/**
* AJAX验证
*
*/
public function checkOp(){
if (checkSeccode($_GET['nchash'],$_GET['captcha'])){
exit('true');
}else{
exit('false');
}
}
public function RegisterOp()
{
if (!Security::checkToken()) {
showMessage('登录错误', '', '', 'error');
}
if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) {
showMessage('验证码错误', '', '', 'error');
}
$model_seller = Model('seller');
$seller_info = $model_seller->getSellerInfo(array('seller_name' => $_POST['seller_name']));
if ($seller_info) {
$model_member = Model('member');
$member_info = $model_member->infoMember(array('member_id' => $seller_info['member_id'], 'member_passwd' => md5($_POST['password'])));
if ($member_info) {
// 更新卖家登陆时间
$model_seller->editSeller(array('last_login_time' => TIMESTAMP), array('seller_id' => $seller_info['seller_id']));
$model_seller_group = Model('seller_group');
$seller_group_info = $model_seller_group->getSellerGroupInfo(array('group_id' => $seller_info['seller_group_id']));
$model_store = Model('store');
$store_info = $model_store->getStoreInfoByID($seller_info['store_id']);
$_SESSION['is_login'] = '******';
$_SESSION['member_id'] = $member_info['member_id'];
$_SESSION['member_name'] = $member_info['member_name'];
$_SESSION['member_email'] = $member_info['member_email'];
$_SESSION['is_buy'] = $member_info['is_buy'];
$_SESSION['avatar'] = $member_info['member_avatar'];
$_SESSION['grade_id'] = $store_info['grade_id'];
$_SESSION['seller_id'] = $seller_info['seller_id'];
$_SESSION['seller_name'] = $seller_info['seller_name'];
$_SESSION['seller_is_admin'] = intval($seller_info['is_admin']);
$_SESSION['store_id'] = intval($seller_info['store_id']);
$_SESSION['store_name'] = $store_info['store_name'];
$_SESSION['seller_limits'] = explode(',', $seller_group_info['limits']);
if ($seller_info['is_admin']) {
$_SESSION['seller_group_name'] = '管理员';
} else {
$_SESSION['seller_group_name'] = $seller_group_info['group_name'];
}
if (!$seller_info['last_login_time']) {
$seller_info['last_login_time'] = TIMESTAMP;
}
$_SESSION['seller_last_login_time'] = date('Y-m-d H:i', $seller_info['last_login_time']);
$seller_menu = $this->getSellerMenuList($seller_info['is_admin'], explode(',', $seller_group_info['limits']));
$_SESSION['seller_menu'] = $seller_menu['seller_menu'];
$_SESSION['seller_function_list'] = $seller_menu['seller_function_list'];
if (!empty($seller_info['seller_quicklink'])) {
$quicklink_array = explode(',', $seller_info['seller_quicklink']);
foreach ($quicklink_array as $value) {
$_SESSION['seller_quicklink'][$value] = $value;
}
}
$this->recordSellerLog('登录成功');
showMessage('登录成功', 'index.php?act=seller_center');
} else {
showMessage('用户名密码错误', '', '', 'error');
}
} else {
showMessage('用户名密码错误', '', '', 'error');
}
}
/**
* 不进行父类的登录验证,所以增加构造方法重写了父类的构造方法
*/
public function __construct()
{
import('function.seccode');
Language::read('common,layout,login');
if (isset($_POST) && !empty($_POST)) {
//登录验证
$obj_validate = new Validate();
$obj_validate->validateparam = array(array("input" => $_POST["user_name"], "require" => "true", "message" => L('login_index_username_null')), array("input" => $_POST["password"], "require" => "true", "message" => L('login_index_password_null')), array("input" => $_POST["captcha"], "require" => "true", "message" => L('login_index_checkcode_null')));
$error = $obj_validate->validate();
if ($error != '') {
