One Hat Cyber Team
Your IP :
172.16.0.254
Server IP :
58.26.163.33
Server :
Windows NT DGPENSV2LPKMN 10.0 build 14393 (Windows Server 2016) AMD64
Server Software :
Apache/2.4.46 (Win64) OpenSSL/1.1.1h PHP/7.3.25
PHP Version :
7.3.25
Buat File
|
Buat Folder
Eksekusi
Dir :
C:
/
xampp7
/
htdocs
/
edgpens
/
utility
/
Edit File:
declarationPage.php
<?php if(empty($page)){ include("../access.php"); } ?> <?php $modal_name = str_replace("/", "-", $page); ?> <!-- Blank Header --> <div class="content-header"> <div class="row"> <div class="col-sm-6"> <div class="header-section"> <h1><i class="fa fa-bullhorn"></i> NEEDS FOR DECLARATION</h1> </div> </div> <div class="col-sm-6 hidden-xs"> <div class="header-section"> <!-- <ul class="breadcrumb breadcrumb-top"> --> <!-- <li>Extra Pages</li> --> <!-- <li><a href="">Blank</a></li> --> <!-- </ul> --> </div> </div> </div> </div> <!-- END Blank Header --> <!-- Get Started Block --> <div class="block full"> <!-- Get Started Title --> <!-- <div class="block-title"> <h2>Blank</h2> </div> --> <!-- [QUERY_STRING] --> <?php $success = 0; if($_POST): $do = $_POST['type_submit']; //print_r($_POST); //exit(); $id=$_POST['val-id']; $nama=mysqli_real_escape_string($mysqli_link,$_POST['val-name']); $desc=mysqli_real_escape_string($mysqli_link,$_POST['val-desc']); $flagAktif=$_POST['val-aktif']; if($do=="add"){ $qAdd="INSERT INTO lp_declaration(tajuk,ktrgn,flagAktif,dateCreated,idAuthor) VALUES ('$nama', '$desc', '$flagAktif', NOW(), 1)"; mysqli_query($mysqli_link,$qAdd) or die(mysqli_connect_error()); $success = 1; $msg = "RECORD ADDED!"; $last_id = mysqli_insert_id($mysqli_link); $folder = "./upload/lp"; if(!is_dir($folder)): mkdir($folder,0777,TRUE); $file = "./upload/index.html"; copy($file, $folder."/index.html"); endif; $list_ext = array( '.pdf', '.docx', '.doc', '.xls', '.xlsx', '.ppt', '.png', '.gif', '.pdf', '.jpeg', '.jpg', '.jpe', '.bmp', '.ico', '.svg', '.tif', '.tiff' ); $filename = $_FILES['file_upload']['name']; $ext = strtolower(substr($filename, strrpos($filename, "."))); $new_name = ""; if (in_array($ext, $list_ext)) { $new_name = rand_filename2("./upload/lp/",$ext,2); move_uploaded_file($_FILES['file_upload']['tmp_name'],$folder."/".$new_name); unset($sql); unset($param_type); unset($param_data); $sql = "UPDATE lp_declaration SET fail = ? WHERE idDeclaration = ?"; $param_type = ""; // EMPTY MEANS AUTO @ TYPE LENGTH != DATA (AUTO) $param_data = array( "fail" => $new_name, "idDeclaration" => $last_id ); $data = mysqli_prepare_audit($sql,$param_type,$param_data,""); } } if($do=="edit"){ $qEdit="UPDATE lp_declaration SET tajuk='$nama', ktrgn='$desc', flagAktif='$flagAktif' WHERE idDeclaration='$id'"; mysqli_query($mysqli_link,$qEdit) or die(mysqli_connect_error()); $success = 1; $msg = "RECORD UPDATED!"; $last_id = $id; $folder = "./upload/lp"; if(!is_dir($folder)): mkdir($folder,0777,TRUE); $file = "./upload/index.html"; copy($file, $folder."/index.html"); endif; $list_ext = array( '.pdf', '.docx', '.doc', '.xls', '.xlsx', '.ppt', '.png', '.gif', '.pdf', '.jpeg', '.jpg', '.jpe', '.bmp', '.ico', '.svg', '.tif', '.tiff' ); $filename = $_FILES['file_upload']['name']; $ext = strtolower(substr($filename, strrpos($filename, "."))); $new_name = ""; if (in_array($ext, $list_ext)) { $new_name = rand_filename2("./upload/lp/",$ext,2); move_uploaded_file($_FILES['file_upload']['tmp_name'],$folder."/".