Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/ drwxr-xr-x |
Viewing file: AddStudentCom.php (12.72 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php //session_start(); /** Define Validate Access */ define( '_VALID_ACCESS', 1 ); /** Check Session User Login */ /* if( !session_is_registered("valid_user") && !session_is_registered("Priority") ) { echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-874\" />"; echo "<p style=padding-top:115px><p align=center><br /><font color=red><strong>กรุณาทำการ Login ก่อน</strong></font></p></p>"; echo "<meta http-equiv=\"refresh\" content=\"1; URL=../login.php\" />"; exit(); } else { /** Configuration */ include( "configuration.php" ); require_once( $_Config_absolute_path . "/includes/framework.php" ); include_once( "./link/function.php" ); /** using 'reg' DB */ include("./includes/FunctionDB2.php"); include("./includes/Function.php"); /** Create Database Object */ $dbObj = new DBConn; ConnectDB(); /** Config Table for This Page */ $myTable = "StudentMaster"; $myTableFK = "studentId"; $query = " SELECT * FROM $myTable WHERE studentCode='$studentCode' "; $result = $dbObj->execQuery($query); $rs = $dbObj->fetchArray($result); $sql = " SELECT * FROM StudentBio WHERE studentCode='$studentCode' "; $result = mysql_query($sql); $rss = mysql_fetch_array($result); $picturePath = str_replace( "../", "", $rss['picturePath'] ); mysql_select_db("manage_db"); $sql = " SELECT * FROM stu_notebook WHERE studentCode='$studentCode' "; $result = mysql_query($sql); $rs5 = mysql_fetch_array($result); mysql_select_db("reg"); //} # else ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-874" /> <title><?=$_Config_sitename;?> - ข้อมูลนักศึกษา - ประวัตินักศึกษา</title> <script type="text/javascript" src="./js/utilities.js"></script> <script type="text/javascript" src="./js/calendarDateInput3.js"></script> <link href="./css/default.css" rel="stylesheet" type="text/css" /> <script language="javascript"> function checkData() { var formObj = document.myForm; var validate = true; if(!formObj.notebookName.value ) { alert("กรุณากรอก รุ่นคอมพิวเตอร์"); formObj.notebookName.style.backgroundColor='#F1F9FC'; formObj.notebookName.focus(); validate = false; } if(validate == true) return true; else return false; } </script> </head> <body topmargin="0" rightmargin="0" bottommargin="0" leftmargin="0"> <?php include( "./templates/incHeader.php" ); ?> <table width="1003" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="215" align="left" valign="top" style="padding:10px 0px 0px 5px"><?php include( "templates/incMainMenuLeft.php" );?></td> <td width="788" height="300" align="center" valign="top" style="padding:10px 0px 5px 10px"><fieldset><table width="770" border="0" cellspacing="0" cellpadding="0"> <form id="myForm" name="myForm" method="post" action="InsertCom.php" onsubmit="return checkData();"> <tr> <td height="5"></td> </tr> <tr> <td height="30" background="images/background/bg-head-topic-w780.gif"><span class="PADDING-LEFT-10"><strong><a href="index.php">หน้าหลัก</a></strong> <strong>» <a href="StudentList.php">ข้อมูลนักศึกษา</a> » <span class="NOTE">แบบฟอร์การลงทะเบียนคอมพิวเตอร์โน๊ตบุคนักศึกษา</span></strong></span></td> </tr> <tr> <td> </td> </tr> <tr> <td align="center" valign="top"><table width="95%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td width="80%"><table width="100%" border="0" align="center" cellpadding="1" cellspacing="1" bgcolor="#E4E4E4"> <tr bordercolor="#E7FAFE"> <td height="20" align="right" bordercolor="#FFFFFF" bgcolor="#FFFFFF">รหัสนักศึกษา</td> <td bgcolor="#FFFFFF"> </td> <td bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php echo $rs['studentCode']; ?> <input name="studentCode" type="hidden" id="studentCode" value="<?php echo $rs['studentCode']; ?>" /></td> </tr> <tr bordercolor="#E7FAFE"> <td height="20" align="right" bordercolor="#FFFFFF" bgcolor="#FFFFFF">ชื่อ-นามสกุล (ไทย)</td> <td width="10" bgcolor="#FFFFFF"> </td> <td width="393" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php $prefixId = $rs['prefixId']; $sql1 = " SELECT * FROM Prefix WHERE prefixId='$prefixId' "; $result1 = mysql_query($sql1); $rs1 = mysql_fetch_array($result1); echo $rs1['prefixName'];?><?=$rs['studentName'];?> <?=$rs['studentSurname'];?> <input name="prefixName" type="hidden" id="prefixName" value="<?php echo $rs1['prefixName']; ?>" /> <input name="studentName" type="hidden" id="studentName" value="<?php echo $rs['studentName']; ?>" /> <input name="studentSurname" type="hidden" id="studentSurname" value="<?php echo $rs['studentSurname']; ?>" /></td> </tr> <tr bordercolor="#E7FAFE"> <td width="150" height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">หลักสูตร</td> <td nowrap="nowrap" bgcolor="#FFFFFF"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php $sql = " SELECT * FROM Program WHERE programId='$rs[programId]' " ; $result2 = $dbObj->execQuery($sql); $rs2 = $dbObj->fetchArray($result2); $dbObj->freeresult($result2); if( $rs2['programName'] != "" ) echo $rs2['programName']; else echo " "; ?