UnknownSec Bypass
403
:
/
home
/
growthpharma
/
public_html
/
Master@Growth
/ [
drwxr-xr-x
]
Menu
Upload
Mass depes
Mass delete
Terminal
Info server
About
name :
editproduct.php
<?php include_once("config.php"); include_once("fckeditor/fckeditor.php"); $galid=$_GET['id']; $sql = mysql_query("select * from product_table where id='$galid'"); $sqfpro = mysql_fetch_array($sql); function getExtension($str) { $i = strrpos($str,"."); if (!$i) { return ""; } $l = strlen($str) - $i; $ext = substr($str,$i+1,$l); return $ext; } if(isset($_POST['mode']) && ($_POST['mode']=="addrecord")) { $title = trim(mysql_real_escape_string($_POST['title'])); $img1_name=trim($_FILES['image1']['name']); $extension = getExtension($img1_name); $extension = strtolower($extension); $exten1=$extension; $img1_name1 = trim($_FILES['image2']['name']); $extension1 = getExtension($img1_name1); $extension1 = strtolower($extension1); $exten11 = $extension1; $img1_name3=trim($_FILES['image3']['name']); $extension3 = getExtension($img1_name3); $extension3 = strtolower($extension3); $exten13=$extension3; $img1_name4=trim($_FILES['image4']['name']); $extension4 = getExtension($img1_name4); $extension4 = strtolower($extension4); $exten14=$extension4; if($img1_name!="") { $id=date("ymdHis"); $image1 = $id."_"."image1".".".$exten1; $imagetmp1 = $_FILES['image1']['tmp_name']; $size = getimagesize($imagetmp1); $image_name_path1 = "page/$image1"; move_uploaded_file($imagetmp1, $image_name_path1); } else { $image1 = "picicon.jpg"; } if($img1_name1!="") { $id1=date("ymdHis"); $image11 = $id1."_"."image2".".".$exten11; $imagetmp11 = $_FILES['image2']['tmp_name']; //$size = getimagesize($imagetmp1); $image_name_path11 = "product/$image11"; move_uploaded_file($imagetmp11, $image_name_path11); } else { $image11 = "picicon.jpg"; } if($img1_name3!="") { $id3=date("ymdHis"); $image13 = $id3."_"."image3".".".$exten13; $imagetmp13 = $_FILES['image3']['tmp_name']; //$size = getimagesize($imagetmp1); $image_name_path13 = "product/$image13"; move_uploaded_file($imagetmp13, $image_name_path13); } else { $image13 = "picicon.jpg"; } if($img1_name4!="") { $id4=date("ymdHis"); $image14 = $id4."_"."image4".".".$exten14; $imagetmp14 = $_FILES['image4']['tmp_name']; //$size = getimagesize($imagetmp1); $image_name_path14 = "product/$image14"; move_uploaded_file($imagetmp14, $image_name_path14); } else { $image14 = "picicon.jpg"; } $status = $_POST['status']; $date=date("Y-m-d"); if($_FILES['image1']['name']!='' && $_FILES['image2'] ['name']!='' && $_FILES['image3']['name']!='' && $_FILES['image4']['name']!='' ){ $product = mysql_query("update product_table set title='$title',image1='$image1',image2='$image11',image3='$image13',image4='$image14',status='$status',date='$date' where id= '$galid'"); } elseif($_FILES['image1']['name']!=''){ $product = mysql_query("update product_table set title='$title',image1='$image1',status='$status',date='$date' where id= '$galid'"); } elseif($_FILES['image2']['name']!=''){ $product = mysql_query("update product_table set title='$title',image2='$image11',status='$status',date='$date' where id= '$galid'"); } elseif($_FILES['image3']['name']!=''){ $product = mysql_query("update product_table set title='$title',image3='$image13',status='$status',date='$date' where id= '$galid'"); } elseif($_FILES['image4']['name']!=''){ $product = mysql_query("update product_table set title='$title',image4='$image14',status='$status',date='$date' where id= '$galid'"); }else{ $product = mysql_query("update product_table set title='$title',status='$status',date='$date' where id= '$galid'"); } if($product) { header("location:manageproduct.php"); $_SESSION['mode'] = "Record Updated Successfully."; exit; } else { header("location:editproduct.php?id=$galid"); $_SESSION['mode1'] = "Some Error Occured!"; exit; } } ?> <!doctype html> <!-- paulirish.com/2008/conditional-stylesheets-vs-css-hacks-answer-neither/ --> <!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en"> <![endif]--> <!