$smarty->assign('charset', EC_CHARSET); $smarty->assign('admin_id', $_SESSION['admin_id']); $smarty->assign('shop_url', urlencode($hhs->url())); //file_get_content("Auto.php"); $smarty->display('index.htm'); } elseif ($_REQUEST['act'] == 'calculator') { $smarty->display('calculator.htm'); } elseif ($_REQUEST['act'] == 'clear_cache') { clear_all_files(); sys_msg($_LANG['caches_cleared']); } elseif ($_REQUEST['act'] == 'main') { //开店向导第一步 if (isset($_SESSION['shop_guide']) && $_SESSION['shop_guide'] === true) { unset($_SESSION['shop_guide']); //销毁session hhs_header("Location: ./index.php?act=first\n"); exit; } $gd = gd_version(); /* 检查文件目录属性 */ $warning = array(); if ($_CFG['shop_closed']) { $warning[] = $_LANG['shop_closed_tips']; } if (file_exists('../install')) { $warning[] = $_LANG['remove_install']; } if (file_exists('../upgrade')) { $warning[] = $_LANG['remove_upgrade']; } if (file_exists('../demo')) {
$smarty->assign('image_height', $_CFG['image_height']); $smarty->assign('id', $goods_id); $smarty->assign('type', 0); $smarty->assign('cfg', $_CFG); //$smarty->assign('promotion', get_promotion_info($goods_id));//促销信息 //$smarty->assign('promotion_info', get_promotion_info()); /* 获得商品的信息 */ $goods = get_goods_info($goods_id); if ($goods['is_mall'] != 1) { hhs_header("Location: ./\n"); exit; } $smarty->assign('d_team_num', $goods['team_num'] - 1); if ($goods === false) { /* 如果没有找到任何记录则跳回到首页 */ hhs_header("Location: ./\n"); exit; } else { $shop_price = $goods['shop_price']; //$linked_goods = get_linked_goods($goods_id); $goods['goods_style_name'] = add_style($goods['goods_name'], $goods['goods_name_style']); /* 购买该商品可以得到多少钱的优惠劵 if ($goods['bonus_type_id'] > 0) { $time = gmtime(); $sql = "SELECT type_money FROM " . $hhs->table('bonus_type') . " WHERE type_id = '$goods[bonus_type_id]' " . " AND send_type = '" . SEND_BY_GOODS . "' " . " AND send_start_date <= '$time'" . " AND send_end_date >= '$time'"; $goods['bonus_money'] = floatval($db->getOne($sql));
$smarty->assign('record_count', $log_list['record_count']); $smarty->assign('page_count', $log_list['page_count']); $sort_flag = sort_flag($log_list['filter']); $smarty->assign($sort_flag['tag'], $sort_flag['img']); make_json_result($smarty->fetch('admin_logs.htm'), '', array('filter' => $log_list['filter'], 'page_count' => $log_list['page_count'])); } /*------------------------------------------------------ */ //-- 批量删除日志记录 /*------------------------------------------------------ */ if ($_REQUEST['act'] == 'batch_drop') { admin_priv('logs_drop'); $drop_type_date = isset($_POST['drop_type_date']) ? $_POST['drop_type_date'] : ''; /* 按日期删除日志 */ if ($drop_type_date) { if ($_POST['log_date'] == '0') { hhs_header("Location: admin_logs.php?act=list\n"); exit; } elseif ($_POST['log_date'] > '0') { $where = " WHERE 1 "; switch ($_POST['log_date']) { case '1': $a_week = gmtime() - 3600 * 24 * 7; $where .= " AND log_time <= '" . $a_week . "'"; break; case '2': $a_month = gmtime() - 3600 * 24 * 30; $where .= " AND log_time <= '" . $a_month . "'"; break; case '3': $three_month = gmtime() - 3600 * 24 * 90; $where .= " AND log_time <= '" . $three_month . "'";
