|
Server : Apache/2 System : Linux vps.phamthanh.local 3.10.0-1160.102.1.el7.x86_64 #1 SMP Tue Oct 17 15:42:21 UTC 2023 x86_64 User : benhviencoc7 ( 1008) PHP Version : 5.6.40 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname Directory : /home/benhviencoc7/public_html/data/javascripts/editor/popups/ |
Upload File : |
<?php
define('CILY',true);
include('../../../../#includes/config.php');
@include('../languages/vi.php');
if(check_log() == true & check_level() >= 2) {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" type="text/css" href="style.css" />
<link href="sort2.css" rel="stylesheet" type="text/css" />
<link rel="stylesheet" type="text/css" href="../styles/layout.css" />
<script type="text/javascript" src="../../jquery-1.4.2.min.js" ></script>
<script type="text/javascript" src="../../avim.js" ></script>
<script language="JavaScript" type="text/javascript">
/* ---------------------------------------------------------------------- *\
Function : insertImage()
Description : Inserts image into the WYSIWYG.
\* ---------------------------------------------------------------------- */
function insertFile() {
var id = 'file'+Math.floor(Math.random()*11)+Math.floor(Math.random()*11)+Math.floor(Math.random()*11);
<?php if($_GET['type']=='up') { ?>
$.ajax({
type: 'POST', url: '../update.php', data: 'url=' + $('#url').val() + '&title=' + $('#title').val() + '&cat=' + $('#cat').val() + '&desc=' + $('#description').val(),
complete: function(){
parent.$('#file').after('<div style="margin-bottom: 5px !important;" class="alert alert-success fade in"><button onclick="$(\'#'+id+'\').remove();$(\'#filecontent > input\').val($(\'#filecontent > input\').val().replace(\','+$('#title').val()+'|'+$('#url').val()+'\',\'\'));" class="close" type="button" data-dismiss="alert" aria-hidden="true">×</button><p id="'+id+'"><i class="fa fa-check-circle fa-fw fa-lg"></i><strong>'+$('#title').val()+'</strong> </p></div>');
parent.$('#filecontent > input').val(parent.$('#filecontent > input').val() + ',' + $('#title').val()+'|'+$('#url').val());
parent.$.akModalRemove();
}
});
<?php } else { ?>
parent.$('#file').after('<div style="margin-bottom: 5px !important;" class="alert alert-success fade in"><button onclick="$(\'#'+id+'\').remove();$(\'#filecontent > input\').val($(\'#filecontent > input\').val().replace(\','+$('#title').val()+'|'+$('#url').val()+'\',\'\'));" class="close" type="button" data-dismiss="alert" aria-hidden="true">×</button><p id="'+id+'"><i class="fa fa-check-circle fa-fw fa-lg"></i><strong>'+$('#title').val()+'</strong> </p></div>');
parent.$('#filecontent > input').val(parent.$('#filecontent > input').val() + ',' + $('#title').val()+'|'+$('#url').val());
parent.$.akModalRemove();
<?php } ?>
}
</script>
<script language="javascript">
function viewproduct(M31cats){
window.location='insert_file.php?type=lib&mode=insfile&cat='+M31cats;
}
</script>
</head>
<body>
<div id="content-wrapper">
<div class="col-md-12">
<div class="row">
<div class="col-lg-12">
<ul class="nav nav-tabs">
<li></li>
<li<?php if($_GET['type']=='up') echo ' class="curent"'; ?>><a href="insert_file.php?type=up&mode=insfile" target="_self"><?php echo $language['editer_insert_up']; ?></a></li>
<li<?php if($_GET['type']=='url') echo ' class="curent"'; ?>><a href="insert_file.php?type=url&mode=insfile" target="_self"><?php echo $language['editer_insert_url']; ?></a></li>
<li<?php if($_GET['type']=='lib') echo ' class="curent"'; ?>><a href="insert_file.php?type=lib&mode=insfile" target="_self"><?php echo $language['editer_insert_lib']; ?></a></li>
<br clear="all"/>
</ul>
<div class="row">
<div class="col-md-12">
<div class="main-box" style="height: 263px;">
<?php if($_GET['type']=='up'){ ?>
<script type="text/javascript" src="../ajaxupload.js" ></script>
<script type="text/javascript">
$(document).ready(function(){
var button = $('#upload'), interval;
new AjaxUpload(button, {
action: '../upload.php?type=other',
onSubmit : function(url, ext){
if (ext && /^(ZIP|RAR|DOC|DOCX|PDF|XLS|XLSX|PPT|MDB|TXT|RTF|zip|rar|doc|pdf|xls|xlsx|docx|ppt|mdb|txt|rtf)$/.test(ext)){
button.text('<?php echo $language['editer_uploading']; ?>');
this.disable();
interval = window.setInterval(function(){
var text = button.text();
if (text.length < '<?php echo $language['editer_uploading']; ?>'.length+5){
button.text(text + '.');
} else {
button.text('<?php echo $language['editer_uploading']; ?>');
}
}, 200);
} else {
alert('<?php echo $language['editer_not_type']; ?>');
return false;
}
},
onComplete: function(url, response){
button.text('<?php echo $language['editer_finish']; ?>');
window.clearInterval(interval);
$('.info').show();
