assign('affiliate', $affiliate);
$back_act = '';
// 不需要登录的操作或自己验证是否登录(如ajax处理)的act
$not_login_arr =
array(
'login', 'act_login', 'register', 'act_register', 'act_edit_password', 'get_password', 'send_pwd_email', 'password', 'signin', 'add_tag', 'collect', 'return_to_cart', 'logout', 'email_list', 'validate_email', 'send_hash_mail', 'order_query', 'is_registered', 'check_email', 'check_phone', 'clear_history', 'qpassword_name', 'get_passwd_question', 'check_answer', 'oath', 'oath_login', 'oath_log', 'get_password_main', 'get_password_do', 'get_coupon', 'send_mobile_code', 'send_email_code', 'act_register_ajax', 'signin_mobile', 'get_user', 'get_collect',
'get_history', 'qpassword_mobile', 'send_pwd_mobile', 'wx_validated', 'wx_regist_act', 'wx_validated_act', 'wx_regist_sigin'
);
/* 显示页面的action列表 */
$ui_arr = array(
'register', 'login', 'profile', 'order_list', 'order_detail', 'address_list', 'collection_list',
'message_list', 'tag_list', 'get_password', 'reset_password', 'booking_list', 'add_booking', 'account_raply',
'account_deposit', 'account_log', 'account_detail', 'act_account', 'pay', 'default', 'bonus', 'group_buy', 'group_buy_detail', 'affiliate', 'comment_list', 'validate_email', 'track_packages', 'transform_points', 'qpassword_name', 'get_passwd_question', 'check_answer', 'oath_log', 'bind_email', 'update_password', 'update_email', 'security', 'affiliate_order', 'point_detail', 'ask_list', 'order_comment', 'order_comment_info', 'get_password_main', 'rebuy', 'bind_mobile', 'unbind_mobile', 'qpassword_mobile', 'send_pwd_mobile', 'unbind_wx'
);
/* 未登录处理 */
if (empty($_SESSION['user_id'])) {
if (!in_array($action, $not_login_arr)) {
if (in_array($action, $ui_arr)) {
/* 如果需要登录,并是显示页面的操作,记录当前操作,用于登录后跳转到相应操作
if ($action == 'login')
{
if (isset($_REQUEST['back_act']))
{
$back_act = trim($_REQUEST['back_act']);
}
}
else
{}*/
if (!empty($_SERVER['QUERY_STRING'])) {
$back_act = 'user.php?' . strip_tags($_SERVER['QUERY_STRING']);
}
$action = 'login';
} else {
//未登录提交数据。非正常途径提交数据!
die($_LANG['require_login']);
}
}
}
/* 如果是显示页面,对页面进行相应赋值 */
if (in_array($action, $ui_arr)) {
assign_template();
$position = assign_ur_here(0, $_LANG['user_center']);
$smarty->assign('page_title', $position['title']); // 页面标题
$smarty->assign('ur_here', $position['ur_here']);
$smarty->assign('categories', get_categories_tree()); // 分类树
$sql = "SELECT value FROM " . $ecs->table('shop_config') . " WHERE id = 419";
$row = $db->getRow($sql);
$car_off = $row['value'];
$smarty->assign('car_off', $car_off);
/* 是否显示积分兑换 */
if (!empty($_CFG['points_rule']) && unserialize($_CFG['points_rule'])) {
$smarty->assign('show_transform_points', 1);
}
$smarty->assign('promotion_goods', get_promote_goods()); // 特价商品
$smarty->assign('new_goods', get_recommend_goods('new')); // 最新商品
$smarty->assign('helps', get_shop_help()); // 网店帮助
$smarty->assign('data_dir', DATA_DIR); // 数据目录
$smarty->assign('action', $action);
$smarty->assign('lang', $_LANG);
}
//用户中心欢迎页
if ($action == 'default') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
if ($rank = get_rank_info()) {
$smarty->assign('rank_name', sprintf($_LANG['your_level'], $rank['rank_name']));
if (!empty($rank['next_rank_name'])) {
$smarty->assign('next_rank_name', sprintf($_LANG['next_level'], $rank['next_rank'], $rank['next_rank_name']));
}
}
if ($_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
include_once(ROOT_PATH . 'includes/lib_payment.php');
include_once(ROOT_PATH . 'includes/lib_order.php');
include_once(ROOT_PATH . 'includes/lib_clips.php');
$orders = get_user_orders($user_id, 3);
$smarty->assign('orders', $orders);
$smarty->assign('collection_goods_list', get_collection_goods($user_id, 8, 0));
$smarty->assign('history_goods_list', get_history_goods($user_id, 8, 0));
$pname = basename($_SERVER['SCRIPT_NAME'], '.php');
$smarty->assign('pname', $pname);
$count = get_order_status_count($user_id);
$count['stay_comment_order'] = get_stay_comment_order($user_id);
$count['op_order'] = get_count_op_order($user_id);
$count['op_cart'] = get_count_cart_goods($user_id);
$count['bonus'] = get_count_user_bonus($user_id);
$count['message'] = get_count_user_message($user_id);
$smarty->assign('count', $count);
$sql = "SELECT order_id, order_status, shipping_status, pay_status, add_time ,pay_name " .
" FROM " . $GLOBALS['ecs']->table('order_info') .
" WHERE user_id = '$user_id'";
$order_info = $GLOBALS['db']->getAll($sql);
$counts = array();
$counts['all'] = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('order_info') . " WHERE user_id = '$user_id'");
$counts['re_receive'] = 0;
$counts['re_comment'] = 0;
foreach ($order_info as $row) {
if ($row['shipping_status'] == 1 || $row['shipping_status'] == 4) {
$counts['re_receive']++;
}
if ($row['order_status'] == 5 && $row['shipping_status'] == 2) {
$counts['re_comment']++;
}
}
$smarty->assign('counts', $counts);
$user_info = get_profile($user_id); //修改添加 is_validated
if (!empty($user_info['email'])) {
$pos = strpos($user_info['email'], '@');
$email_name = substr($user_info['email'], 0, $pos);
$first_char = substr($email_name, 0, 1);
$last_char = substr($email_name, -1, 1);
$email_domain = substr($user_info['email'], $pos, strlen($user_info['email']) - $pos);
$user_info['email'] = $first_char . '*****' . $last_char . $email_domain;
}
if (!empty($user_info['mobile_phone'])) {
$user_info['mobile_phone'] = substr($user_info['mobile_phone'], 0, 3) . '*****' . substr($user_info['mobile_phone'], -3, 3);
}
if (!empty($user_info['is_validated']) && !empty($user_info['mobile_phone'])) {
$user_info['security_lv'] = 2;
} elseif ((!empty($user_info['is_validated']) && empty($user_info['mobile_phone'])) || (empty($user_info['is_validated']) && !empty($user_info['mobile_phone']))) {
$user_info['security_lv'] = 1;
} else {
$user_info['security_lv'] = 0;
}
$smarty->assign('profile', $user_info);
}
$smarty->assign('info', get_user_default($user_id));
$smarty->assign('user_notice', $_CFG['user_notice']);
$smarty->assign('prompt', get_user_prompt($user_id));
$smarty->display('user_clips.dwt');
}
/* 显示会员注册界面 */
if ($action == 'register') {
if ((!isset($back_act) || empty($back_act)) && isset($GLOBALS['_SERVER']['HTTP_REFERER'])) {
$back_act = strpos($GLOBALS['_SERVER']['HTTP_REFERER'], 'user.php') ? './index.php' : $GLOBALS['_SERVER']['HTTP_REFERER'];
}
/* 取出注册扩展字段 */
$sql = 'SELECT * FROM ' . $ecs->table('reg_fields') . ' WHERE type < 2 AND display = 1 ORDER BY dis_order, id';
$extend_info_list = $db->getAll($sql);
$smarty->assign('extend_info_list', $extend_info_list);
/* 验证码相关设置 */
if ((intval($_CFG['captcha']) & CAPTCHA_REGISTER) && gd_version() > 0) {
$smarty->assign('enabled_captcha', 1);
$smarty->assign('rand', mt_rand());
}
/* 密码提示问题 */
$smarty->assign('passwd_questions', $_LANG['passwd_questions']);
/* 增加是否关闭注册 */
$smarty->assign('shop_reg_closed', $_CFG['shop_reg_closed']);
// $smarty->assign('back_act', $back_act);
if ($_CFG['template'] == 'zxcp2019') {
$smarty->assign('action', $action);
$smarty->display('user_register.dwt');
} else {
$smarty->display('user_passport.dwt');
}
}
// 第三方登录接口
elseif ($action == 'oath') {
$type = empty($_REQUEST['type']) ? '' : $_REQUEST['type'];
include_once(ROOT_PATH . 'includes/website/jntoo.php');
$c = &website($type);
if ($c) {
if (empty($_REQUEST['callblock'])) {
if (empty($_REQUEST['callblock']) && isset($GLOBALS['_SERVER']['HTTP_REFERER'])) {
$back_act = strpos($GLOBALS['_SERVER']['HTTP_REFERER'], 'user.php') ? 'index.php' : $GLOBALS['_SERVER']['HTTP_REFERER'];
} else {
$back_act = 'index.php';
}
} else {
$back_act = trim($_REQUEST['callblock']);
}
if ($back_act[4] != ':') $back_act = $ecs->url() . $back_act;
$open = empty($_REQUEST['open']) ? 0 : intval($_REQUEST['open']);
$url = $c->login($ecs->url() . 'user.php?act=oath_log&type=' . $type . '&callblock=' . urlencode($back_act) . '&open=' . $open);
if (!$url) {
show_message($c->get_error(), '首页', $ecs->url(), 'error');
}
header('Location: ' . $url);
} else {
show_message('服务器尚未注册该插件!', '首页', $ecs->url(), 'error');
}
}
/*完善信息处理*/ elseif ($action == 'oath_log') {
$type = empty($_REQUEST['type']) ? '' : $_REQUEST['type'];
include_once(ROOT_PATH . 'includes/website/jntoo.php');
$c = &website($type);
if ($c) {
if (empty($_SESSION['login_ret'])) {
$access = $c->getAccessToken();
if (!$access) {
show_message($c->get_error(), '首页', $ecs->url(), 'error');
}
$c->setAccessToken($access);
$info = $c->getMessage();
if (!$info) {
show_message($c->get_error(), '首页', $ecs->url(), 'error', false);
}
if (!$info['user_id']) {
show_message($c->get_error(), '首页', $ecs->url(), 'error', false);
}
} else {
$info = unserialize($_SESSION['login_ret']);
}
$info_user_id = $type . '_' . $info['user_id']; // 加个标识!!!防止 其他的标识 一样 // 以后的ID 标识 将以这种形式 辨认
$info['name'] = str_replace("'", "", $info['name']); // 过滤掉 逗号 不然出错 很难处理 不想去 搞什么编码的了
$sql = 'SELECT user_name,password,aite_id FROM ' . $ecs->table('users') . ' WHERE aite_id = \'' . $info_user_id . '\' OR aite_id=\'' . $info['user_id'] . '\'';
$count = $db->getRow($sql);
if (!$count) { // 没有当前数据
$_SESSION['login_ret'] = serialize($info);
$smarty->assign('type', $_REQUEST['type']);
$smarty->assign('callblock', $_REQUEST['callblock']);
$smarty->assign('user_name', $info[name]);
$smarty->assign('langlang', $_LANG['passport_js']);
$smarty->display('user_supplement.dwt');
exit;
} else {
$_SESSION['call_block'] = $_REQUEST['callblock'];
$_SESSION['ty_pe'] = $type;
$_SESSION['login_ret'] = serialize($info);
ecs_header('Location: ' . $ecs->get_domain() . '/user.php?act=oath_login');
}
}
}
//处理第三方登录接口
elseif ($action == 'oath_login') {
$ws = $_REQUEST['ws'];
if ($ws == 'wsxx') {
include_once('includes/lib_passport.php');
$username = $_REQUEST['username'];
$email = $_REQUEST['email'];
$password = $_REQUEST['password'];
$type = $_REQUEST['type'];
$callblock = $_REQUEST['callblock'];
$user_pass = $user->compile_password(array('password' => $password));
$login_info = unserialize($_SESSION['login_ret']);
$info_user_id = $type . '_' . $login_info['user_id']; // 加个标识!!!防止 其他的标识 一样 // 以后的ID 标识 将以这种形式 辨认
$sql = 'INSERT INTO ' . $ecs->table('users') . '(user_name , password, aite_id ,email, sex , reg_time , is_validated)
VALUES ' . "('$username' , '$user_pass' , '$info_user_id' ,'$email', '$login_info[sex]' , '" . gmtime() . "' , '0')";
$db->query($sql);
$user->set_session($username);
$user->set_cookie($username);
update_user_info();
recalculate_price();
if (strpos($_REQUEST['callblock'], 'flow.php')) {
ecs_header('Location: ' . $ecs->get_domain() . '/flow.php?step=consignee');
} else {
ecs_header('Location: ' . $ecs->get_domain() . '/user.php');
//ecs_header('Location: '.$_REQUEST['callblock']);
}
exit;
}
//绑定QQ账号
if ($ws == 'bdzh') {
include_once('includes/lib_passport.php');
$username = $_REQUEST['username_q'];
$password = md5($_REQUEST['password_q']);
$type = $_REQUEST['type'];
$login_info = unserialize($_SESSION['login_ret']);
$info_user_id = $type . '_' . $login_info['user_id'];
$sql_bdzh = 'SELECT * FROM ' . $ecs->table('users') . ' WHERE user_name = "' . $username . '" and password = "' . $password . '" ';
$bd_count = $db->getRow($sql_bdzh);
if (!$bd_count) { //如果没有数据
show_message($_LANG['login_failure'], '重新绑定', 'user.php?act=oath&type=qq', 'error');
exit;
} else {
if ($bd_count[aite_id]) {
show_message($_LANG['login_ybd'], '重新绑定', 'user.php?act=oath&type=qq', 'error');
exit;
} else {
$sql = 'UPDATE ' . $ecs->table('users') . " SET aite_id = '$info_user_id' WHERE user_id = '$bd_count[user_id]'";
$bd = $db->query($sql);
if ($bd) {
$user->set_session($username);
$user->set_cookie($username);
update_user_info();
recalculate_price();
show_message($_LANG['login_bdzh'], '首页', 'index.php', 'info');
}
}
}
exit;
}
//已经注册的用户
$info = unserialize($_SESSION['login_ret']);
$type = $_SESSION['ty_pe'];
$callblock = $_SESSION['call_block'];
$info_user_id = $type . '_' . $info['user_id']; //加个标识!!!防止 其他的标识 一样 // 以后的ID 标识 将以这种形式 辨认
$info['name'] = str_replace("'", "", $info['name']); //过滤掉 逗号 不然出错 很难处理 不想去 搞什么编码的了
$sql = '';
if ($count['aite_id'] == $info['user_id']) {
$sql = 'UPDATE ' . $ecs->table('users') . " SET aite_id = '$info_user_id' WHERE aite_id = '$count[aite_id]'";
$db->query($sql);
}
/*if($info['name'] != $count['user_name']) // 这段可删除
{
if($user->check_user($info['name'])) // 重名处理
{
$info['name'] = $info['name'].'_'.$type.(rand()*10000000);
}
$sql = 'UPDATE '.$ecs->table('users')." SET user_name = '$info[name]' WHERE aite_id = '$info_user_id'";
$db->query($sql);
}*/
/*$tx_sql = 'SELECT head_img FROM '.$ecs->table('users').' WHERE aite_id = \''.$info_user_id.'\' OR aite_id=\''.$info['user_id'].'\'';
$tx_info = $db->getOne($tx_sql);
if($tx_info == ''){
$sql = 'UPDATE '.$ecs->table('users')." SET head_img = '$info[figureurl_qq_2]' WHERE aite_id = '$info_user_id'";
$db->query($sql);
}*/
$name_sql = 'SELECT user_name FROM ' . $ecs->table('users') . ' WHERE aite_id = \'' . $info_user_id . '\' OR aite_id=\'' . $info['user_id'] . '\'';
$name_info = $db->getOne($name_sql);
$user->set_session($name_info);
$user->set_cookie($name_info);
update_user_info();
recalculate_price();
if (!empty($_REQUEST['open'])) {
die('');
} else {
if (strpos($callblock, 'flow.php')) {
ecs_header('Location: ' . $ecs->get_domain() . '/flow.php?step=checkout');
} else {
ecs_header('Location: ' . $ecs->get_domain() . '/user.php');
//ecs_header('Location: '.$_REQUEST['callblock']);
}
}
}
/* 注册会员的处理 */ elseif ($action == 'act_register') {
/* 增加是否关闭注册 */
if ($_CFG['shop_reg_closed']) {
$smarty->assign('action', 'register');
$smarty->assign('shop_reg_closed', $_CFG['shop_reg_closed']);
$smarty->display('user_passport.dwt');
} else {
include_once(ROOT_PATH . 'includes/lib_passport.php');
$username = isset($_POST['username']) ? trim($_POST['username']) : '';
$password = isset($_POST['password']) ? trim($_POST['password']) : '';
$email = isset($_POST['email']) ? trim($_POST['email']) : '';
$other['msn'] = isset($_POST['extend_field1']) ? $_POST['extend_field1'] : '';
$other['qq'] = isset($_POST['extend_field2']) ? $_POST['extend_field2'] : '';
$other['office_phone'] = isset($_POST['extend_field3']) ? $_POST['extend_field3'] : '';
$other['home_phone'] = isset($_POST['extend_field4']) ? $_POST['extend_field4'] : '';
$other['mobile_phone'] = isset($_POST['extend_field5']) ? $_POST['extend_field5'] : '';
$sel_question = empty($_POST['sel_question']) ? '' : compile_str($_POST['sel_question']);
$passwd_answer = isset($_POST['passwd_answer']) ? compile_str(trim($_POST['passwd_answer'])) : '';
$back_act = isset($_POST['back_act']) ? trim($_POST['back_act']) : '';
if (empty($_POST['agreement'])) {
show_message($_LANG['passport_js']['agreement']);
}
if (strlen($username) < 3) {
show_message($_LANG['passport_js']['username_shorter']);
}
if (strlen($password) < 6) {
show_message($_LANG['passport_js']['password_shorter']);
}
if (strpos($password, ' ') > 0) {
show_message($_LANG['passwd_balnk']);
}
if ($_CFG['template'] == 'zxcp2019') {
include_once('includes/cls_json.php');
$reg_type = isset($_POST['reg_type']) ? trim($_POST['reg_type']) : '';
$json = new JSON;
//如果手机注册
if ($reg_type == 'mobile') {
if (strlen($mobile) < 8) {
$result['error'] = 1;
$result['content'] = '手机格式错误!';
die($json->encode($result));
}
$mobile_code = !empty($_POST['mobile_code']) ? json_str_iconv(trim($_POST['mobile_code'])) : '';
$mobile_code = md5($mobile_code);
$mobile_code_COOKIE = $_SESSION['mobile_code'];
$mobile_COOKIE = trim($_SESSION['mobile']);
if ($mobile_code != $mobile_code_COOKIE || $mobile != $mobile_COOKIE || !$mobile_code_COOKIE || !$mobile_COOKIE) {
$result['error'] = 1;
$result['content'] = '手机校验码错误,请重新输入!';
die($json->encode($result));
} else {
unset($_SESSION['mobile']);
unset($_SESSION['mobile_code']);
$sql = 'SELECT user_id FROM ' . $ecs->table('users') . " WHERE user_name = '$mobile' OR (mobile_phone = '$mobile' AND mobile_is_validated =1)";
if ($db->getOne($sql)) {
$result['error'] = 1;
$result['content'] = '该手机号已被注册!';
die($json->encode($result));
}
$_POST['extend_field5'] = $mobile;
$other['mobile_phone'] = $mobile;
$check = true;
}
if (!$username) $username = $mobile;
}
//如果邮箱注册
if ($reg_type == 'email') {
if (!is_email($email)) {
$result['error'] = 1;
$result['content'] = '邮箱格式不正确';
die($json->encode($result));
}
if (!$username) $username = $email;
$sql = 'SELECT user_id FROM ' . $ecs->table('users') . " WHERE user_name = '$email' OR email='$email' ";
if ($db->getOne($sql)) {
$result['error'] = 1;
$result['content'] = '该邮箱已被注册!';
die($json->encode($result));
}
$email_code = !empty($_POST['email_code']) ? json_str_iconv(trim($_POST['email_code'])) : '';
$email_code = md5($email_code);
$email_code_COOKIE = $_SESSION['email_code'];
$email_COOKIE = trim($_SESSION['reg_email']);
if ($email_code != $email_code_COOKIE || $email != $email_COOKIE || !$email_code_COOKIE || !$email_COOKIE) {
$result['error'] = 1;
$result['content'] = '邮箱校验码错误,请重新输入!';
die($json->encode($result));
} else {
unset($_SESSION['reg_email']);
unset($_SESSION['email_code']);
$_POST['extend_field5'] = $email;
$check = true;
}
}
} else {
/* 验证码检查 */
if ((intval($_CFG['captcha']) & CAPTCHA_REGISTER) && gd_version() > 0) {
if (empty($_POST['captcha'])) {
show_message($_LANG['invalid_captcha'], $_LANG['sign_up'], 'user.php?act=register', 'error');
}
/* 检查验证码 */
include_once('includes/cls_captcha.php');
$validator = new captcha();
if (!$validator->check_word($_POST['captcha'])) {
show_message($_LANG['invalid_captcha'], $_LANG['sign_up'], 'user.php?act=register', 'error');
}
}
}
$other['source'] = SOURCE_PC; //add by Jimmy Fu 2016-4-21
if (register($username, $password, $email, $other) !== false) {
/*把新注册用户的扩展信息插入数据库*/
$sql = 'SELECT id FROM ' . $ecs->table('reg_fields') . ' WHERE type = 0 AND display = 1 ORDER BY dis_order, id'; //读出所有自定义扩展字段的id
$fields_arr = $db->getAll($sql);
if ($_CFG['template'] == 'zxcp2019') {
//如果是手机注册,添加手机验证绑定
if ($reg_type == 'mobile') {
$sql = 'UPDATE ' . $ecs->table('users') . " SET `mobile_is_validated`='1' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
}
if ($reg_type == 'email') {
$sql = 'UPDATE ' . $ecs->table('users') . " SET `is_validated`='1' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
}
}
$extend_field_str = ''; //生成扩展字段的内容字符串
foreach ($fields_arr as $val) {
$extend_field_index = 'extend_field' . $val['id'];
if (!empty($_POST[$extend_field_index])) {
$temp_field_content = strlen($_POST[$extend_field_index]) > 100 ? mb_substr($_POST[$extend_field_index], 0, 99) : $_POST[$extend_field_index];
$extend_field_str .= " ('" . $_SESSION['user_id'] . "', '" . $val['id'] . "', '" . compile_str($temp_field_content) . "'),";
}
}
$extend_field_str = substr($extend_field_str, 0, -1);
if ($extend_field_str) //插入注册扩展数据
{
$sql = 'INSERT INTO ' . $ecs->table('reg_extend_info') . ' (`user_id`, `reg_field_id`, `content`) VALUES' . $extend_field_str;
$db->query($sql);
}
/* 写入密码提示问题和答案 */
if (!empty($passwd_answer) && !empty($sel_question)) {
$sql = 'UPDATE ' . $ecs->table('users') . " SET `passwd_question`='$sel_question', `passwd_answer`='$passwd_answer' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
}
/* 判断是否需要自动发送注册邮件 */
if ($GLOBALS['_CFG']['member_email_validate'] && $GLOBALS['_CFG']['send_verify_email']) {
send_regiter_hash($_SESSION['user_id']);
}
$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
show_message(sprintf($_LANG['register_success'], $username . $ucdata), array($_LANG['back_up_page'], $_LANG['profile_lnk']), array($back_act, 'user.php'), 'info');
} else {
$err->show($_LANG['sign_up'], 'user.php?act=register');
}
}
}
/* 验证用户注册邮件 */ elseif ($action == 'validate_email') {
$hash = empty($_GET['hash']) ? '' : trim($_GET['hash']);
if ($hash) {
include_once(ROOT_PATH . 'includes/lib_passport.php');
$id = register_hash('decode', $hash);
if ($id > 0) {
$sql = "UPDATE " . $ecs->table('users') . " SET is_validated = 1 WHERE user_id='$id'";
$db->query($sql);
$sql = 'SELECT user_name, email FROM ' . $ecs->table('users') . " WHERE user_id = '$id'";
$row = $db->getRow($sql);
//zxcp2019-s
if ($_CFG['template'] == 'zxcp2019') {
$_SESSION['is_verify_email'] = true;
show_message(sprintf($_LANG['validate_ok'], $row['user_name'], $row['email']), '返回账号安全中心', 'user.php?act=update_email');
}
//zxcp2019-e
else {
show_message(sprintf($_LANG['validate_ok'], $row['user_name'], $row['email']), $_LANG['profile_lnk'], 'user.php');
}
}
}
show_message($_LANG['validate_fail']);
}
/* 验证用户注册用户名是否可以注册 */ elseif ($action == 'is_registered') {
include_once(ROOT_PATH . 'includes/lib_passport.php');
$username = trim($_GET['username']);
$username = json_str_iconv($username);
if ($user->check_user($username) || admin_registered($username)) {
echo 'false';
} else {
echo 'true';
}
}
/* 验证用户邮箱地址是否被注册 */ elseif ($action == 'check_email') {
$email = trim($_GET['email']);
if ($user->check_email($email)) {
echo 'false';
} else {
echo 'ok';
}
}
/* 验证用户手机号是否被注册 */ elseif ($action == 'check_phone') {
$phone = trim($_GET['phone']);
if ($user->check_phone($phone)) {
echo 'false';
} else {
echo 'ok';
}
}
/* 用户登录界面 */ elseif ($action == 'login') {
//zxcp2019-s
if ($_CFG['template'] == 'zxcp2019') {
$back_act = urldecode($_GET['back_url']);
}
//zxcp2019-e
if (empty($back_act)) {
if (empty($back_act) && isset($GLOBALS['_SERVER']['HTTP_REFERER'])) {
$back_act = strpos($GLOBALS['_SERVER']['HTTP_REFERER'], 'user.php') ? './index.php' : $GLOBALS['_SERVER']['HTTP_REFERER'];
} else {
$back_act = 'user.php';
}
}
$captcha = intval($_CFG['captcha']);
if (($captcha & CAPTCHA_LOGIN) && (!($captcha & CAPTCHA_LOGIN_FAIL) || (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0) {
$GLOBALS['smarty']->assign('enabled_captcha', 1);
$GLOBALS['smarty']->assign('rand', mt_rand());
}
if ($_REQUEST['ajax'] == '1' && $_CFG['template'] == 'zxcp2019') {
include_once('includes/cls_json.php');
$json = new JSON;
$result = array('error' => 0, 'content' => '');
$smarty->assign('is_ajax', 1);
$result['content'] = $smarty->fetch('user_login.dwt');
die($json->encode($result));
}
$smarty->assign('back_act', $back_act);
if ($_CFG['template'] == 'zxcp2019') {
$smarty->assign('action', $action);
$smarty->display('user_login.dwt');
} else {
$smarty->display('user_passport.dwt');
}
}
/* 处理会员的登录 */ elseif ($action == 'act_login') {
$username = isset($_POST['username']) ? trim($_POST['username']) : '';
$password = isset($_POST['password']) ? trim($_POST['password']) : '';
$back_act = isset($_POST['back_act']) ? trim($_POST['back_act']) : '';
$captcha = intval($_CFG['captcha']);
if (($captcha & CAPTCHA_LOGIN) && (!($captcha & CAPTCHA_LOGIN_FAIL) || (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0) {
if (empty($_POST['captcha'])) {
show_message($_LANG['invalid_captcha'], $_LANG['relogin_lnk'], 'user.php', 'error');
}
/* 检查验证码 */
include_once('includes/cls_captcha.php');
$validator = new captcha();
$validator->session_word = 'captcha_login';
if (!$validator->check_word($_POST['captcha'])) {
show_message($_LANG['invalid_captcha'], $_LANG['relogin_lnk'], 'user.php', 'error');
}
}
if ($user->login($username, $password, isset($_POST['remember']))) {
update_user_info();
recalculate_price();
$ucdata = isset($user->ucdata) ? $user->ucdata : '';
show_message($_LANG['login_success'] . $ucdata, array($_LANG['back_up_page'], $_LANG['profile_lnk']), array($back_act, 'user.php'), 'info');
} else {
$_SESSION['login_fail']++;
show_message($_LANG['login_failure'], $_LANG['relogin_lnk'], 'user.php', 'error');
}
}
/* 处理 ajax 的登录请求 */ elseif ($action == 'signin') {
include_once('includes/cls_json.php');
$json = new JSON;
$username = !empty($_POST['username']) ? json_str_iconv(trim($_POST['username'])) : '';
$password = !empty($_POST['password']) ? trim($_POST['password']) : '';
$captcha = !empty($_POST['captcha']) ? json_str_iconv(trim($_POST['captcha'])) : '';
$result = array('error' => 0, 'content' => '');
$captcha = intval($_CFG['captcha']);
if (($captcha & CAPTCHA_LOGIN) && (!($captcha & CAPTCHA_LOGIN_FAIL) || (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0) {
if (empty($captcha)) {
$result['error'] = 1;
$result['content'] = $_LANG['invalid_captcha'];
die($json->encode($result));
}
/* 检查验证码 */
include_once('includes/cls_captcha.php');
$validator = new captcha();
$validator->session_word = 'captcha_login';
if (!$validator->check_word($_POST['captcha'])) {
$result['error'] = 1;
$result['content'] = $_LANG['invalid_captcha'];
die($json->encode($result));
}
}
if ($user->login($username, $password)) {
update_user_info(); //更新用户信息
recalculate_price(); // 重新计算购物车中的商品价格
$smarty->assign('user_info', get_user_info());
$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
$result['ucdata'] = $ucdata;
if (1) {
$back_act = $_POST['back_act'];
$back_act = $back_act ? $back_act : 'index.php';
$result['url'] = $back_act;
$result['content'] = $smarty->fetch('library/member_info.lbi');
} else {
$result['content'] = $smarty->fetch('library/member_info.lbi');
}
} else {
$_SESSION['login_fail']++;
if ($_SESSION['login_fail'] > 2) {
$smarty->assign('enabled_captcha', 1);
$result['html'] = $smarty->fetch('library/member_info.lbi');
}
$result['error'] = 1;
$result['content'] = $_LANG['login_failure'];
}
die($json->encode($result));
}
/* 退出会员中心 */ elseif ($action == 'logout') {
if ((!isset($back_act) || empty($back_act)) && isset($GLOBALS['_SERVER']['HTTP_REFERER'])) {
$back_act = strpos($GLOBALS['_SERVER']['HTTP_REFERER'], 'user.php') ? './index.php' : $GLOBALS['_SERVER']['HTTP_REFERER'];
}
$user->logout();
$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
show_message($_LANG['logout'] . $ucdata, array($_LANG['back_up_page'], $_LANG['back_home_lnk']), array($back_act, 'index.php'), 'info');
}
/* 个人资料页面 */ elseif ($action == 'profile') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$user_info = get_profile($user_id);
/* 取出注册扩展字段 */
$sql = 'SELECT * FROM ' . $ecs->table('reg_fields') . ' WHERE type < 2 AND display = 1 ORDER BY dis_order, id';
$extend_info_list = $db->getAll($sql);
$sql = 'SELECT reg_field_id, content ' .
'FROM ' . $ecs->table('reg_extend_info') .
" WHERE user_id = $user_id";
$extend_info_arr = $db->getAll($sql);
$temp_arr = array();
foreach ($extend_info_arr as $val) {
$temp_arr[$val['reg_field_id']] = $val['content'];
}
foreach ($extend_info_list as $key => $val) {
switch ($val['id']) {
case 1:
$extend_info_list[$key]['content'] = $user_info['msn'];
break;
case 2:
$extend_info_list[$key]['content'] = $user_info['qq'];
break;
case 3:
$extend_info_list[$key]['content'] = $user_info['office_phone'];
break;
case 4:
$extend_info_list[$key]['content'] = $user_info['home_phone'];
break;
case 5:
$extend_info_list[$key]['content'] = $user_info['mobile_phone'];
break;
default:
$extend_info_list[$key]['content'] = empty($temp_arr[$val['id']]) ? '' : $temp_arr[$val['id']];
}
}
$smarty->assign('extend_info_list', $extend_info_list);
/* 密码提示问题 */
$smarty->assign('passwd_questions', $_LANG['passwd_questions']);
$smarty->assign('profile', $user_info);
$smarty->display('user_transaction.dwt');
}
/* 修改个人资料的处理 */ elseif ($action == 'act_edit_profile') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$birthday = trim($_POST['birthdayYear']) . '-' . trim($_POST['birthdayMonth']) . '-' .
trim($_POST['birthdayDay']);
$email = trim($_POST['email']);
$other['msn'] = $msn = isset($_POST['extend_field1']) ? trim($_POST['extend_field1']) : '';
$other['qq'] = $qq = isset($_POST['extend_field2']) ? trim($_POST['extend_field2']) : '';
$other['office_phone'] = $office_phone = isset($_POST['extend_field3']) ? trim($_POST['extend_field3']) : '';
$other['home_phone'] = $home_phone = isset($_POST['extend_field4']) ? trim($_POST['extend_field4']) : '';
$other['mobile_phone'] = $mobile_phone = isset($_POST['extend_field5']) ? trim($_POST['extend_field5']) : '';
$sel_question = empty($_POST['sel_question']) ? '' : compile_str($_POST['sel_question']);
$passwd_answer = isset($_POST['passwd_answer']) ? compile_str(trim($_POST['passwd_answer'])) : '';
$realname = isset($_POST['realname']) ? compile_str(trim($_POST['realname'])) : '';
/* 更新用户扩展字段的数据 */
$sql = 'SELECT id FROM ' . $ecs->table('reg_fields') . ' WHERE type = 0 AND display = 1 ORDER BY dis_order, id'; //读出所有扩展字段的id
$fields_arr = $db->getAll($sql);
foreach ($fields_arr as $val) //循环更新扩展用户信息
{
$extend_field_index = 'extend_field' . $val['id'];
if (isset($_POST[$extend_field_index])) {
$temp_field_content = strlen($_POST[$extend_field_index]) > 100 ? mb_substr(htmlspecialchars($_POST[$extend_field_index]), 0, 99) : htmlspecialchars($_POST[$extend_field_index]);
$sql = 'SELECT * FROM ' . $ecs->table('reg_extend_info') . " WHERE reg_field_id = '$val[id]' AND user_id = '$user_id'";
if ($db->getOne($sql)) //如果之前没有记录,则插入
{
$sql = 'UPDATE ' . $ecs->table('reg_extend_info') . " SET content = '$temp_field_content' WHERE reg_field_id = '$val[id]' AND user_id = '$user_id'";
} else {
$sql = 'INSERT INTO ' . $ecs->table('reg_extend_info') . " (`user_id`, `reg_field_id`, `content`) VALUES ('$user_id', '$val[id]', '$temp_field_content')";
}
$db->query($sql);
}
}
/* 写入真实姓名 */
if (!empty($realname) && !empty($_SESSION['user_id'])) {
$sql = 'UPDATE ' . $ecs->table('users') . " SET `realname`='$realname' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
}
/* 写入密码提示问题和答案 */
if (!empty($passwd_answer) && !empty($sel_question)) {
$sql = 'UPDATE ' . $ecs->table('users') . " SET `passwd_question`='$sel_question', `passwd_answer`='$passwd_answer' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
}
if (!empty($office_phone) && !preg_match('/^[\d|\_|\-|\s]+$/', $office_phone)) {
show_message($_LANG['passport_js']['office_phone_invalid']);
}
if (!empty($home_phone) && !preg_match('/^[\d|\_|\-|\s]+$/', $home_phone)) {
show_message($_LANG['passport_js']['home_phone_invalid']);
}
if (!is_email($email)) {
show_message($_LANG['msg_email_format']);
}
if (!empty($msn) && !is_email($msn)) {
show_message($_LANG['passport_js']['msn_invalid']);
}
if (!empty($qq) && !preg_match('/^\d+$/', $qq)) {
show_message($_LANG['passport_js']['qq_invalid']);
}
if (!empty($mobile_phone) && !preg_match('/^[\d-\s]+$/', $mobile_phone)) {
show_message($_LANG['passport_js']['mobile_phone_invalid']);
}
$profile = array(
'user_id' => $user_id,
'email' => isset($_POST['email']) ? trim($_POST['email']) : '',
'sex' => isset($_POST['sex']) ? intval($_POST['sex']) : 0,
'birthday' => $birthday,
'other' => isset($other) ? $other : array()
);
if (edit_profile($profile)) {
show_message($_LANG['edit_profile_success'], $_LANG['profile_lnk'], 'user.php?act=profile', 'info');
} else {
if ($user->error == ERR_EMAIL_EXISTS) {
$msg = sprintf($_LANG['email_exist'], $profile['email']);
} else {
$msg = $_LANG['edit_profile_failed'];
}
show_message($msg, '', '', 'info');
}
}
/* 密码找回-->输入用户名界面 */ elseif (($action == 'qpassword_name' || $action == 'get_password' || $action == 'qpassword_mobile') && $_CFG['template'] == 'zxcp2019') {
$user_id = isset($_SESSION['pwd_user_id']) ? intval($_SESSION['pwd_user_id']) : 0;
if ($user_id) {
$sql = "SELECT user_id, user_name, email, mobile_phone FROM " . $ecs->table('users') . " WHERE user_id='$user_id'";
$user_info = $db->getRow($sql);
$smarty->assign('user', $user_info);
}
$smarty->assign('step', '2');
//显示输入要找回密码的账号表单
$smarty->display('user_passport.dwt');
}
/* 密码找回-->修改密码界面 */ elseif ($action == 'get_password') {
include_once(ROOT_PATH . 'includes/lib_passport.php');
if (isset($_GET['code']) && isset($_GET['uid'])) //从邮件处获得的act
{
$code = trim($_GET['code']);
$uid = intval($_GET['uid']);
/* 判断链接的合法性 */
$user_info = $user->get_profile_by_id($uid);
if (empty($user_info) || ($user_info && md5($user_info['user_id'] . $_CFG['hash_code'] . $user_info['reg_time']) != $code)) {
show_message($_LANG['parm_error'], $_LANG['back_home_lnk'], './', 'info');
}
$smarty->assign('uid', $uid);
$smarty->assign('code', $code);
$smarty->assign('action', 'reset_password');
$smarty->display('user_passport.dwt');
} else {
//显示用户名和email表单
$smarty->display('user_passport.dwt');
}
}
/* 密码找回-->输入用户名界面 */ elseif ($action == 'qpassword_name') {
//显示输入要找回密码的账号表单
$smarty->display('user_passport.dwt');
}
/* 密码找回-->根据注册用户名取得密码提示问题界面 */ elseif ($action == 'get_passwd_question') {
if (empty($_POST['user_name'])) {
show_message($_LANG['no_passwd_question'], $_LANG['back_home_lnk'], './', 'info');
} else {
$user_name = trim($_POST['user_name']);
}
//取出会员密码问题和答案
$sql = 'SELECT user_id, user_name, passwd_question, passwd_answer FROM ' . $ecs->table('users') . " WHERE user_name = '" . $user_name . "'";
$user_question_arr = $db->getRow($sql);
//如果没有设置密码问题,给出错误提示
if (empty($user_question_arr['passwd_answer'])) {
show_message($_LANG['no_passwd_question'], $_LANG['back_home_lnk'], './', 'info');
}
$_SESSION['temp_user'] = $user_question_arr['user_id']; //设置临时用户,不具有有效身份
$_SESSION['temp_user_name'] = $user_question_arr['user_name']; //设置临时用户,不具有有效身份
$_SESSION['passwd_answer'] = $user_question_arr['passwd_answer']; //存储密码问题答案,减少一次数据库访问
$captcha = intval($_CFG['captcha']);
if (($captcha & CAPTCHA_LOGIN) && (!($captcha & CAPTCHA_LOGIN_FAIL) || (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0) {
$GLOBALS['smarty']->assign('enabled_captcha', 1);
$GLOBALS['smarty']->assign('rand', mt_rand());
}
$smarty->assign('passwd_question', $_LANG['passwd_questions'][$user_question_arr['passwd_question']]);
$smarty->display('user_passport.dwt');
}
/* 密码找回-->根据提交的密码答案进行相应处理 */ elseif ($action == 'check_answer') {
$captcha = intval($_CFG['captcha']);
if (($captcha & CAPTCHA_LOGIN) && (!($captcha & CAPTCHA_LOGIN_FAIL) || (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0) {
if (empty($_POST['captcha'])) {
show_message($_LANG['invalid_captcha'], $_LANG['back_retry_answer'], 'user.php?act=qpassword_name', 'error');
}
/* 检查验证码 */
include_once('includes/cls_captcha.php');
$validator = new captcha();
$validator->session_word = 'captcha_login';
if (!$validator->check_word($_POST['captcha'])) {
show_message($_LANG['invalid_captcha'], $_LANG['back_retry_answer'], 'user.php?act=qpassword_name', 'error');
}
}
if (empty($_POST['passwd_answer']) || $_POST['passwd_answer'] != $_SESSION['passwd_answer']) {
show_message($_LANG['wrong_passwd_answer'], $_LANG['back_retry_answer'], 'user.php?act=qpassword_name', 'info');
} else {
$_SESSION['user_id'] = $_SESSION['temp_user'];
$_SESSION['user_name'] = $_SESSION['temp_user_name'];
unset($_SESSION['temp_user']);
unset($_SESSION['temp_user_name']);
$smarty->assign('uid', $_SESSION['user_id']);
$smarty->assign('action', 'reset_password');
$smarty->display('user_passport.dwt');
}
}
/* 发送密码修改确认邮件 */ elseif ($action == 'send_pwd_email' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'public/lib_passport.php');
/* 初始化会员邮件地址 */
$email = !empty($_POST['email']) ? trim($_POST['email']) : '';
$sql = "SELECT user_id, user_name ,email ,reg_time FROM " . $ecs->table('users') . " WHERE email='$email'";
$user_info = $db->getRow($sql);
if ($user_info) {
//生成code
//$code = md5($user_info[0] . $user_info[1]);
$code = md5($user_info['user_id'] . $_CFG['hash_code'] . $user_info['reg_time']);
//发送邮件的函数
if (send_pwd_email($user_info['user_id'], $user_info['user_name'], $email, $code)) {
show_message($_LANG['send_success'] . $email, $_LANG['back_home_lnk'], '', 'info');
} else {
//发送邮件出错
show_message($_LANG['fail_send_password'], $_LANG['back_page_up'], '', 'info');
}
} else {
//用户名与邮件地址不匹配
show_message($_LANG['username_no_email'], $_LANG['back_page_up'], '', 'info');
}
}
/* 发送密码修改确认邮件 */ elseif ($action == 'send_pwd_email') {
include_once(ROOT_PATH . 'includes/lib_passport.php');
/* 初始化会员用户名和邮件地址 */
$user_name = !empty($_POST['user_name']) ? trim($_POST['user_name']) : '';
$email = !empty($_POST['email']) ? trim($_POST['email']) : '';
//用户名和邮件地址是否匹配
$user_info = $user->get_user_info($user_name);
if ($user_info && $user_info['email'] == $email) {
//生成code
//$code = md5($user_info[0] . $user_info[1]);
$code = md5($user_info['user_id'] . $_CFG['hash_code'] . $user_info['reg_time']);
//发送邮件的函数
if (send_pwd_email($user_info['user_id'], $user_name, $email, $code)) {
show_message($_LANG['send_success'] . $email, $_LANG['back_home_lnk'], './', 'info');
} else {
//发送邮件出错
show_message($_LANG['fail_send_password'], $_LANG['back_page_up'], './', 'info');
}
} else {
//用户名与邮件地址不匹配
show_message($_LANG['username_no_email'], $_LANG['back_page_up'], '', 'info');
}
}
/* 重置新密码 */ elseif ($action == 'reset_password') {
//显示重置密码的表单
$smarty->display('user_passport.dwt');
}
/* 修改会员密码 */ elseif ($action == 'act_edit_password') {
include_once(ROOT_PATH . 'includes/lib_passport.php');
$old_password = isset($_POST['old_password']) ? trim($_POST['old_password']) : null;
$new_password = isset($_POST['new_password']) ? trim($_POST['new_password']) : '';
$user_id = isset($_POST['uid']) ? intval($_POST['uid']) : $user_id;
$code = isset($_POST['code']) ? trim($_POST['code']) : '';
if (strlen($new_password) < 6) {
show_message($_LANG['passport_js']['password_shorter']);
}
$user_info = $user->get_profile_by_id($user_id); //论坛记录
if (($user_info && (!empty($code) && md5($user_info['user_id'] . $_CFG['hash_code'] . $user_info['reg_time']) == $code)) || ($_SESSION['user_id'] > 0 && $_SESSION['user_id'] == $user_id && $user->check_user($_SESSION['user_name'], $old_password))) {
if ($user->edit_user(array('username' => (empty($code) ? $_SESSION['user_name'] : $user_info['user_name']), 'old_password' => $old_password, 'password' => $new_password), empty($code) ? 0 : 1)) {
$sql = "UPDATE " . $ecs->table('users') . "SET `ec_salt`='0' WHERE user_id= '" . $user_id . "'";
$db->query($sql);
$user->logout();
show_message($_LANG['edit_password_success'], $_LANG['relogin_lnk'], 'user.php?act=login', 'info');
} else {
show_message($_LANG['edit_password_failure'], $_LANG['back_page_up'], '', 'info');
}
} else {
show_message($_LANG['edit_password_failure'], $_LANG['back_page_up'], '', 'info');
}
}
//zxcp2019-s 获取右边工具栏用户中心
elseif ($action == 'get_user') {
include_once(ROOT_PATH . 'includes/cls_json.php');
$json = new JSON();
$result = array('error' => 0, 'message' => '');
if (!isset($_SESSION['user_id']) || $_SESSION['user_id'] == 0) {
$result['error'] = 1;
die($json->encode($result));
} else {
$user_id = $_SESSION['user_id'];
$sql = "SELECT u.pay_points, u.user_money,u.user_photo,u.user_rank,k.rank_name " .
" FROM " . $GLOBALS['ecs']->table('users') . ' AS u' .
" LEFT JOIN " . $GLOBALS['ecs']->table('user_rank') . " AS k " .
"ON k.rank_id = u.user_rank " .
" WHERE user_id = '$user_id'";
$row = $GLOBALS['db']->getRow($sql);
$info = array();
$info['username'] = stripslashes($_SESSION['user_name']);
$info['integral'] = $row['pay_points'];
$info['surplus'] = $row['user_money'];
$info['user_photo'] = $row['user_photo'] ? 'data/user_photos/' . $row['user_photo'] : 'data/user_photos/face.gif';
//$info['rank_logo'] =$row['rank_logo'] ? 'data/rank_img/'.$row['rank_logo'] : '' ;
$info['rank_name'] = $row['rank_name'];
$info['integral_name'] = $GLOBALS['_CFG']['integral_name'];
$info['bonus'] = get_count_user_bonus($user_id);
$type = !empty($atts['type']) ? $atts['type'] : '';
$GLOBALS['smarty']->assign('type', $type);
$GLOBALS['smarty']->assign('member', $info);
$sql = "SELECT order_id, order_status, shipping_status, pay_status, add_time ,pay_name " .
" FROM " . $GLOBALS['ecs']->table('order_info') .
" WHERE user_id = '$user_id' ";
$order_info = $GLOBALS['db']->getAll($sql);
$count = array();
$count['re_receive'] = 0;
foreach ($order_info as $row) {
if ($row['shipping_status'] == 1 || $row['shipping_status'] == 4) {
$count['re_receive']++;
}
}
$count['op_order'] = get_count_op_order($user_id);
$count['message'] = get_count_user_message($user_id);
$GLOBALS['smarty']->assign('count', $count);
$result['content'] = $smarty->fetch('library/lyecs_user.lbi');
die($json->encode($result));
}
}
/* 添加收藏商品(ajax) */ elseif ($action == 'get_collect') {
include_once(ROOT_PATH . 'includes/cls_json.php');
$json = new JSON();
$result = array('error' => 0, 'message' => '');
$str = '';
if (!isset($_SESSION['user_id']) || $_SESSION['user_id'] == 0) {
$result['error'] = 1;
die($json->encode($result));
} else {
$need_cache = $GLOBALS['smarty']->caching;
$need_compile = $GLOBALS['smarty']->force_compile;
if ($_SESSION['user_id'] > 0) {
$user_id = $_SESSION['user_id'];
$number = 7;
$sql = 'SELECT g.goods_id, g.goods_name, g.goods_thumb, g.goods_img, g.market_price, g.shop_price AS org_price, ' .
"IFNULL(mp.user_price, g.shop_price * '$_SESSION[discount]') AS shop_price, " .
'g.promote_price, g.promote_start_date,g.promote_end_date, c.rec_id, c.is_attention' .
' FROM ' . $GLOBALS['ecs']->table('collect_goods') . ' AS c' .
" LEFT JOIN " . $GLOBALS['ecs']->table('goods') . " AS g " .
"ON g.goods_id = c.goods_id " .
" LEFT JOIN " . $GLOBALS['ecs']->table('member_price') . " AS mp " .
"ON mp.goods_id = g.goods_id AND mp.user_rank = '$_SESSION[user_rank]' " .
" WHERE c.user_id = '$user_id' ORDER BY c.rec_id DESC";
$res = $GLOBALS['db']->selectLimit($sql, $number, 0);
$goods = array();
while ($row = $GLOBALS['db']->fetch_array($res)) {
if ($row['promote_price'] > 0) {
$promote_price = bargain_price($row['promote_price'], $row['promote_start_date'], $row['promote_end_date']);
} else {
$promote_price = 0;
}
$goods[$row['goods_id']]['goods_id'] = $row['goods_id'];
$goods[$row['goods_id']]['rec_id'] = $row['rec_id'];
$goods[$row['goods_id']]['is_attention'] = $row['is_attention'];
$goods[$row['goods_id']]['id'] = $row['goods_id'];
$goods[$row['goods_id']]['name'] = $row['goods_name'];
$goods[$row['goods_id']]['short_name'] = $GLOBALS['_CFG']['goods_name_length'] > 0 ? sub_str($row['goods_name'], $GLOBALS['_CFG']['goods_name_length']) : $row['goods_name'];
$goods[$row['goods_id']]['market_price'] = price_format($row['market_price']);
$goods[$row['goods_id']]['shop_price'] = price_format($row['shop_price']);
$goods[$row['goods_id']]['promote_price'] = ($promote_price > 0) ? price_format($promote_price) : '';
$goods[$row['goods_id']]['url'] = build_uri('goods', array('gid' => $row['goods_id']), $row['goods_name']);
$goods[$row['goods_id']]['thumb'] = get_image_path($row['goods_id'], $row['goods_thumb'], true);
$goods[$row['goods_id']]['img'] = get_image_path($row['goods_id'], $row['goods_img']);
}
}
$GLOBALS['smarty']->assign('collection_goods', $goods);
$form = (!empty($atts['form'])) ? $atts['form'] : 'library/lyecs_collection_goods.lbi';
$val = $GLOBALS['smarty']->fetch($form);
$GLOBALS['smarty']->caching = $need_cache;
$GLOBALS['smarty']->force_compile = $need_compile;
$result['content'] = $val;
die($json->encode($result));
}
} elseif ($action == 'get_history') {
include_once(ROOT_PATH . 'includes/cls_json.php');
include_once(ROOT_PATH . 'includes/lib_clips.php');
$json = new JSON();
$result = array('error' => 0, 'message' => '');
$goods = get_history_goods($user_id, 7, 0);
$type = 'bar';
$GLOBALS['smarty']->assign('type', $type);
$GLOBALS['smarty']->assign('goods_history', $goods);
$form = (!empty($atts['form'])) ? $atts['form'] : 'library/lyecs_history.lbi';
$str = $GLOBALS['smarty']->fetch($form);
$result['content'] = $str;
die($json->encode($result));
}
//zxcp2019-e
/* 添加一个红包 */ elseif ($action == 'act_add_bonus') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$bouns_sn = isset($_POST['bonus_sn']) ? intval($_POST['bonus_sn']) : '';
if (add_bonus($user_id, $bouns_sn)) {
show_message($_LANG['add_bonus_sucess'], $_LANG['back_up_page'], 'user.php?act=bonus', 'info');
} else {
$err->show($_LANG['back_up_page'], 'user.php?act=bonus');
}
}
/* 查看订单列表 */ elseif ($action == 'order_list') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
include_once(ROOT_PATH . 'includes/lib_payment.php');
include_once(ROOT_PATH . 'includes/lib_order.php');
include_once(ROOT_PATH . 'includes/lib_clips.php');
$ex_where = " and user_id=$user_id";
/* 已完成的订单 */
$order_count['finished'] = $db->GetOne('SELECT COUNT(*) FROM ' . $ecs->table('order_info') .
" WHERE 1 $ex_where " . order_query_sql('finished'));
$status['finished'] = CS_FINISHED;
/* 待发货的订单: */
$order_count['await_ship'] = $db->GetOne('SELECT COUNT(*)' .
' FROM ' . $ecs->table('order_info') .
" WHERE 1 $ex_where " . order_query_sql('await_ship'));
$status['await_ship'] = CS_AWAIT_SHIP;
/* 待付款的订单: */
$order_count['await_pay'] = $db->GetOne('SELECT COUNT(*)' .
' FROM ' . $ecs->table('order_info') .
" WHERE 1 $ex_where " . order_query_sql('await_pay'));
$status['await_pay'] = CS_AWAIT_PAY;
/* “未确认”的订单 */
$order_count['unconfirmed'] = $db->GetOne('SELECT COUNT(*) FROM ' . $ecs->table('order_info') .
" WHERE 1 $ex_where " . order_query_sql('unconfirmed'));
$status['unconfirmed'] = OS_UNCONFIRMED;
/* “待签收”的订单 */
$order_count['await_received'] = $db->GetOne('SELECT COUNT(*) FROM ' . $ecs->table('order_info') .
" WHERE 1 $ex_where " . order_query_sql('await_received'));
$status['await_received'] = CS_UNRECEIVED;
// $today_start = mktime(0,0,0,date('m'),date('d'),date('Y'));
$order_count['stats'] = $db->getRow('SELECT COUNT(*) AS oCount, IFNULL(SUM(order_amount), 0) AS oAmount' .
' FROM ' . $ecs->table('order_info'));
$smarty->assign('order_count', $order_count);
$smarty->assign('status', $status);
$composite_status = isset($_REQUEST['composite_status']) ? intval($_REQUEST['composite_status']) : -1;
$where = '';
switch ($composite_status) {
case CS_AWAIT_PAY:
$where .= order_query_sql('await_pay');
break;
case CS_AWAIT_SHIP:
$where .= order_query_sql('await_ship');
break;
case CS_FINISHED:
$where .= order_query_sql('finished');
break;
case CS_UNRECEIVED:
$where .= order_query_sql('await_received');
break;
default:
if ($composite_status != -1) {
$where .= " AND o.order_status = '$composite_status' ";
}
}
if ($_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'public/ly_add.php');
$fitter['time'] = isset($_REQUEST['time']) ? intval($_REQUEST['time']) : (ECS_WAP ? 4 : 3);
$fitter['is_pay'] = isset($_REQUEST['is_pay']) ? intval($_REQUEST['is_pay']) : 0;
$fitter['search'] = isset($_REQUEST['search']) ? trim($_REQUEST['search']) : '';
$cod_pay_id = get_cod_pay_id();
if ($fitter['time'] != 0) {
if ($fitter['time'] == 1) {
$limit_time = gmtime() - 60 * 60 * 24 * 365; //一年内订单
$where .= " AND o.add_time >= " . $limit_time;
} elseif ($fitter['time'] == 2) {
$limit_time = gmtime() - 60 * 60 * 24 * 30 * 6; //半年内订单
$where .= " AND o.add_time >= " . $limit_time;
} elseif ($fitter['time'] == 3) {
$limit_time = gmtime() - 60 * 60 * 24 * 30 * 3; //三月内订单
$where .= " AND o.add_time >= " . $limit_time;
}
}
if ($fitter['is_pay'] != 0) {
if ($fitter['is_pay'] == 1) {
$where .= " AND o.pay_status > 0 ";
} elseif ($fitter['is_pay'] == 2) {
$where .= " AND o.pay_status = 0 AND o.order_status = 0 AND o.pay_id!='$cod_pay_id' ";
}
}
if ($fitter['search'] != '') {
$where .= " AND ( o.order_sn LIKE '%" . mysql_like_quote($fitter['search']) . "%'";
$where .= " OR o.consignee LIKE '%" . mysql_like_quote($fitter['search']) . "%' ";
$order_ids = $db->getCol($sql);
$order_ids = implode(',', $order_ids);
$where .= " OR order_id in (" . $order_ids . "))";
}
$smarty->assign('time', $fitter['time']);
$smarty->assign('is_pay', $fitter['is_pay']);
$smarty->assign('search', $fitter['search']);
}
$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('order_info') . " as o WHERE user_id = '$user_id' $where ");
if ($_CFG['template'] == 'zxcp2019') {
$pager = get_pager('user.php', array('act' => $action, 'composite_status' => $composite_status, 'is_pay' => $fitter['is_pay'], 'search' => $fitter['search'], 'time' => $fitter['time']), $record_count, $page, 5);
} else {
$pager = get_pager('user.php', array('act' => $action, 'composite_status' => $composite_status), $record_count, $page, 5);
}
$orders = get_user_orders($user_id, $pager['size'], $pager['start'], $where);
//pr($orders);
$merge = get_user_merge($user_id);
$smarty->assign('merge', $merge);
$smarty->assign('pager', $pager);
$smarty->assign('orders', $orders);
$smarty->display('user_transaction.dwt');
}
/* 查看订单详情 */ elseif ($action == 'order_detail') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
include_once(ROOT_PATH . 'includes/lib_payment.php');
include_once(ROOT_PATH . 'includes/lib_order.php');
include_once(ROOT_PATH . 'includes/lib_clips.php');
$order_id = isset($_GET['order_id']) ? intval($_GET['order_id']) : 0;
/* 订单详情 */
$order = get_order_detail($order_id, $user_id, 'pc');
if ($order === false) {
$err->show($_LANG['back_home_lnk'], './');
exit;
}
/* 是否显示添加到购物车 */
if ($order['extension_code'] != 'group_buy' && $order['extension_code'] != 'exchange_goods') {
$smarty->assign('allow_to_cart', 1);
}
/* 订单商品 */
$goods_list = order_goods($order_id);
//pr($goods_list);
foreach ($goods_list as $key => $value) {
$goods_list[$key]['market_price'] = price_format($value['market_price'], false);
$goods_list[$key]['goods_price'] = price_format($value['goods_price'], false);
$goods_list[$key]['subtotal'] = price_format($value['subtotal'], false);
}
/* 设置能否修改使用余额数 */
if ($order['order_amount'] > 0) {
if ($order['order_status'] == OS_UNCONFIRMED || $order['order_status'] == OS_CONFIRMED) {
$user = user_info($order['user_id']);
if ($user['user_money'] + $user['credit_line'] > 0) {
$smarty->assign('allow_edit_surplus', 1);
$smarty->assign('max_surplus', sprintf($_LANG['max_surplus'], $user['user_money']));
}
}
}
/* 未发货,未付款时允许更换支付方式 */
if ($order['order_amount'] > 0 && $order['pay_status'] == PS_UNPAYED && $order['shipping_status'] == SS_UNSHIPPED) {
$payment_list = available_payment_list(false, 0, true, $is_show = '1', 'pc');
/* 过滤掉当前支付方式和余额支付方式 */
if (is_array($payment_list)) {
foreach ($payment_list as $key => $payment) {
if ($payment['pay_id'] == $order['pay_id'] || $payment['pay_code'] == 'balance') {
unset($payment_list[$key]);
}
}
}
$smarty->assign('payment_list', $payment_list);
}
//zxcp2019-s
if ($_CFG['template'] == 'zxcp2019') {
$order['detail_status'] = get_order_detail_status($order, 'detail');
if ($order['pay_id']) {
$payment_info = $GLOBALS['db']->getRow("SELECT is_cod,is_online FROM " . $GLOBALS['ecs']->table('payment') . " WHERE pay_id= '$order[pay_id]' ");
$is_cod = $payment_info['is_cod']; //是否货到付款
$is_offline = !$is_cod && $payment_info['is_online'] == 0 ? true : false; //是否线下支付,(非货到付款)
}
$order['flow_pic'] = array();
if ($order['pay_status'] > 0) {
$order['flow_pic']['pay'] = 1; //已支付
}
if ($is_cod) {
$order['flow_pic']['pay'] = 2; //货到付款
}
if ($order['shipping_status'] == 1) {
$order['flow_pic']['shipping'] = 1; //已发货
}
if ($order['shipping_status'] == 3) {
$order['flow_pic']['shipping'] = 3; //配货
}
if ($order['shipping_status'] == 5) {
$order['flow_pic']['shipping'] = 5; //捡货
}
if ($order['shipping_status'] == 2) {
$order['flow_pic']['finished'] = 1; //完成
$order['flow_pic']['shipping'] = 1; //完成
}
if ($order['order_status'] == 2) {
$order['flow_pic']['close'] = 2; //取消
}
if ($order['order_status'] == 3) {
$order['flow_pic']['close'] = 3; //无效
}
if ($order['order_status'] == 4) {
$order['flow_pic']['close'] = 4; //退货
}
$sql = "SELECT concat(IFNULL(c.region_name, ''), ' ', IFNULL(p.region_name, ''), " .
"' ', IFNULL(t.region_name, ''), ' ', IFNULL(d.region_name, '')) AS region FROM" .
$GLOBALS['ecs']->table('order_info') . " AS o " .
"LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS c ON o.country = c.region_id " .
"LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS p ON o.province = p.region_id " .
"LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS t ON o.city = t.region_id " .
"LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS d ON o.district = d.region_id " .
" WHERE o.order_id = '$order_id' AND o.user_id='$_SESSION[user_id]' LIMIT 5";
$order['region'] = $GLOBALS['db']->getOne($sql);
}
//zxcp2019-e
/* 订单 支付 配送 状态语言项 */
$order['order_status'] = $_LANG['os'][$order['order_status']];
$order['pay_status'] = $_LANG['ps'][$order['pay_status']];
$order['shipping_status'] = $_LANG['ss'][$order['shipping_status']];
$smarty->assign('order', $order);
$smarty->assign('goods_list', $goods_list);
$smarty->display('user_transaction.dwt');
}
/* 取消订单 */ elseif ($action == 'cancel_order') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
include_once(ROOT_PATH . 'includes/lib_order.php');
$order_id = isset($_GET['order_id']) ? intval($_GET['order_id']) : 0;
if (cancel_order($order_id, $user_id)) {
ecs_header("Location: user.php?act=order_list\n");
exit;
} else {
$err->show($_LANG['order_list_lnk'], 'user.php?act=order_list');
}
}
/* 收货地址列表界面*/ elseif ($action == 'address_list') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
include_once(ROOT_PATH . 'languages/' . $_CFG['lang'] . '/shopping_flow.php');
$smarty->assign('lang', $_LANG);
/* 取得国家列表、商店所在国家、商店所在国家的省列表 */
$smarty->assign('country_list', get_regions());
$smarty->assign('shop_province_list', get_regions(1, $_CFG['shop_country']));
/* 获得用户所有的收货人信息 */
$consignee_list = get_consignee_list($_SESSION['user_id']);
if (count($consignee_list) < 5 && $_SESSION['user_id'] > 0 && $_CFG['template'] != 'zxcp2019') {
/* 如果用户收货人信息的总数小于5 则增加一个新的收货人信息 */
$consignee_list[] = array('country' => $_CFG['shop_country'], 'email' => isset($_SESSION['email']) ? $_SESSION['email'] : '');
}
$smarty->assign('consignee_list', $consignee_list);
//取得国家列表,如果有收货人列表,取得省市区列表
foreach ($consignee_list as $region_id => $consignee) {
$consignee['country'] = isset($consignee['country']) ? intval($consignee['country']) : 0;
$consignee['province'] = isset($consignee['province']) ? intval($consignee['province']) : 0;
$consignee['city'] = isset($consignee['city']) ? intval($consignee['city']) : 0;
$province_list[$region_id] = get_regions(1, $consignee['country']);
$city_list[$region_id] = get_regions(2, $consignee['province']);
$district_list[$region_id] = get_regions(3, $consignee['city']);
}
/* 获取默认收货ID */
$address_id = $db->getOne("SELECT address_id FROM " . $ecs->table('users') . " WHERE user_id='$user_id'");
//赋值于模板
$smarty->assign('real_goods_count', 1);
$smarty->assign('shop_country', $_CFG['shop_country']);
$smarty->assign('shop_province', get_regions(1, $_CFG['shop_country']));
$smarty->assign('province_list', $province_list);
$smarty->assign('address', $address_id);
$smarty->assign('city_list', $city_list);
$smarty->assign('district_list', $district_list);
$smarty->assign('currency_format', $_CFG['currency_format']);
$smarty->assign('integral_scale', $_CFG['integral_scale']);
$smarty->assign('name_of_region', array($_CFG['name_of_region_1'], $_CFG['name_of_region_2'], $_CFG['name_of_region_3'], $_CFG['name_of_region_4']));
$smarty->display('user_transaction.dwt');
}
/* 添加/编辑收货地址的处理 */ elseif ($action == 'act_edit_address') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
include_once(ROOT_PATH . 'languages/' . $_CFG['lang'] . '/shopping_flow.php');
$smarty->assign('lang', $_LANG);
$address = array(
'user_id' => $user_id,
'address_id' => intval($_POST['address_id']),
'country' => isset($_POST['country']) ? intval($_POST['country']) : $_CFG['shop_country'],
'province' => isset($_POST['province']) ? intval($_POST['province']) : 0,
'city' => isset($_POST['city']) ? intval($_POST['city']) : 0,
'district' => isset($_POST['district']) ? intval($_POST['district']) : 0,
'address' => isset($_POST['address']) ? compile_str(trim($_POST['address'])) : '',
'consignee' => isset($_POST['consignee']) ? compile_str(trim($_POST['consignee'])) : '',
'email' => isset($_POST['email']) ? compile_str(trim($_POST['email'])) : '',
'tel' => isset($_POST['tel']) ? compile_str(make_semiangle(trim($_POST['tel']))) : '',
'mobile' => isset($_POST['mobile']) ? compile_str(make_semiangle(trim($_POST['mobile']))) : '',
'best_time' => isset($_POST['best_time']) ? compile_str(trim($_POST['best_time'])) : '',
'sign_building' => isset($_POST['sign_building']) ? compile_str(trim($_POST['sign_building'])) : '',
'zipcode' => isset($_POST['zipcode']) ? compile_str(make_semiangle(trim($_POST['zipcode']))) : '',
);
if (update_address($address)) {
show_message($_LANG['edit_address_success'], $_LANG['address_list_lnk'], 'user.php?act=address_list');
}
}
/* 删除收货地址 */ elseif ($action == 'drop_consignee') {
include_once('includes/lib_transaction.php');
$consignee_id = intval($_GET['id']);
if (drop_consignee($consignee_id)) {
ecs_header("Location: user.php?act=address_list\n");
exit;
} else {
show_message($_LANG['del_address_false']);
}
}
/* 显示收藏商品列表 */ elseif ($action == 'collection_list') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('collect_goods') .
" WHERE user_id='$user_id' ORDER BY add_time DESC");
$pager = get_pager('user.php', array('act' => $action), $record_count, $page);
$smarty->assign('pager', $pager);
if ($_CFG['template'] == 'zxcp2019') {
$pager['size'] = 8;
}
$smarty->assign('goods_list', get_collection_goods($user_id, $pager['size'], $pager['start']));
$smarty->assign('url', $ecs->url());
$lang_list = array(
'UTF8' => $_LANG['charset']['utf8'],
'GB2312' => $_LANG['charset']['zh_cn'],
'BIG5' => $_LANG['charset']['zh_tw'],
);
$smarty->assign('lang_list', $lang_list);
$smarty->assign('user_id', $user_id);
$smarty->assign('search', $_GET['search']);
$smarty->display('user_clips.dwt');
}
/* 删除收藏的商品 */ elseif ($action == 'delete_collection') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$collection_id = isset($_GET['collection_id']) ? intval($_GET['collection_id']) : 0;
if ($collection_id > 0) {
$db->query('DELETE FROM ' . $ecs->table('collect_goods') . " WHERE rec_id='$collection_id' AND user_id ='$user_id'");
}
ecs_header("Location: user.php?act=collection_list\n");
exit;
}
/* 添加关注商品 */ elseif ($action == 'add_to_attention') {
$rec_id = (int) $_GET['rec_id'];
if ($rec_id) {
$db->query('UPDATE ' . $ecs->table('collect_goods') . "SET is_attention = 1 WHERE rec_id='$rec_id' AND user_id ='$user_id'");
}
ecs_header("Location: user.php?act=collection_list\n");
exit;
}
/* 取消关注商品 */ elseif ($action == 'del_attention') {
$rec_id = (int) $_GET['rec_id'];
if ($rec_id) {
$db->query('UPDATE ' . $ecs->table('collect_goods') . "SET is_attention = 0 WHERE rec_id='$rec_id' AND user_id ='$user_id'");
}
ecs_header("Location: user.php?act=collection_list\n");
exit;
}
/* 显示留言列表 */ elseif ($action == 'message_list') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
$order_id = empty($_GET['order_id']) ? 0 : intval($_GET['order_id']);
$order_info = array();
/* 获取用户留言的数量 */
if ($order_id) {
$sql = "SELECT COUNT(*) FROM " . $ecs->table('feedback') .
" WHERE parent_id = 0 AND order_id = '$order_id' AND user_id = '$user_id'";
$order_info = $db->getRow("SELECT * FROM " . $ecs->table('order_info') . " WHERE order_id = '$order_id' AND user_id = '$user_id'");
$order_info['url'] = 'user.php?act=order_detail&order_id=' . $order_id;
} else {
$sql = "SELECT COUNT(*) FROM " . $ecs->table('feedback') .
" WHERE parent_id = 0 AND user_id = '$user_id' AND user_name = '" . $_SESSION['user_name'] . "' AND order_id=0";
}
$record_count = $db->getOne($sql);
$act = array('act' => $action);
if ($order_id != '') {
$act['order_id'] = $order_id;
}
$pager = get_pager('user.php', $act, $record_count, $page, 5);
$smarty->assign('message_list', get_message_list($user_id, $_SESSION['user_name'], $pager['size'], $pager['start'], $order_id));
$smarty->assign('pager', $pager);
$smarty->assign('order_info', $order_info);
$smarty->display('user_clips.dwt');
}
//zxcp2019-s
/* 显示评论列表 */ elseif ($action == 'comment_list' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
include_once(ROOT_PATH . 'includes/lib_payment.php');
include_once(ROOT_PATH . 'includes/lib_order.php');
include_once(ROOT_PATH . 'includes/lib_clips.php');
$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
/* 获取用户留言的数量 */
$sql = "SELECT COUNT(*) FROM " . $ecs->table('comment') .
" WHERE parent_id = 0 AND user_id = '$user_id'";
$record_count = $db->getOne($sql);
$pager = get_pager('user.php', array('act' => $action), $record_count, $page, 5);
$smarty->assign('comment_list', get_comment_list($user_id, $pager['size'], $pager['start']));
$smarty->assign('pager', $pager);
$re_comment_count = 0;
$re_show_count = 0;
$where .= " AND order_status IN(1,5) AND shipping_status=2 AND comment_status=0 ";
$orders = get_user_orders($user_id, 50, $pager['start'], $where);
foreach ($orders as $key => $value) {
$sql = 'SELECT COUNT(*) FROM ' . $GLOBALS['ecs']->table("order_rank_log") . " WHERE order_id='$value[order_id]' LIMIT 1 ";
$order_rank_log = $GLOBALS['db']->getOne($sql);
foreach ($value['goods_list'] as $k => $row) {
$re_show = false;
$re_comment = false;
if ($row['comment_status'] == 0) {
$re_comment = true;
}
if ($row['comment_show_status'] == 0) {
$re_show = true;
}
}
if ($re_comment == true || !$order_rank_log) {
$re_comment_count++;
}
if ($re_show == true) {
$re_show_count++;
}
}
$smarty->assign('re_comment_count', $re_comment_count);
$smarty->assign('re_show_count', $re_show_count);
$smarty->display('user_clips.dwt');
}
//zxcp2019-e
/* 显示评论列表 */ elseif ($action == 'comment_list') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
/* 获取用户留言的数量 */
$sql = "SELECT COUNT(*) FROM " . $ecs->table('comment') .
" WHERE parent_id = 0 AND user_id = '$user_id'";
$record_count = $db->getOne($sql);
$pager = get_pager('user.php', array('act' => $action), $record_count, $page, 5);
$smarty->assign('comment_list', get_comment_list($user_id, $pager['size'], $pager['start']));
$smarty->assign('pager', $pager);
$smarty->display('user_clips.dwt');
}
//zxcp2019-s
elseif ($action == 'order_comment' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
include_once(ROOT_PATH . 'includes/lib_order.php');
$re_comment_count = 0;
$re_show_count = 0;
$com_status = isset($_REQUEST['com_status']) ? intval($_REQUEST['com_status']) : 0;
$where .= " AND order_status IN(1,5) AND shipping_status=2 AND comment_status=0 ";
$orders = get_user_orders($user_id, 50, $pager['start'], $where);
foreach ($orders as $key => $value) {
$sql = 'SELECT COUNT(*) FROM ' . $GLOBALS['ecs']->table("order_rank_log") . " WHERE order_id='$value[order_id]' LIMIT 1 ";
$order_rank_log = $GLOBALS['db']->getOne($sql);
foreach ($value['goods_list'] as $k => $row) {
$re_show = false;
$re_comment = false;
if ($row['comment_status'] == 0) {
$re_comment = true;
}
if ($row['comment_show_status'] == 0) {
$re_show = true;
}
}
if ($re_comment == true || !$order_rank_log) {
$re_comment_count++;
}
if ($re_show == true) {
$re_show_count++;
}
if ($com_status == 2 && $re_show != true) {
unset($orders[$key]);
}
}
$smarty->assign('re_comment_count', $re_comment_count);
$smarty->assign('re_show_count', $re_show_count);
$smarty->assign('orders', $orders);
$default_tag = explode(',', $_LYCFG['comment_default_tag']);
$smarty->assign('default_tag', $default_tag);
$smarty->assign('com_type', $com_type);
$smarty->assign('order_id', $order_id);
$smarty->assign('com_status', $com_status);
$smarty->assign('comment_count1', $comment_count1); //待评价数量
$smarty->assign('comment_count2', $comment_count2); //待晒单数量
$smarty->display('user_transaction.dwt');
}
//zxcp2019-e
/* 添加我的留言 */ elseif ($action == 'act_add_message') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$message = array(
'user_id' => $user_id,
'user_name' => $_SESSION['user_name'],
'user_email' => $_SESSION['email'],
'msg_type' => isset($_POST['msg_type']) ? intval($_POST['msg_type']) : 0,
'msg_title' => isset($_POST['msg_title']) ? trim($_POST['msg_title']) : '',
'msg_content' => isset($_POST['msg_content']) ? trim($_POST['msg_content']) : '',
'order_id' => empty($_POST['order_id']) ? 0 : intval($_POST['order_id']),
'upload' => (isset($_FILES['message_img']['error']) && $_FILES['message_img']['error'] == 0) || (!isset($_FILES['message_img']['error']) && isset($_FILES['message_img']['tmp_name']) && $_FILES['message_img']['tmp_name'] != 'none')
? $_FILES['message_img'] : array()
);
if (add_message($message)) {
show_message($_LANG['add_message_success'], $_LANG['message_list_lnk'], 'user.php?act=message_list&order_id=' . $message['order_id'], 'info');
} else {
$err->show($_LANG['message_list_lnk'], 'user.php?act=message_list');
}
}
/* 标签云列表 */ elseif ($action == 'tag_list') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$good_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
$smarty->assign('tags', get_user_tags($user_id));
$smarty->assign('tags_from', 'user');
$smarty->display('user_clips.dwt');
}
/* 删除标签云的处理 */ elseif ($action == 'act_del_tag') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$tag_words = isset($_GET['tag_words']) ? trim($_GET['tag_words']) : '';
delete_tag($tag_words, $user_id);
ecs_header("Location: user.php?act=tag_list\n");
exit;
}
/* 显示缺货登记列表 */ elseif ($action == 'booking_list') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
/* 获取缺货登记的数量 */
$sql = "SELECT COUNT(*) " .
"FROM " . $ecs->table('booking_goods') . " AS bg, " .
$ecs->table('goods') . " AS g " .
"WHERE bg.goods_id = g.goods_id AND user_id = '$user_id'";
$record_count = $db->getOne($sql);
$pager = get_pager('user.php', array('act' => $action), $record_count, $page);
$smarty->assign('booking_list', get_booking_list($user_id, $pager['size'], $pager['start']));
$smarty->assign('pager', $pager);
$smarty->display('user_clips.dwt');
}
/* 添加缺货登记页面 */ elseif ($action == 'add_booking') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$goods_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
if ($goods_id == 0) {
show_message($_LANG['no_goods_id'], $_LANG['back_page_up'], '', 'error');
}
/* 根据规格属性获取货品规格信息 */
$goods_attr = '';
if ($_GET['spec'] != '') {
$goods_attr_id = $_GET['spec'];
$attr_list = array();
$sql = "SELECT a.attr_name, g.attr_value " .
"FROM " . $ecs->table('goods_attr') . " AS g, " .
$ecs->table('attribute') . " AS a " .
"WHERE g.attr_id = a.attr_id " .
"AND g.goods_attr_id " . db_create_in($goods_attr_id);
$res = $db->query($sql);
while ($row = $db->fetchRow($res)) {
$attr_list[] = $row['attr_name'] . ': ' . $row['attr_value'];
}
$goods_attr = join(chr(13) . chr(10), $attr_list);
}
$smarty->assign('goods_attr', $goods_attr);
$smarty->assign('info', get_goodsinfo($goods_id));
$smarty->display('user_clips.dwt');
}
/* 添加缺货登记的处理 */ elseif ($action == 'act_add_booking') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$booking = array(
'goods_id' => isset($_POST['id']) ? intval($_POST['id']) : 0,
'goods_amount' => isset($_POST['number']) ? intval($_POST['number']) : 0,
'desc' => isset($_POST['desc']) ? trim($_POST['desc']) : '',
'linkman' => isset($_POST['linkman']) ? trim($_POST['linkman']) : '',
'email' => isset($_POST['email']) ? trim($_POST['email']) : '',
'tel' => isset($_POST['tel']) ? trim($_POST['tel']) : '',
'booking_id' => isset($_POST['rec_id']) ? intval($_POST['rec_id']) : 0
);
// 查看此商品是否已经登记过
$rec_id = get_booking_rec($user_id, $booking['goods_id']);
if ($rec_id > 0) {
show_message($_LANG['booking_rec_exist'], $_LANG['back_page_up'], '', 'error');
}
if (add_booking($booking)) {
show_message(
$_LANG['booking_success'],
$_LANG['back_booking_list'],
'user.php?act=booking_list',
'info'
);
} else {
$err->show($_LANG['booking_list_lnk'], 'user.php?act=booking_list');
}
}
/* 删除缺货登记 */ elseif ($action == 'act_del_booking') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
if ($id == 0 || $user_id == 0) {
ecs_header("Location: user.php?act=booking_list\n");
exit;
}
$result = delete_booking($id, $user_id);
if ($result) {
ecs_header("Location: user.php?act=booking_list\n");
exit;
}
}
/* 确认收货 */ elseif ($action == 'affirm_received') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$order_id = isset($_GET['order_id']) ? intval($_GET['order_id']) : 0;
if (affirm_received($order_id, $user_id)) {
ecs_header("Location: user.php?act=order_list\n");
exit;
} else {
$err->show($_LANG['order_list_lnk'], 'user.php?act=order_list');
}
}
/* 会员退款申请界面 */ elseif ($action == 'account_raply') {
$mobile_phone = M('users')->where('user_id = ' . $user_id)->getField('mobile_phone');
$smarty->assign('mobile_phone', $mobile_phone);
$smarty->display('user_transaction.dwt');
}
/* 会员预付款界面 */ elseif ($action == 'account_deposit') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$surplus_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
$account = get_surplus_info($surplus_id);
$smarty->assign('payment', get_online_payment_list(false));
$smarty->assign('order', $account);
$smarty->display('user_transaction.dwt');
}
/* 会员账目明细界面 */ elseif ($action == 'account_detail') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
$account_type = 'user_money';
/* 获取记录条数 */
$sql = "SELECT COUNT(*) FROM " . $ecs->table('account_log') .
" WHERE user_id = '$user_id'" .
" AND $account_type <> 0 ";
$record_count = $db->getOne($sql);
//分页函数
$pager = get_pager('user.php', array('act' => $action), $record_count, $page);
//获取剩余余额
$surplus_amount = get_user_surplus($user_id);
if (empty($surplus_amount)) {
$surplus_amount = 0;
}
//获取余额记录
$account_log = array();
$sql = "SELECT * FROM " . $ecs->table('account_log') .
" WHERE user_id = '$user_id'" .
" AND $account_type <> 0 " .
" ORDER BY log_id DESC";
$res = $GLOBALS['db']->selectLimit($sql, $pager['size'], $pager['start']);
while ($row = $db->fetchRow($res)) {
$row['change_time'] = local_date($_CFG['date_format'], $row['change_time']);
$row['type'] = $row[$account_type] > 0 ? $_LANG['account_inc'] : $_LANG['account_dec'];
$row['user_money'] = price_format(abs($row['user_money']), false);
$row['frozen_money'] = price_format(abs($row['frozen_money']), false);
$row['rank_points'] = abs($row['rank_points']);
$row['pay_points'] = abs($row['pay_points']);
$row['short_change_desc'] = sub_str($row['change_desc'], 60);
$row['amount'] = $row[$account_type];
$account_log[] = $row;
}
//模板赋值
$smarty->assign('surplus_amount', price_format($surplus_amount, false));
$smarty->assign('account_log', $account_log);
$smarty->assign('pager', $pager);
$smarty->display('user_transaction.dwt');
}
/* 会员充值和提现申请记录 */ elseif ($action == 'account_log') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
/* 获取记录条数 */
$sql = "SELECT COUNT(*) FROM " . $ecs->table('user_account') .
