h(  ) ($6;EbBLkfu�_l� ''8;DUFKV3Dd#,?ANk&5G$/(5M\^�ms����Sb�,;R''6c2I�!\����kx�Ve�[i��Me�IYO7:nOL~�Kr�qrv�I:�BM�y��s}r��K����x)1�6@r*2�89ma��&��'ti������{~#������t)1�2<�0:^5�W.uFzQ/u}�v��vv�u��U37yDJeEJo(/�5Ds'1�:Jlu�iy�iy�hw�1;:S`^BMLOQQn,4�7C�8C�>Lfe�]k�[i�Zg��IW�LZ�EP;,.��Tc�q(0) G,/]/1����w�r��l&-t*3�<<�u��#����j&.u��J68\8?"#$%&'()*+,-./0 ! 
Notice: Undefined index: dl in /var/www/html/web/simple.mini.php on line 1
403WebShell
403Webshell
Server IP : 10.254.12.21  /  Your IP : 10.254.12.21
Web Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
System : Linux arit.skru.ac.th 3.10.0-1160.76.1.el7.x86_64 #1 SMP Wed Aug 10 16:21:17 UTC 2022 x86_64
User : apache ( 48)
PHP Version : 5.6.40
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/trr/pages/admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/html/trr/pages/admin/reserve_add_admin.php
<?php include 'check_mode_admin.php';?>
<?php include '../dbconnect.php';?>
<?php include 'header.php';?>
<?php
if (check_mode_admin_session(1,1)) {
?>
<?php
$pagetitle_text = "จองห้องค้นคว้าสำหรับอาจารย์";
$num_show_day = 31;
$submit_roomanddate = (isset($_POST["submit_roomanddate"])) ? $_POST["submit_roomanddate"] : '';
?>
<style type="text/css">
<!--
.style2 {color: #3366FF}
-->
</style>
		  
	<h1 class="page-header"><?php echo $pagetitle_text;?></h1>
<?php
if($submit_roomanddate <> "") {
  $room_code = (isset($_POST["room_code"])) ? $_POST["room_code"] : '';
  $reserve_date = (isset($_POST["reserve_date"])) ? $_POST["reserve_date"] : '';
  if($room_code<>"" && $reserve_date<>"") {
?>
	<form action="reserve_add_db_admin.php" method="post" name="form1" id="form1">
		<table class="table table-striped table-bordered table-hover" style="background-color: #FFFFFF;">
			<tbody>
				<tr>
					<td width="30%">ห้อง <font color="#FF0000">*</font></td>
					<td>
<?php
	$sql = "SELECT * FROM reserve_room WHERE room_code=" . $room_code;
	$query = mysqli_query($conn,$sql);	
	if($result=mysqli_fetch_array($query,MYSQLI_ASSOC))
	{
		echo $result["room_name"];
	} else {
		echo "ไม่พบห้องที่เลือก";
	}
?>							
					</td>
				</tr>
				<tr>
					<td width="30%">วันที่ต้องการจอง (จองล่วงหน้าได้ไม่เกิน 31 วัน) <font color="#FF0000">*</font></td>
					<td>
<?php
	$input_date = date('d/m/Y',strtotime($reserve_date));
	echo $input_date;
?>						
					</td>
				</tr>
				<tr>												
				  <td width="30%">เวลาที่ต้องการจอง (เลือกได้หลายช่วงเวลา) <font color="#FF0000">*</font></td>
					<td>
						<div class="form-group">
							<div class="checkbox">
<?php
	$sql = "SELECT * FROM reserve_time_list ORDER BY time_code ASC";
	$query = mysqli_query($conn,$sql);	
	while($result=mysqli_fetch_array($query,MYSQLI_ASSOC))
	{
		$input_name = "pid" . $result["time_code"];
		$input_id = "pid" . $result["time_code"];
		$sql2 = "SELECT reserve_detail.reserve_code FROM reserve_detail INNER JOIN reserve_time ON reserve_detail.reserve_code= reserve_time.reserve_code WHERE ( (reserve_detail.reserve_date ='" . $reserve_date . "'" .  ") AND (reserve_detail.room_code=" . $room_code . ") AND (reserve_time.reserve_time =" . $result["time_code"] . ") )";
		$query2 = mysqli_query($conn,$sql2);	
		if($result2=mysqli_fetch_array($query2,MYSQLI_ASSOC)) {
?>		
								<div class="checkbox">
									<label>
