public function Clear($type, $timeBefore) { $where = array(); $type != '*' && $where['type'] = $type; $where['time'] = array('<', time() - (float)$timeBefore); return dbc(DBCMax)->delete('zlog')->where($where)->done(); }
public function del_image() { $this->CheckAdminPrivs('seller'); $seller_id = get('seller_id', 'int'); $id = get('id', 'int'); if($seller_id > 0 && $id > 0) { $s = logic('seller')->GetOne($seller_id); if($s) { if ($s['imgs'] == '') { logic('upload')->Delete($id); } else { $imgs = explode(',', $s['imgs']); foreach ($imgs as $i => $iid) { if ($iid == $id) { logic('upload')->Delete($id); unset($imgs[$i]); } } $new = implode(',', $imgs); dbc(DBCMax)->update('seller')->data(array('imgs'=>$new))->where(array('id'=>$seller_id))->done(); } } } exit('ok'); }
public function add_score($pid=0,$uid=0,$score=0,$type='buy',$share=''){ $info = ''; if(!in_array($type,array('buy','reply','forward'))){ $type='buy'; } if($type != 'buy'){ $set_scores = ini('credits.config'); $score = (int)$set_scores[$type]; } $products = dbc(DBCMax)->select('product')->in('name')->where('`id`='. (int)$pid)->limit(1)->done(); if($products['name']){ if($type == 'buy'){ $info = '购买产品:'.$products['name']; }elseif($type == 'reply'){ $info = '评论产品:'.$products['name']; }elseif($type == 'forward' && $share && $uid > 0){ $chx = dbc(DBCMax)->select('credit')->where(array('uid'=>$uid,'pid'=>$pid,'type'=>'forward'))->limit(1)->done(); if(!$chx){ $info = '分享产品:'.$products['name'].' 到:'.$share; } } } if($uid > 0 && $score > 0 && $info){ $data = array( 'uid' => $uid, 'pid' => $pid, 'info' => $info, 'score'=> $score, 'type' => $type, 'gettime' => time(), ); dbc(DBCMax)->insert('credit')->data($data)->done(); dbc(DBCMax)->update('members')->data('scores=scores+'.$score)->where('uid='.(int)$uid)->done(); } }
public function CallbackVerify($payment) { if (user()->get('id') < 1) { return 'VERIFY_FAILED'; } $password = post('password', 'txt'); $market_account = dbc(DBCMax)->select('members')->where(array('uid'=>MEMBER_ID))->limit(1)->done(); $fromisqq = explode('.', $market_account['email2']); if($market_account['email2']=='zuitu'){ $validate = md5($password.'@4!@#$%@') != user()->get('password'); }elseif($fromisqq[1] == 'qq'){ $validate = md5(md5($password)) != user()->get('password'); }else{ $validate = md5($password) != user()->get('password'); } if ($validate) { return 'VERIFY_FAILED'; } $trade = $this->GetTradeData(); if ($trade['__order__']['paytype'] != $payment['id']) { return 'VERIFY_FAILED'; } return $trade['status']; }
public function save() { $this->CheckAdminPrivs('privs'); $uid = post('uid', 'int'); if($uid == '1'){ $this->Messager("您不能对此管理员的权限进行任何操作"); } $userinfo = dbc(DBCMax)->query('select uid,username,role_id,role_type,privs from '.table('members').' where uid='.$uid)->limit(1)->done(); if(!$userinfo){ $this->Messager("该用户不存在"); } if(!in_array($userinfo['role_type'],array('admin','seller'))){ $this->Messager("您不能设置该用户的后台操作权限"); } $privs = post('privs_code'); if($privs && is_array($privs)){ $privs[] = 'index'; $dataprivs = implode(',',$privs); }else{ $dataprivs = ''; } if($dataprivs != $userinfo['privs']){ dbc(DBCMax)->update('members')->data(array('privs'=>$dataprivs,'role_id'=>'0'))->where('uid='.$uid)->done(); } $this->Messager("权限设置成功"); }
