403Webshell
Server IP : 172.67.187.206  /  Your IP : 172.71.28.155
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /Inetpub/www/training/admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /Inetpub/www/training/admin/question_form.php
<?php
include("../session.php");

if ($role != 'admin') {
    header("Location: ../index.php");
    exit;
}

include("../db.php");

if (!isset($_GET['subject_id'])) {
    echo "ไม่ได้ระบุรหัสวิชา"; exit;
}

$subject_id = intval($_GET['subject_id']);
$question = "";
$choice1 = "";
$choice2 = "";
$choice3 = "";
$choice4 = "";
$correct_choice = "";
$score = 1;
$is_edit = false;

if (isset($_GET['id'])) {
    $is_edit = true;
    $id = intval($_GET['id']);
    $res = mysqli_query($conn, "SELECT * FROM questions WHERE id = $id AND subject_id = $subject_id");
    if ($row = mysqli_fetch_assoc($res)) {
        $question = $row['question'];
        $choice1 = $row['choice1'];
        $choice2 = $row['choice2'];
        $choice3 = $row['choice3'];
        $choice4 = $row['choice4'];
        $correct_choice = $row['correct_choice'];
        $score = $row['score'];
    } else {
        echo "ไม่พบคำถาม"; exit;
    }
}

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $question = trim($_POST['question']);
    $choice1 = trim($_POST['choice1']);
    $choice2 = trim($_POST['choice2']);
    $choice3 = trim($_POST['choice3']);
    $choice4 = trim($_POST['choice4']);
    $correct_choice = $_POST['correct_choice'];
    $score = intval($_POST['score']);

    if ($is_edit) {
        $sql = "UPDATE questions SET 
                question='$question', 
                choice1='$choice1', 
                choice2='$choice2', 
                choice3='$choice3', 
                choice4='$choice4', 
                correct_choice='$correct_choice',
                score=$score 
                WHERE id=$id AND subject_id=$subject_id";
    } else {
        $sql = "INSERT INTO questions 
                (subject_id, question, choice1, choice2, choice3, choice4, correct_choice, score)
                VALUES 
                ($subject_id, '$question', '$choice1', '$choice2', '$choice3', '$choice4', '$correct_choice', $score)";
    }

    mysqli_query($conn, $sql);
    header("Location: questions.php?subject_id=$subject_id");
    exit;
}
?>

<!DOCTYPE html>
<html>
<head>
    <meta charset="UTF-8">
    <title><?php echo $is_edit ? "แก้ไข" : "เพิ่ม"; ?> คำถาม</title>
    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css">
    <script>
    function updateCorrectChoices() {
        const choices = [
            { num: 1, text: document.getElementById("choice1").value },
            { num: 2, text: document.getElementById("choice2").value },
            { num: 3, text: document.getElementById("choice3").value },
            { num: 4, text: document.getElementById("choice4").value }
        ];

        const correctSelect = document.getElementById("correct_choice");
        const selected = correctSelect.value;

        correctSelect.innerHTML = '<option value="">-- เลือก --</option>';
        choices.forEach(c => {
            if (c.text.trim() !== "") {
                const opt = document.createElement("option");
                opt.value = c.num;
                opt.text = "ตัวเลือกที่ " + c.num + ": " + c.text;
                if (c.num == selected) {
                    opt.selected = true;
                }
                correctSelect.appendChild(opt);
            }
        });
    }

    window.onload = function () {
        updateCorrectChoices();
        ["choice1", "choice2", "choice3", "choice4"].forEach(id => {
            document.getElementById(id).addEventListener("input", updateCorrectChoices);
        });
    };
    </script>
</head>
<body>
<div class="container">
    <h3 class="text-center"><?php echo $is_edit ? "แก้ไข" : "เพิ่ม"; ?> คำถาม</h3>
    <p class="text-right">
        <a href="questions.php?subject_id=<?php echo $subject_id; ?>" class="btn btn-default btn-sm">← กลับ</a>
    </p>

    <form method="post">
        <div class="form-group">
            <label>คำถาม</label>
            <textarea name="question" class="form-control" required><?php echo htmlspecialchars($question); ?></textarea>
        </div>

        <?php for ($i = 1; $i <= 4; $i++): ?>
            <div class="form-group">
                <label>ตัวเลือกที่ <?php echo $i; ?><?php echo $i > 2 ? " (ไม่บังคับ)" : ""; ?></label>
                <input type="text" name="choice<?php echo $i; ?>" id="choice<?php echo $i; ?>" class="form-control" value="<?php echo htmlspecialchars(${"choice$i"}); ?>" <?php echo $i <= 2 ? "required" : ""; ?>>
            </div>
        <?php endfor; ?>

        <div class="form-group">
            <label>คำตอบที่ถูกต้อง</label>
            <select name="correct_choice" id="correct_choice" class="form-control" required></select>
        </div>

        <div class="form-group">
            <label>คะแนนของข้อนี้</label>
            <input type="number" name="score" class="form-control" required min="1" value="<?php echo htmlspecialchars($score); ?>">
        </div>

        <button type="submit" class="btn btn-success"><?php echo $is_edit ? "อัปเดต" : "บันทึก"; ?></button>
    </form>
</div>
</body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit