|
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17 System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64 User : nobody ( 99) PHP Version : 5.2.17 Disable Function : NONE Directory : /home/queenjbs/yuchun/eximbay_php/ |
Upload File : |
<?php
include $_SERVER['DOCUMENT_ROOT']."/conf/conf_dir.php";
/**
¾Æ·¡ ¼³Á¤ µÈ °ªÀº Å×½ºÆ®¿ë secretKeyÀÔ´Ï´Ù.
Å×½ºÆ®·Î¸¸ ÁøÇàÇÏ½Ã°í ¹ß±Þ ¹ÞÀ¸½Å °ªÀ¸·Î º¯°æÇÏ¼Å¾ß µË´Ï´Ù.
*/
$secretKey = $card_secretkey;//secretkey
foreach($_POST as $Key=>$value) {
if($Key == "fgkey"){
continue;
}
$hashMap[$Key] = $value;
}
$rescode = $_POST['rescode'];//0000 : Á¤»ó
$resmsg = $_POST['resmsg'];//°áÁ¦ °á°ú ¸Þ¼¼Áö
$fgkey = $_POST['fgkey'];//°ËÁõ fgkey
//rescode=0000 À϶§ fgkey È®ÀÎ
if($rescode == "0000"){
//fgkey °ËÁõÅ° »ý¼º
$size = count($hashMap);
ksort($hashMap);
$counter = 0;
foreach ($hashMap as $key => $val) {
if ($counter == $size-1){
$sortingParams .= $key."=" .$val;
}else{
$sortingParams .= $key."=" .$val."&";
}
++$counter;
}
//echo $sortingParams;
$linkBuf = $secretKey. "?".$sortingParams;
$newFgkey = hash("sha256", $linkBuf);
//fgkey °ËÁõ ½ÇÆÐ ½Ã ¿¡·¯ ó¸®
if(strtolower($fgkey) != $newFgkey){
$rescode = "ERROR";
$resmsg = "Invalid transaction";
}
}
if($rescode == "0000"){
//°¡¸ÍÁ¡ Ãø DB ó¸®ÇÏ´Â ºÎºÐ
//ÇØ´ç ÆäÀÌÁö´Â Back-End·Î 󸮵DZ⠶§¹®¿¡ ½ºÅ©¸³Æ®, ¼¼¼Ç, ÄíÅ° »ç¿ëÀÌ ºÒ°¡´É ÇÕ´Ï´Ù.
$orderstep=2;
if($orderstep == 2) $where = ",d_bank='$date[totime]' ";
$query = "update shop_order set orderstep ='$orderstep',buyfix='0' $where where uid = '$param2' and orderid='$param1'";
$result = mysql_query($query, $db_con);
$query = "update shop_ordergoods set orderstep ='$orderstep' $where where parent = '$param2'";
$result = mysql_query($query, $db_con);
$qrys = Get_dbres("select * from shop_order where uid = '$param2' and orderid='$param1'");
$rows = mysql_fetch_array($qrys);
$midx = $rows[mbruid]; //ȸ¿ø idx
$uidx = $rows[orderid]; //ÁÖ¹®¹øÈ£ ¸ÅĪ
//ȸ¿ø°¡ÀÔ°áÁ¦ À϶§¸¸ »ç¿ëÇÔ.
if($rows[display]==1){
$qry = Get_dbres("select * from user where id = '$midx'");
$row = mysql_fetch_array($qry);
$mCode = $row[member_code];
$benddate = $row[m_enddate];
if($benddate && $row[auth_code] == 10){
$end_arr = explode("-",$benddate);
$end_time = mktime(0,0,0,$end_arr[1], $end_arr[2], $end_arr[0]);
$now_time = mktime(0,0,0,date("m"), date("d"), date("Y"));
$giganCount = ($end_time - $now_time)/86400;
}else{
$giganCount =-1;
}
if($giganCount >= 0){
#À¯·áȸ¿ø ±â°£ÀÌ ³²¾ÆÀÖ´Ù¸é.. m_enddate ³¯Â¥¿¡ ±â°£ Ç÷¯½ºÇÔ.
