🔓 Ultimate Webshell - Penetration Testing Tool

📖 File Reader

<?php
namespace app\api\controller;
use app\api\model\ModGoodsAct;
use app\BaseController;
use app\common\Common_alipay;
use app\common\Common_huifu;
use app\common\Common_weixinpay;
use app\common\Common_api;
use app\api\common\Common_config;
use app\api\common\Common_order;
use app\api\common\Common_user;
use think\facade\Db;
use think\facade\View;

class Order extends Base
{
    /*支付宝配置信息*/
    protected $app_id = '';//apiid;
    protected $notify_url = '';//回调地址
    protected $private_key = '';//私钥
    protected $gatewayUrl = 'https://openapi.alipay.com/gateway.do';//支付宝api地址
    protected $public_key = '';//公钥
    public function initialize()
    {
        $config = Common_config::config("'alipay_app_id','private_key','public_key'");
        $this->app_id = $config["alipay_app_id"];
        $this->notify_url = 'http://'.$_SERVER["SERVER_NAME"].'/api/Order/alipay_notify_url';
        $this->private_key = $config["private_key"];
        $this->public_key = $config["public_key"];
        parent::initialize();
    }

    /*确认订单*/
    public function order(Common_order $common_order)
    {
        $cart_id = input("param.cart_id");
        $address_id = input("param.address_id");
        $user_info = Common_user::user_info($this->user_miyao);
        if (empty($cart_id)){
            return $this->error_json("参数错误",401);
        }
        /*获取商品信息*/
        $is_integral = 0;//存在积分商品：1是 0否
        $jifen_sublevel_act_id = ModGoodsAct::sublevel_act_id('52',1);
        $jifen_sublevel_act_arr = explode(',',$jifen_sublevel_act_id);
        $goods_list = db::name("shopping_cart")->alias("a")
            ->join("goods b","a.goods_id = b.goods_id","LEFT")
            ->join("goods_guige_value c","a.guige_id = c.id","LEFT")
            ->field("a.goods_sum,b.goods_id,b.name,b.describe,b.act_id,b.img,b.price,c.id as guige_id,c.guige_name,c.price as guige_price,c.img as guige_img")
            ->where("a.id in ($cart_id) and a.user_id = $this->user_id")
            ->select()
            ->toArray();
        foreach ($goods_list as $k => $v){
            $goods_list[$k]["img"] = $v["guige_id"] > 0?$v["guige_img"]:$v["img"];
            if (in_array($v["act_id"],$jifen_sublevel_act_arr)){$is_integral = 1;}//存在积分商品
        }
        if (empty($goods_list)){
            return $this->error_json("暂无数据",404);
        }
        /*订单价格查询*/
        $order_price_data = $common_order->order_price($goods_list,0,$this->user_id);
        $order_price = $order_price_data["order_price"];
        $price_vip_discount = $order_price_data["price_vip_discount"];
        $integral_maximum = $order_price_data["integral_maximum"];
        /*获取地址信息*/
        $where = 1;
        if (!empty($address_id)){
            $where .= " and a.address_id = $address_id";
        }else{
            $where .= " and a.is_checked = 1 and a.user_id = $user_info[user_id]";
        }
        $address_info = db::name("user_address")->alias("a")
            ->join("region b","a.province = b.id","LEFT")
            ->join("region c","a.city = c.id","LEFT")
            ->join("region d","a.district = d.id","LEFT")
            ->field("a.address_id,a.name,a.phone, b.name as province_name, c.name as city_name, d.name as district_name, a.address")
            ->where($where)
            ->find();
        //订单号生成
        $order_sn = $user_info["user_id"].Common_user::suijishu("10","1").time();
        $data = [
            'is_integral'=>$is_integral,
            'order_sn'=>$order_sn,
            'goods_list'=>$goods_list,
            'goods_count'=>count($goods_list),
            'order_price'=>$order_price,
            'price_vip_discount'=>$price_vip_discount,
            'integral_maximum'=>$integral_maximum,
            'address_info'=>$address_info,
        ];
        return $this->succeed_json("ok",$data);
    }

    /*自提点列表*/
    public function warehouse()
    {
        $keyword = input("param.keyword");
        $where = 1;
        if (!empty($keyword)){
            $where .= " and (a.ware_name like '%".$keyword."%' or a.name like '%".$keyword."%' or a.phone like '%".$keyword."%')";
        }
        $list = db::name("warehouse")->alias("a")
            ->join("region b","a.province = b.id","left")
            ->join("region c","a.city = c.id","left")
            ->join("region d","a.district = d.id","left")
            ->field("a.*,b.name as province_name,c.name as city_name,d.name as district_name")
            ->where($where)
            ->order("a.sort desc,a.id desc")
            ->page($this->page,$this->limit)
            ->select()
            ->toArray();
        foreach ($list as $k => $v){
            $list[$k]["time_add"] = date("Y-m-d H:i",$v["time_add"]);
        }
        $count = db::name("warehouse")->alias("a")
            ->join("region b","a.province = b.id","left")
            ->join("region c","a.city = c.id","left")
            ->join("region d","a.district = d.id","left")
            ->where($where)
            ->count();
        $vue_pages = $this->vue_pages($count,$this->limit);
        $data = [
            'list'=>$list,
            'pages'=>$vue_pages,
        ];
        return $this->succeed_json("ok",$data);
    }