public function place() { $this->CheckAdminPrivs('city'); $cityId = get('cid', 'int'); $city = dbc(DBCMax)->select('city')->where(array('cityid' => $cityId))->limit(1)->done(); $places = logic('city')->get_places($cityId); include handler('template')->file('@admin/city_place_list'); }
public function get_one($id, $is = 'sign') { $id = (is_numeric($id) ? $id : 0); if($id < 1) { return false; } $is = (in_array($is, array('id', 'sign', 'trade_no')) ? $is : 'sign'); return dbc(DBCMax)->select('paylog')->where(array($is => $id))->order(" `id` DESC ")->limit(1)->done(); }
public function Log_clear() { $this->CheckAdminPrivs('push'); $_POST['clear_time'] = 7; $_POST['clear_unit'] = 'd'; $_POST['clear_type'] = 'out'; $sql_limit_time = 'type="mail" AND `update` '.$this->__sql_clear_time(); $sql = 'DELETE FROM '.table('push_log').' WHERE '.$sql_limit_time; dbc()->Query($sql); $this->Messager('操作完成!', '?mod=push&code=log'); }
protected function zlogCreate($index, $name, $extra = '') { $data = array( 'type' => $this->zlogType, 'uid' => user()->get('id'), 'uip' => ip2long(client_ip()), 'index' => $index, 'name' => $name, 'extra' => $extra, 'time' => time() ); return dbc(DBCMax)->insert('zlog')->data($data)->done(); }
public function init() { $sellers = dbc(DBCMax)->select('seller')->done(); foreach ($sellers as $seller) { list($longitude, $latitude, $level) = explode(',', $seller['sellermap']); if ($longitude && $latitude) { dbc(DBCMax)->update('product')->where(array('sellerid' => $seller['id']))->data(array('longitude' => (float)$longitude, 'latitude' => (float)$latitude))->done(); dbc(DBCMax)->update('seller')->where(array('id' => $seller['id']))->data(array('longitude' => (float)$longitude, 'latitude' => (float)$latitude))->done(); } } }
function MemberHandler() { $this->DatabaseHandler =dbc(); $this->CookieHandler =handler('cookie'); $this->Config =ini('settings'); $this->ID =0; $this->MemberName =''; $this->MemberPassword =''; $this->ActionList =''; $this->CurrentActions =''; $this->setSessionId(); }
public function Set() { $path = get('path', 'txt'); $data = get('data'); list($search, $field) = explode('/', $path); list($sWhere, $sTable) = explode('@', $search); list($sField, $sValue) = explode(':', $sWhere); $sql = 'UPDATE `'.table($sTable).'` SET `'.$field.'`='.(is_numeric($data) ? $data : '"'.$data.'"').' WHERE `'.$sField.'`='.(is_numeric($sValue) ? $sValue : '"'.$sValue.'"'); dbc()->Query($sql); if($sTable == 'seller' && $field == 'enabled'){ logic('seller')->setmembertype($sValue,$data); } exit('end'); }
function Checkout_save() { $product_id = post('product_id', 'int'); $product = logic('product')->BuysCheck($product_id); if (isset($product['false'])) { return $this->__ajax_save_failed($product['false']); } $num_buys = post('num_buys', 'int'); if (!$num_buys || ($product['oncemax'] > 0 && $num_buys > $product['oncemax']) || $num_buys < $product['oncemin']) { return $this->__ajax_save_failed(__('请填写正确的购买数量!')); } $order = logic('order')->GetFree(user()->get('id'), $product_id); $order['productnum'] = $num_buys; $order['productprice'] = $product['nowprice']; $order['extmsg'] = post('extmsg', 'txt'); if ($product['type'] == 'stuff') { logic('address')->Accessed('order.save', $order); logic('express')->Accessed('order.save', $order); } logic('notify')->Accessed('order.save', $order); if (!logic('attrs')->Accessed('order.save', $order)) { return $this->__ajax_save_failed(__('请选择正确的产品属性规格!')); } $price_total = $order['productprice'] * $order['productnum'] + $order['expressprice']; logic('attrs')->order_calc($order['orderid'], $price_total); if ((float)$price_total < 0) { return $this->__ajax_save_failed(__('订单总价不正确,请重新下单!')); } $order['totalprice'] = $price_total; $order['process'] = '__CREATE__'; $order['status'] = ORD_STA_Normal; if( $product['is_countdown'] == 1 ){ $order['is_countdown'] = 1; dbc(DBCMax)->update('product')->data('sells_count=sells_count+'.(int)$num_buys)->where('id='.$product_id)->done(); } logic('order')->Update($order['orderid'], $order); $ops = array( 'status' => 'ok', 'id' => $order['orderid'] ); if (!X_IS_AJAX) { header('Location: '.rewrite('?mod=buy&code=order&id='.$order['orderid'])); exit; } echo jsonEncode($ops); }
private function get_first_user_time($hoster) { $order = dbc(DBCMax)->select('order')->where(array('userid' => $hoster))->order('paytime.asc')->limit(1)->done(); $recharge = dbc(DBCMax)->select('recharge_order')->where(array('userid' => $hoster))->order('paytime.asc')->limit(1)->done(); $order || $order = array('paytime' => time() + 7052991); $recharge || $recharge = array('paytime' => time() + 7052991); if (($order['paytime'] == $recharge['paytime']) && $order['paytime'] > time()) { return 0; } else { return min(array($order['paytime'], $recharge['paytime'])); } }
function MasterObject(&$config) { $config['v'] = SYS_VERSION; $this->Config=$config; $this->Get = &$_GET; $this->Post = &$_POST; $this->Cookie = &$_COOKIE; $this->Session = &$_SESSION; $this->Request = &$_REQUEST; $this->Server = &$_SERVER; $this->Files = &$_FILES; $this->Module = $this->Post['mod']?$this->Post['mod']:$this->Get['mod']; $this->Code = $this->Post['code']?$this->Post['code']:$this->Get['code']; $this->OPC = trim($this->Post['op']?$this->Post['op']:$this->Get['op']); $GLOBALS['iframe'] = ''; $ipbanned=ConfigHandler::get('access','ipbanned'); if(!empty($ipbanned) && preg_match("~^({$ipbanned})~",$_SERVER['REMOTE_ADDR'])) { die(__("您的IP已经被禁止访问。")); } $this->TemplateHandler=new TemplateHandler($config); Obj::register('TemplateHandler',$this->TemplateHandler); $this->CookieHandler = handler('cookie'); $this->DatabaseHandler = dbc(); Obj::register('DatabaseHandler',$this->DatabaseHandler); Obj::register('CookieHandler',$this->CookieHandler); Obj::register('config',$this->Config); }
function Linkproduct(){ $html = ''; $id = $this->Get['city']; if($id > 0){ $sellers = dbc(DBCMax)->query("SELECT id,sellername FROM `".table('seller')."` WHERE `enabled`='true' AND area ='".intval($id)."'")->done(); } if($sellers){ foreach($sellers as $k => $v){ $html .= '<option value="'.$v['id'].'">'.$v['sellername'].'</option>'; } }else{ $html .= '<option value="">请选择...</option>'; } echo $html; exit; }
public function html($flag = '') { $products = array(); if($this->ids) { $arr = array(); $_arrs = dbc(DBCMax)->query("select `id`, `name`, `nowprice`, `price`, `img` from ".table('product')." where `id` IN ('".implode("','", $this->ids)."')")->done(); foreach($_arrs as $r) { $r['img_src'] = imager((int) $r['img'], IMG_Tiny); $arr[$r['id']] = $r; } foreach($this->ids as $id) { $products[$id] = $arr[$id]; } } $flag = (in_array($flag, array('top_nav_right')) ? $flag : 'top_nav_right'); include handler('template')->file('@html/recent_view/' . $flag); }
