/**
* 生成一个新的订单
*
* @param $sid 服务(商品)编号
* @param $amount 服务(商品)价格,如果不指定则使用数据库中记录的价格
* @return 成功返回订单信息数组,包含 uid, email, orderid 等信息,失败返回 false
*/
function order_new($sid, $amount = -1)
{
$user = user_isonline();
if ($user === false) {
vpn_log('User is not online, cant create new order');
return false;
}
$sid = (int) $sid;
$sql = "SELECT * FROM service WHERE id={$sid}";
$res = db_query($sql);
if ($res == false || db_num_rows($res) == 0) {
vpn_log('No such service id: ' . $sid);
return false;
}
$arr = db_fetch_array($res);
$ts = time(NULL);
$uid = $user['id'];
if ($amount < 0) {
$amount = $arr['price'];
/// 数据库中的金额单位是(分)
}
$sql = "INSERT INTO `order` (uid, createtime, amount, serviceid) VALUES ({$uid}, {$ts}, {$amount}, {$sid})";
$res = db_query($sql);
if ($res === false) {
return false;
}
$user['orderid'] = db_insert_id();
return $user;
}
function account_main()
{
global $smarty;
$user = user_isonline();
$vpn = vpn_list($user['id']);
foreach ($vpn as $key => $value) {
$arr = vpn_accountstat_monthly($value['username']);
$arr['inbandstr'] = size2readable($arr['in']);
$arr['outbandstr'] = size2readable($arr['out']);
$arr['usedbandstr'] = size2readable($arr['in'] + $arr['out']);
$arr['availbandstr'] = size2readable($value['trafficquota'] - $arr['in'] - $arr['out']);
if ($value['trafficquota'] > 0) {
$arr['percentused'] = sprintf('%.0f', round(($arr['in'] + $arr['out']) * 100 / $value['trafficquota']));
} else {
$arr['percentused'] = '100+';
}
$arr['onlinetimestr'] = time2readable($arr['sessiontime']);
$vpn[$key]['totalbandstr'] = size2readable($value['trafficquota']);
$vpn[$key]['validfromstr'] = strftime('%Y-%m-%d %H:%M', $vpn[$key]['validfrom']);
$vpn[$key]['validtostr'] = strftime('%Y-%m-%d %H:%M', $vpn[$key]['validto']);
$vpn[$key]['daysleft'] = ceil(($vpn[$key]['validto'] - time()) / 86400);
$vpn[$key]['stat_monthly'] = $arr;
$vpn[$key]['password'] = htmlspecialchars($vpn[$key]['password']);
}
$smarty->assign('vpns', $vpn);
$smarty->display('account.html');
}
/**
* 请求一笔 PayPal 付款
*
* @param $orderid 唯一的订单号
* @param $amount 金额,单位(元)
* @return PayPal 返回的 NVP,失败返回 false
*/
function paypal_new_payment($orderid, $amount)
{
$amtstr = '';
if ($orderid == '') {
vpn_log('Invalid argument: $orderid == ""');
return false;
}
$user = user_isonline();
if ($user === false) {
vpn_log('User must be logined before payment');
return false;
}
/// 发送请求
$amtstr = sprintf('%0.2f', $amount);
$arr = paypal_nvp_request(array('method' => 'SetExpressCheckout', 'paymentrequest_0_amt' => $amtstr, 'paymentrequest_n_currencycode' => CURRENCY_CODE, 'reqconfirmshipping' => '0', 'noshipping' => '1', 'allownote' => '0', 'returnurl' => PAYPAL_RETURNURL . '?orderid=' . $orderid, 'cancelurl' => SITE_BASE . "order_preview.php?id={$orderid}"));
if ($res === false) {
return false;
}
$ack = strtolower($arr['ack']);
if ($ack != 'success' && $ack != 'successwithwarning') {
vpn_log('Fail to open a new order with PayPal: ' . print_r($arr, true));
return false;
}
$token = $arr['token'];
if ($token == '') {
vpn_log('PayPal return empty token while opening a new order');
return false;
}
return $arr;
}
function pass_save()
{
global $smarty;
$user = user_isonline();
$oldpass = @$_POST['oldpass'];
$pass = @$_POST['loginpass'];
$pass2 = @$_POST['loginpass2'];
if ($pass == '') {
pass_main(_('Please enter new password'));
return false;
}
if ($pass != $pass2) {
pass_main(_('New password does not match'));
return false;
}
if (user_encrypt($oldpass) != $user['loginpass']) {
pass_main(_('Current password is not correct'));
return false;
}
$ret = user_passwd($user['id'], $pass);
if ($ret !== true) {
vpn_log($ret);
pass_main(_("<p>{$ret}</p>" . '<p>There is an error occur, please contact us for help if you need.</p>'));
return false;
}
$smarty->assign('tip_title', _('Successed'));
$smarty->assign('tip_msg', _('Login password successfully changed'));
$smarty->assign('redirect_url', 'account.php');
$smarty->display('tip.html');
}
function payment_main()
{
$user = user_isonline();
if ($user === false) {
payment_die(_('Please login before checkout'));
}
$sid = @$_GET['serviceid'];
$sid = (int) $sid;
$sql = "SELECT * FROM service WHERE id={$sid}";
$res = db_query($sql);
if ($res == false || db_num_rows($res) == 0) {
payment_die(_('We have no this service'));
}
$arr = db_fetch_array($res);
$orderarr = order_new($sid);
if ($orderarr == false) {
