Exemple #1
0
function sendsms($mobile, $content)
{
    $log = date('Y-m-d H:i:s', time()) . " | " . real_ip() . " | " . $mobile . " | " . $content . "\r\n";
    file_put_contents(dirname(dirname(__FILE__)) . "/sms_log_" . $GLOBALS['_CFG']['ihuyi_sms_user_name'] . ".log", $log, FILE_APPEND);
    //配置信息
    $target = "http://106.ihuyi.cn/webservice/sms.php?method=Submit";
    //替换成自己的测试账号,参数顺序和wenservice对应
    $post_data = "account=" . $GLOBALS['_CFG']['ihuyi_sms_user_name'] . "&password="******"&md5=1&mobile=" . $mobile . "&content=" . urlencode($content);
    $gets = '<?xml version="1.0" encoding="utf-8"?>
	<SubmitResult xmlns="http://106.ihuyi.cn/">
	<code>2</code>
	<msg>提交成功</msg>
	<smsid>67472311</smsid>
	</SubmitResult>';
    if ($GLOBALS['_CFG']['ihuyi_sms_debug'] == 0) {
        $gets = ihuyi_Post($post_data, $target);
    }
    $gets_arr = xml_to_array($gets);
    file_put_contents(dirname(dirname(__FILE__)) . "/sms_log_" . $GLOBALS['_CFG']['ihuyi_sms_user_name'] . ".log", '发送状态:' . $gets_arr['SubmitResult']['msg'] . "\r\n", FILE_APPEND);
    if ($gets_arr['SubmitResult']['code'] == 2) {
        return true;
    } else {
        return $gets_arr['SubmitResult']['msg'];
    }
}
Exemple #2
0
 public static function info($msg, $ecode, $etype, $uid, $schoolid, $requrl, array $param)
 {
     global $G_X;
     if ($requrl == '') {
         $requrl = $_SERVER['REQUEST_URI'];
     }
     if (!$param || count($param) < 1) {
         $param = $_REQUEST;
     }
     $Update = array();
     $Update['eventtime'] = time();
     $Update['eventtype'] = $etype;
     $Update['schoolid'] = $schoolid;
     $Update['eventdesc'] = $msg;
     $Update['message'] = print_r($param, true);
     $Update['userid'] = $uid;
     $Update['requesturl'] = $requrl;
     $Update['code'] = $ecode;
     $Update['detailcode'] = $G_X['events'][$etype][$ecode];
     $ip = real_ip();
     if ($ip == 'unknown') {
         $ip = "192.168.0.1";
     }
     $Update['ip'] = ip2long($ip);
     require_once PUBLIB_PATH . 'database/DbFactory.php';
     $db = DbFactory::Create();
     $id = $db->Insert(self::$tbname, $Update, true);
 }
 public function contact_us($data)
 {
     $this->db->set('date_on', 'NOW()', FALSE);
     $this->db->set('ip_address', real_ip());
     $this->db->insert('contact', $data);
     return $this->db->insert_id();
 }
Exemple #4
0
/**
 * 记录管理员的操作内容
 *
 * @access  public
 * @param   string      $sn         数据的唯一值
 * @param   string      $action     操作的类型
 * @param   string      $content    操作的内容
 * @param   string      $log_info   直接插入操作的内容
 * @return  void
 */
function admin_log($sn = '', $action, $content, $log_info = '')
{
    if (!$log_info) {
        $log_info = $GLOBALS['_LANG']['log_action'][$action] . $GLOBALS['_LANG']['log_action'][$content] . ': ' . addslashes($sn);
    }
    $sql = 'INSERT INTO ' . $GLOBALS['ecs']->table('admin_log') . ' (log_time, user_id, log_info, ip_address) ' . " VALUES ('" . gmtime() . "', {$_SESSION['admin_id']}, '" . stripslashes($log_info) . "', '" . real_ip() . "')";
    $GLOBALS['db']->query($sql);
}
Exemple #5
0
/**
 * 检查手机验证码
 *
 * @access  public
 * @param   string       $mobile            手机号
 * @param   string       $verifycode        手机验证码
 * @param   string       $act               绑定类型
 *
 * @return  bool         $bool
 */
function check_sms_verifycode($mobile, $verifycode, $act = SMS_REGISTER)
{
    global $db, $ecs, $_CFG;
    $ip = real_ip();
    $expire = gmtime() - intval($_CFG['ecsdxt_sms_validtime']);
    //验证码10分钟内有效
    $SQL = "SELECT COUNT(id) FROM " . $ecs->table('verifycode') . " WHERE mobile='{$mobile}' AND verifycode='{$verifycode}' AND getip='{$ip}' AND status=1 AND `type`={$act} AND dateline>={$expire}";
    return $db->getOne($SQL) > 0;
}
Exemple #6
0
function phoxy_conf()
{
    $ret = phoxy_default_conf();
    global $_SERVER;
    $ret["ip"] = real_ip();
    $ret['adminip'] = false;
    $ret['api_xss_prevent'] = PRODUCTION;
    if (!$ret['adminip']) {
        ini_set('display_errors', 'Off');
    }
    return $ret;
}
Exemple #7
0
 function cls_session(&$db, $session_table, $session_data_table, $session_name = 'ECS_ID', $session_id = '')
 {
     $GLOBALS['_SESSION'] = array();
     if (!empty($GLOBALS['cookie_path'])) {
         $this->session_cookie_path = $GLOBALS['cookie_path'];
     } else {
         $this->session_cookie_path = '/';
     }
     if (!empty($GLOBALS['cookie_domain'])) {
         $this->session_cookie_domain = $GLOBALS['cookie_domain'];
     } else {
         $this->session_cookie_domain = '';
     }
     if (!empty($GLOBALS['cookie_secure'])) {
         $this->session_cookie_secure = $GLOBALS['cookie_secure'];
     } else {
         $this->session_cookie_secure = false;
     }
     $this->session_name = $session_name;
     $this->session_table = $session_table;
     $this->session_data_table = $session_data_table;
     $this->db =& $db;
     //$this->_ip = real_ip();以下代码解决登陆问题
