function login($loginname, $passwd0) { global $config; $ret = array(); $ret['code'] = 1; if ($loginname == '' || $passwd0 == '') { $ret['code'] = -1; $ret['msg'] = '登入失败 : 账号/密码缺误 !!'; } $query = "SELECT * FROM `saja_user`.`saja_enterprise` \r\n\t\t\tWHERE \r\n\t\t\tprefixid = 'saja' \r\n\t\t\tAND loginname = '" . $loginname . "' \r\n\t\t\tAND switch = 'Y' \r\n\t\t\t"; error_log($query); $model = new mysql($config["db"][0]); $model->connect(); $table = $model->getQueryRecord($query); if (empty($table['table']['record'])) { $ret['code'] = -2; $ret['msg'] = '登入失败 : 账号不存在!!'; } $record = $table['table']['record'][0]; $str = new convertString(); $passwd = $str->strEncode($passwd0, $config['encode_key']); // error_log("[loginto login] user : "******"-".$record['passwd']); if ($record['passwd'] == $passwd) { $ret['code'] = 1; $ret['msg'] = $record; } else { $ret['code'] = -3; $ret['msg'] = '登入失败 : 密码错误!!'; } return $ret; }
} if (empty($io->input['post']["passwd"])) { jsAlertMsg('登錄密碼錯誤!!'); } // Check Variable End require_once "saja/mysql.ini.php"; $model = new mysql($config["db"][0]); $model->connect(); $db_user = $config["db"][0]["dbname"]; //print_R($db_user);exit; require_once "saja/convertString.ini.php"; $str = new convertString(); ############################################################################################################################################## // Table Start $query = "SELECT * FROM `{$db_user}`.`{$config['default_prefix']}enterprise` \r\nWHERE \r\n\tprefixid = '" . $config['default_prefix_id'] . "' \r\n\tAND loginname = '" . $io->input['post']["name"] . "' \r\n\tAND switch = 'Y' \r\n"; $table = $model->getQueryRecord($query); if (empty($table['table']['record'])) { jsAlertMsg('登錄帳號不存在!!'); die; } $enterprise = $table['table']['record'][0]; $passwd = $str->strEncode($io->input['post']['passwd'], $config['encode_key']); if ($enterprise['passwd'] !== $passwd) { jsAlertMsg('登錄密碼錯誤!!'); } // Table End ############################################################################################################################################## $_SESSION['sajamanagement']['enterprise'] = $enterprise; setcookie('enterpriseid', $enterprise['enterpriseid'], time() + 86400, "/", COOKIE_DOMAIN); //set cookie for 1 day header("location:" . $config['default_main']);
public function confirm() { global $tpl, $config, $deposit, $product; //設定 Action 相關參數 set_status($this->controller); login_required(); $drid = $_GET['drid']; //充值项目ID //if(empty($_GET['driid'])) { } $row_list = $deposit->row_list($_GET['drid']); $tpl->assign('row_list', $row_list); $deposit_rule = $deposit->deposit_rule($_GET['drid']); $tpl->assign('deposit_rule', $deposit_rule); foreach ($row_list as $rk => $rv) { if ((int) $rv['driid'] == (int) $_GET["driid"]) { //取得儲值點數 $get_deposit['drid'] = $_GET['drid']; $get_deposit['driid'] = $rv['driid']; $get_deposit['name'] = $rv['name']; $get_deposit['amount'] = floatval($rv['amount']); $get_deposit['spoint'] = $rv['spoint']; break; } else { continue; } } //endforeach; if ($_GET['drid'] == '7' || $_GET['drid'] == '9') { //Hinet & 阿拉訂 : 點數兌換時才生訂單 $get_deposit['drid'] = $drid; } else { if ($_GET['drid'] != '7' && $_GET['drid'] != '9') { //新增deposit_history資訊 $currenty = $config['currency']; if ($_GET['drid'] == '6' || $_GET['drid'] == '8') { $currency = "NTD"; } else { $currency = "RMB"; } $userid = $_SESSION['auth_id']; if ($this->is_test_id($userid)) { if ($currency == "NTD") { $get_deposit['amount'] = 2; } else { if ($currency == "RMB") { $get_deposit['amount'] = 0.01; } } } $depositid = $deposit->add_deposit($_SESSION['auth_id'], $get_deposit['amount'], $currency); $spointid = $deposit->add_spoint($_SESSION['auth_id'], $get_deposit['spoint']); $dhid = $deposit->add_deposit_history($_SESSION['auth_id'], $_GET["driid"], $depositid, $spointid); $get_scode_promote = $deposit->get_scode_promote_rt($_GET['driid']); if (!empty($get_scode_promote)) { $i = 1; $spmemo = ''; foreach ($get_scode_promote as $sk => $sv) { $get_product_info = $product->get_info($sv['productid']); $spmemo .= $sv['name']; /* if(!empty($sv['num'])) { $spmemo.=$sv['num'].' 张'; } */ if (!empty($get_product_info['productid'])) { $spmemo .= '</br>(<a style="color:#3388cc;white-space:pre-wrap;" href="/site/product/saja/?channelid=1&productid=' . $get_product_info['productid'] . '">' . $get_product_info['name'] . '</a>)<br>'; } /* if ($sv['spid'] == 4) { $spmemo .= $i.". S码 X ".$sv['num']."\n"; $i++; } if ($sv['spid'] == 52) { $get_product_info = $product->get_info($sv['productid']); $spmemo .= $i.'. 限定S码 X '.$sv['num'].'<br>(<a style="color:#3388cc;white-space:pre-wrap;" href="/site/product/saja/?channelid=1&productid='.$get_product_info['productid'].'">'.$get_product_info['name'].'</a>)<br>'; $i++; } */ /*if ($sv['driid'] >= 8 && $sv['driid'] <= 12) { $spmemo .= $i.'. 交通银行用户使用银联支付单笔满50独享额外加送10组限定S码(限一次)'; $i++; }*/ } } else { $spmemo .= "无赠送任何东西"; } if ($_GET['drid'] == 4) { $banklist = array(); $banklist['BOCOM'] = "交通银行"; $banklist['CMB'] = "招商银行"; $banklist['CCB'] = "建设银行"; $banklist['SPDB'] = "浦发银行"; $banklist['GDB'] = "广发银行"; $banklist['PSDB'] = "邮政储蓄银行"; $banklist['CIB'] = "兴业银行"; $banklist['HXB'] = "华夏银行"; $banklist['PAB'] = "平安银行"; $banklist['BOS'] = "上海银行"; $banklist['SRCB'] = "上海农商银行"; $banklist['BCCB'] = "北京银行"; $banklist['BRCB'] = "北京农商银行"; $banklist['CEB'] = "光大银行"; $banklist['ICBC'] = "工商银行(建议使用PC浏览)"; $banklist['BOCSH'] = "中国银行(建议使用PC浏览)"; $banklist['ABC'] = "农业银行(建议使用PC浏览)"; $banklist['MBC'] = "民生银行(建议使用PC浏览)"; $banklist['CNCB'] = "中信银行(建议使用PC浏览)"; $banklist['OTHERS'] = "其它"; //$banklist['BOC'] = "中国银行(大额)(建议使用PC浏览)"; $tpl->assign('bank_list', $banklist); } //Create ordernumber $get_deposit['ordernumber'] = $dhid; } } //md5(merchantnumber+code+amount+ordernumber) //$get_deposit['hash'] = md5($config['alipay']['merchantnumber'] . $config['alipay']['code'] . sprintf("%d", $get_deposit['amount']) . $dhid); // Data Consistency Check $chkStr = $dhid . "|" . $get_deposit['amount']; $cs = new convertString(); $enc_chkStr = $cs->strEncode($chkStr, $config['encode_key'], $config['encode_type']); error_log("[c/deposit/confirm] ori chkStr : " . $chkStr); error_log("[c/deposit/confirm] encode chkStr " . $enc_chkStr); $tpl->assign('chkStr', $enc_chkStr); $tpl->assign('get_deposit', $get_deposit); $tpl->assign('get_scode_promote', $get_scode_promote); $tpl->assign('spmemo', $spmemo); $tpl->set_title(''); $tpl->render("deposit", "confirm", true); }
