function ajax()
{
$model = M('Order');
$id = intval($_POST['id']);
$order = $model->find($id);
if ($order['userid'] != $this->_userid) {
die(json_encode(array('msg' => L('do_empty'))));
}
$_POST = get_safe_replace($_POST);
if ($_GET['do'] == 'saveaddress') {
$r = $model->save($_POST);
die(json_encode(array('id' => 1)));
} elseif ($_GET['do'] == 'order_status') {
$_POST['status'] = 3;
$_POST['confirm_time'] = time();
$r = $model->save($_POST);
die(json_encode(array('id' => 1)));
} elseif ($_GET['do'] == 'pay_status') {
$_POST['pay_status'] = 3;
$r = $model->save($_POST);
die(json_encode(array('id' => 1)));
} elseif ($_GET['do'] == 'shipping_status') {
$_POST['shipping_status'] = $_POST['num'];
unset($_POST['num']);
$_POST['accept_time'] = $_POST['shipping_status'] == 2 ? time() : '';
$r = $model->save($_POST);
die(json_encode(array('id' => 1)));
}
}
function _initialize()
{
parent::_initialize();
import('@.EXT.Online');
new Online();
$this->dao = M('Cart');
$this->sessionid = get_safe_replace(cookie('onlineid'));
$_POST = get_safe_replace($_POST);
}
public function _empty()
{
//空操作 空模块
if (MODULE_NAME != 'Urlrule') {
$Mod = F('Mod');
if (!$Mod[MODULE_NAME]) {
throw_exception('404');
}
}
$a = ACTION_NAME;
$id = intval($_REQUEST['id']);
$catid = intval($_REQUEST['catid']);
$moduleid = intval($_REQUEST['moduleid']);
if (MODULE_NAME == 'Urlrule') {
if (APP_LANG) {
$l = get_safe_replace($_REQUEST['l']);
$lang = $l ? '_' . $l : '_' . C('DEFAULT_LANG');
}
$catdir = get_safe_replace($_REQUEST['catdir']);
if ($catdir) {
$Cat = F('Cat' . $lang);
$catid = $catid ? $catid : $Cat[$catdir];
unset($Cat);
}
if ($_REQUEST['module']) {
$m = get_safe_replace($_REQUEST['module']);
} elseif ($moduleid) {
$Module = F('Module');
$m = $Module[$moduleid]['module'];
unset($Module);
} elseif ($catid) {
$Category = F('Category' . $lang);
$m = $Category[$catid]['module'];
unset($Category);
} else {
throw_exception('404');
}
if ($a == 'index') {
$id = $catid;
}
} else {
if (empty($id)) {
$Cat = F('Cat' . $lang);
$id = $Cat[$id];
unset($Cat);
}
$m = MODULE_NAME;
}
import('@.Action.Base');
$bae = new BaseAction();
if (!method_exists($bae, $a)) {
throw_exception('404');
}
$bae->{$a}($id, $m);
}
public function downloadxls()
{
$where = 1;
$name = "全部订单:" . time();
if ($_REQUEST["time1"] || $_REQUEST["time2"]) {
$time1 = get_safe_replace($_REQUEST["time1"]);
$time2 = get_safe_replace($_REQUEST["time2"]);
/*strtotime($time2)-($day*86400);*/
if ($time1 == $time2) {
$time1 = strtotime($time1) - 86400;
} else {
$time1 = strtotime($time1);
}
/*相同日期则选择一天*/
$where .= " and add_time > '" . $time1 . "' and add_time < '" . strtotime($time2) . "'";
$name = "时间段" . toDate($time1, "Y/m/d") . "-" . toDate(strtotime($time2), "Y/m/d");
}
$order = M(MODULE_NAME)->where($where)->getfield('id,sn,add_time,consignee,mobile,order_amount,province,city,area,address');
//
$data = array();
foreach ($order as $key => $vv) {
$oid .= $key == 0 ? $vv['id'] : ',' . $vv['id'];
}
if (empty($oid)) {
$this->success('数据为空!');
exit;
}
$od['order_id'] = array('in', $oid);
$order_data = M("order_data")->where($od)->select();
$area = M('area')->getfield('id,name');
foreach ($order_data as $key => $v) {
$data[$key][1] = $order[$v['order_id']]['sn'] . "号";
$data[$key][2] = toDate($order[$v['order_id']]["add_time"], "Y/m/d H:i:s");
$data[$key][3] = $v['product_name'];
$data[$key][4] = $v['type_name'];
$data[$key][5] = $order[$v['order_id']]["pay_status"] == 2 ? '已支付' : '未支付';
$data[$key][6] = $order[$v['order_id']]["order_amount"] . "元";
$data[$key][7] = $order[$v['order_id']]["consignee"];
$data[$key][8] = $order[$v['order_id']]["mobile"];
$data[$key][9] = $area[$order[$v['order_id']]["province"]];
$data[$key][10] = $area[$order[$v['order_id']]["city"]];
$data[$key][11] = $area[$order[$v['order_id']]["area"]];
$data[$key][12] = $order[$v['order_id']]["address"];
}
$title = array(1 => "订单编号", 2 => "订单时间", 3 => "订购产品", 4 => "订购类型", 5 => "支付状态", 6 => "订单价格", 7 => "姓名", 8 => "手机", 9 => "省份", 10 => "城市", 11 => "区域", 12 => "地址");
$this->exportexcel($data, $title, $name);
}
function _initialize()
{
