110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/teacher/ drwxr-xr-x Free 52.63 GB of 127.8 GB (41.18%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6
uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
uid=48(apache) gid=48(apache) groups=48(apache)
Safe-mode: OFF (not secure)
/var/www/html/manage/teacher/ drwxr-xr-x
Free 52.63 GB of 127.8 GB (41.18%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Viewing file: ComputerList.php (16.23 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php

	session_start();
	
	/**  Define Validate Access  */
	define( '_VALID_ACCESS', 1 );

	/**  Check Session User Login  */
	if( !session_is_registered("valid_user") && !session_is_registered("Priority") ) {
		echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-874\" />";
		echo "<p style=padding-top:115px><p align=center><br /><font color=red><strong>ЎГШіТ·УЎТГ Login ЎиН№</strong></font></p></p>";
		echo "<meta http-equiv=\"refresh\" content=\"1; URL=../login.php\" />";
		exit();
	} 
	else {
		/**  Configuration  */
		require_once( "../configuration.php" );
		require_once( $_Config_absolute_path . "/includes/framework.php" );
		require_once( "../include/Function.php" );
	
		/**  Create Database Object  */
		$dbObj = new DBConn;

		//=== SESSION
		$Username = $valid_user; 
		
		
		/**  Config Table for This Page  */
		$myTable1 = "personal_tb";
		$myTable2 = "formation_tb";
		
		$myTable2PK = "Code";
		
		/**  Table  -->  personal_tb  */
		$query1 = " SELECT *  FROM $myTable1  WHERE Username='$Username' ";
		$result1 = $dbObj->execQuery($query1);
		$rs1 = $dbObj->fetchObject($result1);
		
		$Teacher_code = $rs1->Teacher_code;
		
		/**  Paging */
		$page = $_GET['page'];
		if( $page == "" ) { $page = 1; }
		
		/**  ЁУ№З№ўйНБЩЕ µиН 1 Л№йТ  */
		$perpage = $_REQUEST['perpage'];
		if( $perpage == "" ) { $perpage = 10; }
		
		
		/**  Botton Name Action */
		$action = $_REQUEST['action'];
		$id = $_REQUEST['id'];
	
		if( isset($action) && !empty($action) ) {
			switch($action) {
				case "Delete" :
					$num = count($id);
					for( $i=0; $i<$num; $i++ ) {
						$qryDel = " DELETE FROM  formation_tb  WHERE Code='$id[$i]' ";
						$resultDel = $dbObj->runQuery($qryDel);
						$dbObj->freeresult($resultDel);
					}
				break;
			} # switch
		} # if
		
		
	} # else
 ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-874" />
<title>MIS -- Teacher</title>
<link href="../css/default.css" rel="stylesheet" type="text/css" />
<script language="javascript" src="../js/utilities.js"></script>
<script language="javascript">
function checkAllDelete(oAllCheckBox,frm) {
	for(i=0; i<frm.elements.length; i++) {
		if( (frm.elements[i].type == "checkbox") && (frm.elements[i] != oAllCheckBox) ) {
			if(oAllCheckBox.checked==true) {
				frm.elements[i].parentElement.parentElement.style.backgroundColor='#E5E9F2';
				frm.elements[i].checked=true;
			} else {
				frm.elements[i].parentElement.parentElement.style.backgroundColor='';			
				frm.elements[i].checked=false;			
			}
		} // end..if
	} // end..for
} // end..function

//----------- Confirm before Deleted
function confirmDelete(frm) { 
	//-- loop through all elements
	for(i=0; i<frm.length; i++) {
		//-- Look for our checkboxes only
		if(frm.elements[i].name.indexOf('id') !=-1) {
			//-- If any are checked then confirm alert, otherwise nothing happens
			if(frm.elements[i].checked) {
				return confirm('µйН§ЎТГЕєўйНБЩЕ·ХиаЕЧНЎ?')
			}
		} // end..if
	} // end..for
} // end..function

//----------- Highlight Rows
function highlightRow(chkBox) {
   var IsChecked = chkBox.checked;            

  if(IsChecked) {
       chkBox.parentElement.parentElement.style.backgroundColor='#E5E9F2';  
       chkBox.parentElement.parentElement.style.color='blue'; 
  } 
  else {
       chkBox.parentElement.parentElement.style.backgroundColor='white'; 
       chkBox.parentElement.parentElement.style.color='black'; 
  }
}
</script>
</head>