" WHERE user_id = '$user_id'" .
" AND process_type " . db_create_in(array(SURPLUS_SAVE, SURPLUS_RETURN));
$record_count = $db->getOne($sql);
//分页函数
$pager = get_pager('user.php', array('act' => $action), $record_count, $page);
//获取剩余余额
$surplus_amount = get_user_surplus($user_id);
if (empty($surplus_amount)) {
$surplus_amount = 0;
}
//获取余额记录
$account_log = get_account_log($user_id, $pager['size'], $pager['start']);
//模板赋值
$smarty->assign('surplus_amount', price_format($surplus_amount, false));
$smarty->assign('account_log', $account_log);
$smarty->assign('pager', $pager);
$smarty->display('user_transaction.dwt');
}
/* 对会员余额申请的处理 */ elseif ($action == 'act_account' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
include_once(ROOT_PATH . 'includes/lib_order.php');
$amount = isset($_POST['amount']) ? floatval($_POST['amount']) : 0;
if ($amount <= 0) {
show_message($_LANG['amount_gt_zero']);
}
/* 变量初始化 */
$surplus = array(
'user_id' => $user_id,
'rec_id' => !empty($_POST['rec_id']) ? intval($_POST['rec_id']) : 0,
'process_type' => isset($_POST['surplus_type']) ? intval($_POST['surplus_type']) : 0,
'payment_id' => isset($_POST['payment_id']) ? intval($_POST['payment_id']) : 0,
'user_note' => isset($_POST['user_note']) ? trim($_POST['user_note']) : '',
'realname' => isset($_POST['realname']) ? trim($_POST['realname']) : '',
'amount' => $amount
);
/* 退款申请的处理 */
if ($surplus['process_type'] == 1) {
if ($surplus['amount'] < 10) {
show_message('提现金额需大于10元', $_LANG['back_page_up'], '', 'info');
}
/* 是否绑定手机号 */
$mobile_phone = M('users')->where('user_id = ' . $user_id)->getField('mobile_phone');
if (empty($mobile_phone)) {
show_message('请按照提示进行绑定手机号', $_LANG['back_page_up'], '', 'info');
}
/* 判断是否填写真实姓名 */
if ($surplus['realname'] == '') {
show_message('请填写真实姓名', $_LANG['back_page_up'], '', 'info');
}
/* 判断是否有足够的余额的进行退款的操作 */
$sur_amount = get_user_surplus($user_id);
if ($amount > $sur_amount) {
$content = $_LANG['surplus_amount_error'];
show_message($content, $_LANG['back_page_up'], '', 'info');
}
//插入会员账目明细
$amount = '-' . $amount;
$surplus['payment'] = '';
$surplus['rec_id'] = insert_user_account($surplus, $amount);
/* 如果成功提交 */
if ($surplus['rec_id'] > 0) {
$content = $_LANG['surplus_appl_submit'];
show_message($content, $_LANG['back_account_log'], 'user.php?act=account_log', 'info');
} else {
$content = $_LANG['process_false'];
show_message($content, $_LANG['back_page_up'], '', 'info');
}
}
/* 如果是会员预付款,跳转到下一步,进行线上支付的操作 */ else {
include_once(ROOT_PATH . 'includes/lib_payment.php');
if ($surplus['rec_id'] > 0) {
//更新会员账目明细
$surplus['rec_id'] = update_user_account($surplus);
} else {
//插入会员账目明细
$surplus['rec_id'] = insert_user_account($surplus, $amount);
}
//记录支付log
$order['log_id'] = insert_pay_log($surplus['rec_id'], $order['order_amount'], $type = PAY_SURPLUS, 0);
ecs_header("Location: user.php?act=pay&id=" . $surplus['rec_id'] . "\n");
}
}
/* 对会员余额申请的处理 */ elseif ($action == 'act_account') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
include_once(ROOT_PATH . 'includes/lib_order.php');
$amount = isset($_POST['amount']) ? floatval($_POST['amount']) : 0;
if ($amount <= 0) {
show_message($_LANG['amount_gt_zero']);
}
/* 变量初始化 */
$surplus = array(
'user_id' => $user_id,
'rec_id' => !empty($_POST['rec_id']) ? intval($_POST['rec_id']) : 0,
'process_type' => isset($_POST['surplus_type']) ? intval($_POST['surplus_type']) : 0,
'payment_id' => isset($_POST['payment_id']) ? intval($_POST['payment_id']) : 0,
'user_note' => isset($_POST['user_note']) ? trim($_POST['user_note']) : '',
'amount' => $amount
);
/* 退款申请的处理 */
if ($surplus['process_type'] == 1) {
/* 判断是否有足够的余额的进行退款的操作 */
$sur_amount = get_user_surplus($user_id);
if ($amount > $sur_amount) {
$content = $_LANG['surplus_amount_error'];
show_message($content, $_LANG['back_page_up'], '', 'info');
}
//插入会员账目明细
$amount = '-' . $amount;
$surplus['payment'] = '';
$surplus['rec_id'] = insert_user_account($surplus, $amount);
/* 如果成功提交 */
if ($surplus['rec_id'] > 0) {
$content = $_LANG['surplus_appl_submit'];
show_message($content, $_LANG['back_account_log'], 'user.php?act=account_log', 'info');
} else {
$content = $_LANG['process_false'];
show_message($content, $_LANG['back_page_up'], '', 'info');
}
}
/* 如果是会员预付款,跳转到下一步,进行线上支付的操作 */ else {
if ($surplus['payment_id'] <= 0) {
show_message($_LANG['select_payment_pls']);
}
include_once(ROOT_PATH . 'includes/lib_payment.php');
//获取支付方式名称
$payment_info = array();
$payment_info = payment_info($surplus['payment_id']);
$surplus['payment'] = $payment_info['pay_name'];
if ($surplus['rec_id'] > 0) {
//更新会员账目明细
$surplus['rec_id'] = update_user_account($surplus);
} else {
//插入会员账目明细
$surplus['rec_id'] = insert_user_account($surplus, $amount);
}
//取得支付信息,生成支付代码
$payment = unserialize_config($payment_info['pay_config']);
//生成伪订单号, 不足的时候补0
$order = array();
$order['order_sn'] = $surplus['rec_id'];
$order['user_name'] = $_SESSION['user_name'];
$order['surplus_amount'] = $amount;
//计算支付手续费用
$payment_info['pay_fee'] = pay_fee($surplus['payment_id'], $order['surplus_amount'], 0);
//计算此次预付款需要支付的总金额
$order['order_amount'] = $amount + $payment_info['pay_fee'];
//记录支付log
$order['log_id'] = insert_pay_log($surplus['rec_id'], $order['order_amount'], $type = PAY_SURPLUS, 0);
/* 调用相应的支付方式文件 */
include_once(ROOT_PATH . 'includes/modules/payment/' . $payment_info['pay_code'] . '.php');
/* 取得在线支付方式的支付按钮 */
$pay_obj = new $payment_info['pay_code'];
$payment_info['pay_button'] = $pay_obj->get_code($order, $payment);
/* 模板赋值 */
$smarty->assign('payment', $payment_info);
$smarty->assign('pay_fee', price_format($payment_info['pay_fee'], false));
$smarty->assign('amount', price_format($amount, false));
$smarty->assign('order', $order);
$smarty->display('user_transaction.dwt');
}
}
/* 删除会员余额 */ elseif ($action == 'cancel') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
if ($id == 0 || $user_id == 0) {
ecs_header("Location: user.php?act=account_log\n");
exit;
}
$result = del_user_account($id, $user_id);
if ($result) {
ecs_header("Location: user.php?act=account_log\n");
exit;
}
}
/* 会员通过帐目明细列表进行再付款的操作 */ elseif ($action == 'pay' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
include_once(ROOT_PATH . 'includes/lib_payment.php');
include_once(ROOT_PATH . 'includes/lib_order.php');
//变量初始化
$surplus_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
if ($surplus_id == 0) {
ecs_header("Location: user.php?act=account_log\n");
exit;
}
//获取单条会员帐目信息
$order = array();
$order = get_surplus_info($surplus_id);
//生成伪订单号
$order['order_sn'] = order_number() . '-' . $surplus_id;
//获取需要支付的log_id
$order['log_id'] = get_paylog_id($surplus_id, $pay_type = PAY_SURPLUS);
$order['user_name'] = $_SESSION['user_name'];
$order['surplus_amount'] = $order['amount'];
//计算此次预付款需要支付的总金额
$order['order_amount'] = $order['surplus_amount'];
//如果支付费用改变了,也要相应的更改pay_log表的order_amount
$order_amount = $db->getOne("SELECT order_amount FROM " . $ecs->table('pay_log') . " WHERE log_id = '$order[log_id]'");
if ($order_amount <> $order['order_amount']) {
$db->query("UPDATE " . $ecs->table('pay_log') .
" SET order_amount = '$order[order_amount]' WHERE log_id = '$order[log_id]'");
}
// 给货到付款的手续费加,以便改变配送的时候动态显示
$payment_list = available_payment_list(false, 0, true, $is_show = '1', 'pc');
if (isset($payment_list)) {
foreach ($payment_list as $key => $payment) {
if ($payment['is_cod'] == '1') {
$payment_list[$key]['format_pay_fee'] = '' . $payment['format_pay_fee'] . '';
}
/* 如果有易宝神州行支付 如果订单金额大于300 则不显示 */
if ($payment['pay_code'] == 'yeepayszx' && $total['amount'] > 300) {
unset($payment_list[$key]);
}
/* 如果有余额支付 */
if ($payment['pay_code'] == 'balance') {
/* 如果未登录,不显示 */
/* if ($_SESSION['user_id'] == 0)
{
unset($payment_list[$key]);
}
else
{
if ($_SESSION['flow_order']['pay_id'] == $payment['pay_id'])
{
$smarty->assign('disable_surplus', 1);
}
} */
unset($payment_list[$key]);
}
//订单是否固定一个支付方式
if ($order['fixed_payment'] > 0) {
if ($payment['pay_id'] != $order['fixed_payment']) {
unset($payment_list[$key]);
}
}
}
}
$smarty->assign('fixed_payment', $order['fixed_payment']);
$order['pay_value_id'] = $order['pay_id'] . '|' . $order['pay_bank'];
include_once('public/lyecs_banks.php');
$bank_pay_type = $_LYCFG['bank_pay_type'];
if ($bank_pay_type > 0) {
$pay_name = array(
1 => 'alipay',
2 => 'kuaiqian',
3 => 'tenpay',
4 => 'chinabank'
);
$sql = "SELECT pay_id FROM " . $ecs->table('payment') .
" WHERE enabled=1 AND pay_code= '" . $pay_name[$bank_pay_type] . "'";
$pay_id = $db->getOne($sql);
$bank_list = get_banks_list($pay_name[$bank_pay_type], $pay_id);
$smarty->assign('bank_list', $bank_list);
$smarty->assign('bank_type', $pay_name[$bank_pay_type]);
}
/* 模板赋值 */
$smarty->assign('bank_list', $bank_list);
$smarty->assign('order', $order);
$smarty->assign('payment_list', $payment_list);
$smarty->assign('action', 'act_account');
$smarty->display('user_transaction.dwt');
}
/* 会员通过帐目明细列表进行再付款的操作 */ elseif ($action == 'pay') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
include_once(ROOT_PATH . 'includes/lib_payment.php');
include_once(ROOT_PATH . 'includes/lib_order.php');
//变量初始化
$surplus_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
$payment_id = isset($_GET['pid']) ? intval($_GET['pid']) : 0;
if ($surplus_id == 0) {
ecs_header("Location: user.php?act=account_log\n");
exit;
}
//如果原来的支付方式已禁用或者已删除, 重新选择支付方式
if ($payment_id == 0) {
ecs_header("Location: user.php?act=account_deposit&id=" . $surplus_id . "\n");
exit;
}
//获取单条会员帐目信息
$order = array();
$order = get_surplus_info($surplus_id);
//支付方式的信息
$payment_info = array();
$payment_info = payment_info($payment_id);
/* 如果当前支付方式没有被禁用,进行支付的操作 */
if (!empty($payment_info)) {
//取得支付信息,生成支付代码
$payment = unserialize_config($payment_info['pay_config']);
//生成伪订单号
$order['order_sn'] = $surplus_id;
//获取需要支付的log_id
$order['log_id'] = get_paylog_id($surplus_id, $pay_type = PAY_SURPLUS);
$order['user_name'] = $_SESSION['user_name'];
$order['surplus_amount'] = $order['amount'];
//计算支付手续费用
$payment_info['pay_fee'] = pay_fee($payment_id, $order['surplus_amount'], 0);
//计算此次预付款需要支付的总金额
$order['order_amount'] = $order['surplus_amount'] + $payment_info['pay_fee'];
//如果支付费用改变了,也要相应的更改pay_log表的order_amount
$order_amount = $db->getOne("SELECT order_amount FROM " . $ecs->table('pay_log') . " WHERE log_id = '$order[log_id]'");
if ($order_amount <> $order['order_amount']) {
$db->query("UPDATE " . $ecs->table('pay_log') .
" SET order_amount = '$order[order_amount]' WHERE log_id = '$order[log_id]'");
}
/* 调用相应的支付方式文件 */
include_once(ROOT_PATH . 'includes/modules/payment/' . $payment_info['pay_code'] . '.php');
/* 取得在线支付方式的支付按钮 */
$pay_obj = new $payment_info['pay_code'];
$payment_info['pay_button'] = $pay_obj->get_code($order, $payment);
/* 模板赋值 */
$smarty->assign('payment', $payment_info);
$smarty->assign('order', $order);
$smarty->assign('pay_fee', price_format($payment_info['pay_fee'], false));
$smarty->assign('amount', price_format($order['surplus_amount'], false));
$smarty->assign('action', 'act_account');
$smarty->display('user_transaction.dwt');
}
/* 重新选择支付方式 */ else {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$smarty->assign('payment', get_online_payment_list());
$smarty->assign('order', $order);
$smarty->assign('action', 'account_deposit');
$smarty->display('user_transaction.dwt');
}
}
/* 添加标签(ajax) */ elseif ($action == 'add_tag') {
include_once('includes/cls_json.php');
include_once('includes/lib_clips.php');
$result = array('error' => 0, 'message' => '', 'content' => '');
$id = isset($_POST['id']) ? intval($_POST['id']) : 0;
$tag = isset($_POST['tag']) ? json_str_iconv(trim($_POST['tag'])) : '';
if ($user_id == 0) {
/* 用户没有登录 */
$result['error'] = 1;
$result['message'] = $_LANG['tag_anonymous'];
} else {
add_tag($id, $tag); // 添加tag
clear_cache_files('goods'); // 删除缓存
/* 重新获得该商品的所有缓存 */
$arr = get_tags($id);
foreach ($arr as $row) {
$result['content'][] = array('word' => htmlspecialchars($row['tag_words']), 'count' => $row['tag_count']);
}
}
$json = new JSON;
echo $json->encode($result);
exit;
}
/* 添加收藏商品(ajax) */ elseif ($action == 'collect') {
include_once(ROOT_PATH . 'includes/cls_json.php');
$json = new JSON();
$result = array('error' => 0, 'message' => '');
$goods_id = $_GET['id'];
if (!isset($_SESSION['user_id']) || $_SESSION['user_id'] == 0) {
$result['error'] = 1;
$result['message'] = $_LANG['login_please'];
die($json->encode($result));
} else {
/* 检查是否已经存在于用户的收藏夹 */
$sql = "SELECT COUNT(*) FROM " . $GLOBALS['ecs']->table('collect_goods') .
" WHERE user_id='$_SESSION[user_id]' AND goods_id = '$goods_id'";
if ($GLOBALS['db']->GetOne($sql) > 0) {
$result['error'] = 1;
$result['message'] = $GLOBALS['_LANG']['collect_existed'];
die($json->encode($result));
} else {
$time = gmtime();
$sql = "INSERT INTO " . $GLOBALS['ecs']->table('collect_goods') . " (user_id, goods_id, add_time)" .
"VALUES ('$_SESSION[user_id]', '$goods_id', '$time')";
if ($GLOBALS['db']->query($sql) === false) {
$result['error'] = 1;
$result['message'] = $GLOBALS['db']->errorMsg();
die($json->encode($result));
} else {
$result['error'] = 0;
$result['message'] = $GLOBALS['_LANG']['collect_success'];
die($json->encode($result));
}
}
}
}
/* 删除留言 */ elseif ($action == 'del_msg') {
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
$order_id = empty($_GET['order_id']) ? 0 : intval($_GET['order_id']);
if ($id > 0) {
$sql = 'SELECT user_id, message_img FROM ' . $ecs->table('feedback') . " WHERE msg_id = '$id' LIMIT 1";
$row = $db->getRow($sql);
if ($row && $row['user_id'] == $user_id) {
/* 验证通过,删除留言,回复,及相应文件 */
if ($row['message_img']) {
@unlink(ROOT_PATH . DATA_DIR . '/feedbackimg/' . $row['message_img']);
}
$sql = "DELETE FROM " . $ecs->table('feedback') . " WHERE msg_id = '$id' OR parent_id = '$id'";
$db->query($sql);
}
}
ecs_header("Location: user.php?act=message_list&order_id=$order_id\n");
exit;
}
/* 删除评论 */ elseif ($action == 'del_cmt') {
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
if ($id > 0) {
$sql = "DELETE FROM " . $ecs->table('comment') . " WHERE comment_id = '$id' AND user_id = '$user_id'";
$db->query($sql);
}
ecs_header("Location: user.php?act=comment_list\n");
exit;
}
/* 合并订单 */ elseif ($action == 'merge_order') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
include_once(ROOT_PATH . 'includes/lib_order.php');
$from_order = isset($_POST['from_order']) ? trim($_POST['from_order']) : '';
$to_order = isset($_POST['to_order']) ? trim($_POST['to_order']) : '';
if (merge_user_order($from_order, $to_order, $user_id)) {
show_message($_LANG['merge_order_success'], $_LANG['order_list_lnk'], 'user.php?act=order_list', 'info');
} else {
$err->show($_LANG['order_list_lnk']);
}
}
/* 将指定订单中商品添加到购物车 */ elseif ($action == 'return_to_cart') {
include_once(ROOT_PATH . 'includes/cls_json.php');
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$json = new JSON();
$result = array('error' => 0, 'message' => '', 'content' => '');
$order_id = isset($_POST['order_id']) ? intval($_POST['order_id']) : 0;
if ($order_id == 0) {
$result['error'] = 1;
$result['message'] = $_LANG['order_id_empty'];
die($json->encode($result));
}
if ($user_id == 0) {
/* 用户没有登录 */
$result['error'] = 1;
$result['message'] = $_LANG['login_please'];
die($json->encode($result));
}
/* 检查订单是否属于该用户 */
$order_user = $db->getOne("SELECT user_id FROM " . $ecs->table('order_info') . " WHERE order_id = '$order_id'");
if (empty($order_user)) {
$result['error'] = 1;
$result['message'] = $_LANG['order_exist'];
die($json->encode($result));
} else {
if ($order_user != $user_id) {
$result['error'] = 1;
$result['message'] = $_LANG['no_priv'];
die($json->encode($result));
}
}
$message = return_to_cart($order_id);
if ($message === true) {
$result['error'] = 0;
$result['message'] = $_LANG['return_to_cart_success'];
die($json->encode($result));
} else {
$result['error'] = 1;
$result['message'] = $_LANG['order_exist'];
die($json->encode($result));
}
}
/* 编辑使用余额支付的处理 */ elseif ($action == 'act_edit_surplus') {
/* 检查是否登录 */
if ($_SESSION['user_id'] <= 0) {
ecs_header("Location: ./\n");
exit;
}
/* 检查订单号 */
$order_id = intval($_POST['order_id']);
if ($order_id <= 0) {
ecs_header("Location: ./\n");
exit;
}
/* 检查余额 */
$surplus = floatval($_POST['surplus']);
if ($surplus <= 0) {
$err->add($_LANG['error_surplus_invalid']);
$err->show($_LANG['order_detail'], 'user.php?act=order_detail&order_id=' . $order_id);
}
include_once(ROOT_PATH . 'includes/lib_order.php');
/* 取得订单 */
$order = order_info($order_id);
if (empty($order)) {
ecs_header("Location: ./\n");
exit;
}
/* 检查订单用户跟当前用户是否一致 */
if ($_SESSION['user_id'] != $order['user_id']) {
ecs_header("Location: ./\n");
exit;
}
/* 检查订单是否未付款,检查应付款金额是否大于0 */
if ($order['pay_status'] != PS_UNPAYED || $order['order_amount'] <= 0) {
$err->add($_LANG['error_order_is_paid']);
$err->show($_LANG['order_detail'], 'user.php?act=order_detail&order_id=' . $order_id);
}
/* 计算应付款金额(减去支付费用) */
$order['order_amount'] -= $order['pay_fee'];
/* 余额是否超过了应付款金额,改为应付款金额 */
if ($surplus > $order['order_amount']) {
$surplus = $order['order_amount'];
}
/* 取得用户信息 */
$user = user_info($_SESSION['user_id']);
/* 用户帐户余额是否足够 */
if ($surplus > $user['user_money'] + $user['credit_line']) {
$err->add($_LANG['error_surplus_not_enough']);
$err->show($_LANG['order_detail'], 'user.php?act=order_detail&order_id=' . $order_id);
}
/* 修改订单,重新计算支付费用 */
$order['surplus'] += $surplus;
$order['order_amount'] -= $surplus;
if ($order['order_amount'] > 0) {
$cod_fee = 0;
if ($order['shipping_id'] > 0) {
$regions = array($order['country'], $order['province'], $order['city'], $order['district']);
$shipping = shipping_area_info($order['shipping_id'], $regions);
if ($shipping['support_cod'] == '1') {
$cod_fee = $shipping['pay_fee'];
}
}
$pay_fee = 0;
if ($order['pay_id'] > 0) {
$pay_fee = pay_fee($order['pay_id'], $order['order_amount'], $cod_fee);
}
$order['pay_fee'] = $pay_fee;
$order['order_amount'] += $pay_fee;
}
/* 如果全部支付,设为已确认、已付款 */
if ($order['order_amount'] == 0) {
if ($order['order_status'] == OS_UNCONFIRMED) {
$order['order_status'] = OS_CONFIRMED;
$order['confirm_time'] = gmtime();
}
$order['pay_status'] = PS_PAYED;
$order['pay_time'] = gmtime();
}
$order = addslashes_deep($order);
update_order($order_id, $order);
/* 更新用户余额 */
$change_desc = sprintf($_LANG['pay_order_by_surplus'], $order['order_sn']);
log_account_change($user['user_id'], (-1) * $surplus, 0, 0, 0, $change_desc);
/* 跳转 */
ecs_header('Location: user.php?act=order_detail&order_id=' . $order_id . "\n");
exit;
}
/* 编辑使用余额支付的处理 */ elseif ($action == 'act_edit_payment') {
/* 检查是否登录 */
if ($_SESSION['user_id'] <= 0) {
ecs_header("Location: ./\n");
exit;
}
/* 检查支付方式 */
$pay_id = intval($_POST['pay_id']);
if ($pay_id <= 0) {
ecs_header("Location: ./\n");
exit;
}
include_once(ROOT_PATH . 'includes/lib_order.php');
$payment_info = payment_info($pay_id);
if (empty($payment_info)) {
ecs_header("Location: ./\n");
exit;
}
/* 检查订单号 */
$order_id = intval($_POST['order_id']);
if ($order_id <= 0) {
ecs_header("Location: ./\n");
exit;
}
/* 取得订单 */
$order = order_info($order_id);
if (empty($order)) {
ecs_header("Location: ./\n");
exit;
}
/* 检查订单用户跟当前用户是否一致 */
if ($_SESSION['user_id'] != $order['user_id']) {
ecs_header("Location: ./\n");
exit;
}
/* 检查订单是否未付款和未发货 以及订单金额是否为0 和支付id是否为改变*/
if ($order['pay_status'] != PS_UNPAYED || $order['shipping_status'] != SS_UNSHIPPED || $order['goods_amount'] <= 0 || $order['pay_id'] == $pay_id) {
ecs_header("Location: user.php?act=order_detail&order_id=$order_id\n");
exit;
}
$order_amount = $order['order_amount'] - $order['pay_fee'];
$pay_fee = pay_fee($pay_id, $order_amount);
$order_amount += $pay_fee;
$sql = "UPDATE " . $ecs->table('order_info') .
" SET pay_id='$pay_id', pay_name='$payment_info[pay_name]', pay_fee='$pay_fee', order_amount='$order_amount'" .
