public function response($request) { $return_res = array('info' => '', 'status' => false); $payment = $GLOBALS['db']->getRow("select id,config from " . DB_PREFIX . "payment where class_name='Alipay'"); $payment['config'] = unserialize($payment['config']); /* 检查数字签名是否正确 */ ksort($request); reset($request); foreach ($request as $key => $val) { if ($key != 'sign' && $key != 'sign_type' && $key != 'code' && $key != 'class_name' && $key != 'act' && $key != 'ctl') { $sign .= "{$key}={$val}&"; } } $sign = substr($sign, 0, -1) . $payment['config']['alipay_key']; if (md5($sign) != $request['sign']) { showErr("签名验证失败"); } $payment_notice_sn = $request['out_trade_no']; $money = $request['total_fee']; $outer_notice_sn = $request['trade_no']; if ($request['trade_status'] == 'TRADE_SUCCESS' || $request['trade_status'] == 'TRADE_FINISHED' || $request['trade_status'] == 'WAIT_SELLER_SEND_GOODS' || $request['trade_status'] == 'WAIT_BUYER_CONFIRM_GOODS') { require_once APP_ROOT_PATH . "system/libs/cart.php"; $rs = payment_paid($payment_notice_sn, $outer_notice_sn); showSuccess($rs['info'], 0, $rs['jump'], 1); } else { showErr("支付失败", 0, url("index"), 1); } }
public function save() { if (trim($_REQUEST['consignee']) == '') { showErr($GLOBALS['lang']['FILL_CORRECT_CONSIGNEE']); } if (trim($_REQUEST['address']) == '') { showErr($GLOBALS['lang']['FILL_CORRECT_ADDRESS']); } if (trim($_REQUEST['zip']) == '') { showErr($GLOBALS['lang']['FILL_CORRECT_ZIP']); } if (trim($_REQUEST['mobile']) == '') { showErr($GLOBALS['lang']['FILL_MOBILE_PHONE']); } if (!check_mobile($_REQUEST['mobile'])) { showErr($GLOBALS['lang']['FILL_CORRECT_MOBILE_PHONE']); } $consignee_data['user_id'] = $GLOBALS['user_info']['id']; $consignee_data['region_lv1'] = intval($_REQUEST['region_lv1']); $consignee_data['region_lv2'] = intval($_REQUEST['region_lv2']); $consignee_data['region_lv3'] = intval($_REQUEST['region_lv3']); $consignee_data['region_lv4'] = intval($_REQUEST['region_lv4']); $consignee_data['address'] = addslashes(trim(htmlspecialchars($_REQUEST['address']))); $consignee_data['mobile'] = addslashes(trim(htmlspecialchars($_REQUEST['mobile']))); $consignee_data['consignee'] = addslashes(trim(htmlspecialchars($_REQUEST['consignee']))); $consignee_data['zip'] = addslashes(trim(htmlspecialchars($_REQUEST['zip']))); $consignee_id = intval($_REQUEST['id']); if ($consignee_id == 0) { $GLOBALS['db']->autoExecute(DB_PREFIX . "user_consignee", $consignee_data); } else { $GLOBALS['db']->autoExecute(DB_PREFIX . "user_consignee", $consignee_data, "UPDATE", "id=" . $consignee_id); } rm_auto_cache("consignee_info", array("consignee_id" => intval($consignee_id))); showSuccess($GLOBALS['lang']['UPDATE_SUCCESS']); }
public function init() { if (!$GLOBALS['user_info']) { if ($_REQUEST['ajax'] == 1) { ajax_return(array("status" => 0, "info" => "请先登录")); } else { es_session::set('before_login', $_SERVER['REQUEST_URI']); app_redirect(url("index", "user#login")); } } $id = intval($_REQUEST['id']); $this->space_user = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . $id . " and is_effect= 1 and is_delete = 0"); $user_id = intval($GLOBALS['user_info']['id']); if (!$this->space_user) { showErr($GLOBALS['lang']['USER_NOT_EXISTS']); } $focus_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_focus where focus_user_id = " . $user_id . " and focused_user_id = " . $this->space_user['id']); if ($focus_data) { $this->space_user['focused'] = 1; } $province_str = $GLOBALS['db']->getOne("select name from " . DB_PREFIX . "region_conf where id = " . $this->space_user['province_id']); $city_str = $GLOBALS['db']->getOne("select name from " . DB_PREFIX . "region_conf where id = " . $this->space_user['city_id']); if ($province_str . $city_str == '') { $user_location = $GLOBALS['lang']['LOCATION_NULL']; } else { $user_location = $province_str . " " . $city_str; } $this->space_user['fav_count'] = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "topic where user_id = " . $this->space_user['id'] . " and fav_id <> 0"); $this->space_user['user_location'] = $user_location; $this->space_user['group_name'] = $GLOBALS['db']->getOne("select name from " . DB_PREFIX . "user_group where id = " . $this->space_user['group_id'] . " "); $GLOBALS['tmpl']->assign("space_user", $this->space_user); $GLOBALS['tmpl']->assign('user_statics', sys_user_status($id, true)); }
public function save_info() { $data = array(); $ajax = intval($_REQUEST['ajax']); $data['user_name'] = strim($_REQUEST['user_name']); if (empty($data['user_name'])) { showErr("请填写您的姓名", $ajax); } $data['tel'] = strim($_REQUEST['tel']); if (empty($data['tel'])) { showErr("请填写您的联系方式", $ajax); } $data['content'] = strim($_REQUEST['content']); if (empty($data['content'])) { showErr("请填写您的留言内容", $ajax); } $data['cate_id'] = intval($_REQUEST['cate_id']); $data['create_time'] = NOW_TIME; $data['user_id'] = intval($_REQUEST['user_id']); $GLOBALS['db']->autoExecute(DB_PREFIX . "message", $data, "INSERT", "", "SILENT"); $message_id = $GLOBALS['db']->insert_id(); if ($message_id > 0) { showSuccess("申请成功!", $ajax, url_wap("index")); } else { showErr("发送失败,请重新申请!", $ajax); } }
