echo json_encode($orders);
} elseif ('orders' == $_GET['uri']) {
send_headers();
$orders = get_all_orders();
echo json_encode($orders);
} elseif ('swipes' == $_GET['uri'] && isset($input['uid']) && isset($input['service']) && isset($_GET['id'])) {
if ($input['service'] == 1 && is_payment_reader($_GET['id'])) {
// This is a payment request
$owner = get_tag_owner($input['uid']);
if ($owner && $input['order']) {
$user = get_user_by_uid($owner);
$input['order']['client'] = $user['uid'];
$input['order']['reader'] = $_GET['id'];
new_order($input['order']);
// get the new user balance
$user = get_user_by_uid($user['uid']);
send_headers();
$response = array("version" => $version, "response" => "OK", "uid" => $user['uid'], "balance" => floatval($user['balance']));
echo json_encode($response);
} else {
forbidden();
}
} elseif ($input['service'] == 0) {
$owner = get_tag_owner($input['uid']);
$permission = get_permission($owner, $_GET['id']);
$end_date_reached = false;
if ($permission['end']) {
$end_date_reached = time() > strtotime($permission['end']);
}
if ($permission && !$end_date_reached) {
// user is allowed
$smarty->caching = false;
$smarty->assign('err', "用户登录失败,用户名或密码错误");
$smarty->display('wap/wap_login.html');
}
}
}
} elseif ($act == 'waiting_weixin_login') {
$event_key = $_SESSION['scene_id'];
$content = "";
if (file_exists(QISHI_ROOT_PATH . "data/weixin/" . $event_key % 10 . '/' . $event_key . ".txt")) {
$content = file_get_contents(QISHI_ROOT_PATH . "data/weixin/" . $event_key % 10 . '/' . $event_key . ".txt");
}
$uid = intval($content);
if ($uid > 0) {
global $QS_cookiepath, $QS_cookiedomain;
$u = get_user_by_uid($uid);
if (!empty($u)) {
unset($_SESSION['uid']);
unset($_SESSION['username']);
unset($_SESSION['utype']);
unset($_SESSION['uqqid']);
setcookie("QS[uid]", "", time() - 3600, $QS_cookiepath, $QS_cookiedomain);
setcookie("QS[username]", "", time() - 3600, $QS_cookiepath, $QS_cookiedomain);
setcookie("QS[password]", "", time() - 3600, $QS_cookiepath, $QS_cookiedomain);
setcookie("QS[utype]", "", time() - 3600, $QS_cookiepath, $QS_cookiedomain);
unset($_SESSION['activate_username']);
unset($_SESSION['activate_email']);
$_SESSION['uid'] = $u['uid'];
$_SESSION['username'] = $u['username'];
$_SESSION['utype'] = $u['utype'];
$_SESSION['uqqid'] = "1";
function get_registrations_by_event($id)
{
$link = open_database_connection();
$query = "SELECT * FROM attendees WHERE event = '" . mysqli_real_escape_string($link, $id) . "'";
if ($result = mysqli_query($link, $query)) {
// fetch associative array
while ($row = mysqli_fetch_assoc($result)) {
$user = get_user_by_uid($row['uid']);
$row['firstname'] = $user['firstname'];
$row['lastname'] = $user['lastname'];
$registrations[] = $row;
}
// free result set
mysqli_free_result($result);
}
// close connection
mysqli_close($link);
return $registrations;
}
function stats_tsv_action($uid)
{
header('Content-type: application/json; charset=utf-8');
header("Cache-Control: no-cache, must-revalidate");
$user = get_user_by_uid($uid);
$user_orders = array();
$total = 0;
$snacks = get_visible_snacks();
echo "label\torders\n";
foreach ($snacks as $snack) {
$user_orders[$snack['description_' . getenv('LANG')]] = intval(get_user_orders_by_snack($user['uid'], $snack['id']));
}
foreach ($user_orders as $label => $orders) {
echo "{$label}\t{$orders}\n";
}
}
$result = mysql_query($SQL_Querry, $LINK) or do_log_sql($stdlog, "#deposit error " . mysql_error($LINK), $LINK);
for ($i = 0; $i <= mysql_num_rows($result); $i++) {
$res = mysql_fetch_array($result);
$users_list[$i] = $res;
}
mysql_free_result($result);
return $users_list;
}
global $LINK;
$LINK = mysql_pconnect($CONF_MYSQL_HOST, $CONF_MYSQL_USERNAME, $CONF_MYSQL_PASSWORD);
if (!$LINK) {
do_log($stdlog, "Cant connect to DB " . $CONF_MYSQL_HOST);
exit;
}
mysql_select_db($CONF_MYSQL_DBNAME, $LINK) or die('Could not select database.');
$users_birth = get_user_by_uid($uid, $LINK, $stdlog);
$ts = time();
foreach ($users_birth as $key => $value) {
$deposit = round($value['deposit'], 2);
$TEXT = $TEXT_base . $deposit . " Грн";
$pattern = "|[^\\d\\(\\)-+]|";
$replacement = "";
$SMS_TEL = preg_replace($pattern, $replacement, $value['sms_tel']);
if (strlen($SMS_TEL) == 10) {
sms("7" . $SMS_TEL, $TEXT, $COMPANY);
}
if (strlen($SMS_TEL) < 9 or strlen($SMS_TEL) > 12) {
}
if (strlen($SMS_TEL) == 11) {
sms($SMS_TEL, $TEXT, $COMPANY);
}
function get_useremail($uid)
{
// 通过用户ID,获得用户邮箱
$user = get_user_by_uid($uid, 'user_email');
return $user['user_email'];
}
$result = mysql_query($SQL_Querry, $LINK) or do_log_sql($stdlog, "#deposit error " . mysql_error($LINK), $LINK);
for ($i = 0; $i <= mysql_num_rows($result); $i++) {
$res = mysql_fetch_array($result);
$users_list[$i] = $res;
}
mysql_free_result($result);
return $users_list;
}
global $LINK;
$LINK = mysql_pconnect($CONF_MYSQL_HOST, $CONF_MYSQL_USERNAME, $CONF_MYSQL_PASSWORD);
if (!$LINK) {
do_log($stdlog, "Can't connect to DB " . $CONF_MYSQL_HOST);
exit;
}
mysql_select_db($CONF_MYSQL_DBNAME, $LINK) or die('Could not select database.');
$users_dolgnki = get_user_by_uid($uid, $LINK, $stdlog);
$querry = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>";
$querry .= "<package login=\"" . $SMS_UKR_LOGIN . "\" password=\"" . $SMS_UKR_PASS . "\">";
$querry .= "<message>";
$ts = time();
foreach ($users_dolgnki as $key => $value) {
$deposit = round($value['deposit'], 2);
$TEXT = $TEXT_base . $deposit . " Грн";
# $TEXT=iconv("CP1251","KOI8-U",$TEXT);
$pattern = "|[^\\d\\(\\)-+]|";
$replacement = "";
$SMS_TEL = preg_replace($pattern, $replacement, $value['sms_tel']);
if (strlen($SMS_TEL) == 10) {
$querry .= "<msg id=\"" . $ts . $value['uid'] . "\" recipient=\"38" . $SMS_TEL . "\" sender=\"" . $COMPANY . "\" type=\"0\">" . $TEXT . "</msg>";
}
if (strlen($SMS_TEL) < 9 or strlen($SMS_TEL) > 12) {