parent::_initialize();
if (!$this->_userid) {
$this->assign('jumpUrl', U('User/Login/index'));
$this->error(L('nologin'));
exit;
}
$this->dao = M('User');
$this->assign('bcid', 0);
$user = $this->dao->find($this->_userid);
$this->assign('vo', $user);
unset($_POST['status']);
unset($_POST['groupid']);
unset($_POST['amount']);
unset($_POST['point']);
$_GET = get_safe_replace($_GET);
}
public function downloadxls()
{
$where = 1;
$name = "全部订单:" . time();
if ($_REQUEST["time1"] || $_REQUEST["time2"]) {
$time1 = get_safe_replace($_REQUEST["time1"]);
$time2 = get_safe_replace($_REQUEST["time2"]);
/*strtotime($time2)-($day*86400);*/
if ($time1 == $time2) {
$time1 = strtotime($time1) - 86400;
} else {
$time1 = strtotime($time1);
}
/*相同日期则选择一天*/
$where .= " and createtime > '" . $time1 . "' and createtime < '" . strtotime($time2) . "'";
$name = "预约试驾" . toDate($time1, "Y/m/d") . "-" . toDate(strtotime($time2), "Y/m/d");
}
$area = M('area')->getfield('id,name');
$bill = M(MODULE_NAME)->where($where)->select();
foreach ($bill as $key => $vo) {
$pro = M("product")->where('id=' . $vo['car_name'])->cache(true)->find();
$data[$key][1] = $vo['id'];
$data[$key][2] = $pro['title'];
$data[$key][3] = toDate($vo['datetime'], "Y/m/d");
$data[$key][4] = $vo['username'];
$data[$key][5] = $vo['sex'] == 1 ? "先生" : '女士';
if ($vo['sex'] == 0) {
$data[$key][5] = '未知';
}
$data[$key][6] = '手机' . $vo['mobile'];
$data[$key][7] = $area[$vo['province']];
$data[$key][8] = $area[$vo['city']];
$data[$key][9] = $area[$vo['area']];
$shopname = M("shop")->where('shopcode=\'' . $vo['shop_name'] . '\'')->getfield('sname');
if (!$shopname) {
$shopname = "客户未选择";
}
$data[$key][10] = $shopname;
}
$title = array(1 => "预约号", 2 => "预约车型", 3 => "预约时间", 4 => "预约人", 5 => "性别", 6 => "电话", 7 => "省份", 8 => "城市", 9 => "区域", 10 => "经销商");
$order = A('Admin/Order');
$order->exportexcel($data, $title, $name);
}
public function order()
{
$uid = intval($_REQUEST['uid']);
$this->assign('uid', $uid);
$mid = intval($_REQUEST['id']);
$mx = get_safe_replace($_REQUEST['mx']);
if ($mid > 0 && strlen($mx) > 0) {
$pro = M($mx)->where("id=" . $mid)->find();
}
if ($this->Config["wap"] && is_mobile()) {
/*开启手机访问*/
$tmp = THEME_PATH . "wap/Index_order.html";
}
$this->assign('mx', $mx);
$this->assign('mid', $mid);
$this->assign('order', $pro);
print_r($user);
$this->display($tmp);
}
public function respond()
{
$pay_code = !empty($_REQUEST['code']) ? get_safe_replace($_REQUEST['code']) : '';
$pay_code = ucfirst($pay_code);
$Payment = M('Payment')->getByPayCode($pay_code);
if (empty($Payment)) {
$this->error(L('PAY CODE EROOR!'));
}
$aliapy_config = unserialize($Payment['pay_config']);
import("@.Pay." . $pay_code);
$pay = new $pay_code($aliapy_config);
$r = $pay->respond();
$this->assign('jumpUrl', URL('User-Order/index'));
if ($r) {
$this->error(L('PAY_OK'));
} else {
$this->error(L('PAY_FAIL'));
}
}
public function respond()
{
if (!empty($_POST)) {
foreach ($_POST as $key => $data) {
$_GET[$key] = $data;
}
}
$seller_email = rawurldecode($_GET['seller_email']);
//$order_sn = str_replace($_GET['subject'], '', $_GET['out_trade_no']);
$order_sn = trim($_GET['out_trade_no']);
$record = intval($_GET['record']);
$total_fee = get_safe_replace($_GET['total_fee']);
/* 检查数字签名是否正确 */
ksort($_GET);
reset($_GET);
$sign = '';
foreach ($_GET as $key => $val) {
if ($key != 'sign' && $key != 'sign_type' && $key != 'code' && $key != 'g' && $key != 'm' && $key != 'a' && $key != 'record') {
$sign .= "{$key}={$val}&";
}
}
$sign = substr($sign, 0, -1) . $this->config['alipay_key'];
//$sign = substr($sign, 0, -1) . ALIPAY_AUTH;
if (md5($sign) != $_GET['sign']) {
return false;
}
if ($_GET['trade_status'] == 'WAIT_SELLER_SEND_GOODS' || $_GET['trade_status'] == 'WAIT_BUYER_CONFIRM_GOODS' || $_GET['trade_status'] == 'WAIT_BUYER_PAY') {
/* 改变订单状态 进行中*/
return order_pay_status($order_sn, '1', $total_fee, $record);
} elseif ($_GET['trade_status'] == 'TRADE_FINISHED') {
/* 改变订单状态 */
return order_pay_status($order_sn, '2', $total_fee, $record);
} elseif ($_GET['trade_status'] == 'TRADE_SUCCESS') {
/* 改变订单状态 即时交易成功*/
