!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/Dev/   drwxr-xr-x
Free 51.01 GB of 127.8 GB (39.91%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     TrainingDetail.php (33.36 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php

    session_start
();
    
    
/**  Define Validate Access  */
    
define'_VALID_ACCESS');

    
/**  Check Session User Login  */
    
if( !session_is_registered("valid_user") && !session_is_registered("Priority") ) {
        echo 
"<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-874\" />";
        echo 
"<p style=padding-top:115px><p align=center><br /><font color=red><strong>กรุณาทำการ Login ก่อน</strong></font></p></p>";
        echo 
"<meta http-equiv=\"refresh\" content=\"1; URL=../login.php\" />";
        exit();
    } 
    else {
        
/**  Configuration  */
        
require_once( "../configuration.php" );
        require_once( 
$_Config_absolute_path "/includes/framework.php" );
        require_once( 
"../include/Function.php" );
        require_once( 
"../include/FunctionDB.php" );
        
/**  Create Database Object  */
        
$dbObj = new DBConn;

        
//=== SESSION
        
$Username $valid_user
        
        
        
/**  Config Table for This Page  */
        
$myTable1 "personal_tb";
        
$myTable2 "dev_his";
        
$myTable3 "project_tb";
        
$myTable4 "dev_hrperson";
        
$myTable5 "budget_year_tb";
        
        
/**  Table  -->  personal_tb  */
        
$query " SELECT *  FROM $myTable4  WHERE  Teacher_code='$Teacher_code' ";
        
$result $dbObj->execQuery($query);
        
$rss $dbObj->fetchArray($result);
            
$Teacher_code $rss['Teacher_code'];
        
        
/**  Table  -->  tech_plan_tb  */
        
$query1 " SELECT *  FROM dev_hrperson  WHERE  perid='$perid'  Or   Teacher_code='$Teacher_code'     ";
        
$result1 $dbObj->execQuery($query1);
        
$rs1 $dbObj->fetchArray($result1);
        
        
/**  Table  -->  techplan_method_tb  */
        
$query2 " SELECT *  FROM $myTable3  WHERE   codeId='$codeId'     ";
        
$result2 $dbObj->execQuery($query2);
        
$rs2 $dbObj->fetchArray($result2);
        
        
/**  Table  -->  tech_spec_tb  */
        
$query3 " SELECT *  FROM dev_his  WHERE  HisId ='$HisId'     ";
        
$result3 $dbObj->execQuery($query3);
        
$rs3 $dbObj->fetchArray($result3);
        
        
$query " SELECT *  FROM  $myTable5      ";
        
$result5 $dbObj->execQuery($query);
        
$rs5 $dbObj->fetchArray($result5);
        
        
    } 
# else
 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-874" />
<link href="../css/default.css" rel="stylesheet" type="text/css" />
<script language="javascript" src="../js/utilities.js"></script>
<script type="text/javascript" src="../js/ajaxScript.js"></script>
<title>ข้อมูลทั่วไปบุคลากร - ข้อมูลแผนการสอน - แก้ไขข้อมูล</title>
</head>

<body topmargin="0" rightmargin="0" bottommargin="0" leftmargin="0">

<table width="791" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td width="791" height="440" align="center" valign="top" style="padding:10px 0px 5px 10px"><fieldset>
      <table width="765" border="0" cellspacing="0" cellpadding="0">
        <form id="form1" name="form1" method="post" action="EditTraining.php?Teacher_code=<?=$Teacher_code?>&Training_code=<?=$Training_code;?>&codeId=<?=$codeId?>">
          <tr>
            <td width="765" height="5"></td>
          </tr>
          <tr>
            <td align="center">
              
                <?php

        ?>
                
                <table width="773" cellpadding="0" cellspacing="0">
                  <tr height="31">
                    <td height="31" colspan="6" align="center" class="PATRON11">บันทึกข้อความ</td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="6" l="l">ส่วนราชการ <font size="2" face="Tahoma">
                      <?php
                        
