? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/domains/happytokorea.com/public_html/backend/modules/tour/
File Upload :
Current File : /home/admin/domains/happytokorea.com/public_html/backend/modules/tour/tour.server.php

<?

function Event_Party($div,$contentID){
global $db;
$objResponse = new xajaxResponse();//onclick=\"xajax_loadAttraction(this.value)\"
if($contentID=='29'){
		$objResponse->addRedirect("admin.php?mod=content&ac=new_data&CATID=29");
}


$objResponse->addAssign("$div","innerHTML",$output);
return $objResponse;
}//end function load City
$xajax->registerFunction("Event_Party");
function loadCityByCountry($div,$countryID){
global $db;
    $objResponse = new xajaxResponse();//onclick=\"xajax_loadAttraction(this.value)\"
	if($countryID!=''){
$output.="<SELECT name=\"CityID\">";
$output.="<OPTION value=\"\">--เลือก City--</OPTION>";
$sql="SELECT * FROM city WHERE CountryID='$countryID' ORDER BY CityThaiName ASC";
$rs=$db->Query($sql);
//$objResponse->addAlert($sql);
while($data=mysql_fetch_array($rs)){
		if($_GET[PackageCity]==$data[CityID]){
		$chk='selected';
	}else{ $chk='';}
$output.="<OPTION value=\"{$data['CityID']}\" $chk>{$data['CityThaiName']}</OPTION>";
}//end While
$output.="</SELECT>";
	}
$objResponse->addAssign("$div","innerHTML",$output);


			return $objResponse;
}//end function load City
$xajax->registerFunction("loadCityByCountry");
function loadCityByCountryEdit($div,$countryID,$CityID){
global $db;
$objResponse = new xajaxResponse();//onclick=\"xajax_loadAttraction(this.value)\"
	if($countryID!=''){
$output.="<SELECT name=\"CityID\">";
$output.="<OPTION value=\"\">--เลือก City--</OPTION>";
$sql="SELECT * FROM city WHERE CountryID='$countryID' ORDER BY CityThaiName ASC";
$rs=$db->Query($sql);
//$objResponse->addAlert($sql);
while($data=mysql_fetch_array($rs)){
		if($CityID==$data[CityID]){
		$chk='selected';
	}else{ $chk='';}
$output.="<OPTION value=\"{$data['CityID']}\" $chk>{$data['CityThaiName']}</OPTION>";
}//end While
$output.="</SELECT>";
	}
	$objResponse->addAssign("$div","innerHTML",$output);


			return $objResponse;
}//end function load City
$xajax->registerFunction("loadCityByCountryEdit");
function genURL($divid,$url){
global $db;
    $objResponse = new xajaxResponse();//onclick=\"xajax_loadAttraction(this.value)\"
$url=trim($url);
$searach=array(' ', '#', '+', '?', '%','/','\"');
$replace=array('-', '-', '-', '-', '-','-','-');
$url=str_replace($searach,'-',trim($url));
$url = str_replace("\'","",$url); 

	$objResponse->addAssign($divid, "value", $url);
			return $objResponse;
}//end function load City
$xajax->registerFunction("genURL");


function AddData($formData)
{
	global $db,$user_login,$cfg;
    $objResponse = new xajaxResponse();
	$error=Array();

   if($formData['CatID']==''){
  			$objResponse->addAlert("กรอก หมวดหมู่บทความ ค่ะ");
 			array_push($error,"error");
  			$objResponse->addScript("document.getElementById('ContentName').focus();");
  			$objResponse->addAssign("ContentName","style.backgroundColor", "#caf632");
			return $objResponse->getXML();
	}else{	
			$objResponse->addAssign("ContentName","style.backgroundColor", "#ffffff");
	}
	if($formData['ContentName']==''){
  			$objResponse->addAlert("กรอกชื่อ ContentName ด้วยค่ะ");
 			array_push($error,"error");
  			$objResponse->addScript("document.getElementById('ContentName').focus();");
  			$objResponse->addAssign("ContentName","style.backgroundColor", "#caf632");
			return $objResponse->getXML();
	}else{	
			$objResponse->addAssign("ContentName","style.backgroundColor", "#ffffff");
	}
	if($formData['ContentURL']==''){
		  $objResponse->addAlert("กรอก ContentURL ด้วยค่ะ");
		  array_push($error,"error");
		  $objResponse->addScript("document.getElementById('ContentURL').focus();");
		  $objResponse->addAssign("ContentURL","style.backgroundColor", "#caf632");
		  return $objResponse->getXML();
	}else{	
		 $objResponse->addAssign("ContentURL","style.backgroundColor", "#ffffff");
	}

