$value2){ $_SESSION[$key2] = $value2; } if($_POST['ispostback']){ if($_POST["action"] == "Register"){ $a = $b = $m = ""; foreach($_POST as $key => $value){ if(!eregi("^submit$|^action$|^id_member$|^type$|^style$|^user$|^pass$|^username$|^password1$|^x$|^y$|^password2$|^captcha_code$|^ispostback$", $key)){ $a .= "`$key`, "; $b .= "'" . $value . "', "; $m .= "$key = $value\r\n"; } } $time = time(); $ip = $_SERVER['REMOTE_ADDR']; $key = md5(time()); $a .= "`type`, `style`, `confirm`, `user`, `pass`, `time`, `time_update`, `ip`, `ip_update`, `key`"; $b .= "'1', '1', '2', '$_POST[username]', '$_POST[password1]', '$time', '$time', '$ip', '$ip', '$key'"; include_once '../securimage/securimage.php'; $securimage = new Securimage(); if($securimage->check($_POST['captcha_code']) == true){ echo "aaaaaaa"; //echo "Select * From `member` Where `email` = '$_POST[email]' || `user` = '$_POST[username]'"; $num = mysql_num_rows(mysql_query("Select * From `member` Where `email` = '$_POST[email]' || `user` = '$_POST[username]'")); if($num == 0 && strlen($_POST["username"]) >= 4){ echo "Insert Into `member` ($a) Values ($b)"; if(mysql_query("Insert Into `member` ($a) Values ($b)")){ $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n"; $headers .= "From: $email_main_name<$email_main>\n"; $headers .= "bcc: $email_regis_\r\n"; if($_SESSION["version"] == "thai"){ //@mail("mar_6_2@hotmail.com", "มีคนสมัครสมาชิกมาใหม่ <" . $_SERVER['HTTP_HOST'] . ">", "$m", $headers); @mail("$_POST[email]", $email_regis_sub, "$email_des_regis

คุณ $_POST[firstname]
กรุณายืนยันอีเมล์ของคุณ Click
$email_footer", $headers); }else{ @mail("$_POST[email]", $email_regis_sub, "$email_des_regis

$_POST[firstname]
To activate your account, please click the following link: Click
$email_footer", $headers); } //@header("Location: index.php?err=complete"); exit; }else{ //@header("Location: index.php?page=Register&err=error1"); exit; } }else{ //@header("Location: index.php?page=Register&err=error2"); exit; } }else{ $error2 = "error"; } } } if($_POST["action"] == "Upload"){ $a = ""; foreach($_FILES as $key => $value){ if(!is_dir("../images/shopping")) @mkdir("../images/shopping", 0755); $File_tmp = $_FILES["$key"]["tmp_name"]; $File_name = $_FILES["$key"]["name"]; if(!empty($File_tmp)){ $_ = explode(".", $File_name); if((eregi("^gif$|^jpg$|^jpeg$|^png$", $_[count($_) - 1]) && eregi("^file1$", $key) || (eregi("^doc$|^docx$", $_[count($_) - 1]) && eregi("^file2$", $key)))){ $md5 = md5(time() . $key); $File_name = substr($md5, 0, 6) . substr($md5, -6, 6) . "." . strtolower($_[count($_) - 1]); @copy($File_tmp, "../images/shopping/" . $File_name); $a .= "`od_" . $key . "` = '" . $File_name . "', "; } } } if(!empty($a)){ $a = substr($a, 0, -2); mysql_query("Update `tbl_order` Set $a Where `od_status` = 'New' && `od_id` = '$_GET[i]' && `id_member` = '$mem[id_member]'"); } $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n"; @mail("$_POST[email]", "มีแนบไฟล์แจ้งชำระเงิน ใบสั่งซื้อเลขที่ $_GET[i] <" . $_SERVER['HTTP_HOST'] . ">", "", $headers); @header("Location: index.php?page=$_GET[page]&s=$_GET[s]&i=$_GET[i]&action=$_GET[action]"); exit; }elseif($_POST["action"] == "Cancel"){ mysql_query("Update `tbl_order` Set `od_status` = 'Cancelled' Where `od_status` = 'New' && `od_id` = '$_GET[i]' && `id_member` = '$mem[id_member]'"); $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n"; @mail("$_POST[email]", "มีการยกเลิก ใบสั่งซื้อเลขที่ $_GET[i] <" . $_SERVER['HTTP_HOST'] . ">", "", $headers); @header("Location: index.php?page=$_GET[page]&s=$_GET[s]"); exit; } ?>