function edit($post) { global $DT_PRE, $_username, $DT_TIME, $GROUP, $L; $item = $this->get_one(); $user = $item['username'] ? userinfo($item['username']) : array(); $gsql = $msql = $csql = ''; $gsql = "edittime={$DT_TIME},editor='{$_username}',status={$post['status']},note='{$post['note']}'"; if ($post['status'] == 1) { //reject if ($user) { if ($post['message'] && $post['content']) { send_message($user['username'], lang($L['grade_fail'], array($GROUP[$item['groupid']]['groupname'])), nl2br($post['content'])); $gsql .= ",message=1"; } if ($item['amount']) { money_add($item['username'], $item['amount']); money_record($item['username'], $item['amount'], $L['in_site'], 'system', $L['grade_title'], $L['grade_return']); } } } else { if ($post['status'] == 2) { // } else { if ($post['status'] == 3) { if ($user) { if (isset($post['pay']) && $post['pay']) { if ($user['money'] < $post['pay']) { return $this->_($L['grade_pass_balance']); } else { money_add($item['username'], -$post['pay']); money_record($item['username'], -$post['pay'], $L['in_site'], 'system', $L['grade_title'], $L['grade_upto'] . $GROUP[$item['groupid']]['groupname']); } } $msql = $csql = "groupid={$item['groupid']},company='{$item['company']}'"; $vip = $GROUP[$item['groupid']]['vip']; $csql .= ",vip={$vip},vipt={$vip}"; if (isset($post['pay'])) { $csql .= ",fromtime=" . strtotime($post['fromtime']) . ",totime=" . strtotime($post['totime']) . ",validtime=" . strtotime($post['validtime']) . ",validator='{$post['validator']}',validated={$post['validated']}"; } if ($post['message'] && $post['content']) { send_message($user['username'], lang($L['grade_success'], array($GROUP[$item['groupid']]['groupname'])), nl2br($post['content'])); $gsql .= ",message=1"; } } } } } $this->db->query("UPDATE {$this->table} SET {$gsql} WHERE itemid={$this->itemid}"); if ($msql) { $this->db->query("UPDATE {$DT_PRE}member SET {$msql} WHERE userid={$item['userid']}"); } if ($csql) { $this->db->query("UPDATE {$DT_PRE}company SET {$csql} WHERE userid={$item['userid']}"); } return true; }
$fee = dround($amount * $MOD['cash_fee'] / 100); if ($MOD['cash_fee_min'] && $fee < $MOD['cash_fee_min']) { $fee = $MOD['cash_fee_min']; } if ($MOD['cash_fee_max'] && $fee > $MOD['cash_fee_max']) { $fee = $MOD['cash_fee_max']; } } $money = $amount - $fee; if ($submit) { is_payword($_username, $password) or message($L['error_payword']); $member = daddslashes($member); $name = $member['banktype'] ? $member['company'] : $member['truename']; $db->query("INSERT INTO {$DT_PRE}finance_cash (username,bank,banktype,branch,account,truename,amount,fee,addtime,ip) VALUES ('{$_username}','{$member['bank']}','{$member['banktype']}','{$member['branch']}','{$member['account']}','{$name}','{$money}','{$fee}','{$DT_TIME}','{$DT_IP}')"); $cid = $db->insert_id(); money_add($_username, -$amount); money_record($_username, -$amount, $L['in_site'], 'system', $L['cash_title'], $L['charge_id'] . $cid); message($L['cash_msg_success'], '?action=record', 5); } else { $head_title = $L['cash_title_confirm']; } break; default: $MOD['cash_enable'] or message($L['feature_close'], $MOD['linkurl'], 3); if (!$member['bank'] || !$member['account']) { message($L['cash_msg_account'], '?action=setting'); } $head_title = $L['cash_title']; break; } include template('cash', $module);
//注意交易单不要重复处理 //注意判断返回金额 $total_fee = ($total_fee + $discount) / 100; $out_trade_no = intval($out_trade_no); $r = $db->get_one("SELECT * FROM {$DT_PRE}finance_charge WHERE itemid='{$out_trade_no}'"); if ($r) { if ($r['status'] == 0) { $charge_orderid = $r['itemid']; $charge_money = $r['amount'] + $r['fee']; $charge_amount = $r['amount']; $editor = 'N' . $bank; if ($total_fee == $charge_money) { $db->query("UPDATE {$DT_PRE}finance_charge SET status=3,money={$charge_money},receivetime='{$DT_TIME}',editor='{$editor}' WHERE itemid={$charge_orderid}"); require DT_ROOT . '/include/module.func.php'; money_add($r['username'], $r['amount']); money_record($r['username'], $r['amount'], $PAY[$bank]['name'], 'system', '在线充值', '订单ID:' . $charge_orderid); $MOD = cache_read('module-2.php'); if ($MOD['credit_charge'] > 0) { $credit = intval($r['amount'] * $MOD['credit_charge']); if ($credit > 0) { credit_add($r['username'], $credit); credit_record($r['username'], $credit, 'system', '充值奖励', '充值' . $r['amount'] . $DT['money_unit']); } } exit('success'); } else { $note = '充值金额不匹配S:' . $charge_money . 'R:' . $total_fee; $db->query("UPDATE {$DT_PRE}finance_charge SET status=1,receivetime='{$DT_TIME}',editor='{$editor}',note='{$note}' WHERE itemid={$charge_orderid}"); //支付失败 #log_result($note); exit('fail');
