public function doWebSetting()
{
global $_W, $_GPC;
checklogin();
load()->func('tpl');
$item = pdo_fetch("SELECT * FROM " . tablename($this->modulename . '_setting') . " WHERE weid = :weid", array(':weid' => $_W['uniacid']));
if (!empty($item)) {
if (!empty($item['share_image'])) {
$share_image = tomedia($item['share_image']);
}
}
if (checksubmit('submit')) {
$data = array('weid' => $_W['weid'], 'share_title' => trim($_GPC['share_title']), 'share_desc' => trim($_GPC['share_desc']), 'share_cancel' => trim($_GPC['share_cancel']), 'share_url' => trim($_GPC['share_url']), 'follow_url' => trim($_GPC['follow_url']));
if (!empty($_GPC['share_image'])) {
$data['share_image'] = $_GPC['share_image'];
load()->func('file');
file_delete($_GPC['share_image-old']);
}
if (!empty($item)) {
pdo_update($this->modulename . '_setting', $data, array('weid' => $_W['uniacid']));
} else {
pdo_insert($this->modulename . '_setting', $data);
}
message('更新成功!', $this->createWebUrl('setting'), 'success');
}
include $this->template('setting');
}
function registreerNieuweUser($login, $pasw)
{
$_SESSION["msg"] = "Registratie niet gelukt. Probeer later opnieuw.";
//default message
//controleren of de login reeds gebruikt is....
$connection = new W_DatabaseHelper("cms");
$querystring = "SELECT * \n\t\t\t\t\t\t FROM users \n\t\t\t\t\t\t WHERE naam LIKE :login \n\t\t\t\t\t\t";
$bindValues = [":login" => $login];
$resultset = $connection->query($querystring, $bindValues);
//$resultset = $connection->query($querystring);
//var_dump($resultset);
if (sizeof($resultset) > 0) {
$_SESSION["msg"] = "Deze naam is reeds in gebruik. Gelieve een andere login te kiezen.";
} else {
$querystring = "INSERT INTO users(naam, paswoord, salt) \n\t\t\t\t\t\t\tVALUES (:login, :pasw, :newsalt) \n\t\t\t\t\t\t\t";
///// SECURITY voor paswoord...
//salt aanmaken
$newsalt = generateSalt();
//parameter 5 in onderstaande lijn betekent dat we kiezen voor algoritme SHA256...
$pasw = hash("sha256", $pasw . $newsalt);
var_dump($pasw);
$bindValues = [":login" => $login, ":pasw" => $pasw, ":newsalt" => $newsalt];
$resultset = $connection->query($querystring, $bindValues);
$validatedUser = checklogin($login, $pasw);
$_SESSION["msg"] = "Proficiat met uw registratie. U bent meteen ook ingelogd met uw nieuwe login en paswoord.";
/// get the new user's userid...
$querystring = "SELECT userid FROM users\n\t\t\t\t\t\t\tWHERE naam LIKE :login \n\t\t\t\t\t\t\tAND paswoord LIKE :pasw \n\t\t\t\t\t\t\tAND salt LIKE :newsalt\n\t\t\t\t\t\t\t";
$bindValues = [":login" => $login, ":pasw" => $pasw, ":newsalt" => $newsalt];
$resultset = $connection->query($querystring, $bindValues);
var_dump($resultset);
$_SESSION["user"] = $resultset[0];
$_SESSION["username"] = $login;
}
//return $resultmessage;
}
public function doWebAwardlist()
{
global $_GPC, $_W;
checklogin();
//$from_user = $_W['fans']['from_user'];
$id = $_GPC['id'];
if (checksubmit('delete')) {
pdo_delete('mgamblemoon_user', " id IN ('" . implode("','", $_GPC['select']) . "')");
message('删除成功!', $this->createWebUrl('awardlist', array('id' => $id, 'page' => $_GPC['page'])));
}
if (!empty($_GPC['wid'])) {
$wid = intval($_GPC['wid']);
pdo_update('mgamblemoon_user', array('status' => intval($_GPC['status'])), array('id' => $wid));
message('标识领奖成功!', $this->createWebUrl('awardlist', array('id' => $id, 'page' => $_GPC['page'])));
}
$pindex = max(1, intval($_GPC['page']));
$psize = 50;
$where = '';
$condition = array('mobile' => " AND b.mobile ='{$_GPC['profilevalue']}'", 'realname' => " AND b.realname ='{$_GPC['profilevalue']}'");
if (!empty($_GPC['profile'])) {
$where .= $condition[$_GPC['profile']];
}
$sql = "SELECT a.id, a.award,a.createtime,a.num,a.status, b.nickname, b.mobile FROM " . tablename('mgamblemoon_user') . " AS a\n\t\t\t\tLEFT JOIN " . tablename('fans') . " AS b ON a.from_user = b.from_user WHERE a.rid = {$id} {$where} ORDER BY a.huodeid ASC LIMIT " . ($pindex - 1) * $psize . ",{$psize}";
$list = pdo_fetchall($sql);
if (!empty($list)) {
$total = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename('mgamblemoon_user') . " AS a\n\t\t\t\tLEFT JOIN " . tablename('fans') . " AS b ON a.from_user = b.from_user WHERE a.rid = '{$id}' {$where}");
$pager = pagination($total, $pindex, $psize);
}
include $this->template('awardlist');
}
public function doWebList()
{
global $_GPC, $_W;
checklogin();
$weid = $_W['account']['weid'];
//当前公众号ID
$id = intval($_GPC['id']);
$condition = '';
if (!empty($_GPC['name'])) {
$condition .= " AND ( grabername LIKE '%{$_GPC['realname']}%' OR fitername LIKE '%{$_GPC['realname']}%' )";
}