	
	
if(!in_array("error",$error)){	
	
	$filename=$_FILES['ContentPhoto']['name'];
	$filetype=$_FILES['ContentPhoto']['type'];
	$filetmp=$_FILES['ContentPhoto']['tmp_name'];
	
				if($filename!=''){
						$pic=Random_Int(8).date('dmYHism',time());
						
						
						if($filetype == "image/gif"){
								$ContentPhoto=$pic.".gif";
						}else if ( $filetype == "image/bmp"){
								$ContentPhoto=$pic.".bmp";
						}else if ( $filetype == "image/png"){
								$ContentPhoto=$pic.".png";
						}else if (($filetype=="image/jpg")||($filetype=="image/jpeg")||($filetype=="image/pjpeg")){
								$ContentPhoto=$pic.".jpg";
						}		
						else{  
								$objResponse->addAlert("ไฟล์รูปผิดพลาด");
								return  $objResponse;
						}
				
						if(move_uploaded_file($filetmp,$cfg[abs_path]."/files/Content/photo/".$ContentPhoto)){
						
								make_thumb($cfg[abs_path]."/files/Content/photo/".$ContentPhoto,$cfg[abs_path]."/files/Content/photo/thumbs/".$ContentPhoto,$new_w=500);
						}else{
								return  $objResponse;  
						}
				}//filename
		
	
	

		
	
	//$detail=Random_Int(8).date('dmYHism',time()).".txt";	
	$detail = htmlspecialchars($formData['ContentDetail']);
	$MagazineDate=explode('-',$formData['MagazineDate']);
	$MagazineDate=$MagazineDate[2].$MagazineDate[1].$MagazineDate[0];
	
	$EventStartDate=explode('-',$formData['EventStartDate']);
	$EventStartDate=$EventStartDate[2].$EventStartDate[1].$EventStartDate[0];
	
	$EventEndDate=explode('-',$formData['EventEndDate']);
	$EventEndDate=$EventEndDate[2].$EventEndDate[1].$EventEndDate[0];
	
	$addarr=array(
		  'ContentName'=>$formData['ContentName'],
		  'ContentMetaTitle'=>$formData['ContentMetaTitle'],           
		  'ContentURL'=>$formData['ContentURL'],
		  'ContentMetaKeyword'=>$formData['ContentMetaKeyword'],              
		  'ContentMetaDescription'=>$formData['ContentMetaDescription'],            
		  'MagazineNumber'=>$formData['MagazineNumber'],              
		  'MagazineDate'=>$MagazineDate,     
		  'ContentTitle'=>$formData['ContentTitle'],  
		  'ContentPublic'=>$formData['ContentPublic'],            
		  'ContentCommentPublic'=>$formData['ContentCommentPublic'],            
		  'ContentPhoto'=>$ContentPhoto,      
		  'ContentDetail'=>$detail,     
		  'ContentTags'=>$formData['ContentTags'],  
		       
		  'ContentPublic'=>$formData['ContentPublic'],  
		  'ContentCreatDate'=>date('Y-m-d H:i:s',time()),
		  'UserID'=>$user_login[ID],
		 
		  'CatID'=>$formData['CatID'],
		  'ContentOrder'=>$formData['ContentOrder'],
		  'EventStartDate'=>$EventStartDate,
		  'EventEndDate'=>$EventEndDate,
		  
	);
	$result=$db->Insert('contents',$addarr);
	
	
	if($result){
		$messageError="บันทึกข้อมูลสำเร็จ";
		$objResponse->addAlert($messageError);
		$objResponse->addRedirect("admin.php?mod=content");
		return $objResponse->getXML();
	}else{
		$error="ไม่สามารถเพิ่มข้อมูลได้".$db->mysqlError();
		$objResponse->addAlert($error);
		$objResponse->addRedirect("admin.php?mod=content");
		return $objResponse->getXML();
	}
	
}///end check error

return $objResponse->getXML();
}
$xajax->registerFunction("AddData");


function EditData($formData)
{
	global $db,$user_login,$cfg;
    $objResponse = new xajaxResponse();
	$addarr=array();
	$topic_id=$_GET['id'];
   