} } $months = $next_month + $buy_month; $year = floor($months / 12); if ($months % 12 == 0) { $to_month = 12; $to_year = $next_year + $year - 1; } else { $to_month = $months % 12; $to_year = $next_year + $year; } $totime = strtotime($to_year . '-' . $to_month . '-1'); $status = $EXT['spread_check'] ? 2 : 3; if ($currency == 'money') { money_add($_username, -$amount); money_record($_username, -$amount, $L['in_site'], 'system', $MODULE[$mid]['name'] . $L['spread_title'], $word . '(' . $L['spread_infoid'] . $buy_tid . ')'); } else { credit_add($_username, -$amount); credit_record($_username, -$amount, 'system', $MODULE[$mid]['name'] . $L['spread_title'], $word . '(ID:' . $buy_tid . ')'); } $db->query("INSERT INTO {$DT_PRE}spread (mid,tid,word,price,currency,company,username,addtime,fromtime,totime,status) VALUES ('{$mid}','{$buy_tid}','{$word}','{$buy_price}','{$currency}','{$_company}','{$_username}','{$DT_TIME}','{$next_time}','{$totime}','{$status}')"); dmsg($L['spread_msg_success'], '?status=' . $status); } else { // } } else { dheader($EXT['spread_url']); } } else { $status = isset($status) ? intval($status) : 3; in_array($status, array(2, 3)) or $status = 3;
} $card = $db->get_one("SELECT * FROM {$DT_PRE}finance_card WHERE number='{$number}'"); if ($card) { if ($card['updatetime']) { wap_msg($L['not_card_number']); } if ($card['totime'] < $DT_TIME) { wap_msg($L['not_card_number']); } if ($card['password'] != $password) { wap_msg($L['not_card_password']); } $db->query("INSERT INTO {$DT_PRE}finance_charge (username,bank,amount,money,sendtime,receivetime,editor,status,note) VALUES ('{$_username}','card', '{$card['amount']}','{$card['amount']}','{$DT_TIME}','{$DT_TIME}','system','3','{$number}')"); $db->query("UPDATE {$DT_PRE}finance_card SET username='******',updatetime='{$DT_TIME}',ip='{$DT_IP}' WHERE itemid='{$card['itemid']}'"); money_add($_username, $card['amount']); money_record($_username, $card['amount'], $L['by_card'], 'system', $L['card_charge'], $number . '(WAP)'); $_money = $_money + $card['amount']; wap_msg($L['charge_success'], $forward); } else { wap_msg($L['not_card_number']); } } else { $head_title = $L['card_charge'] . $DT['seo_delimiter'] . $head_title; include template('charge', $TP); } break; case 'message_send': if (!$_userid) { wap_msg($L['please_login'], 'index.php?moduleid=' . $moduleid . '&action=login'); } if ($submit) {
$buyer_name = htmlspecialchars($user['truename']); $buyer_phone = htmlspecialchars($user['telephone']); $buyer_receive = ''; } $buyer_mobile = htmlspecialchars($add['mobile']); is_mobile($buyer_mobile) or message($L['msg_type_mobile']); $number = intval($number); if ($number < 1) { $number = 1; } $amount = $number * $item['price']; if ($amount > $_money) { message($L['need_charge'], 'charge.php?action=pay&amount=' . ($amount - $_money)); } money_add($_username, -$amount); money_record($_username, -$amount, $L['in_site'], 'system', $L['group_order_credit'], 'ID(' . $itemid . ')'); $note = htmlspecialchars($note); $title = addslashes($item['title']); $password = strtolower(random(6)); $db->query("INSERT INTO {$DT_PRE}group_order (gid,buyer,seller,title,thumb,price,number,amount,logistic,addtime,updatetime,note,password, buyer_postcode,buyer_address,buyer_name,buyer_phone,buyer_mobile,buyer_receive) VALUES ('{$itemid}','{$_username}','{$item['username']}','{$title}','{$item['thumb']}','{$item['price']}','{$number}','{$amount}','{$item['logistic']}','{$DT_TIME}','{$DT_TIME}','{$note}','{$password}','{$buyer_postcode}','{$buyer_address}','{$buyer_name}','{$buyer_phone}','{$buyer_mobile}','{$buyer_receive}')"); //send sms if ($DT['sms'] && !$item['logistic']) { $oid = $db->insert_id(); $message = lang('sms->ord_group', array($item['title'], $oid, $password)); $message = strip_sms($message); send_sms($buyer_mobile, $message); } //send sms $db->query("UPDATE {$DT_PRE}group SET orders=orders+1,sales=sales+{$number} WHERE itemid={$itemid}"); message($L['msg_buy_success'], $MODULE[2]['linkurl'] . 'group.php?action=order', 3); } else {
$chart_data .= ';' . $num; $T4 += $num; } $title = $year . '年会员充值统计报表'; } include tpl('charge_stats', $module); break; case 'check': $itemid or msg('请选择记录'); $itemid = implode(',', $itemid); $result = $db->query("SELECT * FROM {$table} WHERE itemid IN ({$itemid}) AND status<2"); $i = 0; while ($r = $db->fetch_array($result)) { $money = $r['amount'] + $r['fee']; money_add($r['username'], $r['amount']); money_record($r['username'], $r['amount'], $PAY[$r['bank']]['name'], $_username, '在线充值', '人工'); $db->query("UPDATE {$table} SET money='{$money}',status=4,editor='{$_username}',receivetime={$DT_TIME} WHERE itemid={$r['itemid']}"); $i++; } dmsg('审核成功' . $i . '条记录', $forward); break; case 'recycle': $itemid or msg('请选择记录'); $itemid = implode(',', $itemid); $db->query("UPDATE {$table} SET status=2,editor='{$_username}',receivetime={$DT_TIME} WHERE itemid IN ({$itemid}) AND status=0"); dmsg('作废成功' . $db->affected_rows() . '条记录', $forward); break; case 'delete': $itemid or msg('请选择记录'); $itemid = implode(',', $itemid); $db->query("DELETE FROM {$table} WHERE itemid IN ({$itemid}) AND status=0");
