MINI SHELL

Server : Apache/2.2.2 (Fedora)
System : Linux App1.pathumtani.go.th 2.6.20-1.2320.fc5smp #1 SMP Tue Jun 12 19:40:16 EDT 2007 i686
User : apache ( 48)
PHP Version : 5.2.9
Disable Function : NONE
Directory :  /var/www/html/eoffice/application/document/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /var/www/html/eoffice/application/document/docreg_sendgroup.php
<?
session_start();
//$bypass=1;

include("../../config/config.inc.php");
$db_mode="self";

if ($_SERVER[REQUEST_METHOD] == "POST"){ 
// print_r($_POST);

if($mode=="sid"){
		$xtype=""; $a=0;
		if($_POST[checkbox]){
		$num=$_POST[checkbox];
			$xtype.=$num.",";
			$select_code.=" $table_staffgroup.gid =  $_POST[checkbox]";
	}else{
	?>
	<SCRIPT language="javascript">
	 window.close();
	</SCRIPT>
	<?
	}


	//AND $table_staffgroup.parent !=  '0'
	$sql_check_group="
	SELECT
	$table_staffgroup.groupname,
	$table_staffgroup.gid
	FROM
	$table_staffgroup 
	WHERE
	$table_staffgroup.org_id =  '2'
	AND
	$select_code
	ORDER by $table_staffgroup.gid ASC
	";

	$show_gid="";
	$resultg = mysql_query($sql_check_group)or die("Query line " . __LINE__ . " error<hr>".mysql_error());

	$rs_glist = mysql_fetch_assoc($resultg);

	$x="";
	if($rs_glist[title]){$x="(".$rs_glist[title].") ";};

	$show_gid.=$rs_glist[groupname]." ".$x.$rs_glist[prename].$rs_glist[staffname]." ".$rs_glist[staffsurname];
	$owner_id.=$rs_glist[owner_id];
	$xgid=$rs_glist[gid];

	?>
	<SCRIPT language="javascript">
	opener.document.post.xgid.value="<?=$xgid?>";
	opener.document.post.sid.value="<?=$owner_id?>";
	opener.document.post.sid_show.value="<?=trim($show_gid)?>";
	opener.document.post.sid_show.focus();
	 window.close();
	</SCRIPT>
	<?
	}
 // END POST
 }else{
$sql_history="
SELECT
document.`status`,
document.time_rec,
document.owner,
doc_receive.status,
doc_receive.staff_id,
doc_receive.group_id,
$table_staff.prename,
$table_staff.staffname,
$table_staff.staffsurname
FROM
doc_receive
Inner Join document ON doc_receive.docid = document.id
Inner Join $table_staff ON doc_receive.staff_id = $table_staff.staffid
Group by $table_staff.staffid
";
$result = mysql_query($sql_history)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
while($hrs1 = mysql_fetch_assoc($result)){
if($hrs1[group_id][0]=="g"){ $g=substr($hrs1[group_id],1); $gid_check[$g]="$g";}
if($hrs1[group_id][0]=="p"){ $p=substr($hrs1[group_id],1); $pid_check[$p]="$p";}
	}
 }
?>

<HTML>
<HEAD>
<TITLE> หน่วยงาน </TITLE>
<META http-equiv="Content-Type" content="text/html; charset=windows-874">
<SCRIPT type="text/javascript" src="dtree/dtree.js"></SCRIPT>
<SCRIPT src="../../common/functions.js" type="text/javascript" language="javascript"></SCRIPT>
<LINK href="../../common/style_menu.css" rel=StyleSheet type="text/css">
<LINK href="../../common/style.css" rel="stylesheet" type="text/css">
<SCRIPT language="JavaScript" type="text/javascript" src="ajax_search.js"></SCRIPT>


</HEAD>
<BODY bgcolor="#FFFFFF" onLoad="document.post.keyword.focus();">
<FORM action="<?=$PHP_SELF?>?type=<?=$type?>&action=add" name="post" method="post" enctype="multipart/form-data" onSubmit="return check();">

<TABLE width="101%" border="0" align="right" cellpadding="10" cellspacing="0">
	<TR>
		<TD>		
		<!-------------------------------1------------------------------------------------>
		
		<TABLE width="100%" border="1" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
		<TR>
			<TD>
				<!-------------------------------2------------------------------------------------>
				<TABLE width="100%" border="0" cellspacing="1" cellpadding="1">
				<TR>
					<TD bgcolor="#CCCCCC"><TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
				<TR>
					<TD>
						<STRONG>Office / Department</STRONG>
					</TD>
					<TD align="right" valign="baseline"><INPUT name="mode" type="hidden" id="mode"  readonly="readonly" value="<?=$mode?>"/>
						<INPUT type="submit" name="Button" value="บันทึกข้อมูล" onSubmit="return check();" >
					</TD>
				</TR>
				</TABLE>
				<!-------------------------------/2------------------------------------------------>					
				</TD>
			</TR>
		</TABLE>
		<!-------------------------------1------------------------------------------------>
		</TD>
	</TR>	
	<TR>
		<TD>		
				<!---------SREACH DIV---------------->
				ค้นหา<IMG src="../../images/search.jpg" width="16" height="16">
				<INPUT name="keyword" type="text" onKeyUp="searchSuggest();" AUTOCOMPLETE="off">
		</TD>
	</TR>

	<TR>
		<TD>	
				<!---------RESULT---------------->
				<DIV id="search_suggest">
				<TABLE>
						<?
						$sql_group="
						SELECT
						$table_staffgroup.groupname,
						$table_staffgroup.owner_id,
						$table_staffgroup.gid
						FROM
						$table_staffgroup 
						WHERE
						$table_staffgroup .org_id =  '2'
						$s_code
						ORDER by BINARY($table_staffgroup.groupname) ASC
						";
						$result = mysql_query($sql_group)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
						while($hrs = mysql_fetch_assoc($result)){
						?>			
							<TR>
								<TD align="left" valign="top">
									<? if($mode=="sid") {?>
									<INPUT type="radio" name="checkbox" value="<?=$hrs[gid]?>" >
									<? }?>
											<LABEL <? if($list[$hrs[gid]]){ ?>onClick="showEle('display<?=$hrs[gid]?>');" <?}?>>
											<u><?=$hrs[groupname]?></u></LABEL>
								</TD>
							</TR>
						<? }?>
				</TABLE>
				</DIV>
		</TD>
	</TR>	
</TABLE>

</FORM>
</BODY>
</HTML>

Anon7 - 2021