sql_query($query); $row=$db->sql_fetchrow($result); $state=$row['pvs_id']; $Secrypt = new Secrypt(); $EncryptedData = $Secrypt->Encrypt($pass1, PRIVATEKEY,PUBLICKEY); $sql= "INSERT ".MEM."( mid,mletter,mregist,mname,mpass,maddr,mtel,mmobile,mavai,memail,mnew,pvs_id,pv_id)VALUES('null','$mletter','$date_current','$name','$EncryptedData','$addr','$tel','$mobile','0','$email','0','$state','$province')"; $db->sql_query($sql); $ids=mysql_insert_id(); $go=1; }else { $sqlx="SELECT * FROM ".MEM." WHERE memail ='".$_POST['email']."' AND mavai=0 AND mname='' "; $ab2=Count_number($sqlx); if($ab2==1){ $resultx = $db->sql_query($sqlx); $row = $db->sql_fetchrow($resultx); $mid=$row['mid']; if($chk==true) $mletter=1; else $mletter=0; $query="SELECT * FROM ".SRV." WHERE pvs_name='$state'"; $result=$db->sql_query($query); $row=$db->sql_fetchrow($result); $state=$row['pvs_id']; $Secrypt = new Secrypt(); $EncryptedData = $Secrypt->Encrypt($pass1, PRIVATEKEY,PUBLICKEY); $sql= "UPDATE ".MEM." SET mletter='$mletter',mregist='$date_current',mname='$name',mpass='$EncryptedData',pv_id='$province',maddr='$addr',mtel='$tel',mmobile='$mobile',mavai='0',memail='$email',mnew='0',pvs_id='$state' WHERE mid='$mid' "; $db->sql_query($sql); $ids=$mid; $go=1; } else alert_javascript("ไม่สามารถใช้ $email นี้ในระบบได้ กรุณาลองใหม่"); } if($go==1) { $subjects="New Member Register/Baanpinto.com"; $headers = "From:noreply@baanpinto.com\n"; $message.="User email:$email\nPassword:$pass1\n\n ขอบคุณที่ไว้วางใจใช้บริการบ้านปิ่นโต\nhttp://www.baanpinto.com\n\nกรุณาคลิกที่ Link http://www.baanpinto.com/active.php?id=$ids เพื่อยืนยันตัวตน"; mail("webmaster@baanpinto.com","Member Register email $email",$message,$headers); if(!mail($email,$subjects,$message,$headers)) alert_javascript("ไม่สามารถส่งเมลได้ กรุณาส่ง email ถึง admin@baanpinto.com"); else alert_javascript("กรุณาตรวจสอบการสมัครได้ที่ E-mail หากคุณใช้ E-mail ฟรีกรุณาแน่ใจว่าไม่ได้อยู่ในเมลขยะของท่าน(Junk mail)"); Replace_location("index.php"); unset($_SESSION['security_code']); } } else { alert_javascript("คุณกรอกรหัสความปลอดภัยผิดพลาดกรุณากรอกใหม่"); $email=$email; $email2=$email2; $name=$name; $tel=$tel; $mobile=$mobile; $addr=$addr; } } // end if post if (!empty($_POST['forget'])&&($_POST['forget']=="send")) { if( $_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'] ) ) { $sqlx="SELECT * FROM ".MEM." WHERE memail ='".$_POST['email']."'"; $ab2=Count_number($sqlx); if($ab2==1){ $resultx = $db->sql_query($sqlx); $row = $db->sql_fetchrow($resultx); $pass1=$row['mpass']; $Secrypt = new Secrypt(); $Genpass = $Secrypt->Decrypt($pass1, PRIVATEKEY,PUBLICKEY); $subjects="Forget Password/Baanpinto.com"; $headers = "From:noreply@baanpinto.com\n"; $message.="รหัสผ่านของท่านคือ $Genpass\n หากท่านไม่ได้ร้องขอรหัสผ่านกรุณาเพิกเฉยต่ออีเมลนี้\n\n ขอบคุณที่ไว้วางใจใช้บริการบ้านปิ่นโต\nhttp://www.baanpinto.com"; if(!mail($email,$subjects,$message,$headers)) alert_javascript("ไม่สามารถส่งเมลได้ กรุณาส่ง email ถึง admin@baanpinto.com"); else alert_javascript("กรุณาตรวจสอบพาสเวิร์ดได้ที่ E-mail หากคุณใช้ E-mail ฟรีกรุณาแน่ใจว่าไม่ได้อยู่ในเมลขยะของท่าน(Junk mail)"); Replace_location("index.php"); unset($_SESSION['security_code']); }else alert_javascript("ไม่พบ Email $email ในระบบกรุณาลองใหม่อีกครั้ง"); } else alert_javascript("คุณกรอกรหัสความปลอดภัยผิดพลาดกรุณากรอกใหม่"); } if (!empty($_POST['sendfriend'])&&($_POST['sendfriend']=="send")) { if( $_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'] ) ) { $subjects="เพื่อนของคุณขอแนะนำเว็บไซต์ Baanpinto.com"; $hh= '=?utf-8?B?'.base64_encode($name).'?='; $message.= "สวัสดี $name2

