PAL.C.T MINI SHELL
<?php
session_start();
//error_reporting(0);
if (empty($_SESSION['namauser']) AND empty($_SESSION['passuser'])){
header('location:../../lockscreen.php');
}
else{
include "../../konfig/koneksi.php";
include "../../konfig/fungsi_thumb.php";
include "../../konfig/library.php";
$module=$_GET['module'];
$act=$_GET['act'];
// Input user
if ($module=='kanvas' AND $act=='input'){
$tanggal = date('Y-m-d');
$q = mysql_query("SELECT * FROM fbc_produk ORDER BY nama ASC");
while($rp = mysql_fetch_array($q)){
$id = $rp['id_db'];
$harga = $rp['harga'];
if(isset($_POST['qty'.$id]) && $_POST['qty'.$id] != 0){
$qty = $_POST['qty'.$id];
mysql_query("INSERT INTO fbc_kanvas_staff (tanggal, no_bon, id_staff, id_produk, qty_bawa, harga_produk, qty_sisa, qty_jual, status) VALUES ('$tanggal', '$_POST[no_bon]', '$_POST[id_staff]', '$id', '$qty', '$harga', '$qty', '0', 'terima')");
}
}
header('location:kanvas');
}
elseif ($module=='kanvas' AND $act=='update'){
$acak = rand(1,99);
$lokasi_file = $_FILES['fupload']['tmp_name'];
$tipe_file = $_FILES['fupload']['type'];
$nama_file = $_FILES['fupload']['name'];
$nama_file_unik = $acak.$nama_file;
if ($_FILES["fupload"]["error"] > 0 OR empty($lokasi_file)){
$nama_file_unik = "$_POST[foto]";
}
else{
Uploadkanvas($nama_file_unik);
unlink("../../images/img_kanvas/$_POST[foto]");
}
mysql_query("UPDATE fbc_kanvas SET nama='$_POST[nama]', url='$_POST[url]', no_urut='$_POST[no_urut]', foto='$nama_file_unik' WHERE id_db='$_POST[id_kanvas]'");
header('location:kanvas');
}
elseif($module=='kanvas' AND $act='delete'){
$d=mysql_fetch_array(mysql_query("SELECT * FROM fbc_kanvas WHERE id_db='$_GET[id]'"));
unlink("../../images/img_kanvas/$d[foto]");
mysql_query("DELETE FROM fbc_kanvas WHERE id_db='$_GET[id]'");
header('location:kanvas');
}
}
?>
y~or�5J�={Ee�u磝Qk���ᯘG{?+]ן?�wM3X�^歌>{7پK>on\jy�R�g/=fOr�oNVv~Y+�NGuÝHWyw[eQʨSb>�>}Gmx[o[<�{Ϯ_qF�vM����IENDB`