//$collegeCode =  $rss["collegeCode"];
                        //$sql = "Select * From  college Where collegeStatus ='1'";
                        
$sql "select * from dev_config";
                        
$result1 mysql_query($sql) or die("Error".mysql_error());
                        
$rs2 mysql_fetch_array($result1);
                        echo 
"$rs2[longpre] $rs2[deptname]";
                      
?>
                    </font></td>
                  </tr>
                  <tr>
                    <td height="29" colspan="2" align="left">ที่ <font color="#0000FF" size="2" face="Tahoma">
                      <input name="maNo2" type="text" id="maNo2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<? echo $rs1[maNo];?>" size="15" />
                    </font></td>
                    <td width="131" height="29" align="left"><input name="codeId2" type="hidden" id="codeId2" value="<? echo $rs1["codeId"]?>" />
                    <input name="Year_std2" type="hidden" id="Year_std2" value="<? echo $rs1["Year_std"]?>" /></td>
                    <td height="29" align="left">&nbsp;</td>
                    <td height="29" colspan="2" align="left">วันที่
                    <input name="Date2" type="text" id="Date2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="10" value=" <?php 
       $sday 
$rs3[Date];
    
$yearthai explode("-",$sday);
    
$day =      intval($yearthai[2]);
    
$month =  intval($yearthai[1]);
    
$year =     intval($yearthai[0]+543);     
          
//////////////////
 //   $yearthai =  $day ;
  
$m getThaiSubMonth($month);
     echo
"$day"." "."$m"." "."$year";
    
?>" /></td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="3" align="left">เรื่อง&nbsp;&nbsp;<font color="#0000FF" size="2" face="Tahoma">
                      <input name="Detail2" type="text" id="Detail2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="รายงานผลการอบรม/ประชุม/สัมนา" size="25" />
                    </font></td>
                    <td width="72"></td>
                    <td width="214"></td>
                    <td width="181"></td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="5" align="left">เรียน &nbsp; ผู้อำนวยการ <font size="2" face="Tahoma">
                      <?php
                        
//$collegeCode =  $rss["collegeCode"];
                        //$sql = "Select * From  college Where collegeStatus ='1'";
                        
$sql "select * from dev_config";
                        
$result1 mysql_query($sql) or die("Error".mysql_error());
                        
$rs2 mysql_fetch_array($result1);
                        echo 
"$rs2[longpre] $rs2[deptname]";
                      
?>
                    </font></td>
                    <td></td>
                  </tr>
                  <tr height="29">
                    <td width="148" height="25"></td>
                    <td colspan="5" align="left">ตามคำสั่ง/หนังสือที่</a>
                      <input name="No_in2" type="text" id="No_in2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="20"  value="<? echo $rs3[No_in];?>" />
                      </a> ลงวันที่</a>
                      <input name="Dated2" type="text" id="Dated2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="25"  value="<? echo $rs3[Dated];?>" />
                    </a></td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="6" align="left">ได้อนุมัติให้ข้าพเจ้า<a>
                      <input name="Name3" type="text" id="Name2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="30" value="<?php
                  $sql 
" SELECT *  FROM  prefix   Where   prefixId='$rs1[pcode]'  ";
                  
$result6 mysql_query($sql);
                  
$rs6 $dbObj->fetchArray($result6);
                echo  
$rs6['prefixName'];
                
?><? echo $rs1['fname']; ?>&nbsp;&nbsp;<? echo $rs1['lname']; ?> " />
                      </a> ตำแหน่ง<a>
                      <input name="Name3" type="text" id="Name3" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="25"  value="<?
                 $sql 
" SELECT *  FROM   dev_adlinepos    Where   adlineId ='$rs1[poscode]'  ";
                  
$result4 mysql_query($sql);
                
$rs4 mysql_fetch_array($result4) ;
                echo  
$rs4['adlineName'] ;
                 