เพื่อนของคุณชื่อ $name ได้แนะนำเวปไซต์ บ้านปิ่นโต กับคุณ

บ้านปิ่นโต บริการ อาหารกล่อง ราคาประหยัด บรรจุในชามพลาสติกสำหรับบรรจุอาหารอย่างดี ด้วยรูปทรงสวยงาม สามารถจัดราคาได้ตามงบประมาณของท่าน โดยไม่จำกัดจำนวนการสั่ง

ท่านสามารถดูรายละเอียดเพิ่มเติมได้ที่ http://www.baanpinto.com

ขอบคุณครับ"; $headers = "MIME-Version: 1.0\n"; $headers .= "Content-Type: text/html; charset=utf-8\n"; $headers .= "To: $email2\n"; $headers .= "From:$hh<$email>\n"; $subjects = '=?utf-8?B?'.base64_encode($subjects).'?='; $message = str_replace('\"', '"', $message); $message = str_replace("\'", "'", $message); if(! mail($to_none, $subjects, $message, $headers)) alert_javascript("ไม่สามารถส่งเมลได้ กรุณาส่ง email ถึง admin@baanpinto.com"); else alert_javascript("ส่งข้อความถึงเพื่อนของคุณแล้ว ขอบคุณที่แนะนำเว็บไซต์ของเราครับ"); Replace_location("index.php"); unset($_SESSION['security_code']); } else alert_javascript("คุณกรอกรหัสความปลอดภัยผิดพลาดกรุณากรอกใหม่"); } if (!empty($_POST['sendcontact'])&&($_POST['sendcontact']=="send")) { if( $_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'] ) ) { $subjects="สอบถามรายละเอียดจากหน้าเว็บไซต์"; $hh= '=?utf-8?B?'.base64_encode($name).'?='; if(isset($tel)&&$tel!="") $tel=$tel; else $tel="ไม่ระบุหมายเลข"; $message.= nl2br($txt)."

หมายเลขโทรศัพท์ติดต่อ : ".$tel2; $headers = "MIME-Version: 1.0\n"; $headers .= "Content-Type: text/html; charset=utf-8\n"; // $headers .= "To:sales@baanpinto.com\n"; $headers .= "To:sales@baanpinto.com\n"; $headers .= "From:$hh<$email>\n"; $subjects = '=?utf-8?B?'.base64_encode($subjects).'?='; $message = str_replace('\"', '"', $message); $message = str_replace("\'", "'", $message); if(! mail($to_none, $subjects, $message, $headers)) alert_javascript("ไม่สามารถส่งเมลได้ กรุณาส่ง email ถึง admin@baanpinto.com"); else alert_javascript("ส่งข้อความถึงทีมงานเรียบร้อยครับ ทางเราจะติดต่อกลับไปโดยเร็วที่สุด"); Replace_location("index.php"); unset($_SESSION['security_code']); } else alert_javascript("คุณกรอกรหัสความปลอดภัยผิดพลาดกรุณากรอกใหม่"); } $template = new Template('templates/webtpl/') ; $profile=get_table_details(ADM,1,"admin_id"); $tel=$profile["admin_tel"]; $title=$profile["admin_title"]; $desc=$profile["admin_desc"]; $keyw=$profile["admin_key"]; $banner=nl2br($profile["admin_banner"]); $pro= $profile["admin_pro"]; $contact=$profile["admin_contact"]; $action=$_GET['action']; $id=$_GET['id']; $admin_file=$profile["admin_file"]; $payment=$profile["admin_payment"]; if(!isset($action)) $action="index"; $sql="SELECT * FROM ".MNG." WHERE gp_avai=1"; $result = $db->sql_query($sql); $total_gp =0; while( $row = $db->sql_fetchrow($result) ) { $gp[] = $row; $total_gp++; } $menu=""; $menux="
"; for($i=0;$i<$total_gp;$i++){ $menu.= ""; $menux.= ""; } } $menu.="
".$gp[$i]['gp_name']."
