public function loginout()
 {
     es_cookie::delete("sp_account_name");
     es_cookie::delete("sp_account_password");
     es_session::delete("account_info");
     app_redirect(url("biz", "index"));
 }
示例#2
0
 static function start()
 {
     if ($_GET['FANWE_SESSION_ID']) {
         self::$sess_id = $_GET['FANWE_SESSION_ID'];
     }
     es_session_start(self::$sess_id);
 }
示例#3
0
 public function __construct()
 {
     parent::__construct();
     global $mobile_cfg;
     if ($mobile_cfg == null) {
         $mobile_cfg = (require_once APP_ROOT_PATH . "system/mobile_cfg/" . APP_TYPE . "/webnav_cfg.php");
     }
     check_install();
     //重新处理后台的语言加载机制,后台语言环境配置于后台config.php文件
     $langSet = conf('DEFAULT_LANG');
     // 定义当前语言
     define('LANG_SET', strtolower($langSet));
     // 读取项目公共语言包
     if (is_file(LANG_PATH . $langSet . '/common.php')) {
         L(include LANG_PATH . $langSet . '/common.php');
         $this->lang_pack = (require LANG_PATH . $langSet . '/common.php');
         if (!file_exists(APP_ROOT_PATH . "public/runtime/admin/lang.js")) {
             $str = "var LANG = {";
             foreach ($this->lang_pack as $k => $lang) {
                 $str .= "\"" . $k . "\":\"" . $lang . "\",";
             }
             $str = substr($str, 0, -1);
             $str .= "};";
             file_put_contents(APP_ROOT_PATH . "public/runtime/admin/lang.js", $str);
         }
     }
     es_session::close();
 }
示例#4
0
 public function index()
 {
     require_once APP_ROOT_PATH . "app/Lib/page.php";
     $s_account_info = es_session::get("account_info");
     $account_id = intval($s_account_info['id']);
     $f = addslashes(htmlspecialchars(trim($_REQUEST['f'])));
     if ($f == '' || !in_array($f, array("is_buy", "tuan", "event", "youhui", "daijin", "shop"))) {
         $condition = " ";
     } elseif ($f == 'is_buy') {
         $condition = " and is_buy = 1 ";
     } else {
         $condition = " and from_data  = '{$f}' ";
     }
     $GLOBALS['tmpl']->assign("f", $f);
     $page = intval($_REQUEST['p']);
     if ($page == 0) {
         $page = 1;
     }
     $limit = ($page - 1) * app_conf("PAGE_SIZE") . "," . app_conf("PAGE_SIZE");
     $dp_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "supplier_location_dp where status = 1 {$condition} and supplier_location_id in (" . implode(",", $s_account_info['location_ids']) . ") order by create_time desc limit " . $limit);
     $dp_count = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "supplier_location_dp where status = 1  {$condition} and supplier_location_id in (" . implode(",", $s_account_info['location_ids']) . ")");
     $page = new Page($dp_count, app_conf("PAGE_SIZE"));
     //初始化分页对象
     $p = $page->show();
     $GLOBALS['tmpl']->assign('pages', $p);
     $GLOBALS['tmpl']->assign("dp_list", $dp_list);
     $html = decode_topic_without_img($GLOBALS['tmpl']->fetch("biz/biz_dp_list_content.html"));
     $GLOBALS['tmpl']->assign("html", $html);
     $GLOBALS['tmpl']->assign("page_title", "点评列表");
     $GLOBALS['tmpl']->display("biz/biz_dp.html");
 }
示例#5
0
function Tencent()
{
    require_once APP_ROOT_PATH . 'system/api_login/Tencent/Tencent.php';
    OAuth::init($GLOBALS['m_config']['tencent_app_key'], $GLOBALS['m_config']['tencent_app_secret']);
    $openid = trim($GLOBALS['request']['openid']);
    $openkey = trim($GLOBALS['request']['openkey']);
    if ($GLOBALS['m_config']['tencent_bind_url'] == "") {
        $app_url = get_domain() . APP_ROOT . "/api_callback.php?c=Tencent";
    } else {
        $app_url = $GLOBALS['m_config']['tencent_bind_url'];
    }
    $access_token = trim($GLOBALS['request']['access_token']);
    es_session::set("t_access_token", $access_token);
    es_session::set("t_openid", $openid);
    es_session::set("t_openkey", $openkey);
    if (es_session::get("t_access_token") || es_session::get("t_openid") && es_session::get("t_openkey")) {
        $r = Tencent::api('user/info');
        $r = json_decode($r, true);
        $name = $r['data']['name'];
        if ($GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user where tencent_id = '" . $name . "'") == 0) {
            $GLOBALS['db']->query("update " . DB_PREFIX . "user set t_access_token ='" . $access_token . "',t_openkey = '" . $openkey . "',t_openid = '" . $openid . "', tencent_id = '" . $name . "' where id =" . intval($GLOBALS['user_info']['id']));
        } elseif (intval($GLOBALS['db']->getOne("select id from " . DB_PREFIX . "user where tencent_id = '" . $name . "'")) == intval($GLOBALS['user_info']['id'])) {
            $GLOBALS['db']->query("update " . DB_PREFIX . "user set t_access_token ='" . $access_token . "',t_openkey = '" . $openkey . "',t_openid = '" . $openid . "', tencent_id = '" . $name . "' where id =" . intval($GLOBALS['user_info']['id']));
        } else {
            $root['return'] = 0;
            $root['info'] = "该微博帐号已被其他会员绑定";
            output($root);
        }
    }
    $root['return'] = 1;
    $root['info'] = "绑定成功";
    $root['login_type'] = "Tencent";
    output($root);
}
示例#6
0
 public function index()
 {
     require_once APP_ROOT_PATH . "system/libs/user.php";
     $email = strim($GLOBALS['request']['email']);
     $pwd = strim($GLOBALS['request']['pwd']);
     $result = do_login_user($email, $pwd);
     $GLOBALS['user_info'] = $user_data = es_session::get('user_info');
     $page = intval($GLOBALS['request']['page']) > 0 ? intval($GLOBALS['request']['page']) : 1;
     $page_size = 20;
