function done_transaction($oid, $vpnid)
{
$ret = order_dopayment($oid);
if ($ret === false) {
pay_error(CANTFINISH);
die;
}
/// 支付成功,开通服务并显示成功信息
$sql = "SELECT * FROM service WHERE id IN (SELECT serviceid FROM `order` WHERE id={$oid})";
$res = db_query($sql);
if ($res === false) {
pay_error(_("Can not find service correlate to order.id={$oid}, payment token={$token}"));
die;
}
$service = db_fetch_array($res);
/// 查找对应的 VPN 帐号
$vpnid = (int) $vpnid;
$vpns = db_quick_fetch('vpnaccount', "WHERE id={$vpnid}");
if (count($vpns) <= 0) {
vpn_log("No vpnid {$vpnid} found for order {$oid}");
return false;
}
$vpn = $vpns[0];
/// 下面的代码和 account_new.php 中的代码一致
/// 3. 账户余额足够,开通帐号
vpn_renew($vpn['username'], $service['duration'], $service['radiusgroup']);
/// 4. 发货(在 raidus 中设置帐号),并扣款
order_delivery($oid);
return true;
}
function account_pay($name, $pass, $serviceid)
{
global $smarty;
$user = user_isonline();
/// 如果账户余额足够,则直接扣款并继续操作;如果余额不足则显示付款页面,并在付款后继续操作
$amt = vpn_afford($serviceid, $user['email']);
$services = db_quick_fetch('service', "WHERE id={$serviceid}");
if (count($services) <= 0) {
vpn_log("Error: No such service id: {$serviceid}");
}
$service = $services[0];
/// 创建订单
$order = null;
if ($amt < 0) {
$order = order_new($serviceid, abs($amt));
} else {
$order = order_new($serviceid);
}
if ($order === false) {
vpn_log("Can not create order({$serviceid}, {$amt})");
$smarty->assign('tip_title', _('An error occur'));
$smarty->assign('tip_msg', _('Can not create order, please contact us for help'));
$smarty->display('tip.html');
die;
}
/// 向 order 表中增加 VPN 帐号信息
$qname = addslashes($name);
$vpns = db_quick_fetch('vpnaccount', "WHERE username='******'");
if (count($vpns) <= 0) {
vpn_log("No VPN username `{$name}' in vpnaccount table");
}
db_quick_update('order', "WHERE id={$order['orderid']}", array('vpnid' => $vpns[0]['id']));
if ($amt < 0) {
/// 余额不足时,显示付款页面,并在付款成功后继续开通帐号操作
//$smarty->assign('amount', abs($amt));
//$smarty->assign('service', $service);
$url = "order_preview.php?id={$order['orderid']}";
header("Location: {$url}");
$smarty->assign('redirect_url', $url);
$smarty->assign('tip_title', _('Redirect'));
$smarty->assign('tip_msg', _('Redirecting...'));
$smarty->display('tip.html');
die;
}
/// 3. 账户余额足够,开通帐号
//print_r($name);
//print_r($service);
vpn_renew($name, $service['duration'], $service['radiusgroup']);
/// 4. 发货(扣款)
order_delivery($order['orderid']);
$smarty->assign('tip_title', _('Success'));
$smarty->assign('tip_msg', _('Thank you for purchase, now you can go to My Account page to view you VPN account'));
$smarty->assign('redirect_url', 'account.php');
$smarty->display('tip.html');
}
/**
* 检查邀请码是否有效
*
* @return 成功返回 true,失败返回 false
*/
function reg_checkinvite($code)
{
$qcode = addslashes($code);
$res = db_quick_fetch('invite', "WHERE code='{$qcode}'");
if (count($res) <= 0) {
return false;
}
if ($res[0]['utime'] == null) {
return true;
} else {
return false;
}
}
/**
* 发货操作,将订单标记为已发货,并从用户账户中扣除货款
*/
function order_delivery($orderid)
{
$orderid = (int) $orderid;
$orders = db_quick_fetch('order', "WHERE id={$orderid}");
if (count($orders) <= 0) {
vpn_log("No such order id {$orderid}");
return false;
}
$order = $orders[0];
$services = db_quick_fetch('service', "WHERE id IN (SELECT serviceid FROM `order` WHERE id={$order['id']})");
if (count($services) <= 0) {
vpn_log("No service correlate to order #{$order['id']}");
return false;
}
/// FIXME: 这里应该增加失败回滚操作
$sql1 = "UPDATE `order` SET delivered=1 WHERE id={$orderid}";
$sql2 = "UPDATE account SET balance=balance-{$services[0]['price']} WHERE id={$order['uid']}";
db_query($sql1);
db_query($sql2);
db_quick_update('order', "WHERE id={$orderid} AND ISNULL(paidtime)", array('paidtime' => time()));
return true;
}
/**
* 为 $uid 用户生成一个邀请码
*
* 从 INVITECODE_MINLEN 长度开始生成邀请码,如果生成的邀请码已经存在了,则生成一个更长的邀请码,直到得到在数据库中不存在的邀请码为止
*
* @return 成功返回验证码,失败返回 false
*/
function invite_generate($uid)
{
$uid = (int) $uid;
$code = '';
if ($uid == 0) {
vpn_log('Invalid argument: $uid == 0');
return false;
}
/// 没人会使用 99 位长度的验证码吧
for ($len = INVITECODE_MINLEN; $len < 99; $len++) {
$code = invite_randstr($len);
$res = db_quick_fetch('invite', "WHERE code='{$code}'");
if (count($res) == 0) {
break;
}
}
if ($len >= 99) {
vpn_log("Invite code out of length: {$len}");
return false;
}
/// FIXME: 要不要检查用户是否存在捏?
