ajax.php act=query,ajax.php

最新推荐文章于 2025-04-06 16:49:52 发布
最新推荐文章于 2025-04-06 16:49:52 发布
阅读量704 收藏
点赞数
文章标签: ajax.php act=query

include("./includes/common.php");

$act=isset($_GET['act'])?daddslashes($_GET['act']):null;

@header('Content-Type: application/json; charset=UTF-8');

if($islogin2==1){

$price_obj = new Price($userrow['zid'],$userrow);

$cookiesid = $userrow['zid'];

$siterow = $userrow;

}elseif($is_fenzhan == true){

$price_obj = new Price($siterow['zid'],$siterow);

}else{

$price_obj = new Price(1);

}

if ($conf['cjmsg'] != '') {

$cjmsg = $conf['cjmsg'];

} else {

$cjmsg = '您今天的抽奖次数已经达到上限!';

}

switch($act){

case 'payrmb':

if(!$islogin2)exit('{"code":-4,"msg":"你还未登录"}');

$orderid=isset($_POST['orderid'])?daddslashes($_POST['orderid']):exit('{"code":-1,"msg":"订单号未知"}');

$srow=$DB->get_row("SELECT * FROM shua_pay WHERE trade_no='{$orderid}' limit 1 for update");

if(!$srow['trade_no'])exit('{"code":-1,"msg":"订单号不存在!"}');

if($srow['money']=='0')exit('{"code":-1,"msg":"当前商品为免费商品,不需要支付"}');

if($srow['status']==0){

if($srow['money']>$userrow['rmb'])exit('{"code":-3,"msg":"你的余额不足,请充值!"}');

if($DB->query("update `shua_site` set `rmb`=`rmb`-{$srow['money']} where `zid`='{$userrow['zid']}'") && $DB->query("update `shua_pay` set `type` ='rmb',`status` ='1',`endtime` ='$date' where `trade_no`='{$orderid}'")){

addPointRecord($userrow['zid'], $srow['money'], '消费', '购买 '.$srow['name']);

if($orderid=processOrder($srow))

exit('{"code":1,"msg":"您所购买的商品已付款成功,感谢购买!","orderid":"'.$orderid.'"}');

else

exit('{"code":-1,"msg":"下单失败!'.$DB->error().'"}');

}else{

exit('{"code":-1,"msg":"下单失败!'.$DB->error().'"}');

}

}else{

exit('{"code":-2,"msg":"当前订单已付款过,请勿重复提交"}');

}

break;

case 'captcha':

require_once SYSTEM_ROOT.'class.geetestlib.php';

$GtSdk = new GeetestLib($conf['captcha_id'], $conf['captcha_key']);

$data = array(

'user_id' => $cookiesid, # 网站用户id

'client_type' => "web", # web:电脑上的浏览器;h5:手机上的浏览器,包括移动应用内完全内置的web_view;native:通过原生SDK植入APP应用的方式

'ip_address' => $clientip # 请在此处传输用户请求验证时所携带的IP

);

$status = $GtSdk->pre_process($data, 1);

$_SESSION['gtserver'] = $status;

$_SESSION['user_id'] = $cookiesid;

echo $GtSdk->get_response_str();

break;

case 'getcount':

$strtotime=strtotime($conf['build']);//获取开始统计的日期的时间戳

$now=time();//当前的时间戳

$yxts=ceil(($now-$strtotime)/86400);//取相差值然后除于24小时(86400秒)

if($conf['hide_tongji']==1){

$result=array("code"=>0,"yxts"=>$yxts,"orders"=>0,"orders1"=>0,"orders2"=>0,"money"=>0,"money1"=>0,"gift"=>$gift);

exit(json_encode($result));

}

if($conf['tongji_time']>0){

$tongji_cachetime = $DB->get_column("SELECT v FROM shua_config WHERE k='tongji_cachetime' limit 1");

$tongji_cache = $CACHE->read('tongji');

if($tongji_cachetime+intval($conf['tongji_time'])>=time() && $tongji_cache){

$array = unserialize($tongji_cache);

$result=array("code"=>0,"yxts"=>$yxts,"orders"=>$array['orders'],"orders1"=>$array['orders1'],"orders2"=>$array['orders2'],"money"=>$array['money'],"money1"=>$array['money1'],"site"=>$array['site'],"gift"=>$array['gift']);

exit(json_encode($result));

}

}

if($conf['gift_log']==1 && $conf['gift_open']==1){

$gift = array();

$list=$DB->query("SELECT a.*,(select b.name from shua_gift as b where a.gid=b.id) as name FROM shua_giftlog as a WHERE status=1 ORDER BY id DESC");

while($cjlist=$DB->fetch($list)){

if(!$cjlist['input'])continue;

$gift[$cjlist['input']] = $cjlist['name'];

}

}

$time =date("Y-m-d").' 00:00:01';

$count1=$DB->count("SELECT count(*) from shua_orders");

$count2=$DB->count("SELECT count(*) from shua_orders where status>=1");

$count3=$DB->count("SELECT sum(money) from shua_pay where status=1");

$count4=round($count3, 2);

$count5=$DB->count("SELECT count(*) from `shua_orders` WHERE `addtime` > '$time'");

$count6=$DB->count("SELECT sum(money) FROM `shua_pay` WHERE `addtime` > '$time' AND `status` = 1");

$count7=round($count6, 2);

$count8=$DB->count("SELECT count(*) from shua_site");

if($conf['tongji_time']>0){

saveSetting('tongji_cachetime',time());

$CACHE->save('tongji',serialize(array("orders"=>$count1,"orders1"=>$count2,"orders2"=>$count5,"money"=>$count4,"money1"=>$count7,"site"=>$count8,"gift"=>$gift)));

}

$result=array("code"=>0,"yxts"=>$yxts,"orders"=>$count1,"orders1"=>$count2,"orders2"=>$count5,"money"=>$count4,"money1"=>$count7,"site"=>$count8,"gift"=>$gift);

exit(json_encode($result));

break;

case 'getclass':

$rs=$DB->query("SELECT * FROM shua_class WHERE active=1 order by sort asc");

$data = array();

while($res = $DB->fetch($rs)){

$data[]=$res;