     if (isset($_COOKIE['real_ipd']) && !empty($_COOKIE['real_ipd'])) {
         $this->_ip = $_COOKIE['real_ipd'];
     } else {
         $this->_ip = real_ip();
         setcookie("real_ipd", $this->_ip, time() + 36000, $this->session_cookie_path);
     }
     if ($session_id == '' && !empty($_COOKIE[$this->session_name])) {
         $this->session_id = $_COOKIE[$this->session_name];
     } else {
         $this->session_id = $session_id;
     }
     if ($this->session_id) {
         $tmp_session_id = substr($this->session_id, 0, 32);
         if ($this->gen_session_key($tmp_session_id) == substr($this->session_id, 32)) {
             $this->session_id = $tmp_session_id;
         } else {
             $this->session_id = '';
         }
     }
     $this->_time = time();
     if ($this->session_id) {
         $this->load_session();
     } else {
         $this->gen_session_id();
         setcookie($this->session_name, $this->session_id . $this->gen_session_key($this->session_id), 0, $this->session_cookie_path, $this->session_cookie_domain, $this->session_cookie_secure);
     }
     register_shutdown_function(array(&$this, 'close_session'));
 }
Exemple #8
0
 /**
  * 更新用户SESSION,COOKIE及登录时间、登录次数。
  *
  * @access  public
  * @return  void
  */
 function update_user_info()
 {
     if (!$_SESSION['user_id']) {
         return false;
     }
     /* 查询会员信息 */
     $time = date('Y-m-d');
     $sql = 'SELECT u.user_money,u.email, u.pay_points, u.user_rank, u.rank_points, ' . ' IFNULL(b.type_money, 0) AS user_bonus, u.last_login, u.last_ip' . ' FROM ' . $this->pre . 'users AS u ' . ' LEFT JOIN ' . $this->pre . 'user_bonus AS ub' . ' ON ub.user_id = u.user_id AND ub.used_time = 0 ' . ' LEFT JOIN ' . $this->pre . 'bonus_type AS b' . " ON b.type_id = ub.bonus_type_id AND b.use_start_date <= '{$time}' AND b.use_end_date >= '{$time}' " . " WHERE u.user_id = '{$_SESSION['user_id']}'";
     if ($row = $this->row($sql)) {
         /* 更新SESSION */
         $_SESSION['last_time'] = $row['last_login'];
         $_SESSION['last_ip'] = $row['last_ip'];
         $_SESSION['login_fail'] = 0;
         $_SESSION['email'] = $row['email'];
         /* 判断是否是特殊等级,可能后台把特殊会员组更改普通会员组 */
         if ($row['user_rank'] > 0) {
             $sql = "SELECT special_rank from " . $this->pre . "user_rank where rank_id='{$row['user_rank']}'";
             $res = $this->row($sql);
             if ($res['special_rank'] === '0' || $res['special_rank'] === null) {
                 $sql = "update " . $this->pre . "users set user_rank='0' where user_id='{$_SESSION['user_id']}'";
                 $this->query($sql);
                 $row['user_rank'] = 0;
             }
         }
         /* 取得用户等级和折扣 */
         if ($row['user_rank'] == 0) {
             // 非特殊等级,根据等级积分计算用户等级(注意:不包括特殊等级)
             $sql = 'SELECT rank_id, discount FROM ' . $this->pre . "user_rank WHERE special_rank = '0' AND min_points <= " . intval($row['rank_points']) . ' AND max_points > ' . intval($row['rank_points']);
             if ($row = $this->row($sql)) {
                 $_SESSION['user_rank'] = $row['rank_id'];
                 $_SESSION['discount'] = $row['discount'] / 100.0;
             } else {
                 $_SESSION['user_rank'] = 0;
                 $_SESSION['discount'] = 1;
             }
         } else {
             // 特殊等级
             $sql = 'SELECT rank_id, discount FROM ' . $this->pre . "user_rank WHERE rank_id = '{$row['user_rank']}'";
             if ($row = $this->row($sql)) {
                 $_SESSION['user_rank'] = $row['rank_id'];
                 $_SESSION['discount'] = $row['discount'] / 100.0;
             } else {
                 $_SESSION['user_rank'] = 0;
                 $_SESSION['discount'] = 1;
             }
         }
     }
     /* 更新登录时间,登录次数及登录ip */
     $sql = "UPDATE " . $this->pre . "users SET" . " visit_count = visit_count + 1, " . " last_ip = '" . real_ip() . "'," . " last_login = '******'" . " WHERE user_id = '" . $_SESSION['user_id'] . "'";
     $this->query($sql);
 }
Exemple #9
0
function addtj()
{
    global $ecs;
    $domain = $ecs->get_domain();
    $ip = real_ip();
    //getIP();
    $client = new soapclient68('http://api.68ecshop.com/record.php?wsdl', true);
    $client->soap_defencoding = 'UTF-8';
    $client->decode_utf8 = false;
    $client->xml_encoding = 'UTF-8';
    //参数转为数组形式传递
    $paras = array('domain' => $domain, 'ip' => $ip);
    //目标方法没有参数时,可省略后面的参数
    $result = $client->call('addTongji', $paras);
}
Exemple #10
0
 /**
  * 执行登陆操作
  * 这个函数要跟 frontend.base.php 中的 _do_login 保持一致
  */
 function _do_login($user_id)
 {
     $mod_user =& m('member');
     $user_info = $mod_user->get(array('conditions' => "user_id = '{$user_id}'", 'join' => 'has_store', 'fields' => 'user_id, user_name, reg_time, last_login, last_ip, store_id'));
     /* 店铺ID */
     $my_store = empty($user_info['store_id']) ? 0 : $user_info['store_id'];
     /* 保证基础数据整洁 */
     unset($user_info['store_id']);
     /* 分派身份 */
