public function save() { $this->begin(); $params = $_POST; if (isset($params['enabled']) && $params['enabled'] === '1') { $ips = explode(PHP_EOL, $params['ips']); if (!$params['ips'] || empty($ips)) { $this->end(false, app::get('site')->_('ip列表不能为空')); } app::get('site')->setConf('desktop.whitelist.enabled', true); $current_admin_ip = base_request::get_remote_addr(); if (!in_array($current_admin_ip, $ips)) { $ips[] = $current_admin_ip; } app::get('site')->setConf('desktop.whitelist.ips', $ips); if (in_array($params['error_code'], array('403', '404'))) { app::get('site')->setConf('desktop.whitelist.error_code', $params['error_code']); } else { app::get('site')->setConf('desktip.whitelist.error_code', '403'); } } else { app::get('site')->setConf('desktop.whitelist.enabled', false); } $this->end(true, '设置成功'); }
function __construct($app) { $this->app = $app; if (app::get('site')->getConf('desktop.whitelist.enabled')) { $remote_ip = base_request::get_remote_addr(); $ips = app::get('site')->getConf('desktop.whitelist.ips'); $error_code = app::get('site')->getConf('desktop.whitelist.error_code'); $forbidden = true; foreach ($ips as $ip) { $ip = trim($ip); if (!$ip) { continue; } if (base_request::ip_in_range($remote_ip, $ip)) { $forbidden = false; break; } } if ($forbidden) { switch ($error_code) { case '403': header("HTTP/1.1 403 Forbidden"); break; case '404': header("HTTP/1.1 404 Not Found"); break; default: header("HTTP/1.1 403 Forbidden"); } exit; } } }
/** * 订单标准数据生成. */ public function generate(&$order_sdf, $cart_result = array(), &$msg = '') { $new_order_id = $order_sdf['order_id'] ? $order_sdf['order_id'] : app::get('b2c')->model('orders')->apply_id(); $obj_total = new b2c_order_total(); $total = $obj_total->detail($order_sdf, $cart_result); $sdf = array('order_id' => $new_order_id, 'weight' => $cart_result['weight'], 'quantity' => $cart_result['goods_count'], 'ip' => base_request::get_remote_addr(), 'memberlv_discount' => $cart_result['member_discount_amount'], 'pmt_goods' => $cart_result['goods_promotion_discount_amount'], 'pmt_order' => $cart_result['order_promotion_discount_amount'], 'finally_cart_amount' => $cart_result['finally_cart_amount'], 'score_g' => $total['gain_score'], 'order_total' => $total['order_total'], 'cost_tax' => $total['cost_tax'], 'cost_protect' => $total['cost_protect'], 'cost_payment' => $total['cost_payment'], 'cost_freight' => $total['cost_freight']); $order_sdf = array_merge($order_sdf, $sdf); //发票参数处理 if ($order_sdf['need_invoice'] != 'true') { $order_sdf['need_invoice'] = 'false'; unset($order_sdf['invoice_title']); } else { if (!isset($order_sdf['invoice_addon']) || !is_array($order_sdf['invoice_addon'])) { $order_sdf['invoice_addon'] = array(); } //发票未开出 $order_sdf['invoice_addon'] = array_merge($order_sdf['invoice_addon'], array('invoice_out' => 'false')); } //组织订单明细-[商品] foreach ($cart_result['objects']['goods'] as $key => $object) { if ($object['disabled'] == 'true') { continue; } $product = $object['item']['product']; //has_many order_items $order_sdf['items'][] = array('order_id' => $new_order_id, 'product_id' => $product['product_id'], 'goods_id' => $product['goods_id'], 'bn' => $product['bn'], 'name' => $product['name'], 'spec_info' => $product['spec_info'], 'price' => $product['price'], 'member_lv_price' => $product['member_lv_price'], 'buy_price' => $product['buy_price'], 'amount' => $this->obj_math->number_multiple(array($product['buy_price'], $object['quantity'])), 'nums' => $object['quantity'], 'weight' => $this->obj_math->number_multiple(array($product['weight'], $object['quantity'])), 'image_id' => $product['image_id']); $cart_objects[$object['obj_ident']] = $object; } //组织订单明细-[商品促销规则] foreach ($cart_result['promotions']['goods'] as $key => $pmts) { foreach ($pmts as $value) { $order_sdf['promotions'][] = array('rule_id' => $value['rule_id'], 'order_id' => $new_order_id, 'product_id' => $cart_objects[$key]['item']['product']['product_id'], 'pmt_type' => 'goods', 'pmt_tag' => $value['tag'], 'pmt_description' => $value['desc'], 'pmt_solution' => $value['solution'], 'pmt_save' => $value['save']); } } //组织订单明细-[订单促销规则] foreach ($cart_result['promotions']['order'] as $key => $value) { $order_sdf['promotions'][] = array('rule_id' => $value['rule_id'], 'order_id' => $new_order_id, 'pmt_type' => 'order', 'pmt_tag' => $value['tag'], 'pmt_description' => $value['desc'], 'pmt_solution' => $value['solution'], 'pmt_save' => $value['save']); } //TODO 优惠券数据 // 订单创建前之行的方法 $services = vmc::servicelist('b2c.order.create.before'); if ($services) { foreach ($services as $service) { $flag = $service->exec($order_sdf, $cart_result, $msg); if (!$flag) { return false; } } } return true; }
public function testCreateHasMeta() { $data['member_lv']['member_group_id'] = 1; $data['pam_account']['login_name'] = 'cool' . time(); $data['pam_account']['login_password'] = '******'; $data['pam_account']['login_password'] = md5(trim($data['account']['login_password'])); $data['pam_account']['account_type'] = 'member'; $data['pam_account']['createtime'] = time(); $data['advance']['total'] = 0.0; $data['score']['total'] = 0.0; $data['reg_ip'] = base_request::get_remote_addr(); $data['regtime'] = time(); $data['contact']['email'] = '*****@*****.**'; $data['contact']['qq'] = '5555555'; $this->model->save($data); self::$id = $data['member_id']; }
