/**
* 权限检查函数
* @param int $sys_purview 系统定义的权限
* @param int $user_purview 用户的权限
* @return bool 拥有该权限时返回true,否则返回false
* @author winsen
*/
function check_purview($sys_purview, $user_purview)
{
if ($sys_purview & $user_purview) {
return true;
} else {
show_system_message('您没有操作权限');
}
}
/**
* 商户管理后台初始化
* @author 王仁欢
*/
function business_base_init()
{
if (!isset($_SESSION['business_account'])) {
$links = array(array('link' => 'index.php', 'alt' => '登陆'));
show_system_message('请先登陆', $links);
exit;
}
global $db;
$get_business = 'select * from ' . $db->table('business');
$get_business .= ' where business_account = \'' . $_SESSION['business_account'] . '\' and status = 2';
$business = $db->fetchRow($get_business);
if (empty($business)) {
if (isset($_SESSION['business_account'])) {
unset($_SESSION['business_shop_name']);
unset($_SESSION['business_account']);
unset($_SESSION['business_purview']);
}
$links = array(array('link' => 'index.php', 'alt' => '重新登陆'));
show_system_message('商户不存在或不在运营中', $links);
exit;
}
$current_shop = $_SESSION['business_shop_name'];
assign('current_shop', $current_shop);
assign('pageTitle', '网店' . $current_shop . '管理后台');
create_business_menu();
$active_nav = get_active_nav();
$active_nav = explode('.', $active_nav);
$active_nav = $active_nav[0];
assign('active_nav', $active_nav);
if ($active_nav == 'virtual_product') {
$active_nav = 'product';
}
assign('menu_mark', 'menu_' . $active_nav);
//未读消息数量
$get_unread_message_count = 'select count(*) from ' . $db->table('message');
$get_unread_message_count .= ' where business_account = \'' . $_SESSION['business_account'] . '\' and status = 0';
$unread_message_count = $db->fetchOne($get_unread_message_count);
assign('unread_message_count', $unread_message_count);
if ($_SESSION['business_account'] == $_SESSION['business_admin']) {
$primary_account = true;
} else {
$primary_account = false;
}
assign('primary_account', $primary_account);
}
/**
* 后台文件初始化,检查是否已登陆,根据权限生成菜单,assign通用信息
* @author 王仁欢
* @date 2015-08-05
* @return void
*/
function back_base_init()
{
global $config;
//是否已登陆
if (!check_admin_login()) {
show_system_message('请先登陆', array(array('link' => 'index.php', 'alt' => '登陆')));
exit;
}
$activeNav = get_active_nav();
$realMenus = create_menu();
if ($activeNav != 'main.php') {
$is_main = false;
} else {
$is_main = true;
}
global $menus;
$menuMark = array();
foreach ($menus as $key => $menu) {
if ($activeNav == $menu['url']) {
$menuMark['name'] = $realMenus[$menu['parent']]['key'];
$menuMark['count'] = $realMenus[$menu['parent']]['count'];
break;
}
}
assign('menu_mark', $menuMark);
assign('is_main', $is_main);
assign('active_nav', $activeNav);
assign('pageTitle', $config['site_name'] . '-管理后台');
assign('currentAdmin', $_SESSION['name']);
}
$where = '';
$type = intval(getGET('type'));
if ($type == 0) {
$table = 'member_exchange_log';
$exists_table = 'member';
$where = ' where account = \'' . $account . '\'';
} else {
$table = 'business_exchange_log';
$exists_table = 'business';
$where = ' where business_account = \'' . $account . '\'';
}
assign('type', $type);
$get_account = 'select * from ' . $db->table($exists_table) . $where . ' limit 1';
$account = $db->fetchRow($get_account);
if (empty($account)) {
show_system_message('帐号不存在', array());
exit;
}
$st = trim(getGET('st'));
$et = trim(getGET('et'));
$start_time = strtotime($st);
$end_time = strtotime($et);
$and_where = '';
$pattern = '#[0-9]{4}\\-[0-9]{1,2}\\-[0-9]{1,2}#';
if ($st) {
if (preg_match($pattern, $st)) {
$and_where .= ' and add_time > ' . $start_time;
} else {
$st = '';
}
}
$get_business .= ' where business_account = \'' . $business_account . '\' and status = 1 limit 1';
$business = $db->fetchRow($get_business);
if (empty($business)) {
show_system_message('商户不存在', array());
exit;
}
assign('business_account', $business_account);
}
//认证信息驳回
if ('auth_reject' == $act) {
if (!check_purview('pur_business_exam', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$business_account = trim(getGET('account'));
if ('' == $business_account) {
show_system_message('参数错误', array());
exit;
}
$business_account = $db->escape($business_account);
$get_business = 'select * from ' . $db->table('business');
$get_business .= ' where business_account = \'' . $business_account . '\' and status = 2 limit 1';
$business = $db->fetchRow($get_business);
if (empty($business)) {
show_system_message('商户不存在', array());
exit;
}
assign('business_account', $business_account);
}
$template .= $act . '.phtml';
$smarty->display($template);
}
if ($remark == '') {
show_system_message('请填写备注信息');
} else {
$remark = $db->escape($remark);
}
if (update_recharge($recharge_sn, 3, $_SESSION['account'], '线下充值:' . $remark)) {
show_system_message('充值记录已处理', array(array('link' => 'recharge.php', 'alt' => '充值列表')));
} else {
show_system_message('系统繁忙');
}
}
if ('edit' == $act) {
$recharge_sn = getGET('sn');
if ($recharge_sn == '') {
show_system_message('参数错误');
} else {
$recharge_sn = $db->escape($recharge_sn);
}
$get_recharge = 'select * from ' . $db->table('recharge') . ' where `recharge_sn`=\'' . $recharge_sn . '\'';
$recharge = $db->fetchRow($get_recharge);
assign('recharge', $recharge);
}
if ('view' == $act) {
$page = getGET('page');
$count = getGET('count');
$account = getGET('account');
$begin_time = getGET('begin_time');
$end_time = getGET('end_time');
$status = getGET('status');
$recharge_sn = getGET('recharge_sn');
if ('edit' == $act) {
if (!check_purview('pur_ad_edit', $_SESSION['purview'])) {
show_system_message('权限不足');
exit;
}
$id = intval(getGET('id'));
$get_ad = 'select * from ' . $db->table('ad') . ' where `id`=' . $id . ' and business_account = \'\'';
assign('ad', $db->fetchRow($get_ad));
}
if ('delete' == $act) {
if (!check_purview('pur_ad_del', $_SESSION['purview'])) {
show_system_message('权限不足');
exit;
}
$id = intval(getGET('id'));
if ($id <= 0) {
show_system_message('请求失败');
exit;
}
$get_img = 'select `img` from ' . $db->table('ad') . ' where `id`=' . $id . ' and business_account = \'\'';
$img = $db->fetchOne($get_img);
if ($db->autoDelete('ad', '`id`=' . $id)) {
show_system_message('删除广告成功');
exit;
} else {
show_system_message('系统繁忙,请稍后再试');
exit;
}
}
$template .= $act . '.phtml';
$smarty->display($template);
$total_page = ceil($total / $count);
$page = $page > $total_page ? $total : $page;
$page = $page <= 0 ? 1 : $page;
$offset = ($page - 1) * $count;
$get_content_list = 'select a.*, p.img from ' . $db->table('order_content') . ' as a';
$get_content_list .= ' left join ' . $db->table('product') . ' as p on a.product_sn = p.product_sn';
$get_content_list .= ' where a.business_account = \'' . $_SESSION['business_account'] . '\'';
$get_content_list .= $and_where;
$get_content_list .= ' order by id desc';
$get_content_list .= ' limit ' . $offset . ',' . $count;
$content_list = $db->fetchAll($get_content_list);
// echo $get_content_list;exit;
if ($content_list) {
foreach ($content_list as $key => $content) {
$content_list[$key]['status_str'] = $status_str[$content['status']];
$content_list[$key]['begin_time_str'] = $content['begin_time'] ? date('Y-m-d H:i:s', $content['begin_time']) : '';
