| Server IP : 103.233.193.20 / Your IP : 216.73.216.169 Web Server : Apache/2 System : Linux host1.itclever.com 4.18.0-553.16.1.el8_10.x86_64 #1 SMP Thu Aug 8 17:47:08 UTC 2024 x86_64 User : oriscomadm ( 1120) PHP Version : 5.6.40 Disable Function : exec,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /home/oriscomadm/domains/oriscom.com/private_html/admin/ |
Upload File : |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>ระบบหลังร้าน</title>
<link type="text/css" rel="stylesheet" href="css/common.css">
<link type="text/css" rel="stylesheet" href="css/style.css">
</head>
<body id="admin">
<div id="wrapper_admin">
<?php
require_once("include/header.php");
$succes = '<div id="success">ทำรายการสำเร็จ</div>';
$error = '<div id="error">ทำรายการไม่สำเร็จ</div>';
$table = $_POST['table'];
$name = $_POST['name'];
$FileUpload = $_POST["FileUpload"];
$oldpic = $_POST['oldpic'];
$sort = $_POST['sort'];
$shows = $_POST['shows'];
########## Single Upload Image ###########
function Uploadimage($oldpic,$FileUpload){
$path = PATH;
$rand = substr(str_shuffle('ABCDEFGHIJKLMNOPQRSTUVWXYZ23456789'),0,15);
if(trim($_FILES["FileUpload"]["tmp_name"]) != ""){
@unlink($path."/".$oldpic);
$images = $_FILES["FileUpload"]["name"];
$tmp = $_FILES["FileUpload"]["tmp_name"];
$new_images = $rand.'-'.$_FILES["FileUpload"]["name"];
move_uploaded_file($tmp,$path."/".$new_images);
}else{
$images = $oldpic;
$new_images = $images;
}
return $new_images;
}
####### Multi Upload images ########
function MultiUploadimage($FileUpload,$tmps,$oldpic){
$path = PATH;
$rand = substr(str_shuffle('ABCDEFGHIJKLMNOPQRSTUVWXYZ23456789'),0,15);
if(trim($tmps) != ""){
@unlink($path."/".$oldpic);
$images = $FileUpload;
$tmp = $tmps;
$new_images = $rand.'-'.$FileUpload;
move_uploaded_file($tmp,$path."/".$new_images);
}else{
$images = $oldpic;
$new_images = $images;
}
return $new_images;
}
######### Check Name ############
function checkname($table,$name){
$sql = "select * from $table where name = '".$name."'";
$result = mysql_query($sql) or die(mysql_error().$sql);
$row = mysql_num_rows($result);
if($row>0){
return $row;
}
}
?>
<div id="wrapper_centent">
<?php
/* Category */
if($_POST['action']=="cate_add"){
$FileUpload1 = trim($_FILES["FileUpload1"]["name"]);
$tmps1 = $_FILES["FileUpload1"]["tmp_name"];
$oldpic1 = $_POST['oldpic1'];
$FileUpload2 = trim($_FILES["FileUpload2"]["name"]);
$tmps2 = $_FILES["FileUpload2"]["tmp_name"];
$oldpic2 = $_POST['oldpic2'];
$FileUpload3 = trim($_FILES["FileUpload3"]["name"]);
$tmps3 = $_FILES["FileUpload3"]["tmp_name"];
$oldpic3 = $_POST['oldpic3'];
$FileUpload4 = trim($_FILES["FileUpload4"]["name"]);
$tmps4 = $_FILES["FileUpload4"]["tmp_name"];
$oldpic4 = $_POST['oldpic4'];
$newimages1= MultiUploadimage($FileUpload1,$tmps1,$oldpic1);
$newimages2= MultiUploadimage($FileUpload2,$tmps2,$oldpic2);
$newimages3= MultiUploadimage($FileUpload3,$tmps3,$oldpic3);
$newimages4= MultiUploadimage($FileUpload4,$tmps4,$oldpic4);
mysql_query("INSERT INTO $table(nameth,nameen,image1,image2,image3,image4,detailth,detailen,sort,link,shows) values('".$name."','".$_POST['nameEN']."','".$newimages1."','".$newimages2."','".$newimages3."','".$newimages4."','".$_POST['detail']."','".$_POST['detailEN']."','".$sort."','".$_POST['link']."','".$shows."')");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=cate_add.php">';
mysql_close();
}
if($_POST['action']=="cate_edit"){
$FileUpload1 = trim($_FILES["FileUpload1"]["name"]);
$tmps1 = $_FILES["FileUpload1"]["tmp_name"];
$oldpic1 = $_POST['oldpic1'];
$FileUpload2 = trim($_FILES["FileUpload2"]["name"]);
$tmps2 = $_FILES["FileUpload2"]["tmp_name"];
$oldpic2 = $_POST['oldpic2'];
$FileUpload3 = trim($_FILES["FileUpload3"]["name"]);
$tmps3 = $_FILES["FileUpload3"]["tmp_name"];
$oldpic3 = $_POST['oldpic3'];
$FileUpload4 = trim($_FILES["FileUpload4"]["name"]);
$tmps4 = $_FILES["FileUpload4"]["tmp_name"];
$oldpic4 = $_POST['oldpic4'];
$newimages1= MultiUploadimage($FileUpload1,$tmps1,$oldpic1);
$newimages2= MultiUploadimage($FileUpload2,$tmps2,$oldpic2);
