php/iem_shop.git

bhq@iemsoft.cn

2018-11-27 3e083bc512141a008fecae0c6cfe3e6e9b9e2c3d

commit \| author \| age
3e083b	1	<?php
B	2
	3	/**
	4	* 会员中心
	5	*/
	6	define('IN_ECS', true);
	7
	8	require (dirname(__FILE__) . '/includes/init.php');
	9
	10	/* 载入语言文件 */
	11	require_once (ROOT_PATH . 'languages/' . $_CFG['lang'] . '/user.php');
	12
	13	$user_id = $_SESSION['user_id'];
	14	$action = isset($_REQUEST['act']) ? trim($_REQUEST['act']) : 'default';
	15
	16	$affiliate = unserialize($GLOBALS['_CFG']['affiliate']);
	17	$smarty->assign('affiliate', $affiliate);
	18	$back_act = '';
	19
	20	// 不需要登录的操作或自己验证是否登录（如ajax处理）的act
	21	$not_login_arr = array(
	22	'login', 'act_login', 'act_edit_password', 'get_password', 'send_pwd_email', 'password', 'signin', 'add_tag', 'collect', 're_collect', 'return_to_cart', 'book_goods','add_book_goods', 'logout', 'user_bonus', 'email_list', 'validate_email', 'send_hash_mail', 'order_query', 'is_registered', 'check_email', 'check_mobile_phone', 'clear_history', 'qpassword_name', 'get_passwd_question', 'check_answer', 'check_register', 'oath', 'oath_login', 'other_login', 'ch_email', 'ck_email', 'check_username', 'forget_password', 'getverifycode', 'step_1',
	23	/余额额支付密码_更改_START_/
	24	'act_forget_pass', 're_pass', 'open_surplus_password', 'close_surplus_password'
	25	);
	26	/* 余额额支付密码_更改_END_ */
	27
	28	/* 显示页面的action列表 */
	29	$ui_arr = array(
	30	'login', 'profile', 'order_list', 'order_detail', 'address_list', 'collection_list', 'follow_shop', 'message_list', 'tag_list', 'get_password', 'reset_password', 'booking_list', 'add_booking', 'account_raply', 'account_deposit', 'account_log', 'account_detail', 'act_account', 'pay', 'default', 'bonus', 'group_buy', 'group_buy_detail', 'affiliate', 'comment_list', 'validate_email', 'track_packages', 'transform_points', 'qpassword_name', 'get_passwd_question', 'check_answer', 'check_register', 'back_order', 'back_list', 'back_order_detail', 'back_order_act', 'back_replay', 'my_comment', 'my_comment_send', 'shaidan_send', 'shaidan_sale', 'account_security', 'act_identity', 'check_phone', 'update_password', 're_binding', 'update_phone', 'update_email', 'act_update_email',
	31	're_binding_email', 'ch_email', 'ck_email', 'step_1', 'forget_password', 'back_order_detail', 'del_back_order', 'back_order_detail_edit', 'add_huan_goods',
	32	/余额额支付密码_更改_START_/
	33	'act_forget_pass', 're_pass', 'auction_list', 'forget_surplus_password', 'act_forget_surplus_password', 'update_surplus_password', 'act_update_surplus_password', 'verify_reset_surplus_email', 'get_verify_code'
	34	); // 代码修改
	35	// By
	36	//
	37	/* 余额额支付密码_更改_END_ */
	38
	39	/* 代码增加_start By */
	40	$ui_arr[] = "supplier_reg";
	41	/* 代码增加_end By */
	42	/* 代码增加_start By */
	43	$ui_arr[] = 'tg_login_act';
	44	$ui_arr[] = 'tg_login';
	45	$ui_arr[] = 'tg_order';
	46	/* 代码增加_end By */
	47	/* 代码增加_start By */
	48	$ui_arr[] = 'vc_login_act';
	49	$ui_arr[] = 'vc_login';
	50	$ui_arr[] = 'update_password_success';
	51	$ui_arr[] = 'to_update_password';
	52	$not_login_arr[] = 'login_check_yzm';
	53	/* 代码增加_end By */
	54	$not_login_arr[] = 'check_mobile';
	55	$not_login_arr[] = 'send_email_code';
	56	$not_login_arr[] = 'send_mobile_code';
	57
	58	$ui_arr[] = 'get_tc_express';
	59
	60	/* 未登录处理 */
	61	if(empty($_SESSION['user_id']) && $action != 're_validate_email' && $action != 'valid_email')
	62	{
	63	if(! in_array($action, $not_login_arr))
	64	{
	65	if(in_array($action, $ui_arr))
	66	{
	67	/*
	68	* 如果需要登录,并是显示页面的操作，记录当前操作，用于登录后跳转到相应操作
	69	* if ($action == 'login')
	70	* {
	71	* if (isset($_REQUEST['back_act']))
	72	* {
	73	* $back_act = trim($_REQUEST['back_act']);
	74	* }
	75	* }
	76	* else
	77	* {}
	78	*/
	79	$query_string = $_SERVER['QUERY_STRING'];
	80	if(! empty($query_string))
	81	{
	82	if(strpos($query_string, 'findPwd.php') != false)
	83	{
	84	$query_string = 'index.php';
	85	}
	86	$back_act = 'user.php?' . strip_tags($query_string);
	87	}
	88	$action = 'login';
	89	}
	90	else
	91	{
	92	// 未登录提交数据。非正常途径提交数据！
	93	// die($_LANG['require_login']);
	94	show_message($_LANG['require_login'], array(
	95	'</br>登录', '</br>返回首页'
	96	), array(
	97	'user.php?act=login', $ecs->url()
	98	), 'error', false);
	99	}
	100	}
	101	}
	102
	103	/* 如果是显示页面，对页面进行相应赋值 */
	104	if(in_array($action, $ui_arr))
	105	{
	106	assign_template();
	107	$position = assign_ur_here(0, $_LANG['user_center']);
	108	$smarty->assign('page_title', $position['title']); // 页面标题
	109	$smarty->assign('ur_here', $position['ur_here']);
	110	$sql = "SELECT value FROM " . $ecs->table('shop_config') . " WHERE id = 419";
	111	$row = $db->getRow($sql);
	112	$car_off = $row['value'];
	113	$smarty->assign('car_off', $car_off);
	114	/* 是否显示积分兑换 */
	115	if(! empty($_CFG['points_rule']) && unserialize($_CFG['points_rule']))
	116	{
	117	$smarty->assign('show_transform_points', 1);
	118	}
	119	$smarty->assign('helps', get_shop_help()); // 网店帮助
	120	$smarty->assign('data_dir', DATA_DIR); // 数据目录
	121	$smarty->assign('action', $action);
	122	$smarty->assign('lang', $_LANG);
	123	}
	124
	125	/* 代码增加_Start By 用户中心获取会员信息*/
	126
	127	include_once (ROOT_PATH . 'includes/lib_clips.php');
	128	if($rank = get_rank_info())
	129	{
	130	$smarty->assign('rank_name', $rank['rank_name']);
	131	if(! empty($rank['next_rank_name']))
	132	{
	133	$smarty->assign('next_rank_name', sprintf($_LANG['next_level'], $rank['next_rank'], $rank['next_rank_name']));
	134	}
	135	$rn = $rank['rank_name'];
	136	$recomm = $db->getOne("SELECT is_recomm FROM " . $GLOBALS['ecs']->table('user_rank') . " WHERE rank_name= '$rn'");
	137	$smarty->assign('recomm', $recomm); // 获取当前用户是否是分成用户判断是否显示我的推荐
	138	}
	139
	140	/* 路由 */
	141
	142	$function_name = 'action_' . $action;
	143
	144	if(! function_exists($function_name))
	145	{
	146	$function_name = "action_default";
	147	}
	148
	149	call_user_func($function_name);
	150
	151	/* 路由 */
	152
	153	/* 代码增加_start By */
	154	function action_supplier_reg ()
	155	{
	156	// 获取全局变量
	157	$_LANG = $GLOBALS['_LANG'];
	158	$smarty = $GLOBALS['smarty'];
	159	$db = $GLOBALS['db'];
	160	$ecs = $GLOBALS['ecs'];
	161	$user_id = $_SESSION['user_id'];
	162
	163	$sql = "select * from " . $ecs->table('supplier') . " where user_id='" . $_SESSION['user_id'] . "' ";
	164	$supplier = $db->getRow($sql);
	165
	166	$smarty->assign('supplier', $supplier);
	167
	168	$supplier_country = $supplier['country'] ? $supplier['country'] : $_CFG['shop_country'];
	169	$smarty->assign('country_list', get_regions());
	170	$smarty->assign('province_list', get_regions(1, $supplier_country));
	171	$smarty->assign('city_list', get_regions(2, $supplier['province']));
	172	$smarty->assign('district_list', get_regions(3, $supplier['city']));
	173	$smarty->assign('supplier_country', $supplier_country);
	174
	175	$sql = "select rank_id,rank_name from " . $ecs->table('supplier_rank') . " order by sort_order";
	176	$supplier_rank = $db->getAll($sql);
	177	$smarty->assign('supplier_rank', $supplier_rank);
	178
	179	$company_type = explode("\n", str_replace("\r\n", "\n", $_CFG['company_type']));
	180	$smarty->assign('company_type', $company_type);
	181
	182	$smarty->assign('user_id', $_SESSION['user_id']);
	183	$smarty->assign('mydomain', $ecs->url());
	184
	185	$smarty->display('user_transaction.dwt');
	186	}
	187
	188	function action_act_supplier_reg ()
	189	{
	190
	191	// 获取全局变量
	192	$_LANG = $GLOBALS['_LANG'];
	193	$smarty = $GLOBALS['smarty'];
	194	$db = $GLOBALS['db'];
	195	$ecs = $GLOBALS['ecs'];
	196	$user_id = $_SESSION['user_id'];
	197
	198	$supplier_name = isset($_POST['supplier_name']) ? trim($_POST['supplier_name']) : '';
	199	$rank_id = isset($_POST['rank_id']) ? intval($_POST['rank_id']) : 0;
	200	$company_name = isset($_POST['company_name']) ? trim($_POST['company_name']) : '';
	201	$country = isset($_POST['country']) ? intval($_POST['country']) : 1;
	202	$province = isset($_POST['province']) ? intval($_POST['province']) : 1;
	203	$city = isset($_POST['city']) ? intval($_POST['city']) : 1;
	204	$district = isset($_POST['district']) ? intval($_POST['district']) : 1;
	205	$country = isset($_POST['country']) ? intval($_POST['country']) : 1;
	206	$address = isset($_POST['address']) ? trim($_POST['address']) : '';
	207	$tel = isset($_POST['tel']) ? trim($_POST['tel']) : '';
	208	$guimo = isset($_POST['guimo']) ? trim($_POST['guimo']) : '';
	209	$email = isset($_POST['email']) ? trim($_POST['email']) : '';
	210	$company_type = isset($_POST['company_type']) ? trim($_POST['company_type']) : '';
	211	$bank = isset($_POST['bank']) ? trim($_POST['bank']) : '';
	212	$contact = isset($_POST['contact']) ? trim($_POST['contact']) : '';
	213	$contact_back = isset($_POST['contact_back']) ? trim($_POST['contact_back']) : '';
	214	$contact_shop = isset($_POST['contact_shop']) ? trim($_POST['contact_shop']) : '';
	215	$contact_yunying = isset($_POST['contact_yunying']) ? trim($_POST['contact_yunying']) : '';
	216	$contact_shouhou = isset($_POST['contact_shouhou']) ? trim($_POST['contact_shouhou']) : '';
	217	$contact_caiwu = isset($_POST['contact_caiwu']) ? trim($_POST['contact_caiwu']) : '';
	218	$contact_jishu = isset($_POST['contact_jishu']) ? trim($_POST['contact_jishu']) : '';
	219	$add_time = gmtime();
	220
	221	/* 图片上传处理 */
	222	$upload_size_limit = $_CFG['upload_size_limit'] == '-1' ? ini_get('upload_max_filesize') : $_CFG['upload_size_limit'];
	223
	224	$last_char = strtolower($upload_size_limit{strlen($upload_size_limit) - 1});
	225	switch($last_char)
	226	{
	227	case 'm':
	228	$upload_size_limit = 1024 1024;
	229	break;
	230	case 'k':
	231	$upload_size_limit *= 1024;
	232	break;
	233	}
	234	if(isset($_FILES['zhizhao']) && $_FILES['zhizhao']['tmp_name'] != '' && isset($_FILES['zhizhao']['tmp_name']) && $_FILES['zhizhao']['tmp_name'] != 'none')
	235	{
	236	if($_FILES['zhizhao']['size'] / 1024 > $upload_size_limit)
	237	{
	238	$err->add(sprintf($_LANG['upload_file_limit'], $upload_size_limit));
	239	$err->show($_LANG['back_up_page']);
	240	}
	241	$zhizhao_img = upload_file($_FILES['zhizhao'], 'supplier');
	242	if($zhizhao_img === false)
	243	{
	244	$err->add('业执照图片上传失败！');
	245	$err->show($_LANG['back_up_page']);
	246	}
	247	else
	248	{
	249	$sql_img = "zhizhao='$zhizhao_img',";
	250	}
	251	}
	252	if(isset($_FILES['id_card']) && $_FILES['id_card']['tmp_name'] != '' && isset($_FILES['id_card']['tmp_name']) && $_FILES['id_card']['tmp_name'] != 'none')
	253	{
	254	if($_FILES['id_card']['size'] / 1024 > $upload_size_limit)
	255	{
	256	$err->add(sprintf($_LANG['upload_file_limit'], $upload_size_limit));
	257	$err->show($_LANG['back_up_page']);
	258	}
	259	$id_card_img = upload_file($_FILES['id_card'], 'supplier');
	260	if($id_card_img === false)
	261	{
	262	$err->add('身份证图片上传失败！');
	263	$err->show($_LANG['back_up_page']);
	264	}
	265	else
	266	{
	267	$sql_img .= "id_card='$id_card_img', ";
	268	}
	269	}
	270
	271	$sql = "select supplier_id from " . $ecs->table('supplier') . " where user_id='$user_id' ";
	272	$supplier_id = $db->getOne($sql);
	273
	274	if($supplier_id)
	275	{
	276	$mes = '供货商申请修改成功，已经重新进入审核流程，请留意审核结果！';
	277	$sql = "update " . $ecs->table('supplier') . " set supplier_name='$supplier_name', rank_id='$rank_id', company_name='$company_name', " . "country='$country', province='$province', city='$city', district='$district', address='$address', tel='$tel', guimo='$guimo', email='$email', " . "company_type='$company_type', bank='$bank', " . $sql_img . " contact='$contact', contact_back='$contact_back', contact_shop='$contact_shop', contact_yunying='$contact_yunying', contact_shouhou='$contact_shouhou', contact_caiwu='$contact_caiwu', contact_jishu='$contact_jishu'," . "status='0' " . " where supplier_id='$supplier_id' ";
	278	}
	279	else
	280	{
	281	$mes = '供货商申请提交成功，已经进入审核流程，请留意审核结果！';
	282	$sql = "insert into " . $ecs->table('supplier') . "(user_id, supplier_name, rank_id, company_name, country, province, city, district, address, tel, guimo, email," . "company_type, bank, zhizhao, id_card, contact, contact_back, contact_shop, contact_yunying, contact_shouhou, contact_caiwu, contact_jishu, add_time) " . " values('$user_id', '$supplier_name', '$rank_id', '$company_name', '$country', '$province', '$city', '$district', '$address', '$tel', '$guimo', '$email', " . "'$company_type', '$bank', '$zhizhao_img', '$id_card_img', '$contact', '$contact_back', '$contact_shop', '$contact_yunying', '$contact_shouhou', '$contact_caiwu', '$contact_jishu', '$add_time')";
	283	}
	284	$db->query($sql);
	285	show_message($mes, '返回上一页', 'user.php?act=supplier_reg', 'info');
	286	}
	287
	288	function action_act_supplier_del ()
	289	{
	290
	291	// 获取全局变量
	292	$_LANG = $GLOBALS['_LANG'];
	293	$smarty = $GLOBALS['smarty'];
	294	$db = $GLOBALS['db'];
	295	$ecs = $GLOBALS['ecs'];
	296	$user_id = $_SESSION['user_id'];
	297
	298	$userid = isset($_POST['user_id']) ? intval($_POST['user_id']) : 0;
	299	$supid = isset($_POST['supid']) ? intval($_POST['supid']) : 0;
	300	if(empty($userid) \|\| empty($supid))
	301	{
	302	show_message('请刷新页面，重新操作！', '返回上一页', 'user.php?act=supplier_reg', 'wrong');
	303	}
	304	if($userid != $user_id)
	305	{
	306	show_message('你没权限删除此申请！', '返回首页', '', 'wrong');
	307	}
	308	$sql = "select supplier_id from " . $ecs->table('supplier') . " where user_id='$user_id'";
	309	$supplier_id = $db->getOne($sql);
	310	if($supid != $supplier_id)
	311	{
	312	show_message('你没权限删除此申请！', '返回首页', '', 'wrong');
	313	}
	314	$sql = "delete from " . $ecs->table('supplier') . " where supplier_id=" . $supplier_id;
	315	$db->query($sql);
	316	show_message('操作成功！', '返回上一页', 'user.php', 'info');
	317	}
	318
	319	// 用户中心欢迎页
	320	function action_default ()
	321	{
	322
	323	// 获取全局变量
	324	/* 代码增加 By Start */
	325	$_CFG = $GLOBALS['_CFG'];
	326	/* 代码增加 By End */
	327	$_LANG = $GLOBALS['_LANG'];
	328	$smarty = $GLOBALS['smarty'];
	329	$db = $GLOBALS['db'];
	330	$ecs = $GLOBALS['ecs'];
	331	$user_id = $_SESSION['user_id'];
	332	/* 代码注释 by _star 路由前已调用会员信息，去掉重复调用*/
	333	$rank = get_rank_info();
	334	/* include_once (ROOT_PATH . 'includes/lib_clips.php');
	335	if($rank = get_rank_info())
	336	{
	337	$smarty->assign('rank_name', $rank['rank_name']);
	338	if(! empty($rank['next_rank_name']))
	339	{
	340	$smarty->assign('next_rank_name', sprintf($_LANG['next_level'], $rank['next_rank'], $rank['next_rank_name']));
	341	}
	342	} */
	343	/* 代码注释 by _end */
	344
	345	/* 代码增加2014-12-23 by _star */
	346	$min_time = gmtime() - 86400 * $_CFG['comment_youxiaoqi'];
	347	$num_comment = $db->getOne("SELECT COUNT(*) AS num FROM " . $ecs->table('order_goods') . " AS og
	348	LEFT JOIN " . $ecs->table('order_info') . " AS o ON og.order_id=o.order_id
	349	WHERE o.user_id = '$user_id' AND og.is_back = 0 AND og.comment_state = 0 AND o.shipping_time_end > $min_time");
	350	$smarty->assign('num_comment', $num_comment);
	351	$smarty->assign('is_identity', $_CFG['identity']);
	352	/* 代码增加2014-12-23 by _end */
	353	/* 代码增加--cb--推荐分成-- by _star */
	354	$rn = $rank['rank_name'];
	355	$recomm = $db->getOne("SELECT is_recomm FROM " . $GLOBALS['ecs']->table('user_rank') . " WHERE rank_name= '$rn'");
	356
	357	$smarty->assign('recomm', $recomm); // 获取当前用户是否是分成用户判断是否显示我的推荐
	358	/* 代码增加--cb--推荐分成-- by _end */
	359
	360	$smarty->assign('info', get_user_default($user_id)); // 获取用户中心默认页面所需的数据
	361	$smarty->assign('gouwuche', get_user_gouwuche($user_id)); // 获取当前用户购物车里面的数据
	362	$smarty->assign('jifen', get_user_jifen()); // 获取当前积分商城里面的数据
	363	$smarty->assign('collection', get_user_collection($user_id)); // 获取用户收藏的商品
	364	$smarty->assign('guanzhu', get_user_guanzhu($user_id)); // 获取用户关注的店铺
	365	$smarty->assign('mai', get_user_mai($user_id)); // 获取用户购买过的商品
	366	$smarty->assign('reminding', get_user_reminding($user_id)); // 获取当前用户的交易记录
	367	$smarty->assign('shu', get_user_shu($user_id)); // 获取当前用户的交易记录
	368	// print_r(get_user_reminding($user_id));
	369	/* 代码修改 By Start */
	370	// $smarty->assign('user_notice', $_CFG['user_notice']);
	371	$user_notice = $db->getOne(
	372	'SELECT value FROM ' . $ecs->table('shop_config') . " WHERE code = 'user_notice'"
	373	);
	374	$smarty->assign('user_notice', $user_notice);
	375	/* 代码修改 By End */
	376
	377	$smarty->assign('prompt', get_user_prompt($user_id)); // 获取用户参与活动信息
	378	$smarty->display('user_clips.dwt');
	379	}
	380
	381	function action_getverifycode ()
	382	{
	383
	384	// 获取全局变量
	385	$_CFG = $GLOBALS['_CFG'];
	386	$_LANG = $GLOBALS['_LANG'];
	387	$smarty = $GLOBALS['smarty'];
	388	$db = $GLOBALS['db'];
	389	$ecs = $GLOBALS['ecs'];
	390	$user_id = $_SESSION['user_id'];
	391
	392	require (dirname(__FILE__) . '/send.php');
	393	$phone = trim($_GET['mobile']);
	394	$u_name = trim($_GET['u_name']);
	395
	396	/* 获取验证码请求是否获取过 */
	397	$sql = "SELECT COUNT(id) FROM " . $ecs->table('verifycode') . " WHERE status=1 AND getip='" . real_ip() . "' AND dateline>'" . gmtime() . "'-" . "60";
	398
	399	if($db->getOne($sql) > 0)
	400	{
	401	echo 'false';
	402	}
	403
	404	$sql = "select count(*) from " . $GLOBALS['ecs']->table('users') . " where user_name = '$u_name' and mobile_phone = '$phone'";
	405	$count = $GLOBALS['db']->getOne($sql);
	406	if($count == 0)
	407	{
	408	echo 'false';
	409	}
	410
	411	$shuzi = "0123456789";
	412	$verifycode = mc_random(6, $shuzi);
	413
	414	$content = '您的验证码为' . $verifycode . '';
	415	/* 发送注册手机短信验证 */
	416	$ret = sendSMS($phone, $content);
	417
	418	$db->query("delete from " . $ecs->table('verifycode') . " where mobile='$phone'");
	419
	420	// 插入获取验证码数据记录
	421	$sql = "INSERT INTO " . $ecs->table('verifycode') . "(mobile, getip, verifycode, dateline) VALUES ('" . $phone . "', '" . real_ip() . "', '$verifycode', '" . gmtime() . "')";
	422	$db->query($sql);
	423
	424	echo 'ok';
	425	/* 代码增加2014-12-23 by _end */
	426	}
	427	// 第三方登录接口
	428	function action_oath ()
	429	{
	430
	431	// 获取全局变量
	432	$_CFG = $GLOBALS['_CFG'];
	433	$_LANG = $GLOBALS['_LANG'];
	434	$smarty = $GLOBALS['smarty'];
	435	$db = $GLOBALS['db'];
	436	$ecs = $GLOBALS['ecs'];
	437	$user_id = $_SESSION['user_id'];
	438
	439	$type = empty($_REQUEST['type']) ? '' : $_REQUEST['type'];
	440
	441	if($type == "taobao")
	442	{
	443	header("location:includes/website/tb_index.php");
	444	exit();
	445	}
	446
	447	include_once (ROOT_PATH . 'includes/website/jntoo.php');
	448
	449	$c = &website($type);
	450
	451	if($c)
	452	{
	453	if(empty($_REQUEST['callblock']))
	454	{
	455	if(empty($_REQUEST['callblock']) && isset($GLOBALS['_SERVER']['HTTP_REFERER']))
	456	{
	457	$back_act = strpos($GLOBALS['_SERVER']['HTTP_REFERER'], 'user.php') ? 'index.php' : $GLOBALS['_SERVER']['HTTP_REFERER'];
	458	}
	459	else
	460	{
	461	$back_act = 'index.php';
	462	}
	463	}
	464	else
	465	{
	466	$back_act = trim($_REQUEST['callblock']);
	467	}
	468
	469	if($back_act[4] != ':')
	470	$back_act = $ecs->url() . $back_act;
	471	$open = empty($_REQUEST['open']) ? 0 : intval($_REQUEST['open']);
	472
	473	$url = $ecs->url() . 'user.php?act=oath_login&type=' . $type . '&callblock=' . urlencode($back_act) . '&open=' . $open;
	474
	475	$url = $c->login($url);
	476
	477	if(! $url)
	478	{
	479	show_message($c->get_error(), '首页', $ecs->url(), 'error');
	480	}
	481	header('Location: ' . $url);
	482	}
	483	else
	484	{
	485	show_message('服务器尚未注册该插件！', '首页', $ecs->url(), 'error');
	486	}
	487	}
	488
	489	// 处理第三方登录接口
	490	function action_oath_login ()
	491	{
	492
	493	// 获取全局变量
	494	$user = $GLOBALS['user'];
	495	$_CFG = $GLOBALS['_CFG'];
	496	$_LANG = $GLOBALS['_LANG'];
	497	$smarty = $GLOBALS['smarty'];
	498	$db = $GLOBALS['db'];
	499	$ecs = $GLOBALS['ecs'];
	500	$user_id = $_SESSION['user_id'];
	501
	502	$type = empty($_REQUEST['type']) ? '' : $_REQUEST['type'];
	503
	504	include_once (ROOT_PATH . 'includes/website/jntoo.php');
	505	$c = &website($type);
	506	if($c)
	507	{
	508	$access = $c->getAccessToken();
	509	if(! $access)
	510	{
	511	show_message($c->get_error(), '首页', $ecs->url(), 'error');
	512	}
	513	$c->setAccessToken($access);
	514	$info = $c->getMessage();
	515	if(! $info)
	516	{
	517	show_message($c->get_error(), '首页', $ecs->url(), 'error', false);
	518	}
	519	if(! $info['user_id'])
	520	show_message($c->get_error(), '首页', $ecs->url(), 'error', false);
	521
	522	$info_user_id = $type . '_' . $info['user_id']; // 加个标识！！！防止其他的标识一样 //
	523	// 以后的ID 标识将以这种形式辨认
	524	$info['name'] = str_replace("'", "", $info['name']); // 过滤掉逗号不然出错很难处理
	525	if(! $info['user_id'])
	526	show_message($c->get_error(), '首页', $ecs->url(), 'error', false);
	527
	528	$sql = 'SELECT user_name,password,aite_id FROM ' . $ecs->table('users') . ' WHERE aite_id = \'' . $info_user_id . '\' OR aite_id=\'' . $info['user_id'] . '\'';
	529
	530	$count = $db->getRow($sql);
	531	if(! $count) // 没有当前数据
	532	{
	533	if($user->check_user($info['name'])) // 重名处理
	534	{
	535	$info['name'] = $info['name'] . '_' . $type . (rand(10000, 99999));
	536	}
	537	$user_pass = $user->compile_password(array(
	538	'password' => $info['user_id']
	539	));
	540	$sql = 'INSERT INTO ' . $ecs->table('users') . '(user_name , password, aite_id , sex , reg_time , user_rank , is_validated) VALUES ' . "('$info[name]' , '$user_pass' , '$info_user_id' , '$info[sex]' , '" . gmtime() . "' , '$info[rank_id]' , '1')";
	541	$db->query($sql);
	542	}
	543	else
	544	{
	545	$sql = '';
	546	if($count['aite_id'] == $info['user_id'])
	547	{
	548	$sql = 'UPDATE ' . $ecs->table('users') . " SET aite_id = '$info_user_id' WHERE aite_id = '$count[aite_id]'";
	549	$db->query($sql);
	550	}
	551	if($info['name'] != $count['user_name']) // 这段可删除
	552	{
	553	if($user->check_user($info['name'])) // 重名处理
	554	{
	555	$info['name'] = $info['name'] . '_' . $type . (rand() * 1000);
	556	}
	557	$sql = 'UPDATE ' . $ecs->table('users') . " SET user_name = '$info[name]' WHERE aite_id = '$info_user_id'";
	558	$db->query($sql);
	559	}
	560	}
	561	$user->set_session($info['name']);
	562	$user->set_cookie($info['name']);
	563	update_user_info();
	564	recalculate_price();
	565
	566	if(! empty($_REQUEST['open']))
	567	{
	568	die('<script>window.opener.window.location.reload(); window.close();</script>');
	569	}
	570	else
	571	{
	572	ecs_header('Location: ' . $_REQUEST['callblock']);
	573	}
	574	}
	575	}
	576
	577	// 处理其它登录接口
	578	function action_other_login ()
	579	{
	580
	581	// 获取全局变量
	582	$user = $GLOBALS['user'];
	583	$_CFG = $GLOBALS['_CFG'];
	584	$_LANG = $GLOBALS['_LANG'];
	585	$smarty = $GLOBALS['smarty'];
	586	$db = $GLOBALS['db'];
	587	$ecs = $GLOBALS['ecs'];
	588	$user_id = $_SESSION['user_id'];
	589
	590	$type = empty($_REQUEST['type']) ? '' : $_REQUEST['type'];
	591	// session_start();
	592	$info = $_SESSION['user_info'];
	593
	594	if(empty($info))
	595	{
	596	show_message("非法访问或请求超时！", '首页', $ecs->url(), 'error', false);
	597	}
	598	if(! $info['user_id'])
	599	show_message("非法访问或访问出错，请联系管理员！", '首页', $ecs->url(), 'error', false);
	600
	601	$info_user_id = $type . '_' . $info['user_id']; // 加个标识！！！防止其他的标识一样 //
	602	// 以后的ID
	603	// 标识将以这种形式辨认
	604	$info['name'] = str_replace("'", "", $info['name']); // 过滤掉逗号不然出错很难处理
	605
	606	$sql = 'SELECT user_name,password,aite_id FROM ' . $ecs->table('users') . ' WHERE aite_id = \'' . $info_user_id . '\' OR aite_id=\'' . $info['user_id'] . '\'';
	607
	608	$count = $db->getRow($sql);
	609	$login_name = $info['name'];
	610	if(! $count) // 没有当前数据
	611	{
	612	if($user->check_user($info['name'])) // 重名处理
	613	{
	614	$info['name'] = $info['name'] . '_' . $type . (rand() * 1000);
	615	}
	616	$login_name = $info['name'];
	617	$user_pass = $user->compile_password(array(
	618	'password' => $info['user_id']
	619	));
	620	$sql = 'INSERT INTO ' . $ecs->table('users') . '(user_name , password, aite_id , sex , reg_time , user_rank , is_validated) VALUES ' . "('$info[name]' , '$user_pass' , '$info_user_id' , '$info[sex]' , '" . gmtime() . "' , '$info[rank_id]' , '1')";
	621	$db->query($sql);
	622	}
	623	else
	624	{
	625	$login_name = $count['user_name'];
	626	$sql = '';
	627	if($count['aite_id'] == $info['user_id'])
	628	{
	629	$sql = 'UPDATE ' . $ecs->table('users') . " SET aite_id = '$info_user_id' WHERE aite_id = '$count[aite_id]'";
	630	$db->query($sql);
	631	}
	632	}
	633
	634	$user->set_session($login_name);
	635	$user->set_cookie($login_name);
	636	update_user_info();
	637	recalculate_price();
	638
	639	$redirect_url = "http://" . $_SERVER["HTTP_HOST"] . str_replace("user.php", "index.php", $_SERVER["REQUEST_URI"]);
	640	header('Location: ' . $redirect_url);
	641	}
	642
	643	/* 验证用户注册邮件 */
	644	function action_validate_email ()
	645	{
	646
	647	// 获取全局变量
