function edit($post)
{
global $DT_PRE, $_username, $DT_TIME, $GROUP, $L;
$item = $this->get_one();
$user = $item['username'] ? userinfo($item['username']) : array();
$gsql = $msql = $csql = '';
$gsql = "edittime={$DT_TIME},editor='{$_username}',status={$post['status']},note='{$post['note']}'";
if ($post['status'] == 1) {
//reject
if ($user) {
if ($post['message'] && $post['content']) {
send_message($user['username'], lang($L['grade_fail'], array($GROUP[$item['groupid']]['groupname'])), nl2br($post['content']));
$gsql .= ",message=1";
}
if ($item['amount']) {
money_add($item['username'], $item['amount']);
money_record($item['username'], $item['amount'], $L['in_site'], 'system', $L['grade_title'], $L['grade_return']);
}
}
} else {
if ($post['status'] == 2) {
//
} else {
if ($post['status'] == 3) {
if ($user) {
if (isset($post['pay']) && $post['pay']) {
if ($user['money'] < $post['pay']) {
return $this->_($L['grade_pass_balance']);
} else {
money_add($item['username'], -$post['pay']);
money_record($item['username'], -$post['pay'], $L['in_site'], 'system', $L['grade_title'], $L['grade_upto'] . $GROUP[$item['groupid']]['groupname']);
}
}
$msql = $csql = "groupid={$item['groupid']},company='{$item['company']}'";
$vip = $GROUP[$item['groupid']]['vip'];
$csql .= ",vip={$vip},vipt={$vip}";
if (isset($post['pay'])) {
$csql .= ",fromtime=" . strtotime($post['fromtime']) . ",totime=" . strtotime($post['totime']) . ",validtime=" . strtotime($post['validtime']) . ",validator='{$post['validator']}',validated={$post['validated']}";
}
if ($post['message'] && $post['content']) {
send_message($user['username'], lang($L['grade_success'], array($GROUP[$item['groupid']]['groupname'])), nl2br($post['content']));
$gsql .= ",message=1";
}
}
}
}
}
$this->db->query("UPDATE {$this->table} SET {$gsql} WHERE itemid={$this->itemid}");
if ($msql) {
$this->db->query("UPDATE {$DT_PRE}member SET {$msql} WHERE userid={$item['userid']}");
}
if ($csql) {
$this->db->query("UPDATE {$DT_PRE}company SET {$csql} WHERE userid={$item['userid']}");
}
return true;
}
$fee = dround($amount * $MOD['cash_fee'] / 100);
if ($MOD['cash_fee_min'] && $fee < $MOD['cash_fee_min']) {
$fee = $MOD['cash_fee_min'];
}
if ($MOD['cash_fee_max'] && $fee > $MOD['cash_fee_max']) {
$fee = $MOD['cash_fee_max'];
}
}
$money = $amount - $fee;
if ($submit) {
is_payword($_username, $password) or message($L['error_payword']);
$member = daddslashes($member);
$name = $member['banktype'] ? $member['company'] : $member['truename'];
$db->query("INSERT INTO {$DT_PRE}finance_cash (username,bank,banktype,branch,account,truename,amount,fee,addtime,ip) VALUES ('{$_username}','{$member['bank']}','{$member['banktype']}','{$member['branch']}','{$member['account']}','{$name}','{$money}','{$fee}','{$DT_TIME}','{$DT_IP}')");
$cid = $db->insert_id();
money_add($_username, -$amount);
money_record($_username, -$amount, $L['in_site'], 'system', $L['cash_title'], $L['charge_id'] . $cid);
message($L['cash_msg_success'], '?action=record', 5);
} else {
$head_title = $L['cash_title_confirm'];
}
break;
default:
$MOD['cash_enable'] or message($L['feature_close'], $MOD['linkurl'], 3);
if (!$member['bank'] || !$member['account']) {
message($L['cash_msg_account'], '?action=setting');
}
$head_title = $L['cash_title'];
break;
}
include template('cash', $module);
//注意交易单不要重复处理
//注意判断返回金额
$total_fee = ($total_fee + $discount) / 100;
$out_trade_no = intval($out_trade_no);
$r = $db->get_one("SELECT * FROM {$DT_PRE}finance_charge WHERE itemid='{$out_trade_no}'");
if ($r) {
if ($r['status'] == 0) {
$charge_orderid = $r['itemid'];
$charge_money = $r['amount'] + $r['fee'];
$charge_amount = $r['amount'];
$editor = 'N' . $bank;
if ($total_fee == $charge_money) {
$db->query("UPDATE {$DT_PRE}finance_charge SET status=3,money={$charge_money},receivetime='{$DT_TIME}',editor='{$editor}' WHERE itemid={$charge_orderid}");
require DT_ROOT . '/include/module.func.php';
money_add($r['username'], $r['amount']);
money_record($r['username'], $r['amount'], $PAY[$bank]['name'], 'system', '在线充值', '订单ID:' . $charge_orderid);
$MOD = cache_read('module-2.php');
if ($MOD['credit_charge'] > 0) {
$credit = intval($r['amount'] * $MOD['credit_charge']);
if ($credit > 0) {
credit_add($r['username'], $credit);
credit_record($r['username'], $credit, 'system', '充值奖励', '充值' . $r['amount'] . $DT['money_unit']);
}
}
exit('success');
} else {
$note = '充值金额不匹配S:' . $charge_money . 'R:' . $total_fee;
$db->query("UPDATE {$DT_PRE}finance_charge SET status=1,receivetime='{$DT_TIME}',editor='{$editor}',note='{$note}' WHERE itemid={$charge_orderid}");
//支付失败
#log_result($note);
exit('fail');
}
}
$months = $next_month + $buy_month;
$year = floor($months / 12);
if ($months % 12 == 0) {
$to_month = 12;
$to_year = $next_year + $year - 1;
} else {
$to_month = $months % 12;
$to_year = $next_year + $year;
}
$totime = strtotime($to_year . '-' . $to_month . '-1');
$status = $EXT['spread_check'] ? 2 : 3;
if ($currency == 'money') {
money_add($_username, -$amount);
money_record($_username, -$amount, $L['in_site'], 'system', $MODULE[$mid]['name'] . $L['spread_title'], $word . '(' . $L['spread_infoid'] . $buy_tid . ')');
} else {
credit_add($_username, -$amount);
credit_record($_username, -$amount, 'system', $MODULE[$mid]['name'] . $L['spread_title'], $word . '(ID:' . $buy_tid . ')');
}
$db->query("INSERT INTO {$DT_PRE}spread (mid,tid,word,price,currency,company,username,addtime,fromtime,totime,status) VALUES ('{$mid}','{$buy_tid}','{$word}','{$buy_price}','{$currency}','{$_company}','{$_username}','{$DT_TIME}','{$next_time}','{$totime}','{$status}')");
dmsg($L['spread_msg_success'], '?status=' . $status);
} else {
//
}
} else {
dheader($EXT['spread_url']);
}
} else {
$status = isset($status) ? intval($status) : 3;
in_array($status, array(2, 3)) or $status = 3;
}
$card = $db->get_one("SELECT * FROM {$DT_PRE}finance_card WHERE number='{$number}'");
if ($card) {
if ($card['updatetime']) {
wap_msg($L['not_card_number']);
}
if ($card['totime'] < $DT_TIME) {
wap_msg($L['not_card_number']);
}
if ($card['password'] != $password) {
wap_msg($L['not_card_password']);
}
$db->query("INSERT INTO {$DT_PRE}finance_charge (username,bank,amount,money,sendtime,receivetime,editor,status,note) VALUES ('{$_username}','card', '{$card['amount']}','{$card['amount']}','{$DT_TIME}','{$DT_TIME}','system','3','{$number}')");
$db->query("UPDATE {$DT_PRE}finance_card SET username='******',updatetime='{$DT_TIME}',ip='{$DT_IP}' WHERE itemid='{$card['itemid']}'");
money_add($_username, $card['amount']);
money_record($_username, $card['amount'], $L['by_card'], 'system', $L['card_charge'], $number . '(WAP)');
$_money = $_money + $card['amount'];
wap_msg($L['charge_success'], $forward);
} else {
wap_msg($L['not_card_number']);
}
} else {
$head_title = $L['card_charge'] . $DT['seo_delimiter'] . $head_title;
include template('charge', $TP);
}
break;
case 'message_send':
if (!$_userid) {
wap_msg($L['please_login'], 'index.php?moduleid=' . $moduleid . '&action=login');
}
if ($submit) {
$buyer_name = htmlspecialchars($user['truename']);
$buyer_phone = htmlspecialchars($user['telephone']);
$buyer_receive = '';
}
$buyer_mobile = htmlspecialchars($add['mobile']);
is_mobile($buyer_mobile) or message($L['msg_type_mobile']);
$number = intval($number);
if ($number < 1) {
$number = 1;
}
$amount = $number * $item['price'];
if ($amount > $_money) {
message($L['need_charge'], 'charge.php?action=pay&amount=' . ($amount - $_money));
}
money_add($_username, -$amount);
money_record($_username, -$amount, $L['in_site'], 'system', $L['group_order_credit'], 'ID(' . $itemid . ')');
$note = htmlspecialchars($note);
$title = addslashes($item['title']);
$password = strtolower(random(6));
$db->query("INSERT INTO {$DT_PRE}group_order (gid,buyer,seller,title,thumb,price,number,amount,logistic,addtime,updatetime,note,password, buyer_postcode,buyer_address,buyer_name,buyer_phone,buyer_mobile,buyer_receive) VALUES ('{$itemid}','{$_username}','{$item['username']}','{$title}','{$item['thumb']}','{$item['price']}','{$number}','{$amount}','{$item['logistic']}','{$DT_TIME}','{$DT_TIME}','{$note}','{$password}','{$buyer_postcode}','{$buyer_address}','{$buyer_name}','{$buyer_phone}','{$buyer_mobile}','{$buyer_receive}')");
//send sms
if ($DT['sms'] && !$item['logistic']) {
$oid = $db->insert_id();
$message = lang('sms->ord_group', array($item['title'], $oid, $password));
$message = strip_sms($message);
send_sms($buyer_mobile, $message);
}
//send sms
$db->query("UPDATE {$DT_PRE}group SET orders=orders+1,sales=sales+{$number} WHERE itemid={$itemid}");
message($L['msg_buy_success'], $MODULE[2]['linkurl'] . 'group.php?action=order', 3);
} else {
$chart_data .= ';' . $num;
$T4 += $num;
}
$title = $year . '年会员充值统计报表';
}
include tpl('charge_stats', $module);
break;
case 'check':
$itemid or msg('请选择记录');
$itemid = implode(',', $itemid);
$result = $db->query("SELECT * FROM {$table} WHERE itemid IN ({$itemid}) AND status<2");
$i = 0;
while ($r = $db->fetch_array($result)) {
$money = $r['amount'] + $r['fee'];
money_add($r['username'], $r['amount']);
money_record($r['username'], $r['amount'], $PAY[$r['bank']]['name'], $_username, '在线充值', '人工');
$db->query("UPDATE {$table} SET money='{$money}',status=4,editor='{$_username}',receivetime={$DT_TIME} WHERE itemid={$r['itemid']}");
$i++;
}
dmsg('审核成功' . $i . '条记录', $forward);
break;
case 'recycle':
