public function order_act() { if ($this->checkOnline()) { $ship_id = Filter::int(Req::args('ship_id')); // 发货库房位置 ID $address_id = Filter::int(Req::args('address_id')); // 地址 $payment_id = Filter::int(Req::args('payment_id')); // 支付ID $prom_id = Filter::int(Req::args('prom_id')); // 去掉 $is_invoice = Filter::int(Req::args('is_invoice')); // $invoice_type = Filter::int(Req::args('invoice_type')); // $invoice_title = Filter::text(Req::args('invoice_title')); // $user_remark = Filter::txt(Req::args('user_remark')); $voucher_id = Filter::int(Req::args('voucher')); //非普通促销信息 // $type = Req::args("type"); // 去掉 $id = Filter::int(Req::args('id')); $product_id = Req::args('product_id'); $buy_num = Req::args('buy_num'); if (!$address_id || !$payment_id || $is_invoice == 1 && $invoice_title == '') { // product_id 产品ID列表 处理 if (is_array($product_id)) { foreach ($product_id as $key => $val) { $product_id[$key] = Filter::int($val); } $product_id = implode('-', $product_id); } else { $product_id = Filter::int($product_id); } $data = Req::args(); $data['is_invoice'] = $is_invoice; if (!$address_id) { $data['msg'] = array('fail', "必需选择收货地址,才能确认订单。"); } else { if (!$payment_id) { $data['msg'] = array('fail', "必需选择支付方式,才能确认订单。"); } else { $data['msg'] = array('fail', "索要发票,必需写明发票抬头。"); } } // type 类型 // 下面代码没有使用 //if ($type == null) // $this->redirect("order", false, $data); //else { unset($data['act']); Req::args('pid', $product_id); Req::args('id', $id); unset($_GET['act']); // Req::args('type', $type); Req::args('msg', $data['msg']); $this->redirect("/simple/order", true, Req::args()); //$this->redirect("/simple/order_info", true, Req::args()); //} exit; } //地址信息 $address_model = new Model('address'); $address = $address_model->where("id={$address_id} and user_id=" . $this->user['id'])->find(); if (!$address) { $data = Req::args(); $data['msg'] = array('fail', "选择的地址信息不正确!"); $this->redirect("order", false, $data); exit; } //if(!$payment_id)$this->redirect("order",false,Req::args()); if ($this->getModule()->checkToken('order')) { //订单类型: 0普通订单 1团购订单 2限时抢购 3捆绑促销 $order_type = 0; $model = new Model(''); //团购处理 // 这部分去掉 /* if($type=="groupbuy"){ $product_id = Filter::int($product_id[0]); $num = $buy_num[0]; $item = $model->table("groupbuy as gb")->join("left join goods as go on gb.goods_id=go.id left join products as pr on pr.id=$product_id")->fields("*,pr.id as product_id,pr.spec")->where("gb.id=$id")->find(); $order_products = $this->packGroupbuyProducts($item,$num); $groupbuy = $model->table("groupbuy")->where("id=$id")->find(); unset($groupbuy['description']); $data['prom'] = serialize($groupbuy); $data['prom_id'] = $id; $order_type = 1; } if($order_type==0){ $order_products = $this->cart[$ship_id]['products']; $data['prom_id'] = $prom_id; } */ // 购物车 //$cart = Cart::getCart(); $cart_info = $this->cart_inst->all(); //商品总金额,重量,积分计算 $payable_amount = 0.0; $real_amount = 0.0; $weight = 0; $point = 0; $order_products = array(); $error = 0; // 是否促销 $error_list = array(); if (isset($cart_info[$ship_id]['products'])) { $order_products =& $cart_info[$ship_id]['products']; // 循环购物车cart中每个产品 // 在这判断每个商品的购买方式 // $prom_inst = new Prom(); foreach ($order_products as $goods_id => $products) { foreach ($products as $product_id => $item) { $item_ref =& $order_products[$goods_id][$product_id]; // Tiny::log(__FILE__ . __LINE__ . "-------products item----$key----" . var_export($item, true)); // 校验 所有商品的库存和活动是否结束 if (isset($item["order_type"])) { if (is_array($item["order_type"])) { if ($item["order_type"]["flash_sale"] == true) { // test OK $goods_info = array("product_id" => $item["product_id"], 'goods_id' => $item['goods_id']); $flash_sale = array(); $ret = $prom_inst->get_flash_sale($goods_info); if ($ret["status"] == 1 && isset($ret["data"])) { $flash_sale = $ret["data"]; // 抢购促销校验 // 是否有库存 if ($flash_sale['max_num'] <= 0) { // test OK $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--库存已经没有!', "product_id" => $item['product_id']); $error_list[] = $error_item; } else { if ($flash_sale['max_num'] < $item["num"]) { // test OK $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--库存只有' . $flash_sale['max_num'] . '个!', "product_id" => $item['product_id']); $error_list[] = $error_item; } } } else { $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--抢购已经结束!', "product_id" => $item['product_id']); $error_list[] = $error_item; } } elseif ($item["order_type"]["prom_series"] == true && $item["order_type"]["prom_goods"] == true) { //2 判断商品促销(单品) $products_inst = new Products(); $products_item = array(); $ret = $products_inst->getProduct($item['product_id']); // 获取商品信息 item = product if (isset($ret['status']) && $ret['status'] == 1) { $item_new = $ret['data']; } $item_new['goods_nums'] = $item['num']; // get prom goods 需要传参数goods_nums $prom_goods = $prom_inst->get_prom_goods($item_new); if (!empty($prom_goods)) { $prom_goods['parse'] = $prom_inst->do_prom_goods($item_new, $prom_goods); if (isset($prom_goods['parse']['note']) && $prom_goods['parse']['note'] != '') { $prom_goods['parse']['note'] = '商品优惠:' . $prom_goods['parse']['note']; } $amount = sprintf("%01.2f", $prom_goods['parse']['real_price'] * $item["num"]); $sell_total = $item['sell_price'] * $item["num"]; // 是否有库存 if ($item_new['store_nums'] <= 0) { // test OK $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--库存已经没有!', "product_id" => $item['product_id']); $error_list[] = $error_item; } else { if ($item_new['store_nums'] < $item["num"]) { // test OK $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--库存只有' . $item_new['store_nums'] . '个!', "product_id" => $item['product_id']); $error_list[] = $error_item; } } //修改ITEM内容 价格 $item_ref['real_price'] = $prom_goods['parse']['real_price']; } else { // 单品--商品促销结束 $item_ref['order_type']['prom_goods'] = false; $item_ref['real_price'] = $item_ref['sell_price']; // 真正价格 为 原来的 销售价格 $item_ref['prom'] = ""; $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--商品促销已经结束!', "product_id" => $item['product_id']); $error_list[] = $error_item; } //3 系列促销 //商品促销与系列促销叠加运算 //$prom_series = $prom_inst->prom_series($item, $prom_goods); $prom_series = $prom_inst->get_prom_series($item_new); if (!empty($prom_series)) { $prom_series['parse'] = $prom_inst->do_prom_series($item_new, $prom_goods, $prom_series); $note = isset($prom_goods['parse']['note']) ? $prom_goods['parse']['note'] : ""; if (isset($prom_series['parse']['note']) && $prom_series['parse']['note'] != '') { $note .