D7net Mini Sh3LL v1
| Current File : C:/Domains/maymaytinson.com/httpdocs/filebrowser/../ckfinder/../zip_cart.php |
<?php
include 'conn/config.php';include 'conn/connect.php';
$mang=sizeof($_GET['name']);
$member='';
for($i=0;$i<$mang;$i++){
$name=$_GET['name'][$i];
$amount=$_GET['amount'][$i];
$price=$_GET['price'][$i];
$dateOrder=$_GET['dateOrder'][$i];
$image=$_GET['image'][$i];
$member=$_GET['member'][$i];
if(!empty($member)){
$stmt=$conn->prepare("INSERT INTO cart_zip(name,amount,price,dateOrder,image,member) VALUES(:name,:amount,:price,:dateOrder,:image,:member)");
$stmt->bindParam(":member",$member,PDO::PARAM_STR);
}else{
$stmt=$conn->prepare("INSERT INTO cart_zip(name,amount,price,dateOrder,image) VALUES(:name,:amount,:price,:dateOrder,:image)");
}
$stmt->bindParam(":name",$name,PDO::PARAM_STR);
$stmt->bindParam(":amount",$amount,PDO::PARAM_INT);
$stmt->bindParam(":price",$price,PDO::PARAM_STR);
$stmt->bindParam(":dateOrder",$dateOrder,PDO::PARAM_STR);
$stmt->bindParam(":image",$image,PDO::PARAM_STR);
$stmt->execute();
}
if(!empty($member)){
$check1=$conn->prepare("SELECT vip,point FROM zip_member WHERE user='".$member."'");
$check1->execute();
$checkVip1=$check1->fetch(PDO::FETCH_ASSOC);
echo $updatePoint=$checkVip1['point']+(array_sum($_GET['price'])/1000);
$point=$conn->prepare("UPDATE zip_member SET point=:point WHERE user='".$member."'");
$point->bindParam(":point",$updatePoint,PDO::PARAM_INT);
$point->execute();
if($checkVip1['point']>=1000){
echo $vip=1;
$update=$conn->prepare("UPDATE zip_member SET vip=:vip WHERE user='".$member."'");
$update->bindParam(":vip",$vip,PDO::PARAM_INT);
$update->execute();
}
}
header("location:".$_GET['lastpage']);
?>
AnonSec - 2021 | Recode By D7net