} /* 计算文章打开方式 */ if ($file_url == '') { $open_type = 0; } else { $open_type = $_POST['FCKeditor1'] == '' ? 1 : 2; } /* 如果 file_url 跟以前不一样,且原来的文件是本地文件,删除原来的文件 */ $sql = "SELECT file_url FROM " . $ecs->table('article') . " WHERE article_id = '{$_POST['id']}'"; $old_url = $db->getOne($sql); if ($old_url != '' && $old_url != $file_url && strpos($old_url, 'http://') === false && strpos($old_url, 'https://') === false) { @unlink(ROOT_PATH . $old_url); } if ($exc->edit("title='{$_POST['title']}', cat_id='{$_POST['article_cat']}', article_type='{$_POST['article_type']}', is_open='{$_POST['is_open']}', author='{$_POST['author']}', author_email='{$_POST['author_email']}', keywords ='{$_POST['keywords']}', file_url ='{$file_url}', open_type='{$open_type}', content='{$_POST['FCKeditor1']}', link='{$_POST['link_url']}', description = '{$_POST['description']}'", $_POST['id'])) { $link[0]['text'] = $_LANG['back_list']; $link[0]['href'] = 'article_tianxin100.php?act=list&' . list_link_postfix(); $note = sprintf("编辑成功", stripslashes($_POST['title'])); admin_log($_POST['title'], 'edit', 'article'); clear_cache_files(); sys_msg($note, 0, $link); } else { die($db->error()); } } elseif ($_REQUEST['act'] == 'edit_title') { check_authz_json('article_manage'); $id = intval($_POST['id']); $title = json_str_iconv(trim($_POST['val'])); /* 检查文章标题是否重复 */ if ($exc->num("title", $title, $id) != 0) { make_json_error(sprintf($_LANG['title_exist'], $title)); } else {
$action_array = array('delivery', 'back'); del_delivery($order['order_id'], $action_array); /* todo 记录日志 */ admin_log($order['order_sn'], 'remove', 'order'); $sn_list[] = $order['order_sn']; } $sn_str = $_LANG['remove_order']; } else { die('invalid params'); } /* 取得备注信息 */ // $action_note = $_REQUEST['action_note']; if (empty($sn_not_list)) { $sn_list = empty($sn_list) ? '' : $_LANG['updated_order'] . join($sn_list, ','); $msg = $sn_list; $links[] = array('text' => $_LANG['return_list'], 'href' => 'order.php?act=list&' . list_link_postfix()); sys_msg($msg, 0, $links); } else { $order_list_no_fail = array(); $sql = "SELECT * FROM " . $ecs->table('order_info') . " WHERE order_sn " . db_create_in($sn_not_list); $res = $db->query($sql); while ($row = $db->fetchRow($res)) { $order_list_no_fail[$row['order_id']]['order_id'] = $row['order_id']; $order_list_no_fail[$row['order_id']]['order_sn'] = $row['order_sn']; $order_list_no_fail[$row['order_id']]['order_status'] = $row['order_status']; $order_list_no_fail[$row['order_id']]['shipping_status'] = $row['shipping_status']; $order_list_no_fail[$row['order_id']]['pay_status'] = $row['pay_status']; $order_list_fail = ''; foreach (operable_list($row) as $key => $value) { if ($key != $operation) { $order_list_fail .= $_LANG['op_' . $key] . ',';
} /* 计算文章打开方式 */ if ($file_url == '') { $open_type = 0; } else { $open_type = $_POST['FCKeditor1'] == '' ? 1 : 2; } /* 如果 file_url 跟以前不一样,且原来的文件是本地文件,删除原来的文件 */ $sql = "SELECT file_url FROM " . $ecs->table('article') . " WHERE article_id = '{$_POST['id']}'"; $old_url = $db->getOne($sql); if ($old_url != '' && $old_url != $file_url && strpos($old_url, 'http://') === false && strpos($old_url, 'https://') === false) { @unlink(ROOT_PATH . $old_url); } if ($exc->edit("title='{$_POST['title']}', cat_id='{$_POST['article_cat']}', article_type='{$_POST['article_type']}', is_open='{$_POST['is_open']}', author='{$_POST['author']}', author_email='{$_POST['author_email']}', keywords ='{$_POST['keywords']}', file_url ='{$file_url}', open_type='{$open_type}', content='{$_POST['FCKeditor1']}', link='{$_POST['link_url']}', description = '{$_POST['description']}'", $_POST['id'])) { $link[0]['text'] = $_LANG['back_list']; $link[0]['href'] = 'article.php?act=list&' . list_link_postfix(); $note = sprintf($_LANG['articleedit_succeed'], stripslashes($_POST['title'])); admin_log($_POST['title'], 'edit', 'article'); clear_cache_files(); sys_msg($note, 0, $link); } else { die($db->error()); } } elseif ($_REQUEST['act'] == 'edit_title') { check_authz_json('article_manage'); $id = intval($_POST['id']); $title = json_str_iconv(trim($_POST['val'])); /* 检查文章标题是否重复 */ if ($exc->num("title", $title, $id) != 0) { make_json_error(sprintf($_LANG['title_exist'], $title)); } else {