$ts = time();
$qcode = addslashes($code);
$sql = "INSERT INTO invite (code, uid, ctime, utime) VALUES ('{$qcode}', {$uid}, {$ts}, NULL)";
db_query($sql);
return $code;
}
require_once 'includes/order.lib.php';
require_once 'includes/vpn.php';
$aid = @$_GET['vpnid'];
$aid = (int) $aid;
$user = user_isonline();
if ($user === false) {
renew_error(_('You have to login before renew your VPN account'));
die;
}
$accounts = db_quick_fetch('vpnaccount', "WHERE id={$aid} AND uid={$user['id']}");
if (count($accounts) <= 0) {
renew_error(_('VPN account not exists'));
die;
}
$account = $accounts[0];
$services = db_quick_fetch('service', "WHERE id IN (SELECT serviceid FROM (SELECT DISTINCT serviceid FROM `order` WHERE NOT ISNULL(paidtime) AND vpnid={$account['id']} ORDER BY id DESC LIMIT 1) AS t)");
if (count($services) <= 0) {
vpn_log("Could not find correlate service id for vpnaccount id {$account['id']}");
renew_error(_('Can not renew, please contact us for help'));
die;
}
$service = $services[0];
$amt = vpn_afford($service['id'], $user['email']);
/// 开始支付过程
if ($amt <= 0) {
$order = order_new($service['id'], -$amt);
} else {
$order = order_new($service['id']);
}
if ($order === false) {
vpn_log("Can not get order via order_new('{$service['id']}')");
<?php
require_once 'includes/header.php';
$user = user_isonline();
if ($user === false) {
if (!isset($_GET['json'])) {
$smarty->assign('tip_title', _('Login Required'));
$smarty->assign('tip_msg', _('You have to login to access Server List'));
$smarty->display('tip.html');
} else {
echo json_encode(array('error' => _('You have to login to access Server List')));
}
die;
}
$servers = db_quick_fetch('server', 'WHERE enabled=1');
for ($i = 0; $i < count($servers); $i++) {
if ($user === false) {
$servers[$i]['address'] = _("*HIDDEN*");
}
$servers[$i]['uptimestr'] = time2readable($servers[$i]['uptime'], 3);
/// 处理在线信息及流量信息
if (time() - $servers[$i]['heartbeat'] > SERVER_ALIVE_THRESHOLD) {
$servers[$i]['isonline'] = 0;
$servers[$i]['rtratestr'] = _('Unknown');
} else {
$servers[$i]['isonline'] = 1;
$servers[$i]['rtrate'] = $servers[$i]['rxrate'] + $servers[$i]['txrate'];
$servers[$i]['rtratestr'] = bps2readable($servers[$i]['rtrate']);
}
}
if (isset($_GET['json'])) {
/**
* 将用户重定向到 PayPal 付款页面以便让用户进行付款。
* 注意,该函数将直接向用户浏览器发送 Location 头,用户将离开本站
*
* @param $oid 订单编号
* @return 失败返回 false,成功则跳转到 PayPal 付款页面,并返回 true
*/
function paypal_redirect($oid)
{
global $smarty;
$oid = (int) $oid;
$payments = db_quick_fetch('payment', "WHERE orderid={$oid}");
if ($payments === false || count($payments) <= 0) {
vpn_log("No such order id {$oid} in payment table");
return false;
}
$payment = $payments[0];
$url = sprintf(PAYPAL_REDIRECTURL, $payment['token']);
header("Location: {$url}");
$smarty->assign('tip_title', _('Redirect'));
$smarty->assign('tip_msg', _('Redirecting you to PayPal'));
$smarty->assign('redirect_url', $url);
$smarty->assign('redirect_delay', 3000);
$smarty->display('tip.html');
return true;
}
<?php
require_once 'includes/header.php';
$user = user_isonline();
if ($user === false) {
$smarty->assign(array('tip_title' => _('Login Require'), 'tip_msg' => _('You have to login before access this page')));
$smarty->display('tip.html');
die;
}
/// 为用户生成足够的验证码,并读取之
$res = db_quick_fetch('invite', "WHERE uid={$user['id']} ORDER BY utime ASC");
for ($i = count($res); $i < INVITECODE_MAXINUM; $i++) {
invite_generate($user['id']);
}
if (count($res) < INVITECODE_MAXINUM) {
$res = db_quick_fetch('invite', "WHERE uid={$user['id']} ORDER BY utime ASC");
}
for ($i = 0; $i < count($res); $i++) {
if ($res[$i]['utime'] == null) {
$res[$i]['used'] = 0;
} else {
$res[$i]['used'] = 1;
}
}
