!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/js/   drwxr-xr-x
Free 50.99 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     ajaxScript.js (14.75 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
// AJAX Script Document 
// Create by Mr.Jiroat Sritrai


/********************** AJAX SCRIPT ****************************/

function init_AJAX()
{
	try{
		return new ActiveXObject( "Msxml2.XMLHTTP" );
	}catch(e){};

	try{
		return new ActiveXObject( "Microsoft.XMLHTTP" );
	}
	catch(e){};

	try{
		return new XMLHttpRequest();
	}
	catch(e){};

	alert( "XMLHttpRequest not supported" );
	return null;
};

function checkBudget(){
	var budget = document.getElementById("Budget_use").value;
	var projectID = document.getElementById("ProjectId").value;
	
	
	if(isNaN(budget) == false){
		xmlHttp = init_AJAX();
		var url = "checkBudget.php?budget="+budget+"&projectID="+projectID;
		xmlHttp.onreadystatechange = function(){			
			if(xmlHttp.readyState == 4){
				if(xmlHttp.status == 200){											
					document.getElementById("budgetOver").innerHTML = xmlHttp.responseText;
				}
			}
		}
		xmlHttp.open("GET",url,true);				
		xmlHttp.send(null);

		xmlHttp2 = init_AJAX();
		var url2 = "checkBudgetBtn.php?budget="+budget+"&projectID="+projectID;
		xmlHttp2.onreadystatechange = function(){			
			if(xmlHttp2.readyState == 4){
				if(xmlHttp2.status == 200){											
					document.getElementById("submitBtn").innerHTML = xmlHttp2.responseText;
				}
			}
		}
		xmlHttp2.open("GET",url2,true);				
		xmlHttp2.send(null);
	}
	else{
		document.getElementById("budgetOver").innerHTML = "&nbsp;<font size='2' color='red'><b>กรุณากรอกข้อมูลเป็นตัวเลขเท่านั้น<b></font>";
		document.getElementById("submitBtn").innerHTML = "<input name=\"Submit\" type=\"submit\" class=\"WIDTH60 CURSOR-HAND\" value=\"บันทึก\"  disabled/>";
	}
}

function checkBudgetEdit(){
	var budgetOld = document.getElementById("budgetOld").value;
	var budget = document.getElementById("Budget_use").value;
	var projectID = document.getElementById("ProjectId").value;
	
	
	//if(isNaN(budget) == false || budget.indexOf(',')){
		xmlHttp = init_AJAX();
		var url = "checkBudgetEdit.php?budget="+budget+"&budgetOld="+budgetOld+"&projectID="+projectID;
		xmlHttp.onreadystatechange = function(){			
			if(xmlHttp.readyState == 4){
				if(xmlHttp.status == 200){											
					document.getElementById("budgetOver").innerHTML = xmlHttp.responseText;
				}
			}
		}
		xmlHttp.open("GET",url,true);				
		xmlHttp.send(null);

		xmlHttp2 = init_AJAX();
		var url2 = "checkBudgetEditBtn.php?budget="+budget+"&budgetOld="+budgetOld+"&projectID="+projectID;
		xmlHttp2.onreadystatechange = function(){			
			if(xmlHttp2.readyState == 4){
				if(xmlHttp2.status == 200){											
					document.getElementById("submitBtn").innerHTML = xmlHttp2.responseText;
				}
			}
		}
		xmlHttp2.open("GET",url2,true);				
		xmlHttp2.send(null);
	/*}
	else{
		document.getElementById("budgetOver").innerHTML = "&nbsp;<font size='2' color='red'><b>กรุณากรอกข้อมูลเป็นตัวเลขเท่านั้น<b></font>";
		document.getElementById("submitBtn").innerHTML = "<input name=\"Submit\" type=\"submit\" class=\"WIDTH60 CURSOR-HAND\" value=\"บันทึก\"  disabled/>";
	}*/
}

function checkBudgetReset(){
	document.getElementById("budgetOver").innerHTML = "";
	document.getElementById("submitBtn").innerHTML = "<input name=\"Submit\" type=\"submit\" class=\"WIDTH60 CURSOR-HAND\" value=\"บันทึก\"  disabled/>";
}

function sendPersonal(){
	document.getElementById("progress").innerHTML='<img src="../images/wait.gif"/><br><br><font size="2">กำลังส่งข้อมูล...</font>';
	xmlHttp = init_AJAX();
	var url = "send.php?dataType=personal";
	xmlHttp.onreadystatechange = function(){			
		if(xmlHttp.readyState == 4){
			if(xmlHttp.status == 200){											
				document.getElementById("progress").innerHTML = xmlHttp.responseText;
			}
		}
	}
	xmlHttp.open("GET",url,true);				
	xmlHttp.send(null);
}

