function get_waterMark() { require_once ROOT_PATH . '/data/config.php'; require_once ROOT_PATH . '/includes/cls_mysql.php'; $db = new cls_mysql($db_host, $db_user, $db_pass, $db_name, EC_CHARSET, 0, 1); $sql = 'select value from ecs_shop_config where code = "watermark"'; $watermark = $db->getOne($sql); $sql = 'select value from ecs_shop_config where code = "watermark_place"'; $watermark_place = $db->getOne($sql); $sql = 'select value from ecs_shop_config where code = "watermark_alpha"'; $watermark_alpha = $db->getOne($sql); return array('watermark' => $watermark, 'watermark_place' => $watermark_place, 'watermark_alpha' => $watermark_alpha); }
/** * 获得spt代码 * * @access public * @return string spt代码 */ function get_spt_code() { include(ROOT_PATH . 'data/config.php'); include_once(ROOT_PATH . 'includes/cls_ecshop.php'); include_once(ROOT_PATH . 'includes/cls_mysql.php'); $db = new cls_mysql($db_host, $db_user, $db_pass, $db_name); $ecs = new ECS($db_name, $prefix); $hash_code = $db->getOne("SELECT value FROM " . $ecs->table('shop_config') . " WHERE code='hash_code'"); $spt = '<script type="text/javascript" src="http://api.ecshop.com/record.php?'; $spt .= "url=" .urlencode($ecs->url()). "&mod=install&version=" .VERSION. "&hash_code=" . $hash_code . "&charset=" .EC_CHARSET. "&language=" . $GLOBALS['installer_lang'] . "\"></script>"; return $spt; }
$ucdb = new cls_mysql(UC_DBHOST, UC_DBUSER, UC_DBPW, UC_DBNAME, UC_DBCHARSET); $maxuid = intval($ucdb->getOne("SELECT MAX(uid)+1 FROM " . UC_DBTABLEPRE . "members LIMIT 1")); $smarty->assign('maxuid', $maxuid); } } $smarty->display('usermerge.php'); break; /*将会员数据导入到uc*/ /*将会员数据导入到uc*/ case 'userimporttouc': include ROOT_PATH . 'data/config.php'; include_once ROOT_PATH . 'includes/cls_json.php'; $ucdb = new cls_mysql(UC_DBHOST, UC_DBUSER, UC_DBPW, UC_DBNAME, UC_DBCHARSET); $json = new JSON(); $result = array('error' => 0, 'message' => ''); $maxuid = intval($ucdb->getOne("SELECT MAX(uid)+1 FROM " . UC_DBTABLEPRE . "members LIMIT 1")); $merge_method = intval($_POST['merge']); $merge_uid = array(); $uc_uid = array(); $repeat_user = array(); $query = $db->query("SELECT * FROM " . $ecs->table('users') . " ORDER BY `user_id` ASC"); while ($data = $db->fetch_array($query)) { $salt = rand(100000, 999999); $password = md5($data['password'] . $salt); $data['username'] = addslashes($data['user_name']); $lastuid = $data['user_id'] + $maxuid; $uc_userinfo = $ucdb->getRow("SELECT `uid`, `password`, `salt` FROM " . UC_DBTABLEPRE . "members WHERE `username`='{$data['username']}'"); if (!$uc_userinfo) { $ucdb->query("INSERT LOW_PRIORITY INTO " . UC_DBTABLEPRE . "members SET uid='{$lastuid}', username='******'username']}', password='******', email='{$data['email']}', regip='{$data['regip']}', regdate='{$data['regdate']}', salt='{$salt}'", 'SILENT'); $ucdb->query("INSERT LOW_PRIORITY INTO " . UC_DBTABLEPRE . "memberfields SET uid='{$lastuid}'", 'SILENT'); } else {
