echo "date_of_meal :".$date_of_meal ;
echo "order:".$order;
echo "order_id_to_be_deleted:".$order_id_to_be_deleted;*/
// FOR NEW MEAL PURCHASE
if ($name != "" && $name != "NaN" && $email != "" && $email != "NaN" && $student_number != "" && $student_number != "NaN" && $date_of_meal != "" && $date_of_meal != "NaN" && $order != "" && $order != "NaN") {
//echo "everything has a value";
$email = mysql_real_escape_string($email);
$name = mysql_real_escape_string($name);
$student_number = mysql_real_escape_string($student_number);
$phone_number = mysql_real_escape_string($phone_number);
$date_of_meal = mysql_real_escape_string($date_of_meal);
$order = mysql_real_escape_string($order);
$datetime_submitted = date("Y-m-d H:i:s");
//echo "\n NEWorder:".$order;
mysql_query("INSERT INTO lunchSale (name, email, student_number, phone_number, date_of_meal, picked_up, datetime_submitted, food_order) VALUES(N'{$name}', N'{$email}', N'{$student_number}', N'{$phone_number}', N'{$date_of_meal}', N'0', N'{$datetime_submitted}', N'{$order}')") or die(mysql_error($con));
send_verify_email($name, $email, $date_of_meal);
// fcn from common.php
//mysql_query("INSERT INTO lunchSale (name, email, student_number, phone_number, date_of_meal, food_order, datetime_submitted) VALUES(N'$name', N'$email', N'$student_number', N'$phone_number', N'$date_of_meal', N'$order', N'$datetime_submitted')") or die (mysql_error($con));
// FOR MEAL PURCHASE DELETE
} else {
if ($order_id_to_be_deleted != "" && $order_id_to_be_deleted != "NaN") {
$order_id_to_be_deleted = mysql_real_escape_string($order_id_to_be_deleted);
//echo "order_id_to_be_deleted:".$order_id_to_be_deleted;
$result = mysql_query("DELETE FROM lunchSale WHERE id ='{$order_id_to_be_deleted}'") or die(mysql_error($con));
// FOR MEAL PURCHASE CHECK
} else {
if ($student_number_check != "" && $student_number_check != "NaN") {
$student_number_check = mysql_real_escape_string($student_number_check);
//echo "student_number_check:".$student_number_check;
$result = mysql_query("SELECT * FROM lunchSale WHERE student_number='{$student_number_check}' ORDER BY date_of_meal DESC") or die(mysql_error($con));
$num_of_rows = mysql_num_rows($result);
public function send_email_verify_code()
{
if (app_conf("MAIL_ON") == 0) {
$data['status'] = 0;
$data['info'] = "邮件未开启";
ajax_return($data);
}
$email = addslashes(htmlspecialchars(trim($_REQUEST['email'])));
$step = intval($_REQUEST['step']);
$old_email = $GLOBALS["user_info"]['email'];
if ($step == 1) {
//新注册的邮箱
if ($email == $old_email) {
$data['status'] = 0;
$data['info'] = "你输入邮件的与原先一样";
ajax_return($data);
}
$m_count = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where email='" . $email . "' ");
if ($m_count > 0) {
$data['status'] = 0;
$data['info'] = "你输入的邮件已存在";
ajax_return($data);
}
} elseif ($step == 2) {
//单纯发送验证邮件
if ($email == '') {
$email = $GLOBALS["user_info"]['email'];
}
} elseif ($step == 0) {
$m_count = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where email='" . $email . "' ");
if (!$m_count) {
$data['status'] = 0;
$data['info'] = "您输入的邮件非会员邮件";
ajax_return($data);
}
}
if ($email == '') {
$data['status'] = 0;
$data['info'] = "请输入你的邮件";
ajax_return($data);
}
if (!check_email($email)) {
$data['status'] = 0;
$data['info'] = "请填写正确的邮件";
ajax_return($data);
}
$field_name = addslashes(trim($_REQUEST['email']));
$field_data = $email;
if (!check_ipop_limit(get_client_ip(), "mobile_verify_" . $step, 60, 0)) {
$data['status'] = 0;
$data['info'] = "发送速度太快了";
ajax_return($data);
}
if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "mobile_verify_code where email = '" . $email . "' and client_ip='" . get_client_ip() . "' and create_time>=" . (get_gmtime() - 60) . " ORDER BY id DESC") > 0) {
$data['status'] = 0;
$data['info'] = "发送速度太快了";
ajax_return($data);
}
$n_time = get_gmtime() - 300;
//删除超过5分钟的验证码
$GLOBALS['db']->query("DELETE FROM " . DB_PREFIX . "mobile_verify_code WHERE create_time <=" . $n_time);
//开始生成手机验证
$code = rand(100000, 999999);
$GLOBALS['db']->autoExecute(DB_PREFIX . "mobile_verify_code", array("verify_code" => $code, "email" => $email, "create_time" => get_gmtime(), "client_ip" => get_client_ip()), "INSERT");
send_verify_email($email, $code);
$data['status'] = 1;
$data['info'] = "验证码发送成功";
ajax_return($data);
}
function send_email_verify_code()
{
if (app_conf("MAIL_ON") == 0) {
$data['status'] = 0;
$data['info'] = "邮件未开启";
return $data;
}
$email = strim($_REQUEST['email']);
if ($email == '') {
$data['status'] = 0;
$data['info'] = "请输入你的邮件";
return $data;
}
$m_count = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where email='" . $email . "' ");
if ($m_count > 0) {
$data['status'] = 0;
$data['info'] = "你输入的邮件已存在";
return $data;
}
if (!check_email($email)) {
$data['status'] = 0;
$data['info'] = "请填写正确的邮件";
return $data;
}
if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "mobile_verify_code where email = '" . $email . "' and client_ip='" . get_client_ip() . "' and create_time>=" . (get_gmtime() - 60) . " ORDER BY id DESC") > 0) {
$data['status'] = 0;
$data['info'] = "发送速度太快了";
return $data;
}
$n_time = get_gmtime() - 300;
//删除超过5分钟的验证码
$GLOBALS['db']->query("DELETE FROM " . DB_PREFIX . "mobile_verify_code WHERE create_time <=" . $n_time);
//开始生成手机验证
$code = rand(100000, 999999);
$GLOBALS['db']->autoExecute(DB_PREFIX . "mobile_verify_code", array("verify_code" => $code, "email" => $email, "create_time" => get_gmtime(), "client_ip" => get_client_ip()), "INSERT");
send_verify_email($email, $code);
$data['status'] = 1;
$data['info'] = "验证码发送成功";
return $data;
}