function start() { $cookie_path = kernel::base_url(); $cookie_path = $cookie_path ? $cookie_path : "/"; if (isset($_GET['sess_id'])) { $this->sess_id = $_GET['sess_id']; if ($_COOKIE[$this->sess_key] != $_GET['sess_id']) { setcookie($this->sess_key, $this->sess_id, null, $cookie_path); } } elseif ($_COOKIE[$this->sess_key]) { $this->sess_id = $_COOKIE[$this->sess_key]; } elseif (!$this->sess_id) { $this->sess_id = md5(microtime() . base_request::get_remote_addr() . mt_rand(0, 9999)); setcookie($this->sess_key, $this->sess_id, null, $cookie_path); } if (base_kvstore::instance('sessions')->fetch($this->sess_id, $_SESSION) === false) { $_SESSION = array(); } $this->__session_started = true; register_shutdown_function(array(&$this, 'close')); return true; }
public function start() { if ($this->_session_started !== true) { $cookie_path = kernel::base_url(); $cookie_path = $cookie_path ? $cookie_path : "/"; if (isset($_GET['sess_id'])) { $this->_sess_id = $_GET['sess_id']; if ($_COOKIE[$this->_sess_key] != $_GET['sess_id']) { header(sprintf('Set-Cookie: %s=%s; path=%s; httpOnly', $this->_sess_key, $this->_sess_id, $cookie_path), true); } } elseif ($_COOKIE[$this->_sess_key]) { $this->_sess_id = $_COOKIE[$this->_sess_key]; } elseif (!$this->_sess_id) { $this->_sess_id = md5(microtime() . base_request::get_remote_addr() . mt_rand(0, 9999)); header(sprintf('Set-Cookie: %s=%s; path=%s; httpOnly', $this->_sess_key, $this->_sess_id, $cookie_path), true); } if (base_kvstore::instance('sessions')->fetch($this->_sess_id, $_SESSION) === false) { $_SESSION = array(); } $this->_session_started = true; register_shutdown_function(array(&$this, 'close')); } return true; }
/** * 登录调用的方法 * @param array $params 认证传递的参数,包含认证类型,跳转地址等 */ function login($params) { kernel::single('site_controller')->RemoveXSS($params['module']); //过滤xss攻击 $auth = pam_auth::instance($params['type']); $auth->set_appid($params['appid']); try { class_exists($params['module']); } catch (Exception $e) { kernel::single('site_router')->http_status('p404'); } if ($params['module']) { if (class_exists($params['module']) && ($passport_module = kernel::single($params['module']))) { if ($passport_module instanceof pam_interface_passport) { $module_uid = $passport_module->login($auth, $auth_data); if ($module_uid) { $auth_data['account_type'] = $params['type']; $auth->account()->update($params['module'], $module_uid, $auth_data); } $log = array('event_time' => time(), 'event_type' => $auth->type, 'event_data' => base_request::get_remote_addr() . ':' . $auth_data['log_data'] . ':' . $_SERVER['HTTP_REFERER']); app::get('pam')->model('log')->insert($log); if (!$module_uid) { $_SESSION['last_error'] = $auth_data['log_data']; } $_SESSION['type'] = $auth->type; $_SESSION['login_time'] = time(); $params['member_id'] = $_SESSION['account'][$params['type']]; $params['uname'] = $_POST['uname']; /*foreach(kernel::servicelist('pam_login_listener') as $service) { $service->listener_login($params); }*/ if ($params['redirect'] && $module_uid) { $service = kernel::service('callback_infomation'); if (is_object($service)) { if (method_exists($service, 'get_callback_infomation') && $module_uid) { $data = $service->get_callback_infomation($module_uid, $params['type']); if (!$data) { $url = ''; } else { $url = '?' . utils::http_build_query($data); } } } } if ($_COOKIE['autologin'] > 0) { kernel::single('base_session')->set_cookie_expires($_COOKIE['autologin']); //如果自动登录,设置cookie过期时间,单位:分 } if ($_SESSION['callback'] && !$module_uid) { $callback_url = $_SESSION['callback']; unset($_SESSION['callback']); header('Location:' . urldecode($callback_url)); exit; } else { header('Location:' . base64_decode(str_replace('%2F', '/', urldecode($params['redirect']))) . $url); exit; } } } else { } } }
function create($data) { $arrDefCurrency = app::get('ectools')->model('currency')->getDefault(); $data['currency'] = $arrDefCurrency['cur_code']; $data['pam_account']['login_password'] = md5(trim($data['pam_account']['login_password'])); $data['pam_account']['account_type'] = pam_account::get_account_type($this->app->app_id); $data['pam_account']['createtime'] = time(); $data['reg_ip'] = base_request::get_remote_addr(); $data['regtime'] = time(); $data['pam_account']['login_name'] = strtolower($data['pam_account']['login_name']); $this->save($data); return $data['member_id']; }
