function login($loginname, $passwd0)
{
global $config;
$ret = array();
$ret['code'] = 1;
if ($loginname == '' || $passwd0 == '') {
$ret['code'] = -1;
$ret['msg'] = '登入失败 : 账号/密码缺误 !!';
}
$query = "SELECT * FROM `saja_user`.`saja_enterprise` \r\n\t\t\tWHERE \r\n\t\t\tprefixid = 'saja' \r\n\t\t\tAND loginname = '" . $loginname . "' \r\n\t\t\tAND switch = 'Y' \r\n\t\t\t";
error_log($query);
$model = new mysql($config["db"][0]);
$model->connect();
$table = $model->getQueryRecord($query);
if (empty($table['table']['record'])) {
$ret['code'] = -2;
$ret['msg'] = '登入失败 : 账号不存在!!';
}
$record = $table['table']['record'][0];
$str = new convertString();
$passwd = $str->strEncode($passwd0, $config['encode_key']);
// error_log("[loginto login] user : "******"-".$record['passwd']);
if ($record['passwd'] == $passwd) {
$ret['code'] = 1;
$ret['msg'] = $record;
} else {
$ret['code'] = -3;
$ret['msg'] = '登入失败 : 密码错误!!';
}
return $ret;
}
}
if (empty($io->input['post']["passwd"])) {
jsAlertMsg('登錄密碼錯誤!!');
}
// Check Variable End
require_once "saja/mysql.ini.php";
$model = new mysql($config["db"][0]);
$model->connect();
$db_user = $config["db"][0]["dbname"];
//print_R($db_user);exit;
require_once "saja/convertString.ini.php";
$str = new convertString();
##############################################################################################################################################
// Table Start
$query = "SELECT * FROM `{$db_user}`.`{$config['default_prefix']}enterprise` \r\nWHERE \r\n\tprefixid = '" . $config['default_prefix_id'] . "' \r\n\tAND loginname = '" . $io->input['post']["name"] . "' \r\n\tAND switch = 'Y' \r\n";
$table = $model->getQueryRecord($query);
if (empty($table['table']['record'])) {
jsAlertMsg('登錄帳號不存在!!');
die;
}
$enterprise = $table['table']['record'][0];
$passwd = $str->strEncode($io->input['post']['passwd'], $config['encode_key']);
if ($enterprise['passwd'] !== $passwd) {
jsAlertMsg('登錄密碼錯誤!!');
}
// Table End
##############################################################################################################################################
$_SESSION['sajamanagement']['enterprise'] = $enterprise;
setcookie('enterpriseid', $enterprise['enterpriseid'], time() + 86400, "/", COOKIE_DOMAIN);
//set cookie for 1 day
header("location:" . $config['default_main']);
public function confirm()
{
global $tpl, $config, $deposit, $product;
//設定 Action 相關參數
set_status($this->controller);
login_required();
$drid = $_GET['drid'];
//充值项目ID
//if(empty($_GET['driid'])) { }
$row_list = $deposit->row_list($_GET['drid']);
$tpl->assign('row_list', $row_list);
$deposit_rule = $deposit->deposit_rule($_GET['drid']);
$tpl->assign('deposit_rule', $deposit_rule);
foreach ($row_list as $rk => $rv) {
if ((int) $rv['driid'] == (int) $_GET["driid"]) {
//取得儲值點數
$get_deposit['drid'] = $_GET['drid'];
$get_deposit['driid'] = $rv['driid'];
$get_deposit['name'] = $rv['name'];
$get_deposit['amount'] = floatval($rv['amount']);
$get_deposit['spoint'] = $rv['spoint'];
break;
} else {
continue;
}
}
//endforeach;
if ($_GET['drid'] == '7' || $_GET['drid'] == '9') {