$sql " SELECT *  FROM  dev_clevelpos     Where   levelcode  ='$rs1[levelcode]'  ";
                  
$result5 mysql_query($sql);
                
$rs5 mysql_fetch_array($result5) ;
                echo  
$rs5['kplevel'] ;
                 
?>
         " />
                      เลขที่สภาวิชาชีพ
                      <input name="cerid" type="text" id="Name4" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="7"  value="<? echo $rs1['cerid'] ;?>" />
                    </a></td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="6" align="left">เข้ารับการอบรม/ประชุม/สัมนา เรื่อง</a>
                      <input name="cname2" type="text" id="cname2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<?=$rs3['cname'];?>" size="75" />
                      <input type="checkbox" name="checkbox" id="checkbox" />
                    <a>นับหลักสูตร </a></a></td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="6" align="left"></a><span id="budgetOver2"></span></a>ระหว่างวันที่
                      <input name="Date_start2" type="text" id="Date_start2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="10"  value="<?php 
       $sday 
$rs3[startdate];
    
$yearthai explode("-",$sday);
    
$day =      intval($yearthai[2]);
    
$month =  intval($yearthai[1]);
    
$year =     intval($yearthai[0]+543);     
          
//////////////////
 //   $yearthai =  $day ;
  
$m getThaiSubMonth($month);
     echo
"$day"." "."$m"." "."$year";
    
?>" />
                      </a> ถึงวันที่<font color="#000000">&nbsp;</font><span class="style5">*</span></a>
                      <input name="Date_finish2" type="text" id="Date_finish2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="10"  value="<?php 
       $sday 
$rs3[enddate];
    
$yearthai explode("-",$sday);
    
$day =      intval($yearthai[2]);
    
$month =  intval($yearthai[1]);
    
$year =     intval($yearthai[0]+543);     
          
//////////////////
 //   $yearthai =  $day ;
  
$m getThaiSubMonth($month);
     echo
"$day"." "."$m"." "."$year";
    
?>" />                    
                      </a></a> (ไม่รวมวันเดินทาง) จำนวน<a>
                      <input name="daycount2" type="text" id="daycount2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value=" <? echo $rs3['daycount'] ;?>" size="1" maxlength="5" />
                      </a>ชั่วโมง จำนวน <a>
                      <input name="Day3" type="text" id="Day3" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed"  value="<? echo $rs3['Day'] ;?>" size="1" maxlength="5" readonly="readonly" />
                      </a>วัน ปีงบประมาณ
                    <input name="Year_std3" type="text" id="Year_std3" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed"  onkeypress="checkNumeric()" onkeyup="checkBudget()" value="<? echo $rs3['Year_std'] ;?>" size="2" maxlength="4" /></td>
                  </tr>
                  <tr height="31">
                    <td height="31" colspan="6">                    ณ สถานที่จัด</a>&nbsp;
                      <input name="traincenter" type="text" id="traincenter" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<?php  echo $rs3[traincenter];?>" size="50" />                    </a>จังหวัด </a>
                      
                      <?php
                       
                                $strSQL 
" SELECT * FROM   province   where   provinceId='$rs3[provcode]'     ";
                                
$result4 mysql_query($strSQL);
                                 
$rs4 mysql_fetch_array($result4) ;
                                 echo  
$rs4['provinceName'];
                             
?>
                      
                      
                      </a>ประเทศ
                      
                      <?php
                            
                                $sql 
" SELECT * FROM  dev_ccountry   Where   countrycode  ='$rs3[countrycode]'   ";
                                
$result5 mysql_query($sql);
                                 
$rs5 mysql_fetch_array($result5) ;
                                echo 
$rs5['countryname'];        
                            
?>
                    </a></td>
                  </tr>
                  <tr height="31">
                    <td height="29" colspan="6">หน่วยงานผู้จัด&nbsp;
                      <?
              $query 
" SELECT *  FROM dev_univ  WHERE  univId ='$rs3[univId]'    ";
              
