function getUserGroupAccount()
{
global $_W;
$user = pdo_fetch('SELECT groupid, endtime FROM ' . tablename('users') . ' WHERE `uid` = :uid LIMIT 1', array(':uid' => $_W['uid']));
$groupid = $user['groupid'];
$group = kim_get_uni_group($groupid);
$_W['user']['level'] = $group["name"];
return uni_groups(array($_W['account']['groupid']));
}
public function doWebChangePackage()
{
global $_W, $_GPC;
$_W["user"]["packages"] = getUserGroupAccount();
if (empty($_W['isfounder'])) {
$group = pdo_fetch("SELECT * FROM " . tablename('users_group') . " WHERE id = '{$_W['user']['groupid']}'");
$group_packages = (array) @iunserializer($group['package']);
$user_packages = (array) @iunserializer($_W['user']['package']);
$group_account = uni_groups(array_merge($user_packages, $group_packages));
} else {
$group_account = uni_groups();
}
$allow_group = array_keys($group_account);
$allow_group[] = 0;
if (!empty($_W['isfounder'])) {
$allow_group[] = -1;
}
if ($_W['ispost']) {
$uniacid = intval($_W['uniacid']);
$groupid = intval($_GPC['groupid']);
$state = uni_permission($_W['uid'], $uniacid);
if ($state != 'founder' && $state != 'manager') {
exit('illegal-uniacid');
}
if (!in_array($groupid, $allow_group)) {
exit('illegal-group');
} else {
pdo_update('uni_account', array('groupid' => $groupid), array('uniacid' => $uniacid));
if ($groupid == 0) {
exit('基础服务');
} elseif ($groupid == -1) {
exit('所有服务');
} else {
exit($group_account[$groupid]['name']);
}
}
exit;
}
}
message($r['message'], url('cloud/profile'), 'error');
}
$info = cloud_t_info($id);
if (!is_error($info)) {
if (empty($_GPC['flag'])) {
header('location: ' . url('cloud/process', array('t' => $id)));
exit;
} else {
$packet = cloud_t_build($id);
$manifest = ext_template_manifest_parse($packet['manifest']);
$manifest['version'] = $packet['version'];
}
}
}
unset($manifest['settings']);
$groups = uni_groups();
if (!$_W['ispost'] || empty($_GPC['flag'])) {
template('extension/select-groups');
exit;
}
$post_groups = $_GPC['group'];
$tid = intval($_GPC['tid']);
$id = $_GPC['templateid'];
if (empty($manifest)) {
message('模板安装配置文件不存在或是格式不正确!', '', 'error');
}
if ($manifest['name'] != $id) {
message('安装模板与文件标识不符,请重新安装', '', 'error');
}
if (pdo_fetchcolumn("SELECT id FROM " . tablename('site_templates') . " WHERE name = '{$manifest['name']}'")) {
message('模板已经安装或是唯一标识已存在!', '', 'error');
$upload = file_upload($_FILES['qrcode'], 'image', "qrcode_{$acid}");
}
if (!empty($_FILES['headimg']['tmp_name'])) {
$_W['uploadsetting'] = array();
$_W['uploadsetting']['image']['folder'] = '';
$_W['uploadsetting']['image']['extentions'] = array('jpg');
$_W['uploadsetting']['image']['limit'] = $_W['config']['upload']['image']['limit'];
$upload = file_upload($_FILES['headimg'], 'image', "headimg_{$acid}");
}
}
}
if (empty($_W['isfounder'])) {
$group = pdo_fetch("SELECT * FROM " . tablename('users_group') . " WHERE id = '{$_W['user']['groupid']}'");
$group['package'] = uni_groups((array) iunserializer($group['package']));
} else {
$group['package'] = uni_groups();
$group['package'][-1] = array('id' => -1, 'name' => '所有服务');
}
$allow_group = array_keys($group['package']);
$allow_group[] = 0;
if (!$acid) {
message('未填写公众号信息', '', url('account/post-step/', array('uniacid' => intval($_GPC['uniacid']), 'step' => 3), 'error'));
}
if (checksubmit('submit') && $flag == 2) {
$groupid = intval($_GPC['groupid']);
if (!in_array($groupid, $allow_group)) {
message('您所在的用户组没有使用该服务套餐的权限');
}
pdo_update('uni_account', array('groupid' => $groupid), array('uniacid' => $uniacid));
if ($_GPC['isexpire'] == '1') {
strtotime($_GPC['endtime']) > TIMESTAMP ? '' : message('服务套餐过期时间必须大于当前时间', '', 'error');
<?php
/**
* [Weizan System] Copyright (c) 2014 wdlcms.com
* Weizan isNOT a free software, it under the license terms, visited http://www.wdlcms.com/ for more details.
