| Server IP : 172.67.216.113 / Your IP : 104.23.243.33 [ Web Server : Apache System : Linux cpanel01wh.bkk1.cloud.z.com 2.6.32-954.3.5.lve1.4.59.el6.x86_64 #1 SMP Thu Dec 6 05:11:00 EST 2018 x86_64 User : cp648411 ( 1354) PHP Version : 7.2.34 Disable Function : NONE Domains : 0 Domains MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /home2/cp648411/public_html/simded.com/cart/ |
Upload File : |
<?php
include('../include72/header.php');
//include('../include/class.php');
include('../include/sql_injection_get.php');
include("../include/mail.php");
?>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
/*
echo '<pre>';
print_r($_SESSION);
echo '</pre>';
*/
?>
<?php
$id = $runid_class->run_id('orders_runid');
$phone2 = str_replace('-', '', $_SESSION["phone"]);
$list_sip = array('table'=>'ems_type','where'=>'id = "'.$_SESSION["shipping"].'"','order'=> "ORDER BY id DESC");
$view_sip = $view_db->view($list_sip);
$row_sip = $view_db->q($view_sip);
$list_ji = array('table'=>'province','where'=>'id = "'.$_SESSION['province'].'"','order'=> "ORDER BY id DESC");
$view_ji = $view_db->view($list_ji);
$row_ji = $view_db->q($view_ji);
foreach ($_SESSION["cart"] as $key => $value)
{
$list = array('table'=>'phonenumber','where'=>'id = "'.$value.'"','order'=> "ORDER BY id DESC");
$view = $view_db->view($list);
$row = $view_db->q($view);
if($row){
$total = $total + $row['price'];
}else{
$list = array('table'=>'carregistration','where'=>'carregistration = "'.$value.'"','order'=> "ORDER BY id DESC");
$view = $view_db->view($list);
$row = $view_db->q($view);
$total = $total + $row['price'];
}
}
$total = $total+$row_ji["price"];
$list = array(
'table'=>'orders',
'id'=>"'".@$id."'",
'id_mem'=>"'".@$_SESSION['simDed_id']."'",
'name'=>"'".@$_SESSION["name"]."'",
'lastname'=>"'".@$_SESSION["lastname"]."'",
'phone'=>"'".@$phone2."'",
'email'=>"'".@$_SESSION["email"]."'",
'address'=>"'".@$_SESSION["address"]."'",
'province'=>"'".@$row_ji["name"]."'",
'delivery'=>"'".@$row_sip["name"]."'",
'delivery_id'=>"'".@$row_sip["id"]."'",
'delivery_p'=>"'".@$row_sip["price"]."'",
'total'=>"'".@$total."'",
'zipcode'=>"'".@$_SESSION["zip"]."'",
'status'=>'1',
'createdate'=>"'".$date."'",
'up_date'=>"'".$date."'"
);
$add1 = $actiondata_db->add_db($list);
foreach ($_SESSION["cart"] as $key => $value)
{
$list = array('table'=>'phonenumber','where'=>'id = "'.$value.'"','order'=> "ORDER BY id DESC");
$view = $view_db->view($list);
$row = $view_db->q($view);
if($row){
$list = array(
'table'=>'order_detail',
'id_order'=>"'".@$id."'",
'id_pho'=>"'".@$value."'",
'id_shop'=>"'".@$row["id_shop"]."'",
'price'=>"'".@$row["price"]."'",
);
$add = $actiondata_db->add_db($list);
$list2 = array(
'table'=>'phonenumber',
'id'=>$value,
'status'=>'2',
'up_date'=>$date
);
$add2 = $actiondata_db->edit_db($list2);
}else{
$list = array('table'=>'carregistration','where'=>'carregistration = "'.$value.'"','order'=> "ORDER BY id DESC");
$view = $view_db->view($list);
$row = $view_db->q($view);
$list = array(
'table'=>'order_detail',
'id_order'=>"'".@$id."'",
'id_pho'=>"'".@$value."'",
'id_shop'=>"'".@$row["id_shop"]."'",
'price'=>"'".@$row["price"]."'",
);
$add = $actiondata_db->add_db($list);
$list2 = array(
'table'=>'carregistration',
'carregistration'=>$value,
'status'=>'2',
'up_date'=>$date
);
$add2 = $actiondata_db->edit_db($list2);
}
}
$total = 0;
$tb_order = '';
foreach ($_SESSION["cart"] as $key => $value)
{
$list = array('table'=>'phonenumber','where'=>'id = "'.$value.'"','order'=> "ORDER BY id DESC");
$view = $view_db->view($list);
$row = $view_db->q($view);
if($row){
$phonenumber = $Phone_class->format_phonenumber($row['phonenumber'],$row['format']);
$row_mobilenetwork = $actiondata_db->q_one('mobilenetwork','id = "'.$row['mobilenetwork'].'"','image');
