public function loginout()
{
es_cookie::delete("sp_account_name");
es_cookie::delete("sp_account_password");
es_session::delete("account_info");
app_redirect(url("biz", "index"));
}
/**
* 登出,返回 array('status'=>'',data=>'',msg=>'') msg存放整合接口返回的字符串
*/
function loginout_biz()
{
$account_info = es_session::get("account_info");
if (!$account_info) {
return false;
} else {
es_session::delete("account_info");
es_session::delete("biz_account_auth");
}
}
/**
* 验证检限
* 已登录时验证用户权限, Index模块下的所有函数无需权限验证
* 未登录时跳转登录
*/
private function check_auth()
{
if (intval(app_conf("EXPIRED_TIME")) > 0 && es_session::is_expired()) {
es_session::delete(md5(conf("AUTH_KEY")));
es_session::delete("expire");
}
//管理员的SESSION
$adm_session = es_session::get(md5(conf("AUTH_KEY")));
$adm_name = $adm_session['adm_name'];
$adm_id = intval($adm_session['adm_id']);
$ajax = intval($_REQUEST['ajax']);
$biz_account = es_session::get("account_info");
$is_auth = 0;
if (intval($biz_account['id']) > 0) {
if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') {
$is_auth = 1;
}
}
if ($adm_id == 0 && $is_auth == 0) {
if ($ajax == 0) {
$this->redirect("Public/login");
} else {
$this->error(L("NO_LOGIN"), $ajax);
}
}
//开始验证权限,当管理员名称不为默认管理员时
//开始验证模块是否需要授权
$sql = "select count(*) as c from " . conf("DB_PREFIX") . "role_node as role_node left join " . conf("DB_PREFIX") . "role_module as role_module on role_module.id = role_node.module_id " . " where role_node.action ='" . ACTION_NAME . "' and role_module.module = '" . MODULE_NAME . "' " . " and role_node.is_effect = 1 and role_node.is_delete = 0 and role_module.is_effect = 1 and role_module.is_delete = 0 ";
$count = M()->query($sql);
$count = $count[0]['c'];
if ($adm_name != conf("DEFAULT_ADMIN") && MODULE_NAME != 'Index' && MODULE_NAME != 'Lang' && $count > 0 && $is_auth == 0) {
//除IndexAction外需验证的权限列表
$sql = "select count(*) as c from " . conf("DB_PREFIX") . "role_node as role_node left join " . conf("DB_PREFIX") . "role_access as role_access on role_node.id=role_access.node_id left join " . conf("DB_PREFIX") . "role as role on role_access.role_id = role.id left join " . conf("DB_PREFIX") . "role_module as role_module on role_module.id = role_node.module_id left join " . conf("DB_PREFIX") . "admin as admin on admin.role_id = role.id " . " where admin.id = " . $adm_id . " and role_node.action ='" . ACTION_NAME . "' and role_module.module = '" . MODULE_NAME . "' " . " and role_node.is_effect = 1 and role_node.is_delete = 0 and role_module.is_effect = 1 and role_module.is_delete = 0 and role.is_effect = 1 and role.is_delete = 0";
$count = M()->query($sql);
$count = $count[0]['c'];
if ($count == 0) {
//节点授权不足,开始判断是否有模块授权
$module_sql = "select count(*) as c from " . conf("DB_PREFIX") . "role_access as role_access left join " . conf("DB_PREFIX") . "role as role on role_access.role_id = role.id left join " . conf("DB_PREFIX") . "role_module as role_module on role_module.id = role_access.module_id left join " . conf("DB_PREFIX") . "admin as admin on admin.role_id = role.id " . " where admin.id = " . $adm_id . " and role_module.module = '" . MODULE_NAME . "' " . " and role_access.node_id = 0" . " and role_module.is_effect = 1 and role_module.is_delete = 0 and role.is_effect = 1 and role.is_delete = 0";
$module_count = M()->query($module_sql);
$module_count = $module_count[0]['c'];
if ($module_count == 0) {
if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') {
echo "<script>alert('" . L("NO_AUTH") . "');</script>";
exit;
} else {
$this->error(L("NO_AUTH"), $ajax);
}
}
}
}
}
function insert_load_user_tip()
{
//输出未读的消息数
if ($GLOBALS['user_info']) {
$GLOBALS['tmpl']->assign("user_info", $GLOBALS['user_info']);
//输出签到结果
$signin_result = es_session::get("signin_result");
if ($signin_result['status']) {
$GLOBALS['tmpl']->assign("signin_result", json_encode($signin_result));
es_session::delete("signin_result");
}
}
return $GLOBALS['tmpl']->fetch("inc/insert/load_user_tip.html");
}
/**
* 验证检限
* 已登录时验证用户权限, Index模块下的所有函数无需权限验证
* 未登录时跳转登录
*/
private function check_auth()
{
if (intval(app_conf("EXPIRED_TIME")) > 0 && es_session::is_expired()) {
es_session::delete(md5(conf("AUTH_KEY")));
es_session::delete("expire");
}
//管理员的SESSION
$adm_session = es_session::get(md5(conf("AUTH_KEY")));
$adm_name = $adm_session['adm_name'];
$adm_id = intval($adm_session['adm_id']);
$ajax = intval($_REQUEST['ajax']);
$is_auth = 0;
$user_info = es_session::get("user_info");
if (intval($user_info['id']) > 0) {
if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') {
$is_auth = 1;
}
}
if ($adm_id == 0 && $is_auth == 0) {
if ($ajax == 0) {
$this->redirect("Public/login");
} else {
$this->error(L("NO_LOGIN"), $ajax);
}
}
//开始验证权限,当管理员名称不为默认管理员时
//开始验证模块是否需要授权
global $access_list;
$access_list = (require APP_ROOT_PATH . "system/admnode_cfg.php");
$count = isset($access_list[MODULE_NAME]['node'][ACTION_NAME]) ? 1 : 0;
if ($adm_name != app_conf("DEFAULT_ADMIN") && $count > 0 && $is_auth == 0) {
$sql = "select count(*) from " . DB_PREFIX . "role_access as role left join " . DB_PREFIX . "admin as admin on admin.role_id = role.role_id " . "where admin.id = " . $adm_id . " and role.node = '" . ACTION_NAME . "' and role.module = '" . MODULE_NAME . "' ";
$count = $GLOBALS['db']->getOne($sql);
if ($count == 0) {
//节点授权不足,开始判断是否有模块授权
$module_sql = "select count(*) from " . DB_PREFIX . "role_access as role left join " . DB_PREFIX . "admin as admin on admin.role_id = role.role_id " . "where admin.id = " . $adm_id . " and role.node = '' and role.module = '" . MODULE_NAME . "' ";
$module_count = $GLOBALS['db']->getOne($module_sql);
if ($module_count == 0) {
if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') {
echo "<script>alert('" . L("NO_AUTH") . "');</script>";
exit;
} else {
$this->error(L("NO_AUTH"), $ajax);
}
}
}
}
}
public function do_loginout()
{
//验证是否已登录
//管理员的SESSION
$adm_session = es_session::get(md5(conf("AUTH_KEY")));
$adm_id = intval($adm_session['adm_id']);
if ($adm_id == 0) {
