function address()
{
switch ($_SERVER['REQUEST_METHOD']) {
case 'GET':
$r_data = get_consignee_list($_SESSION['user_id']);
return $r_data;
break;
case 'DELETE':
$consignee_id = intval($_GET['id']);
if (drop_consignee($consignee_id)) {
$r_data = 'Delete Address Success!';
} else {
$r_data = 'Delete Address Failed!';
}
return $r_data;
break;
case 'POST':
$address = array('user_id' => $_SESSION['user_id'], 'address_id' => intval($_POST['address_id']), 'country' => isset($_POST['country']) ? intval($_POST['country']) : 0, 'province' => isset($_POST['province']) ? intval($_POST['province']) : 0, 'city' => isset($_POST['city']) ? intval($_POST['city']) : 0, 'district' => isset($_POST['district']) ? intval($_POST['district']) : 0, 'address' => isset($_POST['address']) ? compile_str(trim($_POST['address'])) : '', 'consignee' => isset($_POST['consignee']) ? compile_str(trim($_POST['consignee'])) : '', 'email' => isset($_POST['email']) ? compile_str(trim($_POST['email'])) : '', 'tel' => isset($_POST['tel']) ? compile_str(make_semiangle(trim($_POST['tel']))) : '', 'mobile' => isset($_POST['mobile']) ? compile_str(make_semiangle(trim($_POST['mobile']))) : '', 'best_time' => isset($_POST['best_time']) ? compile_str(trim($_POST['best_time'])) : '', 'sign_building' => isset($_POST['sign_building']) ? compile_str(trim($_POST['sign_building'])) : '', 'zipcode' => isset($_POST['zipcode']) ? compile_str(make_semiangle(trim($_POST['zipcode']))) : '');
if (update_address($address)) {
$r_data = 'Update Address Success!';
} else {
$r_data = 'Update Address Failed!';
}
return $r_data;
break;
default:
return 'This API can not support ' . $_SERVER['REQUEST_METHOD'] . ' method';
break;
}
}
function secret($db, $ecs)
{
switch ($_SERVER['REQUEST_METHOD']) {
case 'POST':
$sel_question = empty($_POST['sel_question']) ? '' : compile_str($_POST['sel_question']);
$passwd_answer = isset($_POST['passwd_answer']) ? compile_str(trim($_POST['passwd_answer'])) : '';
/* 写入密码提示问题和答案 */
if (!empty($passwd_answer) && !empty($sel_question)) {
$sql = 'UPDATE ' . $ecs->table('users') . " SET `passwd_question`='{$sel_question}', `passwd_answer`='{$passwd_answer}' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
$r_data = 'Update Secret Question Success!';
} else {
$r_data = 'Update Secret Question Failed!';
}
return $r_data;
break;
default:
return 'This API can not support ' . $_SERVER['REQUEST_METHOD'] . ' method';
break;
}
}
function idcard()
{
switch ($_SERVER['REQUEST_METHOD']) {
case 'GET':
return get_idcard_list();
//get_user_orders($user_id, $limit, $page);
break;
case 'POST':
$idcard = array('user_id' => $_SESSION['user_id'], 'idcard_id' => intval($_POST['idcard_id']), 'default' => intval($_POST['default']), 'idcard_name' => isset($_POST['name']) ? compile_str(trim($_POST['name'])) : '', 'idcard_img_z' => isset($_POST['img_z']) ? compile_str(trim($_POST['img_z'])) : '', 'idcard_img_f' => isset($_POST['img_f']) ? compile_str(trim($_POST['img_f'])) : '', 'idcard_num' => isset($_POST['id_number']) ? compile_str(trim($_POST['id_number'])) : '');
return update_idcard($idcard);
break;
case 'DELETE':
if (drop_idcard($idcard_id)) {
$r_data = 'Delete IdCard Success!';
} else {
$r_data = 'Delete IdCard Failed!';
}
return $r_data;
break;
default:
return 'This API can not support ' . $_SERVER['REQUEST_METHOD'] . ' method';
break;
}
}
<?php
define('IN_ECS', true);
require 'D:/wamp/www/benhushop1231' . '/includes/init.php';
//$type = trim(compile_str($_REQUEST['type']));
$userName = trim(compile_str($_REQUEST['userName']));
$password = trim(compile_str($_REQUEST['password']));
/*
$ec_salt = -1; $validate = 0;
$result = array();
switch($type)
{
case 'ec_salt':
$result['ec_salt'] = getEcsaltByUserName($userName);
break;
case 'user_validate':
$result['validate'] = isUserValidated($userName, $password);
break;
}
*/
$result = array();
$ec_salt = getEcsaltByUserName($userName);
$result['validate'] = isUserValidated($userName, $password, $ec_salt);
die(urldecode(json_encode($result)));
function getEcsaltByUserName($userName)
{
$sql = "SELECT ec_salt FROM " . $GLOBALS['ecs']->table('users') . " WHERE user_name = '{$userName}'";
$ec_salt = $GLOBALS['db']->getOne($sql);
$ec_salt = empty($ec_salt) ? -1 : $ec_salt;
if ($is_distribor != 1) {
show_message('您还不是分销商!', '去首页', 'index.php');
exit;
}
if (isset($_REQUEST['act']) && $_REQUEST['act'] == 'edit') {
$id = intval($_REQUEST['id']);
$info = get_dp_info($id, $_SESSION['user_id']);
if ($info) {
$smarty->assign('info', $info);
} else {
show_message('您没有权限查看此信息!');
}
}
if (isset($_REQUEST['act']) && $_REQUEST['act'] == 'act_save') {
$id = intval($_POST['id']);
$tixian = array('real_name' => empty($_POST['real_name']) ? '' : compile_str(trim($_POST['real_name'])), 'account_name' => empty($_POST['account_name']) ? '' : compile_str($_POST['account_name']), 'bank_account' => empty($_POST['bank_account']) ? '' : compile_str($_POST['bank_account']), 'phone' => empty($_POST['phone']) ? '' : compile_str(trim($_POST['phone'])), 'remark' => empty($_POST['remark']) ? '' : compile_str(trim($_POST['remark'])), 'user_id' => $_SESSION['user_id']);
if ($tixian) {
if ($id) {
$GLOBALS['db']->autoExecute($GLOBALS['ecs']->table('user_deposit'), $tixian, 'UPDATE', 'id = ' . $id);
$error_no = $GLOBALS['db']->errno();
if ($error_no > 0) {
show_message($GLOBALS['db']->errorMsg());
} else {
ecs_header("Location: v_user_tixian.php\n");
exit;
}
} else {
$GLOBALS['db']->autoExecute($GLOBALS['ecs']->table('user_deposit'), $tixian, 'INSERT');
$error_no = $GLOBALS['db']->errno();
if ($error_no > 0) {
show_message($GLOBALS['db']->errorMsg());
/**
* 注册会员的处理
*/
function action_register()
{
// 获取全局变量
$_CFG = $GLOBALS['_CFG'];
$_LANG = $GLOBALS['_LANG'];
$smarty = $GLOBALS['smarty'];
$db = $GLOBALS['db'];
$ecs = $GLOBALS['ecs'];
$err = $GLOBALS['err'];
include_once 'includes/cls_json.php';
$json = new JSON();