return order_pay_status($order_sn, '2', $total_fee, $record);
} else {
return false;
}
}
public function downloadxls()
{
$where = 1;
$name = "全部订单:" . time();
if ($_REQUEST["time1"] || $_REQUEST["time2"]) {
$time1 = get_safe_replace($_REQUEST["time1"]);
$time2 = get_safe_replace($_REQUEST["time2"]);
/*strtotime($time2)-($day*86400);*/
if ($time1 == $time2) {
$time1 = strtotime($time1) - 86400;
} else {
$time1 = strtotime($time1);
}
/*相同日期则选择一天*/
$where .= " and createtime > '" . $time1 . "' and createtime < '" . strtotime($time2) . "'";
$name = "时间段" . toDate($time1, "Y/m/d") . "-" . toDate(strtotime($time2), "Y/m/d");
}
$order = M(MODULE_NAME)->where($where)->getfield('id,username,realname,createtime,username,username,username,username');
//
$title = array(1 => "订单编号", 2 => "订单时间", 3 => "订购产品", 4 => "订购类型", 5 => "支付状态", 6 => "订单价格", 7 => "姓名", 8 => "手机", 9 => "省份", 10 => "城市", 11 => "区域", 12 => "地址");
$order = A('Order');
$order->exportexcel($data, $title, $name);
}
function sendmail()
{
$verifyCode = trim($_POST['verifyCode']);
$username = get_safe_replace($_POST['username']);
$email = get_safe_replace($_POST['email']);
if (empty($username) || empty($email)) {
$this->error(L('empty_username_empty_password'));
} elseif (md5($verifyCode) != $_SESSION['verify']) {
$this->error(L('error_verify'));
}
$user = M('User');
//判断邮箱是用户是否正确
$data = $user->where("username='******' and email='{$email}'")->find();
if ($data) {
$yourphp_auth = authcode($data['id'] . "-" . $data['username'] . "-" . $data['email'], 'ENCODE', $this->sysConfig['ADMIN_ACCESS'], 3600 * 24 * 3);
//3天有效期
$username = $data['username'];
$url = 'http://' . $_SERVER['HTTP_HOST'] . U('User/Login/repassword?code=' . $yourphp_auth);
$message = str_replace(array('{username}', '{url}', '{sitename}'), array($username, $url, $this->Config['site_name']), $this->member_config['member_getpwdemaitpl']);
$r = sendmail($email, L('USER_FORGOT_PASSWORD') . '-' . $this->Config['site_name'], $message, $this->Config);
if ($r) {
$returndata['username'] = $data['username'];
$returndata['email'] = $data['email'];
$this->ajaxReturn($returndata, L('USER_EMAIL_ERROR'), 1);
} else {
$this->ajaxReturn(0, L('SENDMAIL_ERROR'), 0);
}
} else {
$this->ajaxReturn(0, L('USER_EMAIL_ERROR'), 0);
}
//$this->ajaxReturn(1,L('login_ok'),1);
}
public function editup()
{
$_REQUEST = get_safe_replace($_REQUEST);
$menuname = $_REQUEST["menuname"];
$key = $_REQUEST["key"];
$url = $_REQUEST["url"];
$type = $_REQUEST["type"];
$fatherid = intval($_REQUEST["fatherid"]);
if (empty($menuname)) {
$info = "菜单名字不可为空!";
$this->ajaxreturn($data, $info, 0);
}
if ($type == "view") {
$map["url"] = $url;
if (empty($url)) {
$info = "连接不可为空!";
$this->ajaxreturn($data, $info, 0);
}
} else {
$map["key"] = $key;
if (empty($key)) {
$info = "关键词不可为空!";
$this->ajaxreturn($data, $info, 0);
}
}
$map["menuname"] = $menuname;
$map["type"] = $type;
$r = M("wxmenu")->where("id=" . $fatherid)->save($map);
if ($r) {
$info = "修改成功";
$this->ajaxreturn($data, $info, 1);
} else {
$info = "{$menuname}:{$key}:{$url}:{$type}";
$this->ajaxreturn($data, $info, 0);
}
}
function get_safe_replace($array)
{
if (!is_array($array)) {
return safe_replace(strip_tags($array));
}
foreach ($array as $k => $val) {
$array[$k] = get_safe_replace($val);
}
return $array;
}
public function verify()
{
header('Content-type: image/jpeg');
$type = isset($_GET['type']) ? get_safe_replace($_GET['type']) : 'jpeg';
import("@.EXT.Image");
Image::buildImageVerify(4, 1, $type);
}
public function downloadxls()
{
// $list=$this->_list(MODULE_NAME);
$where = 1;
$name = "全部订单:" . time();
if (intval($_REQUEST["uid"])) {
$where .= " and userid=" . intval($_REQUEST["uid"]);
$name = "用户" . intval($_REQUEST["uid"]);
}
if (intval($_REQUEST["mid"])) {
$where .= " and mid=" . intval($_REQUEST["mid"]);
}
if ($_REQUEST["mx"]) {
$where .= " and mx='" . get_safe_replace($_REQUEST["mx"]) . "'";
$name = get_safe_replace($_REQUEST["mx"]) . intval($_REQUEST["uid"]);
}
if ($_REQUEST["mb"]) {
$where .= " and mobile='" . get_safe_replace($_REQUEST["mb"]) . "'";
$name = "手机" . get_safe_replace($_REQUEST["mb"]);
}
