Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/develop_person_depart/ drwxr-xr-x |
Viewing file: Select action/file-type: <?php include("../link/function.php"); include("../include/FunctionDB.php"); include("../include/Function.php"); ConnectDB(); $strSQL = "SELECT * FROM bookmant_tb Where Year='$Year' Or Book_code='1' Order By Date_buy DESC "; $keyword = $_GET[keyword]; $fields = $_GET[fields]; if ($keyword== "" || $fields== "") { echo"<body bgcolor=\"#EBF2FE\"> <center><br><font face=\"Tahoma\" size=\"4\" color=\"#FF0000\">กรุณาเลือกรายการค้นหา </font></center></body>"; exit(); } else if($keyword == "") { echo"<body bgcolor=\"#EBF2FE\"> <center><br><font face=\"Tahoma\" size=\"4\" color=\"#FF0000\">กรุณาเลือกชื่อรายการค้นหา </font></center></body>"; } else if($fields=="") { echo"<body bgcolor=\"#EBF2FE\"> <center><br><font face=\"Tahoma\" size=\"4\" color=\"#FF0000\">กรุณาเลือกรายการค้นหา </font></center></body>"; } else $sql = "SELECT * FROM bookmant_tb WHERE $fields LIKE '%$keyword%' "; $result = mysql_query($sql) or die("Error".mysql_error()); $num = mysql_num_rows($result); if(empty($num)) { echo"<body bgcolor=\"#EBF2FE\"> <center><br><font face=\"Tahoma\" size=\"4\" color=\"#FF0000\">ไม่พบข้อมูล</font><font face=\"Tahoma\" size=\"4\" color=\"#003399\"> <b>$keyword</b></font> </center></body>"; exit(); } ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>รายละเอียดโควตา</title> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> <link href="../source/style.css" rel="stylesheet" type="text/css"> <style type="text/css"> <!-- .style23 {font-size: 14px} --> </style> <!---------------------------------------Begin JavaScript----------------------------------------> <SCRIPT LANGUAGE="JavaScript" src="../source/script.js"></SCRIPT> <script language="JavaScript"> function ReturnValue(code,No_in) { // if(id == 1){ window.opener.document.pc.code.value = code; window.opener.document.pc.No_in.value = No_in; window.close(); } /* if(id == 2){ window.opener.document.pc.quotaId2.value = quotaId; window.opener.document.pc.provinceId2.value = provinceId; } if(id == 3){ window.opener.document.pc.quotaId3.value = quotaId; window.opener.document.pc.provinceId3.value = provinceId; } if(id == 4){ window.opener.document.pc.quotaId4.value = quotaId; window.opener.document.pc.provinceId4.value = provinceId; } if(id == 5){ window.opener.document.pc.quotaId5.value = quotaId; window.opener.document.pc.provinceId5.value = provinceId; } if(id == 6){ window.opener.document.pc.quotaId6.value = quotaId; window.opener.document.pc.provinceId6.value = provinceId; } if(id == 7){ window.opener.document.pc.quotaId7.value = quotaId; window.opener.document.pc.provinceId7.value = provinceId; } if(id == 8){ window.opener.document.pc.quotaId8.value = quotaId; window.opener.document.pc.provinceId8.value = provinceId; } if(id == 9){ window.opener.document.pc.quotaId9.value = quotaId; window.opener.document.pc.provinceId9.value = provinceId; } if(id == 10){ window.opener.document.pc.quotaId10.value = quotaId; window.opener.document.pc.provinceId10.value = provinceId; } if(id == 11){ window.opener.document.pc.quotaId11.value = quotaId; window.opener.document.pc.provinceId11.value = provinceId; } if(id == 12){ window.opener.document.pc.quotaId12.value = quotaId; window.opener.document.pc.provinceId12.value = provinceId; } window.opener.document.pc.No_in.value = No_in; window.opener.document.pc.provinceName.value = provinceName; if(id == 1 && window.opener.document.pc.countQuota.value == 1){ window.opener.document.pc.quotaName.value = quotaTypeName; window.opener.document.pc.provinceName.value = provinceName; } if((id != 1 || id == 1) && window.opener.document.pc.countQuota.value != 1){ window.opener.document.pc.quotaName[id-1].value = quotaTypeName; window.opener.document.pc.provinceName[id-1].value = provinceName; } window.close(); } */ </script> </head> <form name="pc" action="<?php echo $PHP_SELF?>" method="get"> <table width="100%" border="0" cellspacing="1" cellpadding="0" style="border:1px solid #CCCCFF"> <tr> <td bgcolor="#DFDFFF"><div align="center"><font size="2" face="Tahoma"> </font><font size="2" face="Tahoma"><strong>ชื่อที่ต้องการค้นหา <img src="../picture/search.gif" width="16" height="16" align="absmiddle" border="0" /> </strong></font> <font size="2" face="Tahoma"> <input name="keyword" type="text" value="<? echo"$keyword"; ?