public function do_unsubscribe() { //开始发送验证码 if (check_ipop_limit(CLIENT_IP, "sms_send_code_un", intval(app_conf("SUBMIT_DELAY")))) { $mobile = addslashes(trim($_REQUEST['mobile'])); $verify = md5(trim($_REQUEST['verify'])); $session_verify = es_session::get('verify'); if ($verify != $session_verify) { $result['type'] = 0; $result['message'] = $GLOBALS['lang']['VERIFY_CODE_ERROR']; ajax_return($result); } $mobile_subscribe = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "mobile_list where mobile='" . $mobile . "' and is_effect = 1"); if (!$mobile_subscribe) { $result['type'] = 0; $result['message'] = $GLOBALS['lang']['MOBILE_NOT_SUBSCRIBE']; ajax_return($result); } $code = rand(1111, 9999); $GLOBALS['db']->query("update " . DB_PREFIX . "mobile_list set verify_code = '" . $code . "' where id = " . $mobile_subscribe['id']); send_verify_sms($mobile_subscribe['mobile'], $code); $result['type'] = 1; ajax_return($result); } else { $result['type'] = 0; $result['message'] = $GLOBALS['lang']['SUBMIT_TOO_FAST']; ajax_return($result); } }
public function dologin() { if (check_ipop_limit(get_client_ip(), "supplier_dologin", intval(app_conf("SUBMIT_DELAY")))) { $account_name = htmlspecialchars(addslashes(trim($_REQUEST['account_name']))); $account_password = htmlspecialchars(addslashes(trim($_REQUEST['account_password']))); $account = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "supplier_account where account_name = '" . $account_name . "' and account_password = '******' and is_effect = 1 and is_delete = 0"); if ($account) { if (intval($_REQUEST['save_password']) == 1) { es_cookie::set("sp_account_name", $account_name, 3600 * 24 * 30); es_cookie::set("sp_account_password", md5($account_password), 3600 * 24 * 30); } //$account_locations = $GLOBALS['db']->getAll("select location_id from ".DB_PREFIX."supplier_account_location_link where account_id = ".$account['id']); $account_locations = $GLOBALS['db']->getAll("select id from " . DB_PREFIX . "supplier_location where supplier_id = " . $account['supplier_id']); $account_location_ids = array(0); foreach ($account_locations as $row) { $account_location_ids[] = $row['id']; } $account['location_ids'] = $account_location_ids; es_session::set("account_info", $account); $result['status'] = 1; $GLOBALS['db']->query("update " . DB_PREFIX . "supplier_account set login_time = " . get_gmtime() . ",login_ip = '" . get_client_ip() . "' where id = " . $account['id']); ajax_return($result); } else { $result['status'] = 0; $result['msg'] = $GLOBALS['lang']['SUPPLIER_LOGIN_FAILED']; ajax_return($result); } } else { $result['status'] = 0; $result['msg'] = $GLOBALS['lang']['SUBMIT_TOO_FAST']; ajax_return($result); } }
public function index() { $mobile = strim($GLOBALS['request']['mobile']); if (app_conf("SMS_ON") == 0) { $root['status'] = 0; $root['info'] = '短信功能关闭'; output($root); } if ($mobile == '') { $root['status'] = 0; $root['info'] = '手机号码不能为空'; output($root); } if (!check_mobile($mobile)) { $root['status'] = 0; $root['info'] = "请输入正确的手机号码"; output($root); } if (!check_ipop_limit(CLIENT_IP, "register_verify_phone", 60, 0)) { $root['status'] = 0; $root['info'] = '发送太快了'; output($root); } $sql = "SELECT * FROM " . DB_PREFIX . "user WHERE mobile = " . $mobile; $user = $GLOBALS['db']->getRow($sql); if (empty($user)) { $root['status'] = 0; $root['info'] = "手机号未在本站注册过"; output($root); } //删除超过5分钟的验证码 $sql = "DELETE FROM " . DB_PREFIX . "sms_mobile_verify WHERE mobile_phone = '{$mobile}' and add_time <=" . (get_gmtime() - 300); $GLOBALS['db']->query($sql); $code = rand(100000, 999999); $message = "您正在找回密码,验证码:" . $code . ",如非本人操作,请忽略本短信【" . app_conf("SHOP_TITLE") . "】"; require_once APP_ROOT_PATH . "system/utils/es_sms.php"; $sms = new sms_sender(); $send = $sms->sendSms($mobile, $message); if ($send['status']) { $add_time = get_gmtime(); $GLOBALS['db']->query("insert into " . DB_PREFIX . "sms_mobile_verify(mobile_phone,code,add_time,send_count,ip) values('{$mobile}','{$code}','{$add_time}',1," . "'" . CLIENT_IP . "')"); /* 插入一条发送成功记录到队列表中 */ $msg_data['dest'] = $mobile; $msg_data['send_type'] = 0; $msg_data['content'] = addslashes($message); $msg_data['send_time'] = $add_time; $msg_data['is_send'] = 1; $msg_data['is_success'] = 1; $msg_data['create_time'] = $add_time; $msg_data['user_id'] = intval($user['id']); $msg_data['title'] = "密码找回验证"; $GLOBALS['db']->autoExecute(DB_PREFIX . "deal_msg_list", $msg_data); $root['info'] = "验证码发出,请注意查收"; $root['status'] = 1; } else { $root['info'] = "发送失败" . $send['msg']; $root['status'] = 0; } output($root); }
public function index() { $email = strim($GLOBALS['request']['email']); //用户名或邮箱 $pwd = strim($GLOBALS['request']['pwd']); //密码 if (app_conf("SMS_ON") == 0) { $root['response_code'] = 0; $root['show_err'] = $GLOBALS['lang']['SMS_OFF']; //短信未开启 output($root); } //检查用户,用户密码 $user = user_check($email, $pwd); $user_id = intval($user['id']); $root['user_id'] = $user_id; if ($user_id > 0) { $mobile = $user['mobile']; $code = intval($user['bind_verify']); if ($mobile == '') { $root['response_code'] = 0; $root['show_err'] = $GLOBALS['lang']['MOBILE_EMPTY_TIP']; output($root); } if (!check_mobile($mobile)) { $root['response_code'] = 0; $root['show_err'] = $GLOBALS['lang']['FILL_CORRECT_MOBILE_PHONE']; output($root); } if (!check_ipop_limit(get_client_ip(), "mobile_verify", 60, 0)) { $root['response_code'] = 0; $root['show_err'] = $GLOBALS['lang']['MOBILE_SMS_SEND_FAST']; //短信发送太快 output($root); } //开始生成手机验证 if ($code == 0) { //已经生成过了,则使用旧的验证码;反之生成一个新的 $code = rand(1111, 9999); $GLOBALS['db']->query("update " . DB_PREFIX . "user set bind_verify = '" . $code . "',verify_create_time = '" . TIME_UTC . "' where id = " . $user_id); } //使用立即发送方式 $result = send_verify_sms($mobile, $code, $user, true); // $root['response_code'] = $result['status']; if ($root['response_code'] == 1) { $root['show_err'] = $GLOBALS['lang']['MOBILE_VERIFY_SEND_OK']; } else { $root['show_err'] = $result['msg']; if ($root['show_err'] == null || $root['show_err'] == '') { $root['show_err'] = "验证码发送失败"; } } } else { $root['response_code'] = 0; $root['show_err'] = "未登录"; $root['user_login_status'] = 0; } output($root); }
public function reopen() { $user_id = intval($GLOBALS['user_info']['id']); if ($user_id == 0) { $GLOBALS['tmpl']->assign("ajax", 1); $data['open_win'] = 1; $data['html'] = $GLOBALS['tmpl']->fetch("inc/login_form.html"); ajax_return($data); } else { $deal_id = intval($_REQUEST['id']); if (!check_ipop_limit(get_client_ip(), "reopen", 3600, $deal_id)) { $data['open_win'] = 0; $data['info'] = $GLOBALS['lang']['REOPEN_SUBMIT_FAST']; $data['status'] = 0; ajax_return($data); } else { $GLOBALS['db']->query("update " . DB_PREFIX . "deal set reopen = reopen + 1 where id = " . $deal_id . " and time_status = 2"); $rs = $GLOBALS['db']->affected_rows(); if ($rs == 0) { $data['open_win'] = 0; $data['info'] = $GLOBALS['lang']['REOPEN_SUBMIT_FAILED']; $data['status'] = 0; ajax_return($data); } else { $data['open_win'] = 0; $data['status'] = 1; $data['info'] = $GLOBALS['lang']['REOPEN_SUBMIT_OK']; ajax_return($data); } } } }
public function index() { $mobile = addslashes(htmlspecialchars(trim($GLOBALS['request']['mobile']))); $root = array(); if (app_conf("SMS_ON") == 0) { $root['response_code'] = 0; $root['show_err'] = $GLOBALS['lang']['SMS_OFF']; //短信未开启 output($root); } if ($mobile == '') { $root['response_code'] = 0; $root['show_err'] = $GLOBALS['lang']['MOBILE_EMPTY_TIP']; //请输入你的手机号 output($root); } if (!check_mobile($mobile)) { $root['response_code'] = 0; $root['show_err'] = $GLOBALS['lang']['FILL_CORRECT_MOBILE_PHONE']; //请填写正确的手机号码 output($root); } if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where mobile = '" . $mobile . "'") > 0) { $field_show_name = $GLOBALS['lang']['USER_TITLE_mobile']; //手机号码 $root['response_code'] = 0; $root['show_err'] = sprintf($GLOBALS['lang']['EXIST_ERROR_TIP'], $field_show_name); //已存在,请重新输入 output($root); } if (!check_ipop_limit(CLIENT_IP, "mobile_verify", 60, 0)) { $root['response_code'] = 0; $root['show_err'] = $GLOBALS['lang']['MOBILE_SMS_SEND_FAST']; //短信发送太快 output($root); } //删除超过5分钟的验证码 $GLOBALS['db']->query("DELETE FROM " . DB_PREFIX . "mobile_verify_code WHERE create_time <=" . TIME_UTC - 300); $verify_code = $GLOBALS['db']->getOne("select verify_code from " . DB_PREFIX . "mobile_verify_code where mobile = '" . $mobile . "' and create_time>=" . (TIME_UTC - 180) . " ORDER BY id DESC"); if (intval($verify_code) == 0) { //如果数据库中存在验证码,则取数据库中的(上次的 );确保连接发送时,前后2条的验证码是一至的.==为了防止延时 //开始生成手机验证 $verify_code = rand(1111, 9999); $GLOBALS['db']->autoExecute(DB_PREFIX . "mobile_verify_code", array("verify_code" => $verify_code, "mobile" => $mobile, "create_time" => TIME_UTC, "client_ip" => CLIENT_IP), "INSERT"); } //使用立即发送方式 $result = send_verify_sms($mobile, $verify_code, null, true); // $root['response_code'] = $result['status']; if ($root['response_code'] == 1) { $root['show_err'] = $GLOBALS['lang']['MOBILE_VERIFY_SEND_OK']; } else { $root['show_err'] = $result['msg']; if ($root['show_err'] == null || $root['show_err'] == '') { $root['show_err'] = "验证码发送失败"; } } //../system/sms/FW_sms.php 提示账户或密码错误地址 output($root); }
public function go() { $url = strim($_REQUEST['url']); $link_item = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "link where (url = '" . $url . "' or url = 'http://" . $url . "') and is_effect = 1"); if ($link_item) { if (check_ipop_limit(get_client_ip(), "Link", 10, $link_item['id'])) { $GLOBALS['db']->query("update " . DB_PREFIX . "link set count = count + 1 where id = " . $link_item['id']); } } }
public function index() { $root = array(); $ajax = intval($_REQUEST['ajax']); $root['ajax'] = $ajax; $email = strim($GLOBALS['request']['email']); //用户名或邮箱 $pwd = strim($GLOBALS['request']['pwd']); //密码 //检查用户,用户密码 $user = user_check($email, $pwd); $user_id = intval($user['id']); if ($user_id > 0) { $comment['deal_id'] = intval($_REQUEST['id']); $deal_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal where id = " . $comment['deal_id'] . " and is_delete = 0 and is_effect = 1 "); if (!$deal_info) { $root['info'] = "该项目暂时不能评论"; output($root); } if (!check_ipop_limit(get_client_ip(), "deal_savedealcomment", 3)) { $root['info'] = "提交太快"; } output($root); $comment['content'] = strim($_REQUEST['content']); $comment['user_id'] = intval($GLOBALS['user_info']['id']); $comment['create_time'] = NOW_TIME; $comment['user_name'] = $GLOBALS['user_info']['user_name']; $comment['pid'] = intval($_REQUEST['pid']); $comment['deal_user_id'] = intval($GLOBALS['db']->getOne("select user_id from " . DB_PREFIX . "deal where id = " . $comment['deal_id'])); $comment['reply_user_id'] = intval($GLOBALS['db']->getOne("select user_id from " . DB_PREFIX . "deal_comment where id = " . $comment['pid'])); $comment['deal_user_name'] = $GLOBALS['db']->getOne("select user_name from " . DB_PREFIX . "user where id = " . intval($comment['deal_user_id'])); $comment['reply_user_name'] = $GLOBALS['db']->getOne("select user_name from " . DB_PREFIX . "user where id = " . intval($comment['reply_user_id'])); $GLOBALS['db']->autoExecute(DB_PREFIX . "deal_comment", $comment); $comment['id'] = $GLOBALS['db']->insert_id(); $GLOBALS['db']->query("update " . DB_PREFIX . "deal set comment_count = comment_count+1 where id = " . $comment['deal_id']); if (intval($_REQUEST['syn_weibo']) == 1) { $weibo_info = array(); $weibo_info['content'] = $comment['content'] . " " . get_domain() . url("deal#show", array("id" => $comment['deal_id'])); $img = $GLOBALS['db']->getOne("select image from " . DB_PREFIX . "deal where id = " . intval($comment['deal_id'])); if ($img) { $weibo_info['img'] = APP_ROOT_PATH . "/" . $img; } syn_weibo($weibo_info); } if ($ajax == 1) { $data['status'] = 1; ajax_return($data); } else { showSuccess("发表成功"); } } else { $root['user_login_status'] = 0; output($root); } }
public function index() { $mobile = addslashes(htmlspecialchars(trim($GLOBALS['request']['mobile']))); $root = array(); if (app_conf("SMS_ON") == 0) { $root['response_code'] = 0; $root['show_err'] = $GLOBALS['lang']['SMS_OFF']; output($root); } if ($mobile == '') { $root['response_code'] = 0; $root['show_err'] = $GLOBALS['lang']['MOBILE_EMPTY_TIP']; output($root); } if (!check_mobile($mobile)) { $root['response_code'] = 0; $root['show_err'] = $GLOBALS['lang']['FILL_CORRECT_MOBILE_PHONE']; output($root); } if (!check_ipop_limit(get_client_ip(), "mobile_verify", 60, 0)) { $root['response_code'] = 0; $root['show_err'] = $GLOBALS['lang']['MOBILE_SMS_SEND_FAST']; output($root); } $sql = "select id,bind_verify from " . DB_PREFIX . "user where mobile = '" . $mobile . "' and is_delete = 0"; $user_info = $GLOBALS['db']->getRow($sql); $user_id = intval($user_info['id']); $code = intval($user_info['bind_verify']); if ($user_id == 0) { //$field_show_name = $GLOBALS['lang']['USER_TITLE_mobile']; $root['response_code'] = 0; $root['show_err'] = '手机号码不存在或被禁用'; output($root); } //开始生成手机验证 if ($code == 0) { //已经生成过了,则使用旧的验证码;反之生成一个新的 $code = rand(1111, 9999); $GLOBALS['db']->query("update " . DB_PREFIX . "user set bind_verify = '" . $code . "',verify_create_time = '" . TIME_UTC . "' where id = " . $user_id); } //使用立即发送方式 $result = send_verify_sms($mobile, $code, null, true); // $root['response_code'] = $result['status']; if ($root['response_code'] == 1) { $root['show_err'] = $GLOBALS['lang']['MOBILE_VERIFY_SEND_OK']; } else { $root['show_err'] = $result['msg']; if ($root['show_err'] == null || $root['show_err'] == '') { $root['show_err'] = "验证码发送失败"; } } $root['post_type'] = trim($GLOBALS['request']['post_type']); output($root); }
public function index() { $mobile = addslashes(htmlspecialchars(trim($GLOBALS['request']['mobile']))); $root = array(); if (app_conf("SMS_ON") == 0) { $root['response_code'] = 0; $root['show_err'] = '短信未开启'; output($root); } if ($mobile == '') { $root['response_code'] = 0; $root['show_err'] = '请输入你的手机号'; output($root); } if (!check_mobile($mobile)) { $root['response_code'] = 0; $root['show_err'] = '请填写正确的手机号码'; output($root); } if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where mobile = '" . $mobile . "'") > 0) { $field_show_name = '手机号码'; $root['response_code'] = 0; $root['show_err'] = sprintf('%s已存在,请重新输入', $field_show_name); output($root); } if (!check_ipop_limit(get_client_ip(), "mobile_verify", 60, 0)) { $root['response_code'] = 0; $root['show_err'] = '短信发送太快,请稍后再试'; output($root); } //删除超过5分钟的验证码 $GLOBALS['db']->query("DELETE FROM " . DB_PREFIX . "mobile_verify_code WHERE create_time <=" . get_gmtime() - 300); $verify_code = $GLOBALS['db']->getOne("select verify_code from " . DB_PREFIX . "mobile_verify_code where mobile = '" . $mobile . "' and create_time>=" . (TIME_UTC - 180) . " ORDER BY id DESC"); if (intval($verify_code) == 0) { //如果数据库中存在验证码,则取数据库中的(上次的 );确保连接发送时,前后2条的验证码是一至的.==为了防止延时 //开始生成手机验证 $verify_code = rand(1111, 9999); $GLOBALS['db']->autoExecute(DB_PREFIX . "mobile_verify_code", array("verify_code" => $verify_code, "mobile" => $mobile, "create_time" => get_gmtime(), "client_ip" => get_client_ip()), "INSERT"); } //使用立即发送方式 $result = send_verify_sms($mobile, $verify_code, null, true); // $root['response_code'] = $result['status']; if ($root['response_code'] == 1) { $root['show_err'] = '验证短信已经发送,请注意查收'; } else { $root['show_err'] = $result['msg']; if ($root['show_err'] == null || $root['show_err'] == '') { $root['show_err'] = "验证码发送失败"; } } output($root); }