$itemid or msg('请选择记录');
$itemid = implode(',', $itemid);
$db->query("UPDATE {$table} SET status=2,editor='{$_username}',receivetime={$DT_TIME} WHERE itemid IN ({$itemid}) AND status=0");
dmsg('作废成功' . $db->affected_rows() . '条记录', $forward);
break;
case 'delete':
$itemid or msg('请选择记录');
$itemid = implode(',', $itemid);
$db->query("DELETE FROM {$table} WHERE itemid IN ({$itemid}) AND status=0");
}
$head_title = $L['credit_exchange_title'];
break;
case 'buy':
if ($MOD['credit_buy'] && $MOD['credit_price']) {
$C = explode('|', trim($MOD['credit_buy']));
$P = explode('|', trim($MOD['credit_price']));
if ($submit) {
is_payword($_username, $password) or message($L['error_payword']);
array_key_exists($type, $C) or message($L['credit_msg_buy_amount']);
$amount = $P[$type];
$credit = $C[$type];
if ($amount > 0) {
$_money >= $amount or message($L['money_not_enough'], 'charge.php?action=pay&reason=credit&amount=' . ($amount - $_money));
money_add($_username, -$amount);
money_record($_username, -$amount, $L['in_site'], 'system', $L['buy'] . $DT['credit_name'], $credit . $DT['credit_unit']);
if ($credit > 0) {
credit_add($_username, $credit);
credit_record($_username, $credit, 'system', $L['buy'] . $DT['credit_name'], $amount . $DT['money_unit']);
}
}
dmsg($L['credit_msg_buy_success'], $forward ? $forward : '?action=index');
} else {
$select = isset($C[$sum]) ? $sum : 0;
}
} else {
message($L['feature_close'], '?action=index');
}
$head_title = $L['credit_buy_title'];
break;
case 'invite':
money_add($_username, -$amount);
money_record($_username, -$amount, $L['in_site'], 'system', $L['grade_title'], $GROUP[$groupid]['groupname']);
} else {
$amount = 0;
}
} else {
$promo_amount = $fee;
$amount = 0;
}
}
$db->query("UPDATE {$DT_PRE}finance_promo SET username='******',ip='{$DT_IP}'," . ($p['reuse'] ? "updatetime=updatetime+1" : "updatetime='{$DT_TIME}'") . " WHERE number='{$promo_code}'");
} else {
if ($_money > $fee) {
$amount = $fee;
money_add($_username, -$amount);
money_record($_username, -$amount, $L['in_site'], 'system', $L['grade_title'], $GROUP[$groupid]['groupname']);
}
}
}
$company = htmlspecialchars(trim($company));
$truename = htmlspecialchars(trim($truename));
$telephone = htmlspecialchars(trim($telephone));
$mobile = htmlspecialchars(trim($mobile));
$email = htmlspecialchars(trim($email));
$msn = htmlspecialchars(trim($msn));
$qq = htmlspecialchars(trim($qq));
$ali = htmlspecialchars(trim($ali));
$skype = htmlspecialchars(trim($skype));
$content = htmlspecialchars(trim($content));
$db->query("INSERT INTO {$DT_PRE}upgrade (userid,username,groupid,company,truename,telephone,mobile,email,msn,qq,ali,skype,content,addtime,ip,amount,promo_code,promo_type,promo_amount,status) VALUES ('{$_userid}','{$_username}', '{$groupid}','{$company}','{$truename}','{$telephone}','{$mobile}','{$email}','{$msn}','{$qq}','{$ali}','{$skype}','{$content}', '{$DT_TIME}', '{$DT_IP}','{$amount}','{$promo_code}','{$promo_type}','{$promo_amount}','2')");
message($L['grade_msg_success'], DT_PATH, 5);
//批量付款
if ($submit) {
$itemid && is_array($itemid) or message($L['trade_msg_muti_choose']);
is_payword($_username, $password) or message($L['error_payword']);
$itemids = implode(',', $itemid);
$condition = "buyer='{$_username}' AND status=1 AND itemid IN ({$itemids})";
$result = $db->query("SELECT * FROM {$table} WHERE {$condition} ORDER BY itemid DESC LIMIT 50");
while ($td = $db->fetch_array($result)) {
$itemid = $td['itemid'];
$money = $td['amount'] + $td['fee'];
if ($_money < $money) {
break;
}
$seller = userinfo($td['seller']);
money_add($_username, -$money);
money_record($_username, -$money, $L['in_site'], 'system', $L['trade_pay_order_title'], $L['trade_order_id'] . ':' . $itemid);
$db->query("UPDATE {$table} SET status=2,updatetime={$DT_TIME} WHERE itemid={$itemid}");
$_money = $_money - $money;
$touser = $td['seller'];
$title = lang($L['trade_message_t2'], array($itemid));
$url = $memberurl . 'trade.php?itemid=' . $itemid;
$content = lang($L['trade_message_c2'], array($myurl, $_username, $timenow, $url));
$content = ob_template('messager', 'mail');
send_message($touser, $title, $content);
//send sms
if ($DT['sms'] && $_sms && $touser && isset($sendsms)) {
$touser = userinfo($touser);
if ($touser['mobile']) {
$message = lang('sms->ord_pay', array($itemid, $money));
$message = strip_sms($message);
$word = word_count($message);
}
$vip['username'] = trim($vip['username']);
$money = dround($money);
$credit = intval($credit);
$sms = intval($sms);
$usernames = explode("\n", trim($vip['username']));
foreach ($usernames as $username) {
$username = trim($username);
if (!$username) {
continue;
}
$vip['username'] = $username;