//已登录
$this->redirect(u("Public/login"));
} else {
es_session::delete(md5(conf("AUTH_KEY")));
$this->assign("jumpUrl", U("Public/login"));
$this->assign("waitSecond", 3);
$this->success(L("LOGINOUT_SUCCESS"));
}
}
public function investor_one_save()
{
$ajax = intval($_REQUEST['ajax']);
// if(!check_ipop_limit(get_client_ip(),"project_agency_save",30))
// showErr("提交太频繁",$ajax,"");
if (!$GLOBALS['user_info']) {
showErr("", $ajax, url_wap("user#login"));
}
$id = intval($_REQUEST['id']);
$deal = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal where id = " . $id);
$is_edit = $deal['is_edit'];
$is_effect = $deal['is_effect'];
if ($id > 0 && $is_effect == 1) {
showErr("项目已提交,不能更改", $ajax, "");
}
$data['name'] = strim($_REQUEST['name']);
if ($data['name'] == "") {
showErr("请填写项目名称", $ajax, "");
}
if (msubstr($data['name'], 0, 25) != $data['name']) {
showErr("项目名称不超过25个字", $ajax, "");
}
$data['investor_authority'] = intval($_REQUEST['investor_authority']);
/* if($data['investor_authority']=='')
{
showErr("请选择项目详细资料查看权限",$ajax,"");
}
*/
$data['cate_id'] = intval($_REQUEST['cate_id']);
if ($data['cate_id'] == 0) {
showErr("请选择项目分类", $ajax, "");
}
$data['tags'] = strim($_REQUEST['tags']);
if ($data['tags'] == "") {
showErr("请填写项目标签", $ajax, "");
}
if (msubstr($data['tags'], 0, 25) != $data['tags']) {
showErr("项目标签不超过25个字", $ajax, "");
}
$data['project_step'] = intval($_REQUEST['project_step']);
/* if($data['project_step']==0)
{
showErr("请选择项目所属阶段",$ajax,"");
}
*/
$data['business_employee_num'] = intval($_REQUEST['business_employee_num']);
if ($data['business_employee_num'] == 0) {
showErr("请填写企业员工人数", $ajax, "");
}
$data['province'] = strim($_REQUEST['province']);
if ($data['province'] == '') {
showErr("请选择省份", $ajax, "");
}
$data['city'] = strim($_REQUEST['city']);
if ($data['city'] == '') {
showErr("请选择城市", $ajax, "");
}
$data['business_is_exist'] = intval($_REQUEST['business_is_exist']);
/* if($data['business_is_exist']==0)
{
showErr("请选择公司是否已经成立",$ajax,"");
}
*/
$data['business_create_time'] = to_timespan(strim($_REQUEST['business_create_time']), 'Y-m-d');
if ($data['business_is_exist'] == 1) {
if ($data['business_create_time'] == 0) {
showErr("请选择企业成立时间", $ajax, "");
}
}
$data['has_another_project'] = intval($_REQUEST['has_another_project']);
/* if($data['has_another_project']==0)
{
showErr("请选择是否有其他项目",$ajax,"");
}
*/
$data['business_name'] = strim($_REQUEST['business_name']);
if ($data['business_name'] == "") {
showErr("请填写公司全称", $ajax, "");
}
$data['business_address'] = strim($_REQUEST['business_address']);
if ($data['business_address'] == "") {
showErr("请填写办公地址", $ajax, "");
}
$data['limit_price'] = floatval($_REQUEST['limit_price']);
if ($data['limit_price'] <= 0) {
showErr("请输入正确的融资金额", $ajax, "");
}
$data['invote_mini_money'] = floatval($_REQUEST['invote_mini_money']);
if ($data['invote_mini_money'] <= 0) {
showErr("请输入正确的单投资人最低出资", $ajax, "");
}
$data['transfer_share'] = floatval($_REQUEST['transfer_share']);
if ($data['transfer_share'] == '' || $data['transfer_share'] > 100) {
showErr("出让的股份为空或者出让的股份超过100%", $ajax, "");
}
$data['business_stock_type'] = intval($_REQUEST['business_stock_type']);
/* if($data['business_stock_type']==0)
{
showErr("请选择众筹股东成立的有限合伙企业入股方式",$ajax,"");
}
*/
$data['business_descripe'] = strim($_REQUEST['business_descripe']);
if ($data['business_descripe'] == "") {
showErr("请填写企业项目简介", $ajax, "");
}
$data['image'] = replace_public(addslashes(trim($_REQUEST['image'])));
// echo $_REQUEST['image'];exit;
if ($data['image'] == "") {
showErr("上传封面图片", $ajax, "");
}
require_once APP_ROOT_PATH . "system/libs/words.php";
$data['vedio'] = strim($_REQUEST['vedio']);
if ($data['vedio'] != "") {
require_once APP_ROOT_PATH . "system/utils/vedio.php";
$vedio = fetch_vedio_url($data['vedio']);
if ($vedio != "") {
$data['source_vedio'] = $vedio;
} else {
showErr("非法的视频地址", $ajax, "");
}
}
$audit_data = deal_investor_info($_REQUEST['audit_data'], 'audit_data', unserialize($deal['audit_data']));
$data['audit_data'] = serialize($audit_data['data']);
$data['is_edit'] = 1;
$data['type'] = 1;
$data['limit_price'] = $data['limit_price'] * 10000;
$data['invote_mini_money'] = $data['invote_mini_money'] * 10000;
if ($id > 0) {
$savenext = intval($_REQUEST['savenext']);
$GLOBALS['db']->autoExecute(DB_PREFIX . "deal", $data, "UPDATE", "id=" . $id, "SILENT");
$GLOBALS['db']->query("update " . DB_PREFIX . "deal set deal_extra_cache = '' where id = " . $id);
if ($savenext == 0) {
showSuccess($id, $ajax, "");
} else {
$investor_edit = $GLOBALS['db']->getOne("select investor_edit from " . DB_PREFIX . "deal where id = " . $id . " and is_delete = 0 and user_id = " . intval($GLOBALS['user_info']['id']));
if ($investor_edit == 1) {
showSuccess("", $ajax, url_wap("project#investor_edit", array("id" => $id)));
} else {
showSuccess("", $ajax, url_wap("project#investor_two", array("id" => $id)));
}
}
} else {
$data['user_id'] = intval($GLOBALS['user_info']['id']);
$data['user_name'] = $GLOBALS['user_info']['user_name'];
$data['create_time'] = NOW_TIME;
$savenext = intval($_REQUEST['savenext']);
$GLOBALS['db']->autoExecute(DB_PREFIX . "deal", $data, "INSERT", "", "SILENT");
$data_id = intval($GLOBALS['db']->insert_id());
if ($data_id == 0) {
showErr("保存失败,请联系管理员", $ajax, "");
} else {
es_session::delete("deal_image");
if ($savenext == 0) {
showSuccess($data_id, $ajax, "");
} else {
showSuccess("", $ajax, url_wap("project#investor_two", array("id" => $data_id)));
}
}
}
}
static function output($im, $type = 'gif', $filename = '')
{
ob_clean();
header("Content-type: image/" . $type);
$ImageFun = 'image' . $type;
if (empty($filename)) {
if (!$ImageFun($im)) {
ob_clean();
header("Content-type: image/jpeg");
if (!imagejpeg($im)) {
ob_clean();
header("Content-type: image/png");
if (!imagepng($im)) {
es_session::delete("verify");
}
}
}
} else {
$ImageFun($im, $filename);
}
imagedestroy($im);
}
/**
* 登出,返回 array('status'=>'',data=>'',msg=>'') msg存放整合接口返回的字符串
*/
function loginout_user()
{
$user_info = es_session::get("user_info");
if (!$user_info) {
return false;
} else {
//载入会员整合
$integrate_code = trim(app_conf("INTEGRATE_CODE"));
if ($integrate_code != '') {
$integrate_file = APP_ROOT_PATH . "system/integrate/" . $integrate_code . "_integrate.php";
if (file_exists($integrate_file)) {
require_once $integrate_file;
$integrate_class = $integrate_code . "_integrate";
$integrate_obj = new $integrate_class();
}
}
if ($integrate_obj) {
$result = $integrate_obj->logout();
}
if (intval($result['status']) == 0) {
$result['status'] = 1;
}
$account_name = $user_info['merchant_name'];
$account = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "supplier_account where account_name = '" . $account_name . "' and is_effect = 1 and is_delete = 0");
if ($account) {
es_session::delete("account_info");
}
es_session::delete("user_info");
return $result;
}
}
public function callback()
{
es_session::start();
require_once APP_ROOT_PATH . 'system/api_login/Tencent/Tencent.php';
OAuth::init($this->api['config']['app_key'], $this->api['config']['app_secret']);
$code = strim($_REQUEST['code']);
$openid = strim($_REQUEST['openid']);
$openkey = strim($_REQUEST['openkey']);
if ($this->api['config']['app_url'] == "") {
$app_url = get_domain() . APP_ROOT . "/api_callback.php?c=Tencent";
} else {
$app_url = $this->api['config']['app_url'];
}
$token_url = OAuth::getAccessToken($code, $app_url);
$result = Http::request($token_url);
$result = preg_replace('/[^\\x20-\\xff]*/', "", $result);
//清除不可见字符
$result = iconv("utf-8", "utf-8//ignore", $result);
//UTF-8转码
parse_str($result, $result_arr);
$access_token = $result_arr['access_token'];
$refresh_token = $result_arr['refresh_token'];
$name = $result_arr['name'];
$nick = $result_arr['nick'];
es_session::set("t_access_token", $access_token);
es_session::set("t_openid", $openid);
es_session::set("t_openkey", $openkey);
if (es_session::get("t_access_token") || es_session::get("t_openid") && es_session::get("t_openkey")) {
$r = Tencent::api('user/info');
$r = json_decode($r, true);
if ($r['errcode'] != 0) {
showErr("腾讯微博返回出错");
}
//name,url,province,city,avatar,token,field,token_field(授权的字段),sex,secret_field(授权密码的字段),scret,url_field(微博地址的字段)
$api_data['name'] = $r['data']['name'];
$api_data['url'] = "http://t.qq.com/" . $r['data']['name'];
$location = $r['data']['location'];
$location = explode(" ", $location);
$api_data['province'] = $location[1];
$api_data['city'] = $location[2];
$api_data['avatar'] = $r['data']['head'];
$api_data['field'] = 'tencent_id';
$api_data['token'] = $access_token;
$api_data['token_field'] = "tencent_token";
$api_data['secret'] = $openkey;
$api_data['secret_field'] = "tencent_secret";
$api_data['url_field'] = "tencent_url";
if ($r['data']['sex'] == '1') {
$api_data['sex'] = 1;
} else {
if ($r['data']['sex'] == '2') {
$api_data['sex'] = 0;
} else {
$api_data['sex'] = -1;
}
}
if ($api_data['name'] != "") {
es_session::set("api_user_info", $api_data);
}
$user_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where tencent_id = '" . $openid . "' and tencent_id <> ''");
if ($user_data) {
es_session::delete("api_user_info");
$GLOBALS['db']->query("update " . DB_PREFIX . "user set tencent_token = '" . $api_data['token'] . "',tencent_secret = '" . $api_data['secret'] . "',login_ip = '" . get_client_ip() . "',login_time= " . get_gmtime() . ",tencent_url = '" . $api_data['url'] . "' where id =" . $user_data['id']);
update_user_weibo($user_data['id'], $api_data['url']);
//更新微博
es_session::set("user_info", $user_data);
app_redirect_preview();
} else {
if ($GLOBALS['user_info']) {
update_user_weibo($GLOBALS['user_info']['id'], $api_data['url']);
//更新微博
$GLOBALS['db']->query("update " . DB_PREFIX . "user set tencent_id = '" . $openid . "',tencent_token = '" . $api_data['token'] . "',tencent_secret = '" . $api_data['secret'] . "',tencent_url = '" . $api_data['url'] . "' where id =" . intval($GLOBALS['user_info']['id']));
app_redirect(url("settings#bind"));
} else {
app_redirect(url("user#api_register"));
}
}
}
}
public function create_user()
{
$s_api_user_info = es_session::get("api_user_info");
$user_data['user_name'] = $s_api_user_info['name'];
$user_data['user_pwd'] = md5(rand(100000, 999999));
$user_data['create_time'] = TIME_UTC;
$user_data['update_time'] = TIME_UTC;
$user_data['login_ip'] = get_client_ip();
$user_data['group_id'] = $GLOBALS['db']->getOne("select id from " . DB_PREFIX . "user_group order by score asc limit 1");
$user_data['is_effect'] = 1;
$user_data['alipay_id'] = $s_api_user_info['id'];
$count = 0;
do {
if ($count > 0) {
$user_data['user_name'] = $user_data['user_name'] . $count;
}
if (intval($user_data['alipay_id']) > 0) {
$GLOBALS['db']->autoExecute(DB_PREFIX . "user", $user_data, "INSERT", '', 'SILENT');
}
$rs = $GLOBALS['db']->insert_id();
$count++;
} while (intval($rs) == 0 && intval($user_data['alipay_id']) > 0);
$user_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . intval($rs));
if ($rs > 0) {
$user_id = $rs;
$register_money = doubleval(app_conf("USER_REGISTER_MONEY"));
$register_score = intval(app_conf("USER_REGISTER_SCORE"));
$register_point = intval(app_conf("USER_REGISTER_POINT"));
$register_lock_money = intval(app_conf("USER_LOCK_MONEY"));
if ($register_money > 0 || $register_score > 0 || $register_point > 0 || $register_lock_money > 0) {
$user_get['score'] = $register_score;
$user_get['money'] = $register_money;
$user_get['point'] = $register_point;
$user_get['reg_lock_money'] = $register_lock_money;
require_once APP_ROOT_PATH . "system/libs/user.php";
modify_account($user_get, intval($user_id), "在" . to_date(TIME_UTC) . "注册成功");
}
}
es_session::set("user_info", $user_info);
es_session::delete("api_user_info");
}
public function add()
{
$ajax = intval($_REQUEST['ajax']);
if (!$GLOBALS['user_info']) {
showErr($GLOBALS['lang']['PLEASE_LOGIN_FIRST'], $ajax);
}
if ($_REQUEST['content'] == '') {
showErr($GLOBALS['lang']['MESSAGE_CONTENT_EMPTY'], $ajax);
