public function loginout() { es_cookie::delete("sp_account_name"); es_cookie::delete("sp_account_password"); es_session::delete("account_info"); app_redirect(url("biz", "index")); }
static function start() { if ($_GET['FANWE_SESSION_ID']) { self::$sess_id = $_GET['FANWE_SESSION_ID']; } es_session_start(self::$sess_id); }
public function __construct() { parent::__construct(); global $mobile_cfg; if ($mobile_cfg == null) { $mobile_cfg = (require_once APP_ROOT_PATH . "system/mobile_cfg/" . APP_TYPE . "/webnav_cfg.php"); } check_install(); //重新处理后台的语言加载机制,后台语言环境配置于后台config.php文件 $langSet = conf('DEFAULT_LANG'); // 定义当前语言 define('LANG_SET', strtolower($langSet)); // 读取项目公共语言包 if (is_file(LANG_PATH . $langSet . '/common.php')) { L(include LANG_PATH . $langSet . '/common.php'); $this->lang_pack = (require LANG_PATH . $langSet . '/common.php'); if (!file_exists(APP_ROOT_PATH . "public/runtime/admin/lang.js")) { $str = "var LANG = {"; foreach ($this->lang_pack as $k => $lang) { $str .= "\"" . $k . "\":\"" . $lang . "\","; } $str = substr($str, 0, -1); $str .= "};"; file_put_contents(APP_ROOT_PATH . "public/runtime/admin/lang.js", $str); } } es_session::close(); }
public function index() { require_once APP_ROOT_PATH . "app/Lib/page.php"; $s_account_info = es_session::get("account_info"); $account_id = intval($s_account_info['id']); $f = addslashes(htmlspecialchars(trim($_REQUEST['f']))); if ($f == '' || !in_array($f, array("is_buy", "tuan", "event", "youhui", "daijin", "shop"))) { $condition = " "; } elseif ($f == 'is_buy') { $condition = " and is_buy = 1 "; } else { $condition = " and from_data = '{$f}' "; } $GLOBALS['tmpl']->assign("f", $f); $page = intval($_REQUEST['p']); if ($page == 0) { $page = 1; } $limit = ($page - 1) * app_conf("PAGE_SIZE") . "," . app_conf("PAGE_SIZE"); $dp_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "supplier_location_dp where status = 1 {$condition} and supplier_location_id in (" . implode(",", $s_account_info['location_ids']) . ") order by create_time desc limit " . $limit); $dp_count = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "supplier_location_dp where status = 1 {$condition} and supplier_location_id in (" . implode(",", $s_account_info['location_ids']) . ")"); $page = new Page($dp_count, app_conf("PAGE_SIZE")); //初始化分页对象 $p = $page->show(); $GLOBALS['tmpl']->assign('pages', $p); $GLOBALS['tmpl']->assign("dp_list", $dp_list); $html = decode_topic_without_img($GLOBALS['tmpl']->fetch("biz/biz_dp_list_content.html")); $GLOBALS['tmpl']->assign("html", $html); $GLOBALS['tmpl']->assign("page_title", "点评列表"); $GLOBALS['tmpl']->display("biz/biz_dp.html"); }
function Tencent() { require_once APP_ROOT_PATH . 'system/api_login/Tencent/Tencent.php'; OAuth::init($GLOBALS['m_config']['tencent_app_key'], $GLOBALS['m_config']['tencent_app_secret']); $openid = trim($GLOBALS['request']['openid']); $openkey = trim($GLOBALS['request']['openkey']); if ($GLOBALS['m_config']['tencent_bind_url'] == "") { $app_url = get_domain() . APP_ROOT . "/api_callback.php?c=Tencent"; } else { $app_url = $GLOBALS['m_config']['tencent_bind_url']; } $access_token = trim($GLOBALS['request']['access_token']); es_session::set("t_access_token", $access_token); es_session::set("t_openid", $openid); es_session::set("t_openkey", $openkey); if (es_session::get("t_access_token") || es_session::get("t_openid") && es_session::get("t_openkey")) { $r = Tencent::api('user/info'); $r = json_decode($r, true); $name = $r['data']['name']; if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where tencent_id = '" . $name . "'") == 0) { $GLOBALS['db']->query("update " . DB_PREFIX . "user set t_access_token ='" . $access_token . "',t_openkey = '" . $openkey . "',t_openid = '" . $openid . "', tencent_id = '" . $name . "' where id =" . intval($GLOBALS['user_info']['id'])); } elseif (intval($GLOBALS['db']->getOne("select id from " . DB_PREFIX . "user where tencent_id = '" . $name . "'")) == intval($GLOBALS['user_info']['id'])) { $GLOBALS['db']->query("update " . DB_PREFIX . "user set t_access_token ='" . $access_token . "',t_openkey = '" . $openkey . "',t_openid = '" . $openid . "', tencent_id = '" . $name . "' where id =" . intval($GLOBALS['user_info']['id'])); } else { $root['return'] = 0; $root['info'] = "该微博帐号已被其他会员绑定"; output($root); } } $root['return'] = 1; $root['info'] = "绑定成功"; $root['login_type'] = "Tencent"; output($root); }