".$gp[$i]['gp_name']."
"; $sqlfdx1="SELECT * FROM ".FDD." WHERE gp_id='".$gp[$i]['gp_id']."' AND favai=1 ORDER BY BINARY fname"; $resultfdx1 = $db->sql_query($sqlfdx1); $total_fdx1 =0; while( $rowfdx1 = $db->sql_fetchrow($resultfdx1) ) { $fddx1[] = $rowfdx1; $total_fdx1++; } if($total_fdx1>0) { for($ix1=0;$ix1<$total_fdx1;$ix1++) { $ix1x=$ix1+1; $menux.="$ix1x.".$fddx1[$ix1]['fname']."
"; } unset($fddx1); $menux.="
";$menux.=""; $db->sql_freeresult($result); $template->assign_vars(array( 'MENU' =>$menu, 'TEL' => $tel, 'DESCRIPTION' =>$desc, 'TITLE' =>$title, 'KEYWORDS' =>$keyw, 'ARC' =>$id, 'NAME' =>$name, 'EMAIL' =>$email, 'ADDR' =>$addr, 'TELS' =>$tel, 'MOBILE' =>$mobile, 'EMAIL2' =>$email2, 'MENUX' =>$menux, 'PROMOTION'=>$pro )); if($pro!="") $template->assign_block_vars('pro',array( )); if(session_is_registered('memberdata')==false) { $template->assign_block_vars('omember',array( )); } else $template->assign_block_vars('inmember',array( 'NN' =>$memberdata['mname'] )); if($admin_file!="") $template->assign_block_vars('dmenu',array( 'FILED' =>$admin_file)); switch($action) { case "news": $abb=Count_number("SELECT * FROM ".MEM." WHERE memail ='".$_POST['letter']."'"); if($abb==1) alert_javascript("มี Email ดังกล่าวในระบบแล้วกรุณาลองใหม่"); else { $sql= "INSERT ".MEM."(mid,mletter,memail,mavai)VALUES('null','1','$letter','0')"; $db->sql_query($sql); alert_javascript("ขอบคุณสำหรับความไว้วางใจรับข่าวสารจากเราบ้านปิ่นโตครับ"); } Replace_location("index.php"); break; case "contact": $template->assign_vars(array( 'CONTACT' =>nl2br($contact), 'NAME' =>$name, 'EMAIL' =>$email, 'TXT' =>$txt, 'TEL2' =>$tel2 )); $template->set_filenames(array( 'box' => 'contact.tpl' ),'',''); break; case "payment": $template->assign_vars(array( 'CONTACT' =>nl2br($payment) )); $template->set_filenames(array( 'box' => 'payment.tpl' ),'',''); break; case "register": $query="SELECT * FROM ".PRV." WHERE avai=1 ORDER BY BINARY name "; $result=$db->sql_query($query); $pv=1; while ($row=$db->sql_fetchrow($result)) { $pvc_id=$row['pv_id']; if($pvc_id==$pv_id){ $sel="selected"; $sels="";} else{ $sel=""; $sels="selected"; } //echo $pvc_id."\n"; $query2="SELECT * FROM ".SRV." WHERE pv_id=".$row['pv_id']." ORDER BY BINARY pvs_name"; $result2=$db->sql_query($query2); $Num_Rowss= $db->sql_numrows($result2); if($Num_Rowss==0){ $city.="regionState.forValue(\"".$row['pv_id']."\").addOptions(\"\");\n";} else { $city.="regionState.forValue(\"".$row['pv_id']."\").addOptions("; $pvv=1; while ($row2=$db->sql_fetchrow($result2) ) { if($pvv==$Num_Rowss) $city.="\"".$row2['pvs_name']."\""; else $city.="\"".$row2['pvs_name']."\","; $pvv=$pvv+1; } $city.=");\n"; } $options.="\n"; $pv=$pv+1; } $db->sql_freeresult($result); $db->sql_freeresult($result2); $template->assign_vars(array( 'STATE' =>$state, 'CITY' =>$city, 'OPTIONS' =>$options , 'SUB' =>$sub, 'PV_ID' =>$pv_id )); $template->set_filenames(array( 'box' => 'register.tpl' ),'',''); break; case "fpw": $template->set_filenames(array( 'box' => 'forget.tpl' ),'',''); break; case "sendfr": if($memberdata['mid']!