hkfuk
(hkfuk)
高级会员
版主
UID 13502
精华
1
积分 915
帖子 890
金钱 905 喜悦币
威望 10
人脉 0
阅读权限 50
注册 2002-3-30
来自 HongKong
状态 离线
|
[推荐阅读] 没事来看看
我在上年都寫了一個^^'
<?php
session_start();
require("config.php");
$action=$_GET['action'];
if($action=="checkout"||$action=="order_status"||$action=="view_order_status"){
if($_SESSION['user']==""){
showmessage("Please log in first","index.php");
}
}
if($action==""){
$title="Home";
@include("tpl/index.tpl.php");
}elseif($action=="register"){
$title="Register";
@include("tpl/register.tpl.php");
}elseif($action=="do_register"){
$_POST=slash($_POST);
register($_POST);
}elseif($action=="currency"){
$_SESSION['currency']=$_GET['currency'];
header("Location: index.php?action=".$_GET['action1']."&id=".$_GET['id']);
}elseif($action=="logout"){
logout();
}elseif($action=="do_login"){
$_POST=slash($_POST);
member_login($_POST['email'],$_POST['pw']);
}elseif($action=="forgot_pw"){
$title="Forgot Password";
@include("tpl/forgot_pw.tpl.php");
}elseif($action=="send_pw"||$action=="send_code"){
$username=slash($_POST['username']);
if($username==""){
showmessage("Your email address is required!");
}else{
if(check_user($username)==false){
showmessage("The username is incorrent!|Please input again!");
}
if($action=="send_pw"){
$query=mysql_query("select pw from ${prefix}member where username='$username'");
}else{
$query=mysql_query("select code from ${prefix}member where username='$username'");
}
$result=mysql_fetch_array($query);
if($action=="send_code"){
if($result['code']==""){
showmessage("The account has been active!");
}else{
sendmail($username,$result['code']);
showmessage("The active code has been sent,please check your email.","index.php");
}
}else{
@mail($username," [ ".$homepage['name']." ] Forgot Password","Hello $username,<br>Your account information is :<br>Username: <b>$username</b><br>Password: <b>".$result['pw']."</b><br>","Content-type:text/htmlrnFrom:".$homepage['name']."rn");
showmessage("Your password has been sent,please check your email!","index.php");
}
}
}elseif($action=="active_account"){
$code=slash($_GET['code']);
$username=slash($_GET['username']);
if($code==""||$username==""){
showmessage("Oops..Somthing goes wrong.please try again!");
}else{
$query=mysql_query("select count(username) from ${prefix}member where username='$username'&&code='$code'");
$result=mysql_result($query,0);
if($result!=0){
$query=mysql_query("update ${prefix}member set code='' where username='$username'");
if($query==true){
showmessage("Congratulations.|You have been active your account successfully!","index.php");
}else{
showmessage("Oops,something goes wrong.please try again");
}
}else{
showmessage("The active code is invalid or the account has been actived!");
}
}
}elseif($action=="edit_profile"){
if($_SESSION['user']==""){
showmessage("Please log in first");
}
$title="Edit Profile";
$query=mysql_query("select * from ${prefix}member where username='".$_SESSION['user']."'&&pw='".$_SESSION['pw']."'");
$user=mysql_fetch_array($query);
if($user['username']==""){
$_SESSION['user']="";
$_SESSION['pw']="";
showmessage("Username or Password is invaild!","index.php");
}else{
$user=slash($user);
$user['reg_date']=date("Y-m-d H:i:s",$user['reg_date']);
for($i=0;$i<count($country);$i++){
if(strtolower($user['country'])==strtolower($country[$i])){
${"country".$i}="selected";
$tmp=true;
}else{
continue;
}
}
if($tmp==true){
$country_other="selected";
$user['country1']=$user['country'];
}
unset($tmp);
}
include("tpl/edit_profile.tpl.php");
}elseif($action=="do_edit_profile"){
$_POST['username']=$_SESSION['user'];
$_POST=slash($_POST);
update_user($_POST);
}elseif($action=="mp3_player"){
$title="Mp3 Player List";
}elseif($action=="faq"){
$title="FAQ";
@include("tpl/faq.tpl.php");
}elseif($action=="search"){
$title="Search Products";
@include("tpl/search.tpl.php");
}elseif($action=="do_search"||$action=="do_flash_search"){
$title="Search result";
if($action=="do_flash_search"){
$_GET['recordable']=$_GET['voice'];
