function sendsms($mobile, $content)
{
$log = date('Y-m-d H:i:s', time()) . " | " . real_ip() . " | " . $mobile . " | " . $content . "\r\n";
file_put_contents(dirname(dirname(__FILE__)) . "/sms_log_" . $GLOBALS['_CFG']['ihuyi_sms_user_name'] . ".log", $log, FILE_APPEND);
//配置信息
$target = "http://106.ihuyi.cn/webservice/sms.php?method=Submit";
//替换成自己的测试账号,参数顺序和wenservice对应
$post_data = "account=" . $GLOBALS['_CFG']['ihuyi_sms_user_name'] . "&password="******"&md5=1&mobile=" . $mobile . "&content=" . urlencode($content);
$gets = '<?xml version="1.0" encoding="utf-8"?>
<SubmitResult xmlns="http://106.ihuyi.cn/">
<code>2</code>
<msg>提交成功</msg>
<smsid>67472311</smsid>
</SubmitResult>';
if ($GLOBALS['_CFG']['ihuyi_sms_debug'] == 0) {
$gets = ihuyi_Post($post_data, $target);
}
$gets_arr = xml_to_array($gets);
file_put_contents(dirname(dirname(__FILE__)) . "/sms_log_" . $GLOBALS['_CFG']['ihuyi_sms_user_name'] . ".log", '发送状态:' . $gets_arr['SubmitResult']['msg'] . "\r\n", FILE_APPEND);
if ($gets_arr['SubmitResult']['code'] == 2) {
return true;
} else {
return $gets_arr['SubmitResult']['msg'];
}
}
public static function info($msg, $ecode, $etype, $uid, $schoolid, $requrl, array $param)
{
global $G_X;
if ($requrl == '') {
$requrl = $_SERVER['REQUEST_URI'];
}
if (!$param || count($param) < 1) {
$param = $_REQUEST;
}
$Update = array();
$Update['eventtime'] = time();
$Update['eventtype'] = $etype;
$Update['schoolid'] = $schoolid;
$Update['eventdesc'] = $msg;
$Update['message'] = print_r($param, true);
$Update['userid'] = $uid;
$Update['requesturl'] = $requrl;
$Update['code'] = $ecode;
$Update['detailcode'] = $G_X['events'][$etype][$ecode];
$ip = real_ip();
if ($ip == 'unknown') {
$ip = "192.168.0.1";
}
$Update['ip'] = ip2long($ip);
require_once PUBLIB_PATH . 'database/DbFactory.php';
$db = DbFactory::Create();
$id = $db->Insert(self::$tbname, $Update, true);
}
public function contact_us($data)
{
$this->db->set('date_on', 'NOW()', FALSE);
$this->db->set('ip_address', real_ip());
$this->db->insert('contact', $data);
return $this->db->insert_id();
}
/**
* 记录管理员的操作内容
*
* @access public
* @param string $sn 数据的唯一值
* @param string $action 操作的类型
* @param string $content 操作的内容
* @param string $log_info 直接插入操作的内容
* @return void
*/
function admin_log($sn = '', $action, $content, $log_info = '')
{
if (!$log_info) {
$log_info = $GLOBALS['_LANG']['log_action'][$action] . $GLOBALS['_LANG']['log_action'][$content] . ': ' . addslashes($sn);
}
$sql = 'INSERT INTO ' . $GLOBALS['ecs']->table('admin_log') . ' (log_time, user_id, log_info, ip_address) ' . " VALUES ('" . gmtime() . "', {$_SESSION['admin_id']}, '" . stripslashes($log_info) . "', '" . real_ip() . "')";
$GLOBALS['db']->query($sql);
}
/**
* 检查手机验证码
*
* @access public
* @param string $mobile 手机号
* @param string $verifycode 手机验证码
* @param string $act 绑定类型
*
* @return bool $bool
*/
function check_sms_verifycode($mobile, $verifycode, $act = SMS_REGISTER)
{
global $db, $ecs, $_CFG;
$ip = real_ip();
$expire = gmtime() - intval($_CFG['ecsdxt_sms_validtime']);
//验证码10分钟内有效
$SQL = "SELECT COUNT(id) FROM " . $ecs->table('verifycode') . " WHERE mobile='{$mobile}' AND verifycode='{$verifycode}' AND getip='{$ip}' AND status=1 AND `type`={$act} AND dateline>={$expire}";
return $db->getOne($SQL) > 0;
}
function phoxy_conf()
{
$ret = phoxy_default_conf();
global $_SERVER;
$ret["ip"] = real_ip();
$ret['adminip'] = false;
$ret['api_xss_prevent'] = PRODUCTION;
if (!$ret['adminip']) {
ini_set('display_errors', 'Off');
}
return $ret;
}
function cls_session(&$db, $session_table, $session_data_table, $session_name = 'ECS_ID', $session_id = '')
{
$GLOBALS['_SESSION'] = array();
if (!empty($GLOBALS['cookie_path'])) {
$this->session_cookie_path = $GLOBALS['cookie_path'];
} else {
$this->session_cookie_path = '/';
}
if (!empty($GLOBALS['cookie_domain'])) {
$this->session_cookie_domain = $GLOBALS['cookie_domain'];
} else {
$this->session_cookie_domain = '';
}
if (!empty($GLOBALS['cookie_secure'])) {
$this->session_cookie_secure = $GLOBALS['cookie_secure'];
} else {
$this->session_cookie_secure = false;
}
$this->session_name = $session_name;
$this->session_table = $session_table;
$this->session_data_table = $session_data_table;
$this->db =& $db;