= '; 系列优惠:' . $prom_series['parse']['note']; } $amount = sprintf("%01.2f", $prom_series['parse']['real_price'] * $item["num"]); $sell_total = $item['sell_price'] * $item["num"]; //合并商品与系统促销 // 送积分 $multiple = 0; if (isset($prom_series['multiple']) && $prom_series['multiple'] >= 0) { $multiple = $prom_series['multiple']; } $prom_goods['series'] = $prom_series; // 是否有库存 --- 上面检查过库存 下面部分代码不需要检查库存 /* * if ($item_new['store_nums'] <= 0) { // test OK $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--库存已经没有!', "product_id" => $item['product_id'], ); $error_list[] = $error_item; } else if ($item_new['store_nums'] < $item["num"]) { // test OK $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--库存只有' . $item_new['store_nums'] . '个!', "product_id" => $item['product_id'], ); $error_list[] = $error_item; } */ //修改ITEM内容 $item_ref['real_price'] = $prom_series['parse']['real_price']; $item_ref['prom'] = $note; //$item_ref['store_nums'] = $prom_goods['store_nums']; } else { // 单品--商品促销结束 $item_ref['order_type']['prom_series'] = false; // $item_ref['real_price'] = $item_ref['sell_price']; // 真正价格 为 原来的 销售价格 上一步执行 // $item_ref['prom'] = ""; $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--系列促销已经结束!', "product_id" => $item['product_id']); $error_list[] = $error_item; } } elseif ($item["order_type"]["prom_goods"] == true) { //2 判断商品促销(单品) $products_inst = new Products(); $ret = $products_inst->getProduct($item['product_id']); // 获取商品信息 item = product if (isset($ret['status']) && $ret['status'] == 1) { $item_new = $ret['data']; } $item_new['goods_nums'] = $item['num']; // get prom goods 需要传参数goods_nums $prom_goods = $prom_inst->get_prom_goods($item_new); if (!empty($prom_goods)) { $prom_goods['parse'] = $prom_inst->do_prom_goods($item_new, $prom_goods); if (isset($prom_goods['parse']['note']) && $prom_goods['parse']['note'] != '') { $prom_goods['parse']['note'] = '商品优惠:' . $prom_goods['parse']['note']; } $amount = sprintf("%01.2f", $prom_goods['parse']['real_price'] * $item["num"]); $sell_total = $item['sell_price'] * $item["num"]; // 是否有库存 if ($item_new['store_nums'] <= 0) { // test OK $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--库存已经没有!', "product_id" => $item['product_id']); $error_list[] = $error_item; } else { if ($item_new['store_nums'] < $item["num"]) { // test OK $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--库存只有' . $item_new['store_nums'] . '个!', "product_id" => $item['product_id']); $error_list[] = $error_item; } } //修改ITEM内容 价格 $item_ref['real_price'] = $prom_goods['parse']['real_price']; } else { // 单品--商品促销结束 $item_ref['order_type']['prom_goods'] = false; $item_ref['real_price'] = $item_ref['sell_price']; // 真正价格 为 原来的 销售价格 $item_ref['prom'] = ""; $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--商品促销已经结束!', "product_id" => $item['product_id']); $error_list[] = $error_item; } } elseif ($item["order_type"]["prom_series"] == true) { //3 系列促销 //商品促销与系列促销叠加运算 $products_inst = new Products(); $products_item = array(); $note = ""; $ret = $products_inst->getProduct($item['product_id']); // 获取商品信息 item = product if (isset($ret['status']) && $ret['status'] == 1) { $item_new = $ret['data']; } $prom_series = $prom_inst->get_prom_series($item_new); if (!empty($prom_series)) { $prom_series['parse'] = $prom_inst->do_prom_series($item_new, NULL, $prom_series); if (isset($prom_series['parse']['note']) && $prom_series['parse']['note'] != '') { $note .= '; 系列优惠:' . $prom_series['parse']['note']; } $amount = sprintf("%01.2f", $prom_series['parse']['real_price'] * $item["num"]); $sell_total = $item['sell_price'] * $item["num"]; //合并商品与系统促销 $multiple = 0; if (isset($prom_series['multiple']) && $prom_series['multiple'] >= 0) { $multiple = $prom_series['multiple']; } $prom_goods['series'] = $prom_series; // 是否有库存 if ($item_new['store_nums'] <= 0) { // test OK $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--库存已经没有!', "product_id" => $item['product_id']); $error_list[] = $error_item; } else { if ($item_new['store_nums'] < $item["num"]) { // test OK $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--库存只有' . $item_new['store_nums'] . '个!', "product_id" => $item['product_id']); $error_list[] = $error_item; } } //修改ITEM内容 $item_ref['real_price'] = $prom_series['parse']['real_price']; $item_ref['prom'] = $note; // $item_ref['store_nums'] = $prom_goods['store_nums']; } else { // 单品--商品促销结束 $item_ref['order_type']['prom_series'] = false; // $item_ref['real_price'] = $item_ref['sell_price']; // 真正价格 为 原来的 销售价格 上一步执行 // $item_ref['prom'] = ""; $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--系列促销已经结束!', "product_id" => $item['product_id']); $error_list[] = $error_item; } } else { // 正常的销售 $products_inst = new Products(); $products_item = array(); $ret = $products_inst->getProduct($item['product_id']); // 获取商品信息 item = product if (isset($ret['status']) && $ret['status'] == 1) { $item_new = $ret['data']; } // 是否有库存 if (isset($item_new)) { if ($item_new['store_nums'] <= 0) { $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--库存已经没有!', "product_id" => $item['product_id']); $error_list[] = $error_item; } else { if ($item_new['store_nums'] < $item["num"]) { $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--库存只有' . $item_new['store_nums'] . '个!', "product_id" => $item['product_id']); $error_list[] = $error_item; } } } else { $error = 1; $error_item = array("msg" => '商品:' . $item['name'] . '--已经下线!', "product_id" => $item['product_id']); $error_list[] = $error_item; } } } } $payable_amount += $item['sell_price'] * $item['num']; // 成交价格 $real_amount += $item['real_price'] * $item['num']; // 真实成交价格 // $payable_amount += $item['sell_total']; //$real_amount += $item['amount']; $weight += $item['weight'] * $item['num']; $point += $item['point'] * $item['num']; } } } $order_bundling = null; $error_bd_list = array(); if (!empty($cart_info[$ship_id]['bundling_list'])) { //Tiny::log(__FILE__ . __LINE__ . "------cart info---" . var_export($cart_info, true)); $order_bundling =& $cart_info[$ship_id]['bundling_list']; foreach ($order_bundling as $b_key => $b_val) { // Tiny::log(__FILE__ . __LINE__ . "-------products item----$key----" . var_export($item, true)); // 判断是否存在 $bundling_total = 0; foreach ($b_val as $v_key => $v_val) { $num = $v_val['num']; // 计算 $payable_amount += $v_val["val"]['price'] * $v_val["num"]; //$real_amount += $v_val["val"]['price']; // 在item里面增加amount 项目 $real_amount += $v_val["val"]['price'] * $v_val["num"]; $bundling_total += $v_val["num"]; $arr_id = explode('-', $v_key); //$str_ids = join(',', $arr_id); $product_list = array(); if (!empty($arr_id)) { $product_inst = new Products(); $ret = $product_inst->getProducts($arr_id); if (isset($ret['status']) && $ret['status'] == 1) { $product_list = $ret['data']; } } //SKM-ORDER-STORE todo 判断库存是否足够 foreach ($product_list as $p_k => $p_v) { if ($p_v['store_nums'] < $num) { // test OK $error = 1; $error_item = array("msg" => '套餐中商品:' . $p_v['name'] . '--库存只有' . $p_v['store_nums'] . '个!'); $error_bd_list[] = $error_item; } } } } } if ($error == 1) { $this->assign('error_list', $error_list); $this->assign('error_bd_list', $error_bd_list); // Req::args('msg', "提交订单失败"); //$this->redirect("/simple/cart", true, Req::args()); $this->redirect("/simple/cart", false); exit; } // 处理整个订单 //计算运费 $fare = new Fare($weight); $payable_freight = $fare->calculate($address_id); $real_freight = $payable_freight; //计算订单优惠 $prom_order = array(); $discount_amount = 0; // order_type 购买的方式 //if ($order_type == 0) { if ($prom_id) { // 往Prom_Order 表中查询 // 这部分属于整个订单促销活动 $prom = new Prom($real_amount); $prom_order = $model->table("prom_order")->where("id={$prom_id}")->find(); //防止非法会员使用订单优惠 $user = $this->user; $group_id = ',0,'; if (isset($user['group_id'])) { $group_id = ',' . $user['group_id'] . ','; } if (stripos(',' . $prom_order['group'] . ',', $group_id) !== false) { $prom_parse = $prom->parsePorm($prom_order); $discount_amount = $prom_parse['value']; if ($prom_order['type'] == 4) { $discount_amount = $payable_freight; } else { if ($prom_order['type'] == 2) { $multiple = intval($prom_order['expression']); $multiple = $multiple == 0 ? 1 : $multiple; $point = $point * $multiple; } } $data['prom'] = serialize($prom_order); } else { $data['prom'] = serialize(array()); } } // } //税计算 $tax_fee = 0; /* $config = Config::getInstance(); $config_other = $config->get('other'); $open_invoice = isset($config_other['other_is_invoice']) ? !!$config_other['other_is_invoice'] : false; $tax = isset($config_other['other_tax']) ? intval($config_other['other_tax']) : 0; if ($open_invoice && $is_invoice) { $tax_fee = $real_amount * $tax / 100; } */ $ret = $this->cart_inst->getTaxAmountByShip($ship_id); if (isset($ret['status']) && $ret['status'] == 1 && $ret['data'] > 0) { $tax_fee = $ret['data']; } //代金券处理 $voucher_value = 0; $voucher = array(); if ($voucher_id) { $voucher = $model->table("voucher")->where("id={$voucher_id} and is_send=1 and user_id=" . $this->user['id'] . " and status = 0 and '" . date("Y-m-d H:i:s") . "' <=end_time and '" . date("Y-m-d H:i:s") . "' >=start_time and money<=" . $real_amount)->find(); if ($voucher) { $voucher_value = $voucher['value']; if ($voucher_value > $real_amount) { $voucher_value = $real_amount; } } } if ($tax_fee <= 50) { $tax_fee = 0; } //计算订单总金额 $order_amount = $real_amount + $payable_freight + $tax_fee - $discount_amount - $voucher_value; $payable_amount += $payable_freight + $tax_fee; //填写订单 $data['order_no'] = Common::createOrderNo(); $data['user_id'] = $this->user['id']; $data['sender_name'] = $this->user['name']; $data['payment'] = $payment_id; $data['status'] = 2; $data['pay_status'] = 0; $data['accept_name'] = $address['accept_name']; $data['phone'] = $address['phone']; $data['mobile'] = $address['mobile']; $data['province'] = $address['province']; $data['city'] = $address['city']; $data['county'] = $address['county']; $data['addr'] = $address['addr']; $data['zip'] = $address['zip']; $data['payable_amount'] = $payable_amount; $data['payable_freight'] = $payable_freight; $data['real_freight'] = $real_freight; $data['create_time'] = date('Y-m-d H:i:s'); $data['user_remark'] = $user_remark; $data['is_invoice'] = $is_invoice; if ($is_invoice == 1) { $data['invoice_title'] = $invoice_type . ':' . $invoice_title; } else { $data['invoice_title'] = ''; } $data['taxes'] = $tax_fee; $data['discount_amount'] = $discount_amount; $data['order_amount'] = $order_amount; $data['real_amount'] = $real_amount; $data['point'] = $point; $data['type'] = $order_type; // type -> order_type $data['voucher_id'] = $voucher_id; $data['voucher'] = serialize($voucher); //var_dump($order_products);exit(); // TODO SKM 写入订单数据 $order_id = $model->table("order")->data($data)->insert(); //写入订单商品 // 单品 加入订单详情表 foreach ($order_products as $goods_id => $products) { foreach ($products as $product_id => $item) { $tem_data = array('order_id' => '', 'goods_id' => '', 'product_id' => '', 'goods_name' => '', 'goods_price' => '', 'real_price' => '', 'goods_nums' => '', 'tax_code' => '', 'spec' => ''); if (isset($item["order_type"])) { if (is_array($item["order_type"])) { if ($item["order_type"]["flash_sale"] == true) { } elseif ($item["order_type"]["prom_series"] == true) { $tem_data['prom_goods'] = serialize($item['prom_goods']); } elseif ($item["order_type"]["prom_series"] == false && $item["order_type"]["prom_goods"] == true) { $tem_data['prom_goods'] = serialize($item['prom_goods']); } elseif ($item["order_type"]["bundling"] == true) { } } } $tem_data['order_id'] = $order_id; $tem_data['goods_id'] = $item['goods_id']; $tem_data['goods_no'] = $item['goods_no']; $tem_data['product_id'] = $product_id; $tem_data['goods_name'] = $item['name']; $tem_data['goods_price'] = $item['sell_price']; $tem_data['real_price'] = $item['real_price']; $tem_data['goods_nums'] = $item['num']; //$tem_data['goods_weight'] = $item['weight']; $tem_data['tax_code'] = $item['tax_code']; // todo SKM 跟税种相关 $tem_data['origin_country'] = $item['origin_country']; $tem_data['spec'] = serialize($item['spec']); $model->table("order_goods")->data($tem_data)->insert(); } } // 捆绑销售 加入订单详情表 if (!empty($cart_info[$ship_id]['bundling_list'])) { $order_bundling = $cart_info[$ship_id]['bundling_list']; foreach ($order_bundling as $item) { $tem_data = array(); //$tem_data['prom_goods'] = serialize($item['prom_goods']); foreach ($item as $key_bundling => $val_bundling) { $bundling = $val_bundling; $arr_products_id = explode('-', $key_bundling); $str_products_ids = join(',', $arr_products_id); $tem_data['order_id'] = $order_id; $tem_data['goods_ids'] = $bundling["val"]['goods_id']; $tem_data['products_ids'] = $str_products_ids; // $tem_data['goods_price'] = $item['sell_price']; $tem_data['title'] = $bundling["val"]['title']; $tem_data['prom_type'] = "bundling"; $tem_data['bundling_id'] = $bundling["val"]['id']; $tem_data['real_price'] = $bundling['val']['price']; $tem_data['goods_nums'] = $bundling['num']; // $tem_data['goods_weight'] = $item['weight']; // $tem_data['spec'] = serialize($item['spec']); $model->table("order_goods")->data($tem_data)->insert(); } } } //优惠券锁死 if (!empty($voucher)) { $model->table("voucher")->where("id={$voucher_id} and user_id=" . $this->user['id'])->data(array('status' => 2))->update(); } //清空购物车与表单缓存 if ($order_type == 0) { $this->cart_inst = Cart::getCart(); $this->cart_inst->clearShip($ship_id); // 清空 ship_id 购物车 分库位置 //$cart->clear(); Session::clear("order_status"); } $this->redirect("/simple/order_status/order_id/{$order_id}"); } else { $msg = array('type' => 'fail', 'msg' => '非法提交订单!'); $this->redirect('/index/msg', false, $msg); } } else { $this->redirect("login"); } }
public function withdraw_act() { $id = Filter::int(Req::args('id')); $status = intval(Req::args('status')); $re_note = Filter::text(Req::args('re_note')); $model = new Model('withdraw as wd'); $obj = $model->fields("wd.*,cu.balance")->join("left join customer as cu on wd.user_id = cu.user_id")->where("wd.id={$id} and wd.status=0")->find(); if ($obj) { if ($obj['amount'] <= $obj['balance']) { $model->table('withdraw')->data(array('status' => $status, 're_note' => $re_note))->where("id={$id}")->update(); if ($status == 1) { $model->table('customer')->data(array('balance' => "`balance`-" . $obj['amount']))->where('user_id=' . $obj['user_id'])->update(); Log::balance(0 - $obj['amount'], $obj['user_id'], '提现到' . $obj['type_name'] . ',账号:' . $obj['account'], 3, $this->manager['id']); } echo "<script>parent.close_dialog();</script>"; } else { echo "<script>alert('提现金额大于了余额。')</script>"; } //扣除账户里的余额 } }
<?php require_once './../../global.php'; include_once TEMPLATE_PATH . '/site/helper/format.php'; // get submitted data $title = Filter::text($_POST['txtTitle']); $pitch = Filter::formattedText($_POST['txtPitch']); $specs = Filter::text($_POST['txtSpecs']); $rules = Filter::text($_POST['txtRules']); $deadline = Filter::text($_POST['txtDeadline']); $private = Filter::text($_POST['chkPrivate']); // validate data if (empty($title)) { $json = array('error' => 'You must provide a project title.'); exit(json_encode($json)); } if (empty($pitch)) { $json = array('error' => 'You must provide a project pitch.'); exit(json_encode($json)); } // must be valid deadline or empty $formattedDeadline = strtotime($deadline); if ($formattedDeadline === false && $deadline != '') { $json = array('error' => 'Deadline must be a valid date or empty.'); exit(json_encode($json)); } // format deadline for MYSQL $formattedDeadline = $formattedDeadline != '' ? date("Y-m-d H:i:s", $formattedDeadline) : null; // format private $private = empty($private) ? 0 : 1; // create the project
<?php require_once "../../global.php"; $email = Filter::email($_POST['email']); $name = Filter::text($_POST['name']); // must provide valid email if (empty($email)) { $json = array('error' => 'You must provide a valid email address.'); exit(json_encode($json)); } // save consent $consent = new Consent(array('email' => $email, 'name' => $name)); $consent->save(); // email confirmation $body = '<p>You have consented to participate in a Georgia Tech research study looking at how people collaborate online.</p>'; if (!empty($name)) { $body .= "<p>Additionally, you have requested that we use your real name if we refer to you in our publications.</p>"; } $body .= '<p>The consent form is available for viewing and printing at <a href="http://www.scribd.com/doc/66688220/Adult-Web-Consent-Testing?secret_password=4nzp5x09db318hcu9e2">this link</a>. Please retain a copy for your records.</p>'; $body .= '<p>If you have any questions or concerns, please contact the research team at <a href="mailto:' . CONTACT_EMAIL . '">' . CONTACT_EMAIL . '</a>. Thank you for your participation!</p>'; $body .= '<p>-- <a href="http://pipeline.cc.gatech.edu/">The Pipeline team</a> at Georgia Tech</p>'; $newEmail = array('to' => $email, 'subject' => 'Georgia Tech study consent form', 'message' => $body); Email::send($newEmail); // send us back Session::setMessage("Consent form complete! Please register an account."); $json = array('success' => '1', 'successUrl' => Url::register($email)); echo json_encode($json);
} //Format Leader, if empty or an invalid name is given, don't enter in anyone if (!empty($line[4])) { $leaderId = User::loadByUsername(Filter::alphanum($line[4])); //***need to change with Chloe's updated user filter*** if (empty($leaderId)) { $leaderId = Session::getUserID(); } } else { //$leaderId = NULL; $leaderId = Session::getUserID(); } } //Create Task Record $title = Filter::text($line[0]); $description = Filter::text(iconv(mb_detect_encoding($line[1], mb_detect_order(), true), "UTF-8", $line[1])); $task = new Task(array('creator_id' => Session::getUserID(), 'leader_id' => $leaderId, 'project_id' => $projectId, 'title' => $title, 'description' => $description, 'status' => 1, 'deadline' => $deadline, 'num_needed' => $numberOfPeople)); array_push($taskArray, $task); //Increment row in file $row++; } fclose($handle); } //Save each task to the database if no errors are found if ($errorFound == 1) { $errorString = "<strong><span class='bad'>Your CSV file was not uploaded.</span></strong><br/>" . $errorString; $json = array("error" => $errorString); exit(json_encode($json)); } else { foreach ($taskArray as $task) { $task->save();
<?php require_once "../../global.php"; $action = Filter::text($_POST['action']); if ($action == 'edit') { // assign POST data to variables $username = Filter::text($_GET['un']); $pw = Filter::text($_POST['txtPassword']); $pw2 = Filter::text($_POST['txtConfirmPassword']); $email = Filter::email($_POST['txtEmail']); $name = Filter::text($_POST['txtName']); $month = Filter::text($_POST['selBirthMonth']); $year = Filter::text($_POST['selBirthYear']); $sex = Filter::text($_POST['selGender']); $location = Filter::text($_POST['txtLocation']); $biography = Filter::formattedText($_POST['txtBiography']); $user = User::loadByUsername($username); // make sure user exists if ($user === null) { $json = array('error' => 'That user does not exist.'); exit(json_encode($json)); } // new passwords provided? if ($pw != "" || $pw2 != "") { // do the passwords match? if ($pw != $pw2) { $json = array('error' => 'Sorry, your new passwords do not match.'); exit(json_encode($json)); } } // validate email address
