Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/person/ drwxr-xr-x |
Viewing file: InsertPlaningIn.php (5.65 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php session_start(); /** Define Validate Access */ define( '_VALID_ACCESS', 1 ); /** Check Session User Login */ if( !session_is_registered("valid_user") && !session_is_registered("Priority") ) { echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-874\" />"; echo "<p style=padding-top:115px><p align=center><br /><font color=red><strong>กรุณาทำการ Login ก่อน</strong></font></p></p>"; echo "<meta http-equiv=\"refresh\" content=\"1; URL=../login.php\" />"; exit(); } else { /** Configuration */ require_once( "../configuration.php" ); require_once( $_Config_absolute_path . "/includes/framework.php" ); require_once( "../includes/Function.php" ); require_once( "../includes/FunctionDB.php" ); /** Create Database Object */ $dbObj = new DBConn; /** Config Table for This Page */ $myTable = "project_tb"; $Project_code= $_POST['Project_code']; $Faculty_code = $_POST['Faculty_code']; $Teacher_code = $_POST['Teacher_code']; $Project_plan = $_POST['Project_plan']; $Orderlist = $_POST['Orderlist']; $Training_name = htmlspecialchars( trim( $_POST['Training_name'] ) ); $programId = $_POST['programId']; $Year = $_POST['Year']; $MoneyS_C = $_POST['MoneyS_C']; $MoneyId = $_POST['MoneyId']; $Ind = $_POST['Ind']; $Date = trim( $_POST['Date'] ); $Budget_use = $_POST['Budget_use']; ///*-------- นำค่า id มาเพิ่มให้กับค่ารหัสครั้งละ1 -----------*// $query = " SELECT * FROM $myTable ORDER BY codeId DESC "; $result = $dbObj->execQuery($query); $rss= $dbObj->fetchArray($result); $myTable = $rss[0]+1 ; // นำค่า id มาเพิ่มให้กับค่ารหัสสมาชิกครั้งละ1 // if($myTable2>=100) { $ProjectNo = "$Project$myTable" ; $Spending_use ="$Budget_use"; //### Call Function ( table --> 'project_tb' ) InsertProject( $Training_code, $Project_code, $ProjectId, $MoneyId, $MoneyS_C, $Faculty_code, $Teacher_code, $Ind, $Orderlist, $Project_plan, $Training_name, $Date, $Budget_use, $Spending_use, $programId, $Budget_Year, $Year ); } # else ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-874" /> <link href="../css/default.css" rel="stylesheet" type="text/css" /> <title>MIS -- Teacher</title></head> <body topmargin="0" rightmargin="0" bottommargin="0" leftmargin="0"> <?php include("../templates/incHeader.php"); ?> <table width="1003" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="203" align="left" valign="top" style="padding:10px 0px 0px 5px"><?php include("./_incMainMenu.php");?></td> <td width="800" height="440" align="center" valign="top" style="padding:10px 0px 5px 10px"><fieldset> <table width="780" border="0" cellspacing="0" cellpadding="0"> <form id="myForm" name="myForm" method="post" action="InsertPlaningIn.php"> <tr> <td> </td> </tr> <tr> <td style="padding-left:15px;"><strong><a href="index.php">หน้าหลัก</a></strong> <strong>» <a href="Menu_Teach.php">ข้อมูลทั่วไปบุคลากร</a> » <a href="PlaningByYear.php??Teacher_code=<?=$Teacher_code;?>&Faculty_code=<?=$Faculty_code;?>">ข้อมูลการแผนดำเนินการ</a> » <a href="PlanStdList.php?Teacher_code=<?=$Teacher_code;?>&Budget_Year=<?=$Budget_Year;?>&Faculty_code=<?=$Faculty_code;?>">แผนดำเนินการรายปี</a></strong> <strong>» </strong> <a href="PlaningList.php?Teacher_code=<?=$Teacher_code;?>&Budget_Year=<?=$Budget_Year;?>&Faculty_code=<?=$Faculty_code;?>&Project_code=<?=$Project_code;?>"> <strong><?php $sql2 = " SELECT * FROM projectstdplan_tb WHERE Project_code='$Project_code' "; $result2 = $dbObj->execQuery($sql2); $rs2 = $dbObj->fetchArray($result2); echo $rs2['Project_plan']; ?></strong></a></td> </tr> <tr> <td align="center"> <table width="760" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td> </td> </tr> <tr> <td> <a href="DetailRepPlaning.php?ProjectId=<? echo $rs[ProjectId]?>&Project_code=<? echo $rs[Project_code]?>&Faculty_code=<? echo $rs[Faculty_code]?>&Teacher_code=<? echo $rs1[Teacher_code]?> ">รายงานการใช้เงินตามข้อย่อยแผน</a> » <span class="TEXT-GREEN10">เพิ่มข้อมูลแผน/โครงการดำเนินการ (ข้อย่อย)</span></td> </tr> <tr> <td> </td> </tr> </table> <table width="760" border="0" align="center" cellpadding="0" cellspacing="0" style=" border:0px solid gray"size="12"> <tr> <td height="43" ><table width="100%" border="0" cellspacing="0" cellpadding="0" bgcolor="#E0E0E0" style="border:1px solid #CCCCCC"> <tr> <td height="150" align="center"><span class="TEXT-GREEN10"><strong>ระบบจัดเก็บข้อมูลของท่านเรียบร้อยแล้ว</strong></span><br /> <br /> กรุณารอสักครู่ กำลังเปลี่ยนหน้าอัตโนมัติ<br /> <?php echo"<meta http-equiv=\"refresh\" content=\"1;URL=PlaningList.php?Faculty_code=$Faculty_code&Budget_Year=$Budget_Year&Project_code=$Project_code\">\n"; ?></td> </tr> </table></td> </tr> </table> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td> </td> </tr> </table></td> </tr></form> </table> </fieldset></td> </tr></table> </body></html> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0057 ]-- |