Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/directorBCNU/ drwxr-xr-x |
Viewing file: FrmFormProject.php (20.76 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php session_start(); /** Define Validate Access */ define( '_VALID_ACCESS', 1 ); /** Check Session User Login */ if( !session_is_registered("valid_user") && !session_is_registered("Priority") ) { echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-874\" />"; echo "<p style=padding-top:115px><p align=center><br /><font color=red><strong>กรุณาทำการ Login ก่อน</strong></font></p></p>"; echo "<meta http-equiv=\"refresh\" content=\"1; URL=../login.php\" />"; exit(); } else { /** Configuration */ require_once( "../configuration.php" ); require_once( $_Config_absolute_path . "/includes/framework.php" ); require_once( "../include/Function.php" ); require_once("../link/function.php"); /** Create Database Object */ $dbObj = new DBConn; /** Config Table for This Page */ $myTable = "personal_tb"; $myTable1 = "budget_year_tb"; $myTable2 ="durable_type_tb"; /*----- personal_tb--------*/ $query = "SELECT *, prefixName as First_name FROM personal_tb LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId LEFT JOIN position_tb ON personal_tb.PositionId = position_tb.PositionId LEFT JOIN faculty_tb ON personal_tb.Faculty_code = faculty_tb.Faculty_code LEFT JOIN formagree ON formagree.Teacher_code = personal_tb.Teacher_code WHERE formagree.Teacher_code = '".$_REQUEST["Teacher_code"]." ' "; $result = $dbObj->execQuery($query); $rss = $dbObj->fetchArray($result); /* $query = "SELECT *, prefixName as First_name FROM personal_tb LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId LEFT JOIN position_tb ON personal_tb.PositionId = position_tb.PositionId LEFT JOIN faculty_tb ON personal_tb.Faculty_code = faculty_tb.Faculty_code LEFT JOIN training_tb ON personal_tb.Teacher_code = training_tb.Teacher_code LEFT JOIN formaoffice ON training_tb.Teacher_code = formaoffice.Teacher_code LEFT JOIN formofficemoney ON formaoffice.codeId = formofficemoney.codeId WHERE formofficemoney.Teacher_code = '".$_REQUEST["Teacher_code"]." ' "; $result5 = $dbObj->execQuery($query); $rs = $dbObj->fetchArray($result5); */ $query11 = "SELECT * FROM `formagree` f , formagree_type ft WHERE f.agreeId=ft.agreeId AND f.Teacher_code = ' ".$_REQUEST["Teacher_code"]." ' AND f.agreeId = '".$_REQUEST["agreeId"]."' "; $result11 = $dbObj->execQuery($query11); $rs11 = $dbObj->fetchArray($result11); } # else ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-874" /> <title><?=$_Config_sitename;?></title> <link href="../css/default.css" rel="stylesheet" type="text/css" /> <script language="javascript" src="../js/utilities.js"></script> <script language="javascript" src="../js/ajaxScript.js"></script> <script type="text/javascript" src="../js/calendarDateInput2.js"></script> <script language="javascript"> function checkData() { var formObj = document.pc; if( (formObj.Time_start.value == "" ) && (formObj.Time_finish.value == "" ) ) { alert("กรุณากรอกข้อมูลให้ครบด้วยค่ะ" ); formObj.SMDay.style.backgroundColor='#F1F9FC'; formObj.STDay.focus(); return false; } if(formObj.Vehicletotal.value == "" ) { alert("กรุณากรอก "); formObj.Vehicletotal.style.backgroundColor='#F1F9FC'; formObj.Vehicletotal.focus(); return false;} if(formObj.STtotal.value == "" ) { alert("กรุณากรอก "); formObj.STtotal.style.backgroundColor='#F1F9FC'; formObj.STtotal.focus(); return false;} if(formObj.Smtotal.value == "" ) { alert("กรุณากรอก "); formObj.Smtotal.style.backgroundColor='#F1F9FC'; formObj.Smtotal.focus(); return false;} else return true ; } </script> <style type="text/css"> <!-- .style22 {font-size: 14px; font-weight: bold; } --> </style> </head> <body topmargin="0" rightmargin="0" bottommargin="0" leftmargin="0"> <?php include("../templates/incHeader.php"); ?> <table width="1001" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="198" align="left" valign="top" style="padding:10px 0px 0px 5px"><?php include("./_incMainMenu.php");?