//$this->_ip = real_ip();以下代码解决登陆问题
if (isset($_COOKIE['real_ipd']) && !empty($_COOKIE['real_ipd'])) {
$this->_ip = $_COOKIE['real_ipd'];
} else {
$this->_ip = real_ip();
setcookie("real_ipd", $this->_ip, time() + 36000, $this->session_cookie_path);
}
if ($session_id == '' && !empty($_COOKIE[$this->session_name])) {
$this->session_id = $_COOKIE[$this->session_name];
} else {
$this->session_id = $session_id;
}
if ($this->session_id) {
$tmp_session_id = substr($this->session_id, 0, 32);
if ($this->gen_session_key($tmp_session_id) == substr($this->session_id, 32)) {
$this->session_id = $tmp_session_id;
} else {
$this->session_id = '';
}
}
$this->_time = time();
if ($this->session_id) {
$this->load_session();
} else {
$this->gen_session_id();
setcookie($this->session_name, $this->session_id . $this->gen_session_key($this->session_id), 0, $this->session_cookie_path, $this->session_cookie_domain, $this->session_cookie_secure);
}
register_shutdown_function(array(&$this, 'close_session'));
}
/**
* 更新用户SESSION,COOKIE及登录时间、登录次数。
*
* @access public
* @return void
*/
function update_user_info()
{
if (!$_SESSION['user_id']) {
return false;
}
/* 查询会员信息 */
$time = date('Y-m-d');
$sql = 'SELECT u.user_money,u.email, u.pay_points, u.user_rank, u.rank_points, ' . ' IFNULL(b.type_money, 0) AS user_bonus, u.last_login, u.last_ip' . ' FROM ' . $this->pre . 'users AS u ' . ' LEFT JOIN ' . $this->pre . 'user_bonus AS ub' . ' ON ub.user_id = u.user_id AND ub.used_time = 0 ' . ' LEFT JOIN ' . $this->pre . 'bonus_type AS b' . " ON b.type_id = ub.bonus_type_id AND b.use_start_date <= '{$time}' AND b.use_end_date >= '{$time}' " . " WHERE u.user_id = '{$_SESSION['user_id']}'";
if ($row = $this->row($sql)) {
/* 更新SESSION */
$_SESSION['last_time'] = $row['last_login'];
$_SESSION['last_ip'] = $row['last_ip'];
$_SESSION['login_fail'] = 0;
$_SESSION['email'] = $row['email'];
/* 判断是否是特殊等级,可能后台把特殊会员组更改普通会员组 */
if ($row['user_rank'] > 0) {
$sql = "SELECT special_rank from " . $this->pre . "user_rank where rank_id='{$row['user_rank']}'";
$res = $this->row($sql);
if ($res['special_rank'] === '0' || $res['special_rank'] === null) {
$sql = "update " . $this->pre . "users set user_rank='0' where user_id='{$_SESSION['user_id']}'";
$this->query($sql);
$row['user_rank'] = 0;
}
}
/* 取得用户等级和折扣 */
if ($row['user_rank'] == 0) {
// 非特殊等级,根据等级积分计算用户等级(注意:不包括特殊等级)
$sql = 'SELECT rank_id, discount FROM ' . $this->pre . "user_rank WHERE special_rank = '0' AND min_points <= " . intval($row['rank_points']) . ' AND max_points > ' . intval($row['rank_points']);
if ($row = $this->row($sql)) {
$_SESSION['user_rank'] = $row['rank_id'];
$_SESSION['discount'] = $row['discount'] / 100.0;
} else {
$_SESSION['user_rank'] = 0;
$_SESSION['discount'] = 1;
}
} else {
// 特殊等级
$sql = 'SELECT rank_id, discount FROM ' . $this->pre . "user_rank WHERE rank_id = '{$row['user_rank']}'";
if ($row = $this->row($sql)) {
$_SESSION['user_rank'] = $row['rank_id'];
$_SESSION['discount'] = $row['discount'] / 100.0;
} else {
$_SESSION['user_rank'] = 0;
$_SESSION['discount'] = 1;
}
}
}
/* 更新登录时间,登录次数及登录ip */
$sql = "UPDATE " . $this->pre . "users SET" . " visit_count = visit_count + 1, " . " last_ip = '" . real_ip() . "'," . " last_login = '******'" . " WHERE user_id = '" . $_SESSION['user_id'] . "'";
$this->query($sql);
}
function addtj()
{
global $ecs;
$domain = $ecs->get_domain();
$ip = real_ip();
//getIP();
$client = new soapclient68('http://api.68ecshop.com/record.php?wsdl', true);
$client->soap_defencoding = 'UTF-8';
$client->decode_utf8 = false;
$client->xml_encoding = 'UTF-8';
//参数转为数组形式传递
$paras = array('domain' => $domain, 'ip' => $ip);
//目标方法没有参数时,可省略后面的参数
$result = $client->call('addTongji', $paras);
}
/**
* 执行登陆操作
* 这个函数要跟 frontend.base.php 中的 _do_login 保持一致
*/
function _do_login($user_id)
{
$mod_user =& m('member');
$user_info = $mod_user->get(array('conditions' => "user_id = '{$user_id}'", 'join' => 'has_store', 'fields' => 'user_id, user_name, reg_time, last_login, last_ip, store_id'));
/* 店铺ID */
$my_store = empty($user_info['store_id']) ? 0 : $user_info['store_id'];
/* 保证基础数据整洁 */
unset($user_info['store_id']);
/* 分派身份 */
$this->visitor->assign($user_info);
/* 更新用户登录信息 */
