/**
* read the session
*
* @access public
* @param
* boolean, set to true if we want to force a new session to be created
* @return Fuel\Core\Session_Driver
*/
public function read($force = false)
{
// initialize the session
$this->data = array();
$this->keys = array();
$this->flash = array();
// get the session cookie
$payload = $this->_get_cookie();
// validate it
if ($payload === false or $force) {
// not a valid cookie, or a forced session reset
} elseif (!isset($payload[0]) or !is_array($payload[0])) {
// not a valid cookie payload
} elseif ($payload[0]['updated'] + $this->config['expiration_time'] <= $this->time->get_timestamp()) {
// session has expired
} elseif ($this->config['match_ip'] and $payload[0]['ip_hash'] !== md5(\Input::ip() . \Input::real_ip())) {
// IP address doesn't match
} elseif ($this->config['match_ua'] and $payload[0]['user_agent'] !== \Input::user_agent()) {
// user agent doesn't match
} else {
// session is valid, retrieve the payload
if (isset($payload[0]) and is_array($payload[0])) {
$this->keys = $payload[0];
}
if (isset($payload[1]) and is_array($payload[1])) {
$this->data = $payload[1];
}
if (isset($payload[2]) and is_array($payload[2])) {
$this->flash = $payload[2];
}
}
return parent::read();
}
/**
* read the session
*
* @access public
* @param boolean, set to true if we want to force a new session to be created
* @return Fuel\Core\Session_Driver
*/
public function read($force = false)
{
// initialize the session
$this->data = array();
$this->keys = array();
$this->flash = array();
// get the session cookie
$payload = $this->_get_cookie();
// validate it
if ($force) {
// a forced session reset
} elseif ($payload === false) {
// no cookie found
} elseif (!isset($payload[0]) or !is_array($payload[0])) {
logger('DEBUG', 'Error: not a valid cookie payload!');
} elseif ($payload[0]['updated'] + $this->config['expiration_time'] <= $this->time->get_timestamp()) {
logger('DEBUG', 'Error: session id has expired!');
} elseif ($this->config['match_ip'] and $payload[0]['ip_hash'] !== md5(\Input::ip() . \Input::real_ip())) {
logger('DEBUG', 'Error: IP address in the session doesn\'t match this requests source IP!');
} elseif ($this->config['match_ua'] and $payload[0]['user_agent'] !== \Input::user_agent()) {
logger('DEBUG', 'Error: User agent in the session doesn\'t match the browsers user agent string!');
} else {
// session is valid, retrieve the payload
if (isset($payload[0]) and is_array($payload[0])) {
$this->keys = $payload[0];
}
if (isset($payload[1]) and is_array($payload[1])) {
$this->data = $payload[1];
}
if (isset($payload[2]) and is_array($payload[2])) {
$this->flash = $payload[2];
}
}
return parent::read();
}
/**
* create a new session
*
* @access public
* @return Fuel\Core\Session_Cookie
*/
public function create()
{
// create a new session
$this->keys['session_id'] = $this->_new_session_id();
$this->keys['ip_hash'] = md5(\Input::ip() . \Input::real_ip());
$this->keys['user_agent'] = \Input::user_agent();
$this->keys['created'] = $this->time->get_timestamp();
$this->keys['updated'] = $this->keys['created'];
$this->keys['payload'] = '';
return $this;
}
/**
* create a new session
*
* @access public
* @return void
*/
public function create()
{
// create a new session
$this->keys['session_id'] = $this->_new_session_id();
$this->keys['ip_address'] = \Input::real_ip();
$this->keys['user_agent'] = \Input::user_agent();
$this->keys['created'] = $this->time->get_timestamp();
$this->keys['updated'] = $this->keys['created'];