     $this->visitor->assign($user_info);
     /* 更新用户登录信息 */
     $mod_user->edit("user_id = '{$user_id}'", "last_login = '******', last_ip = '" . real_ip() . "', logins = logins + 1");
     /* 更新购物车中的数据 */
     $mod_cart =& m('cart');
     $mod_cart->edit("(user_id = '{$user_id}' OR session_id = '" . SESS_ID . "') AND store_id <> '{$my_store}'", array('user_id' => $user_id, 'session_id' => SESS_ID));
 }
 /**
  * 执行登陆操作
  *
  * @param int $user_id
  * @return bool
  */
 function _do_login($user_id)
 {
     $mod_user =& m('member');
     $user_info = $mod_user->get(array('conditions' => $user_id, 'join' => 'manage_mall', 'fields' => 'this.user_id, user_name, reg_time, last_login, last_ip, privs'));
     if (!$user_info['privs']) {
         $this->show_warning('not_admin');
         return false;
     }
     /* 分派身份 */
     $this->visitor->assign(array('user_id' => $user_info['user_id'], 'user_name' => $user_info['user_name'], 'reg_time' => $user_info['reg_time'], 'last_login' => $user_info['last_login'], 'last_ip' => $user_info['last_ip']));
     /* 更新登录信息 */
     $time = gmtime();
     $ip = real_ip();
     $mod_user->edit($user_id, "last_login = '******', last_ip='{$ip}', logins = logins + 1");
     return true;
 }
Exemple #12
0
 function cls_session(&$db, $session_table, $session_data_table, $session_name = 'ECS_ID', $session_id = '')
 {
     $GLOBALS['_SESSION'] = array();
     if (!empty($GLOBALS['cookie_path'])) {
         $this->session_cookie_path = $GLOBALS['cookie_path'];
     } else {
         $this->session_cookie_path = '/';
     }
     if (!empty($GLOBALS['cookie_domain'])) {
         $this->session_cookie_domain = $GLOBALS['cookie_domain'];
     } else {
         $this->session_cookie_domain = '';
     }
     if (!empty($GLOBALS['cookie_secure'])) {
         $this->session_cookie_secure = $GLOBALS['cookie_secure'];
     } else {
         $this->session_cookie_secure = false;
     }
     $this->session_name = $session_name;
     $this->session_table = $session_table;
     $this->session_data_table = $session_data_table;
     $this->db =& $db;
     $this->_ip = real_ip();
     if ($session_id == '' && !empty($_COOKIE[$this->session_name])) {
         $this->session_id = $_COOKIE[$this->session_name];
     } else {
         $this->session_id = $session_id;
     }
     if ($this->session_id) {
         $tmp_session_id = substr($this->session_id, 0, 32);
         if ($this->gen_session_key($tmp_session_id) == substr($this->session_id, 32)) {
             $this->session_id = $tmp_session_id;
         } else {
             $this->session_id = '';
         }
     }
     $this->_time = time();
     if ($this->session_id) {
         $this->load_session();
     } else {
         $this->gen_session_id();
         setcookie($this->session_name, $this->session_id . $this->gen_session_key($this->session_id), time() + 86400 * 7, $this->session_cookie_path, $this->session_cookie_domain, $this->session_cookie_secure);
         //代码修改 By  www.68ecshop.com
     }
     register_shutdown_function(array(&$this, 'close_session'));
 }
Exemple #13
0
 /**
  * 构造函数
  *
  * @author weberliu
  * @param object $db 数据库对象
  * @param stirng $session_table 数据表名
  * @param string $session_data_table 数据存储表名
  * @param string $session_name session名称
  * @param string $session_id session_id
  * @return void
  */
 function SessionProcessor(&$db, $session_table, $session_data_table, $session_name = 'ECM_ID', $session_id = '')
 {
     session_set_save_handler(array(&$this, "_sess_open"), array(&$this, "_sess_close"), array(&$this, "_sess_read"), array(&$this, "_sess_write"), array(&$this, "_sess_destroy"), array(&$this, "_sess_gc"));
     $this->gmtime = gmtime();
     $this->max_life_time = 1440;
     $this->session_cookie_path = COOKIE_PATH;
     $this->session_cookie_domain = COOKIE_DOMAIN;
     //如果开启二级域名,且未设置COOKIE作用域,则缺省为上级域
     if (defined('ENABLED_SUBDOMAIN') && ENABLED_SUBDOMAIN && !COOKIE_DOMAIN) {
         $tmp_arr = parse_url(SITE_URL);
         if (count(explode('.', $tmp_arr['host'])) > 2) {
             $cookie_domain = substr($tmp_arr['host'], strpos($tmp_arr['host'], '.'));
         } else {
             // 形如ecmall.com这样的域名
             $cookie_domain = '.' . $tmp_arr['host'];
         }
         $this->session_cookie_domain = $cookie_domain;
     }
     $this->session_cookie_secure = false;
     $this->session_name = $session_name;
     $this->session_table = $session_table;
     $this->session_data_table = $session_data_table;
     $this->db =& $db;
     $this->_ip = real_ip();
     /*处理session id*/
     if ($session_id == '' && !empty($_COOKIE[$this->session_name])) {
         $this->session_id = $_COOKIE[$this->session_name];
     } else {
         $this->session_id = $session_id;
     }
     if ($this->session_id) {
         $tmp_session_id = substr($this->session_id, 0, 32);
         if ($this->gen_session_key($tmp_session_id) == substr($this->session_id, 32)) {
             $this->session_id = $tmp_session_id;