" WHERE order_id = '$order_id'";
$db->query($sql);
/* 跳转 */
ecs_header("Location: user.php?act=order_detail&order_id=$order_id\n");
exit;
}
/* 保存订单详情收货地址 */ elseif ($action == 'save_order_address') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$address = array(
'consignee' => isset($_POST['consignee']) ? compile_str(trim($_POST['consignee'])) : '',
'email' => isset($_POST['email']) ? compile_str(trim($_POST['email'])) : '',
'address' => isset($_POST['address']) ? compile_str(trim($_POST['address'])) : '',
'zipcode' => isset($_POST['zipcode']) ? compile_str(make_semiangle(trim($_POST['zipcode']))) : '',
'tel' => isset($_POST['tel']) ? compile_str(trim($_POST['tel'])) : '',
'mobile' => isset($_POST['mobile']) ? compile_str(trim($_POST['mobile'])) : '',
'sign_building' => isset($_POST['sign_building']) ? compile_str(trim($_POST['sign_building'])) : '',
'best_time' => isset($_POST['best_time']) ? compile_str(trim($_POST['best_time'])) : '',
'order_id' => isset($_POST['order_id']) ? intval($_POST['order_id']) : 0
);
if (save_order_address($address, $user_id)) {
ecs_header('Location: user.php?act=order_detail&order_id=' . $address['order_id'] . "\n");
exit;
} else {
$err->show($_LANG['order_list_lnk'], 'user.php?act=order_list');
}
}
/* 我的红包列表 */ elseif ($action == 'bonus') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('user_bonus') . " WHERE user_id = '$user_id'");
$pager = get_pager('user.php', array('act' => $action), $record_count, $page);
$bonus = get_user_bouns_list($user_id, $pager['size'], $pager['start']);
$smarty->assign('pager', $pager);
$smarty->assign('bonus', $bonus);
$smarty->display('user_transaction.dwt');
}
/* 我的团购列表 */ elseif ($action == 'group_buy') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
//待议
$smarty->display('user_transaction.dwt');
}
/* 团购订单详情 */ elseif ($action == 'group_buy_detail') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
//待议
$smarty->display('user_transaction.dwt');
} elseif ($action == 'affiliate' && $_CFG['template'] == 'zxcp2019') {
$affiliate = unserialize($GLOBALS['_CFG']['affiliate']);
$smarty->assign('affiliate_item', $affiliate['item']);
$page = !empty($_REQUEST['page']) && intval($_REQUEST['page']) > 0 ? intval($_REQUEST['page']) : 1;
$size = 10;
$sql = "SELECT COUNT(user_id) FROM " . $GLOBALS['ecs']->table('users') . " WHERE parent_id = '$user_id'";
$count = $GLOBALS['db']->getOne($sql);
$pager = get_pager('user.php', array('act' => $action), $count, $page, $size);
$smarty->assign('pager', $pager);
$reward_users_list = get_affiliate_user_child_info($user_id, $page, $size);
$smarty->assign('reward_users_list', $reward_users_list['user_list']);
$smarty->assign('reward_total', price_format($reward_users_list['total']));
$sql = 'SELECT user_money FROM ' . $ecs->table('users') . " WHERE user_id = '$_SESSION[user_id]' ";
$user_info = $db->getRow($sql);
$smarty->assign('user_money', price_format($user_info['user_money']));
$smarty->assign('shopname', $_CFG['shop_name']);
$smarty->assign('userid', $user_id);
$smarty->assign('shopurl', $ecs->url());
$smarty->assign('logosrc', 'templates/' . $_CFG['template'] . '/images/logo.gif');
$smarty->assign('my_affiliate_url', urldecode($ecs->url() . "?u=" . $user_id));
if (isset($_REQUEST['u_id'])) {
$u_id = isset($_REQUEST['u_id']) ? intval($_REQUEST['u_id']) : 0;
$u_lv = isset($_REQUEST['u_lv']) ? intval($_REQUEST['u_lv']) : 1;
$affiliate = unserialize($GLOBALS['_CFG']['affiliate']);
$my_user_ids = get_user_child_id($user_id);
if (!in_array($u_id, $my_user_ids)) {
show_message('无此权限!');
}
$sql = 'SELECT user_name FROM ' . $ecs->table('users') . " WHERE user_id = '$u_id' ";
$user_info_name = $db->getOne($sql);
$info = get_user_child_info($u_id);
$smarty->assign('is_child', 1);
$smarty->assign('user_info_name', $user_info_name);
$smarty->assign('reward_users_list', $info['user_list']);
}
$smarty->display('user_clips.dwt');
}
// 用户推荐页面
elseif ($action == 'affiliate') {
$goodsid = intval(isset($_REQUEST['goodsid']) ? $_REQUEST['goodsid'] : 0);
if (empty($goodsid)) {
//我的推荐页面
$page = !empty($_REQUEST['page']) && intval($_REQUEST['page']) > 0 ? intval($_REQUEST['page']) : 1;
$size = !empty($_CFG['page_size']) && intval($_CFG['page_size']) > 0 ? intval($_CFG['page_size']) : 10;
empty($affiliate) && $affiliate = array();
if (empty($affiliate['config']['separate_by'])) {
//推荐注册分成
$affdb = array();
$num = count($affiliate['item']);
$up_uid = "'$user_id'";
$all_uid = "'$user_id'";
for ($i = 1; $i <= $num; $i++) {
$count = 0;
if ($up_uid) {
$sql = "SELECT user_id FROM " . $ecs->table('users') . " WHERE parent_id IN($up_uid)";
$query = $db->query($sql);
$up_uid = '';
while ($rt = $db->fetch_array($query)) {
$up_uid .= $up_uid ? ",'$rt[user_id]'" : "'$rt[user_id]'";
if ($i < $num) {
$all_uid .= ", '$rt[user_id]'";
}
$count++;
}
}
$affdb[$i]['num'] = $count;
$affdb[$i]['point'] = $affiliate['item'][$i - 1]['level_point'];
$affdb[$i]['money'] = $affiliate['item'][$i - 1]['level_money'];
}
$smarty->assign('affdb', $affdb);
$sqlcount = "SELECT count(*) FROM " . $ecs->table('order_info') . " o" .
" LEFT JOIN" . $ecs->table('users') . " u ON o.user_id = u.user_id" .
" LEFT JOIN " . $ecs->table('affiliate_log') . " a ON o.order_id = a.order_id" .
" WHERE o.user_id > 0 AND (u.parent_id IN ($all_uid) AND o.is_separate = 0 OR a.user_id = '$user_id' AND o.is_separate > 0)";
$sql = "SELECT o.*, a.log_id, a.user_id as suid, a.user_name as auser, a.money, a.point, a.separate_type FROM " . $ecs->table('order_info') . " o" .
" LEFT JOIN" . $ecs->table('users') . " u ON o.user_id = u.user_id" .
" LEFT JOIN " . $ecs->table('affiliate_log') . " a ON o.order_id = a.order_id" .
" WHERE o.user_id > 0 AND (u.parent_id IN ($all_uid) AND o.is_separate = 0 OR a.user_id = '$user_id' AND o.is_separate > 0)" .
" ORDER BY order_id DESC";
/*
SQL解释:
订单、用户、分成记录关联
一个订单可能有多个分成记录
1、订单有效 o.user_id > 0
2、满足以下之一:
a.直接下线的未分成订单 u.parent_id IN ($all_uid) AND o.is_separate = 0
其中$all_uid为该ID及其下线(不包含最后一层下线)
b.全部已分成订单 a.user_id = '$user_id' AND o.is_separate > 0
*/
$affiliate_intro = nl2br(sprintf($_LANG['affiliate_intro'][$affiliate['config']['separate_by']], $affiliate['config']['expire'], $_LANG['expire_unit'][$affiliate['config']['expire_unit']], $affiliate['config']['level_register_all'], $affiliate['config']['level_register_up'], $affiliate['config']['level_money_all'], $affiliate['config']['level_point_all']));
} else {
//推荐订单分成
$sqlcount = "SELECT count(*) FROM " . $ecs->table('order_info') . " o" .
" LEFT JOIN" . $ecs->table('users') . " u ON o.user_id = u.user_id" .
" LEFT JOIN " . $ecs->table('affiliate_log') . " a ON o.order_id = a.order_id" .
" WHERE o.user_id > 0 AND (o.parent_id = '$user_id' AND o.is_separate = 0 OR a.user_id = '$user_id' AND o.is_separate > 0)";
$sql = "SELECT o.*, a.log_id,a.user_id as suid, a.user_name as auser, a.money, a.point, a.separate_type,u.parent_id as up FROM " . $ecs->table('order_info') . " o" .
" LEFT JOIN" . $ecs->table('users') . " u ON o.user_id = u.user_id" .
" LEFT JOIN " . $ecs->table('affiliate_log') . " a ON o.order_id = a.order_id" .
" WHERE o.user_id > 0 AND (o.parent_id = '$user_id' AND o.is_separate = 0 OR a.user_id = '$user_id' AND o.is_separate > 0)" .
" ORDER BY order_id DESC";
/*
SQL解释:
订单、用户、分成记录关联
一个订单可能有多个分成记录
1、订单有效 o.user_id > 0
2、满足以下之一:
a.订单下线的未分成订单 o.parent_id = '$user_id' AND o.is_separate = 0
b.全部已分成订单 a.user_id = '$user_id' AND o.is_separate > 0
*/
$affiliate_intro = nl2br(sprintf($_LANG['affiliate_intro'][$affiliate['config']['separate_by']], $affiliate['config']['expire'], $_LANG['expire_unit'][$affiliate['config']['expire_unit']], $affiliate['config']['level_money_all'], $affiliate['config']['level_point_all']));
}
$count = $db->getOne($sqlcount);
$max_page = ($count > 0) ? ceil($count / $size) : 1;
if ($page > $max_page) {
$page = $max_page;
}
$res = $db->SelectLimit($sql, $size, ($page - 1) * $size);
$logdb = array();
while ($rt = $GLOBALS['db']->fetchRow($res)) {
if (!empty($rt['suid'])) {
//在affiliate_log有记录
if ($rt['separate_type'] == -1 || $rt['separate_type'] == -2) {
//已被撤销
$rt['is_separate'] = 3;
}
}
$rt['order_sn'] = substr($rt['order_sn'], 0, strlen($rt['order_sn']) - 5) . "***" . substr($rt['order_sn'], -2, 2);
$logdb[] = $rt;
}
$url_format = "user.php?act=affiliate&page=";
$pager = array(
'page' => $page,
'size' => $size,
'sort' => '',
'order' => '',
'record_count' => $count,
'page_count' => $max_page,
'page_first' => $url_format . '1',
'page_prev' => $page > 1 ? $url_format . ($page - 1) : "javascript:;",
'page_next' => $page < $max_page ? $url_format . ($page + 1) : "javascript:;",
'page_last' => $url_format . $max_page,
'array' => array()
);
for ($i = 1; $i <= $max_page; $i++) {
$pager['array'][$i] = $i;
}
$smarty->assign('url_format', $url_format);
$smarty->assign('pager', $pager);
$smarty->assign('affiliate_intro', $affiliate_intro);
$smarty->assign('affiliate_type', $affiliate['config']['separate_by']);
$smarty->assign('logdb', $logdb);
} else {
//单个商品推荐
$smarty->assign('userid', $user_id);
$smarty->assign('goodsid', $goodsid);
$types = array(1, 2, 3, 4, 5);
$smarty->assign('types', $types);
$goods = get_goods_info($goodsid);
$shopurl = $ecs->url();
$goods['goods_img'] = (strpos($goods['goods_img'], 'http://') === false && strpos($goods['goods_img'], 'https://') === false) ? $shopurl . $goods['goods_img'] : $goods['goods_img'];
$goods['goods_thumb'] = (strpos($goods['goods_thumb'], 'http://') === false && strpos($goods['goods_thumb'], 'https://') === false) ? $shopurl . $goods['goods_thumb'] : $goods['goods_thumb'];
$goods['shop_price'] = price_format($goods['shop_price']);
$smarty->assign('goods', $goods);
}
$smarty->assign('shopname', $_CFG['shop_name']);
$smarty->assign('userid', $user_id);
$smarty->assign('shopurl', $ecs->url());
$smarty->assign('logosrc', 'themes/' . $_CFG['template'] . '/images/logo.gif');
$smarty->display('user_clips.dwt');
}
//首页邮件订阅ajax操做和验证操作
elseif ($action == 'email_list') {
$job = $_GET['job'];
if ($job == 'add' || $job == 'del') {
if (isset($_SESSION['last_email_query'])) {
if (time() - $_SESSION['last_email_query'] <= 30) {
die($_LANG['order_query_toofast']);
}
}
$_SESSION['last_email_query'] = time();
}
$email = trim($_GET['email']);
$email = htmlspecialchars($email);
if (!is_email($email)) {
$info = sprintf($_LANG['email_invalid'], $email);
die($info);
}
$ck = $db->getRow("SELECT * FROM " . $ecs->table('email_list') . " WHERE email = '$email'");
if ($job == 'add') {
if (empty($ck)) {
$hash = substr(md5(time()), 1, 10);
$sql = "INSERT INTO " . $ecs->table('email_list') . " (email, stat, hash) VALUES ('$email', 0, '$hash')";
$db->query($sql);
$info = $_LANG['email_check'];
$url = $ecs->url() . "user.php?act=email_list&job=add_check&hash=$hash&email=$email";
send_mail('', $email, $_LANG['check_mail'], sprintf($_LANG['check_mail_content'], $email, $_CFG['shop_name'], $url, $url, $_CFG['shop_name'], local_date('Y-m-d')), 1);
} elseif ($ck['stat'] == 1) {
$info = sprintf($_LANG['email_alreadyin_list'], $email);
} else {
$hash = substr(md5(time()), 1, 10);
$sql = "UPDATE " . $ecs->table('email_list') . "SET hash = '$hash' WHERE email = '$email'";
$db->query($sql);
$info = $_LANG['email_re_check'];
$url = $ecs->url() . "user.php?act=email_list&job=add_check&hash=$hash&email=$email";
send_mail('', $email, $_LANG['check_mail'], sprintf($_LANG['check_mail_content'], $email, $_CFG['shop_name'], $url, $url, $_CFG['shop_name'], local_date('Y-m-d')), 1);
}
die($info);
} elseif ($job == 'del') {
if (empty($ck)) {
$info = sprintf($_LANG['email_notin_list'], $email);
} elseif ($ck['stat'] == 1) {
$hash = substr(md5(time()), 1, 10);
$sql = "UPDATE " . $ecs->table('email_list') . "SET hash = '$hash' WHERE email = '$email'";
$db->query($sql);
$info = $_LANG['email_check'];
$url = $ecs->url() . "user.php?act=email_list&job=del_check&hash=$hash&email=$email";
send_mail('', $email, $_LANG['check_mail'], sprintf($_LANG['check_mail_content'], $email, $_CFG['shop_name'], $url, $url, $_CFG['shop_name'], local_date('Y-m-d')), 1);
} else {
$info = $_LANG['email_not_alive'];
}
die($info);
} elseif ($job == 'add_check') {
if (empty($ck)) {
$info = sprintf($_LANG['email_notin_list'], $email);
} elseif ($ck['stat'] == 1) {
$info = $_LANG['email_checked'];
} else {
if ($_GET['hash'] == $ck['hash']) {
$sql = "UPDATE " . $ecs->table('email_list') . "SET stat = 1 WHERE email = '$email'";
$db->query($sql);
$info = $_LANG['email_checked'];
} else {
$info = $_LANG['hash_wrong'];
}
}
show_message($info, $_LANG['back_home_lnk'], 'index.php');
} elseif ($job == 'del_check') {
if (empty($ck)) {
$info = sprintf($_LANG['email_invalid'], $email);
} elseif ($ck['stat'] == 1) {
if ($_GET['hash'] == $ck['hash']) {
$sql = "DELETE FROM " . $ecs->table('email_list') . "WHERE email = '$email'";
$db->query($sql);
$info = $_LANG['email_canceled'];
} else {
$info = $_LANG['hash_wrong'];
}
} else {
$info = $_LANG['email_not_alive'];
}
show_message($info, $_LANG['back_home_lnk'], 'index.php');
}
}
/* ajax 发送验证邮件 */
//zxcp2019-s
elseif ($action == 'send_hash_mail' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'public/cls_json.php');
include_once(ROOT_PATH . 'public/lib_passport.php');
$json = new JSON();
$result = array('error' => 0, 'message' => '', 'content' => '');
$captcha = intval($_CFG['captcha']);
if (empty($_POST['captcha'])) {
$result['error'] = 1;
$result['message'] = '验证码不能为空';
die($json->encode($result));
}
/* 检查验证码 */
include_once('public/cls_captcha.php');
$validator = new captcha();
$validator->session_word = 'captcha_word';
if (!$validator->check_word($_POST['captcha'])) {
$result['error'] = 1;
$result['message'] = $_LANG['invalid_captcha'];
die($json->encode($result));
}
if ($user_id == 0) {
/* 用户没有登录 */
$result['error'] = 1;
$result['message'] = $_LANG['login_please'];
die($json->encode($result));
}
if (isset($_SESSION['send_email_time'])) {
if (gmtime() - $_SESSION['send_email_time'] < 30) {
$result['error'] = 1;
$result['message'] = '您的操作过于频繁啦,30秒内请勿重复操作!';
die($json->encode($result));
}
}
if (send_regiter_hash($user_id)) {
$result['message'] = $_LANG['validate_mail_ok'];
$_SESSION['send_email_time'] = gmtime();
die($json->encode($result));
} else {
$result['error'] = 1;
$result['message'] = $GLOBALS['err']->last_message();
}
die($json->encode($result));
}
//zxcp2019-e
elseif ($action == 'send_hash_mail') {
include_once(ROOT_PATH . 'includes/cls_json.php');
include_once(ROOT_PATH . 'includes/lib_passport.php');
$json = new JSON();
$result = array('error' => 0, 'message' => '', 'content' => '');
if ($user_id == 0) {
/* 用户没有登录 */
$result['error'] = 1;
$result['message'] = $_LANG['login_please'];
die($json->encode($result));
}
if (send_regiter_hash($user_id)) {
$result['message'] = $_LANG['validate_mail_ok'];
die($json->encode($result));
} else {
$result['error'] = 1;
$result['message'] = $GLOBALS['err']->last_message();
}
die($json->encode($result));
} else if ($action == 'track_packages') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
include_once(ROOT_PATH . 'includes/lib_order.php');
$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
$orders = array();
$sql = "SELECT order_id,order_sn,invoice_no,shipping_id FROM " . $ecs->table('order_info') .
" WHERE user_id = '$user_id' AND shipping_status = '" . SS_SHIPPED . "'";
$res = $db->query($sql);
$record_count = 0;
while ($item = $db->fetch_array($res)) {
$shipping = get_shipping_object($item['shipping_id']);
if (method_exists($shipping, 'query')) {
$query_link = $shipping->query($item['invoice_no']);
} else {
$query_link = $item['invoice_no'];
}
if ($query_link != $item['invoice_no']) {
$item['query_link'] = $query_link;
$orders[] = $item;
$record_count += 1;
}
}
$pager = get_pager('user.php', array('act' => $action), $record_count, $page);
$smarty->assign('pager', $pager);
$smarty->assign('orders', $orders);
$smarty->display('user_transaction.dwt');
} else if ($action == 'order_query') {
$_GET['order_sn'] = trim(substr($_GET['order_sn'], 1));
$order_sn = empty($_GET['order_sn']) ? '' : addslashes($_GET['order_sn']);
include_once(ROOT_PATH . 'includes/cls_json.php');
$json = new JSON();
$result = array('error' => 0, 'message' => '', 'content' => '');
if (isset($_SESSION['last_order_query'])) {
if (time() - $_SESSION['last_order_query'] <= 10) {
$result['error'] = 1;
$result['message'] = $_LANG['order_query_toofast'];
die($json->encode($result));
}
}
$_SESSION['last_order_query'] = time();
if (empty($order_sn)) {
$result['error'] = 1;
$result['message'] = $_LANG['invalid_order_sn'];
die($json->encode($result));
}
$sql = "SELECT order_id, order_status, shipping_status, pay_status, " .
" shipping_time, shipping_id, invoice_no, user_id " .
" FROM " . $ecs->table('order_info') .
" WHERE order_sn = '$order_sn' LIMIT 1";
$row = $db->getRow($sql);
if (empty($row)) {
$result['error'] = 1;
$result['message'] = $_LANG['invalid_order_sn'];
die($json->encode($result));
}
$order_query = array();
$order_query['order_sn'] = $order_sn;
$order_query['order_id'] = $row['order_id'];
$order_query['order_status'] = $_LANG['os'][$row['order_status']] . ',' . $_LANG['ps'][$row['pay_status']] . ',' . $_LANG['ss'][$row['shipping_status']];
if ($row['invoice_no'] && $row['shipping_id'] > 0) {
$sql = "SELECT shipping_code FROM " . $ecs->table('shipping') . " WHERE shipping_id = '$row[shipping_id]'";
$shipping_code = $db->getOne($sql);
$plugin = ROOT_PATH . 'includes/modules/shipping/' . $shipping_code . '.php';
if (file_exists($plugin)) {
include_once($plugin);
$shipping = new $shipping_code;
$order_query['invoice_no'] = $shipping->query((string) $row['invoice_no']);
} else {
$order_query['invoice_no'] = (string) $row['invoice_no'];
}
}
$order_query['user_id'] = $row['user_id'];
/* 如果是匿名用户显示发货时间 */
if ($row['user_id'] == 0 && $row['shipping_time'] > 0) {
$order_query['shipping_date'] = local_date($GLOBALS['_CFG']['date_format'], $row['shipping_time']);
}
$smarty->assign('order_query', $order_query);
$result['content'] = $smarty->fetch('library/order_query.lbi');
die($json->encode($result));
} elseif ($action == 'transform_points') {
$rule = array();
if (!empty($_CFG['points_rule'])) {
$rule = unserialize($_CFG['points_rule']);
}
$cfg = array();
if (!empty($_CFG['integrate_config'])) {
$cfg = unserialize($_CFG['integrate_config']);
$_LANG['exchange_points'][0] = empty($cfg['uc_lang']['credits'][0][0]) ? $_LANG['exchange_points'][0] : $cfg['uc_lang']['credits'][0][0];
$_LANG['exchange_points'][1] = empty($cfg['uc_lang']['credits'][1][0]) ? $_LANG['exchange_points'][1] : $cfg['uc_lang']['credits'][1][0];
}
$sql = "SELECT user_id, user_name, pay_points, rank_points FROM " . $ecs->table('users') . " WHERE user_id='$user_id'";
$row = $db->getRow($sql);
if ($_CFG['integrate_code'] == 'ucenter') {
$exchange_type = 'ucenter';
$to_credits_options = array();
$out_exchange_allow = array();
foreach ($rule as $credit) {
$out_exchange_allow[$credit['appiddesc'] . '|' . $credit['creditdesc'] . '|' . $credit['creditsrc']] = $credit['ratio'];
if (!array_key_exists($credit['appiddesc'] . '|' . $credit['creditdesc'], $to_credits_options)) {
$to_credits_options[$credit['appiddesc'] . '|' . $credit['creditdesc']] = $credit['title'];
}
}
$smarty->assign('selected_org', $rule[0]['creditsrc']);
$smarty->assign('selected_dst', $rule[0]['appiddesc'] . '|' . $rule[0]['creditdesc']);
$smarty->assign('descreditunit', $rule[0]['unit']);
$smarty->assign('orgcredittitle', $_LANG['exchange_points'][$rule[0]['creditsrc']]);
$smarty->assign('descredittitle', $rule[0]['title']);
$smarty->assign('descreditamount', round((1 / $rule[0]['ratio']), 2));
$smarty->assign('to_credits_options', $to_credits_options);
$smarty->assign('out_exchange_allow', $out_exchange_allow);
} else {
$exchange_type = 'other';
$bbs_points_name = $user->get_points_name();
$total_bbs_points = $user->get_points($row['user_name']);
/* 论坛积分 */
$bbs_points = array();
foreach ($bbs_points_name as $key => $val) {
$bbs_points[$key] = array('title' => $_LANG['bbs'] . $val['title'], 'value' => $total_bbs_points[$key]);
}
/* 兑换规则 */
$rule_list = array();
foreach ($rule as $key => $val) {
$rule_key = substr($key, 0, 1);
$bbs_key = substr($key, 1);
$rule_list[$key]['rate'] = $val;
switch ($rule_key) {
case TO_P:
$rule_list[$key]['from'] = $_LANG['bbs'] . $bbs_points_name[$bbs_key]['title'];
$rule_list[$key]['to'] = $_LANG['pay_points'];
break;
case TO_R:
$rule_list[$key]['from'] = $_LANG['bbs'] . $bbs_points_name[$bbs_key]['title'];
$rule_list[$key]['to'] = $_LANG['rank_points'];
break;
case FROM_P:
$rule_list[$key]['from'] = $_LANG['pay_points'];
$_LANG['bbs'] . $bbs_points_name[$bbs_key]['title'];
$rule_list[$key]['to'] = $_LANG['bbs'] . $bbs_points_name[$bbs_key]['title'];
break;
case FROM_R:
$rule_list[$key]['from'] = $_LANG['rank_points'];
$rule_list[$key]['to'] = $_LANG['bbs'] . $bbs_points_name[$bbs_key]['title'];
break;
}
}
$smarty->assign('bbs_points', $bbs_points);
$smarty->assign('rule_list', $rule_list);
}
$smarty->assign('shop_points', $row);
$smarty->assign('exchange_type', $exchange_type);
$smarty->assign('action', $action);
$smarty->assign('lang', $_LANG);
$smarty->display('user_transaction.dwt');
} elseif ($action == 'act_transform_points') {
$rule_index = empty($_POST['rule_index']) ? '' : trim($_POST['rule_index']);
$num = empty($_POST['num']) ? 0 : intval($_POST['num']);
if ($num <= 0 || $num != floor($num)) {
show_message($_LANG['invalid_points'], $_LANG['transform_points'], 'user.php?act=transform_points');
}
$num = floor($num); //格式化为整数
$bbs_key = substr($rule_index, 1);
$rule_key = substr($rule_index, 0, 1);
$max_num = 0;
/* 取出用户数据 */
$sql = "SELECT user_name, user_id, pay_points, rank_points FROM " . $ecs->table('users') . " WHERE user_id='$user_id'";
$row = $db->getRow($sql);
$bbs_points = $user->get_points($row['user_name']);
$points_name = $user->get_points_name();
$rule = array();
if ($_CFG['points_rule']) {
$rule = unserialize($_CFG['points_rule']);
}
list($from, $to) = explode(':', $rule[$rule_index]);
$max_points = 0;
switch ($rule_key) {
case TO_P:
$max_points = $bbs_points[$bbs_key];
break;
case TO_R:
$max_points = $bbs_points[$bbs_key];
break;
case FROM_P:
$max_points = $row['pay_points'];
break;
case FROM_R:
$max_points = $row['rank_points'];
}
/* 检查积分是否超过最大值 */
if ($max_points <= 0 || $num > $max_points) {
show_message($_LANG['overflow_points'], $_LANG['transform_points'], 'user.php?act=transform_points');
}
switch ($rule_key) {
case TO_P:
$result_points = floor($num * $to / $from);
$user->set_points($row['user_name'], array($bbs_key => 0 - $num)); //调整论坛积分
log_account_change($row['user_id'], 0, 0, 0, $result_points, $_LANG['transform_points'], ACT_OTHER);
show_message(sprintf($_LANG['to_pay_points'], $num, $points_name[$bbs_key]['title'], $result_points), $_LANG['transform_points'], 'user.php?act=transform_points');
case TO_R:
$result_points = floor($num * $to / $from);
$user->set_points($row['user_name'], array($bbs_key => 0 - $num)); //调整论坛积分
log_account_change($row['user_id'], 0, 0, $result_points, 0, $_LANG['transform_points'], ACT_OTHER);
show_message(sprintf($_LANG['to_rank_points'], $num, $points_name[$bbs_key]['title'], $result_points), $_LANG['transform_points'], 'user.php?act=transform_points');
case FROM_P:
$result_points = floor($num * $to / $from);
log_account_change($row['user_id'], 0, 0, 0, 0 - $num, $_LANG['transform_points'], ACT_OTHER); //调整商城积分
$user->set_points($row['user_name'], array($bbs_key => $result_points)); //调整论坛积分
show_message(sprintf($_LANG['from_pay_points'], $num, $result_points, $points_name[$bbs_key]['title']), $_LANG['transform_points'], 'user.php?act=transform_points');
case FROM_R:
$result_points = floor($num * $to / $from);
log_account_change($row['user_id'], 0, 0, 0 - $num, 0, $_LANG['transform_points'], ACT_OTHER); //调整商城积分
$user->set_points($row['user_name'], array($bbs_key => $result_points)); //调整论坛积分
show_message(sprintf($_LANG['from_rank_points'], $num, $result_points, $points_name[$bbs_key]['title']), $_LANG['transform_points'], 'user.php?act=transform_points');
}
} elseif ($action == 'act_transform_ucenter_points') {
$rule = array();
