sign.php Destoon B2B仿淘宝电子商务网站 UTF8 v6.0源码程序 - php源码程序

www.gusucode.com > Destoon B2B仿淘宝电子商务网站 UTF8 v6.0源码程序 > destoon/mobile/sign.php
    <?php
/*
	[Destoon B2B System] Copyright (c) 2008-2015 www.destoon.com
	This is NOT a freeware, use is subject to license.txt
*/
$moduleid = 8;
require 'common.inc.php';
$itemid or dheader(mobileurl($moduleid));
require DT_ROOT.'/module/'.$module.'/common.inc.php';
include load('misc.lang');
$item = $db->get_one("SELECT * FROM {$table} WHERE itemid=$itemid");
$item or mobile_msg($L['not_exists']);
if($item['fromtime'] && $DT_TIME > $item['fromtime']) mobile_msg($L['has_started']);
if($item['totime'] && $DT_TIME > $item['totime']) mobile_msg($L['has_expired']);
$item['status'] == 3 or mobile_msg($L['not_exists']);
$item['username'] or mobile_msg($L['com_not_member']);
$_username != $item['username'] or mobile_msg($L['sign_self']);
$today = $today_endtime - 86400;
$sql = $_userid ? "username='$_username'" : "addtime>$today AND ip='$DT_IP'";
$t = $db->get_one("SELECT id FROM {$table_order} WHERE id=$itemid AND $sql");
if($t) mobile_msg($L['sign_again']);
$linkurl = mobileurl($moduleid, 0, $itemid);
$need_captcha = $MOD['captcha_sign'] == 2 ? $MG['captcha'] : $MOD['captcha_sign'];
$head_name = $L['sign_title'];
$head_title = $head_name.$DT['seo_delimiter'].$MOD['name'].$DT['seo_delimiter'].$head_title;
$foot = '';
require DT_ROOT.'/include/post.func.php';
if(isset($_POST['ok'])) {
	$captcha = isset($captcha) ? input_trim($captcha) : '';
	$msg = captcha($captcha, $need_captcha, true);
	if($msg) exit('captcha');
	$amount = intval($amount);
	if($amount < 1) $amount = 1;
	$company = dhtmlspecialchars(convert(input_trim($company), 'UTF-8', DT_CHARSET));
	$truename = dhtmlspecialchars(convert(input_trim($truename), 'UTF-8', DT_CHARSET));
	if(strlen($truename) < 2*DT_CHARLEN) exit('truename');
	if(!is_mobile($mobile)) exit('mobile');
	$areaid = intval($areaid);
	$address = dhtmlspecialchars(convert(input_trim($address), 'UTF-8', DT_CHARSET));
	preg_match("/^[0-9]{6}$/", $postcode) or $postcode = '';
	is_email($email) or $email = '';
	is_qq($qq) or $qq = '';
	$content = dhtmlspecialchars(convert(input_trim($content), 'UTF-8', DT_CHARSET));
	$user = $item['username'];
	$title = addslashes($item['title']);
	$db->query("INSERT INTO {$table_order} (id,user,title,amount,company,truename,mobile,areaid,address,postcode,email,qq,content,addtime,username,ip) VALUES ('$itemid','$user','$title','$amount','$company','$truename','$mobile','$areaid','$address','$postcode','$email','$qq','$content','$DT_TIME','$_username','$DT_IP')");
	$db->query("UPDATE {$table} SET orders=orders+1 WHERE itemid=$itemid");
	exit('ok');
}
if($_userid) {
	$user = userinfo($_username);
	$company = $user['company'];
	$truename = $user['truename'];
	$mobile = $user['mobile'];
	$areaid = $user['areaid'];
	$address = $user['address'];
	$postcode = $user['postcode'];
	$email = $user['mail'] ? $user['mail'] : $user['email'];
	$qq = $user['qq'];
} else {	
	$company = $truename = $mobile = $areaid = $address = $postcode = $email = $qq =  '';
}
include template('exhibit_sign', 'mobile');
if(DT_CHARSET != 'UTF-8') toutf8();
?>