    /*自提点详情*/
    public function warehouse_info()
    {
        $id = input("param.id");
        if (empty($id)){
            return $this->error_json("请输入自提点id");
        }
        $warehouse_info = db::name("warehouse")->alias("a")
            ->join("region b","a.province = b.id","left")
            ->join("region c","a.city = c.id","left")
            ->join("region d","a.district = d.id","left")
            ->field("a.*,b.name as province_name,c.name as city_name,d.name as district_name")
            ->where("a.id = $id")
            ->find();
        $warehouse_info["time_add"] = date("Y-m-d H:i",$warehouse_info["time_add"]);
        if (empty($warehouse_info)){
            return $this->error_json("自提点不存在");
        }
        $data = [
            'warehouse_info'=>$warehouse_info,
        ];
        return $this->succeed_json("ok",$data);
    }

    /*获取可用的优惠卷*/
    public function user_card()
    {
        $order_price = input("param.order_price");
        $time = time();
        $list = [];
        if ($order_price > 0){
            $list = db::name("user_activity_preferential_card")->where("user_id = $this->user_id and is_employ = 0 and time_past_due >= $time and price_satisfy <= $order_price")->order("id asc")->select()->toArray();
        }
        $data = [
            'list'=>$list,
            'list_count'=>count($list),
        ];
        return $this->succeed_json("ok",$data);
    }

    /*订单价格计算*/
    public function order_price(Common_order $common_order)
    {
        $cart_id = input("param.cart_id");
        $user_card_id = input("param.user_card_id");
        $integral = input("param.integral");
        /*获取商品信息*/
        $goods_list = db::name("shopping_cart")->alias("a")
            ->join("goods b","a.goods_id = b.goods_id","LEFT")
            ->join("goods_guige_value c","a.guige_id = c.id","LEFT")
            ->field("a.goods_sum,b.goods_id,b.name,b.act_id,b.describe,b.img,b.price,c.id as guige_id,c.guige_name,c.price as guige_price")
            ->where("a.id in ($cart_id) and a.user_id = $this->user_id")
            ->select()
            ->toArray();
        if (empty($cart_id)){
            return $this->error_json("暂无数据",404);
        }
        /*订单价格查询*/
        $order_price_data = $common_order->order_price($goods_list,$user_card_id,$this->user_id,$integral);
        $order_price = $order_price_data["order_price"];
        $integral = $order_price_data["integral"];
        $data = [
            'order_price'=>$order_price,
            'integral'=>$integral,
        ];
        return $this->succeed_json("ok",$data);
    }

