Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/eperson/admin/ drwxr-xr-x | |
| Viewing file: Select action/file-type: <?php
include_once("../../class/clsConnection.php");
include_once("../../class/clsDB.php");
include_once "../global.php";
include_once "../link/function.php";
include_once "../class/clsTable.php";
include_once "../class/clsDepartment.php";
include_once "../class/clsPerson.php";
include_once "../class/clsUmuser.php";
include_once "../class/clsadmin.php";
include_once "../class/clshire.php";
include_once "../class/clsUmUserGroup.php";
$oC = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_EPERSON'], $GLOBALS['DBUSER_EPERSON'], $GLOBALS['DBPASS_EPERSON']);
$oUs = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_UMS'], $GLOBALS['DBUSER_UMS'], $GLOBALS['DBPASS_UMS']);
$oDP = new Department($oC);
$oDP2 = new Department($oC);
$oDP3 = new Department($oC);
$oPS = new Person($oC);
$oUms= new umuser($oUs);
$oUms2= new umuser($oUs);
$oAd = new admin($oC);
$oHr = new hire($oC);
$oUg=new umusergroup($oUs);
if($method=="editinfo"){
$oPS->SearchByKey($ps);
if($oPS->GetRecord()=="1"){
$oPS->Edit();
$oPS->personId=$ps;
echo "personId".$oPS->personId."<br>";
$oPS->prefixId=$prefixId;
echo "prefixId".$oPS->prefixId."<br>";
$oPS->fName=$fName;
echo "fName".$oPS->fName."<br>";
$oPS->lName=$lName;
echo "lName".$oPS->lName."<br>";
$oPS->receiveDate=$oPS->receiveDate;
echo "receiveDate".$oPS->receiveDate."<br>";
$oPS->pId=$oPS->pId;
echo "pId".$oPS->pId."<br>";
$oPS->adlineId=$oPS->adlineId;
echo "adlineId".$oPS->adlineId."<br>";
$oPS->adminposId=$oPS->adminposId;
echo "adminposId".$oPS->adminposId."<br>";
$oPS->hireId=$hireId;
echo "hireId".$oPS->hireId."<br>";
$oPS->majortypeId=$oPS->majortypeId;
echo "majortypeId".$oPS->majortypeId."<br>";
$oPS->levelposId=$oPS->levelposId;
echo "levelposId".$oPS->levelposId."<br>";
$oPS->stepSal=$oPS->stepSal;
echo "stepSal".$oPS->stepSal."<br>";
$oPS->salary=$oPS->salary;
echo "salary".$oPS->salary."<br>";
$oPS->partyId=$oPS->partyId;
echo "partyId".$oPS->partyId."<br>";
$oPS->deptId=$deptId;
echo "deptId".$oPS->deptId."<br>";
$oPS->majorId=$oPS->majorId;
echo "majorId".$oPS->majorId."<br>";
$oPS->assignId=$oPS->assignId;
echo "assignId".$oPS->assignId."<br>";
$oPS->promoteDate=$oPS->promoteDate;
echo "promoteDate".$oPS->promoteDate."<br>";
$oPS->educDate=$oPS->educDate;
echo "educDate".$oPS->educDate."<br>";
$oPS->posDate=$oPS->posDate;
echo "posDate".$oPS->posDate."<br>";
$oPS->fullsalDate=$oPS->fullsalDate;
echo "fullsalDate".$oPS->fullsalDate."<br>";
$oPS->typemoveId=$oPS->typemoveId;
echo "typemoveId".$oPS->typemoveId."<br>";
$oPS->fyDecor=$oPS->fyDecor;
echo "fyDecor".$oPS->fyDecor."<br>";
$oPS->lastDecor=$oPS->lastDecor;
