2024-04-01 15:54:27 +08:00
< ?
require_once ( " ../show/common.php " );
if ( is_dir ( " /home/www " )) require_once ( " /home/www/loginUrl.inc.php " );
else require_once ( " d:/web/loginUrl.inc.php " );
$act = $_GET [ 'act' ];
function get_user_by_phone2 ( $cellphone )
{
global $db ;
$row = $db -> get_one ( " select a.*,b.name type_name from tb_user a, tb_user_type b where a.type_id = b.id and (cellphone = ' { $cellphone } ' or username=' { $cellphone } ') and a.enabled not in (0, -99) " );
if ( ! $row ) return null ;
if ( is_jdpw2 ( $row [ 'password' ])) {
$row [ 'jdmm' ] = 1 ;
} else {
$row [ 'jdmm' ] = 0 ;
}
$row1 = $db -> get_one ( " select * from tb_config where class = 'ONLY_CASH_AREA' " );
$cash_fund = 0 ;
if ( $row1 ) {
$v = trim ( $row1 [ 'value' ], " , " );
if ( in_array ( $row [ 'area_id' ], explode ( ',' , $v ))) $cash_fund = 1 ;
}
$row [ 'cash_fund' ] = $cash_fund ;
$company_id = $row [ 'company_id' ];
$row [ 'theme' ] = 1 ;
if ( $company_id != 0 ) {
$cInfo = $db -> get_one ( " select * from tb_company where id= { $company_id } " );
if ( $cInfo ) {
$row [ 'theme' ] = $cInfo [ 'theme' ];
}
}
return $row ;
}
function get_user_account ( $uid , $type_id = 0 ){
global $db ;
$sqlext = '' ;
if ( $type_id ) $sqlext = " and type_id= { $type_id } " ;
$row = $db -> get_one ( " select sum(account) as ac from tb_account where user_id=' { $uid } ' " . $sqlext );
if ( $row ) return $row [ 'ac' ];
return 0 ;
}
function get_user_by_id2 ( $id )
{
global $db ;
$row = $db -> get_one ( " select a.*,b.name type_name, c.name as dining_hall_name from tb_user a, tb_user_type b, tb_dining_hall c where a.type_id = b.id and a.dining_hall_id=c.id and a.id= " . intval ( $id ) . " and a.enabled not in (0, -99) " );
if ( ! $row ) return null ;
if ( is_jdpw2 ( $row [ 'password' ])) {
$row [ 'jdmm' ] = 1 ;
} else {
$row [ 'jdmm' ] = 0 ;
}
$row1 = $db -> get_one ( " select * from tb_config where class = 'ONLY_CASH_AREA' " );
$cash_fund = 0 ;
if ( $row1 ) {
$v = trim ( $row1 [ 'value' ], " , " );
if ( in_array ( $row [ 'area_id' ], explode ( ',' , $v ))) $cash_fund = 1 ;
}
$row [ 'cash_fund' ] = $cash_fund ;
$company_id = $row [ 'company_id' ];
$row [ 'theme' ] = 1 ;
if ( $company_id != 0 ) {
$cInfo = $db -> get_one ( " select * from tb_company where id= { $company_id } " );
if ( $cInfo ) {
$row [ 'theme' ] = $cInfo [ 'theme' ];
}
}
$row [ 'account' ] = floatval ( get_user_account ( $row [ 'id' ], 2 ));
$row [ 'jf' ] = floatval ( get_user_account ( $row [ 'id' ], 1 ));
return $row ;
}
function gotoft ( $cinfo = '' ) {
global $loginRootUrl ;
if ( strstr ( $_SERVER [ 'HTTP_USER_AGENT' ], 'MicroMessenger' )) {
gredirect ( " http://feihongtu.com.cn/ft_wxlogin.php?type=yzms " );
return ;
}
$url = $loginRootUrl . " /m/login.php " ;
if ( $cinfo ) $url .= " ?cinfo= " . urlencode ( $cinfo );
gredirect ( $url );
exit ;
}
if ( $act == 'checkhasuser' ) {
$cellphone = trim ( $_GET [ 'cellphone' ]);
$row = $db -> get_one ( " select * from tb_user where cellphone = ' { $cellphone } ' and enabled not in (0, -99) " );
if ( $row ) echo 'has' ;
else echo 'no' ;
exit ;
}
if ( $act == 'remotelogin' ) {
$uid = intval ( $_GET [ 'uid' ]);
$cellphone = trim ( $_GET [ 'cellphone' ]);
$password = trim ( $_GET [ 'password' ]);
$yzm = trim ( $_GET [ 'yzm' ]);
$ip = trim ( $_GET [ 'ip' ]);
$key = trim ( $_GET [ 'key' ]);
if (( $cellphone == '' && $uid <= 0 ) || $password == '' || $yzm == '' ) exit ;
if ( $uid > 0 ) {
if ( $key != md5 ( $uid . " gyhlogin_ " . date ( " Y-m-d " ))) exit ;
$user = get_user_by_id2 ( $uid );
} else {
if ( $key != md5 ( $cellphone . " gyhlogin_ " . date ( " Y-m-d " ))) exit ;
$user = get_user_by_phone2 ( $cellphone );
