public function doMobileregister()
{
global $_GPC, $_W;
if (checksubmit()) {
$weid = $this->_weid;
$from_user = $this->_from_user;
$set = $this->_set_info;
$member = array();
$member['from_user'] = $from_user;
$member['username'] = $_GPC['username'];
$member['password'] = $_GPC['password'];
//print_r($_GPC);exit;
if (!preg_match(REGULAR_USERNAME, $member['username'])) {
die(json_encode(array("result" => 0, "error" => "必须输入用户名,格式为 3-15 位字符,可以包括汉字、字母(不区分大小写)、数字、下划线和句点。")));
}
// if (!preg_match(REGULAR_USERNAME, $member['from_user'])) {
// die(json_encode(array("result" => 0, "error" => "微信号码获取失败。")));
//}
if (hotel_member_check(array('from_user' => $member['from_user'], 'weid' => $weid))) {
die(json_encode(array("result" => 0, "error" => "非常抱歉,此用微信号已经被注册,你可以直接使用注册时的用户名登录,或者更换微信号注册!")));
}
if (hotel_member_check(array('username' => $member['username'], 'weid' => $weid))) {
die(json_encode(array("result" => 0, "error" => "非常抱歉,此用户名已经被注册,你需要更换注册用户名!")));
}
if (istrlen($member['password']) < 6) {
die(json_encode(array("result" => 0, "error" => "必须输入密码,且密码长度不得低于6位。")));
}
$member['salt'] = random(8);
$member['password'] = hotel_member_hash($member['password'], $member['salt']);
$member['weid'] = $weid;
$member['mobile'] = $_GPC['mobile'];
$member['realname'] = $_GPC['realname'];
$member['createtime'] = time();
$member['status'] = 1;
$member['isauto'] = 0;
pdo_insert('hotel2_member', $member);
$member['id'] = pdo_insertid();
$member['user_set'] = $set['user'];
//注册成功
hotel_set_userinfo(1, $member);
$url = $this->createMobileUrl('search');
die(json_encode(array("result" => 1, "url" => $url)));
} else {
//$css_url = $this->_css_url;
include $this->template('register');
}
}
public function doWebStores()
{
global $_W, $_GPC;
checklogin();
$action = 'stores';
$title = '门店管理';
$url = $this->createWebUrl($action, array('op' => 'display'));
$area = pdo_fetchall("SELECT * FROM " . tablename($this->modulename . '_area') . " where weid = '{$_W['uniacid']}' ORDER BY displayorder DESC");
$operation = !empty($_GPC['op']) ? $_GPC['op'] : 'display';
if ($operation == 'display') {
if (checksubmit('submit')) {
//排序
if (is_array($_GPC['displayorder'])) {
foreach ($_GPC['displayorder'] as $id => $val) {
$data = array('displayorder' => intval($_GPC['displayorder'][$id]));
pdo_update($this->modulename . '_stores', $data, array('id' => $id));
}
}
message('操作成功!', $url);
}
$pindex = max(1, intval($_GPC['page']));
$psize = 15;
$where = "WHERE weid = '{$_W['uniacid']}'";
$storeslist = pdo_fetchall("SELECT * FROM " . tablename($this->modulename . '_stores') . " {$where} order by displayorder desc,id desc LIMIT " . ($pindex - 1) * $psize . ",{$psize}");
if (!empty($gifts)) {
$total = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename($this->modulename . '_stores') . " {$where}");
$pager = pagination($total, $pindex, $psize);
}
include $this->template('stores');
} elseif ($operation == 'post') {
load()->func('tpl');
$id = intval($_GPC['id']);
//门店编号
$reply = pdo_fetch("select * from " . tablename($this->modulename . '_stores') . " where id=:id and weid =:weid", array(':id' => $id, ':weid' => $_W['uniacid']));
if (!empty($id)) {
if (empty($reply)) {
message('抱歉,数据不存在或是已经删除!', '', 'error');
} else {
// if (!empty($reply['thumb_url'])) {
// $reply['thumbArr'] = explode('|', $reply['thumb_url']);
// }
}
}
$piclist = unserialize($reply['thumb_url']);
if (checksubmit('submit')) {
$data = array();
$data['weid'] = intval($_W['uniacid']);
$data['areaid'] = intval($_GPC['area']);
$data['title'] = trim($_GPC['title']);
$data['info'] = trim($_GPC['info']);
$data['content'] = trim($_GPC['content']);
$data['tel'] = trim($_GPC['tel']);
$data['logo'] = trim($_GPC['logo']);
$data['address'] = trim($_GPC['address']);
$data['location_p'] = trim($_GPC['location_p']);
$data['location_c'] = trim($_GPC['location_c']);
$data['location_a'] = trim($_GPC['location_a']);
$data['password'] = trim($_GPC['password']);
$data['recharging_password'] = trim($_GPC['recharging_password']);
$data['is_show'] = intval($_GPC['is_show']);
$data['place'] = trim($_GPC['place']);
$data['hours'] = trim($_GPC['hours']);
$data['lng'] = trim($_GPC['baidumap']['lng']);
$data['lat'] = trim($_GPC['baidumap']['lat']);
$data['enable_wifi'] = intval($_GPC['enable_wifi']);
$data['enable_card'] = intval($_GPC['enable_card']);
$data['enable_room'] = intval($_GPC['enable_room']);
$data['enable_park'] = intval($_GPC['enable_park']);
$data['is_meal'] = intval($_GPC['is_meal']);
$data['is_delivery'] = intval($_GPC['is_delivery']);
$data['is_sms'] = intval($_GPC['is_sms']);
$data['sendingprice'] = trim($_GPC['sendingprice']);
$data['updatetime'] = TIMESTAMP;
$data['dateline'] = TIMESTAMP;
if (istrlen($data['title']) == 0) {
message('没有输入标题.', '', 'error');
}
if (istrlen($data['title']) > 30) {
message('标题不能多于30个字。', '', 'error');
}
// if (istrlen($data['content']) == 0) {
// message('没有输入内容.', '', 'error');