$this->keys['payload'] = '';
// and set the session cookie
$this->_set_cookie();
}
/**
* create a new session
*
* @access public
* @return Fuel\Core\Session_Memcached
*/
public function create()
{
// create a new session
$this->keys['session_id'] = $this->_new_session_id();
$this->keys['previous_id'] = $this->keys['session_id'];
// prevents errors if previous_id has a unique index
$this->keys['ip_hash'] = md5(\Input::ip() . \Input::real_ip());
$this->keys['user_agent'] = \Input::user_agent();
$this->keys['created'] = $this->time->get_timestamp();
$this->keys['updated'] = $this->keys['created'];
return $this;
}
public function response()
{
$error_code = $this->getMessage();
$error_list = Lang::load('error/user', $error_code);
if (!isset($error_list[$error_code])) {
$error_code = \Model_Error::ER00001;
}
$error_message = $error_list[$error_code];
$params = array('error_code' => $error_code, 'error_message' => $error_message, 'line' => $this->getLine(), 'file' => $this->getFile(), 'url' => Uri::main(), 'input' => print_r(Input::all(), true), 'real_ip' => Input::real_ip(), 'user_agent' => Input::user_agent(), 'user_id' => Auth::get_user_id(), 'occurred_at' => date('Y/m/d H:i:s'));
$email = new Model_Email();
$email->sendMailByParams('error', $params);
$response = \Request::forge('errors/index', false)->execute($params)->response();
return $response;
}
/**
* create a new session
*
* @access public
* @return void
*/
public function create()
{
// create a new session
$this->keys['session_id'] = $this->_new_session_id();
$this->keys['previous_id'] = $this->keys['session_id'];
// prevents errors if previous_id has a unique index
$this->keys['ip_hash'] = md5(\Input::ip() . \Input::real_ip());
$this->keys['user_agent'] = \Input::user_agent();
$this->keys['created'] = $this->time->get_timestamp();
$this->keys['updated'] = $this->keys['created'];
// create the session record
$this->_write_redis($this->keys['session_id'], serialize(array()));
// and set the session cookie
$this->_set_cookie();
}
/**
* create a new session
*
* @access public
* @return void
*/
public function create()
{
// create a new session
$this->keys['session_id'] = $this->_new_session_id();
$this->keys['previous_id'] = $this->keys['session_id'];
// prevents errors if previous_id has a unique index
$this->keys['ip_hash'] = md5(\Input::ip() . \Input::real_ip());
$this->keys['user_agent'] = \Input::user_agent();
$this->keys['created'] = $this->time->get_timestamp();
$this->keys['updated'] = $this->keys['created'];
$this->keys['payload'] = '';
// create the session record
$result = \DB::insert($this->config['table'], array_keys($this->keys))->values($this->keys)->execute($this->config['database']);
// and set the session cookie
$this->_set_cookie();
}
/**
* read the session
*
* @access public
* @param boolean, set to true if we want to force a new session to be created
* @return Fuel\Core\Session_Driver
*/
public function read($force = false)
{
// initialize the session
$this->data = array();
$this->keys = array();
$this->flash = array();
// get the session cookie
$cookie = $this->_get_cookie();
// if a cookie was present, find the session record
if ($cookie and !$force and isset($cookie[0])) {
// read the session file
$payload = $this->_read_redis($cookie[0]);
if ($payload === false) {
// cookie present, but session record missing. force creation of a new session
return $this->read(true);
}
// unpack the payload
$payload = $this->_unserialize($payload);
// session referral?
