  = $convert->utf82gb($aREQ["goodsName"]);
     $aREQ["goodsNum"] = 1;
     //运费金额以分为单位
     $aREQ["carriageAmt"] = 0;
     $aREQ["merHint"] = "";
     //备注
     $aREQ["remark1"] = $charset->utf2local($payment['rnote'], "zh");
     //备注2
     $aREQ["remark2"] = "";
     //“1”判断该客户是否与商户联名;取值“0”不检验客户是否与商户联名。
     $aREQ["verifyJoinFlag"] = 0;
     //构造V3版的xml
     $tranData = "<?xml version=\"1.0\" encoding=\"GBK\" standalone=\"no\"?><B2CReq><interfaceName>" . $aREQ["interfaceName"] . "</interfaceName><interfaceVersion>" . $aREQ["interfaceVersion"] . "</interfaceVersion><orderInfo><orderDate>" . $aREQ["orderDate"] . "</orderDate><orderid>" . $aREQ["orderid"] . "</orderid><amount>" . $aREQ["amount"] . "</amount><curType>" . $aREQ["curType"] . "</curType><merID>" . $aREQ["merID"] . "</merID><merAcct>" . $aREQ["merAcct"] . "</merAcct></orderInfo><custom><verifyJoinFlag>" . $aREQ["verifyJoinFlag"] . "</verifyJoinFlag><Language>ZH_CN</Language></custom><message><goodsID>" . $aREQ["goodsID"] . "</goodsID><goodsName>" . $aREQ["goodsName"] . "</goodsName><goodsNum>" . $aREQ["goodsNum"] . "</goodsNum><carriageAmt>" . $aREQ["carriageAmt"] . "</carriageAmt><merHint>" . $aREQ["merHint"] . "</merHint><remark1>" . $aREQ["remark1"] . "</remark1><remark2>" . $aREQ["remark2"] . "</remark2><merURL>" . $aREQ["merURL"] . "</merURL><merVAR>" . $payment['M_OrderId'] . "</merVAR></message></B2CReq>";
     if (strtoupper(substr(PHP_OS, 0, 3)) == "WIN") {
         $bb = new COM('ICBCEBANKUTIL.B2CUtil');
         $rc = $bb->init($icbc, $cert, $key, $keyPass);
         $merSignMsg = $bb->signC($tranData, strlen($tranData));
     } else {
         //商户签名数据BASE64编码
         $cmd = "/bin/icbc_sign '{$key}' '{$keyPass}' '{$tranData}'";
         //error_log($cmd,3,__FILE__.".log");
         $handle = popen($cmd, 'r');
         $merSignMsg = fread($handle, 2096);
         pclose($handle);
     }
     $fp = fopen($cert, "rb");
     $merCert = fread($fp, filesize($cert));
     $merCert = base64_encode($merCert);
     fclose($fp);
     $aFinalReq['interfaceName'] = $aREQ["interfaceName"];
     $aFinalReq['interfaceVersion'] = $aREQ["interfaceVersion"];
     $aFinalReq['tranData'] = base64_encode($tranData);
     $aFinalReq['merSignMsg'] = $merSignMsg;
     $aFinalReq['merCert'] = $merCert;
     foreach ($aFinalReq as $key => $val) {
         $return[$key] = $val;
     }
     return $return;
 }
Ejemplo n.º 27
0
 function toReply($comment_id)
 {
     $this->begin('index.php?ctl=member/gask&act=detail&p[0]=' . $comment_id);
     $objComment = $this->system->loadModel('comment/comment');
     $aComment = $objComment->getFieldById($comment_id, array('*'));
     $aData['comment'] = $this->in['reply_content'];
     $aData['for_comment_id'] = $comment_id;
     $aData['goods_id'] = $aComment['goods_id'];
     $aData['object_type'] = $aComment['object_type'];
     $aData['author_id'] = $this->op->op_id;
     $aData['author'] = __('BagXO') . '[' . ($this->op->loginName ? $this->op->loginName : $this->op->name) . ']';
     $aData['time'] = time();
     $aData['lastreply'] = time();
     $aData['display'] = 'true';
     $aData['ip'] = remote_addr();
     $this->end($objComment->toReply($aData), __('回复成功!'));
 }
Ejemplo n.º 28
0
            bail();
        }
        return $user;
    }, 1, 3);
}
if (defined('WP_FAIL2BAN_BLOCK_USER_ENUMERATION') && true === WP_FAIL2BAN_BLOCK_USER_ENUMERATION) {
    add_filter('redirect_canonical', function ($redirect_url, $requested_url) {
        if (intval(@$_GET['author'])) {
            openlog();
            \syslog(LOG_NOTICE, 'Blocked user enumeration attempt from ' . remote_addr());
            bail();
        }
        return $redirect_url;
    }, 10, 2);
}
add_action('wp_login', function ($user_login, $user) {
    openlog();
    \syslog(LOG_INFO, "Accepted password for {$user_login} from " . remote_addr());
}, 10, 2);
add_action('wp_login_failed', function ($username) {
    openlog();
    \syslog(LOG_NOTICE, "Authentication failure for {$username} from " . remote_addr());
});
if (defined('WP_FAIL2BAN_LOG_PINGBACKS') && true === WP_FAIL2BAN_LOG_PINGBACKS) {
    add_action('xmlrpc_call', function ($call) {
        if ('pingback.ping' == $call) {
            openlog(LOG_USER, 'WP_FAIL2BAN_PINGBACK_LOG');
            \syslog(LOG_INFO, "Pingback requested from " . remote_addr());
        }
    });
}
Ejemplo n.º 29
0
 /**
  * object_fire_event
  * 执行对象事件
  *
  * @param mixed $action