// }
// if (istrlen(trim($data['content'])) > 1000) {
// message('内容过多请重新输入.', '', 'error');
// }
if (istrlen($data['tel']) == 0) {
message('没有输入联系电话.', '', 'error');
}
if (istrlen($data['address']) == 0) {
//message('请输入地址。', '', 'error');
}
if (is_array($_GPC['thumbs'])) {
$data['thumb_url'] = serialize($_GPC['thumbs']);
}
if (!empty($reply)) {
unset($data['dateline']);
pdo_update($this->modulename . '_stores', $data, array('id' => $id, 'weid' => $_W['uniacid']));
} else {
pdo_insert($this->modulename . '_stores', $data);
}
message('操作成功!', $url);
}
include $this->template('stores');
} elseif ($operation == 'delete') {
$id = intval($_GPC['id']);
$store = pdo_fetch("SELECT id FROM " . tablename($this->modulename . '_stores') . " WHERE id = '{$id}'");
if (empty($store)) {
message('抱歉,不存在或是已经被删除!', $this->createWebUrl('stores', array('op' => 'display')), 'error');
}
pdo_delete($this->modulename . '_stores', array('id' => $id, 'weid' => $_W['uniacid']));
message('删除成功!', $this->createWebUrl('stores', array('op' => 'display')), 'success');
}
}
function cutstr($string, $length, $havedot = false, $charset = '')
{
global $_W;
if (empty($charset)) {
$charset = $_W['charset'];
}
if (strtolower($charset) == 'gbk') {
$charset = 'gbk';
} else {
$charset = 'utf8';
}
if (istrlen($string, $charset) <= $length) {
return $string;
}
if (function_exists('mb_strcut')) {
$string = mb_substr($string, 0, $length, $charset);
} else {
$pre = '{%';
$end = '%}';
$string = str_replace(array('&', '"', '<', '>'), array($pre . '&' . $end, $pre . '"' . $end, $pre . '<' . $end, $pre . '>' . $end), $string);
$strcut = '';
$strlen = strlen($string);
if ($charset == 'utf8') {
$n = $tn = $noc = 0;
while ($n < $strlen) {
$t = ord($string[$n]);
if ($t == 9 || $t == 10 || 32 <= $t && $t <= 126) {
$tn = 1;
$n++;
$noc++;
} elseif (194 <= $t && $t <= 223) {
$tn = 2;
$n += 2;
$noc++;
} elseif (224 <= $t && $t <= 239) {
$tn = 3;
$n += 3;
$noc++;
} elseif (240 <= $t && $t <= 247) {
$tn = 4;
$n += 4;
$noc++;
} elseif (248 <= $t && $t <= 251) {
$tn = 5;
$n += 5;
$noc++;
} elseif ($t == 252 || $t == 253) {
$tn = 6;
$n += 6;
$noc++;
} else {
$n++;
}
if ($noc >= $length) {
break;
}
}
if ($noc > $length) {
$n -= $tn;
}
$strcut = substr($string, 0, $n);
} else {
while ($n < $strlen) {
$t = ord($string[$n]);
if ($t > 127) {
$tn = 2;
$n += 2;
$noc++;
} else {
$tn = 1;
$n++;
$noc++;
}
if ($noc >= $length) {
break;
}
}
if ($noc > $length) {
$n -= $tn;
}
$strcut = substr($string, 0, $n);
}
$string = str_replace(array($pre . '&' . $end, $pre . '"' . $end, $pre . '<' . $end, $pre . '>' . $end), array('&', '"', '<', '>'), $strcut);
}
if ($havedot) {
$string = $string . "...";
}
return $string;
}
public function fm_qrcode($value = 'http://012wz.com', $filename = '', $pathname = '', $logo, $scqrcode = array('errorCorrectionLevel' => 'H', 'matrixPointSize' => '4', 'margin' => '5'))
{
global $_W;
$uniacid = !empty($_W['uniacid']) ? $_W['uniacid'] : $_W['acid'];
require_once '../framework/library/qrcode/phpqrcode.php';
load()->func('file');
$filename = empty($filename) ? date("YmdHis") . '' . random(10) : date("YmdHis") . '' . random(istrlen($filename));
if (!empty($pathname)) {
$dfileurl = 'attachment/images/' . $uniacid . '/qrcode/cache/' . date("Ymd") . '/' . $pathname;
$fileurl = '../' . $dfileurl;
} else {
$dfileurl = 'attachment/images/' . $uniacid . '/qrcode/cache/' . date("Ymd");
$fileurl = '../' . $dfileurl;
}
mkdirs($fileurl);
$fileurl = empty($pathname) ? $fileurl . '/' . $filename . '.png' : $fileurl . '/' . $filename . '.png';
QRcode::png($value, $fileurl, $scqrcode['errorCorrectionLevel'], $scqrcode['matrixPointSize'], $scqrcode['margin']);
$dlogo = $_W['attachurl'] . 'headimg_' . $uniacid . '.jpg?uniacid=' . $uniacid;
if (!$logo) {
$logo = toimage($dlogo);
}
$QR = $_W['siteroot'] . $dfileurl . '/' . $filename . '.png';
if ($logo !== FALSE) {
$QR = imagecreatefromstring(file_get_contents($QR));
$logo = imagecreatefromstring(file_get_contents($logo));
$QR_width = imagesx($QR);
$QR_height = imagesy($QR);
$logo_width = imagesx($logo);
$logo_height = imagesy($logo);
$logo_qr_width = $QR_width / 5;
$scale = $logo_width / $logo_qr_width;
$logo_qr_height = $logo_height / $scale;
$from_width = ($QR_width - $logo_qr_width) / 2;
imagecopyresampled($QR, $logo, $from_width, $from_width, 0, 0, $logo_qr_width, $logo_qr_height, $logo_width, $logo_height);
}
if (!empty($pathname)) {
$dfileurllogo = 'attachment/images/' . $uniacid . '/qrcode/fm_qrcode/' . date("Ymd") . '/' . $pathname;
$fileurllogo = '../' . $dfileurllogo;
} else {
$dfileurllogo = 'attachment/images/' . $uniacid . '/qrcode/fm_qrcode';
$fileurllogo = '../' . $dfileurllogo;
}
mkdirs($fileurllogo);
$fileurllogo = empty($pathname) ? $fileurllogo . '/' . $filename . '_logo.png' : $fileurllogo . '/' . $filename . '_logo.png';
imagepng($QR, $fileurllogo);
return $fileurllogo;
}
