| Server IP : 122.155.17.190 / Your IP : 216.73.216.99 Web Server : Apache/2 System : Linux cat17190.thaihostserver.com 5.10.0-21-amd64 #1 SMP Debian 5.10.162-1 (2023-01-21) x86_64 User : bungkla ( 1054) PHP Version : 5.6.40 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /home/bungkla/domains/bungkla.go.th/private_html/travels/ |
Upload File : |
<?
session_start();
Header("Content-Type: text/html; charset=UTF-8");
$salb_id = $_GET['salb_id'];
if(!isset($salb_id) || empty($salb_id))
{
die;exit;
}
include("../include/config.php");
include("../include/function.php");
include("../include/config_db.php");
if($_POST["chk_edit"]==1)
{
$c_com_text = $_POST['s_com_text'];
$c_com_name = $_POST['s_com_name'];
$c_com_email = $_POST['s_com_email'];
$c_com_item = $_POST['s_com_item'];
$c_com_text = htmlspecialchars($c_com_text);
$c_com_text = strip_tags($c_com_text);
// Remove CDATA blocks. ;)
$c_com_text = preg_replace('#\<\!\[CDATA\[(.*?)\]\]\>#s', '', $c_com_text);
// Other control characters
$c_com_text = preg_replace('#(?:[\x00-\x1F\x7F]+|(?:\xC2[\x80-\x9F])+)#', '', $c_com_text);
$order = array("\r\n", "\n", "\r");
$replace = '<br>';
$c_com_text = str_replace($order, $replace, $c_com_text);
$c_com_text = str_replace('"', "'", $c_com_text);
if(($c_com_text != "") && ($c_com_name != ""))
{
$sql = "insert into `travel_album_comment` (`id`,`alb_id`,`com_name`,`com_text`,`com_email`,`com_date`,`com_item`) values ('','$salb_id','$c_com_name','$c_com_text','$c_com_email',now(),'$c_com_item')";
$dbquery = mysql_query($sql) or die("ไม่สามารถบันทึกข้อมูลได้ !G");
}
}
if($_POST["chk_del"]==1)
{
if(isset($_SESSION['user']))
{
if(isset($_POST['s_ald_id']))
{
$c_ald_id = $_POST['s_ald_id'];
$sql = "delete from `travel_album_comment` where (`id`='$c_ald_id')";
$dbquery = mysql_query($sql);
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="CACHE-CONTROL" content="NO-CACHE">
<meta http-equiv="EXPIRES" content="Sun, 1 Jan 2000 12:00:00 GMT">
<meta http-equiv="PRAGMA" content="NO-CACHE">
<link href="svstyles.css?v=<?php echo filemtime('svstyles.css');?>" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="captcha/captcha.js"></script>
<!--font-->
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Kanit:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap" rel="stylesheet">
<!--font-->
</head>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<div align="center">
<div id="svDivAlbums5C">
<?
