Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/person/   drwxr-xr-x
Free 52.6 GB of 127.8 GB (41.16%)
                            Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    

Viewing file:     EditProduct.php (5.19 KB)      -rw-r--r--

<?php

	session_start();
	
	/**  Define Validate Access  */
	define( '_VALID_ACCESS', 1 );

	/**  Check Session User Login  */
	if( !session_is_registered("valid_user") && !session_is_registered("Priority") ) {
		echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-874\" />";
		echo "<p style=padding-top:115px><p align=center><br /><font color=red><strong>ЎГШіТ·УЎТГ Login ЎиН№</strong></font></p></p>";
		echo "<meta http-equiv=\"refresh\" content=\"1; URL=../login.php\" />";
		exit();
	} 
	else {
		/**  Configuration  */
		require_once( "../configuration.php" );
		require_once( $_Config_absolute_path . "/includes/framework.php" );
		require_once( "../include/Function.php" );
	    	require_once( "../include/FunctionDB.php" );
		/**  Create Database Object  */
		$dbObj = new DBConn;

		/**  Receive values  */
	
		
		$Date_start = $_POST['mYear']."-".$_POST['mMonth']."-".$_POST['mDate'];  // ЗС№/аґЧН№/»Х·ХиаГФиБ
		$Date_finish = $_POST['mYear2']."-".$_POST['mMonth2']."-".$_POST['mDate2'];  // »Х·ХибЕйЗаКГзЁ
		$Term = $mYear2;  
		
		
		
			//»ХЎТГИХЎЙТ 
		if ($_POST[mMonth2] <= 5 and $_POST[mMonth2] != 0) $academic_year_finish = $_POST[mYear2]-1 ;
		if ($_POST[mMonth2] >= 6 and $_POST[mMonth2] != 0) $academic_year_finish = $_POST[mYear2];
		
		
		//єЗЎЁУ№З№а§Ф№·ХигЄйЁГФ§ 
		$FundUse = $FundIn - $FundOut ; 
		
			if( $_FILES['Filetex']['name'] != "" ) {

				//ЕєдїЕмаНЎКТГаґФБ
				$query1 = "select Filetex  from  edu_product_tb   Where   Prod_code  ='$Prod_code'  ";
				$result1 = mysql_query($query1);
				$rs = mysql_fetch_array($result1);			
				if(!empty($rs["Filetex"])) unlink($ResearchPicPath.$rs["Filetex"]);
				$dbObj->freeresult($result1);
				
				//Upload дїЕмаНЎКТГгЛБи
			
				$Filetex = date('YmdHis').strrchr($_FILES['Filetex']['name'], ".");
				@copy( $_FILES['Filetex']['tmp_name'] , $ResearchPicPath.$Filetex );
				@unlink( $_FILES['Filetex']['tmp_name'] );

			$query1 = "UPDATE edu_product_tb SET Product_name='$Product_name',Date_start='$Date_start',Date_finish='$Date_finish',Term='$Term',Year_prop='$Year_prop',Product_type='$Product_type',name1='$name1',name2='$name2',name3='$name3',name4='$name4',name5='$name5',name6='$name6',name7='$name7',Filetex='$Filetex',Fund_resource='$Fund_resource',Fund='$Fund',Propagate='$Propagate',Benefit='$Benefit',Use_ref='$Use_ref'  ,Filetex='$Filetex'    WHERE Prod_code ='$Prod_code' "; 
					}
		else {
			
			$query1 = " UPDATE edu_product_tb SET Product_name='$Product_name',Date_start='$Date_start',Date_finish='$Date_finish',Term='$Term',Year_prop='$Year_prop',Product_type='$Product_type',name1='$name1',name2='$name2',name3='$name3',name4='$name4',name5='$name5',name6='$name6',name7='$name7',Fund_resource='$Fund_resource',Fund='$Fund',Propagate='$Propagate',Benefit='$Benefit',Use_ref='$Use_ref'    WHERE Prod_code ='$Prod_code' ";
		}
		$result1 =  $dbObj->runQuery($query1);
		$dbObj->freeresult($result1);
	
	} # else
 ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-874" />
<link href="../css/default.css" rel="stylesheet" type="text/css" />
<script language="javascript" src="../js/utilities.js"></script>
<title>ўйНБЩЕ·СиЗд»єШ¤ЕТЎГ - ўйНБЩЕбј№ЎТГКН№ - бЎйдў»ГРЗСµФјЕ§Т№ЗФЁСВ</title>
</head>

<body topmargin="0" rightmargin="0" bottommargin="0" leftmargin="0">
<?php
	include("../templates/incHeader.php");
?>
<table width="1003" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td width="203" align="left" valign="top" style="padding:10px 0px 0px 5px"><?php include("./_incMainMenu.php");?></td>
    <td width="800" height="440" align="center" valign="top" style="padding:10px 0px 5px 10px"><fieldset>
     <table width="780" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td height="5"></td>
      </tr>
      <tr>
        <td height="30" background="../images/background/bg-head-topic-w780.gif" class="PADDING-LEFT-10"><strong><a href="index.php">Л№йТЛЕСЎ</a></strong> <strong>&raquo; <a href="Menu_Teach.php">ўйНБЩЕ·СиЗд»єШ¤ЕТЎГ</a> &raquo; <a href="ResearchList.php?Teacher_code=<?=$Teacher_code;?>&amp;Year_prop=<?=$Year_prop;?>">ўйНБЩЕ§Т№ЗФЁСВ</a> &raquo; <a href="ResearchList.php?Teacher_code=<?=$Teacher_code;?>&amp;Year_prop=<?=$Year_prop;?>">јЕ§Т№ЎТГЗФЁСВ</a> &raquo; <span class="NOTE">бЎйдў»ГРЗСµФјЕ§Т№ЗФЁСВ</span></strong></td>
        </tr>
      <tr>
        <td>&nbsp;</td>
      </tr>
      <tr>
        <td height="150" align="center"><span class="TEXT-GREEN10"><strong>ГРєєбЎйдўўйНБЩЕўН§·иТ№аГХВєГйНВбЕйЗ</strong></span><br />
ЎГШіТГНКйЎ¤ГЩи ЎУЕС§а»ЕХиВ№Л№йТНСµв№БСµФ<br />
<?php echo "<meta http-equiv=\"refresh\" content=\"1; URL=Edu_ProductMe.php?Teacher_code=$Teacher_code\">"; ?></td>
      </tr>
      <tr>
        <td height="234">&nbsp;</td>
      </tr>
    </table>
   </fieldset></td>
  </tr>
</table>
<?php include("../templates/incFooter.php"); ?>
</body>
</html>
<?php
	/**  Free Resource */
	$dbObj->freeresult($result1);
	
	/**  Close the Database  */
	$dbObj->disconn();
	
	/**  Unset Class  */
	unset($dbObj);
?>