function loginOverride($coreUserInfo) { global $gasDatabaseName; if ($coreUserInfo["ErrorCode"] == 0) { $tableName = "Employee"; $uid = $coreUserInfo["Result"]["Uid"]; connectDB($gasDatabaseName); $sql = "select * from {$tableName} where Uid = '{$uid}'"; $data = getData($sql); // 该用户是否已经注册 if (empty($data)) { printResultByMessage("用戶未註冊", 1001); } $data = $data[0]; // 该gasman是否通过瓦斯行的审核 if ($data["Verify"] === "0") { printResultByMessage("請通知瓦斯行進行審核", 1002); } $info = array(); foreach ($data as $key => $value) { $info["{$key}"] = $value; } foreach ($coreUserInfo["Result"] as $key => $value) { $info["{$key}"] = $value; } $_SESSION["Info"] = $info; echo json_encode($coreUserInfo); die; } }
function loginOverride($coreUserInfo) { $uid = $coreUserInfo["Result"]["Uid"]; $backEndUid = getSingleData("select Uid from BackEndUser where Uid = {$uid}"); if ($backEndUid) { printResultByMessage("", 0); } else { session_destroy(); printResultByMessage("用戶名或密碼錯誤", 100); } }
function send_sms($phoneNumber, $message) { global $smsUserName, $smsPassword; $target = "http://106.ihuyi.cn/webservice/sms.php?method=Submit"; $userName = $smsUserName; $passWord = $smsPassword; $post_data = "account={$userName}&password={$passWord}&mobile={$phoneNumber}&content=" . rawurlencode($message); $gets = xml_to_array(send_server($post_data, $target)); $ret = ""; if ($gets['SubmitResult']['code'] == 2) { return true; } else { printResultByMessage($gets['SubmitResult']['msg'], 109); } }
function signupOverride($coreUserInfo) { global $gasDatabaseName, $CoreUserTableName; $insert = array(); $uid = $coreUserInfo["Result"]["Uid"]; $insert["CustomerType"] = post("CustomerType"); $insertAddress = array(); $insertAddress["Uid"] = $uid; $insertAddress["Username"] = ""; $insertAddress["PhoneNumber"] = post("PhoneNumber"); $insertAddress["City"] = post("RegionFirstLevel"); $insertAddress["Area"] = post("RegionSecondLevel"); $insertAddress["DetailAddress"] = post("DetailAddress"); $insertAddress["Floor"] = 0; $insertAddress["Elevator"] = 0; $insertAddress["IsDefault"] = 1; $_POST = null; connectDB($gasDatabaseName); // insertData("Customer", $insert); updateData($CoreUserTableName, "Uid = {$uid}", $insert); insertData("CustomerAddress", $insertAddress); printResultByMessage("", 0, $coreUserInfo["Result"]); }
$insert["IsDefault"] = $isDefault; $_POST = NULL; insertData("CustomerAddress", $insert); } if ($actionType == "edit") { $addressId = post("CustomerAddressId"); if ($isDefault == "1") { query("UPDATE CustomerAddress SET IsDefault=0 WHERE Uid = {$uid}"); } query("UPDATE `CustomerAddress` SET UserName='******', PhoneNumber='{$phoneNumber}', City='{$regionFirstLevel}', Area='{$regionSecondLevel}', DetailAddress='{$detailAddress}', Floor={$floor}, Elevator={$elevator}, IsDefault={$isDefault} WHERE CustomerAddressId={$addressId}"); } if ($actionType == "delete") { $addressId = post("CustomerAddressId"); query("DELETE FROM `CustomerAddress` WHERE CustomerAddressId={$addressId}"); } printResultByMessage("", 0); } else { if ($action == "EditName") { $username = post("Username"); connectDB($gasDatabaseName); query("UPDATE Customer SET CustomerName='{$username}' WHERE Uid='{$uid}'"); printResultByMessage("", 0); } else { if ($action == "EditGender") { $usergender = post("UserGender"); connectDB($gasDatabaseName); query("UPDATE Customer SET CustomerGender='{$usergender}' WHERE Uid='{$uid}'"); printResultByMessage("", 0); } } }