<p><h4>璇峰厛鍗囩骇鎮ㄧ殑绋嬪簭鍐嶈繘琛屽?鍏ャ€侟/h4></p> EOT; instfooter(); } elseif ($step == 'start') { $limit = getgpc('limit', 'P'); $update = getgpc('update', 'P'); $insert = getgpc('insert', 'P'); $success = getgpc('success', 'P'); $error = getgpc('error', 'P'); $item_num = 500; // 姣忔?澶勭悊1000涓?細鍛樻暟鎹 $statistics = array('update' => 0, 'insert' => 0, 'success' => 0, 'error' => 0); if (empty($limit)) { $limit = 0; } $uc_db = new cls_mysql(UC_DBHOST, UC_DBUSER, UC_DBPW, UC_DBNAME, UC_DBCHARSET, 0, 1); $total_members = $uc_db->getOne("SELECT COUNT(*) FROM ". UC_DBTABLEPRE ."members"); $sql = "SELECT uid, username, password, email, salt FROM ". UC_DBTABLEPRE ."members ORDER BY uid ASC LIMIT $limit, $item_num"; $uc_query = $uc_db->query($sql); while($member = $uc_db->fetch_array($uc_query)){ $user_exists = $db->getOne("SELECT COUNT(*) FROM {$prefix}users WHERE `user_name`='{$member['username']}'"); if (!$user_exists) { $sql = "INSERT INTO {$prefix}users (`email`, `user_name`, `password`, `salt`) VALUES('{$member['email']}', '{$member['username']}', '{$member['password']}', '2{$member['salt']}')"; ++$statistics['insert']; } else { $sql = "UPDATE {$prefix}users SET `password`='{$member['password']}', `salt`='2{$member['salt']}' WHERE `user_name`='{$member['username']}'"; ++$statistics['update']; } $db->query($sql); if ($db->affected_rows() > 0) { ++$statistics['success']; } else {
// 没有找到这个记录 $time = time() - 3600; setcookie("ECS[user_id]", '', $time, '/'); setcookie("ECS[password]", '', $time, '/'); } else { $_SESSION['user_id'] = $row['user_id']; $_SESSION['user_name'] = $row['user_name']; update_user_info(); } } if (isset($smarty)) { $smarty->assign('ecs_session', $_SESSION); } } if ((DEBUG_MODE & 1) == 1) { error_reporting(E_ALL); } else { error_reporting(E_ALL ^ (E_NOTICE | E_WARNING)); } if ((DEBUG_MODE & 4) == 4) { include ROOT_PATH . 'includes/lib.debug.php'; } /* 判断是否支持 Gzip 模式 */ if (!defined('INIT_NO_SMARTY') && gzip_enabled()) { ob_start('ob_gzhandler'); } else { ob_start(); } if (isset($_SESSION['user_id']) && $_SESSION['user_id'] && isset($smarty)) { $smarty->assign('bindusercardme', $db->getOne("select count(user_id) from " . $ecs->table("user_card") . " where user_id=" . $_SESSION['user_id'])); }
$ucdb = new cls_mysql(UC_DBHOST, UC_DBUSER, UC_DBPW, UC_DBNAME, UC_DBCHARSET); $maxuid = intval($ucdb->getOne('SELECT MAX(uid)+1 FROM ' . UC_DBTABLEPRE . 'members LIMIT 1')); $smarty->assign('maxuid', $maxuid); } } $smarty->display('usermerge.php'); break; /*将会员数据导入到uc*/ /*将会员数据导入到uc*/ case 'userimporttouc': include ROOT_PATH . 'data/config.php'; include_once ROOT_PATH . 'includes/cls_json.php'; $ucdb = new cls_mysql(UC_DBHOST, UC_DBUSER, UC_DBPW, UC_DBNAME, UC_DBCHARSET); $json = new JSON(); $result = array('error' => 0, 'message' => ''); $maxuid = intval($ucdb->getOne('SELECT MAX(uid)+1 FROM ' . UC_DBTABLEPRE . 'members LIMIT 1')); $merge_method = intval($_POST['merge']); $merge_uid = array(); $uc_uid = array(); $repeat_user = array(); $query = $db->query('SELECT * FROM ' . $ecs->table('users') . ' ORDER BY `user_id` ASC'); while ($data = $db->fetch_array($query)) { $salt = rand(100000, 999999); $password = md5($data['password'] . $salt); $data['username'] = addslashes($data['user_name']); $lastuid = $data['user_id'] + $maxuid; $uc_userinfo = $ucdb->getRow('SELECT `uid`, `password`, `salt` FROM ' . UC_DBTABLEPRE . "members WHERE `username`='{$data['username']}'"); if (!