function ajax() { $model = M('Order'); $id = intval($_POST['id']); $order = $model->find($id); if ($order['userid'] != $this->_userid) { die(json_encode(array('msg' => L('do_empty')))); } $_POST = get_safe_replace($_POST); if ($_GET['do'] == 'saveaddress') { $r = $model->save($_POST); die(json_encode(array('id' => 1))); } elseif ($_GET['do'] == 'order_status') { $_POST['status'] = 3; $_POST['confirm_time'] = time(); $r = $model->save($_POST); die(json_encode(array('id' => 1))); } elseif ($_GET['do'] == 'pay_status') { $_POST['pay_status'] = 3; $r = $model->save($_POST); die(json_encode(array('id' => 1))); } elseif ($_GET['do'] == 'shipping_status') { $_POST['shipping_status'] = $_POST['num']; unset($_POST['num']); $_POST['accept_time'] = $_POST['shipping_status'] == 2 ? time() : ''; $r = $model->save($_POST); die(json_encode(array('id' => 1))); } }
function _initialize() { parent::_initialize(); import('@.EXT.Online'); new Online(); $this->dao = M('Cart'); $this->sessionid = get_safe_replace(cookie('onlineid')); $_POST = get_safe_replace($_POST); }
public function _empty() { //空操作 空模块 if (MODULE_NAME != 'Urlrule') { $Mod = F('Mod'); if (!$Mod[MODULE_NAME]) { throw_exception('404'); } } $a = ACTION_NAME; $id = intval($_REQUEST['id']); $catid = intval($_REQUEST['catid']); $moduleid = intval($_REQUEST['moduleid']); if (MODULE_NAME == 'Urlrule') { if (APP_LANG) { $l = get_safe_replace($_REQUEST['l']); $lang = $l ? '_' . $l : '_' . C('DEFAULT_LANG'); } $catdir = get_safe_replace($_REQUEST['catdir']); if ($catdir) { $Cat = F('Cat' . $lang); $catid = $catid ? $catid : $Cat[$catdir]; unset($Cat); } if ($_REQUEST['module']) { $m = get_safe_replace($_REQUEST['module']); } elseif ($moduleid) { $Module = F('Module'); $m = $Module[$moduleid]['module']; unset($Module); } elseif ($catid) { $Category = F('Category' . $lang); $m = $Category[$catid]['module']; unset($Category); } else { throw_exception('404'); } if ($a == 'index') { $id = $catid; } } else { if (empty($id)) { $Cat = F('Cat' . $lang); $id = $Cat[$id]; unset($Cat); } $m = MODULE_NAME; } import('@.Action.Base'); $bae = new BaseAction(); if (!method_exists($bae, $a)) { throw_exception('404'); } $bae->{$a}($id, $m); }
public function downloadxls() { $where = 1; $name = "全部订单:" . time(); if ($_REQUEST["time1"] || $_REQUEST["time2"]) { $time1 = get_safe_replace($_REQUEST["time1"]); $time2 = get_safe_replace($_REQUEST["time2"]); /*strtotime($time2)-($day*86400);*/ if ($time1 == $time2) { $time1 = strtotime($time1) - 86400; } else { $time1 = strtotime($time1); } /*相同日期则选择一天*/ $where .= " and add_time > '" . $time1 . "' and add_time < '" . strtotime($time2) . "'"; $name = "时间段" . toDate($time1, "Y/m/d") . "-" . toDate(strtotime($time2), "Y/m/d"); } $order = M(MODULE_NAME)->where($where)->getfield('id,sn,add_time,consignee,mobile,order_amount,province,city,area,address'); // $data = array(); foreach ($order as $key => $vv) { $oid .= $key == 0 ? $vv['id'] : ',' . $vv['id']; } if (empty($oid)) { $this->success('数据为空!'); exit; } $od['order_id'] = array('in', $oid); $order_data = M("order_data")->where($od)->select(); $area = M('area')->getfield('id,name'); foreach ($order_data as $key => $v) { $data[$key][1] = $order[$v['order_id']]['sn'] . "号"; $data[$key][2] = toDate($order[$v['order_id']]["add_time"], "Y/m/d H:i:s"); $data[$key][3] = $v['product_name']; $data[$key][4] = $v['type_name']; $data[$key][5] = $order[$v['order_id']]["pay_status"] == 2 ? '已支付' : '未支付'; $data[$key][6] = $order[$v['order_id']]["order_amount"] . "元"; $data[$key][7] = $order[$v['order_id']]["consignee"]; $data[$key][8] = $order[$v['order_id']]["mobile"]; $data[$key][9] = $area[$order[$v['order_id']]["province"]]; $data[$key][10] = $area[$order[$v['order_id']]["city"]]; $data[$key][11] = $area[$order[$v['order_id']]["area"]]; $data[$key][12] = $order[$v['order_id']]["address"]; } $title = array(1 => "订单编号", 2 => "订单时间", 3 => "订购产品", 4 => "订购类型", 5 => "支付状态", 6 => "订单价格", 7 => "姓名", 8 => "手机", 9 => "省份", 10 => "城市", 11 => "区域", 12 => "地址"); $this->exportexcel($data, $title, $name); }