public function doWebbusment()
{
global $_W, $_GPC;
checklogin();
load()->func('tpl');
$uniacid = $_W['uniacid'];
$op = $_GPC['op'] ? $_GPC['op'] : 'display';
if ($op == 'display') {
$pindex = max(1, intval($_GPC['page']));
$psize = 20;
$goodses = pdo_fetchall("SELECT * FROM " . tablename('eso_sale_busment') . " WHERE uniacid = '{$_W['uniacid']}' ORDER BY uid DESC LIMIT " . ($pindex - 1) * $psize . ',' . $psize);
$total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('eso_sale_busment') . " WHERE uniacid = '{$_W['uniacid']}'");
$pager = pagination($total, $pindex, $psize);
include $this->template('busment_show');
} elseif ($op == 'add') {
$uid = intval($_GPC['uid']);
if (!empty($uid)) {
$sql = 'SELECT * FROM ' . tablename('eso_sale_busment') . ' WHERE uid=:uid AND uniacid=:uniacid LIMIT 1';
$params = array(':uid' => $uid, ':uniacid' => $_W['uniacid']);
$goods = pdo_fetch($sql, $params);
if (empty($goods)) {
message('未找到指定的商户.', $this->createWebUrl('busment'));
}
}
if (checksubmit()) {
$data = $_GPC['goods'];
// 获取打包值
empty($data['title']) && message('请填写商户名称');
empty($data['bond']) && message('请填写商户保证金');
empty($data['username']) && message('请填写登陆账号');
empty($data['password']) && message('请填写登陆密码');
if (empty($goods)) {
//添加管理人员
load()->model('user');
$user = array();
$user['username'] = trim($data['username']);
if (!preg_match(REGULAR_USERNAME, $user['username'])) {
message('必须输入用户名,格式为 3-15 位字符,可以包括汉字、字母(不区分大小写)、数字、下划线和句点。');
}
if (user_check(array('username' => $user['username']))) {
message('非常抱歉,此用户名已经被注册,你需要更换注册名称!');
}
$user['password'] = $data['password'];
if (istrlen($user['password']) < 8) {
message('必须输入密码,且密码长度不得低于8位。');
}
$user['remark'] = '';
$user['groupid'] = 1;
$uid = user_register($user);
//分配权限
$per_data['uniacid'] = $_W['uniacid'];
$per_data['uid'] = $uid;
$per_data['url'] = 'c=home&a=welcome&do=ext&m=feng_business';
$ret = pdo_insert('users_permission', $per_data);
//分配所属公众号
$acc_data['uniacid'] = $_W['uniacid'];
$acc_data['uid'] = $uid;
$acc_data['role'] = 'operator';
$ret = pdo_insert('uni_account_users', $acc_data);
//保存商户信息
$bus_data['uniacid'] = $_W['uniacid'];
$bus_data['title'] = $data['title'];
$bus_data['bond'] = $data['bond'];
$bus_data['status'] = $data['status'];
$bus_data['createtime'] = time();
$bus_data['uid'] = $uid;
$ret = pdo_insert('eso_sale_busment', $bus_data);
} else {
$bus_data['title'] = $data['title'];
$bus_data['bond'] = $data['bond'];
$bus_data['status'] = $data['status'];
$ret = pdo_update('eso_sale_busment', $bus_data, array('uid' => $uid));
}
if (!empty($ret)) {
message('商户信息保存成功', $this->createWebUrl('busment', array('op' => 'add', 'uid' => $uid)), 'success');
} else {
message('商户信息保存失败');
}
}
include $this->template('busment_add');
} elseif ($op == 'delete') {
$uid = intval($_GPC['uid']);
if (empty($uid)) {
message('未找到指定商户');
}
$result = pdo_delete('users', array('uid' => $uid));
$result = pdo_delete('users_permission', array('uid' => $uid));
$result = pdo_delete('uni_account_users', array('uid' => $uid));
$result = pdo_delete('eso_sale_busment', array('uid' => $uid, 'uniacid' => $_W['uniacid']));
if (intval($result) == 1) {
message('删除商户成功.', $this->createWebUrl('busment'), 'success');
} else {
message('删除商户失败.');
}
}
}
public function doWebMusic()
{
global $_W, $_GPC;
checklogin();
$action = 'music';
$title = '音乐管理';
$url = $this->createWebUrl($action, array('op' => 'display'));
load()->func('tpl');
$where = "WHERE weid = '{$_W['weid']}'";
$operation = !empty($_GPC['op']) ? $_GPC['op'] : 'display';
if ($operation == 'display') {
if (checksubmit('submit')) {
//排序
if (is_array($_GPC['displayorder'])) {
foreach ($_GPC['displayorder'] as $id => $val) {
$data = array('displayorder' => intval($_GPC['displayorder'][$id]));
pdo_update($this->modulename . '_music', $data, array('mid' => $id, 'weid' => $_W['weid']));
}
}
message('操作成功!', $url);
}
$keyword = trim($_GPC['keyword']);
if (!empty($keyword)) {
$where = " WHERE (singer like '%{$keyword}%' OR title like '%{$keyword}%') AND weid=" . $_W['weid'];
}
$pindex = max(1, intval($_GPC['page']));
$psize = 15;
$list = pdo_fetchall("SELECT * FROM " . tablename($this->modulename . '_music') . " {$where} order by displayorder desc,mid desc LIMIT " . ($pindex - 1) * $psize . ",{$psize}");
if (!empty($list)) {
$total = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename($this->modulename . '_music') . " {$where}");
$pager = pagination($total, $pindex, $psize);
}
include $this->template('music');
} elseif ($operation == 'post') {
$id = intval($_GPC['id']);
$reply = pdo_fetch("select * from " . tablename($this->modulename . '_music') . " where mid=:mid and weid =:weid", array(':mid' => $id, ':weid' => $_W['weid']));
if (!empty($id)) {
if (empty($reply)) {
message('抱歉,数据不存在或是已经删除!', '', 'error');
}
}
if (!empty($reply)) {
if (!empty($reply['cover'])) {
if (strpos($reply['cover'], 'http') === false) {
