WooYun.org

ecisp_home_seccode
ecisp_member_username
ecisp_member_info

function member_cookieview($keyword = false) {
		$retrunstr = array();
		$retrunstr['username'] = $this->fun->eccode($this->fun->accept('ecisp_member_username', 'C'), 'DECODE', db_pscode);
		$user_info = explode('|', $this->fun->eccode($this->fun->accept('ecisp_member_info', 'C'), 'DECODE', db_pscode));
		list($retrunstr['userid'], $retrunstr['alias'], $retrunstr['integral'], $retrunstr['mcid'], $retrunstr['email'], $retrunstr['lastip'], $retrunstr['ipadd'], $retrunstr['useragent'], $retrunstr['adminclassurl']) = $user_info;
		$retrunstr['userid'] = intval($retrunstr['userid']);
		$retrunstr['integral'] = intval($retrunstr['integral']);
		$retrunstr['mcid'] = intval($retrunstr['mcid']);
		return !$keyword ? $retrunstr : $retrunstr[$keyword];
	}

function in_center() {
		if ($this->CON['mem_isucenter']) {
			include_once admin_ROOT . 'public/uc_client/client.php';
		}
		parent::start_pagetemplate();
		parent::member_purview();
		$lng = (admin_LNG == 'big5') ? $this->CON['is_lancode'] : admin_LNG;
		$db_where = "userid=$this->ec_member_username_id AND username='$this->ec_member_username' ";
		echo $db_where;
		$db_table1 = db_prefix . 'member AS a';
		$db_table2 = db_prefix . 'member_value AS b';
		$db_sql = "SELECT * FROM $db_table1 LEFT JOIN $db_table2 ON a.userid = b.userid  WHERE a.userid = $this->ec_member_username_id ";
		$rsMember = $this->db->fetch_first($db_sql);
		$rsMember['userid'] = $this->ec_member_username_id;
		$rsMember['rankname'] = $this->get_member_purview($rsMember['mcid'], 'rankname');
		$userid = intval($rsMember['userid']);
		if (empty($userid)) {
			exit('user err!');
		}
		$db_table = db_prefix . "order";
		$db_where = " WHERE userid=$userid";
		$db_where2 = " WHERE userid=$userid and ordertype=1";
		$db_where3 = " WHERE userid=$userid and ordertype=3";
		$this->pagetemplate->assign('ordernum', $this->db_numrows($db_table, $db_where));
		$this->pagetemplate->assign('ordernum2', $this->db_numrows($db_table, $db_where2));
		$this->pagetemplate->assign('ordernum3', $this->db_numrows($db_table, $db_where3));
		$db_table = db_prefix . "bbs";
		$db_where = " WHERE userid=$userid";
		$this->pagetemplate->assign('messagenum', $this->db_numrows($db_table, $db_where));
		$templatesDIR = $this->get_templatesdir('member');
		$templatefilename = $lng . '/' . $templatesDIR . '/member_center';
		$this->pagetemplate->assign('out', 'center');
		$this->pagetemplate->assign('mlink', $this->mlink);
		$this->pagetemplate->assign('member', $rsMember);
		$this->pagetemplate->assign('path', 'member');
		unset($rsMember, $mlink, $LANPACK, $this->lng);
		$this->pagetemplate->display($templatefilename, 'center', false, null, admin_LNG);
	}

$this->fun->setcookie('ecisp_member_info', $this->fun->eccode("500|$rsMember[alias]|$rsMember[integral]|$rsMember[mcid]|$rsMember[email]|$rsMember[lastip]|$ipadd|" . md5($_SERVER['HTTP_USER_AGENT']) . '|' . md5(admin_ClassURL), 'ENCODE', db_pscode));