Esempio n. 1
0
 /* @var $userService PW_UserService */
 $mb = $userService->get($winduid);
 if ($gid == $groupid || strpos($mb['groups'], ",{$gid},") !== false) {
     Showmsg('specialgroup_noneed');
 }
 if ($buymethod) {
     if ($rt['sright']['rmbprice'] <= 0) {
         Showmsg('undefined_action');
     }
     //* include_once pwCache::getPath(D_P.'data/bbscache/ol_config.php');
     pwCache::getData(D_P . 'data/bbscache/ol_config.php');
     if (!$ol_onlinepay) {
         Showmsg($ol_whycolse);
     }
     $grouptitle = $rt['grouptitle'];
     $order_no = '1' . str_pad($winduid, 10, "0", STR_PAD_LEFT) . get_date($timestamp, 'YmdHis') . num_rand(5);
     $db->update("INSERT INTO pw_clientorder SET " . S::sqlSingle(array('order_no' => $order_no, 'type' => 3, 'uid' => $winduid, 'paycredit' => $gid, 'price' => $rt['sright']['rmbprice'], 'number' => $days, 'date' => $timestamp, 'state' => 0, 'extra_1' => $options)));
     if (!$ol_payto) {
         Showmsg('olpay_alipayerror');
     }
     require_once R_P . 'require/onlinepay.php';
     $olpay = new OnlinePay($ol_payto);
     ObHeader($olpay->alipayurl($order_no, round($rt['sright']['rmbprice'] * $days, 2), 3));
 }
 if (md5($pwpwd) != $mb['password']) {
     Showmsg('password_error');
 }
 if ($rt['sright']['sellprice'] <= 0) {
     Showmsg('undefined_action');
 }
 $needcur = $days * $rt['sright']['sellprice'];
Esempio n. 2
0
function payto($code)
{
    global $imgpath, $stylepath, $db_bbsurl, $db_charset, $pwServer, $timestamp, $winduid;
    $tmp = substr($code, strpos($code, '(seller)') + 8);
    $seller = str_replace(array('[email]', '[/email]'), '', substr($tmp, 0, strpos($tmp, '(/seller)')));
    $tmp = substr($code, strpos($code, '(subject)') + 9);
    $subject = substr($tmp, 0, strpos($tmp, '(/subject)'));
    $tmp = substr($code, strpos($code, '(body)') + 6);
    $body = substr($tmp, 0, strpos($tmp, '(/body)'));
    $tmp = substr($code, strpos($code, '(price)') + 7);
    $price = substr($tmp, 0, strpos($tmp, '(/price)'));
    $tmp = substr($code, strpos($code, '(ordinary_fee)') + 14);
    $ordinary_fee = substr($tmp, 0, strpos($tmp, '(/ordinary_fee)'));
    $tmp = substr($code, strpos($code, '(express_fee)') + 13);
    $express_fee = substr($tmp, 0, strpos($tmp, '(/express_fee)'));
    $tmp = substr($code, strpos($code, '(contact)') + 9);
    $contact = substr($tmp, 0, strpos($tmp, '(/contact)'));
    $tmp = substr($code, strpos($code, '(demo)') + 6);
    $demo = substr($tmp, 0, strpos($tmp, '(/demo)'));
    $tmp = substr($code, strpos($code, '(method)') + 8);
    $method = substr($tmp, 0, strpos($tmp, '(/method)'));
    $body = str_replace('\\"', '"', $body);
    $str = '<br>';
    $seller && ($str .= getLangInfo('bbscode', 'seller') . $seller . '<br><br>');
    $subject && ($str .= getLangInfo('bbscode', 'subject') . $subject . '<br><br>');
    $body && ($str .= getLangInfo('bbscode', 'body') . $body . '<br><br>');
    $price && ($str .= getLangInfo('bbscode', 'price') . $price . '<br><br>');
    if (($ordinary_fee || $express_fee) && $method == '2') {
        $str .= getLangInfo('bbscode', 'postage');
        $ordinary_fee && ($str .= getLangInfo('bbscode', 'ordinary_fee') . $ordinary_fee . '&nbsp; ');
        $express_fee && ($str .= getLangInfo('bbscode', 'express_fee') . $express_fee);
        $str .= '<br><br>';
    } else {
        $str .= getLangInfo('bbscode', 'postage_seller') . '<br><br>';
    }
    $contact && ($str .= getLangInfo('bbscode', 'contact') . $contact . '<br><br>');
    $demo && ($str .= getLangInfo('bbscode', 'demo') . $demo . '<br><br>');
    $body = substrs(str_replace('<br>', "\n", $body), 100);
    if ($method == 1) {