     $limit = ($page - 1) * $page_size . "," . $page_size;
     $user_id = intval($GLOBALS['user_info']['id']);
     $sql = "select group_key,count(group_key) as total from " . DB_PREFIX . "msg_box  \r\n\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1))  \r\n\t\t\t\tgroup by group_key \r\n\t\t\t\torder by system_msg_id desc,max(create_time) desc limit " . $limit;
     $sql_count = "select count(distinct(group_key)) from " . DB_PREFIX . "msg_box  \r\n\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1))";
     $list = $GLOBALS['db']->getAll($sql);
     foreach ($list as $k => $v) {
         $list[$k] = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "msg_box where group_key = '" . $v['group_key'] . "' and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1))  order by create_time desc limit 1");
         $list[$k]['total'] = $v['total'];
         if ($list[$k]['system_msg_id'] > 0) {
             $sys_msgs[] = array("mid" => $list[$k]['group_key'], "uid" => $list[$k]['to_user_id'], "status" => 1, "title" => $list[$k]['title'], "time" => pass_date($list[$k]['create_time']));
         } else {
             $msg_list[] = array("content" => $list[$k]['content'], "uid" => $list[$k]['from_user_id'], "user_name" => $list[$k]['from_user_id'] == $user_data['id'] ? "我" : $GLOBALS['db']->getOne("select user_name from " . DB_PREFIX . "user where id = " . intval($list[$k]['from_user_id'])), "user_avatar" => get_abs_img_root(get_muser_avatar($list[$k]['from_user_id'], "big")), "tuid" => $list[$k]['to_user_id'], "tuser_name" => $list[$k]['to_user_id'] == $user_data['id'] ? "我" : $GLOBALS['db']->getOne("select user_name from " . DB_PREFIX . "user where id = " . intval($list[$k]['to_user_id'])), "tuser_avatar" => get_abs_img_root(get_muser_avatar($list[$k]['to_user_id'], "big")), "time" => pass_date($list[$k]['create_time']), "msg_count" => $list[$k]['total'], "mlid" => $list[$k]['group_key']);
         }
     }
     $count = $GLOBALS['db']->getOne($sql_count);
     $root['return'] = 1;
     $root['sys_msgs'] = $sys_msgs;
     $root['msg_list'] = $msg_list;
     //分页
     $page_info['page'] = $page;
     $page_info['page_total'] = ceil($count / $page_size);
     $root['page'] = $page_info;
     output($root);
 }
 public function index()
 {
     require_once APP_ROOT_PATH . "system/libs/user.php";
     $root = array();
     $share_id = intval($GLOBALS['request']['share_id']);
     //没有分享ID直接退出
     if ($share_id == 0) {
         $root['status'] = -2;
         output($root);
     }
     $content = strim($GLOBALS['request']['content']);
     $source = strim($GLOBALS['request']['source']);
     $source = str_replace("来自", "", $source);
     $email = strim($GLOBALS['request']['email']);
     $pwd = strim($GLOBALS['request']['pwd']);
     $is_relay = intval($GLOBALS['request']['is_relay']);
     $parent_id = intval($GLOBALS['request']['parent_id']);
     if ($parent_id > 0) {
         $parent_reply = $GLOBALS['db']->getRow("select id,user_id,user_name from " . DB_PREFIX . "topic_reply where id = " . $parent_id);
     }
     $result = do_login_user($email, $pwd);
     $GLOBALS['user_info'] = $user_data = es_session::get('user_info');
     $user_data['id'] = intval($user_data['id']);
     if (intval($user_data['id']) == 0) {
         $root['return'] = 0;
         $root['user_login_status'] = 0;
         $root['info'] = "请先登录";
         output($root);
     }
     $root['user_login_status'] = 1;
     $topic = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "topic where is_effect = 1 and is_delete = 0 and id = " . $share_id);
     if (empty($topic)) {
         $root['status'] = -3;
         output($root);
     }
     $reply_data = array();
     $reply_data['topic_id'] = $share_id;
     $reply_data['user_id'] = intval($user_data['id']);
     $reply_data['user_name'] = $user_data['user_name'];
     $reply_data['reply_id'] = intval($parent_reply['id']);
     $reply_data['reply_user_id'] = intval($parent_reply['user_id']);
     $reply_data['reply_user_name'] = strim($parent_reply['user_name']);
     $reply_data['create_time'] = get_gmtime();
     $reply_data['is_effect'] = 1;
     $reply_data['is_delete'] = 0;
     $reply_data['content'] = valid_str($content);
     $GLOBALS['db']->autoExecute(DB_PREFIX . "topic_reply", $reply_data);
     $GLOBALS['db']->query("update " . DB_PREFIX . "topic set reply_count = reply_count + 1,last_time = " . get_gmtime() . ",last_user_id=" . $user_data['id'] . " where id = " . $share_id);
     increase_user_active($user_data['id'], "转发了一则分享");
     if ($is_relay == 1) {
         $cnt = $topic['content'] . "@" . $user_data['user_name'] . " 评论:" . valid_str($content);
         $id = insert_topic($cnt, $title = "", $type = "", $group = "", $relay_id = $share_id, $fav_id = 0);
         if ($id) {
             $GLOBALS['db']->query("update " . DB_PREFIX . "topic set source_name = '" . $source . "' where id = " . intval($id));
         }
     }
     $root['return'] = 1;
     $root['status'] = 1;
     output($root);
 }
示例#8
0
 function save()
 {
     $url = $_GET['referer'];
     es_session::set("gopreview", $url);
     if (!$GLOBALS['user_info']) {
         app_redirect(url_wap("user#login"));
     }
     $info_data = array();
     $info_data['user_id'] = $GLOBALS['user_info']['id'];
     $info_data['name'] = $GLOBALS['user_info']['user_name'];
     $info_data['mobile'] = $GLOBALS['user_info']['mobile'];
     $info_data['ip'] = get_client_ip();
     $info_data['type'] = $_GET['f'];