="") { $name=$memberdata["mname"]; $email=$memberdata["memail"]; } $template->assign_vars(array( 'NAME2' =>$name2, 'EMAIL2' =>$email2, 'EMAIL'=>$email, 'NAME' =>$name, 'TXT' =>$txt )); $template->set_filenames(array( 'box' => 'sendfr.tpl' ),'',''); break; case "profile": if(session_is_registered('memberdata')==false) { alert_javascript("กรุณาล็อคอินก่อนครับ"); Replace_location("index.php"); } if($memberdata['mletter']==1) $chk= " checked"; else $chk=""; $Secrypt = new Secrypt(); $DecryptedData = $Secrypt->Decrypt($memberdata['mpass'], PRIVATEKEY,PUBLICKEY); $pv_id=$memberdata["pv_id"]; $query="SELECT * FROM ".PRV." WHERE avai=1 ORDER BY BINARY name"; $result=$db->sql_query($query); $pv=1; while ($row=$db->sql_fetchrow($result)) { $pvc_id=$row['pv_id']; if($pvc_id==$pv_id){ $sel="selected"; } else{ $sel=""; } //echo $pvc_id."\n"; $query2="SELECT * FROM ".SRV." WHERE pv_id=".$row['pv_id']." ORDER BY BINARY pvs_name"; $result2=$db->sql_query($query2); $Num_Rowss= $db->sql_numrows($result2); if($Num_Rowss==0){ $city.="regionState.forValue(\"".$row['pv_id']."\").addOptions(\"\");\n";} else { $city.="regionState.forValue(\"".$row['pv_id']."\").addOptions("; $pvv=1; while ($rowx2=$db->sql_fetchrow($result2) ) { if($memberdata["pvs_id"]==$rowx2["pvs_id"]) { $ss=$rowx2["pvs_name"];} if($pvv==$Num_Rowss) $city.="\"".$rowx2["pvs_name"]."\""; else $city.="\"".$rowx2["pvs_name"]."\","; $pvv=$pvv+1; } $city.=");\n"; } $options.="\n"; $pv=$pv+1; } $db->sql_freeresult($result); // $db->sql_freeresult($result2); $template->assign_vars(array( 'NAME' =>$memberdata['mname'], 'EMAIL' =>$memberdata['memail'], 'ADDR' =>$memberdata['maddr'], 'TELS' =>$memberdata['mtel'], 'MOBILE' =>$memberdata['mmobile'], 'STATE' =>$state, 'CITY' =>$city, 'OPTIONS' =>$options, 'STT' =>$ss, 'OPTIONS1' =>$options1, 'GROUPX' =>$groupx, 'SUB' =>$sub, 'SELS1' =>$selx, 'PASS' =>$DecryptedData , 'CHK' =>$chk )); $template->set_filenames(array( 'box' => 'profile.tpl' ),'',''); break; case "type": $sql="SELECT * FROM ".MNG." WHERE gp_name = '$id'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $mid=$row['gp_id']; include("type.php"); $template->assign_vars(array( 'MID' =>$id, 'LIST' =>$list, 'LISTX' =>$listx )); $template->set_filenames(array( 'box' => 'type.tpl' ),'',''); break; case "editprofile": if(session_is_registered('memberdata')==false) { alert_javascript("กรุณาล็อคอินก่อนครับ"); Replace_location("index.php"); } if( $_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'] ) ) { $sql="SELECT * FROM ".MEM." WHERE memail ='".$_POST['email']."'"; $result = $db->sql_query($sql); $ab2=Count_number($sql); if($ab2==1){ $row = $db->sql_fetchrow($result); if($row['memail']==$memberdata['memail']) $aa=1; else $aa=0; } else $aa=1; if($aa==1){ if($chk==true) $mletter=1; else $mletter=0; $Secrypt = new Secrypt(); $EncryptedData = $Secrypt->Encrypt($pass1, PRIVATEKEY,PUBLICKEY); $query="SELECT * FROM ".SRV." WHERE pvs_name='$state'"; $result=$db->sql_query($query); $row=$db->sql_fetchrow($result); $state=$row['pvs_id']; $sql= "UPDATE ".MEM." SET mletter='$mletter', mname='$name',mpass='$EncryptedData',maddr='$addr',mtel='$tel',mmobile='$mobile', memail='$email' ,pvs_id='$state',pv_id='$province' WHERE mid=".