if ($rt['sright']['rmbprice'] <= 0) { Showmsg('undefined_action'); } //* include_once pwCache::getPath(D_P.'data/bbscache/ol_config.php'); pwCache::getData(D_P . 'data/bbscache/ol_config.php'); if (!$ol_onlinepay) { Showmsg($ol_whycolse); } $grouptitle = $rt['grouptitle']; $order_no = '1' . str_pad($winduid, 10, "0", STR_PAD_LEFT) . get_date($timestamp, 'YmdHis') . num_rand(5); $db->update("INSERT INTO pw_clientorder SET " . S::sqlSingle(array('order_no' => $order_no, 'type' => 3, 'uid' => $winduid, 'paycredit' => $gid, 'price' => $rt['sright']['rmbprice'], 'number' => $days, 'date' => $timestamp, 'state' => 0, 'extra_1' => $options))); if (!$ol_payto) { Showmsg('olpay_alipayerror'); } require_once R_P . 'require/onlinepay.php'; $olpay = new OnlinePay($ol_payto); ObHeader($olpay->alipayurl($order_no, round($rt['sright']['rmbprice'] * $days, 2), 3)); } if (md5($pwpwd) != $mb['password']) { Showmsg('password_error'); } if ($rt['sright']['sellprice'] <= 0) { Showmsg('undefined_action'); } $needcur = $days * $rt['sright']['sellprice']; $cur = $credit->get($winduid, $rt['sright']['selltype']); if ($cur === false) { Showmsg('numerics_checkfailed'); } if ($cur < $needcur) { Showmsg('noenough_currency');
if ($method == 1) { if (!$ol_paypal || !$ol_paypalcode) { Showmsg('olpay_paypalerror'); } $url = "https://www.paypal.com/cgi-bin/webscr?"; $para = array('cmd' => '_xclick', 'invoice' => $order_no, 'business' => $ol_paypal, 'item_name' => getLangInfo('olpay', "olpay_0_title", array('order_no' => $order_no)), 'item_number' => 'phpw*', 'amount' => $number, 'no_shipping' => 0, 'no_note' => 1, 'currency_code' => 'CNY', 'bn' => 'phpwind', 'charset' => $db_charset); foreach ($para as $key => $value) { $url .= $key . "=" . urlencode($value) . "&"; } ObHeader($url); } elseif ($method == 2) { if (!$ol_payto) { Showmsg('olpay_alipayerror'); } require_once R_P . 'require/onlinepay.php'; $olpay = new OnlinePay($ol_payto); ObHeader($olpay->alipayurl($order_no, $number, 0)); } elseif ($method == 3) { //fix by noizy if (!$ol_99bill || !$ol_99billcode) { Showmsg('olpay_pay99error'); } strlen($ol_99bill) == 11 && ($ol_99bill .= '01'); //require_once(R_P.'require/header.php'); !$db_rmbrate && ($db_rmbrate = 10); $para = array('inputCharset' => $db_charset == 'gbk' ? 2 : 1, 'pageUrl' => "{$db_bbsurl}/pay99bill.php", 'version' => 'v2.0', 'language' => 1, 'signType' => 1, 'merchantAcctId' => $ol_99bill, 'payerName' => $windid, 'orderId' => $order_no, 'orderAmount' => $number * 100, 'orderTime' => get_date($timestamp, 'YmdHis'), 'productName' => getLangInfo('other', 'userpay_content'), 'productNum' => $number * $db_rmbrate, 'payType' => '00', 'redoFlag' => 1); $signMsg = $inputMsg = ''; foreach ($para as $key => $value) { $value = trim($value); if (strlen($value) > 0) { $signMsg .= "{$key}={$value}&";
