? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/domains/happytokorea.com/public_html/backend/modules/goods/
File Upload :
Current File : /home/admin/domains/happytokorea.com/public_html/backend/modules/goods/mod_article_n.php

<?
class article_n extends MySql
{
function add_category($name,$detail){
$numRow=$this->check_data('news_cat','name',$name);
if($numRow==""){
if($name!=""&&$detail!=""){

$result=$this->Query("insert into news_cat (name,detail) values ('$name','$detail')");
if($result){
echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=news&ac=show_category&msg=1\">";
}else{
	$error="ไม่สามารถบันทึกข้อมูลได้ในขณะนี้ค่ะ";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}else{
	$error="กรอกข้อมูลไม่ครบค่ะ";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}//จบ ตรวจสอบว่าข้อมูลครบหรือไม
	}else{
//ข้อมูลมีในฐานข้อมูลหรือป่าว
$error="ชื่อหมวดหมู่ซ้ำกับของเดิม";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
	}	//จบข้อมูลมีในฐานข้อมูลหรือป่าว

}//end
function edit_category($name,$detail,$cat_id){
	if($this->check_data_edit('news_cat','name',$name,'id',$cat_id)==''){
	if($name!=""&&$detail!=""){
	$result=$this->Query("UPDATE news_cat set name='$name',detail='$detail' where id='$cat_id'");
if($result){
	echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=news&ac=edit_cat&cat_id=$cat_id&msg=2\">";
}else{
		$error="ไม่สามารถแก้ไขข้อมูลได้";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}else{
	//else check ข้อมูลครบหรือไม่
		$error="ไม่สามารถแก้ไขข้อมูลได้";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}// จบการตรวจสอบข้อมูลว่าครบไหม
	}else{
// จบตรวจสอบว่าชื่อซ้ำกันหรือไม
		$error="ชื่อหมวดหมู่มีในฐานข้อมูลแล้ว";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
	}// จบตรวจสอบว่าชื่อซ้ำกันหรือไม่
}//end edit_category
function del_cat(){
$cat_id=$_GET['cat_id'];
$this->setQuery("SELECT id FROM news");
$rs=$this->QueryReturn();
$numrow=$this->numRows();
if($numrow==''){
 $result=$this->Query("DELETE FROM news_cat WHERE  id='$cat_id'");
	if($result==1){
	echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=news&ac=show_category&msg=3\">";
}else{
	$error="ไม่สามารถลบข้อมูลได้";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}else{
$error="ไม่สามารถลบข้อมูลได้ เนื่องจากหมวดหมู่นี้ยังมีเรื่องเหลืออยู่ในฐานข้อมูล กรุณาลบเรื่องก่อนค่ะ";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}//จบการตรวจสอบว่ามีข้อมูลหัวข้ออยู่ในฐานข้อมูลหรือไม่
}//end function del_cat
function add_topic(){
	global $user_login;
	$addarr=array(
	'group1'=>$user_login['Type'],
	'name'=>$_POST['name'],
	'detail'=>$_POST['detail'],
	'timeadd'=>date('Y-m-d H:i:s',time()),
	);
	
$chk_count=count($addarr);
$i=0;

foreach($addarr as $key=>$v){    
	$i++;
	$v=$this->db_input($v);
	if($i==$chk_count){
		$fields.="$key";
		$value.="'$v'";
	}else{
		$value.="'$v',";
	$fields.="$key,";
	}

}//จบ foreach
	$sql="INSERT INTO contents (".$fields.") values (".$value.")";
	$this->setQuery($sql);
	$result=$this->QueryReturn();
	if($result){
	echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=content&msg=1\">";
}else{
		$error="ไม่สามารถเพิ่มข้อมูลได้".$this->mysqlError();
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}//end function add_produce

function add_data_goods(){
	global $user_login;
if($_FILES['ContentPhoto']['name']!=''){
	$filename	= $_FILES['ContentPhoto']['name'];
	$filetype	= $_FILES['ContentPhoto']['type'];
	$filetmp	= $_FILES['ContentPhoto']['tmp_name'];
	
