function user_check($username_email, $pwd)
{
//$username_email = addslashes($username_email);
//$pwd = addslashes($pwd);
if ($username_email && $pwd) {
//$sql = "select *,id as uid from ".DB_PREFIX."user where (user_name='".$username_email."' or email = '".$username_email."') and is_delete = 0";
$sql = "select *,id as uid from " . DB_PREFIX . "user where (user_name='" . $username_email . "' or email = '" . $username_email . "' or mobile = '" . $username_email . "') ";
$user_info = $GLOBALS['db']->getRow($sql);
$is_use_pass = false;
if (strlen($pwd) != 32) {
if ($user_info['user_pwd'] == md5($pwd . $user_info['code']) || $user_info['user_pwd'] == md5($pwd)) {
$is_use_pass = true;
}
} else {
if ($user_info['user_pwd'] == $pwd) {
$is_use_pass = true;
}
}
if ($is_use_pass) {
es_session::set("user_info", $user_info);
$GLOBALS['user_info'] = $user_info;
return $user_info;
} else {
return null;
}
} else {
return null;
}
}
function do_login_biz($account_user, $account_password)
{
$biz_data = $GLOBALS['db']->getRow("SELECT * FROM " . DB_PREFIX . "supplier_account WHERE account_name='" . $account_user . "' AND is_delete = 0");
$result = array();
$result['status'] = 1;
$result['data'] = '';
if (!$biz_data) {
$result['status'] = 0;
$result['data'] = ACCOUNT_NO_EXIST_ERROR;
return $result;
} else {
$result['account_info'] = $biz_data;
if ($biz_data['account_password'] != md5($account_password)) {
$result['status'] = 0;
$result['data'] = ACCOUNT_PASSWORD_ERROR;
return $result;
} elseif ($biz_data['is_effect'] != 1) {
$result['status'] = 0;
$result['data'] = ACCOUNT_NO_VERIFY_ERROR;
return $result;
} else {
$account_locations = $GLOBALS['db']->getAll("select location_id from " . DB_PREFIX . "supplier_account_location_link where account_id = " . $biz_data['id']);
$account_location_ids = array();
foreach ($account_locations as $row) {
$account_location_ids[] = $row['location_id'];
}
$biz_data['location_ids'] = $account_location_ids;
es_session::set("account_info", $biz_data);
$GLOBALS['account_info'] = $biz_data;
}
$GLOBALS['db']->query("update " . DB_PREFIX . "supplier_account set login_ip = '" . CLIENT_IP . "',login_time= " . NOW_TIME . " where id =" . $biz_data['id']);
return $result;
}
}
public function dologin()
{
if (check_ipop_limit(get_client_ip(), "supplier_dologin", intval(app_conf("SUBMIT_DELAY")))) {
$account_name = htmlspecialchars(addslashes(trim($_REQUEST['account_name'])));
$account_password = htmlspecialchars(addslashes(trim($_REQUEST['account_password'])));
$account = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "supplier_account where account_name = '" . $account_name . "' and account_password = '******' and is_effect = 1 and is_delete = 0");
if ($account) {
if (intval($_REQUEST['save_password']) == 1) {
es_cookie::set("sp_account_name", $account_name, 3600 * 24 * 30);
es_cookie::set("sp_account_password", md5($account_password), 3600 * 24 * 30);
}
//$account_locations = $GLOBALS['db']->getAll("select location_id from ".DB_PREFIX."supplier_account_location_link where account_id = ".$account['id']);
$account_locations = $GLOBALS['db']->getAll("select id from " . DB_PREFIX . "supplier_location where supplier_id = " . $account['supplier_id']);
$account_location_ids = array(0);
foreach ($account_locations as $row) {
$account_location_ids[] = $row['id'];
}
$account['location_ids'] = $account_location_ids;
es_session::set("account_info", $account);
$result['status'] = 1;
$GLOBALS['db']->query("update " . DB_PREFIX . "supplier_account set login_time = " . get_gmtime() . ",login_ip = '" . get_client_ip() . "' where id = " . $account['id']);
ajax_return($result);
} else {
$result['status'] = 0;
$result['msg'] = $GLOBALS['lang']['SUPPLIER_LOGIN_FAILED'];
ajax_return($result);
}
} else {
$result['status'] = 0;
$result['msg'] = $GLOBALS['lang']['SUBMIT_TOO_FAST'];
ajax_return($result);
}
}
public function init()
{
if (!$GLOBALS['user_info']) {
if ($_REQUEST['ajax'] == 1) {
ajax_return(array("status" => 0, "info" => "请先登录"));
} else {
es_session::set('before_login', $_SERVER['REQUEST_URI']);
app_redirect(url("index", "user#login"));
}
}
$id = intval($_REQUEST['id']);
$this->space_user = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . $id . " and is_effect= 1 and is_delete = 0");
$user_id = intval($GLOBALS['user_info']['id']);
if (!$this->space_user) {
showErr($GLOBALS['lang']['USER_NOT_EXISTS']);
}
$focus_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_focus where focus_user_id = " . $user_id . " and focused_user_id = " . $this->space_user['id']);
if ($focus_data) {
$this->space_user['focused'] = 1;
}
$province_str = $GLOBALS['db']->getOne("select name from " . DB_PREFIX . "region_conf where id = " . $this->space_user['province_id']);
$city_str = $GLOBALS['db']->getOne("select name from " . DB_PREFIX . "region_conf where id = " . $this->space_user['city_id']);
if ($province_str . $city_str == '') {
$user_location = $GLOBALS['lang']['LOCATION_NULL'];
} else {
$user_location = $province_str . " " . $city_str;
}
$this->space_user['fav_count'] = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "topic where user_id = " . $this->space_user['id'] . " and fav_id <> 0");
$this->space_user['user_location'] = $user_location;
$this->space_user['group_name'] = $GLOBALS['db']->getOne("select name from " . DB_PREFIX . "user_group where id = " . $this->space_user['group_id'] . " ");
$GLOBALS['tmpl']->assign("space_user", $this->space_user);
$GLOBALS['tmpl']->assign('user_statics', sys_user_status($id, true));
}
function save()
{
$url = $_GET['referer'];
es_session::set("gopreview", $url);
if (!$GLOBALS['user_info']) {
app_redirect(url_wap("user#login"));
}
$info_data = array();
$info_data['user_id'] = $GLOBALS['user_info']['id'];