$udata = M(MODULE_NAME)->where($where)->select();
$data = array();
foreach ($udata as $key => $v) {
$data[$key][1] = $key;
$data[$key][2] = $v["username"];
$data[$key][3] = $v["mobile"];
$data[$key][4] = str_cut($v["title"], 20, "");
$data[$key][5] = $v["mcount"];
$data[$key][6] = $v["amount"];
$data[$key][7] = $v["godate"];
$data[$key][8] = toDate($v["add_time"], "Y/m/d H:i:s");
}
$title = array(1 => "订单编号", 2 => "姓名", 3 => "手机", 4 => "线路", 5 => "数量", 6 => "总价格", 7 => "出发时间", 8 => "添加时间");
$this->exportexcel($data, $title, $name);
}
public function downloadxls()
{
// $list=$this->_list(MODULE_NAME);
$where = 1;
$name = "全部订单:" . time();
if (intval($_REQUEST["uid"])) {
$where['userid'] = intval($_REQUEST["uid"]);
$name = "用户" . intval($_REQUEST["uid"]);
}
if ($_REQUEST["username"]) {
$where['username'] = $_REQUEST["username"];
$name = "用户-" . $_REQUEST["username"];
}
if (intval($_REQUEST["mid"])) {
$where["mid"] = intval($_REQUEST["mid"]);
}
if ($_REQUEST["mx"]) {
$where["mx"] = get_safe_replace($_REQUEST["mx"]);
$name = get_safe_replace($_REQUEST["mx"]) . intval($_REQUEST["uid"]);
}
if ($_REQUEST["mb"]) {
$where["mobile"] = get_safe_replace($_REQUEST["mb"]);
$name = "手机" . get_safe_replace($_REQUEST["mb"]);
}
if ($_REQUEST["time1"] || $_REQUEST["time2"]) {
$time1 = get_safe_replace($_REQUEST["time1"]);
$time2 = get_safe_replace($_REQUEST["time2"]);
/*strtotime($time2)-($day*86400);*/
if ($time1 == $time2) {
$time1 = strtotime($time1) - 86400;
} else {
$time1 = strtotime($time1);
}
/*相同日期则选择一天*/
$where["createtime"] = array('between', array($time1, strtotime($time2)));
$name = "时间段" . $time1;
}
$udata = M(MODULE_NAME)->where($where)->select();
$data = array();
foreach ($udata as $key => $v) {
$data[$key][1] = $key;
$data[$key][2] = $v["username"];
$data[$key][3] = $v["creditno"];
$data[$key][4] = $v["mobile"];
$data[$key][5] = str_cut($v["title"], 20, "");
$data[$key][6] = $v["mcount"];
$data[$key][7] = $v["amount"];
$data[$key][8] = $v["godate"];
$data[$key][9] = toDate($v["add_time"], "Y/m/d H:i:s");
}
$title = array(1 => "订单编号", 2 => "姓名", 3 => "身份证", 4 => "手机", 5 => "线路", 6 => "数量", 7 => "总价格", 8 => "出发时间", 9 => "添加时间");
$this->exportexcel($data, $title, $name);
}
public function doreg()
{
$username = get_safe_replace($_POST['username']);
$password = get_safe_replace($_POST['password']);
$mobile = get_safe_replace($_POST['mobile']);
$verifyCode = $_POST['verifyCode'];
if (empty($username) || empty($password) || empty($mobile)) {
$this->error(L('empty_username_empty_password_empty_email'));
}
if ($this->member_config['member_login_verify'] && md5($verifyCode) != $_SESSION['verify']) {
$this->error(L('error_verify'));
}
$status = $this->member_config['member_registecheck'] ? 0 : 1;
if ($this->member_config['member_emailcheck']) {
$status = 1;
$groupid = 5;
}
$groupid = $groupid ? $groupid : 3;
/*-------------------------打入论坛----------------------------*/
import('@.ORG.Uc');
$uc = new Uc();
$bbsuid = $uc->user_regeist($username, $password, $mobile . "@qq.com");
$uc->bbsid_login($bbsuid);
/*-----------------------------------------------------------*/
$data = array();
$data['username'] = $username;
$data['fatherid'] = intval($_SESSION["uid"]);
$data['mobile'] = $mobile;
$data['groupid'] = $groupid;
$data['login_count'] = 1;
$data['createtime'] = time();
$data['updatetime'] = time();
$data['last_logintime'] = time();
$data['reg_ip'] = get_client_ip();
$data['status'] = $status;
$data['bbs'] = $bbsuid;
$authInfo['password'] = $data['password'] = sysmd5($password);
if ($r = $this->dao->create($data)) {
if (false !== $this->dao->add()) {
$authInfo['id'] = $uid = $this->dao->getLastInsID();
$authInfo['groupid'] = $ru['role_id'] = $data['groupid'];
$ru['user_id'] = $uid;
$roleuser = M('RoleUser');
$roleuser->add($ru);
session_start();
$_SESSION["userid"] = $uid;
if ($data['fatherid']) {
/*推广id*/
$sm["userid"] = $data['fatherid'];
$sm["share_ip"] = get_client_ip();
$sm["share_time"] = time();
$sm["mx"] = MODULE_NAME;
$sm["ma"] = ACTION_NAME;
$sm["mid"] = $uid;
$sm["type"] = 3;
//0点击,1,购买,3,注册
M("sharehistory")->add($sm);
}