if (isset($payload['rotated_session_id'])) {
$payload = $this->_read_redis($payload['rotated_session_id']);
if ($payload === false) {
// cookie present, but session record missing. force creation of a new session
return $this->read(true);
}
// unpack the payload
$payload = $this->_unserialize($payload);
}
if (!isset($payload[0]) or !is_array($payload[0])) {
// not a valid cookie payload
} elseif ($payload[0]['updated'] + $this->config['expiration_time'] <= $this->time->get_timestamp()) {
// session has expired
} elseif ($this->config['match_ip'] and $payload[0]['ip_hash'] !== md5(\Input::ip() . \Input::real_ip())) {
// IP address doesn't match
} elseif ($this->config['match_ua'] and $payload[0]['user_agent'] !== \Input::user_agent()) {
// user agent doesn't match
} else {
// session is valid, retrieve the rest of the payload
if (isset($payload[0]) and is_array($payload[0])) {
$this->keys = $payload[0];
}
if (isset($payload[1]) and is_array($payload[1])) {
$this->data = $payload[1];
}
if (isset($payload[2]) and is_array($payload[2])) {
$this->flash = $payload[2];
}
}
}
return parent::read();
}
/**
* record login
* @param integer $account_id
* @param integer $attempt 0 for failed, 1 for success
* @param string $attempt_text attempt text
* @return boolean
*/
public function recordLogin($account_id = '', $attempt = '0', $attempt_text = '')
{
if (!is_numeric($account_id) || !is_numeric($attempt)) {
return false;
}
if ($attempt_text == null) {
$attempt_text = null;
}
$site_id = \Model_Sites::getSiteId(false);
// get browser class for use instead of fuelphp agent which is does not work.
include_once APPPATH . 'vendor' . DS . 'browser' . DS . 'lib' . DS . 'Browser.php';
$browser = new Browser();
// set data for insertion
$data['account_id'] = $account_id;
$data['site_id'] = $site_id;
$data['login_ua'] = \Input::user_agent();
$data['login_os'] = $browser->getPlatform();
$data['login_browser'] = $browser->getBrowser() . ' ' . $browser->getVersion();
$data['login_ip'] = \Input::real_ip();
$data['login_time'] = time();
$data['login_time_gmt'] = \Extension\Date::localToGmt();
$data['login_attempt'] = $attempt;
$data['login_attempt_text'] = $attempt_text;
\DB::insert(static::$_table_name)->set($data)->execute();
unset($browser, $data, $site_id);
return true;
}
/**
* read the session
*
* @access public
* @param boolean, set to true if we want to force a new session to be created
* @return Fuel\Core\Session_Driver
*/
public function read($force = false)
{
// initialize the session
$this->data = array();
$this->keys = array();
$this->flash = array();
$this->record = null;
// get the session cookie
$cookie = $this->_get_cookie();
// if a cookie was present, find the session record
if ($cookie and !$force and isset($cookie[0])) {
// read the session record
$this->record = \DB::select()->where('session_id', '=', $cookie[0])->from($this->config['table'])->execute($this->config['database']);
// record found?
if ($this->record->count()) {
$payload = $this->_unserialize($this->record->get('payload'));
} else {
// try to find the session on previous id
$this->record = \DB::select()->where('previous_id', '=', $cookie[0])->from($this->config['table'])->execute($this->config['database']);
// record found?
if ($this->record->count()) {
$payload = $this->_unserialize($this->record->get('payload'));
} else {
// cookie present, but session record missing. force creation of a new session
logger('DEBUG', 'Error: Session cookie with ID "' . $cookie[0] . '" present but corresponding record is missing');
return $this->read(true);
}
}
if (!isset($payload[0]) or !is_array($payload[0])) {
logger('DEBUG', 'Error: not a valid db session payload!');
} elseif ($payload[0]['updated'] + $this->config['expiration_time'] <= $this->time->get_timestamp()) {
logger('DEBUG', 'Error: session id has expired!');
} elseif ($this->config['match_ip'] and $payload[0]['ip_hash'] !== md5(\Input::ip() . \Input::real_ip())) {
logger('DEBUG', 'Error: IP address in the session doesn\'t match this requests source IP!');
} elseif ($this->config['match_ua'] and $payload[0]['user_agent'] !== \Input::user_agent()) {
logger('DEBUG', 'Error: User agent in the session doesn\'t match the browsers user agent string!');
} else {
// session is valid, retrieve the payload
if (isset($payload[0]) and is_array($payload[0])) {
$this->keys = $payload[0];
}
if (isset($payload[1]) and is_array($payload[1])) {
$this->data = $payload[1];
}
if (isset($payload[2]) and is_array($payload[2])) {
$this->flash = $payload[2];
}
}
}
return parent::read();
}
/**
* Add the array of Bit API Hub headers for the call
*
* @param array $headers The array of existing headers
* @return array $headers with the Bit API Hub headers added on
*/
public static function get_headers(array $headers)
{
$api = \V1\Model\APIs::get_api();
$account = \V1\Model\Account::get_account();
$forwarded_for = \Input::real_ip('0.0.0.0', true);
if ($internal_call = \Utility::is_internal_call()) {
$forwarded_for = \Config::get('engine.call_test_ip');
}
$headers = array_replace($headers, array('User-Agent' => 'API Optimization Engine/V1', 'X-Forwarded-For' => $forwarded_for));
if (\Config::get('engine.send_engine_auth', false) === true) {
// If the API hasn't yet received a secret identity, generate one.
