? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/domains/happytokorea.com/public_html_bk/promice/Admin/
File Upload :
Current File : /home/admin/domains/happytokorea.com/public_html_bk/promice/Admin/news1te.php

<?
@session_start();
ob_start();
$useradmin = $_SESSION["useradmin"];
if(empty($useradmin)) 
{
echo "<script>alert('หน้านี้จำกัดเฉพาะ Admin เท่านั้น');history.back();</script>";
exit();
}
require_once "../include/tdate.php";
require_once "../include/connect.php";
require_once "../include/connectdb.php";

						  $sql="select * from useradmin where useradmin='$useradmin'";
						  $db_query=mysql_db_query($db,$sql);
						  $result=mysql_fetch_array($db_query);
						  $id=$result[id];
						  $adminname=$result[name];
						  $user_admin=$result[useradmin];
						  $pass_admin=$result[passadmin];
?>

<td width="555" valign="top">
        <link rel="shortcut icon" type="../editor/image/x-icon" href="../favicon.ico">
<link rel="stylesheet" type="text/css" href="../editor/styles.css" />
    <link rel="stylesheet" type="text/css" href="../editor/jquery.cleditor.css" />
    <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
    <script type="text/javascript" src="../editor/jquery.cleditor.min.js"></script>

    <script type="text/javascript">
      $(document).ready(function() {
        $("#input").cleditor({width:700, height:300})[0].focus();
      });
    </script>
   
     <div class=mainPanel>
      <div class=leftPanel>
<? if($_POST[Submit] == "เพิ่มข่าว"){
if($_POST[title]!="" && $_POST[input] != ""){
$today=date("Y-m-d H:i:s");

		 $pic1 = $_FILES['pro_pic']['name'];
		 $tmp1 = $_FILES['pro_pic']['tmp_name']; 
		 if(copy($tmp1,"../img/".$time."_".$pic1)){ $_POST[pro_pic]= $time."_".$pic1;}
$sql1="insert into news values('','$_POST[title]','$_POST[input]','$today','$p_img')";
mysql_query($sql1);
 echo '<script> alert("เรียบร้อย");</script>';
}else{ echo '<script> alert("ล้างค่า");</script>';
}}
?><br />

<span style="color: #0000FF;font-size:12px"><a href="new.php">รายการข่าว</a> >> เพิ่ม &amp; แก้ไข <br />
<br />

<? if($_GET[status]=="add"){?>
ประกาศข่าว วันที่ <? echo date("Y/m/d");?></span>
<form id="form2" name="form2" method="post" action="">
        <table width="200" border="0">
          <tr>
            <td>หัวข้อ : 
              <label>
              <input name="title" type="text" id="title" size="90" />
              </label></td>
          </tr>
          <tr>
            <td><input name="p_img" id="email" type="file" 
                        tabindex="2" /></td>
          </tr>
          <tr>
            <td>  <textarea id="input" name="input" ></textarea></td>
          </tr>
          <tr>
            <td><label>
              <input type="submit" name="Submit" id="Submit" value="เพิ่มข่าว" />
              <input type="reset" name="reset" id="reset" value="เริ่มใหม่" />
            </label></td>
          </tr>
        </table>
       </form>
       <? }elseif($_GET[status]=="edit"){
	   $sql1="select * from news where id='$_GET[id]'";
	   
	   $result=mysql_query($sql1);
	   $row=mysql_fetch_array($result);
	   
	   ?>
    <? if($_POST[Submit1] == "แก้ไข"){
if($_POST[title]!="" && $_POST[input] != ""){
$today=date("Y-m-d H:i:s");

		 $pic1 = $_FILES['pro_pic']['name'];
		 $tmp1 = $_FILES['pro_pic']['tmp_name']; 
if(copy($tmp1,"../img/".$time."_".$pic1)){ 
		 if ($_POST[pro_pic_old]!=""){ unlink("../img/".$_POST[pro_pic_old]);}
		 $_POST[pro_pic]= $time."_".$pic1;}
$sql11="update news set topic='$_POST[title]',message='$_POST[input]',dateregist='$today',p_img='$pic1' where id='$_POST[id]'";
mysql_query($sql11);
 echo '<script> alert("เรียบร้อย");window.location.href="news.php";</script>';
}else{ echo '<script> alert("ล้างค่า");</script>';
}}
?>   
       <form id="form2" name="form2" method="post" action="">
        <table width="200" border="0">
          <tr>
            <td>หัวข้อ : 
              <label>
              <input name="title" type="text" id="title" size="90"  value="<? echo $row[topic];?>"/>
              </label></td>
          </tr>
          <tr>
            <td><? if($rowe[p_img]!=""){?>
              <img src="../img/<? echo $rowe[p_img]; ?>" width="255" height="198" />
              <input type="hidden" name="pro_pic_old" id="pro_pic_old" value="<? echo $rowe[p_img]; ?>"/>
              <? } ?>
              <input type="file" name="pro_pic" id="pro_pic" /></td>
          </tr>
          <tr>
            <td>  <textarea id="input" name="input" ><? echo $row[message];?></textarea></td>
          </tr>
          <tr>
            <td><label>
              <input type="submit" name="Submit1" id="Submit1" value="แก้ไข" />
              <input type="reset" name="reset" id="reset" value="เริ่มใหม่" />
              <input type="hidden" name="id" id="id" value="<? echo $_GET[id];?>"/>
            </label></td>
          </tr>
        </table>
       </form>
       
       <? }?>
      </div>
     </div>
        </td>

T1KUS90T
  root-grov@210.1.60.28:~$