public function index() { require_once APP_ROOT_PATH . "system/libs/user.php"; $email = strim($GLOBALS['request']['email']); $pwd = strim($GLOBALS['request']['pwd']); $result = do_login_user($email, $pwd); $GLOBALS['user_info'] = $user_data = es_session::get('user_info'); $page = intval($GLOBALS['request']['page']) > 0 ? intval($GLOBALS['request']['page']) : 1; $page_size = 20; $limit = ($page - 1) * $page_size . "," . $page_size; $user_id = intval($GLOBALS['user_info']['id']); $sql = "select group_key,count(group_key) as total from " . DB_PREFIX . "msg_box \r\n\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1)) \r\n\t\t\t\tgroup by group_key \r\n\t\t\t\torder by system_msg_id desc,max(create_time) desc limit " . $limit; $sql_count = "select count(distinct(group_key)) from " . DB_PREFIX . "msg_box \r\n\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1))"; $list = $GLOBALS['db']->getAll($sql); foreach ($list as $k => $v) { $list[$k] = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "msg_box where group_key = '" . $v['group_key'] . "' and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1)) order by create_time desc limit 1"); $list[$k]['total'] = $v['total']; if ($list[$k]['system_msg_id'] > 0) { $sys_msgs[] = array("mid" => $list[$k]['group_key'], "uid" => $list[$k]['to_user_id'], "status" => 1, "title" => $list[$k]['title'], "time" => pass_date($list[$k]['create_time'])); } else { $msg_list[] = array("content" => $list[$k]['content'], "uid" => $list[$k]['from_user_id'], "user_name" => $list[$k]['from_user_id'] == $user_data['id'] ? "我" : $GLOBALS['db']->getOne("select user_name from " . DB_PREFIX . "user where id = " . intval($list[$k]['from_user_id'])), "user_avatar" => get_abs_img_root(get_muser_avatar($list[$k]['from_user_id'], "big")), "tuid" => $list[$k]['to_user_id'], "tuser_name" => $list[$k]['to_user_id'] == $user_data['id'] ? "我" : $GLOBALS['db']->getOne("select user_name from " . DB_PREFIX . "user where id = " . intval($list[$k]['to_user_id'])), "tuser_avatar" => get_abs_img_root(get_muser_avatar($list[$k]['to_user_id'], "big")), "time" => pass_date($list[$k]['create_time']), "msg_count" => $list[$k]['total'], "mlid" => $list[$k]['group_key']); } } $count = $GLOBALS['db']->getOne($sql_count); $root['return'] = 1; $root['sys_msgs'] = $sys_msgs; $root['msg_list'] = $msg_list; //分页 $page_info['page'] = $page; $page_info['page_total'] = ceil($count / $page_size); $root['page'] = $page_info; output($root); }
public function index() { require_once APP_ROOT_PATH . "system/libs/user.php"; $root = array(); $share_id = intval($GLOBALS['request']['share_id']); //没有分享ID直接退出 if ($share_id == 0) { $root['status'] = -2; output($root); } $content = strim($GLOBALS['request']['content']); $source = strim($GLOBALS['request']['source']); $source = str_replace("来自", "", $source); $email = strim($GLOBALS['request']['email']); $pwd = strim($GLOBALS['request']['pwd']); $is_relay = intval($GLOBALS['request']['is_relay']); $parent_id = intval($GLOBALS['request']['parent_id']); if ($parent_id > 0) { $parent_reply = $GLOBALS['db']->getRow("select id,user_id,user_name from " . DB_PREFIX . "topic_reply where id = " . $parent_id); } $result = do_login_user($email, $pwd); $GLOBALS['user_info'] = $user_data = es_session::get('user_info'); $user_data['id'] = intval($user_data['id']); if (intval($user_data['id']) == 0) { $root['return'] = 0; $root['user_login_status'] = 0; $root['info'] = "请先登录"; output($root); } $root['user_login_status'] = 1; $topic = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "topic where is_effect = 1 and is_delete = 0 and id = " . $share_id); if (empty($topic)) { $root['status'] = -3; output($root); } $reply_data = array(); $reply_data['topic_id'] = $share_id; $reply_data['user_id'] = intval($user_data['id']); $reply_data['user_name'] = $user_data['user_name']; $reply_data['reply_id'] = intval($parent_reply['id']); $reply_data['reply_user_id'] = intval($parent_reply['user_id']); $reply_data['reply_user_name'] = strim($parent_reply['user_name']); $reply_data['create_time'] = get_gmtime(); $reply_data['is_effect'] = 1; $reply_data['is_delete'] = 0; $reply_data['content'] = valid_str($content); $GLOBALS['db']->autoExecute(DB_PREFIX . "topic_reply", $reply_data); $GLOBALS['db']->query("update " . DB_PREFIX . "topic set reply_count = reply_count + 1,last_time = " . get_gmtime() . ",last_user_id=" . $user_data['id'] . " where id = " . $share_id); increase_user_active($user_data['id'], "转发了一则分享"); if ($is_relay == 1) { $cnt = $topic['content'] . "@" . $user_data['user_name'] . " 评论:" . valid_str($content); $id = insert_topic($cnt, $title = "", $type = "", $group = "", $relay_id = $share_id, $fav_id = 0); if ($id) { $GLOBALS['db']->query("update " . DB_PREFIX . "topic set source_name = '" . $source . "' where id = " . intval($id)); } } $root['return'] = 1; $root['status'] = 1; output($root); }