<?php require_once "../../global.php"; $user = User::load(Session::getUserID()); $action = Filter::text($_POST['action']); if ($action == 'theme') { // get the new theme $themeID = Filter::numeric($_POST['themeID']); $theme = Theme::load($themeID); // validate the theme if (empty($theme)) { $json = array('error' => 'That theme does not exist.'); exit(json_encode($json)); } // save the new theme $user->setThemeID($theme->getID()); $user->save(); // send us back Session::setMessage("Theme changed."); $json = array('success' => '1'); echo json_encode($json); } elseif ($action == 'notification') { $notificationType = Filter::alphanum($_POST['notificationType']); $notificationValue = Filter::alphanum($_POST['notificationValue']); // convert checkbox value to database-friendly 1 or 0 $value = $notificationValue == 'notify' ? 1 : 0; // figure out which User setter to use based on notification type switch ($notificationType) { case 'chkCommentTaskLeading': $user->setNotifyCommentTaskLeading($value); break;
function sendChat($pageId) { $from = $_SESSION['username']; $to = Filter::text($_POST['to']); $message = $_POST['message']; $_SESSION['openChatBoxes'][$to] = date('Y-m-d H:i:s', time()); $fromUsername = User::load($from)->getUsername(); $messagesan = sanitize($message); if (!isset($_SESSION['chatHistory'][$to])) { $_SESSION['chatHistory'][$to] = ''; } $_SESSION['chatHistory'][$to] .= <<<EOD \t\t\t\t\t { \t\t\t"s": "1", \t\t\t"f": "{$fromUsername}", \t\t\t"m": "{$messagesan}" \t }, EOD; unset($_SESSION['tsChatBoxes'][$to]); $chat = new Chat(array('sender' => mysql_real_escape_string($from), 'recipient' => mysql_real_escape_string($to), 'message' => mysql_real_escape_string($messagesan), 'sent' => '2013-05-03 12:02:48')); $chat->save(); $newId = $chat->getID(); if (empty($_SESSION['openChatBoxes']["{$pageId}"])) { $_SESSION['openChatBoxes']["{$pageId}"] = $newId; } else { if ($newId - 1 == $_SESSION['openChatBoxes']["{$pageId}"]) { $_SESSION['openChatBoxes']["{$pageId}"] = $newId; } } echo formatParagraphs($messagesan, true); exit(0); }
<?php require_once "../../global.php"; $userName = Filter::text($_GET['un']); $user = User::loadByUsername($userName); // make sure user exists if ($user === null) { header('Location: ' . Url::error()); exit; } $events = Event::getUserEvents($user->getID(), 10); //$tasks = Task::getByUserID($user->getID(), null, false); $projects = ProjectUser::getProjectsByUserID($user->getID()); $soup = new Soup(); $soup->set('user', $user); $soup->set('events', $events); //$soup->set('tasks', $tasks); $soup->set('projects', $projects); $soup->render('site/page/user');
<?php require_once "../../global.php"; require_once TEMPLATE_PATH . '/site/helper/format.php'; $subject = Filter::text($_POST['subject']); $body = Filter::formattedText($_POST['body']); if (empty($subject) || empty($body)) { $json = array('error' => 'You must provide a subject and body for the email.'); exit(json_encode($json)); } $massEmailAddresses = User::getMassEmailAddresses(); $newEmail = array('to' => SMTP_FROM_EMAIL, 'subject' => '[' . PIPELINE_NAME . '] ' . $subject, 'message' => $body, 'bcc' => $massEmailAddresses); $sendEmail = Email::send($newEmail); if (!$sendEmail !== true) { $json = array('error' => $sendEmail); exit(json_encode($json)); } $numMassEmails = formatCount(count($massEmailAddresses), 'user', 'users'); // send us back Session::setMessage("Your mass email was sent to " . $numMassEmails . "."); $json = array('success' => '1'); echo json_encode($json);
} else { $discussion->setLocked(true); $eventTypeID = 'lock_discussion'; $successMessage = 'You locked the discussion.'; } $discussion->save(); // log it $logEvent = new Event(array('event_type_id' => $eventTypeID, 'project_id' => $project->getID(), 'user_1_id' => Session::getUserID(), 'item_1_id' => $discussion->getID())); $logEvent->save(); // send us back Session::setMessage($successMessage); $json = array('success' => '1'); echo json_encode($json); } elseif ($action == 'create') { // get additional POST variables $title = Filter::text($_POST['title']); $message = Filter::formattedText($_POST['message']); $cat = Filter::numeric($_POST['cat']); // validate if ($title == '') { $json = array('error' => 'You must provide a title.'); exit(json_encode($json)); } elseif ($message == '') { $json = array('error' => 'You must provide some text for the message.'); exit(json_encode($json)); } if ($cat == '') { $cat = null; } // create discussion $discussion = new Discussion(array('creator_id' => Session::getUserID(), 'project_id' => $project->getID(), 'title' => $title, 'message' => $message, 'category' => $cat));
exit("unavailable"); } break; case "register": // assign POST data to variables // $code = Filter::alphanum($_POST['code']); $uname = Filter::text($_POST['uname']); $pw = Filter::text($_POST['pw']); $pw2 = Filter::text($_POST['pw2']); $email = Filter::email($_POST['email']); $name = Filter::text($_POST['name']); $month = Filter::text($_POST['month']); $year = Filter::text($_POST['year']); $sex = Filter::text($_POST['sex']); $location = Filter::text($_POST['location']); $biography = Filter::text($_POST['biography']); // make sure username is provided if ($uname == "") { $json = array('error' => 'You must provide a unique username to register.'); exit(json_encode($json)); } // make sure username doesn't exist $un = User::loadByUsername($uname); if ($un != null) { $json = array('error' => 'Sorry, that username is already taken. Please try another one.'); exit(json_encode($json)); } // username blacklist $blacklist = array("process", "------", "administrator", "create", "new", "admin", "edit", "delete", "invite", "tasks", "people", "basics", "activity"); foreach ($blacklist as $b) { if ($uname == $b) {
