Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/ drwxr-xr-x | |
| Viewing file: Select action/file-type: <?php
/** Define Validate Access */
define( '_VALID_ACCESS', 1 );
/** Configuration */
include( "configuration.php" );
require_once( $_Config_absolute_path . "/includes/framework.php" );
include_once( "./link/function.php" );
/** using 'reg' DB */
include("./includes/FunctionDB.php");
include("./includes/Function.php");
/** Create Database Object */
$dbObj = new DBConn;
ConnectDB();
/** Config Table for This Page */
$myTable = "StudentMaster";
$myTableFK = "studentId";
//### table --> 'StudentMaster'
$query = " SELECT * FROM $myTable WHERE studentId='$studentId' ";
$result = $dbObj->execQuery($query);
$rs = $dbObj->fetchArray($result);
//### table --> 'StudentBio'
$sql = " SELECT * FROM StudentBio WHERE studentId='$studentId' ";
$result = mysql_query($sql);
$rss = mysql_fetch_array($result);
$picturePath = str_replace( "../", "", $rss['picturePath'] );
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-874" />
<title><?=$_Config_sitename;?> - ข้อมูลนักศึกษา - ประวัตินักศึกษา</title>
<script type="text/javascript" src="./js/utilities.js"></script>
<link href="./css/default.css" rel="stylesheet" type="text/css" />
</head>
<body topmargin="0" rightmargin="0" bottommargin="0" leftmargin="0">
<?php
include( "./templates/incHeader.php" );
?>
<table width="1003" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="215" align="left" valign="top" style="padding:10px 0px 0px 5px"><?php include( "templates/incMainMenuLeft.php" );?></td>
<td width="788" height="300" align="center" valign="top" style="padding:10px 0px 5px 10px"><fieldset><table width="770" border="0" cellspacing="0" cellpadding="0">
<form id="myForm" name="myForm" method="post" action="">
<tr>
<td height="5"></td>
</tr>
<tr>
<td height="30" background="images/background/bg-head-topic-w780.gif"><span class="PADDING-LEFT-10"><strong><a href="index.php">หน้าหลัก</a></strong> <strong>» <a href="StudentList.php">ข้อมูลนักศึกษา</a> » <a href="StudentList.php">ข้อมูลประวัตินักศึกษา</a> » <span class="NOTE">รายละเอียดประวัตินักศึกษา</span></strong></span></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td align="center" valign="top"><table width="95%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="80%"><table width="100%" border="0" align="center" cellpadding="1" cellspacing="1" bgcolor="#E4E4E4">
<tr bordercolor="#E7FAFE">
<td height="20" align="right" bordercolor="#FFFFFF" bgcolor="#FFFFFF">รหัส</td>
<td bgcolor="#FFFFFF"> </td>
<td bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php echo $rs['studentCode']; ?></td>
</tr>
<tr bordercolor="#E7FAFE">
<td height="20" align="right" bordercolor="#FFFFFF" bgcolor="#FFFFFF">ชื่อ-นามสกุล (ไทย)</td>
<td width="10" bgcolor="#FFFFFF"> </td>
<td width="393" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php
$prefixId = $rs['prefixId'];
$sql1 = " SELECT * FROM Prefix WHERE prefixId='$prefixId' ";
$result1 = mysql_query($sql1);
$rs1 = mysql_fetch_array($result1);
echo $rs1['prefixName'];?><?=$rs['studentName'];?> <?=$rs['studentSurname'];?></td>
</tr>
<tr bordercolor="#E7FAFE">
<td height="20" align="right" bordercolor="#FFFFFF" bgcolor="#FFFFFF">ชื่อ-นามสกุล (อังกฤษ)</td>
<td width="10" bgcolor="#FFFFFF"> </td>
<td width="393" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?=$rs['studentNameEng'];?> <?=$rs['studentSurnameEng'];?></td>
</tr>
<tr bordercolor="#E7FAFE">
<td width="150" height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">หลักสูตร</td>
<td nowrap="nowrap" bgcolor="#FFFFFF"> </td>
<td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php
$sql = " SELECT * FROM Program WHERE programId='$rs[programId]' " ;
$result2 = $dbObj->execQuery($sql);
$rs2 = $dbObj->fetchArray($result2);
$dbObj->freeresult($result2);
if( $rs2['programName'] != "" ) echo $rs2['programName'];
else echo " ";
?> <strong>รุ่น</strong> <?php
$sql = " SELECT * FROM Generation WHERE programId='$rs[programId]' " ;
$result3 = $dbObj->execQuery($sql);
$rs3 = $dbObj->fetchArray($result3);
$dbObj->freeresult($result3);
if( $rs3['genNo'] != "" ) echo $rs3['genNo'];
else echo " ";
?></td>
</tr>
<tr bordercolor="#FFFFFF">
<td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">วันเกิด</td>
<td width="10" nowrap="nowrap" bgcolor="#FFFFFF"> </td>
<td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php echo $rs['DateBirth']; ?> <?php
$sday = $rss['birthDate'];
$yearthai = explode("-",$sday);
$day = intval($yearthai[2]);
$month = intval($yearthai[1]);
$year = intval($yearthai[0]);
$m = getThaiSubMonth($month);
echo "$day"." "."$m"." "."$year";
?></td>
</tr>
<tr bordercolor="#FFFFFF">
<td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">อายุ</td>
<td width="10" nowrap="nowrap" bgcolor="#FFFFFF"> </td>
<td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php //// Show Age