$memberdata['mid']; $memberdata['mname']=$name; $memberdata['mpass']=$EncryptedData; $memberdata['maddr']=$addr; $memberdata['mtel']=$tel; $memberdata['mmobile']=$mobile; $memberdata['memail']=$email; $memberdata['mletter']=$mletter; $memberdata['pv_id']=$province; $memberdata['pvs_id']=$state; $db->sql_query($sql); alert_javascript("แก้ไขข้อมูลเรียบร้อย"); Replace_location("profile.html"); unset($_SESSION['security_code']); } else { alert_javascript("ไม่สามารถเปลี่ยนอีเมลซ้ำกับที่มีอยู่ในระบบท่านอื่นได้"); Replace_location("profile.html");} }else { alert_javascript("คุณกรอกรหัสความปลอดภัยผิดพลาดกรุณากรอกใหม่"); Replace_location("profile.html"); } break; case "login": $user = $email; $pass = $pwd; $Secrypt = new Secrypt(); $EncryptedData = $Secrypt->Encrypt($pass,PRIVATEKEY,PUBLICKEY); $SQL = "SELECT * FROM ".MEM." WHERE memail = '$user' and mpass='$EncryptedData' and mavai=1" ; $Result = $db->sql_query($SQL) ; $Num = $db->sql_numrows($Result); if($Num ==1 ) { $Row = $db->sql_fetchrow($Result); $memberdata= $Row; session_register("memberdata"); Replace_location("index.php"); } else { ?> sql_query($sql); $row = $db->sql_fetchrow($result); /* if($row['new_avai']==0||session_is_registered('logins')==false){ Replace_location("index.php"); } else {*/ $template->assign_vars(array( 'TITLE' =>stripslashes($row['new_subj']), 'DATET' =>MonthName($row['new_date'],3), 'DT' =>stripslashes($row['new_desc']) , 'ARC' =>"" )); $db->sql_freeresult($result); $template->set_filenames(array( 'box' => 'newsletter.tpl' ),'',''); break; case "arc": $sql="SELECT * FROM ".ARC." WHERE aid = '$id'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $aa=$row['acount']+1; $template->assign_vars(array( 'TITLE' =>stripslashes($row['atitle']), 'DATET' =>MonthName($row['adate'],3), 'DT' =>stripslashes($row['atext']), 'COUNT' =>$row['acount'] )); $db->sql_freeresult($result); $sql="UPDATE ".ARC." SET acount='$aa' WHERE aid = '$id'"; $result = $db->sql_query($sql); $template->assign_vars(array( 'ARC' =>stripslashes($row['atitle'])." ".$title )); $template->set_filenames(array( 'box' => 'arc.tpl' ),'',''); break; case "food": $sql="SELECT * FROM ".FDD." WHERE fname = '$id'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $gp_id=$row['gp_id']; $fid=$row['fid']; $profile=get_table_details(MNG,$gp_id,"gp_id"); $mname=$profile["gp_name"]; $sqlx="SELECT * FROM ".IMG." WHERE fid='$fid' "; $resultx = $db->sql_query($sqlx); ; $total =0; while( $rowx = $db->sql_fetchrow($resultx) ) { $album[] = $rowx; $total++; } if($total>0) { $list=" ภาพประกอบ"; for($xx=0;$xx<$total;$xx++) { list($width,$height)= getimagesize("images/food/".$album[$xx]['imgname']); if($xx%5==0) $list.=""; if($width<1024&&$height<600){ $ll=512-($width/2); $hh=300-($height/2);} else { $ll=0; $hh=0;} $list.=' '; }$list.="
'; $list.=""; $list.='
"; } $db->sql_freeresult($resultx); $sqls="SELECT * FROM ".FDD." WHERE gp_id=$gp_id AND fid<>'$fid'"; $results = $db->sql_query($sqls); $total_gp =0; while( $rowxx = $db->sql_fetchrow($results) ) { $gpx[] = $rowxx; $total_gp++; } if($total_gp!=0){ $fmenu=""; for($i=0;$i<$total_gp;$i++){ if($i%5==0) $fmenu.=""; $fmenu.= ""; } $fmenu.="
".$gpx[$i]['fname']."