$list_shr = array('table'=>'shop','where'=>'id = "'.$row['id_shop'].'" ');
$view_shr = $view_db->view($list_shr);
$row_shr = $view_db->q($view_shr);
}else{
$list = array('table'=>'carregistration','where'=>'carregistration = "'.$value.'"','order'=> "ORDER BY id DESC");
$view = $view_db->view($list);
$row = $view_db->q($view);
$phonenumber = $row['carregistration'];
$row_mobilenetwork = '';
$list_shr = array('table'=>'shop','where'=>'id = "'.$row['id_shop'].'" ');
$view_shr = $view_db->view($list_shr);
$row_shr = $view_db->q($view_shr);
}
$tb_order = $tb_order . '
<tr>
<td><div><a href="'. $upload .$row_shr['codeshop'] .'">'.$row_shr['nameShop'].' </a></div></td>
<td><div>'.$phonenumber.' </div></td>
<td><div><img src="'. $upload.'/mobilenetwork/'.$row_mobilenetwork.'" width="50"></div></td>
<td><div>'. number_format($row['price']) .'</div></td>
</tr>';
$total = $total + $row['price'];
$arr_shopid[] = $row_shr['id'];
}
$arr_shopid = array_unique($arr_shopid);
foreach ($arr_shopid as $key => $value)
{
$list_shr = array('table'=>'shop','where'=>'id = "'.$value.'" ');
$view_shr = $view_db->view($list_shr);
$row_shr = $view_db->q($view_shr);
$shopdetail = $row_shr['nameShop'] .'<br>'. $row_shr['addressshop'] .'<br>'.$row_shr['email'] .'<br>'.$row_shr['phone'].'<br>'. $shopdetail ;
$email_shop = $row_shr['email'].','.$email_shop;
}
$email_shop = $rest = substr($email_shop, 0, -1);
$shopdetail = 'ข้อมูลทางร้าน <br><br>'.$shopdetail;
$sip=$row_sip['price'];
$sumtotal = $total + $sip ;
$tb_order2 ='
<table width="100%" border="0">
<tr style="border-bottom:1px solid #f4eedc;padding-bottom:10px;color:#000;font-size:20px;">
<td> ราคารวม </td>
<td>'. number_format($total).' บาท</td>
</tr>
<tr style="border-bottom:1px solid #f4eedc;padding-bottom:10px;color:#66be89;font-size:20px;">
<td> '.$row_sip['name'].' </td>
<td>'.number_format($sip).' บาท</td>
</tr>
<tr style="border-bottom:1px solid #f4eedc;padding-bottom:10px;color:#F00;font-size:20px;">
<td> ราคารวม </td>
<td>'. number_format($sumtotal).' บาท </td>
</tr>
</table>
';
?>
<?php
$body =
'<table width="100%" border="0" cellpadding="10" style="font-size:18px;">
<tr>
<td><img src="../images/Logo.png" width="200"></td>
<td>'.$util_class->day_m_th($date).'</td>
</tr>
<tr>
<td colspan="2">เรียนผู้ใช้บริการ</td>
</tr>
<tr>
<td colspan="2">คุณ '.$_SESSION["name"]. ' '.$_SESSION["lastname"].' <br>
'.$_SESSION["address"].' <br>
จ. '.$row_ji["name"].' '.$_SESSION["zip"].' <br>
โทร. '.$_SESSION["phone"].' <br>
Email : '.$_SESSION["email"].'<br>
</td>
</tr>
</table>
<br><br>
<table width="100%" border="1" cellpadding="10" style="font-size:18px;border:1px solid #666 ">
<thead>
<tr>
<th>ร้านค้า</th>
<th width="25%">เบอร์ที่สั่งซื้อ</th>
<th width="20%">เครือข่าย</th>
<th width="25%">ราคา/บาท</th>
</tr>
</thead>
<tbody>
'.$tb_order.'
</tbody>
</table>
'.$tb_order2.
'<br>'.
'รอทางร้านดำเนินการ 24-48ชั่วโมง'.'<br><br>'.
$shopdetail.
'<br><br>'.$contact;
$body = $body;
$mail->SetFrom($from, $from);
$mail->AddReplyTo($from, $from);
$mail->MsgHTML($body);
$txt = $txtname. ' :: ยืนยันการสั่งซื่อ ';
$mail->Subject = $txt;
$mail->AddAddress($_SESSION["email"]); // ผู้รับ
$mail->AddAddress($email_shop); // ผู้รับ
$mail->AddAddress("[email protected]", "onnud"); // ผู้รับคนที่สอง
//exit();
if(!$mail->Send())
{
$_SESSION['er'] = 'false';
echo "<br> Mailer Error: " . $mail->ErrorInfo;
exit();
}
//print_r($body);
unset($_SESSION["cart"]);
unset($_SESSION["num_cart"]);
unset($_SESSION["phone"]);
unset($_SESSION["shipping"]);
unset($_SESSION["province"]);
unset($_SESSION["name"]);
unset($_SESSION["lestname"]);
unset($_SESSION["email"]);
unset($_SESSION["address"]);
unset($_SESSION["zip"]);
?>
<?php $or_id = str_pad($id,5,"0",STR_PAD_LEFT);?>
<meta http-equiv="refresh" content="0;URL=cart_true.php?order=<?php echo $or_id; ?>" />