$is_show = isset($_REQUEST['is_show']) ? intval($_REQUEST['is_show']) : 0; /*处理URL*/ $site_url = sanitize_url($_POST['site_url']); /* 处理图片 */ $img_name = basename($image->upload_image($_FILES['brand_logo'], 'brandlogo')); $param = "brand_name = '{$_POST['brand_name']}', site_url='{$site_url}', brand_desc='{$_POST['brand_desc']}', is_show='{$is_show}', sort_order='{$_POST['sort_order']}' "; if (!empty($img_name)) { //有图片上传 $param .= " ,brand_logo = '{$img_name}' "; } if ($exc->edit($param, $_POST['id'])) { /* 清除缓存 */ clear_cache_files(); admin_log($_POST['brand_name'], 'edit', 'brand'); $link[0]['text'] = $_LANG['back_list']; $link[0]['href'] = 'brand.php?act=list&' . list_link_postfix(); $note = vsprintf($_LANG['brandedit_succed'], $_POST['brand_name']); sys_msg($note, 0, $link); } else { die($db->error()); } } elseif ($_REQUEST['act'] == 'edit_brand_name') { check_authz_json('brand_manage'); $id = intval($_POST['id']); $name = json_str_iconv(trim($_POST['val'])); /* 检查名称是否重复 */ if ($exc->num("brand_name", $name, $id) != 0) { make_json_error(sprintf($_LANG['brandname_exist'], $name)); } else { if ($exc->edit("brand_name = '{$name}'", $id)) { admin_log($name, 'edit', 'brand');
/** * 列表链接 * * @param bool $is_add * 是否添加(插入) * @return array('href' => $href, 'text' => $text) */ function list_link($is_add = true) { $href = 'customer.php?act=list'; if (!$is_add) { $href .= '&' . list_link_postfix(); } return array('href' => $href, 'text' => $GLOBALS['_LANG']['customer_list']); }
} } //图片数量 $imgnum = count($shaidan_imgs); //是否赠送积分 if ($info['is_points'] == 0 && $weizhi <= $_CFG['shaidan_pre_num'] && $imgnum >= $_CFG['shaidan_img_num']) { $get_points = 1; } else { $get_points = 0; } $smarty->assign('ur_here', '晒单详情'); $smarty->assign('weizhi', $weizhi); $smarty->assign('imgnum', $imgnum); $smarty->assign('get_points', $get_points); $smarty->assign('shop_config', $_CFG); $smarty->assign('action_link', array('text' => '返回', 'href' => 'shaidan.php?act=list&' . list_link_postfix())); $smarty->assign('info', $info); $smarty->assign('goods', $goods); $smarty->assign('shaidan_imgs', $shaidan_imgs); $smarty->assign('form_action', 'updata'); assign_query_info(); $smarty->display('shaidan_info.htm'); } elseif ($_REQUEST['act'] == 'updata') { $shaidan_id = intval($_POST['shaidan_id']); $get_points = intval($_POST['get_points']); $pay_points = $_CFG['shaidan_pay_points']; $status = intval($_POST['status']); if ($get_points == 1 && $pay_points > 0) { $info = $db->GetRow("SELECT * FROM " . $ecs->table('shaidan') . " WHERE shaidan_id='{$shaidan_id}'"); $db->query("UPDATE " . $ecs->table('shaidan') . " SET pay_points = '{$pay_points}', is_points = 1 WHERE shaidan_id = '{$shaidan_id}'"); $db->query("INSERT INTO " . $ecs->table('account_log') . "(user_id, rank_points, pay_points, change_time, change_desc, change_type) " . "VALUES ('{$info['user_id']}', 0, '" . $pay_points . "', " . gmtime() . ", '晒单获得积分', '99')");
$users =& init_users(); $users->remove_user($username); //已经删除用户所有数据 /* 记录管理员操作 */ admin_log(addslashes($username), 'remove', 'users'); /* 提示信息 */ $link[] = array('text' => $_LANG['go_back'], 'href' => 'users.php?act=list'); sys_msg(sprintf($_LANG['remove_success'], $username), 0, $link); } elseif ($_REQUEST['act'] == 'address_list') { $id = isset($_GET['id']) ? intval($_GET['id']) : 0; $sql = "SELECT a.*, c.region_name AS country_name, p.region_name AS province, ct.region_name AS city_name, d.region_name AS district_name " . " FROM " . $ecs->table('user_address') . " as a " . " LEFT JOIN " . $ecs->table('region') . " AS c ON c.region_id = a.country " . " LEFT JOIN " . $ecs->table('region') . " AS p ON p.region_id = a.province " . " LEFT JOIN " . $ecs->table('region') . " AS ct ON ct.region_id = a.city " . " LEFT JOIN " . $ecs->table('region') . " AS d ON d.region_id = a.district " . " WHERE user_id='{$id}'"; $address = $db->getAll($sql); $smarty->assign('address', $address); assign_query_info(); $smarty->assign('ur_here', $_LANG['address_list']); $smarty->assign('action_link', array('text' => $_LANG['01_users_list'], 'href' => 'users.php?act=list&' . list_link_postfix())); $smarty->display('user_address_list.htm'); } elseif ($_REQUEST['act'] == 'remove_parent') { /* 检查权限 */ admin_priv('users_manage'); $sql = "UPDATE " . $ecs->table('users') . " SET parent_id = 0 WHERE user_id = '" . $_GET['id'] . "'"; $db->query($sql); /* 记录管理员操作 */ $sql = "SELECT user_name FROM " . $ecs->table('users') . " WHERE user_id = '" . $_GET['id'] . "'"; $username = $db->getOne($sql); admin_log(addslashes($username), 'edit', 'users'); /* 提示信息 */ $link[] = array('text' => $_LANG['go_back'], 'href' => 'users.php?act=list'); sys_msg(sprintf($_LANG['update_success'], $username), 0, $link); } elseif ($_REQUEST['act'] == 'aff_list') { /* 检查权限 */
