function edit($post) { global $DT_PRE, $_username, $DT_TIME, $GROUP, $L; $item = $this->get_one(); $user = $item['username'] ? userinfo($item['username']) : array(); $gsql = $msql = $csql = ''; $gsql = "edittime={$DT_TIME},editor='{$_username}',status={$post['status']},note='{$post['note']}'"; if ($post['status'] == 1) { //reject if ($user) { if ($post['message'] && $post['content']) { send_message($user['username'], lang($L['grade_fail'], array($GROUP[$item['groupid']]['groupname'])), nl2br($post['content'])); $gsql .= ",message=1"; } if ($item['amount']) { money_add($item['username'], $item['amount']); money_record($item['username'], $item['amount'], $L['in_site'], 'system', $L['grade_title'], $L['grade_return']); } } } else { if ($post['status'] == 2) { // } else { if ($post['status'] == 3) { if ($user) { if (isset($post['pay']) && $post['pay']) { if ($user['money'] < $post['pay']) { return $this->_($L['grade_pass_balance']); } else { money_add($item['username'], -$post['pay']); money_record($item['username'], -$post['pay'], $L['in_site'], 'system', $L['grade_title'], $L['grade_upto'] . $GROUP[$item['groupid']]['groupname']); } } $msql = $csql = "groupid={$item['groupid']},company='{$item['company']}'"; $vip = $GROUP[$item['groupid']]['vip']; $csql .= ",vip={$vip},vipt={$vip}"; if (isset($post['pay'])) { $csql .= ",fromtime=" . strtotime($post['fromtime']) . ",totime=" . strtotime($post['totime']) . ",validtime=" . strtotime($post['validtime']) . ",validator='{$post['validator']}',validated={$post['validated']}"; } if ($post['message'] && $post['content']) { send_message($user['username'], lang($L['grade_success'], array($GROUP[$item['groupid']]['groupname'])), nl2br($post['content'])); $gsql .= ",message=1"; } } } } } $this->db->query("UPDATE {$this->table} SET {$gsql} WHERE itemid={$this->itemid}"); if ($msql) { $this->db->query("UPDATE {$DT_PRE}member SET {$msql} WHERE userid={$item['userid']}"); } if ($csql) { $this->db->query("UPDATE {$DT_PRE}company SET {$csql} WHERE userid={$item['userid']}"); } return true; }
if ($CP) { property_check($post_ppt); } $do->add($post); if ($FD) { fields_update($post_fields, $table, $do->itemid); } if ($CP) { property_update($post_ppt, $moduleid, $post['catid'], $do->itemid); } if ($MOD['show_html'] && $post['status'] > 2) { $do->tohtml($do->itemid); } if ($fee_add) { if ($fee_currency == 'money') { money_add($_username, -$fee_add); money_record($_username, -$fee_add, $L['in_site'], 'system', lang($L['credit_record_add'], array($MOD['name'])), 'ID:' . $do->itemid); } else { credit_add($_username, -$fee_add); credit_record($_username, -$fee_add, 'system', lang($L['credit_record_add'], array($MOD['name'])), 'ID:' . $do->itemid); } } $msg = $post['status'] == 2 ? $L['success_check'] : $L['success_add']; $js = ''; if (isset($post['sync_sina']) && $post['sync_sina']) { $js .= sync_weibo('sina', $moduleid, $do->itemid); } if (isset($post['sync_qq']) && $post['sync_qq']) { $js .= sync_weibo('qq', $moduleid, $do->itemid); } if (isset($post['sync_qzone']) && $post['sync_qzone']) {
//处理数据库逻辑 //注意交易单不要重复处理 //注意判断返回金额 $total_fee = ($total_fee + $discount) / 100; $out_trade_no = intval($out_trade_no); $r = $db->get_one("SELECT * FROM {$DT_PRE}finance_charge WHERE itemid='{$out_trade_no}'"); if ($r) { if ($r['status'] == 0) { $charge_orderid = $r['itemid']; $charge_money = $r['amount'] + $r['fee']; $charge_amount = $r['amount']; $editor = 'N' . $bank; if ($total_fee == $charge_money) { $db->query("UPDATE {$DT_PRE}finance_charge SET status=3,money={$charge_money},receivetime='{$DT_TIME}',editor='{$editor}' WHERE itemid={$charge_orderid}"); require DT_ROOT . '/include/module.func.php'; money_add($r['username'], $r['amount']); money_record($r['username'], $r['amount'], $PAY[$bank]['name'], 'system', '在线充值', '订单ID:' . $charge_orderid); $MOD = cache_read('module-2.php'); if ($MOD['credit_charge'] > 0) { $credit = intval($r['amount'] * $MOD['credit_charge']); if ($credit > 0) { credit_add($r['username'], $credit); credit_record($r['username'], $credit, 'system', '充值奖励', '充值' . $r['amount'] . $DT['money_unit']); } } exit('success'); } else { $note = '充值金额不匹配S:' . $charge_money . 