//Hinet & 阿拉訂 : 點數兌換時才生訂單
$get_deposit['drid'] = $drid;
} else {
if ($_GET['drid'] != '7' && $_GET['drid'] != '9') {
//新增deposit_history資訊
$currenty = $config['currency'];
if ($_GET['drid'] == '6' || $_GET['drid'] == '8') {
$currency = "NTD";
} else {
$currency = "RMB";
}
$userid = $_SESSION['auth_id'];
if ($this->is_test_id($userid)) {
if ($currency == "NTD") {
$get_deposit['amount'] = 2;
} else {
if ($currency == "RMB") {
$get_deposit['amount'] = 0.01;
}
}
}
$depositid = $deposit->add_deposit($_SESSION['auth_id'], $get_deposit['amount'], $currency);
$spointid = $deposit->add_spoint($_SESSION['auth_id'], $get_deposit['spoint']);
$dhid = $deposit->add_deposit_history($_SESSION['auth_id'], $_GET["driid"], $depositid, $spointid);
$get_scode_promote = $deposit->get_scode_promote_rt($_GET['driid']);
if (!empty($get_scode_promote)) {
$i = 1;
$spmemo = '';
foreach ($get_scode_promote as $sk => $sv) {
$get_product_info = $product->get_info($sv['productid']);
$spmemo .= $sv['name'];
/*
if(!empty($sv['num'])) {
$spmemo.=$sv['num'].' 张';
}
*/
if (!empty($get_product_info['productid'])) {
$spmemo .= '</br>(<a style="color:#3388cc;white-space:pre-wrap;" href="/site/product/saja/?channelid=1&productid=' . $get_product_info['productid'] . '">' . $get_product_info['name'] . '</a>)<br>';
}
/*
if ($sv['spid'] == 4) {
$spmemo .= $i.". S码 X ".$sv['num']."\n";
$i++;
}
if ($sv['spid'] == 52) {
$get_product_info = $product->get_info($sv['productid']);
$spmemo .= $i.'. 限定S码 X '.$sv['num'].'<br>(<a style="color:#3388cc;white-space:pre-wrap;" href="/site/product/saja/?channelid=1&productid='.$get_product_info['productid'].'">'.$get_product_info['name'].'</a>)<br>';
$i++;
}
*/
/*if ($sv['driid'] >= 8 && $sv['driid'] <= 12) {
$spmemo .= $i.'. 交通银行用户使用银联支付单笔满50独享额外加送10组限定S码(限一次)';
$i++;
}*/
}
} else {
$spmemo .= "无赠送任何东西";
}
if ($_GET['drid'] == 4) {
$banklist = array();
$banklist['BOCOM'] = "交通银行";
$banklist['CMB'] = "招商银行";
$banklist['CCB'] = "建设银行";
$banklist['SPDB'] = "浦发银行";
$banklist['GDB'] = "广发银行";
$banklist['PSDB'] = "邮政储蓄银行";
$banklist['CIB'] = "兴业银行";
$banklist['HXB'] = "华夏银行";
$banklist['PAB'] = "平安银行";
$banklist['BOS'] = "上海银行";
$banklist['SRCB'] = "上海农商银行";
$banklist['BCCB'] = "北京银行";
$banklist['BRCB'] = "北京农商银行";
$banklist['CEB'] = "光大银行";
$banklist['ICBC'] = "工商银行(建议使用PC浏览)";
$banklist['BOCSH'] = "中国银行(建议使用PC浏览)";
$banklist['ABC'] = "农业银行(建议使用PC浏览)";
$banklist['MBC'] = "民生银行(建议使用PC浏览)";
$banklist['CNCB'] = "中信银行(建议使用PC浏览)";
$banklist['OTHERS'] = "其它";
//$banklist['BOC'] = "中国银行(大额)(建议使用PC浏览)";
$tpl->assign('bank_list', $banklist);
}
//Create ordernumber
$get_deposit['ordernumber'] = $dhid;
}
}
//md5(merchantnumber+code+amount+ordernumber)
//$get_deposit['hash'] = md5($config['alipay']['merchantnumber'] . $config['alipay']['code'] . sprintf("%d", $get_deposit['amount']) . $dhid);
// Data Consistency Check
$chkStr = $dhid . "|" . $get_deposit['amount'];
$cs = new convertString();
$enc_chkStr = $cs->strEncode($chkStr, $config['encode_key'], $config['encode_type']);
error_log("[c/deposit/confirm] ori chkStr : " . $chkStr);
error_log("[c/deposit/confirm] encode chkStr " . $enc_chkStr);