if ($project == null) { header('Location: ' . Url::error()); exit; } // if private project, limit access to invited users, members, and admins // and exclude banned members if ($project->getPrivate()) { if (!Session::isAdmin() && !$project->isCreator(Session::getUserID())) { if (!$project->isInvited(Session::getUserID()) && !$project->isMember(Session::getUserID()) && !$project->isTrusted(Session::getUserID()) || ProjectUser::isBanned(Session::getUserID(), $project->getID())) { header('Location: ' . Url::error()); exit; } } } // get category, if exists $c = isset($_GET['cat']) ? Filter::text($_GET['cat']) : null; switch ($c) { case 'basics': $cat = BASICS_ID; break; case 'tasks': $cat = TASKS_ID; break; case 'people': $cat = PEOPLE_ID; break; case 'activity': $cat = ACTIVITY_ID; break; default: $cat = null;
<?php require_once "../../global.php"; $fileID = Filter::numeric($_GET['fi']); $fileName = Filter::text($_GET['fn']); $upload = Upload::load($fileID); if ($upload == null || $fileName != $upload->getOriginalName() || $upload->getDeleted() == true) { header('Location: ' . Url::error()); exit; } $fileURL = Url::uploads() . '/' . $upload->getStoredName(); header("Pragma: public"); header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Cache-Control: public"); header("Content-Description: File Transfer"); header('Content-Type: ' . $upload->getMime() . '"'); header('Content-Disposition: attachment; filename="' . $upload->getOriginalName() . '"'); header("Content-Transfer-Encoding: binary"); header('Content-Length: ' . $upload->getSize()); readfile($fileURL);
<?php require_once "../../global.php"; $slug = Filter::text($_GET['slug']); $filter = Filter::text($_GET['filter']); $project = Project::getProjectFromSlug($slug); // kick us out if slug invalid if ($project == null) { header('Location: ' . Url::error()); exit; } // if private project, limit access to invited users, members, and admins // and exclude banned members if ($project->getPrivate()) { if (!Session::isAdmin() && !$project->isCreator(Session::getUserID())) { if (!$project->isInvited(Session::getUserID()) && !$project->isMember(Session::getUserID()) && !$project->isTrusted(Session::getUserID()) || ProjectUser::isBanned(Session::getUserID(), $project->getID())) { header('Location: ' . Url::error()); exit; } } } $projectID = $project->getID(); // page number, if any if (empty($_GET['page'])) { $page = 1; } else { $page = Filter::numeric($_GET['page']); } define('EVENTS_PER_PAGE', 10); // how many events per page switch ($filter) {
public function info_save() { $rules = array('name:required:昵称不能为空!', 'real_name:required:真实姓名不能为空!', 'sex:int:性别必需选择!', 'birthday:date:生日日期格式不正确!', 'mobile:mobi:手机格式不正确', 'province:[1-9]\\d*:选择地区必需完成', 'city:[1-9]\\d*:选择地区必需完成', 'county:[1-9]\\d*:选择地区必需完成'); $info = Validator::check($rules); if (is_array($info)) { $this->redirect("info", false, array('msg' => array("info", $info['msg']))); } else { $data = array('name' => Filter::txt(Req::args('name')), 'real_name' => Filter::text(Req::args('real_name')), 'sex' => Filter::int(Req::args('sex')), 'birthday' => Filter::sql(Req::args('birthday')), 'mobile' => Filter::int(Req::args('mobile')), 'phone' => Filter::sql(Req::args('phone')), 'province' => Filter::int(Req::args('province')), 'city' => Filter::int(Req::args('city')), 'county' => Filter::int(Req::args('county')), 'addr' => Filter::text(Req::args('addr'))); $name = Filter::sql(Req::args("name")); $id = $this->user['id']; $this->model->table("user")->data(array("name" => $name))->where("id={$id}")->update(); $this->model->table("customer")->data($data)->where("user_id={$id}")->update(); $obj = $this->model->table("user as us")->join("left join customer as cu on us.id = cu.user_id")->fields("us.*,cu.group_id,cu.login_time")->where("us.id={$id}")->find(); $this->safebox->set('user', $obj, $this->cookie_time); $this->redirect("info", false, array('msg' => array("success", "保存成功!"))); } }
} elseif ($action == 'login') { // assign POST vars to local vars after escaping and removing unwanted spacing. if (!empty($_POST['username']) && !empty($_POST['password'])) { $username = Filter::text($_POST['username']); $password = sha1(Filter::text($_POST['password'])); $referer = Filter::text($_POST['referer']); // figure out if user provided username or email address if (Filter::email($username)) { $user = User::loadByEmail($username); } else { $user = User::loadByUsername($username); } if ($user != null) { if ($password == $user->getPassword()) { // remember user? $remember = Filter::text($_POST['remember']); $remember = $remember == 'remember' ? true : false; // sign in Session::signIn($user->getID(), $remember); // send us onward if (!empty($referer) && $referer != Url::forgotPassword()) { $json = array('success' => '1', 'successUrl' => $referer); } else { $json = array('success' => 1); } exit(json_encode($json)); } else { $json = array('error' => 'Invalid username or password. Please try again.'); exit(json_encode($json)); } } else {
<?php require_once "../../global.php"; $slug = Filter::text($_GET['slug']); $project = Project::getProjectFromSlug($slug); // kick us out if slug invalid if ($project == null) { header('Location: ' . Url::error()); exit; } // if private project, limit access to invited users, members, and admins // and exclude banned members if ($project->getPrivate()) { if (!Session::isAdmin() && !$project->isCreator(Session::getUserID())) { if (!$project->isInvited(Session::getUserID()) && !$project->isMember(Session::getUserID()) && !$project->isTrusted(Session::getUserID()) || ProjectUser::isBanned(Session::getUserID(), $project->getID())) { header('Location: ' . Url::error()); exit; } } } // page number, if any if (empty($_GET['page'])) { $page = 1; } else { $page = Filter::numeric($_GET['page']); } $discussionID = Filter::numeric($_GET['d']); $discussion = Discussion::load($discussionID); define('REPLIES_PER_PAGE', 10); // how many replies per page $totalNumReplies = count($discussion->getReplies());
<?php require_once './../../global.php'; $relationship = Filter::text($_GET['relationship']); $term = Filter::text($_GET['term']); if ($relationship == 'not-me') { $usernames = User::getAllUsernames($term, Session::getUserID()); } echo json_encode($usernames);
