Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/QA/ drwxr-xr-x |
Viewing file: Select action/file-type: <?php session_start(); if (session_is_registered("valid_user") && session_is_registered("Priority") ) { include("../include/FunctionDB.php"); include("admin_menu.php"); ConnectDB(); $Username = $valid_user; $sql ="SELECT * FROM personal_tb WHERE Username='$Username'"; $result = mysql_query($sql) or die("Cannot Select").mysql_error(); $rs = mysql_fetch_array($result); $strSQL = "SELECT * FROM qa_result_tb Order By Term ,Times Asc "; if (! $Page) $Page = 1; $Pre_Page = $Page - 1; $Next_Page = $Page +1; $Per_Page = 10; $result = mysql_query($strSQL); $Page_start = ($Per_Page*$Page) - $Per_Page; $Num_Rows = mysql_num_rows($result); if( $Num_Rows <= $Per_Page) $Num_Pages = 1; else if (($Num_Rows % $Per_Page) == 0) $Num_Pages = ($Num_Rows / $Per_Page); else $Num_Pages = ($Num_Rows / $Per_Page) + 1; $Num_Pages = (int)$Num_Pages; if (( $Page > $Num_Pages) || ($Page < 0)) echo"Page $Page More than $Num_Pages"; $strSQL .=" LIMIT $Page_start,$Per_Page" ; $result = mysql_query($strSQL); $num = mysql_num_rows($result ); ?> <meta http-equiv="Content-Type" content="text/html; charset=TIS-620"> <link href="../source/style.css" rel="stylesheet" type="text/css"> <link href="../css/style1.css" rel="stylesheet" type="text/css"> <script language="JavaScript" type="text/JavaScript"> function MM_reloadPage(init) { //reloads the window if Na v4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> } var highlightcolor="lightyellow" var ns6=document.getElementById&&!document.all var previous='' var eventobj //Regular expression to highlight only form elements var intended=/INPUT|TEXTAREA|SELECT|OPTION/ //Function to check whether element clicked is form element function checkel(which){ if (which.style&&intended.test(which.tagName)){ if (ns6&&eventobj.nodeType==3) eventobj=eventobj.parentNode.parentNode return true } else return false } </script> <script type="text/javascript"> var offsetxpoint=-60 //Customize x offset of tooltip var offsetypoint=20 //Customize y offset of tooltip var ie=document.all var ns6=document.getElementById && !document.all var enabletip=false if (ie||ns6) var tipobj=document.all? document.all["dhtmltooltip"] : document.getElementById? document.getElementById("dhtmltooltip") : "" function ietruebody(){ return (document.compatMode && document.compatMode!="BackCompat")? document.documentElement : document.body } function ddrivetip(thetext, thecolor, thewidth){ if (ns6||ie){ if (typeof thewidth!="undefined") tipobj.style.width=thewidth+"px" if (typeof thecolor!="undefined" && thecolor!="") tipobj.style.backgroundColor=thecolor tipobj.innerHTML=thetext enabletip=true return false } } function positiontip(e){ if (enabletip){ var curX=(ns6)?e.pageX : event.x+ietruebody().scrollLeft; var curY=(ns6)?e.pageY : event.y+ietruebody().scrollTop; //Find out how close the mouse is to the corner of the window var rightedge=ie&&!window.opera? ietruebody().clientWidth-event.clientX-offsetxpoint : window.innerWidth-e.clientX-offsetxpoint-20 var bottomedge=ie&&!window.opera? ietruebody().clientHeight-event.clientY-offsetypoint : window.innerHeight-e.clientY-offsetypoint-20 var leftedge=(offsetxpoint<0)? offsetxpoint*(-1) : -1000 //if the horizontal distance isn't enough to accomodate the width of the context menu if (rightedge<tipobj.offsetWidth) //move the horizontal position of the menu to the left by it's width tipobj.style.left=ie? ietruebody().scrollLeft+event.clientX-tipobj.offsetWidth+"px" : window.pageXOffset+e.clientX-tipobj.offsetWidth+"px" else if (curX<leftedge) tipobj.style.left="5px" else //position the horizontal position of the menu where the mouse is positioned tipobj.style.left=curX+offsetxpoint+"px" //same concept with the vertical position if (bottomedge<tipobj.offsetHeight) tipobj.style.top=ie? ietruebody().scrollTop+event.clientY-tipobj.offsetHeight-offsetypoint+"px" : window.pageYOffset+e.clientY-tipobj.offsetHeight-offsetypoint+"px" else tipobj.style.top=curY+offsetypoint+"px" tipobj.style.visibility="visible" } } function hideddrivetip(){ if (ns6||ie){ enabletip=false tipobj.style.visibility="hidden" tipobj.style.left="-1000px" tipobj.style.backgroundColor='' tipobj.style.width='' } } document.onmousemove=positiontip </script> <style type="text/css"> <!