$content_list[$key]['end_time_str'] = $content['end_time'] ? date('Y-m-d H:i:s', $content['end_time']) : '';
}
}
assign('content_list', $content_list);
create_pager($page, $total_page, $total);
assign('count', $count);
}
if ('consume' == $act) {
if (!check_purview('pur_virtual_order_edit', $_SESSION['business_purview'])) {
show_system_message('权限不足', array());
exit;
}
}
$template .= $act . '.phtml';
$smarty->display($template);
if ('delete' == $act) {
if (!check_purview('pur_admin_del', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$account = trim(getGET('account'));
if ('' == $account) {
show_system_message('参数错误', array());
exit;
}
$get_admin = 'select * from `' . DB_PREFIX . 'platform_admin` where `account` = \'' . $account . '\' limit 1';
$admin = $db->fetchRow($get_admin);
if (empty($admin)) {
show_system_message('管理员不存在', array());
exit;
}
if ($admin['role_id'] == 1) {
show_system_message('不能删除超级管理员', array());
exit;
}
$delete_admin = 'delete from `' . DB_PREFIX . 'platform_admin` where `account` = \'' . $account . '\' limit 1';
if ($db->delete($delete_admin)) {
show_system_message('成功删除管理员', array());
exit;
} else {
show_system_message('系统繁忙,稍后重试', array());
exit;
}
}
$template .= $act . '.phtml';
$smarty->display($template);
show_system_message('参数错误', array());
exit;
}
$product_sn = $db->escape($product_sn);
$get_product = 'select a.* from ' . $db->table('product') . ' as a';
$get_product .= ' where business_account = \'' . $_SESSION['business_account'] . '\'';
$get_product .= ' and is_virtual = 1';
//实体产品
$get_product .= ' and a.product_sn = \'' . $product_sn . '\' and status <> 2 limit 1';
$product = $db->fetchRow($get_product);
if (!$product) {
show_system_message('产品不存在', array());
exit;
}
if ($product['status'] == 5) {
show_system_message('产品已被删除', array());
exit;
}
$get_attributes_list = 'select * from ' . $db->table('product_attributes');
$get_attributes_list .= ' where product_type_id = ' . $product['product_type_id'];
$attributes_list = $db->fetchAll($get_attributes_list);
$target = array();
if ($attributes_list) {
foreach ($attributes_list as $k => $v) {
$target[$v['id']] = $v['name'];
}
}
$get_inventory_list = 'select * from ' . $db->table('inventory');
$get_inventory_list .= ' where product_sn = \'' . $product_sn . '\'';
// echo $get_inventory_list;exit;
$inventory_list = $db->fetchAll($get_inventory_list);
exit;
}
$scene_id = intval(getGET('scene_id'));
if ($scene_id <= 0) {
show_system_message('参数错误');
}
$get_scene = 'select `id` from ' . $db->table('scene') . ' where `id`=' . $scene_id;
if (!$db->fetchOne($get_scene)) {
show_system_message('场景不存在');
}
//如果不存在正在报名或者参与中的活动,则创建新的活动
$get_cycle = 'select `id` from ' . $db->table('cycle') . ' where `scene_id`=' . $scene_id . ' and `status`<2';
$cycle_id = $db->fetchOne($get_cycle);
$db->autoUpdate('cycle', array('actived' => 0));
if (!$cycle_id) {
$get_cycle_count = 'select count(*) from ' . $db->table('cycle') . ' where `scene_id`=' . $scene_id;
$count = $db->fetchOne($get_cycle_count);
$count++;
$cycle_data = array('scene_id' => $scene_id, 'serial' => $count, 'status' => 0, 'add_time' => time(), 'actived' => 1);
if (!$db->autoInsert('cycle', array($cycle_data))) {
show_system_message('启动场景失败,请稍后再试');
} else {
$cycle_id = $db->get_last_id();
}
} else {
$db->autoUpdate('cycle', array('actived' => 1), '`id`=' . $cycle_id);
}
$_SESSION['cycle_id'] = $cycle_id;
}
$template .= $act . '.phtml';
$smarty->display($template);
$get_password .= $where;
$get_password .= ' limit 1';
$old_password = $db->fetchOne($get_password);
if (md5($password . PASSWORD_END) != $old_password) {
