? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/domains/happytokorea.com/public_html/backend/modules/tour/
File Upload :
Current File : /home/admin/domains/happytokorea.com/public_html/backend/modules/tour/q2.php

<?

session_start();

require_once('../../../config.php');
require_once('../../../libs/MySql.php');
require_once('../../../libs/function.php');
require_once('../../../libs/global.php');
require_once('../../../libs/backoff_ajax.php');		
require_once('../../../libs/backoff.php');	
require_once('../../../libs/xajax/xajax.inc.php');


$db=new MySql;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<?	
$content_id = $_POST['content_id'];
$data=Array(
	'content_topic'=>$_POST['TopicRound'][$content_id],
	);
if($db->Update('tour_content',$data,"WHERE content_id='$content_id'")){
	$sub=1;
	$q=0;
	foreach($_POST['subId'] as $k=>$v){	
	$ContentPhoto1="";
	$ContentPhoto2="";
	$ContentPhoto3="";
if($_FILES['photos1']['name'][$q] != ''){
	$filename	= $_FILES['photos1']['name'][$q];
	$filetype	= $_FILES['photos1']['type'][$q];
	$filetmp	= $_FILES['photos1']['tmp_name'][$q];
	
	$pic=Random_Int(8).date('dmYHism',time());
																
	if($filetype == "image/gif"){
			$ContentPhoto1=$pic.".gif";
	}else if ( $filetype == "image/png"){
			$ContentPhoto1=$pic.".png";
	}else if (($filetype =="image/jpg")||($filetype  =="image/jpeg")||($filetype =="image/pjpeg")){
			$ContentPhoto1=$pic.".jpg";
	}
	
	if($ContentPhoto1 != ""){
				if ($filetype != ""){
					move_uploaded_file($filetmp, "../../images/tour/".$ContentPhoto1);
				}
	}
}else{
$ContentPhoto1=$_POST['photos1o'][$q];	
}
if($_FILES['photos2']['name'][$q] != ''){
	$filename	= $_FILES['photos2']['name'][$q];
	$filetype	= $_FILES['photos2']['type'][$q];
	$filetmp	= $_FILES['photos2']['tmp_name'][$q];
	
	$pic=Random_Int(8).date('dmYHism',time());
																
	if($filetype == "image/gif"){
			$ContentPhoto2=$pic.".gif";
	}else if ( $filetype == "image/png"){
			$ContentPhoto2=$pic.".png";
	}else if (($filetype =="image/jpg")||($filetype  =="image/jpeg")||($filetype =="image/pjpeg")){
			$ContentPhoto2=$pic.".jpg";
	}
	
	if($ContentPhoto2 != ""){
				if ($filetype != ""){
					move_uploaded_file($filetmp, "../../images/tour/".$ContentPhoto2);
				}
	}
}else{
$ContentPhoto2=$_POST['photos2o'][$q];	
}
if($_FILES['photos3']['name'][$q] != ''){
	$filename	= $_FILES['photos3']['name'][$q];
	$filetype	= $_FILES['photos3']['type'][$q];
	$filetmp	= $_FILES['photos3']['tmp_name'][$q];
	
	$pic=Random_Int(8).date('dmYHism',time());
																
	if($filetype == "image/gif"){
			$ContentPhoto3=$pic.".gif";
	}else if ( $filetype == "image/png"){
			$ContentPhoto3=$pic.".png";
	}else if (($filetype =="image/jpg")||($filetype  =="image/jpeg")||($filetype =="image/pjpeg")){
			$ContentPhoto3=$pic.".jpg";
	}
	
	if($ContentPhoto3 != ""){
				if ($filetype != ""){
					move_uploaded_file($filetmp, "../../images/tour/".$ContentPhoto3);
				}
	}
}else{
$ContentPhoto3=$_POST['photos3o'][$q];	
}
if($v!=''){
$data=Array(
	'content_order'=>$_POST['order'][$k],
	'content_tour_id'=>$_POST['content_tour_id'],
	'content_time'=>$_POST['subTopic'][$k],
	'content_detail'=>$_POST['detail'][$k],
	'Content_photo1'=>$ContentPhoto1,
	'Content_photo2'=>$ContentPhoto2,
	'Content_photo3'=>$ContentPhoto3
	);
//$objResponse->addAlert($formData['detail'][$k].'-'.$formData['subTopic'][$k]);
if($_POST['detail'][$k]==''){
$db->Query("DELETE FROM tour_content WHERE content_id='$k' AND content_tour_id='{$_POST['content_tour_id']}' AND content_parent='$content_id'");
}else{
$db->Update('tour_content',$data,"WHERE content_id='$k'");
}
}else{
	$data=Array(
	'content_order'=>$sub,
	'content_tour_id'=>$_POST['content_tour_id'],
	'content_time'=>$_POST['subTopic'][$k],
	'content_detail'=>$_POST['detail'][$k],
	'content_parent'=>$content_id,
	'Content_photo1'=>$ContentPhoto1,
	'Content_photo2'=>$ContentPhoto2,
	'Content_photo3'=>$ContentPhoto3
	);
//$objResponse->addAlert($formData['detail'][$k].'-'.$formData['subTopic'][$k]);
$db->Insert('tour_content',$data);

}
$sub++;
$q++;
	}//end foreach
	
	}//end update
if($db->mysqlError()==''){
	$error="บันทึกสำเร็จ";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
}else{
	$error="ไม่สามารถบันทึกข้อมูลได้";
	echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
}
?>
</body>
</html>

T1KUS90T
  root-grov@210.1.60.28:~$