<body topmargin="0" rightmargin="0" bottommargin="0" leftmargin="0">
<?php
	include("../templates/incHeader.php");
?>
<table width="1003" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td width="203" align="left" valign="top" style="padding:10px 0px 0px 5px"><?php include("./_incMainMenu.php");?></td>
    <td width="800" height="440" align="center" valign="top" style="padding:10px 0px 5px 10px">
    <?php
		/**  Config Paging  */
		if( $perpage == "" ) { $limit = $_Config_limit; }
		else { $limit = $perpage; }
		
		$scroll = $_Config_scroll; 
		
		
		/**  µСй§¤иТ Default КУЛГСєЎТГ·У Order By  */
		if( $OrderBy == "" ) { $OrderBy = $myTable2PK; }
						
		if( !isset($_GET['ASCDESC']) ) { $ASCDESC = "DESC"; }
						
		if( $_GET['ASCDESC'] == "DESC" ) { $ASCDESC = "ASC"; }
		elseif( $_GET['ASCDESC'] == "ASC" ) { $ASCDESC = "DESC"; } 
		
		/**  Query аѕЧиНЛТ Numrows ЎиН№  */
		$query = " SELECT *  FROM $myTable2  WHERE Teacher_code='$Teacher_code' ";
		
		$result = $dbObj->execQuery($query);
		$numrows = $dbObj->_numrows;
		
		/**  Paging  */
		$display = ( !isset ($_GET['page']) ) ? 1 : $_GET['page'];
		$start = ( ($display * $limit) - $limit );
		/**  Paging  */
		
		if( isset($_GET['OrderBy']) ) {
			$query = " SELECT *  FROM $myTable2  WHERE Teacher_code='$Teacher_code'  ORDER BY $OrderBy $ASCDESC ";
		} 
		elseif( !isset($_GET['OrderBy']) ) {
			$query = " SELECT *  FROM $myTable2  WHERE Teacher_code='$Teacher_code'  ORDER BY $myTable2PK DESC ";
		}
		
		$query .= " LIMIT $start, $limit ";
		$result = $dbObj->execQuery($query);
    ?>
    <fieldset>
     <table width="780" border="0" cellspacing="0" cellpadding="0">
      <form id="myForm" name="myForm" method="post" action="<?=$PHP_SELF;?>?page=<?=$page;?>">
      <tr>
        <td>&nbsp;</td>
      </tr>
      <tr>
        <td style="padding-left:15px;"><strong><a href="index.php">Л№йТЛЕСЎ</a></strong> <strong>&raquo; <a href="Menu_Teach.php">ўйНБЩЕ·СиЗд»єШ¤ЕТЎГ</a> &raquo; <span class="NOTE">бЁй§«иНБа¤ГЧНўиТВбЕРНШ»ЎГім¤НБѕФЗаµНГм</span></strong></td>
      </tr>
      <tr>
        <td>&nbsp;</td>
      </tr>
      <tr>
        <td height="350" align="center" valign="top">
        <table width="760" border="0">
                  <tr>
                    <td><font size="2" face="MS Sans Serif"><a href="../webboard/postq.php?Category=<? echo $Category; ?>&amp;page=<? echo $page; ?>">
                    <?php
						// table НёФєТВ¤ЗТБЛБТВўН§ГЩ»¤У¶ТБ
						echo "<table width=760 height=36 border=0 bordercolor=black cellspacing=0 cellpadding=2>\n";
						echo "<tr><td align=left>\n";
						//echo "\t &nbsp;<img src='../webboard/pic/cam.gif' border=\"0\"> - ¤У¶ТБ·ХиБХГЩ» \n";
						echo "\t&nbsp;<img src='../webboard/pic/new2day.gif' border=\"0\"> - ¤У¶ТБ·ХиБХ¤№µСй§гЛБиЗС№№Хй \n";
						echo "\t &nbsp;<img src='../webboard/pic/update2day.gif' border=\"0\"> - ¤У¶ТБ·ХиБХ¤№µНєЗС№№Хй\n";
						
						echo "</td></tr>\n";
						echo "</table>\n\n";
						echo  "<br>";