if (empty($api['secret'])) {
$secret = \V1\Model\APIs::set_api_secret($api['id']);
} else {
$secret = \Crypt::decode($api['secret']);
}
$headers = array_replace($headers, array('X-AOE-Secret' => $secret, 'X-AOE-Account' => $account['id'], 'X-AOE-Version' => 'V1'));
}
return $headers;
}
/**
* Track information about user sign ins. It tracks the following columns:
*
* - sign_in_count - Increased every time a sign in is made (by form, openid, oauth)
* - current_sign_in_at - A timestamp updated when the user signs in
* - last_sign_in_at - Holds the timestamp of the previous sign in
* - current_sign_in_ip - The remote ip updated when the user sign in
* - last_sign_in_at - Holds the remote ip of the previous sign in
*
* @return bool
*/
public function update_tracked_fields()
{
if (\Config::get('warden.trackable') !== true) {
return false;
}
$old_current = $this->current_sign_in_at;
$new_current = \DB::expr('CURRENT_TIMESTAMP');
$this->last_sign_in_at = $old_current != static::$_properties['last_sign_in_at']['default'] ? $old_current : $new_current;
$this->current_sign_in_at = $new_current;
$old_current = $this->current_sign_in_ip;
$this->current_sign_in_ip = null;
$new_current = \Input::real_ip();
$this->last_sign_in_ip = $old_current != static::$_properties['last_sign_in_ip']['default'] ? $old_current : $new_current;
$this->current_sign_in_ip = $new_current;
if (\Config::get('warden.lockable.in_use') === true && \Config::get('warden.lockable.lock_strategy') == 'sign_in_count') {
$this->sign_in_count = 0;
} else {
$this->sign_in_count += 1;
}
$return = $this->save(false);
return $return;
}
/**
* read the session
*
* @access public
* @param
* boolean, set to true if we want to force a new session to be created
* @return Fuel\Core\Session_Driver
*/
public function read($force = false)
{
// initialize the session
$this->data = array();
$this->keys = array();
$this->flash = array();
$this->record = null;
// get the session cookie
$cookie = $this->_get_cookie();
// if a cookie was present, find the session record
if ($cookie and !$force and isset($cookie[0])) {
// read the session record
$this->record = \DB::select()->where('session_id', '=', $cookie[0])->from($this->config['table'])->execute($this->config['database']);
// record found?
if ($this->record->count()) {
$payload = $this->_unserialize($this->record->get('payload'));
} else {
// try to find the session on previous id
$this->record = \DB::select()->where('previous_id', '=', $cookie[0])->from($this->config['table'])->execute($this->config['database']);
// record found?