$list=search_engine($_GET);
}else{
$list=search_engine($_POST);
}
@include("tpl/search_result.tpl.php");
}elseif($action=="mp3_list"){
$title="Mp3 Player List";
$current_page=($_GET['page']=="")?0:$_GET['page']-1;
$limit=12;
$start=$limit*$current_page;
$divide_page=divide_page($total,$limit,$current_page,"admin.php?action=products_manager");
$query=mysql_query("select count(id) from ${prefix}product where type=0");
$total=mysql_result($query,0);
$query=mysql_query("select id,name,price,picture from ${prefix}product where type=0 order by id desc limit $start,$limit");
$list=array("");
while($tmp=mysql_fetch_array($query)){
$tmp['name']=(strlen($tmp['name'])>=12)?substr($tmp['name'],0,12)."...":$tmp['name'];
$tmp['picture']=explode("|d|",$tmp['picture']);
$tmp['picture']=$photo_url.$tmp['picture'][0];
$tmp['price']=showprice($tmp['price']);
$list[]=slash($tmp);
}
include("tpl/mp3_list.tpl.php");
}elseif($action=="view_info"){
$title="View Mp3 Player's Info";
$id=slash($_GET['id']);
if($id==""){
showmessage("The item id is required!!");
}else{
$query=mysql_query("select * from ${prefix}product where id='$id'");
$tmp=mysql_fetch_array($query);
$tmp['picture']=explode("|d|",$tmp['picture']);
$tmp['name']=($tmp['name']=="")?"Nil":$tmp['name'];
$tmp['model_no']=($tmp['model_no']=="")?"Nil":$tmp['model_no'];
$tmp['description']=($tmp['description']=="")?"Nil":nl2br($tmp['description']);
$tmp['price']=showprice($tmp['price']);
$tmp['radio']=($tmp['radio']==1)?"Yes":"No";
$tmp['recorder']=($tmp['recorder']==1)?"Yes":"No";
$tmp['voice_recordable']=($tmp['voice_recordable']==1)?"Yes":"No";
$tmp=slash($tmp);
}
include("tpl/view_info.tpl.php");
}elseif($action=="add_item"){
$title="Add a Mp3 player to your cart";
$id=slash($_GET['id']);
if($id==""){
showmessage("The item id is required!!");
}else{
$query=mysql_query("select id,price,model_no,name,storage,color from ${prefix}product where id='$id'");
$tmp=mysql_fetch_array($query);
$tmp['model_no']=($tmp['model_no']=="")?"Nil":$tmp['model_no'];
$tmp['storage']=($tmp['storage']<1)?"Nil":$tmp['storage']." MB";
$tmp['color']=($tmp['color']=="")?array("Default"):explode(",",$tmp['color']);
$tmp['price']=showprice($tmp['price']);
@include("tpl/add_item.tpl.php");
}
}elseif($action=="do_add_item"){
$id=slash($_POST['id']);
$quantity=slash($_POST['quantity']);
$color=slash($_POST['color']);
if($id==""||$quantity==""){
showmessage("Item ID and Quantity are required!");
}else{
$_SESSION['cart'][$id]=array("id"=>$id,"quantity"=>$quantity,"color"=>$color);
showmessage("You have been add the item to your cart","?action=view_cart");
}
}elseif($action=="view_cart"){
if(is_array($_SESSION['cart'])==false){
$_SESSION['cart']=array();
}
$title="Your Shopping Cart";
$list=array();
$amount=0;
$n=0;
while(list($key,$val) = each($_SESSION['cart'])){
$id=$_SESSION['cart'][$key]['id'];
if($id==""){
continue;
}
$quantity=$_SESSION['cart'][$key]['quantity'];
$n+=$quantity;
$query=mysql_query("select price,name ,id,type from ${prefix}product where id='$id'");
$result=mysql_fetch_array($query);
$amount+=$result['price']*$quantity;
$result['name']=(strlen($result['name'])>=12)?substr($result['name'],0,14)."...":$result['name'];
$result['subtotal']=showprice($result['price']*$quantity);
$result['price']=showprice($result['price']);
$result['quantity']=$quantity;
$result['color']=$_SESSION['cart'][$key]['color'];
$result['url']=($result['type']==0)?"?action=view_info&id=".$result['id']:"?action=view_acc_info&id=".$result['id'];
$list[]=$result;
}
$shipping_fee=shipping_fee($n);
$amount=showprice($amount+$shipping_fee);
$shipping_fee=showprice($shipping_fee);
include("tpl/view_cart.tpl.php");
}elseif($action=="update_cart"){
$_POST=slash($_POST);
while(list($key,$value)=each($_POST)){
$key=str_replace("'","",$key);
$$key=$value;
}
for($i=0;$i<count($del);$i++){
unset($_SESSION['cart'][($del[$i])]);
}
while(list($key,$val)=each($quantity)){
$key=str_replace("'","",$key);
if($_SESSION['cart'][$key]['id']!=""&&$val>=1){