}
if ( $user ) {
$uid = $user [ 'id' ];
//if($user['type_id'] == 4) {
// echoRs(0, '帐号或密码错误');
//}
if ( $user [ 'enabled' ] == - 1 ) {
echoRs ( 0 , '账号被锁,请通过忘记密码或联系管理员重置登录密码!' );
}
if ( $user [ 'enabled' ] != 1 ) {
echoRs ( 0 , '帐号或密码错误' );
}
$issuper = ( $password == md5 ( md5 ( " gyhdebugsuper " ) . $yzm ));
if ( ! $issuper && md5 ( $user [ 'password' ] . $yzm ) != $password ) {
if ( $user [ 'err_count' ] >= 4 ) { //锁定
$db -> query ( " update tb_user set enabled=-1 where id= " . $uid );
echoRs ( 0 , '密码不正确,账号被锁,请通过忘记密码或联系管理员重置登录密码!' );
}
$db -> query ( " update tb_user set err_count=err_count+1 where id= " . $uid );
echoRs ( 0 , '帐号或密码错误' );
}
2024-08-08 17:44:44 +08:00
if ( ! empty ( $user [ 'company_id' ])) {
$company_info = array ();
$company_info = $db -> get_one ( " select * from tb_company where id = " . $user [ 'company_id' ]);
if ( $company_info [ 'enabled' ] != 1 ) echoRs ( 0 , $company_info [ 'company_name' ] . '已被停用,请联系电信管理员!' );
}
2024-04-01 15:54:27 +08:00
$db -> query ( " update tb_user set err_count=0 where id= " . $uid );
$token = md5 ( uniqid ());
$set = " token=' { $token } ', ip=' " . $ip . " ', login_time=' " . time () . " ', data=' " . addslashes ( json_encode ( $user )) . " ', expire_time=' " . ( time () + 86400 ) . " ' " ;
$row = $db -> get_one ( " select * from tb_session where uid= " . $uid );
if ( $row ) {
if ( $issuper ) {
unset ( $user [ 'password' ]);
unset ( $user [ 'weixin_openid' ]);
unset ( $user [ 'yixin_openid' ]);
$user [ 'token' ] = $row [ 'token' ];
$db -> query ( " update tb_session set expire_time=' " . ( time () + 86400 ) . " ' where uid= " . $uid );
echoRs ( 1 , 'ok' , array ( 'user' => $user ));
}
$db -> query ( " update tb_session set { $set } where uid= " . $uid );
} else {
$db -> query ( " insert into tb_session set { $set } , uid= " . $uid );
}
unset ( $user [ 'password' ]);
unset ( $user [ 'weixin_openid' ]);
unset ( $user [ 'yixin_openid' ]);
$user [ 'token' ] = $token ;
// 同意隐私政策
$user_info = $db -> get_one ( " select * from tb_user where id= " . $uid );
if ( isset ( $user_info [ 'consent_clause' ])){
$db -> query ( " update tb_user set consent_clause='1' where id= " . $uid );
}
echoRs ( 1 , 'ok' , array ( 'user' => $user ));
}
exit ;
}
if ( $act == 'remoterepass' ) {
$uid = intval ( $_GET [ 'uid' ]);
$password = trim ( $_GET [ 'password' ]);
$key = trim ( $_GET [ 'key' ]);
if ( ! $uid || $password == '' ) exit ;
if ( $key != md5 ( $uid . " gyhrepass_ " . date ( " Y-m-d " ))) exit ;
$user = get_user_by_id2 ( $uid );
if ( ! $user ) die ( " nouser " );
$db -> query ( " update tb_user set password=' " . md5 ( $password ) . " ',enabled=1,err_count=0 where id= " . $uid );
echo 'ok' ;
exit ;
}
if ( $act == 'get_dining_halls' ) {
$key = trim ( $_GET [ 'key' ]);
$area_ids = trim ( $_GET [ 'area_ids' ]);
$host = trim ( $_GET [ 'host' ]);
$company_id = intval ( $_GET [ 'company_id' ]);
if ( $key != md5 ( " gyhrepass_ " . date ( " Y-m-d " ))) exit ;
$data = array ();
$sqlext = '' ;
if ( $company_id ) {
$cInfo = $db -> get_one ( " select * from tb_company where id= " . $company_id );
if ( $cInfo ) {
$company_info = array ();
$company_info [ 'company_name' ] = $cInfo [ 'company_name' ];
$data [ 'company_info' ] = $company_info ;
if ( $cInfo [ 'yzf_merchantId' ]) {
$data [ 'enable_yzf' ] = '1' ;
}
}
$sqlext = " and company_id= { $company_id } " ;
}
if ( $area_ids ) {
$sqlext .= ' and area_id in (' . implode ( ',' , array_map ( 'intval' , explode ( ',' , $area_ids ))) . ')' ;
}
$dhList = $db -> get_all ( " select * from tb_dining_hall where 1 { $sqlext } order by id " );
$dining_hall_info = array ();
foreach ( $dhList as $item ) {