/** * 创建账单 * @params array - 账单数据 * @params string - 支付单生成的记录 * @return boolean - 创建成功与否 */ public function generate(&$sdf, &$msg = '') { if (!$sdf['bill_id']) { try { $sdf['bill_id'] = $this->mdl_bills->apply_id($sdf); } catch (Exception $e) { $msg = $e->getMessage(); return false; } } if ($sdf['pay_object'] == 'order' && empty($sdf['order_id'])) { $msg = '未知订单号'; return false; } if (empty($sdf['money']) || $sdf['money'] < 0) { $msg = '金额错误'; return false; } $sdf['ip'] = base_request::get_remote_addr(); $sdf['pay_mode'] = $sdf['pay_mode'] ? $sdf['pay_mode'] : (in_array($order_sdf['pay_app_id'], array('-1', 'cod', 'offline')) ? 'offline' : 'online'); switch ($sdf['pay_mode']) { case 'online': if ($sdf['bill_type'] == 'payment' && empty($sdf['pay_app_id'])) { $msg = "未知在线付款应用程序"; return false; } break; case 'offline': $sdf['status'] = 'succ'; //case 'deposit': break; default: $msg = "暂不支持" . $sdf['pay_mode']; return false; } if (!$this->mdl_bills->save($sdf)) { $msg = '单据保存失败'; return fasle; } else { switch ($sdf['status']) { case 'succ': case 'progress': $service_key = implode('.', array("ectools.bill", $sdf['bill_type'], $sdf['pay_object'], $sdf['status'])); /* *订单付款成功 ectools.bill.payment.order.succ *订单付款到担保方成功 ectools.bill.payment.order.progress *订单退款成功 ectools.bill.refund.order.succ *订单退款到担保方成功 ectools.bill.refund.order.progress */ logger::debug('支付单据保存成功,支付成功!service_key:' . $service_key); foreach (vmc::servicelist($service_key) as $service) { if (!$service->exec($sdf, $msg)) { logger::error('支付成功回调service出错:' . $msg . '|bill_id:' . $sdf['bill_id']); break; } } break; default: logger::debug('支付单据保存成功!' . var_export($sdf, 1)); break; } } return true; }
/** * 同步跳转处理. * * @see /applications/toauth/lib/api.php * @params array - 所有第三方回调参数,包括POST和GET */ public function callback(&$params) { $code = $params['code']; $forward = $params['state']; //最终转向目标 //获得token $token = $this->get_token($code, $error_msg); if ($error_msg) { die($error_msg); } //获得微信用户open资料 $userinfo = $this->get_userinfo($token['access_token'], $token['openid'], $error_msg); if ($error_msg) { die($error_msg); } $cur_time = time(); /* * 会员SDF */ $member_sdf = array('avatar' => $userinfo['avatar_large'], 'profile' => array('name' => urldecode($userinfo['screen_name']), 'gender' => $userinfo['gender'] == 'm' ? '1' : '0'), 'addon' => serialize($userinfo), 'pam_account' => array('openid' => $userinfo['openid'], 'login_account' => 'wb_' . substr(md5($userinfo['openid']), -5), 'login_type' => $this->login_type, 'login_password' => md5($cur_time), 'password_account' => $userinfo['openid'], 'createtime' => $cur_time), 'regtime' => $cur_time, 'source' => 'api', 'reg_ip' => base_request::get_remote_addr()); //call abstract method $member_id = $this->dologin($member_sdf, $error_msg); if ($member_id) { if (!$forward) { $app = base_mobiledetect::is_mobile() ? 'mobile' : 'site'; $forward = app::get($app)->router(array('app' => $app, 'ctl' => 'index', 'full' => 1)); } header('Location: ' . $forward); } else { die($error_msg); } }
protected function gen_session_id() { return md5(uniqid('', true) . base_request::get_remote_addr() . microtime(true) . mt_rand(0, 9999)); }
/** *组织注册需要的数据. */ public function pre_signup_process($data) { if ($data['pam_account']) { $accountData = $this->pre_account_signup_process($data['pam_account']); } //$data['currency'] = $arrDefCurrency['cur_code']; $seller['reg_ip'] = base_request::get_remote_addr(); $seller['regtime'] = time(); //--防止恶意修改 foreach ($data as $key => $val) { if (strpos($key, 'box:') !== false) { $aTmp = explode('box:', $key); $data[$aTmp[1]] = serialize($val); } } $arr_colunm = array('regtime', 'reg_ip', 'currency', 'contact', 'profile'); if ($accountData['login_type'] == 'mobile') { $data['contact']['phone']['mobile'] = $accountData['login_account']; } if ($accountData['login_type'] == 'email') { $data['contact']['email'] = $accountData['login_account']; } //---end $return = array('pam_account' => $accountData, 'seller_sellers' => $seller); $return = vmc::singleton('seller_site_filter')->check_input($return); return $return; }
public function start() { if ($this->_session_started !== true) { $cookie_path = kernel::base_url(); $cookie_path = $cookie_path ? $cookie_path : "/"; if ($this->_cookie_expires > 0) { $cookie_expires = sprintf("expires=%s;", gmdate('D, d M Y H:i:s T', time() + $this->_cookie_expires * 60)); } else { $cookie_expires = ''; } if (isset($_GET['sess_id'])) { $this->_sess_id = $_GET['sess_id']; if ($_COOKIE[$this->_sess_key] != $_GET['sess_id']) { header(sprintf('Set-Cookie: %s=%s; path=%s; %s httpOnly;', $this->_sess_key, $this->_sess_id, $cookie_path, $cookie_expires), true); } } elseif ($_COOKIE[$this->_sess_key]) { $this->_sess_id = $_COOKIE[$this->_sess_key]; } elseif (!$this->_sess_id) { $this->_sess_id = md5(microtime() . base_request::get_remote_addr() . mt_rand(0, 9999)); header(sprintf('Set-Cookie: %s=%s; path=%s; %s httpOnly;', $this->_sess_key, $this->_sess_id, $cookie_path, $cookie_expires), true); } $_SESSION = $this->_get_session(); $this->_session_started = true; register_shutdown_function(array(&$this, 'close')); } return true; }