></td> <td width="803" height="440" align="center" valign="top" style="padding:10px 0px 5px 10px"><fieldset> <table width="791" border="0" cellspacing="0" cellpadding="0"> <form id="pc" name="pc" method="post" action="EditFromProjectAgree.php?agreeId=<?=$agreeId;?>&Teacher_code=<?=$Teacher_code;?>" onSubmit="return checkData();"> <tr> <td width="791"> </td> </tr> <tr> <td height="30" background="../images/background/bg-head-topic-w780.gif" class="PADDING-LEFT-10"><strong><a href="index.php">หน้าหลัก</a> » <a href="Menu_Form.php?Teacher_code=<?=$Teacher_code;?>">แบบฟอร์มราชการ</a> » <a href="FormProjectAgreeList.php?Teacher_code=<?=$_REQUEST["Teacher_code"];?>">ข้อมูลยืมเงินโครงการ</a> » <span class="NOTE">หนังสือสัญญายืมเงินโครงการ</span></span></strong></td> </tr> <tr> <td> </td> </tr> <tr> <td align="center"><table width="788" border="0" cellpadding="0" cellspacing="3"> <tr height="31"> <td height="20" colspan="4" align="right" > แบบ 8500</td> </tr> <tr height="29"> <td height="16" colspan="4" align="center" l><strong>สัญญาการยืมเงิน</strong></td> </tr> <tr height="29"> <td height="16" colspan="4" l> </td> </tr> <td width="243" height="23" align="left"> </td> <td width="218" height="23" align="right">เลขที่สัญญา</td> <td height="23" colspan="2" align="left"><input name="Noagree" type="text" disabled="disabled" id="Noagree" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<?=$docNo."....";?> " size="20" readonly="readonly" /></td> </tr> <tr height="29"> <td height="29" colspan="2" align="right">วันที่ครบกำหนด </td> <td width="315"><script>DateInput('mDate', true, 'DD/MM/YYYY','<?=(isset($rs11["Date"]))?ymdT2dmyE($rs11["Date"]):date("d/m/Y");?>');</script></td> <td width="1"></td> </tr> <tr height="29"> <td height="16" colspan="4">ยื่นต่อ ผู้อำนวยการ <?php $collegeCode = $rss["collegeCode"]; $sql = "Select * From college Where collegeStatus ='1'"; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result1); echo "$rs2[collegeName] "; ?></td> </tr> <tr height="29"> <td height="29" colspan="4"> ข้าพเจ้า <input name="Name6" type="text" id="Name7" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="30" value="<? echo $rss[First_name];?> <? echo $rss[Teacher_name]?> <? echo $rss[Teacher_lastname]?>" readonly="readonly"/> <input name="Teacher_code" type="hidden" id="Teacher_code" value="<?=$Teacher_code;?>" /> ตำแหน่ง <input name="Name6" type="text" id="Name8" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" size="30" value="<?=$rss["Position_name"];?>" readonly="readonly"/></td> </tr> <tr height="29"> <td height="29" colspan="4" align="left"> สังกัด <?php $collegeCode = $rss["collegeCode"]; $sql = "Select * From college Where collegeStatus ='1'"; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result1); echo "$rs2[collegeName] "; ?> มีความประสงค์ขอยืมเงินจาก <select name="MoneyS_C" id="MoneyS_C" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" > <?php $query = " SELECT * FROM money_source_tb "; $result5 = mysql_query($query); while($rs5 = mysql_fetch_array($result5)){ ?> <option value="<?=$rs5['MoneyS_C'];?>" <?=($rs5['MoneyS_C']==$rs11['MoneyS_C'] )?"selected":"";?>> <?=$rs5['MoneyS_M'];?> </option> <?php } # while ?> </select> </td> </tr> <tr height="29"> <td height="29" colspan="4" align="left">เพื่อเป็นค่าใช้จ่ายในโครงการ <input name="Training_name" type="text" id="Training_name" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<? echo $rs11['Training_name'];?>" size="80" /></td> </tr> <tr height="29"> <td height="16" colspan="4" align="left">ปีงบประมาณ <input name="Year_std" type="text" id="Year_std" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" onkeypress="return checkNumeric();" value="<?=$rs11['Year_std'];?>" size="4" maxlength="4"/></td> </tr> <tr height="29"> <td height="16" colspan="4" align="left"> </td> </tr> <tr height="29"> <td height="35" colspan="4" align="left"><table width="89%" border="0" align="center" cellpadding="1" cellspacing="1" bgcolor="#FFFFFF" style="background-color:#eeeeee; border:0px solid gray"> <tr bgcolor="<?=$bgColor;?>"> <td height="20" align="center" bgcolor="#FFFFFF"><a href="javascript:;" onclick="NewWindow('AddBudgetAgree.php?agreeId=<?