public function dologin() { if (!$_POST) { app_redirect("404.html"); exit; } if (!check_hash_key()) { showErr("非法请求!", $ajax); } foreach ($_POST as $k => $v) { $_POST[$k] = htmlspecialchars(addslashes($v)); } $ajax = intval($_REQUEST['ajax']); $_POST['user_pwd'] = strim(FW_DESPWD($_POST['user_pwd'])); require_once APP_ROOT_PATH . "system/libs/user.php"; if (check_ipop_limit(CLIENT_IP, "user_dologin", intval(app_conf("SUBMIT_DELAY")))) { $result = do_login_user($_POST['email'], $_POST['user_pwd']); } else { showErr($GLOBALS['lang']['SUBMIT_TOO_FAST'], $ajax, url("shop", "authorized#login")); } if ($result['status']) { $s_user_info = es_session::get("authorized_info"); $jump_url = url("index", "authorized#account"); $s_user_info = es_session::get("authorized_info"); if ($ajax == 1) { $return['status'] = 1; $return['info'] = $GLOBALS['lang']['LOGIN_SUCCESS']; $return['data'] = $result['msg']; $return['jump'] = $jump_url; ajax_return($return); } else { $GLOBALS['tmpl']->assign('integrate_result', $result['msg']); showSuccess($GLOBALS['lang']['LOGIN_SUCCESS'], $ajax, $jump_url); } } else { if ($result['data'] == ACCOUNT_NO_EXIST_ERROR) { $err = $GLOBALS['lang']['USER_NOT_EXIST']; } if ($result['data'] == ACCOUNT_PASSWORD_ERROR) { $err = $GLOBALS['lang']['PASSWORD_ERROR']; } if ($result['data'] == ACCOUNT_NO_VERIFY_ERROR) { $err = $GLOBALS['lang']['USER_NOT_VERIFY']; if (app_conf("MAIL_ON") == 1 && $ajax == 0) { $GLOBALS['tmpl']->assign("page_title", $err); $GLOBALS['tmpl']->assign("user_info", $result['user']); $GLOBALS['tmpl']->display("verify_user.html"); exit; } } showErr($err, $ajax); } }
public function dovote() { $ok = false; $ajax = intval($_REQUEST['ajax']); foreach ($_REQUEST['name'] as $vote_ask_id => $names) { foreach ($names as $kk => $name) { if ($name != '') { $ok = true; } } } if (!$ok) { showErr("请选择要调查的内容", $ajax, ''); } $vote_id = intval($_REQUEST['vote_id']); if (check_ipop_limit(get_client_ip(), "vote", 3600, $vote_id)) { foreach ($_REQUEST['name'] as $vote_ask_id => $names) { foreach ($names as $kk => $name) { $name = htmlspecialchars(addslashes(trim($name))); $result = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "vote_result where name = '" . $name . "' and vote_id = " . $vote_id . " and vote_ask_id = " . $vote_ask_id); $is_add = true; if ($result) { $GLOBALS['db']->query("update " . DB_PREFIX . "vote_result set count = count + 1 where name = '" . $name . "' and vote_id = " . $vote_id . " and vote_ask_id = " . $vote_ask_id); if (intval($GLOBALS['db']->affected_rows()) != 0) { $is_add = false; } } if ($is_add) { if ($name != '') { $result = array(); $result['name'] = $name; $result['vote_id'] = $vote_id; $result['vote_ask_id'] = $vote_ask_id; $result['count'] = 1; $GLOBALS['db']->autoExecute(DB_PREFIX . "vote_result", $result); } } } } $vote_list = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "vote_list where vote_id = " . $vote_id); $vote_list = array(); $vote_list['vote_id'] = $vote_id; $vote_list['value'] = serialize($_REQUEST['name']); $GLOBALS['db']->autoExecute(DB_PREFIX . "vote_list", $vote_list); showSuccess("调查提交成功", $ajax, url("vote#index")); } else { showErr("你已经提交过该问卷", $ajax, ''); } }
public function index() { $GLOBALS['tmpl']->caching = true; $cache_id = md5(MODULE_NAME . ACTION_NAME . trim($_REQUEST['id']) . $GLOBALS['deal_city']['id']); if (!$GLOBALS['tmpl']->is_cached('page/help_index.html', $cache_id)) { $id = intval($_REQUEST['id']); $uname = addslashes(trim($_REQUEST['id'])); if ($id == 0 && $uname == '') { $id = $GLOBALS['db']->getOne("select a.id from " . DB_PREFIX . "article as a left join " . DB_PREFIX . "article_cate as ac on a.cate_id = ac.id where ac.type_id = 1 order by a.sort desc"); } elseif ($id == 0 && $uname != '') { $id = $GLOBALS['db']->getOne("select id from " . DB_PREFIX . "article where uname = '" . $uname . "'"); } $article = get_article($id); if (!$article || $article['type_id'] != 1) { app_redirect(APP_ROOT . "/"); } else { if (check_ipop_limit(get_client_ip(), "article", 60, $article['id'])) { //每一分钟访问更新一次点击数 $GLOBALS['db']->query("update " . DB_PREFIX . "article set click_count = click_count + 1 where id =" . $article['id']); } if ($article['rel_url'] != '') { if (!preg_match("/http:\\/\\//i", $article['rel_url'])) { if (substr($article['rel_url'], 0, 2) == 'u:') { app_redirect(parse_url_tag($article['rel_url'])); } else { app_redirect(APP_ROOT . "/" . $article['rel_url']); } } else { app_redirect($article['rel_url']); } } } $article = get_article($id); $GLOBALS['tmpl']->assign("article", $article); $seo_title = $article['seo_title'] != '' ? $article['seo_title'] : $article['title']; $GLOBALS['tmpl']->assign("page_title", $seo_title); $seo_keyword = $article['seo_keyword'] != '' ? $article['seo_keyword'] : $article['title']; $GLOBALS['tmpl']->assign("page_keyword", $seo_keyword . ","); $seo_description = $article['seo_description'] != '' ? $article['seo_description'] : $article['title']; $GLOBALS['tmpl']->assign("page_description", $seo_description . ","); $GLOBALS['tmpl']->assign("relate_help", $cate_list); } $GLOBALS['tmpl']->display("page/help_index.html", $cache_id); }
public function dovote() { $ok = false; foreach ($_REQUEST['name'] as $vote_ask_id => $names) { foreach ($names as $kk => $name) { if ($name != '') { $ok = true; } } } if (!$ok) { showErr($GLOBALS['lang']['YOU_DONT_CHOICE']); } $vote_id = intval($_REQUEST['vote_id']); if (check_ipop_limit(get_client_ip(), "vote", 3600, $vote_id)) { foreach ($_REQUEST['name'] as $vote_ask_id => $names) { foreach ($names as $kk => $name) { $name = htmlspecialchars(addslashes(trim($name))); $result = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "vote_result where name = '" . $name . "' and vote_id = " . $vote_id . " and vote_ask_id = " . $vote_ask_id); $is_add = true; if ($result) { $GLOBALS['db']->query("update " . DB_PREFIX . "vote_result set count = count + 1 where name = '" . $name . "' and vote_id = " . $vote_id . " and vote_ask_id = " . $vote_ask_id); if (intval($GLOBALS['db']->affected_rows()) != 0) { $is_add = false; } } if ($is_add) { if ($name != '') { $result = array(); $result['name'] = $name; $result['vote_id'] = $vote_id; $result['vote_ask_id'] = $vote_ask_id; $result['count'] = 1; $GLOBALS['db']->autoExecute(DB_PREFIX . "vote_result", $result); } } } } showSuccess($GLOBALS['lang']['VOTE_SUCCESS']); } else { showErr($GLOBALS['lang']['YOU_VOTED']); } }
public function reply() { $ajax = 1; global_run(); if (!$GLOBALS['user_info']) { $result['status'] = -1000; $result['info'] = "未登录"; ajax_return($result); } if ($_REQUEST['content'] == '') { showErr($GLOBALS['lang']['MESSAGE_CONTENT_EMPTY'], $ajax); } /*验证每天只允许评论5次*/ $day_send_count = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "topic_reply where create_time>" . to_timespan(to_date(NOW_TIME, "Y-m-d"), "Y-m-d") . " and create_time<" . NOW_TIME); if ($day_send_count >= 8) { showErr('今天你已经发很多了哦~', $ajax); } if (!check_ipop_limit(get_client_ip(), "message", intval(app_conf("SUBMIT_DELAY")), 0)) { showErr($GLOBALS['lang']['MESSAGE_SUBMIT_FAST'], $ajax); } $topic_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "topic where id = " . intval($_REQUEST['topic_id'])); if (!$topic_info) { showErr("主题不存在", $ajax); } $reply_data = array(); $reply_data['topic_id'] = intval($_REQUEST['topic_id']); $reply_data['user_id'] = intval($GLOBALS['user_info']['id']); $reply_data['user_name'] = $GLOBALS['user_info']['user_name']; $reply_data['reply_id'] = intval($_REQUEST['reply_id']); $reply_data['create_time'] = NOW_TIME; $reply_data['is_effect'] = 1; $reply_data['is_delete'] = 0; $reply_data['content'] = strim(valid_str(addslashes($_REQUEST['content']))); require_once APP_ROOT_PATH . 'system/model/topic.php'; $reply_id = insert_topic_reply($reply_data); //返回页面的数据 $reply_data['reply_id'] = $reply_id; $reply_data['create_time'] = to_date(NOW_TIME, "Y-m-d H:i"); $reply_data['avatar'] = show_avatar($reply_data['user_id'], "small"); $reply_data['user_url'] = url("index", "uc_home#index", array("id" => $reply_data['user_id'])); $reply_data['status'] = 1; ajax_return($reply_data); }
