403Webshell
Server IP : 27.254.66.5  /  Your IP : 216.73.217.39
Web Server : Apache/2
System : Linux cs82.hostneverdie.com 3.10.0-1160.45.1.el7.x86_64 #1 SMP Wed Oct 13 17:20:51 UTC 2021 x86_64
User : technic2 ( 1951)
PHP Version : 7.4.30
Disable Function : apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd,exec, fp, fput, highlight_file, ini_alter, ini_restore, inject_code, passthru,phpAds_remoteInfo, phpAds_XmlRpc,phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid,posix_setuid, posix_setuid, posix_uname,proc_open,proc_close, proc_get_status, proc_nice, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode, show_source,sleep,pcntl_exec,virtual,suexec,dbmopen,dl,symlink,disk_free_space,diskfreespace,leak
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/technic2/public_html/old-website/vecsc/jojo/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /home/technic2/public_html/old-website/vecsc/jojo/save_edit_register1.php
<?php
Ob_start();
session_start();
//echo $_SESSION["counter"] . '<br>';
?>
<!doctype html>
<html lang="en">
 <head>
  <meta charset="UTF-8">
  <meta name="Generator" content="EditPlus®">
  <meta name="Author" content="">
  <meta name="Keywords" content="">
  <meta name="Description" content="">
  <!-- meta http-equiv="refresh" content="5; url=register1.php" -->
  <title>Document</title>
 </head>
 <body>

<?php

function cal_amount($position_id) {
	
	if ($position_id == 1)  {
		
		$amount = 300;
		return $amount;
	} elseif ($position_id == 2) {

		$amount = 300;
		return $amount;
	} elseif ($position_id == 3) {

		$amount = 300;
		return $amount;
	} elseif ($position_id == 4) {

		$amount = 250;
		return $amount;
	} elseif ($position_id == 5) {

		$amount = 250;
		return $amount;
	}

}

	$position_id = '';
	if (isset($_POST['college_id']) == false) {
		$position_id = '';
	}

if ($_POST['college_id'] <> '' and $_SESSION["counter"] == 1) {

// Create connection
require_once('config.php');

// Check connection
if (!$conn) {
    die('Connection failed: ' . mysqli_connect_error());
}

mysqli_set_charset($conn,'utf8');


		$sql1 = "SELECT * FROM ongkarn WHERE ongkarn.college_id = '" . $_POST['college_id'] . "' ORDER BY ongkarn.position_id ASC";

		//echo $sql1 . "<br>";

		$result1 = mysqli_query($conn, $sql1);

		if (mysqli_num_rows($result1) > 0) {
			// output data of each row
			while($row = mysqli_fetch_assoc($result1)) {
				
			$position_id[] = $row['position_id'];

			//echo $row['fname'] . "<br>";
			
			}
		} else {
			echo "0 results";
		}

//echo $_POST['count_member'] . '<br>';


if ($_POST['college_id'] <> '' and $_POST['position_id1'] <> '' and $_POST['tname1'] <> '' and $_POST['fname1'] <> '' and $_POST['lname1'] <> '' and $_POST['polo_size1'] <> '' and $_POST['count_member'] >= 1) {

$sql2 = "UPDATE ongkarn SET tname = '" . $_POST['tname1'] . "', fname = '" . $_POST['fname1'] . "', lname = '" . $_POST['lname1'] . "', polo_size = '" . $_POST['polo_size1'] . "', phone = '" . $_POST['phone'] . "' WHERE ongkarn.college_id = '" . $_POST['college_id'] . "' and ongkarn.position_id = '" . $position_id[0] . "'";

mysqli_query($conn, $sql2);

} elseif ($_POST['college_id'] <> '' and $_POST['position_id1'] <> '' and $_POST['tname1'] <> '' and $_POST['fname1'] <> '' and $_POST['lname1'] <> '' and $_POST['polo_size1'] <> '' and $_POST['count_member'] <= 1) {