  * @param mixed $object
  * @param mixed $member_id
  * @param mixed $target
  * @access public
  * @return void
  */
 function object_fire_event($action, &$object, $member_id, &$target)
 {
     //ob_start();'system.event_listener'
     if (false === strpos($action, ':')) {
         $trigger_event = $target->modelName . ':' . $action;
         $modelName = $target->modelName;
     } else {
         $trigger_event = $action;
         list($modelName, $action) = explode(':', $action);
     }
     $type = $target->typeName;
     $this->system->messenger =& $this->system->loadModel('system/messenger');
     $this->system->_msgList = $this->system->messenger->actions();
     if ($this->system->_msgList[$type . '-' . $action]) {
         $this->system->messenger->actionSend($type . '-' . $action, $object, $member_id, true);
     }
     if (defined('DISABLE_TRIGGER') && DISABLE_TRIGGER) {
         return true;
     } else {
         $all_triggers = $this->db->select('select trigger_define from sdb_triggers where trigger_event="' . $trigger_event . '" and active="true" and disabled="false" order by trigger_order desc');
         if ($all_triggers) {
             $events = $target->events();
             if (!$events) {
                 $instance = $this->system->loadModel($modelName);
                 $events = $instance->events();
             } else {
                 $instance = $target;
             }
             $object['_event_date_'] = time();
             $object['ip'] = remote_addr();
             foreach ($all_triggers as $trigger) {
                 $trigger = unserialize($trigger['trigger_define']);
                 if ($this->__test_role($trigger['filter_mode'], $trigger['filter'], $object, $events[$action]['params'], $instance)) {
                     $this->__call_actions($trigger['actions'], $object);
                 }
             }
         }
         $appmgr =& $this->system->loadModel('system/appmgr');
         $data = array_merge((array) $this->listeners['*'], (array) $this->listeners[$target->modelName . ':*'], (array) $this->listeners[$target->modelName . ':' . $action]);
         foreach ($data as $func) {
             list($mod, $func) = $appmgr->get_func($func);
             if ($func) {
                 $mod->{$func}($action, $object);
             }
         }
         return true;
     }
     //$log = ob_get_contents();
     //ob_end_clean();
 }
Ejemplo n.º 30
0
 function toReply($comment_id, $item)
 {
     if ($this->system->getConf('comment.verifyCode.' . $item) == "on") {
         if (md5($_POST[$item . 'verifyCode']) != $_COOKIE[strtoupper($item) . "_RANDOM_CODE"]) {
             if ($item == "ask") {
                 $stp = __("咨询");
             } elseif ($item == "discuss") {
                 $stp = __("评论");
             }
             $this->splash('failed', 'back', $stp . __('验证码录入错误,请重新输入'));
         }
     }
     $objComment =& $this->system->loadModel('comment/comment');
     $aComment = $objComment->getFieldById($comment_id, array('*'));
     if (!$objComment->toValidate($aComment['object_type'], $aComment['goods_id'], $this->member, $message)) {
         $this->splash('failed', 'back', $message);
     } else {
         $aData['comment'] = $_POST['comment'];
         $aData['goods_id'] = $aComment['goods_id'];
         $aData['for_comment_id'] = $comment_id;
         $aData['author_id'] = $this->member['member_id'];
         $aData['mem_read_status'] = $this->member['member_id'] == $aComment['author_id'] ? 'false' : 'true';
         $aData['object_type'] = $aComment['object_type'];
         $aData['author'] = $this->member['member_id'] ? $this->member['uname'] : __('非会员顾客');
         $objLevel =& $this->system->loadModel('member/level');
         $aLevel = $objLevel->getFieldById($GLOBALS['runtime']['member_lv'], array('name'));
         $aData['levelname'] = $aLevel['name'];
         $aData['contact'] = $_POST['contact'] == '' ? $this->member['email'] : $_POST['contact'];
         $aData['time'] = time();
         $aData['lastreply'] = time();
         $aData['reply_name'] = $aData['author'];
         $aData['ip'] = remote_addr();
         $aData['display'] = $this->system->getConf('comment.display.' . $aComment['object_type']) == 'soon' ? 'true' : 'false';
         $objComment->toReply($aData);
         $this->splash('success', $this->system->mkUrl('product', 'index', array($aComment['goods_id'])), __('回复成功!'));
     }
 }