public function addmail() { $ajax = intval($_REQUEST['ajax']); if (!check_ipop_limit(get_client_ip(), "subscribe#addmail", intval(app_conf("SUBMIT_DELAY")), 0)) { showErr($GLOBALS['lang']['SUBMIT_TOO_FAST'], $ajax); } if (trim($_REQUEST['email']) == '') { showErr($GLOBALS['lang']['EMAIL_EMPTY_TIP'], $ajax); } if (!check_email($_REQUEST['email'])) { showErr($GLOBALS['lang']['EMAIL_FORMAT_ERROR_TIP'], $ajax); } if ($_REQUEST['othercity'] && trim($_REQUEST['othercity']) != '') { //提交其他城市 $other_city = htmlspecialchars(addslashes($_REQUEST['othercity'])); $other_city_item = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal_city where name = '" . $other_city . "'"); if ($other_city_item) { $city_id = $other_city_item['id']; } else { $new_city['name'] = $other_city; $new_city['pid'] = $GLOBALS['db']->getOne("select id from " . DB_PREFIX . "deal_city where pid = 0"); $GLOBALS['db']->autoExecute(DB_PREFIX . "deal_city", $new_city); $city_id = $GLOBALS['db']->insert_id(); } } elseif (intval($_REQUEST['cityid']) != 0) { $city_id = intval($_REQUEST['cityid']); } else { $city_item = get_current_deal_city(); $city_id = $city_item['id']; } $mail_item['mail_address'] = addslashes(trim(htmlspecialchars($_REQUEST['email']))); $mail_item['city_id'] = $city_id; $mail_item['is_effect'] = 1; if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "mail_list where mail_address='" . $mail_item['mail_address'] . "'") == 0) { //没有订阅过 $GLOBALS['db']->autoExecute(DB_PREFIX . "mail_list", $mail_item); } showSuccess($GLOBALS['lang']['SUBSCRIBE_SUCCESS'], $ajax); }
function log_deal_visit($deal_id) { if (check_ipop_limit(get_client_ip(), "deal_show", 600, $deal_id)) { if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "deal_visit_log where deal_id = " . $deal_id . " and client_ip = '" . get_client_ip() . "' and " . NOW_TIME . " - create_time < 600") == 0) { $view_data['deal_id'] = $deal_id; $view_data['client_ip'] = get_client_ip(); $view_data['create_time'] = NOW_TIME; $GLOBALS['db']->autoExecute(DB_PREFIX . "deal_visit_log", $view_data); $GLOBALS['db']->query("update " . DB_PREFIX . "deal set view_count = view_count + 1 where id = " . $deal_id); } } }
public function investor_agency_save_data($from = 'web') { if (!$GLOBALS['user_info']) { if ($from == 'web') { app_redirect(url("user#login")); } elseif ($from == 'wap') { app_redirect(url_wap("user#login")); } } if (!check_ipop_limit(get_client_ip(), "user_investor_result", 5)) { showErr("提交太快", 1); } $id = intval($_REQUEST['id']); $ajax = intval($_POST['ajax']); $identify_business_name = strim($_POST['identify_business_name']); $identify_business_licence = es_session::get("identify_business_licence"); $identify_business_code = es_session::get("identify_business_code"); $identify_business_tax = es_session::get("identify_business_tax"); $image1['url'] = replace_public(strim($_POST['identify_business_licence_u'])); $image2['url'] = replace_public(strim($_POST['identify_business_code_u'])); $image3['url'] = replace_public(strim($_POST['identify_business_tax_u'])); $data = investor_agency_save($id, $ajax = '', $identify_business_name, $identify_business_licence, $identify_business_code, $identify_business_tax, $image1['url'], $image2['url'], $image3['url']); ajax_return($data); return false; }
public function do_api_login() { $api_info = es_session::get("api_user_info"); if (!$api_info) { app_redirect_preview(); } if (!$_POST) { app_redirect(APP_ROOT . "/"); } foreach ($_POST as $k => $v) { $_POST[$k] = strim($v); } $ajax = intval($_REQUEST['ajax']); if (!check_ipop_limit(get_client_ip(), "user_do_api_login", 5)) { showErr("提交太快", $ajax); } require_once APP_ROOT_PATH . "system/libs/user.php"; $result = do_login_user($_POST['email'], $_POST['user_pwd']); if ($result['status']) { $s_user_info = es_session::get("user_info"); $GLOBALS['db']->query("update " . DB_PREFIX . "user set " . $api_info['field'] . " = '" . $api_info['name'] . "'," . $api_info['token_field'] . " = '" . $api_info['token'] . "'," . $api_info['secret_field'] . " = '" . $api_info['secret'] . "'," . $api_info['url_field'] . " = '" . $api_info['url'] . "' where id = " . $s_user_info['id']); $GLOBALS['db']->query("delete from " . DB_PREFIX . "user_weibo where user_id = " . intval($s_user_info['id']) . " and weibo_url = '" . $api_info['url'] . "'"); update_user_weibo(intval($s_user_info['id']), $api_info['url']); if ($ajax == 0 && trim(app_conf("INTEGRATE_CODE")) == '') { $redirect = $_SERVER['HTTP_REFERER'] ? $_SERVER['HTTP_REFERER'] : url("index"); app_redirect($redirect); } else { $jump_url = get_gopreview(); if ($ajax == 1) { $return['status'] = 1; $return['info'] = "登录成功"; $return['data'] = $result['msg']; $return['jump'] = $jump_url; ajax_return($return); } else { $GLOBALS['tmpl']->assign('integrate_result', $result['msg']); showSuccess("登录成功", $ajax, $jump_url); } } } else { if ($result['data'] == ACCOUNT_NO_EXIST_ERROR) { $err = "会员不存在"; } if ($result['data'] == ACCOUNT_PASSWORD_ERROR) { $err = "密码错误"; } showErr($err, $ajax); } }
public function index() { require_once APP_ROOT_PATH . "system/libs/user.php"; $root = array(); $email = strim($GLOBALS['request']['email']); //用户名或邮箱 $pwd = strim($GLOBALS['request']['pwd']); //密码 //检查用户,用户密码 $user = user_check($email, $pwd); $user_id = intval($user['id']); if ($user_id > 0) { $root['user_login_status'] = 1; $root['response_code'] = 1; if (!check_ipop_limit(get_client_ip(), "setting_save_index", 5)) { $root['show_err'] = "提交太频繁"; } require_once APP_ROOT_PATH . "system/libs/user.php"; $user_data = array(); $user_data['province'] = strim($_REQUEST['province']); $user_data['city'] = strim($_REQUEST['city']); $user_data['sex'] = intval($_REQUEST['sex']); $user_data['intro'] = strim($_REQUEST['intro']); $GLOBALS['db']->autoExecute(DB_PREFIX . "user", $user_data, "UPDATE", "id=" . intval($GLOBALS['user_info']['id'])); $GLOBALS['db']->query("delete from " . DB_PREFIX . "user_weibo where user_id = " . intval($GLOBALS['user_info']['id'])); $weibo_data = array(); $weibo_data['user_id'] = intval($GLOBALS['user_info']['id']); $weibo_data['weibo_url'] = strim($_REQUEST['weibo_url']); $GLOBALS['db']->autoExecute(DB_PREFIX . "user_weibo", $weibo_data); //$root['image'] =$GLOBALS['m_config']['page_size']; // showSuccess("资料保存成功",$ajax,url('settings#index')); // file_put_contents(APP_ROOT_PATH."public/test.txt", print_r($_FILES, 1)); if (isset($_FILES['image_1'])) { //开始上传 //创建avatar临时目录 if (!is_dir(APP_ROOT_PATH . "public/avatar")) { @mkdir(APP_ROOT_PATH . "public/avatar"); @chmod(APP_ROOT_PATH . "public/avatar", 0777); } if (!is_dir(APP_ROOT_PATH . "public/avatar/temp")) { @mkdir(APP_ROOT_PATH . "public/avatar/temp"); @chmod(APP_ROOT_PATH . "public/avatar/temp", 0777); } $img_result = save_image_upload($_FILES, "image_1", "avatar/temp", $whs = array('small' => array(48, 48, 1, 0), 'middle' => array(120, 120, 1, 0), 'big' => array(200, 200, 1, 0))); //开始移动图片到相应位置 $id = intval($user['id']); $uid = sprintf("%09d", $id); $dir1 = substr($uid, 0, 3); $dir2 = substr($uid, 3, 2); $dir3 = substr($uid, 5, 2); $path = $dir1 . '/' . $dir2 . '/' . $dir3; //创建相应的目录 if (!is_dir(APP_ROOT_PATH . "public/avatar/" . $dir1)) { @mkdir(APP_ROOT_PATH . "public/avatar/" . $dir1); @chmod(APP_ROOT_PATH . "public/avatar/" . $dir1, 0777); } if (!is_dir(APP_ROOT_PATH . "public/avatar/" . $dir1 . '/' . $dir2)) { @mkdir(APP_ROOT_PATH . "public/avatar/" . $dir1 . '/' . $dir2); @chmod(APP_ROOT_PATH . "public/avatar/" . $dir1 . '/' . $dir2, 0777); } if (!is_dir(APP_ROOT_PATH . "public/avatar/" . $dir1 . '/' . $dir2 . '/' . $dir3)) { @mkdir(APP_ROOT_PATH . "public/avatar/" . $dir1 . '/' . $dir2 . '/' . $dir3); @chmod(APP_ROOT_PATH . "public/avatar/" . $dir1 . '/' . $dir2 . '/' . $dir3, 0777); } $id = str_pad($id, 2, "0", STR_PAD_LEFT); $id = substr($id, -2); $avatar_file_big = APP_ROOT_PATH . "public/avatar/" . $path . "/" . $id . "virtual_avatar_big.jpg"; $avatar_file_middle = APP_ROOT_PATH . "public/avatar/" . $path . "/" . $id . "virtual_avatar_middle.jpg"; $avatar_file_small = APP_ROOT_PATH . "public/avatar/" . $path . "/" . $id . "virtual_avatar_small.jpg"; // file_put_contents(APP_ROOT_PATH."public/test1.txt", print_r($avatar_file_small, 1)); @file_put_contents($avatar_file_big, file_get_contents($img_result['image_1']['thumb']['big']['path'])); @file_put_contents($avatar_file_middle, file_get_contents($img_result['image_1']['thumb']['middle']['path'])); @file_put_contents($avatar_file_small, file_get_contents($img_result['image_1']['thumb']['small']['path'])); @unlink($img_result['image_1']['thumb']['big']['path']); @unlink($img_result['image_1']['thumb']['middle']['path']); @unlink($img_result['image_1']['thumb']['small']['path']); @unlink($img_result['image_1']['path']); //end 上传 } $root['user_avatar'] = get_abs_img_root(get_muser_avatar($user['id'], "big")); $root['info'] = "资料保存成功"; } else { $root['response_code'] = 0; $root['show_err'] = "未登录"; $root['user_login_status'] = 0; } output($root); }
public function investor_six_save() { $ajax = intval($_REQUEST['ajax']); if (!check_ipop_limit(get_client_ip(), "project_save", 5)) { showErr("提交太频繁", $ajax, ""); } $id = intval($_REQUEST['id']); $is_effect = $GLOBALS['db']->getOne("select is_effect from " . DB_PREFIX . "deal where id = " . $id); if ($id > 0 && $is_effect == 1) { showErr("项目已提交,不能更改", $ajax, ""); } $attach = deal_investor_info($_REQUEST['attach'], 'attach'); $data['attach'] = serialize($attach['data']); $data['investor_edit'] = 1; if ($id == 0) { $GLOBALS['db']->autoExecute(DB_PREFIX . "deal", $data, "INSERT", "", "SILENT"); $result_id = intval($GLOBALS['db']->insert_id()); if ($result_id > 0) { showSuccess("保存成功", $ajax, url_wap("project#investor_edit", array("id" => $result_id))); } else { showErr("保存失败", $ajax); } } else { $GLOBALS['db']->autoExecute(DB_PREFIX . "deal", $data, "UPDATE", "id=" . $id, "SILENT"); $investor_edit = $GLOBALS['db']->getOne("select investor_edit from " . DB_PREFIX . "deal where id = " . $id . " and is_delete = 0 and user_id = " . intval($GLOBALS['user_info']['id'])); if ($investor_edit == 1) { showSuccess("保存成功", $ajax, url_wap("project#investor_edit", array("id" => $id))); } else { showSuccess("保存成功", $ajax, url_wap("project#investor_edit", array("id" => $id))); } } }
public function index() { $root = array(); $email = strim($GLOBALS['request']['email']); //用户名或邮箱 $pwd = strim($GLOBALS['request']['pwd']); //密码 //检查用户,用户密码 $user = user_check($email, $pwd); $user_id = intval($user['id']); if ($user_id > 0) { $root['user_login_status'] = 1; if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user_consignee where user_id = " . intval($GLOBALS['user_info']['id'])) > 10) { $root['info'] = '每个会员只能预设10个配送地址'; } $id = intval($_REQUEST['id']); $consignee = strim($_REQUEST['consignee']); $province = strim($_REQUEST['province']); $city = strim($_REQUEST['city']); $address = strim($_REQUEST['address']); $zip = strim($_REQUEST['zip']); $mobile = strim($_REQUEST['mobile']); if ($consignee == "") { $root['info'] = '请填写收货人姓名'; } if ($province == "") { $root['info'] = '请选择省份'; } if ($city == "") { $root['info'] = '请选择城市'; } if ($address == "") { $root['info'] = '请填写详细地址'; } if (!check_postcode($zip)) { $root['info'] = '请填写正确的邮编'; } if ($mobile == "") { $root['info'] = '请填写收货人手机号码'; } if (!check_mobile($mobile)) { $root['info'] = '请填写正确的手机号码'; } $data = array(); $data['consignee'] = $consignee; $data['province'] = $province; $data['city'] = $city; $data['address'] = $address; $data['zip'] = $zip; $data['mobile'] = $mobile; $data['user_id'] = intval($GLOBALS['user_info']['id']); if (!check_ipop_limit(get_client_ip(), "setting_save_consignee", 5)) { $root['info'] = '提交太频繁'; } if ($id > 0) { $GLOBALS['db']->autoExecute(DB_PREFIX . "user_consignee", $data, "UPDATE", "id=" . $id); } else { $GLOBALS['db']->autoExecute(DB_PREFIX . "user_consignee", $data); $root['response_code'] = 1; $root['info'] = '保存成功'; } //$root['info']='保存成功'; //showSuccess("保存成功",$ajax,get_gopreview()); } else { $root['response_code'] = 0; $root['show_err'] = "未登录"; $root['user_login_status'] = 0; } output($root); }
public function send_mobie_pwd_sncode_new() { if (app_conf("SMS_ON") == 0) { $data['status'] = 0; $data['info'] = $GLOBALS['lang']['SMS_OFF']; ajax_return($data); } $mobile = addslashes(htmlspecialchars(trim($_REQUEST['mobile']))); if ($mobile == '') { $data['status'] = 0; $data['info'] = "请输入你的手机号"; ajax_return($data); } if (!check_mobile($mobile)) { $data['status'] = 0; $data['info'] = "请填写正确的手机号码"; ajax_return($data); } $field_name = addslashes(trim($_REQUEST['mobile'])); $field_data = $mobile; $user_id = $GLOBALS['db']->getOne("select id from " . DB_PREFIX . "user where mobile='" . $field_data . "' "); if ($user_id) { if (!check_ipop_limit(get_client_ip(), "mobile_verify", 60, 0)) { $data['status'] = 0; $data['info'] = "发送速度太快了"; ajax_return($data); } if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "mobile_verify_code where mobile = '" . $mobile . "' and client_ip='" . get_client_ip() . "' and create_time>=" . (get_gmtime() - 60) . " ORDER BY id DESC") > 0) { $data['status'] = 0; $data['info'] = "发送速度太快了"; ajax_return($data); } //删除超过5分钟的验证码 $GLOBALS['db']->query("DELETE FROM " . DB_PREFIX . "mobile_verify_code WHERE create_time <=" . get_gmtime() - 300); $verify_code = $GLOBALS['db']->getOne("select verify_code from " . DB_PREFIX . "mobile_verify_code where mobile = '" . $mobile . "' and create_time>=" . (NOW_TIME - 180) . " ORDER BY id DESC"); if (intval($verify_code) == 0) { //如果数据库中存在验证码,则取数据库中的(上次的 );确保连接发送时,前后2条的验证码是一至的.==为了防止延时 //开始生成手机验证 $verify_code = rand(100000, 999999); $GLOBALS['db']->autoExecute(DB_PREFIX . "mobile_verify_code", array("verify_code" => $verify_code, "mobile" => $mobile, "create_time" => get_gmtime(), "client_ip" => get_client_ip()), "INSERT"); } //使用立即发送方式 send_verify_sms($mobile, $verify_code); $data['status'] = 1; $data['info'] = "验证码发送成功"; ajax_return($data); } else { $result['status'] = 0; $result['info'] = "该手机不存在,请重新输入"; ajax_return($result); } }
