%PDF-
%PDF-
Mini Shell
Mini Shell
<?php
//error_reporting(-1); //report all error!
include_once("security.php");
include_once("db.php");
//[member]
//for delete only
if(isset($_GET["id"])){
if($_GET["id"]!=""){
$id = $_GET["id"];
$sql = "DELETE FROM sa_member WHERE id='$id'";
mysql_query($sql);
header("Location: http://" .$_SERVER['HTTP_HOST'] . str_replace("/api", "", dirname($_SERVER['PHP_SELF'])) ."/member.php");
} else {
header("Location: http://" .$_SERVER['HTTP_HOST'] . str_replace("/api", "", dirname($_SERVER['PHP_SELF'])) ."/400.php");
}
} else {
//for create, update,
//for search
if(isset($_POST["act"])){
$act = trim($_POST["act"]);
if($act=="search"){
$member_uid = trim($_POST["member_uid"]);
$_SESSION["search_member_id"] = "";
$_SESSION["search_member_input"] = $member_uid;
$sql = "SELECT * FROM sa_member WHERE username='$member_uid'";
$mysql_result = mysql_query($sql, $connection);
$num_rows = mysql_num_rows($mysql_result);
if($num_rows>=1){
while($row = mysql_fetch_array($mysql_result)){
$member_id = $row["id"];
$_SESSION["search_member_id"] = $member_id;
$_SESSION["search_member_uid"] = $row["username"];
}
} else {
unset($_SESSION["search_member_id"]);
}
header("Location: http://" .$_SERVER['HTTP_HOST'] . str_replace("/api", "", dirname($_SERVER['PHP_SELF'])) ."/transaction_ce.php");
} else {
$referral_id = trim($_POST["referral_id"]);
if($act=="create"){
$username = trim($_POST["username"]);
$pwd = sha1(trim($_POST["pwd"]));
}
$status = trim($_POST["status"]);
$member_level = trim($_POST["member_level"]);
$full_name = trim($_POST["full_name"]);
$gender = trim($_POST["gender"]);
$dob = trim($_POST["dob"]);
$email = trim($_POST["email"]);
$phone_number = trim($_POST["phone_number"]);
$address = trim($_POST["address"]);
$city = trim($_POST["city"]);
$postcode = trim($_POST["postcode"]);
$account_name = trim($_POST["account_name"]);
$account_number = trim($_POST["account_number"]);
$bank_agent_name = trim($_POST["bank_agent_name"]);
$agent_account_number = trim($_POST["agent_account_number"]);
if($act=="create"){
$sql = "INSERT INTO sa_member (referral_id,username,pwd,status,member_level,full_name,gender,dob,
email,phone_number,address,city,postcode,account_name,account_number,bank_agent_name,
agent_account_number,created_date) VALUES ('$referral_id','$username','$pwd','$status','$member_level','$full_name','$gender','$dob',
'$email','$phone_number','$address','$city','$postcode','$account_name','$account_number','$bank_agent_name',
'$agent_account_number',now())";
mysql_query($sql);
header("Location: http://" .$_SERVER['HTTP_HOST'] . str_replace("/api", "", dirname($_SERVER['PHP_SELF'])) ."/member.php");
} else if($act=="update"){
$id = trim($_POST["id"]);
$sql = "UPDATE sa_member SET referral_id='$referral_id',status='$status',member_level='$member_level',full_name='$full_name',gender='$gender',dob='$dob',
email='$email',phone_number='$phone_number',address='$address',city='$city',postcode='$postcode',account_name='$account_name',account_number='$account_number',bank_agent_name='$bank_agent_name',
agent_account_number='$agent_account_number', last_updated=now() WHERE id='$id'";
mysql_query($sql);
header("Location: http://" .$_SERVER['HTTP_HOST'] . str_replace("/api", "", dirname($_SERVER['PHP_SELF'])) ."/member.php");
}
}
/*
id
referral_id
username
pwd
status
member_level
full_name
gender
dob
email
phone_number
address
city
postcode
account_name
account_number
bank_agent_name
agent_account_number
+
ipaddr
last_login
created_date
last_updated
*/
} else {
header("Location: http://" .$_SERVER['HTTP_HOST'] . str_replace("/api", "", dirname($_SERVER['PHP_SELF'])) ."/400.php");
}
}
?>
Zerion Mini Shell 1.0