}
//验证码
if (app_conf("VERIFY_IMAGE") == 1) {
$verify = md5(trim($_REQUEST['verify']));
$session_verify = es_session::get('verify');
if ($verify != $session_verify) {
showErr($GLOBALS['lang']['VERIFY_CODE_ERROR'], $ajax);
}
}
es_session::delete("verify");
if (!check_ipop_limit(get_client_ip(), "message", intval(app_conf("SUBMIT_DELAY")), 0)) {
showErr($GLOBALS['lang']['MESSAGE_SUBMIT_FAST'], $ajax);
}
$rel_table = $_REQUEST['rel_table'];
// $message_type = $GLOBALS['db']->getRow("select * from ".DB_PREFIX."message_type where type_name='".$rel_table."' and type_name <> 'supplier'");
// if(!$message_type)
// {
// showErr($GLOBALS['lang']['INVALID_MESSAGE_TYPE'],$ajax);
// }
$message_group = $_REQUEST['message_group'];
//添加留言
$message['title'] = $_REQUEST['title'] ? htmlspecialchars(addslashes(valid_str($_REQUEST['title']))) : htmlspecialchars(addslashes(valid_str($_REQUEST['content'])));
$message['content'] = htmlspecialchars(addslashes(valid_str($_REQUEST['content'])));
$message['title'] = valid_str($message['title']);
if ($message_group) {
$message['title'] = "[" . $message_group . "]:" . $message['title'];
$message['content'] = "[" . $message_group . "]:" . $message['content'];
}
$message['create_time'] = get_gmtime();
$message['rel_table'] = $rel_table;
$rel_id = $message['rel_id'] = intval($_REQUEST['rel_id']);
$message['user_id'] = intval($GLOBALS['user_info']['id']);
if (isset($_REQUEST['is_effect'])) {
$message_effect = intval($_REQUEST['is_effect']);
} else {
if (app_conf("USER_MESSAGE_AUTO_EFFECT") == 0) {
$message_effect = 0;
} else {
$message_effect = $message_type['is_effect'];
}
}
$message['is_effect'] = $message_effect;
$message['is_buy'] = intval($_REQUEST['is_buy']);
$message['contact'] = $_REQUEST['contact'] ? htmlspecialchars(addslashes($_REQUEST['contact'])) : '';
$message['contact_name'] = $_REQUEST['contact_name'] ? htmlspecialchars(addslashes($_REQUEST['contact_name'])) : '';
if ($message['is_buy'] == 1) {
if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "deal_order_item as doi left join " . DB_PREFIX . "deal_order as do on doi.order_id = do.id where doi.deal_id = " . intval($message['rel_id']) . " and do.user_id = " . intval($message['user_id']) . " and do.pay_status = 2") == 0) {
showErr($GLOBALS['lang']['AFTER_BUY_MESSAGE_TIP'], $ajax);
}
}
$message['point'] = intval($_REQUEST['point']);
$GLOBALS['db']->autoExecute(DB_PREFIX . "message", $message);
$message_id = $GLOBALS['db']->insert_id();
if ($message['is_buy'] == 1) {
$deal_info = $GLOBALS['db']->getRow("select id,is_shop,name,sub_name from " . DB_PREFIX . "deal where id = " . $rel_id);
if ($deal_info) {
$attach_list = get_topic_attach_list();
if ($deal_info['is_shop'] == 0) {
$url_route = array('rel_app_index' => 'tuan', 'rel_route' => 'deal', 'rel_param' => 'id=' . $deal_info['id']);
$type = "tuancomment";
$locations = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "deal_location_link where deal_id = " . intval($deal_info['id']));
$dp_title = "对" . $deal_info['sub_name'] . "的消费点评";
foreach ($locations as $location) {
insert_dp($dp_title, $message['content'], $location['location_id'], $message['point'], $is_buy = 1, $from = "tuan", $url_route, $message_id);
}
}
if ($deal_info['is_shop'] == 1) {
$url_route = array('rel_app_index' => 'shop', 'rel_route' => 'goods', 'rel_param' => 'id=' . $deal_info['id']);
$type = "shopcomment";
$locations = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "deal_location_link where deal_id = " . intval($deal_info['id']));
$dp_title = "对" . $deal_info['sub_name'] . "的消费点评";
foreach ($locations as $location) {
insert_dp($dp_title, $message['content'], $location['location_id'], $message['point'], $is_buy = 1, $from = "shop", $url_route, $message_id);
}
}
if ($deal_info['is_shop'] == 2) {
$url_route = array('rel_app_index' => 'youhui', 'rel_route' => 'ydetail', 'rel_param' => 'id=' . $deal_info['id']);
$type = "youhuicomment";
$locations = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "deal_location_link where deal_id = " . intval($deal_info['id']));
$dp_title = "对" . $deal_info['sub_name'] . "的消费点评";
foreach ($locations as $location) {
insert_dp($dp_title, $message['content'], $location['location_id'], $message['point'], $is_buy = 1, $from = "daijin", $url_route, $message_id);
}
}
increase_user_active(intval($GLOBALS['user_info']['id']), "点评了一个商品");
$title = "对" . $deal_info['sub_name'] . "发表了点评";
$tid = insert_topic($message['content'], $title, $type, $group = "", $relay_id = 0, $fav_id = 0, $group_data = "", $attach_list = array(), $url_route);
if ($tid) {
$GLOBALS['db']->query("update " . DB_PREFIX . "topic set source_name = '网站' where id = " . intval($tid));
}
}
}
if ($message['rel_table'] == 'youhui') {
$youhui_info = $GLOBALS['db']->getRow("select name,id from " . DB_PREFIX . "youhui where id = " . $rel_id);
if ($youhui_info) {
increase_user_active(intval($GLOBALS['user_info']['id']), "点评了一个优惠券");
$title = "对" . $youhui_info['name'] . "发表了点评";
$url_route = array('rel_app_index' => 'youhui', 'rel_route' => 'fdetail', 'rel_param' => 'id=' . $youhui_info['id']);
$tid = insert_topic($message['content'], $title, "fyouhuicomment", $group = "", $relay_id = 0, $fav_id = 0, $group_data = "", $attach_list = array(), $url_route);
if ($tid) {
$GLOBALS['db']->query("update " . DB_PREFIX . "topic set source_name = '网站' where id = " . intval($tid));
}
$locations = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "youhui_location_link where youhui_id = " . intval($youhui_info['id']));
$dp_title = "对" . $youhui_info['name'] . "的点评";
foreach ($locations as $location) {
insert_dp($dp_title, $message['content'], $location['location_id'], 3, $is_buy = 0, $from = "youhui", $url_route, $message_id);
}
}
}
if ($message['rel_table'] == 'event') {
$event_info = $GLOBALS['db']->getRow("select name,id from " . DB_PREFIX . "event where id = " . $rel_id);
if ($event_info) {
increase_user_active(intval($GLOBALS['user_info']['id']), "点评了一个活动");
