示例#1
0
         set_cookie('username', $email);
     } else {
         $mobile = $_SESSION['f_key'];
         $mobile == $t['mobile'] && $t['vmobile'] or exit('ko');
         $_SESSION['mobile_code'] == md5($t['mobile'] . '|' . $code) or exit('ko');
         set_cookie('username', $mobile);
     }
     $salt = random(8);
     $pass = dpassword($password, $salt);
     $db->query("UPDATE {$DT_PRE}member SET password='******',passsalt='{$salt}' WHERE userid='{$userid}'");
     session_destroy();
     exit('ok');
     break;
 case 'check':
     isset($type) or exit('ko');
     $captcha = isset($captcha) ? convert(input_trim($captcha), 'UTF-8', DT_CHARSET) : '';
     $msg = captcha($captcha, 1, true);
     if ($msg) {
         exit('captcha');
     }
     if ($type == 'mobile') {
         $could_mobile or exit('ko');
         is_mobile($mobile) or exit('ko');
         $t = $db->get_one("SELECT userid FROM {$DT_PRE}member WHERE mobile='{$mobile}' AND vmobile=1");
         if ($t) {
             $_SESSION['f_uid'] = $t['userid'];
             $_SESSION['f_key'] = $mobile;
             exit('ok');
         }
         exit('no');
     } else {
示例#2
0
         mobile_msg($L['know_msg_has_answered']);
     }
 }
 $need_captcha = $MOD['captcha_answer'] == 2 ? $MG['captcha'] : $MOD['captcha_answer'];
 $need_question = $MOD['question_answer'] == 2 ? $MG['question'] : $MOD['question_answer'];
 if ($need_question) {
     $need_captcha = 1;
 }
 if (isset($_POST['ok'])) {
     require_once DT_ROOT . '/include/post.func.php';
     $captcha = isset($captcha) ? convert(input_trim($captcha), 'UTF-8', DT_CHARSET) : '';
     $msg = captcha($captcha, $need_captcha, true);
     if ($msg) {
         exit('captcha');
     }
     $content = isset($content) ? convert(input_trim(nl2br($content)), 'UTF-8', DT_CHARSET) : '';
     $need_check = $MOD['check_answer'] == 2 ? $MG['check'] : $MOD['check_answer'];
     $status = get_status(3, $need_check);
     $db->query("INSERT INTO {$table}_answer (qid,content,username,addtime,ip,status) VALUES ('{$itemid}', '{$content}', '{$_username}', '{$DT_TIME}', '{$DT_IP}', '{$status}')");
     if ($status == 3) {
         $db->query("UPDATE {$table} SET answer=answer+1 WHERE itemid={$itemid}");
     }
     if ($MOD['credit_answer'] && $_username && $status == 3) {
         $could_credit = true;
         if ($MOD['credit_maxanswer'] > 0) {
             $r = $db->get_one("SELECT SUM(amount) AS total FROM {$DT_PRE}finance_credit WHERE username='******' AND addtime>{$DT_TIME}-86400  AND reason='" . $L['answer'] . "'");
             if ($r['total'] > $MOD['credit_maxanswer']) {
                 $could_credit = false;
             }
         }
         if ($could_credit) {
示例#3
0
     $t['a2'] = $t['a3'] = 0;
     $t['p2'] = $t['p3'] = 0.0;
 }
 $number = intval($v['number']);
 if ($number < $t['a1']) {
     $number = $t['a1'];
 }
 if ($number > $t['amount']) {
     $number = $t['amount'];
 }
 if ($number < 1) {
     $number = 1;
 }
 $price = get_price($number, $t['price'], $t['step']);
 $amount = $number * $price;
 $_note = convert(input_trim($v['note']), 'UTF-8', DT_CHARSET);
 $note = '';
 $t['P1'] = get_nv($t['n1'], $t['v1']);
 $t['P2'] = get_nv($t['n2'], $t['v2']);
 $t['P3'] = get_nv($t['n3'], $t['v3']);
 $t['s1'] = $s1;
 $t['s2'] = $s2;
 $t['s3'] = $s3;
 $t['m1'] = isset($t['P1'][$t['s1']]) ? $t['P1'][$t['s1']] : '';
 $t['m2'] = isset($t['P2'][$t['s2']]) ? $t['P2'][$t['s2']] : '';