/* if($this->member_config['member_emailcheck']){
$yourphp_auth = authcode($uid."-".$username."-".$mobile, 'ENCODE',$this->sysConfig['ADMIN_ACCESS'],3600*24*3);//3天有效期
$url = 'http://'.$_SERVER['HTTP_HOST'].U('User/Login/regcheckemail?code='.$yourphp_auth);
$click = "<a href=\"$url\" target=\"_blank\">".L('CLICK_THIS')."</a>";
$message = str_replace(array('{click}','{url}','{sitename}'),array($click,$url,$this->Config['site_name']),$this->member_config['member_emailchecktpl']);
$r = sendmail($email,L('USER_REGISTER_CHECKEMAIL').'-'.$this->Config['site_name'],$message,$this->Config);
$this->assign('send_ok',1);
$this->assign('username',$username);
$this->assign('email',$email);
$this->display('Login:emailcheck');
exit;
}*/
$yourphp_auth_key = sysmd5($this->sysConfig['ADMIN_ACCESS'] . $_SERVER['HTTP_USER_AGENT']);
$yourphp_auth = authcode($authInfo['id'] . "-" . $authInfo['groupid'] . "-" . $authInfo['password'], 'ENCODE', $yourphp_auth_key);
$authInfo['username'] = $data['username'];
$authInfo['mobile'] = $data['mobile'];
cookie('auth', $yourphp_auth, $cookietime);
cookie('username', $authInfo['username'], $cookietime);
cookie('groupid', $authInfo['groupid'], $cookietime);
cookie('userid', $authInfo['id'], $cookietime);
cookie('mobile', $authInfo['mobile'], $cookietime);
$this->assign('jumpUrl', $this->forward);
$this->success(L('reg_ok'));
} else {
$this->error(L('reg_error'));
}
} else {
$this->error($this->dao->getError());
}
}
public function status()
{
$name = MODULE_NAME;
$model = D($name);
$_GET = get_safe_replace($_GET);
if ($model->save($_GET)) {
savecache(MODULE_NAME);
$this->success(L('do_ok'));
} else {
$this->error(L('do_error'));
}
}
public function msgadd()
{
//print_r($_REQUEST);
//exit;
$toid = intval($_REQUEST["toid"]);
$time = intval($_REQUEST["time"]);
$formid = intval($_REQUEST["formid"]);
$toname = get_safe_replace($_REQUEST["toname"]);
$body = get_safe_replace($_REQUEST["comment_text"]);
$map["touser"] = $toid;
$map["fromid"] = $formid;
$map["body"] = $body;
$map["createtime"] = $time;
$map["status"] = 1;
$map["sys"] = intval($_REQUEST["sys"]) != "" ? intval($_REQUEST["sys"]) : 0;
$map["username"] = $toname;
$map["formname"] = get_safe_replace($_REQUEST["formname"]) != "" ? get_safe_replace($_REQUEST["formname"]) : 0;
$map["lang"] = 1;
$resule = M("message")->add($map);
if ($resule) {
$this->success("留言成功!");
} else {
$this->success("留言失败!");
}
//$this->AjaxReturn($data,$info,$statu);
}
/**
* 录入
*
*/
public function insert()
{
switch ($_POST["typeid"]) {
case 0:
$type = "无选择";
break;
case 4:
$type = " 反馈类别";
break;
case 5:
$type = "信息咨询";
break;
case 6:
$type = "请求实名认证";
break;
case 7:
$type = "捐赠求助";
break;
}
$data["name"] = $_POST["username"];
$data["tel"] = $_POST["telephone"];
$data["addr"] = $_POST["title"];
//到站
$data["msg"] .= " QQ(" . $_POST["email"] . ")";
//qq
$data["msg"] .= " 备注信息(" . $_POST["content"] . ")--【" . $type . "】";
//$data["mail"]="*****@*****.**";//客户信息
$data["msg"] .= " 用户提交的请求,请尽快处理!";
$data["all"] = "【满天星捐赠】!";
import("@.ORG.PostData");
$send = new postdata();
$back = $send->send_post("http://1.gzsrex.sinaapp.com/", $data);
$data["mail"] = "*****@*****.**";
//客户信息
// $back=$send->send_post("http://1.gzsrex.sinaapp.com/",$data);
if ($this->moduleid != 6 && !in_array($this->_groupid, explode(',', $this->categorys[$_POST['catid']]['postgroup']))) {
$this->error(L('add_no_postgroup'));
}
$c = A('Admin/Content');
$_POST['ip'] = get_client_ip();
$userid = $this->_userid;
$username = $this->_username ? $this->_username : get_safe_replace($_POST['username']);
$c->insert($this->module[$this->moduleid]['name'], $this->fields, $userid, $username, $this->_groupid);
}
public function doreg()
{
$username = get_safe_replace($_POST['username']);
$password = get_safe_replace($_POST['password']);
$email = get_safe_replace($_POST['email']);
$verifyCode = $_POST['verifyCode'];
if (empty($username) || empty($password) || empty($email)) {
$this->error(L('empty_username_empty_password_empty_email'));
}
if ($this->member_config['member_login_verify'] && md5($verifyCode) != $_SESSION['verify']) {
