<?php
require_once 'funcs/functions.php';
session_start();
$city = "Jodhpur";
//$con = connectDB();
$ids = '';
$row = '';
$find = $_POST['searchtext'];
$find = mres_ss($find);
//echo $find;
$c = str_word_count($find);
//echo "<br>";
//echo $c;
$p = str_word_count($find, 2);
$j = 0;
//echo "<br>";
//echo $p;
/*for ($i = 0; $i < strlen($find); $i++)
{
if ($p[$i] != '')
{
$j = $j + 1;
$ar[$j] = $p[$i];
}
}*/
/*for ($num = 1; $num <= $c; $num++)
{
$arr1=$ar[$num]." ".$ar[($num % $c) + 1];
$arr2=$ar[($num % $c) + 1]." ".$ar[$num];
<?php
session_start();
if (isset($_SESSION['gs_userid'])) {
$uid = $_SESSION['gs_userid'];
require_once 'funcs/functions.php';
//$con = connectDB();
$aid = mres_ss($_GET['aid']);
$res = mysql_query("delete from customeraddress where CID='{$uid}' and AddressID='{$aid}'");
if ($res) {
header("location: manageAddress.php");
} else {
$regs = "An Error occurred while deleting your address";
}
//closeDB($con);
showMessage($regs);
} else {
header("location: index.php");
}
<?php
require_once 'funcs/functions.php';
//$con = connectDB();
session_start();
$subitems = mres_ss($_POST['subitems']);
$expc = explode("-", $subitems);
$echoString = "";
for ($i = 0; $i < count($expc); $i++) {
$subid = $expc[$i];
$res = mysql_query("select ItemID,SubItemName,Type,Price,Quantity from subitems where SubItemID='{$subid}'");
$row = mysql_fetch_array($res);
$itemId = $row['ItemID'];
$res1 = mysql_query("select count(*) as ItemCount from subitems where ItemID = {$itemId}");
$row1 = mysql_fetch_array($res1);
$itemCount = $row1['ItemCount'];
$subItemName = $row['SubItemName'];
$type = $row['Type'];
$price = $row['Price'];
$quantity = $row['Quantity'];
$res = mysql_query("select ItemName from items where ItemID='{$itemId}'");
$row = mysql_fetch_array($res);
$itemName = $row['ItemName'];
if ($type == "P") {
$cartString = "i->" . $subid . "->1->" . $subItemName . "->" . $type . "->" . $quantity . "->" . $price . "->" . $itemName;
} else {
$cartString = "i->" . $subid . "->0->" . $subItemName . "->" . $type . "->" . $quantity . "->" . $price . "->" . $itemName;
}
if (isset($_SESSION['gs_cart'])) {
$_SESSION['gs_cart'] = $_SESSION['gs_cart'] . ";" . $cartString;
} else {
<?php
require_once 'funcs/functions.php';
require_once 'funcs/mailsend.php';
$email = mres_ss($_POST['emailid']);
if (validEmail($email)) {
//$con = connectDB();
$pass = mres_ss($_POST['password']);
$repass = mres_ss($_POST['repassword']);
$username = mres_ss($_POST['custName']);
$mobno = mres_ss($_POST['mobileNo']);
$salt = substr(str_replace('+', '.', base64_encode(sha1(microtime(true), true))), 0, 22);
$hash = crypt($pass, '$2a$12$' . $salt);
$length = 13;
$rangeMin = pow(36, $length - 1);
$rangeMax = pow(36, $length) - 1;
$base10Rand = mt_rand($rangeMin, $rangeMax);
$newRand = base_convert($base10Rand, 10, 36);
$uname = explode("@", $str);
$randomString = "http://localhost/shopping_portal/test/regConfirm.php?verifyString=" . $email . "_jitendrachaudhary_" . $newRand;
$sql = "insert into customerdetails (Username,Email,Password,Phone,ActStatus,RandomString) values ('{$username}','{$email}','{$hash}','{$mobno}',0,'{$newRand}')";
$res = mysql_query($sql);
if ($res) {
$subject = "Activation Request from Online Shop";
$message = "\nWelcome {$username},<br/>\nPlease click the following Activation Link to confirm your Subscription,<br/>\n{$randomString}<br/>\n<br/>\nThank You\n";
$send = SendMail($email, $subject, $message);
if ($send) {
$regs = "You have been Registered!!!<br/>An Activation Link has been sent to: {$email}<br/>Please confirm your Registration. <br/> Thank You";
} else {
$regs = "An error occurred while sending Email.";
}
<?php
require_once 'funcs/functions.php';
//$con = connectDB();
$userid = mres_ss($_POST['emailid']);
$pass = mres_ss($_POST['password']);
if (isset($_GET['page'])) {
