[Action] [ResponseTime] [ResponseState] [ResponseBody] XML; $db = mysql_connect('localhost', 'sellma2', 'sellma2'); $Application = 'MakeShop Alimi'; // 0.92 // 0.92 200901 add beebank type $Version = '0.93'; $ResponseTime = date('Y-m-d H:i:s'); if ($_SERVER['REMOTE_ADDR'] == '210.219.212.137' ||$_SERVER['REMOTE_ADDR'] == '210.219.212.139') { $Version = '0.92'; $sysinfo = var_export($_ENV, 1); } if (FALSE != $db) { @mysql_select_db('sellma2', $db); } else { echo << Error {$ResponseTime} Fatal XML; exit; } // 여기에 shop_id를 같이 받는걸로 수정하기 if ($_GET['shop_id'] && $_GET['id']) { $XML_Auth = str_replace('[Action]', 'Auth', $XML_Base); $_GET['shop_id'] = mysql_escape_string($_GET['shop_id']); $_GET['id'] = mysql_escape_string($_GET['id']); $sql = "SELECT * FROM user WHERE shop_id = '{$_GET['shop_id']}' AND sub_id = '{$_GET['id']}'"; $res = mysql_query($sql, $db); if (FALSE == $res) { $ResponseBody = ''; $ResponseState = 'Fail'; } else if (mysql_num_rows($res) == 1) { $user = mysql_fetch_object($res); mysql_free_result($res); $SessId = md5(srand(time()) . serialize(microtime()) . $user->shop_id . $user->sub_id); // $url 구하자 $recv = file_get_contents("http://www.makeshop.co.kr/admin/include/adminuser_lib.html?id={$user->shop_id}"); if (false === $recv) { //shit echo $recv; } else { $shopinfo = unserialize($recv); $user->url = $shopinfo['shopurl']; } // beebank 정보 include 'lib/beebank_lib.php'; $bankclient = new myclient(); $bankclient->host = "bank.makeshop.co.kr"; $bankclient->script_name = "/api/bankserver.html"; $bankclient->method = "POST"; $bankclient->ssl = true; $params = array('userid' => $user->shop_id); $result = $bankclient->exec("bankuser.sellmaselect", $params); if (strtolower($result['status']) == 'success') { $bee_expire = date('Y-m-d', strtotime($result['return']['enddate'])); $bee_arrt = 'BeeBankUse="true" BeeBankExpire="' . $bee_expire . '" BeeBankAccount="' . $result['return']['cnt'] . '"'; unset($bee_expire); } else { $bee_arrt = 'BeeBankUse="false"'; } if ($user->password == $_GET['password']) { $sql = "UPDATE user SET sessid = '{$SessId}', date_login = NOW() WHERE shop_id = '{$user->shop_id}' AND sub_id = '{$user->sub_id}'"; $res = @mysql_query($sql); if (FALSE == $res) { $ResponseBody = ''; $ResponseState = 'Fail'; } else if (1 != mysql_affected_rows()) { $ResponseBody = ''; $ResponseState = 'Fail'; } else { /* 2009.05.25 직할 1팀 박흥열 수정처리 에 현재 로그인하려는 회원의 BeeBank 접근 권한 정보를 추가합니다. or 기존 내역 주석 처리 $ResponseBody = ''; */ // 기본 Default 변수 설정 $BankAuth = "BankAuth="; // shop_id와 sub_id에 해당하는 사용자의 권한 정보 검색 $auth_value_result = mysql_query(" SELECT sel_a__level FROM sellma_auth WHERE sel_a__target LIKE 'account_view' AND sel_a__shop_id LIKE '".$_GET["shop_id"]."' AND sel_a__sub_id LIKE '".$_GET["id"]."' "); $auth_value = @mysql_fetch_assoc($auth_value_result); // shop_id와 sub_id에 해당하는 권한 정보가 없을 경우 'true'값 설정 if(!$auth_value["sel_a__level"]){ $BankAuth .= "'true'"; } // 값이 존재 할경우 else{ // 'on'일 경우 'true'값 설정 if($auth_value["sel_a__level"] == "on"){ $BankAuth .= "'true'"; } // 'off'일 경우 'false'값 설정 // 'on' or 'off' 가 아닐 경우 'false'값 설정 else{ $BankAuth .= "'false'"; } } $ResponseBody = ''; $ResponseState = 'Success'; // 단말기 등록해제 require_once 'lib/recent_messages.php'; $logger = new Logger(); $db = Database::getInstance(); $db->setLogger($logger); $push = new Push(); $push->setLogger($logger); $res = $push->unregistDevice($user->shop_id, $user->sub_id); if ($res === false) { $logger->log("fail to unregist device: {$user->shop_id}, {$user->sub_id}"); } // 단말기 등록 if (isset($_GET['dev_token']) && trim($_GET['dev_token'])) { $res = $push->registDevice($user->shop_id, $user->sub_id, $_GET['dev_token'], $_GET['dev_type']); if (!