*/
if (empty($_W['isfounder'])) {
$group = pdo_fetch("SELECT * FROM " . tablename('users_group') . " WHERE id = '{$_W['user']['groupid']}'");
$group_account = uni_groups((array) iunserializer($group['package']));
} else {
$group_account = uni_groups();
$group_account[-1] = array('id' => -1, 'name' => '所有服务');
}
$allow_group = array_keys($group_account);
$allow_group[] = 0;
if ($_W['ispost']) {
$uniacid = intval($_GPC['uniacid']);
$groupid = intval($_GPC['groupid']);
$state = uni_permission($_W['uid'], $uniacid);
if ($state != 'founder' && $state != 'manager') {
exit('illegal-uniacid');
}
if (!in_array($groupid, $allow_group)) {
exit('illegal-group');
} else {
pdo_update('uni_account', array('groupid' => $groupid), array('uniacid' => $uniacid));
if ($groupid == 0) {
exit('基础服务');
} elseif ($groupid == -1) {
exit('所有服务');
} else {
<?php
/**
* 会员财务中心
*
* 作者:Kim
* 模块定制QQ: 800083075
* 后台体验地址: http://www.012wz.com
*/
defined('IN_IA') or exit('Access Denied');
global $_W, $_GPC;
checklogin();
if ($_W['ispost'] && $_W['isajax']) {
$user = pdo_fetch("SELECT U.* FROM " . tablename("uni_account_users") . " AS A LEFT JOIN " . tablename("users") . " AS U ON A.uid=U.uid WHERE A.uniacid=:uniacid AND A.role='manager'", array(":uniacid" => $_W['uniacid']));
if (empty($user)) {
die(json_encode(array("code" => 1, "message" => "扣费帐号不存在.")));
}
$res = buy_package($user, $_GPC['pid'], $_GPC['total']);
if (!is_error($res)) {
die(json_encode(array("code" => 1, "message" => "购买成功.")));
}
die(json_encode(array("code" => 0, "message" => $res["message"])));
}
$idList = pdo_fetchall("SELECT id FROM " . tablename("uni_group"));
$_items = array();
foreach ($idList as $item) {
$_items[] = $item["id"];
}
$list = uni_groups($_items);
$curr_count = count($list[$_W["user"]["account"]["groupid"]]['modules']);
include $this->template('financial_buypackage');
cache_delete("unimodules:{$uniacid}:1");
cache_delete("unimodules:{$uniacid}:");
cache_delete("uniaccount:{$uniacid}");
cache_delete("accesstoken:{$acid}");
cache_delete("jsticket:{$acid}");
cache_delete("cardticket:{$acid}");
load()->model('module');
module_build_privileges();
if (!empty($_GPC['from'])) {
message('公众号权限修改成功', url('account/post-step/', array('uniacid' => $uniacid, 'step' => 3, 'from' => 'list')), 'success');
} else {
header("Location: " . url('account/post-step/', array('uniacid' => $uniacid, 'acid' => $acid, 'step' => 4)));
exit;
}
}
$unigroups = uni_groups();
$settings = uni_setting($uniacid, array('notify'));
$notify = $settings['notify'] ? $settings['notify'] : array();
$ownerid = pdo_fetchcolumn("SELECT uid FROM " . tablename('uni_account_users') . " WHERE uniacid = :uniacid AND role = 'owner'", array(':uniacid' => $uniacid));
if (!empty($ownerid)) {
$owner = user_single(array('uid' => $ownerid));
$owner['group'] = pdo_fetch("SELECT id, name, package FROM " . tablename('users_group') . " WHERE id = :id", array(':id' => $owner['groupid']));
$owner['group']['package'] = iunserializer($owner['group']['package']);
}
$extend = pdo_fetch("SELECT * FROM " . tablename('uni_group') . " WHERE uniacid = :uniacid", array(':uniacid' => $uniacid));
$extend['modules'] = iunserializer($extend['modules']);
$extend['templates'] = iunserializer($extend['templates']);
if (!empty($extend['modules'])) {
$owner['extend']['modules'] = pdo_getall('modules', array('name' => $extend['modules']));
}
if (!empty($extend['templates'])) {
$oldgroupid = pdo_fetchcolumn('SELECT groupid FROM ' . tablename('uni_account') . ' WHERE uniacid = :uniacid', array(':uniacid' => $uniacid));
pdo_update('uni_account', array('groupid' => $groupid), array('uniacid' => $uniacid));
$updatedata = $isexpire ? iserializer(array('isexpire' => 1, 'endtime' => $endtime, 'oldgroupid' => $oldgroupid)) : iserializer(array('isexpire' => 0, 'endtime' => TIMESTAMP, 'oldgroupid' => $oldgroupid));
pdo_update('uni_settings', array('groupdata' => $updatedata), array('uniacid' => $uniacid));
}
load()->model('module');
module_build_privileges();
message('更改公众号套餐成功', url('account/batch'), 'success');
