史萊姆論壇 - 查看單個文章

貝斯特 · 2005-06-21, 11:42 PM

HACK:退款&罰款 FOR 買賣帖
Hack來源：http://phpbbs.cn18.net
作者:cnteacher
修改:liuqiang
功能:

如果賣帖者詐騙錢財，管理員只需點擊[退款&罰款]，即可自動退還買帖者所交款項，扣除賣帖者所得款項，并對賣帖者處以10倍于該帖歷史最高售價的罰款；

如果賣帖者主動退款，賣帖者只需點擊[退款&罰款]，即可自動退還買帖者所交款項，扣除自己所得款項，并免去懲罰！

對詐騙錢財者的懲罰是非常無情的，現金不足扣存款，直至扣完全部現金和存款！

前提當然是要先安裝好買賣文章的Hack。

安裝:非常簡單，只需添加3處內容

10.23 19:30更新:

語法:

if (!isadmin || $discuz_user != $postuser) showmessage('對不起，您無此權限！');

改為:

語法:

if (!isadmin && $discuz_user != $postuser) showmessage('對不起，您無此權限！');

第一步、修改postpay.php
在文件結尾，?> 符號之前添加下面的代碼。

語法:

if ($action =="refund"){ 
        $query = $db->query("SELECT author FROM $table_posts where pid='$pid'"); 
        $post=$db->fetch_array($query); 
        $postuser = $post['author']; 
        if (!isadmin && $discuz_user != $postuser) showmessage('對不起，您無此權限！'); 
        $query = $db->query("SELECT COUNT(*) as paycount,SUM(money) as allmoney FROM $hacktable_postpay where tid='$tid'and pid='$pid' and sellcount='$sellcount'"); 
        $pay = $db->fetch_array($query); 
        if ($pay['paycount']<1){ 
                showmessage('沒有找到該貼的購買記錄！請返回。'); 
        } 
        if ($isadmin){ 
        $query = $db->query("SELECT MAX(money) as maxvalue FROM $hacktable_postpay where tid='$tid'and pid='$pid' and sellcount='$sellcount'"); 
        $postpay = $db->fetch_array($query); 
        $maxvalue = $postpay['maxvalue']; 
        $reward = 10*$maxvalue;//10為懲罰的倍數 
        } 
        if (submitcheck($refundsubmit)){ 
                $password = md5($password); 
                $query = $db->query("SELECT * FROM $table_members where username='$discuz_user'"); 
                $member = $db->fetch_array($query); 
                if ($password != $member['password']) showmessage('密碼錯誤，您不能進行此操作，請返回重試！'); 
                $result = $db->query("SELECT * FROM $hacktable_postpay where tid='$tid'and pid='$pid' and sellcount='$sellcount'"); 
                $nums=mysql_num_rows($result); 
                for($i = 0; $i < $nums; $i++) { 
                    $payid = mysql_result($result,$i,'id'); 
                    $payuser = mysql_result($result,$i,'username'); 
                    $paymoney = mysql_result($result,$i,'money'); 
                            $query = $db->query("UPDATE $table_members SET  money=money+$paymoney WHERE username='$payuser'"); 
                            $query = $db->query("UPDATE $hacktable_postpay SET  money=0 WHERE id='$payid'"); 
                } 
                $allmoney = $pay['allmoney']; 
                if ($postuser){ 
                        $result = $db->query("SELECT * FROM $table_members where username='$postuser'"); 
                        $money = mysql_result($result,0,'money'); 
                        $bank = mysql_result($result,0,'bank'); 
                        if ($money < $allmoney){ 
                                if (($money+$bank) <$allmoney){ 
                                        $query = $db->query("UPDATE $table_members SET  money=0 WHERE username='$postuser'"); 
                                        $query = $db->query("UPDATE $table_members SET  bank=0 WHERE username='$postuser'"); 
                                } else { 
                                        $newbank = $money+$bank-$allmoney; 
                                        $query = $db->query("UPDATE $table_members SET  money=0 WHERE username='$postuser'"); 
                                        $query = $db->query("UPDATE $table_members SET  bank=$newbank username='$postuser'"); 
                                }                 
                        } else { 
                                $query = $db->query("UPDATE $table_members SET  money=money-$allmoney WHERE username='$postuser'"); 
                        } 
                } 
                if ($isadmin){ 
                        $result = $db->query("SELECT * FROM $table_members where username='$postuser'"); 
                        $money = mysql_result($result,0,'money'); 
                        $bank = mysql_result($result,0,'bank'); 
                        if ($money < $reward){ 
                                if (($money+$bank) <$reward){ 
                                        $query = $db->query("UPDATE $table_members SET  money=0 WHERE username='$postuser'"); 
                                        $query = $db->query("UPDATE $table_members SET  bank=0 WHERE username='$postuser'"); 
                                } else { 
                                        $newbank = $money+$bank-$reward; 
                                        $query = $db->query("UPDATE $table_members SET  money=0 WHERE username='$postuser'"); 
                                        $query = $db->query("UPDATE $table_members SET  bank=$newbank username='$postuser'"); 
                                }                 
                        } else { 
                                $query = $db->query("UPDATE $table_members SET  money=money-$reward WHERE username='$postuser'"); 
                        } 
                } 
                showmessage('退款&罰款成功！',"viewthread.php?tid=$tid&page=$page&pid=$pid#pid$pid"); 
        } else { 
                include template('postpay_submit'); 
        } 
}

