/**
* 对输出编码
*
* @access public
* @param string $str
* @return string
*/
function encode_output($str)
{
if (EC_CHARSET != 'utf-8') {
$str = ecs_iconv(EC_CHARSET, 'utf-8', $str);
}
return htmlspecialchars($str);
}
function show_json(&$json, $array, $convert = false)
{
$json_str = $json->encode($array, false);
if (!$convert && defined('EC_CHARSET') && EC_CHARSET == 'gbk') {
$json_str = ecs_iconv('UTF-8', 'GBK', $json_str);
}
@header('Content-type:text/html; charset=' . EC_CHARSET);
exit($json_str);
}
/**
* 检查指定用户是否存在及密码是否正确(重载基类check_user函数,支持zc加密方法)
*
* @access public
* @param string $username 用户名
*
* @return int
*/
function check_user($username, $password = null)
{
if ($this->charset != 'UTF8') {
$post_username = ecs_iconv('UTF8', $this->charset, $username);
} else {
$post_username = $username;
}
if ($password === null) {
$sql = "SELECT " . $this->field_id . " FROM " . $this->table($this->user_table) . " WHERE " . $this->field_name . "='" . $post_username . "'";
return $this->db->getOne($sql);
} else {
$sql = "SELECT user_id, password, salt " . " FROM " . $this->table($this->user_table) . " WHERE user_name='{$post_username}'";
$row = $this->db->getRow($sql);
if (empty($row)) {
return 0;
}
if (empty($row['salt'])) {
if ($row['password'] != $this->compile_password(array('password' => $password))) {
return 0;
} else {
return $row['user_id'];
}
} else {
/* 如果salt存在,使用salt方式加密验证,验证通过洗白用户密码 */
$encrypt_type = substr($row['salt'], 0, 1);
$encrypt_salt = substr($row['salt'], 1);
/* 计算加密后密码 */
$encrypt_password = '';
switch ($encrypt_type) {
case ENCRYPT_ZC:
$encrypt_password = md5($encrypt_salt . $password);
break;
/* 如果还有其他加密方式添加到这里 */
//case other :
// ----------------------------------
// break;
/* 如果还有其他加密方式添加到这里 */
//case other :
// ----------------------------------
// break;
case ENCRYPT_UC:
$encrypt_password = md5(md5($password) . $encrypt_salt);
break;
default:
$encrypt_password = '';
}
if ($row['password'] != $encrypt_password) {
return 0;
}
$sql = "UPDATE " . $this->table($this->user_table) . " SET password = '******'password' => $password)) . "', salt=''" . " WHERE user_id = '{$row['user_id']}'";
$this->db->query($sql);
return $row['user_id'];
}
}
}
/**
* 生成支付代码
* @param array $order 订单信息
* @param array $payment 支付方式信息
*/
function get_code($order, $payment)
{
$cmd_no = '1';
/* 获得订单的流水号,补零到10位 */
$sp_billno = $order['order_sn'];
/* 交易日期 */
$today = date('Ymd');
/* 将商户号+年月日+流水号 */
$bill_no = str_pad($order['log_id'], 10, 0, STR_PAD_LEFT);
$transaction_id = $payment['tenpay_account'] . $today . $bill_no;
/* 银行类型:支持纯网关和财付通 */
$bank_type = '0';
/* 订单描述,用订单号替代 */
if (!empty($order['order_id'])) {
//$desc = get_goods_name_by_id($order['order_id']);
$desc = $order['order_sn'];
$attach = '';
} else {
$desc = $GLOBALS['_LANG']['account_voucher'];
$attach = 'voucher';
}
/* 编码标准 */
if (!defined('EC_CHARSET') || EC_CHARSET == 'utf-8') {
$desc = ecs_iconv('utf-8', 'gbk', $desc);
}
/* 返回的路径 */
$return_url = return_url('tenpay');
/* 总金额 */
$total_fee = floatval($order['order_amount']) * 100;
/* 货币类型 */
$fee_type = '1';
/* 财付通风险防范参数 */
$spbill_create_ip = $_SERVER['REMOTE_ADDR'];
/* 数字签名 */
$sign_text = "cmdno=" . $cmd_no . "&date=" . $today . "&bargainor_id=" . $payment['tenpay_account'] . "&transaction_id=" . $transaction_id . "&sp_billno=" . $sp_billno . "&total_fee=" . $total_fee . "&fee_type=" . $fee_type . "&return_url=" . $return_url . "&attach=" . $attach . "&spbill_create_ip=" . $spbill_create_ip . "&key=" . $payment['tenpay_key'];
$sign = strtoupper(md5($sign_text));
/* 交易参数 */
$parameter = array('cmdno' => $cmd_no, 'date' => $today, 'bank_type' => $bank_type, 'desc' => $desc, 'purchaser_id' => '', 'bargainor_id' => $payment['tenpay_account'], 'transaction_id' => $transaction_id, 'sp_billno' => $sp_billno, 'total_fee' => $total_fee, 'fee_type' => $fee_type, 'return_url' => $return_url, 'attach' => $attach, 'sign' => $sign, 'spbill_create_ip' => $spbill_create_ip, 'sys_id' => '542554970', 'sp_suggestuser' => '1202822001');
$button = '<br /><form style="text-align:center;" action="https://www.tenpay.com/cgi-bin/v1.0/pay_gate.cgi" target="_blank" style="margin:0px;padding:0px" >';
foreach ($parameter as $key => $val) {
$button .= "<input type='hidden' name='{$key}' value='{$val}' />";
}
$button .= '<input type="image" src="' . $GLOBALS['ecs']->url() . 'images/tenpay.gif" value="' . $GLOBALS['_LANG']['pay_button'] . '" /></form><br />';
return $button;
}
/**
* 生成支付代码
* @param array $order 订单信息
* @param array $payment 支付方式信息
*/
function get_code($order, $payment)
{
$cmd_no = '1';
/* 获得订单的流水号,补零到10位 */
$sp_billno = $order['order_sn'];
/* 交易日期 */
$today = date('Ymd');
/* 将商户号+年月日+流水号 */
$bill_no = str_pad($order['log_id'], 10, 0, STR_PAD_LEFT);
$transaction_id = $payment['tenpay_account'].$today.$bill_no;
/* 银行类型:支持纯网关和财付通 */
$bank_type = '0';
/* 订单描述,用订单号替代 */
if (!empty($order['order_id']))
{
//$desc = get_goods_name_by_id($order['order_id']);
$desc = $order['order_sn'];
$attach = '';
}
else
{
$desc = $GLOBALS['_LANG']['account_voucher'];
$attach = 'voucher';
}
/* 编码标准 */
if (!defined('EC_CHARSET') || EC_CHARSET == 'utf-8')
{
$desc = ecs_iconv('utf-8', 'gbk', $desc);
}
/* 返回的路径 */
$return_url = return_url('tenpay');
/* 总金额 */
$total_fee = floatval($order['order_amount']) * 100;
/* 货币类型 */
$fee_type = '1';
/* 重写自定义签名 */
//$payment['magic_string'] = abs(crc32($payment['magic_string']));
/* 数字签名 */
$sign_text = "cmdno=" . $cmd_no . "&date=" . $today . "&bargainor_id=" . $payment['tenpay_account'] .
"&transaction_id=" . $transaction_id . "&sp_billno=" . $sp_billno .
"&total_fee=" . $total_fee . "&fee_type=" . $fee_type . "&return_url=" . $return_url .
"&attach=" . $attach . "&key=" . $payment['tenpay_key'];
$sign = strtoupper(md5($sign_text));
/* 交易参数 */
$parameter = array(
'cmdno' => $cmd_no, // 业务代码, 财付通支付支付接口填 1
'date' => $today, // 商户日期:如20051212
'bank_type' => $bank_type, // 银行类型:支持纯网关和财付通
'desc' => $desc, // 交易的商品名称
'purchaser_id' => '', // 用户(买方)的财付通帐户,可以为空
'bargainor_id' => $payment['tenpay_account'], // 商家的财付通商户号
'transaction_id' => $transaction_id, // 交易号(订单号),由商户网站产生(建议顺序累加)
'sp_billno' => $sp_billno, // 商户系统内部的定单号,最多10位
'total_fee' => $total_fee, // 订单金额
'fee_type' => $fee_type, // 现金支付币种
'return_url' => $return_url, // 接收财付通返回结果的URL
'attach' => $attach, // 用户自定义签名
'sign' => $sign, // MD5签名
'sys_id' => '542554970', //ecshop C账号 不参与签名
'sp_suggestuser' => '1202822001' //财付通分配的商户号
);
$button = '<br /><form style="text-align:center;" action="https://www.tenpay.com/cgi-bin/v1.0/pay_gate.cgi" target="_blank" style="margin:0px;padding:0px" >';
foreach ($parameter AS $key=>$val)
{
$button .= "<input type='hidden' name='$key' value='$val' />";
}
$button .= '<input type="image" src="'. $GLOBALS['ecs']->url() .'images/tenpay.gif" value="' .$GLOBALS['_LANG']['pay_button']. '" /></form><br />';
return $button;
}
foreach ($price_list as $attr_price) {
if ($attr_price['attr']) {
$sql = "SELECT attr_value FROM " . $ecs->table('goods_attr') . " WHERE goods_attr_id " . db_create_in($attr_price['attr']);
$goods_attr = join(',', $db->getCol($sql));
} else {
$goods_attr = '';
}
foreach ($attr_price['qp_list'] as $qp) {
$data .= $row['goods_name'] . "\t" . $goods_attr . "\t" . $qp['quantity'] . "\t" . $qp['price'] . "\t\n";
}
}
}
header("Content-type: application/vnd.ms-excel; charset=utf-8");
header("Content-Disposition: attachment; filename=price_list.xls");
if (EC_CHARSET == 'utf-8') {
echo ecs_iconv('UTF8', 'GB2312', $data);
} else {
echo $data;
}
} elseif ($_REQUEST['act'] == 'add_to_cart') {
/* 取得参数 */
$act_id = intval($_POST['act_id']);
$goods_number = $_POST['goods_number'][$act_id];
$attr_id = isset($_POST['attr_id']) ? $_POST['attr_id'] : array();
if (isset($attr_id[$act_id])) {
$goods_attr = $attr_id[$act_id];
}
/* 用户提交必须全部通过检查,才能视为完成操作 */
/* 检查数量 */
if (empty($goods_number) || is_array($goods_number) && array_sum($goods_number) <= 0) {
show_message($_LANG['ws_invalid_goods_number']);
/**
* 循环转码成utf8内容
*
* @param string $str
* @return string
*/
function to_utf8_iconv($str)
{
if (EC_CHARSET != 'utf-8')
{
if (is_string($str))
{
return ecs_iconv(EC_CHARSET, 'utf-8', $str);
}
elseif (is_array($str))
{
foreach ($str as $key => $value)
{
$str[$key] = to_utf8_iconv($value);
}
return $str;
}
elseif (is_object($str))
{
foreach ($str as $key => $value)
{
$str->$key = to_utf8_iconv($value);
}
return $str;
}
else
{
return $str;
}
}
return $str;
}
function hmac($data, $key)
{
// RFC 2104 HMAC implementation for php.
// Creates an md5 HMAC.
// Eliminates the need to install mhash to compute a HMAC
// Hacked by Lance Rushing(NOTE: Hacked means written)
$key = ecs_iconv('GB2312', 'UTF8', $key);
$data = ecs_iconv('GB2312', 'UTF8', $data);
$b = 64;
// byte length for md5
if (strlen($key) > $b) {
$key = pack('H*', md5($key));
}
$key = str_pad($key, $b, chr(0x0));
$ipad = str_pad('', $b, chr(0x36));
$opad = str_pad('', $b, chr(0x5c));
$k_ipad = $key ^ $ipad;
$k_opad = $key ^ $opad;
return md5($k_opad . pack('H*', md5($k_ipad . $data)));
}
header("Content-Type: application/unknown");
die($file);
} elseif ($_REQUEST['act'] == 'exportRank') {
$content = "学号,姓名,总分,排名 \r\n";
$sdate = empty($_REQUEST['search_sdate']) ? '' : trim($_REQUEST['search_sdate']);
//起始日期
$edate = empty($_REQUEST['search_edate']) ? '' : trim($_REQUEST['search_edate']);
//截止日期
$sql = "select d.student_code, s.name as student_name, sum(d.score) as total from " . $GLOBALS['ecs']->table("duty") . " d \r\n\t\t\tleft join " . $ecs->table("student") . " s on s.code=d.student_code and s.class_code='" . $class_code . "' \r\n\t\t\tWHERE d.date_ between '" . $sdate . "' and '" . $edate . "' and d.class_code='" . $class_code . "' \r\n \t\t\tgroup by d.student_code order by total desc";
$rows = $db->getAll($sql);
$i = 1;
foreach ($rows as $k => $v) {
$content .= $v["student_code"] . "," . $v["student_name"] . "," . $v["total"] . "," . $i++ . "\r\n";
}
$charset = empty($_REQUEST['charset']) ? 'UTF8' : trim($_REQUEST['charset']);
$file = ecs_iconv(EC_CHARSET, $charset, $content);
header("Content-Disposition: attachment; filename=" . $sdate . "To" . $edate . "Duty Rank.csv");
header("Content-Type: application/unknown;charset=utf-8");
die($file);
}
/**
* 返回班级管理员列表数据
*
* @access public
* @param
*
* @return void
*/
function duty_list()
{
$result = get_filter();
function export_invoice_to_excel($rows)
{
/*导出发票列表*/
if (is_array($rows) && count($rows) > 0) {
$filename = '发票列表' . date('Ymd') . '.xls';
$filename = iconv(mb_detect_encoding($filename, mb_detect_order(), true), "gbk", $filename);
header("Content-Disposition: attachment; filename={$filename}");
header("Content-type:application/vnd.ms-excel; charset=gbk");
$data .= '<table border="1">';
$data .= '<tr><th>订单号</th><th>下单时间</th><th>发票状态</th>' . '<th>发票类型</th><th>发票抬头</th><th>发票内容</th>' . '<th>单位名称</th><th>纳税人识别号</th><th>注册地址</th>' . '<th>注册电话</th><th>开户银行</td><th>银行账户</th>' . '<th>收票人姓名</th><th>收票人手机</th><th>收票人地址</th><th>发票金额</th></tr>';
foreach ($rows as $key => $val) {
$data .= '<tr>';
foreach ($val as $key1 => $item) {
if ($key1 == 'order_sn') {
$data .= '<td style=\'mso-number-format:"\\@";\'>' . $item . '</td>';
} else {
$data .= '<td>' . $item . '</td>';
}
}
$data .= '</tr>';
}
$data .= "</table>";
if (EC_CHARSET != 'gbk') {
echo ecs_iconv(EC_CHARSET, 'gbk', $data) . "\t";
} else {
echo $data . "\t";
}
}
}
$sql = 'SELECT mobile_phone FROM ' . $ecs->table('users') . " WHERE mobile_phone <>'' AND user_rank = '" . $rank_array['1'] . "'";
} else {
$sql = 'SELECT mobile_phone FROM ' . $ecs->table('users') . "WHERE mobile_phone <>'' AND rank_points > " . $rank_row['min_points'] . " AND rank_points < " . $rank_row['max_points'] . " ";
}
$row = $db->query($sql);
while ($rank_rs = $db->fetch_array($row)) {
$value[] = $rank_rs['mobile_phone'];
}
}
if (isset($value)) {
$phone .= implode(',', $value);
}
}
$msg = isset($_POST['msg']) ? $_POST['msg'] : '';
if (EC_CHARSET != 'utf-8') {
$msg = ecs_iconv(EC_CHARSET, 'utf-8', $msg);
}
$send_date = isset($_POST['send_date']) ? $_POST['send_date'] : '';
$result = $sms->send($phone, $msg, $send_date, $send_num = 13);
$link[] = array('text' => $_LANG['back'] . $_LANG['03_sms_send'], 'href' => 'sms.php?act=display_send_ui');
if ($result === true) {
sys_msg($_LANG['send_ok'], 0, $link);
} else {
@($error_detail = $_LANG['server_errors'][$sms->errors['server_errors']['error_no']] . $_LANG['api_errors']['send'][$sms->errors['api_errors']['error_no']]);
sys_msg($_LANG['send_error'] . $error_detail, 1, $link);
}
break;
// /* 显示发送记录的查询界面,如果尚未注册或启用短信服务则显示注册界面。 */
// case 'display_send_history_ui' :
// /* 检查权限 */
// admin_priv('send_history');
/**
* 订单
*/
function process_order()
{
global $db, $ecs;
/* 清空订单、订单商品 */
truncate_table('order_info');
truncate_table('order_goods');
truncate_table('order_action');
/* 订单 */
$sql = "SELECT o.* FROM " . $this->sprefix . "orders AS o ";
$res = $this->sdb->query($sql);
while ($row = $this->sdb->fetchRow($res)) {
$order = array();
$order['order_sn'] = $row['order_id'];
$order['user_id'] = $row['member_id'];
$order['add_time'] = $row['createtime'];
$order['consignee'] = ecs_iconv($this->scharset, $this->tcharset, addslashes($row['consignee']));
$order['address'] = ecs_iconv($this->scharset, $this->tcharset, addslashes($row['ship_addr']));
$order['zipcode'] = $row['ship_zip'];
$order['tel'] = $row['ship_tel'];
$order['mobile'] = $row['ship_mobile'];
$order['email'] = $row['ship_email'];
$order['postscript'] = ecs_iconv($this->scharset, $this->tcharset, addslashes($row['memo']));
$order['shipping_name'] = ecs_iconv($this->scharset, $this->tcharset, addslashes($row['ship_name']));
$order['pay_name'] = ecs_iconv($this->scharset, $this->tcharset, addslashes($row['shipping']));
$order['inv_payee'] = ecs_iconv($this->scharset, $this->tcharset, addslashes($row['tax_company']));
$order['goods_amount'] = $row['total_amount'];
$order['shipping_fee'] = $row['cost_freight'];
$order['order_amount'] = $row['final_amount'];
$order['pay_time'] = $row['paytime'];
$order['shipping_time'] = $row['acttime'];
/* 状态 */
if ($row['ordstate'] == '0') {
$order['order_status'] = OS_UNCONFIRMED;
$order['shipping_status'] = SS_UNSHIPPED;
} elseif ($row['ordstate'] == '1') {
$order['order_status'] = OS_CONFIRMED;
$order['shipping_status'] = SS_UNSHIPPED;
} elseif ($row['ordstate'] == '9') {
$order['order_status'] = OS_INVALID;
$order['shipping_status'] = SS_UNSHIPPED;
} else {
$order['order_status'] = OS_CONFIRMED;
$order['shipping_status'] = SS_SHIPPED;
}
if ($row['pay_status'] == '1') {
$order['pay_status'] = PS_PAYED;
} else {
$order['pay_status'] = PS_UNPAYED;
}
if ($row['userrecsts'] == '1') {
if ($row['recsts'] == '1') {
if ($order['shipping_status'] == SS_SHIPPED) {
$order['shipping_status'] = SS_RECEIVED;
}
} elseif ($row['recsts'] == '2') {
$order['order_status'] = OS_CANCELED;
$order['pay_status'] = PS_UNPAYED;
$order['shipping_status'] = SS_UNSHIPPED;
}
}
if (!$db->autoExecute($ecs->table('order_info'), $order, 'INSERT', '', 'SILENT')) {
//return $db->error();
}
/* 订单商品 */
}
/* 返回 */
return TRUE;
}
public function index()
{
$ad_id = intval(I('get.ad_id'));
if (empty($ad_id)) {
$this->redirect(__URL__);
}
$act = !empty($_GET['act']) ? I('get.act') : '';
if ($act == 'js') {
/* 编码转换 */
if (empty($_GET['charset'])) {
$_GET['charset'] = 'UTF8';
}
header('Content-type: application/x-javascript; charset=' . ($_GET['charset'] == 'UTF8' ? 'utf-8' : $_GET['charset']));
$url = __URL__;
$str = "";
/* 取得广告的信息 */
$sql = 'SELECT ad.ad_id, ad.ad_name, ad.ad_link, ad.ad_code ' . 'FROM ' . $this->model->pre . 'touch_ad AS ad ' . 'LEFT JOIN ' . $this->model->pre . 'touch_ad_position AS p ON ad.position_id = p.position_id ' . "WHERE ad.ad_id = '{$ad_id}' and " . gmtime() . " >= ad.start_time and " . gmtime() . "<= ad.end_time";
$ad_info = $this->model->query($sql);
$ad_info = $ad_info[0];
if (!empty($ad_info)) {
/* 转换编码 */
if ($_GET['charset'] != 'UTF8') {
$ad_info['ad_name'] = ecs_iconv('UTF8', $_GET['charset'], $ad_info['ad_name']);
$ad_info['ad_code'] = ecs_iconv('UTF8', $_GET['charset'], $ad_info['ad_code']);
}
/* 初始化广告的类型和来源 */
$_GET['type'] = !empty($_GET['type']) ? intval($_GET['type']) : 0;
$_GET['from'] = !empty($_GET['from']) ? urlencode($_GET['from']) : '';
$str = '';
switch ($_GET['type']) {
case '0':
/* 图片广告 */
$src = strpos($ad_info['ad_code'], 'http://') === false && strpos($ad_info['ad_code'], 'https://') === false ? $url . "/{$ad_info['ad_code']}" : $ad_info['ad_code'];
$str = '<a href="' . $url . url('affiche/index', array('ad_id' => $ad_info['ad_id'])) . '&from=' . $_GET['from'] . '&uri=' . urlencode($ad_info['ad_link']) . '" target="_blank">' . '<img src="' . $src . '" border="0" alt="' . $ad_info['ad_name'] . '" /></a>';
break;
case '1':
/* Falsh广告 */
$src = strpos($ad_info['ad_code'], 'http://') === false && strpos($ad_info['ad_code'], 'https://') === false ? $url . '/' . $ad_info['ad_code'] : $ad_info['ad_code'];
$str = '<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0"> <param name="movie" value="' . $src . '"><param name="quality" value="high"><embed src="' . $src . '" quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash"></embed></object>';
break;
case '2':
/* 代码广告 */
$str = $ad_info['ad_code'];
break;
case 3:
/* 文字广告 */
$str = '<a href="' . url('affiche/index', array('ad_id' => $ad_info['ad_id'], 'from' => $_GET['from'], 'uri' => urlencode($ad_info['ad_link']))) . '" target="_blank">' . nl2br(htmlspecialchars(addslashes($ad_info['ad_code']))) . '</a>';
break;
}
}
echo "document.writeln('{$str}');";
} else {
$site_name = !empty($_GET['from']) ? htmlspecialchars(I('get.from')) : addslashes(L('self_site'));
/* 商品的ID */
$goods_id = !empty($_GET['goods_id']) ? intval(I('get.goods_id')) : 0;
/* 存入SESSION中,购物后一起存到订单数据表里 */
$_SESSION['from_ad'] = $ad_id;
$_SESSION['referer'] = stripslashes($site_name);
/* 如果是商品的站外JS */
if ($ad_id == '-1') {
$count = $this->model->table('touch_adsense')->where("from_ad = '-1' AND referer = '" . $site_name . "'")->count();
if ($count > 0) {
$sql = "UPDATE " . $this->model->pre . "touch_adsense SET clicks = clicks + 1 WHERE from_ad = '-1' AND referer = '" . $site_name . "'";
} else {
$sql = "INSERT INTO " . $this->model->pre . "touch_adsense (from_ad, referer, clicks) VALUES ('-1', '" . $site_name . "', '1')";
}
$this->model->query($sql);
$row = $this->model->table('goods')->field('goods_name')->where("goods_id = {$goods_id}")->find();
$uri = url('goods/index', array('id' => $goods_id));
$uri = str_replace('&', '&', $uri);
$this->redirect($uri);
exit;
} else {
/* 更新站内广告的点击次数 */
$this->model->query('UPDATE ' . $this->model->pre . "touch_ad SET click_count = click_count + 1 WHERE ad_id = '{$ad_id}'");
$count = $this->model->table('touch_adsense')->where("from_ad = '" . $ad_id . "' AND referer = '" . $site_name . "'")->count();
if ($count > 0) {
$sql = "UPDATE " . $this->model->pre . "touch_adsense SET clicks = clicks + 1 WHERE from_ad = '" . $ad_id . "' AND referer = '" . $site_name . "'";
} else {
$sql = "INSERT INTO " . $this->model->pre . "touch_adsense (from_ad, referer, clicks) VALUES ('" . $ad_id . "', '" . $site_name . "', '1')";
}
$this->model->query($sql);
$ad_info = $this->model->table('touch_ad')->field('*')->where('ad_id =' . $ad_id)->find();
/* 跳转到广告的链接页面 */
if (!empty($ad_info['ad_link'])) {
$uri = strpos($ad_info['ad_link'], 'http://') === false && strpos($ad_info['ad_link'], 'https://') === false ? __URL__ . urldecode($ad_info['ad_link']) : urldecode($ad_info['ad_link']);
} else {
$uri = __URL__;
}
$uri = str_replace('&', '&', $uri);
$this->redirect($uri);
exit;
}
}
}
function togbk($arr)
{
$type = gettype($arr);
switch ($type) {
case 'array':
$info = array();
foreach ($arr as $key => $val) {
$k = $this->togbk($key);
$v = $this->togbk($val);
$info[$k] = $v;
}
return $info;
break;
case 'object':
$info = array();
foreach (get_object_vars($arr) as $i => $val) {
$k = $this->togbk($i);
$v = $this->togbk($val);
$info[$k] = $v;
}
return $info;
break;
case 'string':
return ecs_iconv('UTF-8', 'GBK', $arr);
break;
default:
return ecs_iconv('UTF-8', 'GBK', $arr);
break;
}
return '';
}
function api_request($apiget)
{
global $t, $ecs_charset;
$api_comment = $t->request('http://cloud.ecshop.com/install_api.php', $apiget);
$api_str = $api_comment['body'];
include_once ROOT_PATH . 'includes/cls_json.php';
$json = new JSON();
$api_arr = array();
$api_arr = @$json->decode($api_str, 1);
if (!empty($api_arr) && $api_arr['error'] == 0 && md5($api_arr['content']) == $api_arr['hash']) {
$api_arr['content'] = urldecode($api_arr['content']);
if ($ecs_charset != 'UTF-8') {
$api_arr['content'] = ecs_iconv('UTF-8', $ecs_charset, $api_arr['content']);
}
return $api_arr['content'];
} else {
return false;
}
}
/**
* 将JSON传递的参数转码
*
* @param string $str
* @return string
*/
function json_str_iconv($str)
{
if (EC_CHARSET != 'utf-8') {
if (is_string($str)) {
return ecs_iconv('utf-8', EC_CHARSET, $str);
} elseif (is_array($str)) {
foreach ($str as $key => $value) {
$str[$key] = json_str_iconv($value);
}
return $str;
} elseif (is_object($str)) {
foreach ($str as $key => $value) {
$str->{$key} = json_str_iconv($value);
}
return $str;
} else {
return $str;
}
}
return $str;
}
/**
* 检查指定用户是否存在及密码是否正确
*
* @access public
* @param string $username 用户名
*
* @return int
*/
function check_user($username, $password = null)
{
if ($this->charset != 'UTF8') {
$post_username = ecs_iconv('UTF8', $this->charset, $username);
} else {
$post_username = $username;
}
if ($password === null) {
$sql = "SELECT " . $this->field_id . " FROM " . $this->table($this->user_table) . " WHERE " . $this->field_name . "='" . $post_username . "'";
return $this->db->getOne($sql);
} else {
$sql = "SELECT " . $this->field_id . " AS user_id, " . $this->field_pass . " AS password, salt" . " FROM " . $this->table($this->user_table) . " WHERE " . $this->field_name . "='" . $post_username . "'";
$row = $this->db->getRow($sql);
if (empty($row)) {
return 0;
}
if ($row['password'] != $this->compile_password(array('type' => PWD_SUF_SALT, 'password' => $password, 'salt' => $row['salt']))) {
return 0;
}
return $row['user_id'];
}
}
$data .= $_LANG['date'] . "\t";
$data .= $_LANG['access_count'] . "\t\n";
while ($val = $GLOBALS['db']->fetchRow($res)) {
$val['access_date'] = gmdate('m-d', $val['access_time'] + $timezone * 3600);
$data .= $val['access_date'] . "\t";
$data .= $val['access_count'] . "\t\n";
}
$sql = 'SELECT COUNT(*) AS access_count, area FROM ' . $GLOBALS['ecs']->table('stats') . " WHERE access_time >= '{$start_date}' AND access_time <= " . ($end_date + 86400) . ' GROUP BY area ORDER BY access_count DESC LIMIT 20';
$res = $GLOBALS['db']->query($sql);
$data .= $_LANG['area_stats'] . "\t\n";
$data .= $_LANG['area'] . "\t";
$data .= $_LANG['access_count'] . "\t\n";
while ($val = $GLOBALS['db']->fetchRow($res)) {
$data .= $val['area'] . "\t";
$data .= $val['access_count'] . "\t\n";
}
$sql = 'SELECT COUNT(*) AS access_count, referer_domain FROM ' . $GLOBALS['ecs']->table('stats') . " WHERE access_time >= '{$start_date}' AND access_time <= " . ($end_date + 86400) . ' GROUP BY referer_domain ORDER BY access_count DESC LIMIT 20';
$res = $GLOBALS['db']->query($sql);
$data .= "\n" . $_LANG['from_stats'] . "\t\n";
$data .= $_LANG['url'] . "\t";
$data .= $_LANG['access_count'] . "\t\n";
while ($val = $GLOBALS['db']->fetchRow($res)) {
$data .= ($val['referer_domain'] == '' ? $_LANG['input_url'] : $val['referer_domain']) . "\t";
$data .= $val['access_count'] . "\t\n";
}
if (EC_CHARSET != 'gbk') {
echo ecs_iconv(EC_CHARSET, 'gbk', $data) . "\t";
} else {
echo $data . "\t";
}
}
/**
* 添加新用户的函数
*
* @access public
* @param string username 用户名
* @param string password 登录密码
* @param string email 邮件地址
* @param string bday 生日
* @param string gender 性别
* @return int 返回最新的ID
*/
function add_user($username, $password, $email, $gender = -1, $bday = 0, $reg_date = 0, $md5password = '')
{
$result = parent::add_user($username, $password, $email, $gender, $bday, $reg_date, $md5password);
if (!$result) {
return false;
}
/* 获得默认的用户组 */
$sql = 'SELECT groupid FROM ' . $this->table('usergroups') . ' WHERE creditshigher <= 0 AND creditslower > 0';
$grp = $this->db->getOne($sql);
if ($this->charset != 'UTF8') {
$username = ecs_iconv('UTF8', $this->charset, $username);
}
/* 更新组id */
$sql = "UPDATE " . $this->table($this->user_table) . " SET groupid= '{$grp}', " . " regip = '" . real_ip() . "'," . " regdate = '" . time() . "'" . " WHERE " . $this->field_name . "='{$username}'";
$this->db->query($sql);
/* 更新memberfields表 */
$sql = 'INSERT INTO ' . $this->table('memberfields') . ' (' . $this->field_id . ") " . " SELECT " . $this->field_id . " FROM " . $this->table($this->user_table) . " WHERE " . $this->field_name . "='{$username}'";
$this->db->query($sql);
return true;
}
/**
* 检查cookie
*
* @access public
* @param
*
* @return void
*/
function check_cookie()
{
if (empty($_COOKIE[$this->cookie_prefix . 'userid']) || empty($_COOKIE[$this->cookie_prefix . 'password'])) {
return '';
}
$user_id = intval($_COOKIE[$this->cookie_prefix . 'userid']);
$true_password = addslashes_deep($_COOKIE[$this->cookie_prefix . 'password']);
$sql = "SELECT " . $this->field_name . " AS user_name " . " FROM " . $this->table($this->user_table) . " WHERE " . $this->field_id . "='{$user_id}' AND truepassword='******'";
$username = $this->db->getOne($sql);
if (empty($username)) {
return '';
}
if ($this->charset != 'UTF8') {
$username = ecs_iconv($this->charset, 'UTF8', $username);
}
return $username;
}
if ($_GET['act'] == 'js') {
/* 编码转换 */
if (empty($_GET['charset'])) {
$_GET['charset'] = 'UTF8';
}
header('Content-type: application/x-javascript; charset=' . ($_GET['charset'] == 'UTF8' ? 'utf-8' : $_GET['charset']));
$url = $ecs->url();
$str = "";
/* 取得广告的信息 */
$sql = 'SELECT ad.ad_id, ad.ad_name, ad.ad_link, ad.ad_code ' . 'FROM ' . $ecs->table('ecsmart_ad') . ' AS ad ' . 'LEFT JOIN ' . $ecs->table('ecsmart_ad_position') . ' AS p ON ad.position_id = p.position_id ' . "WHERE ad.ad_id = '{$ad_id}' and " . gmtime() . " >= ad.start_time and " . gmtime() . "<= ad.end_time";
$ad_info = $db->getRow($sql);
if (!empty($ad_info)) {
/* 转换编码 */
if ($_GET['charset'] != 'UTF8') {
$ad_info['ad_name'] = ecs_iconv('UTF8', $_GET['charset'], $ad_info['ad_name']);
$ad_info['ad_code'] = ecs_iconv('UTF8', $_GET['charset'], $ad_info['ad_code']);
}
/* 初始化广告的类型和来源 */
$_GET['type'] = !empty($_GET['type']) ? intval($_GET['type']) : 0;
$_GET['from'] = !empty($_GET['from']) ? urlencode($_GET['from']) : '';
$str = '';
switch ($_GET['type']) {
case '0':
/* 图片广告 */
$src = strpos($ad_info['ad_code'], 'http://') === false && strpos($ad_info['ad_code'], 'https://') === false ? $url . DATA_DIR . "/afficheimg/{$ad_info['ad_code']}" : $ad_info['ad_code'];
$str = '<a href="' . $url . 'affiche.php?ad_id=' . $ad_info['ad_id'] . '&from=' . $_GET['from'] . '&uri=' . urlencode($ad_info['ad_link']) . '" target="_blank">' . '<img src="' . $src . '" border="0" alt="' . $ad_info['ad_name'] . '" /></a>';
break;
case '1':
/* Falsh广告 */
$src = strpos($ad_info['ad_code'], 'http://') === false && strpos($ad_info['ad_code'], 'https://') === false ? $url . DATA_DIR . '/afficheimg/' . $ad_info['ad_code'] : $ad_info['ad_code'];
$str = '<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0"> <param name="movie" value="' . $src . '"><param name="quality" value="high"><embed src="' . $src . '" quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash"></embed></object>';
while ($row_www_com = $GLOBALS['db']->fetchRow($res_www_com)) {
$user_value['user_name'] = $row_www_com['user_name'];
$user_value['email'] = $row_www_com['email'];
/* 处理会员等级 */
$user_value['user_rank'] = " ";
if ($row_www_com['user_rank']) {
$user_value['user_rank'] = $rank_list_www_com[$row_www_com['user_rank']];
} else {
foreach ($rank_list_www_com[0] as $rank_temp) {
if ($row_www_com['rank_points'] >= $rank_temp['min_points'] and $row_www_com['rank_points'] < $rank_temp['max_points']) {
$user_value['user_rank'] = $rank_temp['rank_name'];
break;
}
}
}
/* 处理电话(家庭电话、办公电话) */
$user_value['tel_phone'] = $row_www_com['home_phone'];
$user_value['tel_phone'] .= !empty($row_www_com['home_phone']) && !empty($row_www_com['office_phone']) ? "或" : "";
$user_value['tel_phone'] .= $row_www_com['office_phone'];
$user_value['mobile_phone'] = $row_www_com['mobile_phone'];
$content .= implode(",", $user_value) . "\n";
}
if (EC_CHARSET == 'utf-8') {
$zip->add_file(ecs_iconv('UTF8', 'GB2312', $content), 'users_list.csv');
} else {
$zip->add_file($content, 'goods_list.csv');
}
header("Content-Disposition: attachment; filename=users_list.zip");
header("Content-Type: application/unknown");
die($zip->file());
}
/**
* 保存搜索引擎关键字
*
* @access public
* @return void
*/
function save_searchengine_keyword($domain, $path)
{
if (strpos($domain, 'google.com.tw') !== false && preg_match('/q=([^&]*)/i', $path, $regs)) {
$searchengine = 'GOOGLE TAIWAN';
$keywords = urldecode($regs[1]);
// google taiwan
}
if (strpos($domain, 'google.cn') !== false && preg_match('/q=([^&]*)/i', $path, $regs)) {
$searchengine = 'GOOGLE CHINA';
$keywords = urldecode($regs[1]);
// google china
}
if (strpos($domain, 'google.com') !== false && preg_match('/q=([^&]*)/i', $path, $regs)) {
$searchengine = 'GOOGLE';
$keywords = urldecode($regs[1]);
// google
} elseif (strpos($domain, 'baidu.') !== false && preg_match('/wd=([^&]*)/i', $path, $regs)) {
$searchengine = 'BAIDU';
$keywords = urldecode($regs[1]);
// baidu
} elseif (strpos($domain, 'baidu.') !== false && preg_match('/word=([^&]*)/i', $path, $regs)) {
$searchengine = 'BAIDU';
$keywords = urldecode($regs[1]);
// baidu
} elseif (strpos($domain, '114.vnet.cn') !== false && preg_match('/kw=([^&]*)/i', $path, $regs)) {
$searchengine = 'CT114';
$keywords = urldecode($regs[1]);
// ct114
} elseif (strpos($domain, 'iask.com') !== false && preg_match('/k=([^&]*)/i', $path, $regs)) {
$searchengine = 'IASK';
$keywords = urldecode($regs[1]);
// iask
} elseif (strpos($domain, 'soso.com') !== false && preg_match('/w=([^&]*)/i', $path, $regs)) {
$searchengine = 'SOSO';
$keywords = urldecode($regs[1]);
// soso
} elseif (strpos($domain, 'sogou.com') !== false && preg_match('/query=([^&]*)/i', $path, $regs)) {
$searchengine = 'SOGOU';
$keywords = urldecode($regs[1]);
// sogou
} elseif (strpos($domain, 'so.163.com') !== false && preg_match('/q=([^&]*)/i', $path, $regs)) {
$searchengine = 'NETEASE';
$keywords = urldecode($regs[1]);
// netease
} elseif (strpos($domain, 'yodao.com') !== false && preg_match('/q=([^&]*)/i', $path, $regs)) {
$searchengine = 'YODAO';
$keywords = urldecode($regs[1]);
// yodao
} elseif (strpos($domain, 'zhongsou.com') !== false && preg_match('/word=([^&]*)/i', $path, $regs)) {
$searchengine = 'ZHONGSOU';
$keywords = urldecode($regs[1]);
// zhongsou
} elseif (strpos($domain, 'search.tom.com') !== false && preg_match('/w=([^&]*)/i', $path, $regs)) {
$searchengine = 'TOM';
$keywords = urldecode($regs[1]);
// tom
} elseif (strpos($domain, 'live.com') !== false && preg_match('/q=([^&]*)/i', $path, $regs)) {
$searchengine = 'MSLIVE';
$keywords = urldecode($regs[1]);
// MSLIVE
} elseif (strpos($domain, 'tw.search.yahoo.com') !== false && preg_match('/p=([^&]*)/i', $path, $regs)) {
$searchengine = 'YAHOO TAIWAN';
$keywords = urldecode($regs[1]);
// yahoo taiwan
} elseif (strpos($domain, 'cn.yahoo.') !== false && preg_match('/p=([^&]*)/i', $path, $regs)) {
$searchengine = 'YAHOO CHINA';
$keywords = urldecode($regs[1]);