$end_arr = explode("-",$benddate);
$tmpyearn = $end_arr[0];
$tmpyearp=$end_arr[0]+1;
$time =mktime(0, 0, 0, $end_arr[1], '01', $end_arr[0]);
$beforeMonth = date("Y-m-d",strtotime("+1 month", $time));
$beforeMonthArr = explode("-",$beforeMonth);
$tmp_start_date = $tmpyearn."-".$beforeMonthArr[1]."-01";
$tmp_end_date = $tmpyearp."-".$end_arr[1]."-".$end_arr[2];
$whereDate1 =",startdate='$tmp_start_date',enddate='$tmp_end_date'";
$whereDate2 =",m_startdate='$tmp_start_date',m_enddate='$tmp_end_date'";
}else{
#À¯·áȸ¿ø ±â°£ÀÌ ¾ø´Ù¸é.. ÀԱݿϷáÀÏÀÇ ¿ùÀÇ 1ÀÏ·Î ½ÃÀÛÀÏÀ̵ǰí ,enddate´Â ÀÌ ½ÃÀÛÀÏÀÇ Àü´Þ ÀÇ ¸»ÀÏ·Î µÈ´Ù.
//$today="2018-03-15";
$todayArr = explode("-",$today);
$tmp_start_date = $todayArr[0]."-".$todayArr[1]."-01";
$time =mktime(0, 0, 0, $todayArr[1], $todayArr[2], $todayArr[0]);
$beforeMonth = date("Y-m-d",strtotime("-1 month", $time));
$beforeMonthArr = explode("-",$beforeMonth);
if($todayArr[1] == "01"){
$tmpyearp= $todayArr[0];
}else{
$tmpyearp= $todayArr[0]+1;
}
$end_day = date("t", mktime(0, 0, 0, $beforeMonthArr[1], 1, $tmpyearp));
$tmp_end_date = $tmpyearp."-".$beforeMonthArr[1]."-".$end_day;
$whereDate1 =",startdate='$tmp_start_date',enddate='$tmp_end_date'";
$whereDate2 =",m_startdate='$tmp_start_date',m_enddate='$tmp_end_date'";
}
//ȸ¿ø¹øÈ£°¡ ÀÖ´Ù¸é ±×´ë·Î ¾²±â..20150502
if(!$mCode){
$member_code = get_db("select max(member_code) from user where activated = 1"); //Á¤È¸¿ø¹øÈ£ÁÖ±â
$numberVal = substr($member_code, 2, 6)+1;
//SV03400 ¹ø ºÎÅÍ ½ÃÀÛ ·çÅ©ÄÚ¸®¾Æ ¹øÈ£ ½ÃÀÛÇÏÀÚ.20180910
if($numberVal <= 101) $numberVal= 101;//ù¹ø° µé¾î°¥ »ç¶÷À§ÇØ
$member_code = $initialCode.sprintf("%05d",$numberVal);
}else{
$member_code=$mCode;
}
//echo $member_code;
//exit;
//ij½¬ °áÁ¦
$adminIP = $_SERVER["REMOTE_ADDR"];
$cash_cnt = get_db("SELECT count(user_id) FROM user_cash where user_id='$midx' and flag='D'")+1;
//ij½¬ °áÁ¦
$mode="D";
$adminIP = $_SERVER["REMOTE_ADDR"];
$queryupok = "update user_cash set flag = '$mode' ,inning='$cash_cnt',admin_id='auto' ,admin_date=now() , admin_ip='$adminIP' $whereDate1 where cash_no = '$uidx' and order_uid = '$param2'";
$queryupok_result = mysql_query($queryupok,$db_con);
//echo "<br>";
//member table °áÀç Á¤º¸ ¼öÁ¤
$queryupok = "update user set auth_code = '10',cash_chk='$idx',cash_cnt='$cash_cnt' $whereDate2 ,member_code='$member_code' where id = '$midx'";
$queryupok_result = mysql_query($queryupok,$db_con);
}
}
?>