>" size="50" style="background-color:#F0FFD2;" /> <strong>จาก</strong></font> <font size="2" face="Tahoma"> <select name="fields" style="background-color:#F0FFD2;" > <option value="No_in">เลขหนังสือ</option> <option value="No">เลขทะเบียนรับ</option> <option value="Status">เรื่อง</option> </select> <input type="submit" name="Submit" value="ค้นหา" /> </font></div></td> </tr> </table> <div align="center"> <table width="100%" border="0" align="center" cellpadding="0" cellspacing="0" style="background-color:#eeeeee; border:0px solid gray"> <tr bgcolor="#E6E6E6"> <td width="973" align="center" style="border:1px solid gray"><span class="style23"><font color="#000000" face="Tahoma">รายการหนังสือ</font></span></td> <td width="45" align="center" style="border:1px solid gray"><span class="style23"><font color="#000000" face="Tahoma">เลือก</font></span></td> </tr> <?php $i = 1; while($row = mysql_fetch_array($result)) { if($count==0) { ?> <tr bgcolor="#F7F7F7" > <td bgcolor="#FFFFFF"><font color="#996600" size="2" face="Tahoma"> <? $code = $row["code"]; $sql = "Select * From bookmant_tb Where code='$code' "; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rss = mysql_fetch_array($result1); echo " No $rss[No] ";?> <? $code = $row["code"]; $sql = "Select * From bookmant_tb Where code='$code' "; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rss = mysql_fetch_array($result1); echo " เลขที่หนังสือ $rss[No_in] ";?> </a></font><font color="#996600" size="2" face="Tahoma"> <?php $code = $row["code"]; $sql = "Select * From bookmant_tb Where code='$code' "; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rss = mysql_fetch_array($result1); //echo nl2br($rss[Status]); echo " เรื่อง $rss[Status] "; ?> </a></font></td> <td width="45" align="center" bgcolor="#FFFFFF" ><font size="2" face="Microsoft Sans Serif" style="CURSOR: hand" onClick='ReturnValue("<?php echo $row["code"]?>","<?php echo $row["No_in"]?>","<?php echo $rs["Status"]?>")'><a href="#" ><img src="../picture/addc.gif" width="15" height="19" border="0" align="absmiddle" /></a></font></td> </tr> <? $count=1; } else { ?> <tr bgcolor="#FFFFFF"> <td bgcolor="#ECF5FF"><font color="#996600" size="2" face="Tahoma"> <? $code = $row["code"]; $sql = "Select * From bookmant_tb Where code='$code' "; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rss = mysql_fetch_array($result1); echo " No $rss[No] ";?> <? $code = $row["code"]; $sql = "Select * From bookmant_tb Where code='$code' "; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rss = mysql_fetch_array($result1); echo " เลขที่หนังสือ $rss[No_in] ";?> </a></font><font color="#996600" size="2" face="Tahoma"> <?php $code = $row["code"]; $sql = "Select * From bookmant_tb Where code='$code' "; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rss = mysql_fetch_array($result1); //echo nl2br($rss[Status]); echo " เรื่อง $rss[Status] "; ?> </a></font></td> <td align="center" bordercolor="#FFFFFF" bgcolor="#ECF5FF" ><font size="2" face="Microsoft Sans Serif" style="CURSOR: hand" onClick='ReturnValue("<?php echo $row["code"]?>","<?php echo $row["No_in"]?>","<?php echo $rs["Status"]?>")'><a href="#" ><img src="../picture/addc.gif" width="15" height="19" border="0" align="absmiddle" /></a></font></td> </tr> <? $count=0; } $i++; } ?> <tr bgcolor="#CCCCFF"> <td height="25" colspan="2" align="center" bgcolor="#FFFFFF" ><div align="center"><strong><font color="#000000" size="2" face="Tahoma">ทั้งหมด</font><font color="#003399" size="2" face="Tahoma"> <? echo $num ?> </font><font color="#FFFFFF" size="2" face="Tahoma"><font color="#003366">รายการ</font><font color="#FFFFFF"> </font></font> </strong></div></td> <tr> <td height="24" colspan="2" align="center"><div align="center"><font color="#FFFFFF"> <font color="#FFFFFF" size="3" face="MS Sans Serif"><strong> <font color="#0033CC"><font color="#FFFFFF"><font color="#FFFFFF" size="3" face="MS Sans Serif"><strong><font color="#0033CC" size="2" face="Tahoma"><?php echo $Num_Pages;?></font></strong></font></font><font size="2" face="Tahoma"> </font></font></strong></font><font color="#000000" size="2" face="Tahoma"><strong> หน้า</strong></font> <font color="#0033CC" size="1" face="Tah<?php echo $Num_Pages;?>oma"><strong> <?php if ($Pre_Page) echo"<a href=\"$PHP_SELF?Page=$Pre_Page&Year=$Year&Faculty_code=$Faculty_code\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b><< Previus</b> </font></a>"; for($i=1;$i<=$Num_Pages;$i++) { if($i != $Page) echo" [<a href=\"$PHP_SELF?Page=$i&Year=$Year&Faculty_code=$Faculty_code\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b>$i</b></font></a>] "; else echo"<b>$i</b>"; } if($Page != $Num_Pages) echo"<a href=\"$PHP_SELF?Page=$Next_Page&Year=$Year&Faculty_code=$Faculty_code\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b> Next >></b> </font></a>"; ?> </strong></font> </font> <input name="code" type="hidden" id="code" value="<? echo $rs["code"]?>"> </div></td> </tr> <tr> <td align="center" colspan="2"><a href="#" onClick="window.close()"><font face="Microsoft Sans Serif" size="1">[ปิดหน้านี้]</font></a></td> </tr> <tr> <td height="2"> </tr> </table> </div> </form> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0059 ]-- |