/** * 添加联盟商 * @access public * @version 2 Jul 5, 2011 */ public function add() { //联盟商模型 $mdlUser = $this->app->model('users'); //网站模型 $mdlWeb = $this->app->model('userweb'); //添加联盟商 if ($_POST) { //联盟商信息 $user = $_POST['user']; //网站信息 $web = $_POST['web']; //账户信息 $account = $_POST['account']; //账户模型 $mdlAcc = $this->app->model('userpayaccount'); //开启事务 $this->begin(); //校验收款帐户信息 $validFlag = $mdlUser->validate_account($account, $msg); //校验联盟商信息 $validFlag = $mdlUser->validate($user, $msg); //通过校验进行保存 if ($validFlag) { //释放确认密码 unset($user['passwd_confirm']); //用户名转为小写 $user['u_name'] = strtolower(trim($user['u_name'])); //获取注册ip $user['reg_ip'] = base_request::get_remote_addr(); //注册时间 $user['regtime'] = time(); //密码md5加密 $user['passwd'] = md5($user['password']); //添加union_id $user['union_id'] = $mdlUser->genUnionId(); $pam = array('account_type' => 'cpsuser', 'login_name' => $user['u_name'], 'login_password' => $user['passwd'], 'createtime' => $user['regtime']); //pam新增 $pamId = app::get('pam')->model('account')->insert($pam); unset($user['passwd']); $user['u_id'] = $pamId; //获取联盟商审核配置 $chk = $this->app->model('setting')->getValueByKey('userCheck'); //开启审核则为未审核状态 if ($chk == 'true') { $user['state'] = '0'; } //保存联盟商信息 $userId = $mdlUser->insert($user); $web['u_id'] = $userId; //保存网站信息 $webRs = $mdlWeb->save($web); $account['u_id'] = $userId; //保存账户信息 $accRs = $mdlAcc->save($account); //操作结果 if ($pamId && $userId && $webRs && $accRs) { $rs = true; $msg = '添加成功'; $url = 'index.php?app=cps&ctl=admin_users&act=index'; } else { $rs = false; $msg = '添加失败'; $url = 'index.php?app=cps&ctl=admin_users&act=add'; } } else { //未通过校验 $rs = false; $url = 'index.php?app=cps&ctl=admin_users&act=add'; } //结束事务 $this->end($rs, $msg, $url); } else { //银行模型 $mdlBank = $this->app->model('bank'); //获取用户类型 $userTypes = $mdlUser->getUserTypes(); //所有银行 $banks = $mdlBank->getBankList(array('is_use' => 'true')); //设置显示用户类型 $this->pagedata['data'] = $userTypes; //设置显示银行列表 $this->pagedata['banks'] = $banks; //设置显示网站类型 $this->pagedata['webTypes'] = $mdlWeb->getWebType(); //输出添加页面 $this->page('admin/user_add.html', $this->app->app_id); } }
/** * 联盟商注册提交 * @access public * @version 2 Jul 6, 2011 */ public function create() { //联盟商模型 $mdlUser = $this->app->model('users'); //联盟商信息 $user = $_POST['user']; //联盟商网站信息 $web = $_POST['web']; //失败路径 //$backUrl = $this->gen_url(array('app' => 'cps', 'ctl' => 'site_user', 'act' => 'register')); //用户名非法字符检查 if (!preg_match('/^([@\\.]|[^\\x00-\\x2f^\\x3a-\\x40]){2,20}$/i', $user['u_name'])) { $this->splash('failed', $backUrl, $this->app->_('用户名包含非法字符'), '', '', true); } //验证码验证 if (!base_vcode::verify('CPSVCODE', $_POST['verifycode'])) { $this->splash('failed', $backUrl, $this->app->_('验证码填写错误'), '', '', true); } //同意联盟协议 if ($_POST['license'] != 'agree') { $this->splash('failed', $backUrl, $this->app->_('同意联盟协议后才能注册'), '', '', true); } //检验数据 if (!$mdlUser->validate($user, $msg)) { $this->splash('failed', $backUrl, $msg, '', '', true); } unset($user['passwd_confirm']); //md5加密密码 $user['passwd'] = md5($user['password']); //用户名转为小写 $user['u_name'] = strtolower(trim($user['u_name'])); //注册ip $user['reg_ip'] = base_request::get_remote_addr(); //注册时间 $user['regtime'] = time(); //注册邮箱 $user['email'] = htmlspecialchars(trim($user['email'])); //添加union_id $user['union_id'] = $mdlUser->genUnionId(); //开启事务 $this->begin(); $pam = array('account_type' => 'cpsuser', 'login_name' => $user['u_name'], 'login_password' => $user['passwd'], 'createtime' => $user['regtime']); //pam新增 $pamId = app::get('pam')->model('account')->insert($pam); unset($user['passwd']); //联盟商id与pam id关联 $user['u_id'] = $pamId; //获取联盟商审核配置 $chk = $this->app->model('setting')->getValueByKey('userCheck'); //开启审核则为未审核状态 if ($chk == 'true') { $user['state'] = '0'; } //联盟商新增 $uId = $mdlUser->insert($user); $web['u_id'] = $uId; //联盟商网站新增 $webId = $this->app->model('userweb')->insert($web); //结束事务操作 if ($uId && $webId && $pamId) { $_SESSION['account']['cpsuser'] = $uId; $this->bindUser($uId); $this->end(true, $this->app->_('注册成功'), $this->gen_url(array('app' => 'cps', 'ctl' => 'site_welcome', 'act' => 'showUser')), '', true); } else { $this->end(false, $this->app->_('注册失败'), $this->gen_url(array('app' => 'cps', 'ctl' => 'site_user', 'act' => 'register')), '', true); } }
/** * create * 创建会员 * 采用事务处理,function save_attr 返回false 立即回滚 * @access public * @return void */ function create($next_url = null) { $mini = $_GET['mini']; //$back_url = $this->gen_url(array('app'=>'b2c','ctl'=>'site_passport','act'=>'signup')); $back_url = null; if (!preg_match('/^([@\\.]|[^\\x00-\\x2f^\\x3a-\\x40]){2,20}$/i', $_POST['pam_account']['login_name'])) { if ($mini != 1) { $this->splash('failed', $back_url, app::get('b2c')->_('用户名包含非法字符'), '', '', true); } else { echo json_encode(array('status' => 'failed', 'url' => 'back', 'msg' => app::get('b2c')->_('用户名包含非法字符'))); return; } } $next_url = base64_decode($next_url); $member_model =& $this->app->model('members'); $valideCode = app::get('b2c')->getConf('site.register_valide'); if ($valideCode == 'true') { if (!base_vcode::verify('LOGINVCODE', intval($_POST['signupverifycode']))) { if ($mini != 1) { $this->splash('failed', $back_url, app::get('b2c')->_('验证码填写错误'), '', '', true); } else { echo json_encode(array('status' => 'failed', 'url' => 'back', 'msg' => app::get('b2c')->_('验证码填写错误'))); return; } } } if ($_POST['license'] != 'agree') { if ($mini != 1) { $this->splash('failed', $back_url, app::get('b2c')->_('同意注册条款后才能注册'), '', '', true); } else { echo json_encode(array('status' => 'failed', 'url' => 'back', 'msg' => app::get('b2c')->_('同意注册条款后才能注册'))); return; } } if (!