if ($_GET['trade_status'] == 'TRADE_FINISHED') {
//判断该笔订单是否在商户网站中已经做过处理(可参考“集成教程”中“3.4返回数据处理”)
//如果没有做过处理,根据订单号(out_trade_no)在商户网站的订单系统中查到该笔订单的详细,并执行商户的业务程序
//如果有做过处理,不执行商户的业务程序
if ($td['status'] == 3) {
$db->query("UPDATE {$DT_PRE}mall_order SET status=4,updatetime={$DT_TIME} WHERE itemid={$itemid}");
//更新商品数据
$db->query("UPDATE {$DT_PRE}mall SET orders=orders+1,sales=sales+{$td['number']},amount=amount-{$td['number']} WHERE itemid={$mallid}");
$myurl = userurl($td['buyer']);
$_username = $td['seller'];
//send message
$touser = $td['seller'];
$title = lang($L['trade_message_t4'], array($itemid));
$url = $memberurl . 'trade.php?itemid=' . $itemid;
$content = lang($L['trade_message_c4'], array($myurl, $_username, $timenow, $url));
$content = ob_template('messager', 'mail');
send_message($touser, $title, $content);
message('交易成功', $MODULE[2]['linkurl'] . 'trade.php?action=order&itemid=' . $itemid);
}
} else {
if ($_GET['trade_status'] == 'WAIT_BUYER_PAY') {
message('订单创建成功,请尽快通过支付宝付款', $MODULE[2]['linkurl'] . 'trade.php?action=order&itemid=' . $itemid);
} else {
//echo "trade_status=".$_GET['trade_status'];
}
}
}
}
message('验证成功(Code:000)', $MODULE[2]['linkurl'] . 'trade.php?error=0');
//echo "验证成功<br />";
//echo "trade_no=".$trade_no;
captcha($captcha);
$email = trim($email);
if (!is_email($email)) {
message($L['sendmail_pass_mailto']);
}
$title = trim(stripslashes($title));
if (strlen($title) < 5) {
message($L['pass_title']);
}
$content = trim(stripslashes($content));
if (strlen($content) < 10) {
message($L['pass_content']);
}
clear_upload($content);
$content = dsafe(save_local($content));
$content = ob_template('send', 'mail');
$DT['mail_name'] = $_company;
if (send_mail($email, $title, $content, '', false)) {
//$_email
message(lang($L['sendmail_success'], array($email)), 'sendmail.php');
} else {
message($L['sendmail_fail']);
}
} else {
$head_title = $L['sendmail_title'];
$email = isset($email) ? trim(stripslashes($email)) : '';
$title = isset($title) ? trim(stripslashes($title)) : '';
$content = isset($content) ? trim(stripslashes($content)) : '';
if ($action == 'page' && isset($title) && isset($linkurl)) {
$content = lang($L['sendmail_content'], array(userurl($_username), $_username, $title, $linkurl));
$title = lang($L['sendmail_title_new'], array($title));
$email == $t['email'] or exit('ko');
isset($_SESSION['email_send']) or $_SESSION['email_send'] = 0;
isset($_SESSION['email_time']) or $_SESSION['email_time'] = 0;
if ($_SESSION['email_time'] && $DT_TIME - $_SESSION['email_time'] < 60) {
exit('ko' . ($DT_TIME - $_SESSION['email_time']));
}
if ($_SESSION['email_send'] > 9) {
exit('max');
}
$emailcode = random(6, '0123456789');
$_SESSION['email'] = $email;
$_SESSION['email_code'] = md5($email . '|' . $emailcode);
$_SESSION['email_time'] = $DT_TIME;
$_SESSION['email_send'] = $_SESSION['email_send'] + 1;
$title = $L['register_msg_emailcode'];
$content = ob_template('emailcode', 'mail');
send_mail($email, $title, stripslashes($content));
exit('ok');
} else {
$mobile = $_SESSION['f_key'];
$mobile == $t['mobile'] && $t['vmobile'] or exit('ko');
isset($_SESSION['mobile_send']) or $_SESSION['mobile_send'] = 0;
isset($_SESSION['mobile_time']) or $_SESSION['mobile_time'] = 0;
if ($_SESSION['mobile_time'] && $DT_TIME - $_SESSION['mobile_time'] < 180) {
exit('ko');
}
if ($_SESSION['mobile_send'] > 4) {
exit('max');
}
if (max_sms($mobile)) {
exit('max');
$user_status = 0;
}
}
} else {
$user_status = 3;
}
} else {
$user_status = $_userid ? 1 : 0;
}
if ($_username && $_username == $item['username']) {
$user_status = 3;
}
if ($user_status == 3 && $item['username']) {
$member = userinfo($item['username']);
}
$contact = strip_nr(ob_template('contact', 'chip'), true);
echo 'Inner("contact", \'' . $contact . '\');';
echo 'Inner("hits", \'' . $item['hits'] . '\');';
$update = '';
if ($item['totime'] && $item['totime'] < $DT_TIME && $item['status'] == 3) {