$info_data['name'] = $GLOBALS['user_info']['user_name'];
$info_data['mobile'] = $GLOBALS['user_info']['mobile'];
$info_data['ip'] = get_client_ip();
$info_data['type'] = $_GET['f'];
$info_data['creat_time'] = time();
$tmp_zhuanti_user_info = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "zhuanti_user where (mobile='" . $info_data['mobile'] . "' or user_id=" . $info_data['user_id'] . ") and type=2");
if ($tmp_zhuanti_user_info) {
app_redirect("http://www.51zhishang.com/course/54.html");
}
$GLOBALS['db']->autoExecute(DB_PREFIX . "zhuanti_user", $info_data, "INSERT");
$msgInfo = array();
$msgInfo['title'] = '专题报名';
$msgInfo['content'] = '专题报名';
send_zhuanti_sms($info_data['mobile'], $msgInfo, 3812);
$data['status'] = 1;
$data['info'] = "报名成功!";
app_redirect("http://www.51zhishang.com/course/54.html");
}
public function check_fee()
{
es_session::start();
$last_visit = intval(es_session::get("last_visit_smsbao"));
if (get_gmtime() - $last_visit > 10) {
$sms = new transport();
$params = array("u" => $this->sms['user_name'], "p" => md5($this->sms['password']));
$url = "http://www.smsbao.com/query";
$result = $sms->request($url, $params);
$match = explode(',', $result['body']);
if ($match[0] != '') {
$remain = (int) $match[1];
$str = sprintf('短信宝增值平台 剩余:%d 条', $remain);
} else {
$str = "短信宝增值平台 (<a href='http://www.smsbao.com/reg?r=5001' target='_blank'><font color='red'>还没账号?点击这免费注册</font></a>)";
}
es_session::set("smsbao_info", $str);
es_session::set("last_visit_smsbao", get_gmtime());
return $str;
} else {
$qxt_info = es_session::get("smsbao_info");
if ($smsbao_info) {
return $smsbao_info;
} else {
return "短信宝增值平台 (<a href='http://www.smsbao.com/reg?r=5001' target='_blank'><font color='red'>还没账号?点击这免费注册</font></a>)";
}
}
}
function Tencent()
{
require_once APP_ROOT_PATH . 'system/api_login/Tencent/Tencent.php';
OAuth::init($GLOBALS['m_config']['tencent_app_key'], $GLOBALS['m_config']['tencent_app_secret']);
$openid = trim($GLOBALS['request']['openid']);
$openkey = trim($GLOBALS['request']['openkey']);
if ($GLOBALS['m_config']['tencent_bind_url'] == "") {
$app_url = get_domain() . APP_ROOT . "/api_callback.php?c=Tencent";
} else {
$app_url = $GLOBALS['m_config']['tencent_bind_url'];
}
$access_token = trim($GLOBALS['request']['access_token']);
es_session::set("t_access_token", $access_token);
es_session::set("t_openid", $openid);
es_session::set("t_openkey", $openkey);
if (es_session::get("t_access_token") || es_session::get("t_openid") && es_session::get("t_openkey")) {
$r = Tencent::api('user/info');
$r = json_decode($r, true);
$name = $r['data']['name'];
if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where tencent_id = '" . $name . "'") == 0) {
$GLOBALS['db']->query("update " . DB_PREFIX . "user set t_access_token ='" . $access_token . "',t_openkey = '" . $openkey . "',t_openid = '" . $openid . "', tencent_id = '" . $name . "' where id =" . intval($GLOBALS['user_info']['id']));
} elseif (intval($GLOBALS['db']->getOne("select id from " . DB_PREFIX . "user where tencent_id = '" . $name . "'")) == intval($GLOBALS['user_info']['id'])) {
$GLOBALS['db']->query("update " . DB_PREFIX . "user set t_access_token ='" . $access_token . "',t_openkey = '" . $openkey . "',t_openid = '" . $openid . "', tencent_id = '" . $name . "' where id =" . intval($GLOBALS['user_info']['id']));
} else {
$root['return'] = 0;
$root['info'] = "该微博帐号已被其他会员绑定";
output($root);
}
}
$root['return'] = 1;
$root['info'] = "绑定成功";
$root['login_type'] = "Tencent";
output($root);
}
public function do_login()
{
$adm_name = trim($_REQUEST['adm_name']);
$adm_password = trim($_REQUEST['adm_password']);
$ajax = intval($_REQUEST['ajax']);
//是否ajax提交
if ($adm_name == '') {
$this->error(L('ADM_NAME_EMPTY', $ajax));
}
if ($adm_password == '') {
$this->error(L('ADM_PASSWORD_EMPTY', $ajax));
}
if (es_session::get("verify") != md5($_REQUEST['adm_verify'])) {
$this->error(L('ADM_VERIFY_ERROR'), $ajax);
}
$condition['adm_name'] = $adm_name;
$condition['is_effect'] = 1;
$condition['is_delete'] = 0;
$adm_data = M("Admin")->where($condition)->find();
if ($adm_data) {
if ($adm_data['adm_password'] != md5($adm_password)) {
save_log($adm_name . L("ADM_PASSWORD_ERROR"), 0);
//记录密码登录错误的LOG
$this->error(L("ADM_PASSWORD_ERROR"), $ajax);
} else {
if ($adm_data['role_id'] != 6) {
$this->error("您登录的角色不属于店铺系统,请检查您登录的系统是否正确!", $ajax);
} else {
//登录成功
$adm_session['adm_name'] = $adm_data['adm_name'];
$adm_session['adm_id'] = $adm_data['id'];
es_session::set(md5(conf("AUTH_KEY")), $adm_session);
es_session::set('bid', $adm_data['id']);
//商户就是admin
es_session::set('role', $adm_data['role_id']);
//role_id=6 是商户老板, role_id=7 是店铺老板
es_session::set('location_id', $GLOBALS['db']->getOne("select location_id from zsh_supplier_account_location_link where account_id=" . $adm_data['id']));
//店铺
//重新保存记录
$adm_data['login_ip'] = get_client_ip();
$adm_data['login_time'] = get_gmtime();
M("Admin")->save($adm_data);
save_log($adm_data['adm_name'] . L("LOGIN_SUCCESS"), 1);
$this->success(L("LOGIN_SUCCESS"), $ajax);
}
}
} else {
save_log($adm_name . L("ADM_NAME_ERROR"), 0);
//记录用户名登录错误的LOG
$this->error(L("ADM_NAME_ERROR"), $ajax);
}
}
public function save()
{
require_once APP_ROOT_PATH . 'system/libs/user.php';
foreach ($_REQUEST as $k => $v) {
$_REQUEST[$k] = htmlspecialchars(addslashes(trim($v)));
}
if ($GLOBALS['user_info']['user_name']) {
$_REQUEST['user_name'] = $GLOBALS['user_info']['user_name'];
}
$res = save_user($_REQUEST, 'UPDATE');
if ($res['status'] == 1) {
// user_name mobile province_id city_id byear bmonth bday sex my_intro id
// 向im.lingang.me发送用户名片修改请求
$phone = $_REQUEST['mobile'];
$rid = es_cookie::get("rid");
$sig = md5($phone . "_" . $rid . "_" . $rid);
$url = get_doubi_host();