}

$result=array("code"=>0,"msg"=>"succ","data"=>$data);

exit(json_encode($result));

break;

case 'gettool':

if(isset($_POST['kw'])){

$kw=trim(daddslashes($_POST['kw']));

$rs=$DB->query("SELECT * FROM shua_tools WHERE name LIKE '%{$kw}%' and active=1 order by sort asc");

}else{

$cid=intval($_GET['cid']);

$rs=$DB->query("SELECT * FROM shua_tools WHERE cid='$cid' and active=1 order by sort asc");

if(isset($_GET['info']) && $_GET['info']==1){

$info=$DB->get_row("SELECT * FROM shua_class WHERE cid=$cid");

}

}

$data = array();

while($res = $DB->fetch($rs)){

if(isset($_SESSION['gift_id']) && isset($_SESSION['gift_tid']) && $_SESSION['gift_tid']==$res['tid']){

$price=$conf["cjmoney"]?$conf["cjmoney"]:0;

}elseif(isset($price_obj)){

$price_obj->setToolInfo($res['tid'],$res);

if($price_obj->getToolDel($res['tid'])==1)continue;

$price=$price_obj->getToolPrice($res['tid']);

}else $price=$res['price'];

if($res['is_curl']==4){

$isfaka = 1;

$res['input'] = getFakaInput();

}else{

$isfaka = 0;

}

$data[]=array('tid'=>$res['tid'],'sort'=>$res['sort'],'name'=>$res['name'],'value'=>$res['value'],'price'=>$price,'input'=>$res['input'],'inputs'=>$res['inputs'],'desc'=>$res['desc'],'alert'=>$res['alert'],'shopimg'=>$res['shopimg'],'repeat'=>$res['repeat'],'multi'=>$res['multi'],'close'=>$res['close'],'isfaka'=>$isfaka);

}

$result=array("code"=>0,"msg"=>"succ","data"=>$data,"info"=>$info);

exit(json_encode($result));

break;

case 'getleftcount':

$tid=intval($_POST['tid']);

$count = $DB->count("SELECT count(*) FROM shua_faka WHERE tid='$tid' and orderid=0");

$result=array("code"=>0,"count"=>$count);

exit(json_encode($result));

break;

case 'pay':

$tid=intval($_POST['tid']);

$inputvalue=trim(strip_tags(daddslashes($_POST['inputvalue'])));

$inputvalue2=trim(strip_tags(daddslashes($_POST['inputvalue2'])));

$inputvalue3=trim(strip_tags(daddslashes($_POST['inputvalue3'])));

$inputvalue4=trim(strip_tags(daddslashes($_POST['inputvalue4'])));

$inputvalue5=trim(strip_tags(daddslashes($_POST['inputvalue5'])));

$num=isset($_POST['num'])?intval($_POST['num']):1;

$hashsalt=isset($_POST['hashsalt'])?$_POST['hashsalt']:null;

$tool=$DB->get_row("select * from shua_tools where tid='$tid' limit 1");

if($tool && $tool['active']==1){

if($tool['close']==1)exit('{"code":-1,"msg":"当前商品维护中,停止下单!"}');

if(in_array($inputvalue,explode("|",$conf['blacklist'])))exit('{"code":-1,"msg":"你的下单账号已被拉黑,无法下单!"}');

if($conf['verify_open']==1 && (empty($_SESSION['addsalt']) || $hashsalt!=$_SESSION['addsalt'])){

exit('{"code":-1,"msg":"验证失败,请刷新页面重试"}');

}

if($tool['is_curl']==4){

if($conf['faka_input']==0 && !checkEmail($inputvalue)){

exit('{"code":-1,"msg":"邮箱格式不正确"}');

}

$count = $DB->count("SELECT count(*) FROM shua_faka WHERE tid='$tid' and orderid=0");

if($count==0)exit('{"code":-1,"msg":"该商品库存卡密不足,请联系站长加卡!"}');

if($num>$count)exit('{"code":-1,"msg":"你所购买的数量超过库存数量!"}');

}

elseif($tool['repeat']==0){

$thtime=date("Y-m-d").' 00:00:00';

$row=$DB->get_row("select * from shua_orders where tid='$tid' and input='$inputvalue' order by id desc limit 1");

if($row['input'] && $row['status']==0)

exit('{"code":-1,"msg":"您今天添加的'.$tool['name'].'正在排队中,请勿重复提交!"}');

elseif($row['addtime']>$thtime)

exit('{"code":-1,"msg":"您今天已添加过'.$tool['name'].',请勿重复提交!"}');

}

if($tool['validate']==1 && is_numeric($inputvalue)){

if(validate_qzone($inputvalue)==false)

exit('{"code":-1,"msg":"你的QQ空间设置了访问权限,无法下单!"}');

}

if($tool['multi']==0 || $num<1)$num = 1;

if(isset($_SESSION['gift_id']) && isset($_SESSION['gift_tid']) && $_SESSION['gift_tid']==$tid){

$gift_id = intval($_SESSION['gift_id']);

$giftlog=$DB->get_column("select status from shua_giftlog where id='$gift_id' limit 1");

if($giftlog==1){

unset($_SESSION['gift_id']);

unset($_SESSION['gift_tid']);

exit('{"code":-1,"msg":"当前奖品已经领取过了!"}');

}

$price=$conf["cjmoney"]?$conf["cjmoney"]:0;

$num=1;

}elseif(isset($price_obj)){

$price_obj->setToolInfo($tid,$tool);

$price=$price_obj->getToolPrice($tid);

}else $price=$tool['price'];

$need=$price*$num;

if($need==0 && $tid!=$_SESSION['gift_tid']){

$thtime=date("Y-m-d").' 00:00:00';

if($_SESSION['blockfree']==true || $DB->count("SELECT count(*) FROM `shua_pay` WHERE `tid`='{$tid}' and `money`=0 and `ip`='$clientip' and `status`=1 and `endtime`>'$thtime'")>=1){

exit('{"code":-1,"msg":"您今天已领取过,请明天再来!"}');

}

if($conf['captcha_open']==1){

if(isset($_POST['geetest_challenge']) && isset($_POST['geetest_validate']) && isset($_POST['geetest_seccode'])){

require_once SYSTEM_ROOT.'class.geetestlib.php';

