}
/* 计算文章打开方式 */
if ($file_url == '') {
$open_type = 0;
} else {
$open_type = $_POST['FCKeditor1'] == '' ? 1 : 2;
}
/* 如果 file_url 跟以前不一样,且原来的文件是本地文件,删除原来的文件 */
$sql = "SELECT file_url FROM " . $ecs->table('article') . " WHERE article_id = '{$_POST['id']}'";
$old_url = $db->getOne($sql);
if ($old_url != '' && $old_url != $file_url && strpos($old_url, 'http://') === false && strpos($old_url, 'https://') === false) {
@unlink(ROOT_PATH . $old_url);
}
if ($exc->edit("title='{$_POST['title']}', cat_id='{$_POST['article_cat']}', article_type='{$_POST['article_type']}', is_open='{$_POST['is_open']}', author='{$_POST['author']}', author_email='{$_POST['author_email']}', keywords ='{$_POST['keywords']}', file_url ='{$file_url}', open_type='{$open_type}', content='{$_POST['FCKeditor1']}', link='{$_POST['link_url']}', description = '{$_POST['description']}'", $_POST['id'])) {
$link[0]['text'] = $_LANG['back_list'];
$link[0]['href'] = 'article_tianxin100.php?act=list&' . list_link_postfix();
$note = sprintf("编辑成功", stripslashes($_POST['title']));
admin_log($_POST['title'], 'edit', 'article');
clear_cache_files();
sys_msg($note, 0, $link);
} else {
die($db->error());
}
} elseif ($_REQUEST['act'] == 'edit_title') {
check_authz_json('article_manage');
$id = intval($_POST['id']);
$title = json_str_iconv(trim($_POST['val']));
/* 检查文章标题是否重复 */
if ($exc->num("title", $title, $id) != 0) {
make_json_error(sprintf($_LANG['title_exist'], $title));
} else {
$action_array = array('delivery', 'back');
del_delivery($order['order_id'], $action_array);
/* todo 记录日志 */
admin_log($order['order_sn'], 'remove', 'order');
$sn_list[] = $order['order_sn'];
}
$sn_str = $_LANG['remove_order'];
} else {
die('invalid params');
}
/* 取得备注信息 */
// $action_note = $_REQUEST['action_note'];
if (empty($sn_not_list)) {
$sn_list = empty($sn_list) ? '' : $_LANG['updated_order'] . join($sn_list, ',');
$msg = $sn_list;
$links[] = array('text' => $_LANG['return_list'], 'href' => 'order.php?act=list&' . list_link_postfix());
sys_msg($msg, 0, $links);
} else {
$order_list_no_fail = array();
$sql = "SELECT * FROM " . $ecs->table('order_info') . " WHERE order_sn " . db_create_in($sn_not_list);
$res = $db->query($sql);
while ($row = $db->fetchRow($res)) {
$order_list_no_fail[$row['order_id']]['order_id'] = $row['order_id'];
$order_list_no_fail[$row['order_id']]['order_sn'] = $row['order_sn'];
$order_list_no_fail[$row['order_id']]['order_status'] = $row['order_status'];
$order_list_no_fail[$row['order_id']]['shipping_status'] = $row['shipping_status'];
$order_list_no_fail[$row['order_id']]['pay_status'] = $row['pay_status'];
$order_list_fail = '';
foreach (operable_list($row) as $key => $value) {
if ($key != $operation) {
$order_list_fail .= $_LANG['op_' . $key] . ',';
}
/* 计算文章打开方式 */
if ($file_url == '') {
$open_type = 0;
} else {
$open_type = $_POST['FCKeditor1'] == '' ? 1 : 2;
}
/* 如果 file_url 跟以前不一样,且原来的文件是本地文件,删除原来的文件 */
$sql = "SELECT file_url FROM " . $ecs->table('article') . " WHERE article_id = '{$_POST['id']}'";
$old_url = $db->getOne($sql);
if ($old_url != '' && $old_url != $file_url && strpos($old_url, 'http://') === false && strpos($old_url, 'https://') === false) {
@unlink(ROOT_PATH . $old_url);
}
if ($exc->edit("title='{$_POST['title']}', cat_id='{$_POST['article_cat']}', article_type='{$_POST['article_type']}', is_open='{$_POST['is_open']}', author='{$_POST['author']}', author_email='{$_POST['author_email']}', keywords ='{$_POST['keywords']}', file_url ='{$file_url}', open_type='{$open_type}', content='{$_POST['FCKeditor1']}', link='{$_POST['link_url']}', description = '{$_POST['description']}'", $_POST['id'])) {
$link[0]['text'] = $_LANG['back_list'];
$link[0]['href'] = 'article.php?act=list&' . list_link_postfix();
$note = sprintf($_LANG['articleedit_succeed'], stripslashes($_POST['title']));
admin_log($_POST['title'], 'edit', 'article');
clear_cache_files();
sys_msg($note, 0, $link);
} else {
die($db->error());
}
} elseif ($_REQUEST['act'] == 'edit_title') {
check_authz_json('article_manage');
$id = intval($_POST['id']);
$title = json_str_iconv(trim($_POST['val']));
/* 检查文章标题是否重复 */
if ($exc->num("title", $title, $id) != 0) {
make_json_error(sprintf($_LANG['title_exist'], $title));
} else {
$is_show = isset($_REQUEST['is_show']) ? intval($_REQUEST['is_show']) : 0;
/*处理URL*/
$site_url = sanitize_url($_POST['site_url']);
/* 处理图片 */
$img_name = basename($image->upload_image($_FILES['brand_logo'], 'brandlogo'));