 $t['m3'] = isset($t['P3'][$t['s3']]) ? $t['P3'][$t['s3']] : '';
 $t['m1'] = isset($t['P1'][$t['s1']]) ? $t['P1'][$t['s1']] : '';
 $t['m2'] = isset($t['P2'][$t['s2']]) ? $t['P2'][$t['s2']] : '';
 $t['m3'] = isset($t['P3'][$t['s3']]) ? $t['P3'][$t['s3']] : '';
 if ($t['m1']) {
     $note .= $t['n1'] . ':' . $t['m1'] . ' ';
示例#4
0
 case 'post':
     if ($MOD['captcha_register']) {
         $captcha = isset($captcha) ? convert(input_trim($captcha), 'UTF-8', DT_CHARSET) : '';
         $msg = captcha($captcha, $MOD['captcha_register'], true);
         if ($msg) {
             exit('captcha');
         }
     }
     $post = array();
     $post['regid'] = isset($regid) ? intval($regid) : 0;
     $post['username'] = isset($username) ? input_trim($username) : '';
     $post['password'] = isset($password) ? input_trim($password) : '';
     $post['email'] = isset($email) ? input_trim($email) : '';
     $post['mobile'] = isset($mobile) ? input_trim($mobile) : '';
     $post['truename'] = isset($truename) ? convert(input_trim($truename), 'UTF-8', DT_CHARSET) : '';
     $post['company'] = isset($company) ? convert(input_trim($company), 'UTF-8', DT_CHARSET) : '';
     $post['passport'] = $post['username'];
     $post['cpassword'] = $post['password'];
     $RG = array();
     foreach ($GROUP as $k => $v) {
         if ($k > 4 && $v['vip'] == 0) {
             $RG[] = $k;
         }
     }
     if (!in_array($post['regid'], $RG)) {
         exit('group');
     }
     if ($MOD['passport'] == 'uc') {
         $passport = convert($post['passport'], DT_CHARSET, $MOD['uc_charset']);
         require DT_ROOT . '/api/uc.inc.php';
         list($uid, $rt_username, $rt_password, $rt_email) = uc_user_login($passport, $post['password']);
示例#5
0
         }
         $back_link = '?page=' . $page;
         $head_name = $L['address_add'];
         $head_title = $head_name . $DT['seo_delimiter'] . $head_title;
     }
     break;
 case 'edit':
     $itemid or dheader('?reload=' . $DT_TIME);
     $do->itemid = $itemid;
     $r = $do->get_one();
     if (!$r || $r['username'] != $_username) {
         mobile_msg($L['msg_no_right']);
     }
     if (isset($_POST['ok'])) {
         foreach ($post as $k => $v) {
             $post[$k] = convert(input_trim($v), 'UTF-8', DT_CHARSET);
         }
         if ($do->pass($post)) {
             $post['username'] = $_username;
             $do->edit($post);
             exit('ok');
         } else {
             exit($do->errmsg);
         }
     } else {
         extract($r);
         $back_link = '?page=' . $page;
         $head_name = $L['address_edit'];
         $head_title = $head_name . $DT['seo_delimiter'] . $head_title;
     }
     break;
示例#6
0
/*
	[Destoon B2B System] Copyright (c) 2008-2015 www.destoon.com
	This is NOT a freeware, use is subject to license.txt
*/
$moduleid = 2;
require 'common.inc.php';
$_userid or dheader('login.php?forward=' . urlencode('message.php?action=' . $action));
switch ($action) {
    case 'send':
        if (isset($_POST['ok'])) {
            require DT_ROOT . '/include/post.func.php';
            require DT_ROOT . '/module/member/message.class.php';
            $do = new message();
            $message = array();
            $message['typeid'] = 0;
            $message['touser'] = input_trim($touser);
            $message['title'] = convert($title, 'UTF-8', DT_CHARSET);
            $message['content'] = convert($content, 'UTF-8', DT_CHARSET);
