php/iem_shop.git

wangtengyu

2018-12-07 f459412e0dac4ed94106da043b4c6f8576bfe496

commit \| author \| age
3e083b	1	<?php
B	2
	3	/**
	4	* 会员中心
	5	*/
	6	define('IN_ECS', true);
	7
	8	require (dirname(__FILE__) . '/includes/init.php');
	9
	10	/* 载入语言文件 */
	11	require_once (ROOT_PATH . 'languages/' . $_CFG['lang'] . '/user.php');
	12
	13	$user_id = $_SESSION['user_id'];
	14	$action = isset($_REQUEST['act']) ? trim($_REQUEST['act']) : 'default';
	15
	16	$affiliate = unserialize($GLOBALS['_CFG']['affiliate']);
	17	$smarty->assign('affiliate', $affiliate);
	18	$back_act = '';
	19
bac5bc	20	include_once (ROOT_PATH . 'includes/cls_json.php');
C	21
3e083b	22	// 不需要登录的操作或自己验证是否登录（如ajax处理）的act
B	23	$not_login_arr = array(
	24	'login', 'act_login', 'act_edit_password', 'get_password', 'send_pwd_email', 'password', 'signin', 'add_tag', 'collect', 're_collect', 'return_to_cart', 'book_goods','add_book_goods', 'logout', 'user_bonus', 'email_list', 'validate_email', 'send_hash_mail', 'order_query', 'is_registered', 'check_email', 'check_mobile_phone', 'clear_history', 'qpassword_name', 'get_passwd_question', 'check_answer', 'check_register', 'oath', 'oath_login', 'other_login', 'ch_email', 'ck_email', 'check_username', 'forget_password', 'getverifycode', 'step_1',
	25	/余额额支付密码_更改_START_/
	26	'act_forget_pass', 're_pass', 'open_surplus_password', 'close_surplus_password'
	27	);
	28	/* 余额额支付密码_更改_END_ */
	29
	30	/* 显示页面的action列表 */
	31	$ui_arr = array(
	32	'login', 'profile', 'order_list', 'order_detail', 'address_list', 'collection_list', 'follow_shop', 'message_list', 'tag_list', 'get_password', 'reset_password', 'booking_list', 'add_booking', 'account_raply', 'account_deposit', 'account_log', 'account_detail', 'act_account', 'pay', 'default', 'bonus', 'group_buy', 'group_buy_detail', 'affiliate', 'comment_list', 'validate_email', 'track_packages', 'transform_points', 'qpassword_name', 'get_passwd_question', 'check_answer', 'check_register', 'back_order', 'back_list', 'back_order_detail', 'back_order_act', 'back_replay', 'my_comment', 'my_comment_send', 'shaidan_send', 'shaidan_sale', 'account_security', 'act_identity', 'check_phone', 'update_password', 're_binding', 'update_phone', 'update_email', 'act_update_email',
	33	're_binding_email', 'ch_email', 'ck_email', 'step_1', 'forget_password', 'back_order_detail', 'del_back_order', 'back_order_detail_edit', 'add_huan_goods',
	34	/余额额支付密码_更改_START_/
	35	'act_forget_pass', 're_pass', 'auction_list', 'forget_surplus_password', 'act_forget_surplus_password', 'update_surplus_password', 'act_update_surplus_password', 'verify_reset_surplus_email', 'get_verify_code'
	36	); // 代码修改
	37	// By
	38	//
	39	/* 余额额支付密码_更改_END_ */
	40
	41	/* 代码增加_start By */
	42	$ui_arr[] = "supplier_reg";
	43	/* 代码增加_end By */
	44	/* 代码增加_start By */
	45	$ui_arr[] = 'tg_login_act';
	46	$ui_arr[] = 'tg_login';
	47	$ui_arr[] = 'tg_order';
	48	/* 代码增加_end By */
	49	/* 代码增加_start By */
	50	$ui_arr[] = 'vc_login_act';
	51	$ui_arr[] = 'vc_login';
	52	$ui_arr[] = 'update_password_success';
	53	$ui_arr[] = 'to_update_password';
	54	$not_login_arr[] = 'login_check_yzm';
	55	/* 代码增加_end By */
	56	$not_login_arr[] = 'check_mobile';
	57	$not_login_arr[] = 'send_email_code';
	58	$not_login_arr[] = 'send_mobile_code';
	59
	60	$ui_arr[] = 'get_tc_express';
	61
	62	/* 未登录处理 */
	63	if(empty($_SESSION['user_id']) && $action != 're_validate_email' && $action != 'valid_email')
	64	{
	65	if(! in_array($action, $not_login_arr))
	66	{
	67	if(in_array($action, $ui_arr))
	68	{
	69	/*
	70	* 如果需要登录,并是显示页面的操作，记录当前操作，用于登录后跳转到相应操作
	71	* if ($action == 'login')
	72	* {
	73	* if (isset($_REQUEST['back_act']))
	74	* {
	75	* $back_act = trim($_REQUEST['back_act']);
	76	* }
	77	* }
	78	* else
	79	* {}
	80	*/
	81	$query_string = $_SERVER['QUERY_STRING'];
	82	if(! empty($query_string))
	83	{
	84	if(strpos($query_string, 'findPwd.php') != false)
	85	{
	86	$query_string = 'index.php';
	87	}
	88	$back_act = 'user.php?' . strip_tags($query_string);
	89	}
	90	$action = 'login';
	91	}
	92	else
	93	{
	94	// 未登录提交数据。非正常途径提交数据！
	95	// die($_LANG['require_login']);
	96	show_message($_LANG['require_login'], array(
	97	'</br>登录', '</br>返回首页'
	98	), array(
	99	'user.php?act=login', $ecs->url()
	100	), 'error', false);
	101	}
	102	}
	103	}
	104
	105	/* 如果是显示页面，对页面进行相应赋值 */
	106	if(in_array($action, $ui_arr))
	107	{
	108	assign_template();
	109	$position = assign_ur_here(0, $_LANG['user_center']);
	110	$smarty->assign('page_title', $position['title']); // 页面标题
	111	$smarty->assign('ur_here', $position['ur_here']);
	112	$sql = "SELECT value FROM " . $ecs->table('shop_config') . " WHERE id = 419";
	113	$row = $db->getRow($sql);
	114	$car_off = $row['value'];
	115	$smarty->assign('car_off', $car_off);
	116	/* 是否显示积分兑换 */
	117	if(! empty($_CFG['points_rule']) && unserialize($_CFG['points_rule']))
	118	{
	119	$smarty->assign('show_transform_points', 1);
	120	}
	121	$smarty->assign('helps', get_shop_help()); // 网店帮助
	122	$smarty->assign('data_dir', DATA_DIR); // 数据目录
	123	$smarty->assign('action', $action);
	124	$smarty->assign('lang', $_LANG);
	125	}
	126
	127	/* 代码增加_Start By 用户中心获取会员信息*/
	128
	129	include_once (ROOT_PATH . 'includes/lib_clips.php');
	130	if($rank = get_rank_info())
	131	{
	132	$smarty->assign('rank_name', $rank['rank_name']);
	133	if(! empty($rank['next_rank_name']))
	134	{
	135	$smarty->assign('next_rank_name', sprintf($_LANG['next_level'], $rank['next_rank'], $rank['next_rank_name']));
	136	}
	137	$rn = $rank['rank_name'];
	138	$recomm = $db->getOne("SELECT is_recomm FROM " . $GLOBALS['ecs']->table('user_rank') . " WHERE rank_name= '$rn'");
	139	$smarty->assign('recomm', $recomm); // 获取当前用户是否是分成用户判断是否显示我的推荐
	140	}
	141
	142	/* 路由 */
	143
	144	$function_name = 'action_' . $action;
	145
	146	if(! function_exists($function_name))
	147	{
	148	$function_name = "action_default";
	149	}
	150
	151	call_user_func($function_name);
	152
	153	/* 路由 */
	154
	155	/* 代码增加_start By */
	156	function action_supplier_reg ()
	157	{
	158	// 获取全局变量
	159	$_LANG = $GLOBALS['_LANG'];
	160	$smarty = $GLOBALS['smarty'];
	161	$db = $GLOBALS['db'];
	162	$ecs = $GLOBALS['ecs'];
	163	$user_id = $_SESSION['user_id'];
	164
	165	$sql = "select * from " . $ecs->table('supplier') . " where user_id='" . $_SESSION['user_id'] . "' ";
	166	$supplier = $db->getRow($sql);
	167
	168	$smarty->assign('supplier', $supplier);
	169
	170	$supplier_country = $supplier['country'] ? $supplier['country'] : $_CFG['shop_country'];
	171	$smarty->assign('country_list', get_regions());
	172	$smarty->assign('province_list', get_regions(1, $supplier_country));
	173	$smarty->assign('city_list', get_regions(2, $supplier['province']));
	174	$smarty->assign('district_list', get_regions(3, $supplier['city']));
	175	$smarty->assign('supplier_country', $supplier_country);
	176
	177	$sql = "select rank_id,rank_name from " . $ecs->table('supplier_rank') . " order by sort_order";
	178	$supplier_rank = $db->getAll($sql);
	179	$smarty->assign('supplier_rank', $supplier_rank);
	180
	181	$company_type = explode("\n", str_replace("\r\n", "\n", $_CFG['company_type']));
	182	$smarty->assign('company_type', $company_type);
	183
	184	$smarty->assign('user_id', $_SESSION['user_id']);
	185	$smarty->assign('mydomain', $ecs->url());
	186
	187	$smarty->display('user_transaction.dwt');
	188	}
	189
	190	function action_act_supplier_reg ()
	191	{
	192
	193	// 获取全局变量
	194	$_LANG = $GLOBALS['_LANG'];
	195	$smarty = $GLOBALS['smarty'];
	196	$db = $GLOBALS['db'];
	197	$ecs = $GLOBALS['ecs'];
	198	$user_id = $_SESSION['user_id'];
	199
	200	$supplier_name = isset($_POST['supplier_name']) ? trim($_POST['supplier_name']) : '';
	201	$rank_id = isset($_POST['rank_id']) ? intval($_POST['rank_id']) : 0;
	202	$company_name = isset($_POST['company_name']) ? trim($_POST['company_name']) : '';
	203	$country = isset($_POST['country']) ? intval($_POST['country']) : 1;
	204	$province = isset($_POST['province']) ? intval($_POST['province']) : 1;
	205	$city = isset($_POST['city']) ? intval($_POST['city']) : 1;
	206	$district = isset($_POST['district']) ? intval($_POST['district']) : 1;
	207	$country = isset($_POST['country']) ? intval($_POST['country']) : 1;
	208	$address = isset($_POST['address']) ? trim($_POST['address']) : '';
	209	$tel = isset($_POST['tel']) ? trim($_POST['tel']) : '';
	210	$guimo = isset($_POST['guimo']) ? trim($_POST['guimo']) : '';
	211	$email = isset($_POST['email']) ? trim($_POST['email']) : '';
	212	$company_type = isset($_POST['company_type']) ? trim($_POST['company_type']) : '';
	213	$bank = isset($_POST['bank']) ? trim($_POST['bank']) : '';
	214	$contact = isset($_POST['contact']) ? trim($_POST['contact']) : '';
	215	$contact_back = isset($_POST['contact_back']) ? trim($_POST['contact_back']) : '';
	216	$contact_shop = isset($_POST['contact_shop']) ? trim($_POST['contact_shop']) : '';
	217	$contact_yunying = isset($_POST['contact_yunying']) ? trim($_POST['contact_yunying']) : '';
	218	$contact_shouhou = isset($_POST['contact_shouhou']) ? trim($_POST['contact_shouhou']) : '';
	219	$contact_caiwu = isset($_POST['contact_caiwu']) ? trim($_POST['contact_caiwu']) : '';
	220	$contact_jishu = isset($_POST['contact_jishu']) ? trim($_POST['contact_jishu']) : '';
	221	$add_time = gmtime();
	222
	223	/* 图片上传处理 */
	224	$upload_size_limit = $_CFG['upload_size_limit'] == '-1' ? ini_get('upload_max_filesize') : $_CFG['upload_size_limit'];
	225
	226	$last_char = strtolower($upload_size_limit{strlen($upload_size_limit) - 1});
	227	switch($last_char)
	228	{
	229	case 'm':
	230	$upload_size_limit = 1024 1024;
	231	break;
	232	case 'k':
	233	$upload_size_limit *= 1024;
	234	break;
	235	}
	236	if(isset($_FILES['zhizhao']) && $_FILES['zhizhao']['tmp_name'] != '' && isset($_FILES['zhizhao']['tmp_name']) && $_FILES['zhizhao']['tmp_name'] != 'none')
	237	{
	238	if($_FILES['zhizhao']['size'] / 1024 > $upload_size_limit)
	239	{
	240	$err->add(sprintf($_LANG['upload_file_limit'], $upload_size_limit));
	241	$err->show($_LANG['back_up_page']);
	242	}
	243	$zhizhao_img = upload_file($_FILES['zhizhao'], 'supplier');
	244	if($zhizhao_img === false)
	245	{
	246	$err->add('业执照图片上传失败！');
	247	$err->show($_LANG['back_up_page']);
	248	}
	249	else
	250	{
	251	$sql_img = "zhizhao='$zhizhao_img',";
	252	}
	253	}
	254	if(isset($_FILES['id_card']) && $_FILES['id_card']['tmp_name'] != '' && isset($_FILES['id_card']['tmp_name']) && $_FILES['id_card']['tmp_name'] != 'none')
	255	{
	256	if($_FILES['id_card']['size'] / 1024 > $upload_size_limit)
	257	{
	258	$err->add(sprintf($_LANG['upload_file_limit'], $upload_size_limit));
	259	$err->show($_LANG['back_up_page']);
	260	}
	261	$id_card_img = upload_file($_FILES['id_card'], 'supplier');
	262	if($id_card_img === false)
	263	{
	264	$err->add('身份证图片上传失败！');
	265	$err->show($_LANG['back_up_page']);
	266	}
	267	else
	268	{
	269	$sql_img .= "id_card='$id_card_img', ";
	270	}
	271	}
	272
	273	$sql = "select supplier_id from " . $ecs->table('supplier') . " where user_id='$user_id' ";
	274	$supplier_id = $db->getOne($sql);
	275
	276	if($supplier_id)
	277	{
	278	$mes = '供货商申请修改成功，已经重新进入审核流程，请留意审核结果！';
	279	$sql = "update " . $ecs->table('supplier') . " set supplier_name='$supplier_name', rank_id='$rank_id', company_name='$company_name', " . "country='$country', province='$province', city='$city', district='$district', address='$address', tel='$tel', guimo='$guimo', email='$email', " . "company_type='$company_type', bank='$bank', " . $sql_img . " contact='$contact', contact_back='$contact_back', contact_shop='$contact_shop', contact_yunying='$contact_yunying', contact_shouhou='$contact_shouhou', contact_caiwu='$contact_caiwu', contact_jishu='$contact_jishu'," . "status='0' " . " where supplier_id='$supplier_id' ";
	280	}
	281	else
	282	{
	283	$mes = '供货商申请提交成功，已经进入审核流程，请留意审核结果！';
	284	$sql = "insert into " . $ecs->table('supplier') . "(user_id, supplier_name, rank_id, company_name, country, province, city, district, address, tel, guimo, email," . "company_type, bank, zhizhao, id_card, contact, contact_back, contact_shop, contact_yunying, contact_shouhou, contact_caiwu, contact_jishu, add_time) " . " values('$user_id', '$supplier_name', '$rank_id', '$company_name', '$country', '$province', '$city', '$district', '$address', '$tel', '$guimo', '$email', " . "'$company_type', '$bank', '$zhizhao_img', '$id_card_img', '$contact', '$contact_back', '$contact_shop', '$contact_yunying', '$contact_shouhou', '$contact_caiwu', '$contact_jishu', '$add_time')";
	285	}
	286	$db->query($sql);
	287	show_message($mes, '返回上一页', 'user.php?act=supplier_reg', 'info');
	288	}
	289
	290	function action_act_supplier_del ()
	291	{
	292
	293	// 获取全局变量
	294	$_LANG = $GLOBALS['_LANG'];
	295	$smarty = $GLOBALS['smarty'];
	296	$db = $GLOBALS['db'];
	297	$ecs = $GLOBALS['ecs'];
	298	$user_id = $_SESSION['user_id'];
	299
	300	$userid = isset($_POST['user_id']) ? intval($_POST['user_id']) : 0;
	301	$supid = isset($_POST['supid']) ? intval($_POST['supid']) : 0;
	302	if(empty($userid) \|\| empty($supid))
	303	{
	304	show_message('请刷新页面，重新操作！', '返回上一页', 'user.php?act=supplier_reg', 'wrong');
	305	}
	306	if($userid != $user_id)
	307	{
	308	show_message('你没权限删除此申请！', '返回首页', '', 'wrong');
	309	}
	310	$sql = "select supplier_id from " . $ecs->table('supplier') . " where user_id='$user_id'";
	311	$supplier_id = $db->getOne($sql);
	312	if($supid != $supplier_id)
	313	{
	314	show_message('你没权限删除此申请！', '返回首页', '', 'wrong');
	315	}
	316	$sql = "delete from " . $ecs->table('supplier') . " where supplier_id=" . $supplier_id;
	317	$db->query($sql);
	318	show_message('操作成功！', '返回上一页', 'user.php', 'info');
	319	}
	320
	321	// 用户中心欢迎页
	322	function action_default ()
	323	{
	324
	325	// 获取全局变量
	326	/* 代码增加 By Start */
	327	$_CFG = $GLOBALS['_CFG'];
	328	/* 代码增加 By End */
	329	$_LANG = $GLOBALS['_LANG'];
	330	$smarty = $GLOBALS['smarty'];
	331	$db = $GLOBALS['db'];
	332	$ecs = $GLOBALS['ecs'];
	333	$user_id = $_SESSION['user_id'];
	334	/* 代码注释 by _star 路由前已调用会员信息，去掉重复调用*/
	335	$rank = get_rank_info();
	336	/* include_once (ROOT_PATH . 'includes/lib_clips.php');
	337	if($rank = get_rank_info())
	338	{
	339	$smarty->assign('rank_name', $rank['rank_name']);
	340	if(! empty($rank['next_rank_name']))
	341	{
	342	$smarty->assign('next_rank_name', sprintf($_LANG['next_level'], $rank['next_rank'], $rank['next_rank_name']));
	343	}
	344	} */
	345	/* 代码注释 by _end */
	346
	347	/* 代码增加2014-12-23 by _star */
	348	$min_time = gmtime() - 86400 * $_CFG['comment_youxiaoqi'];
	349	$num_comment = $db->getOne("SELECT COUNT(*) AS num FROM " . $ecs->table('order_goods') . " AS og
	350	LEFT JOIN " . $ecs->table('order_info') . " AS o ON og.order_id=o.order_id
	351	WHERE o.user_id = '$user_id' AND og.is_back = 0 AND og.comment_state = 0 AND o.shipping_time_end > $min_time");
	352	$smarty->assign('num_comment', $num_comment);
	353	$smarty->assign('is_identity', $_CFG['identity']);
	354	/* 代码增加2014-12-23 by _end */
	355	/* 代码增加--cb--推荐分成-- by _star */
	356	$rn = $rank['rank_name'];
	357	$recomm = $db->getOne("SELECT is_recomm FROM " . $GLOBALS['ecs']->table('user_rank') . " WHERE rank_name= '$rn'");
	358
	359	$smarty->assign('recomm', $recomm); // 获取当前用户是否是分成用户判断是否显示我的推荐
	360	/* 代码增加--cb--推荐分成-- by _end */
	361
	362	$smarty->assign('info', get_user_default($user_id)); // 获取用户中心默认页面所需的数据
	363	$smarty->assign('gouwuche', get_user_gouwuche($user_id)); // 获取当前用户购物车里面的数据
	364	$smarty->assign('jifen', get_user_jifen()); // 获取当前积分商城里面的数据
	365	$smarty->assign('collection', get_user_collection($user_id)); // 获取用户收藏的商品
	366	$smarty->assign('guanzhu', get_user_guanzhu($user_id)); // 获取用户关注的店铺
	367	$smarty->assign('mai', get_user_mai($user_id)); // 获取用户购买过的商品
	368	$smarty->assign('reminding', get_user_reminding($user_id)); // 获取当前用户的交易记录
	369	$smarty->assign('shu', get_user_shu($user_id)); // 获取当前用户的交易记录
	370	// print_r(get_user_reminding($user_id));
	371	/* 代码修改 By Start */
	372	// $smarty->assign('user_notice', $_CFG['user_notice']);
	373	$user_notice = $db->getOne(
	374	'SELECT value FROM ' . $ecs->table('shop_config') . " WHERE code = 'user_notice'"
	375	);
	376	$smarty->assign('user_notice', $user_notice);
	377	/* 代码修改 By End */
	378
	379	$smarty->assign('prompt', get_user_prompt($user_id)); // 获取用户参与活动信息
	380	$smarty->display('user_clips.dwt');
	381	}
	382
	383	function action_getverifycode ()
	384	{
	385
	386	// 获取全局变量
	387	$_CFG = $GLOBALS['_CFG'];
	388	$_LANG = $GLOBALS['_LANG'];
	389	$smarty = $GLOBALS['smarty'];
	390	$db = $GLOBALS['db'];
	391	$ecs = $GLOBALS['ecs'];
	392	$user_id = $_SESSION['user_id'];
	393
	394	require (dirname(__FILE__) . '/send.php');
	395	$phone = trim($_GET['mobile']);
	396	$u_name = trim($_GET['u_name']);
	397
	398	/* 获取验证码请求是否获取过 */
	399	$sql = "SELECT COUNT(id) FROM " . $ecs->table('verifycode') . " WHERE status=1 AND getip='" . real_ip() . "' AND dateline>'" . gmtime() . "'-" . "60";
	400
	401	if($db->getOne($sql) > 0)
	402	{
	403	echo 'false';
	404	}
	405
	406	$sql = "select count(*) from " . $GLOBALS['ecs']->table('users') . " where user_name = '$u_name' and mobile_phone = '$phone'";
	407	$count = $GLOBALS['db']->getOne($sql);
	408	if($count == 0)
	409	{
	410	echo 'false';
	411	}
	412
	413	$shuzi = "0123456789";
	414	$verifycode = mc_random(6, $shuzi);
	415
	416	$content = '您的验证码为' . $verifycode . '';
	417	/* 发送注册手机短信验证 */
	418	$ret = sendSMS($phone, $content);
	419
	420	$db->query("delete from " . $ecs->table('verifycode') . " where mobile='$phone'");
	421
	422	// 插入获取验证码数据记录
	423	$sql = "INSERT INTO " . $ecs->table('verifycode') . "(mobile, getip, verifycode, dateline) VALUES ('" . $phone . "', '" . real_ip() . "', '$verifycode', '" . gmtime() . "')";
	424	$db->query($sql);
	425
	426	echo 'ok';
	427	/* 代码增加2014-12-23 by _end */
	428	}
	429	// 第三方登录接口
	430	function action_oath ()
	431	{
	432
	433	// 获取全局变量
	434	$_CFG = $GLOBALS['_CFG'];
	435	$_LANG = $GLOBALS['_LANG'];
	436	$smarty = $GLOBALS['smarty'];
	437	$db = $GLOBALS['db'];
	438	$ecs = $GLOBALS['ecs'];
	439	$user_id = $_SESSION['user_id'];
	440
	441	$type = empty($_REQUEST['type']) ? '' : $_REQUEST['type'];
	442
	443	if($type == "taobao")
	444	{
	445	header("location:includes/website/tb_index.php");
	446	exit();
	447	}
	448
	449	include_once (ROOT_PATH . 'includes/website/jntoo.php');
	450
	451	$c = &website($type);
	452
	453	if($c)
	454	{
	455	if(empty($_REQUEST['callblock']))
	456	{
	457	if(empty($_REQUEST['callblock']) && isset($GLOBALS['_SERVER']['HTTP_REFERER']))
	458	{
	459	$back_act = strpos($GLOBALS['_SERVER']['HTTP_REFERER'], 'user.php') ? 'index.php' : $GLOBALS['_SERVER']['HTTP_REFERER'];
	460	}
	461	else
	462	{
	463	$back_act = 'index.php';
	464	}
	465	}
	466	else
	467	{
	468	$back_act = trim($_REQUEST['callblock']);
	469	}
	470
	471	if($back_act[4] != ':')
	472	$back_act = $ecs->url() . $back_act;
	473	$open = empty($_REQUEST['open']) ? 0 : intval($_REQUEST['open']);
	474
	475	$url = $ecs->url() . 'user.php?act=oath_login&type=' . $type . '&callblock=' . urlencode($back_act) . '&open=' . $open;
	476
	477	$url = $c->login($url);
	478
	479	if(! $url)
	480	{
	481	show_message($c->get_error(), '首页', $ecs->url(), 'error');
	482	}
	483	header('Location: ' . $url);
	484	}
	485	else
	486	{
	487	show_message('服务器尚未注册该插件！', '首页', $ecs->url(), 'error');
	488	}
	489	}
	490
	491	// 处理第三方登录接口
	492	function action_oath_login ()
	493	{
	494
	495	// 获取全局变量
	496	$user = $GLOBALS['user'];
	497	$_CFG = $GLOBALS['_CFG'];
	498	$_LANG = $GLOBALS['_LANG'];
	499	$smarty = $GLOBALS['smarty'];
	500	$db = $GLOBALS['db'];
	501	$ecs = $GLOBALS['ecs'];
	502	$user_id = $_SESSION['user_id'];
	503
	504	$type = empty($_REQUEST['type']) ? '' : $_REQUEST['type'];
	505
	506	include_once (ROOT_PATH . 'includes/website/jntoo.php');
	507	$c = &website($type);
	508	if($c)
	509	{
	510	$access = $c->getAccessToken();
	511	if(! $access)
	512	{
	513	show_message($c->get_error(), '首页', $ecs->url(), 'error');
	514	}
	515	$c->setAccessToken($access);
	516	$info = $c->getMessage();
	517	if(! $info)
	518	{
	519	show_message($c->get_error(), '首页', $ecs->url(), 'error', false);
	520	}
	521	if(! $info['user_id'])
	522	show_message($c->get_error(), '首页', $ecs->url(), 'error', false);
	523
	524	$info_user_id = $type . '_' . $info['user_id']; // 加个标识！！！防止其他的标识一样 //
	525	// 以后的ID 标识将以这种形式辨认
	526	$info['name'] = str_replace("'", "", $info['name']); // 过滤掉逗号不然出错很难处理
	527	if(! $info['user_id'])
	528	show_message($c->get_error(), '首页', $ecs->url(), 'error', false);
	529
	530	$sql = 'SELECT user_name,password,aite_id FROM ' . $ecs->table('users') . ' WHERE aite_id = \'' . $info_user_id . '\' OR aite_id=\'' . $info['user_id'] . '\'';
	531
	532	$count = $db->getRow($sql);
	533	if(! $count) // 没有当前数据
	534	{
	535	if($user->check_user($info['name'])) // 重名处理
	536	{
	537	$info['name'] = $info['name'] . '_' . $type . (rand(10000, 99999));
	538	}
	539	$user_pass = $user->compile_password(array(
	540	'password' => $info['user_id']
	541	));
	542	$sql = 'INSERT INTO ' . $ecs->table('users') . '(user_name , password, aite_id , sex , reg_time , user_rank , is_validated) VALUES ' . "('$info[name]' , '$user_pass' , '$info_user_id' , '$info[sex]' , '" . gmtime() . "' , '$info[rank_id]' , '1')";
	543	$db->query($sql);
	544	}
	545	else
	546	{
	547	$sql = '';
	548	if($count['aite_id'] == $info['user_id'])
	549	{
	550	$sql = 'UPDATE ' . $ecs->table('users') . " SET aite_id = '$info_user_id' WHERE aite_id = '$count[aite_id]'";
	551	$db->query($sql);
	552	}
	553	if($info['name'] != $count['user_name']) // 这段可删除
	554	{
	555	if($user->check_user($info['name'])) // 重名处理
	556	{
	557	$info['name'] = $info['name'] . '_' . $type . (rand() * 1000);
	558	}
	559	$sql = 'UPDATE ' . $ecs->table('users') . " SET user_name = '$info[name]' WHERE aite_id = '$info_user_id'";
	560	$db->query($sql);
	561	}
	562	}
	563	$user->set_session($info['name']);
	564	$user->set_cookie($info['name']);
	565	update_user_info();
	566	recalculate_price();
	567
	568	if(! empty($_REQUEST['open']))
	569	{
	570	die('<script>window.opener.window.location.reload(); window.close();</script>');
	571	}
	572	else
	573	{
	574	ecs_header('Location: ' . $_REQUEST['callblock']);
	575	}
	576	}
	577	}
	578
	579	// 处理其它登录接口
	580	function action_other_login ()
	581	{
	582
	583	// 获取全局变量
	584	$user = $GLOBALS['user'];
	585	$_CFG = $GLOBALS['_CFG'];
	586	$_LANG = $GLOBALS['_LANG'];
	587	$smarty = $GLOBALS['smarty'];
	588	$db = $GLOBALS['db'];
	589	$ecs = $GLOBALS['ecs'];
	590	$user_id = $_SESSION['user_id'];
	591
	592	$type = empty($_REQUEST['type']) ? '' : $_REQUEST['type'];
	593	// session_start();
	594	$info = $_SESSION['user_info'];
	595
	596	if(empty($info))
	597	{
	598	show_message("非法访问或请求超时！", '首页', $ecs->url(), 'error', false);
	599	}
	600	if(! $info['user_id'])
	601	show_message("非法访问或访问出错，请联系管理员！", '首页', $ecs->url(), 'error', false);
	602
	603	$info_user_id = $type . '_' . $info['user_id']; // 加个标识！！！防止其他的标识一样 //
	604	// 以后的ID
	605	// 标识将以这种形式辨认
	606	$info['name'] = str_replace("'", "", $info['name']); // 过滤掉逗号不然出错很难处理
	607
	608	$sql = 'SELECT user_name,password,aite_id FROM ' . $ecs->table('users') . ' WHERE aite_id = \'' . $info_user_id . '\' OR aite_id=\'' . $info['user_id'] . '\'';
	609
	610	$count = $db->getRow($sql);
	611	$login_name = $info['name'];
	612	if(! $count) // 没有当前数据
	613	{
	614	if($user->check_user($info['name'])) // 重名处理
	615	{
	616	$info['name'] = $info['name'] . '_' . $type . (rand() * 1000);
	617	}
	618	$login_name = $info['name'];
	619	$user_pass = $user->compile_password(array(
	620	'password' => $info['user_id']
	621	));
	622	$sql = 'INSERT INTO ' . $ecs->table('users') . '(user_name , password, aite_id , sex , reg_time , user_rank , is_validated) VALUES ' . "('$info[name]' , '$user_pass' , '$info_user_id' , '$info[sex]' , '" . gmtime() . "' , '$info[rank_id]' , '1')";
	623	$db->query($sql);
	624	}
	625	else
	626	{
	627	$login_name = $count['user_name'];
	628	$sql = '';
	629	if($count['aite_id'] == $info['user_id'])
	630	{
	631	$sql = 'UPDATE ' . $ecs->table('users') . " SET aite_id = '$info_user_id' WHERE aite_id = '$count[aite_id]'";
	632	$db->query($sql);
	633	}
	634	}
	635
	636	$user->set_session($login_name);
	637	$user->set_cookie($login_name);
	638	update_user_info();
	639	recalculate_price();
	640
	641	$redirect_url = "http://" . $_SERVER["HTTP_HOST"] . str_replace("user.php", "index.php", $_SERVER["REQUEST_URI"]);
	642	header('Location: ' . $redirect_url);
	643	}
	644
	645	/* 验证用户注册邮件 */
	646	function action_validate_email ()