public function Count($pid, $alsend) { $sql_limit_status = '1'; if ($alsend == DELIV_SEND_Yes) { $sql_limit_status = 'process IN("WAIT_BUYER_CONFIRM_GOODS","TRADE_FINISH")'; } elseif ($alsend == DELIV_SEND_No) { $sql_limit_status = 'process="WAIT_SELLER_SEND_GOODS"'; } elseif ($alsend == DELIV_SEND_OK) { $sql_limit_status = 'process="TRADE_FINISHED"'; } $r = dbc(DBCMax)->select('order')->in('COUNT(1) AS devCNT')->where('productid='.$pid.' AND status='.ORD_STA_Normal.' AND '.$sql_limit_status)->limit(1)->done(); return $r['devCNT'] ? $r['devCNT'] : 0; }
public function install() { $this->CheckAdminPrivs('payment'); $flag = get('flag', 'txt'); $list_local = $this->local_list(); if (!isset($list_local[$flag])) { $this->Messager('不可识别的支付标记,系统无法进行安装!', '?mod=payment&code=vlist'); } $db_pay = logic('pay')->SrcOne($flag); if ($db_pay['code'] != 'bankdirect') { if ($db_pay['id']) { $this->Messager('支付方式已经安装过了!', '?mod=payment&code=vlist'); } } $file = DRIVER_PATH.'payment/'.$flag.'.install.php'; if (is_file($file)) { include $file; } $payment = $list_local[$flag]; if ($db_pay['id'] > 0) { $r = true; } else { $datax = array('code' => $flag, 'name' => $payment['name'], 'detail' => $payment['detail'], 'order' => 888, 'config' => 'N;', 'enabled' => 'false'); $r = dbc(DBCMax)->insert('payment')->data($datax)->done(); } if ($r) { $this->Messager('安装成功!', '?mod=payment&code=vlist'); } else { $this->Messager('安装失败!', '?mod=payment&code=vlist'); } }
private function iniz() { $this->uid = user()->get('id'); if ($this->uid < 0) { $this->Messager('请先登录!', '?mod=account&code=login'); } $this->sid = logic('seller')->U2SID($this->uid); if ($this->sid < 0) { if($this->uid == 1){ $this->Messager('请您先去后台,添加自己的商家信息!', 0); }else{ $this->Messager('您不是商家,无法查看商家后台!', 0); } }else{ $sellerinfo = dbc(DBCMax)->query('select * from '.table('seller').' where id='.$this->sid)->limit(1)->done(); if($sellerinfo['enabled']=='false'){ $this->Messager('您的商家身份未通过审核!', 'index.php'); } } }
private function __vars_filter($rule, $val, $method) { if ($this->__vf_driver == null) { $this->__vf_driver = new SafeLogicVarsFilter(); } if (method_exists($this->__vf_driver, $rule)) { if (WEB_BASE_ENV_DFS::$APPNAME != 'admin' && $method == 'get' && in_array($rule, array('string', 'txt'))) { $valc = $val; if (strlen($valc) > 32) { $safe = dbc(DBCMax)->do_sql_safe_query($valc); if ($safe === true) { if (strstr($valc, '%')) { $safe = dbc(DBCMax)->do_sql_safe_query(urldecode($valc)); if ($safe === true) { } else { dbc(DBCMax)->sql_hack_found($safe); } } } else { dbc(DBCMax)->sql_hack_found($safe); } } } return $this->__vf_driver->$rule($val); } return $val; }
