code

include.ini.php

@@ -63,6 +63,10 @@ function _getLoginName() {
     return $_SESSION['ONLINE_USER']['user_login'];
 }
 
+function _getLoginEamil() {
+    return $_SESSION['ONLINE_USER']['email'];
+}
+
 function _isAdminHandNew($user) {
     return $user['is_super'] == 't';
 }

main_new_version.php

@@ -471,7 +471,10 @@ switch ($action) {
                                     when a.code='IFFDEP' then 'Departed'
                                     when a.code='IFFARR' then 'Arrived'
                                     when a.code='IFFAFD' then 'Completed'
-                                    else 'Created' END as status,act_date,act_time,_dd.description,timezone
+                                    else 'Created' END as status,
+                                    act_date,act_time,
+                                    case when a.code = 'IFFECP' then 'Empty Container Pickup' else _dd.description end as description,
+                                    timezone
                             from  ocean_milestone a 
                                     left join LATERAL (select sno,description  from  milestone where code=a.code and project_no = '*' limit 1) _dd on true
                     where a.serial_no=online_ocean.serial_no 

service/login.class.php

@@ -1124,7 +1124,13 @@ class login {
             $db->Execute("INSERT INTO public.tracking_login_record(ip, visit_count,visit_time,type)VALUES ('$ip', '1', now(),'".common::check_input($_POST['type'])."');") or ( (!$db->ErrorMsg()) or error_log($db->ErrorMsg(), 0));
         }else{
             if ($ipInfo['visit_count'] > $Tracking_Search_Count){
-                if(true){
+                $AES_encrypted = $this->AES_encrypted($is_verify);
+                $secret_key = common::excuteOneSql("select secret_key from customer_service_secret_key 
+                    where secret_key = '$is_verify' 
+                    and create_time >= current_date - INTERVAL '3 months' limit 1");
+                //记录这次的密钥记录
+                common::excuteUpdateSql("INSERT INTO public.customer_service_secret_key(secret_key, create_time)VALUES ('$is_verify', now());");
+                if(!empty($AES_encrypted) && empty($secret_key)){
                     //归零验证次数
                     $db->Execute("update tracking_login_record set visit_count = 1 "
                         . " where ip = '$ip' and type ilike '".common::check_input($_POST['type'])."' and visit_time + '5 min' > NOW()::timestamp ") or ( (!$db->ErrorMsg()) or error_log($db->ErrorMsg(), 0));
@@ -1343,13 +1349,10 @@ class login {
     }
 
     private function AES_encrypted($encrypted_string){
-        $cipher = "aes-256-cbc"; // AES算法的一个实现，比如AES-256-CBC
-        $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($cipher)); // 生成初始化向量
-        $key = 'fT5!R1k$7Mv@4Q9X'; // 你的256位密钥
-        // 解密
-        $decrypted = openssl_decrypt($encrypted_string, $cipher, $key, $options=0, $iv);
-        
-        return $decrypted; // 输出解密后的字符串
+        $key = 'fT5!R1k$7Mv@4Q9X'; // 16 bytes key
+        $iv = '1234567890123456'; // 16 bytes IV
+        $decrypted = openssl_decrypt(base64_decode($encrypted_string), 'AES-128-CBC', $key, OPENSSL_RAW_DATA, $iv);
+        return $decrypted;
     }
 }
 

service/ocean_order.class.php

@@ -331,10 +331,10 @@ class ocean_order {
                     $_reportStationType = $_REQUEST["_reportStationType"];
                     
                     if($_reportStationType == 'shippr_uncode'){
-                        $sqlWhere = " and shippr_uncode  = '$_reportRef'";
+                        $sqlWhere .= " and shippr_uncode  = '$_reportRef'";
                     }
                     if($_reportStationType == 'fport_of_loading_un'){
-                        $sqlWhere = " and fport_of_loading_un  = '$_reportRef'";
+                        $sqlWhere .= " and fport_of_loading_un  = '$_reportRef'";
                     }
                     if($_reportStationType == 'consignee_uncode'){
                         $sqlWhere .= " and  consignee_uncode = '$_reportRef'";

service/tools.class.php

@@ -67,21 +67,21 @@ class tools {
         $operate = strtolower($operate);
 
         if ($operate == "mark_save") {
-            $suggestion = common::check_input($_POST ['suggestion']); 
-            $proposal = common::check_input($_POST ['proposal']); 
-            $expression = common::check_input($_POST ['expression']);
-            $complete_funtionality = common::check_input($_POST ['Complete_funtionality']);
-            $accurate_data = common::check_input($_POST ['Accurate_data']);
-            $clear_information = common::check_input($_POST ['Clear_information']);
-            $easy_to_use = common::check_input($_POST ['Easy_to_use']);
-            $system_Performance = common::check_input($_POST ['System_Performance']);
+            $suggestion = utils::implode(",",$_POST['suggestion']); 
+            $proposal = common::check_input($_POST['proposal']); 
+            $expression = common::check_input($_POST['expression']);
+            $complete_funtionality = common::check_input($_POST['Complete_funtionality']);
+            $accurate_data = common::check_input($_POST['Accurate_data']);
+            $clear_information = common::check_input($_POST['Clear_information']);
+            $easy_to_use = common::check_input($_POST['Easy_to_use']);
+            $system_Performance = common::check_input($_POST['System_Performance']);
 
             $user_type = _isApexLogin() ? "employee" : "customer";
             $sql = "INSERT INTO public.customer_service_user_mark(user_type, user_name, suggestion, proposal, expression, complete_funtionality, 
                     accurate_data, clear_information, easy_to_use, system_performance, 
-                    created_time)
+                    created_time,email)
             VALUES ('$user_type', '"._getLoginName()."', '$suggestion', '$proposal', '$expression', '$complete_funtionality', 
-                    '$accurate_data', '$clear_information', '$easy_to_use', '$system_Performance', now())";
+                    '$accurate_data', '$clear_information', '$easy_to_use', '$system_Performance', now(),'"._getLoginEamil()."')";
             common::excuteUpdateSql($sql);
 
             $data = array("msg" =>"success");

utils/common.class.php

@@ -1539,11 +1539,12 @@ class common {
 
         //Milestones 数据信息待定
         $Milestones_data = array();
-        $Milestones_data_arr = common::excuteListSql("select dd.description,act_date||' '||act_time as date_time, remark,timezone from  ocean_milestone a 
-                    left join LATERAL (select sno,description  from  milestone where code=a.code and project_no = '*' limit 1) dd on true
-		 			where a.serial_no='".$ocean["serial_no"]."' 
-                        and act_date is not null  
-                    order by dd.sno asc, id asc");           
+        $Milestones_data_arr = common::excuteListSql("select 
+            case when code = 'IFFECP' then 'Empty Container Pickup' else dd.description end as description,
+	        act_date||' '||act_time as date_time, remark,timezone 
+            from  ocean_milestone a 
+                left join LATERAL (select sno,description  from  milestone where code=a.code and project_no = '*' limit 1) dd on true
+            where a.serial_no='".$ocean["serial_no"]."' and act_date is not null  order by dd.sno asc, id asc");           
         foreach($Milestones_data_arr as $mda){
             $Milestones_data[] = array("milestones"=>$mda['description'],"date_time"=>$mda['date_time'],"timezone" =>$mda['timezone'],
                 "locations" => "", "remarks" =>$mda['remark']);