$u = User::load($userID); if ($u->getNotifyTrustProject()) { // compose email $body = "<p>" . formatUserLink(Session::getUserID()) . ' untrusted you in the project ' . formatProjectLink($project->getID()) . '.</p>'; $email = array('to' => $u->getEmail(), 'subject' => '[' . PIPELINE_NAME . '] Untrusted in the project ' . $project->getTitle(), 'message' => $body); // send email Email::send($email); } // send us back $user = User::load($userID); Session::setMessage($user->getUsername() . ' is no longer trusted.'); $json = array('success' => '1'); echo json_encode($json); // --- INVITE MEMBERS --- // } elseif ($action == 'invite-members') { $invitees = Filter::text($_POST['invitees']); $message = Filter::formattedText($_POST['message']); $trusted = Filter::numeric($_POST['trusted']); $invitees = explode(',', $invitees); // these arrays will hold valid users and emails to invite $users = array(); $emails = array(); // first, make sure everyone in the list is valid if (!empty($invitees)) { foreach ($invitees as $i) { $i = trim($i); if ($i == '') { continue; } // skip blank if (filter_var($i, FILTER_VALIDATE_EMAIL)) {
foreach ($deleted as $d) { // save changes $d = Filter::numeric($d); $upload = Upload::load($d); $upload->setDeleted(true); $upload->save(); $deletedIDs .= $d . ','; } } // are uploads added? if (!empty($added)) { $addedIDs = ''; foreach ($added as $stored => $orig) { // save changes $stored = Filter::text($stored); $orig = Filter::text($orig); $uploadID = Upload::saveToDatabase($orig, $stored, Upload::TYPE_UPDATE, $update->getID(), $project->getID()); $addedIDs .= $uploadID . ','; } } // deal with logging and modified flag for both adds and deletes if (!empty($deletedIDs) || !empty($addedIDs)) { // log it $logEvent = new Event(array('event_type_id' => 'edit_update_uploads', 'user_1_id' => Session::getUserID(), 'project_id' => $project->getID(), 'item_1_id' => $update->getID(), 'item_2_id' => $accepted->getID(), 'item_3_id' => $task->getID(), 'data_1' => $deletedIDs, 'data_2' => $addedIDs)); $logEvent->save(); // set flag $modified = true; } // check flag if ($modified) { Session::setMessage('You edited the update.');
private function parseCondition() { $page = intval(Req::args("p")); $page_size = 36; $sort = Filter::int(Req::args("sort")); $sort = $sort == null ? 0 : $sort; $cid = Filter::int(Req::args("cid")); $cid = $cid == null ? 0 : $cid; $brand = Filter::int(Req::args("brand")); $price = Req::args("price"); //下面已进行拆分过滤 $keyword = urldecode(Req::args('keyword')); $keyword = Filter::text($keyword); $keyword = Filter::commonChar($keyword); //初始化数据 $attrs = $specs = $spec_attr = $category_child = $spec_attr_selected = $selected = $has_category = $category = $current_category = array(); $where = $spec_attr_where = $url = ""; $condition_num = 0; $model = $this->model; //基本条件的建立 //关于搜索的处理 $action = strtolower(Req::args("act")); if ($action == 'search') { // xuzhongyi $seo_title = "分类检索"; $seo_keywords = "全部分类"; $seo_description = "所有分类商品"; //取得商品的子分类 $category_ids = ""; $categ = Category::getInstance(); //set:$cid = 5; if ($cid == 0) { $category_child = $categ->getCategoryChild(0, 1); } else { $current_category = $this->model->table("goods_category as gc")->fields("gc.*,gt.name as gname,gt.attr,gt.spec,gc.seo_title,gc.seo_keywords,gc.seo_description")->join("left join goods_type as gt on gc.type_id = gt.id")->where("gc.id = {$cid}")->find(); if ($current_category) { $path = trim($current_category['path'], ','); $rows = $this->model->table("goods_category")->where("path like '{$current_category['path']}%'")->order("field(`id`,{$path})")->findAll(); $category = $this->model->table("goods_category")->where("id in ({$path})")->order("field(`id`,{$path})")->findAll(); foreach ($rows as $row) { $category_ids .= $row['id'] . ','; } $category_ids = trim($category_ids, ","); $category_child = $categ->getCategoryChild($path, 1); $attrs = unserialize($current_category['attr']); $specs = unserialize($current_category['spec']); $attrs = is_array($attrs) ? $attrs : array(); $specs = is_array($specs) ? $specs : array(); } } $seo_category = $model->table('goods_category')->where("id={$cid}")->find(); if ($seo_category) { if ($seo_category['seo_title'] != '') { $seo_title = $seo_category['seo_title']; } else { $seo_title = $seo_category['name']; } if ($seo_category['seo_keywords'] != '') { $seo_keywords = $seo_category['name'] . ',' . $seo_category['seo_keywords']; } else { $seo_keywords = $seo_category['name']; } if ($seo_category['seo_description'] != '') { $seo_description = $seo_category['seo_description']; } else { $seo_description = $seo_category['name']; } } if ($category_ids != "") { $where = "go.category_id in ({$category_ids})"; } else { $where = "1=1"; } //关于类型的处理 ////提取商品下的类型 $seo_title = $seo_keywords = $keyword; $where = "name like '%{$keyword}%'"; $rows = $model->table("goods")->fields("category_id,count(id) as num")->where($where)->group("category_id")->findAll(); $category_ids = ""; $category_count = array(); foreach ($rows as $row) { $category_ids .= $row['category_id'] . ','; $category_count[$row['category_id']] = $row['num']; } $category_ids = trim($category_ids, ","); $has_category = array(); $seo_description = ''; if ($category_ids) { //搜索到内容且真正的点击搜索时进行统计 if ($this->getModule()->checkToken()) { $keyword = urldecode(Req::args('keyword')); $keyword = Filter::sql($keyword); $keyword = trim($keyword); $len = String::strlen($keyword); if ($len >= 2 && $len <= 8) { $model = new Model("tags"); $obj = $model->where("name='{$keyword}'")->find(); if ($obj) { $model->data(array('num' => "`num`+1"))->where("id=" . $obj['id'])->update(); } else { $model->data(array('name' => $keyword))->insert(); } } } $rows = $model->table("goods_category")->where("id in ({$category_ids})")->findAll(); foreach ($rows as $row) { $path = trim($row['path'], ','); $paths = explode(',', $path); $root = 0; if (is_array($paths)) { $root = $paths[0]; } $row['num'] = $category_count[$row['id']]; $has_category[$root][] = $row; $seo_description .= $row['name'] . ','; } } if ($cid != 0) { $where = "category_id={$cid} and name like '%{$keyword}%'"; $category = $model->table("goods_category as gc ")->join("left join goods_type as gt on gc.type_id = gt.id")->where("gc.id={$cid}")->find(); if ($category) { $attrs = unserialize($category['attr']); $specs = unserialize($category['spec']); if ($category['seo_title'] != '') { $seo_title = $category['seo_title']; } else { $seo_title = $category['name']; } if ($category['seo_keywords'] != '') { $seo_keywords = $category['seo_keywords']; } if ($category['seo_description'] != '') { $seo_description = $category['seo_description']; } } } //关于分类检索的处理 } else { if ($action == 'category') { $seo_title = "分类检索"; $seo_keywords = "全部分类"; $seo_description = "所有分类商品"; //取得商品的子分类 $category_ids = ""; $categ = Category::getInstance(); if ($cid == 0) { $category_child = $categ->getCategoryChild(0, 1); } else { $current_category = $this->model->table("goods_category as gc")->fields("gc.