<?php connectDB("{$gasDatabaseName}"); if ($action == "DeliverGas") { $orderId = post("OrderId"); $sql = "update GasOrder set OrderDelivery = 2 where OrderId = {$orderId}"; query($sql); printResultByMessage("", 0); } else { if ($action == "GetGasData") { $gcno = post("GCNO"); $sql = "select * from GasData where GCNO = '{$gcno}'"; $data = getData($sql); if (count($data) > 0) { printResultByMessage("", 0, $data[0]); } else { printResultByMessage("No GCNO ID", 1001); } } }
$sqlDeliveryTypeBase1 = "SELECT DeliveryType,SUM(Fifty),SUM(Twenty),SUM(Sixteen),SUM(Ten),SUM(Four) FROM GasOrder WHERE DeliveryType = '預約'"; $timeFilter = ""; if ($month == 0) { $timeFilter = " AND year(OrderTime) = '{$year}'"; } else { $timeFilter = " AND year(OrderTime) = '{$year}' AND month(OrderTime) = '{$month}'"; } $sqlDeliveryType = getData($sqlDeliveryTypeBase . $timeFilter); $sqlDeliveryType1 = getData($sqlDeliveryTypeBase1 . $timeFilter); foreach ($sqlDeliveryType as $key => $value) { $total = $value["SUM(Fifty)"] + $value["SUM(Twenty)"] + $value["SUM(Sixteen)"] + $value["SUM(Ten)"] + $value["SUM(Four)"]; } foreach ($sqlDeliveryType1 as $key => $value) { $total1 = $value["SUM(Fifty)"] + $value["SUM(Twenty)"] + $value["SUM(Sixteen)"] + $value["SUM(Ten)"] + $value["SUM(Four)"]; } printResultByMessage("", 0, $total . "______" . $total1); } } } } } } } } include_once 'validatelogin.php'; unset($_POST["Action"]); unset($_POST["Signature"]); //以下内容需要登录 include_once 'validatelogin.php'; include_once 'tablelistaction.php'; if ($action == "Logout") {
function coreUserAction($vCodeCorrect = true) { global $CoreUserPasswordSecret, $CoreUserPasswordColumn; checkRequireField(array("Action")); $action = post("Action"); if ($action == "SignUp") { if ($vCodeCorrect === false) { printResultByMessage(getLanguageString("VCodeError"), 105); } $userName = post("UserName"); $email = post("Email"); $phoneNumber = post("PhoneNumber"); $password = post("Password"); $emailOrPhoneNumber = post("EmailOrPhoneNumber"); if ($emailOrPhoneNumber) { if (is_numeric($emailOrPhoneNumber)) { $phoneNumber = $emailOrPhoneNumber; } if (filter_var($emailOrPhoneNumber, FILTER_VALIDATE_EMAIL)) { $email = $emailOrPhoneNumber; } } $errorMessage = signUp($userName, $email, $phoneNumber, $password); if ($errorMessage) { if (function_exists("signupErrorOverride")) { signupErrorOverride($errorMessage); } else { printResultByMessage($errorMessage, 104); } } else { if (function_exists("signupOverride")) { signupOverride(getCoreUserInfo()); } else { printCoreUserInfo(); } } } else { if ($action == "Login") { if ($vCodeCorrect === false) { printResultByMessage(getLanguageString("VCodeError"), 105); } $usernameEmailPhoneNumber = post("UserNameOrEmailOrPhoneNumber"); $password = post("Password"); if (checkLogin($usernameEmailPhoneNumber, $password)) { if (function_exists("loginOverride")) { loginOverride(getCoreUserInfo()); } else { printCoreUserInfo(); } } else { if (function_exists("loginFailOverride")) { loginFailOverride(getLanguageString("LoginFail")); } else { printResultByMessage(getLanguageString("LoginFail"), 103); } } } else { if ($action == "ChangePassword") { if (!session("Uid")) { printResultByMessage(getLanguageString("ChangePasswordFail"), 107); } $oldPassword = md5(post("OldPassword") . $CoreUserPasswordSecret); $newPassword = md5(post("NewPassword") . $CoreUserPasswordSecret); $errorMessage = changePassword(session("Uid"), $oldPassword, $newPassword); if ($errorMessage) { printResultByMessage($errorMessage, 