$result5 $dbObj->execQuery($query);
              
$rs5 $dbObj->fetchArray($result5);
              
?>
                      <input name="#" type="text" id="#" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed"value="<?php echo $rs5['univName'];?>" size="50" readonly="readonly" />                      </font></strong></font> หน่วยคะแนน
                      <input name="unit" type="text" id="unit" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<?php  echo $rs3[unit];?>" size="4" />
                    &nbsp;</a></td>
                  </tr>
                  <tr height="31">
                    <td height="31" colspan="6">จำนวนเงินที่ใช้ในการพัฒนาตามแหล่งเงิน</td>
                  </tr>
                  <tr height="31">
                    <td height="31" colspan="6"> เงินงบประมาณ
                      <input name="moneybudget1" type="text" id="moneybudget1" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<? echo $rs3['moneybudget1'];?>" size="6"  onkeypress="checkNumeric()" onkeyup="checkBudget()" />
                      บาท  &nbsp;&nbsp;เงินรายได้
                      <input name="moneybudget2" type="text" id="moneybudget2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<? echo $rs3['moneybudget2'];?>" size="6"  onkeypress="checkNumeric()" onkeyup="checkBudget()" />
                      บาท
                      
                      เงินที่จ่ายเอง
                      <input name="moneybudget3" type="text" id="moneybudget3" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<? echo $rs3['moneybudget3'];?>" size="6"  onkeypress="checkNumeric()" onkeyup="checkBudget()" />
                      บาท
                      
                      เงินสนับสนุนอื่นๆ
                      <input name="moneybudget4" type="text" id="moneybudget4" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<? echo $rs3['moneybudget4'];?>" size="6"  onkeypress="checkNumeric()" onkeyup="checkBudget()" />
                    บาท </td>
                  </tr>
                  <tr height="31">
                    <td height="31" colspan="6">รวมจำนวนเงินทั้งหมด
                      <input name="money_old" type="text" id="money_old" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed"  onkeypress="checkNumeric()" onkeyup="checkBudget()" value="<? echo $rs3['money'];?>" size="6" readonly="readonly" />
                    บาท</td>
                  </tr>
                  <tr height="31">
                    <td height="31" colspan="6">มีรายละเอียดดังนี้</a></td>
                  </tr>
                  <tr height="31">
                    <td height="31" colspan="6">๑. ประเภทโครงการ <font size="2" face="Tahoma">
                      <input type="radio" name="Training_std" <?php if (!(strcmp("$rs3[Training_std]","Y"))) { echo "checked"; } ?> value="Y" />
                      พัฒนาตามนโยบาย
                      <input type="radio" name="Training_std" <?php if (!(strcmp("$rs3[Training_std]","N"))) { echo "checked"; } ?> value="N" />
                    พัฒนาตามความต้องการของตนเอง (สมรรถนะ)</font></td>
                  </tr>
                  <tr height="31">
                    <td height="31" colspan="6">๒. วัตถุประสงค์ของการอบรม/ประชุม/สัมนา
                    <input name="moneycenter" type="text" id="moneycenter" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<?php  echo $rs3[moneycenter];?>" size="80" /></td>
                  </tr>
                  <tr height="31">
                    <td height="31" colspan="6">๓. เนื้อหาสาระด้าน
                      <label>
                        <input name="Content" type="radio" id="Content2"<?php if (!(strcmp("$rs3[Content]","401"))) { echo "checked"; } ?> value="401" />
                        วิชาการ
                        <input name="Content" type="radio" id="Content2" <?php if (!(strcmp("$rs3[Content]","402"))) { echo "checked"; } ?> value="402" />
                        บริหาร
                        <input name="Content" type="radio" id="Content5"<?php if (!(strcmp("$rs3[Content]","403"))) { echo "checked"; } ?> value="403" />
                        วิชาชีพเฉพาะ
                        <input name="Content" type="radio" id="Content2"<?php if (!(strcmp("$rs3[Content]","404"))) { echo "checked"; } ?> value="404" />
                        ทัศนคติ
                        <input name="Content" type="radio" id="Content3"<?php if (!(strcmp("$rs3[Content]","405"))) { echo "checked"; } ?> value="405" />
                        การเรียนการสอน
                        <input name="Content" type="radio" id="Content4"<?php if (!(strcmp("$rs3[Content]","406"))) { echo "checked"; } ?> value="406" />
                        คุณธรรมจริยธรรม
                        <input name="Content" type="radio" id="Content5"<?php if (!(strcmp("$rs3[Content]","407"))) { echo "checked"; } ?> value="407" />
                      อื่นๆ </label></td>
                  </tr>
                  <tr height="31">
                    <td height="31" colspan="6">๔. ประโยชน์ที่ได้รับ
                    <input name="unitpoint" type="text" id="unitpoint" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed"value="<?php echo $rs3[unitpoint];?>" size="90" /></td>
                  </tr>
                  <tr height="31">
                    <td height="16" colspan="6">&nbsp;</td>
                  </tr>
                  <tr height="31">
                    <td height="31" colspan="6"><table width="676" border="0" align="center" cellpadding="0" cellspacing="0">
                      <tr>
                        <td colspan="4" align="left">พัฒนาความรู้ความสามารถ : </td>
                        <td scope="col"><input name="Skills" type="radio" id="Skills" <?php if (!(strcmp("$rs3[Skills]","501"))) { echo "checked"; } ?> value="501" />
                          ในการปฏิบัติงาน</td>
                        <td scope="col"><input name="Skills" type="radio" id="Skills"<?php if (!(strcmp("$rs3[Skills]","502"))) { echo "checked"; } ?> value="502" />
                          ในเรื่องกฏหมายและระเบียบราชการ</td>
                        </tr>
                      <tr>
                        <th colspan="4">&nbsp;</th>
                        <th scope="col">&nbsp;</th>
                        <th scope="col">&nbsp;</th>
                        </tr>
                      <tr>
                        <td colspan="4" align="left">พัฒนาสมรรถนะหลัก กพ. :</td>
                        <td width="287" scope="col"><input name="cdevcode" type="radio" id="cdevcode"<?php if (!(strcmp("$rs3[cdevcode]","101"))) { echo "checked"; } ?> value="101" />
                          การมุ่งผลสัมฤทธิ์ </td>
                        <td width="233" scope="col"><input name="cdevcode" type="radio" id="cdevcode" <?php if (!(strcmp("$rs3[cdevcode]","102"))) { echo "checked"; } ?> value="102" />
                          การบริการที่ดี </td>
                        </tr>
                      <tr>
                        <th colspan="4">&nbsp;</th>
                        <td scope="col"><input name="cdevcode" type="radio" id="cdevcode" <?php if (!(strcmp("$rs3[cdevcode]","103"))) { echo "checked"; } ?> value="103" />
                          การสั่งสมความเชี่ยวชาญในงานอาชีพ</td>
                        <td scope="col"><input name="cdevcode" type="radio" id="cdevcode"<?php if (!(strcmp("$rs3[cdevcode]","104"))) { echo "checked"; } ?> value="104" />
                          จริยธรรม</td>
                        </tr>
                      <tr>
                        <th colspan="4">&nbsp;</th>
                        <td scope="col"><input name="cdevcode" type="radio" id="cdevcode"<?php if (!(strcmp("$rs3[cdevcode]","105"))) { echo "checked"; } ?> value="105" />
                          ความร่วมแรงร่วมใจ</td>
                        <th scope="col">&nbsp;</th>
                        </tr>
                      <tr>
                        <th colspan="4">&nbsp;</th>
                        <th scope="col">&nbsp;</th>
                        <th scope="col">&nbsp;</th>
                        </tr>
                      <tr>
                        <td colspan="4" align="left">พัฒนาสมรรถนะองค์กร :</td>
                        <td colspan="2" scope="col">
                          <?php
                  $sql 
" SELECT *  FROM   dev_cdev   Where   cdevcode ='$rs3[Orgskills]'  ";
                  