$post = array('action' => 'edit_profile', 'sig' => $sig, 'phone' => $phone, 'uname' => $_REQUEST['user_name'], 'uintro' => $_REQUEST['my_intro'], 'gender' => $_REQUEST['sex'], 'birth' => $_REQUEST['byear'] . "-" . $_REQUEST['bmonth'] . "-" . $_REQUEST['bday']);
$response = json_decode(sentSigPost($url, $post), true);
$s_user_info = es_session::get("user_info");
$user_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = '" . intval($s_user_info['id']) . "'");
es_session::set("user_info", $user_info);
if (intval($_REQUEST['is_ajax']) == 1) {
echo 1;
} else {
showSuccess($GLOBALS['lang']['SAVE_USER_SUCCESS']);
}
} else {
$error = $res['data'];
if (!$error['field_show_name']) {
$error['field_show_name'] = $GLOBALS['lang']['USER_TITLE_' . strtoupper($error['field_name'])];
}
if ($error['error'] == EMPTY_ERROR) {
$error_msg = sprintf($GLOBALS['lang']['EMPTY_ERROR_TIP'], $error['field_show_name']);
}
if ($error['error'] == FORMAT_ERROR) {
$error_msg = sprintf($GLOBALS['lang']['FORMAT_ERROR_TIP'], $error['field_show_name']);
}
if ($error['error'] == EXIST_ERROR) {
$error_msg = sprintf($GLOBALS['lang']['EXIST_ERROR_TIP'], $error['field_show_name']);
}
if (intval($_REQUEST['is_ajax']) == 1) {
echo 1;
} else {
showErr($error_msg);
}
}
}
/**
* 刷新授权信息
* 此处以SESSION形式存储做演示,实际使用场景请做相应的修改
*/
public static function refreshToken()
{
$params = array('client_id' => self::$client_id, 'client_secret' => self::$client_secret, 'grant_type' => 'refresh_token', 'refresh_token' => es_session::get('t_refresh_token'));
$url = self::$accessTokenURL . '?' . http_build_query($params);
$r = Http::request($url);
parse_str($r, $out);
if ($out['access_token']) {
//获取成功
es_session::set('t_access_token', $out['access_token']);
es_session::set('t_refresh_token', $out['refresh_token']);
es_session::set('t_expire_in', $out['expires_in']);
return $out;
} else {
return $r;
}
}
public function step1()
{
check_issupplier();
$user_id = intval($GLOBALS['user_info']['id']);
if ($user_id == 0) {
es_session::set('before_login', $_SERVER['REQUEST_URI']);
app_redirect(url("shop", "user#login"));
}
$cate_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "deal_cate where is_effect = 1 and is_delete = 0 order by sort desc");
$GLOBALS['tmpl']->assign("cate_list", $cate_list);
$deal_city_list = get_deal_citys();
$GLOBALS['tmpl']->assign("city_list", $deal_city_list['ls']);
$GLOBALS['tmpl']->assign("step", 1);
$GLOBALS['tmpl']->assign("page_title", "商家入驻");
$GLOBALS['tmpl']->display("biz/biz_join_step1.html");
}
public function do_login()
{
$adm_name = strim($_POST['adm_name']);
$adm_password = trim(FW_DESPWD(trim($_POST['adm_password'])));
$adm_dog_key = strim($_POST['adm_dog_key']);
$ajax = intval($_REQUEST['ajax']);
//是否ajax提交
if ($adm_name == '') {
$this->error(L('ADM_NAME_EMPTY', $ajax));
}
if ($adm_password == '') {
$this->error(L('ADM_PASSWORD_EMPTY', $ajax));
}
if (es_session::get("verify") != md5($_REQUEST['adm_verify'])) {
$this->error(L('ADM_VERIFY_ERROR'), $ajax);
}
$condition['adm_name'] = $adm_name;
$condition['is_effect'] = 1;
$condition['is_delete'] = 0;
$adm_data = M("Admin")->where($condition)->find();
if ($adm_data) {
if ($adm_data['adm_password'] != md5($adm_password)) {
save_log($adm_name . L("ADM_PASSWORD_ERROR"), 0);
//记录密码登录错误的LOG
$this->error(L("ADM_PASSWORD_ERROR"), $ajax);
} else {
//登录成功
$adm_session['adm_name'] = $adm_data['adm_name'];
$adm_session['adm_id'] = $adm_data['id'];
$adm_session['adm_dog_key'] = $adm_dog_key;
es_session::set(md5(conf("AUTH_KEY")), $adm_session);
//重新保存记录
$adm_data['login_ip'] = CLIENT_IP;
$adm_data['login_time'] = TIME_UTC;
M("Admin")->save($adm_data);
save_log($adm_data['adm_name'] . L("LOGIN_SUCCESS"), 1);
$this->success(L("LOGIN_SUCCESS"), $ajax);
}
} else {
save_log($adm_name . L("ADM_NAME_ERROR"), 0);
//记录用户名登录错误的LOG
$this->error(L("ADM_NAME_ERROR"), $ajax);
}
}
function load_cart_list($reload = false)
{
if (!$reload) {
static $result;
if ($result) {
return $result;
}
$result = es_session::get("cart_result");
if ($result && is_array($result) && count($result) > 0) {
return $result;
}
$cart_list_res = $GLOBALS['db']->getAll("select c.*,d.icon,d.id as did,d.uname as duname,d.is_delivery as is_delivery from " . DB_PREFIX . "deal_cart as c left join " . DB_PREFIX . "deal as d on c.deal_id = d.id where c.session_id = '" . es_session::id() . "' and c.user_id = " . intval($GLOBALS['user_info']['id']));
$cart_list = array();
foreach ($cart_list_res as $k => $v) {
if ($v['duname'] != "") {
$v['url'] = url("index", "deal#" . $v['duname']);
} else {
$v['url'] = url("index", "deal#" . $v['did']);
}
$cart_list[$v['id']] = $v;
}
$total_data = $GLOBALS['db']->getRow("select sum(total_price) as total_price,sum(return_total_score) as return_total_score,sum(return_total_money) as return_total_money from " . DB_PREFIX . "deal_cart where session_id = '" . es_session::id() . "' and user_id = " . intval($GLOBALS['user_info']['id']));
$result = array("cart_list" => $cart_list, "total_data" => $total_data);
es_session::set("cart_result", $result);
return $result;
} else {
$cart_list_res = $GLOBALS['db']->getAll("select c.*,d.icon,d.id as did,d.uname as duname,d.is_delivery as is_delivery from " . DB_PREFIX . "deal_cart as c left join " . DB_PREFIX . "deal as d on c.deal_id = d.id where c.session_id = '" . es_session::id() . "' and c.user_id = " . intval($GLOBALS['user_info']['id']));
$cart_list = array();
foreach ($cart_list_res as $k => $v) {
if ($v['duname'] != "") {
$v['url'] = url("index", "deal#" . $v['duname']);
} else {
$v['url'] = url("index", "deal#" . $v['did']);
}
$cart_list[$v['id']] = $v;
}
$total_data = $GLOBALS['db']->getRow("select sum(total_price) as total_price,sum(return_total_score) as return_total_score,sum(return_total_money) as return_total_money from " . DB_PREFIX . "deal_cart where session_id = '" . es_session::id() . "' and user_id = " . intval($GLOBALS['user_info']['id']));
$result = array("cart_list" => $cart_list, "total_data" => $total_data);
//有操作程序就更新购物车状态
$GLOBALS['db']->query("update " . DB_PREFIX . "deal_cart set update_time=" . NOW_TIME . ",user_id = " . intval($GLOBALS['user_info']['id']) . " where session_id = '" . es_session::id() . "'");
es_session::set("cart_result", $result);
return $result;
}
}
public function password()
{
if (intval($_REQUEST['code']) != 0) {
$uid = intval($_REQUEST['id']);
$code = intval($_REQUEST['code']);
$GLOBALS['user_info'] = $user_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . $uid . " and password_verify = '" . $code . "' and is_effect = 1");
if ($user_info) {
es_session::set("user_info", $user_info);
$GLOBALS['tmpl']->assign("user_info", $user_info);
$GLOBALS['db']->query("update " . DB_PREFIX . "user set password_verify = '' where id = " . $uid);
} else {
app_redirect(url("index"));
}
} else {
if (!$GLOBALS['user_info']) {
app_redirect(url("user#login"));
}
}
$GLOBALS['tmpl']->display("settings_password.html");
}
/**
* @brief 跳转到QQ登录页面.请求需经过URL编码,编码时请遵循 RFC 1738
*
* @param $appid
* @param $appkey
* @param $callback
*
* @return 返回字符串格式为:oauth_token=xxx&openid=xxx&oauth_signature=xxx×tamp=xxx&oauth_vericode=xxx
*/
function redirect_to_login($appid, $appkey, $callback)
{
//跳转到QQ登录页的接口地址, 不要更改!!
$redirect = "http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key={$appid}&";
//调用get_request_token接口获取未授权的临时token
$result = array();
$request_token = get_request_token($appid, $appkey);
parse_str($request_token, $result);
//request token, request token secret 需要保存起来
//在demo演示中,直接保存在全局变量中.
//正式网站运营环境中,我们强烈建议你将这两个值保存在MySQL或者其他永久的存储中以便于后续使用
//尤其是在网站不止一台服务器的情况下,两次请求的sessoin信息可能不会保存再同一台服务器导致访问出错
es_session::set("token", $result["oauth_token"]);
es_session::set("secret", $result["oauth_token_secret"]);
if ($result["oauth_token"] == "") {
//示例代码中没有对错误情况进行处理。真实情况下网站需要自己处理错误情况
exit;
}
////构造请求URL
$redirect .= "oauth_token=" . $result["oauth_token"] . "&oauth_callback=" . rawurlencode($callback);
header("Location:{$redirect}");
}
function set_gopreview()
{
$url = $_SERVER['REQUEST_URI'] . (strpos($_SERVER['REQUEST_URI'], '?') ? '' : "?");
$parse = parse_url($url);
if (isset($parse['query'])) {
parse_str($parse['query'], $params);
$url = $parse['path'] . '?' . http_build_query($params);
}
if (app_conf("URL_MODEL") == 1) {
$url = $GLOBALS['current_url'];
}
es_session::set("gopreview", $url);
}
public function check()
{
$ajax = intval($_REQUEST['ajax']);
if (!$GLOBALS['user_info']) {
showErr("", $ajax, url("user#login"));
}
$id = intval($_REQUEST['id']);
$deal_item = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal_item where id = " . $id);
if (!$deal_item) {
showErr("", $ajax, url("index"));
} elseif ($deal_item['support_count'] >= $deal_item['limit_user'] && $deal_item['limit_user'] != 0) {
showErr("", $ajax, url("deal#show", array("id" => $deal_item['deal_id'])));
}
$deal_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal where is_delete = 0 and is_effect = 1 and id = " . $deal_item['deal_id']);
if (!$deal_info) {
showErr("", $ajax, url("index"));
} elseif ($deal_info['begin_time'] > NOW_TIME || $deal_info['end_time'] < NOW_TIME && $deal_info['end_time'] != 0) {
showErr("", $ajax, url("deal#show", array("id" => $deal_item['deal_id'])));
}
if ($deal_item['is_delivery'] == 1) {
$consignee_id = intval($_REQUEST['consignee_id']);
if ($consignee_id == 0) {
$consignee_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "user_consignee where user_id = " . intval($GLOBALS['user_info']['id']));
if ($consignee_list) {
showErr("请选择配送方式", $ajax);
} else {
$consignee = strim($_REQUEST['consignee']);
$province = strim($_REQUEST['province']);
$city = strim($_REQUEST['city']);
$address = strim($_REQUEST['address']);
$zip = strim($_REQUEST['zip']);
$mobile = strim($_REQUEST['mobile']);
if ($consignee == "") {
showErr("请填写收货人姓名", $ajax, "");
}
if ($province == "") {
showErr("请选择省份", $ajax, "");
}
if ($city == "") {
showErr("请选择城市", $ajax, "");
}
if ($address == "") {
showErr("请填写详细地址", $ajax, "");
}
if ($mobile == "") {
showErr("请填写收货人手机号码", $ajax, "");
}
if (!check_mobile($mobile)) {
showErr("请填写正确的手机号码", $ajax, "");
}
$data = array();
$data['consignee'] = $consignee;
$data['province'] = $province;
$data['city'] = $city;
$data['address'] = $address;
$data['zip'] = $zip;
$data['mobile'] = $mobile;
$data['user_id'] = intval($GLOBALS['user_info']['id']);
$GLOBALS['db']->autoExecute(DB_PREFIX . "user_consignee", $data);
$consignee_id = $GLOBALS['db']->insert_id();
}
}
}
if (intval($consignee_id) == 0 && $deal_item['is_delivery'] == 1) {
showErr("请选择配送方式", $ajax, "");
} else {
$memo = strim($_REQUEST['memo']);
if ($memo != "" && $memo != "在此填写关于回报内容的具体选择或者任何你想告诉项目发起人的话") {
es_session::set("cart_memo_" . intval($id), $memo);
}
if ($deal_item['is_delivery'] == 0) {
showSuccess("", $ajax, url("cart#pay", array("id" => $id)));
} else {
showSuccess("", $ajax, url("cart#pay", array("id" => $id, "did" => $consignee_id)));
}
}
}
public function callback()
{
global_run();
require_once APP_ROOT_PATH . 'system/api_login/sina/saetv2.ex.class.php';
//$sina_keys = es_session::get("sina_keys");
$o = new SaeTOAuthV2($this->api['config']['app_key'], $this->api['config']['app_secret']);
if (isset($_REQUEST['code'])) {
$keys = array();
$keys['code'] = $_REQUEST['code'];
if ($this->api['config']['app_url'] == "") {
$app_url = SITE_DOMAIN . APP_ROOT . "/api_callback.php?c=Sina";
} else {
$app_url = $this->api['config']['app_url'];
}
$keys['redirect_uri'] = $app_url;
try {
$token = $o->getAccessToken('code', $keys);
} catch (OAuthException $e) {
//print_r($e);exit;