public function iiSearch($map, &$key, &$wd) { if ($key != 'wd') { $wd = ' ='.$wd; return; } $key = $map['key']; $table = $map['table']; $field = ''; $where = ''; $wheres = array(); $srcs = (array) $map['src']; $wd = trim($wd); foreach($srcs as $k) { $k = '`' . $k . '`'; $field .= ',' . $k; $wheres[$k] = ($k == '`id`') ? " ({$k} = '{$wd}') " : " ({$k} LIKE '%{$wd}%') "; } $where = ' ( ' . implode(' OR ', $wheres) . ' ) '; $iwField = $map['idx']; $exsql = $table == 'product' ? ' AND `saveHandler`="normal" ORDER BY `addtime` desc' : ''; $sql = 'SELECT '.$iwField.$field.' FROM '.table($table).' WHERE '.$where.$exsql; $query = dbc()->Query($sql); if (!$query) { $key = '__404__'; return; } $ids = $query->GetAll(); if (count($ids) == 0) { $key = '__404__'; return; } $idx = ''; foreach ($ids as $i => $id) { $idx .= $id[$iwField].','; } $idx = substr($idx, 0, -1); $wd = ' IN('.$idx.')'; }
function DoModify() { $this->CheckAdminPrivs('memberedite'); extract($this->Post); if($this->Post['uid'] == 1 && MEMBER_ID != 1){ $this->Messager("您不能对此管理员的权限进行任何操作"); } $userinfo = dbc(DBCMax)->query('select uid,username,role_id,role_type,privs,money from '.table('members').' where uid='.(int) $this->Post['uid'])->limit(1)->done(); if(!$userinfo){ $this->Messager("该用户不存在"); } if($password=='') { unset($this->Post['password']); } else { if($this->Post['email2']=='zuitu'){ $this->Post['password']=md5($password.'@4!@#$%@'); }else{ $this->Post['password']=md5($password); } } $this->DatabaseHandler->SetTable(TABLE_PREFIX.'system_members'); if($userinfo['username']!=$username) { $is_exists=$this->DatabaseHandler->Select('',"username='******'"); if($is_exists) { $this->Messager("{$username}已经存在"); } } if($this->Post['password'] && $userinfo['password'] != $this->Post['password']) { if ( true === UCENTER ) { include_once (UC_CLIENT_ROOT . './client.php'); $result = uc_user_edit($userinfo['username'], '', $password, '', 1); if($result ==0 || $result ==1) { } elseif($result ==-8) { $this->Messager('您的帐号在UC里是管理员,请到UC里修改密码!'); } else { $this->Messager('通知UC修改密码失败,请检查你的UC配置!'); } } } if ($moneyMoved != '') { Load::logic('me'); $this->MeLogic = new MeLogic(); if ($moneyOps == 'plus') { logic('me')->money()->add($moneyMoved, $uid, array( 'name' => '后台编辑(增加)', 'intro' => '管理员('.MEMBER_NAME.')增加了您的余额,详情请联系!' )); } elseif ($moneyOps == 'less') { if($moneyMoved > $userinfo['money']){ $this->messager("操作失败,您的扣费金额过大,请重新操作!"); } logic('me')->money()->less($moneyMoved, $uid, array( 'name' => '后台编辑(减少)', 'intro' => '管理员('.MEMBER_NAME.')减少了您的余额,详情请联系!' )); } } $this->Post['role_type'] = in_array($this->Post['role_type'],array('normal','admin')) ? $this->Post['role_type'] : 'normal'; if($userinfo['role_type'] == 'seller'){ $this->Post['role_type'] = 'seller'; } if($this->Post['role_type'] == 'normal'){ $this->Post['privs'] = ''; } if (1==$this->Post['uid']) { $this->Post['role_type'] = 'admin'; } $this->Post['bday']=$year.'-'.$month.'-'.$day; $this->DatabaseHandler->SetTable(TABLE_PREFIX.'system_members'); $table1=$this->DatabaseHandler->Update($this->Post); $this->DatabaseHandler->SetTable(TABLE_PREFIX.'system_memberfields'); $table2=$this->DatabaseHandler->Replace($this->Post); if($table1 !==false) { $this->Messager("编辑成功"); } else { $this->Messager("编辑失败"); } }
function Regions($search = 1, $where = 1, $limit = 1) { $sql = ' SELECT * FROM '.table('regions').' WHERE '.$search.' AND '.$where.' '; $query = dbc()->Query($sql); if ($limit > 1) { return $query->GetAll(); } else { return $query->GetRow(); } }