$result4 mysql_query($sql);
                  
$rs4 mysql_fetch_array($result4) ;
                echo  
$rs4['cdevname'];
                
?>
                          
                          </a></td>
                        </tr>
                      <tr>
                        <th colspan="4">&nbsp;</th>
                        <td scope="col">&nbsp;</td>
                        <td scope="col">&nbsp;</td>
                        </tr>
                      <tr>
                        <td colspan="4" align="left">พัฒนาสมรรถนะกลุ่มงาน :</td>
                        <td colspan="2" scope="col"></th>
                          <?php
                  $sql 
" SELECT *  FROM   dev_cdev   Where   cdevcode ='$rs3[Groskills]'  ";
                  
$result4 mysql_query($sql);
                  
$rs4 mysql_fetch_array($result4) ;
                echo  
$rs4['cdevname'];
                
?></td>
                        </tr>
                      <tr>
                        <th colspan="4">&nbsp;</th>
                        <th scope="col">&nbsp;</th>
                        <th scope="col">&nbsp;</th>
                        </tr>
                      <tr>
                        <td colspan="4" align="left">พัฒนาสรรถนะในงาน :</td>
                        <td colspan="2" scope="col"><?php
                  $sql 
" SELECT *  FROM   dev_cdev   Where   cdevcode ='$rs3[Perskills]'  ";
                  
$result4 mysql_query($sql);
                  
$rs4 mysql_fetch_array($result4) ;
                echo  
$rs4['cdevname'];
                