--[if IE 7]> <html class="no-js ie7 oldie" lang="en"> <![endif]--> <!--[if IE 8]> <html class="no-js ie8 oldie" lang="en"> <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js" lang="en"> <!--<![endif]--> <head> <meta charset="utf-8"> <!-- DNS prefetch --> <link rel=dns-prefetch href="//fonts.googleapis.com"> <!-- Use the .htaccess and remove these lines to avoid edge case issues. More info: h5bp.com/b/378 --> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> <title> Product :: Shopyz </title> <meta name="description" content=""> <meta name="author" content=""> <!-- Mobile viewport optimized: j.mp/bplateviewport --> <meta name="viewport" content="width=device-width,initial-scale=1"> <!-- Place favicon.ico and apple-touch-icon.png in the root directory: mathiasbynens.be/notes/touch-icons --> <!-- CSS: implied media=all --> <!-- CSS concatenated and minified via ant build script--> <link rel="stylesheet" href="css/style.css"> <!-- Generic style (Boilerplate) --> <link rel="stylesheet" href="css/960.fluid.css"> <!-- 960.gs Grid System --> <link rel="stylesheet" href="css/main.css"> <!-- Complete Layout and main styles --> <link rel="stylesheet" href="css/buttons.css"> <!-- Buttons, optional --> <link rel="stylesheet" href="css/lists.css"> <!-- Lists, optional --> <link rel="stylesheet" href="css/icons.css"> <!-- Icons, optional --> <link rel="stylesheet" href="css/notifications.css"> <!-- Notifications, optional --> <link rel="stylesheet" href="css/typography.css"> <!-- Typography --> <link rel="stylesheet" href="css/forms.css"> <!-- Forms, optional --> <link rel="stylesheet" href="css/tables.css"> <!-- Tables, optional --> <link rel="stylesheet" href="css/charts.css"> <!-- Charts, optional --> <link rel="stylesheet" href="css/jquery-ui-1.8.15.custom.css"> <!-- jQuery UI, optional --> <!-- end CSS--> <!-- Fonts --> <link href="//fonts.googleapis.com/css?family=PT+Sans" rel="stylesheet" type="text/css"> <!-- end Fonts--> <!-- More ideas for your <head> here: h5bp.com/d/head-Tips --> <!-- All JavaScript at the bottom, except for Modernizr / Respond. Modernizr enables HTML5 elements & feature detects; Respond is a polyfill for min/max-width CSS3 Media Queries For optimal performance, use a custom Modernizr build: www.modernizr.com/download/ --> <script src="js/libs/modernizr-2.0.6.min.js"></script> <script type="text/javascript"> function formReset() { document.getElementById("frmreg").reset(); } </script> <script type="text/javascript" > function validate(id) { img = document.getElementById('fileupload'+id).value; if (!/(\.(gif|jpg|jpeg|png))$/i.test(img)){ alert('Invalid file type.\nPlease upload only .JPG,.PNG,.jpeg and .GIF images'); document.getElementById('fileupload'+id).value=''; document.getElementById('fileupload'+id).focus(); return false; } return true; } </script> <script type="text/javascript"> function chkvalue12() { var status=0; if(document.getElementById("title").value=="") { document.getElementById("title_error").style.display="block"; document.getElementById("title_error").innerHTML="This field is required."; status=1; //alert(status); } if(document.getElementById("title").value!="") { document.getElementById("title_error").style.display="none"; document.getElementById("title_error").innerHTML=""; } if(status==1) { return false; } } var message=""; function ajaxcheck1() { var ajaxRequest; // The variable that makes Ajax possible! try { // Opera 8.0+, Firefox, Safari ajaxRequest = new XMLHttpRequest(); } catch (e) { // Internet Explorer Browsers try { ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP"); } catch (e) { try { ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e){ // Something went wrong alert("Your browser browser is not compitable for the page on which you are working!"); return false; } } } // Create a function that will receive data sent from the server ajaxRequest.onreadystatechange = function() { if(ajaxRequest.readyState == 4) { document.getElementById("texthint").innerHTML=ajaxRequest.responseText; //alert(ajaxRequest.responseText); //document.getElementById("bannertitle").value=""; //document.getElementById("bannertitle").focus(); } } var galtitle = document.getElementById("title").value; var queryString = "?galtitle=" + galtitle; //alert (queryString); ajaxRequest.open("GET", "checkuser.php" + queryString, true); ajaxRequest.send(null); } function CheckExtension(fld) { var valid_extensions = /(.jpg|.gif|.png)$/i; if (valid_extensions.test(fld.value)) return true; alert('You can Only Upload .jpg,.gif,.png format !!'); document.getElementById("resumediv").innerHTML=""; document.getElementById("resumediv").innerHTML="<input type='file' name='main' id='main' onChange='return CheckExtension(this)'/>"; fld.select(); fld.value=""; fld.focus(); return false; } function CheckExtension1(fld) { var valid_extensions = /(.jpg|.gif|.png)$/i; if (valid_extensions.test(fld.value)) return true; alert('You can Only Upload .jpg,.gif,.png format !!'); document.getElementById("resumediv1").innerHTML=""; document.getElementById("resumediv1").innerHTML="<input type='file' name='image2' id='image2' onChange='return CheckExtension1(this)'/>"; fld.select(); fld.value=""; fld.focus(); return false; } </script> </head> <body id="top"> <!-- Begin of #container --> <div id="container"> <!-- Begin of #header --> <?php include_once("header.php");?> <!--! end of #header --> <div class="fix-shadow-bottom-height"></div> <!-- Begin of Sidebar --> <?php include_once("navigation.php");?> <!--! end of #sidebar --> <!-- Begin of #main --> <div id="main" ROLE="main"> <!-- Begin of titlebar/breadcrumbs --> <div id="title-bar"> <ul id="breadcrumbs"> <li><a href="dashboard.php" title="Home"><span id="bc-home"></span></a></li> <li class="no-hover">Admin Control</li> </ul> </div> <!--! end of #title-bar --> <div class="shadow-bottom shadow-titlebar"></div> <!-- Begin of #main-content --> <div id="main-content"> <div class="container_12"> <div class="grid_12"> <h1>Manage Advertisement</h1> <p></p> </div> <div class="grid_12"> <div class="block-border"> <div class="block-header"> <h1>Enter Details</h1><span></span> </div> <form id="frmreg" name="frmreg" class="block-content form" action="" method="post" enctype="multipart/form-data" onSubmit="return chkvalue12();"> <input type="hidden" name="mode" id="mode" value="addrecord" /> <?php if(isset($_SESSION['mode']) && ($_SESSION['mode']!='')) { ?> <div class="alert success"> <span class="hide">x</span> <?php echo $_SESSION['mode']; unset ($_SESSION['mode']); ?> </div> <?php } ?> <?php if(isset($_SESSION['mode1']) && ($_SESSION['mode1']!='')) { ?> <div class="alert error"> <span class="hide">x</span> <?php echo $_SESSION['mode1']; unset ($_SESSION['mode1']); ?> </div> <?php } ?> <?php if(isset($_SESSION['notDone']) && ($_SESSION['notDone']!='')) { ?> <div class="alert error"> <span class="hide">x</span> <?php echo $_SESSION['notDone']; unset ($_SESSION['notDone']); ?> </div> <?php } ?> <div class="_50"> <p> <label for="role"> Title</label> <input type="text" name="title" id="title" value="<?php echo stripslashes($sqfpro['title']);?>" onChange="ajaxcheck1()" /> <span style="padding-left:0px;" id="texthint"></span> <span style="font-family:Arial; font-size:11px; font-weight:bold; color:#993300;" id="title_error"></span> </p> </div> <!-- <div class="_50"> <p> <label for="role"> Sub Title</label> <input type="text" name="shortcontent" id="shortcontent" value="<?php echo stripslashes($sqfpro['shortcontent']);?>" /> <span style="padding-left:0px;" id="texthint"></span> <span style="font-family:Arial; font-size:11px; font-weight:bold; color:#993300;" id="title_error"></span> </p> </div> <div class="_100"> <p> <label for="role">Services</label> <input type="text" name="services" id="services" value="<?php echo stripslashes($sqfpro['services']);?