$newimages3= MultiUploadimage($FileUpload3,$tmps3,$oldpic3);
$newimages4= MultiUploadimage($FileUpload4,$tmps4,$oldpic4);
mysql_query("UPDATE $table SET nameth='".$name."', nameen='".$_POST['nameEN']."',image1='".$newimages1."',image2='".$newimages2."',image3='".$newimages3."',image4='".$newimages4."',detailth='".$_POST['detail']."',detailen='".$_POST['detailEN']."', link='".$_POST['link']."',sort='".$sort."',shows='".$shows."' WHERE id='".$_POST['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=cate_edit.php?id='.$_POST['id'].'">';
mysql_close();
}
if($_GET['ac']=="cate_del"){
$table="product_i";
$sql = "select * from $table where id = '".$_GET['id']."'";
$result = mysql_query($sql) or die(mysql_error().$sql);
$row = mysql_fetch_array($result);
@unlink(PATH.'/'.$row['image1']);
@unlink(PATH.'/'.$row['image2']);
@unlink(PATH.'/'.$row['image3']);
@unlink(PATH.'/'.$row['image4']);
mysql_query("DELETE FROM $table WHERE id='".$_GET['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=cate.php">';
mysql_close();
}
/* Sub Category */
if($_POST['action']=="cate_list_add"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("INSERT INTO $table(Lid,nameth,nameen,image,detailth,detailen,sort,link,shows) values('".$_POST['type']."','".$name."','".$_POST['nameEN']."','".$newimages."','".$_POST['detail']."','".$_POST['detailEN']."','".$sort."','".$_POST['link']."','".$shows."')");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=cate_list_add.php?cid='.$_POST['back'].'">';
mysql_close();
}
if($_POST['action']=="cate_list_edit"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("UPDATE $table SET Lid='".$_POST['type']."', nameth='".$name."', nameen='".$_POST['nameEN']."',image='".$newimages."',detailth='".$_POST['detail']."',detailen='".$_POST['detailEN']."',sort='".$sort."',link='".$_POST['link']."',shows='".$shows."' WHERE id='".$_POST['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=cate_list_edit.php?cid='.$_POST['back'].'&id='.$_POST['id'].'">';
mysql_close();
}
if($_GET['ac']=="cate_list_del"){
$table="product_ii";
$sql = "select * from $table where id = '".$_GET['id']."'";
$result = mysql_query($sql) or die(mysql_error().$sql);
$row = mysql_fetch_array($result);
@unlink(PATH.'/'.$row['image']);
mysql_query("DELETE FROM $table WHERE id='".$_GET['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="1;URL=cate_list.php?cid='.$_GET['cid'].'">';
mysql_close();
}
/* Product */
if($_POST['action']=="product_add"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("INSERT INTO $table(Lid,Gid,nameth,nameen,detailth,detailen,sort,link,image,shows) values('".$_POST['type']."','".$_POST['brand']."','".$name."','".$_POST['nameEN']."','".$_POST['detail']."','".$_POST['detailEN']."','".$sort."','".$_POST['link']."','".$newimages."','".$shows."')");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=product_add.php?cid='.$_POST['back'].'&sid='.$_POST['back2'].'">';
mysql_close();
}
if($_POST['action']=="product_edit"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("UPDATE $table SET Lid='".$_POST['type']."', Gid='".$_POST['brand']."', nameth='".$name."', nameen='".$_POST['nameEN']."',detailth='".$_POST['detail']."',detailen='".$_POST['detailEN']."',sort='".$sort."', image='".$newimages."', link='".$_POST['link']."',shows='".$shows."' WHERE id='".$_POST['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=product_edit.php?cid='.$_POST['back'].'&sid='.$_POST['back2'].'&id='.$_POST['id'].'">';
mysql_close();
}
if($_GET['ac']=="product_del"){
$table="product_iii";
$sql = "select * from $table where id = '".$_GET['id']."'";
$result = mysql_query($sql) or die(mysql_error().$sql);
$row = mysql_fetch_array($result);
@unlink(PATH.'/'.$row['image']);
mysql_query("DELETE FROM $table WHERE id='".$_GET['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="1;URL=product.php?cid='.$_GET['cid'].'&sid='.$_GET['sid'].'">';
mysql_close();
}
/* Product Sub */
if($_POST['action']=="model_add"){
$FileUpload1 = trim($_FILES["FileUpload2"]["name"]);
