403WebShell

403Webshell

Server IP : 61.19.30.66 / Your IP : 216.73.216.15
Web Server : Apache/2.2.22 (Ubuntu)
System : Linux klw 3.11.0-15-generic #25~precise1-Ubuntu SMP Thu Jan 30 17:39:31 UTC 2014 x86_64
User : www-data ( 33)
PHP Version : 5.3.10-1ubuntu3.48
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF
Directory : /var/www/cooperative/sell/

Upload File :

[ Back ]

Current File : /var/www/cooperative/sell/viewdetail.php

<?
ob_start();
session_start();
if($_SESSION["adminlogin"]=="")
{
header('location:index.php');
exit();
}
//============ Start Session และทำการเรียก Function ติดต่อฐานข้อมูล 
require_once('../connect/connect.php');
require_once("../connect/function.php");

//=========== อ่านหัวข้อกระทู้
$result=select("question","WHERE 1 AND QUESTION_ID='".($_GET["QuestionID"])."'");
if(!$result)
{
header("location:webboard.php");
exit();
}
//=========== กรณีลบกระทู้
if($_GET["AC"]=="DELETE1")
{
	//=========== ลบทั้งกระทู้และความคิดเห็น
delete("question","WHERE 1 AND QUESTION_ID='".($_GET["QuestionID"])."'");
delete("reply","WHERE 1 AND QUESTION_ID='".($_GET["QuestionID"])."'");
echo "<script language=\"javascript\">";
echo "alert(\"ลบกระทู้เรียบร้อยแล้ว\");";
echo "window.location='webboard.php';";
echo "</script>";
}
//=========== กรณีลบความคิดเห็น
if($_GET["AC"]=="DELETE2")
{
delete("reply","WHERE 1 AND REPLY_ID='".($_GET["ReplyID"])."'");
echo "<script language=\"javascript\">";
echo "alert(\"ลบความคิดเห็นเรียบร้อยแล้ว\");";
echo "window.location='viewdetail.php?QuestionID=$_GET[QuestionID]';";
echo "</script>";
}

?>
<html>
<title>..:: ระบบจัดการฐานข้อมูล ::</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" href="../css/styles.css" type="text/css">
<div align="center"><br>
  <table cellspacing=1 cellpadding=4 width="68%" bgcolor=#CCCCCC border=0 align="center" height="10">
    <tbody>
      <tr bgcolor=#e5e5e5> 
        <td width="100%" bgcolor="#FFFFFF"> <div align="center"></div>
          <table cellspacing=1 cellpadding=4 width="100%" border=0 align="center" height="10">
            <tbody>
              <tr bgcolor=#e5e5e5> 
                <td width="35%" bgcolor="#FFFFFF"> <div align="left"><b><img src="../image/allrowto.gif" width="11" height="11" align="absbottom"> 
                    จัดการกระทู้</b></div></td>
                <td width="22%" align=middle bgcolor="#FFFFFF"> <div align="left"> 
                  </div></td>
                <td width="43%" bgcolor="#FFFFFF"> <div align="right"><a href="webboard.php">กลับไปหน้าหลัก</a></div></td>
              </tr>
            </tbody>
          </table></td>
      </tr>
    </tbody>
  </table>
</div>
  <table width="68%" border="0" align="center" cellpadding="0" cellspacing="0">
    <tr> 
      <td width="58%">&nbsp;</td>
      <td width="42%">&nbsp;</td>
    </tr>
  </table>
  
<br>
<br>
<table width="69%" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr> 
    <td> <table width="100%" cellpadding="0" cellspacing="0">
        <tr> 
          <td class="boxtext style21"> 
            <?=($result["SUBJECT"]);?>
          </td>
        </tr>
        <tr> 
          <td><table width="85%" cellpadding="0" cellspacing="0">
              <tr> 
                <td width="77%" class="boxtext"><strong> 
                  <?=($result["NAME"]);?>
                  </strong>+ 
                  <?=($result["CREATEDATE"]);?>
                  <span class="boxtext"> <a href="javascript:if(confirm('ต้องการลบกระทู้นี้ ใช่หรือไม่')==true){ window.location='viewdetail.php?AC=DELETE1&QuestionID=<?=$result["QUESTION_ID"];?>'; }else{}"><img src="images/delete.gif" width="12" height="11" border="0"></a> 
                  </span></td>
                <td class="boxtext" align="right" width="23%"><div align="left"></div></td>
              </tr>
            </table></td>
        </tr>
        <tr> 
          <td class="boxtext style22"> 
            <?=(nl2br($result["DESCRIPTION"]));?>
          </td>
        </tr>
        <tr> 
          <td align="right"><strong></strong></td>
        </tr>
      </table>
      <hr align="left" width="100%" color="#D7ECA7"> 
      <?
						//===========  อ่านว่ามีความคิดเห็นใดบ้าง
						$strSQLReply="SELECT * FROM reply WHERE 1 AND QUESTION_ID='".($_GET["QuestionID"])."' ";
						$QUERY=mysql_query($strSQLReply);
						while($resultReply=mysql_fetch_array($QUERY))
						{
						?>
      <table width="100%" cellpadding="0" cellspacing="0">
        <tr> 
          <td></td>
        </tr>
        <tr> 
          <td><table width="85%" cellpadding="0" cellspacing="0">
              <tr> 
                <td width="77%" class="boxtext"><strong> 
                  <?=($resultReply["NAME"]);?>
                  </strong>+ 
                  <?=($resultReply["CREATEDATE"]);?>
                  <span class="boxtext"> <a href="javascript:if(confirm('ต้องการลบความคิดเห็นนี้ ใช่หรือไม่')==true){ window.location='viewdetail.php?AC=DELETE2&QuestionID=<?=$result["QUESTION_ID"];?>&ReplyID=<?=$resultReply["REPLY_ID"];?>'; }"><img src="images/delete.gif" width="12" height="11" border="0"></a> 
                  </span> </td>
                <td class="boxtext" align="right" width="23%"><div align="left"></div></td>
              </tr>
            </table></td>
        </tr>
        <tr> 
          <td class="boxtext style22"> 
            <?=(nl2br($resultReply["DESCRIPTION"]));?>
          </td>
        </tr>
        <tr> 
          <td class="font0" align="right"></td>
        </tr>
        <tr> 
          <td></td>
        </tr>
      </table>
      <hr align="left" width="100%" color="#D7ECA7"> 
      <?
						}
						?>
    </td>
  </tr>
</table>

Youez - 2016 - github.com/yon3zu
LinuXploit