} $head_title = $L['credit_exchange_title']; break; case 'buy': if ($MOD['credit_buy'] && $MOD['credit_price']) { $C = explode('|', trim($MOD['credit_buy'])); $P = explode('|', trim($MOD['credit_price'])); if ($submit) { is_payword($_username, $password) or message($L['error_payword']); array_key_exists($type, $C) or message($L['credit_msg_buy_amount']); $amount = $P[$type]; $credit = $C[$type]; if ($amount > 0) { $_money >= $amount or message($L['money_not_enough'], 'charge.php?action=pay&reason=credit&amount=' . ($amount - $_money)); money_add($_username, -$amount); money_record($_username, -$amount, $L['in_site'], 'system', $L['buy'] . $DT['credit_name'], $credit . $DT['credit_unit']); if ($credit > 0) { credit_add($_username, $credit); credit_record($_username, $credit, 'system', $L['buy'] . $DT['credit_name'], $amount . $DT['money_unit']); } } dmsg($L['credit_msg_buy_success'], $forward ? $forward : '?action=index'); } else { $select = isset($C[$sum]) ? $sum : 0; } } else { message($L['feature_close'], '?action=index'); } $head_title = $L['credit_buy_title']; break; case 'invite':
money_add($_username, -$amount); money_record($_username, -$amount, $L['in_site'], 'system', $L['grade_title'], $GROUP[$groupid]['groupname']); } else { $amount = 0; } } else { $promo_amount = $fee; $amount = 0; } } $db->query("UPDATE {$DT_PRE}finance_promo SET username='******',ip='{$DT_IP}'," . ($p['reuse'] ? "updatetime=updatetime+1" : "updatetime='{$DT_TIME}'") . " WHERE number='{$promo_code}'"); } else { if ($_money > $fee) { $amount = $fee; money_add($_username, -$amount); money_record($_username, -$amount, $L['in_site'], 'system', $L['grade_title'], $GROUP[$groupid]['groupname']); } } } $company = htmlspecialchars(trim($company)); $truename = htmlspecialchars(trim($truename)); $telephone = htmlspecialchars(trim($telephone)); $mobile = htmlspecialchars(trim($mobile)); $email = htmlspecialchars(trim($email)); $msn = htmlspecialchars(trim($msn)); $qq = htmlspecialchars(trim($qq)); $ali = htmlspecialchars(trim($ali)); $skype = htmlspecialchars(trim($skype)); $content = htmlspecialchars(trim($content)); $db->query("INSERT INTO {$DT_PRE}upgrade (userid,username,groupid,company,truename,telephone,mobile,email,msn,qq,ali,skype,content,addtime,ip,amount,promo_code,promo_type,promo_amount,status) VALUES ('{$_userid}','{$_username}', '{$groupid}','{$company}','{$truename}','{$telephone}','{$mobile}','{$email}','{$msn}','{$qq}','{$ali}','{$skype}','{$content}', '{$DT_TIME}', '{$DT_IP}','{$amount}','{$promo_code}','{$promo_type}','{$promo_amount}','2')"); message($L['grade_msg_success'], DT_PATH, 5);
//批量付款 if ($submit) { $itemid && is_array($itemid) or message($L['trade_msg_muti_choose']); is_payword($_username, $password) or message($L['error_payword']); $itemids = implode(',', $itemid); $condition = "buyer='{$_username}' AND status=1 AND itemid IN ({$itemids})"; $result = $db->query("SELECT * FROM {$table} WHERE {$condition} ORDER BY itemid DESC LIMIT 50"); while ($td = $db->fetch_array($result)) { $itemid = $td['itemid']; $money = $td['amount'] + $td['fee']; if ($_money < $money) { break; } $seller = userinfo($td['seller']); money_add($_username, -$money); money_record($_username, -$money, $L['in_site'], 'system', $L['trade_pay_order_title'], $L['trade_order_id'] . ':' . $itemid); $db->query("UPDATE {$table} SET status=2,updatetime={$DT_TIME} WHERE itemid={$itemid}"); $_money = $_money - $money; $touser = $td['seller']; $title = lang($L['trade_message_t2'], array($itemid)); $url = $memberurl . 'trade.php?itemid=' . $itemid; $content = lang($L['trade_message_c2'], array($myurl, $_username, $timenow, $url)); $content = ob_template('messager', 'mail'); send_message($touser, $title, $content); //send sms if ($DT['sms'] && $_sms && $touser && isset($sendsms)) { $touser = userinfo($touser); if ($touser['mobile']) { $message = lang('sms->ord_pay', array($itemid, $money)); $message = strip_sms($message); $word = word_count($message);