$sql4 = " SELECT * FROM StudentBio WHERE studentId='$rs[studentId]' ";
$result4 = mysql_query($sql4);
$rs4 = mysql_fetch_array($result4);
$age = $rs4['birthDate'];
$year = explode("-",$age);
$year = intval($year[0]);
$year = $year - 543;
$currentyear = date("Y");
$currentyear = intval($currentyear);
$age = $currentyear - $year;
echo "$age";
?></td>
</tr>
<tr bordercolor="#E7FAFE">
<td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">วันที่เข้ารับการศึกษา</td>
<td nowrap="nowrap" bgcolor="#FFFFFF"> </td>
<td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php
$sday = $rs['admitDate'];
$yearthai = explode("-",$sday);
$day = intval($yearthai[2]);
$month = intval($yearthai[1]);
$year = intval($yearthai[0]);
$m = getThaiSubMonth($month);
echo "$day"." "."$m"." "."$year";
?></td>
</tr>
<tr bordercolor="#E7FAFE">
<td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">สถานะการลงทะเบียน</td>
<td nowrap="nowrap" bgcolor="#FFFFFF"> </td>
<td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><a href="checkEnrollItem.php?studentCode=<?=$rs['studentCode'];?>">ตรวจสอบรายวิชาลงทะเบียนเรียน</a></td>
</tr>
<tr bordercolor="#E7FAFE">
<td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF"> </td>
<td nowrap="nowrap" bgcolor="#FFFFFF"> </td>
<td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><a href="javascript:;" onclick="NewWindow('showDetailEnrollFee.php?studentId=<?=$rs["studentId"];?>&acadYear=<?=$rs["acadYear"];?>&studentYear=<?=$rs["studentYear"];?>&semester=<?=$rs["semester"];?>','showDetailEnrollFee','700','500','Yes');">ตรวจสอบค่าลงทะเบียน</a></td>
</tr>
<tr bordercolor="#E7FAFE">
<td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">อาจารย์ที่ปรึกษา</td>
<td width="10" nowrap="nowrap" bgcolor="#FFFFFF"> </td>
<td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php
$sql = " SELECT * FROM Officer WHERE officerId='$rs[officerId1]' " ;
$result5 = $dbObj->execQuery($sql);
$rs5 = $dbObj->fetchArray($result5);
$dbObj->freeresult($result5);
if( $rs5['officerName'] != "" ) echo "อ.".$rs5['officerName']." ".$rs5['officerSurname'];
else echo " ";
?></td>
</tr>
<tr bordercolor="#E7FAFE">
<td height="20" align="right" valign="top" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">สภาพนักศึกษา</td>
<td nowrap="nowrap" bgcolor="#FFFFFF"> </td>
<td valign="top" nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php
$studentStatus = $rs[studentStatus] ;
$sql6 = " SELECT * FROM SysStudentStatusDes ";
$result6 = mysql_query($sql6);
$rs6 = mysql_fetch_array($result6);
echo "$rs6[description]";
?></td>
</tr>
<?php if( $rs['Degree_His2'] != "" ) { ?>
<?php
} #if
if( $rs['Degree_His3'] != "" ) {
?>
<?php } #if ?>
<tr bordercolor="#E7FAFE">
<td height="20" align="right" valign="top" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF" class="PADDING-TOP-5"> </td>
<td nowrap="nowrap" bgcolor="#FFFFFF"> </td>
<td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10 PADDING-TOP-5"> </td>
</tr>
<tr bordercolor="#E7FAFE">
<td height="20" align="right" valign="top" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF" class="PADDING-TOP-5">ภาระงาน</td>
<td nowrap="nowrap" bgcolor="#FFFFFF"> </td>
<td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10 PADDING-TOP-5"><table width="100%" border="0" cellspacing="1" cellpadding="1">
<tr>
<td width="65%" align="left">• <a href="ShowStudentDetail.php?studentId=<?php echo $rs['studentId']; ?>">ข้อมูลนักศึกษา</a></td>
<td width="35%" align="center"> </td>
</tr>
<tr>
<td align="left">• ข้อมูลผู้ปกครอง</td>
<td align="center"> </td>
</tr>
<tr>
<td align="left">• ข้อมูลทุนการศึกษา</td>
<td align="center"> </td>
</tr>
<tr>
<td align="left">• <a href="../mis/eregis/login.php">ข้อมูลผลการเรียน</a></td>
<td align="center"> </td>
</tr>
<tr>
<td align="left">• ข้อมูลสุขภาพ</td>
<td align="center"> </td>
</tr>
<tr>
<td align="left">• ข้อมูลการลา</td>
<td align="center"> </td>
</tr>
<tr>
<td align="left">• ข้อมูลพฤติกรรม และวินัยนักศึกษา</td>
<td align="center"> </td>
</tr>
</table></td>
</tr>
</table>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td> </td>
</tr>
<tr>
<td align="center"><input type="button" name="button" id="button" value="« ย้อนกลับ" class="CURSOR-HAND" onclick="window.history.back();" /></td>
</tr>
</table></td>
<td width="20%" valign="top" align="center"><table width="150" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><img src="<?php echo $picturePath; ?>" width="150" height="170" /></td>
</tr>
</table></td>
</tr>
</table></td>
</tr>
<tr>
<td> </td>
</tr></form>
</table>
</fieldset></td>
</tr>
</table>
<?php include( "./templates/incFooter.php" ); ?>
</body>
</html>
<?php
/** Free Resource */
$dbObj->freeresult($result);
/** Close the Database */
$dbObj->disconn();
/** Unset Class */
unset($dbObj);
?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0058 ]-- |