payment_die(_('Checkout fail, please contact us for help'));
}
/// 使用 PayPal 进行支付
$ret = paypal_new_payment($orderarr['orderid'], $amount);
if ($ret == false) {
payment_die(_('Checkout fail, please contact us for help'));
}
payment_redirect(PAYPAL_REDIRECTURL . '?token=' . $ret['token']);
}
function account_pay($name, $pass, $serviceid)
{
global $smarty;
$user = user_isonline();
/// 如果账户余额足够,则直接扣款并继续操作;如果余额不足则显示付款页面,并在付款后继续操作
$amt = vpn_afford($serviceid, $user['email']);
$services = db_quick_fetch('service', "WHERE id={$serviceid}");
if (count($services) <= 0) {
vpn_log("Error: No such service id: {$serviceid}");
}
$service = $services[0];
/// 创建订单
$order = null;
if ($amt < 0) {
$order = order_new($serviceid, abs($amt));
} else {
$order = order_new($serviceid);
}
if ($order === false) {
vpn_log("Can not create order({$serviceid}, {$amt})");
$smarty->assign('tip_title', _('An error occur'));
$smarty->assign('tip_msg', _('Can not create order, please contact us for help'));
$smarty->display('tip.html');
die;
}
/// 向 order 表中增加 VPN 帐号信息
$qname = addslashes($name);
$vpns = db_quick_fetch('vpnaccount', "WHERE username='******'");
if (count($vpns) <= 0) {
vpn_log("No VPN username `{$name}' in vpnaccount table");
}
db_quick_update('order', "WHERE id={$order['orderid']}", array('vpnid' => $vpns[0]['id']));
if ($amt < 0) {
/// 余额不足时,显示付款页面,并在付款成功后继续开通帐号操作
//$smarty->assign('amount', abs($amt));
//$smarty->assign('service', $service);
$url = "order_preview.php?id={$order['orderid']}";
header("Location: {$url}");
$smarty->assign('redirect_url', $url);
$smarty->assign('tip_title', _('Redirect'));
$smarty->assign('tip_msg', _('Redirecting...'));
$smarty->display('tip.html');
die;
}
/// 3. 账户余额足够,开通帐号
//print_r($name);
//print_r($service);
vpn_renew($name, $service['duration'], $service['radiusgroup']);
/// 4. 发货(扣款)
order_delivery($order['orderid']);
$smarty->assign('tip_title', _('Success'));
$smarty->assign('tip_msg', _('Thank you for purchase, now you can go to My Account page to view you VPN account'));
$smarty->assign('redirect_url', 'account.php');
$smarty->display('tip.html');
}
<?php
require_once 'includes/header.php';
require_once 'includes/order.lib.php';
require_once 'includes/vpn.php';
$aid = @$_GET['vpnid'];
$aid = (int) $aid;
$user = user_isonline();
if ($user === false) {
renew_error(_('You have to login before renew your VPN account'));
die;
}
$accounts = db_quick_fetch('vpnaccount', "WHERE id={$aid} AND uid={$user['id']}");
if (count($accounts) <= 0) {
renew_error(_('VPN account not exists'));
die;
}
$account = $accounts[0];
$services = db_quick_fetch('service', "WHERE id IN (SELECT serviceid FROM (SELECT DISTINCT serviceid FROM `order` WHERE NOT ISNULL(paidtime) AND vpnid={$account['id']} ORDER BY id DESC LIMIT 1) AS t)");
if (count($services) <= 0) {
vpn_log("Could not find correlate service id for vpnaccount id {$account['id']}");
renew_error(_('Can not renew, please contact us for help'));
die;
}
$service = $services[0];
$amt = vpn_afford($service['id'], $user['email']);
/// 开始支付过程
if ($amt <= 0) {
$order = order_new($service['id'], -$amt);
} else {
$order = order_new($service['id']);
foreach ($LANGUAGE_ORDER as $key => $value) {
if (stristr($langstr, $value) !== false) {
$language = $value;
break;
}
}
putenv("LANG={$language}");
setlocale(LC_ALL, $language . '.utf8');
/// 使用 `locale -a` 命令来查看服务器支持的本地化语言
$path = BASEPATH . LOCALE_DIR;
$domain = "messages";
bindtextdomain($domain, $path);
textdomain($domain);
bind_textdomain_codeset($domain, 'UTF-8');
/// Assign online user variables
if ($ret = user_isonline()) {
$smarty->assign('user', $ret);
}
/// Assign default variables
$smarty->assign('css', array());
$smarty->assign('js', array());
$smarty->assign('support_email', SUPPORT_EMAIL);
$smarty->assign('SERVER_NAME', $_SERVER['SERVER_NAME']);
$smarty->assign('SITE_NAME', SITE_NAME);
$smarty->assign('INVITECODE_ENABLED', INVITECODE_ENABLED);
$smarty->assign('CURRENCY_SYMBOL', CURRENCY_SYMBOL);
$smarty->assign('DISPLAY_PPTP', DISPLAY_PPTP);
$smarty->assign('DISPLAY_L2TP', DISPLAY_L2TP);
$smarty->assign('DISPLAY_SSH', DISPLAY_SSH);
?>
/**
* 当前登录用户是否是管理员
*
* @return TRUE 或 FALSE
*/
function user_isadmin()
{
$user = user_isonline();
if ($user === FALSE) {
return false;
}
$res = db_quick_fetch('admin', "WHERE uid={$user['id']}");
if (count($res) == 1) {
return true;
} else {
return false;
}
}
