public function loginout()
{
es_cookie::delete("sp_account_name");
es_cookie::delete("sp_account_password");
es_session::delete("account_info");
app_redirect(url("biz", "index"));
}
static function start()
{
if ($_GET['FANWE_SESSION_ID']) {
self::$sess_id = $_GET['FANWE_SESSION_ID'];
}
es_session_start(self::$sess_id);
}
public function __construct()
{
parent::__construct();
global $mobile_cfg;
if ($mobile_cfg == null) {
$mobile_cfg = (require_once APP_ROOT_PATH . "system/mobile_cfg/" . APP_TYPE . "/webnav_cfg.php");
}
check_install();
//重新处理后台的语言加载机制,后台语言环境配置于后台config.php文件
$langSet = conf('DEFAULT_LANG');
// 定义当前语言
define('LANG_SET', strtolower($langSet));
// 读取项目公共语言包
if (is_file(LANG_PATH . $langSet . '/common.php')) {
L(include LANG_PATH . $langSet . '/common.php');
$this->lang_pack = (require LANG_PATH . $langSet . '/common.php');
if (!file_exists(APP_ROOT_PATH . "public/runtime/admin/lang.js")) {
$str = "var LANG = {";
foreach ($this->lang_pack as $k => $lang) {
$str .= "\"" . $k . "\":\"" . $lang . "\",";
}
$str = substr($str, 0, -1);
$str .= "};";
file_put_contents(APP_ROOT_PATH . "public/runtime/admin/lang.js", $str);
}
}
es_session::close();
}
public function index()
{
require_once APP_ROOT_PATH . "app/Lib/page.php";
$s_account_info = es_session::get("account_info");
$account_id = intval($s_account_info['id']);
$f = addslashes(htmlspecialchars(trim($_REQUEST['f'])));
if ($f == '' || !in_array($f, array("is_buy", "tuan", "event", "youhui", "daijin", "shop"))) {
$condition = " ";
} elseif ($f == 'is_buy') {
$condition = " and is_buy = 1 ";
} else {
$condition = " and from_data = '{$f}' ";
}
$GLOBALS['tmpl']->assign("f", $f);
$page = intval($_REQUEST['p']);
if ($page == 0) {
$page = 1;
}
$limit = ($page - 1) * app_conf("PAGE_SIZE") . "," . app_conf("PAGE_SIZE");
$dp_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "supplier_location_dp where status = 1 {$condition} and supplier_location_id in (" . implode(",", $s_account_info['location_ids']) . ") order by create_time desc limit " . $limit);
$dp_count = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "supplier_location_dp where status = 1 {$condition} and supplier_location_id in (" . implode(",", $s_account_info['location_ids']) . ")");
$page = new Page($dp_count, app_conf("PAGE_SIZE"));
//初始化分页对象
$p = $page->show();
$GLOBALS['tmpl']->assign('pages', $p);
$GLOBALS['tmpl']->assign("dp_list", $dp_list);
$html = decode_topic_without_img($GLOBALS['tmpl']->fetch("biz/biz_dp_list_content.html"));
$GLOBALS['tmpl']->assign("html", $html);
$GLOBALS['tmpl']->assign("page_title", "点评列表");
$GLOBALS['tmpl']->display("biz/biz_dp.html");
}
function Tencent()
{
require_once APP_ROOT_PATH . 'system/api_login/Tencent/Tencent.php';
OAuth::init($GLOBALS['m_config']['tencent_app_key'], $GLOBALS['m_config']['tencent_app_secret']);
$openid = trim($GLOBALS['request']['openid']);
$openkey = trim($GLOBALS['request']['openkey']);
if ($GLOBALS['m_config']['tencent_bind_url'] == "") {
$app_url = get_domain() . APP_ROOT . "/api_callback.php?c=Tencent";
} else {
$app_url = $GLOBALS['m_config']['tencent_bind_url'];
}
$access_token = trim($GLOBALS['request']['access_token']);
es_session::set("t_access_token", $access_token);
es_session::set("t_openid", $openid);
es_session::set("t_openkey", $openkey);
if (es_session::get("t_access_token") || es_session::get("t_openid") && es_session::get("t_openkey")) {
$r = Tencent::api('user/info');
$r = json_decode($r, true);
$name = $r['data']['name'];
if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where tencent_id = '" . $name . "'") == 0) {
$GLOBALS['db']->query("update " . DB_PREFIX . "user set t_access_token ='" . $access_token . "',t_openkey = '" . $openkey . "',t_openid = '" . $openid . "', tencent_id = '" . $name . "' where id =" . intval($GLOBALS['user_info']['id']));
} elseif (intval($GLOBALS['db']->getOne("select id from " . DB_PREFIX . "user where tencent_id = '" . $name . "'")) == intval($GLOBALS['user_info']['id'])) {
$GLOBALS['db']->query("update " . DB_PREFIX . "user set t_access_token ='" . $access_token . "',t_openkey = '" . $openkey . "',t_openid = '" . $openid . "', tencent_id = '" . $name . "' where id =" . intval($GLOBALS['user_info']['id']));
} else {
$root['return'] = 0;
$root['info'] = "该微博帐号已被其他会员绑定";
output($root);
}
}
$root['return'] = 1;
$root['info'] = "绑定成功";
$root['login_type'] = "Tencent";
output($root);
}
public function index()
{
require_once APP_ROOT_PATH . "system/libs/user.php";
$email = strim($GLOBALS['request']['email']);
$pwd = strim($GLOBALS['request']['pwd']);
$result = do_login_user($email, $pwd);
$GLOBALS['user_info'] = $user_data = es_session::get('user_info');
