www.gusucode.com > Destoon B2B仿淘宝电子商务网站 UTF8 v6.0源码程序 > destoon/module/sell/buy.inc.php
<?php
defined('IN_DESTOON') or exit('Access Denied');
if($DT_BOT) dhttp(403);
login();
require DT_ROOT.'/module/'.$module.'/common.inc.php';
SELL_ORDER or dalert(lang('message->without_permission'), 'goback');
require DT_ROOT.'/include/post.func.php';
include load('misc.lang');
include load('member.lang');
include load('order.lang');
if($submit) {
$ids = '';
if($post) {
$add = array_map('trim', $add);
$add['address'] = area_pos($add['areaid'], '').$add['address'];
$add = dhtmlspecialchars($add);
$buyer_address = $add['address'];
if(strlen($buyer_address) < 10) message($L['msg_type_address']);
$buyer_postcode = $add['postcode'];
if(strlen($buyer_postcode) < 6) message($L['msg_type_postcode']);
$buyer_name = $add['truename'];
if(strlen($buyer_name) < 2) message($L['msg_type_truename']);
$buyer_mobile = $add['mobile'];
if(!is_mobile($buyer_mobile)) message($L['msg_type_mobile']);
$buyer_phone = $add['telephone'];
foreach($post as $k=>$v) {
$itemid = intval($k);
$t = $db->get_one("SELECT * FROM {$table} WHERE itemid=$itemid");
if($t && $t['status'] == 3 && $t['username'] != $_username && $t['price'] > 0 && $t['amount'] > 0 && $t['minamount'] > 0 && $t['unit']) {
$number = intval($v['number']);
if($number < $t['minamount']) $number = $t['minamount'];
if($number > $t['amount']) $number = $t['amount'];
if($number < 1) $number = 1;
$price = $t['price'];
$amount = $number*$price;
$v['note'] = str_replace('|', '-', $v['note']);
$note = dhtmlspecialchars($v['note']);
$title = addslashes($t['title']);
$linkurl = $MOD['linkurl'].$t['linkurl'];
$status = $MOD['checkorder'] ? 0 : 1;
$fee_name = '';
$fee = $cod = 0;
$db->query("INSERT INTO {$DT_PRE}mall_order (mid,mallid,buyer,seller,title,thumb,price,number,amount,addtime,updatetime,note, buyer_postcode,buyer_address,buyer_name,buyer_phone,buyer_mobile,status,fee_name,fee,cod) VALUES ('$moduleid','$itemid','$_username','$t[username]','$title','$t[thumb]','$price','$number','$amount','$DT_TIME','$DT_TIME','$note','$buyer_postcode','$buyer_address','$buyer_name','$buyer_phone','$buyer_mobile','$status','$fee_name','$fee','$cod')");
$oid = $db->insert_id();
$ids .= ','.$oid;
//send message
$touser = $t['username'];
$_title = $title;
$title = lang($L['trade_message_t6'], array($oid));
$url = $MODULE[2]['linkurl'].'trade.php?itemid='.$oid;
$goods = '<a href="'.$linkurl.'" target="_blank" class="t"><strong>'.$_title.'</strong></a>';
$content = lang($L['trade_message_c6'], array(userurl($_username), $_username, timetodate($DT_TIME, 3), $goods, $oid, $amount, $url));
$content = ob_template('messager', 'mail');
send_message($touser, $title, $content);
}
}
}
$forward = 'action=order';
if(!$MOD['checkorder']) {
if($ids) {
$ids = substr($ids, 1);
if(is_numeric($ids)) {
$forward = 'action=update&step=pay&itemid='.$ids;
} else {
$forward = 'action=muti&itemids='.$ids;
}
}
}
dheader('?action=show&auth='.encrypt($forward));
} else {
if($action == 'show') {
$forward = isset($auth) ? decrypt($auth) : '';
$forward = $MODULE[2]['linkurl'].'trade.php?'.($forward ? $forward : 'action=order');
} else {
$lists = $tags = $data = array();
$itemids = '';
if($itemid) {
if(is_array($itemid)) {
foreach($itemid as $id) {
$itemids .= ','.$id;
$data[$id] = $id;
}
} else {
$itemids .= ','.$itemid;
$data[$itemid] = $itemid;
}
}
if($itemids) {
$itemids = substr($itemids, 1);
$result = $db->query("SELECT * FROM {$table} WHERE itemid IN ($itemids)");
while($r = $db->fetch_array($result)) {
if($r['username'] == $_username || $r['status'] != 3 || $r['price'] < 0.01 || $r['amount'] < 1 || $r['minamount'] < 1 || !$r['unit']) continue;
$r['alt'] = $r['title'];
$r['title'] = dsubstr($r['title'], 40, '..');
$r['linkurl'] = $MOD['linkurl'].$r['linkurl'];
$r['key'] = $r['itemid'];
$tags[$r['itemid']] = $r;
}
if($tags) {
foreach($data as $k=>$v) {
if(isset($tags[$k])) {
$lists[] = $tags[$k];
}
}
}
}
if($lists) {
$address = array();
$result = $db->query("SELECT * FROM {$DT_PRE}address WHERE username='$_username' ORDER BY listorder ASC,itemid ASC LIMIT 30");
while($r = $db->fetch_array($result)) {
$address[] = $r;
}
$user = userinfo($_username);
}
}
$head_title = $L['buy_title'];
include template('buy', $module);
}
?>