private function Log($file) { if (is_string($file)) { return array( 'error' => true, 'msg' => $file ); } $data = $file; $data['intro'] = ''; $data['url'] = ini('settings.site_url').str_replace('./', '/', $data['path']); $data['extra'] = ''; $data['uid'] = user()->get('id'); $data['ip'] = ip2long(client_ip()); $data['update'] = time(); dbc()->SetTable(table('uploads')); $exist = dbc(DBCMax)->select('uploads')->where('path="'.$data['path'].'"')->limit(1)->done(); if ($exist) { dbc()->Update($data, 'id='.$exist['id']); $data['id'] = $exist['id']; } else { $data['id'] = dbc()->Insert($data); } return $data; }
public function Orderdone($orderid,$status,$info) { $order = $this->GetOne($orderid); if (!$order || $order['status'] != 'doing') { $return = false; }else{ $status = in_array($status,array('yes','error')) ? $status : 'error'; $moneys = doubleval($order['money']); $return = dbc(DBCMax)->update('fund_order')->data(array('paytime'=>time(),'status'=>$status))->where('orderid='.$orderid)->done(); if($status == 'error'){ $sql ='UPDATE ' . table('seller').' SET account_money = account_money + ' . $moneys . ',forbid_money = forbid_money - ' . $moneys . ' WHERE userid = ' . $order['userid']; }else{ $sql ='UPDATE ' . table('seller').' SET forbid_money = forbid_money - ' . $moneys . ' WHERE userid = ' . $order['userid']; } $return = dbc(DBCMax)->query($sql)->done(); $this->Writelog($orderid,$status,$info); } return $return; }
public function GetList() { return dbc(DBCMax)->select('role')->done(); }
private function doforbidden($ticketid){ $return = false; if(MEMBER_ROLE_TYPE == 'seller'){ $pids = logic('product')->GetUserSellerProduct(MEMBER_ID); $tinfo = dbc(DBCMax)->query('select productid from '.table('ticket')." where ticketid='".$ticketid."'")->limit(1)->done(); if(!in_array($tinfo['productid'],$pids)){ $return = true; } } return $return; }
public function couponuse400() { $number = get('num', 'number'); $password = get('secret', 'number'); if(empty($number) || empty($password)) { $this->print_result2(); } $product = logic('coupon')->ProductGet($number); if ($product && $product['coupon']['status'] == TICK_STA_Unused) { if ($product['coupon']['password'] != $password) { $this->print_result2(); } else { $usetime = date('Y-m-d H:i:s', time()); dbc(DBCMax)->update('ticket')->data(array('status' => TICK_STA_Used, 'usetime' => $usetime))->where(array('ticketid' => $product['coupon']['ticketid']))->done(); logic('notify')->Call($product['coupon']['uid'], 'logic.coupon.Used', array( 'productflag' => $product['flag'], 'number' => $product['coupon']['number'], 'time' => $usetime )); zlog('coupon')->used($product['coupon']); $product['coupon']['flag'] = $product['flag']; $this->print_result2('true', $product['flag'], $product['nowprice']); } } else { $this->print_result2(); } }
echo $st[673]; ?> <br /><center><input type='submit' value="<?php echo $cw['submit']; ?> " /></center> </form><p /> <small><?php echo $st[674]; ?> </small> <?php } else { db("select * from user_accounts where login_id=" . (int) $_GET['id']); if (!dbc()) { echo "URL invalide, ce compte n'existe pas"; } else { ?> <?php echo $st[1821]; ?> <br /><br /> <FORM method="POST" action="signup.php" name="signup"> <input type=="hidden" name="id" value="<?php echo $_GET['id']; ?> " /> <table cellspacing=1 cellpadding=2 border=0> <tr>