$page = mres_ss($_GET['page']);
} else {
$page = null;
}
if (isset($userid) && isset($pass)) {
if (validEmail($userid)) {
$res = mysql_query("select * from customerdetails where Email='{$userid}'");
if (mysql_num_rows($res) == 1) {
$row = mysql_fetch_array($res);
$string = crypt($pass, $row['Password']);
$subs = substr($string, 0, strlen($row['Password']));
if ($subs == $row['Password']) {
if ($row['ActStatus'] == 1) {
session_start();
$_SESSION['gs_userid'] = $row['CID'];
header("location: index.php");
} else {
$regs = "Your Registration is Incomplete!!!<br/>Please complete your registration by clicking on the activation link sent to your Email ID.<br/><b>Also check your SPAM Mail.</b>";
}
} else {
$regs = "Invalid Username/Password";
}
} else {
$regs = "Invalid Username/Password";
<?php
session_start();
if (isset($_SESSION['gs_userid'])) {
$uid = $_SESSION['gs_userid'];
require_once "funcs/functions.php";
//$con = connectDB();
$res = mysql_query("select * from customerdetails where CID='{$uid}'");
$row = mysql_fetch_array($res);
$currpass = mres_ss($_POST['currpass']);
$string = crypt($currpass, $row['Password']);
$subs = substr($string, 0, strlen($row['Password']));
if ($subs == $row['Password']) {
$newpass = mres_ss($_POST['newpass']);
$salt = substr(str_replace('+', '.', base64_encode(sha1(microtime(true), true))), 0, 22);
$hash = crypt($newpass, '$2a$12$' . $salt);
$res = mysql_query("update customerdetails set Password = '******' where CID = '{$uid}'");
if ($res) {
$regs = '<label style="color: green;">Password changed successfully!<label>';
} else {
$regs = '<label style="color: red;">An unexpected error occurred while changing the password</label>';
}
} else {
$regs = '<label style="color: red;">Invalid current Password!</label>';
}
//closeDB($con);
$_SESSION['pass_stat'] = $regs;
header("location: customerSettings.php");
} else {
header("location: index.php");
}
} else {
$cart = null;
}
require_once 'funcs/functions.php';
if ($cart) {
// $con = connectDB();
$currDate = date("d-m-Y");
$currTime = date("H:i:s");
$addressID = mres_ss($_POST['addressid']);
$custName = mres_ss($_POST['custname']);
if ($addressID == 0 || $addressID == "") {
$newaddress = mres_ss($_POST['address']);
$newcity = mres_ss($_POST['city']);
$newstate = mres_ss($_POST['state']);
$newpincode = mres_ss($_POST['pincode']);
$newphone = mres_ss($_POST['mobileno']);
$query = "insert into customeraddress (CID,Address,City,State,Pincode,Phone) values ('{$uid}','{$newaddress}','{$newcity}','{$newstate}','{$newpincode}','{$newphone}')";
mysql_query($query);
$addressID = mysql_insert_id($link);
}
$query = "insert into orders (OrderName,CID,Date,Time,Status,AddressID) values ('{$custName}','{$uid}','{$currDate}','{$currTime}','1','{$addressID}')";
mysql_query($query);
$insertID = mysql_insert_id($link);
if ($insertID > 0) {
$cartItem = explode(";", $cart);
for ($i = 0; $i < count($cartItem); $i++) {
$temp = explode("->", $cartItem[$i]);
$subItemID = $temp[1];
$res1 = mysql_query("select ItemID from items where SubItemID = {$subItemID}");
$row1 = mysql_fetch_array($res1);
$itemID = $row1['ItemID'];
<?php
session_start();
if (isset($_SESSION['gs_userid'])) {
$uid = $_SESSION['gs_userid'];
require_once 'funcs/functions.php';
//$con = connectDB();
$address = @mres_ss($_POST['address']);
$city = @mres_ss($_POST['city']);
$state = @mres_ss($_POST['state']);
$pincode = @mres_ss($_POST['pincode']);
$phone = @mres_ss($_POST['phone']);
$res = mysql_query("insert into customeraddress (CID,Address,City,State,Pincode,Phone) values ({$uid},'{$address}','{$city}','{$state}',{$pincode},'{$phone}')");
if ($res) {
header("location: manageAddress.php");
} else {
$regs = "An Error occurred while adding your address details";
}
//closeDB($con);
showMessage($regs);
} else {
header("location: index.php");
}
