Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/migrate/ drwxr-xr-x |
Viewing file: Select action/file-type: <?php if(isset($_REQUEST["submit"])){ $error = array(false, false, false, false, false); if(empty($_REQUEST["host"])) $error[0] = true; if(empty($_REQUEST["user"])) $error[1] = true; if(empty($_REQUEST["pass"])) $error[2] = true; if(empty($_REQUEST["DBOld"])) $error[3] = true; if(empty($_REQUEST["DBNew"])) $error[4] = true; $pass = true; for($i=0;$i<sizeof($error);$i++){ if($error[$i]) { $pass = false; } } if($pass){ // -- Common Data Tables List. -- // //$tableList = array("accessories_tb", "autocar_tb", "automobile_tb", "budget_year_tb", "building_tb", "comment_tb", "committee_tb", "degree_his_tb", "degree_type_tb", "durable_tb", "edu_product_tb", "edu_project_tb", "edu_service_tb", "facultycon_tb", "faculty_tb", "finance2_tb", "finance3_tb", "finance4_tb", "finance_tb", "formaoffice", "formation_tb", "formcaroffice", "formproject", "formproject_edit_tb", "history_absent_tb", "history_accumu", "history_decoration_tb", "history_position_tb", "instructor_tb", "manament_tb", "mapcollege_tb", "money_source_tb", "personal_tb", "position_tb", "project_tb", "project_type_tb", "research_char_tb", "research_filetex_tb", "research_file_tb", "research_public_tb", "research_success_tb", "research_tb", "res_project_tb", "room_tb", "salary_repot_tb", "salary_tb", "salary_type_tb", "state_tb", "stu_notebook", "techplan_method_tb", "training_tb", "user_tb"); // -- Migrate Incorrect Table(For Migrate Data Already) -- // //$tableList = array("edu_product_tb", "edu_project_tb", "edu_service_tb", "finance2_tb", "finance3_tb", "finance4_tb", "instructor_tb"); // -- Extra Data Tables List (with qa_result_tb table)--// //$tableList = array("dev_coursedu", "dev_his", "dev_hreduhis", "dev_hrperson", "projectcode_tb", "projectname", "projectqa_type_tb", "projectstdplan_tb", "projectstra_type_tb", "project_mission", "project_plan", "project_plan_temp", "project_report_tb", "project_submission", "project_type_temp", "project_year", "projstrategy_tb", "proplanstrateg_tb", "prostrategymap_tb", "qa_data_tb", "qa_elements", "qa_elements_tb", "qa_indicator", "qa_indicatorpi_tb", "qa_indicator_tb", "qa_performance", "qa_pi_cri_tb", "qa_project_tb", "qa_qareport_tb", "qa_report_tb", "qa_result_indicator", "qa_result_standard", "qa_result_tb", "qa_standard_result", "qa_standard_tb", "teach_ingmethod", "teach_lessonplans", "tech_categorydetail", "tech_categoryplan", "tech_categorytopic", "tech_corseplan_tb", "tech_coseoutcom", "tech_courseteacher", "tech_imgmethod_tb", "tech_lesson_plans", "tech_methodcom_tb", "tech_outcom", "tech_outcom_tb", "tech_planmethod", "tech_plan_tb", "tech_spec_tb", "tech_text_tb"); // -- Extra Data Tables List (without qa_result_tb table)--// //$tableList = array("dev_coursedu", "dev_his", "dev_hreduhis", "dev_hrperson", "projectcode_tb", "projectname", "projectqa_type_tb", "projectstdplan_tb", "projectstra_type_tb", "project_mission", "project_plan", "project_plan_temp", "project_report_tb", "project_submission", "project_type_temp", "project_year", "projstrategy_tb", "proplanstrateg_tb", "prostrategymap_tb", "qa_data_tb", "qa_elements", "qa_elements_tb", "qa_indicator", "qa_indicatorpi_tb", "qa_indicator_tb", "qa_performance", "qa_pi_cri_tb", "qa_project_tb", "qa_qareport_tb", "qa_report_tb", "qa_result_indicator", "qa_result_standard", "qa_standard_result", "qa_standard_tb", "teach_ingmethod", "teach_lessonplans", "tech_categorydetail", "tech_categoryplan", "tech_categorytopic", "tech_corseplan_tb", "tech_coseoutcom", "tech_courseteacher", "tech_imgmethod_tb", "tech_lesson_plans", "tech_methodcom_tb", "tech_outcom", "tech_outcom_tb", "tech_planmethod", "tech_plan_tb", "tech_spec_tb", "tech_text_tb"); $conn = mysql_connect($_REQUEST["host"], $_REQUEST["user"], $_REQUEST["pass"]) or die("ไม่สามารถติดต่อฐานข้อมูลได้"); echo "<br>--<br>"; echo "-- Copy SQL ทั้งหมดไปวางใน phpMyAdmin<br>"; echo "--<br><br>"; foreach($tableList as $tableName){ $query1 = "SELECT * FROM ".