$uc_userinfo) { $ucdb->query('INSERT LOW_PRIORITY INTO ' . UC_DBTABLEPRE . "members SET uid='{$lastuid}', username='******'username']}', password='******', email='{$data['email']}', regip='{$data['regip']}', regdate='{$data['regdate']}', salt='{$salt}'", 'SILENT'); $ucdb->query('INSERT LOW_PRIORITY INTO ' . UC_DBTABLEPRE . "memberfields SET uid='{$lastuid}'", 'SILENT'); } else {
$smarty->assign('ecs_charset', EC_CHARSET); if (!empty($_CFG['stylename'])) { $smarty->assign('ecs_css_path', 'themes/' . $_CFG['template'] . '/style_' . $_CFG['stylename'] . '.css'); } else { $smarty->assign('ecs_css_path', 'themes/' . $_CFG['template'] . '/style.css'); } $smarty->assign('css_path', 'themes/' . $_CFG['template'] . '/'); } if (isset($smarty)) { //print_r($_SESSION); $GLOBALS['smarty']->assign('loogo', $_CFG['shop_logo']); $GLOBALS['smarty']->assign('user', $_SESSION ? $_SESSION : '0'); $GLOBALS['smarty']->assign('is_store_user', $_SESSION['user_rank'] ? $_SESSION['user_rank'] : '0'); if ($_SESSION['user_rank']) { $sql_rank_name = 'SELECT rank_name FROM ' . $ecs->table('user_rank') . " WHERE rank_id = " . $_SESSION['user_rank']; $rank_name = $db->getOne($sql_rank_name); } $GLOBALS['smarty']->assign('rank_name', $rank_name); } if (!defined('INIT_NO_USERS')) { /* 会员信息 */ $user =& init_users(); //dump($user); if (!isset($_SESSION['user_id'])) { /* 获取投放站点的名称 */ $site_name = isset($_GET['from']) ? htmlspecialchars($_GET['from']) : addslashes($_LANG['self_site']); $from_ad = !empty($_GET['ad_id']) ? intval($_GET['ad_id']) : 0; $_SESSION['from_ad'] = $from_ad; // 用户点击的广告ID $_SESSION['referer'] = stripslashes($site_name); // 用户来源
} } else { login_display("此账号未激活"); } } else { //调转到注册页面 $warn = "请确认上面的信息正确无误,然后输入注册码,进行注册;<br/>若信息有误,请找管理员确认之后再进行注册!"; register_display($guardian, $warn); } } else { login_display("账号不正确"); } } else { //管理员正常登陆逻辑, 包括班主任(班级管理员) $sql = "SELECT `ec_salt` FROM " . $ecs->table('admin_user') . "WHERE user_name = '" . $_POST['username'] . "'"; $ec_salt = $db->getOne($sql); if (!empty($ec_salt)) { /* 检查密码是否正确 */ $sql = "SELECT * " . " FROM " . $ecs->table('admin_user') . " WHERE user_name = '" . $_POST['username'] . "' AND password = '******'password']) . $ec_salt) . "'"; } else { /* 检查密码是否正确 */ $sql = "SELECT * " . " FROM " . $ecs->table('admin_user') . " WHERE user_name = '" . $_POST['username'] . "' AND password = '******'password']) . "'"; } $row = $db->getRow($sql); if ($row) { if (!$row["is_active"]) { login_display("此用户已经被注销,请联系超级管理员激活"); } if (empty($row['ec_salt'])) { $ec_salt = rand(1, 9999); $new_possword = md5(md5($_POST['password']) . $ec_salt);