$do->vip_edit($vip);
if ($money) {
money_add($username, $money);
money_record($username, $money, '站内', $_username, $reason, $GROUP[$vip['groupid']]['groupname']);
}
if ($credit) {
credit_add($username, $credit);
credit_record($username, $credit, $_username, $reason, $GROUP[$vip['groupid']]['groupname']);
}
if ($sms) {
sms_add($username, $sms);
sms_record($username, $sms, $_username, $reason, $GROUP[$vip['groupid']]['groupname']);
}
}
dmsg('添加成功', $this_forward);
} else {
isset($username) or $username = '';
if (isset($userid)) {
if ($userid) {
<?php
defined('IN_DESTOON') or exit('Access Denied');
login();
require DT_ROOT . '/module/' . $module . '/common.inc.php';
require DT_ROOT . '/include/post.func.php';
require MD_ROOT . '/member.class.php';
$do = new member();
$do->userid = $_userid;
$user = $do->get_one();
if (!$MG['vip'] || !$MG['fee'] || $user['totime'] < $DT_TIME) {
dheader($MOD['linkurl']);
}
if ($submit) {
is_payword($_username, $password) or message($L['error_payword']);
$year = intval($year);
in_array($year, array(1, 2, 3)) or $year = 1;
$fee = dround($MG['fee'] * $year);
$fee > 0 or message($L['renew_msg_fee']);
$fee <= $_money or message($L['money_not_enough'], $MOD['linkurl'] . 'charge.php?action=pay&amount=' . ($fee - $_money));
$totime = $user['totime'] + 365 * 86400 * $year;
money_add($_username, -$fee);
money_record($_username, -$fee, $L['in_site'], 'system', $L['renew_title'], lang($L['renew_record'], array($year, timetodate($totime, 3))));
$db->query("UPDATE {$DT_PRE}company SET totime={$totime} WHERE userid={$_userid}");
dmsg($L['renew_msg_success'], $MOD['linkurl']);
} else {
$head_title = $L['renew_title'];
$havedays = ceil(($user['totime'] - $DT_TIME) / 86400);
$todate = timetodate($user['totime'], 3);
include template('renew', $module);
}
credit_record($username, $fee_back, 'system', $L['pay_record_back'], $note);
}
dheader($forward);
} else {
dheader($MOD['linkurl'] . 'credit.php?action=buy');
}
}
$discount = $MG['discount'] > 0 && $MG['discount'] < 100 ? $MG['discount'] : 100;
$discount = dround($discount / 100);
if ($submit) {
is_payword($_username, $password) or message($L['error_payword']);
$fee = dround($fee * $discount);
$fee > 0 or message($L['pay_msg_fee']);
$fee <= $_money or dheader($MOD['linkurl'] . 'charge.php?action=pay&amount=' . ($fee - $_money));
$db->query("INSERT INTO {$DT_PRE}finance_pay (moduleid,itemid,username,fee,currency,paytime,ip,title) VALUES ('{$mid}','{$itemid}','{$_username}','{$fee}','{$currency}','{$DT_TIME}','{$DT_IP}','" . addslashes($title) . "')");
money_add($_username, -$fee);
money_record($_username, -$fee, $L['in_site'], 'system', $L['pay_record_view'], $note);
if ($username && $fee_back) {
money_add($username, $fee_back);
money_record($username, $fee_back, $L['in_site'], 'system', $L['pay_record_back'], $note);
}
dheader($forward);
} else {
$head_title = $L['pay_title'];
$amount = 100;
$member_fee = dround($fee * $discount);
if ($member_fee > $_money) {
$amount = dround($member_fee - $_money);
}
include template('pay', $module);
}
include tpl('cash_stats', $module);
break;
case 'edit':
if ($item['status'] > 0) {
msg('此申请已受理');
}
if ($submit) {
isset($status) or msg('请指定受理结果');
$money = $item['amount'] + $item['fee'];
if ($status == 3) {
//
} else {
if ($status == 2 || $status == 1) {
$note or msg('请填写原因备注');
money_add($item['username'], $money);
money_record($item['username'], $money, '站内', 'system', '提现失败', '流水号:' . $itemid);
} else {
msg();
}
}
$db->query("UPDATE {$table} SET status={$status},editor='{$_username}',edittime={$DT_TIME},note='{$note}' WHERE itemid={$itemid}");
dmsg('受理成功', $forward);
} else {
include tpl('cash_edit', $module);
}
break;
case 'show':
if ($item['status'] == 0) {
msg('申请尚未受理');
}
include tpl('cash_show', $module);
msg('此交易无需受理');
}
if ($submit) {
isset($status) or msg('请指定受理结果');
$content or msg('请填写操作理由');
if ($status == 6) {
//已退款,买家胜 退款
$db->query("UPDATE {$DT_PRE}member SET money=money+{$item['money']},locking=locking-{$item['money']} WHERE username='******'buyer']}'");
$msg = '受理成功,交易状态已经改变为 已退款给买家';
} else {
if ($status == 7) {
//已退款,卖家胜 付款
$db->query("UPDATE {$DT_PRE}member SET locking=locking-{$item['money']} WHERE username='******'buyer']}'");
money_record($item['buyer'], -$item['money'], '站内', 'system', '订单货到付款', '订单号:' . $itemid);
money_add($item['seller'], $item['money']);
money_record($item['seller'], $item['money'], '站内', 'system', '订单货到付款', '订单号:' . $itemid);
$msg = '受理成功,交易状态已经改变为 已付款给卖家';
} else {
msg();
}
}
$db->query("UPDATE {$table} SET status={$status},editor='{$_username}',updatetime={$DT_TIME},refund_reason='{$content}' WHERE itemid={$itemid}");
msg($msg, $forward, 5);
} else {
include tpl('order_refund', $module);
}
break;
case 'show':
$cm = $db->get_one("SELECT * FROM {$DT_PRE}mall_comment WHERE itemid={$itemid}");
include tpl('order_show', $module);
break;
$r = $db->get_one("SELECT userid FROM {$DT_PRE}member WHERE mobile='{$mobile}' AND vmobile=1 AND userid<>{$_userid}");
if ($r) {
message($L['validate_mobile_exist']);
}
if ($fee && $_sms < 1) {
$fee <= $_money or message($L['money_not_enough'], $MOD['linkurl'] . 'charge.php?action=pay');
is_payword($_username, $password) or dalert($L['error_payword']);
}
$auth = random(6, '0123456789');
$content = lang('sms->sms_code', array($auth, $MOD['auth_days'])) . $DT['sms_sign'];
$sms_code = send_sms($mobile, $content);
if (strpos($sms_code, $DT['sms_ok']) !== false) {
if ($fee) {
if ($_sms < 1) {
money_add($_username, -$fee);
money_record($_username, -$fee, $L['in_site'], 'system', $L['validate_mobile_record'], $mobile);
} else {
sms_add($_username, -1);
sms_record($_username, -1, $_username, $L['validate_mobile_record'], $mobile);
}
}
$db->query("UPDATE {$DT_PRE}member SET auth='{$auth}',authvalue='{$mobile}',authtime='{$DT_TIME}' WHERE username='******'");
dheader('?code=1&action=' . $action);
} else {
message($L['send_mobile_fail']);
}
}
include template('validate', $module);
}
break;
case 'truename':
if (!$username) {
continue;
}
$r = $db->get_one("SELECT username,money FROM {$DT_PRE}member WHERE username='******'");
if (!$r) {
$error .= '<br/>会员[' . $username . ']不存在';
continue;
}
if (!$type && $r['money'] < abs($amount)) {
$error .= '<br/>会员[' . $username . ']余额不足,当前余额为:' . $r['money'];
continue;
}
$reason or $reason = '现金';
$note or $note = '手工';
money_add($username, $amount);
money_record($username, $amount, $bank, $_username, $reason, $note);
$success++;
}
if ($error) {
message('操作成功 ' . $success . ' 位会员,发生以下错误:' . $error);
}
dmsg('操作成功', '?moduleid=' . $moduleid . '&file=' . $file);
} else {
if (isset($userid)) {
if ($userid) {
$userids = is_array($userid) ? implode(',', $userid) : $userid;
$result = $db->query("SELECT username FROM {$DT_PRE}member WHERE userid IN ({$userids})");
while ($r = $db->fetch_array($result)) {
$username .= $r['username'] . "\n";
}
}
function add($member)
{
global $DT, $DT_TIME, $DT_IP, $MOD, $L;
if (!$this->is_member($member)) {
return false;
}
$member = $this->set_member($member);
$member['linkurl'] = userurl($member['username']);
$member['password'] = $member['payword'] = md5(md5($member['password']));
$member['sound'] = 1;
$member_fields = array('username', 'company', 'passport', 'password', 'payword', 'email', 'sound', 'gender', 'truename', 'mobile', 'msn', 'qq', 'ali', 'skype', 'department', 'career', 'groupid', 'regid', 'areaid', 'edittime', 'inviter');
$company_fields = array('username', 'groupid', 'company', 'type', 'catid', 'catids', 'areaid', 'mode', 'capital', 'regunit', 'size', 'regyear', 'sell', 'buy', 'business', 'telephone', 'fax', 'mail', 'address', 'postcode', 'homepage', 'introduce', 'thumb', 'keyword', 'linkurl');
$member_sqlk = $member_sqlv = $company_sqlk = $company_sqlv = '';
foreach ($member as $k => $v) {
if (in_array($k, $member_fields)) {
$member_sqlk .= ',' . $k;
$member_sqlv .= ",'{$v}'";
}
if (in_array($k, $company_fields)) {
$company_sqlk .= ',' . $k;
$company_sqlv .= ",'{$v}'";
}
}
$member_sqlk = substr($member_sqlk, 1);
$member_sqlv = substr($member_sqlv, 1);
$company_sqlk = substr($company_sqlk, 1);
$company_sqlv = substr($company_sqlv, 1);
$this->db->query("INSERT INTO {$this->table_member} ({$member_sqlk},regip,regtime,loginip,logintime) VALUES ({$member_sqlv},'{$DT_IP}','{$DT_TIME}','{$DT_IP}','{$DT_TIME}')");
$this->userid = $this->db->insert_id();
if (!$this->userid) {
return 0;
}
$member['userid'] = $this->userid;
$this->username = $member['username'];
$this->db->query("INSERT INTO {$this->table_company} (userid, {$company_sqlk}) VALUES ('{$this->userid}', {$company_sqlv})");
$content_table = content_table(4, $this->userid, is_file(DT_CACHE . '/4.part'), $this->table_company_data);
$this->db->query("INSERT INTO {$content_table} (userid, content) VALUES ('{$this->userid}', '{$member['content']}')");
if ($MOD['credit_register'] > 0) {
credit_add($this->username, $MOD['credit_register']);
credit_record($this->username, $MOD['credit_register'], 'system', $L['member_record_reg'], $DT_IP);
}
if ($MOD['money_register'] > 0) {
money_add($this->username, $MOD['money_register']);
money_record($this->username, $MOD['money_register'], $L['in_site'], 'system', $L['member_record_reg'], $DT_IP);
}
if ($MOD['sms_register'] > 0) {
sms_add($this->username, $MOD['sms_register']);
sms_record($this->username, $MOD['sms_register'], 'system', $L['member_record_reg'], $DT_IP);