     $info_data['creat_time'] = time();
     $tmp_zhuanti_user_info = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "zhuanti_user where (mobile='" . $info_data['mobile'] . "' or user_id=" . $info_data['user_id'] . ") and type=2");
     if ($tmp_zhuanti_user_info) {
         app_redirect("http://www.51zhishang.com/course/54.html");
     }
     $GLOBALS['db']->autoExecute(DB_PREFIX . "zhuanti_user", $info_data, "INSERT");
     $msgInfo = array();
     $msgInfo['title'] = '专题报名';
     $msgInfo['content'] = '专题报名';
     send_zhuanti_sms($info_data['mobile'], $msgInfo, 3812);
     $data['status'] = 1;
     $data['info'] = "报名成功!";
     app_redirect("http://www.51zhishang.com/course/54.html");
 }
示例#9
0
 public function check_fee()
 {
     es_session::start();
     $last_visit = intval(es_session::get("last_visit_smsbao"));
     if (get_gmtime() - $last_visit > 10) {
         $sms = new transport();
         $params = array("u" => $this->sms['user_name'], "p" => md5($this->sms['password']));
         $url = "http://www.smsbao.com/query";
         $result = $sms->request($url, $params);
         $match = explode(',', $result['body']);
         if ($match[0] != '') {
             $remain = (int) $match[1];
             $str = sprintf('短信宝增值平台  剩余:%d 条', $remain);
         } else {
             $str = "短信宝增值平台 (<a href='http://www.smsbao.com/reg?r=5001' target='_blank'><font color='red'>还没账号?点击这免费注册</font></a>)";
         }
         es_session::set("smsbao_info", $str);
         es_session::set("last_visit_smsbao", get_gmtime());
         return $str;
     } else {
         $qxt_info = es_session::get("smsbao_info");
         if ($smsbao_info) {
             return $smsbao_info;
         } else {
             return "短信宝增值平台 (<a href='http://www.smsbao.com/reg?r=5001' target='_blank'><font color='red'>还没账号?点击这免费注册</font></a>)";
         }
     }
 }
示例#10
0
 public function init()
 {
     if (!$GLOBALS['user_info']) {
         if ($_REQUEST['ajax'] == 1) {
             ajax_return(array("status" => 0, "info" => "请先登录"));
         } else {
             es_session::set('before_login', $_SERVER['REQUEST_URI']);
             app_redirect(url("index", "user#login"));
         }
     }
     $id = intval($_REQUEST['id']);
     $this->space_user = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . $id . " and is_effect=  1 and is_delete = 0");
     $user_id = intval($GLOBALS['user_info']['id']);
     if (!$this->space_user) {
         showErr($GLOBALS['lang']['USER_NOT_EXISTS']);
     }
     $focus_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_focus where focus_user_id = " . $user_id . " and focused_user_id = " . $this->space_user['id']);
     if ($focus_data) {
         $this->space_user['focused'] = 1;
     }
     $province_str = $GLOBALS['db']->getOne("select name from " . DB_PREFIX . "region_conf where id = " . $this->space_user['province_id']);
     $city_str = $GLOBALS['db']->getOne("select name from " . DB_PREFIX . "region_conf where id = " . $this->space_user['city_id']);
     if ($province_str . $city_str == '') {
         $user_location = $GLOBALS['lang']['LOCATION_NULL'];
     } else {
         $user_location = $province_str . " " . $city_str;
     }
     $this->space_user['fav_count'] = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "topic where user_id = " . $this->space_user['id'] . " and fav_id <> 0");
     $this->space_user['user_location'] = $user_location;
     $this->space_user['group_name'] = $GLOBALS['db']->getOne("select name from " . DB_PREFIX . "user_group where id = " . $this->space_user['group_id'] . " ");
     $GLOBALS['tmpl']->assign("space_user", $this->space_user);
     $GLOBALS['tmpl']->assign('user_statics', sys_user_status($id, true));
 }
示例#11
0
 public function index()
 {
     require_once APP_ROOT_PATH . "system/libs/user.php";
     $root = array();
     $email = strim($GLOBALS['request']['email']);
     $pwd = strim($GLOBALS['request']['pwd']);
     $result = do_login_user($email, $pwd);
     $GLOBALS['user_info'] = $user_data = es_session::get('user_info');
     $user_data['id'] = intval($user_data['id']);
     if (intval($user_data['id']) == 0) {
         $root['return'] = 0;
         $root['info'] = "请先登录";
         output($root);
     }
     $comment_id = intval($GLOBALS['request']['id']);
     $comment_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "topic_reply where id = " . $comment_id);
     if ($comment_data['user_id'] != intval($user_data['id'])) {
         $root['return'] = 0;
         $root['info'] = "这条评论是其他会员的";
         output($root);
     }
     $GLOBALS['db']->query("delete from " . DB_PREFIX . "topic_reply where id = " . $comment_id);
     $GLOBALS['db']->query("update " . DB_PREFIX . "topic set reply_count = reply_count - 1 where id = " . $comment_data['topic_id']);
     $root['return'] = 1;
     output($root);
 }
 public function index()
 {
     $root = array();
     $email = strim($GLOBALS['request']['email']);
     //用户名或邮箱
     $pwd = strim($GLOBALS['request']['pwd']);
     //密码
     //检查用户,用户密码
     $user = user_check($email, $pwd);
     $user_id = intval($user['id']);
     if ($user_id > 0) {
         $root['user_login_status'] = 1;
         $root['page_title'] = "发起项目";
         $region_lv2 = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "region_conf where region_level = 2 order by py asc");
         //二级地址
         $root['region_lv2'] = $region_lv2;
         $cate_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "deal_cate order by sort asc");