$page = intval($GLOBALS['request']['page']) > 0 ? intval($GLOBALS['request']['page']) : 1;
$page_size = 20;
$limit = ($page - 1) * $page_size . "," . $page_size;
$user_id = intval($GLOBALS['user_info']['id']);
$sql = "select group_key,count(group_key) as total from " . DB_PREFIX . "msg_box \r\n\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1)) \r\n\t\t\t\tgroup by group_key \r\n\t\t\t\torder by system_msg_id desc,max(create_time) desc limit " . $limit;
$sql_count = "select count(distinct(group_key)) from " . DB_PREFIX . "msg_box \r\n\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1))";
$list = $GLOBALS['db']->getAll($sql);
foreach ($list as $k => $v) {
$list[$k] = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "msg_box where group_key = '" . $v['group_key'] . "' and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1)) order by create_time desc limit 1");
$list[$k]['total'] = $v['total'];
if ($list[$k]['system_msg_id'] > 0) {
$sys_msgs[] = array("mid" => $list[$k]['group_key'], "uid" => $list[$k]['to_user_id'], "status" => 1, "title" => $list[$k]['title'], "time" => pass_date($list[$k]['create_time']));
} else {
$msg_list[] = array("content" => $list[$k]['content'], "uid" => $list[$k]['from_user_id'], "user_name" => $list[$k]['from_user_id'] == $user_data['id'] ? "我" : $GLOBALS['db']->getOne("select user_name from " . DB_PREFIX . "user where id = " . intval($list[$k]['from_user_id'])), "user_avatar" => get_abs_img_root(get_muser_avatar($list[$k]['from_user_id'], "big")), "tuid" => $list[$k]['to_user_id'], "tuser_name" => $list[$k]['to_user_id'] == $user_data['id'] ? "我" : $GLOBALS['db']->getOne("select user_name from " . DB_PREFIX . "user where id = " . intval($list[$k]['to_user_id'])), "tuser_avatar" => get_abs_img_root(get_muser_avatar($list[$k]['to_user_id'], "big")), "time" => pass_date($list[$k]['create_time']), "msg_count" => $list[$k]['total'], "mlid" => $list[$k]['group_key']);
}
}
$count = $GLOBALS['db']->getOne($sql_count);
$root['return'] = 1;
$root['sys_msgs'] = $sys_msgs;
$root['msg_list'] = $msg_list;
//分页
$page_info['page'] = $page;
$page_info['page_total'] = ceil($count / $page_size);
$root['page'] = $page_info;
output($root);
}
public function index()
{
require_once APP_ROOT_PATH . "system/libs/user.php";
$root = array();
$share_id = intval($GLOBALS['request']['share_id']);
//没有分享ID直接退出
if ($share_id == 0) {
$root['status'] = -2;
output($root);
}
$content = strim($GLOBALS['request']['content']);
$source = strim($GLOBALS['request']['source']);
$source = str_replace("来自", "", $source);
$email = strim($GLOBALS['request']['email']);
$pwd = strim($GLOBALS['request']['pwd']);
$is_relay = intval($GLOBALS['request']['is_relay']);
$parent_id = intval($GLOBALS['request']['parent_id']);
if ($parent_id > 0) {
$parent_reply = $GLOBALS['db']->getRow("select id,user_id,user_name from " . DB_PREFIX . "topic_reply where id = " . $parent_id);
}
$result = do_login_user($email, $pwd);
$GLOBALS['user_info'] = $user_data = es_session::get('user_info');
$user_data['id'] = intval($user_data['id']);
if (intval($user_data['id']) == 0) {
$root['return'] = 0;
$root['user_login_status'] = 0;
$root['info'] = "请先登录";
output($root);
}
$root['user_login_status'] = 1;
$topic = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "topic where is_effect = 1 and is_delete = 0 and id = " . $share_id);
if (empty($topic)) {
$root['status'] = -3;
output($root);
}
$reply_data = array();
$reply_data['topic_id'] = $share_id;
$reply_data['user_id'] = intval($user_data['id']);
$reply_data['user_name'] = $user_data['user_name'];
$reply_data['reply_id'] = intval($parent_reply['id']);
$reply_data['reply_user_id'] = intval($parent_reply['user_id']);
$reply_data['reply_user_name'] = strim($parent_reply['user_name']);
$reply_data['create_time'] = get_gmtime();
$reply_data['is_effect'] = 1;
$reply_data['is_delete'] = 0;
$reply_data['content'] = valid_str($content);
$GLOBALS['db']->autoExecute(DB_PREFIX . "topic_reply", $reply_data);
$GLOBALS['db']->query("update " . DB_PREFIX . "topic set reply_count = reply_count + 1,last_time = " . get_gmtime() . ",last_user_id=" . $user_data['id'] . " where id = " . $share_id);
increase_user_active($user_data['id'], "转发了一则分享");
if ($is_relay == 1) {
$cnt = $topic['content'] . "@" . $user_data['user_name'] . " 评论:" . valid_str($content);
$id = insert_topic($cnt, $title = "", $type = "", $group = "", $relay_id = $share_id, $fav_id = 0);
if ($id) {
$GLOBALS['db']->query("update " . DB_PREFIX . "topic set source_name = '" . $source . "' where id = " . intval($id));
}
}
$root['return'] = 1;
$root['status'] = 1;
output($root);
}
function save()
{
$url = $_GET['referer'];
es_session::set("gopreview", $url);
if (!$GLOBALS['user_info']) {
app_redirect(url_wap("user#login"));
}
$info_data = array();
$info_data['user_id'] = $GLOBALS['user_info']['id'];
$info_data['name'] = $GLOBALS['user_info']['user_name'];
$info_data['mobile'] = $GLOBALS['user_info']['mobile'];
$info_data['ip'] = get_client_ip();
$info_data['type'] = $_GET['f'];
$info_data['creat_time'] = time();
$tmp_zhuanti_user_info = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "zhuanti_user where (mobile='" . $info_data['mobile'] . "' or user_id=" . $info_data['user_id'] . ") and type=2");
if ($tmp_zhuanti_user_info) {
app_redirect("http://www.51zhishang.com/course/54.html");
}
$GLOBALS['db']->autoExecute(DB_PREFIX . "zhuanti_user", $info_data, "INSERT");
$msgInfo = array();
$msgInfo['title'] = '专题报名';
$msgInfo['content'] = '专题报名';
send_zhuanti_sms($info_data['mobile'], $msgInfo, 3812);
$data['status'] = 1;
$data['info'] = "报名成功!";
app_redirect("http://www.51zhishang.com/course/54.html");
}
public function check_fee()
{
es_session::start();
$last_visit = intval(es_session::get("last_visit_smsbao"));
if (get_gmtime() - $last_visit > 10) {
$sms = new transport();
$params = array("u" => $this->sms['user_name'], "p" => md5($this->sms['password']));
$url = "http://www.smsbao.com/query";
$result = $sms->request($url, $params);
$match = explode(',', $result['body']);
if ($match[0] != '') {
$remain = (int) $match[1];
$str = sprintf('短信宝增值平台 剩余:%d 条', $remain);
} else {
$str = "短信宝增值平台 (<a href='http://www.smsbao.com/reg?r=5001' target='_blank'><font color='red'>还没账号?点击这免费注册</font></a>)";
}
es_session::set("smsbao_info", $str);
es_session::set("last_visit_smsbao", get_gmtime());
return $str;
} else {
$qxt_info = es_session::get("smsbao_info");
if ($smsbao_info) {
return $smsbao_info;
} else {
return "短信宝增值平台 (<a href='http://www.smsbao.com/reg?r=5001' target='_blank'><font color='red'>还没账号?点击这免费注册</font></a>)";
}
}
}
public function init()
{
if (!$GLOBALS['user_info']) {
if ($_REQUEST['ajax'] == 1) {
ajax_return(array("status" => 0, "info" => "请先登录"));
} else {
es_session::set('before_login', $_SERVER['REQUEST_URI']);
app_redirect(url("index", "user#login"));
}
}
$id = intval($_REQUEST['id']);
$this->space_user = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . $id . " and is_effect= 1 and is_delete = 0");
$user_id = intval($GLOBALS['user_info']['id']);
if (!$this->space_user) {
showErr($GLOBALS['lang']['USER_NOT_EXISTS']);
}
$focus_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_focus where focus_user_id = " . $user_id . " and focused_user_id = " . $this->space_user['id']);
if ($focus_data) {
$this->space_user['focused'] = 1;
}
$province_str = $GLOBALS['db']->getOne("select name from " . DB_PREFIX . "region_conf where id = " . $this->space_user['province_id']);
$city_str = $GLOBALS['db']->getOne("select name from " . DB_PREFIX . "region_conf where id = " . $this->space_user['city_id']);
if ($province_str . $city_str == '') {
$user_location = $GLOBALS['lang']['LOCATION_NULL'];
} else {
$user_location = $province_str . " " . $city_str;
}
$this->space_user['fav_count'] = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "topic where user_id = " . $this->space_user['id'] . " and fav_id <> 0");
$this->space_user['user_location'] = $user_location;
$this->space_user['group_name'] = $GLOBALS['db']->getOne("select name from " . DB_PREFIX . "user_group where id = " . $this->space_user['group_id'] . " ");
$GLOBALS['tmpl']->assign("space_user", $this->space_user);
$GLOBALS['tmpl']->assign('user_statics', sys_user_status($id, true));
}
public function index()
{
require_once APP_ROOT_PATH . "system/libs/user.php";
$root = array();
$email = strim($GLOBALS['request']['email']);
$pwd = strim($GLOBALS['request']['pwd']);
$result = do_login_user($email, $pwd);
$GLOBALS['user_info'] = $user_data = es_session::get('user_info');
$user_data['id'] = intval($user_data['id']);
if (intval($user_data['id']) == 0) {
$root['return'] = 0;
$root['info'] = "请先登录";
output($root);
}
$comment_id = intval($GLOBALS['request']['id']);
$comment_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "topic_reply where id = " . $comment_id);
if ($comment_data['user_id'] != intval($user_data['id'])) {
$root['return'] = 0;
$root['info'] = "这条评论是其他会员的";
output($root);
}
$GLOBALS['db']->query("delete from " . DB_PREFIX . "topic_reply where id = " . $comment_id);
$GLOBALS['db']->query("update " . DB_PREFIX . "topic set reply_count = reply_count - 1 where id = " . $comment_data['topic_id']);
$root['return'] = 1;
output($root);
}
public function index()
{
$root = array();
$email = strim($GLOBALS['request']['email']);
//用户名或邮箱
$pwd = strim($GLOBALS['request']['pwd']);
//密码
//检查用户,用户密码
$user = user_check($email, $pwd);