$this->error(L('error_verify'));
}
$status = $this->member_config['member_registecheck'] ? 0 : 1;
if ($this->member_config['member_emailcheck']) {
$status = 1;
$groupid = 5;
}
$groupid = $groupid ? $groupid : 3;
$data = array();
$data['username'] = $username;
$data['email'] = $email;
$data['groupid'] = $groupid;
$data['login_count'] = 1;
$data['createtime'] = time();
$data['updatetime'] = time();
$data['last_logintime'] = time();
$data['reg_ip'] = get_client_ip();
$data['status'] = $status;
$authInfo['password'] = $data['password'] = sysmd5($password);
if ($r = $this->dao->create($data)) {
if (false !== $this->dao->add()) {
$authInfo['id'] = $uid = $this->dao->getLastInsID();
$authInfo['groupid'] = $ru['role_id'] = $data['groupid'];
$ru['user_id'] = $uid;
$roleuser = M('RoleUser');
$roleuser->add($ru);
if ($this->member_config['member_emailcheck']) {
$yourphp_auth = authcode($uid . "-" . $username . "-" . $email, 'ENCODE', $this->sysConfig['ADMIN_ACCESS'], 3600 * 24 * 3);
//3天有效期
$url = 'http://' . $_SERVER['HTTP_HOST'] . U('User/Login/regcheckemail?code=' . $yourphp_auth);
$click = "<a href=\"{$url}\" target=\"_blank\">" . L('CLICK_THIS') . "</a>";
$message = str_replace(array('{click}', '{url}', '{sitename}'), array($click, $url, $this->Config['site_name']), $this->member_config['member_emailchecktpl']);
$r = sendmail($email, L('USER_REGISTER_CHECKEMAIL') . '-' . $this->Config['site_name'], $message, $this->Config);
$this->assign('send_ok', 1);
$this->assign('username', $username);
$this->assign('email', $email);
$this->display('Login:emailcheck');
exit;
}
$yourphp_auth_key = sysmd5($this->sysConfig['ADMIN_ACCESS'] . $_SERVER['HTTP_USER_AGENT']);
$yourphp_auth = authcode($authInfo['id'] . "-" . $authInfo['groupid'] . "-" . $authInfo['password'], 'ENCODE', $yourphp_auth_key);
$authInfo['username'] = $data['username'];
$authInfo['email'] = $data['email'];
cookie('auth', $yourphp_auth, $cookietime);
cookie('username', $authInfo['username'], $cookietime);
cookie('groupid', $authInfo['groupid'], $cookietime);
cookie('userid', $authInfo['id'], $cookietime);
cookie('email', $authInfo['email'], $cookietime);
$this->assign('jumpUrl', $this->forward);
$this->success(L('reg_ok'));
} else {
$this->error(L('reg_error'));
}
} else {
$this->error($this->dao->getError());
}
}
/**
* 提交登录
*
*/
public function doLogin()
{
$dao = M('User');
$ip = get_client_ip();
if (empty($this->sysConfig['ADMIN_ACCESS'])) {
$this->error(L('NO SYSTEM CONFIG FILE'));
}
$username = get_safe_replace(trim($_POST['username']));
$password = get_safe_replace(trim($_POST['password']));
$verifyCode = trim($_POST['verifyCode']);
if (empty($username) || empty($password)) {
$this->error(L('empty_username_empty_password'));
} elseif ($_SESSION['verify'] && $this->sysConfig['ADMIN_VERIFY'] && md5($verifyCode) != $_SESSION['verify']) {
$this->error(L('error_verify'));
}
$time = time();
$logwhere = array();
$logwhere['time'] = array('EGT', $time - 1800);
$logwhere['ip'] = array('eq', $ip);
$logwhere['error'] = 1;
$lognum = M('Log')->where($logwhere)->count();
if ($lognum >= 100) {
$this->error(L('Login_error_count'));
}
$condition = array();
$condition['username'] = array('eq', $username);
import('@.ORG.RBAC');
$authInfo = RBAC::authenticate($condition);
//使用用户名、密码和状态的方式进行认证
if (false === $authInfo) {
$data = array();
$data['username'] = $username;
$data['ip'] = $ip;
$data['time'] = $time;
$data['note'] = L('empty_userid');
$data['error'] = 1;
M('Log')->add($data);
$this->error(L('empty_userid'));
} else {
if ($authInfo['password'] != sysmd5($password)) {
$data = array();
$data['username'] = $username;
$data['ip'] = $ip;
$data['time'] = $time;
$data['note'] = L('password_error') . ':' . $password;
$data['error'] = 1;
M('Log')->add($data);
$this->error(L('password_error'));
}
$_SESSION['username'] = $authInfo['username'];
$_SESSION['adminid'] = $_SESSION['userid'] = $authInfo['id'];
$_SESSION['groupid'] = $authInfo['groupid'];
$_SESSION['adminaccess'] = C('ADMIN_ACCESS');
$_SESSION[C('USER_AUTH_KEY')] = $authInfo['id'];
$_SESSION['email'] = $authInfo['email'];