Showmsg('undefined_action'); } //* include_once pwCache::getPath(D_P.'data/bbscache/ol_config.php'); pwCache::getData(D_P . 'data/bbscache/ol_config.php'); if (!$ol_onlinepay) { procUnLock('tool_buy', $winduid); Showmsg($ol_whycolse); } $order_no = '1' . str_pad($winduid, 10, "0", STR_PAD_LEFT) . get_date($timestamp, 'YmdHis') . num_rand(5); $db->update("INSERT INTO pw_clientorder SET " . S::sqlSingle(array('order_no' => $order_no, 'type' => 1, 'uid' => $winduid, 'paycredit' => $id, 'price' => $toolinfo['rmb'], 'number' => $nums, 'date' => $timestamp, 'state' => 0))); if (!$ol_payto) { procUnLock('tool_buy', $winduid); Showmsg('olpay_alipayerror'); } require_once R_P . 'require/onlinepay.php'; $olpay = new OnlinePay($ol_payto); procUnLock('tool_buy', $winduid); ObHeader($olpay->alipayurl($order_no, $toolinfo['rmb'] * $nums, 1)); } if ($toolinfo['price'] < 0) { procUnLock('tool_buy', $winduid); Showmsg('undefined_action'); } $price = $toolinfo['price'] * $nums; !$toolinfo['creditype'] && ($toolinfo['creditype'] = 'currency'); if ($credit->get($winduid, $toolinfo['creditype']) < $price) { $creditname = $credit->cType[$toolinfo['creditype']]; if (array_key_exists($toolinfo['creditype'], $db_creditpay)) { procUnLock('tool_buy', $winduid); Showmsg('unenough_currency'); } else {
$db->update("UPDATE pw_trade SET salenum=salenum+" . $order['quantity'] . " WHERE tid=" . S::sqlEscape($order['tid'])); //$db->update("UPDATE pw_trade SET salenum=salenum+1 WHERE tid=".S::sqlEscape($order['tid'])); refreshto("apps.php?q=article&a=goods", 'operate_success'); } elseif ($action == 'pcalipay') { S::gp(array('tid', 'pcmid', 'pcid'), GP, 2); $pcvaluetable = GetPcatetable($pcid); $order = $db->get_one("SELECT pv.price,pv.deposit,pm.username,pm.nums,pm.phone,pm.mobile,pm.address,pm.ifpay,pm.totalcash,t.author,t.authorid,t.subject FROM pw_pcmember pm LEFT JOIN {$pcvaluetable} pv ON pm.tid=pv.tid LEFT JOIN pw_threads t ON pv.tid=t.tid WHERE pm.tid=" . S::sqlEscape($tid) . " AND pm.pcmid=" . S::sqlEscape($pcmid) . " AND pm.uid=" . S::sqlEscape($winduid)); $order['zip'] = '100000'; $order['tradeinfo'] = $db->get_value("SELECT tradeinfo FROM pw_memberinfo WHERE uid=" . S::sqlEscape($order['authorid'])); if (empty($order)) { Showmsg('data_error'); } if (!is_array($trade = unserialize($order['tradeinfo']))) { $trade = array(); } if ($order['ifpay'] > 0) { Showmsg('pcalipay_haspay'); } if (empty($trade['alipay'])) { Showmsg('onlinepay_alipay'); } //* include_once pwCache::getPath(D_P.'data/bbscache/ol_config.php'); pwCache::getData(D_P . 'data/bbscache/ol_config.php'); require_once R_P . 'require/onlinepay.php'; $olpay = new OnlinePay($trade['alipay']); $price = !ceil($order['deposit']) ? $order['price'] : $order['deposit']; $price = number_format($price, 2, '.', ''); $order_no = $pcmid . '_' . str_pad($winduid, 10, "0", STR_PAD_LEFT) . get_date($timestamp, 'YmdHis') . num_rand(5); $param = array('notify_url' => "{$db_bbsurl}/alipay.php?action=pcalipay", 'return_url' => "{$db_bbsurl}/alipay.php?action=pcalipay", 'subject' => $order['subject'], 'out_trade_no' => $order_no, 'price' => $price, 'quantity' => $order['nums'], 'payment_type' => 1, 'logistics_type' => 'EXPRESS', 'logistics_fee' => '0.00', 'logistics_payment' => 'SELLER_PAY', 'receive_name' => $order['username'], 'receive_address' => $order['address'], 'receive_zip' => $order['zip'], 'receive_phone' => $order['mobile']); ObHeader($olpay->alipay2url($param)); }
