public function send_shop_code() { if (!isset($_POST['send']) && !isset($_POST['uid']) && !isset($_POST['gid'])) { exit(0); } $uid = abs($_POST['uid']); $gid = abs($_POST['gid']); $db = System::load_sys_class("model"); $sendinfo = $db->GetOne("SELECT id,send_type FROM `@#_send` WHERE `gid` = '{$gid}' and `uid` = '{$uid}'"); if ($sendinfo) { exit(0); } $member = $db->GetOne("SELECT * FROM `@#_member` WHERE `uid` = '{$uid}'"); if (!$member) { exit(0); } $info = $db->GetOne("SELECT id,q_user_code,q_end_time,title,q_user FROM `@#_shoplist` WHERE `id` = '{$gid}' and `q_uid` = '{$uid}'"); if (!$info) { exit(0); } $username = get_user_name($member, 'username', 'all'); $this->send_insert($uid, $gid, $username, $info['title'], '-1'); $type = System::load_sys_config("send", "type"); if (!$type) { exit(0); } $q_time = abs(substr($info['q_end_time'], 0, 10)); while (time() < $q_time) { sleep(5); } $ret_send = false; if ($type == '1') { if (!empty($member['email'])) { send_email_code($member['email'], $username, $uid, $info['q_user_code'], $info['title']); $ret_send = true; } } if ($type == '2') { if (!empty($member['mobile'])) { send_mobile_shop_code($member['mobile'], $uid, $info['q_user_code']); $ret_send = true; } } if ($type == '3') { if (!empty($member['email'])) { send_email_code($member['email'], $username, $uid, $info['q_user_code'], $info['title']); $ret_send = true; } if (!empty($member['mobile'])) { send_mobile_shop_code($member['mobile'], $uid, $info['q_user_code']); $ret_send = true; } } if ($ret_send) { $this->send_insert($uid, $gid, $username, $info['title'], $type); } exit(0); }
$email_code = ""; } } else { // some checks before send code if (strlen($email_value) < 6) { $email_value = ""; } if (strpbrk($email_value, " ,;'\"\t\n") !== false) { $email_value = ""; } // verify not empty and not used email then send code if ($email_value && email_not_used($email_value)) { $secret_code = safe_rand(100000, 999999); $_SESSION['email_value'] = $email_value; $_SESSION['email_code'] = $secret_code; send_email_code($email_value, $secret_code); $email_code = ""; } else { append_error("Цю адресу неможливо використати."); $email_value = ""; } } } else { /** * get code from query string if present */ if (isset($_SESSION['email_value'])) { $email_value = $_SESSION['email_value']; } if (isset($_GET['code'])) { $email_code = $_GET['code'];