    /**
     * 订单生成
     */
    public function order_create(Common_order $common_order)
    {
        $type_courier = input("param.type_courier") != ''?input("param.type_courier"):0;//配送类型：0正常配送 1自提
        $cart_id = input("param.cart_id");
        $address_id = input("param.address_id");
        $warehouse_id = input("param.warehouse_id");
        $order_sn = input("param.order_sn");
        $pay_type = input("param.pay_type");
        $user_card_id = input("param.user_card_id") != ''?input("param.user_card_id"):0;
        $integral = input("param.integral");//抵扣积分
        $user_info = Common_user::user_info($this->user_miyao);
        if ($pay_type == ''){
            return $this->error_json("请选择支付方式");
        }
        if (empty($cart_id)){
            return $this->error_json("参数错误",404);
        }
        /*获取地址信息*/
        $address_info = [];
        if ($type_courier == 0){ //正常配送
            if (empty($address_id)){
                return $this->error_json("请选择地址");
            }
            $address_info = db::name("user_address")->alias("a")
                ->join("region b","a.province = b.id","LEFT")
                ->join("region c","a.city = c.id","LEFT")
                ->join("region d","a.district = d.id","LEFT")
                ->field("a.*, b.name as province_name, c.name as city_name, d.name as district_name")
                ->where("a.address_id = $address_id")
                ->find();
            if (empty($address_info)){
                return $this->error_json("地址不存在",404);
            }
        }else if($type_courier == 1){ //自提
            if (empty($warehouse_id)){
                return $this->error_json("请选择自提点");
            }
            $warehouse_info = db::name("warehouse")->alias("a")
                ->join("region b","a.province = b.id","left")
                ->join("region c","a.city = c.id","left")
                ->join("region d","a.district = d.id","left")
                ->field("a.*,b.name as province_name,c.name as city_name,d.name as district_name")
                ->where("a.id = $warehouse_id")
                ->find();
            if (empty($warehouse_info)){
                return $this->error_json("自提点不存在",404);
            }
            $address_info = [
                'name'=>$this->user_info["name"],
                'phone'=>$this->user_info["mobile"],
                'province'=>$warehouse_info["province"],
                'city'=>$warehouse_info["city"],
                'district'=>$warehouse_info["district"],
                'address'=>$warehouse_info["address"],
            ];
        }
        /*获取商品信息*/
        $goods_list = db::name("shopping_cart")->alias("a")
            ->join("goods b","a.goods_id = b.goods_id","LEFT")
            ->join("goods_guige_value c","a.guige_id = c.id","LEFT")
            ->field("a.goods_sum,b.goods_id,b.shop_id,b.name,b.act_id,b.describe,b.img,b.price,c.id as guige_id,c.guige_name,c.price as guige_price")
            ->where("a.id in ($cart_id) and a.user_id = $this->user_id")
            ->select()
            ->toArray();
        if (empty($goods_list)){
            return $this->error_json("暂无商品数据",404);
        }
        //检测库存
        $order_detection = $common_order->order_detection($goods_list);
        if ($order_detection["code"] != 200){
            return $this->error_json($order_detection["msg"]);
        }
        $order_info = db::name("order")->where("order_sn = '$order_sn'")->order("order_id desc")->find();
        if (!empty($order_info)){
            return $this->error_json("订单已生成",405);
        }
        /*订单创建处理*/
        $order_price_data = $common_order->order_price($goods_list,$user_card_id,$this->user_id,$integral);
        $order_price = $order_price_data["order_price"];//订单总价额
        $price_vip_discount = $order_price_data["price_vip_discount"];//会员折扣价
        $integral = $order_price_data["integral"];//抵扣积分
        if ($integral > $order_price_data["integral_maximum"]){
            return $this->error_json("使用积分不可超过".$order_price_data["integral_maximum"]);
        }
        $info = [
            'order_sn'=>input("param.order_sn"),
            'user_id'=>$user_info["user_id"],
            'user_card_id'=>$user_card_id,
            'price'=>$order_price,
            'price_vip_discount'=>$price_vip_discount,
            'price_yunfei'=>0,
            'integral'=>$integral,
            'address_id'=>$address_id,
            'warehouse_id'=>$warehouse_id,
            'address_name'=>$address_info["name"],
            'address_phone'=>$address_info["phone"],
            'province'=>$address_info["province"],
            'city'=>$address_info["city"],
            'district'=>$address_info["district"],
            'address'=>$address_info["address"],
            'type_courier'=>$type_courier,
            'state'=>0,
            'pay_way'=>$pay_type,
            'describe'=>input("param.describe"),
            'add_time'=>time(),
        ];
        $order_id = db::name("order")->insertGetId($info);
        foreach ($goods_list as $k => $v){
            $info_goods = [
                'order_id'=>$order_id,
                'goods_id'=>$v["goods_id"],
                'goods_img'=>$v["img"],
                'goods_guige_id'=>$v["guige_id"] != ''?$v["guige_id"]:0,
                'goods_name'=>$v["name"],
                'goods_guige_name'=>$v["guige_name"] != ''?$v["guige_name"]:'',
                'price_one'=>$v["guige_price"] >0?$v["guige_price"]:$v["price"],
                'num'=>$v["goods_sum"],
                'time_add'=>time(),
            ];
            db::name("order_goods")->insertGetId($info_goods);
            if (!empty($v["guige_id"])){
                $guige_info = db::name("goods_guige_value")->where("id = $v[guige_id]")->find();
                $info2["stocks"]= $guige_info["stocks"]-$v["goods_sum"];
                db::name("goods_guige_value")->where("id = $guige_info[id]")->data($info2)->update();
            }else{
                $goods_info = db::name("goods")->where("goods_id = $v[goods_id]")->field("goods_id,stocks")->find();
                $info2["stocks"] = $goods_info["stocks"]-$v["goods_sum"];
                db::name("goods")->where("goods_id = $goods_info[goods_id]")->data($info2)->update();
            }
        }
        db::name("shopping_cart")->where("id in ($cart_id)")->delete();
        $data = [
            'order_sn'=>input("param.order_sn"),
            'order_id'=>$order_id,
        ];
        return $this->succeed_json("ok",$data);
    }

    /*收银台订单支付*/
    public function cashier_order_pay(Common_weixinpay $common_weixinpay)
    {
        $order_id = input("param.order_id");
        $auth_code = input("param.auth_code");
        $user_miyao = $this->user_miyao;
        if (empty($order_id)){
            return $this->error_json("参数错误");
        }
        $order_info = db::name("order")->where("order_id = $order_id")->find();
        $data = $common_weixinpay->payment_code($order_info,$user_miyao,$auth_code);
        if ($data["return_code"] == 'SUCCESS' && $data["return_msg"]=='OK' && $data["result_code"] == 'SUCCESS'){
            if ($order_info["pay_way"] == 2){
                if ($order_info["yd_user_id"] != 0 && $order_info["gold"] >0){
                    $this->account_log($order_info["yd_user_id"],'线下下单金币抵消-订单编号'.$order_info["order_sn"],101,0,'-'.$order_info["gold"],0);
                }
            }
            $info = [
                'state'=>1,
                'pay_time'=>time(),
            ];
            db::name("order")->where("order_id = $order_id")->data($info)->update();
            db::name("cashier_cart")->where("user_id = $this->user_id")->delete();
            return $this->succeed_json("支付成功");
        }else{
            return $this->error_json($data["return_msg"]);
        }
    }