> <strong>รุ่น</strong> <?php $sql = " SELECT * FROM Generation WHERE programId='$rs[programId]' " ; $result3 = $dbObj->execQuery($sql); $rs3 = $dbObj->fetchArray($result3); $dbObj->freeresult($result3); if( $rs3['genNo'] != "" ) echo $rs3['genNo']; else echo " "; ?></td> </tr> <tr bordercolor="#FFFFFF"> <td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">นำเข้ามาใช้งาน</td> <td nowrap="nowrap" bgcolor="#FFFFFF"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"> <script>DateInput('Date', true, 'DD/MM/YYYY','<?=($rs5['Date'])?ymdT2dmyE($rs5['Date']):date("d/m/Y");?>');</script> <!--วันที่</a>*</a> <select name="mDate" id="mDate" class="select" > <? getDay1to31();?> </select> เดือน <select name="mMonth" id="mMonth" class="select" > <? getThaiMonth();?> </select> ปี พ.ศ. </a> <select name="mYear" id="mYear"> <?php $curr_year = date("Y")+543; $prev_year = $curr_year-2; $next_year = $curr_year+3; for( $i=$prev_year; $i<=$next_year; $i++ ) { ?> <option value="<?=$i;?>" <?php if( $i==$curr_year ) echo 'selected'; elseif( $i==$Budget_Year ) echo 'selected'; ?>> <?=$i;?> </option> <?php } # for ?> </select> </a>--></td> </tr> <tr bordercolor="#FFFFFF"> <td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">ยี่ห้อ</td> <td nowrap="nowrap" bgcolor="#FFFFFF"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"></font> <select name="NotebookCode" id="NotebookCode"> <option value="Acer" <?php if($rs5['NotebookCode']=="Acer"){ echo "selected" ; } ?> >Acer </option> <option value="Asus" <?php if($rs5['NotebookCode']=="Asus"){ echo "selected" ; } ?> >Asus</option> <option value="Dell" <?php if($rs5['NotebookCode']=="Dell"){ echo "selected" ; } ?> >Dell </option> <option value="Axioo" <?php if($rs5['NotebookCode']=="Axioo"){ echo "selected" ; } ?> >Axioo </option> <option value="Benq" <?php if($rs5['NotebookCode']=="Benq"){ echo "selected" ; } ?> >Benq</option> <option value="Compag" <?php if($rs5['NotebookCode']=="Compag"){ echo "selected" ; } ?> >Compag </option> <option value="Fujitsu" <?php if($rs5['NotebookCode']=="Fujitsu"){ echo "selected" ; } ?> >Fujitsu </option> <option value="Gateway" <?php if($rs5['NotebookCode']=="Gateway"){ echo "selected" ; } ?> >Gateway </option> <option value="Gigabyte" <?php if($rs5['NotebookCode']=="Gigabyte"){ echo "selected" ; } ?> >Gigabyte </option> <option value="Hp" <?php if($rs5['NotebookCode']=="Hp"){ echo "selected" ; } ?> >Hp </option> <option value="Sony" <?php if($rs5['NotebookCode']=="Sony"){ echo "selected" ; } ?> >Sony </option> <option value="SVOA" <?php if($rs5['NotebookCode']=="SVOA"){ echo "selected" ; } ?> >SVOA </option> <option value="Lenovo" <?php if($rs5['NotebookCode']=="Lenovo"){ echo "selected" ; } ?> >Lenovo </option> <option value="MIS" <?php if($rs5['NotebookCode']=="MIS"){ echo "selected" ; } ?> >MIS </option> <option value="NEC" <?php if($rs5['NotebookCode']=="NEC"){ echo "selected" ; } ?> >NEC </option> <option value="Samsung" <?php if($rs5['NotebookCode']=="Samsung"){ echo "selected" ; } ?> >Samsung </option> <option value="Toshiba" <?php if($rs5['NotebookCode']=="Toshiba"){ echo "selected" ; } ?> >Toshiba </option> <option value="VZIO" <?php if($rs5['NotebookCode']=="VZIO"){ echo "selected" ; } ?> >VZIO </option> <option value="Kohjinsha" <?php if($rs5['NotebookCode']=="Kohjinsha"){ echo "selected" ; } ?> >Kohjinsha</option> </select> </a></td> </tr> <tr bordercolor="#FFFFFF"> <td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">รุ่น</td> <td nowrap="nowrap" bgcolor="#FFFFFF"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><label> <input name="notebookName" type="text" id="notebookName" size="20" value="<?=($rs5['notebookName'])?$rs5['notebookName']:""?>"/> </label></td> </tr> <tr bordercolor="#FFFFFF"> <td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">ค่า MAC Address</td> <td width="10" nowrap="nowrap" bgcolor="#FFFFFF"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><label> <input name="MaxAddress" type="text" id="MaxAddress" size="20" maxlength="25" value="<?=($rs5['MaxAddress'])?$rs5['MaxAddress']:""?>"/> </label></td> </tr> <?php if(isset($rs['Degree_His2']) && $rs['Degree_His2'] != "" ) { ?> <?php } #if if( isset($rs['Degree_His3']) && $rs['Degree_His3'] != "" ) { ?> <?php } #if ?> </table> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td> </td> </tr> <tr> <td align="center"><input type="submit" name="Submit" id="button" value="บันทึกคอมพิวเตอร์" style="cursor:pointer"/></td> </tr> </table></td> <td width="20%" valign="top" align="center"><table width="100" border="0" cellspacing="0" cellpadding="0"> <tr> <td><img src="<?php echo $picturePath; ?>" width="100" height="115" /></td> </tr> </table></td> </tr> </table></td> </tr> <tr> <td> </td> </tr></form> </table> </fieldset></td> </tr> </table> <?php include( "./templates/incFooter.php" ); ?> </body> </html> <?php /** Free Resource */ $dbObj->freeresult($result); /** Close the Database */ $dbObj->disconn(); /** Unset Class */ unset($dbObj); ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0057 ]-- |