$member_model->validate($_POST, $msg)) { if ($mini != 1) { $this->splash('failed', $back_url, $msg, '', '', true); } else { echo json_encode(array('status' => 'failed', 'url' => 'back', 'msg' => $msg)); return; } } $lv_model =& $this->app->model('member_lv'); $_POST['member_lv']['member_group_id'] = $lv_model->get_default_lv(); $arrDefCurrency = app::get('ectools')->model('currency')->getDefault(); $_POST['currency'] = $arrDefCurrency['cur_code']; $_POST['pam_account']['login_name'] = strtolower($_POST['pam_account']['login_name']); $_POST['pam_account']['account_type'] = pam_account::get_account_type($this->app->app_id); $_POST['pam_account']['createtime'] = time(); $use_pass_data['login_name'] = $_POST['pam_account']['login_name']; $use_pass_data['createtime'] = $_POST['pam_account']['createtime']; $_POST['pam_account']['login_password'] = pam_encrypt::get_encrypted_password(trim($_POST['pam_account']['login_password']), pam_account::get_account_type($this->app->app_id), $use_pass_data); $_POST['reg_ip'] = base_request::get_remote_addr(); $_POST['regtime'] = time(); $_POST['contact']['email'] = htmlspecialchars($_POST['contact']['email']); $db = kernel::database(); $db->beginTransaction(); //--防止恶意修改 foreach ($_POST as $key => $val) { if (strpos($key, "box:") !== false) { $aTmp = explode("box:", $key); $_POST[$aTmp[1]] = serialize($val); } } $arr_colunm = array('regtime', 'member_id', 'license', 'reg_ip', 'currency', 'contact', 'profile', 'pam_account', 'forward', 'member_lv'); $attr = $this->app->model('member_attr')->getList('attr_column'); foreach ($attr as $attr_colunm) { $colunm = $attr_colunm['attr_column']; $arr_colunm[] = $colunm; } foreach ($_POST as $post_key => $post_value) { if (!in_array($post_key, $arr_colunm)) { unset($_POST[$post_key]); } } //---end if ($member_model->save($_POST)) { $member_id = $_POST['member_id']; if (!$this->save_attr($member_id, $_POST, $msg)) { $db->rollBack(); if ($mini != 1) { $this->splash('failed', $back_url, $msg, '', '', true); } else { echo json_encode(array('status' => 'failed', 'url' => 'back', 'msg' => $msg)); return; } } $db->commit(); $_SESSION['account'][pam_account::get_account_type($this->app->app_id)] = $member_id; $this->bind_member($member_id); foreach (kernel::servicelist('b2c_save_post_om') as $object) { $object->set_arr($member_id, 'member'); $refer_url = $object->get_arr($member_id, 'member'); } /*注册完成后做某些操作! begin*/ foreach (kernel::servicelist('b2c_register_after') as $object) { $object->registerActive($member_id); } //增加会员同步 2012-5-15 if ($member_rpc_object = kernel::service("b2c_member_rpc_sync")) { $member_rpc_object->createActive($member_id); } /*end*/ $data['member_id'] = $member_id; $data['uname'] = $_POST['pam_account']['login_name']; $data['passwd'] = $_POST['pam_account']['psw_confirm']; $data['email'] = $_POST['contact']['email']; $data['refer_url'] = $refer_url ? $refer_url : ''; $data['is_frontend'] = true; $obj_account =& $this->app->model('member_account'); $obj_account->fireEvent('register', $data, $member_id); if ($next_url) { header("Location: " . $next_url); } else { if ($mini != 1) { $this->splash('success', $this->gen_url(array('app' => 'b2c', 'ctl' => 'site_member', 'act' => 'index')), app::get('b2c')->_('注册成功'), '', '', true); } else { if (isset($_SESSION['signup_next']) && $_SESSION['signup_next']) { $signup_next = $_SESSION['signup_next']; unset($_SESSION['signup_next']); echo json_encode(array('status' => 'succ', 'url' => $signup_next, 'msg' => app::get('b2c')->_('注册成功'))); exit; } else { echo json_encode(array('status' => 'succ', 'url' => $this->gen_url(array('app' => 'b2c', 'ctl' => 'site_member', 'act' => 'index')), 'msg' => app::get('b2c')->_('注册成功'))); exit; } } } } $this->splash('failed', $back_url, app::get('b2c')->_('注册失败'), '', '', true); }
/** * 登录调用的方法. * * @param array $params 认证传递的参数,包含认证类型,跳转地址等 */ public function login($params) { $params['module'] = utils::_filter_input($params['module']); //过滤xss攻击 $auth = pam_auth::instance($params['type']); $auth->set_appid($params['appid']); if (!class_exists($params['module'])) { vmc::singleton('site_router')->http_status(500); } if ($params['module']) { if (class_exists($params['module']) && ($passport_module = vmc::singleton($params['module']))) { if ($passport_module instanceof pam_interface_passport) { $module_uid = $passport_module->login($auth, $auth_data); if ($module_uid) { $auth_data['account_type'] = $params['type']; $auth->account()->update($params['module'], $module_uid, $auth_data); } $log = array('event_time' => time(), 'event_type' => $auth->type, 'event_data' => base_request::get_remote_addr() . ':' . $auth_data['log_data'] . ':' . $_SERVER['HTTP_REFERER']); app::get('pam')->model('log_desktop')->insert($log); if (!