Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/director/ drwxr-xr-x | |
| Viewing file: Select action/file-type: <?php
session_start();
if (session_is_registered("valid_user"))
{
$Username = $valid_user;
include("../include/FunctionDB.php");
include("admin_menu.php");
include("../include/Function.php");
ConnectDB();
$sql1 = "SELECT * FROM massege_db Where massegeId='$massegeId'";
$result = mysql_query($sql1);
$rs = mysql_fetch_array($result);
$sql = "SELECT * FROM accountMed_db Where massegeId='$massegeId' GROUP By Date ";
$result = mysql_query($sql);
$num = mysql_num_rows($result);
?>
<meta http-equiv="Content-Type" content="text/html; charset=TIS-620">
<style type="text/css">
<!--
.style10 {font-size: 14px}
-->
</style>
<table width="815" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="815" ><br />
<fieldset>
<legend><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="menu_thaimed.php">หน้าหลัก</a> <img src="../picture/ico3.gif" width="10" height="10" border="0" align="absmiddle" /><a href="AddLab.php">เ</a>แสดงข้อมูลรายวัน</font></legend>
<label> </label>
<div align="center">
<form action="Serachperson.php" method="get" name="form1" id="form1">
<p align="left"><font size="2" face="Tahoma"><img src="../picture/previous.gif" onclick="window.history.back()" width="85" height="22" border="0" /></font></p>
<table width="55%" border="0" cellpadding="0" cellspacing="0" bordercolor="#999999" style="background-color:#eeeeee; border:0px solid gray"size="12">
<tr bgcolor="#CCCCCC">
<td colspan="3" bordercolor="#999966" bgcolor="#FFFFFF" style="border:0px solid gray"><span class="style10"><font color="#996600" face="Tahoma">
<?php
$massegeId= $rs["massegeId"];
$sql = "Select * From massege_db Where massegeId='$massegeId'";
$result1 = mysql_query($sql) or die("Error".mysql_error());
$rss = mysql_fetch_array($result1);
echo "$rss[First_name] $rss[Name] $rss[Lastname]";
?>
</font></span></td>
</tr>
<tr bgcolor="#CCCCCC">
<td width="8%" bordercolor="#999966" style="border:0px solid gray"><div align="center" class="style10"><font color="#000000" face="Tahoma">No.</font></div></td>
<td width="49%" bordercolor="#999966" style="border:0px solid gray"><div align="center" class="style10"><font face="Tahoma">วันที่</font></div></td>
<td width="43%" bordercolor="#999966" style="border:0px solid gray"><div align="center" class="style10"><font face="Tahoma">จำนวนเงินรับตามวัน</font></div></td>
</tr>
<?php
$i = 1;
while($row = mysql_fetch_array($result))
{
if($count==0)
{
?>
<tr >
<td align="center" bgcolor="#ECF5FF" ><strong>
<div align="center"><font color="#996600" size="2" face="Tahoma">
<?=$i?>
</font></div>
</strong></td>
<td align="center" bgcolor="#ECF5FF" ><div align="left"><font color="#003333" size="2" face="Tahoma"><a href="FrmDentis.php?massegeId=<?=$row["massegeId"]?>&Date=<?= $row["Date"]?>"title="คลิกดูเพื่อพิมพ์ใบรายการค่าใช้จ่าย " class="d" >
<?php $sday = $row[Date];
$yearthai = explode("-",$sday);
$day = intval($yearthai[2]);
$month = intval($yearthai[1]);
$year = intval($yearthai[0]);
//////////////////
// $yearthai = $day ;
$m = getThaiSubMonth($month);
echo"$day"." "."$m"." "."$year";
?>
</a></font><font color="#996600" size="2" face="Tahoma"><a href="FrmDentisday.php?Date=<?=$row["Date"]?>&massegeId=<?= $row["massegeId"] ?>"title="Click to see Detail" class="d"></a></font> </div></td>
<td align="center" bgcolor="#ECF5FF" ><strong><font color="#993333" size="2" face="Tahoma"><strong><font color="#993333" size="2" face="Tahoma">
<?php
$Date = $row["Date"];
$sql3 = "Select Sum(Cost_total) as Sum From accountMed_db Where massegeId='$massegeId' and Date='$Date' ";
$result3 = mysql_query($sql3) or die("Error".mysql_error());
$rss3 = mysql_fetch_array($result3);
echo number_format($rss3['Sum'],2,'.',',');
?>
</font></strong></font></strong></td>
</tr>
<?
$count=1;
}
else
{
?>
<tr>
<td align="center" bordercolor="#999966" bgcolor="#FFFFFF" ><font color="#996600" size="2" face="Tahoma">
<?=$i?>
</font></td>
<td height="18" align="center" bgcolor="#FFFFFF" ><div align="left"><font color="#996600" size="2" face="Tahoma"> </font><font color="#003333" size="2" face="Tahoma"><a href="FrmDentis.php?massegeId=<?=$row["massegeId"]?>&Date=<?= $row["Date"]?>"title="คลิกดูเพื่อพิมพ์ใบรายการค่าใช้จ่าย " class="d" >
<?php
$sday = $row[Date];
$yearthai = explode("-",$sday);
$day = intval($yearthai[2]);
$month = intval($yearthai[1]);
$year = intval($yearthai[0]);
//////////////////
// $yearthai = $day ;
$m = getThaiSubMonth($month);
echo"$day"." "."$m"." "."$year";
?>
</a></font><font color="#996600" size="2" face="Tahoma"><a href="FrmDentisday.php?Date=<?=$row["Date"]?>&&Teacher_code=<?= $row["Teacher_code"] ?>"title="Click to see Detail" class="d"></a></font></div></td>
<td align="center" bgcolor="#FFFFFF" ><strong><font color="#993333" size="2" face="Tahoma"><strong><font color="#993333" size="2" face="Tahoma">
<?php
$Date = $row["Date"];
$sql3 = "Select Sum(Cost_total) as Sum From accountMed_db Where massegeId='$massegeId' and Date='$Date' ";
$result3 = mysql_query($sql3) or die("Error".mysql_error());
$rss3 = mysql_fetch_array($result3);
echo number_format($rss3['Sum'],2,'.',',');
?>
</font></strong></font></strong></td>
</tr>
<?
$count=0;
}
$i++;
}
?>
<tr>
<td height="25" colspan="3" align="center" bgcolor="#FFFFFF"><div align="center" class="style10"><font color="#000000" face="Tahoma">ทั้งหมด</font><font color="#993333" face="Tahoma"> <? echo $num ?></font> <font color="#000000" face="Tahoma">วัน</font> </div></td>
</tr>
</table>
</form>
</div>
</fieldset>
<br />
<font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2"><b>หมายเหตุ :</b> ใช้เมาส์คลิกที่ชื่อ<br />
</font></td>
</tr>
</table>
<?php
}
else
{
echo"<body bgcolor=\"#CCCCCC\">";
echo"<meta http-equiv=\"refresh\" content=\"3;URL=../logout.php\" target=\"mainFrame\">\n";
echo"<center>";
echo"<br><br><br><b><font face=\"Tahoma\" size=\"4\" color=\"#FF0000\">Please Login</font> </b><br>";
echo"<br><br><font face=\"Tahoma\" size=\"10\" color=\"#000000\"> ERROR 404 PERMISION DENY</font><br>";
echo"<br><font face=\"Tahoma\" size=\"4\" color=\"#000000\"> คุณไม่มสิทธ์ใช้งาน</font>";
echo"</center>";
echo"</body>";
}
?>
|
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0053 ]-- |