if ($this->record->count()) {
$payload = $this->_unserialize($this->record->get('payload'));
} else {
// cookie present, but session record missing. force creation of a new session
return $this->read(true);
}
}
if (!isset($payload[0]) or !is_array($payload[0])) {
// not a valid cookie payload
} elseif ($payload[0]['updated'] + $this->config['expiration_time'] <= $this->time->get_timestamp()) {
// session has expired
} elseif ($this->config['match_ip'] and $payload[0]['ip_hash'] !== md5(\Input::ip() . \Input::real_ip())) {
// IP address doesn't match
} elseif ($this->config['match_ua'] and $payload[0]['user_agent'] !== \Input::user_agent()) {
// user agent doesn't match
} else {
// session is valid, retrieve the payload
if (isset($payload[0]) and is_array($payload[0])) {
$this->keys = $payload[0];
}
if (isset($payload[1]) and is_array($payload[1])) {
$this->data = $payload[1];
}
if (isset($payload[2]) and is_array($payload[2])) {
$this->flash = $payload[2];
}
}
}
return parent::read();
}
/** Check
*
* Calls an HTTP POST function to verify if the user's guess was correct
*
* @param string $remote_ip
* @param string $challenge
* @param string $response
* @param array $extra_params an array of extra variables to post to the server
* @return bool
*/
public function check($remote_ip = null, $challenge = null, $response = null, $extra_params = array())
{
$remote_ip = \Input::real_ip();
if ($remote_ip == '0.0.0.0' or $remote_ip == '') {
throw new Captcha_Exception('Recaptcha needs a valid Remote IP');
}
if (is_null($challenge)) {
$challenge = \Input::post($this->config['challenge_field']);
}
if (is_null($response)) {
$response = \Input::post($this->config['response_field']);
}
$challenge = (string) e($challenge);
$response = (string) e($response);
if ($challenge === '' or $response === '') {
$this->error = 'incorrect-captcha-sol';
return false;
}
$response = $this->_http_post($this->config['verify_server'], "/recaptcha/api/verify", array('privatekey' => $this->config['private_key'], 'remoteip' => $remote_ip, 'challenge' => $challenge, 'response' => $response) + $extra_params);
$answers = explode("\n", $response[1]);
if (trim($answers[0]) == 'true') {
return true;
} else {
$this->error = $answers[1];
return false;
}
}
public function before_insert(\Orm\Model $obj)
{
$obj->{$this->_property} = \Input::real_ip();
}
public function action_login()
{
if (Input::method() == 'POST') {
if (!\Security::check_token()) {
\Log::info('CSRF detected from IP:' . \Input::ip() . ', Real IP:' . \Input::real_ip() . ', Ref:' . \Input::referrer() . ', Agent:' . \Input::user_agent());
throw new \HttpNotFoundException();
}
$val = \Validation::forge('users');
$val->add_field('username', 'Your username', 'required|min_length[3]|max_length[20]');
$val->add_field('password', 'Your password', 'required|min_length[3]|max_length[20]');
if ($val->run()) {
$valid_login = \Auth::instance()->login($val->validated('username'), $val->validated('password'));
if ($valid_login) {
$user = \Auth::instance()->get_user_info();
\Session::set('user_info', $user);
\Session::set_flash('success', 'Welcome, ' . $val->validated('username'));
$url = \Session::get('redirect_url', '/');
\Session::delete('redirect_url');
\Response::redirect($url);
} else {
$data['username'] = $val->validated('username');
\Session::set_flash('error', 'Wrong username/password. Try again');
}
} else {
\Session::set_flash('error', 'Please correct the error(s).');
$this->template->set_global('errors', $val->error());
}
}
$this->template->title = 'Login';
$this->template->page_title = 'Login';
$this->template->content = \View::forge('petro/login');
}
/**
* create the monolog instance
*/
public static function _init()
{
static::$monolog = new \Monolog\Logger(\Config::get("log.package_name", "fuelPHP") . ":" . Input::real_ip());
static::initialize();
}
/**
* Add the connected IP to the list of IPs used to access the account
*
* @return boolean True unless an error occurred
*/
protected static function set_used_ip()
{
$account_data = \V1\Model\Account::get_account();
// No data
if (empty($account_data)) {
return false;
}
// If we can't decode the list, then we start fresh. Perhaps we overfilled the list of IPs somehow?
if (empty($account_data['ips_used']) || !is_array($ips_used = json_decode($account_data['ips_used'], true))) {
$ips_used = array();
}
// Add the IP if it doesn't already exist.
if (!in_array(\Input::real_ip(), $ips_used)) {
$ips_used[] = \Input::real_ip();
\V1\Model\Account::set_used_ips($ips_used);
}
return true;
}
public function before_save(\Orm\Model $obj)
{
if ($obj->is_new() or $obj->is_changed()) {
$obj->{$this->_property} = \Input::real_ip();
}
}
/**
* Set the debug_backtrace if we're in debug mode.