$res = array('err_msg' => '', 'result' => '');
/* 增加是否关闭注册 */
if ($_CFG['shop_reg_closed']) {
$smarty->assign('action', 'register');
$smarty->assign('shop_reg_closed', $_CFG['shop_reg_closed']);
$smarty->display('user_passport.dwt');
} else {
include_once ROOT_PATH . 'includes/lib_passport.php';
$username = isset($_POST['username']) ? trim($_POST['username']) : '';
$password = isset($_POST['password']) ? trim($_POST['password']) : '';
$email = isset($_POST['email']) ? trim($_POST['email']) : '';
$other['msn'] = isset($_POST['extend_field1']) ? $_POST['extend_field1'] : '';
$other['qq'] = isset($_POST['extend_field2']) ? $_POST['extend_field2'] : '';
$other['office_phone'] = isset($_POST['extend_field3']) ? $_POST['extend_field3'] : '';
$other['home_phone'] = isset($_POST['extend_field4']) ? $_POST['extend_field4'] : '';
$other['mobile_phone'] = isset($_POST['extend_field5']) ? $_POST['extend_field5'] : '';
$sel_question = empty($_POST['sel_question']) ? '' : compile_str($_POST['sel_question']);
$passwd_answer = isset($_POST['passwd_answer']) ? compile_str(trim($_POST['passwd_answer'])) : '';
// 注册类型:email、mobile
$register_type = isset($_POST['register_type']) ? trim($_POST['register_type']) : '';
$back_act = isset($_POST['back_act']) ? trim($_POST['back_act']) : '';
if (empty($_POST['agreement'])) {
$res['err_msg'] = $_LANG['passport_js']['agreement'];
$res['err_no'] = 1;
die($json->encode($res));
}
if (strlen($username) < 3) {
$res['err_msg'] = $_LANG['passport_js']['username_shorter'];
$res['err_no'] = 1;
die($json->encode($res));
}
if (strlen($password) < 6) {
$res['err_msg'] = $_LANG['passport_js']['password_shorter'];
$res['err_no'] = 1;
die($json->encode($res));
}
if (strpos($password, ' ') > 0) {
$res['err_msg'] = $_LANG['passwd_balnk'];
$res['err_no'] = 1;
die($json->encode($res));
}
/* 验证码检查 */
if (intval($_CFG['captcha']) & CAPTCHA_REGISTER && gd_version() > 0) {
if (empty($_POST['captcha'])) {
$res['err_msg'] = $_LANG['invalid_captcha'];
$res['err_no'] = 1;
die($json->encode($res));
}
/* 检查验证码 */
include_once 'includes/cls_captcha.php';
$validator = new captcha();
if (!$validator->check_word($_POST['captcha'])) {
$res['err_msg'] = $_LANG['invalid_captcha'];
$res['err_no'] = 1;
die($json->encode($res));
}
}
if (register($username, $password, $email, $other) !== false) {
/*把新注册用户的扩展信息插入数据库*/
$sql = 'SELECT id FROM ' . $ecs->table('reg_fields') . ' WHERE type = 0 AND display = 1 ORDER BY dis_order, id';
//读出所有自定义扩展字段的id
$fields_arr = $db->getAll($sql);
$extend_field_str = '';
//生成扩展字段的内容字符串
foreach ($fields_arr as $val) {
$extend_field_index = 'extend_field' . $val['id'];
if (!empty($_POST[$extend_field_index])) {
$temp_field_content = strlen($_POST[$extend_field_index]) > 100 ? mb_substr($_POST[$extend_field_index], 0, 99) : $_POST[$extend_field_index];
$extend_field_str .= " ('" . $_SESSION['user_id'] . "', '" . $val['id'] . "', '" . compile_str($temp_field_content) . "'),";
}
}
$extend_field_str = substr($extend_field_str, 0, -1);
if ($extend_field_str) {
$sql = 'INSERT INTO ' . $ecs->table('reg_extend_info') . ' (`user_id`, `reg_field_id`, `content`) VALUES' . $extend_field_str;
$db->query($sql);
}
/* 写入密码提示问题和答案 */
if (!empty($passwd_answer) && !empty($sel_question)) {
$sql = 'UPDATE ' . $ecs->table('users') . " SET `passwd_question`='{$sel_question}', `passwd_answer`='{$passwd_answer}' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
}
/* 判断是否需要自动发送注册邮件 */
if ($GLOBALS['_CFG']['member_email_validate'] && $GLOBALS['_CFG']['send_verify_email']) {
send_regiter_hash($_SESSION['user_id']);
}
$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
if (empty($back_act)) {
$back_act = 'index.php';
}
$res['err_no'] = 0;
$res['back_act'] = $back_act;
$res['err_msg'] = '';
die($json->encode($res));
} else {
$message['content'] = '';
foreach ($err->_message as $msg) {
$message['content'] .= '' . htmlspecialchars($msg) . "\n";
}
$res['err_msg'] = $message['content'];
$res['err_no'] = 1;
die($json->encode($res));
}
}
}
exit;
}
$consignee = get_consignee($_SESSION['user_id']);
/* 检查收货人信息是否完整 */
if (!check_consignee_info($consignee, $flow_type)) {
/* 如果不完整则转向到收货人信息填写界面 */
ecs_header("Location: flow.php?step=consignee\n");
exit;
}
$_POST['how_oos'] = isset($_POST['how_oos']) ? intval($_POST['how_oos']) : 0;
$_POST['card_message'] = isset($_POST['card_message']) ? compile_str($_POST['card_message']) : '';
$_POST['inv_type'] = !empty($_POST['inv_type']) ? compile_str($_POST['inv_type']) : '';
$_POST['inv_payee'] = isset($_POST['inv_payee']) ? compile_str($_POST['inv_payee']) : '';
$_POST['inv_content'] = isset($_POST['inv_content']) ? compile_str($_POST['inv_content']) : '';
$_POST['postscript'] = isset($_POST['postscript']) ? compile_str($_POST['postscript']) : '';
$_POST['jintofee'] = isset($_POST['jintofee']) ? compile_str($_POST['jintofee']) : '';
$order = array('shipping_id' => intval($_POST['shipping']), 'pay_id' => intval($_POST['payment']), 'pack_id' => isset($_POST['pack']) ? intval($_POST['pack']) : 0, 'card_id' => isset($_POST['card']) ? intval($_POST['card']) : 0, 'card_message' => trim($_POST['card_message']), 'surplus' => isset($_POST['surplus']) ? floatval($_POST['surplus']) : 0.0, 'integral' => isset($_POST['integral']) ? intval($_POST['integral']) : 0, 'bonus_id' => isset($_POST['bonus']) ? intval($_POST['bonus']) : 0, 'need_inv' => empty($_POST['need_inv']) ? 0 : 1, 'inv_type' => $_POST['inv_type'], 'inv_payee' => trim($_POST['inv_payee']), 'inv_content' => $_POST['inv_content'], 'postscript' => trim($_POST['postscript']), 'how_oos' => isset($_LANG['oos'][$_POST['how_oos']]) ? addslashes($_LANG['oos'][$_POST['how_oos']]) : '', 'need_insure' => isset($_POST['need_insure']) ? intval($_POST['need_insure']) : 0, 'user_id' => $_SESSION['user_id'], 'add_time' => gmtime(), 'order_status' => OS_UNCONFIRMED, 'shipping_status' => SS_UNSHIPPED, 'pay_status' => PS_UNPAYED, 'agency_id' => get_agency_by_regions(array($consignee['country'], $consignee['province'], $consignee['city'], $consignee['district'])));
/* 扩展信息 */
if (isset($_SESSION['flow_type']) && intval($_SESSION['flow_type']) != CART_GENERAL_GOODS) {
$order['extension_code'] = $_SESSION['extension_code'];
$order['extension_id'] = $_SESSION['extension_id'];
} else {
$order['extension_code'] = '';
$order['extension_id'] = 0;
}
/* 检查积分余额是否合法 */
$user_id = $_SESSION['user_id'];
if ($user_id > 0) {
$user_info = user_info($user_id);
$order['surplus'] = min($order['surplus'], $user_info['user_money'] + $user_info['credit_line']);
if ($order['surplus'] < 0) {
$consignee = get_consignee($_SESSION['user_id']);
/* 检查收货人信息是否完整 */
if (!check_consignee_info($consignee, $flow_type))
{
/* 如果不完整则转向到收货人信息填写界面 */
ecs_header("Location: flow.php?step=consignee\n");
exit;
}
$_POST['how_oos'] = isset($_POST['how_oos']) ? intval($_POST['how_oos']) : 0;
$_POST['card_message'] = isset($_POST['card_message']) ? compile_str($_POST['card_message']) : '';
$_POST['inv_type'] = !empty($_POST['inv_type']) ? compile_str($_POST['inv_type']) : '';
$_POST['inv_payee'] = isset($_POST['inv_payee']) ? compile_str($_POST['inv_payee']) : '';
$_POST['inv_content'] = isset($_POST['inv_content']) ? compile_str($_POST['inv_content']) : '';
$_POST['postscript'] = isset($_POST['postscript']) ? compile_str($_POST['postscript']) : '';
$order = array(
'shipping_id' => intval($_POST['shipping']),
'pay_id' => intval($_POST['payment']),
'pack_id' => isset($_POST['pack']) ? intval($_POST['pack']) : 0,
'card_id' => isset($_POST['card']) ? intval($_POST['card']) : 0,
'card_message' => trim($_POST['card_message']),
'surplus' => isset($_POST['surplus']) ? floatval($_POST['surplus']) : 0.00,
'integral' => isset($_POST['integral']) ? intval($_POST['integral']) : 0,
'bonus_id' => isset($_POST['bonus']) ? intval($_POST['bonus']) : 0,
'need_inv' => empty($_POST['need_inv']) ? 0 : 1,
'inv_type' => $_POST['inv_type'],
'inv_payee' => trim($_POST['inv_payee']),
'inv_content' => $_POST['inv_content'],
'postscript' => trim($_POST['postscript']),
$content = '提交评论成功';
$hrefs = 'user.php?act=order_list&ctl=5';
$order = order_info($order_id);
$integral = integral_to_give($order);
unfreeze_integral('order', $order['order_sn']);
} else {
$content = '提交评论失败';
$hrefs = 'user.php?act=order_list';
}
show_message($content, $links = '返回我的订单', $hrefs, $type = 'info', $auto_redirect = true);
}
}
} else {
if ($_REQUEST['act'] == 'article_comment') {
$id_value = intval($_REQUEST['article_id']);
$content = trim(compile_str($_REQUEST['comment']));
$comment_rank = intval($_REQUEST['comment_rate']);
$add_time = gmtime();
if (!chechCaptcha()) {
show_message('验证码不正确');
exit;
}
if (empty($content)) {
show_message('评论内容不能为空');
exit;
}
$sql = "INSERT INTO " . $GLOBALS['ecs']->table('comment') . " (comment_type, id_value, \temail, user_name, content, comment_rank, add_time, ip_address, status, parent_id, user_id, order_id, is_anonymity) VALUES(1, '{$id_value}', '', '" . $_SESSION['user_name'] . "', '{$content}', {$comment_rank}, {$add_time}, '" . $_SESSION['last_ip'] . "', 1, 0, '" . $_SESSION['user_id'] . "', '', 0)";
if ($GLOBALS['db']->query($sql)) {
$smarty->assign('redrectUrl', $_SERVER['HTTP_REFERER']);
$smarty->assign('smalltext', '已评论');
$smarty->assign('content', '您成功评论。3秒后将返回上一页,如果未跳转请');
$smarty->caching = true;
}
if ($_CFG['is_distrib'] == 0) {
show_message('没有开启微信分销服务!', '返回首页', 'index.php');
}
if ($_SESSION['user_id'] == 0) {
ecs_header("Location: ./\n");
exit;
}
$is_distribor = is_distribor($_SESSION['user_id']);
if ($is_distribor != 1) {
show_message('您还不是分销商!', '去首页', 'index.php');
exit;
}
if (isset($_REQUEST['act']) && $_REQUEST['act'] == 'act_tixian') {
$tixian = array('deposit_money' => empty($_POST['deposit_money']) ? '' : $_POST['deposit_money'], 'real_name' => empty($_POST['real_name']) ? '' : compile_str(trim($_POST['real_name'])), 'account_name' => empty($_POST['account_name']) ? '' : compile_str($_POST['account_name']), 'bank_account' => empty($_POST['bank_account']) ? '' : compile_str($_POST['bank_account']), 'phone' => empty($_POST['phone']) ? '' : compile_str(trim($_POST['phone'])), 'remark' => empty($_POST['remark']) ? '' : compile_str(trim($_POST['remark'])), 'add_time' => gmtime(), 'user_id' => $_SESSION['user_id'], 'status' => 0);
if ($tixian['deposit_money'] <= 0) {
show_message('您输入的提现金额不正确!');
}
if ($tixian['real_name'] == '' || $tixian['account_name'] == '' || $tixian['bank_account'] == '') {
show_message('信息请填写完整!');
}
if (!is_telephone($tixian['phone'])) {
show_message('手机号格式不正确!');
}
$user_money = get_user_money_by_user_id($_SESSION['user_id']);
if ($tixian['deposit_money'] > $user_money) {
show_message('您的余额不足,请重新输入!');
}
$GLOBALS['db']->autoExecute($GLOBALS['ecs']->table('deposit'), $tixian, 'INSERT');
$error_no = $GLOBALS['db']->errno();
<?php
define('IN_ECS', true);
define('WEB_ROOT', 'D:/wamp/www/benhushop1231');
define('NEW_UESER_RANKNAME', 'VIP0');
require WEB_ROOT . '/includes/init.php';
require WEB_ROOT . '/MobileInterface/lib/lib_category.php';
$act = trim(compile_str($_REQUEST['act']));
$cateId = intval(trim(compile_str($_REQUEST['cateId'])));
switch ($act) {
case 'categoryList':
$categoryList = getCategoryList($cateId);
die(urldecode(json_encode($categoryList)));
break;
case 'test':
$categoryList = getCategoryList($cateId);
echo "<pre>";
print_r($categoryList);
echo "</pre>";
die;
// die(urldecode(json_encode($categoryList)));
break;
default:
die(urldecode('参数不对'));
break;
}
function getCategoryList($parent_id = 0)
{
$sql = "SELECT cat_id,cat_name FROM " . $GLOBALS['ecs']->table('category') . " WHERE parent_id='{$parent_id}' AND is_show=1 ORDER BY sort_order ASC";
$categorys = $GLOBALS['db']->getAll($sql);
if (!empty($categorys)) {
//是否有房贷
$loanqi = array('3个月以上', '3-6个月', '6个月以上');
//已还款期数