$module_uid) { $_SESSION['last_error'] = $auth_data['log_data']; } $_SESSION['type'] = $auth->type; $_SESSION['login_time'] = time(); $params['member_id'] = $_SESSION['account'][$params['type']]; $params['uname'] = $_POST['uname']; foreach (vmc::servicelist('pam_login_listener') as $service) { $service->listener_login($params); } if ($params['redirect'] && $module_uid) { $service = vmc::service('callback_infomation'); if (is_object($service)) { if (method_exists($service, 'get_callback_infomation') && $module_uid) { $data = $service->get_callback_infomation($module_uid, $params['type']); if (!$data) { $url = ''; } else { $url = '?' . utils::http_build_query($data); } } } } if ($_COOKIE['autologin'] > 0) { vmc::singleton('base_session')->set_cookie_expires($_COOKIE['autologin']); //如果自动登录,设置cookie过期时间,单位:分 } if ($_COOKIE['S']['SIGN']['AUTO'] > 0) { $minutes = 10 * 24 * 60; vmc::singleton('base_session')->set_cookie_expires($minutes); } if ($_SESSION['callback'] && !$module_uid) { $callback_url = $_SESSION['callback']; unset($_SESSION['callback']); header('Location:' . urldecode($callback_url)); exit; } else { $url = base64_decode(str_replace('%2F', '/', urldecode($params['redirect']))) . $url; if (!$url) { foreach (vmc::$url_app_map as $key => $value) { $app = current($value); if ($app == 'desktop') { $url = $key; } } } header('Location: ' . $url); exit; } } } else { } } }
/** * 不破坏缓存情况下的商品统计 */ public function counter($args = array()) { $args = array_merge((array) $args, $this->req_params); $mdl_goods = app::get('b2c')->model('goods'); $gid = $args['goods_id']; if (!$gid) { return false; } $db = vmc::database(); $kv = base_kvstore::instance('b2c_counter'); foreach ($args as $key => $value) { $value = intval($value); $update_sql = false; if ($value < 1) { $value = 1; } switch ($key) { case 'view_count': $this->history($gid); //UV型统计 24小时同一IP记录一次 $c_key = 'view_count_uv_' . $gid . '_' . base_request::get_remote_addr(); cacheobject::get($c_key, $time); $kv->fetch('view_w_count_time', $vw_last_update); if (!$time || strtotime('+1 day', $time) < time()) { //获得周标记 if ($vw_last_update > strtotime('-1 week')) { $update_sql = "UPDATE vmc_b2c_goods SET view_count=view_count+{$value},view_w_count=view_w_count+{$value} WHERE goods_id={$gid}"; } else { $update_sql = "UPDATE vmc_b2c_goods SET view_count=view_count+{$value},view_w_count={$value} WHERE goods_id={$gid}"; $kv->store('view_w_count_time', time()); } cacheobject::set($c_key, time(), 86400 + time()); } break; case 'buy_count': //验证 if (md5($gid . 'buy_count' . $value * 1024) != $args['buy_count_sign']) { break; } //获得周标记 $kv->fetch('buy_w_count_time', $bw_last_update); if ($bw_last_update > strtotime('-1 week')) { $update_sql = "UPDATE vmc_b2c_goods SET buy_count=buy_count+{$value},buy_w_count=buy_w_count+{$value} WHERE goods_id={$gid}"; } else { $update_sql = "UPDATE vmc_b2c_goods SET buy_count=buy_count+{$value},buy_w_count={$value} WHERE goods_id={$gid}"; $kv->store('buy_w_count_time', time()); } break; case 'comment_count': if (md5($gid . 'comment_count' . $value * 1024) == $args['comment_count_sign']) { $update_sql = "UPDATE vmc_b2c_goods SET comment_count=comment_count+{$value} WHERE goods_id={$gid}"; } break; } if ($update_sql) { logger::info($update_sql); $db->exec($update_sql, true); } } }
function create_card_member($member_card) { $arrDefCurrency = app::get('ectools')->model('currency')->getDefault(); $use_pass_data['login_name'] = $member_card['card_number']; $use_pass_data['createtime'] = time(); $saveData = array('pam_account' => array('login_type' => 'local', 'login_account' => $member_card['card_number'], 'login_password' => pam_encrypt::get_encrypted_password(trim($member_card['card_password']), 'member', $use_pass_data), 'pay_password' => pam_encrypt::get_encrypted_password(trim($member_card['card_password']), 'member', $use_pass_data), 'password_account' => $member_card['card_number'], 'disabled' => 'false', 'createtime' => $use_pass_data['createtime']), 'b2c_members' => array('member_lv' => array('member_group_id' => $member_card['card_lv_id']), 'currency' => $arrDefCurrency['cur_code'], 'reg_ip' => base_request::get_remote_addr(), 'regtime' => $use_pass_data['createtime'])); $db = kernel::database(); $transaction_status = $db->beginTransaction(); if (!($member_id = $this->save_members($saveData, $msg))) { $db->rollback(); $this->end(true, app::get('b2c')->_('添加失败!请重试')); } else { if ($member_card['card_advance']) { $msg = '会员卡预存款'; $objAdvances = $this->app->model("member_advance"); if (!$objAdvances->add($member_id, $member_card['card_advance'], app::get('b2c')->_('会员卡预存款'), $msg)) { $db->rollback(); $this->end(true, app::get('b2c')->_('添加预存款失败!请重试')); } } if ($member_card['card_point']) { $member_point = $this->app->model('member_point'); if (!$member_point->change_point($member_id, $member_card['card_point'], $msg, 'register_score', 2, $member_id, $member_id, 'exchange')) { $db->rollback(); $this->end(true, app::get('b2c')->_('添加积分失败!请重试')); } } $this->app->model('member_card')->update(array('card_state' => 1, 'active_time' => time()), array('card_id' => $member_card['card_id'])); //增加会员同步 2012-5-15 if ($member_rpc_object = kernel::service("b2c_member_rpc_sync")) { $member_rpc_object->createActive($member_id); } $db->commit($transaction_status); return $member_id; } }
