| Server IP : 172.67.187.206 / Your IP : 172.71.28.156 Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586 User : SYSTEM ( 0) PHP Version : 5.6.30 Disable Function : NONE MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : E:/Inetpub/www/myschool/tharuapit/modules/tkk5/ |
Upload File : |
<?
CheckUser($_SESSION['user_user'], $_SESSION['user_pwd']);
?>
<TABLE cellSpacing=0 cellPadding=0 width=700 border=0 background="images/1234.jpg">
<TBODY>
<TR>
<TD vAlign=top>
<?
if($_GET[op] == "tkk5_add" AND $_GET[action] == "add"){
//////////////////////////////////////////// กรณีเพิ่ม Database
if(CheckLevelUser($_SESSION['user_user'],$_GET[op])){
//require("includes/class.resizepic.php");
//$FILE = $_FILES['FILE'];
if (!$_POST[CATEGORY] OR !$_POST[TOPIC]){
echo "<script language='javascript'>" ;
echo "alert('กรุณากรอกข้อมูลต่างๆให้ครบถ้วน')" ;
echo "</script>" ;
echo "<script language='javascript'>javascript:history.back()</script>";
exit();
}
//if (( $FILE['type']!="image/gif" ) AND ( $FILE['type']!="image/png" ) AND ($FILE['type']!="image/jpg") AND ($FILE['type']!="image/jpeg") AND ($FILE['type']!="image/pjpeg")){
//echo "<script language='javascript'>" ;
//echo "alert('กรุณาใช้ไฟล์นามสกุล jpg เท่านั้น')" ;
//echo "</script>" ;
//echo "<script language='javascript'>javascript:history.back()</script>";
//exit();
//}else{
//@copy ($FILE['tmp_name'] , "tkk5icon/".TIMESTAMP.".jpg" );
//$original_image = "tkk5icon/".TIMESTAMP.".jpg" ;
// $desired_width = _Itkk5_W ;
//$desired_height = _Itkk5_H ;
//$image = new hft_image($original_image);
//$image->resize($desired_width, $desired_height, '0');
//$image->output_resized("tkk5icon/".TIMESTAMP.".jpg", "JPG");
//}
//ทำการเพิ่มข้อมูลลงดาต้าเบส
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$db->add_db(TB_TKK5,array(
"category"=>"$_POST[CATEGORY]",
"topic"=>"$_POST[TOPIC]",
"posted"=>"$_POST[POSTED]",
"post_date"=>"".TIMESTAMP."",
"update_date"=>"".TIMESTAMP."",
"enable_comment"=>"$_POST[ENABLE_COMMENT]"
));
$db->closedb ();
$ProcessOutput .= "<BR><BR>";
$ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>";
$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>ได้ทำการส่งข่าวด่วน เข้าสู่ระบบเรียบร้อยแล้ว</B></FONT><BR><BR>";
$ProcessOutput .= "</CENTER>";
}else{
//กรณีไม่ผ่าน
$ProcessOutput = $PermissionFalse ;
}
echo $ProcessOutput ;
}
else if($_GET[op] == "tkk5_add"){
//////////////////////////////////////////// กรณีเพิ่ม Form
if(CheckLevelUser($_SESSION['user_user'],$_GET[op])){
// CheckUser($_SESSION['admin_user']);
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$res[admin] = $db->select_query("SELECT * FROM ".TB_ADMIN." WHERE username='".$_SESSION['admin_user']."' ");
$arr[admin] = $db->fetch($res[admin]);
?>
<?
// CheckUser($_SESSION['user_user']);
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$res[user] = $db->select_query("SELECT * FROM ".TB_user." WHERE username='".$_SESSION['user_user']."' ");
$arr[user] = $db->fetch($res[user]);
?>
<FORM NAME="myform" METHOD=POST ACTION="?name=tkk5&file=add&op=tkk5_add&action=add" enctype="multipart/form-data">
<CENTER><B><font color=red>การเขียนข่าวด่วน เขียนบรรทัดเดียว ห้ามขึ้นบรรทัดใหม่</font></B><BR>
<textarea cols="60" rows="3" NAME="TOPIC"></textarea>
<BR>
<INPUT TYPE="hidden" NAME="CATEGORY" VALUE="1" readonly style=\"color: #FF0000" >
: <INPUT TYPE="hidden" NAME="POSTED" VALUE="<?=$arr[usersch][name];?> <?=$arr[user][category_name];?>" readonly style=\"color: #FF0000" >
<input type="submit" value=" ส่งข้อความ " name="submit"> <input type="reset" value=" เคลีย " name="reset"></CENTER>
</FORM>
<?
}else{
//กรณีไม่ผ่าน
echo $PermissionFalse ;
}
}
else if($_GET[op] == "tkk5_del" AND $_GET[action] == "multidel"){
//////////////////////////////////////////// กรณีลบ Multi
if(CheckLevel($_SESSION['admin_user'],$_GET[op])){
while(list($key, $value) = each ($_POST['list'])){
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$res[tkk5] = $db->select_query("SELECT * FROM ".TB_TKK5." WHERE id='".$value."' ");
$arr[tkk5] = $db->fetch($res[tkk5]);
$db->del(TB_TKK5," id='".$value."' ");
$db->closedb ();
@unlink("tkk5data/".$arr[tkk5][post_date].".txt");
@unlink("tkk5icon/".$arr[tkk5][post_date].".jpg");
}
$ProcessOutput .= "<BR><BR>";
$ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>";
$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>ได้ทำการลบข่าวสาร/ประชาสัมพันธ์เรียบร้อยแล้ว</B></FONT><BR><BR>";
$ProcessOutput .= "<A HREF=\"?name=admin&file=tkk5\"><B>กลับหน้า จัดการข่าวสาร/ประชาสัมพันธ์</B></A>";
$ProcessOutput .= "</CENTER>";
$ProcessOutput .= "<BR><BR>";
}else{
//กรณีไม่ผ่าน
$ProcessOutput = $PermissionFalse ;
}
echo $ProcessOutput ;
}
else if($_GET[op] == "tkk5_del"){
//////////////////////////////////////////// กรณีลบ Form
if(CheckLevel($_SESSION['admin_user'],$_GET[op])){
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$db->del(TB_TKK5," id='".$_GET[id]."' ");
$db->closedb ();
@unlink("tkk5data/".$_GET[prefix].".txt");
@unlink("tkk5icon/".$_GET[prefix].".jpg");
$ProcessOutput .= "<BR><BR>";
$ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>";
$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>ได้ทำการลบข่าวสาร/ประชาสัมพันธ์เรียบร้อยแล้ว</B></FONT><BR><BR>";
$ProcessOutput .= "<A HREF=\"?name=admin&file=tkk5\"><B>กลับหน้า จัดการข่าวสาร/ประชาสัมพันธ์</B></A>";
$ProcessOutput .= "</CENTER>";
$ProcessOutput .= "<BR><BR>";
}else{
//กรณีไม่ผ่าน
$ProcessOutput = $PermissionFalse ;
}
echo $ProcessOutput ;
}
?>
<BR><BR>
</TD>
</TR>
</TABLE>
<BR><BR>
<!-- Admin -->
</TD>
</TR>
</TBODY>
</TABLE>