public static function check_money($id,$money) { $where=array(); $where['id']=$id; $orders=orders::getInstance()->getrow($where); $archive=archive::getInstance()->getrow($orders['aid']); $where=array(); $where['pay_code']=$_GET['code']; $pay=pay::getInstance()->getrows($where); $logisticsid = substr($_GET['subject'],15,1); $where=array(); $where['id'] = $logisticsid; $logistics=logistics::getInstance()->getrows($where); if($logistics[0]['cashondelivery']) { $logistics[0]['price'] = 0.00; }else { if($logistics[0]['insure']) { $logistics[0]['price'] = $logistics[0]['price'] +($archive['attr2'] * $orders['pnums'])*($logistics[0]['insureproportion']/100); } } $pay[0]['pay_fee'] = $pay[0]['pay_fee']/100; $total = $archive['attr2'] * $orders['pnums'] +$logistics[0]['price'] +($archive['attr2'] * $orders['pnums'] * $pay[0]['pay_fee']); $amount = $total; if($money == $amount) { return true; }else { return false; } }
function respond() { require_once ("tenpay/PayResponseHandler.class.php"); $resHandler = new PayResponseHandler(); $sp_billno = $resHandler->getParameter("sp_billno"); if(preg_match('/(select|union|and|\'|"|\))/i',$sp_billno)){ exit('非法参数'); } preg_match_all("/-(.*)-(.*)-(.*)/isu",$sp_billno,$oidout); $paytype = $where['pay_code'] = $oidout[3][0]; include_once ROOT.'/lib/plugins/pay/'.$paytype.'.php'; $pay = pay::getInstance()->getrows($where); $payconfig = unserialize($pay[0]['pay_config']); $resHandler->setKey($payconfig[1]['value']); $where = array(); $where['oid']=$sp_billno; $orders=orders::getInstance()->getrow($where); if($resHandler->isTenpaySign()) { $transaction_id = $resHandler->getParameter("transaction_id"); $total_fee = $resHandler->getParameter("total_fee"); $pay_result = $resHandler->getParameter("pay_result"); if("0" == $pay_result) { if (!pay::check_money($orders['id'],$total_fee/100)) { echo "<br/>" . "金额不符" . "<br/>"; return false; } pay::changeorders($orders['id'],$_GET); $show = config::get('site_url'); $resHandler->doShow($show); } else { echo "<br/>" . "支付失败" . "<br/>"; return false; } } else { echo "<br/>" . "认证签名失败" . "<br/>"; return false; } }
function orders_action() { $this->view->aid = trim(front::get('aid')); if (front::post('submit')) { $this->orders = new orders(); $row = $this->orders->getrow("","adddate DESC"); //var_dump(time()); if($row['adddate'] && time() - $row['adddate'] <= intval(config::get('order_time'))){ alerterror('操作频繁,请稍后再试'); return; } if (front::$post['telphone'] == '') { alerterror('联系电话为必填!'); return; } front::$post['mid'] = $this->view->user['userid'] ? $this->view->user['userid'] : 0; front::$post['adddate'] = time(); front::$post['ip'] = front::ip(); if (isset(front::$post['aid'])) { $aidarr = front::$post['aid']; unset(front::$post['aid']); foreach ($aidarr as $val) { front::$post['aid'].=$val . ','; front::$post['pnums'].=front::$post['thisnum'][$val] . ','; } } else { front::$post['aid'] = $this->view->aid; } if (!isset(front::$post['logisticsid'])) front::$post['logisticsid'] = 0; front::$post['oid'] = date('YmdHis') . '-' . front::$post['logisticsid'] . '-' . front::$post['mid'] . '-' . front::$post['payname']; $insert = $this->orders->rec_insert(front::$post); if ($insert < 1) { front::flash($this->tname . lang('添加失败!')); } else { if (config::get('sms_on') && config::get('sms_order_on')) { sendMsg(front::$post['telphone'], config::get('sms_order')); } if (config::get('sms_on') && config::get('sms_order_admin_on') && $mobile = config::get('site_mobile')) { sendMsg($mobile, '网站在' . date('Y-m-d H:i:s') . '有新订单了'); //echo 11; } $user = $this->view->user; if(config::get('email_order_send_cust') && $user['e_mail']){ $title = "您在".config::get('sitename')."的订单".front::get('oid')."已提交"; $this->sendmail($user['e_mail'], $title, $title); } if(config::get('email_order_send_admin') && config::get('email')){ $title = '网站在' . date('Y-m-d H:i:s') . '有新订单了'; $this->sendmail(config::get('email'), $title, $title); } if (front::$post['payname'] && front::$post['payname'] != 'nopay') { echo '<script type="text/javascript">alert("' . lang('orderssuccess') . ' ' . lang('现在转入支付页面') . '");window.location.href="' . url('archive/payorders/oid/' . front::$post['oid'], true) . '";</script>'; } echo '<script type="text/javascript">alert("' . lang('orderssuccess') . '");window.location.href="' . url('archive/orders/oid/' . front::$post['oid'], true) . '";</script>'; } } elseif (front::get('oid')) { preg_match_all("/-(.