$mod_user->edit("user_id = '{$user_id}'", "last_login = '******', last_ip = '" . real_ip() . "', logins = logins + 1");
/* 更新购物车中的数据 */
$mod_cart =& m('cart');
$mod_cart->edit("(user_id = '{$user_id}' OR session_id = '" . SESS_ID . "') AND store_id <> '{$my_store}'", array('user_id' => $user_id, 'session_id' => SESS_ID));
}
/**
* 执行登陆操作
*
* @param int $user_id
* @return bool
*/
function _do_login($user_id)
{
$mod_user =& m('member');
$user_info = $mod_user->get(array('conditions' => $user_id, 'join' => 'manage_mall', 'fields' => 'this.user_id, user_name, reg_time, last_login, last_ip, privs'));
if (!$user_info['privs']) {
$this->show_warning('not_admin');
return false;
}
/* 分派身份 */
$this->visitor->assign(array('user_id' => $user_info['user_id'], 'user_name' => $user_info['user_name'], 'reg_time' => $user_info['reg_time'], 'last_login' => $user_info['last_login'], 'last_ip' => $user_info['last_ip']));
/* 更新登录信息 */
$time = gmtime();
$ip = real_ip();
$mod_user->edit($user_id, "last_login = '******', last_ip='{$ip}', logins = logins + 1");
return true;
}
function cls_session(&$db, $session_table, $session_data_table, $session_name = 'ECS_ID', $session_id = '')
{
$GLOBALS['_SESSION'] = array();
if (!empty($GLOBALS['cookie_path'])) {
$this->session_cookie_path = $GLOBALS['cookie_path'];
} else {
$this->session_cookie_path = '/';
}
if (!empty($GLOBALS['cookie_domain'])) {
$this->session_cookie_domain = $GLOBALS['cookie_domain'];
} else {
$this->session_cookie_domain = '';
}
if (!empty($GLOBALS['cookie_secure'])) {
$this->session_cookie_secure = $GLOBALS['cookie_secure'];
} else {
$this->session_cookie_secure = false;
}
$this->session_name = $session_name;
$this->session_table = $session_table;
$this->session_data_table = $session_data_table;
$this->db =& $db;
$this->_ip = real_ip();
if ($session_id == '' && !empty($_COOKIE[$this->session_name])) {
$this->session_id = $_COOKIE[$this->session_name];
} else {
$this->session_id = $session_id;
}
if ($this->session_id) {
$tmp_session_id = substr($this->session_id, 0, 32);
if ($this->gen_session_key($tmp_session_id) == substr($this->session_id, 32)) {
$this->session_id = $tmp_session_id;
} else {
$this->session_id = '';
}
}
$this->_time = time();
if ($this->session_id) {
$this->load_session();
} else {
$this->gen_session_id();
setcookie($this->session_name, $this->session_id . $this->gen_session_key($this->session_id), time() + 86400 * 7, $this->session_cookie_path, $this->session_cookie_domain, $this->session_cookie_secure);
//代码修改 By www.68ecshop.com
}
register_shutdown_function(array(&$this, 'close_session'));
}
/**
* 构造函数
*
* @author weberliu
* @param object $db 数据库对象
* @param stirng $session_table 数据表名
* @param string $session_data_table 数据存储表名
* @param string $session_name session名称
* @param string $session_id session_id
* @return void
*/
function SessionProcessor(&$db, $session_table, $session_data_table, $session_name = 'ECM_ID', $session_id = '')
{
session_set_save_handler(array(&$this, "_sess_open"), array(&$this, "_sess_close"), array(&$this, "_sess_read"), array(&$this, "_sess_write"), array(&$this, "_sess_destroy"), array(&$this, "_sess_gc"));
$this->gmtime = gmtime();
$this->max_life_time = 1440;
$this->session_cookie_path = COOKIE_PATH;
$this->session_cookie_domain = COOKIE_DOMAIN;
//如果开启二级域名,且未设置COOKIE作用域,则缺省为上级域
if (defined('ENABLED_SUBDOMAIN') && ENABLED_SUBDOMAIN && !COOKIE_DOMAIN) {
$tmp_arr = parse_url(SITE_URL);
if (count(explode('.', $tmp_arr['host'])) > 2) {
$cookie_domain = substr($tmp_arr['host'], strpos($tmp_arr['host'], '.'));
} else {
// 形如ecmall.com这样的域名
$cookie_domain = '.' . $tmp_arr['host'];
}
$this->session_cookie_domain = $cookie_domain;
}
$this->session_cookie_secure = false;
$this->session_name = $session_name;
$this->session_table = $session_table;
$this->session_data_table = $session_data_table;
$this->db =& $db;
$this->_ip = real_ip();
/*处理session id*/
if ($session_id == '' && !empty($_COOKIE[$this->session_name])) {
$this->session_id = $_COOKIE[$this->session_name];
} else {
$this->session_id = $session_id;
}
if ($this->session_id) {
$tmp_session_id = substr($this->session_id, 0, 32);
if ($this->gen_session_key($tmp_session_id) == substr($this->session_id, 32)) {
$this->session_id = $tmp_session_id;