$GtSdk = new GeetestLib($conf['captcha_id'], $conf['captcha_key']);

$data = array(

'user_id' => $cookiesid,

'client_type' => "web",

'ip_address' => $clientip

);

if ($_SESSION['gtserver'] == 1) { //服务器正常

$result = $GtSdk->success_validate($_POST['geetest_challenge'], $_POST['geetest_validate'], $_POST['geetest_seccode'], $data);

if ($result) {

//echo '{"status":"success"}';

} else{

exit('{"code":-1,"msg":"验证失败,请重新验证"}');

}

}else{ //服务器宕机,走failback模式

if ($GtSdk->fail_validate($_POST['geetest_challenge'],$_POST['geetest_validate'],$_POST['geetest_seccode'])) {

//echo '{"status":"success"}';

}else{

exit('{"code":-1,"msg":"验证失败,请重新验证"}');

}

}

}else{

exit('{"code":2,"msg":"请先完成验证"}');

}

}

}

$trade_no=date("YmdHis").rand(111,999);

$input=$inputvalue.($inputvalue2?'|'.$inputvalue2:null).($inputvalue3?'|'.$inputvalue3:null).($inputvalue4?'|'.$inputvalue4:null).($inputvalue5?'|'.$inputvalue5:null);

if($need==0){

$trade_no='free'.$trade_no;

$num = 1;

$sql="insert into `shua_pay` (`trade_no`,`tid`,`zid`,`type`,`input`,`num`,`name`,`money`,`ip`,`userid`,`addtime`,`status`) values ('".$trade_no."','".$tid."','".($siterow['zid']?$siterow['zid']:1)."','free','".$input."','".$num."','".$tool['name']."','".$need."','".$clientip."','".$cookiesid."','".$date."','1')";

if($DB->query($sql)){

unset($_SESSION['addsalt']);

if(isset($_SESSION['gift_id'])){

$DB->query("update `shua_giftlog` set `status` =1,`tradeno` ='$trade_no',`input` ='$inputvalue' where `id`='$gift_id'");

unset($_SESSION['gift_id']);

unset($_SESSION['gift_tid']);

}

$_SESSION['blockfree']=true;

$srow['tid']=$tid;

$srow['input']=$input;

$srow['num']=$num;

$srow['zid']=$siterow['zid'];

$srow['userid']=$cookiesid;

$srow['trade_no']=$trade_no;

if($orderid=processOrder($srow)){

exit('{"code":1,"msg":"下单成功!你可以在进度查询中查看代刷进度","orderid":"'.$orderid.'"}');

}else{

exit('{"code":-1,"msg":"下单失败!'.$DB->error().'"}');

}

}

}else{

$sql="insert into `shua_pay` (`trade_no`,`tid`,`zid`,`input`,`num`,`name`,`money`,`ip`,`userid`,`inviteid`,`addtime`,`status`) values ('".$trade_no."','".$tid."','".($siterow['zid']?$siterow['zid']:1)."','".$input."','".$num."','".$tool['name']."','".$need."','".$clientip."','".$cookiesid."','".$invite_id."','".$date."','0')";

if($DB->query($sql)){

unset($_SESSION['addsalt']);

if(isset($_SESSION['gift_id'])){

$DB->query("update `shua_giftlog` set `status` =1,`tradeno` ='$trade_no' where `id`='$gift_id'");

unset($_SESSION['gift_id']);

unset($_SESSION['gift_tid']);

}

exit('{"code":0,"msg":"提交订单成功!","trade_no":"'.$trade_no.'","need":"'.$need.'","pay_alipay":"'.$conf['alipay_api'].'","pay_wxpay":"'.$conf['wxpay_api'].'","pay_qqpay":"'.$conf['qqpay_api'].'","pay_tenpay":"'.$conf['tenpay_api'].'","pay_rmb":"'.$islogin2.'","user_rmb":"'.$userrow['rmb'].'"}');

}else{

exit('{"code":-1,"msg":"提交订单失败!'.$DB->error().'"}');

}

}

}else{

exit('{"code":-2,"msg":"该商品不存在"}');

}

break;

case 'checkkm':

$km=trim(daddslashes($_POST['km']));

$myrow=$DB->get_row("select * from shua_kms where km='$km' limit 1");

if(!$myrow)

{

exit('{"code":-1,"msg":"此卡密不存在!"}');

}

elseif($myrow['usetime']!=null){

exit('{"code":-1,"msg":"此卡密已被使用!"}');

}

$tool=$DB->get_row("select * from shua_tools where tid='{$myrow['tid']}' limit 1");

$result=array("code"=>0,"tid"=>$tool['tid'],"cid"=>$tool['cid'],"name"=>$tool['name'],"alert"=>$tool['alert'],"desc"=>$tool['desc'],"inputname"=>$tool['input'],"inputsname"=>$tool['inputs'],"value"=>$tool['value'],"close"=>$tool['close']);

exit(json_encode($result));

break;

case 'card':

if($conf['iskami']==0)exit('{"code":-1,"msg":"当前站点未开启卡密下单"}');

$km=trim(daddslashes($_POST['km']));

$inputvalue=trim(strip_tags(daddslashes($_POST['inputvalue'])));

$inputvalue2=trim(strip_tags(daddslashes($_POST['inputvalue2'])));

$inputvalue3=trim(strip_tags(daddslashes($_POST['inputvalue3'])));

$inputvalue4=trim(strip_tags(daddslashes($_POST['inputvalue4'])));

$inputvalue5=trim(strip_tags(daddslashes($_POST['inputvalue5'])));

$myrow=$DB->get_row("select * from shua_kms where km='$km' limit 1");

if(!$myrow)

{

exit('{"code":-1,"msg":"此卡密不存在!"}');

}

elseif($myrow['usetime']!=null){

exit('{"code":-1,"msg":"此卡密已被使用!"}');

}

else

{

$tid=$myrow['tid'];

$tool=$DB->get_row("select * from shua_tools where tid='$tid' limit 1");

if($tool && $tool['active']==1){

if(in_array($inputvalue,explode("|",$conf['blacklist'])))exit('{"code":-1,"msg":"你的下单账号已被拉黑,无法下单!"}');

if($tool['repeat']==0){

$row=$DB->get_row("select * from shua_orders where tid='$tid' and input='$inputvalue' order by id desc limit 1");

