@Ghazascanner
_2019runbot
Ghazascanner File Manager
server :Linux adweb87 2.6.32-754.el6.x86_64 #1 SMP Tue Jun 19 21:26:04 UTC 2018 x86_64
Current Path :
/
home
/
sanchung
/
public_html
/
admin
/
_member
/
Path :
Upload File :
New :
File
Dir
/home/sanchung/public_html/admin/_member/proc.php
<? session_start(); include"$_SERVER[DOCUMENT_ROOT]/admin/_setup.php"; include_once("$_SERVER[DOCUMENT_ROOT]/admin/sms/nusoap_youiwe.php"); switch($motion){ case"excel": header( "Content-type: application/vnd.ms-excel" ); header( "Content-Disposition: attachment; filename=ȸ¿ø¸®½ºÆ®.xls" ); header( "Content-Description: PHP4 Generated Data" ); $res = $mysql->res("adw_member_form", "name, colm", "where excel='Y' order by step asc"); while($row = mysql_fetch_array($res)){ $_name[] = $row[name]; $_column[] = $row[colm]; } echo" <meta http-equiv=Content-Type content='text/html; charset=ks_c_5601-1987'> <style> .xl24{mso-number-format:\"\@\";} </style> <style> td { font-size:9pt;color:#000000;font-family:µ¸¿ò; } </style> <style> table {font-size:12px} </style> <table cellpadding='3' cellspacing='0' border='1'> <tr align='center'>"; while(list($key, $val) = each($_name)){ echo"<td>$val</td>"; } echo" </tr>"; if($column && $keyword) $addsql = " where $column like '%$keyword%' "; $res = $mysql->res("adw_member", "*", "$addsql order by num desc"); while($row = mysql_fetch_array($res)){ reset($_column); echo" <tr align='center'>"; while(list($key, $val) = each($_column)){ if($val == "addr"){ echo"<td>¿ì)$row[zip] $row[$val]</td>"; } else { echo"<td>$row[$val]</td>"; } } echo" </tr>"; } echo" </table>"; break; case"regist": if($_POST[pass1] && $_POST[pass1]==$_POST[pass2]) $_POST[pass] = $_POST[pass1]; $_POST[hp] = $_POST[hp1]."-".$_POST[hp2]."-".$_POST[hp3]; $_POST[tel] = $_POST[tel1]."-".$_POST[tel2]."-".$_POST[tel3]; $_POST[zip] = $_POST[zip1]."-".$_POST[zip2]; $_POST[jumin] = $_POST[jumin1]."-".$_POST[jumin2]; $mysql->insert("adw_member", $_POST); $lib->script_go("../index.htm?amode=member_list"); break; case"modify": if($_POST[pass1]) $_POST[pass] = $_POST[pass1]; $_POST[hp] = $_POST[hp1]."-".$_POST[hp2]."-".$_POST[hp3]; $_POST[tel] = $_POST[tel1]."-".$_POST[tel2]."-".$_POST[tel3]; $_POST[zip] = $_POST[zip1]."-".$_POST[zip2]; $_POST[jumin] = $_POST[jumin1]."-".$_POST[jumin2]; $mysql->update("adw_member", $_POST, "where userid='$_POST[userid]'", 0); $lib->script_go("../index.htm?amode=member_read&userid=$_POST[userid]&page=$page"); break; case"delete": $sql = "delete from adw_member where userid='$_GET[userid]' "; mysql_query($sql); $lib->script_go("../index.htm?amode=member_list&page=$page"); break; case"setup": $mysql->update("adw_member_cfg", $_POST, ""); $lib->script_go("../index.htm?amode=member_cfg"); break; case"member_mail": function SnowCheckMail($Email, $Debug=false){ if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $Email)) { $Return = "¿¡·¯ : {$Email}Àº ¿Ã¹Ù¸£Áö ¾ÊÀº ¸ÞÀÏ Çü½ÄÀÔ´Ï´Ù."; }else{ $Return = "È®ÀÎ : {$Email}Àº ¿Ã¹Ù¸¥ ¸ÞÀÏ Çü½ÄÀÔ´Ï´Ù."; } return $Return; } if($member == "ALL") { $chk = ""; $res = $mysql->res("adw_member", "num", "order by num DESC"); while($row = mysql_fetch_array($res)){ $chk[] = $row[0]; } } else { $chk = explode(",", $chk); } while(@list($k, $v) = @each($chk)){ $row = $mysql->row("adw_member", "*", "where num='$v'", 0); if($row[email]){ $v_email = $row[email]; $email = SnowCheckMail($v_email); $check[] = $email; $Return = $lib->mail_send($v_email, $subject, $content, $server_name, $server_mail); if($Return == false) $result[] = "N"; else $result[] = "Y"; } else { $result[] = "À̸ÞÀÏÀÌ ¾ø½À´Ï´Ù."; $check[] = "À̸ÞÀÏÀÌ ¾ø½À´Ï´Ù."; } $num[] = $v; } $r_num = @implode(",", $num); $r_result = @implode(",", $result); $r_check = @implode(",", $check); echo"<form name='rform' method='post' action='../index.htm'> <input type='hidden' name='amode' value='member_mail_result'> <input type='hidden' name='r_num' value='$r_num'> <input type='hidden' name='r_result' value='$r_result'> <input type='hidden' name='r_check' value='$r_check'> </form> <script> rform.submit(); </script>"; break; case"level_regist": if($_POST["level"] < 1) $lib->alert_back("ȸ¿øµî±ÞÀº 1º¸´Ù Å«¼ýÀÚ·Î ÀÔ·ÂÇØÁÖ¼¼¿ä"); $row = $mysql->row("adw_member_level", "num", "where level='$_POST[level]'"); if($row) $lib->alert_back("Áߺ¹µÈ ȸ¿ø µî±ÞÀÌ Á¸ÀçÇÕ´Ï´Ù. "); $mysql->insert("adw_member_level", $_POST); $lib->script_go("../index.htm?amode=member_level"); break; case"level_modify": if($_POST["level"] < 1) $lib->alert_back("ȸ¿øµî±ÞÀº 1º¸´Ù Å«¼ýÀÚ·Î ÀÔ·ÂÇØÁÖ¼¼¿ä"); $row = $mysql->row("adw_member_level", "num", "where level='$_POST[level]' && num!