$tpl->assign('chkStr', $enc_chkStr);
$tpl->assign('get_deposit', $get_deposit);
$tpl->assign('get_scode_promote', $get_scode_promote);
$tpl->assign('spmemo', $spmemo);
$tpl->set_title('');
$tpl->render("deposit", "confirm", true);
}
echo $e->getMessage();
}
if ($i_BUSINESS == "091001" || $i_BUSINESS == "091003") {
//安源Center→業者端 向業者端要求身份驗證
if ($i_BUSINESS == "091001") {
$account_id = "";
// 兌換時輸入的帳號
$userid = "";
// user unique ID
$saja_bonus = 0;
// Saja bonus點數
$ibon_bonus = 0;
// 等值iBon 點數
if ($i_STATUS_CODE == "0000" && $i_STATUS_DESC != "" && $i_prdate_no != "") {
$account_id = (string) $i_XMLData->LISTDATA->DATA_1;
$exch_passwd = $str->strEncode((string) $i_XMLData->LISTDATA->DATA_2, $config['encode_key']);
error_log("[ibon_process] id/pwd: " . $account_id . "/" . $exch_passwd);
$sql = " SELECT u.userid, u.name, up.nickname, IFNULL(m.verified,'N') as verified, SUM(IFNULL(b.amount,0)) as saja_bonus ";
$sql .= " FROM saja_user.saja_user u ";
$sql .= " LEFT JOIN saja_cash_flow.saja_bonus b ON u.userid=b.userid AND u.switch='Y' AND b.switch='Y' ";
$sql .= " LEFT JOIN saja_user.saja_user_sms_auth m on u.userid=m.userid AND u.switch='Y' AND m.switch='Y' ";
$sql .= " LEFT JOIN saja_user.saja_user_profile up on u.userid=up.userid AND u.switch='Y' AND up.switch='Y' ";
$sql .= " WHERE u.name='" . $account_id . "' AND u.exchangepasswd='" . $exch_passwd . "' AND u.switch='Y' GROUP BY u.userid, u.name, up.nickname, m.verified ";
error_log("[ibon_process]sql 2 : " . $sql);
$table = $db->getQueryRecord($sql);
if (!empty($table['table']['record'])) {
if ($table['table']['record'][0]['verified'] == 'Y') {
$account_id = $table['table']['record'][0]['name'];
$userid = $table['table']['record'][0]['userid'];
$saja_bonus = $table['table']['record'][0]['saja_bonus'];
$ibon_bonus = floor($saja_bonus * $i_Magnification * $i_CurrencyRate);
function userCommitTx()
{
global $db, $config, $tpl, $mall;
//設定 Action 相關參數
login_required();
set_status($this->controller);
date_default_timezone_set('Asia/Shanghai');
$expw = $_POST['expw'];
$userid = $_POST['userid'];
$evrid = $_POST['evrid'];
$bonus_noexpw = $_POST['bonus_noexpw'];
$bonus_total = $_POST['bonus_total'];
$arrCond = array();
try {
//帳號檢核
if ($userid != $_SESSION['auth_id']) {
$retArr['retCode'] = '-105';
$retArr['retMsg'] = urlencode('會員資料錯誤 !!');
$this->replyAndExit($retArr);
} else {
error_log("[mall.userConfirmTx] userid : " . $userid . " Check OK !!");
}
// 免密 兑换密码檢核
if ($bonus_total > $bonus_noexpw) {
$cs = new convertString();
$exchangepasswd = $cs->strEncode($expw, $config['encode_key']);
$query = "SELECT * \n\t\t\t\t\t\t\t\tFROM `{$config['db'][0]['dbname']}`.`{$config['default_prefix']}user` \n\t\t\t\t\t\t\t\tWHERE prefixid = '{$config['default_prefix_id']}' \n\t\t\t\t\t\t\t\t AND userid = '{$userid}' \n\t\t\t\t\t\t\t\t AND exchangepasswd = '{$exchangepasswd}' \n\t\t\t\t\t\t\t\t AND switch = 'Y' \n\t\t\t\t\t\t\t\t LIMIT 1\n\t\t\t\t\t\t\t\t";
$table = $db->getQueryRecord($query);
if (empty($table['table']['record'][0]['exchangepasswd'])) {
//'兑换密码错误'
$retArr['retCode'] = '-112';