         $root['cate_list'] = $cate_list;
         $deal_image = es_session::get("deal_image");
         $root['deal_image'] = $deal_image;
     } else {
         $root['response_code'] = 0;
         $root['show_err'] = "未登录";
         $root['user_login_status'] = 0;
     }
     output($root);
 }
示例#13
0
 public function index()
 {
     require_once APP_ROOT_PATH . "system/libs/user.php";
     $root = array();
     $email = strim($GLOBALS['request']['email']);
     $pwd = strim($GLOBALS['request']['pwd']);
     $result = do_login_user($email, $pwd);
     $GLOBALS['user_info'] = $user_data = es_session::get('user_info');
     $user_data['id'] = intval($user_data['id']);
     $page = intval($GLOBALS['request']['page']);
     if ($page == 0) {
         $page = 1;
     }
     $home_uid = intval($GLOBALS['request']['uid']);
     $home_user_info_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = " . $home_uid . " and is_effect = 1 and is_delete = 0");
     if (!$home_user_info_data) {
         $root['info'] = "非法的会员";
         output($root);
     }
     $user_info['uid'] = $user_data['id'];
     $user_info['email'] = $user_data['email'];
     $user_info['user_name'] = $user_data['user_name'];
     $user_info['user_avatar'] = get_abs_img_root(get_muser_avatar($user_data['id'], "big"));
     $root['user'] = $user_info;
     $home_user_info['uid'] = $home_user_info_data['id'];
     $home_user_info['email'] = $home_user_info_data['email'];
     $home_user_info['user_name'] = $home_user_info_data['user_name'];
     $home_user_info['user_avatar'] = get_abs_img_root(get_muser_avatar($home_user_info_data['id'], "big"));
     $home_user_info['fans'] = $home_user_info_data['focused_count'];
     $home_user_info['follows'] = $home_user_info_data['focus_count'];
     $home_user_info['photos'] = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "topic_image where user_id = " . $home_user_info_data['id']);
     $home_user_info['favs'] = $GLOBALS['db']->getOne("select sum(fav_count) from " . DB_PREFIX . "topic where user_id = " . $home_user_info_data['id']);
     $root['home_user'] = $home_user_info;
     $limit = ($page - 1) * PAGE_SIZE . "," . PAGE_SIZE;
     $follow_list = $GLOBALS['db']->getAll("select focused_user_id as id,focused_user_name as user_name from " . DB_PREFIX . "user_focus where focus_user_id = " . $home_user_info_data['id'] . " order by id desc limit " . $limit);
     $total = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user_focus where focus_user_id = " . $home_user_info_data['id']);
     $follows = array();
     foreach ($follow_list as $k => $v) {
         $follows[$k]['uid'] = $v['id'];
         $follows[$k]['user_name'] = $v['user_name'];
         $follows[$k]['fans'] = $GLOBALS['db']->getOne("select count(*) from " . DB_PREFIX . "user_focus where focused_user_id = " . $v['id']);
         $follows[$k]['user_avatar'] = get_abs_img_root(get_muser_avatar($v['id'], "big"));
         if ($v['id'] == $user_data['id']) {
             $follows[$k]['is_follow'] = -1;
         } else {
             $focus_uid = intval($v['id']);
             $focus_data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user_focus where focus_user_id = " . $user_info['uid'] . " and focused_user_id = " . $focus_uid);
             if ($focus_data) {
                 $follows[$k]['is_follow'] = 1;
             } else {
                 $follows[$k]['is_follow'] = 0;
             }
         }
     }
     $root['page'] = array("page" => $page, "page_total" => ceil($total / PAGE_SIZE));
     $root['item'] = $follows;
     $root['return'] = 1;
     $root['status'] = 1;
     output($root);
 }
示例#14
0
function user_check($username_email, $pwd)
{
    //$username_email = addslashes($username_email);
    //$pwd = addslashes($pwd);
    if ($username_email && $pwd) {
        //$sql = "select *,id as uid from ".DB_PREFIX."user where (user_name='".$username_email."' or email = '".$username_email."') and is_delete = 0";
        $sql = "select *,id as uid from " . DB_PREFIX . "user where (user_name='" . $username_email . "' or email = '" . $username_email . "' or mobile = '" . $username_email . "') ";
        $user_info = $GLOBALS['db']->getRow($sql);
        $is_use_pass = false;
        if (strlen($pwd) != 32) {
            if ($user_info['user_pwd'] == md5($pwd . $user_info['code']) || $user_info['user_pwd'] == md5($pwd)) {
                $is_use_pass = true;
            }
        } else {
            if ($user_info['user_pwd'] == $pwd) {
                $is_use_pass = true;
            }
        }
        if ($is_use_pass) {
            es_session::set("user_info", $user_info);
            $GLOBALS['user_info'] = $user_info;
            return $user_info;
        } else {
            return null;
        }
    } else {
        return null;
    }
}
 public function index()
 {
     $preview = intval($_REQUEST['preview']);
     $event_id = intval($_REQUEST['id']);
     if ($preview > 0) {
         $event = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "event where id = " . $event_id);
         $adm_session = es_session::get(md5(app_conf("AUTH_KEY")));
         $adm_name = $adm_session['adm_name'];
         $adm_id = intval($adm_session['adm_id']);
         if ($adm_id == 0) {
             //验证是否当前的商家(不是后台管理员)
             $s_account_info = es_session::get("account_info");
             if ($s_account_info) {
                 foreach ($s_account_info['location_ids'] as $id) {