$user_id = intval($user['id']);
if ($user_id > 0) {
$root['user_login_status'] = 1;
$root['page_title'] = "发起项目";
$region_lv2 = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "region_conf where region_level = 2 order by py asc");
//二级地址
$root['region_lv2'] = $region_lv2;
$cate_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "deal_cate order by sort asc");
$root['cate_list'] = $cate_list;
$deal_image = es_session::get("deal_image");
$root['deal_image'] = $deal_image;
} else {
$root['response_code'] = 0;
$root['show_err'] = "未登录";
$root['user_login_status'] = 0;
}
output($root);
}
public function index()
{
require_once APP_ROOT_PATH . "system/libs/user.php";
$root = array();
$email = strim($GLOBALS['request']['email']);
$pwd = strim($GLOBALS['request']['pwd']);
$result = do_login_user($email, $pwd);
$GLOBALS['user_info'] = $user_data = es_session::get('user_info');
$user_data['id'] = intval($user_data['id']);
$page = intval($GLOBALS['request']['page']);
if ($page == 0) {
$page = 1;
}
$home_uid = intval($GLOBALS['request']['uid']);
$home_user_info_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . $home_uid . " and is_effect = 1 and is_delete = 0");
if (!$home_user_info_data) {
$root['info'] = "非法的会员";
output($root);
}
$user_info['uid'] = $user_data['id'];
$user_info['email'] = $user_data['email'];
$user_info['user_name'] = $user_data['user_name'];
$user_info['user_avatar'] = get_abs_img_root(get_muser_avatar($user_data['id'], "big"));
$root['user'] = $user_info;
$home_user_info['uid'] = $home_user_info_data['id'];
$home_user_info['email'] = $home_user_info_data['email'];
$home_user_info['user_name'] = $home_user_info_data['user_name'];
$home_user_info['user_avatar'] = get_abs_img_root(get_muser_avatar($home_user_info_data['id'], "big"));
$home_user_info['fans'] = $home_user_info_data['focused_count'];
$home_user_info['follows'] = $home_user_info_data['focus_count'];
$home_user_info['photos'] = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "topic_image where user_id = " . $home_user_info_data['id']);
$home_user_info['favs'] = $GLOBALS['db']->getOne("select sum(fav_count) from " . DB_PREFIX . "topic where user_id = " . $home_user_info_data['id']);
$root['home_user'] = $home_user_info;
$limit = ($page - 1) * PAGE_SIZE . "," . PAGE_SIZE;
$follow_list = $GLOBALS['db']->getAll("select focused_user_id as id,focused_user_name as user_name from " . DB_PREFIX . "user_focus where focus_user_id = " . $home_user_info_data['id'] . " order by id desc limit " . $limit);
$total = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user_focus where focus_user_id = " . $home_user_info_data['id']);
$follows = array();
foreach ($follow_list as $k => $v) {
$follows[$k]['uid'] = $v['id'];
$follows[$k]['user_name'] = $v['user_name'];
$follows[$k]['fans'] = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user_focus where focused_user_id = " . $v['id']);
$follows[$k]['user_avatar'] = get_abs_img_root(get_muser_avatar($v['id'], "big"));
if ($v['id'] == $user_data['id']) {
$follows[$k]['is_follow'] = -1;
} else {
$focus_uid = intval($v['id']);
$focus_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_focus where focus_user_id = " . $user_info['uid'] . " and focused_user_id = " . $focus_uid);
if ($focus_data) {
$follows[$k]['is_follow'] = 1;
} else {
$follows[$k]['is_follow'] = 0;
}
}
}
$root['page'] = array("page" => $page, "page_total" => ceil($total / PAGE_SIZE));
$root['item'] = $follows;
$root['return'] = 1;
$root['status'] = 1;
output($root);
}
function user_check($username_email, $pwd)
{
//$username_email = addslashes($username_email);
//$pwd = addslashes($pwd);
if ($username_email && $pwd) {
//$sql = "select *,id as uid from ".DB_PREFIX."user where (user_name='".$username_email."' or email = '".$username_email."') and is_delete = 0";
$sql = "select *,id as uid from " . DB_PREFIX . "user where (user_name='" . $username_email . "' or email = '" . $username_email . "' or mobile = '" . $username_email . "') ";
$user_info = $GLOBALS['db']->getRow($sql);
$is_use_pass = false;
if (strlen($pwd) != 32) {
if ($user_info['user_pwd'] == md5($pwd . $user_info['code']) || $user_info['user_pwd'] == md5($pwd)) {
$is_use_pass = true;
}
} else {
if ($user_info['user_pwd'] == $pwd) {
$is_use_pass = true;
}
}
if ($is_use_pass) {
es_session::set("user_info", $user_info);
$GLOBALS['user_info'] = $user_info;
return $user_info;
} else {
return null;
}
} else {
return null;
}
}
public function index()
{
$preview = intval($_REQUEST['preview']);
$event_id = intval($_REQUEST['id']);
if ($preview > 0) {
$event = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "event where id = " . $event_id);
$adm_session = es_session::get(md5(app_conf("AUTH_KEY")));