if (!empty($_GPC['mobile'])) {
$condition .= " AND ( grabermobile = '{$_GPC['mobile']}' OR fitermobile = '{$_GPC['mobile']}' )";
}
if (checksubmit('delete')) {
pdo_delete('grabseat_record', " id IN ('" . implode("','", $_GPC['select']) . "')");
message('删除成功!', $this->createWebUrl('list', array('id' => $id, 'page' => $_GPC['page'])));
}
if (!empty($_GPC['wid'])) {
$wid = intval($_GPC['wid']);
pdo_update('grabseat_record', array('status' => intval($_GPC['status'])), array('id' => $wid));
message('标识领奖成功!', $this->createWebUrl('list', array('id' => $id, 'page' => $_GPC['page'])));
}
$pindex = max(1, intval($_GPC['page']));
$psize = 25;
$list = pdo_fetchall("SELECT * FROM " . tablename('grabseat_record') . " WHERE weid = '{$_W['weid']}' {$condition} ORDER BY id DESC LIMIT " . ($pindex - 1) * $psize . ',' . $psize);
$listtotal = pdo_fetchall("SELECT * FROM " . tablename('grabseat_record') . " WHERE weid = '{$_W['weid']}' {$condition} ");
$total = count($listtotal);
$pager = pagination($total, $pindex, $psize);
include $this->template('list');
}
public function __web($f_name)
{
global $_W, $_GPC;
checklogin();
$weid = $_W['uniacid'];
//每个页面都要用的公共信息,今后可以考虑是否要运用到缓存
include_once 'web/' . strtolower(substr($f_name, 5)) . '.php';
}
public function __web($f_name)
{
global $_GPC, $_W;
checklogin();
$uniacid = !empty($_W['uniacid']) ? $_W['uniacid'] : $_W['acid'];
$rid = intval($_GPC['rid']);
include_once 'fmweb/' . strtolower(substr($f_name, 5)) . '.php';
}
public function doWebsendlist()
{
global $_W;
checklogin();
checkaccount();
$list = pdo_fetchall("select * from " . tablename($this->table) . " order by id desc");
include $this->template('list');
}
public function __comm($f_name)
{
global $_W, $_GPC;
checklogin();
$weid = $_W['weid'];
$subcp = $_GPC['subcp'] ? $_GPC['subcp'] : NULL;
include_once 'web/wl' . strtolower(substr($f_name, 2)) . '.php';
}
public function doWebMoralist($rid, $state)
{
global $_GPC, $_W;
checklogin();
$weid = $_W['account']['weid'];
//当前公众号ID
$id = intval($_GPC['id']);
include $this->template('moralist');
}
public function doWebPrizes()
{
global $_GPC, $_W, $ptr_title;
checklogin();
load()->func('tpl');
$op = $_GPC['op'];
$group_id = intval($_GPC['group_id']);
$settings = getModulesSettings($this->modulename);
if ($group_id <= 0) {
$group_id = $settings['prize_group'];
}
$_GPC['group_id'] = $group_id;
$ops = array('display', 'edit', 'delete', 'test', 'record');
$op = in_array($op, $ops) ? $op : 'display';
$cls = new Prize();
$ptr_title = '奖品例表';
//ajax 按钮
if ($_W['ispost'] && $_W['isajax']) {
if (!empty($_GPC['fieldmap']) && $_GPC['fieldmap'] == 'status' && $cls->change()) {
exit('success');
} elseif (!empty($_GPC['fieldmap']) && $_GPC['fieldmap'] == 'release' && $cls->release()) {
exit('success');
}
exit('操作失败');
}
if ($op == 'delete') {
if ($cls->delete()) {
message('删除成功!', $this->createWebUrl('Prizes'));
}
} elseif ($op == 'edit') {
list($code, $groups) = $cls->groups();
$id = $_GPC['id'];
$_W['page']['title'] = intval($id) > 0 ? '奖品编辑 - 主要业务模块 - 签到' : '奖品添加 - 主要业务模块 - 签到';
$ptr_title = intval($id) > 0 ? '奖品编辑' : '奖品添加';
list($code, $message, $prize) = $cls->edit();
if (!$code) {
message($message);
}
if (intval($id) > 0 && empty($prize)) {
message('奖品不存在.', $this->createWebUrl('Prizes', array('group_id' => $group_id)));
}
if ($code && !empty($message)) {
message($message, $this->createWebUrl('Prizes', array('group_id' => $group_id)));
}
} elseif ($op == 'test') {
$cls->test_lottery(1, $settings['prize_group']);
} elseif ($op == 'record') {
$prize = $cls->findPrize();
}
if (checksubmit('import')) {
$cls->import();
}
//导入奖品
list($list, $total, $pager) = $cls->_list();
//未领
include $this->template('prizes');
}
public function doWebAwardlist()
{
global $_GPC, $_W;
checklogin();
$id = intval($_GPC['id']);
if (checksubmit('delete')) {
pdo_delete('scratchcard_winner', " id IN ('" . implode("','", $_GPC['select']) . "')");
message('删除成功!', $this->createWebUrl('awardlist', array('id' => $id, 'page' => $_GPC['page'])));
}
if (!empty($_GPC['wid'])) {
$wid = intval($_GPC['wid']);
pdo_update('scratchcard_winner', array('status' => intval($_GPC['status'])), array('id' => $wid));
message('操作成功!', $this->createWebUrl('awardlist', array('id' => $id, 'page' => $_GPC['page'])));
}
$pindex = max(1, intval($_GPC['page']));
$psize = 50;
$where = '';
$starttime = !empty($_GPC['start']) ? strtotime($_GPC['start']) : strtotime(date("Y-m-d", TIMESTAMP));
$endtime = !empty($_GPC['end']) ? strtotime($_GPC['end']) : strtotime(date("Y-m-d", TIMESTAMP));
$endtime = $endtime + 86400 - 1;