	647	{
	648
	649	// 获取全局变量
	650	$user = $GLOBALS['user'];
	651	$_CFG = $GLOBALS['_CFG'];
	652	$_LANG = $GLOBALS['_LANG'];
	653	$smarty = $GLOBALS['smarty'];
	654	$db = $GLOBALS['db'];
	655	$ecs = $GLOBALS['ecs'];
	656	$user_id = $_SESSION['user_id'];
	657
	658	$hash = empty($_GET['hash']) ? '' : trim($_GET['hash']);
	659	if($hash)
	660	{
	661	include_once (ROOT_PATH . 'includes/lib_passport.php');
	662	$id = register_hash('decode', $hash);
	663	if($id > 0)
	664	{
	665	$sql = "UPDATE " . $ecs->table('users') . " SET is_validated = 1 WHERE user_id='$id'";
	666	$db->query($sql);
	667	$sql = 'SELECT user_name, email FROM ' . $ecs->table('users') . " WHERE user_id = '$id'";
	668	$row = $db->getRow($sql);
	669	show_message(sprintf($_LANG['validate_ok'], $row['user_name'], $row['email']), $_LANG['profile_lnk'], 'user.php');
	670	}
	671	}
	672	show_message($_LANG['validate_fail']);
	673	}
	674
	675	/* 代码增加2014-12-23 by _star */
	676	function action_check_username ()
	677	{
	678	// 获取全局变量
	679	$user = $GLOBALS['user'];
	680	$_CFG = $GLOBALS['_CFG'];
	681	$_LANG = $GLOBALS['_LANG'];
	682	$smarty = $GLOBALS['smarty'];
	683	$db = $GLOBALS['db'];
	684	$ecs = $GLOBALS['ecs'];
	685	$user_id = $_SESSION['user_id'];
	686
	687	$username = trim($_GET['username']);
	688	$username = json_str_iconv($username);
	689	$sql = 'SELECT COUNT(*) FROM ' . $GLOBALS['ecs']->table('users') . " WHERE user_name = '$username' AND user_id <> '$_SESSION[user_id]'";
	690	$is_exist = $GLOBALS['db']->getOne($sql);
	691	echo $is_exist;
	692	// $sql = "select user_name from " . $GLOBALS['ecs']->table('users') . " where user_id = '" . $_SESSION['user_id'] . "'";
	693	// $u_name = $GLOBALS['db']->getOne($sql);
	694	// if($username == $u_name)
	695	// {
	696	// echo "true";
	697	// }
	698	// else
	699	// {
	700	// $sql = "select count(*) from " . $GLOBALS['ecs']->table('users') . " where user_name = '$username'";
	701	// $count = $GLOBALS['db']->getOne($sql);
	702	// if($count > 0)
	703	// {
	704	// echo "false";
	705	// }
	706	// else
	707	// {
	708	// echo "true";
	709	// }
	710	// }
	711	}
	712
	713	/* 代码增加2014-12-23 by _end */
	714	/* 验证用户注册用户名是否可以注册 */
	715	function action_is_registered ()
	716	{
	717
	718	// 获取全局变量
	719	$user = $GLOBALS['user'];
	720	$_CFG = $GLOBALS['_CFG'];
	721	$_LANG = $GLOBALS['_LANG'];
	722	$smarty = $GLOBALS['smarty'];
	723	$db = $GLOBALS['db'];
	724	$ecs = $GLOBALS['ecs'];
	725	$user_id = $_SESSION['user_id'];
	726
	727	include_once (ROOT_PATH . 'includes/lib_passport.php');
	728
	729	$username = trim($_GET['username']);
	730	$username = json_str_iconv($username);
	731
	732	if($user->check_user($username) \|\| admin_registered($username))
	733	{
	734	echo 'false';
	735	}
	736	else
	737	{
	738	echo 'true';
	739	}
	740	}
	741
	742	/**
	743	* 验证用户邮箱地址是否被注册
	744	* @return ok-可以注册 false-不可以注册
	745	*/
	746	function action_check_email ()
	747	{
	748	// 获取全局变量
	749	$user = $GLOBALS['user'];
	750	$_CFG = $GLOBALS['_CFG'];
	751	$_LANG = $GLOBALS['_LANG'];
	752	$smarty = $GLOBALS['smarty'];
	753	$db = $GLOBALS['db'];
	754	$ecs = $GLOBALS['ecs'];
	755	$user_id = $_SESSION['user_id'];
	756
	757	$email = trim($_REQUEST['email']);
	758	if($user->check_email($email))
	759	{
	760	echo 'false';
	761	}
	762	else
	763	{
	764	echo 'ok';
	765	}
	766	}
	767
	768	/* 验证用户输入的邮箱验证码是否正确 */
	769	function action_check_email_code ()
	770	{
	771
	772	// 获取全局变量
	773	$user = $GLOBALS['user'];
	774	$_CFG = $GLOBALS['_CFG'];
	775	$_LANG = $GLOBALS['_LANG'];
	776	$smarty = $GLOBALS['smarty'];
	777	$db = $GLOBALS['db'];
	778	$ecs = $GLOBALS['ecs'];
	779	$user_id = $_SESSION['user_id'];
	780
	781	$email = trim($_REQUEST['email']);
	782	$email_code = trim($_REQUEST['email_code']);
	783
	784	if(time() - $_SESSION['email_code_time'] > 30 * 60)
	785	{
	786	unset($_SESSION['email_code']);
	787	exit(json_encode(array(
	788	'msg' => '验证码超过30分钟，请重新发送。'
	789	)));
	790	}
	791	else
	792	{
	793	if($email != $_SESSION['email'] or $email_code != $_SESSION['email_code'])
	794	{
	795	exit(json_encode(array(
	796	'msg' => '邮箱验证码输入错误。'
	797	)));
	798	}
	799	else
	800	{
	801	exit(json_encode(array(
	802	'code' => '2'
	803	)));
	804	}
	805	}
	806	}
	807
	808	/* 验证手机号码是否被注册 */
	809	function action_check_mobile_phone ()
	810	{
	811
	812	// 获取全局变量
	813	$user = $GLOBALS['user'];
	814	$_CFG = $GLOBALS['_CFG'];
	815	$_LANG = $GLOBALS['_LANG'];
	816	$smarty = $GLOBALS['smarty'];
	817	$db = $GLOBALS['db'];
	818	$ecs = $GLOBALS['ecs'];
	819	$user_id = $_SESSION['user_id'];
	820
	821	$mobile_phone = trim($_REQUEST['mobile_phone']);
	822	if($user->check_mobile_phone($mobile_phone))
	823	{
	824	echo 'false';
	825	}
	826	else
	827	{
	828	echo 'ok';
	829	}
	830	}
	831
	832	/* 用户登录界面 */
	833	function action_login ()
	834	{
	835
	836	// 获取全局变量
	837	$user = $GLOBALS['user'];
	838	$_CFG = $GLOBALS['_CFG'];
	839	$_LANG = $GLOBALS['_LANG'];
	840	$smarty = $GLOBALS['smarty'];
	841	$db = $GLOBALS['db'];
	842	$ecs = $GLOBALS['ecs'];
	843	$user_id = $_SESSION['user_id'];
	844	$back_act = $GLOBALS['back_act'];
	845
	846	if(empty($back_act))
	847	{
	848	if(empty($back_act) && isset($GLOBALS['_SERVER']['HTTP_REFERER']))
	849	{
	850	$http_referer = $GLOBALS['_SERVER']['HTTP_REFERER'];
	851
	852	// 如果来自找回密码页面则跳转到首页
	853	if(strpos($http_referer, 'findPwd.php') != false)
	854	{
	855	$http_referer = './index.php';
	856	}
	857
	858	$back_act = strpos($GLOBALS['_SERVER']['HTTP_REFERER'], 'user.php') ? './index.php' : $http_referer;
	859	}
	860	else
	861	{
	862	$back_act = 'user.php';
	863	}
	864	}
	865
	866	$captcha = intval($_CFG['captcha']);
	867	if(($captcha & CAPTCHA_LOGIN) && (! ($captcha & CAPTCHA_LOGIN_FAIL) \|\| (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0)
	868	{
	869	$GLOBALS['smarty']->assign('enabled_captcha', 1);
	870	$GLOBALS['smarty']->assign('rand', mt_rand());
	871	}
	872
	873	$smarty->assign('back_act', $back_act);
	874	$smarty->display('user_passport.dwt');
	875	}
	876
	877	// 代码增加-- --侧边栏登录判断登录是否开启验证码
	878	function action_login_check_yzm ()
	879	{
	880
	881	// 获取全局变量
	882	$user = $GLOBALS['user'];
	883	$_CFG = $GLOBALS['_CFG'];
	884	$_LANG = $GLOBALS['_LANG'];
	885	$smarty = $GLOBALS['smarty'];
	886	$db = $GLOBALS['db'];
	887	$ecs = $GLOBALS['ecs'];
	888	$user_id = $_SESSION['user_id'];
	889
	890	include_once (ROOT_PATH . 'includes/cls_json.php');
	891	$json = new JSON();
	892	$result = array(
	893	'error' => 0, 'message' => '', 'islogin' => ''
	894	);
	895	$captcha = intval($_CFG['captcha']);
	896	if(empty($back_act))
	897	{
	898	if(empty($back_act) && isset($GLOBALS['_SERVER']['HTTP_REFERER']))
	899	{
	900	$back_act = strpos($GLOBALS['_SERVER']['HTTP_REFERER'], 'user.php') ? './index.php' : $GLOBALS['_SERVER']['HTTP_REFERER'];
	901	}
	902	else
	903	{
	904	$back_act = 'user.php';
	905	}
	906	}
	907	if(! $_SESSION['user_id'])
	908	{
	909	$result['islogin'] = 1;
	910	if(($captcha & CAPTCHA_LOGIN) && (! ($captcha & CAPTCHA_LOGIN_FAIL) \|\| (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0)
	911	{
	912	$result['error'] = 1;
	913	$result['message'] = $back_act;
	914	die($json->encode($result));
	915	}
	916	else
	917	{
	918	$result['error'] = 0;
	919	$result['message'] = $back_act;
	920	die($json->encode($result));
	921	}
	922	}
	923	else
	924	{
	925	$result['islogin'] = 0;
	926	die($json->encode($result));
	927	}
	928	}
	929	// 代码增加-- --侧边栏登录判断登录是否开启验证码
	930
	931	/* 处理会员的登录 */
	932	function action_act_login ()
	933	{
	934	//AXAJ 登陆修改
	935	include_once ('includes/cls_json.php');
	936	$json = new JSON();
	937
	938
	939	$result = array(
	940	'error' => 0, 'message' => '', 'url' => ''
	941	);
	942	//AXAJ 登陆修改
	943	// 获取全局变量
	944	$user = $GLOBALS['user'];
	945	$_CFG = $GLOBALS['_CFG'];
	946	$_LANG = $GLOBALS['_LANG'];
	947	$smarty = $GLOBALS['smarty'];
	948	$db = $GLOBALS['db'];
	949	$ecs = $GLOBALS['ecs'];
	950	$user_id = $_SESSION['user_id'];
	951
	952	$username = isset($_POST['username']) ? trim($_POST['username']) : '';
	953	$password = isset($_POST['password']) ? trim($_POST['password']) : '';
	954	$back_act = isset($_POST['back_act']) ? trim($_POST['back_act']) : '';
	955
	956	$captcha = intval($_CFG['captcha']);
	957	if(($captcha & CAPTCHA_LOGIN) && (! ($captcha & CAPTCHA_LOGIN_FAIL) \|\| (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0)
	958	{
	959	if(empty($_POST['captcha']))
	960	{
	961	$result['error'] = 1;
	962	$result['message'] ='验证码为空！';
	963	die($json->encode($result));
	964	//show_message($_LANG['invalid_captcha'], $_LANG['relogin_lnk'], 'user.php', 'error');
	965
	966	}
	967
	968	/* 检查验证码 */
	969	include_once ('includes/cls_captcha.php');
	970
	971	$validator = new captcha();
	972	$validator->session_word = 'captcha_login';
	973	if(! $validator->check_word($_POST['captcha']))
	974	{
	975	$result['error'] = 1;
	976	$result['message'] = $_LANG['invalid_captcha'];
	977
	978	die($json->encode($result));
	979	//show_message($_LANG['invalid_captcha'], $_LANG['relogin_lnk'], 'user.php', 'error');
	980	}
	981	}
	982	/* 代码增加2014-12-23 by _star */
	983	if(is_email($username))
	984	{
	985	$sql = "select user_name from " . $ecs->table('users') . " where email='" . $username . "'";
	986	$username_e = $db->getOne($sql);
	987	if($username_e)
	988	$username = $username_e;
	989	}
	990	if(is_telephone($username))
	991	{
	992	$sql = "select user_name from " . $ecs->table('users') . " where mobile_phone='" . $username . "'";
	993	$username_res = $db->query($sql);
	994	$kkk = 0;
	995	while($username_row = $db->fetchRow($username_res))
	996	{
	997	$username_e = $username_row['user_name'];
	998	$kkk = $kkk + 1;
	999	}
	1000	if($kkk > 1)
	1001	{
	1002	$result['error'] = 1;
	1003	$result['message'] = '本网站有多个会员ID绑定了和您相同的手机号，请使用其他登录方式，如：邮箱或用户名。';
	1004	die($json->encode($result));
	1005	//show_message('本网站有多个会员ID绑定了和您相同的手机号，请使用其他登录方式，如：邮箱或用户名。', $_LANG['relogin_lnk'], 'user.php', 'error');
	1006	}
	1007	if($username_e)
	1008	{
	1009	$username = $username_e;
	1010	}
	1011	}
	1012	/* 代码增加2014-12-23 by _end */
	1013	if($user->login($username, $password, isset($_POST['remember'])))
	1014	{
	1015	update_user_info();
	1016	recalculate_price();
	1017
	1018	if(strpos($back_act, 'findPwd.php') != false \|\| strpos($back_act, 'register.php') != false){
	1019	$back_act = 'index.php';
	1020	}
	1021
	1022	$ucdata = isset($user->ucdata) ? $user->ucdata : '';
	1023	$result['error'] = 0;
	1024	$result['message'] = '';
	1025	$result['url'] = $back_act;
	1026	die($json->encode($result));
	1027	//show_message($_LANG['login_success'] . $ucdata, array(
	1028	// $_LANG['back_up_page'], $_LANG['profile_lnk']
	1029	// ), array(
	1030	// $back_act, 'user.php'
	1031	// ), 'info');
	1032	}
	1033	else
	1034	{
	1035	$_SESSION['login_fail'];
	1036	$result['error'] = 1;
	1037	$result['message'] = $_LANG['login_failure'];
	1038	die($json->encode($result));
	1039	//show_message($_LANG['login_failure'], $_LANG['relogin_lnk'], 'user.php', 'error');
	1040	}
	1041	die($json->encode($result));
	1042	}
	1043
	1044	/* 代码增加2014-12-23 by _star */
	1045	function action_ch_email ()
	1046	{
	1047
	1048	// 获取全局变量
	1049	$user = $GLOBALS['user'];
	1050	$_CFG = $GLOBALS['_CFG'];
	1051	$_LANG = $GLOBALS['_LANG'];
	1052	$smarty = $GLOBALS['smarty'];
	1053	$db = $GLOBALS['db'];
	1054	$ecs = $GLOBALS['ecs'];
	1055	$user_id = $_SESSION['user_id'];
	1056
	1057	include_once ('includes/cls_json.php');
	1058	$json = new JSON();
	1059
	1060	$email = trim($_GET['email']);
	1061
	1062	$result = array(
	1063	'error' => 0, 'message' => ''
	1064	);
	1065	$sql = "select count(*) from " . $GLOBALS['ecs']->table('users') . " where email = '$email'";
	1066	$num = $GLOBALS['db']->getOne($sql);
	1067	if($num > 0)
	1068	{
	1069	$result['error'] = 1;
	1070	$result['message'] = '该邮箱已被使用，请更换其他邮箱！';
	1071	}
	1072	else
	1073	{
	1074	$tpl = get_mail_template('ch_email');
	1075	$run = "0123456789abcdefghijklmnopqrstuvwxyz";
	1076	$hash = mc_random(16, $run);
	1077	$v_email = $GLOBALS['ecs']->url() . 'user.php?act=ck_email&hash=' . $hash;
	1078
	1079	$smarty->assign('shop_name', $_CFG['shop_name']);
	1080	$smarty->assign('send_date', date($_CFG['time_format']));
	1081	$smarty->assign('user_name', '客户');
	1082	$smarty->assign('email', $v_email);
	1083	$content = $smarty->fetch('str:' . $tpl['template_content']);
	1084	$res = send_mail($_CFG['shop_name'], $email, $tpl['template_subject'], $content, $tpl['is_html']);
	1085	if($res == true)
	1086	{
	1087	$add_time = time();
	1088	$sql = "insert into " . $GLOBALS['ecs']->table('email') . "(`email`,`hash`,`add_time`,`user_id`) values('$email','$hash','$add_time',0)";
	1089	$GLOBALS['db']->query($sql);
	1090	$result['error'] = 0;
	1091	$result['message'] = '邮件已发送至邮箱内，请注意查收！';
	1092	}
	1093	else
	1094	{
	1095	$result['error'] = 2;
	1096	$result['message'] = '邮件发送失败！';
	1097	}
	1098	}
	1099	die($json->encode($result));
	1100	}
	1101
	1102	function action_ck_email ()
	1103	{
	1104
	1105	// 获取全局变量
	1106	$user = $GLOBALS['user'];
	1107	$_CFG = $GLOBALS['_CFG'];
	1108	$_LANG = $GLOBALS['_LANG'];
	1109	$smarty = $GLOBALS['smarty'];
	1110	$db = $GLOBALS['db'];
	1111	$ecs = $GLOBALS['ecs'];
	1112	$user_id = $_SESSION['user_id'];
	1113
	1114	$hash = empty($_REQUEST['hash']) ? '' : trim($_REQUEST['hash']);
	1115	$sql = "select * from " . $GLOBALS['ecs']->table('email') . " where hash = '$hash'";
	1116	$row = $GLOBALS['db']->getRow($sql);
	1117	$now_time = time();
	1118	if($now_time - $row['add_time'] > 24 * 60 * 60)
	1119	{
	1120	$sql = "delete from " . $GLOBALS['ecs']->table('email') . " where hash = '$hash'";
	1121	$GLOBALS['db']->query($sql);
	1122	show_message('验证邮件已发送超过24小时，请重新验证！');
	1123	}
	1124	else
	1125	{
	1126	$sql = "select count(*) from " . $GLOBALS['ecs']->table('email') . " where hash = '$hash'";
	1127	$count = $GLOBALS['db']->getOne($sql);
	1128	if($count > 0)
	1129	{
	1130	$_SESSION['tag'] = 1;
	1131	$sql = "delete from " . $GLOBALS['ecs']->table('email') . " where hash = '$hash'";
	1132	$GLOBALS['db']->query($sql);
	1133	show_message('验证成功，请继续注册！');
	1134	}
	1135	}
	1136	}
	1137
	1138	/* 代码增加2014-12-23 by _end */
	1139	/* 处理 ajax 的登录请求 */
	1140	function action_signin ()
	1141	{
	1142
	1143	// 获取全局变量
	1144	$user = $GLOBALS['user'];
	1145	$_CFG = $GLOBALS['_CFG'];
	1146	$_LANG = $GLOBALS['_LANG'];
	1147	$smarty = $GLOBALS['smarty'];
	1148	$db = $GLOBALS['db'];
	1149	$ecs = $GLOBALS['ecs'];
	1150	$user_id = $_SESSION['user_id'];
	1151
	1152	include_once ('includes/cls_json.php');
	1153	$json = new JSON();
	1154
	1155	$username = ! empty($_POST['username']) ? json_str_iconv(trim($_POST['username'])) : '';
	1156	$password = ! empty($_POST['password']) ? trim($_POST['password']) : '';
	1157	$captcha = ! empty($_POST['captcha']) ? json_str_iconv(trim($_POST['captcha'])) : '';
	1158	$result = array(
	1159	'error' => 0, 'content' => ''
	1160	);
	1161
	1162	$captcha = intval($_CFG['captcha']);
	1163	if(($captcha & CAPTCHA_LOGIN) && (! ($captcha & CAPTCHA_LOGIN_FAIL) \|\| (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0)
	1164	{
	1165	if(empty($captcha))
	1166	{
	1167	$result['error'] = 1;
	1168	$result['content'] = $_LANG['invalid_captcha'];
	1169	die($json->encode($result));
	1170	}
	1171
	1172	/* 检查验证码 */
	1173	include_once ('includes/cls_captcha.php');
	1174
	1175	$validator = new captcha();
	1176	$validator->session_word = 'captcha_login';
	1177	if(! $validator->check_word($_POST['captcha']))
	1178	{
	1179
	1180	$result['error'] = 1;
	1181	$result['content'] = $_LANG['invalid_captcha'];
	1182	die($json->encode($result));
	1183	}
	1184	}
	1185
	1186	if($user->login($username, $password))
	1187	{
	1188	update_user_info(); // 更新用户信息
	1189	recalculate_price(); // 重新计算购物车中的商品价格
	1190	$smarty->assign('user_info', get_user_info());
	1191	$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
	1192	$result['ucdata'] = $ucdata;
	1193	$result['content'] = $smarty->fetch('library/member_info.lbi');
	1194	}
	1195	else
	1196	{
	1197	$_SESSION['login_fail'] ++;
	1198	if($_SESSION['login_fail'] > 2)
	1199	{
	1200	$smarty->assign('enabled_captcha', 1);
	1201	$result['html'] = $smarty->fetch('library/member_info.lbi');
	1202	}
	1203	$result['error'] = 1;
	1204	$result['content'] = $_LANG['login_failure'];
	1205	}
	1206	die($json->encode($result));
	1207	}
	1208
	1209	/* 退出会员中心 */
	1210	function action_logout ()
	1211	{
	1212
	1213	// 获取全局变量
	1214	$user = $GLOBALS['user'];
	1215	$_CFG = $GLOBALS['_CFG'];
	1216	$_LANG = $GLOBALS['_LANG'];
	1217	$smarty = $GLOBALS['smarty'];
	1218	$db = $GLOBALS['db'];
	1219	$ecs = $GLOBALS['ecs'];
	1220	$user_id = $_SESSION['user_id'];
	1221
	1222	if((! isset($back_act) \|\| empty($back_act)) && isset($GLOBALS['_SERVER']['HTTP_REFERER']))
	1223	{
	1224	$back_act = strpos($GLOBALS['_SERVER']['HTTP_REFERER'], 'user.php') ? './index.php' : $GLOBALS['_SERVER']['HTTP_REFERER'];
	1225	}
	1226
	1227	$user->logout();
	1228	$ucdata = empty($user->ucdata) ? "" : $user->ucdata;
	1229	show_message($_LANG['logout'] . $ucdata, array(
	1230	$_LANG['back_up_page'], $_LANG['back_home_lnk']
	1231	), array(
	1232	$back_act, 'index.php'
	1233	), 'info');
	1234	}
	1235
	1236	/* 个人资料页面 */
	1237	function action_profile ()
	1238	{
	1239
	1240	// 获取全局变量
	1241	$user = $GLOBALS['user'];
	1242	$_CFG = $GLOBALS['_CFG'];
	1243	$_LANG = $GLOBALS['_LANG'];
	1244	$smarty = $GLOBALS['smarty'];
	1245	$db = $GLOBALS['db'];
	1246	$ecs = $GLOBALS['ecs'];
	1247	$user_id = $_SESSION['user_id'];
	1248	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	1249	/* 代码增加2014-12-23 by _star */
	1250	include_once (ROOT_PATH . 'languages/' . $_CFG['lang'] . '/shopping_flow.php');
	1251	$smarty->assign('lang', $_LANG);
	1252
	1253	$smarty->assign('country_list', get_regions());
	1254	/* 代码增加2014-12-23 by _end */
	1255	$user_info = get_profile($user_id);
	1256	/* 代码增加2014-12-23 by _star */
	1257	$province_list = get_regions(1, $user_info['country']);
	1258	$city_list = get_regions(2, $user_info['province']);
	1259	$district_list = get_regions(3, $user_info['city']);
	1260
	1261	$smarty->assign('province_list', $province_list);
	1262	$smarty->assign('city_list', $city_list);
	1263	$smarty->assign('district_list', $district_list);
	1264	/* 代码增加2014-12-23 by _end */
	1265	$user_info = get_profile($user_id);
	1266
	1267	/* 取出注册扩展字段 */
	1268	$sql = 'SELECT * FROM ' . $ecs->table('reg_fields') . ' WHERE type < 2 AND display = 1 ORDER BY dis_order, id';
	1269	$extend_info_list = $db->getAll($sql);
	1270
	1271	$sql = 'SELECT reg_field_id, content ' . 'FROM ' . $ecs->table('reg_extend_info') . " WHERE user_id = $user_id";
	1272	$extend_info_arr = $db->getAll($sql);
	1273
	1274	$temp_arr = array();
	1275	foreach($extend_info_arr as $val)
	1276	{
	1277	$temp_arr[$val['reg_field_id']] = $val['content'];
	1278	}
	1279
	1280	foreach($extend_info_list as $key => $val)
	1281	{
	1282	switch($val['id'])
	1283	{
	1284	case 1:
	1285	$extend_info_list[$key]['content'] = $user_info['msn'];
	1286	break;
	1287	case 2:
	1288	$extend_info_list[$key]['content'] = $user_info['qq'];
	1289	break;
	1290	case 3:
	1291	$extend_info_list[$key]['content'] = $user_info['office_phone'];
	1292	break;
	1293	case 4:
	1294	$extend_info_list[$key]['content'] = $user_info['home_phone'];
	1295	break;
	1296	case 5:
	1297	$extend_info_list[$key]['content'] = $user_info['mobile_phone'];
	1298	break;
	1299	default:
	1300	$extend_info_list[$key]['content'] = empty($temp_arr[$val['id']]) ? '' : $temp_arr[$val['id']];
	1301	}
	1302	}
	1303
	1304	$smarty->assign('extend_info_list', $extend_info_list);
	1305
	1306	/* 密码提示问题 */
	1307	$smarty->assign('passwd_questions', $_LANG['passwd_questions']);
	1308
	1309	$smarty->assign('profile', $user_info);
	1310	$smarty->display('user_transaction.dwt');
	1311	}
	1312
	1313	/* 修改个人资料的处理 */
	1314	function action_act_edit_profile ()
	1315	{
	1316
	1317	// 获取全局变量
	1318	$user = $GLOBALS['user'];
	1319	$_CFG = $GLOBALS['_CFG'];
	1320	$_LANG = $GLOBALS['_LANG'];
	1321	$smarty = $GLOBALS['smarty'];
	1322	$db = $GLOBALS['db'];
	1323	$ecs = $GLOBALS['ecs'];
	1324	$user_id = $_SESSION['user_id'];
	1325
	1326	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	1327
	1328	$birthday = trim($_POST['birthdayYear']) . '-' . trim($_POST['birthdayMonth']) . '-' . trim($_POST['birthdayDay']);
	1329	$email = trim($_POST['email']);
	1330	$other['msn'] = $msn = isset($_POST['extend_field1']) ? trim($_POST['extend_field1']) : '';
	1331	$other['qq'] = $qq = isset($_POST['extend_field2']) ? trim($_POST['extend_field2']) : '';
	1332	$other['office_phone'] = $office_phone = isset($_POST['extend_field3']) ? trim($_POST['extend_field3']) : '';
	1333	$other['home_phone'] = $home_phone = isset($_POST['extend_field4']) ? trim($_POST['extend_field4']) : '';
	1334	// $other['mobile_phone'] = $mobile_phone = isset($_POST['extend_field5']) ?
	1335	// trim($_POST['extend_field5']) : '';
	1336	$sel_question = empty($_POST['sel_question']) ? '' : compile_str($_POST['sel_question']);
	1337	$passwd_answer = isset($_POST['passwd_answer']) ? compile_str(trim($_POST['passwd_answer'])) : '';
	1338	/* 代码增加2014-12-23 by _star */
	1339	$username = trim($_POST['username']);
	1340	/* 代码增加2014-12-23 by _end */
	1341
	1342	/* 更新用户扩展字段的数据 */
	1343	$sql = 'SELECT id FROM ' . $ecs->table('reg_fields') . ' WHERE type = 0 AND display = 1 ORDER BY dis_order, id'; // 读出所有扩展字段的id
	1344	$fields_arr = $db->getAll($sql);
	1345
	1346	foreach($fields_arr as $val) // 循环更新扩展用户信息
	1347	{
	1348	$extend_field_index = 'extend_field' . $val['id'];
	1349	if(isset($_POST[$extend_field_index]))
	1350	{
	1351	$temp_field_content = strlen($_POST[$extend_field_index]) > 100 ? mb_substr(htmlspecialchars($_POST[$extend_field_index]), 0, 99) : htmlspecialchars($_POST[$extend_field_index]);
	1352	$sql = 'SELECT * FROM ' . $ecs->table('reg_extend_info') . " WHERE reg_field_id = '$val[id]' AND user_id = '$user_id'";
	1353	if($db->getOne($sql)) // 如果之前没有记录，则插入
	1354	{
	1355	$sql = 'UPDATE ' . $ecs->table('reg_extend_info') . " SET content = '$temp_field_content' WHERE reg_field_id = '$val[id]' AND user_id = '$user_id'";
	1356	}
	1357	else
	1358	{
	1359	$sql = 'INSERT INTO ' . $ecs->table('reg_extend_info') . " (`user_id`, `reg_field_id`, `content`) VALUES ('$user_id', '$val[id]', '$temp_field_content')";
	1360	}
	1361	$db->query($sql);
	1362	}
	1363	}
	1364
	1365	/* 写入密码提示问题和答案 */
	1366	if(! empty($passwd_answer) && ! empty($sel_question))
	1367	{
	1368	$sql = 'UPDATE ' . $ecs->table('users') . " SET `passwd_question`='$sel_question', `passwd_answer`='$passwd_answer' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
	1369	$db->query($sql);
	1370	}
	1371	/* 代码增加2014-12-23 by _star */
	1372	$sql = "select user_name from " . $GLOBALS['ecs']->table('users') . " where user_id = '" . $_SESSION['user_id'] . "'";
	1373	$u_name = $GLOBALS['db']->getOne($sql);
	1374	if($username != $u_name)
	1375	{
	1376	$sql = "select count(*) from " . $GLOBALS['ecs']->table('users') . " where user_name = '$username'";
	1377	$count = $GLOBALS['db']->getOne($sql);
	1378	if($count > 0)
	1379	{
	1380	show_message('用户名已经存在！');
	1381	}
	1382	if(! empty($username) && preg_match("/[\x7f-\xff]/", $username))
	1383	{
	1384
	1385	show_message("用户名存在中文");
	1386	}
	1387	/* 代码增加 By Start */
	1388	else if (empty($username))
	1389	{
	1390	show_message("用户名为空");
	1391	}
	1392	else if (!preg_match("/^[a-zA-Z0-9_]{1,}$/", $username))
	1393	{
	1394	show_message("用户名只能由字母数字下划线组成");
	1395	}
	1396	/* 代码增加 By End */
	1397
	1398	}
	1399	/* 代码增加2014-12-23 by _end */
	1400	if(! empty($office_phone) && ! preg_match('/^[\d\|\_\|\-\|\s]+$/', $office_phone))
	1401	{
	1402	show_message($_LANG['passport_js']['office_phone_invalid']);
	1403	}
	1404	if(! empty($home_phone) && ! preg_match('/^[\d\|\_\|\-\|\s]+$/', $home_phone))
	1405	{
	1406	show_message($_LANG['passport_js']['home_phone_invalid']);
	1407	}
	1408	// if(! is_email($email))
	1409	// {
	1410	// show_message($_LANG['msg_email_format']);
	1411	// }
	1412	if(! empty($msn) && ! is_email($msn))
	1413	{
	1414	show_message($_LANG['passport_js']['msn_invalid']);
	1415	}
	1416	if(! empty($qq) && ! preg_match('/^\d+$/', $qq))
	1417	{
	1418	show_message($_LANG['passport_js']['qq_invalid']);
	1419	}
	1420	// if(! empty($mobile_phone) && ! preg_match('/^[\d-\s]+$/', $mobile_phone))
	1421	// {
	1422	// show_message($_LANG['passport_js']['mobile_phone_invalid']);
	1423	// }
	1424
	1425	$other['user_name'] = $username;
	1426	// $profile = array(
	1427	// 'user_id' => $user_id,'email' => isset($_POST['email']) ?
	1428	// trim($_POST['email']) : '','sex' => isset($_POST['sex']) ?