function save() { $url = $_GET['referer']; es_session::set("gopreview", $url); if (!$GLOBALS['user_info']) { app_redirect(url_wap("user#login")); } $info_data = array(); $info_data['user_id'] = $GLOBALS['user_info']['id']; $info_data['name'] = $GLOBALS['user_info']['user_name']; $info_data['mobile'] = $GLOBALS['user_info']['mobile']; $info_data['ip'] = get_client_ip(); $info_data['type'] = $_GET['f']; $info_data['creat_time'] = time(); $tmp_zhuanti_user_info = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "zhuanti_user where (mobile='" . $info_data['mobile'] . "' or user_id=" . $info_data['user_id'] . ") and type=2"); if ($tmp_zhuanti_user_info) { app_redirect("http://www.51zhishang.com/course/54.html"); } $GLOBALS['db']->autoExecute(DB_PREFIX . "zhuanti_user", $info_data, "INSERT"); $msgInfo = array(); $msgInfo['title'] = '专题报名'; $msgInfo['content'] = '专题报名'; send_zhuanti_sms($info_data['mobile'], $msgInfo, 3812); $data['status'] = 1; $data['info'] = "报名成功!"; app_redirect("http://www.51zhishang.com/course/54.html"); }
public function check_fee() { es_session::start(); $last_visit = intval(es_session::get("last_visit_smsbao")); if (get_gmtime() - $last_visit > 10) { $sms = new transport(); $params = array("u" => $this->sms['user_name'], "p" => md5($this->sms['password'])); $url = "http://www.smsbao.com/query"; $result = $sms->request($url, $params); $match = explode(',', $result['body']); if ($match[0] != '') { $remain = (int) $match[1]; $str = sprintf('短信宝增值平台 剩余:%d 条', $remain); } else { $str = "短信宝增值平台 (<a href='http://www.smsbao.com/reg?r=5001' target='_blank'><font color='red'>还没账号?点击这免费注册</font></a>)"; } es_session::set("smsbao_info", $str); es_session::set("last_visit_smsbao", get_gmtime()); return $str; } else { $qxt_info = es_session::get("smsbao_info"); if ($smsbao_info) { return $smsbao_info; } else { return "短信宝增值平台 (<a href='http://www.smsbao.com/reg?r=5001' target='_blank'><font color='red'>还没账号?点击这免费注册</font></a>)"; } } }
public function init() { if (!$GLOBALS['user_info']) { if ($_REQUEST['ajax'] == 1) { ajax_return(array("status" => 0, "info" => "请先登录")); } else { es_session::set('before_login', $_SERVER['REQUEST_URI']); app_redirect(url("index", "user#login")); } } $id = intval($_REQUEST['id']); $this->space_user = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . $id . " and is_effect= 1 and is_delete = 0"); $user_id = intval($GLOBALS['user_info']['id']); if (!$this->space_user) { showErr($GLOBALS['lang']['USER_NOT_EXISTS']); } $focus_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_focus where focus_user_id = " . $user_id . " and focused_user_id = " . $this->space_user['id']); if ($focus_data) { $this->space_user['focused'] = 1; } $province_str = $GLOBALS['db']->getOne("select name from " . DB_PREFIX . "region_conf where id = " . $this->space_user['province_id']); $city_str = $GLOBALS['db']->getOne("select name from " . DB_PREFIX . "region_conf where id = " . $this->space_user['city_id']); if ($province_str . $city_str == '') { $user_location = $GLOBALS['lang']['LOCATION_NULL']; } else { $user_location = $province_str . " " . $city_str; } $this->space_user['fav_count'] = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "topic where user_id = " . $this->space_user['id'] . " and fav_id <> 0"); $this->space_user['user_location'] = $user_location; $this->space_user['group_name'] = $GLOBALS['db']->getOne("select name from " . DB_PREFIX . "user_group where id = " . $this->space_user['group_id'] . " "); $GLOBALS['tmpl']->assign("space_user", $this->space_user); $GLOBALS['tmpl']->assign('user_statics', sys_user_status($id, true)); }
public function index() { require_once APP_ROOT_PATH . "system/libs/user.php"; $root = array(); $email = strim($GLOBALS['request']['email']); $pwd = strim($GLOBALS['request']['pwd']); $result = do_login_user($email, $pwd); $GLOBALS['user_info'] = $user_data = es_session::get('user_info'); $user_data['id'] = intval($user_data['id']); if (intval($user_data['id']) == 0) { $root['return'] = 0; $root['info'] = "请先登录"; output($root); } $comment_id = intval($GLOBALS['request']['id']); $comment_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "topic_reply where id = " . $comment_id); if ($comment_data['user_id'] != intval($user_data['id'])) { $root['return'] = 0; $root['info'] = "这条评论是其他会员的"; output($root); } $GLOBALS['db']->query("delete from " . DB_PREFIX . "topic_reply where id = " . $comment_id); $GLOBALS['db']->query("update " . DB_PREFIX . "topic set reply_count = reply_count - 1 where id = " . $comment_data['topic_id']); $root['return'] = 1; output($root); }