						$chk_date = substr(date("Y-m-d H:i:s"),-19,-9);
						
						if ( empty($page) ) {
							$page=1;
						}
					
						// µФґµиН database аѕЧиННиТ№ўйНБЩЕ	
						// ЛТЁУ№З№Л№йТ·Сй§ЛБґ
						//mysql_connect($host,$user,$passwd);
						//mysql_query("SET NAMES 'tis620'");
						$sql = " SELECT No  FROM webboard_data  WHERE Teacher_code='$Teacher_code' ";
						$result = mysql_db_query($dbname,$sql);
						@$NRow = mysql_num_rows($result);
						
						@$rt = ($NRow%$list_page);
						if($rt!=0) { 
							$totalpage = floor($NRow/$list_page)+1; 
						}
						else {
							@$totalpage = floor($NRow/$list_page); 
						}
						$goto = ($page-1)*$list_page;
					
					
						// Query ўйНБЩЕµТБЁУ№З№·ХиЎУЛ№ґ
						$sql = " SELECT *  FROM webboard_data  WHERE  Teacher_code='$Teacher_code'  ORDER BY No DESC  LIMIT $goto,$list_page ";
						$result = mysql_db_query($dbname,$sql);
						@$NRow = mysql_num_rows($result);
					
						if( $NRow==0 ) { 
							echo "<center>";
							echo "<br>";
							echo "<font size=2 face='MS Sans Serif'>ВС§дБиБХ¤У¶ТБ аБЧиНдЛГиЁРБХ№йН</font><br><br>\n";
							echo "<center>";
						}
						// бКґ§ЛСЗўйНўН§єНГмґ
						else {
							echo "<table  width=809 height=36 border=1 bordercolor=black cellspacing=0 cellpadding=2>\n";
							echo "<tr bgcolor= dodgerblue>\n";
							echo "\t<td align=center width=8%><font size=2 color=#FFF8DC><b>¤У¶ТБ·Хи</b></font></td>\n";
							echo "\t<td align=center width=47% ><font size=2 color=#FFF8DC><b>¤У¶ТБ-[ЁУ№З№¤УµНє] [ЁУ№З№¤№аўйТНиТ№]</b></font></td>\n";
							echo "\t<td align=center width=24%><font size=2 color=#FFF8DC><b>јЩй¶ТБ[ЗС№·Хи¶ТБ]</b></font></td>\n";
							echo "\t<td align=center width=18%><font size=2 color=#FFF8DC><b>јЩйµНє[ЗС№·ХиµНє]</b></font></td>\n";
							echo "</tr>\n\n";
					
							// З№ЕЩ»бКґ§ўйНБЩЕ·ХиНиТ№дґй
							while ($row = mysql_fetch_array($result)) {
								
								// ЎУЛ№ґКХўН§µТГТ§ аѕЧиНгЛйБХЎТГКЕСєКХ
								//$bgc = ($bgc=="lightcyan") ? "powderblue" : "lightcyan";
					
								$bgc = ($bgc==$rowColor1) ? $rowColor2 : $rowColor1; 
					
								// ЎУЛ№ґ¤иТµСЗб»Г
								$No = sprintf("%05d",$row["No"]);
								$Question = $row["Question"];
								$Name = $row["Name"];
								$Namer = $row["Namer"];
								$Member = $row["Member"];
								$Memberr = $row["Memberr"];
								$nphoto = $row["nphoto"];
								$ckDate = trim(substr($row["Date"],-19,-9)); // бКґ§а©ѕТРЗС№·Хи
								$Date = convert_date($row["Date"]);
								$Reply = $row["Reply"];
					
								$ckReplyDate = trim(substr($row["ReplyDate"],-19,-9)); 
								$ReplyDate = convert_date($row["ReplyDate"]);
								$pageviewdata = $row["pageview"];
								// бКґ§а©ѕТРЗС№·Хи
								if($Date==$chk_date) {
									echo "<tr bgcolor=$rowHiLight>\n";
								} 
								elseif($ReplyDate==$chk_date) {
									echo "<tr bgcolor=$rowHiLight>\n";	
								} 
								else {
									echo "<tr bgcolor=$bgc>\n";			
								}
								// бКґ§ГЩ» folder
								
