public function PPD()
{
$data['customer_id'] = $this->customer_id;
foreach ($_POST as $key => $val) {
$cate = substr($key, 0, 3);
switch ($cate) {
case 'in_':
$data[substr($key, 3)] = (int) $val;
break;
case 'te_':
if (strlen($val) == 11 && (int) $val || substr_count($val, '-') == 1 && strlen($val) == 12) {
$data[substr($key, 3)] = (int) $val;
} else {
die('联系方式错误');
}
break;
case "ur_":
if ($val) {
preg_match("/^((https?|ftp|news):\\/\\/)?([a-z]([a-z0-9\\-]*[\\.。])+([a-z]{2}|aero|arpa|biz|com|coop|edu|gov|info|int|jobs|mil|museum|name|nato|net|org|pro|travel)|(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))(\\/[a-z0-9_\\-\\.~]+)*(\\/([a-z0-9_\\-\\.]*)(\\?[a-z0-9+_\\-\\.%=&]*)?)?(#[a-z][a-z0-9_]*)?\$/", $val) ? $data[substr($key, 3)] = str_inmysql($val) : die("您输入的网址不正确");
}
break;
default:
$data[$key] = str_inmysql($val);
}
}
//$data['customer_id'] = $this->customer_id;
$data['id'] ? (int) $data['id'] : ($data['create_date'] = date("Y-m-d H:i:s"));
$this->data = $data;
return $this;
}
public function getPostData()
{
$postObj = simplexml_load_string($GLOBALS["HTTP_RAW_POST_DATA"], 'SimpleXMLElement', LIBXML_NOCDATA);
$post_data['FromUserName'] = str_inmysql($postObj->FromUserName);
$post_data['ToUserName'] = str_inmysql($postObj->ToUserName);
$post_data['FromMsgType'] = str_inmysql($postObj->MsgType);
$post_data['Keyword'] = trim(str_inmysql($postObj->Content, '1'));
$post_data['CreateTime'] = str_inmysql($postObj->CreateTime);
$post_data['Location_X'] = str_inmysql($postObj->Location_X);
$post_data['Location_Y'] = str_inmysql($postObj->Location_Y);
$post_data['Label'] = str_inmysql($postObj->Label);
$post_data['Event'] = str_inmysql($postObj->Event);
$post_data['EventKey'] = str_inmysql($postObj->EventKey);
$post_data['PicUrl'] = str_inmysql($postObj->PicUrl);
$post_data['Recognition'] = str_inmysql($postObj->Recognition);
if ($post_data['Event'] == 'CLICK') {
$post_data['Keyword'] = str_inmysql($post_data['EventKey']);
}
//服务号用户自动上传地理位置的处理
if (strtolower($postObj->Event) == 'location') {
$memberLocationModel = new Model_Subtable('member_location');
$memberLocationRow = $memberLocationModel->where("fromuser='******'")->dataRow();
if ($memberLocationRow) {
$locationArr['info'][id] = $memberLocationRow['id'];
}
$locationArr['info'][fromuser] = $postObj->FromUserName;
$locationArr['info'][latitude] = $postObj->Latitude;
$locationArr['info'][longitude] = $postObj->Longitude;
$locationArr['info'][precision] = $postObj->Precision;
$locationArr['info'][addtime] = $postObj->CreateTime;
$memberLocationModel->add($locationArr);
}
return $post_data;
}
public function add()
{
$data = array();
if ($_POST['id']) {
$data['id'] = (int) $_POST['id'];
}
$data['content'] = str_inmysql($_POST['content']);
$data['tid'] = (int) $_POST['tid'];
$data['uid'] = (int) $_SESSION['customer_id'];
$data['name'] = str_inmysql($_SESSION['weixin_name']);
$res = $this->upsert($data);
return $res;
}
public function dataFilter($arr)
{
if ($arr[info]) {
$data = $arr[info];
}
if ($arr[num]) {
foreach ($arr[num] as $k => $v) {
$data[$k] = (int) $v;
}
}
if ($arr[str]) {
foreach ($arr[str] as $k => $v) {
