在MuOnline数据库中创建表cards,其中列如下
列名,数据类型,长度,允许空
===================================
cid,int,4,false
cardid,varchar,16,false
cardpw,varchar,12,false
cardtype,tinyint,1,false
cardtime,int,4,false
payid,varchar,10,true
ispaid,tinyint,1,false
issend,tinyint,1,false
paidtime,int,4,true
bbsid,varchar,10,true
isreply,tinyint,1,true
config.inc.php
以下内容为程序代码:
$sitename = ""; // 服务器名
$dbhost = ""; // 数据库服务器地址(IP)
$dbuser = ""; // 数据库用户名
$dbpw = ""; // 数据库密码
$dbname = "MuOnline"; // 数据库名
$mkid=""; //生成卡的管理用户名
$mkpw=""; //生成卡的密码
?>
index.php
以下内容为程序代码:
require("config.inc.php");
?>
pay.php
以下内容为程序代码:
//parse_str($_SERVER["QUERY_STRING"]);
require("config.inc.php");
$mons["一月"]=1;
$mons["二月"]=2;
$mons["三月"]=3;
$mons["四月"]=4;
$mons["五月"]=5;
$mons["六月"]=6;
$mons["七月"]=7;
$mons["八月"]=8;
$mons["九月"]=9;
$mons["十月"]=10;
$mons["十一月"]=11;
$mons["十二月"]=12;
function filter($str) {
$str=str_replace(",", "",$str);
$str=str_replace(".", "",$str);
$str=str_replace(",", "",$str);
$str=str_replace(";", "",$str);
$str=str_replace("'", "",$str);
$str=str_replace(":", "",$str);
$str=str_replace("=", "",$str);
$str=str_replace("&", "",$str);
$str=str_replace("%", "",$str);
$str=str_replace("\"", "",$str);
$str=str_replace("$$", "",$str);
$str=str_replace("-", "",$str);
$str=str_replace(" ", "",$str);
return $str;
}
function showmsg($str,$paysuc=false) {
?>
exit();
}
session_start();
session_register("checkcode");
$GLOBALS["cardid"]=$ps_cardid;
$GLOBALS["bbsid"]=$ps_bbsid;
$ps_cardid=filter($ps_cardid);
$ps_cardpw=filter($ps_cardpw);
if($checkcode!=$extcode) {
showmsg("验证码错误,请重新输入");
}
if($ps_bbsid!=$ps_rebbsid) {
showmsg("两次论坛帐号输入不符");
}
$dbconnect = @mssql_connect($dbhost,$dbuser,$dbpw) or showmsg("无法与数据库连接,请与管理员联系");
$dbselect = @mssql_select_db("$dbname")or showmsg("无法与数据库连接,请与管理员联系");
$sql = "SELECT * FROM MEMB_INFO WHERE memb___id = '$ps_gameid'";
$result = mssql_query($sql,$dbconnect);
if(!$result) {
showmsg("数据库错误,请与管理员联系");
}
$canfind = mssql_num_rows($result);
if($canfind==0) {
showmsg("无此帐号或密码错误,请确认是否输入正确");
}
$rows = mssql_fetch_array($result);
if($rows["memb__pwd"]!=$ps_gamepw) {
showmsg("无此帐号或密码错误,请确认是否输入正确");
}
$sql = "SELECT * FROM VI_CURR_INFO WHERE memb___id = '$ps_gameid'";
$result = mssql_query($sql,$dbconnect);
if(!$result) {
showmsg("数据库错误,请与管理员联系");
}
$canfind = mssql_num_rows($result);
if($canfind==0) {
showmsg("无此帐号或密码错误,请确认是否输入正确");
}
$rows = mssql_fetch_array($result);
$curbillingtime=$rows["Surplus_Minute"];
$billingtime=explode(" ",$curbillingtime);
$curyear=$billingtime[0];
$curmonth=$mons[$billingtime[1]];
$curday=$billingtime[2];
$curtt=mktime(0,0,0,$curmonth,$curday,$curyear);
$tt=time();
$nowyear=date("Y",$tt);
$nowmonth=date("n",$tt);
$nowday=date("j",$tt);
$nowtt=mktime(0,0,0,$nowmonth,$nowday,$nowyear);
if($curtt<$nowtt) {
$curtt=$nowtt;
}
$sql = "SELECT * FROM cards WHERE cardid = '$ps_cardid'";
$result = mssql_query($sql,$dbconnect);
if(!$result) {
showmsg("数据库错误,请与管理员联系");
}
$canfind = mssql_num_rows($result);
if($canfind==0) {
showmsg("无此充值卡号或密码错误,请确认是否输入正确");
}
$rows = mssql_fetch_array($result);
if($rows["cardpw"]!=$ps_cardpw) {
showmsg("无此充值卡号或密码错误,请确认是否输入正确");
}
if($rows["ispaid"]==1) {
$paytime=date("Y-m-d H:i:s",$rows["paidtime"]);
showmsg("这张充值卡已经在 ".$paytime." 被充值给帐号 ".$rows["bbsid"]."
\n请不要重复充值,否则我们可能会冻结您的帐号");
}
//添加充值信息
switch($rows["cardtype"]) {
case 1:
$tmpmsg="天";
$ptime=$rows["cardtime"];
break;
case 2:
$tmpmsg="月";
$ptime=$rows["cardtime"]*30;
break;
case 3:
$tmpmsg="季度";
$ptime=$rows["cardtime"]*90;
break;
case 4:
$tmpmsg="半年";
$ptime=$rows["cardtime"]*180;
break;
case 5:
$tmpmsg="年";
$ptime=$rows["cardtime"]*365;
break;
}
$curtt=$curtt+($ptime*86400);
$currtime=date("Y-m-d H:i:s",$curtt);
$paidtime=time();
$sql="update VI_CURR_INFO set Surplus_Minute='$currtime',Bill_Section=2 where memb___id='$ps_gameid'";
$result = mssql_query($sql,$dbconnect);
if(!$result) {
showmsg("数据库错误,请与管理员联系");
}
$sql="update cards set ispaid='1',payid='$ps_gameid',paidtime='$paidtime',bbsid='$ps_bbsid' where cardid='$ps_cardid'";
$result = mssql_query($sql,$dbconnect);
if(!$result) {
showmsg("数据库错误,请与管理员联系");
}
if($tmpmsg!="半年") {
showmsg("已经成功向 ".$ps_bbsid." 充入 ".$rows["cardtime"]." ".$tmpmsg."VIP时间
\n当前VIP资格到期时间: ".$currtime."
\n请您到论坛登陆之后确认您的VIP资格。",true);
}
else {
showmsg("已经成功向帐号 ".$ps_bbsid." 充入 半年 VIP时间
\n当前VIP资格到期时间: ".$currtime."
\n请您到论坛登陆之后确认您的VIP资格。",true);
}
?>