$memberdb['authorid'] == $winduid && Showmsg('act_toalipay_authorid'); //发起人无法替别人支付 $isAdminright = $postActForBbs->getAdminRight($memberdb['authorid']); if ($memberdb['isrefund'] || $memberdb['ifanonymous'] && !$isAdminright && $memberdb['uid'] != $winduid) { //退款的无法支付、匿名但没有权限的无法支付 Showmsg('act_toalipay_error'); } $memberdb['ifpay'] != 0 && Showmsg('act_toalipay_payed'); //只有未支付状态才可以支付 if (!$memberdb['totalcash'] || !preg_match("/^(([1-9]\\d*)|0)(\\.\\d{0,2})?\$/", $memberdb['totalcash'])) { //费用错误 Showmsg('act_toalipay_cash_error'); } $memberdb['totalcash'] = number_format($memberdb['totalcash'], 2, '.', ''); //支付金额 $out_trade_no = $memberdb['out_trade_no'] ? $memberdb['out_trade_no'] : $db_sitehash . '_' . $tid . '_' . $actuid . '_' . generatestr(6); $defaultValueTableName = getActivityValueTableNameByActmid(); $defaultValue = $db->get_one("SELECT out_biz_no,paymethod,iscancel,endtime FROM {$defaultValueTableName} WHERE tid=" . S::sqlEscape($tid)); $defaultValue['paymethod'] != 1 && Showmsg('act_toalipay_paymethod'); //只有支付方式为支付宝才可以支付 $defaultValue['endtime'] + 30 * 86400 < $timestamp && Showmsg('act_endtime_toolong'); //结束时间后一个月,>0 则可以操作,< 0无法操作 $defaultValue['iscancel'] == 1 && Showmsg('act_iscancelled_y'); //活动被取消无法支付 $param = array('buyer_name' => $memberdb['username'], 'out_biz_no' => $defaultValue['out_biz_no'], 'out_trade_no' => $out_trade_no, 'amount' => $memberdb['totalcash'], 'notify_url' => "{$db_bbsurl}/act_alipay_receive.php", 'return_url' => "{$db_bbsurl}/read.php?tid={$tid}"); if ($fromuid != '-1') { //是否代付 $fromusername = $db->get_value("SELECT username FROM pw_members WHERE uid=" . S::sqlEscape($fromuid)); $issubstitute = 1; } else { $fromuid = $issubstitute = 0;
function _callbackWindidUser($user) { $user['salt'] = generatestr(6); $user['password'] = md5($user['password'] . $user['salt']); return $user; }
Promptmsg('config_noexists', 'database'); } else { $db = pwNewDBForInstall(); } $writeinto = str_pad('<?php die;?>', 96) . "\r\n"; writeover(D_P . 'data/bbscache/online.php', $writeinto); writeover(D_P . 'data/bbscache/guest.php', $writeinto); writeover(D_P . 'data/bbscache/olcache.php', "<?php\r\n\$userinbbs=1;\r\n\$guestinbbs=0;\r\n?>"); mt_srand((double) microtime() * 1000000); $rand = '0123%^&*45ICV%^&*B6789qazw~!@#$sxedcrikolpQWER%^&*TYUNM'; $randlen = strlen($rand); for ($i = 0; $i < 10; $i++) { $db_hash .= $rand[mt_rand(0, $randlen)]; } $db_siteid = generatestr(32); $db_siteownerid = generatestr(32); $db_sitehash = '10' . SitStrCode(md5($db_siteid . $db_siteownerid), md5($db_siteownerid . $db_siteid)); $db_windmagic = 0; $db->update("REPLACE INTO pw_config(db_name,db_value) VALUES ('db_hash','{$db_hash}')"); $db->update("REPLACE INTO pw_config(db_name,db_value) VALUES ('db_windmagic','{$db_windmagic}')"); $db->update("REPLACE INTO pw_config(db_name,db_value) VALUES ('db_siteid','{$db_siteid}')"); $db->update("REPLACE INTO pw_config(db_name,db_value) VALUES ('db_siteownerid','{$db_siteownerid}')"); $db->update("REPLACE INTO pw_config(db_name,db_value) VALUES ('db_sitehash','{$db_sitehash}')"); $db->update("REPLACE INTO pw_config SET db_name='db_ifpwcache',db_value= '567'"); //风格 $styles = array('wind' => '蓝色天空', 'wind8gray' => '水墨江南', 'wind8black' => '黑色旋风', 'wind8green' => '绿之印象', 'wind8purple' => '紫色梦幻', 'wind85' => '春意盎然'); $i = 1; $temp_styledb = array(); foreach ($styles as $key => $value) { if (!file_exists(D_P . 'data/style/' . $key . '.php')) { continue;
if(!isset($_POST['step'])){ include('./templets/code_main.htm');exit; }else{ $lgpwd=md5($lgpwd); $verify=md5("actionloginlguser{$lguser}lgpwd{$lgpwd}{$_SERVER[HTTP_USER_AGENT]}"); ObHeader("http://union.phpwind.com/index.php?action=login&lguser=$lguser&lgpwd=$lgpwd&verify=$verify"); } }elseif($action=='key'){ if(!isset($cfg_siteid)||!$cfg_siteid){ $dsql = new DedeSql(false); $rt = $dsql->GetOne("Select value From #@__sysconfig where varname='cfg_siteid'"); if(!$rt['value']){ $cfg_siteid = generatestr(16); $dsql->ExecuteNoneQuery("Insert Into #@__sysconfig(info,varname,value) Values('PW营销系统密钥一','cfg_siteid','$cfg_siteid')"); $cfg_siteownerid = generatestr(18); $dsql->ExecuteNoneQuery("Insert Into #@__sysconfig(info,varname,value) Values('PW营销系统密钥二','cfg_siteownerid','$cfg_siteownerid')"); $cfg_sitehash = '12'.SitStrCode(md5($cfg_siteid.$cfg_siteownerid),md5($cfg_siteownerid.$cfg_siteid)); $dsql->ExecuteNoneQuery("Insert Into #@__sysconfig(info,varname,value) Values('PW营销唯一识别码','cfg_sitehash','$cfg_sitehash')"); } $dsql->SetQuery("Select varname,value From #@__sysconfig order by aid asc"); $dsql->Execute(); $configfile = dirname(__FILE__)."/../include/config_hand.php"; $configfile_bak = dirname(__FILE__)."/../include/config_hand_bak.php"; @copy($configfile,$configfile_bak) or die('读取文件权限出错,目录文件'.$configfile.'不可写!<a href="code_main.php">返回</a>'); $fp = @fopen($configfile,'w'); @flock($fp,3); fwrite($fp,"<"."?php\r\n") or die('读取文件权限出错,目录文件'.$configfile.'不可写!<a href="code_main.php">返回</a>'); while($row = $dsql->GetArray()){ fwrite($fp,"\${$row['varname']} = '".str_replace("'","\\'",$row['value'])."';\r\n");