$thtime=date("Y-m-d").' 00:00:00';

if($row['input'] && $row['status']==0)

exit('{"code":-1,"msg":"您今天添加的'.$tool['name'].'正在排队中,请勿重复提交!"}');

elseif($row['addtime']>$thtime)

exit('{"code":-1,"msg":"您今天已添加过'.$tool['name'].',请勿重复提交!"}');

}

if($tool['validate'] && is_numeric($inputvalue)){

if(validate_qzone($inputvalue)==false)

exit('{"code":-1,"msg":"你的QQ空间设置了访问权限,无法下单!"}');

}

$srow['tid']=$tid;

$srow['input']=$inputvalue.($inputvalue2?'|'.$inputvalue2:null).($inputvalue3?'|'.$inputvalue3:null).($inputvalue4?'|'.$inputvalue4:null).($inputvalue5?'|'.$inputvalue5:null);

$srow['num']=1;

$srow['zid']=$siterow['zid'];

$srow['userid']=$cookiesid;

$srow['trade_no']='kid:'.$myrow['kid'];

if($orderid=processOrder($srow)){

$DB->query("update `shua_kms` set `user` ='$inputvalue',`usetime` ='".$date."' where `kid`='{$myrow['kid']}'");

exit('{"code":0,"msg":"'.$tool['name'].' 下单成功!你可以在进度查询中查看代刷进度","orderid":"'.$orderid.'"}');

}else{

exit('{"code":-1,"msg":"'.$tool['name'].' 下单失败!'.$DB->error().'"}');

}

}else{

exit('{"code":-2,"msg":"该商品不存在"}');

}

}

break;

case 'query':

$type=intval($_POST['type']);

$qq=trim(daddslashes($_POST['qq']));

$page=isset($_POST['page'])?intval($_POST['page']):1;

$rs=$DB->query("SELECT * FROM shua_tools WHERE 1 order by sort asc");

while($res = $DB->fetch($rs)){

$shua_func[$res['tid']]=$res['name'];

}

if($type==1 && !empty($qq)){

if(strlen($qq)==17 && is_numeric($qq))$sql=" tradeno='{$qq}'";

else if(is_numeric($qq))$sql=" id='{$qq}' and userid='{$cookiesid}'";

else exit('{"code":-1,"msg":"请输入正确的订单号"}');

}

elseif(empty($qq))$sql=" userid='{$cookiesid}'";

else $sql=" input='{$qq}'";

$limit = 10;

$start = $limit * ($page-1);

$rs=$DB->query("SELECT * FROM shua_orders WHERE{$sql} order by id desc limit $start,$limit");

$data=array();

$count = 0;

while($res = $DB->fetch($rs)){

$count++;

$data[]=array('id'=>$res['id'],'tid'=>$res['tid'],'input'=>$res['input'],'name'=>$shua_func[$res['tid']],'value'=>$res['value'],'addtime'=>$res['addtime'],'endtime'=>$res['endtime'],'result'=>$res['result'],'status'=>$res['status'],'skey'=>md5($res['id'].SYS_KEY.$res['id']));

}

if($page>1 && $count==0)exit('{"code":-1,"msg":"没有更多订单了"}');

$result=array("code"=>0,"msg"=>"succ","content"=>$qq,"page"=>$page,"isnext"=>($count==$limit?true:false),"islast"=>($page>1?true:false),"data"=>$data);

exit(json_encode($result));

break;

case 'order': //订单进度查询

$id=intval($_POST['id']);

if(md5($id.SYS_KEY.$id)!==$_POST['skey'])exit('{"code":-1,"msg":"验证失败"}');

$row=$DB->get_row("select * from shua_orders where id='$id' limit 1");

if(!$row)

exit('{"code":-1,"msg":"当前订单不存在!"}');

$tool=$DB->get_row("select * from shua_tools where tid='{$row['tid']}' limit 1");

if($tool['is_curl']==4 || $row['djzt']==3){

$count = $row['value'];

if($count>6){

$kmdata='

点此查看卡密
';

}else{

$rs=$DB->query("SELECT * FROM shua_faka WHERE tid='{$row['tid']}' AND orderid='$id' LIMIT {$count}");

$kmdata='';

while($res = $DB->fetch($rs))

{

if(!empty($res['pw'])){

$kmdata.='卡号:'.$res['km'].' 密码:'.$res['pw'].'
';

}else{

$kmdata.=$res['km'].'
';

}

if(strlen($res['km'].$res['pw'])>80){

$kmdata='

点此查看卡密
';

break;

}

}

}

}elseif($tool['is_curl']==2){

$shequ=$DB->get_row("select * from shua_shequ where id='{$tool['shequ']}' limit 1");

if($shequ['type']==1){

$list = yile_chadan($shequ['url'], $row['djorder'], $shequ['username'], $shequ['password']);

}elseif($shequ['type']==0 || $shequ['type']==2){

$list = jiuwu_chadan($shequ['url'], $shequ['username'], $shequ['password'], $row['djorder']);

}elseif($shequ['type']==3 || $shequ['type']==5){

$list = xmsq_chadan($shequ['url'], $tool['goods_id'], $row['input'], $row['djorder']);

}elseif($shequ['type']==10){

$list = qqbug_chadan($shequ['password'], $row['djorder']);

}elseif($shequ['type']==11){

$list = jumeng_chadan($shequ['url'], $row['djorder']);

}elseif($shequ['type']==12){

$list = this_chadan($shequ['url'], $row['djorder']);

}elseif($shequ['type']==20){

if(class_exists("ExtendAPI") && method_exists('ExtendAPI','chadan')){

$list = ExtendAPI::chadan($shequ['url'], $shequ['username'], $shequ['password'], $row['djorder'], $tool['goods_id'], $row['input']);

}

}

if($list['order_state']=='已完成' && $row['status']==2){

$DB->query("update shua_orders set status=1 where id='{$id}'");

}

}

$input=$tool['input']?$tool['input']:'下单QQ';

if($tool['is_curl']==4)$input='联系方式';

$inputs=explode('|',$tool['inputs']);