	$pic=Random_Int(8).date('dmYHism',time());
																
	if($filetype == "image/gif"){
			$ContentPhoto=$pic.".gif";
	}else if ( $filetype == "image/bmp"){
			$ContentPhoto=$pic.".bmp";
	}else if ( $filetype == "image/png"){
			$ContentPhoto=$pic.".png";
	}else if (($filetype =="image/jpg")||($filetype  =="image/jpeg")||($filetype =="image/pjpeg")){
			$ContentPhoto=$pic.".jpg";
	}
	
	if($ContentPhoto!= ""){
				if ($filetype != ""){
					move_uploaded_file($filetmp, "images/GoodsPhoto/".$ContentPhoto);
				}
	}else{
		$ContentPhoto = "";
	}
}else{
	$ContentPhoto = "";
}
if($_FILES['ContentPdf']['name']!=''){
	$filetPdf=$_FILES['ContentPdf']['name'];
	$filetype=$_FILES['ContentPdf']['type'];
	$filetmp=$_FILES['ContentPdf']['tmp_name'];
	
	$pic=Random_Int(8).date('dmYHism',time());
	
	if($filetype == "application/pdf"){
		$ContentPdf=$pic.".pdf";
	}
	
	if($ContentPdf != ""){
		if ($filetype != ""){
			move_uploaded_file($filetmp, "images/GoodsPDF/".$ContentPdf);
		}
	}else{
		$ContentPdf = "";
	}
}else{
	$ContentPdf = "";
}
if(($_POST['ContentName']!='')){
	$addarr=array(
	'GoodsURL'=>$_POST['ContentURL'],
	'GoodsName'=>$_POST['ContentName'],
	'GoodsMetaTitle'=>$_POST['tentMetaTitle'],
	'GoodsMetaKeyword'=>$_POST['ContentMetaKeyword'],
	'GoodsMetaDescription'=>$_POST['ContentMetaDescription'],
	'GoodsTitle'=>$_POST['ContentTitle'],
	'GoodsDetail'=>$_POST['ContentDetail'],
	'CatID'=>$_POST['CatID'],
	'GoodsPdf'=>$ContentPdf,
	'GoodsPhoto'=>$ContentPhoto,
	'GoodsPublic'=>$_POST['ContentPublic'],
	);
	$this->Insert('goods',$addarr);
	echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=goods&msg=1\">";
}else{
	$error="ไม่สามารถเพิ่มข้อมูลได้";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}

}//end function add_produce

function edit_data_goods(){
	global $user_login;

$GoodsID = $_POST['ContentID'];

if($_FILES['ContentPhoto']['name']!=''){

$result=$this->Query("SELECT * FROM goods WHERE GoodsID='$GoodsID' ");
$arr=mysql_fetch_array($result);
if($arr['ContentPhoto'] != ''){
$PhotoDelete = unlink("images/GoodsPhoto/".$arr['GoodsPhoto']);
}

	$filename	= $_FILES['ContentPhoto']['name'];
	$filetype	= $_FILES['ContentPhoto']['type'];
	$filetmp	= $_FILES['ContentPhoto']['tmp_name'];
	
	$pic=Random_Int(8).date('dmYHism',time());
																
	if($filetype == "image/gif"){
			$ContentPhoto=$pic.".gif";
	}else if ( $filetype == "image/bmp"){
			$ContentPhoto=$pic.".bmp";
	}else if ( $filetype == "image/png"){
			$ContentPhoto=$pic.".png";
	}else if (($filetype =="image/jpg")||($filetype  =="image/jpeg")||($filetype =="image/pjpeg")){
			$ContentPhoto=$pic.".jpg";
	}
	
	if($ContentPhoto!= ""){
				if ($filetype != ""){
					move_uploaded_file($filetmp, "images/GoodsPhoto/".$ContentPhoto);
				}
	}else{
		$ContentPhoto = "";
	}
}else{
	$ContentPhoto = $_POST['ContentPhoto'];
}
if($_FILES['ContentPdf']['name']!=''){

$result=$this->Query("SELECT * FROM goods WHERE GoodsID='$GoodsID' ");
$arr=mysql_fetch_array($result);
if($arr['ContentPdf'] != ''){
$PdfDelete = unlink("images/GoodsPDF/".$arr['GoodsPdf']);
}

	$filetPdf=$_FILES['ContentPdf']['name'];
	$filetype=$_FILES['ContentPdf']['type'];
	$filetmp=$_FILES['ContentPdf']['tmp_name'];
	
	$pic=Random_Int(8).date('dmYHism',time());
	
	if($filetype == "application/pdf"){
		$ContentPdf=$pic.".pdf";
	}
	
	if($ContentPdf != ""){
		if ($filetype != ""){
			move_uploaded_file($filetmp, "images/GoodsPDF/".$ContentPdf);
		}
	}else{
		$ContentPdf = "";
	}
}else{
	$ContentPdf = $_POST['ContentPdf'];
}