	648	$user = $GLOBALS['user'];
	649	$_CFG = $GLOBALS['_CFG'];
	650	$_LANG = $GLOBALS['_LANG'];
	651	$smarty = $GLOBALS['smarty'];
	652	$db = $GLOBALS['db'];
	653	$ecs = $GLOBALS['ecs'];
	654	$user_id = $_SESSION['user_id'];
	655
	656	$hash = empty($_GET['hash']) ? '' : trim($_GET['hash']);
	657	if($hash)
	658	{
	659	include_once (ROOT_PATH . 'includes/lib_passport.php');
	660	$id = register_hash('decode', $hash);
	661	if($id > 0)
	662	{
	663	$sql = "UPDATE " . $ecs->table('users') . " SET is_validated = 1 WHERE user_id='$id'";
	664	$db->query($sql);
	665	$sql = 'SELECT user_name, email FROM ' . $ecs->table('users') . " WHERE user_id = '$id'";
	666	$row = $db->getRow($sql);
	667	show_message(sprintf($_LANG['validate_ok'], $row['user_name'], $row['email']), $_LANG['profile_lnk'], 'user.php');
	668	}
	669	}
	670	show_message($_LANG['validate_fail']);
	671	}
	672
	673	/* 代码增加2014-12-23 by _star */
	674	function action_check_username ()
	675	{
	676	// 获取全局变量
	677	$user = $GLOBALS['user'];
	678	$_CFG = $GLOBALS['_CFG'];
	679	$_LANG = $GLOBALS['_LANG'];
	680	$smarty = $GLOBALS['smarty'];
	681	$db = $GLOBALS['db'];
	682	$ecs = $GLOBALS['ecs'];
	683	$user_id = $_SESSION['user_id'];
	684
	685	$username = trim($_GET['username']);
	686	$username = json_str_iconv($username);
	687	$sql = 'SELECT COUNT(*) FROM ' . $GLOBALS['ecs']->table('users') . " WHERE user_name = '$username' AND user_id <> '$_SESSION[user_id]'";
	688	$is_exist = $GLOBALS['db']->getOne($sql);
	689	echo $is_exist;
	690	// $sql = "select user_name from " . $GLOBALS['ecs']->table('users') . " where user_id = '" . $_SESSION['user_id'] . "'";
	691	// $u_name = $GLOBALS['db']->getOne($sql);
	692	// if($username == $u_name)
	693	// {
	694	// echo "true";
	695	// }
	696	// else
	697	// {
	698	// $sql = "select count(*) from " . $GLOBALS['ecs']->table('users') . " where user_name = '$username'";
	699	// $count = $GLOBALS['db']->getOne($sql);
	700	// if($count > 0)
	701	// {
	702	// echo "false";
	703	// }
	704	// else
	705	// {
	706	// echo "true";
	707	// }
	708	// }
	709	}
	710
	711	/* 代码增加2014-12-23 by _end */
	712	/* 验证用户注册用户名是否可以注册 */
	713	function action_is_registered ()
	714	{
	715
	716	// 获取全局变量
	717	$user = $GLOBALS['user'];
	718	$_CFG = $GLOBALS['_CFG'];
	719	$_LANG = $GLOBALS['_LANG'];
	720	$smarty = $GLOBALS['smarty'];
	721	$db = $GLOBALS['db'];
	722	$ecs = $GLOBALS['ecs'];
	723	$user_id = $_SESSION['user_id'];
	724
	725	include_once (ROOT_PATH . 'includes/lib_passport.php');
	726
	727	$username = trim($_GET['username']);
	728	$username = json_str_iconv($username);
	729
	730	if($user->check_user($username) \|\| admin_registered($username))
	731	{
	732	echo 'false';
	733	}
	734	else
	735	{
	736	echo 'true';
	737	}
	738	}
	739
	740	/**
	741	* 验证用户邮箱地址是否被注册
	742	* @return ok-可以注册 false-不可以注册
	743	*/
	744	function action_check_email ()
	745	{
	746	// 获取全局变量
	747	$user = $GLOBALS['user'];
	748	$_CFG = $GLOBALS['_CFG'];
	749	$_LANG = $GLOBALS['_LANG'];
	750	$smarty = $GLOBALS['smarty'];
	751	$db = $GLOBALS['db'];
	752	$ecs = $GLOBALS['ecs'];
	753	$user_id = $_SESSION['user_id'];
	754
	755	$email = trim($_REQUEST['email']);
	756	if($user->check_email($email))
	757	{
	758	echo 'false';
	759	}
	760	else
	761	{
	762	echo 'ok';
	763	}
	764	}
	765
	766	/* 验证用户输入的邮箱验证码是否正确 */
	767	function action_check_email_code ()
	768	{
	769
	770	// 获取全局变量
	771	$user = $GLOBALS['user'];
	772	$_CFG = $GLOBALS['_CFG'];
	773	$_LANG = $GLOBALS['_LANG'];
	774	$smarty = $GLOBALS['smarty'];
	775	$db = $GLOBALS['db'];
	776	$ecs = $GLOBALS['ecs'];
	777	$user_id = $_SESSION['user_id'];
	778
	779	$email = trim($_REQUEST['email']);
	780	$email_code = trim($_REQUEST['email_code']);
	781
	782	if(time() - $_SESSION['email_code_time'] > 30 * 60)
	783	{
	784	unset($_SESSION['email_code']);
	785	exit(json_encode(array(
	786	'msg' => '验证码超过30分钟，请重新发送。'
	787	)));
	788	}
	789	else
	790	{
	791	if($email != $_SESSION['email'] or $email_code != $_SESSION['email_code'])
	792	{
	793	exit(json_encode(array(
	794	'msg' => '邮箱验证码输入错误。'
	795	)));
	796	}
	797	else
	798	{
	799	exit(json_encode(array(
	800	'code' => '2'
	801	)));
	802	}
	803	}
	804	}
	805
	806	/* 验证手机号码是否被注册 */
	807	function action_check_mobile_phone ()
	808	{
	809
	810	// 获取全局变量
	811	$user = $GLOBALS['user'];
	812	$_CFG = $GLOBALS['_CFG'];
	813	$_LANG = $GLOBALS['_LANG'];
	814	$smarty = $GLOBALS['smarty'];
	815	$db = $GLOBALS['db'];
	816	$ecs = $GLOBALS['ecs'];
	817	$user_id = $_SESSION['user_id'];
	818
	819	$mobile_phone = trim($_REQUEST['mobile_phone']);
	820	if($user->check_mobile_phone($mobile_phone))
	821	{
	822	echo 'false';
	823	}
	824	else
	825	{
	826	echo 'ok';
	827	}
	828	}
	829
	830	/* 用户登录界面 */
	831	function action_login ()
	832	{
	833
	834	// 获取全局变量
	835	$user = $GLOBALS['user'];
	836	$_CFG = $GLOBALS['_CFG'];
	837	$_LANG = $GLOBALS['_LANG'];
	838	$smarty = $GLOBALS['smarty'];
	839	$db = $GLOBALS['db'];
	840	$ecs = $GLOBALS['ecs'];
	841	$user_id = $_SESSION['user_id'];
	842	$back_act = $GLOBALS['back_act'];
	843
	844	if(empty($back_act))
	845	{
	846	if(empty($back_act) && isset($GLOBALS['_SERVER']['HTTP_REFERER']))
	847	{
	848	$http_referer = $GLOBALS['_SERVER']['HTTP_REFERER'];
	849
	850	// 如果来自找回密码页面则跳转到首页
	851	if(strpos($http_referer, 'findPwd.php') != false)
	852	{
	853	$http_referer = './index.php';
	854	}
	855
	856	$back_act = strpos($GLOBALS['_SERVER']['HTTP_REFERER'], 'user.php') ? './index.php' : $http_referer;
	857	}
	858	else
	859	{
	860	$back_act = 'user.php';
	861	}
	862	}
	863
	864	$captcha = intval($_CFG['captcha']);
	865	if(($captcha & CAPTCHA_LOGIN) && (! ($captcha & CAPTCHA_LOGIN_FAIL) \|\| (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0)
	866	{
	867	$GLOBALS['smarty']->assign('enabled_captcha', 1);
	868	$GLOBALS['smarty']->assign('rand', mt_rand());
	869	}
	870
	871	$smarty->assign('back_act', $back_act);
	872	$smarty->display('user_passport.dwt');
	873	}
	874
	875	// 代码增加-- --侧边栏登录判断登录是否开启验证码
	876	function action_login_check_yzm ()
	877	{
	878
	879	// 获取全局变量
	880	$user = $GLOBALS['user'];
	881	$_CFG = $GLOBALS['_CFG'];
	882	$_LANG = $GLOBALS['_LANG'];
	883	$smarty = $GLOBALS['smarty'];
	884	$db = $GLOBALS['db'];
	885	$ecs = $GLOBALS['ecs'];
	886	$user_id = $_SESSION['user_id'];
	887
	888	include_once (ROOT_PATH . 'includes/cls_json.php');
	889	$json = new JSON();
	890	$result = array(
	891	'error' => 0, 'message' => '', 'islogin' => ''
	892	);
	893	$captcha = intval($_CFG['captcha']);
	894	if(empty($back_act))
	895	{
	896	if(empty($back_act) && isset($GLOBALS['_SERVER']['HTTP_REFERER']))
	897	{
	898	$back_act = strpos($GLOBALS['_SERVER']['HTTP_REFERER'], 'user.php') ? './index.php' : $GLOBALS['_SERVER']['HTTP_REFERER'];
	899	}
	900	else
	901	{
	902	$back_act = 'user.php';
	903	}
	904	}
	905	if(! $_SESSION['user_id'])
	906	{
	907	$result['islogin'] = 1;
	908	if(($captcha & CAPTCHA_LOGIN) && (! ($captcha & CAPTCHA_LOGIN_FAIL) \|\| (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0)
	909	{
	910	$result['error'] = 1;
	911	$result['message'] = $back_act;
	912	die($json->encode($result));
	913	}
	914	else
	915	{
	916	$result['error'] = 0;
	917	$result['message'] = $back_act;
	918	die($json->encode($result));
	919	}
	920	}
	921	else
	922	{
	923	$result['islogin'] = 0;
	924	die($json->encode($result));
	925	}
	926	}
	927	// 代码增加-- --侧边栏登录判断登录是否开启验证码
	928
	929	/* 处理会员的登录 */
	930	function action_act_login ()
	931	{
	932	//AXAJ 登陆修改
	933	include_once ('includes/cls_json.php');
	934	$json = new JSON();
	935
	936
	937	$result = array(
	938	'error' => 0, 'message' => '', 'url' => ''
	939	);
	940	//AXAJ 登陆修改
	941	// 获取全局变量
	942	$user = $GLOBALS['user'];
	943	$_CFG = $GLOBALS['_CFG'];
	944	$_LANG = $GLOBALS['_LANG'];
	945	$smarty = $GLOBALS['smarty'];
	946	$db = $GLOBALS['db'];
	947	$ecs = $GLOBALS['ecs'];
	948	$user_id = $_SESSION['user_id'];
	949
	950	$username = isset($_POST['username']) ? trim($_POST['username']) : '';
	951	$password = isset($_POST['password']) ? trim($_POST['password']) : '';
	952	$back_act = isset($_POST['back_act']) ? trim($_POST['back_act']) : '';
	953
	954	$captcha = intval($_CFG['captcha']);
	955	if(($captcha & CAPTCHA_LOGIN) && (! ($captcha & CAPTCHA_LOGIN_FAIL) \|\| (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0)
	956	{
	957	if(empty($_POST['captcha']))
	958	{
	959	$result['error'] = 1;
	960	$result['message'] ='验证码为空！';
	961	die($json->encode($result));
	962	//show_message($_LANG['invalid_captcha'], $_LANG['relogin_lnk'], 'user.php', 'error');
	963
	964	}
	965
	966	/* 检查验证码 */
	967	include_once ('includes/cls_captcha.php');
	968
	969	$validator = new captcha();
	970	$validator->session_word = 'captcha_login';
	971	if(! $validator->check_word($_POST['captcha']))
	972	{
	973	$result['error'] = 1;
	974	$result['message'] = $_LANG['invalid_captcha'];
	975
	976	die($json->encode($result));
	977	//show_message($_LANG['invalid_captcha'], $_LANG['relogin_lnk'], 'user.php', 'error');
	978	}
	979	}
	980	/* 代码增加2014-12-23 by _star */
	981	if(is_email($username))
	982	{
	983	$sql = "select user_name from " . $ecs->table('users') . " where email='" . $username . "'";
	984	$username_e = $db->getOne($sql);
	985	if($username_e)
	986	$username = $username_e;
	987	}
	988	if(is_telephone($username))
	989	{
	990	$sql = "select user_name from " . $ecs->table('users') . " where mobile_phone='" . $username . "'";
	991	$username_res = $db->query($sql);
	992	$kkk = 0;
	993	while($username_row = $db->fetchRow($username_res))
	994	{
	995	$username_e = $username_row['user_name'];
	996	$kkk = $kkk + 1;
	997	}
	998	if($kkk > 1)
	999	{
	1000	$result['error'] = 1;
	1001	$result['message'] = '本网站有多个会员ID绑定了和您相同的手机号，请使用其他登录方式，如：邮箱或用户名。';
	1002	die($json->encode($result));
	1003	//show_message('本网站有多个会员ID绑定了和您相同的手机号，请使用其他登录方式，如：邮箱或用户名。', $_LANG['relogin_lnk'], 'user.php', 'error');
	1004	}
	1005	if($username_e)
	1006	{
	1007	$username = $username_e;
	1008	}
	1009	}
	1010	/* 代码增加2014-12-23 by _end */
	1011	if($user->login($username, $password, isset($_POST['remember'])))
	1012	{
	1013	update_user_info();
	1014	recalculate_price();
	1015
	1016	if(strpos($back_act, 'findPwd.php') != false \|\| strpos($back_act, 'register.php') != false){
	1017	$back_act = 'index.php';
	1018	}
	1019
	1020	$ucdata = isset($user->ucdata) ? $user->ucdata : '';
	1021	$result['error'] = 0;
	1022	$result['message'] = '';
	1023	$result['url'] = $back_act;
	1024	die($json->encode($result));
	1025	//show_message($_LANG['login_success'] . $ucdata, array(
	1026	// $_LANG['back_up_page'], $_LANG['profile_lnk']
	1027	// ), array(
	1028	// $back_act, 'user.php'
	1029	// ), 'info');
	1030	}
	1031	else
	1032	{
	1033	$_SESSION['login_fail'];
	1034	$result['error'] = 1;
	1035	$result['message'] = $_LANG['login_failure'];
	1036	die($json->encode($result));
	1037	//show_message($_LANG['login_failure'], $_LANG['relogin_lnk'], 'user.php', 'error');
	1038	}
	1039	die($json->encode($result));
	1040	}
	1041
	1042	/* 代码增加2014-12-23 by _star */
	1043	function action_ch_email ()
	1044	{
	1045
	1046	// 获取全局变量
	1047	$user = $GLOBALS['user'];
	1048	$_CFG = $GLOBALS['_CFG'];
	1049	$_LANG = $GLOBALS['_LANG'];
	1050	$smarty = $GLOBALS['smarty'];
	1051	$db = $GLOBALS['db'];
	1052	$ecs = $GLOBALS['ecs'];
	1053	$user_id = $_SESSION['user_id'];
	1054
	1055	include_once ('includes/cls_json.php');
	1056	$json = new JSON();
	1057
	1058	$email = trim($_GET['email']);
	1059
	1060	$result = array(
	1061	'error' => 0, 'message' => ''
	1062	);
	1063	$sql = "select count(*) from " . $GLOBALS['ecs']->table('users') . " where email = '$email'";
	1064	$num = $GLOBALS['db']->getOne($sql);
	1065	if($num > 0)
	1066	{
	1067	$result['error'] = 1;
	1068	$result['message'] = '该邮箱已被使用，请更换其他邮箱！';
	1069	}
	1070	else
	1071	{
	1072	$tpl = get_mail_template('ch_email');
	1073	$run = "0123456789abcdefghijklmnopqrstuvwxyz";
	1074	$hash = mc_random(16, $run);
	1075	$v_email = $GLOBALS['ecs']->url() . 'user.php?act=ck_email&hash=' . $hash;
	1076
	1077	$smarty->assign('shop_name', $_CFG['shop_name']);
	1078	$smarty->assign('send_date', date($_CFG['time_format']));
	1079	$smarty->assign('user_name', '客户');
	1080	$smarty->assign('email', $v_email);
	1081	$content = $smarty->fetch('str:' . $tpl['template_content']);
	1082	$res = send_mail($_CFG['shop_name'], $email, $tpl['template_subject'], $content, $tpl['is_html']);
	1083	if($res == true)
	1084	{
	1085	$add_time = time();
	1086	$sql = "insert into " . $GLOBALS['ecs']->table('email') . "(`email`,`hash`,`add_time`,`user_id`) values('$email','$hash','$add_time',0)";
	1087	$GLOBALS['db']->query($sql);
	1088	$result['error'] = 0;
	1089	$result['message'] = '邮件已发送至邮箱内，请注意查收！';
	1090	}
	1091	else
	1092	{
	1093	$result['error'] = 2;
	1094	$result['message'] = '邮件发送失败！';
	1095	}
	1096	}
	1097	die($json->encode($result));
	1098	}
	1099
	1100	function action_ck_email ()
	1101	{
	1102
	1103	// 获取全局变量
	1104	$user = $GLOBALS['user'];
	1105	$_CFG = $GLOBALS['_CFG'];
	1106	$_LANG = $GLOBALS['_LANG'];
	1107	$smarty = $GLOBALS['smarty'];
	1108	$db = $GLOBALS['db'];
	1109	$ecs = $GLOBALS['ecs'];
	1110	$user_id = $_SESSION['user_id'];
	1111
	1112	$hash = empty($_REQUEST['hash']) ? '' : trim($_REQUEST['hash']);
	1113	$sql = "select * from " . $GLOBALS['ecs']->table('email') . " where hash = '$hash'";
	1114	$row = $GLOBALS['db']->getRow($sql);
	1115	$now_time = time();
	1116	if($now_time - $row['add_time'] > 24 * 60 * 60)
	1117	{
	1118	$sql = "delete from " . $GLOBALS['ecs']->table('email') . " where hash = '$hash'";
	1119	$GLOBALS['db']->query($sql);
	1120	show_message('验证邮件已发送超过24小时，请重新验证！');
	1121	}
	1122	else
	1123	{
	1124	$sql = "select count(*) from " . $GLOBALS['ecs']->table('email') . " where hash = '$hash'";
	1125	$count = $GLOBALS['db']->getOne($sql);
	1126	if($count > 0)
	1127	{
	1128	$_SESSION['tag'] = 1;
	1129	$sql = "delete from " . $GLOBALS['ecs']->table('email') . " where hash = '$hash'";
	1130	$GLOBALS['db']->query($sql);
	1131	show_message('验证成功，请继续注册！');
	1132	}
	1133	}
	1134	}
	1135
	1136	/* 代码增加2014-12-23 by _end */
	1137	/* 处理 ajax 的登录请求 */
	1138	function action_signin ()
	1139	{
	1140
	1141	// 获取全局变量
	1142	$user = $GLOBALS['user'];
	1143	$_CFG = $GLOBALS['_CFG'];
	1144	$_LANG = $GLOBALS['_LANG'];
	1145	$smarty = $GLOBALS['smarty'];
	1146	$db = $GLOBALS['db'];
	1147	$ecs = $GLOBALS['ecs'];
	1148	$user_id = $_SESSION['user_id'];
	1149
	1150	include_once ('includes/cls_json.php');
	1151	$json = new JSON();
	1152
	1153	$username = ! empty($_POST['username']) ? json_str_iconv(trim($_POST['username'])) : '';
	1154	$password = ! empty($_POST['password']) ? trim($_POST['password']) : '';
	1155	$captcha = ! empty($_POST['captcha']) ? json_str_iconv(trim($_POST['captcha'])) : '';
	1156	$result = array(
	1157	'error' => 0, 'content' => ''
	1158	);
	1159
	1160	$captcha = intval($_CFG['captcha']);
	1161	if(($captcha & CAPTCHA_LOGIN) && (! ($captcha & CAPTCHA_LOGIN_FAIL) \|\| (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0)
	1162	{
	1163	if(empty($captcha))
	1164	{
	1165	$result['error'] = 1;
	1166	$result['content'] = $_LANG['invalid_captcha'];
	1167	die($json->encode($result));
	1168	}
	1169
	1170	/* 检查验证码 */
	1171	include_once ('includes/cls_captcha.php');
	1172
	1173	$validator = new captcha();
	1174	$validator->session_word = 'captcha_login';
	1175	if(! $validator->check_word($_POST['captcha']))
	1176	{
	1177
	1178	$result['error'] = 1;
	1179	$result['content'] = $_LANG['invalid_captcha'];
	1180	die($json->encode($result));
	1181	}
	1182	}
	1183
	1184	if($user->login($username, $password))
	1185	{
	1186	update_user_info(); // 更新用户信息
	1187	recalculate_price(); // 重新计算购物车中的商品价格
	1188	$smarty->assign('user_info', get_user_info());
	1189	$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
	1190	$result['ucdata'] = $ucdata;
	1191	$result['content'] = $smarty->fetch('library/member_info.lbi');
	1192	}
	1193	else
	1194	{
	1195	$_SESSION['login_fail'] ++;
	1196	if($_SESSION['login_fail'] > 2)
	1197	{
	1198	$smarty->assign('enabled_captcha', 1);
	1199	$result['html'] = $smarty->fetch('library/member_info.lbi');
	1200	}
	1201	$result['error'] = 1;
	1202	$result['content'] = $_LANG['login_failure'];
	1203	}
	1204	die($json->encode($result));
	1205	}
	1206
	1207	/* 退出会员中心 */
	1208	function action_logout ()
	1209	{
	1210
	1211	// 获取全局变量
	1212	$user = $GLOBALS['user'];
	1213	$_CFG = $GLOBALS['_CFG'];
	1214	$_LANG = $GLOBALS['_LANG'];
	1215	$smarty = $GLOBALS['smarty'];
	1216	$db = $GLOBALS['db'];
	1217	$ecs = $GLOBALS['ecs'];
	1218	$user_id = $_SESSION['user_id'];
	1219
	1220	if((! isset($back_act) \|\| empty($back_act)) && isset($GLOBALS['_SERVER']['HTTP_REFERER']))
	1221	{
	1222	$back_act = strpos($GLOBALS['_SERVER']['HTTP_REFERER'], 'user.php') ? './index.php' : $GLOBALS['_SERVER']['HTTP_REFERER'];
	1223	}
	1224
	1225	$user->logout();
	1226	$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
	1227	show_message($_LANG['logout'] . $ucdata, array(
	1228	$_LANG['back_up_page'], $_LANG['back_home_lnk']
	1229	), array(
	1230	$back_act, 'index.php'
	1231	), 'info');
	1232	}
	1233
	1234	/* 个人资料页面 */
	1235	function action_profile ()
	1236	{
	1237
	1238	// 获取全局变量
	1239	$user = $GLOBALS['user'];
	1240	$_CFG = $GLOBALS['_CFG'];
	1241	$_LANG = $GLOBALS['_LANG'];
	1242	$smarty = $GLOBALS['smarty'];
	1243	$db = $GLOBALS['db'];
	1244	$ecs = $GLOBALS['ecs'];
	1245	$user_id = $_SESSION['user_id'];
	1246	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	1247	/* 代码增加2014-12-23 by _star */
	1248	include_once (ROOT_PATH . 'languages/' . $_CFG['lang'] . '/shopping_flow.php');
	1249	$smarty->assign('lang', $_LANG);
	1250
	1251	$smarty->assign('country_list', get_regions());
	1252	/* 代码增加2014-12-23 by _end */
	1253	$user_info = get_profile($user_id);
	1254	/* 代码增加2014-12-23 by _star */
	1255	$province_list = get_regions(1, $user_info['country']);
	1256	$city_list = get_regions(2, $user_info['province']);
	1257	$district_list = get_regions(3, $user_info['city']);
	1258
	1259	$smarty->assign('province_list', $province_list);
	1260	$smarty->assign('city_list', $city_list);
	1261	$smarty->assign('district_list', $district_list);
	1262	/* 代码增加2014-12-23 by _end */
	1263	$user_info = get_profile($user_id);
	1264
	1265	/* 取出注册扩展字段 */
	1266	$sql = 'SELECT * FROM ' . $ecs->table('reg_fields') . ' WHERE type < 2 AND display = 1 ORDER BY dis_order, id';
	1267	$extend_info_list = $db->getAll($sql);
	1268
	1269	$sql = 'SELECT reg_field_id, content ' . 'FROM ' . $ecs->table('reg_extend_info') . " WHERE user_id = $user_id";
	1270	$extend_info_arr = $db->getAll($sql);
	1271
	1272	$temp_arr = array();
	1273	foreach($extend_info_arr as $val)
	1274	{
	1275	$temp_arr[$val['reg_field_id']] = $val['content'];
	1276	}
	1277
	1278	foreach($extend_info_list as $key => $val)
	1279	{
	1280	switch($val['id'])
	1281	{
	1282	case 1:
	1283	$extend_info_list[$key]['content'] = $user_info['msn'];
	1284	break;
	1285	case 2:
	1286	$extend_info_list[$key]['content'] = $user_info['qq'];
	1287	break;
	1288	case 3:
	1289	$extend_info_list[$key]['content'] = $user_info['office_phone'];
	1290	break;
	1291	case 4:
	1292	$extend_info_list[$key]['content'] = $user_info['home_phone'];
	1293	break;
	1294	case 5:
	1295	$extend_info_list[$key]['content'] = $user_info['mobile_phone'];
	1296	break;
	1297	default:
	1298	$extend_info_list[$key]['content'] = empty($temp_arr[$val['id']]) ? '' : $temp_arr[$val['id']];
	1299	}
	1300	}
	1301
	1302	$smarty->assign('extend_info_list', $extend_info_list);
	1303
	1304	/* 密码提示问题 */
	1305	$smarty->assign('passwd_questions', $_LANG['passwd_questions']);
	1306
	1307	$smarty->assign('profile', $user_info);
	1308	$smarty->display('user_transaction.dwt');
	1309	}
	1310
	1311	/* 修改个人资料的处理 */
	1312	function action_act_edit_profile ()
	1313	{
	1314
	1315	// 获取全局变量
	1316	$user = $GLOBALS['user'];
	1317	$_CFG = $GLOBALS['_CFG'];
	1318	$_LANG = $GLOBALS['_LANG'];
	1319	$smarty = $GLOBALS['smarty'];
	1320	$db = $GLOBALS['db'];
	1321	$ecs = $GLOBALS['ecs'];
	1322	$user_id = $_SESSION['user_id'];
	1323
	1324	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	1325
	1326	$birthday = trim($_POST['birthdayYear']) . '-' . trim($_POST['birthdayMonth']) . '-' . trim($_POST['birthdayDay']);
	1327	$email = trim($_POST['email']);
	1328	$other['msn'] = $msn = isset($_POST['extend_field1']) ? trim($_POST['extend_field1']) : '';
	1329	$other['qq'] = $qq = isset($_POST['extend_field2']) ? trim($_POST['extend_field2']) : '';
	1330	$other['office_phone'] = $office_phone = isset($_POST['extend_field3']) ? trim($_POST['extend_field3']) : '';
	1331	$other['home_phone'] = $home_phone = isset($_POST['extend_field4']) ? trim($_POST['extend_field4']) : '';
	1332	// $other['mobile_phone'] = $mobile_phone = isset($_POST['extend_field5']) ?
	1333	// trim($_POST['extend_field5']) : '';
	1334	$sel_question = empty($_POST['sel_question']) ? '' : compile_str($_POST['sel_question']);
	1335	$passwd_answer = isset($_POST['passwd_answer']) ? compile_str(trim($_POST['passwd_answer'])) : '';
	1336	/* 代码增加2014-12-23 by _star */
	1337	$username = trim($_POST['username']);
	1338	/* 代码增加2014-12-23 by _end */
	1339
	1340	/* 更新用户扩展字段的数据 */
	1341	$sql = 'SELECT id FROM ' . $ecs->table('reg_fields') . ' WHERE type = 0 AND display = 1 ORDER BY dis_order, id'; // 读出所有扩展字段的id
	1342	$fields_arr = $db->getAll($sql);
	1343
	1344	foreach($fields_arr as $val) // 循环更新扩展用户信息
	1345	{
	1346	$extend_field_index = 'extend_field' . $val['id'];
	1347	if(isset($_POST[$extend_field_index]))
	1348	{
	1349	$temp_field_content = strlen($_POST[$extend_field_index]) > 100 ? mb_substr(htmlspecialchars($_POST[$extend_field_index]), 0, 99) : htmlspecialchars($_POST[$extend_field_index]);
	1350	$sql = 'SELECT * FROM ' . $ecs->table('reg_extend_info') . " WHERE reg_field_id = '$val[id]' AND user_id = '$user_id'";
	1351	if($db->getOne($sql)) // 如果之前没有记录，则插入
	1352	{
	1353	$sql = 'UPDATE ' . $ecs->table('reg_extend_info') . " SET content = '$temp_field_content' WHERE reg_field_id = '$val[id]' AND user_id = '$user_id'";
	1354	}
	1355	else
	1356	{
	1357	$sql = 'INSERT INTO ' . $ecs->table('reg_extend_info') . " (`user_id`, `reg_field_id`, `content`) VALUES ('$user_id', '$val[id]', '$temp_field_content')";
	1358	}
	1359	$db->query($sql);
	1360	}
	1361	}
	1362
	1363	/* 写入密码提示问题和答案 */
	1364	if(! empty($passwd_answer) && ! empty($sel_question))
	1365	{
	1366	$sql = 'UPDATE ' . $ecs->table('users') . " SET `passwd_question`='$sel_question', `passwd_answer`='$passwd_answer' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
	1367	$db->query($sql);
	1368	}
	1369	/* 代码增加2014-12-23 by _star */
	1370	$sql = "select user_name from " . $GLOBALS['ecs']->table('users') . " where user_id = '" . $_SESSION['user_id'] . "'";
	1371	$u_name = $GLOBALS['db']->getOne($sql);
	1372	if($username != $u_name)
	1373	{
	1374	$sql = "select count(*) from " . $GLOBALS['ecs']->table('users') . " where user_name = '$username'";
	1375	$count = $GLOBALS['db']->getOne($sql);
	1376	if($count > 0)
	1377	{
	1378	show_message('用户名已经存在！');
	1379	}
	1380	if(! empty($username) && preg_match("/[\x7f-\xff]/", $username))
	1381	{
	1382
	1383	show_message("用户名存在中文");
	1384	}
	1385	/* 代码增加 By Start */
	1386	else if (empty($username))
	1387	{
	1388	show_message("用户名为空");
	1389	}
	1390	else if (!preg_match("/^[a-zA-Z0-9_]{1,}$/", $username))
	1391	{
	1392	show_message("用户名只能由字母数字下划线组成");
	1393	}
	1394	/* 代码增加 By End */
	1395
	1396	}
	1397	/* 代码增加2014-12-23 by _end */
	1398	if(! empty($office_phone) && ! preg_match('/^[\d\|\_\|\-\|\s]+$/', $office_phone))
	1399	{
	1400	show_message($_LANG['passport_js']['office_phone_invalid']);
	1401	}
	1402	if(! empty($home_phone) && ! preg_match('/^[\d\|\_\|\-\|\s]+$/', $home_phone))
	1403	{
	1404	show_message($_LANG['passport_js']['home_phone_invalid']);
	1405	}
	1406	// if(! is_email($email))
	1407	// {
	1408	// show_message($_LANG['msg_email_format']);
	1409	// }
	1410	if(! empty($msn) && ! is_email($msn))
	1411	{
	1412	show_message($_LANG['passport_js']['msn_invalid']);
	1413	}
	1414	if(! empty($qq) && ! preg_match('/^\d+$/', $qq))
	1415	{
	1416	show_message($_LANG['passport_js']['qq_invalid']);
	1417	}
	1418	// if(! empty($mobile_phone) && ! preg_match('/^[\d-\s]+$/', $mobile_phone))
	1419	// {
	1420	// show_message($_LANG['passport_js']['mobile_phone_invalid']);
	1421	// }
	1422
	1423	$other['user_name'] = $username;
	1424	// $profile = array(
	1425	// 'user_id' => $user_id,'email' => isset($_POST['email']) ?
	1426	// trim($_POST['email']) : '','sex' => isset($_POST['sex']) ?
	1427	// intval($_POST['sex']) : 0,'birthday' => $birthday,'other' =>
	1428	// isset($other) ? $other : array()
	1429	// );
	1430	$profile = array(
	1431	'user_id' => $user_id, 'user_name' => $username, 'sex' => isset($_POST['sex']) ? intval($_POST['sex']) : 0, 'birthday' => $birthday, 'other' => isset($other) ? $other : array()
	1432	);
	1433
	1434	if(edit_profile($profile))
	1435	{
	1436	show_message($_LANG['edit_profile_success'], $_LANG['profile_lnk'], 'user.php?act=profile', 'info');
	1437	}
	1438	else
	1439	{
	1440	if($user->error == ERR_EMAIL_EXISTS)
	1441	{
	1442	$msg = sprintf($_LANG['email_exist'], $profile['email']);
	1443	}
	1444	else
	1445	{
	1446	$msg = $_LANG['edit_profile_failed'];
	1447	}
	1448	show_message($msg, '', '', 'info');
	1449	}
	1450	}
	1451
	1452	/* 修改头像 */
	1453	function action_act_edit_img ()
	1454	{
	1455
	1456	// 获取全局变量
	1457	$user = $GLOBALS['user'];
	1458	$_CFG = $GLOBALS['_CFG'];
	1459	$_LANG = $GLOBALS['_LANG'];
	1460	$smarty = $GLOBALS['smarty'];
	1461	$db = $GLOBALS['db'];
	1462	$ecs = $GLOBALS['ecs'];
	1463	$user_id = $_SESSION['user_id'];
	1464
	1465	if($_FILES['headimg']['size'] == 0)
	1466	{
	1467	show_message("您没有选择要修改的头像图片！", $_LANG['profile_lnk'], 'user.php?act=profile', 'info');
	1468	}
	1469
	1470	/* 代码增加_start By */
	1471	include_once (ROOT_PATH . '/includes/cls_image.php');
	1472	$image = new cls_image($_CFG['bgcolor']);
	1473	$headimg_original = $image->upload_image($_FILES['headimg'], 'headimg/' . date('Ym'));
	1474
	1475	$thumb_path = DATA_DIR . '/headimg/' . date('Ym') . '/';
	1476	$headimg_thumb = $image->make_thumb($headimg_original, '120', '120', $thumb_path);
	1477	$headimg_thumb = $headimg_thumb ? $headimg_thumb : $headimg_original;
	1478	$sql = 'UPDATE ' . $ecs->table('users') . " SET `headimg`='$headimg_thumb' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
	1479	$db->query($sql);
	1480	$_SESSION['headimg'] = $headimg_thumb;
	1481	/* 代码增加_end By */
	1482	show_message($_LANG['edit_profile_success'], $_LANG['profile_lnk'], 'user.php?act=profile', 'info');
	1483	}
	1484
	1485	/* 代码增加2014-12-23 by _star */
	1486	function action_account_security ()
	1487	{
	1488
	1489	// 获取全局变量
	1490	$user = $GLOBALS['user'];
	1491	$_CFG = $GLOBALS['_CFG'];
	1492	$_LANG = $GLOBALS['_LANG'];
	1493	$smarty = $GLOBALS['smarty'];
	1494	$db = $GLOBALS['db'];
	1495	$ecs = $GLOBALS['ecs'];
	1496	$user_id = $_SESSION['user_id'];
	1497
	1498	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	1499
	1500	$user_info = get_profile($user_id);
	1501
	1502	$smarty->assign('info', $user_info);
	1503	$smarty->display('user_transaction.dwt');
	1504	}
	1505
	1506	function action_act_identity ()
	1507	{
	1508
	1509	// 获取全局变量
	1510	$user = $GLOBALS['user'];
	1511	$_CFG = $GLOBALS['_CFG'];
	1512	$_LANG = $GLOBALS['_LANG'];
	1513	$smarty = $GLOBALS['smarty'];
	1514	$db = $GLOBALS['db'];
	1515	$ecs = $GLOBALS['ecs'];
	1516	$user_id = $_SESSION['user_id'];
	1517
	1518	include_once (ROOT_PATH . '/includes/cls_image.php');
	1519	$image = new cls_image($_CFG['bgcolor']);
	1520	$real_name = $_POST['real_name'];
	1521	$card = $_POST['card'];
	1522	$country = $_POST['country'];
	1523	$province = $_POST['province'];
	1524	$city = $_POST['city'];
	1525	$district = $_POST['district'];
	1526	$address = $_POST['address'];
	1527	if(isset($_FILES['face_card']) && $_FILES['face_card']['tmp_name'] != '')
	1528	{
	1529	if($_FILES['face_card']['width'] > 800)
	1530	{
	1531	show_message('图片宽度不能超过800像素！');
	1532	}
	1533	if($_FILES['face_card']['height'] > 800)
	1534	{
	1535	show_message('图片高度不能超过800像素！');
	1536	}
	1537	$face_card = $image->upload_image($_FILES['face_card']);
	1538	if($face_card === false)
	1539	{
	1540	show_message($image->error_msg());
	1541	}
	1542	}
	1543	if(isset($_FILES['back_card']) && $_FILES['back_card']['tmp_name'] != '')
	1544	{
	1545	if($_FILES['back_card']['width'] > 800)
	1546	{
	1547	show_message('图片宽度不能超过800像素！');
	1548	}
	1549	if($_FILES['back_card']['height'] > 800)
	1550	{
	1551	show_message('图片高度不能超过800像素！');
	1552	}
	1553	$back_card = $image->upload_image($_FILES['back_card']);
	1554	if($back_card === false)
	1555	{
	1556	show_message($image->error_msg());
	1557	}
	1558	}
	1559
	1560	$sql = "select face_card,back_card from " . $GLOBALS['ecs']->table('users') . " where user_id = '" . $_SESSION['user_id'] . "'";
	1561	$rows = $GLOBALS['db']->getRow($sql);
	1562	if($rows['face_card'] == '')
	1563	{
	1564	if($face_card == '')
	1565	{
	1566	show_message('请上传身份证正面照！');
	1567	}
	1568	}
	1569
	1570	if($rows['back_card'] == '')
	1571	{
	1572	if($back_card == '')
	1573	{
	1574	show_message('请上传身份证背面照！');
	1575	}
	1576	}
	1577
	1578	$sql = 'update ' . $GLOBALS['ecs']->table('users') . " set real_name = '$real_name',card='$card',country='$country',province='$province',city='$city',district='$district',address='$address',status = '2'";
	1579	if($face_card != '')
	1580	{
	1581	$sql .= " ,face_card = '$face_card'";
	1582	}
	1583	if($back_card != '')
	1584	{
	1585	$sql .= " ,back_card = '$back_card'";
	1586	}
	1587	$sql .= " where user_id = '" . $_SESSION['user_id'] . "'";
	1588	$num = $GLOBALS['db']->query($sql);
	1589	if($num > 0)
	1590	{
	1591	show_message('您已申请实名认证，请等待管理员的审核！', '返回上一页', 'user.php?act=profile');
	1592	}
	1593	else
	1594	{
	1595	show_message('实名认证失败！', '返回上一页', 'user.php?act=profile');
	1596	}
	1597	}
	1598
	1599	function action_update_email ()
	1600	{
	1601
	1602	// 获取全局变量
	1603	$user = $GLOBALS['user'];
	1604	$_CFG = $GLOBALS['_CFG'];
	1605	$_LANG = $GLOBALS['_LANG'];
	1606	$smarty = $GLOBALS['smarty'];
	1607	$db = $GLOBALS['db'];
	1608	$ecs = $GLOBALS['ecs'];
	1609	$user_id = $_SESSION['user_id'];
	1610
	1611	$sql = "select email from " . $GLOBALS['ecs']->table('users') . " where user_id = '" . $_SESSION['user_id'] . "'";
	1612	$email = $GLOBALS['db']->getOne($sql);
	1613	$smarty->assign('email', $email);
	1614	$smarty->display('user_transaction.dwt');
	1615	}
	1616
	1617	function action_act_update_email ()
	1618	{
	1619
	1620	// 获取全局变量
	1621	$user = $GLOBALS['user'];
	1622	$_CFG = $GLOBALS['_CFG'];
	1623	$_LANG = $GLOBALS['_LANG'];
	1624	$smarty = $GLOBALS['smarty'];
	1625	$db = $GLOBALS['db'];
	1626	$ecs = $GLOBALS['ecs'];
	1627	$user_id = $_SESSION['user_id'];
	1628
	1629	include_once (ROOT_PATH . 'includes/lib_passport.php');
	1630	if(empty($_POST['v_captcha']))
	1631	{
	1632	show_message('验证码不能为空！', '返回', 'user.php?act=update_email', 'error');
	1633	}
	1634
	1635	/* 检查验证码 */
	1636	include_once ('includes/cls_captcha.php');
	1637
	1638	$validator = new captcha();
	1639	$validator->session_word = 'captcha_login';
	1640	if(! $validator->check_word($_POST['v_captcha']))
	1641	{
	1642	show_message($_LANG['invalid_captcha'], '返回', 'user.php?act=update_email', 'error');
	1643	}
	1644	else
	1645	{
	1646	$sql = "select email,user_name from " . $GLOBALS['ecs']->table('users') . " where user_id = '" . $_SESSION['user_id'] . "'";
	1647	$rows = $GLOBALS['db']->getRow($sql);
	1648	$tpl = get_mail_template('verify_mail');
	1649	$run = "0123456789abcdefghijklmnopqrstuvwxyz";
	1650	$hash = mc_random(16, $run);
	1651	$email = $GLOBALS['ecs']->url() . 'user.php?act=valid_email&hash=' . $hash;
	1652
	1653	$smarty->assign('shop_name', $_CFG['shop_name']);
	1654	$smarty->assign('send_date', date($_CFG['time_format']));
	1655	$smarty->assign('user_name', $rows['user_name']);
	1656	$smarty->assign('email', $email);
	1657	$smarty->assign('v_email', $rows['email']);
	1658	$content = $smarty->fetch('str:' . $tpl['template_content']);
	1659	$result = send_mail($_CFG['shop_name'], $rows['email'], $tpl['template_subject'], $content, $tpl['is_html']);
	1660	if($result == true)
	1661	{
	1662	$add_time = time();
	1663	$sql = "insert into " . $GLOBALS['ecs']->table('email') . "(`email`,`hash`,`add_time`,`user_id`) values('" . $rows['email'] . "','$hash','$add_time','" . $_SESSION['user_id'] . "')";
	1664	$GLOBALS['db']->query($sql);
	1665	$smarty->display('user_transaction.dwt');
	1666	}
	1667	else
	1668	{
	1669	show_message('邮件发送失败！');
	1670	}
	1671	}
	1672	}
	1673
	1674	function action_update_phone ()
	1675	{
	1676
	1677	// 获取全局变量
	1678	$user = $GLOBALS['user'];
	1679	$_CFG = $GLOBALS['_CFG'];
	1680	$_LANG = $GLOBALS['_LANG'];
	1681	$smarty = $GLOBALS['smarty'];
	1682	$db = $GLOBALS['db'];
	1683	$ecs = $GLOBALS['ecs'];
	1684	$user_id = $_SESSION['user_id'];
	1685
	1686	$sql = "select mobile_phone from " . $GLOBALS['ecs']->table('users') . " where user_id = '" . $_SESSION['user_id'] . "'";
	1687	$mobile_phone = $GLOBALS['db']->getOne($sql);
	1688	$smarty->assign('phone', $mobile_phone);
	1689	$smarty->display('user_transaction.dwt');
	1690	}
	1691
	1692	function action_act_update_phone ()
	1693	{
	1694
	1695	// 获取全局变量
	1696	$user = $GLOBALS['user'];
	1697	$_CFG = $GLOBALS['_CFG'];
	1698	$_LANG = $GLOBALS['_LANG'];
	1699	$smarty = $GLOBALS['smarty'];
	1700	$db = $GLOBALS['db'];
	1701	$ecs = $GLOBALS['ecs'];
	1702	$user_id = $_SESSION['user_id'];
	1703
	1704	$phone = isset($_POST['v_phone']) ? trim($_POST['v_phone']) : '';
	1705	$verifycode = isset($_POST['v_code']) ? trim($_POST['v_code']) : '';
	1706	if($phone == '')
	1707	{
	1708	show_message('手机号不能为空！');
	1709	}
	1710	else
	1711	{
	1712	if(is_telephone($phone))
	1713	{
	1714	if($verifycode == '')
	1715	{
	1716	show_message('手机验证码不能为空！');
	1717	}
	1718	else
	1719	{
	1720	/* 验证手机号验证码和IP */
	1721	$sql = "SELECT COUNT(id) FROM " . $ecs->table('verifycode') . " WHERE mobile='$phone' AND verifycode='$verifycode' AND getip='" . real_ip() . "' AND status=1 AND dateline>'" . gmtime() . "'-86400"; // 验证码一天内有效
	1722
	1723	if($db->getOne($sql) == 0)
	1724	{
	1725	show_message('手机号和验证码不匹配，请重新输入！');
	1726	}
	1727	else
	1728	{
	1729	ecs_header("Location: user.php?act=re_binding\n");
	1730	exit();
	1731	}
	1732	}
	1733	}
	1734	else
	1735	{
	1736	show_message('请输入正确的手机号！');
	1737	}
	1738	}
	1739	}
	1740
	1741	/* 密码找回-->输入用户名界面 */
	1742	function action_qpassword_name ()
	1743	{
	1744
	1745	// 获取全局变量
	1746	$user = $GLOBALS['user'];
	1747	$_CFG = $GLOBALS['_CFG'];
	1748	$_LANG = $GLOBALS['_LANG'];
	1749	$smarty = $GLOBALS['smarty'];
	1750	$db = $GLOBALS['db'];
	1751	$ecs = $GLOBALS['ecs'];
	1752	$user_id = $_SESSION['user_id'];
	1753
	1754	// 显示输入要找回密码的账号表单
	1755	$smarty->display('user_passport.dwt');
	1756	}
	1757
	1758	/* 密码找回-->根据注册用户名取得密码提示问题界面 */
	1759	function action_get_passwd_question ()
	1760	{
	1761
	1762	// 获取全局变量
	1763	$user = $GLOBALS['user'];
	1764	$_CFG = $GLOBALS['_CFG'];
	1765	$_LANG = $GLOBALS['_LANG'];
	1766	$smarty = $GLOBALS['smarty'];
	1767	$db = $GLOBALS['db'];
	1768	$ecs = $GLOBALS['ecs'];
	1769	$user_id = $_SESSION['user_id'];
	1770
	1771	if(empty($_POST['user_name']))
	1772	{
	1773	show_message($_LANG['no_passwd_question'], $_LANG['back_home_lnk'], './', 'info');
	1774	}
	1775	else
	1776	{
	1777	$user_name = trim($_POST['user_name']);
	1778	}
	1779
	1780	// 取出会员密码问题和答案
	1781	$sql = 'SELECT user_id, user_name, passwd_question, passwd_answer FROM ' . $ecs->table('users') . " WHERE user_name = '" . $user_name . "'";
	1782	$user_question_arr = $db->getRow($sql);
	1783
	1784	// 如果没有设置密码问题，给出错误提示
	1785	if(empty($user_question_arr['passwd_answer']))
	1786	{
	1787	show_message($_LANG['no_passwd_question'], $_LANG['back_home_lnk'], './', 'info');
	1788	}
	1789
	1790	$_SESSION['temp_user'] = $user_question_arr['user_id']; // 设置临时用户，不具有有效身份
	1791	$_SESSION['temp_user_name'] = $user_question_arr['user_name']; // 设置临时用户，不具有有效身份
	1792	$_SESSION['passwd_answer'] = $user_question_arr['passwd_answer']; // 存储密码问题答案，减少一次数据库访问
	1793
	1794	$captcha = intval($_CFG['captcha']);
	1795	if(($captcha & CAPTCHA_LOGIN) && (! ($captcha & CAPTCHA_LOGIN_FAIL) \|\| (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0)
	1796	{
	1797	$GLOBALS['smarty']->assign('enabled_captcha', 1);
	1798	$GLOBALS['smarty']->assign('rand', mt_rand());
	1799	}
	1800
	1801	$smarty->assign('passwd_question', $_LANG['passwd_questions'][$user_question_arr['passwd_question']]);
	1802	$smarty->display('user_passport.dwt');
	1803	}
	1804
	1805	/* 密码找回-->根据提交的密码答案进行相应处理 */
	1806	function action_check_answer ()
	1807	{
	1808
	1809	// 获取全局变量
	1810	$user = $GLOBALS['user'];
	1811	$_CFG = $GLOBALS['_CFG'];
	1812	$_LANG = $GLOBALS['_LANG'];
	1813	$smarty = $GLOBALS['smarty'];
	1814	$db = $GLOBALS['db'];
	1815	$ecs = $GLOBALS['ecs'];
	1816	$user_id = $_SESSION['user_id'];
	1817
	1818	$captcha = intval($_CFG['captcha']);
	1819	if(($captcha & CAPTCHA_LOGIN) && (! ($captcha & CAPTCHA_LOGIN_FAIL) \|\| (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0)
	1820	{
	1821	if(empty($_POST['captcha']))
	1822	{
	1823	show_message($_LANG['invalid_captcha'], $_LANG['back_retry_answer'], 'user.php?act=qpassword_name', 'error');
	1824	}
	1825
	1826	/* 检查验证码 */
	1827	include_once ('includes/cls_captcha.php');
	1828
	1829	$validator = new captcha();
	1830	$validator->session_word = 'captcha_login';
	1831	if(! $validator->check_word($_POST['captcha']))
	1832	{
	1833	show_message($_LANG['invalid_captcha'], $_LANG['back_retry_answer'], 'user.php?act=qpassword_name', 'error');
	1834	}
	1835	}
	1836
	1837	if(empty($_POST['passwd_answer']) \|\| $_POST['passwd_answer'] != $_SESSION['passwd_answer'])
	1838	{
	1839	show_message($_LANG['wrong_passwd_answer'], $_LANG['back_retry_answer'], 'user.php?act=qpassword_name', 'info');
	1840	}
	1841	else
	1842	{
	1843	$_SESSION['user_id'] = $_SESSION['temp_user'];
	1844	$_SESSION['user_name'] = $_SESSION['temp_user_name'];
	1845	unset($_SESSION['temp_user']);
	1846	unset($_SESSION['temp_user_name']);
	1847	$smarty->assign('uid', $_SESSION['user_id']);
	1848	$smarty->assign('action', 'reset_password');
	1849	$smarty->display('user_passport.dwt');
	1850	}
	1851	}
	1852
	1853	/* 发送密码修改确认邮件 */
	1854	function action_send_pwd_email ()
	1855	{
	1856
	1857	// 获取全局变量
	1858	$user = $GLOBALS['user'];
	1859	$_CFG = $GLOBALS['_CFG'];
	1860	$_LANG = $GLOBALS['_LANG'];
	1861	$smarty = $GLOBALS['smarty'];
	1862	$db = $GLOBALS['db'];
	1863	$ecs = $GLOBALS['ecs'];
	1864	$user_id = $_SESSION['user_id'];
	1865
	1866	include_once (ROOT_PATH . 'includes/lib_passport.php');
	1867
	1868	/* 初始化会员用户名和邮件地址 */
	1869	$user_name = ! empty($_POST['user_name']) ? trim($_POST['user_name']) : '';
	1870	$email = ! empty($_POST['email']) ? trim($_POST['email']) : '';
	1871
	1872	// 用户名和邮件地址是否匹配
	1873	$user_info = $user->get_user_info($user_name);
	1874
	1875	if($user_info && $user_info['email'] == $email)
	1876	{
	1877	// 生成code
	1878	// $code = md5($user_info[0] . $user_info[1]);
	1879
	1880	$code = md5($user_info['user_id'] . $_CFG['hash_code'] . $user_info['reg_time']);
	1881	// 发送邮件的函数
	1882	if(send_pwd_email($user_info['user_id'], $user_name, $email, $code))
	1883	{
	1884	show_message($_LANG['send_success'] . $email, $_LANG['back_home_lnk'], './', 'info');
	1885	}
	1886	else
	1887	{
	1888	// 发送邮件出错
	1889	show_message($_LANG['fail_send_password'], $_LANG['back_page_up'], './', 'info');
	1890	}
	1891	}
	1892	else
	1893	{
	1894	// 用户名与邮件地址不匹配
	1895	show_message($_LANG['username_no_email'], $_LANG['back_page_up'], '', 'info');
	1896	}
	1897	}
	1898
	1899	/* 修改会员密码 */
	1900	function action_act_edit_password ()
	1901	{
	1902
	1903	// 获取全局变量
	1904	$user = $GLOBALS['user'];
	1905	$_CFG = $GLOBALS['_CFG'];
	1906	$_LANG = $GLOBALS['_LANG'];
	1907	$smarty = $GLOBALS['smarty'];
	1908	$db = $GLOBALS['db'];
	1909	$ecs = $GLOBALS['ecs'];
	1910	$user_id = $_SESSION['user_id'];
	1911
	1912	include_once (ROOT_PATH . 'includes/lib_passport.php');
	1913
	1914	$old_password = isset($_POST['old_password']) ? trim($_POST['old_password']) : null;
	1915	$new_password = isset($_POST['new_password']) ? trim($_POST['new_password']) : '';
	1916	/* 代码添加_68_20150729_STAR */
	1917	$confirm_password = isset($_POST['confirm_password']) ? trim($_POST['confirm_password']) : '';
	1918	/* 代码添加_68_20150729_END */
	1919	$user_id = isset($_POST['uid']) ? intval($_POST['uid']) : $user_id;
	1920	$code = isset($_POST['code']) ? trim($_POST['code']) : '';
	1921
	1922	if(strlen($new_password) < 6)
	1923	{
	1924	show_message($_LANG['passport_js']['password_shorter']);
	1925	}
	1926	/* 代码添加_68_20150729_STAR */
	1927	if($new_password != $confirm_password)
	1928	{
	1929	show_message($_LANG['passport_js']['confirm_password_invalid']);
	1930	}
	1931	/* 代码添加_68_20150729_END */
	1932	$user_info = $user->get_profile_by_id($user_id); // 论坛记录
	1933
	1934	if(($user_info && (! empty($code) && md5($user_info['user_id'] . $_CFG['hash_code'] . $user_info['reg_time']) == $code)) \|\| ($_SESSION['user_id'] > 0 && $_SESSION['user_id'] == $user_id && $user->check_user($_SESSION['user_name'], $old_password)))
	1935	{
	1936
	1937	if($user->edit_user(array(
	1938	'username' => (empty($code) ? $_SESSION['user_name'] : $user_info['user_name']), 'old_password' => $old_password, 'password' => $new_password
	1939	), empty($code) ? 0 : 1))
	1940	{
	1941	$sql = "UPDATE " . $ecs->table('users') . "SET `ec_salt`='0' WHERE user_id= '" . $user_id . "'";
	1942	$db->query($sql);
	1943	// 是否开启修改密码发短信
	1944	if($_CFG['sms_change_password'] == 1)
	1945	{
	1946	$content = sprintf($_CFG['sms_change_password_tpl'], date("Y-m-d H:i:s", gmtime()), $_CFG['sms_sign']);
	1947	$sql = "SELECT mobile_phone FROM " . $GLOBALS['ecs']->table('users') . " WHERE user_id = '$user_id'";
	1948	$mobile_phone = $GLOBALS['db']->getOne($sql);
	1949	if($mobile_phone)
	1950	{
	1951	include_once ('send.php');
	1952	sendSMS($mobile_phone, $content);
	1953	}
	1954	}
	1955	$user->logout();
	1956	show_message($_LANG['edit_password_success'], $_LANG['relogin_lnk'], 'user.php?act=login', 'info');
	1957	}
	1958	else
	1959	{
	1960	show_message($_LANG['edit_password_failure'], $_LANG['back_page_up'], '', 'info');
	1961	}
	1962	}
	1963	else
	1964	{
	1965	show_message($_LANG['edit_password_failure'], $_LANG['back_page_up'], '', 'info');
	1966	}
	1967	}
	1968
	1969	/* 添加一个红包 */
	1970	function action_act_add_bonus ()
	1971	{
	1972
	1973	// 获取全局变量
	1974	$user = $GLOBALS['user'];
	1975	$_CFG = $GLOBALS['_CFG'];
	1976	$_LANG = $GLOBALS['_LANG'];
	1977	$smarty = $GLOBALS['smarty'];
	1978	$db = $GLOBALS['db'];
	1979	$ecs = $GLOBALS['ecs'];
	1980	$user_id = $_SESSION['user_id'];
	1981
	1982	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	1983
	1984	$bouns_sn = isset($_POST['bonus_sn']) ? intval($_POST['bonus_sn']) : '';
	1985
	1986	if(add_bonus($user_id, $bouns_sn))
	1987	{
	1988	show_message($_LANG['add_bonus_sucess'], $_LANG['back_up_page'], 'user.php?act=bonus', 'info');
	1989	}
	1990	else
	1991	{
	1992
	1993	$GLOBALS['err']->show($_LANG['back_up_page'], 'user.php?act=bonus');
	1994	}
	1995	}
	1996
	1997	/* 查看订单列表 */
	1998	function action_order_list ()
	1999	{
	2000	$user = $GLOBALS['user'];
	2001	$_CFG = $GLOBALS['_CFG'];
	2002	$_LANG = $GLOBALS['_LANG'];
	2003	$smarty = $GLOBALS['smarty'];
	2004	$db = $GLOBALS['db'];
	2005	$ecs = $GLOBALS['ecs'];
	2006	$user_id = $_SESSION['user_id'];
	2007	$action = $GLOBALS['action'];
	2008
	2009	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	2010	include_once (ROOT_PATH . 'includes/lib_transaction_1.php');
	2011	include_once (ROOT_PATH . 'includes/lib_payment.php');
	2012	include_once (ROOT_PATH . 'includes/lib_order.php');
	2013	include_once (ROOT_PATH . 'includes/lib_clips.php');
	2014
	2015	$ex_where = " and user_id=$user_id";
	2016
	2017	/* 已完成的订单 */
	2018	$order_count['finished'] = $db->GetOne('SELECT COUNT(*) FROM ' . $ecs->table('order_info') . " WHERE 1 $ex_where " . order_query_sql('finished'));
	2019	$status['finished'] = CS_FINISHED;
	2020
	2021	/* 待发货的订单： */
	2022	$order_count['await_ship'] = $db->GetOne('SELECT COUNT(*)' . ' FROM ' . $ecs->table('order_info') . " WHERE 1 $ex_where " . order_query_sql('await_ship'));
	2023	$status['await_ship'] = CS_AWAIT_SHIP;
	2024
	2025	/* 待付款的订单： */
	2026	$order_count['await_pay'] = $db->GetOne('SELECT COUNT(*)' . ' FROM ' . $ecs->table('order_info') . " WHERE 1 $ex_where " . order_query_sql('await_pay'));
	2027	$status['await_pay'] = CS_AWAIT_PAY;
	2028
	2029	/* “未确认”的订单 */
	2030	$order_count['unconfirmed'] = $db->GetOne('SELECT COUNT(*) FROM ' . $ecs->table('order_info') . " WHERE 1 $ex_where " . order_query_sql('unconfirmed'));
	2031	$status['unconfirmed'] = OS_UNCONFIRMED;
	2032
	2033	// $today_start = mktime(0,0,0,date('m'),date('d'),date('Y'));
	2034	$order_count['stats'] = $db->getRow('SELECT COUNT(*) AS oCount, IFNULL(SUM(order_amount), 0) AS oAmount' . ' FROM ' . $ecs->table('order_info'));
	2035	$smarty->assign('order_count', $order_count);
	2036	$smarty->assign('status', $status);
	2037
	2038	$composite_status = isset($_REQUEST['composite_status']) ? intval($_REQUEST['composite_status']) : - 1;
	2039	$where = '';
	2040	switch($composite_status)
	2041	{
	2042	case CS_AWAIT_PAY:
	2043	$where .= order_query_sql('await_pay');
	2044	break;
	2045
	2046	case CS_AWAIT_SHIP:
	2047	$where .= order_query_sql('await_ship');
	2048	break;
	2049
	2050	case CS_FINISHED:
	2051	$where .= order_query_sql('finished');
	2052	break;
	2053	default:
	2054	if($composite_status != - 1)
	2055	{
	2056	$where .= " AND o.order_status = '$composite_status' ";
	2057	}
	2058	}
	2059	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	2060
	2061	$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('order_info') . " WHERE user_id = '$user_id'");
	2062
	2063	/* 代码添加_68_20150909_STAR */
	2064	// 未确认
	2065	if ($composite_status == OS_UNCONFIRMED)
	2066	{
	2067	$record_count = $order_count['unconfirmed'];
	2068	}
	2069	// 待付款
	2070	else if ($composite_status == CS_AWAIT_PAY)
	2071	{
	2072	$record_count = $order_count['await_pay'];
	2073	}
	2074	// 待发货
	2075	else if ($composite_status == CS_AWAIT_SHIP)
	2076	{
	2077	$record_count = $order_count['await_ship'];
	2078	}
	2079	// 已完成
	2080	else if ($composite_status == CS_FINISHED)
	2081	{
	2082	$record_count = $order_count['finished'];
	2083	}
	2084	/* 代码添加_68_20150909_END */
	2085
	2086	$pager = get_pager('user.php', array(
	2087	'act' => $action, 'composite_status' => $composite_status
	2088	), $record_count, $page, 5);
	2089
	2090	$orders = get_user_orders_1($user_id, $pager['size'], $pager['start'], $where);
	2091
	2092	foreach($orders as $k_kuaidi => $v_kuaidi)
	2093	{
	2094	// 同城快递
	2095	if($v_kuaidi['shipping_name_2'] == "同城快递")
	2096	{
	2097	$kos_order_id = $db->getOne("select order_id from " . $ecs->table('kuaidi_order') . " where order_sn='" . $v_kuaidi['invoice_no'] . "'");
	2098	$sql = "select * from " . $ecs->table('kuaidi_order_status') . " where order_id='" . $kos_order_id . "' order by status_id desc";
	2099	$res_status = $db->query($sql);
	2100	$have_shipping_info = 0;
	2101	$shipping_info = "";
	2102	while($row_status = $db->fetchRow($res_status))
	2103	{
	2104	if($row_status['status_display'] == 1)
	2105	{
	2106	switch($row_status['status_id'])
	2107	{
	2108	case 1:
	2109	$shipping_info .= "您提交了订单，请等待确认。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2110	break;
	2111	case 2:
	2112	$shipping_info .= "您的快件已经确认，等待快递员揽收。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2113	break;
	2114	case 3:
	2115	$postman_id = $db->getOne("select postman_id from " . $ecs->table('kuaidi_order') . " where order_sn='" . $orders[$k_kuaidi]['invoice_no'] . "'");
	2116	$postman_info = $db->getRow("select postman_name, mobile from " . $ecs->table('postman') . " where postman_id=" . $postman_id);
	2117	$shipping_info .= "您的快件正在派送，快递员：" . $postman_info['postman_name'] . "，电话：" . $postman_info['mobile'] . " (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2118	break;
	2119	case 4:
	2120	$shipping_info .= "您的快件已经签收。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2121	break;
	2122	case 5:
	2123	$shipping_info .= "您的快件已被拒收。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2124	break;
	2125	case 6:
	2126	$shipping_info .= "您拒收的快件已被退回。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2127	break;
	2128	case 7:
	2129	$shipping_info .= "您的快件已经取消。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2130	break;
	2131	}
	2132
	2133	$shipping_info .= "<br>";
	2134
	2135	if($row_status['status_id'] >= 1)
	2136	{
	2137	$have_shipping_info ++;
	2138	}
	2139	}
	2140	}
	2141	if($have_shipping_info)
	2142	{
	2143	$orders[$k_kuaidi]['result_content'] = $shipping_info;
	2144	}
	2145	else
	2146	{
	2147	$orders[$k_kuaidi]['result_content'] = '抱歉，暂时还没有该运单的物流信息哦！';
	2148	}
	2149	}
	2150	}
	2151
	2152	$merge = get_user_merge($user_id);
	2153
	2154	$smarty->assign('merge', $merge);
	2155	$smarty->assign('pager', $pager);
	2156	$smarty->assign('orders', $orders);
	2157	$smarty->display('user_transaction.dwt');
	2158	}
	2159
	2160	/* 查看订单详情 */
	2161	function action_order_detail ()
	2162	{
	2163	$user = $GLOBALS['user'];
	2164	$_CFG = $GLOBALS['_CFG'];
	2165	$_LANG = $GLOBALS['_LANG'];
	2166	$smarty = $GLOBALS['smarty'];
	2167	$db = $GLOBALS['db'];
	2168	$ecs = $GLOBALS['ecs'];
	2169	$user_id = $_SESSION['user_id'];
	2170
	2171	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	2172	include_once (ROOT_PATH . 'includes/lib_payment.php');
	2173	include_once (ROOT_PATH . 'includes/lib_order.php');
	2174	include_once (ROOT_PATH . 'includes/lib_clips.php');
	2175
	2176	$order_id = isset($_GET['order_id']) ? intval($_GET['order_id']) : 0;
	2177
	2178	/* 订单详情 */
	2179
	2180	$order = get_order_detail($order_id, $user_id);
	2181
	2182	$sql_invoices = "SELECT invoice_no,shipping_name FROM ".$GLOBALS['ecs']->table('delivery_order')." WHERE order_id = ".$order['order_id'];
	2183	$order['invoices'] = $GLOBALS['db']->getAll($sql_invoices);
	2184
	2185	/* 退换货插件增加 */
	2186	$shipping_time = $db->getOne("SELECT shipping_time FROM " . $ecs->table('order_info') . " WHERE order_id = '$order_id'");
	2187	$now_time = gmtime();
	2188	$not_back = 0;
	2189	if($GLOBALS['_CFG']['tuihuan_days_fahuo'] > 0) // 退换货期限（发货后第几天起）:
	2190	{
	2191	if(($now_time - $shipping_time) / 86400 < $GLOBALS['_CFG']['tuihuan_days_fahuo'])
	2192	{
	2193	$not_back = 1;
	2194	}
	2195	}
	2196	if($GLOBALS['_CFG']['tuihuan_days_qianshou'] > 0) // 退换货期限（发货后第几天止）:
	2197	{
	2198	if(($now_time - $shipping_time) / 86400 > $GLOBALS['_CFG']['tuihuan_days_qianshou'])
	2199	{
	2200	$not_back = 1;
	2201	}
	2202	}
	2203	$smarty->assign('not_back', $not_back);
	2204	/* 退换货插件增加 */
	2205	if($order === false)
	2206	{
	2207	$err->show($_LANG['back_home_lnk'], './');
	2208
	2209	exit();
	2210	}
	2211
	2212	if($db->getOne("select shipping_code from " . $ecs->table('shipping') . " where shipping_id=" . $order['shipping_id']) == "tc_express")
	2213	{
	2214
	2215	$order['tc_express'] = 1;
	2216
	2217	$ko_order_sn = $db->getOne("select invoice_no from " . $ecs->table('delivery_order') . " where order_id=" . $order_id);
	2218	if($ko_order_sn)
	2219	{
	2220	$kos_order_id = $db->getOne("select order_id from " . $ecs->table('kuaidi_order') . " where order_sn='" . $ko_order_sn . "'");
	2221	}
	2222
	2223	$sql = "select * from " . $ecs->table('kuaidi_order_status') . " where order_id='$kos_order_id' order by status_id";
	2224
	2225	$res_status = $db->query($sql);
	2226	$have_shipping_info = 0;
	2227	$shipping_info = "";
	2228	while($row_status = $db->fetchRow($res_status))
	2229	{
	2230	if($row_status['status_display'] == 1)
	2231	{
	2232	switch($row_status['status_id'])
	2233	{
	2234	case 1:
	2235	$shipping_info .= "您提交了订单，请等待确认。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2236	break;
	2237	case 2:
	2238	$shipping_info .= "您的快件已经确认，等待快递员揽收。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2239	break;
	2240	case 3:
	2241	$postman_id = $db->getOne("select postman_id from " . $ecs->table('kuaidi_order') . " where order_sn='" . $order['invoice_no'] . "'");
	2242	$postman_info = $db->getRow("select postman_name, mobile from " . $ecs->table('postman') . " where postman_id=" . $postman_id);
	2243	$shipping_info .= "您的快件正在派送，快递员：" . $postman_info['postman_name'] . "，电话：" . $postman_info['mobile'] . " (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2244	break;
	2245	case 4:
	2246	$shipping_info .= "您的快件已经签收。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2247	break;
	2248	case 5:
	2249	$shipping_info .= "您的快件已被拒收。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2250	break;
	2251	case 6:
	2252	$shipping_info .= "您拒收的快件已被退回。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2253	break;
	2254	case 7:
	2255	$shipping_info .= "您的快件已经取消。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2256	break;
	2257	}
	2258
	2259	$shipping_info .= "<br>";
	2260
	2261	if($row_status['status_id'] >= 1)
	2262	{
	2263	$have_shipping_info ++;
	2264	}
	2265	}
	2266	}
	2267	if($have_shipping_info)
	2268	{
	2269	$result_content = $shipping_info;
	2270	}
	2271	else
	2272	{
	2273	$result_content = '抱歉，暂时还没有该运单的物流信息哦！';
	2274	}
	2275	}
	2276	$smarty->assign('result_content', $result_content);
	2277
	2278	/* 是否显示添加到购物车 */
	2279	if($order['extension_code'] != GROUP_BUY_CODE && $order['extension_code'] != 'exchange_goods' && $order['extension_code'] != PRE_SALE_CODE && $order['extension_code'] != VIRTUAL_SALE_CODE)
	2280	{
	2281	$smarty->assign('allow_to_cart', 1);
	2282	}
	2283
	2284	/* 订单商品 */
	2285	$goods_list = order_goods($order_id);
	2286	foreach($goods_list as $key => $value)
	2287	{
	2288	$goods_list[$key]['market_price'] = price_format($value['market_price'], false);
	2289	$goods_list[$key]['goods_price'] = price_format($value['goods_price'], false);
	2290	$goods_list[$key]['subtotal'] = price_format($value['subtotal'], false);
	2291
	2292	$sql_back = "SELECT bg.*, bo.back_type FROM " . $ecs->table('back_goods') . " AS bg " . " LEFT JOIN " . $ecs->table('back_order') . " AS bo " . " ON bg.back_id = bo.back_id " . " WHERE bo.order_id = " . $order_id . " AND bg.goods_id = " . $value['goods_id'] . " AND bg.product_id = " . $value['product_id'] . " AND bg.status_back < 6";
	2293	$back_info = $db->getRow($sql_back);
	2294
	2295	if(count($back_info['back_id']) > 0)
	2296	{
	2297	switch($back_info['status_back'])
	2298	{
	2299	case '3':
	2300	$sb = "已完成";
	2301	break;
	2302	case '5':
	2303	$sb = "已申请";
	2304	break;
	2305	// case '6' : $sb = ""; break;
	2306	// case '7' : $sb = ""; break;
	2307	default:
	2308	$sb = "正在";
	2309	break;
	2310	}
	2311
	2312	switch($back_info['back_type'])
	2313	{
	2314	case '1':
	2315	$bt = "退货";
	2316	break;
	2317	case '3':
	2318	$bt = "申请维修";
	2319	break;
	2320	case '4':
	2321	$bt = "退款";
	2322	break;
	2323	default:
	2324	break;
	2325	}
	2326
	2327	$shouhou = $sb . " " . $bt;
	2328	}
	2329	else
	2330	{
	2331	$shouhou = "正常";
	2332	}
	2333
	2334	$goods_list[$key]['shouhou'] = $shouhou;
	2335	}
	2336
	2337	/* 设置能否修改使用余额数 */
	2338	if($order['order_amount'] > 0)
	2339	{
	2340	if($order['order_status'] == OS_UNCONFIRMED \|\| $order['order_status'] == OS_CONFIRMED)
	2341	{
	2342	$user = user_info($order['user_id']);
	2343	if($user['user_money'] + $user['credit_line'] > 0)
	2344	{
	2345	$smarty->assign('allow_edit_surplus', 1);
	2346	$smarty->assign('max_surplus', sprintf($_LANG['max_surplus'], $user['user_money']));
	2347	}
	2348	}
	2349	}
	2350	/* 代码删除 By Start */
	2351	// /* 未发货，未付款时允许更换支付方式 */
	2352	// if($order['order_amount'] > 0 && $order['pay_status'] == PS_UNPAYED && $order['shipping_status'] == SS_UNSHIPPED)
	2353	// {
	2354	// $payment_list = available_payment_list(false, 0, true);
	2355	//
	2356	// /* 过滤掉当前支付方式和余额支付方式 */
	2357	// if(is_array($payment_list))
	2358	// {
	2359	// foreach($payment_list as $key => $payment)
	2360	// {
	2361	// if($payment['pay_id'] == $order['pay_id'] \|\| $payment['pay_code'] == 'balance')
	2362	// {
	2363	// unset($payment_list[$key]);
	2364	// }
	2365	// }
	2366	// }
	2367	// $smarty->assign('payment_list', $payment_list);
	2368	// }
	2369	/* 订单支付配送状态语言项 */
	2370	// $order['order_status'] = $_LANG['os'][$order['order_status']];
	2371	// $order['pay_status'] = $_LANG['ps'][$order['pay_status']];
	2372	// $order['shipping_status_id'] = $order['shipping_status']; // 代码增加 By
	2373	// //
	2374	// $order['shipping_status'] = $_LANG['ss'][$order['shipping_status']];
	2375	/* 代码删除 By End */
	2376	/* 增值税发票_添加_START_ */
	2377	/* 增值税发票收票地址 */
	2378	if($order['inv_type'] == 'vat_invoice')
	2379	{
	2380	$order['inv_complete_address'] = get_inv_complete_address($order);
	2381	}
	2382	/* 发票金额 */
	2383	$order['formatted_inv_money'] = price_format($order['inv_money']);
	2384	/* 增值税发票_添加_END_ */
	2385	$smarty->assign('order', $order);
	2386	/* 代码增加_start By */
	2387	$smarty->assign('mobile_phone', $GLOBALS['db']->getOne("select mobile_phone from " . $GLOBALS['ecs']->table('users') . " where user_id='$_SESSION[user_id]'"));
	2388	foreach($goods_list as $goods_key => $goods_val)
	2389	{
	2390	$sql_goods = "select count(*) from " . $ecs->table('back_order') . " where order_id='$order[order_id]' and goods_id='$goods_val[goods_id]'";
	2391	$back_order_count = $db->getOne($sql_goods);
	2392	$goods_list[$goods_key]['back_can'] = $back_order_count ? '0' : '1';
	2393	/* 代码增加_start By _20150804 */
	2394	if($goods_val['extension_code'] == 'virtual_good')
	2395	{
	2396	$virtual_goods_card = $db->getAll("select gc.card_sn,gc.end_date,buy_date from " . $ecs->table('virtual_goods_card') . " as gc join (select order_id,order_sn from " . $ecs->table('order_info') . " where order_id='$goods_val[order_id]') as oi on gc.order_sn = oi.order_sn");
	2397	foreach($virtual_goods_card as $k => $v)
	2398	{
	2399	$virtual_goods_card[$k]['end_date'] = empty($v['end_date']) ? '' : local_date('Y-m-d', $v['end_date']);
	2400	$virtual_goods_card[$k]['buy_date'] = empty($v['buy_date']) ? '' : local_date('Y-m-d', $v['buy_date']);
	2401	$virtual_goods_card[$k]['end_date_time'] = empty($v['end_date']) ? '' : $v['end_date'];
	2402	$virtual_goods_card[$k]['buy_date_time'] = empty($v['buy_date']) ? '' : $v['buy_date'];
	2403	}
	2404	$goods_list[$goods_key]['virtual_goods_card'] = $virtual_goods_card;
	2405	}
	2406	/* 代码增加_end By _20150804 */
	2407
	2408	$goods_list[$key]['shouhou'] = $shouhou;
	2409	}
	2410
	2411	/* 设置能否修改使用余额数 */
	2412	if($order['order_amount'] > 0)
	2413	{
	2414	if($order['order_status'] == OS_UNCONFIRMED \|\| $order['order_status'] == OS_CONFIRMED)
	2415	{
	2416	$user = user_info($order['user_id']);
	2417	if($user['user_money'] + $user['credit_line'] > 0)
	2418	{
	2419	$smarty->assign('allow_edit_surplus', 1);
	2420	$smarty->assign('max_surplus', sprintf($_LANG['max_surplus'], $user['user_money']));
	2421	}
	2422	}
	2423	}
	2424
	2425	/* 未发货，未付款时允许更换支付方式 */
	2426	if($order['order_amount'] > 0 && $order['pay_status'] == PS_UNPAYED && $order['shipping_status'] == SS_UNSHIPPED)
	2427	{
	2428	$payment_list = available_payment_list(false, 0, true);
	2429
	2430	/* 过滤掉当前支付方式和余额支付方式 */
	2431	if(is_array($payment_list))
	2432	{
	2433	foreach($payment_list as $key => $payment)
	2434	{
	2435	if($payment['pay_id'] == $order['pay_id'] \|\| $payment['pay_code'] == 'balance')
	2436	{
	2437	unset($payment_list[$key]);
	2438	}
	2439	}
	2440	}
	2441	/* 代码修改 By Start */
	2442	// $smarty->assign('payment_list', $payment_list);
	2443	// 订单状态为无效、已取消、退货时不设置支付方法
	2444	if($order['order_status'] != OS_CANCELED && $order['order_status'] != OS_INVALID && $order['order_status'] != OS_RETURNED)
	2445	{
	2446	$smarty->assign('payment_list', $payment_list);
	2447	}
	2448	/* 代码修改 By End */
	2449	}
	2450
	2451	/* 订单支付配送状态语言项 */
	2452	$order['order_status'] = $_LANG['os'][$order['order_status']];
	2453	$order['pay_status'] = $_LANG['ps'][$order['pay_status']];
	2454	$order['shipping_status_id'] = $order['shipping_status']; // 代码增加 By
	2455	//
	2456	$order['shipping_status'] = $_LANG['ss'][$order['shipping_status']];
	2457	/* 增值税发票_添加_START_ */
	2458	/* 增值税发票收票地址 */
	2459	if($order['inv_type'] == 'vat_invoice')
	2460	{
	2461	$order['inv_complete_address'] = get_inv_complete_address($order);
	2462	}
	2463	/* 发票金额 */
	2464	$order['formatted_inv_money'] = price_format($order['inv_money']);
	2465	/* 增值税发票_添加_END_ */
	2466	$smarty->assign('order', $order);
	2467	/* 代码增加_start By */
	2468	foreach($goods_list as $goods_key => $goods_val)
	2469	{
	2470	$sql_goods = "select count(*) from " . $ecs->table('back_order') . " where order_id='$order[order_id]' and goods_id='$goods_val[goods_id]'";
	2471	$back_order_count = $db->getOne($sql_goods);
	2472	$goods_list[$goods_key]['back_can'] = $back_order_count ? '0' : '1';
	2473	}
	2474	/* 代码增加_end By */
	2475	$smarty->assign('goods_list', $goods_list);
	2476	$smarty->display('user_transaction.dwt');
	2477	}
	2478
	2479	/*
	2480	* 代码增加_start By
	2481	* 退换货订单详情
	2482	*/
	2483	function action_back_order_detail ()
	2484	{
	2485	$user = $GLOBALS['user'];
	2486	$_CFG = $GLOBALS['_CFG'];
	2487	$_LANG = $GLOBALS['_LANG'];
	2488	$smarty = $GLOBALS['smarty'];
	2489	$db = $GLOBALS['db'];
	2490	$ecs = $GLOBALS['ecs'];
	2491	$user_id = $_SESSION['user_id'];
	2492
	2493	$back_id = ! empty($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
	2494	$sql = 'SELECT shipping_id, shipping_code, shipping_name ' . 'FROM ' . $GLOBALS['ecs']->table('shipping') . 'WHERE enabled = 1 and supplier_id = 0 ORDER BY shipping_order';
	2495	$shipping_list = $db->getAll($sql);
	2496
	2497	$smarty->assign('shipping_list', $shipping_list);
	2498
	2499	$sql = "SELECT * " . " FROM " . $GLOBALS['ecs']->table('back_order') . " WHERE back_id= '$back_id' ";
	2500	$back_shipping = $db->getRow($sql);
	2501
	2502	$sql_og = "SELECT * FROM " . $GLOBALS['ecs']->table('back_goods') . " WHERE back_id = " . $back_id;
	2503	$back_shipping['goods_list'] = $GLOBALS['db']->getAll($sql_og);
	2504
	2505	$back_shipping['add_time'] = local_date("Y-m-d H:i", $back_shipping['add_time']);
	2506	$back_shipping['refund_money_1'] = price_format($back_shipping['refund_money_1'], false);
	2507	$back_shipping['refund_money_2'] = price_format($back_shipping['refund_money_2'], false);
	2508	$back_shipping['refund_type_name'] = $back_shipping['refund_type'] == '0' ? '' : ($back_shipping['refund_type'] == '1' ? '退回用户余额' : '线下退款');
	2509	$back_shipping['country_name'] = $db->getOne("SELECT region_name FROM " . $ecs->table('region') . " WHERE region_id = '$back_shipping[country]'");
	2510	$back_shipping['province_name'] = $db->getOne("SELECT region_name FROM " . $ecs->table('region') . " WHERE region_id = '$back_shipping[province]'");
	2511	$back_shipping['city_name'] = $db->getOne("SELECT region_name FROM " . $ecs->table('region') . " WHERE region_id = '$back_shipping[city]'");
	2512	$back_shipping['district_name'] = $db->getOne("SELECT region_name FROM " . $ecs->table('region') . " WHERE region_id = '$back_shipping[district]'");
	2513
	2514	$back_shipping['status_back_1'] = $back_shipping['status_back'];
	2515	$back_shipping['status_back'] = $_LANG['bos'][$back_shipping['status_back']] . ($back_shipping['status_back'] == '3' && $back_shipping['back_type'] && $back_shipping['back_type'] != '4' ? ' (换回商品已寄出，请注意查收) ' : '');
	2516	$back_shipping['status_refund'] = $_LANG['bps'][$back_shipping['status_refund']];
	2517
	2518	$smarty->assign('back_shipping', $back_shipping);
	2519
	2520	// 退货商品 + 换货商品详细信息
	2521	$list_backgoods = array();
	2522	$sql = "select * from " . $ecs->table('back_goods') . " where back_id = '$back_id' order by back_type ";
	2523	$res_backgoods = $db->query($sql);
	2524	while($row_backgoods = $db->fetchRow($res_backgoods))
	2525	{
	2526	$back_type_temp = $row_backgoods['back_type'] == '2' ? '1' : $row_backgoods['back_type'];
	2527	$list_backgoods[$back_type_temp]['goods_list'][] = array(
	2528	'goods_name' => $row_backgoods['goods_name'], 'goods_attr' => $row_backgoods['goods_attr'], 'back_goods_number' => $row_backgoods['back_goods_number'], 'back_goods_money' => price_format($row_backgoods['back_goods_number'] * $row_backgoods['back_goods_price'], false), 'status_back' => $_LANG['bos'][$row_backgoods['status_back']] . ($row_backgoods['status_back'] == '3' && $row_backgoods['back_type'] && $row_backgoods['back_type'] != '4' ? ' (换回商品已寄出，请注意查收) ' : ''), 'status_refund' => $_LANG['bps'][$row_backgoods['status_refund']], 'back_type' => $row_backgoods['back_type']
	2529	);
	2530	}
	2531	$smarty->assign('list_backgoods', $list_backgoods);
	2532
	2533	/* 回复留言增加 */
	2534	$res = $db->getAll("SELECT * FROM " . $ecs->table('back_replay') . " WHERE back_id = '$back_id' ORDER BY add_time ASC");
	2535	foreach($res as $value)
	2536	{
	2537	$value['add_time'] = local_date("Y-m-d H:i", $value['add_time']);
	2538	$back_replay[] = $value;
	2539	}
	2540
	2541	$smarty->assign('back_replay', $back_replay);
	2542
	2543	$smarty->assign('back_id', $back_id);
	2544	$smarty->display('user_transaction.dwt');
	2545	}
	2546
	2547	/*
	2548	* 留言回复
	2549	*/
	2550	function action_back_replay ()
	2551	{
	2552	$user = $GLOBALS['user'];
	2553	$_CFG = $GLOBALS['_CFG'];
	2554	$_LANG = $GLOBALS['_LANG'];
	2555	$smarty = $GLOBALS['smarty'];
	2556	$db = $GLOBALS['db'];
	2557	$ecs = $GLOBALS['ecs'];
	2558	$user_id = $_SESSION['user_id'];
	2559
	2560	$back_id = intval($_REQUEST['back_id']);
	2561	$message = $_POST['message'];
	2562	$add_time = gmtime();
	2563
	2564	$db->query("INSERT INTO " . $ecs->table('back_replay') . " (back_id, message, add_time, type) VALUES ('$back_id', '$message', '$add_time', 1)");
	2565
	2566	show_message('恭喜，回复成功！', '返回', 'user.php?act=back_order_detail&id=' . $back_id);
	2567	}
	2568
	2569	/*
	2570	* 取消退换货订单
	2571	*/
	2572	function action_del_back_order ()
	2573	{
	2574	$user = $GLOBALS['user'];
	2575	$_CFG = $GLOBALS['_CFG'];
	2576	$_LANG = $GLOBALS['_LANG'];
	2577	$smarty = $GLOBALS['smarty'];
	2578	$db = $GLOBALS['db'];
	2579	$ecs = $GLOBALS['ecs'];
	2580	$user_id = $_SESSION['user_id'];
	2581
	2582	$back_id = intval($_REQUEST['id']);
	2583	$sql = "select status_back from " . $ecs->table('back_order') . " where back_id='$back_id' ";
	2584	$status_back = $db->getOne($sql);
	2585	if($status_back != 0 && $status_back != 5)
	2586	{
	2587	show_message('对不起，该退货单无法取消', '返回退货订单列表页');
	2588	}
	2589	else
	2590	{
	2591	$sql = "update " . $ecs->table('back_goods') . " set status_back = 8 where back_id='$back_id' ";
	2592	$db->query($sql);
	2593	$sql = "update " . $ecs->table('back_order') . " set status_back = 8 where back_id='$back_id' ";
	2594	$db->query($sql);
	2595	show_message('恭喜，您已经成功取消该退货单', '返回退货订单列表页', 'user.php?act=back_list', 'info');
	2596	}
	2597	}
	2598
	2599	/*
	2600	* 更新退换货订单的快递方式和运单号
	2601	*/
	2602	function action_back_order_detail_edit ()
	2603	{
	2604	$user = $GLOBALS['user'];
	2605	$_CFG = $GLOBALS['_CFG'];
	2606	$_LANG = $GLOBALS['_LANG'];
	2607	$smarty = $GLOBALS['smarty'];
	2608	$db = $GLOBALS['db'];
	2609	$ecs = $GLOBALS['ecs'];
	2610	$user_id = $_SESSION['user_id'];
	2611
	2612	if(empty($_POST['shipping_id']))
	2613	{
	2614	show_message('快递公司不能为空');
	2615	}
	2616	if(empty($_POST['invoice_no']))
	2617	{
	2618	show_message('快递运单号不能为空');
	2619	}
	2620	$back_id = ! empty($_POST['back_id']) ? intval($_POST['back_id']) : 0;
	2621	$invoice_no = trim($_POST['invoice_no']);
	2622	$shipping_id = intval($_POST['shipping_id']);
	2623	if($shipping_id)
	2624	{
	2625	$sql = "SELECT shipping_name FROM " . $GLOBALS['ecs']->table('shipping') . " where shipping_id='$shipping_id' ";
	2626	$shipping_name = $db->getOne($sql);
	2627	}
	2628	$sql = "update " . $ecs->table('back_order') . " set shipping_id='$shipping_id', shipping_name='$shipping_name', invoice_no='$invoice_no' where back_id='$back_id' ";
	2629	$db->query($sql);
	2630	show_message('恭喜，您已经成功更新快递方式和运单号', '返回退货订单详情页');
	2631	}
	2632
	2633	function action_back_list ()
	2634	{
	2635	$user = $GLOBALS['user'];
	2636	$_CFG = $GLOBALS['_CFG'];
	2637	$_LANG = $GLOBALS['_LANG'];
	2638	$smarty = $GLOBALS['smarty'];
	2639	$db = $GLOBALS['db'];
	2640	$ecs = $GLOBALS['ecs'];
	2641	$user_id = $_SESSION['user_id'];
	2642	$action = $GLOBALS['action'];
	2643
	2644	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	2645
	2646	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	2647
	2648	$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('back_order') . " WHERE user_id = '$user_id'");
	2649
	2650	$pager = get_pager('user.php', array(
	2651	'act' => $action
	2652	), $record_count, $page);
	2653
	2654	$orders = get_user_backorders($user_id, $pager['size'], $pager['start']);
	2655
	2656	$smarty->assign('pager', $pager);
	2657	$smarty->assign('orders', $orders);
	2658	$smarty->display('user_transaction.dwt');
	2659	}
	2660
	2661	/* 新“退换货”订单表单 */
	2662	function action_back_order ()
	2663	{
	2664	$user = $GLOBALS['user'];
	2665	$_CFG = $GLOBALS['_CFG'];
	2666	$_LANG = $GLOBALS['_LANG'];
	2667	$smarty = $GLOBALS['smarty'];
	2668	$db = $GLOBALS['db'];
	2669	$ecs = $GLOBALS['ecs'];
	2670	$user_id = $_SESSION['user_id'];
	2671
	2672	$order_id = ! empty($_REQUEST['order_id']) ? intval($_REQUEST['order_id']) : 0;
	2673	if(!$_REQUEST['order_all'])
	2674	{
	2675	$goods_id = ! empty($_REQUEST['goods_id']) ? intval($_REQUEST['goods_id']) : 0;
	2676	$product_id = ! empty($_REQUEST['product_id']) ? intval($_REQUEST['product_id']) : 0;
	2677	$sql = "select og.goods_id, og.goods_name, og.goods_sn, og.goods_number, og.goods_price, og.product_id, og.goods_attr, o.order_id, o.order_sn, o.user_id, o.shipping_time_end " . " from " . $GLOBALS['ecs']->table('order_info') . " AS o left join " . $GLOBALS['ecs']->table('order_goods') . " AS og " . " on o.order_id=og.order_id where og.goods_id='$goods_id' and og.order_id='$order_id' and og.product_id='$product_id'";
	2678	$row_goods = $GLOBALS['db']->getRow($sql);
	2679
	2680	if(! $row_goods \|\| $row_goods['user_id'] != $_SESSION['user_id'])
	2681	{
	2682	show_message('对不起！您没权限针对该商品发起退款/退货及维修', '返回订单列表页', 'user.php?act=order_list', 'info');
	2683	}
	2684	else
	2685	{
	2686	$row_goods['total_price'] = $row_goods['goods_price'] * $row_goods['goods_number'];
	2687	$row_goods['goods_price_format'] = price_format($row_goods['goods_price'], false);
	2688	$row_goods['total_price_format'] = price_format($row_goods['total_price'], false);
	2689	$smarty->assign('back_goods', $row_goods);
	2690
	2691	$properties = get_goods_properties($goods_id); // 获得商品的规格和属性
	2692	$smarty->assign('specification', $properties['spe']); // 商品规格
	2693	}
	2694	}
	2695	else
	2696	{
	2697	$sql_oi = "SELECT * FROM " . $GLOBALS['ecs']->table('order_info') . " WHERE order_id = " . $order_id;
	2698	$order_info = $GLOBALS['db']->getRow($sql_oi);
	2699	$sql_og = "SELECT * FROM " . $GLOBALS['ecs']->table('order_goods') . " WHERE order_id = " . $order_id;
	2700	$goods_list = $GLOBALS['db']->getAll($sql_og);
	2701	foreach ($goods_list as $key => $goods_info)
	2702	{
	2703	$goods_info['total_price'] = $goods_info['goods_price'] * $goods_info['goods_number'];
	2704	$goods_list[$key]['goods_price_format'] = price_format($goods_info['goods_price'], false);
	2705	$goods_list[$key]['total_price_format'] = price_format($goods_info['total_price'], false);
	2706	}
	2707	$order_info['goods_list'] = $goods_list;
	2708
	2709	if (!$order_info \|\| $order_info['user_id'] != $_SESSION['user_id'])
	2710	{
	2711	show_message('对不起！您没权限针对该订单发起退款', '返回订单列表页', 'user.php?act=order_list', 'info');
	2712	}
	2713	else
	2714	{
	2715	$smarty->assign('order_info', $order_info);
	2716
	2717	$properties = get_goods_properties($goods_id); // 获得商品的规格和属性
	2718	$smarty->assign('specification', $properties['spe']); // 商品规格
	2719	}
	2720	}
	2721
	2722	// 收货地址增加
	2723	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	2724	$order = $db->getRow("SELECT * FROM " . $ecs->table('order_info') . " WHERE order_id='$order_id'");
	2725	$smarty->assign('order', $order);
	2726	$smarty->assign('shop_province', get_regions(1, $order['country']));
	2727	$smarty->assign('shop_city', get_regions(2, $order['province']));
	2728	$smarty->assign('shop_district', get_regions(3, $order['city']));
	2729	$smarty->assign('name_of_region', array(
	2730	$_CFG['name_of_region_1'], $_CFG['name_of_region_2'], $_CFG['name_of_region_3'], $_CFG['name_of_region_4']
	2731	));
	2732	$smarty->assign('country_list', get_regions());
	2733
	2734	$smarty->display('user_transaction.dwt');
	2735	}
	2736
	2737	/* 保存退换货订单 */
	2738	function action_back_order_act ()
	2739	{
	2740	$user = $GLOBALS['user'];
	2741	$_CFG = $GLOBALS['_CFG'];
	2742	$_LANG = $GLOBALS['_LANG'];
	2743	$smarty = $GLOBALS['smarty'];
	2744	$db = $GLOBALS['db'];
	2745	$ecs = $GLOBALS['ecs'];
	2746	$user_id = $_SESSION['user_id'];
	2747
	2748	$add_time = gmtime();
	2749	$order_id = ! empty($_POST['order_id']) ? trim($_POST['order_id']) : "0";
	2750	if (!$_POST['order_all'])
	2751	{
	2752	$order_sn = ! empty($_POST['order_sn']) ? trim($_POST['order_sn']) : "";
	2753	$goods_id = ! empty($_POST['goods_id']) ? trim($_POST['goods_id']) : "";
	2754	$goods_name = ! empty($_POST['goods_name']) ? trim($_POST['goods_name']) : "";
	2755	$goods_sn = ! empty($_POST['goods_sn']) ? trim($_POST['goods_sn']) : "";
	2756	}
	2757	$back_reason = ! empty($_POST['back_reason']) ? trim($_POST['back_reason']) : "";
	2758	$country = intval($_POST['country']);
	2759	$province = intval($_POST['province']);
	2760	$city = intval($_POST['city']);
	2761	$district = intval($_POST['district']);
	2762	$consignee = ! empty($_POST['back_consignee']) ? trim($_POST['back_consignee']) : "";
	2763	$address = ! empty($_POST['back_address']) ? trim($_POST['back_address']) : "";
	2764	$zipcode = ! empty($_POST['back_zipcode']) ? trim($_POST['back_zipcode']) : "";
	2765	$mobile = ! empty($_POST['back_mobile']) ? trim($_POST['back_mobile']) : "";
	2766	$postscript = ! empty($_POST['back_postscript']) ? trim($_POST['back_postscript']) : "";
	2767	$imgs = ($_POST['imgs']) ? implode(',', $_POST['imgs']) : '';
	2768	$back_pay = intval($_POST['back_pay']);
	2769	$back_type = intval($_POST['back_type']);
	2770	$back_type_list = $_POST['back_type'];
	2771
	2772	if(! $order_id)
	2773	{
	2774	show_message('对不起，您进行了错误操作！');
	2775	exit();
	2776	}
	2777
	2778	$sql = "select * from " . $ecs->table('order_info') . " where order_id='$order_id' ";
	2779	$order_info = $db->getRow($sql);
	2780
	2781	if(empty($order_info))
	2782	{
	2783	show_message('对不起，此订单不存在！');
	2784	exit();
	2785	}
	2786
	2787	if ($_POST['order_all'])
	2788	{
	2789	$order_sn = $order_info['order_sn'];
	2790	$goods_id = 0;
	2791
	2792	$sql_og = "SELECT * FROM " . $GLOBALS['ecs']->table('order_goods') . " WHERE order_id = " . $order_id;
	2793	$order_info['goods_list'] = $GLOBALS['db']->getAll($sql_og);
	2794	}
	2795
	2796	$sql = "insert into " . $ecs->table('back_order') . "(order_sn, order_id, goods_id, user_id, shipping_fee, consignee, address, " . "zipcode, mobile, add_time, postscript , back_reason, goods_name, imgs, back_pay, country, province, city, district, back_type, status_back, supplier_id) " . " values('$order_sn', '$order_id', '$goods_id', '$user_id', '$order_info[shipping_fee]', '$consignee', '$address', " . "'$zipcode', '$mobile', '$add_time', '$postscript', '$back_reason', '$goods_name', '$imgs', '$back_pay', '$country', '$province', '$city', '$district', '$back_type', '5', '$order_info[supplier_id]')";
	2797
	2798	$db->query($sql);
	2799
	2800	// 插入退换货商品 80_back_goods
	2801	$back_id = $db->insert_id();
	2802	$have_tuikuan = 0; // 是否有退货
	2803	// foreach($back_type_list as $back_type)
	2804	// {
	2805	if($back_type == 1)
	2806	{
	2807	$have_tuikuan = 1;
	2808	$tui_goods_number = $_REQUEST['tui_goods_number'] ? intval($_REQUEST['tui_goods_number']) : 1;
	2809	$sql = "insert into " . $ecs->table('back_goods') . "(back_id, goods_id, goods_name, goods_sn, product_id, goods_attr, back_type, " . "back_goods_number, back_goods_price, status_back ) " . " values('$back_id', '$goods_id', '$goods_name', '$goods_sn', '$_REQUEST[product_id_tui]', '$_REQUEST[goods_attr_tui]', '0', " . " '$tui_goods_number', '$_REQUEST[tui_goods_price]', '5') ";
	2810	$db->query($sql);
	2811	}
	2812	if($back_type == 4)
	2813	{
	2814	$have_tuikuan = 1;
	2815	$have_tuikuan2 = 1;
	2816	$price_refund_all = 0;
	2817
	2818	foreach($order_info['goods_list'] as $goods_info)
	2819	{
	2820	$price_refund_all += ($goods_info['goods_price'] * $goods_info['goods_number']);
	2821
	2822	$sql = "INSERT INTO " . $GLOBALS['ecs']->table('back_goods') . "(back_id, goods_id, goods_name, goods_sn, product_id, goods_attr, back_type, " . "back_goods_number, back_goods_price, status_back) " . " values('$back_id', '".$goods_info['goods_id']."', '".$goods_info['goods_name']."', '".$goods_info['goods_sn']."', '".$goods_info['product_id']."', '".$goods_info['goods_attr']."', '4', '".$goods_info['goods_number']."', '".$goods_info['goods_price']."', '5') ";
	2823	$db->query($sql);
	2824	}
	2825	}
	2826	if($back_type == 2)
	2827	{
	2828	$huan_count = count($_POST['product_id_huan']);
	2829	if($huan_count)
	2830	{
	2831	$sql = "insert into " . $ecs->table('back_goods') . "(back_id, goods_id, goods_name, goods_sn, product_id, goods_attr, back_type, status_refund, back_goods_number, status_back) " . " values('$back_id', '$goods_id', '$goods_name', '$goods_sn', '$_REQUEST[product_id_tui]', '$_REQUEST[goods_attr_tui]', '1', '9', '$huan_count', '5') ";
	2832	$db->query($sql);
	2833	$parent_id_huan = $db->insert_id();
	2834	foreach($_POST['product_id_huan'] as $pid_key => $pid_huan)
	2835	{
	2836	$sql = "insert into " . $ecs->table('back_goods') . "(back_id, goods_id, goods_name, goods_sn, product_id, goods_attr, back_type, parent_id, status_refund, back_goods_number, status_back) " . "values('$back_id', '$goods_id', '$goods_name', '$goods_sn', '$pid_huan', '" . $_POST['goods_attr_huan'][$pid_key] . "', '2', '$parent_id_huan', '9', '1', '5')";
	2837	$db->query($sql);
	2838	}
	2839	}
	2840	}
	2841	if($back_type == 3)
	2842	{
	2843	$have_weixiu = 1;
	2844	$tui_goods_number = $_REQUEST['tui_goods_number'] ? intval($_REQUEST['tui_goods_number']) : 1;
	2845	$sql = "insert into " . $ecs->table('back_goods') . "(back_id, goods_id, goods_name, goods_sn, product_id, goods_attr, back_type, " . "back_goods_number, back_goods_price, status_back) " . " values('$back_id', '$goods_id', '$goods_name', '$goods_sn', '$_REQUEST[product_id_tui]', '$_REQUEST[goods_attr_tui]', '3', " . " '$tui_goods_number', '$_REQUEST[tui_goods_price]', '5') ";
	2846	$db->query($sql);
	2847	}
	2848	// }
	2849
	2850	/* 更新back_order */
	2851	if($have_tuikuan)
	2852	{
	2853	if ($_POST['order_all'])
	2854	{
	2855	$price_refund = $GLOBALS['db']->getOne("SELECT money_paid FROM " . $GLOBALS['ecs']->table('order_info') . " WHERE order_id = " . $order_id);
	2856	}
	2857	else
	2858	{
	2859	$price_refund = $_REQUEST['tui_goods_price'] * $tui_goods_number;
	2860	}
	2861	$sql = "update " . $ecs->table('back_order') . " set refund_money_1= '$price_refund' where back_id='$back_id' ";
	2862	$db->query($sql);
	2863	}
	2864	else
	2865	{
	2866	$sql = "update " . $ecs->table('back_order') . " set status_refund= '9' where back_id='$back_id' ";
	2867	$db->query($sql);
	2868	}
	2869
	2870	if($have_tuikuan2)
	2871	{
	2872	$smarty->assign('back_act_w', 'tuikuan');
	2873	}
	2874	else if($have_weixiu)
	2875	{
	2876	$smarty->assign('back_act_w', 'weixiu');
	2877	}
	2878	else
	2879	{
	2880	$smarty->assign('back_act_w', 'tuihuo');
	2881	}
	2882
	2883	$smarty->assign('back_consignee', $consignee);
	2884	$smarty->assign('back_address', $address);
	2885	$smarty->assign('back_zipcode', $zipcode);
	2886
	2887	$smarty->display('user_transaction.dwt');
	2888	}
	2889
	2890	// AJAX调用
	2891	function action_add_huan_goods ()
	2892	{
	2893	$user = $GLOBALS['user'];
	2894	$_CFG = $GLOBALS['_CFG'];
	2895	$_LANG = $GLOBALS['_LANG'];
	2896	$smarty = $GLOBALS['smarty'];
	2897	$db = $GLOBALS['db'];
	2898	$ecs = $GLOBALS['ecs'];
	2899	$user_id = $_SESSION['user_id'];
	2900
	2901	include_once ('includes/cls_json.php');
	2902	include_once ('includes/lib_order.php');
	2903	$json = new JSON();
	2904
	2905	$result = array(
	2906	'error' => 0, 'content' => ''
	2907	);
	2908
	2909	$_POST['goods'] = strip_tags(urldecode($_POST['goods']));
	2910	$_POST['goods'] = json_str_iconv($_POST['goods']);
	2911	$goods = $json->decode($_POST['goods']);
	2912	$spec = $goods->spec;
	2913	$goods_id = $goods->goods_id;
	2914	$goods_name = $db->getOne("select goods_name from " . $ecs->table('goods') . " where goods_id='$goods_id' ");
	2915
	2916	/* 如果商品有规格则取规格商品信息配件除外 */
	2917	$sql = "SELECT * FROM " . $GLOBALS['ecs']->table('products') . " WHERE goods_id = '$goods_id' LIMIT 0, 1";
	2918	$prod = $GLOBALS['db']->getRow($sql);
	2919	if(is_spec($spec) && ! empty($prod))
	2920	{
	2921	$product_info = get_products_info($goods_id, $spec);
	2922	}
	2923	$goods_attr = get_goods_attr_info($spec);
	2924
	2925	$result['error'] = 1;
	2926	$result['goods_name'] = $goods_name . " ";
	2927	$result['product_id'] = $product_info['product_id'];
	2928	$result['product_id'] = $result['product_id'] == 'null' ? '0' : intval($result['product_id']);
	2929	$result['content'] = addslashes($goods_attr);
	2930	die($json->encode($result));
	2931	}
	2932
	2933	/* 代码增加_end By */
	2934
	2935	/* 取消订单 */
	2936	function action_cancel_order ()
	2937	{
	2938	$user = $GLOBALS['user'];
	2939	$_CFG = $GLOBALS['_CFG'];
	2940	$_LANG = $GLOBALS['_LANG'];
	2941	$smarty = $GLOBALS['smarty'];
	2942	$db = $GLOBALS['db'];
	2943	$ecs = $GLOBALS['ecs'];
	2944	$user_id = $_SESSION['user_id'];
	2945
	2946	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	2947	include_once (ROOT_PATH . 'includes/lib_order.php');
	2948
	2949	$order_id = isset($_GET['order_id']) ? intval($_GET['order_id']) : 0;
	2950
	2951	if(cancel_order($order_id, $user_id))
	2952	{
	2953	ecs_header("Location: user.php?act=order_list\n");
	2954	exit();
	2955	}
	2956	else
	2957	{
	2958	$err->show($_LANG['order_list_lnk'], 'user.php?act=order_list');
	2959	}
	2960	}
	2961
	2962	/* 收货地址列表界面 */
	2963	function action_address_list ()
	2964	{
	2965	$user = $GLOBALS['user'];
	2966	$_CFG = $GLOBALS['_CFG'];
	2967	$_LANG = $GLOBALS['_LANG'];
	2968	$smarty = $GLOBALS['smarty'];
	2969	$db = $GLOBALS['db'];
	2970	$ecs = $GLOBALS['ecs'];
	2971	$user_id = $_SESSION['user_id'];
	2972
	2973	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	2974	include_once (ROOT_PATH . 'languages/' . $_CFG['lang'] . '/shopping_flow.php');
	2975	$smarty->assign('lang', $_LANG);
	2976
	2977	/* 取得国家列表、商店所在国家、商店所在国家的省列表 */
	2978	$smarty->assign('country_list', get_regions());
	2979	$smarty->assign('shop_province_list', get_regions(1, $_CFG['shop_country']));
	2980
	2981	/* 获得用户所有的收货人信息 */
	2982	$consignee_list = get_consignee_list($_SESSION['user_id']);
	2983
	2984	if(count($consignee_list) < 5 && $_SESSION['user_id'] > 0)
	2985	{
	2986	/* 如果用户收货人信息的总数小于5 则增加一个新的收货人信息 */
	2987	$consignee_list[] = array(
	2988	// 如果Session中有有效的email则放入
	2989	'country' => $_CFG['shop_country'], 'email' => isset($_SESSION['email']) && is_email($_SESSION['email']) ? $_SESSION['email'] : ''
	2990	);
	2991	}
	2992
	2993	$smarty->assign('consignee_list', $consignee_list);