$cover = $_W['attachurl'] . $reply['cover'];
} else {
$cover = $reply['cover'];
}
} else {
$cover = '';
}
if (strpos($reply['url'], 'http') === false) {
$music_url = $_W['attachurl'] . $reply['url'];
} else {
$music_url = $reply['url'];
}
} else {
$cover = '';
}
if (checksubmit('submit')) {
$data = array('weid' => intval($_W['weid']), 'url' => trim($_GPC['url']), 'title' => trim($_GPC['title']), 'singer' => trim($_GPC['singer']), 'intro' => trim($_GPC['intro']), 'cover' => trim($_GPC['cover']), 'status' => 1, 'dateline' => TIMESTAMP);
if (istrlen($data['title']) == 0) {
message('没有输入标题.', '', 'error');
}
if (istrlen($data['title']) > 30) {
message('标题不能多于30个字。', '', 'error');
}
if (istrlen($data['url']) == 0) {
message('没有网址.', '', 'error');
}
if (istrlen($data['singer']) == 0) {
message('没有输入歌手.', '', 'error');
}
if (istrlen($data['intro']) == 0) {
message('请输入歌曲介绍.', '', 'error');
}
if (!empty($reply)) {
unset($data['dateline']);
pdo_update($this->modulename . '_music', $data, array('mid' => $id, 'weid' => $_W['weid']));
} else {
pdo_insert($this->modulename . '_music', $data);
}
message('操作成功!', $url);
}
include $this->template('music');
} elseif ($operation == 'delete') {
$id = intval($_GPC['id']);
$music = pdo_fetch("SELECT mid FROM " . tablename($this->modulename . '_music') . " WHERE mid = '{$id}'");
if (empty($music)) {
message('抱歉,不存在或是已经被删除!', $this->createWebUrl('music', array('op' => 'display')), 'error');
}
$row_count = pdo_delete($this->modulename . '_music', array('mid' => $id, 'weid' => $_W['weid']));
if ($row_count > 0) {
pdo_delete($this->modulename . '_music_user', array('mid' => $id, 'weid' => $_W['weid']));
}
message('删除成功!', $this->createWebUrl('music', array('op' => 'display')), 'success');
}
}
if(empty($member) || in_array($m['uid'], $founders)) {
message('访问错误.');
}
$do = $_GPC['do'];
$dos = array('edit', 'deny', 'delete', 'auth', 'revo', 'revos');
$do = in_array($do, $dos) ? $do: 'edit';
if($do == 'edit') {
if(checksubmit('profile')) {
require_once IA_ROOT . '/source/model/member.mod.php';
$nMember = array();
$nMember['uid'] = $uid;
$nMember['password'] = $_GPC['password'];
$nMember['salt'] = $member['salt'];
if(!empty($nMember['password']) && istrlen($nMember['password']) < 8) {
message('必须输入密码,且密码长度不得低于8位。');
}
$nMember['lastip'] = $_GPC['lastip'];
$nMember['lastvisit'] = $_GPC['lastvisit'];
$nMember['remark'] = $_GPC['remark'];
if(member_update($nMember) !== false) {
message('保存用户资料成功!', 'refresh');
}
message('保存用户资料失败,请稍候重试或联系网站管理员解决!');
}
require model('wechat');
$wechats = wechat_search("`uid`='{$uid}'");
$sql = "SELECT `mid` FROM " . tablename('members_modules') . ' WHERE `uid`=:uid';
$mids = pdo_fetchall($sql, array(':uid' => $uid));
/**
* [Weizan System] Copyright (c) 2014 012WZ.COM
* Weizan is NOT a free software, it under the license terms, visited http://www.qdaygroup.com/ for more details.
*/
defined('IN_IA') or exit('Access Denied');
$_W['page']['title'] = '添加用户 - 用户管理 - 用户管理';
if (checksubmit()) {
load()->model('user');
$user = array();
$user['username'] = trim($_GPC['username']);
if (!preg_match(REGULAR_USERNAME, $user['username'])) {
message('必须输入用户名,格式为 3-15 位字符,可以包括汉字、字母(不区分大小写)、数字、下划线和句点。');
}
if (user_check(array('username' => $user['username']))) {
message('非常抱歉,此用户名已经被注册,你需要更换注册名称!');
}
$user['password'] = $_GPC['password'];
if (istrlen($user['password']) < 8) {
message('必须输入密码,且密码长度不得低于8位。');
}
$user['remark'] = $_GPC['remark'];
$user['groupid'] = intval($_GPC['groupid']) ? intval($_GPC['groupid']) : message('请选择所属用户组');
$uid = user_register($user);
if ($uid > 0) {
unset($user['password']);
message('用户增加成功!', url('user/edit', array('uid' => $uid)));
}
message('增加用户失败,请稍候重试或联系网站管理员解决!');
}
$groups = pdo_fetchall("SELECT id, name FROM " . tablename('users_group') . " ORDER BY id ASC");
template('user/create');
if (empty($setting['register']['open'])) {
message('本站暂未开启注册功能,请联系管理员!');
}
$extendfields = pdo_fetchall("SELECT field, title, description, required FROM " . tablename('profile_fields') . " WHERE available = '1' AND showinregister = '1' ORDER BY displayorder DESC");
if (checksubmit()) {
load()->model('user');
$member = array();
$member['username'] = trim($_GPC['username']);
if (!preg_match(REGULAR_USERNAME, $member['username'])) {
message('必须输入用户名,格式为 3-15 位字符,可以包括汉字、字母(不区分大小写)、数字、下划线和句点。');
}
if (user_check(array('username' => $member['username']))) {
message('非常抱歉,此用户名已经被注册,你需要更换注册名称!');
}
$member['password'] = $_GPC['password'];
if (istrlen($member['password']) < 8) {
message('必须输入密码,且密码长度不得低于8位。');
}
$profile = array();
if (!empty($extendfields)) {
foreach ($extendfields as $row) {
if (!empty($row['required']) && empty($_GPC[$row['field']])) {
message('“' . $row['title'] . '”此项为必填项,请返回填写完整!');
}
$profile[$row['field']] = $_GPC[$row['field']];
}
}
if (!empty($setting['register']['code'])) {
$code = $_GPC['code'];
$hash = md5($code . $_W['config']['setting']['authkey']);