public function index() { $root = array(); $email = strim($GLOBALS['request']['email']); //用户名或邮箱 $pwd = strim($GLOBALS['request']['pwd']); //密码 //检查用户,用户密码 $user = user_check($email, $pwd); $user_id = intval($user['id']); if ($user_id > 0) { $root['user_login_status'] = 1; $root['page_title'] = "发起项目"; $region_lv2 = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "region_conf where region_level = 2 order by py asc"); //二级地址 $root['region_lv2'] = $region_lv2; $cate_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "deal_cate order by sort asc"); $root['cate_list'] = $cate_list; $deal_image = es_session::get("deal_image"); $root['deal_image'] = $deal_image; } else { $root['response_code'] = 0; $root['show_err'] = "未登录"; $root['user_login_status'] = 0; } output($root); }
public function index() { require_once APP_ROOT_PATH . "system/libs/user.php"; $root = array(); $email = strim($GLOBALS['request']['email']); $pwd = strim($GLOBALS['request']['pwd']); $result = do_login_user($email, $pwd); $GLOBALS['user_info'] = $user_data = es_session::get('user_info'); $user_data['id'] = intval($user_data['id']); $page = intval($GLOBALS['request']['page']); if ($page == 0) { $page = 1; } $home_uid = intval($GLOBALS['request']['uid']); $home_user_info_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . $home_uid . " and is_effect = 1 and is_delete = 0"); if (!$home_user_info_data) { $root['info'] = "非法的会员"; output($root); } $user_info['uid'] = $user_data['id']; $user_info['email'] = $user_data['email']; $user_info['user_name'] = $user_data['user_name']; $user_info['user_avatar'] = get_abs_img_root(get_muser_avatar($user_data['id'], "big")); $root['user'] = $user_info; $home_user_info['uid'] = $home_user_info_data['id']; $home_user_info['email'] = $home_user_info_data['email']; $home_user_info['user_name'] = $home_user_info_data['user_name']; $home_user_info['user_avatar'] = get_abs_img_root(get_muser_avatar($home_user_info_data['id'], "big")); $home_user_info['fans'] = $home_user_info_data['focused_count']; $home_user_info['follows'] = $home_user_info_data['focus_count']; $home_user_info['photos'] = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "topic_image where user_id = " . $home_user_info_data['id']); $home_user_info['favs'] = $GLOBALS['db']->getOne("select sum(fav_count) from " . DB_PREFIX . "topic where user_id = " . $home_user_info_data['id']); $root['home_user'] = $home_user_info; $limit = ($page - 1) * PAGE_SIZE . "," . PAGE_SIZE; $follow_list = $GLOBALS['db']->getAll("select focused_user_id as id,focused_user_name as user_name from " . DB_PREFIX . "user_focus where focus_user_id = " . $home_user_info_data['id'] . " order by id desc limit " . $limit); $total = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user_focus where focus_user_id = " . $home_user_info_data['id']); $follows = array(); foreach ($follow_list as $k => $v) { $follows[$k]['uid'] = $v['id']; $follows[$k]['user_name'] = $v['user_name']; $follows[$k]['fans'] = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user_focus where focused_user_id = " . $v['id']); $follows[$k]['user_avatar'] = get_abs_img_root(get_muser_avatar($v['id'], "big")); if ($v['id'] == $user_data['id']) { $follows[$k]['is_follow'] = -1; } else { $focus_uid = intval($v['id']); $focus_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_focus where focus_user_id = " . $user_info['uid'] . " and focused_user_id = " . $focus_uid); if ($focus_data) { $follows[$k]['is_follow'] = 1; } else { $follows[$k]['is_follow'] = 0; } } } $root['page'] = array("page" => $page, "page_total" => ceil($total / PAGE_SIZE)); $root['item'] = $follows; $root['return'] = 1; $root['status'] = 1; output($root); }
function user_check($username_email, $pwd) { //$username_email = addslashes($username_email); //$pwd = addslashes($pwd); if ($username_email && $pwd) { //$sql = "select *,id as uid from ".DB_PREFIX."user where (user_name='".$username_email."' or email = '".$username_email."') and is_delete = 0"; $sql = "select *,id as uid from " . DB_PREFIX . "user where (user_name='" . $username_email . "' or email = '" . $username_email . "' or mobile = '" . $username_email . "') "; $user_info = $GLOBALS['db']->getRow($sql); $is_use_pass = false; if (strlen($pwd) != 32) { if ($user_info['user_pwd'] == md5($pwd . $user_info['code']) || $user_info['user_pwd'] == md5($pwd)) { $is_use_pass = true; } } else { if ($user_info['user_pwd'] == $pwd) { $is_use_pass = true; } } if ($is_use_pass) { es_session::set("user_info", $user_info); $GLOBALS['user_info'] = $user_info; return $user_info; } else { return null; } } else { return null; } }