    /**
     * 订单支付
     */
    public function order_pay(Common_order $common_order,Common_weixinpay $common_weixinpay,Common_alipay $common_alipay,Common_huifu $common_huifu)
    {
        $source = input("param.source");//支付来源
        $order_id = input("param.order_id");
        $describe = input("param.describe");
        $user_info = Common_user::user_info($this->user_miyao);
        if (empty($order_id)){
            return $this->error_json("请传入订单id",405);
        }
        //会员余额
        $user_money = Common_user::user_money($user_info["user_id"]);
        $order_info = db::name("order")->where("order_id = '$order_id'")->order("order_id desc")->find();
        $pay_way = $order_info["pay_way"];
        if (empty($order_info)){
            return $this->error_json("订单不存在",405);
        }
        if ($order_info["pay_time"] != 0){
            return $this->error_json("订单已支付",405);
        }
        /*订单详情页支付处理*/
        if ($source == 'order_info'){
            $pay_type = input("param.pay_type");//支付方式：0余额支付 1微信支付 2支付宝支付 3积分支付
            $integral = input("param.integral");//积分抵扣
            $info = [];
            if (!empty($describe)){
                $info["describe"] = $describe;
            }
            if ($pay_type != ''){
                $info["pay_way"] = $pay_type;
            }
            if ($integral > 0){
                $order_goods = db::name("order_goods")->alias("a")
                    ->join("goods_guige_value b","a.goods_guige_id = b.id","LEFT")
                    ->join("goods c","a.goods_id = c.goods_id","LEFT")
                    ->field("a.num as goods_sum,a.price_one as price,b.img as guige_img,b.price as guige_price,c.act_id")
                    ->where("a.order_id = $order_id")
                    ->order("a.id asc")
                    ->select()
                    ->toArray();
                /*订单价格查询*/
                $order_price_data = $common_order->order_price($order_goods,$order_info["user_card_id"],$this->user_id,$integral);
                $info["price"] = $order_price_data["order_price"];
                $info["integral"] = $order_price_data["integral"];
            }
            if (!empty($info)){
                db::name("order")->where("order_id = $order_id")->data($info)->update();
                $order_info = db::name("order")->where("order_id = '$order_id'")->order("order_id desc")->find();
                $pay_way = $order_info["pay_way"];
            }
        }
        //余额支付
        if ($pay_way == 0){
            /*验证*/
//            $pay_password_verify = Common_user::pay_password_verify($this->user_miyao,input("param.pay_password"));
//            if ($pay_password_verify["code"] != 200){
//                return $this->error_json($pay_password_verify["msg"]);
//            }
            if ($user_money < $order_info["price"]){
                return $this->error_json("余额不足",405);
            }
            $this->record_log("订单支付",8,$user_info["user_id"],'-'.$order_info["price"],0);
            //支付成功处理
            $this->pay_succeed($common_order,$order_info["order_id"],$this->user_miyao);
        }
        //微信支付
        if ($pay_way == 1){
            if ($order_info["price"] > 0){
                $data = $common_weixinpay->pay($this->base64_user_miyao,$order_info["order_sn"],$order_info["order_sn"],$order_info["price"],$user_info["open_id"]);
            }else{
                $this->pay_succeed($common_order,$order_info["order_id"],$this->user_miyao);
            }
        }
        //支付宝支付
        if ($pay_way == 2){
            $data = $common_alipay->pay_app($this->base64_user_miyao,$order_info["order_sn"],$order_info["goods_name"],$order_info["price"]);
        }
        //积分支付
        if ($pay_way == 3){
            $this->record_log("订单支付",8,$user_info["user_id"],0,'-'.$order_info["price"]);
            //支付成功处理
            $this->pay_succeed($common_order,$order_info["order_id"],$this->user_miyao);
        }
        //支付宝（汇付）
        if ($pay_way == 4){
            if ($order_info["price"] > 0){
                $data = $common_huifu->pay_alipay($this->base64_user_miyao,$order_info["order_sn"],$order_info["price"]);
            }else{
                $this->pay_succeed($common_order,$order_info["order_id"],$this->user_miyao);
            }
        }
    }

    /*办理vip支付*/
    public function vip_pay(Common_weixinpay $common_weixinpay,Common_alipay $common_alipay)
    {
        $rank_id = input("param.rank_id");
        $rank_info = db::name("user_rank")->where("rank_id = $rank_id")->find();
        $user_info = Common_user::user_info($this->user_miyao);
        if ($user_info["rank_id"] >= $rank_id){
            return $this->error_json("您当前级别已等于或者超过该级别");
        }
        //订单号生成
        $order_sn = $this->user_id.Common_user::suijishu("10","1").time();
        $info = [
            'user_id'=>$this->user_id,
            'order_sn'=>$order_sn,
            'rank_id'=>$rank_id,
            'price'=>$rank_info["pay_price"],
            'is_pay'=>0,
            'time_add'=>time(),
        ];
        db::name("transaction_vip")->insertGetId($info);
        $data = $common_weixinpay->pay($this->base64_user_miyao,$order_sn,'vip办理',$rank_info["pay_price"],$user_info["open_id"],1);
    }