$condition = array('isregister' => array('', " AND b.realname <> ''", " AND b.realname = ''"), 'isaward' => array('', " AND a.aid != '0'", " AND a.aid = '0'"), 'isstatus' => array('', " AND a.status != '0'", " AND a.status = '0'"), 'qq' => " AND b.qq ='{$_GPC['profilevalue']}'", 'mobile' => " AND b.mobile ='{$_GPC['profilevalue']}'", 'realname' => " AND b.realname ='{$_GPC['profilevalue']}'", 'title' => " AND a.award = '{$_GPC['awardvalue']}'", 'description' => " AND a.description = '{$_GPC['awardvalue']}'", 'starttime' => " AND a.createtime >= '{$starttime}'", 'endtime' => " AND a.createtime <= '{$endtime}'");
if (!isset($_GPC['isregister'])) {
$_GPC['isregister'] = 1;
}
$where .= $condition['isregister'][$_GPC['isregister']];
if (!isset($_GPC['isaward'])) {
$_GPC['isaward'] = 1;
}
$where .= $condition['isaward'][$_GPC['isaward']];
if (!empty($_GPC['profile'])) {
$where .= $condition[$_GPC['profile']];
}
if (!empty($_GPC['award'])) {
$where .= $condition[$_GPC['award']];
}
if (!isset($_GPC['isstatus'])) {
$_GPC['isstatus'] = 0;
}
$where .= $condition['isstatus'][$_GPC['isstatus']];
if (!empty($starttime)) {
$where .= $condition['starttime'];
}
if (!empty($endtime)) {
$where .= $condition['endtime'];
}
$sql = "SELECT a.id, a.award, a.description, a.status, a.createtime, b.realname, b.mobile, b.qq FROM " . tablename('scratchcard_winner') . " AS a\n\t\t\t\tLEFT JOIN " . tablename('fans') . " AS b ON a.from_user = b.from_user WHERE a.rid = '{$id}' AND a.award <> '' {$where} ORDER BY a.createtime DESC, a.status ASC LIMIT " . ($pindex - 1) * $psize . ",{$psize}";
$list = pdo_fetchall($sql);
if (!empty($list)) {
$total = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename('scratchcard_winner') . " AS a\n\t\t\t\tLEFT JOIN " . tablename('fans') . " AS b ON a.from_user = b.from_user WHERE a.rid = '{$id}' AND a.award <> '' {$where}");
$pager = pagination($total, $pindex, $psize);
}
include $this->template('awardlist');
}
public function doWebAwardlist()
{
global $_GPC, $_W;
load()->func('tpl');
checklogin();
$id = intval($_GPC['id']);
if (checksubmit('delete')) {
if (is_array($_GPC['select'])) {
pdo_delete('egg_winner', " id IN ('" . implode("','", $_GPC['select']) . "')");
message('删除成功!', $this->createWebUrl('awardlist', array('id' => $id, 'page' => $_GPC['page'])));
}
message('未选择任何记录,无法删除!', '', 'error');
}
if (!empty($_GPC['wid'])) {
$wid = intval($_GPC['wid']);
pdo_update('egg_winner', array('status' => intval($_GPC['status'])), array('id' => $wid));
message('操作成功!', $this->createWebUrl('awardlist', array('id' => $id, 'page' => $_GPC['page'])));
}
$pindex = max(1, intval($_GPC['page']));
$psize = 15;
$where = '';
if (empty($starttime) || empty($endtime)) {
$starttime = strtotime('-1 month');
$endtime = TIMESTAMP;
}
if (!empty($_GPC['daterange'])) {
$starttime = strtotime($_GPC['daterange']['start']);
$endtime = strtotime($_GPC['daterange']['end']) + 86399;
}
$condition = array('isregister' => array('0' => '', '1' => " AND b.realname <> ''", '2' => " AND b.realname = ''"), 'isaward' => array('0' => '', '1' => " AND a.award <> ''", '2' => " AND a.award = ''"), 'qq' => " AND b.qq LIKE '%{$_GPC['profilevalue']}%'", 'mobile' => " AND b.mobile LIKE '%{$_GPC['profilevalue']}%'", 'realname' => " AND b.realname LIKE '%{$_GPC['profilevalue']}%'", 'title' => " AND a.award LIKE '%{$_GPC['awardvalue']}%'", 'description' => " AND a.description LIKE '%{$_GPC['awardvalue']}%'", 'starttime' => " AND a.createtime >= '{$starttime}'", 'endtime' => " AND a.createtime <= '{$endtime}'");
$where .= $condition['isregister'][$_GPC['isregister']];
$where .= $condition['isaward'][$_GPC['isaward']];
if (!empty($_GPC['profile'])) {
$where .= $condition[$_GPC['profile']];
}
if (!empty($_GPC['award'])) {
$where .= $condition[$_GPC['award']];
}
$where .= $condition['starttime'];
$where .= $condition['endtime'];
$sql = "SELECT a.id, a.award, a.description, a.status, a.createtime, b.realname, b.mobile, b.qq FROM " . tablename('egg_winner') . " a\r\n\t\t\t\tJOIN " . tablename('mc_mapping_fans') . " f on f.openid = a.from_user JOIN " . tablename('mc_members') . " b ON b.uid = f.uid\r\n\t\t\t\tWHERE a.rid = '{$id}' {$where} ORDER BY a.createtime DESC, a.status ASC LIMIT " . ($pindex - 1) * $psize . ",{$psize}";
$list = pdo_fetchall($sql);
if (!empty($list)) {
$sql = "SELECT COUNT(*) FROM " . tablename('egg_winner') . " AS a JOIN " . tablename('mc_mapping_fans') . " AS f on f.openid = a.from_user\r\n\t\t\t\t\tJOIN " . tablename('mc_members') . " b ON b.uid = f.uid WHERE a.rid = '{$id}' ";
$total = pdo_fetchcolumn($sql);
$pager = pagination($total, $pindex, $psize);
}
