set_cookie('username', $email);
} else {
$mobile = $_SESSION['f_key'];
$mobile == $t['mobile'] && $t['vmobile'] or exit('ko');
$_SESSION['mobile_code'] == md5($t['mobile'] . '|' . $code) or exit('ko');
set_cookie('username', $mobile);
}
$salt = random(8);
$pass = dpassword($password, $salt);
$db->query("UPDATE {$DT_PRE}member SET password='******',passsalt='{$salt}' WHERE userid='{$userid}'");
session_destroy();
exit('ok');
break;
case 'check':
isset($type) or exit('ko');
$captcha = isset($captcha) ? convert(input_trim($captcha), 'UTF-8', DT_CHARSET) : '';
$msg = captcha($captcha, 1, true);
if ($msg) {
exit('captcha');
}
if ($type == 'mobile') {
$could_mobile or exit('ko');
is_mobile($mobile) or exit('ko');
$t = $db->get_one("SELECT userid FROM {$DT_PRE}member WHERE mobile='{$mobile}' AND vmobile=1");
if ($t) {
$_SESSION['f_uid'] = $t['userid'];
$_SESSION['f_key'] = $mobile;
exit('ok');
}
exit('no');
} else {
mobile_msg($L['know_msg_has_answered']);
}
}
$need_captcha = $MOD['captcha_answer'] == 2 ? $MG['captcha'] : $MOD['captcha_answer'];
$need_question = $MOD['question_answer'] == 2 ? $MG['question'] : $MOD['question_answer'];
if ($need_question) {
$need_captcha = 1;
}
if (isset($_POST['ok'])) {
require_once DT_ROOT . '/include/post.func.php';
$captcha = isset($captcha) ? convert(input_trim($captcha), 'UTF-8', DT_CHARSET) : '';
$msg = captcha($captcha, $need_captcha, true);
if ($msg) {
exit('captcha');
}
$content = isset($content) ? convert(input_trim(nl2br($content)), 'UTF-8', DT_CHARSET) : '';
$need_check = $MOD['check_answer'] == 2 ? $MG['check'] : $MOD['check_answer'];
$status = get_status(3, $need_check);
$db->query("INSERT INTO {$table}_answer (qid,content,username,addtime,ip,status) VALUES ('{$itemid}', '{$content}', '{$_username}', '{$DT_TIME}', '{$DT_IP}', '{$status}')");
if ($status == 3) {
$db->query("UPDATE {$table} SET answer=answer+1 WHERE itemid={$itemid}");
}
if ($MOD['credit_answer'] && $_username && $status == 3) {
$could_credit = true;
if ($MOD['credit_maxanswer'] > 0) {
$r = $db->get_one("SELECT SUM(amount) AS total FROM {$DT_PRE}finance_credit WHERE username='******' AND addtime>{$DT_TIME}-86400 AND reason='" . $L['answer'] . "'");
if ($r['total'] > $MOD['credit_maxanswer']) {
$could_credit = false;
}
}
if ($could_credit) {
$t['a2'] = $t['a3'] = 0;
$t['p2'] = $t['p3'] = 0.0;
}
$number = intval($v['number']);
if ($number < $t['a1']) {
$number = $t['a1'];
}
if ($number > $t['amount']) {
$number = $t['amount'];
}
if ($number < 1) {
$number = 1;
}
$price = get_price($number, $t['price'], $t['step']);
$amount = $number * $price;
$_note = convert(input_trim($v['note']), 'UTF-8', DT_CHARSET);
$note = '';
$t['P1'] = get_nv($t['n1'], $t['v1']);
$t['P2'] = get_nv($t['n2'], $t['v2']);
$t['P3'] = get_nv($t['n3'], $t['v3']);
$t['s1'] = $s1;
$t['s2'] = $s2;
$t['s3'] = $s3;
$t['m1'] = isset($t['P1'][$t['s1']]) ? $t['P1'][$t['s1']] : '';
$t['m2'] = isset($t['P2'][$t['s2']]) ? $t['P2'][$t['s2']] : '';
$t['m3'] = isset($t['P3'][$t['s3']]) ? $t['P3'][$t['s3']] : '';
$t['m1'] = isset($t['P1'][$t['s1']]) ? $t['P1'][$t['s1']] : '';
$t['m2'] = isset($t['P2'][$t['s2']]) ? $t['P2'][$t['s2']] : '';
$t['m3'] = isset($t['P3'][$t['s3']]) ? $t['P3'][$t['s3']] : '';
if ($t['m1']) {
$note .= $t['n1'] . ':' . $t['m1'] . ' ';
case 'post':
if ($MOD['captcha_register']) {
$captcha = isset($captcha) ? convert(input_trim($captcha), 'UTF-8', DT_CHARSET) : '';
$msg = captcha($captcha, $MOD['captcha_register'], true);
if ($msg) {
exit('captcha');
}
}
$post = array();
$post['regid'] = isset($regid) ? intval($regid) : 0;
$post['username'] = isset($username) ? input_trim($username) : '';
$post['password'] = isset($password) ? input_trim($password) : '';
$post['email'] = isset($email) ? input_trim($email) : '';
$post['mobile'] = isset($mobile) ? input_trim($mobile) : '';
$post['truename'] = isset($truename) ? convert(input_trim($truename), 'UTF-8', DT_CHARSET) : '';
$post['company'] = isset($company) ? convert(input_trim($company), 'UTF-8', DT_CHARSET) : '';