                     $location = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "supplier_location where id = " . $id);
                     if ($location) {
                         $locations[] = $location;
                     }
                 }
                 $deal_test = $GLOBALS['db']->getRow("select e.* from " . DB_PREFIX . "event as e left join " . DB_PREFIX . "event_location_link as l on l.event_id = e.id where e.id = " . intval($event['id']) . " and e.publish_wait = 1 and l.location_id in (" . implode(",", $s_account_info['location_ids']) . ")");
                 if (!$deal_test) {
                     showErr("活动不存在或者没有预览该活动的权限", 0, APP_ROOT . "/admin.php?m=Public&a=login");
                 }
             } else {
                 showErr("您不是系统管理员或者商家会员,无法预览", 0, APP_ROOT . "/");
             }
         }
     } else {
         $event = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "event where id = " . $event_id . " and is_effect = 1");
     }
     if (!$event) {
         app_redirect(url("youhui", "fcate"));
     }
     $GLOBALS['tmpl']->assign("event", $event);
     //开始输出当前的site_nav
     $cate = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "event_cate where id = " . $event['cate_id']);
     $site_nav[] = array('name' => $GLOBALS['lang']['HOME_PAGE'], 'url' => url("index", "index"));
     if ($cate) {
         $curl = url("youhui", "event#index", array("cid" => $cate['id']));
         $site_nav[] = array('name' => $cate['name'], 'url' => $curl);
     }
     $gurl = url("youhui", "edetail#index", array("id" => $event['id']));
     $site_nav[] = array('name' => $event['name'], 'url' => $gurl);
     $GLOBALS['tmpl']->assign("site_nav", $site_nav);
     //输出当前的site_nav
     $seo_title = $event['name'];
     $GLOBALS['tmpl']->assign("page_title", $seo_title);
     $seo_keyword = $event['name'];
     $GLOBALS['tmpl']->assign("page_keyword", $seo_keyword . ",");
     $seo_description = $event['name'];
     $GLOBALS['tmpl']->assign("page_description", $seo_description . ",");
     $submit_result = $GLOBALS['db']->getAll("select user_id from " . DB_PREFIX . "event_submit where event_id = " . $event_id . " limit 18");
     $GLOBALS['tmpl']->assign("submit_result", $submit_result);
     if ($_REQUEST['plat'] == APP_PLAT) {
         $GLOBALS['tmpl']->display("youhui_app_edetail.html");
     } else {
         $GLOBALS['tmpl']->display("youhui_edetail.html");
     }
 }
 public function index()
 {
     require_once APP_ROOT_PATH . "system/libs/user.php";
     $root = array();
     $event_id = intval($GLOBALS['request']['event_id']);
     //没有分享ID直接退出
     if ($event_id == 0) {
         $root['status'] = 0;
         $root['info'] = "不存在的活动ID";
         output($root);
     }
     $content = strim($GLOBALS['request']['content']);
     $source = strim($GLOBALS['request']['source']);
     $source = str_replace("来自", "", $source);
     $email = strim($GLOBALS['request']['email']);
     $pwd = strim($GLOBALS['request']['pwd']);
     $result = do_login_user($email, $pwd);
     $GLOBALS['user_info'] = $user_data = es_session::get('user_info');
     $user_data['id'] = intval($user_data['id']);
     if (intval($user_data['id']) == 0) {
         $root['status'] = 0;
         $root['user_login_status'] = 0;
         $root['info'] = "请先登录";
         output($root);
     }
     $root['user_login_status'] = 1;
     $event_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "event where is_effect = 1 and id = " . $event_id);
     if (empty($event_info)) {
         $root['status'] = 0;
         $root['info'] = "不存在的活动ID";
         output($root);
     }
     $reply_data = array();
     $reply_data['rel_table'] = "event";
     $reply_data['rel_id'] = intval($event_id);
     $reply_data['content'] = valid_str($content);
     if (app_conf("USER_MESSAGE_AUTO_EFFECT") == 0) {
         $message_effect = 0;
     } else {
         $message_effect = 1;
         //$message_type['is_effect'];
     }
     $reply_data['is_effect'] = $message_effect;
     $reply_data['create_time'] = get_gmtime();
     $reply_data['user_id'] = intval($user_data['id']);
     $GLOBALS['db']->autoExecute(DB_PREFIX . "message", $reply_data);
     increase_user_active($user_data['id'], "点评了一个活动");
     $title = "对" . $event_info['name'] . "发表了点评";
     $url_route = array('rel_app_index' => 'youhui', 'rel_route' => 'edetail', 'rel_param' => 'id=' . $event_info['id']);
     $tid = insert_topic($reply_data['content'], $title, "eventcomment", $group = "", $relay_id = 0, $fav_id = 0, $group_data = "", $attach_list = array(), $url_route);
     if ($tid) {
         $GLOBALS['db']->query("update " . DB_PREFIX . "topic set source_name = '" . $source . "' where id = " . intval($tid));
     }
     $GLOBALS['db']->query("update " . DB_PREFIX . "event set reply_count = reply_count+1 where id =" . $event_id);
     $root['status'] = 1;
     $root['info'] = "感谢您的点评";
     output($root);
 }
示例#17
0
 public function do_reply_dp()
 {
     $s_account_info = es_session::get("account_info");
     $account_id = intval($s_account_info['id']);
     $dp_id = intval($_REQUEST['dp_id']);
     $reply_content = strim($_REQUEST['reply_content']);
     require_once APP_ROOT_PATH . 'system/model/review.php';
     ajax_return(biz_do_reply_dp($account_id, $dp_id, $reply_content));
 }
示例#18
0
/**
 * @brief 检查openid是否合法
 *
 * @param $openid  与用户QQ号码一一对应
 * @param $timestamp 时间戳
 * @param $sig  签名值
 *
 * @return true or false
 */
function is_valid_openid($openid, $timestamp, $sig)
{