-- .style17 {font-size: 14px} --> </style> <table width="817" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="817"><br><fieldset> <legend><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="Qa_menu.php" >หน้าหลัก</a></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><img src="../picture/ico3.gif" width="10" height="10" border="0" align="absmiddle" /><a href="StandardList.php"> ข้อมูลประกันคุณภาพ</a></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"> <img src="../picture/ico3.gif" width="10" height="10" border="0" align="absmiddle" /></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="AddResult.php">ประเมินผลการประกันคุณภาพ</a></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"> <img src="../picture/ico3.gif" width="10" height="10" border="0" align="absmiddle" />สรุปผลการประเมิน</font></legend> <label><div align="center"> <form id="form1" name="form1" method="post" action="InsertResult.php"> <table width="100%" border="0" cellpadding="0" cellspacing="1" style=" border:1px solid gray"> <tr> <td height="25" colspan="4" background="../Image/barqa1.jpg" ><div align="center"><font color="#FFFFFF" size="4" face="Tahoma"><strong>รายการสรุปการประเมินผลการประกันคุณภาพการศึกษาภายใน</strong></font></div></td> </tr> <tr> <td width="28" rowspan="2" align="center" bgcolor="#DDDDDD" class="style17" style="border:1px solid gray"><font color="#000000" face="Tahoma">No.</font></td> <td width="66" rowspan="2" align="center" bgcolor="#DDDDDD" class="style17" style="border:1px solid gray"><font color="#000000" face="Tahoma">ปีการศึกษา</font></td> <td width="82" rowspan="2" align="center" bgcolor="#DDDDDD" style="border:1px solid gray"> <span class="style17"><font face="Tahoma">ประเมินครั้งที่</font></span> </td> <td width="632" height="26" align="center" bgcolor="#DDDDDD" style="border:1px solid gray"><span class="style17"><strong><font face="Tahoma">ผลสรุปคะแนนรวมแต่ละมาตรฐาน</font></strong></span></td> </tr> <tr bgcolor="#CCCCCC"> <td align="center" style="border:1px solid gray"><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10%"><div align="center"><font color="#003399" size="2" face="Tahoma">1</font></div></td> <td width="10%"><div align="center"><font color="#003399" size="2" face="Tahoma">2</font></div></td> <td width="10%"><div align="center"><font color="#003399" size="2" face="Tahoma">3</font></div></td> <td width="10%"><div align="center"><font color="#003399" size="2" face="Tahoma">4</font></div></td> <td width="10%"><div align="center"><font color="#003399" size="2" face="Tahoma">5</font></div></td> <td width="10%"><div align="center"><font color="#003399" size="2" face="Tahoma">6</font></div></td> <td width="10%"><div align="center"><font color="#003399" size="2" face="Tahoma">7</font></div></td> <td width="10%"><div align="center"><font color="#003399" size="2" face="Tahoma">8</font></div></td> <td width="10%"><div align="center"><font color="#003399" size="2" face="Tahoma">9</font></div></td> </tr> </table></td> </tr> <?php $i = 1; while($row = mysql_fetch_array($result)) { if($count==0) { ?> <tr bgcolor="#F7F7F7" onmouseover="this.style.backgroundColor='#D8F8FA'" onmouseout="this.style.backgroundColor='#FDFAEE'" > <td align="center" bgcolor="#F7F7F7" ><strong><font color="#996600" size="2" face="Tahoma"> <?=$i?> </font></strong></td> <td align="center" bgcolor="#F7F7F7" onmouseover="this.style.backgroundColor='#D8F8FA'" onmouseout="this.style.backgroundColor='#F7F7F7'" ><div align="center"><font color="#003366" size="2" face="Tahoma"> <a href="ResultDetail.php?code=<? echo $row[code]?