Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/Car_depart/ drwxr-xr-x |
Viewing file: InsertDayFormCar.php (6.35 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php session_start(); /** Define Validate Access */ define( '_VALID_ACCESS', 1 ); /** Check Session User Login */ if( !session_is_registered("valid_user") && !session_is_registered("Priority") ) { echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-874\" />"; echo "<p style=padding-top:115px><p align=center><br /><font color=red><strong>กรุณาทำการ Login ก่อน</strong></font></p></p>"; echo "<meta http-equiv=\"refresh\" content=\"1; URL=../login.php\" />"; exit(); } else { /** Configuration */ require_once( "../configuration.php" ); require_once( $_Config_absolute_path . "/includes/framework.php" ); require_once( "../include/Function.php" ); require_once( "../include/FunctionDB.php" ); /** Create Database Object */ $dbObj = new DBConn; //=== SESSION $Username = $Username; /** Config Table for This Page */ $myTable1 = "personal_tb"; $myTable2 = "formcaroffice"; $myTable2PK = "carId"; /** Table --> personal_tb */ $query1 = " SELECT * FROM $myTable1 WHERE Teacher_code='$Teacher_code' "; $result1 = $dbObj->execQuery($query1); $rs1 = $dbObj->fetchArray($result1); $Teacher_code = $rs1['Teacher_code']; /** Receive values */ $code = trim( $_POST['code'] ); $makeWord = htmlspecialchars( trim( $_POST['makeWord'] ) ); // เรื่อง $Make = trim( $_POST['Make'] ); //ผู้ร่วมเดินทาง $Training_name = trim ( $_POST['Training_name'] ); $Training_type = trim( $_POST['Training_type'] ); $Date = ($_POST['mYear']-543)."-".$_POST['mMonth']."-".$_POST['mDate']; $Date_start = ($_POST['mYear2']-543)."-".$_POST['mMonth2']."-".$_POST['mDate2']; $Date_finish = ($_POST['mYear3']-543)."-".$_POST['mMonth3']."-".$_POST['mDate3']; $object = trim( $_POST['object'] ); $PersonIn = trim( $_POST['PersonIn'] ); $Personly = trim( $_POST['Personly'] ); $Place = trim( $_POST['Place'] ); $TelNo = trim( $_POST['TelNo'] ); $Teacher_code = trim( $_POST['Teacher_code'] ); $usecar = htmlspecialchars( trim( $_POST['usecar'] ) ); $Time_start = htmlspecialchars(trim($_POST['Time_start'])); $Time_finish = htmlspecialchars(trim($_POST['Time_finish'])); $Status = 'รออนุมัติ'; /*--------function Date-----------*/ function dates_range($date1, $date2){ if ($date1<$date2){ //$dates_range[]=$date1; $date1=strtotime($date1); $date2=strtotime($date2); $dateFirst=mktime(0, 0, 0, date("m", $date1), date("d", $date1), date("Y", $date1)); $dates_range[]=date('Y-m-d', $dateFirst); while ($date1!=$date2){ $date1=mktime(0, 0, 0, date("m", $date1), date("d", $date1)+1, date("Y", $date1)); $dates_range[]=date('Y-m-d', $date1); } } return $dates_range; } //--- Table --> 'formcaroffice' $DateCar = dates_range($Date_start,$Date_finish); if(sizeof($DateCar) != 0){ for($i=0;$i<sizeof($DateCar);$i++){ InsertFormCar($CarNo, $code, $makeWord, $Make, $Training_name, $Training_type, $Date, $DateCar[$i], $Date_start, $Date_finish, $object, $PersonIn, $Personly, $provinceId,$Detail, $Place, $TelNo, $usecar, $Time_start, $Time_finish, $Time_startName , $Time_finishName, $CarmoId, $Teacher_code, $Budget_year , $Status ) ; $carId = mysql_insert_id(); InsertOil( $carId , $Mile_start , $Mile_finish , $Lish_start , $Price_start , $Num_start ,$Lish_finish , $Price_finish , $Num_finish , $Teacher_code ); } } else{ InsertFormCar( $CarNo ,$code, $makeWord, $Make, $Training_name, $Training_type, $Date, $Date_start, $Date_start, $Date_finish, $object, $PersonIn, $Personly, $provinceId,$Detail, $Place, $TelNo, $usecar, $Time_start, $Time_finish, $Time_startName , $Time_finishName, $CarmoId, $Teacher_code, $Budget_year , $Status ) ; $carId = mysql_insert_id(); InsertOil( $carId , $Mile_start , $Mile_finish , $Lish_start , $Price_start , $Num_start ,$Lish_finish , $Price_finish , $Num_finish , $Teacher_code ); } } # else ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-874" /> <link href="../css/default.css" rel="stylesheet" type="text/css" /> <script language="javascript" src="../js/utilities.js"></script> <title>ข้อมูลทั่วไปบุคลากร - ข้อมูลการพัฒนาบุคลากร - เพิ่มข้อมูลประวัติการพัฒนาตนเอง</title></head> <body topmargin="0" rightmargin="0" bottommargin="0" leftmargin="0"> <?php include("../templates/incHeaderCar.php"); ?> <table width="1003" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="203" align="left" valign="top" style="padding:10px 0px 0px 5px"><?php include("./_incMainMenu.php");?></td> <td width="800" height="440" align="center" valign="top" style="padding:10px 0px 5px 10px"><fieldset> <table width="780" border="0" cellspacing="0" cellpadding="0"> <form id="pc" name="pc" method="post" action="<?=$PHP_SELF;?>?page=<?=$page;?>"> <tr> <td height="5"></td> </tr> <tr> <td height="30" background="../images/background/bg-head-topic-w780.gif" class="PADDING-LEFT-10"><strong><a href="index.php">หน้าหลัก</a></strong> <strong>» <a href="Menu_Teach.php?Teacher_code=<?=$Teacher_code;?>">ข้อมูลทั่วไปบุคลากร</a> » <a href="TrainingList.php?Teacher_code=<?=$Teacher_code;?>">ข้อมูลการพัฒนาบุคลากร</a> » <span class="NOTE">เพิ่มข้อมูลการขอใช้รถยนต์</span></strong></td> </tr> <tr> <td> </td> </tr> <tr> <td height="150" align="center"><span class="TEXT-GREEN10"><strong>ระบบจัดเก็บข้อมูลของท่านเรียบร้อยแล้ว</strong></span><br /> กรุณารอส้กครู่ กำลังเปลี่ยนหน้าอัตโนมัติ<br /> <?php echo "<meta http-equiv=\"refresh\" content=\"1; URL=EditDayCarList.php?Budget_year=$Budget_year\">"; ?></td> </tr> <tr> <td height="234"> </td> </tr></form> </table> </fieldset></td> </tr> </table> <?php include("../templates/incFooter.php"); ?> </body> </html> <?php /** Free Resource */ $dbObj->freeresult($result0); /** Close the Database */ $dbObj->disconn(); /** Unset Class */ unset($dbObj); ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0138 ]-- |