1337 3YP455 5H311
:
216.73.216.0
:
119.59.104.17 / www.hrdigest.co.th
:
Linux re1.hostinglotus.net 4.18.0-553.58.1.el8_10.x86_64 #1 SMP Wed Jun 25 06:37:46 EDT 2025 x86_64
:
/
home
/
hrdigest
/
public_html
/
admin
/
UP104D F1L3:
files >> /home/hrdigest/public_html/admin/vdo.php
<? // *****Copy right 2003 ,TNS NETWORK LTD.,PART.***** // require("../inc/function_admin.php"); $mem = checkid(); if($_GET[action] == "Delete"){ if(!empty($_GET[im])){ @unlink("../vdo/$_GET[im]"); } if(!empty($_GET[f])){ @unlink("../vdo/$_GET[f]"); } mysql_query("Delete From `vdo` Where `id_vdo` = '$_GET[id]' "); header("Location: vdo.php?cid=$_GET[cid]&cname=$_GET[cname]"); }elseif($_GET[action] == "Remove"){ if(!empty($_GET[f])){ @unlink("../vdo/$_GET[f]"); } mysql_query("Update `vdo` Set `$_GET[na]` = '' Where `id_vdo` = '$_GET[i]' "); header("Location: vdo.php?cid=$_GET[cid]&cname=$_GET[cname]&action=Edit&id=$_GET[i]"); } if(!empty($_POST[action])){ // Start Program Update And Insert Data Base $a_in = ""; $b_in = ""; $a_up = ""; $fields = array_keys($_POST); for($i = 0; $i < count($fields); $i++){ $actual_var = $fields[$i]; $actual_val = ($_POST[$actual_var]); $actual_val = ($actual_val); if($actual_var <> "id"){ if($actual_var <> "image"){ if($actual_var <> "action"){ if($actual_var <> "Submit"){ $a_in .= " `$actual_var` ,"; $b_in .= " '$actual_val' ,"; $a_up .= " `$actual_var` = '$actual_val' ,"; } } } } } $a_in = substr($a_in,0,-1); $b_in = substr($b_in,0,-1); $a_up = substr($a_up,0,-1); $fields = array_keys($_FILES); for($i = 0; $i < count($fields); $i++){ $Picture = $fields[$i]; $$Picture = $_FILES[$Picture][tmp_name]; $$Picture_size = $_FILES[$Picture][size]; if(!empty($$Picture)){ $$Picture_name = date("ymdHis_") . str_replace(" ","",$_FILES[$Picture][name]); if(!empty($image[$Picture])){ @unlink("../vdo/$image[$Picture]"); } copy($$Picture , "../vdo/" . $$Picture_name); $a_in .= " , `$Picture`"; $b_in .= " , '" . $$Picture_name . "'"; $a_up .= " , `$Picture` = '" . $$Picture_name . "'"; } } //echo $a_in; //echo "<br>"; //echo $b_in; //echo "<br>"; //echo $a_up; if($_POST[action] == "Add"){ mysql_query("Insert Into `vdo` ( $a_in ) Values ( $b_in )"); header("Location: vdo.php?cid=$_GET[cid]&cname=$_GET[cname]"); }elseif($_POST[action] == "Update"){ mysql_query("Update `vdo` Set $a_up Where `id_vdo` = '$_POST[id]' "); header("Location: vdo.php?cid=$_GET[cid]&cname=$_GET[cname]"); } } ?> <html> <head> <? require("../inc/title.php") ?> <link href="index.css" rel="stylesheet" type="text/css"> <script language="JavaScript" type="text/javascript" src="wysiwyg.js"></script> <script language="JavaScript"> <!-- function Remove(i,f,na){ if(confirm("คุณต้องการลบข้อมูลนี้หรือไม่ ?")){ if(confirm("ยืนยันการลบอีกครั้ง ?")){ location = "vdo.php?cid=<? echo $_GET[cid] ?>&cname=<? echo $_GET[cname] ?>&action=Remove&i=" + i + "&f=" + f + "&na=" + na; } } } function Delete(id,im,f){ if(confirm("คุณต้องการลบข้อมูลนี้หรือไม่ ?")){ if(confirm("ยืนยันการลบอีกครั้ง ?")){ location = "vdo.php?cid=<? echo $_GET[cid] ?>&cname=<? echo $_GET[cname] ?>&action=Delete&id=" + id + "&im=" + im + "&f=" + f; } } } --> </script> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> </head> <body bgcolor="#FFFFFF"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="top"><? top_page() ?></td> </tr> </table> <table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="200" valign="top" background="icon/bgbar.jpg"><? require("menu.php") ?></td> <td valign="top"><table width="95%" border="0" align="center" cellpadding="0" cellspacing="0" class="main"> <tr> <td valign="top" ><table width="100%" border="0" cellpadding="5" cellspacing="0" class="main"> <tr> <td width="90%"><b>:: <? echo $_GET[cname] ?> ::</b></td> <td align="right"><table width="46" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="20" valign="top"><a href="vdo.php?<? echo $version1 ?>"><img src="icon/version_01.gif" width="20" height="14" border="0"></a></td> <td width="6" valign="top"><img src="icon/version_02.gif" width="6" height="14"></td> <td width="20" valign="top"><a href="vdo.php?<? echo $version2 ?>"><img src="icon/version_03.gif" width="20" height="14" border="0"></a></td> </tr> </table></td> </tr> </table> <? if($_GET[action] != "Edit"){ ?> <table width="100%" border="0" cellpadding="0" cellspacing="0" class="main"> <tr> <td valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0" class="main"> <tr> <td valign="top"><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0" class="main"> <tr> <td valign="top"> <table width="100%" border="1" align="center" cellpadding="3" cellspacing="0" bordercolor="#6699CC" class="main"> <tr bgcolor="#cccccc"> <td width="120" bgcolor="#6699CC" class="main2"><b>Image</b></td> <td width="150" bgcolor="#6699CC" class="main2"><b>Topic</b></td> <td width="" bgcolor="#6699CC" class="main2"><b>Text</b></td> <td width="50" bgcolor="#6699CC" class="main2" align="center"><b>Option</b></td> </tr> <? $result = mysql_query("Select * From `vdo` Where `id_menu` = '$_GET[cid]' Order By `vdo_sort` Asc , `id_vdo` Desc "); while($row = mysql_fetch_array($result)){ ?> <tr> <td valign="top"> <? if(isset($row[vdo_image])){ echo "<img src='../vdo/$row[vdo_image]' border='0' />"; } ?> </td> <td valign="top"><? echo $row[vdo_topic] ?> </td> <td valign="top"><? echo $row[vdo_text] ?> <br> <? echo $row[vdo_text1] ?></td> <td valign="top" align="center"><img style="cursor:pointer;" src="images/edit2.gif" border="0" onClick="location='vdo.php?cid=<? echo $_GET[cid] ?>&cname=<? echo $_GET[cname] ?>&action=Edit&id=<? echo $row[id_vdo] ?>';" /> <img style="cursor:pointer;" src="images/delete2.gif" border="0" onClick="Delete('<? echo $row[id_vdo] ?>','<? echo $row[vdo_image] ?>','<? echo $row[vdo_name] ?>')" /></td> </tr> <? } // End While ?> </table></td> </tr> </table> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><hr size="1" width="95%"></td> </tr> </table></td> </tr> </table></td> </tr> </table> <form name="post_form" method="post" action="" enctype="multipart/form-data"> <table width="100%" border="0" cellpadding="2" cellspacing="5" class="main1" style="border:1px solid #cccccc;"> <tr> <td width="80" valign="top">1. Topic</td> <td valign="top"><input type="text" name="vdo_topic" class="main1" style="width:350px" /></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td valign="top">2. Text Name</td> <td valign="top"><textarea name="vdo_text" class="main1" id="vdo_text" style="width:350px;"></textarea> <script language="javascript1.2">generate_wysiwyg('vdo_text','455','200');</script></td> </tr> <tr> <td height="10" colspan="2" valign="top"> </td> </tr> <tr> <td width="100" valign="top">3. Text</td> <td valign="top"><textarea name="vdo_text1" class="main1" id="vdo_text1" style="width:350px;"></textarea> <script language="javascript1.2">generate_wysiwyg('vdo_text1','455','200');</script></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td>4. Image </td> <td valign="top"><input name="vdo_image" type="file" class="main1" id="vdo_image" size="30"> <font color="#FF0000">*.jpg , .gif or .png</font></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td>5. Vdo </td> <td valign="top"><input name="vdo_name" type="file" class="main1" id="vdo_name" size="30"> <font color="#FF0000">* .wmv</font></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td>6. Sort Data </td> <td valign="top"><input name="vdo_sort" type="text" class="main1" id="vdo_sort" style="width:350px;" value="0"> <font color="#FF0000">*เลขน้อยอยู่บน</font></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td valign="top"></td> <td align="left" valign="top"><input type="submit" name="Submit" value=" Submit " class="main1" /> <input name="action" type="hidden" id="action" value="Add" /> <input name="date" type="hidden" id="date" value="<? echo date("Y-m-d") ?>" /> <input name="time" type="hidden" id="time" value="<? echo date("H:i:s") ?