private function check_blacklist() { if (app::get('site')->getConf('site.blacklist.enabled')) { $remote_ip = base_request::get_remote_addr(); $ips = app::get('site')->getConf('site.blacklist.ips'); $error_code = app::get('site')->getConf('site.blacklist.error_code'); $forbidden = false; foreach ($ips as $ip) { if (base_request::ip_in_range($remote_ip, $ip)) { $forbidden = true; break; } } if ($forbidden) { switch ($error_code) { case '403': header('HTTP/1.1 403 Forbidden'); break; case '404': header('HTTP/1.1 404 Not Found'); break; default: header('HTTP/1.1 403 Forbidden'); } exit; } } return; }
/** * 组织注册需要的数据. */ public function pre_signup_process($data) { if ($data['pam_account']) { $accountData = $this->pre_account_signup_process($data['pam_account']); } $lv_model = $this->app->model('member_lv'); $arrDefCurrency = app::get('ectools')->model('currency')->getDefault(); if (!$data['member_lv']['member_group_id']) { $data['member_lv']['member_group_id'] = $lv_model->get_default_lv(); } $data['currency'] = $arrDefCurrency['cur_code']; $data['reg_ip'] = base_request::get_remote_addr(); $data['regtime'] = time(); $data['contact']['phone']['mobile'] = $data['pam_account']['mobile']; //--防止恶意修改 foreach ($data as $key => $val) { if (strpos($key, 'box:') !== false) { $aTmp = explode('box:', $key); $data[$aTmp[1]] = serialize($val); } } $arr_colunm = array('regtime', 'reg_ip', 'currency', 'contact', 'profile', 'member_lv', 'mobile'); $attr = $this->app->model('member_attr')->getList('attr_column'); foreach ($attr as $attr_colunm) { $colunm = $attr_colunm['attr_column']; $arr_colunm[] = $colunm; } foreach ($data as $post_key => $post_value) { if (!in_array($post_key, $arr_colunm)) { unset($data[$post_key]); } } if ($accountData['login_type'] == 'mobile') { $data['contact']['phone']['mobile'] = $accountData['login_account']; } if ($accountData['login_type'] == 'email') { $data['contact']['email'] = $accountData['login_account']; } //---end $return = array('pam_account' => $accountData, 'b2c_members' => $data); $return = vmc::singleton('b2c_site_filter')->check_input($return); return $return; }
function create($data) { $arrDefCurrency = app::get('ectools')->model('currency')->getDefault(); $data['currency'] = $arrDefCurrency['cur_code']; $data['pam_account']['account_type'] = pam_account::get_account_type($this->app->app_id); $data['pam_account']['createtime'] = time(); $data['reg_ip'] = base_request::get_remote_addr(); $data['regtime'] = time(); // 2012/10/04 by F0ur // 允许用户名大小写区分 // $data['pam_account']['login_name'] = strtolower($data['pam_account']['login_name']); $use_pass_data['login_name'] = $data['pam_account']['login_name']; $use_pass_data['createtime'] = $data['pam_account']['createtime']; $data['pam_account']['login_password'] = pam_encrypt::get_encrypted_password(trim($data['pam_account']['login_password']), pam_account::get_account_type($this->app->app_id), $use_pass_data); $this->save($data); return $data['member_id']; }
function create($next_url = null) { $mini = $_GET['mini']; $back_url = $this->gen_url(array('app' => 'b2c', 'ctl' => 'site_passport', 'act' => 'signup')); if (!preg_match('/^([@\\.]|[^\\x00-\\x2f^\\x3a-\\x40]){2,20}$/i', $_POST['pam_account']['login_name'])) { if ($mini != 1) { $this->splash('failed', $back_url, __('用户名包含非法字符')); } else { echo json_encode(array('status' => 'failed', 'url' => 'back', 'msg' => '用户名包含非法字符')); return; } } $next_url = base64_decode($next_url); $member_model =& $this->app->model('members'); $valideCode = app::get('b2c')->getConf('site.register_valide'); if ($valideCode == 'true') { if (!base_vcode::verify('LOGINVCODE', intval($_POST['signupverifycode']))) { if ($mini != 1) { $this->splash('failed', $back_url, __('验证码填写错误')); } else { echo json_encode(array('status' => 'failed', 'url' => 'back', 'msg' => '验证码填写错误')); return; } } } if ($_POST['license'] != 'agree') { if ($mini != 1) { $this->splash('failed', $back_url, __('同意注册条款后才能注册')); } else { echo json_encode(array('status' => 'failed', 'url' => 'back', 'msg' => '同意注册条款后才能注册')); return; } } $unamelen = strlen($_POST['pam_account']['login_name']); if ($unamelen < 3) { if ($mini != 1) { $this->splash('failed', $back_url, __('长度不能小于3')); } else { echo json_encode(array('status' => 'failed', 'url' => 'back', 'msg' => '长度不能小于3')); return; } } if ($member_model->is_exists($_POST['pam_account']['login_name'])) { if ($mini != 1) { $this->splash('failed', $back_url, __('该用户名已经存在')); } else { echo json_encode(array('status' => 'failed', 'url' => 'back', 'msg' => '该用户名已经存在')); return; } } if (!preg_match('/\\S+@\\S+/', $_POST['contact']['email'])) { if ($mini != 1) { $this->splash('failed', $back_url, __('邮件格式不正确')); } else { echo json_encode(array('status' => 'failed', 'url' => 'back', 'msg' => '邮件格式不正确')); return; } } $passwdlen = strlen($_POST['pam_account']['login_password']); if ($passwdlen < 4) { if ($mini != 1) { $this->splash('failed', $back_url, __('密码长度不能小于4')); } else { echo json_encode(array('status' => 'failed', 'url' => 'back', 'msg' => '密码长度不能小于4')); return; } } if ($passwdLen > 20) { if ($mini != 1) { $this->splash('failed', $back_url, __('密码长度不能大于20')); } else { echo