function user_login($username_email, $pwd) { require_once APP_ROOT_PATH . "system/libs/user.php"; if (check_ipop_limit(get_client_ip(), "user_dologin", intval(app_conf("SUBMIT_DELAY")))) { $result = do_login_user($username_email, $pwd); } else { //showErr($GLOBALS['lang']['SUBMIT_TOO_FAST'],$ajax,url("shop","user#login")); $result['status'] = 0; $result['msg'] = $GLOBALS['lang']['SUBMIT_TOO_FAST']; return $result; } if ($result['status']) { //$GLOBALS['user_info'] = $result["user"]; return $result; } else { $GLOBALS['user_info'] = null; unset($GLOBALS['user_info']); if ($result['data'] == ACCOUNT_NO_EXIST_ERROR) { $err = $GLOBALS['lang']['USER_NOT_EXIST']; } if ($result['data'] == ACCOUNT_PASSWORD_ERROR) { $err = $GLOBALS['lang']['PASSWORD_ERROR']; } if ($result['data'] == ACCOUNT_NO_VERIFY_ERROR) { $err = $GLOBALS['lang']['USER_NOT_VERIFY']; } $result['msg'] = $err; return $result; } }
public function add() { $user_info = $GLOBALS['user_info']; $ajax = intval($_REQUEST['ajax']); if (!$user_info) { showErr($GLOBALS['lang']['PLEASE_LOGIN_FIRST'], $ajax); } if ($_REQUEST['content'] == '') { showErr($GLOBALS['lang']['MESSAGE_CONTENT_EMPTY'], $ajax); } //验证码 if (app_conf("VERIFY_IMAGE") == 1) { $verify = md5(trim($_REQUEST['verify'])); $session_verify = es_session::get('verify'); if ($verify != $session_verify) { showErr($GLOBALS['lang']['VERIFY_CODE_ERROR'], $ajax); } } if (!check_ipop_limit(get_client_ip(), "message", intval(app_conf("SUBMIT_DELAY")), 0)) { showErr($GLOBALS['lang']['MESSAGE_SUBMIT_FAST'], $ajax); } $rel_table = strim($_REQUEST['rel_table']); $message_type = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "message_type where type_name='" . $rel_table . "'"); if (!$message_type) { showErr($GLOBALS['lang']['INVALID_MESSAGE_TYPE'], $ajax); } //添加留言 $message['title'] = $_REQUEST['title'] ? strim($_REQUEST['title']) : btrim(valid_str($_REQUEST['content'])); $message['content'] = btrim(valid_str($_REQUEST['content'])); $message['title'] = valid_str($message['title']); $message['create_time'] = TIME_UTC; $message['rel_table'] = $rel_table; $message['rel_id'] = intval($_REQUEST['rel_id']); $message['user_id'] = intval($GLOBALS['user_info']['id']); if (app_conf("USER_MESSAGE_AUTO_EFFECT") == 0) { $message_effect = 0; } else { $message_effect = $message_type['is_effect']; } $message['is_effect'] = $message_effect; $GLOBALS['db']->autoExecute(DB_PREFIX . "message", $message); $l_user_id = $GLOBALS['db']->getOne("SELECT user_id FROM " . DB_PREFIX . "deal WHERE id=" . $message['rel_id']); //添加到动态 insert_topic($rel_table . "_message", $message['rel_id'], $message['user_id'], $GLOBALS['user_info']['user_name'], $l_user_id); if ($rel_table == "deal") { require_once APP_ROOT_PATH . 'app/Lib/deal.php'; $deal = get_deal($message['rel_id']); //自己给自己留言不执行操作 if ($deal['user_id'] != $message['user_id']) { $msg_conf = get_user_msg_conf($deal['user_id']); //站内信 if ($msg_conf['sms_asked'] == 1) { $content = "<p>您好,用户 " . get_user_name($message['user_id']) . "对您发布的借款列表 “<a href=\"" . $deal['url'] . "\">" . $deal['name'] . "</a>”进行了以下留言:</p>"; $content .= "<p>“" . $message['content'] . "”</p>"; send_user_msg("", $content, 0, $deal['user_id'], TIME_UTC, 0, true, 13, $message['rel_id']); } //邮件 if ($msg_conf['mail_asked'] == 1 && app_conf('MAIL_ON') == 1) { $user_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . $deal['user_id']); $tmpl = $GLOBALS['db']->getRowCached("select * from " . DB_PREFIX . "msg_template where name = 'TPL_MAIL_DEAL_MSG'"); $tmpl_content = $tmpl['content']; $notice['user_name'] = $user_info['user_name']; $notice['msg_user_name'] = get_user_name($message['user_id'], false); $notice['deal_name'] = $deal['name']; $notice['deal_url'] = SITE_DOMAIN . url("index", "deal", array("id" => $deal['id'])); $notice['message'] = $message['content']; $notice['site_name'] = app_conf("SHOP_TITLE"); $notice['site_url'] = SITE_DOMAIN . APP_ROOT; $notice['help_url'] = SITE_DOMAIN . url("index", "helpcenter"); $GLOBALS['tmpl']->assign("notice", $notice); $msg = $GLOBALS['tmpl']->fetch("str:" . $tmpl_content); $msg_data['dest'] = $user_info['email']; $msg_data['send_type'] = 1; $msg_data['title'] = get_user_name($message['user_id'], false) . "给您的标留言!"; $msg_data['content'] = addslashes($msg); $msg_data['send_time'] = 0; $msg_data['is_send'] = 0; $msg_data['create_time'] = TIME_UTC; $msg_data['user_id'] = $user_info['id']; $msg_data['is_html'] = $tmpl['is_html']; $GLOBALS['db']->autoExecute(DB_PREFIX . "deal_msg_list", $msg_data); //插入 } } } showSuccess($GLOBALS['lang']['MESSAGE_POST_SUCCESS'], $ajax); }
public function index() { $id = intval($_REQUEST['id']); $uname = addslashes(trim($_REQUEST['id'])); if ($uname == 'list') { $this->list_notice(); exit; } $GLOBALS['tmpl']->caching = true; $cache_id = md5(MODULE_NAME . ACTION_NAME . trim($_REQUEST['id']) . $GLOBALS['deal_city']['id']); if (!$GLOBALS['tmpl']->is_cached('sys_index.html', $cache_id)) { if ($id == 0 && $uname == '') { app_redirect(APP_ROOT . "/"); } elseif ($id == 0 && $uname != '') { $id = $GLOBALS['db']->getOne("select id from " . DB_PREFIX . "article where uname = '" . $uname . "'"); } $article = get_article($id); if (!$article || $article['type_id'] != 3) { app_redirect(APP_ROOT . "/"); } else { if (check_ipop_limit(get_client_ip(), "article", 60, $article['id'])) { //每一分钟访问更新一次点击数 $GLOBALS['db']->query("update " . DB_PREFIX . "article set click_count = click_count + 1 where id =" . $article['id']); } if ($article['rel_url'] != '') { if (!preg_match("/http:\\/\\//i", $article['rel_url'])) { if (substr($article['rel_url'], 0, 2) == 'u:') { app_redirect(parse_url_tag($article['rel_url'])); } else { app_redirect(APP_ROOT . "/" . $article['rel_url']); } } else { app_redirect($article['rel_url']); } } } $article = get_article($id); $GLOBALS['tmpl']->assign("article", $article); //开始输出当前的site_nav $site_nav[] = array('name' => $GLOBALS['lang']['HOME_PAGE'], 'url' => APP_ROOT . "/"); $site_nav[] = array('name' => $GLOBALS['lang']['SHOP_SYSTEM'], 'url' => url("shop", "sys#list")); if ($article['type_id'] == 1) { $module = "help"; } elseif ($article['type_id'] == 2) { $module = "notice"; } elseif ($article['type_id'] == 3) { $module = "sys"; } else { $module = 'article'; } if ($article['uname'] != '') { $aurl = url("index", $module, array("id" => $article['uname'])); } else { $aurl = url("index", $module, array("id" => $article['id'])); } $site_nav[] = array('name' => $article['title'], 'url' => $aurl); $GLOBALS['tmpl']->assign("site_nav", $site_nav); //输出当前的site_nav $seo_title = $article['seo_title'] != '' ? $article['seo_title'] : $article['title']; $GLOBALS['tmpl']->assign("page_title", $seo_title); $seo_keyword = $article['seo_keyword'] != '' ? $article['seo_keyword'] : $article['title']; $GLOBALS['tmpl']->assign("page_keyword", $seo_keyword . ","); $seo_description = $article['seo_description'] != '' ? $article['seo_description'] : $article['title']; $GLOBALS['tmpl']->assign("page_description", $seo_description . ","); } $GLOBALS['tmpl']->display("sys_index.html", $cache_id); }
public function add() { global $user_info; $ajax = intval($_REQUEST['ajax']); if (!$user_info) { showErr($GLOBALS['lang']['PLEASE_LOGIN_FIRST'], $ajax); } if ($_REQUEST['content'] == '') { showErr($GLOBALS['lang']['MESSAGE_CONTENT_EMPTY'], $ajax); } if (!check_ipop_limit(get_client_ip(), "message", intval(app_conf("SUBMIT_DELAY")), 0)) { showErr($GLOBALS['lang']['MESSAGE_SUBMIT_FAST'], $ajax); } $rel_table = addslashes(trim($_REQUEST['rel_table'])); $message_type = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "message_type where type_name='" . $rel_table . "' and type_name <> 'supplier'"); if (!$message_type) { showErr($GLOBALS['lang']['INVALID_MESSAGE_TYPE'], $ajax); } $message_group = addslashes(trim($_REQUEST['message_group'])); //添加留言 $message['title'] = $_REQUEST['title'] ? htmlspecialchars(addslashes(valid_str($_REQUEST['title']))) : htmlspecialchars(addslashes(valid_str($_REQUEST['content']))); $message['content'] = htmlspecialchars(addslashes(valid_str($_REQUEST['content']))); $message['title'] = valid_str($message['title']); if ($message_group) { $message['title'] = "[" . $message_group . "]:" . $message['title']; $message['content'] = "[" . $message_group . "]:" . $message['content']; } $message['create_time'] = get_gmtime(); $message['rel_table'] = $rel_table; $rel_id = $message['rel_id'] = addslashes(trim($_REQUEST['rel_id'])); $message['user_id'] = intval($GLOBALS['user_info']['id']); if (intval($_REQUEST['city_id']) == 0) { $message['city_id'] = $GLOBALS['deal_city']['id']; } else { $message['city_id'] = intval($_REQUEST['city_id']); } if (app_conf("USER_MESSAGE_AUTO_EFFECT") == 0) { $message_effect = 0; } else { $message_effect = $message_type['is_effect']; } $message['is_effect'] = $message_effect; $message['is_buy'] = intval($_REQUEST['is_buy']); $message['contact'] = $_REQUEST['contact'] ? htmlspecialchars(addslashes($_REQUEST['contact'])) : ''; $message['contact_name'] = $_REQUEST['contact_name'] ? htmlspecialchars(addslashes($_REQUEST['contact_name'])) : ''; if ($message['is_buy'] == 1) { if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "deal_order_item as doi left join " . DB_PREFIX . "deal_order as do on doi.order_id = do.id where doi.deal_id = " . intval($message['rel_id']) . " and do.user_id = " . intval($message['user_id']) . " and do.pay_status = 2") == 0) { showErr($GLOBALS['lang']['AFTER_BUY_MESSAGE_TIP'], $ajax); } } $message['point'] = intval($_REQUEST['point']); $GLOBALS['db']->autoExecute(DB_PREFIX . "message", $message); $message_id = intval($GLOBALS['db']->insert_id()); if ($message['is_buy'] == 1) { $message_id = $GLOBALS['db']->insert_id(); $attach_list = get_topic_attach_list(); $deal_info = $GLOBALS['db']->getRow("select id,is_shop,name,sub_name from " . DB_PREFIX . "deal where id = " . $rel_id); if ($deal_info['is_shop'] == 0) { $url_route = array('rel_app_index' => 'tuan', 'rel_route' => 'deal', 'rel_param' => 'id=' . $deal_info['id']); $type = "tuancomment"; $locations = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "deal_location_link where deal_id = " . $deal_info['id']); $dp_title = "对" . $deal_info['sub_name'] . "的消费点评"; foreach ($locations as $location) { insert_dp($dp_title, $message['content'], $location['location_id'], $message['point'], $is_buy = 1, $from = "tuan", $url_route, $message_id); } } if ($deal_info['is_shop'] == 1) { $url_route = array('rel_app_index' => 'shop', 'rel_route' => 'goods', 'rel_param' => 'id=' . $deal_info['id']); $type = "shopcomment"; } if ($deal_info['is_shop'] == 2) { $url_route = array('rel_app_index' => 'youhui', 'rel_route' => 'ydetail', 'rel_param' => 'id=' . $deal_info['id']); $type = "youhuicomment"; } increase_user_active(intval($GLOBALS['user_info']['id']), "点评了一个团购"); $title = "对" . $deal_info['sub_name'] . "发表了点评"; $tid = insert_topic($message['content'], $title, $type, "share", $relay_id = 0, $fav_id = 0, $group_data = "", $attach_list = array(), $url_route); if ($tid) { $GLOBALS['db']->query("update " . DB_PREFIX . "topic set source_name = '网站' where id = " . intval($tid)); } } showSuccess($GLOBALS['lang']['MESSAGE_POST_SUCCESS'], $ajax); }
public function index() { $field = es_cookie::get("shop_sort_field"); $field_sort = es_cookie::get("shop_sort_type"); require APP_ROOT_PATH . 'app/Lib/page.php'; $level_list = load_auto_cache("level"); $GLOBALS['tmpl']->assign("level_list", $level_list['list']); if (check_ipop_limit(get_client_ip(), "transfer_status", 10)) { syn_transfer_status(); } if (trim($_REQUEST['cid']) == "last") { $cate_id = "-1"; $page_title = $GLOBALS['lang']['LAST_SUCCESS_DEALS'] . " - "; } else { $cate_id = intval($_REQUEST['cid']); } if ($cate_id == 0) { $page_title = $GLOBALS['lang']['ALL_TRANSFER'] . " - "; } $keywords = trim(htmlspecialchars($_REQUEST['keywords'])); $GLOBALS['tmpl']->assign("keywords", $keywords); $level = intval($_REQUEST['level']); $GLOBALS['tmpl']->assign("level", $level); $interest = intval($_REQUEST['interest']); $GLOBALS['tmpl']->assign("interest", $interest); $months = intval($_REQUEST['months']); $GLOBALS['tmpl']->assign("months", $months); $months_type = intval($_REQUEST['months_type']); $GLOBALS['tmpl']->assign("months_type", $months_type); $lefttime = intval($_REQUEST['lefttime']); $GLOBALS['tmpl']->assign("lefttime", $lefttime); $city = intval($_REQUEST['city']); $GLOBALS['tmpl']->assign("city_id", $city); $scity = intval($_REQUEST['scity']); $GLOBALS['tmpl']->assign("scity_id", $scity); //输出分类 $deal_cates_db = load_auto_cache("cache_deal_cate"); $deal_cates = array(); foreach ($deal_cates_db as $k => $v) { if ($cate_id == $v['id']) { $v['current'] = 1; $page_title = $v['name'] . " - "; } $v['url'] = url("index", "transfer", array("cid" => $v['id'])); $deal_cates[] = $v; } unset($deal_cates_db); //输出投标列表 $page = intval($_REQUEST['p']); if ($page == 0) { $page = 1; } $page_args = array(); $sfield = ""; switch ($field) { case "borrow_amount": $sfield = "dlt.transfer_amount"; break; case "rate": $sfield = "d.rate"; break; case "repay_time": $sfield = "dlt.last_repay_time"; break; case "remain_time": $sfield = "dlt.near_repay_time"; break; default: $sfield = ""; } $condition = " AND dlt.status=1 "; if ($cate_id > 0) { $condition .= "AND d.deal_status >=4 and cate_id=" . $cate_id; if ($sfield && $field_sort) { $orderby = "{$sfield} {$field_sort} ,d.deal_status desc , d.sort DESC,d.id DESC"; } else { $orderby = "d.update_time DESC ,d.sort DESC,d.id DESC"; } } elseif ($cate_id == 0) { if ($sfield && $field_sort) { $orderby = "{$sfield} {$field_sort}, dlt.create_time DESC , dlt.id DESC "; } else { $orderby = " d.create_time DESC , dlt.id DESC"; } } elseif ($cate_id == "-1") { $condition .= "AND d.deal_status >=4 AND dlt.t_user_id > 0 "; $orderby = "dlt.transfer_time DESC,d.create_time DESC , dlt.id DESC"; } if ($keywords) { $kw_unicode = str_to_unicode_string($keywords); $condition .= " and (match(d.name_match,d.deal_cate_match,d.tag_match,d.type_match) against('" . $kw_unicode . "' IN BOOLEAN MODE))"; } if ($level > 0) { $point = $level_list['point'][$level]; $condition .= " AND d.user_id in(SELECT u.id FROM " . DB_PREFIX . "user u LEFT JOIN " . DB_PREFIX . "user_level ul ON ul.id=u.level_id WHERE ul.point >= {$point})"; } if ($interest > 0) { $condition .= " AND d.rate >= " . $interest; } if ($months > 0) { if ($months == 12) { $condition .= " AND d.repay_time <= " . $months; } elseif ($months == 18) { $condition .= " AND d.repay_time >= " . $months; } } if ($months_type > 0) { if ($months_type == 1) { $condition .= " AND ((d.repay_time < 3 and d.repay_time_type = 1) or d.repay_time_type = 0) "; } else { if ($months_type == 2) { $condition .= " AND d.repay_time in (3,4,5) and d.repay_time_type = 1 "; } else { if ($months_type == 3) { $condition .= " AND d.repay_time in (6,7,8) and d.repay_time_type = 1 "; } else { if ($months_type == 4) { $condition .= " AND d.repay_time in (9,10,11) and d.repay_time_type = 1 "; } else { $condition .= " AND d.repay_time >= 12 and d.repay_time_type = 1 "; } } } } } if ($city > 0) { if ($scity > 0) { $dealid_list = $GLOBALS['db']->getAll("SELECT deal_id FROM " . DB_PREFIX . "deal_city_link where city_id = " . $scity); } else { $dealid_list = $GLOBALS['db']->getAll("SELECT deal_id FROM " . DB_PREFIX . "deal_city_link where city_id = " . $city); } $flatmap = array_map("array_pop", $dealid_list); $s2 = implode(',', $flatmap); $condition .= " AND id in (" . $s2 . ") "; } if ($lefttime > 0) { $condition .