function _initialize() { parent::_initialize(); if (!$this->_userid) { $this->assign('jumpUrl', U('User/Login/index')); $this->error(L('nologin')); exit; } $this->dao = M('User'); $this->assign('bcid', 0); $user = $this->dao->find($this->_userid); $this->assign('vo', $user); unset($_POST['status']); unset($_POST['groupid']); unset($_POST['amount']); unset($_POST['point']); $_GET = get_safe_replace($_GET); }
public function downloadxls() { $where = 1; $name = "全部订单:" . time(); if ($_REQUEST["time1"] || $_REQUEST["time2"]) { $time1 = get_safe_replace($_REQUEST["time1"]); $time2 = get_safe_replace($_REQUEST["time2"]); /*strtotime($time2)-($day*86400);*/ if ($time1 == $time2) { $time1 = strtotime($time1) - 86400; } else { $time1 = strtotime($time1); } /*相同日期则选择一天*/ $where .= " and createtime > '" . $time1 . "' and createtime < '" . strtotime($time2) . "'"; $name = "预约试驾" . toDate($time1, "Y/m/d") . "-" . toDate(strtotime($time2), "Y/m/d"); } $area = M('area')->getfield('id,name'); $bill = M(MODULE_NAME)->where($where)->select(); foreach ($bill as $key => $vo) { $pro = M("product")->where('id=' . $vo['car_name'])->cache(true)->find(); $data[$key][1] = $vo['id']; $data[$key][2] = $pro['title']; $data[$key][3] = toDate($vo['datetime'], "Y/m/d"); $data[$key][4] = $vo['username']; $data[$key][5] = $vo['sex'] == 1 ? "先生" : '女士'; if ($vo['sex'] == 0) { $data[$key][5] = '未知'; } $data[$key][6] = '手机' . $vo['mobile']; $data[$key][7] = $area[$vo['province']]; $data[$key][8] = $area[$vo['city']]; $data[$key][9] = $area[$vo['area']]; $shopname = M("shop")->where('shopcode=\'' . $vo['shop_name'] . '\'')->getfield('sname'); if (!$shopname) { $shopname = "客户未选择"; } $data[$key][10] = $shopname; } $title = array(1 => "预约号", 2 => "预约车型", 3 => "预约时间", 4 => "预约人", 5 => "性别", 6 => "电话", 7 => "省份", 8 => "城市", 9 => "区域", 10 => "经销商"); $order = A('Admin/Order'); $order->exportexcel($data, $title, $name); }
public function order() { $uid = intval($_REQUEST['uid']); $this->assign('uid', $uid); $mid = intval($_REQUEST['id']); $mx = get_safe_replace($_REQUEST['mx']); if ($mid > 0 && strlen($mx) > 0) { $pro = M($mx)->where("id=" . $mid)->find(); } if ($this->Config["wap"] && is_mobile()) { /*开启手机访问*/ $tmp = THEME_PATH . "wap/Index_order.html"; } $this->assign('mx', $mx); $this->assign('mid', $mid); $this->assign('order', $pro); print_r($user); $this->display($tmp); }
public function respond() { $pay_code = !empty($_REQUEST['code']) ? get_safe_replace($_REQUEST['code']) : ''; $pay_code = ucfirst($pay_code); $Payment = M('Payment')->getByPayCode($pay_code); if (empty($Payment)) { $this->error(L('PAY CODE EROOR!')); } $aliapy_config = unserialize($Payment['pay_config']); import("@.Pay." . $pay_code); $pay = new $pay_code($aliapy_config); $r = $pay->respond(); $this->assign('jumpUrl', URL('User-Order/index')); if ($r) { $this->error(L('PAY_OK')); } else { $this->error(L('PAY_FAIL')); } }
public function respond() { if (!empty($_POST)) { foreach ($_POST as $key => $data) { $_GET[$key] = $data; } } $seller_email = rawurldecode($_GET['seller_email']); //$order_sn = str_replace($_GET['subject'], '', $_GET['out_trade_no']); $order_sn = trim($_GET['out_trade_no']); $record = intval($_GET['record']); $total_fee = get_safe_replace($_GET['total_fee']); /* 检查数字签名是否正确 */ ksort($_GET); reset($_GET); $sign = ''; foreach ($_GET as $key => $val) { if ($key != 'sign' && $key != 'sign_type' && $key != 'code' && $key != 'g' && $key != 'm' && $key != 'a' && $key != 'record') { $sign .= "{$key}={$val}&"; } } $sign = substr($sign, 0, -1) . $this->config['alipay_key']; //$sign = substr($sign, 0, -1) . ALIPAY_AUTH; if (md5($sign) != $_GET['sign']) { return false; } if ($_GET['trade_status'] == 'WAIT_SELLER_SEND_GOODS' || $_GET['trade_status'] == 'WAIT_BUYER_CONFIRM_GOODS' || $_GET['trade_status'] == 'WAIT_BUYER_PAY') { /* 改变订单状态 进行中*/ return order_pay_status($order_sn, '1', $total_fee, $record); } elseif ($_GET['trade_status'] == 'TRADE_FINISHED') { /* 改变订单状态 */ return order_pay_status($order_sn, '2', $total_fee, $record); } elseif ($_GET['trade_status'] == 'TRADE_SUCCESS') { /* 改变订单状态 即时交易成功*/ return order_pay_status($order_sn, '2', $total_fee, $record); } else { return false; } }