'R:' . $total_fee; $db->query("UPDATE {$DT_PRE}finance_charge SET status=1,receivetime='{$DT_TIME}',editor='{$editor}',note='{$note}' WHERE itemid={$charge_orderid}"); //支付失败 #log_result($note);
message($L['spread_msg_yours']); } } $months = $next_month + $buy_month; $year = floor($months / 12); if ($months % 12 == 0) { $to_month = 12; $to_year = $next_year + $year - 1; } else { $to_month = $months % 12; $to_year = $next_year + $year; } $totime = strtotime($to_year . '-' . $to_month . '-1'); $status = $EXT['spread_check'] ? 2 : 3; if ($currency == 'money') { money_add($_username, -$amount); money_record($_username, -$amount, $L['in_site'], 'system', $MODULE[$mid]['name'] . $L['spread_title'], $word . '(' . $L['spread_infoid'] . $buy_tid . ')'); } else { credit_add($_username, -$amount); credit_record($_username, -$amount, 'system', $MODULE[$mid]['name'] . $L['spread_title'], $word . '(ID:' . $buy_tid . ')'); } $db->query("INSERT INTO {$DT_PRE}spread (mid,tid,word,price,currency,company,username,addtime,fromtime,totime,status) VALUES ('{$mid}','{$buy_tid}','{$word}','{$buy_price}','{$currency}','{$_company}','{$_username}','{$DT_TIME}','{$next_time}','{$totime}','{$status}')"); dmsg($L['spread_msg_success'], '?status=' . $status); } else { // } } else { dheader($EXT['spread_url']); } } else { $status = isset($status) ? intval($status) : 3;
$username = trim($username); if (!$username) { continue; } $r = $db->get_one("SELECT username,money FROM {$DT_PRE}member WHERE username='******'"); if (!$r) { $error .= '<br/>会员[' . $username . ']不存在'; continue; } if (!$type && $r['money'] < abs($amount)) { $error .= '<br/>会员[' . $username . ']余额不足,当前余额为:' . $r['money']; continue; } $reason or $reason = '现金'; $note or $note = '手工'; money_add($username, $amount); money_record($username, $amount, $bank, $_username, $reason, $note); $success++; } if ($error) { message('操作成功 ' . $success . ' 位会员,发生以下错误:' . $error); } dmsg('操作成功', '?moduleid=' . $moduleid . '&file=' . $file); } else { if (isset($userid)) { if ($userid) { $userids = is_array($userid) ? implode(',', $userid) : $userid; $result = $db->query("SELECT username FROM {$DT_PRE}member WHERE userid IN ({$userids})"); while ($r = $db->fetch_array($result)) { $username .= $r['username'] . "\n"; }
wap_msg($L['not_card_password']); } $card = $db->get_one("SELECT * FROM {$DT_PRE}finance_card WHERE number='{$number}'"); if ($card) { if ($card['updatetime']) { wap_msg($L['not_card_number']); } if ($card['totime'] < $DT_TIME) { wap_msg($L['not_card_number']); } if ($card['password'] != $password) { wap_msg($L['not_card_password']); } $db->query("INSERT INTO {$DT_PRE}finance_charge (username,bank,amount,money,sendtime,receivetime,editor,status,note) VALUES ('{$_username}','card', '{$card['amount']}','{$card['amount']}','{$DT_TIME}','{$DT_TIME}','system','3','{$number}')"); $db->query("UPDATE {$DT_PRE}finance_card SET username='******',updatetime='{$DT_TIME}',ip='{$DT_IP}' WHERE itemid='{$card['itemid']}'"); money_add($_username, $card['amount']); money_record($_username, $card['amount'], $L['by_card'], 'system', $L['card_charge'], $number . '(WAP)'); $_money = $_money + $card['amount']; wap_msg($L['charge_success'], $forward); } else { wap_msg($L['not_card_number']); } } else { $head_title = $L['card_charge'] . $DT['seo_delimiter'] . $head_title; include template('charge', $TP); } break; case 'message_send': if (!$_userid) { wap_msg($L['please_login'], 'index.php?moduleid=' . $moduleid . '&action=login'); }