} else {
$this->session_id = '';
}
}
if (!$this->session_id) {
$this->gen_session_id();
session_id($this->session_id . $this->gen_session_key($this->session_id));
/*setcookie($this->session_name, $this->session_id . $this->gen_session_key($this->session_id), 0,
$this->session_cookie_path, $this->session_cookie_domain, $this->session_cookie_secure);*/
}
}
/**
* 写入日志,统计所需要
* @author Neil
*/
function WriteLog($return = '')
{
global $G_X;
session_start();
$int = real_ip() . "[|cut|]";
$int .= date('Y-m-d H:i:s', $_SERVER['REQUEST_TIME']) . "[|cut|]";
$int .= $G_X['appkey'] . "[|cut|]";
$int .= (session_id() ?: '-') . "[|cut|]";
$int .= $_SERVER['REQUEST_METHOD'] . "[|cut|]";
$int .= "record.php[|cut|]";
$int .= ($_SERVER['HTTP_REFERER'] ?: '-') . "[|cut|]";
$int .= ($_SERVER['QUERY_STRING'] ?: '-') . "[|cut|]";
$int .= $_SERVER['HTTP_USER_AGENT'] . "[|cut|]";
$int .= '-';
$int .= PHP_EOL;
$log = ERRLOG_PATH . 'm_wonaonao_record_' . date('H') . '.log';
error_log($int, 3, $log);
}
/**
* 统计访问信息
*
* @access public
* @return void
*/
function visit_stats()
{
if (C('visit_stats') == 'off') {
return;
}
$time = gmtime();
/* 检查客户端是否存在访问统计的cookie */
$visit_times = !empty($_COOKIE['ECS']['visit_times']) ? intval($_COOKIE['ECS']['visit_times']) + 1 : 1;
setcookie('ECS[visit_times]', $visit_times, $time + 86400 * 365, '/');
$browser = get_user_browser();
$os = get_os();
$ip = real_ip();
$area = ecs_geoip($ip);
/* 语言 */
if (!empty($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
$pos = strpos($_SERVER['HTTP_ACCEPT_LANGUAGE'], ';');
$lang = addslashes($pos !== false ? substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, $pos) : $_SERVER['HTTP_ACCEPT_LANGUAGE']);
} else {
$lang = '';
}
/* 来源 */
if (!empty($_SERVER['HTTP_REFERER']) && strlen($_SERVER['HTTP_REFERER']) > 9) {
$pos = strpos($_SERVER['HTTP_REFERER'], '/', 9);
if ($pos !== false) {
$domain = substr($_SERVER['HTTP_REFERER'], 0, $pos);
$path = substr($_SERVER['HTTP_REFERER'], $pos);
/* 来源关键字 */
if (!empty($domain) && !empty($path)) {
save_searchengine_keyword($domain, $path);
}
} else {
$domain = $path = '';
}
} else {
$domain = $path = '';
}
$sql = 'INSERT INTO ' . $this->pre . 'stats ( ' . 'ip_address, visit_times, browser, system, language, area, ' . 'referer_domain, referer_path, access_url, access_time' . ') VALUES (' . "'{$ip}', '{$visit_times}', '{$browser}', '{$os}', '{$lang}', '{$area}', " . "'" . addslashes($domain) . "', '" . addslashes($path) . "', '" . addslashes(PHP_SELF) . "', '" . $time . "')";
$this->query($sql);
}
public function logaddAction()
{
$logdetail = reqstr('logdetail', '');
$ipcno = reqstr('ipcno', '');
if (!$logdetail) {
return array('code' => -1);
}
if (!$ipcno) {
return array('code' => -2);
}
$data = array('logdetail' => $logdetail, 'ctime' => time(), 'cip' => real_ip(), 'user' => $this->cur_user['realname'], 'ipcno' => $ipcno);
$m = new Psys_IpcModel();
$res = $m->AddOne($data, 'rha_ipclog');
if ($res > 0) {
$data['id'] = $res;
$data['ctime'] = date('Y-m-d H:i:S', $data['ctime']);
return array('code' => 1, 'data' => $data);
} else {
return array('code' => 0);
}
}
function MemcacheSession($memcache_server, $session_name = 'ECM_ID')
{
// Create memcache object
if ($this->_memcache === null) {
$this->_memcache = new Memcache();
}
list($host, $port) = explode(':', $memcache_server);
$this->_memcache->connect($host, $port);
session_set_save_handler(array(&$this, "_sess_open"), array(&$this, "_sess_close"), array(&$this, "_sess_read"), array(&$this, "_sess_write"), array(&$this, "_sess_destroy"), array(&$this, "_sess_gc"));
register_shutdown_function('session_write_close');
$this->max_life_time = defined('SESSION_LIFE_TIME') ? SESSION_LIFE_TIME : 1440;
$this->session_cookie_path = COOKIE_PATH;
$this->session_cookie_domain = COOKIE_DOMAIN;
//如果开启二级域名,且未设置COOKIE作用域,则缺省为上级域
if (defined('ENABLED_SUBDOMAIN') && ENABLED_SUBDOMAIN && !COOKIE_DOMAIN) {
$tmp_arr = parse_url(SITE_URL);
if (count(explode('.', $tmp_arr['host'])) > 2) {
$cookie_domain = substr($tmp_arr['host'], strpos($tmp_arr['host'], '.'));
} else {
// 形如mzmall.com这样的域名
$cookie_domain = '.' . $tmp_arr['host'];
}
$this->session_cookie_domain = $cookie_domain;
}
$this->session_cookie_secure = false;