	2994
	2995	// 取得国家列表，如果有收货人列表，取得省市区列表
	2996	foreach($consignee_list as $region_id => $consignee)
	2997	{
	2998	$consignee['country'] = isset($consignee['country']) ? intval($consignee['country']) : 0;
	2999	$consignee['province'] = isset($consignee['province']) ? intval($consignee['province']) : 0;
	3000	$consignee['city'] = isset($consignee['city']) ? intval($consignee['city']) : 0;
	3001
	3002	$province_list[$region_id] = get_regions(1, $consignee['country']);
	3003	$city_list[$region_id] = get_regions(2, $consignee['province']);
	3004	$district_list[$region_id] = get_regions(3, $consignee['city']);
	3005	}
	3006
	3007	/* 获取默认收货ID */
	3008	$address_id = $db->getOne("SELECT address_id FROM " . $ecs->table('users') . " WHERE user_id='$user_id'");
	3009
	3010	// 赋值于模板
	3011	$smarty->assign('real_goods_count', 1);
	3012	$smarty->assign('shop_country', $_CFG['shop_country']);
	3013	$smarty->assign('shop_province', get_regions(1, $_CFG['shop_country']));
	3014	$smarty->assign('province_list', $province_list);
	3015	$smarty->assign('address', $address_id);
	3016	$smarty->assign('city_list', $city_list);
	3017	$smarty->assign('district_list', $district_list);
	3018	$smarty->assign('currency_format', $_CFG['currency_format']);
	3019	$smarty->assign('integral_scale', $_CFG['integral_scale']);
	3020	$smarty->assign('name_of_region', array(
	3021	$_CFG['name_of_region_1'], $_CFG['name_of_region_2'], $_CFG['name_of_region_3'], $_CFG['name_of_region_4']
	3022	));
	3023
	3024	$smarty->display('user_transaction.dwt');
	3025	}
	3026
	3027	/* 添加/编辑收货地址的处理 */
	3028	function action_act_edit_address ()
	3029	{
	3030	$user = $GLOBALS['user'];
	3031	$_CFG = $GLOBALS['_CFG'];
	3032	$_LANG = $GLOBALS['_LANG'];
	3033	$smarty = $GLOBALS['smarty'];
	3034	$db = $GLOBALS['db'];
	3035	$ecs = $GLOBALS['ecs'];
	3036	$user_id = $_SESSION['user_id'];
	3037
	3038	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	3039	include_once (ROOT_PATH . 'languages/' . $_CFG['lang'] . '/shopping_flow.php');
	3040	$smarty->assign('lang', $_LANG);
	3041
	3042	$address = array(
	3043	'user_id' => $user_id, 'address_id' => intval($_POST['address_id']), 'country' => isset($_POST['country']) ? intval($_POST['country']) : 0, 'province' => isset($_POST['province']) ? intval($_POST['province']) : 0, 'city' => isset($_POST['city']) ? intval($_POST['city']) : 0, 'district' => isset($_POST['district']) ? intval($_POST['district']) : 0, 'address' => isset($_POST['address']) ? compile_str(trim($_POST['address'])) : '', 'consignee' => isset($_POST['consignee']) ? compile_str(trim($_POST['consignee'])) : '', 'email' => isset($_POST['email']) ? compile_str(trim($_POST['email'])) : '', 'tel' => isset($_POST['tel']) ? compile_str(make_semiangle(trim($_POST['tel']))) : '', 'mobile' => isset($_POST['mobile']) ? compile_str(make_semiangle(trim($_POST['mobile']))) : '',
	3044	'best_time' => isset($_POST['best_time']) ? compile_str(trim($_POST['best_time'])) : '', 'sign_building' => isset($_POST['sign_building']) ? compile_str(trim($_POST['sign_building'])) : '', 'zipcode' => isset($_POST['zipcode']) ? compile_str(make_semiangle(trim($_POST['zipcode']))) : ''
	3045	);
	3046
	3047	if(update_address($address))
	3048	{
	3049	show_message($_LANG['edit_address_success'], $_LANG['address_list_lnk'], 'user.php?act=address_list');
	3050	}
	3051	}
	3052
	3053	/* 删除收货地址 */
	3054	function action_drop_consignee ()
	3055	{
	3056	$user = $GLOBALS['user'];
	3057	$_CFG = $GLOBALS['_CFG'];
	3058	$_LANG = $GLOBALS['_LANG'];
	3059	$smarty = $GLOBALS['smarty'];
	3060	$db = $GLOBALS['db'];
	3061	$ecs = $GLOBALS['ecs'];
	3062	$user_id = $_SESSION['user_id'];
	3063
	3064	include_once ('includes/lib_transaction.php');
	3065
	3066	$consignee_id = intval($_GET['id']);
	3067
	3068	if(drop_consignee($consignee_id))
	3069	{
	3070	ecs_header("Location: user.php?act=address_list\n");
	3071	exit();
	3072	}
	3073	else
	3074	{
	3075	show_message($_LANG['del_address_false']);
	3076	}
	3077	}
	3078
	3079	/* 显示收藏商品列表 */
	3080	function action_collection_list ()
	3081	{
	3082	$user = $GLOBALS['user'];
	3083	$_CFG = $GLOBALS['_CFG'];
	3084	$_LANG = $GLOBALS['_LANG'];
	3085	$smarty = $GLOBALS['smarty'];
	3086	$db = $GLOBALS['db'];
	3087	$ecs = $GLOBALS['ecs'];
	3088	$user_id = $_SESSION['user_id'];
	3089	$action = $GLOBALS['action'];
	3090
	3091	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3092
	3093	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	3094
	3095	$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('collect_goods') . " WHERE user_id='$user_id' ORDER BY add_time DESC");
	3096
	3097	$pager = get_pager('user.php', array(
	3098	'act' => $action
	3099	), $record_count, $page);
	3100	$smarty->assign('pager', $pager);
	3101	$smarty->assign('goods_list', get_collection_goods($user_id, $pager['size'], $pager['start']));
	3102	$smarty->assign('url', $ecs->url());
	3103	$lang_list = array(
	3104	'UTF8' => $_LANG['charset']['utf8'], 'GB2312' => $_LANG['charset']['zh_cn'], 'BIG5' => $_LANG['charset']['zh_tw']
	3105	);
	3106	$smarty->assign('lang_list', $lang_list);
	3107	$smarty->assign('user_id', $user_id);
	3108	$smarty->display('user_clips.dwt');
	3109	}
	3110
	3111	/* 删除收藏的商品 */
	3112	function action_delete_collection ()
	3113	{
	3114	$user = $GLOBALS['user'];
	3115	$_CFG = $GLOBALS['_CFG'];
	3116	$_LANG = $GLOBALS['_LANG'];
	3117	$smarty = $GLOBALS['smarty'];
	3118	$db = $GLOBALS['db'];
	3119	$ecs = $GLOBALS['ecs'];
	3120	$user_id = $_SESSION['user_id'];
	3121
	3122	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3123
	3124	$collection_id = isset($_GET['collection_id']) ? intval($_GET['collection_id']) : 0;
	3125
	3126	if($collection_id > 0)
	3127	{
	3128	$db->query('DELETE FROM ' . $ecs->table('collect_goods') . " WHERE rec_id='$collection_id' AND user_id ='$user_id'");
	3129	}
	3130
	3131	ecs_header("Location: user.php?act=collection_list\n");
	3132	exit();
	3133	}
	3134
	3135	/* 添加关注商品 */
	3136	function action_add_to_attention ()
	3137	{
	3138	$user = $GLOBALS['user'];
	3139	$_CFG = $GLOBALS['_CFG'];
	3140	$_LANG = $GLOBALS['_LANG'];
	3141	$smarty = $GLOBALS['smarty'];
	3142	$db = $GLOBALS['db'];
	3143	$ecs = $GLOBALS['ecs'];
	3144	$user_id = $_SESSION['user_id'];
	3145
	3146	$rec_id = (int)$_GET['rec_id'];
	3147	if($rec_id)
	3148	{
	3149	$db->query('UPDATE ' . $ecs->table('collect_goods') . "SET is_attention = 1 WHERE rec_id='$rec_id' AND user_id ='$user_id'");
	3150	}
	3151	ecs_header("Location: user.php?act=collection_list\n");
	3152	exit();
	3153	}
	3154
	3155	/* 取消关注商品 */
	3156	function action_del_attention ()
	3157	{
	3158	$user = $GLOBALS['user'];
	3159	$_CFG = $GLOBALS['_CFG'];
	3160	$_LANG = $GLOBALS['_LANG'];
	3161	$smarty = $GLOBALS['smarty'];
	3162	$db = $GLOBALS['db'];
	3163	$ecs = $GLOBALS['ecs'];
	3164	$user_id = $_SESSION['user_id'];
	3165
	3166	$rec_id = (int)$_GET['rec_id'];
	3167	if($rec_id)
	3168	{
	3169	$db->query('UPDATE ' . $ecs->table('collect_goods') . "SET is_attention = 0 WHERE rec_id='$rec_id' AND user_id ='$user_id'");
	3170	}
	3171	ecs_header("Location: user.php?act=collection_list\n");
	3172	exit();
	3173	}
	3174
	3175	/* 显示关注的店铺列表 */
	3176	function action_follow_shop ()
	3177	{
	3178	$user = $GLOBALS['user'];
	3179	$_CFG = $GLOBALS['_CFG'];
	3180	$_LANG = $GLOBALS['_LANG'];
	3181	$smarty = $GLOBALS['smarty'];
	3182	$db = $GLOBALS['db'];
	3183	$ecs = $GLOBALS['ecs'];
	3184	$user_id = $_SESSION['user_id'];
	3185	$action = $GLOBALS['action'];
	3186
	3187	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3188
	3189	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	3190
	3191	$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('supplier_guanzhu') . " WHERE userid='$user_id'");
	3192
	3193	$pager = get_pager('user.php', array(
	3194	'act' => $action
	3195	), $record_count, $page);
	3196	$smarty->assign('pager', $pager);
	3197	$smarty->assign('shop_list', get_follow_shops($user_id, $pager['size'], $pager['start']));
	3198	$smarty->assign('url', $ecs->url());
	3199	$lang_list = array(
	3200	'UTF8' => $_LANG['charset']['utf8'], 'GB2312' => $_LANG['charset']['zh_cn'], 'BIG5' => $_LANG['charset']['zh_tw']
	3201	);
	3202	$smarty->assign('lang_list', $lang_list);
	3203	$smarty->assign('user_id', $user_id);
	3204	$smarty->display('user_clips.dwt');
	3205	}
	3206
	3207	/* 取消关注商品 */
	3208	function action_del_follow ()
	3209	{
	3210	$user = $GLOBALS['user'];
	3211	$_CFG = $GLOBALS['_CFG'];
	3212	$_LANG = $GLOBALS['_LANG'];
	3213	$smarty = $GLOBALS['smarty'];
	3214	$db = $GLOBALS['db'];
	3215	$ecs = $GLOBALS['ecs'];
	3216	$user_id = $_SESSION['user_id'];
	3217
	3218	$rec_id = (int)$_GET['rec_id'];
	3219	if($rec_id)
	3220	{
	3221	$db->query('DELETE FROM ' . $ecs->table('supplier_guanzhu') . " WHERE id='$rec_id' AND userid ='$user_id'");
	3222	}
	3223	ecs_header("Location: user.php?act=follow_shop\n");
	3224	exit();
	3225	}
	3226
	3227	/* 显示留言列表 */
	3228	function action_message_list ()
	3229	{
	3230	$user = $GLOBALS['user'];
	3231	$_CFG = $GLOBALS['_CFG'];
	3232	$_LANG = $GLOBALS['_LANG'];
	3233	$smarty = $GLOBALS['smarty'];
	3234	$db = $GLOBALS['db'];
	3235	$ecs = $GLOBALS['ecs'];
	3236	$user_id = $_SESSION['user_id'];
	3237	$action = $GLOBALS['action'];
	3238
	3239	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3240
	3241	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	3242
	3243	$order_id = empty($_GET['order_id']) ? 0 : intval($_GET['order_id']);
	3244	$order_info = array();
	3245
	3246	/* 获取用户留言的数量 */
	3247	if($order_id)
	3248	{
	3249	$sql = "SELECT COUNT(*) FROM " . $ecs->table('feedback') . " WHERE parent_id = 0 AND order_id = '$order_id' AND user_id = '$user_id'";
	3250	$order_info = $db->getRow("SELECT * FROM " . $ecs->table('order_info') . " WHERE order_id = '$order_id' AND user_id = '$user_id'");
	3251	$order_info['url'] = 'user.php?act=order_detail&order_id=' . $order_id;
	3252	}
	3253	else
	3254	{
	3255	$sql = "SELECT COUNT(*) FROM " . $ecs->table('feedback') . " WHERE parent_id = 0 AND user_id = '$user_id' AND user_name = '" . $_SESSION['user_name'] . "' AND order_id=0";
	3256	}
	3257
	3258	$record_count = $db->getOne($sql);
	3259	$act = array(
	3260	'act' => $action
	3261	);
	3262
	3263	if($order_id != '')
	3264	{
	3265	$act['order_id'] = $order_id;
	3266	}
	3267
	3268	$pager = get_pager('user.php', $act, $record_count, $page, 5);
	3269
	3270	$smarty->assign('message_list', get_message_list($user_id, $_SESSION['user_name'], $pager['size'], $pager['start'], $order_id));
	3271	$smarty->assign('pager', $pager);
	3272	$smarty->assign('order_info', $order_info);
	3273	$smarty->display('user_clips.dwt');
	3274	}
	3275
	3276	/* 显示评论列表 */
	3277	function action_comment_list ()
	3278	{
	3279	$user = $GLOBALS['user'];
	3280	$_CFG = $GLOBALS['_CFG'];
	3281	$_LANG = $GLOBALS['_LANG'];
	3282	$smarty = $GLOBALS['smarty'];
	3283	$db = $GLOBALS['db'];
	3284	$ecs = $GLOBALS['ecs'];
	3285	$user_id = $_SESSION['user_id'];
	3286	$action = $GLOBALS['action'];
	3287
	3288	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3289
	3290	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	3291
	3292	/* 获取用户留言的数量 */
	3293	$sql = "SELECT COUNT(*) FROM " . $ecs->table('comment') . " WHERE parent_id = 0 AND user_id = '$user_id'";
	3294	$record_count = $db->getOne($sql);
	3295	$pager = get_pager('user.php', array(
	3296	'act' => $action
	3297	), $record_count, $page, 5);
	3298
	3299	$smarty->assign('comment_list', get_comment_list($user_id, $pager['size'], $pager['start']));
	3300	$smarty->assign('pager', $pager);
	3301	$smarty->display('user_clips.dwt');
	3302	}
	3303
	3304	/* 添加我的留言 */
	3305	function action_act_add_message ()
	3306	{
	3307	$user = $GLOBALS['user'];
	3308	$_CFG = $GLOBALS['_CFG'];
	3309	$_LANG = $GLOBALS['_LANG'];
	3310	$smarty = $GLOBALS['smarty'];
	3311	$db = $GLOBALS['db'];
	3312	$ecs = $GLOBALS['ecs'];
	3313	$user_id = $_SESSION['user_id'];
	3314
	3315	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3316
	3317	$message = array(
	3318	'user_id' => $user_id, 'user_name' => $_SESSION['user_name'], 'user_email' => $_SESSION['email'], 'msg_type' => isset($_POST['msg_type']) ? intval($_POST['msg_type']) : 0, 'msg_title' => isset($_POST['msg_title']) ? trim($_POST['msg_title']) : '', 'msg_content' => isset($_POST['msg_content']) ? trim($_POST['msg_content']) : '', 'order_id' => empty($_POST['order_id']) ? 0 : intval($_POST['order_id']), 'upload' => (isset($_FILES['message_img']['error']) && $_FILES['message_img']['error'] == 0) \|\| (! isset($_FILES['message_img']['error']) && isset($_FILES['message_img']['tmp_name']) && $_FILES['message_img']['tmp_name'] != 'none') ? $_FILES['message_img'] : array()
	3319	);
	3320
	3321	if(add_message($message))
	3322	{
	3323	show_message($_LANG['add_message_success'], $_LANG['message_list_lnk'], 'user.php?act=message_list&order_id=' . $message['order_id'], 'info');
	3324	}
	3325	else
	3326	{
	3327	$err->show($_LANG['message_list_lnk'], 'user.php?act=message_list');
	3328	}
	3329	}
	3330
	3331	/* 标签云列表 */
	3332	function action_tag_list ()
	3333	{
	3334	$user = $GLOBALS['user'];
	3335	$_CFG = $GLOBALS['_CFG'];
	3336	$_LANG = $GLOBALS['_LANG'];
	3337	$smarty = $GLOBALS['smarty'];
	3338	$db = $GLOBALS['db'];
	3339	$ecs = $GLOBALS['ecs'];
	3340	$user_id = $_SESSION['user_id'];
	3341
	3342	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3343
	3344	$good_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	3345
	3346	$smarty->assign('tags', get_user_tags($user_id));
	3347	$smarty->assign('tags_from', 'user');
	3348	$smarty->display('user_clips.dwt');
	3349	}
	3350
	3351	/* 删除标签云的处理 */
	3352	function action_act_del_tag ()
	3353	{
	3354	$user = $GLOBALS['user'];
	3355	$_CFG = $GLOBALS['_CFG'];
	3356	$_LANG = $GLOBALS['_LANG'];
	3357	$smarty = $GLOBALS['smarty'];
	3358	$db = $GLOBALS['db'];
	3359	$ecs = $GLOBALS['ecs'];
	3360	$user_id = $_SESSION['user_id'];
	3361
	3362	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3363
	3364	$tag_words = isset($_GET['tag_words']) ? trim($_GET['tag_words']) : '';
	3365	delete_tag($tag_words, $user_id);
	3366
	3367	ecs_header("Location: user.php?act=tag_list\n");
	3368	exit();
	3369	}
	3370
	3371	/* 显示缺货登记列表 */
	3372	function action_booking_list ()
	3373	{
	3374	$user = $GLOBALS['user'];
	3375	$_CFG = $GLOBALS['_CFG'];
	3376	$_LANG = $GLOBALS['_LANG'];
	3377	$smarty = $GLOBALS['smarty'];
	3378	$db = $GLOBALS['db'];
	3379	$ecs = $GLOBALS['ecs'];
	3380	$user_id = $_SESSION['user_id'];
	3381	$action = $GLOBALS['action'];
	3382
	3383	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3384
	3385	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	3386
	3387	/* 获取缺货登记的数量 */
	3388	$sql = "SELECT COUNT(*) " . "FROM " . $ecs->table('booking_goods') . " AS bg, " . $ecs->table('goods') . " AS g " . "WHERE bg.goods_id = g.goods_id AND user_id = '$user_id'";
	3389	$record_count = $db->getOne($sql);
	3390	$pager = get_pager('user.php', array(
	3391	'act' => $action
	3392	), $record_count, $page);
	3393	// jx 缺货信息添加商家名称和商品图片
	3394	$booking = get_booking_list($user_id, $pager['size'], $pager['start']);
	3395	foreach($booking as $key => $value)
	3396	{
	3397	if($value['supplier_id'] == 0)
	3398	{
	3399	$sql = "SELECT value FROM" . $ecs->table('shop_config') . "WHERE code='shop_name'";
	3400	$booking[$key]['supplier_id'] = $value['supplier_id'];
	3401	$booking[$key]['supplier_name'] = $db->getOne($sql);
	3402	}
	3403	else
	3404	{
	3405	$sql = "SELECT supplier_name FROM " . $ecs->table('supplier') . "WHERE supplier_id='" . $value['supplier_id'] . "'";
	3406	$booking[$key]['supplier_id'] = $value['supplier_id'];
	3407	$booking[$key]['supplier_name'] = $db->getOne($sql);
	3408	}
	3409	}
	3410	$smarty->assign('booking_list', $booking);
	3411	$smarty->assign('pager', $pager);
	3412	$smarty->display('user_clips.dwt');
	3413	}
	3414
	3415	/* 添加缺货登记页面 */
	3416	function action_add_booking ()
	3417	{
	3418	$user = $GLOBALS['user'];
	3419	$_CFG = $GLOBALS['_CFG'];
	3420	$_LANG = $GLOBALS['_LANG'];
	3421	$smarty = $GLOBALS['smarty'];
	3422	$db = $GLOBALS['db'];
	3423	$ecs = $GLOBALS['ecs'];
	3424	$user_id = $_SESSION['user_id'];
	3425
	3426	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3427
	3428	$goods_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	3429	if($goods_id == 0)
	3430	{
	3431	show_message($_LANG['no_goods_id'], $_LANG['back_page_up'], '', 'error');
	3432	}
	3433
	3434	/* 根据规格属性获取货品规格信息 */
	3435	$goods_attr = '';
	3436	if($_GET['spec'] != '')
	3437	{
	3438	$goods_attr_id = $_GET['spec'];
	3439
	3440	$attr_list = array();
	3441	$sql = "SELECT a.attr_name, g.attr_value " . "FROM " . $ecs->table('goods_attr') . " AS g, " . $ecs->table('attribute') . " AS a " . "WHERE g.attr_id = a.attr_id " . "AND g.goods_attr_id " . db_create_in($goods_attr_id);
	3442	$res = $db->query($sql);
	3443	while($row = $db->fetchRow($res))
	3444	{
	3445	$attr_list[] = $row['attr_name'] . ': ' . $row['attr_value'];
	3446	}
	3447	$goods_attr = join(chr(13) . chr(10), $attr_list);
	3448	}
	3449	$smarty->assign('goods_attr', $goods_attr);
	3450
	3451	$smarty->assign('info', get_goodsinfo($goods_id));
	3452	$smarty->display('user_clips.dwt');
	3453	}
	3454
	3455	/* 添加缺货登记的处理 */
	3456	function action_act_add_booking ()
	3457	{
	3458	$user = $GLOBALS['user'];
	3459	$_CFG = $GLOBALS['_CFG'];
	3460	$_LANG = $GLOBALS['_LANG'];
	3461	$smarty = $GLOBALS['smarty'];
	3462	$db = $GLOBALS['db'];
	3463	$ecs = $GLOBALS['ecs'];
	3464	$user_id = $_SESSION['user_id'];
	3465
	3466	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3467
	3468	$booking = array(
	3469	'goods_id' => isset($_POST['id']) ? intval($_POST['id']) : 0, 'goods_amount' => isset($_POST['number']) ? intval($_POST['number']) : 0, 'desc' => isset($_POST['desc']) ? trim($_POST['desc']) : '', 'linkman' => isset($_POST['linkman']) ? trim($_POST['linkman']) : '', 'email' => isset($_POST['email']) ? trim($_POST['email']) : '', 'tel' => isset($_POST['tel']) ? trim($_POST['tel']) : '', 'booking_id' => isset($_POST['rec_id']) ? intval($_POST['rec_id']) : 0
	3470	);
	3471
	3472	// 查看此商品是否已经登记过
	3473	$rec_id = get_booking_rec($user_id, $booking['goods_id']);
	3474	if($rec_id > 0)
	3475	{
	3476	show_message($_LANG['booking_rec_exist'], $_LANG['back_page_up'], '', 'error');
	3477	}
	3478
	3479	if(add_booking($booking))
	3480	{
	3481	show_message($_LANG['booking_success'], $_LANG['back_booking_list'], 'user.php?act=booking_list', 'info');
	3482	}
	3483	else
	3484	{
	3485	$err->show($_LANG['booking_list_lnk'], 'user.php?act=booking_list');
	3486	}
	3487	}
	3488
	3489	/* 删除缺货登记 */
	3490	function action_act_del_booking ()
	3491	{
	3492	$user = $GLOBALS['user'];
	3493	$_CFG = $GLOBALS['_CFG'];
	3494	$_LANG = $GLOBALS['_LANG'];
	3495	$smarty = $GLOBALS['smarty'];
	3496	$db = $GLOBALS['db'];
	3497	$ecs = $GLOBALS['ecs'];
	3498	$user_id = $_SESSION['user_id'];
	3499
	3500	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3501
	3502	$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	3503	if($id == 0 \|\| $user_id == 0)
	3504	{
	3505	ecs_header("Location: user.php?act=booking_list\n");
	3506	exit();
	3507	}
	3508
	3509	$result = delete_booking($id, $user_id);
	3510	if($result)
	3511	{
	3512	ecs_header("Location: user.php?act=booking_list\n");
	3513	exit();
	3514	}
	3515	}
	3516
	3517	/* 确认收货 */
	3518	function action_affirm_received ()
	3519	{
	3520	$user = $GLOBALS['user'];
	3521	$_CFG = $GLOBALS['_CFG'];
	3522	$_LANG = $GLOBALS['_LANG'];
	3523	$smarty = $GLOBALS['smarty'];
	3524	$db = $GLOBALS['db'];
	3525	$ecs = $GLOBALS['ecs'];
	3526	$user_id = $_SESSION['user_id'];
	3527	require_once(ROOT_PATH . '/includes/lib_order.php');
	3528	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	3529
	3530	$order_id = isset($_GET['order_id']) ? intval($_GET['order_id']) : 0;
	3531
	3532	if(affirm_received($order_id, $user_id))
	3533	{
	3534	ecs_header("Location: user.php?act=order_list\n");
	3535	exit();
	3536	}
	3537	else
	3538	{
	3539	$err->show($_LANG['order_list_lnk'], 'user.php?act=order_list');
	3540	}
	3541	}
	3542
	3543	/* 会员退款申请界面 */
	3544	function action_account_raply ()
	3545	{
	3546	$user = $GLOBALS['user'];
	3547	$_CFG = $GLOBALS['_CFG'];
	3548	$_LANG = $GLOBALS['_LANG'];
	3549	$smarty = $GLOBALS['smarty'];
	3550	$db = $GLOBALS['db'];
	3551	$ecs = $GLOBALS['ecs'];
	3552	$user_id = $_SESSION['user_id'];
	3553
	3554	$smarty->display('user_transaction.dwt');
	3555	}
	3556
	3557	/* 会员预付款界面 */
	3558	function action_account_deposit ()
	3559	{
	3560	$user = $GLOBALS['user'];
	3561	$_CFG = $GLOBALS['_CFG'];
	3562	$_LANG = $GLOBALS['_LANG'];
	3563	$smarty = $GLOBALS['smarty'];
	3564	$db = $GLOBALS['db'];
	3565	$ecs = $GLOBALS['ecs'];
	3566	$user_id = $_SESSION['user_id'];
	3567
	3568	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3569
	3570	$surplus_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	3571	$account = get_surplus_info($surplus_id);
	3572
	3573	$smarty->assign('payment', get_online_payment_list(false));
	3574
	3575	$smarty->assign('order', $account);
	3576	$smarty->display('user_transaction.dwt');
	3577	}
	3578
	3579	/* 会员账目明细界面 */
	3580	function action_account_detail ()
	3581	{
	3582	$user = $GLOBALS['user'];
	3583	$_CFG = $GLOBALS['_CFG'];
	3584	$_LANG = $GLOBALS['_LANG'];
	3585	$smarty = $GLOBALS['smarty'];
	3586	$db = $GLOBALS['db'];
	3587	$ecs = $GLOBALS['ecs'];
	3588	$user_id = $_SESSION['user_id'];
	3589	$action = $GLOBALS['action'];
	3590
	3591	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3592
	3593	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	3594
	3595	$account_type = 'user_money';
	3596
	3597	/* 获取记录条数 */
	3598	$sql = "SELECT COUNT(*) FROM " . $ecs->table('account_log') . " WHERE user_id = '$user_id'" . " AND $account_type <> 0 ";
	3599	$record_count = $db->getOne($sql);
	3600
	3601	// 分页函数
	3602	$pager = get_pager('user.php', array(
	3603	'act' => $action
	3604	), $record_count, $page);
	3605
	3606	// 获取花费余额
	3607	//$surplus_amount = get_user_surplus($user_id);
	3608	$surplus_amount = get_user_payed($user_id);
	3609	if(empty($surplus_amount))
	3610	{
	3611	$surplus_amount = 0;
	3612	}
	3613	/* /查看账户明细页面获取会员用户的余额 jx 2015-1-1 */
	3614	$surplus_yue = get_user_yue($user_id);
	3615	if(empty($surplus_yue))
	3616	{
	3617	$surplus_yue = 0;
	3618	}
	3619	// 获取余额记录
	3620	$account_log = array();
	3621	$sql = "SELECT * FROM " . $ecs->table('account_log') . " WHERE user_id = '$user_id'" . " AND $account_type <> 0 " . " ORDER BY log_id DESC";
	3622	$res = $GLOBALS['db']->selectLimit($sql, $pager['size'], $pager['start']);
	3623	while($row = $db->fetchRow($res))
	3624	{
	3625	$row['change_time'] = local_date($_CFG['date_format'], $row['change_time']);
	3626	$row['type'] = $row[$account_type] > 0 ? $_LANG['account_inc'] : $_LANG['account_dec'];
	3627	$row['user_money'] = price_format(abs($row['user_money']), false);
	3628	$row['frozen_money'] = price_format(abs($row['frozen_money']), false);
	3629	$row['rank_points'] = abs($row['rank_points']);
	3630	$row['pay_points'] = abs($row['pay_points']);
	3631	$row['short_change_desc'] = sub_str($row['change_desc'], 60);
	3632	$row['amount'] = $row[$account_type];
	3633	$account_log[] = $row;
	3634	}
	3635
	3636	// 模板赋值
	3637	$smarty->assign('surplus_amount', price_format($surplus_amount, false));
	3638	$smarty->assign('account_log', $account_log);
	3639	$smarty->assign('surplus_yue', $surplus_yue);
	3640	$smarty->assign('pager', $pager);
	3641	$smarty->display('user_transaction.dwt');
	3642	}
	3643
	3644	/* 会员充值和提现申请记录 */
	3645	function action_account_log ()
	3646	{
	3647	$user = $GLOBALS['user'];
	3648	$_CFG = $GLOBALS['_CFG'];
	3649	$_LANG = $GLOBALS['_LANG'];
	3650	$smarty = $GLOBALS['smarty'];
	3651	$db = $GLOBALS['db'];
	3652	$ecs = $GLOBALS['ecs'];
	3653	$user_id = $_SESSION['user_id'];
	3654	$action = $GLOBALS['action'];
	3655
	3656	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3657
	3658	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	3659
	3660	/* 获取记录条数 */
	3661	$sql = "SELECT COUNT(*) FROM " . $ecs->table('user_account') . " WHERE user_id = '$user_id'" . " AND process_type " . db_create_in(array(
	3662	SURPLUS_SAVE, SURPLUS_RETURN
	3663	));
	3664	$record_count = $db->getOne($sql);
	3665
	3666	// 分页函数
	3667	$pager = get_pager('user.php', array(
	3668	'act' => $action
	3669	), $record_count, $page);
	3670	/* /查看账户明细页面获取会员用户的余额 jx 2015-1-1 */
	3671	$surplus_yue = get_user_yue($user_id);
	3672	if(empty($surplus_yue))
	3673	{
	3674	$surplus_yue = 0;
	3675	}
	3676	// 获取花费余额
	3677	$surplus_amount = get_user_payed($user_id);
	3678	if(empty($surplus_amount))
	3679	{
	3680	$surplus_amount = 0;
	3681	}
	3682
	3683	// 获取余额记录
	3684	$account_log = get_account_log($user_id, $pager['size'], $pager['start']);
	3685
	3686	// 模板赋值
	3687	$smarty->assign('surplus_amount',$surplus_amount);
	3688	$smarty->assign('account_log', $account_log);
	3689	$smarty->assign('surplus_yue', $surplus_yue);
	3690	$smarty->assign('pager', $pager);
	3691	$smarty->display('user_transaction.dwt');
	3692	}
	3693
	3694	/* 对会员余额申请的处理 */
	3695	function action_act_account ()
	3696	{
	3697	$user = $GLOBALS['user'];
	3698	$_CFG = $GLOBALS['_CFG'];
	3699	$_LANG = $GLOBALS['_LANG'];
	3700	$smarty = $GLOBALS['smarty'];
	3701	$db = $GLOBALS['db'];
	3702	$ecs = $GLOBALS['ecs'];
	3703	$user_id = $_SESSION['user_id'];
	3704
	3705	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3706	include_once (ROOT_PATH . 'includes/lib_order.php');
	3707	$amount = isset($_POST['amount']) ? floatval($_POST['amount']) : 0;
	3708	if($amount <= 0)
	3709	{
	3710	show_message($_LANG['amount_gt_zero']);
	3711	}
	3712
	3713
	3714	/* 变量初始化 */
	3715	$surplus = array(
	3716	'user_id' => $user_id, 'rec_id' => ! empty($_POST['rec_id']) ? intval($_POST['rec_id']) : 0, 'process_type' => isset($_POST['surplus_type']) ? intval($_POST['surplus_type']) : 0, 'payment_id' => isset($_POST['payment_id']) ? intval($_POST['payment_id']) : 0, 'user_note' => isset($_POST['user_note']) ? trim($_POST['user_note']) : '', 'amount' => $amount
	3717	);
	3718
	3719	$payment_info = payment_info($surplus['payment_id']);
	3720	if($payment_info['pay_code'] == 'alipay_bank')
	3721	{
	3722	$surplus['defaultbank'] = isset($_POST['www_68ecshop_com_bank']) ? trim($_POST['www_68ecshop_com_bank']) : '';
	3723	}
	3724
	3725	/* 退款申请的处理 */
	3726	if($surplus['process_type'] == 1)
	3727	{
	3728	/* 判断是否有足够的余额的进行退款的操作 */
	3729	$sur_amount = get_user_surplus($user_id);
	3730	if($amount > $sur_amount)
	3731	{
	3732	$content = $_LANG['surplus_amount_error'];
	3733	show_message($content, $_LANG['back_page_up'], '', 'info');
	3734	}
	3735
	3736	// 插入会员账目明细
	3737	$amount = '-' . $amount;
	3738	$surplus['payment'] = '';
	3739	$surplus['rec_id'] = insert_user_account($surplus, $amount);
	3740
	3741	/* 如果成功提交 */
	3742	if($surplus['rec_id'] > 0)
	3743	{
	3744	$content = $_LANG['surplus_appl_submit'];
	3745	show_message($content, $_LANG['back_account_log'], 'user.php?act=account_log', 'info');
	3746	}
	3747	else
	3748	{
	3749	$content = $_LANG['process_false'];
	3750	show_message($content, $_LANG['back_page_up'], '', 'info');
	3751	}
	3752	}
	3753	/* 如果是会员预付款，跳转到下一步，进行线上支付的操作 */
	3754	else
	3755	{
	3756	if($surplus['payment_id'] <= 0)
	3757	{
	3758	show_message($_LANG['select_payment_pls']);
	3759	}
	3760
	3761	include_once (ROOT_PATH . 'includes/lib_payment.php');
	3762
	3763	// 获取支付方式名称
	3764	$payment_info = array();
	3765	$payment_info = payment_info($surplus['payment_id']);
	3766	$surplus['payment'] = $payment_info['pay_name'];
	3767
	3768	if($surplus['rec_id'] > 0)
	3769	{
	3770	// 更新会员账目明细
	3771	$surplus['rec_id'] = update_user_account($surplus);
	3772	}
	3773	else
	3774	{
	3775	// 插入会员账目明细
	3776	$surplus['rec_id'] = insert_user_account($surplus, $amount);
	3777	}
	3778
	3779	// 取得支付信息，生成支付代码
	3780	$payment = unserialize_config($payment_info['pay_config']);
	3781
	3782	// 生成伪订单号, 不足的时候补0
	3783	$order = array();
	3784	$order['order_sn'] = $surplus['rec_id'];
	3785	$order['user_name'] = $_SESSION['user_name'];
	3786	$order['surplus_amount'] = $amount;
	3787	$order['defaultbank'] = $surplus['defaultbank'];
	3788	// 计算支付手续费用
	3789	$payment_info['pay_fee'] = pay_fee($surplus['payment_id'], $order['surplus_amount'], 0);
	3790
	3791	// 计算此次预付款需要支付的总金额
	3792	$order['order_amount'] = $amount + $payment_info['pay_fee'];
	3793
	3794	// 记录支付log
	3795	$order['log_id'] = insert_pay_log($surplus['rec_id'], $order['order_amount'], $type = PAY_SURPLUS, 0);
	3796
	3797	/* 调用相应的支付方式文件 */
	3798	include_once (ROOT_PATH . 'includes/modules/payment/' . $payment_info['pay_code'] . '.php');
	3799
	3800	/* 取得在线支付方式的支付按钮 */
	3801	$pay_obj = new $payment_info['pay_code']();
	3802	$payment_info['pay_button'] = $pay_obj->get_code($order, $payment);
	3803
	3804	/* 模板赋值 */
	3805	$smarty->assign('payment', $payment_info);
	3806	$smarty->assign('pay_fee', price_format($payment_info['pay_fee'], false));
	3807	$smarty->assign('amount', price_format($amount, false));
	3808	$smarty->assign('order', $order);
	3809	$smarty->display('user_transaction.dwt');
	3810	}
	3811	}
	3812
	3813	/* 删除会员余额 */
	3814	function action_cancel ()
	3815	{
	3816	$user = $GLOBALS['user'];
	3817	$_CFG = $GLOBALS['_CFG'];
	3818	$_LANG = $GLOBALS['_LANG'];
	3819	$smarty = $GLOBALS['smarty'];
	3820	$db = $GLOBALS['db'];
	3821	$ecs = $GLOBALS['ecs'];
	3822	$user_id = $_SESSION['user_id'];
	3823