>" onChange="ajaxcheck1()" /> <span style="padding-left:0px;" id="texthint"></span> <span style="font-family:Arial; font-size:11px; font-weight:bold; color:#993300;" id="title_error"></span> </p> </div>--> <!-- <div class="_50"> <p> <label for="role"> Phone </label> <input type="text" name="phone" id="phone" value="<?php echo stripslashes($sqfpro['phone']);?>" onChange="ajaxcheck1()" /> <span style="padding-left:0px;" id="texthint"></span> <span style="font-family:Arial; font-size:11px; font-weight:bold; color:#993300;" id="title_error"></span> </p> </div>--> <!-- <div class="_50"> <p> <label for="role">Mobile</label> <input type="text" name="mobile" id="mobile" value="<?php echo stripslashes($sqfpro['mobile']);?>" onChange="ajaxcheck1()" /> <span style="padding-left:0px;" id="texthint"></span> <span style="font-family:Arial; font-size:11px; font-weight:bold; color:#993300;" id="title_error"></span> </p> </div> <div class="_50"> <p> <label for="role">Email</label> <input type="text" name="email" id="email" value="<?php echo stripslashes($sqfpro['email']);?>" onChange="ajaxcheck1()" /> <span style="padding-left:0px;" id="texthint"></span> <span style="font-family:Arial; font-size:11px; font-weight:bold; color:#993300;" id="title_error"></span> </p> </div> --> <div class="_25"> <p><label for="Banner"> Image 1</label> <div id="resumediv" > <input type="file" name="image1" id="image1" onChange="return CheckExtension(this)" value="<?php echo $sqfpro['image1'];?>"/> </div> <a href="#"><img src="page/<?php echo $sqfpro['image1'];?>" width="50" height="50" onClick="MM_openBrWindow('page/<?php echo $sqfpro['image1'];?>','','scrollbars=yes,width=350,height=350')" /></a> </p> </div> <div class="_25"> <p><label for="Banner"> Image 2</label> <div id="resumediv1" > <input type="file" name="image2" id="image2" onChange="return CheckExtension1(this)" value="<?php echo $sqfpro['image2'];?>"/> </div> <a href="#"><img src="product/<?php echo $sqfpro['image2'];?>" width="50" height="50" onClick="MM_openBrWindow('product/<?php echo $sqfpro['image2'];?>','','scrollbars=yes,width=350,height=350')" /></a> </p> </div> <div class="_25"> <p><label for="Banner"> Image 3</label> <div id="resumediv1" > <input type="file" name="image3" id="image3" onChange="return CheckExtension1(this)" value="<?php echo $sqfpro['image3'];?>"/> </div> <a href="#"><img src="product/<?php echo $sqfpro['image3'];?>" width="50" height="50" onClick="MM_openBrWindow('product/<?php echo $sqfpro['image3'];?>','','scrollbars=yes,width=350,height=350')" /></a> </p> </div> <div class="_25"> <p><label for="Banner"> Image 4</label> <div id="resumediv1" > <input type="file" name="image4" id="image4" onChange="return CheckExtension1(this)" value="<?php echo $sqfpro['image4'];?>"/> </div> <a href="#"><img src="product/<?php echo $sqfpro['image4'];?>" width="50" height="50" onClick="MM_openBrWindow('product/<?php echo $sqfpro['image4'];?>','','scrollbars=yes,width=350,height=350')" /></a> </p> </div> <!-- <div class="_100"> <p> <label for="typefor">Details</label> <?php $oFCKeditor = new FCKeditor('details') ; $oFCKeditor->BasePath = 'fckeditor/' ; $oFCKeditor->Value = "".$sqfpro['content']."" ; $oFCKeditor->Create(); $oFCKeditor->toolbarSet = 'Mytoolbar'; ?> <span style="font-family:Arial; font-size:11px; font-weight:bold; color:#993300;" id="details_error"></span> </p> </div>--> <!-- <div class="_100"> <p><label for="Banner">Light Box Image</label> <div id="resumediv1" > <input type="file" name="proimage1" id="proimage1" onChange="return CheckExtension1(this)" value="<?php echo $sqfpro['boximage'];?>"/> </div> <a href="#"><img src="boxgallery/<?php echo $sqfpro['boximage'];?>" width="50" height="50" onClick="MM_openBrWindow('boxgallery/<?php echo $sqfpro['boximage'];?>','','scrollbars=yes,width=350,height=350')" /></a> <span style="font-family:Arial; font-size:11px; font-weight:bold; color:#993300;" id="pri_error"></span> </p> </div>--> <div class="_50"> <p> <span class="label">Status</span> <label><input type="radio" name="status" value="Active" <?php if($sqfpro['status']=='Active') {?