"; }else $fmenu= $lang['nodata'] ; $template->assign_vars(array( 'MID' =>"".$mname."", 'FOOD' =>$id, 'ID' =>$row['fid'], 'PRICE' =>number_format($row['fprice'],2), 'DESC' =>$row['fdetails'], 'IMG' =>$list, 'LESS' =>$row['fless']!=""?" สั่งขั้นต่ำ".$row['fless']:"", 'MAX' =>$row['fmax']!=""?" สั่ง ".$row['fmax']."ส่งฟรี ":"", 'SHIP' =>$row['fship']!=""?" ค่าจัดส่ง ".$row['fship']."บาท":"", 'OTHER' =>$fmenu )); $template->set_filenames(array( 'box' => 'food.tpl' ),'',''); break; case "subscribe": if(isset($_GET["email"])) { $sql="SELECT * FROM ".MEM." WHERE memail = '$email'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $mid=$row['mid']; $mname=$row['mname']; $mpass=$row['mpass']; if($mname!="" && $mpass!=""){ $sql= "UPDATE ".MEM." SET mletter=0 WHERE mid='$mid' "; $db->sql_query($sql); alert_javascript("ขอบคุณที่ใช้บริการบ้านปิ่นโตครับหากต้องการรับจดหมายจากเรากรุณาเข้าไปแก้ไขในหมวดแก้ไขข้อมูลสมาชิกครับ"); } else { $sql= "DELETE FROM ".MEM." WHERE mid='$mid' "; $db->sql_query($sql); alert_javascript("ขอบคุณที่ใช้บริการบ้านปิ่นโตครับ หากท่านต้องการรับข่าวสารจากเราท่านสามารถกรอกรายละเอียดอีเมลเพื่อขอรับจดหมายได้เช่นเดิมครับ"); } Replace_location("index.php"); } break; case "index": //index page $sqlc="SELECT * FROM ".FDD." WHERE fpop='1' and favai=1"; $result = $db->sql_query($sqlc); $total_fdd =0; while( $row = $db->sql_fetchrow($result) ) { $fdd[] = $row; $total_fdd++; } if($total_fdd!=0){ $template->assign_block_vars('sug',array( )); for($i=0;$i<$total_fdd;$i++){ $sqlimg="SELECT * FROM ".IMG." WHERE fid=".$fdd[$i]['fid']; $allpostx=Count_number($sqlimg); $profile=get_table_details(MNG,$fdd[$i]['gp_id'],"gp_id"); $mname=$profile["gp_name"]; $linkis=""; if($allpostx>0) { $resultx = $db->sql_query($sqlimg); $rowx = $db->sql_fetchrow($resultx); $img='
'.$linkis."
"; } else $img=""; $template->assign_block_vars('sug.food',array( 'NAME' => $linkis.$fdd[$i]['fname']."