107); } else { printResultByMessage("", 0); } //click find password } else { if ($action == "ForgetPassword") { forgetPassword(); } else { if ($action == "ResetPassword") { if (!session("ResetPasswordUid")) { printResultByMessage(getLanguageString("ChangePasswordFail"), 106); } if (strlen(post("NewPassword")) < 5) { printResultByMessage(getLanguageString("PasswordTooShort"), 106); } $newPassword = md5(post("NewPassword") . $CoreUserPasswordSecret); $coreUserLink = connetCoreUserDB(); mysqli_query($coreUserLink, "update User set {$CoreUserPasswordColumn}='{$newPassword}' where Uid=" . session("ResetPasswordUid")); mysqli_query($coreUserLink, "delete from ForgetPassword where Uid = " . session("ResetPasswordUid")); if (mysql_error()) { printResultByMessage($errorMessage, 106); } else { printResultByMessage("", 0); } } } } } } }
connectDB($gasDatabaseName); $couponId = post("CouponId"); if (!empty($couponId)) { $sql = "update Coupon set IsUse = 1 where CouponId = '{$couponId}'"; query($sql); } $merchantOrderNo = time(); $_POST["MerchantOrderNo"] = $merchantOrderNo; $_POST["Uid"] = session("Uid"); $_POST["UserName"] = session("Info")["CustomerName"]; $_POST["PhoneNumber"] = session("Info")["PhoneNumber"]; $_POST["CustomerId"] = session("Info")["Uid"]; $_POST["OrderTime"] = date("Y-m-d H:i:s"); insertData("GasOrder"); $result["MerchantOrderNo"] = $merchantOrderNo; $result["OrderAmount"] = post("OrderAmount"); printResultByMessage("", 0, $result); } else { if ($action == "AffirmReceiveGas") { connectDB($gasDatabaseName); $orderId = post("OrderId"); $orderCompleteTime = date("Y-m-d H:i:s"); $sql = "update GasOrder set OrderComplete = 1, OrderCompleteTime = '{$orderCompleteTime}' where OrderId = '{$orderId}'"; query($sql, $error); if (empty($error)) { printResultByMessage("", 0); } else { printResultByMessage("Fail", 1001); } } }
if ($action == "CheckPhoneNumberRegister") { $phoneNumber = post("PhoneNumber"); $tableName = "Customer"; $sql = "select Uid from {$tableName} where PhoneNumber = '{$phoneNumber}'"; connectDB($gasDatabaseName); $data = getData($sql); if (empty($data)) { printResultByMessage("", 0); } else { printResultByMessage("該手機號碼已經被註冊.", 101); } } else { if ($action == "SendCheckCode") { $phoneNumber = post("PhoneNumber"); $lastSendTime = session("SMSCodeTime"); // 超过十分钟之后在让重新发送 if (empty($lastSendTime) || time() - (int) $lastSendTime > 60) { $resetCode = rand(100000, 999999); $smsMessage = str_replace("{Vcode}", $resetCode, $smsMessage); $ret = send_sms($phoneNumber, $smsMessage); if ($ret) { $_SESSION["PhoneNumber"] = $phoneNumber; $_SESSION["CheckCode"] = $resetCode; $_SESSION["SMSCodeTime"] = time(); } printResultByMessage("", 0); } else { printResultByMessage("距離上次發送時間不足1分鐘,1分鐘之後在嘗試!", 101); } } }
<?php ini_set("display_errors", "on"); $action = post("Action"); if ('GetPosition' == $action) { connectDB("practise"); $sql = "SELECT * FROM position"; $res = getData($sql); if (count($res) > 0) { printResultByMessage(0, "success", $res); } else { printResultByMessage(1, "failed"); } } if ('submitInfo' == $action) { $content = $_POST['content']; $title = $_POST['title']; connectDB("practise"); if ($content == "" || $title == "") { echo "111"; } else { $sql = "INSERT INTO word (`title`,`content`) values ('{$title}','{$content}')"; $res = mysqli_query($link, $sql); if (!$res) { $a = array(); $a["ErrorCode"] = 1; $a["Msg"] = "失败"; echo json_encode($a); } else { $a = array(); $a["ErrorCode"] = 0;