public function index()
{
$email = strim($GLOBALS['request']['email']);
//用户名或邮箱
$pwd = strim($GLOBALS['request']['pwd']);
//密码
if (app_conf("SMS_ON") == 0) {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['SMS_OFF'];
//短信未开启
output($root);
}
//检查用户,用户密码
$user = user_check($email, $pwd);
$user_id = intval($user['id']);
$root['user_id'] = $user_id;
if ($user_id > 0) {
$mobile = $user['mobile'];
$code = intval($user['bind_verify']);
if ($mobile == '') {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['MOBILE_EMPTY_TIP'];
output($root);
}
if (!check_mobile($mobile)) {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['FILL_CORRECT_MOBILE_PHONE'];
output($root);
}
if (!check_ipop_limit(get_client_ip(), "mobile_verify", 60, 0)) {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['MOBILE_SMS_SEND_FAST'];
//短信发送太快
output($root);
}
//开始生成手机验证
if ($code == 0) {
//已经生成过了,则使用旧的验证码;反之生成一个新的
$code = rand(1111, 9999);
$GLOBALS['db']->query("update " . DB_PREFIX . "user set bind_verify = '" . $code . "',verify_create_time = '" . TIME_UTC . "' where id = " . $user_id);
}
//使用立即发送方式
$result = send_verify_sms($mobile, $code, $user, true);
//
$root['response_code'] = $result['status'];
if ($root['response_code'] == 1) {
$root['show_err'] = $GLOBALS['lang']['MOBILE_VERIFY_SEND_OK'];
} else {
$root['show_err'] = $result['msg'];
if ($root['show_err'] == null || $root['show_err'] == '') {
$root['show_err'] = "验证码发送失败";
}
}
} else {
$root['response_code'] = 0;
$root['show_err'] = "未登录";
$root['user_login_status'] = 0;
}
output($root);
}
public function save()
{
if (trim($_REQUEST['consignee']) == '') {
showErr($GLOBALS['lang']['FILL_CORRECT_CONSIGNEE']);
}
if (trim($_REQUEST['address']) == '') {
showErr($GLOBALS['lang']['FILL_CORRECT_ADDRESS']);
}
if (trim($_REQUEST['zip']) == '') {
showErr($GLOBALS['lang']['FILL_CORRECT_ZIP']);
}
if (trim($_REQUEST['mobile']) == '') {
showErr($GLOBALS['lang']['FILL_MOBILE_PHONE']);
}
if (!check_mobile($_REQUEST['mobile'])) {
showErr($GLOBALS['lang']['FILL_CORRECT_MOBILE_PHONE']);
}
$consignee_data['user_id'] = $GLOBALS['user_info']['id'];
$consignee_data['region_lv1'] = intval($_REQUEST['region_lv1']);
$consignee_data['region_lv2'] = intval($_REQUEST['region_lv2']);
$consignee_data['region_lv3'] = intval($_REQUEST['region_lv3']);
$consignee_data['region_lv4'] = intval($_REQUEST['region_lv4']);
$consignee_data['address'] = addslashes(trim(htmlspecialchars($_REQUEST['address'])));
$consignee_data['mobile'] = addslashes(trim(htmlspecialchars($_REQUEST['mobile'])));
$consignee_data['consignee'] = addslashes(trim(htmlspecialchars($_REQUEST['consignee'])));
$consignee_data['zip'] = addslashes(trim(htmlspecialchars($_REQUEST['zip'])));
$consignee_id = intval($_REQUEST['id']);
if ($consignee_id == 0) {
$GLOBALS['db']->autoExecute(DB_PREFIX . "user_consignee", $consignee_data);
} else {
$GLOBALS['db']->autoExecute(DB_PREFIX . "user_consignee", $consignee_data, "UPDATE", "id=" . $consignee_id);
}
rm_auto_cache("consignee_info", array("consignee_id" => intval($consignee_id)));
showSuccess($GLOBALS['lang']['UPDATE_SUCCESS']);
}
public function index()
{
$mobile = strim($GLOBALS['request']['mobile']);
if (app_conf("SMS_ON") == 0) {
$root['status'] = 0;
$root['info'] = '短信功能关闭';
output($root);
}
if ($mobile == '') {
$root['status'] = 0;
$root['info'] = '手机号码不能为空';
output($root);
}
if (!check_mobile($mobile)) {
$root['status'] = 0;
$root['info'] = "请输入正确的手机号码";
output($root);
}
if (!check_ipop_limit(CLIENT_IP, "register_verify_phone", 60, 0)) {
$root['status'] = 0;
$root['info'] = '发送太快了';
output($root);
}
$sql = "SELECT * FROM " . DB_PREFIX . "user WHERE mobile = " . $mobile;
$user = $GLOBALS['db']->getRow($sql);
if (empty($user)) {
$root['status'] = 0;
$root['info'] = "手机号未在本站注册过";
output($root);
}
//删除超过5分钟的验证码
$sql = "DELETE FROM " . DB_PREFIX . "sms_mobile_verify WHERE mobile_phone = '{$mobile}' and add_time <=" . (get_gmtime() - 300);
$GLOBALS['db']->query($sql);
$code = rand(100000, 999999);
$message = "您正在找回密码,验证码:" . $code . ",如非本人操作,请忽略本短信【" . app_conf("SHOP_TITLE") . "】";
require_once APP_ROOT_PATH . "system/utils/es_sms.php";
$sms = new sms_sender();
$send = $sms->sendSms($mobile, $message);
if ($send['status']) {
$add_time = get_gmtime();
$GLOBALS['db']->query("insert into " . DB_PREFIX . "sms_mobile_verify(mobile_phone,code,add_time,send_count,ip) values('{$mobile}','{$code}','{$add_time}',1," . "'" . CLIENT_IP . "')");
/* 插入一条发送成功记录到队列表中 */
$msg_data['dest'] = $mobile;
$msg_data['send_type'] = 0;
$msg_data['content'] = addslashes($message);
$msg_data['send_time'] = $add_time;
$msg_data['is_send'] = 1;
$msg_data['is_success'] = 1;
$msg_data['create_time'] = $add_time;
$msg_data['user_id'] = intval($user['id']);
$msg_data['title'] = "密码找回验证";
$GLOBALS['db']->autoExecute(DB_PREFIX . "deal_msg_list", $msg_data);
$root['info'] = "验证码发出,请注意查收";
$root['status'] = 1;
} else {
$root['info'] = "发送失败" . $send['msg'];
$root['status'] = 0;
}
output($root);
}
public function index()
{
require_once APP_ROOT_PATH . "system/libs/user.php";
$mobile = trim($GLOBALS['request']['mobile']);
$pwd = strim($GLOBALS['request']['password']);
if ($mobile == '') {
$root['status'] = 0;
$root['info'] = '手机号码不能为空';
output($root);
}
if (!check_mobile($mobile)) {
$root['status'] = 0;
$root['info'] = "请输入正确的手机号码";
output($root);
}
if (strlen($pwd) < 4) {
$root['status'] = 0;
$root['info'] = "密码不能低于四位";
output($root);
}
$db_code = $GLOBALS['db']->getRow("select id from " . DB_PREFIX . "sms_mobile_verify where status=1 and mobile_phone = '{$mobile}' and type=0 order by id desc");
if (!$db_code) {
$root['status'] = 0;
$root['info'] = "手机号码未通过验证";
output($root);
}
$root = mobile_reg($mobile, $pwd);
output($root);
}
public function index()
{
$mobile = addslashes(htmlspecialchars(trim($GLOBALS['request']['mobile'])));
$root = array();
if (app_conf("SMS_ON") == 0) {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['SMS_OFF'];
//短信未开启
output($root);
}
if ($mobile == '') {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['MOBILE_EMPTY_TIP'];
//请输入你的手机号
output($root);
}
if (!check_mobile($mobile)) {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['FILL_CORRECT_MOBILE_PHONE'];
//请填写正确的手机号码
output($root);
}
if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where mobile = '" . $mobile . "'") > 0) {
$field_show_name = $GLOBALS['lang']['USER_TITLE_mobile'];
//手机号码
$root['response_code'] = 0;
$root['show_err'] = sprintf($GLOBALS['lang']['EXIST_ERROR_TIP'], $field_show_name);
//已存在,请重新输入
output($root);
}
if (!check_ipop_limit(CLIENT_IP, "mobile_verify", 60, 0)) {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['MOBILE_SMS_SEND_FAST'];
//短信发送太快
output($root);
}
//删除超过5分钟的验证码
$GLOBALS['db']->query("DELETE FROM " . DB_PREFIX . "mobile_verify_code WHERE create_time <=" . TIME_UTC - 300);
$verify_code = $GLOBALS['db']->getOne("select verify_code from " . DB_PREFIX . "mobile_verify_code where mobile = '" . $mobile . "' and create_time>=" . (TIME_UTC - 180) . " ORDER BY id DESC");
if (intval($verify_code) == 0) {
//如果数据库中存在验证码,则取数据库中的(上次的 );确保连接发送时,前后2条的验证码是一至的.==为了防止延时
//开始生成手机验证
$verify_code = rand(1111, 9999);
$GLOBALS['db']->autoExecute(DB_PREFIX . "mobile_verify_code", array("verify_code" => $verify_code, "mobile" => $mobile, "create_time" => TIME_UTC, "client_ip" => CLIENT_IP), "INSERT");
}
//使用立即发送方式
$result = send_verify_sms($mobile, $verify_code, null, true);
//
$root['response_code'] = $result['status'];
if ($root['response_code'] == 1) {
$root['show_err'] = $GLOBALS['lang']['MOBILE_VERIFY_SEND_OK'];
} else {
$root['show_err'] = $result['msg'];
if ($root['show_err'] == null || $root['show_err'] == '') {
$root['show_err'] = "验证码发送失败";
}
}
//../system/sms/FW_sms.php 提示账户或密码错误地址