$param = "brand_name = '{$_POST['brand_name']}', site_url='{$site_url}', brand_desc='{$_POST['brand_desc']}', is_show='{$is_show}', sort_order='{$_POST['sort_order']}' ";
if (!empty($img_name)) {
//有图片上传
$param .= " ,brand_logo = '{$img_name}' ";
}
if ($exc->edit($param, $_POST['id'])) {
/* 清除缓存 */
clear_cache_files();
admin_log($_POST['brand_name'], 'edit', 'brand');
$link[0]['text'] = $_LANG['back_list'];
$link[0]['href'] = 'brand.php?act=list&' . list_link_postfix();
$note = vsprintf($_LANG['brandedit_succed'], $_POST['brand_name']);
sys_msg($note, 0, $link);
} else {
die($db->error());
}
} elseif ($_REQUEST['act'] == 'edit_brand_name') {
check_authz_json('brand_manage');
$id = intval($_POST['id']);
$name = json_str_iconv(trim($_POST['val']));
/* 检查名称是否重复 */
if ($exc->num("brand_name", $name, $id) != 0) {
make_json_error(sprintf($_LANG['brandname_exist'], $name));
} else {
if ($exc->edit("brand_name = '{$name}'", $id)) {
admin_log($name, 'edit', 'brand');
/**
* 列表链接
*
* @param bool $is_add
* 是否添加(插入)
* @return array('href' => $href, 'text' => $text)
*/
function list_link($is_add = true)
{
$href = 'customer.php?act=list';
if (!$is_add) {
$href .= '&' . list_link_postfix();
}
return array('href' => $href, 'text' => $GLOBALS['_LANG']['customer_list']);
}
}
}
//图片数量
$imgnum = count($shaidan_imgs);
//是否赠送积分
if ($info['is_points'] == 0 && $weizhi <= $_CFG['shaidan_pre_num'] && $imgnum >= $_CFG['shaidan_img_num']) {
$get_points = 1;
} else {
$get_points = 0;
}
$smarty->assign('ur_here', '晒单详情');
$smarty->assign('weizhi', $weizhi);
$smarty->assign('imgnum', $imgnum);
$smarty->assign('get_points', $get_points);
$smarty->assign('shop_config', $_CFG);
$smarty->assign('action_link', array('text' => '返回', 'href' => 'shaidan.php?act=list&' . list_link_postfix()));
$smarty->assign('info', $info);
$smarty->assign('goods', $goods);
$smarty->assign('shaidan_imgs', $shaidan_imgs);
$smarty->assign('form_action', 'updata');
assign_query_info();
$smarty->display('shaidan_info.htm');
} elseif ($_REQUEST['act'] == 'updata') {
$shaidan_id = intval($_POST['shaidan_id']);
$get_points = intval($_POST['get_points']);
$pay_points = $_CFG['shaidan_pay_points'];
$status = intval($_POST['status']);
if ($get_points == 1 && $pay_points > 0) {
$info = $db->GetRow("SELECT * FROM " . $ecs->table('shaidan') . " WHERE shaidan_id='{$shaidan_id}'");
$db->query("UPDATE " . $ecs->table('shaidan') . " SET pay_points = '{$pay_points}', is_points = 1 WHERE shaidan_id = '{$shaidan_id}'");
$db->query("INSERT INTO " . $ecs->table('account_log') . "(user_id, rank_points, pay_points, change_time, change_desc, change_type) " . "VALUES ('{$info['user_id']}', 0, '" . $pay_points . "', " . gmtime() . ", '晒单获得积分', '99')");
$users =& init_users();
$users->remove_user($username);
//已经删除用户所有数据
/* 记录管理员操作 */
admin_log(addslashes($username), 'remove', 'users');
/* 提示信息 */
$link[] = array('text' => $_LANG['go_back'], 'href' => 'users.php?act=list');
sys_msg(sprintf($_LANG['remove_success'], $username), 0, $link);
} elseif ($_REQUEST['act'] == 'address_list') {
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
$sql = "SELECT a.*, c.region_name AS country_name, p.region_name AS province, ct.region_name AS city_name, d.region_name AS district_name " . " FROM " . $ecs->table('user_address') . " as a " . " LEFT JOIN " . $ecs->table('region') . " AS c ON c.region_id = a.country " . " LEFT JOIN " . $ecs->table('region') . " AS p ON p.region_id = a.province " . " LEFT JOIN " . $ecs->table('region') . " AS ct ON ct.region_id = a.city " . " LEFT JOIN " . $ecs->table('region') . " AS d ON d.region_id = a.district " . " WHERE user_id='{$id}'";
$address = $db->getAll($sql);
$smarty->assign('address', $address);
assign_query_info();
$smarty->assign('ur_here', $_LANG['address_list']);
$smarty->assign('action_link', array('text' => $_LANG['01_users_list'], 'href' => 'users.php?act=list&' . list_link_postfix()));
$smarty->display('user_address_list.htm');
} elseif ($_REQUEST['act'] == 'remove_parent') {
/* 检查权限 */
admin_priv('users_manage');
$sql = "UPDATE " . $ecs->table('users') . " SET parent_id = 0 WHERE user_id = '" . $_GET['id'] . "'";
$db->query($sql);
/* 记录管理员操作 */
$sql = "SELECT user_name FROM " . $ecs->table('users') . " WHERE user_id = '" . $_GET['id'] . "'";
$username = $db->getOne($sql);
admin_log(addslashes($username), 'edit', 'users');
/* 提示信息 */
$link[] = array('text' => $_LANG['go_back'], 'href' => 'users.php?act=list');