// yahoo china
} elseif (strpos($domain, 'yahoo.') !== false && preg_match('/p=([^&]*)/i', $path, $regs)) {
$searchengine = 'YAHOO';
$keywords = urldecode($regs[1]);
// yahoo
} elseif (strpos($domain, 'msn.com.tw') !== false && preg_match('/q=([^&]*)/i', $path, $regs)) {
$searchengine = 'MSN TAIWAN';
$keywords = urldecode($regs[1]);
// msn taiwan
} elseif (strpos($domain, 'msn.com.cn') !== false && preg_match('/q=([^&]*)/i', $path, $regs)) {
$searchengine = 'MSN CHINA';
$keywords = urldecode($regs[1]);
// msn china
} elseif (strpos($domain, 'msn.com') !== false && preg_match('/q=([^&]*)/i', $path, $regs)) {
$searchengine = 'MSN';
$keywords = urldecode($regs[1]);
// msn
}
if (!empty($keywords)) {
$gb_search = array('YAHOO CHINA', 'TOM', 'ZHONGSOU', 'NETEASE', 'SOGOU', 'SOSO', 'IASK', 'CT114', 'BAIDU');
if (EC_CHARSET == 'utf-8' && in_array($searchengine, $gb_search)) {
$keywords = ecs_iconv('GBK', 'UTF8', $keywords);
}
if (EC_CHARSET == 'gbk' && !in_array($searchengine, $gb_search)) {
$keywords = ecs_iconv('UTF8', 'GBK', $keywords);
}
M()->autoReplace(M()->pre . 'keywords', array('date' => local_date('Y-m-d'), 'searchengine' => $searchengine, 'keyword' => addslashes($keywords), 'count' => 1), array('count' => 1));
}
}
function fsockRequest($url, $method, $postfields = NULL, $headers = array())
{
$urlarr = parse_url($url);
$errno = '';
$errstr = '';
$transports = '';
$responseText = '';
if ($urlarr['scheme'] == 'https') {
$transports = 'ssl://';
$urlarr['port'] = '443';
} else {
$transports = 'tcp://';
$urlarr['port'] = '80';
}
$fp = @fsockopen($transports . $urlarr['host'], $urlarr['port'], $errno, $errstr, $this->timeout);
if (!$fp) {
die("ERROR: {$errno} - " . ecs_iconv('GBK', 'UTF8', $errstr) . "<br />\r\n");
return false;
} else {
if (!empty($urlarr['query'])) {
$urlarr['path'] .= '?' . $urlarr['query'];
}
$urlarr['method'] = $method;
//print_r($urlarr);
$header = $method . ' ' . $urlarr['path'] . " HTTP/1.1\r\n";
//fputs($fp, $method.' '. $urlarr['path'] ." HTTP/1.1\r\n");
//fputs($fp, "Referer: " . $url ."\r\n");
if ($method == 'POST') {
$header .= "Content-type: application/x-www-form-urlencoded\r\n";
$header .= "Content-length: " . strlen($postfields) . "\r\n";
}
$header .= "Host: " . $urlarr['host'] . "\r\n";
$header .= "Connection: close\r\n\r\n";
fputs($fp, $header);
if ($method == 'POST') {
fputs($fp, $postfields . "\r\n\r\n");
}
while (!feof($fp)) {
$responseText .= @fgets($fp, 1024);
}
fclose($fp);
$len = 0;
$pos = strpos($responseText, 'Content-Length:');
if ($pos > 0) {
$pos += 15;
$len = intval(substr($responseText, $pos, stripos($responseText, "\r\n", $pos) - $pos));
}
$responseText = trim(stristr($responseText, "\r\n\r\n"), "\r\n");
if ($len > 0) {
if (strlen($responseText) != $len) {
$nowH = substr($responseText, 0, strpos($responseText, "\r\n"));
if (strlen($responseText) - strlen($nowH) + 2 == $len) {
$responseText = substr($responseText, strpos($responseText, "\r\n") + 2);
}
}
} else {
$responseText = trim(substr($responseText, strpos($responseText, "\r\n") + 2), "\r\n");
$responseText = substr($responseText, 0, strrpos($responseText, "\r\n"));
}
return $responseText;
}
}
/**
* 检查cookie
*
* @access public
* @param
*
* @return void
*/
function check_cookie()
{
if (empty($_COOKIE[$this->cookie_prefix . '_data']) || empty($_COOKIE[$this->cookie_prefix . '_sid'])) {
return '';
}
/* 序列化cookie,取得用户信息 */
$cookie_data = addslashes_deep(@unserialize(stripslashes_deep($_COOKIE[$this->cookie_prefix . '_data'])));
$cookie_session_id = addslashes_deep(trim($_COOKIE[$this->cookie_prefix . '_sid']));
if (empty($cookie_data['userid']) || empty($cookie_data['autologinid'])) {
return '';
}
$sql = "SELECT " . $this->field_name . " FROM " . $this->table('sessions') . " AS s " . " LEFT JOIN " . $this->table($this->user_table) . " AS u ON s.session_user_id = u.user_id" . " WHERE session_id = '{$cookie_session_id}' AND session_user_id = '{$cookie_data['userid']}'";
$username = $this->db->getOne($sql);
if (empty($username)) {
return '';
} else {
if ($this->charset != 'UTF8') {
$username = ecs_iconv($this->charset, 'UTF8', $username);
}
return $username;
}
}
function gb2py($text, $exp = '')
{
if (!$text) {
return '';
}
if (EC_CHARSET != 'gbk') {
$text = ecs_iconv(EC_CHARSET, 'gbk', $text);
}
$data = array();
$tmp = @file(ROOT_PATH . 'includes/codetable/gb-pinyin.table');
if (!$tmp) {
return '';
}
$tmps = count($tmp);
for ($i = 0; $i < $tmps; $i++) {
$tmp1 = explode("\t", $tmp[$i]);
$data[$i] = array($tmp1[0], $tmp1[1]);
}
$r = array();
$k = 0;
$textlen = strlen($text);
for ($i = 0; $i < $textlen; $i++) {
$p = ord(substr($text, $i, 1));
if ($p > 160) {
$q = ord(substr($text, ++$i, 1));
$p = $p * 256 + $q - 65536;
}
if ($p > 0 && $p < 160) {
$r[$k] = chr($p);
} elseif ($p < -20319 || $p > -10247) {
$r[$k] = '';
} else {
for ($j = $tmps - 1; $j >= 0; $j--) {
if ($data[$j][1] <= $p) {
break;
}
}
$r[$k] = $data[$j][0];
}
$k++;
}
return implode($exp, $r);
}
$inout['takegoods_man'] = $_REQUEST['takegoods_man'] ? trim($_REQUEST['takegoods_man']) : '';
/* 如果有CSV文件传入的话 */
$file = @fopen($_FILES['csv_file']['tmp_name'], 'r');
if ($file) {
$kkk = 0;
while ($data = fgetcsv($file, '1000', ',')) {
