Example #1
0
function addslashes_deep($value, $htmlspecialchars = false)
{
    if (empty($value)) {
        return $value;
    } else {
        if (is_array($value)) {
            foreach ($value as $key => $v) {
                unset($value[$key]);
                if ($htmlspecialchars == true) {
                    $key = addslashes(htmlspecialchars($key));
                } else {
                    $key = addslashes($key);
                }
                if (is_array($v)) {
                    $value[$key] = addslashes_deep($v);
                } else {
                    if ($htmlspecialchars == true) {
                        $value[$key] = addslashes(htmlspecialchars($v));
                    } else {
                        $value[$key] = addslashes($v);
                    }
                }
            }
        } else {
            if ($htmlspecialchars == true) {
                $value = addslashes(htmlspecialchars($value));
            } else {
                $value = addslashes($value);
            }
        }
        return $value;
    }
}
Example #2
0
 private function _initialize()
 {
     //初始化设置
     @ini_set('memory_limit', '64M');
     @ini_set('session.cache_expire', 180);
     @ini_set('session.use_cookies', 1);
     @ini_set('session.auto_start', 0);
     @ini_set('display_errors', 1);
     @ini_set("arg_separator.output", "&");
     @ini_set('include_path', '.;' . BASE_PATH);
     //加载系统常量和函数库
     require BASE_PATH . 'base/constant.php';
     require BASE_PATH . 'base/function.php';
     //对用户传入的变量进行转义操作
     if (!get_magic_quotes_gpc()) {
         if (!empty($_GET)) {
             $_GET = addslashes_deep($_GET);
         }
         if (!empty($_POST)) {
             $_POST = addslashes_deep($_POST);
         }
         $_COOKIE = addslashes_deep($_COOKIE);
         $_REQUEST = addslashes_deep($_REQUEST);
     }
     //创建 ECSHOP 对象
     self::$ecs = new EcsEcshop(C('DB_NAME'), C('DB_PREFIX'));
     //初始化数据库类
     self::$db = new EcsMysql(C('DB_HOST'), C('DB_USER'), C('DB_PWD'), C('DB_NAME'));
     //创建错误处理对象
     self::$err = new EcsError('message.dwt');
     //载入系统参数
     C('CFG', model('Base')->load_config());
 }
Example #3
0
function addslashes_deep(&$var)
{
    if (is_array($var)) {
        foreach ($var as $k => &$v) {
            addslashes_deep($v);
        }
    } else {
        $var = addslashes($var);
    }
}
Example #4
0
function addslashes_deep($var)
{
    if (is_array($var)) {
        foreach ($var as $k => $v) {
            $var[$k] = addslashes_deep($v);
        }
        return $var;
    } else {
        return addslashes($var);
    }
}
Example #5
0
/**
 * 将对象成员变量或者数组的特殊字符进行转义
 *
 * @access   public
 * @param    mix        $obj      对象或者数组
 * @author   Xuan Yan
 *
 * @return   mix                  对象或者数组
 */
function addslashes_deep_obj($obj)
{
    if (is_object($obj) == true) {
        foreach ($obj as $key => $val) {
            $obj->{$key} = addslashes_deep($val);
        }
    } else {
        $obj = addslashes_deep($obj);
    }
    return $obj;
}
 /**
  * Show OcsLink of an item
  *
  * @param $item CommonDBTM object
  *
  * @return nothing
  **/
 static function showForItem(CommonDBTM $item)
 {
     global $DB, $LANG;
     if (in_array($item->getType(), array('Computer'))) {
         $items_id = $item->getField('id');
         $query = "SELECT `glpi_ocslinks`.`tag` AS tag\n                   FROM `glpi_ocslinks`\n                   WHERE `glpi_ocslinks`.`computers_id` = '{$items_id}' " . getEntitiesRestrictRequest("AND", "glpi_ocslinks");
         $result = $DB->query($query);
         if ($DB->numrows($result) > 0) {
             $data = $DB->fetch_assoc($result);
             $data = clean_cross_side_scripting_deep(addslashes_deep($data));
             echo "<div class='center'>";
             echo "<table class='tab_cadre_fixe'>";
             echo "<tr><th>" . $LANG['ocsng'][0] . "</th>";
             echo "<tr class='tab_bg_2'>";
             echo "<td class='center'>" . $LANG['ocsconfig'][39] . "&nbsp;: " . $data['tag'] . "</td></tr>";
         }
     }
 }
Example #7
0
 /**
  * 转换数据为HTML代码
  * @param array $data
  */
 private static function arr_to_html($data)
 {
     if (is_array($data)) {
         $str = 'array(';
         foreach ($data as $key => $val) {
             if (is_array($val)) {
                 $str .= "'{$key}'=>" . self::arr_to_html($val) . ",";
             } else {
                 if (strpos($val, '$') === 0) {
                     $str .= "'{$key}'=>{$val},";
                 } else {
                     $str .= "'{$key}'=>'" . addslashes_deep($val) . "',";
                 }
             }
         }
         return $str . ')';
     }
     return false;
 }
Example #8
0
 function startup($config = array())
 {
     /* 加载初始化文件 */
     require ROOT_PATH . '/eccore/controller/app.base.php';
     //基础控制器类
     require ROOT_PATH . '/eccore/model/model.base.php';
     //模型基础类
     if (!empty($config['external_libs'])) {
         foreach ($config['external_libs'] as $lib) {
             require $lib;
         }
     }
     /* 数据过滤 */
     if (!get_magic_quotes_gpc()) {
         $_GET = addslashes_deep($_GET);
         $_POST = addslashes_deep($_POST);
         $_COOKIE = addslashes_deep($_COOKIE);
     }
     /* 请求转发 */
     $default_app = $config['default_app'] ? $config['default_app'] : 'default';
     $default_act = $config['default_act'] ? $config['default_act'] : 'index';
     $app = isset($_REQUEST['app']) ? trim($_REQUEST['app']) : $default_app;
     $act = isset($_REQUEST['act']) ? trim($_REQUEST['act']) : $default_act;
     $app_file = $config['app_root'] . "/{$app}.app.php";
     if (!is_file($app_file)) {
         exit('Missing controller');
     }
     require $app_file;
     define('APP', $app);
     define('ACT', $act);
     $app_class_name = ucfirst($app) . 'App';
     /* 实例化控制器 */
     $app = new $app_class_name();
     c($app);
     $app->do_action($act);
     //转发至对应的Action
     $app->destruct();
 }
Example #9
0
 /**
  * 检查cookie
  *
  * @access  public
  * @param
  *
  * @return void
  */
 function check_cookie()
 {
     if (empty($_COOKIE['bbuserid']) || empty($_COOKIE['bbpassword'])) {
         return '';
     }
     $user_id = intval($_COOKIE['bbuserid']);
     $bbpassword = addslashes_deep($_COOKIE['bbpassword']);
     $row = $this->db->getRow("SELECT " . $this->field_name . " AS user_name, " . $this->field_pass . " As password " . " FROM " . $this->table($this->user_table) . " WHERE " . $this->field_id . "='{$user_id}'");
     if (empty($row)) {
         return '';
     }
     if ($bbpassword != md5($row['password'] . $this->cookie_salt)) {
         return '';
     }
     if ($this->charset != 'UTF8') {
         $row['user_name'] = ecs_iconv($this->charset, 'UTF8', $row['user_name']);
     }
     return $row['user_name'];
 }
Example #10
0
    error_reporting(0);
}
if (isset($config['TIME_LIMIT'])) {
    set_time_limit($config['TIME_LIMIT']);
}
if (isset($config['TIMEZONE'])) {
    date_default_timezone_set($config['TIMEZONE']);
}
define('PHP_NAME', substr(strrchr($_SERVER['SCRIPT_NAME'], '/'), 1));
define('PHP_PATH', str_replace(PHP_NAME, '', $_SERVER['SCRIPT_NAME']));