            if ($do->send($message)) {
                mobile_msg($L['message_success'], $forward ? $forward : 'message.php?reload=' . $DT_TIME);
            } else {
                mobile_msg($do->errmsg);
            }
        } else {
            $touser = isset($touser) ? trim($touser) : '';
            $title = isset($title) ? trim(decrypt($title, DT_KEY . 'SEND')) : '';
            $content = isset($content) ? trim(decrypt($content, DT_KEY . 'SEND')) : '';
            $typeid = isset($typeid) ? intval($typeid) : 0;
            $head_name = $L['message_send'];
            $head_title = $head_name . $DT['seo_delimiter'] . $head_title;
        }
示例#7
0
<?php

require 'common.inc.php';
$club_post = substr($action, 0, 4) == 'post' && isset($MODULE[18]) ? 1 : 0;
if (isset($_POST['ok']) && isset($wd) && $wd) {
    if (in_array($action, array('message'))) {
        $url = $action . '.php?';
    } else {
        if ($club_post) {
            $catid = intval(substr($action, 4));
            $url = 'index.php?moduleid=18&catid=' . $catid . '&';
        } else {
            $moduleid = intval(str_replace('mod', '', $action));
            $url = 'index.php?moduleid=' . $moduleid . '&';
        }
    }
    $wd = input_trim($wd);
    $wd = convert($wd, 'UTF-8', DT_CHARSET);
    dheader($url . 'kw=' . encrypt($wd, DT_KEY . 'KW'));
}
$head_title = $L['search_title'] . $DT['seo_delimiter'] . $head_title;
$foot = 'channel';
include template('search', 'mobile');
if (DT_CHARSET != 'UTF-8') {
    toutf8();
}
示例#8
0
 if ($open < 3) {
     $_key = $open == 2 ? $password : $answer;
     $str = get_cookie('photo_' . $itemid);
     $pass = $str == md5(md5($DT_IP . $open . $_key . DT_KEY));
     if ($_username && $_username == $username) {
         $pass = true;
     }
 } else {
     $pass = true;
 }
 if ($action == 'verify') {
     if ($pass) {
         exit('ok');
     }
     $_key = $open == 2 ? $password : $answer;
     $key = isset($key) ? convert(input_trim($key), 'UTF-8', DT_CHARSET) : '';
     if ($key == $_key) {
         set_cookie('photo_' . $itemid, md5(md5($DT_IP . $open . $_key . DT_KEY)), $DT_TIME + 86400);
         exit('ok');
     }
     exit('ko');
 }
 $description = '';
 $user_status = 3;
 $fee = get_fee($item['fee'], $MOD['fee_view']);
 include 'content.inc.php';
 $content_table = content_table($moduleid, $itemid, $MOD['split'], $table_data);
 $t = $db->get_one("SELECT content FROM {$content_table} WHERE itemid={$itemid}");
 $content = video5($t['content']);
 if ($user_status == 2) {
     $description = get_description($content, $MOD['pre_view']);
示例#9
0
        $amount = 1;
    }
    $company = dhtmlspecialchars(convert(input_trim($company), 'UTF-8', DT_CHARSET));
    $truename = dhtmlspecialchars(convert(input_trim($truename), 'UTF-8', DT_CHARSET));
    if (strlen($truename) < 2 * DT_CHARLEN) {
        exit('truename');
    }
    if (!is_mobile($mobile)) {
        exit('mobile');
    }
    $areaid = intval($areaid);
    $address = dhtmlspecialchars(convert(input_trim($address), 'UTF-8', DT_CHARSET));
    preg_match("/^[0-9]{6}\$/", $postcode) or $postcode = '';
    is_email($email) or $email = '';
    is_qq($qq) or $qq = '';
    $content = dhtmlspecialchars(convert(input_trim($content), 'UTF-8', DT_CHARSET));
    $user = $item['username'];
    $title = addslashes($item['title']);