if ($_GPC['__code'] != $hash) {
public function doCardForm()
{
global $_W, $_GPC;
checklogin();
$action = 'card';
$title = $this->actions_titles[$action];
$url = create_url('site/module', array('do' => $action, 'name' => $this->modulename));
$id = intval($_GPC['id']);
$reply = pdo_fetch("select * from " . tablename('icard_card') . " where id =" . $id);
if (empty($reply)) {
message('非法参数!', $url, 'error');
}
$user = pdo_fetch("select * from " . tablename('icard_user') . " where from_user ='******'from_user'] . "'");
if (empty($user)) {
message($reply['from_user'] . '用户不存在!', $url, 'error');
}
$level = $this->get_user_level($reply['weid'], $reply['total_score']);
if (checksubmit('submit')) {
$data = array();
$data['username'] = trim($_GPC['username']);
$data['tel'] = trim($_GPC['tel']);
$data['address'] = trim($_GPC['address']);
$data['birthday'] = strtotime($_GPC['birthday']);
$data['sex'] = intval($_GPC['sex']);
$data['age'] = intval($_GPC['age']);
if (istrlen($data['username']) == 0) {
message('没有输入姓名.', '', 'error');
}
if (istrlen($data['username']) > 16) {
message('姓名输入过长.', '', 'error');
}
if (!empty($reply)) {
pdo_update('icard_user', $data, array('id' => $user['id']));
}
message('操作成功!', $url);
}
include $this->template('card_form');
}
load()->model('setting');
load()->func('tpl');
$do = $_GPC['do'];
$dos = array('delete', 'edit');
$do = in_array($do, $dos) ? $do : 'edit';
$uid = intval($_GPC['uid']);
$user = user_single($uid);
$founders = explode(',', $_W['config']['setting']['founder']);
if ($do == 'edit') {
if (empty($user)) {
message('访问错误, 未找到指定操作员.', url('user/display'), 'error');
}
$extendfields = pdo_fetchall("SELECT field, title, description, required FROM " . tablename('profile_fields') . " WHERE available = '1' AND showinregister = '1'");
if (checksubmit('profile_submit')) {
$_GPC['password'] = trim($_GPC['password']);
if (!empty($record['password']) && istrlen($record['password']) < 8) {
message('必须输入密码,且密码长度不得低于8位。');
}
$_GPC['groupid'] = intval($_GPC['groupid']);
if (empty($_GPC['groupid'])) {
message('请选择所属用户组');
}
load()->model('user');
$record = array();
$record['uid'] = $uid;
$record['password'] = $_GPC['password'];
$record['salt'] = $user['salt'];
$record['groupid'] = intval($_GPC['groupid']);
$record['remark'] = $_GPC['remark'];
user_update($record);
if (!empty($_GPC['birth'])) {
public function doWebStores()
{
global $_W, $_GPC;
$weid = $this->_weid;
$GLOBALS['frames'] = $this->getNaveMenu();
$action = 'stores';
$title = '门店管理';
$url = $this->createWebUrl($action, array('op' => 'display'));
$area = pdo_fetchall("SELECT * FROM " . tablename($this->table_area) . " where weid = :weid ORDER BY displayorder DESC", array(':weid' => $weid));
$shoptype = pdo_fetchall("SELECT * FROM " . tablename($this->table_type) . " where weid = :weid ORDER BY displayorder DESC", array(':weid' => $weid));
$operation = !empty($_GPC['op']) ? $_GPC['op'] : 'display';
if ($operation == 'display') {
if (checksubmit('submit')) {
//排序
if (is_array($_GPC['displayorder'])) {
foreach ($_GPC['displayorder'] as $id => $val) {
$data = array('displayorder' => intval($_GPC['displayorder'][$id]));
pdo_update($this->table_stores, $data, array('id' => $id));
}
}
message('操作成功!', $url);
}
$pindex = max(1, intval($_GPC['page']));
$psize = 10;
$where = "WHERE weid = '{$_W['uniacid']}'";
$storeslist = pdo_fetchall("SELECT * FROM " . tablename($this->table_stores) . " {$where} order by displayorder desc,id desc LIMIT " . ($pindex - 1) * $psize . ",{$psize}");
if (!empty($storeslist)) {
$total = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename($this->table_stores) . " {$where}");
$pager = pagination($total, $pindex, $psize);
}
} elseif ($operation == 'post') {
load()->func('tpl');
$id = intval($_GPC['id']);
//门店编号
$reply = pdo_fetch("select * from " . tablename($this->table_stores) . " where id=:id and weid =:weid", array(':id' => $id, ':weid' => $_W['uniacid']));
if (empty($reply)) {
$reply['begintime'] = "09:00";
$reply['endtime'] = "18:00";
}
$piclist = unserialize($reply['thumb_url']);
if (checksubmit('submit')) {
$data = array('weid' => intval($_W['uniacid']), 'areaid' => intval($_GPC['area']), 'typeid' => intval($_GPC['type']), 'title' => trim($_GPC['title']), 'info' => trim($_GPC['info']), 'content' => trim($_GPC['content']), 'tel' => trim($_GPC['tel']), 'announce' => trim($_GPC['announce']), 'logo' => trim($_GPC['logo']), 'address' => trim($_GPC['address']), 'location_p' => trim($_GPC['location_p']), 'location_c' => trim($_GPC['location_c']), 'location_a' => trim($_GPC['location_a']), 'lng' => trim($_GPC['baidumap']['lng']), 'lat' => trim($_GPC['baidumap']['lat']), 'password' => trim($_GPC['password']), 'recharging_password' => trim($_GPC['recharging_password']), 'is_show' => intval($_GPC['is_show']), 'place' => trim($_GPC['place']), 'hours' => trim($_GPC['hours']), 'consume' => trim($_GPC['consume']), 'level' => intval($_GPC['level']), 'enable_wifi' => intval($_GPC['enable_wifi']), 'enable_card' => intval($_GPC['enable_card']), 'enable_room' => intval($_GPC['enable_room']), 'enable_park' => intval($_GPC['enable_park']), 'is_meal' => intval($_GPC['is_meal']), 'is_delivery' => intval($_GPC['is_delivery']), 'is_sms' => intval($_GPC['is_sms']), 'is_hot' => intval($_GPC['is_hot']), 'sendingprice' => trim($_GPC['sendingprice']), 'dispatchprice' => trim($_GPC['dispatchprice']), 'freeprice' => trim($_GPC['freeprice']), 'begintime' => trim($_GPC['begintime']), 'endtime' => trim($_GPC['endtime']), 'updatetime' => TIMESTAMP, 'dateline' => TIMESTAMP);
