1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
|
<?php header('Content-Type: text/html; charset=UTF-8'); ?>
<?php
require_once ("../webadmin/configure.php");
error_reporting(E_ALL);
ini_set("display_errors", 0);
$langcode = $_SESSION["langcode"];
$_SESSION["check_series_code"] = $_POST["series"];
$_SESSION["check_model_code"] = $_POST["model"];
$_SESSION["check_serial_number"] = $_POST["serial_number"];
$_SESSION["check_email"] = $_POST["email"];
if($_SESSION["langcode"] == "tc"){
$nowdate = date("Y-m-d H:i:s");
$ara = explode("|", $_SESSION['vCode']);
$verification = $_POST['verification'];
if ($ara[0] == $verification) {
//if (true) {
$series = $_POST["series"];
$model = $_POST["model"];
$serial_number = $_POST["serial_number"];
$email = $_POST["email"];
/*$_SESSION["check_series_code"];
$_SESSION["check_model_code"];
$_SESSION["check_serial_number"];
$_SESSION["check_email"];*/
//data decryption
//include('phpseclib0.3.6/Crypt/RSA.php');
set_include_path(get_include_path() . PATH_SEPARATOR . 'phpseclib0.3.6');
include('Crypt/RSA.php');
$rsa = new Crypt_RSA();
$private_key = "MIICXAIBAAKBgQDH0i//hwmPSCUNAS9UiD3wSH43NxwRKwGtHQKGarANuYNacSXb +rS2N0WKihz+aSkevePj5GZPtu21Fpx0Tt541DBlUrYL0vPK4S6QUX8I5vsOQ/Xu Iyh9NKcD2fbmf/1QrC+q7pv6xa6ctaV8u1RPGI7CAIPtMCrh9Pbg+EFo0wIDAQAB AoGATSi2HRMtV1UR7YggGSG03SR5DGQs49o5/vldQL9QtTQF6zYW2u9fuZ71LO5x DLJZzQOhTJ4k/bIS7yLIjkboM4x75DlRpG14Umi+d2GePB+r9UiqeZ67Zh7OvKFU 1CIkNC2J9G0U2G4RSG2UAZKkimIofmptq7dXa5oYYNL74t0CQQDi4RHoxIhqh9mw rLxvawgcq6gseKuY5zEgJMHGtNQTIGqn1LgxCCwNx5473xc7jW6GQbgCtDVwGqeb VkejSSsFAkEA4XgGfrAFHSQdZ9+GkNsT+eZioX5wyxP78b3csTRPPii4NudJmyeu yHmmhhJV6fknQ9ZsYqLwHH3gJpzXeH/79wJAEL3S+H4oItRLeAIHFaGsQ5FXI5Dz +KB2u4x60BLf41ltBV1pChU0SwAD6R8ZM8fH9Bg9X9W0a8VLwOao+p+XkQJBANG3 MGNaGgeW9fsOAD5wZ85Dqm4IC6X4upmKPeJdg2+PtHjs/Jvid0JlVKzUFTGB3DHP GhVM9QWrV3jS3eBpOtUCQB6Fyf7bkMHxRwa2QLoB3bM/gvk0mJPCBFpILfI5RZZG XezjDt3Xo/MqppBr8nybC42OxjbID9ALPPe/VX9AVmA=";
$rsa->loadKey($private_key); // private key
//checking the model code and the serial number
$sql = "select * from customer_warranty where series_code=? and model_code=? and serial_number = ? and deleted=? and (region = ? or region = ?) order by lastupdate DESC";
if (!($sth = $dbh->prepare($sql))) {
throw new Exception('[' . $sth->errorCode() . ']: ' . print_r($sth->errorInfo()));
}
if (!$sth->execute(array($series, $model, $serial_number, "0" ,"HK", "MO"))) {
throw new Exception('[' . $sth->errorCode() . ']: ' . print_r($sth->errorInfo()));
}
$row = $sth->fetch(PDO::FETCH_ASSOC);
if($rsa->decrypt(base64_decode($row{"email"})) == $email){
$email_same = 1;
}else{
$email_same = 0;
}
if($sth->rowCount() > 0 && $email_same == 1){ //it is a valid of that product
unset($_SESSION["check_series_code"]);
unset($_SESSION["check_model_code"]);
unset($_SESSION["check_serial_number"]);
unset($_SESSION["check_email"]);
//list the result of checking
$_SESSION["this_customer_id"] = $row{"customer_id"};
//var_dump($_SESSION["this_customer_id"]);
header("Location: warranty_detail.php");
}else{
/*if(!isset($_SESSION["serial_numberber_error_time"])){
$_SESSION["serial_numberber_error_time"] = 1;
}else{
$_SESSION["serial_numberber_error_time"]++;
}
if($_SESSION["serial_numberber_error_time"] < 3){
echo "<script type='text/javascript'>
alert('您所輸入的產品序號無效');
history.back();
</script>";
exit;
}else{