sys_msg(sprintf($_LANG['update_success'], $username), 0, $link);
} elseif ($_REQUEST['act'] == 'aff_list') {
/* 检查权限 */
}
$smarty->assign('action_list', $act_list);
/* 回复留言图片 www.68ecshop.com增加 */
$res = $db->getAll("SELECT * FROM " . $ecs->table('back_replay') . " WHERE back_id = '{$back_id}' ORDER BY add_time ASC");
foreach ($res as $value) {
$value['add_time'] = local_date($GLOBALS['_CFG']['time_format'], $value['add_time']);
$back_replay[] = $value;
}
if ($back_order['imgs']) {
$imgs = explode(",", $back_order['imgs']);
}
$smarty->assign('imgs', $imgs);
$smarty->assign('back_replay', $back_replay);
/* 显示模板 */
$smarty->assign('ur_here', $_LANG['back_operate'] . $_LANG['detail']);
$smarty->assign('action_link', array('href' => 'back.php?act=back_list&' . list_link_postfix(), 'text' => $_LANG['10_back_order']));
assign_query_info();
$smarty->display('back_info_2.htm');
exit;
//
} elseif ($_REQUEST['act'] == 'operate') {
/* 检查权限 */
admin_priv('back_view');
$back_id = intval(trim($_REQUEST['back_id']));
// 退换货订单id
$action_note = isset($_REQUEST['action_note']) ? trim($_REQUEST['action_note']) : '';
/* 查询订单信息 */
$order = back_order_info($back_id);
/* 通过申请 */
if (isset($_POST['ok'])) {
$status_back = '5';
$total_fee = $pay_fee + $amount;
/* 插入 pay_log */
$sql = 'INSERT INTO ' . $ecs->table('pay_log') . " (order_id, order_amount, order_type, is_paid)" . " VALUES ('{$id}', '{$total_fee}', '" . PAY_SURPLUS . "', 0)";
$db->query($sql);
}
/* 记录管理员操作 */
if ($_REQUEST['act'] == 'update') {
admin_log($user_name, 'edit', 'user_surplus');
} else {
admin_log($user_name, 'add', 'user_surplus');
}
/* 提示信息 */
if ($_REQUEST['act'] == 'insert') {
$href = 'user_account.php?act=list';
} else {
$href = 'user_account.php?act=list&' . list_link_postfix();
}
$link[0]['text'] = $_LANG['back_list'];
$link[0]['href'] = $href;
$link[1]['text'] = $_LANG['continue_add'];
$link[1]['href'] = 'user_account.php?act=add';
sys_msg($_LANG['attradd_succed'], 0, $link);
} elseif ($_REQUEST['act'] == 'check') {
$id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
if ($id == 0) {
$res['code'] = 1;
$res['req_msg'] = true;
$res['timeout'] = 2000;
$res['message'] = '输入有误,请重新确认';
$die($json->encode($res));
}
function action_address_list()
{
// 全局变量
$user = $GLOBALS['user'];
$_CFG = $GLOBALS['_CFG'];
$_LANG = $GLOBALS['_LANG'];
$smarty = $GLOBALS['smarty'];
$db = $GLOBALS['db'];
$ecs = $GLOBALS['ecs'];
$user_id = $_SESSION['user_id'];
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
$sql = "SELECT a.*, c.region_name AS country_name, p.region_name AS province, ct.region_name AS city_name, d.region_name AS district_name " . " FROM " . $ecs->table('user_address') . " as a " . " LEFT JOIN " . $ecs->table('region') . " AS c ON c.region_id = a.country " . " LEFT JOIN " . $ecs->table('region') . " AS p ON p.region_id = a.province " . " LEFT JOIN " . $ecs->table('region') . " AS ct ON ct.region_id = a.city " . " LEFT JOIN " . $ecs->table('region') . " AS d ON d.region_id = a.district " . " WHERE user_id='{$id}'";
$address = $db->getAll($sql);
$smarty->assign('address', $address);
assign_query_info();
$smarty->assign('ur_here', $_LANG['address_list']);
$smarty->assign('action_link', array('text' => $_LANG['03_users_list'], 'href' => 'users.php?act=list&' . list_link_postfix()));
$smarty->display('user_address_list.htm');
}
$sql = 'select * from ' . $ecs->table('region') . ' where parent_id=' . $pickup_point['city_id'];
$district_list = $db->getAll($sql);
$smarty->assign('province_list', $province_list);
$smarty->assign('city_list', $city_list);
$smarty->assign('district_list', $district_list);
$smarty->assign('pickup_point', $pickup_point);
$smarty->assign('ur_here', $_LANG['pickup_point_edit']);
$smarty->assign('action_link', array('text' => $_LANG['pickup_point_list'], 'href' => 'pickup_point.php?act=list&' . list_link_postfix()));
$smarty->assign('form_action', 'update');
assign_query_info();
$smarty->display('pickup_point_info.htm');
}
if ($_REQUEST['act'] == 'update') {
if ($exc->edit("shop_name='{$_POST['shop_name']}', address='{$_POST['address']}', contact='{$_POST['contact']}', phone='{$_POST['phone']}', province_id='{$_POST['province']}', city_id='{$_POST['city']}', district_id ='{$_POST['district']}'", $_POST['id'])) {
$link[0]['text'] = $_LANG['back_list'];
$link[0]['href'] = 'pickup_point.php?act=list&' . list_link_postfix();