$response['msg'] = '原密码不正确';
echo json_encode($response);
exit;
}
$data = array('password' => md5($new_password . PASSWORD_END));
if ($db->autoUpdate($table, $data, $where)) {
$response['msg'] = '修改密码成功';
} else {
$response['msg'] = '系统繁忙,请稍后重试';
}
echo json_encode($response);
exit;
}
//======================================================================
if ('view' == $act) {
if ($_SESSION['business_account'] == $_SESSION['business_admin']) {
show_system_message('请勿修改商家主帐号资料', array(array('link' => '?act=password', 'alt' => '修改密码')));
}
$get_admin = 'select `name`, `email`, `mobile`, `sex` from ' . $db->table('admin') . ' where `account` = \'' . $_SESSION['business_admin'] . '\'';
$get_admin .= ' and `business_account` = \'' . $_SESSION['business_account'] . '\' limit 1';
$admin = $db->fetchRow($get_admin);
assign('admin', $admin);
}
if ('password' == $act) {
}
$template .= $act . '.phtml';
$smarty->display($template);
$area_ids = $db->fetchAll($get_area_id);
$area_str = '';
foreach ($area_ids as $area) {
$area_str .= $area['id'] . ',';
}
$area_str = substr($area_str, 0, strlen($area_str) - 1);
//删除区域信息
$db->autoDelete('delivery_area', '`delivery_id`=' . $delivery_id);
//删除区域映射信息
$db->autoDelete('delivery_area_mapper', '`area_id` in (' . $area_str . ')');
show_system_message('卸载物流方式成功');
} else {
show_system_message('系统繁忙,请稍后再试');
}
} else {
show_system_message('插件已删除或不存在');
}
exit;
}
if ('view' == $act) {
$plugin_path = ROOT_PATH . 'plugins/express/';
$dir = dir($plugin_path);
$pattern = '/^[a-zA-Z]{1}[a-zA-Z0-9].*?\\.class\\.php$/';
$files = array();
while ($file = $dir->read()) {
if (preg_match($pattern, $file)) {
$files[] = $file;
}
}
foreach ($files as $file) {
include $plugin_path . $file;
$get_brand_list = 'select * from ' . $db->table('brand') . ' where 1 order by id asc';
$brand_list = $db->fetchAll($get_brand_list);
assign('brand_list', $brand_list);
$get_gallery_list = 'select * from ' . $db->table('gallery') . ' where product_sn = \'' . $product_sn . '\' order by order_view asc';
$gallery_list = $db->fetchAll($get_gallery_list);
assign('gallery_list', $gallery_list);
}
if ('reject' == $act) {
if (!check_purview('pur_product_exam', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$id = intval(getGET('id'));
if (0 >= $id) {
show_system_message('参数错误', array());
exit;
}
$get_product = 'select * from ' . $db->table('product') . ' where id = \'' . $id . '\' and status = 2 limit 1';
$product = $db->fetchRow($get_product);
if (empty($product)) {
show_system_message('产品不存在', array(array('link' => 'product.php', 'alt' => '产品管理')));
exit;
}
if ($product['status'] == 5) {
show_system_message('产品已被删除', array(array('link' => 'product.php', 'alt' => '产品管理')));
exit;
}
assign('id', $id);
}
$template .= $act . '.phtml';
$smarty->display($template);
/**
* 后台文件初始化,检查是否已登陆,根据权限生成菜单,assign通用信息
* @author 王仁欢
* @date 2015-08-05
* @return void
*/
function back_base_init()
{
//是否已登陆
if (!check_admin_login()) {
show_system_message('请先登陆', array(array('link' => 'index.php', 'alt' => '登陆')));
exit;
}
$activeNav = get_active_nav();
$realMenus = create_menu();
if ($activeNav != 'main.php') {
$is_main = false;
} else {
$is_main = true;
}
global $menus;
$menuMark = array();
foreach ($menus as $key => $menu) {
if ($activeNav == $menu['url']) {
$menuMark['name'] = $realMenus[$menu['parent']]['key'];
$menuMark['count'] = $realMenus[$menu['parent']]['count'];
break;
}
}
assign('menuMark', $menuMark);
assign('is_main', $is_main);
assign('activeNav', $activeNav);
assign('pageTitle', '三级分销系统-管理后台');