$adm_name = $adm_session['adm_name'];
$adm_id = intval($adm_session['adm_id']);
if ($adm_id == 0) {
//验证是否当前的商家(不是后台管理员)
$s_account_info = es_session::get("account_info");
if ($s_account_info) {
foreach ($s_account_info['location_ids'] as $id) {
$location = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "supplier_location where id = " . $id);
if ($location) {
$locations[] = $location;
}
}
$deal_test = $GLOBALS['db']->getRow("select e.* from " . DB_PREFIX . "event as e left join " . DB_PREFIX . "event_location_link as l on l.event_id = e.id where e.id = " . intval($event['id']) . " and e.publish_wait = 1 and l.location_id in (" . implode(",", $s_account_info['location_ids']) . ")");
if (!$deal_test) {
showErr("活动不存在或者没有预览该活动的权限", 0, APP_ROOT . "/admin.php?m=Public&a=login");
}
} else {
showErr("您不是系统管理员或者商家会员,无法预览", 0, APP_ROOT . "/");
}
}
} else {
$event = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "event where id = " . $event_id . " and is_effect = 1");
}
if (!$event) {
app_redirect(url("youhui", "fcate"));
}
$GLOBALS['tmpl']->assign("event", $event);
//开始输出当前的site_nav
$cate = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "event_cate where id = " . $event['cate_id']);
$site_nav[] = array('name' => $GLOBALS['lang']['HOME_PAGE'], 'url' => url("index", "index"));
if ($cate) {
$curl = url("youhui", "event#index", array("cid" => $cate['id']));
$site_nav[] = array('name' => $cate['name'], 'url' => $curl);
}
$gurl = url("youhui", "edetail#index", array("id" => $event['id']));
$site_nav[] = array('name' => $event['name'], 'url' => $gurl);
$GLOBALS['tmpl']->assign("site_nav", $site_nav);
//输出当前的site_nav
$seo_title = $event['name'];
$GLOBALS['tmpl']->assign("page_title", $seo_title);
$seo_keyword = $event['name'];
$GLOBALS['tmpl']->assign("page_keyword", $seo_keyword . ",");
$seo_description = $event['name'];
$GLOBALS['tmpl']->assign("page_description", $seo_description . ",");
$submit_result = $GLOBALS['db']->getAll("select user_id from " . DB_PREFIX . "event_submit where event_id = " . $event_id . " limit 18");
$GLOBALS['tmpl']->assign("submit_result", $submit_result);
if ($_REQUEST['plat'] == APP_PLAT) {
$GLOBALS['tmpl']->display("youhui_app_edetail.html");
} else {
$GLOBALS['tmpl']->display("youhui_edetail.html");
}
}
public function index()
{
require_once APP_ROOT_PATH . "system/libs/user.php";
$root = array();
$event_id = intval($GLOBALS['request']['event_id']);
//没有分享ID直接退出
if ($event_id == 0) {
$root['status'] = 0;
$root['info'] = "不存在的活动ID";
output($root);
}
$content = strim($GLOBALS['request']['content']);
$source = strim($GLOBALS['request']['source']);
$source = str_replace("来自", "", $source);
$email = strim($GLOBALS['request']['email']);
$pwd = strim($GLOBALS['request']['pwd']);
$result = do_login_user($email, $pwd);
$GLOBALS['user_info'] = $user_data = es_session::get('user_info');
$user_data['id'] = intval($user_data['id']);
if (intval($user_data['id']) == 0) {
$root['status'] = 0;
$root['user_login_status'] = 0;
$root['info'] = "请先登录";
output($root);
}
$root['user_login_status'] = 1;
$event_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "event where is_effect = 1 and id = " . $event_id);
if (empty($event_info)) {
$root['status'] = 0;
$root['info'] = "不存在的活动ID";
output($root);
}
$reply_data = array();
$reply_data['rel_table'] = "event";
$reply_data['rel_id'] = intval($event_id);
$reply_data['content'] = valid_str($content);
if (app_conf("USER_MESSAGE_AUTO_EFFECT") == 0) {
$message_effect = 0;
} else {
$message_effect = 1;
//$message_type['is_effect'];
}
$reply_data['is_effect'] = $message_effect;
$reply_data['create_time'] = get_gmtime();
$reply_data['user_id'] = intval($user_data['id']);
$GLOBALS['db']->autoExecute(DB_PREFIX . "message", $reply_data);
increase_user_active($user_data['id'], "点评了一个活动");
$title = "对" . $event_info['name'] . "发表了点评";
$url_route = array('rel_app_index' => 'youhui', 'rel_route' => 'edetail', 'rel_param' => 'id=' . $event_info['id']);
$tid = insert_topic($reply_data['content'], $title, "eventcomment", $group = "", $relay_id = 0, $fav_id = 0, $group_data = "", $attach_list = array(), $url_route);
if ($tid) {
$GLOBALS['db']->query("update " . DB_PREFIX . "topic set source_name = '" . $source . "' where id = " . intval($tid));
}
$GLOBALS['db']->query("update " . DB_PREFIX . "event set reply_count = reply_count+1 where id =" . $event_id);
$root['status'] = 1;
$root['info'] = "感谢您的点评";
output($root);
}
public function do_reply_dp()
{
$s_account_info = es_session::get("account_info");
$account_id = intval($s_account_info['id']);
$dp_id = intval($_REQUEST['dp_id']);
$reply_content = strim($_REQUEST['reply_content']);
require_once APP_ROOT_PATH . 'system/model/review.php';