    /*微信支付成功回调地址*/
    public function notify_url(Common_order $common_order)
    {
        /*代表回调成功，不需要第二次回调*/
        echo '<xml>
                  <return_code><![CDATA[SUCCESS]]></return_code>
                  <return_msg><![CDATA[OK]]></return_msg>
             </xml>';
        /*创建支付日志*/
        //接收XML
        $xml=file_get_contents('php://input');//监听是否有数据传入
        //转数组
        $xml_arr=$this->xmlToArr($xml);
        //转JSON
        $xml_json=json_encode($xml_arr,256);
        $info = [
            'value'=>$xml_json,
            'type'=>'WeChat',
            'order_sn'=>input("param.order_sn"),
            'add_time'=>time(),
        ];
        db::name("payment_journal")->insertGetId($info);

        $user_miyao = $this->user_miyao;
        $order_sn = input("param.order_sn");
        $order_type = input("param.order_type");
        $user_info = Common_user::user_info($user_miyao);
        if ($order_type == 1){
            $order_info = db::name("transaction_vip")->where("order_sn = '$order_sn'")->order("id desc")->find();
            $order_info["order_id"] = $order_info["id"];
        }else{
            $order_info = db::name("order")->where("order_sn = '$order_sn'")->order("order_id desc")->find();
        }
        //支付成功处理
        $this->pay_succeed($common_order,$order_info["order_id"],$user_miyao,$order_type);
    }

    /*支付宝支付回调地址*/
    public function alipay_notify_url(Common_order $common_order)
    {
        echo "success";//回调成功
        $out_trade_no = input("param.out_trade_no");
        header("Content-type:text/html;charset=utf-8");
        require_once  'extend/alipay/aop/AopClient.php';
        require_once  'extend/alipay/aop/request/AlipayFundTransToaccountTransferRequest.php';
        require_once  'extend/alipay/aop/request/AlipayFundTransOrderQueryRequest.php';
        require_once  'extend/alipay/aop/SignData.php';
        require_once  'extend/alipay/aop/request/AlipayTradeQueryRequest.php';
        $aop = new \AopClient();
        $aop->gatewayUrl = "https://openapi.alipay.com/gateway.do";
        $aop->appId = $this->app_id;
        $aop->method = 'alipayTradePagePay';
        $aop->charset = 'utf-8';
        $aop->signType = 'RSA2';
        $aop->alipayrsaPublicKey = $this->public_key;
        $aop->rsaPrivateKey      = $this->private_key;
        $biz_content = json_encode(['out_trade_no'=>$out_trade_no]);
        $payRequest = new \AlipayTradeQueryRequest();
        $payRequest->setBizContent($biz_content);
        $response = $aop->sdkExecute($payRequest);
        $returns = json_decode(file_get_contents("https://openapi.alipay.com/gateway.do?".$response),true);
        /*创建支付日志*/
        $info = [
            'value'=>json_encode($returns),
            'type'=>'Alipay',
            'order_sn'=>input("param.order_sn"),
            'add_time'=>time(),
        ];
        db::name("payment_journal")->insertGetId($info);
        if($returns['alipay_trade_query_response']['code'] == "10000" and $returns['alipay_trade_query_response']['msg'] == "Success" and $returns['alipay_trade_query_response']['trade_status'] == "TRADE_SUCCESS") {
            //支付成功处理
            $user_miyao = $this->user_miyao;
            $order_sn = input("param.order_sn");
            $user_info = Common_user::user_info($user_miyao);
            $order_info = db::name("order")->where("order_sn = '$order_sn'")->order("order_id desc")->find();
            //支付成功处理
            $this->pay_succeed($common_order,$order_info["order_id"],$user_miyao);
        }
    }

    /*第三方汇付回调地址*/
    public function notify_url_huifu(Common_order $common_order)
    {
        $value = json_encode(input("param."));
        $info = [
            'value'=>$value,
            'type'=>'HuiFu',
            'order_sn'=>input("param.order_sn"),
            'add_time'=>time(),
        ];
        db::name("payment_journal")->insertGetId($info);
        $user_miyao = $this->user_miyao;
        $order_sn = input("param.order_sn");
        $order_type = input("param.order_type");
        if ($order_type == 1){
            $order_info = db::name("transaction_vip")->where("order_sn = '$order_sn'")->order("id desc")->find();
            $order_info["order_id"] = $order_info["id"];
        }else{
            $order_info = db::name("order")->where("order_sn = '$order_sn'")->order("order_id desc")->find();
        }
        //支付成功处理
        $this->pay_succeed($common_order,$order_info["order_id"],$user_miyao,$order_type);
    }