include $this->template('awardlist');
}
function index()
{
//user must be logged in
checklogin();
/*** move to model after demo ***/
$data['tables'] = $this->db->query("SELECT * FROM " . DATABASE_TABLE_RULES . " WHERE is_hidden=0")->result();
$data['groups'] = $this->db->query("SELECT * FROM " . DATABASE_MENU_GROUPS)->result();
$meta['company_info'] = $this->ContentModel->getCompanyInfo();
$meta['page_title'] = "Welcome";
$meta['breadcrumbs']['none'] = 'search';
$this->load->view('includes/header', $meta);
$this->load->view('homeview', $data);
$this->load->view('includes/footer');
/*** end move to model after demo ***/
}
public function doWebDeleteaward()
{
checklogin();
global $_W, $_GPC;
$id = intval($_GPC['id']);
$rid = intval($_GPC['rid']);
$sql = "SELECT id FROM " . tablename('stonefish_luckynum_award') . " WHERE `id`=:id";
$row = pdo_fetch($sql, array(':id' => $id));
if (empty($row)) {
message('抱歉,奖品不存在或是已经被删除!', '', 'error');
}
if (pdo_delete('stonefish_luckynum_award', array('id' => $id))) {
message('奖品删除成功', murl('platform/reply/post', array('m' => 'stonefish_luckynum', 'rid' => $rid)), 'success');
}
}
public function doWebDisplay()
{
global $_GPC, $_W;
checklogin();
$id = intval($_GPC['id']);
if (checksubmit('delete')) {
pdo_delete('exchange_record', " id IN ('" . implode("','", $_GPC['select']) . "')");
message('删除成功!', $this->createWebUrl('display', array('id' => $id, 'page' => $_GPC['page'])));
}
$pindex = max(1, intval($_GPC['page']));
$psize = 15;
$exchangeinfo = pdo_fetchall('SELECT * FROM ' . tablename('exchange_record') . ' WHERE rid= :rid ORDER BY `id` desc LIMIT ' . ($pindex - 1) * $psize . ',' . $psize, array(':rid' => $id));
$total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('exchange_record') . " WHERE weid = '{$_W['weid']}' AND rid = '{$id}' ");
$pager = pagination($total, $pindex, $psize);
include $this->template('display');
}
public function doWebDisplay()
{
global $_GPC, $_W;
checklogin();
$id = intval($_GPC['id']);
if (checksubmit('delete')) {
pdo_delete('lxy_signin_record', " id IN ('" . implode("','", $_GPC['select']) . "')");
message('删除成功!', $this->createWebUrl('display', array('id' => $id, 'page' => $_GPC['page'])));
}
$pindex = max(1, intval($_GPC['page']));
$psize = 15;
$signinlist = pdo_fetchall('SELECT * FROM ' . tablename('lxy_signin_record') . ' WHERE weid= :weid order by `id` desc LIMIT ' . ($pindex - 1) * $psize . ',' . $psize, array(':weid' => $_W['weid']));
$total = pdo_fetchcolumn('SELECT count(1) as totle FROM ' . tablename('lxy_signin_record') . ' WHERE weid= :weid order by `id` desc ', array(':weid' => $_W['weid']));
$pager = pagination($total, $pindex, $psize);
include $this->template('display');
}
public function doWebmanage()
{
global $_GPC, $_W;
checklogin();
$id = intval($_GPC['id']);
if (checksubmit('delete') && !empty($_GPC['select'])) {
pdo_delete($this->tablename, " id IN ('" . implode("','", $_GPC['select']) . "')");
message('删除成功!', create_url('site/module/manage', array('name' => 'msg', 'id' => $id, 'page' => $_GPC['page'])));
}
$pindex = max(1, intval($_GPC['page']));
$psize = 20;
$list = pdo_fetchall("SELECT * FROM " . tablename('msg_reply') . " AS a INNER JOIN " . tablename('fans') . " AS b ON a.fid=b.id WHERE a.rid = '{$id}' ORDER BY a.create_time DESC LIMIT " . ($pindex - 1) * $psize . ",{$psize}");
if (!empty($list)) {
$total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('msg_reply') . " WHERE rid = '{$id}'");
$pager = pagination($total, $pindex, $psize);
}
include $this->template('manage');
}
function menu($id)
{
checklogin();
$data['group'] = $this->memcached_library->get("navigation_menu_group_{$id}");
$data['tables'] = $this->memcached_library->get("navigation_menu_data_tables_{$id}");
if (!$data['group']) {
$data['group'] = $this->db->query("SELECT * FROM " . DATABASE_MENU_GROUPS . " WHERE id='{$id}'")->row();
// $this->memcached_library->set("navigation_menu_group_$id", $data['group']);
}
if (!$data['tables']) {
$data['tables'] = $this->db->query("SELECT m.table_name FROM " . DATABASE_TABLE_RULES . " m JOIN " . DATABASE_MENU_GROUPS . " n ON n.id=m.group_id WHERE m.is_hidden=0 AND n.id='{$id}' ORDER BY m.`order`")->result();
// $this->memcached_library->set("navigation_menu_data_tables_$id", $data['tables']);
}
if (strtolower($data['group']->group_name) != 'reports') {
$t = (array) $data['tables'];
###
$e = $this->session->userdata('user');
$f = $e['access'];
// echo "<pre>";
// print_r($f);
// echo "</pre>";die()
###
$g = array();
foreach ($t as $tt) {
if (in_array($tt->table_name, $f)) {
$g[] = $tt->table_name;
}
}
// echo "<pre>";
