Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/Service/ drwxr-xr-x |
Viewing file: ManAcc.php.bak (10.17 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php session_start(); if (session_is_registered("valid_user")) { $Username = $valid_user; include("../../include/FunctionDB.php"); include("../../include/Function.php"); include("../../admin_menu.php"); ConnectDB(); // $sql ="SELECT * FROM manament_tb WHERE code='$code' "; // $result = mysql_query($sql) or die("Cannot Select").mysql_error(); // $rs = mysql_fetch_array($result); // $rs[Student_id] = mysql_insert_id(); ?> <html> <head> <title>Form insert accessories</title> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> <link rel="stylesheet" href="../css/cart4.css" type="text/css"> <link href="../../css/style1.css" rel="stylesheet" type="text/css"> <script language="JavaScript" type="text/JavaScript"> <!-- function browse() { form1.Imag1.src = form1.Img1.value; } <!-- function MM_openBrWindow(theURL,winName,features) { //v2.0 window.open(theURL,winName,features); } //--> function chk(c){ if (c.checked){ document.all.Prob1.disabled=false; document.all.Prob2.disabled=false; document.all.Prob3.disabled=false; document.all.Prob4.disabled=false; } else{ document.all.Problem.disabled=false; } } </script> <style type="text/css"> <!-- .style1 { color: #0000FF; font-weight: bold; } --> </style> </head> <body bgcolor="#FFFFFF"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td> <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr > <td width="25%" background="../../Image/barm.jpg" class="table"> <div align="center"><strong><font size="2" face="Tahoma"><a href="../menu_teacher.php" class="g">กลับหน้าหลัก</a></font></strong></div></td> <td width="25%" background="../../Image/barm.jpg" class="table"> <div align="center"><strong><font size="2" face="Tahoma"><a href="EditManList.php?Teacher_code=<? echo $rs[Teacher_code] ?>" class="g">แก้ไข</a></font></strong></div></td> <td width="25%" background="../../Image/barm.jpg" class="table"> <div align="center"><strong><font size="2" face="Tahoma"><a href="ManList.php?Teacher_code=<? echo $rs[Teacher_code]?>" class="g">แสดง</a></font></strong></div></td> <td width="25%" background="../../Image/barm.jpg" class="table"> <div align="center"><strong><font size="2" face="Tahoma"><a href="../../logout.php" class="g">Logout</a></font></strong></div></td> </tr> </table></td> </tr> </table> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td> </td> </tr> </table> <table width="88%" border="0" align="center" cellpadding="0" cellspacing="1" style="border:1px solid gray"> <tr bgcolor="#CCCCCC" > <td height="25" colspan="3"> <div align="center" class="style1"><font size="4" face="Tahoma">เพิ่มข้อมูล</font></div></td> </tr> <form name="form1" method="POST" action="InsertMan.php" enctype="multipart/form-data"> <tr bgcolor="#EEEEEE"> <td height="22" bgcolor="#EEEEEE"><div align="center"><font size="2" face="Tahoma"> วันที่แจ้งซ่อม </font></div></td> <td> </td> <td><font color="#000000" size="2" face="Tahoma">วันที่ <select name="mDate" id="mDate" class="select" onkeypress="return handleEnter(this, event)" > <? getDay1to31();?> </select> เดือน <select name="mMonth" id="mMonth" class="select" onkeypress="return handleEnter(this, event)"> <? getThaiMonth();?> </select> ปี พ.ศ. <input name="mYear" type="text" id="mYear" size="5" class="input" > </font> </td> </tr> <tr bgcolor="#EEEEEE"> <td width="22%" height="20" bgcolor="#EEEEEE"> <div align="center"><font size="2" face="Tahoma">No </font></div></td> <td width="2%"><div align="center"><font color="#FF0000" size="4" face="Tahoma"><strong>*</strong></font></div></td> <td width="76%"><font color="#006633" size="2" face="Tahoma"> <input name="Acc_code" type="text" id="Acc_code" size="60"> </font></td> </tr> <tr bgcolor="#FFFFFF"> <td bgcolor="#EEEEEE"><div align="center"><font size="2" face="Tahoma">รหัส - อุปกรณ์/รุ่น</font></div></td> <td bgcolor="#EEEEEE"><div align="center"><font color="#FF0000" size="4" face="Tahoma"><strong>*</strong></font></div></td> <td bgcolor="#EEEEEE"><select name="Acc_name" id="Acc_name" class="input1"> <?php $strSQL1 = "SELECT * FROM accessories_tb Where Course_code='00002'"; $result1 = mysql_query($strSQL1); while( $rss = mysql_fetch_array($result1)) { echo"<option value=\"$rss[Acc_name]\" ><b>$rss[Acc_code] $rss[Acc_name]</b></option>\n"; } ?