= " AND (d.next_repay_time + 24*3600 - 1 - " . TIME_UTC . ") <= " . $lefttime * 24 * 3600 . " AND dlt.t_user_id = 0 "; } if (es_cookie::get("shop_sort_field") == "ulevel") { $union_sql = ' LEFT join ' . DB_PREFIX . 'user u ON d.user_id = u.id '; $extfield = ",u.level_id "; } $limit = ($page - 1) * app_conf("DEAL_PAGE_SIZE") . "," . app_conf("DEAL_PAGE_SIZE"); $result = get_transfer_list($limit, $condition, $extfield, $union_sql, $orderby); if ($result['rs_count'] > 0) { $page_args['cid'] = $cate_id; $page_args['keywords'] = $keywords; $page_args['level'] = $level; $page_args['interest'] = $interest; $page_args['months'] = $months; $page_args['lefttime'] = $lefttime; $page_args['months_type'] = $months_type; $page_args['city'] = $city; $page_pram = ""; foreach ($page_args as $k => $v) { $page_pram .= "&" . $k . "=" . $v; } $page = new Page($result['rs_count'], app_conf("DEAL_PAGE_SIZE"), $page_pram); //初始化分页对象 $p = $page->show(); $GLOBALS['tmpl']->assign('pages', $p); $GLOBALS['tmpl']->assign('transfer_list', $result['list']); } //分类 $cate_list_url = array(); $tmp_args = $page_args; $tmp_args['cid'] = 0; $cate_list_url[0]['url'] = url("index", "deals#index", $tmp_args); $cate_list_url[0]['name'] = "不限"; $cate_list_url[0]['id'] = 0; foreach ($deal_cates as $k => $v) { $cate_list_url[$k + 1] = $v; $tmp_args = $page_args; $tmp_args['cid'] = $v['id']; $cate_list_url[$k + 1]['url'] = url("index", "transfer#index", $tmp_args); } $GLOBALS['tmpl']->assign('cate_list_url', $cate_list_url); //利率 $interest_url = array(array("interest" => 0, "name" => "不限"), array("interest" => 10, "name" => "10%"), array("interest" => 12, "name" => "12%"), array("interest" => 15, "name" => "15%"), array("interest" => 18, "name" => "18")); foreach ($interest_url as $k => $v) { $tmp_args = $page_args; $tmp_args['interest'] = $v['interest']; $interest_url[$k]['url'] = url("index", "transfer#index", $tmp_args); } $GLOBALS['tmpl']->assign('interest_url', $interest_url); //几天内 $lefttime_url = array(array("lefttime" => 0, "name" => "不限"), array("lefttime" => 1, "name" => "1天"), array("lefttime" => 3, "name" => "3天"), array("lefttime" => 6, "name" => "6天"), array("lefttime" => 9, "name" => "9天"), array("lefttime" => 12, "name" => "12天")); foreach ($lefttime_url as $k => $v) { $tmp_args = $page_args; $tmp_args['lefttime'] = $v['lefttime']; $lefttime_url[$k]['url'] = url("index", "transfer#index", $tmp_args); } $GLOBALS['tmpl']->assign('lefttime_url', $lefttime_url); //借款期限 $months_type_url = array(array("name" => "不限"), array("name" => "3 个月以下"), array("name" => "3-6 个月"), array("name" => "6-9 个月"), array("name" => "9-12 个月"), array("name" => "12 个月以上")); foreach ($months_type_url as $k => $v) { $tmp_args = $page_args; $tmp_args['months_type'] = $k; $months_type_url[$k]['url'] = url("index", "transfer#index", $tmp_args); } $GLOBALS['tmpl']->assign('months_type_url', $months_type_url); //城市 $temp_city_urls = load_auto_cache("deal_city"); $city_urls[0]['id'] = 0; $city_urls[0]['name'] = "全部"; if (count($temp_city_urls) == 1) { $temp_city_urls = $temp_city_urls[key($temp_city_urls)]['child']; } $temp_city_urls = array_merge($city_urls, $temp_city_urls); $city_urls = array(); foreach ($temp_city_urls as $k => $v) { $city_urls[$v['id']] = $v; $tmp_args = $page_args; $tmp_args['city'] = $v['id']; $city_urls[$v['id']]['url'] = url("index", "transfer#index", $tmp_args); } $GLOBALS['tmpl']->assign('city_urls', $city_urls); $sub_citys = $city_urls[$city]['child']; foreach ($sub_citys as $k => $v) { $tmp_args = $page_args; $tmp_args['city'] = $v['pid']; $tmp_args['scity'] = $v['id']; $sub_citys[$k]['url'] = url("index", "transfer#index", $tmp_args); } $GLOBALS['tmpl']->assign('sub_citys', $sub_citys); //使用技巧 $use_tech_list = get_article_list(4, 6); $GLOBALS['tmpl']->assign("use_tech_list", $use_tech_list); //输出公告 $notice_list = get_notice(3); $GLOBALS['tmpl']->assign("notice_list", $notice_list); //会员等级 $level_list_url = array(); $tmp_args = $page_args; $tmp_args['level'] = 0; $level_list_url[0]['url'] = url("index", "deals#index", $tmp_args); $level_list_url[0]['name'] = "不限"; foreach ($level_list['list'] as $k => $v) { $tmp_args = $page_args; $tmp_args['level'] = $v['id']; $level_list_url[$k + 1] = $v; $level_list_url[$k + 1]['url'] = url("index", "deals#index", $tmp_args); } $GLOBALS['tmpl']->assign('level_list_url', $level_list_url); $GLOBALS['tmpl']->assign("page_title", $page_title . $GLOBALS['lang']['FINANCIAL_MANAGEMENT']); $GLOBALS['tmpl']->assign("cate_id", $cate_id); $GLOBALS['tmpl']->assign("cid", strim($_REQUEST['cid'])); $GLOBALS['tmpl']->assign("keywords", $keywords); $GLOBALS['tmpl']->assign("deal_cate_list", $deal_cates); $GLOBALS['tmpl']->assign("field", $field); $GLOBALS['tmpl']->assign("field_sort", $field_sort); $GLOBALS['tmpl']->display("page/transfers.html"); }
/** * 发送手机验证码 */ public function send_sms_code() { $verify_code = strim($_REQUEST['verify_code']); $mobile_phone = strim($_REQUEST['mobile']); if ($mobile_phone == "") { $data['status'] = false; $data['info'] = "请输入手机号"; $data['field'] = "user_mobile"; ajax_return($data); } if (!check_mobile($mobile_phone)) { $data['status'] = false; $data['info'] = "手机号格式不正确"; $data['field'] = "user_mobile"; ajax_return($data); } if (intval($_REQUEST['unique']) == 1) { if (intval($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "supplier_submit where account_mobile = '" . $mobile_phone . "'")) > 0) { $data['status'] = false; $data['info'] = "手机号已被注册"; $data['field'] = "account_mobile"; ajax_return($data); } } $sms_ipcount = load_sms_ipcount(); if ($sms_ipcount > 1) { //需要图形验证码 if (es_session::get("verify") != md5($verify_code)) { $data['status'] = false; $data['info'] = "验证码错误"; $data['field'] = "verify_code"; ajax_return($data); } } if (!check_ipop_limit(CLIENT_IP, "send_sms_code", SMS_TIMESPAN)) { showErr("请勿频繁发送短信", 1); } //删除失效验证码 $sql = "DELETE FROM " . DB_PREFIX . "sms_mobile_verify WHERE add_time <=" . (NOW_TIME - SMS_EXPIRESPAN); $GLOBALS['db']->query($sql); $mobile_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "sms_mobile_verify where mobile_phone = '" . $mobile_phone . "'"); if ($mobile_data) { //重新发送未失效的验证码 $code = $mobile_data['code']; $mobile_data['add_time'] = NOW_TIME; $GLOBALS['db']->query("update " . DB_PREFIX . "sms_mobile_verify set add_time = '" . $mobile_data['add_time'] . "',send_count = send_count + 1 where mobile_phone = '" . $mobile_phone . "'"); } else { $code = rand(100000, 999999); $mobile_data['mobile_phone'] = $mobile_phone; $mobile_data['add_time'] = NOW_TIME; $mobile_data['code'] = $code; $mobile_data['ip'] = CLIENT_IP; $GLOBALS['db']->autoExecute(DB_PREFIX . "sms_mobile_verify", $mobile_data, "INSERT", "", "SILENT"); } send_verify_sms($mobile_phone, $code); es_session::delete("verify"); //删除图形验证码 $data['status'] = true; $data['info'] = "发送成功"; $data['lesstime'] = SMS_TIMESPAN - (NOW_TIME - $mobile_data['add_time']); //剩余时间 $data['sms_ipcount'] = load_sms_ipcount(); ajax_return($data); }
public function save_zhg_bind() { $ajax = intval($_REQUEST['ajax']); $GLOBALS['tmpl']->assign("page_title", "众股平台账户绑定"); if (!$GLOBALS['user_info']) { app_redirect(url("user#login")); } if (!check_ipop_limit(get_client_ip(), "setting_zhg_bind", 5)) { showErr("提交太频繁", $ajax, ""); } require_once APP_ROOT_PATH . "system/libs/user.php"; $user_data = array(); $user_data["zhg_id"] = intval(strim($_REQUEST['zhg_id'])); $user_data["zhg_name"] = strim($_REQUEST['zhg_name']); $GLOBALS['db']->autoExecute(DB_PREFIX . "user", $user_data, "UPDATE", "id=" . intval($GLOBALS['user_info']['id'])); showSuccess("信息保存成功", $ajax, url('settings#zhg_bind')); }