ajax_return(biz_do_reply_dp($account_id, $dp_id, $reply_content));
}
/**
* @brief 检查openid是否合法
*
* @param $openid 与用户QQ号码一一对应
* @param $timestamp 时间戳
* @param $sig 签名值
*
* @return true or false
*/
function is_valid_openid($openid, $timestamp, $sig)
{
$key = es_session::get("appkey");
$str = $openid . $timestamp;
$signature = get_signature($str, $key);
//echo "sig:$sig\n";
//echo "str:$str\n";
return $sig == $signature;
}
public function index()
{
require_once APP_ROOT_PATH . "system/libs/user.php";
$email = strim($GLOBALS['request']['email']);
$pwd = strim($GLOBALS['request']['pwd']);
$result = do_login_user($email, $pwd);
$GLOBALS['user_info'] = $user_data = es_session::get('user_info');
$page = intval($GLOBALS['request']['page']) > 0 ? intval($GLOBALS['request']['page']) : 1;
$page_size = 20;
$limit = ($page - 1) * $page_size . "," . $page_size;
$user_id = intval($GLOBALS['user_info']['id']);
$group_key = addslashes(trim($GLOBALS['request']['mid']));
$sql = "select count(*) as count,max(system_msg_id) as system_msg_id,max(id) as id from " . DB_PREFIX . "msg_box \r\n\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1)) \r\n\t\t\t\tand group_key = '" . $group_key . "'";
$row = $GLOBALS['db']->getRow($sql);
if ($row['count'] == 0) {
$root['return'] = 0;
} elseif ($row['system_msg_id'] > 0) {
//系统消息,仅查看
$data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "msg_box where id = " . $row['id'] . " and is_delete = 0");
$GLOBALS['db']->query("update " . DB_PREFIX . "msg_box set is_read = 1 where id = " . $row['id']);
$root['return'] = 1;
$root['msg'] = array('mid' => $group_key, 'title' => $data['title'], 'message' => $data['content'], 'time' => pass_date($data['create_time']));
} else {
$root['return'] = 1;
$root['lid'] = $group_key;
//消息记录
$sql = "select * from " . DB_PREFIX . "msg_box \r\n\t\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1)) \r\n\t\t\t\t\tand group_key = '" . $group_key . "' \r\n\t\t\t\t\torder by create_time desc limit " . $limit;
$sql_count = "select count(*) from " . DB_PREFIX . "msg_box \r\n\t\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1)) and group_key = '" . $group_key . "'";
$upd_sql = "update " . DB_PREFIX . "msg_box set is_read = 1 \r\n\t\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1)) \r\n\t\t\t\t\tand group_key = '" . $group_key . "' ";
$GLOBALS['db']->query($upd_sql);
$list = $GLOBALS['db']->getAll($sql);
foreach ($list as $k => $v) {
if ($v['to_user_id'] != $user_id) {
$dest_user_id = $v['to_user_id'];
break;
}
if ($v['from_user_id'] != $user_id) {
$dest_user_id = $v['from_user_id'];
break;
}
}
$dest_user_name = $GLOBALS['db']->getOne("select user_name from " . DB_PREFIX . "user where id = " . $dest_user_id);
$root['title'] = "与" . $dest_user_name . "的交流";
$root['t_name'] = $dest_user_name;
$count = $GLOBALS['db']->getOne($sql_count);
$page_info['page'] = $page;
$page_info['page_total'] = ceil($count / $page_size);
$root['page'] = $page_info;
$msg_list = array();
foreach ($list as $k => $v) {
$msg_list[] = array("miid" => $v['id'], "mlid" => $v['group_key'], "uid" => $v['from_user_id'], "message" => $v['content'], "time" => pass_date($v['create_time']), "tuid" => $v['to_user_id'], "tuser_name" => $v['to_user_id'] == $user_id ? "我" : $dest_user_name, "tuser_avatar" => get_abs_img_root(get_muser_avatar($v['to_user_id'], "big")), "content" => $v['content'], "user_name" => $v['from_user_id'] == $user_id ? "我" : $dest_user_name, "user_avatar" => get_abs_img_root(get_muser_avatar($v['from_user_id'], "big")));
}
$root['msg_list'] = $msg_list;
}
output($root);
}
/**
* 登出,返回 array('status'=>'',data=>'',msg=>'') msg存放整合接口返回的字符串
*/
function loginout_biz()
{
$account_info = es_session::get("account_info");
if (!$account_info) {
return false;
} else {
es_session::delete("account_info");
es_session::delete("biz_account_auth");
}
}
protected function check_auth()
{
$s_account_info = es_session::get("account_info");
if (intval($s_account_info['id']) == 0) {
app_redirect(url("biz", "login"));
} else {
$account_data = $GLOBALS['db']->getRow("select s.name as name,a.allow_charge as allow_charge, a.account_name as account_name,a.login_ip as login_ip ,a.login_time as login_time ,a.update_time as create_time, a.supplier_id as supplier_id from " . DB_PREFIX . "supplier_account as a left join " . DB_PREFIX . "supplier as s on a.supplier_id = s.id where a.id = " . intval($s_account_info['id']));
if (!$account_data) {
app_redirect(url("biz", "login"));
}
$GLOBALS['tmpl']->assign("account_data", $account_data);
}
}
/**
* 验证检限
* 已登录时验证用户权限, Index模块下的所有函数无需权限验证
* 未登录时跳转登录
*/
private function check_auth()
{
if (intval(app_conf("EXPIRED_TIME")) > 0 && es_session::is_expired()) {