public function do_exchange() { global_run(); if (check_save_login() != LOGIN_STATUS_LOGINED) { $result['status'] = 2; ajax_return($result); } $id = intval($_REQUEST['id']); $ecv_type = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "ecv_type where id = " . $id); if (!$ecv_type) { showErr($GLOBALS['lang']['INVALID_VOUCHER'], 1); } else { $exchange_count = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "ecv where ecv_type_id = " . $id . " and user_id = " . intval($GLOBALS['user_info']['id'])); if ($ecv_type['exchange_limit'] > 0 && $exchange_count >= $ecv_type['exchange_limit']) { $msg = sprintf($GLOBALS['lang']['EXCHANGE_VOUCHER_LIMIT'], $ecv_type['exchange_limit']); showErr($msg, 1); } elseif ($ecv_type['exchange_score'] > intval($GLOBALS['db']->getOne("select score from " . DB_PREFIX . "user where id = " . intval($GLOBALS['user_info']['id'])))) { showErr($GLOBALS['lang']['INSUFFCIENT_SCORE'], 1); } else { require_once APP_ROOT_PATH . "system/libs/voucher.php"; $rs = send_voucher($ecv_type['id'], $GLOBALS['user_info']['id'], 1); if ($rs) { require_once APP_ROOT_PATH . "system/model/user.php"; $msg = sprintf($GLOBALS['lang']['EXCHANGE_VOUCHER_USE_SCORE'], $ecv_type['name'], $ecv_type['exchange_score']); modify_account(array('money' => 0, 'score' => "-" . $ecv_type['exchange_score']), $GLOBALS['user_info']['id'], $msg); showSuccess($GLOBALS['lang']['EXCHANGE_SUCCESS'], 1); } else { showSuccess($GLOBALS['lang']['EXCHANGE_FAILED'], 1, url('index', 'uc_voucher')); } } } }
public function index() { $preview = intval($_REQUEST['preview']); $event_id = intval($_REQUEST['id']); if ($preview > 0) { $event = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "event where id = " . $event_id); $adm_session = es_session::get(md5(app_conf("AUTH_KEY"))); $adm_name = $adm_session['adm_name']; $adm_id = intval($adm_session['adm_id']); if ($adm_id == 0) { //验证是否当前的商家(不是后台管理员) $s_account_info = es_session::get("account_info"); if ($s_account_info) { foreach ($s_account_info['location_ids'] as $id) { $location = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "supplier_location where id = " . $id); if ($location) { $locations[] = $location; } } $deal_test = $GLOBALS['db']->getRow("select e.* from " . DB_PREFIX . "event as e left join " . DB_PREFIX . "event_location_link as l on l.event_id = e.id where e.id = " . intval($event['id']) . " and e.publish_wait = 1 and l.location_id in (" . implode(",", $s_account_info['location_ids']) . ")"); if (!$deal_test) { showErr("活动不存在或者没有预览该活动的权限", 0, APP_ROOT . "/admin.php?m=Public&a=login"); } } else { showErr("您不是系统管理员或者商家会员,无法预览", 0, APP_ROOT . "/"); } } } else { $event = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "event where id = " . $event_id . " and is_effect = 1"); } if (!$event) { app_redirect(url("youhui", "fcate")); } $GLOBALS['tmpl']->assign("event", $event); //开始输出当前的site_nav $cate = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "event_cate where id = " . $event['cate_id']); $site_nav[] = array('name' => $GLOBALS['lang']['HOME_PAGE'], 'url' => url("index", "index")); if ($cate) { $curl = url("youhui", "event#index", array("cid" => $cate['id'])); $site_nav[] = array('name' => $cate['name'], 'url' => $curl); } $gurl = url("youhui", "edetail#index", array("id" => $event['id'])); $site_nav[] = array('name' => $event['name'], 'url' => $gurl); $GLOBALS['tmpl']->assign("site_nav", $site_nav); //输出当前的site_nav $seo_title = $event['name']; $GLOBALS['tmpl']->assign("page_title", $seo_title); $seo_keyword = $event['name']; $GLOBALS['tmpl']->assign("page_keyword", $seo_keyword . ","); $seo_description = $event['name']; $GLOBALS['tmpl']->assign("page_description", $seo_description . ","); $submit_result = $GLOBALS['db']->getAll("select user_id from " . DB_PREFIX . "event_submit where event_id = " . $event_id . " limit 18"); $GLOBALS['tmpl']->assign("submit_result", $submit_result); if ($_REQUEST['plat'] == APP_PLAT) { $GLOBALS['tmpl']->display("youhui_app_edetail.html"); } else { $GLOBALS['tmpl']->display("youhui_edetail.html"); } }
public function init() { $id = intval($_REQUEST['id']); $this->space_user = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . $id . " and is_effect= 1 and is_delete = 0"); $user_id = intval($GLOBALS['user_info']['id']); if (!$this->space_user) { showErr($GLOBALS['lang']['USER_NOT_EXISTS']); } $focus_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_focus where focus_user_id = " . $user_id . " and focused_user_id = " . $this->space_user['id']); if ($focus_data) { $this->space_user['focused'] = 1; } $region_list = load_auto_cache("cache_region_conf"); // $province_str = $GLOBALS['db']->getOne("select name from ".DB_PREFIX."region_conf where id = ".$this->space_user['province_id']); $province_str = $region_list[$this->space_user['province_id']]['name']; // $city_str = $GLOBALS['db']->getOne("select name from ".DB_PREFIX."region_conf where id = ".