第二步、修改postpay_submit模板
在文件結尾，{template footer}之前添加下面的代碼。

語法:

<!--{if $action=='refund'}-->
<form method="post" action="postpay.php">
<input type="hidden" name="action" value="refund">
<input type="hidden" name="pid" value="$pid">
<input type="hidden" name="sid" value="$sid">
<input type="hidden" name="tid" value="$tid">
<input type="hidden" name="sellcount" value="$sellcount">
<table cellspacing="0" cellpadding="0" border="0" width="400" align="center">
<tr><td bgcolor="{BORDERCOLOR}">
<table border="0" cellspacing="{BORDERWIDTH}" cellpadding="{TABLESPACE}" width="100%">
<tr class="header">
<td colspan="2">退款確認</td>
</tr>
<tr>
<td bgcolor="{ALTBG1}" width="21%">{lang username}:</td>
<td bgcolor="{ALTBG2}">$discuz_userss  <span class="smalltxt">[<a href="logging.php?action=logout">{lang member_logout}</a>]</span></td>
</tr>
<tr>
<td bgcolor="{ALTBG1}" width="21%">退款總額 :</td>
<td bgcolor="{ALTBG2}">$pay[allmoney]金幣</td>
</tr>
<!--{if $isadmin}-->
<tr>
<td bgcolor="{ALTBG1}" width="21%">罰款總額 :</td>
<td bgcolor="{ALTBG2}">10*$maxvalue = $reward 金幣(懲罰用戶$postuser)</td>
</tr>
<!--{/if}-->
<tr>
<td bgcolor="{ALTBG1}" width="21%">確認退款 :</td>
<td bgcolor="{ALTBG2}"><input type="password" name="password" size="25" tabindex="2">請輸入用戶密碼</td>
</tr>
</table>
</td></tr></table><br>
<center><input type="submit" name="refundsubmit" value="{lang submit}"></center>
</form>
<!--{/if}-->

第三步、修改 include/discuzcode.php
搜索

語法:

)</span><br>".str_pad('',35,'*')."<br>";

在前面加入

語法:

&nbsp;[<a href="postpay.php?action=refund&tid=$tid&pid=$post[pid]&sellcount=$post_sellcount\" title=\"退還全部所得款項\" target=_blank>退款&罰款</a>]

2005-06-21, 11:42 PM	#1
貝斯特長老會員榮譽勳章勳章總數2 UID - 90669 在線等級: 註冊日期: 2003-08-06 住址: The Gates of Hell 文章: 1758 精華: 2 現金: 15064 金幣資產: 5185909 金幣	退款&罰款 FOR 買賣帖 HACK:退款&罰款 FOR 買賣帖 Hack來源：http://phpbbs.cn18.net 作者:cnteacher 修改:liuqiang 功能: 如果賣帖者詐騙錢財，管理員只需點擊[退款&罰款]，即可自動退還買帖者所交款項，扣除賣帖者所得款項，并對賣帖者處以10倍于該帖歷史最高售價的罰款；如果賣帖者主動退款，賣帖者只需點擊[退款&罰款]，即可自動退還買帖者所交款項，扣除自己所得款項，并免去懲罰！對詐騙錢財者的懲罰是非常無情的，現金不足扣存款，直至扣完全部現金和存款！前提當然是要先安裝好買賣文章的Hack。安裝:非常簡單，只需添加3處內容 10.23 19:30更新: 語法: if (!isadmin \|\| $discuz_user != $postuser) showmessage('對不起，您無此權限！'); 改為: 語法: if (!isadmin && $discuz_user != $postuser) showmessage('對不起，您無此權限！'); 第一步、修改postpay.php 在文件結尾，?> 符號之前添加下面的代碼。語法: if ($action =="refund"){ $query = $db->query("SELECT author FROM $table_posts where pid='$pid'"); $post=$db->fetch_array($query); $postuser = $post['author']; if (!isadmin && $discuz_user != $postuser) showmessage('對不起，您無此權限！'); $query = $db->query("SELECT COUNT() as paycount,SUM(money) as allmoney FROM $hacktable_postpay where tid='$tid'and pid='$pid' and sellcount='$sellcount'"); $pay = $db->fetch_array($query); if ($pay['paycount']<1){ showmessage('沒有找到該貼的購買記錄！請返回。'); } if ($isadmin){ $query = $db->query("SELECT MAX(money) as maxvalue FROM $hacktable_postpay where tid='$tid'and pid='$pid' and sellcount='$sellcount'"); $postpay = $db->fetch_array($query); $maxvalue = $postpay['maxvalue']; $reward = 10$maxvalue;//10為懲罰的倍數 } if (submitcheck($refundsubmit)){ $password = md5($password); $query = $db->query("SELECT * FROM $table_members where username='$discuz_user'"); $member = $db->fetch_array($query); if ($password != $member['password']) showmessage('密碼錯誤，您不能進行此操作，請返回重試！'); $result = $db->query("SELECT * FROM $hacktable_postpay where tid='$tid'and pid='$pid' and sellcount='$sellcount'"); $nums=mysql_num_rows($result); for($i = 0; $i < $nums; $i++) { $payid = mysql_result($result,$i,'id'); $payuser = mysql_result($result,$i,'username'); $paymoney = mysql_result($result,$i,'money'); $query = $db->query("UPDATE $table_members SET money=money+$paymoney WHERE username='$payuser'"); $query = $db->query("UPDATE $hacktable_postpay SET money=0 WHERE id='$payid'"); } $allmoney = $pay['allmoney']; if ($postuser){ $result = $db->query("SELECT * FROM $table_members where username='$postuser'"); $money = mysql_result($result,0,'money'); $bank = mysql_result($result,0,'bank'); if ($money < $allmoney){ if (($money+$bank) <$allmoney){ $query = $db->query("UPDATE $table_members SET money=0 WHERE username='$postuser'"); $query = $db->query("UPDATE $table_members SET bank=0 WHERE username='$postuser'"); } else { $newbank = $money+$bank-$allmoney; $query = $db->query("UPDATE $table_members SET money=0 WHERE username='$postuser'"); $query = $db->query("UPDATE $table_members SET bank=$newbank username='$postuser'"); } } else { $query = $db->query("UPDATE $table_members SET money=money-$allmoney WHERE username='$postuser'"); } } if ($isadmin){ $result = $db->query("SELECT * FROM $table_members where username='$postuser'"); $money = mysql_result($result,0,'money'); $bank = mysql_result($result,0,'bank'); if ($money < $reward){ if (($money+$bank) <$reward){ $query = $db->query("UPDATE $table_members SET money=0 WHERE username='$postuser'"); $query = $db->query("UPDATE $table_members SET bank=0 WHERE username='$postuser'"); } else { $newbank = $money+$bank-$reward; $query = $db->query("UPDATE $table_members SET money=0 WHERE username='$postuser'"); $query = $db->query("UPDATE $table_members SET bank=$newbank username='$postuser'"); } } else { $query = $db->query("UPDATE $table_members SET money=money-$reward WHERE username='$postuser'"); } } showmessage('退款&罰款成功！',"viewthread.php?tid=$tid&page=$page&pid=$pid#pid$pid"); } else { include template('postpay_submit'); } } 第二步、修改postpay_submit模板在文件結尾，{template footer}之前添加下面的代碼。語法: <!--{if $action=='refund'}--> <form method="post" action="postpay.php"> <input type="hidden" name="action" value="refund"> <input type="hidden" name="pid" value="$pid"> <input type="hidden" name="sid" value="$sid"> <input type="hidden" name="tid" value="$tid"> <input type="hidden" name="sellcount" value="$sellcount"> <table cellspacing="0" cellpadding="0" border="0" width="400" align="center"> <tr><td bgcolor="{BORDERCOLOR}"> <table border="0" cellspacing="{BORDERWIDTH}" cellpadding="{TABLESPACE}" width="100%"> <tr class="header"> <td colspan="2">退款確認</td> </tr> <tr> <td bgcolor="{ALTBG1}" width="21%">{lang username}:</td> <td bgcolor="{ALTBG2}">$discuz_userss <span class="smalltxt">[<a href="logging.php?action=logout">{lang member_logout}</a>]</span></td> </tr> <tr> <td bgcolor="{ALTBG1}" width="21%">退款總額 :</td> <td bgcolor="{ALTBG2}">$pay[allmoney]金幣</td> </tr> <!--{if $isadmin}--> <tr> <td bgcolor="{ALTBG1}" width="21%">罰款總額 :</td> <td bgcolor="{ALTBG2}">10$maxvalue = $reward 金幣(懲罰用戶$postuser)</td> </tr> <!--{/if}--> <tr> <td bgcolor="{ALTBG1}" width="21%">確認退款 :</td> <td bgcolor="{ALTBG2}"><input type="password" name="password" size="25" tabindex="2">請輸入用戶密碼</td> </tr> </table> </td></tr></table><br> <center><input type="submit" name="refundsubmit" value="{lang submit}"></center> </form> <!--{/if}--> 第三步、修改 include/discuzcode.php 搜索語法: )</span><br>".str_pad('',35,'')."<br>"; 在前面加入語法:  [<a href="postpay.php?action=refund&tid=$tid&pid=$post[pid]&sellcount=$post_sellcount\" title=\"退還全部所得款項\" target=_blank>退款&罰款</a>]
	__________________ 給自己看也給所有需要這些話鼓勵的人看! 認真不一定會得到美好的結果,但是不認真就一定沒有想要有什麼結果,就秉持你的雙手放手去做總比什麼都沒付出最後失敗了才嘆氣來的好吧沒努力的人.沒有資格說放棄努力過的人.更要有勇氣繼續努力下去
	送花文章: 1, 收花文章: 38 篇, 收花: 123 次