/* 取得国家的省列表 */
$province_list[$region_id] = get_regions(1, 1);
$smarty->assign('province_list', $province_list);
$smarty->assign('righttye', $righttye);
$smarty->assign('decideloan', $decideloan);
$smarty->assign('loanqi', $loanqi);
$smarty->assign('act', $action);
$smarty->display('borrow_money.dwt');
} elseif ($action == 'insert_house_info') {
include_once ROOT_PATH . 'includes/lib_transaction.php';
$houseaddress = isset($_POST['hosue_houseadd']) ? compile_str(trim($_POST['hosue_houseadd'])) : '0';
$housetype = compile_str(trim($_POST['housetype']));
$houseloan = compile_str(trim($_POST['houseloan']));
if (empty($houseaddress) || empty($housetype) || empty($houseloan)) {
show_message($_LANG['borrow_userinfo_fail'], $_LANG['back_up_page'], 'borrow_money.php?act=houseinfo');
}
$carinfo = array('user_id' => $userid, 'house_add' => $houseaddress, 'house_type' => $housetype, 'house_loan' => $houseloan, 'addtime' => gmtime());
if (insert_borrow($carinfo, 3)) {
show_message($_LANG['borrow_record_success'], $_LANG['back_up_page'], './index.php');
}
} elseif ($action == 'creditinfo') {
/* 查询纯信用信息 */
$sql = 'SELECT * FROM ' . $GLOBALS['ecs']->table('borrow_credit') . ' WHERE user_id=' . $userid;
$creditinfo = $GLOBALS['db']->getAll($sql);
$creditinfo[0]['cardright'] = empty($creditinfo[0]['cardright']) ? '0' : $creditinfo[0]['cardright'];
$creditinfo[0]['cardleft'] = empty($creditinfo[0]['cardleft']) ? '0' : $creditinfo[0]['cardleft'];
$creditinfo[0]['cardhead'] = empty($creditinfo[0]['cardhead']) ? '0' : $creditinfo[0]['cardhead'];
$creditinfo[0]['contract'] = empty($creditinfo[0]['contract']) ? '0' : $creditinfo[0]['contract'];
$result['error'] = sprintf($_LANG['bonus_min_amount_error'], price_format($bonus['min_goods_amount'], false));
}
$smarty->assign('total', $total);
/* 团购标志 */
if ($flow_type == CART_GROUP_BUY_GOODS) {
$smarty->assign('is_group_buy', 1);
}
$result['content'] = $smarty->fetch('library/order_total.lbi');
}
$json = new JSON();
die($json->encode($result));
} elseif ($_REQUEST['step'] == 'saveadd') {
include_once ROOT_PATH . 'includes/lib_transaction.php';
include_once ROOT_PATH . 'languages/' . $_CFG['lang'] . '/shopping_flow.php';
$smarty->assign('lang', $_LANG);
$address = array('user_id' => $_SESSION['user_id'], 'address_id' => intval($_REQUEST['address_id']), 'country' => isset($_REQUEST['country']) ? intval($_REQUEST['country']) : 1, 'province' => isset($_REQUEST['province']) ? intval($_REQUEST['province']) : 0, 'city' => isset($_REQUEST['city']) ? intval($_REQUEST['city']) : 0, 'district' => isset($_REQUEST['district']) ? intval($_REQUEST['district']) : 0, 'address' => isset($_REQUEST['address']) ? compile_str(trim($_REQUEST['address'])) : '', 'consignee' => isset($_REQUEST['consignee']) ? compile_str(trim($_REQUEST['consignee'])) : '', 'email' => isset($_REQUEST['email']) ? compile_str(trim($_REQUEST['email'])) : '', 'tel' => isset($_REQUEST['tel']) ? compile_str(make_semiangle(trim($_REQUEST['tel']))) : '', 'zipcode' => isset($_REQUEST['zipcode']) ? compile_str(make_semiangle(trim($_REQUEST['zipcode']))) : '', 'is_first' => isset($_REQUEST['is_first']) ? intval($_REQUEST['is_first']) : 0);
if (update_address($address)) {
set_session_consignee($smarty);
$result = 1;
}
echo json_encode($result);
exit;
} elseif ($_REQUEST['step'] == 'add_package_to_cart') {
include_once 'includes/cls_json.php';
$_POST['package_info'] = json_str_iconv($_POST['package_info']);
$result = array('error' => 0, 'message' => '', 'content' => '', 'package_id' => '');
$json = new JSON();
if (empty($_POST['package_info'])) {
$result['error'] = 1;
die($json->encode($result));
}
}
/* 保存订单详情收货地址 */
elseif ($action == 'save_order_address')
{
include_once(ROOT_PATH .'includes/lib_transaction.php');
$address = array(
'consignee' => isset($_POST['consignee']) ? compile_str(trim($_POST['consignee'])) : '',
'email' => isset($_POST['email']) ? compile_str(trim($_POST['email'])) : '',
'address' => isset($_POST['address']) ? compile_str(trim($_POST['address'])) : '',
'zipcode' => isset($_POST['zipcode']) ? compile_str(make_semiangle(trim($_POST['zipcode']))) : '',
'tel' => isset($_POST['tel']) ? compile_str(trim($_POST['tel'])) : '',
'mobile' => isset($_POST['mobile']) ? compile_str(trim($_POST['mobile'])) : '',
'sign_building' => isset($_POST['sign_building']) ? compile_str(trim($_POST['sign_building'])) : '',
'best_time' => isset($_POST['best_time']) ? compile_str(trim($_POST['best_time'])) : '',
'order_id' => isset($_POST['order_id']) ? intval($_POST['order_id']) : 0
);
if (save_order_address($address, $user_id))
{
ecs_header('Location: user.php?act=order_detail&order_id=' .$address['order_id']. "\n");
exit;
}
else
{
$err->show($_LANG['order_list_lnk'], 'user.php?act=order_list');
}
}
/* 我的红包列表 */
elseif ($action == 'bonus')
$order_info = array();
//组装拆分的子订单数组信息start
foreach ($cart_goods_new as $ckey => $cval) {
$cart_goods = $cval['goodlist'];
$_POST['how_oos'] = isset($_POST['how_oos']) ? intval($_POST['how_oos']) : 0;
$_POST['card_message'] = isset($_POST['card_message']) ? compile_str($_POST['card_message']) : '';
$_POST['inv_type'] = !empty($_POST['inv_type']) ? compile_str($_POST['inv_type']) : '';
$_POST['inv_payee'] = isset($_POST['inv_payee']) ? compile_str($_POST['inv_payee']) : '';
$_POST['inv_content'] = isset($_POST['inv_content']) ? compile_str($_POST['inv_content']) : '';
$_POST['postscript'] = isset($_POST['postscript']) ? compile_str($_POST['postscript']) : '';
$order_integral = isset($_POST['integral']) ? $_POST['integral'] : array();
$order_bonus_id = isset($_POST['bonus']) ? $_POST['bonus'] : array();
$order_bonus_sn = isset($_POST['bonus_sn']) ? $_POST['bonus_sn'] : array();
$order_surplus = isset($_POST['surplus']) ? $_POST['surplus'] : array();
$_POST['vat_invoice'] = isset($_POST['vat_invoice']) ? compile_str($_POST['vat_invoice']) : '';