*
* @param string $action The action that took place
* @param string $msg The logged message
* @param array $tokens An array of data with points of interest
*
* @return string The logged message possibly with the backtrace appended
* @access private
*/
private static function _format($action, $msg, array $tokens)
{
// Fix the formatting
$msg = str_replace(array("\t", "\n", "\r", " "), array('', ' ', ' ', ' '), $msg);
$output = array('action' => $action, 'real_ip' => \Input::real_ip(), 'message' => $msg, 'tokens' => $tokens);
// If we have a sub-action then add that in.
if (substr_count($action, ':') === 1) {
$action_arr = explode(':', $action);
$output['action'] = $action_arr[0];
$output['subaction'] = $action_arr[1];
}
return '[-HACKISH-]' . json_encode($output);
}
/**
* Generate the default data for the context object.
*
* @param bool $js Set this to generate the context for JS
*
* @return array The array to use for the "context" object
*/
private function _get_context($js = true)
{
$context_data = array('context' => array('locale' => $this->_get_locale(), 'timezone' => date('e')));
if ($js !== true) {
$php_context = array('ip' => \Input::real_ip(), 'userAgent' => \Input::user_agent());
$context_data['context'] = \Arr::merge($context_data['context'], $php_context);
// Don't use \Arr::set() since that will always add the keys.
$context['campaign'] = $this->_add_element('name', \Input::get('utm_campaign'), array());
$context['campaign'] = $this->_add_element('source', \Input::get('utm_source'), $context['campaign']);
$context['campaign'] = $this->_add_element('medium', \Input::get('utm_medium'), $context['campaign']);
$context['campaign'] = $this->_add_element('term', \Input::get('utm_term'), $context['campaign']);
$context['campaign'] = $this->_add_element('content', \Input::get('utm_content'), $context['campaign']);
if (!empty($context['campaign'])) {
$context_data['context'] = \Arr::merge($context_data['context'], $context);
}
// If we're using Google Analytics, we add it's ID.
if (!empty($this->_ga_cookie_id)) {
\Arr::set($context_data, 'integrations.Google Analytics.clientId', $this->_ga_cookie_id);
}
}
return $context_data;
}
public static function action_view($short_url)
{
if (is_object($short_url) === false) {
$short_url = Model_Url::query()->where('short_url', $short_url)->get_one();
}
$short_url->hits = $short_url->hits + 1;
$short_url->save();
if (empty($short_url) === false) {
$results = Controller_Url::check_loop($short_url);
$data['url'] = $results['url'];
$data['iframe'] = $results['iframe'];
if (isset($results['image']) === true) {
$data['image'] = $results['image'];
}
if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
$ip = $_SERVER["HTTP_CF_CONNECTING_IP"];
} else {
$ip = Input::real_ip();
}
$country = Model_Url_Stats_Country::query()->where('start_ip', '<=', ip2long($ip))->where('end_ip', '>=', ip2long($ip))->get_one();
if (empty($country) === false) {
$country = $country->country;
} else {
$country = 'N/A';
}
$lang = Agent::languages();
// Insert Some Stats
$stats = Model_Url_Stat::forge(array('url_id' => $short_url->id, 'ip' => $ip, 'country' => $country, 'referer' => Input::referrer(), 'language' => serialize($lang)));
$stats->save();
return new Response(View::Forge('url/redirect', $data));
} else {
Session::set('error', 'We couldn\'t');
Response::Redirect(Uri::Base());
}
}
/**
* Check if the API engine is getting called from an internal sourcellion.
*
* @return bool True if we're calling from inside, or false if not
*/
public static function is_internal_call()
{
return \Input::real_ip('0.0.0.0', true) === '0.0.0.0';
}
/**
* read a cookie
*
* @access private
* @return void
*/
protected function _get_cookie()
{
// was the cookie posted?