} $vip['username'] = trim($vip['username']); $money = dround($money); $credit = intval($credit); $sms = intval($sms); $usernames = explode("\n", trim($vip['username'])); foreach ($usernames as $username) { $username = trim($username); if (!$username) { continue; } $vip['username'] = $username; $do->vip_edit($vip); if ($money) { money_add($username, $money); money_record($username, $money, '站内', $_username, $reason, $GROUP[$vip['groupid']]['groupname']); } if ($credit) { credit_add($username, $credit); credit_record($username, $credit, $_username, $reason, $GROUP[$vip['groupid']]['groupname']); } if ($sms) { sms_add($username, $sms); sms_record($username, $sms, $_username, $reason, $GROUP[$vip['groupid']]['groupname']); } } dmsg('添加成功', $this_forward); } else { isset($username) or $username = ''; if (isset($userid)) { if ($userid) {
<?php defined('IN_DESTOON') or exit('Access Denied'); login(); require DT_ROOT . '/module/' . $module . '/common.inc.php'; require DT_ROOT . '/include/post.func.php'; require MD_ROOT . '/member.class.php'; $do = new member(); $do->userid = $_userid; $user = $do->get_one(); if (!$MG['vip'] || !$MG['fee'] || $user['totime'] < $DT_TIME) { dheader($MOD['linkurl']); } if ($submit) { is_payword($_username, $password) or message($L['error_payword']); $year = intval($year); in_array($year, array(1, 2, 3)) or $year = 1; $fee = dround($MG['fee'] * $year); $fee > 0 or message($L['renew_msg_fee']); $fee <= $_money or message($L['money_not_enough'], $MOD['linkurl'] . 'charge.php?action=pay&amount=' . ($fee - $_money)); $totime = $user['totime'] + 365 * 86400 * $year; money_add($_username, -$fee); money_record($_username, -$fee, $L['in_site'], 'system', $L['renew_title'], lang($L['renew_record'], array($year, timetodate($totime, 3)))); $db->query("UPDATE {$DT_PRE}company SET totime={$totime} WHERE userid={$_userid}"); dmsg($L['renew_msg_success'], $MOD['linkurl']); } else { $head_title = $L['renew_title']; $havedays = ceil(($user['totime'] - $DT_TIME) / 86400); $todate = timetodate($user['totime'], 3); include template('renew', $module); }
credit_record($username, $fee_back, 'system', $L['pay_record_back'], $note); } dheader($forward); } else { dheader($MOD['linkurl'] . 'credit.php?action=buy'); } } $discount = $MG['discount'] > 0 && $MG['discount'] < 100 ? $MG['discount'] : 100; $discount = dround($discount / 100); if ($submit) { is_payword($_username, $password) or message($L['error_payword']); $fee = dround($fee * $discount); $fee > 0 or message($L['pay_msg_fee']); $fee <= $_money or dheader($MOD['linkurl'] . 'charge.php?action=pay&amount=' . ($fee - $_money)); $db->query("INSERT INTO {$DT_PRE}finance_pay (moduleid,itemid,username,fee,currency,paytime,ip,title) VALUES ('{$mid}','{$itemid}','{$_username}','{$fee}','{$currency}','{$DT_TIME}','{$DT_IP}','" . addslashes($title) . "')"); money_add($_username, -$fee); money_record($_username, -$fee, $L['in_site'], 'system', $L['pay_record_view'], $note); if ($username && $fee_back) { money_add($username, $fee_back); money_record($username, $fee_back, $L['in_site'], 'system', $L['pay_record_back'], $note); } dheader($forward); } else { $head_title = $L['pay_title']; $amount = 100; $member_fee = dround($fee * $discount); if ($member_fee > $_money) { $amount = dround($member_fee - $_money); } include template('pay', $module); }
include tpl('cash_stats', $module); break; case 'edit': if ($item['status'] > 0) { msg('此申请已受理'); } if ($submit) { isset($status) or msg('请指定受理结果'); $money = $item['amount'] + $item['fee']; if ($status == 3) { // } else { if ($status == 2 || $status == 1) { $note or msg('请填写原因备注'); money_add($item['username'], $money); money_record($item['username'], $money, '站内', 'system', '提现失败', '流水号:' . $itemid); } else { msg(); } } $db->query("UPDATE {$table} SET status={$status},editor='{$_username}',edittime={$DT_TIME},note='{$note}' WHERE itemid={$itemid}"); dmsg('受理成功', $forward); } else { include tpl('cash_edit', $module); } break; case 'show': if ($item['status'] == 0) { msg('申请尚未受理'); } include tpl('cash_show', $module);
msg('此交易无需受理'); } if ($submit) { isset($status) or msg('请指定受理结果'); $content or msg('请填写操作理由'); if ($status == 6) { //已退款,买家胜 退款 $db->query("UPDATE {$DT_PRE}member SET money=money+{$item['money']},locking=locking-{$item['money']} WHERE username='******'buyer']}'"); $msg = '受理成功,交易状态已经改变为 已退款给买家'; } else { if ($status == 7) { //已退款,卖家胜 付款 $db->query("UPDATE {$DT_PRE}member SET locking=locking-{$item['money']} WHERE username='******'buyer']}'"); money_record($item['buyer'], -$item['money'], '站内', 'system', '订单货到付款', '订单号:' . $itemid); money_add($item['seller'], $item['money']); money_record($item['seller'], $item['money'], '站内', 'system', '订单货到付款', '订单号:' . $itemid); $msg = '受理成功,交易状态已经改变为 已付款给卖家'; } else { msg(); } } $db->query("UPDATE {$table} SET status={$status},editor='{$_username}',updatetime={$DT_TIME},refund_reason='{$content}' WHERE itemid={$itemid}"); msg($msg, $forward, 5); } else { include tpl('order_refund', $module); } break; case 'show': $cm = $db->get_one("SELECT * FROM {$DT_PRE}mall_comment WHERE itemid={$itemid}"); include tpl('order_show', $module); break;