$res) { $logger->log("fail to regist device: {$_GET['dev_token']}"); } } } // DELETE 기존의 rows들 if (@mysql_query("DELETE FROM message WHERE shop_id = '{$user->shop_id}' AND sub_id = '{$user->sub_id}'")) { errorlog('clean success'); } else { errorlog('clean fail'); } } else { $ResponseBody = ''; $ResponseState = 'Fail'; } } else { $ResponseBody = ''; $ResponseState = 'Fail'; } $ResponseBody .= "{$Version}"; $search = array('[ResponseTime]', '[ResponseState]', '[ResponseBody]'); $replace = array($ResponseTime, $ResponseState, $ResponseBody); echo str_replace($search, $replace, $XML_Auth); errorlog("{$user->shop_id}:{$user->sub_id} - auth - {$ResponseState} - {$sysinfo}"); } else if ($_GET['sessid'] && !$_GET['logout'] && !$_GET['option']) { $_GET['sessid'] = mysql_escape_string($_GET['sessid']); $ResponseBody .= "{$Version}"; // 여기도 shop_id 같이 하자 $sql = "SELECT shop_id, sub_id FROM user WHERE sessid = '{$_GET[sessid]}' LIMIT 1"; $res = mysql_query($sql); if (FALSE == $res || 0 == mysql_num_rows($res)) { if (false == $res) { $case = '1'; } if (0 == mysql_num_rows($res)) { $case = '2' . $_GET['sessid']; } $ResponseBody .= ''; $ResponseState = 'Fail'; $search = array('[Action]', '[ResponseTime]', '[ResponseState]', '[ResponseBody]'); $replace = array('Fetch', $ResponseTime, $ResponseState, $ResponseBody); echo str_replace($search, $replace, $XML_Base); errorlog("{$_GET[sessid]} nonexists sessid"); exit; } $shop_id = mysql_result($res, 0, 0); $sub_id = mysql_result($res, 0, 1); errorlog("{$shop_id}:{$sub_id} - fetch {$_GET['sessid']} - enter"); @mysql_query("UPDATE user SET date_last = NOW() WHERE sessid = '{$_GET['sessid']}'"); if ($shop_id) { $sql = "SELECT * FROM message WHERE shop_id = '{$shop_id}' AND sub_id = '{$sub_id}'"; $res = mysql_query($sql); if (false == $res) { echo mysql_error(); } /* 2009.05.25 직할 1팀 박흥열 수정처리 현재 로그인한 사용자의 BeeBank 접근 권한을 검색하여 값이 'on'일 경우 BeeBank 내용을 모두 전송하고 값이 'off'일 경우 BeeBank 내용을 '' 공백 처리 합니다. */ // 권한 변수 초기화 $BankAuth = "false"; // shop_id와 sub_id에 해당하는 사용자의 권한 정보 검색 $auth_value_result = mysql_query(" SELECT sel_a__level FROM sellma_auth WHERE sel_a__target LIKE 'account_view' AND sel_a__shop_id LIKE '".$shop_id."' AND sel_a__sub_id LIKE '".$sub_id."' "); $auth_value = @mysql_fetch_assoc($auth_value_result); // shop_id와 sub_id에 해당하는 권한 정보가 없을 경우 'true'값 설정 if(!$auth_value["sel_a__level"]){ $BankAuth = "true"; } // 값이 존재 할경우 else{ // 'on'일 경우 'true'값 설정 if($auth_value["sel_a__level"] == "on"){ $BankAuth = "true"; } // 'off'일 경우 'false'값 설정 // 'on' or 'off' 가 아닐 경우 'false'값 설정 else{ $BankAuth = "false"; } } while ($row = mysql_fetch_object($res)) { // 문자열을 escape해주어야 하나.. $row->date_regist = date('H시 i분', strtotime($row->date_regist)); $def_attr = "Id=\"{$row->id}\" Name=\"{$row->name}\" Time=\"{$row->date_regist}\" "; switch ($row->type) { case 'O': $order[] = "title}\" Price=\"{$row->extra1}\" Pay=\"{$row->extra2}\" />\n"; $cnt['O']++; break; case 'L': $login[] = "\n"; $cnt['L']++; break; case 'A': $article[] = "title}\" Code=\"{$row->extra1}\" />\n"; $cnt['A']++; break; case 'B': // 권한 변수의 값이 "true" 일경우에만 Beebank 정보 삽입 if($BankAuth == "true"){ $beebank[] = "extra1}\" Bank=\"{$row->extra2}\" />\n"; $cnt['B']++; } break; } } $ResponseBody .