showErr("授权失败,错误信息:" . $e->getMessage());
die;
}
}
$c = new SaeTClientV2($this->api['config']['app_key'], $this->api['config']['app_secret'], $token['access_token']);
$ms = $c->home_timeline();
// done
$uid_get = $c->get_uid();
$uid = $uid_get['uid'];
$msg = $c->show_user_by_id($uid);
//根据ID获取用户等基本信息
if (intval($msg['error_code']) != 0) {
showErr("授权失败,错误代码:" . $msg['error_code']);
die;
}
$msg['field'] = 'sina_id';
$msg['sina_token'] = $token['access_token'];
es_session::set("api_user_info", $msg);
if (!$msg['name']) {
app_redirect(url("index"));
exit;
}
//print_r($msg);die();
$user_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where sina_id = '" . $msg['id'] . "' and sina_id <> '' and is_effect=1 and is_delete=0");
$is_bind = intval(es_session::get("is_bind"));
if ($user_data) {
$GLOBALS['db']->query("update " . DB_PREFIX . "user set sina_token = '" . $token['access_token'] . "',login_ip = '" . CLIENT_IP . "',login_time= " . NOW_TIME . " where id =" . $user_data['id']);
es_session::delete("api_user_info");
if ($is_bind) {
if (intval($user_data['id']) != intval($GLOBALS['user_info']['id'])) {
showErr("该帐号已经被别的会员绑定过,请直接用帐号登录", 0, url("index", "uc_account"));
} else {
require_once APP_ROOT_PATH . "system/model/user.php";
load_user($user_data['id'], true);
es_session::set("user_info", $user_data);
app_redirect(url("index", "uc_account"));
}
} else {
require_once APP_ROOT_PATH . "system/model/user.php";
auto_do_login_user($user_data['user_name'], $user_data['user_pwd'], $from_cookie = false);
app_redirect(url("index", "index"));
}
} elseif ($is_bind == 1 && $GLOBALS['user_info']) {
//当有用户身份且要求绑定时
$GLOBALS['db']->query("update " . DB_PREFIX . "user set sina_id= '" . $msg['id'] . "', sina_token ='" . $token['access_token'] . "' where id =" . $GLOBALS['user_info']['id']);
require_once APP_ROOT_PATH . "system/model/user.php";
load_user($GLOBALS['user_info']['id'], true);
app_redirect(url("index", "uc_account"));
} else {
$user_info = $this->create_user();
require_once APP_ROOT_PATH . "system/model/user.php";
auto_do_login_user($user_info['user_name'], $user_info['user_pwd'], $from_cookie = false);
app_redirect(url("index", "index"));
}
}
}
if ($class == 'biz_login') {
$i = json_decode($data);
if ($i->status == 1) {
//将会员信息存在session中
es_session::set('supplier_id', $i->supplier_id);
es_session::set('biz_email', $i->biz_email);
es_session::set('biz_pwd', $i->biz_pwd);
}
}
if ($class == 'changecity') {
$i = json_decode($data);
//print_r($i);
if ($i->status == 1) {
//将城市定位信息保存在session中
es_session::set('city_id', $i->city_id);
es_session::set('city_name', $i->city_name);
es_session::set('m_latitude', $i->m_latitude);
es_session::set('m_longitude', $i->m_longitude);
}
}
if ($class == 'userxypoint') {
$i = json_decode($data);
if ($i->status == 1) {
//将坐标定位信息保存在session中
es_session::set('m_latitude', $i->m_latitude);
es_session::set('m_longitude', $i->m_longitude);
}
}
echo $data;
}
public function weixin_login()
{
$session_id = es_session::id();
$verify = rand(100000, 999999);
$url = get_domain() . APP_ROOT . "/wap/index.php?session_id=" . $session_id . "&sess_verify=" . $verify;
es_session::set("sess_verify", $verify);
$GLOBALS['tmpl']->assign("url", $url);
$GLOBALS['tmpl']->display("inc/weixin_login.html");
}
public function send_message($data)
{
require_once APP_ROOT_PATH . 'system/api_login/Tencent/Tencent.php';
OAuth::init($this->api['config']['app_key'], $this->api['config']['app_secret']);
$uid = intval($GLOBALS['user_info']['id']);
$udata = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . $uid);
es_session::set("t_access_token", $udata['t_access_token']);
es_session::set("t_openid", $udata['t_openid']);
es_session::set("t_openkey", $udata['t_openkey']);
if (es_session::get("t_access_token") || es_session::get("t_openid") && es_session::get("t_openkey")) {
if (!empty($data['img'])) {
$params = array('content' => $data['content'], 'clientip' => get_client_ip(), 'format' => 'json');
$multi = array('pic' => $data['img']);
$r = Tencent::api('t/add_pic', $params, 'POST', $multi);
} else {
$params = array('content' => $data['content'], 'clientip' => get_client_ip(), 'format' => 'json');
$r = Tencent::api('t/add', $params, 'POST');
}
$msg = json_decode($r, true);
if (intval($msg['errcode']) == 0) {
$result['status'] = true;
$result['msg'] = "success";
ajax_return($result);
} else {
$result['status'] = false;
$result['msg'] = "腾讯微博" . $msg['msg'];
ajax_return($result);
}
}
}
/**
* 处理会员登录
* @param $user_name_or_email 用户名或邮箱地址
* @param $user_pwd 密码
*
*/
function do_login_user($user_name_or_email, $user_pwd)
{
$user_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where (user_name='" . $user_name_or_email . "' or email = '" . $user_name_or_email . "' or mobile = '" . $user_name_or_email . "') and is_delete = 0");
//载入会员整合
$integrate_code = trim(app_conf("INTEGRATE_CODE"));
if ($integrate_code != '') {
$integrate_file = APP_ROOT_PATH . "system/integrate/" . $integrate_code . "_integrate.php";
if (file_exists($integrate_file)) {
require_once $integrate_file;
$integrate_class = $integrate_code . "_integrate";
$integrate_obj = new $integrate_class();
}
}
if ($integrate_obj) {
$result = $integrate_obj->login($user_name_or_email, $user_pwd);
}
$user_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where (user_name='" . $user_name_or_email . "' or email = '" . $user_name_or_email . "' or mobile = '" . $user_name_or_email . "') and is_delete = 0");
if (!$user_data) {
$result['status'] = 0;
$result['data'] = ACCOUNT_NO_EXIST_ERROR;
return $result;
} else {
$result['user'] = $user_data;
if ($user_data['is_effect'] != 1) {
$result['status'] = 0;
$result['data'] = ACCOUNT_NO_VERIFY_ERROR;
return $result;
}
$is_use_pass = false;
if (strlen($user_pwd) == 32 && $user_data['user_pwd'] == $user_pwd) {