	3824	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3825
	3826	$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	3827	if($id == 0 \|\| $user_id == 0)
	3828	{
	3829	ecs_header("Location: user.php?act=account_log\n");
	3830	exit();
	3831	}
	3832
	3833	$result = del_user_account($id, $user_id);
	3834	if($result)
	3835	{
	3836	ecs_header("Location: user.php?act=account_log\n");
	3837	exit();
	3838	}
	3839	}
	3840
	3841	/* 会员通过帐目明细列表进行再付款的操作 */
	3842	function action_pay ()
	3843	{
	3844	$user = $GLOBALS['user'];
	3845	$_CFG = $GLOBALS['_CFG'];
	3846	$_LANG = $GLOBALS['_LANG'];
	3847	$smarty = $GLOBALS['smarty'];
	3848	$db = $GLOBALS['db'];
	3849	$ecs = $GLOBALS['ecs'];
	3850	$user_id = $_SESSION['user_id'];
	3851
	3852	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3853	include_once (ROOT_PATH . 'includes/lib_payment.php');
	3854	include_once (ROOT_PATH . 'includes/lib_order.php');
	3855
	3856	// 变量初始化
	3857	$surplus_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	3858	$payment_id = isset($_GET['pid']) ? intval($_GET['pid']) : 0;
	3859
	3860	if($surplus_id == 0)
	3861	{
	3862	ecs_header("Location: user.php?act=account_log\n");
	3863	exit();
	3864	}
	3865
	3866	// 如果原来的支付方式已禁用或者已删除, 重新选择支付方式
	3867	if($payment_id == 0)
	3868	{
	3869	ecs_header("Location: user.php?act=account_deposit&id=" . $surplus_id . "\n");
	3870	exit();
	3871	}
	3872
	3873	// 获取单条会员帐目信息
	3874	$order = array();
	3875	$order = get_surplus_info($surplus_id);
	3876
	3877	// 支付方式的信息
	3878	$payment_info = array();
	3879	$payment_info = payment_info($payment_id);
	3880
	3881	/* 如果当前支付方式没有被禁用，进行支付的操作 */
	3882	if(! empty($payment_info))
	3883	{
	3884	// 取得支付信息，生成支付代码
	3885	$payment = unserialize_config($payment_info['pay_config']);
	3886
	3887	// 生成伪订单号
	3888	$order['order_sn'] = $surplus_id;
	3889
	3890	// 获取需要支付的log_id
	3891	$order['log_id'] = get_paylog_id($surplus_id, $pay_type = PAY_SURPLUS);
	3892
	3893	$order['user_name'] = $_SESSION['user_name'];
	3894	$order['surplus_amount'] = $order['amount'];
	3895
	3896	// 计算支付手续费用
	3897	$payment_info['pay_fee'] = pay_fee($payment_id, $order['surplus_amount'], 0);
	3898
	3899	// 计算此次预付款需要支付的总金额
	3900	$order['order_amount'] = $order['surplus_amount'] + $payment_info['pay_fee'];
	3901
	3902	// 如果支付费用改变了，也要相应的更改pay_log表的order_amount
	3903	$order_amount = $db->getOne("SELECT order_amount FROM " . $ecs->table('pay_log') . " WHERE log_id = '$order[log_id]'");
	3904	if($order_amount != $order['order_amount'])
	3905	{
	3906	$db->query("UPDATE " . $ecs->table('pay_log') . " SET order_amount = '$order[order_amount]' WHERE log_id = '$order[log_id]'");
	3907	}
	3908
	3909	/* 调用相应的支付方式文件 */
	3910	include_once (ROOT_PATH . 'includes/modules/payment/' . $payment_info['pay_code'] . '.php');
	3911
	3912	/* 取得在线支付方式的支付按钮 */
	3913	$pay_obj = new $payment_info['pay_code']();
	3914	$payment_info['pay_button'] = $pay_obj->get_code($order, $payment);
	3915
	3916	/* 模板赋值 */
	3917	$smarty->assign('payment', $payment_info);
	3918	$smarty->assign('order', $order);
	3919	$smarty->assign('pay_fee', price_format($payment_info['pay_fee'], false));
	3920	$smarty->assign('amount', price_format($order['surplus_amount'], false));
	3921	$smarty->assign('action', 'act_account');
	3922	$smarty->display('user_transaction.dwt');
	3923	}
	3924	/* 重新选择支付方式 */
	3925	else
	3926	{
	3927	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3928
	3929	$smarty->assign('payment', get_online_payment_list());
	3930	$smarty->assign('order', $order);
	3931	$smarty->assign('action', 'account_deposit');
	3932	$smarty->display('user_transaction.dwt');
	3933	}
	3934	}
	3935
	3936	/* 添加标签(ajax) */
	3937	function action_add_tag ()
	3938	{
	3939	$user = $GLOBALS['user'];
	3940	$_CFG = $GLOBALS['_CFG'];
	3941	$_LANG = $GLOBALS['_LANG'];
	3942	$smarty = $GLOBALS['smarty'];
	3943	$db = $GLOBALS['db'];
	3944	$ecs = $GLOBALS['ecs'];
	3945	$user_id = $_SESSION['user_id'];
	3946
	3947	include_once ('includes/cls_json.php');
	3948	include_once ('includes/lib_clips.php');
	3949
	3950	$result = array(
	3951	'error' => 0, 'message' => '', 'content' => ''
	3952	);
	3953	$id = isset($_POST['id']) ? intval($_POST['id']) : 0;
	3954	$tag = isset($_POST['tag']) ? json_str_iconv(trim($_POST['tag'])) : '';
	3955
	3956	if($user_id == 0)
	3957	{
	3958	/* 用户没有登录 */
	3959	$result['error'] = 1;
	3960	$result['message'] = $_LANG['tag_anonymous'];
	3961	}
	3962	else
	3963	{
	3964	add_tag($id, $tag); // 添加tag
	3965	clear_cache_files('goods'); // 删除缓存
	3966
	3967	/* 重新获得该商品的所有缓存 */
	3968	$arr = get_tags($id);
	3969
	3970	foreach($arr as $row)
	3971	{
	3972	$result['content'][] = array(
	3973	'word' => htmlspecialchars($row['tag_words']), 'count' => $row['tag_count']
	3974	);
	3975	}
	3976	}
	3977
	3978	$json = new JSON();
	3979
	3980	echo $json->encode($result);
	3981	exit();
	3982	}
	3983
	3984	/* 添加收藏商品(ajax) */
	3985	function action_collect ()
	3986	{
	3987	$user = $GLOBALS['user'];
	3988	$_CFG = $GLOBALS['_CFG'];
	3989	$_LANG = $GLOBALS['_LANG'];
	3990	$smarty = $GLOBALS['smarty'];
	3991	$db = $GLOBALS['db'];
	3992	$ecs = $GLOBALS['ecs'];
	3993	$user_id = $_SESSION['user_id'];
	3994
	3995	include_once (ROOT_PATH . 'includes/cls_json.php');
	3996	$json = new JSON();
	3997	$result = array(
	3998	'error' => 0, 'message' => ''
	3999	);
	4000	$goods_id = $_GET['id'];
	4001	$result['goods_id'] = $goods_id;
	4002
	4003	if(! isset($_SESSION['user_id']) \|\| $_SESSION['user_id'] == 0)
	4004	{
	4005	$result['error'] = 1;
	4006	$result['message'] = $_LANG['login_please'];
	4007
	4008	die($json->encode($result));
	4009	}
	4010	else
	4011	{
	4012	/* 检查是否已经存在于用户的收藏夹 */
	4013	$sql = "SELECT COUNT(*) FROM " . $GLOBALS['ecs']->table('collect_goods') . " WHERE user_id='$_SESSION[user_id]' AND goods_id = '$goods_id'";
	4014	if($GLOBALS['db']->GetOne($sql) > 0)
	4015	{
	4016	$result['error'] = 1;
	4017	$result['message'] = $GLOBALS['_LANG']['collect_existed'];
	4018	die($json->encode($result));
	4019	}
	4020	else
	4021	{
	4022	$time = gmtime();
	4023	$sql = "INSERT INTO " . $GLOBALS['ecs']->table('collect_goods') . " (user_id, goods_id, add_time)" . "VALUES ('$_SESSION[user_id]', '$goods_id', '$time')";
	4024
	4025	if($GLOBALS['db']->query($sql) === false)
	4026	{
	4027	$result['error'] = 1;
	4028	$result['message'] = $GLOBALS['db']->errorMsg();
	4029	die($json->encode($result));
	4030	}
	4031	else
	4032	{
	4033	$result['error'] = 0;
	4034	$result['message'] = $GLOBALS['_LANG']['collect_success'];
	4035	die($json->encode($result));
	4036	}
	4037	}
	4038	}
	4039	}
	4040
	4041	// 代码添加线上红包_start_cb_20150528
	4042	function action_user_bonus ()
	4043	{
	4044	$user = $GLOBALS['user'];
	4045	$_CFG = $GLOBALS['_CFG'];
	4046	$_LANG = $GLOBALS['_LANG'];
	4047	$smarty = $GLOBALS['smarty'];
	4048	$db = $GLOBALS['db'];
	4049	$ecs = $GLOBALS['ecs'];
	4050	$user_id = $_SESSION['user_id'];
	4051
	4052	include_once (ROOT_PATH . 'includes/cls_json.php');
	4053	$json = new JSON();
	4054	$result = array(
	4055	'error' => 0, 'message' => ''
	4056	);
	4057	$type_id = $_GET['id'];
	4058	$result['type_id'] = $type_id;
	4059	$result['no_have'] = $_GET['no_have'];
	4060
	4061	if(! isset($_SESSION['user_id']) \|\| $_SESSION['user_id'] == 0)
	4062	{
	4063	$result['error'] = 1;
	4064	$result['message'] = $_LANG['login_please'];
	4065	die($json->encode($result));
	4066	}
	4067	else
	4068	{
	4069	$sql = "SELECT COUNT(bonus_type_id) FROM " . $GLOBALS['ecs']->table('user_bonus') . " WHERE user_id='$_SESSION[user_id]' AND bonus_type_id = '$type_id'";
	4070	$u_bonus = $GLOBALS['db']->GetOne($sql);
	4071
	4072	$sql1 = "SELECT user_bonus_max FROM " . $GLOBALS['ecs']->table('bonus_type') . " WHERE type_id = '$type_id'";
	4073	$bonus_max = $db->getOne($sql1);
	4074	if($u_bonus >= $bonus_max)
	4075	{
	4076	$result['error'] = 1;
	4077	$result['message'] = $GLOBALS['_LANG']['u_bonus_existed'];
	4078	die($json->encode($result));
	4079	}
	4080	else
	4081	{
	4082	$sql = "INSERT INTO " . $GLOBALS['ecs']->table('user_bonus') . " (user_id,bonus_type_id)" . "VALUES ('$_SESSION[user_id]', '$type_id')";
	4083
	4084	if($GLOBALS['db']->query($sql) === false)
	4085	{
	4086	$result['error'] = 1;
	4087	$result['message'] = $GLOBALS['db']->errorMsg();
	4088	die($json->encode($result));
	4089	}
	4090	else
	4091	{
	4092	$u_bonus = $u_bonus+1;
	4093	$bonus_max = $bonus_max-$u_bonus;
	4094	$result['error'] = 0;
	4095	$result['message'] = "领取成功，您领取了".$u_bonus ."个红包，还可以领取".$bonus_max."个红包。";
	4096	die($json->encode($result));
	4097	}
	4098	}
	4099	}
	4100	}
	4101
	4102	function action_book_goods (){
	4103	$user = $GLOBALS['user'];
	4104	$_CFG = $GLOBALS['_CFG'];
	4105	$_LANG = $GLOBALS['_LANG'];
	4106	$smarty = $GLOBALS['smarty'];
	4107	$db = $GLOBALS['db'];
	4108	$ecs = $GLOBALS['ecs'];
	4109	$user_id = $_SESSION['user_id'];
	4110
	4111	include_once (ROOT_PATH . 'includes/cls_json.php');
	4112	$json = new JSON();
	4113	$result = array(
	4114	'error' => 0, 'message' => '', 'tel' => '', 'email' => ''
	4115	);
	4116	$goods_id = $_GET['id'];
	4117	$result['goods_id'] = $goods_id;
	4118	$result['no_have'] = $_GET['no_have'];
	4119
	4120	if(! isset($_SESSION['user_id']) \|\| $_SESSION['user_id'] == 0){
	4121	$result['error'] = 99;
	4122	$result['message'] = $_LANG['login_please'];
	4123	die($json->encode($result));
	4124	}else{
	4125	$sql = "SELECT user_id,goods_id FROM " . $GLOBALS['ecs']->table('booking_goods') . " WHERE user_id='$_SESSION[user_id]' AND is_dispose=0 AND goods_id = '$goods_id'";
	4126	$b_goods = $GLOBALS['db']->GetOne($sql);
	4127
	4128	if($b_goods){
	4129	$result['error'] = 0;
	4130	$result['message'] = "您已经登记过了";
	4131	die($json->encode($result));
	4132	}else{
	4133	$sql = "SELECT email,mobile_phone FROM " . $GLOBALS['ecs']->table('users') . " WHERE user_id='$_SESSION[user_id]'";
	4134	$user_msg = $db->getRow($sql);
	4135
	4136	$result['error'] = 1;
	4137	$result['tel'] = $user_msg['mobile_phone'];
	4138	$result['email'] = $user_msg['email'];
	4139	die($json->encode($result));
	4140	}
	4141	}
	4142	}
	4143
	4144	function action_add_book_goods ()
	4145	{
	4146	$user = $GLOBALS['user'];
	4147	$_CFG = $GLOBALS['_CFG'];
	4148	$_LANG = $GLOBALS['_LANG'];
	4149	$smarty = $GLOBALS['smarty'];
	4150	$db = $GLOBALS['db'];
	4151	$ecs = $GLOBALS['ecs'];
	4152	$user_id = $_SESSION['user_id'];
	4153
	4154	include_once (ROOT_PATH . 'includes/cls_json.php');
	4155	$json = new JSON();
	4156	$result = array(
	4157	'error' => 0, 'message' => ''
	4158	);
	4159	$goods_id = $_GET['id'];
	4160	$number = $_GET['num'];
	4161	$tel = $_GET['tel'];
	4162	$email = $_GET['em'];
	4163
	4164	if(! preg_match("/^1(3\|5\|8)[0-9]{1}[0-9]{8}$\|15[0189]{1}[0-9]{8}$\|189[0-9]{8}$/", $tel))
	4165	{
	4166	$result['error'] = 3;
	4167	$result['message'] = "手机格式不正确";
	4168	die($json->encode($result));
	4169	}
	4170	elseif(! preg_match("/^([0-9A-Za-z\\-_\\.]+)@([0-9a-z]+\\.[a-z]{2,3}(\\.[a-z]{2})?)$/i", $email))
	4171	{
	4172	$result['error'] = 4;
	4173	$result['message'] = "邮箱格式不正确";
	4174	die($json->encode($result));
	4175	}
	4176	else
	4177	{
	4178	$time = gmtime();
	4179	$sql = "INSERT INTO " . $ecs->table('booking_goods') . " (user_id,email,tel,goods_id,goods_number,booking_time,link_man) VALUES ('$_SESSION[user_id]','$email','$tel','$goods_id','$number','$time','$_SESSION[user_name]')";
	4180	if($db->query($sql))
	4181	{
	4182	$result['error'] = 2;
	4183	$result['message'] = "登记成功";
	4184	die($json->encode($result));
	4185	}
	4186	else
	4187	{
	4188	$result['error'] = 0;
	4189	$result['message'] = "登记失败";
	4190	die($json->encode($result));
	4191	}
	4192	}
	4193	}
	4194
	4195	/* 刷新是否收藏商品(ajax) */
	4196	function action_re_collect ()
	4197	{
	4198	$user = $GLOBALS['user'];
	4199	$_CFG = $GLOBALS['_CFG'];
	4200	$_LANG = $GLOBALS['_LANG'];
	4201	$smarty = $GLOBALS['smarty'];
	4202	$db = $GLOBALS['db'];
	4203	$ecs = $GLOBALS['ecs'];
	4204	$user_id = $_SESSION['user_id'];
	4205
	4206	include_once (ROOT_PATH . 'includes/cls_json.php');
	4207	$json = new JSON();
	4208	$goods_id = $_GET['id'];
	4209
	4210	if($goods_id > 0)
	4211	{
	4212	$result = array(
	4213	'goods_id' => 0, 'is_collect' => ''
	4214	);
	4215	$sql = "SELECT COUNT(*) FROM " . $GLOBALS['ecs']->table('collect_goods') . " WHERE user_id='$_SESSION[user_id]' AND goods_id = '$goods_id'";
	4216	$result['goods_id'] = $goods_id;
	4217	$result['is_collect'] = ($GLOBALS['db']->getOne($sql) > 0 ? 1 : 0);
	4218	}
	4219	else
	4220	{
	4221	$result = array(
	4222	'goods_id' => 0, 'is_collect' => array()
	4223	);
	4224	$sql = "SELECT goods_id FROM " . $GLOBALS['ecs']->table('collect_goods') . " WHERE user_id='$_SESSION[user_id]'";
	4225	$result['is_collect'] = $GLOBALS['db']->getCol($sql);
	4226	}
	4227	die($json->encode($result));
	4228	}
	4229
	4230	/* 删除留言 */
	4231	function action_del_msg ()
	4232	{
	4233	$user = $GLOBALS['user'];
	4234	$_CFG = $GLOBALS['_CFG'];
	4235	$_LANG = $GLOBALS['_LANG'];
	4236	$smarty = $GLOBALS['smarty'];
	4237	$db = $GLOBALS['db'];
	4238	$ecs = $GLOBALS['ecs'];
	4239	$user_id = $_SESSION['user_id'];
	4240
	4241	$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	4242	$order_id = empty($_GET['order_id']) ? 0 : intval($_GET['order_id']);
	4243
	4244	if($id > 0)
	4245	{
	4246	$sql = 'SELECT user_id, message_img FROM ' . $ecs->table('feedback') . " WHERE msg_id = '$id' LIMIT 1";
	4247	$row = $db->getRow($sql);
	4248	if($row && $row['user_id'] == $user_id)
	4249	{
	4250	/* 验证通过，删除留言，回复，及相应文件 */
	4251	if($row['message_img'])
	4252	{
	4253	@unlink(ROOT_PATH . DATA_DIR . '/feedbackimg/' . $row['message_img']);
	4254	}
	4255	$sql = "DELETE FROM " . $ecs->table('feedback') . " WHERE msg_id = '$id' OR parent_id = '$id'";
	4256	$db->query($sql);
	4257	}
	4258	}
	4259	ecs_header("Location: user.php?act=message_list&order_id=$order_id\n");
	4260	exit();
	4261	}
	4262
	4263	/* 删除评论 */
	4264	function action_del_cmt ()
	4265	{
	4266	$user = $GLOBALS['user'];
	4267	$_CFG = $GLOBALS['_CFG'];
	4268	$_LANG = $GLOBALS['_LANG'];
	4269	$smarty = $GLOBALS['smarty'];
	4270	$db = $GLOBALS['db'];
	4271	$ecs = $GLOBALS['ecs'];
	4272	$user_id = $_SESSION['user_id'];
	4273
	4274	$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	4275	if($id > 0)
	4276	{
	4277	$sql = "DELETE FROM " . $ecs->table('comment') . " WHERE comment_id = '$id' AND user_id = '$user_id'";
	4278	$db->query($sql);
	4279	}
	4280	ecs_header("Location: user.php?act=comment_list\n");
	4281	exit();
	4282	}
	4283
	4284	/* 合并订单 */
	4285	function action_merge_order ()
	4286	{
	4287	$user = $GLOBALS['user'];
	4288	$_CFG = $GLOBALS['_CFG'];
	4289	$_LANG = $GLOBALS['_LANG'];
	4290	$smarty = $GLOBALS['smarty'];
	4291	$db = $GLOBALS['db'];
	4292	$ecs = $GLOBALS['ecs'];
	4293	$user_id = $_SESSION['user_id'];
	4294
	4295	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	4296	include_once (ROOT_PATH . 'includes/lib_order.php');
	4297	$from_order = isset($_POST['from_order']) ? trim($_POST['from_order']) : '';
	4298	$to_order = isset($_POST['to_order']) ? trim($_POST['to_order']) : '';
	4299
	4300	/* 代码增加_start By */
	4301	$sql = "select supplier_id from " . $ecs->table('order_info') . " where order_sn='$from_order' ";
	4302	$supplier_id_from = $db->getOne($sql);
	4303	$sql = "select supplier_id from " . $ecs->table('order_info') . " where order_sn='$to_order' ";
	4304	$supplier_id_to = $db->getOne($sql);
	4305	if($supplier_id_from != $supplier_id_to)
	4306	{
	4307	show_message('由于供货商不同,订单合并失败', $_LANG['order_list_lnk'], 'user.php?act=order_list', 'info');
	4308	}
	4309	/* 代码增加_end By */
	4310
	4311	if(merge_user_order($from_order, $to_order, $user_id))
	4312	{
	4313	show_message($_LANG['merge_order_success'], $_LANG['order_list_lnk'], 'user.php?act=order_list', 'info');
	4314	}
	4315	else
	4316	{
	4317	$err->show($_LANG['order_list_lnk']);
	4318	}
	4319	}
	4320
	4321	/* 将指定订单中商品添加到购物车 */
	4322	function action_return_to_cart ()
	4323	{
	4324	$user = $GLOBALS['user'];
	4325	$_CFG = $GLOBALS['_CFG'];
	4326	$_LANG = $GLOBALS['_LANG'];
	4327	$smarty = $GLOBALS['smarty'];
	4328	$db = $GLOBALS['db'];
	4329	$ecs = $GLOBALS['ecs'];
	4330	$user_id = $_SESSION['user_id'];
	4331
	4332	include_once (ROOT_PATH . 'includes/cls_json.php');
	4333	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	4334	$json = new JSON();
	4335
	4336	$result = array(
	4337	'error' => 0, 'message' => '', 'content' => ''
	4338	);
	4339	$order_id = isset($_POST['order_id']) ? intval($_POST['order_id']) : 0;
	4340	if($order_id == 0)
	4341	{
	4342	$result['error'] = 1;
	4343	$result['message'] = $_LANG['order_id_empty'];
	4344	die($json->encode($result));
	4345	}
	4346
	4347	if($user_id == 0)
	4348	{
	4349	/* 用户没有登录 */
	4350	$result['error'] = 1;
	4351	$result['message'] = $_LANG['login_please'];
	4352	die($json->encode($result));
	4353	}
	4354
	4355	/* 检查订单是否属于该用户 */
	4356	$order_user = $db->getOne("SELECT user_id FROM " . $ecs->table('order_info') . " WHERE order_id = '$order_id'");
	4357	if(empty($order_user))
	4358	{
	4359	$result['error'] = 1;
	4360	$result['message'] = $_LANG['order_exist'];
	4361	die($json->encode($result));
	4362	}
	4363	else
	4364	{
	4365	if($order_user != $user_id)
	4366	{
	4367	$result['error'] = 1;
	4368	$result['message'] = $_LANG['no_priv'];
	4369	die($json->encode($result));
	4370	}
	4371	}
	4372
	4373	$message = return_to_cart($order_id);
	4374
	4375	if($message === true)
	4376	{
	4377	$result['error'] = 0;
	4378	$result['message'] = $_LANG['return_to_cart_success'];
	4379	$result['content'] = insert_cart_info();
	4380	die($json->encode($result));
	4381	}
	4382	else
	4383	{
	4384	$result['error'] = 1;
	4385	$result['message'] = $_LANG['order_exist'];
	4386	die($json->encode($result));
	4387	}
	4388	}
	4389
	4390	/* 编辑使用余额支付的处理 */
	4391	function action_act_edit_surplus ()
	4392	{
	4393	$user = $GLOBALS['user'];
	4394	$_CFG = $GLOBALS['_CFG'];
	4395	$_LANG = $GLOBALS['_LANG'];
	4396	$smarty = $GLOBALS['smarty'];
	4397	$db = $GLOBALS['db'];
	4398	$ecs = $GLOBALS['ecs'];
	4399	$user_id = $_SESSION['user_id'];
	4400
	4401	/* 检查是否登录 */
	4402	if($_SESSION['user_id'] <= 0)
	4403	{
	4404	ecs_header("Location: ./\n");
	4405	exit();
	4406	}
	4407
	4408	/* 检查订单号 */
	4409	$order_id = intval($_POST['order_id']);
	4410	if($order_id <= 0)
	4411	{
	4412	ecs_header("Location: ./\n");
	4413	exit();
	4414	}
	4415
	4416	/* 检查余额 */
	4417	$surplus = floatval($_POST['surplus']);
	4418	if($surplus <= 0)
	4419	{
	4420	$err->add($_LANG['error_surplus_invalid']);
	4421	$err->show($_LANG['order_detail'], 'user.php?act=order_detail&order_id=' . $order_id);
	4422	}
	4423
	4424	include_once (ROOT_PATH . 'includes/lib_order.php');
	4425
	4426	/* 取得订单 */
	4427	$order = order_info($order_id);
	4428	if(empty($order))
	4429	{
	4430	ecs_header("Location: ./\n");
	4431	exit();
	4432	}
	4433
	4434	/* 检查订单用户跟当前用户是否一致 */
	4435	if($_SESSION['user_id'] != $order['user_id'])
	4436	{
	4437	ecs_header("Location: ./\n");
	4438	exit();
	4439	}
	4440
	4441	/* 检查订单是否未付款，检查应付款金额是否大于0 */
	4442	if($order['pay_status'] != PS_UNPAYED \|\| $order['order_amount'] <= 0)
	4443	{
	4444	$err->add($_LANG['error_order_is_paid']);
	4445	$err->show($_LANG['order_detail'], 'user.php?act=order_detail&order_id=' . $order_id);
	4446	}
	4447
	4448	/* 计算应付款金额（减去支付费用） */
	4449	$order['order_amount'] -= $order['pay_fee'];
	4450
	4451	/* 余额是否超过了应付款金额，改为应付款金额 */
	4452	if($surplus > $order['order_amount'])
	4453	{
	4454	$surplus = $order['order_amount'];
	4455	}
	4456
	4457	/* 取得用户信息 */
	4458	$user = user_info($_SESSION['user_id']);
	4459
	4460	/* 用户帐户余额是否足够 */
	4461	if($surplus > $user['user_money'] + $user['credit_line'])
	4462	{
	4463	$err->add($_LANG['error_surplus_not_enough']);
	4464	$err->show($_LANG['order_detail'], 'user.php?act=order_detail&order_id=' . $order_id);
	4465	}
	4466
	4467	/* 修改订单，重新计算支付费用 */
	4468	$order['surplus'] += $surplus;
	4469	$order['order_amount'] -= $surplus;
	4470	if($order['order_amount'] > 0)
	4471	{
	4472	$cod_fee = 0;
	4473	if($order['shipping_id'] > 0)
	4474	{
	4475	$regions = array(
	4476	$order['country'], $order['province'], $order['city'], $order['district']
	4477	);
	4478	$shipping = shipping_area_info($order['shipping_id'], $regions);
	4479	if($shipping['support_cod'] == '1')
	4480	{
	4481	$cod_fee = $shipping['pay_fee'];
	4482	}
	4483	}
	4484
	4485	$pay_fee = 0;
	4486	if($order['pay_id'] > 0)
	4487	{
	4488	$pay_fee = pay_fee($order['pay_id'], $order['order_amount'], $cod_fee);
	4489	}
	4490
	4491	$order['pay_fee'] = $pay_fee;
	4492	$order['order_amount'] += $pay_fee;
	4493	}
	4494
	4495	/* 如果全部支付，设为已确认、已付款 */
	4496	if($order['order_amount'] == 0)
	4497	{
	4498	if($order['order_status'] == OS_UNCONFIRMED)
	4499	{
	4500	$order['order_status'] = OS_CONFIRMED;
	4501	$order['confirm_time'] = gmtime();
	4502	}
	4503	$order['pay_status'] = PS_PAYED;
	4504	$order['pay_time'] = gmtime();
	4505	}
	4506	$order = addslashes_deep($order);
	4507	update_order($order_id, $order);
	4508
	4509	/判断虚拟商品如果是虚拟商品则发放虚拟卡/
	4510	if($order['extension_code'] == 'virtual_good'){
	4511	put_virtual_cart($order_id);
	4512	//修改订单配送状态
	4513	update_order_shipping($order_id);
	4514	}
	4515	/* 更新用户余额 */
	4516	$change_desc = sprintf($_LANG['pay_order_by_surplus'], $order['order_sn']);
	4517	log_account_change($user['user_id'], (- 1) * $surplus, 0, 0, 0, $change_desc);
	4518
	4519	/* 跳转 */
	4520	ecs_header('Location: user.php?act=order_detail&order_id=' . $order_id . "\n");
	4521	exit();
	4522	}
	4523
	4524	/* 编辑使用余额支付的处理 */
	4525	function action_act_edit_payment ()
	4526	{
	4527	$user = $GLOBALS['user'];
	4528	$_CFG = $GLOBALS['_CFG'];
	4529	$_LANG = $GLOBALS['_LANG'];
	4530	$smarty = $GLOBALS['smarty'];
	4531	$db = $GLOBALS['db'];
	4532	$ecs = $GLOBALS['ecs'];
	4533	$user_id = $_SESSION['user_id'];
	4534
	4535	/* 检查是否登录 */
	4536	if($_SESSION['user_id'] <= 0)
	4537	{
	4538	ecs_header("Location: ./\n");
	4539	exit();
	4540	}
	4541	$sql = "SELECT pay_id FROM " . $ecs->table('payment') . " WHERE pay_code = '" . $_POST['pay_code'] . "'";
	4542	$row = $db->getRow($sql);
	4543	/* 检查支付方式 */
	4544	$pay_id = $row['pay_id'];
	4545	if($pay_id <= 0)
	4546	{
	4547	ecs_header("Location: ./\n");
	4548	exit();
	4549	}
	4550
	4551	include_once (ROOT_PATH . 'includes/lib_order.php');
	4552	$payment_info = payment_info($pay_id);
	4553	if(empty($payment_info))
	4554	{
	4555	ecs_header("Location: ./\n");
	4556	exit();
	4557	}
	4558
	4559	/* 检查订单号 */
	4560	$order_id = intval($_POST['order_id']);
	4561	if($order_id <= 0)
	4562	{
	4563	ecs_header("Location: ./\n");
	4564	exit();
	4565	}
	4566
	4567	/* 取得订单 */
	4568	$order = order_info($order_id);
	4569	if(empty($order))
	4570	{
	4571	ecs_header("Location: ./\n");
	4572	exit();
	4573	}
	4574
	4575	/* 检查订单用户跟当前用户是否一致 */
	4576	if($_SESSION['user_id'] != $order['user_id'])
	4577	{
	4578	ecs_header("Location: ./\n");
	4579	exit();
	4580	}
	4581
	4582	/* 检查订单是否未付款和未发货以及订单金额是否为0 和支付id是否为改变 */
	4583	if($order['pay_status'] != PS_UNPAYED \|\| $order['shipping_status'] != SS_UNSHIPPED \|\| $order['goods_amount'] <= 0 \|\| $order['pay_id'] == $pay_id)
	4584	{
	4585	ecs_header("Location: user.php?act=order_detail&order_id=$order_id\n");
	4586	exit();
	4587	}
	4588
	4589	$order_amount = $order['order_amount'] - $order['pay_fee'];
	4590	$pay_fee = pay_fee($pay_id, $order_amount);
	4591	$order_amount += $pay_fee;
	4592
	4593	if($_POST['pay_code'] == 'alipay_bank')
	4594	{
	4595	$defaultbank = $_POST['www_68ecshop_com_bank'];
	4596	$sql = "UPDATE " . $ecs->table('order_info') . " SET pay_id='$pay_id', pay_name='$payment_info[pay_name]', pay_fee='$pay_fee', order_amount='$order_amount', defaultbank='$defaultbank'" . " WHERE order_id = '$order_id'";
	4597	}
	4598	else
	4599	{
	4600	$sql = "UPDATE " . $ecs->table('order_info') . " SET pay_id='$pay_id', pay_name='$payment_info[pay_name]', pay_fee='$pay_fee', order_amount='$order_amount'" . " WHERE order_id = '$order_id'";
	4601	}
	4602
	4603	$db->query($sql);
	4604
	4605	/* 跳转 */
	4606	ecs_header("Location: user.php?act=order_detail&order_id=$order_id\n");
	4607	exit();
	4608	}
	4609
	4610	/* 保存订单详情收货地址 */
	4611	function action_save_order_address ()
	4612	{
	4613	$user = $GLOBALS['user'];
	4614	$_CFG = $GLOBALS['_CFG'];
	4615	$_LANG = $GLOBALS['_LANG'];
	4616	$smarty = $GLOBALS['smarty'];
	4617	$db = $GLOBALS['db'];
	4618	$ecs = $GLOBALS['ecs'];
	4619	$user_id = $_SESSION['user_id'];
	4620
	4621	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	4622
	4623	$address = array(
	4624	'consignee' => isset($_POST['consignee']) ? compile_str(trim($_POST['consignee'])) : '', 'email' => isset($_POST['email']) ? compile_str(trim($_POST['email'])) : '', 'address' => isset($_POST['address']) ? compile_str(trim($_POST['address'])) : '', 'zipcode' => isset($_POST['zipcode']) ? compile_str(make_semiangle(trim($_POST['zipcode']))) : '', 'tel' => isset($_POST['tel']) ? compile_str(trim($_POST['tel'])) : '', 'mobile' => isset($_POST['mobile']) ? compile_str(trim($_POST['mobile'])) : '', 'sign_building' => isset($_POST['sign_building']) ? compile_str(trim($_POST['sign_building'])) : '', 'best_time' => isset($_POST['best_time']) ? compile_str(trim($_POST['best_time'])) : '', 'order_id' => isset($_POST['order_id']) ? intval($_POST['order_id']) : 0
	4625	);
	4626	if(save_order_address($address, $user_id))
	4627	{
	4628	ecs_header('Location: user.php?act=order_detail&order_id=' . $address['order_id'] . "\n");
	4629	exit();
	4630	}
	4631	else
	4632	{
	4633	$err = $GLOBALS['err'];
	4634	if(empty($address['order_id']))
	4635	{
	4636	$err->show($_LANG['order_list_lnk'], 'user.php?act=order_list');
	4637	}
	4638	else
	4639	{
	4640	$err->show($_LANG['order_list_lnk'], 'user.php?act=order_detail&order_id=' . $address['order_id']);
	4641	}
	4642
	4643	}
	4644	}
	4645
	4646	/* 我的红包列表 */
	4647	function action_bonus ()
	4648	{
	4649	$user = $GLOBALS['user'];
	4650	$_CFG = $GLOBALS['_CFG'];
	4651	$_LANG = $GLOBALS['_LANG'];
	4652	$smarty = $GLOBALS['smarty'];
	4653	$db = $GLOBALS['db'];
	4654	$ecs = $GLOBALS['ecs'];
	4655	$user_id = $_SESSION['user_id'];
	4656	$action = $GLOBALS['action'];
	4657
	4658	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	4659
	4660	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	4661	$suppid = isset($_REQUEST['suppid']) ? intval($_REQUEST['suppid']) : - 1;
	4662
	4663	$sql = "SELECT ub.supplier_id, ifnull( ssc.value, '网站自营' ) as suppname
	4664	FROM " . $ecs->table('user_bonus') . " AS ub
	4665	LEFT JOIN " . $ecs->table('supplier_shop_config') . " AS ssc ON ub.supplier_id = ssc.supplier_id
	4666	AND ssc.code = 'shop_name'
	4667	WHERE ub.user_id =" . $user_id . "
	4668	GROUP BY ub.supplier_id";
	4669
	4670	$suppinfo = $db->getAll($sql);
	4671
	4672	$where_suppid = '';
	4673	if($suppid > - 1)
	4674	{
	4675	$where_suppid = " AND supplier_id=" . $suppid;
	4676	}
	4677
	4678	$smarty->assign('suppinfo', $suppinfo);
	4679
	4680	$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('user_bonus') . " WHERE user_id = '$user_id'" . $where_suppid);
	4681
	4682	$pager = get_pager('user.php', array(
	4683	'act' => $action, 'suppid' => $suppid
	4684	), $record_count, $page, 16);
	4685	$bonus = get_user_bouns_list($user_id, $pager['size'], $pager['start'], $suppid);
	4686
	4687	$smarty->assign('pager', $pager);
	4688	$smarty->assign('bonus', $bonus);
	4689	$smarty->display('user_transaction.dwt');
	4690	}
	4691
	4692	/* 我的团购列表 */
	4693	function action_group_buy ()
	4694	{
	4695	$user = $GLOBALS['user'];
	4696	$_CFG = $GLOBALS['_CFG'];
	4697	$_LANG = $GLOBALS['_LANG'];
	4698	$smarty = $GLOBALS['smarty'];
	4699	$db = $GLOBALS['db'];
	4700	$ecs = $GLOBALS['ecs'];
	4701	$user_id = $_SESSION['user_id'];
	4702
	4703	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	4704
	4705	// 待议
	4706	$smarty->display('user_transaction.dwt');
	4707	}
	4708
	4709	/* 团购订单详情 */
	4710	function action_group_buy_detail ()
	4711	{
	4712	$user = $GLOBALS['user'];
	4713	$_CFG = $GLOBALS['_CFG'];
	4714	$_LANG = $GLOBALS['_LANG'];
	4715	$smarty = $GLOBALS['smarty'];
	4716	$db = $GLOBALS['db'];
	4717	$ecs = $GLOBALS['ecs'];
	4718	$user_id = $_SESSION['user_id'];
	4719
	4720	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	4721
	4722	// 待议
	4723	$smarty->display('user_transaction.dwt');
	4724	}
	4725
	4726	// 用户推荐页面
	4727	function action_affiliate ()
	4728	{
	4729	$user = $GLOBALS['user'];
	4730	$_CFG = $GLOBALS['_CFG'];
	4731	$_LANG = $GLOBALS['_LANG'];
	4732	$smarty = $GLOBALS['smarty'];
	4733	$db = $GLOBALS['db'];
	4734	$ecs = $GLOBALS['ecs'];
	4735	$user_id = $_SESSION['user_id'];
	4736	$affiliate = unserialize($GLOBALS['_CFG']['affiliate']);
	4737
	4738	$goodsid = intval(isset($_REQUEST['goodsid']) ? $_REQUEST['goodsid'] : 0);
	4739	if(empty($goodsid))
	4740	{
	4741	// 我的推荐页面
	4742
	4743	$page = ! empty($_REQUEST['page']) && intval($_REQUEST['page']) > 0 ? intval($_REQUEST['page']) : 1;
	4744	$size = ! empty($_CFG['page_size']) && intval($_CFG['page_size']) > 0 ? intval($_CFG['page_size']) : 10;
	4745
	4746	empty($affiliate) && $affiliate = array();
	4747
	4748	if(empty($affiliate['config']['separate_by']))
	4749	{
	4750	// 推荐注册分成
	4751	$affdb = array();
	4752	$num = count($affiliate['item']);
	4753	$up_uid = "'$user_id'";
	4754	$all_uid = "'$user_id'";
	4755	for($i = 1; $i <= $num; $i ++)
	4756	{
	4757	$count = 0;
	4758	if($up_uid)
	4759	{
	4760	$sql = "SELECT user_id FROM " . $ecs->table('users') . " WHERE parent_id IN($up_uid)";
	4761	$query = $db->query($sql);
	4762	$up_uid = '';
