function sendMsgToOpt()
{
foreach ($_POST as $key => $val) {
$_POST[$key] = strip_tags($val);
}
if ($this->system->getConf('comment.verifyCode.msg') == 'on') {
if (md5(trim($_POST['verifyCode'])) != $_COOKIE['RANDOM_CODE']) {
$this->splash('failed', 'back', __('验证码录入错误,请重新输入'));
}
}
$this->_verifyMember(false);
$oMsg =& $this->system->loadModel('resources/shopbbs');
$nOpId = $oMsg->getOpId();
$aTemp = array('subject' => $_POST['subject'], 'msg_from' => empty($_POST['msg_from']) && empty($this->member['member_id']) ? __('游客') : $_POST['msg_from'], 'from_type' => isset($this->member) ? 0 : 2, 'to_type' => 1, 'folder' => 'inbox');
if (!$this->member['member_id']) {
$aTemp['email'] = $_POST['email'];
}
$aTemp['msg_ip'] = remote_addr();
if ($this->system->getConf('system.message.open') == 'on') {
$aTemp['is_sec'] = 'false';
} else {
$aTemp['is_sec'] = 'true';
}
$from = $this->member['member_id'] ? $this->member['member_id'] : 0;
if ($oMsg->sendMsg($from, $nOpId, $_POST['message'], $aTemp)) {
$this->splash('success', $this->system->mkUrl("message", "index"), __('提交成功,请等待管理员回复!'));
} else {
$this->splash('failed', $this->system->mkUrl("message", "index"), __('留言提交失败!'));
}
}
function logit($r = '', $status = '200')
{
global $siteurl, $prefs, $pretext;
$mydomain = str_replace('www.', '', preg_quote($siteurl, "/"));
$out['uri'] = @$pretext['request_uri'];
$out['ref'] = clean_url(str_replace("http://", "", serverSet('HTTP_REFERER')));
$ip = remote_addr();
$host = $ip;
if (!empty($prefs['use_dns'])) {
// A crude rDNS cache
if ($h = safe_field('host', 'txp_log', "ip='" . doSlash($ip) . "' limit 1")) {
$host = $h;
} else {
// Double-check the rDNS
$host = @gethostbyaddr($ip);
if ($host != $ip and @gethostbyname($host) != $ip) {
$host = $ip;
}
}
}
$out['ip'] = $ip;
$out['host'] = $host;
$out['status'] = $status;
$out['method'] = serverSet('REQUEST_METHOD');
if (preg_match("/^[^\\.]*\\.?{$mydomain}/i", $out['ref'])) {
$out['ref'] = "";
}
if ($r == 'refer') {
if (trim($out['ref']) != "") {
insert_logit($out);
}
} else {
insert_logit($out);
}
}
/**
* @todo register bad login
*/
function process()
{
global $username, $password;
$this->kernel->tpl->set_var('login.error', '');
$this->kernel->tpl->set_var('user.name', '');
if (isset($GLOBALS['logout'])) {
$this->kernel->session->logout();
$this->kernel->user->log('logout');
}
if (isset($GLOBALS['cookie_user_name'])) {
$this->kernel->tpl->set_var('user.name', $GLOBALS['cookie_user_name']);
}
if (isset($GLOBALS['submit'])) {
if (empty($GLOBALS['username']) || empty($GLOBALS['password'])) {
$this->kernel->tpl->set_var('login.error', $this->kernel->lang['login.error.empty']);
} else {
$result = $this->kernel->user->login($username, $password);
if (empty($result)) {
// register bad login
$host = remote_addr();
$this->kernel->tpl->set_var('login.error', $this->kernel->lang['login.error']);
$this->kernel->tpl->set_var('user.name', $username);
} else {
setcookie("cookie_user_name", $username, time() + 360000000, "/");
redirect($GLOBALS['PHP_SELF']);
exit;
}
}
}
$this->kernel->tpl->set_file('login_tpl', MODDIR . 'control/tpl/page.login.html');
return $this->kernel->tpl->process('', 'login_tpl');
}
function dologin()
{
if ($this->system->getConf('system.admin_verycode') || $this->system->getConf('system.admin_error_login_times') > $this->login_times_error) {
if (strtolower($_POST["verifycode"]) !== strtolower($_SESSION["RANDOM_CODE"])) {
$_SESSION['loginmsg'] = __("验证码输入错误!");
header('Location: index.php?ctl=passport&act=login');
exit;
}
}
$oOpt =& $this->system->loadModel('admin/operator');
$aResult = $oOpt->tryLogin($_POST);
if ($aResult) {
require 'magicvars_sys.php';
$magic =& $this->system->loadModel('system/magicvars');
$now_magic_data = $magic->getList('var_name', '', 0, -1);
$tmp_magic_data = array();
foreach ($now_magic_data as $m_key => $m_value) {
$tmp_magic_data[$m_value['var_name']] = 1;
}
$import_data = array_diff_key($magicvars, $tmp_magic_data);
if ($import_data) {
foreach ($import_data as $me => $i_data) {
$magic->insert($i_data);
}
}
if ($_POST['save_login_name']) {
setcookie("SHOPEX_LOGIN_NAME", $_POST['usrname'], time() + 86400 * 10);
} else {
setcookie("SHOPEX_LOGIN_NAME", "");
}
$log_info['username'] = $_POST['usrname'];
$oOpt->operator_logs('operator', $log_info);
$status =& $this->system->loadModel('system/status');
$lg_key = $this->system->getConf('system.admin_dontlogincheckip') ? md5(remote_addr() . $aResult['op_id']) : md5($aResult['op_id']);
$_SESSION['SHOPEX_LG_KEY'] = $lg_key;
setcookie('SHOPEX_LG_KEY', $lg_key);
$status->update(1);
$this->system->op_id = $aResult['op_id'];
$data['lastlogin'] = time();
$data['logincount'] = $aResult['logincount'] + 1;
$oOpt->setLogInfo($data, $aResult['op_id']);
$this->system->setConf('system.admin_error_login_times', 0);
if ($_REQUEST['return']) {
header("Location: index.php#" . $_REQUEST['return']);
} else {
header("Location: index.php");
}
} else {
if (intval($this->system->getConf('system.admin_error_login_time') + 3600) > time()) {
$this->system->setConf('system.admin_error_login_times', $this->system->getConf('system.admin_error_login_times') + 1);
} else {
$this->system->setConf('system.admin_error_login_times', 1);
}
$this->system->setConf('system.admin_error_login_time', time());
$_SESSION['loginmsg'] = __('用户名或密码错误!');
header('Location: index.php?ctl=passport&act=login');
exit;
}
}
function retry_alias($ali_name)
{
$params = array('host_id' => '1', 'alias' => $ali_name, 'ip' => remote_addr());
$result = $this->native_svc(SAAS_API_URL, 'alias.retry_alias', $params);
if (!$result) {
$this->debug_msg();
return '域名信息读取失败,请稍候再试。';
}
if ($result['result'] == 'false') {
return $this->msg($result['result_msg']);
}
return true;
}
function dazuiLog()
{
$system =& $GLOBALS['system'];
