One Hat Cyber Team
Your IP :
216.73.216.152
Server IP :
27.254.111.200
Server :
Linux wh-sh59.csloxinfo.com 3.10.0-693.5.2.el7.x86_64 #1 SMP Fri Oct 20 20:32:50 UTC 2017 x86_64
Server Software :
Apache
PHP Version :
5.5.38
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
var
/
www
/
vhosts
/
oakwine.co.th
/
httpdocs
/
controller
/
View File Name :
memberController.php
<?php SYS::DOMAIN("Member"); $action = isset($_GET["action"]) ? $_GET["action"] : null ; switch ($action) { case "save" : //unset($_POST['pass2']); $pass = isset($_POST['password']) ? md5($_POST['password']) : ""; if ($pass!=""){$_POST['password'] = $pass;} if (isset($_POST['birthday'])){ $_POST['birthday'] = strtotime($_POST['birthday']); } $memberInstance = new Member(); $excute = $memberInstance->save($_POST); if($excute) { $memberInstance->lastRow(); header("location:?page=Member/show&id=$memberInstance->id"); } break; case "update" : $memberInstance = new Member(); $memberInstance->get($_GET["id"]); $pass = isset($_POST['password']) ? md5($_POST['password']) : ""; if ($pass!=""){$_POST['password'] = $pass;} if (isset($_POST['birthday'])){ $_POST['birthday'] = strtotime($_POST['birthday']); } $newPass = isset($_POST['newPass']) ? md5($_POST['newPass']) : ""; if ($newPass!=""){ if ($memberInstance->password==$pass){ $_POST['password'] = $newPass; unset($_POST['newPass']); unset($_POST['passwordConfirm']); } else{echo '<script language="javascript">alert("Incorrect password!");window.location.href = "?page=Member/changePassword"</script>';exit();} } $excute = $memberInstance->update($_POST); if($excute) { if (isset($_GET['act'])){ echo '<script language="javascript">window.location.href = "?page=Member/account"</script>'; }else{ header("location:?page=Member/show&id=$memberInstance->id"); } } break; case "delete" : $memberInstance = new Member(); $memberInstance->get($_GET["id"]); $excute = $memberInstance->delete(); if($excute) { header("location:?page=Member/list"); } break; case "register" : $memberInstance = new Member(); $numrow = $memberInstance->count(array("condition"=>"email='".$_POST['email']."'")); $_POST['birthday'] = $_POST['birthday_d']."/".$_POST['birthday_m']."/".$_POST['birthday_y']; unset($_POST['birthday_d']); unset($_POST['birthday_m']); unset($_POST['birthday_y']); if ($numrow>0){ echo "<script>alert('Email ".$_POST['email']." is already in use');</script>"; }else{ $_POST["password"] = md5($_POST["password"]); $_POST['birthday'] = strtotime($_POST['birthday']); $excute = $memberInstance->save($_POST); if($excute) { $memberInstance->lastRow(); $_SESSION['member']['id'] = $memberInstance->id; $_SESSION['member']['email'] = $memberInstance->email; $_SESSION['member']['name'] = $memberInstance->name; $_SESSION['member']['lastname'] = $memberInstance->lastname; header("location:?page=Member/account"); } } break; case "login" : $password = md5($_POST['password']); $sql = "select * from member where email = '".$_POST['username']."' AND password = '".$password."'"; $memberInstance = new Member(); $memberInstance->find(array("condition"=>"email = '".$_POST['username']."' AND password = '".$password."'")); $data = $memberInstance; if ($data->id!=""){ $_SESSION['member']['id'] = $data->id; $_SESSION['member']['email'] = $data->email; $_SESSION['member']['name'] = $data->name; $_SESSION['member']['lastname'] = $data->lastname; if ($data->gender && $data->address && $data->province && $data->zipCode && $data->tel){ echo "<script>;window.location.href = 'index.php';</script>"; }else{ echo "<script>;window.location.href = '?page=Member/update';</script>"; } }else{ echo "<script>alert('Can not find your data!');window.location.href = '?page=Member/login';</script>"; } break; case "logout" : unset($_SESSION['member']); unset($_SESSION['addressSend']); header("location:index.php"); break; } ?>