         } else {
             $this->session_id = '';
         }
     }
     if (!$this->session_id) {
         $this->gen_session_id();
         session_id($this->session_id . $this->gen_session_key($this->session_id));
         /*setcookie($this->session_name, $this->session_id . $this->gen_session_key($this->session_id), 0,
           $this->session_cookie_path, $this->session_cookie_domain, $this->session_cookie_secure);*/
     }
 }
Exemple #14
0
/**
 * 写入日志,统计所需要
 * @author Neil
 */
function WriteLog($return = '')
{
    global $G_X;
    session_start();
    $int = real_ip() . "[|cut|]";
    $int .= date('Y-m-d H:i:s', $_SERVER['REQUEST_TIME']) . "[|cut|]";
    $int .= $G_X['appkey'] . "[|cut|]";
    $int .= (session_id() ?: '-') . "[|cut|]";
    $int .= $_SERVER['REQUEST_METHOD'] . "[|cut|]";
    $int .= "record.php[|cut|]";
    $int .= ($_SERVER['HTTP_REFERER'] ?: '-') . "[|cut|]";
    $int .= ($_SERVER['QUERY_STRING'] ?: '-') . "[|cut|]";
    $int .= $_SERVER['HTTP_USER_AGENT'] . "[|cut|]";
    $int .= '-';
    $int .= PHP_EOL;
    $log = ERRLOG_PATH . 'm_wonaonao_record_' . date('H') . '.log';
    error_log($int, 3, $log);
}
Exemple #15
0
 /**
  * 统计访问信息
  *
  * @access  public
  * @return  void
  */
 function visit_stats()
 {
     if (C('visit_stats') == 'off') {
         return;
     }
     $time = gmtime();
     /* 检查客户端是否存在访问统计的cookie */
     $visit_times = !empty($_COOKIE['ECS']['visit_times']) ? intval($_COOKIE['ECS']['visit_times']) + 1 : 1;
     setcookie('ECS[visit_times]', $visit_times, $time + 86400 * 365, '/');
     $browser = get_user_browser();
     $os = get_os();
     $ip = real_ip();
     $area = ecs_geoip($ip);
     /* 语言 */
     if (!empty($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
         $pos = strpos($_SERVER['HTTP_ACCEPT_LANGUAGE'], ';');
         $lang = addslashes($pos !== false ? substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, $pos) : $_SERVER['HTTP_ACCEPT_LANGUAGE']);
     } else {
         $lang = '';
     }
     /* 来源 */
     if (!empty($_SERVER['HTTP_REFERER']) && strlen($_SERVER['HTTP_REFERER']) > 9) {
         $pos = strpos($_SERVER['HTTP_REFERER'], '/', 9);
         if ($pos !== false) {
             $domain = substr($_SERVER['HTTP_REFERER'], 0, $pos);
             $path = substr($_SERVER['HTTP_REFERER'], $pos);
             /* 来源关键字 */
             if (!empty($domain) && !empty($path)) {
                 save_searchengine_keyword($domain, $path);
             }
         } else {
             $domain = $path = '';
         }
     } else {
         $domain = $path = '';
     }
     $sql = 'INSERT INTO ' . $this->pre . 'stats ( ' . 'ip_address, visit_times, browser, system, language, area, ' . 'referer_domain, referer_path, access_url, access_time' . ') VALUES (' . "'{$ip}', '{$visit_times}', '{$browser}', '{$os}', '{$lang}', '{$area}', " . "'" . addslashes($domain) . "', '" . addslashes($path) . "', '" . addslashes(PHP_SELF) . "', '" . $time . "')";
     $this->query($sql);
 }
Exemple #16
0
 public function logaddAction()
 {
     $logdetail = reqstr('logdetail', '');
     $ipcno = reqstr('ipcno', '');
     if (!$logdetail) {
         return array('code' => -1);
     }
     if (!$ipcno) {
         return array('code' => -2);
     }
     $data = array('logdetail' => $logdetail, 'ctime' => time(), 'cip' => real_ip(), 'user' => $this->cur_user['realname'], 'ipcno' => $ipcno);
     $m = new Psys_IpcModel();
     $res = $m->AddOne($data, 'rha_ipclog');
     if ($res > 0) {
         $data['id'] = $res;
         $data['ctime'] = date('Y-m-d H:i:S', $data['ctime']);
         return array('code' => 1, 'data' => $data);
     } else {
         return array('code' => 0);
     }
 }
 function MemcacheSession($memcache_server, $session_name = 'ECM_ID')
 {
     // Create memcache object
     if ($this->_memcache === null) {
         $this->_memcache = new Memcache();
     }
     list($host, $port) = explode(':', $memcache_server);
     $this->_memcache->connect($host, $port);
     session_set_save_handler(array(&$this, "_sess_open"), array(&$this, "_sess_close"), array(&$this, "_sess_read"), array(&$this, "_sess_write"), array(&$this, "_sess_destroy"), array(&$this, "_sess_gc"));
     register_shutdown_function('session_write_close');
     $this->max_life_time = defined('SESSION_LIFE_TIME') ? SESSION_LIFE_TIME : 1440;
     $this->session_cookie_path = COOKIE_PATH;
     $this->session_cookie_domain = COOKIE_DOMAIN;
     //如果开启二级域名,且未设置COOKIE作用域,则缺省为上级域
     if (defined('ENABLED_SUBDOMAIN') && ENABLED_SUBDOMAIN && !COOKIE_DOMAIN) {
         $tmp_arr = parse_url(SITE_URL);
         if (count(explode('.', $tmp_arr['host'])) > 2) {
             $cookie_domain = substr($tmp_arr['host'], strpos($tmp_arr['host'], '.'));
         } else {
             // 形如mzmall.com这样的域名
             $cookie_domain = '.' . $tmp_arr['host'];
         }
         $this->session_cookie_domain = $cookie_domain;
     }