} elseif ($do == 'modal') {
if ($_W['isajax']) {
load()->func('tpl');
if ($_W['isfounder']) {
$groups = pdo_fetchall("SELECT * FROM " . tablename('uni_group'), array(), 'id');
} else {
$groups = pdo_fetch("SELECT package FROM " . tablename('users_group') . ' WHERE id = :id', array(':id' => $_W['user']['groupid']), 'id');
$groups = uni_groups((array) iunserializer($groups['package']));
}
$arr = $_GPC['arr'];
template('account/modal');
exit;
}
} elseif ($do == 'operator') {
if (!$_W['isfounder']) {
exit('您没有操作权限,请联系系统管理员');
}
if ($_W['ispost']) {
if (empty($_GPC['uid'])) {
exit('没有选择要添加的操作员');
}
$uniacidarr = explode(',', trim($_GPC['uniacidstr']));
if (empty($uniacidarr)) {
if (checksubmit('submit')) {
if (!empty($_GPC['delete'])) {
pdo_query("DELETE FROM " . tablename('users_group') . " WHERE id IN ('" . implode("','", $_GPC['delete']) . "')");
}
message('用户组更新成功!', referer(), 'success');
}
$list = pdo_fetchall("SELECT * FROM " . tablename('users_group'));
}
if ($do == 'post') {
$id = intval($_GPC['id']);
$_W['page']['title'] = $id ? '编辑用户组 - 用户组 - 用户管理' : '添加用户组 - 用户组 - 用户管理';
if (!empty($id)) {
$group = pdo_fetch("SELECT * FROM " . tablename('users_group') . " WHERE id = :id", array(':id' => $id));
$group['package'] = iunserializer($group['package']);
}
$packages = uni_groups();
if (checksubmit('submit')) {
if (empty($_GPC['name'])) {
message('请输入用户组名称!');
}
if (!empty($_GPC['package'])) {
foreach ($_GPC['package'] as $value) {
$package[] = intval($value);
}
}
$data = array('name' => $_GPC['name'], 'package' => iserializer($package), 'maxaccount' => intval($_GPC['maxaccount']), 'maxsubaccount' => intval($_GPC['maxsubaccount']));
if (empty($id)) {
pdo_insert('users_group', $data);
} else {
pdo_update('users_group', $data, array('id' => $id));
}
message('访问错误, 未找到指定操作用户.');
}
$founders = explode(',', $_W['config']['setting']['founder']);
$isfounder = in_array($user['uid'], $founders);
if ($isfounder) {
message('访问错误, 无法编辑站长.');
}
$do = $_GPC['do'];
$dos = array('deny', 'delete', 'auth', 'revo', 'revos', 'select', 'role', 'menu', 'edit');
$do = in_array($do, $dos) ? $do : 'edit';
if ($do == 'edit') {
if (!empty($user['groupid'])) {
$group = pdo_fetch("SELECT * FROM " . tablename('users_group') . " WHERE id = '{$user['groupid']}'");
if (!empty($group)) {
$package = iunserializer($group['package']);
$group['package'] = uni_groups($package);
}
}
$weids = pdo_fetchall("SELECT uniacid, role FROM " . tablename('uni_account_users') . " WHERE uid = '{$uid}'", array(), 'uniacid');
if (!empty($weids)) {
$wechats = pdo_fetchall("SELECT * FROM " . tablename('uni_account') . " WHERE uniacid IN (" . implode(',', array_keys($weids)) . ")");
}
template('user/permission');
}
if ($do == 'deny') {
if ($_W['ispost'] && $_W['isajax']) {
$founders = explode(',', $_W['config']['setting']['founder']);
if (in_array($uid, $founders)) {
exit('管理员用户不能禁用.');
}
$somebody = array();
$uniacid = intval($_GPC['uniacid']);
if (!empty($uniacid)) {
$uniaccount = pdo_fetch("SELECT * FROM " . tablename('uni_account') . " WHERE uniacid = :uniacid", array(':uniacid' => $uniacid));
if (empty($uniaccount)) {
message('楼盘项目不存在或已被删除!');
}
$state = uni_permission($uid, $uniacid);
if ($state != 'founder' && $state != 'manager') {
message('没有该楼盘项目操作权限!');
}
}
$settings = uni_setting($uniacid, array('notify', 'groupdata', 'bootstrap'));
$groupdata = $settings['groupdata'] ? $settings['groupdata'] : array('isexpire' => 0, 'oldgroupid' => '', 'endtime' => TIMESTAMP);
$notify = $settings['notify'] ? $settings['notify'] : array();
$bootstrap = $settings['bootstrap'];
$data = uni_groups();
$groups = array();
foreach ($data as $da) {
$groups[$da['id']] = $da;
}
$groups[0] = array('id' => 0, 'name' => '基础服务');
$groups[-1] = array('id' => -1, 'name' => '所有服务');
if ($do == 'post') {
$_W['page']['title'] = '编辑子楼盘项目 - 编辑主楼盘项目';
if (empty($acid)) {
$_W['page']['title'] = '添加子楼盘项目 - 编辑主楼盘项目';
if (empty($_W['isfounder']) && is_error($error = uni_create_permission($_W['uid'], 2))) {
message($error['message'], '', 'error');
}
}
load()->func('tpl');