    $db->query("INSERT INTO {$table_order} (id,user,title,amount,company,truename,mobile,areaid,address,postcode,email,qq,content,addtime,username,ip) VALUES ('{$itemid}','{$user}','{$title}','{$amount}','{$company}','{$truename}','{$mobile}','{$areaid}','{$address}','{$postcode}','{$email}','{$qq}','{$content}','{$DT_TIME}','{$_username}','{$DT_IP}')");
    $db->query("UPDATE {$table} SET orders=orders+1 WHERE itemid={$itemid}");
    exit('ok');
}
if ($_userid) {
    $user = userinfo($_username);
    $company = $user['company'];
    $truename = $user['truename'];
    $mobile = $user['mobile'];
    $areaid = $user['areaid'];
    $address = $user['address'];
    $postcode = $user['postcode'];
    $email = $user['mail'] ? $user['mail'] : $user['email'];
示例#10
0
require 'common.inc.php';
require DT_ROOT . '/module/' . $module . '/common.inc.php';
require DT_ROOT . '/include/post.func.php';
isset($auth) or $auth = '';
if ($_userid && !$MOD['passport']) {
    dheader('my.php');
}
if (isset($_POST['ok'])) {
    include load('member.lang');
    $msg = captcha($captcha, $MOD['captcha_login'], true);
    if ($msg) {
        mobile_msg($msg);
    }
    require DT_ROOT . '/module/member/member.class.php';
    $do = new member();
    $username = input_trim($username);
    if (!$username) {
        mobile_msg($L['type_username']);
    }
    if (!$password) {
        mobile_msg($L['type_password']);
    }
    if (is_email($username)) {
        $r = $db->get_one("SELECT username FROM {$DT_PRE}member WHERE email='{$username}'");
        $r or mobile_msg($L['not_email']);
        $username = $r['username'];
    } else {
        if (is_mobile($username)) {
            $r = $db->get_one("SELECT username,vmobile FROM {$DT_PRE}member WHERE mobile='{$username}'");
            if ($r && $r['vmobile']) {
                $username = $r['username'];
示例#11
0
 $buyer_name = addslashes($addr['truename']);
 $buyer_phone = addslashes($addr['telephone']);
 $buyer_mobile = addslashes($addr['mobile']);
 $number = intval($number);
 if ($number < $item['minamount']) {
     $number = $item['minamount'];
 }
 if ($number > $item['amount']) {
     $number = $item['amount'];
 }
 if ($number < 1) {
     $number = 1;
 }
 $price = $item['price'];
 $amount = $number * $price;
 $note = convert(input_trim($note), 'UTF-8', DT_CHARSET);
 $note = dhtmlspecialchars($note);
 $title = addslashes($item['title']);
 $linkurl = $MOD['linkurl'] . $item['linkurl'];
 $status = $MOD['checkorder'] ? 0 : 1;
 $fee_name = '';
 $fee = $cod = 0;
 $db->query("INSERT INTO {$DT_PRE}mall_order (mid,mallid,buyer,seller,title,thumb,price,number,amount,addtime,updatetime,note, buyer_postcode,buyer_address,buyer_name,buyer_phone,buyer_mobile,status,fee_name,fee,cod) VALUES ('{$moduleid}','{$itemid}','{$_username}','{$item['username']}','{$title}','{$item['thumb']}','{$price}','{$number}','{$amount}','{$DT_TIME}','{$DT_TIME}','{$note}','{$buyer_postcode}','{$buyer_address}','{$buyer_name}','{$buyer_phone}','{$buyer_mobile}','{$status}','{$fee_name}','{$fee}','{$cod}')");
 $oid = $db->insert_id();
 //send message
 $touser = $item['username'];
 $_title = $title;
 $title = lang($L['trade_message_t6'], array($oid));
 $url = $MODULE[2]['linkurl'] . 'trade.php?itemid=' . $oid;
 $goods = '<a href="' . $linkurl . '" target="_blank" class="t"><strong>' . $_title . '</strong></a>';
 $content = lang($L['trade_message_c6'], array(userurl($_username), $_username, timetodate($DT_TIME, 3), $goods, $oid, $amount, $url));