$map = array('date' => date('Y-m-d'), 'worker' => 'shop', 'controller' => isset($system->request['action']['controller']) ? $system->request['action']['controller'] : '-', 'method' => isset($system->request['action']['method']) ? $system->request['action']['method'] : '-', 'query' => isset($system->request['query']) ? $system->request['query'] : '-', 'ip' => remote_addr());
foreach ($map as $k => $v) {
$find[] = '/\\{' . $k . '\\}/i';
}
$this->file = preg_replace($find, $map, LOG_FILE);
if (!is_dir($dir = dirname($this->file))) {
mkdir_p($dir);
}
$this->logStr = create_function('$e', 'return "' . preg_replace(array_merge($find, array('/\\{time\\}/i', '/\\{gmt\\}/i', '/\\{code\\}/i', '/\\{msg\\}/i')), array_merge($map, array('".mydate(\'h:i:s\')."', '[".mydate(\'r\')."]', '".str_pad($e[\'code\'],4,0, STR_PAD_LEFT)."', '".str_replace("\\n",\'\\n\',$e[\'msg\'])."')), str_replace('"', '\\"', LOG_FORMAT)) . '";');
}
function dologin()
{
if ($this->system->getConf('system.admin_verycode') || $this->system->getConf('system.admin_error_login_times') > $this->login_times_error) {
if (strtolower($this->in["verifycode"]) !== strtolower($_SESSION["RANDOM_CODE"])) {
$_SESSION['loginmsg'] = __("验证码输入错误!");
header('Location: index.php?ctl=passport&act=login');
exit;
}
}
$oOpt = $this->system->loadModel('admin/operator');
$aResult = $oOpt->tryLogin($_POST);
if ($aResult) {
if ($_POST['save_login_name']) {
setcookie("SHOPEX_LOGIN_NAME", $_POST['usrname'], time() + 86400 * 10);
} else {
setcookie("SHOPEX_LOGIN_NAME", "");
}
$config = unserialize($aResult['config']);
$oOpt->update(array('lastlogin' => time(), 'lastip' => remote_addr(), 'logincount' => $aResult['logincount'] + 1), array('op_id' => $aResult['op_id']));
unset($_SESSION["loginmsg"]);
unset($_SESSION['_PageData']);
unset($_SESSION['OPID']);
unset($_SESSION['SUPER']);
$profile = $this->system->loadModel('adminProfile');
$status = $this->system->loadModel('system/status');
$status->update(1);
$profile->load($aResult['op_id']);
$_SESSION['OPID'] = $aResult['op_id'];
$_SESSION['SUPER'] = $aResult['super'];
$_SESSION['profile'] =& $profile;
$this->system->session->login();
if ($_REQUEST['return']) {
header("Location: index.php#" . $_REQUEST['return']);
} else {
header("Location: index.php");
}
} else {
if (intval($this->system->getConf('system.admin_error_login_time') + 3600) > time()) {
$this->system->setConf('system.admin_error_login_times', $this->system->getConf('system.admin_error_login_times') + 1);
} else {
$this->system->setConf('system.admin_error_login_times', 1);
}
$this->system->setConf('system.admin_error_login_time', time());
$_SESSION['loginmsg'] = __('用户名或密码错误!');
header('Location: index.php?ctl=passport&act=login');
exit;
}
}
/**
* pagefactory
*
* @access public
* @return void
*/
function adminPage()
{
parent::pageFactory();
if (defined('CUSTOM_CORE_DIR') && substr(get_class($this), 0, 4) == 'cct_') {
$this->template_dir = CUSTOM_CORE_DIR . '/admin/view/';
} else {
$this->template_dir = CORE_DIR . '/admin/view/';
}
$this->system =& $GLOBALS['system'];
$this->pagedata = array();
if (DEBUG_TEMPLETE) {
$o =& $this->system->loadModel('system/template');
$theme = $this->system->getConf('system.ui.current_theme');
$o->resetTheme($theme);
}
if (!$this->system->_base_link) {
$this->system->_base_link = $base_url;
if (!$this->system->getConf('system.seo.emuStatic') || $this->system->getConf('system.seo.emuStatic') == 'false') {
$this->system->_base_link .= APP_ROOT_PHP . '?';
}
}
$this->_env_vars = array('base_url' => $this->system->_base_link);
if ($_GET['_ajax']) {
if (!defined('IN_AJAX')) {
define('IN_AJAX', true);
ob_start();
}
} else {
define('IN_AJAX', false);
}
if ($_GET['ctl'] != 'passport') {
$lg_key = $_GET['ctl'] == 'system/comeback' ? $_COOKIE['SHOPEX_LG_KEY'] : $_SESSION['SHOPEX_LG_KEY'];
if (false === $this->system->op_id || $this->system->op_is_disabled || $lg_key != MD5(remote_addr() . $this->system->op_id)) {
$this->notAuth();
} else {
if (!$this->system->op_is_super) {
$oOpt =& $this->system->loadModel('admin/operator', 'config');
if (!$oOpt->check_role($this->system->op_id, $this->workground)) {
$this->system->responseCode(403);
exit;
}
}
}
}
// 是否拥有分销权限 2009-11-20 13:48 wubin
$this->pagedata['distribute'] = $this->system->getConf('certificate.distribute');
}
/**
* shop
*
* @access public
* @return void
*/
function run()
{
if (isset($_GET['gOo'])) {
$urlTools =& $this->loadModel('utility/url');
if ($url = $urlTools->oldVersionShopEx($_GET)) {
$this->compactUrl($url);
}
}
ob_start();
define('IN_SHOP', true);
$_COOKIE = $_COOKIE[COOKIE_PFIX];
$request = $this->parseRequest();
$this->lang = $request['lang'] ? $request['lang'] : DEFAULT_LANG;
$request['money'] = $request['member_lv'] . $request['cur'];
$this->request =& $request;
$GLOBALS['runtime'] = $request;
if (isset($request['member'])) {
foreach ($request['member'] as $k => $v) {
$GLOBALS['runtime'][$k] = $v;
}
}
$cacheAble = !(count($_POST) > 0);
if (defined('BLACKLIST')) {
$blackList = preg_split('/[\\s,]+/', BLACKLIST);
require_once CORE_DIR . '/func_ext.php';
if ($this->match_network($blackList, remote_addr())) {
$this->_succ = true;
header('Connection: close', true, 401);
echo '<h1>Access Denied</h1>';
exit;
}
}
if (isset($_GET['ctl'])) {
$page =& $this->_frontend($request, array('controller' => $_GET['ctl'], 'method' => isset($_GET['act']) ? $_GET['act'] : 'index', 'args' => isset($_GET['p']) ? $_GET['p'] : null));
} elseif (!$cacheAble || !$this->cache->get($ident = implode('|', $request), $page)) {
register_shutdown_function(array(&$this, 'shutdown'));
$this->co_start();
$page =& $this->_frontend($request);
if ($cacheAble && $page['cache']) {
$this->cache->set($ident, $page, $this->co_end());
}
}
$this->display($page);
exit;
}
/**
* Writes a record to the visitor log using the current visitor's information.
*
* This function is used by log_hit(). See it before trying to use this one.
*
* The hit is ignore if $r is set to 'refer' and the HTTP REFERER header is empty.