$is_use_pass = true;
} else {
if ($user_data['user_pwd'] == md5($user_pwd . $user_data['code'])) {
$is_use_pass = true;
}
}
if ($is_use_pass) {
$result['status'] = 1;
$user_current_group = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_group where id = " . intval($user_data['group_id']));
$user_group = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_group where score <=" . intval($user_data['score']) . " order by score desc");
if ($user_current_group['score'] < $user_group['score'] && $user_data['group_id'] != $user_group['id'] && $user_group['id'] > 0) {
$user_data['group_id'] = intval($user_group['id']);
$GLOBALS['db']->query("update " . DB_PREFIX . "user set group_id = " . $user_data['group_id'] . " where id = " . $user_data['id']);
$pm_title = "您已经成为" . $user_group['name'] . "";
$pm_content = "恭喜您,您的会有组升级为" . $user_group['name'] . "。";
if ($user_group['discount'] < 1) {
$pm_content .= "您将享有" . $user_group['discount'] * 10 . "折的购物优惠";
}
send_user_msg($pm_title, $pm_content, 0, $user_data['id'], TIME_UTC, 0, true, true);
}
$user_current_level = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_level where id = " . intval($user_data['level_id']));
$user_level = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_level where point <=" . intval($user_data['point']) . " order by point desc");
if ($user_current_level['point'] <= $user_level['point'] && $user_data['level_id'] != $user_level['id'] && $user_level['id'] > 0) {
$user_data['level_id'] = intval($user_level['id']);
$GLOBALS['db']->query("update " . DB_PREFIX . "user set level_id = " . $user_data['level_id'] . " where id = " . $user_data['id']);
$pm_title = "您信用等级升级为:" . $user_level['name'] . "";
$pm_content = "恭喜您,您的信用等级升级到" . $user_level['name'] . "。";
send_user_msg($pm_title, $pm_content, 0, $user_data['id'], TIME_UTC, 0, true, true);
}
if ($user_current_level['point'] > $user_level['point'] && $user_data['level_id'] != $user_level['id'] && $user_level['id'] > 0) {
$user_data['level_id'] = intval($user_level['id']);
$GLOBALS['db']->query("update " . DB_PREFIX . "user set level_id = " . $user_data['level_id'] . " where id = " . $user_data['id']);
$pm_title = "您已经降为" . $user_level['name'] . "";
$pm_content = "很报歉,您的信用等级降为" . $user_level['name'] . "。";
send_user_msg($pm_title, $pm_content, 0, $user_data['id'], TIME_UTC, 0, true, true);
}
es_session::set("user_info", $user_data);
$GLOBALS['user_info'] = $user_data;
//检测勋章
$medal_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "medal where is_effect = 1 and allow_check = 1");
foreach ($medal_list as $medal) {
$file = APP_ROOT_PATH . "system/medal/" . $medal['class_name'] . "_medal.php";
$cls = $medal['class_name'] . "_medal";
if (file_exists($file)) {
require_once $file;
if (class_exists($cls)) {
$o = new $cls();
$check_result = $o->check_medal();
if ($check_result['status'] == 0) {
send_user_msg($check_result['info'], $check_result['info'], 0, $user_data['id'], TIME_UTC, 0, true, true);
}
}
}
}
$GLOBALS['db']->query("update " . DB_PREFIX . "user set locate_time=login_time where id =" . $user_data['id']);
$GLOBALS['db']->query("update " . DB_PREFIX . "user set login_ip = '" . get_client_ip() . "',login_time= " . TIME_UTC . ",group_id=" . intval($user_data['group_id']) . " where id =" . $user_data['id']);
$s_api_user_info = es_session::get("api_user_info");
if ($s_api_user_info) {
$GLOBALS['db']->query("update " . DB_PREFIX . "user set " . $s_api_user_info['field'] . " = '" . $s_api_user_info['id'] . "' where id = " . $user_data['id'] . " and (" . $s_api_user_info['field'] . " = 0 or " . $s_api_user_info['field'] . "='')");
es_session::delete("api_user_info");
}
$result['step'] = intval($user_data["step"]);
return $result;
} else {
$result['status'] = 0;
$result['data'] = ACCOUNT_PASSWORD_ERROR;
return $result;
}
}
}
@mkdir(APP_ROOT_PATH . "public/attachment/" . $dir);
@chmod(APP_ROOT_PATH . "public/attachment/" . $dir, 0777);
}
if (app_conf("IS_WATER_MARK") == 1) {
$img_result = save_image_upload($_FILES, "identify_business_licence", "attachment/" . $dir, $whs = array('thumb' => array(205, 160, 1, 0)), 1, 1);
} else {
$img_result = save_image_upload($_FILES, "identify_business_licence", "attachment/" . $dir, $whs = array('thumb' => array(205, 160, 1, 0)), 0, 1);
}
if (intval($img_result['error']) != 0) {
$data['status'] = 0;
//未登录
$data['msg'] = $img_result['message'];
ajax_return($data);
} else {
if (app_conf("PUBLIC_DOMAIN_ROOT") != '') {
$paths = pathinfo($img_result['imgFile']['url']);
$path = str_replace("./", "", $paths['dirname']);
$filename = $paths['basename'];
$pathwithoupublic = str_replace("public/", "", $path);
$syn_url = app_conf("PUBLIC_DOMAIN_ROOT") . "/es_file.php?username="******"IMAGE_USERNAME") . "&password="******"IMAGE_PASSWORD") . "&file=" . get_domain() . APP_ROOT . "/" . $path . "/" . $filename . "&path=" . $pathwithoupublic . "/&name=" . $filename . "&act=0";
@file_get_contents($syn_url);
}
}
$file_url = $img_result['identify_business_licence']['url'];
$thumb_url = $img_result['identify_business_licence']['thumb']['thumb']['url'];
$domain = get_domain() . APP_ROOT;
$data['status'] = 1;
$data['thumb_url'] = str_replace("./public/", $domain . "/public/", $thumb_url);
$data['url'] = str_replace("./public/", $domain . "/public/", $file_url);
es_session::set("identify_business_licence", $data);
ajax_return($data);
function set_gopreview()
{
$url = get_current_url();
es_session::set("gopreview", $url);
}
$message_cate = load_auto_cache("message_cate");
$GLOBALS['tmpl']->assign("message_cate", $message_cate);
$user_level = load_auto_cache("user_level");
$GLOBALS['tmpl']->assign("user_level", $user_level);
$deal_cate = load_auto_cache("deal_cate");