output($root);
}
public function index()
{
$mobile = addslashes(htmlspecialchars(trim($GLOBALS['request']['mobile'])));
$root = array();
if (app_conf("SMS_ON") == 0) {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['SMS_OFF'];
output($root);
}
if ($mobile == '') {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['MOBILE_EMPTY_TIP'];
output($root);
}
if (!check_mobile($mobile)) {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['FILL_CORRECT_MOBILE_PHONE'];
output($root);
}
if (!check_ipop_limit(get_client_ip(), "mobile_verify", 60, 0)) {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['MOBILE_SMS_SEND_FAST'];
output($root);
}
$sql = "select id,bind_verify from " . DB_PREFIX . "user where mobile = '" . $mobile . "' and is_delete = 0";
$user_info = $GLOBALS['db']->getRow($sql);
$user_id = intval($user_info['id']);
$code = intval($user_info['bind_verify']);
if ($user_id == 0) {
//$field_show_name = $GLOBALS['lang']['USER_TITLE_mobile'];
$root['response_code'] = 0;
$root['show_err'] = '手机号码不存在或被禁用';
output($root);
}
//开始生成手机验证
if ($code == 0) {
//已经生成过了,则使用旧的验证码;反之生成一个新的
$code = rand(1111, 9999);
$GLOBALS['db']->query("update " . DB_PREFIX . "user set bind_verify = '" . $code . "',verify_create_time = '" . TIME_UTC . "' where id = " . $user_id);
}
//使用立即发送方式
$result = send_verify_sms($mobile, $code, null, true);
//
$root['response_code'] = $result['status'];
if ($root['response_code'] == 1) {
$root['show_err'] = $GLOBALS['lang']['MOBILE_VERIFY_SEND_OK'];
} else {
$root['show_err'] = $result['msg'];
if ($root['show_err'] == null || $root['show_err'] == '') {
$root['show_err'] = "验证码发送失败";
}
}
$root['post_type'] = trim($GLOBALS['request']['post_type']);
output($root);
}
public static function init()
{
//过滤输入
$_POST = inject_filter($_POST);
$_GET = inject_filter($_GET);
self::init_input();
//是否为移动设备
check_mobile();
//获取移动设备名
check_device();
}
public function index()
{
$mobile = addslashes(htmlspecialchars(trim($GLOBALS['request']['mobile'])));
$verify = addslashes(htmlspecialchars(trim($GLOBALS['request']['mobile_code'])));
$user_pwd = addslashes(htmlspecialchars(trim($GLOBALS['request']['user_pwd'])));
$user_pwd_confirm = addslashes(htmlspecialchars(trim($GLOBALS['request']['user_pwd_confirm'])));
$root = array();
if ($user_pwd != $user_pwd_confirm) {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['USER_PWD_CONFIRM_ERROR'];
output($root);
}
if ($user_pwd == null || $user_pwd == '') {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['USER_PWD_ERROR'];
output($root);
}
if ($verify == "") {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['BIND_MOBILE_VERIFY_ERROR'];
output($root);
}
if ($mobile == '') {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['MOBILE_EMPTY_TIP'];
output($root);
}
if (!check_mobile($mobile)) {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['FILL_CORRECT_MOBILE_PHONE'];
output($root);
}
$sql = "select id,code from " . DB_PREFIX . "user where mobile = '" . $mobile . "' and bind_verify = '" . $verify . "' and is_delete = 0";
$user_info = $GLOBALS['db']->getRow($sql);
$user_id = intval($user_info['id']);
$code = $user_info['code'];
if ($user_id == 0) {
$root['response_code'] = 0;
$root['show_err'] = $GLOBALS['lang']['BIND_MOBILE_VERIFY_ERROR'];
output($root);
} else {
$new_pwd = md5($user_pwd . $code);
$sql = "update " . DB_PREFIX . "user set user_pwd='" . $new_pwd . "', bind_verify = '', verify_create_time = 0 where id = " . $user_id;
$GLOBALS['db']->query($sql);
$root['response_code'] = 1;
$root['show_err'] = "密码更新成功!";
//$GLOBALS['lang']['MOBILE_BIND_SUCCESS'];
$root['sql'] = $sql;
output($root);
}
$root['program_title'] = "修改密码";
output($root);
}
public function index()
{
$mobile = addslashes(htmlspecialchars(trim($GLOBALS['request']['mobile'])));
$root = array();
if (app_conf("SMS_ON") == 0) {
$root['response_code'] = 0;
$root['show_err'] = '短信未开启';
output($root);
}
if ($mobile == '') {
$root['response_code'] = 0;
$root['show_err'] = '请输入你的手机号';
output($root);
}
if (!check_mobile($mobile)) {
$root['response_code'] = 0;
$root['show_err'] = '请填写正确的手机号码';
output($root);
}
if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where mobile = '" . $mobile . "'") > 0) {
$field_show_name = '手机号码';
$root['response_code'] = 0;
$root['show_err'] = sprintf('%s已存在,请重新输入', $field_show_name);
output($root);
}
if (!check_ipop_limit(get_client_ip(), "mobile_verify", 60, 0)) {
$root['response_code'] = 0;
$root['show_err'] = '短信发送太快,请稍后再试';
output($root);
}
//删除超过5分钟的验证码
$GLOBALS['db']->query("DELETE FROM " . DB_PREFIX . "mobile_verify_code WHERE create_time <=" . get_gmtime() - 300);
$verify_code = $GLOBALS['db']->getOne("select verify_code from " . DB_PREFIX . "mobile_verify_code where mobile = '" . $mobile . "' and create_time>=" . (TIME_UTC - 180) . " ORDER BY id DESC");
if (intval($verify_code) == 0) {
//如果数据库中存在验证码,则取数据库中的(上次的 );确保连接发送时,前后2条的验证码是一至的.==为了防止延时
//开始生成手机验证
$verify_code = rand(1111, 9999);
$GLOBALS['db']->autoExecute(DB_PREFIX . "mobile_verify_code", array("verify_code" => $verify_code, "mobile" => $mobile, "create_time" => get_gmtime(), "client_ip" => get_client_ip()), "INSERT");
}
//使用立即发送方式
$result = send_verify_sms($mobile, $verify_code, null, true);
//
$root['response_code'] = $result['status'];
if ($root['response_code'] == 1) {
$root['show_err'] = '验证短信已经发送,请注意查收';
} else {
$root['show_err'] = $result['msg'];
if ($root['show_err'] == null || $root['show_err'] == '') {
$root['show_err'] = "验证码发送失败";
}
}
output($root);
}
public function index()
{
$mobile = addslashes(htmlspecialchars(trim($GLOBALS['request']['mobile'])));
$verify = addslashes(htmlspecialchars(trim($GLOBALS['request']['mobile_code'])));
$user_pwd = addslashes(htmlspecialchars(trim($GLOBALS['request']['user_pwd'])));
$user_pwd_confirm = addslashes(htmlspecialchars(trim($GLOBALS['request']['user_pwd_confirm'])));
$root = array();
if ($user_pwd != $user_pwd_confirm) {
$root['response_code'] = 0;
$root['show_err'] = '密码确认失败';
output($root);
}
if ($user_pwd == null || $user_pwd == '') {
$root['response_code'] = 0;
$root['show_err'] = '请输入密码';
output($root);
}
if ($verify == "") {
$root['response_code'] = 0;
$root['show_err'] = '验证码错误';
output($root);
}
if ($mobile == '') {
$root['response_code'] = 0;
$root['show_err'] = '请输入你的手机号';
output($root);
}
if (!check_mobile($mobile)) {
$root['response_code'] = 0;
$root['show_err'] = '请填写正确的手机号码';
output($root);
}
$sql = "select id,code from " . DB_PREFIX . "user where mobile = '" . $mobile . "' and bind_verify = '" . $verify . "' and is_delete = 0";
$user_info = $GLOBALS['db']->getRow($sql);
$user_id = intval($user_info['id']);
$code = $user_info['code'];
if ($user_id == 0) {
$root['response_code'] = 0;
$root['show_err'] = '验证码错误';
output($root);
} else {
$new_pwd = md5($user_pwd . $code);
$sql = "update " . DB_PREFIX . "user set user_pwd='" . $new_pwd . "', bind_verify = '', verify_create_time = 0 where id = " . $user_id;
$GLOBALS['db']->query($sql);
$root['response_code'] = 1;
$root['show_err'] = "密码更新成功!";
//$GLOBALS['lang']['MOBILE_BIND_SUCCESS'];
$root['sql'] = $sql;
output($root);
}
output($root);
}
public function save()
{
global_run();
if (check_save_login() != LOGIN_STATUS_LOGINED) {
$result['status'] = 2;
ajax_return($result);
}
$consignee_id = intval($_REQUEST['region_id']);
$region_count = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user_consignee where user_id = " . $GLOBALS['user_info']['id']);
if ($region_count >= 5 && $consignee_id == 0) {
$result['status'] = 3;
ajax_return($result);
}
if (strim($_REQUEST['consignee']) == '') {
showErr($GLOBALS['lang']['FILL_CORRECT_CONSIGNEE'], 1);
}
if (strim($_REQUEST['address']) == '') {
showErr($GLOBALS['lang']['FILL_CORRECT_ADDRESS'], 1);
}