public function downloadxls() { $where = 1; $name = "全部订单:" . time(); if ($_REQUEST["time1"] || $_REQUEST["time2"]) { $time1 = get_safe_replace($_REQUEST["time1"]); $time2 = get_safe_replace($_REQUEST["time2"]); /*strtotime($time2)-($day*86400);*/ if ($time1 == $time2) { $time1 = strtotime($time1) - 86400; } else { $time1 = strtotime($time1); } /*相同日期则选择一天*/ $where .= " and createtime > '" . $time1 . "' and createtime < '" . strtotime($time2) . "'"; $name = "时间段" . toDate($time1, "Y/m/d") . "-" . toDate(strtotime($time2), "Y/m/d"); } $order = M(MODULE_NAME)->where($where)->getfield('id,username,realname,createtime,username,username,username,username'); // $title = array(1 => "订单编号", 2 => "订单时间", 3 => "订购产品", 4 => "订购类型", 5 => "支付状态", 6 => "订单价格", 7 => "姓名", 8 => "手机", 9 => "省份", 10 => "城市", 11 => "区域", 12 => "地址"); $order = A('Order'); $order->exportexcel($data, $title, $name); }
function sendmail() { $verifyCode = trim($_POST['verifyCode']); $username = get_safe_replace($_POST['username']); $email = get_safe_replace($_POST['email']); if (empty($username) || empty($email)) { $this->error(L('empty_username_empty_password')); } elseif (md5($verifyCode) != $_SESSION['verify']) { $this->error(L('error_verify')); } $user = M('User'); //判断邮箱是用户是否正确 $data = $user->where("username='******' and email='{$email}'")->find(); if ($data) { $yourphp_auth = authcode($data['id'] . "-" . $data['username'] . "-" . $data['email'], 'ENCODE', $this->sysConfig['ADMIN_ACCESS'], 3600 * 24 * 3); //3天有效期 $username = $data['username']; $url = 'http://' . $_SERVER['HTTP_HOST'] . U('User/Login/repassword?code=' . $yourphp_auth); $message = str_replace(array('{username}', '{url}', '{sitename}'), array($username, $url, $this->Config['site_name']), $this->member_config['member_getpwdemaitpl']); $r = sendmail($email, L('USER_FORGOT_PASSWORD') . '-' . $this->Config['site_name'], $message, $this->Config); if ($r) { $returndata['username'] = $data['username']; $returndata['email'] = $data['email']; $this->ajaxReturn($returndata, L('USER_EMAIL_ERROR'), 1); } else { $this->ajaxReturn(0, L('SENDMAIL_ERROR'), 0); } } else { $this->ajaxReturn(0, L('USER_EMAIL_ERROR'), 0); } //$this->ajaxReturn(1,L('login_ok'),1); }
public function editup() { $_REQUEST = get_safe_replace($_REQUEST); $menuname = $_REQUEST["menuname"]; $key = $_REQUEST["key"]; $url = $_REQUEST["url"]; $type = $_REQUEST["type"]; $fatherid = intval($_REQUEST["fatherid"]); if (empty($menuname)) { $info = "菜单名字不可为空!"; $this->ajaxreturn($data, $info, 0); } if ($type == "view") { $map["url"] = $url; if (empty($url)) { $info = "连接不可为空!"; $this->ajaxreturn($data, $info, 0); } } else { $map["key"] = $key; if (empty($key)) { $info = "关键词不可为空!"; $this->ajaxreturn($data, $info, 0); } } $map["menuname"] = $menuname; $map["type"] = $type; $r = M("wxmenu")->where("id=" . $fatherid)->save($map); if ($r) { $info = "修改成功"; $this->ajaxreturn($data, $info, 1); } else { $info = "{$menuname}:{$key}:{$url}:{$type}"; $this->ajaxreturn($data, $info, 0); } }
function get_safe_replace($array) { if (!is_array($array)) { return safe_replace(strip_tags($array)); } foreach ($array as $k => $val) { $array[$k] = get_safe_replace($val); } return $array; }
public function verify() { header('Content-type: image/jpeg'); $type = isset($_GET['type']) ? get_safe_replace($_GET['type']) : 'jpeg'; import("@.EXT.Image"); Image::buildImageVerify(4, 1, $type); }
public function downloadxls() { // $list=$this->_list(MODULE_NAME); $where = 1; $name = "全部订单:" . time(); if (intval($_REQUEST["uid"])) { $where .= " and userid=" . intval($_REQUEST["uid"]); $name = "用户" . intval($_REQUEST["uid"]); } if (intval($_REQUEST["mid"])) { $where .= " and mid=" . intval($_REQUEST["mid"]); } if ($_REQUEST["mx"]) { $where .= " and mx='" . get_safe_replace($_REQUEST["mx"]) . "'"; $name = get_safe_replace($_REQUEST["mx"]) . intval($_REQUEST["uid"]); } if ($_REQUEST["mb"]) { $where .= " and mobile='" . get_safe_replace($_REQUEST["mb"]) . "'"; $name = "手机" . get_safe_replace($_REQUEST["mb"]); } $udata = M(MODULE_NAME)->where($where)->select(); $data = array(); foreach ($udata as $key => $v) { $data[$key][1] = $key; $data[$key][2] = $v["username"]; $data[$key][3] = $v["mobile"]; $data[$key][4] = str_cut($v["title"], 20, ""); $data[$key][5] = $v["mcount"]; $data[$key][6] = $v["amount"]; $data[$key][7] = $v["godate"]; $data[$key][8] = toDate($v["add_time"], "Y/m/d H:i:s"); } $title = array(1 => "订单编号", 2 => "姓名", 3 => "手机", 4 => "线路", 5 => "数量", 6 => "总价格", 7 => "出发时间", 8 => "添加时间"); $this->exportexcel($data, $title, $name); }