public function index() { $preview = intval($_REQUEST['preview']); $event_id = intval($_REQUEST['id']); if ($preview > 0) { $event = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "event where id = " . $event_id); $adm_session = es_session::get(md5(app_conf("AUTH_KEY"))); $adm_name = $adm_session['adm_name']; $adm_id = intval($adm_session['adm_id']); if ($adm_id == 0) { //验证是否当前的商家(不是后台管理员) $s_account_info = es_session::get("account_info"); if ($s_account_info) { foreach ($s_account_info['location_ids'] as $id) { $location = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "supplier_location where id = " . $id); if ($location) { $locations[] = $location; } } $deal_test = $GLOBALS['db']->getRow("select e.* from " . DB_PREFIX . "event as e left join " . DB_PREFIX . "event_location_link as l on l.event_id = e.id where e.id = " . intval($event['id']) . " and e.publish_wait = 1 and l.location_id in (" . implode(",", $s_account_info['location_ids']) . ")"); if (!$deal_test) { showErr("活动不存在或者没有预览该活动的权限", 0, APP_ROOT . "/admin.php?m=Public&a=login"); } } else { showErr("您不是系统管理员或者商家会员,无法预览", 0, APP_ROOT . "/"); } } } else { $event = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "event where id = " . $event_id . " and is_effect = 1"); } if (!$event) { app_redirect(url("youhui", "fcate")); } $GLOBALS['tmpl']->assign("event", $event); //开始输出当前的site_nav $cate = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "event_cate where id = " . $event['cate_id']); $site_nav[] = array('name' => $GLOBALS['lang']['HOME_PAGE'], 'url' => url("index", "index")); if ($cate) { $curl = url("youhui", "event#index", array("cid" => $cate['id'])); $site_nav[] = array('name' => $cate['name'], 'url' => $curl); } $gurl = url("youhui", "edetail#index", array("id" => $event['id'])); $site_nav[] = array('name' => $event['name'], 'url' => $gurl); $GLOBALS['tmpl']->assign("site_nav", $site_nav); //输出当前的site_nav $seo_title = $event['name']; $GLOBALS['tmpl']->assign("page_title", $seo_title); $seo_keyword = $event['name']; $GLOBALS['tmpl']->assign("page_keyword", $seo_keyword . ","); $seo_description = $event['name']; $GLOBALS['tmpl']->assign("page_description", $seo_description . ","); $submit_result = $GLOBALS['db']->getAll("select user_id from " . DB_PREFIX . "event_submit where event_id = " . $event_id . " limit 18"); $GLOBALS['tmpl']->assign("submit_result", $submit_result); if ($_REQUEST['plat'] == APP_PLAT) { $GLOBALS['tmpl']->display("youhui_app_edetail.html"); } else { $GLOBALS['tmpl']->display("youhui_edetail.html"); } }
public function index() { require_once APP_ROOT_PATH . "system/libs/user.php"; $root = array(); $event_id = intval($GLOBALS['request']['event_id']); //没有分享ID直接退出 if ($event_id == 0) { $root['status'] = 0; $root['info'] = "不存在的活动ID"; output($root); } $content = strim($GLOBALS['request']['content']); $source = strim($GLOBALS['request']['source']); $source = str_replace("来自", "", $source); $email = strim($GLOBALS['request']['email']); $pwd = strim($GLOBALS['request']['pwd']); $result = do_login_user($email, $pwd); $GLOBALS['user_info'] = $user_data = es_session::get('user_info'); $user_data['id'] = intval($user_data['id']); if (intval($user_data['id']) == 0) { $root['status'] = 0; $root['user_login_status'] = 0; $root['info'] = "请先登录"; output($root); } $root['user_login_status'] = 1; $event_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "event where is_effect = 1 and id = " . $event_id); if (empty($event_info)) { $root['status'] = 0; $root['info'] = "不存在的活动ID"; output($root); } $reply_data = array(); $reply_data['rel_table'] = "event"; $reply_data['rel_id'] = intval($event_id); $reply_data['content'] = valid_str($content); if (app_conf("USER_MESSAGE_AUTO_EFFECT") == 0) { $message_effect = 0; } else { $message_effect = 1; //$message_type['is_effect']; } $reply_data['is_effect'] = $message_effect; $reply_data['create_time'] = get_gmtime(); $reply_data['user_id'] = intval($user_data['id']); $GLOBALS['db']->autoExecute(DB_PREFIX . "message", $reply_data); increase_user_active($user_data['id'], "点评了一个活动"); $title = "对" . $event_info['name'] . "发表了点评"; $url_route = array('rel_app_index' => 'youhui', 'rel_route' => 'edetail', 'rel_param' => 'id=' . $event_info['id']); $tid = insert_topic($reply_data['content'], $title, "eventcomment", $group = "", $relay_id = 0, $fav_id = 0, $group_data = "", $attach_list = array(), $url_route); if ($tid) { $GLOBALS['db']->query("update " . DB_PREFIX . "topic set source_name = '" . $source . "' where id = " . intval($tid)); } $GLOBALS['db']->query("update " . DB_PREFIX . "event set reply_count = reply_count+1 where id =" . $event_id); $root['status'] = 1; $root['info'] = "感谢您的点评"; output($root); }
public function do_reply_dp() { $s_account_info = es_session::get("account_info"); $account_id = intval($s_account_info['id']); $dp_id = intval($_REQUEST['dp_id']); $reply_content = strim($_REQUEST['reply_content']); require_once APP_ROOT_PATH . 'system/model/review.php'; ajax_return(biz_do_reply_dp($account_id, $dp_id, $reply_content)); }