>" class="d"> <? echo $row["Term"]?> </a> </font></div></td> <td bgcolor="#F7F7F7"><div align="center"><strong><font color="#003366" size="2" face="Tahoma"><? echo $row["Times"]?></font></strong> </div></td> <td bgcolor="#F7F7F7" onmouseover="this.style.backgroundColor='#D8F8FA'" onmouseout="this.style.backgroundColor='#F7F7F7'" ><div align="left"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10%"><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result1 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result1); $SumStd1 = $rss[S11] + $rss[S12] + $rss[S13] + $rss[S14] + $rss[S15] + $rss[S16] + $rss[S17] + $rss[S18] + $rss[S19]; echo"$SumStd1"; ?> </a></font></div></td> <td width="10%"><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result2 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result2); $SumStd2 = $rss[S21] + $rss[S22] + $rss[S23] + $rss[S24] + $rss[S25] + $rss[S26] + $rss[S27] + $rss[S28] + $rss[S29] + $rss[S210]; echo"$SumStd2"; ?> </a></font></div></td> <td width="10%"><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result3 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result3); $SumStd3 = $rss[S31] + $rss[S32] + $rss[S33] + $rss[S34] + $rss[S35] + $rss[S36] ; echo"$SumStd3"; ?> </a></font></div></td> <td width="10%"><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result4 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result4); $SumStd4 = $rss[S41] + $rss[S42] + $rss[S43] + $rss[S44] + $rss[S45] + $rss[S46] ; echo"$SumStd4"; ?> </a></font></div></td> <td width="10%"><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result5 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result5); $SumStd5 = $rss[S51] + $rss[S52] + $rss[S53] + $rss[S54] + $rss[S55] ; echo"$SumStd5"; ?> </a></font></div></td> <td width="10%"><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result6 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result6); $SumStd6 = $rss[S61] + $rss[S62] ; echo"$SumStd6"; ?> </a></font></div></td> <td width="10%"><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> </a><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result7 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result7); $SumStd7 = $rss[S71] + $rss[S72] + $rss[S73] + $rss[S74] + $rss[S75] + $rss[S76] + $rss[S77] + $rss[S78] + $rss[S79] + $rss[S710] + $rss[S711] + $rss[S712]; echo"$SumStd7"; ?> </a></font></div></td> <td width="10%"><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result8 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result8); $SumStd8 = $rss[S81] + $rss[S82] ; echo"$SumStd8"; ?> </a></font></div></td> <td width="10%"><div align="center"></div></td> </tr> </table> </div></td> </tr> <? $count=1; } else { ?> <tr bgcolor="#FDFAEE" onmouseover="this.style.backgroundColor='#D8F8FA'" onmouseout="this.style.backgroundColor='#FDFAEE'" > <td align="center" bgcolor="#FFFFFF" ><strong><font color="#996600" size="2" face="Tahoma"> <?=$i?> </font></strong></td> <td height="18" align="center" bgcolor="#FDFAEE" onmouseover="this.style.backgroundColor='#D8F8FA'" onmouseout="this.style.backgroundColor='#FDFAEE'" ><div align="center"><font color="#003366" size="2" face="Tahoma"> <a href="ResultDetail.php?code=<? echo $row[code]?>" class="d"> <? echo $row["Term"]?> </a> </font></div></td> <td bordercolor="#FFFFFF" bgcolor="#FDFAEE"><div align="center"><strong><font color="#003366" size="2" face="Tahoma"><? echo $row["Times"]?></font></strong></div></td> <td bordercolor="#FFFFFF" bgcolor="#FFFFFF"><div align="left"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr bgcolor="#FDFAEE" onmouseover="this.style.backgroundColor='#D8F8FA'" onmouseout="this.style.backgroundColor='#FDFAEE'" > <td width="10%" ><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result1 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result1); $SumStd1 = $rss[S11] + $rss[S12] + $rss[S13] + $rss[S14] + $rss[S15] + $rss[S16] + $rss[S17] + $rss[S18] + $rss[S19]; echo"$SumStd1"; ?