> checked <?php } ?>/> Active</label> <label><input type="radio" name="status" value="Blocked" <?php if($sqfpro['status']=='Blocked') {?> checked <?php } ?>/> Blocked</label> <!--<label><input type="radio" name="radio" /> Justo duo</label>--> </p> </div> <div class="clear"></div> <div class="block-actions"> <ul class="actions-left"> <li><a class="button red" onClick="formReset();">Reset</a></li> </ul> <ul class="actions-right"> <li><input type="submit" class="button" value="Proceed"></li> <li><a class="button red" id="reset-validate-form" onClick="javascript:window.location.href='manageadvertisement.php'">Manage Advertisements</a></li> </ul> </div> </form> </div> </div> <div class="clear"></div> <div class="clear height-fix"></div> </div></div> <!--! end of #main-content --> </div> <!--! end of #main --> <!--<footer id="footer"><div class="container_12"> <div class="grid_12"> <div class="footer-icon align-center"><a class="top" href="#top"></a></div> </div> </div></footer>--> </div> <!--! end of #container --> <!-- JavaScript at the bottom for fast page loading --> <!-- Grab Google CDN's jQuery, with a protocol relative URL; fall back to local if offline --> <script src="//ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js"></script> <script>window.jQuery || document.write('<script src="js/libs/jquery-1.6.2.min.js"><\/script>')</script> <!-- scripts concatenated and minified via ant build script--> <script defer src="js/plugins.js"></script> <!-- lightweight wrapper for consolelog, optional --> <script defer src="js/mylibs/jquery-ui-1.8.15.custom.min.js"></script> <!-- jQuery UI --> <script defer src="js/mylibs/jquery.notifications.js"></script> <!-- Notifications --> <script defer src="js/mylibs/jquery.uniform.min.js"></script> <!-- Uniform (Look & Feel from forms) --> <script defer src="js/mylibs/jquery.validate.min.js"></script> <!-- Validation from forms --> <script defer src="js/mylibs/jquery.dataTables.min.js"></script> <!-- Tables --> <script defer src="js/mylibs/jquery.tipsy.js"></script> <!-- Tooltips --> <script defer src="js/mylibs/excanvas.js"></script> <!-- Charts --> <script defer src="js/mylibs/jquery.visualize.js"></script> <!-- Charts --> <script defer src="js/mylibs/jquery.slidernav.min.js"></script> <!-- Contact List --> <script defer src="js/common.js"></script> <!-- Generic functions --> <script defer src="js/script.js"></script> <!-- Generic scripts --> <script type="text/javascript"> $().ready(function() { /* * Form Validation */ $.validator.setDefaults({ submitHandler: function(e) { $.jGrowl("Form was successfully submitted.", { theme: 'success' }); $(e).parent().parent().fadeOut(); v.resetForm(); v2.resetForm(); v3.resetForm(); } }); var v = $("#create-user-form").validate(); jQuery("#reset").click(function() { v.resetForm(); $.jGrowl("User was not created!", { theme: 'error' }); }); var v2 = $("#write-message-form").validate(); jQuery("#reset2").click(function() { v2.resetForm(); $.jGrowl("Message was not sent.", { theme: 'error' }); }); var v3 = $("#create-folder-form").validate(); jQuery("#reset3").click(function() { v3.resetForm(); $.jGrowl("Folder was not created!", { theme: 'error' }); }); var validateform = $("#validate-form").validate(); $("#reset-validate-form").click(function() { validateform.resetForm(); $.jGrowl("You resetted the form.", { theme: 'error' }); }); /* * Datepicker */ $( "#datepicker" ).datepicker(); }); </script> <!-- end scripts--> <!-- Prompt IE 6 users to install Chrome Frame. Remove this if you want to support IE 6. chromium.org/developers/how-tos/chrome-frame-getting-started --> <!--[if lt IE 7 ]> <script src="//ajax.googleapis.com/ajax/libs/chrome-frame/1.0.3/CFInstall.min.js"></script> <script>window.attachEvent('onload',function(){CFInstall.check({mode:'overlay'})})</script> <![endif]--> </body> </html>
Copyright © 2024 - UnknownSec