NG1NDEX
Server IP : 103.233.192.212  /  Your IP : 18.218.251.50
Web Server : Apache/2
System : Linux sv1.inde.co.th 3.10.0-1160.36.2.el7.x86_64 #1 SMP Wed Jul 21 11:57:15 UTC 2021 x86_64
User : sumpatuan ( 1058)
PHP Version : 5.5.38
Disable Function : symlink,shell_exec,exec,proc_close,proc_open,popen,system,dl,putenv,passthru,escapeshellarg,escapeshellcmd,pcntl_exec,proc_get_status,proc_nice,proc_terminate,pclose,ini_alter,virtual,openlog,ini_restore
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/sumpatuan/domains/sumpatuan.go.th/private_html/admin/data/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : /home/sumpatuan/domains/sumpatuan.go.th/private_html/admin/data/complain-edit.php
<?php  
    require_once('session_backend_administrator.php');
header('Content-Type: text/html; charset=UTF-8');
    if($STT_login=="admin_login_true"){

        $check_id = $con_db_administrator->real_escape_string($_GET['id']);
        $check_type = $con_db_administrator->real_escape_string($_GET['type']);
        $check_stt = $con_db_administrator->real_escape_string($_GET['stt']);
        $check_link = $con_db_administrator->real_escape_string($_GET['link']);

        if( $check_id=="" or !isset($check_id) or $check_type=="" or !isset($check_type) or $check_link=="" or !isset($check_link) or $check_stt=="" or !isset($check_stt) ){
            echo "<SCRIPT type='text/javascript'>
                    alert('ไม่พบข้อมูล ที่ต้องการแก้ไข');
                    window.location.replace(document.referrer);
                </SCRIPT>";
            exit;
        }else{
            if($check_stt=='0'){
                    /////// UPDATE STT
                    $ud_stt = " UPDATE `data_complain` SET `stt_complain`='1' WHERE `id_complain`='$check_id' AND `type_complain`='$check_type' ";  
                    $action_ud_stt = $con_db_administrator->query($ud_stt);
                    if(!$action_ud_stt){
                        echo "<SCRIPT type='text/javascript'>
                                alert('เกิดข้อผิดพลาด!');
                                window.location.replace(document.referrer);
                            </SCRIPT>";
                        exit;
                    }else{
                        $sql_data = " SELECT * , CONCAT( DAY(str_to_date(`datetime_complain`,'%d/%m/%Y')) ,'/',  MONTH(str_to_date(`datetime_complain`,'%d/%m/%Y')) ,'/', YEAR(str_to_date(`datetime_complain`,'%d/%m/%Y'))+543 ) AS 'cv_datetime_complain'
                                    , CONCAT( DAY(str_to_date(`datetime_fix_complain`,'%d/%m/%Y')) ,'/',  MONTH(str_to_date(`datetime_fix_complain`,'%d/%m/%Y')) ,'/', YEAR(str_to_date(`datetime_fix_complain`,'%d/%m/%Y'))+543 ) AS 'cv_datetime_fix_complain'
                                    FROM `data_complain` WHERE `id_complain`='$check_id' AND `type_complain`='$check_type' "; 
                        $qr_data = mysqli_query($con_db_administrator, $sql_data); 
                        $rs_data = mysqli_fetch_assoc($qr_data); 
            
                        if( empty($rs_data) ){
                            echo "<SCRIPT type='text/javascript'>
                                    alert('ไม่พบข้อมูล ที่ต้องการแก้ไข');
                                    window.location.replace('$check_link');
                                </SCRIPT>";
                            exit;
                        }
                    }
            }else{
                $sql_data = "  SELECT * , CONCAT( DAY(str_to_date(`datetime_complain`,'%d/%m/%Y')) ,'/',  MONTH(str_to_date(`datetime_complain`,'%d/%m/%Y')) ,'/', YEAR(str_to_date(`datetime_complain`,'%d/%m/%Y'))+543 ) AS 'cv_datetime_complain'
                                        , CONCAT( DAY(str_to_date(`datetime_fix_complain`,'%d/%m/%Y')) ,'/',  MONTH(str_to_date(`datetime_fix_complain`,'%d/%m/%Y')) ,'/', YEAR(str_to_date(`datetime_fix_complain`,'%d/%m/%Y'))+543 ) AS 'cv_datetime_fix_complain'
                                        FROM `data_complain` WHERE `id_complain`='$check_id' AND `type_complain`='$check_type' "; 
                $qr_data = mysqli_query($con_db_administrator, $sql_data); 
                $rs_data = mysqli_fetch_assoc($qr_data); 
    