     $this->session_cookie_secure = false;
     $this->session_name = $session_name;
     $this->gmtime = gmtime();
     $this->_ip = real_ip();
     /*处理session id*/
     if ($session_id == '' && !empty($_COOKIE[$this->session_name])) {
         $this->session_id = $_COOKIE[$this->session_name];
     } else {
         $this->session_id = $session_id;
     }
     if ($this->session_id) {
         $tmp_session_id = substr($this->session_id, 0, 32);
         if ($this->gen_session_key($tmp_session_id) == substr($this->session_id, 32)) {
             $this->session_id = $tmp_session_id;
         } else {
             $this->session_id = '';
         }
     }
     if (!$this->session_id) {
         $this->gen_session_id();
         session_id($this->session_id . $this->gen_session_key($this->session_id));
         /*setcookie($this->session_name, $this->session_id . $this->gen_session_key($this->session_id), 0,
           $this->session_cookie_path, $this->session_cookie_domain, $this->session_cookie_secure);*/
     }
 }
Exemple #18
0
/**
 * 添加评论内容
 *
 * @access  public
 * @param   object  $cmt
 * @return  void
 */
function add_comment($cmt)
{
    /* 评论是否需要审核 */
    $status = 1 - $GLOBALS['_CFG']['comment_check'];
    $user_id = empty($_SESSION['user_id']) ? 0 : $_SESSION['user_id'];
    $email = empty($cmt->email) ? $_SESSION['email'] : trim($cmt->email);
    $user_name = empty($cmt->username) ? $_SESSION['user_name'] : '';
    $email = htmlspecialchars($email);
    $user_name = htmlspecialchars($user_name);
    /* 保存评论内容 */
    $sql = "INSERT INTO " . $GLOBALS['ecs']->table('comment') . "(comment_type, id_value, email, user_name, content, comment_rank, add_time, ip_address, status, parent_id, user_id) VALUES " . "('" . $cmt->type . "', '" . $cmt->id . "', '{$email}', '{$user_name}', '" . $cmt->content . "', '" . $cmt->rank . "', " . gmtime() . ", '" . real_ip() . "', '{$status}', '0', '{$user_id}')";
    $result = $GLOBALS['db']->query($sql);
    $goods_id = $cmt->id;
    $sql = "SELECT COUNT(*) FROM " . $GLOBALS['ecs']->table('comment') . " WHERE id_value = '{$goods_id}' AND comment_type = 0 AND status = 1 AND parent_id = 0 ";
    $count = $GLOBALS['db']->getOne($sql);
    if (empty($count)) {
        $count = 0;
    }
    $sql = "UPDATE " . $GLOBALS['ecs']->table('goods') . " SET comments_number = '{$count}' WHERE goods_id = '{$goods_id}'";
    $GLOBALS['db']->query($sql);
    clear_cache_files();
    //clear_cache_files('comments_list.lbi');
    /*if ($status > 0)
      {
          add_feed($GLOBALS['db']->insert_id(), COMMENT_GOODS);
      }*/
    return $result;
}
Exemple #19
0
} elseif ($_REQUEST['act'] == 'add') {
    /* 权限判断 */
    admin_priv('stock_out_type');
    $smarty->assign('ur_here', "添加出库类型");
    $smarty->assign('action_link', array('text' => "出库类型列表", 'href' => 'stock_out_type.php?act=list'));
    $smarty->assign('form_action', 'insert');
    assign_query_info();
    $smarty->display('stock_out_type_info.htm');
} elseif ($_REQUEST['act'] == 'insert') {
    /* 权限判断 */
    admin_priv('stock_out_type');
    $remarks = $_POST['remarks'];
    $add_time = gmtime();
    $user_id = $_SESSION[admin_id];
    $admin_agency_id = admin_agency_id();
    $ip_addr = real_ip();
    $sql = "INSERT INTO " . $ecs->table('stock_out_type') . "(remarks, add_time, user_id, if_delete, ip_addr, admin_agency_id ) " . "VALUES ('{$remarks}', '{$add_time}', '{$user_id}', '0', '{$ip_addr}', '{$admin_agency_id}')";
    $db->query($sql);
    clear_cache_files();
    // 清除相关的缓存文件
    $link[0]['text'] = "操作成功";
    $link[0]['href'] = 'stock_out_type.php?act=list';
    sys_msg("出库类型添加操作成功", 0, $link);
} elseif ($_REQUEST['act'] == 'query') {
    check_authz_json('stock_out_type');
    $type_list = get_typelist();
    /*判断代理商或管理员*/
    if (if_agency()) {
        $smarty->assign('if_agency', if_agency());
    }
    $smarty->assign('type_list', $type_list['arr']);
Exemple #20
0
 function add_user($username, $password, $email)
 {
     /* 检测用户名 */
     if ($this->check_user($username)) {
         $this->error = ERR_USERNAME_EXISTS;
         return false;
     }
     $uid = uc_call("uc_user_register", array($username, $password, $email));
     if ($uid <= 0) {
         if ($uid == -1) {
             $this->error = ERR_INVALID_USERNAME;
             return false;
         } elseif ($uid == -2) {
             $this->error = ERR_USERNAME_NOT_ALLOW;
             return false;
         } elseif ($uid == -3) {
             $this->error = ERR_USERNAME_EXISTS;
             return false;
         } elseif ($uid == -4) {
             $this->error = ERR_INVALID_EMAIL;
             return false;
         } elseif ($uid == -5) {
             $this->error = ERR_EMAIL_NOT_ALLOW;
             return false;
         } elseif ($uid == -6) {
             $this->error = ERR_EMAIL_EXISTS;
             return false;
         } else {
             return false;
         }
     } else {
         //注册成功,插入用户表
         $reg_date = time();
         $ip = real_ip();
         $password = $this->compile_password(array('password' => $password));
         $this->db->query('INSERT INTO ' . $GLOBALS['ecs']->table("users") . "(`user_id`, `email`, `user_name`, `password`, `reg_time`, `last_login`, `last_ip`) VALUES ('{$uid}', '{$email}', '{$username}', '{$password}', '{$reg_date}', '{$reg_date}', '{$ip}')");
         return true;
     }
 }
Exemple #21
0
 * ============================================================================
 * $Author: liubo $
 * $Id: vote.php 17217 2011-01-19 06:29:08Z liubo $
*/
define('IN_ECS', true);
require dirname(__FILE__) . '/includes/init.php';
require ROOT_PATH . 'includes/cls_json.php';
if (!isset($_REQUEST['vote']) || !isset($_REQUEST['options']) || !isset($_REQUEST['type'])) {
    ecs_header("Location: ./\n");
    exit;
}
$res = array('error' => 0, 'message' => '', 'content' => '');
$vote_id = intval($_POST['vote']);
$options = trim($_POST['options']);
$type = intval($_POST['type']);
$ip_address = real_ip();
if (vote_already_submited($vote_id, $ip_address)) {
    $res['error'] = 1;
    $res['message'] = $_LANG['vote_ip_same'];
} else {
    save_vote($vote_id, $ip_address, $options);
    $vote = get_vote($vote_id);
    if (!empty($vote)) {
        $smarty->assign('vote_id', $vote['id']);
        $smarty->assign('vote', $vote['content']);
    }
    $str = $smarty->fetch("library/vote.lbi");
    $pattern = '/(?:<(\\w+)[^>]*> .*?)?<div\\s+id="ECS_VOTE">(.*)<\\/div>(?:.*?<\\/\\1>)?/is';
    if (preg_match($pattern, $str, $match)) {
        $res['content'] = $match[2];
    }
Exemple #22
0
/**
 * 添加评论内容.
 *
 * @param object $cmt
 */
function add_comment($cmt)
{
    /* 评论是否需要审核 */
    $status = 1 - $GLOBALS['_CFG']['comment_check'];
    $user_id = empty($_SESSION['user_id']) ? 0 : $_SESSION['user_id'];
    $email = empty($cmt->email) ? $_SESSION['email'] : trim($cmt->email);
    $user_name = empty($cmt->username) ? $_SESSION['user_name'] : '';
    $email = htmlspecialchars($email);
    $user_name = htmlspecialchars($user_name);
    /* 保存评论内容 */
    $sql = 'INSERT INTO ' . $GLOBALS['ecs']->table('comment') . '(comment_type, id_value, email, user_name, content, comment_rank, add_time, ip_address, status, parent_id, user_id) VALUES ' . "('" . $cmt->type . "', '" . $cmt->id . "', '{$email}', '{$user_name}', '" . $cmt->content . "', '" . $cmt->rank . "', " . gmtime() . ", '" . real_ip() . "', '{$status}', '0', '{$user_id}')";
    $result = $GLOBALS['db']->query($sql);
    clear_cache_files('comments_list.lbi');
    /*if ($status > 0)
      {
          add_feed($GLOBALS['db']->insert_id(), COMMENT_GOODS);
      }*/
    return $result;
}
Exemple #23
0
    if ($return_id == "") {
        $sql = "INSERT INTO " . $GLOBALS['ecs']->table('stock_control') . " (goods_id, goods_name, log_time, goods_number, costing_price )  VALUES ('" . $goods_id . "', '" . $goods_name . "', '" . gmtime() . "', '" . $goods_number . "' , '" . $costing_price . "')";
        $GLOBALS['db']->query($sql);
        $stock_control_id = $GLOBALS['db']->insert_id();
        //返回stock_stock_control 所产生的最新的id
    } else {
        $goods_number_new = $return_goods_number + $goods_number;
        $GLOBALS['db']->query("UPDATE " . $ecs->table('stock_control') . " SET log_time = '" . gmtime() . "', goods_number = '" . $goods_number_new . "' WHERE id='{$return_id}'");
        $stock_control_id = $return_id;
    }
    $stock_type = 1;
    //商品入库处理, 默认为 1(增加)  -1(减少)
    $stock_status = 1;
    //1:添加入库产品,2:发货时候库存减少状态,3:库存不够的时候,4 退货的时候库存会增加状态)
    //写入相关的入库数据记录
    $sql_log = "INSERT INTO " . $GLOBALS['ecs']->table('stock_control_log') . " (stock_id, goods_name, log_time, goods_number, stock_type, costing_price, stock_number, stock_status, stock_note, ip_address )  VALUES ('" . $stock_control_id . "', '" . $goods_name . "', '" . gmtime() . "', '" . $goods_number . "', '" . $stock_type . "', '" . $costing_price . "' , '" . $stock_number . "' , '" . $stock_status . "', '" . real_ip() . "','" . real_ip() . "')";
    $GLOBALS['db']->query($sql_log);
    //入库成功之后, 商品的总的库存数量也要相应的增加
    $goods_number_old = $GLOBALS['db']->getOne("SELECT goods_number FROM " . $GLOBALS['ecs']->table('goods') . " WHERE goods_id = {$goods_id} ");
    $goods_num = $goods_number_old + $goods_number;
    if (update_goods($goods_id, 'goods_number', $goods_num)) {
        //记录日志
        //admin_log($goods_id, 'update', 'goods');
    }
    /* 显示商品信息页面 */
    assign_query_info();
    $link[0]['text'] = $_LANG['add_success_message'];
    $link[0]['href'] = 'goods_stock_control.php?act=list';
    clear_cache_files();
    sys_msg($goods_name . $_LANG['succed_message'], 0, $link);
}
 function _do_login($user_id)
 {
     $mod_user =& m('member');
     $user_info = $mod_user->get(array('conditions' => "user_id = '{$user_id}'", 'join' => 'has_store', 'fields' => 'user_id, user_name, reg_time, last_login, last_ip, store_id'));
     /* 店铺ID */