$_POST['normal_invoice'] = isset($_POST['normal_invoice']) ? compile_str($_POST['normal_invoice']) : '';
//$_POST['danwei'] = isset($_POST['danwei']) ? compile_str($_POST['danwei']) : '';
$order = array('shipping_id' => intval($_POST['shipping']), 'pay_id' => intval($_POST['payment']), 'pack_id' => isset($_POST['pack']) ? intval($_POST['pack']) : 0, 'card_id' => isset($_POST['card']) ? intval($_POST['card']) : 0, 'card_message' => trim($_POST['card_message']), 'surplus' => isset($order_surplus[$ckey]) ? floatval($order_surplus[$ckey]) : 0.0, 'integral' => isset($order_integral[$ckey]) ? intval($order_integral[$ckey]) : 0, 'bonus_id' => isset($order_bonus_id[$ckey]) ? intval($order_bonus_id[$ckey]) : 0, 'need_inv' => empty($_POST['need_inv']) ? 0 : 1, 'postscript' => trim($_POST['postscript']), 'how_oos' => isset($_LANG['oos'][$_POST['how_oos']]) ? addslashes($_LANG['oos'][$_POST['how_oos']]) : '', 'need_insure' => isset($_POST['need_insure']) ? intval($_POST['need_insure']) : 0, 'user_id' => $_SESSION['user_id'], 'add_time' => gmtime(), 'order_status' => OS_UNCONFIRMED, 'shipping_status' => SS_UNSHIPPED, 'pay_status' => PS_UNPAYED, 'agency_id' => get_agency_by_regions(array($consignee['country'], $consignee['province'], $consignee['city'], $consignee['district'])), 'supplier_id' => $ckey, 'need_inv' => 1, 'inv_content' => $_POST['cont'], 'vat_inv_company_name' => $_POST['vat_inv_company_name'], 'vat_inv_taxpayer_id' => $_POST['vat_inv_taxpayer_id'], 'vat_inv_registration_address' => $_POST['vat_inv_registration_address'], 'vat_inv_registration_phone' => $_POST['vat_inv_registration_phone'], 'vat_inv_deposit_bank' => $_POST['vat_inv_deposit_bank'], 'vat_inv_bank_account' => $_POST['vat_inv_bank_account'], 'inv_consignee_name' => $_POST['inv_consignee_name'], 'inv_consignee_phone' => $_POST['inv_consignee_phone'], 'inv_consignee_country ' => '1', 'inv_consignee_province' => $_POST['inv_consignee_province'], 'inv_consignee_city' => $_POST['selCities'], 'inv_consignee_district' => $_POST['selDistricts'], 'inv_consignee_address' => $_POST['inv_consignee_address']);
if ($_POST['normal_invoice']) {
$order['inv_type'] = $_POST['normal_invoice'];
if ($_POST['danwei']) {
$order['inv_payee'] = $_POST['danwei'];
} else {
$order['inv_payee'] = '个人';
}
$order['inv_payee_type'] = $_POST['oadio'];
$order['inv_payee_type'] = 'individual';
} else {
$order['inv_type'] = $_POST['vat_invoice'];
}
/* 扩展信息 */
$other['mobile_phone'] = isset($_POST['extend_field5']) ? $_POST['extend_field5'] : '';
$sel_question = empty($_POST['sel_question']) ? '' : compile_str($_POST['sel_question']);
$passwd_answer = isset($_POST['passwd_answer']) ? compile_str(trim($_POST['passwd_answer'])) : '';
$back_act = isset($_POST['back_act']) ? trim($_POST['back_act']) : '';
if (m_register($username, $password, $email, $other) !== false) {
/*把新注册用户的扩展信息插入数据库*/
$sql = 'SELECT id FROM ' . $ecs->table('reg_fields') . ' WHERE type = 0 AND display = 1 ORDER BY dis_order, id';
//读出所有自定义扩展字段的id
$fields_arr = $db->getAll($sql);
$extend_field_str = '';
//生成扩展字段的内容字符串
foreach ($fields_arr as $val) {
$extend_field_index = 'extend_field' . $val['id'];
if (!empty($_POST[$extend_field_index])) {
$temp_field_content = strlen($_POST[$extend_field_index]) > 100 ? mb_substr($_POST[$extend_field_index], 0, 99) : $_POST[$extend_field_index];
$extend_field_str .= " ('" . $_SESSION['user_id'] . "', '" . $val['id'] . "', '" . compile_str($temp_field_content) . "'),";
}
}
$extend_field_str = substr($extend_field_str, 0, -1);
if ($extend_field_str) {
$sql = 'INSERT INTO ' . $ecs->table('reg_extend_info') . ' (`user_id`, `reg_field_id`, `content`) VALUES' . $extend_field_str;
$db->query($sql);
}
/* 写入密码提示问题和答案 */
if (!empty($passwd_answer) && !empty($sel_question)) {
$sql = 'UPDATE ' . $ecs->table('users') . " SET `passwd_question`='{$sel_question}', `passwd_answer`='{$passwd_answer}' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
}
$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
$Loaction = 'index.php';
ecs_header("Location: {$Loaction}\n");
case 'SMS':
$mobileNum = trim(compile_str($_REQUEST['userName']));
generateSMS($mobileNum);
break;
case 'register':
$mobileNum = trim(compile_str($_REQUEST['userName']));
$SMS = trim(compile_str($_REQUEST['SMS']));
$md5Password = trim($_REQUEST['pwd']);
userRegister($mobileNum, $SMS, $md5Password);
break;
case 'send_find_pwd_SMS':
generateSMS('', 'send_find_pwd_SMS');
break;
case 'check_find_pwd_SMS':
$mobile_phone = trim(compile_str($_REQUEST['mobile_phone']));
$SMS = trim(compile_str($_REQUEST['SMS']));
$md5Password = trim($_REQUEST['pwd']);
$rtVal = check_find_pwd_SMS($mobile_phone, $SMS, $md5Password);
if (SYSTEM_ERROR == $rtVal) {
die(urldecode(json_encode(array('error' => '系统错误'))));
} elseif (MOBILE_PHONE_ERROR == $rtVal) {
die(urldecode(json_encode(array('error' => '手机号码有误'))));
} elseif (SMS_ERROR == $rtVal) {
die(urldecode(json_encode(array('error' => '验证码错误'))));
} else {
die(urldecode(json_encode(array('success' => '修改成功'))));
}
break;
default:
die(urldecode(json_encode(array('error' => '参数不对'))));
break;
/* 检查订单是否未付款和未发货 以及订单金额是否为0 和支付id是否为改变*/
if ($order['pay_status'] != PS_UNPAYED || $order['shipping_status'] != SS_UNSHIPPED || $order['goods_amount'] <= 0 || $order['pay_id'] == $pay_id) {
ecs_header("Location: user.php?act=order_detail&order_id={$order_id}\n");
exit;
}
$order_amount = $order['order_amount'] - $order['pay_fee'];
$pay_fee = pay_fee($pay_id, $order_amount);
$order_amount += $pay_fee;
$sql = "UPDATE " . $ecs->table('order_info') . " SET pay_id='{$pay_id}', pay_name='{$payment_info['pay_name']}', pay_fee='{$pay_fee}', order_amount='{$order_amount}'" . " WHERE order_id = '{$order_id}'";
$db->query($sql);
/* 跳转 */
ecs_header("Location: user.php?act=order_detail&order_id={$order_id}\n");
exit;
} elseif ($action == 'save_order_address') {
include_once ROOT_PATH . 'includes/lib_transaction.php';