json_encode(array('status' => 'failed', 'url' => 'back', 'msg' => '密码长度不能大于20')); return; } } if ($_POST['pam_account']['login_password'] != $_POST['pam_account']['psw_confirm']) { if ($mini != 1) { $this->splash('failed', $back_url, __('输入的密码不一致')); } else { echo json_encode(array('status' => 'failed', 'url' => 'back', 'msg' => '输入的密码不一致')); return; } } $lv_model =& $this->app->model('member_lv'); $_POST['member_lv']['member_group_id'] = $lv_model->get_default_lv(); $arrDefCurrency = app::get('ectools')->model('currency')->getDefault(); $_POST['currency'] = $arrDefCurrency['cur_code']; $_POST['pam_account']['login_password'] = md5(trim($_POST['pam_account']['login_password'])); $_POST['pam_account']['login_name'] = strtolower($_POST['pam_account']['login_name']); $_POST['pam_account']['account_type'] = pam_account::get_account_type($this->app->app_id); $_POST['pam_account']['createtime'] = time(); $_POST['reg_ip'] = base_request::get_remote_addr(); $_POST['regtime'] = time(); $_POST['contact']['email'] = htmlspecialchars($_POST['contact']['email']); if ($member_model->save($_POST)) { $member_id = $_POST['member_id']; $_SESSION['account'][pam_account::get_account_type($this->app->app_id)] = $member_id; $this->bind_member($member_id); foreach (kernel::servicelist('b2c_save_post_om') as $object) { $object->set_arr($member_id, 'member'); $refer_url = $object->get_arr($member_id, 'member'); } if ($next_url) { header("Location: " . $next_url); } else { $data['member_id'] = $member_id; $data['uname'] = $_POST['pam_account']['login_name']; $data['passwd'] = $_POST['pam_account']['psw_confirm']; $data['email'] = $_POST['contact']['email']; $data['refer_url'] = $refer_url ? $refer_url : ''; $data['is_frontend'] = true; $obj_account =& $this->app->model('member_account'); $obj_account->fireEvent('register', $data, $member_id); if ($mini != 1) { $this->splash('success', $this->gen_url(array('app' => 'b2c', 'ctl' => 'site_member', 'act' => 'attr_page')), __('注册成功')); } else { echo json_encode(array('status' => 'plugin_passport', 'url' => $this->gen_url(array('app' => 'b2c', 'ctl' => 'site_member', 'act' => 'attr_page')))); return; } } #$this->splash(null,$this->gen_url(array('app'=>'b2c','ctl'=>'site_member','act'=>'attr_page')),__('注册成功')); } $this->splash('failed', $back_url, __('注册失败')); }
public static function log($message, $log_level = LOG_SYS_INFO) { self::__init(); if (vmc::$console_output) { if ($log_level < LOG_SYS_DEBUG) { echo $message = $message . "\n"; } } if ($log_level <= self::$__log_level) { //日志格式:时间 日志内容 日志级别标示 $ip = base_request::get_remote_addr(); $message = sprintf("%s\t%s\t%s\t%s\n", $ip, date("Y-m-d H:i:s"), self::$__log_levels[$log_level], $message); switch (LOG_TYPE) { case 3: if (defined('LOG_FILENAME')) { $logfilename = str_replace('{date}', date("Ymd"), LOG_FILENAME); $logfilename = str_replace('{hour}', date("H"), $logfilename); $logfilename = str_replace('{level}', self::$__log_levels[$log_level], $logfilename); } else { $logfilename = date("YmdH") . '.php'; } if (defined('LOG_DIR')) { $logfile = LOG_DIR . '/' . $logfilename; } else { $logfile = DATA_DIR . '/logs/' . $logfilename; } if (!file_exists($logfile)) { if (!is_dir(dirname($logfile))) { utils::mkdir_p(dirname($logfile)); } file_put_contents($logfile, defined(LOG_HEAD_TEXT) ? LOG_HEAD_TEXT : '<' . '?php exit()?' . ">\n"); } @error_log($message, 3, $logfile); break; case 2: @error_log($message, 0); case 0: default: @syslog($log_level, $message); } //End Switch } }
/** * 同步跳转处理. * * @see /applications/toauth/lib/api.php * @params array - 所有第三方回调参数,包括POST和GET */ public function callback(&$params) { $code = $params['code']; $forward = $params['state']; //最终转向目标 //获得token $token = $this->get_token($code, $error_msg); if ($error_msg) { die($error_msg); } //获得微信用户open资料 $userinfo = $this->get_userinfo($token['access_token'], $token['openid'], $error_msg); if ($error_msg) { header('Content-type: text/html; charset=utf-8'); die($error_msg); } $cur_time = time(); /* * 会员SDF */ $member_sdf = array('avatar' => $userinfo['headimgurl'], 'contact' => array('name' => $userinfo['nickname'], 'addr' => $userinfo['country'] . $userinfo['city'] . $userinfo['province']), 'profile' => array('gender' => $userinfo['sex'] == '1' ? '1' : '0'), 'addon' => serialize($userinfo), 'pam_account' => array('openid' => $userinfo['openid'], 'login_account' => 'wx_' . substr(md5($userinfo['openid']), -5), 'login_type' => $this->login_type, 'login_password' => md5($cur_time), 'password_account' => $userinfo['openid'], 'createtime' => $cur_time), 'regtime' => $cur_time, 'source' => 'api', 'reg_ip' => base_request::get_remote_addr()); //call abstract method $member_id = $this->dologin($member_sdf, $error_msg); if ($member_id) { if (!$forward) { $app = base_mobiledetect::is_mobile() ? 'mobile' : 'site'; $forward = app::get($app)->router(array('app' => $app, 'ctl' => 'index', 'full' => 1)); } if ($params['qrlp']) { $forward .= '?mid=' . $member_id . '&enc_str=' . $params['qrlp']; } header('Location: ' . $forward); } else { header('Content-type: text/html; charset=utf-8'); die($error_msg); } }