/** * @brief 检查openid是否合法 * * @param $openid 与用户QQ号码一一对应 * @param $timestamp 时间戳 * @param $sig 签名值 * * @return true or false */ function is_valid_openid($openid, $timestamp, $sig) { $key = es_session::get("appkey"); $str = $openid . $timestamp; $signature = get_signature($str, $key); //echo "sig:$sig\n"; //echo "str:$str\n"; return $sig == $signature; }
public function index() { require_once APP_ROOT_PATH . "system/libs/user.php"; $email = strim($GLOBALS['request']['email']); $pwd = strim($GLOBALS['request']['pwd']); $result = do_login_user($email, $pwd); $GLOBALS['user_info'] = $user_data = es_session::get('user_info'); $page = intval($GLOBALS['request']['page']) > 0 ? intval($GLOBALS['request']['page']) : 1; $page_size = 20; $limit = ($page - 1) * $page_size . "," . $page_size; $user_id = intval($GLOBALS['user_info']['id']); $group_key = addslashes(trim($GLOBALS['request']['mid'])); $sql = "select count(*) as count,max(system_msg_id) as system_msg_id,max(id) as id from " . DB_PREFIX . "msg_box \r\n\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1)) \r\n\t\t\t\tand group_key = '" . $group_key . "'"; $row = $GLOBALS['db']->getRow($sql); if ($row['count'] == 0) { $root['return'] = 0; } elseif ($row['system_msg_id'] > 0) { //系统消息,仅查看 $data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "msg_box where id = " . $row['id'] . " and is_delete = 0"); $GLOBALS['db']->query("update " . DB_PREFIX . "msg_box set is_read = 1 where id = " . $row['id']); $root['return'] = 1; $root['msg'] = array('mid' => $group_key, 'title' => $data['title'], 'message' => $data['content'], 'time' => pass_date($data['create_time'])); } else { $root['return'] = 1; $root['lid'] = $group_key; //消息记录 $sql = "select * from " . DB_PREFIX . "msg_box \r\n\t\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1)) \r\n\t\t\t\t\tand group_key = '" . $group_key . "' \r\n\t\t\t\t\torder by create_time desc limit " . $limit; $sql_count = "select count(*) from " . DB_PREFIX . "msg_box \r\n\t\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1)) and group_key = '" . $group_key . "'"; $upd_sql = "update " . DB_PREFIX . "msg_box set is_read = 1 \r\n\t\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1)) \r\n\t\t\t\t\tand group_key = '" . $group_key . "' "; $GLOBALS['db']->query($upd_sql); $list = $GLOBALS['db']->getAll($sql); foreach ($list as $k => $v) { if ($v['to_user_id'] != $user_id) { $dest_user_id = $v['to_user_id']; break; } if ($v['from_user_id'] != $user_id) { $dest_user_id = $v['from_user_id']; break; } } $dest_user_name = $GLOBALS['db']->getOne("select user_name from " . DB_PREFIX . "user where id = " . $dest_user_id); $root['title'] = "与" . $dest_user_name . "的交流"; $root['t_name'] = $dest_user_name; $count = $GLOBALS['db']->getOne($sql_count); $page_info['page'] = $page; $page_info['page_total'] = ceil($count / $page_size); $root['page'] = $page_info; $msg_list = array(); foreach ($list as $k => $v) { $msg_list[] = array("miid" => $v['id'], "mlid" => $v['group_key'], "uid" => $v['from_user_id'], "message" => $v['content'], "time" => pass_date($v['create_time']), "tuid" => $v['to_user_id'], "tuser_name" => $v['to_user_id'] == $user_id ? "我" : $dest_user_name, "tuser_avatar" => get_abs_img_root(get_muser_avatar($v['to_user_id'], "big")), "content" => $v['content'], "user_name" => $v['from_user_id'] == $user_id ? "我" : $dest_user_name, "user_avatar" => get_abs_img_root(get_muser_avatar($v['from_user_id'], "big"))); } $root['msg_list'] = $msg_list; } output($root); }
/** * 登出,返回 array('status'=>'',data=>'',msg=>'') msg存放整合接口返回的字符串 */ function loginout_biz() { $account_info = es_session::get("account_info"); if (!$account_info) { return false; } else { es_session::delete("account_info"); es_session::delete("biz_account_auth"); } }
protected function check_auth() { $s_account_info = es_session::get("account_info"); if (intval($s_account_info['id']) == 0) { app_redirect(url("biz", "login")); } else { $account_data = $GLOBALS['db']->getRow("select s.name as name,a.allow_charge as allow_charge, a.account_name as account_name,a.login_ip as login_ip ,a.login_time as login_time ,a.update_time as create_time, a.supplier_id as supplier_id from " . DB_PREFIX . "supplier_account as a left join " . DB_PREFIX . "supplier as s on a.supplier_id = s.id where a.id = " . intval($s_account_info['id'])); if (!$account_data) { app_redirect(url("biz", "login")); } $GLOBALS['tmpl']->assign("account_data", $account_data); } }
