Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/Outreac_project/ drwxr-xr-x |
Viewing file: Select action/file-type: <?php session_start(); /** Define Validate Access */ define( '_VALID_ACCESS' , 1 ); /** Check Session User Login */ if( !session_is_registered("valid_user") && !session_is_registered("Priority") ) { echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-874\" />"; echo "<p style=padding-top:115px><p align=center><br /><font color=red><strong>กรุณาทำการ Login ก่อน</strong></font></p></p>"; echo "<meta http-equiv=\"refresh\" content=\"1; URL=../login.php\" />"; exit(); } else { /** Configuration */ require_once( "../configuration.php" ); require_once( $_Config_absolute_path . "/includes/framework.php" ); require_once( "../includes/Function.php" ); require_once( "../includes/FunctionDB.php" ); /** Create Database Object */ $dbObj = new DBConn; //=== SESSION $Username = $valid_user; /** Config Table for This Page */ $myTable = "edu_service_tb"; $myTableFK = "Project_code"; /** Receive values */ //$Path = $_Config_live_site."/personal_pic"; /** Receive values */ $Project_name = htmlspecialchars(trim($_POST[Project_name])); $M21 = htmlspecialchars(trim($_POST[M21])); $M22 = htmlspecialchars(trim($_POST[M22])); $M23 = htmlspecialchars(trim($_POST[M23])); $M24 = htmlspecialchars(trim($_POST[M24])); $M3 = htmlspecialchars(trim($_POST[M3])); $M3_Detail = htmlspecialchars(trim($_POST[M3_Detail])); $M4 = htmlspecialchars(trim($_POST[M4])); $M5 = htmlspecialchars(trim($_POST[M5])); $Budget_Year = htmlspecialchars(trim($_POST[Budget_Year])); $AcademicYear = htmlspecialchars(trim($_POST[AcademicYear])); //$Date_start = $_POST['mYear']."-".$_POST['mMonth']."-".$_POST['mDate']; //$Date_finish = $_POST['mYear1']."-".$_POST['mMonth1']."-".$_POST['mDate1']; $Date_in = $_POST['mYear2']."-".$_POST['mMonth2']."-".$_POST['mDate2']; $Date_out = $_POST['mYear3']."-".$_POST['mMonth3']."-".$_POST['mDate3']; $Faculty_code = htmlspecialchars(trim($_POST[Faculty_code])); $M7 = htmlspecialchars(trim($_POST[M7])); $Location = htmlspecialchars(trim($_POST[Location])); $M8 = htmlspecialchars(trim($_POST[M8])); $M8_Detail = htmlspecialchars(trim($_POST[M8_Detail])); $M9 = htmlspecialchars(trim($_POST[M9])); $Budget_fee = htmlspecialchars(trim($_POST[Budget_fee])); $M101 = htmlspecialchars(trim($_POST[M101])); $M101_Detail = htmlspecialchars(trim($_POST[M101_Detail])); $M102 = htmlspecialchars(trim($_POST[M102])); $Target_group = htmlspecialchars(trim($_POST[Target_group])); $M103 = htmlspecialchars(trim($_POST[M103])); $Budget = htmlspecialchars(trim($_POST[Budget])); $M104 = htmlspecialchars(trim($_POST[M104])); $M1041 = htmlspecialchars(trim($_POST[M1041])); $M1041_Detail = htmlspecialchars(trim($_POST[M1041_Detail])); $M106 = htmlspecialchars(trim($_POST[M106])); $Cradit = htmlspecialchars(trim($_POST[Cradit])); $Budget_colleg = htmlspecialchars(trim($_POST[Budget_colleg])); $M107 = htmlspecialchars(trim($_POST[M107])); $LecturerIn = htmlspecialchars(trim($_POST[LecturerIn])); $HoursIn = htmlspecialchars(trim($_POST[HoursIn])); $M108 = htmlspecialchars(trim($_POST[M108])); $LecturerOut = htmlspecialchars(trim($_POST[LecturerOut])); $HoursOut = htmlspecialchars(trim($_POST[HoursOut])); $Filetex1 = htmlspecialchars(trim($_POST[Filetex1])); $Filetex2 = htmlspecialchars(trim($_POST[Filetex2])); //*------------*// $Path = "../Plan_pic"; //### Upload Text File -----*// if( $_FILES['Filetex1']['name'] != "" ) { $Filetex1 = date('YmdHis').strrchr($_FILES['Filetex1']['name'], "."); @copy( $_FILES['Filetex1']['tmp_name'] , $PlanPicPath.