403Webshell
Server IP : 119.59.102.212  /  Your IP : 3.141.244.88
Web Server : Apache/2
System : Linux narin 2.6.32-042stab142.1 #1 SMP Tue Jan 28 23:44:17 MSK 2020 x86_64
User : yangkam ( 1022)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/yangkam/domains/yangkam.go.th/public_html/coremain/module/link/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/yangkam/domains/yangkam.go.th/public_html/coremain/module/link/edit_link.php
<?php
if(id_sub_permission($id_sub)!=1){	
	permission_fail();			
}
$navig['link']=$data_name_menu_sub['name'];
$navig['edit_link']="แก้ไขรายละเอียด";
navigator($navig);
echo "<br>";
bar_header("แก้ไขรายละเอียด"); // Bar_Header
fieldset_top("ลิงค์");

echo "<br>";
import_request_variables('pG', 'p_');
if($p_id_group!="")							{  $id_group=trim($p_id_group);												}
if($p_update_link_g!="")					{  $update_link_g=trim($p_update_link_g);							}
if($p_update_link_gclick!="")			{  $update_link_gclick=trim($p_update_link_gclick);			}

if($p_id_link!="")								{  $id_link=trim($p_id_link);												}
if($p_update_link_s!="")					{  $update_link_s=trim($p_update_link_s);							}
if($p_update_link_sclick!="")			{  $update_link_sclick=trim($p_update_link_sclick);			}
if($p_topic!="")									{  $topic=trim($p_topic);															}
if($p_link!="")										{  $link=trim($p_link);																}	
if($p_name_group!="")					{  $name_group=trim($p_name_group);								}
if($p_link_url!="")								{  $link_url=trim($p_link_url);													}
if($p_check_pic1!="")						{  $check_pic1=trim($p_check_pic1);									}
if($p_check_pic2!="")						{  $check_pic2=trim($p_check_pic2);									}
if($p_check_pic3!="")						{  $check_pic3=trim($p_check_pic3);									}

$userfile1_name=trim($_FILES['userfile1']['name']);
$userfile2_name=trim($_FILES['userfile2']['name']);
$userfile3_name=trim($_FILES['userfile3']['name']);



// ################################################# แก้ไขหัวข้อลิงค์
if ($id_group != "" && $update_link_g == "1" && $update_link_gclick == "1") {
  $sql = "UPDATE `cms_link_group` SET `name_group` = '$name_group' WHERE `id_group` = '$id_group'";
  $result = mysql_query($sql);
  echo "<br><br><center>ข้อมูลได้ถูกแก้ไขแล้ว</center><br><br>";
  echo"<meta http-equiv='refresh' content='2; url=index.php?mod=link&path=link'>";
}

// ############################################## แก้ไขส่วนย่อยลิงค์
// ######## เอาไฟล์ออกจากระบบ #######
			if ($check_pic1 == "1" && $userfile1_name == "") {
			  check_pic_out("cms_link", "picture", "$id_link", "$_SESSION[web_name]/mainfile", "id_link");
			  $sql = "UPDATE `cms_link` SET `picture` = ''  WHERE `id_link` = '$id_link'";
			  $result = mysql_query($sql) or die(mysql_error());
			}
			if ($check_pic2 == "1" && $userfile2_name == "") {
			  check_pic_out("cms_link", "picture1", "$id_link", "$_SESSION[web_name]/mainfile", "id_link");
			  $sql = "UPDATE `cms_link` SET `picture1` = ''  WHERE `id_link` = '$id_link'";
			  $result = mysql_query($sql) or die(mysql_error());
			}
			if ($check_pic3 == "1" && $userfile3_name == "") {
			  check_pic_out("cms_link", "picture2", "$id_link", "$_SESSION[web_name]/mainfile", "id_link");
			  $sql = "UPDATE `cms_link` SET `picture2` = ''  WHERE `id_link` = '$id_link'";
			  $result = mysql_query($sql) or die(mysql_error());
			}