if (istrlen($data['title']) == 0) {
message('没有输入标题.', '', 'error');
}
if (istrlen($data['title']) > 30) {
message('标题不能多于30个字。', '', 'error');
}
if (istrlen($data['tel']) == 0) {
// message('没有输入联系电话.', '', 'error');
}
if (istrlen($data['address']) == 0) {
//message('请输入地址。', '', 'error');
}
if (is_array($_GPC['thumbs'])) {
$data['thumb_url'] = serialize($_GPC['thumbs']);
}
if (!empty($id)) {
unset($data['dateline']);
pdo_update($this->table_stores, $data, array('id' => $id, 'weid' => $_W['uniacid']));
} else {
pdo_insert($this->table_stores, $data);
}
message('操作成功!', $url);
}
} elseif ($operation == 'delete') {
$id = intval($_GPC['id']);
$store = pdo_fetch("SELECT id FROM " . tablename($this->table_stores) . " WHERE id = '{$id}'");
if (empty($store)) {
message('抱歉,不存在或是已经被删除!', $this->createWebUrl('stores', array('op' => 'display')), 'error');
}
pdo_delete($this->table_stores, array('id' => $id, 'weid' => $_W['uniacid']));
message('删除成功!', $this->createWebUrl('stores', array('op' => 'display')), 'success');
}
include $this->template('stores');
}
function get_html($text, $length = 255)
{
if (istrlen($text) > $length) {
$text = cutstr(strip_tags($text), $length, true);
} else {
$text = cutstr(strip_tags($text), $length);
}
return $text;
}
public function doWebList()
{
global $_W, $_GPC;
load()->func('file');
$foo = !empty($_GPC['foo']) ? $_GPC['foo'] : 'display';
$category = pdo_fetchall("SELECT * FROM " . tablename('album_category') . " WHERE weid = '{$_W['uniacid']}' ORDER BY parentid ASC, displayorder DESC", array(), 'id');
if (!empty($category)) {
$children = '';
foreach ($category as $cid => $cate) {
if (!empty($cate['parentid'])) {
$children[$cate['parentid']][$cate['id']] = array($cate['id'], $cate['name']);
}
}
}
load()->func('tpl');
if ($foo == 'create') {
$id = intval($_GPC['id']);
if (!empty($id)) {
$sql = 'SELECT * FROM ' . tablename('album') . ' WHERE `id` = :id AND `weid` = :weid';
$params = array(':id' => $id, ':weid' => $_W['uniacid']);
$item = pdo_fetch($sql, $params);
if (empty($item)) {
message('抱歉,相册不存在或是已经删除!', '', 'error');
}
}
if (checksubmit('submit')) {
if (empty($_GPC['title'])) {
message('请输入相册名称!');
}
$data = array('weid' => $_W['uniacid'], 'title' => $_GPC['title'], 'content' => $_GPC['content'], 'displayorder' => intval($_GPC['displayorder']), 'isview' => intval($_GPC['isview']), 'type' => intval($_GPC['type']), 'thumb' => $_GPC['thumb'], 'pcate' => intval($_GPC['pcate']), 'ccate' => intval($_GPC['ccate']));
if (empty($id)) {
$data['createtime'] = TIMESTAMP;
pdo_insert('album', $data);
} else {
pdo_update('album', $data, array('id' => $id));
}
message('相册更新成功!', $this->createWebUrl('list', array('foo' => 'display')), 'success');
}
include $this->template('album');
} elseif ($foo == 'display') {
$pindex = max(1, intval($_GPC['page']));
$psize = 12;
$condition = '';
if (!empty($_GPC['keyword'])) {
$condition .= " AND title LIKE '%{$_GPC['keyword']}%'";
}
if (!empty($_GPC['cate_2'])) {
$cid = intval($_GPC['cate_2']);
$condition .= " AND ccate = '{$cid}'";
} elseif (!empty($_GPC['cate_1'])) {
$cid = intval($_GPC['cate_1']);
$condition .= " AND pcate = '{$cid}'";
}
if (istrlen($_GPC['isview']) > 0) {
$condition .= " AND isview = '" . intval($_GPC['isview']) . "'";
}
$list = pdo_fetchall("SELECT * FROM " . tablename('album') . " WHERE weid = '{$_W['uniacid']}' {$condition} ORDER BY displayorder DESC, id DESC LIMIT " . ($pindex - 1) * $psize . ',' . $psize);
$total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('album') . " WHERE weid = '{$_W['uniacid']}' {$condition}");
$pager = pagination($total, $pindex, $psize);
if (!empty($list)) {
foreach ($list as &$row) {
$row['total'] = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename('album_photo') . " WHERE albumid = :albumid", array(':albumid' => $row['id']));
}
}
include $this->template('album');
} elseif ($foo == 'photo') {
$id = intval($_GPC['albumid']);
$sql = 'SELECT * FROM ' . tablename('album') . ' WHERE `id` = :id AND `weid` = :weid';
$params = array(':id' => $id, ':weid' => $_W['uniacid']);
$album = pdo_fetch($sql, $params);
if (empty($album)) {
message('相册不存在或是已经被删除!');
}
if (checksubmit('submit')) {
if (!empty($_GPC['attachment-new'])) {
foreach ($_GPC['attachment-new'] as $index => $row) {