$title = "对" . $event_info['name'] . "发表了点评";
$url_route = array('rel_app_index' => 'youhui', 'rel_route' => 'edetail', 'rel_param' => 'id=' . $event_info['id']);
$tid = insert_topic($message['content'], $title, "eventcomment", $group = "", $relay_id = 0, $fav_id = 0, $group_data = "", $attach_list = array(), $url_route);
if ($tid) {
$GLOBALS['db']->query("update " . DB_PREFIX . "topic set source_name = '网站' where id = " . intval($tid));
}
$GLOBALS['db']->query("update " . DB_PREFIX . "event set reply_count = reply_count+1 where id =" . $rel_id);
$locations = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "event_location_link where event_id = " . intval($event_info['id']));
$dp_title = "对" . $event_info['name'] . "的点评";
foreach ($locations as $location) {
insert_dp($dp_title, $message['content'], $location['location_id'], 3, $is_buy = 0, $from = "event", $url_route, $message_id);
}
}
}
if ($message['rel_table'] == 'supplier_location') {
$supplier_info = $GLOBALS['db']->getRow("select name,id from " . DB_PREFIX . "supplier_location where id = " . $rel_id);
if ($supplier_info) {
increase_user_active(intval($GLOBALS['user_info']['id']), "点评了一家商户");
$title = "对" . $supplier_info['name'] . "发表了点评";
$url_route = array('rel_app_index' => 'youhui', 'rel_route' => 'store#view', 'rel_param' => 'id=' . $supplier_info['id']);
$tid = insert_topic($message['content'], $title, "slocationcomment", $group = "", $relay_id = 0, $fav_id = 0, $group_data = "", $attach_list = array(), $url_route);
if ($tid) {
$GLOBALS['db']->query("update " . DB_PREFIX . "topic set source_name = '网站' where id = " . intval($tid));
}
}
}
//开始处理为deal时的计分
if ($rel_table == 'deal') {
$total_point = $GLOBALS['db']->getOne("select sum(point) from " . DB_PREFIX . "message where rel_table = 'deal' and rel_id = " . intval($_REQUEST['rel_id']));
$total_comment = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "message where rel_table = 'deal' and rel_id = " . intval($_REQUEST['rel_id']));
$avg_point = round($total_point / $total_comment);
$GLOBALS['db']->query("update " . DB_PREFIX . "deal set total_point = " . $total_point . ",avg_point = " . $avg_point . " where id =" . intval($_REQUEST['rel_id']));
}
showSuccess($GLOBALS['lang']['MESSAGE_POST_SUCCESS'], $ajax);
}
function synlogout($get, $post)
{
if (!API_SYNLOGOUT) {
return API_RETURN_FORBIDDEN;
}
es_cookie::delete("user_name");
es_cookie::delete("user_pwd");
es_session::delete("user_info");
}
public function create_user()
{
$s_api_user_info = es_session::get("api_user_info");
$user_data['user_name'] = $s_api_user_info['name'];
$user_data['sina_id'] = $s_api_user_info['id'];
$user_data['sina_token'] = $s_api_user_info['sina_token'];
$result = auto_create($user_data, 0);
if ($result['status']) {
$user_info = $result['user_data'];
} else {
showErr("注册失败");
}
es_session::delete("api_user_info");
return $user_info;
}
/**
* 清除当前地理定位
*/
public static function clear_geo()
{
es_session::delete("current_geo");
}
function send_store_sms()
{
$return["status"] = 0;
if (!$GLOBALS['user_info']) {
$return["status"] = 2;
$return["message"] = $GLOBALS['LANG']["PLEASE_LOGIN_FIRST"];
ajax_return($return);
exit;
}
//验证码
if (app_conf("VERIFY_IMAGE") == 1) {
$verify = md5(trim($_REQUEST['verify']));
$session_verify = es_session::get('verify');
if ($verify != $session_verify) {
$return["message"] = $GLOBALS['lang']['VERIFY_CODE_ERROR'];
ajax_return($return);
exit;
}
}
es_session::delete("verify");
$now = get_gmtime();
$today_begin = to_timespan(to_date($now, "Y-m-d"));
$today_end = $today_begin + 24 * 3600;
$count = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "deal_msg_list where user_id = " . $GLOBALS['user_info']['id'] . " and is_youhui = 2 and create_time between " . $today_begin . " and " . $today_end);
if ($count >= intval(app_conf("STORE_SEND_LIMIT"))) {
$return['message'] = $GLOBALS['lang']['SMS_LIMIT_OVER'];
ajax_return($return);
exit;
}
$id = intval($_REQUEST['store_id']);
$store_info = $GLOBALS['db']->getRow("select `name`,`address`,`tel`,`sms_content` from " . DB_PREFIX . "supplier_location where id = " . $id);
if (!$store_info) {
$return["status"] = 0;
$return["message"] = $GLOBALS['LANG']["NO_SUPPLIER"];
ajax_return($return);
exit;
}
if ($store_info['sms_content'] != "") {
$sms_content = $store_info['sms_content'];
} else {
$sms_content = $store_info['name'] . $store_info['tel'] . $store_info['address'];
}
$msg_data['send_type'] = 0;
$msg_data['content'] = $sms_content;
$msg_data['send_time'] = 0;
$msg_data['is_send'] = 0;
$msg_data['create_time'] = get_gmtime();
$msg_data['user_id'] = $GLOBALS['user_info']['id'];
$msg_data['is_html'] = 0;
$msg_data['is_youhui'] = 2;
$msg_data['dest'] = trim($_REQUEST['mobile']);
if (check_mobile($msg_data['dest']) && $msg_data['dest'] != "") {
$GLOBALS['db']->autoExecute(DB_PREFIX . "deal_msg_list", $msg_data);
}
//插入
$return["status"] = 1;
ajax_return($return);
exit;
}
public function create_user()
{
$s_api_user_info = es_session::get("api_user_info");
$user_data['user_name'] = $s_api_user_info['name'];
$user_data['user_pwd'] = md5(rand(100000, 999999));
$user_data['create_time'] = get_gmtime();
$user_data['update_time'] = get_gmtime();
$user_data['login_ip'] = get_client_ip();
$user_data['group_id'] = $GLOBALS['db']->getOne("select id from " . DB_PREFIX . "user_group order by score asc limit 1");
$user_data['is_effect'] = 1;
$user_data['tencent_id'] = $s_api_user_info['id'];
$user_data['t_access_token'] = $s_api_user_info['t_access_token'];
$user_data['t_openkey'] = $s_api_user_info['t_openkey'];
$user_data['t_openid'] = $s_api_user_info['t_openid'];
$count = 0;
do {
if ($count > 0) {
$user_data['user_name'] = $user_data['user_name'] . $count;
}
if ($user_data['tencent_id']) {
$GLOBALS['db']->autoExecute(DB_PREFIX . "user", $user_data, "INSERT", '', 'SILENT');
}
$rs = $GLOBALS['db']->insert_id();
$count++;
} while (intval($rs) == 0 && $user_data['tencent_id']);