// print_r($g);
// echo "</pre>";die();
redirect('/content/' . $g[0]);
exit;
} else {
$data['reports'] = $this->memcached_library->get("navigation_menu_data_reports");
if (!$data['reports']) {
$data['reports'] = $this->db->query("SELECT * FROM " . DATABASE_REPORTS)->result();
//$this->memcached_library->set("navigation_menu_data_reports", $data['reports']);
}
$t = (array) $data['reports'];
redirect('/reports/' . $t[0]->id);
exit;
}
}
public function doWebSetout()
{
global $_GPC, $_W;
checklogin();
$id = intval($_GPC['id']);
$rid = $_GPC['rid'];
$item = pdo_fetch('SELECT * FROM ' . tablename($this->wintable) . ' WHERE id=:id ', array(':id' => $id));
if (checksubmit('submit')) {
$data = array('sendwcontinuedays' => $_GPC['sendwcontinuedays'] + intval($item['sendwcontinuedays']), 'sendwsumdays' => $_GPC['sendwsumdays'] + intval($item['sendwsumdays']), 'sendwsumfirst' => $_GPC['sendwsumfirst'] + intval($item['sendwsumfirst']), 'wcontinuedays' => $item['wcontinuedays'] - intval($_GPC['sendwcontinuedays']), 'wsumdays' => $item['wsumdays'] - $_GPC['sendwsumdays'], 'wsumfirst' => $item['wsumfirst'] - $_GPC['sendwsumfirst']);
//上传图片
if (empty($id)) {
message('发放异常!', '', 'error');
} else {
pdo_update($this->wintable, $data, array('id' => $id));
}
message('发放奖品成功!', $this->createWebUrl('awardlist', array('id' => $rid)), 'success');
}
include $this->template('awardsent');
}
public function doWebList()
{
global $_W, $_GPC;
checklogin();
$id = intval($_GPC['id']);
if (checksubmit('delete') && !empty($_GPC['select'])) {
pdo_delete('timeaxis', " id IN ('" . implode("','", $_GPC['select']) . "')");
message('删除成功!', create_url('site/module', array('do' => 'list', 'name' => 'timeaxis')));
}
$pindex = max(1, intval($_GPC['page']));
$psize = 10;
$timelist = pdo_fetchall("SELECT * FROM " . tablename('timeaxis') . " WHERE weid=:wid ORDER BY id ASC LIMIT " . ($pindex - 1) * $psize . ",{$psize}", array(':wid' => $_W['weid']));
//print_r($list);
if (!empty($timelist)) {
$total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('timeaxis'));
$pager = pagination($total, $pindex, $psize);
}
include $this->template('list');
}
public function doList()
{
global $_GPC, $_W;
checklogin();
$weid = $_W['weid'];
if (checksubmit('delete')) {
pdo_delete('heka_list', " id IN ('" . implode("','", $_GPC['select']) . "')");
message('删除成功!', create_url('site/module', array('do' => 'list', 'name' => 'heka', 'page' => $_GPC['page'])));
}
$pindex = max(1, intval($_GPC['page']));
$psize = 50;
$where = '';
$sql = "SELECT * FROM " . tablename('heka_list') . " WHERE weid = {$weid} ORDER BY create_time DESC LIMIT " . ($pindex - 1) * $psize . ",{$psize}";
$list = pdo_fetchall($sql);
if (!empty($list)) {
$total = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename('heka_list') . " WHERE weid = {$weid}");
$pager = pagination($total, $pindex, $psize);
}
include $this->template('list');
}
public function doUploadMusic()
{
global $_W;
checklogin();
if (empty($_FILES['attachFile']['name'])) {
$result['message'] = '请选择要上传的音乐!';
exit(json_encode($result));
}
if ($_FILES['attachFile']['error'] != 0) {
$result['message'] = '上传失败,请重试!';
exit(json_encode($result));
}
if ($file = $this->fileUpload($_FILES['attachFile'], 'music')) {
if (!$file['success']) {
exit(json_encode($file));
}
$result['url'] = $_W['config']['upload']['attachdir'] . $file['path'];
$result['error'] = 0;
$result['filename'] = $file['path'];
exit(json_encode($result));
}
}
function checkfacebook()
{
require './fb/facebook.php';
$facebook = new Facebook(array('appId' => '430750040324017', 'secret' => '9270d721dd3ace32a18e0548a1aee947', 'cookie' => true));
$user = $facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
if ($user) {
$logoutUrl = $facebook->getLogoutUrl();
echo "<br>{$user_profile['id']}<br>{$user_profile['username']}";
$fbuser = $user_profile['username'];
$fbpw = $user_profile['id'];
$fbfname = $user_profile['first_name'];
$fblname = $user_profile['last_name'];
$datetime = date('Y-m-d H:i:s', time());
if (checklogin($fbuser, $fbpw)) {
echo "Welcome back";
} else {
$postsql = "INSERT INTO `userinfo` VALUES (NULL, '{$fbuser}','{$fbfname}','{$fblname}', '{$fbpw}', 1, '{$datetime}', 0);";
include 'uploadinformation.php';
postthing($postsql);
}
$_SESSION['email'] = $fbuser;
$_SESSION['pass'] = $fbpw;
$_SESSION['facebook'] = 1;
header("Location: http://localhost/givemebook/index.php");
} else {
$loginUrl = $facebook->getLoginUrl();
echo "{$loginUrl}";
header("Location: {$loginUrl}");
}
}
function registreerNieuweUser($login, $pasw)
{
//controleren of de login reeds gebruikt is....