hhs_header("Location: user.php?act=order_detail&order_id={$order_id}\n"); exit; } $order_amount = $order['order_amount'] - $order['pay_fee']; $pay_fee = pay_fee($pay_id, $order_amount); $order_amount += $pay_fee; $sql = "UPDATE " . $hhs->table('order_info') . " SET pay_id='{$pay_id}', pay_name='{$payment_info['pay_name']}', pay_fee='{$pay_fee}', order_amount='{$order_amount}'" . " WHERE order_id = '{$order_id}'"; $db->query($sql); /* 跳转 */ hhs_header("Location: user.php?act=order_detail&order_id={$order_id}\n"); exit; } elseif ($action == 'save_order_address') { include_once ROOT_PATH . 'includes/lib_transaction.php'; $address = array('consignee' => isset($_POST['consignee']) ? compile_str(trim($_POST['consignee'])) : '', 'email' => isset($_POST['email']) ? compile_str(trim($_POST['email'])) : '', 'address' => isset($_POST['address']) ? compile_str(trim($_POST['address'])) : '', 'zipcode' => isset($_POST['zipcode']) ? compile_str(make_semiangle(trim($_POST['zipcode']))) : '', 'tel' => isset($_POST['tel']) ? compile_str(trim($_POST['tel'])) : '', 'mobile' => isset($_POST['mobile']) ? compile_str(trim($_POST['mobile'])) : '', 'sign_building' => isset($_POST['sign_building']) ? compile_str(trim($_POST['sign_building'])) : '', 'best_time' => isset($_POST['best_time']) ? compile_str(trim($_POST['best_time'])) : '', 'order_id' => isset($_POST['order_id']) ? intval($_POST['order_id']) : 0); if (save_order_address($address, $user_id)) { hhs_header('Location: user.php?act=order_detail&order_id=' . $address['order_id'] . "\n"); exit; } else { $err->show($_LANG['order_list_lnk'], 'user.php?act=order_list'); } } elseif ($action == 'bonus') { include_once ROOT_PATH . 'includes/lib_transaction.php'; $page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1; $record_count = $db->getOne("SELECT COUNT(*) FROM " . $hhs->table('user_bonus') . " WHERE user_id = '{$user_id}'"); $smarty->assign('send_bouns', $_REQUEST['send_bouns']); //$pager = get_pager('user.php', array('act' => $action), $record_count, $page); $bonus = get_user_bouns_list2($user_id); if ($_REQUEST['status'] == 'not_start') { $smarty->assign('status', 'not_start'); $arr = $bonus['not_start']; $bonus = array();
$goods_link = $hhs->url() . 'goods.php?id=' . $booking_info['goods_id']; $smarty->assign('user_name', $booking_info['link_man']); $smarty->assign('goods_link', $goods_link); $smarty->assign('goods_name', $booking_info['goods_name']); $smarty->assign('dispose_note', $dispose_note); $smarty->assign('shop_name', "<a href='" . $hhs->url() . "'>" . $_CFG['shop_name'] . '</a>'); $smarty->assign('send_date', date('Y-m-d')); $content = $smarty->fetch('str:' . $template['template_content']); /* 发送邮件 */ if (send_mail($booking_info['link_man'], $booking_info['email'], $template['template_subject'], $content, $template['is_html'])) { $send_ok = 0; } else { $send_ok = 1; } } hhs_header("Location: ?act=detail&id=" . $_REQUEST['rec_id'] . "&send_ok={$send_ok}\n"); exit; } /** * 获取订购信息 * * @access public * * @return array */ function get_bookinglist() { /* 查询条件 */ $filter['keywords'] = empty($_REQUEST['keywords']) ? '' : trim($_REQUEST['keywords']); if (isset($_REQUEST['is_ajax']) && $_REQUEST['is_ajax'] == 1) { $filter['keywords'] = json_str_iconv($filter['keywords']);