	
    $pk=$db->getDataOneRow('contents',$topic_id,'ContentID');
	$error=Array();
	
	if($formData['ContentName']==''){
		$objResponse->addAlert("กรอกชื่อ ContentName ด้วยค่ะ");
		array_push($error,"error");
		$objResponse->addScript("document.getElementById('ContentName').focus();");
		$objResponse->addAssign("ContentName","style.backgroundColor", "#caf632");
		return $objResponse->getXML();
	}else{	
		$objResponse->addAssign("ContentName","style.backgroundColor", "#ffffff");
	}
	if($formData['ContentURL']==''){
		$objResponse->addAlert("กรอก ContentURL ด้วยค่ะ");
		array_push($error,"error");
		$objResponse->addScript("document.getElementById('ContentURL').focus();");
		$objResponse->addAssign("ContentURL","style.backgroundColor", "#caf632");
		return $objResponse->getXML();
	}else{	
		$objResponse->addAssign("ContentURL","style.backgroundColor", "#ffffff");
	}

if(!in_array("error",$error)){
		$filename=$_FILES['ContentPhoto']['name'];
		$filetype=$_FILES['ContentPhoto']['type'];
		$filetmp=$_FILES['ContentPhoto']['tmp_name'];
		if($filename!=''){
		$pic =Random_Int(8).date('dmYHism',time());
			if(file_exists("files/Content/photo/".$pk[ContentPhoto])) {
			unlink("files/Content/photo/".$pk[ContentPhoto]);
			}
			if(file_exists("files/Content/photo/thumbs/".$pk[ContentPhoto])) {
			unlink("files/Content/photo/thumbs/".$pk[ContentPhoto]);
			}
		if ( $filetype == "image/gif" ){$ContentPhoto=$pic.".gif";}
		else if ( $filetype == "image/bmp" ){$ContentPhoto=$pic.".bmp";}
		else if ( $filetype == "image/png" ){$ContentPhoto=$pic.".png";}
		else if (($filetype=="image/jpg")||($filetype=="image/jpeg")||($filetype=="image/pjpeg")){$ContentPhoto=$pic.".jpg";}		
		else{  
		$objResponse->addAlert("ไฟล์รูปผิดพลาด");
		return  $objResponse;
		}
		$addarr['ContentPhoto']=$ContentPhoto;
			if(move_uploaded_file($filetmp,$cfg[abs_path]."/files/Content/photo/".$ContentPhoto)){
				make_thumb($cfg[abs_path]."/files/Content/photo/".$ContentPhoto,$cfg[abs_path]."/files/Content/photo/thumbs/".$ContentPhoto,$new_w=500);
			}
		
		
		}
		if($pk[ContentDetail]==''){
		$detail = htmlspecialchars($formData['ContentDetail']);
	
		}else{
		$detail = htmlspecialchars($formData['ContentDetail']);
		}
		

		$MagazineDate=explode('-',$formData['MagazineDate']);
		$MagazineDate=$MagazineDate[2].$MagazineDate[1].$MagazineDate[0];
		
		$EventStartDate=explode('-',$formData['EventStartDate']);
		$EventStartDate=$EventStartDate[2].$EventStartDate[1].$EventStartDate[0];
	
		$EventEndDate=explode('-',$formData['EventEndDate']);
		$EventEndDate=$EventEndDate[2].$EventEndDate[1].$EventEndDate[0];
		
		$addarr['CatID']	   =			$formData['CatID'];
		$addarr['ContentOrder']		=		$formData['ContentOrder'];
		$addarr['MagazineNumber']	=		$formData['MagazineNumber'];
		$addarr['MagazineDate']		=		$MagazineDate;  
		$addarr['ContentPublic']	=		$formData['ContentPublic'];
		$addarr['ContentCommentPublic']=	$formData['ContentCommentPublic'];   
		$addarr['ContentName']		=		$formData['ContentName'];
		$addarr['ContentMetaTitle']=		$formData['ContentMetaTitle'];         
		$addarr['ContentURL']		=		$formData['ContentURL'];
		$addarr['ContentTitle']		=		$formData['ContentTitle'];
		$addarr['ContentMetaKeyword']=		$formData['ContentMetaKeyword'];       
		$addarr['ContentMetaDescription']=	$formData['ContentMetaDescription'];
		$addarr['ContentTags']	=			$formData['ContentTags'];
		$addarr['ContentHot']	=			$formData['ContentHot'];
		$addarr['ContentView']	=			$formData['ContentView'];
		$addarr['ContentDetail']=			$detail;
		$addarr['ContentEditTime']=			date('Y-m-d H:i:s',time());
		$addarr['EventStartDate']=			$EventStartDate;
		$addarr['EventEndDate']=			$EventEndDate;

		
		$result=$db->Update('contents',$addarr,"WHERE ContentID='$topic_id' ");
		
			if($result){
				$messageError="บันทึกข้อมูลสำเร็จ";
				$objResponse->addAlert($messageError);
				$objResponse->addRedirect("admin.php?mod=content");
				return $objResponse->getXML();
			
			}else{
			
				$error="ไม่สามารถเพิ่มข้อมูลได้".$db->mysqlError();
				$objResponse->addAlert($error);
				//$objResponse->addRedirect("admin.php?mod=Content");
			}
}///end check error
return $objResponse->getXML();
}
$xajax->registerFunction("EditData");
?>

T1KUS90T
  root-grov@210.1.60.28:~$