define('CORE_PATH', str_replace('\\', '/', dirname(__FILE__)));
require CORE_PATH . '/core.php';
if (!get_magic_quotes_gpc()) {
    !empty($_GET) && ($_GET = addslashes_deep($_GET));
    !empty($_POST) && ($_POST = addslashes_deep($_POST));
    !empty($_COOKIE) && ($_COOKIE = addslashes_deep($_COOKIE));
}
if (isset($_REQUEST['session_id'])) {
    session_id(trim($_REQUEST['session_id']));
}
session_start();
$router = array();
if (file_exists(APP_PATH . 'router.php')) {
    $router = (include APP_PATH . 'router.php');
}
$_uri = router($router);
define('MODULE', $_uri['module']);
define('ACTION', $_uri['action']);
require CORE_PATH . '/db.php';
$db = new db();
if (isset($config['DB_DRIVER'])) {
Example #11
0
function action_act_edit_surplus()
{
    $user = $GLOBALS['user'];
    $_CFG = $GLOBALS['_CFG'];
    $_LANG = $GLOBALS['_LANG'];
    $smarty = $GLOBALS['smarty'];
    $db = $GLOBALS['db'];
    $ecs = $GLOBALS['ecs'];
    $user_id = $_SESSION['user_id'];
    /* 检查是否登录 */
    if ($_SESSION['user_id'] <= 0) {
        ecs_header("Location: ./\n");
        exit;
    }
    /* 检查订单号 */
    $order_id = intval($_POST['order_id']);
    if ($order_id <= 0) {
        ecs_header("Location: ./\n");
        exit;
    }
    /* 检查余额 */
    $surplus = floatval($_POST['surplus']);
    if ($surplus <= 0) {
        $err->add($_LANG['error_surplus_invalid']);
        $err->show($_LANG['order_detail'], 'user.php?act=order_detail&order_id=' . $order_id);
    }
    include_once ROOT_PATH . 'includes/lib_order.php';
    /* 取得订单 */
    $order = order_info($order_id);
    if (empty($order)) {
        ecs_header("Location: ./\n");
        exit;
    }
    /* 检查订单用户跟当前用户是否一致 */
    if ($_SESSION['user_id'] != $order['user_id']) {
        ecs_header("Location: ./\n");
        exit;
    }
    /* 检查订单是否未付款,检查应付款金额是否大于0 */
    if ($order['pay_status'] != PS_UNPAYED || $order['order_amount'] <= 0) {
        $err->add($_LANG['error_order_is_paid']);
        $err->show($_LANG['order_detail'], 'user.php?act=order_detail&order_id=' . $order_id);
    }
    /* 计算应付款金额(减去支付费用) */
    $order['order_amount'] -= $order['pay_fee'];
    /* 余额是否超过了应付款金额,改为应付款金额 */
    if ($surplus > $order['order_amount']) {
        $surplus = $order['order_amount'];
    }
    /* 取得用户信息 */
    $user = user_info($_SESSION['user_id']);
    /* 用户帐户余额是否足够 */
    if ($surplus > $user['user_money'] + $user['credit_line']) {
        $err->add($_LANG['error_surplus_not_enough']);
        $err->show($_LANG['order_detail'], 'user.php?act=order_detail&order_id=' . $order_id);
    }
    /* 修改订单,重新计算支付费用 */
    $order['surplus'] += $surplus;
    $order['order_amount'] -= $surplus;
    if ($order['order_amount'] > 0) {
        $cod_fee = 0;
        if ($order['shipping_id'] > 0) {
            $regions = array($order['country'], $order['province'], $order['city'], $order['district']);
            $shipping = shipping_area_info($order['shipping_id'], $regions);
            if ($shipping['support_cod'] == '1') {
                $cod_fee = $shipping['pay_fee'];
            }
        }
        $pay_fee = 0;
        if ($order['pay_id'] > 0) {
            $pay_fee = pay_fee($order['pay_id'], $order['order_amount'], $cod_fee);
        }
        $order['pay_fee'] = $pay_fee;
        $order['order_amount'] += $pay_fee;
    }
    /* 如果全部支付,设为已确认、已付款 */
    if ($order['order_amount'] == 0) {
        if ($order['order_status'] == OS_UNCONFIRMED) {
            $order['order_status'] = OS_CONFIRMED;
            $order['confirm_time'] = gmtime();
        }
        $order['pay_status'] = PS_PAYED;
        $order['pay_time'] = gmtime();
    }
    $order = addslashes_deep($order);
    update_order($order_id, $order);
    /* 更新用户余额 */
    $change_desc = sprintf($_LANG['pay_order_by_surplus'], $order['order_sn']);
    log_account_change($user['user_id'], -1 * $surplus, 0, 0, 0, $change_desc);
    /* 跳转 */
    ecs_header('Location: user.php?act=order_detail&order_id=' . $order_id . "\n");
    exit;
}
 /**
  * Transfer network links
  *
  * @param $itemtype original type of transfered item
  * @param $ID original ID of the item
  * @param $newID new ID of the item
  * @param $ocs_computer if computer type OCS ID of the item if available
  **/
 function transferNetworkLink($itemtype, $ID, $newID, $ocs_computer = false)
 {
     global $DB;
     $np = new NetworkPort();
     $nn = new NetworkPort_NetworkPort();
     $query = "SELECT *\n                FROM `glpi_networkports`\n                WHERE `items_id` = '{$ID}'\n                      AND `itemtype` = '{$itemtype}'";
     if ($result = $DB->query($query)) {
         if ($DB->numrows($result) != 0) {
             switch ($this->options['keep_networklink']) {
                 // Delete netport
                 case 0:
                     // Not a copy -> delete
                     if ($ID == $newID) {
                         while ($data = $DB->fetch_array($result)) {
                             $np->delete(array('id' => $data['id']));
                         }
                         // Only case of ocs link update is needed (if netports are keep nothing to do)
                         if ($ocs_computer) {
                             $query = "UPDATE `glpi_ocslinks`\n                                  SET `import_ip` = NULL\n                                  WHERE `computers_id` = '{$ID}'";
                             $DB->query($query);
                         }
                     }
                     // Copy -> do nothing
                     break;
                     // Disconnect
                 // Disconnect
                 case 1:
                     // Not a copy -> disconnect
                     if ($ID == $newID) {
                         while ($data = $DB->fetch_array($result)) {
                             if ($nn->getFromDBForNetworkPort($data['id'])) {
                                 $nn->delete($data);
                             }
                             if ($data['netpoints_id']) {
                                 $netpointID = $this->transferDropdownNetpoint($data['netpoints_id']);
                                 $input['id'] = $data['id'];
                                 $input['netpoints_id'] = $netpointID;
                                 $np->update($input);
                             }
                         }
                     } else {
                         // Copy -> copy netports
                         while ($data = $DB->fetch_array($result)) {
                             $data = addslashes_deep($data);
                             unset($data['id']);
                             $data['items_id'] = $newID;
                             $data['netpoints_id'] = $this->transferDropdownNetpoint($data['netpoints_id']);
                             unset($np->fields);
                             $np->add($data);
                         }
                     }
                     break;
                     // Keep network links
                 // Keep network links
                 default:
                     // Copy -> Copy netpoints (do not keep links)
                     if ($ID != $newID) {
                         while ($data = $DB->fetch_array($result)) {