$post['passport'] = $post['username'];
$post['cpassword'] = $post['password'];
$RG = array();
foreach ($GROUP as $k => $v) {
if ($k > 4 && $v['vip'] == 0) {
$RG[] = $k;
}
}
if (!in_array($post['regid'], $RG)) {
exit('group');
}
if ($MOD['passport'] == 'uc') {
$passport = convert($post['passport'], DT_CHARSET, $MOD['uc_charset']);
require DT_ROOT . '/api/uc.inc.php';
list($uid, $rt_username, $rt_password, $rt_email) = uc_user_login($passport, $post['password']);
}
$back_link = '?page=' . $page;
$head_name = $L['address_add'];
$head_title = $head_name . $DT['seo_delimiter'] . $head_title;
}
break;
case 'edit':
$itemid or dheader('?reload=' . $DT_TIME);
$do->itemid = $itemid;
$r = $do->get_one();
if (!$r || $r['username'] != $_username) {
mobile_msg($L['msg_no_right']);
}
if (isset($_POST['ok'])) {
foreach ($post as $k => $v) {
$post[$k] = convert(input_trim($v), 'UTF-8', DT_CHARSET);
}
if ($do->pass($post)) {
$post['username'] = $_username;
$do->edit($post);
exit('ok');
} else {
exit($do->errmsg);
}
} else {
extract($r);
$back_link = '?page=' . $page;
$head_name = $L['address_edit'];
$head_title = $head_name . $DT['seo_delimiter'] . $head_title;
}
break;
/*
[Destoon B2B System] Copyright (c) 2008-2015 www.destoon.com
This is NOT a freeware, use is subject to license.txt
*/
$moduleid = 2;
require 'common.inc.php';
$_userid or dheader('login.php?forward=' . urlencode('message.php?action=' . $action));
switch ($action) {
case 'send':
if (isset($_POST['ok'])) {
require DT_ROOT . '/include/post.func.php';
require DT_ROOT . '/module/member/message.class.php';
$do = new message();
$message = array();
$message['typeid'] = 0;
$message['touser'] = input_trim($touser);
$message['title'] = convert($title, 'UTF-8', DT_CHARSET);
$message['content'] = convert($content, 'UTF-8', DT_CHARSET);
if ($do->send($message)) {
mobile_msg($L['message_success'], $forward ? $forward : 'message.php?reload=' . $DT_TIME);
} else {
mobile_msg($do->errmsg);
}
} else {
$touser = isset($touser) ? trim($touser) : '';
$title = isset($title) ? trim(decrypt($title, DT_KEY . 'SEND')) : '';
$content = isset($content) ? trim(decrypt($content, DT_KEY . 'SEND')) : '';
$typeid = isset($typeid) ? intval($typeid) : 0;
$head_name = $L['message_send'];
$head_title = $head_name . $DT['seo_delimiter'] . $head_title;
}
<?php
require 'common.inc.php';
$club_post = substr($action, 0, 4) == 'post' && isset($MODULE[18]) ? 1 : 0;
if (isset($_POST['ok']) && isset($wd) && $wd) {
if (in_array($action, array('message'))) {
$url = $action . '.php?';
} else {
if ($club_post) {
$catid = intval(substr($action, 4));
$url = 'index.php?moduleid=18&catid=' . $catid . '&';
} else {
$moduleid = intval(str_replace('mod', '', $action));
$url = 'index.php?moduleid=' . $moduleid . '&';
}
}
$wd = input_trim($wd);
$wd = convert($wd, 'UTF-8', DT_CHARSET);
dheader($url . 'kw=' . encrypt($wd, DT_KEY . 'KW'));
}
$head_title = $L['search_title'] . $DT['seo_delimiter'] . $head_title;
$foot = 'channel';
include template('search', 'mobile');
if (DT_CHARSET != 'UTF-8') {
toutf8();
}
if ($open < 3) {
$_key = $open == 2 ? $password : $answer;
$str = get_cookie('photo_' . $itemid);
$pass = $str == md5(md5($DT_IP . $open . $_key . DT_KEY));
if ($_username && $_username == $username) {
$pass = true;
}
} else {
$pass = true;
}
if ($action == 'verify') {
if ($pass) {
exit('ok');
}
$_key = $open == 2 ? $password : $answer;
$key = isset($key) ? convert(input_trim($key), 'UTF-8', DT_CHARSET) : '';
if ($key == $_key) {
set_cookie('photo_' . $itemid, md5(md5($DT_IP . $open . $_key . DT_KEY)), $DT_TIME + 86400);
exit('ok');
}
exit('ko');
}
$description = '';
$user_status = 3;
$fee = get_fee($item['fee'], $MOD['fee_view']);
include 'content.inc.php';
$content_table = content_table($moduleid, $itemid, $MOD['split'], $table_data);
$t = $db->get_one("SELECT content FROM {$content_table} WHERE itemid={$itemid}");
$content = video5($t['content']);
if ($user_status == 2) {