	4763	while($rt = $db->fetch_array($query))
	4764	{
	4765	$up_uid .= $up_uid ? ",'$rt[user_id]'" : "'$rt[user_id]'";
	4766	if($i < $num)
	4767	{
	4768	$all_uid .= ", '$rt[user_id]'";
	4769	}
	4770	$count ++;
	4771	}
	4772	}
	4773	$affdb[$i]['num'] = $count;
	4774	$affdb[$i]['point'] = $affiliate['item'][$i - 1]['level_point'];
	4775	$affdb[$i]['money'] = $affiliate['item'][$i - 1]['level_money'];
	4776	}
	4777	$smarty->assign('affdb', $affdb);
	4778
	4779	$sqlcount = "SELECT count(*) FROM " . $ecs->table('order_info') . " o" . " LEFT JOIN" . $ecs->table('users') . " u ON o.user_id = u.user_id" . " LEFT JOIN " . $ecs->table('affiliate_log') . " a ON o.order_id = a.order_id" . " WHERE o.user_id > 0 AND (u.parent_id IN ($all_uid) AND o.is_separate = 0 OR a.user_id = '$user_id' AND o.is_separate > 0)";
	4780
	4781	$sql = "SELECT o.*, a.log_id, a.user_id as suid, a.user_name as auser, a.money, a.point, a.separate_type FROM " . $ecs->table('order_info') . " o" . " LEFT JOIN" . $ecs->table('users') . " u ON o.user_id = u.user_id" . " LEFT JOIN " . $ecs->table('affiliate_log') . " a ON o.order_id = a.order_id" . " WHERE o.user_id > 0 AND (u.parent_id IN ($all_uid) AND o.is_separate = 0 OR a.user_id = '$user_id' AND o.is_separate > 0)" . " ORDER BY order_id DESC";
	4782
	4783	/*
	4784	* SQL解释：
	4785	*
	4786	* 订单、用户、分成记录关联
	4787	* 一个订单可能有多个分成记录
	4788	*
	4789	* 1、订单有效 o.user_id > 0
	4790	* 2、满足以下之一：
	4791	* a.直接下线的未分成订单 u.parent_id IN ($all_uid) AND o.is_separate = 0
	4792	* 其中$all_uid为该ID及其下线(不包含最后一层下线)
	4793	* b.全部已分成订单 a.user_id = '$user_id' AND o.is_separate > 0
	4794	*
	4795	*/
	4796
	4797	$affiliate_intro = nl2br(sprintf($_LANG['affiliate_intro'][$affiliate['config']['separate_by']], $affiliate['config']['expire'], $_LANG['expire_unit'][$affiliate['config']['expire_unit']], $affiliate['config']['level_register_all'], $affiliate['config']['level_register_up'], $affiliate['config']['level_money_all'], $affiliate['config']['level_point_all']));
	4798	}
	4799	else
	4800	{
	4801	// 推荐订单分成
	4802	$sqlcount = "SELECT count(*) FROM " . $ecs->table('order_info') . " o" . " LEFT JOIN" . $ecs->table('users') . " u ON o.user_id = u.user_id" . " LEFT JOIN " . $ecs->table('affiliate_log') . " a ON o.order_id = a.order_id" . " WHERE o.user_id > 0 AND (o.parent_id = '$user_id' AND o.is_separate = 0 OR a.user_id = '$user_id' AND o.is_separate > 0)";
	4803
	4804	$sql = "SELECT o.*, a.log_id,a.user_id as suid, a.user_name as auser, a.money, a.point, a.separate_type,u.parent_id as up FROM " . $ecs->table('order_info') . " o" . " LEFT JOIN" . $ecs->table('users') . " u ON o.user_id = u.user_id" . " LEFT JOIN " . $ecs->table('affiliate_log') . " a ON o.order_id = a.order_id" . " WHERE o.user_id > 0 AND (o.parent_id = '$user_id' AND o.is_separate = 0 OR a.user_id = '$user_id' AND o.is_separate > 0)" . " ORDER BY order_id DESC";
	4805
	4806	/*
	4807	* SQL解释：
	4808	*
	4809	* 订单、用户、分成记录关联
	4810	* 一个订单可能有多个分成记录
	4811	*
	4812	* 1、订单有效 o.user_id > 0
	4813	* 2、满足以下之一：
	4814	* a.订单下线的未分成订单 o.parent_id = '$user_id' AND o.is_separate = 0
	4815	* b.全部已分成订单 a.user_id = '$user_id' AND o.is_separate > 0
	4816	*
	4817	*/
	4818	$affiliate_intro = nl2br(sprintf($_LANG['affiliate_intro'][$affiliate['config']['separate_by']], $affiliate['config']['expire'], $_LANG['expire_unit'][$affiliate['config']['expire_unit']], $affiliate['config']['level_money_all'], $affiliate['config']['level_point_all']));
	4819	}
	4820
	4821	$count = $db->getOne($sqlcount);
	4822
	4823	$max_page = ($count > 0) ? ceil($count / $size) : 1;
	4824	if($page > $max_page)
	4825	{
	4826	$page = $max_page;
	4827	}
	4828
	4829	$res = $db->SelectLimit($sql, $size, ($page - 1) * $size);
	4830	$logdb = array();
	4831	while($rt = $GLOBALS['db']->fetchRow($res))
	4832	{
	4833	if(! empty($rt['suid']))
	4834	{
	4835	// 在affiliate_log有记录
	4836	if($rt['separate_type'] == - 1 \|\| $rt['separate_type'] == - 2)
	4837	{
	4838	// 已被撤销
	4839	$rt['is_separate'] = 3;
	4840	}
	4841	}
	4842	$rt['order_sn'] = substr($rt['order_sn'], 0, strlen($rt['order_sn']) - 5) . "***" . substr($rt['order_sn'], - 2, 2);
	4843	$logdb[] = $rt;
	4844	}
	4845
	4846	$url_format = "user.php?act=affiliate&page=";
	4847
	4848	$pager = array(
	4849	'page' => $page, 'size' => $size, 'sort' => '', 'order' => '', 'record_count' => $count, 'page_count' => $max_page, 'page_first' => $url_format . '1', 'page_prev' => $page > 1 ? $url_format . ($page - 1) : "javascript:;", 'page_next' => $page < $max_page ? $url_format . ($page + 1) : "javascript:;", 'page_last' => $url_format . $max_page, 'array' => array()
	4850	);
	4851	for($i = 1; $i <= $max_page; $i ++)
	4852	{
	4853	$pager['array'][$i] = $i;
	4854	}
	4855
	4856	$smarty->assign('url_format', $url_format);
	4857	$smarty->assign('pager', $pager);
	4858
	4859	$smarty->assign('affiliate_intro', $affiliate_intro);
	4860
	4861
	4862	$smarty->assign('affiliate_type', $affiliate['config']['separate_by']);
	4863
	4864	$smarty->assign('logdb', $logdb);
	4865	}
	4866	else
	4867	{
	4868	// 单个商品推荐
	4869	$smarty->assign('userid', $user_id);
	4870	$smarty->assign('goodsid', $goodsid);
	4871
	4872	$types = array(
	4873	1, 2, 3, 4, 5
	4874	);
	4875	$smarty->assign('types', $types);
	4876
	4877	$goods = get_goods_info($goodsid);
	4878	$shopurl = $ecs->url();
	4879	$goods['goods_img'] = (strpos($goods['goods_img'], 'http://') === false && strpos($goods['goods_img'], 'https://') === false) ? $shopurl . $goods['goods_img'] : $goods['goods_img'];
	4880	$goods['goods_thumb'] = (strpos($goods['goods_thumb'], 'http://') === false && strpos($goods['goods_thumb'], 'https://') === false) ? $shopurl . $goods['goods_thumb'] : $goods['goods_thumb'];
	4881	$goods['shop_price'] = price_format($goods['shop_price']);
	4882
	4883	$smarty->assign('goods', $goods);
	4884	}
	4885	$affiliate['on'] = 1;
	4886	$recomm = 1;
	4887	//file_put_contents('./33$affiliate.txt',var_export($affiliate,true));
	4888	//file_put_contents('./33$recomm.txt',var_export($recomm,true));
	4889	$smarty->assign('shopname', $_CFG['shop_name']);
	4890	$smarty->assign('userid', $user_id);
	4891	$smarty->assign('shopurl', $ecs->url());
	4892	$smarty->assign('logosrc', 'themes/' . $_CFG['template'] . '/images/logo.gif');
	4893	$smarty->assign('recomm', $recomm);
	4894	$smarty->assign('affiliate', $affiliate);
	4895
	4896	$smarty->display('user_clips.dwt');
	4897	}
	4898
	4899	// 首页邮件订阅ajax操做和验证操作
	4900	function action_email_list ()
	4901	{
	4902	$user = $GLOBALS['user'];
	4903	$_CFG = $GLOBALS['_CFG'];
	4904	$_LANG = $GLOBALS['_LANG'];
	4905	$smarty = $GLOBALS['smarty'];
	4906	$db = $GLOBALS['db'];
	4907	$ecs = $GLOBALS['ecs'];
	4908	$user_id = $_SESSION['user_id'];
	4909
	4910	$job = $_GET['job'];
	4911
	4912	if($job == 'add' \|\| $job == 'del')
	4913	{
	4914	if(isset($_SESSION['last_email_query']))
	4915	{
	4916	if(time() - $_SESSION['last_email_query'] <= 30)
	4917	{
	4918	die($_LANG['order_query_toofast']);
	4919	}
	4920	}
	4921	$_SESSION['last_email_query'] = time();
	4922	}
	4923
	4924	$email = trim($_GET['email']);
	4925	$email = htmlspecialchars($email);
	4926
	4927	if(! is_email($email))
	4928	{
	4929	$info = sprintf($_LANG['email_invalid'], $email);
	4930	die($info);
	4931	}
	4932	$ck = $db->getRow("SELECT * FROM " . $ecs->table('email_list') . " WHERE email = '$email'");
	4933	if($job == 'add')
	4934	{
	4935	if(empty($ck))
	4936	{
	4937	$hash = substr(md5(time()), 1, 10);
	4938	$sql = "INSERT INTO " . $ecs->table('email_list') . " (email, stat, hash) VALUES ('$email', 0, '$hash')";
	4939	$db->query($sql);
	4940	$info = $_LANG['email_check'];
	4941	$url = $ecs->url() . "user.php?act=email_list&job=add_check&hash=$hash&email=$email";
	4942	send_mail('', $email, $_LANG['check_mail'], sprintf($_LANG['check_mail_content'], $email, $_CFG['shop_name'], $url, $url, $_CFG['shop_name'], local_date('Y-m-d')), 1);
	4943	}
	4944	elseif($ck['stat'] == 1)
	4945	{
	4946	$info = sprintf($_LANG['email_alreadyin_list'], $email);
	4947	}
	4948	else
	4949	{
	4950	$hash = substr(md5(time()), 1, 10);
	4951	$sql = "UPDATE " . $ecs->table('email_list') . "SET hash = '$hash' WHERE email = '$email'";
	4952	$db->query($sql);
	4953	$info = $_LANG['email_re_check'];
	4954	$url = $ecs->url() . "user.php?act=email_list&job=add_check&hash=$hash&email=$email";
	4955	send_mail('', $email, $_LANG['check_mail'], sprintf($_LANG['check_mail_content'], $email, $_CFG['shop_name'], $url, $url, $_CFG['shop_name'], local_date('Y-m-d')), 1);
	4956	}
	4957	die($info);
	4958	}
	4959	elseif($job == 'del')
	4960	{
	4961	if(empty($ck))
	4962	{
	4963	$info = sprintf($_LANG['email_notin_list'], $email);
	4964	}
	4965	elseif($ck['stat'] == 1)
	4966	{
	4967	$hash = substr(md5(time()), 1, 10);
	4968	$sql = "UPDATE " . $ecs->table('email_list') . "SET hash = '$hash' WHERE email = '$email'";
	4969	$db->query($sql);
	4970	$info = $_LANG['email_check'];
	4971	$url = $ecs->url() . "user.php?act=email_list&job=del_check&hash=$hash&email=$email";
	4972	send_mail('', $email, $_LANG['check_mail'], sprintf($_LANG['check_mail_content'], $email, $_CFG['shop_name'], $url, $url, $_CFG['shop_name'], local_date('Y-m-d')), 1);
	4973	}
	4974	else
	4975	{
	4976	$info = $_LANG['email_not_alive'];
	4977	}
	4978	die($info);
	4979	}
	4980	elseif($job == 'add_check')
	4981	{
	4982	if(empty($ck))
	4983	{
	4984	$info = sprintf($_LANG['email_notin_list'], $email);
	4985	}
	4986	elseif($ck['stat'] == 1)
	4987	{
	4988	$info = $_LANG['email_checked'];
	4989	}
	4990	else
	4991	{
	4992	if($_GET['hash'] == $ck['hash'])
	4993	{
	4994	$sql = "UPDATE " . $ecs->table('email_list') . "SET stat = 1 WHERE email = '$email'";
	4995	$db->query($sql);
	4996	$info = $_LANG['email_checked'];
	4997	}
	4998	else
	4999	{
	5000	$info = $_LANG['hash_wrong'];
	5001	}
	5002	}
	5003	show_message($info, $_LANG['back_home_lnk'], 'index.php');
	5004	}
	5005	elseif($job == 'del_check')
	5006	{
	5007	if(empty($ck))
	5008	{
	5009	$info = sprintf($_LANG['email_invalid'], $email);
	5010	}
	5011	elseif($ck['stat'] == 1)
	5012	{
	5013	if($_GET['hash'] == $ck['hash'])
	5014	{
	5015	$sql = "DELETE FROM " . $ecs->table('email_list') . "WHERE email = '$email'";
	5016	$db->query($sql);
	5017	$info = $_LANG['email_canceled'];
	5018	}
	5019	else
	5020	{
	5021	$info = $_LANG['hash_wrong'];
	5022	}
	5023	}
	5024	else
	5025	{
	5026	$info = $_LANG['email_not_alive'];
	5027	}
	5028	show_message($info, $_LANG['back_home_lnk'], 'index.php');
	5029	}
	5030	}
	5031
	5032	/* ajax 发送验证邮件 */
	5033	function action_send_hash_mail ()
	5034	{
	5035	$user = $GLOBALS['user'];
	5036	$_CFG = $GLOBALS['_CFG'];
	5037	$_LANG = $GLOBALS['_LANG'];
	5038	$smarty = $GLOBALS['smarty'];
	5039	$db = $GLOBALS['db'];
	5040	$ecs = $GLOBALS['ecs'];
	5041	$user_id = $_SESSION['user_id'];
	5042
	5043	include_once (ROOT_PATH . 'includes/cls_json.php');
	5044	include_once (ROOT_PATH . 'includes/lib_passport.php');
	5045	$json = new JSON();
	5046
	5047	$result = array(
	5048	'error' => 0, 'message' => '', 'content' => ''
	5049	);
	5050
	5051	if($user_id == 0)
	5052	{
	5053	/* 用户没有登录 */
	5054	$result['error'] = 1;
	5055	$result['message'] = $_LANG['login_please'];
	5056	die($json->encode($result));
	5057	}
	5058
	5059	if(send_regiter_hash($user_id))
	5060	{
	5061	$result['message'] = $_LANG['validate_mail_ok'];
	5062	die($json->encode($result));
	5063	}
	5064	else
	5065	{
	5066	$result['error'] = 1;
	5067	$result['message'] = $GLOBALS['err']->last_message();
	5068	}
	5069
	5070	die($json->encode($result));
	5071	}
	5072
	5073	function action_track_packages ()
	5074	{
	5075	$user = $GLOBALS['user'];
	5076	$_CFG = $GLOBALS['_CFG'];
	5077	$_LANG = $GLOBALS['_LANG'];
	5078	$smarty = $GLOBALS['smarty'];
	5079	$db = $GLOBALS['db'];
	5080	$ecs = $GLOBALS['ecs'];
	5081	$user_id = $_SESSION['user_id'];
	5082	$action = $GLOBALS['action'];
	5083
	5084	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	5085	include_once (ROOT_PATH . 'includes/lib_order.php');
	5086
	5087	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	5088
	5089	$orders = array();
	5090
	5091	$sql = "SELECT order_id,order_sn,invoice_no,shipping_id FROM " . $ecs->table('order_info') . " WHERE user_id = '$user_id' AND shipping_status = '" . SS_SHIPPED . "'";
	5092	$res = $db->query($sql);
	5093	$record_count = 0;
	5094	while($item = $db->fetch_array($res))
	5095	{
	5096	$shipping = get_shipping_object($item['shipping_id']);
	5097
	5098	if(method_exists($shipping, 'query'))
	5099	{
	5100	$query_link = $shipping->query($item['invoice_no']);
	5101	}
	5102	else
	5103	{
	5104	$query_link = $item['invoice_no'];
	5105	}
	5106
	5107	if($query_link != $item['invoice_no'])
	5108	{
	5109	$item['query_link'] = $query_link;
	5110	$orders[] = $item;
	5111	$record_count += 1;
	5112	}
	5113	}
	5114	$pager = get_pager('user.php', array(
	5115	'act' => $action
	5116	), $record_count, $page);
	5117	$smarty->assign('pager', $pager);
	5118	$smarty->assign('orders', $orders);
	5119	$smarty->display('user_transaction.dwt');
	5120	}
	5121
	5122	function action_order_query ()
	5123	{
	5124	$user = $GLOBALS['user'];
	5125	$_CFG = $GLOBALS['_CFG'];
	5126	$_LANG = $GLOBALS['_LANG'];
	5127	$smarty = $GLOBALS['smarty'];
	5128	$db = $GLOBALS['db'];
	5129	$ecs = $GLOBALS['ecs'];
	5130	$user_id = $_SESSION['user_id'];
	5131
	5132	$_GET['order_sn'] = trim(substr($_GET['order_sn'], 1));
	5133	$order_sn = empty($_GET['order_sn']) ? '' : addslashes($_GET['order_sn']);
	5134	include_once (ROOT_PATH . 'includes/cls_json.php');
	5135	$json = new JSON();
	5136
	5137	$result = array(
	5138	'error' => 0, 'message' => '', 'content' => ''
	5139	);
	5140
	5141	if(isset($_SESSION['last_order_query']))
	5142	{
	5143	if(time() - $_SESSION['last_order_query'] <= 10)
	5144	{
	5145	$result['error'] = 1;
	5146	$result['message'] = $_LANG['order_query_toofast'];
	5147	die($json->encode($result));
	5148	}
	5149	}
	5150	$_SESSION['last_order_query'] = time();
	5151
	5152	if(empty($order_sn))
	5153	{
	5154	$result['error'] = 1;
	5155	$result['message'] = $_LANG['invalid_order_sn'];
	5156	die($json->encode($result));
	5157	}
	5158
	5159	$sql = "SELECT order_id, order_status, shipping_status, pay_status, " . " shipping_time, shipping_id, invoice_no, user_id " . " FROM " . $ecs->table('order_info') . " WHERE order_sn = '$order_sn' LIMIT 1";
	5160
	5161	$row = $db->getRow($sql);
	5162	if(empty($row))
	5163	{
	5164	$result['error'] = 1;
	5165	$result['message'] = $_LANG['invalid_order_sn'];
	5166	die($json->encode($result));
	5167	}
	5168
	5169	$order_query = array();
	5170	$order_query['order_sn'] = $order_sn;
	5171	$order_query['order_id'] = $row['order_id'];
	5172	$order_query['order_status'] = $_LANG['os'][$row['order_status']] . ',' . $_LANG['ps'][$row['pay_status']] . ',' . $_LANG['ss'][$row['shipping_status']];
	5173
	5174	if($row['invoice_no'] && $row['shipping_id'] > 0)
	5175	{
	5176	$sql = "SELECT shipping_code FROM " . $ecs->table('shipping') . " WHERE shipping_id = '$row[shipping_id]'";
	5177	$shipping_code = $db->getOne($sql);
	5178	$plugin = ROOT_PATH . 'includes/modules/shipping/' . $shipping_code . '.php';
	5179	if(file_exists($plugin))
	5180	{
	5181	include_once ($plugin);
	5182	$shipping = new $shipping_code();
	5183	$order_query['invoice_no'] = $shipping->query((string)$row['invoice_no']);
	5184	}
	5185	else
	5186	{
	5187	$order_query['invoice_no'] = (string)$row['invoice_no'];
	5188	}
	5189	}
	5190
	5191	$order_query['user_id'] = $row['user_id'];
	5192	/* 如果是匿名用户显示发货时间 */
	5193	if($row['user_id'] == 0 && $row['shipping_time'] > 0)
	5194	{
	5195	$order_query['shipping_date'] = local_date($GLOBALS['_CFG']['date_format'], $row['shipping_time']);
	5196	}
	5197	$smarty->assign('order_query', $order_query);
	5198	$result['content'] = $smarty->fetch('library/order_query.lbi');
	5199	die($json->encode($result));
	5200	}
	5201
	5202	function action_transform_points ()
	5203	{
	5204	$user = $GLOBALS['user'];
	5205	$_CFG = $GLOBALS['_CFG'];
	5206	$_LANG = $GLOBALS['_LANG'];
	5207	$smarty = $GLOBALS['smarty'];
	5208	$db = $GLOBALS['db'];
	5209	$ecs = $GLOBALS['ecs'];
	5210	$user_id = $_SESSION['user_id'];
	5211	$action = $GLOBALS['action'];
	5212
	5213	$rule = array();
	5214	if(! empty($_CFG['points_rule']))
	5215	{
	5216	$rule = unserialize($_CFG['points_rule']);
	5217	}
	5218	$cfg = array();
	5219	if(! empty($_CFG['integrate_config']))
	5220	{
	5221	$cfg = unserialize($_CFG['integrate_config']);
	5222	$_LANG['exchange_points'][0] = empty($cfg['uc_lang']['credits'][0][0]) ? $_LANG['exchange_points'][0] : $cfg['uc_lang']['credits'][0][0];
	5223	$_LANG['exchange_points'][1] = empty($cfg['uc_lang']['credits'][1][0]) ? $_LANG['exchange_points'][1] : $cfg['uc_lang']['credits'][1][0];
	5224	}
	5225	$sql = "SELECT user_id, user_name, pay_points, rank_points FROM " . $ecs->table('users') . " WHERE user_id='$user_id'";
	5226	$row = $db->getRow($sql);
	5227	if($_CFG['integrate_code'] == 'ucenter')
	5228	{
	5229	$exchange_type = 'ucenter';
	5230	$to_credits_options = array();
	5231	$out_exchange_allow = array();
	5232	foreach($rule as $credit)
	5233	{
	5234	$out_exchange_allow[$credit['appiddesc'] . '\|' . $credit['creditdesc'] . '\|' . $credit['creditsrc']] = $credit['ratio'];
	5235	if(! array_key_exists($credit['appiddesc'] . '\|' . $credit['creditdesc'], $to_credits_options))
	5236	{
	5237	$to_credits_options[$credit['appiddesc'] . '\|' . $credit['creditdesc']] = $credit['title'];
	5238	}
	5239	}
	5240	$smarty->assign('selected_org', $rule[0]['creditsrc']);
	5241	$smarty->assign('selected_dst', $rule[0]['appiddesc'] . '\|' . $rule[0]['creditdesc']);
	5242	$smarty->assign('descreditunit', $rule[0]['unit']);
	5243	$smarty->assign('orgcredittitle', $_LANG['exchange_points'][$rule[0]['creditsrc']]);
	5244	$smarty->assign('descredittitle', $rule[0]['title']);
	5245	$smarty->assign('descreditamount', round((1 / $rule[0]['ratio']), 2));
	5246	$smarty->assign('to_credits_options', $to_credits_options);
	5247	$smarty->assign('out_exchange_allow', $out_exchange_allow);
	5248	}
	5249	else
	5250	{
	5251	$exchange_type = 'other';
	5252
	5253	$bbs_points_name = $user->get_points_name();
	5254	$total_bbs_points = $user->get_points($row['user_name']);
	5255
	5256	/* 论坛积分 */
	5257	$bbs_points = array();
	5258	foreach($bbs_points_name as $key => $val)
	5259	{
	5260	$bbs_points[$key] = array(
	5261	'title' => $_LANG['bbs'] . $val['title'], 'value' => $total_bbs_points[$key]
	5262	);
	5263	}
	5264
	5265	/* 兑换规则 */
	5266	$rule_list = array();
	5267	foreach($rule as $key => $val)
	5268	{
	5269	$rule_key = substr($key, 0, 1);
	5270	$bbs_key = substr($key, 1);
	5271	$rule_list[$key]['rate'] = $val;
	5272	switch($rule_key)
	5273	{
	5274	case TO_P:
	5275	$rule_list[$key]['from'] = $_LANG['bbs'] . $bbs_points_name[$bbs_key]['title'];
	5276	$rule_list[$key]['to'] = $_LANG['pay_points'];
	5277	break;
	5278	case TO_R:
	5279	$rule_list[$key]['from'] = $_LANG['bbs'] . $bbs_points_name[$bbs_key]['title'];
	5280	$rule_list[$key]['to'] = $_LANG['rank_points'];
	5281	break;
	5282	case FROM_P:
	5283	$rule_list[$key]['from'] = $_LANG['pay_points'];
	5284	$_LANG['bbs'] . $bbs_points_name[$bbs_key]['title'];
	5285	$rule_list[$key]['to'] = $_LANG['bbs'] . $bbs_points_name[$bbs_key]['title'];
	5286	break;
	5287	case FROM_R:
	5288	$rule_list[$key]['from'] = $_LANG['rank_points'];
	5289	$rule_list[$key]['to'] = $_LANG['bbs'] . $bbs_points_name[$bbs_key]['title'];
	5290	break;
	5291	}
	5292	}
	5293	$smarty->assign('bbs_points', $bbs_points);
	5294	$smarty->assign('rule_list', $rule_list);
	5295	}
	5296	$smarty->assign('shop_points', $row);
	5297	$smarty->assign('exchange_type', $exchange_type);
	5298	$smarty->assign('action', $action);
	5299	$smarty->assign('lang', $_LANG);
	5300	$smarty->display('user_transaction.dwt');
	5301	}
	5302
	5303	function action_act_transform_points ()
	5304	{
	5305	$user = $GLOBALS['user'];
	5306	$_CFG = $GLOBALS['_CFG'];
	5307	$_LANG = $GLOBALS['_LANG'];
	5308	$smarty = $GLOBALS['smarty'];
	5309	$db = $GLOBALS['db'];
	5310	$ecs = $GLOBALS['ecs'];
	5311	$user_id = $_SESSION['user_id'];
	5312
	5313	$rule_index = empty($_POST['rule_index']) ? '' : trim($_POST['rule_index']);
	5314	$num = empty($_POST['num']) ? 0 : intval($_POST['num']);
	5315
	5316	if($num <= 0 \|\| $num != floor($num))
	5317	{
	5318	show_message($_LANG['invalid_points'], $_LANG['transform_points'], 'user.php?act=transform_points');
	5319	}
	5320
	5321	$num = floor($num); // 格式化为整数
	5322
	5323	$bbs_key = substr($rule_index, 1);
	5324	$rule_key = substr($rule_index, 0, 1);
	5325
	5326	$max_num = 0;
	5327
	5328	/* 取出用户数据 */
	5329	$sql = "SELECT user_name, user_id, pay_points, rank_points FROM " . $ecs->table('users') . " WHERE user_id='$user_id'";
	5330	$row = $db->getRow($sql);
	5331	$bbs_points = $user->get_points($row['user_name']);
	5332	$points_name = $user->get_points_name();
	5333
	5334	$rule = array();
	5335	if($_CFG['points_rule'])
	5336	{
	5337	$rule = unserialize($_CFG['points_rule']);
	5338	}
	5339	list($from, $to) = explode(':', $rule[$rule_index]);
	5340
	5341	$max_points = 0;
	5342	switch($rule_key)
	5343	{
	5344	case TO_P:
	5345	$max_points = $bbs_points[$bbs_key];
	5346	break;
	5347	case TO_R:
	5348	$max_points = $bbs_points[$bbs_key];
	5349	break;
	5350	case FROM_P:
	5351	$max_points = $row['pay_points'];
	5352	break;
	5353	case FROM_R:
	5354	$max_points = $row['rank_points'];
	5355	}
	5356
	5357	/* 检查积分是否超过最大值 */
	5358	if($max_points <= 0 \|\| $num > $max_points)
	5359	{
	5360	show_message($_LANG['overflow_points'], $_LANG['transform_points'], 'user.php?act=transform_points');
	5361	}
	5362
	5363	switch($rule_key)
	5364	{
	5365	case TO_P:
	5366	$result_points = floor($num * $to / $from);
	5367	$user->set_points($row['user_name'], array(
	5368	$bbs_key => 0 - $num
	5369	)); // 调整论坛积分
	5370	log_account_change($row['user_id'], 0, 0, 0, $result_points, $_LANG['transform_points'], ACT_OTHER);
	5371	show_message(sprintf($_LANG['to_pay_points'], $num, $points_name[$bbs_key]['title'], $result_points), $_LANG['transform_points'], 'user.php?act=transform_points');
	5372
	5373	case TO_R:
	5374	$result_points = floor($num * $to / $from);
	5375	$user->set_points($row['user_name'], array(
	5376	$bbs_key => 0 - $num
	5377	)); // 调整论坛积分
	5378	log_account_change($row['user_id'], 0, 0, $result_points, 0, $_LANG['transform_points'], ACT_OTHER);
	5379	show_message(sprintf($_LANG['to_rank_points'], $num, $points_name[$bbs_key]['title'], $result_points), $_LANG['transform_points'], 'user.php?act=transform_points');
	5380
	5381	case FROM_P:
	5382	$result_points = floor($num * $to / $from);
	5383	log_account_change($row['user_id'], 0, 0, 0, 0 - $num, $_LANG['transform_points'], ACT_OTHER); // 调整商城积分
	5384	$user->set_points($row['user_name'], array(
	5385	$bbs_key => $result_points
	5386	)); // 调整论坛积分
	5387	show_message(sprintf($_LANG['from_pay_points'], $num, $result_points, $points_name[$bbs_key]['title']), $_LANG['transform_points'], 'user.php?act=transform_points');
	5388
	5389	case FROM_R:
	5390	$result_points = floor($num * $to / $from);
	5391	log_account_change($row['user_id'], 0, 0, 0 - $num, 0, $_LANG['transform_points'], ACT_OTHER); // 调整商城积分
	5392	$user->set_points($row['user_name'], array(
	5393	$bbs_key => $result_points
	5394	)); // 调整论坛积分
	5395	show_message(sprintf($_LANG['from_rank_points'], $num, $result_points, $points_name[$bbs_key]['title']), $_LANG['transform_points'], 'user.php?act=transform_points');
	5396	}
	5397	}
	5398
	5399	function action_act_transform_ucenter_points ()
	5400	{
	5401	$user = $GLOBALS['user'];
	5402	$_CFG = $GLOBALS['_CFG'];
	5403	$_LANG = $GLOBALS['_LANG'];
	5404	$smarty = $GLOBALS['smarty'];
	5405	$db = $GLOBALS['db'];
	5406	$ecs = $GLOBALS['ecs'];
	5407	$user_id = $_SESSION['user_id'];
	5408
	5409	$rule = array();
	5410	if($_CFG['points_rule'])
	5411	{
	5412	$rule = unserialize($_CFG['points_rule']);
	5413	}
	5414	$shop_points = array(
	5415	0 => 'rank_points', 1 => 'pay_points'
	5416	);
	5417	$sql = "SELECT user_id, user_name, pay_points, rank_points FROM " . $ecs->table('users') . " WHERE user_id='$user_id'";
	5418	$row = $db->getRow($sql);
	5419	$exchange_amount = intval($_POST['amount']);
	5420	$fromcredits = intval($_POST['fromcredits']);
	5421	$tocredits = trim($_POST['tocredits']);
	5422	$cfg = unserialize($_CFG['integrate_config']);
	5423	if(! empty($cfg))
	5424	{
	5425	$_LANG['exchange_points'][0] = empty($cfg['uc_lang']['credits'][0][0]) ? $_LANG['exchange_points'][0] : $cfg['uc_lang']['credits'][0][0];
	5426	$_LANG['exchange_points'][1] = empty($cfg['uc_lang']['credits'][1][0]) ? $_LANG['exchange_points'][1] : $cfg['uc_lang']['credits'][1][0];
	5427	}
	5428	list($appiddesc, $creditdesc) = explode('\|', $tocredits);
	5429	$ratio = 0;
	5430
	5431	if($exchange_amount <= 0)
	5432	{
	5433	show_message($_LANG['invalid_points'], $_LANG['transform_points'], 'user.php?act=transform_points');
	5434	}
	5435	if($exchange_amount > $row[$shop_points[$fromcredits]])
	5436	{
	5437	show_message($_LANG['overflow_points'], $_LANG['transform_points'], 'user.php?act=transform_points');
	5438	}
	5439	foreach($rule as $credit)
	5440	{
	5441	if($credit['appiddesc'] == $appiddesc && $credit['creditdesc'] == $creditdesc && $credit['creditsrc'] == $fromcredits)
	5442	{
	5443	$ratio = $credit['ratio'];
	5444	break;
	5445	}
	5446	}
	5447	if($ratio == 0)
	5448	{
	5449	show_message($_LANG['exchange_deny'], $_LANG['transform_points'], 'user.php?act=transform_points');
	5450	}
	5451	$netamount = floor($exchange_amount / $ratio);
	5452	include_once (ROOT_PATH . './includes/lib_uc.php');
	5453	$result = exchange_points($row['user_id'], $fromcredits, $creditdesc, $appiddesc, $netamount);
	5454	if($result === true)
	5455	{
	5456	$sql = "UPDATE " . $ecs->table('users') . " SET {$shop_points[$fromcredits]}={$shop_points[$fromcredits]}-'$exchange_amount' WHERE user_id='{$row['user_id']}'";
	5457	$db->query($sql);
	5458	$sql = "INSERT INTO " . $ecs->table('account_log') . "(user_id, {$shop_points[$fromcredits]}, change_time, change_desc, change_type)" . " VALUES ('{$row['user_id']}', '-$exchange_amount', '" . gmtime() . "', '" . $cfg['uc_lang']['exchange'] . "', '98')";
	5459	$db->query($sql);
	5460	show_message(sprintf($_LANG['exchange_success'], $exchange_amount, $_LANG['exchange_points'][$fromcredits], $netamount, $credit['title']), $_LANG['transform_points'], 'user.php?act=transform_points');
	5461	}
	5462	else
	5463	{
	5464	show_message($_LANG['exchange_error_1'], $_LANG['transform_points'], 'user.php?act=transform_points');
	5465	}
	5466	}
	5467
	5468	/* 清除商品浏览历史 */
	5469	function action_clear_history ()
	5470	{
	5471	$user = $GLOBALS['user'];
	5472	$_CFG = $GLOBALS['_CFG'];
	5473	$_LANG = $GLOBALS['_LANG'];
	5474	$smarty = $GLOBALS['smarty'];
	5475	$db = $GLOBALS['db'];
	5476	$ecs = $GLOBALS['ecs'];
	5477	$user_id = $_SESSION['user_id'];
	5478
	5479	setcookie('ECS[history]', '', 1);
	5480	}
	5481
	5482	/* 代码增加_start By */
	5483	function action_vc_login ()
	5484	{
	5485	$user = $GLOBALS['user'];
	5486	$_CFG = $GLOBALS['_CFG'];
	5487	$_LANG = $GLOBALS['_LANG'];
	5488	$smarty = $GLOBALS['smarty'];
	5489	$db = $GLOBALS['db'];
	5490	$ecs = $GLOBALS['ecs'];
	5491	$user_id = $_SESSION['user_id'];
	5492
	5493	include_once (ROOT_PATH . 'includes/lib_clips.php');
	5494	$smarty->assign('info', get_user_default($user_id));
	5495
	5496	$smarty->display('user_transaction.dwt');
	5497	}
	5498
	5499	function action_vc_login_act ()
	5500	{
	5501	$user = $GLOBALS['user'];
	5502	$_CFG = $GLOBALS['_CFG'];
	5503	$_LANG = $GLOBALS['_LANG'];
	5504	$smarty = $GLOBALS['smarty'];
	5505	$db = $GLOBALS['db'];
	5506	$ecs = $GLOBALS['ecs'];
	5507	$user_id = $_SESSION['user_id'];
	5508
	5509	include_once (ROOT_PATH . 'includes/lib_clips.php');
	5510	$nowtime = gmtime();
	5511	$vc_sn = isset($_POST['vcard']) ? trim($_POST['vcard']) : '';
	5512	$vc_pwd = isset($_POST['pwd']) ? trim($_POST['pwd']) : '';
	5513	if(empty($vc_sn) \|\| empty($vc_pwd))
	5514	{
	5515	show_message('卡号或密码都不能为空', '返回重新登录', 'user.php?act=vc_login');
	5516	}
	5517	$sql = "select vc.*, vt.type_money, vt.use_start_date, vt.use_end_date from " . $ecs->table('valuecard') . " AS vc " . " left join " . $ecs->table('valuecard_type') . " AS vt " . "on vc.vc_type_id = vt.type_id where vc.vc_sn= '$vc_sn' ";
	5518	$vcrow = $db->getRow($sql);
	5519	if(! $vcrow)
	5520	{
	5521	show_message('该储值卡号不存在', '请查证后重新登录', 'user.php?act=vc_login');
	5522	}
	5523	if($vc_pwd != $vcrow['vc_pwd'])
	5524	{
	5525	show_message('密码错误', '请查证后重新登录', 'user.php?act=vc_login');
	5526	}
	5527	if($nowtime < $vcrow['use_start_date'])
	5528	{
	5529	show_message('对不起，该储值卡还未到开始使用日期', '请过几天再登录试试', 'user.php?act=vc_login');
	5530	}
	5531	if($nowtime > $vcrow['use_end_date'])
	5532	{
	5533	show_message('对不起，该储值卡已过期', '请换个卡号重新登录', 'user.php?act=vc_login');
	5534	}
	5535	if($vcrow['user_id'])
	5536	{
	5537	show_message('对不起，该储值卡已使用', '请换个卡号重新登录', 'user.php?act=vc_login');
	5538	}
	5539
	5540	$sql = 'INSERT INTO ' . $GLOBALS['ecs']->table('user_account') . ' (user_id, admin_user, amount, add_time, paid_time, admin_note, user_note, process_type, payment, is_paid)' . " VALUES ('$user_id', '', '$vcrow[type_money]', '" . gmtime() . "', '" . gmtime() . "', '', '储值卡充值', '0', '储值卡号：$vc_sn', 1)";
	5541	$GLOBALS['db']->query($sql);
	5542	log_account_change($user_id, $vcrow['type_money'], 0, 0, 0, '储值卡充值，卡号：' . $vc_sn, ACT_OTHER);