$data[$k] = str_inmysql($v);
}
}
return $data;
}
public function getCoupon()
{
$CouponRecordTable = new Model_ApplistCouponRecord();
$CouponListTable = new Model_ApplistCouponList();
$cfromuser = $this->fromuser;
$customer_id = $this->customer_id;
//搜索条件
$filter['where'] = " customer_id='{$customer_id}' and state='1' ";
$sql = $CouponListTable->select($filter);
//解析结果集
$couponInfo = $CouponListTable->fetchRow($sql);
$filter['where'] = "fromuser='******' and pid='{$couponInfo['id']}'";
$times = $CouponRecordTable->count($filter);
//如果领取次数未满
if ($couponInfo && $couponInfo['end_date'] > date("Y-m-d") && $times < $couponInfo['times'] && $couponInfo['stock'] > $couponInfo['use_num']) {
//插入领取成功记录
$data['pid'] = (int) $couponInfo['id'];
$data['end_date'] = $couponInfo['end_date'];
$data['state'] = 2;
$data['customer_id'] = $customer_id;
$data['fromuser'] = $cfromuser;
$data['create_date'] = date("Y-m-d H:i:s");
$data['coupon_name'] = str_inmysql($couponInfo['denomination']);
$memberTable = new Model_Member();
$nickname = $memberTable->fetchRow("select nickname from member where fromuser='******' and customer_id='{$customer_id}'");
$data['nickname'] = $nickname['nickname'];
$id = $CouponRecordTable->upsert($data);
$CouponListTable->query("update applist_coupon_list set use_num=use_num+1 where id='{$couponInfo['id']}' and customer_id='{$customer_id}'");
//获取优惠券 规则信息 返回微信单图文格式
$CouponTable = new Model_ApplistCoupon();
$info = $CouponTable->fetchRow("select * from applist_coupon where customer_id='{$customer_id}'");
//返回微信数据
$data['msgtype'] = 'news';
$data['title'] = $info['title'];
$data['description'] = $info['info'];
$data['picurl'] = 'http://' . $_SERVER['HTTP_HOST'] . "/data/image_c/" . $info['pic'];
$data['url'] = 'http://' . $_SERVER['HTTP_HOST'] . "/mobile/coupon/index.php?id=" . $id . "&pid=" . $data['pid'] . "&fromuser="******"&sign=" . $this->timesign;
return $data;
} else {
$data['msgtype'] = "text";
$data['content'] = $couponInfo['cue'];
return $data;
}
}
$infoModel = new Model_InfoCate();
if (method_is('post') && $_POST['cate_name_two']) {
$cate_name = str_inmysql($_POST['cate_name_two']);
$id = (int) $_POST['id'];
$infoModel->query("update info_cate set cate_name='{$cate_name}' where id='{$id}' and customer_id='{$customer_id}'");
echo "success";
die;
}
if (method_is('post') && $_POST['del_id']) {
$id = (int) $_POST['del_id'];
$infoModel->delete("id='{$id}' and customer_id='{$customer_id}'");
echo "success";
die;
}
$type = $_POST['info_type'];
$data['info_type'] = str_inmysql($_POST['info_type']);
$data['customer_id'] = $customer_id;
$data['cate_name'] = $_POST['cate_name'];
$filter['where'] = "info_type='{$data['info_type']}' and customer_id='{$customer_id}' and cate_name='{$data['cate_name']}'";
$nums = $infoModel->count($filter);
if ($nums > 0) {
echo '1';
die;
}
$num = $infoModel->insert($data);
if ($num > 0) {
$row = array('id' => $num, 'cate_name' => $data['cate_name']);
$res = json_encode($row);
header('Content-Type: application/json');
echo $res;
}
$data = Model_Table::get('InfoCommon')->findByWhere("id='{$id}' and customer_id='{$customer_id}' and info_type='" . Model_InfoCommon::get_type($info_type) . "'");
$smarty->assign('infoRow', $data);
}
//submit
if (method_is('post')) {
$data['customer_id'] = $customer_id;
$data['info_type'] = Model_InfoCommon::get_type($info_type);
$data['keyword'] = isset($_POST['keyword']) ? str_inmysql(str_replace(array(';', ','), ',', $_POST['keyword'])) : '';
$data['state'] = isset($_POST['state']) ? (int) $_POST['state'] : '';
$data['cate_id'] = isset($_POST['cate_id']) ? (int) $_POST['cate_id'] : '';
$data['info_title'] = isset($_POST['info_title']) ? str_inmysql($_POST['info_title']) : '';
$data['pic_showincontent'] = isset($_POST['show']) ? (int) $_POST['show'] : '';
$data['info_pic'] = isset($_POST['info_pic']) ? str_inmysql($_POST['info_pic']) : '';
$data['info_desc'] = isset($_POST['info_desc']) ? str_inmysql($_POST['info_desc']) : '';
$data['info_intro'] = isset($_POST['info_intro']) ? str_inmysql($_POST['info_intro']) : '';
$data['info_url'] = isset($_POST['info_url']) ? str_inmysql($_POST['info_url']) : '';
$data['create_date'] = date('Y-m-d H:i:s', $_WGT['TIME']);
if (!$data['keyword']) {
ajax_feedback(0, '1201');
}
if (!$data['info_intro']) {
ajax_feedback(0, '1202');
}
if (!$data['cate_id']) {
$data['cate_id'] = Model_Table::get('InfoCate')->saveDefaultCate($customer_id, $info_type);
}
//关键词过滤
$keyArray = explode(',', $data['keyword']);
$keyTable = new Model_KeywordList();
foreach ($keyArray as $v) {
$filter['where'] = "customer_id='{$customer_id}' and keyword='{$v}'";
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
}
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec($curl);
curl_close($curl);
return $output;
}
$BottomMenu = new Model_BottomMenu();
$id = (int) $_POST['mid'];
$c_id = (int) $_SESSION['customer_id'];
$data = array();
$data['customer_id'] = (int) $_SESSION['customer_id'];
$data['menu_name'] = str_inmysql($_POST['m_name']);
$data['menu_type'] = str_inmysql($_POST['m_type']);
$data['menu_key'] = str_inmysql($_POST['m_key']);
$data['menu_order'] = (int) $_POST['menu_order'];
$data['id'] = (int) $_POST['m_id'];
$data['parent_id'] = (int) $_POST['parent_id'];
if ($_POST['act'] == "createMenu") {
pub();
} elseif ($_POST['act'] == "createMenuDo") {
if ($_POST['m_id'] == '0') {
unset($data['id']);
}
if ($_POST['m_id'] == '999999999') {
unset($data['id']);
$p = $BottomMenu->fetchRow("select id from bottom_menu where menu_order='{$data[menu_order]}' and customer_id='{$data[customer_id]}' and parent_id='0'");
$data['parent_id'] = $p['id'];
}
$result = $BottomMenu->insert($data);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $postType);
curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonData);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
$Customer_Config = new Model_CustomerConfig();
$data = array();
$data['customer_id'] = (int) $_SESSION['customer_id'];
$data['c_type'] = str_inmysql('appid');
$data['c_value'] = str_inmysql($_POST['app_id']) . ',' . str_inmysql($_POST['app_Secret']);
$data['create_date'] = str_inmysql(date("Y-m-d H:i:s"));
$appid = $_POST['app_id'];
$secret = $_POST['app_Secret'];
$url = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid={$appid}&secret={$secret}";
//获取 token
$get_token = post($url, $postType = 'GET', '');
if (strstr($get_token, 'errmsg')) {
die('无效的AppId');
//如果有获取token成功
} else {
if (strstr($get_token, 'access_token')) {
$Customer_Config->upsert($data);
die('success');
} else {
die('微信无应答,请稍候再试!');
}
<?php
include_once "../../includes/config.inc.php";
check_login();
//验证是否登录
$postTable = new Model_Subtable('sub_task');
$replyTable = new Model_Subtable('sub_reply');
//回复数据的添加
if ($_POST['action'] == 'add') {
//管理员头像
$uRow = D('sub_user')->find(1);
$data['info']['head_pic'] = '/data/image_c/' . $uRow['head_pic'];
$data['info']['tid'] = (int) $_POST['tid'];
$data['info']['content'] = str_inmysql($_POST['content']);
$data['info']['name'] = '云姐';
$res = $replyTable->add($data);
if ($res) {
echo json_encode($res);
}
exit;
}
//数据删除
if ($_GET['action'] == 'del') {
$id = (int) $_GET['id'];
$res = $replyTable->del($id);
echo json_encode($res);
exit;
}
//根据ID查询帖子信息
$id = (int) $_GET['id'];
$vo = $postTable->find($_GET['id']);
$id = isset($_POST['id']) ? (int) $_POST['id'] : '';
$data = array();
$data['is_reply'] = 1;
$data['reply_list'] = isset($_POST['reply_list']) ? str_inmysql($_POST['reply_list']) : '';
$sqlStatus = Model_Table::get('Message')->updateById($id, $data);
ajax_feedback(1, array('is_reply_str' => Model_Table::get('Message')->is_reply(1)));
}
//sql
$filter = array();
$now_time = time();
$n_time = $now_time - 48 * 3600;
$filter['where'] = "customer_id = '{$customer_id}' and create_time > '{$n_time}' and fromuser !=''";
$filter['order'] = "id desc";
//$filter['order'] .= $status ? ',status asc' : ',status desc';
if ($_POST['search']) {
$sea = str_inmysql($_POST['search']);
$filter['where'] = "customer_id = '{$customer_id}' and msg_content like '%{$sea}%' and fromuser !=''";
//如果是ajax请求48小时外信息
} elseif (method_is('get') && $_GET['act'] == 'history') {
$filter['where'] = "customer_id = '{$customer_id}' and create_time < '{$n_time}' and fromuser!=''";
//smarty
$smarty->assign("val", true);
}
//result
$msgModel = new Model_Message();
$result = $msgModel->paginate($filter, '*', $page);
$pager = $result['pager'];
//var_dump($_SESSION['customer_id']);die();
//pager
if ($pager['count'] > $pager['size']) {
$pagerhtml = new SubPages($pager['size'], $pager['count'], $pager['current'], $pager['range'], 2, '');
$music_table = new Model_InfoVideo();
$data = $music_table->fetchRow("select * from info_video where id='{$id}' and customer_id='{$customer_id}'");
$smarty->assign('infoRow', $data);
}
//submit
if (method_is('post')) {
$data['customer_id'] = $customer_id;
//$data['info_type'] = Model_InfoVideo::get_type($info_type);
$data['keyword'] = isset($_POST['keyword']) ? str_inmysql(str_replace(array(';', ','), ',', $_POST['keyword'])) : '';
$data['cate_id'] = isset($_POST['cate_id']) ? (int) $_POST['cate_id'] : '';
$data['create_date'] = date('Y-m-d H:i:s', $_WGT['TIME']);
$data['video_name'] = isset($_POST['video_name']) ? str_inmysql($_POST['video_name']) : '';
$data['video_pic'] = isset($_POST['video_pic']) ? str_inmysql($_POST['video_pic']) : '';
$data['video_desc'] = isset($_POST['video_desc']) ? str_inmysql($_POST['video_desc']) : '';
