000-JZTXT

if(@!eregi( $_SERVER[ 'SERVER_NAME' ], $_SERVER[ 'HTTP_REFERER' ] )){    
    js_alert("疑似csrf攻击！购买失败！",'#');
    exit;
}
else{
    $username = $_SESSION['username'];
    if(isset($_POST['checkbox'])){
        $checkbox = $_POST['checkbox'];
        echo "<font size=5>".$username."用户您好！您购买的订单如下:</font><br><br>";
        echo "<font size=4>".implode(',',$checkbox)."</font>";
    }else{
        js_alert("请选择您需要购买的商品！",'#');
    }
 
}