assign('currentAdmin', $_SESSION['name']);
//待处理商户数量
global $db;
$get_business_exam_count = 'select count(*) from ' . $db->table('business') . ' where status = 1';
$business_exam_count = $db->fetchOne($get_business_exam_count);
$get_business_auth_count = 'select count(*) from ' . $db->table('auth') . ' where status = 0';
$business_auth_count = $db->fetchOne($get_business_auth_count);
$business_deal_count = $business_auth_count + $business_exam_count;
assign('business_deal_count', $business_deal_count);
//待处理产品数量
$get_product_exam_count = 'select count(*) from ' . $db->table('product') . ' where status = 2';
$product_exam_count = $db->fetchOne($get_product_exam_count);
assign('product_exam_count', $product_exam_count);
//待处理提现
$get_member_withdraw_deal_count = 'select count(*) from' . $db->table('withdraw') . ' where status = 0';
$member_withdraw_deal_count = $db->fetchOne($get_member_withdraw_deal_count);
$get_business_withdraw_deal_count = 'select count(*) from' . $db->table('business_withdraw') . ' where status = 0';
$business_withdraw_deal_count = $db->fetchOne($get_business_withdraw_deal_count);
$withdraw_deal_count = $member_withdraw_deal_count + $business_withdraw_deal_count;
//待处理充值
$get_recharge_deal_count = 'select count(*) from ' . $db->table('recharge') . ' where status = 2 and `type` = 1';
$recharge_deal_count = $db->fetchOne($get_recharge_deal_count);
$finance_count = $withdraw_deal_count + $recharge_deal_count;
assign('member_withdraw_count', $member_withdraw_deal_count);
assign('business_withdraw_count', $business_withdraw_deal_count);
assign('withdraw_deal_count', $withdraw_deal_count);
assign('recharge_deal_count', $recharge_deal_count);
assign('finance_count', $finance_count);
}
function sysmessage($message)
{
require libfile('function/sysmessage');
show_system_message($message);
}
}
if ('network' == $act) {
if (!check_purview('pur_member_network', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$account = trim(getGET('account'));
if ('' == $account) {
show_system_message('参数错误', array());
exit;
}
$account = $db->escape($account);
$get_member = 'select * from ' . $db->table('member') . ' where account = \'' . $account . '\' limit 1';
$member = $db->fetchRow($get_member);
if (empty($member)) {
show_system_message('会员不存在', array());
exit;
}
if ($member['parent_id'] != 0) {
$get_parent = 'select * from ' . $db->table('member') . ' where id = \'' . $member['parent_id'] . '\' limit 1';
$parent = $db->fetchRow($get_parent);
if ($parent['parent_id'] != 0) {
$get_grand = 'select * from ' . $db->table('member') . ' where id = \'' . $parent['parent_id'] . '\' limit 1';
$grand = $db->fetchRow($get_grand);
}
}
$data = array();
if (!empty($grand)) {
$data = array('name' => '二级推荐人-' . $grand['account'] . '-' . $grand['nickname'], 'account' => $grand['account'], 'parentId' => $grand['parent_id'], 'isParent' => true, 'open' => true);
$data['children'] = array(array('name' => '一级推荐人-' . $parent['account'] . '-' . $parent['nickname'], 'account' => $parent['account'], 'parentId' => $parent['parent_id'], 'isParent' => true, 'open' => true, 'children' => array(array('name' => $member['account'] . '-' . $member['nickname'], 'account' => $member['account'], 'parentId' => $member['parent_id'], 'isParent' => true))));
} else {
}
break;
default:
}
}
if ('view' == $act) {
if (!check_purview('pur_sysconf_view', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$getSysconf = 'select `key`,`name`,`type`,`value`, `remark`, `group` from `' . DB_PREFIX . 'sysconf` where `group`=\'config\' order by `group` asc';
