? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/domains/happytokorea.com/public_html/backend/modules/blog/
File Upload :
Current File : /home/admin/domains/happytokorea.com/public_html/backend/modules/blog/com_edit_topic.php

<?

require_once('function.php');
if($_GET['id'] <> ""){
$topic_id=$_GET['id'];
}elseif($_POST['id'] <> ""){
$topic_id=$_POST['id'];
}

if ($_SESSION["la"] == 1){
$edit=$db->getDataOneRow('contents',$topic_id,'ContentID');
}else{
$edit=$db->getDataOneRow('contents_en',$topic_id,'ContentID');
}
if($_POST['CatID'] == ""){
	$_POST['CatID'] = $edit['CatID'];
}else{
	$_POST['CatID'] = $_POST['CatID'];
}
if($_POST['Cat_sub'] == ""){
	$_POST['Cat_sub'] = $edit['SubCatID'];
}else{
	$_POST['Cat_sub'] = $_POST['Cat_sub'];
}
?>

  <script type="text/javascript" src="http://js.nicedit.com/nicEdit-latest.js"></script> <script type="text/javascript">
//<![CDATA[
        bkLib.onDomLoaded(function() { nicEditors.allTextAreas({fullPanel : true}) });
  //]]>
  </script>

<script language="javascript" src="js/jquery-1.4.4.js"></script>
<script type="text/javascript">
$(document).ready(function(){
 var i = 1;
	$('#addRow').click(function(){
		var tr = "<tr><td><input  type=\"file\" name=\"files["+i+"]\" id=\"files["+i+"]\" multiple=\"ture\" accept=\"image/*\" class=\"basicBtn\" size=\"45\" /></td></tr>";
 		i += 1;
		$('#myTbl').append(tr);
	});

})
</script>
<SCRIPT language=JavaScript>
function fun_name()
{

var temp;
var digital="'";

if (document.webForm.ContentName.value.length != 0)
    {
       for (var i=0;i<document.webForm.ContentName.value.length;i++)
         {
              temp=document.webForm.ContentName.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.ContentName.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.city.value.length != 0)
    {
       for (var i=0;i<document.webForm.city.value.length;i++)
         {
              temp=document.webForm.city.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.city.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.Period.value.length != 0)
    {
       for (var i=0;i<document.webForm.Period.value.length;i++)
         {
              temp=document.webForm.Period.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.Period.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.starting.value.length != 0)
    {
       for (var i=0;i<document.webForm.starting.value.length;i++)
         {
              temp=document.webForm.starting.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.starting.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.hotels.value.length != 0)
    {
       for (var i=0;i<document.webForm.hotels.value.length;i++)
         {
              temp=document.webForm.hotels.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.hotels.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.tentMetaTitle.value.length != 0)
    {
       for (var i=0;i<document.webForm.tentMetaTitle.value.length;i++)
         {
              temp=document.webForm.tentMetaTitle.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.tentMetaTitle.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.ContentMetaKeyword.value.length != 0)
    {
       for (var i=0;i<document.webForm.ContentMetaKeyword.value.length;i++)
         {
              temp=document.webForm.ContentMetaKeyword.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.ContentMetaKeyword.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.ContentMetaDescription.value.length != 0)
    {
       for (var i=0;i<document.webForm.ContentMetaDescription.value.length;i++)
         {
              temp=document.webForm.ContentMetaDescription.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.ContentMetaDescription.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.ContentTitle.value.length != 0)
    {
       for (var i=0;i<document.webForm.ContentTitle.value.length;i++)
         {
              temp=document.webForm.ContentTitle.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.ContentTitle.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.ContentDetail.value.length != 0)
    {
       for (var i=0;i<document.webForm.ContentDetail.value.length;i++)
         {
              temp=document.webForm.ContentDetail.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.ContentDetail.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.ContentTags.value.length != 0)
    {
       for (var i=0;i<document.webForm.ContentTags.value.length;i++)
         {
              temp=document.webForm.ContentTags.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.ContentTags.select();
                    alert(errmsg);
                    return false;
                }
         }
   }

}
</SCRIPT>
<div class="content">
    	<div class="title"><img style="padding:10px 0 0 15px; float:left;" src="images/icons/dark/create.png" alt="" /><h5>แก้ไขบทความ</h5></div>


        	<!-- Input text fields -->
                <div class="widget first">


		<?
        if($_POST['CatID']==""){
			$_POST['CatID']=$edit['CatID'];
		}
		?>
<form action="<? echo"$PHPSELF?mod=blog&ac=edit_data_con";?>" enctype="multipart/form-data" class="mainForm" id="webForm" method="post" name="webForm">
						<div class="rowElem" style="border-top:1px solid #cccccc;"><label>ชื่อบทความ</label><div class="formRight"><input name="ContentName" type="text" id="ContentName" onChange="fun_name()" value="<?=$edit['ContentName']?>"/>
                        <input name="CatID" type="hidden" value="<?=$_POST['CatID'];?>" />
                        <input name="Cat_sub" type="hidden" value="<?=$_POST['Cat_sub'];?>" />
						</div><div class="fix"></div></div>


<div class="rowElem"><label>รูปภาพ (gallery)
</label>
		<div class="formRight">
        <table width="650" border="1" cellspacing="2" cellpadding="0">

      <?php
		$sql=$db->Query("SELECT * FROM contents_photo WHERE ContentID = $topic_id Order By id_p ASC");

		$chk=3;
		while($rs1=mysql_fetch_array($sql)){
	  	if($chk%3 == 0)
			echo "<tr>";
	  ?>
		<td>
		<label>
		<div align="right"><a href="<? echo"$PHPSELF?mod=blog&ac=delete_photo_gallery&id_p={$rs1['id_p']}&id=$topic_id";?>"><img src="images/close.png"></a><br />
		    <img src="../images/ContentPhoto/<?=$rs1[picture];?>" width="150"></div>
		</label>
		</td>
		 <?
	$chk++;
	}
	?>
		</tr>
		</table>
<table id="myTbl" width="650" border="1" cellspacing="2" cellpadding="0">
  <tr id="firstTr">
    <td><input  type="file" name="files[0]" id="files[0]" multiple accept="image/*" class="basicBtn" size="45" /></td>
    </tr>
</table>
<br />
<table width="500" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td>

    <input type="button" value="เพิ่มรูป" id="addRow" class="basicBtn">
	</td>
  </tr>
</table>
		  &nbsp;
	    </div>
		<div class="fix"></div></div>


		<div class="rowElem"><label>รายละเอียด</label><div class="formRight"><textarea name="ContentDetail" cols="" rows="6" id="ContentDetail" onChange="fun_name()"><?=$edit['ContentDetail']?></textarea>
						</div><div class="fix"></div></div>

    		<div class="rowElem"><label>รายละเอียดย่อ</label><div class="formRight"><input type="text" name="ContentTitle" id="ContentTitle" value="<?=$edit['ContentTitle']?>"/>
						</div><div class="fix"></div></div>

    		<div class="rowElem">
						  <label>คอมเม้น</label><div class="formRight"><iframe src="modules/content/comment.php?id=<?=$_GET['id'];?>" width="100%" height="200"></iframe>
   </div><div class="fix"></div></div>
						<div class="rowElem"><label>ชื่อคนเขียน blog</label><div class="formRight"><input name="ContentBlog" type="text" id="ContentBlog" value="<?=$edit['ContentBlog']?>" readonly="readonly"/>
	  </div><div class="fix"></div></div>
				
    					<div class="rowElem"><label>เปิดให้อ่าน</label><div class="formRight"><label><input type="radio" name="ContentPublic" <? if($edit[ContentPublic]==1){echo "checked";}?>  value="1"/>
					  ใช่</label>
                      <label><input type="radio" name="ContentPublic"  <? if($edit[ContentPublic]==0){echo "checked";}?> value="0"/>
                      ไม่ใช่</label>
					  <input name="ContentID" type="hidden" id="ContentID" value="<?=$edit[ContentID];?>" />
                      <input name="ContentPdf" type="hidden" id="ContentPdf" value="<?=$edit[ContentPdf];?>" />
                      <input name="ContentPhoto" type="hidden" id="ContentPhoto" value="<?=$edit[ContentPhoto];?>" /></div><div class="fix"></div></div>

						<div class="rowElem"><label>Meta Title (SEO)</label>
						  <div class="formRight">
						    <input name="ContentMetaTitle" type="text" id="ContentMetaTitle" onChange="fun_name()" value="<?=$edit[ContentMetaTitle];?>"/>
						  </div>
				  <div class="fix"></div></div>
						<div class="rowElem"><label>MetaKeyword (SEO)</label><div class="formRight"><input name="ContentMetaKeyword" type="text" id="ContentMetaKeyword" onChange="fun_name()" value="<?=$edit[ContentMetaKeyword];?>"/>
						</div><div class="fix"></div></div>
					<div class="rowElem"><label>Meta Description (SEO)</label><div class="formRight"><input name="ContentMetaDescription" type="text" id="ContentMetaDescription" onChange="fun_name()" value="<?=$edit[ContentMetaDescription];?>"/>
					</div><div class="fix"></div></div>
						<div class="rowElem"><label>&nbsp;</label><div class="formRight">
						<input type="submit" value="บันทึกบทความ" class="greyishBtn" /><input type="reset" value="ยกเลิกบทความ" class="basicBtn" /></div></div>
</form>
                        <div class="fix"></div>

                </div>
               <div class="rowElem" style="border-top:1px solid #cccccc;"><label></label><div class="formRight">

                        </div><div class="fix"></div></div>

      </div>

T1KUS90T
  root-grov@210.1.60.28:~$