110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/ drwxr-xr-x Free 52.82 GB of 127.8 GB (41.33%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/ drwxr-xr-x
Free 52.82 GB of 127.8 GB (41.33%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: showClassStudy.php (13.95 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

<?php
require_once("mainfile.php");
$module_name = basename(dirname(__FILE__));
//get_lang($module_name);
include("header.php");
$index = 1;
OpenTable();
include_once "./link/function.php";
include_once "./class/clsSysSemesterDes.php";
include_once "./class/clsSysStudentYearDes.php";
include_once "./class/clsStudentMaster.php";
include_once "./class/clsStudentBio.php";
include_once "./class/clsProgram.php";
include_once "./class/clsPrefix.php";
include_once "./class/clsEnrollItem.php";
include_once "./class/clsLevel.php";
include_once "./class/clsPeriod.php";
include_once "./class/clsDay.php";
include_once "./class/clsClassTimeTable.php";
include_once "./class/clsCourse.php";
include_once "./class/clsClass.php";
include_once "./class/clsRoom.php";
include_once "./class/clsClassExam.php";
include_once "./class/clsAcadYearConfig.php";
include_once "global.php";
$conn = new Connection();
$oSs = new SysSemesterDes();
$oSy = new SysStudentYearDes();
$oPf = new Prefix();
$oSm = new StudentMaster();
$oSb = new StudentBio();
$oPg = new Program();
$oEt = new EnrollItem();
$oLv = new Level();
$oPr = new Period();
$oPr2 = new Period();
$oDy = new Day();
$oCtb = new ClassTimeTable();
$oCo = new Course();
$oCl = new Class1();
$oRm = new Room();
$oCe = new ClassExam();
$oCe2 = new ClassExam();
$oAy2 = new AcadYearConfig();
$oAy3 = new AcadYearConfig();

confirmSubmit();
openWindow();
?>
<script language="JavaScript1.2">
function checkFormat(){
	if(document.pc.programName.value==""){
		alert("ЎГШіТаЕЧНЎЛЕСЎКЩµГ !!");
		return false;
	}
	if(document.pc.studentYear.value==""){
		alert("ЎГШіТаЕЧНЎЄСй№»Х№СЎИЦЎЙТ !!");
		return false;
	}	
}
</script>
<meta http-equiv="Content-Type" content="text/html; charset=TIS-620">
<table width="740" border="0" align="center" cellpadding="0" cellspacing="0">
	<tr>
		<td><br><fieldset>
			<legend><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>">µТГТ§аГХВ№/КНє№СЎИЦЎЙТ</font></legend>
			<label><div align="center"><br><form name="pc" method="post" action="<?php echo $PHP_SELF;?>">
			<table width="720" border="0" cellspacing="1" cellpadding="1" bordercolor="<?php echo $GLOBALS["COLOR_BORDER_TABLE_1"];?>" align="center">
						<tr><td align="center"><font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="3"><b>µТГТ§аГХВ№/КНє№СЎИЦЎЙТ</b></font></td></tr>
						<tr><td>&nbsp;</td></tr>
						<tr><td colspan="2"><table align="center" width="720" cellpadding="1" cellspacing="1" border="0">
<?php
					$oSm->SearchByStCodeStNStSn($studentCode,$studentName,$studentSurname);
					$oSm->GetRecord();
					
					$oSb->SearchByKey($oSm->studentId);
					$oSb->GetRecord();
					
					$oPf->SearchByKey($oSm->prefixId);
					$oPf->GetRecord();
					