$sysconf = $db->fetchAll($getSysconf);
assign('sysconf', $sysconf);
}
if ('edit' == $act) {
if (!check_purview('pur_sysconf_edit', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$key = getGET('key');
if ('' == $key) {
show_system_message('参数错误', array());
} else {
$getSysconf = 'select `key`,`name`,`type`,`value` from `' . DB_PREFIX . 'sysconf`';
$getSysconf .= ' where `key`=\'' . $key . '\'';
assign('conf', $db->fetchRow($getSysconf));
}
}
assign('act', $act);
$template .= $act . '.phtml';
$smarty->display($template);
$action = 'edit|add|view|delete|detail';
$operation = 'edit|add|export|send';
$act = check_action($action, getGET('act'));
$act = $act == '' ? 'view' : $act;
$opera = check_action($operation, getPOST('opera'));
//===========================================================================
if ($opera == 'send') {
$get_reward_list = 'select `account`,`reward`,`remark`,`type`,`id` from ' . $db->table('reward') . ' where `status`=1';
$reward_list = $db->fetchAll($get_reward_list);
foreach ($reward_list as $reward) {
if (member_account_change($reward['account'], 0, $reward['reward'], -1 * $reward['reward'], 0, 0, 0, $_SESSION['admin_account'], 4, $reward['remark'])) {
$reward_status = array('status' => 2, 'solve_time' => time());
$db->autoUpdate('reward', $reward_status, '`id`=' . $reward['id']);
}
}
show_system_message('奖金发放完毕');
}
if ($opera == 'export') {
$reward_id = getPOST('order_id');
$account = getGET('account');
$status = intval(getGET('status'));
$type = intval(getGET('type'));
$begin_time = getGET('begin_time');
$end_time = getGET('end_time');
$sql = 'select * from ' . $db->table('reward');
$where = ' where 1';
if ($reward_id != '') {
$reward_id = substr($reward_id, 0, strlen($reward_id) - 1);
$reward_id = $db->escape($reward_id);
$where .= ' and `id` in (' . $reward_id . ')';
} else {
assign('subTitle', '数据备份');
$action = 'edit|add|view|delete';
$operation = 'backup';
$act = check_action($action, getGET('act'));
$act = $act == '' ? 'view' : $act;
$opera = check_action($operation, getPOST('opera'));
if ('backup' == $opera) {
$respone = array('error' => 1, 'msg' => '');
$file = backup();
if ($file) {
$response['error'] = 0;
$response['msg'] = '备份成功<a href="' . $file . '">备份文件</a>';
show_system_message('备份成功');
} else {
$response['msg'] = '系统繁忙,请稍后再试';
show_system_message($response['msg']);
}
echo json_encode($response);
exit;
}
$files = array();
$dir = dir('backup');
$pattern = '/db-backup-\\d+/';
while ($path = $dir->read()) {
if (preg_match($pattern, $path)) {
$year = substr($path, 10, 4);
$month = substr($path, 14, 2);
$day = substr($path, 16, 2);
$date = $year . '-' . $month . '-' . $day;
$files[] = array('date' => $date, 'url' => $path);
}
$page = 0 >= $page ? 1 : $page;
create_pager($page, $total_page, $total);
assign('count', $count);
assign('keyword', $keyword);
$offset = ($page - 1) * $count;
$get_rule_list = 'select * from ' . $db->table('wx_rule') . ' where 1 ';
$get_rule_list .= $where;
$get_rule_list .= ' order by order_view asc, id desc';
$get_rule_list .= ' limit ' . $offset . ',' . $count;
$rule_list = $db->fetchAll($get_rule_list);
assign('rule_list', $rule_list);
}
if ('add' == $act) {
//获取资讯
$get_content_list = 'select `title`, `id` from ' . $db->table('content') . ' where status = 1 order by id desc';
$content_list = $db->fetchAll($get_content_list);
assign('content_list', $content_list);
}
if ('delete' == $act) {
$id = intval(getGET('id'));
if ($id <= 0) {
show_system_message('参数错误');
}
$get_response_id = 'select `response_id` from ' . $db->table('wx_rule') . ' where `id`=' . $id;