	1429	// intval($_POST['sex']) : 0,'birthday' => $birthday,'other' =>
	1430	// isset($other) ? $other : array()
	1431	// );
	1432	$profile = array(
	1433	'user_id' => $user_id, 'user_name' => $username, 'sex' => isset($_POST['sex']) ? intval($_POST['sex']) : 0, 'birthday' => $birthday, 'other' => isset($other) ? $other : array()
	1434	);
	1435
	1436	if(edit_profile($profile))
	1437	{
	1438	show_message($_LANG['edit_profile_success'], $_LANG['profile_lnk'], 'user.php?act=profile', 'info');
	1439	}
	1440	else
	1441	{
	1442	if($user->error == ERR_EMAIL_EXISTS)
	1443	{
	1444	$msg = sprintf($_LANG['email_exist'], $profile['email']);
	1445	}
	1446	else
	1447	{
	1448	$msg = $_LANG['edit_profile_failed'];
	1449	}
	1450	show_message($msg, '', '', 'info');
	1451	}
	1452	}
	1453
	1454	/* 修改头像 */
	1455	function action_act_edit_img ()
	1456	{
	1457
	1458	// 获取全局变量
	1459	$user = $GLOBALS['user'];
	1460	$_CFG = $GLOBALS['_CFG'];
	1461	$_LANG = $GLOBALS['_LANG'];
	1462	$smarty = $GLOBALS['smarty'];
	1463	$db = $GLOBALS['db'];
	1464	$ecs = $GLOBALS['ecs'];
	1465	$user_id = $_SESSION['user_id'];
	1466
	1467	if($_FILES['headimg']['size'] == 0)
	1468	{
	1469	show_message("您没有选择要修改的头像图片！", $_LANG['profile_lnk'], 'user.php?act=profile', 'info');
	1470	}
	1471
	1472	/* 代码增加_start By */
	1473	include_once (ROOT_PATH . '/includes/cls_image.php');
	1474	$image = new cls_image($_CFG['bgcolor']);
	1475	$headimg_original = $image->upload_image($_FILES['headimg'], 'headimg/' . date('Ym'));
	1476
	1477	$thumb_path = DATA_DIR . '/headimg/' . date('Ym') . '/';
	1478	$headimg_thumb = $image->make_thumb($headimg_original, '120', '120', $thumb_path);
	1479	$headimg_thumb = $headimg_thumb ? $headimg_thumb : $headimg_original;
	1480	$sql = 'UPDATE ' . $ecs->table('users') . " SET `headimg`='$headimg_thumb' WHERE `user_id`='" . $_SESSION['user_id'] . "'";
	1481	$db->query($sql);
	1482	$_SESSION['headimg'] = $headimg_thumb;
	1483	/* 代码增加_end By */
	1484	show_message($_LANG['edit_profile_success'], $_LANG['profile_lnk'], 'user.php?act=profile', 'info');
	1485	}
	1486
	1487	/* 代码增加2014-12-23 by _star */
	1488	function action_account_security ()
	1489	{
	1490
	1491	// 获取全局变量
	1492	$user = $GLOBALS['user'];
	1493	$_CFG = $GLOBALS['_CFG'];
	1494	$_LANG = $GLOBALS['_LANG'];
	1495	$smarty = $GLOBALS['smarty'];
	1496	$db = $GLOBALS['db'];
	1497	$ecs = $GLOBALS['ecs'];
	1498	$user_id = $_SESSION['user_id'];
	1499
	1500	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	1501
	1502	$user_info = get_profile($user_id);
	1503
	1504	$smarty->assign('info', $user_info);
	1505	$smarty->display('user_transaction.dwt');
	1506	}
	1507
	1508	function action_act_identity ()
	1509	{
	1510
	1511	// 获取全局变量
	1512	$user = $GLOBALS['user'];
	1513	$_CFG = $GLOBALS['_CFG'];
	1514	$_LANG = $GLOBALS['_LANG'];
	1515	$smarty = $GLOBALS['smarty'];
	1516	$db = $GLOBALS['db'];
	1517	$ecs = $GLOBALS['ecs'];
	1518	$user_id = $_SESSION['user_id'];
	1519
	1520	include_once (ROOT_PATH . '/includes/cls_image.php');
	1521	$image = new cls_image($_CFG['bgcolor']);
	1522	$real_name = $_POST['real_name'];
	1523	$card = $_POST['card'];
	1524	$country = $_POST['country'];
	1525	$province = $_POST['province'];
	1526	$city = $_POST['city'];
	1527	$district = $_POST['district'];
	1528	$address = $_POST['address'];
	1529	if(isset($_FILES['face_card']) && $_FILES['face_card']['tmp_name'] != '')
	1530	{
	1531	if($_FILES['face_card']['width'] > 800)
	1532	{
	1533	show_message('图片宽度不能超过800像素！');
	1534	}
	1535	if($_FILES['face_card']['height'] > 800)
	1536	{
	1537	show_message('图片高度不能超过800像素！');
	1538	}
	1539	$face_card = $image->upload_image($_FILES['face_card']);
	1540	if($face_card === false)
	1541	{
	1542	show_message($image->error_msg());
	1543	}
	1544	}
	1545	if(isset($_FILES['back_card']) && $_FILES['back_card']['tmp_name'] != '')
	1546	{
	1547	if($_FILES['back_card']['width'] > 800)
	1548	{
	1549	show_message('图片宽度不能超过800像素！');
	1550	}
	1551	if($_FILES['back_card']['height'] > 800)
	1552	{
	1553	show_message('图片高度不能超过800像素！');
	1554	}
	1555	$back_card = $image->upload_image($_FILES['back_card']);
	1556	if($back_card === false)
	1557	{
	1558	show_message($image->error_msg());
	1559	}
	1560	}
	1561
	1562	$sql = "select face_card,back_card from " . $GLOBALS['ecs']->table('users') . " where user_id = '" . $_SESSION['user_id'] . "'";
	1563	$rows = $GLOBALS['db']->getRow($sql);
	1564	if($rows['face_card'] == '')
	1565	{
	1566	if($face_card == '')
	1567	{
	1568	show_message('请上传身份证正面照！');
	1569	}
	1570	}
	1571
	1572	if($rows['back_card'] == '')
	1573	{
	1574	if($back_card == '')
	1575	{
	1576	show_message('请上传身份证背面照！');
	1577	}
	1578	}
	1579
	1580	$sql = 'update ' . $GLOBALS['ecs']->table('users') . " set real_name = '$real_name',card='$card',country='$country',province='$province',city='$city',district='$district',address='$address',status = '2'";
	1581	if($face_card != '')
	1582	{
	1583	$sql .= " ,face_card = '$face_card'";
	1584	}
	1585	if($back_card != '')
	1586	{
	1587	$sql .= " ,back_card = '$back_card'";
	1588	}
	1589	$sql .= " where user_id = '" . $_SESSION['user_id'] . "'";
	1590	$num = $GLOBALS['db']->query($sql);
	1591	if($num > 0)
	1592	{
	1593	show_message('您已申请实名认证，请等待管理员的审核！', '返回上一页', 'user.php?act=profile');
	1594	}
	1595	else
	1596	{
	1597	show_message('实名认证失败！', '返回上一页', 'user.php?act=profile');
	1598	}
	1599	}
	1600
	1601	function action_update_email ()
	1602	{
	1603
	1604	// 获取全局变量
	1605	$user = $GLOBALS['user'];
	1606	$_CFG = $GLOBALS['_CFG'];
	1607	$_LANG = $GLOBALS['_LANG'];
	1608	$smarty = $GLOBALS['smarty'];
	1609	$db = $GLOBALS['db'];
	1610	$ecs = $GLOBALS['ecs'];
	1611	$user_id = $_SESSION['user_id'];
	1612
	1613	$sql = "select email from " . $GLOBALS['ecs']->table('users') . " where user_id = '" . $_SESSION['user_id'] . "'";
	1614	$email = $GLOBALS['db']->getOne($sql);
	1615	$smarty->assign('email', $email);
	1616	$smarty->display('user_transaction.dwt');
	1617	}
	1618
	1619	function action_act_update_email ()
	1620	{
	1621
	1622	// 获取全局变量
	1623	$user = $GLOBALS['user'];
	1624	$_CFG = $GLOBALS['_CFG'];
	1625	$_LANG = $GLOBALS['_LANG'];
	1626	$smarty = $GLOBALS['smarty'];
	1627	$db = $GLOBALS['db'];
	1628	$ecs = $GLOBALS['ecs'];
	1629	$user_id = $_SESSION['user_id'];
	1630
	1631	include_once (ROOT_PATH . 'includes/lib_passport.php');
	1632	if(empty($_POST['v_captcha']))
	1633	{
	1634	show_message('验证码不能为空！', '返回', 'user.php?act=update_email', 'error');
	1635	}
	1636
	1637	/* 检查验证码 */
	1638	include_once ('includes/cls_captcha.php');
	1639
	1640	$validator = new captcha();
	1641	$validator->session_word = 'captcha_login';
	1642	if(! $validator->check_word($_POST['v_captcha']))
	1643	{
	1644	show_message($_LANG['invalid_captcha'], '返回', 'user.php?act=update_email', 'error');
	1645	}
	1646	else
	1647	{
	1648	$sql = "select email,user_name from " . $GLOBALS['ecs']->table('users') . " where user_id = '" . $_SESSION['user_id'] . "'";
	1649	$rows = $GLOBALS['db']->getRow($sql);
	1650	$tpl = get_mail_template('verify_mail');
	1651	$run = "0123456789abcdefghijklmnopqrstuvwxyz";
	1652	$hash = mc_random(16, $run);
	1653	$email = $GLOBALS['ecs']->url() . 'user.php?act=valid_email&hash=' . $hash;
	1654
	1655	$smarty->assign('shop_name', $_CFG['shop_name']);
	1656	$smarty->assign('send_date', date($_CFG['time_format']));
	1657	$smarty->assign('user_name', $rows['user_name']);
	1658	$smarty->assign('email', $email);
	1659	$smarty->assign('v_email', $rows['email']);
	1660	$content = $smarty->fetch('str:' . $tpl['template_content']);
	1661	$result = send_mail($_CFG['shop_name'], $rows['email'], $tpl['template_subject'], $content, $tpl['is_html']);
	1662	if($result == true)
	1663	{
	1664	$add_time = time();
	1665	$sql = "insert into " . $GLOBALS['ecs']->table('email') . "(`email`,`hash`,`add_time`,`user_id`) values('" . $rows['email'] . "','$hash','$add_time','" . $_SESSION['user_id'] . "')";
	1666	$GLOBALS['db']->query($sql);
	1667	$smarty->display('user_transaction.dwt');
	1668	}
	1669	else
	1670	{
	1671	show_message('邮件发送失败！');
	1672	}
	1673	}
	1674	}
	1675
	1676	function action_update_phone ()
	1677	{
	1678
	1679	// 获取全局变量
	1680	$user = $GLOBALS['user'];
	1681	$_CFG = $GLOBALS['_CFG'];
	1682	$_LANG = $GLOBALS['_LANG'];
	1683	$smarty = $GLOBALS['smarty'];
	1684	$db = $GLOBALS['db'];
	1685	$ecs = $GLOBALS['ecs'];
	1686	$user_id = $_SESSION['user_id'];
	1687
	1688	$sql = "select mobile_phone from " . $GLOBALS['ecs']->table('users') . " where user_id = '" . $_SESSION['user_id'] . "'";
	1689	$mobile_phone = $GLOBALS['db']->getOne($sql);
	1690	$smarty->assign('phone', $mobile_phone);
	1691	$smarty->display('user_transaction.dwt');
	1692	}
	1693
	1694	function action_act_update_phone ()
	1695	{
	1696
	1697	// 获取全局变量
	1698	$user = $GLOBALS['user'];
	1699	$_CFG = $GLOBALS['_CFG'];
	1700	$_LANG = $GLOBALS['_LANG'];
	1701	$smarty = $GLOBALS['smarty'];
	1702	$db = $GLOBALS['db'];
	1703	$ecs = $GLOBALS['ecs'];
	1704	$user_id = $_SESSION['user_id'];
	1705
	1706	$phone = isset($_POST['v_phone']) ? trim($_POST['v_phone']) : '';
	1707	$verifycode = isset($_POST['v_code']) ? trim($_POST['v_code']) : '';
	1708	if($phone == '')
	1709	{
	1710	show_message('手机号不能为空！');
	1711	}
	1712	else
	1713	{
	1714	if(is_telephone($phone))
	1715	{
	1716	if($verifycode == '')
	1717	{
	1718	show_message('手机验证码不能为空！');
	1719	}
	1720	else
	1721	{
	1722	/* 验证手机号验证码和IP */
	1723	$sql = "SELECT COUNT(id) FROM " . $ecs->table('verifycode') . " WHERE mobile='$phone' AND verifycode='$verifycode' AND getip='" . real_ip() . "' AND status=1 AND dateline>'" . gmtime() . "'-86400"; // 验证码一天内有效
	1724
	1725	if($db->getOne($sql) == 0)
	1726	{
	1727	show_message('手机号和验证码不匹配，请重新输入！');
	1728	}
	1729	else
	1730	{
	1731	ecs_header("Location: user.php?act=re_binding\n");
	1732	exit();
	1733	}
	1734	}
	1735	}
	1736	else
	1737	{
	1738	show_message('请输入正确的手机号！');
	1739	}
	1740	}
	1741	}
	1742
	1743	/* 密码找回-->输入用户名界面 */
	1744	function action_qpassword_name ()
	1745	{
	1746
	1747	// 获取全局变量
	1748	$user = $GLOBALS['user'];
	1749	$_CFG = $GLOBALS['_CFG'];
	1750	$_LANG = $GLOBALS['_LANG'];
	1751	$smarty = $GLOBALS['smarty'];
	1752	$db = $GLOBALS['db'];
	1753	$ecs = $GLOBALS['ecs'];
	1754	$user_id = $_SESSION['user_id'];
	1755
	1756	// 显示输入要找回密码的账号表单
	1757	$smarty->display('user_passport.dwt');
	1758	}
	1759
	1760	/* 密码找回-->根据注册用户名取得密码提示问题界面 */
	1761	function action_get_passwd_question ()
	1762	{
	1763
	1764	// 获取全局变量
	1765	$user = $GLOBALS['user'];
	1766	$_CFG = $GLOBALS['_CFG'];
	1767	$_LANG = $GLOBALS['_LANG'];
	1768	$smarty = $GLOBALS['smarty'];
	1769	$db = $GLOBALS['db'];
	1770	$ecs = $GLOBALS['ecs'];
	1771	$user_id = $_SESSION['user_id'];
	1772
	1773	if(empty($_POST['user_name']))
	1774	{
	1775	show_message($_LANG['no_passwd_question'], $_LANG['back_home_lnk'], './', 'info');
	1776	}
	1777	else
	1778	{
	1779	$user_name = trim($_POST['user_name']);
	1780	}
	1781
	1782	// 取出会员密码问题和答案
	1783	$sql = 'SELECT user_id, user_name, passwd_question, passwd_answer FROM ' . $ecs->table('users') . " WHERE user_name = '" . $user_name . "'";
	1784	$user_question_arr = $db->getRow($sql);
	1785
	1786	// 如果没有设置密码问题，给出错误提示
	1787	if(empty($user_question_arr['passwd_answer']))
	1788	{
	1789	show_message($_LANG['no_passwd_question'], $_LANG['back_home_lnk'], './', 'info');
	1790	}
	1791
	1792	$_SESSION['temp_user'] = $user_question_arr['user_id']; // 设置临时用户，不具有有效身份
	1793	$_SESSION['temp_user_name'] = $user_question_arr['user_name']; // 设置临时用户，不具有有效身份
	1794	$_SESSION['passwd_answer'] = $user_question_arr['passwd_answer']; // 存储密码问题答案，减少一次数据库访问
	1795
	1796	$captcha = intval($_CFG['captcha']);
	1797	if(($captcha & CAPTCHA_LOGIN) && (! ($captcha & CAPTCHA_LOGIN_FAIL) \|\| (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0)
	1798	{
	1799	$GLOBALS['smarty']->assign('enabled_captcha', 1);
	1800	$GLOBALS['smarty']->assign('rand', mt_rand());
	1801	}
	1802
	1803	$smarty->assign('passwd_question', $_LANG['passwd_questions'][$user_question_arr['passwd_question']]);
	1804	$smarty->display('user_passport.dwt');
	1805	}
	1806
	1807	/* 密码找回-->根据提交的密码答案进行相应处理 */
	1808	function action_check_answer ()
	1809	{
	1810
	1811	// 获取全局变量
	1812	$user = $GLOBALS['user'];
	1813	$_CFG = $GLOBALS['_CFG'];
	1814	$_LANG = $GLOBALS['_LANG'];
	1815	$smarty = $GLOBALS['smarty'];
	1816	$db = $GLOBALS['db'];
	1817	$ecs = $GLOBALS['ecs'];
	1818	$user_id = $_SESSION['user_id'];
	1819
	1820	$captcha = intval($_CFG['captcha']);
	1821	if(($captcha & CAPTCHA_LOGIN) && (! ($captcha & CAPTCHA_LOGIN_FAIL) \|\| (($captcha & CAPTCHA_LOGIN_FAIL) && $_SESSION['login_fail'] > 2)) && gd_version() > 0)
	1822	{
	1823	if(empty($_POST['captcha']))
	1824	{
	1825	show_message($_LANG['invalid_captcha'], $_LANG['back_retry_answer'], 'user.php?act=qpassword_name', 'error');
	1826	}
	1827
	1828	/* 检查验证码 */
	1829	include_once ('includes/cls_captcha.php');
	1830
	1831	$validator = new captcha();
	1832	$validator->session_word = 'captcha_login';
	1833	if(! $validator->check_word($_POST['captcha']))
	1834	{
	1835	show_message($_LANG['invalid_captcha'], $_LANG['back_retry_answer'], 'user.php?act=qpassword_name', 'error');
	1836	}
	1837	}
	1838
	1839	if(empty($_POST['passwd_answer']) \|\| $_POST['passwd_answer'] != $_SESSION['passwd_answer'])
	1840	{
	1841	show_message($_LANG['wrong_passwd_answer'], $_LANG['back_retry_answer'], 'user.php?act=qpassword_name', 'info');
	1842	}
	1843	else
	1844	{
	1845	$_SESSION['user_id'] = $_SESSION['temp_user'];
	1846	$_SESSION['user_name'] = $_SESSION['temp_user_name'];
	1847	unset($_SESSION['temp_user']);
	1848	unset($_SESSION['temp_user_name']);
	1849	$smarty->assign('uid', $_SESSION['user_id']);
	1850	$smarty->assign('action', 'reset_password');
	1851	$smarty->display('user_passport.dwt');
	1852	}
	1853	}
	1854
	1855	/* 发送密码修改确认邮件 */
	1856	function action_send_pwd_email ()
	1857	{
	1858
	1859	// 获取全局变量
	1860	$user = $GLOBALS['user'];
	1861	$_CFG = $GLOBALS['_CFG'];
	1862	$_LANG = $GLOBALS['_LANG'];
	1863	$smarty = $GLOBALS['smarty'];
	1864	$db = $GLOBALS['db'];
	1865	$ecs = $GLOBALS['ecs'];
	1866	$user_id = $_SESSION['user_id'];
	1867
	1868	include_once (ROOT_PATH . 'includes/lib_passport.php');
	1869
	1870	/* 初始化会员用户名和邮件地址 */
	1871	$user_name = ! empty($_POST['user_name']) ? trim($_POST['user_name']) : '';
	1872	$email = ! empty($_POST['email']) ? trim($_POST['email']) : '';
	1873
	1874	// 用户名和邮件地址是否匹配
	1875	$user_info = $user->get_user_info($user_name);
	1876
	1877	if($user_info && $user_info['email'] == $email)
	1878	{
	1879	// 生成code
	1880	// $code = md5($user_info[0] . $user_info[1]);
	1881
	1882	$code = md5($user_info['user_id'] . $_CFG['hash_code'] . $user_info['reg_time']);
	1883	// 发送邮件的函数
	1884	if(send_pwd_email($user_info['user_id'], $user_name, $email, $code))
	1885	{
	1886	show_message($_LANG['send_success'] . $email, $_LANG['back_home_lnk'], './', 'info');
	1887	}
	1888	else
	1889	{
	1890	// 发送邮件出错
	1891	show_message($_LANG['fail_send_password'], $_LANG['back_page_up'], './', 'info');
	1892	}
	1893	}
	1894	else
	1895	{
	1896	// 用户名与邮件地址不匹配
	1897	show_message($_LANG['username_no_email'], $_LANG['back_page_up'], '', 'info');
	1898	}
	1899	}
	1900
	1901	/* 修改会员密码 */
	1902	function action_act_edit_password ()
	1903	{
	1904
	1905	// 获取全局变量
	1906	$user = $GLOBALS['user'];
	1907	$_CFG = $GLOBALS['_CFG'];
	1908	$_LANG = $GLOBALS['_LANG'];
	1909	$smarty = $GLOBALS['smarty'];
	1910	$db = $GLOBALS['db'];
	1911	$ecs = $GLOBALS['ecs'];
	1912	$user_id = $_SESSION['user_id'];
	1913
	1914	include_once (ROOT_PATH . 'includes/lib_passport.php');
	1915
	1916	$old_password = isset($_POST['old_password']) ? trim($_POST['old_password']) : null;
	1917	$new_password = isset($_POST['new_password']) ? trim($_POST['new_password']) : '';
	1918	/* 代码添加_68_20150729_STAR */
	1919	$confirm_password = isset($_POST['confirm_password']) ? trim($_POST['confirm_password']) : '';
	1920	/* 代码添加_68_20150729_END */
	1921	$user_id = isset($_POST['uid']) ? intval($_POST['uid']) : $user_id;
	1922	$code = isset($_POST['code']) ? trim($_POST['code']) : '';
	1923
	1924	if(strlen($new_password) < 6)
	1925	{
	1926	show_message($_LANG['passport_js']['password_shorter']);
	1927	}
	1928	/* 代码添加_68_20150729_STAR */
	1929	if($new_password != $confirm_password)
	1930	{
	1931	show_message($_LANG['passport_js']['confirm_password_invalid']);
	1932	}
	1933	/* 代码添加_68_20150729_END */
	1934	$user_info = $user->get_profile_by_id($user_id); // 论坛记录
	1935
	1936	if(($user_info && (! empty($code) && md5($user_info['user_id'] . $_CFG['hash_code'] . $user_info['reg_time']) == $code)) \|\| ($_SESSION['user_id'] > 0 && $_SESSION['user_id'] == $user_id && $user->check_user($_SESSION['user_name'], $old_password)))
	1937	{
	1938
	1939	if($user->edit_user(array(
	1940	'username' => (empty($code) ? $_SESSION['user_name'] : $user_info['user_name']), 'old_password' => $old_password, 'password' => $new_password
	1941	), empty($code) ? 0 : 1))
	1942	{
	1943	$sql = "UPDATE " . $ecs->table('users') . "SET `ec_salt`='0' WHERE user_id= '" . $user_id . "'";
	1944	$db->query($sql);
	1945	// 是否开启修改密码发短信
	1946	if($_CFG['sms_change_password'] == 1)
	1947	{
	1948	$content = sprintf($_CFG['sms_change_password_tpl'], date("Y-m-d H:i:s", gmtime()), $_CFG['sms_sign']);
	1949	$sql = "SELECT mobile_phone FROM " . $GLOBALS['ecs']->table('users') . " WHERE user_id = '$user_id'";
	1950	$mobile_phone = $GLOBALS['db']->getOne($sql);
	1951	if($mobile_phone)
	1952	{
	1953	include_once ('send.php');
	1954	sendSMS($mobile_phone, $content);
	1955	}
	1956	}
	1957	$user->logout();
	1958	show_message($_LANG['edit_password_success'], $_LANG['relogin_lnk'], 'user.php?act=login', 'info');
	1959	}
	1960	else
	1961	{
	1962	show_message($_LANG['edit_password_failure'], $_LANG['back_page_up'], '', 'info');
	1963	}
	1964	}
	1965	else
	1966	{
	1967	show_message($_LANG['edit_password_failure'], $_LANG['back_page_up'], '', 'info');
	1968	}
	1969	}
	1970
	1971	/* 添加一个红包 */
	1972	function action_act_add_bonus ()
	1973	{
	1974
	1975	// 获取全局变量
	1976	$user = $GLOBALS['user'];
	1977	$_CFG = $GLOBALS['_CFG'];
	1978	$_LANG = $GLOBALS['_LANG'];
	1979	$smarty = $GLOBALS['smarty'];
	1980	$db = $GLOBALS['db'];
	1981	$ecs = $GLOBALS['ecs'];
	1982	$user_id = $_SESSION['user_id'];
	1983
	1984	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	1985
	1986	$bouns_sn = isset($_POST['bonus_sn']) ? intval($_POST['bonus_sn']) : '';
	1987
	1988	if(add_bonus($user_id, $bouns_sn))
	1989	{
	1990	show_message($_LANG['add_bonus_sucess'], $_LANG['back_up_page'], 'user.php?act=bonus', 'info');
	1991	}
	1992	else
	1993	{
	1994
	1995	$GLOBALS['err']->show($_LANG['back_up_page'], 'user.php?act=bonus');
	1996	}
	1997	}
	1998
	1999	/* 查看订单列表 */
	2000	function action_order_list ()
	2001	{
	2002	$user = $GLOBALS['user'];
	2003	$_CFG = $GLOBALS['_CFG'];
	2004	$_LANG = $GLOBALS['_LANG'];
	2005	$smarty = $GLOBALS['smarty'];
	2006	$db = $GLOBALS['db'];
	2007	$ecs = $GLOBALS['ecs'];
	2008	$user_id = $_SESSION['user_id'];
	2009	$action = $GLOBALS['action'];
	2010
	2011	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	2012	include_once (ROOT_PATH . 'includes/lib_transaction_1.php');
	2013	include_once (ROOT_PATH . 'includes/lib_payment.php');
	2014	include_once (ROOT_PATH . 'includes/lib_order.php');
	2015	include_once (ROOT_PATH . 'includes/lib_clips.php');
	2016
	2017	$ex_where = " and user_id=$user_id";
	2018
	2019	/* 已完成的订单 */
	2020	$order_count['finished'] = $db->GetOne('SELECT COUNT(*) FROM ' . $ecs->table('order_info') . " WHERE 1 $ex_where " . order_query_sql('finished'));
	2021	$status['finished'] = CS_FINISHED;
	2022
	2023	/* 待发货的订单： */
	2024	$order_count['await_ship'] = $db->GetOne('SELECT COUNT(*)' . ' FROM ' . $ecs->table('order_info') . " WHERE 1 $ex_where " . order_query_sql('await_ship'));
	2025	$status['await_ship'] = CS_AWAIT_SHIP;
	2026
	2027	/* 待付款的订单： */
	2028	$order_count['await_pay'] = $db->GetOne('SELECT COUNT(*)' . ' FROM ' . $ecs->table('order_info') . " WHERE 1 $ex_where " . order_query_sql('await_pay'));
	2029	$status['await_pay'] = CS_AWAIT_PAY;
	2030
	2031	/* “未确认”的订单 */
	2032	$order_count['unconfirmed'] = $db->GetOne('SELECT COUNT(*) FROM ' . $ecs->table('order_info') . " WHERE 1 $ex_where " . order_query_sql('unconfirmed'));
	2033	$status['unconfirmed'] = OS_UNCONFIRMED;
	2034
	2035	// $today_start = mktime(0,0,0,date('m'),date('d'),date('Y'));
	2036	$order_count['stats'] = $db->getRow('SELECT COUNT(*) AS oCount, IFNULL(SUM(order_amount), 0) AS oAmount' . ' FROM ' . $ecs->table('order_info'));
	2037	$smarty->assign('order_count', $order_count);
	2038	$smarty->assign('status', $status);
	2039
	2040	$composite_status = isset($_REQUEST['composite_status']) ? intval($_REQUEST['composite_status']) : - 1;
	2041	$where = '';
	2042	switch($composite_status)
	2043	{
	2044	case CS_AWAIT_PAY:
	2045	$where .= order_query_sql('await_pay');
	2046	break;
	2047
	2048	case CS_AWAIT_SHIP:
	2049	$where .= order_query_sql('await_ship');
	2050	break;
	2051
	2052	case CS_FINISHED:
	2053	$where .= order_query_sql('finished');
	2054	break;
	2055	default:
	2056	if($composite_status != - 1)
	2057	{
	2058	$where .= " AND o.order_status = '$composite_status' ";
	2059	}
	2060	}
	2061	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	2062
	2063	$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('order_info') . " WHERE user_id = '$user_id'");
	2064
	2065	/* 代码添加_68_20150909_STAR */
	2066	// 未确认
	2067	if ($composite_status == OS_UNCONFIRMED)
	2068	{
	2069	$record_count = $order_count['unconfirmed'];
	2070	}
	2071	// 待付款
	2072	else if ($composite_status == CS_AWAIT_PAY)
	2073	{
	2074	$record_count = $order_count['await_pay'];
	2075	}
	2076	// 待发货
	2077	else if ($composite_status == CS_AWAIT_SHIP)
	2078	{
	2079	$record_count = $order_count['await_ship'];
	2080	}
	2081	// 已完成
	2082	else if ($composite_status == CS_FINISHED)
	2083	{
	2084	$record_count = $order_count['finished'];
	2085	}
	2086	/* 代码添加_68_20150909_END */
	2087
	2088	$pager = get_pager('user.php', array(
	2089	'act' => $action, 'composite_status' => $composite_status
	2090	), $record_count, $page, 5);
	2091
	2092	$orders = get_user_orders_1($user_id, $pager['size'], $pager['start'], $where);
	2093
	2094	foreach($orders as $k_kuaidi => $v_kuaidi)
	2095	{
	2096	// 同城快递
	2097	if($v_kuaidi['shipping_name_2'] == "同城快递")
	2098	{
	2099	$kos_order_id = $db->getOne("select order_id from " . $ecs->table('kuaidi_order') . " where order_sn='" . $v_kuaidi['invoice_no'] . "'");
	2100	$sql = "select * from " . $ecs->table('kuaidi_order_status') . " where order_id='" . $kos_order_id . "' order by status_id desc";
	2101	$res_status = $db->query($sql);
	2102	$have_shipping_info = 0;
	2103	$shipping_info = "";
	2104	while($row_status = $db->fetchRow($res_status))
	2105	{
	2106	if($row_status['status_display'] == 1)
	2107	{
	2108	switch($row_status['status_id'])
	2109	{
	2110	case 1:
	2111	$shipping_info .= "您提交了订单，请等待确认。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2112	break;
	2113	case 2:
	2114	$shipping_info .= "您的快件已经确认，等待快递员揽收。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2115	break;
	2116	case 3:
	2117	$postman_id = $db->getOne("select postman_id from " . $ecs->table('kuaidi_order') . " where order_sn='" . $orders[$k_kuaidi]['invoice_no'] . "'");
	2118	$postman_info = $db->getRow("select postman_name, mobile from " . $ecs->table('postman') . " where postman_id=" . $postman_id);
	2119	$shipping_info .= "您的快件正在派送，快递员：" . $postman_info['postman_name'] . "，电话：" . $postman_info['mobile'] . " (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2120	break;
	2121	case 4:
	2122	$shipping_info .= "您的快件已经签收。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2123	break;
	2124	case 5:
	2125	$shipping_info .= "您的快件已被拒收。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2126	break;
	2127	case 6:
	2128	$shipping_info .= "您拒收的快件已被退回。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2129	break;
	2130	case 7:
	2131	$shipping_info .= "您的快件已经取消。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2132	break;
	2133	}
	2134
	2135	$shipping_info .= "<br>";
	2136
	2137	if($row_status['status_id'] >= 1)
	2138	{
	2139	$have_shipping_info ++;
	2140	}
	2141	}
	2142	}
	2143	if($have_shipping_info)
	2144	{
	2145	$orders[$k_kuaidi]['result_content'] = $shipping_info;
	2146	}
	2147	else
	2148	{
	2149	$orders[$k_kuaidi]['result_content'] = '抱歉，暂时还没有该运单的物流信息哦！';
	2150	}
	2151	}
	2152	}
	2153
	2154	$merge = get_user_merge($user_id);
	2155
	2156	$smarty->assign('merge', $merge);
	2157	$smarty->assign('pager', $pager);
	2158	$smarty->assign('orders', $orders);
	2159	$smarty->display('user_transaction.dwt');
	2160	}
	2161
	2162	/* 查看订单详情 */
	2163	function action_order_detail ()
	2164	{
	2165	$user = $GLOBALS['user'];
	2166	$_CFG = $GLOBALS['_CFG'];
	2167	$_LANG = $GLOBALS['_LANG'];
	2168	$smarty = $GLOBALS['smarty'];
	2169	$db = $GLOBALS['db'];
	2170	$ecs = $GLOBALS['ecs'];
	2171	$user_id = $_SESSION['user_id'];
	2172
	2173	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	2174	include_once (ROOT_PATH . 'includes/lib_payment.php');
	2175	include_once (ROOT_PATH . 'includes/lib_order.php');
	2176	include_once (ROOT_PATH . 'includes/lib_clips.php');
	2177
	2178	$order_id = isset($_GET['order_id']) ? intval($_GET['order_id']) : 0;
	2179
	2180	/* 订单详情 */
	2181
	2182	$order = get_order_detail($order_id, $user_id);
	2183
	2184	$sql_invoices = "SELECT invoice_no,shipping_name FROM ".$GLOBALS['ecs']->table('delivery_order')." WHERE order_id = ".$order['order_id'];
	2185	$order['invoices'] = $GLOBALS['db']->getAll($sql_invoices);
	2186
	2187	/* 退换货插件增加 */
	2188	$shipping_time = $db->getOne("SELECT shipping_time FROM " . $ecs->table('order_info') . " WHERE order_id = '$order_id'");
	2189	$now_time = gmtime();
	2190	$not_back = 0;
	2191	if($GLOBALS['_CFG']['tuihuan_days_fahuo'] > 0) // 退换货期限（发货后第几天起）:
	2192	{
	2193	if(($now_time - $shipping_time) / 86400 < $GLOBALS['_CFG']['tuihuan_days_fahuo'])
	2194	{
	2195	$not_back = 1;
	2196	}
	2197	}
	2198	if($GLOBALS['_CFG']['tuihuan_days_qianshou'] > 0) // 退换货期限（发货后第几天止）:
	2199	{
	2200	if(($now_time - $shipping_time) / 86400 > $GLOBALS['_CFG']['tuihuan_days_qianshou'])
	2201	{
	2202	$not_back = 1;
	2203	}
	2204	}
	2205	$smarty->assign('not_back', $not_back);
	2206	/* 退换货插件增加 */
	2207	if($order === false)
	2208	{
	2209	$err->show($_LANG['back_home_lnk'], './');
	2210
	2211	exit();
	2212	}
	2213
	2214	if($db->getOne("select shipping_code from " . $ecs->table('shipping') . " where shipping_id=" . $order['shipping_id']) == "tc_express")
	2215	{
	2216
	2217	$order['tc_express'] = 1;
	2218
	2219	$ko_order_sn = $db->getOne("select invoice_no from " . $ecs->table('delivery_order') . " where order_id=" . $order_id);
	2220	if($ko_order_sn)
	2221	{
	2222	$kos_order_id = $db->getOne("select order_id from " . $ecs->table('kuaidi_order') . " where order_sn='" . $ko_order_sn . "'");
	2223	}
	2224
	2225	$sql = "select * from " . $ecs->table('kuaidi_order_status') . " where order_id='$kos_order_id' order by status_id";
	2226
	2227	$res_status = $db->query($sql);
	2228	$have_shipping_info = 0;
	2229	$shipping_info = "";
	2230	while($row_status = $db->fetchRow($res_status))
	2231	{
	2232	if($row_status['status_display'] == 1)
	2233	{
	2234	switch($row_status['status_id'])
	2235	{
	2236	case 1:
	2237	$shipping_info .= "您提交了订单，请等待确认。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2238	break;
	2239	case 2:
	2240	$shipping_info .= "您的快件已经确认，等待快递员揽收。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2241	break;
	2242	case 3:
	2243	$postman_id = $db->getOne("select postman_id from " . $ecs->table('kuaidi_order') . " where order_sn='" . $order['invoice_no'] . "'");
	2244	$postman_info = $db->getRow("select postman_name, mobile from " . $ecs->table('postman') . " where postman_id=" . $postman_id);
	2245	$shipping_info .= "您的快件正在派送，快递员：" . $postman_info['postman_name'] . "，电话：" . $postman_info['mobile'] . " (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2246	break;
	2247	case 4:
	2248	$shipping_info .= "您的快件已经签收。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2249	break;
	2250	case 5:
	2251	$shipping_info .= "您的快件已被拒收。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2252	break;
	2253	case 6:
	2254	$shipping_info .= "您拒收的快件已被退回。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2255	break;
	2256	case 7:
	2257	$shipping_info .= "您的快件已经取消。 (" . local_date('Y-m-d H:i:s', $row_status['status_time']) . ")";
	2258	break;
	2259	}
	2260
	2261	$shipping_info .= "<br>";
	2262
	2263	if($row_status['status_id'] >= 1)
	2264	{
	2265	$have_shipping_info ++;
	2266	}
	2267	}
	2268	}
	2269	if($have_shipping_info)
	2270	{
	2271	$result_content = $shipping_info;
	2272	}
	2273	else
	2274	{
	2275	$result_content = '抱歉，暂时还没有该运单的物流信息哦！';
	2276	}
	2277	}
	2278	$smarty->assign('result_content', $result_content);
	2279
	2280	/* 是否显示添加到购物车 */
	2281	if($order['extension_code'] != GROUP_BUY_CODE && $order['extension_code'] != 'exchange_goods' && $order['extension_code'] != PRE_SALE_CODE && $order['extension_code'] != VIRTUAL_SALE_CODE)
	2282	{
	2283	$smarty->assign('allow_to_cart', 1);
	2284	}
	2285
	2286	/* 订单商品 */
	2287	$goods_list = order_goods($order_id);
	2288	foreach($goods_list as $key => $value)
	2289	{
	2290	$goods_list[$key]['market_price'] = price_format($value['market_price'], false);
	2291	$goods_list[$key]['goods_price'] = price_format($value['goods_price'], false);