ob_start('ob_gzhandler'); } else { ob_start(); } if (is_wechat_browser() && strpos($_CFG['site_url'], 'test.') === false) { if (empty($_SESSION['user_id'])) { include_once ROOT_PATH . 'include/lib_passport.php'; include_once ROOT_PATH . 'weixin/login.php'; $uri = str_replace('/mobile/', '/', $_SERVER['REQUEST_URI']); if (substr($uri, -1) == '/') { $uri .= 'index.php'; } $callback = $_CFG['site_url'] . $uri; weixin_oauth($callback); } elseif (empty($_SESSION['openid'])) { $openid = $db->getOne("SELECT wxid FROM wxch_user WHERE uid={$_SESSION['user_id']}"); $_SESSION['openid'] = $openid; } } /* 检查是否是微信浏览器访问 */ function is_wechat_browser() { $user_agent = $_SERVER['HTTP_USER_AGENT']; if (strpos($user_agent, 'MicroMessenger') === false) { //echo '非微信浏览器禁止浏览'; return false; } else { //echo '微信浏览器,允许访问'; //preg_match('/.*?(MicroMessenger\/([0-9.]+))\s*/', $user_agent, $matches); //echo '<br>你的微信版本号为:'.$matches[2]; return true;
if (!empty($access_token)) { $userinfo_back_arr2 = getUserInfo($_SESSION['xaphp_sopenid'], 2); $userinfo_back_arr['subscribe'] = $userinfo_back_arr2["subscribe"]; $smarty->assign("subscribe", $userinfo_back_arr['subscribe']); } if (empty($rs)) { include_once ROOT_PATH . 'includes/lib_passport.php'; $ychar = "0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z"; $list = explode(",", $ychar); $password = ''; for ($i = 0; $i < 6; $i++) { $randnum = rand(0, 35); $password .= $list[$randnum]; } $sql = "select user_id from " . $hhs->table('users') . " order by user_id desc limit 1"; $user_id = $db->getOne($sql) + 1; $username = '******' . $user_id . mt_rand(0, 100); $email = ''; $other['msn'] = ''; $other['qq'] = ''; $other['office_phone'] = ''; $other['home_phone'] = ''; $other['mobile_phone'] = ''; $other['openid'] = $_SESSION['xaphp_sopenid']; //&& is_username($userinfo_back_arr['nickname']) if ($userinfo_back_arr['nickname'] != '' && !preg_match('/\'\\/^\\s*$|^c:\\\\con\\\\con$|[%,\\*\\"\\s\\t\\<\\>\\&\'\\\\]/', $userinfo_back_arr['nickname'])) { /* echo"<script>"; echo"alert('请先关注公众号');"; echo"</script>";exit();*/ //echo $userinfo_back_arr['nickname'];exit();
EOT; instfooter(); } elseif ($step == 'start') { $limit = getgpc('limit', 'P'); $update = getgpc('update', 'P'); $insert = getgpc('insert', 'P'); $success = getgpc('success', 'P'); $error = getgpc('error', 'P'); $item_num = 500; // 每次处理1000个会员数据 $statistics = array('update' => 0, 'insert' => 0, 'success' => 0, 'error' => 0); if (empty($limit)) { $limit = 0; } $uc_db = new cls_mysql(UC_DBHOST, UC_DBUSER, UC_DBPW, UC_DBNAME, UC_DBCHARSET, 0, 1); $total_members = $uc_db->getOne('SELECT COUNT(*) FROM ' . UC_DBTABLEPRE . 'members'); $sql = 'SELECT uid, username, password, email, salt FROM ' . UC_DBTABLEPRE . "members ORDER BY uid ASC LIMIT {$limit}, {$item_num}"; $uc_query = $uc_db->query($sql); while ($member = $uc_db->fetch_array($uc_query)) { $user_exists = $db->getOne("SELECT COUNT(*) FROM {$prefix}users WHERE `user_name`='{$member['username']}'"); if (!$user_exists) { $sql = "INSERT INTO {$prefix}users (`email`, `user_name`, `password`, `salt`) VALUES('{$member['email']}', '{$member['username']}', '{$member['password']}', '2{$member['salt']}')"; ++$statistics['insert']; } else { $sql = "UPDATE {$prefix}users SET `password`='{$member['password']}', `salt`='2{$member['salt']}' WHERE `user_name`='{$member['username']}'"; ++$statistics['update']; } $db->query($sql); if ($db->affected_rows() > 0) { ++$statistics['success']; } else {