$new_name); unset($sql); unset($param_type); unset($param_data); $sql = "UPDATE lp_declaration SET fail = ? WHERE idDeclaration = ?"; $param_type = ""; // EMPTY MEANS AUTO @ TYPE LENGTH != DATA (AUTO) $param_data = array( "fail" => $new_name, "idDeclaration" => $last_id ); $data = mysqli_prepare_audit($sql,$param_type,$param_data,""); } } if($do=="delete"){ foreach($_POST['myid'] as $value){ $qKod="SELECT fail FROM lp_declaration WHERE idDeclaration='$value'"; $resKod=mysqli_query($mysqli_link, $qKod) or die(mysqli_connect_error()); $rowKod=mysqli_fetch_array($resKod); $qDelete="DELETE FROM lp_declaration WHERE idDeclaration='$value'"; mysqli_query($mysqli_link,$qDelete) or die(mysqli_connect_error()); unlink("upload/lp/{$rowKod['fail']}"); } $success = 3; } if($success == 1){ $_SESSION['success'] = 1; $_SESSION['success_msg'] = $msg; }else if($success == 2){ $_SESSION['success'] = 2; $_SESSION['success_msg'] = "OPS! SOMETHING WRONG"; }else if($success == 3){ $_SESSION['success'] = 3; $_SESSION['success_msg'] = "RECORD DELETED!"; } endif; if($success){ echo "<script>window.location.replace('index.php?page=utility/declarationPage&success={$success}');</script>"; exit(); } ?> <?php ?> <div id="modal-form" class="modal fade <?php echo $modal_name;?>" tabindex="-1" role="dialog" aria-hidden="true"> <div class="modal-dialog modal-lg"> <div class="modal-content"> <form class="push form-horizontal" id="form-validation" action="index.php?page=utility/declarationPage" method="post" enctype="multipart/form-data" autocomplete="off"> <!-- if delete. check post name delete --> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true"><span aria-hidden="true">×</span></button> <h4 class="modal-title"><strong>NEEDS FOR DECLARATION</strong></h4> </div> <div class="modal-body"><!-- modal-body --> <div class="form-group"> <label class="col-md-3 control-label" for="val-name">Title <span class="text-danger">*</span></label> <div class="col-md-8"> <input type="text" id="val-name" name="val-name" class="form-control validation" data-validation="default" placeholder="Title.."> </div> </div> <div class="form-group"> <label class="col-md-3 control-label" for="val-desc">Description <span class="text-danger">*</span></label> <div class="col-md-8"> <textarea id="val-desc" name="val-desc" rows="5" class="form-control validation" data-validation="default" placeholder="Description.."></textarea> </div> </div> <div class="form-group"> <label class="col-md-3 control-label" for="val-desc">Description <span class="text-danger">*</span></label> <div class="col-md-8"> <div class="input-group" data-toggle="tooltip" title="Upload File"> <div class="input-group-btn"> <label class="btn btn-primary"> Browse <input type="file" id="file_upload" name="file_upload" class="form-control" style="display: none" accept="<?php echo $conf_doctype2;?>"> </label> </div> <span class="up1"> <input style="background: white;color: #000" readonly='readonly' value="" type="text" id="file_upload_text" name="file_upload_text" value="" class="form-control upload-name" data-validation="default" placeholder="No File Selected"> </span> <a href="1" target="_blank" class="up2 form-control" style="cursor: pointer;"> Click To Open<i class="fa fa-download pull-right" style="line-height: 1.42857143"></i> </a> <div class="up3 input-group-btn" data-toggle="tooltip" title="Delete File"> <div class="btn btn-danger del-upload" data-senddata='{"type": "lp_declaration", "file": "x.jpg"}'><i class="fa fa-times"></i></div> </div> </div> <i id="" class="help-blockx animation-pullUp text-warning" style="font-size: 9pt"> <b>File Allowed: <?php echo $conf_doctype3;?></b> <br><b>(Max Size: <?echo $conf_maxuploadsize;?>MB)</b> </i> </div> </div> <div class="form-group"> <label class="col-md-3 control-label" for="val-aktifL">Status <span class="text-danger">*</span></label> <div class="col-md-6"> <label class="radio-inline" for="val-aktifY"> <input type="radio" class="not_autoset" id="val-aktifY" name="val-aktif" value="Y" <?if($rowKod['flagAktif']=="Y"){?>checked<?}?>> Active </label> <label class="radio-inline" for="val-aktifT"> <input type="radio" class="not_autoset default_radio" id="val-aktifT" name="val-aktif" value="T" <?if($rowKod['flagAktif']=="T"){?>checked<?}?>> Inactive </label> </div> </div> </div><!-- [end] modal-body --> <input type="hidden" name="type_submit" value="add"> <input type="hidden" name="val-id" value=""> <div class="modal-footer"> <!