<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%> <%@include file="/include/db/db_connect.jsp"%> <%@include file="/include/function/function.jsp"%> <%request.setCharacterEncoding("utf-8");%> <% String c_id = r_call(request.getParameter("c_id")); String c_pass = r_call(request.getParameter("c_pass")); String c_email_ok = r_call(request.getParameter("c_email_ok")); String c_name = r_call(request.getParameter("c_name")); String c_phone = r_call(request.getParameter("c_phone")); String sql= "select * from tbl_member where c_id= '"+ c_id +"' and c_use = 0 "; ResultSet rs=stmt.executeQuery(sql); if(rs.next()){ if(rs.getInt("c_rand") == 0){ %> <% }else{ String sql_ok = "update tbl_member set c_pass = SHA2('" + c_pass + "',512), c_phone = '"+ c_phone +"', c_name= '"+ c_name +"',c_rand=0,c_date = now(),c_home='',c_photo='' where c_id = '"+ c_id +"' and c_use = 0"; stmt2.execute(sql_ok); %> <% } }else{ String sql_ok2 = "update tbl_member set c_pass = SHA2('" + c_pass + "',512), c_phone = '"+ c_phone +"', c_name= '"+ c_name +"',c_rand=0,c_date = now(),c_home='',c_photo='' where c_id = '"+ c_id +"' and c_use = 0"; sql_ok2 = "insert into tbl_member (c_id,c_pass,c_phone,c_name,c_date,c_use)values('"+ c_id +"',SHA2('" + c_pass + "',512),'"+ c_phone +"', '"+ c_name +"',now(),0)"; stmt2.execute(sql_ok2); %> <% } rs.close(); %> <%@include file="/include/db/db_close.jsp"%>