*
* @param string $r Type of record to write, e.g. refer
* @param int $status HTTP status code
* @access private
* @see log_hit()
*/
function logit($r = '', $status = 200)
{
global $prefs, $pretext;
if (!isset($pretext['request_uri'])) {
return;
}
$host = $ip = (string) remote_addr();
$protocol = false;
$referer = serverSet('HTTP_REFERER');
if ($referer) {
foreach (do_list(LOG_REFERER_PROTOCOLS) as $option) {
if (strpos($referer, $option . '://') === 0) {
$protocol = $option;
$referer = substr($referer, strlen($protocol) + 3);
break;
}
}
if (!$protocol || $protocol === 'https' && PROTOCOL !== 'https://') {
$referer = '';
} elseif (preg_match('/^[^\\.]*\\.?' . preg_quote(preg_replace('/^www\\./', '', SITE_HOST), '/') . '/i', $referer)) {
$referer = '';
} else {
$referer = $protocol . '://' . clean_url($referer);
}
}
if ($r == 'refer' && !$referer) {
return;
}
if (!empty($prefs['use_dns'])) {
// A crude rDNS cache.
if (($h = safe_field('host', 'txp_log', "ip='" . doSlash($ip) . "' limit 1")) !== false) {
$host = $h;
} else {
// Double-check the rDNS.
$host = @gethostbyaddr($ip);
if ($host !== $ip && @gethostbyname($host) !== $ip) {
$host = $ip;
}
}
}
insert_logit(array('uri' => $pretext['request_uri'], 'ip' => $ip, 'host' => $host, 'status' => $status, 'method' => serverSet('REQUEST_METHOD'), 'ref' => $referer));
}
function toSubmit($payment)
{
$merId = $this->getConf($payment['M_OrderId'], 'member_id');
$ikey = $this->getConf($payment['M_OrderId'], 'PrivateKey');
$payment['M_Currency'] = "1";
//$order->M_Currency = "1";
$orderdate = date("Ymd", $payment['M_Time']);
//$order->M_Time
$payment['M_Amount'] = number_format($payment['M_Amount'], $this->system->getConf('site.decimal_digit'), ".", "") * 100;
$v_orderid = $merId . $orderdate . substr($payment['M_OrderId'], -10);
$subject = $payment['M_OrderNO'];
$spbill_create_ip = remote_addr();
$bank_type = $payment['payExtend']['bankId'] ? $payment['payExtend']['bankId'] : 0;
$charset = $this->system->loadModel('utility/charset');
$desc = $charset->utf2local($subject, 'zh');
$sp_billno = $charset->utf2local($subject, 'zh');
$str = "cmdno=1&date=" . $orderdate . "&bargainor_id=" . $merId . "&transaction_id=" . $v_orderid . "&sp_billno=" . $sp_billno . "&total_fee=" . $payment['M_Amount'] . "&fee_type=" . $payment['M_Currency'] . "&return_url=" . $this->callbackUrl . "&attach=" . $payment['M_OrderId'] . "&spbill_create_ip=" . $spbill_create_ip . "&key=" . $ikey;
$md5string = strtoupper(md5($str));
$return["cmdno"] = "1";
$return["date"] = $orderdate;
$return["bank_type"] = $bank_type;
$return["desc"] = $subject;
$return["purchaser_id"] = "";
$return["bargainor_id"] = $merId;
$return["transaction_id"] = $v_orderid;
//$payment['M_OrderId'];
$return["sp_billno"] = $payment['M_OrderNO'];
//$order->M_OrderNO;
$return["total_fee"] = $payment['M_Amount'];
//$order->M_Amount;
$return["fee_type"] = $payment['M_Currency'];
//$order->M_Currency;
$return["return_url"] = $this->callbackUrl;
$return["attach"] = $payment['M_OrderId'];
$return["spbill_create_ip"] = $spbill_create_ip;
$return["sign"] = $md5string;
return $return;
}
function create($data)
{
$data['refund_id'] = $this->gen_id();
$data['t_ready'] = time();
$data['t_sent'] = time();
$data['ip'] = remote_addr();
if ($data['pay_type'] == 'deposit') {
//todo预存款
// $this->money=$money;
}
if ($payCfg = $this->db->selectrow('SELECT pay_type,fee,custom_name FROM sdb_payment_cfg WHERE id=' . intval($data['payment']))) {
$data['paycost'] = $payCfg['fee'] * $data['money'];
//$this->bank = $payCfg['pay_type'];
$data['paymethod'] = $payCfg['custom_name'];
}
$rs = $this->db->query('select * from sdb_refunds where 0=1');
$sql = $this->db->getInsertSQL($rs, $data);
if ($this->db->exec($sql)) {
return $data['refund_id'];
} else {
return false;
}
}
function _init($payment_id)
{
$aPayment = $this->payment->getPaymentById($payment_id);
if ($aPayment['id'] < 1) {
$this->splash('failed', $_SERVER["HTTP_REFERER"], __('支付失败:请选择支付方式!'));
} elseif ($aPayment['pay_type'] == 'offline') {
if ($this->member['member_id']) {
$this->splash('failed', $this->system->mkUrl("member", "orderdetail", array($_POST['order_id'])), __('订单已成功提交了:') . $aPayment['custom_name']);
} else {
$this->splash('failed', $this->system->mkUrl("order", "index", array($_POST['order_id'])), __('订单已成功提交了:') . $aPayment['custom_name']);
}
} else {
if ($aPayment['pay_type'] == 'deposit') {
$this->_verifyMember();
$this->payment->pay_type = 'deposit';
} else {
$this->payment->pay_type = 'online';
}
$this->payment->fee = $aPayment['fee'];
$this->payment->type = $aPayment['pay_type'];
$this->payment->bank = $aPayment['pay_type'];
$aPayment['config'] = unserialize($aPayment['config']);
$this->payment->config = $aPayment['config'];
$this->payment->account = $aPayment['config']['member_id'];
$this->payment->payment = $payment_id;
$this->payment->paymethod = $aPayment['custom_name'];
$this->payment->status = 'ready';
$this->payment->ip = remote_addr();
$this->payment->t_begin = time();
$this->payment->memo = __('会员支付自动生成');
}
}
// if registration is open log the user in
if ($ps->conf['main']['registration'] == 'open') {
$cms->session->online_status(1, $userinfo['userid']);
}
// display the registration confirmation
$basename = basename(__FILE__, '.php') . '_confirmation';
$cms->theme->add_css('css/forms.css');
$cms->full_page($basename, $basename, $basename . '_header', $basename . '_footer');
exit;
} else {
$ps->db->rollback();
}
}
} else {
if ($ps->conf['main']['uniqueid'] == 'ipaddr') {
$form->set('uniqueid', remote_addr());
}
}
if ($ps->conf['main']['security']['csrf_protection']) {
$cms->session->key($form->key());
}
// assign variables to the theme
$cms->theme->assign(array('errors' => $form->errors(), 'form' => $form->values(), 'uniqueid_label' => $uniqueid_label, 'form_key' => $ps->conf['main']['security']['csrf_protection'] ? $cms->session->key() : ''));