$address = array('consignee' => isset($_POST['consignee']) ? compile_str(trim($_POST['consignee'])) : '', 'email' => isset($_POST['email']) ? compile_str(trim($_POST['email'])) : '', 'address' => isset($_POST['address']) ? compile_str(trim($_POST['address'])) : '', 'zipcode' => isset($_POST['zipcode']) ? compile_str(make_semiangle(trim($_POST['zipcode']))) : '', 'tel' => isset($_POST['tel']) ? compile_str(trim($_POST['tel'])) : '', 'mobile' => isset($_POST['mobile']) ? compile_str(trim($_POST['mobile'])) : '', 'sign_building' => isset($_POST['sign_building']) ? compile_str(trim($_POST['sign_building'])) : '', 'best_time' => isset($_POST['best_time']) ? compile_str(trim($_POST['best_time'])) : '', 'order_id' => isset($_POST['order_id']) ? intval($_POST['order_id']) : 0);
if (save_order_address($address, $user_id)) {
ecs_header('Location: user.php?act=order_detail&order_id=' . $address['order_id'] . "\n");
exit;
} else {
$err->show($_LANG['order_list_lnk'], 'user.php?act=order_list');
}
} elseif ($action == 'bonus') {
include_once ROOT_PATH . 'includes/lib_transaction.php';
$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('user_bonus') . " WHERE user_id = '{$user_id}'");
$pager = get_pager('user.php', array('act' => $action), $record_count, $page);
$bonus = get_user_bouns_list($user_id, $pager['size'], $pager['start']);
$smarty->assign('pager', $pager);
$smarty->assign('bonus', $bonus);
$smarty->display('user_transaction.dwt');
$smarty->assign('passwd_questions', $_LANG['passwd_questions']);
$smarty->assign('profile', $user_info);
$f = isset($_REQUEST['f']) ? trim($_REQUEST['f']) : '';
$smarty->assign('f', $f);
$smarty->display('profile.html');
} elseif ($act == 'act_edit_profile') {
include_once ROOT_PATH . 'includes/lib_transaction.php';
$birthday = trim($_POST['birthdayYear']) . '-' . trim($_POST['birthdayMonth']) . '-' . trim($_POST['birthdayDay']);
$email = trim($_POST['email']);
$other['msn'] = $msn = isset($_POST['extend_field1']) ? trim($_POST['extend_field1']) : '';
$other['qq'] = $qq = isset($_POST['extend_field2']) ? trim($_POST['extend_field2']) : '';
$other['office_phone'] = $office_phone = isset($_POST['extend_field3']) ? trim($_POST['extend_field3']) : '';
$other['home_phone'] = $home_phone = isset($_POST['extend_field4']) ? trim($_POST['extend_field4']) : '';
$other['mobile_phone'] = $mobile_phone = isset($_POST['extend_field5']) ? trim($_POST['extend_field5']) : '';
$sel_question = empty($_POST['sel_question']) ? '' : compile_str($_POST['sel_question']);
$passwd_answer = isset($_POST['passwd_answer']) ? compile_str(trim($_POST['passwd_answer'])) : '';
/* 更新用户扩展字段的数据 */
$sql = 'SELECT id FROM ' . $ecs->table('reg_fields') . ' WHERE type = 0 AND display = 1 ORDER BY dis_order, id';
//读出所有扩展字段的id
$fields_arr = $db->getAll($sql);
foreach ($fields_arr as $val) {
$extend_field_index = 'extend_field' . $val['id'];
if (isset($_POST[$extend_field_index])) {
$temp_field_content = strlen($_POST[$extend_field_index]) > 100 ? mb_substr(htmlspecialchars($_POST[$extend_field_index]), 0, 99) : htmlspecialchars($_POST[$extend_field_index]);
$sql = 'SELECT * FROM ' . $ecs->table('reg_extend_info') . " WHERE reg_field_id = '{$val['id']}' AND user_id = '{$user_id}'";
if ($db->getOne($sql)) {
$sql = 'UPDATE ' . $ecs->table('reg_extend_info') . " SET content = '{$temp_field_content}' WHERE reg_field_id = '{$val['id']}' AND user_id = '{$user_id}'";
} else {
$sql = 'INSERT INTO ' . $ecs->table('reg_extend_info') . " (`user_id`, `reg_field_id`, `content`) VALUES ('{$user_id}', '{$val['id']}', '{$temp_field_content}')";
}
$db->query($sql);
if (empty($_POST['consignee'])) {
echo '收货人姓名不可为空!';
exit;
}
if (empty($_POST['address'])) {
echo '详细地址不可为空!';
exit;
}
if (empty($_POST['tel'])) {
echo '电话/手机不可为空!';
exit;
}
/*
* 保存收货人信息
*/
$consignee = array('address_id' => empty($_POST['address_id']) ? 0 : intval($_POST['address_id']), 'consignee' => empty($_POST['consignee']) ? '' : compile_str(trim($_POST['consignee'])), 'country' => empty($_POST['country']) ? '' : intval($_POST['country']), 'province' => empty($_POST['province']) ? '' : intval($_POST['province']), 'city' => empty($_POST['city']) ? '' : intval($_POST['city']), 'district' => empty($_POST['district']) ? '' : intval($_POST['district']), 'email' => empty($_POST['email']) ? '' : compile_str($_POST['email']), 'address' => empty($_POST['address']) ? '' : compile_str($_POST['address']), 'zipcode' => empty($_POST['zipcode']) ? '' : compile_str(make_semiangle(trim($_POST['zipcode']))), 'tel' => empty($_POST['tel']) ? '' : compile_str(make_semiangle(trim($_POST['tel']))), 'mobile' => empty($_POST['mobile']) ? '' : compile_str(make_semiangle(trim($_POST['mobile']))), 'sign_building' => empty($_POST['sign_building']) ? '' : compile_str($_POST['sign_building']), 'best_time' => empty($_POST['best_time']) ? '' : compile_str($_POST['best_time']));
if ($_SESSION['user_id'] > 0) {
include_once ROOT_PATH . 'includes/lib_transaction.php';
/* 如果用户已经登录,则保存收货人信息 */
$consignee['user_id'] = $_SESSION['user_id'];
save_consignee($consignee, true);
}
/* 保存到session */
$_SESSION['flow_consignee'] = stripslashes_deep($consignee);
/* 检查购物车中是否有商品 */
$sql = "SELECT COUNT(*) FROM " . $ecs->table('cart') . " WHERE session_id = '" . SESS_ID . "' " . "AND parent_id = 0 AND is_gift = 0 AND rec_type = '{$flow_type}'";
if ($db->getOne($sql) == 0) {
$tips = '您的购物车中没有商品';
}
$consignee = get_consignee($_SESSION['user_id']);
//14:07 2013-07-17
/**
* 注册会员的处理
*/
function action_register()
{
// 获取全局变量
$_CFG = $GLOBALS['_CFG'];
$_LANG = $GLOBALS['_LANG'];
$smarty = $GLOBALS['smarty'];
$db = $GLOBALS['db'];
$ecs = $GLOBALS['ecs'];
/* 增加是否关闭注册 */
if ($_CFG['shop_reg_closed']) {
$smarty->assign('action', 'register');
$smarty->assign('shop_reg_closed', $_CFG['shop_reg_closed']);
$smarty->display('user_passport.dwt');
} else {