?></td>
                        </tr>
                      <tr>
                        <th colspan="4">&nbsp;</th>
                        <th scope="col">&nbsp;</th>
                        <th scope="col">&nbsp;</th>
                        </tr>
                      <tr>
                        <td colspan="4" align="left">พัฒนาทักษะด้าน :</td>
                        <td scope="col"><input name="Hiskills" type="radio" id="Hiskills"<?php if (!(strcmp("$rs3[Hiskills]","601"))) { echo "checked"; } ?> value="601" />
                          การคิดคำนวณ </td>
                        <td scope="col"><input name="Hiskills" type="radio" id="Hiskills"<?php if (!(strcmp("$rs3[Hiskills]","602"))) { echo "checked"; } ?> value="602" />
                          การใช้ภาษาอังกฤษ</td>
                        </tr>
                      <tr>
                        <th colspan="4">&nbsp;</th>
                        <td scope="col"><input name="Hiskills" type="radio" id="Hiskills"<?php if (!(strcmp("$rs3[Hiskills]","603"))) { echo "checked"; } ?> value="603" />
                          การใช้คอมพิวเตอร์ </td>
                        <td scope="col"><input name="Hiskills" type="radio" id="Hiskills"<?php if (!(strcmp("$rs3[Hiskills]","604"))) { echo "checked"; } ?> value="604" />
                          การจัดการข้อมูล</td>
                        </tr>
                      <tr>
                        <th colspan="4">&nbsp;</th>
                        <td scope="col">&nbsp;</td>
                        <td scope="col">&nbsp;</td>
                        </tr>
                    </table></td>
                  </tr>
                  <tr height="29">
                    <td height="16" colspan="6" align="left">&nbsp;&nbsp;&nbsp;&nbsp;</td>
                  </tr>
                  <tr height="29">
                    <td height="16" colspan="6" align="left">๕. การนำความรู้ที่ได้รับมาประยุกต์ใช้ในการเรียนการสอน/การวิจัย/การบริการวิชาการ/การปฏิบัติงาน</td>
                  </tr>
                  <tr height="29">
                    <td height="16" colspan="6" align="left">&nbsp;</td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="6" align="left"><table width="448" border="0" align="center" cellpadding="0" cellspacing="0">
                      <tr>
                        <th scope="col">&nbsp;</th>
                        <th scope="col"><textarea name="Apply" cols="70" rows="5" id="Apply" class="d"><?=htmlspecialchars_decode$rs3['Apply'] ) ;?>
                        </textarea></th>
                        </tr>
                      <tr>
                        <td>&nbsp;</td>
                        <td>&nbsp;</td>
                        </tr>
                    </table></td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="6" align="left">๖. ประเภทการพัฒนา <font size="2" face="Tahoma">
                      <input type="radio" name="Training_type" <?php if (!(strcmp("$rs3[Training_type]","1"))) { echo "checked"; } ?> value="1" />
                      การอบรม
                      <input type="radio" name="Training_type" <?php if (!(strcmp("$rs3[Training_type]","2"))) { echo "checked"; } ?> value="2" />
                      การศึกษาดูงาน
                      <input type="radio" name="Training_type" <?php if (!(strcmp("$rs3[Training_type]","3"))) { echo "checked"; } ?> value="3" />
                      ประชุม
                      <input type="radio" name="Training_type" <?php if (!(strcmp("$rs3[Training_type]","4"))) { echo "checked"; } ?> value="4" />
                      สัมมนา
                      <input type="radio" name="Training_type" <?php if (!(strcmp("$rs3[Training_type]","7"))) { echo "checked"; } ?> value="7" />
                      วิทยากร
                      <input type="radio" name="Training_type" <?php if (!(strcmp("$rs3[Training_type]","6"))) { echo "checked"; } ?> value="6" />
                    อื่นๆ </font></td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="6" align="left">๗. สาขาวิชาการ
                    <input name="traindept" type="text" id="traindept" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<? echo $rs3['traindeptr']; ?>" size="40" /></td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="6" align="left">๘. รายละเอียดอื่นๆ </td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="6" align="left">&nbsp;</td>
                  </tr>
                  <tr height="31">
                    <td height="31" colspan="3" align="left">&nbsp;</td>
                    <td colspan="2">ลงชื่อ .................................................</td>
                    <td></td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="3">&nbsp;</td>
                    <td colspan="2" align="center">(
                      <? $sql " SELECT *  FROM  prefix   Where   prefixId='$rs1[pcode]'  ";
                  
$result6 mysql_query($sql);
                  
$rs6 $dbObj->fetchArray($result6);
                echo  
$rs6['prefixName'];
                
?>
                      <? echo $rs1['fname']; ?>&nbsp;&nbsp;<? echo $rs1['lname']; ?></a> )
                      <input name="Teacher_code2" type="hidden" id="Teacher_code2" value="<? echo $rss["Teacher_code"]?>" />
                    <input name="Faculty_code2" type="hidden" id="Faculty_code2" value="<? echo $rss["Faculty_code"]?>" /></td>
                    <td></td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="3" align="left">&nbsp;</td>
                    <td colspan="2">ตำแหน่ง</a>
                      <input name="Name3" type="text" id="Name7" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="25" value="<? $sql " SELECT *  FROM   dev_adlinepos    Where   adlineId ='$rs1[poscode]'  ";
                  
$result4 mysql_query($sql);
                
$rs4 mysql_fetch_array($result4) ;
                echo  
$rs4['adlineName'] ;
                 
$sql " SELECT *  FROM  dev_clevelpos     Where   levelcode  ='$rs1[levelcode]'  ";
                  
$result5 mysql_query($sql);
                