	2292	$goods_list[$key]['subtotal'] = price_format($value['subtotal'], false);
	2293
	2294	$sql_back = "SELECT bg.*, bo.back_type FROM " . $ecs->table('back_goods') . " AS bg " . " LEFT JOIN " . $ecs->table('back_order') . " AS bo " . " ON bg.back_id = bo.back_id " . " WHERE bo.order_id = " . $order_id . " AND bg.goods_id = " . $value['goods_id'] . " AND bg.product_id = " . $value['product_id'] . " AND bg.status_back < 6";
	2295	$back_info = $db->getRow($sql_back);
	2296
	2297	if(count($back_info['back_id']) > 0)
	2298	{
	2299	switch($back_info['status_back'])
	2300	{
	2301	case '3':
	2302	$sb = "已完成";
	2303	break;
	2304	case '5':
	2305	$sb = "已申请";
	2306	break;
	2307	// case '6' : $sb = ""; break;
	2308	// case '7' : $sb = ""; break;
	2309	default:
	2310	$sb = "正在";
	2311	break;
	2312	}
	2313
	2314	switch($back_info['back_type'])
	2315	{
	2316	case '1':
	2317	$bt = "退货";
	2318	break;
	2319	case '3':
	2320	$bt = "申请维修";
	2321	break;
	2322	case '4':
	2323	$bt = "退款";
	2324	break;
	2325	default:
	2326	break;
	2327	}
	2328
	2329	$shouhou = $sb . " " . $bt;
	2330	}
	2331	else
	2332	{
	2333	$shouhou = "正常";
	2334	}
	2335
	2336	$goods_list[$key]['shouhou'] = $shouhou;
	2337	}
	2338
	2339	/* 设置能否修改使用余额数 */
	2340	if($order['order_amount'] > 0)
	2341	{
	2342	if($order['order_status'] == OS_UNCONFIRMED \|\| $order['order_status'] == OS_CONFIRMED)
	2343	{
	2344	$user = user_info($order['user_id']);
	2345	if($user['user_money'] + $user['credit_line'] > 0)
	2346	{
	2347	$smarty->assign('allow_edit_surplus', 1);
	2348	$smarty->assign('max_surplus', sprintf($_LANG['max_surplus'], $user['user_money']));
	2349	}
	2350	}
	2351	}
	2352	/* 代码删除 By Start */
	2353	// /* 未发货，未付款时允许更换支付方式 */
	2354	// if($order['order_amount'] > 0 && $order['pay_status'] == PS_UNPAYED && $order['shipping_status'] == SS_UNSHIPPED)
	2355	// {
	2356	// $payment_list = available_payment_list(false, 0, true);
	2357	//
	2358	// /* 过滤掉当前支付方式和余额支付方式 */
	2359	// if(is_array($payment_list))
	2360	// {
	2361	// foreach($payment_list as $key => $payment)
	2362	// {
	2363	// if($payment['pay_id'] == $order['pay_id'] \|\| $payment['pay_code'] == 'balance')
	2364	// {
	2365	// unset($payment_list[$key]);
	2366	// }
	2367	// }
	2368	// }
	2369	// $smarty->assign('payment_list', $payment_list);
	2370	// }
	2371	/* 订单支付配送状态语言项 */
	2372	// $order['order_status'] = $_LANG['os'][$order['order_status']];
	2373	// $order['pay_status'] = $_LANG['ps'][$order['pay_status']];
	2374	// $order['shipping_status_id'] = $order['shipping_status']; // 代码增加 By
	2375	// //
	2376	// $order['shipping_status'] = $_LANG['ss'][$order['shipping_status']];
	2377	/* 代码删除 By End */
	2378	/* 增值税发票_添加_START_ */
	2379	/* 增值税发票收票地址 */
	2380	if($order['inv_type'] == 'vat_invoice')
	2381	{
	2382	$order['inv_complete_address'] = get_inv_complete_address($order);
	2383	}
	2384	/* 发票金额 */
	2385	$order['formatted_inv_money'] = price_format($order['inv_money']);
	2386	/* 增值税发票_添加_END_ */
	2387	$smarty->assign('order', $order);
	2388	/* 代码增加_start By */
	2389	$smarty->assign('mobile_phone', $GLOBALS['db']->getOne("select mobile_phone from " . $GLOBALS['ecs']->table('users') . " where user_id='$_SESSION[user_id]'"));
	2390	foreach($goods_list as $goods_key => $goods_val)
	2391	{
	2392	$sql_goods = "select count(*) from " . $ecs->table('back_order') . " where order_id='$order[order_id]' and goods_id='$goods_val[goods_id]'";
	2393	$back_order_count = $db->getOne($sql_goods);
	2394	$goods_list[$goods_key]['back_can'] = $back_order_count ? '0' : '1';
	2395	/* 代码增加_start By _20150804 */
	2396	if($goods_val['extension_code'] == 'virtual_good')
	2397	{
	2398	$virtual_goods_card = $db->getAll("select gc.card_sn,gc.end_date,buy_date from " . $ecs->table('virtual_goods_card') . " as gc join (select order_id,order_sn from " . $ecs->table('order_info') . " where order_id='$goods_val[order_id]') as oi on gc.order_sn = oi.order_sn");
	2399	foreach($virtual_goods_card as $k => $v)
	2400	{
	2401	$virtual_goods_card[$k]['end_date'] = empty($v['end_date']) ? '' : local_date('Y-m-d', $v['end_date']);
	2402	$virtual_goods_card[$k]['buy_date'] = empty($v['buy_date']) ? '' : local_date('Y-m-d', $v['buy_date']);
	2403	$virtual_goods_card[$k]['end_date_time'] = empty($v['end_date']) ? '' : $v['end_date'];
	2404	$virtual_goods_card[$k]['buy_date_time'] = empty($v['buy_date']) ? '' : $v['buy_date'];
	2405	}
	2406	$goods_list[$goods_key]['virtual_goods_card'] = $virtual_goods_card;
	2407	}
	2408	/* 代码增加_end By _20150804 */
	2409
	2410	$goods_list[$key]['shouhou'] = $shouhou;
	2411	}
	2412
	2413	/* 设置能否修改使用余额数 */
	2414	if($order['order_amount'] > 0)
	2415	{
	2416	if($order['order_status'] == OS_UNCONFIRMED \|\| $order['order_status'] == OS_CONFIRMED)
	2417	{
	2418	$user = user_info($order['user_id']);
	2419	if($user['user_money'] + $user['credit_line'] > 0)
	2420	{
	2421	$smarty->assign('allow_edit_surplus', 1);
	2422	$smarty->assign('max_surplus', sprintf($_LANG['max_surplus'], $user['user_money']));
	2423	}
	2424	}
	2425	}
	2426
	2427	/* 未发货，未付款时允许更换支付方式 */
	2428	if($order['order_amount'] > 0 && $order['pay_status'] == PS_UNPAYED && $order['shipping_status'] == SS_UNSHIPPED)
	2429	{
	2430	$payment_list = available_payment_list(false, 0, true);
	2431
	2432	/* 过滤掉当前支付方式和余额支付方式 */
	2433	if(is_array($payment_list))
	2434	{
	2435	foreach($payment_list as $key => $payment)
	2436	{
	2437	if($payment['pay_id'] == $order['pay_id'] \|\| $payment['pay_code'] == 'balance')
	2438	{
	2439	unset($payment_list[$key]);
	2440	}
	2441	}
	2442	}
	2443	/* 代码修改 By Start */
	2444	// $smarty->assign('payment_list', $payment_list);
	2445	// 订单状态为无效、已取消、退货时不设置支付方法
	2446	if($order['order_status'] != OS_CANCELED && $order['order_status'] != OS_INVALID && $order['order_status'] != OS_RETURNED)
	2447	{
	2448	$smarty->assign('payment_list', $payment_list);
	2449	}
	2450	/* 代码修改 By End */
	2451	}
	2452
	2453	/* 订单支付配送状态语言项 */
	2454	$order['order_status'] = $_LANG['os'][$order['order_status']];
	2455	$order['pay_status'] = $_LANG['ps'][$order['pay_status']];
	2456	$order['shipping_status_id'] = $order['shipping_status']; // 代码增加 By
	2457	//
	2458	$order['shipping_status'] = $_LANG['ss'][$order['shipping_status']];
	2459	/* 增值税发票_添加_START_ */
	2460	/* 增值税发票收票地址 */
	2461	if($order['inv_type'] == 'vat_invoice')
	2462	{
	2463	$order['inv_complete_address'] = get_inv_complete_address($order);
	2464	}
	2465	/* 发票金额 */
	2466	$order['formatted_inv_money'] = price_format($order['inv_money']);
	2467	/* 增值税发票_添加_END_ */
	2468	$smarty->assign('order', $order);
	2469	/* 代码增加_start By */
	2470	foreach($goods_list as $goods_key => $goods_val)
	2471	{
	2472	$sql_goods = "select count(*) from " . $ecs->table('back_order') . " where order_id='$order[order_id]' and goods_id='$goods_val[goods_id]'";
	2473	$back_order_count = $db->getOne($sql_goods);
	2474	$goods_list[$goods_key]['back_can'] = $back_order_count ? '0' : '1';
	2475	}
	2476	/* 代码增加_end By */
	2477	$smarty->assign('goods_list', $goods_list);
	2478	$smarty->display('user_transaction.dwt');
	2479	}
	2480
	2481	/*
	2482	* 代码增加_start By
	2483	* 退换货订单详情
	2484	*/
	2485	function action_back_order_detail ()
	2486	{
	2487	$user = $GLOBALS['user'];
	2488	$_CFG = $GLOBALS['_CFG'];
	2489	$_LANG = $GLOBALS['_LANG'];
	2490	$smarty = $GLOBALS['smarty'];
	2491	$db = $GLOBALS['db'];
	2492	$ecs = $GLOBALS['ecs'];
	2493	$user_id = $_SESSION['user_id'];
	2494
	2495	$back_id = ! empty($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
	2496	$sql = 'SELECT shipping_id, shipping_code, shipping_name ' . 'FROM ' . $GLOBALS['ecs']->table('shipping') . 'WHERE enabled = 1 and supplier_id = 0 ORDER BY shipping_order';
	2497	$shipping_list = $db->getAll($sql);
	2498
	2499	$smarty->assign('shipping_list', $shipping_list);
	2500
	2501	$sql = "SELECT * " . " FROM " . $GLOBALS['ecs']->table('back_order') . " WHERE back_id= '$back_id' ";
	2502	$back_shipping = $db->getRow($sql);
	2503
	2504	$sql_og = "SELECT * FROM " . $GLOBALS['ecs']->table('back_goods') . " WHERE back_id = " . $back_id;
	2505	$back_shipping['goods_list'] = $GLOBALS['db']->getAll($sql_og);
	2506
	2507	$back_shipping['add_time'] = local_date("Y-m-d H:i", $back_shipping['add_time']);
	2508	$back_shipping['refund_money_1'] = price_format($back_shipping['refund_money_1'], false);
	2509	$back_shipping['refund_money_2'] = price_format($back_shipping['refund_money_2'], false);
	2510	$back_shipping['refund_type_name'] = $back_shipping['refund_type'] == '0' ? '' : ($back_shipping['refund_type'] == '1' ? '退回用户余额' : '线下退款');
	2511	$back_shipping['country_name'] = $db->getOne("SELECT region_name FROM " . $ecs->table('region') . " WHERE region_id = '$back_shipping[country]'");
	2512	$back_shipping['province_name'] = $db->getOne("SELECT region_name FROM " . $ecs->table('region') . " WHERE region_id = '$back_shipping[province]'");
	2513	$back_shipping['city_name'] = $db->getOne("SELECT region_name FROM " . $ecs->table('region') . " WHERE region_id = '$back_shipping[city]'");
	2514	$back_shipping['district_name'] = $db->getOne("SELECT region_name FROM " . $ecs->table('region') . " WHERE region_id = '$back_shipping[district]'");
	2515
	2516	$back_shipping['status_back_1'] = $back_shipping['status_back'];
	2517	$back_shipping['status_back'] = $_LANG['bos'][$back_shipping['status_back']] . ($back_shipping['status_back'] == '3' && $back_shipping['back_type'] && $back_shipping['back_type'] != '4' ? ' (换回商品已寄出，请注意查收) ' : '');
	2518	$back_shipping['status_refund'] = $_LANG['bps'][$back_shipping['status_refund']];
	2519
	2520	$smarty->assign('back_shipping', $back_shipping);
	2521
	2522	// 退货商品 + 换货商品详细信息
	2523	$list_backgoods = array();
	2524	$sql = "select * from " . $ecs->table('back_goods') . " where back_id = '$back_id' order by back_type ";
	2525	$res_backgoods = $db->query($sql);
	2526	while($row_backgoods = $db->fetchRow($res_backgoods))
	2527	{
	2528	$back_type_temp = $row_backgoods['back_type'] == '2' ? '1' : $row_backgoods['back_type'];
	2529	$list_backgoods[$back_type_temp]['goods_list'][] = array(
	2530	'goods_name' => $row_backgoods['goods_name'], 'goods_attr' => $row_backgoods['goods_attr'], 'back_goods_number' => $row_backgoods['back_goods_number'], 'back_goods_money' => price_format($row_backgoods['back_goods_number'] * $row_backgoods['back_goods_price'], false), 'status_back' => $_LANG['bos'][$row_backgoods['status_back']] . ($row_backgoods['status_back'] == '3' && $row_backgoods['back_type'] && $row_backgoods['back_type'] != '4' ? ' (换回商品已寄出，请注意查收) ' : ''), 'status_refund' => $_LANG['bps'][$row_backgoods['status_refund']], 'back_type' => $row_backgoods['back_type']
	2531	);
	2532	}
	2533	$smarty->assign('list_backgoods', $list_backgoods);
	2534
	2535	/* 回复留言增加 */
	2536	$res = $db->getAll("SELECT * FROM " . $ecs->table('back_replay') . " WHERE back_id = '$back_id' ORDER BY add_time ASC");
	2537	foreach($res as $value)
	2538	{
	2539	$value['add_time'] = local_date("Y-m-d H:i", $value['add_time']);
	2540	$back_replay[] = $value;
	2541	}
	2542
	2543	$smarty->assign('back_replay', $back_replay);
	2544
	2545	$smarty->assign('back_id', $back_id);
	2546	$smarty->display('user_transaction.dwt');
	2547	}
	2548
	2549	/*
	2550	* 留言回复
	2551	*/
	2552	function action_back_replay ()
	2553	{
	2554	$user = $GLOBALS['user'];
	2555	$_CFG = $GLOBALS['_CFG'];
	2556	$_LANG = $GLOBALS['_LANG'];
	2557	$smarty = $GLOBALS['smarty'];
	2558	$db = $GLOBALS['db'];
	2559	$ecs = $GLOBALS['ecs'];
	2560	$user_id = $_SESSION['user_id'];
	2561
	2562	$back_id = intval($_REQUEST['back_id']);
	2563	$message = $_POST['message'];
	2564	$add_time = gmtime();
	2565
	2566	$db->query("INSERT INTO " . $ecs->table('back_replay') . " (back_id, message, add_time, type) VALUES ('$back_id', '$message', '$add_time', 1)");
	2567
	2568	show_message('恭喜，回复成功！', '返回', 'user.php?act=back_order_detail&id=' . $back_id);
	2569	}
	2570
	2571	/*
	2572	* 取消退换货订单
	2573	*/
	2574	function action_del_back_order ()
	2575	{
	2576	$user = $GLOBALS['user'];
	2577	$_CFG = $GLOBALS['_CFG'];
	2578	$_LANG = $GLOBALS['_LANG'];
	2579	$smarty = $GLOBALS['smarty'];
	2580	$db = $GLOBALS['db'];
	2581	$ecs = $GLOBALS['ecs'];
	2582	$user_id = $_SESSION['user_id'];
	2583
	2584	$back_id = intval($_REQUEST['id']);
	2585	$sql = "select status_back from " . $ecs->table('back_order') . " where back_id='$back_id' ";
	2586	$status_back = $db->getOne($sql);
	2587	if($status_back != 0 && $status_back != 5)
	2588	{
	2589	show_message('对不起，该退货单无法取消', '返回退货订单列表页');
	2590	}
	2591	else
	2592	{
	2593	$sql = "update " . $ecs->table('back_goods') . " set status_back = 8 where back_id='$back_id' ";
	2594	$db->query($sql);
	2595	$sql = "update " . $ecs->table('back_order') . " set status_back = 8 where back_id='$back_id' ";
	2596	$db->query($sql);
	2597	show_message('恭喜，您已经成功取消该退货单', '返回退货订单列表页', 'user.php?act=back_list', 'info');
	2598	}
	2599	}
	2600
	2601	/*
	2602	* 更新退换货订单的快递方式和运单号
	2603	*/
	2604	function action_back_order_detail_edit ()
	2605	{
	2606	$user = $GLOBALS['user'];
	2607	$_CFG = $GLOBALS['_CFG'];
	2608	$_LANG = $GLOBALS['_LANG'];
	2609	$smarty = $GLOBALS['smarty'];
	2610	$db = $GLOBALS['db'];
	2611	$ecs = $GLOBALS['ecs'];
	2612	$user_id = $_SESSION['user_id'];
	2613
	2614	if(empty($_POST['shipping_id']))
	2615	{
	2616	show_message('快递公司不能为空');
	2617	}
	2618	if(empty($_POST['invoice_no']))
	2619	{
	2620	show_message('快递运单号不能为空');
	2621	}
	2622	$back_id = ! empty($_POST['back_id']) ? intval($_POST['back_id']) : 0;
	2623	$invoice_no = trim($_POST['invoice_no']);
	2624	$shipping_id = intval($_POST['shipping_id']);
	2625	if($shipping_id)
	2626	{
	2627	$sql = "SELECT shipping_name FROM " . $GLOBALS['ecs']->table('shipping') . " where shipping_id='$shipping_id' ";
	2628	$shipping_name = $db->getOne($sql);
	2629	}
	2630	$sql = "update " . $ecs->table('back_order') . " set shipping_id='$shipping_id', shipping_name='$shipping_name', invoice_no='$invoice_no' where back_id='$back_id' ";
	2631	$db->query($sql);
	2632	show_message('恭喜，您已经成功更新快递方式和运单号', '返回退货订单详情页');
	2633	}
	2634
	2635	function action_back_list ()
	2636	{
	2637	$user = $GLOBALS['user'];
	2638	$_CFG = $GLOBALS['_CFG'];
	2639	$_LANG = $GLOBALS['_LANG'];
	2640	$smarty = $GLOBALS['smarty'];
	2641	$db = $GLOBALS['db'];
	2642	$ecs = $GLOBALS['ecs'];
	2643	$user_id = $_SESSION['user_id'];
	2644	$action = $GLOBALS['action'];
	2645
	2646	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	2647
	2648	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	2649
	2650	$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('back_order') . " WHERE user_id = '$user_id'");
	2651
	2652	$pager = get_pager('user.php', array(
	2653	'act' => $action
	2654	), $record_count, $page);
	2655
	2656	$orders = get_user_backorders($user_id, $pager['size'], $pager['start']);
	2657
	2658	$smarty->assign('pager', $pager);
	2659	$smarty->assign('orders', $orders);
	2660	$smarty->display('user_transaction.dwt');
	2661	}
	2662
	2663	/* 新“退换货”订单表单 */
	2664	function action_back_order ()
	2665	{
	2666	$user = $GLOBALS['user'];
	2667	$_CFG = $GLOBALS['_CFG'];
	2668	$_LANG = $GLOBALS['_LANG'];
	2669	$smarty = $GLOBALS['smarty'];
	2670	$db = $GLOBALS['db'];
	2671	$ecs = $GLOBALS['ecs'];
	2672	$user_id = $_SESSION['user_id'];
	2673
	2674	$order_id = ! empty($_REQUEST['order_id']) ? intval($_REQUEST['order_id']) : 0;
	2675	if(!$_REQUEST['order_all'])
	2676	{
	2677	$goods_id = ! empty($_REQUEST['goods_id']) ? intval($_REQUEST['goods_id']) : 0;
	2678	$product_id = ! empty($_REQUEST['product_id']) ? intval($_REQUEST['product_id']) : 0;
	2679	$sql = "select og.goods_id, og.goods_name, og.goods_sn, og.goods_number, og.goods_price, og.product_id, og.goods_attr, o.order_id, o.order_sn, o.user_id, o.shipping_time_end " . " from " . $GLOBALS['ecs']->table('order_info') . " AS o left join " . $GLOBALS['ecs']->table('order_goods') . " AS og " . " on o.order_id=og.order_id where og.goods_id='$goods_id' and og.order_id='$order_id' and og.product_id='$product_id'";
	2680	$row_goods = $GLOBALS['db']->getRow($sql);
	2681
	2682	if(! $row_goods \|\| $row_goods['user_id'] != $_SESSION['user_id'])
	2683	{
	2684	show_message('对不起！您没权限针对该商品发起退款/退货及维修', '返回订单列表页', 'user.php?act=order_list', 'info');
	2685	}
	2686	else
	2687	{
	2688	$row_goods['total_price'] = $row_goods['goods_price'] * $row_goods['goods_number'];
	2689	$row_goods['goods_price_format'] = price_format($row_goods['goods_price'], false);
	2690	$row_goods['total_price_format'] = price_format($row_goods['total_price'], false);
	2691	$smarty->assign('back_goods', $row_goods);
	2692
	2693	$properties = get_goods_properties($goods_id); // 获得商品的规格和属性
	2694	$smarty->assign('specification', $properties['spe']); // 商品规格
	2695	}
	2696	}
	2697	else
	2698	{
	2699	$sql_oi = "SELECT * FROM " . $GLOBALS['ecs']->table('order_info') . " WHERE order_id = " . $order_id;
	2700	$order_info = $GLOBALS['db']->getRow($sql_oi);
	2701	$sql_og = "SELECT * FROM " . $GLOBALS['ecs']->table('order_goods') . " WHERE order_id = " . $order_id;
	2702	$goods_list = $GLOBALS['db']->getAll($sql_og);
	2703	foreach ($goods_list as $key => $goods_info)
	2704	{
	2705	$goods_info['total_price'] = $goods_info['goods_price'] * $goods_info['goods_number'];
	2706	$goods_list[$key]['goods_price_format'] = price_format($goods_info['goods_price'], false);
	2707	$goods_list[$key]['total_price_format'] = price_format($goods_info['total_price'], false);
	2708	}
	2709	$order_info['goods_list'] = $goods_list;
	2710
	2711	if (!$order_info \|\| $order_info['user_id'] != $_SESSION['user_id'])
	2712	{
	2713	show_message('对不起！您没权限针对该订单发起退款', '返回订单列表页', 'user.php?act=order_list', 'info');
	2714	}
	2715	else
	2716	{
	2717	$smarty->assign('order_info', $order_info);
	2718
	2719	$properties = get_goods_properties($goods_id); // 获得商品的规格和属性
	2720	$smarty->assign('specification', $properties['spe']); // 商品规格
	2721	}
	2722	}
	2723
	2724	// 收货地址增加
	2725	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	2726	$order = $db->getRow("SELECT * FROM " . $ecs->table('order_info') . " WHERE order_id='$order_id'");
	2727	$smarty->assign('order', $order);
	2728	$smarty->assign('shop_province', get_regions(1, $order['country']));
	2729	$smarty->assign('shop_city', get_regions(2, $order['province']));
	2730	$smarty->assign('shop_district', get_regions(3, $order['city']));
	2731	$smarty->assign('name_of_region', array(
	2732	$_CFG['name_of_region_1'], $_CFG['name_of_region_2'], $_CFG['name_of_region_3'], $_CFG['name_of_region_4']
	2733	));
	2734	$smarty->assign('country_list', get_regions());
	2735
	2736	$smarty->display('user_transaction.dwt');
	2737	}
	2738
	2739	/* 保存退换货订单 */
	2740	function action_back_order_act ()
	2741	{
	2742	$user = $GLOBALS['user'];
	2743	$_CFG = $GLOBALS['_CFG'];
	2744	$_LANG = $GLOBALS['_LANG'];
	2745	$smarty = $GLOBALS['smarty'];
	2746	$db = $GLOBALS['db'];
	2747	$ecs = $GLOBALS['ecs'];
	2748	$user_id = $_SESSION['user_id'];
	2749
	2750	$add_time = gmtime();
	2751	$order_id = ! empty($_POST['order_id']) ? trim($_POST['order_id']) : "0";
	2752	if (!$_POST['order_all'])
	2753	{
	2754	$order_sn = ! empty($_POST['order_sn']) ? trim($_POST['order_sn']) : "";
	2755	$goods_id = ! empty($_POST['goods_id']) ? trim($_POST['goods_id']) : "";
	2756	$goods_name = ! empty($_POST['goods_name']) ? trim($_POST['goods_name']) : "";
	2757	$goods_sn = ! empty($_POST['goods_sn']) ? trim($_POST['goods_sn']) : "";
	2758	}
	2759	$back_reason = ! empty($_POST['back_reason']) ? trim($_POST['back_reason']) : "";
	2760	$country = intval($_POST['country']);
	2761	$province = intval($_POST['province']);
	2762	$city = intval($_POST['city']);
	2763	$district = intval($_POST['district']);
	2764	$consignee = ! empty($_POST['back_consignee']) ? trim($_POST['back_consignee']) : "";
	2765	$address = ! empty($_POST['back_address']) ? trim($_POST['back_address']) : "";
	2766	$zipcode = ! empty($_POST['back_zipcode']) ? trim($_POST['back_zipcode']) : "";
	2767	$mobile = ! empty($_POST['back_mobile']) ? trim($_POST['back_mobile']) : "";
	2768	$postscript = ! empty($_POST['back_postscript']) ? trim($_POST['back_postscript']) : "";
	2769	$imgs = ($_POST['imgs']) ? implode(',', $_POST['imgs']) : '';
	2770	$back_pay = intval($_POST['back_pay']);
	2771	$back_type = intval($_POST['back_type']);
	2772	$back_type_list = $_POST['back_type'];
	2773
	2774	if(! $order_id)
	2775	{
	2776	show_message('对不起，您进行了错误操作！');
	2777	exit();
	2778	}
	2779
	2780	$sql = "select * from " . $ecs->table('order_info') . " where order_id='$order_id' ";
	2781	$order_info = $db->getRow($sql);
	2782
	2783	if(empty($order_info))
	2784	{
	2785	show_message('对不起，此订单不存在！');
	2786	exit();
	2787	}
	2788
	2789	if ($_POST['order_all'])
	2790	{
	2791	$order_sn = $order_info['order_sn'];
	2792	$goods_id = 0;
	2793
	2794	$sql_og = "SELECT * FROM " . $GLOBALS['ecs']->table('order_goods') . " WHERE order_id = " . $order_id;
	2795	$order_info['goods_list'] = $GLOBALS['db']->getAll($sql_og);
	2796	}
	2797
	2798	$sql = "insert into " . $ecs->table('back_order') . "(order_sn, order_id, goods_id, user_id, shipping_fee, consignee, address, " . "zipcode, mobile, add_time, postscript , back_reason, goods_name, imgs, back_pay, country, province, city, district, back_type, status_back, supplier_id) " . " values('$order_sn', '$order_id', '$goods_id', '$user_id', '$order_info[shipping_fee]', '$consignee', '$address', " . "'$zipcode', '$mobile', '$add_time', '$postscript', '$back_reason', '$goods_name', '$imgs', '$back_pay', '$country', '$province', '$city', '$district', '$back_type', '5', '$order_info[supplier_id]')";
	2799
	2800	$db->query($sql);
	2801
	2802	// 插入退换货商品 80_back_goods
	2803	$back_id = $db->insert_id();
	2804	$have_tuikuan = 0; // 是否有退货
	2805	// foreach($back_type_list as $back_type)
	2806	// {
	2807	if($back_type == 1)
	2808	{
	2809	$have_tuikuan = 1;
	2810	$tui_goods_number = $_REQUEST['tui_goods_number'] ? intval($_REQUEST['tui_goods_number']) : 1;
	2811	$sql = "insert into " . $ecs->table('back_goods') . "(back_id, goods_id, goods_name, goods_sn, product_id, goods_attr, back_type, " . "back_goods_number, back_goods_price, status_back ) " . " values('$back_id', '$goods_id', '$goods_name', '$goods_sn', '$_REQUEST[product_id_tui]', '$_REQUEST[goods_attr_tui]', '0', " . " '$tui_goods_number', '$_REQUEST[tui_goods_price]', '5') ";
	2812	$db->query($sql);
	2813	}
	2814	if($back_type == 4)
	2815	{
	2816	$have_tuikuan = 1;
	2817	$have_tuikuan2 = 1;
	2818	$price_refund_all = 0;
	2819
	2820	foreach($order_info['goods_list'] as $goods_info)
	2821	{
	2822	$price_refund_all += ($goods_info['goods_price'] * $goods_info['goods_number']);
	2823
	2824	$sql = "INSERT INTO " . $GLOBALS['ecs']->table('back_goods') . "(back_id, goods_id, goods_name, goods_sn, product_id, goods_attr, back_type, " . "back_goods_number, back_goods_price, status_back) " . " values('$back_id', '".$goods_info['goods_id']."', '".$goods_info['goods_name']."', '".$goods_info['goods_sn']."', '".$goods_info['product_id']."', '".$goods_info['goods_attr']."', '4', '".$goods_info['goods_number']."', '".$goods_info['goods_price']."', '5') ";
	2825	$db->query($sql);
	2826	}
	2827	}
	2828	if($back_type == 2)
	2829	{
	2830	$huan_count = count($_POST['product_id_huan']);
	2831	if($huan_count)
	2832	{
	2833	$sql = "insert into " . $ecs->table('back_goods') . "(back_id, goods_id, goods_name, goods_sn, product_id, goods_attr, back_type, status_refund, back_goods_number, status_back) " . " values('$back_id', '$goods_id', '$goods_name', '$goods_sn', '$_REQUEST[product_id_tui]', '$_REQUEST[goods_attr_tui]', '1', '9', '$huan_count', '5') ";
	2834	$db->query($sql);
	2835	$parent_id_huan = $db->insert_id();
	2836	foreach($_POST['product_id_huan'] as $pid_key => $pid_huan)
	2837	{
	2838	$sql = "insert into " . $ecs->table('back_goods') . "(back_id, goods_id, goods_name, goods_sn, product_id, goods_attr, back_type, parent_id, status_refund, back_goods_number, status_back) " . "values('$back_id', '$goods_id', '$goods_name', '$goods_sn', '$pid_huan', '" . $_POST['goods_attr_huan'][$pid_key] . "', '2', '$parent_id_huan', '9', '1', '5')";
	2839	$db->query($sql);
	2840	}
	2841	}
	2842	}
	2843	if($back_type == 3)
	2844	{
	2845	$have_weixiu = 1;
	2846	$tui_goods_number = $_REQUEST['tui_goods_number'] ? intval($_REQUEST['tui_goods_number']) : 1;
	2847	$sql = "insert into " . $ecs->table('back_goods') . "(back_id, goods_id, goods_name, goods_sn, product_id, goods_attr, back_type, " . "back_goods_number, back_goods_price, status_back) " . " values('$back_id', '$goods_id', '$goods_name', '$goods_sn', '$_REQUEST[product_id_tui]', '$_REQUEST[goods_attr_tui]', '3', " . " '$tui_goods_number', '$_REQUEST[tui_goods_price]', '5') ";
	2848	$db->query($sql);
	2849	}
	2850	// }
	2851
	2852	/* 更新back_order */
	2853	if($have_tuikuan)
	2854	{
	2855	if ($_POST['order_all'])
	2856	{
	2857	$price_refund = $GLOBALS['db']->getOne("SELECT money_paid FROM " . $GLOBALS['ecs']->table('order_info') . " WHERE order_id = " . $order_id);
	2858	}
	2859	else
	2860	{
	2861	$price_refund = $_REQUEST['tui_goods_price'] * $tui_goods_number;
	2862	}
	2863	$sql = "update " . $ecs->table('back_order') . " set refund_money_1= '$price_refund' where back_id='$back_id' ";
	2864	$db->query($sql);
	2865	}
	2866	else
	2867	{
	2868	$sql = "update " . $ecs->table('back_order') . " set status_refund= '9' where back_id='$back_id' ";
	2869	$db->query($sql);
	2870	}
	2871
	2872	if($have_tuikuan2)
	2873	{
	2874	$smarty->assign('back_act_w', 'tuikuan');
	2875	}
	2876	else if($have_weixiu)
	2877	{
	2878	$smarty->assign('back_act_w', 'weixiu');
	2879	}
	2880	else
	2881	{
	2882	$smarty->assign('back_act_w', 'tuihuo');
	2883	}
	2884
	2885	$smarty->assign('back_consignee', $consignee);
	2886	$smarty->assign('back_address', $address);
	2887	$smarty->assign('back_zipcode', $zipcode);
	2888
	2889	$smarty->display('user_transaction.dwt');
	2890	}
	2891
	2892	// AJAX调用
	2893	function action_add_huan_goods ()
	2894	{
	2895	$user = $GLOBALS['user'];
	2896	$_CFG = $GLOBALS['_CFG'];
	2897	$_LANG = $GLOBALS['_LANG'];
	2898	$smarty = $GLOBALS['smarty'];
	2899	$db = $GLOBALS['db'];
	2900	$ecs = $GLOBALS['ecs'];
	2901	$user_id = $_SESSION['user_id'];
	2902
	2903	include_once ('includes/cls_json.php');
	2904	include_once ('includes/lib_order.php');
	2905	$json = new JSON();
	2906
	2907	$result = array(
	2908	'error' => 0, 'content' => ''
	2909	);
	2910
	2911	$_POST['goods'] = strip_tags(urldecode($_POST['goods']));
	2912	$_POST['goods'] = json_str_iconv($_POST['goods']);
	2913	$goods = $json->decode($_POST['goods']);
	2914	$spec = $goods->spec;
	2915	$goods_id = $goods->goods_id;
	2916	$goods_name = $db->getOne("select goods_name from " . $ecs->table('goods') . " where goods_id='$goods_id' ");
	2917
	2918	/* 如果商品有规格则取规格商品信息配件除外 */
	2919	$sql = "SELECT * FROM " . $GLOBALS['ecs']->table('products') . " WHERE goods_id = '$goods_id' LIMIT 0, 1";
	2920	$prod = $GLOBALS['db']->getRow($sql);
	2921	if(is_spec($spec) && ! empty($prod))
	2922	{
	2923	$product_info = get_products_info($goods_id, $spec);
	2924	}
	2925	$goods_attr = get_goods_attr_info($spec);
	2926
	2927	$result['error'] = 1;
	2928	$result['goods_name'] = $goods_name . " ";
	2929	$result['product_id'] = $product_info['product_id'];
	2930	$result['product_id'] = $result['product_id'] == 'null' ? '0' : intval($result['product_id']);
	2931	$result['content'] = addslashes($goods_attr);
	2932	die($json->encode($result));
	2933	}
	2934
	2935	/* 代码增加_end By */
	2936
	2937	/* 取消订单 */
	2938	function action_cancel_order ()
	2939	{
	2940	$user = $GLOBALS['user'];
	2941	$_CFG = $GLOBALS['_CFG'];
	2942	$_LANG = $GLOBALS['_LANG'];
	2943	$smarty = $GLOBALS['smarty'];
	2944	$db = $GLOBALS['db'];
	2945	$ecs = $GLOBALS['ecs'];
	2946	$user_id = $_SESSION['user_id'];
	2947
	2948	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	2949	include_once (ROOT_PATH . 'includes/lib_order.php');
	2950
	2951	$order_id = isset($_GET['order_id']) ? intval($_GET['order_id']) : 0;
	2952
	2953	if(cancel_order($order_id, $user_id))
	2954	{
	2955	ecs_header("Location: user.php?act=order_list\n");
	2956	exit();
	2957	}
	2958	else
	2959	{
	2960	$err->show($_LANG['order_list_lnk'], 'user.php?act=order_list');
	2961	}
	2962	}
	2963
	2964	/* 收货地址列表界面 */
	2965	function action_address_list ()
	2966	{
	2967	$user = $GLOBALS['user'];
	2968	$_CFG = $GLOBALS['_CFG'];
	2969	$_LANG = $GLOBALS['_LANG'];
	2970	$smarty = $GLOBALS['smarty'];
	2971	$db = $GLOBALS['db'];
	2972	$ecs = $GLOBALS['ecs'];
	2973	$user_id = $_SESSION['user_id'];
	2974
	2975	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	2976	include_once (ROOT_PATH . 'languages/' . $_CFG['lang'] . '/shopping_flow.php');
	2977	$smarty->assign('lang', $_LANG);
	2978
	2979	/* 取得国家列表、商店所在国家、商店所在国家的省列表 */
	2980	$smarty->assign('country_list', get_regions());
	2981	$smarty->assign('shop_province_list', get_regions(1, $_CFG['shop_country']));
	2982
	2983	/* 获得用户所有的收货人信息 */
	2984	$consignee_list = get_consignee_list($_SESSION['user_id']);
	2985
	2986	if(count($consignee_list) < 5 && $_SESSION['user_id'] > 0)
	2987	{
	2988	/* 如果用户收货人信息的总数小于5 则增加一个新的收货人信息 */
	2989	$consignee_list[] = array(
	2990	// 如果Session中有有效的email则放入
	2991	'country' => $_CFG['shop_country'], 'email' => isset($_SESSION['email']) && is_email($_SESSION['email']) ? $_SESSION['email'] : ''
	2992	);
	2993	}
	2994
