KGRKJGETMRETU895U-589TY5MIGM5JGB5SDFESFREWTGR54TY
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17
System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64
User : nobody ( 99)
PHP Version : 5.2.17
Disable Function : NONE
Directory :  /home/queenjbs/www/member/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/queenjbs/www/member/join_proc.php
<?include "$DOCUMENT_ROOT/conf/conf_dir.php";?>
<meta http-equiv='Content-Type' content='text/html; charset=UTF-8' />
<?
	$pwd = md5("$pw");

	$username = mb_convert_kana($username, "rs", "utf-8"); //전각 영어 공백을 반각으로

	$tel			= $tel1."-".$tel2."-".$tel3;
	$tel = mb_convert_kana($tel, "a", "utf-8");//전각 숫자 반각숫자로
	$birthday		= $byear."-".$bmonth."-".$bday;
	$birthday = mb_convert_kana($birthday, "a", "utf-8");
	
	
	
if($idx){
	if($mode == "proc"){
		$qry = "update user set jname='$jname',jname2='$jname2', username='$username', nickname='$nickname', email='$email', password='$pwd',new_password_key='$pw',modified=now() where id = '$idx'";
		$qry_result = mysql_query($qry,$db_con);
		
		$qrys = "update user_profiles set tel='$tel',zip1='$zip1',zip2='$zip2',juso='$juso',birthday='$birthday' where user_id = '$idx'";
		$qrys_result = mysql_query($qrys,$db_con);

		if($pwd){
			$db_host_1 = "localhost";
			$db_user_1 = "queenjbs";
			$db_pass_1 = "jbs5642";
			$db_name_1 = "sihooCafe";
			$db_con_1 = mysql_connect($db_host_1, $db_user_1, $db_pass_1) or die(mysql_error());
			$db_sel_1 = mysql_select_db($db_name_1, $db_con_1) or die(mysql_error());

			$qrys = "UPDATE `sihooCafe`.`xe_member` SET `password` = '$pwd' WHERE `xe_member`.`member_srl` =$idx";
			$qrys_result = mysql_query($qrys,$db_con_1);
		}
	}else if($mode == "del"){
		$queryupok = "update user set activated='2',last_login=now() where id = '$idx'";
		$queryupok_result = mysql_query($queryupok,$db_con);	

		$formChk = "list";
	}
	echo "<script>alert('保存しました。');location.href='/member/?tab=12&tabs=10';</script>";
		
}else{
	$id = trim($id);
	$id  = strtolower($id);
	

	if($id){
		$idx ="";
		$id = mb_convert_kana($id, "ars", "utf-8");
		$idx = get_db("select id from user where userid='$id' order by id desc");
		if(!$idx){
			// 등록
			$querys = "INSERT INTO user
					(auth_code,userid,username,jname,jname2,nickname,password,new_password_key,email,created)
				VALUES
					('3','$id','$username','$jname','$jname2','$nickname','$pwd','$pw','$email',now())";
			$results = mysql_query($querys,$db_con);
			
			$idx = get_db("select id from user where userid='$id' and email='$email' order by id desc");

			$file_query = "INSERT INTO user_profiles
									(user_id,tel,zip1,zip2,juso,birthday)
								VALUES
									('$idx','$tel','$zip1','$zip2', '$juso','$birthday')";
	
			$result = mysql_query($file_query,$db_con);
		
			
			/*
			//module_name 2-JYJ, mode 1-회원가입 축하메일
			$mail_qry		= "SELECT * FROM mail_form where module_name = 2 and mode = 1";
			$mresult	= mysql_query($mail_qry,$db_con);
			$row		= mysql_fetch_array($mresult);

			$subject = $row[subject]; 
			$body = $username."様<br>";
			$body .= $row[contents];
			
			$to_email = $email;

			$from_email = $row[from_email];
			$from_name = $row[from_email]; //송신자 명

			$title = $subject; //송신자 명
			$from .= "From: JYJ Japan Official Website<".$from_email.">\n";
			$from .= "Return-Path: <".$from_email.">\n";
			$from .= "Content-Type: text/html; charset=Shift_JIS";
			$enc = iconv("Shift_JIS", "ISO-2022-JP", $title);
			$subject = "=?ISO-2022-JP?B?".base64_encode($enc) ."?=";

			$from .= "From: JYJ Japan Official Website<".$from_email.">\n";
			$from .= "Return-Path: <".$from_email.">\n";
			$from .= "Content-Type: text/html; charset=UTF-8";
			$enc = iconv("UTF-8", "ISO-2022-JP", $title);
			$subject = "=?ISO-2022-JP?B?".base64_encode($enc) ."?=";*/
			//mail("$to_email", "$subject", "$body", "$from");
			
			//가입축하합니다. 로그인 되게

			$S_IDX   		= $idx;
			$S_ID 	 		= $userid;
			$S_NAME 	 		= $username;
			$S_NNAME 	 		= $nickname;
			$S_LEVEL 		= 3;

			if( !$HTTP_SESSION_VARS[S_IDX] )   		session_register( "S_IDX" );
			if( !$HTTP_SESSION_VARS[S_ID] )	 	 	session_register( "S_ID" );
			if( !$HTTP_SESSION_VARS[S_NAME] )	 	session_register( "S_NAME" );
			if( !$HTTP_SESSION_VARS[S_NNAME] )		session_register( "S_NNAME" );
			if( !$HTTP_SESSION_VARS[S_LEVEL] ) 		session_register( "S_LEVEL" );

			echo "<script>alert('会員加入されました。');parent.location.href='/member/?tab=12&tabs=8';</script>";
			
		}else{
			//등록되어있는 아이디가 있다. 중복입력 방지 차원
			echo "<script>
						alert('IDが重複しています。再度ご入力下さい。');
					</script>";
		}
	

	
	}else{
		//ID 정보가 제대로 안넘어왔다.다시입력해달라.
		Alert_back('IDが間違っています。もう一度ご入力下さい。');
	}
}
?>

Anon7 - 2021