// display the output
$basename = basename(__FILE__, '.php');
$cms->theme->add_css('css/forms.css');
$cms->theme->add_js('js/forms.js');
$cms->full_page($basename, $basename, $basename . '_header', $basename . '_footer');
// validator functions --------------------------------------------------------------------------
function password_match($var, $value, &$form)
{
function toReply($comment_id)
{
$this->begin('index.php?ctl=goods/discuss&act=detail&p[0]=' . $comment_id);
$objComment =& $this->system->loadModel('comment/comment');
$aComment = $objComment->getFieldById($comment_id, array('*'));
$aData['comment'] = $_POST['reply_content'];
$aData['for_comment_id'] = $comment_id;
$aData['goods_id'] = $aComment['goods_id'];
$aData['object_type'] = $aComment['object_type'];
$aData['author_id'] = $this->system->op_id;
$aData['author'] = __('管理员') . '[' . $this->system->op_name . ']';
$aData['time'] = time();
$aData['lastreply'] = time();
$aData['display'] = 'true';
$aData['ip'] = remote_addr();
$this->end($objComment->toReply($aData), __('回复成功!'));
}
function toCreate()
{
$this->payment_id = $this->gen_id();
$this->t_begin = time();
$this->t_end = time();
$this->ip = remote_addr();
//如何网关实际是不支付外币交易的,但又选择了外币支付,则支付单中的实际支付金额,就是本位币金额。
if (!$this->cur_trading && $this->currency != 'CNY') {
$this->cur_money = $this->money;
}
$oCur =& $this->system->loadModel('system/cur');
if ($payCfg = $this->db->selectrow('SELECT pay_type,fee,custom_name FROM sdb_payment_cfg WHERE id=' . intval($this->payment))) {
$this->paycost = $oCur->formatNumber($this->paycost, false);
$this->paymethod = $payCfg['custom_name'];
}
$aRs = $this->db->query('SELECT * FROM sdb_payments WHERE 0=1');
$sSql = $this->db->GetInsertSQL($aRs, $this);
if ($this->db->exec($sSql)) {
return $this->payment_id;
} else {
return false;
}
}
/**
* return false if no user exists
* return user info else
*
* update lasthost, lastip if user exists
*/
function login($username, $password)
{
global $g_user_id;
$password = md5($password);
$username = $this->kernel->db->addSlashes($username);
$tmp = $this->kernel->db->selectRow("SELECT *\n\t\t\t\t\t\t\tFROM fu_users \n\t\t\t\t\t\t\tWHERE username='******' AND password='******' AND active!=0");
if ($tmp) {
$this->load($tmp);
// get hostname
$host = remote_addr();
$this->kernel->db->query("UPDATE fu_users \n\t\t\t\t\t\t\tSET lasthost='{$host}', lastlogin=NOW() \n\t\t\t\t\t\t\tWHERE id='{$this->id}'");
$this->log("login from {$host}");
$g_user_id = $this->id;
session_register('g_user_id');
// get group info
return true;
} else {
return false;
}
}
function store_data_text()
{
global $mirrorconfig;
global $privateconfig;
$cookie = fetch_cookie();
# Validated for certain safety measures.
$tokens = param_val("tokens", "/^[a-zA-Z0-9 ,]+\$/");
if ($_POST["nobots"] != "serious") {
header("HTTP/1.1 500 Internal server error");
print htmlentities("nobots value wrong, received \"" . $_POST["nobots"] . "\"");
exit(1);
}
if ($_POST["purpose"] == "-") {
header("HTTP/1.1 400 Bad Request");
print htmlentities("'purpose' must be specified to post this comment.");
exit(1);
}
$message = sprintf("%-15s: %s\n", "contact", $_POST["contact"]);
$message .= sprintf("%-15s: %s\n", "purpose", $_POST["purpose"]);
$message .= sprintf("%-15s: %s\n", "tokens", $_POST["tokens"]);
$message .= sprintf("%-15s: %s\n", "score_transition", $_POST["score_transition"]);
$message .= sprintf("%-15s: %s\n", "score_strict", $_POST["score_strict"]);
$message .= sprintf("%-15s: %s\n", "a", $_POST["a"]);
$message .= sprintf("%-15s: %s\n", "aaaa", $_POST["aaaa"]);
if (preg_match("/ok|slow/", $_POST["ds4"])) {
$message .= sprintf("%-15s: %s (via ipv4)\n", "ds", $_POST["ds4"]);
} else {
if (preg_match("/ok|slow/", $_POST["ds6"])) {
$message .= sprintf("%-15s: %s (via ipv6)\n", "ds", $_POST["ds6"]);
} else {
$message .= sprintf("%-15s: %s (via ipv4)\n", "ds", $_POST["ds4"]);
$message .= sprintf("%-15s: %s (via ipv6)\n", "ds", $_POST["ds6"]);
}
}
$message .= sprintf("%-15s: %s\n", "dsmtu", $_POST["dsmtu"]);
$message .= sprintf("%-15s: %s\n", "ipv4", $_POST["ipv4"]);
$message .= sprintf("%-15s: %s\n", "ipv6", $_POST["ipv6"]);
$message .= sprintf("%-15s: %s\n", "v6mtu", $_POST["v6mtu"]);
$message .= sprintf("%-15s: %s\n", "v6ns", $_POST["v6ns"]);
$message .= "----------------------------\n";
$message .= sprintf("%-15s: %s\n", "ip4", $_POST["ip4"]);
$message .= sprintf("%-15s: %s %s\n", "ip6", $_POST["ip6"], $_POST["ip6subtype"]);
$message .= sprintf("%-15s: %s\n", "remote_addr", remote_addr());
$message .= sprintf("%-15s: %s\n", "user-agent", $_SERVER["HTTP_USER_AGENT"]);
$message .= sprintf("%-15s: %s\n", "referer", $_SERVER["HTTP_REFERER"]);
$message .= sprintf("%-15s: %s\n", "subdomain", $_POST["subdomain"]);
$message .= "\n\nNotes\n--------------\n" . $_POST["notes"];
if ($privateconfig["google_translate"]["enable"]) {
$message .= "\n\nTranslated\n---------\n" . translate($_POST["notes"]);
}
$message .= "\n\nComments\n--------------\n" . $_POST["comments"];
# print_r($_SERVER);
$charset = "UTF-8";
# header("Content-type: text/html; charset=$charset");
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Test your IPv6.</title>
<link REL="SHORTCUT ICON" HREF="http://test-ipv6.com/images/favicon.ico">
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<?php
$contact = trim($_POST["contact"]);
$result = filter_var($contact, FILTER_VALIDATE_EMAIL);
if ($result) {
$replyto = "Reply-to: {$contact}\r\n";
} else {
$replyto = "";
$contact = "";
}
mail($mirrorconfig["site"]["mailto"], $mirrorconfig["site"]["name"] . " feedback [{$contact}]", $message, $replyto . "Content-type: text/plain; charset={$charset}");
print "Feedback sent; thank you for your assistance.<p>";
print "If you included contact details, you may be contacted for further information, by " . $mirrorconfig["site"]["contact"] . "</hr>";