-- <h4 class="pull-left">$ <strong class="text-primary-dark">689</strong><small>.00</small></h4> --> <button type="submit" class="btn btn-effect-ripple btn-primary">Submit</button> <button type="button" class="btn btn-effect-ripple btn-danger" data-dismiss="modal">Close</button> </div> </form> </div> </div> </div> <div class="table-responsive"> <form method="post" data-modal-target="<?php echo $modal_name;?>"> <input name="type_submit" type="hidden" value="delete"> <table id="example-datatable" class="table table-striped table-bordered table-condensed table-vcenter table-hover"> <thead> <tr> <th style="width: 30px;" class="text-center"><label class="csscheckbox csscheckbox-primary"><input type="checkbox"><span></span></label></th> <th class="text-center">TITLE</th> <th class="text-center">DESCRIPTION</th> <th class="text-center">FILE</th> <th class="text-center" style="width: 80px;">STATUS</th> <th class="text-center no_sorting" style="width: 40px;"><i class="fa fa-flash"></i></th> </tr> </thead> <tbody> <?php $labels['Y']['class'] = "label-success"; $labels['Y']['text'] = "Active"; $labels['T']['class'] = "label-danger"; $labels['T']['text'] = "Inactive"; ?> <?php $qKod="SELECT * FROM lp_declaration"; $resKod=mysqli_query($mysqli_link, $qKod) or die(mysqli_connect_error()); while($rowKod=mysqli_fetch_array($resKod)){ //for($i=1; $i<31; $i++) { // editdata seperti send get value, split by | // cth : <namainput>#<value> | <namaselect>#<value> $editdata = "val-name#$rowKod[tajuk]|" ."val-desc#$rowKod[ktrgn]|" ."val-id#$rowKod[idDeclaration]|" ."val-aktif#$rowKod[flagAktif]"; ?> <tr> <td class="align-top text-center "><label class="csscheckbox csscheckbox-primary"><input type="checkbox" name="myid[]" value="<?php echo $rowKod['idDeclaration'];?>"><span></span></label></td> <td class="align-top"><strong><?=$rowKod['tajuk']?></strong></td> <td class="align-top"><?=nl2br($rowKod['ktrgn'])?></td> <td class="align-top text-center"><?php if(!empty($rowKod['fail']) && file_exists("upload/lp/".$rowKod['fail'])){ echo "<a target='_blank' href='upload/lp/{$rowKod['fail']}'>{$rowKod['fail']}</a>"; }else{ echo "-"; }?></td> <?php $rand = $rowKod['flagAktif'] ?> <td class="align-top text-center"><span class="label<?php echo ($labels[$rand]['class']) ? " " . $labels[$rand]['class'] : ""; ?>"><?php echo $labels[$rand]['text'] ?></span></td> <td class="align-top text-center"> <a href="javascript:void(0)" title="Edit Record" class="btn btn-effect-ripple btn-xs btn-success edit-me" data-modal-target="<?php echo $modal_name;?>" data-editdata="<?php echo $editdata;?>"><i class="fa fa-pencil"></i></a> <a href="javascript:void(0)" title="Delete Record" class="btn btn-effect-ripple btn-xs btn-danger del-me" data-val="<?php echo $i;?>"><i class="fa fa-times"></i></a> </td> </tr> <?php }mysqli_free_result($resKod); ?> </tbody> </table> </form> </div> <script src="js/pages/formsValidation.js"></script> <script type="text/javascript"> $(document).ready(function(){ $.fn.custom_upload = function(){ var t_parent = $(this).closest(".input-group"); var up1 = $(".up1",t_parent); var up2 = $(".up2",t_parent); var up3 = $(".up3",t_parent); var up2_val = up2.prop("href").substr(up2.prop("href").lastIndexOf('/') + 1); if(up2_val !== "1"){ up1.hide(); up2.show(); $(".btn",up3).removeClass("disabled"); }else{ up1.show(); up2.hide(); $(".btn",up3).addClass("disabled"); } }; $("[type='file']").each(function(){ $(this).custom_upload(); }); $(".del-upload").on("click",function(){ var t_parent = $(this).parents(".input-group"); var up1 = $(".up1",t_parent); var up2 = $(".up2",t_parent); var up3 = $(".up3",t_parent); var senddata = $(this).data("senddata"); var id = $(".del-upload",document).data("senddata").ii; if(up2.is(':visible')){ if(confirm("Delete This File?")){ $.post( "ajax.php?do=clear_file", senddata ).done(function(data) { up1.show(); up2.hide(); $(".btn",up3).addClass("disabled"); $("[name='myid[]'][value='"+id+"']").parents("tr").find("td:eq(3)").html("-"); }); } }else{ $("input",t_parent).prop("value",""); $(".btn",up3).addClass("disabled"); } }); $("#example-datatable").setdatatable().setadddelete(); $('thead input:checkbox').click(function() { var checkedStatus = $(this).prop('checked'); var table = $(this).closest('table'); $('tbody input:checkbox', table).each(function() { $(this).prop('checked', checkedStatus); }); }); $(document).on("click", ".add-me", function(){ var modal_name = "."