     $my_store = empty($user_info['store_id']) ? 0 : $user_info['store_id'];
     /* 保证基础数据整洁 */
     unset($user_info['store_id']);
     /* 分派身份 */
     $this->visitor->assign($user_info);
     /* 更新用户登录信息 */
     $mod_user->edit("user_id = '{$user_id}'", "last_login = '******', last_ip = '" . real_ip() . "', logins = logins + 1");
     /* 更新购物车中的数据 */
     $mod_cart =& m('cart');
     $mod_cart->edit("(user_id = '{$user_id}' OR session_id = '" . SESS_ID . "') AND store_id <> '{$my_store}'", array('user_id' => $user_id, 'session_id' => SESS_ID));
     /* 去掉重复的项 */
     $cart_items = $mod_cart->find(array('conditions' => "user_id='{$user_id}' GROUP BY spec_id", 'fields' => 'COUNT(spec_id) as spec_count, spec_id, rec_id'));
     if (!empty($cart_items)) {
         foreach ($cart_items as $rec_id => $cart_item) {
             if ($cart_item['spec_count'] > 1) {
                 $mod_cart->drop("user_id='{$user_id}' AND spec_id='{$cart_item['spec_id']}' AND rec_id <> {$cart_item['rec_id']}");
             }
         }
     }
 }
Exemple #25
0
 /**
  * 新闻数据同步
  */
 public function synclAction()
 {
     $configPath = dirname(dirname(dirname(dirname(__FILE__)))) . '/configs/server_config.php';
     require $configPath;
     //从配置文件中获取允许同步IP
     $ip = array("171.221.199.56", "112.193.220.232");
     //获取当前IP
     $curIp = real_ip();
     if (in_array($curIp, $ip)) {
         //同步rhi_idc-rht_train
         global $G_X;
         $model = new Psys_NewsModel();
         $servicer = $G_X['appkey'];
         $data = $model->getSyncList($servicer);
         foreach ($data as $news) {
             unset($news['servicer']);
             $where = array('id' => $news['id']);
             $field = 'id';
             $one = $model->GetSyncOne($where, $field);
             if ($one) {
                 $updateR = $model->UpdateSyncOne($news, $where);
                 if ($updateR !== false) {
                     $field = "servicer";
                     $result = $model->GetOne($where, $field);
                     $server = $result['servicer'];
                     $server = $server ? $server . ',' . $servicer : $servicer;
                     $updateData = array('servicer' => $server);
                     $model->UpdateOne($updateData, $where);
                 }
             } else {
                 $insertR = $model->AddSyncOne($news);
                 if ($insertR !== false) {
                     $field = "servicer";
                     $result = $model->GetOne($where, $field);
                     $server = $result['servicer'];
                     $server = $server ? $server . ',' . $servicer : $servicer;
                     $updateData = array('servicer' => $server);
                     $model->UpdateOne($updateData, $where);
                 }
             }
         }
         $host = reqstr('host', '');
         $data = array();
         $url = $host . '/news_and_ads.php?act=news';
         $return = http_post_array($url, $data);
         return $return['msg'];
     } else {
         return array('result' => 'ERROR', 'msg' => '不可允许IP同步!');
     }
 }
Exemple #26
0
}
if (@$_GET['act'] == 'comment') {
    $status = 1 - $GLOBALS['_CFG']['comment_check'];
    $id_value = $_GET['g_id'];
    $user_id = empty($_SESSION['user_id']) ? 0 : $_SESSION['user_id'];
    @($email = htmlspecialchars($_POST['email']));
    $user_name = $_SESSION['user_name'] ? $_SESSION['user_name'] : '匿名用户';
    $user_name = htmlspecialchars($user_name);
    $rank = $_POST['comment_rank'];
    $content = $_POST['content'];
    $type = '0';
    if ($content == '') {
        $smarty->assign('info', '评论内容不可以为空!');
    } else {
        /* 保存评论内容 */
        $sql = "INSERT INTO " . $GLOBALS['ecs']->table('comment') . "(comment_type, id_value, email, user_name, content, comment_rank, add_time, ip_address, status, parent_id, user_id) VALUES " . "('" . $type . "', '" . $id_value . "', '{$email}', '{$user_name}', '" . $content . "', '" . $rank . "', " . gmtime() . ", '" . real_ip() . "', '{$status}', '0', '{$user_id}')";
        $result = $GLOBALS['db']->query($sql);
        if ($result) {
            if ($GLOBALS['_CFG']['comment_check'] == 1) {
                $smarty->assign('info', '您的评论已成功发表, 请等待管理员的审核!');
            } else {
                $smarty->assign('info', '您的评论已成功发表, 感谢您的参与!');
            }
        }
    }
    $smarty->assign('footer', get_footer());
    $smarty->display('comment_success.dwt');
} else {
    /* 读取商品信息 */
    $_LANG['kilogram'] = '千克';
    $_LANG['gram'] = '克';
Exemple #27
0
         // 没有找到这个记录
         setcookie($_COOKIE['ECSCP']['admin_id'], '', 1);
         setcookie($_COOKIE['ECSCP']['admin_pass'], '', 1);
         if (!empty($_REQUEST['is_ajax'])) {
             make_json_error($_LANG['priv_error']);
         } else {
             ecs_header("Location: privilege.php?act=login\n");
         }
         exit;
     } else {
         // 检查密码是否正确
         if (md5($row['password'] . $_CFG['hash_code']) == $_COOKIE['ECSCP']['admin_pass']) {