$tmps1 = $_FILES["FileUpload2"]["tmp_name"];
$oldpic1 = $_POST['file'];
$file= MultiUploadimage($FileUpload1,$tmps1,$oldpic1);
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("INSERT INTO $table(Lid,nameth,nameen,detailth,detailen,sort,file,link,image,shows,target) values('".$_POST['type']."','".$name."','".$_POST['nameEN']."','".$_POST['detail']."','".$_POST['detailEN']."','".$sort."','".$file."','".$_POST['link']."','".$newimages."','".$shows."','".$_POST['target']."')");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=model_add.php?cid='.$_POST['back'].'&sid='.$_POST['back2'].'&mid='.$_POST['back3'].'">';
mysql_close();
}
if($_POST['action']=="model_edit"){
$FileUpload1 = trim($_FILES["FileUpload2"]["name"]);
$tmps1 = $_FILES["FileUpload2"]["tmp_name"];
$oldpic1 = $_POST['file'];
$file= MultiUploadimage($FileUpload1,$tmps1,$oldpic1);
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("UPDATE $table SET Lid='".$_POST['type']."', nameth='".$name."', nameen='".$_POST['nameEN']."',detailth='".$_POST['detail']."',detailen='".$_POST['detailEN']."',sort='".$sort."', image='".$newimages."', file='".$file."',link='".$_POST['link']."',shows='".$shows."',target='".$_POST['target']."' WHERE id='".$_POST['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=model_edit.php?cid='.$_POST['back'].'&sid='.$_POST['back2'].'&mid='.$_POST['back3'].'&id='.$_POST['id'].'">';
mysql_close();
}
if($_GET['ac']=="model_del"){
$table="product_iv";
$sql = "select * from $table where id = '".$_GET['id']."'";
$result = mysql_query($sql) or die(mysql_error().$sql);
$row = mysql_fetch_array($result);
@unlink(PATH.'/'.$row['image']);
@unlink(PATH.'/'.$row['file']);
mysql_query("DELETE FROM $table WHERE id='".$_GET['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="1;URL=model.php?cid='.$_GET['cid'].'&sid='.$_GET['sid'].'&mid='.$_GET['mid'].'">';
mysql_close();
}
/* product Lv.5 */
if($_POST['action']=="model_list_add"){
$FileUpload1 = trim($_FILES["FileUpload2"]["name"]);
$tmps1 = $_FILES["FileUpload2"]["tmp_name"];
$oldpic1 = $_POST['link'];
$link= MultiUploadimage($FileUpload1,$tmps1,$oldpic1);
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("INSERT INTO $table(Lid,nameth,nameen,detailth,detailen,sort,link,image,shows) values('".$_POST['type']."','".$name."','".$_POST['nameEN']."','".$_POST['detail']."','".$_POST['detailEN']."','".$sort."','".$link."','".$newimages."','".$shows."')");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=model_list_add.php?cid='.$_POST['back'].'&sid='.$_POST['back2'].'&mid='.$_POST['back3'].'&lid='.$_POST['back4'].'">';
mysql_close();
}
if($_POST['action']=="model_list_edit"){
$FileUpload1 = trim($_FILES["FileUpload2"]["name"]);
$tmps1 = $_FILES["FileUpload2"]["tmp_name"];
$oldpic1 = $_POST['link'];
$link= MultiUploadimage($FileUpload1,$tmps1,$oldpic1);
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("UPDATE $table SET Lid='".$_POST['type']."', nameth='".$name."', nameen='".$_POST['nameEN']."',detailth='".$_POST['detail']."',detailen='".$_POST['detailEN']."',sort='".$sort."', image='".$newimages."', link='".$link."',shows='".$shows."' WHERE id='".$_POST['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=model_list_edit.php?cid='.$_POST['back'].'&sid='.$_POST['back2'].'&mid='.$_POST['back3'].'&lid='.$_POST['back4'].'&id='.$_POST['id'].'">';
mysql_close();
}
if($_GET['ac']=="model_list_del"){
$table="product_v";
$sql = "select * from $table where id = '".$_GET['id']."'";
$result = mysql_query($sql) or die(mysql_error().$sql);
$row = mysql_fetch_array($result);
@unlink(PATH.'/'.$row['image']);
mysql_query("DELETE FROM $table WHERE id='".$_GET['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="1;URL=model_list.php?cid='.$_GET['cid'].'&sid='.$_GET['sid'].'&mid='.$_GET['mid'].'&lid='.$_POST['lid'].'">';
mysql_close();
}
/* Slide */
if($_POST['action']=="slide_add"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("INSERT INTO $table (image,level,sort,shows) values('".$newimages."','".$_POST['type']."','".$sort."','".$shows."')");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=slide_add.php">';