showMessage(L('error') . $error, '', 'error');
} else {
if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) {
showMessage(L('login_index_checkcode_wrong') . $error);
}
$model = Model();
$array = array();
$array['admin_name'] = trim($_POST['user_name']);
$array['admin_password'] = md5(trim($_POST['password']));
$admin_info = $model->table('admin')->where($array)->find();
if (is_array($admin_info) and !empty($admin_info)) {
$this->systemSetKey(array('name' => $admin_info['admin_name'], 'id' => $admin_info['admin_id']));
$update_info = array('admin_login_num' => $admin_info['admin_login_num'] + 1, 'admin_login_time' => TIMESTAMP);
$model->table('admin')->where(array('admin_id' => $admin_info['admin_id']))->update($update_info);
$_SESSION['admin_login'] = 1;
@header('Location: index.php');
exit;
} else {
showMessage(L('login_index_username_password_wrong'), 'index.php?act=login&op=login', 'error');
}
}
}
Tpl::output('nchash', substr(md5(ADMIN_SITE_URL . $_GET['act'] . $_GET['op']), 0, 8));
Tpl::output('html_title', $lang['login_index_manage_login']);
Tpl::showpage('login', 'login_layout');
}
/**
* 添加转发
*/
public function addforwardOp(){
// 验证用户是否登录
$this->checkLoginStatus();
$obj_validate = new Validate();
$stid = intval($_POST["stid"]);
$validate_arr[] = array("input"=>$_POST["forwardcontent"], "validator"=>'Length',"min"=>0,"max"=>140,"message"=>Language::get('sns_content_beyond'));
//发帖数超过最大次数出现验证码
if(intval(cookie('forwardnum'))>=self::MAX_RECORDNUM){
$validate_arr[] = array("input"=>$_POST["captcha"], "require"=>"true","message"=>Language::get('wrong_null'));
}
$obj_validate -> validateparam = $validate_arr;
$error = $obj_validate->validate();
if ($error != ''){
showDialog($error,'','error');
}
//发帖数超过最大次数出现验证码
if(intval(cookie('forwardnum'))>=self::MAX_RECORDNUM){
if (!checkSeccode($_POST['nchash'],$_POST['captcha'])){
showDialog(Language::get('wrong_checkcode'),'','error');
}
}
//查询会员信息
$model = Model();
$member_info = $model->table('member')->where(array('member_state'=>1))->find($_SESSION['member_id']);
if (empty($member_info)){
showDialog(Language::get('sns_member_error'),'','error');
}
//查询原帖信息
$model_stracelog = Model('store_sns_tracelog');
$stracelog_info = $model_stracelog->getStoreSnsTracelogInfo(array('strace_id' => $stid));
if (empty($stracelog_info)){
showDialog(Language::get('sns_forward_fail'),'','error');
}
if($stracelog_info['strace_content'] == ''){
$data = json_decode($stracelog_info['strace_goodsdata'],true);
if( CHARSET == 'GBK') {
foreach ((array)$data as $k=>$v){
$data[$k] = Language::getUTF8($v);
}
}
$stracelog_info['strace_content'] = $model_stracelog->spellingStyle($stracelog_info['strace_type'], $data);
}
$insert_arr = array();
$insert_arr['trace_originalid'] = 0;
$insert_arr['trace_originalmemberid'] = 0;
$insert_arr['trace_originalstate'] = 0;
$insert_arr['trace_memberid'] = $member_info['member_id'];
$insert_arr['trace_membername'] = $member_info['member_name'];
$insert_arr['trace_memberavatar'] = $member_info['member_avatar'];
$insert_arr['trace_title'] = $_POST['forwardcontent']?$_POST['forwardcontent']:Language::get('sns_forward');
$insert_arr['trace_content'] = "<dl class=\"fd-wrap\">
<dt>
<h3><a href=\"index.php?act=store_snshome&sid=".$stracelog_info['strace_storeid']."\" target=\"_blank\">".$stracelog_info['strace_storename']."</a>".Language::get('nc_colon')."
".$stracelog_info['strace_title']."</h3>
</dt>
<dd>".$stracelog_info['strace_content']."</dd>
<dl>";
$insert_arr['trace_addtime'] = time();
$insert_arr['trace_state'] = 0;
$insert_arr['trace_privacy'] = 0;
$insert_arr['trace_commentcount'] = 0;
$insert_arr['trace_copycount'] = 0;
$insert_arr['trace_orgcommentcount'] = 0;
$insert_arr['trace_orgcopycount'] = 0;
$insert_arr['trace_from'] = 2;
$result = $model->table('sns_tracelog')->insert($insert_arr);
if ($result){
//更新动态转发次数
$where = array('strace_id'=>$stid);
$update = array('strace_spread'=>array('exp', 'strace_spread+1'));
Model('store_sns_tracelog')->editStoreSnsTracelog($update, $where);
showDialog(Language::get('sns_forward_succ'),'','succ');
}else {
showDialog(Language::get('sns_forward_fail'),'','error');
}
}
/**
* 添加转发
*/
public function addforwardOp(){
$obj_validate = new Validate();
$originalid = intval($_POST["originalid"]);
$validate_arr[] = array("input"=>$originalid, "require"=>"true",'validator'=>'Compare',"operator"=>' > ','to'=>0,"message"=>Language::get('sns_forward_fail'));
$validate_arr[] = array("input"=>$_POST["forwardcontent"], "validator"=>'Length',"min"=>0,"max"=>140,"message"=>Language::get('sns_content_beyond'));
//发帖数超过最大次数出现验证码
if(intval(cookie('forwardnum'))>=self::MAX_RECORDNUM){
$validate_arr[] = array("input"=>$_POST["captcha"], "require"=>"true","message"=>Language::get('wrong_null'));
}
$obj_validate -> validateparam = $validate_arr;
$error = $obj_validate->validate();
if ($error != ''){
showDialog($error,'','error');
}
//发帖数超过最大次数出现验证码
if(intval(cookie('forwardnum'))>=self::MAX_RECORDNUM){
if (!checkSeccode($_POST['nchash'],$_POST['captcha'])){
showDialog(Language::get('wrong_checkcode'),'','error');
}
}
//查询会员信息
$member_model = Model('member');
$member_info = $member_model->getMemberInfo(array('member_id'=>$_SESSION['member_id'],'member_state'=>1));
if (empty($member_info)){
showDialog(Language::get('sns_member_error'),'','error');
}
//查询原帖信息
$tracelog_model = Model('sns_tracelog');
$tracelog_info = $tracelog_model->getTracelogRow(array('trace_id'=>"{$originalid}",'trace_state'=>"0"));
if (empty($tracelog_info)){
showDialog(Language::get('sns_forward_fail'),'','error');
}
$insert_arr = array();
$insert_arr['trace_originalid'] = $tracelog_info['trace_originalid']>0?$tracelog_info['trace_originalid']:$originalid;//如果被转发的帖子为原帖的话,那么为原帖ID;如果被转发的帖子为转帖的话,那么为该转帖的原帖ID(即最初始帖子ID)
$insert_arr['trace_originalmemberid'] = $tracelog_info['trace_originalid']>0?$tracelog_info['trace_originalmemberid']:$tracelog_info['trace_memberid'];
$insert_arr['trace_memberid'] = $_SESSION['member_id'];
$insert_arr['trace_membername'] = $_SESSION['member_name'];
$insert_arr['trace_memberavatar'] = $member_info['member_avatar'];
$insert_arr['trace_title'] = $_POST['forwardcontent']?$_POST['forwardcontent']:Language::get('sns_forward');
if ($tracelog_info['trace_originalid'] > 0 || $tracelog_info['trace_from'] != 1){
$insert_arr['trace_content'] = addslashes($tracelog_info['trace_content']);
}else {
$content_str ="<div class=\"title\"><a href=\"%siteurl%index.php?act=member_snshome&mid={$tracelog_info['trace_memberid']}\" target=\"_blank\" class=\"uname\">{$tracelog_info['trace_membername']}</a>";
$content_str .= Language::get('nc_colon')."{$tracelog_info['trace_title']}</div>";
$content_str .=addslashes($tracelog_info['trace_content']);
$insert_arr['trace_content'] = $content_str;
}
$insert_arr['trace_addtime'] = time();
$insert_arr['trace_state'] = '0';
if ($tracelog_info['trace_privacy'] >0){
$insert_arr['trace_privacy'] = 2;//因为动态可见权限跟转帖功能,本身就是矛盾的,为了防止可见度无法控制,所以如果原帖不为所有人可见,那么转帖的动态权限就为仅自己可见,否则为所有人可见
}else {
$insert_arr['trace_privacy'] = 0;
}
$insert_arr['trace_commentcount'] = 0;
$insert_arr['trace_copycount'] = 0;
$insert_arr['trace_orgcommentcount'] = $tracelog_info['trace_orgcommentcount'];
$insert_arr['trace_orgcopycount'] = $tracelog_info['trace_orgcopycount'];
$result = $tracelog_model->tracelogAdd($insert_arr);
if ($result){
//更新动态转发次数
$tracelog_model = Model('sns_tracelog');
$update_arr = array();
$update_arr['trace_copycount'] = array('sign'=>'increase','value'=>'1');
$update_arr['trace_orgcopycount'] = array('sign'=>'increase','value'=>'1');
$condition = array();
//原始贴和被转帖都增加转帖次数
if ($tracelog_info['trace_originalid'] > 0){
$condition['traceid_in'] = "{$tracelog_info['trace_originalid']}','{$originalid}";
}else {
$condition['trace_id'] = "$originalid";
}
$tracelog_model->tracelogEdit($update_arr,$condition);
unset($condition);
//更新所有转帖的原帖转发次数
$condition = array();
//原始贴和被转帖都增加转帖次数
if ($tracelog_info['trace_originalid'] > 0){
$condition['trace_originalid'] = "{$tracelog_info['trace_originalid']}";
}else {
$condition['trace_originalid'] = "$originalid";
}
$tracelog_model->tracelogEdit(array('trace_orgcopycount'=>$tracelog_info['trace_orgcopycount']+1),$condition);
if ($_GET['irefresh']){
//建立cookie
if (cookie('forwardnum') != null && intval(cookie('forwardnum')) >0){
setNcCookie('forwardnum',intval(cookie('forwardnum'))+1,2*3600);//保存2小时
}else{
setNcCookie('forwardnum',1,2*3600);//保存2小时
}
if ($_GET['type']=='home'){
$js = "$('#friendtrace').lazyshow({url:\"index.php?act=member_snshome&op=tracelist&mid={$tracelog_info['trace_memberid']}&curpage=1\",'iIntervalId':true});";
}else if ($_GET['type']=='snshome'){
$js = "$('#forward_".$originalid."').hide();$('#friendtrace').lazyshow({url:\"index.php?act=member_snshome&op=tracelist&mid={$tracelog_info['trace_memberid']}&curpage=1\",'iIntervalId':true});";
}else {
$js = "$('#friendtrace').lazyshow({url:\"index.php?act=member_snsindex&op=tracelist&curpage=1\",'iIntervalId':true});";
}
showDialog(Language::get('sns_forward_succ'),'','succ',$js);
}else {
showDialog(Language::get('sns_forward_succ'),'','succ');
}
}else {
showDialog(Language::get('sns_forward_fail'),'','error');
}
}
/**
* 新浪微博账号绑定已有用户
*/
public function loginOp()
{
//实例化模型
$model_member = Model('member');
//检查登录状态
$model_member->checkloginMember();
if (!empty($_POST) && strtolower($_POST['form_submit']) == 'ok') {
//登录验证
$obj_validate = new Validate();
$obj_validate->validateparam = array(array("input" => $_POST["user_name"], "require" => "true", "message" => Language::get('login_index_username_isnull')), array("input" => $_POST["password"], "require" => "true", "message" => Language::get('login_index_password_isnull')));
$error = $obj_validate->validate();
if ($error != '') {
showMessage(Language::get('error') . $error, '', 'html', 'error');
} else {
if (C('captcha_status_login') == '1') {
$captcha_login = trim($_POST['captcha_login']);
if (!$captcha_login) {
showMessage(Language::get('login_usersave_code_isnull'), '', 'html', 'error');
}
if (!checkSeccode($_POST['nchash'], $captcha_login)) {
showMessage(Language::get('login_usersave_wrong_code'), '', 'html', 'error');
}
}
if ($GLOBALS['setting_config']['ucenter_status'] == '1') {
//Ucenter处理
$model_ucenter = Model('ucenter');
$member_id = $model_ucenter->userLogin(trim($_POST['user_name']), trim($_POST['password']));
if (intval($member_id) <= 0) {
showMessage(Language::get('login_index_login_again'), SiteUrl . '/index.php?act=login', 'html', 'error');
exit;
}
}
$array = array();
$array['member_name'] = trim($_POST['user_name']);
$array['member_passwd'] = md5(trim($_POST['password']));
$member_info = $model_member->infoMember($array);
if (is_array($member_info) and !empty($member_info)) {
if (!$member_info['member_state']) {
//1为启用 0 为禁用
showMessage(Language::get('nc_notallowed_login'), '', 'html', 'error');
}
/**
* 登录时间更新
*/
$update_info = array('member_login_num' => $member_info['member_login_num'] + 1, 'member_login_time' => time(), 'member_old_login_time' => $member_info['member_login_time'], 'member_login_ip' => getIp(), 'member_old_login_ip' => $member_info['member_login_ip'], 'member_sinaopenid' => $_SESSION['slast_key']['uid']);
//sina openid
//处理sina账号信息
$sina_arr = array();
if (trim($_POST['loginsname'])) {
$sina_arr['name'] = trim($_POST['loginsname']);
}
$sina_str = '';
if (is_array($sina_arr) && count($sina_arr) > 0) {
$sina_str = serialize($sina_arr);
}
$update_info['member_sinainfo'] = $sina_str;
//sina 信息
$model_member->updateMember($update_info, $member_info['member_id']);
/**
* 写入session
*/
$_SESSION['is_login'] = '******';
$_SESSION['is_seller'] = intval($member_info['store_id']) == 0 ? '' : 1;
$_SESSION['member_id'] = $member_info['member_id'];
$_SESSION['member_name'] = $member_info['member_name'];
$_SESSION['member_email'] = $member_info['member_email'];
//查询店铺信息
$store_model = Model('store');
$store_info = $store_model->shopStore(array('store_id' => $member_info['store_id']));
if (is_array($store_info) && count($store_info) > 0) {
$_SESSION['store_id'] = $store_info['store_id'];
$_SESSION['store_name'] = $store_info['store_name'];
$_SESSION['grade_id'] = $store_info['grade_id'];
}
//添加会员积分
if ($GLOBALS['setting_config']['points_isuse'] == 1) {
$points_model = Model('points');
$points_model->savePointsLog('login', array('pl_memberid' => $_SESSION['member_id'], 'pl_membername' => $_SESSION['member_name']), true);
}
/**
* 同步登录通知
*/
$success_message = Language::get('login_index_login_success');
if ($GLOBALS['setting_config']['ucenter_status'] == '1') {
$out_str = $model_ucenter->outputLogin($member_info['member_id'], trim($_POST['password']));
$success_message = $success_message . $out_str;
}
/**
* 返回信息
*/
showMessage($success_message, SiteUrl);
} else {
/**
* 返回信息
*/
showMessage(Language::get('login_index_login_again'), '', 'html', 'error');
}
}
} else {
//获取新浪微博账号信息
require_once BasePath . DS . 'api' . DS . 'sina' . DS . 'get_user_info.php';
$sinauser_info = get_user_info($GLOBALS['setting_config']['sina_wb_akey'], $GLOBALS['setting_config']['sina_wb_skey'], $_SESSION['slast_key']['oauth_token'], $_SESSION['slast_key']['oauth_token_secret'], $_SESSION['slast_key']['user_id']);
Tpl::output('sinauser_info', $sinauser_info);
Tpl::output('nchash', substr(md5(SiteUrl . $_GET['act'] . $_GET['op']), 0, 8));
Tpl::showpage('sconnect_register');
}
}
/**
* 检测FORM是否提交
* @param $check_token 是否验证token
* @param $check_captcha 是否验证验证码
* @param $return_type 'alert','num'
* @return boolean
*/
function chksubmit($check_token = false, $check_captcha = false, $return_type = 'alert')
{
$submit = isset($_POST['form_submit']) ? $_POST['form_submit'] : $_GET['form_submit'];
if ($submit != 'ok') {
return false;
}
if ($check_token && !Security::checkToken()) {
if ($return_type == 'alert') {
showDialog('Token error!');
} else {
return -11;
}
}
if ($check_captcha) {
if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) {
setNcCookie('seccode' . $_POST['nchash'], '', -3600);
if ($return_type == 'alert') {
showDialog('验证码错误!');
} else {
return -12;
}
}
setNcCookie('seccode' . $_POST['nchash'], '', -3600);
}
return true;
}
/**
* 找回密码的发邮件处理
*/
public function find_passwordOp()
{
/**
* 读取语言包
*/
Language::read('home_login_register');
$lang = Language::getLangContent();
/**
* 表单合法性验证
*/
if ($_POST['form_submit'] != 'ok') {