=$agreeId; ?>&Teacher_code=<?=$Teacher_code; ?>','Detail','500','150','yes')"><img src="../picture/new.gif" alt="เพิ่มรายการเอกสาร" width="16" height="16" border="0" /></a></td> <td colspan="3" align="left" bgcolor="#FFFFFF" class="PADDING-LEFT-5">บันทึกรายการค่าใช้จ่ายโครงการ </td> <td colspan="2" align="center" bgcolor="#FFFFFF" class="PADDING-LEFT"> <input type="submit" name="action" id="action" value="Delete" class="TEXT-CLIMSON10" onclick="return confirmDelete(this.form);" /> </td> </tr> <?php $query = " SELECT * FROM formagree_type WHERE agreeId='$agreeId' "; $result1 = $dbObj->execQuery($query); $numrows = $dbObj->_numrows; ?> <?php $no = 1+($display-1)*$limit; while( $rss = $dbObj->fetchArray($result1) ) { $countnum = $dbObj->_numrows; $bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" : "#FFFFFF"; ?> <tr bgcolor="<?=$bgColor;?>"> <td width="3%" height="20" align="center"><?=$no;?></td> <td width="47%" align="left" class="PADDING-LEFT-5"><?=$rss['agreeName'];?> </a></td> <td width="17%" align="right" class="PADDING-LEFT-5">จำนวนเงิน</td> <td width="23%" align="left" class="PADDING-LEFT-5"><?=$rss['Budget_agree'] ;?> บาท</td> <td width="5%" align="center" class="PADDING-LEFT-5"><a href="javascript:;" onclick="NewWindow('AddBudgetAgree.php?agtyId=<?php echo $rss['agtyId'];?>&agreeId=<? echo $rss['agreeId']?>&Teacher_code=<?=$Teacher_code ;?>','Detail','500','150','yes');"><img src="../images/icons/icon-edit.gif" alt="แก้ไขข้อมูล" width="16" height="16" border="0" /></a></td> <td width="5%" align="center" class="PADDING-LEFT"> <input type="checkbox" name="id[]" value="<?=$rss['agtyId'];?>" title=" ลบข้อมูล<?php echo $rss['agtyId']; ?> " /> </td> </tr> <?php $no++; } # while ?> </table></td> </tr> <tr height="29"> <td height="16" colspan="4" align="center"> </td> </tr> <tr height="29"> <td height="35" colspan="4" align="left">ข้าพเจ้าสัญญาว่าจะปฏิบัติตามระเบียบของทางราชการทุกประการ และจะนำใบสำคัญคู่จ่ายที่ถูกต้องพร้อมทั้งเงินเหลือจ่าย </td> </tr> <tr height="29"> <td height="32" colspan="4" align="left">(ถ้ามี) ส่งใช้ภายในกำหนดไว้ในระเบียบการเบิกจ่ายจากคลัง คือภายใน <label> <input type="radio" name="Dayout" value="30" <? if ($rs11["Dayout"] == 30) echo "checked"; ?> /> 30 วัน <input type="radio" name="Dayout" value="15" <? if ($rs11["Dayout"] == 15) echo "checked"; ?> /> 15 วัน นับแต่วันที่ได้รับเงินนี้</label></td> </tr> <tr height="29"> <td height="33" colspan="4" align="left"> ถ้าข้าพเจ้าไม่ส่งตามกำหนด ข้าพเจ้ายินยอมให้หักเงินเดือน ค่าจ้าง เบี้ยหวัด บำเหน็จ หรือเงินอื่นใดที่ข้าพเจ้าพึงได้รับจากทางราชการ</td> </tr> <tr height="29"> <td height="32" colspan="4" align="left">ชดใช้จำนวนเงินที่ยืมไปจนครบถ้วนได้ทันที</td> </tr> <tr height="29"> <td height="26" colspan="4" align="left"> </td> </tr> <tr height="29"> <td height="29" colspan="4" align="left"><table width="756" border="0" align="center" cellpadding="0" cellspacing="3"> <tr> <td width="296" height="30" align="center" > ลายมือชื่อ ................................ ผู้ยืม</td> <td width="337" align="center" class="ALERT" scope="col">วันที่......................</td> </tr> <tr> <th colspan="2" align="center" scope="col"><hr /></th> </tr> <tr> <td colspan="2" align="left" scope="col">เสนอ ผู้อำนวยการ <?php $collegeCode = $rss["collegeCode"]; $sql = "Select * From college Where collegeStatus ='1'"; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result1); echo "$rs2[collegeName] "; ?></td> </tr> <tr> <td height="16" align="left"> </td> <td align="center"> </td> </tr> <tr> <td height="27" align="center">ได้ตรวจสอบแล้ว เห็นสมควรอนุมัติให้ยืมตามใบยืมฉบับนี้ได้ </td> <td align="center">จำนวนเงิน <input name="#" type="text" id="#" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" onkeypress="return checkNumeric();" value="<? $sql = " SELECT SUM(Budget_agree) AS Budget_agree FROM formagree_type WHERE agreeId ='$rs11[agreeId]' "; $result1 = $dbObj->execQuery($sql); $rs1 = $dbObj->fetchArray($result1); echo number_format($rs1['Budget_agree'],2,'.',','); ?