	2995	$smarty->assign('consignee_list', $consignee_list);
	2996
	2997	// 取得国家列表，如果有收货人列表，取得省市区列表
	2998	foreach($consignee_list as $region_id => $consignee)
	2999	{
	3000	$consignee['country'] = isset($consignee['country']) ? intval($consignee['country']) : 0;
	3001	$consignee['province'] = isset($consignee['province']) ? intval($consignee['province']) : 0;
	3002	$consignee['city'] = isset($consignee['city']) ? intval($consignee['city']) : 0;
	3003
	3004	$province_list[$region_id] = get_regions(1, $consignee['country']);
	3005	$city_list[$region_id] = get_regions(2, $consignee['province']);
	3006	$district_list[$region_id] = get_regions(3, $consignee['city']);
	3007	}
	3008
	3009	/* 获取默认收货ID */
	3010	$address_id = $db->getOne("SELECT address_id FROM " . $ecs->table('users') . " WHERE user_id='$user_id'");
	3011
	3012	// 赋值于模板
	3013	$smarty->assign('real_goods_count', 1);
	3014	$smarty->assign('shop_country', $_CFG['shop_country']);
	3015	$smarty->assign('shop_province', get_regions(1, $_CFG['shop_country']));
	3016	$smarty->assign('province_list', $province_list);
	3017	$smarty->assign('address', $address_id);
	3018	$smarty->assign('city_list', $city_list);
	3019	$smarty->assign('district_list', $district_list);
	3020	$smarty->assign('currency_format', $_CFG['currency_format']);
	3021	$smarty->assign('integral_scale', $_CFG['integral_scale']);
	3022	$smarty->assign('name_of_region', array(
	3023	$_CFG['name_of_region_1'], $_CFG['name_of_region_2'], $_CFG['name_of_region_3'], $_CFG['name_of_region_4']
	3024	));
	3025
	3026	$smarty->display('user_transaction.dwt');
	3027	}
	3028
	3029	/* 添加/编辑收货地址的处理 */
	3030	function action_act_edit_address ()
	3031	{
	3032	$user = $GLOBALS['user'];
	3033	$_CFG = $GLOBALS['_CFG'];
	3034	$_LANG = $GLOBALS['_LANG'];
	3035	$smarty = $GLOBALS['smarty'];
	3036	$db = $GLOBALS['db'];
	3037	$ecs = $GLOBALS['ecs'];
	3038	$user_id = $_SESSION['user_id'];
	3039
	3040	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	3041	include_once (ROOT_PATH . 'languages/' . $_CFG['lang'] . '/shopping_flow.php');
	3042	$smarty->assign('lang', $_LANG);
	3043
	3044	$address = array(
	3045	'user_id' => $user_id, 'address_id' => intval($_POST['address_id']), 'country' => isset($_POST['country']) ? intval($_POST['country']) : 0, 'province' => isset($_POST['province']) ? intval($_POST['province']) : 0, 'city' => isset($_POST['city']) ? intval($_POST['city']) : 0, 'district' => isset($_POST['district']) ? intval($_POST['district']) : 0, 'address' => isset($_POST['address']) ? compile_str(trim($_POST['address'])) : '', 'consignee' => isset($_POST['consignee']) ? compile_str(trim($_POST['consignee'])) : '', 'email' => isset($_POST['email']) ? compile_str(trim($_POST['email'])) : '', 'tel' => isset($_POST['tel']) ? compile_str(make_semiangle(trim($_POST['tel']))) : '', 'mobile' => isset($_POST['mobile']) ? compile_str(make_semiangle(trim($_POST['mobile']))) : '',
	3046	'best_time' => isset($_POST['best_time']) ? compile_str(trim($_POST['best_time'])) : '', 'sign_building' => isset($_POST['sign_building']) ? compile_str(trim($_POST['sign_building'])) : '', 'zipcode' => isset($_POST['zipcode']) ? compile_str(make_semiangle(trim($_POST['zipcode']))) : ''
	3047	);
	3048
	3049	if(update_address($address))
	3050	{
	3051	show_message($_LANG['edit_address_success'], $_LANG['address_list_lnk'], 'user.php?act=address_list');
	3052	}
	3053	}
	3054
	3055	/* 删除收货地址 */
	3056	function action_drop_consignee ()
	3057	{
	3058	$user = $GLOBALS['user'];
	3059	$_CFG = $GLOBALS['_CFG'];
	3060	$_LANG = $GLOBALS['_LANG'];
	3061	$smarty = $GLOBALS['smarty'];
	3062	$db = $GLOBALS['db'];
	3063	$ecs = $GLOBALS['ecs'];
	3064	$user_id = $_SESSION['user_id'];
	3065
	3066	include_once ('includes/lib_transaction.php');
	3067
	3068	$consignee_id = intval($_GET['id']);
	3069
	3070	if(drop_consignee($consignee_id))
	3071	{
	3072	ecs_header("Location: user.php?act=address_list\n");
	3073	exit();
	3074	}
	3075	else
	3076	{
	3077	show_message($_LANG['del_address_false']);
	3078	}
	3079	}
	3080
	3081	/* 显示收藏商品列表 */
	3082	function action_collection_list ()
	3083	{
	3084	$user = $GLOBALS['user'];
	3085	$_CFG = $GLOBALS['_CFG'];
	3086	$_LANG = $GLOBALS['_LANG'];
	3087	$smarty = $GLOBALS['smarty'];
	3088	$db = $GLOBALS['db'];
	3089	$ecs = $GLOBALS['ecs'];
	3090	$user_id = $_SESSION['user_id'];
	3091	$action = $GLOBALS['action'];
	3092
	3093	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3094
	3095	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	3096
	3097	$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('collect_goods') . " WHERE user_id='$user_id' ORDER BY add_time DESC");
	3098
	3099	$pager = get_pager('user.php', array(
	3100	'act' => $action
	3101	), $record_count, $page);
	3102	$smarty->assign('pager', $pager);
	3103	$smarty->assign('goods_list', get_collection_goods($user_id, $pager['size'], $pager['start']));
	3104	$smarty->assign('url', $ecs->url());
	3105	$lang_list = array(
	3106	'UTF8' => $_LANG['charset']['utf8'], 'GB2312' => $_LANG['charset']['zh_cn'], 'BIG5' => $_LANG['charset']['zh_tw']
	3107	);
	3108	$smarty->assign('lang_list', $lang_list);
	3109	$smarty->assign('user_id', $user_id);
	3110	$smarty->display('user_clips.dwt');
	3111	}
	3112
	3113	/* 删除收藏的商品 */
	3114	function action_delete_collection ()
	3115	{
	3116	$user = $GLOBALS['user'];
	3117	$_CFG = $GLOBALS['_CFG'];
	3118	$_LANG = $GLOBALS['_LANG'];
	3119	$smarty = $GLOBALS['smarty'];
	3120	$db = $GLOBALS['db'];
	3121	$ecs = $GLOBALS['ecs'];
	3122	$user_id = $_SESSION['user_id'];
	3123
	3124	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3125
	3126	$collection_id = isset($_GET['collection_id']) ? intval($_GET['collection_id']) : 0;
	3127
	3128	if($collection_id > 0)
	3129	{
	3130	$db->query('DELETE FROM ' . $ecs->table('collect_goods') . " WHERE rec_id='$collection_id' AND user_id ='$user_id'");
	3131	}
	3132
	3133	ecs_header("Location: user.php?act=collection_list\n");
	3134	exit();
	3135	}
	3136
	3137	/* 添加关注商品 */
	3138	function action_add_to_attention ()
	3139	{
	3140	$user = $GLOBALS['user'];
	3141	$_CFG = $GLOBALS['_CFG'];
	3142	$_LANG = $GLOBALS['_LANG'];
	3143	$smarty = $GLOBALS['smarty'];
	3144	$db = $GLOBALS['db'];
	3145	$ecs = $GLOBALS['ecs'];
	3146	$user_id = $_SESSION['user_id'];
	3147
	3148	$rec_id = (int)$_GET['rec_id'];
	3149	if($rec_id)
	3150	{
	3151	$db->query('UPDATE ' . $ecs->table('collect_goods') . "SET is_attention = 1 WHERE rec_id='$rec_id' AND user_id ='$user_id'");
	3152	}
	3153	ecs_header("Location: user.php?act=collection_list\n");
	3154	exit();
	3155	}
	3156
	3157	/* 取消关注商品 */
	3158	function action_del_attention ()
	3159	{
	3160	$user = $GLOBALS['user'];
	3161	$_CFG = $GLOBALS['_CFG'];
	3162	$_LANG = $GLOBALS['_LANG'];
	3163	$smarty = $GLOBALS['smarty'];
	3164	$db = $GLOBALS['db'];
	3165	$ecs = $GLOBALS['ecs'];
	3166	$user_id = $_SESSION['user_id'];
	3167
	3168	$rec_id = (int)$_GET['rec_id'];
	3169	if($rec_id)
	3170	{
	3171	$db->query('UPDATE ' . $ecs->table('collect_goods') . "SET is_attention = 0 WHERE rec_id='$rec_id' AND user_id ='$user_id'");
	3172	}
	3173	ecs_header("Location: user.php?act=collection_list\n");
	3174	exit();
	3175	}
	3176
	3177	/* 显示关注的店铺列表 */
	3178	function action_follow_shop ()
	3179	{
	3180	$user = $GLOBALS['user'];
	3181	$_CFG = $GLOBALS['_CFG'];
	3182	$_LANG = $GLOBALS['_LANG'];
	3183	$smarty = $GLOBALS['smarty'];
	3184	$db = $GLOBALS['db'];
	3185	$ecs = $GLOBALS['ecs'];
	3186	$user_id = $_SESSION['user_id'];
	3187	$action = $GLOBALS['action'];
	3188
	3189	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3190
	3191	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	3192
	3193	$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('supplier_guanzhu') . " WHERE userid='$user_id'");
	3194
	3195	$pager = get_pager('user.php', array(
	3196	'act' => $action
	3197	), $record_count, $page);
	3198	$smarty->assign('pager', $pager);
	3199	$smarty->assign('shop_list', get_follow_shops($user_id, $pager['size'], $pager['start']));
	3200	$smarty->assign('url', $ecs->url());
	3201	$lang_list = array(
	3202	'UTF8' => $_LANG['charset']['utf8'], 'GB2312' => $_LANG['charset']['zh_cn'], 'BIG5' => $_LANG['charset']['zh_tw']
	3203	);
	3204	$smarty->assign('lang_list', $lang_list);
	3205	$smarty->assign('user_id', $user_id);
	3206	$smarty->display('user_clips.dwt');
	3207	}
	3208
	3209	/* 取消关注商品 */
	3210	function action_del_follow ()
	3211	{
	3212	$user = $GLOBALS['user'];
	3213	$_CFG = $GLOBALS['_CFG'];
	3214	$_LANG = $GLOBALS['_LANG'];
	3215	$smarty = $GLOBALS['smarty'];
	3216	$db = $GLOBALS['db'];
	3217	$ecs = $GLOBALS['ecs'];
	3218	$user_id = $_SESSION['user_id'];
	3219
	3220	$rec_id = (int)$_GET['rec_id'];
	3221	if($rec_id)
	3222	{
	3223	$db->query('DELETE FROM ' . $ecs->table('supplier_guanzhu') . " WHERE id='$rec_id' AND userid ='$user_id'");
	3224	}
	3225	ecs_header("Location: user.php?act=follow_shop\n");
	3226	exit();
	3227	}
	3228
	3229	/* 显示留言列表 */
	3230	function action_message_list ()
	3231	{
	3232	$user = $GLOBALS['user'];
	3233	$_CFG = $GLOBALS['_CFG'];
	3234	$_LANG = $GLOBALS['_LANG'];
	3235	$smarty = $GLOBALS['smarty'];
	3236	$db = $GLOBALS['db'];
	3237	$ecs = $GLOBALS['ecs'];
	3238	$user_id = $_SESSION['user_id'];
	3239	$action = $GLOBALS['action'];
	3240
	3241	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3242
	3243	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	3244
	3245	$order_id = empty($_GET['order_id']) ? 0 : intval($_GET['order_id']);
	3246	$order_info = array();
	3247
	3248	/* 获取用户留言的数量 */
	3249	if($order_id)
	3250	{
	3251	$sql = "SELECT COUNT(*) FROM " . $ecs->table('feedback') . " WHERE parent_id = 0 AND order_id = '$order_id' AND user_id = '$user_id'";
	3252	$order_info = $db->getRow("SELECT * FROM " . $ecs->table('order_info') . " WHERE order_id = '$order_id' AND user_id = '$user_id'");
	3253	$order_info['url'] = 'user.php?act=order_detail&order_id=' . $order_id;
	3254	}
	3255	else
	3256	{
	3257	$sql = "SELECT COUNT(*) FROM " . $ecs->table('feedback') . " WHERE parent_id = 0 AND user_id = '$user_id' AND user_name = '" . $_SESSION['user_name'] . "' AND order_id=0";
	3258	}
	3259
	3260	$record_count = $db->getOne($sql);
	3261	$act = array(
	3262	'act' => $action
	3263	);
	3264
	3265	if($order_id != '')
	3266	{
	3267	$act['order_id'] = $order_id;
	3268	}
	3269
	3270	$pager = get_pager('user.php', $act, $record_count, $page, 5);
	3271
	3272	$smarty->assign('message_list', get_message_list($user_id, $_SESSION['user_name'], $pager['size'], $pager['start'], $order_id));
	3273	$smarty->assign('pager', $pager);
	3274	$smarty->assign('order_info', $order_info);
	3275	$smarty->display('user_clips.dwt');
	3276	}
	3277
	3278	/* 显示评论列表 */
	3279	function action_comment_list ()
	3280	{
	3281	$user = $GLOBALS['user'];
	3282	$_CFG = $GLOBALS['_CFG'];
	3283	$_LANG = $GLOBALS['_LANG'];
	3284	$smarty = $GLOBALS['smarty'];
	3285	$db = $GLOBALS['db'];
	3286	$ecs = $GLOBALS['ecs'];
	3287	$user_id = $_SESSION['user_id'];
	3288	$action = $GLOBALS['action'];
	3289
	3290	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3291
	3292	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	3293
	3294	/* 获取用户留言的数量 */
	3295	$sql = "SELECT COUNT(*) FROM " . $ecs->table('comment') . " WHERE parent_id = 0 AND user_id = '$user_id'";
	3296	$record_count = $db->getOne($sql);
	3297	$pager = get_pager('user.php', array(
	3298	'act' => $action
	3299	), $record_count, $page, 5);
	3300
	3301	$smarty->assign('comment_list', get_comment_list($user_id, $pager['size'], $pager['start']));
	3302	$smarty->assign('pager', $pager);
	3303	$smarty->display('user_clips.dwt');
	3304	}
	3305
	3306	/* 添加我的留言 */
	3307	function action_act_add_message ()
	3308	{
	3309	$user = $GLOBALS['user'];
	3310	$_CFG = $GLOBALS['_CFG'];
	3311	$_LANG = $GLOBALS['_LANG'];
	3312	$smarty = $GLOBALS['smarty'];
	3313	$db = $GLOBALS['db'];
	3314	$ecs = $GLOBALS['ecs'];
	3315	$user_id = $_SESSION['user_id'];
	3316
	3317	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3318
	3319	$message = array(
	3320	'user_id' => $user_id, 'user_name' => $_SESSION['user_name'], 'user_email' => $_SESSION['email'], 'msg_type' => isset($_POST['msg_type']) ? intval($_POST['msg_type']) : 0, 'msg_title' => isset($_POST['msg_title']) ? trim($_POST['msg_title']) : '', 'msg_content' => isset($_POST['msg_content']) ? trim($_POST['msg_content']) : '', 'order_id' => empty($_POST['order_id']) ? 0 : intval($_POST['order_id']), 'upload' => (isset($_FILES['message_img']['error']) && $_FILES['message_img']['error'] == 0) \|\| (! isset($_FILES['message_img']['error']) && isset($_FILES['message_img']['tmp_name']) && $_FILES['message_img']['tmp_name'] != 'none') ? $_FILES['message_img'] : array()
	3321	);
	3322
	3323	if(add_message($message))
	3324	{
	3325	show_message($_LANG['add_message_success'], $_LANG['message_list_lnk'], 'user.php?act=message_list&order_id=' . $message['order_id'], 'info');
	3326	}
	3327	else
	3328	{
	3329	$err->show($_LANG['message_list_lnk'], 'user.php?act=message_list');
	3330	}
	3331	}
	3332
	3333	/* 标签云列表 */
	3334	function action_tag_list ()
	3335	{
	3336	$user = $GLOBALS['user'];
	3337	$_CFG = $GLOBALS['_CFG'];
	3338	$_LANG = $GLOBALS['_LANG'];
	3339	$smarty = $GLOBALS['smarty'];
	3340	$db = $GLOBALS['db'];
	3341	$ecs = $GLOBALS['ecs'];
	3342	$user_id = $_SESSION['user_id'];
	3343
	3344	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3345
	3346	$good_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	3347
	3348	$smarty->assign('tags', get_user_tags($user_id));
	3349	$smarty->assign('tags_from', 'user');
	3350	$smarty->display('user_clips.dwt');
	3351	}
	3352
	3353	/* 删除标签云的处理 */
	3354	function action_act_del_tag ()
	3355	{
	3356	$user = $GLOBALS['user'];
	3357	$_CFG = $GLOBALS['_CFG'];
	3358	$_LANG = $GLOBALS['_LANG'];
	3359	$smarty = $GLOBALS['smarty'];
	3360	$db = $GLOBALS['db'];
	3361	$ecs = $GLOBALS['ecs'];
	3362	$user_id = $_SESSION['user_id'];
	3363
	3364	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3365
	3366	$tag_words = isset($_GET['tag_words']) ? trim($_GET['tag_words']) : '';
	3367	delete_tag($tag_words, $user_id);
	3368
	3369	ecs_header("Location: user.php?act=tag_list\n");
	3370	exit();
	3371	}
	3372
	3373	/* 显示缺货登记列表 */
	3374	function action_booking_list ()
	3375	{
	3376	$user = $GLOBALS['user'];
	3377	$_CFG = $GLOBALS['_CFG'];
	3378	$_LANG = $GLOBALS['_LANG'];
	3379	$smarty = $GLOBALS['smarty'];
	3380	$db = $GLOBALS['db'];
	3381	$ecs = $GLOBALS['ecs'];
	3382	$user_id = $_SESSION['user_id'];
	3383	$action = $GLOBALS['action'];
	3384
	3385	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3386
	3387	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	3388
	3389	/* 获取缺货登记的数量 */
	3390	$sql = "SELECT COUNT(*) " . "FROM " . $ecs->table('booking_goods') . " AS bg, " . $ecs->table('goods') . " AS g " . "WHERE bg.goods_id = g.goods_id AND user_id = '$user_id'";
	3391	$record_count = $db->getOne($sql);
	3392	$pager = get_pager('user.php', array(
	3393	'act' => $action
	3394	), $record_count, $page);
	3395	// jx 缺货信息添加商家名称和商品图片
	3396	$booking = get_booking_list($user_id, $pager['size'], $pager['start']);
	3397	foreach($booking as $key => $value)
	3398	{
	3399	if($value['supplier_id'] == 0)
	3400	{
	3401	$sql = "SELECT value FROM" . $ecs->table('shop_config') . "WHERE code='shop_name'";
	3402	$booking[$key]['supplier_id'] = $value['supplier_id'];
	3403	$booking[$key]['supplier_name'] = $db->getOne($sql);
	3404	}
	3405	else
	3406	{
	3407	$sql = "SELECT supplier_name FROM " . $ecs->table('supplier') . "WHERE supplier_id='" . $value['supplier_id'] . "'";
	3408	$booking[$key]['supplier_id'] = $value['supplier_id'];
	3409	$booking[$key]['supplier_name'] = $db->getOne($sql);
	3410	}
	3411	}
	3412	$smarty->assign('booking_list', $booking);
	3413	$smarty->assign('pager', $pager);
	3414	$smarty->display('user_clips.dwt');
	3415	}
	3416
	3417	/* 添加缺货登记页面 */
	3418	function action_add_booking ()
	3419	{
	3420	$user = $GLOBALS['user'];
	3421	$_CFG = $GLOBALS['_CFG'];
	3422	$_LANG = $GLOBALS['_LANG'];
	3423	$smarty = $GLOBALS['smarty'];
	3424	$db = $GLOBALS['db'];
	3425	$ecs = $GLOBALS['ecs'];
	3426	$user_id = $_SESSION['user_id'];
	3427
	3428	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3429
	3430	$goods_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	3431	if($goods_id == 0)
	3432	{
	3433	show_message($_LANG['no_goods_id'], $_LANG['back_page_up'], '', 'error');
	3434	}
	3435
	3436	/* 根据规格属性获取货品规格信息 */
	3437	$goods_attr = '';
	3438	if($_GET['spec'] != '')
	3439	{
	3440	$goods_attr_id = $_GET['spec'];
	3441
	3442	$attr_list = array();
	3443	$sql = "SELECT a.attr_name, g.attr_value " . "FROM " . $ecs->table('goods_attr') . " AS g, " . $ecs->table('attribute') . " AS a " . "WHERE g.attr_id = a.attr_id " . "AND g.goods_attr_id " . db_create_in($goods_attr_id);
	3444	$res = $db->query($sql);
	3445	while($row = $db->fetchRow($res))
	3446	{
	3447	$attr_list[] = $row['attr_name'] . ': ' . $row['attr_value'];
	3448	}
	3449	$goods_attr = join(chr(13) . chr(10), $attr_list);
	3450	}
	3451	$smarty->assign('goods_attr', $goods_attr);
	3452
	3453	$smarty->assign('info', get_goodsinfo($goods_id));
	3454	$smarty->display('user_clips.dwt');
	3455	}
	3456
	3457	/* 添加缺货登记的处理 */
	3458	function action_act_add_booking ()
	3459	{
	3460	$user = $GLOBALS['user'];
	3461	$_CFG = $GLOBALS['_CFG'];
	3462	$_LANG = $GLOBALS['_LANG'];
	3463	$smarty = $GLOBALS['smarty'];
	3464	$db = $GLOBALS['db'];
	3465	$ecs = $GLOBALS['ecs'];
	3466	$user_id = $_SESSION['user_id'];
	3467
	3468	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3469
	3470	$booking = array(
	3471	'goods_id' => isset($_POST['id']) ? intval($_POST['id']) : 0, 'goods_amount' => isset($_POST['number']) ? intval($_POST['number']) : 0, 'desc' => isset($_POST['desc']) ? trim($_POST['desc']) : '', 'linkman' => isset($_POST['linkman']) ? trim($_POST['linkman']) : '', 'email' => isset($_POST['email']) ? trim($_POST['email']) : '', 'tel' => isset($_POST['tel']) ? trim($_POST['tel']) : '', 'booking_id' => isset($_POST['rec_id']) ? intval($_POST['rec_id']) : 0
	3472	);
	3473
	3474	// 查看此商品是否已经登记过
	3475	$rec_id = get_booking_rec($user_id, $booking['goods_id']);
	3476	if($rec_id > 0)
	3477	{
	3478	show_message($_LANG['booking_rec_exist'], $_LANG['back_page_up'], '', 'error');
	3479	}
	3480
	3481	if(add_booking($booking))
	3482	{
	3483	show_message($_LANG['booking_success'], $_LANG['back_booking_list'], 'user.php?act=booking_list', 'info');
	3484	}
	3485	else
	3486	{
	3487	$err->show($_LANG['booking_list_lnk'], 'user.php?act=booking_list');
	3488	}
	3489	}
	3490
	3491	/* 删除缺货登记 */
	3492	function action_act_del_booking ()
	3493	{
	3494	$user = $GLOBALS['user'];
	3495	$_CFG = $GLOBALS['_CFG'];
	3496	$_LANG = $GLOBALS['_LANG'];
	3497	$smarty = $GLOBALS['smarty'];
	3498	$db = $GLOBALS['db'];
	3499	$ecs = $GLOBALS['ecs'];
	3500	$user_id = $_SESSION['user_id'];
	3501
	3502	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3503
	3504	$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	3505	if($id == 0 \|\| $user_id == 0)
	3506	{
	3507	ecs_header("Location: user.php?act=booking_list\n");
	3508	exit();
	3509	}
	3510
	3511	$result = delete_booking($id, $user_id);
	3512	if($result)
	3513	{
	3514	ecs_header("Location: user.php?act=booking_list\n");
	3515	exit();
	3516	}
	3517	}
	3518
	3519	/* 确认收货 */
	3520	function action_affirm_received ()
	3521	{
	3522	$user = $GLOBALS['user'];
	3523	$_CFG = $GLOBALS['_CFG'];
	3524	$_LANG = $GLOBALS['_LANG'];
	3525	$smarty = $GLOBALS['smarty'];
	3526	$db = $GLOBALS['db'];
	3527	$ecs = $GLOBALS['ecs'];
	3528	$user_id = $_SESSION['user_id'];
	3529	require_once(ROOT_PATH . '/includes/lib_order.php');
	3530	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	3531
	3532	$order_id = isset($_GET['order_id']) ? intval($_GET['order_id']) : 0;
	3533
	3534	if(affirm_received($order_id, $user_id))
	3535	{
	3536	ecs_header("Location: user.php?act=order_list\n");
	3537	exit();
	3538	}
	3539	else
	3540	{
	3541	$err->show($_LANG['order_list_lnk'], 'user.php?act=order_list');
	3542	}
	3543	}
	3544
	3545	/* 会员退款申请界面 */
	3546	function action_account_raply ()
	3547	{
	3548	$user = $GLOBALS['user'];
	3549	$_CFG = $GLOBALS['_CFG'];
	3550	$_LANG = $GLOBALS['_LANG'];
	3551	$smarty = $GLOBALS['smarty'];
	3552	$db = $GLOBALS['db'];
	3553	$ecs = $GLOBALS['ecs'];
	3554	$user_id = $_SESSION['user_id'];
	3555
	3556	$smarty->display('user_transaction.dwt');
	3557	}
	3558
	3559	/* 会员预付款界面 */
	3560	function action_account_deposit ()
	3561	{
	3562	$user = $GLOBALS['user'];
	3563	$_CFG = $GLOBALS['_CFG'];
	3564	$_LANG = $GLOBALS['_LANG'];
	3565	$smarty = $GLOBALS['smarty'];
	3566	$db = $GLOBALS['db'];
	3567	$ecs = $GLOBALS['ecs'];
	3568	$user_id = $_SESSION['user_id'];
	3569
	3570	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3571
	3572	$surplus_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	3573	$account = get_surplus_info($surplus_id);
	3574
	3575	$smarty->assign('payment', get_online_payment_list(false));
	3576
	3577	$smarty->assign('order', $account);
	3578	$smarty->display('user_transaction.dwt');
	3579	}
	3580
	3581	/* 会员账目明细界面 */
	3582	function action_account_detail ()
	3583	{
	3584	$user = $GLOBALS['user'];
	3585	$_CFG = $GLOBALS['_CFG'];
	3586	$_LANG = $GLOBALS['_LANG'];
	3587	$smarty = $GLOBALS['smarty'];
	3588	$db = $GLOBALS['db'];
	3589	$ecs = $GLOBALS['ecs'];
	3590	$user_id = $_SESSION['user_id'];
	3591	$action = $GLOBALS['action'];
	3592
	3593	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3594
	3595	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	3596
	3597	$account_type = 'user_money';
	3598
	3599	/* 获取记录条数 */
	3600	$sql = "SELECT COUNT(*) FROM " . $ecs->table('account_log') . " WHERE user_id = '$user_id'" . " AND $account_type <> 0 ";
	3601	$record_count = $db->getOne($sql);
	3602
	3603	// 分页函数
	3604	$pager = get_pager('user.php', array(
	3605	'act' => $action
	3606	), $record_count, $page);
	3607
	3608	// 获取花费余额
	3609	//$surplus_amount = get_user_surplus($user_id);
	3610	$surplus_amount = get_user_payed($user_id);
	3611	if(empty($surplus_amount))
	3612	{
	3613	$surplus_amount = 0;
	3614	}
	3615	/* /查看账户明细页面获取会员用户的余额 jx 2015-1-1 */
	3616	$surplus_yue = get_user_yue($user_id);
	3617	if(empty($surplus_yue))
	3618	{
	3619	$surplus_yue = 0;
	3620	}
	3621	// 获取余额记录
	3622	$account_log = array();
	3623	$sql = "SELECT * FROM " . $ecs->table('account_log') . " WHERE user_id = '$user_id'" . " AND $account_type <> 0 " . " ORDER BY log_id DESC";
	3624	$res = $GLOBALS['db']->selectLimit($sql, $pager['size'], $pager['start']);
	3625	while($row = $db->fetchRow($res))
	3626	{
	3627	$row['change_time'] = local_date($_CFG['date_format'], $row['change_time']);
	3628	$row['type'] = $row[$account_type] > 0 ? $_LANG['account_inc'] : $_LANG['account_dec'];
	3629	$row['user_money'] = price_format(abs($row['user_money']), false);
	3630	$row['frozen_money'] = price_format(abs($row['frozen_money']), false);
	3631	$row['rank_points'] = abs($row['rank_points']);
	3632	$row['pay_points'] = abs($row['pay_points']);
	3633	$row['short_change_desc'] = sub_str($row['change_desc'], 60);
	3634	$row['amount'] = $row[$account_type];
	3635	$account_log[] = $row;
	3636	}
	3637
	3638	// 模板赋值
	3639	$smarty->assign('surplus_amount', price_format($surplus_amount, false));
	3640	$smarty->assign('account_log', $account_log);
	3641	$smarty->assign('surplus_yue', $surplus_yue);
	3642	$smarty->assign('pager', $pager);
	3643	$smarty->display('user_transaction.dwt');
	3644	}
	3645
	3646	/* 会员充值和提现申请记录 */
	3647	function action_account_log ()
	3648	{
	3649	$user = $GLOBALS['user'];
	3650	$_CFG = $GLOBALS['_CFG'];
	3651	$_LANG = $GLOBALS['_LANG'];
	3652	$smarty = $GLOBALS['smarty'];
	3653	$db = $GLOBALS['db'];
	3654	$ecs = $GLOBALS['ecs'];
	3655	$user_id = $_SESSION['user_id'];
	3656	$action = $GLOBALS['action'];
	3657
	3658	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3659
	3660	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	3661
	3662	/* 获取记录条数 */
	3663	$sql = "SELECT COUNT(*) FROM " . $ecs->table('user_account') . " WHERE user_id = '$user_id'" . " AND process_type " . db_create_in(array(
	3664	SURPLUS_SAVE, SURPLUS_RETURN
	3665	));
	3666	$record_count = $db->getOne($sql);
	3667
	3668	// 分页函数
	3669	$pager = get_pager('user.php', array(
	3670	'act' => $action
	3671	), $record_count, $page);
	3672	/* /查看账户明细页面获取会员用户的余额 jx 2015-1-1 */
	3673	$surplus_yue = get_user_yue($user_id);
	3674	if(empty($surplus_yue))
	3675	{
	3676	$surplus_yue = 0;
	3677	}
	3678	// 获取花费余额
	3679	$surplus_amount = get_user_payed($user_id);
	3680	if(empty($surplus_amount))
	3681	{
	3682	$surplus_amount = 0;
	3683	}
	3684
	3685	// 获取余额记录
	3686	$account_log = get_account_log($user_id, $pager['size'], $pager['start']);
	3687
	3688	// 模板赋值
	3689	$smarty->assign('surplus_amount',$surplus_amount);
	3690	$smarty->assign('account_log', $account_log);
	3691	$smarty->assign('surplus_yue', $surplus_yue);
	3692	$smarty->assign('pager', $pager);
	3693	$smarty->display('user_transaction.dwt');
	3694	}
	3695
	3696	/* 对会员余额申请的处理 */
	3697	function action_act_account ()
	3698	{
	3699	$user = $GLOBALS['user'];
	3700	$_CFG = $GLOBALS['_CFG'];
	3701	$_LANG = $GLOBALS['_LANG'];
	3702	$smarty = $GLOBALS['smarty'];
	3703	$db = $GLOBALS['db'];
	3704	$ecs = $GLOBALS['ecs'];
	3705	$user_id = $_SESSION['user_id'];
	3706
	3707	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3708	include_once (ROOT_PATH . 'includes/lib_order.php');
	3709	$amount = isset($_POST['amount']) ? floatval($_POST['amount']) : 0;
	3710	if($amount <= 0)
	3711	{
	3712	show_message($_LANG['amount_gt_zero']);
	3713	}
	3714
	3715
	3716	/* 变量初始化 */
	3717	$surplus = array(
	3718	'user_id' => $user_id, 'rec_id' => ! empty($_POST['rec_id']) ? intval($_POST['rec_id']) : 0, 'process_type' => isset($_POST['surplus_type']) ? intval($_POST['surplus_type']) : 0, 'payment_id' => isset($_POST['payment_id']) ? intval($_POST['payment_id']) : 0, 'user_note' => isset($_POST['user_note']) ? trim($_POST['user_note']) : '', 'amount' => $amount
	3719	);
	3720
	3721	$payment_info = payment_info($surplus['payment_id']);
	3722	if($payment_info['pay_code'] == 'alipay_bank')
	3723	{
	3724	$surplus['defaultbank'] = isset($_POST['www_68ecshop_com_bank']) ? trim($_POST['www_68ecshop_com_bank']) : '';
	3725	}
	3726
	3727	/* 退款申请的处理 */
	3728	if($surplus['process_type'] == 1)
	3729	{
	3730	/* 判断是否有足够的余额的进行退款的操作 */
	3731	$sur_amount = get_user_surplus($user_id);
	3732	if($amount > $sur_amount)
	3733	{
	3734	$content = $_LANG['surplus_amount_error'];
	3735	show_message($content, $_LANG['back_page_up'], '', 'info');
	3736	}
	3737
	3738	// 插入会员账目明细
	3739	$amount = '-' . $amount;
	3740	$surplus['payment'] = '';
	3741	$surplus['rec_id'] = insert_user_account($surplus, $amount);
	3742
	3743	/* 如果成功提交 */
	3744	if($surplus['rec_id'] > 0)
	3745	{
	3746	$content = $_LANG['surplus_appl_submit'];
	3747	show_message($content, $_LANG['back_account_log'], 'user.php?act=account_log', 'info');
	3748	}
	3749	else
	3750	{
	3751	$content = $_LANG['process_false'];
	3752	show_message($content, $_LANG['back_page_up'], '', 'info');
	3753	}
	3754	}
	3755	/* 如果是会员预付款，跳转到下一步，进行线上支付的操作 */
	3756	else
	3757	{
	3758	if($surplus['payment_id'] <= 0)
	3759	{
	3760	show_message($_LANG['select_payment_pls']);
	3761	}
	3762
	3763	include_once (ROOT_PATH . 'includes/lib_payment.php');
	3764
	3765	// 获取支付方式名称
	3766	$payment_info = array();
	3767	$payment_info = payment_info($surplus['payment_id']);
	3768	$surplus['payment'] = $payment_info['pay_name'];
	3769
	3770	if($surplus['rec_id'] > 0)
	3771	{
	3772	// 更新会员账目明细
	3773	$surplus['rec_id'] = update_user_account($surplus);
	3774	}
	3775	else
	3776	{
	3777	// 插入会员账目明细
	3778	$surplus['rec_id'] = insert_user_account($surplus, $amount);
	3779	}
	3780
	3781	// 取得支付信息，生成支付代码
	3782	$payment = unserialize_config($payment_info['pay_config']);
	3783
	3784	// 生成伪订单号, 不足的时候补0
	3785	$order = array();
	3786	$order['order_sn'] = $surplus['rec_id'];
	3787	$order['user_name'] = $_SESSION['user_name'];
	3788	$order['surplus_amount'] = $amount;
	3789	$order['defaultbank'] = $surplus['defaultbank'];
	3790	// 计算支付手续费用
	3791	$payment_info['pay_fee'] = pay_fee($surplus['payment_id'], $order['surplus_amount'], 0);
	3792
	3793	// 计算此次预付款需要支付的总金额
	3794	$order['order_amount'] = $amount + $payment_info['pay_fee'];
	3795
	3796	// 记录支付log
	3797	$order['log_id'] = insert_pay_log($surplus['rec_id'], $order['order_amount'], $type = PAY_SURPLUS, 0);
	3798
	3799	/* 调用相应的支付方式文件 */
	3800	include_once (ROOT_PATH . 'includes/modules/payment/' . $payment_info['pay_code'] . '.php');
	3801
	3802	/* 取得在线支付方式的支付按钮 */
	3803	$pay_obj = new $payment_info['pay_code']();
	3804	$payment_info['pay_button'] = $pay_obj->get_code($order, $payment);
	3805
	3806	/* 模板赋值 */
	3807	$smarty->assign('payment', $payment_info);
	3808	$smarty->assign('pay_fee', price_format($payment_info['pay_fee'], false));
	3809	$smarty->assign('amount', price_format($amount, false));
	3810	$smarty->assign('order', $order);
	3811	$smarty->display('user_transaction.dwt');
	3812	}
	3813	}
	3814
	3815	/* 删除会员余额 */
	3816	function action_cancel ()
	3817	{
	3818	$user = $GLOBALS['user'];
	3819	$_CFG = $GLOBALS['_CFG'];
	3820	$_LANG = $GLOBALS['_LANG'];
	3821	$smarty = $GLOBALS['smarty'];
	3822	$db = $GLOBALS['db'];
	3823	$ecs = $GLOBALS['ecs'];
	3824	$user_id = $_SESSION['user_id'];
	3825