        $str .= "<a href='https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=" . rawurlencode(str_replace('&#46;', '.', $seller)) . "&item_name=" . rawurlencode($subject) . "&item_number=phpw*&amount={$price}&no_shipping=0&no_note=1&currency_code=CNY&notify_url=http://pay.phpwind.net/pay/stats.php?date=" . $pwServer['HTTP_HOST'] . get_date(time(), '-YmdHis') . "&bn=phpwind&charset={$db_charset}' target='_blank'><img src='{$imgpath}/post/paypal.gif'></a>";
    } elseif ($method == 2) {
        if ($ordinary_fee || $express_fee) {
            if ($ordinary_fee && $express_fee) {
                $urladd = "logistics_type=POST&logistics_fee={$ordinary_fee}&logistics_payment=BUYER_PAY&logistics_type_1=EXPRESS&logistics_fee_1={$express_fee}&logistics_payment_1=BUYER_PAY";
            } elseif ($ordinary_fee) {
                $urladd = "logistics_type=POST&logistics_fee={$ordinary_fee}&logistics_payment=BUYER_PAY";
            } else {
                $urladd = "logistics_type=EXPRESS&logistics_fee={$express_fee}&logistics_payment=BUYER_PAY";
            }
        } else {
            $urladd = "logistics_type=EXPRESS&logistics_fee=10&logistics_payment=SELLER_PAY";
        }
        $order_no = $method - 1 . str_pad($winduid, 10, "0", STR_PAD_LEFT) . get_date($timestamp, 'YmdHis') . num_rand(5);
        $str .= "<a href='http://pay.phpwind.net/pay/create_payurl.php?_input_charset={$db_charset}&service=trade_create_by_buyer&subject=" . rawurlencode($subject) . "&body=" . rawurlencode($body) . "&out_trade_no={$order_no}&price={$price}&quantity=1&payment_type=1&{$urladd}&seller_email={$seller}' target='_blank'><img src='{$imgpath}/post/alipay.gif'></a>";
    } elseif ($method == 3) {
        $str .= "<a href=\"https://www.99bill.com/website/paylink/pay.htm?payto=" . rawurlencode(str_replace('&#46;', '.', $seller)) . "\" target=\"_blank\"><img src=\"{$imgpath}/post/99bill.gif\"></a>";
    } elseif ($method == 4) {
        if ($ordinary_fee || $express_fee) {
            $urladd = "fee_payer=1&fee1={$ordinary_fee}&fee2={$express_fee}";
        } else {
            $urladd = 'fee_payer=0';
        }
        $str .= "<a href='http://pay.phpwind.net/pay/create_payurl.php?cmdno=11&seller={$seller}&mch_name=" . rawurlencode($subject) . "&mch_price={$price}&{$urladd}&mch_desc=" . rawurlencode($body) . "&mch_type=1' target='_blank'><img src='{$imgpath}/post/tenpay.gif' /></a>";
    }
    return $str;
}
Esempio n. 3
0
 function _setEmailCheck()
 {
     if ($this->data['yz'] == 0) {
         $this->data['yz'] = L::reg('rg_emailcheck') ? num_rand(9) : 1;
     }
 }
Esempio n. 4
0
 function getCode($type = null, $set = true)
 {
     empty($type) && ($type = $this->gdtype);
     $code = '';
     switch ($type) {
         case 2:
             global $db_charset, $lang;
             require_once GetLang('ck');
             $step = strtoupper($db_charset) == 'UTF-8' ? 3 : 2;
             $len = strlen($lang['ck']) / $step - 1;
             for ($i = 0; $i < $this->num; $i++) {
                 $code .= substr($lang['ck'], mt_rand(0, $len) * $step, $step);
             }
             $set && $this->cookie($code);
             if (strtoupper($db_charset) != 'UTF-8') {
                 $code = $this->convert($code, 'UTF-8', $db_charset);
             }
             $code = explode(',', wordwrap($code, 3, ',', 1));
             break;
         case 1:
             $list = 'BCEFGHJKMPQRTVWXY2346789';
             $len = strlen($list) - 1;
             for ($i = 0; $i < $this->num; $i++) {
                 $code .= $list[mt_rand(0, $len)];
             }
             $set && $this->cookie($code);
             break;
         default:
             $code = num_rand($this->num);
             $set && $this->cookie($code);
     }
     return $code;
 }
Esempio n. 5
0
 $sizelimit = isset($_POST['sizelimit']) ? (int) $_POST['sizelimit'] : (int) $_GET['sizelimit'];
