KGRKJGETMRETU895U-589TY5MIGM5JGB5SDFESFREWTGR54TY
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17
System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64
User : nobody ( 99)
PHP Version : 5.2.17
Disable Function : NONE
Directory :  /home/queenjbs/junsu/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/queenjbs/junsu/store_order_proc.php
<?include "$DOCUMENT_ROOT/conf/conf_dir.php";?>
<meta http-equiv='Content-Type' content='text/html; charset=UTF-8' />
<?
//include "$DOCUMENT_ROOT/conf/conf_i.php";
//exit;
//$category_num 0 -> 유료회원, 1 -> 무료회원, 2 ->둘다 살수있음.

//회원이 아니면 회원로그인
if($sessionIDX == "0" || $sessionIDX == ""){
		LoginCheck();
		exit;
}

//상품한번만 살수 있게
$uid = get_db("SELECT A.uid FROM shop_order A ,shop_ordergoods B WHERE A.uid = B.parent and B.goodsuid='$goodsuid' and B.mbruid='$sessionIDX' and A.orderstep < 6");

if($uid) {
	echo"<script>alert('既に予約しました.');location.href='/mypage_goods.php';</script>";
	exit;
}



//굿즈 수량체크
if($goodsuid == 6){
		$buycount = count($buynum);
		for($i=0;$i< $buycount ;$i++)
		{
			//$goodsuid
			//$optNum[$i]
			//option에 1이 아니여야함.
			$res2 = Get_dbres("select * from shop_product_opt  where product_prt = '$goodsuid' and uid = $optNum[$i]");
			$row2	= mysql_fetch_array($res2);
			if($row2[display] == 1){
				//솔드아웃
				echo"<script>alert('".$row2[optName]." SOLD OUTとなりました。');location.href='/store.php';</script>";
				exit;
			}else{
				//현재 예약된 수량
				$sumbuynum = Get_db("select sum(buynum) from shop_ordergoods where goodsuid = '$goodsuid' and options = $optNum[$i] and orderstep in (1,2)");
				if($row2[amount] <= $sumbuynum){
					$queryupok = "update shop_product_opt set display = '1' where product_prt = '$goodsuid' and uid = $optNum[$i]";
					$queryupok_result = mysql_query($queryupok,$db_con);

					echo"<script>alert('".$row2[optName]." SOLD OUTとなりました。');location.href='/store/?tab=8&tabs=1';</script>";
					exit;
				}
			}
			//echo $row2[optName]."총수량:".$row2[amount]." 예약한 수량:".$sumbuynum."<br/>";


		}

		//exit;
}


//$nan_tmp ="M";
if($mode == "order_proc" && $sessionIDX){
	//예약번호
	$nan = explode(' ',microtime());
	$tmpNan = substr_replace($nan[1],"2",0,1); // 앞자리를 2로 치환함.
	$_cartid = "KJ".$tmpNan.substr($nan[0],2,3);
	// 예약함.
	$orderstep = "1";
	$o_email = trim($o_email);

	//결제체크
	$ckind = "1";
	$bank ="株式会社三菱UFJ銀行";

	$query = "INSERT INTO `shop_order`
	(`uid`, `orderid`, `orderstep`, `price`, `tack`, `goodsuid`,`mbruid`,
	`o_name`, `o_email`, `o_tel`, `o_zip`, `o_addr`, `r_name`, `r_email`,`r_tel`, `r_zip`, `r_addr`,
	`ckind`, `bank`, `b_name`, `escr`,`memo`, `d_regis`, `d_bank`, `d_tack`, `is_mobile`)

		VALUES

	(NULL, '$_cartid', '$orderstep', '$total_price','$deliradio','$goodsuid','$sessionIDX',
	'$o_name', '$o_email','$o_tel','$o_zip','$o_addr','$r_name', '$r_email','$r_tel', '$r_zip', '$r_addr',
	'$ckind', '$bank', '$b_name', '$escr', '$memo','$date[totime]', '', '', '0')";

	$result = mysql_query($query,$db_con);
	//부모 idx 값 가져오기
	$p_idx = get_db("select uid from shop_order where mbruid='$sessionIDX' and orderid='$_cartid'");

	if($p_idx)
	{
	//상품등록 나중에 for문으로 등록
	//echo "<br><br>";
	$buycount = count($buynum);
		for($i=0;$i< $buycount ;$i++)
		{
			// option
			$sub_query = "INSERT INTO `shop_ordergoods`
			(`uid`, `parent`, `mbruid`, `orderstep`, `goodsuid`, `goodsname`, `options`, `buynum`, `price`,`d_regis`, `d_bank`, `d_tack`)
				VALUES
			(NULL, '$p_idx', '$sessionIDX', '$orderstep', '$goodsuid', '$optName[$i]', '$optNum[$i]', '$buynum[$i]', '$goodPrice[$i]','$date[totime]',  '', '')";
		//echo "$sub_query<br>";

		$result = mysql_query($sub_query,$db_con);

		}

	//입금메일
	//$mail1 = get_db("select mail1 from shop_product where uid='$goodsuid'");
	}
//$regdate = substr($date[totime],0,4)."-".substr($date[totime],4,2)."-".substr($date[totime],6,2);
	/*if($o_email){
	8$content=$o_name."様<br>
こんにちは。<br>
JYJ Japan Official Fanclubです。<br>
<br>
ご注文いただき誠にありがとうございます。<br>
下記の通りご予約を受け付けいたしました。<br>
<br>
日付: ".$regdate."<br>
予約番号:".$_cartid."<br>
商品名: ".$goodsname."<br>
数量: ".$buynum."個<br>
価格(税込):".number_format($goodPrice)." 円<br>
配送料:".number_format($deli_price)." 円<br>
<br>
決済料金(税込):".number_format($total_price)."<br>
<br>
".stripslashes($mail1)."

<br/>
<br/>
	";

	$from .= "From: JYJ Japan Official<jyjjapan@c-jes.com>\n";
	$from .= "Return-Path: <jyjjapan@c-jes.com>\n";
	$from .= "Content-Type: text/html; charset=utf-8";
	$subject = "JYJ MEMBERSHIP GOODS INFO";
	mail($o_email, $subject, $content, $from);

	}*/
mysql_close();
}else{
echo "<script>alert('情報が正しくありません。再予約してください。');document.location.href='./store.php?tmp_no=$goodsuid;</script>";
}


echo "<script>alert('商品注文になりました.');document.location.href='./mypage_goods.php';</script>";
?>

Anon7 - 2021