function sendBuilding(){
	document.getElementById("progress").innerHTML='<img src="../images/wait.gif"/><br><br><font size="2">กำลังส่งข้อมูล...</font>';
	xmlHttp = init_AJAX();
	var url = "send.php?dataType=building";
	xmlHttp.onreadystatechange = function(){			
		if(xmlHttp.readyState == 4){
			if(xmlHttp.status == 200){											
				document.getElementById("progress").innerHTML = xmlHttp.responseText;
			}
		}
	}
	xmlHttp.open("GET",url,true);				
	xmlHttp.send(null);
}

function sendStudent(){	
	document.getElementById("progress").innerHTML='<img src="../images/wait.gif"/><br><br><font size="2">กำลังส่งข้อมูล...</font>';
	xmlHttp = init_AJAX();
	var url = "send.php?dataType=student";
	xmlHttp.onreadystatechange = function(){			
		if(xmlHttp.readyState == 4){
			if(xmlHttp.status == 200){											
				document.getElementById("progress").innerHTML = xmlHttp.responseText;
			}
		}
	}
	xmlHttp.open("GET",url,true);				
	xmlHttp.send(null);
}

function getOrderListID(){
	var e = document.getElementById("Faculty_code");
	var FID = e.options[e.selectedIndex].value
	var budgetYear = document.getElementById("budgetYear").value;

		
	xmlHttp = init_AJAX();
	var url = "getOrderListID.php?FID="+FID+"&budgetYear="+budgetYear;
	xmlHttp.onreadystatechange = function(){			
		if(xmlHttp.readyState == 4){
			if(xmlHttp.status == 200){											
				document.getElementById("order").innerHTML = xmlHttp.responseText;
				document.getElementById("AddPlanSubmitBtn").innerHTML = "<input name=\"Submit\" type=\"submit\" class=\"WIDTH60 CURSOR-HAND\" value=\"บันทึก\"/>"
			}
		}
	}
	xmlHttp.open("GET",url,true);				
	xmlHttp.send(null);
}

function addCommas(nStr){
	nStr += '';
	x = nStr.split('.');
	x1 = x[0].replace(',','');
	x2 = x.length > 1 ? '.' + x[1] : '';
	var rgx = /(\d+)(\d{3})/;
	while (rgx.test(x1)) {
		x1 = x1.replace(rgx, '$1' + ',' + '$2');
	}
	return x1 + x2;
}

function addRow(tableID) {
	
	var table = document.getElementById(tableID);
 
    var rowCount = table.rows.length;
 
    var colCount = table.rows[0].cells.length;

	if(rowCount < 15){

		var row = table.insertRow(rowCount);

		for(var i=0; i<colCount; i++) {
	 
			var newcell = row.insertCell(i);
	 
			if(i == 1) newcell.innerHTML = (rowCount+1)+".";
			else newcell.innerHTML = table.rows[0].cells[i].innerHTML;
			//alert(newcell.childNodes);
			switch(newcell.childNodes[0].type) {
				case "checkbox":
					newcell.childNodes[0].checked = false;
					break;
				case "select-one":
					newcell.childNodes[0].selectedIndex = 0;
					break;
			}
		}
	}
	else alert("เกิดข้อผิดพลาด ท่านสามารถเพิ่มผู้ร่วมเดินทางได้ไม่เกิน 15 คน");
}
 
function deleteRow(tableID) {
	try {
		var table = document.getElementById(tableID);
        var rowCount = table.rows.length;
 
        for(var i=0; i<rowCount; i++){
			var row = table.rows[i];
            var chkbox = row.cells[0].childNodes[0];
            if(chkbox != null && chkbox.checked == true){
				if(rowCount <= 1){
					alert("เกิดข้อผิดพลาด ท่านไม่สามารถลบข้อมูลผู้ร่วมเดินทางได้");
                    break;
                }				
                table.deleteRow(i);
                rowCount--;
                i--;
			}
 
		}
		
		var rowCount = table.rows.length;
		for(var i=0; i<rowCount; i++){
			var row = table.rows[i];
			row.cells[1].innerHTML = (i+1)+".";
		}

