@Ghazascanner
_2019runbot
Ghazascanner File Manager
server :Linux adweb87 2.6.32-754.el6.x86_64 #1 SMP Tue Jun 19 21:26:04 UTC 2018 x86_64
Current Path :
/
home
/
sanchung
/
public_html
/
admin
/
_phone
/
Path :
Upload File :
New :
File
Dir
/home/sanchung/public_html/admin/_phone/proc.php
<? session_start(); include"../_setup.php"; $updir = "../updata/phone/"; switch($motion){ case"menu_write": // ¹è°æÀ̹ÌÁö ¾÷·Îµå Æú´õ¼³Á¤ if(!@is_dir("../updata/phone")){ exec("mkdir ../updata/phone"); exec("chmod 757 ../updata/phone"); } $_POST[btn_out] = $lib->Psk_file_upload_new($_FILES[imgout], $updir, mktime() ); $_POST[btn_over] = $lib->Psk_file_upload_new($_FILES[imgover], $updir, mktime() ); $row = $mysql->row("adw_phone_menu", "max(lcode), max(step)", "where level='L'", 0); if(!$row[0]) $_POST[lcode] = "0001"; else { $temp_lcode = $row[0] + 1; $temp_lcode = "000".$temp_lcode; switch(strlen($temp_lcode)){ case"4": $_POST[lcode] = $temp_lcode; break; case"5": $_POST[lcode] = substr($temp_lcode, 1, 4); break; case"6": $_POST[lcode] = substr($temp_lcode, 2, 4); break; case"7": $_POST[lcode] = substr($temp_lcode, 3, 4); break; } } if(!$row[1]) $_POST[step] = 1; else $_POST[step] = $row[1] + 1; for( ; ; ){ $_POST[barcode] = rand(0, 9)."S".rand(1000, 9999)."K"; $__row = $mysql->row("adw_phone_menu", "*", "where barcode='$_POST[barcode]'", 0); if(!$__row) break; } $mysql->insert("adw_phone_menu", $_POST, 0); //exit; echo"<script> parent.location.reload(); </script>"; break; case"menu_modify": // ¼ºê¸Þ´º µî·Ï if(trim($_POST[sub_name])){ $row = $mysql->row("adw_phone_menu", "max(mcode), max(step)", "where lcode='$_POST[lcode]' && level='M'", 0); if(!$row[0]) $_POST[mcode] = "0001"; else { $temp_mcode = $row[0] + 1; $temp_mcode = "000".$temp_mcode; switch(strlen($temp_mcode)){ case"4": $_POST[mcode] = $temp_mcode; break; case"5": $_POST[mcode] = substr($temp_mcode, 1, 4); break; case"6": $_POST[mcode] = substr($temp_mcode, 2, 4); break; case"7": $_POST[mcode] = substr($temp_mcode, 3, 4); break; } } if(!$row[1]) $_POST[step] = 1; else $_POST[step] = $row[1] + 1; $_POST[name] = trim($_POST[sub_name]); for( ; ; ){ $_POST[barcode] = rand(0, 9)."S".rand(1000, 9999)."K"; $__row = $mysql->row("adw_phone_menu", "*", "where barcode='$_POST[barcode]'", 0); if(!$__row) break; } $mysql->insert("adw_phone_menu", $_POST, 0); echo"<script> parent.location.reload(); </script>"; // ¸Þ´º ¼öÁ¤ } else { $row = $mysql->row("adw_phone_menu", "*", "where num='$_POST[num]'", 0); if($_FILES[imgout][name]){ if($row[btn_out]) @unlink($updir.$row[btn_out]); $_DATA[btn_out] = $lib->Psk_file_upload_new($_FILES[imgout], $updir, mktime() ); } if($_FILES[imgover][name]){ if($row[btn_over]) @unlink($updir.$row[btn_over]); $_DATA[btn_over] = $lib->Psk_file_upload_new($_FILES[imgover], $updir, mktime() ); } // ¼øÀ§Á¶Á¤ if($row[step] != $_POST[step]){ if($row[level] == "M") $_addsql = " && lcode='$row[lcode]' && level='M'"; else $_addsql = " && level='L' "; if($_POST[step] < $row[step]){ $sql = "update adw_phone_menu set step=step+1 where step>=$_POST[step] && step<$row[step] $_addsql"; } else { $sql = "update adw_phone_menu set step=step-1 where step<=$_POST[step] && step>$row[step] $_addsql"; } mysql_query($sql); } $_DATA[name] = $_POST[name]; $_DATA[step] = $_POST[step]; $mysql->update("adw_phone_menu", $_DATA, "where num='$_POST[num]'", 0); echo"<script> parent.location.reload(); </script>"; } break; case"menu_delete": $row = $mysql->row("adw_phone_menu", "*", "where num='$_GET[num]'", 0); if($row[level] == "L"){ $sql = "update adw_phone_menu set step=step-1 where step>$row[step] && level='L'"; mysql_query($sql); if($row[btn_out]) @unlink($updir.$row[btn_out]); if($row[btn_over]) @unlink($updir.$row[btn_over]); $mysql->delete("adw_phone_menu", "where lcode='$row[lcode]'", 0); } else { $sql = "update adw_phone_menu set step=step-1 where step>$row[step] && lcode='$row[lcode] && level='M'"; mysql_query($sql); $mysql->delete("adw_phone_menu", "where num='$_GET[num]'", 0); } echo"<script> parent.location.reload(); </script>"; break; case"online2_modify": $sql = "update goods_request set state='$_POST[state]' where num='$_POST[num]'"; mysql_query($sql); $lib->script_go("../index.htm?amode=online_read2&num=$_POST[num]&page=$page"); break; case"online3_modify": $sql = "update goods_request set state='$_POST[state]' where num='$_POST[num]'"; mysql_query($sql); $lib->script_go("../index.htm?amode=online_read3&num=$_POST[num]&page=$page"); break; } ?>