$this->session_name = $session_name;
$this->gmtime = gmtime();
$this->_ip = real_ip();
/*处理session id*/
if ($session_id == '' && !empty($_COOKIE[$this->session_name])) {
$this->session_id = $_COOKIE[$this->session_name];
} else {
$this->session_id = $session_id;
}
if ($this->session_id) {
$tmp_session_id = substr($this->session_id, 0, 32);
if ($this->gen_session_key($tmp_session_id) == substr($this->session_id, 32)) {
$this->session_id = $tmp_session_id;
} else {
$this->session_id = '';
}
}
if (!$this->session_id) {
$this->gen_session_id();
session_id($this->session_id . $this->gen_session_key($this->session_id));
/*setcookie($this->session_name, $this->session_id . $this->gen_session_key($this->session_id), 0,
$this->session_cookie_path, $this->session_cookie_domain, $this->session_cookie_secure);*/
}
}
/**
* 添加评论内容
*
* @access public
* @param object $cmt
* @return void
*/
function add_comment($cmt)
{
/* 评论是否需要审核 */
$status = 1 - $GLOBALS['_CFG']['comment_check'];
$user_id = empty($_SESSION['user_id']) ? 0 : $_SESSION['user_id'];
$email = empty($cmt->email) ? $_SESSION['email'] : trim($cmt->email);
$user_name = empty($cmt->username) ? $_SESSION['user_name'] : '';
$email = htmlspecialchars($email);
$user_name = htmlspecialchars($user_name);
/* 保存评论内容 */
$sql = "INSERT INTO " . $GLOBALS['ecs']->table('comment') . "(comment_type, id_value, email, user_name, content, comment_rank, add_time, ip_address, status, parent_id, user_id) VALUES " . "('" . $cmt->type . "', '" . $cmt->id . "', '{$email}', '{$user_name}', '" . $cmt->content . "', '" . $cmt->rank . "', " . gmtime() . ", '" . real_ip() . "', '{$status}', '0', '{$user_id}')";
$result = $GLOBALS['db']->query($sql);
$goods_id = $cmt->id;
$sql = "SELECT COUNT(*) FROM " . $GLOBALS['ecs']->table('comment') . " WHERE id_value = '{$goods_id}' AND comment_type = 0 AND status = 1 AND parent_id = 0 ";
$count = $GLOBALS['db']->getOne($sql);
if (empty($count)) {
$count = 0;
}
$sql = "UPDATE " . $GLOBALS['ecs']->table('goods') . " SET comments_number = '{$count}' WHERE goods_id = '{$goods_id}'";
$GLOBALS['db']->query($sql);
clear_cache_files();
//clear_cache_files('comments_list.lbi');
/*if ($status > 0)
{
add_feed($GLOBALS['db']->insert_id(), COMMENT_GOODS);
}*/
return $result;
}
} elseif ($_REQUEST['act'] == 'add') {
/* 权限判断 */
admin_priv('stock_out_type');
$smarty->assign('ur_here', "添加出库类型");
$smarty->assign('action_link', array('text' => "出库类型列表", 'href' => 'stock_out_type.php?act=list'));
$smarty->assign('form_action', 'insert');
assign_query_info();
$smarty->display('stock_out_type_info.htm');
} elseif ($_REQUEST['act'] == 'insert') {
/* 权限判断 */
admin_priv('stock_out_type');
$remarks = $_POST['remarks'];
$add_time = gmtime();
$user_id = $_SESSION[admin_id];
$admin_agency_id = admin_agency_id();
$ip_addr = real_ip();
$sql = "INSERT INTO " . $ecs->table('stock_out_type') . "(remarks, add_time, user_id, if_delete, ip_addr, admin_agency_id ) " . "VALUES ('{$remarks}', '{$add_time}', '{$user_id}', '0', '{$ip_addr}', '{$admin_agency_id}')";
$db->query($sql);
clear_cache_files();
// 清除相关的缓存文件
$link[0]['text'] = "操作成功";
$link[0]['href'] = 'stock_out_type.php?act=list';
sys_msg("出库类型添加操作成功", 0, $link);
} elseif ($_REQUEST['act'] == 'query') {
check_authz_json('stock_out_type');
$type_list = get_typelist();
/*判断代理商或管理员*/
if (if_agency()) {
$smarty->assign('if_agency', if_agency());
}
$smarty->assign('type_list', $type_list['arr']);
function add_user($username, $password, $email)
{
/* 检测用户名 */
if ($this->check_user($username)) {
$this->error = ERR_USERNAME_EXISTS;
return false;
}
$uid = uc_call("uc_user_register", array($username, $password, $email));
if ($uid <= 0) {
if ($uid == -1) {
$this->error = ERR_INVALID_USERNAME;
return false;
} elseif ($uid == -2) {
$this->error = ERR_USERNAME_NOT_ALLOW;
return false;
} elseif ($uid == -3) {
$this->error = ERR_USERNAME_EXISTS;
return false;
} elseif ($uid == -4) {
$this->error = ERR_INVALID_EMAIL;
return false;
} elseif ($uid == -5) {
$this->error = ERR_EMAIL_NOT_ALLOW;
return false;
} elseif ($uid == -6) {
$this->error = ERR_EMAIL_EXISTS;
return false;
} else {
return false;
}
} else {
//注册成功,插入用户表
$reg_date = time();
$ip = real_ip();