$this->space_user['city_id']); $city_str = $region_list[$this->space_user['city_id']]['name']; if ($province_str . $city_str == '') { $user_location = $GLOBALS['lang']['LOCATION_NULL']; } else { $user_location = $province_str . $city_str; } $this->space_user['fav_count'] = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "topic where user_id = " . $this->space_user['id'] . " and fav_id <> 0"); $this->space_user['user_location'] = $user_location; $GLOBALS['tmpl']->assign("space_user", $this->space_user); //输出粉丝 $fans_list = $GLOBALS['db']->getAll("select focus_user_id as id,focus_user_name as user_name from " . DB_PREFIX . "user_focus where focused_user_id = " . $this->space_user['id'] . " order by rand() limit 5"); $ids = array(0); foreach ($fans_list as $k => $v) { $ids[] = $v['id']; } $focus_data = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "user_focus where focus_user_id = " . $user_id . " and focused_user_id in (" . implode(",", $ids) . ")"); foreach ($fans_list as $k => $v) { foreach ($focus_data as $kk => $vv) { if ($vv['focused_user_id'] == $v['id']) { $fans_list[$k]['focused'] = 1; break; } } } $GLOBALS['tmpl']->assign("rfans_list", $fans_list); //输出我的关注 $focus_list = $GLOBALS['db']->getAll("select focused_user_id as id,focused_user_name as user_name from " . DB_PREFIX . "user_focus where focus_user_id = " . $this->space_user['id'] . " order by rand() limit 5"); $ids = array(0); foreach ($focus_list as $k => $v) { $ids[] = $v['id']; } $focus_data = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "user_focus where focus_user_id = " . $user_id . " and focused_user_id in (" . implode(",", $ids) . ")"); foreach ($focus_list as $k => $v) { foreach ($focus_data as $kk => $vv) { if ($vv['focused_user_id'] == $v['id']) { $focus_list[$k]['focused'] = 1; break; } } } $GLOBALS['tmpl']->assign("rfocus_list", $focus_list); }
public function response($request) { $payment = $GLOBALS['db']->getRow("select id,config from " . DB_PREFIX . "payment where class_name='Paypal'"); $payment['config'] = unserialize($payment['config']); $merchant_id = $payment['config']['paypal_account']; // assign posted variables to local variables $item_name = $request['item_name']; $item_number = $request['item_number']; $payment_status = $request['payment_status']; $payment_amount = floatval($request['mc_gross']); $payment_currency = $request['mc_currency']; $txn_id = $request['txn_id']; $receiver_email = $request['receiver_email']; $payer_email = $request['payer_email']; $data_id = $request['invoice']; //开始初始化参数 $payment_notice_sn = $data_id; $money = $payment_amount; $payment_notice = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "payment_notice where notice_sn = '" . $payment_notice_sn . "'"); $order_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal_order where id = " . $payment_notice['order_id']); if ($payment_status != 'Completed' && $payment_status != 'Pending') { showErr("支付不成功"); } elseif ($receiver_email != $merchant_id) { showErr("商户号不匹配"); } elseif (abs($payment_notice['money'] * $payment['config']['paypal_rate'] - $payment_amount) > 0.008999999999999999) { showErr("金额不匹配"); } elseif ($payment['config']['paypal_currency'] != $payment_currency) { showErr("货币不对"); } else { require_once APP_ROOT_PATH . "system/libs/cart.php"; $rs = payment_paid($payment_notice['id']); if ($rs) { $rs = order_paid($payment_notice['order_id']); if ($rs) { if ($order_info['type'] == 0) { app_redirect(url("shop", "payment#done", array("id" => $payment_notice['order_id']))); } else { app_redirect(url("shop", "payment#incharge_done", array("id" => $payment_notice['order_id']))); } //支付成功 } else { if ($order_info['pay_status'] == 2) { if ($order_info['type'] == 0) { app_redirect(url("shop", "payment#done", array("id" => $payment_notice['order_id']))); } else { app_redirect(url("shop", "payment#incharge_done", array("id" => $payment_notice['order_id']))); } //支付成功 } else { app_redirect(url("shop", "payment#pay", array("id" => $payment_notice['id']))); } } } else { app_redirect(url("shop", "payment#pay", array("id" => $payment_notice['id']))); } } }
public function step2() { check_issupplier(); $user_id = intval($GLOBALS['user_info']['id']); if ($user_id == 0) { app_redirect(url("shop", "user#login")); } $location_id = intval($_REQUEST['location_id']); $location = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "supplier_location where id = " . $location_id . " and is_effect = 1"); if ($location) { $account_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "supplier_account where account_name = '" . $GLOBALS['user_info']['merchant_name'] . "'"); if ($account_info && $location['supplier_id'] != $account_info['supplier_id']) { showErr("这家商户不是您的,您不能认领"); } else { $data['name'] = $location['name']; $data['deal_cate_id'] = $location['deal_cate_id']; $deal_cate_type_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "deal_cate_type_location_link where location_id = " . $location['id']); foreach ($deal_cate_type_list as $type) { $data['deal_cate_type_id'][] = $type['deal_cate_type_id']; } $area_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "supplier_location_area_link where location_id = " . $location['id']); foreach ($area_list as $area) { $data['area_id'][] = $area['area_id']; } $data['address'] = $location['address']; $data['xpoint'] = $location['xpoint']; $data['ypoint'] = $location['ypoint']; $data['tel'] = $location['tel']; $data['open_time'] = $location['open_time']; $data['location_id'] = $location['id']; $data['city_id'] = intval($location['city_id']); } } elseif ($_POST) { $data['name'] = addslashes(htmlspecialchars(trim($_REQUEST['name']))); $data['deal_cate_id'] = intval($_REQUEST['deal_cate_id']); foreach ($_REQUEST['deal_cate_type_id'] as $type) { $data['deal_cate_type_id'][] = intval($type); } foreach ($_REQUEST['area_id'] as $area) { $data['area_id'][] = intval($area); } $data['address'] = addslashes(htmlspecialchars(trim($_REQUEST['address']))); $data['xpoint'] = doubleval($_REQUEST['xpoint']); $data['ypoint'] = doubleval($_REQUEST['ypoint']); $data['tel'] = addslashes(htmlspecialchars(trim($_REQUEST['tel']))); $data['open_time'] = addslashes(htmlspecialchars(trim($_REQUEST['open_time']))); $data['location_id'] = 0; $data['city_id'] = intval($_REQUEST['city_id']); } else { app_redirect(url("biz", "join#step1")); } $GLOBALS['tmpl']->assign("base_data", base64_encode(serialize($data))); $GLOBALS['tmpl']->assign("step", 2); $GLOBALS['tmpl']->assign("page_title", "签协议"); $GLOBALS['tmpl']->display("biz/biz_join_step2.html"); }
public function del() { $id = intval($_REQUEST['id']); $GLOBALS['db']->query("delete from " . DB_PREFIX . "deal_collect where id = " . $id . " and user_id = " . intval($GLOBALS['user_info']['id'])); if ($GLOBALS['db']->affected_rows()) { showSuccess($GLOBALS['lang']['DELETE_SUCCESS']); } else { showErr($GLOBALS['lang']['INVALID_COLLECT']); } }
public function delnotify() { $ajax = intval($_REQUEST['ajax']); if (!$GLOBALS['user_info']) { showErr("", $ajax, url("user#login")); } $id = intval($_REQUEST['id']); $user_id = intval($GLOBALS['user_info']['id']); $GLOBALS['db']->query("delete from " . DB_PREFIX . "user_notify where user_id = " . $user_id . " and id = " . $id); showSuccess("", $ajax, get_gopreview()); }
function autoopen() { if (intval($GLOBALS['user_info']['id']) == 0) { showErr($GLOBALS['lang']['PLEASE_LOGIN_FIRST'], 1); } if (!isset($_REQUEST['is_effect'])) { showErr($GLOBALS['lang']['ERROR_TITLE'], 1); } $is_effect = intval($_REQUEST['is_effect']); $GLOBALS['db']->autoExecute(DB_PREFIX . "user_autobid", array("is_effect" => $is_effect), "UPDATE", "user_id=" . intval($GLOBALS['user_info']['id'])); showSuccess($GLOBALS['lang']['SUCCESS_TITLE'], 1); }
public function dounsubscribe() { $email_code = trim($_REQUEST['code']); $email_code = base64_decode($email_code); $arr = explode("|", $email_code); $GLOBALS['db']->query("delete from " . DB_PREFIX . "mail_list where code = '" . $arr[0] . "' and mail_address = '" . $arr[1] . "'"); $rs = $GLOBALS['db']->affected_rows(); if ($rs) { showSuccess($GLOBALS['lang']['MAIL_UNSUBSCRIBE_SUCCESS'], 0, APP_ROOT . "/"); } else { showErr($GLOBALS['lang']['MAIL_UNSUBSCRIBE_FAILED'], 0, APP_ROOT . "/"); } }
public function dovote() { $ok = false; $ajax = intval($_REQUEST['ajax']); foreach ($_REQUEST['name'] as $vote_ask_id => $names) { foreach ($names as $kk => $name) { if ($name != '') { $ok = true; } } } if (!$ok) { showErr("请选择要调查的内容", $ajax, ''); } $vote_id = intval($_REQUEST['vote_id']); if (check_ipop_limit(get_client_ip(), "vote", 3600, $vote_id)) { foreach ($_REQUEST['name'] as $vote_ask_id => $names) { foreach ($names as $kk => $name) { $name = htmlspecialchars(addslashes(trim($name))); $result = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "vote_result where name = '" . $name . "' and vote_id = " . $vote_id . " and vote_ask_id = " . $vote_ask_id); $is_add = true; if ($result) { $GLOBALS['db']->query("update " . DB_PREFIX . "vote_result set count = count + 1 where name = '" . $name . "' and vote_id = " . $vote_id . " and vote_ask_id = " . $vote_ask_id); if (intval($GLOBALS['db']->affected_rows()) != 0) { $is_add = false; } } if ($is_add) { if ($name != '') { $result = array(); $result['name'] = $name; $result['vote_id'] = $vote_id; $result['vote_ask_id'] = $vote_ask_id; $result['count'] = 1; $GLOBALS['db']->autoExecute(DB_PREFIX . "vote_result", $result); } } } } $vote_list = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "vote_list where vote_id = " . $vote_id); $vote_list = array(); $vote_list['vote_id'] = $vote_id; $vote_list['value'] = serialize($_REQUEST['name']); $GLOBALS['db']->autoExecute(DB_PREFIX . "vote_list", $vote_list); showSuccess("调查提交成功", $ajax, url("vote#index")); } else { showErr("你已经提交过该问卷", $ajax, ''); } }
public function do_add_quota() { $data['user_id'] = $GLOBALS['user_info']['id']; $data['money'] = intval($_REQUEST['money']); $data['memo'] = strim($_REQUEST['memo']); $data['other_memo'] = strim($_REQUEST['other_memo']); $data['create_time'] = TIME_UTC; //申请时间 $GLOBALS['db']->autoExecute(DB_PREFIX . "rebid_submit", $data); if ($GLOBALS['db']->insert_id()) { showSuccess('提交成功,等待管理员审核', 0, url("index", "uc_rebid")); } else { showErr('提交失败', 0, url("index", "uc_rebid")); } }
public function response() { //支付跳转返回页 $class_name = quotes(trim($_REQUEST['class_name'])); $payment_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "payment where class_name = '" . $class_name . "'"); if ($payment_info) { require_once APP_ROOT_PATH . "system/payment/" . $payment_info['class_name'] . "_payment.php"; $payment_class = $payment_info['class_name'] . "_payment"; $payment_object = new $payment_class(); $_REQUEST = quotes($_REQUEST); $payment_code = $payment_object->response($_REQUEST); } else { showErr("支付接口不存在"); } }