$r = $db->get_one("SELECT userid FROM {$DT_PRE}member WHERE mobile='{$mobile}' AND vmobile=1 AND userid<>{$_userid}"); if ($r) { message($L['validate_mobile_exist']); } if ($fee && $_sms < 1) { $fee <= $_money or message($L['money_not_enough'], $MOD['linkurl'] . 'charge.php?action=pay'); is_payword($_username, $password) or dalert($L['error_payword']); } $auth = random(6, '0123456789'); $content = lang('sms->sms_code', array($auth, $MOD['auth_days'])) . $DT['sms_sign']; $sms_code = send_sms($mobile, $content); if (strpos($sms_code, $DT['sms_ok']) !== false) { if ($fee) { if ($_sms < 1) { money_add($_username, -$fee); money_record($_username, -$fee, $L['in_site'], 'system', $L['validate_mobile_record'], $mobile); } else { sms_add($_username, -1); sms_record($_username, -1, $_username, $L['validate_mobile_record'], $mobile); } } $db->query("UPDATE {$DT_PRE}member SET auth='{$auth}',authvalue='{$mobile}',authtime='{$DT_TIME}' WHERE username='******'"); dheader('?code=1&action=' . $action); } else { message($L['send_mobile_fail']); } } include template('validate', $module); } break; case 'truename':
if (!$username) { continue; } $r = $db->get_one("SELECT username,money FROM {$DT_PRE}member WHERE username='******'"); if (!$r) { $error .= '<br/>会员[' . $username . ']不存在'; continue; } if (!$type && $r['money'] < abs($amount)) { $error .= '<br/>会员[' . $username . ']余额不足,当前余额为:' . $r['money']; continue; } $reason or $reason = '现金'; $note or $note = '手工'; money_add($username, $amount); money_record($username, $amount, $bank, $_username, $reason, $note); $success++; } if ($error) { message('操作成功 ' . $success . ' 位会员,发生以下错误:' . $error); } dmsg('操作成功', '?moduleid=' . $moduleid . '&file=' . $file); } else { if (isset($userid)) { if ($userid) { $userids = is_array($userid) ? implode(',', $userid) : $userid; $result = $db->query("SELECT username FROM {$DT_PRE}member WHERE userid IN ({$userids})"); while ($r = $db->fetch_array($result)) { $username .= $r['username'] . "\n"; } }
function add($member) { global $DT, $DT_TIME, $DT_IP, $MOD, $L; if (!$this->is_member($member)) { return false; } $member = $this->set_member($member); $member['linkurl'] = userurl($member['username']); $member['password'] = $member['payword'] = md5(md5($member['password'])); $member['sound'] = 1; $member_fields = array('username', 'company', 'passport', 'password', 'payword', 'email', 'sound', 'gender', 'truename', 'mobile', 'msn', 'qq', 'ali', 'skype', 'department', 'career', 'groupid', 'regid', 'areaid', 'edittime', 'inviter'); $company_fields = array('username', 'groupid', 'company', 'type', 'catid', 'catids', 'areaid', 'mode', 'capital', 'regunit', 'size', 'regyear', 'sell', 'buy', 'business', 'telephone', 'fax', 'mail', 'address', 'postcode', 'homepage', 'introduce', 'thumb', 'keyword', 'linkurl'); $member_sqlk = $member_sqlv = $company_sqlk = $company_sqlv = ''; foreach ($member as $k => $v) { if (in_array($k, $member_fields)) { $member_sqlk .= ',' . $k; $member_sqlv .= ",'{$v}'"; } if (in_array($k, $company_fields)) { $company_sqlk .= ',' . $k; $company_sqlv .= ",'{$v}'"; } } $member_sqlk = substr($member_sqlk, 1); $member_sqlv = substr($member_sqlv, 1); $company_sqlk = substr($company_sqlk, 1); $company_sqlv = substr($company_sqlv, 1); $this->db->query("INSERT INTO {$this->table_member} ({$member_sqlk},regip,regtime,loginip,logintime) VALUES ({$member_sqlv},'{$DT_IP}','{$DT_TIME}','{$DT_IP}','{$DT_TIME}')"); $this->userid = $this->db->insert_id(); if (!$this->userid) { return 0; } $member['userid'] = $this->userid; $this->username = $member['username']; $this->db->query("INSERT INTO {$this->table_company} (userid, {$company_sqlk}) VALUES ('{$this->userid}', {$company_sqlv})"); $content_table = content_table(4, $this->userid, is_file(DT_CACHE . '/4.part'), $this->table_company_data); $this->db->query("INSERT INTO {$content_table} (userid, content) VALUES ('{$this->userid}', '{$member['content']}')"); if ($MOD['credit_register'] > 0) { credit_add($this->username, $MOD['credit_register']); credit_record($this->username, $MOD['credit_register'], 'system', $L['member_record_reg'], $DT_IP); } if ($MOD['money_register'] > 0) { money_add($this->username, $MOD['money_register']); money_record($this->username, $MOD['money_register'], $L['in_site'], 'system', $L['member_record_reg'], $DT_IP); } if ($MOD['sms_register'] > 0) { sms_add($this->username, $MOD['sms_register']); sms_record($this->username, $MOD['sms_register'], 'system', $L['member_record_reg'], $DT_IP); } return $this->userid; }