$password = $this->compile_password(array('password' => $password));
$this->db->query('INSERT INTO ' . $GLOBALS['ecs']->table("users") . "(`user_id`, `email`, `user_name`, `password`, `reg_time`, `last_login`, `last_ip`) VALUES ('{$uid}', '{$email}', '{$username}', '{$password}', '{$reg_date}', '{$reg_date}', '{$ip}')");
return true;
}
}
* ============================================================================
* $Author: liubo $
* $Id: vote.php 17217 2011-01-19 06:29:08Z liubo $
*/
define('IN_ECS', true);
require dirname(__FILE__) . '/includes/init.php';
require ROOT_PATH . 'includes/cls_json.php';
if (!isset($_REQUEST['vote']) || !isset($_REQUEST['options']) || !isset($_REQUEST['type'])) {
ecs_header("Location: ./\n");
exit;
}
$res = array('error' => 0, 'message' => '', 'content' => '');
$vote_id = intval($_POST['vote']);
$options = trim($_POST['options']);
$type = intval($_POST['type']);
$ip_address = real_ip();
if (vote_already_submited($vote_id, $ip_address)) {
$res['error'] = 1;
$res['message'] = $_LANG['vote_ip_same'];
} else {
save_vote($vote_id, $ip_address, $options);
$vote = get_vote($vote_id);
if (!empty($vote)) {
$smarty->assign('vote_id', $vote['id']);
$smarty->assign('vote', $vote['content']);
}
$str = $smarty->fetch("library/vote.lbi");
$pattern = '/(?:<(\\w+)[^>]*> .*?)?<div\\s+id="ECS_VOTE">(.*)<\\/div>(?:.*?<\\/\\1>)?/is';
if (preg_match($pattern, $str, $match)) {
$res['content'] = $match[2];
}
/**
* 添加评论内容.
*
* @param object $cmt
*/
function add_comment($cmt)
{
/* 评论是否需要审核 */
$status = 1 - $GLOBALS['_CFG']['comment_check'];
$user_id = empty($_SESSION['user_id']) ? 0 : $_SESSION['user_id'];
$email = empty($cmt->email) ? $_SESSION['email'] : trim($cmt->email);
$user_name = empty($cmt->username) ? $_SESSION['user_name'] : '';
$email = htmlspecialchars($email);
$user_name = htmlspecialchars($user_name);
/* 保存评论内容 */
$sql = 'INSERT INTO ' . $GLOBALS['ecs']->table('comment') . '(comment_type, id_value, email, user_name, content, comment_rank, add_time, ip_address, status, parent_id, user_id) VALUES ' . "('" . $cmt->type . "', '" . $cmt->id . "', '{$email}', '{$user_name}', '" . $cmt->content . "', '" . $cmt->rank . "', " . gmtime() . ", '" . real_ip() . "', '{$status}', '0', '{$user_id}')";
$result = $GLOBALS['db']->query($sql);
clear_cache_files('comments_list.lbi');
/*if ($status > 0)
{
add_feed($GLOBALS['db']->insert_id(), COMMENT_GOODS);
}*/
return $result;
}
if ($return_id == "") {
$sql = "INSERT INTO " . $GLOBALS['ecs']->table('stock_control') . " (goods_id, goods_name, log_time, goods_number, costing_price ) VALUES ('" . $goods_id . "', '" . $goods_name . "', '" . gmtime() . "', '" . $goods_number . "' , '" . $costing_price . "')";
$GLOBALS['db']->query($sql);
$stock_control_id = $GLOBALS['db']->insert_id();
//返回stock_stock_control 所产生的最新的id
} else {
$goods_number_new = $return_goods_number + $goods_number;
$GLOBALS['db']->query("UPDATE " . $ecs->table('stock_control') . " SET log_time = '" . gmtime() . "', goods_number = '" . $goods_number_new . "' WHERE id='{$return_id}'");
$stock_control_id = $return_id;
}
$stock_type = 1;
//商品入库处理, 默认为 1(增加) -1(减少)
$stock_status = 1;
//1:添加入库产品,2:发货时候库存减少状态,3:库存不够的时候,4 退货的时候库存会增加状态)
//写入相关的入库数据记录
$sql_log = "INSERT INTO " . $GLOBALS['ecs']->table('stock_control_log') . " (stock_id, goods_name, log_time, goods_number, stock_type, costing_price, stock_number, stock_status, stock_note, ip_address ) VALUES ('" . $stock_control_id . "', '" . $goods_name . "', '" . gmtime() . "', '" . $goods_number . "', '" . $stock_type . "', '" . $costing_price . "' , '" . $stock_number . "' , '" . $stock_status . "', '" . real_ip() . "','" . real_ip() . "')";
$GLOBALS['db']->query($sql_log);
//入库成功之后, 商品的总的库存数量也要相应的增加
$goods_number_old = $GLOBALS['db']->getOne("SELECT goods_number FROM " . $GLOBALS['ecs']->table('goods') . " WHERE goods_id = {$goods_id} ");
$goods_num = $goods_number_old + $goods_number;
if (update_goods($goods_id, 'goods_number', $goods_num)) {
//记录日志
//admin_log($goods_id, 'update', 'goods');
}
/* 显示商品信息页面 */
assign_query_info();
$link[0]['text'] = $_LANG['add_success_message'];
$link[0]['href'] = 'goods_stock_control.php?act=list';
clear_cache_files();
sys_msg($goods_name . $_LANG['succed_message'], 0, $link);