echo $e->getMessage(); } if ($i_BUSINESS == "091001" || $i_BUSINESS == "091003") { //安源Center→業者端 向業者端要求身份驗證 if ($i_BUSINESS == "091001") { $account_id = ""; // 兌換時輸入的帳號 $userid = ""; // user unique ID $saja_bonus = 0; // Saja bonus點數 $ibon_bonus = 0; // 等值iBon 點數 if ($i_STATUS_CODE == "0000" && $i_STATUS_DESC != "" && $i_prdate_no != "") { $account_id = (string) $i_XMLData->LISTDATA->DATA_1; $exch_passwd = $str->strEncode((string) $i_XMLData->LISTDATA->DATA_2, $config['encode_key']); error_log("[ibon_process] id/pwd: " . $account_id . "/" . $exch_passwd); $sql = " SELECT u.userid, u.name, up.nickname, IFNULL(m.verified,'N') as verified, SUM(IFNULL(b.amount,0)) as saja_bonus "; $sql .= " FROM saja_user.saja_user u "; $sql .= " LEFT JOIN saja_cash_flow.saja_bonus b ON u.userid=b.userid AND u.switch='Y' AND b.switch='Y' "; $sql .= " LEFT JOIN saja_user.saja_user_sms_auth m on u.userid=m.userid AND u.switch='Y' AND m.switch='Y' "; $sql .= " LEFT JOIN saja_user.saja_user_profile up on u.userid=up.userid AND u.switch='Y' AND up.switch='Y' "; $sql .= " WHERE u.name='" . $account_id . "' AND u.exchangepasswd='" . $exch_passwd . "' AND u.switch='Y' GROUP BY u.userid, u.name, up.nickname, m.verified "; error_log("[ibon_process]sql 2 : " . $sql); $table = $db->getQueryRecord($sql); if (!empty($table['table']['record'])) { if ($table['table']['record'][0]['verified'] == 'Y') { $account_id = $table['table']['record'][0]['name']; $userid = $table['table']['record'][0]['userid']; $saja_bonus = $table['table']['record'][0]['saja_bonus']; $ibon_bonus = floor($saja_bonus * $i_Magnification * $i_CurrencyRate);
function userCommitTx() { global $db, $config, $tpl, $mall; //設定 Action 相關參數 login_required(); set_status($this->controller); date_default_timezone_set('Asia/Shanghai'); $expw = $_POST['expw']; $userid = $_POST['userid']; $evrid = $_POST['evrid']; $bonus_noexpw = $_POST['bonus_noexpw']; $bonus_total = $_POST['bonus_total']; $arrCond = array(); try { //帳號檢核 if ($userid != $_SESSION['auth_id']) { $retArr['retCode'] = '-105'; $retArr['retMsg'] = urlencode('會員資料錯誤 !!'); $this->replyAndExit($retArr); } else { error_log("[mall.userConfirmTx] userid : " . $userid . " Check OK !!"); } // 免密 兑换密码檢核 if ($bonus_total > $bonus_noexpw) { $cs = new convertString(); $exchangepasswd = $cs->strEncode($expw, $config['encode_key']); $query = "SELECT * \n\t\t\t\t\t\t\t\tFROM `{$config['db'][0]['dbname']}`.`{$config['default_prefix']}user` \n\t\t\t\t\t\t\t\tWHERE prefixid = '{$config['default_prefix_id']}' \n\t\t\t\t\t\t\t\t AND userid = '{$userid}' \n\t\t\t\t\t\t\t\t AND exchangepasswd = '{$exchangepasswd}' \n\t\t\t\t\t\t\t\t AND switch = 'Y' \n\t\t\t\t\t\t\t\t LIMIT 1\n\t\t\t\t\t\t\t\t"; $table = $db->getQueryRecord($query); if (empty($table['table']['record'][0]['exchangepasswd'])) { //'兑换密码错误' $retArr['retCode'] = '-112'; $retArr['retMsg'] = urlencode('兑换密码错误!!'); $this->replyAndExit($retArr); } else { error_log("[mall.userConfirmTx] exchange pwd : " . $expw . " Check OK !!"); } } $arrCond['evrid'] = $evrid; $record = $mall->getQrcodeTxRecord($arrCond); $retArr = array(); //確認資料存在 $retArr['evrid'] = $evrid; if (!