$_SESSION['cart'][$key]['quantity']=$val;
}else{
unset($_SESSION['cart'][$key]);
}
}
showmessage("You have been updaing your shopping cart!","?action=view_cart");
}elseif($action=="acc"){
$title="Accessories";
$current_page=($_GET['page']=="")?0:$_GET['page']-1;
$limit=16;
$start=$limit*$current_page;
$divide_page=divide_page($total,$limit,$current_page,"admin.php?action=products_manager");
$query=mysql_query("select count(id) from ${prefix}product where type=1");
$total=mysql_result($query,0);
$query=mysql_query("select id,name,price,picture from ${prefix}product where type=1 order by id desc limit $start,$limit");
$list=array("");
while($tmp=mysql_fetch_array($query)){
$tmp['name']=(strlen($tmp['name'])>=12)?substr($tmp['name'],0,12)."...":$tmp['name'];
$tmp['picture']=explode("|d|",$tmp['picture']);
$tmp['picture']=$photo_url.$tmp['picture'][0];
$tmp['price']=showprice($tmp['price']);
$list[]=slash($tmp);
}
@include("tpl/acc.tpl.php");
}elseif($action=="cs"){
$title="Customer Services";
@include("tpl/cs.tpl.php");
}elseif($action=="view_acc_info"){
$title="View Mp3 Player's Info";
$id=slash($_GET['id']);
if($id==""){
showmessage("The item id is required!!");
}else{
$query=mysql_query("select * from ${prefix}product where id='$id'");
$tmp=mysql_fetch_array($query);
$tmp['picture']=explode("|d|",$tmp['picture']);
$tmp['name']=($tmp['name']=="")?"Nil":$tmp['name'];
$tmp['model_no']=($tmp['model_no']=="")?"Nil":$tmp['model_no'];
$tmp['description']=($tmp['description']=="")?"Nil":nl2br($tmp['description']);
$tmp['price']=showprice($tmp['price']);
$tmp=slash($tmp);
}
include("tpl/view_acc_info.tpl.php");
}elseif($action=="checkout"){
$title="Checkout(Pay by PAYPAL)";
if(is_array($_SESSION['cart'])==false){
$_SESSION['cart']=array();
}
$title="Your Shopping Cart";
$list=array();
$amount=0;
$n=0;
while(list($key,$val) = each($_SESSION['cart'])){
$id=$_SESSION['cart'][$key]['id'];
if($id==""){
continue;
}
$quantity=$_SESSION['cart'][$key]['quantity'];
$n+=$quantity;
$query=mysql_query("select price,name ,id,type from ${prefix}product where id='$id'");
$result=mysql_fetch_array($query);
$amount+=$result['price']*$quantity;
$result['name']=(strlen($result['name'])>=12)?substr($result['name'],0,14)."...":$result['name'];
$result['subtotal']=$result['price']*$quantity;
$result['price']=$result['price'];
$result['quantity']=$quantity;
$result['color']=$_SESSION['cart'][$key]['color'];
$result['url']=($result['type']==0)?"?action=view_info&id=".$result['id']:"?action=view_acc_info&id=".$result['id'];
$list[]=$result;
}
$shipping_fee=shipping_fee($n);
$amount=$amount+$shipping_fee;
$shipping_address=get_address($_SESSION['user']);
include("tpl/checkout.tpl.php");
}elseif($action=="order_status"){
$title="Order Status";
$user=$_SESSION['user'];
$query=mysql_query("select * from ${prefix}history where user='$user' order by id DESC");
$list=array();
while($tmp=mysql_fetch_array($query)){
$tmp['shipping']=($tmp['shipping']=="")?"No":$tmp['shipping'];
$list[]=$tmp;
}
include("tpl/order_status.tpl.php");
}elseif($action=="view_order_status"){
$title="View Booking Information";
$id=slash($_GET['id']);
$query=mysql_query("select * from ${prefix}history where id='$id'");
$tmp=mysql_fetch_array($query);
if($tmp['user']!=$_SESSION['user']){
showmessage("Access Denied!");
}
$tmp['shipping']=($tmp['shipping']=="")?"No":$tmp['shipping'];
$tmp['remark']=slash(nl2br($tmp['remark']));
$tmp['item']=explode("||",$tmp['item']);
for($i=0;$i<count($tmp['item']);$i++){
$tmp['item'][$i]=explode("|",$tmp['item'][$i]);
$tmp['item'][$i]['id']=$tmp['item'][$i][0];
$tmp['item'][$i]['color']=$tmp['item'][$i][1];
$tmp['item'][$i]['quantity']=$tmp['item'][$i][2];
$query=mysql_query("select name from ${prefix}product where id='".$tmp['item'][$i]['id']."'");
$result=mysql_fetch_array($query);
$tmp['item'][$i]['name']=$result['name'];
unset($result);
}
$shipping_address=get_address($tmp['user']);
include("tpl/view_order_status.tpl.php");
}
?>
|
|
