/**
* ajax方法调用,使用方法: Fn::ajax_call($controller, 'method1', 'method2',
* 'method3');
* it will call $controller->method1Func(), $controller->method2Func()...
*/
public static function ajax_call(CI_Controller $obj)
{
$args = func_get_args();
if (count($args) < 2) {
throw new Exception('Error arguments count must not less than 2');
}
array_shift($args);
if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' && isset($_POST['ajax_call']) && $_POST['ajax_call'] === 'true' && isset($_POST['function']) && in_array($_POST['function'], $args)) {
$func = $_POST['function'] . self::$_ajax_func_suffix;
if (method_exists($obj, $func)) {
$ajax_response = call_user_func_array(array($obj, $func), is_array($_POST['arguments']) ? $_POST['arguments'] : array());
if ($ajax_response instanceof AjaxResponse) {
header('Content-Type:application/json;charset=UTF-8');
echo $ajax_response->__toString();
}
exit;
} else {
$ajax_response = new AjaxResponse();
$ajax_response->alert('Not exist ajax method: ' . $_POST['function']);
header('Content-Type:application/json;charset=UTF-8');
echo $ajax_response->__toString();
exit;
}
}
$str = '';
foreach ($args as $v) {
$str .= "function ajax_{$v}(){ fnAjaxCall(location.href, '{$v}', arguments);}\n";
}
$obj->_ajaxScript = $str;
}
// Define constants
define('BASEURL', Yii::app()->baseUrl);
define('ICONPATH', BASEURL . '/images/icons/' . Yii::app()->params->iconPack);
$validPaths = array('site', 'index.php', 'asset');
if (!$app->user->isGuest) {
$app->db->connectionString = 'mysql:host=' . $app->user->host . ';port=' . $app->user->port . ';dbname=information_schema';
$app->db->username = $app->user->name;
$app->db->password = $app->user->password;
$app->db->autoConnect = true;
$app->db->setActive(true);
} elseif (!preg_match('/^(' . implode('|', $validPaths) . ')/i', Yii::app()->urlManager->parseUrl($app->request))) {
if ($app->request->isAjaxRequest) {
$response = new AjaxResponse();
$response->redirectUrl = Yii::app()->createUrl('site/login');
header("Content-type: application/json");
echo $response->__toString();
$app->end();
} else {
$app->catchAllRequest = array('site/login');
}
}
// Language
if ($app->session->itemAt('language')) {
$app->setLanguage($app->session->itemAt('language'));
} elseif ($app->request->getPreferredLanguage() && is_dir('protected/messages/' . $app->request->getPreferredLanguage())) {
$app->setLanguage($app->request->getPreferredLanguage());
} else {
$app->setLanguage('en_us');
}
// Theme
$theme = $app->session->itemAt('theme') ? $app->session->itemAt('theme') : 'standard';
/**
* 供外部支付验证使用 IMPORTANT
* GET参数如下:
* @param string from 来源标识
* @param string data 加密数据字符串,data解密后包含如下字段:
* string ukey 用户标识,必须(准考证号)
* string pass 密码,若有该字段,表示转账
* string auth 密码代替验证,若有该字段,表示转账,是array('ukey' => '', 'amount' => '')的加密值
* int amount 转账金额,不可为0,若有该字段,则表示转账
* 返回的为json格式的array数据:
* string error 若有该参数,则表明有错误信息
* string data 该参数表示返回的加密信息字符串,这里返回的是用户信息,解密后为array类型包含如下字段:
* string ukey 用户标识
* int account 当前余额
*/
public function paytrans()
{
$resp = new AjaxResponse();
while (true) {
$from = $_GET['from'];
$lv_cfg = C('loginverify');
if (!$lv_cfg) {
$resp->alert('非法访问来源0');
break;
}
if (!isset($lv_cfg[$from])) {
$resp->alert('非法访问来源1');
break;
}
$hashcode = $lv_cfg[$from]['hashcode'];
$enc_data = $_GET['data'];
$param0 = Func::decrypt($enc_data, $hashcode);
//header('Content-Type:application/json;charset=UTF-8');
if ($param0 === false) {
$resp->alert('非法访问');
break;
}
if (!isset($param0['ukey'])) {
$resp->alert('非法访问参数');
break;
}
$uinfo = StudentModel::get_student_by_exam_ticket($param0['ukey'], 'uid,exam_ticket,password,account');
if (empty($uinfo)) {
$resp->alert('非法用户');
break;
}
if ((isset($param0['pass']) || isset($param0['auth'])) && isset($param0['amount'])) {
if (!Validate::isInt($param0['amount']) || $param0['amount'] == 0) {
$resp->alert('转账金额不能为0');
break;
}
if (isset($param0['pass']) && my_md5($param0['pass']) == $uinfo['password'] || isset($param0['auth']) && Func::encrypt(array('ukey' => $param0['ukey'], 'amount' => $param0['amount']), $hashcode) == $param0['auth']) {
if (bcadd($uinfo['account'], $param0['amount'], 0) < 0) {
$resp->alert('用户余额不足');
break;
}
// 这里开始交易
$tr_no = TransactionRecordModel::genTransactionRecordTrNo();
$db = Fn::db();
$db->beginTransaction();
$rec = array('tr_no' => $tr_no, 'tr_type' => 4, 'tr_uid' => $uinfo['uid'], 'tr_pid' => NULL, 'tr_money' => bcadd($uinfo['account'], $param0['amount'], 0), 'tr_cash' => NULL, 'tr_trade_amount' => $param0['amount'], 'tr_adminid' => 1, 'tr_flag' => 2, 'tr_createtime' => time());
$rec['tr_finishtime'] = $rec['tr_createtime'];
if ($param0['amount'] > 0) {
$rec['tr_comment'] = "从{$lv_cfg[$from]['name']}转入{$param0['amount']}择明通宝";
} else {
$v = 0 - $param0['amount'];
$rec['tr_comment'] = "转出{$v}择明通宝到{$lv_cfg[$from]['name']}";
}
try {
$db->insert('t_transaction_record', $rec);
$db->update('rd_student', array('account' => $rec['tr_money']), 'uid = ' . $uinfo['uid']);
$db->commit();
} catch (Exception $e) {
$db->rollBack();
$resp->alert('转账失败');
break;
}
$uinfo['account'] = $rec['tr_money'];
$resp->exdata = array('ukey' => $uinfo['exam_ticket'], 'account' => $uinfo['account']);
} else {
$resp->alert('用户验证未通过');
}
break;
}
// 只显示余额
$resp->exdata = array('ukey' => $uinfo['exam_ticket'], 'account' => $uinfo['account']);
break;
}
$json_data = array();
if ($resp->exdata) {
$json_data['data'] = Func::encrypt($resp->exdata, $hashcode);
} else {
$resp_data = json_decode($resp->__toString(), true);
$json_data['error'] = $resp_data[0][1];
}
$json_str = json_encode($json_data);
header('Content-Type:application/json;charset=UTF-8');
echo "{$json_str}";
exit;
}