es_session::delete(md5(conf("AUTH_KEY")));
es_session::delete("expire");
}
//管理员的SESSION
$adm_session = es_session::get(md5(conf("AUTH_KEY")));
$adm_name = $adm_session['adm_name'];
$adm_id = intval($adm_session['adm_id']);
$ajax = intval($_REQUEST['ajax']);
$biz_account = es_session::get("account_info");
$is_auth = 0;
if (intval($biz_account['id']) > 0) {
if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') {
$is_auth = 1;
}
}
if ($adm_id == 0 && $is_auth == 0) {
if ($ajax == 0) {
$this->redirect("Public/login");
} else {
$this->error(L("NO_LOGIN"), $ajax);
}
}
//开始验证权限,当管理员名称不为默认管理员时
//开始验证模块是否需要授权
$sql = "select count(*) as c from " . conf("DB_PREFIX") . "role_node as role_node left join " . conf("DB_PREFIX") . "role_module as role_module on role_module.id = role_node.module_id " . " where role_node.action ='" . ACTION_NAME . "' and role_module.module = '" . MODULE_NAME . "' " . " and role_node.is_effect = 1 and role_node.is_delete = 0 and role_module.is_effect = 1 and role_module.is_delete = 0 ";
$count = M()->query($sql);
$count = $count[0]['c'];
if ($adm_name != conf("DEFAULT_ADMIN") && MODULE_NAME != 'Index' && MODULE_NAME != 'Lang' && $count > 0 && $is_auth == 0) {
//除IndexAction外需验证的权限列表
$sql = "select count(*) as c from " . conf("DB_PREFIX") . "role_node as role_node left join " . conf("DB_PREFIX") . "role_access as role_access on role_node.id=role_access.node_id left join " . conf("DB_PREFIX") . "role as role on role_access.role_id = role.id left join " . conf("DB_PREFIX") . "role_module as role_module on role_module.id = role_node.module_id left join " . conf("DB_PREFIX") . "admin as admin on admin.role_id = role.id " . " where admin.id = " . $adm_id . " and role_node.action ='" . ACTION_NAME . "' and role_module.module = '" . MODULE_NAME . "' " . " and role_node.is_effect = 1 and role_node.is_delete = 0 and role_module.is_effect = 1 and role_module.is_delete = 0 and role.is_effect = 1 and role.is_delete = 0";
$count = M()->query($sql);
$count = $count[0]['c'];
if ($count == 0) {
//节点授权不足,开始判断是否有模块授权
$module_sql = "select count(*) as c from " . conf("DB_PREFIX") . "role_access as role_access left join " . conf("DB_PREFIX") . "role as role on role_access.role_id = role.id left join " . conf("DB_PREFIX") . "role_module as role_module on role_module.id = role_access.module_id left join " . conf("DB_PREFIX") . "admin as admin on admin.role_id = role.id " . " where admin.id = " . $adm_id . " and role_module.module = '" . MODULE_NAME . "' " . " and role_access.node_id = 0" . " and role_module.is_effect = 1 and role_module.is_delete = 0 and role.is_effect = 1 and role.is_delete = 0";
$module_count = M()->query($module_sql);
$module_count = $module_count[0]['c'];
if ($module_count == 0) {
if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') {
echo "<script>alert('" . L("NO_AUTH") . "');</script>";
exit;
} else {
$this->error(L("NO_AUTH"), $ajax);
}
}
}
}
}
public function add()
{
//查询部门列表
$adm_sql = " SELECT * FROM " . DB_PREFIX . "admin WHERE is_delete= 0 and is_effect=1 and is_department = 1";
$adm_list = $GLOBALS['db']->getAll($adm_sql);
$this->assign('departs', $adm_list);
$adm_session = es_session::get(md5(conf("AUTH_KEY")));
$adm_name = $adm_session['adm_name'];
$adm_id = intval($adm_session['adm_id']);
$this->assign('adm_id', $adm_id);
$list = M("Role")->findAll();
$this->assign('list', $list);
$this->display();
}
function save_log($msg, $status)
{
if (conf("ADMIN_LOG") == 1) {
$adm_session = es_session::get(md5(conf("AUTH_KEY")));
$log_data['log_info'] = $msg;
$log_data['log_time'] = NOW_TIME;
$log_data['log_admin'] = intval($adm_session['adm_id']);
$log_data['log_ip'] = CLIENT_IP;
$log_data['log_status'] = $status;
$log_data['module'] = MODULE_NAME;
$log_data['action'] = ACTION_NAME;
M("Log")->add($log_data);
}
}
function insert_load_user_tip()
{
//输出未读的消息数
if ($GLOBALS['user_info']) {
$GLOBALS['tmpl']->assign("user_info", $GLOBALS['user_info']);
//输出签到结果
$signin_result = es_session::get("signin_result");
if ($signin_result['status']) {
$GLOBALS['tmpl']->assign("signin_result", json_encode($signin_result));
es_session::delete("signin_result");
}
}
return $GLOBALS['tmpl']->fetch("inc/insert/load_user_tip.html");
}
public function __construct()
{
if (ACTION_NAME != "reponse" && ACTION_NAME != "notify") {
$adm_session = es_session::get(md5(app_conf("AUTH_KEY")));
$adm_id = intval($adm_session['adm_id']);
$user_info = es_session::get("user_info");
$user_id = intval($user_info['id']);
if ($adm_id == 0 && $user_id == 0) {
showErr("请先登录");
}
}
if (intval(app_conf("OPEN_IPS")) == 0) {
showErr('未开启资金托管功能', 0);
}
}
public function clear_image()
{
set_time_limit(0);
es_session::close();