$note = sprintf($_LANG['pickup_point_edit_succeed'], stripslashes($_POST['shop_name']));
admin_log($_POST['shop_name'], 'edit', 'pickup_point');
clear_cache_files();
sys_msg($note, 0, $link);
} else {
die($db->error());
}
} elseif ($_REQUEST['act'] == 'edit_shop_name') {
$id = intval($_POST['id']);
$shop_name = json_str_iconv(trim($_POST['val']));
if ($exc->edit("shop_name = '{$shop_name}'", $id)) {
clear_cache_files();
admin_log($shop_name, 'edit', 'pickup_point');
make_json_result(stripslashes($shop_name));
} else {
admin_priv('store_inout_type');
if ($_POST['type_name'] != $_POST['old_typename']) {
/*检查品牌名是否相同*/
$is_only = $exc->is_only('type_name', $_POST['type_name'], $_POST['id']);
if (!$is_only) {
sys_msg(sprintf($_LANG['typename_exist'], stripslashes($_POST['type_name'])), 1);
}
}
$is_valid = isset($_REQUEST['is_valid']) ? intval($_REQUEST['is_valid']) : 0;
$in_out = isset($_REQUEST['in_out']) ? intval($_REQUEST['in_out']) : 0;
$param = "type_name = '{$_POST['type_name']}', is_valid='{$is_valid}' ";
if ($exc->edit($param, $_POST['id'])) {
/* 清除缓存 */
clear_cache_files();
$link[0]['text'] = $_LANG['back_list'];
$link[0]['href'] = 'store_inout_type.php?act=list&in_out=' . $in_out . '&' . list_link_postfix();
$note = vsprintf($_LANG['typeedit_succed'], $_POST['type_name']);
sys_msg($note, 0, $link);
} else {
die($db->error());
}
} elseif ($_REQUEST['act'] == 'remove') {
check_authz_json('store_inout_type');
$id = intval($_GET['id']);
$exc->drop($id);
$url = 'store_inout_type.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
ecs_header("Location: {$url}\n");
exit;
} elseif ($_REQUEST['act'] == 'query') {
$type_list = get_typelist();
$smarty->assign('type_list', $type_list['typelist']);
echo $smarty->fetch("str:" . $shipping['shipping_print']);
} else {
$shipping_code = $db->getOne("SELECT shipping_code FROM " . $ecs->table('shipping') . " WHERE shipping_id=" . $order['shipping_id']);
if ($shipping_code) {
include_once ROOT_PATH . 'includes/modules/shipping/' . $shipping_code . '.php';
}
if (!empty($_LANG['shipping_print'])) {
echo $smarty->fetch("str:{$_LANG['shipping_print']}");
} else {
echo $_LANG['no_print_shipping'];
}
}
} else {
/* 模板赋值 */
$smarty->assign('ur_here', $_LANG['order_info']);
$smarty->assign('action_link', array('href' => 'order.php?act=list&' . list_link_postfix(), 'text' => $_LANG['02_order_list']));
/* 显示模板 */
assign_query_info();
$smarty->display('order_info.htm');
}
} elseif ($_REQUEST['act'] == 'receive_goods') {
$res['req_msg'] = true;
$res['btncontent'] = false;
if (!admin_priv('shipping_done', '', false)) {
$res['message'] = '对不起,您还未被授权确认收货!';
die($json->encode($res));
}
$_REQUEST = addslashes_deep($_REQUEST);
$sql_select = 'SELECT receive_status,others,FROM_UNIXTIME(add_time, "【%Y-%m-%d %H:%i:%s】") add_time FROM ' . $GLOBALS['ecs']->table('shipping_feed') . " WHERE order_id={$_REQUEST['id']} ORDER BY add_time DESC";
$info = $GLOBALS['db']->getRow($sql_select);
$smarty->assign('id', $_REQUEST['id']);
$arr['user_money'] = floatval($_POST['user_money']);
$arr['pay_points'] = intval($_POST['pay_points']);
$arr['rank_points'] = intval($_POST['rank_points']);
$arr['true_name'] = trim($_POST['true_name']);
$arr['address'] = trim($_POST['address']);
$arr['mobile'] = trim($_POST['mobile']);
$arr['email'] = trim($_POST['email']);
$arr['is_show'] = intval($_POST['is_show']);
$arr['send_type'] = trim($_POST['send_type']);
$arr['des'] = trim($_POST['des']);
$db->autoExecute($ecs->table('user_card'), $arr, 'UPDATE', " id='{$id}' ");
$note = sprintf($_LANG['user_card_edit_succeed'], stripslashes($_POST['title']));
admin_log($_POST['card_no'], 'edit', 'user_card');
clear_cache_files();
$link[0]['text'] = $_LANG['back_list'];
$link[0]['href'] = 'user_card.php?act=list&ct_id=' . $ct_id . '&' . list_link_postfix();
sys_msg($note, 0, $link);
} elseif ($_REQUEST['act'] == 'remove') {
admin_priv('user_card');
$id = intval($_GET['id']);
$sql = "SELECT * FROM " . $ecs->table('user_card') . " WHERE id='{$id}'";
$card = $db->GetRow($sql);
if ($exc->drop($id)) {
admin_log(addslashes($card['card_no']), 'remove', 'user_card');
clear_cache_files();
}
$url = 'user_card.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
ecs_header("Location: {$url}\n");
exit;
} elseif ($_REQUEST['act'] == 'unbind') {
admin_priv('user_card');
log_account_change($account['user_id'], $amount, 0, 0, 0, $_LANG['surplus_type_1'], ACT_DRAWING);
} elseif ($is_paid == '1' && $account['process_type'] == '0') {