$sql2 = "INSERT INTO ongkarn (position_id, tname, fname, lname, polo_size, amount, college_id, phone, timestamp) VALUES ('" . $_POST['position_id1'] . "', '" . $_POST['tname1'] . "', '" . $_POST['fname1'] . "', '" . $_POST['lname1'] . "', '" . $_POST['polo_size1'] . "', '" . cal_amount($_POST['position_id1']) . "', '" . $_POST['college_id'] . "','" . $_POST['phone'] . "', Now())";

mysqli_query($conn, $sql2);

}

if ($_POST['college_id'] <> '' and $_POST['position_id2'] <> '' and $_POST['tname2'] <> '' and $_POST['fname2'] <> '' and $_POST['lname2'] <> '' and $_POST['polo_size2'] <> '' and $_POST['count_member'] >= 2) {

$sql3 = "UPDATE ongkarn SET tname = '" . $_POST['tname2'] . "', fname = '" . $_POST['fname2'] . "', lname = '" . $_POST['lname2'] . "', polo_size = '" . $_POST['polo_size2'] . "', phone = '" . $_POST['phone'] . "' WHERE ongkarn.college_id = '" . $_POST['college_id'] . "' and ongkarn.position_id = '" . $position_id[1] . "'";

mysqli_query($conn, $sql3);

} elseif ($_POST['college_id'] <> '' and $_POST['position_id2'] <> '' and $_POST['tname2'] <> '' and $_POST['fname2'] <> '' and $_POST['lname2'] <> '' and $_POST['polo_size2'] <> '' and $_POST['count_member'] <= 2) {

$sql3 = "INSERT INTO ongkarn (position_id, tname, fname, lname, polo_size, amount, college_id, phone, timestamp) VALUES ('" . $_POST['position_id2'] . "', '" . $_POST['tname2'] . "', '" . $_POST['fname2'] . "', '" . $_POST['lname2'] . "', '" . $_POST['polo_size2'] . "', '" . cal_amount($_POST['position_id2']) . "', '" . $_POST['college_id'] . "','" . $_POST['phone'] . "', Now())";

mysqli_query($conn, $sql3);

}

if ($_POST['college_id'] <> '' and $_POST['position_id3'] <> '' and $_POST['tname3'] <> '' and $_POST['fname3'] <> '' and $_POST['lname3'] <> '' and $_POST['polo_size3'] <> '' and $_POST['count_member'] >= 3) {

$sql4 = "UPDATE ongkarn SET tname = '" . $_POST['tname3'] . "', fname = '" . $_POST['fname3'] . "', lname = '" . $_POST['lname3'] . "', polo_size = '" . $_POST['polo_size3'] . "', phone = '" . $_POST['phone'] . "' WHERE ongkarn.college_id = '" . $_POST['college_id'] . "' and ongkarn.position_id = '" . $position_id[2] . "'";

mysqli_query($conn, $sql4);

} elseif ($_POST['college_id'] <> '' and $_POST['position_id3'] <> '' and $_POST['tname3'] <> '' and $_POST['fname3'] <> '' and $_POST['lname3'] <> '' and $_POST['polo_size3'] <> '' and $_POST['count_member'] <= 3) {

$sql4 = "INSERT INTO ongkarn (position_id, tname, fname, lname, polo_size, amount, college_id, phone, timestamp) VALUES ('" . $_POST['position_id3'] . "', '" . $_POST['tname3'] . "', '" . $_POST['fname3'] . "', '" . $_POST['lname3'] . "', '" . $_POST['polo_size3'] . "', '" . cal_amount($_POST['position_id3']) . "', '" . $_POST['college_id'] . "','" . $_POST['phone'] . "', Now())";

mysqli_query($conn, $sql4);

}

if ($_POST['college_id'] <> '' and $_POST['position_id4'] <> '' and $_POST['tname4'] <> '' and $_POST['fname4'] <> '' and $_POST['lname4'] <> '' and $_POST['polo_size4'] <> '' and $_POST['count_member'] >= 4) {

$sql5 = "UPDATE ongkarn SET tname = '" . $_POST['tname4'] . "', fname = '" . $_POST['fname4'] . "', lname = '" . $_POST['lname4'] . "', polo_size = '" . $_POST['polo_size4'] . "', phone = '" . $_POST['phone'] . "' WHERE ongkarn.college_id = '" . $_POST['college_id'] . "' and ongkarn.position_id = '" . $position_id[3] . "'";

mysqli_query($conn, $sql5);