										<input type="checkbox" disabled="disabled"> 
										<?php echo $result["start_time"] . "-" . $result["stop_time"] . "<font color=red> (ไม่ว่าง)</font>";?>
									</label>
								</div>
<?php								
		} else { //if($result2=mysqli_fetch_array($query2,MYSQLI_ASSOC)) {
?>								
								<div class="checkbox">
									<label>
										<input name="<?php echo $input_name;?>" type="checkbox" id="<?php echo $input_id;?>" value="<?php echo $result["time_code"];?>"> 
										<?php echo $result["start_time"] . "-" . $result["stop_time"] . " (ว่าง)";?>
									</label>
								</div>
<?php
		} //if($result2=mysqli_fetch_array($query2,MYSQLI_ASSOC)) {
	} //while($result=mysqli_fetch_array($query,MYSQLI_ASSOC))
?>								
							</div>
						</div>
					</td>
				</tr>												
				<tr>
					<td width="30%">ชื่อ-สกุลผู้จอง <font color="#FF0000">*</font></td>
					<td>
						<div class="form-group">
							<input name="full_name" id="full_name" class="form-control">
						</div>
					</td>
				</tr>
				<tr>
					<td width="30%">สังกัดคณะ/หน่วยงาน <font color="#FF0000">*</font></td>
					<td>
						<div class="form-group">
							<input name="faculty_name" id="faculty_name" class="form-control">
						</div>
					</td>
				</tr>	
				<tr>
					<td width="30%">User name ผู้จอง <font color="#FF0000">*</font><br><font color="#00B62B">(บุคลากร : ชื่อ.นามสกุล2ตัวแรก)<br>(นักศึกษา : รหัสนักศึกษา)</font></td>
					<td>
						<div class="form-group">
							<input name="user_name" id="user_name" class="form-control">
						</div>
					</td>
				</tr>
				<tr>
					<td width="30%">อีเมล <font color="#FF0000">*</font><br><font color="#00B62B">(บุคลากร : ชื่อ.นามสกุล2ตัวแรก ตามด้วย @skru.ac.th)<br>(นักศึกษา : รหัสนักศึกษา ตามด้วย @parichat.skru.ac.th)</font></td>
					<td>
						<div class="form-group">
							<input name="email" id="email" class="form-control">
						</div>
					</td>
				</tr>
				<tr>
					<td width="30%">หัวข้อ / วิชา</td>
					<td>
						<div class="form-group">
							<input name="subject" id="subject" class="form-control">
						</div>
					</td>
				</tr>	
				<!--<tr>
					<td width="30%">จำนวนคน</td>
					<td>
						<div class="form-group">
							<input type="number" name="num_student" id="num_student" class="form-control">
						</div>
					</td>
				</tr>-->	
				<tr>
					<td width="30%">หมายเลขโทรศัพท์ผู้จอง</td>
					<td>
						<div class="form-group">
							<input name="phone" id="phone" class="form-control">
						</div>
					</td>
				</tr>				
				<tr>
					<td width="30%">รายละเอียดอื่นๆ</td>
					<td>
                                        <div class="form-group">
                                            <textarea class="form-control" rows="3" name="note" id="note"></textarea>
                                        </div>
					</td>
				</tr>

			</tbody>
	  </table>
	  

                                        <div class="form-group">
											<input type="hidden" name="room_code" id="room_code" value="<?php echo $room_code;?>" />
											<input type="hidden" name="reserve_date" id="reserve_date" value="<?php echo $reserve_date;?>" />											
											<input name="submit" type="submit" id="submit" value="จองห้อง" class="btn btn-success">