$response_id = $db->fetchOne($get_response_id);
$db->autoDelete('wx_rule', '`id`=' . $id);
$db->autoDelete('wx_response', '`id`=' . $response_id);
show_system_message('删除回复规则成功');
}
$template .= $act . '.phtml';
$smarty->display($template);
$error['account'] = '帐号不存在或被冻结';
}
} else {
$checkAccount = 'select `password`,`shop_name`,`status` from ' . $db->table('business') . ' where `business_account`=\'' . $account . '\' limit 1';
$business = $db->fetchRow($checkAccount);
if ($business) {
if ($business['status'] != 2) {
$error['account'] = '帐号不存在或被冻结';
} else {
if ($password == $business['password']) {
global $purview;
$_SESSION['business_shop_name'] = $business['shop_name'];
$_SESSION['business_account'] = $account;
$_SESSION['business_purview'] = json_encode($purview);
$_SESSION['business_admin'] = $account;
show_system_message('登录成功', array(array('alt' => '进入管理后台', 'link' => 'main.php')));
exit;
} else {
$error['password'] = '******';
}
}
} else {
$error['account'] = '账号不存在';
}
}
}
//忘记密码
if ('forget' == $opera) {
}
//登陆,默认
if ('login' == $act) {
show_system_message('已撤销删除', $links);
exit;
} else {
show_system_message('系统繁忙,请稍后再试', array());
exit;
}
}
//完全删除
if ('remove' == $act) {
if (!check_purview('pur_content_del', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$id = intval(getGET('id'));
if (0 >= $id) {
show_system_message('参数错误', array());
exit;
}
$id = intval($id);
$delete_content = 'delete from `' . DB_PREFIX . 'content` where `id`=' . $id . ' limit 1';
if ($db->delete($delete_content)) {
$links = array(array('alt' => '返回列表', 'link' => 'content.php'), array('alt' => '回收站', 'link' => 'content.php?act=cycle'));
show_system_message('已彻底删除', $links);
exit;
} else {
show_system_message('系统繁忙,请稍后再试', array());
exit;
}
}
$template .= $act . '.phtml';
$smarty->display($template);
exit;
}
$order_sn = $db->escape($order_sn);
$get_order = 'select a.*, p.province_name, city.city_name, d.district_name, g.group_name, e.name as express_name from ' . $db->table('order') . ' as a';
$get_order .= ' left join ' . $db->table('province') . ' as p on a.province = p.id';
$get_order .= ' left join ' . $db->table('city') . ' as city on a.city = city.id';
$get_order .= ' left join ' . $db->table('district') . ' as d on a.district = d.id';
$get_order .= ' left join ' . $db->table('group') . ' as g on a.group = g.id';
$get_order .= ' left join ' . $db->table('express') . ' as e on a.express_id = e.id';
$get_order .= ' where 1';
$get_order .= ' and order_sn = \'' . $order_sn . '\'';
$get_order .= ' and a.is_virtual = 0';
$get_order .= ' limit 1';
$order = $db->fetchRow($get_order);
if (empty($order)) {
show_system_message('订单不存在', array());
exit;
}
$order['add_time_str'] = $order['add_time'] ? date('Y-m-d H:i:s', $order['add_time']) : '';
$order['delivery_time_str'] = $order['delivery_time'] ? date('Y-m-d H:i:s', $order['delivery_time']) : '未发货';
$order['receive_time_str'] = $order['receive_time'] ? date('Y-m-d H:i:s', $order['receive_time']) : '未收货';
$order['pay_time_str'] = $order['pay_time'] ? date('Y-m-d H:i:s', $order['pay_time']) : '未支付';
$order['status_str'] = $status_str[$order['status']];
$get_order_detail = 'select o.*, p.img from ' . $db->table('order_detail') . ' as o';
$get_order_detail .= ' left join ' . $db->table('product') . ' as p on o.product_sn = p.product_sn';
$get_order_detail .= ' where 1';
$get_order_detail .= ' and o.order_sn = \'' . $order_sn . '\'';
$order_detail = $db->fetchAll($get_order_detail);
assign('order', $order);
assign('order_detail', $order_detail);
}