$GLOBALS['tmpl']->assign("deal_cate", $deal_cate);
$article_cates_bs = load_auto_cache("article_cates_bs");
$GLOBALS['tmpl']->assign("article_cates_bs", $article_cates_bs);
$article_cates = load_auto_cache("article_cates");
$GLOBALS['tmpl']->assign("article_cates", $article_cates);
$articles = load_auto_cache("article");
$GLOBALS['tmpl']->assign("articles", $articles);
if ($module != "ajax") {
if ($user_info) {
$user_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . intval($GLOBALS['user_info']['id']) . " and is_effect = 1");
es_session::set('user_info', $user_info);
//查询登入用户所对应的user_level
//$user_level=$GLOBALS['db']->getAll("select * from ".DB_PREFIX."user_level where id=".intval($GLOBALS['user_info']['user_level']));
//给前台会员的level值
$user_info['user_icon'] = $user_level[$user_info['user_level']]['icon'];
$user_info['cate_name'] = unserialize($user_info['cate_name']);
//var_dump($user_info['cate_name']);
//$GLOBALS['tmpl']->assign("user_level",$user_level);
$GLOBALS['tmpl']->assign("user_info", $user_info);
}
global $ref_uid;
//保存返利的cookie
if ($_REQUEST['ref']) {
$rid = intval(base64_decode($_REQUEST['ref']));
$ref_uid = intval($GLOBALS['db']->getOne("select id from " . DB_PREFIX . "user where id = " . intval($rid)));
es_cookie::set("REFERRAL_USER", intval($ref_uid));
function Tencent()
{
es_session::start();
require_once APP_ROOT_PATH . 'system/api_login/Tencent/Tencent.php';
OAuth::init($GLOBALS['m_config']['tencent_app_key'], $GLOBALS['m_config']['tencent_app_secret']);
$openid = trim($GLOBALS['request']['openid']);
$openkey = trim($GLOBALS['request']['openkey']);
if ($GLOBALS['m_config']['tencent_bind_url'] == "") {
$app_url = get_domain() . APP_ROOT . "/api_callback.php?c=Tencent";
} else {
$app_url = $GLOBALS['m_config']['tencent_bind_url'];
}
$access_token = trim($GLOBALS['request']['access_token']);
es_session::set("t_access_token", $access_token);
es_session::set("t_openid", $openid);
es_session::set("t_openkey", $openkey);
if (es_session::get("t_access_token") || es_session::get("t_openid") && es_session::get("t_openkey")) {
$r = Tencent::api('user/info');
$r = json_decode($r, true);
$name = $r['data']['name'];
$user_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where tencent_id = '" . $name . "' and tencent_id <> ''");
if ($user_data) {
if ($user_data['is_effect'] == 0 || $user_data['is_delete'] == 1) {
$result['resulttype'] = 0;
} else {
$user_current_group = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_group where id = " . intval($user_data['group_id']));
$user_group = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_group where score <=" . intval($user_data['score']) . " order by score desc");
if ($user_current_group['score'] < $user_group['score']) {
$user_data['group_id'] = intval($user_group['id']);
}
$GLOBALS['db']->query("update " . DB_PREFIX . "user set t_access_token ='" . $access_token . "',t_openkey = '" . $openkey . "',t_openid = '" . $openid . "', login_ip = '" . get_client_ip() . "',login_time= " . get_gmtime() . ",group_id=" . intval($user_data['group_id']) . " where id =" . $user_data['id']);
$GLOBALS['db']->query("update " . DB_PREFIX . "deal_cart set user_id = " . intval($user_data['id']) . " where session_id = '" . es_session::id() . "'");
$result['user_pwd'] = $user_data['user_pwd'];
$result['uid'] = $user_data['id'];
$result['email'] = $user_data['email'];
$result['user_avatar'] = get_abs_img_root(get_muser_avatar($user_data['id'], "big"));
$name = $user_data['user_name'];
$result['resulttype'] = 1;
}
} else {
$result['email'] = "";
$result['user_pwd'] = md5(get_gmtime());
$result['user_name'] = $name;
$result['t_access_token'] = $access_token;
$result['t_openkey'] = $openkey;
$result['t_openid'] = $openid;
$result['tencent_id'] = $name;
$result['uid'] = bind_add_user($result);
if ($result['uid'] > 0) {
$result['user_avatar'] = '';
$result['resulttype'] = 1;
} else {
$result['resulttype'] = -1;
}
}
}
$result['openid'] = $openid;
$result['openkey'] = $openkey;
$result['access_token'] = $access_token;
$result['tencent_id'] = $name;
$result['user_name'] = $name;
$result['act'] = "synclogin";
$result['login_type'] = "Tencent";
output($result);
}
public static function locate_city($city_py = "")
{
if (!$city_py) {
$city_py = strim($_GET['city']);
}
if ($city_py) {
$current_city = es_session::get("current_city");
//强行定位
if ($current_city['uname'] != $city_py && $current_city['id'] != $city_py) {
$current_city = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal_city where (uname = '" . $city_py . "' or id = '" . $city_py . "') and is_effect = 1");
}
}
if (empty($current_city)) {
//无城市,由session中获取
$current_city = es_session::get("current_city");
}
if (empty($current_city)) {
$city_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "deal_city where is_effect = 1");
//自动定位
require_once APP_ROOT_PATH . "system/extend/ip.php";
$ip = CLIENT_IP;
$iplocation = new iplocate();
$address = $iplocation->getaddress($ip);
foreach ($city_list as $city) {
if (strpos($address['area1'], $city['name'])) {
$current_city = $city;
break;
}
}
}
if (empty($current_city)) {
$current_city = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal_city where is_default = 1 and is_effect = 1");
}
es_session::set("current_city", $current_city);
return $current_city;
}
/**
* 处理会员登录
* @param $user_name_or_email 用户名或邮箱地址
* @param $user_pwd 密码
*
*/
function do_login_user($phone, $user_pwd)
{
$user_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where mobile= " . $phone . " and is_delete = 0");
if (!$user_data) {
$result['status'] = 0;
$result['data'] = ACCOUNT_NO_EXIST_ERROR;
return $result;
} else {
$result['user'] = $user_data;
if ($user_data['is_effect'] != 1) {
$result['status'] = 0;
$result['data'] = ACCOUNT_NO_VERIFY_ERROR;