/* 添加到购物车 */ if (add_package_to_cart($package->package_id, $package->number)) { $result['content'] = insert_cart_info(); } else { $result['message'] = $err->last_message(); $result['error'] = $err->error_no; $result['package_id'] = stripslashes($package->package_id); } } die($json->encode($result)); } else { /* 标记购物流程为普通商品 */ $_SESSION['flow_type'] = CART_GENERAL_GOODS; /* 如果是一步购物,跳到结算中心 */ if ($_CFG['one_step_buy'] == '1') { hhs_header("Location: flows.php?step=checkout\n"); exit; } /* 取得商品列表,计算合计 */ $cart_goods = get_cart_goods(); $smarty->assign('goods_list', $cart_goods['goods_list']); $smarty->assign('total', $cart_goods['total']); //购物车的描述的格式化 $smarty->assign('shopping_money', sprintf($_LANG['shopping_money'], $cart_goods['total']['goods_price'])); $smarty->assign('market_price_desc', sprintf($_LANG['than_market_price'], $cart_goods['total']['market_price'], $cart_goods['total']['saving'], $cart_goods['total']['save_rate'])); // 显示收藏夹内的商品 if ($_SESSION['user_id'] > 0) { require_once ROOT_PATH . 'includes/lib_clips.php'; $collection_goods = get_collection_goods($_SESSION['user_id']); $smarty->assign('collection_goods', $collection_goods); }
} $db->query($sql); clear_cache_files(); $links[] = array('text' => $_LANG['navigator'], 'href' => 'navigator.php?act=list'); sys_msg($_LANG['edit_ok'], 0, $links); } } elseif ($_REQUEST['act'] == 'del') { $id = (int) $_GET['id']; $row = $db->getRow("SELECT ctype,cid,type FROM " . $GLOBALS['hhs']->table('nav') . " WHERE id = '{$id}' LIMIT 1"); if ($row['type'] == 'middle' && $row['ctype'] && $row['cid']) { set_show_in_nav($row['ctype'], $row['cid'], 0); } $sql = " DELETE FROM " . $GLOBALS['hhs']->table('nav') . " WHERE id='{$id}' LIMIT 1"; $db->query($sql); clear_cache_files(); hhs_header("Location: navigator.php?act=list\n"); exit; } elseif ($_REQUEST['act'] == 'edit_sort_order') { check_authz_json('nav'); $id = intval($_POST['id']); $order = json_str_iconv(trim($_POST['val'])); /* 检查输入的值是否合法 */ if (!preg_match("/^[0-9]+\$/", $order)) { make_json_error(sprintf($_LANG['enter_int'], $order)); } else { if ($exc->edit("vieworder = '{$order}'", $id)) { clear_cache_files(); make_json_result(stripslashes($order)); } else { make_json_error($db->error()); }
include_once ROOT_PATH . 'includes/lib_clips.php'; include_once ROOT_PATH . 'includes/lib_transaction.php'; include_once ROOT_PATH . 'includes/lib_order.php'; $sql = "select * from " . $hhs->table('users') . " where user_id=" . $_SESSION['user_id']; $user_info = $db->getRow($sql); $send_id = isset($_REQUEST['send_id']) ? trim($_REQUEST['send_id']) : 0; if (!empty($send_id)) { $sql = "select * from " . $hhs->table('send_bonus_type') . " where send_id=" . $send_id; $send_bonus_type = $db->getRow($sql); if (empty($send_bonus_type)) { echo 'send_id参数错误'; exit; } if ($send_bonus_type['user_id'] == $_SESSION['user_id']) { //发放者打开 hhs_header("Location:user.php"); exit; } $sql = "select * from " . $hhs->table('user_bonus') . " where send_id=" . $send_id . " and user_id=0 "; $user_bonus = $db->getAll($sql); if (empty($user_bonus)) { //已经领完 $smarty->assign('status', 1); $smarty->display('share_bonus.dwt'); exit; } else { //未领完 $sql = "select * from " . $hhs->table('user_bonus') . " where send_id=" . $send_id . " and user_id= " . $_SESSION['user_id']; $temp = $db->getRow($sql); if (!empty($temp)) { //已经领取过一次