 $start = (int) $_GET['start'];
 $tableid = (int) $_GET['tableid'];
 $step = (int) $_GET['step'];
 $tablesel = $_GET['tablesel'];
 $aaa = $_GET['aaa'];
 $rows = $_GET['rows'];
 !$tabledb && !$tablesel && alert('没有选择操作对象');
 !$tabledb && ($tabledb = explode("|", $tablesel));
 !$step && ($sizelimit /= 2);
 $bakupdata = bakupdata($tabledb, $start);
 if (!$step) {
     !$tabledb && alert('没有选择操作对象');
     $tablesel = implode("|", $tabledb);
     $step = 1;
     $aaa = num_rand(10);
     $start = 0;
     $bakuptable = bakuptable($tabledb);
 }
 $f_num = ceil($step / 2);
 $filename = 'iCMS_' . get_date('', "md") . '_' . $aaa . '_' . $f_num . '.sql';
 $step++;
 $writedata = $bakuptable ? $bakuptable . $bakupdata : $bakupdata;
 $t_name = $tabledb[$tableid - 1];
 $c_n = $startfrom;
 if ($stop == 1) {
     $files = $step - 1;
     trim($writedata) && writefile(iPATH . 'admin/data/' . $filename, $bak . $writedata, true, 'ab');
     redirect("正在备份数据库表{$t_name}: 共{$rows}条记录<br>已经备份至{$c_n}条记录,已生成{$f_num}个备份文件,<br>程序将自动备份余下部分", __SELF__ . "?do=database&operation=savebackup&start={$startfrom}&tableid={$tableid}&sizelimit={$sizelimit}&step={$step}&aaa={$aaa}&tablesel={$tablesel}&rows={$rows}", 3);
 } else {
     trim($writedata) && writefile(iPATH . 'admin/data/' . $filename, $bak . $writedata, true, 'ab');
Esempio n. 6
0
function randstr($length)
{
    return substr(md5(num_rand($length)), mt_rand(0, 32 - $length), $length);
}
Esempio n. 7
0
        } else {
            echo pwJsonEncode($returnArray);
        }
    }
    ajax_footer();
} elseif (S::getGP('action', 'P') == 'pay') {
    //* include_once pwCache::getPath(D_P."data/bbscache/inv_config.php");
    //* include_once pwCache::getPath(D_P.'data/bbscache/ol_config.php');
    pwCache::getData(D_P . "data/bbscache/inv_config.php");
    pwCache::getData(D_P . 'data/bbscache/ol_config.php');
    if ($_POST['step'] == '3') {
        S::gp(array('invnum', 'email'));
        if (!is_numeric($invnum) || $invnum < 1) {
            $invnum = 1;
        }
        $order_no = str_pad('0', 10, "0", STR_PAD_LEFT) . get_date($timestamp, 'YmdHis') . num_rand(5);
        $rt = array();
        if ($rg_config['rg_emailtype'] == 1 && $rg_config['rg_email']) {
            $e_check = 0;
            $e_limit = explode(',', $rg_config['rg_email']);
            foreach ($e_limit as $key => $val) {
                if (strpos($email, "@" . $val) !== false) {
                    $e_check = 1;
                    break;
                }
            }
            if ($e_check == 0) {
                Showmsg('电子邮箱不是系统指定的邮箱地址,不能注册!');
            }
        }
        if ($rg_config['rg_emailtype'] == 2 && $rg_config['rg_banemail']) {
Esempio n. 8
0
 }
 CkInArray(strtolower($regname), array('guest', 'system')) && wap_msg('illegal_username');
 $rg_banname = explode(',', $rg_banname);
 foreach ($rg_banname as $value) {
     if ($value && strpos($regname, $value) !== false) {
         wap_msg('illegal_username', $basename);
     }
 }
 if ($rg_ifcheck == '1') {
     $rg_groupid = '7';
     //后台控制是否需要验证
 } else {
     $rg_groupid = '-1';
 }
 if ($rg_emailcheck == 1) {
     $rg_yz = num_rand(9);
 } else {
     $rg_yz = 1;
 }
 $upmeminfo = array();
 $pwSQL = pwSqlSingle(array('username' => $regname, 'password' => $regpwd, 'safecv' => $safecv, 'email' => $regemail, 'groupid' => $rg_groupid, 'memberid' => $rg_memberid, 'regdate' => $timestamp, 'icq' => '', 'yz' => $rg_yz, 'userstatus' => $userstatus));
 $db->update("INSERT INTO pw_members SET {$pwSQL}");
 $winduid = $db->insert_id();
 require_once R_P . 'require/credit.php';
 $credit->addLog('reg_register', $rg_regcredit, array('uid' => $winduid, 'username' => stripslashes($regname), 'ip' => $onlineip));
 $credit->sets($winduid, $rg_regcredit, false);