	3826	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3827
	3828	$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	3829	if($id == 0 \|\| $user_id == 0)
	3830	{
	3831	ecs_header("Location: user.php?act=account_log\n");
	3832	exit();
	3833	}
	3834
	3835	$result = del_user_account($id, $user_id);
	3836	if($result)
	3837	{
	3838	ecs_header("Location: user.php?act=account_log\n");
	3839	exit();
	3840	}
	3841	}
	3842
	3843	/* 会员通过帐目明细列表进行再付款的操作 */
	3844	function action_pay ()
	3845	{
	3846	$user = $GLOBALS['user'];
	3847	$_CFG = $GLOBALS['_CFG'];
	3848	$_LANG = $GLOBALS['_LANG'];
	3849	$smarty = $GLOBALS['smarty'];
	3850	$db = $GLOBALS['db'];
	3851	$ecs = $GLOBALS['ecs'];
	3852	$user_id = $_SESSION['user_id'];
	3853
	3854	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3855	include_once (ROOT_PATH . 'includes/lib_payment.php');
	3856	include_once (ROOT_PATH . 'includes/lib_order.php');
	3857
	3858	// 变量初始化
	3859	$surplus_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	3860	$payment_id = isset($_GET['pid']) ? intval($_GET['pid']) : 0;
	3861
	3862	if($surplus_id == 0)
	3863	{
	3864	ecs_header("Location: user.php?act=account_log\n");
	3865	exit();
	3866	}
	3867
	3868	// 如果原来的支付方式已禁用或者已删除, 重新选择支付方式
	3869	if($payment_id == 0)
	3870	{
	3871	ecs_header("Location: user.php?act=account_deposit&id=" . $surplus_id . "\n");
	3872	exit();
	3873	}
	3874
	3875	// 获取单条会员帐目信息
	3876	$order = array();
	3877	$order = get_surplus_info($surplus_id);
	3878
	3879	// 支付方式的信息
	3880	$payment_info = array();
	3881	$payment_info = payment_info($payment_id);
	3882
	3883	/* 如果当前支付方式没有被禁用，进行支付的操作 */
	3884	if(! empty($payment_info))
	3885	{
	3886	// 取得支付信息，生成支付代码
	3887	$payment = unserialize_config($payment_info['pay_config']);
	3888
	3889	// 生成伪订单号
	3890	$order['order_sn'] = $surplus_id;
	3891
	3892	// 获取需要支付的log_id
	3893	$order['log_id'] = get_paylog_id($surplus_id, $pay_type = PAY_SURPLUS);
	3894
	3895	$order['user_name'] = $_SESSION['user_name'];
	3896	$order['surplus_amount'] = $order['amount'];
	3897
	3898	// 计算支付手续费用
	3899	$payment_info['pay_fee'] = pay_fee($payment_id, $order['surplus_amount'], 0);
	3900
	3901	// 计算此次预付款需要支付的总金额
	3902	$order['order_amount'] = $order['surplus_amount'] + $payment_info['pay_fee'];
	3903
	3904	// 如果支付费用改变了，也要相应的更改pay_log表的order_amount
	3905	$order_amount = $db->getOne("SELECT order_amount FROM " . $ecs->table('pay_log') . " WHERE log_id = '$order[log_id]'");
	3906	if($order_amount != $order['order_amount'])
	3907	{
	3908	$db->query("UPDATE " . $ecs->table('pay_log') . " SET order_amount = '$order[order_amount]' WHERE log_id = '$order[log_id]'");
	3909	}
	3910
	3911	/* 调用相应的支付方式文件 */
	3912	include_once (ROOT_PATH . 'includes/modules/payment/' . $payment_info['pay_code'] . '.php');
	3913
	3914	/* 取得在线支付方式的支付按钮 */
	3915	$pay_obj = new $payment_info['pay_code']();
	3916	$payment_info['pay_button'] = $pay_obj->get_code($order, $payment);
	3917
	3918	/* 模板赋值 */
	3919	$smarty->assign('payment', $payment_info);
	3920	$smarty->assign('order', $order);
	3921	$smarty->assign('pay_fee', price_format($payment_info['pay_fee'], false));
	3922	$smarty->assign('amount', price_format($order['surplus_amount'], false));
	3923	$smarty->assign('action', 'act_account');
	3924	$smarty->display('user_transaction.dwt');
	3925	}
	3926	/* 重新选择支付方式 */
	3927	else
	3928	{
	3929	include_once (ROOT_PATH . 'includes/lib_clips.php');
	3930
	3931	$smarty->assign('payment', get_online_payment_list());
	3932	$smarty->assign('order', $order);
	3933	$smarty->assign('action', 'account_deposit');
	3934	$smarty->display('user_transaction.dwt');
	3935	}
	3936	}
	3937
	3938	/* 添加标签(ajax) */
	3939	function action_add_tag ()
	3940	{
	3941	$user = $GLOBALS['user'];
	3942	$_CFG = $GLOBALS['_CFG'];
	3943	$_LANG = $GLOBALS['_LANG'];
	3944	$smarty = $GLOBALS['smarty'];
	3945	$db = $GLOBALS['db'];
	3946	$ecs = $GLOBALS['ecs'];
	3947	$user_id = $_SESSION['user_id'];
	3948
	3949	include_once ('includes/cls_json.php');
	3950	include_once ('includes/lib_clips.php');
	3951
	3952	$result = array(
	3953	'error' => 0, 'message' => '', 'content' => ''
	3954	);
	3955	$id = isset($_POST['id']) ? intval($_POST['id']) : 0;
	3956	$tag = isset($_POST['tag']) ? json_str_iconv(trim($_POST['tag'])) : '';
	3957
	3958	if($user_id == 0)
	3959	{
	3960	/* 用户没有登录 */
	3961	$result['error'] = 1;
	3962	$result['message'] = $_LANG['tag_anonymous'];
	3963	}
	3964	else
	3965	{
	3966	add_tag($id, $tag); // 添加tag
	3967	clear_cache_files('goods'); // 删除缓存
	3968
	3969	/* 重新获得该商品的所有缓存 */
	3970	$arr = get_tags($id);
	3971
	3972	foreach($arr as $row)
	3973	{
	3974	$result['content'][] = array(
	3975	'word' => htmlspecialchars($row['tag_words']), 'count' => $row['tag_count']
	3976	);
	3977	}
	3978	}
	3979
	3980	$json = new JSON();
	3981
	3982	echo $json->encode($result);
	3983	exit();
	3984	}
	3985
	3986	/* 添加收藏商品(ajax) */
	3987	function action_collect ()
	3988	{
	3989	$user = $GLOBALS['user'];
	3990	$_CFG = $GLOBALS['_CFG'];
	3991	$_LANG = $GLOBALS['_LANG'];
	3992	$smarty = $GLOBALS['smarty'];
	3993	$db = $GLOBALS['db'];
	3994	$ecs = $GLOBALS['ecs'];
	3995	$user_id = $_SESSION['user_id'];
	3996
	3997	include_once (ROOT_PATH . 'includes/cls_json.php');
	3998	$json = new JSON();
	3999	$result = array(
	4000	'error' => 0, 'message' => ''
	4001	);
	4002	$goods_id = $_GET['id'];
	4003	$result['goods_id'] = $goods_id;
	4004
	4005	if(! isset($_SESSION['user_id']) \|\| $_SESSION['user_id'] == 0)
	4006	{
	4007	$result['error'] = 1;
	4008	$result['message'] = $_LANG['login_please'];
	4009
	4010	die($json->encode($result));
	4011	}
	4012	else
	4013	{
	4014	/* 检查是否已经存在于用户的收藏夹 */
	4015	$sql = "SELECT COUNT(*) FROM " . $GLOBALS['ecs']->table('collect_goods') . " WHERE user_id='$_SESSION[user_id]' AND goods_id = '$goods_id'";
	4016	if($GLOBALS['db']->GetOne($sql) > 0)
	4017	{
	4018	$result['error'] = 1;
	4019	$result['message'] = $GLOBALS['_LANG']['collect_existed'];
	4020	die($json->encode($result));
	4021	}
	4022	else
	4023	{
	4024	$time = gmtime();
	4025	$sql = "INSERT INTO " . $GLOBALS['ecs']->table('collect_goods') . " (user_id, goods_id, add_time)" . "VALUES ('$_SESSION[user_id]', '$goods_id', '$time')";
	4026
	4027	if($GLOBALS['db']->query($sql) === false)
	4028	{
	4029	$result['error'] = 1;
	4030	$result['message'] = $GLOBALS['db']->errorMsg();
	4031	die($json->encode($result));
	4032	}
	4033	else
	4034	{
	4035	$result['error'] = 0;
	4036	$result['message'] = $GLOBALS['_LANG']['collect_success'];
	4037	die($json->encode($result));
	4038	}
	4039	}
	4040	}
	4041	}
	4042
	4043	// 代码添加线上红包_start_cb_20150528
	4044	function action_user_bonus ()
	4045	{
	4046	$user = $GLOBALS['user'];
	4047	$_CFG = $GLOBALS['_CFG'];
	4048	$_LANG = $GLOBALS['_LANG'];
	4049	$smarty = $GLOBALS['smarty'];
	4050	$db = $GLOBALS['db'];
	4051	$ecs = $GLOBALS['ecs'];
	4052	$user_id = $_SESSION['user_id'];
	4053
	4054	include_once (ROOT_PATH . 'includes/cls_json.php');
	4055	$json = new JSON();
	4056	$result = array(
	4057	'error' => 0, 'message' => ''
	4058	);
	4059	$type_id = $_GET['id'];
	4060	$result['type_id'] = $type_id;
	4061	$result['no_have'] = $_GET['no_have'];
	4062
	4063	if(! isset($_SESSION['user_id']) \|\| $_SESSION['user_id'] == 0)
	4064	{
	4065	$result['error'] = 1;
	4066	$result['message'] = $_LANG['login_please'];
	4067	die($json->encode($result));
	4068	}
	4069	else
	4070	{
	4071	$sql = "SELECT COUNT(bonus_type_id) FROM " . $GLOBALS['ecs']->table('user_bonus') . " WHERE user_id='$_SESSION[user_id]' AND bonus_type_id = '$type_id'";
	4072	$u_bonus = $GLOBALS['db']->GetOne($sql);
	4073
	4074	$sql1 = "SELECT user_bonus_max FROM " . $GLOBALS['ecs']->table('bonus_type') . " WHERE type_id = '$type_id'";
	4075	$bonus_max = $db->getOne($sql1);
	4076	if($u_bonus >= $bonus_max)
	4077	{
	4078	$result['error'] = 1;
	4079	$result['message'] = $GLOBALS['_LANG']['u_bonus_existed'];
	4080	die($json->encode($result));
	4081	}
	4082	else
	4083	{
	4084	$sql = "INSERT INTO " . $GLOBALS['ecs']->table('user_bonus') . " (user_id,bonus_type_id)" . "VALUES ('$_SESSION[user_id]', '$type_id')";
	4085
	4086	if($GLOBALS['db']->query($sql) === false)
	4087	{
	4088	$result['error'] = 1;
	4089	$result['message'] = $GLOBALS['db']->errorMsg();
	4090	die($json->encode($result));
	4091	}
	4092	else
	4093	{
	4094	$u_bonus = $u_bonus+1;
	4095	$bonus_max = $bonus_max-$u_bonus;
	4096	$result['error'] = 0;
	4097	$result['message'] = "领取成功，您领取了".$u_bonus ."个红包，还可以领取".$bonus_max."个红包。";
	4098	die($json->encode($result));
	4099	}
	4100	}
	4101	}
	4102	}
	4103
	4104	function action_book_goods (){
	4105	$user = $GLOBALS['user'];
	4106	$_CFG = $GLOBALS['_CFG'];
	4107	$_LANG = $GLOBALS['_LANG'];
	4108	$smarty = $GLOBALS['smarty'];
	4109	$db = $GLOBALS['db'];
	4110	$ecs = $GLOBALS['ecs'];
	4111	$user_id = $_SESSION['user_id'];
	4112
	4113	include_once (ROOT_PATH . 'includes/cls_json.php');
	4114	$json = new JSON();
	4115	$result = array(
	4116	'error' => 0, 'message' => '', 'tel' => '', 'email' => ''
	4117	);
	4118	$goods_id = $_GET['id'];
	4119	$result['goods_id'] = $goods_id;
	4120	$result['no_have'] = $_GET['no_have'];
	4121
	4122	if(! isset($_SESSION['user_id']) \|\| $_SESSION['user_id'] == 0){
	4123	$result['error'] = 99;
	4124	$result['message'] = $_LANG['login_please'];
	4125	die($json->encode($result));
	4126	}else{
	4127	$sql = "SELECT user_id,goods_id FROM " . $GLOBALS['ecs']->table('booking_goods') . " WHERE user_id='$_SESSION[user_id]' AND is_dispose=0 AND goods_id = '$goods_id'";
	4128	$b_goods = $GLOBALS['db']->GetOne($sql);
	4129
	4130	if($b_goods){
	4131	$result['error'] = 0;
	4132	$result['message'] = "您已经登记过了";
	4133	die($json->encode($result));
	4134	}else{
	4135	$sql = "SELECT email,mobile_phone FROM " . $GLOBALS['ecs']->table('users') . " WHERE user_id='$_SESSION[user_id]'";
	4136	$user_msg = $db->getRow($sql);
	4137
	4138	$result['error'] = 1;
	4139	$result['tel'] = $user_msg['mobile_phone'];
	4140	$result['email'] = $user_msg['email'];
	4141	die($json->encode($result));
	4142	}
	4143	}
	4144	}
	4145
	4146	function action_add_book_goods ()
	4147	{
	4148	$user = $GLOBALS['user'];
	4149	$_CFG = $GLOBALS['_CFG'];
	4150	$_LANG = $GLOBALS['_LANG'];
	4151	$smarty = $GLOBALS['smarty'];
	4152	$db = $GLOBALS['db'];
	4153	$ecs = $GLOBALS['ecs'];
	4154	$user_id = $_SESSION['user_id'];
	4155
	4156	include_once (ROOT_PATH . 'includes/cls_json.php');
	4157	$json = new JSON();
	4158	$result = array(
	4159	'error' => 0, 'message' => ''
	4160	);
	4161	$goods_id = $_GET['id'];
	4162	$number = $_GET['num'];
	4163	$tel = $_GET['tel'];
	4164	$email = $_GET['em'];
	4165
	4166	if(! preg_match("/^1(3\|5\|8)[0-9]{1}[0-9]{8}$\|15[0189]{1}[0-9]{8}$\|189[0-9]{8}$/", $tel))
	4167	{
	4168	$result['error'] = 3;
	4169	$result['message'] = "手机格式不正确";
	4170	die($json->encode($result));
	4171	}
	4172	elseif(! preg_match("/^([0-9A-Za-z\\-_\\.]+)@([0-9a-z]+\\.[a-z]{2,3}(\\.[a-z]{2})?)$/i", $email))
	4173	{
	4174	$result['error'] = 4;
	4175	$result['message'] = "邮箱格式不正确";
	4176	die($json->encode($result));
	4177	}
	4178	else
	4179	{
	4180	$time = gmtime();
	4181	$sql = "INSERT INTO " . $ecs->table('booking_goods') . " (user_id,email,tel,goods_id,goods_number,booking_time,link_man) VALUES ('$_SESSION[user_id]','$email','$tel','$goods_id','$number','$time','$_SESSION[user_name]')";
	4182	if($db->query($sql))
	4183	{
	4184	$result['error'] = 2;
	4185	$result['message'] = "登记成功";
	4186	die($json->encode($result));
	4187	}
	4188	else
	4189	{
	4190	$result['error'] = 0;
	4191	$result['message'] = "登记失败";
	4192	die($json->encode($result));
	4193	}
	4194	}
	4195	}
	4196
	4197	/* 刷新是否收藏商品(ajax) */
	4198	function action_re_collect ()
	4199	{
	4200	$user = $GLOBALS['user'];
	4201	$_CFG = $GLOBALS['_CFG'];
	4202	$_LANG = $GLOBALS['_LANG'];
	4203	$smarty = $GLOBALS['smarty'];
	4204	$db = $GLOBALS['db'];
	4205	$ecs = $GLOBALS['ecs'];
	4206	$user_id = $_SESSION['user_id'];
	4207
	4208	include_once (ROOT_PATH . 'includes/cls_json.php');
	4209	$json = new JSON();
	4210	$goods_id = $_GET['id'];
	4211
	4212	if($goods_id > 0)
	4213	{
	4214	$result = array(
	4215	'goods_id' => 0, 'is_collect' => ''
	4216	);
	4217	$sql = "SELECT COUNT(*) FROM " . $GLOBALS['ecs']->table('collect_goods') . " WHERE user_id='$_SESSION[user_id]' AND goods_id = '$goods_id'";
	4218	$result['goods_id'] = $goods_id;
	4219	$result['is_collect'] = ($GLOBALS['db']->getOne($sql) > 0 ? 1 : 0);
	4220	}
	4221	else
	4222	{
	4223	$result = array(
	4224	'goods_id' => 0, 'is_collect' => array()
	4225	);
	4226	$sql = "SELECT goods_id FROM " . $GLOBALS['ecs']->table('collect_goods') . " WHERE user_id='$_SESSION[user_id]'";
	4227	$result['is_collect'] = $GLOBALS['db']->getCol($sql);
	4228	}
	4229	die($json->encode($result));
	4230	}
	4231
	4232	/* 删除留言 */
	4233	function action_del_msg ()
	4234	{
	4235	$user = $GLOBALS['user'];
	4236	$_CFG = $GLOBALS['_CFG'];
	4237	$_LANG = $GLOBALS['_LANG'];
	4238	$smarty = $GLOBALS['smarty'];
	4239	$db = $GLOBALS['db'];
	4240	$ecs = $GLOBALS['ecs'];
	4241	$user_id = $_SESSION['user_id'];
	4242
	4243	$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	4244	$order_id = empty($_GET['order_id']) ? 0 : intval($_GET['order_id']);
	4245
	4246	if($id > 0)
	4247	{
	4248	$sql = 'SELECT user_id, message_img FROM ' . $ecs->table('feedback') . " WHERE msg_id = '$id' LIMIT 1";
	4249	$row = $db->getRow($sql);
	4250	if($row && $row['user_id'] == $user_id)
	4251	{
	4252	/* 验证通过，删除留言，回复，及相应文件 */
	4253	if($row['message_img'])
	4254	{
	4255	@unlink(ROOT_PATH . DATA_DIR . '/feedbackimg/' . $row['message_img']);
	4256	}
	4257	$sql = "DELETE FROM " . $ecs->table('feedback') . " WHERE msg_id = '$id' OR parent_id = '$id'";
	4258	$db->query($sql);
	4259	}
	4260	}
	4261	ecs_header("Location: user.php?act=message_list&order_id=$order_id\n");
	4262	exit();
	4263	}
	4264
	4265	/* 删除评论 */
	4266	function action_del_cmt ()
	4267	{
	4268	$user = $GLOBALS['user'];
	4269	$_CFG = $GLOBALS['_CFG'];
	4270	$_LANG = $GLOBALS['_LANG'];
	4271	$smarty = $GLOBALS['smarty'];
	4272	$db = $GLOBALS['db'];
	4273	$ecs = $GLOBALS['ecs'];
	4274	$user_id = $_SESSION['user_id'];
	4275
	4276	$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	4277	if($id > 0)
	4278	{
	4279	$sql = "DELETE FROM " . $ecs->table('comment') . " WHERE comment_id = '$id' AND user_id = '$user_id'";
	4280	$db->query($sql);
	4281	}
	4282	ecs_header("Location: user.php?act=comment_list\n");
	4283	exit();
	4284	}
	4285
	4286	/* 合并订单 */
	4287	function action_merge_order ()
	4288	{
	4289	$user = $GLOBALS['user'];
	4290	$_CFG = $GLOBALS['_CFG'];
	4291	$_LANG = $GLOBALS['_LANG'];
	4292	$smarty = $GLOBALS['smarty'];
	4293	$db = $GLOBALS['db'];
	4294	$ecs = $GLOBALS['ecs'];
	4295	$user_id = $_SESSION['user_id'];
	4296
	4297	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	4298	include_once (ROOT_PATH . 'includes/lib_order.php');
	4299	$from_order = isset($_POST['from_order']) ? trim($_POST['from_order']) : '';
	4300	$to_order = isset($_POST['to_order']) ? trim($_POST['to_order']) : '';
	4301
	4302	/* 代码增加_start By */
	4303	$sql = "select supplier_id from " . $ecs->table('order_info') . " where order_sn='$from_order' ";
	4304	$supplier_id_from = $db->getOne($sql);
	4305	$sql = "select supplier_id from " . $ecs->table('order_info') . " where order_sn='$to_order' ";
	4306	$supplier_id_to = $db->getOne($sql);
	4307	if($supplier_id_from != $supplier_id_to)
	4308	{
	4309	show_message('由于供货商不同,订单合并失败', $_LANG['order_list_lnk'], 'user.php?act=order_list', 'info');
	4310	}
	4311	/* 代码增加_end By */
	4312
	4313	if(merge_user_order($from_order, $to_order, $user_id))
	4314	{
	4315	show_message($_LANG['merge_order_success'], $_LANG['order_list_lnk'], 'user.php?act=order_list', 'info');
	4316	}
	4317	else
	4318	{
	4319	$err->show($_LANG['order_list_lnk']);
	4320	}
	4321	}
	4322
	4323	/* 将指定订单中商品添加到购物车 */
	4324	function action_return_to_cart ()
	4325	{
	4326	$user = $GLOBALS['user'];
	4327	$_CFG = $GLOBALS['_CFG'];
	4328	$_LANG = $GLOBALS['_LANG'];
	4329	$smarty = $GLOBALS['smarty'];
	4330	$db = $GLOBALS['db'];
	4331	$ecs = $GLOBALS['ecs'];
	4332	$user_id = $_SESSION['user_id'];
	4333
	4334	include_once (ROOT_PATH . 'includes/cls_json.php');
	4335	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	4336	$json = new JSON();
	4337
	4338	$result = array(
	4339	'error' => 0, 'message' => '', 'content' => ''
	4340	);
	4341	$order_id = isset($_POST['order_id']) ? intval($_POST['order_id']) : 0;
	4342	if($order_id == 0)
	4343	{
	4344	$result['error'] = 1;
	4345	$result['message'] = $_LANG['order_id_empty'];
	4346	die($json->encode($result));
	4347	}
	4348
	4349	if($user_id == 0)
	4350	{
	4351	/* 用户没有登录 */
	4352	$result['error'] = 1;
	4353	$result['message'] = $_LANG['login_please'];
	4354	die($json->encode($result));
	4355	}
	4356
	4357	/* 检查订单是否属于该用户 */
	4358	$order_user = $db->getOne("SELECT user_id FROM " . $ecs->table('order_info') . " WHERE order_id = '$order_id'");
	4359	if(empty($order_user))
	4360	{
	4361	$result['error'] = 1;
	4362	$result['message'] = $_LANG['order_exist'];
	4363	die($json->encode($result));
	4364	}
	4365	else
	4366	{
	4367	if($order_user != $user_id)
	4368	{
	4369	$result['error'] = 1;
	4370	$result['message'] = $_LANG['no_priv'];
	4371	die($json->encode($result));
	4372	}
	4373	}
	4374
	4375	$message = return_to_cart($order_id);
	4376
	4377	if($message === true)
	4378	{
	4379	$result['error'] = 0;
	4380	$result['message'] = $_LANG['return_to_cart_success'];
	4381	$result['content'] = insert_cart_info();
	4382	die($json->encode($result));
	4383	}
	4384	else
	4385	{
	4386	$result['error'] = 1;
	4387	$result['message'] = $_LANG['order_exist'];
	4388	die($json->encode($result));
	4389	}
	4390	}
	4391
	4392	/* 编辑使用余额支付的处理 */
	4393	function action_act_edit_surplus ()
	4394	{
	4395	$user = $GLOBALS['user'];
	4396	$_CFG = $GLOBALS['_CFG'];
	4397	$_LANG = $GLOBALS['_LANG'];
	4398	$smarty = $GLOBALS['smarty'];
	4399	$db = $GLOBALS['db'];
	4400	$ecs = $GLOBALS['ecs'];
	4401	$user_id = $_SESSION['user_id'];
	4402
	4403	/* 检查是否登录 */
	4404	if($_SESSION['user_id'] <= 0)
	4405	{
	4406	ecs_header("Location: ./\n");
	4407	exit();
	4408	}
	4409
	4410	/* 检查订单号 */
	4411	$order_id = intval($_POST['order_id']);
	4412	if($order_id <= 0)
	4413	{
	4414	ecs_header("Location: ./\n");
	4415	exit();
	4416	}
	4417
	4418	/* 检查余额 */
	4419	$surplus = floatval($_POST['surplus']);
	4420	if($surplus <= 0)
	4421	{
	4422	$err->add($_LANG['error_surplus_invalid']);
	4423	$err->show($_LANG['order_detail'], 'user.php?act=order_detail&order_id=' . $order_id);
	4424	}
	4425
	4426	include_once (ROOT_PATH . 'includes/lib_order.php');
	4427
	4428	/* 取得订单 */
	4429	$order = order_info($order_id);
	4430	if(empty($order))
	4431	{
	4432	ecs_header("Location: ./\n");
	4433	exit();
	4434	}
	4435
	4436	/* 检查订单用户跟当前用户是否一致 */
	4437	if($_SESSION['user_id'] != $order['user_id'])
	4438	{
	4439	ecs_header("Location: ./\n");
	4440	exit();
	4441	}
	4442
	4443	/* 检查订单是否未付款，检查应付款金额是否大于0 */
	4444	if($order['pay_status'] != PS_UNPAYED \|\| $order['order_amount'] <= 0)
	4445	{
	4446	$err->add($_LANG['error_order_is_paid']);
	4447	$err->show($_LANG['order_detail'], 'user.php?act=order_detail&order_id=' . $order_id);
	4448	}
	4449
	4450	/* 计算应付款金额（减去支付费用） */
	4451	$order['order_amount'] -= $order['pay_fee'];
	4452
	4453	/* 余额是否超过了应付款金额，改为应付款金额 */
	4454	if($surplus > $order['order_amount'])
	4455	{
	4456	$surplus = $order['order_amount'];
	4457	}
	4458
	4459	/* 取得用户信息 */
	4460	$user = user_info($_SESSION['user_id']);
	4461
	4462	/* 用户帐户余额是否足够 */
	4463	if($surplus > $user['user_money'] + $user['credit_line'])
	4464	{
	4465	$err->add($_LANG['error_surplus_not_enough']);
	4466	$err->show($_LANG['order_detail'], 'user.php?act=order_detail&order_id=' . $order_id);
	4467	}
	4468
	4469	/* 修改订单，重新计算支付费用 */
	4470	$order['surplus'] += $surplus;
	4471	$order['order_amount'] -= $surplus;
	4472	if($order['order_amount'] > 0)
	4473	{
	4474	$cod_fee = 0;
	4475	if($order['shipping_id'] > 0)
	4476	{
	4477	$regions = array(
	4478	$order['country'], $order['province'], $order['city'], $order['district']
	4479	);
	4480	$shipping = shipping_area_info($order['shipping_id'], $regions);
	4481	if($shipping['support_cod'] == '1')
	4482	{
	4483	$cod_fee = $shipping['pay_fee'];
	4484	}
	4485	}
	4486
	4487	$pay_fee = 0;
	4488	if($order['pay_id'] > 0)
	4489	{
	4490	$pay_fee = pay_fee($order['pay_id'], $order['order_amount'], $cod_fee);
	4491	}
	4492
	4493	$order['pay_fee'] = $pay_fee;
	4494	$order['order_amount'] += $pay_fee;
	4495	}
	4496
	4497	/* 如果全部支付，设为已确认、已付款 */
	4498	if($order['order_amount'] == 0)
	4499	{
	4500	if($order['order_status'] == OS_UNCONFIRMED)
	4501	{
	4502	$order['order_status'] = OS_CONFIRMED;
	4503	$order['confirm_time'] = gmtime();
	4504	}
	4505	$order['pay_status'] = PS_PAYED;
	4506	$order['pay_time'] = gmtime();
	4507	}
	4508	$order = addslashes_deep($order);
	4509	update_order($order_id, $order);
	4510
	4511	/判断虚拟商品如果是虚拟商品则发放虚拟卡/
	4512	if($order['extension_code'] == 'virtual_good'){
	4513	put_virtual_cart($order_id);
	4514	//修改订单配送状态
	4515	update_order_shipping($order_id);
	4516	}
	4517	/* 更新用户余额 */
	4518	$change_desc = sprintf($_LANG['pay_order_by_surplus'], $order['order_sn']);
	4519	log_account_change($user['user_id'], (- 1) * $surplus, 0, 0, 0, $change_desc);
	4520
	4521	/* 跳转 */
	4522	ecs_header('Location: user.php?act=order_detail&order_id=' . $order_id . "\n");
	4523	exit();
	4524	}
	4525
	4526	/* 编辑使用余额支付的处理 */
	4527	function action_act_edit_payment ()
	4528	{
	4529	$user = $GLOBALS['user'];
	4530	$_CFG = $GLOBALS['_CFG'];
	4531	$_LANG = $GLOBALS['_LANG'];
	4532	$smarty = $GLOBALS['smarty'];
	4533	$db = $GLOBALS['db'];
	4534	$ecs = $GLOBALS['ecs'];
	4535	$user_id = $_SESSION['user_id'];
	4536
	4537	/* 检查是否登录 */
	4538	if($_SESSION['user_id'] <= 0)
	4539	{
	4540	ecs_header("Location: ./\n");
	4541	exit();
	4542	}
	4543	$sql = "SELECT pay_id FROM " . $ecs->table('payment') . " WHERE pay_code = '" . $_POST['pay_code'] . "'";
	4544	$row = $db->getRow($sql);
	4545	/* 检查支付方式 */
	4546	$pay_id = $row['pay_id'];
	4547	if($pay_id <= 0)
	4548	{
	4549	ecs_header("Location: ./\n");
	4550	exit();
	4551	}
	4552
	4553	include_once (ROOT_PATH . 'includes/lib_order.php');
	4554	$payment_info = payment_info($pay_id);
	4555	if(empty($payment_info))
	4556	{
	4557	ecs_header("Location: ./\n");
	4558	exit();
	4559	}
	4560
	4561	/* 检查订单号 */
	4562	$order_id = intval($_POST['order_id']);
	4563	if($order_id <= 0)
	4564	{
	4565	ecs_header("Location: ./\n");
	4566	exit();
	4567	}
	4568
	4569	/* 取得订单 */
	4570	$order = order_info($order_id);
	4571	if(empty($order))
	4572	{
	4573	ecs_header("Location: ./\n");
	4574	exit();
	4575	}
	4576
	4577	/* 检查订单用户跟当前用户是否一致 */
	4578	if($_SESSION['user_id'] != $order['user_id'])
	4579	{
	4580	ecs_header("Location: ./\n");
	4581	exit();
	4582	}
	4583
	4584	/* 检查订单是否未付款和未发货以及订单金额是否为0 和支付id是否为改变 */
	4585	if($order['pay_status'] != PS_UNPAYED \|\| $order['shipping_status'] != SS_UNSHIPPED \|\| $order['goods_amount'] <= 0 \|\| $order['pay_id'] == $pay_id)
	4586	{
	4587	ecs_header("Location: user.php?act=order_detail&order_id=$order_id\n");
	4588	exit();
	4589	}
	4590
	4591	$order_amount = $order['order_amount'] - $order['pay_fee'];
	4592	$pay_fee = pay_fee($pay_id, $order_amount);
	4593	$order_amount += $pay_fee;
	4594
	4595	if($_POST['pay_code'] == 'alipay_bank')
	4596	{
	4597	$defaultbank = $_POST['www_68ecshop_com_bank'];
	4598	$sql = "UPDATE " . $ecs->table('order_info') . " SET pay_id='$pay_id', pay_name='$payment_info[pay_name]', pay_fee='$pay_fee', order_amount='$order_amount', defaultbank='$defaultbank'" . " WHERE order_id = '$order_id'";
	4599	}
	4600	else
	4601	{
	4602	$sql = "UPDATE " . $ecs->table('order_info') . " SET pay_id='$pay_id', pay_name='$payment_info[pay_name]', pay_fee='$pay_fee', order_amount='$order_amount'" . " WHERE order_id = '$order_id'";
	4603	}
	4604
	4605	$db->query($sql);
	4606
	4607	/* 跳转 */
	4608	ecs_header("Location: user.php?act=order_detail&order_id=$order_id\n");
	4609	exit();
	4610	}
	4611
	4612	/* 保存订单详情收货地址 */
	4613	function action_save_order_address ()
	4614	{
	4615	$user = $GLOBALS['user'];
	4616	$_CFG = $GLOBALS['_CFG'];
	4617	$_LANG = $GLOBALS['_LANG'];
	4618	$smarty = $GLOBALS['smarty'];
	4619	$db = $GLOBALS['db'];
	4620	$ecs = $GLOBALS['ecs'];
	4621	$user_id = $_SESSION['user_id'];
	4622
	4623	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	4624
	4625	$address = array(
	4626	'consignee' => isset($_POST['consignee']) ? compile_str(trim($_POST['consignee'])) : '', 'email' => isset($_POST['email']) ? compile_str(trim($_POST['email'])) : '', 'address' => isset($_POST['address']) ? compile_str(trim($_POST['address'])) : '', 'zipcode' => isset($_POST['zipcode']) ? compile_str(make_semiangle(trim($_POST['zipcode']))) : '', 'tel' => isset($_POST['tel']) ? compile_str(trim($_POST['tel'])) : '', 'mobile' => isset($_POST['mobile']) ? compile_str(trim($_POST['mobile'])) : '', 'sign_building' => isset($_POST['sign_building']) ? compile_str(trim($_POST['sign_building'])) : '', 'best_time' => isset($_POST['best_time']) ? compile_str(trim($_POST['best_time'])) : '', 'order_id' => isset($_POST['order_id']) ? intval($_POST['order_id']) : 0
	4627	);
	4628	if(save_order_address($address, $user_id))
	4629	{
	4630	ecs_header('Location: user.php?act=order_detail&order_id=' . $address['order_id'] . "\n");
	4631	exit();
	4632	}
	4633	else
	4634	{
	4635	$err = $GLOBALS['err'];
	4636	if(empty($address['order_id']))
	4637	{
	4638	$err->show($_LANG['order_list_lnk'], 'user.php?act=order_list');
	4639	}
	4640	else
	4641	{
	4642	$err->show($_LANG['order_list_lnk'], 'user.php?act=order_detail&order_id=' . $address['order_id']);
	4643	}
	4644
	4645	}
	4646	}
	4647
	4648	/* 我的红包列表 */
	4649	function action_bonus ()
	4650	{
	4651	$user = $GLOBALS['user'];
	4652	$_CFG = $GLOBALS['_CFG'];
	4653	$_LANG = $GLOBALS['_LANG'];
	4654	$smarty = $GLOBALS['smarty'];
	4655	$db = $GLOBALS['db'];
	4656	$ecs = $GLOBALS['ecs'];
	4657	$user_id = $_SESSION['user_id'];
	4658	$action = $GLOBALS['action'];
	4659
	4660	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	4661
	4662	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	4663	$suppid = isset($_REQUEST['suppid']) ? intval($_REQUEST['suppid']) : - 1;
	4664
	4665	$sql = "SELECT ub.supplier_id, ifnull( ssc.value, '网站自营' ) as suppname
	4666	FROM " . $ecs->table('user_bonus') . " AS ub
	4667	LEFT JOIN " . $ecs->table('supplier_shop_config') . " AS ssc ON ub.supplier_id = ssc.supplier_id
	4668	AND ssc.code = 'shop_name'
	4669	WHERE ub.user_id =" . $user_id . "
	4670	GROUP BY ub.supplier_id";
	4671
	4672	$suppinfo = $db->getAll($sql);
	4673
	4674	$where_suppid = '';
	4675	if($suppid > - 1)
	4676	{
	4677	$where_suppid = " AND supplier_id=" . $suppid;
	4678	}
	4679
	4680	$smarty->assign('suppinfo', $suppinfo);
	4681
	4682	$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('user_bonus') . " WHERE user_id = '$user_id'" . $where_suppid);
	4683
	4684	$pager = get_pager('user.php', array(
	4685	'act' => $action, 'suppid' => $suppid
	4686	), $record_count, $page, 16);
	4687	$bonus = get_user_bouns_list($user_id, $pager['size'], $pager['start'], $suppid);
	4688
	4689	$smarty->assign('pager', $pager);
	4690	$smarty->assign('bonus', $bonus);
	4691	$smarty->display('user_transaction.dwt');
	4692	}
	4693
	4694	/* 我的团购列表 */
	4695	function action_group_buy ()
	4696	{
	4697	$user = $GLOBALS['user'];
	4698	$_CFG = $GLOBALS['_CFG'];
	4699	$_LANG = $GLOBALS['_LANG'];
	4700	$smarty = $GLOBALS['smarty'];
	4701	$db = $GLOBALS['db'];
	4702	$ecs = $GLOBALS['ecs'];
	4703	$user_id = $_SESSION['user_id'];
	4704
	4705	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	4706
	4707	// 待议
	4708	$smarty->display('user_transaction.dwt');
	4709	}
	4710
	4711	/* 团购订单详情 */
	4712	function action_group_buy_detail ()
	4713	{
	4714	$user = $GLOBALS['user'];
	4715	$_CFG = $GLOBALS['_CFG'];
	4716	$_LANG = $GLOBALS['_LANG'];
	4717	$smarty = $GLOBALS['smarty'];
	4718	$db = $GLOBALS['db'];
	4719	$ecs = $GLOBALS['ecs'];
	4720	$user_id = $_SESSION['user_id'];
	4721
	4722	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	4723
	4724	// 待议
	4725	$smarty->display('user_transaction.dwt');
	4726	}
	4727
	4728	// 用户推荐页面
	4729	function action_affiliate ()
	4730	{
	4731	$user = $GLOBALS['user'];
	4732	$_CFG = $GLOBALS['_CFG'];
	4733	$_LANG = $GLOBALS['_LANG'];
	4734	$smarty = $GLOBALS['smarty'];
	4735	$db = $GLOBALS['db'];
	4736	$ecs = $GLOBALS['ecs'];
	4737	$user_id = $_SESSION['user_id'];
	4738	$affiliate = unserialize($GLOBALS['_CFG']['affiliate']);
	4739
	4740	$goodsid = intval(isset($_REQUEST['goodsid']) ? $_REQUEST['goodsid'] : 0);
	4741	if(empty($goodsid))
	4742	{
	4743	// 我的推荐页面
	4744
	4745	$page = ! empty($_REQUEST['page']) && intval($_REQUEST['page']) > 0 ? intval($_REQUEST['page']) : 1;
	4746	$size = ! empty($_CFG['page_size']) && intval($_CFG['page_size']) > 0 ? intval($_CFG['page_size']) : 10;
	4747
	4748	empty($affiliate) && $affiliate = array();
	4749
	4750	if(empty($affiliate['config']['separate_by']))
	4751	{
	4752	// 推荐注册分成
	4753	$affdb = array();
	4754	$num = count($affiliate['item']);
	4755	$up_uid = "'$user_id'";
	4756	$all_uid = "'$user_id'";
	4757	for($i = 1; $i <= $num; $i ++)
	4758	{
	4759	$count = 0;
	4760	if($up_uid)
	4761	{
	4762	$sql = "SELECT user_id FROM " . $ecs->table('users') . " WHERE parent_id IN($up_uid)";
	4763	$query = $db->query($sql);
	4764	$up_uid = '';