if ($key == $old_rule_index) { $tmp_rule[$rule_index] = $from_val . ':' . $to_val; } else { $tmp_rule[$key] = $val; } } $rule = $tmp_rule; } } else { /* 删除rule */ unset($rule[$rule_index]); } $sql = "UPDATE " . $hhs->table('shop_config') . " SET value ='" . serialize($rule) . "' WHERE code='points_rule'"; $db->query($sql); clear_cache_files(); hhs_header("Location: integrate.php?act=points_set\n"); exit; } if ($_REQUEST['act'] == 'save_points') { $keys = array_keys($_POST); $cfg = array(); foreach ($keys as $key) { if (is_array($_POST[$key])) { $cfg[$key]['bbs_points'] = empty($_POST[$key]['bbs_points']) ? 0 : intval($_POST[$key]['bbs_points']); $cfg[$key]['fee_points'] = empty($_POST[$key]['fee_points']) ? 0 : intval($_POST[$key]['fee_points']); $cfg[$key]['pay_points'] = empty($_POST[$key]['pay_points']) ? 0 : intval($_POST[$key]['pay_points']); $cfg[$key]['rank_points'] = empty($_POST[$key]['rank_points']) ? 0 : intval($_POST[$key]['rank_points']); } } $sql = "SELECT COUNT(*) FROM " . $hhs->table('shop_config') . " WHERE code='points_set'"; if ($db->getOne($sql) == 0) {
$link = "http://" . $_SERVER['HTTP_HOST'] . "/share.php?team_sign=" . $team_info['team_sign']; $smarty->assign('link', $link); $smarty->assign('link2', urlencode($link)); $smarty->assign('group_share_ads', $_CFG['group_share_ads']); $smarty->display('share.dwt'); } elseif ($act == 'link') { $arr = array('error' => 0); $share_status = isset($_POST['share_status']) ? $_POST['share_status'] : 1; $share_type = isset($_POST['share_type']) ? $_POST['share_type'] : 1; $link_url = isset($_POST['link_url']) ? $_POST['link_url'] : ''; $sql = "insert into " . $hhs->table('share_info') . " (user_id,share_status,share_type,link_url,add_time) value ('{$_SESSION['user_id']}','{$share_status}','{$share_type}'," . " '{$link_url}'," . gmtime() . " ) "; $r = $db->query($sql); if ($r) { echo json_encode($arr); die; } } elseif ($act == 'toalipay') { $order_id = isset($_REQUEST['order_id']) ? $_REQUEST['order_id'] : ''; if (empty($order_id)) { die('参数错误'); } $sql = " SELECT * FROM " . $hhs->table('order_info') . " where order_id=" . $order_id; $order = $db->getRow($sql); if (!empty($order['team_sign']) && $order['team_status'] != 0 && !empty($order['pay_time'])) { hhs_header("location:share.php?team_sign=" . $order['team_sign']); exit; } else { hhs_header("location:user.php?act=order_detail&order_id=" . $order['order_id']); exit; } }
if (send_mail($message_info['user_name'], $message_info['user_email'], $template['template_subject'], $content, $template['is_html'])) { $send_ok = 0; } else { $send_ok = 1; } } hhs_header("Location: ?act=view&id=" . $_REQUEST['msg_id'] . "&send_ok={$send_ok}\n"); exit; } elseif ($_REQUEST['act'] == 'drop_file') { /* 删除上传的文件 */ $file = $_GET['file']; $file = str_replace('/', '', $file); @unlink('../' . DATA_DIR . '/feedbackimg/' . $file); /* 更新数据库 */ $db->query("UPDATE " . $hhs->table('feedback') . " SET message_img = '' WHERE msg_id = '{$_GET['id']}'"); hhs_header("Location: user_msg.php?act=view&id=" . $_GET['id'] . "\n"); exit; } /** * * * @access public * @param * * @return void */ function msg_list() { /* 过滤条件 */ $filter['keywords'] = empty($_REQUEST['keywords']) ? '' : trim($_REQUEST['keywords']); if (isset($_REQUEST['is_ajax']) && $_REQUEST['is_ajax'] == 1) {