*,gt.name as gname,gt.attr,gt.spec,gc.seo_title,gc.seo_keywords,gc.seo_description")->join("left join goods_type as gt on gc.type_id = gt.id")->where("gc.id = {$cid}")->find(); if ($current_category) { $path = trim($current_category['path'], ','); $rows = $this->model->table("goods_category")->where("path like '{$current_category['path']}%'")->order("field(`id`,{$path})")->findAll(); $category = $this->model->table("goods_category")->where("id in ({$path})")->order("field(`id`,{$path})")->findAll(); foreach ($rows as $row) { $category_ids .= $row['id'] . ','; } $category_ids = trim($category_ids, ","); $category_child = $categ->getCategoryChild($path, 1); $attrs = unserialize($current_category['attr']); $specs = unserialize($current_category['spec']); $attrs = is_array($attrs) ? $attrs : array(); $specs = is_array($specs) ? $specs : array(); } } $seo_category = $model->table('goods_category')->where("id={$cid}")->find(); if ($seo_category) { if ($seo_category['seo_title'] != '') { $seo_title = $seo_category['seo_title']; } else { $seo_title = $seo_category['name']; } if ($seo_category['seo_keywords'] != '') { $seo_keywords = $seo_category['name'] . ',' . $seo_category['seo_keywords']; } else { $seo_keywords = $seo_category['name']; } if ($seo_category['seo_description'] != '') { $seo_description = $seo_category['seo_description']; } else { $seo_description = $seo_category['name']; } } if ($category_ids != "") { $where = "go.category_id in ({$category_ids})"; } else { $where = "1=1"; } } } //品牌筛选 $rows = $model->table("goods as go")->fields("brand_id,count(id) as num")->where($where)->group("brand_id")->findAll(); $brand_ids = ''; $brand_num = $has_brand = array(); foreach ($rows as $row) { $brand_ids .= $row['brand_id'] . ','; $brand_num[$row['brand_id']] = $row['num']; } $brand_ids = trim($brand_ids, ','); //价格区间 $prices = $model->table("goods as go")->fields("max(sell_price) as max,min(sell_price) as min,avg(sell_price) as avg")->where($where)->find(); $price_range = Common::priceRange($prices); if ($brand_ids) { $has_brand = $model->table("brand")->where("id in ({$brand_ids})")->findAll(); } //var_dump($price_range);exit(); if (!empty($price_range)) { $has_price = array_flip($price_range); } else { $has_price = array(); } if ($price && isset($has_price[$price])) { $prices = explode('-', $price); if (count($prices) == 2) { $where .= " and sell_price>=" . Filter::int($prices[0]) . " and sell_price <=" . Filter::int($prices[1]); } else { $where .= " and sell_price>=" . Filter::int($prices[0]); } $url .= "/price/{$price}"; } if ($brand && isset($brand_num[$brand])) { $url .= "/brand/{$brand}"; $where .= " and brand_id = {$brand} "; } //规格与属性的处理 if ($attrs != null) { foreach ($attrs as $attr) { if ($attr['show_type'] == 1) { $spec_attr[$attr['id']] = $attr; } } } if ($specs != null) { foreach ($specs as $spec) { $spec['values'] = unserialize($spec['value']); unset($spec['value'], $spec['spec']); $spec_attr[$spec['id']] = $spec; } } foreach ($selected as $key => $value) { if (isset($spec_attr[$key])) { $spec_attr_selected[$key] = $spec_attr[$key]; foreach ($spec_attr_selected[$key]['values'] as $k => $v) { if ($value == $v['id']) { $spec_attr_selected[$key]['values'] = $v; break; } } } } //规格处属性的筛选 $args = Req::args(); unset($args['con'], $args['act'], $args['p'], $args['sort'], $args['brand'], $args['price']); foreach ($args as $key => $value) { if (is_numeric($key) && is_numeric($value)) { if (isset($spec_attr[$key])) { $spec_attr_where .= "or (`key`={$key} and `value` = {$value}) "; $condition_num++; $url .= '/' . $key . '/' . $value; } } $selected[$key] = $value; } $selected['price'] = $price; $selected['brand'] = $brand; $spec_attr_where = trim($spec_attr_where, "or"); $where .= ' and go.is_online =0'; if ($condition_num > 0) { $where .= " and go.id in (select goods_id from tiny_spec_attr where {$spec_attr_where} group by goods_id having count(goods_id) >= {$condition_num})"; } //排序的处理 switch ($sort) { case '1': $goods_model = $model->table("goods as go")->join("left join tiny_order_goods as og on go.id = og.goods_id")->fields("go.*,sum(og.goods_nums) as sell_num")->order("sell_num desc")->group("go.id"); break; case '2': $goods_model = $model->table("goods as go")->join("left join tiny_review as re on go.id = re.goods_id")->fields("go.*,count(re.goods_id) as renum")->group("go.id")->order("renum desc"); break; case '3': $goods_model = $model->table("goods as go")->order("sell_price desc"); break; case '4': $goods_model = $model->table("goods as go")->order("sell_price"); break; case '5': $goods_model = $model->table("goods as go")->order("id desc"); break; default: $goods_model = $model->table("goods as go")->order("sort desc"); break; } //var_dump($where);exit; //提取商品 $goods = $goods_model->where($where)->findPage($page, $page_size); //品牌处理 preg_match_all('!(<(a|span)[^>]+>(上一页|下一页)</\\2>)!', $goods['html'], $matches); $topPageBar = ""; if (count($matches[0]) > 0) { $topPageBar = implode("", $matches[0]); } $this->assign("topPageBar", $topPageBar); //赋值处理 $this->assign('seo_title', $seo_title); $this->assign('seo_keywords', $seo_keywords); $this->assign('seo_description', '对应的商品共有' . $goods['page']['total'] . '件商品,包括以下分类:' . $seo_description); $this->assign("keyword", $keyword); $this->assign("sort", $sort); $this->assign("has_brand", $has_brand); $this->assign("brand_num", $brand_num); $this->assign("current_category", $current_category); $this->assign("goods", $goods); $this->assign("selected", $selected); $this->assign("spec_attr", $spec_attr); $this->assign("spec_attr_selected", $spec_attr_selected); $this->assign("category_child", $category_child); $this->assign("price_range", $price_range); $this->assign("category_nav", $category); $this->assign("has_category", $has_category); if ($action == 'search') { $this->assign("url", "/index/search/keyword/" . $keyword . "/cid/{$cid}/sort/{$sort}" . $url); } else { $this->assign("url", "/index/category/cid/" . $cid . "/sort/{$sort}" . $url); } $this->redirect(); }