403Webshell
Server IP : 51.89.169.208  /  Your IP : 3.135.190.163
Web Server : Apache
System : Linux ns3209505.ip-198-244-202.eu 4.18.0-553.27.1.el8_10.x86_64 #1 SMP Tue Nov 5 04:50:16 EST 2024 x86_64
User : yellowleaf ( 1019)
PHP Version : 7.4.33
Disable Function : exec,passthru,shell_exec,system
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /home/yellowleaf/public_html/members/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/yellowleaf/public_html/members/promo_edit.html
<? 
include_once('../connect.php'); 
include 'accesscontrol.php';
$adid=$_GET['adid'];
$pid=$_GET['pid'];
// check if advert beleongs to members
if(advert_check($adid,$memberid)===false){header('Location: index.html');exit();}
// css for menu
$styleManage = 'color:#ff6131;background-color:#fff;border-top:1px solid #c9c9c9;font-weight:bold;';
if(isset($_POST['submit'])){

	$prom_title=$_POST['prom_title'];
	$prom_desc=$_POST['prom_desc'];
	$prom_date=time();
	$expiry_day=$_POST['expiry_day'];
	$expiry_month=$_POST['expiry_month'];
	$expiry_year=$_POST['expiry_year'];
	$valid_day=$_POST['valid_day'];
	$valid_month=$_POST['valid_month'];
	$valid_year=$_POST['valid_year'];
	
	// converting valid
	$val=$valid_month.'/'.$valid_day.'/'.$valid_year;
	$prom_valid=strtotime($val);
	
	// converting expiry
	$expiry_dmy=$expiry_month.'/'.$expiry_day.'/'.$expiry_year;
	$prom_expiry=strtotime($expiry_dmy);
	
	$q3 = "UPDATE promotions SET
	       prom_title = '$prom_title',
	       prom_desc = '$prom_desc',
	       prom_date = '$prom_date',
	       prom_valid = '$prom_valid',
	       prom_expiry = '$prom_expiry' WHERE prom_id='{$pid}' AND member_id={$memberid}";

	$r3 = $connect->query($q3) or die($connect->error);
	
	$r4 = $connect->query("UPDATE ads SET promo_date='$prom_expiry' WHERE adid ='{$adid}' AND memberid={$memberid}") or die($connect->error);
	
	$success=TRUE;
}
?>
<!DOCTYPE html>
<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>YellowLeaf UK</title>
<link href="style.css" rel="stylesheet" type="text/css">
<script src="js/ajax_area.js"></script>
<script src="js/ajax_cat.js"></script>
<script language="javascript">
<!--
function CheckRegister(){
 if(document.RegForm.prom_title.value==""){
  window.alert('Please enter the title of your business promotion.');
  document.RegForm.prom_title.focus();
  return false;
 }
  if(document.RegForm.prom_desc.value==""){
  window.alert('Please enter the description of your promotion.');
  document.RegForm.prom_desc.focus();
  return false;
 }
 if(document.RegForm.valid_day.value==""){
  window.alert('Please select the \'Day\' for the \'Valid From\' date.');
  document.RegForm.valid_day.focus();
  return false;
 }
 if(document.RegForm.valid_month.value==""){
  window.alert('Please select the \'Month\' for the \'Valid From\' date.');
  document.RegForm.valid_month.focus();
  return false;
 }
 if(document.RegForm.valid_year.value==""){
  window.alert('Please select the \'Year\' for the \'Valid From\' date.');
  document.RegForm.valid_year.focus();
  return false;
 }
 if(document.RegForm.expiry_day.value==""){
  window.alert('Please select the\'Day\' for the \'Expiry\' date.');
  document.RegForm.expiry_day.focus();
  return false;
 }
 if(document.RegForm.expiry_month.value==""){
  window.alert('Please select the \'Month\' for the \'Expiry\' date.');
  document.RegForm.expiry_month.focus();
  return false;
 }
 if(document.RegForm.expiry_year.value==""){
  window.alert('Please select the\'Year\' for the \'Expiry\' date.');
  document.RegForm.expiry_year.focus();
  return false;
 } 
}

//-->
</script>
</head>

<body>

<? include 'header.php'; ?>
<table class="tbwdth">
	<tr>
		<td valign="top" style="width:210px;"><? include 'member_menu.php'; ?>
		</td>
		<td valign="top" class="cnGrad">
		<?
		// for opening times
		$add_que = $connect->query("SELECT * FROM promotions WHERE ad_id ='{$adid}' AND prom_id='{$pid}' ORDER BY prom_id DESC");
		$promo_numRow=$add_que->num_rows;
		
		// business details
		$ad_sql = $connect->query("SELECT * FROM ads WHERE memberid ='{$memberid}' AND adid='{$adid}'");
		$ad_row=$ad_sql->fetch_array();
		
		if($promo_numRow>0){
		$add_que_sql = $add_que->fetch_array();
		$month_array = array("January", "February", "March", "April", "May", "June", "July", "August", "September", "October", "November", "December");
		$valid_day=date('j',$add_que_sql['prom_valid']);
		$valid_month=date('n',$add_que_sql['prom_valid']);
		$valid_year=date('Y',$add_que_sql['prom_valid']);
		$expiry_day=date('j',$add_que_sql['prom_expiry']);
		$expiry_month=date('n',$add_que_sql['prom_expiry']);
		$expiry_year=date('Y',$add_que_sql['prom_expiry']);
		
