| Server IP : 103.6.199.200 / Your IP : 18.116.90.57 Web Server : Microsoft-IIS/10.0 System : Windows NT EMPUSA 10.0 build 20348 (Windows Server 2016) i586 User : EMPUSA$ ( 0) PHP Version : 7.4.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : C:/Domains/smsmalor/smsmalorsetar.com/wwwroot/ |
Upload File : |
<?php require_once('Connections/mentorpbs.php'); ?>
<?php
if (!isset($_SESSION)) {
session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && true) {
$isValid = true;
}
}
return $isValid;
}
$MM_restrictGoTo = "gagal.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
?>
<?php
if (!isset($_SESSION)) {
session_start();
}
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form3")) {
$insertSQL = sprintf("INSERT INTO hadir_kursus (idkursus, nokpguru, nama_kursus, pengelola_id, pengelola_lain, tarikh_dari, tarikh_hingga, masa_dari, masa_hingga, tempat_kursus) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($_POST['idkursus'], "int"),
GetSQLValueString($_POST['textbox_kpguru'], "text"),
GetSQLValueString($_POST['nama_kursus'], "text"),
GetSQLValueString($_POST['list_pengelola'], "int"),
GetSQLValueString($_POST['pengelola_lain'], "text"),
GetSQLValueString($_POST['tarikh_dari'], "text"),
GetSQLValueString($_POST['tarikh_hingga'], "text"),
GetSQLValueString($_POST['masa_dari'], "text"),
GetSQLValueString($_POST['masa_hingga'], "text"),
GetSQLValueString($_POST['tempat_kursus'], "text"));
mysql_select_db($database_mentorpbs, $mentorpbs);
$Result1 = mysql_query($insertSQL, $mentorpbs) or die(mysql_error());
$insertGoTo = "hadir_kursus.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$colname_Recordset_senarai_kursus = "-1";
if (isset($_POST['textbox_mykp'])) {
$colname_Recordset_senarai_kursus = $_POST['textbox_mykp'];
}
mysql_select_db($database_mentorpbs, $mentorpbs);
$query_Recordset_senarai_kursus = sprintf("SELECT * FROM hadir_kursus WHERE nokpguru = %s", GetSQLValueString($colname_Recordset_senarai_kursus, "text"));
$Recordset_senarai_kursus = mysql_query($query_Recordset_senarai_kursus, $mentorpbs) or die(mysql_error());
$row_Recordset_senarai_kursus = mysql_fetch_assoc($Recordset_senarai_kursus);
$totalRows_Recordset_senarai_kursus = mysql_num_rows($Recordset_senarai_kursus);
mysql_select_db($database_mentorpbs, $mentorpbs);
$query_Recordset_pengelola = "SELECT * FROM pengelola";
$Recordset_pengelola = mysql_query($query_Recordset_pengelola, $mentorpbs) or die(mysql_error());
$row_Recordset_pengelola = mysql_fetch_assoc($Recordset_pengelola);
$totalRows_Recordset_pengelola = mysql_num_rows($Recordset_pengelola);
$colname_Recordset_loadkp = "-1";
if (isset($_SESSION['MM_Password'])) {
$colname_Recordset_loadkp = $_SESSION['MM_Password'];
}
mysql_select_db($database_mentorpbs, $mentorpbs);
$query_Recordset_loadkp = sprintf("SELECT * FROM login_bidang WHERE password = %s", GetSQLValueString($colname_Recordset_loadkp, "text"));
$Recordset_loadkp = mysql_query($query_Recordset_loadkp, $mentorpbs) or die(mysql_error());
$row_Recordset_loadkp = mysql_fetch_assoc($Recordset_loadkp);
$totalRows_Recordset_loadkp = mysql_num_rows($Recordset_loadkp);
if (!isset($_SESSION)) {
session_start();
}
?>
<?php require_once('Connections/mentorpbs.php'); ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>jQuery UI Datepicker - Default functionality</title>
<link rel="stylesheet" href="//code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
<link rel="stylesheet" href="/resources/demos/style.css">
<script src="https://code.jquery.com/jquery-1.12.4.js"></script>
<script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script>
<script>
$( function() {
$( "#tarikh_dari" ).datepicker();
$( "#tarikh_hingga" ).datepicker();
} );
</script>
<style type="text/css">
<!--
.style1 {
font-size: 24px;
color: #0000FF;
}
-->
</style>
</head>
<?php
if (isset($_POST['btn_uploadpic']))
{
$id=$_POST['hf_nama'];
move_uploaded_file($_FILES["file"]["tmp_name"],"images/login_photo/".$id.".jpg");
}
?>
<body>
<div align="center" class="style1">KEMASKINI MAKLUMAT KURSUS / BENGKEL / MESYUARAT DLL</div>
<div align="center"></div>
<p align="center"><?php echo $_SESSION['MM_Username']; ?></p>
<p align="center"><?php echo $_SESSION['MM_Password']; ?></p>
<p align="center"> </p>
<p align="center"><img src="images/login_photo/<?php echo $_SESSION['MM_Username']; ?>.jpg" alt="" width="150" height="183" /><br />
</p>
<table width="371" border="0" align="center">
<tr>
<td><div align="center"><form action="" method="post" enctype="multipart/form-data" name="form2" id="form2">
<label>
<input type="file" name="file" id="file" />
<input type="submit" name="btn_uploadpic" id="btn_uploadpic" value="Upload Gambar" />
</label>
<input name="hf_nama" type="hidden" id="hf_nama" value="<?php echo $_SESSION['MM_Username']; ?>" />
</form>
</div></td>
</tr>
</table>
<p align="center"> </p>
<form id="form1" name="form1" method="post" action="">
<div align="center">No Kad pengenalan:
<label>
<input name="textbox_mykp" type="text" id="textbox_mykp" value="<?php echo $row_Recordset_loadkp['nokpguru']; ?>" size="12" maxlength="12" readonly="readonly" />
</label>
<label>
<input type="submit" name="button_carimykp" id="button_carimykp" value="CARI" />
</label>
</div>
</form>
<p align="center">
<label></label>
</p>
<table width="1284" border="1" align="center">
<tr>
<td width="128"><div align="center">BIL</div></td>
<td width="348">NAMA KURSUS</td>
<td width="150"><div align="center">TARIKH DARI</div></td>
<td width="150"><div align="center">TARIKH HINGGA</div></td>
<td width="265"><div align="center">TEMPAT</div></td>
<td width="50"><div align="center">EDIT</div></td>
<td width="50"><div align="center">DELETE</div></td>
</tr>
<?php do { ?>
<tr>
<td><div align="center"><a href="detail_kursus.php?recordID=<?php echo $row_Recordset_senarai_kursus['idkursus']; ?>"> <?php echo $row_Recordset_senarai_kursus['idkursus']; ?> </a> </div></td>
<td><?php echo $row_Recordset_senarai_kursus['nama_kursus']; ?> </td>
<td><div align="center"><?php echo $row_Recordset_senarai_kursus['tarikh_dari']; ?> </div></td>
<td><div align="center"><?php echo $row_Recordset_senarai_kursus['tarikh_hingga']; ?> </div></td>
<td><div align="center"><?php echo $row_Recordset_senarai_kursus['tempat_kursus']; ?> </div></td>
<td><div align="center"><a href="edit_kursus.php?recordID=<?php echo $row_Recordset_senarai_kursus['idkursus']; ?>">edit</a></div></td>
<td><div align="center"><a href="delete_kursus.php?recordID=<?php echo $row_Recordset_senarai_kursus['idkursus']; ?> " >delete</a></div></td>
</tr>
<?php } while ($row_Recordset_senarai_kursus = mysql_fetch_assoc($Recordset_senarai_kursus)); ?>
</table>
<p align="center"><?php echo $totalRows_Recordset_senarai_kursus ?> Records Total </p>
</p>
<p align="center"><a href="logout_kursus.php">LOGOUT</a></p>
<p> </p>
<p align="center" class="style1">TAMBAH MAKLUMAT KURSUS / BENGKEL / MESYUARAT DLL</p>
<p> </p>
<form action="<?php echo $editFormAction; ?>" method="post" name="form3" id="form3">
<table width="814" align="center">
<tr valign="baseline">
<td nowrap="nowrap" align="right">No Kad Pengenalan:</td>
<td><label>
<input name="textbox_kpguru" type="text" id="textbox_kpguru" value="<?php echo $row_Recordset_loadkp['nokpguru']; ?>" readonly="readonly"/>
</label></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Nama Kursus::</td>
<td><textarea name="nama_kursus" cols="100"></textarea></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Pengelola::</td>
<td><label>
<select name="list_pengelola" id="list_pengelola">
<?php
do {
?>
<option value="<?php echo $row_Recordset_pengelola['id_pengelola']?>"><?php echo $row_Recordset_pengelola['nama_pengelola']?></option>
<?php
} while ($row_Recordset_pengelola = mysql_fetch_assoc($Recordset_pengelola));
$rows = mysql_num_rows($Recordset_pengelola);
if($rows > 0) {
mysql_data_seek($Recordset_pengelola, 0);
$row_Recordset_pengelola = mysql_fetch_assoc($Recordset_pengelola);
}
?>
</select>
</label></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Maklumat Pengelola::</td>
<td><textarea name="pengelola_lain" cols="100"></textarea></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Tarikh (Dari)::</td>
<td><input type="text" name="tarikh_dari" id="tarikh_dari" value="" size="32" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Tarikh (Hingga)::</td>
<td><input type="text" name="tarikh_hingga" id="tarikh_hingga" value="" size="32" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Masa (Dari):</td>
<td><input type="text" name="masa_dari" value="" size="32" />
Contoh 08:30 AM</td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Masa (Hingga):</td>
<td><input type="text" name="masa_hingga" value="" size="32" />
Contoh 04:30 PM</td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Tempat::</td>
<td><textarea name="tempat_kursus" cols="100"></textarea></td>
</tr>
<tr valign="baseline">
<td colspan="2" align="right" nowrap="nowrap"><div align="center">
<input type="submit" value="Tambah" />
</div></td>
</tr>
</table>
<input type="hidden" name="idkursus" value="" />
<input type="hidden" name="MM_insert" value="form3" />
</form>
<p> </p>
<p> </p>
</body>
</html>
<?php
mysql_free_result($Recordset_senarai_kursus);
mysql_free_result($Recordset_pengelola);
mysql_free_result($Recordset_loadkp);
?>