	$addarr=array(
	'GoodsURL'=>$_POST['ContentURL'],
	'GoodsName'=>$_POST['ContentName'],
	'GoodsMetaTitle'=>$_POST['tentMetaTitle'],
	'GoodsMetaKeyword'=>$_POST['MetaKeyword'],
	'GoodsMetaDescription'=>$_POST['ContentMetaDescription'],
	'GoodsTitle'=>$_POST['ContentTitle'],
	'GoodsDetail'=>$_POST['ContentDetail'],
	'CatID'=>$_POST['CatID'],
	'GoodsPdf'=>$ContentPdf,
	'GoodsPhoto'=>$ContentPhoto,
	'GoodsPublic'=>$_POST['ContentPublic'],
	);

$result=$this->Update($table='goods',$addarr,"where GoodsID='$GoodsID'");
if($result==1){
	echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=goods&msg=2\">";
}else{
		$error="ไม่สามารถเพิ่มข้อมูลได้".$this->mysqlError();
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}//end function add_produce

function edit_topic($topic_id){
	global $user_login;
$addarr=array(
	'ContentDetail'=>$_POST['ContentDetail'],
	'ContentAddTime'=>date('Y-m-d H:i:s',time()),
		);
$result=$this->Update($table='adt_content',$addarr,"where ContentID='$topic_id'");
	if($result==1){
	echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=content&msg=2\">";
}else{
		$error="ไม่สามารถเพิ่มข้อมูลได้".$this->mysqlError();
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}//end function add_produce
function set_first_page(){
	$topic_id=$_GET['id'];
	global $user_login;
	$this->Query("UPDATE contents set show1='' WHERE group1='".$user_login['Type']."'");
$sql=$this->setQuery("UPDATE contents set show1='Yes' WHERE group1='".$user_login['Type']."' AND id='".$topic_id."'");
$result=$this->QueryReturn();

	if($result){echo $sql;
						echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=content&msg=2\">";
					}else{
						$error="ไม่สามารถเพิ่มข้อมูลได้".$this->mysqlError();
						echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
						exit(0);
}
}//end function add_produce
function del_topic(){
global $user_login,$db;
$topic_id=$_GET['id'];

$result=$this->Query("SELECT * FROM goods WHERE GoodsID='$topic_id' ");
$arr=mysql_fetch_array($result);
if($arr['GoodsPhoto'] != ''){
$PhotoDelete = unlink("images/GoodsPhoto/".$arr['GoodsPhoto']);
}
if($arr['GoodsPdf'] != ''){
$PdfDelete = unlink("images/GoodsPDF/".$arr['GoodsPdf']);
}

$result=$this->Query("DELETE FROM goods WHERE GoodsID='$topic_id' ");

if($result==1){
echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=goods&msg=3\">";	
}else{
	$error="ไม่สามารถลบข้อมูลได้";
	
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}//end function del_topic

function de_photo(){
global $user_login,$db;
$topic_id=$_GET['id'];

$result=$this->Query("SELECT * FROM goods WHERE GoodsID='$topic_id' ");
$arr=mysql_fetch_array($result);
$PhotoDelete = unlink("images/GoodsPhoto/".$arr['GoodsPhoto']);

$addarr=array(
	'GoodsPhoto'=>'',
	);
$result=$this->Update($table='goods',$addarr,"where GoodsID='$topic_id'");

if($result==1){
	echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=goods&ac=edit_data&id=$topic_id\">";
}else{
		$error="ไม่สามารถลบรูปโลโก้ได้";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}

function de_pdf(){
global $user_login,$db;
$topic_id=$_GET['id'];

$result=$this->Query("SELECT * FROM goods WHERE GoodsID='$topic_id' ");
$arr=mysql_fetch_array($result);
$PhotoDelete = unlink("images/GoodsPDF/".$arr['GoodsPdf']);

$addarr=array(
	'GoodsPdf'=>'',
	);
$result=$this->Update($table='goods',$addarr,"where GoodsID='$topic_id'");

if($result==1){
	echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=goods&ac=edit_data&id=$topic_id\">";
}else{
		$error="ไม่สามารถลบรูปโลโก้ได้";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
	exit(0);
}
}


}//end class
?>

T1KUS90T
  root-grov@210.1.60.28:~$