? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/domains/happytokorea.com/private_html/modules-bak/blog/

Current File : /home/admin/domains/happytokorea.com/private_html/modules-bak/blog/comment.php

<?
session_start();
require_once('../../../config.php');
require_once('../../../libs/MySql.php');
$db=new MySql;
if($_GET['CommentID'] <> ""){
	$rs=$db->Query("DELETE FROM blog_comment WHERE CommentID={$_GET['CommentID']} ");
	echo"<meta http-equiv=\"refresh\" content=\"0;url=comment.php?id={$_GET['id']}\">";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
  <script type="text/javascript" src="http://js.nicedit.com/nicEdit-latest.js"></script> <script type="text/javascript">
//<![CDATA[
        bkLib.onDomLoaded(function() { nicEditors.allTextAreas() });
  //]]>
  </script>
</head>

<body>
<form id="form1" name="form1" method="post" action="">
  <table width="100%" border="0" cellspacing="0" cellpadding="0">
<?
$rs=$db->Query("SELECT * FROM blog_comment where ContentID='{$_GET['id']}' ORDER BY CommentID ASC");
while($arr=mysql_fetch_array($rs)){
?>
    <tr>
      <td width="80%"><label for="CommentDetail"></label>
      <textarea name="CommentDetail" cols="70%" rows="5" readonly="readonly" id="CommentDetail">ข้อความ : <?=$arr['CommentDetail'];?><br>ชื่อ : <?=$arr['CommentUser'];?></textarea></td>
      <td align="right"><input type="button" name="button" id="button" value="  ลบ  " onclick="window.location.href='?CommentID=<?=$arr['CommentID'];?>&id=<?=$_GET['id'];?>'" /></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td>&nbsp;</td>
    </tr>    
<?
		}
?>
  </table>
</form>
</body>
</html>

T1KUS90T