*)-(.*)-(.*)/isu", front::get('oid'), $oidout); $this->view->paytype = $oidout[3][0]; if($oidout[2][0] != $this->view->user['userid']){ alertinfo('查看订单失败', url::create('index/index')); } $where = array(); $where['oid'] = front::get('oid'); $this->view->orders = orders::getInstance()->getrow($where); $this->view->statusnum = $data['status'] = $this->view->orders['status']; switch ($data['status']) { case 1: $data['status'] = lang('完成'); break; case 2: $data['status'] = lang('处理中'); break; case 3: $data['status'] = lang('已发货'); break; case 4: $data['status'] = lang('客户已付款,待审核'); break; case 5: $data['status'] = lang('已核实客户支付'); break; default: $data['status'] = lang('新订单'); break; } $this->view->orders['status'] = $data['status']; if ($this->view->paytype) { $this->view->gotopaygateway = '<a href="' . url('archive/payorders/oid/' . front::get('oid'), true) . '">进入支付页面</a>'; } //var_dump($this->view->user);var_dump($_SESSION);exit(); $this->out('message/orderssuccess.html'); } elseif (front::get('aid')) { $this->view->archive = archive::getInstance()->getrow(front::get('aid')); $this->view->categorys = category::getpositionlink2($this->view->archive['catid']); $this->view->paylist = pay::getInstance()->getrows('', 50); $this->view->logisticslist = logistics::getInstance()->getrows('', 50); $prices = getPrices($this->view->archive['attr2']); $this->view->archive['attr2'] = $prices['price']; if (!is_array($this->view->archive)) $this->out('message/error.html'); if ($this->view->archive['checked'] < 1) exit(lang('未审核!')); if (!rank::arcget(front::get('aid'), $this->view->usergroupid)) { $this->out('message/error.html'); } } else { $oreders_c = cookie::get('ce_orders_cookie'); if(preg_match('/union/i', $oreders_c)){ alerterror("非法字符"); } $oreders_c = stripslashes(htmlspecialchars_decode($oreders_c)); $aid = !empty($oreders_c) ? unserialize($oreders_c) : 0; if ($aid) { foreach ($aid as $key => $val) { $archive = archive::getInstance()->getrow(intval($val['aid'])); $val['title'] = $archive['title']; $prices = getPrices($archive['attr2']); $val['attr2'] = $prices['price']; $aid[$key] = $val; } $this->view->orderaidlist = $aid; $this->view->paylist = pay::getInstance()->getrows('', 50); $this->view->logisticslist = logistics::getInstance()->getrows('', 50); } else { if (isset(front::$get['oid'])) { //echo '<script type="text/javascript">alert("' . lang('请输入订单编号!') . '");'; if ($_SERVER['HTTP_REFERER']) { front::refresh($_SERVER['HTTP_REFERER']); //echo 'window.location.href="' . $_SERVER['HTTP_REFERER'] . '";'; } else { front::refresh(url('index')); //echo 'window.location.href="' . url('index') . '";'; } //echo '</script>'; exit; } echo '<script type="text/javascript">alert("' . lang('购物车暂无商品!') . '");'; if ($_SERVER['HTTP_REFERER']) { //front::refresh($_SERVER['HTTP_REFERER']); echo 'window.location.href="' . $_SERVER['HTTP_REFERER'] . '";'; } else { //front::refresh(url('index')); echo 'window.location.href="' . url('index') . '";'; } echo '</script>'; } } }
} if(!isset($logistics[0]['price'])) $logistics[0]['price']=0; $where=array(); $where['oid']=$data['oid']; $orders=orders::getInstance()->getrow($where); $pnums = explode(',',$orders['pnums']); $orders['pnums']=$pnums[$key]; $where=array(); $where['pay_code']=substr($data['oid'],19); $pay=pay::getInstance()->getrows($where); $pay_fee = $pay[0]['pay_fee']; $pay[0]['pay_fee'] = $pay[0]['pay_fee']/100; $total = $_archive['attr2'] * $orders['pnums'] + $logistics[0]['price'] + ($_archive['attr2'] * $orders['pnums'] * $pay[0]['pay_fee']); $listtotal +=$total; ?> <tr> <td><a href="{url('archive/show/aid/'.$_archive[aid], false)}" target="_blank">{$_archive[title]}</a></td> <td>{$_archive[attr2]}</td> <td><strong>小计</strong>:[产品单价] * [订购数量] + [配送费用] + [支付手续费] = [总额] <br /> {$_archive[attr2]} * {$orders[pnums]} + {$logistics[0]['price']} + ({$_archive[attr2]} * {$orders[pnums]} * {$pay[0][pay_fee]}) = {$total}</td> </tr> {/loop}