= "" . @implode('', $order) . ""; $ResponseBody .= "" . @implode('', $login) . ""; $ResponseBody .= "" . @implode('', $article) . ""; $ResponseBody .= "" . @implode('', $beebank) . ""; } else { $ResponseBody .= ''; } $sql = "SELECT * FROM banner WHERE enable = 'Y' ORDER BY RAND() LIMIT 1"; $res = @mysql_query($sql); $banner = mysql_fetch_object($res); $ResponseBody .= "ImageUrl}\" LinkUrl=\"{$banner->LinkUrl}\" Title=\"\" />"; $search = array('[Action]', '[ResponseTime]', '[ResponseState]', '[ResponseBody]'); $replace = array('Fetch', $ResponseTime, 'Success', $ResponseBody); if ($shop_id == 'dfljldfjaldfjadfs') { echo file_get_contents('/home/httpd/html/log/xml_sent/bs0048-20040812143928.xml'); exit; } else { echo $xml = str_replace($search, $replace, $XML_Base); } @mysql_query("DELETE FROM message WHERE shop_id = '{$shop_id}' AND sub_id = '{$sub_id}'"); errorlog("{$shop_id}:{$sub_id} - fetch {$_GET['sessid']} - O:{$cnt['O']} / L:{$cnt['L']} / A:{$cnt['A']} / B:{$cnt['B']}"); $date = date('YmdHis'); //@error_log($xml, 3, "/home/httpd/html/log/xml_sent/{$shop_id}-{$date}.xml"); } elseif ($_GET['sessid'] && isset($_GET['option'])) { // 옵션을 분리 // set하고 get하고... // sound,popup 이렇게 , 로 구분해서 받자 if ($_GET['option'] != 'GETOPT') { $sql = "UPDATE user SET opt = '{$_GET['option']}' WHERE sessid = '{$_GET['sessid']}'"; if (@mysql_query($sql)) { $ResponseState = 'Success'; } else { $ResponseState = 'Fail'; } } else { $sql = "SELECT opt FROM user WHERE sessid = '{$_GET['sessid']}'"; $res = @mysql_query($sql); if (@mysql_num_rows($res)) { // row검사해야되.. $opts = mysql_result($res, 0, 0); $ResponseState = 'Success'; } else { $opts = ''; $ResponseState = 'Fail'; } } $ResponseBody .= ""; $search = array('[Action]', '[ResponseTime]', '[ResponseState]', '[ResponseBody]'); $replace = array('Option', $ResponseTime, $ResponseState, $ResponseBody); echo $xml = str_replace($search, $replace, $XML_Base); errorlog("{$_GET['sessid']} - option : {$_GET['option']} : {$ResponseState}"); } elseif ($_GET['sessid'] && $_GET['logout']) { $sql = "SELECT shop_id, sub_id FROM user WHERE sessid = '{$_GET['sessid']}'"; $res = mysql_query($sql); if (!$res || !mysql_num_rows($res)) { exit; } $shop_id = mysql_result($res, 0, 0); $sub_id = mysql_result($res, 0, 1); @mysql_query("DELETE FROM message WHERE shop_id = '{$shop_id}' AND sub_id = '{$sub_id}'"); @mysql_query("UPDATE user SET date_last = " . ((int)MAX_CLIENT_IDLE + 1) . "WHERE sessid = '{$_GET['sessid']}'"); errorlog("{$shop_id}:{$sub_id} - {$_GET['sessid']} - logout"); // 단말기 등록해제 require_once 'lib/recent_messages.php'; $logger = new Logger(); $db = Database::getInstance(); $db->setLogger($logger); $push = new Push(); $push->setLogger($logger); $res = $push->unregistDevice($shop_id, $sub_id); if ($res === false) { $logger->log("fail to unregist device: $shop_id, $sub_id"); } } else { $search = array('[Action]', '[ResponseTime]', '[ResponseState]', '[ResponseBody]'); $replace = array('Version', $ResponseTime, 'Success', "{$Version}"); echo str_replace($search, $replace, $XML_Base); errorlog("{$_GET[REMOTE_ADDR]} - version"); } exit; function errorlog($str) { $date = date('Ymd'); error_log("[" . date('Y-m-d H:i:s') . "] " . $str . "\n", 3, "/home/httpd/sellma2/log/f{$date}.log"); } function is_Office() { return preg_match("/122.49.77./", $_SERVER['REMOTE_ADDR']); } ?>