showMessage($lang['login_password_enter_find'], 'index.php?act=login2&op=forget_password');
}
/**
* 验证码验证
*/
if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) {
showMessage($lang['login_usersave_wrong_code'], '', 'html', 'error');
}
/**
* 用户名验证
*/
if (empty($_POST['username'])) {
showMessage($lang['login_password_input_username'], '', 'html', 'error');
}
$member_model = Model('member');
$member = $member_model->infoMember(array('member_name' => $_POST['username']));
if (empty($member) or !is_array($member)) {
showMessage($lang['login_password_username_not_exists'], '', 'html', 'error');
}
/**
* 原始手机验证
*/
if (empty($_POST['mobile'])) {
showMessage($lang['login_password_input_mobile'], '', 'html', 'error');
}
if (strtoupper($_POST['mobile']) != strtoupper($member['member_mobile'])) {
showMessage($lang['login_password_mobile_not_exists'], '', 'html', 'error');
}
/**
* 产生密码
*/
$new_password = rand(100000, 999999);
if (!$member_model->updateMember(array('member_passwd' => md5($new_password)), $member['member_id'])) {
showMessage($lang['login_password_email_fail'], '', 'html', 'error');
}
/**
* 忘记密码发送短信----------------------------------------------------------------------------------------------------------
*/
$phone_zc = $_POST['mobile'];
//注册填写的手机号
$youghu = $_POST['username'];
//输入的用户名
$xinmima = $new_password;
//新密码
$user = $GLOBALS['setting_config']['dxuser'];
//短信接口账号
$passwd = $GLOBALS['setting_config']['dxmima'];
//短信接口密码
$message_mj = $GLOBALS['setting_config']['husjqm'];
//手机取回密码短信内容
$gateway_1 = $GLOBALS['setting_config']['husjqmjk'];
//HTTP_POST接口
$gateway_1 = iconv("UTF-8", "GB2312//IGNORE", $gateway_1);
$rccc_1 = @file_get_contents($gateway_1);
//短信发送结束------------------------------------------------------------------------------------------------------------
/**
* 发送邮件
*/
$result = $this->send_notice($member['member_id'], 'email_touser_find_password', array('site_name' => $GLOBALS['setting_config']['site_name'], 'site_url' => SiteUrl, 'user_name' => $_POST['username'], 'new_password' => $new_password), false);
if ($result) {
if (C('ucenter_status')) {
/**
* Ucenter处理
*/
$model_ucenter = Model('ucenter');
$model_ucenter->userEdit(array('login_name' => $_POST['username'], '', 'password' => trim($new_password)));
}
showMessage($lang['login_password_mobile_success'], SiteUrl);
} else {
showMessage($lang['login_password_mobile_fail'], '', 'html', 'error');
}
}
/**
* 商品咨询添加
*/
public function save_consultajaxOp()
{
//检查是否可以评论
if (!C('guest_comment') && !$_SESSION['member_id']) {
echo json_encode(array('done' => 'false', 'msg' => Language::get('goods_index_goods_noallow')));
die;
}
$goods_id = intval($_GET['goods_id']);
if ($goods_id <= 0) {
echo json_encode(array('done' => 'false', 'msg' => Language::get('wrong_argument')));
die;
}
//咨询内容的非空验证
if (trim($_GET['goods_content']) == "") {
echo json_encode(array('done' => 'false', 'msg' => Language::get('goods_index_input_consult')));
die;
}
//验证码验证
if (C('captcha_status_goodsqa') == '1' && !checkSeccode($_GET['nchash'], $_GET['captcha'])) {
echo json_encode(array('done' => 'false', 'msg' => Language::get('wrong_checkcode')));
die;
}
if (check_repeat('comment')) {
echo json_encode(array('done' => 'false', 'msg' => Language::get('nc_common_op_repeat')));
die;
}
if ($_SESSION['member_id']) {
//查询会员信息
$member_model = Model('member');
$member_info = $member_model->infoMember(array('member_id' => "{$_SESSION['member_id']}"));
if (empty($member_info) || $member_info['is_allowtalk'] == 0) {
echo json_encode(array('done' => 'false', 'msg' => Language::get('goods_index_goods_noallow')));
die;
}
}
//判断商品编号的存在性和合法性
$goods = Model('goods');
$goods_info = array();
$goods_info = $goods->checkGoods(array('goods_id' => "{$goods_id}"));
if (empty($goods_info)) {
echo json_encode(array('done' => 'false', 'msg' => Language::get('goods_index_goods_not_exists')));
die;
}
//判断是否是店主本人
if ($_SESSION['store_id'] && $goods_info['store_id'] == $_SESSION['store_id']) {
echo json_encode(array('done' => 'false', 'msg' => Language::get('goods_index_consult_store_error')));
die;
}
//检查店铺状态
$store_model = Model('store');
$store_info = $store_model->shopStore(array('store_id' => "{$goods_info['store_id']}"));
if ($store_info['store_state'] == '0' || intval($store_info['store_state']) == '2' || intval($store_info['store_end_time']) != 0 && $store_info['store_end_time'] <= time()) {
echo json_encode(array('done' => 'false', 'msg' => Language::get('goods_index_goods_store_closed')));
die;
}
//接收数据并保存
$input = array();
$input['goods_id'] = $goods_id;
$input['cgoods_name'] = $goods_info['goods_name'];
$input['member_id'] = intval($_SESSION['member_id']) > 0 ? $_SESSION['member_id'] : 0;
$input['cmember_name'] = $_SESSION['member_name'] ? $_SESSION['member_name'] : '';
$input['seller_id'] = $store_info['member_id'];
$input['email'] = $_GET['email'];
if (strtoupper(CHARSET) == 'GBK') {
$input['consult_content'] = Language::getGBK($_GET['goods_content']);
} else {
$input['consult_content'] = $_GET['goods_content'];
}
$input['isanonymous'] = $_GET['hide_name'] == 'hide' ? 1 : 0;
$consult_model = Model('consult');
if ($consult_model->addConsult($input)) {
echo json_encode(array('done' => 'true'));
die;
} else {
echo json_encode(array('done' => 'false', 'msg' => Language::get('goods_index_consult_fail')));
die;
}
}
/**
* 检测FORM是否提交
* @param $check_token 是否验证token
* @param $check_captcha 是否验证验证码
* @param $return_type 'alert','num'
* @return boolean
*/
function chksubmit($check_token = false, $check_captcha = false, $return_type = 'alert')
{
$submit = isset($_POST['form_submit']) ? $_POST['form_submit'] : $_GET['form_submit'];
if ($submit != 'ok') {
return false;
}
if ($check_token && !Security::checkToken()) {
if ($return_type == 'alert') {
showDialog('Token error!');
} else {
return -11;
}
}
if ($check_captcha) {
if (!function_exists('checkSeccode')) {
import('function.seccode');
}
if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) {
if ($return_type == 'alert') {
showDialog('Verification code error!');
} else {
return -12;
}
}
}
return true;
}
/**
* 找回密码
*/
public function find_passwordOp()
{
if (checkSeccode($_POST['nchash'], $_POST['captcha'])) {
if (C('sms_password') != 1) {
showDialog('系统没有开启手机找回密码功能', '', 'error');
}
$phone = $_POST['phone'];
$captcha = $_POST['sms_captcha'];
$condition = array();
$condition['log_phone'] = $phone;
$condition['log_captcha'] = $captcha;
$condition['log_type'] = 3;
$model_sms_log = Model('sms_log');
$sms_log = $model_sms_log->getSmsInfo($condition);
if (empty($sms_log) || $sms_log['add_time'] < TIMESTAMP - 1800) {
//半小时内进行验证为有效
showDialog('动态码错误或已过期,重新输入', '', 'error');
}
$model_member = Model('member');
$member = $model_member->getMemberInfo(array('member_mobile' => $phone));
//检查手机号是否已被注册
if (!empty($member)) {
$new_password = md5($_POST['password']);
$model_member->editMember(array('member_id' => $member['member_id']), array('member_passwd' => $new_password));
$model_member->createSession($member);
//自动登录
showDialog('密码修改成功', urlMember('member_information', 'member'), 'succ');
}
}
}
/**
* 找回密码的发邮件处理
*/
public function find_passwordOp()
{
/**
* 读取语言包
*/
Language::read('home_login_register');
$lang = Language::getLangContent();
/**
* 表单合法性验证
*/
if ($_POST['form_submit'] != 'ok') {
showMessage($lang['login_password_enter_find'], 'index.php?act=login&op=forget_password');