mysql_close();
}
if($_POST['action']=="slide_edit"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("UPDATE $table SET image='".$newimages."',level='".$_POST['type']."',sort='".$sort."',shows='".$shows."' WHERE id='".$_POST['id']."'");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=slide_edit.php?id='.$_POST['id'].'">';
mysql_close();
}
if($_GET['ac']=="slide_del"){
$table = "slide";
$sql = "select * from $table where id = '".$_GET['id']."'";
$result = mysql_query($sql) or die(mysql_error().$sql);
$row = mysql_fetch_array($result);
@unlink(PATH.'/'.$row['image']);
mysql_query("DELETE FROM $table WHERE id='".$_GET['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="1;URL=slide.php">';
mysql_close();
}
/* News & Event */
if($_POST['action']=="news_add"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("INSERT INTO $table(topic_th,topic_en,detail_th,detail_en,image,date,shows) values('".$name."','".$_POST['nameEN']."','".$_POST['detail']."','".$_POST['detailEN']."','".$newimages."','".date("Y-m-d H:i:s")."','".$shows."')") or die ("ERROR");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=news_add.php">';
mysql_close();
}
if($_POST['action']=="news_edit"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("UPDATE $table SET topic_th='".$name."', topic_en='".$_POST['nameEN']."',image='".$newimages."',detail_th='".$_POST['detail']."',detail_en='".$_POST['detailEN']."',date='".date("Y-m-d H:i:s")."',shows='".$shows."' WHERE id='".$_POST['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=news_edit.php?id='.$_POST['id'].'">';
mysql_close();
}
if($_GET['ac']=="news_del"){
$table="news_event";
$sql = "select * from $table where id = '".$_GET['id']."'";
$result = mysql_query($sql) or die(mysql_error().$sql);
$row = mysql_fetch_array($result);
@unlink(PATH.'/'.$row['image']);
mysql_query("DELETE FROM $table WHERE id='".$_GET['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=news.php">';
mysql_close();
}
/* Server News & Event */
if($_POST['action']=="server_news_add"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("INSERT INTO $table(topic_th,topic_en,detail_th,detail_en,image,date,shows) values('".$name."','".$_POST['nameEN']."','".$_POST['detail']."','".$_POST['detailEN']."','".$newimages."','".date("Y-m-d H:i:s")."','".$shows."')") or die ("ERROR");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=server_news_add.php">';
mysql_close();
}
if($_POST['action']=="server_news_edit"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("UPDATE $table SET topic_th='".$name."', topic_en='".$_POST['nameEN']."',image='".$newimages."',detail_th='".$_POST['detail']."',detail_en='".$_POST['detailEN']."',date='".date("Y-m-d H:i:s")."',shows='".$shows."' WHERE id='".$_POST['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=server_news_edit.php?id='.$_POST['id'].'">';
mysql_close();
}
if($_GET['ac']=="server_news_del"){
$table="server_news";
$sql = "select * from $table where id = '".$_GET['id']."'";
$result = mysql_query($sql) or die(mysql_error().$sql);
$row = mysql_fetch_array($result);
@unlink(PATH.'/'.$row['image']);
mysql_query("DELETE FROM $table WHERE id='".$_GET['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=server_news.php">';
mysql_close();
}
/* Download Aplication & Brochure */
if($_POST['action']=="download_add"){
$FileUpload1 = trim($_FILES["FileUpload2"]["name"]);
$tmps1 = $_FILES["FileUpload2"]["tmp_name"];
$oldpic1 = $_POST['file'];
$file= MultiUploadimage($FileUpload1,$tmps1,$oldpic1);
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("INSERT INTO $table(title,image,file,link,type,sort,shows,target) values('".$name."','".$newimages."','".$file."','".$_POST['link']."','".$_POST['type']."','".$sort."','".$shows."','".$_POST['target']."')") or die ("ERROR");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=download_add.php">';
mysql_close();
}
if($_POST['action']=="download_edit"){