if (empty($row)) {
continue;
}
$data = array('weid' => $_W['uniacid'], 'albumid' => intval($_GPC['albumid']), 'title' => $_GPC['title-new'][$index], 'description' => $_GPC['description-new'][$index], 'attachment' => $_GPC['attachment-new'][$index], 'displayorder' => $_GPC['displayorder-new'][$index]);
pdo_insert('album_photo', $data);
}
}
if (!empty($_GPC['attachment'])) {
foreach ($_GPC['attachment'] as $index => $row) {
if (empty($row)) {
continue;
}
$data = array('weid' => $_W['uniacid'], 'albumid' => intval($_GPC['albumid']), 'title' => $_GPC['title'][$index], 'description' => $_GPC['description'][$index], 'attachment' => $_GPC['attachment'][$index], 'displayorder' => $_GPC['displayorder'][$index]);
pdo_update('album_photo', $data, array('id' => $index));
}
}
message('相册更新成功!', $this->createWebUrl('list', array('foo' => 'photo', 'albumid' => $album['id'])));
}
if (checksubmit('delete')) {
pdo_delete('album_photo', array('albumid' => $id));
message('全部照片已成功删除', referer(), 'success');
}
$sql = 'SELECT * FROM ' . tablename('album_photo') . ' WHERE `albumid` = :albumid ORDER BY `displayorder`';
$params = array(':albumid' => $album['id']);
if (empty($album['type'])) {
$sql .= ' DESC';
} else {
$sql .= ' ASC';
}
$photos = pdo_fetchall($sql, $params);
include $this->template('album');
} elseif ($foo == 'delete') {
$type = $_GPC['type'];
$id = intval($_GPC['id']);
if ($type == 'photo') {
if (!empty($id)) {
$sql = 'SELECT `id`, `attachment` FROM ' . tablename('album_photo') . ' WHERE `id` = :id AND `weid` = :weid';
$params = array(':id' => $id, ':weid' => $_W['uniacid']);
$item = pdo_fetch($sql, $params);
if (empty($item)) {
message('图片不存在或是已经被删除!');
}
pdo_delete('album_photo', array('id' => $item['id']));
} else {
$item['attachment'] = $_GPC['attachment'];
}
file_delete($item['attachment']);
} elseif ($type == 'album') {
$sql = 'SELECT * FROM ' . tablename('album') . ' WHERE `id` = :id AND `weid` = :weid';
$params = array(':id' => $id, ':weid' => $_W['uniacid']);
$album = pdo_fetch($sql, $params);
if (empty($album)) {
message('相册不存在或是已经被删除!');
}
$photos = pdo_fetchall("SELECT id, attachment FROM " . tablename('album_photo') . " WHERE albumid = :albumid", array(':albumid' => $id));
if (!empty($photos)) {
foreach ($photos as $row) {
file_delete($row['attachment']);
}
}
pdo_delete('album', array('id' => $id));
pdo_delete('album_photo', array('albumid' => $id));
}
message('删除成功!', referer(), 'success');
} elseif ($foo == 'cover') {
$id = intval($_GPC['albumid']);
$attachment = $_GPC['thumb'];
if (empty($attachment)) {
message('抱歉,参数错误,请重试!', '', 'error');
}
$sql = 'SELECT * FROM ' . tablename('album') . ' WHERE `id` = :id AND `weid` = :weid';
$params = array(':id' => $id, ':weid' => $_W['uniacid']);
$item = pdo_fetch($sql, $params);
if (empty($item)) {
message('抱歉,相册不存在或是已经删除!', '', 'error');
}
pdo_update('album', array('thumb' => $attachment), array('id' => $id));
message('设置封面成功!', '', 'success');
}
}
public function doStoresForm()
{
global $_GPC, $_W;
checklogin();
$action = 'stores';
$title = $this->actions_titles[$action];
$url = create_url('site/module', array('do' => $action, 'name' => $this->modulename));
$id = intval($_GPC['id']);
//门店编号
$reply = pdo_fetch("select * from " . tablename($this->modulename . '_stores') . " where id=:id and weid =:weid", array(':id' => $id, ':weid' => $_W['weid']));
if (!empty($id)) {
if (empty($reply)) {
message('抱歉,数据不存在或是已经删除!', '', 'error');
} else {
if (!empty($reply['thumb_url'])) {
$reply['thumbArr'] = explode('|', $reply['thumb_url']);
}
}
}
if (checksubmit('submit')) {
$data = array();
$data['weid'] = intval($_W['weid']);
$data['title'] = trim($_GPC['title']);
$data['info'] = trim($_GPC['info']);
$data['content'] = trim($_GPC['content']);
$data['tel'] = trim($_GPC['tel']);
$data['address'] = trim($_GPC['address']);
$data['location_p'] = trim($_GPC['location_p']);
$data['location_c'] = trim($_GPC['location_c']);
$data['location_a'] = trim($_GPC['location_a']);
$data['password'] = trim($_GPC['password']);
$data['recharging_password'] = trim($_GPC['recharging_password']);
$data['is_show'] = intval($_GPC['is_show']);
$data['place'] = trim($_GPC['place']);
$data['hours'] = trim($_GPC['hours']);
$data['lng'] = trim($_GPC['lng']);
$data['lat'] = trim($_GPC['lat']);
$data['enable_wifi'] = intval($_GPC['enable_wifi']);
$data['enable_card'] = intval($_GPC['enable_card']);
$data['enable_room'] = intval($_GPC['enable_room']);
$data['enable_park'] = intval($_GPC['enable_park']);
$data['thumb_url'] = implode('|', $_GPC['thumb_url']);
$data['updatetime'] = TIMESTAMP;
$data['dateline'] = TIMESTAMP;
if (istrlen($data['title']) == 0) {
message('没有输入标题.', '', 'error');
}
if (istrlen($data['title']) > 30) {
message('标题不能多于30个字。', '', 'error');
}
if (istrlen($data['content']) == 0) {
message('没有输入内容.', '', 'error');
}
if (istrlen(trim($data['content'])) > 1000) {