+$(this).closest("form").data("modal-target"); $(modal_name).modal({keyboard:true}); $(modal_name).find("input").not(":button, :submit, :reset, .not_autoset").val("").prop("checked",false); $(modal_name).find(".default_radio, .default_checkbox").prop("checked",true); $(modal_name).find("select").prop("selected",false); $(modal_name).find("textarea").val(""); $(modal_name).find('.help-block').remove(); $(modal_name).find('.form-group').removeClass('has-success has-error'); $("#form-validation").setvalidation(''); $("#form-validation > [name='type_submit']").val("add"); // console.log($._data($("#form-validation").get(0), "events")); $(modal_name).find('.up2').prop("href","1"); $("[type='file']").custom_upload(); }); $(document).on("click", ".del-me-all", function(){ if(confirm("Delete This Records! Are You Sure?")){ var check_tick = 0; $(this).closest("form").find("input[type='checkbox']").each(function(){ if($(this).prop('checked')) check_tick++; }); if(check_tick>0) $(this).closest("form").submit(); else alert("Please select which record to be remove!"); } }); $("#example-datatable tbody").on("click", ".del-me", function(){ if(confirm("Delete This Record! Are You Sure?")){ $(this).closest("table").find("input[type='checkbox']").prop("checked",false); $(this).closest("tr").find("input[type='checkbox']").trigger("click"); $(this).closest("form").submit(); } }) $("#example-datatable tbody").on("click", ".edit-me", function(){ var modal_name = "."+$(this).data("modal-target"); var editdata = $(this).data("editdata"); $(modal_name).modal({keyboard:true}); $(modal_name).find("input").not(":button, :submit, :reset, .not_autoset").val("").prop("checked",false); $(modal_name).find("select").prop("selected",false); $(modal_name).find("textarea").val(""); $(modal_name).find('.help-block').remove(); $(modal_name).find('.form-group').removeClass('has-success has-error'); $("#form-validation").setvalidation(editdata); $("#form-validation > [name='type_submit']").val("edit"); $(modal_name).find('.up2').prop("href","1"); var namefile = $(this).parents("tr").find("a").text(); var id = $(this).parents("tr").find("[name='myid[]']").val(); var datasend = {"ii": id,"type": "lp_declaration", "file": namefile}; $(".del-upload",document).data("senddata",datasend); if(namefile !== '') $(modal_name).find('.up2').prop("href","upload/lp/"+namefile); $("[type='file']").custom_upload(); // console.log($._data($("#form-validation").get(0), "events")); }); $("[type='file']").on("change",function(){ var t_parent = $(this).closest(".input-group"); var up1 = $(".up1",t_parent); var up2 = $(".up2",t_parent); var up3 = $(".up3",t_parent); var validExtensions = doc_allowed1; //array of valid extensions var fileName = $(this).val().toLowerCase(); var fileNameExt = fileName.substr(fileName.lastIndexOf('.') + 1); const fileSize = this.files[0].size / 1024 / 1024; // in MiB if ($.inArray(fileNameExt, validExtensions) == -1){ alert("Invalid file type."); $(this).val(""); $(".btn",up3).removeClass("disabled").addClass("disabled"); return false; }else if (fileSize.toFixed(1)>doc_maxsize1){ alert("Allowed Max Size: "+doc_maxsize1+"MB"); $(this).val(""); $(".btn",up3).removeClass("disabled").addClass("disabled"); return false; }else{ $(this).parents("div.input-group").find(".upload-name").val(fileName.substr(fileName.lastIndexOf('\\') + 1)); $(".btn",up3).removeClass("disabled"); } }); }); </script> </div>
Simpan