    $key = es_session::get("appkey");
    $str = $openid . $timestamp;
    $signature = get_signature($str, $key);
    //echo "sig:$sig\n";
    //echo "str:$str\n";
    return $sig == $signature;
}
示例#19
0
 public function index()
 {
     require_once APP_ROOT_PATH . "system/libs/user.php";
     $email = strim($GLOBALS['request']['email']);
     $pwd = strim($GLOBALS['request']['pwd']);
     $result = do_login_user($email, $pwd);
     $GLOBALS['user_info'] = $user_data = es_session::get('user_info');
     $page = intval($GLOBALS['request']['page']) > 0 ? intval($GLOBALS['request']['page']) : 1;
     $page_size = 20;
     $limit = ($page - 1) * $page_size . "," . $page_size;
     $user_id = intval($GLOBALS['user_info']['id']);
     $group_key = addslashes(trim($GLOBALS['request']['mid']));
     $sql = "select count(*) as count,max(system_msg_id) as system_msg_id,max(id) as id from " . DB_PREFIX . "msg_box  \r\n\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1))  \r\n\t\t\t\tand group_key = '" . $group_key . "'";
     $row = $GLOBALS['db']->getRow($sql);
     if ($row['count'] == 0) {
         $root['return'] = 0;
     } elseif ($row['system_msg_id'] > 0) {
         //系统消息,仅查看
         $data = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "msg_box where id = " . $row['id'] . " and is_delete = 0");
         $GLOBALS['db']->query("update " . DB_PREFIX . "msg_box set is_read = 1 where id = " . $row['id']);
         $root['return'] = 1;
         $root['msg'] = array('mid' => $group_key, 'title' => $data['title'], 'message' => $data['content'], 'time' => pass_date($data['create_time']));
     } else {
         $root['return'] = 1;
         $root['lid'] = $group_key;
         //消息记录
         $sql = "select * from " . DB_PREFIX . "msg_box  \r\n\t\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1))  \r\n\t\t\t\t\tand group_key = '" . $group_key . "' \r\n\t\t\t\t\torder by create_time desc limit " . $limit;
         $sql_count = "select count(*) from " . DB_PREFIX . "msg_box  \r\n\t\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1)) and group_key = '" . $group_key . "'";
         $upd_sql = "update " . DB_PREFIX . "msg_box set is_read = 1 \r\n\t\t\t\t\twhere is_delete = 0 and ((to_user_id = " . $user_id . " and `type` = 0) or (from_user_id = " . $user_id . " and `type` = 1))  \r\n\t\t\t\t\tand group_key = '" . $group_key . "' ";
         $GLOBALS['db']->query($upd_sql);
         $list = $GLOBALS['db']->getAll($sql);
         foreach ($list as $k => $v) {
             if ($v['to_user_id'] != $user_id) {
                 $dest_user_id = $v['to_user_id'];
                 break;
             }
             if ($v['from_user_id'] != $user_id) {
                 $dest_user_id = $v['from_user_id'];
                 break;
             }
         }
         $dest_user_name = $GLOBALS['db']->getOne("select user_name from " . DB_PREFIX . "user where id = " . $dest_user_id);
         $root['title'] = "与" . $dest_user_name . "的交流";
         $root['t_name'] = $dest_user_name;
         $count = $GLOBALS['db']->getOne($sql_count);
         $page_info['page'] = $page;
         $page_info['page_total'] = ceil($count / $page_size);
         $root['page'] = $page_info;
         $msg_list = array();
         foreach ($list as $k => $v) {
             $msg_list[] = array("miid" => $v['id'], "mlid" => $v['group_key'], "uid" => $v['from_user_id'], "message" => $v['content'], "time" => pass_date($v['create_time']), "tuid" => $v['to_user_id'], "tuser_name" => $v['to_user_id'] == $user_id ? "我" : $dest_user_name, "tuser_avatar" => get_abs_img_root(get_muser_avatar($v['to_user_id'], "big")), "content" => $v['content'], "user_name" => $v['from_user_id'] == $user_id ? "我" : $dest_user_name, "user_avatar" => get_abs_img_root(get_muser_avatar($v['from_user_id'], "big")));
         }
         $root['msg_list'] = $msg_list;
     }
     output($root);
 }
示例#20
0
文件: biz_user.php 项目: macall/jsd
/**
 * 登出,返回 array('status'=>'',data=>'',msg=>'') msg存放整合接口返回的字符串
 */
function loginout_biz()
{
    $account_info = es_session::get("account_info");
    if (!$account_info) {
        return false;
    } else {
        es_session::delete("account_info");
        es_session::delete("biz_account_auth");
    }
}
 protected function check_auth()
 {
     $s_account_info = es_session::get("account_info");
     if (intval($s_account_info['id']) == 0) {
         app_redirect(url("biz", "login"));
     } else {
         $account_data = $GLOBALS['db']->getRow("select s.name as name,a.allow_charge as allow_charge, a.account_name as account_name,a.login_ip as login_ip ,a.login_time as login_time ,a.update_time as create_time, a.supplier_id as supplier_id from " . DB_PREFIX . "supplier_account as a left join " . DB_PREFIX . "supplier as s on a.supplier_id = s.id where a.id = " . intval($s_account_info['id']));
         if (!$account_data) {
             app_redirect(url("biz", "login"));
         }
         $GLOBALS['tmpl']->assign("account_data", $account_data);
     }
 }
示例#22
0
 /**
  * 验证检限
  * 已登录时验证用户权限, Index模块下的所有函数无需权限验证
  * 未登录时跳转登录
  */
 private function check_auth()
 {
     if (intval(app_conf("EXPIRED_TIME")) > 0 && es_session::is_expired()) {
         es_session::delete(md5(conf("AUTH_KEY")));
         es_session::delete("expire");
     }
     //管理员的SESSION
     $adm_session = es_session::get(md5(conf("AUTH_KEY")));
     $adm_name = $adm_session['adm_name'];
     $adm_id = intval($adm_session['adm_id']);
     $ajax = intval($_REQUEST['ajax']);