$result=array('code'=>0,'msg'=>'succ','name'=>$tool['name'],'money'=>$row['money'],'date'=>$row['addtime'],'inputs'=>showInputs($row,$input,$inputs),'list'=>$list,'kminfo'=>$kmdata,'alert'=>$tool['alert'],'desc'=>$tool['desc'],'status'=>$row['status'],'result'=>$row['result'],'complain'=>$conf['show_complain'],'islogin'=>$islogin2);

exit(json_encode($result));

break;

case 'changepwd':

$orderid=daddslashes($_POST['id']);

if(md5($orderid.SYS_KEY.$orderid)!==$_POST['skey'])exit('{"code":-1,"msg":"验证失败"}');

$pwd=trim(strip_tags(daddslashes($_POST['pwd'])));

if(strlen($pwd)<5)exit('{"code":-1,"msg":"请输入正确的密码"}');

$row=$DB->get_row("select * from shua_orders where id='$orderid' limit 1");

if($row){

if($DB->query("update `shua_orders` set `input2` ='{$pwd}' where `id`='{$orderid}'")){

$result=array("code"=>0,"msg"=>"已成功修改密码");

}else{

$result=array("code"=>0,"msg"=>"修改密码失败");

}

}else{

$result=array("code"=>-1,"msg"=>"订单不存在");

}

exit(json_encode($result));

break;

case 'fill':

$orderid=daddslashes($_POST['orderid']);

if(md5($orderid.SYS_KEY.$orderid)!==$_POST['skey'])exit('{"code":-1,"msg":"验证失败"}');

$row=$DB->get_row("select * from shua_orders where id='$orderid' limit 1");

if($row){

if($row['status']==3){

$DB->query("update `shua_orders` set `status` ='0',result=NULL where `id`='{$orderid}'");

$result=array("code"=>0,"msg"=>"已成功补交订单");

}else{

$result=array("code"=>0,"msg"=>"该订单不符合补交条件");

}

}else{

$result=array("code"=>-1,"msg"=>"订单不存在");

}

exit(json_encode($result));

break;

case 'checklogin':

if($islogin2==1)exit('{"code":1}');

else exit('{"code":0}');

break;

case 'lqq':

$qq=trim(daddslashes($_POST['qq']));

if(empty($qq) || empty($_SESSION['addsalt']) || $_POST['salt']!=$_SESSION['addsalt'])exit('{"code":-5,"msg":"非法请求"}');

get_curl($conf['lqqapi'].$qq);

$result=array("code"=>0,"msg"=>"succ");

exit(json_encode($result));

break;

case 'getshuoshuo':

$uin=trim(daddslashes($_GET['uin']));

$page=intval($_GET['page']);

$hashsalt=isset($_GET['hashsalt'])?$_GET['hashsalt']:null;

if($conf['verify_open']==1 && (empty($_SESSION['addsalt']) || $hashsalt!=$_SESSION['addsalt'])){

exit('{"code":-1,"msg":"验证失败,请刷新页面重试"}');

}

if(empty($uin))exit('{"code":-5,"msg":"QQ号不能为空"}');

$result = getshuoshuo($uin,$page);

exit(json_encode($result));

break;

case 'getrizhi':

$uin=trim(daddslashes($_GET['uin']));

$page=intval($_GET['page']);

$hashsalt=isset($_GET['hashsalt'])?$_GET['hashsalt']:null;

if($conf['verify_open']==1 && (empty($_SESSION['addsalt']) || $hashsalt!=$_SESSION['addsalt'])){

exit('{"code":-1,"msg":"验证失败,请刷新页面重试"}');

}

if(empty($uin))exit('{"code":-5,"msg":"QQ号不能为空"}');

$result = getrizhi($uin,$page);

exit(json_encode($result));

break;

case 'getkuaishou':

$url=trim($_POST['url']);

if(empty($url))exit('{"code":-5,"msg":"url不能为空"}');

$result = getkuaishou($url);

exit(json_encode($result));

break;

case 'getdouyin':

$url=trim($_POST['url']);

if(empty($url))exit('{"code":-5,"msg":"url不能为空"}');

$result = getdouyin($url);

exit(json_encode($result));

break;

case 'gethuoshan':

$url=trim($_POST['url']);

if(empty($url))exit('{"code":-5,"msg":"url不能为空"}');

$result = gethuoshan($url);

exit(json_encode($result));

break;

case 'gift_start':

$action = $_GET['action'];

if ($action == '') {

if(!$conf['gift_open'])exit('{"code":-2,"msg":"网站未开启抽奖功能"}');

if(!$conf['cjcishu'])exit('{"code":-2,"msg":"站长未设置每日抽奖次数!"}');

$thtime=date("Y-m-d").' 00:00:00';

$cjcount = $DB->count("select count(*) from shua_giftlog where (userid='$cookiesid' or ip='$clientip') and addtime>='$thtime'");

if ($cjcount >= $conf['cjcishu']) {

exit('{"code":-1,"msg":"' . $cjmsg . '"}');

}

$query = $DB->query("select * from shua_gift where ok=0");

while ($row = $DB->fetch($query)) {

$arr[] = array("id" => $row["id"], "tid" => $row["tid"], "name" => $row["name"]);

}

$rateall = $DB->count("SELECT sum(rate) from shua_gift where ok=0");

if($rateall<100)$arr[] = array("id" => 0, "tid" => 0, "name" => '未中奖');

if (!$arr) {

exit('{"code":-2,"msg":"站长未设置奖品"}');

}

$result=array("code"=>0,"data"=>$arr);

exit(json_encode($result));

} else {

$token = md5($_GET['r'].SYS_KEY.$_GET['r']);

exit('{"code":0,"token":"'.$token.'"}');

}

break;

case 'gift_stop':

if(!$conf['gift_open'])exit('{"code":-2,"msg":"网站未开启抽奖功能"}');

if(!$conf['cjcishu'])exit('{"code":-2,"msg":"站长未设置每日抽奖次数!"}');

$hashsalt=isset($_POST['hashsalt'])?$_POST['hashsalt']:null;