> </a></font></div></td> <td width="10%"><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result2 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result2); $SumStd2 = $rss[S21] + $rss[S22] + $rss[S23] + $rss[S24] + $rss[S25] + $rss[S26] + $rss[S27] + $rss[S28] + $rss[S29] + $rss[S210]; echo"$SumStd2"; ?> </a></font></div></td> <td width="10%" ><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result3 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result3); $SumStd3 = $rss[S31] + $rss[S32] + $rss[S33] + $rss[S34] + $rss[S35] + $rss[S36] ; echo"$SumStd3"; ?> </a></font></div></td> <td width="10%"><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result4 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result4); $SumStd4 = $rss[S41] + $rss[S42] + $rss[S43] + $rss[S44] + $rss[S45] + $rss[S46] ; echo"$SumStd4"; ?> </a></font></div></td> <td width="10%"><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result5 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result5); $SumStd5 = $rss[S51] + $rss[S52] + $rss[S53] + $rss[S54] + $rss[S55] ; echo"$SumStd5"; ?> </a></font></div></td> <td width="10%"><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result6 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result6); $SumStd6 = $rss[S61] + $rss[S62] ; echo"$SumStd6"; ?> </a></font></div></td> <td width="10%"><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result7 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result7); $SumStd7 = $rss[S71] + $rss[S72] + $rss[S73] + $rss[S74] + $rss[S75] + $rss[S76] + $rss[S77] + $rss[S78] + $rss[S79] + $rss[S710] + $rss[S711] + $rss[S712]; echo"$SumStd7"; ?> </a></font></div></td> <td width="10%"><div align="center"><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"> <?php $code = $row[code]; $sql1 = "Select * From qa_result_tb Where code='$code' "; $result8 = mysql_query($sql1) or die("Error $result1".mysql_error()); $rss = mysql_fetch_array($result8); $SumStd8 = $rss[S81] + $rss[S82] ; echo"$SumStd8"; ?> </a></font></div></td> <td width="10%"> </td> </tr> </table> </div></td> </tr> <? $count=0; } $i++; } CloseDB(); ?> <tr> <td height="25" colspan="4" align="center" background="../Image/barqa1.jpg" ><div align="center"><strong><font color="#FFFFFF" size="2" face="Tahoma">ทั้งหมด <? echo $num ?> รายการ </font> </strong></div></td> </tr> </table> <table width="100%" border="0" cellpadding="0" cellspacing="1" bordercolor="#CCCCCC"> <tr> <td align="right" bordercolor="#CCCCCC" class="Tahoma11"><div align="center"><font color="#FFFFFF"> <font color="#FFFFFF" size="3" face="MS Sans Serif"><strong> <font color="#006633" size="2" face="Tahoma"><?php echo $Num_Pages;?></font></strong></font><font color="#006633" size="2" face="Tahoma"><strong> หน้า</strong></font> <font color="#006633" size="2" face="Tahoma"><strong> <?php if ($Pre_Page) echo"<a href=\"$PHP_SELF?Page=$Pre_Page\" class=\"PageLink\"><font =\"Ms San serif\" size=\"3\"><b><< Previus</b> </font></a>"; for($i=1;$i<=$Num_Pages;$i++) { if($i != $Page) echo" [<a href=\"$PHP_SELF?Page=$i\" class=\"PageLink\"><font =\"Ms San serif\" size=\"3\"><b>$i</b></font></a>] "; else echo"<b>$i</b>"; } if($Page != $Num_Pages) echo"<a href=\"$PHP_SELF?Page=$Next_Page\" class=\"PageLink\"><font =\"Ms San serif\" size=\"3\"><b> Next >></b> </font></a>"; ?> </strong></font> </font> </div></td> </tr> </table> <br> </form> </div> </label> </fieldset><br> <font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2"><b>หมายเหตุ :</b> ใช้เมาส์คลิกที่ชื่อ<br> </font></td> </tr> </table> <?php } else { echo"<meta http-equiv=\"refresh\" content=\"3;URL=../login.php\">\n"; echo"Please Login "; } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0065 ]-- |