include_once ROOT_PATH . 'includes/lib_passport.php';
$username = isset($_POST['username']) ? trim($_POST['username']) : '';
$password = isset($_POST['password']) ? trim($_POST['password']) : '';
$email = isset($_POST['email']) ? trim($_POST['email']) : '';
$other['msn'] = isset($_POST['extend_field1']) ? $_POST['extend_field1'] : '';
$other['qq'] = isset($_POST['extend_field2']) ? $_POST['extend_field2'] : '';
$other['office_phone'] = isset($_POST['extend_field3']) ? $_POST['extend_field3'] : '';
$other['home_phone'] = isset($_POST['extend_field4']) ? $_POST['extend_field4'] : '';
//$other['mobile_phone'] = isset($_POST['extend_field5']) ? $_POST['extend_field5'] : '';
$sel_question = empty($_POST['sel_question']) ? '' : compile_str($_POST['sel_question']);
$passwd_answer = isset($_POST['passwd_answer']) ? compile_str(trim($_POST['passwd_answer'])) : '';
// 注册类型:email、mobile
$register_type = isset($_POST['register_type']) ? trim($_POST['register_type']) : '';
$back_act = isset($_POST['back_act']) ? trim($_POST['back_act']) : '';
// if(empty($_POST['agreement']))
// {
// show_message($_LANG['passport_js']['agreement']);
// }
// 注册类型不能为空
if (empty($register_type)) {
show_message($_LANG['passport_js']['msg_register_type_blank']);
}
// 用户名将自动生成
if (strlen($username) < 3) {
// show_message($_LANG['passport_js']['username_shorter']);
}
if (strlen($password) < 6) {
show_message($_LANG['passport_js']['password_shorter']);
}
if (strpos($password, ' ') > 0) {
show_message($_LANG['passwd_balnk']);
}
/* 验证码检查 */
if (intval($_CFG['captcha']) & CAPTCHA_REGISTER && gd_version() > 0) {
if (empty($_POST['captcha'])) {
show_message($_LANG['invalid_captcha'], $_LANG['sign_up'], 'register.php', 'error');
}
/* 检查验证码 */
include_once 'includes/cls_captcha.php';
$captcha = new captcha();
if (!$captcha->check_word(trim($_POST['captcha']))) {
show_message($_LANG['invalid_captcha'], $_LANG['sign_up'], 'register.php', 'error');
}
}
if ($register_type == "email") {
/* 邮箱验证码检查 */
require_once ROOT_PATH . 'includes/lib_validate_record.php';
if (empty($email)) {
show_message($_LANG['msg_email_blank'], $_LANG['sign_up'], 'register.php', 'error');
}
$record = get_validate_record($email);
$session_email = $_SESSION[VT_EMAIL_REGISTER];
$email_code = !empty($_POST['email_code']) ? trim($_POST['email_code']) : '';
if (empty($email_code)) {
show_message($_LANG['msg_email_code_blank'], $_LANG['sign_up'], 'register.php', 'error');
} else {
if ($session_email != $email) {
show_message($_LANG['email_changed'], $_LANG['sign_up'], 'register.php', 'error');
} else {
if ($email_code != $record['record_code']) {
show_message($_LANG['invalid_email_code'], $_LANG['sign_up'], 'register.php', 'error');
}
}
}
/* 邮箱注册时 */
$username = generate_username();
/* 邮箱注册 */
$result = register_by_email($username, $password, $email, $other);
if ($result) {
/* 删除注册的验证记录 */
remove_validate_record($email);
}
} else {
if ($register_type == "mobile") {
require_once ROOT_PATH . 'includes/lib_validate_record.php';
$mobile_phone = !empty($_POST['mobile_phone']) ? trim($_POST['mobile_phone']) : '';
$mobile_code = !empty($_POST['mobile_code']) ? trim($_POST['mobile_code']) : '';
$record = get_validate_record($mobile_phone);
$session_mobile_phone = $_SESSION[VT_MOBILE_REGISTER];
/* 手机验证码检查 */
if (empty($mobile_code)) {
show_message($_LANG['msg_mobile_phone_blank'], $_LANG['sign_up'], 'register.php', 'error');
} else {
if ($session_mobile_phone != $mobile_phone) {
show_message($_LANG['mobile_phone_changed'], $_LANG['sign_up'], 'register.php', 'error');
} else {
if ($record['record_code'] != $mobile_code) {
show_message($_LANG['invalid_mobile_phone_code'], $_LANG['sign_up'], 'register.php', 'error');
} else {
if ($record['expired_time'] < time()) {
show_message($_LANG['invalid_mobile_phone_code'], $_LANG['sign_up'], 'register.php', 'error');
}
}
}
}
/* 手机注册时,用户名默认为u+手机号 */
$username = generate_username_by_mobile($mobile_phone);
/* 手机注册 */
$result = register_by_mobile($username, $password, $mobile_phone, $other);
if ($result) {
/* 删除注册的验证记录 */
remove_validate_record($mobile_phone);
}
} else {
/* 无效的注册类型 */
show_message($_LANG['register_type_invalid'], $_LANG['sign_up'], 'register.php', 'error');
}
}
/* 随进生成用户名 */
// $username = generate_username();
if ($result) {
/* 把新注册用户的扩展信息插入数据库 */
$sql = 'SELECT id FROM ' . $ecs->table('reg_fields') . ' WHERE type = 0 AND display = 1 ORDER BY dis_order, id';
// 读出所有自定义扩展字段的id
$fields_arr = $db->getAll($sql);
$extend_field_str = '';
// 生成扩展字段的内容字符串
foreach ($fields_arr as $val) {
$extend_field_index = 'extend_field' . $val['id'];
if (!empty($_POST[$extend_field_index])) {
$temp_field_content = strlen($_POST[$extend_field_index]) > 100 ? mb_substr($_POST[$extend_field_index], 0, 99) : $_POST[$extend_field_index];
$extend_field_str .= " ('" . $_SESSION['user_id'] . "', '" . $val['id'] . "', '" . compile_str($temp_field_content) . "'),";
}
}
$extend_field_str = substr($extend_field_str, 0, -1);
if ($extend_field_str) {
$sql = 'INSERT INTO ' . $ecs->table('reg_extend_info') . ' (`user_id`, `reg_field_id`, `content`) VALUES' . $extend_field_str;
$db->query($sql);
}
/* 代码增加2014-12-23 by www.68ecshop.com _star */
// if($_SESSION['tag'] > 0)
// {
// $sql = "update " . $GLOBALS['ecs']->table('users') . " set
// is_validated = 1 where user_id = '" . $_SESSION['user_id'] . "'";
// $GLOBALS['db']->query($sql);
// }
// if($other['mobile_phone'] != '')
// {
// if($_CFG['sms_register'] == 1)
// {
// $sql = "update " . $GLOBALS['ecs']->table('users') . " set
// validated = 1 where user_id = '" . $_SESSION['user_id'] . "'";
// $GLOBALS['db']->query($sql);
// }
// }
/* 代码增加2014-12-23 by www.68ecshop.com _end */
/*
* 代码增加_start By www.68ecshop.com
* include_once(ROOT_PATH . '/includes/cls_image.php');
* $image = new cls_image($_CFG['bgcolor']);
* $headimg_original =
* $GLOBALS['image']->upload_image($_FILES['headimg'], 'headimg/'.