if (strim($_REQUEST['zip']) == '') {
showErr($GLOBALS['lang']['FILL_CORRECT_ZIP'], 1);
}
if (strim($_REQUEST['mobile']) == '') {
showErr($GLOBALS['lang']['FILL_MOBILE_PHONE'], 1);
}
if (!check_mobile($_REQUEST['mobile'])) {
showErr($GLOBALS['lang']['FILL_CORRECT_MOBILE_PHONE'], 1);
}
$consignee_data['user_id'] = $GLOBALS['user_info']['id'];
$consignee_data['region_lv1'] = intval($_REQUEST['region_lv1']);
$consignee_data['region_lv2'] = intval($_REQUEST['region_lv2']);
$consignee_data['region_lv3'] = intval($_REQUEST['region_lv3']);
$consignee_data['region_lv4'] = intval($_REQUEST['region_lv4']);
$consignee_data['address'] = strim($_REQUEST['address']);
$consignee_data['mobile'] = strim($_REQUEST['mobile']);
$consignee_data['consignee'] = strim($_REQUEST['consignee']);
$consignee_data['zip'] = strim($_REQUEST['zip']);
$consignee_count = intval($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user_consignee where user_id = " . $GLOBALS['user_info']['id']));
if ($consignee_count == 0) {
$consignee_data['is_default'] = 1;
}
if ($consignee_id == 0) {
$GLOBALS['db']->autoExecute(DB_PREFIX . "user_consignee", $consignee_data);
} else {
$GLOBALS['db']->autoExecute(DB_PREFIX . "user_consignee", $consignee_data, "UPDATE", "id=" . $consignee_id . " and user_id=" . $GLOBALS['user_info']['id']);
}
rm_auto_cache("consignee_info", array("consignee_id" => intval($consignee_id)));
$result['status'] = 1;
$result['url'] = url('index', 'uc_consignee');
ajax_return($result);
}
public function index()
{
// require_once APP_ROOT_PATH."system/libs/user.php";
$mobile = trim($GLOBALS['request']['mobile']);
$pwd = strim($GLOBALS['request']['password']);
$password_confirm = strim($GLOBALS['request']['password_confirm']);
$gender = intval($GLOBALS['request']['gender']);
$sms_verify = intval($GLOBALS['request']['sms_verify']);
if ($mobile == '') {
$root['status'] = 0;
$root['info'] = '手机号码不能为空';
output($root);
}
if (!check_mobile($mobile)) {
$root['status'] = 0;
$root['info'] = "请输入正确的手机号码";
output($root);
}
if (strlen($pwd) < 4) {
$root['status'] = 0;
$root['info'] = "密码不能低于四位";
output($root);
}
if ($pwd != $password_confirm) {
$root['status'] = 0;
$root['info'] = "您两次输入的密码不匹配";
output($root);
}
if ($sms_verify == "") {
$root['status'] = 0;
$root['info'] = "请输入收到的验证码";
output($root);
}
$sql = "DELETE FROM " . DB_PREFIX . "sms_mobile_verify WHERE add_time <=" . (NOW_TIME - SMS_EXPIRESPAN);
$GLOBALS['db']->query($sql);
$mobile_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "sms_mobile_verify where mobile_phone = '" . $mobile . "'");
if ($mobile_data['code'] != $sms_verify) {
$root['status'] = 0;
$root['info'] = "验证码错误";
output($root);
}
// $db_code = $GLOBALS['db']->getRow("select id from ".DB_PREFIX."sms_mobile_verify where status=1 and mobile_phone = '$mobile' and type=0 order by id desc");
// if(!$db_code)
// {
// $root['status'] = 0;
// $root['info'] ="手机号码未通过验证";
// output($root);
// }
$root = mobile_reg($mobile, $pwd, $gender);
output($root);
}
public function index()
{
$mobile = trim($GLOBALS['request']['mobile']);
$code = strim($GLOBALS['request']['code']);
/*验证码*/
if ($mobile == '') {
$root['status'] = 0;
$root['info'] = '手机号码不能为空';
output($root);
}
if (!check_mobile($mobile)) {
$root['status'] = 0;
$root['info'] = "请输入正确的手机号码";
output($root);
}
if ($code == '') {
$root['info'] = "请输入验证码!";
$root['status'] = 0;
output($root);
}
$db_code = $GLOBALS['db']->getRow("select id,code,add_time from " . DB_PREFIX . "sms_mobile_verify where mobile_phone = '{$mobile}' order by id desc");
if ($db_code['code'] != $code) {
$root['info'] = "请输入正确的验证码!";
$root['status'] = 0;
output($root);
}
$new_time = get_gmtime();
if ($new_time - $db_code['add_time'] > 60 * 30) {
$root['info'] = "验证码已失效,请重新获取!";
$root['status'] = 0;
$GLOBALS['db']->query("delete from " . DB_PREFIX . "sms_mobile_verify where mobile_phone = " . $mobile . "");
output($root);
}
$GLOBALS['db']->query("delete from " . DB_PREFIX . "sms_mobile_verify where id=" . $db_code['id'] . "");
$sql = "SELECT * FROM " . DB_PREFIX . "user WHERE mobile = " . $mobile;
$user = $GLOBALS['db']->getRow($sql);
$res = $GLOBALS['db']->query("update " . DB_PREFIX . "user set password_verify=" . $code . " where id=" . $user['id']);
if ($res) {
$root['info'] = "验证成功";
$root['status'] = 1;
$root['user_id'] = $user['id'];
} else {
$root['info'] = "验证出错";
$root['status'] = 0;
}
output($root);
}
/**
* 验证会员数据
*/
function check_user($field_name, $field_data)
{
//开始数据验证
$user_data[$field_name] = $field_data;
$res = array('status' => 1, 'info' => '', 'data' => '');
//用于返回的数据
if (trim($user_data['user_name']) == '' && $field_name == 'user_name') {
$field_item['field_name'] = 'user_name';
$field_item['error'] = EMPTY_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
if ($field_name == 'user_name' && $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where user_name = '" . trim($user_data['user_name']) . "' and id <> " . intval($user_data['id'])) > 0) {
$field_item['field_name'] = 'user_name';
$field_item['error'] = EXIST_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
if ($field_name == 'email' && $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where email = '" . trim($user_data['email']) . "' and id <> " . intval($user_data['id'])) > 0) {
$field_item['field_name'] = 'email';
$field_item['error'] = EXIST_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
if ($field_name == 'email' && trim($user_data['email']) == '') {
$field_item['field_name'] = 'email';
$field_item['error'] = EMPTY_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
if ($field_name == 'email' && !check_email(trim($user_data['email']))) {
$field_item['field_name'] = 'email';
$field_item['error'] = FORMAT_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
if ($field_name == 'mobile' && intval(app_conf("MOBILE_MUST")) == 1 && trim($user_data['mobile']) == '') {
$field_item['field_name'] = 'mobile';
$field_item['error'] = EMPTY_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
if ($field_name == 'mobile' && !check_mobile(trim($user_data['mobile']))) {
$field_item['field_name'] = 'mobile';
$field_item['error'] = FORMAT_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
// if($field_name=='mobile'&&$user_data['mobile']!=''&&$GLOBALS['db']->getOne("select count(*) from ".DB_PREFIX."user where mobile = '".trim($user_data['mobile'])."' and id <> ".intval($user_data['id']))>0)
// {
// $field_item['field_name'] = 'mobile';
// $field_item['error'] = EXIST_ERROR;
// $res['status'] = 0;
// $res['data'] = $field_item;
// return $res;
// }
//验证扩展字段
$field_item = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_field where field_name = '" . $field_name . "'");
if ($field_item['is_must'] == 1 && trim($user_data[$field_item['field_name']]) == '') {
$field_item['error'] = EMPTY_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
return $res;
}
/**
* 发送手机验证码
*/
public function send_sms_code()
{
$verify_code = strim($_REQUEST['verify_code']);
$mobile_phone = strim($_REQUEST['mobile']);
if ($mobile_phone == "") {
$data['status'] = false;
$data['info'] = "请输入手机号";
$data['field'] = "user_mobile";
ajax_return($data);
}
if (!check_mobile($mobile_phone)) {
$data['status'] = false;
$data['info'] = "手机号格式不正确";
$data['field'] = "user_mobile";
ajax_return($data);
}
if (intval($_REQUEST['unique']) == 1) {
if (intval($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "supplier_submit where account_mobile = '" . $mobile_phone . "'")) > 0) {
$data['status'] = false;
$data['info'] = "手机号已被注册";
$data['field'] = "account_mobile";
ajax_return($data);
}
}
$sms_ipcount = load_sms_ipcount();
if ($sms_ipcount > 1) {
//需要图形验证码
if (es_session::get("verify") != md5($verify_code)) {
$data['status'] = false;
$data['info'] = "验证码错误";