             !isset($row['last_time']) && ($row['last_time'] = '');
             set_admin_session($row['user_id'], $row['user_name'], $row['action_list'], $row['last_time']);
             // 更新最后登录时间和IP
             $db->query('UPDATE ' . $ecs->table('admin_user') . " SET last_login = '******', last_ip = '" . real_ip() . "'" . " WHERE user_id = '" . $_SESSION['admin_id'] . "'");
         } else {
             setcookie($_COOKIE['ECSCP']['admin_id'], '', 1);
             setcookie($_COOKIE['ECSCP']['admin_pass'], '', 1);
             if (!empty($_REQUEST['is_ajax'])) {
                 make_json_error($_LANG['priv_error']);
             } else {
                 ecs_header("Location: privilege.php?act=login\n");
             }
             exit;
         }
     }
 } else {
     if (!empty($_REQUEST['is_ajax'])) {
         make_json_error($_LANG['priv_error']);
     } else {
Exemple #28
0
    $smarty->assign('id_value', $id_value);
    //评论的对象
    $smarty->assign('send_fail', !empty($_REQUEST['send_ok']));
    $smarty->assign('ur_here', $_LANG['comment_info']);
    $smarty->assign('action_link', array('text' => $_LANG['05_comment_manage'], 'href' => 'comment_manage.php?act=list'));
    /* 页面显示 */
    assign_query_info();
    $smarty->display('comment_info.htm');
}
/*------------------------------------------------------ */
//-- 处理 回复用户评论
/*------------------------------------------------------ */
if ($_REQUEST['act'] == 'action') {
    admin_priv('comment_priv');
    /* 获取IP地址 */
    $ip = real_ip();
    /* 获得评论是否有回复 */
    $sql = "SELECT comment_id, content, parent_id FROM " . $ecs->table('comment') . " WHERE parent_id = '{$_REQUEST['comment_id']}'";
    $reply_info = $db->getRow($sql);
    if (!empty($reply_info['content'])) {
        /* 更新回复的内容 */
        $sql = "UPDATE " . $ecs->table('comment') . " SET " . "email     = '{$_POST['email']}', " . "user_name = '{$_POST['user_name']}', " . "content   = '{$_POST['content']}', " . "add_time  =  '" . gmtime() . "', " . "ip_address= '{$ip}', " . "status    = 0" . " WHERE comment_id = '" . $reply_info['comment_id'] . "'";
    } else {
        /* 插入回复的评论内容 */
        $sql = "INSERT INTO " . $ecs->table('comment') . " (comment_type, id_value, email, user_name , " . "content, add_time, ip_address, status, parent_id) " . "VALUES('{$_POST['comment_type']}', '{$_POST['id_value']}','{$_POST['email']}', " . "'{$_SESSION['admin_name']}','{$_POST['content']}','" . gmtime() . "', '{$ip}', '0', '{$_POST['comment_id']}')";
    }
    $db->query($sql);
    /* 更新当前的评论状态为已回复并且可以显示此条评论 */
    $sql = "UPDATE " . $ecs->table('comment') . " SET status = 1 WHERE comment_id = '{$_POST['comment_id']}'";
    $db->query($sql);
    /* 邮件通知处理流程 */
Exemple #29
0
function action_get_verify_code()
{
    $user = $GLOBALS['user'];
    $_CFG = $GLOBALS['_CFG'];
    $_LANG = $GLOBALS['_LANG'];
    $smarty = $GLOBALS['smarty'];
    $db = $GLOBALS['db'];
    $ecs = $GLOBALS['ecs'];
    $user_id = $_SESSION['user_id'];
    include_once 'includes/cls_json.php';
    require dirname(__FILE__) . '/send.php';
    $json = new JSON();
    $result = array();
    $phone = trim($_REQUEST['phone']);
    $sql = 'SELECT COUNT(*) FROM ' . $GLOBALS['ecs']->table('users') . ' WHERE `user_id` = \'' . $user_id . '\' AND `mobile_phone` = \'' . $phone . '\'';
    $count = $GLOBALS['db']->getOne($sql);
    if ($count == 0) {
        $result['result'] = 'fail';
        $result['message'] = '手机号跟用户不匹配';
        echo $json->encode($result);
    } else {
        $seed = "0123456789";
        $verifycode = mc_random(6, $seed);
        $content = '您的验证码为' . $verifycode;
        $ret = sendSMS($phone, $content);
        $sql = 'INSERT INTO ' . $ecs->table('verifycode') . '(`mobile`, `getip`, `verifycode`, `dateline`) VALUES (\'' . $phone . '\',\'' . real_ip() . '\',\'' . $verifycode . '\',\'' . gmtime() . '\')';
        $db->query($sql);
        if ($ret == '发送成功!' && $db->affected_rows() == 1) {
            $result['result'] = 'success';
            $result['message'] = '短信发送成功';
            echo $json->encode($result);
        } else {
            $result['result'] = 'fail';
            $result['message'] = '短信发送失败!';
            echo $json->encode($result);
        }
    }
}
Exemple #30
0
/**
 * 添加评论内容
 *
 * @access  public
 * @param   object  $cmt
 * @return  void
 */
function zy_add_comment($id,$user_id,$email,$user_name,$content,$rank)
{
    /* 评论是否需要审核 */
    $status = 1 - $GLOBALS['_CFG']['comment_check'];
    $type = 0;
    /* 保存评论内容 */
    $sql = "INSERT INTO " .$GLOBALS['ecs']->table('comment') .
           "(comment_type, id_value, email, user_name, content, comment_rank, add_time, ip_address, status, parent_id, user_id) VALUES " .
           "('" .$type. "', '" .$id. "', '$email', '$user_name', '" .$content."', '".$rank."', ".gmtime().", '".real_ip()."', '$status', '0', '$user_id')";
    
    $result = $GLOBALS['db']->query($sql);

    return $result;
}