='$_POST[num]'"); if($row) $lib->alert_back("Áߺ¹µÈ ȸ¿ø µî±ÞÀÌ Á¸ÀçÇÕ´Ï´Ù. "); $mysql->update("adw_member_level", $_POST, "where num='$_POST[num]'"); $lib->script_go("../index.htm?amode=member_level"); break; case"level_delete": $row = $mysql->row("adw_member_level", "level", "where num='$_GET[num]'"); // ȸ¿ø»èÁ¦ $mysql->delete("adw_member", "where level='$row[level]'"); // ȸ¿øµî±Þ »èÁ¦ $mysql->delete("adw_member_level", "where num='$_GET[num]'"); $lib->script_go("../index.htm?amode=member_level"); break; case"form_regist": $row = $mysql->row("adw_member_form", "max(step)", ""); $_POST[step] = $row[0] + 1; $_POST[level] = "3"; if(!$_POST[input]) $_POST[input] = "N"; if($_POST[level] == "3"){ for($i=1; $i<=10; $i++){ $colm = ($i < 10) ? "temp0".$i : "temp".$i; $__row = $mysql->row("adw_member_form", "num", "where colm='$colm'"); if(!$__row){ $_POST[colm] = $colm; break; } } } $mysql->insert("adw_member_form", $_POST, 0); $lib->script_go("../index.htm?amode=member_form"); break; case"form_modify": $row = $mysql->row("adw_member_form", "*", "where num='$_POST[num]'", 0); if($_POST["step$_POST[num]"]) $_DATA[step] = $_POST["step$_POST[num]"]; if($_POST["name$_POST[num]"]) $_DATA[name] = $_POST["name$_POST[num]"]; if($_POST["colm$_POST[num]"]) $_DATA[colm] = $_POST["colm$_POST[num]"]; if($_POST["type$_POST[num]"]) $_DATA[type] = $_POST["type$_POST[num]"]; if($_POST["type_value$_POST[num]"]) $_DATA[type_value] = $_POST["type_value$_POST[num]"]; if($_POST["state$_POST[num]"]) $_DATA[state] = $_POST["state$_POST[num]"]; if($row[level] > 1){ if($_POST["input$_POST[num]"]) $_DATA[input] = $_POST["input$_POST[num]"]; else $_DATA[input] = "N"; } if($_POST["excel$_POST[num]"]) $_DATA[excel] = $_POST["excel$_POST[num]"]; else $_DATA[excel] = "N"; $mysql->update("adw_member_form", $_DATA, "where num='$_POST[num]'", 0); $lib->script_go("../index.htm?amode=member_form"); break; case"form_delete": //$row = $mysql->row("adw_member_form", "colm", "where num='$_GET[num]'"); $mysql->delete("adw_member_form", "where num='$_GET[num]'"); $lib->script_go("../index.htm?amode=member_form"); break; case"member_sms_setup": $mysql->update("adw_myinfo", $_POST, ""); $lib->script_go("../index.htm?amode=member_sms_setup"); break; case"member_sms": $_DATA[ordernum] = mktime()."-".rand(100,999); $_row = $mysql->row("adw_myinfo", "sms_id, sms_pw, sms_hp", ""); $snd_number = $_POST[from_hp]; //º¸³»´Â »ç¶÷ ¹øÈ£¸¦ ¹ÞÀ½ $sms_content = $_POST[message]; //Àü¼Û ³»¿ëÀ» ¹ÞÀ½ $sms_id = $_row[sms_id]; $sms_pwd = $_row[sms_pw]; $sms = new SMS(); //SMS °´Ã¼ »ý¼º if($member == "ALL") { $chk = ""; $res = $mysql->res("adw_member", "num", "order by num desc"); while($row = mysql_fetch_array($res)){ $chk[] = $row[0]; } } else { $chk = explode(",", $chk); } while(@list($k, $v) = @each($chk)){ $row = $mysql->row("adw_member", "*", "where num='$v'", 0); if($row[hp]){ $rcv_number = $row[hp]; echo $rcv_number; $result = $sms->SendSMS($sms_id, $sms_pwd, str_replace("-", "", $snd_number), str_replace("-", "", $rcv_number), $sms_content); $_DATA[shp] = $snd_number; $_DATA[rid] = $row[userid]; $_DATA[rname] = $row[name]; $_DATA[rhp] = $row[hp]; $_DATA[content] = $sms_content; $_DATA[result] = $result; $mysql->insert("adw_sms_result", $_DATA); } } $lib->script_go("../index.htm?amode=member_sms_result"); break; case"member_sms_delete": $sql = "delete from adw_sms_result where num='$num'"; @mysql_query($sql); $lib->script_go("../index.htm?amode=member_sms_data"); break; } ?>