$user_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . intval($rs));
es_session::set("user_info", $user_info);
es_session::delete("api_user_info");
}
public function save()
{
$ajax = intval($_REQUEST['ajax']);
if (!check_ipop_limit(get_client_ip(), "project_save", 5)) {
showErr("提交太频繁", $ajax, "");
}
if (!$GLOBALS['user_info']) {
showErr("", $ajax, url("user#login"));
}
$id = intval($_REQUEST['id']);
$data['name'] = strim($_REQUEST['name']);
if ($data['name'] == "") {
showErr("请填写项目名称", $ajax, "");
}
if (msubstr($data['name'], 0, 25) != $data['name']) {
showErr("项目名称不超过25个字", $ajax, "");
}
$data['cate_id'] = intval($_REQUEST['cate_id']);
if ($data['cate_id'] == 0) {
showErr("请选择项目分类", $ajax, "");
}
$data['province'] = strim($_REQUEST['province']);
if ($data['province'] == '') {
showErr("请选择省份", $ajax, "");
}
$data['city'] = strim($_REQUEST['city']);
if ($data['city'] == '') {
showErr("请选择城市", $ajax, "");
}
$data['brief'] = strim($_REQUEST['brief']);
$data['image'] = replace_public(addslashes(trim($_REQUEST['image'])));
if ($data['image'] == "") {
showErr("上传封面图片", $ajax, "");
}
require_once APP_ROOT_PATH . "system/libs/words.php";
$data['tags'] = implode(" ", words::segment($data['name']));
$data['description'] = replace_public(addslashes(trim(valid_tag($_REQUEST['description']))));
//
$data['vedio'] = strim($_REQUEST['vedio']);
if ($data['vedio'] != "") {
require_once APP_ROOT_PATH . "system/utils/vedio.php";
$vedio = fetch_vedio_url($data['vedio']);
if ($vedio != "") {
$data['source_vedio'] = $vedio;
} else {
showErr("非法的视频地址", $ajax, "");
}
}
$data['limit_price'] = doubleval($_REQUEST['limit_price']);
if ($data['limit_price'] <= 0) {
showErr("请输入正确的目标金额", $ajax, "");
}
$data['deal_days'] = doubleval($_REQUEST['deal_days']);
if ($data['deal_days'] <= 0) {
showErr("请输入正确的上线天数", $ajax, "");
}
if ($id > 0) {
$savenext = intval($_REQUEST['savenext']);
$GLOBALS['db']->autoExecute(DB_PREFIX . "deal", $data, "UPDATE", "id=" . $id, "SILENT");
//追加faq
$GLOBALS['db']->query("delete from " . DB_PREFIX . "deal_faq where deal_id = " . $id);
$sort = 1;
foreach ($_REQUEST['question'] as $kk => $question_item) {
if (strim($_REQUEST['question'][$kk]) != "" && strim($_REQUEST['answer'][$kk]) != "" && strim($_REQUEST['question'][$kk]) != "请输入问题" && strim($_REQUEST['answer'][$kk]) != "请输入答案") {
$faq_item['deal_id'] = $id;
$faq_item['question'] = strim($_REQUEST['question'][$kk]);
$faq_item['answer'] = strim($_REQUEST['answer'][$kk]);
$faq_item['sort'] = $sort;
$GLOBALS['db']->autoExecute(DB_PREFIX . "deal_faq", $faq_item);
$sort++;
}
}
if ($savenext == 0) {
showSuccess($id, $ajax, "");
} else {
showSuccess("", $ajax, url("project#add_item", array("id" => $id)));
}
} else {
$data['user_id'] = intval($GLOBALS['user_info']['id']);
$data['user_name'] = $GLOBALS['user_info']['user_name'];
$data['create_time'] = NOW_TIME;
$savenext = intval($_REQUEST['savenext']);
$GLOBALS['db']->autoExecute(DB_PREFIX . "deal", $data, "INSERT", "", "SILENT");
$data_id = intval($GLOBALS['db']->insert_id());
if ($data_id == 0) {
showErr("保存失败,请联系管理员", $ajax, "");
} else {
es_session::delete("deal_image");
//追加faq
$sort = 1;
foreach ($_REQUEST['question'] as $kk => $question_item) {
if (strim($_REQUEST['question'][$kk]) != "" && strim($_REQUEST['answer'][$kk]) != "" && strim($_REQUEST['question'][$kk]) != "请输入问题" && strim($_REQUEST['answer'][$kk]) != "请输入答案") {
$faq_item['deal_id'] = $data_id;
$faq_item['question'] = strim($_REQUEST['question'][$kk]);
$faq_item['answer'] = strim($_REQUEST['answer'][$kk]);
$faq_item['sort'] = $sort;
$GLOBALS['db']->autoExecute(DB_PREFIX . "deal_faq", $faq_item);
$sort++;
}
}
if ($savenext == 0) {
showSuccess($data_id, $ajax, "");
} else {
showSuccess("", $ajax, url("project#add_item", array("id" => $data_id)));
}
}
}
}
public function callback()
{
require_once APP_ROOT_PATH . 'system/api_login/sina/saetv2.ex.class.php';
es_session::start();
//$sina_keys = es_session::get("sina_keys");
$o = new SaeTOAuthV2($this->api['config']['app_key'], $this->api['config']['app_secret']);
if (isset($_REQUEST['code'])) {
$keys = array();
$keys['code'] = $_REQUEST['code'];
if ($this->api['config']['app_url'] == "") {
$app_url = get_domain() . APP_ROOT . "/api_callback.php?c=Sina";
} else {
$app_url = $this->api['config']['app_url'];
}
$keys['redirect_uri'] = $app_url;
try {
$token = $o->getAccessToken('code', $keys);
} catch (OAuthException $e) {
print_r($e);
exit;
}
}
$c = new SaeTClientV2($this->api['config']['app_key'], $this->api['config']['app_secret'], $token['access_token']);
$ms = $c->home_timeline();
// done
$uid_get = $c->get_uid();
$uid = $uid_get['uid'];
$msg = $c->show_user_by_id($uid);
//根据ID获取用户等基本信息
//name,url,province,city,avatar,token,field,token_field(授权的字段),sex,secret_field(授权密码的字段),scret,url_field(微博地址的字段)
$api_data['name'] = $msg['name'];
$api_data['url'] = "http://weibo.com/" . $msg['profile_url'];
$location = $msg['location'];
$location = explode(" ", $location);
$api_data['province'] = $location[0];
$api_data['city'] = $location[1];
$api_data['avatar'] = $msg['http://tp2.sinaimg.cn/3048107865/180/0/1'];
$api_data['field'] = 'sina_id';
$api_data['token'] = $token['access_token'];
$api_data['token_field'] = "sina_token";
$api_data['secret'] = "";
$api_data['secret_field'] = "sina_secret";
$api_data['url_field'] = "sina_url";
if ($msg['gender'] == 'm') {
$api_data['sex'] = 1;
} else {
if ($msg['gender'] == 'f') {
$api_data['sex'] = 0;
} else {
$api_data['sex'] = -1;
}
}
if ($msg['name'] != "") {
es_session::set("api_user_info", $api_data);
}
$user_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where sina_id = '" . $api_data['name'] . "' and sina_id <> ''");
if ($user_data) {
es_session::delete("api_user_info");
$GLOBALS['db']->query("update " . DB_PREFIX . "user set sina_token = '" . $api_data['token'] . "',login_ip = '" . get_client_ip() . "',login_time= " . get_gmtime() . ",sina_url = '" . $api_data['url'] . "' where id =" . $user_data['id']);
update_user_weibo($user_data['id'], $api_data['url']);
//更新微博
es_session::set("user_info", $user_data);
app_redirect_preview();
} else {
if ($GLOBALS['user_info']) {
update_user_weibo($GLOBALS['user_info']['id'], $api_data['url']);
//更新微博
$GLOBALS['db']->query("update " . DB_PREFIX . "user set sina_id = '" . $api_data['name'] . "',sina_token = '" . $api_data['token'] . "',sina_url = '" . $api_data['url'] . "' where id =" . intval($GLOBALS['user_info']['id']));
app_redirect(url("settings#bind"));
} else {
app_redirect(url("user#api_register"));
}
}
}
/**
* 登出,返回 array('status'=>'',data=>'',msg=>'') msg存放整合接口返回的字符串
*/
function loginout_user()
{
$user_info = es_session::get("manageagency_info");
if (!$user_info) {
$result['status'] = 0;
} else {
es_session::delete("manageagency_info");
$result['status'] = 1;
}
return $result;
}
/**
* 登出,返回 array('status'=>'',data=>'',msg=>'') msg存放整合接口返回的字符串
*/
function loginout_user()
{
$user_info = es_session::get("user_info");
if (!$user_info) {
return false;
} else {
//载入会员整合
$integrate_code = trim(app_conf("INTEGRATE_CODE"));
if ($integrate_code != '') {
$integrate_file = APP_ROOT_PATH . "system/integrate/" . $integrate_code . "_integrate.php";
if (file_exists($integrate_file)) {
require_once $integrate_file;
$integrate_class = $integrate_code . "_integrate";
$integrate_obj = new $integrate_class();
}
}
if ($integrate_obj) {
$result = $integrate_obj->logout();
}
if (intval($result['status']) == 0) {
$result['status'] = 1;
}
es_session::delete("user_info");
return $result;
}
}
public function reply()
{
$return["status"] = 0;
if (!$GLOBALS['user_info']) {
$return["status"] = 2;
$return["message"] = $GLOBALS['LANG']["PLEASE_LOGIN_FIRST"];
ajax_return($return);
exit;
}
//验证码
if (app_conf("VERIFY_IMAGE") == 1) {
$verify = md5(trim($_REQUEST['verify']));
$session_verify = es_session::get('verify');
if ($verify != $session_verify) {
$return["message"] = $GLOBALS['lang']['VERIFY_CODE_ERROR'];
ajax_return($return);
exit;
}
}
$content = htmlspecialchars(addslashes(valid_str($_REQUEST['content'])));
$uid = intval($GLOBALS["user_info"]['id']);
$pid = intval($_REQUEST['pid']);
$dp_id = intval($_REQUEST['dp_id']);
$page = intval($_REQUEST['page']);
if (!check_ipop_limit(get_client_ip(), "dpsign", 10, $dp_id)) {
$return['message'] = '请勿频繁回应';
ajax_return($return);
exit;
}
es_session::delete("verify");
$dp_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "supplier_location_dp where id = " . $dp_id);
$merchant_info = $GLOBALS['db']->getRow("select name,id from " . DB_PREFIX . "supplier_location where id = " . $dp_info['supplier_location_id']);
$reply_data = array();
$reply_data['dp_id'] = $dp_id;
$reply_data['content'] = $content;
$reply_data['user_id'] = $uid;
$reply_data['parent_id'] = $pid;
$reply_data['create_time'] = get_gmtime();
$GLOBALS['db']->autoExecute(DB_PREFIX . "supplier_location_dp_reply", $reply_data, "INSERT");
$rid = $GLOBALS['db']->insert_id();
if ($rid > 0) {
$syn_reply = intval($_REQUEST['syn_reply']);
if ($syn_reply == 1) {
$s_account_info = es_session::get("account_info");
if (in_array($dp_info['supplier_location_id'], $s_account_info['location_ids']) && $dp_info['from_data'] != "") {
//验证通过
$message_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "message where id = " . intval($dp_info['message_id']));
if ($message_info) {
$message_info['admin_reply'] = $content;
$message_info['update_time'] = get_gmtime();
$GLOBALS['db']->autoExecute(DB_PREFIX . "message", $message_info, "UPDATE", "id=" . $message_info['id']);
send_user_msg("商户回复了你的点评", "商户回复了你的点评 [<a href='" . url("youhui", "review#detail", array("id" => $dp_info['id'])) . "' target='_blank'>" . $dp_info['title'] . "</a>]", 0, $dp_info['user_id'], get_gmtime(), 0, 1, 1);
}
}
}
increase_user_active(intval($GLOBALS['user_info']['id']), "回应了一则商户点评");
$GLOBALS['db']->query("update " . DB_PREFIX . "supplier_location_dp set reply_count = reply_count + 1 where id = " . $dp_id);
}
//输出回应列表
$sql_count = "select count(*) from " . DB_PREFIX . "supplier_location_dp_reply where dp_id = " . $dp_id;
$count = $GLOBALS['db']->getOne($sql_count);
$page_size = app_conf("PAGE_SIZE");
if ($page == 0) {
$page = 1;
}
$limit = ($page - 1) * app_conf("PAGE_SIZE") . "," . app_conf("PAGE_SIZE");
$sql = "select * from " . DB_PREFIX . "supplier_location_dp_reply where dp_id = " . $dp_id . " order by create_time desc limit " . $limit;
$reply_list = $GLOBALS['db']->getAll($sql);
foreach ($reply_list as $k => $v) {
$reply_list[$k]['user_name'] = $GLOBALS['db']->getOne("select user_name from " . DB_PREFIX . "user where id = " . $v['user_id']);
$reply_list[$k]['create_time_format'] = pass_date($v['create_time']);
}
$GLOBALS['current_url'] = $_SERVER['REQUEST_URI'] = url("youhui", "review#detail", array("id" => $dp_id));
$page = new Page($count, $page_size);
//初始化分页对象
$p = $page->show();
$GLOBALS['tmpl']->assign('pages', $p);
$GLOBALS['tmpl']->assign("reply_list", $reply_list);
$GLOBALS['tmpl']->assign('user_auth', get_user_auth());
$html = decode_topic($GLOBALS['tmpl']->fetch("inc/review/reply_list.html"));
$return = array("status" => 1, "message" => $html);
ajax_return($return);
exit;
}
/**
* 清除授权
*/
public static function clearOAuthInfo()
{
if (es_session::is_set("t_access_token")) {
es_session::delete("t_access_token");
}
if (es_session::is_set("t_expire_in")) {
es_session::delete("t_expire_in");
}
if (es_session::is_set("t_code")) {
es_session::delete("t_code");
}
if (es_session::is_set("t_openid")) {
es_session::delete("t_openid");
}
if (es_session::is_set("t_openkey")) {
es_session::delete("t_openkey");
}
if (es_session::is_set("t_oauth_version")) {
es_session::delete("t_oauth_version");
}
}
function get_gopreview()
{
$gopreview = es_session::get("gopreview");
if (!isset($gopreview) || $gopreview == "") {
$has_cart = intval($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "deal_cart where session_id = '" . es_session::id() . "'"));
if ($has_cart > 0) {
$gopreview = url("index", "cart");
} else {
$gopreview = es_session::get('before_login') ? es_session::get('before_login') : url("index");
}
}
es_session::delete("before_login");
es_session::delete("gopreview");
return $gopreview;
}
}
}
if ($class == 'login') {
$i = json_decode($data);
if ($i->return == 1) {
/*
//将会员信息存在session中
es_session::set('uid',$i->uid);
es_session::set('user_name',$i->user_name);
es_session::set('user_pwd',$request_param['pwd']);
//cookie
es_cookie::set('uid',$i->uid,3600*24*365);
es_cookie::set('user_name',$i->user_name,3600*24*365);
es_cookie::set('user_pwd',$request_param['pwd'],3600*24*365);
*/
es_session::delete("user_info");
es_cookie::set("user_name", $i->user_name, 3600 * 24 * 30);
es_cookie::set("user_pwd", md5($i->user_pwd . "_EASE_COOKIE"), 3600 * 24 * 30);
}
}
if ($class == 'biz_login') {
$i = json_decode($data);
if ($i->status == 1) {
//将会员信息存在session中
es_session::set('supplier_id', $i->supplier_id);
es_session::set('biz_email', $i->biz_email);
es_session::set('biz_pwd', $i->biz_pwd);
}
}
if ($class == 'changecity') {
$i = json_decode($data);
public function logout()
{
require_once APP_ROOT_PATH . "system/libs/biz_user.php";
loginout_biz();
es_cookie::delete("account_name");
es_cookie::delete("account_pwd");
es_session::delete("biz_nav_list");
es_session::delete("biz_account_auth");
$jump = url("biz", "user#login");
app_redirect($jump);
}
function get_gopreview()
{
$gopreview = es_session::get("gopreview");
if (!isset($gopreview) || $gopreview == "") {
$gopreview = es_session::get('before_login') ? es_session::get('before_login') : url("index");
}
es_session::delete("before_login");
es_session::delete("gopreview");
return $gopreview;
}
/**
* 发送商家提现手机验证码
*/
public function biz_sms_code()
{
$s_account_info = $GLOBALS["account_info"];
$verify_code = strim($_REQUEST['verify_code']);
$sms_ipcount = load_sms_ipcount();
if ($sms_ipcount > 1) {
//需要图形验证码
if (es_session::get("verify") != md5($verify_code)) {
$data['status'] = false;
$data['info'] = "图形验证码错误";
$data['field'] = "verify_code";
ajax_return($data);
}
}
if (!check_ipop_limit(CLIENT_IP, "send_sms_code", SMS_TIMESPAN)) {
showErr("请勿频繁发送短信", 1);
}
$mobile_phone = $GLOBALS['db']->getOne("select mobile from " . DB_PREFIX . "supplier_account where supplier_id=" . $s_account_info['supplier_id'] . " and is_main=1");
if (empty($mobile_phone)) {
$data['status'] = false;
$data['info'] = "商户未提供验证手机号,请联系管理员";
ajax_return($data);
}
//删除失效验证码
$sql = "DELETE FROM " . DB_PREFIX . "sms_mobile_verify WHERE add_time <=" . (NOW_TIME - SMS_EXPIRESPAN);
$GLOBALS['db']->query($sql);
$mobile_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "sms_mobile_verify where mobile_phone = '" . $mobile_phone . "'");
if ($mobile_data) {
//重新发送未失效的验证码
$code = $mobile_data['code'];
$mobile_data['add_time'] = NOW_TIME;
$GLOBALS['db']->query("update " . DB_PREFIX . "sms_mobile_verify set add_time = '" . $mobile_data['add_time'] . "',send_count = send_count + 1 where mobile_phone = '" . $mobile_phone . "'");
} else {
$code = rand(100000, 999999);
$mobile_data['mobile_phone'] = $mobile_phone;
$mobile_data['add_time'] = NOW_TIME;
$mobile_data['code'] = $code;
$mobile_data['ip'] = CLIENT_IP;
$GLOBALS['db']->autoExecute(DB_PREFIX . "sms_mobile_verify", $mobile_data, "INSERT", "", "SILENT");
}
send_verify_sms($mobile_phone, $code);
es_session::delete("verify");
//删除图形验证码
$data['status'] = true;
$data['info'] = "发送成功";
$data['lesstime'] = SMS_TIMESPAN - (NOW_TIME - $mobile_data['add_time']);
//剩余时间
$data['sms_ipcount'] = load_sms_ipcount();
ajax_return($data);
}
/**
* 发送手机验证码
*/
public function send_sms_code()
{
$verify_code = strim($_REQUEST['verify_code']);
$mobile_phone = strim($_REQUEST['mobile']);
if ($mobile_phone == "") {
$data['status'] = false;
$data['info'] = "请输入手机号";
$data['field'] = "user_mobile";
ajax_return($data);
}
if (!check_mobile($mobile_phone)) {
$data['status'] = false;
$data['info'] = "手机号格式不正确";
$data['field'] = "user_mobile";
ajax_return($data);
}
if (intval($_REQUEST['unique']) == 1) {
if (intval($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "supplier_submit where account_mobile = '" . $mobile_phone . "'")) > 0) {
$data['status'] = false;
$data['info'] = "手机号已被注册";
$data['field'] = "account_mobile";
ajax_return($data);
}
}
$sms_ipcount = load_sms_ipcount();
if ($sms_ipcount > 1) {
//需要图形验证码
if (es_session::get("verify") != md5($verify_code)) {
$data['status'] = false;
$data['info'] = "验证码错误";
$data['field'] = "verify_code";
ajax_return($data);
}
}
if (!check_ipop_limit(CLIENT_IP, "send_sms_code", SMS_TIMESPAN)) {
showErr("请勿频繁发送短信", 1);
}
//删除失效验证码
$sql = "DELETE FROM " . DB_PREFIX . "sms_mobile_verify WHERE add_time <=" . (NOW_TIME - SMS_EXPIRESPAN);
$GLOBALS['db']->query($sql);
$mobile_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "sms_mobile_verify where mobile_phone = '" . $mobile_phone . "'");
if ($mobile_data) {
//重新发送未失效的验证码
$code = $mobile_data['code'];
$mobile_data['add_time'] = NOW_TIME;
$GLOBALS['db']->query("update " . DB_PREFIX . "sms_mobile_verify set add_time = '" . $mobile_data['add_time'] . "',send_count = send_count + 1 where mobile_phone = '" . $mobile_phone . "'");
} else {
$code = rand(100000, 999999);
$mobile_data['mobile_phone'] = $mobile_phone;
$mobile_data['add_time'] = NOW_TIME;
$mobile_data['code'] = $code;
$mobile_data['ip'] = CLIENT_IP;
$GLOBALS['db']->autoExecute(DB_PREFIX . "sms_mobile_verify", $mobile_data, "INSERT", "", "SILENT");
}
send_verify_sms($mobile_phone, $code);
es_session::delete("verify");
//删除图形验证码
$data['status'] = true;
$data['info'] = "发送成功";
$data['lesstime'] = SMS_TIMESPAN - (NOW_TIME - $mobile_data['add_time']);
//剩余时间
$data['sms_ipcount'] = load_sms_ipcount();
ajax_return($data);
}
/**
* 清除授权
*/
public static function clearOAuthInfo()
{
es_session::delete('t_access_token');
es_session::delete('t_expire_in');
es_session::delete('t_code');
es_session::delete('t_openid');
es_session::delete('t_openkey');
es_session::delete('t_oauth_version');
}