$Filetex1); @unlink( $_FILES['Filetex1']['tmp_name'] ); } //*------------*// $Path = "../Plan_pic"; //### Upload Text File -----*// if( $_FILES['Filetex2']['name'] != "" ) { $Filetex2 = date('YmdHis').strrchr($_FILES['Filetex2']['name'], "."); @copy( $_FILES['Filetex2']['tmp_name'] , $PlanPicPath.$Filetex2); @unlink( $_FILES['Filetex2']['tmp_name'] ); } $query = " UPDATE edu_service_tb SET Orderlist='$Orderlist' , Project_name='$Project_name', M21='$M21', M22='$M22' ,M23='$M23' ,M24='$M24' , M31='$M31', M32='$M32', M33='$M33', M34='$M34', M35='$M35', M36='$M36', M37='$M37', M35_Detail='$M35_Detail' , M4='$M4', M5='$M5', proId='$proId', Budget_Year='$Budget_Year', AcademicYear='$AcademicYear', Date_start='$Date_start' , Date_finish='$Date_finish' , Date_in='$Date_in' , Date_out='$Date_out' , Faculty_code='$Faculty_code' , M7='$M7' , Location='$Location' , LocationOut ='$LocationOut' , M8='$M8' , M8_Detail ='$M8_Detail' , M9='$M9' , Budget_fee='$Budget_fee' , M101='$M101' , M101_Detail='$M101_Detail' , M102='$M102', Target_group='$Target_group', M103='$M103', Budget='$Budget', M104='$M104', M1041='$M1041', M1041_Detail='$M1041_Detail' , M105='$M105', M106='$M106' , Cradit='$Cradit' , Budget_colleg='$Budget_colleg' , M107='$M107', LecturerIn='$LecturerIn' , HoursIn='$HoursIn' , M108='$M108' , LecturerOut='$LecturerOut' , HoursOut='$HoursOut' , M11='$M11' , M11_Detail='$M11_Detail', M12_Detail='$M12_Detail', Filetex1='$Filetex1' , Filetex2='$Filetex2' WHERE outreacId ='$outreacId' " ; $result = $dbObj->runQuery($query); $dbObj->freeresult($result); } # else ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-874" /> <link href="../css/default.css" rel="stylesheet" type="text/css" /> <script language="javascript" src="../js/utilities.js"></script> <title>ข้อมูลทั่วไปบุคลากร - ข้อมูลงานวิจัย - เพิ่มประวัติผลงานวิจัย</title></head> <body topmargin="0" rightmargin="0" bottommargin="0" leftmargin="0"> <?php include("../templates/incHeader.php"); ?> <table width="1003" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="203" align="left" valign="top" style="padding:10px 0px 0px 5px"><?php include("./_incMainMenu.php");?></td> <td width="800" height="440" align="center" valign="top" style="padding:10px 0px 5px 10px"><fieldset> <table width="780" border="0" cellspacing="0" cellpadding="0"> <form id="myForm" name="myForm" method="post" action="<?=$PHP_SELF;?>?page=<?=$page;?>"> <tr> <td height="5"></td> </tr> <tr> <td height="30" background="../images/background/bg-head-topic-w780.gif" class="PADDING-LEFT-10"><strong><a href="index.php">หน้าหลัก</a></strong> <strong>» <a href="Menu_Personal.php">ข้อมูลบุคลากร</a> » <a href="InstructorList.php">รายชื่อวิทยาการทั้งหมด</a> »<span class="NOTE">แก้ไขข้อมูล</span></strong></td> </tr> <tr> <td> </td> </tr> <tr> <td height="150" align="center"><span class="TEXT-GREEN10"><strong>ระบบจัดเก็บข้อมูลของท่านเรียบร้อยแล้ว</strong></span><br /> กรุณารอส้กครู่ กำลังเปลี่ยนหน้าอัตโนมัติ<br /> <?php echo "<meta http-equiv=\"refresh\" content=\"1; URL=EditOutreacList.php?Budget_Year=$Budget_Year\">"; ?></td> </tr> <tr> <td height="234"> </td> </tr></form> </table> </fieldset></td> </tr> </table> <?php include("../templates/incFooter.php"); ?> </body> </html> <?php /** Free Resource */ $dbObj->freeresult($result0); /** Close the Database */ $dbObj->disconn(); /** Unset Class */ unset($dbObj); ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.006 ]-- |