					if($studentCode=='' && $oSm->studentId=='' || $oSm->studentName=='' || $oSm->studentSurname==''){
						//echo "<meta http-equiv='refresh' content='0; URL=$PHP_SELF?methodSearch=no'>";					
?>
						<tr>
							<td align="center"><font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2">** ЎГШіТµГЗЁКНєўйНБЩЕ№СЎИЦЎЙТ <a href="beforeShowClassStudy.php?methodSearch=no">¤ЕФЎ·Хи№Хи</a> **</font></td>
						</tr>
<?php
					}else{
?>					
						<tr bgcolor="<?php echo $GLOBALS['COLOR_BG_TD_4'];?>">
							<td><table align="center" width="720" cellpadding="1" cellspacing="1" border="0">
							<tr>
								<td width="150"><font color="<?php echo $GLOBALS["COLOR_FONT_4"];?>" size="2"><b>ГЛСК№СЎИЦЎЙТ</b></font></td>
								<td><font color="<?php echo $GLOBALS["COLOR_FONT_4"];?>" size="2"><?php echo " : ".$oSm->studentCode;?></font></td>																																
<?php
	list($pa,$pb,$pc)=split('[/]',$oSb->picturePath);
?>								
								<td rowspan="5" align="center" valign="top"><?php if($oSb->picturePath==''){ echo "<img src=\"picture/photo.gif\" align=\"absmiddle\" border=\"1\" width=\"150\" height=\"115\">"; }else{ echo "<img src=\"$pb/$pc\" align=\"absmiddle\" border=\"1\" width=\"100\" height=\"115\">"; } ?></td>
							</tr>
							<tr>
								<td><font color="<?php echo $GLOBALS["COLOR_FONT_4"];?>" size="2"><b>ЄЧиН-№ТБКЎШЕ№СЎИЦЎЙТ</b></font></td>
								<td><font color="<?php echo $GLOBALS["COLOR_FONT_4"];?>" size="2"><?php echo " : ".$oPf->prefixName.$oSm->studentName." ".$oSm->studentSurname;?></font></td>																																
							</tr>
<?php
	$oPg->SearchByKey($oSm->programId);
	$oPg->GetRecord();
	
	$oLv->SearchByKey($oSm->levelId);
	$oLv->GetRecord();
?>							
							<tr>
								<td><font color="<?php echo $GLOBALS["COLOR_FONT_4"];?>" size="2"><b>ЛЕСЎКЩµГ</b></font></td>
								<td><font color="<?php echo $GLOBALS["COLOR_FONT_4"];?>" size="2"><?php echo " : ".$oPg->programName;?></font></td>																																
							</tr>
							<tr>
								<td><font color="<?php echo $GLOBALS["COLOR_FONT_4"];?>" size="2"><b>ГРґСєЎТГИЦЎЙТ</b></font></td>
								<td><font color="<?php echo $GLOBALS["COLOR_FONT_4"];?>" size="2"><?php echo " : ".$oLv->levelName;?></font></td>																																
							</tr>
							<tr>
								<td><font color="<?php echo $GLOBALS["COLOR_FONT_4"];?>" size="2"><b>ЄСй№»Х·Хи</b></font></td>
								<td><font color="<?php echo $GLOBALS["COLOR_FONT_4"];?>" size="2"><?php echo " : ".$oSm->studentYear;?></font></td>																																
							</tr>																												
							</table></td>
						</tr>
						<tr><td>&nbsp;</td></tr>
						<tr>
                    <td><font color="<?php echo $GLOBALS["COLOR_FONT_4"];?>" size="3"> 
                      »ХЎТГИЦЎЙТ
                      <select name="acadYear"   onChange = "location.href ='<?php echo $PHP_SELF;?>?acadYear='+encodeURI(options[selectedIndex].value)+'&studentCode=<?php echo $studentCode;?>&studentName=<?php echo $studentName;?>&studentSurname=<?php echo $studentSurname;?>'">
<?php
//+'&studentCode='+studentCode.value+'&studentName='+studentName.value+'&studentSurname='+studentSurname.value
				if($acadYear==''){
?>
                        <option value="<?php echo $GLOBALS["ACADYEAR"];?>" selected><?php echo $GLOBALS["ACADYEAR"];?></option>
                        <?php
				}else{
?>
                        <option value="<?php echo $acadYear;?>" selected><?php echo $acadYear;?></option>
                        <?php
				}
				
				$oAy2->RSAcadYearConfigGroupAcY();
				while($oAy2->GetRecord()){
?>
                        <option value="<?php echo $oAy2->acadYear;?>"><?php echo $oAy2->acadYear;?></option>
                        <?php				
				}
?>
                      </select>
                      АТ¤ЎТГИЦЎЙТ
<?php
				//echo " | ";
				$i=0;
				if($acadYear!='')
					$oAy3->RSAcadYearConfigByAcadYearGBSem($acadYear);					
				else				
					$oAy3->RSAcadYearConfigByAcadYearGBSem($GLOBALS["ACADYEAR"]);
				
				while($oAy3->GetRecord()){
					$oSs->SearchByKey($oAy3->semester);
					$oSs->GetRecord();
					