print "<pre><code>";
print "To: " . $mirrorconfig["site"]["mailto"] . "\n\n";
print htmlentities($message, ENT_COMPAT, "UTF-8");
print "</code></pre>";
print "</body>";
}
function remote_addr_as_int()
{
$addr = remote_addr();
return ip2long($addr);
}
public function msg_pack()
{
$data['ip'] = remote_addr();
$data['url'] = $this->system->base_url();
$data['login_time'] = mktime();
$data['certificate_id'] = $this->getCerti();
$data['shopname'] = $this->system->getConf("system.shopname");
$data['ac'] = $this->make_shopex_ac($data, "ShopEx_LOG");
return $data;
}
function addMemberByAdmin($aData)
{
if (empty($aData['uname'])) {
trigger_error(__('保存失败:未输入会员名称'), E_USER_ERROR);
return false;
}
$aInfo = $this->db->selectrow("SELECT uname,email FROM sdb_members WHERE uname = " . $this->db->quote($aData['uname']) . " OR email = " . intval($aData['email']));
//----------获得插件
$pObj = $this->system->loadModel("member/passport");
if ($pObj->_verify()) {
$obj =& $pObj->_load();
}
//--------
if ($aInfo['uname'] == $aData['uname']) {
trigger_error(__('保存失败:存在相同会员名称'), E_USER_ERROR);
return false;
}
if (empty($aData['password'])) {
trigger_error(__('保存失败:密码输入不正确'), E_USER_ERROR);
return false;
} elseif (strlen($aData['password']) < 4) {
trigger_error(__('保存失败:密码不能小于4位'), E_USER_ERROR);
return false;
}
if (empty($aData['psw_confirm'])) {
trigger_error(__('保存失败:确认密码不能为空'), E_USER_ERROR);
return false;
} elseif (strlen($aData['psw_confirm']) < 4) {
trigger_error(__('保存失败:确认密码不能小于4位'), E_USER_ERROR);
return false;
}
if ($aData['psw_confirm'] != $aData['password']) {
trigger_error(__('保存失败:两次密码输入不一致'), E_USER_ERROR);
return false;
}
if (empty($aData['email'])) {
trigger_error(__('保存失败:Email输入不正确'), E_USER_ERROR);
return false;
}
if ($this->checkusertouc($aData['uname'], $aData['password'], $aData['email'], $uid, $message)) {
if (!empty($message)) {
trigger_error($message, E_USER_ERROR);
} else {
$aData['member_id'] = $uid;
}
}
//----------
/* if($aInfo['email'] == $aData['email']){
trigger_error(__('保存失败:存在相同Email会员'), E_USER_ERROR);
return false;
}*/
$aData['regtime'] = time();
$aData['password'] = md5($aData['password']);
$aData['reg_ip'] = remote_addr();
$aRs = $this->db->query("SELECT * FROM sdb_members WHERE 0");
$sSql = $this->db->getInsertSql($aRs, $aData);
//$aData['member_id'] = $insertID;
//$MemAttr = $this->db->query("SELECT * FROM sdb_member_attr WHERE 0");
//$sSql = $this->db->getInsertSql($aRs,$aData);
if ($this->db->exec($sSql)) {
$insertID = $this->db->lastInsertId();
$status = $this->system->loadModel('system/status');
$status->add('MEMBER_REG');
return $insertID;
} else {
return '';
}
}
function f2b_log_pingbacks($call)
{
if ('pingback.ping' == $call) {
f2b_openlog(LOG_USER, 'WP_FAIL2BAN_PINGBACK_LOG');
syslog(LOG_INFO, "Pingback requested from " . remote_addr());
}
}
/**
* save
* 保存订单,用于新建或者修改
*
* @param mixed $doCreate 是否为新建订单
* @access public
* @return void todo:目前只适用于添加!!!
*/
function save(&$trading, $doCreate = false, &$postInfo)
{
$data = $trading;
$objDelivery =& $this->system->loadModel('trading/reship');
$oCur =& $this->system->loadModel('system/cur');
$aShipping = $objDelivery->getDlTypeById($trading['shipping_id']);
// $aArea = $objDelivery->getDlAreaById($trading['area']);
$data['shipping'] = $aShipping['dt_name'];
// $data['shipping_area'] = $aArea['name']; 废弃字段
$data['acttime'] = time();
$data['createtime'] = time();
$data['last_change_time'] = time();
$data['ip'] = remote_addr();
$trading['totalPrice'] = $oCur->formatNumber($trading['totalPrice'], false);
$trading['pmt_b']['totalPrice'] = $oCur->formatNumber($trading['pmt_b']['totalPrice'], false);
$data['total_amount'] = $trading['totalPrice'] + $trading['cost_freight'] + $trading['cost_protect'];
$data['pmt_amount'] = $trading['pmt_b']['totalPrice'] - $trading['totalPrice'];
$data['cost_item'] = $trading['totalPrice'] + $data['pmt_amount'];
if ($trading['is_tax'] && $this->system->getConf('site.trigger_tax')) {
$data['is_tax'] = 'true';
$data['cost_tax'] = $trading['totalPrice'] * $this->system->getConf('site.tax_ratio');
$data['cost_tax'] = $oCur->formatNumber($data['cost_tax'], false);
$data['total_amount'] += $data['cost_tax'];
}
if ($trading['payment'] > 0) {
if ($data['method']) {
$data['cost_payment'] = $data['fee'];
} else {
$data['cost_payment'] = $data['fee'] * $data['total_amount'];
}
$data['cost_payment'] = $oCur->formatNumber($data['cost_payment'], false);
$data['total_amount'] += $data['cost_payment'];
}
$newNum = $this->getOrderDecimal($data['total_amount']);
$data['discount'] = floatval($data['total_amount'] - $newNum);
$data['total_amount'] = $newNum;
$data['final_amount'] = $data['total_amount'] * $data['cur_rate'];
$data['final_amount'] = $oCur->formatNumber($data['final_amount'], false);
$data['score_g'] = intval($data['totalGainScore']);
$data['score_u'] = intval($data['totalConsumeScore']);
$data['score_e'] = intval($newNum);
if ($trading['payment'] != "-1") {
//----检测该支付方式是否还有子选项,如快钱选择银行
$payment = $this->system->loadModel('trading/payment');
$payment->recgextend($data, $postInfo, $extendInfo);
$data['extend'] = serialize($extendInfo);
//------------------------------------------------
}
//+判断是否有远端商品
if (true || $this->system->getConf('certificate.distribute')) {
//检测付款前的订单状态,如果是刚付款立即发货
if (!empty($trading['products']) && is_array($trading['products'])) {
foreach ($trading['products'] as $product) {
$_where_bns[] = sprintf('\'%s\'', addslashes($product['bn']));
}
$_sql = sprintf('select local_bn,supplier_id
from sdb_supplier_pdtbn
where local_bn in(%s) and `default`=\'true\'', implode(',', $_where_bns));
$_remote_product = $this->db->select($_sql);
$_remote_product = array_change_key($_remote_product, 'local_bn');
if ($_remote_product) {
$data['is_has_remote_pdts'] = 'true';
}
}
}
//----------------
$rs = $this->db->exec('SELECT * FROM sdb_orders WHERE order_id=' . $data['order_id']);
$sql = $this->db->getUpdateSql($rs, $data, $doCreate);
$this->_info['order_id'] = $data['order_id'];
//会员id
if (!$this->db->exec($sql)) {
return false;
} elseif ($doCreate) {
$this->addLog(__('订单创建'), $this->op_id ? $this->op_id : null, $this->op_name ? $this->op_name : null, __('添加'));
}
$status =& $this->system->loadModel('system/status');
$status->add('ORDER_NEW');
$status->count_order_to_pay();
$status->count_order_new();
//+商品------------------------------------------------------------
if (!empty($trading['products']) && is_array($trading['products'])) {
$objGoods =& $this->system->loadModel('trading/goods');
foreach ($trading['products'] as $product) {
$product['order_id'] = $data['order_id'];
$product['bn'] = $product['bn'];
$product['name'] = $product['name'];
$product['addon'] = serialize($product['addon']);
$product['minfo'] = serialize($product['minfo']);
$product['supplier_id'] = $_remote_product[$product['bn']]['supplier_id'];
$rs = $this->db->query('SELECT * FROM sdb_order_items WHERE 0=1');
$sqlString = $this->db->GetInsertSQL($rs, $product);
if ($sqlString) {
$this->db->exec($sqlString);
}
$objGoods->updateRank($product['goods_id'], 'buy_count', $product['nums']);
//购买次数统计
//冻结库存
if ($this->freez_time() == 'order') {
if (intval($product['nums']) >= 0) {
$this->db->exec("UPDATE sdb_products SET freez = freez + " . intval($product['nums']) . " WHERE product_id = " . intval($product['product_id']));
}
$this->db->exec("UPDATE sdb_products SET freez = " . intval($product['nums']) . " WHERE product_id = " . intval($product['product_id']) . " AND freez IS NULL");
}
}
}
//+捆绑商品------------------------------------------------------------
if (is_array($trading['package']) && count($trading['package'])) {
foreach ($trading['package'] as $pkgData) {
$pkgData['order_id'] = $data['order_id'];
$pkgData['product_id'] = $pkgData['goods_id'];
$pkg[] = $pkgData['goods_id'];
$pkgData['is_type'] = 'pkg';
$pkgData['addon'] = serialize($pkgData['addon']);
$rs = $this->db->query('SELECT * FROM sdb_order_items WHERE order_id=' . $pkgData['order_id'] . ' AND is_type = \'pkg\' AND product_id=' . intval($pkgData['goods_id']));
$sqlString = $this->db->GetUpdateSQL($rs, $pkgData, true);
$this->db->exec($sqlString);
}
$this->db->exec('DELETE FROM sdb_order_items WHERE order_id=' . $pkgData['order_id'] . ' AND is_type = \'pkg\' AND product_id NOT IN(' . implode(',', $pkg) . ')');
}
//+促销信息------------------------------------------------------------
if ($trading['pmt_o']['pmt_ids']) {
//促销
$sSql = 'INSERT INTO sdb_order_pmt (pmt_id,pmt_describe,order_id) select pmt_id,pmt_describe,\'' . $data['order_id'] . '\' FROM sdb_promotion WHERE pmt_id in(' . implode(',', $trading['pmt_o']['pmt_ids']) . ')';
$this->db->exec($sSql);
foreach ($trading['pmt_o']['pmt_ids'] as $k => $pmtId) {
$sSql = 'UPDATE sdb_order_pmt SET pmt_amount=' . floatval($trading['pmt_o']['pmt_money'][$k]) . ' WHERE pmt_id=' . intval($pmtId) . ' AND order_id=' . $this->db->quote($data['order_id']);
$this->db->exec($sSql);
}
}
if ($trading['products']) {
$pre_pmtOrder = array();
foreach ($trading['products'] as $v) {
if ($v['pmt_id']) {
$pre_pmtOrder[$v['pmt_id']] += $v['price'] - $v['_pmt']['price'];
}
}
$aPmtIds = array_keys($pre_pmtOrder);
if (!empty($aPmtIds)) {
$sSql = 'SELECT pmt_id,pmt_describe FROM sdb_promotion WHERE pmt_id IN(' . implode(',', $aPmtIds) . ')';
$aPmtOrder = $this->db->select($sSql);
foreach ($aPmtOrder as $k => $v) {
$v['pmt_amount'] = $pre_pmtOrder[$v['pmt_id']];
$v['order_id'] = $data['order_id'];
$rs = $this->db->query('select * from sdb_order_pmt where 0=1');
$sqlString = $this->db->GetInsertSQL($rs, $v);
$this->db->exec($sqlString);
}
}
}
//+积分处理------------------------------------------------------------
$oMemberPoint =& $this->system->loadModel('trading/memberPoint');
$oGift =& $this->system->loadModel('trading/gift');
$aGiftData = array();
if ($data['score_u'] >= 0) {
if (!$oMemberPoint->payAllConsumePoint($data['member_id'], $data['order_id'])) {
} else {
//+赠品处理------------------------------------------------------------
if (is_array($trading['gift_e']) && count($trading['gift_e'])) {
foreach ($trading['gift_e'] as $giftId => $v) {
$giftId = $v['gift_id'];
$aGiftData[$giftId] = array('gift_id' => $giftId, 'name' => $v['name'], 'nums' => $v['nums'], 'point' => $v['point']);
if ($this->freez_time() == 'order') {
if (!$oGift->freezStock($v['gift_id'], $v['nums'])) {
//兑换赠品缺货
}
}
}
}
}
}
if (is_array($trading['gift_p']) && count($trading['gift_p'])) {
foreach ($trading['gift_p'] as $v) {
$giftId = $v['gift_id'];
if (isset($aGiftData[$giftId])) {
$aGiftData[$giftId]['nums'] += $v['nums'];
} else {
$aGiftData[$giftId] = array('gift_id' => $giftId, 'name' => $v['name'], 'nums' => $v['nums'], 'point' => $v['point']);
}
}
}
if ($aGiftData) {
foreach ($aGiftData as $item) {
$oGift =& $this->system->loadModel('trading/gift');
$item['order_id'] = $data['order_id'];
$rs = $this->db->query('select * from sdb_gift_items where 0=1');
$sqlString = $this->db->GetInsertSQL($rs, $item);
$this->db->exec($sqlString);
}
}
//+优惠券------------------------------------------------------------
if (is_array($trading['coupon_u']) && !empty($trading['coupon_u'])) {
$oCoupon =& $this->system->loadModel('trading/coupon');
foreach ($trading['coupon_u'] as $code => $v) {
$aTmp = $this->db->selectRow('select cpns_name from sdb_coupons where cpns_id=' . intval($v['cpns_id']));
$aData = array('order_id' => $data['order_id'], 'cpns_id' => $v['cpns_id'], 'memc_code' => $code, 'cpns_name' => $aTmp['cpns_name'], 'cpns_type' => $v['cpns_type']);
$rs = $this->db->query('select * from sdb_coupons_u_items where 0=1');
$sqlString = $this->db->GetInsertSQL($rs, $aData);
$this->db->exec($sqlString);
$oCoupon->applyMemberCoupon($v['cpns_id'], $code, $data['order_id'], $data['member_id']);
}
}
if (is_array($trading['coupon_p']) && !empty($trading['coupon_p'])) {
foreach ($trading['coupon_p'] as $code => $v) {
$aData = array('order_id' => $data['order_id'], 'cpns_id' => $v['cpns_id'], 'cpns_name' => $v['cpns_name'], 'nums' => $v['nums']);
$rs = $this->db->query('select * from sdb_coupons_p_items where 0=1');
$sqlString = $this->db->GetInsertSQL($rs, $aData);
$this->db->exec($sqlString);
}
}
$data['is_tax'] = $data['is_tax'] ? true : false;
$this->fireEvent('create', $data, $data['member_id']);
//订单生成成功事件
if ($data['total_amount'] == 0) {
$pdata['order_id'] = $data['order_id'];
$pdata['member_id'] = $data['member_id'];
$pdata['money'] = 0;
$this->payed($pdata);
}
return $data['order_id'];
}
function _sess_write()
{
if ($this->closed) {
return;
}
$id = $this->sess_id;
if ($_SESSION['profile']) {
$s =& $_SESSION['profile'];
unset($s->system);
}
$pkg = defined('__PKG__') ? __PKG__ : '';
$aRs = $this->db->exec("SELECT * FROM sdb_op_sessions WHERE sess_id='" . $id . "'", true, true);
$aTemp = array('sess_id' => $id, 'last_time' => time(), 'pkg' => $pkg, 'sess_data' => $_SESSION, 'ip' => remote_addr());
$aIgnoreCtl = array('sfile' => 1, 'dashboard' => 1, 'profile/setting' => 1, 'passport' => 1);
if (!isset($aIgnoreCtl[$this->system->request['action']['controller']])) {
$aTemp['ctl'] = $this->system->request['action']['controller'];
$aTemp['act'] = $this->system->request['action']['method'];
}
$sql = $this->db->GetUpdateSql($aRs, $aTemp, true);
$this->system->log('session:' . $sql);
if (!$sql || $this->db->exec($sql, true, true)) {
return true;
} else {
return false;
}
}
function PlugUserUpdate($userdb)
{
$data['password'] = $userdb['password'];
$data['email'] = $userdb['email'];
$data['reg_ip'] = remote_addr();
$data['regtime'] = $userdb['time'];
$rs = $this->db->exec('SELECT * FROM sdb_members where uname=' . $this->db->quote($userdb['username']));
$sql = $this->db->getUpdateSQL($rs, $data);
if (!$sql || $this->db->exec($sql)) {
} else {
return false;
}
}
function toSubmit($payment)
{
$merId = $this->getConf($payment["M_OrderId"], 'member_id');
$keyPass = $this->getConf($payment["M_OrderId"], 'keyPass');
$icbcno = $this->getConf($payment["M_OrderId"], 'icbcno');
$icbcFile = $this->getConf($payment["M_OrderId"], 'icbcFile');
$keyFile = $this->getConf($payment["M_OrderId"], 'keyFile');
$certFile = $this->getConf($payment["M_OrderId"], 'certFile');
$charset = $this->system->loadModel('utility/charset');
if (is_dir(dirname(__FILE__) . "/../../../home/upload/icbc/")) {
$realpath = dirname(__FILE__) . "/../../../home/upload/icbc/";
} elseif (is_dir(dirname(__FILE__) . "/../../../cert/icbc/")) {
$realpath = dirname(__FILE__) . "/../../../cert/icbc/";
}
$key = $realpath . $keyFile;
//私钥文件
$cert = $realpath . $certFile;
//公钥文件
$icbc = $realpath . $icbcFile;
if (!file_exists($key)) {
die("ICBC key file not found!");
}
if (!file_exists($cert)) {
die("ICBC Cert file not found!");
}
//接口名称固定为“ICBC_PERBANK_B2C”
$aREQ["interfaceName"] = "ICBC_PERBANK_B2C";
//接口版本目前为“1.0.0.0”
$aREQ["interfaceVersion"] = "1.0.0.11";
//商城代码,ICBC提供
$aREQ["merID"] = $merId;
//商户帐号,ICBC提供
$aREQ["merAcct"] = $icbcno;
//接收银行通知地址,目前只支持http协议80端口
$aREQ["merURL"] = $this->callbackUrl;
//HS方式实时发送通知;AG方式不发送通知;
$aREQ["notifyType"] = "HS";
//订单号商户端产生,一天内不能重复,拼接上订单号和支付号。
$aREQ["orderid"] = $payment['M_OrderId'] . "-" . $payment['M_Time'];
//$payment['M_OrderNO']."-".substr(trim($payment['M_OrderId']),0,10);
//金额以分为单位
$aREQ["amount"] = $payment['M_Amount'] * 100;
//币种目前只支持人民币,代码为“001”
$aREQ["curType"] = "001";
//对于HS方式“0”:发送成功或者失败信息;“1”,只发送交易成功信息。
$aREQ["resultType"] = 0;
//商户reference
//$aREQ["merReference"] = 0;
//客户端IP
$aREQ["merCustomIp"] = remote_addr();
//14位时间戳
$aREQ["orderDate"] = date("YmdHis", empty($payment['M_Time']) ? time() : $payment['M_Time']);
//$aREQ["orderDate"] = "20080620".date("His",time());
$aREQ["verifyJoinFlag"] = "0";
//以上五个字段用于客户支付页面显示
$aREQ["goodsID"] = "";
//网关只认GB2312
$aREQ["goodsName"] = $payment['M_OrderNO'];
//$aREQ["goodsName"] = "中文";
//$convert = new iconvex();
//$aREQ["goodsName"] = $convert->utf82gb($aREQ["goodsName"]);
$aREQ["goodsNum"] = 1;
//运费金额以分为单位
$aREQ["carriageAmt"] = 0;
$aREQ["merHint"] = "";
//备注
$aREQ["remark1"] = $charset->utf2local($payment['rnote'], "zh");
//备注2
$aREQ["remark2"] = "";
//“1”判断该客户是否与商户联名;取值“0”不检验客户是否与商户联名。
$aREQ["verifyJoinFlag"] = 0;
//构造V3版的xml
$tranData = "<?xml version=\"1.0\" encoding=\"GBK\" standalone=\"no\"?><B2CReq><interfaceName>" . $aREQ["interfaceName"] . "</interfaceName><interfaceVersion>" . $aREQ["interfaceVersion"] . "</interfaceVersion><orderInfo><orderDate>" . $aREQ["orderDate"] . "</orderDate><orderid>" . $aREQ["orderid"] . "</orderid><amount>" . $aREQ["amount"] . "</amount><curType>" . $aREQ["curType"] . "</curType><merID>" . $aREQ["merID"] . "</merID><merAcct>" . $aREQ["merAcct"] . "</merAcct></orderInfo><custom><verifyJoinFlag>" . $aREQ["verifyJoinFlag"] . "</verifyJoinFlag><Language>ZH_CN</Language></custom><message><goodsID>" . $aREQ["goodsID"] . "</goodsID><goodsName>" . $aREQ["goodsName"] . "</goodsName><goodsNum>" . $aREQ["goodsNum"] . "</goodsNum><carriageAmt>" . $aREQ["carriageAmt"] . "</carriageAmt><merHint>" . $aREQ["merHint"] . "</merHint><remark1>" . $aREQ["remark1"] . "</remark1><remark2>" . $aREQ["remark2"] . "</remark2><merURL>" . $aREQ["merURL"] . "</merURL><merVAR>" . $payment['M_OrderId'] . "</merVAR></message></B2CReq>";
if (strtoupper(substr(PHP_OS, 0, 3)) == "WIN") {
$bb = new COM('ICBCEBANKUTIL.B2CUtil');
$rc = $bb->init($icbc, $cert, $key, $keyPass);
$merSignMsg = $bb->signC($tranData, strlen($tranData));
} else {
//商户签名数据BASE64编码
$cmd = "/bin/icbc_sign '{$key}' '{$keyPass}' '{$tranData}'";
//error_log($cmd,3,__FILE__.".log");
$handle = popen($cmd, 'r');
$merSignMsg = fread($handle, 2096);