message('内容过多请重新输入.', '', 'error');
}
if (istrlen($data['tel']) == 0) {
message('没有输入联系电话.', '', 'error');
}
if (istrlen($data['address']) == 0) {
message('请输入地址。', '', 'error');
}
// if (istrlen($data['password']) == 0) {
// message('没有输入确认密码.','','error');
// }
// if (istrlen($data['password']) > 16) {
// message('确认密码不能大于16个字符.','','error');
// }
// if (istrlen($data['recharging_password']) == 0) {
// message('没有输入充值密码.','','error');
// }
// if (istrlen($data['recharging_password']) > 16) {
// message('充值密码不能大于16个字符.','','error');
// }
if (!empty($_FILES['logo']['tmp_name'])) {
file_delete($_GPC['logo_old']);
$upload = file_upload($_FILES['logo']);
if (is_error($upload)) {
message($upload['message'], '', 'error');
}
$data['logo'] = $upload['path'];
}
if (!empty($reply)) {
unset($data['dateline']);
pdo_update($this->modulename . '_stores', $data, array('id' => $id, 'weid' => $_W['weid']));
} else {
pdo_insert($this->modulename . '_stores', $data);
}
message('操作成功!', $url);
}
include $this->template('stores_form');
}
public function doWebUser()
{
global $_W, $_GPC;
$operation = !empty($_GPC['op']) ? $_GPC['op'] : 'display';
if ($operation == 'display') {
$pindex = max(1, intval($_GPC['page']));
$psize = 20;
$where = '';
if (isset($_GPC['status']) && $_GPC['status'] !== '') {
$where .= " AND a.status = '" . intval($_GPC['status']) . "'";
}
if (!empty($_GPC['username'])) {
$where .= " AND a.username LIKE '%{$_GPC['username']}%'";
}
if (!empty($_GPC['group'])) {
$where .= " AND a.groupid = '{$_GPC['group']}'";
}
$where .= "AND b.agent_uid = {$_W['uid']}";
$sql = 'SELECT * FROM ' . tablename('members') . ' a LEFT JOIN ' . tablename('agent_user') . ' b ON a.uid=b.uid WHERE 1 ' . $where . " LIMIT " . ($pindex - 1) * $psize . ',' . $psize;
$list = pdo_fetchall($sql);
$total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('members') . ' a LEFT JOIN ' . tablename('agent_user') . ' b ON a.uid=b.uid WHERE 1 ' . $where);
$pager = pagination($total, $pindex, $psize);
$founders = explode(',', $_W['config']['setting']['founder']);
foreach ($members as &$m) {
$m['founder'] = in_array($m['uid'], $founders);
}
$usergroups = pdo_fetchall("SELECT id, name FROM " . tablename('members_group'), array(), 'id');
} elseif ($operation == 'post') {
$id = intval($_GPC['id']);
$agent_uid = intval($_W['uid']);
$extendfields = pdo_fetchall("SELECT field, title, description, required FROM " . tablename('profile_fields') . " WHERE available = '1' AND showinregister = '1'");
if (!empty($id)) {
$member = pdo_fetch("SELECT * FROM " . tablename('members') . " WHERE uid = :uid", array(':uid' => $id));
if (empty($member)) {
message('抱歉,用户不存在或是已经删除!', '', 'error');
}
}
if (checksubmit('profile_submit')) {
$nMember = array();
$nMember['uid'] = $id;
$nMember['password'] = $_GPC['password'];
$nMember['groupid'] = intval($_GPC['groupid']);
if (!empty($nMember['password']) && istrlen($nMember['password']) < 8) {
message('必须输入密码,且密码长度不得低于8位。');
}
$nMember['lastip'] = $_GPC['lastip'];
$nMember['lastvisit'] = strtotime($_GPC['lastvisit']);
$nMember['remark'] = $_GPC['remark'];
if ($member['groupid'] != $nMember['groupid']) {
# 扣钱
$balance = pdo_fetch("SELECT * FROM " . tablename('agent') . " WHERE uid = :uid", array(':uid' => $agent_uid));
$reduce_money = pdo_fetch("SELECT * FROM " . tablename('agent_payment') . " WHERE agent_uid = :uid AND group_id = :group_id", array(':uid' => $agent_uid, ':group_id' => $nMember['groupid']));
if (empty($reduce_money) || $balance['balance'] < $reduce_money['amount_needs']) {
message('余额不足,不能修改分组。');
}
$new_balance = $balance['balance'] - $reduce_money['amount_needs'];
pdo_update('agent', array('balance' => $new_balance), array('uid' => $agent_uid));
$log = array();
$log['agent_uid'] = $agent_uid;
$log['datetime'] = time();
$log['log'] = "修改用户" . $id . "分组:" . $member['groupid'] . " --> " . $nMember['groupid'];
pdo_insert('agent_log', $log);
}
member_update($nMember);
if (!empty($extendfields)) {
foreach ($extendfields as $row) {
if ($row['field'] != 'profile') {
$profile[$row['field']] = $_GPC[$row['field']];
}
}
if (!empty($profile)) {
$exists = pdo_fetchcolumn("SELECT uid FROM " . tablename('members_profile') . " WHERE uid = :uid", array(':uid' => $id));
if (!empty($exists)) {
pdo_update('members_profile', $profile, array('uid' => $id));
} else {
$profile['uid'] = $id;
pdo_insert('members_profile', $profile);
}
}
}
message('用户信息更新成功!', create_url('site/module/user', array('name' => 'agent', 'op' => 'display')), 'success');
}
if (!empty($extendfields)) {
foreach ($extendfields as $row) {
$fields[] = $row['field'];
}
$member['profile'] = pdo_fetch("SELECT `" . implode("`,`", $fields) . "` FROM " . tablename('members_profile') . " WHERE uid = :uid", array(':uid' => $id));
}
$groups = pdo_fetchall("SELECT id, name FROM " . tablename('members_group') . " ORDER BY id ASC");
}
include $this->template('user');
}