$path = APP_ROOT_PATH . "public/attachment/";
$this->clear_image_file($path);
$path = APP_ROOT_PATH . "public/images/";
$this->clear_image_file($path);
$qrcode_path = APP_ROOT_PATH . "public/images/qrcode/";
$this->clear_qrcode($qrcode_path);
clear_dir_file(get_real_path() . "public/runtime/app/tpl_caches/");
clear_dir_file(get_real_path() . "public/runtime/app/tpl_compiled/");
header("Content-Type:text/html; charset=utf-8");
exit("<div style='line-height:50px; text-align:center; color:#f30;'>" . L('CLEAR_SUCCESS') . "</div><div style='text-align:center;'><input type='button' onclick='\$.weeboxs.close();' class='button' value='关闭' /></div>");
}
public function save()
{
require_once APP_ROOT_PATH . 'system/libs/user.php';
foreach ($_REQUEST as $k => $v) {
$_REQUEST[$k] = htmlspecialchars(addslashes(trim($v)));
}
if ($GLOBALS['user_info']['user_name']) {
$_REQUEST['user_name'] = $GLOBALS['user_info']['user_name'];
}
$res = save_user($_REQUEST, 'UPDATE');
if ($res['status'] == 1) {
// user_name mobile province_id city_id byear bmonth bday sex my_intro id
// 向im.lingang.me发送用户名片修改请求
$phone = $_REQUEST['mobile'];
$rid = es_cookie::get("rid");
$sig = md5($phone . "_" . $rid . "_" . $rid);
$url = get_doubi_host();
$post = array('action' => 'edit_profile', 'sig' => $sig, 'phone' => $phone, 'uname' => $_REQUEST['user_name'], 'uintro' => $_REQUEST['my_intro'], 'gender' => $_REQUEST['sex'], 'birth' => $_REQUEST['byear'] . "-" . $_REQUEST['bmonth'] . "-" . $_REQUEST['bday']);
$response = json_decode(sentSigPost($url, $post), true);
$s_user_info = es_session::get("user_info");
$user_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = '" . intval($s_user_info['id']) . "'");
es_session::set("user_info", $user_info);
if (intval($_REQUEST['is_ajax']) == 1) {
echo 1;
} else {
showSuccess($GLOBALS['lang']['SAVE_USER_SUCCESS']);
}
} else {
$error = $res['data'];
if (!$error['field_show_name']) {
$error['field_show_name'] = $GLOBALS['lang']['USER_TITLE_' . strtoupper($error['field_name'])];
}
if ($error['error'] == EMPTY_ERROR) {
$error_msg = sprintf($GLOBALS['lang']['EMPTY_ERROR_TIP'], $error['field_show_name']);
}
if ($error['error'] == FORMAT_ERROR) {
$error_msg = sprintf($GLOBALS['lang']['FORMAT_ERROR_TIP'], $error['field_show_name']);
}
if ($error['error'] == EXIST_ERROR) {
$error_msg = sprintf($GLOBALS['lang']['EXIST_ERROR_TIP'], $error['field_show_name']);
}
if (intval($_REQUEST['is_ajax']) == 1) {
echo 1;
} else {
showErr($error_msg);
}
}
}
/**
* 验证检限
* 已登录时验证用户权限, Index模块下的所有函数无需权限验证
* 未登录时跳转登录
*/
private function check_auth()
{
if (intval(app_conf("EXPIRED_TIME")) > 0 && es_session::is_expired()) {
es_session::delete(md5(conf("AUTH_KEY")));
es_session::delete("expire");
}
//管理员的SESSION
$adm_session = es_session::get(md5(conf("AUTH_KEY")));
$adm_name = $adm_session['adm_name'];
$adm_id = intval($adm_session['adm_id']);
$ajax = intval($_REQUEST['ajax']);
$is_auth = 0;
$user_info = es_session::get("user_info");
if (intval($user_info['id']) > 0) {
if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') {
$is_auth = 1;
}
}
if ($adm_id == 0 && $is_auth == 0) {
if ($ajax == 0) {
$this->redirect("Public/login");
} else {
$this->error(L("NO_LOGIN"), $ajax);
}
}
//开始验证权限,当管理员名称不为默认管理员时
//开始验证模块是否需要授权
global $access_list;
$access_list = (require APP_ROOT_PATH . "system/admnode_cfg.php");
$count = isset($access_list[MODULE_NAME]['node'][ACTION_NAME]) ? 1 : 0;
if ($adm_name != app_conf("DEFAULT_ADMIN") && $count > 0 && $is_auth == 0) {
$sql = "select count(*) from " . DB_PREFIX . "role_access as role left join " . DB_PREFIX . "admin as admin on admin.role_id = role.role_id " . "where admin.id = " . $adm_id . " and role.node = '" . ACTION_NAME . "' and role.module = '" . MODULE_NAME . "' ";
$count = $GLOBALS['db']->getOne($sql);
if ($count == 0) {
//节点授权不足,开始判断是否有模块授权
$module_sql = "select count(*) from " . DB_PREFIX . "role_access as role left join " . DB_PREFIX . "admin as admin on admin.role_id = role.role_id " . "where admin.id = " . $adm_id . " and role.node = '' and role.module = '" . MODULE_NAME . "' ";
$module_count = $GLOBALS['db']->getOne($module_sql);
if ($module_count == 0) {
if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') {
echo "<script>alert('" . L("NO_AUTH") . "');</script>";
exit;
} else {
$this->error(L("NO_AUTH"), $ajax);
}
}
}
}
}
public function do_loginout()
{
//验证是否已登录
//管理员的SESSION
$adm_session = es_session::get(md5(conf("AUTH_KEY")));
$adm_id = intval($adm_session['adm_id']);
if ($adm_id == 0) {
//已登录
$this->redirect(u("Public/login"));
} else {
es_session::delete(md5(conf("AUTH_KEY")));
$this->assign("jumpUrl", U("Public/login"));
$this->assign("waitSecond", 3);
$this->success(L("LOGINOUT_SUCCESS"));
}
}