} elseif ($_POST['college_id'] <> '' and $_POST['position_id4'] <> '' and $_POST['tname4'] <> '' and $_POST['fname4'] <> '' and $_POST['lname4'] <> '' and $_POST['polo_size4'] <> '' and $_POST['count_member'] <= 4) {

$sql5 = "INSERT INTO ongkarn (position_id, tname, fname, lname, polo_size, amount, college_id, phone, timestamp) VALUES ('" . $_POST['position_id4'] . "', '" . $_POST['tname4'] . "', '" . $_POST['fname4'] . "', '" . $_POST['lname4'] . "', '" . $_POST['polo_size4'] . "', '" . cal_amount($_POST['position_id4']) . "', '" . $_POST['college_id'] . "','" . $_POST['phone'] . "', Now())";

mysqli_query($conn, $sql5);

}

if ($_POST['college_id'] <> '' and $_POST['position_id5'] <> '' and $_POST['tname5'] <> '' and $_POST['fname5'] <> '' and $_POST['lname5'] <> '' and $_POST['polo_size5'] <> '' and $_POST['count_member'] >= 5) {

$sql6 = "UPDATE ongkarn SET tname = '" . $_POST['tname5'] . "', fname = '" . $_POST['fname5'] . "', lname = '" . $_POST['lname5'] . "', polo_size = '" . $_POST['polo_size5'] . "', phone = '" . $_POST['phone'] . "' WHERE ongkarn.college_id = '" . $_POST['college_id'] . "' and ongkarn.position_id = '" . $position_id[4] . "'";

mysqli_query($conn, $sql6);

} elseif ($_POST['college_id'] <> '' and $_POST['position_id5'] <> '' and $_POST['tname5'] <> '' and $_POST['fname5'] <> '' and $_POST['lname5'] <> '' and $_POST['polo_size5'] <> '' and $_POST['count_member'] <= 5) {

$sql6 = "INSERT INTO ongkarn (position_id, tname, fname, lname, polo_size, amount, college_id, phone, timestamp) VALUES ('" . $_POST['position_id5'] . "', '" . $_POST['tname5'] . "', '" . $_POST['fname5'] . "', '" . $_POST['lname5'] . "', '" . $_POST['polo_size5'] . "', '" . cal_amount($_POST['position_id5']) . "', '" . $_POST['college_id'] . "','" . $_POST['phone'] . "', Now())";

mysqli_query($conn, $sql6);

}

//$sql7 = "UPDATE ongkarn SET tname = '" . $_POST['tname6'] . "', fname = '" . $_POST['fname6'] . "', lname = '" . $_POST['lname6'] . "', polo_size = '" . $_POST['polo_size6'] . "', phone = '" . $_POST['phone'] . "' WHERE ongkarn.college_id = '" . $_POST['college_id'] . "' and ongkarn.position_id = '" . $position_id[5] . "'";


//echo $sql2 . "<br>";
//echo $sql3 . "<br>";
//echo $sql4 . "<br>";
//echo $sql5 . "<br>";
//echo $sql6 . "<br>";
//echo $sql7 . "<br>";

//if (mysqli_query($conn, $sql1)) {
//    echo '<div align=center><br><br><h1>บันทึกข้อมูลเรียบร้อยแล้ว</h1></div>';
//} else {
//    echo 'Error: ' . $sql1 . '<br>' . mysqli_error($conn);
//}


//mysqli_query($conn, $sql7);

mysqli_close($conn);

echo '<center>' . 'แก้ไขข้อมูลเรียบร้อยแล้ว' . '<br>';
echo 'กรุณาจำรหัส ' . $_POST['college_id'] . " สำหรับเข้าไปแก้ไขข้อมูล" . '</center>';
$_SESSION["counter"] = 0;

} else {

	echo 'ข้อมูลไม่ถูกต้อง กลับไปกรอกอีกครั้ง';

}

?>

<br>
<center>
<a href="./register1.php">กลับหน้าหลัก</a>
</center>

 </body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit