$memberdb['authorid'] == $winduid && Showmsg('act_toalipay_authorid');
//发起人无法替别人支付
$isAdminright = $postActForBbs->getAdminRight($memberdb['authorid']);
if ($memberdb['isrefund'] || $memberdb['ifanonymous'] && !$isAdminright && $memberdb['uid'] != $winduid) {
//退款的无法支付、匿名但没有权限的无法支付
Showmsg('act_toalipay_error');
}
$memberdb['ifpay'] != 0 && Showmsg('act_toalipay_payed');
//只有未支付状态才可以支付
if (!$memberdb['totalcash'] || !preg_match("/^(([1-9]\\d*)|0)(\\.\\d{0,2})?\$/", $memberdb['totalcash'])) {
//费用错误
Showmsg('act_toalipay_cash_error');
}
$memberdb['totalcash'] = number_format($memberdb['totalcash'], 2, '.', '');
//支付金额
$out_trade_no = $memberdb['out_trade_no'] ? $memberdb['out_trade_no'] : $db_sitehash . '_' . $tid . '_' . $actuid . '_' . generatestr(6);
$defaultValueTableName = getActivityValueTableNameByActmid();
$defaultValue = $db->get_one("SELECT out_biz_no,paymethod,iscancel,endtime FROM {$defaultValueTableName} WHERE tid=" . S::sqlEscape($tid));
$defaultValue['paymethod'] != 1 && Showmsg('act_toalipay_paymethod');
//只有支付方式为支付宝才可以支付
$defaultValue['endtime'] + 30 * 86400 < $timestamp && Showmsg('act_endtime_toolong');
//结束时间后一个月,>0 则可以操作,< 0无法操作
$defaultValue['iscancel'] == 1 && Showmsg('act_iscancelled_y');
//活动被取消无法支付
$param = array('buyer_name' => $memberdb['username'], 'out_biz_no' => $defaultValue['out_biz_no'], 'out_trade_no' => $out_trade_no, 'amount' => $memberdb['totalcash'], 'notify_url' => "{$db_bbsurl}/act_alipay_receive.php", 'return_url' => "{$db_bbsurl}/read.php?tid={$tid}");
if ($fromuid != '-1') {
//是否代付
$fromusername = $db->get_value("SELECT username FROM pw_members WHERE uid=" . S::sqlEscape($fromuid));
$issubstitute = 1;
} else {
$fromuid = $issubstitute = 0;
function _callbackWindidUser($user)
{
$user['salt'] = generatestr(6);
$user['password'] = md5($user['password'] . $user['salt']);
return $user;
}
Promptmsg('config_noexists', 'database');
} else {
$db = pwNewDBForInstall();
}
$writeinto = str_pad('<?php die;?>', 96) . "\r\n";
writeover(D_P . 'data/bbscache/online.php', $writeinto);
writeover(D_P . 'data/bbscache/guest.php', $writeinto);
writeover(D_P . 'data/bbscache/olcache.php', "<?php\r\n\$userinbbs=1;\r\n\$guestinbbs=0;\r\n?>");
mt_srand((double) microtime() * 1000000);
$rand = '0123%^&*45ICV%^&*B6789qazw~!@#$sxedcrikolpQWER%^&*TYUNM';
$randlen = strlen($rand);
for ($i = 0; $i < 10; $i++) {
$db_hash .= $rand[mt_rand(0, $randlen)];
}
$db_siteid = generatestr(32);
$db_siteownerid = generatestr(32);
$db_sitehash = '10' . SitStrCode(md5($db_siteid . $db_siteownerid), md5($db_siteownerid . $db_siteid));
$db_windmagic = 0;
$db->update("REPLACE INTO pw_config(db_name,db_value) VALUES ('db_hash','{$db_hash}')");
$db->update("REPLACE INTO pw_config(db_name,db_value) VALUES ('db_windmagic','{$db_windmagic}')");
$db->update("REPLACE INTO pw_config(db_name,db_value) VALUES ('db_siteid','{$db_siteid}')");
$db->update("REPLACE INTO pw_config(db_name,db_value) VALUES ('db_siteownerid','{$db_siteownerid}')");
$db->update("REPLACE INTO pw_config(db_name,db_value) VALUES ('db_sitehash','{$db_sitehash}')");
$db->update("REPLACE INTO pw_config SET db_name='db_ifpwcache',db_value= '567'");
//风格
$styles = array('wind' => '蓝色天空', 'wind8gray' => '水墨江南', 'wind8black' => '黑色旋风', 'wind8green' => '绿之印象', 'wind8purple' => '紫色梦幻', 'wind85' => '春意盎然');
$i = 1;
$temp_styledb = array();
foreach ($styles as $key => $value) {
if (!file_exists(D_P . 'data/style/' . $key . '.php')) {
continue;
if(!isset($_POST['step'])){
include('./templets/code_main.htm');exit;
}else{
$lgpwd=md5($lgpwd);
$verify=md5("actionloginlguser{$lguser}lgpwd{$lgpwd}{$_SERVER[HTTP_USER_AGENT]}");
ObHeader("http://union.phpwind.com/index.php?action=login&lguser=$lguser&lgpwd=$lgpwd&verify=$verify");
}
}elseif($action=='key'){
if(!isset($cfg_siteid)||!$cfg_siteid){
$dsql = new DedeSql(false);
$rt = $dsql->GetOne("Select value From #@__sysconfig where varname='cfg_siteid'");
if(!$rt['value']){
$cfg_siteid = generatestr(16);
$dsql->ExecuteNoneQuery("Insert Into #@__sysconfig(info,varname,value) Values('PW营销系统密钥一','cfg_siteid','$cfg_siteid')");
$cfg_siteownerid = generatestr(18);
$dsql->ExecuteNoneQuery("Insert Into #@__sysconfig(info,varname,value) Values('PW营销系统密钥二','cfg_siteownerid','$cfg_siteownerid')");
$cfg_sitehash = '12'.SitStrCode(md5($cfg_siteid.$cfg_siteownerid),md5($cfg_siteownerid.$cfg_siteid));
$dsql->ExecuteNoneQuery("Insert Into #@__sysconfig(info,varname,value) Values('PW营销唯一识别码','cfg_sitehash','$cfg_sitehash')");
}
$dsql->SetQuery("Select varname,value From #@__sysconfig order by aid asc");
$dsql->Execute();
$configfile = dirname(__FILE__)."/../include/config_hand.php";
$configfile_bak = dirname(__FILE__)."/../include/config_hand_bak.php";
@copy($configfile,$configfile_bak) or die('读取文件权限出错,目录文件'.$configfile.'不可写!<a href="code_main.php">返回</a>');
$fp = @fopen($configfile,'w');
@flock($fp,3);
fwrite($fp,"<"."?php\r\n") or die('读取文件权限出错,目录文件'.$configfile.'不可写!<a href="code_main.php">返回</a>');
while($row = $dsql->GetArray()){
fwrite($fp,"\${$row['varname']} = '".str_replace("'","\\'",$row['value'])."';\r\n");