	}catch(e){
		alert(e);
	}
}


function checkUsername(){
	var username = document.getElementById("username").value;
	
	if(username != ""){
		xmlHttp = init_AJAX();
		var url = "checkUsername.php?username="+username+"&btnStatus=0";
		xmlHttp.onreadystatechange = function(){			
			if(xmlHttp.readyState == 4){
				if(xmlHttp.status == 200){											
					document.getElementById("showUserStatus").innerHTML = xmlHttp.responseText;
				}
			}
		}
		xmlHttp.open("GET",url,true);				
		xmlHttp.send(null);	
		
		xmlHttp2 = init_AJAX();
		var url2 = "checkUsername.php?username="+username+"&btnStatus=1";
		xmlHttp2.onreadystatechange = function(){			
			if(xmlHttp2.readyState == 4){
				if(xmlHttp2.status == 200){											
					document.getElementById("submitBtn").innerHTML = xmlHttp2.responseText;
				}
			}
		}
		xmlHttp2.open("GET",url2,true);				
		xmlHttp2.send(null);	
	}
	else{
		document.getElementById("showUserStatus").innerHTML = "";
		document.getElementById("submitBtn").innerHTML = "<input type=\"submit\" name=\"Submit\" value=\"บันทึกข้อมูล\" disabled/>";
	}
}

function checkSysUsername(){
	var username = document.getElementById("inputUsername").value;
	
	if(username != ""){
		xmlHttp = init_AJAX();
		var url = "checkSysUsername.php?username="+username+"&btnStatus=0";
		xmlHttp.onreadystatechange = function(){			
			if(xmlHttp.readyState == 4){
				if(xmlHttp.status == 200){											
					document.getElementById("showSysUserStatus").innerHTML = xmlHttp.responseText;
				}
			}
		}
		xmlHttp.open("GET",url,true);				
		xmlHttp.send(null);	
		
		xmlHttp2 = init_AJAX();
		var url2 = "checkSysUsername.php?username="+username+"&btnStatus=1";
		xmlHttp2.onreadystatechange = function(){			
			if(xmlHttp2.readyState == 4){
				if(xmlHttp2.status == 200){											
					document.getElementById("submitBtn").innerHTML = xmlHttp2.responseText;
				}
			}
		}
		xmlHttp2.open("GET",url2,true);				
		xmlHttp2.send(null);	
	}
	else{
		document.getElementById("showSysUserStatus").innerHTML = "";
		document.getElementById("submitBtn").innerHTML = "<input name=\"btnCreateUser\" type=\"submit\" class=\"TEXT-DARK-BLUE10\" id=\"btnCreateUser\" value=\"ยืนยันข้อมูล\" style=\"cursor:pointer\" disabled>";
	}
}

function selectFacultyCon(){
	var Faculty_code = document.getElementById("Faculty_code").value;
	
	xmlHttp = init_AJAX();
	var url = "showFacultyCon.php?Faculty_code="+Faculty_code;
	xmlHttp.onreadystatechange = function(){			
		if(xmlHttp.readyState == 4){
			if(xmlHttp.status == 200){											
				document.getElementById("showFacultyCon").innerHTML = xmlHttp.responseText;
			}
		}
	}
	xmlHttp.open("GET",url,true);				
	xmlHttp.send(null);			
		
}

/***************************************************************/

function NumAndCharOnly(e) {
   var KeyCode = (e.keyCode) ? e.keyCode : e.which;
   return ((KeyCode == 8) // backspace
        || (KeyCode == 9) // tab
        || (KeyCode == 37) // left arrow
        || (KeyCode == 39) // right arrow
        || (KeyCode == 46) // delete
        || ((KeyCode > 47) && (KeyCode < 58)) // 0 - 9
		|| ((KeyCode > 64) && (KeyCode < 91)) // A - Z
		|| ((KeyCode > 96) && (KeyCode < 123)) // a - z
   );
}

function changeFormatPin(formField, e){
	var formTest = (window.Event) ? e.which : e.keyCode;
	if  (formTest == 8){
		formField.value = formField.value.substr(0, (formField.value.length-1));
	}
	if( (formTest > 47) &&  (formTest < 58)|| (event.keyCode > 95) &&  (event.keyCode < 105)){
		if(formField.value.length == 1)
			formField.value += '-';
		if(formField.value.length == 6)
			formField.value += '-';	
		if(formField.value.length == 12)
			formField.value += '-';	
		if(formField.value.length == 15)
			formField.value += '-';	
	}
}