pclose($handle);
}
$fp = fopen($cert, "rb");
$merCert = fread($fp, filesize($cert));
$merCert = base64_encode($merCert);
fclose($fp);
$aFinalReq['interfaceName'] = $aREQ["interfaceName"];
$aFinalReq['interfaceVersion'] = $aREQ["interfaceVersion"];
$aFinalReq['tranData'] = base64_encode($tranData);
$aFinalReq['merSignMsg'] = $merSignMsg;
$aFinalReq['merCert'] = $merCert;
foreach ($aFinalReq as $key => $val) {
$return[$key] = $val;
}
return $return;
}
function toReply($comment_id)
{
$this->begin('index.php?ctl=member/gask&act=detail&p[0]=' . $comment_id);
$objComment = $this->system->loadModel('comment/comment');
$aComment = $objComment->getFieldById($comment_id, array('*'));
$aData['comment'] = $this->in['reply_content'];
$aData['for_comment_id'] = $comment_id;
$aData['goods_id'] = $aComment['goods_id'];
$aData['object_type'] = $aComment['object_type'];
$aData['author_id'] = $this->op->op_id;
$aData['author'] = __('BagXO') . '[' . ($this->op->loginName ? $this->op->loginName : $this->op->name) . ']';
$aData['time'] = time();
$aData['lastreply'] = time();
$aData['display'] = 'true';
$aData['ip'] = remote_addr();
$this->end($objComment->toReply($aData), __('回复成功!'));
}
bail();
}
return $user;
}, 1, 3);
}
if (defined('WP_FAIL2BAN_BLOCK_USER_ENUMERATION') && true === WP_FAIL2BAN_BLOCK_USER_ENUMERATION) {
add_filter('redirect_canonical', function ($redirect_url, $requested_url) {
if (intval(@$_GET['author'])) {
openlog();
\syslog(LOG_NOTICE, 'Blocked user enumeration attempt from ' . remote_addr());
bail();
}
return $redirect_url;
}, 10, 2);
}
add_action('wp_login', function ($user_login, $user) {
openlog();
\syslog(LOG_INFO, "Accepted password for {$user_login} from " . remote_addr());
}, 10, 2);
add_action('wp_login_failed', function ($username) {
openlog();
\syslog(LOG_NOTICE, "Authentication failure for {$username} from " . remote_addr());
});
if (defined('WP_FAIL2BAN_LOG_PINGBACKS') && true === WP_FAIL2BAN_LOG_PINGBACKS) {
add_action('xmlrpc_call', function ($call) {
if ('pingback.ping' == $call) {
openlog(LOG_USER, 'WP_FAIL2BAN_PINGBACK_LOG');
\syslog(LOG_INFO, "Pingback requested from " . remote_addr());
}
});
}
/**
* object_fire_event
* 执行对象事件
*
* @param mixed $action
* @param mixed $object
* @param mixed $member_id
* @param mixed $target
* @access public
* @return void
*/
function object_fire_event($action, &$object, $member_id, &$target)
{
//ob_start();'system.event_listener'
if (false === strpos($action, ':')) {
$trigger_event = $target->modelName . ':' . $action;
$modelName = $target->modelName;
} else {
$trigger_event = $action;
list($modelName, $action) = explode(':', $action);
}
$type = $target->typeName;
$this->system->messenger =& $this->system->loadModel('system/messenger');
$this->system->_msgList = $this->system->messenger->actions();
if ($this->system->_msgList[$type . '-' . $action]) {
$this->system->messenger->actionSend($type . '-' . $action, $object, $member_id, true);
}
if (defined('DISABLE_TRIGGER') && DISABLE_TRIGGER) {
return true;
} else {
$all_triggers = $this->db->select('select trigger_define from sdb_triggers where trigger_event="' . $trigger_event . '" and active="true" and disabled="false" order by trigger_order desc');
if ($all_triggers) {
$events = $target->events();
if (!$events) {
$instance = $this->system->loadModel($modelName);
$events = $instance->events();
} else {
$instance = $target;
}
$object['_event_date_'] = time();
$object['ip'] = remote_addr();
foreach ($all_triggers as $trigger) {
$trigger = unserialize($trigger['trigger_define']);
if ($this->__test_role($trigger['filter_mode'], $trigger['filter'], $object, $events[$action]['params'], $instance)) {
$this->__call_actions($trigger['actions'], $object);
}
}
}
$appmgr =& $this->system->loadModel('system/appmgr');
$data = array_merge((array) $this->listeners['*'], (array) $this->listeners[$target->modelName . ':*'], (array) $this->listeners[$target->modelName . ':' . $action]);
foreach ($data as $func) {
list($mod, $func) = $appmgr->get_func($func);
if ($func) {
$mod->{$func}($action, $object);
}
}
return true;
}
//$log = ob_get_contents();
//ob_end_clean();
}
function toReply($comment_id, $item)
{
if ($this->system->getConf('comment.verifyCode.' . $item) == "on") {
if (md5($_POST[$item . 'verifyCode']) != $_COOKIE[strtoupper($item) . "_RANDOM_CODE"]) {
if ($item == "ask") {
$stp = __("咨询");
} elseif ($item == "discuss") {
$stp = __("评论");
}
$this->splash('failed', 'back', $stp . __('验证码录入错误,请重新输入'));
}
}
$objComment =& $this->system->loadModel('comment/comment');
$aComment = $objComment->getFieldById($comment_id, array('*'));
if (!$objComment->toValidate($aComment['object_type'], $aComment['goods_id'], $this->member, $message)) {
$this->splash('failed', 'back', $message);
} else {
$aData['comment'] = $_POST['comment'];
$aData['goods_id'] = $aComment['goods_id'];
$aData['for_comment_id'] = $comment_id;
$aData['author_id'] = $this->member['member_id'];
$aData['mem_read_status'] = $this->member['member_id'] == $aComment['author_id'] ? 'false' : 'true';
$aData['object_type'] = $aComment['object_type'];
$aData['author'] = $this->member['member_id'] ? $this->member['uname'] : __('非会员顾客');
$objLevel =& $this->system->loadModel('member/level');
$aLevel = $objLevel->getFieldById($GLOBALS['runtime']['member_lv'], array('name'));
$aData['levelname'] = $aLevel['name'];
$aData['contact'] = $_POST['contact'] == '' ? $this->member['email'] : $_POST['contact'];
$aData['time'] = time();
$aData['lastreply'] = time();
$aData['reply_name'] = $aData['author'];
$aData['ip'] = remote_addr();
$aData['display'] = $this->system->getConf('comment.display.' . $aComment['object_type']) == 'soon' ? 'true' : 'false';
$objComment->toReply($aData);
$this->splash('success', $this->system->mkUrl('product', 'index', array($aComment['goods_id'])), __('回复成功!'));
}
}