$_REQUEST["DBOld"].".".$tableName.""; $query2 = "SELECT * FROM ".$_REQUEST["DBNew"].".".$tableName.""; // get the result from the DB $result1 = mysql_query($query1); $result2 = mysql_query($query2); if(mysql_num_fields($result1)){ // Lists field name From MIS DB OLD unset($fieldDBOld); for ($i=0;$i<mysql_num_fields($result1);++$i){ $fieldDBOld[] = mysql_field_name($result1, $i); } // Lists field name From MIS DB NEW unset($fieldDBNew); for ($i=0;$i<mysql_num_fields($result2);++$i){ $fieldDBNew[] = mysql_field_name($result2, $i); } echo "--<br>"; echo "-- ตาราง : $tableName<br>"; echo "--<br><br>"; echo "TRUNCATE ".$_REQUEST["DBNew"].".`$tableName`;<br><br>"; unset($field); for($i=0;$i<sizeof($fieldDBOld);$i++){ if(in_array($fieldDBOld[$i],$fieldDBNew)) $field .= (empty($field))?"`".$fieldDBOld[$i]."`":", `".$fieldDBOld[$i]."`"; } echo "INSERT INTO ".$_REQUEST["DBNew"].".".$tableName."(".$field.") SELECT ".$field." FROM ".$_REQUEST["DBOld"].".".$tableName.";<br><br>"; echo "-- จำนวนแถวข้อมูล : ".mysql_num_rows($result1)." แถว<br><br>"; echo "-- --------------------------------------<br><br>"; } else{ echo "--<br>"; echo "-- $tableName<br>"; echo "--<br><br>"; echo "-- ไม่พบ ตาราง $tableName ในฐานข้อมูล ".$_REQUEST["DBOld"]."<br><br>"; echo "-- --------------------------------------<br><br>"; } } } } ?> <? if(!isset($pass) || (isset($pass) && $pass==false)){?> <table width="100%" align="center"> <tr> <td> <FORM METHOD="POST" NAME="migrateForm" ACTION=""> <table width="60%" align="center"> <tr> <td colspan="2" height="50" align="center"><h3>MIS MIGRATE</h3></td> </tr> <tr> <td width="40%" height="30" align="right">Host:</td> <td width="60%" align="left"><INPUT TYPE="text" NAME="host" value="<?=(isset($_REQUEST["host"]))?$_REQUEST["host"]:"localhost";?>" <?=(isset($error) && $error[0]==true)?"style=\"border-style:solid;border-width:1px;border-color:darkred;background-color:#FF3333;\"":""?>></td> </tr> <tr> <td width="40%" height="30" align="right">Username:</td> <td width="60%" align="left"><INPUT TYPE="text" NAME="user" value="<?=(isset($_REQUEST["user"]))?$_REQUEST["user"]:"root";?>" <?=(isset($error) && $error[1]==true)?"style=\"border-style:solid;border-width:1px;border-color:darkred;background-color:#FF3333;\"":""?>></td> </tr> <tr> <td width="40%" height="30" align="right">Password:</td> <td width="60%" align="left"><INPUT TYPE="password" NAME="pass" value="<?=(isset($_REQUEST["pass"]))?$_REQUEST["pass"]:"";?>" <?=(isset($error) && $error[2]==true)?"style=\"border-style:solid;border-width:1px;border-color:darkred;background-color:#FF3333;\"":""?>></td> </tr> <tr> <td width="40%" height="30" align="right">MIS DB(เก่า):</td> <td width="60%" align="left"><INPUT TYPE="text" NAME="DBOld" value="<?=(isset($_REQUEST["DBOld"]))?$_REQUEST["DBOld"]:"";?>" <?=(isset($error) && $error[3]==true)?"style=\"border-style:solid;border-width:1px;border-color:darkred;background-color:#FF3333;\"":""?>></td> </tr><tr> <td width="40%" height="30" align="right">MIS DB(ใหม่):</td> <td width="60%" align="left"><INPUT TYPE="text" NAME="DBNew" value="<?=(isset($_REQUEST["DBNew"]))?$_REQUEST["DBNew"]:"";?>" <?=(isset($error) && $error[4]==true)?"style=\"border-style:solid;border-width:1px;border-color:darkred;background-color:#FF3333;\"":""?>></td> </tr> <tr> <td colspan="2" height="50" align="center"><INPUT TYPE="submit" name="submit" value="ยืนยัน" style="cursor:pointer" title="คลิ๊กที่นี่เพื่อเริ่ม Migrate ข้อมูล"></td> </tr> </table> </FORM> </td> </tr> </table> <? }?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0059 ]-- |