$data['field'] = "verify_code";
ajax_return($data);
}
}
if (!check_ipop_limit(CLIENT_IP, "send_sms_code", SMS_TIMESPAN)) {
showErr("请勿频繁发送短信", 1);
}
//删除失效验证码
$sql = "DELETE FROM " . DB_PREFIX . "sms_mobile_verify WHERE add_time <=" . (NOW_TIME - SMS_EXPIRESPAN);
$GLOBALS['db']->query($sql);
$mobile_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "sms_mobile_verify where mobile_phone = '" . $mobile_phone . "'");
if ($mobile_data) {
//重新发送未失效的验证码
$code = $mobile_data['code'];
$mobile_data['add_time'] = NOW_TIME;
$GLOBALS['db']->query("update " . DB_PREFIX . "sms_mobile_verify set add_time = '" . $mobile_data['add_time'] . "',send_count = send_count + 1 where mobile_phone = '" . $mobile_phone . "'");
} else {
$code = rand(100000, 999999);
$mobile_data['mobile_phone'] = $mobile_phone;
$mobile_data['add_time'] = NOW_TIME;
$mobile_data['code'] = $code;
$mobile_data['ip'] = CLIENT_IP;
$GLOBALS['db']->autoExecute(DB_PREFIX . "sms_mobile_verify", $mobile_data, "INSERT", "", "SILENT");
}
send_verify_sms($mobile_phone, $code);
es_session::delete("verify");
//删除图形验证码
$data['status'] = true;
$data['info'] = "发送成功";
$data['lesstime'] = SMS_TIMESPAN - (NOW_TIME - $mobile_data['add_time']);
//剩余时间
$data['sms_ipcount'] = load_sms_ipcount();
ajax_return($data);
}
public function checkMobile()
{
//dump($_POST);
$mobile = $_POST['key1'];
$code = $_POST['key2'];
$usertype = $_POST['key3'];
$Form = new Model();
//first check mobile is allowed
if ($usertype == 1) {
$exist = $Form->query('select user_id from entrepreneur_personal where phone = "%s" ', $_POST['key1']);
$user = $exist[0];
if (!$user) {
echo 401;
return;
}
} else {
$exist = $Form->query('select user_id from investor_personal where mobile = "%s" ', $_POST['key1']);
$user = $exist[0];
if (!$user) {
echo 401;
return;
}
}
$res = check_mobile($mobile, $code);
if ($res == 200) {
echo 200;
$_SESSION['changeType'] = $usertype;
$_SESSION['mobile'] = $mobile;
$_SESSION['JCALLOW'] = 1;
$_SESSION['userId'] = $user['user_id'];
} else {
echo 404;
}
}
/**
* 验证会员字段的有效性
* @param array $data 字段名称/值
* @return array
*/
function check_register_field($data)
{
$data = array();
$data['status'] = true;
$data['info'] = "";
if (strim($data['account_name'])) {
$rs = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "supplier_account where account_name = '" . $data['account_name'] . "'");
if (intval($rs) > 0) {
$data['status'] = false;
$data['info'] = "账户已被注册";
$data['field'] = "account_name";
return $data;
}
}
if (strim($data['account_mobile'])) {
if (!check_mobile($data['account_mobile'])) {
$data['status'] = false;
$data['info'] = "手机号格式不正确";
$data['field'] = "account_mobile";
return $data;
}
$rs = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "supplier_account where account_mobile = '" . $data['account_mobile'] . "'");
if (intval($rs) > 0) {
$data['status'] = false;
$data['info'] = "手机号已被注册";
$data['field'] = "account_mobile";
return $data;
}
}
if (strim($data['verify_code']) && app_conf("SMS_ON") == 1) {
$verify = md5($data['verify_code']);
$session_verify = es_session::get('verify');
if ($verify != $session_verify) {
$data['status'] = false;
$data['info'] = "图片验证码错误";
$data['field'] = "verify_code";
return $data;
}
}
return $data;
}
function dobidstepone()
{
if (!$GLOBALS['user_info']) {
showErr($GLOBALS['lang']['PLEASE_LOGIN_FIRST'], 1);
}
if (strim($_REQUEST['name']) == "") {
showErr($GLOBALS['lang']['PLEASE_INPUT'] . $GLOBALS['lang']['URGENTCONTACT'], 1);
}
$data['real_name'] = strim($_REQUEST['name']);
if ($GLOBALS['user_info']['idcardpassed'] == 0) {
if (strim($_REQUEST['idno']) == "") {
showErr($GLOBALS['lang']['PLEASE_INPUT'] . $GLOBALS['lang']['IDNO'], 1);
}
if (getIDCardInfo(strim($_REQUEST['idno'])) == 0) {
//身份证正则表达式
showErr($GLOBALS['lang']['FILL_CORRECT_IDNO'], 1);
}
if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where idno = '" . strim($_REQUEST['idno']) . "' and id <> " . intval($GLOBALS['user_info']['id'])) > 0) {
showErr(sprintf($GLOBALS['lang']['EXIST_ERROR_TIP'], $GLOBALS['lang']['IDNO']), 1);
}
if (strim($_REQUEST['idno']) != strim($_REQUEST['idno_re'])) {
showErr($GLOBALS['lang']['TWO_ENTER_IDNO_ERROR'], 1);
}
$data['idno'] = strim($_REQUEST['idno']);
$data['idcardpassed'] = 0;
}
/*手机*/
if ($GLOBALS['user_info']['mobilepassed'] == 0) {
if (strim($_REQUEST['phone']) == "") {
showErr($GLOBALS['lang']['MOBILE_EMPTY_TIP'], 1);
}
if (!check_mobile(strim($_REQUEST['phone']))) {
showErr($GLOBALS['lang']['FILL_CORRECT_MOBILE_PHONE'], 1);
}
if (strim($_REQUEST['validateCode']) == "") {
showErr($GLOBALS['lang']['PLEASE_INPUT'] . $GLOBALS['lang']['VERIFY_CODE'], 1);
}
if (strim($_REQUEST['validateCode']) != $GLOBALS['user_info']['bind_verify']) {
showErr($GLOBALS['lang']['BIND_MOBILE_VERIFY_ERROR'], 1);
}
$data['mobile'] = strim($_REQUEST['phone']);
$data['mobilepassed'] = 1;
}
$GLOBALS['db']->autoExecute(DB_PREFIX . "user", $data, "UPDATE", "id=" . $GLOBALS['user_info']['id']);
showSuccess($GLOBALS['lang']['SUCCESS_TITLE'], 1);
}
public function saveChange()
{
//dump($_POST);
$Form = new Model();
if ($_SESSION['type'] == 1) {
if (check_mobile(I('post.key5'), I('post.key4')) == 200) {
$check = $Form->query('select * from investor_security where user_id = "%s"', $_SESSION['id']);
if ($check[0]['user_pwd'] === I('post.key1')) {
$result = $Form->execute('update investor_security set user_pwd = "%s" where user_id = "%s"', I('post.key2'), $_SESSION['id']);
if ($result) {
echo 200;
session('[destroy]');
exit;
} else {
echo 400;
exit;
}
} else {
echo 404;
exit;
}
} else {
echo 409;
exit;
}
} else {
if ($_SESSION['type'] == 2) {
if (check_mobile(I('post.key5'), I('post.key4')) == 200) {
$check = $Form->query('select * from entrepreneur_security where user_id = "%s"', $_SESSION['id']);
if ($check[0]['user_pwd'] === I('post.key1')) {
$result = $Form->execute('update entrepreneur_security set user_pwd = "%s" where user_id = "%s"', I('post.key2'), $_SESSION['id']);
if ($result) {
echo 200;
session('[destroy]');
} else {
echo 400;
exit;
}
} else {
echo 404;
exit;
}
} else {
echo 409;
exit;
}
} else {
echo 401;
}
}
}
/**
* 验证会员数据
*/
function check_user($field_name, $field_data)
{
//开始数据验证
$user_data[$field_name] = $field_data;
$res = array('status' => 1, 'info' => '', 'data' => '');
//用于返回的数据
if (trim($user_data['user_name']) == '' && $field_name == 'user_name') {
$field_item['field_name'] = 'user_name';
$field_item['error'] = EMPTY_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
if ($field_name == 'user_name' && (!preg_match("/^[\\x{4e00}-\\x{9fa5}_\\-]*[0-9a-zA-Z_\\-]*[\\x{201c}\\x{201d}\\x{3001}\\x{uff1a}\\x{300a}\\x{300b\\x{ff0c}\\x{ff1b}\\x{3002}_\\-]*\$/u", trim($user_data['user_name'])) || is_numeric($user_data['user_name']))) {
$field_item['field_name'] = 'user_name';
$field_item['error'] = FORMAT_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
if ($field_name == 'user_name' && $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where user_name = '" . trim($user_data['user_name']) . "' and id <> " . intval($user_data['id'])) > 0) {
$field_item['field_name'] = 'user_name';
$field_item['error'] = EXIST_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
if ($field_name == 'email' && $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where email = '" . trim($user_data['email']) . "' and id <> " . intval($user_data['id'])) > 0) {
$field_item['field_name'] = 'email';
$field_item['error'] = EXIST_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
if ($field_name == 'email' && trim($user_data['email']) == '') {
$field_item['field_name'] = 'email';
$field_item['error'] = EMPTY_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
if ($field_name == 'email' && !check_email(trim($user_data['email']))) {