$update .= ",status=4";
}
if ($member) {
unset($item['areaid']);
$update_user = update_user($member, $item);
if ($update_user) {
$db->query("UPDATE {$table} SET " . substr($update_user, 1) . " WHERE username='******'");
}
}
include DT_ROOT . '/include/update.inc.php';
if ($MOD['show_html'] && $task_item && $DT_TIME - @filemtime(DT_ROOT . '/' . $MOD['moduledir'] . '/' . $item['linkurl']) > $task_item) {
$db->query("UPDATE {$DT_PRE}member SET groupid='{$t['regid']}'," . ($verify_type == 'mobile' ? 'vmobile' : 'vemail') . "=1 WHERE username='******'");
$db->query("UPDATE {$DT_PRE}company SET groupid='{$t['regid']}' WHERE username='******'");
require DT_ROOT . '/module/member/member.class.php';
$do = new member();
$user = $do->login($username, '', 0, true);
if ($user) {
$post = $user;
$post['password'] = $_SESSION['m_pass'];
if ($MOD['welcome_sms'] && is_mobile($post['mobile'])) {
$message = lang('sms->wel_reg', array($post['truename'], $DT['sitename'], $post['username'], $post['password']));
$message = strip_sms($message);
send_sms($post['mobile'], $message);
}
if ($MOD['welcome_message'] || $MOD['welcome_email']) {
$title = $L['register_msg_welcome'];
$content = ob_template('welcome', 'mail');
if ($MOD['welcome_message']) {
send_message($username, $title, $content);
}
if ($MOD['welcome_email'] && $DT['mail_type'] != 'close') {
send_mail($post['email'], $title, $content);
}
}
session_destroy();
}
exit('ok');
break;
case 'post':
if ($MOD['captcha_register']) {
$captcha = isset($captcha) ? convert(input_trim($captcha), 'UTF-8', DT_CHARSET) : '';
$msg = captcha($captcha, $MOD['captcha_register'], true);
}
if ($password != $cpassword) {
message($L['member_payword_match']);
}
$options = array('username', 'passport', 'email', 'mobile', 'company', 'qq', 'msn', 'ali', 'skype', 'userid');
in_array($option, $options) or $option = 'username';
$r = $db->get_one("SELECT username,groupid,passsalt FROM {$DT_PRE}member WHERE email='{$email}' AND `{$option}`='{$username}'");
if ($r) {
$username = $r['username'];
if ($r['groupid'] == 4) {
message($L['send_password_checking']);
}
$authvalue = dpassword($password, $r['passsalt']);
$auth = make_auth($username);
$db->query("UPDATE {$DT_PRE}member SET auth='{$auth}',authvalue='{$authvalue}',authtime='{$DT_TIME}' WHERE username='******'");
userclean($username);
$authurl = $MOD['linkurl'] . 'send.php?auth=' . $auth;
$title = $L['send_password_mail'];
$content = ob_template('password', 'mail');
send_mail($email, $title, stripslashes($content));
dheader($MOD['linkurl'] . 'goto.php?action=password&email=' . $email);
} else {
message($L['send_password_error']);
}
} else {
$head_title = $L['send_password_title'];
include template('send', $module);
}
}
break;
}
}
$pertime = intval($pertime);
if (!$pertime) {
$pertime = 5;
}
$DT['mail_name'] = $name;
$emails = file_get(DT_ROOT . '/file/email/' . $maillist);
$emails = explode("\n", $emails);
for ($i = 1; $i <= $pernum; $i++) {
$email = trim($emails[$id++]);
if (is_email($email)) {
$content = $_content;
if ($template) {
$user = _userinfo($fields, $email);
eval("\$title = \"{$title}\";");
$content = ob_template($template, 'mail');
}
send_mail($email, $title, $content, $sender);
}
}
if ($id < count($emails)) {
msg('已发送 ' . $id . ' 封邮件,系统将自动继续,请稍候...', '?moduleid=' . $moduleid . '&file=' . $file . '&sendtype=3&id=' . $id . '&pernum=' . $pernum . '&pertime=' . $pertime . '&send=1', $pertime);
}
cache_delete($_username . '_sendmail.php');
$forward = '?moduleid=' . $moduleid . '&file=' . $file;
}
}
}
dmsg('邮件发送成功', $forward);
} else {
$sendtype = isset($sendtype) ? intval($sendtype) : 1;
message($L['validate_email_success'], $MOD['linkurl']);
}
dalert($L['check_auth'], DT_PATH);
} else {
if ($submit) {
captcha($captcha);
is_email($email) or message($L['validate_email_bad']);
$r = $db->get_one("SELECT userid FROM {$DT_PRE}member WHERE email='{$email}' AND userid<>{$_userid}");