if ($_CFG['points_rule']) {
$rule = unserialize($_CFG['points_rule']);
}
$shop_points = array(0 => 'rank_points', 1 => 'pay_points');
$sql = "SELECT user_id, user_name, pay_points, rank_points FROM " . $ecs->table('users') . " WHERE user_id='$user_id'";
$row = $db->getRow($sql);
$exchange_amount = intval($_POST['amount']);
$fromcredits = intval($_POST['fromcredits']);
$tocredits = trim($_POST['tocredits']);
$cfg = unserialize($_CFG['integrate_config']);
if (!empty($cfg)) {
$_LANG['exchange_points'][0] = empty($cfg['uc_lang']['credits'][0][0]) ? $_LANG['exchange_points'][0] : $cfg['uc_lang']['credits'][0][0];
$_LANG['exchange_points'][1] = empty($cfg['uc_lang']['credits'][1][0]) ? $_LANG['exchange_points'][1] : $cfg['uc_lang']['credits'][1][0];
}
list($appiddesc, $creditdesc) = explode('|', $tocredits);
$ratio = 0;
if ($exchange_amount <= 0) {
show_message($_LANG['invalid_points'], $_LANG['transform_points'], 'user.php?act=transform_points');
}
if ($exchange_amount > $row[$shop_points[$fromcredits]]) {
show_message($_LANG['overflow_points'], $_LANG['transform_points'], 'user.php?act=transform_points');
}
foreach ($rule as $credit) {
if ($credit['appiddesc'] == $appiddesc && $credit['creditdesc'] == $creditdesc && $credit['creditsrc'] == $fromcredits) {
$ratio = $credit['ratio'];
break;
}
}
if ($ratio == 0) {
show_message($_LANG['exchange_deny'], $_LANG['transform_points'], 'user.php?act=transform_points');
}
$netamount = floor($exchange_amount / $ratio);
include_once(ROOT_PATH . './includes/lib_uc.php');
$result = exchange_points($row['user_id'], $fromcredits, $creditdesc, $appiddesc, $netamount);
if ($result === true) {
$sql = "UPDATE " . $ecs->table('users') . " SET {$shop_points[$fromcredits]}={$shop_points[$fromcredits]}-'$exchange_amount' WHERE user_id='{$row['user_id']}'";
$db->query($sql);
$sql = "INSERT INTO " . $ecs->table('account_log') . "(user_id, {$shop_points[$fromcredits]}, change_time, change_desc, change_type)" . " VALUES ('{$row['user_id']}', '-$exchange_amount', '" . gmtime() . "', '" . $cfg['uc_lang']['exchange'] . "', '98')";
$db->query($sql);
show_message(sprintf($_LANG['exchange_success'], $exchange_amount, $_LANG['exchange_points'][$fromcredits], $netamount, $credit['title']), $_LANG['transform_points'], 'user.php?act=transform_points');
} else {
show_message($_LANG['exchange_error_1'], $_LANG['transform_points'], 'user.php?act=transform_points');
}
}
//zxcp2019-s
elseif ($action == 'bind_email' && $_CFG['template'] == 'zxcp2019') { //绑定邮箱
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$step = isset($_REQUEST['step']) ? intval($_REQUEST['step']) : 2;
$user_info = get_profile($user_id);
if ($user_info['email']) $step = 3;
if ($step == 3) {
$email = trim($_POST['email']);
if ($_POST['email'] && !$user_info['email']) {
if (!is_email($email)) {
show_message($_LANG['msg_email_format']);
} else {
$sql = 'SELECT user_id FROM ' . $ecs->table('users') . " WHERE email = '$email'";
if ($db->getOne($sql)) {
show_message('邮箱已被其它会员绑定,请更换其它邮箱,或联系客服申诉!');
exit;
}
$sql = "update " . $ecs->table('users') . " set is_validated=0 ,email='$email' where user_id='" . $user_id . "'";
$db->query($sql);
}
}
}
$pos = strpos($user_info['email'], '@');
$email_name = substr($user_info['email'], 0, $pos);
$first_char = substr($email_name, 0, 1);
$last_char = substr($email_name, -1, 1);
$email_domain = substr($user_info['email'], $pos, strlen($user_info['email']) - $pos);
$user_info['encrypt_email'] = $first_char . '*****' . $last_char . $email_domain;
$smarty->assign('profile', $user_info);
$smarty->assign('action', $action);
$smarty->assign('step', $step);
$smarty->display('user_transaction.dwt');
}
/* 验证邮箱 */ elseif (($action == 'update_email' || $action == 'unbind_email') && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$step = isset($_REQUEST['step']) ? intval($_REQUEST['step']) : 2;
$user_info = get_profile($user_id);
if (!$_SESSION['is_verify_email'] && !$_SESSION['is_verify_mobile']) {
if (/* !empty($user_info['mobile_phone']) */0) {
$verify_type = 'mobile';
} else {
if (!empty($user_info['email']) && $user_info['is_validated']) {
$verify_type = 'email';
}
}
}
if ($verify_type) {
if ($verify_type == 'email') {
$pos = strpos($user_info['email'], '@');
$email_name = substr($user_info['email'], 0, $pos);
$first_char = substr($email_name, 0, 1);
$last_char = substr($email_name, -1, 1);
$email_domain = substr($user_info['email'], $pos, strlen($user_info['email']) - $pos);
$user_info['encrypt_email'] = $first_char . '*****' . $last_char . $email_domain;
} elseif ($verify_type == 'mobile') {
$user_info['encrypt_mobile_phone'] = substr($user_info['mobile_phone'], 0, 3) . '*****' . substr($user_info['mobile_phone'], -3, 3);
}
$smarty->assign('profile', $user_info);
$smarty->assign('verify_type', $verify_type);
$smarty->assign('change_kind', $action);
$smarty->assign('action', 'verify_' . $verify_type);
$smarty->display('user_transaction.dwt');
exit;
}
if ($step == 2) {
if ($action == 'unbind_email') {
if ($user_info['is_validated'] == 0) {
show_message('您的邮箱未被绑定,请先绑定邮箱!', '返回账号安全中心', 'user.php?act=security', 'info');
exit;
}
}
$smarty->assign('step', 2);
$smarty->assign('action', $action);
$smarty->display('user_transaction.dwt');
exit;
}
if ($step == 3) {
if ($action == 'update_email') {
$email = trim($_POST['email']);
if (!is_email($email)) {
show_message($_LANG['msg_email_format']);
}
$sql = 'SELECT user_id FROM ' . $ecs->table('users') . " WHERE email = '$email'";
if ($db->getOne($sql)) {
show_message('邮箱已被其它会员绑定,请更换其它邮箱,或联系客服申诉!');
exit;
}
$sql = "update " . $ecs->table('users') . " set is_validated=0 ,email='$email' where user_id='" . $user_id . "'";
$db->query($sql);
show_message('您的邮箱改变,为了安全,请尽快验证绑定!', $_LANG['back_account_security'], 'user.php?act=security', 'info');
} elseif ($action == 'unbind_email') {
//取消绑定
$sql = "update " . $ecs->table('users') . " set is_validated=0 where user_id='" . $user_id . "'";
$db->query($sql);
unset($_SESSION['is_verify_email']);
show_message('您的邮箱已解除绑定!', '返回账号安全中心', 'user.php?act=security', 'info');
}
}
} elseif ($action == 'security' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$user_info = get_profile($user_id); //修改添加 is_validated
if (!empty($user_info['email'])) {
$pos = strpos($user_info['email'], '@');
$email_name = substr($user_info['email'], 0, $pos);
$first_char = substr($email_name, 0, 1);
$last_char = substr($email_name, -1, 1);
$email_domain = substr($user_info['email'], $pos, strlen($user_info['email']) - $pos);
$user_info['email'] = $first_char . '*****' . $last_char . $email_domain;
}
if (!empty($user_info['mobile_phone'])) {
$user_info['mobile_phone'] = substr($user_info['mobile_phone'], 0, 3) . '*****' . substr($user_info['mobile_phone'], -3, 3);
}
if (!empty($user_info['is_validated']) && !empty($user_info['mobile_phone'])) {
$user_info['security_lv'] = 2;
} elseif ((!empty($user_info['is_validated']) && empty($user_info['mobile_phone'])) || (empty($user_info['is_validated']) && !empty($user_info['mobile_phone']))) {
$user_info['security_lv'] = 1;
} else {
$user_info['security_lv'] = 0;
}
//$sql = 'SELECT lyecs_wx_validated FROM ' . $ecs->table('users') . " WHERE user_id = '$user_id'";
// $user_info['lyecs_wx_validated']=$db->getOne($sql);
$smarty->assign('profile', $user_info);
$smarty->assign('action', $action);
$smarty->display('user_transaction.dwt');
}
/* 修改密码 */ elseif ($action == 'update_password' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$step = isset($_REQUEST['step']) ? intval($_REQUEST['step']) : 2;
$user_info = get_profile($user_id);
/* if(!$_SESSION['is_verify_email'] && !$_SESSION['is_verify_mobile']){
if(!empty($user_info['mobile_phone']))
{
$verify_type='mobile';
}else{
if(!empty($user_info['email']) && $user_info['is_validated'])
{
$verify_type='email';
}
}
} */
if ($verify_type) {
if ($verify_type == 'email') {
$pos = strpos($user_info['email'], '@');
$email_name = substr($user_info['email'], 0, $pos);
$first_char = substr($email_name, 0, 1);
$last_char = substr($email_name, -1, 1);
$email_domain = substr($user_info['email'], $pos, strlen($user_info['email']) - $pos);
$user_info['encrypt_email'] = $first_char . '*****' . $last_char . $email_domain;
} elseif ($verify_type == 'mobile') {
$user_info['encrypt_mobile_phone'] = substr($user_info['mobile_phone'], 0, 3) . '*****' . substr($user_info['mobile_phone'], -3, 3);
}
$smarty->assign('profile', $user_info);
$smarty->assign('verify_type', $verify_type);
$smarty->assign('change_kind', 'update_password');
$smarty->assign('action', 'verify_' . $verify_type);
$smarty->display('user_transaction.dwt');
exit;
}
if ($step == 2) {
$smarty->assign('step', 2);
$smarty->assign('action', $action);
$smarty->display('user_transaction.dwt');
exit;
}
if ($step == 3) {
include_once(ROOT_PATH . 'public/lib_passport.php');
$old_password = isset($_POST['old_password']) ? trim($_POST['old_password']) : null;
$new_password = isset($_POST['new_password']) ? trim($_POST['new_password']) : '';
$user_id = isset($_POST['uid']) ? intval($_POST['uid']) : $user_id;
$code = isset($_POST['code']) ? trim($_POST['code']) : '';
if (strlen($new_password) < 6) {
show_message($_LANG['passport_js']['password_shorter']);
}
$user_info = $user->get_profile_by_id($user_id); //论坛记录
if (($user_info && (!empty($code) && md5($user_info['user_id'] . $_CFG['hash_code'] . $user_info['reg_time']) == $code)) || ($_SESSION['user_id'] > 0 && $_SESSION['user_id'] == $user_id && $user->check_user($_SESSION['user_name'], $old_password))) {
if ($user->edit_user(array('username' => (empty($code) ? $_SESSION['user_name'] : $user_info['user_name']), 'old_password' => $old_password, 'password' => $new_password), empty($code) ? 0 : 1)) {
$sql = "UPDATE " . $ecs->table('users') . "SET `ec_salt`='0' WHERE user_id= '" . $user_id . "'";
$db->query($sql);
$user->logout();
show_message($_LANG['edit_password_success'], '返回账号安全中心', 'user.php?act=security', 'info');
} else {
show_message($_LANG['edit_password_failure'], $_LANG['back_page_up'], '', 'info');
}
} else {
show_message($_LANG['edit_password_failure'], $_LANG['back_page_up'], '', 'info');
}
}
}
//返利
elseif ($action == 'affiliate_order' && $_CFG['template'] == 'zxcp2019') {
//会员推荐的订单
$u_id = !empty($_REQUEST['uid']) && intval($_REQUEST['uid']) > 0 ? intval($_REQUEST['uid']) : 0;
$start_date = !empty($_REQUEST['start_date']) && isset($_REQUEST['start_date']) ? compile_str(trim($_REQUEST['start_date'])) : -1;
$end_date = !empty($_REQUEST['end_date']) && isset($_REQUEST['end_date']) ? compile_str(trim($_REQUEST['end_date'])) : -1;
$page = !empty($_REQUEST['page']) && intval($_REQUEST['page']) > 0 ? intval($_REQUEST['page']) : 1;
$size = !empty($_CFG['page_size']) && intval($_CFG['page_size']) > 0 ? intval($_CFG['page_size']) : 10;
$type = !empty($_REQUEST['type']) && isset($_REQUEST['type']) ? compile_str(trim($_REQUEST['type'])) : -1;
if ($type == 'all') {
$start_date = $end_date = '-1';
} elseif ($type == 'today') {
$start_date = date('Y-m-d');
$end_date = '-1';
} elseif ($type == 'week') {
$start_date = date('Y-m-d', strtotime('-7 days'));
$end_date = '-1';
} elseif ($type == 'month') {
$start_date = date('Y-m-d', strtotime('-30 days'));
$end_date = '-1';
}
empty($affiliate) && $affiliate = array();
$where = '';
if ($u_id > 0) {
$my_user_ids = get_user_child_id($user_id);
if (!in_array($u_id, $my_user_ids)) {
show_message('无此权限!');
}
$where .= " AND o.user_id='$u_id' ";
$sql = "SELECT user_name FROM " . $GLOBALS['ecs']->table('users') . " WHERE user_id= '$u_id' ";
$u_user_name = $GLOBALS['db']->getone($sql);
$smarty->assign('u_user_name', deal_user_name($u_user_name));
}
$default_start_date = $start_date != -1 ? $start_date : ''; //date('Y-m-d', strtotime('-7 days'));
$default_end_date = $end_date != -1 ? $end_date : date('Y-m-d');
$smarty->assign('default_start_date', $default_start_date); //local_strtotime
$smarty->assign('default_end_date', $default_end_date); //local_strtotime
$smarty->assign('end_date', date('Y-m-d')); //local_strtotime
if ($start_date != -1) {
$where .= ' AND a.time >= ' . local_strtotime($start_date) . ' ';
}
if ($end_date != -1) {
$where .= ' AND a.time <= ' . local_strtotime($end_date) . ' ';
}
$sql = "SELECT SUM(a.money) AS reward_amount FROM " . $GLOBALS['ecs']->table('affiliate_log') . "AS a " .
" LEFT JOIN " . $GLOBALS['ecs']->table('order_info') . " AS o ON a.order_id = o.order_id " .
" WHERE a.separate_type>=0 AND a.user_id='$_SESSION[user_id]' " . $where;
$total_reward_amount = $GLOBALS['db']->getOne($sql);
$total_reward_amount = price_format($total_reward_amount, false);
$smarty->assign('total_reward_amount', $total_reward_amount);
//推荐订单分成
$sqlcount = "SELECT count(*) FROM " . $ecs->table('order_info') . " o" .
" LEFT JOIN" . $ecs->table('users') . " u ON o.user_id = u.user_id" .
" LEFT JOIN " . $ecs->table('affiliate_log') . " a ON o.order_id = a.order_id" .
" WHERE o.user_id > 0 AND (o.parent_id = '$user_id' AND o.is_separate = 0 OR a.user_id = '$user_id' AND o.is_separate > 0)" . $where;
$sql = "SELECT o.*, a.log_id,a.user_id as suid,a.time AS reward_time, a.user_name as auser, a.money, a.point, a.separate_type,u.parent_id as up FROM " . $ecs->table('order_info') . " o" .
" LEFT JOIN" . $ecs->table('users') . " u ON o.user_id = u.user_id" .
" LEFT JOIN " . $ecs->table('affiliate_log') . " a ON o.order_id = a.order_id" .
" WHERE o.user_id > 0 AND (o.parent_id = '$user_id' AND o.is_separate = 0 OR a.user_id = '$user_id' AND o.is_separate > 0)" . $where .
" ORDER BY order_id DESC";
/*
SQL解释:
订单、用户、分成记录关联
一个订单可能有多个分成记录
1、订单有效 o.user_id > 0
2、满足以下之一:
a.订单下线的未分成订单 o.parent_id = '$user_id' AND o.is_separate = 0
b.全部已分成订单 a.user_id = '$user_id' AND o.is_separate > 0
*/
$affiliate_intro = nl2br(sprintf($_LANG['affiliate_intro'][$affiliate['config']['separate_by']], $affiliate['config']['expire'], $_LANG['expire_unit'][$affiliate['config']['expire_unit']], $affiliate['config']['level_money_all'], $affiliate['config']['level_point_all']));
$count = $db->getOne($sqlcount);
$max_page = ($count > 0) ? ceil($count / $size) : 1;
if ($page > $max_page) {
$page = $max_page;
}
$res = $db->SelectLimit($sql, $size, ($page - 1) * $size);
$logdb = array();
while ($rt = $GLOBALS['db']->fetchRow($res)) {
if (!empty($rt['suid'])) {
//在affiliate_log有记录
if ($rt['separate_type'] == -1 || $rt['separate_type'] == -2) {
//已被撤销
$rt['is_separate'] = 3;
}
}
$rt['money'] = price_format($rt['money'], false);
$rt['add_time'] = local_date($GLOBALS['_CFG']['date_format'], $rt['add_time']);
$rt['reward_time'] = local_date($GLOBALS['_CFG']['date_format'], $rt['reward_time']);
$rt['order_sn'] = substr($rt['order_sn'], 0, strlen($rt['order_sn']) - 5) . "***" . substr($rt['order_sn'], -2, 2);
$reward_infos = get_reward_detail($rt['order_id']);
$rt['goods_list'] = $reward_infos['goods_list'];
$rt['order_status_text'] = $GLOBALS['_LANG']['os'][$rt['order_status']] . ',' . $GLOBALS['_LANG']['ps'][$rt['pay_status']] . ',' . $GLOBALS['_LANG']['ss'][$rt['shipping_status']];
$rt['affiliate_stats_text'] = $GLOBALS['_LANG']['affiliate_stats'][$rt['is_separate']];
$logdb[] = $rt;
}
$url_format = "user.php?act=affiliate_order&page=";
$pager = array(
'page' => $page,
'size' => $size,
'sort' => '',
'order' => '',
'record_count' => $count,
'page_count' => $max_page,
'page_first' => $url_format . '1',
'page_prev' => $page > 1 ? $url_format . ($page - 1) : "javascript:;",
'page_next' => $page < $max_page ? $url_format . ($page + 1) : "javascript:;",
'page_last' => $url_format . $max_page,
'array' => array()
);
for ($i = 1; $i <= $max_page; $i++) {
$pager['array'][$i] = $i;
}
$smarty->assign('url_format', $url_format);
$smarty->assign('pager', $pager);
$smarty->assign('affiliate_intro', $affiliate_intro);
$smarty->assign('affiliate_type', $affiliate['config']['separate_by']);
$smarty->assign('logdb', $logdb);
$smarty->assign('shopname', $_CFG['shop_name']);
$smarty->assign('userid', $user_id);
$smarty->assign('this_userid', $u_id);
$smarty->assign('shopurl', $ecs->url());
$smarty->assign('my_affiliate_url', urldecode($ecs->url() . "?u=" . $user_id));
$smarty->assign('logosrc', 'templates/' . $_CFG['template'] . '/images/logo.gif');
$smarty->assign('lang', $_LANG);
$smarty->display('user_clips.dwt');
} elseif ($action == 'affiliate_raply' && $_CFG['template'] == 'zxcp2019') {
$sql = "SELECT * FROM " . $ecs->table('affiliate_users') . " WHERE user_id='$user_id'";
$affiliate_info = $db->getRow($sql);
if (!$affiliate_info) {
$smarty->assign('affiliate_step', 'apply');
$smarty->display('user_clips.dwt');
exit;
} else {
if ($affiliate_info['affiliate_status'] != 1 && $affiliate_info['affiliate_status'] != 2) {
$smarty->assign('affiliate_info', $affiliate_info);
$smarty->assign('affiliate_step', 'apply');
$smarty->display('user_clips.dwt');
exit;
}
}
$sql = "SELECT u.user_name, u.user_money ,a.affiliate_bank,a.affiliate_alipay,a.affiliate_name " .
"FROM " . $GLOBALS['ecs']->table('users') . " AS u " .
" LEFT JOIN " . $GLOBALS['ecs']->table('affiliate_users') . " AS a ON a.user_id= u.user_id " .
" WHERE u.user_id = '$user_id'";
$user_info = $GLOBALS['db']->getRow($sql);
$user_info['affiliate_name'] = $user_info['affiliate_name'] ? '*' . mb_substr($user_info['affiliate_name'], -1, 1, 'utf-8') : '';
$user_info['affiliate_alipay'] = deal_user_name($user_info['affiliate_alipay']);
$user_info['affiliate_bank'] = $user_info['affiliate_bank'] ? mb_substr($user_info['affiliate_bank'], 0, 4, 'utf-8') . ' **** ' . mb_substr($user_info['affiliate_bank'], -4, 4, 'utf-8') : '';
$user_info['money'] = price_format($user_info['user_money']);
$smarty->assign('user_info', $user_info);
$smarty->assign('affiliate_info', $affiliate_info);
$smarty->display('user_clips.dwt');
}
/* 删除用户优惠券 */ elseif ($action == 'delete_user_bonus' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
$bonus_id = isset($_GET['bonus_id']) ? intval($_GET['bonus_id']) : 0;
$user_id = empty($_SESSION['user_id']) ? 0 : intval($_SESSION['user_id']);
if ($bonus_id > 0 && $user_id) {
$db->query('DELETE FROM ' . $ecs->table('user_bonus') . " WHERE bonus_id='$bonus_id' AND user_id ='$user_id'");
}
ecs_header("Location: user.php?act=bonus\n");
exit;
} elseif ($action == 'acount_pay' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'includes/lib_clips.php');
include_once(ROOT_PATH . 'includes/lib_payment.php');
include_once(ROOT_PATH . 'includes/lib_order.php');
$pay_info_arr = explode("|", trim($_POST['payment']));
$pay_id = intval($pay_info_arr[0]);
$order = array();
$order['bank'] = $pay_info_arr[1] ? trim($pay_info_arr[1]) : "";
$order_id = intval($_POST['order_id']);
//获取单条会员帐目信息
$order = get_surplus_info($order_id);
if (!$order) {
show_message("支付错误,此申请不存在或已付款!", '返回申请记录', 'user.php?act=account_log');
}
//生成伪订单号
$order['order_sn'] = order_number() . '-' . $order_id;
//获取需要支付的log_id
$order['log_id'] = get_paylog_id($order_id, $pay_type = PAY_SURPLUS);
$order['user_name'] = $_SESSION['user_name'];
$order['surplus_amount'] = $order['amount'];
//计算此次预付款需要支付的总金额
$order['order_amount'] = $order['surplus_amount'];
//如果支付费用改变了,也要相应的更改pay_log表的order_amount
if ($order['is_paid'] > 0 || $order['amount'] <= 0) {
show_message("支付错误,此申请不存在或已付款!", '返回申请记录', 'user.php?act=account_log');
}
if ($pay_id > 0) {
$payment = payment_info($pay_id);
$order['pay_name'] = addslashes($payment['pay_name']);
} else {
show_message("支付错误,未选择支付方式!", '返回申请记录', 'user.php?act=account_log');
}
$order['pay_fee'] = $total['pay_fee'];
$order['cod_fee'] = $total['cod_fee'];
/* 取得支付信息,生成支付代码 */
if ($order['amount'] > 0) {
$order['log_id'] = get_paylog_id($order_id, $pay_type = PAY_SURPLUS);
$payment = payment_info($pay_id);
include_once(ROOT_PATH . 'includes/modules/payment/' . $payment['pay_code'] . '.php');
if ($payment['pay_code'] == "bank") {
$pay_obj = new Zxcp\payment\bank;
} elseif ($payment['pay_code'] == "wx_new_jspay") {
$pay_obj = new wx_new_jspay_pc;
} else {
$pay_obj = new $payment['pay_code'];
}
$pay_link = $pay_obj->get_code($order, unserialize_config($payment['pay_config']), 1);
$sql = "UPDATE " . $GLOBALS['ecs']->table('user_account') . " SET payment='$payment[pay_name]' WHERE user_id= " . $_SESSION['user_id'] . " AND id = '" . $order_id . "'";
$GLOBALS['db']->query($sql);
if ($pay_link == '') {
show_message("支付错误,未选择支付方式!", '返回申请记录', 'user.php?act=account_log');
}
if ($payment['is_cod'] == 1) {
$update_order['order_status'] = 1;
update_order($order_id, $update_order);
}
$user_agent = $_SERVER['HTTP_USER_AGENT'];
if (($payment['pay_code'] == 'wap_alipay' || $payment['pay_code'] == 'wechat_pay') && defined('ECS_WAP')) {
//如果是微信下访问,处理支付宝
if (strpos($user_agent, 'MicroMessenger') && $_REQUEST['type'] != 'alipay_wechat' && $payment['pay_code'] == 'wap_alipay') {
$pay_link = 'flow.php?step=act_pay&order_id=' . $order_id . '&payment=' . $pay_id . '&type=alipay_wechat';
ecs_header("Location: " . $pay_link . "\n");
exit;
}
if (strpos($user_agent, 'MicroMessenger') && $_REQUEST['type'] == 'alipay_wechat') {
$smarty->display('flow/alipay_wechat.dwt');
exit;
}
if ($payment['pay_code'] == 'wechat_pay') {
$smarty->assign('pay_link', $pay_link);
$order['order_amount'] = price_format($order['order_amount']);
$order['add_time'] = local_date($GLOBALS['_CFG']['time_format'], $order['add_time']);
$smarty->assign('order', $order);
$smarty->display('flow/pay_wechat.dwt');
exit;
}
echo $pay_link;
exit();
} else {
echo $pay_link;
//ecs_header("Location: ".$pay_link."\n");
exit;
}
}
} elseif ($action == 'point_detail' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'public/lib_clips.php');
$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
$account_type = 'pay_points';
/* 获取记录条数 */
$sql = "SELECT COUNT(*) FROM " . $ecs->table('account_log') .
" WHERE user_id = '$user_id'" .
" AND $account_type <> 0 ";
$record_count = $db->getOne($sql);
//分页函数
$pager = get_pager('user.php', array('act' => $action), $record_count, $page);
$point_log = array();
$sql = "SELECT * FROM " . $ecs->table('account_log') .
" WHERE user_id = '$user_id'" .
" AND $account_type <> 0 " .
" ORDER BY log_id DESC";
$res = $GLOBALS['db']->selectLimit($sql, $pager['size'], $pager['start']);
while ($row = $db->fetchRow($res)) {
$row['change_time'] = local_date($_CFG['date_format'], $row['change_time']);
$row['type'] = $row[$account_type] > 0 ? $_LANG['account_inc'] : $_LANG['account_dec'];
$row['rank_points'] = abs($row['rank_points']);
$row['pay_points'] = abs($row['pay_points']);
$row['short_change_desc'] = sub_str($row['change_desc'], 60);
$row['amount'] = $row[$account_type];
$point_log[] = $row;
}
$sql = "SELECT pay_points FROM " . $ecs->table('users') . " WHERE user_id='$user_id'";
$point_amount = $db->getOne($sql);
//模板赋值
$smarty->assign('point_amount', $point_amount);
$smarty->assign('point_log', $point_log);
$smarty->assign('pager', $pager);
$smarty->display('user_transaction.dwt');
} elseif ($action == 'edit_address' && $_CFG['template'] == 'zxcp2019') {
if (!defined('ECS_WAP')) {
include_once('includes/cls_json.php');
}
$result = array('error' => 0, 'content' => '');
include_once(ROOT_PATH . 'includes/lib_transaction.php');
include_once(ROOT_PATH . 'lang/' . $_CFG['lang'] . '/shopping_flow.php');
$smarty->assign('lang', $_LANG);
$address_id = intval($_POST['address_id']);
if (defined('ECS_WAP')) {
$address_id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
}
/* 取得国家列表、商店所在国家、商店所在国家的省列表 */
$smarty->assign('country_list', get_regions());
$smarty->assign('shop_province_list', get_regions(1, $_CFG['shop_country']));
$sql = "SELECT a.*, concat( " . ($_LYCFG['is_hide_country'] ? "" : "IFNULL(c.region_name, ''),' ',") . " IFNULL(p.region_name, ''), " .
"' ', IFNULL(t.region_name, ''), ' ', IFNULL(d.region_name, '')) AS region FROM" .
$GLOBALS['ecs']->table('user_address') . " AS a " .
"LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS c ON a.country = c.region_id " .
"LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS p ON a.province = p.region_id " .
"LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS t ON a.city = t.region_id " .
"LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS d ON a.district = d.region_id " .