$ad['fromtime'] = strtotime($post['fromtime']); $ad['totime'] = strtotime($post['fromtime']) + 86400 * 30 * $month; $ad['pid'] = $pid; $ad['typeid'] = $typeid; $ad['amount'] = $amount; $ad['currency'] = $currency; $ad['title'] = $post['fromtime'] . '(' . $_username . ')'; $ad['introduce'] = timetodate($DT_TIME, 5) . ' ' . $L['ad_buy_paid'] . $amount . $unit; $ad['note'] = $post['note'] . ' - ' . $L['ad_buy_note'] . '(' . $DT_IP . ')'; $ad['status'] = 2; $ad['username'] = $_username; $ad = dhtmlspecialchars($ad); if ($amount) { if ($currency == 'money') { money_add($_username, -$amount); money_record($_username, -$amount, $L['in_site'], 'system', $L['pay_in_site'], $p['name'] . $L['ad_buy_title'] . $month . $L['month']); } else { credit_add($_username, -$amount); credit_record($_username, -$amount, 'system', $p['name'] . $L['ad_buy_title'], $month . $L['month']); } } $sqlk = $sqlv = ''; foreach ($ad as $k => $v) { $sqlk .= ',' . $k; $sqlv .= ",'{$v}'"; } $sqlk = substr($sqlk, 1); $sqlv = substr($sqlv, 1); $db->query("INSERT INTO {$DT_PRE}ad ({$sqlk}) VALUES ({$sqlv})"); $db->query("UPDATE {$DT_PRE}ad_place SET ads=ads+1 WHERE pid={$pid}"); message($L['ad_buy_success'], '?status=2');
} $title = $year . '年会员提现统计报表'; } include tpl('cash_stats', $module); break; case 'edit': if ($item['status'] > 0) { msg('此申请已受理'); } if ($submit) { isset($status) or msg('请指定受理结果'); $money = $item['amount'] + $item['fee']; if ($status == 3) { money_lock($member['username'], -$money); money_record($member['username'], -$item['amount'], $item['bank'], $_username, '提现成功'); money_record($member['username'], -$item['fee'], $item['bank'], $_username, '提现手续费'); } else { if ($status == 2 || $status == 1) { $note or msg('请填写原因备注'); money_lock($member['username'], -$money); money_add($member['username'], $money); } else { msg(); } } $db->query("UPDATE {$table} SET status={$status},editor='{$_username}',edittime={$DT_TIME},note='{$note}' WHERE itemid={$itemid}"); dmsg('受理成功', $forward); } else { include tpl('cash_edit', $module); } break;
$r = $db->get_one("SELECT userid FROM {$DT_PRE}member WHERE mobile='{$mobile}' AND vmobile=1 AND userid<>{$_userid}"); if ($r) { message($L['send_mobile_exist']); } if ($fee && $_sms < 1) { $fee <= $_money or message($L['money_not_enough'], $MOD['linkurl'] . 'charge.php?action=pay'); is_payword($_username, $password) or dalert($L['error_payword']); } $auth = random(6, '0123456789'); $content = lang('sms->sms_code', array($auth, $MOD['auth_days'])) . $DT['sms_sign']; $sms_code = send_sms($mobile, $content); if (strpos($sms_code, $DT['sms_ok']) !== false) { if ($fee) { if ($_sms < 1) { money_add($_username, -$fee); money_record($_username, -$fee, $L['in_site'], $_username, $L['send_mobile_record'], $mobile); } else { sms_add($_username, -1); sms_record($_username, -1, $_username, $L['send_mobile_record'], $mobile); } } $db->query("UPDATE {$DT_PRE}member SET auth='{$auth}',authvalue='{$mobile}',authtime='{$DT_TIME}' WHERE username='******'"); dheader('?code=1&action=' . $action); } else { message($L['send_mobile_fail']); } } $head_title = $L['send_mobile_title']; include template('send', $module); } break;
isset($MODULE[$moduleid]) or dheader('channel.php?reload=' . $DT_TIME); $itemid = intval($itemid); $itemid or dheader('channel.php?reload=' . $DT_TIME); $fee = dround($fee); $fee > 0 or dheader('channel.php?reload=' . $DT_TIME); $note = $MODULE[$moduleid]['name'] . '/' . $itemid; if ($currency == 'money') { if (isset($password)) { is_payword($_username, $password) or mobile_msg($L['not_payword']); $discount = $MG['discount'] > 0 && $MG['discount'] < 100 ? $MG['discount'] : 100; $discount = dround($discount / 100); $_fee = dround($fee * $discount); $_money >= $_fee or mobile_msg($L['need_charge']); $db->query("INSERT INTO {$DT_PRE}finance_pay (moduleid,itemid,username,fee,currency,paytime,ip,title) VALUES ('{$moduleid}','{$itemid}','{$_username}','{$fee}','{$currency}','{$DT_TIME}','{$DT_IP}','" . addslashes($title) . "')"); money_add($_username, -$fee); money_record($_username, -$fee, $L['pay_by_site'], 'system', $L['pay_info'], $note); mobile_msg($L['pay_success'], mobileurl($moduleid, 0, $itemid)); } else { $head_title = $L['pay_title'] . $DT['seo_delimiter'] . $head_title; $foot = 'channel'; include template('pay', 'mobile'); if (DT_CHARSET != 'UTF-8') { toutf8(); } } } else { if ($currency == 'credit') { if ($_credit >= $fee) { $db->query("INSERT INTO {$DT_PRE}finance_pay (moduleid,itemid,username,fee,currency,paytime,ip,title) VALUES ('{$moduleid}','{$itemid}','{$_username}','{$fee}','{$currency}','{$DT_TIME}','{$DT_IP}','" . addslashes($title) . "')"); credit_add($_username, -$fee); credit_record($_username, -$fee, 'system', $L['pay_info'], $note);
} } if ($action == 'buy' && $r['fee']) { $currency = $r['currency']; $months = array(1, 2, 3, 6, 12, 24); $unit = $currency == 'money' ? $DT['money_unit'] : $DT['credit_unit']; if ($submit) { in_array($month, $months) or message($L['style_msg_month']); $amount = $r['fee'] * $month; if ($currency == 'money') { if ($amount > $_money) { message($L['money_not_enough'], $MODULE[2]['linkurl'] . 'charge.php?action=pay&amount=' . ($amount - $_money)); } is_payword($_username, $password) or message($L['error_payword']); money_add($_username, -$amount); money_record($_username, -$amount, $L['in_site'], 'system', $L['pay_in_site'], lang($L['style_record_buy'], array($r['title'], $month))); $fd = 'money'; } else { if ($amount > $_credit) { message($L['credit_not_enough'], $MODULE[2]['linkurl'] . 'credit.php?action=buy&amount=' . ($amount - $_credit)); } credit_add($_username, -$amount); credit_record($_username, -$amount, 'system', lang($L['style_record_buy'], array($r['title'], $month))); $fd = 'credit'; } $styletime = $DT_TIME + 86400 * 30 * $month; $c = $db->get_one("SELECT skin FROM {$DT_PRE}company WHERE userid={$_userid}"); $c['skin'] or $c['skin'] = 'default'; $o = $db->get_one("SELECT itemid FROM {$DT_PRE}style WHERE skin='{$c['skin']}'"); if ($o) { $db->query("UPDATE {$DT_PRE}style SET hits=hits-1 WHERE itemid={$o['itemid']} AND hits>1");
$title = '[' . $seller . '] ' . $title; } } include tpl('order_stats', $module); break; case 'refund': $itemid or msg('未选择记录'); $itemids = is_array($itemid) ? implode(',', $itemid) : $itemid; $i = 0; $result = $db->query("SELECT * FROM {$table} WHERE itemid IN ({$itemids})"); while ($r = $db->fetch_array($result)) { if ($r['status'] < 3) { $i++; $itemid = $r['itemid']; money_add($r['buyer'], $r['amount']); money_record($r['buyer'], $r['amount'], '站内', 'system', '团购退款', '订单号:' . $itemid); $db->query("UPDATE {$table} SET status=4,editor='{$_username}',updatetime={$DT_TIME} WHERE itemid={$itemid}"); } } dmsg('退款成功' . $i . '个订单', $forward); break; case 'show': $itemid or msg('未指定记录'); $item = $db->get_one("SELECT * FROM {$table} WHERE itemid={$itemid} "); $item or msg('记录不存在'); $item['linkurl'] = $EXT['linkurl'] . 'redirect.php?mid=' . $moduleid . '&itemid=' . $item['gid']; $item['money'] = $item['amount']; $item['addtime'] = timetodate($item['addtime'], 6); $item['updatetime'] = timetodate($item['updatetime'], 6); include tpl('order_show', $module); break;
$r = $db->get_one("SELECT * FROM {$DT_PRE}finance_charge WHERE username='******' ORDER BY itemid DESC"); } if ($r) { $charge_orderid = $r['itemid']; $charge_money = $r['amount'] + $r['fee']; $charge_amount = $r['amount']; if ($r['status'] == 0) { $receive_url = ''; $bank = $r['bank']; $editor = 'R' . $bank; $note = ''; include DT_ROOT . '/api/pay/' . $bank . '/receive.inc.php'; if ($charge_status == 1) { $db->query("UPDATE {$DT_PRE}finance_charge SET status=3,money={$charge_money},receivetime='{$DT_TIME}',editor='{$editor}' WHERE itemid={$charge_orderid}"); money_add($r['username'], $r['amount']); money_record($r['username'], $r['amount'], $PAY[$bank]['name'], 'system', $L['charge_online'], $L['charge_id'] . ':' . $charge_orderid); if ($MOD['credit_charge'] > 0) { $credit = intval($r['amount'] * $MOD['credit_charge']); if ($credit > 0) { credit_add($r['username'], $credit); credit_record($r['username'], $credit, 'system', $L['charge_reward'], $L['charge'] . $r['amount'] . $DT['money_unit']); } } if ($r['reason']) { $url = get_reason_url($r['reason']); if ($url) { $charge_forward = $url; } } if ($bank == 'tenpay') { $show_url = $charge_forward ? $charge_forward : 'charge.php';
$head_title = $L['sms_add_title']; } break; case 'buy': $fee = $DT['sms_fee']; $fee or message($L['sms_msg_no_price']); if ($fee) { if ($submit) { is_payword($_username, $password) or message($L['error_payword']); $total = intval($total); $total > 0 or message($L['sms_msg_buy_num']); $amount = $total * $fee; if ($amount > 0) { $_money >= $amount or message($L['money_not_enough'], 'charge.php?action=pay&amount=' . ($amount - $_money)); money_add($_username, -$amount); money_record($_username, -$amount, $L['in_site'], 'system', $L['sms_buy_note'], $total); sms_add($_username, $total); sms_record($_username, $total, 'system', $L['sms_buy_record'], $amount . $DT['money_unit']); } dmsg($L['sms_buy_success'], '?action=index'); } } else { message($L['sms_msg_no_price']); } $head_title = $L['sms_buy_title']; break; case 'record': isset($fromtime) or $fromtime = ''; isset($totime) or $totime = ''; $condition = "mobile='{$mobile}'"; if ($keyword) {