public function send() { $ajax = intval($_REQUEST['ajax']); if (!$GLOBALS['user_info']) { showErr("", $ajax, url_wap("user#login")); } $receive_user_id = intval($_REQUEST['id']); $send_user_id = intval($GLOBALS['user_info']['id']); if ($receive_user_id == $send_user_id) { showErr("不能向自己发私信", $ajax); } else { $receive_user_info = $GLOBALS['db']->getRow("select user_name from " . DB_PREFIX . "user where is_effect = 1 and id = " . $receive_user_id); if (!$receive_user_info) { showErr("收信人不存在", $ajax); } //发私信:生成发件与收件 //1.生成发件 $data = array(); $data['create_time'] = NOW_TIME; $data['message'] = strim($_REQUEST['message']); $data['user_id'] = $send_user_id; $data['dest_user_id'] = $receive_user_id; $data['send_user_id'] = $send_user_id; $data['receive_user_id'] = $receive_user_id; $data['user_name'] = $GLOBALS['user_info']['user_name']; $data['dest_user_name'] = $receive_user_info['user_name']; $data['send_user_name'] = $GLOBALS['user_info']['user_name']; $data['receive_user_name'] = $receive_user_info['user_name']; $data['message_type'] = "outbox"; $data['is_read'] = 1; $GLOBALS['db']->autoExecute(DB_PREFIX . "user_message", $data); //2.生成收件 $data = array(); $data['create_time'] = NOW_TIME; $data['message'] = strim($_REQUEST['message']); $data['user_id'] = $receive_user_id; $data['dest_user_id'] = $send_user_id; $data['send_user_id'] = $send_user_id; $data['receive_user_id'] = $receive_user_id; $data['user_name'] = $receive_user_info['user_name']; $data['dest_user_name'] = $GLOBALS['user_info']['user_name']; $data['send_user_name'] = $GLOBALS['user_info']['user_name']; $data['receive_user_name'] = $receive_user_info['user_name']; $data['message_type'] = "inbox"; $GLOBALS['db']->autoExecute(DB_PREFIX . "user_message", $data); showSuccess("发送成功", $ajax); } }
public function index() { if (!$GLOBALS['user_info']) { //$data['html'] = $GLOBALS['tmpl']->display("inc/user_login_box.html","",true); $data['status'] = 2; } else { $id = intval($_REQUEST['id']); $deal_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal where id = " . $id . " and is_delete = 0 and is_effect = 1 and user_id = " . intval($GLOBALS['user_info']['id'])); if (!$deal_info) { showErr("不能更新该项目的动态", 1); } else { $GLOBALS['tmpl']->assign("deal_info", $deal_info); //$data['html'] = $GLOBALS['tmpl']->fetch("inc/add_update.html"); $data['status'] = 1; } } ajax_return($data); }
function oldAppDb($dbhost, $dbuser, $dbpw, $dbName = '', $charset = 'utf8', $newlink = false) { if (!($this->sql_id = mysql_connect($dbhost, $dbuser, $dbpw, $newlink))) { showErr("DataBase", "Can't pConnect MySQL Server({$dbhost})!"); } mysql_query("SET NAMES " . $charset, $this->sql_id); mysql_query("SET character_set_client " . $charset, $this->sql_id); mysql_query("SET character_set_results " . $charset, $this->sql_id); @mysql_query($this->sql_id); if ($dbName) { if (mysql_select_db($dbName, $this->sql_id) === false) { showErr("DataBase", "Can't select MySQL database({$dbName})!"); return false; } else { return true; } } }
public function jdpay() { if (!$GLOBALS['user_info']) { app_redirect(url("user#login")); } $payment_notice_id = intval($_REQUEST['payment_notice_id']); $notice_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "payment_notice where id = " . $payment_notice_id . " and is_paid = 0 and user_id = " . intval($GLOBALS['user_info']['id'])); $payment_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "payment where id = " . intval($notice_info['payment_id'])); if ($payment_info['class_name'] == 'Jdpay') { $class_name = $payment_info['class_name'] . "_payment"; require_once APP_ROOT_PATH . "system/payment/" . $class_name . ".php"; $o = new $class_name(); $pay_data = $o->get_payment_code($payment_notice_id); header("location:" . $pay_data['url']); } else { showErr("支付出错", 0, url("account#view_order", array("id" => $notice_info['order_id']))); } }
public function delete_order() { $id = intval($_REQUEST['id']); $total_score = intval($_REQUEST['total_score']); $count_sql = "SELECT count(*) from " . DB_PREFIX . "goods_order where id=" . $id . " and order_status =0 and user_id=" . $GLOBALS['user_info']['id']; $order_count = $GLOBALS['db']->getOne($count_sql); if (!$order_count) { showErr('订单取消失败', 0, url("index", "uc_goods_order")); } require_once APP_ROOT_PATH . "system/libs/user.php"; modify_account(array('score' => $total_score), $GLOBALS['user_info']['id'], "用户取消订单积分返还", 22); $GLOBALS['db']->query("update " . DB_PREFIX . "goods_order set order_status = 3 where id = " . $id); if ($GLOBALS['db']->affected_rows() == 0) { showErr('订单取消失败', 0, url("index", "uc_goods_order")); } else { showSuccess('订单取消成功', 0, url("index", "uc_goods_order")); } }