echo "<div id=\"svDivAlbums5RowC\" align=\"left\" class=\"textblack\">\n";
$sql = "select * From `travel_album_comment` where (`alb_id`='$salb_id') ";
$sql .= "Order by `com_date` Desc ";
$item = 0;
$Per_Page = 5;
if(!$_GET['Page'])
{
$Page=1;
}else
{
$Page = $_GET['Page'];
}
$Prev_Page = $Page-1;
$Next_Page = $Page+1;
$Page_start = ($Per_Page*$Page)-$Per_Page;
$sql_2 = "SELECT COUNT(*) AS num_rows_2 FROM `travel_album_comment` where (`alb_id`='$salb_id') ";
$dbquery = mysql_query($sql_2);
$Num_Rows = mysql_num_rows($dbquery);
if($Num_Rows>0)
{
$Num_Rows = mysql_result($dbquery, 0,"num_rows_2");
}
mysql_free_result($dbquery);
unset($dbquery);
if($Num_Rows<=$Per_Page)
$Num_Pages =1;
else if(($Num_Rows % $Per_Page)==0)
$Num_Pages =($Num_Rows/$Per_Page) ;
else
$Num_Pages =($Num_Rows/$Per_Page) +1;
$Num_Pages = (int)$Num_Pages;
if(($Page>$Num_Pages) || ($Page<0))
print "<center><b>ยังไม่มีข้อมูล<b></center>";
//print "<center><b>จำนวน $Page มากกว่า $Num_Pages ยังไม่มีข้อความ<b></center>";
$sql .= "LIMIT $Page_start , $Per_Page";
//ส่วนแสดงผล
$result = mysql_query($sql);
//$item = ($Page-1) * $Per_Page;
$s_com_item = $Num_Rows+1;
While($row= mysql_fetch_assoc($result))
{
$c_id = $row["id"];
$c_com_name = $row["com_name"];
$c_com_text = $row["com_text"];
$c_com_date = $row["com_date"];
$c_com_item = $row["com_item"];
$c_date = dateThai_MM($c_com_date);
//echo "".$c_com_item.". ข้อความ : <p style=\"text-align: justify;text-justify: inter-word;\" class=\"textblack\">".$c_com_text." </p>";
echo "<div align=\"left\" class=\"textblack\">".$c_com_item.". ข้อความ : ".$c_com_text."<br />";
echo "โดย : ".$c_com_name." ( ".$c_date." )";
if(isset($_SESSION['user']))
{
echo " <img src=\"images/delete.gif\" alt=\"ลบความคิดเห็นนี้\" onclick=\"PageComment($c_id);\" />";
}
echo "<br /><hr align=\"left\" width=\"50%\" color=\"#e5e5e5\" noshade size=1 ></div>";
//$item = $item - 1;
} //while
echo "</div>\n";
echo "<div id=\"svDivAlbumsMore\">\n";
$PHP_SELF = $_SERVER['PHP_SELF'];
if($Prev_Page)
echo " <a href='$PHP_SELF?Page=1&salb_id=$salb_id' class='linktextblack'><<</a> <a href='$PHP_SELF?Page=$Prev_Page&salb_id=$salb_id' class='linktextblack'><</a> ";
$Show_Page = 10;
$s1 = $Page - $Show_Page;
if($s1 <= 0 ){$s1 = 1;}
$s2 = $Page + $Show_Page;
if($s2 > $Num_Pages){$s2 = $Num_Pages;}
if($s1 == 1 ){
$s2 = $Show_Page+10;
if($s2 > $Num_Pages){$s2 = $Num_Pages;}
}
if(($s2 == $Num_Pages) &&($s1 != 1)){
$s1 = $Num_Pages-20;
if($s1 <= 0 ){$s1 = 1;}
}
for($i=$s1; $i<=$s2; $i++)
{
if($i != $Page)
{
echo "<a href='$PHP_SELF?Page=$i&salb_id=$salb_id' class='linktextblack'>[ $i ]</a>";
}
else
{
if($Num_Rows > $Per_Page){
echo "<font class='linktextblack'><b>[ $i ]</b></font>";
}
}
}
if($Num_Pages>($i-1))
{
if($Num_Pages>($i+1))
{
$bNum_Pages = $Num_Pages - 1;
echo "...<a href ='$PHP_SELF?Page=$bNum_Pages&salb_id=$salb_id' class='linktextblack'>[ $bNum_Pages ]</a>";
}else if($Num_Pages==($i+1))
{
$bNum_Pages = $i;
echo "<a href ='$PHP_SELF?Page=$bNum_Pages&salb_id=$salb_id' class='linktextblack'>[ $bNum_Pages ]</a>";
}
echo "<a href ='$PHP_SELF?Page=$Num_Pages&salb_id=$salb_id' class='linktextblack'>[ $Num_Pages ]</a>";
}
if($Page!=$Num_Pages)
echo " <a href ='$PHP_SELF?Page=$Next_Page&salb_id=$salb_id' class='linktextblack'> ></a> <a href ='$PHP_SELF?Page=$Num_Pages&salb_id=$salb_id' class='linktextblack'>>></a>";
echo " </div>\n";
if(isset($result)){
mysql_free_result($result );
unset($result);
}
include("../include/close_db.php");
?>
</div>
<div style="left:0px; width:600px; margin-top:20px; border: 1px solid #e5e5e5;" class="magnifyarea">