/** * 验证检限 * 已登录时验证用户权限, Index模块下的所有函数无需权限验证 * 未登录时跳转登录 */ private function check_auth() { if (intval(app_conf("EXPIRED_TIME")) > 0 && es_session::is_expired()) { es_session::delete(md5(conf("AUTH_KEY"))); es_session::delete("expire"); } //管理员的SESSION $adm_session = es_session::get(md5(conf("AUTH_KEY"))); $adm_name = $adm_session['adm_name']; $adm_id = intval($adm_session['adm_id']); $ajax = intval($_REQUEST['ajax']); $biz_account = es_session::get("account_info"); $is_auth = 0; if (intval($biz_account['id']) > 0) { if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') { $is_auth = 1; } } if ($adm_id == 0 && $is_auth == 0) { if ($ajax == 0) { $this->redirect("Public/login"); } else { $this->error(L("NO_LOGIN"), $ajax); } } //开始验证权限,当管理员名称不为默认管理员时 //开始验证模块是否需要授权 $sql = "select count(*) as c from " . conf("DB_PREFIX") . "role_node as role_node left join " . conf("DB_PREFIX") . "role_module as role_module on role_module.id = role_node.module_id " . " where role_node.action ='" . ACTION_NAME . "' and role_module.module = '" . MODULE_NAME . "' " . " and role_node.is_effect = 1 and role_node.is_delete = 0 and role_module.is_effect = 1 and role_module.is_delete = 0 "; $count = M()->query($sql); $count = $count[0]['c']; if ($adm_name != conf("DEFAULT_ADMIN") && MODULE_NAME != 'Index' && MODULE_NAME != 'Lang' && $count > 0 && $is_auth == 0) { //除IndexAction外需验证的权限列表 $sql = "select count(*) as c from " . conf("DB_PREFIX") . "role_node as role_node left join " . conf("DB_PREFIX") . "role_access as role_access on role_node.id=role_access.node_id left join " . conf("DB_PREFIX") . "role as role on role_access.role_id = role.id left join " . conf("DB_PREFIX") . "role_module as role_module on role_module.id = role_node.module_id left join " . conf("DB_PREFIX") . "admin as admin on admin.role_id = role.id " . " where admin.id = " . $adm_id . " and role_node.action ='" . ACTION_NAME . "' and role_module.module = '" . MODULE_NAME . "' " . " and role_node.is_effect = 1 and role_node.is_delete = 0 and role_module.is_effect = 1 and role_module.is_delete = 0 and role.is_effect = 1 and role.is_delete = 0"; $count = M()->query($sql); $count = $count[0]['c']; if ($count == 0) { //节点授权不足,开始判断是否有模块授权 $module_sql = "select count(*) as c from " . conf("DB_PREFIX") . "role_access as role_access left join " . conf("DB_PREFIX") . "role as role on role_access.role_id = role.id left join " . conf("DB_PREFIX") . "role_module as role_module on role_module.id = role_access.module_id left join " . conf("DB_PREFIX") . "admin as admin on admin.role_id = role.id " . " where admin.id = " . $adm_id . " and role_module.module = '" . MODULE_NAME . "' " . " and role_access.node_id = 0" . " and role_module.is_effect = 1 and role_module.is_delete = 0 and role.is_effect = 1 and role.is_delete = 0"; $module_count = M()->query($module_sql); $module_count = $module_count[0]['c']; if ($module_count == 0) { if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') { echo "<script>alert('" . L("NO_AUTH") . "');</script>"; exit; } else { $this->error(L("NO_AUTH"), $ajax); } } } } }
public function add() { //查询部门列表 $adm_sql = " SELECT * FROM " . DB_PREFIX . "admin WHERE is_delete= 0 and is_effect=1 and is_department = 1"; $adm_list = $GLOBALS['db']->getAll($adm_sql); $this->assign('departs', $adm_list); $adm_session = es_session::get(md5(conf("AUTH_KEY"))); $adm_name = $adm_session['adm_name']; $adm_id = intval($adm_session['adm_id']); $this->assign('adm_id', $adm_id); $list = M("Role")->findAll(); $this->assign('list', $list); $this->display(); }
function save_log($msg, $status) { if (conf("ADMIN_LOG") == 1) { $adm_session = es_session::get(md5(conf("AUTH_KEY"))); $log_data['log_info'] = $msg; $log_data['log_time'] = NOW_TIME; $log_data['log_admin'] = intval($adm_session['adm_id']); $log_data['log_ip'] = CLIENT_IP; $log_data['log_status'] = $status; $log_data['module'] = MODULE_NAME; $log_data['action'] = ACTION_NAME; M("Log")->add($log_data); } }
function insert_load_user_tip() { //输出未读的消息数 if ($GLOBALS['user_info']) { $GLOBALS['tmpl']->assign("user_info", $GLOBALS['user_info']); //输出签到结果 $signin_result = es_session::get("signin_result"); if ($signin_result['status']) { $GLOBALS['tmpl']->assign("signin_result", json_encode($signin_result)); es_session::delete("signin_result"); } } return $GLOBALS['tmpl']->fetch("inc/insert/load_user_tip.html"); }
public function __construct() { if (ACTION_NAME != "reponse" && ACTION_NAME != "notify") { $adm_session = es_session::get(md5(app_conf("AUTH_KEY"))); $adm_id = intval($adm_session['adm_id']); $user_info = es_session::get("user_info"); $user_id = intval($user_info['id']); if ($adm_id == 0 && $user_id == 0) { showErr("请先登录"); } } if (intval(app_conf("OPEN_IPS")) == 0) { showErr('未开启资金托管功能', 0); } }