/* Validate Form*/

function validateAdminEditUserSysForm(){
	var form = document.myForm;
	var validate = true;
	var text = "";
	
	if(form.inputPasswordNew.value && (form.inputPassword.value == form.inputPasswordNew.value)){		
		text += "- ท่านกรอกรหัสผ่านเดิม\n";
		validate = false;
	}
	if(!form.permission.value){
		text += "- กรุณาเลือกระบบงาน\n";
		validate = false;
	}
	if(validate == true) return true;
	else{
		alert(text);
		return false;
	}
}

function validateAdminAddUserSysForm(){
	var form = document.myForm;
	var validate = true;
	var text = "";
	
	if(!form.inputPassword.value){
		text += "- กรุณากรอกรหัสผ่าน\n";
		validate = false;
	}
	if(!form.permission.value){		
		text += "- กรุณาเลือก Piority / ฝ่ายงาน\n";
		validate = false;
	}
	if(validate == true) return true;
	else{
		alert(text);
		return false;
	}
}

function validateAddPlanFileTextForm(){
	var form = document.pc;
	var validate = true;
	var text = "";
	
	if(!form.Filename.value){
		text += "- กรุณากรอกแผนการสอนบท/หัวข้อที่\n";
		validate = false;
	}
	if(!form.Plan_title.value){
		text += "- กรุณากรอกเรื่อง/หัวข้อ ที่สอน\n";
		validate = false;
	}
	if(!form.Plan_atty.value){		
		text += "- กรุณากรอกกิจกรรมการเรียนการสอน\n";
		validate = false;
	}
	if(!form.Plan_resou.value){
		text += "- กรุณากรอกพฤติกรรมการเรียนรู้\n";
		validate = false;
	}
	if(!form.Plan_stiti.value){		
		text += "- กรุณาวิธีวัดและการประเมินผล\n";
		validate = false;
	}
	if(!form.Total_now.value){
		text += "- กรุณากรอกจำนวนชั่วโมงที่สอน\n";
		validate = false;
	}
	if(!form.Total_time.value){		
		text += "- กรุณากรอกเวลา\n";
		validate = false;
	}
	if(validate == true) return true;
	else{
		alert(text);
		return false;
	}
}

function validateEditPlanFileTextForm(){
	var form = document.pc;
	var validate = true;
	var text = "";
	
	if(!form.Filename.value){
		text += "- กรุณากรอกแผนการสอนบท/หัวข้อที่\n";
		validate = false;
	}
	if(!form.Plan_title.value){
		text += "- กรุณากรอกเรื่อง/หัวข้อ ที่สอน\n";
		validate = false;
	}
	if(!form.Plan_atty.value){		
		text += "- กรุณากรอกกิจกรรมการเรียนการสอน\n";
		validate = false;
	}
	if(!form.Plan_resou.value){
		text += "- กรุณากรอกพฤติกรรมการเรียนรู้\n";
		validate = false;
	}
	if(!form.Plan_stiti.value){		
		text += "- กรุณาวิธีวัดและการประเมินผล\n";
		validate = false;
	}
	if(!form.Total_now.value){
		text += "- กรุณากรอกจำนวนชั่วโมงที่สอน\n";
		validate = false;
	}
	if(!form.Total_time.value){		
		text += "- กรุณากรอกเวลา\n";
		validate = false;
	}
	if(validate == true) return true;
	else{
		alert(text);
		return false;
	}
}

function validateAddFacultyForm(){
	var form = document.form1;
	var validate = true;
	var text = "";
	
	if(!form.Faculty_name.value){
		text += "- กรุณากรอกชื่อภาควิชา/ฝ่ายงาน (ไทย)\n";
		validate = false;
	}
	if(validate == true) return true;
	else{
		alert(text);
		return false;
	}
}

function validateAddConFacultyForm(){
	var form = document.form1;
	var validate = true;
	var text = "";
	
	if(!form.Group_name.value){
		text += "- กรุณากรอกชื่อกลุ่ม /หน่วยงาน (Th)\n";
		validate = false;
	}
	if(validate == true) return true;
	else{
		alert(text);
		return false;
	}
}

function validateAddQAReportForm(){
	var form = document.pc;
	var validate = true;
	var text = "";
	
	if(!form.Report_name.value){
		text += "- กรุณากรอกชื่อรายการเอกสาร\n";
		validate = false;
	}
	if(!form.Filename.value){
		text += "- กรุณาเลือกรายการโหลดเอกสาร\n";
		validate = false;
	}
	if(validate == true) return true;
	else{
		alert(text);
		return false;
	}
}

function validateEditQAReportForm(){
	var form = document.pc;
	var validate = true;
	var text = "";
	
	if(form.Report_name.value == ""){
		text += "- กรุณากรอกชื่อรายการเอกสาร\n";
		validate = false;
	}
	if(validate == true) return true;
	else{
		alert(text);
		return false;
	}
}

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0175 ]--