$rs5 mysql_fetch_array($result5) ;
                echo  
$rs5['kplevel'] ;?>
         " />
                    </a></td>
                    <td></td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="2" align="left">&nbsp;</td>
                    <td align="left">&nbsp;</td>
                    <td colspan="3" align="left">&nbsp;</td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="3" align="left">ลงชื่อ........................................หัวหน้าภาค/ฝ่าย</td>
                    <td colspan="3" align="left">&nbsp;</td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="3" align="center">(
                      <?php
                         
//$Teacher_code =  $rss["TeacherId"];
                         
$sql "Select * From    personal_tb   Where  Faculty_code ='$rss[Faculty_code]'  and   TeacherId='1'  ";
                          
$result1 mysql_query($sql) or die("Error".mysql_error());
                         
$rs2 mysql_fetch_array($result1);
                          echo 
"$rs2[First_name]$rs2[Teacher_name] &nbsp;&nbsp;$rs2[Teacher_lastname]";
                     
?>
                      </a>)
                    <input name="TeacherId2" type="hidden" id="TeacherId2" value="<? echo $rs2["Teacher_code"]?>" /></td>
                    <td align="center">คำสั่ง</a></td>
                    <td align="left">&nbsp;</td>
                    <td align="left">&nbsp;</td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="3" align="left">ตำแหน่ง<font color="#0000FF" size="2" face="Tahoma">
                      <input name="Name3" type="text" id="Name11" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="25"  value="<? $PositionId =  $rs2["PositionId"];
         
$sql "Select * From  position_tb   Where   PositionId ='$PositionId'  ";
          
$result1 mysql_query($sql) or die("Error".mysql_error());
          
$rs2 mysql_fetch_array($result1);
          echo 
"$rs2[Position_name] ";?>
         " />
                    </font></td>
                    <td align="left">&nbsp;</td>
                    <td colspan="2" align="left"><input name="Flag2" type="radio" id="Flag"<?php if (!(strcmp("$rs1[Flag2]","อนุมัติ"))){echo "checked";} ?> value="อนุมัติ"  />
                      อนุมัติ&nbsp;&nbsp;&nbsp;
                      <input name="Flag2" type="radio" id="Flag"<?php if (!(strcmp("$rs1[Flag2]","รออนุมัติ"))){echo "checked";} ?> value="รออนุมัติ"  />
                      รออนุมัติ&nbsp;&nbsp;&nbsp;
                      <input name="Flag2" type="radio" id="Flag" <?php if (!(strcmp("$rs1[Flag2]","ไม่อนุมัติ"))){echo "checked";} ?> value="ไม่อนุมัติ"  />
                    ไม่อนุมัติ</td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="2" align="left">&nbsp;</td>
                    <td align="left">&nbsp;</td>
                    <td colspan="3" align="left">ลงชื่อ.........................................&hellip;&hellip;..</td>
                  </tr>
                  <tr height="29">
                    <td height="28" colspan="2" align="left">&nbsp;</td>
                    <td align="left">&nbsp;</td>
                    <td colspan="2" align="left">&nbsp;</td>
                    <td align="left">&nbsp;</td>
                  </tr>
                  <tr height="29">
                    <td height="28" colspan="2" align="left">&nbsp;</td>
                    <td align="left">&nbsp;</td>
                    <td colspan="2" align="left">&nbsp;</td>
                    <td align="left">&nbsp;</td>
                  </tr>
                  <tr height="29">
                    <td height="29" colspan="2" align="left">&nbsp;</td>
                    <td align="left">&nbsp;</td>
                    <td colspan="2" align="left"> วันที่..........เดือน......................พ.ศ..........&hellip;</td>
                    <td align="left">&nbsp;</td>
                  </tr>
                </table>
              <p>&nbsp;</p></td>
          </tr>
          </form>
        </table>
    </fieldset></td>
  </tr>
</table>

</body>
</html>
<?php
    
/**  Free Resource */
    
$dbObj->freeresult($result1);
    
    
/**  Close the Database  */
    
$dbObj->disconn();
    
    
/**  Unset Class  */
    
unset($dbObj);
?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0209 ]--