* date('Ym'));
*
* $thumb_path=DATA_DIR. '/headimg/' . date('Ym').'/' ;
* $headimg_thumb = $GLOBALS['image']->make_thumb($headimg_original,
* '80', '50', $thumb_path);
* $headimg_thumb = $headimg_thumb ? $headimg_thumb :
* $headimg_original;
* if ($headimg_thumb)
* {
* $sql = 'UPDATE ' . $ecs->table('users') . " SET
* `headimg`='$headimg_thumb' WHERE `user_id`='" .
* $_SESSION['user_id'] . "'";
* $db->query($sql);
* }
* 代码增加_end By www.68ecshop.com
*/
/* 写入密码提示问题和答案 */
if (!empty($passwd_answer) && !empty($sel_question)) {
$sql = 'UPDATE ' . $ecs->table('users') . " SET `passwd_question`='{$sel_question}', `passwd_answer`='{$passwd_answer}' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
}
/* 代码增加_start By www.68ecshop.com */
$now = gmtime();
if ($_CFG['bonus_reg_rand']) {
$sql_bonus_ext = " order by rand() limit 0,1";
}
$sql_b = "SELECT type_id FROM " . $ecs->table("bonus_type") . " WHERE send_type='" . SEND_BY_REGISTER . "' AND send_start_date<=" . $now . " AND send_end_date>=" . $now . $sql_bonus_ext;
$res_bonus = $db->query($sql_b);
$kkk_bonus = 0;
while ($row_bonus = $db->fetchRow($res_bonus)) {
$sql = "INSERT INTO " . $ecs->table('user_bonus') . "(bonus_type_id, bonus_sn, user_id, used_time, order_id, emailed)" . " VALUES('" . $row_bonus['type_id'] . "', 0, '" . $_SESSION['user_id'] . "', 0, 0, 0)";
$db->query($sql);
$kkk_bonus = $kkk_bonus + 1;
}
if ($kkk_bonus) {
$_LANG['register_success'] = '用户名 %s 注册成功,并获得官方赠送的红包礼品';
}
/* 代码增加_end By www.68ecshop.com */
/* 判断是否需要自动发送注册邮件 */
if ($GLOBALS['_CFG']['member_email_validate'] && $GLOBALS['_CFG']['send_verify_email']) {
send_regiter_hash($_SESSION['user_id']);
}
$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
show_message(sprintf($_LANG['register_success'], $username . $ucdata), array($_LANG['back_up_page'], $_LANG['profile_lnk']), array($back_act, 'user.php'), 'info');
} else {
$GLOBALS['err']->show($_LANG['sign_up'], 'register.php');
}
}
/* 代码增加2014-12-23 by www.68ecshop.com _star */
}
function action_save_order_address()
{
$user = $GLOBALS['user'];
$_CFG = $GLOBALS['_CFG'];
$_LANG = $GLOBALS['_LANG'];
$smarty = $GLOBALS['smarty'];
$db = $GLOBALS['db'];
$ecs = $GLOBALS['ecs'];
$user_id = $_SESSION['user_id'];
include_once ROOT_PATH . 'includes/lib_transaction.php';
$address = array('consignee' => isset($_POST['consignee']) ? compile_str(trim($_POST['consignee'])) : '', 'email' => isset($_POST['email']) ? compile_str(trim($_POST['email'])) : '', 'address' => isset($_POST['address']) ? compile_str(trim($_POST['address'])) : '', 'zipcode' => isset($_POST['zipcode']) ? compile_str(make_semiangle(trim($_POST['zipcode']))) : '', 'tel' => isset($_POST['tel']) ? compile_str(trim($_POST['tel'])) : '', 'mobile' => isset($_POST['mobile']) ? compile_str(trim($_POST['mobile'])) : '', 'sign_building' => isset($_POST['sign_building']) ? compile_str(trim($_POST['sign_building'])) : '', 'best_time' => isset($_POST['best_time']) ? compile_str(trim($_POST['best_time'])) : '', 'order_id' => isset($_POST['order_id']) ? intval($_POST['order_id']) : 0);
if (save_order_address($address, $user_id)) {
ecs_header('Location: user.php?act=order_detail&order_id=' . $address['order_id'] . "\n");
exit;
} else {
$err = $GLOBALS['err'];
if (empty($address['order_id'])) {
$err->show($_LANG['order_list_lnk'], 'user.php?act=order_list');
} else {
$err->show($_LANG['order_list_lnk'], 'user.php?act=order_detail&order_id=' . $address['order_id']);
}
}
}
$smarty->assign('city_list', $city_list);
$smarty->assign('district_list', $district_list);
$smarty->assign('common_header_title', '收货地址');
$smarty->display('address_add.dwt');
} elseif ($act == 'act_edit_address') {
include_once ROOT_PATH . 'includes/lib_transaction.php';
$address_id = isset($_REQUEST['address_id']) ? intval($_REQUEST['address_id']) : '';
$re_url = isset($_REQUEST['re_url']) ? $_REQUEST['re_url'] : '';
if (!empty($address_id)) {
$sql = 'SELECT * FROM ' . $ecs->table('user_address') . " WHERE `address_id`= {$address_id} AND `user_id`=" . $_SESSION['user_id'];
$consignee = $db->getRow($sql);
if (empty($consignee)) {
mobile_error('返回用户中心', $url = 'user.php?act=address_list&re_url=' . $re_url, '配送地址不存在');
}
}
$address = array('user_id' => $_SESSION['user_id'], 'address_id' => isset($_POST['address_id']) ? intval($_POST['address_id']) : 0, 'country' => isset($_POST['country']) ? intval($_POST['country']) : 0, 'province' => isset($_POST['province']) ? intval($_POST['province']) : 0, 'city' => isset($_POST['city']) ? intval($_POST['city']) : 0, 'district' => isset($_POST['district']) ? intval($_POST['district']) : 0, 'address' => isset($_POST['address']) ? compile_str(trim($_POST['address'])) : '', 'consignee' => isset($_POST['consignee']) ? compile_str(trim($_POST['consignee'])) : '', 'email' => isset($_POST['email']) ? compile_str(trim($_POST['email'])) : '', 'tel' => isset($_POST['tel']) ? compile_str(make_semiangle(trim($_POST['tel']))) : '', 'mobile' => isset($_POST['mobile']) ? compile_str(make_semiangle(trim($_POST['mobile']))) : '', 'best_time' => isset($_POST['best_time']) ? compile_str(trim($_POST['best_time'])) : '', 'sign_building' => isset($_POST['sign_building']) ? compile_str(trim($_POST['sign_building'])) : '', 'zipcode' => isset($_POST['zipcode']) ? compile_str(make_semiangle(trim($_POST['zipcode']))) : '', 'default' => !empty($re_url) ? 1 : 0);
if (update_address($address)) {
if (empty($re_url)) {
mobile_error('返回用户中心', $url = 'user.php?act=address_list', '修改配送地址成功');
} else {
if ($re_url == 'flow') {
mobile_error('返回订单', $url = 'flow.php?act=add_order', '已经使用该地址');
} else {
mobile_error('返回用户中心', $url = 'user.php?act=address_list', '修改配送地址成功');
}
}
} else {
mobile_error('返回用户中心', $url = 'user.php?act=address_list&re_url=' . $re_url, '修改配送地址失败');
}
} elseif ($act == 'drop_consignee') {
$address_id = isset($_REQUEST['address_id']) ? intval($_REQUEST['address_id']) : '';