public function clear_image() { set_time_limit(0); es_session::close(); $path = APP_ROOT_PATH . "public/attachment/"; $this->clear_image_file($path); $path = APP_ROOT_PATH . "public/images/"; $this->clear_image_file($path); $qrcode_path = APP_ROOT_PATH . "public/images/qrcode/"; $this->clear_qrcode($qrcode_path); clear_dir_file(get_real_path() . "public/runtime/app/tpl_caches/"); clear_dir_file(get_real_path() . "public/runtime/app/tpl_compiled/"); header("Content-Type:text/html; charset=utf-8"); exit("<div style='line-height:50px; text-align:center; color:#f30;'>" . L('CLEAR_SUCCESS') . "</div><div style='text-align:center;'><input type='button' onclick='\$.weeboxs.close();' class='button' value='关闭' /></div>"); }
public function save() { require_once APP_ROOT_PATH . 'system/libs/user.php'; foreach ($_REQUEST as $k => $v) { $_REQUEST[$k] = htmlspecialchars(addslashes(trim($v))); } if ($GLOBALS['user_info']['user_name']) { $_REQUEST['user_name'] = $GLOBALS['user_info']['user_name']; } $res = save_user($_REQUEST, 'UPDATE'); if ($res['status'] == 1) { // user_name mobile province_id city_id byear bmonth bday sex my_intro id // 向im.lingang.me发送用户名片修改请求 $phone = $_REQUEST['mobile']; $rid = es_cookie::get("rid"); $sig = md5($phone . "_" . $rid . "_" . $rid); $url = get_doubi_host(); $post = array('action' => 'edit_profile', 'sig' => $sig, 'phone' => $phone, 'uname' => $_REQUEST['user_name'], 'uintro' => $_REQUEST['my_intro'], 'gender' => $_REQUEST['sex'], 'birth' => $_REQUEST['byear'] . "-" . $_REQUEST['bmonth'] . "-" . $_REQUEST['bday']); $response = json_decode(sentSigPost($url, $post), true); $s_user_info = es_session::get("user_info"); $user_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = '" . intval($s_user_info['id']) . "'"); es_session::set("user_info", $user_info); if (intval($_REQUEST['is_ajax']) == 1) { echo 1; } else { showSuccess($GLOBALS['lang']['SAVE_USER_SUCCESS']); } } else { $error = $res['data']; if (!$error['field_show_name']) { $error['field_show_name'] = $GLOBALS['lang']['USER_TITLE_' . strtoupper($error['field_name'])]; } if ($error['error'] == EMPTY_ERROR) { $error_msg = sprintf($GLOBALS['lang']['EMPTY_ERROR_TIP'], $error['field_show_name']); } if ($error['error'] == FORMAT_ERROR) { $error_msg = sprintf($GLOBALS['lang']['FORMAT_ERROR_TIP'], $error['field_show_name']); } if ($error['error'] == EXIST_ERROR) { $error_msg = sprintf($GLOBALS['lang']['EXIST_ERROR_TIP'], $error['field_show_name']); } if (intval($_REQUEST['is_ajax']) == 1) { echo 1; } else { showErr($error_msg); } } }
/** * 验证检限 * 已登录时验证用户权限, Index模块下的所有函数无需权限验证 * 未登录时跳转登录 */ private function check_auth() { if (intval(app_conf("EXPIRED_TIME")) > 0 && es_session::is_expired()) { es_session::delete(md5(conf("AUTH_KEY"))); es_session::delete("expire"); } //管理员的SESSION $adm_session = es_session::get(md5(conf("AUTH_KEY"))); $adm_name = $adm_session['adm_name']; $adm_id = intval($adm_session['adm_id']); $ajax = intval($_REQUEST['ajax']); $is_auth = 0; $user_info = es_session::get("user_info"); if (intval($user_info['id']) > 0) { if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') { $is_auth = 1; } } if ($adm_id == 0 && $is_auth == 0) { if ($ajax == 0) { $this->redirect("Public/login"); } else { $this->error(L("NO_LOGIN"), $ajax); } } //开始验证权限,当管理员名称不为默认管理员时 //开始验证模块是否需要授权 global $access_list; $access_list = (require APP_ROOT_PATH . "system/admnode_cfg.php"); $count = isset($access_list[MODULE_NAME]['node'][ACTION_NAME]) ? 1 : 0; if ($adm_name != app_conf("DEFAULT_ADMIN") && $count > 0 && $is_auth == 0) { $sql = "select count(*) from " . DB_PREFIX . "role_access as role left join " . DB_PREFIX . "admin as admin on admin.role_id = role.role_id " . "where admin.id = " . $adm_id . " and role.node = '" . ACTION_NAME . "' and role.module = '" . MODULE_NAME . "' "; $count = $GLOBALS['db']->getOne($sql); if ($count == 0) { //节点授权不足,开始判断是否有模块授权 $module_sql = "select count(*) from " . DB_PREFIX . "role_access as role left join " . DB_PREFIX . "admin as admin on admin.role_id = role.role_id " . "where admin.id = " . $adm_id . " and role.node = '' and role.module = '" . MODULE_NAME . "' "; $module_count = $GLOBALS['db']->getOne($module_sql); if ($module_count == 0) { if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') { echo "<script>alert('" . L("NO_AUTH") . "');</script>"; exit; } else { $this->error(L("NO_AUTH"), $ajax); } } } } }
public function do_loginout() { //验证是否已登录 //管理员的SESSION $adm_session = es_session::get(md5(conf("AUTH_KEY"))); $adm_id = intval($adm_session['adm_id']); if ($adm_id == 0) { //已登录 $this->redirect(u("Public/login")); } else { es_session::delete(md5(conf("AUTH_KEY"))); $this->assign("jumpUrl", U("Public/login")); $this->assign("waitSecond", 3); $this->success(L("LOGINOUT_SUCCESS")); } }