}
function _do_login($user_id)
{
$mod_user =& m('member');
$user_info = $mod_user->get(array('conditions' => "user_id = '{$user_id}'", 'join' => 'has_store', 'fields' => 'user_id, user_name, reg_time, last_login, last_ip, store_id'));
/* 店铺ID */
$my_store = empty($user_info['store_id']) ? 0 : $user_info['store_id'];
/* 保证基础数据整洁 */
unset($user_info['store_id']);
/* 分派身份 */
$this->visitor->assign($user_info);
/* 更新用户登录信息 */
$mod_user->edit("user_id = '{$user_id}'", "last_login = '******', last_ip = '" . real_ip() . "', logins = logins + 1");
/* 更新购物车中的数据 */
$mod_cart =& m('cart');
$mod_cart->edit("(user_id = '{$user_id}' OR session_id = '" . SESS_ID . "') AND store_id <> '{$my_store}'", array('user_id' => $user_id, 'session_id' => SESS_ID));
/* 去掉重复的项 */
$cart_items = $mod_cart->find(array('conditions' => "user_id='{$user_id}' GROUP BY spec_id", 'fields' => 'COUNT(spec_id) as spec_count, spec_id, rec_id'));
if (!empty($cart_items)) {
foreach ($cart_items as $rec_id => $cart_item) {
if ($cart_item['spec_count'] > 1) {
$mod_cart->drop("user_id='{$user_id}' AND spec_id='{$cart_item['spec_id']}' AND rec_id <> {$cart_item['rec_id']}");
}
}
}
}
/**
* 新闻数据同步
*/
public function synclAction()
{
$configPath = dirname(dirname(dirname(dirname(__FILE__)))) . '/configs/server_config.php';
require $configPath;
//从配置文件中获取允许同步IP
$ip = array("171.221.199.56", "112.193.220.232");
//获取当前IP
$curIp = real_ip();
if (in_array($curIp, $ip)) {
//同步rhi_idc-rht_train
global $G_X;
$model = new Psys_NewsModel();
$servicer = $G_X['appkey'];
$data = $model->getSyncList($servicer);
foreach ($data as $news) {
unset($news['servicer']);
$where = array('id' => $news['id']);
$field = 'id';
$one = $model->GetSyncOne($where, $field);
if ($one) {
$updateR = $model->UpdateSyncOne($news, $where);
if ($updateR !== false) {
$field = "servicer";
$result = $model->GetOne($where, $field);
$server = $result['servicer'];
$server = $server ? $server . ',' . $servicer : $servicer;
$updateData = array('servicer' => $server);
$model->UpdateOne($updateData, $where);
}
} else {
$insertR = $model->AddSyncOne($news);
if ($insertR !== false) {
$field = "servicer";
$result = $model->GetOne($where, $field);
$server = $result['servicer'];
$server = $server ? $server . ',' . $servicer : $servicer;
$updateData = array('servicer' => $server);
$model->UpdateOne($updateData, $where);
}
}
}
$host = reqstr('host', '');
$data = array();
$url = $host . '/news_and_ads.php?act=news';
$return = http_post_array($url, $data);
return $return['msg'];
} else {
return array('result' => 'ERROR', 'msg' => '不可允许IP同步!');
}
}
}
if (@$_GET['act'] == 'comment') {
$status = 1 - $GLOBALS['_CFG']['comment_check'];
$id_value = $_GET['g_id'];
$user_id = empty($_SESSION['user_id']) ? 0 : $_SESSION['user_id'];
@($email = htmlspecialchars($_POST['email']));
$user_name = $_SESSION['user_name'] ? $_SESSION['user_name'] : '匿名用户';
$user_name = htmlspecialchars($user_name);
$rank = $_POST['comment_rank'];
$content = $_POST['content'];
$type = '0';
if ($content == '') {
$smarty->assign('info', '评论内容不可以为空!');
} else {
/* 保存评论内容 */
$sql = "INSERT INTO " . $GLOBALS['ecs']->table('comment') . "(comment_type, id_value, email, user_name, content, comment_rank, add_time, ip_address, status, parent_id, user_id) VALUES " . "('" . $type . "', '" . $id_value . "', '{$email}', '{$user_name}', '" . $content . "', '" . $rank . "', " . gmtime() . ", '" . real_ip() . "', '{$status}', '0', '{$user_id}')";
$result = $GLOBALS['db']->query($sql);
if ($result) {
if ($GLOBALS['_CFG']['comment_check'] == 1) {
$smarty->assign('info', '您的评论已成功发表, 请等待管理员的审核!');
} else {
$smarty->assign('info', '您的评论已成功发表, 感谢您的参与!');
}
}
}
$smarty->assign('footer', get_footer());
$smarty->display('comment_success.dwt');
} else {
/* 读取商品信息 */
$_LANG['kilogram'] = '千克';
$_LANG['gram'] = '克';
// 没有找到这个记录
setcookie($_COOKIE['ECSCP']['admin_id'], '', 1);
setcookie($_COOKIE['ECSCP']['admin_pass'], '', 1);
if (!empty($_REQUEST['is_ajax'])) {
make_json_error($_LANG['priv_error']);
} else {
ecs_header("Location: privilege.php?act=login\n");
}
exit;
} else {
// 检查密码是否正确
if (md5($row['password'] . $_CFG['hash_code']) == $_COOKIE['ECSCP']['admin_pass']) {
!isset($row['last_time']) && ($row['last_time'] = '');