	4765	while($rt = $db->fetch_array($query))
	4766	{
	4767	$up_uid .= $up_uid ? ",'$rt[user_id]'" : "'$rt[user_id]'";
	4768	if($i < $num)
	4769	{
	4770	$all_uid .= ", '$rt[user_id]'";
	4771	}
	4772	$count ++;
	4773	}
	4774	}
	4775	$affdb[$i]['num'] = $count;
	4776	$affdb[$i]['point'] = $affiliate['item'][$i - 1]['level_point'];
	4777	$affdb[$i]['money'] = $affiliate['item'][$i - 1]['level_money'];
	4778	}
	4779	$smarty->assign('affdb', $affdb);
	4780
	4781	$sqlcount = "SELECT count(*) FROM " . $ecs->table('order_info') . " o" . " LEFT JOIN" . $ecs->table('users') . " u ON o.user_id = u.user_id" . " LEFT JOIN " . $ecs->table('affiliate_log') . " a ON o.order_id = a.order_id" . " WHERE o.user_id > 0 AND (u.parent_id IN ($all_uid) AND o.is_separate = 0 OR a.user_id = '$user_id' AND o.is_separate > 0)";
	4782
	4783	$sql = "SELECT o.*, a.log_id, a.user_id as suid, a.user_name as auser, a.money, a.point, a.separate_type FROM " . $ecs->table('order_info') . " o" . " LEFT JOIN" . $ecs->table('users') . " u ON o.user_id = u.user_id" . " LEFT JOIN " . $ecs->table('affiliate_log') . " a ON o.order_id = a.order_id" . " WHERE o.user_id > 0 AND (u.parent_id IN ($all_uid) AND o.is_separate = 0 OR a.user_id = '$user_id' AND o.is_separate > 0)" . " ORDER BY order_id DESC";
	4784
	4785	/*
	4786	* SQL解释：
	4787	*
	4788	* 订单、用户、分成记录关联
	4789	* 一个订单可能有多个分成记录
	4790	*
	4791	* 1、订单有效 o.user_id > 0
	4792	* 2、满足以下之一：
	4793	* a.直接下线的未分成订单 u.parent_id IN ($all_uid) AND o.is_separate = 0
	4794	* 其中$all_uid为该ID及其下线(不包含最后一层下线)
	4795	* b.全部已分成订单 a.user_id = '$user_id' AND o.is_separate > 0
	4796	*
	4797	*/
	4798
	4799	$affiliate_intro = nl2br(sprintf($_LANG['affiliate_intro'][$affiliate['config']['separate_by']], $affiliate['config']['expire'], $_LANG['expire_unit'][$affiliate['config']['expire_unit']], $affiliate['config']['level_register_all'], $affiliate['config']['level_register_up'], $affiliate['config']['level_money_all'], $affiliate['config']['level_point_all']));
	4800	}
	4801	else
	4802	{
	4803	// 推荐订单分成
	4804	$sqlcount = "SELECT count(*) FROM " . $ecs->table('order_info') . " o" . " LEFT JOIN" . $ecs->table('users') . " u ON o.user_id = u.user_id" . " LEFT JOIN " . $ecs->table('affiliate_log') . " a ON o.order_id = a.order_id" . " WHERE o.user_id > 0 AND (o.parent_id = '$user_id' AND o.is_separate = 0 OR a.user_id = '$user_id' AND o.is_separate > 0)";
	4805
	4806	$sql = "SELECT o.*, a.log_id,a.user_id as suid, a.user_name as auser, a.money, a.point, a.separate_type,u.parent_id as up FROM " . $ecs->table('order_info') . " o" . " LEFT JOIN" . $ecs->table('users') . " u ON o.user_id = u.user_id" . " LEFT JOIN " . $ecs->table('affiliate_log') . " a ON o.order_id = a.order_id" . " WHERE o.user_id > 0 AND (o.parent_id = '$user_id' AND o.is_separate = 0 OR a.user_id = '$user_id' AND o.is_separate > 0)" . " ORDER BY order_id DESC";
	4807
	4808	/*
	4809	* SQL解释：
	4810	*
	4811	* 订单、用户、分成记录关联
	4812	* 一个订单可能有多个分成记录
	4813	*
	4814	* 1、订单有效 o.user_id > 0
	4815	* 2、满足以下之一：
	4816	* a.订单下线的未分成订单 o.parent_id = '$user_id' AND o.is_separate = 0
	4817	* b.全部已分成订单 a.user_id = '$user_id' AND o.is_separate > 0
	4818	*
	4819	*/
	4820	$affiliate_intro = nl2br(sprintf($_LANG['affiliate_intro'][$affiliate['config']['separate_by']], $affiliate['config']['expire'], $_LANG['expire_unit'][$affiliate['config']['expire_unit']], $affiliate['config']['level_money_all'], $affiliate['config']['level_point_all']));
	4821	}
	4822
	4823	$count = $db->getOne($sqlcount);
	4824
	4825	$max_page = ($count > 0) ? ceil($count / $size) : 1;
	4826	if($page > $max_page)
	4827	{
	4828	$page = $max_page;
	4829	}
	4830
	4831	$res = $db->SelectLimit($sql, $size, ($page - 1) * $size);
	4832	$logdb = array();
	4833	while($rt = $GLOBALS['db']->fetchRow($res))
	4834	{
	4835	if(! empty($rt['suid']))
	4836	{
	4837	// 在affiliate_log有记录
	4838	if($rt['separate_type'] == - 1 \|\| $rt['separate_type'] == - 2)
	4839	{
	4840	// 已被撤销
	4841	$rt['is_separate'] = 3;
	4842	}
	4843	}
	4844	$rt['order_sn'] = substr($rt['order_sn'], 0, strlen($rt['order_sn']) - 5) . "***" . substr($rt['order_sn'], - 2, 2);
	4845	$logdb[] = $rt;
	4846	}
	4847
	4848	$url_format = "user.php?act=affiliate&page=";
	4849
	4850	$pager = array(
	4851	'page' => $page, 'size' => $size, 'sort' => '', 'order' => '', 'record_count' => $count, 'page_count' => $max_page, 'page_first' => $url_format . '1', 'page_prev' => $page > 1 ? $url_format . ($page - 1) : "javascript:;", 'page_next' => $page < $max_page ? $url_format . ($page + 1) : "javascript:;", 'page_last' => $url_format . $max_page, 'array' => array()
	4852	);
	4853	for($i = 1; $i <= $max_page; $i ++)
	4854	{
	4855	$pager['array'][$i] = $i;
	4856	}
	4857
	4858	$smarty->assign('url_format', $url_format);
	4859	$smarty->assign('pager', $pager);
	4860
	4861	$smarty->assign('affiliate_intro', $affiliate_intro);
	4862
	4863
	4864	$smarty->assign('affiliate_type', $affiliate['config']['separate_by']);
	4865
	4866	$smarty->assign('logdb', $logdb);
	4867	}
	4868	else
	4869	{
	4870	// 单个商品推荐
	4871	$smarty->assign('userid', $user_id);
	4872	$smarty->assign('goodsid', $goodsid);
	4873
	4874	$types = array(
	4875	1, 2, 3, 4, 5
	4876	);
	4877	$smarty->assign('types', $types);
	4878
	4879	$goods = get_goods_info($goodsid);
	4880	$shopurl = $ecs->url();
	4881	$goods['goods_img'] = (strpos($goods['goods_img'], 'http://') === false && strpos($goods['goods_img'], 'https://') === false) ? $shopurl . $goods['goods_img'] : $goods['goods_img'];
	4882	$goods['goods_thumb'] = (strpos($goods['goods_thumb'], 'http://') === false && strpos($goods['goods_thumb'], 'https://') === false) ? $shopurl . $goods['goods_thumb'] : $goods['goods_thumb'];
	4883	$goods['shop_price'] = price_format($goods['shop_price']);
	4884
	4885	$smarty->assign('goods', $goods);
	4886	}
	4887	$affiliate['on'] = 1;
	4888	$recomm = 1;
	4889	//file_put_contents('./33$affiliate.txt',var_export($affiliate,true));
	4890	//file_put_contents('./33$recomm.txt',var_export($recomm,true));
	4891	$smarty->assign('shopname', $_CFG['shop_name']);
	4892	$smarty->assign('userid', $user_id);
	4893	$smarty->assign('shopurl', $ecs->url());
	4894	$smarty->assign('logosrc', 'themes/' . $_CFG['template'] . '/images/logo.gif');
	4895	$smarty->assign('recomm', $recomm);
	4896	$smarty->assign('affiliate', $affiliate);
	4897
	4898	$smarty->display('user_clips.dwt');
	4899	}
	4900
	4901	// 首页邮件订阅ajax操做和验证操作
	4902	function action_email_list ()
	4903	{
	4904	$user = $GLOBALS['user'];
	4905	$_CFG = $GLOBALS['_CFG'];
	4906	$_LANG = $GLOBALS['_LANG'];
	4907	$smarty = $GLOBALS['smarty'];
	4908	$db = $GLOBALS['db'];
	4909	$ecs = $GLOBALS['ecs'];
	4910	$user_id = $_SESSION['user_id'];
	4911
	4912	$job = $_GET['job'];
	4913
	4914	if($job == 'add' \|\| $job == 'del')
	4915	{
	4916	if(isset($_SESSION['last_email_query']))
	4917	{
	4918	if(time() - $_SESSION['last_email_query'] <= 30)
	4919	{
	4920	die($_LANG['order_query_toofast']);
	4921	}
	4922	}
	4923	$_SESSION['last_email_query'] = time();
	4924	}
	4925
	4926	$email = trim($_GET['email']);
	4927	$email = htmlspecialchars($email);
	4928
	4929	if(! is_email($email))
	4930	{
	4931	$info = sprintf($_LANG['email_invalid'], $email);
	4932	die($info);
	4933	}
	4934	$ck = $db->getRow("SELECT * FROM " . $ecs->table('email_list') . " WHERE email = '$email'");
	4935	if($job == 'add')
	4936	{
	4937	if(empty($ck))
	4938	{
	4939	$hash = substr(md5(time()), 1, 10);
	4940	$sql = "INSERT INTO " . $ecs->table('email_list') . " (email, stat, hash) VALUES ('$email', 0, '$hash')";
	4941	$db->query($sql);
	4942	$info = $_LANG['email_check'];
	4943	$url = $ecs->url() . "user.php?act=email_list&job=add_check&hash=$hash&email=$email";
	4944	send_mail('', $email, $_LANG['check_mail'], sprintf($_LANG['check_mail_content'], $email, $_CFG['shop_name'], $url, $url, $_CFG['shop_name'], local_date('Y-m-d')), 1);
	4945	}
	4946	elseif($ck['stat'] == 1)
	4947	{
	4948	$info = sprintf($_LANG['email_alreadyin_list'], $email);
	4949	}
	4950	else
	4951	{
	4952	$hash = substr(md5(time()), 1, 10);
	4953	$sql = "UPDATE " . $ecs->table('email_list') . "SET hash = '$hash' WHERE email = '$email'";
	4954	$db->query($sql);
	4955	$info = $_LANG['email_re_check'];
	4956	$url = $ecs->url() . "user.php?act=email_list&job=add_check&hash=$hash&email=$email";
	4957	send_mail('', $email, $_LANG['check_mail'], sprintf($_LANG['check_mail_content'], $email, $_CFG['shop_name'], $url, $url, $_CFG['shop_name'], local_date('Y-m-d')), 1);
	4958	}
	4959	die($info);
	4960	}
	4961	elseif($job == 'del')
	4962	{
	4963	if(empty($ck))
	4964	{
	4965	$info = sprintf($_LANG['email_notin_list'], $email);
	4966	}
	4967	elseif($ck['stat'] == 1)
	4968	{
	4969	$hash = substr(md5(time()), 1, 10);
	4970	$sql = "UPDATE " . $ecs->table('email_list') . "SET hash = '$hash' WHERE email = '$email'";
	4971	$db->query($sql);
	4972	$info = $_LANG['email_check'];
	4973	$url = $ecs->url() . "user.php?act=email_list&job=del_check&hash=$hash&email=$email";
	4974	send_mail('', $email, $_LANG['check_mail'], sprintf($_LANG['check_mail_content'], $email, $_CFG['shop_name'], $url, $url, $_CFG['shop_name'], local_date('Y-m-d')), 1);
	4975	}
	4976	else
	4977	{
	4978	$info = $_LANG['email_not_alive'];
	4979	}
	4980	die($info);
	4981	}
	4982	elseif($job == 'add_check')
	4983	{
	4984	if(empty($ck))
	4985	{
	4986	$info = sprintf($_LANG['email_notin_list'], $email);
	4987	}
	4988	elseif($ck['stat'] == 1)
	4989	{
	4990	$info = $_LANG['email_checked'];
	4991	}
	4992	else
	4993	{
	4994	if($_GET['hash'] == $ck['hash'])
	4995	{
	4996	$sql = "UPDATE " . $ecs->table('email_list') . "SET stat = 1 WHERE email = '$email'";
	4997	$db->query($sql);
	4998	$info = $_LANG['email_checked'];
	4999	}
	5000	else
	5001	{
	5002	$info = $_LANG['hash_wrong'];
	5003	}
	5004	}
	5005	show_message($info, $_LANG['back_home_lnk'], 'index.php');
	5006	}
	5007	elseif($job == 'del_check')
	5008	{
	5009	if(empty($ck))
	5010	{
	5011	$info = sprintf($_LANG['email_invalid'], $email);
	5012	}
	5013	elseif($ck['stat'] == 1)
	5014	{
	5015	if($_GET['hash'] == $ck['hash'])
	5016	{
	5017	$sql = "DELETE FROM " . $ecs->table('email_list') . "WHERE email = '$email'";
	5018	$db->query($sql);
	5019	$info = $_LANG['email_canceled'];
	5020	}
	5021	else
	5022	{
	5023	$info = $_LANG['hash_wrong'];
	5024	}
	5025	}
	5026	else
	5027	{
	5028	$info = $_LANG['email_not_alive'];
	5029	}
	5030	show_message($info, $_LANG['back_home_lnk'], 'index.php');
	5031	}
	5032	}
	5033
	5034	/* ajax 发送验证邮件 */
	5035	function action_send_hash_mail ()
	5036	{
	5037	$user = $GLOBALS['user'];
	5038	$_CFG = $GLOBALS['_CFG'];
	5039	$_LANG = $GLOBALS['_LANG'];
	5040	$smarty = $GLOBALS['smarty'];
	5041	$db = $GLOBALS['db'];
	5042	$ecs = $GLOBALS['ecs'];
	5043	$user_id = $_SESSION['user_id'];
	5044
	5045	include_once (ROOT_PATH . 'includes/cls_json.php');
	5046	include_once (ROOT_PATH . 'includes/lib_passport.php');
	5047	$json = new JSON();
	5048
	5049	$result = array(
	5050	'error' => 0, 'message' => '', 'content' => ''
	5051	);
	5052
	5053	if($user_id == 0)
	5054	{
	5055	/* 用户没有登录 */
	5056	$result['error'] = 1;
	5057	$result['message'] = $_LANG['login_please'];
	5058	die($json->encode($result));
	5059	}
	5060
	5061	if(send_regiter_hash($user_id))
	5062	{
	5063	$result['message'] = $_LANG['validate_mail_ok'];
	5064	die($json->encode($result));
	5065	}
	5066	else
	5067	{
	5068	$result['error'] = 1;
	5069	$result['message'] = $GLOBALS['err']->last_message();
	5070	}
	5071
	5072	die($json->encode($result));
	5073	}
	5074
	5075	function action_track_packages ()
	5076	{
	5077	$user = $GLOBALS['user'];
	5078	$_CFG = $GLOBALS['_CFG'];
	5079	$_LANG = $GLOBALS['_LANG'];
	5080	$smarty = $GLOBALS['smarty'];
	5081	$db = $GLOBALS['db'];
	5082	$ecs = $GLOBALS['ecs'];
	5083	$user_id = $_SESSION['user_id'];
	5084	$action = $GLOBALS['action'];
	5085
	5086	include_once (ROOT_PATH . 'includes/lib_transaction.php');
	5087	include_once (ROOT_PATH . 'includes/lib_order.php');
	5088
	5089	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	5090
	5091	$orders = array();
	5092
	5093	$sql = "SELECT order_id,order_sn,invoice_no,shipping_id FROM " . $ecs->table('order_info') . " WHERE user_id = '$user_id' AND shipping_status = '" . SS_SHIPPED . "'";
	5094	$res = $db->query($sql);
	5095	$record_count = 0;
	5096	while($item = $db->fetch_array($res))
	5097	{
	5098	$shipping = get_shipping_object($item['shipping_id']);
	5099
	5100	if(method_exists($shipping, 'query'))
	5101	{
	5102	$query_link = $shipping->query($item['invoice_no']);
	5103	}
	5104	else
	5105	{
	5106	$query_link = $item['invoice_no'];
	5107	}
	5108
	5109	if($query_link != $item['invoice_no'])
	5110	{
	5111	$item['query_link'] = $query_link;
	5112	$orders[] = $item;
	5113	$record_count += 1;
	5114	}
	5115	}
	5116	$pager = get_pager('user.php', array(
	5117	'act' => $action
	5118	), $record_count, $page);
	5119	$smarty->assign('pager', $pager);
	5120	$smarty->assign('orders', $orders);
	5121	$smarty->display('user_transaction.dwt');
	5122	}
	5123
	5124	function action_order_query ()
	5125	{
	5126	$user = $GLOBALS['user'];
	5127	$_CFG = $GLOBALS['_CFG'];
	5128	$_LANG = $GLOBALS['_LANG'];
	5129	$smarty = $GLOBALS['smarty'];
	5130	$db = $GLOBALS['db'];
	5131	$ecs = $GLOBALS['ecs'];
	5132	$user_id = $_SESSION['user_id'];
	5133
	5134	$_GET['order_sn'] = trim(substr($_GET['order_sn'], 1));
	5135	$order_sn = empty($_GET['order_sn']) ? '' : addslashes($_GET['order_sn']);
	5136	include_once (ROOT_PATH . 'includes/cls_json.php');
	5137	$json = new JSON();
	5138
	5139	$result = array(
	5140	'error' => 0, 'message' => '', 'content' => ''
	5141	);
	5142
	5143	if(isset($_SESSION['last_order_query']))
	5144	{
	5145	if(time() - $_SESSION['last_order_query'] <= 10)
	5146	{
	5147	$result['error'] = 1;
	5148	$result['message'] = $_LANG['order_query_toofast'];
	5149	die($json->encode($result));
	5150	}
	5151	}
	5152	$_SESSION['last_order_query'] = time();
	5153
	5154	if(empty($order_sn))
	5155	{
	5156	$result['error'] = 1;
	5157	$result['message'] = $_LANG['invalid_order_sn'];
	5158	die($json->encode($result));
	5159	}
	5160
	5161	$sql = "SELECT order_id, order_status, shipping_status, pay_status, " . " shipping_time, shipping_id, invoice_no, user_id " . " FROM " . $ecs->table('order_info') . " WHERE order_sn = '$order_sn' LIMIT 1";
	5162
	5163	$row = $db->getRow($sql);
	5164	if(empty($row))
	5165	{
	5166	$result['error'] = 1;
	5167	$result['message'] = $_LANG['invalid_order_sn'];
	5168	die($json->encode($result));
	5169	}
	5170
	5171	$order_query = array();
	5172	$order_query['order_sn'] = $order_sn;
	5173	$order_query['order_id'] = $row['order_id'];
	5174	$order_query['order_status'] = $_LANG['os'][$row['order_status']] . ',' . $_LANG['ps'][$row['pay_status']] . ',' . $_LANG['ss'][$row['shipping_status']];
	5175
	5176	if($row['invoice_no'] && $row['shipping_id'] > 0)
	5177	{
	5178	$sql = "SELECT shipping_code FROM " . $ecs->table('shipping') . " WHERE shipping_id = '$row[shipping_id]'";
	5179	$shipping_code = $db->getOne($sql);
	5180	$plugin = ROOT_PATH . 'includes/modules/shipping/' . $shipping_code . '.php';
	5181	if(file_exists($plugin))
	5182	{
	5183	include_once ($plugin);
	5184	$shipping = new $shipping_code();
	5185	$order_query['invoice_no'] = $shipping->query((string)$row['invoice_no']);
	5186	}
	5187	else
	5188	{
	5189	$order_query['invoice_no'] = (string)$row['invoice_no'];
	5190	}
	5191	}
	5192
	5193	$order_query['user_id'] = $row['user_id'];
	5194	/* 如果是匿名用户显示发货时间 */
	5195	if($row['user_id'] == 0 && $row['shipping_time'] > 0)
	5196	{
	5197	$order_query['shipping_date'] = local_date($GLOBALS['_CFG']['date_format'], $row['shipping_time']);
	5198	}
	5199	$smarty->assign('order_query', $order_query);
	5200	$result['content'] = $smarty->fetch('library/order_query.lbi');
	5201	die($json->encode($result));
	5202	}
	5203
	5204	function action_transform_points ()
	5205	{
	5206	$user = $GLOBALS['user'];
	5207	$_CFG = $GLOBALS['_CFG'];
	5208	$_LANG = $GLOBALS['_LANG'];
	5209	$smarty = $GLOBALS['smarty'];
	5210	$db = $GLOBALS['db'];
	5211	$ecs = $GLOBALS['ecs'];
	5212	$user_id = $_SESSION['user_id'];
	5213	$action = $GLOBALS['action'];
	5214
	5215	$rule = array();
	5216	if(! empty($_CFG['points_rule']))
	5217	{
	5218	$rule = unserialize($_CFG['points_rule']);
	5219	}
	5220	$cfg = array();
	5221	if(! empty($_CFG['integrate_config']))
	5222	{
	5223	$cfg = unserialize($_CFG['integrate_config']);
	5224	$_LANG['exchange_points'][0] = empty($cfg['uc_lang']['credits'][0][0]) ? $_LANG['exchange_points'][0] : $cfg['uc_lang']['credits'][0][0];
	5225	$_LANG['exchange_points'][1] = empty($cfg['uc_lang']['credits'][1][0]) ? $_LANG['exchange_points'][1] : $cfg['uc_lang']['credits'][1][0];
	5226	}
	5227	$sql = "SELECT user_id, user_name, pay_points, rank_points FROM " . $ecs->table('users') . " WHERE user_id='$user_id'";
	5228	$row = $db->getRow($sql);
	5229	if($_CFG['integrate_code'] == 'ucenter')
	5230	{
	5231	$exchange_type = 'ucenter';
	5232	$to_credits_options = array();
	5233	$out_exchange_allow = array();
	5234	foreach($rule as $credit)
	5235	{
	5236	$out_exchange_allow[$credit['appiddesc'] . '\|' . $credit['creditdesc'] . '\|' . $credit['creditsrc']] = $credit['ratio'];
	5237	if(! array_key_exists($credit['appiddesc'] . '\|' . $credit['creditdesc'], $to_credits_options))
	5238	{
	5239	$to_credits_options[$credit['appiddesc'] . '\|' . $credit['creditdesc']] = $credit['title'];
	5240	}
	5241	}
	5242	$smarty->assign('selected_org', $rule[0]['creditsrc']);
	5243	$smarty->assign('selected_dst', $rule[0]['appiddesc'] . '\|' . $rule[0]['creditdesc']);
	5244	$smarty->assign('descreditunit', $rule[0]['unit']);
	5245	$smarty->assign('orgcredittitle', $_LANG['exchange_points'][$rule[0]['creditsrc']]);
	5246	$smarty->assign('descredittitle', $rule[0]['title']);
	5247	$smarty->assign('descreditamount', round((1 / $rule[0]['ratio']), 2));
	5248	$smarty->assign('to_credits_options', $to_credits_options);
	5249	$smarty->assign('out_exchange_allow', $out_exchange_allow);
	5250	}
	5251	else
	5252	{
	5253	$exchange_type = 'other';
	5254
	5255	$bbs_points_name = $user->get_points_name();
	5256	$total_bbs_points = $user->get_points($row['user_name']);
	5257
	5258	/* 论坛积分 */
	5259	$bbs_points = array();
	5260	foreach($bbs_points_name as $key => $val)
	5261	{
	5262	$bbs_points[$key] = array(
	5263	'title' => $_LANG['bbs'] . $val['title'], 'value' => $total_bbs_points[$key]
	5264	);
	5265	}
	5266
	5267	/* 兑换规则 */
	5268	$rule_list = array();
	5269	foreach($rule as $key => $val)
	5270	{
	5271	$rule_key = substr($key, 0, 1);
	5272	$bbs_key = substr($key, 1);
	5273	$rule_list[$key]['rate'] = $val;
	5274	switch($rule_key)
	5275	{
	5276	case TO_P:
	5277	$rule_list[$key]['from'] = $_LANG['bbs'] . $bbs_points_name[$bbs_key]['title'];
	5278	$rule_list[$key]['to'] = $_LANG['pay_points'];
	5279	break;
	5280	case TO_R:
	5281	$rule_list[$key]['from'] = $_LANG['bbs'] . $bbs_points_name[$bbs_key]['title'];
	5282	$rule_list[$key]['to'] = $_LANG['rank_points'];
	5283	break;
	5284	case FROM_P:
	5285	$rule_list[$key]['from'] = $_LANG['pay_points'];
	5286	$_LANG['bbs'] . $bbs_points_name[$bbs_key]['title'];
	5287	$rule_list[$key]['to'] = $_LANG['bbs'] . $bbs_points_name[$bbs_key]['title'];
	5288	break;
	5289	case FROM_R:
	5290	$rule_list[$key]['from'] = $_LANG['rank_points'];
	5291	$rule_list[$key]['to'] = $_LANG['bbs'] . $bbs_points_name[$bbs_key]['title'];
	5292	break;
	5293	}
	5294	}
	5295	$smarty->assign('bbs_points', $bbs_points);
	5296	$smarty->assign('rule_list', $rule_list);
	5297	}
	5298	$smarty->assign('shop_points', $row);
	5299	$smarty->assign('exchange_type', $exchange_type);
	5300	$smarty->assign('action', $action);
	5301	$smarty->assign('lang', $_LANG);
	5302	$smarty->display('user_transaction.dwt');
	5303	}
	5304
	5305	function action_act_transform_points ()
	5306	{
	5307	$user = $GLOBALS['user'];
	5308	$_CFG = $GLOBALS['_CFG'];
	5309	$_LANG = $GLOBALS['_LANG'];
	5310	$smarty = $GLOBALS['smarty'];
	5311	$db = $GLOBALS['db'];
	5312	$ecs = $GLOBALS['ecs'];
	5313	$user_id = $_SESSION['user_id'];
	5314
	5315	$rule_index = empty($_POST['rule_index']) ? '' : trim($_POST['rule_index']);
	5316	$num = empty($_POST['num']) ? 0 : intval($_POST['num']);
	5317
	5318	if($num <= 0 \|\| $num != floor($num))
	5319	{
	5320	show_message($_LANG['invalid_points'], $_LANG['transform_points'], 'user.php?act=transform_points');
	5321	}
	5322
	5323	$num = floor($num); // 格式化为整数
	5324
	5325	$bbs_key = substr($rule_index, 1);
	5326	$rule_key = substr($rule_index, 0, 1);
	5327
	5328	$max_num = 0;
	5329
	5330	/* 取出用户数据 */
	5331	$sql = "SELECT user_name, user_id, pay_points, rank_points FROM " . $ecs->table('users') . " WHERE user_id='$user_id'";
	5332	$row = $db->getRow($sql);
	5333	$bbs_points = $user->get_points($row['user_name']);
	5334	$points_name = $user->get_points_name();
	5335
	5336	$rule = array();
	5337	if($_CFG['points_rule'])
	5338	{
	5339	$rule = unserialize($_CFG['points_rule']);
	5340	}
	5341	list($from, $to) = explode(':', $rule[$rule_index]);
	5342
	5343	$max_points = 0;
	5344	switch($rule_key)
	5345	{
	5346	case TO_P:
	5347	$max_points = $bbs_points[$bbs_key];
	5348	break;
	5349	case TO_R:
	5350	$max_points = $bbs_points[$bbs_key];
	5351	break;
	5352	case FROM_P:
	5353	$max_points = $row['pay_points'];
	5354	break;
	5355	case FROM_R:
	5356	$max_points = $row['rank_points'];
	5357	}
	5358
	5359	/* 检查积分是否超过最大值 */
	5360	if($max_points <= 0 \|\| $num > $max_points)
	5361	{
	5362	show_message($_LANG['overflow_points'], $_LANG['transform_points'], 'user.php?act=transform_points');
	5363	}
	5364
	5365	switch($rule_key)
	5366	{
	5367	case TO_P:
	5368	$result_points = floor($num * $to / $from);
	5369	$user->set_points($row['user_name'], array(
	5370	$bbs_key => 0 - $num
	5371	)); // 调整论坛积分
	5372	log_account_change($row['user_id'], 0, 0, 0, $result_points, $_LANG['transform_points'], ACT_OTHER);
	5373	show_message(sprintf($_LANG['to_pay_points'], $num, $points_name[$bbs_key]['title'], $result_points), $_LANG['transform_points'], 'user.php?act=transform_points');
	5374
	5375	case TO_R:
	5376	$result_points = floor($num * $to / $from);
	5377	$user->set_points($row['user_name'], array(
	5378	$bbs_key => 0 - $num
	5379	)); // 调整论坛积分
	5380	log_account_change($row['user_id'], 0, 0, $result_points, 0, $_LANG['transform_points'], ACT_OTHER);
	5381	show_message(sprintf($_LANG['to_rank_points'], $num, $points_name[$bbs_key]['title'], $result_points), $_LANG['transform_points'], 'user.php?act=transform_points');
	5382
	5383	case FROM_P:
	5384	$result_points = floor($num * $to / $from);
	5385	log_account_change($row['user_id'], 0, 0, 0, 0 - $num, $_LANG['transform_points'], ACT_OTHER); // 调整商城积分
	5386	$user->set_points($row['user_name'], array(
	5387	$bbs_key => $result_points
	5388	)); // 调整论坛积分
	5389	show_message(sprintf($_LANG['from_pay_points'], $num, $result_points, $points_name[$bbs_key]['title']), $_LANG['transform_points'], 'user.php?act=transform_points');
	5390
	5391	case FROM_R:
	5392	$result_points = floor($num * $to / $from);
	5393	log_account_change($row['user_id'], 0, 0, 0 - $num, 0, $_LANG['transform_points'], ACT_OTHER); // 调整商城积分
	5394	$user->set_points($row['user_name'], array(
	5395	$bbs_key => $result_points
	5396	)); // 调整论坛积分
	5397	show_message(sprintf($_LANG['from_rank_points'], $num, $result_points, $points_name[$bbs_key]['title']), $_LANG['transform_points'], 'user.php?act=transform_points');
	5398	}
	5399	}
	5400
	5401	function action_act_transform_ucenter_points ()
	5402	{
	5403	$user = $GLOBALS['user'];
	5404	$_CFG = $GLOBALS['_CFG'];
	5405	$_LANG = $GLOBALS['_LANG'];
	5406	$smarty = $GLOBALS['smarty'];
	5407	$db = $GLOBALS['db'];
	5408	$ecs = $GLOBALS['ecs'];
	5409	$user_id = $_SESSION['user_id'];
	5410
	5411	$rule = array();
	5412	if($_CFG['points_rule'])
	5413	{
	5414	$rule = unserialize($_CFG['points_rule']);
	5415	}
	5416	$shop_points = array(
	5417	0 => 'rank_points', 1 => 'pay_points'
	5418	);
	5419	$sql = "SELECT user_id, user_name, pay_points, rank_points FROM " . $ecs->table('users') . " WHERE user_id='$user_id'";
	5420	$row = $db->getRow($sql);
	5421	$exchange_amount = intval($_POST['amount']);
	5422	$fromcredits = intval($_POST['fromcredits']);
	5423	$tocredits = trim($_POST['tocredits']);
	5424	$cfg = unserialize($_CFG['integrate_config']);
	5425	if(! empty($cfg))
	5426	{
	5427	$_LANG['exchange_points'][0] = empty($cfg['uc_lang']['credits'][0][0]) ? $_LANG['exchange_points'][0] : $cfg['uc_lang']['credits'][0][0];
	5428	$_LANG['exchange_points'][1] = empty($cfg['uc_lang']['credits'][1][0]) ? $_LANG['exchange_points'][1] : $cfg['uc_lang']['credits'][1][0];
	5429	}
	5430	list($appiddesc, $creditdesc) = explode('\|', $tocredits);
	5431	$ratio = 0;
	5432
	5433	if($exchange_amount <= 0)
	5434	{
	5435	show_message($_LANG['invalid_points'], $_LANG['transform_points'], 'user.php?act=transform_points');
	5436	}
	5437	if($exchange_amount > $row[$shop_points[$fromcredits]])
	5438	{
	5439	show_message($_LANG['overflow_points'], $_LANG['transform_points'], 'user.php?act=transform_points');
	5440	}
	5441	foreach($rule as $credit)
	5442	{
	5443	if($credit['appiddesc'] == $appiddesc && $credit['creditdesc'] == $creditdesc && $credit['creditsrc'] == $fromcredits)
	5444	{
	5445	$ratio = $credit['ratio'];
	5446	break;
	5447	}
	5448	}
	5449	if($ratio == 0)
	5450	{
	5451	show_message($_LANG['exchange_deny'], $_LANG['transform_points'], 'user.php?act=transform_points');
	5452	}
	5453	$netamount = floor($exchange_amount / $ratio);
	5454	include_once (ROOT_PATH . './includes/lib_uc.php');
	5455	$result = exchange_points($row['user_id'], $fromcredits, $creditdesc, $appiddesc, $netamount);
	5456	if($result === true)
	5457	{
	5458	$sql = "UPDATE " . $ecs->table('users') . " SET {$shop_points[$fromcredits]}={$shop_points[$fromcredits]}-'$exchange_amount' WHERE user_id='{$row['user_id']}'";
	5459	$db->query($sql);
	5460	$sql = "INSERT INTO " . $ecs->table('account_log') . "(user_id, {$shop_points[$fromcredits]}, change_time, change_desc, change_type)" . " VALUES ('{$row['user_id']}', '-$exchange_amount', '" . gmtime() . "', '" . $cfg['uc_lang']['exchange'] . "', '98')";
	5461	$db->query($sql);
	5462	show_message(sprintf($_LANG['exchange_success'], $exchange_amount, $_LANG['exchange_points'][$fromcredits], $netamount, $credit['title']), $_LANG['transform_points'], 'user.php?act=transform_points');
	5463	}
	5464	else
	5465	{
	5466	show_message($_LANG['exchange_error_1'], $_LANG['transform_points'], 'user.php?act=transform_points');
	5467	}
	5468	}
	5469
	5470	/* 清除商品浏览历史 */
	5471	function action_clear_history ()
	5472	{
	5473	$user = $GLOBALS['user'];
	5474	$_CFG = $GLOBALS['_CFG'];
	5475	$_LANG = $GLOBALS['_LANG'];
	5476	$smarty = $GLOBALS['smarty'];
	5477	$db = $GLOBALS['db'];
	5478	$ecs = $GLOBALS['ecs'];
	5479	$user_id = $_SESSION['user_id'];
	5480
	5481	setcookie('ECS[history]', '', 1);
	5482	}
	5483
	5484	/* 代码增加_start By */
	5485	function action_vc_login ()
	5486	{
	5487	$user = $GLOBALS['user'];
	5488	$_CFG = $GLOBALS['_CFG'];
	5489	$_LANG = $GLOBALS['_LANG'];
	5490	$smarty = $GLOBALS['smarty'];
	5491	$db = $GLOBALS['db'];
	5492	$ecs = $GLOBALS['ecs'];
	5493	$user_id = $_SESSION['user_id'];
	5494
	5495	include_once (ROOT_PATH . 'includes/lib_clips.php');
	5496	$smarty->assign('info', get_user_default($user_id));
	5497
	5498	$smarty->display('user_transaction.dwt');
	5499	}
	5500
	5501	function action_vc_login_act ()
	5502	{
	5503	$user = $GLOBALS['user'];
	5504	$_CFG = $GLOBALS['_CFG'];
	5505	$_LANG = $GLOBALS['_LANG'];
	5506	$smarty = $GLOBALS['smarty'];
	5507	$db = $GLOBALS['db'];
	5508	$ecs = $GLOBALS['ecs'];
	5509	$user_id = $_SESSION['user_id'];
	5510
	5511	include_once (ROOT_PATH . 'includes/lib_clips.php');
	5512	$nowtime = gmtime();
	5513	$vc_sn = isset($_POST['vcard']) ? trim($_POST['vcard']) : '';
	5514	$vc_pwd = isset($_POST['pwd']) ? trim($_POST['pwd']) : '';
	5515	if(empty($vc_sn) \|\| empty($vc_pwd))
	5516	{
	5517	show_message('卡号或密码都不能为空', '返回重新登录', 'user.php?act=vc_login');
	5518	}
	5519	$sql = "select vc.*, vt.type_money, vt.use_start_date, vt.use_end_date from " . $ecs->table('valuecard') . " AS vc " . " left join " . $ecs->table('valuecard_type') . " AS vt " . "on vc.vc_type_id = vt.type_id where vc.vc_sn= '$vc_sn' ";
	5520	$vcrow = $db->getRow($sql);
	5521	if(! $vcrow)
	5522	{
	5523	show_message('该储值卡号不存在', '请查证后重新登录', 'user.php?act=vc_login');
	5524	}
	5525	if($vc_pwd != $vcrow['vc_pwd'])
	5526	{
	5527	show_message('密码错误', '请查证后重新登录', 'user.php?act=vc_login');
	5528	}
	5529	if($nowtime < $vcrow['use_start_date'])
	5530	{
	5531	show_message('对不起，该储值卡还未到开始使用日期', '请过几天再登录试试', 'user.php?act=vc_login');
	5532	}
	5533	if($nowtime > $vcrow['use_end_date'])
	5534	{
	5535	show_message('对不起，该储值卡已过期', '请换个卡号重新登录', 'user.php?act=vc_login');
	5536	}
	5537	if($vcrow['user_id'])
	5538	{
	5539	show_message('对不起，该储值卡已使用', '请换个卡号重新登录', 'user.php?act=vc_login');
	5540	}
	5541
	5542	$sql = 'INSERT INTO ' . $GLOBALS['ecs']->table('user_account') . ' (user_id, admin_user, amount, add_time, paid_time, admin_note, user_note, process_type, payment, is_paid)' . " VALUES ('$user_id', '', '$vcrow[type_money]', '" . gmtime() . "', '" . gmtime() . "', '', '储值卡充值', '0', '储值卡号：$vc_sn', 1)";
	5543	$GLOBALS['db']->query($sql);
	5544	log_account_change($user_id, $vcrow['type_money'], 0, 0, 0, '储值卡充值，卡号：' . $vc_sn, ACT_OTHER);