<?php defined('IN_DESTOON') or exit('Access Denied'); login(); require DT_ROOT . '/module/' . $module . '/common.inc.php'; require DT_ROOT . '/include/post.func.php'; switch ($action) { case 'add': if ($submit) { $num = intval($num); $num >= 1 or $num = 1; $money = $MOD['deposit'] * $num; $money <= $_money or dheader('charge.php?action=pay&reason=deposit|' . $num . '&amount=' . ($money - $_money)); is_payword($_username, $password) or message($L['error_payword']); money_add($_username, -$money); money_record($_username, -$money, $L['in_site'], 'system', $L['deposit_title_add']); $db->query("INSERT INTO {$DT_PRE}finance_deposit (username,amount,addtime,editor) VALUES ('{$_username}','{$money}','{$DT_TIME}','{$_username}')"); $db->query("UPDATE {$DT_PRE}member SET deposit=deposit+{$money} WHERE userid={$_userid}"); dmsg($L['op_success'], '?action=index'); } else { $amount = $MOD['deposit']; if ($sum > 1) { $amount = $MOD['deposit'] * $sum; } $head_title = $L['deposit_title_add']; } break; default: $condition = "username='******'"; isset($fromtime) or $fromtime = ''; isset($totime) or $totime = '';
$gone = $DT_TIME - $td['updatetime']; if (!in_array($td['status'], array(1, 2)) || $td['seller'] != $_username || $gone < $MOD['trade_day'] * 86400 + $td['add_time'] * 3600) { message($L['group_msg_deny']); } //交易成功 $money = $td['amount']; money_add($td['seller'], $money); money_record($td['seller'], $money, $L['in_site'], 'system', $L['group_record_pay'], lang($L['group_buyer_timeout'], array($itemid))); //网站服务费 $G = $db->get_one("SELECT groupid FROM {$DT_PRE}member WHERE username='******'seller'] . "'"); $SG = cache_read('group-' . $G['groupid'] . '.php'); if ($SG['commission']) { $fee = dround($money * $SG['commission'] / 100); if ($fee > 0) { money_add($td['seller'], -$fee); money_record($td['seller'], -$fee, $L['in_site'], 'system', $L['trade_fee'], $L['trade_order_id'] . $itemid); } } $db->query("UPDATE {$table} SET status=3,updatetime={$DT_TIME} WHERE itemid={$itemid}"); message($L['group_success'], $forward, 3); break; } } else { if ($action == 'express') { //我的快递 $sfields = $L['express_sfields']; $dfields = array('title', 'title', 'send_type ', 'send_no'); isset($fields) && isset($dfields[$fields]) or $fields = 0; $status = isset($status) && isset($dsend_status[$status]) ? intval($status) : ''; $type = isset($type) ? intval($type) : 0; $fields_select = dselect($sfields, 'fields', '', $fields);
property_check($post_ppt); } $do->add($post); if ($FD) { fields_update($post_fields, $table, $do->itemid); } if ($CP) { property_update($post_ppt, $moduleid, $post['catid'], $do->itemid); } if ($MOD['show_html'] && $post['status'] > 2) { $do->tohtml($do->itemid); } if ($fee_add) { if ($fee_currency == 'money') { money_add($_username, -$fee_add); money_record($_username, -$fee_add, $L['in_site'], 'system', lang($L['credit_record_add'], array($MOD['name'])), 'ID:' . $do->itemid); } else { credit_add($_username, -$fee_add); credit_record($_username, -$fee_add, 'system', lang($L['credit_record_add'], array($MOD['name'])), 'ID:' . $do->itemid); } } $msg = $post['status'] == 2 ? $L['success_check'] : $L['success_add']; $js = ''; if (isset($post['sync_sina']) && $post['sync_sina']) { $js .= sync_weibo('sina', $moduleid, $do->itemid); } if (isset($post['sync_qq']) && $post['sync_qq']) { $js .= sync_weibo('qq', $moduleid, $do->itemid); } if (isset($post['sync_qzone']) && $post['sync_qzone']) { $js .= sync_weibo('qzone', $moduleid, $do->itemid);
//交易成功 break; case 'get_pay': //买家确认超时 卖家申请直接付款 if ($DT['trade']) { exit(include DT_ROOT . '/api/trade/' . $DT['trade'] . '/update.inc.php'); } $gone = $DT_TIME - $td['updatetime']; if ($td['status'] != 3 || $td['seller'] != $_username || $gone < $MOD['trade_day'] * 86400 + $td['add_time'] * 3600) { message($L['trade_msg_deny']); } $money = $td['amount'] + $td['fee']; money_lock($td['buyer'], -$money); money_record($td['buyer'], -$money, $L['in_site'], 'system', $L['trade_record_pay'], lang($L['trade_buyer_timeout'], array($itemid))); money_add($_username, $money); money_record($_username, $money, $L['in_site'], 'system', $L['trade_record_pay'], lang($L['trade_buyer_timeout'], array($itemid))); $db->query("UPDATE {$table} SET status=4,updatetime={$DT_TIME} WHERE itemid={$itemid}"); //更新商品数据 $db->query("UPDATE {$DT_PRE}mall SET orders=orders+1,sales=sales+{$td['number']},amount=amount-{$td['number']} WHERE itemid={$mallid}"); message($L['trade_success'], $forward, 3); //交易成功 break; case 'comment': //交易评价 if ($submit) { $star = intval($star); in_array($star, array(1, 2, 3)) or $star = 3; $content = htmlspecialchars($content); } if ($_username == $td['seller']) { if ($td['buyer_star']) {