	5543
	5544	$sql = "update " . $ecs->table('valuecard') . " set user_id='$user_id', used_time='$nowtime' where vc_id='$vcrow[vc_id]' ";
	5545	$db->query($sql);
	5546	// 是否开启余额变动给客户发短信-储值卡充值
	5547	if($_CFG['sms_user_money_change'] == 1)
	5548	{
	5549	$sql = "SELECT user_money,mobile_phone FROM " . $GLOBALS['ecs']->table('users') . " WHERE user_id = '$user_id'";
	5550	$users = $GLOBALS['db']->getRow($sql);
	5551	$content = sprintf($_CFG['sms_recharge_balance_add_tpl'], $vcrow['type_money'], $users['user_money'], $_CFG['sms_sign']);
	5552	if($users['mobile_phone'])
	5553	{
	5554	include_once ('send.php');
	5555	sendSMS($users['mobile_phone'], $content);
	5556	}
	5557	}
	5558	show_message('恭喜，已成功充值！', '返回上一页', 'user.php?act=vc_login');
	5559
	5560	$smarty->display('user_transaction.dwt');
	5561	}
	5562
	5563	/* 代码增加_end By */
	5564	/* 代码增加_start By */
	5565	function action_tg_login ()
	5566	{
	5567	$user = $GLOBALS['user'];
	5568	$_CFG = $GLOBALS['_CFG'];
	5569	$_LANG = $GLOBALS['_LANG'];
	5570	$smarty = $GLOBALS['smarty'];
	5571	$db = $GLOBALS['db'];
	5572	$ecs = $GLOBALS['ecs'];
	5573	$user_id = $_SESSION['user_id'];
	5574
	5575	include_once (ROOT_PATH . 'includes/lib_clips.php');
	5576
	5577	$smarty->display('user_transaction.dwt');
	5578	}
	5579
	5580	function action_tg_login_act ()
	5581	{
	5582	$user = $GLOBALS['user'];
	5583	$_CFG = $GLOBALS['_CFG'];
	5584	$_LANG = $GLOBALS['_LANG'];
	5585	$smarty = $GLOBALS['smarty'];
	5586	$db = $GLOBALS['db'];
	5587	$ecs = $GLOBALS['ecs'];
	5588	$user_id = $_SESSION['user_id'];
	5589
	5590	include_once (ROOT_PATH . 'includes/lib_clips.php');
	5591	$nowtime = gmtime();
	5592	$tg_sn = isset($_POST['tcard']) ? trim($_POST['tcard']) : '';
	5593	$tg_pwd = isset($_POST['pwd']) ? trim($_POST['pwd']) : '';
	5594	if(empty($tg_sn) \|\| empty($tg_pwd)){
	5595	show_message('卡号或密码都不能为空', '返回重新输入', 'user.php?act=tg_login');
	5596	}
	5597	$sql = "select tg.*, tt.type_money, tt.type_money_count, tt.use_start_date, tt.use_end_date from " . $ecs->table('takegoods') . " AS tg " . " left join " . $ecs->table('takegoods_type') . " AS tt " . "on tg.type_id = tt.type_id where tg.tg_sn= '$tg_sn' ";
	5598	$tgrow = $db->getRow($sql);
	5599	if(! $tgrow)
	5600	{
	5601	show_message('该提货券不存在', '请查证后重新输入', 'user.php?act=tg_login');
	5602	}
	5603	if($tg_pwd != $tgrow['tg_pwd'])
	5604	{
	5605	show_message('密码错误', '请查证后重新输入', 'user.php?act=tg_login');
	5606	}
	5607	if($nowtime < $tgrow['use_start_date'])
	5608	{
	5609	show_message('对不起，该提货券开始使用日期为 ' . local_date('Y-m-d H:i:s', $tgrow['use_start_date']), '请过几天再试试', 'user.php?act=tg_login');
	5610	}
	5611	if($nowtime > $tgrow['use_end_date'])
	5612	{
	5613	show_message('对不起，该提货券已过期', '请换个券号重新输入', 'user.php?act=tg_login');
	5614	}
	5615
	5616	if($tgrow['used_time'] and (count(explode('@', $tgrow['used_time'])) >= $tgrow['type_money_count']))
	5617	{
	5618	show_message('对不起，该提货券使用次数已用尽', '请换个券号重新输入', 'user.php?act=tg_login');
	5619	}
	5620
	5621	$_SESSION['takegoods_sn_68ecshop'] = $tg_sn;
	5622	$_SESSION['takegoods_id_68ecshop'] = $tgrow['tg_id'];
	5623
	5624	ecs_header("Location:takegoods.php");
	5625	}
	5626
	5627	function action_tg_order ()
	5628	{
	5629	$user = $GLOBALS['user'];
	5630	$_CFG = $GLOBALS['_CFG'];
	5631	$_LANG = $GLOBALS['_LANG'];
	5632	$smarty = $GLOBALS['smarty'];
	5633	$db = $GLOBALS['db'];
	5634	$ecs = $GLOBALS['ecs'];
	5635	$user_id = $_SESSION['user_id'];
	5636	$action = $GLOBALS['action'];
	5637
	5638	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	5639
	5640	$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('takegoods_order') . " WHERE user_id = '$user_id'");
	5641
	5642	$pager = get_pager('user.php', array(
	5643	'act' => $action
	5644	), $record_count, $page, 10);
	5645
	5646	$orders = get_takegoods_orders($user_id, $pager['size'], $pager['start']);
	5647
	5648	$smarty->assign('pager', $pager);
	5649	$smarty->assign('orders', $orders);
	5650
	5651	$smarty->display('user_transaction.dwt');
	5652	}
	5653
	5654	function action_tg_order_confirm ()
	5655	{
	5656	$user = $GLOBALS['user'];
	5657	$_CFG = $GLOBALS['_CFG'];
	5658	$_LANG = $GLOBALS['_LANG'];
	5659	$smarty = $GLOBALS['smarty'];
	5660	$db = $GLOBALS['db'];
	5661	$ecs = $GLOBALS['ecs'];
	5662	$user_id = $_SESSION['user_id'];
	5663
	5664	$id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
	5665	$sql = "update " . $ecs->table('takegoods_order') . " set order_status='2' where rec_id= '$id' ";
	5666	$db->query($sql);
	5667	show_message('恭喜，成功确认收货！', '返回提货列表页', 'user.php?act=tg_order');
	5668	}
	5669
	5670	/* 商品评价/晒单增加 by */
	5671	function action_my_comment ()
	5672	{
	5673	$user = $GLOBALS['user'];
	5674	$_CFG = $GLOBALS['_CFG'];
	5675	$_LANG = $GLOBALS['_LANG'];
	5676	$smarty = $GLOBALS['smarty'];
	5677	$db = $GLOBALS['db'];
	5678	$ecs = $GLOBALS['ecs'];
	5679	$user_id = $_SESSION['user_id'];
	5680	$action = $GLOBALS['action'];
	5681
	5682	$min_time = gmtime() - 86400 * $_CFG['comment_youxiaoqi'];
	5683	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	5684	$count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('order_goods') . " AS og
	5685	LEFT JOIN " . $ecs->table('order_info') . " AS o ON og.order_id=o.order_id
	5686	WHERE o.user_id = '$user_id' AND o.shipping_time_end > 0 AND og.is_back = 0");
	5687	$size = 20;
	5688	$page_count = ($count > 0) ? intval(ceil($count / $size)) : 1;
	5689	// 代码添加$o_id，if判断
	5690	$o_id = $_REQUEST['order_id'];
	5691
	5692	if($o_id)
	5693	{
	5694
	5695	$sql = "SELECT og.*, o.add_time, o.shipping_time_end, o.order_id, g.goods_thumb, s.shaidan_id, s.pay_points AS shaidan_points, s.status AS shaidan_status,
	5696	c.status AS comment_status,g.supplier_id,ifnull(ssc.value,'网站自营') AS shopname
	5697	FROM " . $ecs->table('order_goods') . " AS og
	5698	LEFT JOIN " . $ecs->table('order_info') . " AS o ON og.order_id=o.order_id
	5699	LEFT JOIN " . $ecs->table('goods') . " AS g ON og.goods_id=g.goods_id
	5700	LEFT JOIN " . $ecs->table('shaidan') . " AS s ON og.rec_id=s.rec_id
	5701	LEFT JOIN " . $ecs->table('comment') . " AS c ON og.rec_id=c.rec_id
	5702	LEFT JOIN " . $ecs->table('supplier_shop_config') . " AS ssc ON ssc.supplier_id=g.supplier_id AND ssc.code='shop_name'
	5703	WHERE o.user_id = '$user_id' AND og.order_id = '$o_id' AND o.shipping_time_end > 0 AND og.is_back = 0 ORDER BY o.add_time DESC";
	5704	}
	5705	else
	5706	{
	5707	$sql = "SELECT og.*, o.add_time, o.shipping_time_end, o.order_id, g.goods_thumb, s.shaidan_id, s.pay_points AS shaidan_points, s.status AS shaidan_status,
	5708	c.status AS comment_status,g.supplier_id,ifnull(ssc.value,'网站自营') AS shopname
	5709	FROM " . $ecs->table('order_goods') . " AS og
	5710	LEFT JOIN " . $ecs->table('order_info') . " AS o ON og.order_id=o.order_id
	5711	LEFT JOIN " . $ecs->table('goods') . " AS g ON og.goods_id=g.goods_id
	5712	LEFT JOIN " . $ecs->table('shaidan') . " AS s ON og.rec_id=s.rec_id
	5713	LEFT JOIN " . $ecs->table('comment') . " AS c ON og.rec_id=c.rec_id
	5714	LEFT JOIN " . $ecs->table('supplier_shop_config') . " AS ssc ON ssc.supplier_id=g.supplier_id AND ssc.code='shop_name'
	5715	WHERE o.user_id = '$user_id' AND o.shipping_time_end > 0 AND og.is_back = 0 ORDER BY o.add_time DESC";
	5716	}
	5717	$res = $db->selectLimit($sql, $size, ($page - 1) * $size);
	5718	$points_list = array();
	5719	while($row = $db->fetchRow($res))
	5720	{
	5721	$row['thumb'] = get_image_path($row['goods_id'], $row['goods_thumb'], true);
	5722	$row['url'] = build_uri('goods', array(
	5723	'gid' => $row['goods_id']
	5724	), $row['goods_name']);
	5725	$row['add_time_str'] = local_date("Y-m-d", $row['add_time']);
	5726	$row['goods_tags'] = $db->getAll("SELECT * FROM " . $ecs->table('goods_tag') . " WHERE goods_id = '$row[goods_id]'");
	5727	$item_list[] = $row;
	5728	}
	5729	// 代码增加 for 循环
	5730	for($i = 1; $i < count($item_list); $i ++)
	5731	{
	5732	$item_list[$i]['o_id'] = $item_list[$i]['order_id'];
	5733	unset($item_list[$i]['order_id']);
	5734	}
	5735
	5736	$smarty->assign('item_list', $item_list);
	5737
	5738	// 统计信息
	5739	$num['x'] = $db->getOne("SELECT COUNT(*) AS num FROM " . $ecs->table('order_goods') . " AS og
	5740	LEFT JOIN " . $ecs->table('order_info') . " AS o ON og.order_id=o.order_id
	5741	WHERE o.user_id = '$user_id' AND og.is_back = 0 AND og.comment_state = 0 AND o.shipping_time_end > $min_time");
	5742	$num['y'] = $db->getOne("SELECT COUNT(*) AS num FROM " . $ecs->table('order_goods') . " AS og
	5743	LEFT JOIN " . $ecs->table('order_info') . " AS o ON og.order_id=o.order_id
	5744	WHERE o.user_id = '$user_id' AND og.is_back = 0 AND og.shaidan_state = 0 AND o.shipping_time_end > $min_time");
	5745	$smarty->assign('num', $num);
	5746
	5747	$pager = get_pager('user.php', array(
	5748	'act' => $action
	5749	), $count, $page, $size);
	5750	$smarty->assign('min_time', $min_time);
	5751	$smarty->assign('pager', $pager);
	5752	$smarty->display('user_my_comment.dwt');
	5753	}
	5754
	5755	function action_my_comment_send ()
	5756	{
	5757	$user = $GLOBALS['user'];
	5758	$_CFG = $GLOBALS['_CFG'];
	5759	$_LANG = $GLOBALS['_LANG'];
	5760	$smarty = $GLOBALS['smarty'];
	5761	$db = $GLOBALS['db'];
	5762	$ecs = $GLOBALS['ecs'];
	5763	$user_id = $_SESSION['user_id'];
	5764
	5765	include_once (ROOT_PATH . 'includes/lib_clips.php');
	5766
	5767	$user_info = $db->getRow("SELECT * FROM " . $ecs->table('users') . " WHERE user_id = '$user_id'");
	5768	$comment_type = 0;
	5769	$id_value = $_POST['goods_id'];
	5770	$email = $user_info['email'];
	5771	$user_name = $user_info['user_name'];
	5772	$user_id = $user_id;
	5773	$content = $_POST['content'];
	5774	//过滤js和html
	5775	$search = array ("'<script[^>]?>.?</script>'si", "'<[\/\!]?[^<>]?>'si");
	5776	$content = preg_replace($search,'',$content);
	5777
	5778	$comment_rank = $_POST['comment_rank'];
	5779
	5780	// 代码增加
	5781	$server = $_POST['server'];
	5782	$send = $_POST['send'];
	5783	$shipping = $_POST['shipping'];
	5784	$o_id = $_REQUEST['o_id'];
	5785
	5786	if(! $o_id)
	5787	{
	5788	$o_id = $_REQUEST['o1_id'];
	5789	}
	5790
	5791	// 代码增加
	5792
	5793	$add_time = gmtime();
	5794	$ip_address = real_ip();
	5795	$status = ($_CFG['comment_check'] == 1) ? 0 : 1;
	5796	$rec_id = $_POST['rec_id'];
	5797	$hide_username = intval($_POST['hide_username']);
	5798	$buy_time = $db->getOne("SELECT o.add_time FROM " . $ecs->table('order_info') . " AS o
	5799	LEFT JOIN " . $ecs->table('order_goods') . " AS og ON o.order_id=og.order_id
	5800	WHERE og.rec_id = '$rec_id'");
	5801
	5802	/* 自定义标签 */
	5803	$tags = ($_POST['comment_tag']) ? explode(",", $_POST['comment_tag']) : array();
	5804	if(is_array($_POST['tags_zi']))
	5805	{
	5806	foreach($_POST["tags_zi"] as $tag)
	5807	{
	5808	$status = $_CFG['user_tag_check'];
	5809	$db->query("INSERT INTO " . $ecs->table('goods_tag') . " (goods_id, tag_name, is_user, state) VALUES ('$id_value', '$tag', 1, '$status')");
	5810	$tags[] = $db->insert_id();
	5811	}
	5812	}
	5813	foreach($tags as $tagid)
	5814	{
	5815	if($tagid > 0)
	5816	{
	5817	$tagids[] = $tagid;
	5818	}
	5819	}
	5820	$comment_tag = (is_array($tagids)) ? implode(",", $tagids) : '';
	5821
	5822	// 代码增加o_id
	5823	$sql = "INSERT INTO " . $ecs->table('comment') . "(comment_type, id_value, email, user_name, content, comment_rank, add_time, ip_address, user_id, status, rec_id, comment_tag, buy_time, hide_username, order_id)" . "VALUES ('$comment_type', '$id_value', '$email', '$user_name', '$content', '$comment_rank', '$add_time', '$ip_address', '$user_id', '$status', '$rec_id', '$comment_tag', '$buy_time', '$hide_username', '$o_id')";
	5824
	5825	$db->query($sql);
	5826	$db->query("UPDATE " . $ecs->table('order_goods') . " SET comment_state = 1 WHERE rec_id = '$rec_id'");
	5827
	5828	// 代码增加
	5829	if($o_id)
	5830	{
	5831	$o_sn = $db->getOne("SELECT order_sn FROM " . $ecs->table('order_info') . "
	5832	WHERE order_id = '$o_id'");
	5833	$sql = "INSERT INTO " . $ecs->table('shop_grade') . "(user_id, user_name, add_time, server, send, shipping, order_id, order_sn)" . "VALUES ('$user_id', '$user_name', '$add_time', '$server', '$send', '$shipping', '$o_id', '$o_sn')";
	5834	$db->query($sql);
	5835	}
	5836	// 代码增加
	5837
	5838	clear_cache_files();
	5839
	5840	if($status == 0)
	5841	{
	5842	$msg = '您的信息提交成功，需要管理员审核后才能显示！';
	5843	}
	5844	else
	5845	{
	5846	$msg = '您的信息提交成功！';
	5847	}
	5848	echo "<script>alert('$msg');self.location='user.php?act=my_comment';</script>";
	5849	exit();
	5850	}
	5851
	5852	/* 余额额支付密码_添加_START_ */
	5853	function action_check_surplus_open ()
	5854	{
	5855	$user = $GLOBALS['user'];
	5856	$_CFG = $GLOBALS['_CFG'];
	5857	$_LANG = $GLOBALS['_LANG'];
	5858	$smarty = $GLOBALS['smarty'];
	5859	$db = $GLOBALS['db'];
	5860	$ecs = $GLOBALS['ecs'];
	5861	$user_id = $_SESSION['user_id'];
	5862
	5863	$sql = 'SELECT `is_surplus_open`' . 'FROM `ecs_users`' . 'WHERE `user_id` = \'' . $_SESSION['user_id'] . '\'' . 'LIMIT 1';
	5864	$is_surplus_open = $GLOBALS['db']->getOne($sql);
	5865	echo $is_surplus_open;
	5866	exit();
	5867	}
	5868
	5869	function action_verify_surplus_password ()
	5870	{
	5871	$user = $GLOBALS['user'];
	5872	$_CFG = $GLOBALS['_CFG'];
	5873	$_LANG = $GLOBALS['_LANG'];
	5874	$smarty = $GLOBALS['smarty'];
	5875	$db = $GLOBALS['db'];
	5876	$ecs = $GLOBALS['ecs'];
	5877	$user_id = $_SESSION['user_id'];
	5878
	5879	$sql = 'SELECT COUNT( * )' . 'FROM `ecs_users`' . 'WHERE `user_id` = \'' . $_SESSION['user_id'] . '\'' . 'AND `surplus_password` = \'' . md5($_GET['surplus_password']) . '\'';
	5880	$count = $GLOBALS['db']->getOne($sql);
	5881	echo $count;
	5882	exit();
	5883	}
	5884
	5885	function action_get_verify_code ()
	5886	{
	5887	$user = $GLOBALS['user'];
	5888	$_CFG = $GLOBALS['_CFG'];
	5889	$_LANG = $GLOBALS['_LANG'];
	5890	$smarty = $GLOBALS['smarty'];
	5891	$db = $GLOBALS['db'];
	5892	$ecs = $GLOBALS['ecs'];
	5893	$user_id = $_SESSION['user_id'];
	5894
	5895	include_once ('includes/cls_json.php');
	5896	require (dirname(__FILE__) . '/send.php');
	5897	$json = new JSON();
	5898	$result = array();
	5899
	5900	$phone = trim($_REQUEST['phone']);
	5901
	5902	$sql = 'SELECT COUNT(*) FROM ' . $GLOBALS['ecs']->table('users') . ' WHERE `user_id` = \'' . $user_id . '\' AND `mobile_phone` = \'' . $phone . '\'';
	5903	$count = $GLOBALS['db']->getOne($sql);
	5904
	5905	if($count == 0)
	5906	{
	5907	$result['result'] = 'fail';
	5908	$result['message'] = '手机号跟用户不匹配';
	5909	echo $json->encode($result);
	5910	}
	5911	else
	5912	{
	5913	$seed = "0123456789";
	5914	$verifycode = mc_random(6, $seed);
	5915
	5916	$content = '您的验证码为' . $verifycode;
	5917
	5918	$ret = sendSMS($phone, $content);
	5919
	5920	$sql = 'INSERT INTO ' . $ecs->table('verifycode') . '(`mobile`, `getip`, `verifycode`, `dateline`) VALUES (\'' . $phone . '\',\'' . real_ip() . '\',\'' . $verifycode . '\',\'' . gmtime() . '\')';
	5921	$db->query($sql);
	5922	if($ret == '发送成功!' && $db->affected_rows() == 1)
	5923	{
	5924	$result['result'] = 'success';
	5925	$result['message'] = '短信发送成功';
	5926	echo $json->encode($result);
	5927	}
	5928	else
	5929	{
	5930	$result['result'] = 'fail';
	5931	$result['message'] = '短信发送失败！';
	5932	echo $json->encode($result);
	5933	}
	5934	}
	5935	}
	5936
	5937	function action_shaidan_send ()
	5938	{
	5939	$user = $GLOBALS['user'];
	5940	$_CFG = $GLOBALS['_CFG'];
	5941	$_LANG = $GLOBALS['_LANG'];
	5942	$smarty = $GLOBALS['smarty'];
	5943	$db = $GLOBALS['db'];
	5944	$ecs = $GLOBALS['ecs'];
	5945	$user_id = $_SESSION['user_id'];
	5946
	5947	$rec_id = intval($_GET['id']);
	5948	$goods = $db->getRow("SELECT * FROM " . $ecs->table('order_goods') . " WHERE rec_id = '$rec_id'");
	5949
	5950	$min_time = gmtime() - 86400 * $_CFG['comment_youxiaoqi'];
	5951	$pan_1 = $db->getOne("select shipping_time_end from " . $ecs->table('order_info') . " where order_id = " . $goods['order_id']);
	5952	$pan_1 = ($pan_1 > $min_time) ? 1 : 0;
	5953	$smarty->assign('pan_1', $pan_1);
	5954
	5955	$pan_2 = $db->getOne("select rec_id from " . $ecs->table('shaidan') . " where rec_id = '$rec_id'");
	5956	$pan_2 = ! empty($pan_2) ? 1 : 0;
	5957	$smarty->assign('pan_2', $pan_2);
	5958
	5959	$s_user = $db->getOne("select user_id from " . $ecs->table('order_info') . " where order_id = " . $goods['order_id']);
	5960	$pan_3 = ($s_user == $_SESSION['user_id'] ? 0 : 1);
	5961	$smarty->assign('pan_3', $pan_3);
	5962
	5963	$smarty->assign('goods', $goods);
	5964
	5965	$smarty->display('user_my_comment.dwt');
	5966	}
	5967
	5968	function action_shaidan_save ()
	5969	{
	5970	$user = $GLOBALS['user'];
	5971	$_CFG = $GLOBALS['_CFG'];
	5972	$_LANG = $GLOBALS['_LANG'];
	5973	$smarty = $GLOBALS['smarty'];
	5974	$db = $GLOBALS['db'];
	5975	$ecs = $GLOBALS['ecs'];
	5976	$user_id = $_SESSION['user_id'];
	5977
	5978	include_once (dirname(__FILE__) . '/includes/cls_image.php');
	5979	$image = new cls_image($_CFG['bgcolor']);
	5980
	5981	$rec_id = intval($_POST['rec_id']);
	5982	$goods_id = intval($_POST['goods_id']);
	5983	$title = trim($_POST['title']);
	5984	$message = $_POST['message'];
	5985	$add_time = gmtime();
	5986	$status = $_CFG['shaidan_check'];
	5987	$hide_username = intval($_POST['hide_username']);
	5988
	5989	$sql = "INSERT INTO " . $ecs->table('shaidan') . "(rec_id, goods_id, user_id, title, message, add_time, status, hide_username)" . "VALUES ('$rec_id', '$goods_id', '$user_id', '$title', '$message', '$add_time', '$status', '$hide_username')";
	5990	$db->query($sql);
	5991	$shaidan_id = $db->insert_id();
	5992	$db->query("UPDATE " . $ecs->table('order_goods') . " SET shaidan_state = 1 WHERE rec_id = '$rec_id'");
	5993
	5994	// 处理图片
	5995	$img_srcs = $_POST['img_srcs'];
	5996	$img_names = $_POST['img_names'];
	5997	if(is_array($img_srcs))
	5998	{
	5999	foreach($img_srcs as $i => $src)
	6000	{
	6001	$thumb = $image->make_thumb($src, 100, 100);
	6002	$sql = "INSERT INTO " . $ecs->table('shaidan_img') . "(shaidan_id, `desc`, image, thumb)" . "VALUES ('$shaidan_id', '" . $img_names[$i] . "', '$src', '$thumb')";
	6003	$db->query($sql);
	6004	}
	6005	}
	6006
	6007	// 需要审核
	6008	if($status == 0)
	6009	{
	6010	$msg = '您的信息提交成功，需要管理员审核后才能显示！';
	6011	}
	6012
	6013	// 不需要审核
	6014	else
	6015	{
	6016	$info = $db->GetRow("SELECT * FROM " . $ecs->table('shaidan') . " WHERE shaidan_id='$shaidan_id'");
	6017	// 该商品第几位晒单者
	6018	$res = $db->getAll("SELECT shaidan_id FROM " . $ecs->table("shaidan") . " WHERE goods_id = '$info[goods_id]' ORDER BY add_time ASC");
	6019	foreach($res as $key => $value)
	6020	{
	6021	if($shaidan_id == $value['shaidan_id'])
	6022	{
	6023	$weizhi = $key + 1;
	6024	}
	6025	}
	6026	// 图片数量
	6027	$imgnum = count($img_srcs);
	6028
	6029	// 是否赠送积分
	6030	if($info['is_points'] == 0 && $weizhi <= $_CFG['shaidan_pre_num'] && $imgnum >= $_CFG['shaidan_img_num'])
	6031	{
	6032	$pay_points = $_CFG['shaidan_pay_points'];
	6033	$db->query("UPDATE " . $ecs->table('shaidan') . " SET pay_points = '$pay_points', is_points = 1 WHERE shaidan_id = '$shaidan_id'");
	6034	$db->query("INSERT INTO " . $ecs->table('account_log') . "(user_id, rank_points, pay_points, change_time, change_desc, change_type) " . "VALUES ('$info[user_id]', 0, '" . $pay_points . "', " . gmtime() . ", '晒单获得积分', '99')");
	6035	$log = $db->getRow("SELECT SUM(rank_points) AS rank_points, SUM(pay_points) AS pay_points FROM " . $ecs->table("account_log") . " WHERE user_id = '$info[user_id]'");
	6036	$db->query("UPDATE " . $ecs->table('users') . " SET rank_points = '" . $log['rank_points'] . "', pay_points = '" . $log['pay_points'] . "' WHERE user_id = '$info[user_id]'");
	6037	}
	6038
	6039	$msg = '您的信息提交成功！';
	6040	}
	6041	echo "<script>alert('$msg');self.location='user.php?act=my_comment';</script>";
	6042	exit();
	6043	}
	6044
	6045	function action_auction_list ()
	6046	{
	6047	$user = $GLOBALS['user'];
	6048	$_CFG = $GLOBALS['_CFG'];
	6049	$_LANG = $GLOBALS['_LANG'];
	6050	$smarty = $GLOBALS['smarty'];
	6051	$db = $GLOBALS['db'];
	6052	$ecs = $GLOBALS['ecs'];
	6053	$user_id = $_SESSION['user_id'];
	6054
	6055	include_once (ROOT_PATH . 'includes/lib_clips.php');
	6056	$smarty->assign('prompt', get_user_prompt($user_id));
	6057	$smarty->display('user_clips.dwt');
	6058	}
	6059
	6060	function action_get_tc_express ()
	6061	{
	6062	$smarty = $GLOBALS['smarty'];
	6063	$db = $GLOBALS['db'];
	6064	$ecs = $GLOBALS['ecs'];
	6065
	6066	require_once(ROOT_PATH . 'includes/cls_json.php');
	6067	$json = new JSON;
	6068
	6069	// 变量初始化
	6070	$result_content = "";
	6071
	6072	$kos_order_id = $db->getOne("select order_id from ".$ecs->table('kuaidi_order')." where order_sn='".$_REQUEST['expressno']."'");
	6073
	6074	$sql="select * from ". $ecs->table('kuaidi_order_status') ." where order_id='$kos_order_id' order by status_id";
	6075	$res_status = $db->query($sql);
	6076	$have_shipping_info =0;
	6077	$shipping_info ="";
	6078	while($row_status = $db->fetchRow($res_status))
	6079	{
	6080	if ($row_status['status_display']==1)
	6081	{
	6082	switch ($row_status['status_id'])
	6083	{
	6084	case 1 :
	6085	$shipping_info .= "您提交了订单，请等待确认。 (".local_date('Y-m-d H:i:s', $row_status['status_time']).")";
	6086	break;
	6087	case 2 :
	6088	$shipping_info .= "您的快件已经确认，等待快递员揽收。 (".local_date('Y-m-d H:i:s', $row_status['status_time']).")";
	6089	break;
	6090	case 3 :
	6091	$postman_id = $db->getOne("select postman_id from ".$ecs->table('kuaidi_order')." where order_sn='".$_REQUEST['expressno']."'");
	6092	$postman_info = $db->getRow("select postman_name, mobile from ".$ecs->table('postman')." where postman_id=".$postman_id);
	6093	$shipping_info .= "您的快件正在派送，快递员：".$postman_info['postman_name']."，电话：".$postman_info['mobile']." (".local_date('Y-m-d H:i:s', $row_status['status_time']).")";
	6094	break;
	6095	case 4 :
	6096	$shipping_info .= "您的快件已经签收。 (".local_date('Y-m-d H:i:s', $row_status['status_time']).")";
	6097	break;
	6098	case 5 :
	6099	$shipping_info .= "您的快件已被拒收。 (".local_date('Y-m-d H:i:s', $row_status['status_time']).")";
	6100	break;
	6101	case 6 :
	6102	$shipping_info .= "您拒收的快件已被退回。 (".local_date('Y-m-d H:i:s', $row_status['status_time']).")";
	6103	break;
	6104	case 7 :
	6105	$shipping_info .= "您的快件已经取消。 (".local_date('Y-m-d H:i:s', $row_status['status_time']).")";
	6106	break;
	6107	}
	6108
	6109	$shipping_info .= "<br>";
	6110
	6111	if ($row_status['status_id'] >= 1)
	6112	{
	6113	$have_shipping_info++;
	6114	}
	6115	}
	6116	}
	6117	if ($have_shipping_info)
	6118	{
	6119	$result_content = $shipping_info;
	6120	}
	6121	else
	6122	{
	6123	$result_content ='抱歉，暂时还没有该运单的物流信息哦！';
	6124	}
	6125
	6126	echo $json->encode($result_content);
	6127	}
	6128
	6129	/* 账户安全_end_ */
	6130	/* 余额额支付密码_添加_END_ */
	6131	function get_takegoods_orders ($user_id, $num = 10, $start = 0)
	6132	{
	6133	$order_status = array(
	6134	'0' => '提货成功，等待发货', '1' => '确认收货', '2' => '完成'
	6135	);
	6136	/* 取得订单列表 */
	6137	$arr = array();
	6138
	6139	$sql = "SELECT * " . " FROM " . $GLOBALS['ecs']->table('takegoods_order') . " WHERE user_id = '$user_id' ORDER BY rec_id DESC";
	6140	$res = $GLOBALS['db']->SelectLimit($sql, $num, $start);
	6141
	6142	while($row = $GLOBALS['db']->fetchRow($res))
	6143	{
	6144	$row['country_name'] = $GLOBALS['db']->getOne("select region_name from " . $GLOBALS['ecs']->table('region') . " where region_id='$row[country]' ");
	6145	$row['province_name'] = $GLOBALS['db']->getOne("select region_name from " . $GLOBALS['ecs']->table('region') . " where region_id='$row[province]' ");
	6146	$row['city_name'] = $GLOBALS['db']->getOne("select region_name from " . $GLOBALS['ecs']->table('region') . " where region_id='$row[city]' ");
	6147	$row['district_name'] = $GLOBALS['db']->getOne("select region_name from " . $GLOBALS['ecs']->table('region') . " where region_id='$row[district]' ");
	6148	$row['goods_url'] = build_uri('goods', array(
	6149	'gid' => $row['goods_id']
	6150	), $row['goods_name']);
	6151	$arr[] = array(
	6152	'rec_id' => $row['rec_id'], 'tg_sn' => $row['tg_sn'], 'goods_name' => $row['goods_name'], 'address' => $row['country_name'] . $row['province_name'] . $row['city_name'] . $row['district_name'] . $row['address'], 'add_time' => local_date($GLOBALS['_CFG']['time_format'], $row['add_time']), 'order_status' => $row['order_status'], 'order_status_name' => $order_status[$row['order_status']], 'goods_url' => $row['goods_url'], 'handler' => $row['handler']
	6153	);
	6154	}
	6155
	6156	return $arr;
	6157	}
	6158
	6159	/* 代码增加_end By */
	6160	/* 代码增加_start By */
	6161	function get_user_backorders ($user_id, $num = 10, $start = 0)
	6162	{
	6163	/* 取得订单列表 */
	6164	$arr = array();
	6165
	6166	$sql = "SELECT bo.*, g.goods_name " . " FROM " . $GLOBALS['ecs']->table('back_order') . " AS bo left join " . $GLOBALS['ecs']->table('goods') . " AS g " . " on bo.goods_id=g.goods_id " . " WHERE user_id = '$user_id' ORDER BY add_time DESC";
	6167	$res = $GLOBALS['db']->SelectLimit($sql, $num, $start);
	6168
	6169	while($row = $GLOBALS['db']->fetchRow($res))
	6170	{
	6171
	6172	$row['order_time'] = local_date($GLOBALS['_CFG']['time_format'], $row['add_time']);
	6173	$row['refund_money_1'] = price_format($row['refund_money_1'], false);
	6174
	6175	$row['goods_url'] = build_uri('goods', array(
	6176	'gid' => $row['goods_id']
	6177	), $row['goods_name']);
	6178	$row['status_back_1'] = $row['status_back'];
	6179	$row['status_back'] = $GLOBALS['_LANG']['bos'][(($row['back_type'] == 4 && $row['status_back'] != 8) ? $row['back_type'] : $row['status_back'])] . ' - ' . $GLOBALS['_LANG']['bps'][$row['status_refund']];
	6180
	6181	$sql_goods = "SELECT * FROM " . $GLOBALS['ecs']->table('back_goods') . " WHERE back_id = " . $row['back_id'];
	6182	$row['goods_list'] = $GLOBALS['db']->getAll($sql_goods);
	6183
	6184	$arr[] = $row;
	6185	}
	6186
	6187	//$arr['status_back'] = $GLOBALS['_LANG']['bos'][(($arr['back_type'] == 4 && $arr['status_back'] != 8) ? $row['back_type'] : $arr['status_back'])] . ' - ' . $GLOBALS['_LANG']['bps'][$arr['status_refund']];
	6188
	6189	return $arr;
	6190	}
	6191
	6192	/* 代码增加_end By */
	6193	/* 代码增加2014-12-23 by _star */
	6194	function is_telephone ($phone)
	6195	{
	6196	$chars = "/^13[0-9]{1}[0-9]{8}$\|15[0-9]{1}[0-9]{8}$\|18[0-9]{1}[0-9]{8}$/";
	6197	if(preg_match($chars, $phone))
	6198	{
	6199	return true;
	6200	}
	6201	}
	6202
	6203	function mc_random ($length, $char_str = 'abcdefghijklmnopqrstuvwxyz0123456789')
	6204	{
	6205	$hash = '';
	6206	$chars = $char_str;
	6207	$max = strlen($chars);
	6208	for($i = 0; $i < $length; $i ++)
	6209	{
	6210	$hash .= substr($chars, (rand(0, 1000) % $max), 1);
	6211	}
	6212	return $hash;
	6213	}
	6214
	6215	/* 代码增加2014-12-23 by _end */
	6216	function get_user_payed($user_id)
	6217	{
	6218	$sql = "SELECT SUM(user_money) FROM " .$GLOBALS['ecs']->table('account_log').
	6219	" WHERE user_id = '$user_id' AND user_money < 0";
	6220
	6221	return abs($GLOBALS['db']->getOne($sql));
	6222	}
	6223
	6224	function get_user_yue ($user_id)
	6225	{
	6226	$sql = "SELECT user_money FROM " . $GLOBALS['ecs']->table('users') . "WHERE user_id = '$user_id'";
	6227	$res = $GLOBALS['db']->getOne($sql);
	6228	return $res;
	6229	}
	6230
	6231	function get_inv_complete_address ($order)
	6232	{
	6233	if($order['inv_type'] == 'normal_invoice')
	6234	{
	6235	$address = trim(get_inv_complete_region($order['order_id'], $order['inv_type']));
	6236	if(empty($address))
	6237	{
	6238	return $order['address'];
	6239	}
	6240	else
	6241	{
	6242	return '[' . $address . '] ' . $order['address'];
	6243	}
	6244	}
	6245	elseif($order['inv_type'] == 'vat_invoice')
	6246	{
	6247	$address = trim(get_inv_complete_region($order['order_id'], $order['inv_type']));
	6248	if(empty($address))
	6249	{
	6250	return $order['inv_consignee_address'];
	6251	}
	6252	else
	6253	{
	6254	return '[' . $address . '] ' . $order['inv_consignee_address'];
	6255	}
	6256	}
	6257	else
	6258	{
	6259	return '';
	6260	}
	6261	}
	6262
	6263	function get_inv_complete_region ($order_id, $inv_type)
	6264	{
	6265	if(! empty($order_id))
	6266	{
	6267	if($inv_type == 'normal_invoice')
	6268	{
	6269	$sql = "SELECT concat(IFNULL(c.region_name, ''), ' ', IFNULL(p.region_name, ''), " . "' ', IFNULL(t.region_name, ''), ' ', IFNULL(d.region_name, '')) AS region " . "FROM " . $GLOBALS['ecs']->table('order_info') . " AS o " . "LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS c ON o.country = c.region_id " . "LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS p ON o.province = p.region_id " . "LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS t ON o.city = t.region_id " . "LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS d ON o.district = d.region_id " . "WHERE o.order_id = '$order_id'";
	6270	return $GLOBALS['db']->getOne($sql);
	6271	}
	6272	elseif($inv_type == 'vat_invoice')
	6273	{
	6274	$sql = "SELECT concat(IFNULL(p.region_name, ''), " . "' ', IFNULL(t.region_name, ''), ' ', IFNULL(d.region_name, '')) AS region " . "FROM " . $GLOBALS['ecs']->table('order_info') . " AS o " . "LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS p ON o.inv_consignee_province = p.region_id " . "LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS t ON o.inv_consignee_city = t.region_id " . "LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS d ON o.inv_consignee_district = d.region_id " . "WHERE o.order_id = '$order_id'";
	6275	return $GLOBALS['db']->getOne($sql);
	6276	}
	6277	else
	6278	{
	6279	return ' ';
	6280	}
	6281	}
	6282	else
	6283	{
	6284	return ' ';
	6285	}
	6286	}
	6287
	6288	?>