}
return $this->userid;
}
$ad['fromtime'] = strtotime($post['fromtime']);
$ad['totime'] = strtotime($post['fromtime']) + 86400 * 30 * $month;
$ad['pid'] = $pid;
$ad['typeid'] = $typeid;
$ad['amount'] = $amount;
$ad['currency'] = $currency;
$ad['title'] = $post['fromtime'] . '(' . $_username . ')';
$ad['introduce'] = timetodate($DT_TIME, 5) . ' ' . $L['ad_buy_paid'] . $amount . $unit;
$ad['note'] = $post['note'] . ' - ' . $L['ad_buy_note'] . '(' . $DT_IP . ')';
$ad['status'] = 2;
$ad['username'] = $_username;
$ad = dhtmlspecialchars($ad);
if ($amount) {
if ($currency == 'money') {
money_add($_username, -$amount);
money_record($_username, -$amount, $L['in_site'], 'system', $L['pay_in_site'], $p['name'] . $L['ad_buy_title'] . $month . $L['month']);
} else {
credit_add($_username, -$amount);
credit_record($_username, -$amount, 'system', $p['name'] . $L['ad_buy_title'], $month . $L['month']);
}
}
$sqlk = $sqlv = '';
foreach ($ad as $k => $v) {
$sqlk .= ',' . $k;
$sqlv .= ",'{$v}'";
}
$sqlk = substr($sqlk, 1);
$sqlv = substr($sqlv, 1);
$db->query("INSERT INTO {$DT_PRE}ad ({$sqlk}) VALUES ({$sqlv})");
$db->query("UPDATE {$DT_PRE}ad_place SET ads=ads+1 WHERE pid={$pid}");
message($L['ad_buy_success'], '?status=2');
}
$title = $year . '年会员提现统计报表';
}
include tpl('cash_stats', $module);
break;
case 'edit':
if ($item['status'] > 0) {
msg('此申请已受理');
}
if ($submit) {
isset($status) or msg('请指定受理结果');
$money = $item['amount'] + $item['fee'];
if ($status == 3) {
money_lock($member['username'], -$money);
money_record($member['username'], -$item['amount'], $item['bank'], $_username, '提现成功');
money_record($member['username'], -$item['fee'], $item['bank'], $_username, '提现手续费');
} else {
if ($status == 2 || $status == 1) {
$note or msg('请填写原因备注');
money_lock($member['username'], -$money);
money_add($member['username'], $money);
} else {
msg();
}
}
$db->query("UPDATE {$table} SET status={$status},editor='{$_username}',edittime={$DT_TIME},note='{$note}' WHERE itemid={$itemid}");
dmsg('受理成功', $forward);
} else {
include tpl('cash_edit', $module);
}
break;
$r = $db->get_one("SELECT userid FROM {$DT_PRE}member WHERE mobile='{$mobile}' AND vmobile=1 AND userid<>{$_userid}");
if ($r) {
message($L['send_mobile_exist']);
}
if ($fee && $_sms < 1) {
$fee <= $_money or message($L['money_not_enough'], $MOD['linkurl'] . 'charge.php?action=pay');
is_payword($_username, $password) or dalert($L['error_payword']);
}
$auth = random(6, '0123456789');
$content = lang('sms->sms_code', array($auth, $MOD['auth_days'])) . $DT['sms_sign'];
$sms_code = send_sms($mobile, $content);
if (strpos($sms_code, $DT['sms_ok']) !== false) {
if ($fee) {
if ($_sms < 1) {
money_add($_username, -$fee);
money_record($_username, -$fee, $L['in_site'], $_username, $L['send_mobile_record'], $mobile);
} else {
sms_add($_username, -1);
sms_record($_username, -1, $_username, $L['send_mobile_record'], $mobile);
}
}
$db->query("UPDATE {$DT_PRE}member SET auth='{$auth}',authvalue='{$mobile}',authtime='{$DT_TIME}' WHERE username='******'");
dheader('?code=1&action=' . $action);
} else {
message($L['send_mobile_fail']);
}
}
$head_title = $L['send_mobile_title'];
include template('send', $module);
}
break;
isset($MODULE[$moduleid]) or dheader('channel.php?reload=' . $DT_TIME);
$itemid = intval($itemid);
$itemid or dheader('channel.php?reload=' . $DT_TIME);
$fee = dround($fee);
$fee > 0 or dheader('channel.php?reload=' . $DT_TIME);
$note = $MODULE[$moduleid]['name'] . '/' . $itemid;
if ($currency == 'money') {
if (isset($password)) {
is_payword($_username, $password) or mobile_msg($L['not_payword']);
$discount = $MG['discount'] > 0 && $MG['discount'] < 100 ? $MG['discount'] : 100;
$discount = dround($discount / 100);
$_fee = dround($fee * $discount);
$_money >= $_fee or mobile_msg($L['need_charge']);
$db->query("INSERT INTO {$DT_PRE}finance_pay (moduleid,itemid,username,fee,currency,paytime,ip,title) VALUES ('{$moduleid}','{$itemid}','{$_username}','{$fee}','{$currency}','{$DT_TIME}','{$DT_IP}','" . addslashes($title) . "')");
money_add($_username, -$fee);
money_record($_username, -$fee, $L['pay_by_site'], 'system', $L['pay_info'], $note);
mobile_msg($L['pay_success'], mobileurl($moduleid, 0, $itemid));
} else {
$head_title = $L['pay_title'] . $DT['seo_delimiter'] . $head_title;
$foot = 'channel';
include template('pay', 'mobile');
if (DT_CHARSET != 'UTF-8') {
toutf8();
}
}
} else {
if ($currency == 'credit') {
if ($_credit >= $fee) {
$db->query("INSERT INTO {$DT_PRE}finance_pay (moduleid,itemid,username,fee,currency,paytime,ip,title) VALUES ('{$moduleid}','{$itemid}','{$_username}','{$fee}','{$currency}','{$DT_TIME}','{$DT_IP}','" . addslashes($title) . "')");