} $smarty->assign('action_list', $act_list); /* 回复留言图片 www.68ecshop.com增加 */ $res = $db->getAll("SELECT * FROM " . $ecs->table('back_replay') . " WHERE back_id = '{$back_id}' ORDER BY add_time ASC"); foreach ($res as $value) { $value['add_time'] = local_date($GLOBALS['_CFG']['time_format'], $value['add_time']); $back_replay[] = $value; } if ($back_order['imgs']) { $imgs = explode(",", $back_order['imgs']); } $smarty->assign('imgs', $imgs); $smarty->assign('back_replay', $back_replay); /* 显示模板 */ $smarty->assign('ur_here', $_LANG['back_operate'] . $_LANG['detail']); $smarty->assign('action_link', array('href' => 'back.php?act=back_list&' . list_link_postfix(), 'text' => $_LANG['10_back_order'])); assign_query_info(); $smarty->display('back_info_2.htm'); exit; // } elseif ($_REQUEST['act'] == 'operate') { /* 检查权限 */ admin_priv('back_view'); $back_id = intval(trim($_REQUEST['back_id'])); // 退换货订单id $action_note = isset($_REQUEST['action_note']) ? trim($_REQUEST['action_note']) : ''; /* 查询订单信息 */ $order = back_order_info($back_id); /* 通过申请 */ if (isset($_POST['ok'])) { $status_back = '5';
$total_fee = $pay_fee + $amount; /* 插入 pay_log */ $sql = 'INSERT INTO ' . $ecs->table('pay_log') . " (order_id, order_amount, order_type, is_paid)" . " VALUES ('{$id}', '{$total_fee}', '" . PAY_SURPLUS . "', 0)"; $db->query($sql); } /* 记录管理员操作 */ if ($_REQUEST['act'] == 'update') { admin_log($user_name, 'edit', 'user_surplus'); } else { admin_log($user_name, 'add', 'user_surplus'); } /* 提示信息 */ if ($_REQUEST['act'] == 'insert') { $href = 'user_account.php?act=list'; } else { $href = 'user_account.php?act=list&' . list_link_postfix(); } $link[0]['text'] = $_LANG['back_list']; $link[0]['href'] = $href; $link[1]['text'] = $_LANG['continue_add']; $link[1]['href'] = 'user_account.php?act=add'; sys_msg($_LANG['attradd_succed'], 0, $link); } elseif ($_REQUEST['act'] == 'check') { $id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0; if ($id == 0) { $res['code'] = 1; $res['req_msg'] = true; $res['timeout'] = 2000; $res['message'] = '输入有误,请重新确认'; $die($json->encode($res)); }
function action_address_list() { // 全局变量 $user = $GLOBALS['user']; $_CFG = $GLOBALS['_CFG']; $_LANG = $GLOBALS['_LANG']; $smarty = $GLOBALS['smarty']; $db = $GLOBALS['db']; $ecs = $GLOBALS['ecs']; $user_id = $_SESSION['user_id']; $id = isset($_GET['id']) ? intval($_GET['id']) : 0; $sql = "SELECT a.*, c.region_name AS country_name, p.region_name AS province, ct.region_name AS city_name, d.region_name AS district_name " . " FROM " . $ecs->table('user_address') . " as a " . " LEFT JOIN " . $ecs->table('region') . " AS c ON c.region_id = a.country " . " LEFT JOIN " . $ecs->table('region') . " AS p ON p.region_id = a.province " . " LEFT JOIN " . $ecs->table('region') . " AS ct ON ct.region_id = a.city " . " LEFT JOIN " . $ecs->table('region') . " AS d ON d.region_id = a.district " . " WHERE user_id='{$id}'"; $address = $db->getAll($sql); $smarty->assign('address', $address); assign_query_info(); $smarty->assign('ur_here', $_LANG['address_list']); $smarty->assign('action_link', array('text' => $_LANG['03_users_list'], 'href' => 'users.php?act=list&' . list_link_postfix())); $smarty->display('user_address_list.htm'); }
$sql = 'select * from ' . $ecs->table('region') . ' where parent_id=' . $pickup_point['city_id']; $district_list = $db->getAll($sql); $smarty->assign('province_list', $province_list); $smarty->assign('city_list', $city_list); $smarty->assign('district_list', $district_list); $smarty->assign('pickup_point', $pickup_point); $smarty->assign('ur_here', $_LANG['pickup_point_edit']); $smarty->assign('action_link', array('text' => $_LANG['pickup_point_list'], 'href' => 'pickup_point.php?act=list&' . list_link_postfix())); $smarty->assign('form_action', 'update'); assign_query_info(); $smarty->display('pickup_point_info.htm'); } if ($_REQUEST['act'] == 'update') { if ($exc->edit("shop_name='{$_POST['shop_name']}', address='{$_POST['address']}', contact='{$_POST['contact']}', phone='{$_POST['phone']}', province_id='{$_POST['province']}', city_id='{$_POST['city']}', district_id ='{$_POST['district']}'", $_POST['id'])) { $link[0]['text'] = $_LANG['back_list']; $link[0]['href'] = 'pickup_point.php?act=list&' . list_link_postfix(); $note = sprintf($_LANG['pickup_point_edit_succeed'], stripslashes($_POST['shop_name'])); admin_log($_POST['shop_name'], 'edit', 'pickup_point'); clear_cache_files(); sys_msg($note, 0, $link); } else { die($db->error()); } } elseif ($_REQUEST['act'] == 'edit_shop_name') { $id = intval($_POST['id']); $shop_name = json_str_iconv(trim($_POST['val'])); if ($exc->edit("shop_name = '{$shop_name}'", $id)) { clear_cache_files(); admin_log($shop_name, 'edit', 'pickup_point'); make_json_result(stripslashes($shop_name)); } else {