public function reply() { $ajax = 1; global_run(); if (!$GLOBALS['user_info']) { $result['status'] = -1000; $result['info'] = "未登录"; ajax_return($result); } if ($_REQUEST['content'] == '') { showErr($GLOBALS['lang']['MESSAGE_CONTENT_EMPTY'], $ajax); } /*验证每天只允许评论5次*/ $day_send_count = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "topic_reply where create_time>" . to_timespan(to_date(NOW_TIME, "Y-m-d"), "Y-m-d") . " and create_time<" . NOW_TIME); if ($day_send_count >= 8) { showErr('今天你已经发很多了哦~', $ajax); } if (!check_ipop_limit(get_client_ip(), "message", intval(app_conf("SUBMIT_DELAY")), 0)) { showErr($GLOBALS['lang']['MESSAGE_SUBMIT_FAST'], $ajax); } $topic_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "topic where id = " . intval($_REQUEST['topic_id'])); if (!$topic_info) { showErr("主题不存在", $ajax); } $reply_data = array(); $reply_data['topic_id'] = intval($_REQUEST['topic_id']); $reply_data['user_id'] = intval($GLOBALS['user_info']['id']); $reply_data['user_name'] = $GLOBALS['user_info']['user_name']; $reply_data['reply_id'] = intval($_REQUEST['reply_id']); $reply_data['create_time'] = NOW_TIME; $reply_data['is_effect'] = 1; $reply_data['is_delete'] = 0; $reply_data['content'] = strim(valid_str(addslashes($_REQUEST['content']))); require_once APP_ROOT_PATH . 'system/model/topic.php'; $reply_id = insert_topic_reply($reply_data); //返回页面的数据 $reply_data['reply_id'] = $reply_id; $reply_data['create_time'] = to_date(NOW_TIME, "Y-m-d H:i"); $reply_data['avatar'] = show_avatar($reply_data['user_id'], "small"); $reply_data['user_url'] = url("index", "uc_home#index", array("id" => $reply_data['user_id'])); $reply_data['status'] = 1; ajax_return($reply_data); }
public function dovote() { $ok = false; foreach ($_REQUEST['name'] as $vote_ask_id => $names) { foreach ($names as $kk => $name) { if ($name != '') { $ok = true; } } } if (!$ok) { showErr($GLOBALS['lang']['YOU_DONT_CHOICE']); } $vote_id = intval($_REQUEST['vote_id']); if (check_ipop_limit(get_client_ip(), "vote", 3600, $vote_id)) { foreach ($_REQUEST['name'] as $vote_ask_id => $names) { foreach ($names as $kk => $name) { $name = htmlspecialchars(addslashes(trim($name))); $result = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "vote_result where name = '" . $name . "' and vote_id = " . $vote_id . " and vote_ask_id = " . $vote_ask_id); $is_add = true; if ($result) { $GLOBALS['db']->query("update " . DB_PREFIX . "vote_result set count = count + 1 where name = '" . $name . "' and vote_id = " . $vote_id . " and vote_ask_id = " . $vote_ask_id); if (intval($GLOBALS['db']->affected_rows()) != 0) { $is_add = false; } } if ($is_add) { if ($name != '') { $result = array(); $result['name'] = $name; $result['vote_id'] = $vote_id; $result['vote_ask_id'] = $vote_ask_id; $result['count'] = 1; $GLOBALS['db']->autoExecute(DB_PREFIX . "vote_result", $result); } } } } showSuccess($GLOBALS['lang']['VOTE_SUCCESS']); } else { showErr($GLOBALS['lang']['YOU_VOTED']); } }
public function response() { //links $g_links = get_link_by_id(14); $GLOBALS['tmpl']->assign("g_links", $g_links); //支付跳转返回页 if ($GLOBALS['pay_req']['class_name']) { $_REQUEST['class_name'] = $GLOBALS['pay_req']['class_name']; } $class_name = quotes(trim($_REQUEST['class_name'])); $payment_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "payment where class_name = '" . $class_name . "'"); if ($payment_info) { require_once APP_ROOT_PATH . "system/payment/" . $payment_info['class_name'] . "_payment.php"; $payment_class = $payment_info['class_name'] . "_payment"; $payment_object = new $payment_class(); $_REQUEST = quotes($_REQUEST); $payment_code = $payment_object->response($_REQUEST); } else { showErr("支付接口不存在"); } }
function reback() { $id = intval($_REQUEST['id']); if ($id == 0) { showErr("借款不存在", 1); } $GLOBALS['db']->query("UPDATE " . DB_PREFIX . "deal SET is_delete=2 WHERE publish_wait=1 and is_effect=1 and is_delete=0 and id=" . $id); if ($GLOBALS['db']->affected_rows() > 0) { showSuccess("借款不存在", 1); } else { showError("撤销失败,请检测借款是否存在,或者是否已经审核通过", 1); } }
$receive_zip = $_POST['WIDreceive_zip']; //如:123456 //收货人电话号码 $receive_phone = $_POST['WIDreceive_phone']; //如:0571-88158090 //收货人手机号码 $receive_mobile = $_POST['WIDreceive_mobile']; //如:13312341234 /************************************************************/ //构造要请求的参数数组,无需改动 $parameter = array("service" => "trade_create_by_buyer", "partner" => trim($alipay_config['partner']), "payment_type" => $payment_type, "notify_url" => $notify_url, "return_url" => $return_url, "seller_email" => $alipay_config['no'], "out_trade_no" => $out_trade_no, "subject" => $subject, "price" => $price, "quantity" => $quantity, "logistics_fee" => $logistics_fee, "logistics_type" => $logistics_type, "logistics_payment" => $logistics_payment, "body" => $body, "show_url" => $show_url, "receive_name" => $receive_name, "receive_address" => $receive_address, "receive_zip" => $receive_zip, "receive_phone" => $receive_phone, "receive_mobile" => $receive_mobile, "_input_charset" => trim(strtolower($alipay_config['input_charset']))); $db = new AppDb($MAC['db']['server'], $MAC['db']['user'], $MAC['db']['pass'], $MAC['db']['name']); $sql = 'select count(*) from {pre}user_pay where p_order=' . $out_trade_no; $num = $db->getOne($sql); if ($num > 0) { showErr('System', "订单号错误无法提交数据"); } else { $db->Add('{pre}user_pay', array('p_uid', 'p_order', 'p_price', 'p_point', 'p_time'), array($_SESSION["userid"], $out_trade_no, $price, $price * $MAC['pay']['app']['exc'], time())); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>支付宝标准双接口接口</title> </head> <?php //建立请求 $alipaySubmit = new AlipaySubmit($alipay_config); $html_text = $alipaySubmit->buildRequestForm($parameter, "get", "确认"); echo $html_text;