if ($r) {
message($L['validate_email_exist']);
}
$auth = make_auth($username);
$db->query("UPDATE {$DT_PRE}member SET auth='{$auth}',authvalue='{$email}',authtime='{$DT_TIME}' WHERE username='******'");
$authurl = $MOD['linkurl'] . 'validate.php?action=' . $action . '&auth=' . $auth;
$title = $L['validate_email_mail'];
$content = ob_template('validate', 'mail');
send_mail($email, $title, stripslashes($content));
dheader($MOD['linkurl'] . 'goto.php?action=' . $action . '&email=' . $email);
} else {
include template('validate', $module);
}
}
break;
case 'mobile':
$MOD['vmobile'] or dheader($MOD['linkurl']);
$DT['sms'] or message($L['send_sms_close']);
$head_title = $L['validate_mobile_title'];
if ($user['vmobile']) {
$action = 'v' . $action;
include template('validate', $module);
exit;
}
if ($sql) {
$condition .= ' ' . $sql;
}
if ($ord) {
$condition .= ' ORDER BY ' . $ord;
}
$lists = array();
$results = $db->query("SELECT * FROM " . get_table($mid) . " WHERE {$condition} LIMIT 0,{$total}");
while ($rs = $db->fetch_array($results)) {
if (strpos($rs['linkurl'], '://') === false) {
$rs['linkurl'] = $MOD['linkurl'] . $rs['linkurl'];
}
$lists[] = $rs;
}
$content = ob_template($template ? $template : 'alert', 'mail');
send_mail($r['email'], $title, $content);
$db->query("UPDATE {$DT_PRE}alert SET sendtime={$DT_TIME} WHERE itemid={$itemid}");
}
$itemid += 1;
} else {
$itemid = $fid + $num;
}
$MOD = $_MOD;
} else {
dmsg('发送成功', "?moduleid={$moduleid}&file={$file}");
}
msg('ID从' . $fid . '至' . ($itemid - 1) . '发送成功' . progress($sid, $fid, $tid), "?moduleid={$moduleid}&file={$file}&action={$action}&sid={$sid}&fid={$itemid}&tid={$tid}&num={$num}&send=1");
} else {
$item = cache_read('alert-' . $_userid . '.php');
if ($item) {
}
if ($post['credit']) {
credit_add($_username, -$post['credit']);
credit_record($_username, -$post['credit'], 'system', lang($L['credit_record_reward'], array($MOD['name'])), 'ID:' . $do->itemid);
}
if (isset($post['hidden']) && $MOD['credit_hidden']) {
credit_add($_username, -$MOD['credit_hidden']);
credit_record($_username, -$MOD['credit_hidden'], 'system', lang($L['credit_record_hidden'], array($MOD['name'])), 'ID:' . $do->itemid);
}
if ($post['ask'] && check_name($post['ask'])) {
$db->query("UPDATE {$table}_expert SET ask=ask+1 WHERE username='******'ask']}'");
$touser = $post['ask'];
$title = lang($L['know_new_title'], array($post['title']));
$question = $post['title'];
$itemid = $do->itemid;
$content = ob_template('ask', 'mail');
send_message($touser, $title, $content);
}
$js = '';
if (isset($post['sync_sina']) && $post['sync_sina']) {
$js .= sync_weibo('sina', $moduleid, $do->itemid);
}
if (isset($post['sync_qq']) && $post['sync_qq']) {
$js .= sync_weibo('qq', $moduleid, $do->itemid);
}
if ($post['status'] == 3) {
$r = $db->get_one("SELECT linkurl FROM {$table} WHERE itemid={$do->itemid}");
$forward = $MOD['linkurl'] . $r['linkurl'];
$msg = '';
} else {
if ($_userid) {
<?php
/*
[Destoon B2B System] Copyright (c) 2008-2013 Destoon.COM
This is NOT a freeware, use is subject to license.txt
*/
defined('IN_DESTOON') or exit('Access Denied');
isset($auth) or exit;
$d = decrypt($auth);
strpos($d, '-') !== false or exit;
$t = explode('-', $d);
$moduleid = intval($t[0]);
$moduleid > 4 or exit;
isset($MODULE[$moduleid]) or exit;
$itemid = intval($t[1]);
$itemid > 0 or exit;
$item = $db->get_one("SELECT title,thumb,introduce,linkurl,addtime,status FROM " . get_table($moduleid) . " WHERE itemid={$itemid}");
$item or exit;
$item['status'] == 3 or exit;
$DT_TIME - $item['addtime'] < 30 or exit;
$title = $item['title'];
$introduce = $item['introduce'];
$thumb = str_replace('.thumb.', '.middle.', $item['thumb']);
$linkurl = strpos($item['linkurl'], '://') !== false ? $item['linkurl'] : $MODULE[$moduleid]['linkurl'] . $item['linkurl'];
$content = ob_template('weibo', 'chip');
$content = convert($content, DT_CHARSET, 'UTF-8');