		?>
		<form name="RegForm" action="promo_edit.html?adid=<?=$adid?>&pid=<?=$pid?>" method="POST" onsubmit="return CheckRegister();" autocomplete="off">
		<div class="cnHead" style="margin-bottom:5px;">Updating Promotions and Deals</div>
		<div style="color:#555;font-size:14pt;margin-bottom:40px;"><?=$ad_row['companyname']?></div>
		<?if($success==TRUE){?>
		<div class="successDvBx">
		Update Successful. Your details have been saved. <br><a href="promo.html?adid=<?=$adid?>">Click here to go back to Manage Promotions ></a>
		</div>
		<?}?>
			<table class="cnTbl" width="100%">
			<tr>
			<td valign="top" colspan="2" style="background-color:#f3f3f3;padding:8px 15px 6px;border-bottom:1px solid #ccc;">
			<span class="subHead">Update Promotion or Deal</span></td>
			</tr>
			<tr>
			<td valign="top" colspan="2"></td>
			</tr>
			<tr>
					<td class="cnWidth cnTitle" style="padding-left:25px" valign="top">
					Promotion Title*:<br>
					<div class="cnTitleDesc">Please enter the title of your business promotion.</div>
					<input name="prom_title" type="text" class="txbox" size="40" value="<?=$add_que_sql['prom_title']?>"></td>
				</tr>
				<tr>
					<td><hr noshade color="#C9C9C9" size="1"></td>
				</tr>
				<tr>
					<td class="cnWidth cnTitle" style="padding-left:25px" valign="top">
					Promotion Description *:<br>
					<div class="cnTitleDesc">Please enter the description of your promotion.</div>
					<textarea name="prom_desc" rows="6" style="width:590px"><?=$add_que_sql['prom_desc']?></textarea></td>
				</tr>
				<tr>
					<td><hr noshade color="#C9C9C9" size="1"></td>
				</tr>
								<tr>
					<td class="cnWidth cnTitle" style="padding-left:25px" valign="top">
					Promotion Valid From*:<br>
					<div class="cnTitleDesc">Please enter the date that your promotion is valid from.</div>
					<select name="valid_day">
					<?
					for($d=1; $d<=31; $d++){
					if($valid_day==$d){
						echo '<option value="'.$d.'" selected>'.$d.'</option>';
					}else{
						echo '<option value="'.$d.'">'.$d.'</option>';
					}
					}
					?>
					</select>
					<select name="valid_month">
					<?
					$v_m_num=1;
					foreach($month_array as $v_month){
						if($v_m_num==$valid_month){
							echo '<option value="'.$v_m_num.'" selected>'.$v_month.'</option>';
						}else{
							echo '<option value="'.$v_m_num.'">'.$v_month.'</option>';
						}
						$v_m_num++;
					}
					?>
					</select>
					<select name="valid_year">
					<?	
					$y=date('Y');
					for($i=1; $i<=50; $i++){
						if($y==$valid_year){
							echo '<option value="'.$y.'" selected>'.$y.'</option>';
						}else{
							echo '<option value="'.$y.'">'.$y.'</option>';
						}
						$y++;
					}
					?>
					</select>
					</td>
				</tr>
				<tr>
					<td><hr noshade color="#C9C9C9" size="1"></td>
				</tr>
				<tr>
					<td class="cnWidth cnTitle" style="padding-left:25px" valign="top">
					Promotion Expiry*:<br>
					<div class="cnTitleDesc">Please enter the expiry date of your promotion.</div>
					<select name="expiry_day">
					<?
					for($d2=1; $d2<=31; $d2++){
						if($expiry_day==$d2){
							echo '<option value="'.$d2.'" selected>'.$d2.'</option>';
						}else{
							echo '<option value="'.$d2.'">'.$d2.'</option>';
						}
					}
					?>
					</select>
					<select name="expiry_month">
					<?
					$e_m_num=1;
					foreach($month_array as $e_month){
						if($e_m_num==$expiry_month){
							echo '<option value="'.$e_m_num.'" selected>'.$e_month.'</option>';
						}else{
							echo '<option value="'.$e_m_num.'">'.$e_month.'</option>';
						}
						$e_m_num++;
					}
					?>
					</select>
					<select name="expiry_year">
					<?	
					$yr=date('Y');
					for($z=1; $z<=50; $z++){
						if($yr==$expiry_year){
							echo '<option value="'.$yr.'" selected>'.$yr.'</option>';
						}else{
							echo '<option value="'.$yr.'">'.$yr.'</option>';
						}
						$yr++;
					}
					?>
					</select>
					<?}?>
					</td>
				</tr>
				<tr>
					<td><hr noshade color="#C9C9C9" size="1"></td>
				</tr>
				<tr>
					<td>
					<span style="font-size:9pt;color:#666;">* mandatory fields that must be filled in.</span>
					</td>
				</tr>
			</table>
		<input class="blueBtn fancyBtn" style="border:0px;float:left;margin-top:20px" type="submit" value="Update Promotion &gt;" name="submit">
		<input class="redBtn fancyBtn" style="border:0px;float:left;margin-top:20px" type="button" onclick="window.location='promo.html?adid=<?=$adid?>';" value="Cancel &gt;" >
		</form>
		</td>
	</tr>
</table>
<? include 'footer.php'; ?>

</body>

</html>

Youez - 2016 - github.com/yon3zu
LinuXploit