<?php defined('IN_DESTOON') or exit('Access Denied'); login(); require DT_ROOT . '/module/' . $module . '/common.inc.php'; require DT_ROOT . '/include/post.func.php'; switch ($action) { case 'add': if ($submit) { $num = intval($num); $num >= 1 or $num = 1; $money = $MOD['deposit'] * $num; $money <= $_money or dheader('charge.php?action=pay&reason=deposit|' . $num . '&amount=' . ($money - $_money)); is_payword($_username, $password) or message($L['error_payword']); money_add($_username, -$money); money_record($_username, -$money, $L['in_site'], 'system', $L['deposit_title_add']); $db->query("INSERT INTO {$DT_PRE}finance_deposit (username,amount,addtime,editor) VALUES ('{$_username}','{$money}','{$DT_TIME}','{$_username}')"); $db->query("UPDATE {$DT_PRE}member SET deposit=deposit+{$money} WHERE userid={$_userid}"); dmsg($L['op_success'], '?action=index'); } else { $amount = $MOD['deposit']; if ($sum > 1) { $amount = $MOD['deposit'] * $sum; } $head_title = $L['deposit_title_add']; } break; default: $condition = "username='******'"; isset($fromtime) or $fromtime = ''; isset($totime) or $totime = '';
//买家确认超时 卖家申请直接付款 $gone = $DT_TIME - $td['updatetime']; if (!in_array($td['status'], array(1, 2)) || $td['seller'] != $_username || $gone < $MOD['trade_day'] * 86400 + $td['add_time'] * 3600) { message($L['group_msg_deny']); } //交易成功 $money = $td['amount']; money_add($td['seller'], $money); money_record($td['seller'], $money, $L['in_site'], 'system', $L['group_record_pay'], lang($L['group_buyer_timeout'], array($itemid))); //网站服务费 $G = $db->get_one("SELECT groupid FROM {$DT_PRE}member WHERE username='******'seller'] . "'"); $SG = cache_read('group-' . $G['groupid'] . '.php'); if ($SG['commission']) { $fee = dround($money * $SG['commission'] / 100); if ($fee > 0) { money_add($td['seller'], -$fee); money_record($td['seller'], -$fee, $L['in_site'], 'system', $L['trade_fee'], $L['trade_order_id'] . $itemid); } } $db->query("UPDATE {$table} SET status=3,updatetime={$DT_TIME} WHERE itemid={$itemid}"); message($L['group_success'], $forward, 3); break; } } else { if ($action == 'express') { //我的快递 $sfields = $L['express_sfields']; $dfields = array('title', 'title', 'send_type ', 'send_no'); isset($fields) && isset($dfields[$fields]) or $fields = 0; $status = isset($status) && isset($dsend_status[$status]) ? intval($status) : ''; $type = isset($type) ? intval($type) : 0;
case 'edit': if ($item['status'] > 0) { msg('此申请已受理'); } if ($submit) { isset($status) or msg('请指定受理结果'); $money = $item['amount'] + $item['fee']; if ($status == 3) { money_lock($member['username'], -$money); money_record($member['username'], -$item['amount'], $item['bank'], $_username, '提现成功'); money_record($member['username'], -$item['fee'], $item['bank'], $_username, '提现手续费'); } else { if ($status == 2 || $status == 1) { $note or msg('请填写原因备注'); money_lock($member['username'], -$money); money_add($member['username'], $money); } else { msg(); } } $db->query("UPDATE {$table} SET status={$status},editor='{$_username}',edittime={$DT_TIME},note='{$note}' WHERE itemid={$itemid}"); dmsg('受理成功', $forward); } else { include tpl('cash_edit', $module); } break; case 'show': if ($item['status'] == 0) { msg('申请尚未受理'); } include tpl('cash_show', $module);
