|
Server : Apache/2.2.2 (Fedora) System : Linux App1.pathumtani.go.th 2.6.20-1.2320.fc5smp #1 SMP Tue Jun 12 19:40:16 EDT 2007 i686 User : apache ( 48) PHP Version : 5.2.9 Disable Function : NONE Directory : /var/www/html/pathumthani_news/ |
Upload File : |
<?
session_start();
include "config/config.inc.php";
include("function/function.php");
if(!isset($session_username)){
header("Location: login.php");
}
$folder_img = "attach_file/";
if($action == "upload"){
if($file1_name != "") {
$up_complate = @copy("$file1" , "$folder_img$file1_name");
//------------------ Ṻä¿Åì ------------------------
if($sent_edit = "edit_ex"){
$strSQL = "INSERT INTO tbl_attach_file(id_attach_file,attach_file,comment,status_file)VALUES('$id_sub','$file1_name','$comment','Y')";
}else{
$strSQL = "INSERT INTO tbl_attach_file(id_attach_file,attach_file,comment)VALUES('$id_sub','$file1_name','$comment')";
}
$Result = mysql_db_query($dbname,$strSQL);
if($Result){
echo "
<script language=\"javascript\">
alert(\"Ãкº·Ó¡Òúѹ·Ö¡ä¿Åì $file1_name àÃÕºÃéÍÂáÅéÇ\\n \");
location.href='attach_file.php?id_sub=$id_sub&action=FaddF';
</script>
";
exit();
}
} else {
echo "
<script language=\"javascript\">
alert(\"äÁèÊÒÁÒöºÑ¹·Ö¡¢éÍÁÙÅä´é\\n \");
location.href='attach_file.php?id_sub=$id_sub&action=FaddF';
</script>
";
exit();
}
}
if($action == "DEL"){
$strSQL_s1 = "SELECT * FROM tbl_attach_file WHERE run_id='$run_id'";
$Result_s1 = mysql_db_query($dbname,$strSQL_s1);
$Rs_s1 = mysql_fetch_object($Result_s1);
if($Rs_s1->attach_file != ""){
$strSQL_del = "DELETE FROM tbl_attach_file where run_id='$Rs_s1->run_id'";
$Result_del = mysql_db_query($dbname,$strSQL_del);
// àªç¤¡ÒÃźä¿Åì
$strSQLch_del = "SELECT * FROM tbl_attach_file WHERE attach_file LIKE '%$Rs_s1->attach_file%'";
$Resultch_del = mysql_db_query($dbname,$strSQLch_del);
$num_r = mysql_num_rows($Resultch_del);
if($num_r < 1){
$del = $folder_img.$Rs_s1->attach_file;
@unlink($del);
}
// enc àªç¤¡ÒÃźä¿Åì
if($Result_del){
echo "
<script language=\"javascript\">
alert(\"źÃÒ¡ÒÃàÃÕºÃéÍÂáÅéÇ\\n \");
location.href='attach_file.php?id_sub=$Rs_s1->id_attach_file&action=FaddF';
</script>
";
exit();
}
}else{
echo "
<script language=\"javascript\">
alert(\"äÁèÊÒÁÒöźÃÒ¡ÒÃä´é\\n \");
location.href='attach_file.php?id_sub=$Rs_s1->id_attach_file&action=FaddF';
</script>
";
exit();
}
}
if($action == "File_Edit"){
//echo $action;die;
if($file1_name != "") {
$up_complate = @copy("$file1" , "$folder_img$file1_name");
$strSQLe1 = "UPDATE tbl_attach_file SET attach_file='$file1_name', comment='$comment' WHERE run_id='$run_id'";
$Resulte1 = mysql_db_query($dbname,$strSQLe1);
if($Resulte1){
echo "
<script language=\"javascript\">
alert(\"á¡éä¢ÃÒ¡ÒÃàÃÕºÃéÍÂáÅéÇ\\n \");
location.href='attach_file.php?id_sub=$id_sub&action=FaddF';
</script>
";
exit();
}
}else{
$strSQLe2 = "UPDATE tbl_attach_file SET comment='$comment' WHERE run_id='$run_id'";
$Resulte2 = mysql_db_query($dbname,$strSQLe2);
if($Resulte2){
echo "
<script language=\"javascript\">
alert(\"á¡éä¢ÃÒ¡ÒÃàÃÕºÃéÍÂáÅéÇ\\n \");
location.href='attach_file.php?id_sub=$id_sub&action=FaddF';
</script>
";
exit();
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-874" />
<link href="common/style.css" type="text/css" rel="stylesheet" />
<title>Upload File</title>
<script language="javascript">
function Check_v(){
if(document.post.file1.value==""){
alert("¡ÃسÒÃкØä¿Åì");
document.post.file1.focus();
return false;
}else if(document.post.comment.value==""){
alert("¡ÃسÒÃкؤÓ͸ԺÒÂä¿Åì");
document.post.comment.focus();
return false;
}else{
return true;
}
}
</script>
<style type="text/css">
<!--
.style1 {color: #FF0000}
-->
</style>
</head>
<body>
<table width="100%" height="100" align="center" cellpadding="2" cellspacing="1">
<tr>
<td height="20" bgcolor="#8DA0C0">Ṻä¿Åì¢éÍÁÙÅ<b></b></td>
</tr>
<tr bgcolor="#ffffff">
<td height="20" colspan="3">
<?