$FileUpload1 = trim($_FILES["FileUpload2"]["name"]);
$tmps1 = $_FILES["FileUpload2"]["tmp_name"];
$oldpic1 = $_POST['file'];
$file= MultiUploadimage($FileUpload1,$tmps1,$oldpic1);
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("UPDATE $table SET title='".$name."',file='".$file."', link='".$_POST['link']."',image='".$newimages."',type='".$_POST['type']."',sort='".$sort."',shows='".$shows."',target='".$_POST['target']."' WHERE id='".$_POST['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=download_edit.php?id='.$_POST['id'].'">';
mysql_close();
}
if($_GET['ac']=="download_del"){
$table="download";
$sql = "select * from $table where id = '".$_GET['id']."'";
$result = mysql_query($sql) or die(mysql_error().$sql);
$row = mysql_fetch_array($result);
@unlink(PATH.'/'.$row['image']);
@unlink(PATH.'/'.$row['file']);
mysql_query("DELETE FROM $table WHERE id='".$_GET['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=download.php">';
mysql_close();
}
if($_GET['ac']=="delfile"){
$id=$_GET['id'];
$table="download";
$sql = "select * from $table where id = '".$id."'";
$result = mysql_query($sql) or die(mysql_error().$sql);
$row = mysql_fetch_array($result);
mysql_query("UPDATE $table SET file='' WHERE id='".$id."'");
@unlink(PATH.'/'.$row['file']);
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="1;URL=download_edit.php?id='.$id.'">';
mysql_close();
}
/* Reference */
if($_POST['action']=="reference_add"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("INSERT INTO $table(title_th,title_en,image,detail_th,detail_en,sort,shows) values('".$name."','".$_POST['nameEN']."','".$newimages."','".$_POST['detail']."','".$_POST['detailEN']."','".$sort."','".$shows."')") or die ("ERROR");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=reference_add.php">';
mysql_close();
}
if($_POST['action']=="reference_edit"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("UPDATE $table SET title_th='".$name."',title_en='".$_POST['nameEN']."', detail_th='".$_POST['detail']."', detail_en='".$_POST['detailEN']."',image='".$newimages."',sort='".$sort."',shows='".$shows."' WHERE id='".$_POST['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=reference_edit.php?id='.$_POST['id'].'">';
mysql_close();
}
if($_GET['ac']=="reference_del"){
$table="reference";
$sql = "select * from $table where id = '".$_GET['id']."'";
$result = mysql_query($sql) or die(mysql_error().$sql);
$row = mysql_fetch_array($result);
@unlink(PATH.'/'.$row['image']);
mysql_query("DELETE FROM $table WHERE id='".$_GET['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=reference.php">';
mysql_close();
}
/* Partners */
if($_POST['action']=="partners_add"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("INSERT INTO $table(title_th,image,link,sort,shows) values('".$name."','".$newimages."','".$_POST['link']."','".$sort."','".$shows."')") or die ("ERROR");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=partners_add.php">';
mysql_close();
}
if($_POST['action']=="partners_edit"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("UPDATE $table SET title_th='".$name."', link='".$_POST['link']."',image='".$newimages."',sort='".$sort."',shows='".$shows."' WHERE id='".$_POST['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=partners_edit.php?id='.$_POST['id'].'">';
mysql_close();
}
if($_GET['ac']=="partners_del"){
$table="partners";
$sql = "select * from $table where id = '".$_GET['id']."'";
$result = mysql_query($sql) or die(mysql_error().$sql);
$row = mysql_fetch_array($result);
@unlink(PATH.'/'.$row['image']);
mysql_query("DELETE FROM $table WHERE id='".$_GET['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=partners.php">';
mysql_close();
}
/* Partner News */
if($_POST['action']=="partner_news_add"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("INSERT INTO $table(sid,sort,topic_th,topic_en,detail_th,detail_en,image,date,shows) values('".$_POST['cid']."','".$_POST['sort']."','".$name."','".$_POST['nameEN']."','".$_POST['detail']."','".$_POST['detailEN']."','".$newimages."','".date("Y-m-d H:i:s")."','".$shows."')") or die ("ERROR");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=partner_news_add.php?cid='.$_POST['cid'].'">';