$field_item['field_name'] = 'email';
$field_item['error'] = FORMAT_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
if ($field_name == 'mobile' && intval(app_conf("MOBILE_MUST")) == 1 && trim($user_data['mobile']) == '') {
$field_item['field_name'] = 'mobile';
$field_item['error'] = EMPTY_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
if ($field_name == 'mobile' && !check_mobile(trim($user_data['mobile']))) {
$field_item['field_name'] = 'mobile';
$field_item['error'] = FORMAT_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
if ($field_name == 'mobile' && $user_data['mobile'] != '' && $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where mobile = '" . trim($user_data['mobile']) . "' and id <> " . intval($user_data['id'])) > 0) {
$field_item['field_name'] = 'mobile';
$field_item['error'] = EXIST_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
//验证扩展字段
$field_item = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_field where field_name = '" . $field_name . "'");
if ($field_item['is_must'] == 1 && trim($user_data[$field_item['field_name']]) == '') {
$field_item['error'] = EMPTY_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
return $res;
}
return $res;
}
public function order_done()
{
require_once APP_ROOT_PATH . "system/model/deal.php";
require_once APP_ROOT_PATH . "system/model/deal_order.php";
global_run();
$ajax = 1;
$user_info = $GLOBALS['user_info'];
$id = intval($_REQUEST['id']);
//订单号
$order = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal_order where id = " . $id . " and is_delete = 0 and user_id = " . $user_info['id']);
if (!$order) {
showErr($GLOBALS['lang']['INVALID_ORDER_DATA'], $ajax);
}
if ($order['refund_status'] == 1) {
showErr($GLOBALS['lang']['REFUNDING_CANNOT_PAY'], $ajax);
}
if ($order['refund_status'] == 2) {
showErr($GLOBALS['lang']['REFUNDED_CANNOT_PAY'], $ajax);
}
$region4_id = intval($_REQUEST['region_lv4']);
$region3_id = intval($_REQUEST['region_lv3']);
$region2_id = intval($_REQUEST['region_lv2']);
$region1_id = intval($_REQUEST['region_lv1']);
if ($region4_id == 0) {
if ($region3_id == 0) {
if ($region2_id == 0) {
$region_id = $region1_id;
} else {
$region_id = $region2_id;
}
} else {
$region_id = $region3_id;
}
} else {
$region_id = $region4_id;
}
$delivery_id = intval($_REQUEST['delivery']);
$payment = intval($_REQUEST['payment']);
$account_money = floatval($_REQUEST['account_money']);
$all_account_money = intval($_REQUEST['all_account_money']);
$ecvsn = $_REQUEST['ecvsn'] ? strim($_REQUEST['ecvsn']) : '';
$ecvpassword = $_REQUEST['ecvpassword'] ? strim($_REQUEST['ecvpassword']) : '';
$goods_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "deal_order_item where order_id = " . $order['id']);
//验证购物车
if (check_save_login() != LOGIN_STATUS_LOGINED) {
showErr($GLOBALS['lang']['PLEASE_LOGIN_FIRST'], $ajax, url("index", "user#login"));
}
//验证支付方式的支持
foreach ($goods_list as $k => $row) {
if ($GLOBALS['db']->getOne("select define_payment from " . DB_PREFIX . "deal where id = " . $row['deal_id']) == 1) {
if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "deal_payment where deal_id = " . $row['deal_id'] . " and payment_id = " . $payment)) {
showErr($GLOBALS['lang']['INVALID_PAYMENT'], $ajax);
}
}
}
//结束验证购物车
$deal_s = $GLOBALS['db']->getAll("select distinct(deal_id) as deal_id from " . DB_PREFIX . "deal_order_item where order_id = " . $order['id']);
//如果属于未支付的
if ($order['pay_status'] == 0) {
foreach ($deal_s as $row) {
$checker = check_deal_number($row['deal_id'], 0);
if ($checker['status'] == 0) {
showErr($checker['info'] . " " . $GLOBALS['lang']['DEAL_ERROR_' . $checker['data']], $ajax);
}
}
foreach ($goods_list as $k => $v) {
$checker = check_deal_number_attr($v['deal_id'], $v['attr_str'], 0);
if ($checker['status'] == 0) {
showErr($checker['info'] . " " . $GLOBALS['lang']['DEAL_ERROR_' . $checker['data']], $ajax);
}
}
//验证商品是否过期
foreach ($deal_s as $row) {
$checker = check_deal_time($row['deal_id']);
if ($checker['status'] == 0) {
showErr($checker['info'] . " " . $GLOBALS['lang']['DEAL_ERROR_' . $checker['data']], $ajax);
}
}
}
//开始验证订单接交信息
require_once APP_ROOT_PATH . "system/model/cart.php";
$data = count_buy_total($region_id, $delivery_id, $payment, $account_money, $all_account_money, $ecvsn, $ecvpassword, $goods_list, $order['account_money'], $order['ecv_money']);
if ($data['is_delivery'] == 1) {
//配送验证
if (!$data['region_info'] || $data['region_info']['region_level'] != 4) {
showErr($GLOBALS['lang']['FILL_CORRECT_CONSIGNEE_ADDRESS'], $ajax);
}
if (trim($_REQUEST['consignee']) == '') {
showErr($GLOBALS['lang']['FILL_CORRECT_CONSIGNEE'], $ajax);
}
if (trim($_REQUEST['address']) == '') {
showErr($GLOBALS['lang']['FILL_CORRECT_ADDRESS'], $ajax);
}
if (trim($_REQUEST['zip']) == '') {
showErr($GLOBALS['lang']['FILL_CORRECT_ZIP'], $ajax);
}
if (trim($_REQUEST['mobile']) == '') {
showErr($GLOBALS['lang']['FILL_MOBILE_PHONE'], $ajax);
}
if (!check_mobile(trim($_REQUEST['mobile']))) {
showErr($GLOBALS['lang']['FILL_CORRECT_MOBILE_PHONE'], $ajax);
}
if (!$data['delivery_info']) {
showErr($GLOBALS['lang']['PLEASE_SELECT_DELIVERY'], $ajax);
}
}
if (round($data['pay_price'], 4) > 0 && !$data['payment_info']) {
showErr($GLOBALS['lang']['PLEASE_SELECT_PAYMENT'], $ajax);
}
//结束验证订单接交信息
//开始修正订单
$now = NOW_TIME;
$order['total_price'] = $data['pay_total_price'];
//应付总额 商品价 - 会员折扣 + 运费 + 支付手续费
$order['memo'] = strim($_REQUEST['memo']);
$order['region_lv1'] = intval($_REQUEST['region_lv1']);
$order['region_lv2'] = intval($_REQUEST['region_lv2']);
$order['region_lv3'] = intval($_REQUEST['region_lv3']);
$order['region_lv4'] = intval($_REQUEST['region_lv4']);
$order['address'] = strim($_REQUEST['address']);
$order['mobile'] = strim($_REQUEST['mobile']);
$order['consignee'] = strim($_REQUEST['consignee']);
$order['zip'] = strim($_REQUEST['zip']);
$order['delivery_fee'] = $data['delivery_fee'];
$order['delivery_id'] = $data['delivery_info']['id'];
$order['payment_id'] = $data['payment_info']['id'];
$order['payment_fee'] = $data['payment_fee'];
$order['discount_price'] = $data['user_discount'];
$order['bank_id'] = strim($_REQUEST['bank_id']);
$order['promote_description'] = "";
foreach ($data['promote_description'] as $promote_item) {
$order['promote_description'] .= $promote_item . "<br />";
}
$GLOBALS['db']->autoExecute(DB_PREFIX . "deal_order", $order, 'UPDATE', 'id=' . $order['id'], 'SILENT');
if ($data['is_delivery'] == 1) {
//保存收款人
$consignee_id = intval($_REQUEST['consignee_id']);
$user_consignee = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_consignee where user_id = " . $order['user_id'] . " and id = " . $consignee_id);
$user_consignee['region_lv1'] = intval($_REQUEST['region_lv1']);
$user_consignee['region_lv2'] = intval($_REQUEST['region_lv2']);
$user_consignee['region_lv3'] = intval($_REQUEST['region_lv3']);
$user_consignee['region_lv4'] = intval($_REQUEST['region_lv4']);
$user_consignee['address'] = strim($_REQUEST['address']);
$user_consignee['mobile'] = strim($_REQUEST['mobile']);
$user_consignee['consignee'] = strim($_REQUEST['consignee']);
$user_consignee['zip'] = strim($_REQUEST['zip']);
$user_consignee['user_id'] = $order['user_id'];
if (intval($user_consignee['id']) == 0) {
//新增,修改订单不新增配送
// $user_consignee['is_default'] = 1;
// $GLOBALS['db']->autoExecute(DB_PREFIX."user_consignee",$user_consignee,'INSERT','','SILENT');
} else {
//更新
$GLOBALS['db']->autoExecute(DB_PREFIX . "user_consignee", $user_consignee, 'UPDATE', 'id=' . $user_consignee['id'], 'SILENT');
rm_auto_cache("consignee_info", array("consignee_id" => intval($user_consignee['id'])));
}
}
//生成order_id 后
//1. 余额支付
$account_money = $data['account_money'];
if (floatval($account_money) > 0) {