echo "<script type='text/javascript'>
alert('您已多次輸入錯誤資料,請與我們聯絡!');
history.back();
</script>";
exit;
}*/
echo "<script type='text/javascript'>
alert('您所輸入的產品序號無效 或 部份資料出錯');
history.back();
</script>";
exit;
}
}else{
echo "<script type='text/javascript'>
alert('驗證碼錯誤!');
history.back();
</script>";
exit;
}
}else{
$nowdate = date("Y-m-d H:i:s");
$ara = explode("|", $_SESSION['vCode']);
$verification = $_POST['verification'];
if ($ara[0] == $verification) {
//if (true) {
$series = $_POST["series"];
$model = $_POST["model"];
$serial_number = $_POST["serial_number"];
$email = $_POST["email"];
//data decryption
set_include_path(get_include_path() . PATH_SEPARATOR . 'phpseclib0.3.6');
include('Crypt/RSA.php');
//include('phpseclib0.3.6/Crypt/RSA.php');
$rsa = new Crypt_RSA();
$private_key = "MIICXAIBAAKBgQDH0i//hwmPSCUNAS9UiD3wSH43NxwRKwGtHQKGarANuYNacSXb +rS2N0WKihz+aSkevePj5GZPtu21Fpx0Tt541DBlUrYL0vPK4S6QUX8I5vsOQ/Xu Iyh9NKcD2fbmf/1QrC+q7pv6xa6ctaV8u1RPGI7CAIPtMCrh9Pbg+EFo0wIDAQAB AoGATSi2HRMtV1UR7YggGSG03SR5DGQs49o5/vldQL9QtTQF6zYW2u9fuZ71LO5x DLJZzQOhTJ4k/bIS7yLIjkboM4x75DlRpG14Umi+d2GePB+r9UiqeZ67Zh7OvKFU 1CIkNC2J9G0U2G4RSG2UAZKkimIofmptq7dXa5oYYNL74t0CQQDi4RHoxIhqh9mw rLxvawgcq6gseKuY5zEgJMHGtNQTIGqn1LgxCCwNx5473xc7jW6GQbgCtDVwGqeb VkejSSsFAkEA4XgGfrAFHSQdZ9+GkNsT+eZioX5wyxP78b3csTRPPii4NudJmyeu yHmmhhJV6fknQ9ZsYqLwHH3gJpzXeH/79wJAEL3S+H4oItRLeAIHFaGsQ5FXI5Dz +KB2u4x60BLf41ltBV1pChU0SwAD6R8ZM8fH9Bg9X9W0a8VLwOao+p+XkQJBANG3 MGNaGgeW9fsOAD5wZ85Dqm4IC6X4upmKPeJdg2+PtHjs/Jvid0JlVKzUFTGB3DHP GhVM9QWrV3jS3eBpOtUCQB6Fyf7bkMHxRwa2QLoB3bM/gvk0mJPCBFpILfI5RZZG XezjDt3Xo/MqppBr8nybC42OxjbID9ALPPe/VX9AVmA=";
$rsa->loadKey($private_key); // private key
//checking the model code and the serial number
$sql = "select * from customer_warranty where series_code=? and model_code=? and serial_number = ? and deleted=? and (region = ? or region = ?) order by lastupdate DESC";
if (!($sth = $dbh->prepare($sql))) {
throw new Exception('[' . $sth->errorCode() . ']: ' . print_r($sth->errorInfo()));
}
if (!$sth->execute(array($series, $model, $serial_number, "0" ,"HK", "MO"))) {
throw new Exception('[' . $sth->errorCode() . ']: ' . print_r($sth->errorInfo()));
}
$row = $sth->fetch(PDO::FETCH_ASSOC);
if($rsa->decrypt(base64_decode($row{"email"})) == $email){
$email_same = 1;
}else{
$email_same = 0;
}
if($sth->rowCount() > 0 && $email_same == 1){ //it is a valid of that product
unset($_SESSION["check_series_code"]);
unset($_SESSION["check_model_code"]);
unset($_SESSION["check_serial_number"]);
unset($_SESSION["check_email"]);
//list the result of checking
$_SESSION["this_customer_id"] = $row{"customer_id"};
header("Location: warranty_detail.php");
}else{
/*if(!isset($_SESSION["serial_numberber_error_time"])){
$_SESSION["serial_numberber_error_time"] = 1;
}else{
$_SESSION["serial_numberber_error_time"]++;
}
if($_SESSION["serial_numberber_error_time"] < 3){
echo "<script type='text/javascript'>
alert('您所輸入的產品序號無效');
history.back();
</script>";
exit;
}else{
echo "<script type='text/javascript'>
alert('您已多次輸入錯誤資料,請與我們聯絡!');
history.back();
</script>";
exit;
}*/
echo "<script type='text/javascript'>
alert('The Serial Number you entered is not valid or wrong information');
history.back();
</script>";
exit;
}
}else{
echo "<script type='text/javascript'>
alert('Wrong Verification Code!');
history.back();
</script>";
exit;
}
}
?>
|