KGRKJGETMRETU895U-589TY5MIGM5JGB5SDFESFREWTGR54TY
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17
System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64
User : nobody ( 99)
PHP Version : 5.2.17
Disable Function : NONE
Directory :  /proc/21573/root/home/queenjbs/junsu/admin/Proc/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //proc/21573/root/home/queenjbs/junsu/admin/Proc/member_proc.php
<?include $_SERVER['DOCUMENT_ROOT']."/conf/conf_dir.php";
//include $_SERVER['DOCUMENT_ROOT']."/conf/conf_i.php";
?>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<?
	$pwd = md5("$pw");
	$tel			= $tel1."-".$tel2."-".$tel3;
	$birthday		= $byear."-".$bmonth."-".$bday;
	if($idx){
		if($mode == "proc"){
			$qry = "update user set userid = '$id',member_code='$member_code',kana_name1='$kana_name1', nickname='$nickname', email='$email', password='$pwd',new_password_key='$pw',memo='$memo',modified=now(),m_startdate='$m_startdate', m_enddate='$m_enddate',auth_code='$auth_code' where id = '$idx'";
			$qry_result = mysql_query($qry,$db_con);

			$res = Get_dbres("select * from user where id = '$idx'");
			$row	= mysql_fetch_array($res);
			$cash_chk = $row[cash_chk];
			$cash_cnt = $row[cash_cnt];
			if($cash_chk){
			$qryss = "update user_cash set startdate='$m_startdate',enddate='$m_enddate'  where id = '$cash_chk' and inning='$cash_cnt'";
			$qryss_result = mysql_query($qryss,$db_con);
			}




			//echo "<br>";
			$qrys = "update user_profiles set tel='$tel1',zip='$zip',juso='$juso',birthday='$birthday',hanja_name1 ='$hanja_name1' ,en_name1 ='$en_name1' where user_id = '$idx'";
			//exit;
			$qrys_result = mysql_query($qrys,$db_con);

			echo "<script>alert('保存しました。');location.href='../member_detail.php?idx=".$idx."';</script>";
		}else if($mode == "del"){
			$queryupok = "update user set activated='2',last_login=now() where id = '$idx'";
			$queryupok_result = mysql_query($queryupok,$db_con);

			//$cashqry = "delete from user_cash where user_id= '$idx'";
			//$cashqry_result = mysql_query($cashqry,$db_con);

			$formChk = "list";
			echo "<script>alert('脱退しました.。');location.href='../memberlist.php?act=$act';</script>";
		}
	}else{
		echo "<script>alert('error. reflesh');location.href='../memberlist.php?act=$act';</script>";
	}
?>

Anon7 - 2021