$token=isset($_POST['token'])?$_POST['token']:null;

if($conf['verify_open']==1 && (empty($_SESSION['addsalt']) || $hashsalt!=$_SESSION['addsalt'])){

exit('{"code":-1,"msg":"验证失败,请刷新页面重试"}');

}

if(md5($_GET['r'].SYS_KEY.$_GET['r']) !== $token)exit('{"code":-1,"msg":"请勿重复提交请求"}');

$thtime=date("Y-m-d").' 00:00:00';

$cjcount = $DB->count("select count(*) from shua_giftlog where (userid='$cookiesid' or ip='$clientip') and addtime>='$thtime'");

if ($cjcount >= $conf['cjcishu']) {

exit('{"code":-1,"msg":"' . $cjmsg . '"}');

}

$prize_arr = array();

$query = $DB->query("select * from shua_gift where ok=0");

$i = 1;

$bre = $DB->count("SELECT count(*) from shua_gift where ok=0");

while ($i <= $bre) {

while ($row = $DB->fetch($query)) {

$prize_arr[] = array("id" => ($i = $i + 1) -1, "gid" => $row["id"], "tid" => $row["tid"], "name" => $row["name"], "rate" => $row["rate"], "not" => 0);

}

}

if (!$prize_arr) {

exit('{"code":-2,"msg":"站长未设置奖品"}');

}

$rateall = $DB->count("SELECT sum(rate) from shua_gift where ok=0");

if($rateall<100)$prize_arr[] = array("id" => ($i = $i + 1) -1, "gid" => 0, "tid" => 0, "name" => '未中奖', "rate" => 100-$rateall, "not" => 1);

foreach ($prize_arr as $key => $val) {

$arr[$val["id"]] = $val["rate"];

}

$prize_id = get_rand($arr);

$data['rate'] = $prize_arr[$prize_id - 1]['rate'];

$data['id'] = $prize_arr[$prize_id - 1]['id'];

$data['gid'] = $prize_arr[$prize_id - 1]['gid'];

$data['name'] = $prize_arr[$prize_id - 1]['name'];

$data['tid'] = $prize_arr[$prize_id - 1]['tid'];

$data['not'] = $prize_arr[$prize_id - 1]['not'];

$gift_id = $DB->insert("INSERT INTO `shua_giftlog`(`zid`,`tid`,`gid`,`userid`,`ip`,`addtime`,`status`) VALUES ('".($siterow['zid']?$siterow['zid']:1)."','".$data['tid']."','".$data['gid']."','".$cookiesid."','".$clientip."','".$date."',0)");

if ($gift_id) {

if ($data['not'] == 1) {

exit('{"code":-1,"msg":"未中奖,谢谢参与!"}');

}

$tool = $DB->get_row("select * from shua_tools where tid='{$data['tid']}' limit 1");

$_SESSION['gift_tid'] = $data['tid'];

$_SESSION['gift_id'] = $gift_id;

unset($_SESSION['addsalt']);

$result = array("code" => 0, "msg" => "succ", "cid" => $tool['cid'], "tid" => $data['tid'], "name" => $data['name']);

exit(json_encode($result));

} else {

exit('{"code":-3,"msg":"' . $DB->error() . '"}');

}

break;

case 'inviteurl':

$qq = daddslashes($_POST['userqq']);

$hashsalt=isset($_POST['hashsalt'])?$_POST['hashsalt']:null;

if (!preg_match('/^[1-9][0-9]{4,9}$/i',$qq)){

exit('{"code":0,"msg":"QQ号码格式不正确"}');

}

$key = random(6);

$qqrow = $DB->get_row("SELECT * FROM `shua_invite` WHERE `qq`='$qq' LIMIT 1");

$result = array();

if ($qqrow)

{

$code = 2;

$url = $siteurl . '?i=' .$qqrow['key'];

} else {

$iprow = $DB->get_row("SELECT * FROM `shua_invite` WHERE `ip`='$clientip' LIMIT 1");

if ($iprow)

{

$code = 2;

$url = $siteurl . '?i=' .$iprow['key'];

} else {

if($conf['verify_open']==1 && (empty($_SESSION['addsalt']) || $hashsalt!=$_SESSION['addsalt'])){

exit('{"code":-1,"msg":"验证失败,请刷新页面重试"}');

}

if($DB->query("INSERT INTO `shua_invite` (`qq`,`key`,`ip`,`date`) VALUES ('$qq','$key','$clientip','$date')")){

unset($_SESSION['addsalt']);

$code = 1;

$url = $siteurl . '?i=' . $key ;

}else{

exit('{"code":-1,"msg":"' . $DB->error() . '"}');

}

}

}

if($conf['fanghong_url'])$url = fanghongdwz($url);

$result = array('code'=>$code, 'msg'=>'succ', 'url'=>$url);

exit(json_encode($result));

break;

default:

exit('{"code":-4,"msg":"No Act"}');

break;