$cookie = \Input::get_post($this->config['post_cookie_name'], false);
// if not found, fetch the regular cookie
if ($cookie === false) {
$cookie = \Cookie::get($this->config['cookie_name'], false);
}
if ($cookie !== false) {
// fetch the payload
$cookie = $this->_unserialize(\Crypt::decode($cookie));
// validate the cookie
if (!isset($cookie[0])) {
// not a valid cookie payload
} elseif ($cookie[0]['updated'] + $this->config['expiration_time'] <= $this->time->get_timestamp()) {
// session has expired
} elseif ($this->config['match_ip'] && $cookie[0]['ip_hash'] !== md5(\Input::ip() . \Input::real_ip())) {
// IP address doesn't match
} elseif ($this->config['match_ua'] && $cookie[0]['user_agent'] !== \Input::user_agent()) {
// user agent doesn't match
} else {
// session is valid, retrieve the session keys
if (isset($cookie[0])) {
$this->keys = $cookie[0];
}
// and return the cookie payload
array_shift($cookie);
return $cookie;
}
}
// no payload
return false;
}
/**
* 发起统一支付
*
* @param $account 微信公众号对象
* @param $order 订单对象
* @param $access 支付配置对象
* @param $openid 微信Openid
* @param string $trade_type 支付类型
* @return bool|\handler\common\Array
* @throws \Exception
*/
public static function wxpay_order($account, $order, $access, $openid, $trade_type = 'JSAPI')
{
//创建支付记录
$ip = \Input::real_ip();
$timestamp = time();
//创建支付单号
$order_no = md5("{$order->order_no}{$timestamp}{$ip}");
$data = array('order_id' => $order->id, 'return_status' => 'NONE', 'out_trade_no' => $order_no, 'remark' => \Input::get('remark', ''), 'name' => \Input::get('name', ''), 'name_stype' => \Input::get('name_style', ''), 'real_money' => \Input::get('total_fee', $order->original_fee), 'openid' => $openid);
$trade = \Model_OrderTrade::forge($data);
if (!$trade->save()) {
\Log::error('微信支付时发生异常,原因:交易记录创建失败');
die('trade save error!');
}
//是否指定收款金额
$total_fee = $order->original_fee;
if (\Input::get('total_fee', false)) {
$total_fee = floatval(\Input::get('total_fee'));
}
$params = array('openid' => $openid, 'body' => $order->order_body ? $order->order_body : '', 'out_trade_no' => $order_no, 'total_fee' => $total_fee * 100, 'notify_url' => \Config::get('base_url') . 'services/gateway/notice_wxpay', 'trade_type' => $trade_type, 'appid' => $account->app_id, 'mch_id' => $access->access_id, 'nonce_str' => \Str::random('alnum', 16));
$params['sign'] = static::getWxPaySign($params, $access->access_key);
$data = \handler\common\Tool::arrayToXml($params);
$data = "<xml>{$data}</xml>";
$result = \handler\common\UrlTool::request_xml('https://api.mch.weixin.qq.com/pay/unifiedorder', 'POST', $data);
$result = \handler\common\Tool::xmlToArray($result);
if ($result['return_code'] == 'FAIL') {
var_dump($result);
die;
}
return $result;
}
/**
* Validates a Login and Password. This takes a password type so it can be
* used to validate password reset hashes as well.
*
* @param string Login column value
* @param string Password to validate with
* @param string Field name (password type)
* @return bool|Sentry_User
*/
protected static function validate_user($login_column_value, $password, $field)
{
// get user
$user = static::user($login_column_value);
// check activation status
if ($user->activated != 1 and $field != 'activation_hash') {
throw new \SentryAuthException(__('sentry.account_not_activated'));
}
// check user status
if ($user->status != 1) {
throw new \SentryAuthException(__('sentry.account_is_disabled'));
}
// check password
if (!$user->check_password($password, $field)) {
if (static::$suspend and ($field == 'password' or $field == 'password_reset_hash')) {
static::attempts($login_column_value, \Input::real_ip())->add();
}
return false;
}
return $user;
}