 $credit->runsql();
 $pwSQL = pwSqlSingle(array('postnum' => 0, 'lastvisit' => $timestamp, 'thisvisit' => $timestamp, 'onlineip' => $onlineip));
 $db->update("INSERT INTO pw_memberdata SET uid=" . pwEscape($winduid) . ",{$pwSQL} ");
 if ($rg_ifcheck) {
     $upmeminfo['regreason'] = $regreason;
Esempio n. 9
0
if ($operation == 'savebackup') {
    $is_check = check_rights("g03");
    if (!$is_check) {
        echo $m_langpackage->m_no_pri;
        exit;
    }
    $tabledb = get_argp('tabledb');
    $start = (int) get_argg('start');
    $tableid = (int) get_argg('tableid');
    $bak = "/* iweb_sns Backup SQL File \n Version: v1.0.0 \n Time: " . date('Y-m-d H:i:s') . "\n iweb_sns: http://www.jooyea.net*/\n\n\n\n";
    $bakupdata = bakupdata($dbo, $tabledb, $start);
    if (!$tabledb) {
        echo "<script language='javascript'> alert('{$d_langpackage->d_boject_no}'); history.go(-1);</script>";
    }
    $step = 1;
    $rand_num = num_rand(10);
    $start = 0;
    $bakuptable = bakuptable($dbo, $tabledb);
    $f_num = ceil($step / 2);
    $filename = 'isns_' . date('m-d') . '_' . $rand_num . '_' . $f_num . '.sql';
    $step++;
    $writedata = $bakuptable ? $bakuptable . $bakupdata : $bakupdata;
    $c_n = $startfrom;
    trim($writedata) && writefile('../docs/' . $filename, $bak . $writedata, true, 'ab');
    if ($step > 1) {
        for ($i = 1; $i <= $f_num; $i++) {
            $temp = substr($filename, 0, 19) . $i . ".sql";
            if (file_exists("../docs/{$temp}")) {
                $bakfile .= '<a href="' . "../docs/{$temp}" . '">' . $temp . '</a><br>';
            }
        }
Esempio n. 10
0
if (empty($_POST['step'])) {
    $men['password'] = '';
    @extract($men);
    require_once R_P . 'require/header.php';
    require_once PrintEot('remail');
    footer();
} else {
    S::gp(array('password', 'rg_email', 'to_email'));
    $men['password'] != md5($password) && Showmsg('password_error', 1);
    $rg_email != $men['email'] && Showmsg('email_error', 1);
    if ($to_email && !ereg("^[-a-zA-Z0-9_\\.]+\\@([0-9A-Za-z][0-9A-Za-z-]+\\.)+[A-Za-z]{2,5}\$", $to_email)) {
        Showmsg('illegal_email');
    }
    $rg_yz = (int) num_rand(9);
    while ($rg_yz < 32) {
        $rg_yz = (int) num_rand(9);
    }
    $userUpdate = array('yz' => $rg_yz);
    if ($to_email) {
        $userUpdate['email'] = $to_email;
    } else {
        $to_email = $men['email'];
    }
    $userService->update($uid, $userUpdate);
    $regname = $men['username'];
    $winduid = $uid;
    $timestamp = $men['regdate'];
    $sRegpwd = $password;
    $rgyz = md5($rg_yz . substr(md5($db_sitehash), 0, 5) . substr(md5($regname), 0, 5));
    require_once R_P . 'require/sendemail.php';
    $sendinfo = sendemail($to_email, 'email_check_subject', 'email_check_content', 'email_additional');
Esempio n. 11
0
<?php

//关闭报错
session_start();
unset($_SESSION["Img"]);
error_reporting(0);
//图片宽度
$x_size = 65;
//图片高度
$y_size = 22;
//生成4个随机字符
$_SESSION["Img"] = $nmsg = num_rand(4);
//支持安全通连接吗?
$S = $_SERVER['SERVER_PORT'] == '443' ? 1 : 0;
//使用cookie记录随机码
//expire=0 cookie将会在会话结束后(一般是浏览器关闭)失效。
setCookie('ck_num', md5($nmsg), 0, '/', '', $S);
//创建宽:65*22的图片(画布)
$aimg = imagecreate($x_size, $y_size);
//设置图片背景色
$back = imagecolorallocate($aimg, 239, 239, 239);
//设置字体颜色 07 52 8B  // $border = imagecolorallocate($aimg, 200 , 100, 10);
$border = imagecolorallocate($aimg, 5, 5, 5);
//从0,0点填充59*19的白色矩形区域
imagefilledrectangle($aimg, 0, 0, $x_size - 1, $y_size - 1, $back);
//从0,0点绘制59*19的黑色矩形边框
//imagerectangle($aimg, 0, 0, $x_size - 1, $y_size - 1, $border);
imagerectangle($aimg, 0, 0, $x_size - 1, $y_size - 1, $border);
for ($i = 0; $i < strlen($nmsg); $i++) {
    //在图片上写字
    imageString($aimg, 5, $i * $x_size / 4 + 3, 2, $nmsg[$i], $border);