admin_priv('store_inout_type'); if ($_POST['type_name'] != $_POST['old_typename']) { /*检查品牌名是否相同*/ $is_only = $exc->is_only('type_name', $_POST['type_name'], $_POST['id']); if (!$is_only) { sys_msg(sprintf($_LANG['typename_exist'], stripslashes($_POST['type_name'])), 1); } } $is_valid = isset($_REQUEST['is_valid']) ? intval($_REQUEST['is_valid']) : 0; $in_out = isset($_REQUEST['in_out']) ? intval($_REQUEST['in_out']) : 0; $param = "type_name = '{$_POST['type_name']}', is_valid='{$is_valid}' "; if ($exc->edit($param, $_POST['id'])) { /* 清除缓存 */ clear_cache_files(); $link[0]['text'] = $_LANG['back_list']; $link[0]['href'] = 'store_inout_type.php?act=list&in_out=' . $in_out . '&' . list_link_postfix(); $note = vsprintf($_LANG['typeedit_succed'], $_POST['type_name']); sys_msg($note, 0, $link); } else { die($db->error()); } } elseif ($_REQUEST['act'] == 'remove') { check_authz_json('store_inout_type'); $id = intval($_GET['id']); $exc->drop($id); $url = 'store_inout_type.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']); ecs_header("Location: {$url}\n"); exit; } elseif ($_REQUEST['act'] == 'query') { $type_list = get_typelist(); $smarty->assign('type_list', $type_list['typelist']);
echo $smarty->fetch("str:" . $shipping['shipping_print']); } else { $shipping_code = $db->getOne("SELECT shipping_code FROM " . $ecs->table('shipping') . " WHERE shipping_id=" . $order['shipping_id']); if ($shipping_code) { include_once ROOT_PATH . 'includes/modules/shipping/' . $shipping_code . '.php'; } if (!empty($_LANG['shipping_print'])) { echo $smarty->fetch("str:{$_LANG['shipping_print']}"); } else { echo $_LANG['no_print_shipping']; } } } else { /* 模板赋值 */ $smarty->assign('ur_here', $_LANG['order_info']); $smarty->assign('action_link', array('href' => 'order.php?act=list&' . list_link_postfix(), 'text' => $_LANG['02_order_list'])); /* 显示模板 */ assign_query_info(); $smarty->display('order_info.htm'); } } elseif ($_REQUEST['act'] == 'receive_goods') { $res['req_msg'] = true; $res['btncontent'] = false; if (!admin_priv('shipping_done', '', false)) { $res['message'] = '对不起,您还未被授权确认收货!'; die($json->encode($res)); } $_REQUEST = addslashes_deep($_REQUEST); $sql_select = 'SELECT receive_status,others,FROM_UNIXTIME(add_time, "【%Y-%m-%d %H:%i:%s】") add_time FROM ' . $GLOBALS['ecs']->table('shipping_feed') . " WHERE order_id={$_REQUEST['id']} ORDER BY add_time DESC"; $info = $GLOBALS['db']->getRow($sql_select); $smarty->assign('id', $_REQUEST['id']);
$arr['user_money'] = floatval($_POST['user_money']); $arr['pay_points'] = intval($_POST['pay_points']); $arr['rank_points'] = intval($_POST['rank_points']); $arr['true_name'] = trim($_POST['true_name']); $arr['address'] = trim($_POST['address']); $arr['mobile'] = trim($_POST['mobile']); $arr['email'] = trim($_POST['email']); $arr['is_show'] = intval($_POST['is_show']); $arr['send_type'] = trim($_POST['send_type']); $arr['des'] = trim($_POST['des']); $db->autoExecute($ecs->table('user_card'), $arr, 'UPDATE', " id='{$id}' "); $note = sprintf($_LANG['user_card_edit_succeed'], stripslashes($_POST['title'])); admin_log($_POST['card_no'], 'edit', 'user_card'); clear_cache_files(); $link[0]['text'] = $_LANG['back_list']; $link[0]['href'] = 'user_card.php?act=list&ct_id=' . $ct_id . '&' . list_link_postfix(); sys_msg($note, 0, $link); } elseif ($_REQUEST['act'] == 'remove') { admin_priv('user_card'); $id = intval($_GET['id']); $sql = "SELECT * FROM " . $ecs->table('user_card') . " WHERE id='{$id}'"; $card = $db->GetRow($sql); if ($exc->drop($id)) { admin_log(addslashes($card['card_no']), 'remove', 'user_card'); clear_cache_files(); } $url = 'user_card.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']); ecs_header("Location: {$url}\n"); exit; } elseif ($_REQUEST['act'] == 'unbind') { admin_priv('user_card');