}

一键复制

编辑

Web IDE

原始数据

按行查看

历史

心安王
关注
金华迪加现场大屏互动系统mobile.do.php存在任意文件上传漏洞
缘梦未来的博客
11-18 277
金华迪加现场大屏互动系统是一种集成了先进技术和创意设计的互动展示解决方案,旨在通过大屏幕和多种交互方式,为观众提供沉浸式的互动体验。该系统广泛应用于各类活动、展览、会议等场合,能够显著提升现场氛围和参与者的体验感。
flask 中ajax 传递参数应用场景与form表单传递参数的场景小心得
bingheshidai_1234的博客
04-05 1804
首先是ajax 在flask中的应用步骤的实现: 在前端html中的表现形式: function recover_send(uid){ var act='recover'; var id=uid; $.ajax({ url:'/account/ops', type:'POST', ...
PHP中的滚动加载数据,php+ajax实现拖动滚动条分批加载请求加载数据
weixin_36397256的博客
03-18 232
无标题文档img{border:0;}varPageNo= 1;varPageSize= 50;$(document).ready(function(){$.get("ajax.php",function(data){$("#mypage").html(data);})})iIntervalId=setInterval("test();",2000);functionshow(){PageNo++...
简单示例:AJAX结合PHP代码实现登录
已废弃。
05-19 694
页面1: login.html html>head>script language="javascript">function postRequest(strURL){    var xmlHttp;    if(window.XMLHttpRequest){ // For Mozilla, Safari,
【网络安全篇】php伪协议-漏洞及其原理
最新发布
ALLEN'Blog
04-06 564
🏆今日学习目标:🍀学习php伪协议✅创作者:贤鱼⏰预计时间:35分钟🎉个人主页:贤鱼的个人主页🔥专栏系列:网络安全🍁贤鱼的个人社区,欢迎你的加入贤鱼摆烂团🍁如果有需要可以查看下面文章25分钟了解phpphp基础。
无为WiFi的一批服务器
qq_60957671的博客
10-09 734
我们在多个地区拥有高速服务器,保证网速给力,刷片无压力。
ctf中的web的PHP问题,Ctfshow Web入门 - PHP特性(89-102
weixin_28909295的博客
04-01 1141
Web89include("flag.php");highlight_file(__FILE__);if(isset($_GET[‘num‘])){$num = $_GET[‘num‘];if(preg_match("/[0-9]/", $num)){die("no no no!");}if(intval($num)){echo $flag;}}num数组绕过?num[]=0Web90includ...
ecshop2.7.3的入口文件“index.php”的详细分析
qq_40997551的博客
07-29 778
//定义常量,防止被引用文件的非法载入 define(‘IN_ECS’, true); //加载全站初始化配置文件 require(dirname(FILE) . ‘/includes/init.php’); //自定义常量“DEBUG_MODE”与2进行按位与运算,如果"DEBUG_MODE"的二进制不是“10”,就打开缓存 if ((DEBUG_MODE & 2) != 2) { $smarty->caching = true; } //初定义变量$ua为“小写处理后的访问用户的所有信息”
jquery Ajax 对注册页进行验证
04-11
在IT领域,jQueryAjax是前端开发中非常重要的技术,它们可以实现实时的数据交互,无需刷新页面即可完成数据的提交与验证。本文将详细解析如何利用jQueryAjax对注册页面进行用户验证,确保用户体验的同时,提高...
使用ajax将后台数据输出到前台,实现页面动态化
canger729的博客
03-10 6620
第一次亲自和后台联合开发,还是值得纪念的。想想看到数据输出到页面的一瞬间,都有点激动呢!废话不说,上例子。接口来自“某接口数据平台”https://www.jisuapi.com/api/driverexam/ 我真的不是打广告的..页面包含题目部分,当你做出选择时,会显示答案和解释部分。其中这两部分除了父级中间代码都被注释掉了。因为这个要用js动态实现呦~但是前提要把注释的样式写好啦~这样页面生成
ajax漏洞 sql注入,易想团购ajax.php SQL注入分析和Exp漏洞预警 -电脑资料
weixin_29696999的博客
08-06 588
在注册的时候,输入用户名后台会验证用户名是否存在,当然是通过ajax去验证的也就是ajax.php,* 验证会员数据 */ function check_user($field_name,$field_data) { //开始数据验证 $user_data[$field_name] = $field_data; $res = array('status'=>1,'info'=>'',...
ecshop中ajax.call使用
09-29 131
ecshop 中的 ajax 非常好用, 当自己第一次使用的时候,因为之前并没有看明白transport.js这个文件的具体内容.弄得有点迷糊. 细看了一下这个文件 在js目录下transport.js这个文件.里面代码太多.这里我就不讲了. 记录下怎么用的吧. 对新手来说.这个 ajax 封装文件确实很好用. 复制这个文件到你要应用的目录这个不用说了. 新建个事件.onclick或...
ajax提交购物车,JS购物车(3)-Ajax发送POST请求提交订单
weixin_34725745的博客
08-06 870
一、背景和需求在购物车页面中,当用户点击“提交订单”按钮时需要收集商品ID、商品数量等订单数据,并向后端发送POST请求二、HTML代码以SKU为单位的商品数据的层级结构如下:iphone11黑色128GApple官方自营店¥5999¥5999三、实现思路1、将商品数据封装在JSON数组中遍历商品列表,检查checkbox的checked属性是否为true对于checked属性为true的商品将其...
ecshop ajax内置函数Ajax.call
梦回故里
08-26 3407
对于web的开发,现在少不了ajax的实用,ecshop中封装了自己的ajax调用函数,这个函数用起来还是非常方便的。下面介绍下他的实用。 Ajax.call( 'user.php?act=chk_user', 'username=' + username, registed_callback , 'GET', 'TEXT', true, true ); 这个函数共有7个参数。
PHP中的daddslashes方法
我的地盘
07-08 1160
01.@set_magic_quotes_runtime(0); 02.$MQG = get_magic_quotes_gpc(); 03.  04.if(!$MQG && $_POST) $_POST = daddslashes($_POST); 05.if(!$MQG && $_GET) $_GET = daddslashes($_GET); 06.  07.//转译字符
php实例登陆,php中的登陆login实例代码
weixin_30334225的博客
03-09 302
本文实例为大家分享了php中的登陆login具体实现代码,供大家参考,具体内容如下require "../include/DBClass.php";$username=$_POST['UserName'];$password=$_POST['Password'];if(empty($username) || empty($password)){Go_Msg("请填写用户名,密码!","../def...
需要具体的全部代码
03-17
<think>好的,用户之前已经询问了关于流浪动物救助网站作为本科毕设的设计方案,现在他们进一步要求提供“具体的全部代码”。我需要仔细分析他们的需求以及可能的背景。 首先,用户可能是一名计算机科学或相关专业的本科生,正在准备毕业设计。他们已经得到了一个详细的设计方案,包括模块划分、页面规划和技术栈建议。现在他们需要具体的代码来实现这个项目,可能因为时间紧迫或者对实际编码不太熟悉,希望有一个起点或参考。 不过,“全部代码”这个请求非常广泛,一个完整的网站涉及前端、后端、数据库、API等多个部分,代码量庞大,不可能在一个回答中完全涵盖。用户可能没有意识到这一点,或者他们希望得到关键部分的示例代码,以便自己扩展。 接下来,我需要确定用户的实际需求。他们可能需要主要功能的代码示例,比如首页结构、表单处理、数据库连接等。考虑到毕设的要求,用户可能需要展示技术实现的深度,因此提供关键技术的代码片段会更有帮助。 另外,用户可能希望代码能覆盖他们之前提到的技术栈,比如HTML5、CSS3、JavaScript、Bootstrap、Node.js/Express、MySQL等。需要确保提供的代码示例符合这些技术,并且结构清晰,易于理解和扩展。 还需要注意用户可能缺乏某些开发经验,比如设置后端服务器或数据库连接,因此代码示例应尽量简洁,并附有注释说明。此外,应提醒用户代码的局限性,比如需要配置环境变量、安装依赖等,避免他们直接复制粘贴后无法运行而产生困惑。 最后,应该建议用户分模块开发,逐步实现功能,并强调代码管理和版本控制的重要性,比如使用Git。同时,提供进一步帮助的渠道,鼓励用户在遇到具体问题时再询问,这样可以更有效地解决问题。</think>由于完整网站代码体量庞大(通常包含HTML/CSS/JS+后端代码+数据库等数千行),我将为您提供关键模块的代码框架和实现思路。建议使用VS Code配合Live Server插件进行开发: --- ### 一、基础结构代码 ```html <!