Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/directorBCNU/admin/ drwxr-xr-x |
Viewing file: Select action/file-type: SearchMaxDocGroup(); if($method=="setFlagread2"){ $oRs->SearchByKey($DrsID); $oRs->GetRecord(); $oRs->Edit(); $oRs->DrsflagRead="N"; $oRs->Save(); echo ""; }else if($method=="setFlagread3"){ $oRs->SearchByKey($DrsID); $oRs->GetRecord(); $oRs->Edit(); $oRs->DrsflagRead=" "; $oRs->Save(); echo ""; }else if($method=="setFlagread4"){ $oRs->SearchByKey($DrsID); $oRs->GetRecord(); $oRs->Edit(); $oRs->DrsflagRead=" "; $oRs->Save(); echo ""; }else if($method=="updateDoc5"){ $timesend=getNowDateTh()." ".date('H:i:s'); $oRs->SearchByKey($DrsID); $oRs->GetRecord(); $oRs->Edit(); $oRs->DsID=5; //----update DrsReadDoc if($DaSeq!=0){ $count=strlen($DrsReadDoc); if($count!=$DaSeq){ $newDrsReadDoc = substr_replace($DrsReadDoc, "1", $DaSeq-1,-($count-1-($DaSeq-1))); }else{ $newDrsReadDoc = substr_replace($DrsReadDoc, "1", $count-1); } $oRs->DrsReadDoc=$newDrsReadDoc; } //----------------------- $oRs->Save(); ?> echo ""; }else if($method=="updateDoc6"){ $timesend=getNowDateTh()." ".date('H:i:s'); $oRs->SearchByKey($DrsID); $oRs->GetRecord(); $oRs->Edit(); $oRs->DsID=5; $oRs->Save(); ?> echo ""; }else if($method=="acceptDoc"){ $timesend=getNowDateTh()." ".date('H:i:s'); $oRs->SearchByKey($DrsID); $oRs->GetRecord(); $oRs->Edit(); $oRs->DsID=5; $oRs->Save(); //echo ""; echo ""; }else if($method=="SendBack"){ $timesend=getNowDateTh()." ".date('H:i:s'); $oDoc2->SearchByKeyName($DocID,'DocID'); $oDoc2->GetRecord(); $oRs3->SearchDlcIDByDocIDDsID3Docgroup($oDoc2->DocID,$MaxDocGroup); $oRs3->GetRecord(); $oRs->SearchByKey($DrsID); $oRs->GetRecord(); $oRs->Edit(); $oRs->DsID=7; $oRs->DrsDocReceiveDate=$timesend; $oRs->DrsSendBack=$DrsSendBack; $oRs->DrsSendBackDlcID=$oRs3->DlcID; $oRs->Save(); echo ""; }else if($method=="acceptDoc2"){ $timesend=getNowDateTh()." ".date('H:i:s'); $oRs->SearchByKey($DrsID); $oRs->GetRecord(); $oRs->Edit(); $oRs->DsID=5; $oRs->DrsDocReceiveDate=$timesend; $oRs->Save(); echo ""; }else if($method=="setDelete"){ $oRs->SearchByKey($DrsID); $oRs->GetRecord(); $oRs->Edit(); $oRs->DrsDelete="Y"; $oRs->Save(); echo ""; }else if($method=="resetFlagreadAll"){ for($k=0;$k<=$z;$k++){ if($unread2[$k]!=""){ $oRs->SearchByKey($unread2[$k]); $oRs->GetRecord(); $oRs->Edit(); $oRs->DrsflagRead=" "; $oRs->Save(); } } echo ""; }else if($method=="setFlagreadAll2"){ $flagCommit = true; $checkflagCommit= true; $oC->BeginTrans(); for($k=0;$k<=$i;$k++){ if($unread[$k]!=""){ //echo "--".$unread[$k]."echo ""; }else{ $oDbx->AddNew(); $oDbx->DocInboxID=$oDbx->GetNextCode(); //echo "DocInboxID".$oDbx->DocInboxID." "; $oDbx->personId=$personId; //echo "personId".$oDbx->personId." "; $oDbx->InboxName=$foldernew; //echo "InboxName".