$record) { $retArr['retCode'] = '-100'; $retArr['retMsg'] = urlencode('交易紀錄不存在!!'); $this->replyAndExit($retArr); } else { error_log("[mall.userConfirmTx] evrid : " . $evrid . " Check OK !!"); } //確認交易狀態資料 if ($record['tx_status'] != 3) { $retArr['retCode'] = '-111'; $retArr['retMsg'] = urlencode('交易資料狀態錯誤!!'); $this->replyAndExit($retArr); } else { error_log("[mall.userConfirmTx] tx_status : " . $tx_status . " Check OK !!"); } $arrCond['userid'] = $userid; $arrCond['tx_status'] = '3'; // 確認紅利點數 $require_bonus = $record['total_bonus']; $curr_bonus = $mall->bonus_check($userid); error_log("[mall.userConfirmTx] curr bonus : " . $curr_bonus . ", required bonus :" . $require_bonus); if ($curr_bonus < $require_bonus) { $retArr['retCode'] = '-104'; $retArr['retMsg'] = urlencode('會員紅利點數不足!!'); $this->replyAndExit($retArr); } else { error_log("[mall.userConfirmTx] curr bonus check OK !!"); } //OK //產生會員紅利點數支付紀錄 $query = "insert into `{$config['db'][1]['dbname']}`.`{$config['default_prefix']}bonus` set \n\t\t\t\t\t\t `prefixid` = '{$config['default_prefix_id']}', \n\t\t\t\t\t\t `userid` = '{$userid}', \n\t\t\t\t\t\t `countryid` = '{$config['country']}', \n\t\t\t\t\t\t `behav` = 'user_qrcode_tx', \n\t\t\t\t\t\t `amount` = '-{$require_bonus}', \n\t\t\t\t\t\t `seq` = '0', \n\t\t\t\t\t\t `switch` = 'Y', \n\t\t\t\t\t\t `insertt` = now()"; error_log("[mall.userConfirmTx] pay bonus : " . $query); $db->query($query); $bonusid = $db->_con->insert_id; //產生商家紅利點數收取記錄 $insert = "insert into `{$config['db'][1]['dbname']}`.`{$config['default_prefix']}bonus_store` set \n\t\t\t\t\t\t `prefixid` = '{$config['default_prefix_id']}', \n\t\t\t\t\t\t `bonusid` = '{$bonusid}',\n\t\t\t\t\t\t `enterpriseid`='" . $record['vendorid'] . "',\n\t\t\t\t\t\t `esid`=(select esid from saja_user.saja_enterprise where enterpriseid='" . $record['vendorid'] . "' ),\n\t\t\t\t\t\t `countryid` = (select countryid from saja_user.saja_enterprise_profile where enterpriseid='" . $record['vendorid'] . "' ), \n\t\t\t\t\t\t `behav` = 'user_qrcode_tx', \n\t\t\t\t\t\t `amount` = '{$require_bonus}', \n\t\t\t\t\t\t `seq` = '0', \n\t\t\t\t\t\t `switch` = 'Y', \n\t\t\t\t\t\t `insertt` = now()"; error_log("[mall.userConfirmTx] earn bonus : " . $insert); $db->query($insert); //修改交易紀錄 $arrUpd = array(); $tx_status = '4'; $arrUpd['bonusid'] = $bonusid; $arrUpd['tx_status'] = $tx_status; $arrUpd['commit_time'] = date('YmdHis'); $retCode = $mall->updQrcodeTxRecord($arrUpd, $arrCond); $retArr = array(); if ($retCode) { // $ws=new Client($config['wss_url']); // $ws->send('NTFY|'.$arrCond['evrid'].'|'.$arrUpd['tx_status']); $retArr['retCode'] = '1'; $retArr['retMsg'] = urlencode('交易完成,使用红利:' . $require_bonus . '点'); } } catch (Exception $e) { $retArr['retCode'] = $e->getCode(); $retArr['retMSg'] = $e->getMessage(); } $this->replyAndExit($retArr); }