>" /> <input name="id_menu" type="hidden" id="id_menu" value="<? echo $_GET[cid] ?>"></td> </tr> </table> </form> <? }elseif($_GET[action] == "Edit"){ $row = mysql_fetch_array(mysql_query("Select * From `vdo` Where `id_vdo` = '$_GET[id]' ")); ?> <form name="post_form" method="post" action="" enctype="multipart/form-data"> <table width="100%" border="0" align="center" cellpadding="5" cellspacing="0" class="main"> <tr> <td><b>:: Edit Data ::</b></td> </tr> </table> <table width="100%" border="0" cellpadding="0" cellspacing="5" class="main1" style="border:1px solid #cccccc;"> <tr> <td width="100" valign="top">1 Topic</td> <td valign="top"><input type="text" name="vdo_topic" class="main1" value="<? echo $row[vdo_topic] ?>" style="width:350px;" /></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td valign="top">2. Text Name</td> <td valign="top"><textarea name="vdo_text" class="main1" id="vdo_text" style="width:350px;"><? echo $row[vdo_text] ?></textarea> <script language="javascript1.2">generate_wysiwyg('vdo_text','455','200');</script></td> </tr> <tr> <td height="10" colspan="2" valign="top"> </td> </tr> <tr> <td valign="top">3. Text</td> <td valign="top"><textarea name="vdo_text1" class="main1" id="vdo_text1" style="width:350px;"><? echo $row[vdo_text1] ?></textarea> <script language="javascript1.2">generate_wysiwyg('vdo_text1','455','200');</script></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td>4. Image </td> <td valign="top"><table border="0" cellpadding="0" cellspacing="0" class="main1"> <tr> <td><input name="vdo_image" type="file" class="main1" id="vdo_image" size="30" /></td> <td> <? if(!empty($row[vdo_image])){ ?> <img src="icons/insert_picture.gif" onClick="window.open('../vdo/<? echo $row[vdo_image] ?>')" onMouseOver="src='icons/insert_picture_on.gif' " onMouseOut="src='icons/insert_picture.gif' " style="cursor:pointer;" alt="View Image" /><img src="icons/delete_picture.gif" onClick="Remove('<? echo $row[id_vdo] ?>' , '<? echo $row[vdo_image] ?>' , 'vdo_image')" onMouseOver="src='icons/delete_picture_on.gif' " onMouseOut="src='icons/delete_picture.gif' " style="cursor:pointer;" alt="Delete Image" /> <? } ?> </td> <td> <font color="#FF0000">*.jpg .gif or .png</font></td> </tr> </table></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td>5. Vdo </td> <td valign="top"><table border="0" cellpadding="0" cellspacing="0" class="main1"> <tr> <td><input name="vdo_name" type="file" class="main1" id="vdo_name" size="30" /></td> <td> <? if(!empty($row[vdo_name])){ ?> <img src="icons/delete_picture.gif" onClick="Remove('<? echo $row[id_vdo] ?>' , '<? echo $row[vdo_name] ?>' , 'vdo_name')" onMouseOver="src='icons/delete_picture_on.gif' " onMouseOut="src='icons/delete_picture.gif' " style="cursor:pointer;" alt="Delete Image" /> <? } ?> </td> <td> <font color="#FF0000">* .wmv</font></td> </tr> </table></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td>6. Sort Data </td> <td valign="top"><input name="vdo_sort" type="text" class="main1" id="vdo_sort" style="width:350px;" value="<? echo $row[vdo_sort] ?>" /> <font color="#FF0000">*เลขน้อยอยู่บน</font></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td width="100" valign="top"></td> <td align="left" valign="top"><input type="submit" name="Submit" value=" Update " class="main1" /> <input type="button" name="Submit" value=" Cancel " class="main1" onClick="location='vdo.php?cid=<? echo $_GET[cid] ?>&cname=<? echo $_GET[cname] ?>' " /> <input name="action" type="hidden" id="action" value="Update" /> <input name="id" type="hidden" id="id" value="<? echo $row[id_vdo] ?>" /> <input name="image[vdo_image]" type="hidden" id="image[vdo_image]" value="<? echo $row[vdo_image] ?>" /> <input name="image[vdo_name]" type="hidden" id="image[vdo_name]" value="<? echo $row[vdo_name] ?>" /></td> </tr> </table> </form> <? } ?> </td> </tr> </table></td> </tr> </table> </body> </html>
1337r0j4n | 13379H0575 53CURI7Y 734M