>" size="15" readonly="readonly"/></td> </tr> <tr> <td height="27" align="center">ตัวอักษร <input name="#3" type="text" id="#3" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<? $sql = " SELECT SUM(Budget_agree) AS Budget_agree FROM formagree_type WHERE agreeId ='$rs11[agreeId]' "; $result1 = $dbObj->execQuery($sql); $rs1 = $dbObj->fetchArray($result1); echo convertNumberToString($rs1['Budget_agree']).'ถ้วน';?>" size="40" readonly="readonly" /></td> <td align="center"> </td> </tr> <tr> <td height="27" align="center">ลงชื่อ ...................................</td> <td align="center">วันที่ .................................</td> </tr> <tr> <td height="27" colspan="2" align="center"><hr /></td> </tr> <tr> <td height="27" colspan="2" align="center">คำอนุมัติ</td> </tr> <tr> <td height="27" align="center">อนุมัติให้ยืมตามเงื่อนไขข้างต้นได้</td> <td align="center">จำนวนเงิน <input name="#7" type="text" id="#7" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" onkeypress="return checkNumeric();" value="<? $sql = " SELECT SUM(Budget_agree) AS Budget_agree FROM formagree_type WHERE agreeId ='$rs11[agreeId]' "; $result1 = $dbObj->execQuery($sql); $rs1 = $dbObj->fetchArray($result1); echo number_format($rs1['Budget_agree'],2,'.',','); ?>" size="15" readonly="readonly"/></td> </tr> <tr> <td height="27" align="center">(ตัวอักษร) <input name="#2" type="text" id="#2" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<? $sql = " SELECT SUM(Budget_agree) AS Budget_agree FROM formagree_type WHERE agreeId ='$rs11[agreeId]' "; $result1 = $dbObj->execQuery($sql); $rs1 = $dbObj->fetchArray($result1); echo convertNumberToString($rs1['Budget_agree']).'ถ้วน';?>" size="40" readonly="readonly" /></td> <td align="center"> </td> </tr> <tr> <td height="27" align="center">ลงชื่อ..................................</td> <td align="center">วันที่.....................</td> </tr> <tr> <td height="27" colspan="2" align="center"><hr /></td> </tr> <tr> <td height="27" colspan="2" align="center">ใบรับเงิน</td> </tr> <tr> <td height="27" align="center">ได้รับเงินไปเเป็นการถูกต้องแล้ว </td> <td align="center">จำนวนเงิน <input name="#4" type="text" id="#4" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" onkeypress="return checkNumeric();" value="<? $sql = " SELECT SUM(Budget_agree) AS Budget_agree FROM formagree_type WHERE agreeId ='$rs11[agreeId]' "; $result1 = $dbObj->execQuery($sql); $rs1 = $dbObj->fetchArray($result1); echo number_format($rs1['Budget_agree'],2,'.',','); ?>" size="15" readonly="readonly"/></td> </tr> <tr> <td height="27" align="center">(ตัวอักษร) <input name="#5" type="text" id="#5" style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: black 1px dashed" value="<? $sql = " SELECT SUM(Budget_agree) AS Budget_agree FROM formagree_type WHERE agreeId ='$rs11[agreeId]' "; $result1 = $dbObj->execQuery($sql); $rs1 = $dbObj->fetchArray($result1); echo convertNumberToString($rs1['Budget_agree']).'ถ้วน';?>" size="40" readonly="readonly" /></td> <td align="center"> </td> </tr> <tr> <td height="25" align="center">ลงชื่อ...............................</td> <td align="center">วันที่.....................</td> </tr> <tr> <td colspan="2" align="center"><hr /></td> </tr> </table></td> </tr> <tr height="29"> <td height="29" colspan="4" align="left"> </td> </tr> </table> <input type="submit" name="Submit" value="บันทึก" class="WIDTH60 CURSOR-HAND" /> <input name="Reset" type="reset" class="WIDTH60 CURSOR-HAND" id="Reset" value="รีเซ็ต" /> <input name="Button" type="button" id="Reset" value="ยกเลิก" class="CURSOR-HAND WIDTH60" onclick="location.href='FormDurableList.php?Teacher_code<?=$Teacher_code;?>'" /> <input name="contId" type="hidden" id="contId" value="<?=$contId;?>" /> <input name="maNo" type="hidden" id="maNo" value="<?=$maNo;?>" /></td> </tr> <tr> <td> </td> </tr></form> </table> </fieldset></td> </tr> </table> <?php include("../templates/incFooter.php"); ?> </body> </html> <?php /** Free Resource */ $dbObj->freeresult($result); /** Close the Database */ $dbObj->disconn(); /** Unset Class */ unset($dbObj); ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0063 ]-- |