											&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
											<a href='javascript:history.back(1);'><button type="button" class="btn btn-default">ยกเลิก</button></a>
                                        </div>	
	</form>	
<?php
  } else { //  if($room_code<>"" && $reserve_date<>"") {
?>
	<BR />กรุณาเลือกห้องและวันที่ต้องการจอง
	<BR /><BR /><a href='javascript:history.back(1);'><button type="button" class="btn-warning">คลิกที่นี่เพื่อกลับไปหน้าที่แล้ว</button></a>
<?php
  } //  if($room_code<>"" && $reserve_date<>"") {
} else { //if($submit_roomanddate <> "") {
  $get_room_code = (isset($_GET["room_code"])) ? $_GET["room_code"] : '';
  $get_reserve_date = (isset($_GET["reserve_date"])) ? $_GET["reserve_date"] : '';
?>
	<form action="" method="post" name="form1" id="form1">
		<table class="table table-striped table-bordered table-hover" style="background-color: #FFFFFF;">
			<tbody>
				<tr>
					<td width="30%">ห้อง</td>
					<td>
						<div class="form-group">
							<select class="form-control" name="room_code" id="room_code">
<?php
	//$sql = "SELECT * FROM reserve_room WHERE ( (showed=1) AND (reserved=1) )ORDER BY room_code ASC";
	$sql = "SELECT * FROM reserve_room ORDER BY room_code ASC";
	$query = mysqli_query($conn,$sql);	
	while($result=mysqli_fetch_array($query,MYSQLI_ASSOC))
	{
		if($result["room_code"] == $get_room_code) {
?>
								<option value="<?php echo $result["room_code"];?>" selected="selected"><?php echo $result["room_name"];?></option>
<?php		
		} else { //if($result["room_code"] == $get_room_code) {
?>							
								<option value="<?php echo $result["room_code"];?>"><?php echo $result["room_name"];?></option>
<?php
		} //if($result["room_code"] == $get_room_code) {
	} //while($result=mysqli_fetch_array($query,MYSQLI_ASSOC))
?>
								</select>
						</div>					
					</td>
				</tr>
				<tr>
					<td width="30%">วันที่ต้องการจอง (จองล่วงหน้าได้ไม่เกิน 31 วัน)</td>
					<td>
						<div class="form-group">
<?php
	$start_input_date = date('Y-m-d');
	$str_t_t = "+" . $num_show_day-1 . " day"; 
	$end_input_date = date('Y-m-d',strtotime($str_t_t));
	if($get_reserve_date<>"") {
?>						
							<input type="date" name="reserve_date" id="reserve_date" class="form-control" min="<?php echo $start_input_date;?>" max="<?php echo $end_input_date;?>" value="<?php echo $get_reserve_date;?>">
<?php	
	} else { //if($get_reserve_date<>"") {
?>						
							<input type="date" name="reserve_date" id="reserve_date" class="form-control" min="<?php echo $start_input_date;?>" max="<?php echo $end_input_date;?>">
<?php
	} //if($get_reserve_date<>"") {
?>							
						</div>
					</td>
				</tr>
			</tbody>
	  </table>
                                        <div class="form-group">
											<input name="submit_roomanddate" type="submit" id="submit_roomanddate" value="ถัดไป" class="btn btn-success">
											&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
											<a href='javascript:history.back(1);'><button type="button" class="btn btn-default">ยกเลิก</button></a>
                                        </div>	
	</form>	
<?php
} //if($submit_roomanddate <> "") {
?>	
<?php
} //if(check_mode_admin_session(1,1)) {
?>
<?php include 'footer.php';?>

Youez - 2016 - github.com/yon3zu
LinuXploit