| Server IP : 103.233.192.212 / Your IP : 13.58.121.189 Web Server : Apache/2 System : Linux sv1.inde.co.th 3.10.0-1160.36.2.el7.x86_64 #1 SMP Wed Jul 21 11:57:15 UTC 2021 x86_64 User : sumpatuan ( 1058) PHP Version : 5.5.38 Disable Function : symlink,shell_exec,exec,proc_close,proc_open,popen,system,dl,putenv,passthru,escapeshellarg,escapeshellcmd,pcntl_exec,proc_get_status,proc_nice,proc_terminate,pclose,ini_alter,virtual,openlog,ini_restore MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /home/sumpatuan/domains/sumpatuan.go.th/private_html/admin/new/action/ |
Upload File : |
<?php
require_once('session_backend_administrator.php');
header('Content-Type: text/html; charset=UTF-8');
date_default_timezone_set("Asia/Bangkok");
$datetime = date('d/m/Y H.i');
if($STT_login=="admin_login_true"){
if( !isset($_POST['txt_name']) or !isset($_POST['txt_year']) or !isset($_POST['txt_type']) or !isset($_POST['txt_subtype']) ){
echo "<SCRIPT type='text/javascript'>
alert('กรุณากรอกข้อมูลให้ครบ');
window.location.replace(document.referrer);
</SCRIPT>";
exit;
}else{
$data_namenew = trim($con_db_administrator->real_escape_string($_POST['txt_name']));
$data_yearnew = trim($con_db_administrator->real_escape_string($_POST['txt_year']));
$data_typenew = $con_db_administrator->real_escape_string($_POST['txt_type']);
$data_subtypenew = $con_db_administrator->real_escape_string($_POST['txt_subtype']);
$data_sttnew = $con_db_administrator->real_escape_string($_POST['statusshow']);
$data_linknew = $con_db_administrator->real_escape_string($_POST['linknew']);
$data_new = $con_db_administrator->real_escape_string($_POST['txt_data']);
$lastupdate_new = $con_db_administrator->real_escape_string($_POST['txt_lastupdate']);
$date = $_POST['txt_date'];
$date_new = date("d/m/Y",strtotime($date));
$insert_new = " INSERT INTO `data_new` (`name_new`, `year_new`, `type_new`, `subtype_new`, `date_new`, `data_new`, `stt_new`, `lastupdate_new`)
VALUES ( '$data_namenew', '$data_yearnew', '$data_typenew', '$data_subtypenew', '$date_new', '$data_new', '$data_sttnew', '$lastupdate_new' )";
$action_new = $con_db_administrator->query($insert_new);
if(!$action_new){
echo "<SCRIPT type='text/javascript'>
alert('เพิ่มข้อมูลไม่สำเร็จ กรุณาลองใหม่อีกครั้ง');
window.location.replace('../$data_linknew');
</SCRIPT>";
exit;
}else{
$sql_data = " SELECT `id_new` FROM `data_new` WHERE `name_new`='$data_namenew' AND `lastupdate_new`='$lastupdate_new' ORDER BY `id_new` DESC LIMIT 1 ";
$qr_data = mysqli_query($con_db_administrator, $sql_data);
$rs_data = mysqli_fetch_assoc($qr_data);
$id_data = $rs_data['id_new'];
echo "<SCRIPT type='text/javascript'>
alert('เพิ่มข้อมูลใหม่ สำเร็จ');
window.location.replace('../News-edit?id=$id_data&type=$data_typenew&link=$data_linknew');
</SCRIPT>";
exit;
}
}
}else{
echo "<SCRIPT type='text/javascript'>
alert('กรุณาเข้าสู่ระบบ');
window.location.replace('../../index');
</SCRIPT>";
exit;
}
mysqli_close($con_db_administrator);
?>