// Create_Filename
			if ($userfile1_name != "" && $check_pic1 == "") {
				  $name1 = create_filename($userfile1_name);
				  $dlink = "$_SESSION[web_name]/mainfile/" . $name1;
				  delete_filename("cms_link", "picture", "$id_link", "$_SESSION[web_name]/mainfile", "id_link");
	
					$name1 = create_filename($userfile1_name);
					$dlink = "$_SESSION[web_name]/mainfile/" . $name1;
					$temp_name = $_FILES['userfile1']['tmp_name'];
					if (is_uploaded_file($_FILES['userfile1']['tmp_name'])) {
					  if (!move_uploaded_file($temp_name, $dlink)) {
						  }
						}

				  $sql = "UPDATE `cms_link` SET `picture` = '$name1'  WHERE `id_link` = '$id_link'";
				  $result = mysql_query($sql) or die(mysql_error());
			}

			if ($userfile2_name != "" && $check_pic2 == "") {
				  $name2 = create_filename($userfile2_name);
				  $dlink = "$_SESSION[web_name]/mainfile/" . $name2;
				  delete_filename("cms_link", "picture1", "$id_link", "$_SESSION[web_name]/mainfile", "id_link");

					$name2 = create_filename($userfile2_name);
					$dlink = "$_SESSION[web_name]/mainfile/" . $name2;
					$temp_name = $_FILES['userfile2']['tmp_name'];
					if (is_uploaded_file($_FILES['userfile2']['tmp_name'])) {
					  if (!move_uploaded_file($temp_name, $dlink)) {
						  }
						}

				  $sql = "UPDATE `cms_link` SET `picture1` = '$name2'  WHERE `id_link` = '$id_link'";
				  $result = mysql_query($sql) or die(mysql_error());
			}


			if ($userfile3_name != "" && $check_pic3 == "") {
				  $name3 = create_filename($userfile3_name);
				  $dlink = "$_SESSION[web_name]/mainfile/" . $name3;
				  delete_filename("cms_link", "picture2", "$id_link", "$_SESSION[web_name]/mainfile", "id_link");

					$name3 = create_filename($userfile3_name);
					$dlink = "$_SESSION[web_name]/mainfile/" . $name3;
					$temp_name = $_FILES['userfile3']['tmp_name'];
					if (is_uploaded_file($_FILES['userfile3']['tmp_name'])) {
					  if (!move_uploaded_file($temp_name, $dlink)) {
						  }
						}


				  $sql = "UPDATE `cms_link` SET `picture2` = '$name3'  WHERE `id_link` = '$id_link'";
				  $result = mysql_query($sql) or die(mysql_error());
			}


if ($update_link_sclick == "1") {
  $sql = "UPDATE `cms_link` SET `url` = '$link_url', `msg` = '$topic', `text_full` = '$fulltexts' WHERE `id_link` = '$id_link'";

    $result = mysql_query($sql) or die(mysql_error());
  msg_update_data(); // ข้อความแก้ไขแล้ว
  refresh_data("index.php?mod=link&path=link", "2"); // refresh หน้าจอ
}


// แสดงข้อมูล การแก้ไขหัวข้อลิงค์
if ($id_group != "" && $update_link_g == "1" && $update_link_gclick == "") {
  $sql = "SELECT * FROM cms_link_group  where id_group='$id_group'";
  $result = mysql_query($sql);
  $data = mysql_fetch_array($result);

  echo "<FORM METHOD=POST ACTION='index.php?mod=edit_link&path=link&id_group=$data[id_group]&update_link_g=1&update_link_gclick=1'>";
  echo "<table width='98%' border='0' align='center' cellpadding='1' cellspacing='1' >";
  echo "  <tr  height='20'>";
  echo "    <td width=5%><center><img src='coremain/images/marker.gif'> แก้ไขหัวข้อหลัก $link_up_topic &nbsp;<INPUT TYPE='text' NAME='name_group' value='$data[name_group]' size='35'></center></td>";//&nbsp;&nbsp;&nbsp;<INPUT TYPE='submit' value='แก้ไขข้อมูล' onmouseover=this.style.cursor='hand'>
  echo "  </tr>";
  echo text_button_update(1);
  echo "</table>";
  echo "</FORM>";
}