$account_payment_id = $GLOBALS['db']->getOne("select id from " . DB_PREFIX . "payment where class_name = 'Account'");
$payment_notice_id = make_payment_notice($account_money, $order['id'], $account_payment_id);
require_once APP_ROOT_PATH . "system/payment/Account_payment.php";
$account_payment = new Account_payment();
$account_payment->get_payment_code($payment_notice_id);
}
//3. 相应的支付接口
$payment_info = $data['payment_info'];
if ($payment_info && $data['pay_price'] > 0) {
$payment_notice_id = make_payment_notice($data['pay_price'], $order['id'], $payment_info['id']);
//创建支付接口的付款单
}
$rs = order_paid($order['id']);
if ($rs) {
$data = array();
$data['info'] = "";
$data['jump'] = url("index", "payment#done", array("id" => $order['id']));
ajax_return($data);
//支付成功
} else {
distribute_order($order['id']);
$data = array();
$data['info'] = "";
$data['jump'] = url("index", "payment#pay", array("id" => $payment_notice_id));
ajax_return($data);
}
}
public function check()
{
$ajax = intval($_REQUEST['ajax']);
if (!$GLOBALS['user_info']) {
showErr("", $ajax, url("user#login"));
}
$id = intval($_REQUEST['id']);
$deal_item = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal_item where id = " . $id);
if (!$deal_item) {
showErr("", $ajax, url("index"));
} elseif ($deal_item['support_count'] >= $deal_item['limit_user'] && $deal_item['limit_user'] != 0) {
showErr("", $ajax, url("deal#show", array("id" => $deal_item['deal_id'])));
}
$deal_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal where is_delete = 0 and is_effect = 1 and id = " . $deal_item['deal_id']);
if (!$deal_info) {
showErr("", $ajax, url("index"));
} elseif ($deal_info['begin_time'] > NOW_TIME || $deal_info['end_time'] < NOW_TIME && $deal_info['end_time'] != 0) {
showErr("", $ajax, url("deal#show", array("id" => $deal_item['deal_id'])));
}
if ($deal_item['is_delivery'] == 1) {
$consignee_id = intval($_REQUEST['consignee_id']);
if ($consignee_id == 0) {
$consignee_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "user_consignee where user_id = " . intval($GLOBALS['user_info']['id']));
if ($consignee_list) {
showErr("请选择配送方式", $ajax);
} else {
$consignee = strim($_REQUEST['consignee']);
$province = strim($_REQUEST['province']);
$city = strim($_REQUEST['city']);
$address = strim($_REQUEST['address']);
$zip = strim($_REQUEST['zip']);
$mobile = strim($_REQUEST['mobile']);
if ($consignee == "") {
showErr("请填写收货人姓名", $ajax, "");
}
if ($province == "") {
showErr("请选择省份", $ajax, "");
}
if ($city == "") {
showErr("请选择城市", $ajax, "");
}
if ($address == "") {
showErr("请填写详细地址", $ajax, "");
}
if ($mobile == "") {
showErr("请填写收货人手机号码", $ajax, "");
}
if (!check_mobile($mobile)) {
showErr("请填写正确的手机号码", $ajax, "");
}
$data = array();
$data['consignee'] = $consignee;
$data['province'] = $province;
$data['city'] = $city;
$data['address'] = $address;
$data['zip'] = $zip;
$data['mobile'] = $mobile;
$data['user_id'] = intval($GLOBALS['user_info']['id']);
$GLOBALS['db']->autoExecute(DB_PREFIX . "user_consignee", $data);
$consignee_id = $GLOBALS['db']->insert_id();
}
}
}
if (intval($consignee_id) == 0 && $deal_item['is_delivery'] == 1) {
showErr("请选择配送方式", $ajax, "");
} else {
$memo = strim($_REQUEST['memo']);
if ($memo != "" && $memo != "在此填写关于回报内容的具体选择或者任何你想告诉项目发起人的话") {
es_session::set("cart_memo_" . intval($id), $memo);
}
if ($deal_item['is_delivery'] == 0) {
showSuccess("", $ajax, url("cart#pay", array("id" => $id)));
} else {
showSuccess("", $ajax, url("cart#pay", array("id" => $id, "did" => $consignee_id)));
}
}
}
public function send_mobie_pwd_sncode_new()
{
if (app_conf("SMS_ON") == 0) {
$data['status'] = 0;
$data['info'] = $GLOBALS['lang']['SMS_OFF'];
ajax_return($data);
}
$mobile = addslashes(htmlspecialchars(trim($_REQUEST['mobile'])));
if ($mobile == '') {
$data['status'] = 0;
$data['info'] = "请输入你的手机号";
ajax_return($data);
}
if (!check_mobile($mobile)) {
$data['status'] = 0;
$data['info'] = "请填写正确的手机号码";
ajax_return($data);
}
$field_name = addslashes(trim($_REQUEST['mobile']));
$field_data = $mobile;
$user_id = $GLOBALS['db']->getOne("select id from " . DB_PREFIX . "user where mobile='" . $field_data . "' ");
if ($user_id) {
if (!check_ipop_limit(get_client_ip(), "mobile_verify", 60, 0)) {
$data['status'] = 0;
$data['info'] = "发送速度太快了";
ajax_return($data);
}
if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "mobile_verify_code where mobile = '" . $mobile . "' and client_ip='" . get_client_ip() . "' and create_time>=" . (get_gmtime() - 60) . " ORDER BY id DESC") > 0) {
$data['status'] = 0;
$data['info'] = "发送速度太快了";
ajax_return($data);
}
//删除超过5分钟的验证码
$GLOBALS['db']->query("DELETE FROM " . DB_PREFIX . "mobile_verify_code WHERE create_time <=" . get_gmtime() - 300);
$verify_code = $GLOBALS['db']->getOne("select verify_code from " . DB_PREFIX . "mobile_verify_code where mobile = '" . $mobile . "' and create_time>=" . (NOW_TIME - 180) . " ORDER BY id DESC");
if (intval($verify_code) == 0) {
//如果数据库中存在验证码,则取数据库中的(上次的 );确保连接发送时,前后2条的验证码是一至的.==为了防止延时
//开始生成手机验证
$verify_code = rand(100000, 999999);
$GLOBALS['db']->autoExecute(DB_PREFIX . "mobile_verify_code", array("verify_code" => $verify_code, "mobile" => $mobile, "create_time" => get_gmtime(), "client_ip" => get_client_ip()), "INSERT");
}
//使用立即发送方式
send_verify_sms($mobile, $verify_code);
$data['status'] = 1;
$data['info'] = "验证码发送成功";
ajax_return($data);
} else {
$result['status'] = 0;
$result['info'] = "该手机不存在,请重新输入";
ajax_return($result);
}
}
function check_user($user_data)
{
//开始数据验证
$res = array('status' => 1, 'info' => '', 'data' => '', 'error_msg' => '');
//用于返回的数据
if ($user_data['user_pwd'] != $user_data['user_pwd_confirm']) {
$res['status'] = 0;
$res['error_msg'] = $GLOBALS['lang']['USER_PWD_CONFIRM_ERROR'];
return $res;
}
if (trim($user_data['user_pwd']) == '') {
$res['status'] = 0;
$res['error_msg'] = $GLOBALS['lang']['USER_PWD_ERROR'];
return $res;
}
if ($res['status'] == 1 && trim($user_data['user_name']) == '') {
$field_item['field_name'] = 'user_name';
$field_item['error'] = EMPTY_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
}
if ($res['status'] == 1 && $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where user_name = '" . trim($user_data['user_name']) . "' and id <> " . intval($user_data['id'])) > 0) {
$field_item['field_name'] = 'user_name';
$field_item['error'] = EXIST_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
}
if ($res['status'] == 1 && trim($user_data['mobile']) == '') {
$field_item['field_name'] = 'mobile';
$field_item['error'] = EMPTY_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
}
if ($res['status'] == 1 && !check_mobile(trim($user_data['mobile']))) {
$field_item['field_name'] = 'mobile';
$field_item['error'] = FORMAT_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
}
if ($res['status'] == 1 && $user_data['mobile'] != '' && $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where mobile = '" . trim($user_data['mobile']) . "' and id <> " . intval($user_data['id'])) > 0) {
$field_item['field_name'] = 'mobile';
$field_item['error'] = EXIST_ERROR;
$res['status'] = 0;
$res['data'] = $field_item;
}
if ($res['status'] == 0) {
$error = $res['data'];
$error_msg = "";
if (!$error['field_show_name']) {
$error['field_show_name'] = $GLOBALS['lang']['USER_TITLE_' . strtoupper($error['field_name'])];
}
if ($error['error'] == EMPTY_ERROR) {
$error_msg = sprintf($GLOBALS['lang']['EMPTY_ERROR_TIP'], $error['field_show_name']);
}
if ($error['error'] == FORMAT_ERROR) {
$error_msg = sprintf($GLOBALS['lang']['FORMAT_ERROR_TIP'], $error['field_show_name']);
}
if ($error['error'] == EXIST_ERROR) {
$error_msg = sprintf($GLOBALS['lang']['EXIST_ERROR_TIP'], $error['field_show_name']);
}
//showErr($error_msg);
$res['error_msg'] = $error_msg;
}
return $res;
}
public function index()
{
$root = array();