credit_add($_username, -$fee);
credit_record($_username, -$fee, 'system', $L['pay_info'], $note);
}
}
if ($action == 'buy' && $r['fee']) {
$currency = $r['currency'];
$months = array(1, 2, 3, 6, 12, 24);
$unit = $currency == 'money' ? $DT['money_unit'] : $DT['credit_unit'];
if ($submit) {
in_array($month, $months) or message($L['style_msg_month']);
$amount = $r['fee'] * $month;
if ($currency == 'money') {
if ($amount > $_money) {
message($L['money_not_enough'], $MODULE[2]['linkurl'] . 'charge.php?action=pay&amount=' . ($amount - $_money));
}
is_payword($_username, $password) or message($L['error_payword']);
money_add($_username, -$amount);
money_record($_username, -$amount, $L['in_site'], 'system', $L['pay_in_site'], lang($L['style_record_buy'], array($r['title'], $month)));
$fd = 'money';
} else {
if ($amount > $_credit) {
message($L['credit_not_enough'], $MODULE[2]['linkurl'] . 'credit.php?action=buy&amount=' . ($amount - $_credit));
}
credit_add($_username, -$amount);
credit_record($_username, -$amount, 'system', lang($L['style_record_buy'], array($r['title'], $month)));
$fd = 'credit';
}
$styletime = $DT_TIME + 86400 * 30 * $month;
$c = $db->get_one("SELECT skin FROM {$DT_PRE}company WHERE userid={$_userid}");
$c['skin'] or $c['skin'] = 'default';
$o = $db->get_one("SELECT itemid FROM {$DT_PRE}style WHERE skin='{$c['skin']}'");
if ($o) {
$db->query("UPDATE {$DT_PRE}style SET hits=hits-1 WHERE itemid={$o['itemid']} AND hits>1");
$title = '[' . $seller . '] ' . $title;
}
}
include tpl('order_stats', $module);
break;
case 'refund':
$itemid or msg('未选择记录');
$itemids = is_array($itemid) ? implode(',', $itemid) : $itemid;
$i = 0;
$result = $db->query("SELECT * FROM {$table} WHERE itemid IN ({$itemids})");
while ($r = $db->fetch_array($result)) {
if ($r['status'] < 3) {
$i++;
$itemid = $r['itemid'];
money_add($r['buyer'], $r['amount']);
money_record($r['buyer'], $r['amount'], '站内', 'system', '团购退款', '订单号:' . $itemid);
$db->query("UPDATE {$table} SET status=4,editor='{$_username}',updatetime={$DT_TIME} WHERE itemid={$itemid}");
}
}
dmsg('退款成功' . $i . '个订单', $forward);
break;
case 'show':
$itemid or msg('未指定记录');
$item = $db->get_one("SELECT * FROM {$table} WHERE itemid={$itemid} ");
$item or msg('记录不存在');
$item['linkurl'] = $EXT['linkurl'] . 'redirect.php?mid=' . $moduleid . '&itemid=' . $item['gid'];
$item['money'] = $item['amount'];
$item['addtime'] = timetodate($item['addtime'], 6);
$item['updatetime'] = timetodate($item['updatetime'], 6);
include tpl('order_show', $module);
break;
$r = $db->get_one("SELECT * FROM {$DT_PRE}finance_charge WHERE username='******' ORDER BY itemid DESC");
}
if ($r) {
$charge_orderid = $r['itemid'];
$charge_money = $r['amount'] + $r['fee'];
$charge_amount = $r['amount'];
if ($r['status'] == 0) {
$receive_url = '';
$bank = $r['bank'];
$editor = 'R' . $bank;
$note = '';
include DT_ROOT . '/api/pay/' . $bank . '/receive.inc.php';
if ($charge_status == 1) {
$db->query("UPDATE {$DT_PRE}finance_charge SET status=3,money={$charge_money},receivetime='{$DT_TIME}',editor='{$editor}' WHERE itemid={$charge_orderid}");
money_add($r['username'], $r['amount']);
money_record($r['username'], $r['amount'], $PAY[$bank]['name'], 'system', $L['charge_online'], $L['charge_id'] . ':' . $charge_orderid);
if ($MOD['credit_charge'] > 0) {
$credit = intval($r['amount'] * $MOD['credit_charge']);
if ($credit > 0) {
credit_add($r['username'], $credit);
credit_record($r['username'], $credit, 'system', $L['charge_reward'], $L['charge'] . $r['amount'] . $DT['money_unit']);
}
}
if ($r['reason']) {
$url = get_reason_url($r['reason']);
if ($url) {
$charge_forward = $url;
}
}
if ($bank == 'tenpay') {
$show_url = $charge_forward ? $charge_forward : 'charge.php';
$head_title = $L['sms_add_title'];
}
break;
case 'buy':
$fee = $DT['sms_fee'];
$fee or message($L['sms_msg_no_price']);
if ($fee) {
if ($submit) {
is_payword($_username, $password) or message($L['error_payword']);
$total = intval($total);
$total > 0 or message($L['sms_msg_buy_num']);
$amount = $total * $fee;
if ($amount > 0) {
$_money >= $amount or message($L['money_not_enough'], 'charge.php?action=pay&amount=' . ($amount - $_money));
money_add($_username, -$amount);
money_record($_username, -$amount, $L['in_site'], 'system', $L['sms_buy_note'], $total);
sms_add($_username, $total);
sms_record($_username, $total, 'system', $L['sms_buy_record'], $amount . $DT['money_unit']);
}
dmsg($L['sms_buy_success'], '?action=index');
}
} else {
message($L['sms_msg_no_price']);
}
$head_title = $L['sms_buy_title'];
break;
case 'record':
isset($fromtime) or $fromtime = '';
isset($totime) or $totime = '';
$condition = "mobile='{$mobile}'";
if ($keyword) {
<?php