//如果是预付款,并且已完成, 更新此条记录,增加相应的余额
update_user_account($id, $amount, $admin_note, $is_paid);
//更新会员余额数量
log_account_change($account['user_id'], $amount, 0, 0, 0, $_LANG['surplus_type_0'], ACT_SAVING);
} elseif ($is_paid == '0') {
/* 否则更新信息 */
$sql = "UPDATE " . $ecs->table('user_account') . " SET " . "admin_user = '******'admin_name']}', " . "admin_note = '{$admin_note}', " . "is_paid = 0 WHERE id = '{$id}'";
$db->query($sql);
}
/* 记录管理员日志 */
admin_log('(' . addslashes($_LANG['check']) . ')' . $admin_note, 'edit', 'user_surplus');
/* 提示信息 */
$link[0]['text'] = $_LANG['back_list'];
$link[0]['href'] = 'user_account.php?act=list&' . list_link_postfix();
sys_msg($_LANG['attradd_succed'], 0, $link);
}
} elseif ($_REQUEST['act'] == 'query') {
$list = account_list();
$smarty->assign('list', $list['list']);
$smarty->assign('filter', $list['filter']);
$smarty->assign('record_count', $list['record_count']);
$smarty->assign('page_count', $list['page_count']);
$sort_flag = sort_flag($list['filter']);
$smarty->assign($sort_flag['tag'], $sort_flag['img']);
make_json_result($smarty->fetch('user_account_list.htm'), '', array('filter' => $list['filter'], 'page_count' => $list['page_count']));
} elseif ($_REQUEST['act'] == 'remove') {
/* 检查权限 */
check_authz_json('surplus_manage');
$id = @intval($_REQUEST['id']);
$shipping_list = available_shipping_list($region_id_list);
/* 取得配送费用 */
$smarty->assign('shipping_list', $shipping_list);
} elseif (isset($_POST['complete'])) {
$require_note = false;
$action = $_LANG['op_confirm'];
$operation = 'complete';
} elseif (isset($_POST['remove'])) {
$require_note = false;
$operation = 'remove';
if (!$batch) {
/* 检查能否操作 */
$order = order_info($order_id);
$operable_list = operable_list($order);
if (!isset($operable_list['remove'])) {
die('Hacking attempt');
}
/* 删除订单 */
$db->query("DELETE FROM " . $ecs->table('order_info') . " WHERE order_id = '{$order_id}'");
$db->query("DELETE FROM " . $ecs->table('order_goods') . " WHERE order_id = '{$order_id}'");
$db->query("DELETE FROM " . $ecs->table('order_action') . " WHERE order_id = '{$order_id}'");
$action_array = array('delivery', 'back');
del_delivery($order_id, $action_array);
/* todo 记录日志 */
admin_log($order['order_sn'], 'remove', 'order');
/* 返回 */
sys_msg($_LANG['order_removed'], 0, array(array('href' => 'order.php?act=list&' . list_link_postfix(), 'text' => $_LANG['return_list'])));
}
}
/* 直接处理还是跳到详细页面 */
if ($require_note && $action_note == '' || isset($show_invoice_no) || isset($show_refund) || $swapped_out) {
admin_log($wholesale['goods_name'], 'add', 'wholesale');
} else {
admin_log($wholesale['goods_name'], 'edit', 'wholesale');
}
/* 清除缓存 */
clear_cache_files();
/* 提示信息 */
if ($attr_error) {
$links = array(array('href' => 'wholesale.php?act=list', 'text' => $_LANG['back_wholesale_list']));
sys_msg(sprintf($_LANG['save_wholesale_falid'], $wholesale['goods_name']), 1, $links);
}
if ($is_add) {
$links = array(array('href' => 'wholesale.php?act=add', 'text' => $_LANG['continue_add_wholesale']), array('href' => 'wholesale.php?act=list', 'text' => $_LANG['back_wholesale_list']));
sys_msg($_LANG['add_wholesale_ok'], 0, $links);
} else {
$links = array(array('href' => 'wholesale.php?act=list&' . list_link_postfix(), 'text' => $_LANG['back_wholesale_list']));
sys_msg($_LANG['edit_wholesale_ok'], 0, $links);
}
} elseif ($_REQUEST['act'] == 'search_goods') {
check_authz_json('whole_sale');
include_once ROOT_PATH . 'includes/cls_json.php';
$json = new JSON();
$filter = $json->decode($_GET['JSON']);
$arr = get_goods_list($filter);
if (empty($arr)) {
$arr[0] = array('goods_id' => 0, 'goods_name' => $_LANG['search_result_empty']);
}
make_json_result($arr);
} elseif ($_REQUEST['act'] == 'get_goods_info') {
include_once ROOT_PATH . 'includes/cls_json.php';
$json = new JSON();
$msg = "修改“" . $_POST['user_name'] . "”管理员信息成功!";
//发生短信逻辑
$smskey = empty($_POST['sms']) ? '' : trim($_POST['sms']);
if ($smskey == 'send') {
$content = $name . "您好!您的账号已被重置:" . trim($_REQUEST['user_name']) . "/" . $_POST['new_password'];
$sms = new sms();
$result = $sms->send($admin_cellphone, $content, "", "", $_SESSION["admin_name"]);
if ($result["error"] != 0) {
$msg .= $result["msg"];
} else {
$msg .= "并且短信发生成功!";
}
}
/* 提示信息 */
$links[0]['text'] = $_LANG['goto_list'];
$links[0]['href'] = 'classAdmin.php?act=list&' . list_link_postfix();
$links[1]['text'] = $_LANG['go_back'];
$links[1]['href'] = 'javascript:history.back()';
