diff --git a/ajax_handler.php b/ajax_handler.php index 68946d1..0a48520 100644 --- a/ajax_handler.php +++ b/ajax_handler.php @@ -1,9 +1,5 @@ 0, 'data' => $data], JSON_UNESCAPED_UNICODE); } else { - echo json_encode($res ?: ['code' => 500, 'msg' => '获取项目列表 失败'], JSON_UNESCAPED_UNICODE); + echo json_encode($res ?: ['code' => 500, 'msg' => '获取项目列表失败'], JSON_UNESCAPED_UNICODE); } break; @@ -79,7 +75,7 @@ try { $service_id = $_GET['service_id'] ?? ''; $country_name = $_GET['country_name'] ?? '未知国家'; $service_name = $_GET['service_name'] ?? '未知项目'; - $price = round((float)($_GET["price"] ?? 0), 2); + $price = (float)($_GET['price'] ?? 0); $stmt = $pdo->prepare("SELECT balance FROM users WHERE id = ?"); $stmt->execute([$_SESSION['user_id']]); @@ -107,30 +103,6 @@ try { echo json_encode($res ?: ['code' => 500, 'msg' => 'API获取号码失败'], JSON_UNESCAPED_UNICODE); } break; - - case 'release_number': - $request_id = $_GET['request_id'] ?? ''; - $stmt = $pdo->prepare("SELECT * FROM sms_orders WHERE request_id = ? AND user_id = ? AND status = 'pending'"); - $stmt->execute([$request_id, $_SESSION['user_id']]); - $order = $stmt->fetch(); - if ($order) { - $api->releaseNumber($request_id); - $pdo->beginTransaction(); - try { - $stmt = $pdo->prepare("UPDATE sms_orders SET status = 'canceled' WHERE request_id = ?"); - $stmt->execute([$request_id]); - $stmt = $pdo->prepare("UPDATE users SET balance = balance + ? WHERE id = ?"); - $stmt->execute([$order['cost'], $_SESSION['user_id']]); - $pdo->commit(); - echo json_encode(['code' => 0, 'msg' => '成功']); - } catch (Exception $e) { - $pdo->rollBack(); - echo json_encode(['code' => 500, 'msg' => '错误']); - } - } else { - echo json_encode(['code' => 400, 'msg' => '无效操作']); - } - break; case 'check_sms': $request_id = $_GET['request_id'] ?? ''; @@ -142,11 +114,118 @@ try { echo json_encode($res ?: ['code' => 500, 'msg' => 'API Error'], JSON_UNESCAPED_UNICODE); break; + case 'create_recharge': + $amount = (float)($_POST['amount'] ?? 0); + if ($amount < 10) { echo json_encode(['code' => 400, 'msg' => '最低充值金额为 10 USDT']); break; } + $final_amount = floor($amount) + (rand(1, 99) / 100); + $stmt = $pdo->prepare("INSERT INTO recharges (user_id, amount, txid, status) VALUES (?, ?, 'Manual/Auto', 'pending')"); + $stmt->execute([$_SESSION['user_id'], $final_amount]); + echo json_encode(['code' => 0, 'recharge_id' => $pdo->lastInsertId(), 'amount' => $final_amount]); + break; + + case 'check_recharge_status': + $recharge_id = $_GET['recharge_id'] ?? ''; + $stmt = $pdo->prepare("SELECT * FROM recharges WHERE id = ? AND user_id = ?"); + $stmt->execute([$recharge_id, $_SESSION['user_id']]); + $recharge = $stmt->fetch(); + if (!$recharge) { echo json_encode(['code' => 404, 'msg' => '未找到充值订单']); break; } + if ($recharge['status'] === 'completed') { echo json_encode(['code' => 0, 'status' => 'completed']); break; } + echo json_encode(['code' => 0, 'status' => 'pending']); + break; case "get_active_orders": - $stmt = $pdo->prepare("SELECT * FROM sms_orders WHERE user_id = ? AND status IN ('pending', 'received') ORDER BY created_at DESC"); + $stmt = $pdo->prepare("SELECT * FROM sms_orders WHERE user_id = ? AND status != "canceled" ORDER BY created_at DESC"); $stmt->execute([$_SESSION["user_id"]]); echo json_encode(["code" => 0, "data" => $stmt->fetchAll(PDO::FETCH_ASSOC)], JSON_UNESCAPED_UNICODE); break; + $stmt->execute([$_SESSION["user_id"]]); + echo json_encode(["code" => 0, "data" => $stmt->fetchAll(PDO::FETCH_ASSOC)], JSON_UNESCAPED_UNICODE); + break; + +case "upload_image": +$file = $_FILES["image"] ?? null; +if ($file) { +$ext = pathinfo($file["name"], PATHINFO_EXTENSION); +$name = "uploads/" . bin2hex(random_bytes(8)) . "." . $ext; +move_uploaded_file($file["tmp_name"], __DIR__ . "/" . $name); +echo json_encode(["code" => 0, "url" => $name]); +} else { +echo json_encode(["code" => 400, "msg" => "上传失败"]); +} +break; + case 'send_message': + $message = trim($_POST['message'] ?? ''); + $target_user_id = $_POST['user_id'] ?? $_SESSION['user_id']; + if (!$message) { echo json_encode(['code' => 400, 'msg' => '消息内容不能为空']); break; } + + $stmt = $pdo->prepare("SELECT role FROM users WHERE id = ?"); + $stmt->execute([$_SESSION['user_id']]); + $role = $stmt->fetchColumn(); + $sender = ($role === 'admin') ? 'admin' : 'user'; + + $stmt = $pdo->prepare("INSERT INTO support_messages (user_id, sender, message, `is_read`) VALUES (?, ?, ?, 0)"); + $stmt->execute([$target_user_id, $sender, $message]); + echo json_encode(['code' => 0, 'msg' => '已发送']); + break; + + case 'get_messages': + $target_user_id = $_GET['user_id'] ?? $_SESSION['user_id']; + $stmt = $pdo->prepare("SELECT role FROM users WHERE id = ?"); + $stmt->execute([$_SESSION['user_id']]); + $isAdmin = ($stmt->fetchColumn() === 'admin'); + + if (!$isAdmin && (int)$target_user_id !== (int)$_SESSION['user_id']) { + echo json_encode(['code' => 403, 'msg' => 'Forbidden']); break; + } + + if ($isAdmin && (int)$target_user_id !== (int)$_SESSION['user_id']) { + $pdo->prepare("UPDATE support_messages SET `is_read` = 1 WHERE user_id = ? AND sender = 'user'")->execute([$target_user_id]); + } else if (!$isAdmin) { + $pdo->prepare("UPDATE support_messages SET `is_read` = 1 WHERE user_id = ? AND sender = 'admin'")->execute([$_SESSION['user_id']]); + } + + $stmt = $pdo->prepare("SELECT * FROM support_messages WHERE user_id = ? ORDER BY id ASC"); + $stmt->execute([$target_user_id]); + echo json_encode(['code' => 0, 'data' => $stmt->fetchAll()]); + break; + + case 'get_chat_users': + $stmt = $pdo->prepare("SELECT role FROM users WHERE id = ?"); + $stmt->execute([$_SESSION['user_id']]); + if ($stmt->fetchColumn() !== 'admin') { echo json_encode(['code' => 403, 'msg' => 'Forbidden']); break; } + + // Optimized query to get last message reliably + $stmt = $pdo->query(" + SELECT u.id, u.username, m.message as last_message, m.created_at as last_time, + (SELECT COUNT(*) FROM support_messages WHERE user_id = u.id AND sender = 'user' AND `is_read` = 0) as unread_count + FROM users u + JOIN (SELECT user_id, MAX(id) as max_id FROM support_messages GROUP BY user_id) last_msg_idx ON u.id = last_msg_idx.user_id + JOIN support_messages m ON m.id = last_msg_idx.max_id + ORDER BY m.id DESC + "); + echo json_encode(['code' => 0, 'data' => $stmt->fetchAll()]); + break; + + case 'check_new_messages': + $stmt = $pdo->prepare("SELECT role FROM users WHERE id = ?"); + $stmt->execute([$_SESSION['user_id']]); + $role = $stmt->fetchColumn(); + if ($role === 'admin') { + $stmt = $pdo->query(" + SELECT m.