    /**
     * 订单支付成功处理
     * @param $common_order 注入方法
     * @param $order_id 订单id
     * @param $user_miyao 会员秘钥
     * @param int $order_type 订单类型：0正常订单 1vip办理订单
     */
    public function pay_succeed(Common_order $common_order,$order_id,$user_miyao,$order_type=0)
    {
        $user_info = Common_user::user_info($user_miyao);
        if ($order_type == 1){
            $order_info = db::name("transaction_vip")->where("id = $order_id")->find();
            $info = [
                'is_pay'=>1,
                'time_pay'=>time(),
            ];
            db::name("transaction_vip")->where("id = $order_info[id]")->data($info)->update();
            $info2["rank_id"] = $order_info["rank_id"];
            db::name("user")->where("user_id = $order_info[user_id]")->data($info2)->update();
        }else{
            $order_info = db::name("order")->where("order_id = $order_id")->order("order_id desc")->find();
            if ($order_info["state"] == 0) {
                /*更新订单状态*/
                db::name("order")->where("order_id = $order_info[order_id]")->update(['state'=>1,'pay_time'=>time()]);
                /*扣除积分*/
                if (($order_info["pay_way"] == 0 || $order_info["pay_way"] == 1 || $order_info["pay_way"] == 2) && $order_info["integral"] > 0) {
                    $this->record_log("订单支付，积分抵扣", 8, $user_info["user_id"], 0, '-' . $order_info["integral"]);
                }
                /*优惠卷扣除*/
                if (!empty($order_info["user_card_id"])) {
                    $info_card = [
                        'is_employ' => 1,
                        'time_employ' => time(),
                    ];
                    db::name("user_activity_preferential_card")->where("id = $order_info[user_card_id]")->data($info_card)->update();
                }
                /*升级处理*/
                //$rank_upload = $common_order->rank_upload($user_info["user_id"],$order_info["buy_num"],$user_info["rank_id"]);
                /*多店铺拆单处理*/
                $common_order->order_chai($order_id);
            }
        }
        return $this->succeed_json("支付成功");
    }

    private function xmlToArr($xml){
        //将XML转为array
        return json_decode(json_encode(simplexml_load_string($xml,'SimpleXMLElement',LIBXML_NOCDATA)),true);
    }

    /**
     * 订单列表
     */
    public function order_list()
    {
        $user_info = Common_user::user_info($this->user_miyao);
        $type = input("param.type");
        $where = "user_id = $user_info[user_id] and is_chai = 0";
        if (!empty($type)){
            if ($type == 1){//待付款
                $where .= " and state = 0";
            }else if($type == 2) {//待发货
                $where .= " and state = 1";
            }else if($type == 3) {//待收货
                $where .= " and state = 2";
            }else if($type == 4) {//已完成
                $where .= " and state = 3";
            }else if($type == 5) {//已取消
                $where .= " and state = 4";
            }
        }
        $list = db::name("order")->where($where)->order("order_id desc")->page($this->page,$this->limit)->select()->toArray();
        foreach ($list as $k => $v){
            $list[$k]["add_time"] = date("Y-m-d H:i",$v["add_time"]);
            /*订单产品处理*/
            $order_goods = db::name("order_goods")->alias("a")
                ->join("goods_guige_value b","a.goods_guige_id = b.id","LEFT")
                ->field("a.*,b.img as guige_img,b.price as guige_price")
                ->where("a.order_id = $v[order_id]")
                ->order("a.id asc")
                ->select()
                ->toArray();
            $order_goods_arr = [];
            foreach ($order_goods as $k2 => $v2){
                $price = $v2["goods_guige_id"]>0?$v2["guige_price"]:$v2["price_one"];
                $goods_img = $v2["goods_guige_id"]>0?$v2["guige_img"]:$v2["goods_img"];
                $data_goods = [
                    'id'=>$v2["id"],
                    'order_id'=>$v2["order_id"],
                    'goods_id'=>$v2["goods_id"],
                    'goods_guige_id'=>$v2["goods_guige_id"],
                    'goods_name'=>$v2["goods_name"],
                    'goods_guige_name'=>$v2["goods_guige_name"],
                    'price_one'=>$price,
                    'goods_img'=>$goods_img,
                    'num'=>$v2["num"],
                ];
                $order_goods_arr[$k2] = $data_goods;
            }
            $list[$k]["order_goods"] = $order_goods_arr;
        }
        /*获取总页数*/
        $count = db::name("order")->where($where)->count();
        $pages = $this->vue_pages($count,$this->limit);
        $data = [
            'list'=>$list,
            'pages'=>$pages,
            'list_count'=>$count,
        ];
        return $this->succeed_json("ok",$data);
    }

    /**
     * 订单查询
     */
    public function order_info(Common_order $common_order)
    {
        $order_id = input("param.order_id");
        $user_info = Common_user::user_info($this->user_miyao);
        //订单详情
        $order_info = db::name("order")->alias("a")
            ->join("region c","a.province = c.id","LEFT")
            ->join("region d","a.city = d.id","LEFT")
            ->join("region e","a.district = e.id","LEFT")
            ->field("a.*,c.name as province_name,d.name as city_name,e.name as district_name")
            ->where("a.order_id = '$order_id' and a.user_id = $user_info[user_id]")
            ->order("a.order_id desc")
            ->find();
        $order_info["add_time"] = date("Y-m-d H:i",$order_info["add_time"]);
        /*订单产品*/
        $is_integral = 0;//存在积分商品：1是 0否
        $jifen_sublevel_act_id = ModGoodsAct::sublevel_act_id('52',1);
        $jifen_sublevel_act_arr = explode(',',$jifen_sublevel_act_id);
        $order_goods = db::name("order_goods")->alias("a")
            ->join("goods_guige_value b","a.goods_guige_id = b.id","LEFT")
            ->join("goods c","a.goods_id = c.goods_id","LEFT")
            ->field("a.*,b.img as guige_img,b.price as guige_price,c.act_id")
            ->where("a.order_id = $order_info[order_id]")
            ->order("a.id asc")
            ->select()
            ->toArray();
        $order_goods_arr = [];
        foreach ($order_goods as $k => $v){
            foreach ($jifen_sublevel_act_arr as $v2){
                if ($v["act_id"] == $v2){
                    $is_integral = 1;
                }
            }
            $img = $v["goods_guige_id"]>0?$v["guige_img"]:$v["goods_img"];
            $goods_data = [
                'id'=>$v["id"],
                'act_id'=>$v["act_id"],
                'order_id'=>$v["order_id"],
                'goods_id'=>$v["goods_id"],
                'goods_guige_id'=>$v["goods_guige_id"],
                'goods_name'=>$v["goods_name"],
                'goods_guige_name'=>$v["goods_guige_name"],
                'goods_img'=>$img,
                'price'=>$v["price_one"],//在生成订单时如有规格则存储规格单价，没有则存储正常单价
                'guige_price'=>0,//只用于订单价格计算（其它无用）
                'goods_sum'=>$v["num"],
            ];
            $order_goods_arr[$k] = $goods_data;
        }
        /*订单价格查询*/
        $order_price_data = $common_order->order_price($order_goods_arr,0,$this->user_id);
        $order_price = $order_price_data["order_price"];
        $price_vip_discount = $order_price_data["price_vip_discount"];
        $integral_maximum = $order_price_data["integral_maximum"];
        $data = [
            'is_integral'=>$is_integral,
            'integral_maximum'=>$integral_maximum,
            'order_info'=>$order_info,
            'order_goods'=>$order_goods_arr,
        ];
        return $this->succeed_json("ok",$data);
    }