$retArr['retMsg'] = urlencode('兑换密码错误!!');
$this->replyAndExit($retArr);
} else {
error_log("[mall.userConfirmTx] exchange pwd : " . $expw . " Check OK !!");
}
}
$arrCond['evrid'] = $evrid;
$record = $mall->getQrcodeTxRecord($arrCond);
$retArr = array();
//確認資料存在
$retArr['evrid'] = $evrid;
if (!$record) {
$retArr['retCode'] = '-100';
$retArr['retMsg'] = urlencode('交易紀錄不存在!!');
$this->replyAndExit($retArr);
} else {
error_log("[mall.userConfirmTx] evrid : " . $evrid . " Check OK !!");
}
//確認交易狀態資料
if ($record['tx_status'] != 3) {
$retArr['retCode'] = '-111';
$retArr['retMsg'] = urlencode('交易資料狀態錯誤!!');
$this->replyAndExit($retArr);
} else {
error_log("[mall.userConfirmTx] tx_status : " . $tx_status . " Check OK !!");
}
$arrCond['userid'] = $userid;
$arrCond['tx_status'] = '3';
// 確認紅利點數
$require_bonus = $record['total_bonus'];
$curr_bonus = $mall->bonus_check($userid);
error_log("[mall.userConfirmTx] curr bonus : " . $curr_bonus . ", required bonus :" . $require_bonus);
if ($curr_bonus < $require_bonus) {
$retArr['retCode'] = '-104';
$retArr['retMsg'] = urlencode('會員紅利點數不足!!');
$this->replyAndExit($retArr);
} else {
error_log("[mall.userConfirmTx] curr bonus check OK !!");
}
//OK
//產生會員紅利點數支付紀錄
$query = "insert into `{$config['db'][1]['dbname']}`.`{$config['default_prefix']}bonus` set \n\t\t\t\t\t\t `prefixid` = '{$config['default_prefix_id']}', \n\t\t\t\t\t\t `userid` = '{$userid}', \n\t\t\t\t\t\t `countryid` = '{$config['country']}', \n\t\t\t\t\t\t `behav` = 'user_qrcode_tx', \n\t\t\t\t\t\t `amount` = '-{$require_bonus}', \n\t\t\t\t\t\t `seq` = '0', \n\t\t\t\t\t\t `switch` = 'Y', \n\t\t\t\t\t\t `insertt` = now()";
error_log("[mall.userConfirmTx] pay bonus : " . $query);
$db->query($query);
$bonusid = $db->_con->insert_id;
//產生商家紅利點數收取記錄
$insert = "insert into `{$config['db'][1]['dbname']}`.`{$config['default_prefix']}bonus_store` set \n\t\t\t\t\t\t `prefixid` = '{$config['default_prefix_id']}', \n\t\t\t\t\t\t `bonusid` = '{$bonusid}',\n\t\t\t\t\t\t `enterpriseid`='" . $record['vendorid'] . "',\n\t\t\t\t\t\t `esid`=(select esid from saja_user.saja_enterprise where enterpriseid='" . $record['vendorid'] . "' ),\n\t\t\t\t\t\t `countryid` = (select countryid from saja_user.saja_enterprise_profile where enterpriseid='" . $record['vendorid'] . "' ), \n\t\t\t\t\t\t `behav` = 'user_qrcode_tx', \n\t\t\t\t\t\t `amount` = '{$require_bonus}', \n\t\t\t\t\t\t `seq` = '0', \n\t\t\t\t\t\t `switch` = 'Y', \n\t\t\t\t\t\t `insertt` = now()";
error_log("[mall.userConfirmTx] earn bonus : " . $insert);
$db->query($insert);
//修改交易紀錄
$arrUpd = array();
$tx_status = '4';
$arrUpd['bonusid'] = $bonusid;
$arrUpd['tx_status'] = $tx_status;
$arrUpd['commit_time'] = date('YmdHis');
$retCode = $mall->updQrcodeTxRecord($arrUpd, $arrCond);
$retArr = array();
if ($retCode) {
// $ws=new Client($config['wss_url']);
// $ws->send('NTFY|'.$arrCond['evrid'].'|'.$arrUpd['tx_status']);
$retArr['retCode'] = '1';
$retArr['retMsg'] = urlencode('交易完成,使用红利:' . $require_bonus . '点');
}
} catch (Exception $e) {
$retArr['retCode'] = $e->getCode();
$retArr['retMSg'] = $e->getMessage();
}
$this->replyAndExit($retArr);
}