sys_msg($msg, 0, $links);
} elseif ($_REQUEST['act'] == 'edit_name') {
/* 检查权限 */
check_authz_json('classAdmin_manage');
$id = empty($_REQUEST['id']) ? 0 : intval($_REQUEST['id']);
$name = empty($_REQUEST['val']) ? '' : json_str_iconv(trim($_REQUEST['val']));
$sql = "SELECT user_name FROM " . $table . " WHERE user_id = '{$id}'";
$user_name = $db->getOne($sql);
$sql = "update " . $table . " set name='" . $name . "' WHERE user_id = '{$id}'";
$db->query($sql);
admin_log(addslashes($user_name . ',' . $name), 'edit', 'classAdmin');
make_json_result(stripcslashes($name));
} elseif ($_REQUEST['act'] == 'edit_email') {
$_POST['end_time'] = local_strtotime($_POST['end_time']);
/* 处理提交数据 */
if (empty($_POST['package_price'])) {
$_POST['package_price'] = 0;
}
/* 检查活动重名 */
$sql = "SELECT COUNT(*) " . " FROM " . $hhs->table('goods_activity') . " WHERE act_type='" . GAT_PACKAGE . "' AND act_name='" . $_POST['package_name'] . "' AND act_id <> '" . $_POST['id'] . "'";
if ($db->getOne($sql)) {
sys_msg(sprintf($_LANG['package_exist'], $_POST['package_name']), 1);
}
$info = array('package_price' => $_POST['package_price']);
/* 更新数据 */
$record = array('act_name' => $_POST['package_name'], 'start_time' => $_POST['start_time'], 'end_time' => $_POST['end_time'], 'act_desc' => $_POST['desc'], 'ext_info' => serialize($info));
$db->autoExecute($hhs->table('goods_activity'), $record, 'UPDATE', "act_id = '" . $_POST['id'] . "' AND act_type = " . GAT_PACKAGE);
admin_log($_POST['package_name'], 'edit', 'package');
$link[] = array('text' => $_LANG['back_list'], 'href' => 'package.php?act=list&' . list_link_postfix());
sys_msg($_LANG['edit_succeed'], 0, $link);
} elseif ($_REQUEST['act'] == 'remove') {
check_authz_json('package_manage');
$id = intval($_GET['id']);
$exc->drop($id);
$sql = "DELETE FROM " . $hhs->table('package_goods') . " WHERE package_id='{$id}'";
$db->query($sql);
$url = 'package.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
hhs_header("Location: {$url}\n");
exit;
} elseif ($_REQUEST['act'] == 'list') {
$smarty->assign('ur_here', $_LANG['14_package_list']);
$smarty->assign('action_link', array('text' => $_LANG['package_add'], 'href' => 'package.php?act=add'));
$packages = get_packagelist();
$smarty->assign('package_list', $packages['packages']);
/**
* 列表链接
* @param bool $is_add 是否添加(插入)
* @return array('href' => $href, 'text' => $text)
*/
function list_link($is_add = true)
{
$href = 'wj_lottery_group.php?act=list';
if (!$is_add) {
$href .= '&' . list_link_postfix();
}
return array('href' => $href, 'text' => "抽奖组别列表");
}
$smarty->assign('form_action', 'update');
assign_query_info();
$smarty->display('exchange_goods_info.htm');
}
/*------------------------------------------------------ */
//-- 编辑
/*------------------------------------------------------ */
if ($_REQUEST['act'] == 'update') {
/* 权限判断 */
admin_priv('exchange_goods');
if (empty($_POST['goods_id'])) {
$_POST['goods_id'] = 0;
}
if ($exc->edit("exchange_integral='{$_POST['exchange_integral']}', is_exchange='{$_POST['is_exchange']}', is_hot='{$_POST['is_hot']}' ", $_POST['goods_id'])) {
$link[0]['text'] = $_LANG['back_list'];
$link[0]['href'] = 'exchange_goods.php?act=list&' . list_link_postfix();
admin_log($_POST['goods_id'], 'edit', 'exchange_goods');
clear_cache_files();
sys_msg($_LANG['articleedit_succeed'], 0, $link);
} else {
die($db->error());
}
} elseif ($_REQUEST['act'] == 'edit_exchange_integral') {
check_authz_json('exchange_goods');
$id = intval($_POST['id']);
$exchange_integral = floatval($_POST['val']);
/* 检查文章标题是否重复 */
if ($exchange_integral < 0 || $exchange_integral == 0 && $_POST['val'] != "{$goods_price}") {
make_json_error($_LANG['exchange_integral_invalid']);
} else {
if ($exc->edit("exchange_integral = '{$exchange_integral}'", $id)) {
$db->query($sql);
}
/* 记日志 */
if ($is_add) {
admin_log($agency['agency_name'], 'add', 'agency');
} else {
admin_log($agency['agency_name'], 'edit', 'agency');
}
/* 清除缓存 */
clear_cache_files();
/* 提示信息 */
if ($is_add) {
$links = array(array('href' => 'agency.php?act=add', 'text' => $_LANG['continue_add_agency']), array('href' => 'agency.php?act=list', 'text' => $_LANG['back_agency_list']));
sys_msg($_LANG['add_agency_ok'], 0, $links);
} else {
$links = array(array('href' => 'agency.php?act=list&' . list_link_postfix(), 'text' => $_LANG['back_agency_list']));
sys_msg($_LANG['edit_agency_ok'], 0, $links);
}
}
/**
* 取得办事处列表