$_SESSION['lastLoginTime'] = $authInfo['last_logintime'];
$_SESSION['login_count'] = $authInfo['login_count'] + 1;
if ($authInfo['groupid'] == 1) {
$_SESSION[C('ADMIN_AUTH_KEY')] = true;
}
//保存登录信息
$data = array();
$data['id'] = $authInfo['id'];
$data['last_logintime'] = $time;
$data['last_ip'] = get_client_ip();
$data['login_count'] = array('exp', 'login_count+1');
$dao->save($data);
// 缓存访问权限
RBAC::saveAccessList();
$data = array();
$data['username'] = $username;
$data['ip'] = $ip;
$data['time'] = $time;
$data['note'] = L('login_ok');
M('Log')->add($data);
if ($_POST['ajax']) {
$this->ajaxReturn($authInfo, L('login_ok'), 1);
} else {
$this->assign('jumpUrl', U('Index/index'));
$this->success(L('login_ok'));
}
}
}
public function api()
{
$mid = intval($_REQUEST['mid']);
$mx = get_safe_replace($_REQUEST['mx']);
$field = get_safe_replace($_REQUEST['field']);
$js = get_safe_replace($_REQUEST['js']);
if (empty($field)) {
$field = "price";
}
if ($mid && $mx) {
$price = M($mx)->where("id=" . $mid)->getField($field);
} else {
$price = "获取错误!";
}
if (!empty($js)) {
echo "\$(\"#" . $field . "\").val(" . $price . ");\n";
}
$price = $this->rejs($price);
echo "document.write(\"" . $price . "\");";
}
public function shipping()
{
$do = get_safe_replace($_REQUEST['do']);
$model = M('Shipping');
$id = intval($_REQUEST['id']);
if ($do == 'get') {
$data = $model->find($id);
if ($data) {
echo json_encode($data);
} else {
echo json_encode(array('id' => 0));
}
exit;
}
}
/**
* 录入
*
*/
public function insert()
{
$catid = intval($_POST['catid']);
if (!in_array($this->_groupid, explode(',', $this->categorys[$catid]['postgroup']))) {
$this->error(L('add_no_postgroup'));
}
$c = A('Admin/Content');
$_POST['ip'] = ip();
$userid = $this->_userid;
$username = $this->_username ? $this->_username : get_safe_replace($_POST['username']);
$c->insert($this->module[$this->moduleid]['name'], $this->fields, $userid, $username, $this->_groupid);
}
public function shipping()
{
$url = get_safe_replace($_REQUEST['url']);
$title = get_safe_replace($_REQUEST['title']);
$oid = intval($_REQUEST['oid']);
$map["url"] = $url;
/* $map["address"]=$title;
$map["add_time"]=time();
$map["userid"]=$this->_userid;
$map["oid"]=$oid;
$where["userid"]=$this->_userid;
$where["oid"]=$oid;
if(!M("order")->where($where)->find()){
if(M("order")->data($map)->add()){
$msg="收藏成功!";
$statu=1;
}else{
$msg="收藏失败!";
$statu=0;
}
}else{
$msg="你已经收藏了,请勿重复添加!";
$statu=1;
}*/
$statu = 1;
$msg = $oid;
$this->AjaxReturn($map, $msg, $statu);
}
public function index()
{
//搜索
$_REQUEST['id'] = $catid = intval($_REQUEST['id']);
$p = max(intval($_REQUEST[C('VAR_PAGE')]), 1);
$_REQUEST['keyword'] = $keyword = get_safe_replace($_REQUEST['keyword']);
$_REQUEST['moduleid'] = $moduleid = intval($_REQUEST['moduleid']);
$this->assign($_REQUEST);
$this->assign('bcid', 0);
$where = " status=1 ";
if ($moduleid) {
$where = ' mid=' . $moduleid . ' AND ' . $where;
}
import('@.EXT.Form');
$this->assign('Form', new Form());
if (APP_LANG) {
$lang = LANG_NAME;
$langid = LANG_ID;
$where .= " and lang= {$langid}";
$this->assign('lang', $lang);
$this->assign('langid', $langid);
}
if ($catid) {
$cat = $this->categorys[$catid];
$bcid = explode(",", $cat['arrparentid']);
$bcid = $bcid[1];
if ($bcid == '') {
$bcid = intval($catid);
}
unset($cat['id']);
$this->assign($cat);
$cat['id'] = $catid;
$this->assign('catid', $catid);
$this->assign('bcid', $bcid);
if ($cat['child']) {
$where .= " and catid in(" . $cat['arrchildid'] . ")";
} else {
$where .= " and catid=" . $catid;
}
}
$seo_title = $cat['title'] ? $cat['title'] : $cat['catname'];
$this->assign('seo_title', $keyword . ' ' . $seo_title);
$this->assign('seo_keywords', $keyword . $cat['keywords']);
$this->assign('seo_description', $keyword . $cat['description']);
if ($keyword || $moduleid) {
if (strstr($keyword, 'or')) {
$keydo = ' or ';
$keyword_arr = explode('or', $keyword);
} elseif (strstr($keyword, ' ')) {
$keydo = ' AND ';
$keyword_arr = explode(' ', $keyword);
}
if (count($keyword_arr) > 1) {
foreach ($keyword_arr as $key => $keywordz) {
$keyword_arr[$key] = ' title like "%' . trim($keywordz) . '%" ';
}
$where .= ' AND (' . implode($keydo, $keyword_arr) . ')';
} else {
$where .= ' AND title like "%' . $keyword . '%" ';
}
$count = M('Content')->where($where)->count();
$this->assign('count', $count);
if ($count) {
import("@.EXT.Page");
$listRows = !empty($cat['pagesize']) ? $cat['pagesize'] : C('PAGE_LISTROWS');
$page = new Page($count, $listRows);
$pages = $page->show();
$field = $this->module[$cat['moduleid']]['listfields'];
$field = $field ? $field : 'id,catid,userid,url,username,title,title_style,keywords,description,thumb,createtime,hits';
$list = M('Content')->field($field)->where($where)->order('id desc')->limit($page->firstRow . ',' . $page->listRows)->select();
$this->assign('pages', $pages);
$this->assign('list', $list);
}
}
$this->display();
}
public function index()
{
$slug = $tag ? $tag : get_safe_replace($_REQUEST['tag']);
$module = get_safe_replace($_REQUEST['module']);
$module = $module ? ucfirst($module) : '';
if (C('URL_MODEL') == 0) {
$moduleid = intval($_REQUEST['moduleid']);
$module_name = $moduleid ? $this->module[$moduleid]['name'] : '';
$module = $module ? $module : $module_name;
$p = max(intval($_REQUEST[C('VAR_PAGE')]), 1);
} elseif ($this->mod[ucfirst($slug)]) {
$module = ucfirst($slug);
unset($slug);
}
$prefix = C("DB_PREFIX");
$Tags = M('Tags');
$Tags_data = M('Tags_data');
$where = APP_LANG ? " lang=" . LANG_ID : 1;
if ($slug) {
$module = $module ? $module : 'Article';
$moduleid = $this->mod[$module];
$data = $Tags->where($where . " and moduleid = {$moduleid} and slug='" . $slug . "'")->find();
$this->assign('seo_title', $data['name']);
$this->assign('seo_keywords', $data['name']);
$this->assign('seo_description', $data['name']);
if ($data) {
$tagid = $data['id'];
$this->assign('data', $data);
$mtable = $prefix . strtolower($module);
$count = $Tags_data->table($prefix . 'tags_data as a')->join($mtable . " as b on a.id=b.id ")->where("a.tagid=" . $tagid)->count();
if ($count) {
import("@.ORG.Page");
$listRows = C('PAGE_LISTROWS');
//C('PAGE_LISTROWS')
$page = new Page($count, $listRows, $p);
$page->urlrule = TAGURL($data, 1);
$pages = $page->show();
$field = 'b.id,b.catid,b.userid,b.url,b.username,b.title,b.keywords,b.description,b.thumb,b.createtime';
$list = $Tags_data->field($field)->table($prefix . 'tags_data as a')->join($mtable . " as b on a.id=b.id")->where($where . " and a.tagid=" . $tagid)->order('b.listorder desc,b.id desc')->limit($page->firstRow . ',' . $page->listRows)->select();
$this->assign('pages', $pages);
$this->assign('list', $list);
}
}
} else {
$moduleid = $this->mod[$module];
$where .= $moduleid ? ' and moduleid=' . $moduleid : '';
$count = $Tags->where($where)->count();
if ($count) {
import("@.ORG.Page");
$listRows = 50;
$page = new Page($count, $listRows);
$page->urlrule = TAGURL(array('moduleid' => $moduleid), 1);
$pages = $page->show();
$list = $Tags->where($where)->order('id desc')->limit($page->firstRow . ',' . $page->listRows)->select();
foreach ($list as $key => $r) {
$list[$key]['module'] = $this->module[$r['moduleid']]['name'];
}
$this->assign('pages', $pages);
$this->assign('list', $list);
}
}
$this->assign('bcid', 0);
//顶级栏目
$template = $slug ? 'list' : 'index';
$this->display("Tags:" . $template);
}
public function line()
{
$keyword = get_safe_replace($_REQUEST['keyword']);
$type = get_safe_replace($_REQUEST['type']);
$module = get_safe_replace($_REQUEST['module']);
if ($module == "") {
$module = "product";
}
$this->dao = M($module);
$count = $this->dao->where($where)->count();
if ($count) {
import("@.ORG.Page");
$listRows = !empty($cat['pagesize']) ? $cat['pagesize'] : C('PAGE_LISTROWS');
$page = new Page($count, $listRows);
$_REQUEST['p'] = '{$page}';
$page->urlrule = URL('Home-Search/line', $_REQUEST);
$pages = $page->show();
$where = 1;
if ($type != "") {
$where .= " and " . $type . "='" . $keyword . "'";
}
//echo $where;
$list = $this->dao->where($where)->order('id desc')->limit($page->firstRow . ',' . $page->listRows)->select();
$this->assign('pages', $pages);
$this->assign('list', $list);
}
//print_r($list);
$this->display("Search:index");
}