$email = strim($GLOBALS['request']['email']);
//用户名或邮箱
$pwd = strim($GLOBALS['request']['pwd']);
//密码
//检查用户,用户密码
$user = user_check($email, $pwd);
$user_id = intval($user['id']);
if ($user_id > 0) {
$root['user_login_status'] = 1;
if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user_consignee where user_id = " . intval($GLOBALS['user_info']['id'])) > 10) {
$root['info'] = '每个会员只能预设10个配送地址';
}
$id = intval($_REQUEST['id']);
$consignee = strim($_REQUEST['consignee']);
$province = strim($_REQUEST['province']);
$city = strim($_REQUEST['city']);
$address = strim($_REQUEST['address']);
$zip = strim($_REQUEST['zip']);
$mobile = strim($_REQUEST['mobile']);
if ($consignee == "") {
$root['info'] = '请填写收货人姓名';
}
if ($province == "") {
$root['info'] = '请选择省份';
}
if ($city == "") {
$root['info'] = '请选择城市';
}
if ($address == "") {
$root['info'] = '请填写详细地址';
}
if (!check_postcode($zip)) {
$root['info'] = '请填写正确的邮编';
}
if ($mobile == "") {
$root['info'] = '请填写收货人手机号码';
}
if (!check_mobile($mobile)) {
$root['info'] = '请填写正确的手机号码';
}
$data = array();
$data['consignee'] = $consignee;
$data['province'] = $province;
$data['city'] = $city;
$data['address'] = $address;
$data['zip'] = $zip;
$data['mobile'] = $mobile;
$data['user_id'] = intval($GLOBALS['user_info']['id']);
if (!check_ipop_limit(get_client_ip(), "setting_save_consignee", 5)) {
$root['info'] = '提交太频繁';
}
if ($id > 0) {
$GLOBALS['db']->autoExecute(DB_PREFIX . "user_consignee", $data, "UPDATE", "id=" . $id);
} else {
$GLOBALS['db']->autoExecute(DB_PREFIX . "user_consignee", $data);
$root['response_code'] = 1;
$root['info'] = '保存成功';
}
//$root['info']='保存成功';
//showSuccess("保存成功",$ajax,get_gopreview());
} else {
$root['response_code'] = 0;
$root['show_err'] = "未登录";
$root['user_login_status'] = 0;
}
output($root);
}
public function send_mobile_verify_code()
{
if (app_conf("SMS_ON") == 0) {
$data['status'] = 0;
$data['info'] = $GLOBALS['lang']['SMS_OFF'];
ajax_return($data);
}
$mobile = addslashes(htmlspecialchars(trim($_REQUEST['mobile'])));
if ($mobile == '') {
$data['status'] = 0;
$data['info'] = $GLOBALS['lang']['MOBILE_EMPTY_TIP'];
ajax_return($data);
}
if (!check_mobile($mobile)) {
$data['status'] = 0;
$data['info'] = $GLOBALS['lang']['FILL_CORRECT_MOBILE_PHONE'];
ajax_return($data);
}
$field_name = addslashes(trim($_REQUEST['mobile']));
$field_data = $mobile;
require_once APP_ROOT_PATH . "system/libs/user.php";
$res = check_user($field_name, $field_data);
$result = array("status" => 1, "info" => '');
if (!$res['status']) {
$error = $res['data'];
if (!$error['field_show_name']) {
$error['field_show_name'] = $GLOBALS['lang']['USER_TITLE_' . strtoupper($error['field_name'])];
}
if ($error['error'] == EMPTY_ERROR) {
$error_msg = sprintf($GLOBALS['lang']['EMPTY_ERROR_TIP'], $error['field_show_name']);
}
if ($error['error'] == FORMAT_ERROR) {
$error_msg = sprintf($GLOBALS['lang']['FORMAT_ERROR_TIP'], $error['field_show_name']);
}
if ($error['error'] == EXIST_ERROR) {
$error_msg = sprintf($GLOBALS['lang']['EXIST_ERROR_TIP'], $error['field_show_name']);
}
$result['status'] = 0;
$result['info'] = $error_msg;
ajax_return($result);
}
if (!check_ipop_limit(CLIENT_IP, "mobile_verify", 60, 0)) {
$data['status'] = 0;
$data['info'] = $GLOBALS['lang']['MOBILE_SMS_SEND_FAST'];
ajax_return($data);
}
if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "mobile_verify_code where mobile = '" . $mobile . "' and client_ip='" . CLIENT_IP . "' and create_time>=" . (get_gmtime() - 60) . " ORDER BY id DESC") > 0) {
$data['status'] = 0;
$data['info'] = $GLOBALS['lang']['MOBILE_SMS_SEND_FAST'];
ajax_return($data);
}
/*
//删除超过5分钟的验证码
$GLOBALS['db']->query("DELETE FROM ".DB_PREFIX."mobile_verify_code WHERE create_time <=".get_gmtime()-300);
//开始生成手机验证
$code = rand(1111,9999);
$GLOBALS['db']->autoExecute(DB_PREFIX."mobile_verify_code",array("verify_code"=>$code,"mobile"=>$mobile,"create_time"=>get_gmtime(),"client_ip"=>CLIENT_IP),"INSERT");
send_verify_sms($mobile,$code);
$data['status'] = 1;
$data['info'] = "验证码发送成功";
*/
//删除超过5分钟的验证码
$GLOBALS['db']->query("DELETE FROM " . DB_PREFIX . "mobile_verify_code WHERE create_time <=" . get_gmtime() - 300);
$verify_code = $GLOBALS['db']->getOne("select verify_code from " . DB_PREFIX . "mobile_verify_code where mobile = '" . $mobile . "' and create_time>=" . (TIME_UTC - 180) . " ORDER BY id DESC");
if (intval($verify_code) == 0) {
//如果数据库中存在验证码,则取数据库中的(上次的 );确保连接发送时,前后2条的验证码是一至的.==为了防止延时
//开始生成手机验证
$verify_code = rand(111111, 999999);
$GLOBALS['db']->autoExecute(DB_PREFIX . "mobile_verify_code", array("verify_code" => $verify_code, "mobile" => $mobile, "create_time" => get_gmtime(), "client_ip" => CLIENT_IP), "INSERT");
}
//使用立即发送方式
$result = send_verify_sms($mobile, $verify_code, null, true);
//
$data['status'] = $result['status'];
if ($data['status'] == 1) {
$data['info'] = $GLOBALS['lang']['MOBILE_VERIFY_SEND_OK'];
} else {
$data['info'] = $result['msg'];
if ($data['info'] == null || $data['info'] == '') {
$data['info'] = "验证码发送失败";
}
}
ajax_return($data);
}
printf("<script type='text/javascript'> var theme = 'games'; </script>\n\t");
break;
case "projects":
printf("<script type='text/javascript'> var theme = 'projects'; </script>\n\t");
break;
case "blog":
printf("<script type='text/javascript'> var theme = 'blog'; </script>\n\t");
break;
}
} else {
printf("<script type='text/javascript'> if(!theme) {var theme = 'home';}</script>\n\t");
$theme = "home";
}
include_once "check_mobile.php";
if (check_mobile()) {
$type = check_mobile();
$style = 'handheld';
printf("<script type='text/javascript'> var style ='handheld'; </script>");
printf("<link rel='stylesheet' type='text/css' href='css/android.css' media='screen,projection' />");
printf("<script type='text/javascript' src='js/android.js'></script>");
} else {
$os = $_SERVER['HTTP_USER_AGENT'];
if (strpos($os, 'Opera') !== false) {
printf("<script type='text/javascript'> var style ='opera'; </script>");
printf("<link rel='stylesheet' href='css/opera.css' type='text/css' media='screen,projection' /> \n\t");
$style = 'opera';
} else {
$style = 'screen';
printf("<script type='text/javascript'> var style ='screen'; </script>");
//printf("<link rel='stylesheet' type='text/css' href='css/android.css' media='only screen and (max-width: 480px)' />\n\t");
printf(" <link rel='stylesheet' type='text/css' href='css/desktop.css' media='screen and (min-width: 481px)' /> \n");
public function save_bank()
{
$ajax = intval($_REQUEST['ajax']);
if (!$GLOBALS['user_info']) {
showErr("", $ajax, url("user#login"));
}
if ($GLOBALS['user_info']['ex_qq'] != "" && $GLOBALS['user_info']['ex_account_bank'] != "" && $GLOBALS['user_info']['ex_real_name'] != "" && $GLOBALS['user_info']['ex_account_info'] != "" && $GLOBALS['user_info']['ex_contact'] != "") {
showErr("银行帐户信息已经设置过", $ajax, "");
}
if (!check_ipop_limit(get_client_ip(), "setting_save_bank", 5)) {
showErr("提交太频繁", $ajax, "");
}
$ex_real_name = strim($_REQUEST['ex_real_name']);
$ex_account_info = strim($_REQUEST['ex_account_info']);
$ex_account_bank = strim($_REQUEST['ex_account_bank']);
$ex_contact = strim($_REQUEST['ex_contact']);
$ex_qq = strim($_REQUEST['ex_qq']);
if ($ex_real_name == "") {
showErr("请填写姓名", $ajax, "");
}
if ($ex_account_bank == "") {
showErr("请填写开户银行", $ajax, "");
}
if ($ex_account_info == "") {
showErr("请填写银行帐号", $ajax, "");
}
if ($ex_contact == "") {
showErr("请填写联系电话", $ajax, "");
}
if (!check_mobile($ex_contact)) {
showErr("请填写正确的手机号码", $ajax, "");
}
if ($ex_qq == "") {
showErr("请填写联系qq", $ajax, "");
}
$GLOBALS['db']->query("update " . DB_PREFIX . "user set ex_qq = '" . $ex_qq . "',ex_account_bank = '" . $ex_account_bank . "',ex_real_name = '" . $ex_real_name . "',ex_account_info = '" . $ex_account_info . "',ex_contact = '" . $ex_contact . "',is_bank = '" . '1' . "' where id = " . intval($GLOBALS['user_info']['id']));