break; } } if ($e_check == 1) { Showmsg('请输入正确的电子邮箱地址!'); } } if (!preg_match('/^[a-z0-9\\-_\\.]{2,}@([a-z\\-0-9]+\\.)+[a-z]{2,3}$/i', $email)) { Showmsg('电子邮箱地址格式有误,请重新填写!'); } $db->update("INSERT INTO pw_clientorder SET " . S::sqlSingle(array('order_no' => $order_no, 'type' => 4, 'uid' => 0, 'price' => $inv_price, 'payemail' => $email, 'number' => $invnum, 'date' => $timestamp, 'state' => 0))); if (!$ol_payto) { Showmsg('olpay_alipayerror'); } require_once R_P . 'require/onlinepay.php'; $olpay = new OnlinePay($ol_payto); ObHeader($olpay->alipayurl($order_no, $invnum * $inv_price, 4, $db_registerfile)); } } elseif (GetGP('action', 'P') == 'auth') { /*实名认证获取验证码*/ InitGP('mobile'); $authService = L::loadClass('Authentication', 'user'); if ($_POST['step'] == '1') { $status = $authService->getverify('register', $mobile, ip2long($onlineip), false, 'register'); echo $status; } elseif ($_POST['step'] == '2') { InitGP('authverify'); $status = $authService->checkverify($mobile, ip2long($onlineip), $authverify); echo $status ? 0 : 5; } ajax_footer();
if ($buymethod) { if ($forumset['sellprice'][$date]['rprice'] <= 0) { Showmsg('undefined_action'); } //* include_once pwCache::getPath(D_P.'data/bbscache/ol_config.php'); pwCache::getData(D_P . 'data/bbscache/ol_config.php'); if (!$ol_onlinepay) { Showmsg($ol_whycolse); } $order_no = '1' . str_pad($winduid, 10, "0", STR_PAD_LEFT) . get_date($timestamp, 'YmdHis') . num_rand(5); $db->update("INSERT INTO pw_clientorder SET " . S::sqlSingle(array('order_no' => $order_no, 'type' => 2, 'uid' => $winduid, 'paycredit' => $fid, 'price' => $forumset['sellprice'][$date]['rprice'], 'number' => 1, 'date' => $timestamp, 'state' => 0, 'extra_1' => $date))); if (!$ol_payto) { Showmsg('olpay_alipayerror'); } require_once R_P . 'require/onlinepay.php'; $olpay = new OnlinePay($ol_payto); ObHeader($olpay->alipayurl($order_no, $forumset['sellprice'][$date]['rprice'], 2)); } if ($forumset['sellprice'][$date]['cprice'] <= 0) { Showmsg('undefined_action'); } if ($credit->get($winduid, $f['forumsell']) < $forumset['sellprice'][$date]['cprice']) { $creditname = pwCreditNames($f['forumsell']); Showmsg('forumsell_price'); } $credit->addLog('main_forumsell', array($f['forumsell'] => -$forumset['sellprice'][$date]['cprice']), array('uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'fname' => $forum[$fid]['name'], 'days' => $date)); $credit->set($winduid, $f['forumsell'], -$forumset['sellprice'][$date]['cprice']); $overdate = $timestamp + $date * 86400; $db->update("INSERT INTO pw_forumsell SET " . S::sqlSingle(array('fid' => $fid, 'uid' => $winduid, 'buydate' => $timestamp, 'overdate' => $overdate, 'credit' => $f['forumsell'], 'cost' => $forumset['sellprice'][$date]['cprice']), false)); refreshto("thread.php?fid={$fid}", 'operate_success'); }
