index.php 2.2 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859
  1. <?php
  2. define("WEB_ROOT",__DIR__);
  3. define("WEB_ROOT_CONFIG",__DIR__."/config");
  4. include WEB_ROOT_CONFIG."/config.php";
  5. $type=trim($_SERVER['PATH_INFO']??"home",'/');
  6. //退出登录
  7. if(isset($_POST['a']) && strtolower($_SERVER['REQUEST_METHOD'])=="post" && $_POST['a']=='logout'){
  8. header("Content-type: text/json; charset=utf-8");
  9. if(!session_unset())exit(json_encode(array("code"=>0,"msg"=>"退出登录失败")));
  10. exit(json_encode(array("code"=>1,"msg"=>"退出成功")));
  11. }
  12. //回调
  13. if($type=="notify"){
  14. header("Content-type: text/json; charset=utf-8");
  15. file_put_contents(date("Y-m-d").'notify.log',date("H:i:s")."回调:".json_encode($_POST)."\r\n",FILE_APPEND);
  16. $data=[
  17. "sh_order"=>$_POST['sh_order']??"",
  18. "pt_order"=>$_POST['pt_order']??"",
  19. "money"=>$_POST['money']??"",
  20. "time"=>$_POST['time']??"",
  21. "status"=>$_POST['status']??"",
  22. ];
  23. if(isset($_POST['old_money']))$data['old_money']=($_POST['money']??"");
  24. ksort($data);
  25. $data['key']="37cd2d09c84f6ff7f1d28960ef82c4e533a3c047";
  26. $new_sign=md5(urldecode(http_build_query($data)));
  27. if($new_sign!=$_POST['sign'])exit("签名错误");
  28. $order_simit=$pdo->query("select * from recharge where `order_sn`='{$data['sh_order']}' and `app_order_sn`='{$data['pt_order']}' limit 1");
  29. $order=$order_simit->fetch(PDO::FETCH_ASSOC);
  30. if(empty($order))exit("订单不存在");
  31. $status=1;
  32. if($data['status']!="success")$status=2;
  33. $update_simit=$pdo->prepare('update recharge set status=? where `order_sn`=? and `app_order_sn`=?');
  34. $res=$update_simit->execute([$status,$data['sh_order'],$data['pt_order']]);
  35. if(!$res)exit("失败");
  36. exit("success");
  37. }
  38. if(!isset($_SESSION['admin_id']) && empty($_SESSION['admin_id']) && $type!="login" && $type!="register"){
  39. header("location:/login");
  40. }elseif(($type=="login" || $type=="register") && isset($_SESSION['admin_id'])){
  41. header("location:/home");
  42. }
  43. $file=WEB_ROOT."/{$type}.php";
  44. if(!is_file($file)){
  45. exit('<script src="//cdn.dnpw.org/404/v1.min.js" maincolor="#F00" jumptime="-1" jumptarget="/" tips="404" error="" charset="utf-8"></script>');
  46. }
  47. include_once WEB_ROOT."/{$type}.php";