$('.file').html('<img src="<?php echo get_option('url'); ?>/data/javascripts/editor/icons/default.png">');
$('#url').val('<?php echo get_option('url'); ?>/data/uploads/other/'+response);
}
});
});
</script>
<h2><?php echo $language['editer_file_up_t']; ?></h2>
<table>
<tr>
<td valign="top">
<button id="upload" class="btn btn-danger ladda-button" onchange="GetFileSize()"><span class="ladda-label"><?php echo $language['editer_upload']; ?></span></button>
</td>
<td style="padding-left: 10px;">
<p><?php echo $language['editer_size']; ?>: 40Mb</p>
<p><?php echo $language['editer_type']; ?>: zip, rar, txt, rtf, doc, pdf, xls, ppt, mdb, xlsx, docx</p>
<p style="color: red;">(*) <?php echo $language['editer_warning']; ?></p>
</td>
</tr>
</table>
<hr style="margin: 10px 0;border: 1px solid #ccc">
<ol>
<li class="url"><input id="url" type="hidden" /></li>
<li class="file"></li>
<li class="info">
<table>
<tr>
<td>
<div style="max-width: 210px; overflow: hidden;">
<select name="cat" id="cat" class="form-control">
<?php echo getSubcat(); ?>
</select>
</div>
</td>
</tr>
<tr>
<td><input class="form-control" type="text" id="title" style="width: 100%;" value="No name" placeholder="<?php echo $language['editer_name']; ?>" /></td>
</tr>
<tr>
<td><textarea class="form-control" id="description" style="width: 100%; height: 60px;" placeholder="<?php echo $language['editer_description']; ?>"></textarea></td>
</tr>
</table>
</li>
</ol>
<?php } elseif($_GET['type']=='url'){ ?>
<h2><?php echo $language['editer_file_url_t']; ?></h2>
<ul class="url">
<li>
<table width="100%">
<tr>
<td><input class="form-control" type="text" id="url" placeholder="<?php echo $language['editer_file_url']; ?>" /></td>
</tr>
<tr>
<td><input class="form-control" type="text" id="title" placeholder="<?php echo $language['editer_name']; ?>" /></td>
</tr>
<tr>
<td><textarea class="form-control" id="description" placeholder="<?php echo $language['editer_description']; ?>"></textarea></td>
</tr>
</table>
</li>
</ul>
<?php } elseif($_GET['type']=='lib'){ ?>
<script language="javascript">
$(document).ready(function(){
$('.ok').click(function(){
$('#filedemo').hide();
$('#filedemo1').hide();
$('.filedemo2').hide();
$('.info').show();
$('#url').val($(this).attr('value'));
$('#title').val($(this).attr('name'));
$('#description').text($(this).attr('desc'));
});
});
</script>
<select name="FilterByCat" id="M31cats" onchange="return(viewproduct(this.value,'','3','3'));" class="form-control">
<?php echo getSubcat(); ?>
</select>
<div id="filedemo" class="scroll_box">
<table class="table table-striped table-hover" style="">
<?php
if($_GET['cat']) {
$modpage = '&cat='.$_GET['cat'];
$pd_where = 'AND data_cat = '.$_GET['cat'];
}
$current_page = ($_GET['page'])?$_GET['page']:1;
$start = 20*($current_page-1);
$datas = @mysql_query("SELECT * FROM cily_datas WHERE data_type = 3 ".$pd_where." ORDER BY id DESC LIMIT ".$start.",20");
$total = @mysql_num_rows(@mysql_query("SELECT * FROM cily_datas WHERE data_type = 3 ".$pd_where.""));
while ($data = mysql_fetch_array ($datas))
{
$thumb = '../icons/'.type($data['data_url']).'.png';
?>
<tr>
<td><img width="40px" src="<?php echo $thumb; ?>" /></td>
<td style="max-width: 280px; width: 280px;">
<p><?php echo $data['data_name']; ?></p>
<p><?php echo formatTime($data['data_time'],1); ?></p>
</td>
<td><button class="ok" value="<?php echo $data['data_url']; ?>" name="<?php echo $data['data_name']; ?>" desc="<?php echo $data['data_info']; ?>" type="<?php echo $type; ?>"><?php echo $language['editer_ok']; ?></button></td>
</tr>
<?php
}
?>
</table>
<br clear="all" />
</div>
<ol class="url">
<li class="info"><img width="150" src="<?php echo get_option('url'); ?>/data/javascripts/editor/icons/default.png"></li>
<li class="info">
<input id="url" type="hidden" />
<table>
<tr>
<td><input class="form-control" type="text" id="title" style="width: 100%;" placeholder="<?php echo $language['editer_name']; ?>"/></td>
</tr>
<tr>
<td><textarea class="form-control" id="description" style="width: 100%;" placeholder="<?php echo $language['editer_description']; ?>"></textarea></td>
</tr>
</table>
</li>
</ol>
<div id="filedemo1">
<?php
echo pagingindex(20,$current_page, $total, 'insert_file.php?type=lib&mode=insfile',$modpage.'&page=' ,false)
?>
</div>
<?php } ?>
</div>
</div>
</div>
</div>
</div>
</div>
<div align="right" style="padding-top: 5px;"><input type="submit" value="<?php echo $language['editer_insert']; ?>" onClick="insertFile();" style="font-size: 12px;" /> <input type="submit" value="<?php echo $language['editer_cancel']; ?>" onClick="parent.$.akModalRemove();" style="font-size: 12px;" /></div>
</div>
</body>
</html>
<?php }
else echo "Hacking attempt";
?>