/** * 发送手机验证码 */ public function send_sms_code() { $verify_code = strim($_REQUEST['verify_code']); $mobile_phone = strim($_REQUEST['mobile']); if ($mobile_phone == "") { $data['status'] = false; $data['info'] = "请输入手机号"; $data['field'] = "user_mobile"; ajax_return($data); } if (!check_mobile($mobile_phone)) { $data['status'] = false; $data['info'] = "手机号格式不正确"; $data['field'] = "user_mobile"; ajax_return($data); } if (intval($_REQUEST['unique']) == 1) { if (intval($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "supplier_submit where account_mobile = '" . $mobile_phone . "'")) > 0) { $data['status'] = false; $data['info'] = "手机号已被注册"; $data['field'] = "account_mobile"; ajax_return($data); } } $sms_ipcount = load_sms_ipcount(); if ($sms_ipcount > 1) { //需要图形验证码 if (es_session::get("verify") != md5($verify_code)) { $data['status'] = false; $data['info'] = "验证码错误"; $data['field'] = "verify_code"; ajax_return($data); } } if (!check_ipop_limit(CLIENT_IP, "send_sms_code", SMS_TIMESPAN)) { showErr("请勿频繁发送短信", 1); } //删除失效验证码 $sql = "DELETE FROM " . DB_PREFIX . "sms_mobile_verify WHERE add_time <=" . (NOW_TIME - SMS_EXPIRESPAN); $GLOBALS['db']->query($sql); $mobile_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "sms_mobile_verify where mobile_phone = '" . $mobile_phone . "'"); if ($mobile_data) { //重新发送未失效的验证码 $code = $mobile_data['code']; $mobile_data['add_time'] = NOW_TIME; $GLOBALS['db']->query("update " . DB_PREFIX . "sms_mobile_verify set add_time = '" . $mobile_data['add_time'] . "',send_count = send_count + 1 where mobile_phone = '" . $mobile_phone . "'"); } else { $code = rand(100000, 999999); $mobile_data['mobile_phone'] = $mobile_phone; $mobile_data['add_time'] = NOW_TIME; $mobile_data['code'] = $code; $mobile_data['ip'] = CLIENT_IP; $GLOBALS['db']->autoExecute(DB_PREFIX . "sms_mobile_verify", $mobile_data, "INSERT", "", "SILENT"); } send_verify_sms($mobile_phone, $code); es_session::delete("verify"); //删除图形验证码 $data['status'] = true; $data['info'] = "发送成功"; $data['lesstime'] = SMS_TIMESPAN - (NOW_TIME - $mobile_data['add_time']); //剩余时间 $data['sms_ipcount'] = load_sms_ipcount(); ajax_return($data); }
public function index() { $preview = intval($_REQUEST['preview']); $id = intval($_REQUEST['id']); if ($preview > 0) { $goods = get_goods($id, $preview); if ($goods['buy_type'] == 0) { app_redirect(url("shop", "goods", array("id" => $goods['id'], "preview" => $preview))); } $adm_session = es_session::get(md5(app_conf("AUTH_KEY"))); $adm_name = $adm_session['adm_name']; $adm_id = intval($adm_session['adm_id']); if ($adm_id == 0) { //验证是否当前的商家(不是后台管理员) $s_account_info = es_session::get("account_info"); if ($s_account_info) { foreach ($s_account_info['location_ids'] as $id) { $location = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "supplier_location where id = " . $id); if ($location) { $locations[] = $location; } } $deal_test = $GLOBALS['db']->getRow("select d.* from " . DB_PREFIX . "deal as d left join " . DB_PREFIX . "deal_location_link as l on l.deal_id = d.id where d.id = " . intval($goods['id']) . " and d.is_shop = 1 and d.publish_wait = 1 and l.location_id in (" . implode(",", $s_account_info['location_ids']) . ")"); if (!$deal_test) { showErr("产品不存在或者没有预览该产品的权限", 0, APP_ROOT . "/"); } } else { showErr("您不是系统管理员或者商家会员,无法预览", 0, APP_ROOT . "/"); } } } $GLOBALS['tmpl']->caching = true; $cache_id = md5(MODULE_NAME . ACTION_NAME . trim($_REQUEST['id']) . $GLOBALS['deal_city']['id']); if (!$GLOBALS['tmpl']->is_cached('score_info.html', $cache_id)) { //获取当前页的团购商品 $id = intval($_REQUEST['id']); $uname = addslashes(trim($_REQUEST['id'])); if ($id == 0 && $uname == '') { app_redirect(APP_ROOT . "/"); } elseif ($id == 0 && $uname != '') { $id = $GLOBALS['db']->getOne("select id from " . DB_PREFIX . "deal where uname = '" . $uname . "'"); } //获取当前页的团购商品 if ($preview > 0) { $goods = get_goods($id, $preview); } else { $goods = get_goods($id); } //输出商城分类 $cate_tree = get_cate_tree($goods['shop_cate_id']); $GLOBALS['tmpl']->assign("cate_id", $goods['shop_cate_id']); $GLOBALS['tmpl']->assign("cate_tree", $cate_tree); jump_deal($goods, MODULE_NAME); if (!$goods || $goods['buy_type'] != 1) { app_redirect(APP_ROOT . "/"); } $GLOBALS['tmpl']->assign("goods", $goods); //开始输出当前的site_nav $cates = array(); $cate = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "shop_cate where id = " . $goods['shop_cate_id']); do { $cates[] = $cate; $pid = intval($cate['pid']); $cate = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "shop_cate where is_effect =1 and is_delete =0 and id = " . $pid); } while ($pid != 0); $page_title = substr($page_title, 0, -3); krsort($cates); $site_nav[] = array('name' => $GLOBALS['lang']['HOME_PAGE'], 'url' => APP_ROOT . "/"); if ($cates) { foreach ($cates as $cate_row) { if ($cate_row['uname'] != "") { $curl = url("shop", "score#index", array("id" => $cate_row['uname'])); } else { $curl = url("shop", "score#index", array("id" => $cate_row['id'])); } $site_nav[] = array('name' => $cate_row['name'], 'url' => $curl); } } if ($goods['uname'] != "") { $gurl = url("shop", "exchange#index", array("id" => $goods['uname'])); } else { $gurl = url("shop", "exchange#index", array("id" => $goods['id'])); } $site_nav[] = array('name' => $goods['name'], 'url' => $gurl); $GLOBALS['tmpl']->assign("site_nav", $site_nav); //输出当前的site_nav $seo_title = $goods['seo_title'] != '' ? $goods['seo_title'] : $goods['name']; $GLOBALS['tmpl']->assign("page_title", $seo_title); $seo_keyword = $goods['seo_keyword'] != '' ? $goods['seo_keyword'] : $goods['name']; $GLOBALS['tmpl']->assign("page_keyword", $seo_keyword . ","); $seo_description = $goods['seo_description'] != '' ? $goods['seo_description'] : $goods['name']; $GLOBALS['tmpl']->assign("page_description", $seo_description . ","); if (!$GLOBALS['user_info']) { $GLOBALS['tmpl']->assign("message_login_tip", sprintf($GLOBALS['lang']['MESSAGE_LOGIN_TIP'], url("shop", "user#login"), url("shop", "user#register"))); } } $GLOBALS['tmpl']->display("score_info.html", $cache_id); }
