これは悪夢のような仲間です。 PHPShop

. PHPShop, - .



, Enterprise- - PHPShop (2.1) . - , . .



. 2 php . .





:

1. php-:

require("../connect.php");

@mysql_connect ("$host", "$user_db", "$pass_db")or @die(" ");

mysql_select_db("$dbase")or @die(" ");

require("../enter_to_admin.php");







2. defines.php

table_name="phpshop_categories"; #

table_name1="phpshop_orders"; #

table_name2="phpshop_products"; #

table_name3="phpshop_system"; #







3. «»

if(@parse_ini_file("../../phpshop/inc/config.ini",1))

$SysValue=parse_ini_file("../../phpshop/inc/config.ini",1);

elseif(@parse_ini_file("../../../phpshop/inc/config.ini",1))

$SysValue=parse_ini_file("../../../phpshop/inc/config.ini",1);

elseif(@parse_ini_file("../../../../phpshop/inc/config.ini",1))

$SysValue=parse_ini_file("../../../../phpshop/inc/config.ini",1);

else $SysValue=@parse_ini_file("../../../../../phpshop/inc/config.ini",1);

$sql="select * from ".$SysValue['base']['table_name28']." order by discount";

$result=mysql_query($sql);

while ($row = mysql_fetch_array($result))

{

$id=$row['id'];

$name=$row['name'];

$discount=$row['discount'];

$sel="";

if($n==$id) $sel="selected";

@$dis.="<option value=".$id." ".$sel." >".$name." - ".$discount."%



\n";

}



4. Update

$sql="UPDATE ".$SysValue['base']['table_name27']."

SET

login='$login_new',

password='".base64_encode($password_new)."',

mail='$mail_new',

name='$name_new',

company='$company_new',

inn='$inn_new',

tel='$tel_new',

adres='$adres_new',

enabled='$enabled_new',

status='$status_new',

kpp='$kpp_new',

tel_code='$tel_code_new'

where id='$userID'";







5. register_globals

if(@$productDELETE=="doIT")//

{

if(CheckedRules($UserStatus["shopusers"],1) == 1){

$sql="delete from ".$SysValue['base']['table_name27']."

where id='$userID'";

$result=mysql_query($sql)or @die(" ");

echo"



";

}else $UserChek->BadUserFormaWindow();

}









PHP4.

.

php, sql, html, js.

FF 3.

, %60 .



? 12000 ? ?

, 4 , : habrahabr.ru/search/?q=phpshop