> </select> <font color="#006633" size="2" face="Tahoma"> </font></td> </tr> <tr bgcolor="#FFFFFF"> <td bgcolor="#EEEEEE"> <div align="center"><font size="2" face="Tahoma">นักศึกษาผู้แจ้งซ่อม</font></div></td> <td bgcolor="#EEEEEE"> <div align="center"><font color="#FF0000" size="4" face="Tahoma"><strong>*</strong></font></div></td> <td bgcolor="#EEEEEE"> <strong><font color="#003366" size="2" face="Tahoma"> <select name="Student_id" id="Student_id" class="input1"> <?php $strSQL3 = "SELECT * FROM student_tb Where Course_code='00002'"; $result3 = mysql_query($strSQL3); while( $rs3 = mysql_fetch_array($result3)) { echo"<option value=\"$rs3[Student_id]\" ><b>รุ่น $rs3[Class] No $rs3[Orderlist] - $rs3[First_name] $rs3[Name] $rs3[Lastname]</b></option>\n"; } ?> </select> </font></strong></td> </tr> <tr bgcolor="#EEEEEE"> <td height="22" bgcolor="#EEEEEE"><div align="center"><font size="2" face="Tahoma">อาจารย์ผู้รับผิดชอบ</font></div></td> <td><font color="#FF0000" size="4" face="Tahoma"><strong>*</strong></font></td> <td bgcolor="#EEEEEE"><strong><font color="#003366" size="2" face="Tahoma"> <select name="Teacher_code" id="Teacher_code" class="input1"> <?php $strSQL2 = "SELECT * FROM personal_tb Where Permision='2' Order by Teacher_name "; $result2 = mysql_query($strSQL2); while( $rs2 = mysql_fetch_array($result2)) { echo"<option value=\"$rs2[Teacher_code]\" ><b>$rs2[Teacher_name] $rs2[Teacher_lastname]</b></option>\n"; } CloseDB(); ?> </select> </font></strong></td> </tr> <tr bgcolor="#EEEEEE"> <td bgcolor="#EEEEEE"><div align="center"><font size="2" face="Tahoma"><font size="2">ชนิดอุปกรณ์</font> </font></div></td> <td><font color="#FF0000" size="4" face="Tahoma"><strong>*</strong></font></td> <td><font size="2" face="Tahoma"> <input type="radio" name="Status" value="Hand piece"> Hand piece <input type="radio" name="Status" value="X-ray"> X-ray <input type="radio" name="Status" value="Air compressor"> Air compressor <input type="radio" name="Status" value="Dental Chair"> Dental chair <input type="radio" name="Status" value="เครื่องขูดหินปูน"> เครื่องขูดหินปูน</font></td> </tr> <tr bgcolor="#EEEEEE"> <td height="22" bgcolor="#EEEEEE"> </td> <td><font color="#FF0000" size="4" face="Tahoma"><strong>*</strong></font></td> <td bgcolor="#EEEEEE"><font size="2" face="Tahoma"> <input type="radio" name="Status" value="เครื่องฉายแสง "> เครื่องฉายแสง <input type="radio" name="Status" value="Autocalve "> Autocalve <input type="radio" name="Status" value="เครื่องปั่นอมัลกั้ม "> เครื่องปั่นอมัลกั้ม <input type="radio" name="Status" value="Hot air oven"> Hot air oven <input type="radio" name="Status" value="Dental unit"> Dental Unit </font></td> </tr> <tr bgcolor="#EEEEEE"> <td height="22" bgcolor="#EEEEEE"> <div align="center"><font size="2" face="Tahoma">สถานที่อุปกรณ์</font></div></td> <td><div align="center"><font color="#FF0000" size="4" face="Tahoma"><strong>*</strong></font></div></td> <td bgcolor="#EEEEEE"> <input name="Store" type="text" class="input" id="Store" size="50"> </td> </tr> <tr bgcolor="#eeeeee"> <td> <div align="center"><font size="2" face="Tahoma">สาเหตุอาการ</font></div></td> <td> </td> <td><textarea name="Contact" cols="50" rows="5" id="Contact"></textarea></td> </tr> <tr bgcolor="#EEEEEE"> <td height="22" bgcolor="#EEEEEE"> </td> <td> </td> <td><font color="#993333" size="2" face="Tahoma"><?echo number_format($rs['Price'],2,'.',','); ?></font></td> </tr> <tr bordercolor="#CCCCCC" bgcolor="#ECF5FF"> <td height="101" nowrap bordercolor="#CCCCCC"><div align="center"><font color="#003366" size="2" face="Tahoma">รูปภาพ</font></div></td> <td bordercolor="#CCCCCC"> </td> <td nowrap bordercolor="#99CCFF"><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="63%" height="100"><div align="center"> <label> <input name="Img1" type="file" id="Img1" onChange=browse()> </div> </label></td> <td width="37%"><div align="center"><img name="Imag1" src=" " width="109" height="94"></div></td> </tr> </table></td> </tr> <tr bgcolor="#CCCCFF" > <td height="25" colspan="3"> <div align="center"> <input type="submit" name="Submit" value=" บันทึก " class="button"> <input type="reset" name="Submit2" value="เริ่มใหม่" class="button"> </div></td> </tr> </form> </table> </body> </html> <?php } else { echo"<body bgcolor=\"#CCCCCC\">"; echo"<meta http-equiv=\"refresh\" content=\"3;URL=../logout.php\" target=\"mainFrame\">\n"; echo"<center>"; echo"<br><br><br><b><font face=\"Tahoma\" size=\"4\" color=\"#FF0000\">Please Login</font> </b><br>"; echo"<br><br><font face=\"Tahoma\" size=\"10\" color=\"#000000\"> ERROR 404 PERMISION DENY</font><br>"; echo"<br><font face=\"Tahoma\" size=\"4\" color=\"#000000\"> คุณไม่มสิทธ์ใช้งาน</font>"; echo"</center>"; echo"</body>"; } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0123 ]-- |