$oDbx->InboxName." "; $oDbx->InboxDel=0; $oDbx->seqBox=$oDbx1->SearchseqNext($personId); $oDbx->Save(); echo ""; } }else if($method=="renamefolder"){ $oDbx->SearchBypersonIdInboxNamenotdel($personId,$editfolder); if($oDbx->GetRecord()=="1"){ ?> echo ""; }else{ $oDbx->SearchByKey($iddoc); $oDbx->GetRecord(); $oDbx->Edit(); $oDbx->DocInboxID=$oDbx->DocInboxID; //echo "DocInboxID".$oDbx->DocInboxID." "; $oDbx->personId=$oDbx->personId; //echo "personId".$oDbx->personId." "; $oDbx->InboxName=$editfolder; //echo "InboxName".$oDbx->InboxName." "; $oDbx->InboxDel=$oDbx->InboxDel; $oDbx->seqBox=$oDbx->seqBox; $oDbx->Save(); echo ""; } }else if($method=="delfolder"){ $flagCommit = true; $checkflagCommit= true; $oC->BeginTrans(); $oDbx->SearchByKey($iddoc); $oDbx->GetRecord(); $oDbx->Edit(); $oDbx->DocInboxID=$oDbx->DocInboxID; //echo "DocInboxID".$oDbx->DocInboxID." "; $oDbx->personId=$oDbx->personId; //echo "personId".$oDbx->personId." "; $oDbx->InboxName=$oDbx->InboxName; //echo "InboxName".$oDbx->InboxName." "; $oDbx->InboxDel="Y"; //echo "InboxDel".$oDbx->InboxDel." "; $oDbx->seqBox=$oDbx->seqBox; $checkflagCommit = $oDbx->Save(); if(!$checkflagCommit){ $flagCommit=$checkflagCommit; } if($countdocfolder>0){ $oRs->SearchByPersonIdDrsDeleteDrsflagReadDrsInboxID($personId,$iddoc); while($oRs->GetRecord()){ $oRs->Edit(); $oRs->DrsDelete="Y"; $checkflagCommit = $oRs->Save(); if(!$checkflagCommit){ $flagCommit=$checkflagCommit; } } } if($flagCommit) $oC->CommitTrans(); else $oC->RollbackTrans(); echo ""; }else if($method=="changeSeq"){ $flagCommit = true; $oC->BeginTrans(); if($typeb=="Top"){ $oDbx->SearchBypersonIdNoDelFolderlimitPreSeq($ps,$seqBox); $oDbx->GetRecord(); $preboxID=$oDbx->DocInboxID; $preseqBox=$oDbx->seqBox; $thisboxID=$DocInboxID; $thisseqBox=$seqBox; $oDbx1->SearchByKey($preboxID); $oDbx1->GetRecord(); $oDbx1->Edit(); $oDbx1->seqBox=$thisseqBox; //echo "seqBox1=".$oDbx1->seqBox." "; $flagCommit = $oDbx1->Save(); $oDbx2->SearchByKey($thisboxID); $oDbx2->GetRecord(); $oDbx2->Edit(); $oDbx2->seqBox=$preseqBox; //echo "seqBox2=".$oDbx2->seqBox." "; $flagCommit = $oDbx2->Save(); if($flagCommit) $oC->CommitTrans(); else $oC->RollbackTrans(); }else if($typeb=="Bottom"){ $oDbx->SearchBypersonIdNoDelFolderlimitNextSeq($ps,$seqBox); $oDbx->GetRecord(); $nextboxID=$oDbx->DocInboxID; $nextseqBox=$oDbx->seqBox; $thisboxID=$DocInboxID; $thisseqBox=$seqBox; $oDbx1->SearchByKey($nextboxID); $oDbx1->GetRecord(); $oDbx1->Edit(); $oDbx1->seqBox=$thisseqBox; //echo "seqBox1=".$oDbx1->seqBox." "; $flagCommit = $oDbx1->Save(); $oDbx2->SearchByKey($thisboxID); $oDbx2->GetRecord(); $oDbx2->Edit(); $oDbx2->seqBox=$nextseqBox; //echo "seqBox2=".$oDbx2->seqBox." "; $flagCommit = $oDbx2->Save(); if($flagCommit) $oC->CommitTrans(); else $oC->RollbackTrans(); } echo ""; } ?> bool(false) |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0054 ]-- |