if($action == "FaddF"){
?>
<form name="post" action="?" method="post" enctype="multipart/form-data" onsubmit="return Check_v();">
<input type="hidden" name="action" value="upload">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td bgcolor="#000000">
<table width="100%" border="0" cellspacing="0" cellpadding="5">
<tr>
<td height="15" colspan="2" align="left" bgcolor="#FFFFFF"><img src="images/project1.gif" width="52" height="52" /></td>
</tr>
<tr>
<td width="31%" height="20" align="right" bgcolor="#FFFFFF"><strong>àÅ×Í¡ä¿Åì :<span class="style1">*</span></strong></td>
<td width="69%" bgcolor="#FFFFFF"><input type="file" id="file1" name="file1" style="width:200px;" /></td>
</tr>
<tr>
<td height="20" align="right" bgcolor="#FFFFFF"><strong>¤Ó͸ԺÒÂä¿Åì: </strong><strong><span class="style1">*</span></strong></td>
<td bgcolor="#FFFFFF"><label>
<input type="text" name="comment" size="30">
</label></td>
</tr>
<tr>
<td height="20" align="right" valign="top" bgcolor="#FFFFFF"><strong>ÃÒª×èÍä¿Åì : </strong></td>
<td align="left" valign="top" bgcolor="#FFFFFF"><table width="100%" border="0" cellspacing="0" cellpadding="3">
<?
$strSQL_s = "SELECT * FROM tbl_attach_file WHERE id_attach_file='$id_sub' ";
$Result_s = mysql_db_query($dbname,$strSQL_s);
while($Rs_s = mysql_fetch_object($Result_s)){
?>
<tr>
<td width="44%"><a href="attach_file/<?=$Rs_s->attach_file?>" target="_blank"><?=$Rs_s->attach_file?></a>
<? if($Rs_s->comment != "" or $Rs_s->comment != NULL ){ echo "( $Rs_s->comment )";}?></td>
<td width="56%"><a href="attach_file.php?action=Fedit&run_id=<?=$Rs_s->run_id?>&id_sub=<?=$id_sub?>"><img src="images/edit_project.gif" alt="á¡éä¢ÃÒ¡ÒÃ" width="20" height="20" border="0" ></a> <a href="attach_file.php?action=DEL&run_id=<?=$Rs_s->run_id?>"><img src="images/delete.gif" width="20" height="20" alt="źä¿Åì" border="0"></a></td>
</tr>
<?
}
?>
</table></td>
</tr>
<tr>
<td height="20" align="right" valign="top" bgcolor="#FFFFFF"> </td>
<td align="left" valign="top" bgcolor="#FFFFFF">
<input type="hidden" name="sent_edit" value="<?=$sent_edit?>">
<input type="hidden" name="id_sub" value="<?=$id_sub?>">
<input type="submit" name="Submit" value="Ṻä¿Åì" />
<input type="button" name="btnC" value="»Ô´Ë¹éÒµèÒ§" onclick="window.close();" /> </td>
</tr>
</table></td>
</tr>
</table>
</form>
<?
}
?>
</td>
</tr>
<tr align="center">
<td height="20">
<?
if($action == "Fedit"){
$strSQLE = "SELECT * FROM tbl_attach_file WHERE run_id='$run_id'";
$ResultE = mysql_db_query($dbname,$strSQLE);
$RsE = mysql_fetch_object($ResultE);
?>
<form name="formE" action="?" method="post" enctype="multipart/form-data">
<input type="hidden" name="action" value="File_Edit">
<input type="hidden" name="run_id" value="<?=$RsE->run_id?>">
<input type="hidden" name="id_sub" value="<?=$id_sub?>">
<table width="100%" border="0" cellspacing="0" cellpadding="5">
<tr>
<td height="15" colspan="2" align="left" bgcolor="#FFFFFF"><img src="images/project1.gif" width="52" height="52" /></td>
</tr>
<tr>
<td width="30%" height="20" align="right" bgcolor="#FFFFFF"><strong>àÅ×Í¡ä¿Åì :</strong></td>
<td width="70%" align="left" bgcolor="#FFFFFF"><input type="file" id="file1" name="file1" style="width:200px;" /></td>
</tr>
<tr>
<td height="20" align="right" bgcolor="#FFFFFF"><strong>¤Ó͸ԺÒÂä¿Åì : </strong></td>
<td align="left" bgcolor="#FFFFFF"><label>
<input type="text" name="comment" size="30" value="<?=$RsE->comment?>">
</label></td>
</tr>
<tr>
<td height="20" align="right" valign="top" bgcolor="#FFFFFF"> </td>
<td align="left" valign="top" bgcolor="#FFFFFF"><input type="submit" name="Submit2" value="Ṻä¿Åì" />
<input type="button" name="btnB2" value="ÂéÍ¡ÅѺ" onclick="location.href='attach_file.php?action=FaddF&id_sub=<?=$id_sub?>'"></td>
</tr>
</table>
</form>
<?
}
?>
</td>
</tr>
</table>
</body>
</html>