                             unset($data['id']);
                             $data['items_id'] = $newID;
                             $data['netpoints_id'] = $this->transferDropdownNetpoint($data['netpoints_id']);
                             unset($np->fields);
                             $np->add($data);
                         }
                     } else {
                         while ($data = $DB->fetch_array($result)) {
                             // Not a copy -> only update netpoint
                             if ($data['netpoints_id']) {
                                 $netpointID = $this->transferDropdownNetpoint($data['netpoints_id']);
                                 $input['id'] = $data['id'];
                                 $input['netpoints_id'] = $netpointID;
                                 $np->update($input);
                             }
                         }
                     }
             }
         }
     }
 }
Example #13
0
require ROOT_PATH . 'includes/cls_error.php';
require ROOT_PATH . 'includes/lib_time.php';
require ROOT_PATH . 'includes/lib_base.php';
require ROOT_PATH . 'includes/lib_common.php';
require ROOT_PATH . ADMIN_PATH . '/includes/lib_main.php';
require ROOT_PATH . ADMIN_PATH . '/includes/cls_exchange.php';
/* 对用户传入的变量进行转义操作。*/
if (!get_magic_quotes_gpc()) {
    if (!empty($_GET)) {
        $_GET = addslashes_deep($_GET);
    }
    if (!empty($_POST)) {
        $_POST = addslashes_deep($_POST);
    }
    $_COOKIE = addslashes_deep($_COOKIE);
    $_REQUEST = addslashes_deep($_REQUEST);
}
/* 对路径进行安全处理 */
if (strpos(PHP_SELF, '.php/') !== false) {
    ecs_header("Location:" . substr(PHP_SELF, 0, strpos(PHP_SELF, '.php/') + 4) . "\n");
    exit;
}
/* 创建 ECSHOP 对象 */
$ecs = new ECS($db_name, $prefix);
define('DATA_DIR', $ecs->data_dir());
define('IMAGE_DIR', $ecs->image_dir());
/* 初始化数据库类 */
require ROOT_PATH . 'includes/cls_mysql.php';
$db = new cls_mysql($db_host, $db_user, $db_pass, $db_name);
$db_host = $db_user = $db_pass = $db_name = NULL;
/* 创建错误处理对象 */
Example #14
0
     // 关联文章
     $sql = "DELETE FROM " . $ecs->table('goods_article') . " WHERE goods_id = 0 AND admin_id = '{$_SESSION['admin_id']}'";
     $db->query($sql);
     $sql = "SELECT 0 AS goods_id, article_id, '{$_SESSION['admin_id']}' AS admin_id " . "FROM " . $ecs->table('goods_article') . " WHERE goods_id = '{$_REQUEST['goods_id']}' ";
     $res = $db->query($sql);
     while ($row = $db->fetchRow($res)) {
         $db->autoExecute($ecs->table('goods_article'), $row, 'INSERT');
     }
     // 图片不变
     // 商品属性
     $sql = "DELETE FROM " . $ecs->table('goods_attr') . " WHERE goods_id = 0";
     $db->query($sql);
     $sql = "SELECT 0 AS goods_id, attr_id, attr_value, attr_price " . "FROM " . $ecs->table('goods_attr') . " WHERE goods_id = '{$_REQUEST['goods_id']}' ";
     $res = $db->query($sql);
     while ($row = $db->fetchRow($res)) {
         $db->autoExecute($ecs->table('goods_attr'), addslashes_deep($row), 'INSERT');
     }
 }
 // 扩展分类
 $other_cat_list = array();
 $sql = "SELECT cat_id FROM " . $ecs->table('goods_cat') . " WHERE goods_id = '{$_REQUEST['goods_id']}'";
 $goods['other_cat'] = $db->getCol($sql);
 foreach ($goods['other_cat'] as $cat_id) {
     $other_cat_list[$cat_id] = cat_list(0, $cat_id);
 }
 $smarty->assign('other_cat_list', $other_cat_list);
 $link_goods_list = get_linked_goods($goods['goods_id']);
 // 关联商品
 $group_goods_list = get_group_goods($goods['goods_id']);
 // 配件
 $goods_article_list = get_goods_articles($goods['goods_id']);
Example #15
0
    $db->autoExecute($ecs->table('users'), $other, 'UPDATE', "user_name = '{$username}'");
    /* 记录管理员操作 */
    admin_log($username, 'edit', 'users');
    /* 提示信息 */
    $links[0]['text'] = $_LANG['goto_list'];
    $links[0]['href'] = 'users.php?act=list&' . list_link_postfix();
    $links[1]['text'] = $_LANG['go_back'];
    $links[1]['href'] = 'javascript:history.back()';
    sys_msg($_LANG['update_success'], 0, $links);
} elseif ($_REQUEST['act'] == 'batch_remove') {
    /* 检查权限 */
    admin_priv('users_drop');
    if (isset($_POST['checkboxes'])) {
        $sql = "SELECT user_name FROM " . $ecs->table('users') . " WHERE user_id " . db_create_in($_POST['checkboxes']);
        $col = $db->getCol($sql);
        $usernames = implode(',', addslashes_deep($col));
        $count = count($col);
        /* 通过插件来删除用户 */
        $users =& init_users();
        $users->remove_user($col);
        admin_log($usernames, 'batch_remove', 'users');
        $lnk[] = array('text' => $_LANG['go_back'], 'href' => 'users.php?act=list');
        sys_msg(sprintf($_LANG['batch_remove_success'], $count), 0, $lnk);
    } else {
        $lnk[] = array('text' => $_LANG['go_back'], 'href' => 'users.php?act=list');
        sys_msg($_LANG['no_select_user'], 0, $lnk);
    }
} elseif ($_REQUEST['act'] == 'edit_username') {
    /* 检查权限 */
    check_authz_json('users_manage');
    $username = empty($_REQUEST['val']) ? '' : json_str_iconv(trim($_REQUEST['val']));
Example #16
0
 /**
  * 检查cookie
  *
  * @access  public
  * @param
  *
  * @return void
  */
 function check_cookie()
 {
     if (isset($_COOKIE[$this->cookie_prefix . 'auth'])) {
         $arr = addslashes_deep(explode("\t", $this->authcode($_COOKIE[$this->cookie_prefix . 'auth'], 'DECODE')));
         if (count($arr) != 3) {
             return false;
         } else {
             list($discuz_pw, $discuz_secques, $discuz_uid) = $arr;
         }
         $sql = "SELECT " . $this->field_name . " AS user_name" . " FROM " . $this->table($this->user_table) . " WHERE " . $this->field_id . " = '{$discuz_uid}' AND " . $this->field_pass . " = '{$discuz_pw}'";
         $username = $this->db->getOne($sql);
         if ($username && $this->charset != 'UTF8') {
             $username = ecs_iconv($this->charset, 'UTF8', $username);
         }
         return $username;
     } else {
         return '';
     }
 }
Example #17
0
 /**
  * 检查cookie
  *
  * @access  public
  * @param
  *
  * @return void
  */
 function check_cookie()
 {
     if (empty($_COOKIE[$this->cookie_prefix . 'userid']) || empty($_COOKIE[$this->cookie_prefix . 'password'])) {
         return '';
     }
     $user_id = intval($_COOKIE[$this->cookie_prefix . 'userid']);
     $true_password = addslashes_deep($_COOKIE[$this->cookie_prefix . 'password']);
     $sql = "SELECT  " . $this->field_name . " AS user_name " . " FROM " . $this->table($this->user_table) . " WHERE " . $this->field_id . "='{$user_id}' AND truepassword='******'";
     $username = $this->db->getOne($sql);
     if (empty($username)) {
         return '';
     }
     if ($this->charset != 'UTF8') {
         $username = ecs_iconv($this->charset, 'UTF8', $username);
     }
     return $username;
 }
Example #18
0
require ROOT_PATH . 'data/config.php';
require ROOT_PATH . 'includes/lib_common.php';
require ROOT_PATH . 'includes/cls_mysql.php';
/* 兼容ECShopV2.5.1版本载入库文件 */
if (!function_exists('addslashes_deep')) {
    require ROOT_PATH . 'includes/lib_base.php';
}
require CLIENT_PATH . 'includes/lib_api.php';
// API库文件
require CLIENT_PATH . 'includes/lib_struct.php';
// 结构库文件
// json类文件
require ROOT_PATH . 'includes/cls_json.php';
/* 对用户传入的变量进行转义操作。*/
if (!get_magic_quotes_gpc()) {
    $_COOKIE = addslashes_deep($_COOKIE);
}
/* 兼容ECShopV2.5.1版本 */
if (!defined('EC_CHARSET')) {
    define('EC_CHARSET', 'utf-8');
}
/* 初始化JSON对象 */
$json = new JSON();
/* 分析JSON数据 */
parse_json($json, $_POST['Json']);
/* 初始化包含文件 */
require ROOT_PATH . 'includes/inc_constant.php';
require ROOT_PATH . 'includes/cls_ecshop.php';
require ROOT_PATH . 'includes/lib_time.php';
require ROOT_PATH . 'includes/lib_main.php';
require ROOT_PATH . 'includes/lib_insert.php';
Example #19
0
<?php

define('IN_ECS', true);
require dirname(__FILE__) . '/includes/init.php';
if ($_REQUEST['act'] == 'bar_code') {
    $res = array('req_msg' => true, 'timeout' => 2000);
    $goods_id = intval($_REQUEST['id']);
    $bar_code = addslashes_deep($_REQUEST['value']);
    $sql_update = 'UPDATE ' . $GLOBALS['ecs']->table('goods') . " SET bar_code='{$bar_code}' WHERE goods_id={$goods_id}";
    if ($GLOBALS['db']->query($sql_update)) {
        $res['id'] = $goods_id;
        $res['code'] = 1;
        $res['message'] = '条形码已经保存成功!';
        $res['bar_code'] = $bar_code;
    } else {
        $res['code'] = 2;
        $res['id'] = $goods_id;
        $res['message'] = '条形码保存失败,请稍后再试!';
    }
    die($json->encode($res));
}
Example #20
0
 /**
  * 从csv文件导入
  *
  * @param string $filename 文件名
  * @param bool $header 是否有标题行,如果有标题行,从第二行开始读数据
  * @param string $from_charset 源编码
  * @param string $to_charset 目标编码
  * @param string $delimiter 分隔符
  * @return array
  */
 function import_from_csv($filename, $header = true, $from_charset = '', $to_charset = '', $delimiter = ',')
 {
     if ($from_charset && $to_charset && $from_charset != $to_charset) {
         $need_convert = true;
         import('iconv.lib');
         $iconv = new Chinese(ROOT_PATH . '/');
     } else {
         $need_convert = false;
     }
     $data = array();
     $handle = fopen($filename, "r");
     while (($row = fgetcsv($handle, 100000, $delimiter)) !== FALSE) {
         if ($need_convert) {
             foreach ($row as $key => $col) {
                 $row[$key] = $iconv->Convert($from_charset, $to_charset, $col);
             }
         }
         $data[] = $row;
     }
     fclose($handle);
     if ($header && $data) {
         array_shift($data);
     }
     return addslashes_deep($data);
 }
Example #21
0
File: phpbb.php Project: jzx0802/ec
 /**
  * 检查cookie
  *
  * @access  public
  * @param
  *
  * @return void
  */
 function check_cookie()
 {
     if (empty($_COOKIE[$this->cookie_prefix . '_data']) || empty($_COOKIE[$this->cookie_prefix . '_sid'])) {
         return '';
     }
     /* 序列化cookie,取得用户信息 */
     $cookie_data = addslashes_deep(@unserialize(stripslashes_deep($_COOKIE[$this->cookie_prefix . '_data'])));
     $cookie_session_id = addslashes_deep(trim($_COOKIE[$this->cookie_prefix . '_sid']));
     if (empty($cookie_data['userid']) || empty($cookie_data['autologinid'])) {
         return '';
     }
     $sql = "SELECT " . $this->field_name . " FROM " . $this->table('sessions') . " AS s " . " LEFT JOIN " . $this->table($this->user_table) . " AS u ON s.session_user_id = u.user_id" . " WHERE session_id = '{$cookie_session_id}' AND session_user_id = '{$cookie_data['userid']}'";
     $username = $this->db->getOne($sql);
     if (empty($username)) {
         return '';
     } else {
         if ($this->charset != 'UTF8') {
             $username = ecs_iconv($this->charset, 'UTF8', $username);
         }
         return $username;
     }
 }
Example #22
0
/**
 * 顾客购买力分级列表
 */
function user_buy_list()
{
    $request = addslashes_deep($_REQUEST);
    // 默认查询条件
    $filter['amount'] = empty($_REQUEST['amount']) ? 500 : floatval($_REQUEST['amount']);
    // 自定义查询条件
    $filter['user_name'] = empty($request['user_name']) ? '' : trim($request['user_name']);
    $filter['sex'] = empty($request['sex']) ? '' : intval($request['sex']);
    $filter['mobile_phone'] = empty($request['mobile_phone']) ? '' : $request['mobile_phone'];
    $filter['home_phone'] = empty($request['home_phone']) ? '' : $request['home_phone'];
    $filter['admin_id'] = empty($request['admin_id']) ? '' : intval($request['admin_id']);
    $filter['eff_id'] = empty($request['eff_id']) ? '' : intval($request['eff_id']);
    $filter['type_id'] = empty($request['type_id']) ? '' : intval($request['type_id']);
    $filter['from_where'] = empty($request['from_where']) ? '' : intval($request['from_where']);
    // 查询条件链
    foreach ($filter as $key => $val) {
        if (!empty($val)) {
            if ($key == 'type') {
                $condition .= "&{$key}=" . urlencode($val);
                continue;
            }
            $condition .= "&{$key}={$val}";
        }
    }
    $filter['page_size'] = empty($request['page_size']) ? 20 : intval($request['page_size']);
    $filter['page'] = empty($request['page']) ? 1 : intval($request['page']);
    $ex_where = '';
    // 查询条件
    // 顾客姓名
    if ($filter['user_name']) {
        $ex_where .= " AND u.user_name LIKE '%{$filter['user_name']}%' ";
    }
    // 性别
    if ($filter['sex']) {
        $ex_where .= " AND u.sex={$filter['sex']} ";
    }
    // 手机号码
    if ($filter['mobile_phone']) {
        $ex_where .= " AND u.mobile_phone={$filter['mobile_phone']} ";
    }
    // 固话
    if ($filter['home_phone']) {
        $ex_where .= " AND u.home_phone={$filter['home_phone']} ";
    }
    // QQ
    if ($filter['qq']) {
        $ex_where .= " AND u.qq={$filter['qq']} ";
    }
    // 旺旺
    if ($filter['aliww']) {
        $ex_where .= " AND u.aliww='{$filter['aliww']}' ";
    }
    // 客服
    if (admin_priv('user_buy_list', '', false) && $filter['admin_id']) {
        $ex_where .= " AND u.admin_id={$filter['admin_id']} ";
    } elseif (!admin_priv('all', '', false)) {
        $ex_where .= " AND u.admin_id={$_SESSION['admin_id']} ";
    }
    // 功效
    if ($filter['eff_id']) {
        $ex_where .= " AND u.eff_id={$filter['eff_id']} ";
    }
    // 来源
    if ($filter['from_where']) {
        $ex_where .= " AND u.from_where={$filter['from_where']} ";
    }
    // 累计消费金额
    switch ($filter['amount']) {
        case 500:
            $ex_where .= " AND p.final_amount<500 ";
            break;
        case 1000:
            $ex_where .= " AND p.final_amount<1000 AND p.final_amount>=500";
            break;
        case 1500:
            $ex_where .= " AND p.final_amount<1500 AND p.final_amount>=1000";
            break;
        case 5000:
            $ex_where .= " AND p.final_amount<5000 AND p.final_amount>=1500";
            break;
        case 5001:
            $ex_where .= " AND p.final_amount>5000 ";
            break;
    }
    $sql_select = 'SELECT COUNT(*) FROM ' . $GLOBALS['ecs']->table('users') . ' u LEFT JOIN ' . $GLOBALS['ecs']->table('purchasing_power') . " p ON u.user_id=p.user_id WHERE 1 {$ex_where} ";
    $record_count = $GLOBALS['db']->getOne($sql_select);
    $page = break_pages($record_count, $filter['page_size'], $filter['page']);
    $sql_select = 'SELECT u.user_id,u.user_name,u.sex,u.add_time,u.service_time,u.admin_name,u.remarks FROM ' . $GLOBALS['ecs']->table('users') . ' u LEFT JOIN ' . $GLOBALS['ecs']->table('purchasing_power') . " p ON p.user_id=u.user_id WHERE 1 {$ex_where} LIMIT " . ($filter['page'] - 1) * $filter['page_size'] . ', ' . $filter['page_size'];
    $user_list = $GLOBALS['db']->getAll($sql_select);
    foreach ($user_list as &$val) {
        $val['add_time'] = date('Y-m-d', $val['add_time']);
        $val['service_time'] = date('Y-m-d', $val['service_time']);
    }
    $arr = array('user_list' => $user_list, 'filter' => $filter, 'page_count' => $page['page_count'], 'record_count' => $record_count, 'page_size' => $filter['page_size'], 'page' => $filter['page'], 'page_set' => $page['page_set'], 'condition' => $condition, 'start' => $page['start'], 'end' => $page['end']);
    return $arr;
}
Example #23
0
 /**
  * 检查cookie
  *
  * @access  public
  * @param
  *
  * @return void
  */
 function check_cookie()
 {
     $cookie_name = substr(md5($this->db_sitehash), 0, 5) . '_winduser';
     if (!isset($_COOKIE[$cookie_name])) {
         return '';
     }
     $arr = addslashes_deep(explode("\t", $this->code_string($_COOKIE[$cookie_name], 'DECODE')));
     if (count($arr) != 3) {
         return false;
     }
     list($user_id, $salt_probe) = $arr;
     $sql = "SELECT " . $this->field_id . " AS user_id, " . $this->field_name . " As user_name, " . $this->field_pass . " AS password " . " FROM " . $this->table($this->user_table) . " WHERE " . $this->field_id . " = '{$user_id}'";
     $row = $this->db->getRow($sql);
     if (!$row) {
         return '';
     }
     $salt = md5($_SERVER["HTTP_USER_AGENT"] . $row['password'] . $this->db_hash);
     if ($salt != $salt_probe) {
         return '';
     }
     return $row['user_name'];
 }
 function index($cid = 0, $page = 0, $rs = array())
 {
     $rt = $this->Cache->read(3600);
     if (is_null($rt)) {
         if (empty($_GET['encode'])) {
             if (isset($_GET['keyword']) && !empty($_GET['keyword']) && !in_array($_GET['keyword'], array('is_promote', 'is_best', 'is_new', 'is_hot', 'is_qianggou'))) {
                 $string = array_merge($_GET, $_POST);
                 $string['search_encode_time'] = time();
                 $string = str_replace('+', '%2b', base64_encode(serialize($string)));
                 header("Location: " . get_url('商品中心', $cid, ROOT_URL . "costume.php", 'goodscate', array($this->__module)) . "?encode={$string}\n");
                 exit;
             }
         } else {
             $string = base64_decode(trim($_GET['encode']));
             if ($string !== false) {
                 $string = unserialize($string);
             } else {
                 $string = array();
             }
             $_GET = $_REQUEST = array_merge($_REQUEST, addslashes_deep($string));
         }
         $cid = isset($_GET['cid']) && intval($_GET['cid']) > 0 ? intval($_GET['cid']) : 439;
         $bid = isset($_GET['bid']) && intval($_GET['bid']) > 0 ? intval($_GET['bid']) : 0;
         $price = isset($_GET['price']) ? $_GET['price'] : "";
         $keyword = isset($_GET['keyword']) ? trim($_GET['keyword']) : "";
         $list = 40;
         //每页显示
         if (!(preg_match('/^.*$/u', $keyword) > 0)) {
             $keyword = Import::gz_iconv()->ec_iconv('GB2312', 'UTF8', $keyword);
         }
         $page = isset($_GET['page']) && intval($_GET['page']) > 0 ? intval($_GET['page']) : 1;
         //当前分类的基本信息
         if ($cid > 0) {
             $sql = "SELECT * FROM `{$this->App->prefix()}goods_cate` WHERE cat_id='{$cid}' LIMIT 1";
             $rt['cateinfo'] = $this->App->findrow($sql);
             if (empty($rt['cateinfo'])) {
                 $this->action('common', 'show404tpl');
             }
         } else {
             $rt['cateinfo'] = array('keywords' => '商品中心');
         }
         //start 当前位置
         $rt['hear'] = array();
         $perend_id = 0;
         //$hear[] = '<a href="'.SITE_URL.'">首页</a>';
         if ($cid > 0) {
             $hear[] = '<a class="allcate" href="' . get_url('全部分类', 0, SITE_URL . "costume.php", 'goodscate', array('costume', 'index')) . '">全部分类</a>';
             $rts_ = $this->get_goods_parent_cats($cid);
             //父类ID
             $rts = Import::basic()->array_sort($rts_, 'cat_id');
             //根据cat_id排序
             if (!empty($rts)) {
                 $perend_id = $rts[count($rts) - 1]['cat_id'];
                 foreach ($rts as $rows) {
                     $hear[] = '<a href="' . get_url($rows['cat_name'], $rows['cat_id'], "costume.php?cid=" . $rows["cat_id"], 'goodscate', array('costume', 'index', $rows['cat_id'])) . '">' . $rows['cat_name'] . '</a>';
                 }
             }
             unset($rts, $rts_);
         } elseif (!empty($keyword)) {
             $perend_id = -1;
             $hear[] = '<a class="allcate" href="' . SITE_URL . 'costume.php">全部分类</a>';
             switch ($keyword) {
                 case 'is_hot':
                     //	$hear[] = '<a href="'.SITE_URL.'hotproduct/">热销商品</a>';   look注释
                     $hear[] = '热销商品';
                     break;
                 case 'is_new':
                     //	$hear[] = '<a href="'.SITE_URL.'newproduct/">新品推荐</a>';
                     $hear[] = '新品推荐';
                     break;
                 case 'is_best':
                     //	$hear[] = '<a href="'.SITE_URL.'bestproduct/">精品推荐</a>';
                     $hear[] = '精品推荐';
                     break;
                 case 'is_promote':
                     //	$hear[] = '<a href="'.SITE_URL.'promote/">促销商品</a>';
                     $hear[] = '促销商品';
                     break;
                 case 'is_qianggou':
                     //	$hear[] = '<a href="'.SITE_URL.'promote/">限时抢购</a>';
                     $hear[] = '限时抢购';
                     break;
                 default:
                     $hear[] = '<a href="javascript:;">商品搜索</a>';
                     $hear[] = '<a href="' . SITE_URL . 'costume.php?keyword=' . $keyword . '">' . $keyword . '</a>';
                     break;
             }
         } elseif (!empty($price)) {
             $perend_id = -1;
             $hear[] = '<a class="allcate" href="' . get_url('全部分类', 0, SITE_URL . "costume.php", 'goodscate', array('catalog', 'index')) . '">全部分类</a>';
             $hear[] = '<a href="javascript:;">价格商品</a>';
         } else {
             $perend_id = -1;
             $hear[] = '<a class="allcate" href="' . get_url('全部分类', 0, SITE_URL . "costume.php", 'goodscate', array('catalog', 'index')) . '">全部分类</a>';
         }
         if (!empty($hear)) {
             $rt['hear'] = implode('&nbsp;&gt;&nbsp;', $hear);
         } else {
             $rt['hear'] = "";
         }
         unset($hear);
         //end 当前位置
         //商品分类列表
         $rt['menu_show'] = array();
         if ($cid > 0) {
             $rt['menu_show'] = $this->get_goods_cate_tree($cid);
             if (empty($rt['menu_show'])) {
                 $c = $this->App->findvar("SELECT parent_id FROM `{$this->App->prefix()}goods_cate` WHERE cat_id='{$cid}'");
                 $rt['menu_show'] = $this->get_goods_cate_tree($c);
             }
         }
         $rt['brandlist'] = $this->action('brand', 'get_brand_list');
         //子分类CID
         $sub_cids = $this->get_goods_sub_cat_ids($cid);
         //$rt['promote_goods'] = $this->recommend_goods(4,'is_promote',array('cid'=>$sub_cids,'perend_id'=>$perend_id,'keyword'=>$keyword));
         //$rt['qianggou_goods'] = $this->recommend_goods(28,'is_qianggou',array('cid'=>$sub_cids,'perend_id'=>$perend_id,'keyword'=>$keyword));
         //热卖前10个商品
         //$rt['top10'] = $this->top10($sub_cids,4);
         //商品分类属性
         $sql = "SELECT distinct tb1.attr_value,tb1.attr_id,tb2.attr_name,tb2.attr_keys  FROM `{$this->App->prefix()}goods_attr` AS tb1";
         $sql .= " LEFT JOIN `{$this->App->prefix()}attribute` AS tb2 ON tb1.attr_id = tb2.attr_id LEFT JOIN `{$this->App->prefix()}goods` AS g ON g.goods_id=tb1.goods_id WHERE g.cat_id IN(" . implode(',', $sub_cids) . ")";
         $attr = $this->App->find($sql);
         $rt['attr'] = array();
         if (!empty($attr)) {
             foreach ($attr as $row) {
                 $rt['attr'][$row['attr_id']][] = $row;
             }
             unset($attr);
         }
         //排序
         //定义能够排序的字段
         $order = array('sort_order', 'cat_id', 'goods_id', 'click_count', 'brand_id', 'shop_price', 'market_price', 'promote_price', 'is_on_sale', 'is_best', 'is_new', 'is_hot', 'is_promote', 'sale_count', 'add_time', 'last_update');
         $orderby = "";
         if (isset($_GET['desc'])) {
             if (in_array($_GET['desc'], $order)) {
                 $orderby = ' ORDER BY g.' . $_GET['desc'] . ' DESC';
             }
             $order_type = trim($_GET['desc']);
             $sort_type = 'DESC';
         } else {
             if (isset($_GET['asc'])) {
                 if (in_array($_GET['asc'], $order)) {
                     $orderby = ' ORDER BY g.' . $_GET['asc'] . ' ASC';
                 }
                 $order_type = trim($_GET['asc']);
                 $sort_type = 'ASC';
             } else {
                 $orderby = ' ORDER BY g.sort_order ASC , g.goods_id DESC ';
                 $order_type = 'sort_order';
                 $sort_type = 'ASC';
             }
         }
         //分页
         if (empty($page)) {
             $page = 1;
         }
         $rt['thiscid'] = $cid;
         $rt['thisbid'] = $bid;
         $rt['price'] = $price;
         $rt['page'] = $page;
         $rt['sort'] = $sort_type;
         $rt['order'] = $order_type;
         $rt['limit'] = $list;
         //条件
         $comd = array('cid' => $cid, 'bid' => $bid, 'price' => $price, 'keyword' => $keyword, array());
         //需要的话继续增加
         $list = intval($list) > 0 ? intval($list) : 10;
         //每页显示多少个
         $start = ($page - 1) * $list;
         $tt = $this->App->__get_goods_count_category($comd);
         //获取商品的数量
         $rt['goods_count'] = $tt;
         $rt['categoodspage'] = Import::basic()->ajax_page($tt, $list, $page, 'get_categoods_page_list', array($cid, $bid, $price, $order_type, $sort_type, $list, $attr));
         $rt['categoodslist'] = $this->App->__get_categoods_list_category($comd, $orderby, $start, $list);
         //商品列表
         if (!isset($_COOKIE['DISPLAY_TYPE']) || empty($_COOKIE['DISPLAY_TYPE']) || !in_array($_COOKIE['DISPLAY_TYPE'], array('list', 'text'))) {
             $rt['display'] = 'text';
         } else {
             $rt['display'] = $_COOKIE['DISPLAY_TYPE'];
         }
         if (!empty($rt['cateinfo']['cat_name'])) {
             $rt['infoname'] = $pcat_name . $rt['cateinfo']['cat_name'];
         } elseif (!empty($rt['brandinfo']['brand_name'])) {
             $rt['infoname'] = $rt['brandinfo']['brand_name'];
         } elseif (!empty($keyword)) {
             switch ($keyword) {
                 case 'is_hot':
                     $rt['infoname'] = "热销商品专区";
                     $rt['cateinfo']['cat_title'] = "流行热销商品-热销排行榜";
                     break;
                 case 'is_new':
                     $rt['infoname'] = "新品推荐";
                     $rt['cateinfo']['cat_title'] = "新品促销专区";
                     break;
                 case 'is_best':
                     $rt['infoname'] = "精品推荐";
                     $rt['cateinfo']['cat_title'] = "精选商品-%100满意";
                     break;
                 case 'is_promote':
                     $rt['infoname'] = "促销商品专区";
                     $rt['cateinfo']['cat_title'] = "促销商品,机会不容错过,最低一折起";
                     break;
                 default:
                     $rt['infoname'] = "商品搜索";
                     $rt['cateinfo']['cat_title'] = "商品查找-商品搜索";
                     break;
             }
         } elseif (!empty($price)) {
             $rt['infoname'] = $price . '价格商品';
         } else {
             $rt['cateinfo']['cat_title'] = "商品分类列表";
             $rt['infoname'] = '最新供应';
         }
         //商品评论
         //$rt['allcommentlist'] = $this->action('product','get_comment_list',0,0,6);
         //相关品牌
         //$rt['relatebrand'] = $this->get_relate_cate_brand($sub_cids);
         $this->Cache->write($rt);
     }
     //设置页面meta cat_title
     $title = !empty($rt['cateinfo']['cat_title']) ? htmlspecialchars($rt['cateinfo']['cat_title']) : htmlspecialchars($rt['cateinfo']['cat_name']);
     $this->title($title . ' - ' . $GLOBALS['LANG']['site_name']);
     $this->meta("title", $title);
     $this->meta("keywords", htmlspecialchars($rt['cateinfo']['keywords']));
     $this->meta("description", htmlspecialchars($rt['cateinfo']['cat_desc']));
     $this->set('rt', $rt);
     $this->template('goods_category');
 }
Example #25
0
/**
 * 合并订单
 * @param   string  $from_order_sn  从订单号
 * @param   string  $to_order_sn    主订单号
 * @return  成功返回true,失败返回错误信息
 */
function merge_order($from_order_sn, $to_order_sn)
{
    /* 订单号不能为空 */
    if (trim($from_order_sn) == '' || trim($to_order_sn) == '') {
        return $GLOBALS['_LANG']['order_sn_not_null'];
    }
    /* 订单号不能相同 */
    if ($from_order_sn == $to_order_sn) {
        return $GLOBALS['_LANG']['two_order_sn_same'];
    }
    /* 取得订单信息 */
    $from_order = order_info(0, $from_order_sn);
    $to_order = order_info(0, $to_order_sn);
    /* 检查订单是否存在 */
    if (!$from_order) {
        return sprintf($GLOBALS['_LANG']['order_not_exist'], $from_order_sn);
    } elseif (!$to_order) {
        return sprintf($GLOBALS['_LANG']['order_not_exist'], $to_order_sn);
    }
    /* 检查合并的订单是否为普通订单,非普通订单不允许合并 */
    if ($from_order['extension_code'] != '' || $to_order['extension_code'] != 0) {
        return $GLOBALS['_LANG']['merge_invalid_order'];
    }
    /* 检查订单状态是否是已确认或未确认、未付款、未发货 */
    if ($from_order['order_status'] != OS_UNCONFIRMED && $from_order['order_status'] != OS_CONFIRMED) {
        return sprintf($GLOBALS['_LANG']['os_not_unconfirmed_or_confirmed'], $from_order_sn);
    } elseif ($from_order['pay_status'] != PS_UNPAYED) {
        return sprintf($GLOBALS['_LANG']['ps_not_unpayed'], $from_order_sn);
    } elseif ($from_order['shipping_status'] != SS_UNSHIPPED) {
        return sprintf($GLOBALS['_LANG']['ss_not_unshipped'], $from_order_sn);
    }
    if ($to_order['order_status'] != OS_UNCONFIRMED && $to_order['order_status'] != OS_CONFIRMED) {
        return sprintf($GLOBALS['_LANG']['os_not_unconfirmed_or_confirmed'], $to_order_sn);
    } elseif ($to_order['pay_status'] != PS_UNPAYED) {
        return sprintf($GLOBALS['_LANG']['ps_not_unpayed'], $to_order_sn);
    } elseif ($to_order['shipping_status'] != SS_UNSHIPPED) {
        return sprintf($GLOBALS['_LANG']['ss_not_unshipped'], $to_order_sn);
    }
    /* 检查订单用户是否相同 */
    if ($from_order['user_id'] != $to_order['user_id']) {
        return $GLOBALS['_LANG']['order_user_not_same'];
    }
    /* 合并订单 */
    $order = $to_order;
    $order['order_id'] = '';
    $order['add_time'] = gmtime();
    // 合并商品总额
    $order['goods_amount'] += $from_order['goods_amount'];
    // 合并折扣
    $order['discount'] += $from_order['discount'];
    if ($order['shipping_id'] > 0) {
        // 重新计算配送费用
        $weight_price = order_weight_price($to_order['order_id']);
        $from_weight_price = order_weight_price($from_order['order_id']);
        $weight_price['weight'] += $from_weight_price['weight'];
        $weight_price['amount'] += $from_weight_price['amount'];
        $weight_price['number'] += $from_weight_price['number'];
        $region_id_list = array($order['country'], $order['province'], $order['city'], $order['district']);
        $shipping_area = shipping_area_info($order['shipping_id'], $region_id_list);
        $order['shipping_fee'] = shipping_fee($shipping_area['shipping_code'], unserialize($shipping_area['configure']), $weight_price['weight'], $weight_price['amount'], $weight_price['number']);
        // 如果保价了,重新计算保价费
        if ($order['insure_fee'] > 0) {
            $order['insure_fee'] = shipping_insure_fee($shipping_area['shipping_code'], $order['goods_amount'], $shipping_area['insure']);
        }
    }
    // 重新计算包装费、贺卡费
    if ($order['pack_id'] > 0) {
        $pack = pack_info($order['pack_id']);
        $order['pack_fee'] = $pack['free_money'] > $order['goods_amount'] ? $pack['pack_fee'] : 0;
    }
    if ($order['card_id'] > 0) {
        $card = card_info($order['card_id']);
        $order['card_fee'] = $card['free_money'] > $order['goods_amount'] ? $card['card_fee'] : 0;
    }
    // 红包不变,合并积分、余额、已付款金额
    $order['integral'] += $from_order['integral'];
    $order['integral_money'] = value_of_integral($order['integral']);
    $order['surplus'] += $from_order['surplus'];
    $order['money_paid'] += $from_order['money_paid'];
    // 计算应付款金额(不包括支付费用)
    $order['order_amount'] = $order['goods_amount'] - $order['discount'] + $order['shipping_fee'] + $order['insure_fee'] + $order['pack_fee'] + $order['card_fee'] - $order['bonus'] - $order['integral_money'] - $order['surplus'] - $order['money_paid'];
    // 重新计算支付费
    if ($order['pay_id'] > 0) {
        // 货到付款手续费
        $cod_fee = $shipping_area ? $shipping_area['pay_fee'] : 0;
        $order['pay_fee'] = pay_fee($order['pay_id'], $order['order_amount'], $cod_fee);
        // 应付款金额加上支付费
        $order['order_amount'] += $order['pay_fee'];
    }
    /* 插入订单表 */
    do {
        $order['order_sn'] = get_order_sn();
        if ($GLOBALS['db']->autoExecute($GLOBALS['ecs']->table('order_info'), addslashes_deep($order), 'INSERT')) {
            break;
        } else {
            if ($GLOBALS['db']->errno() != 1062) {
                die($GLOBALS['db']->errorMsg());
            }
        }
    } while (true);
    // 防止订单号重复
    /* 订单号 */
    $order_id = $GLOBALS['db']->insert_id();
    /* 更新订单商品 */
    $sql = 'UPDATE ' . $GLOBALS['ecs']->table('order_goods') . " SET order_id = '{$order_id}' " . "WHERE order_id " . db_create_in(array($from_order['order_id'], $to_order['order_id']));
    $GLOBALS['db']->query($sql);
    include_once ROOT_PATH . 'includes/lib_clips.php';
    /* 插入支付日志 */
    insert_pay_log($order_id, $order['order_amount'], PAY_ORDER);
    /* 删除原订单 */
    $sql = 'DELETE FROM ' . $GLOBALS['ecs']->table('order_info') . " WHERE order_id " . db_create_in(array($from_order['order_id'], $to_order['order_id']));
    $GLOBALS['db']->query($sql);
    /* 删除原订单支付日志 */
    $sql = 'DELETE FROM ' . $GLOBALS['ecs']->table('pay_log') . " WHERE order_id " . db_create_in(array($from_order['order_id'], $to_order['order_id']));
    $GLOBALS['db']->query($sql);
    /* 返还 from_order 的红包,因为只使用 to_order 的红包 */
    if ($from_order['bonus_id'] > 0) {
        unuse_bonus($from_order['bonus_id']);
    }
    /* 返回成功 */
    return true;
}
Example #26
0
    exit;
} elseif ($_REQUEST['act'] == 'upload') {
    /* 检查权限 */
    admin_priv('shop_authorized');
    /* 接收上传文件 */
    /* 取出证书内容 */
    $license_arr = array();
    if (isset($_FILES['license']['error']) && $_FILES['license']['error'] == 0 && preg_match('/CER$/i', $_FILES['license']['name'])) {
        if (file_exists($_FILES['license']['tmp_name']) && is_readable($_FILES['license']['tmp_name'])) {
            if ($license_f = fopen($_FILES['license']['tmp_name'], 'r')) {
                $license_content = '';
                while (!feof($license_f)) {
                    $license_content .= fgets($license_f, 4096);
                }
                $license_content = trim($license_content);
                $license_content = addslashes_deep($license_content);
                $license_arr = explode('|', $license_content);
            }
        }
    }
    /* 恢复证书 */
    if (count($license_arr) != 2 || $license_arr[0] == '' || $license_arr[1] == '') {
        $links[] = array('text' => $_LANG['back'], 'href' => 'license.php?act=list_edit');
        sys_msg($_LANG['fail_license'], 1, $links);
    } else {
        include_once ROOT_PATH . 'includes/cls_transport.php';
        include_once ROOT_PATH . 'includes/cls_json.php';
        include_once ROOT_PATH . 'includes/lib_main.php';
        include_once ROOT_PATH . 'includes/lib_license.php';
        // 证书登录
        $login_result = license_login();
 /**
  * 编辑使用余额支付的处理
  */
 public function edit_surplus()
 {
     // 检查订单号
     $order_id = intval($_POST['order_id']);
     if ($order_id <= 0) {
         ecs_header("Location: " . url('index/index') . "\n");
         exit;
     }
     // 检查余额
     $surplus = floatval($_POST['surplus']);
     if ($surplus <= 0) {
         ECTouch::err()->add(L('error_surplus_invalid'));
         ECTouch::err()->show(L('order_detail'), url('order_detail', array('order_id' => $order_id)));
     }
     // 取得订单order_id
     $order = model('Order')->order_info($order_id);
     if (empty($order)) {
         ecs_header("Location: " . url('index/index') . "\n");
         exit;
     }
     // 检查订单用户跟当前用户是否一致
     if ($_SESSION['user_id'] != $order['user_id']) {
         ecs_header("Location: " . url('index/index') . "\n");
         exit;
     }
     // 检查订单是否未付款,检查应付款金额是否大于0
     if ($order['pay_status'] != PS_UNPAYED || $order['order_amount'] <= 0) {
         ECTouch::err()->add(L('error_order_is_paid'));
         ECTouch::err()->show(L('order_detail'), url('order_detail', array('order_id' => $order_id)));
     }
     // 计算应付款金额(减去支付费用)
     $order['order_amount'] -= $order['pay_fee'];
     // 余额是否超过了应付款金额,改为应付款金额
     if ($surplus > $order['order_amount']) {
         $surplus = $order['order_amount'];
     }
     // 取得用户信息
     $user = model('Order')->user_info($_SESSION['user_id']);
     // 用户帐户余额是否足够
     if ($surplus > $user['user_money'] + $user['credit_line']) {
         ECTouch::err()->add(L('error_surplus_not_enough'));
         ECTouch::err()->show(L('order_detail'), url('order_detail', array('order_id' => $order_id)));
     }
