Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/_manage_depart/   drwxr-xr-x
Free 52.62 GB of 127.8 GB (41.17%)
                            Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    

Viewing file:     ExcelAccTypeName.php (5.29 KB)      -rw-r--r--

<?php

	session_start();
	
	/**  Define Validate Access  */
	define( '_VALID_ACCESS', 1 );
	
	/**  Excel  */
	header('Content-type: application/xls');
    header('Content-Disposition: attachment; filename="testing.xls"');

	/**  Check Session User Login  */
	if (! session_is_registered("valid_user") &&session_is_registered("Priority") ) {
		echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-874\" />";
		echo "<p style=padding-top:115px><p align=center><br /><font color=red><strong>ЎГШіТ·УЎТГ Login ЎиН№</strong></font></p></p>";
		echo "<meta http-equiv=\"refresh\" content=\"1; URL=../login.php\" />";
		exit();
	} 
	else {
	/**  Configuration  */
		require_once( "../configuration.php" );
		require_once( $_Config_absolute_path . "/includes/framework.php" );
		require_once( "../includes/Function.php" );
	
		/**  Create Database Object  */
		$dbObj = new DBConn;

		//=== SESSION
		$Username = $valid_user; 
		
		
		/**  Config Table for This Page  */
		$myTable = "accessories_tb";
		$myTable1 ="accessories_type_tb";
		$myTablePK = "code";
		$myTalbleOrder = "Date_buy";
		$myTableField1 = "Acc_code";
		$myTableField2 = "Acc_name";
		$myTableField3 = "Date_buy";
		
		
		$query = " SELECT *  FROM $myTable  WHERE   Acc_type_code ='$Acc_type_code'  Order   By   Date_buy   ASC  ";
		$result = $dbObj->execQuery($query);
		
		
		
	
	} # else
			
 ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-874" />

<title><?=$_Config_sitename;?></title>
</head>

<body topmargin="0" rightmargin="0" bottommargin="0" leftmargin="0">

<table width="828" border="1" align="center" cellpadding="0" cellspacing="0" class="BORDER-GREY">
  <tr bgcolor="#F0F0F0">
    <td width="35" height="25" align="center"><strong>No</strong></td>
    <td width="204" align="center" class="BORDER-LEFT-RIGHT"><strong>ГЛСК</strong></a></td>
    <td width="280" align="center" ><strong>ЄЧиННШ»ЎГім / ВХиЛйН</strong></a></td>
    <td width="92" align="center" class="BORDER-LEFT"><strong>»Х·Хи«ЧйН</strong></a></td>
    <td width="108" align="center" class="BORDER-LEFT"><strong>ЗС№ЛБґНТВШ</strong></a></td>
    <td width="107" align="center" class="BORDER-LEFT"><strong>ГТ¤Т (єТ·)</strong></a></td>
  </tr>
  <?php 
           $no = 1+($display-1)*$limit;
            while( $rs = $dbObj->fetchArray($result) ) { 
			
				if( $keyword != "" ) {
					$Acc_code = eregi_replace( $keyword, "<font color=red>\\0</font>", $rs['Acc_code'] );
					$Acc_name = eregi_replace( $keyword, "<font color=red>\\0</font>", $rs['Acc_name'] );
				} else {
					$Acc_code = $rs['Acc_code'];
					$Acc_name = $rs['Acc_name'];
				}
			
				$bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" : "#FFFFFF";
          ?>
  <tr bgcolor="<?=$bgColor;?>" onmouseover="this.style.backgroundColor='#F5F9F9'" onmouseout="this.style.backgroundColor=''">
    <td height="23" align="center" class="BORDER-TOP"><?=$no;?></td>
    <td colspan="2" align="left" class="PADDING-LEFT-5 BORDER-TOP-LEFT">
      <?=$Acc_code;?>
      &nbsp;
      <?=$Acc_name;?>
    </a></td>
    <td align="right" class="PADDING-RIGHT-5 BORDER-TOP BORDER-LEFT"><?php  
				$sday = $rs['Date_buy'];
				$yearthai = explode( "-", $sday );
				$day = intval( $yearthai[2] );
				$month = intval( $yearthai[1] );
				$year = intval( $yearthai[0] );	 
				$m = getThaiSubMonth( $month );
				echo $day ." ". $m ." ". $year;
			?></td>
    <td align="right" class="PADDING-RIGHT-5 BORDER-TOP BORDER-LEFT"><?php  
			  
			   
	           $query = " SELECT *  FROM $myTable1  WHERE  Acc_type_code='$rs[Acc_type_code]' ";
	           $result1 = $dbObj->execQuery($query);
	           $rss = $dbObj->fetchArray($result1);
				$sday = $rs['Date_buy'];
				$yearthai = explode( "-", $sday );
				$day = intval( $yearthai[2] );
				$month = intval( $yearthai[1] );
				$year = intval( $yearthai[0] )+ $rss ['Year'];	 
				$m = getThaiSubMonth( $month );
				echo $day ." ". $m ." ". $year;
			?>
      </span></td>
    <td align="right" class="PADDING-RIGHT-5 BORDER-TOP BORDER-LEFT"><?php echo number_format($rs['Price'],2,'.',','); ?></td>
  </tr>
   <?php 
               $no++;
            } # while 
			//$dbObj->freeresult($result1);
          ?>
  <tr bgcolor="<?=$bgColor;?>" onmouseover="this.style.backgroundColor='#F5F9F9'" onmouseout="this.style.backgroundColor=''">
    <td height="23" colspan="5" align="center" class="BORDER-TOP">&nbsp;</td>
    <td align="right" class="PADDING-RIGHT-5 BORDER-TOP BORDER-LEFT"><span class="PADDING-RIGHT-5 BORDER-TOP-LEFT">
      <?php
            	//###  SUM  Sum1
			
				$query6 = " SELECT SUM(Price) AS Sum  FROM  $myTable  WHERE   Acc_type_code='$Acc_type_code' ";
				$result6 = $dbObj->execQuery($query6);
				$rs6 = $dbObj->fetchArray($result6);
				$dbObj->freeresult($rs6);
					echo "<strong>". number_format($rs6['Sum'],2,'.',',') ."</strong>";
			?>
    </span></td>
  </tr>
 
</table>

</html>
<?php
	/**  Free Resource */
	$dbObj->freeresult($result);
	$dbObj->freeresult($result0);
	
	/**  Close the Database  */
	$dbObj->disconn();
	
	/**  Unset Class  */
	unset($dbObj);
?>