403WebShell

403Webshell
Server IP : 43.241.58.20 / Your IP : 216.73.216.25
Web Server : Apache/2
System : Linux ns1-1556229.dragonhispeed.com 3.16.0 #1 SMP Fri Mar 29 22:50:14 MSK 2024 x86_64
User : ratsitne ( 1130)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF
Directory : /home/ratsitne/.trash/files/admin.1/
Upload File :
[ Back ]
Current File : /home/ratsitne/.trash/files/admin.1/customer-edit.php
<?php
include '../config.php';
include 'auth.php';
$page_title = 'แก้ไขลูกค้า';
ob_start();

// Check if ID is set
if (!isset($_GET['id']) || empty($_GET['id'])) {
    $_SESSION['error_message'] = 'ไม่พบรหัสลูกค้าที่ต้องการแก้ไข';
    header("Location: customer-list.php");
    exit;
}

$id = mysqli_real_escape_string($conn, $_GET['id']);

// Process form submission
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $company_name = mysqli_real_escape_string($conn, $_POST['company_name']);
    $address = mysqli_real_escape_string($conn, $_POST['address']);
    $address_details = mysqli_real_escape_string($conn, $_POST['address_details']);
    $tax_id = mysqli_real_escape_string($conn, $_POST['tax_id']);
    $branch = mysqli_real_escape_string($conn, $_POST['branch']);
    $office_phone = mysqli_real_escape_string($conn, $_POST['office_phone']);
    $mobile_phone = mysqli_real_escape_string($conn, $_POST['mobile_phone']);
    $fax = mysqli_real_escape_string($conn, $_POST['fax']);
    $email = mysqli_real_escape_string($conn, $_POST['email']);
    $contact_name = mysqli_real_escape_string($conn, $_POST['contact_name']);
    $website = mysqli_real_escape_string($conn, $_POST['website']);
    
    // Validation
    if (empty($company_name)) {
        $_SESSION['error_message'] = 'กรุณากรอกชื่อบริษัท';
    } else {
        $updated_at = date('Y-m-d H:i:s');
        
        $query = "UPDATE customers SET 
                  company_name = '$company_name', 
                  address = '$address', 
                  address_details = '$address_details', 
                  tax_id = '$tax_id', 
                  branch = '$branch', 
                  office_phone = '$office_phone', 
                  mobile_phone = '$mobile_phone', 
                  fax = '$fax', 
                  email = '$email', 
                  contact_name = '$contact_name', 
                  website = '$website', 
                  updated_at = '$updated_at' 
                  WHERE id = $id";
        
        if (mysqli_query($conn, $query)) {
            $_SESSION['success_message'] = 'ปรับปรุงข้อมูลลูกค้าเรียบร้อยแล้ว';
            header("Location: customer-list.php");
            exit;
        } else {
            $_SESSION['error_message'] = 'เกิดข้อผิดพลาด: ' . mysqli_error($conn);
        }
    }
}

// Get existing customer data
$query = "SELECT * FROM customers WHERE id = $id";
$result = mysqli_query($conn, $query);

if (mysqli_num_rows($result) == 0) {
    $_SESSION['error_message'] = 'ไม่พบข้อมูลลูกค้า';
    header("Location: customer-list.php");
    exit;
}

$customer = mysqli_fetch_assoc($result);
?>

<div class="card">
    <div class="card-header">
        <h3 class="card-title">แก้ไขลูกค้า</h3>
    </div>
    <div class="card-body">
        <?php if (isset($_SESSION['error_message'])): ?>
            <div class="alert alert-danger alert-dismissible fade show">
                <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
                <i class="bi bi-exclamation-triangle me-1"></i>
                <?php echo $_SESSION['error_message']; unset($_SESSION['error_message']); ?>
            </div>
        <?php endif; ?>

        <form method="post" action="">
            <div class="row mb-3">
                <div class="col-md-6">
                    <label for="company_name" class="form-label">ชื่อบริษัท <span class="text-danger">*</span></label>
                    <input type="text" class="form-control" id="company_name" name="company_name" required value="<?php echo htmlspecialchars($customer['company_name']); ?>">
                </div>
                <div class="col-md-6">
                    <label for="contact_name" class="form-label">ชื่อผู้ติดต่อ</label>
                    <input type="text" class="form-control" id="contact_name" name="contact_name" value="<?php echo htmlspecialchars($customer['contact_name']); ?>">
                </div>
            </div>
            
            <div class="row mb-3">
                <div class="col-md-12">
                    <label for="address" class="form-label">ที่อยู่ <span class="text-danger">*</span></label>
                    <textarea class="form-control" id="address" name="address" rows="3" required><?php echo htmlspecialchars($customer['address']); ?></textarea>
                </div>
            </div>
            
            <div class="row mb-3">
                <div class="col-md-12">
                    <label for="address_details" class="form-label">รายละเอียดที่อยู่เพิ่มเติม</label>
                    <textarea class="form-control" id="address_details" name="address_details" rows="2"><?php echo htmlspecialchars($customer['address_details']); ?></textarea>
                </div>
            </div>
            
            <div class="row mb-3">
                <div class="col-md-6">
                    <label for="tax_id" class="form-label">เลขประจำตัวผู้เสียภาษี</label>
                    <input type="text" class="form-control" id="tax_id" name="tax_id" maxlength="13" value="<?php echo htmlspecialchars($customer['tax_id']); ?>">
                </div>
                <div class="col-md-6">
                    <label for="branch" class="form-label">สำนักงาน/สาขาเลขที่</label>
                    <input type="text" class="form-control" id="branch" name="branch" value="<?php echo htmlspecialchars($customer['branch']); ?>">
                </div>
            </div>
            
            <div class="row mb-3">
                <div class="col-md-4">
                    <label for="office_phone" class="form-label">เบอร์ออฟฟิศ</label>
                    <input type="text" class="form-control" id="office_phone" name="office_phone" value="<?php echo htmlspecialchars($customer['office_phone']); ?>">
                </div>
                <div class="col-md-4">
                    <label for="mobile_phone" class="form-label">เบอร์มือถือ</label>
                    <input type="text" class="form-control" id="mobile_phone" name="mobile_phone" value="<?php echo htmlspecialchars($customer['mobile_phone']); ?>">
                </div>
                <div class="col-md-4">
                    <label for="fax" class="form-label">โทรสาร</label>
                    <input type="text" class="form-control" id="fax" name="fax" value="<?php echo htmlspecialchars($customer['fax']); ?>">
                </div>
            </div>
            
            <div class="row mb-3">
                <div class="col-md-6">
                    <label for="email" class="form-label">อีเมล</label>
                    <input type="email" class="form-control" id="email" name="email" value="<?php echo htmlspecialchars($customer['email']); ?>">
                </div>
                <div class="col-md-6">
                    <label for="website" class="form-label">เว็บไซต์</label>
                    <input type="text" class="form-control" id="website" name="website" value="<?php echo htmlspecialchars($customer['website']); ?>">
                </div>
            </div>

            <div class="mt-4">
                <button type="submit" class="btn btn-primary">บันทึกการแก้ไข</button>
                <a href="customer-list.php" class="btn btn-secondary">ยกเลิก</a>
            </div>
        </form>
    </div>
</div>

<?php
$content = ob_get_clean();
$js_script = '';
include 'template_master.php';
?>
Youez - 2016 - github.com/yon3zu
LinuXploit