	5545
	5546	$sql = "update " . $ecs->table('valuecard') . " set user_id='$user_id', used_time='$nowtime' where vc_id='$vcrow[vc_id]' ";
	5547	$db->query($sql);
	5548	// 是否开启余额变动给客户发短信-储值卡充值
	5549	if($_CFG['sms_user_money_change'] == 1)
	5550	{
	5551	$sql = "SELECT user_money,mobile_phone FROM " . $GLOBALS['ecs']->table('users') . " WHERE user_id = '$user_id'";
	5552	$users = $GLOBALS['db']->getRow($sql);
	5553	$content = sprintf($_CFG['sms_recharge_balance_add_tpl'], $vcrow['type_money'], $users['user_money'], $_CFG['sms_sign']);
	5554	if($users['mobile_phone'])
	5555	{
	5556	include_once ('send.php');
	5557	sendSMS($users['mobile_phone'], $content);
	5558	}
	5559	}
	5560	show_message('恭喜，已成功充值！', '返回上一页', 'user.php?act=vc_login');
	5561
	5562	$smarty->display('user_transaction.dwt');
	5563	}
	5564
	5565	/* 代码增加_end By */
	5566	/* 代码增加_start By */
	5567	function action_tg_login ()
	5568	{
	5569	$user = $GLOBALS['user'];
	5570	$_CFG = $GLOBALS['_CFG'];
	5571	$_LANG = $GLOBALS['_LANG'];
	5572	$smarty = $GLOBALS['smarty'];
	5573	$db = $GLOBALS['db'];
	5574	$ecs = $GLOBALS['ecs'];
	5575	$user_id = $_SESSION['user_id'];
	5576
	5577	include_once (ROOT_PATH . 'includes/lib_clips.php');
	5578
	5579	$smarty->display('user_transaction.dwt');
	5580	}
	5581
	5582	function action_tg_login_act ()
	5583	{
	5584	$user = $GLOBALS['user'];
	5585	$_CFG = $GLOBALS['_CFG'];
	5586	$_LANG = $GLOBALS['_LANG'];
	5587	$smarty = $GLOBALS['smarty'];
	5588	$db = $GLOBALS['db'];
	5589	$ecs = $GLOBALS['ecs'];
	5590	$user_id = $_SESSION['user_id'];
	5591
	5592	include_once (ROOT_PATH . 'includes/lib_clips.php');
	5593	$nowtime = gmtime();
	5594	$tg_sn = isset($_POST['tcard']) ? trim($_POST['tcard']) : '';
	5595	$tg_pwd = isset($_POST['pwd']) ? trim($_POST['pwd']) : '';
	5596	if(empty($tg_sn) \|\| empty($tg_pwd)){
	5597	show_message('卡号或密码都不能为空', '返回重新输入', 'user.php?act=tg_login');
	5598	}
	5599	$sql = "select tg.*, tt.type_money, tt.type_money_count, tt.use_start_date, tt.use_end_date from " . $ecs->table('takegoods') . " AS tg " . " left join " . $ecs->table('takegoods_type') . " AS tt " . "on tg.type_id = tt.type_id where tg.tg_sn= '$tg_sn' ";
	5600	$tgrow = $db->getRow($sql);
	5601	if(! $tgrow)
	5602	{
	5603	show_message('该提货券不存在', '请查证后重新输入', 'user.php?act=tg_login');
	5604	}
	5605	if($tg_pwd != $tgrow['tg_pwd'])
	5606	{
	5607	show_message('密码错误', '请查证后重新输入', 'user.php?act=tg_login');
	5608	}
	5609	if($nowtime < $tgrow['use_start_date'])
	5610	{
	5611	show_message('对不起，该提货券开始使用日期为 ' . local_date('Y-m-d H:i:s', $tgrow['use_start_date']), '请过几天再试试', 'user.php?act=tg_login');
	5612	}
	5613	if($nowtime > $tgrow['use_end_date'])
	5614	{
	5615	show_message('对不起，该提货券已过期', '请换个券号重新输入', 'user.php?act=tg_login');
	5616	}
	5617
	5618	if($tgrow['used_time'] and (count(explode('@', $tgrow['used_time'])) >= $tgrow['type_money_count']))
	5619	{
	5620	show_message('对不起，该提货券使用次数已用尽', '请换个券号重新输入', 'user.php?act=tg_login');
	5621	}
	5622
	5623	$_SESSION['takegoods_sn_68ecshop'] = $tg_sn;
	5624	$_SESSION['takegoods_id_68ecshop'] = $tgrow['tg_id'];
	5625
	5626	ecs_header("Location:takegoods.php");
	5627	}
	5628
	5629	function action_tg_order ()
	5630	{
	5631	$user = $GLOBALS['user'];
	5632	$_CFG = $GLOBALS['_CFG'];
	5633	$_LANG = $GLOBALS['_LANG'];
	5634	$smarty = $GLOBALS['smarty'];
	5635	$db = $GLOBALS['db'];
	5636	$ecs = $GLOBALS['ecs'];
	5637	$user_id = $_SESSION['user_id'];
	5638	$action = $GLOBALS['action'];
	5639
	5640	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	5641
	5642	$record_count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('takegoods_order') . " WHERE user_id = '$user_id'");
	5643
	5644	$pager = get_pager('user.php', array(
	5645	'act' => $action
	5646	), $record_count, $page, 10);
	5647
	5648	$orders = get_takegoods_orders($user_id, $pager['size'], $pager['start']);
	5649
	5650	$smarty->assign('pager', $pager);
	5651	$smarty->assign('orders', $orders);
	5652
	5653	$smarty->display('user_transaction.dwt');
	5654	}
	5655
	5656	function action_tg_order_confirm ()
	5657	{
	5658	$user = $GLOBALS['user'];
	5659	$_CFG = $GLOBALS['_CFG'];
	5660	$_LANG = $GLOBALS['_LANG'];
	5661	$smarty = $GLOBALS['smarty'];
	5662	$db = $GLOBALS['db'];
	5663	$ecs = $GLOBALS['ecs'];
	5664	$user_id = $_SESSION['user_id'];
	5665
	5666	$id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
	5667	$sql = "update " . $ecs->table('takegoods_order') . " set order_status='2' where rec_id= '$id' ";
	5668	$db->query($sql);
	5669	show_message('恭喜，成功确认收货！', '返回提货列表页', 'user.php?act=tg_order');
	5670	}
	5671
	5672	/* 商品评价/晒单增加 by */
	5673	function action_my_comment ()
	5674	{
	5675	$user = $GLOBALS['user'];
	5676	$_CFG = $GLOBALS['_CFG'];
	5677	$_LANG = $GLOBALS['_LANG'];
	5678	$smarty = $GLOBALS['smarty'];
	5679	$db = $GLOBALS['db'];
	5680	$ecs = $GLOBALS['ecs'];
	5681	$user_id = $_SESSION['user_id'];
	5682	$action = $GLOBALS['action'];
	5683
	5684	$min_time = gmtime() - 86400 * $_CFG['comment_youxiaoqi'];
	5685	$page = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
	5686	$count = $db->getOne("SELECT COUNT(*) FROM " . $ecs->table('order_goods') . " AS og
	5687	LEFT JOIN " . $ecs->table('order_info') . " AS o ON og.order_id=o.order_id
	5688	WHERE o.user_id = '$user_id' AND o.shipping_time_end > 0 AND og.is_back = 0");
	5689	$size = 20;
	5690	$page_count = ($count > 0) ? intval(ceil($count / $size)) : 1;
	5691	// 代码添加$o_id，if判断
	5692	$o_id = $_REQUEST['order_id'];
	5693
	5694	if($o_id)
	5695	{
	5696
	5697	$sql = "SELECT og.*, o.add_time, o.shipping_time_end, o.order_id, g.goods_thumb, s.shaidan_id, s.pay_points AS shaidan_points, s.status AS shaidan_status,
	5698	c.status AS comment_status,g.supplier_id,ifnull(ssc.value,'网站自营') AS shopname
	5699	FROM " . $ecs->table('order_goods') . " AS og
	5700	LEFT JOIN " . $ecs->table('order_info') . " AS o ON og.order_id=o.order_id
	5701	LEFT JOIN " . $ecs->table('goods') . " AS g ON og.goods_id=g.goods_id
	5702	LEFT JOIN " . $ecs->table('shaidan') . " AS s ON og.rec_id=s.rec_id
	5703	LEFT JOIN " . $ecs->table('comment') . " AS c ON og.rec_id=c.rec_id
	5704	LEFT JOIN " . $ecs->table('supplier_shop_config') . " AS ssc ON ssc.supplier_id=g.supplier_id AND ssc.code='shop_name'
	5705	WHERE o.user_id = '$user_id' AND og.order_id = '$o_id' AND o.shipping_time_end > 0 AND og.is_back = 0 ORDER BY o.add_time DESC";
	5706	}
	5707	else
	5708	{
	5709	$sql = "SELECT og.*, o.add_time, o.shipping_time_end, o.order_id, g.goods_thumb, s.shaidan_id, s.pay_points AS shaidan_points, s.status AS shaidan_status,
	5710	c.status AS comment_status,g.supplier_id,ifnull(ssc.value,'网站自营') AS shopname
	5711	FROM " . $ecs->table('order_goods') . " AS og
	5712	LEFT JOIN " . $ecs->table('order_info') . " AS o ON og.order_id=o.order_id
	5713	LEFT JOIN " . $ecs->table('goods') . " AS g ON og.goods_id=g.goods_id
	5714	LEFT JOIN " . $ecs->table('shaidan') . " AS s ON og.rec_id=s.rec_id
	5715	LEFT JOIN " . $ecs->table('comment') . " AS c ON og.rec_id=c.rec_id
	5716	LEFT JOIN " . $ecs->table('supplier_shop_config') . " AS ssc ON ssc.supplier_id=g.supplier_id AND ssc.code='shop_name'
	5717	WHERE o.user_id = '$user_id' AND o.shipping_time_end > 0 AND og.is_back = 0 ORDER BY o.add_time DESC";
	5718	}
	5719	$res = $db->selectLimit($sql, $size, ($page - 1) * $size);
	5720	$points_list = array();
	5721	while($row = $db->fetchRow($res))
	5722	{
	5723	$row['thumb'] = get_image_path($row['goods_id'], $row['goods_thumb'], true);
	5724	$row['url'] = build_uri('goods', array(
	5725	'gid' => $row['goods_id']
	5726	), $row['goods_name']);
	5727	$row['add_time_str'] = local_date("Y-m-d", $row['add_time']);
	5728	$row['goods_tags'] = $db->getAll("SELECT * FROM " . $ecs->table('goods_tag') . " WHERE goods_id = '$row[goods_id]'");
	5729	$item_list[] = $row;
	5730	}
	5731	// 代码增加 for 循环
	5732	for($i = 1; $i < count($item_list); $i ++)
	5733	{
	5734	$item_list[$i]['o_id'] = $item_list[$i]['order_id'];
	5735	unset($item_list[$i]['order_id']);
	5736	}
	5737
	5738	$smarty->assign('item_list', $item_list);
	5739
	5740	// 统计信息
	5741	$num['x'] = $db->getOne("SELECT COUNT(*) AS num FROM " . $ecs->table('order_goods') . " AS og
	5742	LEFT JOIN " . $ecs->table('order_info') . " AS o ON og.order_id=o.order_id
	5743	WHERE o.user_id = '$user_id' AND og.is_back = 0 AND og.comment_state = 0 AND o.shipping_time_end > $min_time");
	5744	$num['y'] = $db->getOne("SELECT COUNT(*) AS num FROM " . $ecs->table('order_goods') . " AS og
	5745	LEFT JOIN " . $ecs->table('order_info') . " AS o ON og.order_id=o.order_id
	5746	WHERE o.user_id = '$user_id' AND og.is_back = 0 AND og.shaidan_state = 0 AND o.shipping_time_end > $min_time");
	5747	$smarty->assign('num', $num);
	5748
	5749	$pager = get_pager('user.php', array(
	5750	'act' => $action
	5751	), $count, $page, $size);
	5752	$smarty->assign('min_time', $min_time);
	5753	$smarty->assign('pager', $pager);
	5754	$smarty->display('user_my_comment.dwt');
	5755	}
	5756
	5757	function action_my_comment_send ()
	5758	{
	5759	$user = $GLOBALS['user'];
	5760	$_CFG = $GLOBALS['_CFG'];
	5761	$_LANG = $GLOBALS['_LANG'];
	5762	$smarty = $GLOBALS['smarty'];
	5763	$db = $GLOBALS['db'];
	5764	$ecs = $GLOBALS['ecs'];
	5765	$user_id = $_SESSION['user_id'];
	5766
	5767	include_once (ROOT_PATH . 'includes/lib_clips.php');
	5768
	5769	$user_info = $db->getRow("SELECT * FROM " . $ecs->table('users') . " WHERE user_id = '$user_id'");
	5770	$comment_type = 0;
	5771	$id_value = $_POST['goods_id'];
	5772	$email = $user_info['email'];
	5773	$user_name = $user_info['user_name'];
	5774	$user_id = $user_id;
	5775	$content = $_POST['content'];
	5776	//过滤js和html
	5777	$search = array ("'<script[^>]?>.?</script>'si", "'<[\/\!]?[^<>]?>'si");
	5778	$content = preg_replace($search,'',$content);
	5779
	5780	$comment_rank = $_POST['comment_rank'];
	5781
	5782	// 代码增加
	5783	$server = $_POST['server'];
	5784	$send = $_POST['send'];
	5785	$shipping = $_POST['shipping'];
	5786	$o_id = $_REQUEST['o_id'];
	5787
	5788	if(! $o_id)
	5789	{
	5790	$o_id = $_REQUEST['o1_id'];
	5791	}
	5792
	5793	// 代码增加
	5794
	5795	$add_time = gmtime();
	5796	$ip_address = real_ip();
	5797	$status = ($_CFG['comment_check'] == 1) ? 0 : 1;
	5798	$rec_id = $_POST['rec_id'];
	5799	$hide_username = intval($_POST['hide_username']);
	5800	$buy_time = $db->getOne("SELECT o.add_time FROM " . $ecs->table('order_info') . " AS o
	5801	LEFT JOIN " . $ecs->table('order_goods') . " AS og ON o.order_id=og.order_id
	5802	WHERE og.rec_id = '$rec_id'");
	5803
	5804	/* 自定义标签 */
	5805	$tags = ($_POST['comment_tag']) ? explode(",", $_POST['comment_tag']) : array();
	5806	if(is_array($_POST['tags_zi']))
	5807	{
	5808	foreach($_POST["tags_zi"] as $tag)
	5809	{
	5810	$status = $_CFG['user_tag_check'];
	5811	$db->query("INSERT INTO " . $ecs->table('goods_tag') . " (goods_id, tag_name, is_user, state) VALUES ('$id_value', '$tag', 1, '$status')");
	5812	$tags[] = $db->insert_id();
	5813	}
	5814	}
	5815	foreach($tags as $tagid)
	5816	{
	5817	if($tagid > 0)
	5818	{
	5819	$tagids[] = $tagid;
	5820	}
	5821	}
	5822	$comment_tag = (is_array($tagids)) ? implode(",", $tagids) : '';
	5823
	5824	// 代码增加o_id
	5825	$sql = "INSERT INTO " . $ecs->table('comment') . "(comment_type, id_value, email, user_name, content, comment_rank, add_time, ip_address, user_id, status, rec_id, comment_tag, buy_time, hide_username, order_id)" . "VALUES ('$comment_type', '$id_value', '$email', '$user_name', '$content', '$comment_rank', '$add_time', '$ip_address', '$user_id', '$status', '$rec_id', '$comment_tag', '$buy_time', '$hide_username', '$o_id')";
	5826
	5827	$db->query($sql);
	5828	$db->query("UPDATE " . $ecs->table('order_goods') . " SET comment_state = 1 WHERE rec_id = '$rec_id'");
	5829
	5830	// 代码增加
	5831	if($o_id)
	5832	{
	5833	$o_sn = $db->getOne("SELECT order_sn FROM " . $ecs->table('order_info') . "
	5834	WHERE order_id = '$o_id'");
	5835	$sql = "INSERT INTO " . $ecs->table('shop_grade') . "(user_id, user_name, add_time, server, send, shipping, order_id, order_sn)" . "VALUES ('$user_id', '$user_name', '$add_time', '$server', '$send', '$shipping', '$o_id', '$o_sn')";
	5836	$db->query($sql);
	5837	}
	5838	// 代码增加
	5839
	5840	clear_cache_files();
	5841
	5842	if($status == 0)
	5843	{
	5844	$msg = '您的信息提交成功，需要管理员审核后才能显示！';
	5845	}
	5846	else
	5847	{
	5848	$msg = '您的信息提交成功！';
	5849	}
	5850	echo "<script>alert('$msg');self.location='user.php?act=my_comment';</script>";
	5851	exit();
	5852	}
	5853
	5854	/* 余额额支付密码_添加_START_ */
	5855	function action_check_surplus_open ()
	5856	{
	5857	$user = $GLOBALS['user'];
	5858	$_CFG = $GLOBALS['_CFG'];
	5859	$_LANG = $GLOBALS['_LANG'];
	5860	$smarty = $GLOBALS['smarty'];
	5861	$db = $GLOBALS['db'];
	5862	$ecs = $GLOBALS['ecs'];
	5863	$user_id = $_SESSION['user_id'];
	5864
	5865	$sql = 'SELECT `is_surplus_open`' . 'FROM `ecs_users`' . 'WHERE `user_id` = \'' . $_SESSION['user_id'] . '\'' . 'LIMIT 1';
	5866	$is_surplus_open = $GLOBALS['db']->getOne($sql);
	5867	echo $is_surplus_open;
	5868	exit();
	5869	}
	5870
	5871	function action_verify_surplus_password ()
	5872	{
	5873	$user = $GLOBALS['user'];
	5874	$_CFG = $GLOBALS['_CFG'];
	5875	$_LANG = $GLOBALS['_LANG'];
	5876	$smarty = $GLOBALS['smarty'];
	5877	$db = $GLOBALS['db'];
	5878	$ecs = $GLOBALS['ecs'];
	5879	$user_id = $_SESSION['user_id'];
	5880
	5881	$sql = 'SELECT COUNT( * )' . 'FROM `ecs_users`' . 'WHERE `user_id` = \'' . $_SESSION['user_id'] . '\'' . 'AND `surplus_password` = \'' . md5($_GET['surplus_password']) . '\'';
	5882	$count = $GLOBALS['db']->getOne($sql);
	5883	echo $count;
	5884	exit();
	5885	}
	5886
	5887	function action_get_verify_code ()
	5888	{
	5889	$user = $GLOBALS['user'];
	5890	$_CFG = $GLOBALS['_CFG'];
	5891	$_LANG = $GLOBALS['_LANG'];
	5892	$smarty = $GLOBALS['smarty'];
	5893	$db = $GLOBALS['db'];
	5894	$ecs = $GLOBALS['ecs'];
	5895	$user_id = $_SESSION['user_id'];
	5896
	5897	include_once ('includes/cls_json.php');
	5898	require (dirname(__FILE__) . '/send.php');
	5899	$json = new JSON();
	5900	$result = array();
	5901
	5902	$phone = trim($_REQUEST['phone']);
	5903
	5904	$sql = 'SELECT COUNT(*) FROM ' . $GLOBALS['ecs']->table('users') . ' WHERE `user_id` = \'' . $user_id . '\' AND `mobile_phone` = \'' . $phone . '\'';
	5905	$count = $GLOBALS['db']->getOne($sql);
	5906
	5907	if($count == 0)
	5908	{
	5909	$result['result'] = 'fail';
	5910	$result['message'] = '手机号跟用户不匹配';
	5911	echo $json->encode($result);
	5912	}
	5913	else
	5914	{
	5915	$seed = "0123456789";
	5916	$verifycode = mc_random(6, $seed);
	5917
	5918	$content = '您的验证码为' . $verifycode;
	5919
	5920	$ret = sendSMS($phone, $content);
	5921
	5922	$sql = 'INSERT INTO ' . $ecs->table('verifycode') . '(`mobile`, `getip`, `verifycode`, `dateline`) VALUES (\'' . $phone . '\',\'' . real_ip() . '\',\'' . $verifycode . '\',\'' . gmtime() . '\')';
	5923	$db->query($sql);
	5924	if($ret == '发送成功!' && $db->affected_rows() == 1)
	5925	{
	5926	$result['result'] = 'success';
	5927	$result['message'] = '短信发送成功';
	5928	echo $json->encode($result);
	5929	}
	5930	else
	5931	{
	5932	$result['result'] = 'fail';
	5933	$result['message'] = '短信发送失败！';
	5934	echo $json->encode($result);
	5935	}
	5936	}
	5937	}
	5938
	5939	function action_shaidan_send ()
	5940	{
	5941	$user = $GLOBALS['user'];
	5942	$_CFG = $GLOBALS['_CFG'];
	5943	$_LANG = $GLOBALS['_LANG'];
	5944	$smarty = $GLOBALS['smarty'];
	5945	$db = $GLOBALS['db'];
	5946	$ecs = $GLOBALS['ecs'];
	5947	$user_id = $_SESSION['user_id'];
	5948
	5949	$rec_id = intval($_GET['id']);
	5950	$goods = $db->getRow("SELECT * FROM " . $ecs->table('order_goods') . " WHERE rec_id = '$rec_id'");
	5951
	5952	$min_time = gmtime() - 86400 * $_CFG['comment_youxiaoqi'];
	5953	$pan_1 = $db->getOne("select shipping_time_end from " . $ecs->table('order_info') . " where order_id = " . $goods['order_id']);
	5954	$pan_1 = ($pan_1 > $min_time) ? 1 : 0;
	5955	$smarty->assign('pan_1', $pan_1);
	5956
	5957	$pan_2 = $db->getOne("select rec_id from " . $ecs->table('shaidan') . " where rec_id = '$rec_id'");
	5958	$pan_2 = ! empty($pan_2) ? 1 : 0;
	5959	$smarty->assign('pan_2', $pan_2);
	5960
	5961	$s_user = $db->getOne("select user_id from " . $ecs->table('order_info') . " where order_id = " . $goods['order_id']);
	5962	$pan_3 = ($s_user == $_SESSION['user_id'] ? 0 : 1);
	5963	$smarty->assign('pan_3', $pan_3);
	5964
	5965	$smarty->assign('goods', $goods);
	5966
	5967	$smarty->display('user_my_comment.dwt');
	5968	}
	5969
	5970	function action_shaidan_save ()
	5971	{
	5972	$user = $GLOBALS['user'];
	5973	$_CFG = $GLOBALS['_CFG'];
	5974	$_LANG = $GLOBALS['_LANG'];
	5975	$smarty = $GLOBALS['smarty'];
	5976	$db = $GLOBALS['db'];
	5977	$ecs = $GLOBALS['ecs'];
	5978	$user_id = $_SESSION['user_id'];
	5979
	5980	include_once (dirname(__FILE__) . '/includes/cls_image.php');
	5981	$image = new cls_image($_CFG['bgcolor']);
	5982
	5983	$rec_id = intval($_POST['rec_id']);
	5984	$goods_id = intval($_POST['goods_id']);
	5985	$title = trim($_POST['title']);
	5986	$message = $_POST['message'];
	5987	$add_time = gmtime();
	5988	$status = $_CFG['shaidan_check'];
	5989	$hide_username = intval($_POST['hide_username']);
	5990
	5991	$sql = "INSERT INTO " . $ecs->table('shaidan') . "(rec_id, goods_id, user_id, title, message, add_time, status, hide_username)" . "VALUES ('$rec_id', '$goods_id', '$user_id', '$title', '$message', '$add_time', '$status', '$hide_username')";
	5992	$db->query($sql);
	5993	$shaidan_id = $db->insert_id();
	5994	$db->query("UPDATE " . $ecs->table('order_goods') . " SET shaidan_state = 1 WHERE rec_id = '$rec_id'");
	5995
	5996	// 处理图片
	5997	$img_srcs = $_POST['img_srcs'];
	5998	$img_names = $_POST['img_names'];
	5999	if(is_array($img_srcs))
	6000	{
	6001	foreach($img_srcs as $i => $src)
	6002	{
	6003	$thumb = $image->make_thumb($src, 100, 100);
	6004	$sql = "INSERT INTO " . $ecs->table('shaidan_img') . "(shaidan_id, `desc`, image, thumb)" . "VALUES ('$shaidan_id', '" . $img_names[$i] . "', '$src', '$thumb')";
	6005	$db->query($sql);
	6006	}
	6007	}
	6008
	6009	// 需要审核
	6010	if($status == 0)
	6011	{
	6012	$msg = '您的信息提交成功，需要管理员审核后才能显示！';
	6013	}
	6014
	6015	// 不需要审核
	6016	else
	6017	{
	6018	$info = $db->GetRow("SELECT * FROM " . $ecs->table('shaidan') . " WHERE shaidan_id='$shaidan_id'");
	6019	// 该商品第几位晒单者
	6020	$res = $db->getAll("SELECT shaidan_id FROM " . $ecs->table("shaidan") . " WHERE goods_id = '$info[goods_id]' ORDER BY add_time ASC");
	6021	foreach($res as $key => $value)
	6022	{
	6023	if($shaidan_id == $value['shaidan_id'])
	6024	{
	6025	$weizhi = $key + 1;
	6026	}
	6027	}
	6028	// 图片数量
	6029	$imgnum = count($img_srcs);
	6030
	6031	// 是否赠送积分
	6032	if($info['is_points'] == 0 && $weizhi <= $_CFG['shaidan_pre_num'] && $imgnum >= $_CFG['shaidan_img_num'])
	6033	{
	6034	$pay_points = $_CFG['shaidan_pay_points'];
	6035	$db->query("UPDATE " . $ecs->table('shaidan') . " SET pay_points = '$pay_points', is_points = 1 WHERE shaidan_id = '$shaidan_id'");
	6036	$db->query("INSERT INTO " . $ecs->table('account_log') . "(user_id, rank_points, pay_points, change_time, change_desc, change_type) " . "VALUES ('$info[user_id]', 0, '" . $pay_points . "', " . gmtime() . ", '晒单获得积分', '99')");
	6037	$log = $db->getRow("SELECT SUM(rank_points) AS rank_points, SUM(pay_points) AS pay_points FROM " . $ecs->table("account_log") . " WHERE user_id = '$info[user_id]'");
	6038	$db->query("UPDATE " . $ecs->table('users') . " SET rank_points = '" . $log['rank_points'] . "', pay_points = '" . $log['pay_points'] . "' WHERE user_id = '$info[user_id]'");
	6039	}
	6040
	6041	$msg = '您的信息提交成功！';
	6042	}
	6043	echo "<script>alert('$msg');self.location='user.php?act=my_comment';</script>";
	6044	exit();
	6045	}
	6046
	6047	function action_auction_list ()
	6048	{
	6049	$user = $GLOBALS['user'];
	6050	$_CFG = $GLOBALS['_CFG'];
	6051	$_LANG = $GLOBALS['_LANG'];
	6052	$smarty = $GLOBALS['smarty'];
	6053	$db = $GLOBALS['db'];
	6054	$ecs = $GLOBALS['ecs'];
	6055	$user_id = $_SESSION['user_id'];
	6056
	6057	include_once (ROOT_PATH . 'includes/lib_clips.php');
	6058	$smarty->assign('prompt', get_user_prompt($user_id));
	6059	$smarty->display('user_clips.dwt');
	6060	}
	6061
	6062	function action_get_tc_express ()
	6063	{
	6064	$smarty = $GLOBALS['smarty'];
	6065	$db = $GLOBALS['db'];
	6066	$ecs = $GLOBALS['ecs'];
	6067
	6068	require_once(ROOT_PATH . 'includes/cls_json.php');
	6069	$json = new JSON;
	6070
	6071	// 变量初始化
	6072	$result_content = "";
	6073
	6074	$kos_order_id = $db->getOne("select order_id from ".$ecs->table('kuaidi_order')." where order_sn='".$_REQUEST['expressno']."'");
	6075
	6076	$sql="select * from ". $ecs->table('kuaidi_order_status') ." where order_id='$kos_order_id' order by status_id";
	6077	$res_status = $db->query($sql);
	6078	$have_shipping_info =0;
	6079	$shipping_info ="";
	6080	while($row_status = $db->fetchRow($res_status))
	6081	{
	6082	if ($row_status['status_display']==1)
	6083	{
	6084	switch ($row_status['status_id'])
	6085	{
	6086	case 1 :
	6087	$shipping_info .= "您提交了订单，请等待确认。 (".local_date('Y-m-d H:i:s', $row_status['status_time']).")";
	6088	break;
	6089	case 2 :
	6090	$shipping_info .= "您的快件已经确认，等待快递员揽收。 (".local_date('Y-m-d H:i:s', $row_status['status_time']).")";
	6091	break;
	6092	case 3 :
	6093	$postman_id = $db->getOne("select postman_id from ".$ecs->table('kuaidi_order')." where order_sn='".$_REQUEST['expressno']."'");
	6094	$postman_info = $db->getRow("select postman_name, mobile from ".$ecs->table('postman')." where postman_id=".$postman_id);
	6095	$shipping_info .= "您的快件正在派送，快递员：".$postman_info['postman_name']."，电话：".$postman_info['mobile']." (".local_date('Y-m-d H:i:s', $row_status['status_time']).")";
	6096	break;
	6097	case 4 :
	6098	$shipping_info .= "您的快件已经签收。 (".local_date('Y-m-d H:i:s', $row_status['status_time']).")";
	6099	break;
	6100	case 5 :
	6101	$shipping_info .= "您的快件已被拒收。 (".local_date('Y-m-d H:i:s', $row_status['status_time']).")";
	6102	break;
	6103	case 6 :
	6104	$shipping_info .= "您拒收的快件已被退回。 (".local_date('Y-m-d H:i:s', $row_status['status_time']).")";
	6105	break;
	6106	case 7 :
	6107	$shipping_info .= "您的快件已经取消。 (".local_date('Y-m-d H:i:s', $row_status['status_time']).")";
	6108	break;
	6109	}
	6110
	6111	$shipping_info .= "<br>";
	6112
	6113	if ($row_status['status_id'] >= 1)
	6114	{
	6115	$have_shipping_info++;
	6116	}
	6117	}
	6118	}
	6119	if ($have_shipping_info)
	6120	{
	6121	$result_content = $shipping_info;
	6122	}
	6123	else
	6124	{
	6125	$result_content ='抱歉，暂时还没有该运单的物流信息哦！';
	6126	}
	6127
	6128	echo $json->encode($result_content);
	6129	}
	6130
	6131	/* 账户安全_end_ */
	6132	/* 余额额支付密码_添加_END_ */
	6133	function get_takegoods_orders ($user_id, $num = 10, $start = 0)
	6134	{
	6135	$order_status = array(
	6136	'0' => '提货成功，等待发货', '1' => '确认收货', '2' => '完成'
	6137	);
	6138	/* 取得订单列表 */
	6139	$arr = array();
	6140
	6141	$sql = "SELECT * " . " FROM " . $GLOBALS['ecs']->table('takegoods_order') . " WHERE user_id = '$user_id' ORDER BY rec_id DESC";
	6142	$res = $GLOBALS['db']->SelectLimit($sql, $num, $start);
	6143
	6144	while($row = $GLOBALS['db']->fetchRow($res))
	6145	{
	6146	$row['country_name'] = $GLOBALS['db']->getOne("select region_name from " . $GLOBALS['ecs']->table('region') . " where region_id='$row[country]' ");
	6147	$row['province_name'] = $GLOBALS['db']->getOne("select region_name from " . $GLOBALS['ecs']->table('region') . " where region_id='$row[province]' ");
	6148	$row['city_name'] = $GLOBALS['db']->getOne("select region_name from " . $GLOBALS['ecs']->table('region') . " where region_id='$row[city]' ");
	6149	$row['district_name'] = $GLOBALS['db']->getOne("select region_name from " . $GLOBALS['ecs']->table('region') . " where region_id='$row[district]' ");
	6150	$row['goods_url'] = build_uri('goods', array(
	6151	'gid' => $row['goods_id']
	6152	), $row['goods_name']);
	6153	$arr[] = array(
	6154	'rec_id' => $row['rec_id'], 'tg_sn' => $row['tg_sn'], 'goods_name' => $row['goods_name'], 'address' => $row['country_name'] . $row['province_name'] . $row['city_name'] . $row['district_name'] . $row['address'], 'add_time' => local_date($GLOBALS['_CFG']['time_format'], $row['add_time']), 'order_status' => $row['order_status'], 'order_status_name' => $order_status[$row['order_status']], 'goods_url' => $row['goods_url'], 'handler' => $row['handler']
	6155	);
	6156	}
	6157
	6158	return $arr;
	6159	}
	6160
	6161	/* 代码增加_end By */
	6162	/* 代码增加_start By */
	6163	function get_user_backorders ($user_id, $num = 10, $start = 0)
	6164	{
	6165	/* 取得订单列表 */
	6166	$arr = array();
	6167
	6168	$sql = "SELECT bo.*, g.goods_name " . " FROM " . $GLOBALS['ecs']->table('back_order') . " AS bo left join " . $GLOBALS['ecs']->table('goods') . " AS g " . " on bo.goods_id=g.goods_id " . " WHERE user_id = '$user_id' ORDER BY add_time DESC";
	6169	$res = $GLOBALS['db']->SelectLimit($sql, $num, $start);
	6170
	6171	while($row = $GLOBALS['db']->fetchRow($res))
	6172	{
	6173
	6174	$row['order_time'] = local_date($GLOBALS['_CFG']['time_format'], $row['add_time']);
	6175	$row['refund_money_1'] = price_format($row['refund_money_1'], false);
	6176
	6177	$row['goods_url'] = build_uri('goods', array(
	6178	'gid' => $row['goods_id']
	6179	), $row['goods_name']);
	6180	$row['status_back_1'] = $row['status_back'];
	6181	$row['status_back'] = $GLOBALS['_LANG']['bos'][(($row['back_type'] == 4 && $row['status_back'] != 8) ? $row['back_type'] : $row['status_back'])] . ' - ' . $GLOBALS['_LANG']['bps'][$row['status_refund']];
	6182
	6183	$sql_goods = "SELECT * FROM " . $GLOBALS['ecs']->table('back_goods') . " WHERE back_id = " . $row['back_id'];
	6184	$row['goods_list'] = $GLOBALS['db']->getAll($sql_goods);
	6185
	6186	$arr[] = $row;
	6187	}
	6188
	6189	//$arr['status_back'] = $GLOBALS['_LANG']['bos'][(($arr['back_type'] == 4 && $arr['status_back'] != 8) ? $row['back_type'] : $arr['status_back'])] . ' - ' . $GLOBALS['_LANG']['bps'][$arr['status_refund']];
	6190
	6191	return $arr;
	6192	}
	6193
	6194	/* 代码增加_end By */
	6195	/* 代码增加2014-12-23 by _star */
	6196	function is_telephone ($phone)
	6197	{
	6198	$chars = "/^13[0-9]{1}[0-9]{8}$\|15[0-9]{1}[0-9]{8}$\|18[0-9]{1}[0-9]{8}$/";
	6199	if(preg_match($chars, $phone))
	6200	{
	6201	return true;
	6202	}
	6203	}
	6204
	6205	function mc_random ($length, $char_str = 'abcdefghijklmnopqrstuvwxyz0123456789')
	6206	{
	6207	$hash = '';
	6208	$chars = $char_str;
	6209	$max = strlen($chars);
	6210	for($i = 0; $i < $length; $i ++)
	6211	{
	6212	$hash .= substr($chars, (rand(0, 1000) % $max), 1);
	6213	}
	6214	return $hash;
	6215	}
	6216
	6217	/* 代码增加2014-12-23 by _end */
	6218	function get_user_payed($user_id)
	6219	{
	6220	$sql = "SELECT SUM(user_money) FROM " .$GLOBALS['ecs']->table('account_log').
	6221	" WHERE user_id = '$user_id' AND user_money < 0";
	6222
	6223	return abs($GLOBALS['db']->getOne($sql));
	6224	}
	6225
	6226	function get_user_yue ($user_id)
	6227	{
	6228	$sql = "SELECT user_money FROM " . $GLOBALS['ecs']->table('users') . "WHERE user_id = '$user_id'";
	6229	$res = $GLOBALS['db']->getOne($sql);
	6230	return $res;
	6231	}
	6232
	6233	function get_inv_complete_address ($order)
	6234	{
	6235	if($order['inv_type'] == 'normal_invoice')
	6236	{
	6237	$address = trim(get_inv_complete_region($order['order_id'], $order['inv_type']));
	6238	if(empty($address))
	6239	{
	6240	return $order['address'];
	6241	}
	6242	else
	6243	{
	6244	return '[' . $address . '] ' . $order['address'];
	6245	}
	6246	}
	6247	elseif($order['inv_type'] == 'vat_invoice')
	6248	{
	6249	$address = trim(get_inv_complete_region($order['order_id'], $order['inv_type']));
	6250	if(empty($address))
	6251	{
	6252	return $order['inv_consignee_address'];
	6253	}
	6254	else
	6255	{
	6256	return '[' . $address . '] ' . $order['inv_consignee_address'];
	6257	}
	6258	}
	6259	else
	6260	{
	6261	return '';
	6262	}
	6263	}
	6264
	6265	function get_inv_complete_region ($order_id, $inv_type)
	6266	{
	6267	if(! empty($order_id))
	6268	{
	6269	if($inv_type == 'normal_invoice')
	6270	{
	6271	$sql = "SELECT concat(IFNULL(c.region_name, ''), ' ', IFNULL(p.region_name, ''), " . "' ', IFNULL(t.region_name, ''), ' ', IFNULL(d.region_name, '')) AS region " . "FROM " . $GLOBALS['ecs']->table('order_info') . " AS o " . "LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS c ON o.country = c.region_id " . "LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS p ON o.province = p.region_id " . "LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS t ON o.city = t.region_id " . "LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS d ON o.district = d.region_id " . "WHERE o.order_id = '$order_id'";
	6272	return $GLOBALS['db']->getOne($sql);
	6273	}
	6274	elseif($inv_type == 'vat_invoice')
	6275	{
	6276	$sql = "SELECT concat(IFNULL(p.region_name, ''), " . "' ', IFNULL(t.region_name, ''), ' ', IFNULL(d.region_name, '')) AS region " . "FROM " . $GLOBALS['ecs']->table('order_info') . " AS o " . "LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS p ON o.inv_consignee_province = p.region_id " . "LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS t ON o.inv_consignee_city = t.region_id " . "LEFT JOIN " . $GLOBALS['ecs']->table('region') . " AS d ON o.inv_consignee_district = d.region_id " . "WHERE o.order_id = '$order_id'";
	6277	return $GLOBALS['db']->getOne($sql);
	6278	}
	6279	else
	6280	{
	6281	return ' ';
	6282	}
	6283	}
	6284	else
	6285	{
	6286	return ' ';
	6287	}
	6288	}
	6289
	6290	?>