$connection = new W_DatabaseHelper("cms");
$querystring = "SELECT * \n\t\t\t\t\t\t FROM users \n\t\t\t\t\t\t WHERE naam LIKE :login \n\t\t\t\t\t\t";
$bindValues = [":login" => $login];
$resultset = $connection->query($querystring, $bindValues);
//$resultset = $connection->query($querystring);
//var_dump($resultset);
if (sizeof($resultset) > 0) {
$resultmessage = "Deze naam is reeds in gebruik. Gelieve een andere login te kiezen.";
} else {
$querystring = "INSERT INTO users(naam, paswoord) \n\t\t\t\t\t\t\tVALUES (:login, :pasw) \n\t\t\t\t\t\t\t";
$bindValues = [":login" => $login, ":pasw" => $pasw];
$resultset = $connection->query($querystring, $bindValues);
$validatedUser = checklogin($login, $pasw);
$resultmessage = "Proficiat met uw registratie. U bent meteen ook ingelogd met uw nieuwe login en paswoord.";
$_SESSION["user"] = $validatedUser;
$_SESSION["username"] = $login;
}
return $resultmessage;
}
public function doSet()
{
global $_GPC, $_W;
checklogin();
if ($_GPC['action'] == 'save') {
$id = intval($_GPC['id']);
$data = array('weid' => $_W['weid'], 'status' => intval($_GPC['status']), 'isshow' => intval($_GPC['isshow']));
if ($id == 0) {
$temp = pdo_insert('message_reply', $data);
} else {
$temp = pdo_update('message_reply', $data, array('weid' => $_W['weid'], 'id' => $id));
}
if ($temp === false) {
message('数据保存错误,请稍后再试试');
} else {
message('数据更新成功!', $this->createWebUrl('Set'), 'success');
}
}
$message = pdo_fetch("SELECT id, isshow FROM " . tablename('message_reply') . " WHERE weid = '{$_W['weid']}' LIMIT 1");
if ($message == false) {
$message = array('id' => 0, 'status' => 1, 'isshow' => 1);
}
include $this->template('set');
}
<?php
/**
* [Weizan System] Copyright (c) 2014 012WZ.COM
* Weizan is NOT a free software, it under the license terms, visited http://www.012wz.com/ for more details.
*/
defined('IN_IA') or exit('Access Denied');
include_once 'common/common.inc.php';
global $_W, $_GPC;
checklogin();
$_W['page']['title'] = "购买短信";
$ops = array("record");
$op = in_array($_GPC["op"], $ops) ? $_GPC["op"] : "display";
$settings = get_settings();
if ($_W['ispost'] && $_W['isajax']) {
$number = intval($_GPC["number"]);
$result = array("code" => 0, "message" => "提交失败,请重试!");
if ($_W["user"]["uid"] <= 0) {
die(json_encode(array("code" => 0, "message" => "获取身份失败,请重新登录")));
}
if ($_W["user"]["credit2"] <= 0) {
die(json_encode(array("code" => 1, "message" => "余额不足,请进行充值", "url" => $this->createWebUrl("Recharge"))));
}
if ($number < 1) {
die(json_encode(array("code" => 0, "message" => "至少购买1条")));
}
$price = 0.1;
if (!empty($settings) && doubleval($settings["dx_UnitPrice"]) > 0) {
$price = doubleval($settings["dx_UnitPrice"]);
}
$total = $price * $number;
public function doWebOrder()
{
global $_GPC, $_W;
checklogin();
$hotelid = intval($_GPC['hotelid']);
$hotel = pdo_fetch("select id,title from " . tablename('hotel2') . " where id=:id limit 1", array(":id" => $hotelid));
$roomid = intval($_GPC['roomid']);
$room = pdo_fetch("select id,title from " . tablename('hotel2_room') . " where id=:id limit 1", array(":id" => $roomid));
$op = $_GPC['op'];
if ($op == 'edit') {
$id = $_GPC['id'];
if (!empty($id)) {
$item = pdo_fetch("SELECT * FROM " . tablename('hotel2_order') . " WHERE id = :id", array(':id' => $id));
if (empty($item)) {
message('抱歉,订单不存在或是已经删除!', '', 'error');
}
}
if (checksubmit('submit')) {
$old_status = $_GPC['old_status'];
$data = array('status' => $_GPC['status'], 'msg' => $_GPC['msg'], 'mngtime' => time());
$params = array();
$sql = "SELECT id, roomdate, num FROM " . tablename('hotel2_room_price');
$sql .= " WHERE 1 = 1";
$sql .= " AND roomid = :roomid";
$sql .= " AND roomdate >= :btime AND roomdate < :etime";
$sql .= " AND status = 1";
$params[':roomid'] = $item['roomid'];
$params[':btime'] = $item['btime'];
$params[':etime'] = $item['etime'];
//订单确认
if ($data['status'] == 1 && $old_status != 1) {
$room_date_list = pdo_fetchall($sql, $params);
if ($room_date_list) {
//$change_data = array();
foreach ($room_date_list as $key => $value) {
$num = $value['num'];
if ($num > 0) {
if ($num > $item['nums']) {
$now_num = $num - $item['nums'];
} else {
$now_num = 0;
}
pdo_update('hotel2_room_price', array('num' => $now_num), array('id' => $value['id']));
}
}
}
}
//订单取消
//print_r($old_status . '=>' . $data['status']); exit;
if ($old_status == 1 && ($data['status'] == -1 || $data['status'] == 2)) {
$room_date_list = pdo_fetchall($sql, $params);
if ($room_date_list) {
foreach ($room_date_list as $key => $value) {
$num = $value['num'];
if ($num >= 0) {
$now_num = $num + $item['nums'];
pdo_update('hotel2_room_price', array('num' => $now_num), array('id' => $value['id']));
}
}
}
}
pdo_update('hotel2_order', $data, array('id' => $id));
message('订单信息处理完成!', $this->createWebUrl('order', array('hotelid' => $hotelid, "roomid" => $roomid)), 'success');
}
$btime = $item['btime'];
$etime = $item['etime'];
$start = date('m-d', $btime);
$end = date('m-d', $etime);
//日期列
$days = ceil(($etime - $btime) / 86400);
//print_r($days);exit;
$date_array = array();
$date_array[0]['date'] = $start;
$date_array[0]['day'] = date('j', $btime);
$date_array[0]['time'] = $btime;
$date_array[0]['month'] = date('m', $btime);
if ($days > 1) {
for ($i = 1; $i < $days; $i++) {
$date_array[$i]['time'] = $date_array[$i - 1]['time'] + 86400;
$date_array[$i]['date'] = date('Y-m-d', $date_array[$i]['time']);
$date_array[$i]['day'] = date('j', $date_array[$i]['time']);
$date_array[$i]['month'] = date('m', $date_array[$i]['time']);
}
}
//print_r($date_array);exit;
$sql = "SELECT id, roomdate, num, status FROM " . tablename('hotel2_room_price');
$sql .= " WHERE 1 = 1";
$sql .= " AND roomid = :roomid";
$sql .= " AND roomdate >= :btime AND roomdate < :etime";
$sql .= " AND status = 1";
$params[':roomid'] = $item['roomid'];
$params[':btime'] = $item['btime'];
$params[':etime'] = $item['etime'];
$room_date_list = pdo_fetchall($sql, $params);
if ($room_date_list) {
$flag = 1;
} else {
$flag = 0;
}
$list = array();
if ($flag == 1) {
for ($i = 0; $i < $days; $i++) {
$k = $date_array[$i]['time'];
foreach ($room_date_list as $p_key => $p_value) {
//判断价格表中是否有当天的数据
if ($p_value['roomdate'] == $k) {
$list[$k]['status'] = $p_value['status'];
if (empty($p_value['num'])) {
$list[$k]['num'] = 0;
} else {
if ($p_value['num'] == -1) {
$list[$k]['num'] = "不限";
} else {
$list[$k]['num'] = $p_value['num'];
}
}
$list[$k]['has'] = 1;
break;
}
}
//价格表中没有当天数据
if (empty($list[$k])) {
$list[$k]['num'] = "不限";
$list[$k]['status'] = 1;
}
}
} else {
//价格表中没有数据
for ($i = 0; $i < $days; $i++) {
$k = $date_array[$i]['time'];
$list[$k]['num'] = "不限";
$list[$k]['status'] = 1;
}
}
$member_info = pdo_fetch("SELECT from_user,isauto FROM " . tablename('hotel2_member') . " WHERE id = :id LIMIT 1", array(':id' => $item['memberid']));
include $this->template('order_form');
} else {
if ($op == 'delete') {
$id = intval($_GPC['id']);
$item = pdo_fetch("SELECT id FROM " . tablename('hotel2_order') . " WHERE id = :id LIMIT 1", array(':id' => $id));
if (empty($item)) {
message('抱歉,订单不存在或是已经删除!', '', 'error');
}
pdo_delete('hotel2_order', array('id' => $id));
message('删除成功!', referer(), 'success');
} elseif ($op == 'deleteall') {
foreach ($_GPC['idArr'] as $k => $id) {
$id = intval($id);
pdo_delete('hotel2_order', array('id' => $id));
}
$this->web_message('删除成功!', '', 0);
exit;
} else {
$weid = $_W['uniacid'];
$realname = $_GPC['realname'];
$mobile = $_GPC['mobile'];
$ordersn = $_GPC['ordersn'];
$roomtitle = $_GPC['roomtitle'];
$hoteltitle = $_GPC['hoteltitle'];
$condition = '';
$params = array();
if (!empty($hoteltitle)) {
$condition .= ' AND h.title LIKE :hoteltitle';
$params[':hoteltitle'] = "%{$hoteltitle}%";
}
if (!empty($roomtitle)) {
$condition .= ' AND r.title LIKE :roomtitle';
$params[':roomtitle'] = "%{$roomtitle}%";
}
if (!empty($realname)) {
$condition .= ' AND o.name LIKE :realname';
$params[':realname'] = "%{$realname}%";
}
if (!empty($mobile)) {
$condition .= ' AND o.mobile LIKE :mobile';
$params[':mobile'] = "%{$mobile}%";
}
if (!empty($ordersn)) {
$condition .= ' AND o.ordersn LIKE :ordersn';
$params[':ordersn'] = "%{$ordersn}%";
}
if (!empty($hotelid)) {
$condition .= " and o.hotelid=" . $hotelid;
}
if (!empty($roomid)) {
$condition .= " and o.roomid=" . $roomid;
}
$status = $_GPC['status'];
if ($status != '') {
$condition .= " and o.status=" . intval($status);
}
$paystatus = $_GPC['paystatus'];
if ($paystatus != '') {