if ($seller) { $title = '[' . $seller . '] ' . $title; } } include tpl('order_stats', $module); break; case 'refund': $itemid or msg('未选择记录'); $itemids = is_array($itemid) ? implode(',', $itemid) : $itemid; $i = 0; $result = $db->query("SELECT * FROM {$table} WHERE itemid IN ({$itemids})"); while ($r = $db->fetch_array($result)) { if ($r['status'] < 3) { $i++; $itemid = $r['itemid']; money_add($r['buyer'], $r['amount']); money_record($r['buyer'], $r['amount'], '站内', 'system', '团购退款', '订单号:' . $itemid); $db->query("UPDATE {$table} SET status=4,editor='{$_username}',updatetime={$DT_TIME} WHERE itemid={$itemid}"); } } dmsg('退款成功' . $i . '个订单', $forward); break; case 'show': $itemid or msg('未指定记录'); $item = $db->get_one("SELECT * FROM {$table} WHERE itemid={$itemid} "); $item or msg('记录不存在'); $item['linkurl'] = $EXT['linkurl'] . 'redirect.php?mid=' . $moduleid . '&itemid=' . $item['gid']; $item['money'] = $item['amount']; $item['addtime'] = timetodate($item['addtime'], 6); $item['updatetime'] = timetodate($item['updatetime'], 6); include tpl('order_show', $module);
function add($member) { global $DT, $DT_TIME, $DT_IP, $MOD, $L; if (!$this->is_member($member)) { return false; } $member = $this->set_member($member); $member['linkurl'] = userurl($member['username']); $member['password'] = $member['payword'] = md5(md5($member['password'])); $member['sound'] = 1; $member_fields = array('username', 'company', 'passport', 'password', 'payword', 'email', 'sound', 'gender', 'truename', 'mobile', 'msn', 'qq', 'ali', 'skype', 'department', 'career', 'groupid', 'regid', 'areaid', 'edittime', 'inviter'); $company_fields = array('username', 'groupid', 'company', 'type', 'catid', 'catids', 'areaid', 'mode', 'capital', 'regunit', 'size', 'regyear', 'sell', 'buy', 'business', 'telephone', 'fax', 'mail', 'address', 'postcode', 'homepage', 'introduce', 'thumb', 'keyword', 'linkurl'); $member_sqlk = $member_sqlv = $company_sqlk = $company_sqlv = ''; foreach ($member as $k => $v) { if (in_array($k, $member_fields)) { $member_sqlk .= ',' . $k; $member_sqlv .= ",'{$v}'"; } if (in_array($k, $company_fields)) { $company_sqlk .= ',' . $k; $company_sqlv .= ",'{$v}'"; } } $member_sqlk = substr($member_sqlk, 1); $member_sqlv = substr($member_sqlv, 1); $company_sqlk = substr($company_sqlk, 1); $company_sqlv = substr($company_sqlv, 1); $this->db->query("INSERT INTO {$this->table_member} ({$member_sqlk},regip,regtime,loginip,logintime) VALUES ({$member_sqlv},'{$DT_IP}','{$DT_TIME}','{$DT_IP}','{$DT_TIME}')"); $this->userid = $this->db->insert_id(); if (!$this->userid) { return 0; } $member['userid'] = $this->userid; $this->username = $member['username']; $this->db->query("INSERT INTO {$this->table_company} (userid, {$company_sqlk}) VALUES ('{$this->userid}', {$company_sqlv})"); $content_table = content_table(4, $this->userid, is_file(DT_CACHE . '/4.part'), $this->table_company_data); $this->db->query("INSERT INTO {$content_table} (userid, content) VALUES ('{$this->userid}', '{$member['content']}')"); if ($MOD['credit_register'] > 0) { credit_add($this->username, $MOD['credit_register']); credit_record($this->username, $MOD['credit_register'], 'system', $L['member_record_reg'], $DT_IP); } if ($MOD['money_register'] > 0) { money_add($this->username, $MOD['money_register']); money_record($this->username, $MOD['money_register'], $L['in_site'], 'system', $L['member_record_reg'], $DT_IP); } if ($MOD['sms_register'] > 0) { sms_add($this->username, $MOD['sms_register']); sms_record($this->username, $MOD['sms_register'], 'system', $L['member_record_reg'], $DT_IP); } return $this->userid; }