     $biz_account = es_session::get("account_info");
     $is_auth = 0;
     if (intval($biz_account['id']) > 0) {
         if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') {
             $is_auth = 1;
         }
     }
     if ($adm_id == 0 && $is_auth == 0) {
         if ($ajax == 0) {
             $this->redirect("Public/login");
         } else {
             $this->error(L("NO_LOGIN"), $ajax);
         }
     }
     //开始验证权限,当管理员名称不为默认管理员时
     //开始验证模块是否需要授权
     $sql = "select count(*) as c from " . conf("DB_PREFIX") . "role_node as role_node left join " . conf("DB_PREFIX") . "role_module as role_module on role_module.id = role_node.module_id " . " where role_node.action ='" . ACTION_NAME . "' and role_module.module = '" . MODULE_NAME . "' " . " and role_node.is_effect = 1 and role_node.is_delete = 0 and role_module.is_effect = 1 and role_module.is_delete = 0 ";
     $count = M()->query($sql);
     $count = $count[0]['c'];
     if ($adm_name != conf("DEFAULT_ADMIN") && MODULE_NAME != 'Index' && MODULE_NAME != 'Lang' && $count > 0 && $is_auth == 0) {
         //除IndexAction外需验证的权限列表
         $sql = "select count(*) as c from " . conf("DB_PREFIX") . "role_node as role_node left join " . conf("DB_PREFIX") . "role_access as role_access on role_node.id=role_access.node_id left join " . conf("DB_PREFIX") . "role as role on role_access.role_id = role.id left join " . conf("DB_PREFIX") . "role_module as role_module on role_module.id = role_node.module_id left join " . conf("DB_PREFIX") . "admin as admin on admin.role_id = role.id " . " where admin.id = " . $adm_id . " and role_node.action ='" . ACTION_NAME . "' and role_module.module = '" . MODULE_NAME . "' " . " and role_node.is_effect = 1 and role_node.is_delete = 0 and role_module.is_effect = 1 and role_module.is_delete = 0 and role.is_effect = 1 and role.is_delete = 0";
         $count = M()->query($sql);
         $count = $count[0]['c'];
         if ($count == 0) {
             //节点授权不足,开始判断是否有模块授权
             $module_sql = "select count(*) as c from " . conf("DB_PREFIX") . "role_access as role_access left join " . conf("DB_PREFIX") . "role as role on role_access.role_id = role.id left join " . conf("DB_PREFIX") . "role_module as role_module on role_module.id = role_access.module_id left join " . conf("DB_PREFIX") . "admin as admin on admin.role_id = role.id " . " where admin.id = " . $adm_id . " and role_module.module = '" . MODULE_NAME . "' " . " and role_access.node_id = 0" . " and role_module.is_effect = 1 and role_module.is_delete = 0 and role.is_effect = 1 and role.is_delete = 0";
             $module_count = M()->query($module_sql);
             $module_count = $module_count[0]['c'];
             if ($module_count == 0) {
                 if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') {
                     echo "<script>alert('" . L("NO_AUTH") . "');</script>";
                     exit;
                 } else {
                     $this->error(L("NO_AUTH"), $ajax);
                 }
             }
         }
     }
 }
示例#23
0
 public function add()
 {
     //查询部门列表
     $adm_sql = " SELECT * FROM " . DB_PREFIX . "admin WHERE is_delete= 0 and is_effect=1 and is_department = 1";
     $adm_list = $GLOBALS['db']->getAll($adm_sql);
     $this->assign('departs', $adm_list);
     $adm_session = es_session::get(md5(conf("AUTH_KEY")));
     $adm_name = $adm_session['adm_name'];
     $adm_id = intval($adm_session['adm_id']);
     $this->assign('adm_id', $adm_id);
     $list = M("Role")->findAll();
     $this->assign('list', $list);
     $this->display();
 }
示例#24
0
文件: common.php 项目: macall/jishida
function save_log($msg, $status)
{
    if (conf("ADMIN_LOG") == 1) {
        $adm_session = es_session::get(md5(conf("AUTH_KEY")));
        $log_data['log_info'] = $msg;
        $log_data['log_time'] = NOW_TIME;
        $log_data['log_admin'] = intval($adm_session['adm_id']);
        $log_data['log_ip'] = CLIENT_IP;
        $log_data['log_status'] = $status;
        $log_data['module'] = MODULE_NAME;
        $log_data['action'] = ACTION_NAME;
        M("Log")->add($log_data);
    }
}
示例#25
0
function insert_load_user_tip()
{
    //输出未读的消息数
    if ($GLOBALS['user_info']) {
        $GLOBALS['tmpl']->assign("user_info", $GLOBALS['user_info']);
        //输出签到结果
        $signin_result = es_session::get("signin_result");
        if ($signin_result['status']) {
            $GLOBALS['tmpl']->assign("signin_result", json_encode($signin_result));
            es_session::delete("signin_result");
        }
    }
    return $GLOBALS['tmpl']->fetch("inc/insert/load_user_tip.html");
}
 public function __construct()
 {
     if (ACTION_NAME != "reponse" && ACTION_NAME != "notify") {
         $adm_session = es_session::get(md5(app_conf("AUTH_KEY")));
         $adm_id = intval($adm_session['adm_id']);
         $user_info = es_session::get("user_info");
         $user_id = intval($user_info['id']);
         if ($adm_id == 0 && $user_id == 0) {
             showErr("请先登录");
         }
     }
     if (intval(app_conf("OPEN_IPS")) == 0) {
         showErr('未开启资金托管功能', 0);
     }
 }
示例#27
0
 public function clear_image()
 {
     set_time_limit(0);
     es_session::close();
     $path = APP_ROOT_PATH . "public/attachment/";
     $this->clear_image_file($path);
     $path = APP_ROOT_PATH . "public/images/";
     $this->clear_image_file($path);
     $qrcode_path = APP_ROOT_PATH . "public/images/qrcode/";
     $this->clear_qrcode($qrcode_path);