echo "lastDecor".$oPS->lastDecor."<br>";
$oPS->fRetire=$oPS->fRetire;
echo "fRetire".$oPS->fRetire."<br>";
$oPS->adminId=$adminId;
echo "adminId".$oPS->adminId."<br>";
$oPS->done=$oPS->done;
echo "done".$oPS->done."<br>";
$oPS->accountNo=$oPS->accountNo;
echo "accountNo".$oPS->accountNo."<br>";
$oPS->useSalary=$oPS->useSalary;
echo "useSalary".$oPS->useSalary."<br>";
$oPS->personCode=$oPS->personCode;
echo "personCode".$oPS->personCode."<br>";
$oPS->oldpersonCode=$oPS->oldpersonCode;
echo "oldpersonCode".$oPS->oldpersonCode."<br>";
$oPS->admidYear=$oPS->admidYear;
echo "admidYear".$oPS->admidYear."<br>";
$oPS->partyAtId=$oPS->partyAtId;
echo "partyAtId".$oPS->partyAtId."<br>";
$oPS->partypracticeId=$oPS->partypracticeId;
echo "partypracticeId".$oPS->partypracticeId."<br>";
$oPS->firstadmidDate=$oPS->firstadmidDate;
echo "firstadmidDate".$oPS->firstadmidDate."<br>";
$oPS->posDegree=$oPS->posDegree;
echo "posDegree".$oPS->posDegree."<br>";
$oPS->posEducmajor=$oPS->posEducmajor;
echo "posEducmajor".$oPS->posEducmajor."<br>";
$oPS->enterType=$oPS->enterType;
echo "enterType".$oPS->enterType."<br>";
$oPS->fStatus=$fStatus;
echo "fStatus".$oPS->fStatus."<br>";
$oPS->salary2=$oPS->salary2;
echo "salary2".$oPS->salary2."<br>";
$oPS->fullStep=$oPS->fullStep;
echo "fullStep".$oPS->fullStep."<br>";
$oPS->levelposId2=$oPS->levelposId2;
echo "levelposId2".$oPS->levelposId2."<br>";
$oPS->stepSal2=$oPS->stepSal2;
echo "stepSal2".$oPS->stepSal2."<br>";
$oPS->useSalary2=$oPS->useSalary2;
echo "useSalary2".$oPS->useSalary2."<br>";
$oPS->Save();
//---------------------------add data to ums
echo "+++++umuser<br>";
$oUms->SearchByUsPsCode($ps);
$oUms->GetRecord();
$oUms->Edit();
$oUms->UsID=$oUms->UsID;
echo "UsID".$oUms->UsID."<br>";
$oUms->UsName=$fName." ".$lName;
echo "UsName".$oUms->UsName."<br>";
$oUms->UsLogin=$oUms->UsLogin;
echo "UsLogin".$oUms->UsLogin."<br>";
if ($UsPassword=="PaSsWoRd"){ echo '1---'.$oldMd5UsPassword;
$oUms->UsPassword=$oldMd5UsPassword;
}else{
$oUms->UsPassword=md5("O]O".$UsPassword."O[O");echo $UsPassword.'1----'.md5("O]O".$UsPassword."O[O").'+++++'; echo '2----'.md5("O]OÂO[O");
}
$oUms->UsPsCode=$oUms->UsPsCode;
echo "UsPsCode".$oUms->UsPsCode."<br>";
//echo "personId".$oPe->personId."<br>";
$oUms->UsWgID=$oUms->UsWgID;
$oUms->UsQsID=$oUms->UsQsID;
$oUms->UsAnswer=$oUms->UsAnswer;
$oUms->UsEmail=$oUms->UsEmail;
$oUms->UsActive=$oUms->UsActive;
$oUms->UsAdmin=$oUms->UsAdmin;
$oUms->UsDesc=$oUms->UsDesc;
$oUms->UsPwdExpDt=$oUms->UsPwdExpDt;
$oUms->UsUpdDt=$oUms->UsUpdDt;
$oUms->UsUpdUsID=$oUms->UsUpdUsID;
$oUms->UsSessionID=$oUms->UsSessionID;
$oUms->Save();
}
?>
<script language="JavaScript">
parent.location.href ="editPsInfo.php?s=1&ps=<? echo $ps; ?>&showrep=<? echo $showrep; ?>";
</script>
<?
}else if($method=="addinfo"){
$oPS->SearchfNamelName($fName,$lName);
if($oPS->GetRecord()!=1){
$oUms2->SearchByUsLogin($loginName);
if($oUms2->GetRecord()!=1){
$oPS->AddNew();
$numid=$oPS->GetNextCode();
if($numid==1){
$oPS->personId=$numid+1;
}else{
$oPS->personId=$numid;
}
echo "personId".$oPS->personId."<br>";
$oPS->prefixId=$prefixId;
echo "prefixId".$oPS->prefixId."<br>";
$oPS->fName=$fName;
echo "fName".$oPS->fName."<br>";
$oPS->lName=$lName;
echo "lName".$oPS->lName."<br>";
$oPS->receiveDate=$oPS->receiveDate;
echo "receiveDate".$oPS->receiveDate."<br>";
$oPS->pId=$oPS->pId;
echo "pId".$oPS->pId."<br>";
$oPS->adlineId=$oPS->adlineId;
echo "adlineId".$oPS->adlineId."<br>";
$oPS->adminposId=$oPS->adminposId;
echo "adminposId".$oPS->adminposId."<br>";
$oPS->hireId=$hireId;
echo "hireId".$oPS->hireId."<br>";
$oPS->majortypeId=$oPS->majortypeId;
echo "majortypeId".$oPS->majortypeId."<br>";
$oPS->levelposId=$oPS->levelposId;
echo "levelposId".$oPS->levelposId."<br>";
$oPS->stepSal=$oPS->stepSal;
echo "stepSal".$oPS->stepSal."<br>";
$oPS->salary=$oPS->salary;
echo "salary".$oPS->salary."<br>";
$oPS->partyId=$oPS->partyId;
echo "partyId".$oPS->partyId."<br>";
$oPS->deptId=$deptId;
echo "deptId".$oPS->deptId."<br>";
$oPS->majorId=$oPS->majorId;
echo "majorId".$oPS->majorId."<br>";
$oPS->assignId=$oPS->assignId;
echo "assignId".$oPS->assignId."<br>";
$oPS->promoteDate=$oPS->promoteDate;
echo "promoteDate".$oPS->promoteDate."<br>";
$oPS->educDate=$oPS->educDate;
echo "educDate".$oPS->educDate."<br>";
$oPS->posDate=$oPS->posDate;
echo "posDate".$oPS->posDate."<br>";
$oPS->fullsalDate=$oPS->fullsalDate;
echo "fullsalDate".$oPS->fullsalDate."<br>";
$oPS->typemoveId=$oPS->typemoveId;
echo "typemoveId".$oPS->typemoveId."<br>";
$oPS->fyDecor=$oPS->fyDecor;
echo "fyDecor".$oPS->fyDecor."<br>";
$oPS->lastDecor=$oPS->lastDecor;
echo "lastDecor".$oPS->lastDecor."<br>";
$oPS->fRetire="0";
echo "fRetire".$oPS->fRetire."<br>";
$oPS->adminId=$adminId;
echo "adminId".$oPS->adminId."<br>";
$oPS->done=$oPS->done;
echo "done".$oPS->done."<br>";
$oPS->accountNo=$oPS->accountNo;
echo "accountNo".$oPS->accountNo."<br>";
$oPS->useSalary=$oPS->useSalary;
echo "useSalary".$oPS->useSalary."<br>";
$oPS->personCode=$oPS->personCode;
echo "personCode".$oPS->personCode."<br>";
$oPS->oldpersonCode=$oPS->oldpersonCode;
echo "oldpersonCode".$oPS->oldpersonCode."<br>";
$oPS->admidYear=$oPS->admidYear;
echo "admidYear".$oPS->admidYear."<br>";
$oPS->partyAtId=$oPS->partyAtId;
echo "partyAtId".$oPS->partyAtId."<br>";