log_account_change($account['user_id'], $amount, 0, 0, 0, $_LANG['surplus_type_1'], ACT_DRAWING); } elseif ($is_paid == '1' && $account['process_type'] == '0') { //如果是预付款,并且已完成, 更新此条记录,增加相应的余额 update_user_account($id, $amount, $admin_note, $is_paid); //更新会员余额数量 log_account_change($account['user_id'], $amount, 0, 0, 0, $_LANG['surplus_type_0'], ACT_SAVING); } elseif ($is_paid == '0') { /* 否则更新信息 */ $sql = "UPDATE " . $ecs->table('user_account') . " SET " . "admin_user = '******'admin_name']}', " . "admin_note = '{$admin_note}', " . "is_paid = 0 WHERE id = '{$id}'"; $db->query($sql); } /* 记录管理员日志 */ admin_log('(' . addslashes($_LANG['check']) . ')' . $admin_note, 'edit', 'user_surplus'); /* 提示信息 */ $link[0]['text'] = $_LANG['back_list']; $link[0]['href'] = 'user_account.php?act=list&' . list_link_postfix(); sys_msg($_LANG['attradd_succed'], 0, $link); } } elseif ($_REQUEST['act'] == 'query') { $list = account_list(); $smarty->assign('list', $list['list']); $smarty->assign('filter', $list['filter']); $smarty->assign('record_count', $list['record_count']); $smarty->assign('page_count', $list['page_count']); $sort_flag = sort_flag($list['filter']); $smarty->assign($sort_flag['tag'], $sort_flag['img']); make_json_result($smarty->fetch('user_account_list.htm'), '', array('filter' => $list['filter'], 'page_count' => $list['page_count'])); } elseif ($_REQUEST['act'] == 'remove') { /* 检查权限 */ check_authz_json('surplus_manage'); $id = @intval($_REQUEST['id']);
$shipping_list = available_shipping_list($region_id_list); /* 取得配送费用 */ $smarty->assign('shipping_list', $shipping_list); } elseif (isset($_POST['complete'])) { $require_note = false; $action = $_LANG['op_confirm']; $operation = 'complete'; } elseif (isset($_POST['remove'])) { $require_note = false; $operation = 'remove'; if (!$batch) { /* 检查能否操作 */ $order = order_info($order_id); $operable_list = operable_list($order); if (!isset($operable_list['remove'])) { die('Hacking attempt'); } /* 删除订单 */ $db->query("DELETE FROM " . $ecs->table('order_info') . " WHERE order_id = '{$order_id}'"); $db->query("DELETE FROM " . $ecs->table('order_goods') . " WHERE order_id = '{$order_id}'"); $db->query("DELETE FROM " . $ecs->table('order_action') . " WHERE order_id = '{$order_id}'"); $action_array = array('delivery', 'back'); del_delivery($order_id, $action_array); /* todo 记录日志 */ admin_log($order['order_sn'], 'remove', 'order'); /* 返回 */ sys_msg($_LANG['order_removed'], 0, array(array('href' => 'order.php?act=list&' . list_link_postfix(), 'text' => $_LANG['return_list']))); } } /* 直接处理还是跳到详细页面 */ if ($require_note && $action_note == '' || isset($show_invoice_no) || isset($show_refund) || $swapped_out) {
admin_log($wholesale['goods_name'], 'add', 'wholesale'); } else { admin_log($wholesale['goods_name'], 'edit', 'wholesale'); } /* 清除缓存 */ clear_cache_files(); /* 提示信息 */ if ($attr_error) { $links = array(array('href' => 'wholesale.php?act=list', 'text' => $_LANG['back_wholesale_list'])); sys_msg(sprintf($_LANG['save_wholesale_falid'], $wholesale['goods_name']), 1, $links); } if ($is_add) { $links = array(array('href' => 'wholesale.php?act=add', 'text' => $_LANG['continue_add_wholesale']), array('href' => 'wholesale.php?act=list', 'text' => $_LANG['back_wholesale_list'])); sys_msg($_LANG['add_wholesale_ok'], 0, $links); } else { $links = array(array('href' => 'wholesale.php?act=list&' . list_link_postfix(), 'text' => $_LANG['back_wholesale_list'])); sys_msg($_LANG['edit_wholesale_ok'], 0, $links); } } elseif ($_REQUEST['act'] == 'search_goods') { check_authz_json('whole_sale'); include_once ROOT_PATH . 'includes/cls_json.php'; $json = new JSON(); $filter = $json->decode($_GET['JSON']); $arr = get_goods_list($filter); if (empty($arr)) { $arr[0] = array('goods_id' => 0, 'goods_name' => $_LANG['search_result_empty']); } make_json_result($arr); } elseif ($_REQUEST['act'] == 'get_goods_info') { include_once ROOT_PATH . 'includes/cls_json.php'; $json = new JSON();