     clear_dir_file(get_real_path() . "public/runtime/app/tpl_caches/");
     clear_dir_file(get_real_path() . "public/runtime/app/tpl_compiled/");
     header("Content-Type:text/html; charset=utf-8");
     exit("<div style='line-height:50px; text-align:center; color:#f30;'>" . L('CLEAR_SUCCESS') . "</div><div style='text-align:center;'><input type='button' onclick='\$.weeboxs.close();' class='button' value='关闭' /></div>");
 }
 public function save()
 {
     require_once APP_ROOT_PATH . 'system/libs/user.php';
     foreach ($_REQUEST as $k => $v) {
         $_REQUEST[$k] = htmlspecialchars(addslashes(trim($v)));
     }
     if ($GLOBALS['user_info']['user_name']) {
         $_REQUEST['user_name'] = $GLOBALS['user_info']['user_name'];
     }
     $res = save_user($_REQUEST, 'UPDATE');
     if ($res['status'] == 1) {
         // user_name mobile province_id city_id byear bmonth bday sex my_intro id
         // 向im.lingang.me发送用户名片修改请求
         $phone = $_REQUEST['mobile'];
         $rid = es_cookie::get("rid");
         $sig = md5($phone . "_" . $rid . "_" . $rid);
         $url = get_doubi_host();
         $post = array('action' => 'edit_profile', 'sig' => $sig, 'phone' => $phone, 'uname' => $_REQUEST['user_name'], 'uintro' => $_REQUEST['my_intro'], 'gender' => $_REQUEST['sex'], 'birth' => $_REQUEST['byear'] . "-" . $_REQUEST['bmonth'] . "-" . $_REQUEST['bday']);
         $response = json_decode(sentSigPost($url, $post), true);
         $s_user_info = es_session::get("user_info");
         $user_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "user where id = '" . intval($s_user_info['id']) . "'");
         es_session::set("user_info", $user_info);
         if (intval($_REQUEST['is_ajax']) == 1) {
             echo 1;
         } else {
             showSuccess($GLOBALS['lang']['SAVE_USER_SUCCESS']);
         }
     } else {
         $error = $res['data'];
         if (!$error['field_show_name']) {
             $error['field_show_name'] = $GLOBALS['lang']['USER_TITLE_' . strtoupper($error['field_name'])];
         }
         if ($error['error'] == EMPTY_ERROR) {
             $error_msg = sprintf($GLOBALS['lang']['EMPTY_ERROR_TIP'], $error['field_show_name']);
         }
         if ($error['error'] == FORMAT_ERROR) {
             $error_msg = sprintf($GLOBALS['lang']['FORMAT_ERROR_TIP'], $error['field_show_name']);
         }
         if ($error['error'] == EXIST_ERROR) {
             $error_msg = sprintf($GLOBALS['lang']['EXIST_ERROR_TIP'], $error['field_show_name']);
         }
         if (intval($_REQUEST['is_ajax']) == 1) {
             echo 1;
         } else {
             showErr($error_msg);
         }
     }
 }
 /**
  * 验证检限
  * 已登录时验证用户权限, Index模块下的所有函数无需权限验证
  * 未登录时跳转登录
  */
 private function check_auth()
 {
     if (intval(app_conf("EXPIRED_TIME")) > 0 && es_session::is_expired()) {
         es_session::delete(md5(conf("AUTH_KEY")));
         es_session::delete("expire");
     }
     //管理员的SESSION
     $adm_session = es_session::get(md5(conf("AUTH_KEY")));
     $adm_name = $adm_session['adm_name'];
     $adm_id = intval($adm_session['adm_id']);
     $ajax = intval($_REQUEST['ajax']);
     $is_auth = 0;
     $user_info = es_session::get("user_info");
     if (intval($user_info['id']) > 0) {
         if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') {
             $is_auth = 1;
         }
     }
     if ($adm_id == 0 && $is_auth == 0) {
         if ($ajax == 0) {
             $this->redirect("Public/login");
         } else {
             $this->error(L("NO_LOGIN"), $ajax);
         }
     }
     //开始验证权限,当管理员名称不为默认管理员时
     //开始验证模块是否需要授权
     global $access_list;
     $access_list = (require APP_ROOT_PATH . "system/admnode_cfg.php");
     $count = isset($access_list[MODULE_NAME]['node'][ACTION_NAME]) ? 1 : 0;
     if ($adm_name != app_conf("DEFAULT_ADMIN") && $count > 0 && $is_auth == 0) {
         $sql = "select count(*) from " . DB_PREFIX . "role_access as role left join " . DB_PREFIX . "admin as admin on admin.role_id = role.role_id  " . "where admin.id = " . $adm_id . " and role.node = '" . ACTION_NAME . "' and role.module = '" . MODULE_NAME . "' ";
         $count = $GLOBALS['db']->getOne($sql);
         if ($count == 0) {
             //节点授权不足,开始判断是否有模块授权
             $module_sql = "select count(*) from " . DB_PREFIX . "role_access as role left join " . DB_PREFIX . "admin as admin on admin.role_id = role.role_id " . "where admin.id = " . $adm_id . " and role.node = '' and role.module = '" . MODULE_NAME . "' ";
             $module_count = $GLOBALS['db']->getOne($module_sql);
             if ($module_count == 0) {
                 if (MODULE_NAME == 'File' && ACTION_NAME == 'do_upload' || MODULE_NAME == 'File' && ACTION_NAME == 'do_upload_img') {
                     echo "<script>alert('" . L("NO_AUTH") . "');</script>";
                     exit;
                 } else {
                     $this->error(L("NO_AUTH"), $ajax);
                 }
             }
         }
     }
 }
 public function do_loginout()
 {
     //验证是否已登录
     //管理员的SESSION
     $adm_session = es_session::get(md5(conf("AUTH_KEY")));
     $adm_id = intval($adm_session['adm_id']);
     if ($adm_id == 0) {
         //已登录
         $this->redirect(u("Public/login"));
     } else {
         es_session::delete(md5(conf("AUTH_KEY")));
         $this->assign("jumpUrl", U("Public/login"));
         $this->assign("waitSecond", 3);
         $this->success(L("LOGINOUT_SUCCESS"));
     }
 }