msg('会员名不能为空'); } $vip['username'] = trim($vip['username']); $money = dround($money); $credit = intval($credit); $sms = intval($sms); $usernames = explode("\n", trim($vip['username'])); foreach ($usernames as $username) { $username = trim($username); if (!$username) { continue; } $vip['username'] = $username; $do->vip_edit($vip); if ($money) { money_add($username, $money); money_record($username, $money, '站内', $_username, $reason, $GROUP[$vip['groupid']]['groupname']); } if ($credit) { credit_add($username, $credit); credit_record($username, $credit, $_username, $reason, $GROUP[$vip['groupid']]['groupname']); } if ($sms) { sms_add($username, $sms); sms_record($username, $sms, $_username, $reason, $GROUP[$vip['groupid']]['groupname']); } } dmsg('添加成功', $this_forward); } else { isset($username) or $username = ''; if (isset($userid)) {
credit_record($username, $fee_back, 'system', $L['pay_record_back'], $note); } dheader($forward); } else { dheader($MOD['linkurl'] . 'credit.php?action=buy'); } } $discount = $MG['discount'] > 0 && $MG['discount'] < 100 ? $MG['discount'] : 100; $discount = dround($discount / 100); if ($submit) { is_payword($_username, $password) or message($L['error_payword']); $fee = dround($fee * $discount); $fee > 0 or message($L['pay_msg_fee']); $fee <= $_money or dheader($MOD['linkurl'] . 'charge.php?action=pay&amount=' . ($fee - $_money)); $db->query("INSERT INTO {$DT_PRE}finance_pay (moduleid,itemid,username,fee,currency,paytime,ip,title) VALUES ('{$mid}','{$itemid}','{$_username}','{$fee}','{$currency}','{$DT_TIME}','{$DT_IP}','" . addslashes($title) . "')"); money_add($_username, -$fee); money_record($_username, -$fee, $L['in_site'], 'system', $L['pay_record_view'], $note); if ($username && $fee_back) { money_add($username, $fee_back); money_record($username, $fee_back, $L['in_site'], 'system', $L['pay_record_back'], $note); } dheader($forward); } else { $head_title = $L['pay_title']; $amount = 100; $member_fee = dround($fee * $discount); if ($member_fee > $_money) { $amount = dround($member_fee - $_money); } include template('pay', $module); }
} include tpl('cash_stats', $module); break; case 'edit': if ($item['status'] > 0) { msg('此申请已受理'); } if ($submit) { isset($status) or msg('请指定受理结果'); $money = $item['amount'] + $item['fee']; if ($status == 3) { // } else { if ($status == 2 || $status == 1) { $note or msg('请填写原因备注'); money_add($item['username'], $money); money_record($item['username'], $money, '站内', 'system', '提现失败', '流水号:' . $itemid); } else { msg(); } } $db->query("UPDATE {$table} SET status={$status},editor='{$_username}',edittime={$DT_TIME},note='{$note}' WHERE itemid={$itemid}"); dmsg('受理成功', $forward); } else { include tpl('cash_edit', $module); } break; case 'show': if ($item['status'] == 0) { msg('申请尚未受理'); }
if ($item['status'] != 5) { msg('此交易无需受理'); } if ($submit) { isset($status) or msg('请指定受理结果'); $content or msg('请填写操作理由'); if ($status == 6) { //已退款,买家胜 退款 $db->query("UPDATE {$DT_PRE}member SET money=money+{$item['money']},locking=locking-{$item['money']} WHERE username='******'buyer']}'"); $msg = '受理成功,交易状态已经改变为 已退款给买家'; } else { if ($status == 7) { //已退款,卖家胜 付款 $db->query("UPDATE {$DT_PRE}member SET locking=locking-{$item['money']} WHERE username='******'buyer']}'"); money_record($item['buyer'], -$item['money'], '站内', 'system', '订单货到付款', '订单号:' . $itemid); money_add($item['seller'], $item['money']); money_record($item['seller'], $item['money'], '站内', 'system', '订单货到付款', '订单号:' . $itemid); $msg = '受理成功,交易状态已经改变为 已付款给卖家'; } else { msg(); } } $db->query("UPDATE {$table} SET status={$status},editor='{$_username}',updatetime={$DT_TIME},refund_reason='{$content}' WHERE itemid={$itemid}"); msg($msg, $forward, 5); } else { include tpl('order_refund', $module); } break; case 'show': $cm = $db->get_one("SELECT * FROM {$DT_PRE}mall_comment WHERE itemid={$itemid}"); include tpl('order_show', $module);