$msg = "修改“" . $_POST['user_name'] . "”管理员信息成功!"; //发生短信逻辑 $smskey = empty($_POST['sms']) ? '' : trim($_POST['sms']); if ($smskey == 'send') { $content = $name . "您好!您的账号已被重置:" . trim($_REQUEST['user_name']) . "/" . $_POST['new_password']; $sms = new sms(); $result = $sms->send($admin_cellphone, $content, "", "", $_SESSION["admin_name"]); if ($result["error"] != 0) { $msg .= $result["msg"]; } else { $msg .= "并且短信发生成功!"; } } /* 提示信息 */ $links[0]['text'] = $_LANG['goto_list']; $links[0]['href'] = 'classAdmin.php?act=list&' . list_link_postfix(); $links[1]['text'] = $_LANG['go_back']; $links[1]['href'] = 'javascript:history.back()'; sys_msg($msg, 0, $links); } elseif ($_REQUEST['act'] == 'edit_name') { /* 检查权限 */ check_authz_json('classAdmin_manage'); $id = empty($_REQUEST['id']) ? 0 : intval($_REQUEST['id']); $name = empty($_REQUEST['val']) ? '' : json_str_iconv(trim($_REQUEST['val'])); $sql = "SELECT user_name FROM " . $table . " WHERE user_id = '{$id}'"; $user_name = $db->getOne($sql); $sql = "update " . $table . " set name='" . $name . "' WHERE user_id = '{$id}'"; $db->query($sql); admin_log(addslashes($user_name . ',' . $name), 'edit', 'classAdmin'); make_json_result(stripcslashes($name)); } elseif ($_REQUEST['act'] == 'edit_email') {
$_POST['end_time'] = local_strtotime($_POST['end_time']); /* 处理提交数据 */ if (empty($_POST['package_price'])) { $_POST['package_price'] = 0; } /* 检查活动重名 */ $sql = "SELECT COUNT(*) " . " FROM " . $hhs->table('goods_activity') . " WHERE act_type='" . GAT_PACKAGE . "' AND act_name='" . $_POST['package_name'] . "' AND act_id <> '" . $_POST['id'] . "'"; if ($db->getOne($sql)) { sys_msg(sprintf($_LANG['package_exist'], $_POST['package_name']), 1); } $info = array('package_price' => $_POST['package_price']); /* 更新数据 */ $record = array('act_name' => $_POST['package_name'], 'start_time' => $_POST['start_time'], 'end_time' => $_POST['end_time'], 'act_desc' => $_POST['desc'], 'ext_info' => serialize($info)); $db->autoExecute($hhs->table('goods_activity'), $record, 'UPDATE', "act_id = '" . $_POST['id'] . "' AND act_type = " . GAT_PACKAGE); admin_log($_POST['package_name'], 'edit', 'package'); $link[] = array('text' => $_LANG['back_list'], 'href' => 'package.php?act=list&' . list_link_postfix()); sys_msg($_LANG['edit_succeed'], 0, $link); } elseif ($_REQUEST['act'] == 'remove') { check_authz_json('package_manage'); $id = intval($_GET['id']); $exc->drop($id); $sql = "DELETE FROM " . $hhs->table('package_goods') . " WHERE package_id='{$id}'"; $db->query($sql); $url = 'package.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']); hhs_header("Location: {$url}\n"); exit; } elseif ($_REQUEST['act'] == 'list') { $smarty->assign('ur_here', $_LANG['14_package_list']); $smarty->assign('action_link', array('text' => $_LANG['package_add'], 'href' => 'package.php?act=add')); $packages = get_packagelist(); $smarty->assign('package_list', $packages['packages']);
/** * 列表链接 * @param bool $is_add 是否添加(插入) * @return array('href' => $href, 'text' => $text) */ function list_link($is_add = true) { $href = 'wj_lottery_group.php?act=list'; if (!$is_add) { $href .= '&' . list_link_postfix(); } return array('href' => $href, 'text' => "抽奖组别列表"); }
$smarty->assign('form_action', 'update'); assign_query_info(); $smarty->display('exchange_goods_info.htm'); } /*------------------------------------------------------ */ //-- 编辑 /*------------------------------------------------------ */ if ($_REQUEST['act'] == 'update') { /* 权限判断 */ admin_priv('exchange_goods'); if (empty($_POST['goods_id'])) { $_POST['goods_id'] = 0; } if ($exc->edit("exchange_integral='{$_POST['exchange_integral']}', is_exchange='{$_POST['is_exchange']}', is_hot='{$_POST['is_hot']}' ", $_POST['goods_id'])) { $link[0]['text'] = $_LANG['back_list']; $link[0]['href'] = 'exchange_goods.php?act=list&' . list_link_postfix(); admin_log($_POST['goods_id'], 'edit', 'exchange_goods'); clear_cache_files(); sys_msg($_LANG['articleedit_succeed'], 0, $link); } else { die($db->error()); } } elseif ($_REQUEST['act'] == 'edit_exchange_integral') { check_authz_json('exchange_goods'); $id = intval($_POST['id']); $exchange_integral = floatval($_POST['val']); /* 检查文章标题是否重复 */ if ($exchange_integral < 0 || $exchange_integral == 0 && $_POST['val'] != "{$goods_price}") { make_json_error($_LANG['exchange_integral_invalid']); } else { if ($exc->edit("exchange_integral = '{$exchange_integral}'", $id)) {
$db->query($sql); } /* 记日志 */ if ($is_add) { admin_log($agency['agency_name'], 'add', 'agency'); } else { admin_log($agency['agency_name'], 'edit', 'agency'); } /* 清除缓存 */ clear_cache_files(); /* 提示信息 */ if ($is_add) { $links = array(array('href' => 'agency.php?act=add', 'text' => $_LANG['continue_add_agency']), array('href' => 'agency.php?act=list', 'text' => $_LANG['back_agency_list'])); sys_msg($_LANG['add_agency_ok'], 0, $links); } else { $links = array(array('href' => 'agency.php?act=list&' . list_link_postfix(), 'text' => $_LANG['back_agency_list'])); sys_msg($_LANG['edit_agency_ok'], 0, $links); } } /** * 取得办事处列表 * @return array */ function get_agencylist() { $result = get_filter(); if ($result === false) { /* 初始化分页参数 */ $filter = array(); $filter['sort_by'] = empty($_REQUEST['sort_by']) ? 'agency_id' : trim($_REQUEST['sort_by']); $filter['sort_order'] = empty($_REQUEST['sort_order']) ? 'DESC' : trim($_REQUEST['sort_order']);