set_admin_session($row['user_id'], $row['user_name'], $row['action_list'], $row['last_time']);
// 更新最后登录时间和IP
$db->query('UPDATE ' . $ecs->table('admin_user') . " SET last_login = '******', last_ip = '" . real_ip() . "'" . " WHERE user_id = '" . $_SESSION['admin_id'] . "'");
} else {
setcookie($_COOKIE['ECSCP']['admin_id'], '', 1);
setcookie($_COOKIE['ECSCP']['admin_pass'], '', 1);
if (!empty($_REQUEST['is_ajax'])) {
make_json_error($_LANG['priv_error']);
} else {
ecs_header("Location: privilege.php?act=login\n");
}
exit;
}
}
} else {
if (!empty($_REQUEST['is_ajax'])) {
make_json_error($_LANG['priv_error']);
} else {
$smarty->assign('id_value', $id_value);
//评论的对象
$smarty->assign('send_fail', !empty($_REQUEST['send_ok']));
$smarty->assign('ur_here', $_LANG['comment_info']);
$smarty->assign('action_link', array('text' => $_LANG['05_comment_manage'], 'href' => 'comment_manage.php?act=list'));
/* 页面显示 */
assign_query_info();
$smarty->display('comment_info.htm');
}
/*------------------------------------------------------ */
//-- 处理 回复用户评论
/*------------------------------------------------------ */
if ($_REQUEST['act'] == 'action') {
admin_priv('comment_priv');
/* 获取IP地址 */
$ip = real_ip();
/* 获得评论是否有回复 */
$sql = "SELECT comment_id, content, parent_id FROM " . $ecs->table('comment') . " WHERE parent_id = '{$_REQUEST['comment_id']}'";
$reply_info = $db->getRow($sql);
if (!empty($reply_info['content'])) {
/* 更新回复的内容 */
$sql = "UPDATE " . $ecs->table('comment') . " SET " . "email = '{$_POST['email']}', " . "user_name = '{$_POST['user_name']}', " . "content = '{$_POST['content']}', " . "add_time = '" . gmtime() . "', " . "ip_address= '{$ip}', " . "status = 0" . " WHERE comment_id = '" . $reply_info['comment_id'] . "'";
} else {
/* 插入回复的评论内容 */
$sql = "INSERT INTO " . $ecs->table('comment') . " (comment_type, id_value, email, user_name , " . "content, add_time, ip_address, status, parent_id) " . "VALUES('{$_POST['comment_type']}', '{$_POST['id_value']}','{$_POST['email']}', " . "'{$_SESSION['admin_name']}','{$_POST['content']}','" . gmtime() . "', '{$ip}', '0', '{$_POST['comment_id']}')";
}
$db->query($sql);
/* 更新当前的评论状态为已回复并且可以显示此条评论 */
$sql = "UPDATE " . $ecs->table('comment') . " SET status = 1 WHERE comment_id = '{$_POST['comment_id']}'";
$db->query($sql);
/* 邮件通知处理流程 */
function action_get_verify_code()
{
$user = $GLOBALS['user'];
$_CFG = $GLOBALS['_CFG'];
$_LANG = $GLOBALS['_LANG'];
$smarty = $GLOBALS['smarty'];
$db = $GLOBALS['db'];
$ecs = $GLOBALS['ecs'];
$user_id = $_SESSION['user_id'];
include_once 'includes/cls_json.php';
require dirname(__FILE__) . '/send.php';
$json = new JSON();
$result = array();
$phone = trim($_REQUEST['phone']);
$sql = 'SELECT COUNT(*) FROM ' . $GLOBALS['ecs']->table('users') . ' WHERE `user_id` = \'' . $user_id . '\' AND `mobile_phone` = \'' . $phone . '\'';
$count = $GLOBALS['db']->getOne($sql);
if ($count == 0) {
$result['result'] = 'fail';
$result['message'] = '手机号跟用户不匹配';
echo $json->encode($result);
} else {
$seed = "0123456789";
$verifycode = mc_random(6, $seed);
$content = '您的验证码为' . $verifycode;
$ret = sendSMS($phone, $content);
$sql = 'INSERT INTO ' . $ecs->table('verifycode') . '(`mobile`, `getip`, `verifycode`, `dateline`) VALUES (\'' . $phone . '\',\'' . real_ip() . '\',\'' . $verifycode . '\',\'' . gmtime() . '\')';
$db->query($sql);
if ($ret == '发送成功!' && $db->affected_rows() == 1) {
$result['result'] = 'success';
$result['message'] = '短信发送成功';
echo $json->encode($result);
} else {
$result['result'] = 'fail';
$result['message'] = '短信发送失败!';
echo $json->encode($result);
}
}
}
/**
* 添加评论内容
*
* @access public
* @param object $cmt
* @return void
*/
function zy_add_comment($id,$user_id,$email,$user_name,$content,$rank)
{
/* 评论是否需要审核 */
$status = 1 - $GLOBALS['_CFG']['comment_check'];
$type = 0;
/* 保存评论内容 */
$sql = "INSERT INTO " .$GLOBALS['ecs']->table('comment') .
"(comment_type, id_value, email, user_name, content, comment_rank, add_time, ip_address, status, parent_id, user_id) VALUES " .
"('" .$type. "', '" .$id. "', '$email', '$user_name', '" .$content."', '".$rank."', ".gmtime().", '".real_ip()."', '$status', '0', '$user_id')";
$result = $GLOBALS['db']->query($sql);
return $result;
}