showSuccess("资料保存成功", $ajax, url("settings#bank"));
}
public function editHandle()
{
$id = I('id', '0', 'int');
$data['username'] = I('username', '', 'trim');
$data['mobile'] = I('mobile', '', 'trim');
$data['email'] = I('email', '', 'trim');
$data['status'] = I('status', '0', 'int');
$group = I('group', '0', 'int');
if (empty($data['username'])) {
$this->wrong('请填写账号');
}
if (!empty($_POST['password'])) {
$data['password'] = think_md5($_POST['password'], C('UC_AUTH_KEY'));
}
if ($group == 0) {
$this->wrong('请选择分组');
}
if (!check_mobile($data['mobile'])) {
$this->wrong('手机格式不正确');
}
if (!check_email($data['email'])) {
$this->wrong('邮箱格式不正确');
}
if ($this->checkName($data['username']) && $id != $this->checkName($data['username'])) {
$this->wrong('该账号已存在');
}
$data['updateTime'] = time();
if (M('auth_group_access')->where(array('uid' => $id))->find()) {
$rel = M('auth_group_access')->where(array('uid' => $id))->setfield('group_id', $group);
} else {
$rel = M('auth_group_access')->add(array('uid' => $id, 'group_id' => $group));
}
if ($rel || M('users')->where(array('id' => $id))->save($data)) {
$this->ok('修改成功');
} else {
$this->wrong('没有任何修改');
}
}
public function order_done()
{
save_debug_log('order_done', 'request:' . json_encode($_REQUEST));
$user_info = $GLOBALS['user_info'];
$id = intval($_REQUEST['id']);
//订单号
$order = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal_order where id = " . $id . " and is_delete = 0");
if (!$order) {
showErr($GLOBALS['lang']['INVALID_ORDER_DATA']);
}
$region4_id = intval($_REQUEST['region_lv4']);
$region3_id = intval($_REQUEST['region_lv3']);
$region2_id = intval($_REQUEST['region_lv2']);
$region1_id = intval($_REQUEST['region_lv1']);
if ($region4_id == 0) {
if ($region3_id == 0) {
if ($region2_id == 0) {
$region_id = $region1_id;
} else {
$region_id = $region2_id;
}
} else {
$region_id = $region3_id;
}
} else {
$region_id = $region4_id;
}
$delivery_id = intval($_REQUEST['delivery']);
$payment = intval($_REQUEST['payment']);
$account_money = floatval($_REQUEST['account_money']);
$all_account_money = intval($_REQUEST['all_account_money']);
$ecvsn = $_REQUEST['ecvsn'] ? addslashes(trim($_REQUEST['ecvsn'])) : '';
$ecvpassword = $_REQUEST['ecvpassword'] ? addslashes(trim($_REQUEST['ecvpassword'])) : '';
$goods_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "deal_order_item where order_id = " . $order['id']);
//验证购物车
if (!$user_info) {
showErr($GLOBALS['lang']['PLEASE_LOGIN_FIRST'], 0, url("shop", "user#login"));
}
//验证支付方式的支持
foreach ($goods_list as $k => $row) {
if ($GLOBALS['db']->getOne("select define_payment from " . DB_PREFIX . "deal where id = " . $row['deal_id']) == 1) {
if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "deal_payment where deal_id = " . $row['deal_id'] . " and payment_id = " . $payment)) {
showErr($GLOBALS['lang']['INVALID_PAYMENT'], $ajax);
}
}
}
//结束验证购物车
//开始验证订单接交信息
require_once APP_ROOT_PATH . "system/libs/cart.php";
$data = count_buy_total($region_id, $delivery_id, $payment, $account_money, $all_account_money, $ecvsn, $ecvpassword, $goods_list, $order['account_money'], $order['ecv_money']);
if ($data['is_delivery'] == 1) {
//配送验证
if (!$data['region_info'] || $data['region_info']['region_level'] != 4) {
showErr($GLOBALS['lang']['FILL_CORRECT_CONSIGNEE_ADDRESS']);
}
if (trim($_REQUEST['consignee']) == '') {
showErr($GLOBALS['lang']['FILL_CORRECT_CONSIGNEE']);
}
if (trim($_REQUEST['address']) == '') {
showErr($GLOBALS['lang']['FILL_CORRECT_ADDRESS']);
}
// if(trim($_REQUEST['zip'])=='')
// {
// showErr($GLOBALS['lang']['FILL_CORRECT_ZIP']);
// }
if (trim($_REQUEST['mobile']) == '') {
showErr($GLOBALS['lang']['FILL_MOBILE_PHONE']);
}
if (!check_mobile(trim($_REQUEST['mobile']))) {
showErr($GLOBALS['lang']['FILL_CORRECT_MOBILE_PHONE']);
}
// if(!$data['delivery_info'])
// {
// showErr($GLOBALS['lang']['PLEASE_SELECT_DELIVERY']);
// }
}
if (round($data['pay_price'], 4) > 0 && !$data['payment_info']) {
showErr($GLOBALS['lang']['PLEASE_SELECT_PAYMENT']);
}
//结束验证订单接交信息
//开始修正订单
$now = get_gmtime();
$order['total_price'] = $data['pay_total_price'];
//应付总额 商品价 - 会员折扣 + 运费 + 支付手续费
$order['memo'] = htmlspecialchars(trim($_REQUEST['memo']));
$order['region_lv1'] = intval($_REQUEST['region_lv1']);
$order['region_lv2'] = intval($_REQUEST['region_lv2']);
$order['region_lv3'] = intval($_REQUEST['region_lv3']);
$order['region_lv4'] = intval($_REQUEST['region_lv4']);
$order['address'] = htmlspecialchars(addslashes(trim($_REQUEST['address'])));
$order['mobile'] = htmlspecialchars(addslashes(trim($_REQUEST['mobile'])));
$order['consignee'] = htmlspecialchars(addslashes(trim($_REQUEST['consignee'])));
$order['zip'] = htmlspecialchars(addslashes(trim($_REQUEST['zip'])));
$order['delivery_fee'] = $data['delivery_fee'];
$order['delivery_id'] = $data['delivery_info']['id'];
$order['payment_id'] = $data['payment_info']['id'];
$order['payment_fee'] = $data['payment_fee'];
$order['discount_price'] = $data['user_discount'];
$order['bank_id'] = htmlspecialchars(addslashes(trim($_REQUEST['bank_id'])));
$order['promote_description'] = "";
foreach ($data['promote_description'] as $promote_item) {
$order['promote_description'] .= $promote_item . "<br />";
}
$coupon_mobile = htmlspecialchars(addslashes(trim($_REQUEST['coupon_mobile'])));
$user_info = es_session::get("user_info");
if ($coupon_mobile != '') {
$GLOBALS['db']->query("update " . DB_PREFIX . "user set mobile = '" . $coupon_mobile . "' where id = " . intval($user_info['id']));
}
$GLOBALS['db']->autoExecute(DB_PREFIX . "deal_order", $order, 'UPDATE', 'id=' . $order['id'], 'SILENT');
if ($data['is_delivery'] == 1) {
//保存收款人
$user_consignee = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_consignee where user_id = " . $order['user_id'] . " order by id desc");
$user_consignee['region_lv1'] = intval($_REQUEST['region_lv1']);
$user_consignee['region_lv2'] = intval($_REQUEST['region_lv2']);
$user_consignee['region_lv3'] = intval($_REQUEST['region_lv3']);
$user_consignee['region_lv4'] = intval($_REQUEST['region_lv4']);
$user_consignee['address'] = htmlspecialchars(addslashes(trim($_REQUEST['address'])));
$user_consignee['mobile'] = htmlspecialchars(addslashes(trim($_REQUEST['mobile'])));
$user_consignee['consignee'] = htmlspecialchars(addslashes(trim($_REQUEST['consignee'])));
$user_consignee['zip'] = htmlspecialchars(addslashes(trim($_REQUEST['zip'])));
$user_consignee['user_id'] = $order['user_id'];
if (intval($user_consignee['id']) == 0) {
//新增
$GLOBALS['db']->autoExecute(DB_PREFIX . "user_consignee", $user_consignee, 'INSERT', '', 'SILENT');
} else {
//更新
$GLOBALS['db']->autoExecute(DB_PREFIX . "user_consignee", $user_consignee, 'UPDATE', 'id=' . $user_consignee['id'], 'SILENT');
}
}
//生成order_id 后
//1. 余额支付
$account_money = $data['account_money'];
if (floatval($account_money) > 0) {
$account_payment_id = $GLOBALS['db']->getOne("select id from " . DB_PREFIX . "payment where class_name = 'Account'");
$payment_notice_id = make_payment_notice($account_money, $order['id'], $account_payment_id);
require_once APP_ROOT_PATH . "system/payment/Account_payment.php";
$account_payment = new Account_payment();
$account_payment->get_payment_code($payment_notice_id);
}
//3. 相应的支付接口
$payment_info = $data['payment_info'];
if ($payment_info && $data['pay_price'] > 0) {
$payment_notice_id = make_payment_notice($data['pay_price'], $order['id'], $payment_info['id']);
//创建支付接口的付款单
}
$rs = order_paid($order['id']);
if ($rs) {
app_redirect(url("shop", "payment#done", array("id" => $order['id'])));
//支付成功
} else {
app_redirect(url("shop", "payment#pay", array("id" => $payment_notice_id)));
}
}