$condition .= " and o.paystatus=" . intval($paystatus);
}
$pindex = max(1, intval($_GPC['page']));
$psize = 20;
$list = pdo_fetchall("SELECT o.*,h.title as hoteltitle,r.title as roomtitle FROM " . tablename('hotel2_order') . " o left join " . tablename('hotel2') . "h on o.hotelid=h.id left join " . tablename("hotel2_room") . " r on r.id = o.roomid WHERE o.weid = '{$_W['uniacid']}' {$condition} ORDER BY o.id DESC LIMIT " . ($pindex - 1) * $psize . ',' . $psize, $params);
$total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('hotel2_order') . " o left join " . tablename('hotel2') . "h on o.hotelid=h.id left join " . tablename("hotel2_room") . " r on r.id = o.roomid WHERE o.weid = '{$_W['uniacid']}' {$condition}", $params);
$pager = pagination($total, $pindex, $psize);
include $this->template('order');
}
}
}
exit;
}
////////////////////////////////////////////////
// Image report
if (isset($_POST['report']) && check_set('SET_ALLOW_REPORT')) {
if (!report_img(cl($_POST['report']))) {
echo json_encode(array('status' => 0, 'error' => show_feedback(false)));
exit;
}
echo json_encode(array('status' => 1, 'suc' => show_feedback(false)));
exit;
}
////////////////////////////////////////////////
// admin only code below
// check if user is loged in as admin
if (!checklogin()) {
header('Location: index.php');
exit;
}
////////////////////////////////////////////////
// database backup
if (isset($_POST['act']) && $_POST['act'] == 'backup') {
$backup = isset($_POST['id']) ? $_POST['id'] : 1;
require_once 'lib/backup.class.php';
if (backup_imgdb($backup)) {
echo json_encode(array('status' => 1, 'suc' => show_feedback(false)));
exit;
} else {
echo json_encode(array('status' => 0, 'error' => show_feedback(false)));
exit;
}
<?php
checklogin($_GET["lock"]);
$query = "SELECT * FROM `tbl_accounts` WHERE `userid` = " . $_SESSION['GTUserID'];
$rs = mysql_query_with_throw($query);
$perpage = 20;
$currentpage = $_REQUEST['currentpage'] ? $_REQUEST['currentpage'] : '1';
$startrecord = ($currentpage - 1) * $perpage;
$totalrows = mysql_num_rows($rs);
//echo $query." ORDER BY `add_date` DESC LIMIT $startrecord, $perpage";
$result = mysql_query_with_throw($query . " ORDER BY `add_date` DESC LIMIT {$startrecord}, {$perpage}") or die(mysql_error());
$j = 1;
?>
<div class="gt-heading"><p class="sub-heading-label" >Dashboard</p></div>
<div class="gt-accountsection">
<h3 class="gt-subheading">Accounts Overview <span style="float:right;"><input type="button" name="button" id="button" value="+ Add New" class="rwsbutton" onclick="javascript:document.location.href='<?php
echo $baseurl;
?>
index.php?p=add-account&edit=true&add=new'" /><!-- <input type="button" name="button" id="button" value="View All" class="rwsbutton" onclick="javascript:document.location.href='<?php
echo $baseurl;
?>
index.php?p=accounts'" />--></span></h3>
<?php
if ($totalrows > 0) {
$k = 1;
while ($row = mysql_fetch_assoc($result)) {
if ($k == 1) {
?>
<div class="rws-listtitle">
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
// File: galaxy_new.php
include "config/config.php";
updatecookie();
// New database driven language entries
load_languages($db, $lang, array('main', 'port', 'galaxy', 'common', 'global_includes', 'global_funcs', 'footer'), $langvars, $db_logging);
global $l_map_title;
$title = $l_map_title;
include "header.php";
?>
<div class="tablecell content both-border">
<div class="pad">
<?php
if (checklogin()) {
die;
}
$res = $db->Execute("SELECT * FROM {$db->prefix}ships WHERE ship_id='{$user_ship_id}'");
db_op_result($db, $res, __LINE__, __FILE__, $db_logging);
$playerinfo = $res->fields;
$result3 = $db->Execute("SELECT distinct {$db->prefix}movement_log.sector_id, port_type, beacon FROM {$db->prefix}movement_log,{$db->prefix}universe WHERE ship_id = {$playerinfo['ship_id']} AND {$db->prefix}movement_log.sector_id={$db->prefix}universe.sector_id order by sector_id ASC;");
db_op_result($db, $result3, __LINE__, __FILE__, $db_logging);
$row = $result3->fields;
bigtitle();
$tile['special'] = "port-special.png";
$tile['ore'] = "port-ore.png";
$tile['organics'] = "port-organics.png";
$tile['energy'] = "port-energy.png";
$tile['goods'] = "port-goods.png";
$tile['none'] = "space.png";