					if($acadYear==""){
						$acadYear=$GLOBALS["ACADYEAR"];
					}
					
					if($semester==""){
						$semester=$GLOBALS["SEMESTER"];
					}
									
					echo "<a href='$PHP_SELF?acadYear=$acadYear&semester=$oSs->semester&studentCode=$studentCode&studentName=$studentName&studentSurname=$studentSurname'>";
					if($oSs->semester==$semester){
						echo "<b>".$oSs->semester."</b>";
					}else{
						echo $oSs->semester;					
					}
					echo "</a>";
					echo "&nbsp;&nbsp;";
					$i++;
				}
?>					  					  
					  </font><br>
					  <font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="3"><b>µТГТ§аГХВ№</b></font></td>
                  </tr>												
						<tr>
							<td>
							<table align="center" width="720" cellpadding="1" cellspacing="1" border="0">
							<tr bgcolor="<?php echo $GLOBALS["COLOR_BG_TABLE_2"];?>">
								<td height="22" align="center"><font color="<?php echo $GLOBALS["COLOR_FONT_1"];?>" size="2"><b>ЗС№/аЗЕТ</b></font></td>
<?php
	$oPr->RSPeriod();
	$oPr->GetRecord();
	$numr=$oPr->NumRow();

	for($j=0;$j<$numr;$j++){
?>								
								<td height="22" align="center"><font color="<?php echo $GLOBALS["COLOR_FONT_1"];?>" size="-1"><b>
<?php
				$oPr->SearchByKey($j+1);
				$oPr->GetRecord();
				echo substr($oPr->startTime,0,5)."-".substr($oPr->endTime,0,5);
?>								
								</b></font></td>
<?php
	}
?>																
							</tr>
<?php
	$i=0;
	$j=0;
	$oDy->RSDay();
	while($oDy->GetRecord()){
?>
								<tr bgcolor="#E6E6E6">
									<td height="22" width="60"><font color="<?php if($i==0){ echo $GLOBALS["COLOR_FONT_4"]; }else{echo $GLOBALS["COLOR_FONT_4"];}?>" size="2"><b><?php echo $oDy->dayName;?></b></font></td>
<?php
		for($j=0;$j<$numr;$j++){
?>
									<td align="center" bgcolor="<?php echo $GLOBALS["COLOR_BG_TABLE_3"]; ?>" colspan="
<?php 
			$x=0;
			if($acadYear!="" || $semester!=""){
				$oEt->SearchCourseByStIdAcYSemTssDay($oSm->studentId,$acadYear,$semester,$j+1,$i+1);
			}else{
				$oEt->SearchCourseByStIdAcYSemTssDay($oSm->studentId,$GLOBALS["ACADYEAR"],$GLOBALS["SEMESTER"],$j+1,$i+1);
			}	
			if($oEt->GetRecord()){
				$x=$oEt->tTimeSlotEnd - $oEt->tTimeSlotStart;
				echo $x+1;
				$j+=$x;
			}
?>
									">
									<font color="<?php if($i==0){ echo $GLOBALS["COLOR_FONT_4"]; }else{echo $GLOBALS["COLOR_FONT_4"];}?>" size="2">									
<?php
						//echo "D -> ".$i.", P -> ".$j.", DIFF ".$x;
						if($oEt->tcourseCode!=""){ 
							echo $oEt->tcourseCode." (".$oEt->tsection.") ".$oEt->troomNo;
							$oEt->ClearData();
						}
?>
								</font></td>
<?php
			}
?>																																																
								</tr>	
<?php
		$i++;
	}
?>																					
							</table>							
							</td>
						</tr>
						<tr><td><font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2">** ўйНБЩЕ·Хи»ГТЎЇг№µТГТ§аГХВ№¤ЧН ГЛСКЗФЄТ ЎЕШиБаГХВ№бЕРЛйН§аГХВ№µТБЕУґСє</font><br><br></td></tr>
						<tr><td><font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="3"><b>µТГТ§КНє</b></font></td></tr>
						<tr><td><table cellpadding="1" cellspacing="1">
							<tr bgcolor="<?php echo $GLOBALS["COLOR_BG_TABLE_2"];?>">
								<td align="center" height="22"><font color="<?php echo $GLOBALS["COLOR_FONT_1"];?>" size="2"><b>ГЛСКЗФЄТ</b></font></td>
								<td align="center" height="22"><font color="<?php echo $GLOBALS["COLOR_FONT_1"];?>" size="2"><b>ЗФЄТ/ЎЕШиБ</b></font></td>								
								<td align="center" height="22"><font color="<?php echo $GLOBALS["COLOR_FONT_1"];?>" size="2"><b>КНєЎЕТ§АТ¤</b></font></td>
								<td align="center" height="22"><font color="<?php echo $GLOBALS["COLOR_FONT_1"];?>" size="2"><b>КНє»ЕТВАТ¤</b></font></td>																
							</tr>
<?php	
				$ce=0;					
				if($acadYear!="" || $semester!="")
					$oEt->RSEnrollItemByStIdAndAcYAndSe($oSm->studentId,$acadYear,$semester);
				else
					$oEt->RSEnrollItemByStIdAndAcYAndSe($oSm->studentId,$GLOBALS["ACADYEAR"],$GLOBALS["SEMESTER"]);				
					