    /*订单价格计算（订单）*/
    public function order_info_price(Common_order $common_order)
    {
        $order_id = input("param.order_id");
        $integral = input("param.integral");
        $order_info = db::name("order")->where("order_id = $order_id")->order("order_id desc")->find();
        $order_goods = db::name("order_goods")->alias("a")
            ->join("goods_guige_value b","a.goods_guige_id = b.id","LEFT")
            ->join("goods c","a.goods_id = c.goods_id","LEFT")
            ->field("a.num as goods_sum,a.price_one as price,b.img as guige_img,b.price as guige_price,c.act_id")
            ->where("a.order_id = $order_id")
            ->order("a.id asc")
            ->select()
            ->toArray();
        /*订单价格查询*/
        $order_price_data = $common_order->order_price($order_goods,$order_info["user_card_id"],$this->user_id,$integral);
        $order_price = $order_price_data["order_price"];
        $integral = $order_price_data["integral"];
        $data = [
            'order_price'=>$order_price,
            'integral'=>$integral,
        ];
        return $this->succeed_json("ok",$data);
    }

    /*修改订单配送地址*/
    public function order_address_update()
    {
        $order_id = input("param.order_id");
        $address_id = input("param.address_id");
        if (empty($order_id)){
            return $this->error_json("请填写order_id");
        }
        if (empty($address_id)){
            return $this->error_json("请填写address_id");
        }
        $order_info = db::name("order")->where("order_id = $order_id")->find();
        $user_address = db::name("user_address")->where("address_id = $address_id")->find();
        $info = [
            'address_name'=>$user_address["name"],
            'address_phone'=>$user_address["phone"],
            'province'=>$user_address["province"],
            'city'=>$user_address["city"],
            'district'=>$user_address["district"],
            'address'=>$user_address["address"],
        ];
        db::name("order")->where("order_id = $order_id")->update($info);
        return $this->succeed_json("修改成功");
    }

    /*物流查询*/
    public function logistics(Common_api $common_api)
    {
        $order_id = input("param.order_id");
        $order_info = db::name("order")->where("order_id = $order_id")->find();
        $recruitment_list = [];//物流信息
        $tel =  substr($order_info["address_phone"], 7);//手机号后四位
        if (!empty($order_info["courier_number"])){
            $recruitment = $common_api->recruitment($order_info["courier_number"].":".$tel);
            if ($recruitment["code"] == 200){
                $recruitment_list = $recruitment["list"];
            }else{
                return $this->error_json($recruitment["msg"]);
            }
        }
        $data = [
            'list'=>$recruitment_list["list"],
        ];
        return $this->succeed_json("ok",$data);
    }

    /*金额变动明细*/
    public function record_list_log()
    {
        $type_currency = input("param.type_currency");//币种类型：0全部币种 1余额 2积分
        $type = input("param.type");
        $keyword = input("param.keyword");
        $time_ks = input("param.time_ks");
        $time_js = input("param.time_js");
        $where = 1;
        if (!empty($type_currency)){
            if ($type_currency == 1){
                $where .= " and money != 0";
            }else if($type_currency == 2){
                $where .= " and integral != 0";
            }
        }
        if (!empty($type)){
            $where .= " and type in ($type)";
        }
        if (!empty($keyword)){
            $where .= " and `describe` like '%".$keyword."%'";
        }
        if (!empty($time_ks)){
            $time_ks = strtotime($time_ks);
            $where .= " and add_time >= $time_ks";
        }
        if (!empty($time_js)){
            $time_js = strtotime($time_js);
            $where .= " and add_time <= $time_js";
        }
        $list = db::name("record_log")->where("user_id = $this->user_id and ".$where)->order("id desc")->page($this->page,$this->limit)->select()->toArray();
        foreach ($list as $k => $v){
            $list[$k]["money"] = $v["money"] >0?'+'.$v["money"]:$v["money"];
            $list[$k]["freeze_money"] = $v["freeze_money"] >0?'+'.$v["freeze_money"]:$v["freeze_money"];
            $list[$k]["integral"] = $v["integral"] >0?'+'.$v["integral"]:$v["integral"];
            $list[$k]["add_time"] = date("Y-m-d H:i",$v["add_time"]);
        }
        /*总页数*/
        $count = db::name("record_log")->where("user_id = $this->user_id and ".$where)->count();
        $pages = $this->vue_pages($count,$this->limit);
        $data = [
            'list'=>$list,
            'pages'=>$pages,
        ];
        return $this->succeed_json("ok",$data);
    }