/** * 列表链接 * @param bool $is_add 是否添加(插入) * @param string $extension_code 虚拟商品扩展代码,实体商品为空 * @return array('href' => $href, 'text' => $text) */ function list_link($is_add = true, $extension_code = '') { $href = 'goods.php?act=list'; if (!empty($extension_code)) { $href .= '&extension_code=' . $extension_code; } if (!$is_add) { $href .= '&' . list_link_postfix(); } if ($extension_code == 'virtual_card') { $text = $GLOBALS['_LANG']['50_virtual_card_list']; } else { $text = $GLOBALS['_LANG']['01_goods_list']; } return array('href' => $href, 'text' => $text); }
/* 处理图片 */ if (!empty($_FILES['pack_img']['name'])) { $upload_img = $image->upload_image($_FILES['pack_img'], "packimg", $_POST['old_packimg']); if ($upload_img == false) { sys_msg($image->error_msg); } $img_name = basename($upload_img); } else { $img_name = ''; } if (!empty($img_name)) { $param .= " ,pack_img = '{$img_name}' "; } if ($exc->edit($param, $_POST['id'])) { $link[0]['text'] = $_LANG['back_list']; $link[0]['href'] = 'pack.php?act=list&' . list_link_postfix(); $note = sprintf($_LANG['packedit_succed'], $_POST['pack_name']); sys_msg($note, 0, $link); admin_log($_POST['pack_name'], 'edit', 'pack'); } else { die($db->error()); } } /* 删除卡片图片 */ if ($_REQUEST['act'] == 'drop_pack_img') { /* 权限判断 */ admin_priv('pack'); $pack_id = isset($_GET['id']) ? intval($_GET['id']) : 0; /* 取得logo名称 */ $sql = "SELECT pack_img FROM " . $ecs->table('pack') . " WHERE pack_id = '{$pack_id}'"; $img_name = $db->getOne($sql);
sys_msg('对不起,不存在该入库单'); } else { if ($row_inout['adminer_id'] != $_SESSION['admin_id']) { sys_msg('对不起,您没有删除权限'); } elseif ($row_inout['inout_status'] != '1') { sys_msg('对不起,该订单已经进入审核流程,不能删除!'); } } $sql = "delete from " . $ecs->table('store_inout_list') . " where rec_id='{$id}' "; $db->query($sql); $sql = "delete from " . $ecs->table('store_inout_goods') . " where inout_rec_id='{$id}' "; $db->query($sql); $sql = "delete from " . $ecs->table('store_inout_note') . " where inout_rec_id='{$id}' "; $db->query($sql); $link[0]['text'] = $_LANG['back_list_in']; $link[0]['href'] = 'store_inout_in.php?act=list&' . list_link_postfix(); clear_cache_files(); sys_msg('成功删除', 0, $link); } elseif ($_REQUEST['act'] == 'add_link_goods') { include_once ROOT_PATH . 'includes/cls_json.php'; $json = new JSON(); check_authz_json('article_manage'); $add_ids = $json->decode($_GET['add_ids']); $args = $json->decode($_GET['JSON']); $article_id = $args[0]; if ($article_id == 0) { $article_id = $db->getOne('SELECT MAX(article_id)+1 AS article_id FROM ' . $ecs->table('article')); } foreach ($add_ids as $key => $val) { $sql = 'INSERT INTO ' . $ecs->table('goods_article') . ' (goods_id, article_id) ' . "VALUES ('{$val}', '{$article_id}')"; $db->query($sql, 'SILENT') or make_json_error($db->error());
$db->autoExecute($ecs->table('favourable_activity'), $favourable, 'UPDATE', "act_id = '{$favourable['act_id']}'"); } /* 记日志 */ if ($is_add) { admin_log($favourable['act_name'], 'add', 'favourable'); } else { admin_log($favourable['act_name'], 'edit', 'favourable'); } /* 清除缓存 */ clear_cache_files(); /* 提示信息 */ if ($is_add) { $links = array(array('href' => 'favourable.php?act=add', 'text' => $_LANG['continue_add_favourable']), array('href' => 'favourable.php?act=list', 'text' => $_LANG['back_favourable_list'])); sys_msg($_LANG['add_favourable_ok'], 0, $links); } else { $links = array(array('href' => 'favourable.php?act=list&' . list_link_postfix(), 'text' => $_LANG['back_favourable_list'])); sys_msg($_LANG['edit_favourable_ok'], 0, $links); } } elseif ($_REQUEST['act'] == 'search') { /* 检查权限 */ check_authz_json('favourable'); include_once ROOT_PATH . 'includes/cls_json.php'; $json = new JSON(); $filter = $json->decode($_GET['JSON']); $filter->keyword = json_str_iconv($filter->keyword); if ($filter->act_range == FAR_ALL) { $arr[0] = array('id' => 0, 'name' => $_LANG['js_languages']['all_need_not_search']); } elseif ($filter->act_range == FAR_CATEGORY) { $sql = "SELECT cat_id AS id, cat_name AS name FROM " . $ecs->table('category') . " WHERE cat_name LIKE '%" . mysql_like_quote($filter->keyword) . "%' LIMIT 50"; $arr = $db->getAll($sql); } elseif ($filter->act_range == FAR_BRAND) {