$data['video_url'] = isset($_POST['video_url']) ? str_inmysql($_POST['video_url']) : '';
$data['state'] = isset($_POST['state']) ? str_inmysql($_POST['state']) : '';
if (!$data['keyword']) {
ajax_feedback(0, '1201');
}
if (!$data['video_name']) {
ajax_feedback(0, '1309');
}
if (!$data['video_url']) {
ajax_feedback(0, '1308');
}
if (!$data['cate_id']) {
$data['cate_id'] = Model_Table::get('InfoCate')->saveDefaultCate($customer_id, $info_type);
}
//关键词过滤
$keyArray = explode(',', $data['keyword']);
$keyTable = new Model_KeywordList();
$datatwo['url'] = str_inmysql($_POST['url']);
$datatwo['order_num'] = (int) $_POST['order_num'];
if ($_POST['act'] == 'sele' && $_POST['d_id']) {
$id = (int) $_POST['d_id'];
$p_id = (int) $_POST['id'];
$rows = $Model_InfoCommonDetail->fetchRow("select * from info_common_detail where id='{$id}' and info_common_id='{$p_id}'");
//$rowsstr = str_replace("\n", "", $rows['msg_content']);
//$rows['msg_content'] = str_replace("\r", "", $rowsstr);
$res = json_encode($rows);
header('Content-Type: application/json');
echo $res;
die;
}
//The One
if ($_POST['info_type_form'] == 'one') {
$data['keyword'] = str_inmysql(str_replace(array(';', ','), ',', $_POST['keyword']));
$data['id'] = (int) $_POST['id'];
$data['state'] = (int) $_POST['state'];
$data['customer_id'] = (int) $_SESSION['customer_id'];
$data['create_date'] = date('Y-m-d H:i:s', $_WGT['TIME']);
$data['info_type'] = (int) 3;
//关键词过滤
$keyArray = explode(',', $data['keyword']);
$keyTable = new Model_KeywordList();
foreach ($keyArray as $v) {
$filter['where'] = "customer_id='{$customer_id}' and keyword='{$v}'";
$nums = $keyTable->count($filter);
if ($nums > 0 && !$_POST['id']) {
$res = json_encode(array('1' => 'error', '2' => "关键词 \"" . $v . '" 已存在,请更换'));
header('Content-Type: application/json');
echo $res;
<?php
include_once "../../includes/config.inc.php";
include_once "../../includes/login_check.php";
$customer_id = (int) $_SESSION['customer_id'];
$replyModel = new Model_AutoReply();
if ($_POST['save'] == '1') {
//params
$data = array();
$data['customer_id'] = $customer_id;
$data['type_id'] = '2';
$data['is_keyword'] = (int) $_POST['is_keyword'];
$data['reply_content'] = $data['is_keyword'] ? '' : str_inmysql($_POST['reply_content']);
$data['reply_keyword'] = $data['is_keyword'] ? str_inmysql($_POST['reply_keyword']) : '';
$data['create_date'] = date('Y-m-d H:i:s', $_WGT['TIME']);
$data['state'] = (int) $_POST['state'];
//save
if ((int) $_POST['id'] > 0) {
$gxid = (int) $_POST['id'];
$replyModel->row_update($data, " id='{$gxid}' and type_id='2' and customer_id='{$customer_id}' ");
} else {
$replyModel->insert($data);
}
die('success');
}
//find
$replyRow = $replyModel->findByCustomerId($customer_id, '2');
//smarty
$smarty->assign('replyRow', $replyRow);
$smarty->setTpl('info/templates/auto_reply.html')->display();
<?php
include_once "../../includes/config.inc.php";
include_once "../../includes/login_check.php";
//var
//$member_id = (int) $_SESSION['member_id'];
$customer_id = (int) $_SESSION['customer_id'];
$page = (int) $_REQUEST["p"] > 0 ? (int) $_REQUEST["p"] : 1;
$fromuser = str_inmysql($_GET['fromuser']);