return $result;
} else {
if (intval($result['status']) == 0) {
$result['status'] = 1;
}
//登录成功自动检测关于会员等级以及自动登录商家
$account_name = $user_data['merchant_name'];
$account = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "supplier_account where account_name = '" . $account_name . "' and is_effect = 1 and is_delete = 0");
if ($account) {
/*$account_locations = $GLOBALS['db']->getAll("select location_id from ".DB_PREFIX."supplier_account_location_link where account_id = ".$account['id']);
*
*/
$account_locations = $GLOBALS['db']->getAll("select id from " . DB_PREFIX . "supplier_location where supplier_id = " . $account['supplier_id']);
$account_location_ids = array(0);
foreach ($account_locations as $row) {
$account_location_ids[] = $row['id'];
}
$account['location_ids'] = $account_location_ids;
es_session::set("account_info", $account);
$GLOBALS['db']->query("update " . DB_PREFIX . "supplier_account set login_ip = '" . get_client_ip() . "' where id=" . $account['id']);
}
$user_current_group = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_group where id = " . intval($user_data['group_id']));
$user_group = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_group where score <=" . intval($user_data['score']) . " order by score desc");
if ($user_current_group['score'] < $user_group['score']) {
$user_data['group_id'] = intval($user_group['id']);
$GLOBALS['db']->query("update " . DB_PREFIX . "user set group_id = " . $user_data['group_id'] . " where id = " . $user_data['id']);
$pm_title = "您已经成为" . $user_group['name'] . "";
$pm_content = "恭喜您,您已经成为" . $user_group['name'] . "。";
if ($user_group['discount'] < 1) {
$pm_content .= "您将享有" . $user_group['discount'] * 10 . "折的购物优惠";
}
send_user_msg($pm_title, $pm_content, 0, $user_data['id'], get_gmtime(), 0, true, true);
}
$user_current_level = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_level where id = " . intval($user_data['level_id']));
$user_level = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_level where point <=" . intval($user_data['point']) . " order by point desc");
if ($user_current_level['point'] < $user_level['point']) {
$user_data['level_id'] = intval($user_level['id']);
$GLOBALS['db']->query("update " . DB_PREFIX . "user set level_id = " . $user_data['level_id'] . " where id = " . $user_data['id']);
$pm_title = "您已经成为" . $user_level['name'] . "";
$pm_content = "恭喜您,您已经成为" . $user_level['name'] . "。";
send_user_msg($pm_title, $pm_content, 0, $user_data['id'], get_gmtime(), 0, true, true);
}
if ($user_current_level['point'] > $user_level['point']) {
$user_data['level_id'] = intval($user_level['id']);
$GLOBALS['db']->query("update " . DB_PREFIX . "user set level_id = " . $user_data['level_id'] . " where id = " . $user_data['id']);
$pm_title = "您已经降为" . $user_level['name'] . "";
$pm_content = "很报歉,您已经降为" . $user_level['name'] . "。";
send_user_msg($pm_title, $pm_content, 0, $user_data['id'], get_gmtime(), 0, true, true);
}
es_session::set("user_info", $user_data);
$GLOBALS['user_info'] = $user_data;
//检测勋章
$medal_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "medal where is_effect = 1 and allow_check = 1");
foreach ($medal_list as $medal) {
$file = APP_ROOT_PATH . "system/medal/" . $medal['class_name'] . "_medal.php";
$cls = $medal['class_name'] . "_medal";
if (file_exists($file)) {
require_once $file;
if (class_exists($cls)) {
$o = new $cls();
$check_result = $o->check_medal();
if ($check_result['status'] == 0) {
send_user_msg($check_result['info'], $check_result['info'], 0, $user_data['id'], get_gmtime(), 0, true, true);
}
}
}
}
$GLOBALS['db']->query("update " . DB_PREFIX . "user set login_ip = '" . get_client_ip() . "',login_time= " . get_gmtime() . ",group_id=" . intval($user_data['group_id']) . " where id =" . $user_data['id']);
//更新购物车
$GLOBALS['db']->query("update " . DB_PREFIX . "deal_cart set user_id = " . intval($user_data['id']) . " where session_id = '" . es_session::id() . "'");
$s_api_user_info = es_session::get("api_user_info");
if ($s_api_user_info) {
$GLOBALS['db']->query("update " . DB_PREFIX . "user set " . $s_api_user_info['field'] . " = '" . $s_api_user_info['id'] . "' where id = " . $user_data['id'] . " and (" . $s_api_user_info['field'] . " = 0 or " . $s_api_user_info['field'] . "='')");
es_session::delete("api_user_info");
}
$result['step'] = intval($user_data["step"]);
return $result;
}
}
}
public function getTables()
{
$dbName = $_REQUEST['db'];
es_session::set('useDb', $dbName);
// 获取数据库的表列表
$tables = $this->db->getTables($dbName);
$this->ajaxReturn($tables, '数据表获取完成', 1);
}
public function investor_save_mobile()
{
$id = $GLOBALS['user_info']['id'];
$mobile = strim($_POST['mobile']);
if (es_session::get(md5("mobile_is_bind" . $id)) != 1) {
$verify_coder = strim($_POST['verify_coder']);
if ($GLOBALS['db']->getOne("SELECT count(*) FROM " . DB_PREFIX . "mobile_verify_code WHERE mobile=" . $mobile . " AND verify_code='" . $verify_coder . "'") == 0) {
$data['status'] = 0;
$data['info'] = "手机验证码出错!";
ajax_return($data);
return false;
}
}
$is_investor = strim($_POST['is_investor']);
if ($mobile == null) {
$data['status'] = 0;
$data['info'] = "手机号码不能为空!";
ajax_return($data);
return false;
}
if ($GLOBALS['db']->getOne("SELECT count(*) FROM " . DB_PREFIX . "user WHERE id!=" . $id . " AND mobile=" . $mobile) > 0) {
$data['status'] = 0;
$data['info'] = "手机号码已经被使用!";
ajax_return($data);
return false;
}
if ($GLOBALS['db']->query("UPDATE " . DB_PREFIX . "user SET mobile=" . $mobile . " WHERE id = " . $id) && $GLOBALS['db']->query("UPDATE " . DB_PREFIX . "user SET is_investor=" . $is_investor . " WHERE id = " . $id)) {
//绑定过回退不用再次发送短信
es_session::set(md5("mobile_is_bind" . $id), 1);
$data['status'] = 1;
ajax_return($data);
}
return false;
}