if ($kkk == 0) {
$kkk++;
continue;
}
$goods_list[$kkk]['goods_thumb'] = '../' . $data[0];
$goods_list[$kkk]['goods_id'] = $data[1];
$goods_list[$kkk]['goods_sn'] = $data[2];
$goods_list[$kkk]['goods_name'] = ecs_iconv('gb2312', 'UTF8', $data[3]);
$goods_list[$kkk]['goods_attr1'] = ecs_iconv('gb2312', 'UTF8', $data[4]);
$goods_list[$kkk]['goods_attr2'] = ecs_iconv('gb2312', 'UTF8', $data[5]);
$data[6] = trim($data[6]);
$goods_list[$kkk]['number_yingshou'] = !empty($data[6]) ? intval($data[6]) : '1';
$goods_list[$kkk]['number_shishou'] = $data[7];
$kkk++;
}
//echo '<pre>';
//print_r($goods_list);
//echo '</pre>';
$smarty->assign('goods_list', $goods_list);
}
$inout['add_time_date'] = local_date('Y-m-d');
$inout['add_date'] = local_date('Ymd');
$sql = "select max(today_sn) from " . $ecs->table('store_inout_list') . " where add_date='{$inout['add_date']}' ";
$inout_count = $db->getOne($sql);
$inout_sn = $inout_count ? intval($inout_count + 1) : 1;
/* 红包序列号, 红包金额, 类型名称(红包名称), 使用结束日期 */
echo $_LANG['bonus_sn'] . "\t";
echo $_LANG['type_money'] . "\t";
echo $_LANG['type_name'] . "\t";
echo $_LANG['use_enddate'] . "\t\n";
}
$val = array();
$sql = "SELECT ub.bonus_id, ub.bonus_type_id, ub.bonus_sn, bt.type_name, bt.type_money, bt.use_end_date " . "FROM " . $ecs->table('user_bonus') . " AS ub, " . $ecs->table('bonus_type') . " AS bt " . "WHERE bt.type_id = ub.bonus_type_id AND ub.bonus_type_id = '{$tid}' ORDER BY ub.bonus_id DESC";
$res = $db->query($sql);
$code_table = array();
while ($val = $db->fetchRow($res)) {
echo $val['bonus_sn'] . "\t";
echo $val['type_money'] . "\t";
if (!isset($code_table[$val['type_name']])) {
if (EC_CHARSET != 'gbk') {
$code_table[$val['type_name']] = ecs_iconv('UTF8', 'GB2312', $val['type_name']);
} else {
$code_table[$val['type_name']] = $val['type_name'];
}
}
echo $code_table[$val['type_name']] . "\t";
echo local_date('Y-m-d', $val['use_end_date']);
echo "\t\n";
}
}
/*------------------------------------------------------ */
//-- 搜索商品
/*------------------------------------------------------ */
if ($_REQUEST['act'] == 'get_goods_list') {
include_once ROOT_PATH . 'includes/cls_json.php';
$json = new JSON();
}
/* 下载报表 */
if ($_REQUEST['act'] == 'download') {
$goods_order_data = get_sales_order(false);
$goods_order_data = $goods_order_data['sales_order_data'];
$filename = $_REQUEST['start_date'] . '_' . $_REQUEST['end_date'] . 'sale_order';
header("Content-type: application/vnd.ms-excel; charset=utf-8");
header("Content-Disposition: attachment; filename={$filename}.xls");
$data = "{$_LANG['sell_stats']}\t\n";
$data .= "{$_LANG['order_by']}\t{$_LANG['goods_name']}\t{$_LANG['goods_sn']}\t{$_LANG['sell_amount']}\t{$_LANG['sell_sum']}\t{$_LANG['percent_count']}\n";
foreach ($goods_order_data as $k => $row) {
$order_by = $k + 1;
$data .= "{$order_by}\t{$row['goods_name']}\t{$row['goods_sn']}\t{$row['goods_num']}\t{$row['turnover']}\t{$row['wvera_price']}\n";
}
if (EC_CHARSET == 'utf-8') {
echo ecs_iconv(EC_CHARSET, 'GB2312', $data);
} else {
echo $data;
}
exit;
}
$goods_order_data = get_sales_order();
$smarty->assign('goods_order_data', $goods_order_data['sales_order_data']);
$smarty->assign('filter', $goods_order_data['filter']);
$smarty->assign('record_count', $goods_order_data['record_count']);
$smarty->assign('page_count', $goods_order_data['page_count']);
$sort_flag = sort_flag($goods_order_data['filter']);
$smarty->assign($sort_flag['tag'], $sort_flag['img']);
make_json_result($smarty->fetch('sale_order.htm'), '', array('filter' => $goods_order_data['filter'], 'page_count' => $goods_order_data['page_count']));
} else {
/* 权限检查 */
$smarty->assign('data_count_name', $_LANG['order_count_trend']);
$smarty->assign('data_amount_name', $_LANG['order_amount_trend']);
/* 根据查询类型生成文件名 */
if ($query_type == 'year') {
$filename = date('Y', $start_time) . "_" . date('Y', $end_time) . '_report';
} else {
$filename = date('Ym', $start_time) . "_" . date('Ym', $end_time) . '_report';
}
$smarty->assign('action_link', array('text' => $_LANG['down_sales_stats'], 'href' => 'sale_general.php?act=download&filename=' . $filename . '&query_type=' . $query_type . '&start_time=' . $start_time . '&end_time=' . $end_time));
/* 显示模板 */
$smarty->assign('ur_here', $_LANG['report_sell']);
assign_query_info();
$smarty->display('sale_general.htm');
} elseif ($_REQUEST['act'] == 'download') {
/* 文件名 */
$filename = !empty($_REQUEST['filename']) ? trim($_REQUEST['filename']) : '';
header("Content-type: application/vnd.ms-excel; charset=utf-8");
header("Content-Disposition: attachment; filename={$filename}.xls");
/* 文件标题 */
echo ecs_iconv(EC_CHARSET, 'GB2312', $filename . $_LANG['sales_statistics']) . "\t\n";
/* 订单数量, 销售出商品数量, 销售金额 */
echo ecs_iconv(EC_CHARSET, 'GB2312', $_LANG['period']) . "\t";
echo ecs_iconv(EC_CHARSET, 'GB2312', $_LANG['order_count_trend']) . "\t";
echo ecs_iconv(EC_CHARSET, 'GB2312', $_LANG['order_amount_trend']) . "\t\n";
foreach ($data_list as $data) {
echo ecs_iconv(EC_CHARSET, 'GB2312', $data['period']) . "\t";
echo ecs_iconv(EC_CHARSET, 'GB2312', $data['order_count']) . "\t";
echo ecs_iconv(EC_CHARSET, 'GB2312', $data['order_amount']) . "\t";
echo "\n";
}
}