if ($_POST['month'] && $_POST['year']) {
//
$m = $_POST['month'];
$y = $_POST['year'];
$today = $_POST['year'] . '-' . $_POST['month'] . '-' . date('j', mktime(0, 0, 1, $m == 12 ? 1 : $m + 1, 1, $m == 12 ? $y + 1 : $y) - 24 * 3600);
//echo $d=die();
$and = " and left(create_date,10)<='{$today}'";
$start_date = $today = $_POST['year'] . '-' . $_POST['month'] . '-01';
$smarty->assign('mon', $m);
$smarty->assign('yea', $y);
} else {
$today = date("Y-m-d");
$start_date = date('Y-m-d', strtotime('-29 day'));
/* $smarty->assign('mon',date('m'));
$smarty->assign('yea',date('Y')); */
}
$and = isset($and) ? $and : '';
$member = new Model_Member();
$data = $member->fetchRow("select * from member where customer_id={$customer_id} and fromuser='******'");
$smarty->assign("list", $data);
$message = new Model_Message();
$result = $message->fetchAll("select msg_content,create_date from message where customer_id='{$customer_id}' and fromuser='******'");
if ($id) {
$music_table = new Model_InfoLbs();
$data = $music_table->fetchRow("select * from info_lbs where id='{$id}' and customer_id='{$customer_id}'");
$smarty->assign('infoRow', $data);
}
//submit
if (method_is('post')) {
$data['customer_id'] = $customer_id;
$data['create_date'] = date('Y-m-d H:i:s', $_WGT['TIME']);
$data['location_name'] = isset($_POST['location_name']) ? str_inmysql($_POST['location_name']) : '';
$data['location_intro'] = isset($_POST['location_intro']) ? str_inmysql($_POST['location_intro']) : '';
$data['location_desc'] = isset($_POST['location_desc']) ? str_inmysql($_POST['location_desc']) : '';
$data['location_pic'] = isset($_POST['location_pic']) ? str_inmysql($_POST['location_pic']) : '';
$data['state'] = isset($_POST['state']) ? str_inmysql($_POST['state']) : '';
$data['x_dian'] = isset($_POST['x_dian']) ? str_inmysql($_POST['x_dian']) : '';
$data['y_dian'] = isset($_POST['y_dian']) ? str_inmysql($_POST['y_dian']) : '';
if (!$data['location_name']) {
ajax_feedback(0, '1310');
}
if (!$data['x_dian']) {
ajax_feedback(0, '1311');
}
if (!$data['y_dian']) {
ajax_feedback(0, '1312');
}
//save-InfoLbs
$info_id = Model_Table::get('InfoLbs')->upsert($data);
//save-keywordlist
$list = array('customer_id' => $customer_id, 'info_id' => $info_id, 'keyword' => $data['keyword'], 'info_type' => $info_type);
Model_Table::get('KeywordList')->saveForKeywords($list);
//return
<?php
//后台管理员管理
include_once "../../includes/config.inc.php";
//登录页面显示
if ($_REQUEST['a'] == 'login') {
$smarty->setLayout('layout_nologin.html')->setTpl('suser/templates/login.html')->display();
die;
}
$model = new Model_Subtable('sub_suser');
//登录验证
if ($_REQUEST['a'] == 'doLogin') {
$name = str_inmysql($_POST['name']);
$pass = md5($_POST['pass']);
$res = $model->where(" `name`='" . $name . "' and `pass`='" . $pass . "'")->dataRow();
if ($res) {
$_SESSION['suser'] = $res;
$_SESSION['customer_id'] = 1378;
echo 'success';
die;
}
die;
}
//注销
if ($_REQUEST['a'] == 'logout') {
$_SESSION['suser'] = null;
$_SESSION['customer_id'] = null;
echo '<script type="text/javascript">window.location.href="/home/suser/index.php?a=login"</script>';
die;
}
//判断是否登录