				while($oEt->GetRecord()){			
					$oCe->RSClassExamByClsId($oEt->classId);
					while($oCe->GetRecord()){	
						$oCl->SearchByKey($oCe->classId);
						$oCl->GetRecord();
						
						$oCo->SearchByKey($oCl->courseId);
						$oCo->GetRecord();
						
						$oRm->SearchByKey($oCe->roomId);
						$oRm->GetRecord();
?>
						<tr bgcolor="#E6E6E6"> 
							<td height="22"><font color="<?php echo $GLOBALS["COLOR_FONT_4"];?>" size="2"><?php echo $oCo->courseCode;?></font></td>
							<td height="22"><font color="<?php echo $GLOBALS["COLOR_FONT_4"];?>" size="2"><?php echo $oCo->courseName." ЎЕШиБ ".$oCl->section;?></font></td>
							<td height="22" align="center"><font color="<?php echo $GLOBALS["COLOR_FONT_4"];?>" size="2">
<?php
							$oCe2->SearchByClsIdExC($oCe->classId,M);
							if($oCe2->GetRecord()){							
								$oPr->SearchByKey($oCe->examTimeFrom);
								$oPr->GetRecord();
								
								$oPr2->SearchByKey($oCe->examTimeTo);
								$oPr2->GetRecord();
																
								echo "(".$oCe->studyCode.") ".abbreDate2($oCe->examDate)."<br>".$oPr->startTime."-".$oPr2->endTime."<br>".$oRm->roomNo; 
							}else{
								echo "-";
							}
?>
							</font></td>
							<td height="22" align="center"><font color="<?php echo $GLOBALS["COLOR_FONT_4"];?>" size="2">
<?php	
							$oCe2->SearchByClsIdExC($oCe->classId,F);						
							if($oCe2->GetRecord()){
								$oPr->SearchByKey($oCe->examTimeFrom);
								$oPr->GetRecord();
								
								$oPr2->SearchByKey($oCe->examTimeTo);
								$oPr2->GetRecord();
																
								echo "(".$oCe->studyCode.") ".abbreDate2($oCe->examDate)."<br>".$oPr->startTime."-".$oPr2->endTime."<br>".$oRm->roomNo; 
							}else{
								echo "-";
							}
?>
							</font></td>																					
						</tr>
<?php
						$ce++;									
					}																		
				}
				
				if($ce==0){
?>
						<tr><td colspan="4" align="center"><font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2">** дБи»ГТЎЇГТВЎТГµТГТ§аГХВ№/КНєг№°Т№ўйНБЩЕ **</font></td></tr>
<?php				
				}
?>										
						</table><font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2">** ўйНБЩЕ·Хи»ГТЎЇг№µТГТ§КНє¤ЧН (C) єГГВТВ, (L) »ЇФєСµФ, ЗС№·ХиКНє аЗЕТбЕРЛйН§КНє</font><br><br></td></tr>						
						<tr>
							<td><font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2">&nbsp;</font><br><br>
							<input name="cancle" type="button" value="ВЎаЕФЎ" onClick="location.href='studySchedule.php?methodSearch=no&studentCode=<?php echo $studentCode;?>&studentName=<?php echo $studentName;?>&studentSurname=<?php echo $studentSurname;?>' ">
							<input type="hidden" name="method" value="show"></td>
						</tr>						
<?php				
				}
//		} // end if method				
?>												
					</table></td>
				</tr>
			</table></form></div><br></label>
		</fieldset><br><?php if($methodSearch=="search"){ ?><font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2"><b>ЛБТВаЛµШ : </b>ГРєШГЛСК№СЎИЦЎЙТ ЛГЧН ЄЧиН ЛГЧН №ТБКЎШЕ№СЎИЦЎЙТаѕЧиНґЩўйНБЩЕµТГТ§аГХВ№ўН§№СЎИЦЎЙТ</font><?php } ?>
		</td>
	</tr>
</table>
<?php
$oSs->Destroy();
$oSy->Destroy();
CloseTable();
include("footer.php");
?>

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.005 ]--