}
/**
* 验证码验证
*/
if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) {
showMessage($lang['login_usersave_wrong_code'], '', 'html', 'error');
}
/**
* 用户名验证
*/
if (empty($_POST['username'])) {
showMessage($lang['login_password_input_username'], '', 'html', 'error');
}
$member_model = Model('member');
$member = $member_model->infoMember(array('member_name' => $_POST['username']));
if (empty($member) or !is_array($member)) {
showMessage($lang['login_password_username_not_exists'], '', 'html', 'error');
}
/**
* 邮箱验证
*/
if (empty($_POST['email'])) {
showMessage($lang['login_password_input_email'], '', 'html', 'error');
}
if (strtoupper($_POST['email']) != strtoupper($member['member_email'])) {
showMessage($lang['login_password_email_not_exists'], '', 'html', 'error');
}
/**
* 产生密码
*/
$new_password = rand(100000, 999999);
if (!$member_model->updateMember(array('member_passwd' => md5($new_password)), $member['member_id'])) {
showMessage($lang['login_password_email_fail'], '', 'html', 'error');
}
/**
* 发送邮件
*/
$result = $this->send_notice($member['member_id'], 'email_touser_find_password', array('site_name' => $GLOBALS['setting_config']['site_name'], 'site_url' => SiteUrl, 'user_name' => $_POST['username'], 'new_password' => $new_password), false);
if ($result) {
if (C('ucenter_status')) {
/**
* Ucenter处理
*/
$model_ucenter = Model('ucenter');
$model_ucenter->userEdit(array('login_name' => $_POST['username'], '', 'password' => trim($new_password)));
}
showMessage($lang['login_password_email_success'], SiteUrl);
} else {
showMessage($lang['login_password_email_fail'], '', 'html', 'error');
}
}
/**
* 不进行父类的登录验证,所以增加构造方法重写了父类的构造方法
*/
public function __construct()
{
Language::read('common,layout,login');
$lang = Language::getLangContent();
if (chksubmit()) {
/**
* 检查提交
*/
Security::checkToken();
/**
* 登录验证
*/
$obj_validate = new Validate();
$obj_validate->validateparam = array(array("input" => $_POST["user_name"], "require" => "true", "message" => $lang['login_index_username_null']), array("input" => $_POST["password"], "require" => "true", "message" => $lang['login_index_password_null']), array("input" => $_POST["captcha"], "require" => "true", "message" => $lang['login_index_checkcode_null']));
$error = $obj_validate->validate();
if ($error != '') {
showMessage($lang['error'] . $error);
} else {
if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) {
showMessage($lang['login_index_checkcode_wrong'] . $error);
}
/**
* 验证登录
* 目前为 都可以登录
*/
$model_admin = Model('admin');
$array = array();
$array['admin_name'] = trim($_POST['user_name']);
$array['admin_password'] = md5(trim($_POST['password']));
$admin_info = $model_admin->infoAdmin($array);
if (is_array($admin_info) and !empty($admin_info)) {
$login_array = array();
$login_array['name'] = $admin_info['admin_name'];
$login_array['id'] = $admin_info['admin_id'];
/**
* 判断是否有登录权限
* 暂时对admin_info进行赋值用来做权限验证
*/
$this->setAdminInfo($login_array);
$this->checkPermission('login');
/**
* 加密 写入cookie
*/
$authkey = md5(C('setup_date') . MD5_KEY);
setNcCookie('sys_key', encrypt(serialize($login_array), $authkey));
/**
* 登录时间更新
*/
$update_info = array('admin_id' => $admin_info['admin_id'], 'admin_login_num' => $admin_info['admin_login_num'] + 1, 'admin_login_time' => time());
$model_admin->updateAdmin($update_info);
@header('Location: index.php');
exit;
} else {
showMessage($lang['login_index_username_password_wrong'], 'index.php?act=login&op=login');
}
}
}
Tpl::output('nchash', substr(md5(SiteUrl . $_GET['act'] . $_GET['op']), 0, 8));
Tpl::output('html_title', $lang['login_index_need_login']);
Tpl::showpage('login', 'login_layout');
}