     // 修改订单,重新计算支付费用
     $order['surplus'] += $surplus;
     $order['order_amount'] -= $surplus;
     if ($order['order_amount'] > 0) {
         $cod_fee = 0;
         if ($order['shipping_id'] > 0) {
             $regions = array($order['country'], $order['province'], $order['city'], $order['district']);
             $shipping = model('Shipping')->shipping_area_info($order['shipping_id'], $regions);
             if ($shipping['support_cod'] == '1') {
                 $cod_fee = $shipping['pay_fee'];
             }
         }
         $pay_fee = 0;
         if ($order['pay_id'] > 0) {
             $pay_fee = pay_fee($order['pay_id'], $order['order_amount'], $cod_fee);
         }
         $order['pay_fee'] = $pay_fee;
         $order['order_amount'] += $pay_fee;
     }
     // 如果全部支付,设为已确认、已付款
     if ($order['order_amount'] == 0) {
         if ($order['order_status'] == OS_UNCONFIRMED) {
             $order['order_status'] = OS_CONFIRMED;
             $order['confirm_time'] = gmtime();
         }
         $order['pay_status'] = PS_PAYED;
         $order['pay_time'] = gmtime();
     }
     $order = addslashes_deep($order);
     model('Users')->update_order($order_id, $order);
     // 更新用户余额
     $change_desc = sprintf(L('pay_order_by_surplus'), $order['order_sn']);
     model('ClipsBase')->log_account_change($user['user_id'], -1 * $surplus, 0, 0, 0, $change_desc);
     // 销量
     $this->update_touch_goods($order_id);
     // 跳转
     $url = url('order_detail', array('order_id' => $order_id));
     ecs_header("Location: {$url}\n");
     exit;
 }
Example #28
0
 function _parse_tabao_prop($cid, $sale_attr, $sale_attr_alias, $goods_id)
 {
     $i = 0;
     // 规格数量
     $spec_kind = 0;
     // 规格种类数
     $spec_price_stock = array();
     // 价格和库存
     $sale_attr = preg_replace("/:[^:]*-[^:]*:/U", '::', $sale_attr);
     // 屏蔽商家编码干扰
     $sale_attr = explode(';', $sale_attr);
     //dump($sale_attr);
     $pvs = '';
     // 淘宝销售属性编码
     /* 分离库存价格与属性编码 */
     foreach ($sale_attr as $k => $v) {
         $pos_2 = strpos($v, '::');
         if ($pos_2 > 0) {
             $pos_1 = strpos($v, ':');
             //dump($_pos);
             //$price_stock = explode(':', substr($v, 0,))
             $spec_price_stock[$i]['price'] = round(substr($v, 0, $pos_1), 2);
             $spec_price_stock[$i]['stock'] = substr($v, $pos_1 + 1, $pos_2 - $pos_1 - 1);
             $pvs .= substr($v, $pos_2 + 2) . ';';
             $i++;
         } else {
             if ($v) {
                 $pvs .= $v . ';';
             }
         }
     }
     if (empty($spec_price_stock)) {
         $spec_kind = 0;
     } else {
         $spec_kind = substr_count($pvs, ';') / count($spec_price_stock);
     }
     /* 根据编码解析销售属性 */
     import('taobaoprop.lib');
     $TaobaoProp = new TaobaoProp($cid, $pvs, '12009827', '8c02e9f524f66199e100e27fdfdb9bbd');
     $prop = $TaobaoProp->get_prop();
     if (!$prop || $TaobaoProp->has_error()) {
         return array();
     }
     /* 编码转换 */
     if (CHARSET == 'big5') {
         $prop = ecm_iconv_deep('utf-8', 'gbk', $prop);
         $prop = ecm_iconv_deep('gbk', 'big5', $prop);
     } else {
         $prop = ecm_iconv_deep('utf-8', CHARSET, $prop);
     }
     /* 销售属性别名 */
     if ($sale_attr_alias) {
         $sale_attr_alias = explode(';', $sale_attr_alias);
         foreach ($sale_attr_alias as $_k => $_v) {
             $pos_delimiter = strrpos($_v, ':');
             $pv = substr($_v, 0, $pos_delimiter);
             $alias_name = substr($_v, $pos_delimiter + 1);
             $sale_attr_alias[$pv] = $alias_name;
             unset($sale_attr_alias[$_k]);
         }
         foreach ($prop as $key => $value) {
             $pv = $value['pid'] . ':' . $value['vid'];
             if (isset($sale_attr_alias[$pv])) {
                 $prop[$key]['name_alias'] = $sale_attr_alias[$pv];
             }
         }
     }
     /* 组合成ECMall规格 */
     $spec = array();
     // 规格数据
     foreach ($spec_price_stock as $_k => $_v) {
         $spec['item'][$_k] = $_v;
         $spec['item'][$_k]['goods_id'] = $goods_id;
         if ($spec_kind == 2) {
             $spec['item'][$_k]['spec_1'] = $prop[2 * $_k]['name_alias'];
             $spec['item'][$_k]['spec_2'] = $prop[2 * $_k + 1]['name_alias'];
             $spec['spec_name'] = array('spec_name_1' => $prop[0]['prop_name'], 'spec_name_2' => $prop[1]['prop_name']);
         } else {
             if ($spec_kind = 1) {
                 $spec['item'][$_k]['spec_1'] = $prop[$_k]['name_alias'];
                 $spec['spec_name'] = array('spec_name_1' => $prop[0]['prop_name']);
             }
         }
         if ($_v['stock'] == 0) {
             unset($spec['item'][$_k]);
         }
     }
     $spec['spec_kind'] = $spec_kind;
     return addslashes_deep($spec);
     // 因经过转码,必须要重新转义
 }
Example #29
0
        if ($order['pay_id'] > 0) {
            $pay_fee = pay_fee($order['pay_id'], $order['order_amount'], $cod_fee);
        }
        $order['pay_fee'] = $pay_fee;
        $order['order_amount'] += $pay_fee;
    }
    /* 如果全部支付,设为已确认、已付款 */
    if ($order['order_amount'] == 0) {
        if ($order['order_status'] == OS_UNCONFIRMED) {
            $order['order_status'] = OS_CONFIRMED;
            $order['confirm_time'] = gmtime();
        }
        $order['pay_status'] = PS_PAYED;
        $order['pay_time'] = gmtime();
    }
    $order = addslashes_deep($order);
    update_order($order_id, $order);
    /* 更新用户余额 */
    $change_desc = sprintf($_LANG['pay_order_by_surplus'], $order['order_sn']);
    log_account_change($user['user_id'], -1 * $surplus, 0, 0, 0, $change_desc);
    /* 跳转 */
    ecs_header('Location: user.php?act=order_detail&order_id=' . $order_id . "\n");
    exit;
} elseif ($action == 'act_edit_payment') {
    /* 检查是否登录 */
    if ($_SESSION['user_id'] <= 0) {
        ecs_header("Location: ./\n");
        exit;
    }
    /* 检查支付方式 */
    $pay_id = intval($_POST['pay_id']);
Example #30
0
            if (!empty($string['search_encode_time'])) {
                if (time() > $string['search_encode_time'] + 2) {
                    define('INGORE_VISIT_STATS', true);
                }
            } else {
                define('INGORE_VISIT_STATS', true);
            }
        } else {
            $string = array();
        }
    } else {
        $string = array();
    }
}
require dirname(__FILE__) . '/includes/init.php';
$_REQUEST = array_merge($_REQUEST, addslashes_deep($string));
$_REQUEST['act'] = !empty($_REQUEST['act']) ? trim($_REQUEST['act']) : '';
/*------------------------------------------------------ */
//-- 高级搜索
/*------------------------------------------------------ */
if ($_REQUEST['act'] == 'advanced_search') {
    $goods_type = !empty($_REQUEST['goods_type']) ? intval($_REQUEST['goods_type']) : 0;
    $attributes = get_seachable_attributes($goods_type);
    $smarty->assign('goods_type_selected', $goods_type);
    $smarty->assign('goods_type_list', $attributes['cate']);
    $smarty->assign('goods_attributes', $attributes['attr']);
    assign_template();
    assign_dynamic('search');
    $position = assign_ur_here(0, $_LANG['advanced_search']);
    $smarty->assign('page_title', $position['title']);
    // 页面标题