* @return array
*/
function get_agencylist()
{
$result = get_filter();
if ($result === false) {
/* 初始化分页参数 */
$filter = array();
$filter['sort_by'] = empty($_REQUEST['sort_by']) ? 'agency_id' : trim($_REQUEST['sort_by']);
$filter['sort_order'] = empty($_REQUEST['sort_order']) ? 'DESC' : trim($_REQUEST['sort_order']);
/**
* 列表链接
* @param bool $is_add 是否添加(插入)
* @param string $extension_code 虚拟商品扩展代码,实体商品为空
* @return array('href' => $href, 'text' => $text)
*/
function list_link($is_add = true, $extension_code = '')
{
$href = 'goods.php?act=list';
if (!empty($extension_code)) {
$href .= '&extension_code=' . $extension_code;
}
if (!$is_add) {
$href .= '&' . list_link_postfix();
}
if ($extension_code == 'virtual_card') {
$text = $GLOBALS['_LANG']['50_virtual_card_list'];
} else {
$text = $GLOBALS['_LANG']['01_goods_list'];
}
return array('href' => $href, 'text' => $text);
}
/* 处理图片 */
if (!empty($_FILES['pack_img']['name'])) {
$upload_img = $image->upload_image($_FILES['pack_img'], "packimg", $_POST['old_packimg']);
if ($upload_img == false) {
sys_msg($image->error_msg);
}
$img_name = basename($upload_img);
} else {
$img_name = '';
}
if (!empty($img_name)) {
$param .= " ,pack_img = '{$img_name}' ";
}
if ($exc->edit($param, $_POST['id'])) {
$link[0]['text'] = $_LANG['back_list'];
$link[0]['href'] = 'pack.php?act=list&' . list_link_postfix();
$note = sprintf($_LANG['packedit_succed'], $_POST['pack_name']);
sys_msg($note, 0, $link);
admin_log($_POST['pack_name'], 'edit', 'pack');
} else {
die($db->error());
}
}
/* 删除卡片图片 */
if ($_REQUEST['act'] == 'drop_pack_img') {
/* 权限判断 */
admin_priv('pack');
$pack_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
/* 取得logo名称 */
$sql = "SELECT pack_img FROM " . $ecs->table('pack') . " WHERE pack_id = '{$pack_id}'";
$img_name = $db->getOne($sql);
sys_msg('对不起,不存在该入库单');
} else {
if ($row_inout['adminer_id'] != $_SESSION['admin_id']) {
sys_msg('对不起,您没有删除权限');
} elseif ($row_inout['inout_status'] != '1') {
sys_msg('对不起,该订单已经进入审核流程,不能删除!');
}
}
$sql = "delete from " . $ecs->table('store_inout_list') . " where rec_id='{$id}' ";
$db->query($sql);
$sql = "delete from " . $ecs->table('store_inout_goods') . " where inout_rec_id='{$id}' ";
$db->query($sql);
$sql = "delete from " . $ecs->table('store_inout_note') . " where inout_rec_id='{$id}' ";
$db->query($sql);
$link[0]['text'] = $_LANG['back_list_in'];
$link[0]['href'] = 'store_inout_in.php?act=list&' . list_link_postfix();
clear_cache_files();
sys_msg('成功删除', 0, $link);
} elseif ($_REQUEST['act'] == 'add_link_goods') {
include_once ROOT_PATH . 'includes/cls_json.php';
$json = new JSON();
check_authz_json('article_manage');
$add_ids = $json->decode($_GET['add_ids']);
$args = $json->decode($_GET['JSON']);
$article_id = $args[0];
if ($article_id == 0) {
$article_id = $db->getOne('SELECT MAX(article_id)+1 AS article_id FROM ' . $ecs->table('article'));
}
foreach ($add_ids as $key => $val) {
$sql = 'INSERT INTO ' . $ecs->table('goods_article') . ' (goods_id, article_id) ' . "VALUES ('{$val}', '{$article_id}')";
$db->query($sql, 'SILENT') or make_json_error($db->error());
$db->autoExecute($ecs->table('favourable_activity'), $favourable, 'UPDATE', "act_id = '{$favourable['act_id']}'");
}
/* 记日志 */
if ($is_add) {
admin_log($favourable['act_name'], 'add', 'favourable');
} else {
admin_log($favourable['act_name'], 'edit', 'favourable');
}
/* 清除缓存 */
clear_cache_files();
/* 提示信息 */
if ($is_add) {
$links = array(array('href' => 'favourable.php?act=add', 'text' => $_LANG['continue_add_favourable']), array('href' => 'favourable.php?act=list', 'text' => $_LANG['back_favourable_list']));
sys_msg($_LANG['add_favourable_ok'], 0, $links);
} else {
$links = array(array('href' => 'favourable.php?act=list&' . list_link_postfix(), 'text' => $_LANG['back_favourable_list']));
sys_msg($_LANG['edit_favourable_ok'], 0, $links);
}
} elseif ($_REQUEST['act'] == 'search') {
/* 检查权限 */
check_authz_json('favourable');
include_once ROOT_PATH . 'includes/cls_json.php';
$json = new JSON();
$filter = $json->decode($_GET['JSON']);
$filter->keyword = json_str_iconv($filter->keyword);
if ($filter->act_range == FAR_ALL) {
$arr[0] = array('id' => 0, 'name' => $_LANG['js_languages']['all_need_not_search']);
} elseif ($filter->act_range == FAR_CATEGORY) {
$sql = "SELECT cat_id AS id, cat_name AS name FROM " . $ecs->table('category') . " WHERE cat_name LIKE '%" . mysql_like_quote($filter->keyword) . "%' LIMIT 50";