$rt = $flashdb[$id]; } else { $links[] = array('text' => $_LANG['go_url'], 'href' => 'flashplay.php?act=list'); sys_msg($_LANG['id_error'], 0, $links); } if (strpos($rt['src'], 'http') === false) { @unlink(ROOT_PATH . $rt['src']); } $temp = array(); foreach ($flashdb as $key => $val) { if ($key != $id) { $temp[] = $val; } } put_flash_xml($temp); hhs_header("Location: flashplay.php?act=list\n"); exit; } elseif ($_REQUEST['act'] == 'add') { admin_priv('flash_manage'); if (empty($_POST['step'])) { $url = isset($_GET['url']) ? $_GET['url'] : 'http://'; $src = isset($_GET['src']) ? $_GET['src'] : ''; $sort = 0; $rt = array('act' => 'add', 'img_url' => $url, 'img_src' => $src, 'img_sort' => $sort); assign_query_info(); $smarty->assign('action_link', array('text' => $_LANG['go_url'], 'href' => 'flashplay.php?act=list')); $smarty->assign('rt', $rt); $smarty->assign('ur_here', $_LANG['add_picad']); $smarty->display('flashplay_add.htm'); } elseif ($_POST['step'] == 2) { if (!empty($_FILES['img_file_src']['name'])) {
/** * 用户进行密码找回操作时,发送一封确认邮件 * * @access public * @param string $uid 用户ID * @param string $user_name 用户帐号 * @param string $email 用户Email * @param string $code key * * @return boolen $result; */ function send_pwd_email($uid, $user_name, $email, $code) { if (empty($uid) || empty($user_name) || empty($email) || empty($code)) { hhs_header("Location: user.php?act=get_password\n"); exit; } /* 设置重置邮件模板所需要的内容信息 */ $template = get_mail_template('send_password'); $reset_email = $GLOBALS['hhs']->url() . 'user.php?act=get_password&uid=' . $uid . '&code=' . $code; $GLOBALS['smarty']->assign('user_name', $user_name); $GLOBALS['smarty']->assign('reset_email', $reset_email); $GLOBALS['smarty']->assign('shop_name', $GLOBALS['_CFG']['shop_name']); $GLOBALS['smarty']->assign('send_date', date('Y-m-d')); $GLOBALS['smarty']->assign('sent_date', date('Y-m-d')); $content = $GLOBALS['smarty']->fetch('str:' . $template['template_content']); /* 发送确认重置密码的确认邮件 */ if (send_mail($user_name, $email, $template['template_subject'], $content, $template['is_html'])) { return true; } else { return false; } }
if (!empty($_REQUEST['is_ajax'])) { make_json_error($_LANG['priv_error']); } else { hhs_header("Location: privilege.php?act=login\n"); } exit; } } $smarty->assign('token', $_CFG['token']); if ($_REQUEST['act'] != 'login' && $_REQUEST['act'] != 'signin' && $_REQUEST['act'] != 'forget_pwd' && $_REQUEST['act'] != 'reset_pwd' && $_REQUEST['act'] != 'check_order') { $admin_path = preg_replace('/:\\d+/', '', $hhs->url()) . ADMIN_PATH; if (!empty($_SERVER['HTTP_REFERER']) && strpos(preg_replace('/:\\d+/', '', $_SERVER['HTTP_REFERER']), $admin_path) === false) { if (!empty($_REQUEST['is_ajax'])) { make_json_error($_LANG['priv_error']); } else { hhs_header("Location: privilege.php?act=login\n"); } exit; } } /* 管理员登录后可在任何页面使用 act=phpinfo 显示 phpinfo() 信息 */ if ($_REQUEST['act'] == 'phpinfo' && function_exists('phpinfo')) { phpinfo(); exit; } //header('Cache-control: private'); header('content-type: text/html; charset=' . EC_CHARSET); header('Expires: Fri, 14 Mar 1980 20:53:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache');