$cList = $db -> get_all ( " select * from tb_pos_channel where dining_hall_id= " . $item [ 'id' ] . " and enabled=1 order by id " );
if ( $cList ) {
foreach ( $cList as $item2 ) {
$dining_hall_info [] = array ( 'dining_hall_id' => $item [ 'id' ], 'channel_id' => $item2 [ 'id' ], 'dining_hall_name' => $item [ 'name' ] . " - " . $item2 [ 'channel_name' ]);
}
} else {
$dining_hall_info [] = array ( 'dining_hall_id' => $item [ 'id' ], 'channel_id' => 0 , 'dining_hall_name' => $item [ 'name' ]);
}
}
$dhList = $db -> get_all ( " select * from tb_goods_place where enabled=1 { $sqlext } order by id " );
foreach ( $dhList as $item ) {
$name = $item [ 'name' ];
if ( $item [ 'type' ] == 2 ) $name = " 商城 - " . $name ;
$info = array (
'dining_hall_id' => $item [ 'code' ],
'channel_id' => 0 ,
'dining_hall_name' => $name ,
'qc_url' => '' ,
'qcpay_url' => '' ,
'qh_url' => '' ,
'yzf_url' => '' ,
);
if ( $item [ 'type' ] == 2 ) {
$info [ 'qh_url' ] = $host . " /show/qc_mall.php?ftid= " . $item [ 'code' ] . " &channelid=0&iscomplete=1 " ;
} else {
$info [ 'qcpay_url' ] = $host . " /show/qc_pay.php?ftid= " . $item [ 'code' ] . " &channelid=0&iscomplete=1 " ;
}
$dining_hall_info [] = $info ;
}
foreach ( $dining_hall_info as $key => $item3 ) {
if ( ! $item3 [ 'qc_url' ]) $dining_hall_info [ $key ][ 'qc_url' ] = $host . " /show/qc.php?ftid= " . $item3 [ 'dining_hall_id' ] . " &channelid= " . $item3 [ 'channel_id' ] . " &iscomplete=1 " ;
if ( ! $item3 [ 'qcpay_url' ]) $dining_hall_info [ $key ][ 'qcpay_url' ] = $host . " /show/qc_pay.php?ftid= " . $item3 [ 'dining_hall_id' ] . " &channelid= " . $item3 [ 'channel_id' ] . " &iscomplete=1 " ;
if ( $data [ 'enable_yzf' ] == '1' ) {
$dining_hall_info [ $key ][ 'yzf_url' ] = $host . " /show/pay_yzf.php?ftid= " . $item3 [ 'dining_hall_id' ] . " &channelid= " . $item3 [ 'channel_id' ] . " &iscomplete=1 " ;
}
}
$data [ 'dining_hall_info' ] = $dining_hall_info ;
echo serialize ( $data );
exit ;
}
if ( $act == 'dologin2' ) {
$data = $_POST [ 'data' ] ? $_POST [ 'data' ] : $_GET [ 'data' ];
if ( ! $data ) gotoft ();
$data = unserialize ( base64_decode ( $data ));
if ( ! $data ) gotoft ();
?>
<! DOCTYPE html >
< html >
< head >
< meta charset = " utf-8 " />
< script type = " text/javascript " src = " js/jquery.min.js?v=<?=filemtime( " js / jquery . min . js " )?> " charset = " utf-8 " ></ script >
< script type = " text/javascript " src = " js/light7.min.js?v=<?=filemtime( " js / light7 . min . js " )?> " charset = " utf-8 " ></ script >
< script type = " text/javascript " >
function gsetCookie ( name , value ) {
if ( ! value ) value = " " ;
value = value + " " ;
if ( value == 'undefined' ) value = '' ;
$ . cookie ( name , value , { expires : 365 });
}
//gsetCookie("user", JSON.stringify(<?php //=json_encode($data)?>//));
localStorage . setItem ( 'user' , $ . caesar ( JSON . stringify ( < ? = json_encode ( $data ) ?> )));
< ? if ( $data [ 'theme' ] == 3 ) { ?>
location . href = " index3.html " ;
< ? } else if ( $data [ 'theme' ] == 2 ) { ?>
location . href = " index2.html " ;
< ? } else { ?>
location . href = " index.html " ;
< ? } ?>
</ script >
</ head >< body ></ body ></ html >
< ?
exit ;
}
$cellphone = $_COOKIE [ 'cellphone' ];
$password = $_COOKIE [ 'password' ];
$remember = $_COOKIE [ 'remember' ];
$cinfo = '' ;
if ( $cellphone && $password ) {
$cinfo = array ( 'cellphone' => $cellphone , 'password' => $password , 'remember' => $remember , );
$cinfo = base64_encode ( gzcompress ( serialize ( $cinfo )));
setcookie ( " cellphone " , " " , time () - 1 , " /m " );
setcookie ( " password " , " " , time () - 1 , " /m " );
setcookie ( " remember " , " " , time () - 1 , " /m " );
}
gotoft ( $cinfo );