$kmdService->updatePayLog($updatePayLog, $payLog['id']); $tmpMessageContent = array('username' => $windid, 'fid' => $fid, 'forumname' => $forumInfo->name, 'money' => $payLog['money']); if ($db_kmd_reviewperson) { $kmdReviewPerson = explode(',', $db_kmd_reviewperson); $kmdReviewPerson = array_unique(array_merge($kmdReviewPerson, $manager)); sendKmdMessages($kmdReviewPerson, array('kmd_review_title', array('username' => $windid)), array('kmd_review_content', $tmpMessageContent)); } sendKmdMessages(array($windid), array('kmd_review_user_title'), array('kmd_review_user_content', $tmpMessageContent)); $paytype != KMD_PAY_TYPE_ALIPAY && refreshto("{$basename}a=info", '您的支付信息已提交,请等待管理员确认支付!'); list($money, $payLogId) = array($payLog['money'], $payLog['id']); } $order_no = str_pad('0', 10, "0", STR_PAD_LEFT) . get_date($timestamp, 'YmdHis') . num_rand(5); $email = $winddb ? $winddb['email'] : ''; $db->update("REPLACE INTO pw_clientorder SET " . S::sqlSingle(array('order_no' => $order_no, 'type' => 5, 'uid' => $winduid, 'price' => $money, 'payemail' => $email, 'number' => 1, 'date' => $timestamp, 'state' => 0, 'extra_1' => $payLogId))); require_once R_P . 'require/onlinepay.php'; $olpay = new OnlinePay($ol_payto); ObHeader($olpay->alipayurl($order_no, $money, 5, "{$basename}a=info")); } } elseif ($a == 'addthread') { S::gp(array('originalaction', 'tpcurl')); S::gp(array('kid', 'threadid', 'originaltid'), 'GP', 2); $kid < 1 && kmdAjaxMessage('孔明灯不存在'); $kmdInfo = $kmdService->getKmdInfoByKid($kid); !$kmdInfo && kmdAjaxMessage('孔明灯不存在'); $kmdInfo['uid'] != $winduid && kmdAjaxMessage('您无权操作别人的孔明灯'); $kmdInfo['endtime'] <= $timestamp && kmdAjaxMessage('该孔明灯已过期'); if (!$action || $action == 'changethread' && !$originaltid) { $title = $content = $tid = ''; $getThreadUrl = $basename . 'a=getthread'; if ($action == 'changethread') { $threadCacheService = Perf::gatherCache('pw_threads');
$num = $rt['number']; $email = $rt['payemail']; require_once PrintHack('index'); footer(); } $db->Update("UPDATE pw_clientorder SET " . pwSqlSingle(array('order_no' => $order_no, 'number' => $invnum)) . ' WHERE id=' . pwEscape($rt['id'])); } else { $db->update("INSERT INTO pw_clientorder SET " . pwSqlSingle(array('order_no' => $order_no, 'type' => 4, 'uid' => 0, 'price' => $inv_price, 'payemail' => $email, 'number' => $invnum, 'date' => $timestamp, 'state' => 0))); } switch ($method) { case 2: if (!$ol_payto) { Showmsg('olpay_alipayerror'); } require_once R_P . 'require/onlinepay.php'; $olpay = new OnlinePay($ol_payto); ObHeader($olpay->alipayurl($order_no, $invnum * $inv_price, 4)); break; case 4: if (!$ol_tenpay || !$ol_tenpaycode) { Showmsg('olpay_tenpayerror'); } $strBillDate = get_date($timestamp, 'Ymd'); $strSpBillNo = substr($order_no, -10); $strTransactionId = $ol_tenpay . $strBillDate . $strSpBillNo; $db->update("UPDATE pw_clientorder SET order_no=" . pwEscape($strTransactionId) . "WHERE order_no=" . pwEscape($order_no)); $url = "http://pay.phpwind.net/pay/create_payurl.php?"; $para = array('cmdno' => '1', 'date' => $strBillDate, 'bargainor_id' => $ol_tenpay, 'transaction_id' => $strTransactionId, 'sp_billno' => $strSpBillNo, 'total_fee' => $invnum * $inv_price * 100, 'bank_type' => 0, 'fee_type' => 1, 'return_url' => "{$db_bbsurl}/hack.php?H_name=invite&action=tenpay", 'attach' => 'my_magic_string'); $arg = ''; foreach ($para as $key => $value) { if ($value) {