                if( empty($rs_data) ){
                    echo "<SCRIPT type='text/javascript'>
                            alert('ไม่พบข้อมูล ที่ต้องการแก้ไข');
                            window.location.replace('$check_link');
                        </SCRIPT>";
                    exit;
                }
            }
        }
    }else{
        echo "<SCRIPT type='text/javascript'>
                alert('กรุณาเข้าสู่ระบบ');
                window.location.replace('../index');
            </SCRIPT>";
        exit;
    }
?>
<!doctype html>
<html lang="en">
    <head>
        <?php  include_once ("head.html"); ?>
    </head>
    <body class="" >
        <?php  include_once ("menu.php"); ?>
        <div class="container pt-3 pb-4 " >
            <div class="row ">
                <div class="col text-secondary" >
                    <div class="p-1 ps-2 box-link " ><a href="../backend-administrator" class="link-info">หน้าหลัก</a> / <a href="<?php echo $check_link;?>" class="link-info"><?php echo $check_type;?></a> / แก้ไขข้อมูล <?php echo $check_type;?></div>
                </div>
                <div class="w-100 pb-4"></div>
                <div class="col m-auto" >
                    <div class="bg-line-1 hideTab"></div>
                </div>
                <div class="col-auto text-center">
                    <span class="lh-sm h1 fw-700">แก้ไขข้อมูล <br class="showTab"><?php echo $check_type;?> </span>
                </div>
                <div class="col m-auto" >
                    <div class="bg-line-1 hideTab"></div>
                </div>
            </div>

            <div class="row mt-2 p-2">
                <div class="col mx-auto box-data p-4" style="max-width:950px;">
                    <div class="w-100 text-center fw-700 fs-26">ข้อมูล <?php echo $check_type;?> </div>
                    <div class="row mt-3 mb-4">
                        <label class="col-lg-2 col-form-label fw-700 txtbox-align">ข้อมูลผู้ร้องเรียน</label>
                        <div class="col-lg-10">
                            <div class="input-group mb-2">
                                <span class="input-group-text input_data_ct">ชื่อ-นามสกุล</span>
                                <input type="text" class="form-control" value="<?php if($rs_data['ct_name_complain']==""){ echo '- ไม่ระบุ -';}else{echo $rs_data['ct_name_complain'];} ?>" readonly disabled>
                            </div>
                            <div class="input-group mb-2">
                                <span class="input-group-text input_data_ct">เบอร์โทรศัพท์</span>
                                <input type="text" class="form-control" value="<?php if($rs_data['ct_tel_complain']==""){ echo '- ไม่ระบุ -';}else{echo $rs_data['ct_tel_complain'];} ?>" readonly disabled>
                            </div>
                            <div class="input-group">
                                <span class="input-group-text input_data_ct">E-mail</span>
                                <input type="text" class="form-control" value="<?php if($rs_data['ct_email_complain']==""){ echo '- ไม่ระบุ -';}else{echo $rs_data['ct_email_complain'];} ?>" readonly disabled>
                            </div>
                        </div>
                    </div>
                    <hr class="hr-das mb-4">
                    <div class="row mb-3 mt-4">
                        <label class="col-lg-2 col-form-label fw-700 txtbox-align lh-sm">วันเวลาร้องเรียน</label>
                        <div class="col-lg-10">
                            <input type="text" class="form-control " value="<?php echo $rs_data['cv_datetime_complain']; ?>" readonly disabled>
                        </div>
                    </div>
                    <div class="row mb-3">
                        <label class="col-lg-2 col-form-label fw-700 txtbox-align lh-sm">หัวข้อเรื่องร้องเรียน</label>
                        <div class="col-lg-10">
                            <input type="text" class="form-control " value="<?php echo $rs_data['name_complain']; ?>" readonly disabled>
                        </div>
                    </div>
                    <div class="row mb-4">
                        <label class="col-lg-2 col-form-label fw-700 txtbox-align lh-sm">รายละเอียด<br>การร้องเรียน</label>
                        <div class="col-lg-10">
                            <textarea type="text" class="form-control" rows="10" readonly disabled><?php echo $rs_data['details_complain']; ?></textarea>
                        </div>
                    </div>
                    <hr class="hr-das mb-3">
                    <div class="row mt-3">
                        <div class="col">
                            <span class="fs-18 fw-700 text-center">ไฟล์ที่เกี่ยวข้อง <i class="fas fa-caret-square-right"></i> <span class="text-danger"><?php echo $rs_data['name_complain']; ?></span></span>
                            <?php
                                $sql_cfiledoc = "SELECT COUNT(*) FROM `data_filedoc_complain` WHERE `typedata_filedoc_complain`='$check_type' AND `id_tbdata_filedoc_complain`='$check_id'  ";
                                $qr_cfiledoc = mysqli_query($con_db_administrator, $sql_cfiledoc) or trigger_error("SQL", E_USER_ERROR);
                                $rs_cfiledoc = mysqli_fetch_row($qr_cfiledoc);