public function downloadxls() { // $list=$this->_list(MODULE_NAME); $where = 1; $name = "全部订单:" . time(); if (intval($_REQUEST["uid"])) { $where['userid'] = intval($_REQUEST["uid"]); $name = "用户" . intval($_REQUEST["uid"]); } if ($_REQUEST["username"]) { $where['username'] = $_REQUEST["username"]; $name = "用户-" . $_REQUEST["username"]; } if (intval($_REQUEST["mid"])) { $where["mid"] = intval($_REQUEST["mid"]); } if ($_REQUEST["mx"]) { $where["mx"] = get_safe_replace($_REQUEST["mx"]); $name = get_safe_replace($_REQUEST["mx"]) . intval($_REQUEST["uid"]); } if ($_REQUEST["mb"]) { $where["mobile"] = get_safe_replace($_REQUEST["mb"]); $name = "手机" . get_safe_replace($_REQUEST["mb"]); } if ($_REQUEST["time1"] || $_REQUEST["time2"]) { $time1 = get_safe_replace($_REQUEST["time1"]); $time2 = get_safe_replace($_REQUEST["time2"]); /*strtotime($time2)-($day*86400);*/ if ($time1 == $time2) { $time1 = strtotime($time1) - 86400; } else { $time1 = strtotime($time1); } /*相同日期则选择一天*/ $where["createtime"] = array('between', array($time1, strtotime($time2))); $name = "时间段" . $time1; } $udata = M(MODULE_NAME)->where($where)->select(); $data = array(); foreach ($udata as $key => $v) { $data[$key][1] = $key; $data[$key][2] = $v["username"]; $data[$key][3] = $v["creditno"]; $data[$key][4] = $v["mobile"]; $data[$key][5] = str_cut($v["title"], 20, ""); $data[$key][6] = $v["mcount"]; $data[$key][7] = $v["amount"]; $data[$key][8] = $v["godate"]; $data[$key][9] = toDate($v["add_time"], "Y/m/d H:i:s"); } $title = array(1 => "订单编号", 2 => "姓名", 3 => "身份证", 4 => "手机", 5 => "线路", 6 => "数量", 7 => "总价格", 8 => "出发时间", 9 => "添加时间"); $this->exportexcel($data, $title, $name); }
public function doreg() { $username = get_safe_replace($_POST['username']); $password = get_safe_replace($_POST['password']); $mobile = get_safe_replace($_POST['mobile']); $verifyCode = $_POST['verifyCode']; if (empty($username) || empty($password) || empty($mobile)) { $this->error(L('empty_username_empty_password_empty_email')); } if ($this->member_config['member_login_verify'] && md5($verifyCode) != $_SESSION['verify']) { $this->error(L('error_verify')); } $status = $this->member_config['member_registecheck'] ? 0 : 1; if ($this->member_config['member_emailcheck']) { $status = 1; $groupid = 5; } $groupid = $groupid ? $groupid : 3; /*-------------------------打入论坛----------------------------*/ import('@.ORG.Uc'); $uc = new Uc(); $bbsuid = $uc->user_regeist($username, $password, $mobile . "@qq.com"); $uc->bbsid_login($bbsuid); /*-----------------------------------------------------------*/ $data = array(); $data['username'] = $username; $data['fatherid'] = intval($_SESSION["uid"]); $data['mobile'] = $mobile; $data['groupid'] = $groupid; $data['login_count'] = 1; $data['createtime'] = time(); $data['updatetime'] = time(); $data['last_logintime'] = time(); $data['reg_ip'] = get_client_ip(); $data['status'] = $status; $data['bbs'] = $bbsuid; $authInfo['password'] = $data['password'] = sysmd5($password); if ($r = $this->dao->create($data)) { if (false !== $this->dao->add()) { $authInfo['id'] = $uid = $this->dao->getLastInsID(); $authInfo['groupid'] = $ru['role_id'] = $data['groupid']; $ru['user_id'] = $uid; $roleuser = M('RoleUser'); $roleuser->add($ru); session_start(); $_SESSION["userid"] = $uid; if ($data['fatherid']) { /*推广id*/ $sm["userid"] = $data['fatherid']; $sm["share_ip"] = get_client_ip(); $sm["share_time"] = time(); $sm["mx"] = MODULE_NAME; $sm["ma"] = ACTION_NAME; $sm["mid"] = $uid; $sm["type"] = 3; //0点击,1,购买,3,注册 M("sharehistory")->add($sm); } /* if($this->member_config['member_emailcheck']){ $yourphp_auth = authcode($uid."