// แสดงการแก้ไขข้อมูลส่วนย่อยลิงค์
if ($id_link != "" && $update_link_s == "1" && $update_link_sclick == "") {
  $sql = "SELECT * FROM cms_link  where id_link='$id_link'";
  $result = mysql_query($sql);
  $data = mysql_fetch_array($result);
  echo "<FORM METHOD=POST ACTION='index.php?mod=edit_link&id_link=$data[id_link]&path=link&update_link_sclick=1' enctype='multipart/form-data'>";
  echo"<table width='100%' border='0' align='center' cellpadding='1' cellspacing='1'>";

  echo"  <tr  height='0' valign=top>";

  echo"	 <td><img src='coremain/images/marker.gif'> แก้ไขหัวข้อ</td>";
  echo"	 <td width='70%'><INPUT TYPE='text' NAME='topic' value='$data[msg]' size='35'></td>";
  echo"  </tr>";


  echo"  <tr  height='40' valign=top>";
  echo"	 <td></td>";
  echo"	 <td>";

	text_editor('440', '260', 'แก้ไขข้อความ', 2, $data['text_full']); 
  echo "</td>";
  echo"  </tr>";






  echo"  <tr  height='40' valign=top>";
  echo"	 <td><img src='coremain/images/marker.gif'> แก้ไขข้อมูล URL</td>";
  echo"	 <td><INPUT TYPE='text' NAME='link_url' value='$data[url]' size='35'><br>";
	echo "   ให้ COPY URL ทั้งหมดมาใส่ในช่องนี้เลย เช่น  https://www.google.co.th/";
  echo"</td>";
  echo"  </tr>";

  echo"  <tr  height='40' valign=top>";

  echo"	 <td><img src='coremain/images/marker.gif'> Upload ไฟล์ 1 ทับไฟล์เดิม</td>";
  echo"	 <td><INPUT TYPE='file' NAME='userfile1' size='30'>&nbsp;";
  if ($data['picture'] != "") {
    echo"หรือ<INPUT TYPE='checkbox' NAME='check_pic1' value='1'> เอาไฟล์1ออก";
  }

    echo"  <tr  height='40' valign=top>";

  echo"	 <td><img src='coremain/images/marker.gif'> Upload ไฟล์ 2 ทับไฟล์เดิม</td>";
  echo"	 <td><INPUT TYPE='file' NAME='userfile2' size='30'>&nbsp;";
  if ($data['picture1'] != "") {
    echo"หรือ<INPUT TYPE='checkbox' NAME='check_pic2' value='1'> เอาไฟล์2ออก";
  }

      echo"  <tr  height='40' valign=top>";

  echo"	 <td><img src='coremain/images/marker.gif'> Upload ไฟล์ 3 ทับไฟล์เดิม</td>";
  echo"	 <td><INPUT TYPE='file' NAME='userfile3' size='30'>&nbsp;";
  if ($data['picture2'] != "") {
    echo"หรือ<INPUT TYPE='checkbox' NAME='check_pic3' value='1'> เอาไฟล์3ออก";
  }

  echo"</td>";
  echo"  </tr>";

  echo"  <tr  height='40'>";
  echo"	 <td colspan='3' align='center'> <INPUT TYPE='submit' value='แก้ไขข้อมูล' onmouseover=this.style.cursor='hand'></td>";
  echo"  </tr>";

  echo"</table>";
  echo"</FORM>";
}
fieldset_down();
?>

Youez - 2016 - github.com/yon3zu
LinuXploit