defined('IN_DESTOON') or exit('Access Denied');
login();
require DT_ROOT . '/module/' . $module . '/common.inc.php';
require DT_ROOT . '/include/post.func.php';
switch ($action) {
case 'add':
if ($submit) {
$num = intval($num);
$num >= 1 or $num = 1;
$money = $MOD['deposit'] * $num;
$money <= $_money or dheader('charge.php?action=pay&reason=deposit|' . $num . '&amount=' . ($money - $_money));
is_payword($_username, $password) or message($L['error_payword']);
money_add($_username, -$money);
money_record($_username, -$money, $L['in_site'], 'system', $L['deposit_title_add']);
$db->query("INSERT INTO {$DT_PRE}finance_deposit (username,amount,addtime,editor) VALUES ('{$_username}','{$money}','{$DT_TIME}','{$_username}')");
$db->query("UPDATE {$DT_PRE}member SET deposit=deposit+{$money} WHERE userid={$_userid}");
dmsg($L['op_success'], '?action=index');
} else {
$amount = $MOD['deposit'];
if ($sum > 1) {
$amount = $MOD['deposit'] * $sum;
}
$head_title = $L['deposit_title_add'];
}
break;
default:
$condition = "username='******'";
isset($fromtime) or $fromtime = '';
isset($totime) or $totime = '';
$gone = $DT_TIME - $td['updatetime'];
if (!in_array($td['status'], array(1, 2)) || $td['seller'] != $_username || $gone < $MOD['trade_day'] * 86400 + $td['add_time'] * 3600) {
message($L['group_msg_deny']);
}
//交易成功
$money = $td['amount'];
money_add($td['seller'], $money);
money_record($td['seller'], $money, $L['in_site'], 'system', $L['group_record_pay'], lang($L['group_buyer_timeout'], array($itemid)));
//网站服务费
$G = $db->get_one("SELECT groupid FROM {$DT_PRE}member WHERE username='******'seller'] . "'");
$SG = cache_read('group-' . $G['groupid'] . '.php');
if ($SG['commission']) {
$fee = dround($money * $SG['commission'] / 100);
if ($fee > 0) {
money_add($td['seller'], -$fee);
money_record($td['seller'], -$fee, $L['in_site'], 'system', $L['trade_fee'], $L['trade_order_id'] . $itemid);
}
}
$db->query("UPDATE {$table} SET status=3,updatetime={$DT_TIME} WHERE itemid={$itemid}");
message($L['group_success'], $forward, 3);
break;
}
} else {
if ($action == 'express') {
//我的快递
$sfields = $L['express_sfields'];
$dfields = array('title', 'title', 'send_type ', 'send_no');
isset($fields) && isset($dfields[$fields]) or $fields = 0;
$status = isset($status) && isset($dsend_status[$status]) ? intval($status) : '';
$type = isset($type) ? intval($type) : 0;
$fields_select = dselect($sfields, 'fields', '', $fields);
property_check($post_ppt);
}
$do->add($post);
if ($FD) {
fields_update($post_fields, $table, $do->itemid);
}
if ($CP) {
property_update($post_ppt, $moduleid, $post['catid'], $do->itemid);
}
if ($MOD['show_html'] && $post['status'] > 2) {
$do->tohtml($do->itemid);
}
if ($fee_add) {
if ($fee_currency == 'money') {
money_add($_username, -$fee_add);
money_record($_username, -$fee_add, $L['in_site'], 'system', lang($L['credit_record_add'], array($MOD['name'])), 'ID:' . $do->itemid);
} else {
credit_add($_username, -$fee_add);
credit_record($_username, -$fee_add, 'system', lang($L['credit_record_add'], array($MOD['name'])), 'ID:' . $do->itemid);
}
}
$msg = $post['status'] == 2 ? $L['success_check'] : $L['success_add'];
$js = '';
if (isset($post['sync_sina']) && $post['sync_sina']) {
$js .= sync_weibo('sina', $moduleid, $do->itemid);
}
if (isset($post['sync_qq']) && $post['sync_qq']) {
$js .= sync_weibo('qq', $moduleid, $do->itemid);
}
if (isset($post['sync_qzone']) && $post['sync_qzone']) {
$js .= sync_weibo('qzone', $moduleid, $do->itemid);
//交易成功
break;
case 'get_pay':
//买家确认超时 卖家申请直接付款
if ($DT['trade']) {
exit(include DT_ROOT . '/api/trade/' . $DT['trade'] . '/update.inc.php');
}
$gone = $DT_TIME - $td['updatetime'];
if ($td['status'] != 3 || $td['seller'] != $_username || $gone < $MOD['trade_day'] * 86400 + $td['add_time'] * 3600) {
message($L['trade_msg_deny']);
}
$money = $td['amount'] + $td['fee'];
money_lock($td['buyer'], -$money);
money_record($td['buyer'], -$money, $L['in_site'], 'system', $L['trade_record_pay'], lang($L['trade_buyer_timeout'], array($itemid)));
money_add($_username, $money);
money_record($_username, $money, $L['in_site'], 'system', $L['trade_record_pay'], lang($L['trade_buyer_timeout'], array($itemid)));
$db->query("UPDATE {$table} SET status=4,updatetime={$DT_TIME} WHERE itemid={$itemid}");
//更新商品数据
$db->query("UPDATE {$DT_PRE}mall SET orders=orders+1,sales=sales+{$td['number']},amount=amount-{$td['number']} WHERE itemid={$mallid}");
message($L['trade_success'], $forward, 3);
//交易成功
break;
case 'comment':
//交易评价
if ($submit) {
$star = intval($star);
in_array($star, array(1, 2, 3)) or $star = 3;
$content = htmlspecialchars($content);
}
if ($_username == $td['seller']) {
if ($td['buyer_star']) {