" WHERE a.address_id = '$address_id' AND a.user_id='$_SESSION[user_id]' LIMIT 1";
$consignee = $GLOBALS['db']->getRow($sql);
$province_list = get_regions(1, $consignee['country']);
$city_list = get_regions(2, $consignee['province']);
$district_list = get_regions(3, $consignee['city']);
//赋值于模板
$smarty->assign('real_goods_count', 1);
$smarty->assign('shop_country', $_CFG['shop_country']);
$smarty->assign('shop_province', get_regions(1, $_CFG['shop_country']));
if ($_LYCFG['is_hide_country'] && !$address_id) {
$province_list = get_regions(1, 1);
}
$smarty->assign('province_list', $province_list);
$smarty->assign('consignee', $consignee);
$smarty->assign('address', $address_id);
$smarty->assign('rec_ids', $rec_ids);
$smarty->assign('city_list', $city_list);
$smarty->assign('district_list', $district_list);
$smarty->assign('currency_format', $_CFG['currency_format']);
$smarty->assign('integral_scale', $_CFG['integral_scale']);
$smarty->assign('name_of_region', array($_CFG['name_of_region_1'], $_CFG['name_of_region_2'], $_CFG['name_of_region_3'], $_CFG['name_of_region_4']));
$result['content'] = $smarty->fetch('library/ajax_add_address.lbi');
if (!defined('ECS_WAP')) {
$json = new JSON();
die($json->encode($result));
} else {
$smarty->display('user_transaction.dwt');
}
} elseif ($action == 'ask_list' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'public/lib_clips.php');
$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
$order_id = empty($_GET['order_id']) ? 0 : intval($_GET['order_id']);
$order_info = array();
/* 获取用户留言的数量 */
if ($order_id) {
$sql = "SELECT COUNT(*) FROM " . $ecs->table('feedback') .
" WHERE parent_id = 0 AND order_id = '$order_id' AND user_id = '$user_id'";
$order_info = $db->getRow("SELECT * FROM " . $ecs->table('order_info') . " WHERE order_id = '$order_id' AND user_id = '$user_id'");
$order_info['url'] = 'user.php?act=order_detail&order_id=' . $order_id;
} else {
$sql = "SELECT COUNT(*) FROM " . $ecs->table('feedback') .
" WHERE parent_id = 0 AND user_id = '$user_id' AND user_name = '" . $_SESSION['user_name'] . "' AND order_id=0";
}
$record_count = $db->getOne($sql);
$act = array('act' => $action);
if ($order_id != '') {
$act['order_id'] = $order_id;
}
$pager = get_pager('user.php', $act, $record_count, $page, 5);
$message_list = get_ask_list($user_id, $_SESSION['user_name'], $pager['size'], $pager['start'], $order_id);
foreach ($message_list as $row) {
if ($row['re_msg_id']) {
$sql = $db->query("UPDATE " . $ecs->table('feedback') . "SET is_saw = '1' WHERE msg_id = '$row[re_msg_id]'");
}
}
$smarty->assign('message_list', $message_list);
$smarty->assign('pager', $pager);
$smarty->assign('order_info', $order_info);
$smarty->display('user_clips.dwt');
} elseif ($action == 'order_comment_info' && $_CFG['template'] == 'zxcp2019') {
$order_id = isset($_REQUEST['order_id']) ? intval($_REQUEST['order_id']) : 0;
$order_goods = array();
$sql = 'SELECT comment_status FROM ' . $GLOBALS['ecs']->table("order_info") . " WHERE order_id='$order_id' LIMIT 1 ";
$comment_status = $GLOBALS['db']->getOne($sql);
if ($comment_status == 1) {
ecs_header('Location: user.php?act=order_comment');
exit;
}
$sql = "SELECT og.rec_id,og.comment_status,og.comment_show_status, og.goods_id, og.goods_name,og.goods_sn,g.goods_thumb,g.comment_tag, og.market_price, og.goods_number,oi.add_time,c.content ,c.comment_id,c.show_photo,c.comment_rank,c.comment_tag,c.show_photo, " .
"og.goods_price, og.goods_attr, og.is_real, og.parent_id, og.is_gift, " .
"og.goods_price * og.goods_number AS subtotal, og.extension_code " .
"FROM " . $GLOBALS['ecs']->table('order_goods') . " AS og " .
"LEFT JOIN " . $GLOBALS['ecs']->table('goods') . " AS g on g.goods_id=og.goods_id " .
"LEFT JOIN " . $GLOBALS['ecs']->table('order_info') . " AS oi on oi.order_id=og.order_id " .
"LEFT JOIN " . $GLOBALS['ecs']->table('comment') . " AS c on c.order_rec_id=og.rec_id " .
" WHERE og.order_id = '$order_id' AND (og.comment_show_status=0 || og.comment_status = 0) AND oi.user_id='$user_id' ";
$res = $GLOBALS['db']->getAll($sql);
foreach ($res as $k => $row) {
if (($row['comment_status'] == 0 && $row['comment_id']) || ($row['comment_show_status'] == 0 && $row['show_photo'])) {
$comment_status = $row['comment_id'] ? 1 : 0;
$comment_show_status = $row['show_photo'] ? 1 : 0;
$sql = 'UPDATE ' . $GLOBALS['ecs']->table('order_goods') . " SET `comment_status`='$comment_status',`comment_show_status`='$comment_show_status' WHERE rec_id= '" . $row['rec_id'] . "'";
$result = $GLOBALS['db']->query($sql);
}
if ($row['extension_code'] == 'package_buy') {
$row['package_goods_list'] = get_package_goods($row['goods_id']);
}
$row['goods_price'] = price_format($row['goods_price'], false);
$row['add_time'] = local_date($GLOBALS['_CFG']['time_format'], $row['add_time']);
$row['url'] = build_uri('goods', array('gid' => $row['goods_id']), $row['goods_name']);
if ($row['show_photo'] && $row['comment_id']) continue;
$row['default_tag'] = explode(',', $_LYCFG['comment_default_tag']);
if ($row['comment_tag']) $row['comment_tag'] = explode(',', $row['comment_tag']);
if ($row['show_photo']) {
$row['show_photo'] = explode('||', $row['show_photo']);
}
$row['goods_thumb'] = get_image_path($row['goods_id'], $row['goods_thumb'], true);
$order_goods[] = $row;
}
$sql = 'SELECT COUNT(*) FROM ' . $GLOBALS['ecs']->table("order_rank_log") . " WHERE order_id='$order_id' LIMIT 1 ";
$order_rank_log = $GLOBALS['db']->getOne($sql);
$smarty->assign('order_id', $order_id);
$smarty->assign('order_rank_log', $order_rank_log);
$smarty->assign('order_goods', $order_goods);
$smarty->display('user_transaction.dwt');
} elseif ($action == 'act_add_order_rank' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'includes/cls_json.php');
$json = new JSON();
$result = array('error' => 0, 'content' => '');
$arr['goods_rank'] = isset($_REQUEST['goods_rank']) ? intval($_REQUEST['goods_rank']) : 5;
$arr['service_rank'] = isset($_REQUEST['service_rank']) ? intval($_REQUEST['service_rank']) : 5;
$arr['shipping_rank'] = isset($_REQUEST['shipping_rank']) ? intval($_REQUEST['shipping_rank']) : 5;
$order_id = isset($_REQUEST['order_id']) ? intval($_REQUEST['order_id']) : 0;
$sql = "SELECT order_id FROM " . $ecs->table('order_info') .
" WHERE user_id = '$user_id' AND order_id = '$order_id' ";
$order_info = $db->getRow($sql);
if (!$order_info) {
$result['content'] = '不存在此订单';
$result['error'] = 1;
die($json->encode($result));
}
$sql = "SELECT COUNT(*) FROM " . $ecs->table('order_rank_log') . " WHERE order_id = '$order_id' ";
if ($db->getOne($sql)) {
$result['content'] = '您已经评价过此订单!';
$result['error'] = 1;
die($json->encode($result));
}
$arr['order_id'] = $order_info['order_id'];
$arr['store_id'] = 1; //$order_info['store_id'];
$arr['user_id'] = $user_id;
$arr['add_time'] = gmtime();
$re = $GLOBALS['db']->autoExecute($GLOBALS['ecs']->table('order_rank_log'), $arr, 'INSERT');
update_order_comment_status($order_id);
die($json->encode($result));
}
if ($action == 'upload_show_photo' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'includes/cls_json.php');
$json = new JSON;
$result = array('error' => 0, 'filePath' => '');
require_once(ROOT_PATH . 'public/cls_image.php');
$image = new cls_image($_CFG['bgcolor']);
$original_img = $image->upload_image($_FILES['file'], 'showphoto_temp', '', 'jpg'); // 原始图片
$show_photo = str_replace('data/showphoto_temp/', '', $original_img);
if ($show_photo) {
$result['filePath'] = $show_photo;
} else {
$result['error'] = 1;
}
die($json->encode($result));
}
/* 密码找回-->修改密码界面 */ elseif ($action == 'get_password_main' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'public/lib_passport.php');
$smarty->assign('step', '1');
$GLOBALS['smarty']->assign('rand', mt_rand());
//显示用户名和email表单
$smarty->display('user_passport.dwt');
} elseif ($action == 'get_password_do' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'public/lib_passport.php');
$user_name = isset($_REQUEST['user_name']) ? trim($_REQUEST['user_name']) : '';
if (empty($_POST['captcha'])) {
show_message($_LANG['invalid_captcha'], $_LANG['back_retry_answer'], 'user.php?act=get_password_main', 'error');
}
/* 检查验证码 */
include_once('public/cls_captcha.php');
$validator = new captcha();
$validator->session_word = 'captcha_login';
if (!$validator->check_word($_POST['captcha'])) {
show_message($_LANG['invalid_captcha'], $_LANG['back_retry_answer'], 'user.php?act=get_password_main', 'error');
}
/* 要找回密码的用户名 */
if ($user_name) {
$sql = "SELECT user_id, user_name, email FROM " . $ecs->table('users') . " WHERE user_name='$user_name' OR email ='$user_name' OR mobile_phone ='$user_name' ";
$user_info = $db->getRow($sql);
if (!$user_info) {
show_message('该会员不存在!', '返回上一步', 'user.php?act=get_password_main', 'info');
} else {
$_SESSION['pwd_user_id'] = $user_info['user_id'];
ecs_header("Location: user.php?act=get_password\n");
exit;
}
} else {
show_message('请输入您的用户名!', '返回上一步', 'user.php?act=get_password_main', 'info');
}
} elseif ($action == 'get_coupon' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'includes/cls_json.php');
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$json = new JSON();
$result = array('error' => 0, 'message' => '');
$goods_id = isset($_REQUEST['goods_id']) ? intval($_REQUEST['goods_id']) : 0;
$user_coupon_type_ids = array();
$exist_coupon = array();
$enabled_coupon = array();
$goods = get_goods_info($goods_id);
$goods_coupon_list = get_goods_bonus_list($goods);
$user_coupon_list = get_user_bouns_list($_SESSION['user_id'], 1000);
foreach ($user_coupon_list as $key => $value) {
$user_coupon_type_ids[] = $value['type_id'];
}
foreach ($goods_coupon_list as $key => $row) {
$row['use_start_date'] = local_date('Y-m-d', $row['use_start_date']);
$row['use_end_date'] = local_date('Y-m-d', $row['use_end_date']);
if (in_array($row['type_id'], $user_coupon_type_ids)) {
//追加使用状态
$row['bonus_id'] = $user_coupon_list[$row['type_id']]['bonus_id'];
$row['status'] = strip_tags($user_coupon_list[$row['type_id']]['status']);
$row['bonus_url'] = $user_coupon_list[$row['type_id']]['bonus_url'];
$exist_coupon[] = $row;
} else {
$enabled_coupon[] = $row;
}
}
$smarty->assign('exist_coupon', $exist_coupon);
$smarty->assign('enabled_coupon', $enabled_coupon);
$result['content'] = $smarty->fetch('library/lyecs_coupon.lbi');
die($json->encode($result));
} elseif ($action == 'rebuy' && $_CFG['template'] == 'zxcp2019') {
require(ROOT_PATH . 'includes/lib_order.php');
$order_id = isset($_REQUEST['order_id']) ? intval($_REQUEST['order_id']) : 0;
$sql = "SELECT og.goods_id,og.goods_number,og.goods_attr_id,og.parent_id FROM " . $GLOBALS['ecs']->table("order_goods") . " AS og" .
" LEFT JOIN " . $GLOBALS['ecs']->table("order_info") . " AS oi ON og.order_id = oi.order_id " .
" WHERE og.order_id='$order_id' AND oi.user_id='$user_id' AND og.is_gift =0 ";
$order_goods = $GLOBALS['db']->getAll($sql);
if ($order_goods) {
foreach ($order_goods as $key => $row) {
$row['goods_attr_id'] = explode(',', $row['goods_attr_id']);
addto_cart($row['goods_id'], $row['goods_number'], $row['goods_attr_id'], $row['parent_id']);
}
}
ecs_header('Location: flow.php');
}
/* 发送用户手机校验码 */ elseif ($action == 'send_mobile_code' && $_CFG['template'] == 'zxcp2019') {
include_once('includes/cls_json.php');
$json = new JSON;
$result = array('error' => '', 'content' => '');
$mobile = !empty($_POST['mobile']) ? json_str_iconv(trim($_POST['mobile'])) : 0;
/* 验证码相关设置 */
if ((intval($_CFG['captcha']) & CAPTCHA_REGISTER) && gd_version() > 0) {
if (empty($_POST['mobile_captcha'])) {
$result['error'] = 4;
$result['content'] = $_LANG['invalid_captcha'];
die($json->encode($result));
}
/* 检查验证码 */
include_once('includes/cls_captcha.php');
$validator = new captcha();
if ($_POST['type'] == 'login') {
$validator->session_word = 'captcha_login';
}
if (!$validator->check_word($_POST['mobile_captcha'])) {
$result['error'] = 3;
$result['content'] = $_LANG['invalid_captcha'];
die($json->encode($result));
}
}
// if($_SESSION['mobile_send_count']>10){ //10次以上验证码
// /* 验证码检查 */
// if (empty($_POST['mobile_captcha']))
// {
// $result['error']=4;
// $result['content'] =$_LANG['invalid_captcha'];
// die($json->encode($result));
// }
// /* 检查验证码 */
// include_once('includes/cls_captcha.php');
// $validator = new captcha();
// if (!$validator->check_word($_POST['mobile_captcha']))
// {
// $result['error']=3;
// $result['content'] =$_LANG['invalid_captcha'];
// die($json->encode($result));
// }
// }
$time = gmtime();
if (($time - $_SESSION['mobile_send_time'] <= 20) && $_SESSION['mobile_send_time'] > 0) {
$result['error'] = 3;
$result['content'] = '您的操作过于频繁啦,请喝口咖啡,稍后再试!';
die($json->encode($result));
}
if ($_POST['type'] == 'reg') {
$is_registered = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('users') . " WHERE user_name = '$mobile' OR mobile_phone='$mobile'");
if ($is_registered) {
$result['error'] = 1;
$result['content'] = '该手机号已被注册!';
die($json->encode($result));
}
}
/* $rel_cold=rand(100000,999999);
$mobile_code=md5($rel_cold); */
$mobile_code = $rel_cold = rand(100000, 999999);
$content = sprintf($GLOBALS['_LYCFG']['mobile_text_reg'], trim($rel_cold));
if ($mobile) {
$sms_content = "您的验证码为:{$mobile_code},您正在ZXCP官网使用验证码,如非本人操作请联系我们或忽略。客服电话18511218108";
//$res = send_mobi_info($mobile,'default',$content);
SmsBase::setSendType(1); //非异步,直接发送
$res = SmsBase::sendSMS(array($mobile), $sms_content);
$_SESSION['mobile_code'] = $mobile_code;
$_SESSION['mobile'] = $mobile;
$_SESSION['mobile_send_time'] = gmtime();
}
if ($res['code'] == 0) {
$result['content'] = '发送成功!';
} else {
$result['error'] = 1;
$result['content'] = '发送失败,请稍后再试或联系客服!
错误代码:' . $res;
die($json->encode($result));
}
die($json->encode($result));
}
/* 发送用户邮箱校验码*/ elseif ($action == 'send_email_code' && $_CFG['template'] == 'zxcp2019') {
include_once('includes/cls_json.php');
$json = new JSON;
$result = array('error' => '', 'content' => '');
$email = !empty($_POST['email']) ? json_str_iconv(trim($_POST['email'])) : '';
$type = !empty($_POST['type']) ? json_str_iconv(trim($_POST['type'])) : '';
$time = gmtime();
if (($time - $_SESSION['email_send_time'] <= 30) && $_SESSION['email_send_time'] > 0) {
$result['error'] = 3;
$result['content'] = '您的操作过于频繁啦,请喝口咖啡,稍后再试!';
die($json->encode($result));
}
/* 验证码相关设置 */
if ((intval($_CFG['captcha']) & CAPTCHA_REGISTER) && gd_version() > 0) {
if (empty($_POST['email_captcha'])) {
$result['error'] = 4;
$result['content'] = $_LANG['invalid_captcha'];
die($json->encode($result));
}
/* 检查验证码 */
include_once('includes/cls_captcha.php');
$validator = new captcha();
if (!$validator->check_word($_POST['email_captcha'])) {
$result['error'] = 3;
$result['content'] = $_LANG['invalid_captcha'];
die($json->encode($result));
}
}
if ($type == 'reg') {
$is_registered = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('users') . " WHERE email = '$email' and is_validated =1");
if ($is_registered) {
$result['error'] = 1;
$result['content'] = '该邮箱已被注册!';
die($json->encode($result));
}
}
$rel_cold = rand(100000, 999999);
$email_code = md5($rel_cold);
$content = sprintf($GLOBALS['_LYCFG']['email_text_reg'], trim($rel_cold));
$smarty->assign('shop_name', $_CFG['shop_name']);
$smarty->assign('email_code', $rel_cold);
$html = $smarty->fetch('library/email_validate.lbi');
if ($email) {
$res = send_mail($_CFG['shop_name'], $email, '欢迎加入' . $_CFG['shop_name'] . ',请验证邮箱', $html, 1);
$_SESSION['email_code'] = $email_code;
$_SESSION['reg_email'] = $email;
$_SESSION['email_send_time'] = gmtime();
}
if ($res) {
$result['content'] = '发送成功!';
} else {
$result['error'] = 1;
$result['content'] = '发送失败,请稍后再试或联系客服!';
die($json->encode($result));
}
die($json->encode($result));
}
/* 注册会员的处理 */ elseif ($action == 'act_register_ajax' && $_CFG['template'] == 'zxcp2019') {
include_once('public/cls_json.php');
$json = new JSON;
$result = array('error' => 0, 'content' => '');
/* 增加是否关闭注册 */
if ($_CFG['shop_reg_closed']) {
$result['error'] = 1;
$result['content'] = '本店已暂停会员注册,详情请联系客服!';
die($json->encode($result));
} else {
include_once(ROOT_PATH . 'public/lib_passport.php');
$_POST['extend_field'] = $json->decode($_POST['extend_field'], true);
$_POST['extend_field_id'] = $json->decode($_POST['extend_field_id'], true);
foreach ($_POST['extend_field'] as $key => $value) {
if ($value != "") $_POST['extend_field' . $_POST['extend_field_id'][$key]] = $value;
}
$reg_type = isset($_POST['reg_type']) ? trim($_POST['reg_type']) : '';
$username = isset($_POST['username']) ? trim($_POST['username']) : '';
$password = isset($_POST['password']) ? trim($_POST['password']) : '';
$email = isset($_POST['email']) ? trim($_POST['email']) : '';
$other['msn'] = isset($_POST['extend_field1']) ? $_POST['extend_field1'] : '';
$other['qq'] = isset($_POST['extend_field2']) ? $_POST['extend_field2'] : '';
$other['office_phone'] = isset($_POST['extend_field3']) ? $_POST['extend_field3'] : '';
$other['home_phone'] = isset($_POST['extend_field4']) ? $_POST['extend_field4'] : '';
//$other['mobile_phone'] = isset($_POST['extend_field5']) ? $_POST['extend_field5'] : '';
$sel_question = empty($_POST['sel_question']) ? '' : compile_str($_POST['sel_question']);
$passwd_answer = isset($_POST['passwd_answer']) ? compile_str(trim($_POST['passwd_answer'])) : '';
$back_act = isset($_POST['back_act']) ? trim($_POST['back_act']) : '';
$mobile = isset($_POST['mobile']) ? trim($_POST['mobile']) : ''; //www.lyecs.com 老杨lyecs短信注册 安全
//如果手机注册
if ($reg_type == 'mobile') {
if (strlen($mobile) < 8) {
$result['error'] = 1;
$result['content'] = '手机格式错误!';
die($json->encode($result));
}
$mobile_code = !empty($_POST['mobile_code']) ? json_str_iconv(trim($_POST['mobile_code'])) : '';
// $mobile_code = md5($mobile_code);
$mobile_code_COOKIE = $_SESSION['mobile_code'];
$mobile_COOKIE = trim($_SESSION['mobile']);
if ($mobile_code != $mobile_code_COOKIE || $mobile != $mobile_COOKIE || !$mobile_code_COOKIE || !$mobile_COOKIE) {
$result['error'] = 1;
$result['content'] = '手机校验码错误,请重新输入!';
die($json->encode($result));
} else {
$sql = 'SELECT user_id FROM ' . $ecs->table('users') . " WHERE user_name = '$mobile' OR (mobile_phone = '$mobile' AND mobile_is_validated =1)";
if ($db->getOne($sql)) {
$result['error'] = 1;
$result['content'] = '该手机号已被注册!';
die($json->encode($result));
}
$_POST['extend_field5'] = $mobile;
$other['mobile_phone'] = $mobile;
}
if (!$username) $username = $mobile;
}
//如果邮箱注册
if ($reg_type == 'email') {
if (!is_email($email)) {
$result['error'] = 1;
$result['content'] = '邮箱格式不正确';
die($json->encode($result));
}
if (!$username) $username = $email;
$sql = 'SELECT user_id FROM ' . $ecs->table('users') . " WHERE user_name = '$email' OR email='$email' ";
if ($db->getOne($sql)) {
$result['error'] = 1;
$result['content'] = '该邮箱已被注册!';
die($json->encode($result));
}
$email_code = !empty($_POST['email_code']) ? json_str_iconv(trim($_POST['email_code'])) : '';
$email_code = md5($email_code);
$email_code_COOKIE = $_SESSION['email_code'];
$email_COOKIE = trim($_SESSION['reg_email']);
if ($email_code != $email_code_COOKIE || $email != $email_COOKIE || !$email_code_COOKIE || !$email_COOKIE) {
$result['error'] = 1;
$result['content'] = '邮箱校验码错误,请重新输入!';
die($json->encode($result));
} else {
$_POST['extend_field5'] = $email;
}
}
if (strlen($username) < 3) {
$result['error'] = 1;
$result['content'] = $_LANG['passport_js']['username_shorter'];
die($json->encode($result));
}
if (strlen($password) < 6) {
$result['error'] = 1;
$result['content'] = $_LANG['passport_js']['password_shorter'];
die($json->encode($result));
}
if (strpos($password, ' ') > 0) {
$result['error'] = 1;
$result['content'] = $_LANG['passport_js']['passwd_balnk'];
die($json->encode($result));
}
/* 验证码检查 */
if (((intval($_CFG['captcha']) & CAPTCHA_REGISTER) && gd_version() > 0) && false) {
if (empty($_POST['captcha'])) {
$result['error'] = 1;
$result['content'] = $_LANG['invalid_captcha'];
die($json->encode($result));
}
/* 检查验证码 */
include_once('public/cls_captcha.php');
$validator = new captcha();
if (!$validator->check_word($_POST['captcha'])) {
$result['error'] = 12;
$result['content'] = $_LANG['invalid_captcha'];
die($json->encode($result));
}
}
if (register($username, $password, $email, $other, true) !== false) {
unset($_SESSION['mobile_code']);
unset($_SESSION['mobile']);
unset($_SESSION['reg_email']);
unset($_SESSION['email_code']);
/*把新注册用户的扩展信息插入数据库*/
$sql = 'SELECT id FROM ' . $ecs->table('reg_fields') . ' WHERE type = 0 AND display = 1 ORDER BY dis_order, id'; //读出所有自定义扩展字段的id
$fields_arr = $db->getAll($sql);
//如果是手机注册,添加手机验证绑定
if ($reg_type == 'mobile') {
$sql = 'UPDATE ' . $ecs->table('users') . " SET `mobile_is_validated`='1' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
}
if ($reg_type == 'email') {
$sql = 'UPDATE ' . $ecs->table('users') . " SET `is_validated`='1' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
}
$extend_field_str = ''; //生成扩展字段的内容字符串
foreach ($fields_arr as $val) {
$extend_field_index = 'extend_field' . $val['id'];
if (!empty($_POST[$extend_field_index])) {
$temp_field_content = strlen($_POST[$extend_field_index]) > 100 ? mb_substr($_POST[$extend_field_index], 0, 99) : $_POST[$extend_field_index];
$extend_field_str .= " ('" . $_SESSION['user_id'] . "', '" . $val['id'] . "', '" . compile_str($temp_field_content) . "'),";
}
}
$extend_field_str = substr($extend_field_str, 0, -1);
if ($extend_field_str) //插入注册扩展数据
{
$sql = 'INSERT INTO ' . $ecs->table('reg_extend_info') . ' (`user_id`, `reg_field_id`, `content`) VALUES' . $extend_field_str;
$db->query($sql);
}
/* 写入密码提示问题和答案 */
if (!empty($passwd_answer) && !empty($sel_question)) {
$sql = 'UPDATE ' . $ecs->table('users') . " SET `passwd_question`='$sel_question', `passwd_answer`='$passwd_answer' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
}
//第三方登录完善
$nickname = empty($_POST['nickname']) ? '' : compile_str($_POST['nickname']);
$aite_id = empty($_POST['aite_id']) ? '' : compile_str($_POST['aite_id']);
$aite_type = empty($_POST['aite_type']) ? '' : compile_str($_POST['aite_type']);
if (!empty($nickname) && !empty($aite_id)) {
$aite_id = $aite_type . '_' . $aite_id;
$sql = 'UPDATE ' . $ecs->table('users') . " SET `nickname`='$nickname', `aite_id`='$aite_id' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
}
//注册送红包
//reg_send_bonus($_SESSION['user_id']);
/* 判断是否需要自动发送注册邮件 */
if ($GLOBALS['_CFG']['member_email_validate'] && $GLOBALS['_CFG']['send_verify_email']) {
send_regiter_hash($_SESSION['user_id']);
}
$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
$result['error'] = 0;
$back_act = $back_act ? $back_act : 'index.php';
$result['url'] = $back_act;
die($json->encode($result));
} else {
$result['error'] = 1;
$result['content'] = $err->last_message();
die($json->encode($result));
}
}
} elseif ($action == 'bind_mobile' && $_CFG['template'] == 'zxcp2019') { //绑定手机
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$step = isset($_REQUEST['step']) ? intval($_REQUEST['step']) : 2;
$user_info = get_profile($user_id);
if (!$_SESSION['is_verify_mobile']) {
if (!empty($user_info['mobile_phone'])) {
$verify_type = 'mobile';