$oPS->partypracticeId=$oPS->partypracticeId;
echo "partypracticeId".$oPS->partypracticeId."<br>";
$oPS->firstadmidDate=$oPS->firstadmidDate;
echo "firstadmidDate".$oPS->firstadmidDate."<br>";
$oPS->posDegree=$oPS->posDegree;
echo "posDegree".$oPS->posDegree."<br>";
$oPS->posEducmajor=$oPS->posEducmajor;
echo "posEducmajor".$oPS->posEducmajor."<br>";
$oPS->enterType=$oPS->enterType;
echo "enterType".$oPS->enterType."<br>";
$oPS->fStatus="1";
echo "fStatus".$oPS->fStatus."<br>";
$oPS->salary2=$oPS->salary2;
echo "salary2".$oPS->salary2."<br>";
$oPS->fullStep=$oPS->fullStep;
echo "fullStep".$oPS->fullStep."<br>";
$oPS->levelposId2=$oPS->levelposId2;
echo "levelposId2".$oPS->levelposId2."<br>";
$oPS->stepSal2=$oPS->stepSal2;
echo "stepSal2".$oPS->stepSal2."<br>";
$oPS->useSalary2=$oPS->useSalary2;
echo "useSalary2".$oPS->useSalary2."<br>";
$oPS->Save();
$oUms->AddNew();
$oUms->UsID=$oUms->GetNextCode();
echo "UsID".$oUms->UsID."<br>";
$oUms->UsName=$fName." ".$lName;
echo "UsName".$oUms->UsName."<br>";
$oUms->UsLogin=$loginName;
echo "UsLogin".$oUms->UsLogin."<br>";
$oUms->UsPassword=md5("O]O57".strtolower(rtrim($loginName))."7O[O");
$oUms->UsPsCode=$oPS->personId;
echo "UsPsCode".$oUms->UsPsCode."<br>";
//echo "personId".$oPe->personId."<br>";
$oUms->UsWgID=$oUms->UsWgID;
$oUms->UsQsID=$oUms->UsQsID;
$oUms->UsAnswer=$oUms->UsAnswer;
$oUms->UsEmail=$oUms->UsEmail;
$oUms->UsActive=$oUms->UsActive;
$oUms->UsAdmin=$oUms->UsAdmin;
$oUms->UsDesc=$oUms->UsDesc;
$oUms->UsPwdExpDt=$oUms->UsPwdExpDt;
$oUms->UsUpdDt=$oUms->UsUpdDt;
$oUms->UsUpdUsID=$oUms->UsUpdUsID;
$oUms->UsSessionID=$oUms->UsSessionID;
$oUms->Save();
//---------------------------add data to ums
echo "+++++umusergroup <br>";
$oUg->AddNew();
$oUg->UgID=$oUg->GetNextCode();
echo "UsID".$oUg->UgID."<br>";
$oUg->UgGpID="108"; //¼Ùéã¢é·ÑèÇ仢ͧÊÒúÃó
echo "UgGpID".$oUg->UgGpID."<br>";
$oUg->UgUsID=$oUms->UsID;
echo "UgUsID".$oUg->UgUsID."<br>";
$oUg->Save();
echo "--------------------------------<br>";
?>
<script language="JavaScript">
parent.location.href ="addPsInfo.php?s=1";
</script>
<?
}else{
?>
<script language="JavaScript">
parent.location.href ="addPsInfo.php?e=2";
</script>
<?
}
}else{
?>
<script language="JavaScript">
parent.location.href ="addPsInfo.php?e=1";
</script>
<?
}
}else if($method=="delps"){
include_once "checkDocPerson.php";
?> <script language="JavaScript">
parent.location.href ="updatePerson.php?name=<? echo $name; ?>";
</script>
<?
}
?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0059 ]-- |