<form method="POST" name="formcomment" action="travel_comment.php?salb_id=<?=$salb_id;?>" onsubmit="return checkSubmit();">
<table width="600" bgcolor="#FFFFFF" class="box-center">
<tr>
<td height="25" colspan="2" align="center"><font size="3"><b>ร่วมแสดงความคิดเห็น</b></font></td>
</tr>
<tr>
<td width="25%" valign="top" align="right">ความคิดเห็น : </td>
<td width="75%" class="red"><textarea name="s_com_text" id="s_com_text" cols="40" rows="5"></textarea> <font color="red">**</font></td>
</tr>
<tr>
<td align="right">โดย : </td>
<td><input name="s_com_name" id="s_com_name" type="text" size="40" maxlength="100"/> <font color="red">**</font></td>
</tr>
<tr>
<td align="right">E-mail : </td>
<td><input name="s_com_email" id="s_com_email" type="text" size="40" maxlength="100"/></td>
</tr>
<tr>
<td valign="middle" align="right">รหัสยืนยัน : </td>
<td><input name="captcha" id="captcha" type="text" size="10" maxlength="6" /></td>
</tr>
<tr>
<td valign="middle" align="right"> </td>
<td>
<iframe src="captcha/php_captcha.php" id="iframe1" frameborder="0" height="50px" width="110px" style="border: 0px;" scrolling="no" marginheight="5px" marginwidth="0px"></iframe>
<img src="captcha/reload_icon.png" marginheight="0px" marginwidth="0px" onclick="Reload(); refreshCaptcha();" vspace="19"/>
<input id="cap_code" type="hidden" name="cap_code" value="<?=$_SESSION['captcha_val']?>" />
</td>
</tr>
<tr>
<td> </td>
<td>
<input name="submit" type="submit" value="ส่งความคิดเห็น" />
<input name="clear" type="reset" value="ล้างข้อความ" />
<input type="hidden" name="chk_edit" id="chk_edit" value="1">
<input type="hidden" name="s_com_item" id="s_com_item" value="<?=$s_com_item;?>">
</td>
</tr>
</table>
</form>
<form method="POST" name="delcommentform" action="travel_comment.php?salb_id=<?=$salb_id;?>">
<input type="hidden" name="chk_del" id="chk_del" value="1">
<input type="hidden" name="s_ald_id" id="s_ald_id">
</form>
</div>
</div>
</body>
</html>
<script language="javascript">
function checkSubmit(){
/*########### Captcha Validation Part [ START ] ###############*/
if(document.getElementById('cap_code').value != document.getElementById('captcha').value) {
alert("รหัสยืนยันไม่ถูกต้อง");
document.getElementById('captcha').focus();
return false;
}
if(document.getElementById('cap_code').value == document.getElementById('captcha').value) {
/* alert("Success: I have passed captcha validation......") */
}
/*########### Captcha Validation Part [ END ] ###############*/
if(document.getElementById('s_com_text').value == "") {
alert("กรุณาใส่ข้อมูล 'ความคิดเห็น'");
document.getElementById('s_com_text').focus();
return false;
}
if(document.getElementById('s_com_name').value == "") {
alert("กรุณาใส่ข้อมูล 'โดย'");
document.getElementById('s_com_name').focus();
return false;
}
if(document.getElementById('captcha').value == "") {
alert("กรุณาใส่รหัสยืนยัน");
document.getElementById('captcha').focus();
return false;
}
var emailf = /^[a-z][a-z_0-9\-\.]+@[a-z_0-9\.\-]+\.[a-z]{2,3}$/i
function validateEmail(str) {
return emailf.test(str)
}
if(document.getElementById('s_com_email').value != "")
{
if(validateEmail(document.getElementById('s_com_email').value)==false)
{
alert("Invalid your e-mail");
document.getElementById('s_com_email').value="";
document.getElementById('s_com_email').focus();
return false;
}
}
}
function PageComment(sid)
{
document.getElementById('s_ald_id').value=sid;
document.delcommentform.submit();
}
window.onload = refreshCaptcha;
</script>