/
home
/
efamember
/
domains
/
efa-member.com
/
public_html
/
main
/
ajax
/
worker
/
up file
home
<?php include('../../../config/main_function.php'); $secure = "cAh3DrJACzw4RbU"; $connection = connectDB($secure); if ($connection) { //// changeDate -543 y function changeDate($date) { if ($date != null) { list($day, $month, $year) = explode('/', $date); if ($year > 2300) { $year -= 543; } $newDate = "$year-$month-$day"; } else { $newDate = null; } return $newDate; } ///// resize image function imageUpload($image, $imagename) { $maxWidth = 1200; $maxHeight = 800; $status = ""; if (getimagesize($image)) { // Open the original image $originalImage = imagecreatefromjpeg($image); // Get the dimensions of the original image $originalWidth = imagesx($originalImage); $originalHeight = imagesy($originalImage); // Calculate the new dimensions to maintain the 4:3 aspect ratio $aspectRatio = 4 / 3; $newWidth = min($maxWidth, $originalWidth); $newHeight = min($maxHeight, $originalHeight); if ($newWidth / $newHeight > $aspectRatio) { $newWidth = $newHeight * $aspectRatio; } else { $newHeight = $newWidth / $aspectRatio; } // Create a blank canvas for the resized image $resizedImage = imagecreatetruecolor($newWidth, $newHeight); // Resize and crop the image imagecopyresampled( $resizedImage, $originalImage, 0, 0, // Destination coordinates (top-left corner) 0, 0, // Source coordinates (top-left corner) $newWidth, $newHeight, // Destination dimensions $originalWidth, $originalHeight // Source dimensions ); // Save the resized image (you can change the format as needed) $outputFile = "../../../main/upload/join/" . $imagename; imagejpeg($resizedImage, $outputFile); // Free up memory imagedestroy($originalImage); imagedestroy($resizedImage); $status = 200; } else { $status = 500; } return $status; } // Post Input // member $member_id = getRandomID2(10, 'tbl_member', 'member_id'); $title_name = mysqli_real_escape_string($connection, $_POST['title_name']); $member_name = mysqli_real_escape_string($connection, $_POST['member_name']); $member_name_en = mysqli_real_escape_string($connection, $_POST['member_name_en']); $race = mysqli_real_escape_string($connection, $_POST['country']); $birth_date = changeDate(mysqli_real_escape_string($connection, $_POST['birth_date'])); $citizen_no = mysqli_real_escape_string($connection, $_POST['citizen_no']); $card_expire_date = changeDate(mysqli_real_escape_string($connection, $_POST['card_expire_date'])); $work_permit = mysqli_real_escape_string($connection, $_POST['work_permit']); $work_expire_date = changeDate(mysqli_real_escape_string($connection, $_POST['work_expire_date'])); $visa_no = mysqli_real_escape_string($connection, $_POST['visa_no']); $visa_expire_date = changeDate(mysqli_real_escape_string($connection, $_POST['visa_expire_date'])); $card_address = mysqli_real_escape_string($connection, $_POST['card_address']); $card_district_id = mysqli_real_escape_string($connection, $_POST['card_district_id']); $phone = mysqli_real_escape_string($connection, $_POST['phone']); $email = mysqli_real_escape_string($connection, $_POST['email']); $approver = mysqli_real_escape_string($connection, $_POST['approver']); ///company $company_name = mysqli_real_escape_string($connection, $_POST['company_name']); $company_tax_no = mysqli_real_escape_string($connection, $_POST['company_tax_no']); $license_no = mysqli_real_escape_string($connection, $_POST['license_no']); $license_expire_date = changeDate(mysqli_real_escape_string($connection, $_POST['license_expire_date'])); $position = mysqli_real_escape_string($connection, $_POST['position']); $company_address = mysqli_real_escape_string($connection, $_POST['company_address']); $company_district_id = mysqli_real_escape_string($connection, $_POST['company_district_id']); $company_phone = mysqli_real_escape_string($connection, $_POST['company_phone']); $company_email = mysqli_real_escape_string($connection, $_POST['company_email']); $company_line = mysqli_real_escape_string($connection, $_POST['company_line']); $company_web = mysqli_real_escape_string($connection, $_POST['company_web']); /// invoice $invoice_name = mysqli_real_escape_string($connection, $_POST['invoice_name']); $invoice_tax = mysqli_real_escape_string($connection, $_POST['invoice_tax']); $invoice_address = mysqli_real_escape_string($connection, $_POST['invoice_address']); $invoice_district = mysqli_real_escape_string($connection, $_POST['invoice_district']); $invoice_phone = mysqli_real_escape_string($connection, $_POST['invoice_phone']); $invoice_email = mysqli_real_escape_string($connection, $_POST['invoice_email']); $register_status = mysqli_real_escape_string($connection, $_POST['register_status']); $register_type = mysqli_real_escape_string($connection, $_POST['register_type']); $register_id = mysqli_real_escape_string($connection, $_POST['register_id']); $member_level = ""; if ($register_id == 1) { $member_level = "g9k1s"; } // ทั่วไป else if ($register_id == 2) { $member_level = "x9fkq"; } // สมาชิกสามัญ else if ($register_id == 3) { $member_level = "kki22"; } // วิสมาชิกสามัญ else if ($register_id == 4) { $member_level = "6foes"; } // กิติมาศักดิ์ if (@$_POST['checkboxaddress'] == "on") { $company_district_id = $card_district_id; } $update_user = mysqli_real_escape_string($connection, $_POST['ref_member_id']); // $temp_update_id = explode(".", $update_user); // echo $update_user = bigsara_decode($temp_update_id[0], $temp_update_id[1]); //////////////////// Encrypt password //////////////////// $username = mysqli_real_escape_string($connection, $_POST['username']); $password = mysqli_real_escape_string($connection, $_POST['password']); $randomNumber = rand(5, 10); $secure_text = randomCode($randomNumber); $secure_pointer = rand(0, 9); $secure_text2 = $secure_text; $mypassword = stringInsert($password, $secure_text, $secure_pointer); $identification_code = getRandomID(20, 'tbl_member', 'identification_code'); $identificate_datetime = date('Y-m-d H:i:s'); //////////////////////////////////////////////////////////////////////////////// //////////////////////////// Encrypt data ///////////////////////////// // $sql_system = "SELECT * FROM tbl_system_setting WHERE setting_id = '1';"; // $rs_system = mysqli_query($connection, $sql_system); // $row_system = mysqli_fetch_array($rs_system); // $key = $row_system['secure_text']; // $pointer = $row_system['secure_pointer']; // $member_name = bigsara_encode($member_name, $key, $pointer); // $member_name_en = bigsara_encode($member_name_en, $key, $pointer); // $citizen_no = bigsara_encode($citizen_no, $key, $pointer); // $phone = bigsara_encode($phone, $key, $pointer); // $fax = bigsara_encode($fax, $key, $pointer); // $email = bigsara_encode($email, $key, $pointer); // $company_phone = bigsara_encode($company_phone, $key, $pointer); // $company_email = bigsara_encode($company_email, $key, $pointer); // $company_line = bigsara_encode($company_line, $key, $pointer); // $company_web = bigsara_encode($company_web, $key, $pointer); ////////////////////////////////////////////////////////////////////////////// if ($_FILES['profile_image'] != "") { $tmpFilePath_1 = $_FILES['profile_image']['tmp_name']; $file_1 = explode(".", $_FILES['profile_image']['name']); $count1 = count($file_1) - 1; $file_surname_1 = $file_1[$count1]; $profile_image = md5(date('mds') . rand(111, 999) . date("hsid") . rand(111, 999)) . "." . $file_surname_1; $target_file = "../../../main/upload/join/" . $profile_image; if (move_uploaded_file($_FILES["profile_image"]["tmp_name"], $target_file)) { $insert_image = ",profile_image = '$profile_image'"; } else { $insert_image = ""; } } else { $insert_image = ""; } if (empty($birth_date)) { $birthDate = ""; } else { $birthDate = ",birth_date = '$birth_date'"; } if (empty($card_district_id)) { $card_district = ""; } else { $card_district = ",card_district_id = '$card_district_id'"; } if (empty($card_register_date)) { $card_register = ""; } else { $card_register = ",card_register_date = '$card_register_date'"; } if (empty($card_expire_date)) { $card_expire = ""; } else { $card_expire = ",card_expire_date = '$card_expire_date'"; } if (empty($company_district_id)) { $company_district = ""; } else { $company_district = ",company_district_id = '$company_district_id'"; } if (empty($license_expire_date)) { $license_expire = ""; } else { $license_expire = ",license_expire_date = '$license_expire_date'"; } if (empty($work_register_date)) { $work_register = ""; } else { $work_register = ",work_register_date = '$work_register_date'"; } if (empty($work_expire_date)) { $work_expire = ""; } else { $work_expire = ",work_expire_date = '$work_expire_date'"; } if (empty($visa_expire_date)) { $visa_expire = ""; } else { $visa_expire = ",visa_expire_date = '$visa_expire_date'"; } if (empty($username)) { $username = ""; } else { $username = ",username = '$username'"; } if (empty($password)) { $inset_password = ""; } else { $mypassword = stringInsert(md5($password), $secure_text, $secure_pointer); $inset_password = ",password = '$mypassword'"; } $year = date('y') + 43; $register_no = getRunNO(6, 'EFA' . $year . '-', 'tbl_member', 'register_no'); $insert_user = "INSERT INTO tbl_member SET member_id = '$member_id' $username $inset_password ,secure_text = '$secure_text' ,secure_pointer = '$secure_pointer' ,identification_code = '$identification_code' ,identificate_datetime = '$identificate_datetime' ,register_type = '$register_type' ,register_level = '$member_level' ,name_th = '$member_name' ,name_en = '$member_name_en' $birthDate ,phone = '$phone' ,member_group = '$register_type' ,company_name = '$company_name' ,register_status = '1' ,update_user = '$update_user' ,ref_member_id = '$update_user' ,register_no='$register_no' "; $rs_insert_user = mysqli_query($connection, $insert_user); if ($rs_insert_user) { $insert = "INSERT INTO tbl_member_detail SET member_id = '$member_id' ,title_name = '$title_name' ,member_name = '$member_name' ,member_name_en = '$member_name_en' ,race = '$race' $birthDate $insert_image ,citizen_no = '$citizen_no' ,card_address = '$card_address' $card_district $card_register $card_expire ,phone = '$phone' ,email = '$email' ,company_name = '$company_name' ,company_tax_no = '$company_tax_no' ,position = '$position' ,company_address = '$company_address' $company_district ,company_phone = '$company_phone' ,company_email = '$company_email' ,company_line = '$company_line' ,company_web = '$company_web' ,license_no = '$license_no' $license_expire ,work_permit = '$work_permit' $work_register $work_expire ,approver = '$approver' "; $rs_insert = mysqli_query($connection, $insert); if ($rs_insert) { ///////////////// save document ///////////////// $no = 1; for ($i = 0; $i < count($_FILES["document_file"]["name"]); $i++) { $file = explode(".", $_FILES['document_file']['name'][$i]); $file_num = count($file) - 1; $file_surname = $file[$file_num]; $document = md5(date('mds') . rand(111, 999) . date("hsid") . rand(111, 999)) . "." . $file_surname; $target_file = "../../../main/upload/join/file/" . $document; if (move_uploaded_file($_FILES["document_file"]["tmp_name"][$i], $target_file)) { $document_id = getRandomID2(10, 'tbl_member_document', 'document_id'); $update = "INSERT INTO tbl_member_document SET document_id = '$document_id' ,member_id = '$member_id' ,document_file_name = '$document' ,document_list_order = '$no' "; $res_update = mysqli_query($connection, $update); } $no++; } ////////////////////////////////////////////////////// $invoice_number = getRunNO($size = 4, "INV" . $text = date('y') + 43. . date('m'), 'tbl_member_payment', 'invoice_number'); $payment_id = getRandomID(10, 'tbl_member_payment', 'payment_id'); $gb_ref_no = getRandomID2(15, 'tbl_member_payment', 'gb_ref_no'); $sql_package = "SELECT * FROM tbl_package_price WHERE member_type = '$member_level'"; $rs_package = mysqli_query($connection, $sql_package); $row_package = mysqli_fetch_array($rs_package); $payment_insert = "INSERT INTO tbl_member_payment SET payment_id = '$payment_id' ,member_id = '$member_id' ,gb_ref_no = '$gb_ref_no' ,member_level = '$member_level' ,payment_amount = '{$row_package['unit_price']}' ,invoice_name = '$invoice_name' ,invoice_number = '$invoice_number' ,invoice_taxnumber = '$invoice_tax' ,invoice_address = '$invoice_address' ,invoice_district = '$invoice_district' ,invoice_phone = '$invoice_phone' ,invoice_email = '$invoice_email' "; $rs_payment_insert = mysqli_query($connection, $payment_insert); if ($rs_payment_insert) { $arr['register_type'] = $register_type; $arr['register_level'] = $member_level; $arr['status'] = 200; $arr['message'] = "ดำเนินการสำเร็จ"; } else { $arr['status'] = 500; $arr['message'] = "เกิดข้อผิดพลาด ไม่สามารถบันทึกการชำระเงินได้"; } } else { $arr['status'] = 500; $arr['message'] = "เกิดข้อผิดพลาด ไม่สามารถบันทึกรายละเอียดสมาชิกได้"; } } else { $arr['status'] = 500; $arr['message'] = "เกิดข้อผิดพลาด ไม่สามารถบันทึกข้อมูลสมาชิกได้"; } } else { $arr['status'] = 503; $arr['message'] = "เกิดข้อผิดพลาด ไม่สามารถเชื่อมต่อได้"; } echo json_encode($arr);