403Webshell
Server IP : 104.21.80.248  /  Your IP : 172.71.28.155
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  E:/Inetpub/www/training/group/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : E:/Inetpub/www/training/group/subject_form_old.php
<?php
include("../session.php");

if ($role != 'group') {
    header("Location: ../index.php");
    exit;
}

$name = "";
$pass_percentage = "80";
$curriculum_year = "2565-2567";
$is_edit = false;

// แก้ไข: ดึงข้อมูลเดิม
if (isset($_GET['id'])) {
    $is_edit = true;
    $id = intval($_GET['id']);
    $result = mysqli_query($conn, "SELECT * FROM subjects WHERE id = $id AND group_id = $user_id");
    if ($row = mysqli_fetch_assoc($result)) {
        $name = $row['name'];
        $pass_percentage = $row['pass_percentage'];
        $curriculum_year = $row['curriculum_year'];
    } else {
        echo "ไม่พบข้อมูลวิชา หรือไม่มีสิทธิ์แก้ไขวิชานี้"; 
        exit;
    }
}

// บันทึกข้อมูล
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $name = trim($_POST['name']);
    $pass_percentage = intval($_POST['pass_percentage']);
    $curriculum_year = $_POST['curriculum_year'];

    if ($is_edit) {
        $sql = "UPDATE subjects SET name = '$name', pass_percentage = $pass_percentage, curriculum_year = '$curriculum_year' WHERE id = $id AND group_id = $user_id";
    } else {
        $sql = "INSERT INTO subjects (name, group_id, pass_percentage, curriculum_year) VALUES ('$name', $user_id, $pass_percentage, '$curriculum_year')";
    }

    mysqli_query($conn, $sql);
    header("Location: subjects.php");
    exit;
}
?>

<!DOCTYPE html>
<html>
<head>
    <meta charset="UTF-8">
    <title><?php echo $is_edit ? "แก้ไข" : "เพิ่ม"; ?> วิชา</title>
    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css">
</head>
<body>
<div class="container">
    <h3 class="text-center"><?php echo $is_edit ? "แก้ไข" : "เพิ่ม"; ?> วิชา</h3>
    <p class="text-right">
        <a href="subjects.php" class="btn btn-default btn-sm">← กลับ</a>
    </p>

    <form method="post" action="">
        <div class="form-group">
            <label>ชื่อวิชา</label>
            <input type="text" name="name" class="form-control" required value="<?php echo htmlspecialchars($name); ?>">
        </div>
        
        <div class="form-group">
            <label>หลักสูตรปี</label>
            <select name="curriculum_year" class="form-control" required>
                <option value="2565-2567" <?php echo $curriculum_year == "2565-2567" ? "selected" : ""; ?>>2565-2567</option>
                <option value="2568" <?php echo $curriculum_year == "2568" ? "selected" : ""; ?>>2568</option>
            </select>
        </div>

        <div class="form-group">
            <label>เปอร์เซ็นต์ที่ต้องผ่าน (%)</label>
            <input type="number" name="pass_percentage" class="form-control" required min="1" max="100" value="<?php echo htmlspecialchars($pass_percentage); ?>">
        </div>

        <button type="submit" class="btn btn-success"><?php echo $is_edit ? "อัปเดต" : "บันทึก"; ?></button>
    </form>
</div>
</body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit