<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" class="btn btn-default">Sign in</button>
</div>
</div>
</form>
<?php
if (!isset($_POST['code'], $_POST['idcard'])) {
exit;
}
if ($_POST['code'] == '' || $_POST['idcard'] == '') {
header('Location: 404.html');
exit;
}
$code = SqlGuard($_POST['code'], $dbConn);
$idcard = SqlGuard($_POST['idcard'], $dbConn);
// check code
if ($code != $_SESSION['code']) {
echo '<script>alert("短信验证码错误!");document.reload(true);</script>';
exit;
}
// check idcard
if ($_SESSION['username'] == 'kirie') {
$realidcard = '3798';
} else {
if ($_SESSION['username'] == 'mcshop_sale') {
$realidcard = '3889';
} else {
$realidcard = 'xxxxx123123';
}
}
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" class="btn btn-default">Sign in</button>
</div>
</div>
</form>
</div>
<?php
if (!isset($_POST['username'], $_POST['password'])) {
exit;
}
$username = SqlGuard($_POST['username'], $dbConn);
$password = SqlGuard($_POST['password'], $dbConn);
$password = md5($password);
$sql = "SELECT * FROM mcshop_user WHERE username='******' AND password='******'";
$result = $dbConn->query($sql);
if ($result->num_rows == 1) {
$row = $result->fetch_assoc();
$_SESSION['username'] = $row['username'];
$_SESSION['id'] = $row['id'];
$_SESSION['token'] = $row['token'];
$_SESSION['isLogin'] = 1;
echo '登录成功,<a href="index.php">点我返回</a>';
} else {
echo '密码错误。';
exit;
}
?>
// ["password1"]=> string(6) "111111" ["password2"]=> string(6) "111111"
// ["email"]=> string(9) "*****@*****.**" }
if (!isset($_POST['username'], $_POST['password1'], $_POST['password2'], $_POST['email'])) {
header('Location: 404.html');
exit;
}
if ($_POST['username'] == "" || $_POST['password1'] == "" || $_POST['password2'] == "" || $_POST['email'] == "") {
header('Location: 404.html');
exit;
}
echo '<script>alert("注册真的关了,别特么试了。。");</script>';
header("Refresh:0.1;url=404.html");
$username = SqlGuard($_POST['username'], $dbConn);
$password1 = SqlGuard($_POST['password1'], $dbConn);
$password2 = SqlGuard($_POST['password2'], $dbConn);
$email = SqlGuard($_POST['email'], $dbConn);
$password = md5($password1);
$token = CreateRandomString(64);
$sql = "SELECT * FROM mcshop_user WHERE username = '******'";
$result = $dbConn->query($sql);
if ($result->num_rows != 0) {
exit;
}
$sql = "INSERT INTO mcshop_user VALUES ('', '{$username}', '{$password}', '{$email}', '{$token}', '0', '0')";
//echo $sql;
$result = $dbConn->query($sql);
break;
default:
header('Location: 404.html');
exit;
}
require_once 'config/config.inc.php';
require_once 'config/common.php';
if (!isset($_SESSION['auth1'], $_SESSION['auth2'])) {
header('Location: 404.html');
}
?>
<!-- debug.php?server_name=&cnt= -->
<?php
$server_name = $_GET['server_name'];
$cnt = $_GET['cnt'];
$list = array('a', 'b', 'c', 'd', 'e', 'f');
if (!in_array($server_name, $list)) {
exit;
}
$server_name = SqlGuard(trim($server_name), $dbConn);
$cnt = intval(SqlGuard(trim($cnt), $dbConn));
if ($server_name == '' || $cnt == '' || $cnt <= 0) {
exit;
}
$sql = "UPDATE server_list SET sum_number=sum_number+{$cnt}, left_number=sum_number-inuse_number WHERE server_name='server-{$server_name}'";
$result = $dbConn->query($sql);
if (!$result) {
exit;
} else {
echo 'got!';
}
?>
<?php
require_once 'footer.php';
if ($oldCnt - $n == 0) {
$sql = "DELETE FROM cart WHERE uid='{$uid}' AND server_id='{$t}'";
$result = $dbConn->query($sql);
} else {
$n = $_GET['n'];
$pattern = '/ifnull|substr|or|and|benchmark/i';
$n = preg_replace($pattern, 'aa', $n);
$sql = "UPDATE cart SET cnt = cnt - '{$n}', sum_price = sum_price - '{$n}'*price WHERE server_id='{$t}' AND uid='{$uid}'";
$result = $dbConn->query($sql);
//echo mysqli_error($dbConn);
//echo '<br/>'.$sql;
}
}
// 更新服务器余量
// t - server_id
// n - count
$n = SqlGuard($_GET['n'], $dbConn);
$sql = "UPDATE server_list SET inuse_number=inuse_number-'{$n}',left_number=left_number+'{$n}' WHERE id='{$t}'";
$result = $dbConn->query($sql);
echo '<script>alert("删除成功!");</script>';
header('Refresh:0.1;url=mycart.php');
exit;
}
} else {
header('Location: 404.html');
}
}
?>
<?php
require_once "footer.php";
<div class="form-group">
<label for="rmb" class="col-sm-2 control-label">RMB</label>
<div class="col-sm-10">
<input type="number" class="form-control" id="rmb" name="rmb" />
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" class="btn btn-default">充钱!</button>
</div>
</div>
</form>
</div>
<?php
$username = SqlGuard($_POST['username'], $dbConn);
$rmb = (int) SqlGuard($_POST['rmb'], $dbConn);
if ($rmb <= 0) {
echo '你似不似傻?';
exit;
}
// 检测用户是否存在
$sql = "SELECT * FROM mcshop_user WHERE username = '******'";
$result = $dbConn->query($sql);
if ($result->num_rows != 1) {
echo '你似不似傻?';
exit;
}
// 充钱
$sql = "UPDATE mcshop_user SET bank = bank + '{$rmb}' WHERE username='******'";
$result = $dbConn->query($sql);
echo '充值成功!';
exit;
}
$id = $_SESSION['id'];
$sql = "SELECT * FROM mcshop_user WHERE id='{$id}'";
$result = $dbConn->query($sql);
$row = $result->fetch_assoc();
$bank = $row['bank'];
if ($bank < 50000) {
echo '<script>alert("抱歉,您的余额不足50000RMB,请先充值:)")</script>';
exit;
}
if (!isset($_POST['p'])) {
header('Location: 404.html');
exit;
}
$p = SqlGuard($_POST['p'], $dbConn);
$server_name = 'server-' . $p;
// 取出该服务器的相关信息
$sql = "SELECT * FROM server_list WHERE server_name = '{$server_name}'";
$result = $dbConn->query($sql);
if ($result->num_rows != 1) {
header('Location: 404.html');
exit;
}
$server_info = $result->fetch_assoc();
//print_r($_SESSION);
// 插入到购物车表中
// 检查该用户购物车中是否有此商品
$uid = $_SESSION['id'];
$username = $_SESSION['username'];
$server_id = $server_info['id'];