-".$username."-".$mobile, 'ENCODE',$this->sysConfig['ADMIN_ACCESS'],3600*24*3);//3天有效期 $url = 'http://'.$_SERVER['HTTP_HOST'].U('User/Login/regcheckemail?code='.$yourphp_auth); $click = "<a href=\"$url\" target=\"_blank\">".L('CLICK_THIS')."</a>"; $message = str_replace(array('{click}','{url}','{sitename}'),array($click,$url,$this->Config['site_name']),$this->member_config['member_emailchecktpl']); $r = sendmail($email,L('USER_REGISTER_CHECKEMAIL').'-'.$this->Config['site_name'],$message,$this->Config); $this->assign('send_ok',1); $this->assign('username',$username); $this->assign('email',$email); $this->display('Login:emailcheck'); exit; }*/ $yourphp_auth_key = sysmd5($this->sysConfig['ADMIN_ACCESS'] . $_SERVER['HTTP_USER_AGENT']); $yourphp_auth = authcode($authInfo['id'] . "-" . $authInfo['groupid'] . "-" . $authInfo['password'], 'ENCODE', $yourphp_auth_key); $authInfo['username'] = $data['username']; $authInfo['mobile'] = $data['mobile']; cookie('auth', $yourphp_auth, $cookietime); cookie('username', $authInfo['username'], $cookietime); cookie('groupid', $authInfo['groupid'], $cookietime); cookie('userid', $authInfo['id'], $cookietime); cookie('mobile', $authInfo['mobile'], $cookietime); $this->assign('jumpUrl', $this->forward); $this->success(L('reg_ok')); } else { $this->error(L('reg_error')); } } else { $this->error($this->dao->getError()); } }
public function status() { $name = MODULE_NAME; $model = D($name); $_GET = get_safe_replace($_GET); if ($model->save($_GET)) { savecache(MODULE_NAME); $this->success(L('do_ok')); } else { $this->error(L('do_error')); } }
public function msgadd() { //print_r($_REQUEST); //exit; $toid = intval($_REQUEST["toid"]); $time = intval($_REQUEST["time"]); $formid = intval($_REQUEST["formid"]); $toname = get_safe_replace($_REQUEST["toname"]); $body = get_safe_replace($_REQUEST["comment_text"]); $map["touser"] = $toid; $map["fromid"] = $formid; $map["body"] = $body; $map["createtime"] = $time; $map["status"] = 1; $map["sys"] = intval($_REQUEST["sys"]) != "" ? intval($_REQUEST["sys"]) : 0; $map["username"] = $toname; $map["formname"] = get_safe_replace($_REQUEST["formname"]) != "" ? get_safe_replace($_REQUEST["formname"]) : 0; $map["lang"] = 1; $resule = M("message")->add($map); if ($resule) { $this->success("留言成功!"); } else { $this->success("留言失败!"); } //$this->AjaxReturn($data,$info,$statu); }
/** * 录入 * */ public function insert() { switch ($_POST["typeid"]) { case 0: $type = "无选择"; break; case 4: $type = " 反馈类别"; break; case 5: $type = "信息咨询"; break; case 6: $type = "请求实名认证"; break; case 7: $type = "捐赠求助"; break; } $data["name"] = $_POST["username"]; $data["tel"] = $_POST["telephone"]; $data["addr"] = $_POST["title"]; //到站 $data["msg"] .= " QQ(" . $_POST["email"] . ")"; //qq $data["msg"] .= " 备注信息(" . $_POST["content"] . ")--【" . $type . "】"; //$data["mail"]="*****@*****.**";//客户信息 $data["msg"] .= " 用户提交的请求,请尽快处理!"; $data["all"] = "【满天星捐赠】!"; import("@.ORG.PostData"); $send = new postdata(); $back = $send->send_post("http://1.gzsrex.sinaapp.com/", $data); $data["mail"] = "*****@*****.**"; //客户信息 // $back=$send->send_post("http://1.gzsrex.sinaapp.com/",$data); if ($this->moduleid != 6 && !in_array($this->_groupid, explode(',', $this->categorys[$_POST['catid']]['postgroup']))) { $this->error(L('add_no_postgroup')); } $c = A('Admin/Content'); $_POST['ip'] = get_client_ip(); $userid = $this->_userid; $username = $this->_username ? $this->_username : get_safe_replace($_POST['username']); $c->insert($this->module[$this->moduleid]['name'], $this->fields, $userid, $username, $this->_groupid); }