($mname)" , 'DESC' => utf8_substr($fdd[$i]['fdetails'],0,250), 'IMG' =>$img, 'LINKIS' =>$linkis )); } } $db->sql_freeresult($result); $sqlc="SELECT * FROM ".PP." WHERE post_avai='1' ORDER BY post_date DESC,replydate DESC LIMIT 10"; $result = $db->sql_query($sqlc); $total_p =0; while( $rowp = $db->sql_fetchrow($result) ) { $p[] = $rowp; $total_p++; } if($total_p!=0){ $template->assign_block_vars('board',array( )); for($i=0;$i<$total_p;$i++){ $profile=get_table_details(MEM,$p[$i]['mid'],"mid"); $mname=$profile["mname"]; $template->assign_block_vars('board.p',array( 'TT'=>banword($p[$i]["post_title"],1) , 'ID'=>$p[$i]["post_id"] , 'BY' =>$mname, 'READ' =>$p[$i]["post_view"], 'REPLY' =>$p[$i]["post_hit"], 'DATE' =>$p[$i]["post_date"] )); } }else $template->assign_block_vars('boardnodata',array( )); $db->sql_freeresult($result); $sqlm="SELECT * FROM ".MNG." WHERE gp_avai=1"; $resultm = $db->sql_query($sqlm); $total_gpm =0; while( $rowm = $db->sql_fetchrow($resultm) ) { $gpm[] = $rowm; $total_gpm++; } if($total_gpm>0){ for($im=0;$im<$total_gpm;$im++){ $sqlfdx="SELECT * FROM ".FDD." WHERE gp_id='".$gpm[$im]['gp_id']."' AND favai=1 ORDER BY BINARY fname"; $resultfdx = $db->sql_query($sqlfdx); $total_fdx =0; while( $rowfdx = $db->sql_fetchrow($resultfdx) ) { $fddx[] = $rowfdx; $total_fdx++; } $listfdd=""; if($total_fdx>0) { for($ix=0;$ix<$total_fdx;$ix++) { if($ix%2==0) $listfdd.="
"; $listfdd.="[".$fddx[$ix]['fname']."]   "; } unset($fddx); } else $listfdd=$lang["nodata"]; if($gpm[$im]['gp_img']!="") $img=""; else $img=""; $template->assign_block_vars('listmng',array( 'MNAME' =>"".$gpm[$im]['gp_name']."", 'IMG' =>"".$img."", 'DESC' =>$gpm[$im]['gp_content'], 'LISTX' =>$listfdd )); } } else $ll="no"; $db->sql_freeresult($resultm); include("arc.php"); $template->set_filenames(array( 'box' => 'main.tpl' ),'',''); break; case "arcall": $tt="all"; include("arc.php"); $template->set_filenames(array( 'box' => 'marc.tpl' ),'',''); break; case "banner": $template->set_filenames(array( 'box' => 'banner.tpl' ),'',''); break; case "sitemap": $template->set_filenames(array( 'box' => 'sitemap.tpl' ),'',''); break; case "cart": /* include($root_path.'cartindex.php'); $template->assign_vars(array( 'OVER12' => "on", 'INTABLE' => $cart->formatted_cart() )); //include_once($root_path.'menu.php'); $template->assign_vars(array( 'MENU' => $MENU , 'ISEARCH' => $isearch , 'BGSEARCH' =>$ss )); $template->assign_var_from_handle('DETAILS', 'details'); $template->set_filenames(array( 'main_page' => 'index.tpl' ),$spare); $template->set_filenames(array( 'box' => 'main_use2.tpl' ),$spare); */ break; case "addcart": if(isset($memberdata['mid'])){ include('cartindex.php'); $template->set_filenames(array( 'box' => 'addcart.tpl' ),'',''); } else { alert_javascript("หากท่านยังไม่มี Login ของบ้านปิุ่่นโตกรุณาสมัครก่อนค่ะ"); Replace_location("register.html"); } /* include($root_path.'cartindex.php'); $template->assign_vars(array( 'OVER12' => "on", 'INTABLE' => $cart->formatted_cart() )); //include_once($root_path.'menu.php'); $template->assign_vars(array( 'MENU' => $MENU , 'ISEARCH' => $isearch , 'BGSEARCH' =>$ss )); $template->assign_var_from_handle('DETAILS', 'details'); $template->set_filenames(array( 'main_page' => 'index.tpl' ),$spare); $template->set_filenames(array( 'box' => 'main_use2.tpl' ),$spare); */ break; } $template->assign_vars(array( 'BANNER' => $banner )); $template->set_filenames(array( 'main_page' => 'index.tpl' ),'',''); $template->assign_var_from_handle('MAIN', 'box'); $template->pparse('main_page'); ?>