}
}
if ($verify_type) {
$user_info['encrypt_mobile_phone'] = substr($user_info['mobile_phone'], 0, 3) . '*****' . substr($user_info['mobile_phone'], -3, 3);
$smarty->assign('profile', $user_info);
$smarty->assign('verify_type', $verify_type);
$smarty->assign('change_kind', 'bind_mobile');
$smarty->assign('action', 'verify_' . $verify_type);
$smarty->display('user_transaction.dwt');
exit;
}
if ($step == 2) {
$smarty->assign('profile', $user_info);
$smarty->assign('action', $action);
$smarty->assign('step', $step);
$smarty->display('user_transaction.dwt');
exit;
}
if ($step == 3) {
$mobile = isset($_POST['mobile']) ? trim($_POST['mobile']) : '';
$mobile_code = isset($_POST['mobile_code']) ? trim($_POST['mobile_code']) : '';
if ($mobile) { //www.lyecs.com 老杨lyecs短信注册
if (strlen($mobile) < 8) {
show_message('手机格式错误!');
exit;
}
$mobile_code = !empty($_POST['mobile_code']) ? json_str_iconv(trim($_POST['mobile_code'])) : '';
//$mobile_code = md5($mobile_code);
$mobile_code_COOKIE = $_SESSION['mobile_code'];
$mobile_COOKIE = trim($_SESSION['mobile']);
if ($mobile_code != $mobile_code_COOKIE || $mobile != $mobile_COOKIE || !$mobile_code_COOKIE || !$mobile_COOKIE) {
show_message('手机校验码错误,请重新输入!');
exit;
} else {
unset($_SESSION['mobile_code']);
unset($_SESSION['mobile']);
$_POST['extend_field5'] = $mobile;
$other['mobile_phone'] = $mobile;
$sql = 'SELECT user_id FROM ' . $ecs->table('users') . " WHERE mobile_phone = '$mobile' AND user_id != '$user_id' AND mobile_is_validated=1 ";
if ($db->getOne($sql)) {
show_message('手机已被其它会员绑定,请更换其它手机号码,或联系客服申诉!');
exit;
}
$sql = "update " . $ecs->table('users') . " set mobile_is_validated=1 ,mobile_phone='$mobile' where user_id='" . $user_id . "'";
$db->query($sql);
unset($_SESSION['is_verify_mobile']);
show_message('您已成功绑定手机号码!', '返回账号安全中心', 'user.php?act=security', 'info');
}
}
}
} elseif ($action == 'act_verify_mobile' && $_CFG['template'] == 'zxcp2019') { //手机验证
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$user_info = get_profile($user_id);
$mobile = isset($_POST['mobile']) ? trim($_POST['mobile']) : '';
$change_kind = isset($_POST['change_kind']) ? trim($_POST['change_kind']) : '';
$mobile_code = isset($_POST['mobile_code']) ? trim($_POST['mobile_code']) : '';
if ($mobile) { //www.lyecs.com 老杨lyecs短信注册
if (strlen($mobile) < 8) {
show_message('手机格式错误!');
exit;
}
$mobile_code = !empty($_POST['mobile_code']) ? json_str_iconv(trim($_POST['mobile_code'])) : '';
//$mobile_code = md5($mobile_code);
$mobile_code_COOKIE = $_SESSION['mobile_code'];
$mobile_COOKIE = trim($_SESSION['mobile']);
if ($mobile_code != $mobile_code_COOKIE || $mobile != $mobile_COOKIE || !$mobile_code_COOKIE || !$mobile_COOKIE) {
show_message('手机校验码错误,请重新输入!');
exit;
} else {
unset($_SESSION['mobile_code']);
unset($_SESSION['mobile']);
$_POST['extend_field5'] = $mobile;
$other['mobile_phone'] = $mobile;
$_SESSION['is_verify_mobile'] = true;
ecs_header("Location: user.php?act=" . $change_kind . "\n");
exit;
}
} else {
show_message('手机格式错误!');
exit;
}
}
/* 解绑手机 */ elseif ($action == 'unbind_mobile' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$step = isset($_REQUEST['step']) ? intval($_REQUEST['step']) : 2;
$user_info = get_profile($user_id);
if (!$_SESSION['is_verify_mobile']) {
if (!empty($user_info['mobile_phone'])) {
$verify_type = 'mobile';
}
}
if ($verify_type) {
$user_info['encrypt_mobile_phone'] = substr($user_info['mobile_phone'], 0, 3) . '*****' . substr($user_info['mobile_phone'], -3, 3);
$smarty->assign('profile', $user_info);
$smarty->assign('verify_type', $verify_type);
$smarty->assign('change_kind', 'bind_mobile');
$smarty->assign('action', 'verify_' . $verify_type);
$smarty->display('user_transaction.dwt');
exit;
}
if ($step == 2) {
$smarty->assign('profile', $user_info);
$smarty->assign('action', $action);
$smarty->assign('step', $step);
$smarty->display('user_transaction.dwt');
exit;
}
if ($step == 3) {
$sql = "update " . $ecs->table('users') . " set mobile_is_validated=0,mobile_phone='' where user_id='" . $user_id . "'";
$db->query($sql);
show_message('您的手机号码已解除绑定!', '返回账号安全中心', 'user.php?act=security', 'info');
}
}
/* 处理 ajax 的登录请求 */ elseif ($action == 'signin_mobile' && $_CFG['template'] == 'zxcp2019') {
include_once('includes/cls_json.php');
$json = new JSON;
$mobile = !empty($_POST['mobile']) ? trim($_POST['mobile']) : '';
$back_act = isset($_POST['back_act']) ? trim($_POST['back_act']) : '';
$remember = isset($_POST['remember']) ? intval($_POST['remember']) : '';
$mobile_code = !empty($_POST['mobile_code']) ? json_str_iconv(trim($_POST['mobile_code'])) : '';
//$mobile_code = md5($_POST['mobile_code']);
$mobile_code_COOKIE = $_SESSION['mobile_code'];
$mobile_COOKIE = trim($_SESSION['mobile']);
if ($mobile_code != $mobile_code_COOKIE || $mobile != $mobile_COOKIE || !$mobile_code_COOKIE || !$mobile_COOKIE) {
$result['error'] = 1;
$result['content'] = '手机校验码错误,请重新输入!';
die($json->encode($result));
}
$sql = 'SELECT user_name FROM ' . $ecs->table('users') . " WHERE user_name='$mobile' OR (mobile_phone = '$mobile' AND mobile_is_validated =1)";
$user_name = $db->getOne($sql);
if ($_LYCFG['mobile_login_need_reg'] == 1) {
//需要注册,判断是否存在
if (!$user_name) {
$result['error'] = 1;
$result['content'] = '该手机号还未注册,请先注册!';
die($json->encode($result));
} else {
$user->set_session($user_name);
$user->set_cookie($user_name, 1);
update_user_info(); //更新用户信息
recalculate_price(); // 重新计算购物车中的商品价格);
}
} else {
//不需注册,则自动注册会员
if (!$user_name) {
include_once(ROOT_PATH . 'public/lib_passport.php');
$password = $_POST['mobile_code'];
$user_name = $mobile;
if (register($user_name, $password, '', $other, true) !== false) //需修改integrate.php www.lyecs.com
{
$sql = 'UPDATE ' . $ecs->table('users') . " SET `mobile_is_validated`='1',mobile_phone='$mobile' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
//reg_send_bonus($_SESSION['user_id']);
/* 判断是否需要自动发送注册邮件 */
if ($GLOBALS['_CFG']['member_email_validate'] && $GLOBALS['_CFG']['send_verify_email']) {
send_regiter_hash($_SESSION['user_id']);
}
} else {
$result['error'] = 1;
$result['content'] = $err->last_message();
die($json->encode($result));
}
}
}
if ($user_name) {
unset($_SESSION['mobile']);
unset($_SESSION['mobile_code']);
$user->set_session($user_name);
$user->set_cookie($user_name, 1);
update_user_info(); //更新用户信息
recalculate_price(); // 重新计算购物车中的商品价格);
$smarty->assign('user_info', get_user_info());
$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
$result['ucdata'] = $ucdata;
$back_act = $back_act ? $back_act : 'index.php';
$result['url'] = $back_act;
if (!defined('ECS_WAP')) $result['content'] = $smarty->fetch('library/member_info.lbi');
} else {
$_SESSION['login_fail']++;
if ($_SESSION['login_fail'] > 2) {
$result['login_cap_fail'] = 1;
$smarty->assign('enabled_captcha', 1);
if (!defined('ECS_WAP')) $result['html'] = $smarty->fetch('library/member_info.lbi');
}
$result['error'] = 1;
$result['content'] = $_LANG['login_failure'];
}
die($json->encode($result));
}
/* 发送短信修改确认邮件 */ elseif ($action == 'send_pwd_mobile' && $_CFG['template'] == 'zxcp2019') {
$mobile = isset($_POST['mobile']) ? compile_str(trim($_POST['mobile'])) : '';
if (strlen($mobile) < 8 || strlen($mobile) > 13) {
show_message('手机格式错误!', $_LANG['back_page_up'], '', 'info');
}
$mobile_code = !empty($_POST['mobile_code']) ? json_str_iconv(trim($_POST['mobile_code'])) : '';
//$mobile_code = md5($mobile_code);
$mobile_code_COOKIE = $_SESSION['mobile_code'];
$mobile_COOKIE = trim($_SESSION['mobile']);
if ($mobile_code != $mobile_code_COOKIE || $mobile != $mobile_COOKIE || !$mobile_code_COOKIE || !$mobile_COOKIE) {
show_message('手机校验码错误,请重新输入!', $_LANG['back_page_up'], '', 'info');
} else {
unset($_SESSION['mobile']);
unset($_SESSION['mobile_code']);
$sql = 'SELECT user_id FROM ' . $ecs->table('users') . " WHERE mobile_phone = '$mobile' ";
$mobile_user_id = $db->getOne($sql);
if (!$mobile_user_id) {
show_message('该手机号不存在!', $_LANG['back_page_up'], '', 'info');
} else {
$uid = $mobile_user_id;
$user_info = $user->get_profile_by_id($uid);
$code = md5($user_info['user_id'] . $_CFG['hash_code'] . $user_info['reg_time']);
/* 判断链接的合法性 */
if (empty($user_info) || ($user_info && md5($user_info['user_id'] . $_CFG['hash_code'] . $user_info['reg_time']) != $code)) {
show_message($_LANG['parm_error'], $_LANG['back_home_lnk'], './', 'info');
}
$captcha = intval($_CFG['captcha']);
if (($captcha & CAPTCHA_LOGIN) && (!($captcha & CAPTCHA_LOGIN_FAIL) || (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0) {
$GLOBALS['smarty']->assign('enabled_captcha', 1);
$GLOBALS['smarty']->assign('rand', mt_rand());
}
$smarty->assign('uid', $uid);
$smarty->assign('code', $code);
$smarty->assign('step', '3');
$smarty->assign('action', 'reset_password');
$smarty->display('user_passport.dwt');
}
}
} elseif ($action == 'wx_validated' && $_CFG['template'] == 'zxcp2019') {
if ($user_id) {
ecs_header('Location: index.php');
}
$code = $_GET['code'];
if (empty($code)) {
ecs_header('Location: index.php');
exit();
}
include_once(ROOT_PATH . 'lyecs_wechat/wx_login.php');
$wxlogin = new WxLoginClass($appid, $appsecret);
$oauth2_info = $wxlogin->oauth2_access_token($_GET["code"]);
$userinfo = $wxlogin->oauth2_get_user_info($oauth2_info['access_token'], $oauth2_info['openid']);
/* $userinfo = [
"openid" => "ovFrv594hENtXEJO9obAXFD18M_k",
"nickname" => "天ლ之痕ლ",
"sex" => 1,
"language" => "zh_CN",
"province" => "广东",
"country" => "中国",
"headimgurl" => "http://thirdwx.qlogo.cn/mmopen/vi_32/hQoOP719jarWDmOvVUXk1DxyZre86oKMZI5KKYQHCpVibIvm7A8PGroOxhl8e4jUgHS4AYk96hJFCGvDkjBjt7A/132",
"unionid" => "orTia1TSr6NaIE-WuvKckGDWIvmE"
]; */
$openid = isset($userinfo['openid']) ? compile_str(trim($userinfo['openid'])) : '';
$unionid = $userinfo['unionid'];
if (!$openid) {
show_message('微信登陆openId获取失败', '提示', 'index.php', 'error');
}
$nickname = isset($userinfo['nickname']) ? compile_str(trim($userinfo['nickname'])) : '';
$headimgurl = isset($userinfo['headimgurl']) ? compile_str(trim($userinfo['headimgurl'])) : '';
$sql = "SELECT * FROM " . $ecs->table('users') . " WHERE unionid = '$unionid' AND unionid !='' ";
$user_info = $db->getRow($sql);
if (!$user_info) {
if (/*$_LYCFG['is_wx_auto_regist']==1*/0) {
include_once(ROOT_PATH . 'public/lib_passport.php');
$username = $openid;
$password = md5($openid . 'haoer');
$email = '';
if (register($username, $password, $email, $other, true) !== false) //需修改integrate.php www.lyecs.com
{
if ($headimgurl) {
$headimg_name = down_head_img($headimgurl);
if ($headimg_name) {
$headimg_sql = " `user_photo`='$headimg_name', ";
}
}
$sql = 'UPDATE ' . $ecs->table('users') . " SET `mobile_is_validated`='1', $headimg_sql
`nickname`='$nickname',`lyecs_wxOpen_id`='$openid', `lyecs_wx_validated`='1', `lyecs_wx_name`='$nickname',`unionid`='$unionid' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
deal_old_wechat_users($openid, $_SESSION['user_id']);
//注册送红包
reg_send_bonus($_SESSION['user_id']);
/* 判断是否需要自动发送注册邮件 */
if ($GLOBALS['_CFG']['member_email_validate'] && $GLOBALS['_CFG']['send_verify_email']) {
send_regiter_hash($_SESSION['user_id']);
}
$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
ecs_header("Location: index.php\n");
exit;
} else {
show_message($err->last_message(), '', '', 'error');
}
} else {
assign_template();
$smarty->assign('step', 1);
$smarty->assign('openid', $openid);
$smarty->assign('nickname', $nickname);
$smarty->assign('headimgurl', $headimgurl);
$smarty->assign('unionid', $unionid);
$smarty->assign('token', $token);
$smarty->display('user_register_wechat.dwt');
}
} else {
$username = $user_info['user_name'];
$user->set_session($username);
$user->set_cookie($username, 1);
update_user_info(); //更新用户信息
recalculate_price(); // 重新计算购物车中的商品价格);
ecs_header("Location: index.php\n");
}
} elseif ($action == 'wx_validated_act' && $_CFG['template'] == 'zxcp2019') {
$token = $_REQUEST['token'];
$openid = isset($_POST['openid']) ? compile_str(trim($_POST['openid'])) : '';
$nickname = isset($_POST['nickname']) ? compile_str(trim($_POST['nickname'])) : '';
$mobile = isset($_POST['mobile']) ? compile_str(trim($_POST['mobile'])) : '';
$headimgurl = isset($_POST['headimgurl']) ? compile_str(trim($_POST['headimgurl'])) : '';
$unionid = isset($_POST['unionid']) ? trim($_POST['unionid']) : '';
$sql = "SELECT * FROM " . $ecs->table('users') . " WHERE (user_name = '$mobile' OR mobile_phone = '$mobile' ) ";
$user_info = $db->getRow($sql);
if (!$user_info) {
$smarty->assign('step', 2);
} else {
$smarty->assign('step', 3);
}
assign_template();
$smarty->assign('openid', $openid);
$smarty->assign('nickname', $nickname);
$smarty->assign('mobile', $mobile);
$smarty->assign('headimgurl', $headimgurl);
$smarty->assign('unionid', $unionid);
$smarty->assign('token', $token);
$smarty->display('user_register_wechat.dwt');
} elseif ($action == 'wx_regist_sigin' && $_CFG['template'] == 'zxcp2019') {
if ($user_id) {
ecs_header('Location: index.php');
}
include_once(ROOT_PATH . 'lyecs_wechat/common.php');
$token = $_POST['token'];
$openid = isset($_POST['openid']) ? compile_str(trim($_POST['openid'])) : '';
$nickname = isset($_POST['nickname']) ? compile_str(trim($_POST['nickname'])) : '';
$mobile = isset($_POST['username']) ? compile_str(trim($_POST['username'])) : '';
$headimgurl = isset($_POST['headimgurl']) ? compile_str(trim($_POST['headimgurl'])) : '';
$unionid = isset($_POST['unionid']) ? trim($_POST['unionid']) : '';
$username = $mobile;
$password = !empty($_POST['password']) ? trim($_POST['password']) : '';
$captcha = intval($_CFG['captcha']);
if (true) {
if (empty($captcha)) {
show_message($_LANG['invalid_captcha'], '', '', 'error');
}
/* 检查验证码 */
include_once('public/cls_captcha.php');
$validator = new captcha();
$validator->session_word = 'captcha_login';
if (!$validator->check_word($_POST['captcha'])) {
show_message($_LANG['invalid_captcha'], '', '', 'error');
}
}
if ($user->login($username, $password, 1)) {
$sql = "SELECT user_name,user_id,user_photo FROM " . $ecs->table('users') . " WHERE user_name = '$mobile' OR mobile_phone = '$mobile' ";
$user_info = $db->getRow($sql);
$username = $user_info['user_name'];
$user->set_session($username);
$user->set_cookie($username, 1);
update_user_info(); //更新用户信息
if ($headimgurl && !$user_info['user_photo']) {
$headimg_name = down_head_img($headimgurl);
if ($headimg_name) {
$headimg_sql = " `user_photo`='$headimg_name', ";
}
}
$sql = 'UPDATE ' . $ecs->table('users') . " SET `pc_openid`='$openid', `wx_validated`=1, $headimg_sql `wx_name`='$nickname', `unionid`='$unionid' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
//deal_old_wechat_users($openid,$_SESSION['user_id']);
update_user_info(); //更新用户信息
recalculate_price(); // 重新计算购物车中的商品价格
$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
ecs_header("Location: index.php\n");
} else {
$_SESSION['login_fail']++;
if ($_SESSION['login_fail'] > 2) {
$result['login_cap_fail'] = 1;
$smarty->assign('enabled_captcha', 1);
if (!defined('ECS_WAP')) $result['html'] = $smarty->fetch('library/member_info.lbi');
}
show_message('账号或密码错误!', '', '', 'error');
}
} elseif ($action == 'wx_regist_act' && $_CFG['template'] == 'zxcp2019') {
if ($user_id) {
ecs_header('Location: index.php');
}
include_once(ROOT_PATH . 'includes/lib_passport.php');
include_once(ROOT_PATH . 'lyecs_wechat/common.php');
$mobile = isset($_POST['mobile']) ? trim($_POST['mobile']) : '';
$username = $mobile;
$password = isset($_POST['password']) ? trim($_POST['password']) : '';
$openid = isset($_POST['openid']) ? compile_str(trim($_POST['openid'])) : '';
$nickname = isset($_POST['nickname']) ? compile_str(trim($_POST['nickname'])) : '';
$headimgurl = isset($_POST['headimgurl']) ? compile_str(trim($_POST['headimgurl'])) : '';
$unionid = isset($_POST['unionid']) ? trim($_POST['unionid']) : '';
// if (strlen($password) < 6)
// {
// show_message($_LANG['passport_js']['password_shorter'],'', '', 'error');
// }
// if (strpos($password, ' ') > 0)
// {
// show_message($_LANG['passport_js']['passwd_balnk'],'', '', 'error');
// }
//如果手机注册
if (strlen($mobile) < 8 || strlen($mobile) > 15) {
show_message('手机格式错误!', '', '', 'error');
}
$mobile_code = !empty($_POST['mobile_code']) ? json_str_iconv(trim($_POST['mobile_code'])) : '';
//$mobile_code = md5($mobile_code);
$mobile_code_COOKIE = $_SESSION['mobile_code'];
$mobile_COOKIE = trim($_SESSION['mobile']);
if ($mobile_code != $mobile_code_COOKIE || $mobile != $mobile_COOKIE || !$mobile_code_COOKIE || !$mobile_COOKIE) {
show_message('手机校验码错误,请重新输入!', '', '', 'error');
} else {
unset($_SESSION['mobile']);
unset($_SESSION['mobile_code']);
$sql = "SELECT user_name,user_id,user_photo FROM " . $ecs->table('users') . " WHERE (user_name = '$mobile' OR (mobile_phone = '$mobile' AND mobile_is_validated =1)) ";
$user_info = $db->getRow($sql);
if ($user_info) {
$username = $user_info['user_name'];
$user->set_session($username);
$user->set_cookie($username, 1);
update_user_info(); //更新用户信息
if ($headimgurl && !$user_info['user_photo']) {
$headimg_name = down_head_img($headimgurl);
if ($headimg_name) {
$headimg_sql = " `user_photo`='$headimg_name', ";
}
}
$sql = 'UPDATE ' . $ecs->table('users') . " SET `pc_openid`='$openid', `wx_validated`=1, $headimg_sql `wx_name`='$nickname', `unionid`='$unionid' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
//deal_old_wechat_users($openid,$_SESSION['user_id']);
recalculate_price(); // 重新计算购物车中的商品价格);
ecs_header("Location: index.php\n");
exit;
} else {
//$password=md5($user_name.gmtime());
if (register($username, $password, $email, $other, true) !== false) {
if ($headimgurl) {
$headimg_name = down_head_img($headimgurl);
if ($headimg_name) {
$headimg_sql = " `user_photo`='$headimg_name', ";
}
}
$sql = 'UPDATE ' . $ecs->table('users') . " SET `mobile_is_validated`=1, $headimg_sql
`mobile_phone`='$mobile', `pc_openid`='$openid', `wx_validated`=1, `wx_name`='$nickname', `unionid`='$unionid' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
$db->query($sql);
//deal_old_wechat_users($openid,$_SESSION['user_id']);
//注册送红包
// reg_send_bonus($_SESSION['user_id']);
/* 判断是否需要自动发送注册邮件 */
if ($GLOBALS['_CFG']['member_email_validate'] && $GLOBALS['_CFG']['send_verify_email']) {
send_regiter_hash($_SESSION['user_id']);
}
$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
ecs_header("Location: index.php\n");
} else {
show_message($err->last_message(), '', '', 'error');
}
}
}
} elseif ($action == 'wx_validated_bind' && $_CFG['template'] == 'zxcp2019') {
if (!$user_id) {
ecs_header('Location: user.php?act=security');
}
include_once(ROOT_PATH . 'lyecs_wechat/wx_login.php');
$wxlogin = new WxLoginClass($appid, $appsecret);
$oauth2_info = $wxlogin->oauth2_access_token($_GET["code"]);
$userinfo = $wxlogin->oauth2_get_user_info($oauth2_info['access_token'], $oauth2_info['openid']);
$openid = isset($userinfo['openid']) ? compile_str(trim($userinfo['openid'])) : '';
$unionid = $userinfo['unionid'];
if (!$openid) {
show_message('微信登陆openId获取失败', '提示', 'user.php?act=security', 'error');
}
$nickname = isset($userinfo['nickname']) ? compile_str(trim($userinfo['nickname'])) : '';
$headimgurl = isset($userinfo['headimgurl']) ? compile_str(trim($userinfo['headimgurl'])) : '';
$sql = "SELECT * FROM " . $ecs->table('users') . " WHERE unionid = '$unionid' AND unionid !='' ";
$user_info = $db->getRow($sql);
if ($user_info) {
if ($user_info['user_id'] == $_SESSION['user_id']) {
show_message('该账号已经绑定过此微信!', '提示', 'user.php?act=security', 'error');
} else {
show_message('该微信已绑定了其它账号,请先解绑账号后再重试!', '提示', 'user.php?act=security', 'error');
}
} else {
$data = array(
'pc_openid' => $openid,
'unionid' => $unionid,
'wx_validated' => 1
);
if ($headimgurl) {
$headimg_name = down_head_img($headimgurl);
if ($headimg_name) {
$sql = "SELECT user_photo FROM " . $ecs->table('users') . " WHERE user_id = '$_SESSION[user_id]'";
$user_photo = $db->getOne($sql);
if (!$user_photo) {
$data['user_photo'] = $headimg_name;
}
}
}
$db->autoExecute($ecs->table('users'), $data, 'UPDATE', " user_id='$_SESSION[user_id]' ");
ecs_header('Location: user.php?act=security');
}
}
/* 解绑微信 */ elseif ($action == 'unbind_wx' && $_CFG['template'] == 'zxcp2019') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
$step = isset($_REQUEST['step']) ? intval($_REQUEST['step']) : 2;
$user_info = get_profile($user_id);
if (!$_SESSION['is_verify_mobile']) {
if (!empty($user_info['mobile_phone'])) {
$verify_type = 'mobile';
}
}
if ($verify_type) {
$user_info['encrypt_mobile_phone'] = substr($user_info['mobile_phone'], 0, 3) . '*****' . substr($user_info['mobile_phone'], -3, 3);
$smarty->assign('profile', $user_info);
$smarty->assign('verify_type', $verify_type);
$smarty->assign('change_kind', 'unbind_wx');
$smarty->assign('action', 'verify_' . $verify_type);
$smarty->display('user_transaction.dwt');
exit;
}
if ($step == 2) {
$sql = "update " . $ecs->table('users') . " set pc_openid='',unionid='',wx_validated='0' where user_id='" . $user_id . "'";
$db->query($sql);
unset($_SESSION['is_verify_mobile']);
show_message('您的账号已解除微信绑定!', '返回账号安全中心', 'user.php?act=security', 'info');
exit;
}
} elseif ($action == 'pay_native' && $_CFG['template'] == 'zxcp2019') {
assign_template();
$position = assign_ur_here(0, '微信扫码支付');
$log_id = isset($_REQUEST['log_id']) ? intval($_REQUEST['log_id']) : 0;
$order_sn = isset($_REQUEST['order_sn']) ? compile_str(trim($_REQUEST['order_sn'])) : '';
$sql = "SELECT * FROM " . $GLOBALS['ecs']->table('pay_log') . " WHERE log_id='$log_id' ";
$pay_log = $GLOBALS['db']->getRow($sql);
if ($pay_log['is_paid'] == 1) {
show_message('该订单已经支付,请勿重复操作', '', '', 'error');
}
if ($pay_log['order_type'] == 1) {
$smarty->assign('order_sn', '余额充值' . $_GET['order_sn']);
$smarty->assign('order_type', 1);
$smarty->assign('total_fee', price_format(floatval($_GET['total_fee'])));
} else {
$order = $db->getRow("SELECT * FROM " . $ecs->table('order_info') . " WHERE order_id = '$pay_log[order_id]' ");
$smarty->assign('order_sn', $order['order_sn']);
$smarty->assign('total_fee', $order['order_amount']);
$smarty->assign('order_type', 0);
$smarty->assign('order_id', $pay_log['order_id']);
}
$smarty->assign('ewm', $_GET['ewm']);
$smarty->assign('page_title', $position['title']); // 页面标题
$smarty->assign('ur_here', $position['ur_here']);
$smarty->assign('step', 'order_pay');
$smarty->assign('log_id', $log_id);
$smarty->assign('helps', get_shop_help()); // 网店帮助
$smarty->assign('lang', $_LANG);
$smarty->display('flow/pay_native.dwt');
}
//zxcp2019-e
/* 清除商品浏览历史 */ elseif ($action == 'clear_history') {
setcookie('ECS[history]', '', 1);
}
/* 查看物流信息*/ elseif ($action == 'get_kuaidi_info') {
include_once(ROOT_PATH . 'includes/lib_transaction.php');
include_once(ROOT_PATH . 'includes/lib_order.php');
include_once(MODULES_PATH . 'kuaidi/alifuqing.class.php');
$order_id = isset($_POST['order_id']) ? intval($_POST['order_id']) : 0;
/* 订单详情 */
$order = get_order_detail($order_id);
$alifuqing = new alifuqing();
$kdTrance = $alifuqing->getTracesInfo(strip_tags($order['invoice_no']), $order['shipping_name'], substr($order['tel'], -4));
echo json_encode($kdTrance);
}