$arr = $db->getAll($sql);
} elseif ($filter->act_range == FAR_BRAND) {
/* 如果友情链接的链接地址没有http://,补上 */
if (strpos($_POST['link_url'], 'http://') === false && strpos($_POST['link_url'], 'https://') === false) {
$link_url = 'http://' . trim($_POST['link_url']);
} else {
$link_url = trim($_POST['link_url']);
}
/* 更新信息 */
$sql = "UPDATE " . $ecs->table('friend_link') . " SET " . "link_name = '{$link_name}', " . "link_url = '{$link_url}' " . $link_logo . ',' . "show_order = '{$show_order}' " . "WHERE link_id = '{$id}'";
$db->query($sql);
/* 记录管理员操作 */
admin_log($_POST['link_name'], 'edit', 'friendlink');
/* 清除缓存 */
clear_cache_files();
/* 提示信息 */
$link[0]['text'] = $_LANG['back_list'];
$link[0]['href'] = 'friend_link.php?act=list&' . list_link_postfix();
sys_msg($_LANG['edit'] . " " . stripcslashes($_POST['link_name']) . " " . $_LANG['attradd_succed'], 0, $link);
} elseif ($_REQUEST['act'] == 'edit_link_name') {
check_authz_json('friendlink');
$id = intval($_POST['id']);
$link_name = json_str_iconv(trim($_POST['val']));
/* 检查链接名称是否重复 */
if ($exc->num("link_name", $link_name, $id) != 0) {
make_json_error(sprintf($_LANG['link_name_exist'], $link_name));
} else {
if ($exc->edit("link_name = '{$link_name}'", $id)) {
admin_log($link_name, 'edit', 'friendlink');
clear_cache_files();
make_json_result(stripslashes($link_name));
} else {
make_json_error($db->error());
$row['order_status'] = $_LANG['os'][$row['order_status']];
$row['pay_status'] = $_LANG['ps'][$row['pay_status']];
$row['shipping_status'] = $row['shipping_status'] == SS_SHIPPED_ING ? $_LANG['ss_admin'][SS_SHIPPED_ING] : $_LANG['ss'][$row['shipping_status']];
$row['action_time'] = local_date($_CFG['time_format'], $row['log_time']);
$act_list[] = $row;
}
$smarty->assign('action_list', $act_list);
/* 模板赋值 */
$smarty->assign('delivery_order', $delivery_order);
$smarty->assign('exist_real_goods', $exist_real_goods);
$smarty->assign('goods_list', $goods_list);
$smarty->assign('delivery_id', $delivery_id);
// 发货单id
/* 显示模板 */
$smarty->assign('ur_here', $_LANG['delivery_operate'] . $_LANG['detail']);
$smarty->assign('action_link', array('href' => 'order.php?act=delivery_list&' . list_link_postfix(), 'text' => $_LANG['09_delivery_order']));
$smarty->assign('action_act', $delivery_order['status'] == 2 ? 'delivery_ship' : 'delivery_cancel_ship');
assign_query_info();
_wap_assign_header_info('发货单详情');
_wap_assign_footer_order_info();
_wap_display_page('delivery_info.htm');
} elseif ($act == 'remove_delivery') {
$delivery_id = empty($_REQUEST['delivery_id']) ? '' : trim($_REQUEST['delivery_id']);
// 删除发货单
// 查询:发货单信息
$delivery_order = delivery_order_info($delivery_id);
// 如果status不是退货
if ($delivery_order['status'] != 1) {
/* 处理退货 */
delivery_return_goods($value_is, $delivery_order);
}
/**
* 列表链接.
*
* @param bool $is_add 是否添加(插入)
* @param string $text 文字
*
* @return array('href' => $href, 'text' => $text)
*/
function list_link($is_add = true, $text = '')
{
$href = 'topic.php?act=list';
if (!$is_add) {
$href .= '&' . list_link_postfix();
}
if ($text == '') {
$text = $GLOBALS['_LANG']['topic_list'];
}
return array('href' => $href, 'text' => $text);
}
$msg = "修改“" . $_POST['user_name'] . "”管理员信息成功!";
//发生短信逻辑
$smskey = empty($_POST['sms']) ? '' : trim($_POST['sms']);
if ($smskey == 'send') {
$content = $name . "您好!您的账号已被重置:" . trim($_REQUEST['user_name']) . "/" . $_POST['new_password'];
$sms = new sms();
$result = $sms->send($admin_cellphone, $content, "", "", $_SESSION["admin_name"]);
if ($result["error"] != 0) {
$msg .= $result["msg"];
} else {
$msg .= "并且短信发生成功!";
}
}
/* 提示信息 */
$links[0]['text'] = $_LANG['goto_list'];
$links[0]['href'] = 'schoolAdmin.php?act=list&' . list_link_postfix();
$links[1]['text'] = $_LANG['go_back'];
$links[1]['href'] = 'javascript:history.back()';
sys_msg($msg, 0, $links);
} elseif ($_REQUEST['act'] == 'edit_name') {
/* 检查权限 */
check_authz_json('schoolAdmin_manage');
$id = empty($_REQUEST['id']) ? 0 : intval($_REQUEST['id']);
$name = empty($_REQUEST['val']) ? '' : json_str_iconv(trim($_REQUEST['val']));
$sql = "SELECT user_name FROM " . $ecs->table('admin_user') . " WHERE user_id = '{$id}'";
$user_name = $db->getOne($sql);
$sql = "update " . $ecs->table('admin_user') . " set name='" . $name . "' WHERE user_id = '{$id}'";
$db->query($sql);
admin_log(addslashes($user_name . ',' . $name), 'edit', 'schoolAdmin');
make_json_result(stripcslashes($name));
} elseif ($_REQUEST['act'] == 'edit_email') {