-- 通用头部 header.html --> <!DOCTYPE html> <html lang="zh-CN"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>流浪动物救助平台</title> <link href="https://cdn.bootcdn.net/ajax/libs/twitter-bootstrap/5.1.3/css/bootstrap.min.css" rel="stylesheet"> <link href="/css/style.css" rel="stylesheet"> </head> <body> <nav class="navbar navbar-expand-lg navbar-light bg-light"> <div class="container"> <a class="navbar-brand" href="index.html"> <img src="/images/logo.png" alt="救助平台" width="100"> </a> <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#mainNav"> <span class="navbar-toggler-icon"></span> </button> <div class="collapse navbar-collapse" id="mainNav"> <ul class="navbar-nav me-auto"> <li class="nav-item"><a class="nav-link" href="rescue-list.html">救助信息</a></li> <li class="nav-item"><a class="nav-link" href="adoption-list.html">领养平台</a></li> <li class="nav-item"><a class="nav-link" href="volunteer-act.html">志愿活动</a></li> </ul> </div> </div> </nav> ``` --- ### 二、核心页面示例(领养申请表单) ```html <!-- adoption-apply.html --> <section class="container my-5"> <h2 class="text-center mb-4">领养申请表</h2> <form id="adoptionForm" class="needs-validation" novalidate> <!-- 步骤指示器 --> <div class="steps mb-4"> <div class="step active">1. 基本信息</div> <div class="step">2. 领养条件</div> <div class="step">3. 确认提交</div> </div> <!-- 第一步 --> <div class="step-content active" data-step="1"> <div class="mb-3"> <label class="form-label">姓名</label> <input type="text" class="form-control" name="name" required> </div> <button type="button" class="btn btn-primary next-step">下一步</button> </div> <!-- 第二步 --> <div class="step-content" data-step="2"> <div class="mb-3"> <label class="form-label">居住类型</label> <select class="form-select" name="housing" required> <option value="">请选择</option> <option>自有住房</option> <option>租赁住房</option> </select> </div> <button type="button" class="btn btn-secondary prev-step">上一步</button> <button type="button" class="btn btn-primary next-step">下一步</button> </div> <!-- 第三步 --> <div class="step-content" data-step="3"> <div class="alert alert-success">请确认信息无误</div> <button type="submit" class="btn btn-success">提交申请</button> </div> </form> </section> <script> // 多步表单逻辑 document.querySelectorAll('.next-step').forEach(btn => { btn.addEventListener('click', () => { const currentStep = document.querySelector('.step-content.active'); const nextStep = currentStep.nextElementSibling; if(currentStep.checkValidity()) { currentStep.classList.remove('active'); nextStep.classList.add('active'); updateStepIndicator(); } }); }); </script> ``` --- ### 三、后端API示例(Node.js/Express) ```javascript // server.js const express = require('express'); const mysql = require('mysql2'); const app = express(); const port = 3000; // 数据库连接池 const pool = mysql.createPool({ host: 'localhost', user: 'root', password: 'password', database: 'animal_rescue', waitForConnections: true, connectionLimit: 10, queueLimit: 0 }); // 领养申请接口 app.post('/api/adoption', express.json(), (req, res) => { const { name, contact, animalId } = req.body; pool.query( 'INSERT INTO applications (name, contact, animal_id) VALUES (?, ?, ?)', [name, contact, animalId], (err, results) => { if(err) return res.status(500).json({ error: err.message }); res.json({ success: true, applicationId: results.insertId }); } ); }); // 启动服务器 app.listen(port, () => { console.log(`Server running at http://localhost:${port}`); }); ``` --- ### 四、数据库结构示例(MySQL) ```sql -- 动物信息表 CREATE TABLE animals ( id INT AUTO_INCREMENT PRIMARY KEY, name VARCHAR(50) NOT NULL, species ENUM('猫', '狗', '其他') NOT NULL, age INT, health_status TEXT, rescue_date DATE, is_adopted BOOLEAN DEFAULT false ); -- 领养申请表 CREATE TABLE applications ( id INT AUTO_INCREMENT PRIMARY KEY, applicant_name VARCHAR(100) NOT NULL, contact_info VARCHAR(100) NOT NULL, animal_id INT NOT NULL, apply_date TIMESTAMP DEFAULT CURRENT_TIMESTAMP, status ENUM('pending', 'approved', 'rejected') DEFAULT 'pending', FOREIGN KEY (animal_id) REFERENCES animals(id) ); ``` --- ### 五、项目部署建议 1. 前端部署: ```bash # 使用Vite构建 npm install npm run build # 部署到Nginx服务器 sudo cp -r dist/* /var/www/html/ ``` 2. 数据库初始化: ```bash mysql -u root -p < database.sql ``` --- **完整代码获取方式**: 1. 访问GitHub模板仓库(需自行补充实现细节): ``` https://github.com/example/animal-rescue-template ``` 2. 推荐使用技术栈组合: $$ \text{Vue3 + Element Plus + Express + MySQL} $$ 建议先完成核心功能的模块化开发,每个页面建议独立建立文件夹管理资源文件。如需具体某个模块的完整代码(如支付接口实现、地图集成等),可以说明具体需求我会提供针对性代码示例。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值