mysql_close();
}
if($_POST['action']=="partner_news_edit"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("UPDATE $table SET sort='".$_POST['sort']."', topic_th='".$name."', topic_en='".$_POST['nameEN']."',image='".$newimages."',detail_th='".$_POST['detail']."',detail_en='".$_POST['detailEN']."',date='".date("Y-m-d H:i:s")."' WHERE id='".$_POST['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=partner_news_edit.php?cid='.$_POST['cid'].'&id='.$_POST['id'].'">';
mysql_close();
}
if($_GET['ac']=="partner_news_del"){
$table="partner_news";
$sql = "select * from $table where id = '".$_GET['id']."'";
$result = mysql_query($sql) or die(mysql_error().$sql);
$row = mysql_fetch_array($result);
@unlink(PATH.'/'.$row['image']);
mysql_query("DELETE FROM $table WHERE id='".$_GET['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="1;URL=partner_news.php?cid='.$_GET['cid'].'">';
mysql_close();
}
/* Brand */
if($_POST['action']=="brand_add"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("INSERT INTO $table(title_th,image,link,sort,shows) values('".$name."','".$newimages."','".$_POST['link']."','".$sort."','".$shows."')") or die ("ERROR");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=brand_add.php?cid='.$_POST['cid'].'&sid='.$_POST['sid'].'">';
mysql_close();
}
if($_POST['action']=="brand_edit"){
$newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("UPDATE $table SET title_th='".$name."', link='".$_POST['link']."',image='".$newimages."',sort='".$sort."',shows='".$shows."' WHERE id='".$_POST['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=brand_edit.php?id='.$_POST['id'].'&cid='.$_POST['cid'].'&sid='.$_POST['sid'].'">';
mysql_close();
}
if($_GET['ac']=="brand_del"){
$table="brand";
$sql = "select * from $table where id = '".$_GET['id']."'";
$result = mysql_query($sql) or die(mysql_error().$sql);
$row = mysql_fetch_array($result);
@unlink(PATH.'/'.$row['image']);
mysql_query("DELETE FROM $table WHERE id='".$_GET['id']."'") or die (mysql_error());
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=brand.php?cid='.$_GET['cid'].'&sid='.$_GET['sid'].'">';
mysql_close();
}
/* General */
if($_POST['action']=="general_edit"){
$FileUpload1 = trim($_FILES["FileUpload1"]["name"]);
$tmps1 = $_FILES["FileUpload1"]["tmp_name"];
$oldpic1 = $_POST['oldpic1'];
$newimages1= MultiUploadimage($FileUpload1,$tmps1,$oldpic1);
$FileUpload2 = trim($_FILES["FileUpload2"]["name"]);
$tmps2 = $_FILES["FileUpload2"]["tmp_name"];
$oldpic2 = $_POST['oldpic2'];
$newimages2= MultiUploadimage($FileUpload2,$tmps2,$oldpic2);
# $newimages = Uploadimage($oldpic,$FileUpload);
mysql_query("UPDATE $table SET wellcome='".$_POST['wellcome']."', wellcome_en='".$_POST['wellcomeEN']."', about='".$_POST['about']."',about_en='".$_POST['aboutEN']."',careers='".$_POST['careers']."',careers_en='".$_POST['careersEN']."',facebook='".$_POST['facebook']."', twister='".$_POST['twister']."',email='".$_POST['email']."',address='".$_POST['address']."',address_en='".$_POST['addressEN']."',lat='".$_POST['lat']."',lng='".$_POST['lng']."',logo='".$newimages1."',banner='".$newimages2."',tel='".$_POST['tel']."',fax='".$_POST['fax']."' WHERE id='".$_POST['id']."'") or die("ERROR");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=general.php?'.$_POST['back'].'=1">';
mysql_close();
}
/// Server ///
if($_POST['action']=='server'){
mysql_query("UPDATE $table SET server='".$_POST['detail']."',premium='".$_POST['detail2']."' WHERE id='".$_POST['id']."'");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=server.php">';
mysql_close();
}
/* Admin */
if($_POST['action']=='admin_edit'){
mysql_query("UPDATE $table SET username='".$_POST['username']."',password='".$_POST['password']."' WHERE id='".$_POST['id']."'");
echo $succes;
echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL='.$table.'.php">';
mysql_close();
}
?>
</div>
</div>
</body>
</html>