$description = get_description($content, $MOD['pre_view']);
$amount = 1;
}
$company = dhtmlspecialchars(convert(input_trim($company), 'UTF-8', DT_CHARSET));
$truename = dhtmlspecialchars(convert(input_trim($truename), 'UTF-8', DT_CHARSET));
if (strlen($truename) < 2 * DT_CHARLEN) {
exit('truename');
}
if (!is_mobile($mobile)) {
exit('mobile');
}
$areaid = intval($areaid);
$address = dhtmlspecialchars(convert(input_trim($address), 'UTF-8', DT_CHARSET));
preg_match("/^[0-9]{6}\$/", $postcode) or $postcode = '';
is_email($email) or $email = '';
is_qq($qq) or $qq = '';
$content = dhtmlspecialchars(convert(input_trim($content), 'UTF-8', DT_CHARSET));
$user = $item['username'];
$title = addslashes($item['title']);
$db->query("INSERT INTO {$table_order} (id,user,title,amount,company,truename,mobile,areaid,address,postcode,email,qq,content,addtime,username,ip) VALUES ('{$itemid}','{$user}','{$title}','{$amount}','{$company}','{$truename}','{$mobile}','{$areaid}','{$address}','{$postcode}','{$email}','{$qq}','{$content}','{$DT_TIME}','{$_username}','{$DT_IP}')");
$db->query("UPDATE {$table} SET orders=orders+1 WHERE itemid={$itemid}");
exit('ok');
}
if ($_userid) {
$user = userinfo($_username);
$company = $user['company'];
$truename = $user['truename'];
$mobile = $user['mobile'];
$areaid = $user['areaid'];
$address = $user['address'];
$postcode = $user['postcode'];
$email = $user['mail'] ? $user['mail'] : $user['email'];
require 'common.inc.php';
require DT_ROOT . '/module/' . $module . '/common.inc.php';
require DT_ROOT . '/include/post.func.php';
isset($auth) or $auth = '';
if ($_userid && !$MOD['passport']) {
dheader('my.php');
}
if (isset($_POST['ok'])) {
include load('member.lang');
$msg = captcha($captcha, $MOD['captcha_login'], true);
if ($msg) {
mobile_msg($msg);
}
require DT_ROOT . '/module/member/member.class.php';
$do = new member();
$username = input_trim($username);
if (!$username) {
mobile_msg($L['type_username']);
}
if (!$password) {
mobile_msg($L['type_password']);
}
if (is_email($username)) {
$r = $db->get_one("SELECT username FROM {$DT_PRE}member WHERE email='{$username}'");
$r or mobile_msg($L['not_email']);
$username = $r['username'];
} else {
if (is_mobile($username)) {
$r = $db->get_one("SELECT username,vmobile FROM {$DT_PRE}member WHERE mobile='{$username}'");
if ($r && $r['vmobile']) {
$username = $r['username'];
$buyer_name = addslashes($addr['truename']);
$buyer_phone = addslashes($addr['telephone']);
$buyer_mobile = addslashes($addr['mobile']);
$number = intval($number);
if ($number < $item['minamount']) {
$number = $item['minamount'];
}
if ($number > $item['amount']) {
$number = $item['amount'];
}
if ($number < 1) {
$number = 1;
}
$price = $item['price'];
$amount = $number * $price;
$note = convert(input_trim($note), 'UTF-8', DT_CHARSET);
$note = dhtmlspecialchars($note);
$title = addslashes($item['title']);
$linkurl = $MOD['linkurl'] . $item['linkurl'];
$status = $MOD['checkorder'] ? 0 : 1;
$fee_name = '';
$fee = $cod = 0;
$db->query("INSERT INTO {$DT_PRE}mall_order (mid,mallid,buyer,seller,title,thumb,price,number,amount,addtime,updatetime,note, buyer_postcode,buyer_address,buyer_name,buyer_phone,buyer_mobile,status,fee_name,fee,cod) VALUES ('{$moduleid}','{$itemid}','{$_username}','{$item['username']}','{$title}','{$item['thumb']}','{$price}','{$number}','{$amount}','{$DT_TIME}','{$DT_TIME}','{$note}','{$buyer_postcode}','{$buyer_address}','{$buyer_name}','{$buyer_phone}','{$buyer_mobile}','{$status}','{$fee_name}','{$fee}','{$cod}')");
$oid = $db->insert_id();
//send message
$touser = $item['username'];
$_title = $title;
$title = lang($L['trade_message_t6'], array($oid));
$url = $MODULE[2]['linkurl'] . 'trade.php?itemid=' . $oid;
$goods = '<a href="' . $linkurl . '" target="_blank" class="t"><strong>' . $_title . '</strong></a>';
$content = lang($L['trade_message_c6'], array(userurl($_username), $_username, timetodate($DT_TIME, 3), $goods, $oid, $amount, $url));
