? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/domains/happytokorea.com/public_html/backend/modules/goods/
File Upload :
Current File : /home/admin/domains/happytokorea.com/public_html/backend/modules/goods/picture.php

<?
session_start();
require_once('../../../config.php');
require_once('../../../libs/MySql.php');
require_once('../../../libs/MySqlDB.php');
require_once('../../../libs/function.php');
require_once('../../../libs/global.php');
require_once('../../../libs/backoff_ajax.php');		
require_once('../../../libs/backoff.php');	
require_once('../../../libs/xajax/xajax.inc.php');
require_once('../../../libs/xajax/xajaxExtend.php');	
require_once('../../modules/users/mod_user.php');


$db=new MySql;
$xajax = new xajaxExtend;

function delp($value)
{
	global $db;
$objResponse = new xajaxResponse();


$objResponse->addAlert('ยกเลิกรูปภาพ');
$re=$db->Query("DELETE FROM tour_gallery WHERE tour_id='{$_GET['tour_id']}' AND pictuer_id ={$value} ");
if($re){
	$objResponse->addRedirect("picture.php?tour_id=$_GET[tour_id]");
}
return $objResponse;
}
$xajax->registerFunction("delp");
$xajax->processRequests();

if($_POST['summit']){
		foreach($_POST['pic'] as $k   => $v){
		    $dataa=Array('tour_id'=> $_POST['tour_id'],'pictuer_id'=> $v,'add_time'=>date('Y-m-d H:i:s'),'add_by'=> $user_login['ID']);
			$db->Insert('tour_gallery',$dataa);
echo "<meta http-equiv=\"refresh\" content=\"0;URL=picture.php?tour_id={$_POST['tour_id']}\">";

		}//foreach
}

?>

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>รูปภาพ</title>
<?php 
$xajax->printJavascript('../../../libs/xajax');
?>
<!--<script>
function fncShowHideInput(ree)
	{
	if(ree.checked==1)
		{
		xajax_selPic(ree.value);
		}
		else
		{
		xajax_Cancle_landStatus(ree.value);
		}
</script>-->
</head>

<body>

<form action="<?=$_SERVER['PHP_SELF']?>" method="post" enctype="multipart/form-data">


<table width="100%" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#AAAAAA">
  <tr>
    <td  align="center">เลือกรูปภาพ</td>
  </tr>
    
  <tr>
    <td align="center" valign="top">
 
    <table width="8%" border="1" cellpadding="0" cellspacing="0" bordercolor="#E2E1E0">
      <tr>
       <?
	   $tour=$db->getDataOneRow('tour',$_GET[tour_id],'id');
	 $i=0;
        $rs=$db->Query("SELECT *  FROM gallery WHERE tour_cat_id ={$tour[catagory]} ORDER BY id ASC");

						while($data=mysql_fetch_array( $rs)){
						  $chk=$db->getRow('tour_gallery',"WHERE tour_id={$_GET[tour_id]} AND pictuer_id= {$data[id]}");
						  if( $chk['pictuer_id']==$data['id']){
						 $s="checked";
						 $c="onChange=\"xajax_delp(this.value);\"";
						  }else{
						  $s="";
						   $c="";
						  }
		?>
        <td valign="top">
        <?
      
		?>
        <input name="pic[]" type="checkbox" value="<?=$data['id']?>" <?=$s?>  <?= $c?>>
        <br>
        <img src="../../../gallery/thumbs/<?=$data[picture];?>" width="100" border="1">
        
      </td>
            <?
		if($i%7==0){
					echo "<tr>";	
						}else{
						echo "</td>";
						}
		$i++;
        }
		?>
      </tr>
    </table>
  
    <input type="hidden" name="tour_id" id="tour_id" value="<?=$_GET['tour_id'];?>"></td>
    </tr>

  <tr>
    <td align="center"><label>
      <input name="summit" type="submit" id="summit" value="บันทึก">
    </label></td>
  </tr>
</table>    
</form>


</body>
</html>

T1KUS90T
  root-grov@210.1.60.28:~$