                                $sql_data_filedoc = "SELECT * FROM `data_filedoc_complain` WHERE `typedata_filedoc_complain`='$check_type' AND `id_tbdata_filedoc_complain`='$check_id' ";
                                $qr_data_filedoc = mysqli_query($con_db_administrator,$sql_data_filedoc) or die( mysqli_error($con_db_administrator));
                            ?>
                            <table class="table table-sm table-bordered table-bordered table-hover mt-2 mb-2 shadow-sm">
                                <thead >
                                    <tr class="text-center table-secondary fs-16">
                                        <th style="width:100%">ไฟล์ที่เกี่ยวข้อง <?php echo $rs_cfiledoc[0]; ?> รายการ</th>
                                    </tr>
                                </thead>
                                <tbody class="table-group-divider fs-16">
                                        <?php while($rs_data_filedoc = mysqli_fetch_array($qr_data_filedoc)){  ?>
                                        <tr>
                                            <td><a href="<?php echo "../../".$rs_data_filedoc['path_filedoc_complain'];?>" target="_blank" class="link-danger"><i class="fas fa-file-alt" ></i> <?php echo $rs_data_filedoc['name_filedoc_complain'];?></a></td>
                                        </tr>
                                        
                                        <?php } ?>
                                    <?php 
                                        if($rs_cfiledoc[0]=="0"){ echo '<tr><td colspan="7"><div class="w-100 text-center mt-3 mb-3 text-secondary opacity-50 fs-16" ><i class="fas fa-eye-slash"></i>ไม่พบไฟล์ที่เกี่ยวข้อง</div></td></tr>';}
                                    ?>

                                </tbody>                            
                            </table>
                        </div>
                    </div>
                </div>
            </div>

            <div class="row mt-2 p-2" >
                <div class="col mx-auto box-data2 p-4" style="max-width:950px;">
                    <form action="action/save-complain-edit" method="post" enctype="multipart/form-data">
                    <input type="hidden" name="edt_id" value="<?php echo $rs_data['id_complain']; ?>" readonly>
                    <input type="hidden" name="edt_link" value="<?php echo $check_link; ?>" readonly>
                        <div class="w-100 text-center fw-700 fs-26">การรับเรื่อง <?php echo $check_type;?></div>
                        <div class="row mb-4 mt-3">
                            <label class="col-lg-2 col-form-label fw-700 txtbox-align lh-sm">รายละเอียด<br>การรับเรื่อง</label>
                            <div class="col-lg-10">
                                <textarea type="text" class="form-control" name="edt_details_fix" rows="6" required><?php echo $rs_data['details_fix_complain']; ?></textarea>
                                <?php if($rs_data['cv_datetime_fix_complain'] !="") {echo '<small class="fs-12 fw-300">ข้อมูลอัพเดทล่าสุด: '.$rs_data['cv_datetime_fix_complain'].'</small>';} ?>
                            </div>
                        </div>
                        <div class="row mb-4">
                            <label class="col-2 col-form-label m-auto fw-700 txtbox-align">สถานะ</label>
                            <div class="col-10">
                                <select class="form-select " name="statusshow" style="max-width:200px">
                                    <option value="1" <?php if($rs_data['stt_complain']=="1"){ echo "selected"; }?>>เปิดดูแล้ว</option>
                                    <option value="2" <?php if($rs_data['stt_complain']=="2"){ echo "selected"; }?>>รับเรื่องแล้ว</option>
                                </select>
                            </div>
                        </div>
                        <hr class="hr-das mb-3">
                        <div class="text-center">
                            <button type="submit" class="btn btn-success"><i class="fas fa-save me-2" ></i> บันทึกข้อมูล</button>
                            <button type="button" class="btn btn-danger ms-2" onclick="location.href='<?php echo $check_link;?>'">ย้อนกลับ</button>
                        </div>
                    </form>

                </div>
            </div>

            <?php  include_once ("../footer.php"); ?>

        </div>

    </body>

</html>

Anon7 - 2022
AnonSec Team