public function doreg() { $username = get_safe_replace($_POST['username']); $password = get_safe_replace($_POST['password']); $email = get_safe_replace($_POST['email']); $verifyCode = $_POST['verifyCode']; if (empty($username) || empty($password) || empty($email)) { $this->error(L('empty_username_empty_password_empty_email')); } if ($this->member_config['member_login_verify'] && md5($verifyCode) != $_SESSION['verify']) { $this->error(L('error_verify')); } $status = $this->member_config['member_registecheck'] ? 0 : 1; if ($this->member_config['member_emailcheck']) { $status = 1; $groupid = 5; } $groupid = $groupid ? $groupid : 3; $data = array(); $data['username'] = $username; $data['email'] = $email; $data['groupid'] = $groupid; $data['login_count'] = 1; $data['createtime'] = time(); $data['updatetime'] = time(); $data['last_logintime'] = time(); $data['reg_ip'] = get_client_ip(); $data['status'] = $status; $authInfo['password'] = $data['password'] = sysmd5($password); if ($r = $this->dao->create($data)) { if (false !== $this->dao->add()) { $authInfo['id'] = $uid = $this->dao->getLastInsID(); $authInfo['groupid'] = $ru['role_id'] = $data['groupid']; $ru['user_id'] = $uid; $roleuser = M('RoleUser'); $roleuser->add($ru); if ($this->member_config['member_emailcheck']) { $yourphp_auth = authcode($uid . "-" . $username . "-" . $email, 'ENCODE', $this->sysConfig['ADMIN_ACCESS'], 3600 * 24 * 3); //3天有效期 $url = 'http://' . $_SERVER['HTTP_HOST'] . U('User/Login/regcheckemail?code=' . $yourphp_auth); $click = "<a href=\"{$url}\" target=\"_blank\">" . L('CLICK_THIS') . "</a>"; $message = str_replace(array('{click}', '{url}', '{sitename}'), array($click, $url, $this->Config['site_name']), $this->member_config['member_emailchecktpl']); $r = sendmail($email, L('USER_REGISTER_CHECKEMAIL') . '-' . $this->Config['site_name'], $message, $this->Config); $this->assign('send_ok', 1); $this->assign('username', $username); $this->assign('email', $email); $this->display('Login:emailcheck'); exit; } $yourphp_auth_key = sysmd5($this->sysConfig['ADMIN_ACCESS'] . $_SERVER['HTTP_USER_AGENT']); $yourphp_auth = authcode($authInfo['id'] . "-" . $authInfo['groupid'] . "-" . $authInfo['password'], 'ENCODE', $yourphp_auth_key); $authInfo['username'] = $data['username']; $authInfo['email'] = $data['email']; cookie('auth', $yourphp_auth, $cookietime); cookie('username', $authInfo['username'], $cookietime); cookie('groupid', $authInfo['groupid'], $cookietime); cookie('userid', $authInfo['id'], $cookietime); cookie('email', $authInfo['email'], $cookietime); $this->assign('jumpUrl', $this->forward); $this->success(L('reg_ok')); } else { $this->error(L('reg_error')); } } else { $this->error($this->dao->getError()); } }
/** * 提交登录 * */ public function doLogin() { $dao = M('User'); $ip = get_client_ip(); if (empty($this->sysConfig['ADMIN_ACCESS'])) { $this->error(L('NO SYSTEM CONFIG FILE')); } $username = get_safe_replace(trim($_POST['username'])); $password = get_safe_replace(trim($_POST['password'])); $verifyCode = trim($_POST['verifyCode']); if (empty($username) || empty($password)) { $this->error(L('empty_username_empty_password')); } elseif ($_SESSION['verify'] && $this->sysConfig['ADMIN_VERIFY'] && md5($verifyCode) != $_SESSION['verify']) { $this->error(L('error_verify')); } $time = time(); $logwhere = array(); $logwhere['time'] = array('EGT', $time - 1800); $logwhere['ip'] = array('eq', $ip); $logwhere['error'] = 1; $lognum = M('Log')->where($logwhere)->count(); if ($lognum >= 100) { $this->error(L('Login_error_count')); } $condition = array(); $condition['username'] = array('eq', $username); import('@.ORG.RBAC'); $authInfo = RBAC::authenticate($condition); //使用用户名、密码和状态的方式进行认证 if (false === $authInfo) { $data = array(); $data['username'] = $username; $data['ip'] = $ip; $data['time'] = $time; $data['note'] = L('empty_userid'); $data['error'] = 1; M('Log')->add($data); $this->error(L('empty_userid')); } else { if ($authInfo['password'] != sysmd5($password)) { $data = array(); $data['username'] = $username; $data['ip'] = $ip; $data['time'] = $time; $data['note'] = L('password_error') . ':' . $password; $data['error'] = 1; M('Log')->add($data); $this->error(L('password_error')); } $_SESSION['username'] = $authInfo['username']; $_SESSION['adminid'] = $_SESSION['userid'] = $authInfo['id']; $_SESSION['groupid'] = $authInfo['groupid']; $_SESSION['adminaccess'] = C('ADMIN_ACCESS'); $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id']; $_SESSION['email'] = $authInfo['email']; $_SESSION['lastLoginTime'] = $authInfo['last_logintime']; $_SESSION['login_count'] = $authInfo['login_count'] + 1; if ($authInfo['groupid'] == 1) { $_SESSION[C('ADMIN_AUTH_KEY')] = true; } //保存登录信息 $data = array(); $data['id'] = $authInfo['id']; $data['last_logintime'] = $time; $data['last_ip'] = get_client_ip(); $data['login_count'] = array('exp', 'login_count+1'); $dao->save($data); // 缓存访问权限 RBAC::saveAccessList(); $data = array(); $data['username'] = $username; $data['ip'] = $ip; $data['time'] = $time; $data['note'] = L('login_ok'); M('Log')->add($data); if ($_POST['ajax']) { $this->ajaxReturn($authInfo, L('login_ok'), 1); } else { $this->assign('jumpUrl', U('Index/index')); $this->success(L('login_ok')); } } }
public function api() { $mid = intval($_REQUEST['mid']); $mx = get_safe_replace($_REQUEST['mx']); $field = get_safe_replace($_REQUEST['field']); $js = get_safe_replace($_REQUEST['js']); if (empty($field)) { $field = "price"; } if ($mid && $mx) { $price = M($mx)->where("id=" . $mid)->getField($field); } else { $price = "获取错误!"; } if (!empty($js)) { echo "\$(\"#" . $field . "\").val(" . $price . ");\n"; } $price = $this->rejs($price); echo "document.write(\"" . $price . "\");"; }
public function shipping() { $do = get_safe_replace($_REQUEST['do']); $model = M('Shipping'); $id = intval($_REQUEST['id']); if ($do == 'get') { $data = $model->find($id); if ($data) { echo json_encode($data); } else { echo json_encode(array('id' => 0)); } exit; } }
/** * 录入 * */ public function insert() { $catid = intval($_POST['catid']); if (!in_array($this->_groupid, explode(',', $this->categorys[$catid]['postgroup']))) { $this->error(L('add_no_postgroup')); } $c = A('Admin/Content'); $_POST['ip'] = ip(); $userid = $this->_userid; $username = $this->_username ? $this->_username : get_safe_replace($_POST['username']); $c->insert($this->module[$this->moduleid]['name'], $this->fields, $userid, $username, $this->_groupid); }
public function shipping() { $url = get_safe_replace($_REQUEST['url']); $title = get_safe_replace($_REQUEST['title']); $oid = intval($_REQUEST['oid']); $map["url"] = $url; /* $map["address"]=$title; $map["add_time"]=time(); $map["userid"]=$this->_userid; $map["oid"]=$oid; $where["userid"]=$this->_userid; $where["oid"]=$oid; if(!M("order")->where($where)->find()){ if(M("order")->data($map)->add()){ $msg="收藏成功!"; $statu=1; }else{ $msg="收藏失败!"; $statu=0; } }else{ $msg="你已经收藏了,请勿重复添加!"; $statu=1; }*/ $statu = 1; $msg = $oid; $this->AjaxReturn($map, $msg, $statu); }
public function index() { //搜索 $_REQUEST['id'] = $catid = intval($_REQUEST['id']); $p = max(intval($_REQUEST[C('VAR_PAGE')]), 1); $_REQUEST['keyword'] = $keyword = get_safe_replace($_REQUEST['keyword']); $_REQUEST['moduleid'] = $moduleid = intval($_REQUEST['moduleid']); $this->assign($_REQUEST); $this->assign('bcid', 0); $where = " status=1 "; if ($moduleid) { $where = ' mid=' . $moduleid . ' AND ' . $where; } import('@.EXT.Form'); $this->assign('Form', new Form()); if (APP_LANG) { $lang = LANG_NAME; $langid = LANG_ID; $where .= " and lang= {$langid}"; $this->assign('lang', $lang); $this->assign('langid', $langid); } if ($catid) { $cat = $this->categorys[$catid]; $bcid = explode(",", $cat['arrparentid']); $bcid = $bcid[1]; if ($bcid == '') { $bcid = intval($catid); } unset($cat['id']); $this->assign($cat); $cat['id'] = $catid; $this->assign('catid', $catid); $this->assign('bcid', $bcid); if ($cat['child']) { $where .= " and catid in(" . $cat['arrchildid'] . ")"; } else { $where .= " and catid=" . $catid; } } $seo_title = $cat['title'] ? $cat['title'] : $cat['catname']; $this->assign('seo_title', $keyword . ' ' . $seo_title); $this->assign('seo_keywords', $keyword . $cat['keywords']); $this->assign('seo_description', $keyword . $cat['description']); if ($keyword || $moduleid) { if (strstr($keyword, 'or')) { $keydo = ' or '; $keyword_arr = explode('or', $keyword); } elseif (strstr($keyword, ' ')) { $keydo = ' AND '; $keyword_arr = explode(' ', $keyword); } if (count($keyword_arr) > 1) { foreach ($keyword_arr as $key => $keywordz) { $keyword_arr[$key] = ' title like "%' . trim($keywordz) . '%" '; } $where .