$smarty->assign('order_info', $order_info); $sql = "select count(*) from " . $hhs->table("share_pay_info") . " where order_id=" . $order_id . " and user_id=" . $_SESSION['user_id'] . " and is_paid=1"; $pay_c = $db->getOne($sql); if ($order_info['pay_status'] == 2 && $pay_c > 0) { $smarty->assign('imgUrl', $user_info['headimgurl']); //'http://'.$_SERVER['HTTP_HOST']."/".$goods_list[0]['goods_thumb'] $smarty->assign('title', "找人代付"); $smarty->assign('desc', "付款成功!订单编号:" . $order_info['order_sn']); // $link = "http://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; $smarty->assign('link', $link); $smarty->assign('link2', urlencode($link)); $smarty->assign('is_success', 1); } else { $smarty->assign('is_success', 0); hhs_header("location:index.php"); exit; } $smarty->display('share_success.dwt'); } elseif ($act == 'to_confirm') { $wxdesc = $_REQUEST['wxdesc']; $share_pay_type = $_REQUEST['share_pay_type']; $sql = "update " . $hhs->table('order_info') . " set wxdesc='{$wxdesc}',share_pay_type='{$share_pay_type}' where order_id=" . $order_id; $db->query($sql); $order_info = order_info($order_id); $smarty->assign('progress', number_format($order_info['money_paid'] * 100 / ($order_info['money_paid'] + $order_info['order_amount']), 2)); $smarty->assign('order_info', $order_info); $smarty->assign('imgUrl', $user_info['headimgurl']); //'http://'.$_SERVER['HTTP_HOST']."/".$goods_list[0]['goods_thumb'] $smarty->assign('title', "代付"); $smarty->assign('desc', mb_substr($order_info['wxdesc'], 0, 30, 'utf-8'));
} elseif ($_REQUEST['act'] == 'remove') { check_authz_json('group_by'); $id = intval($_GET['id']); /* 取得团购活动信息 */ $group_buy = group_buy_info($id); /* 如果团购活动已经有订单,不能删除 */ if ($group_buy['valid_order'] > 0) { make_json_error($_LANG['error_exist_order']); } /* 删除团购活动 */ $sql = "DELETE FROM " . $hhs->table('goods_activity') . " WHERE act_id = '{$id}' LIMIT 1"; $db->query($sql); admin_log(addslashes($group_buy['goods_name']) . '[' . $id . ']', 'remove', 'group_buy'); clear_cache_files(); $url = 'group_buy.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']); hhs_header("Location: {$url}\n"); exit; } /* * 取得团购活动列表 * @return array */ function group_buy_list() { $result = get_filter(); if ($result === false) { /* 过滤条件 */ $filter['keyword'] = empty($_REQUEST['keyword']) ? '' : trim($_REQUEST['keyword']); if (isset($_REQUEST['is_ajax']) && $_REQUEST['is_ajax'] == 1) { $filter['keyword'] = json_str_iconv($filter['keyword']); }
if (isset($_REQUEST['cat_id']) && $_REQUEST['cat_id'] < 0) { $article_id = $db->getOne("SELECT article_id FROM " . $hhs->table('article') . " WHERE cat_id = '" . intval($_REQUEST['cat_id']) . "' "); } /*------------------------------------------------------ */ //-- PROCESSOR /*------------------------------------------------------ */ $cache_id = sprintf('%X', crc32($_REQUEST['id'] . '-' . $_CFG['lang'])); if (!$smarty->is_cached('article.dwt', $cache_id)) { /* 文章详情 */ $article = get_article_info($article_id); if (empty($article)) { hhs_header("Location: ./\n"); exit; } if (!empty($article['link']) && $article['link'] != 'http://' && $article['link'] != 'https://') { hhs_header("location:{$article['link']}\n"); exit; } $smarty->assign('news', get_shop_news()); $smarty->assign('id', $article_id); $smarty->assign('article', $article); $smarty->assign('keywords', htmlspecialchars($article['keywords'])); $smarty->assign('description', htmlspecialchars($article['description'])); $catlist = array(); foreach (get_article_parent_cats($article['cat_id']) as $k => $v) { $catlist[] = $v['cat_id']; } assign_template('a', $catlist); $position = assign_ur_here($article['cat_id'], $article['title']); $smarty->assign('page_title', $position['title']); // 页面标题