/* 如果友情链接的链接地址没有http://,补上 */ if (strpos($_POST['link_url'], 'http://') === false && strpos($_POST['link_url'], 'https://') === false) { $link_url = 'http://' . trim($_POST['link_url']); } else { $link_url = trim($_POST['link_url']); } /* 更新信息 */ $sql = "UPDATE " . $ecs->table('friend_link') . " SET " . "link_name = '{$link_name}', " . "link_url = '{$link_url}' " . $link_logo . ',' . "show_order = '{$show_order}' " . "WHERE link_id = '{$id}'"; $db->query($sql); /* 记录管理员操作 */ admin_log($_POST['link_name'], 'edit', 'friendlink'); /* 清除缓存 */ clear_cache_files(); /* 提示信息 */ $link[0]['text'] = $_LANG['back_list']; $link[0]['href'] = 'friend_link.php?act=list&' . list_link_postfix(); sys_msg($_LANG['edit'] . " " . stripcslashes($_POST['link_name']) . " " . $_LANG['attradd_succed'], 0, $link); } elseif ($_REQUEST['act'] == 'edit_link_name') { check_authz_json('friendlink'); $id = intval($_POST['id']); $link_name = json_str_iconv(trim($_POST['val'])); /* 检查链接名称是否重复 */ if ($exc->num("link_name", $link_name, $id) != 0) { make_json_error(sprintf($_LANG['link_name_exist'], $link_name)); } else { if ($exc->edit("link_name = '{$link_name}'", $id)) { admin_log($link_name, 'edit', 'friendlink'); clear_cache_files(); make_json_result(stripslashes($link_name)); } else { make_json_error($db->error());
$row['order_status'] = $_LANG['os'][$row['order_status']]; $row['pay_status'] = $_LANG['ps'][$row['pay_status']]; $row['shipping_status'] = $row['shipping_status'] == SS_SHIPPED_ING ? $_LANG['ss_admin'][SS_SHIPPED_ING] : $_LANG['ss'][$row['shipping_status']]; $row['action_time'] = local_date($_CFG['time_format'], $row['log_time']); $act_list[] = $row; } $smarty->assign('action_list', $act_list); /* 模板赋值 */ $smarty->assign('delivery_order', $delivery_order); $smarty->assign('exist_real_goods', $exist_real_goods); $smarty->assign('goods_list', $goods_list); $smarty->assign('delivery_id', $delivery_id); // 发货单id /* 显示模板 */ $smarty->assign('ur_here', $_LANG['delivery_operate'] . $_LANG['detail']); $smarty->assign('action_link', array('href' => 'order.php?act=delivery_list&' . list_link_postfix(), 'text' => $_LANG['09_delivery_order'])); $smarty->assign('action_act', $delivery_order['status'] == 2 ? 'delivery_ship' : 'delivery_cancel_ship'); assign_query_info(); _wap_assign_header_info('发货单详情'); _wap_assign_footer_order_info(); _wap_display_page('delivery_info.htm'); } elseif ($act == 'remove_delivery') { $delivery_id = empty($_REQUEST['delivery_id']) ? '' : trim($_REQUEST['delivery_id']); // 删除发货单 // 查询:发货单信息 $delivery_order = delivery_order_info($delivery_id); // 如果status不是退货 if ($delivery_order['status'] != 1) { /* 处理退货 */ delivery_return_goods($value_is, $delivery_order); }
/** * 列表链接. * * @param bool $is_add 是否添加(插入) * @param string $text 文字 * * @return array('href' => $href, 'text' => $text) */ function list_link($is_add = true, $text = '') { $href = 'topic.php?act=list'; if (!$is_add) { $href .= '&' . list_link_postfix(); } if ($text == '') { $text = $GLOBALS['_LANG']['topic_list']; } return array('href' => $href, 'text' => $text); }
$msg = "修改“" . $_POST['user_name'] . "”管理员信息成功!"; //发生短信逻辑 $smskey = empty($_POST['sms']) ? '' : trim($_POST['sms']); if ($smskey == 'send') { $content = $name . "您好!您的账号已被重置:" . trim($_REQUEST['user_name']) . "/" . $_POST['new_password']; $sms = new sms(); $result = $sms->send($admin_cellphone, $content, "", "", $_SESSION["admin_name"]); if ($result["error"] != 0) { $msg .= $result["msg"]; } else { $msg .= "并且短信发生成功!"; } } /* 提示信息 */ $links[0]['text'] = $_LANG['goto_list']; $links[0]['href'] = 'schoolAdmin.php?act=list&' . list_link_postfix(); $links[1]['text'] = $_LANG['go_back']; $links[1]['href'] = 'javascript:history.back()'; sys_msg($msg, 0, $links); } elseif ($_REQUEST['act'] == 'edit_name') { /* 检查权限 */ check_authz_json('schoolAdmin_manage'); $id = empty($_REQUEST['id']) ? 0 : intval($_REQUEST['id']); $name = empty($_REQUEST['val']) ? '' : json_str_iconv(trim($_REQUEST['val'])); $sql = "SELECT user_name FROM " . $ecs->table('admin_user') . " WHERE user_id = '{$id}'"; $user_name = $db->getOne($sql); $sql = "update " . $ecs->table('admin_user') . " set name='" . $name . "' WHERE user_id = '{$id}'"; $db->query($sql); admin_log(addslashes($user_name . ',' . $name), 'edit', 'schoolAdmin'); make_json_result(stripcslashes($name)); } elseif ($_REQUEST['act'] == 'edit_email') {