= ' AND (' . implode($keydo, $keyword_arr) . ')'; } else { $where .= ' AND title like "%' . $keyword . '%" '; } $count = M('Content')->where($where)->count(); $this->assign('count', $count); if ($count) { import("@.EXT.Page"); $listRows = !empty($cat['pagesize']) ? $cat['pagesize'] : C('PAGE_LISTROWS'); $page = new Page($count, $listRows); $pages = $page->show(); $field = $this->module[$cat['moduleid']]['listfields']; $field = $field ? $field : 'id,catid,userid,url,username,title,title_style,keywords,description,thumb,createtime,hits'; $list = M('Content')->field($field)->where($where)->order('id desc')->limit($page->firstRow . ',' . $page->listRows)->select(); $this->assign('pages', $pages); $this->assign('list', $list); } } $this->display(); }
public function index() { $slug = $tag ? $tag : get_safe_replace($_REQUEST['tag']); $module = get_safe_replace($_REQUEST['module']); $module = $module ? ucfirst($module) : ''; if (C('URL_MODEL') == 0) { $moduleid = intval($_REQUEST['moduleid']); $module_name = $moduleid ? $this->module[$moduleid]['name'] : ''; $module = $module ? $module : $module_name; $p = max(intval($_REQUEST[C('VAR_PAGE')]), 1); } elseif ($this->mod[ucfirst($slug)]) { $module = ucfirst($slug); unset($slug); } $prefix = C("DB_PREFIX"); $Tags = M('Tags'); $Tags_data = M('Tags_data'); $where = APP_LANG ? " lang=" . LANG_ID : 1; if ($slug) { $module = $module ? $module : 'Article'; $moduleid = $this->mod[$module]; $data = $Tags->where($where . " and moduleid = {$moduleid} and slug='" . $slug . "'")->find(); $this->assign('seo_title', $data['name']); $this->assign('seo_keywords', $data['name']); $this->assign('seo_description', $data['name']); if ($data) { $tagid = $data['id']; $this->assign('data', $data); $mtable = $prefix . strtolower($module); $count = $Tags_data->table($prefix . 'tags_data as a')->join($mtable . " as b on a.id=b.id ")->where("a.tagid=" . $tagid)->count(); if ($count) { import("@.ORG.Page"); $listRows = C('PAGE_LISTROWS'); //C('PAGE_LISTROWS') $page = new Page($count, $listRows, $p); $page->urlrule = TAGURL($data, 1); $pages = $page->show(); $field = 'b.id,b.catid,b.userid,b.url,b.username,b.title,b.keywords,b.description,b.thumb,b.createtime'; $list = $Tags_data->field($field)->table($prefix . 'tags_data as a')->join($mtable . " as b on a.id=b.id")->where($where . " and a.tagid=" . $tagid)->order('b.listorder desc,b.id desc')->limit($page->firstRow . ',' . $page->listRows)->select(); $this->assign('pages', $pages); $this->assign('list', $list); } } } else { $moduleid = $this->mod[$module]; $where .= $moduleid ? ' and moduleid=' . $moduleid : ''; $count = $Tags->where($where)->count(); if ($count) { import("@.ORG.Page"); $listRows = 50; $page = new Page($count, $listRows); $page->urlrule = TAGURL(array('moduleid' => $moduleid), 1); $pages = $page->show(); $list = $Tags->where($where)->order('id desc')->limit($page->firstRow . ',' . $page->listRows)->select(); foreach ($list as $key => $r) { $list[$key]['module'] = $this->module[$r['moduleid']]['name']; } $this->assign('pages', $pages); $this->assign('list', $list); } } $this->assign('bcid', 0); //顶级栏目 $template = $slug ? 'list' : 'index'; $this->display("Tags:" . $template); }
public function line() { $keyword = get_safe_replace($_REQUEST['keyword']); $type = get_safe_replace($_REQUEST['type']); $module = get_safe_replace($_REQUEST['module']); if ($module == "") { $module = "product"; } $this->dao = M($module); $count = $this->dao->where($where)->count(); if ($count) { import("@.ORG.Page"); $listRows = !empty($cat['pagesize']) ? $cat['pagesize'] : C('PAGE_LISTROWS'); $page = new Page($count, $listRows); $_REQUEST['p'] = '{$page}'; $page->urlrule = URL('Home-Search/line', $_REQUEST); $pages = $page->show(); $where = 1; if ($type != "") { $where .= " and " . $type . "='" . $keyword . "'"; } //echo $where; $list = $this->dao->where($where)->order('id desc')->limit($page->firstRow . ',' . $page->listRows)->select(); $this->assign('pages', $pages); $this->assign('list', $list); } //print_r($list); $this->display("Search:index"); }