public function go_pay() { if (!$GLOBALS['user_info']) { app_redirect(url("user#login")); } $id = intval($_REQUEST['id']); $consignee_id = intval($_REQUEST['consignee_id']); $credit = doubleval($_REQUEST['credit']); $memo = strim($_REQUEST['memo']); $payment_id = intval($_REQUEST['payment']); $deal_item = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal_item where id = " . $id); if (!$deal_item) { app_redirect(url("index")); } elseif ($deal_item['support_count'] >= $deal_item['limit_user'] && $deal_item['limit_user'] != 0) { app_redirect(url("deal#show", array("id" => $deal_item['deal_id']))); } $deal_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal where is_delete = 0 and is_effect = 1 and id = " . $deal_item['deal_id']); if (!$deal_info) { app_redirect(url("index")); } elseif ($deal_info['begin_time'] > NOW_TIME || $deal_info['end_time'] < NOW_TIME && $deal_info['end_time'] != 0) { app_redirect(url("deal#show", array("id" => $deal_item['deal_id']))); } if (intval($consignee_id) == 0 && $deal_item['is_delivery'] == 1) { showErr("请选择配送方式", 0, get_gopreview()); } $order_info['deal_id'] = $deal_info['id']; $order_info['deal_item_id'] = $deal_item['id']; $order_info['user_id'] = intval($GLOBALS['user_info']['id']); $order_info['user_name'] = $GLOBALS['user_info']['user_name']; $order_info['total_price'] = $deal_item['price'] + $deal_item['delivery_fee']; $order_info['delivery_fee'] = $deal_item['delivery_fee']; $order_info['deal_price'] = $deal_item['price']; $order_info['support_memo'] = $memo; $order_info['payment_id'] = $payment_id; $order_info['bank_id'] = strim($_REQUEST['bank_id']); $max_credit = $order_info['total_price'] < $GLOBALS['user_info']['money'] ? $order_info['total_price'] : $GLOBALS['user_info']['money']; $credit = $credit > $max_credit ? $max_credit : $credit; $order_info['credit_pay'] = $credit; $order_info['online_pay'] = 0; $order_info['deal_name'] = $deal_info['name']; $order_info['order_status'] = 0; $order_info['create_time'] = NOW_TIME; if ($consignee_id > 0) { $consignee_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_consignee where id = " . $consignee_id . " and user_id = " . intval($GLOBALS['user_info']['id'])); if (!$consignee_info && $deal_item['is_delivery'] == 1) { showErr("请选择配送方式", 0, get_gopreview()); } $order_info['consignee'] = $consignee_info['consignee']; $order_info['zip'] = $consignee_info['zip']; $order_info['address'] = $consignee_info['address']; $order_info['province'] = $consignee_info['province']; $order_info['city'] = $consignee_info['city']; $order_info['mobile'] = $consignee_info['mobile']; } $order_info['is_success'] = $deal_info['is_success']; $GLOBALS['db']->autoExecute(DB_PREFIX . "deal_order", $order_info); $order_id = $GLOBALS['db']->insert_id(); if ($order_id > 0) { if ($order_info['credit_pay'] > 0) { require_once APP_ROOT_PATH . "system/libs/user.php"; modify_account(array("money" => "-" . $order_info['credit_pay']), intval($GLOBALS['user_info']['id']), "支持" . $deal_info['name'] . "项目支付"); } $result = pay_order($order_id); if ($result['status'] == 0) { $money = $result['money']; $payment_notice['create_time'] = NOW_TIME; $payment_notice['user_id'] = intval($GLOBALS['user_info']['id']); $payment_notice['payment_id'] = $payment_id; $payment_notice['money'] = $money; $payment_notice['bank_id'] = strim($_REQUEST['bank_id']); $payment_notice['order_id'] = $order_id; $payment_notice['memo'] = $memo; $payment_notice['deal_id'] = $deal_info['id']; $payment_notice['deal_item_id'] = $deal_item['id']; $payment_notice['deal_name'] = $deal_info['name']; do { $payment_notice['notice_sn'] = to_date(NOW_TIME, "Ymd") . rand(100, 999); $GLOBALS['db']->autoExecute(DB_PREFIX . "payment_notice", $payment_notice, "INSERT", "", "SILENT"); $notice_id = $GLOBALS['db']->insert_id(); } while ($notice_id == 0); app_redirect(url("cart#jump", array("id" => $notice_id))); } elseif ($result['status'] == 1 || $result['status'] == 2) { app_redirect(url("account#credit")); } else { app_redirect(url("account")); } } else { showErr("下单失败", 0, get_gopreview()); } }
public function create_user() { $s_api_user_info = es_session::get("api_user_info"); $user_data['user_name'] = $s_api_user_info['name']; $user_data['sina_id'] = $s_api_user_info['id']; $user_data['sina_token'] = $s_api_user_info['sina_token']; $result = auto_create($user_data, 0); if ($result['status']) { $user_info = $result['user_data']; } else { showErr("注册失败"); } es_session::delete("api_user_info"); return $user_info; }