    /*订单确认收货*/
    public function confirm_receipt()
    {
        $order_id = input("param.order_id");
        $order_info = db::name("order")->where("order_id = '$order_id' and user_id = $this->user_id")->order("order_id desc")->find();
        if (empty($order_info)){
            return $this->error_json("订单错误");
        }
        if ($order_info["state"] < 2){
            return $this->error_json("该订单暂未发货！");
        }
        if ($order_info["state"] > 2){
            return $this->error_json("该订单不可进行此操作！");
        }
        $info = [
            'state'=>3,
        ];
        db::name("order")->where("order_id = $order_info[order_id]")->data($info)->update();
        return $this->succeed_json("操作成功");
    }

    /*订单取消*/
    public function order_cancellation()
    {
        $order_sn = input("param.order_sn");
        $order_info = db::name("order")->where("order_sn = '$order_sn' and user_id = $this->user_id")->order("order_id desc")->find();
        if (empty($order_info)){
            return $this->error_json("订单错误");
        }
        if ($order_info["state"] == 1 || $order_info["state"] == 2 || $order_info["state"] == 3){
            return $this->error_json("该订单不可进行此操作！");
        }
        if ($order_info["state"] == 4){
            return $this->error_json("该订单已取消！");
        }
        $info = [
            'state'=>4,
        ];
        db::name("order")->where("order_id = $order_info[order_id]")->data($info)->update();
        return $this->succeed_json("操作成功");
    }

    /*退款申请提交*/
    public function order_refund()
    {
        $order_id = input("param.order_id");
        $state_refund = input("param.state_refund");
        $info = [
            'state_refund'=>$state_refund,
            'describe_refund'=>input("param.describe"),
            'imgdata_refund'=>input("param.imgData"),
            'time_refund'=>time(),
        ];
        db::name("order")->where("order_id = $order_id")->update($info);
        return $this->succeed_json("提交成功,请等待平台处理~");
    }

    /*订单发货列表(管理员手机发货处理)*/
    public function order_shipments_list()
    {
        if ($this->user_info["is_deliver"] == 0){
            return $this->error_json("无权发货",401);
        }
        $where = 1;
        $where .= " and a.state = 1";
        $list = db::name("order")->alias("a")
            ->join("region b","a.province = b.id","LEFT")
            ->join("region c","a.city = c.id","LEFT")
            ->join("region d","a.district = d.id","LEFT")
            ->field("a.*,b.name as province_name,c.name as city_name,d.name as district_name")
            ->where($where)
            ->order("a.order_id desc")
            ->page($this->page,$this->limit)
            ->select()
            ->toArray();
        foreach ($list as $k => $v){
            $list[$k]["add_time"] = date("Y-m-d H:i",$v["add_time"]);
            $list[$k]["pay_time"] = date("Y-m-d H:i",$v["pay_time"]);
        }
        /*获取总页数*/
        $count = db::name("order")->alias("a")
            ->join("region b","a.province = b.id","LEFT")
            ->join("region c","a.city = c.id","LEFT")
            ->join("region d","a.district = d.id","LEFT")
            ->where($where)
            ->count();
        $pages = $this->vue_pages($count,$this->limit);
        $data = [
            'list'=>$list,
            'pages'=>$pages,
            'list_count'=>$count,
        ];
        return $this->succeed_json("ok",$data);
    }

    /*订单发货处理*/
    public function order_shipments_update()
    {
        if ($this->user_info["is_deliver"] == 0){
            return $this->error_json("无权发货",401);
        }
        $order_id = input("param.order_id");
        $courier_id = input("param.courier_id");
        $courier_number = input("param.courier_number");
        if (empty($courier_number)){
            return $this->error_json("请输入快递编号");
        }
        if (empty($courier_id)){
            return $this->error_json("请选择快递公司");
        }
        $courier_name = db::name("courier")->where("id = $courier_id")->value("name");
        $info = [
            'courier_id'=>$courier_id,
            'courier_name'=>$courier_name,
            'courier_number'=>input("param.courier_number"),
            'price_yunfei'=>input("param.price_yunfei"),
            'state'=>2,
        ];
        db::name("order")->where("order_id = $order_id")->data($info)->update();
        return $this->succeed_json("发货成功");
    }

    /*快递公司*/
    public function courier()
    {
        $list = db::name("courier")->order("sort desc")->select()->toArray();
        $data = [
            'list'=>$list,
        ];
        return $this->succeed_json('ok',$data);
    }
}