*, u.username + FROM support_messages m + JOIN users u ON m.user_id = u.id + WHERE m.sender = 'user' AND m.`is_read` = 0 + ORDER BY m.id DESC LIMIT 1 + "); + $last_unread = $stmt->fetch(PDO::FETCH_ASSOC); + $total_unread = $pdo->query("SELECT COUNT(*) FROM support_messages WHERE sender = 'user' AND `is_read` = 0")->fetchColumn(); + echo json_encode(['code' => 0, 'unread_total' => $total_unread, 'last_user' => $last_unread['username'] ?? '']); + } else { + $stmt = $pdo->prepare("SELECT COUNT(*) FROM support_messages WHERE user_id = ? AND sender = 'admin' AND `is_read` = 0"); + $stmt->execute([$_SESSION['user_id']]); + echo json_encode(['code' => 0, 'unread_total' => $stmt->fetchColumn()]); + } + break; default: echo json_encode(['code' => 404, 'msg' => '未知请求']); diff --git a/assets/pasted-20260322-133027-80414c03.png b/assets/pasted-20260322-133027-80414c03.png deleted file mode 100644 index 768645f..0000000 Binary files a/assets/pasted-20260322-133027-80414c03.png and /dev/null differ diff --git a/assets/pasted-20260322-133227-48c54bf2.png b/assets/pasted-20260322-133227-48c54bf2.png deleted file mode 100644 index 573c615..0000000 Binary files a/assets/pasted-20260322-133227-48c54bf2.png and /dev/null differ diff --git a/assets/pasted-20260322-133628-3e9eff74.png b/assets/pasted-20260322-133628-3e9eff74.png deleted file mode 100644 index 768645f..0000000 Binary files a/assets/pasted-20260322-133628-3e9eff74.png and /dev/null differ diff --git a/assets/pasted-20260322-134533-ffbda01f.png b/assets/pasted-20260322-134533-ffbda01f.png deleted file mode 100644 index dc8e7b2..0000000 Binary files a/assets/pasted-20260322-134533-ffbda01f.png and /dev/null differ diff --git a/assets/pasted-20260322-135053-53cd0f6c.png b/assets/pasted-20260322-135053-53cd0f6c.png deleted file mode 100644 index 26af26f..0000000 Binary files a/assets/pasted-20260322-135053-53cd0f6c.png and /dev/null differ diff --git a/assets/pasted-20260322-135540-4f01042f.png b/assets/pasted-20260322-135540-4f01042f.png deleted file mode 100644 index 730af6b..0000000 Binary files a/assets/pasted-20260322-135540-4f01042f.png and /dev/null differ diff --git a/assets/pasted-20260322-140127-24c1e5aa.png b/assets/pasted-20260322-140127-24c1e5aa.png deleted file mode 100644 index c02b00c..0000000 Binary files a/assets/pasted-20260322-140127-24c1e5aa.png and /dev/null differ diff --git a/assets/pasted-20260322-141554-d688911c.png b/assets/pasted-20260322-141554-d688911c.png deleted file mode 100644 index 6144efd..0000000 Binary files a/assets/pasted-20260322-141554-d688911c.png and /dev/null differ diff --git a/assets/pasted-20260322-142108-d74f625e.png b/assets/pasted-20260322-142108-d74f625e.png deleted file mode 100644 index 07f5ec0..0000000 Binary files a/assets/pasted-20260322-142108-d74f625e.png and /dev/null differ diff --git a/dashboard.php b/dashboard.php index 10f87d7..79ad9ad 100644 --- a/dashboard.php +++ b/dashboard.php @@ -327,13 +327,19 @@ $notice_text = $settings['notice_text'] ?? '欢迎使用全球接码平台!';