$smarty->assign('codes', $res);
$smarty->display('invitecode.html');
/**
* 计算用户现有账户是否足以支付此项服务,并返回如果购买了此项服务后账户的净余额
*
* @return 足够支付返回非负数,不够支付返回负数
*/
function vpn_afford($serviceid, $email)
{
$serviceid = (int) $serviceid;
$res = db_quick_fetch('service', "WHERE id={$serviceid}");
if (count($res) <= 0) {
vpn_log("No such service id {$serviceid}");
return false;
}
$user = user_get($email);
if ($user == false) {
vpn_log("No such user `{$email}'");
return false;
}
return $user['balance'] + $user['credit'] - $res[0]['price'];
}
/// vpnaccount 表中已经超时的帐号最长能够保留多少时间,单位(秒)
tool_log(_('SeaVPN VPN Account Cleanup Autotool'));
tool_log(_('This script will check vpnaccount table, filter out the expired accounts, and remove them'));
/// 第 1 步,从 vpnaccount 表中找出所有已经过期的帐号,将其从 RADIUS 表中删除
$ts = time();
$vpns = db_quick_fetch('vpnaccount', "WHERE validto<{$ts}");
$vpns_count = count($vpns);
tool_log(_("There is {$vpns_count} accounts expired in table vpnaccount"));
for ($i = 0; $i < $vpns_count; $i++) {
$ret = vpn_del($vpns[$i]['username']);
if ($ret === true) {
tool_log(_("Delete user `{$vpns[$i]['username']}' from RADIUS check table successed"));
} else {
tool_log(_("Delete user `{$vpns[$i]['username']}' from RADIUS check table FAILED ({$ret})"));
}
}
/// 第 2 步,从 vpnaccount 表中彻底删除帐号
$ts -= VPNACCOUNT_RESERVE_TIME;
$expiredays = VPNACCOUNT_RESERVE_TIME / 86400;
$vpns = db_quick_fetch('vpnaccount', "WHERE validto<{$ts}");
$vpns_count = count($vpns);
tool_log(_("There is {$vpns_count} accounts expired more than {$expiredays} days in table vpnaccount"));
for ($i = 0; $i < $vpns_count; $i++) {
$ret = vpn_purge($vpns[$i]['username']);
if ($ret === true) {
tool_log(_("Delete user `{$vpns[$i]['username']}' from vpnaccount table successed"));
} else {
tool_log(_("Delete user `{$vpns[$i]['username']}' from vpnaccount table FAILED ({$ret})"));
}
}
tool_log(_('VPN Account Cleanup Autotool finished'));
<?php
require_once 'includes/header.php';
require_once 'includes/vpn.php';
$id = (int) @$_GET['id'];
$pass = @$_GET['passwd'];
if ($pass == '') {
json_error(_('Empty password is no acceptable'));
die;
}
$user = user_isonline();
if ($user === false) {
json_error(_('You have to login before change VPN account password'));
die;
}
$vpns = db_quick_fetch('vpnaccount', "WHERE uid={$user['id']} AND id={$id}");
if (count($vpns) <= 0) {
json_error(_('VPN account is not exists'));
die;
}
$ret = vpn_passwd($vpns[0]['username'], $pass);
if ($ret === true) {
echo json_encode(array('success' => 1));
} else {
json_error($ret);
}
die;
function json_error($msg)
{
echo json_encode(array('error' => $msg));
}
<?php
require_once 'includes/header.php';
require_once 'includes/order.lib.php';
$oid = (int) @$_POST['id'];
/// 先检查这个订单是不是已经支付过了
$orders = db_quick_fetch('order', "WHERE id={$oid}");
if (count($orders) <= 0) {
pay_error('No such order');
die;
}
$order = $orders[0];
if ($order['paidtime'] != null) {
$smarty->assign('tip_title', _('Error'));
$smarty->assign('tip_msg', _('This order is already paid'));
$smarty->assign('redirect_url', $url);
$smarty->assign('redirect_delay', 1);
$smarty->display('tip.html');
die;
}
/// 生成订单并跳转到支付页面
$order = order_request($oid);
if ($order === false) {
pay_error(_('An error occured, please contact us for help'));
die;
}
order_redirect($oid);
function pay_error($msg)
{
global $smarty;
$smarty->assign(array('tip_title' => _('ERROR'), 'tip_msg' => _($msg)));
/**
* 当前登录用户是否是管理员
*
* @return TRUE 或 FALSE
*/
function user_isadmin()
{
$user = user_isonline();
if ($user === FALSE) {
return false;
}
$res = db_quick_fetch('admin', "WHERE uid={$user['id']}");
if (count($res) == 1) {
return true;
} else {
return false;
}
}