								////new
									 
								if($Reply>="3" ) {
									echo "\t<td align=center><img src='../webboard/pic/hotfd.gif'> $No</td>\n";
								}
								elseif($ReplyDate!="") {
									echo "\t<td align=center><img src='../webboard/pic/openfd.gif'> $No</td>\n";
								} 
								elseif($Date==$chk_date) {
									echo "\t<td  align=center ><img src='../webboard/pic/newfd.gif'> $No</td>\n";
								} 
								else {
									echo "\t<td align=center><img src='../webboard/pic/closefd.gif'> $No</td>\n";
								}
					
					
								if( ($ckReplyDate==$chk_date) && ($nphoto!='') && ($ckDate==$chk_date) ) {
									echo "\t<td><a href='show.php?Teacher_code=$Teacher_code&No=$row[No]' target='$No'>$Question</a> <img src='../webboard/pic/cam.gif' border=\"0\"><img src='../webboard/pic/new2day.gif' border=\"0\"> <img src='../webboard/pic/update2day.gif' border=\"0\"></font>&nbsp;[<font color=red> $Reply </font>] [<font color=red> $pageviewdata </font>]</td>\n";
								}
								elseif( ($ckReplyDate==$chk_date) && ($nphoto!='') ) {
									echo "\t<td><a href='show.php?Teacher_code=$Teacher_code&No=$row[No]' target='$No'>$Question</a> <img src='../webboard/pic/cam.gif' border=\"0\"><font color=red size='2'> <img src='../webboard/pic/update2day.gif' border=\"0\"></font>&nbsp;[<font color=red> $Reply </font>] [<font color=red> $pageviewdata </font>]</td>\n";
								}
								elseif( ($ckReplyDate==$chk_date) && ($ckDate==$chk_date) ) {
									echo "\t<td ><a href='show.php?Teacher_code=$Teacher_code&No=$row[No]' target='$No'>$Question</a> <font color=red size='2'> <img src='../webboard/pic/new2day.gif' border=\"0\"> <img src='../webboard/pic/update2day.gif' border=\"0\"></font>&nbsp;[<font color=red> $Reply </font>] [<font color=red> $pageviewdata </font>]</td>\n";
								} 
								elseif( $ckReplyDate==$chk_date ) {
									echo "\t<td  ><a href='show.php?Teacher_code=$Teacher_code&No=$row[No]' target='$No'>$Question</a> <font color=red size='2'> <img src='../webboard/pic/update2day.gif' border=\"0\"></font>&nbsp;[<font color=red> $Reply </font>]   [<font color=red> $pageviewdata </font>]</td>\n";
								} 
								elseif( ($nphoto!='') && ($ckDate==$chk_date) ) {
									echo "\t<td ><a href='show.php?Teacher_code=$Teacher_code&No=$row[No]' target='$No'>$Question </a><img src='../webboard/pic/new2day.gif' border=\"0\"> <img src='../webboard/pic/cam.gif' border=\"0\">&nbsp;[<font color=red> $Reply </font>] [<font color=red> $pageviewdata </font>]</td>\n";
								} 
								elseif($nphoto!='') {
									echo "\t<td ><a href='show.php?Teacher_code=$Teacher_code&No=$row[No]' target='$No'>$Question </a> <img src='../webboard/pic/cam.gif' border=\"0\">&nbsp;[<font color=red> $Reply </font>] [<font color=red> $pageviewdata </font>]</td>\n";
								} 
								elseif( $ckDate==$chk_date ) {
									echo "\t<td ><a href='show.php?Teacher_code=$Teacher_code&No=$row[No]' target='$No'>$Question </a> <img src='../webboard/pic/new2day.gif' border=\"0\">&nbsp;[<font color=red> $Reply </font>] [<font color=red> $pageviewdata </font>]</td>\n";
								} 
								else {
									echo "\t<td><a href='show.php?Teacher_code=$Teacher_code&No=$row[No]' target='$No'>$Question</a>&nbsp;[<font color=red> $Reply </font>] [<font color=red> $pageviewdata </font>]</td>\n";
								}			
					
								if( $Member ) {
									echo "\t<td>$Name <img src='../webboard/pic/online.gif'> <font color=blue> [$Date]</font></td>\n";
								}
								else {
									echo "\t<td>$Name <font color=blue> [$Date]</font></td>\n";
								}
								
								// µГЗЁКНєЗиТБХ¤№µНє¤У¶ТБЛГЧНВС§
								if($Memberr) {
									if($ckReplyDate!="" ) {
										echo "\t<td>$Namer <img src='../webboard/pic/online.gif'> <font color=blue>[$ReplyDate]</font></td>\n";
									}
									else {
										echo "\t<td> ВС§дБиБХ¤№µНє </td>\n";
									}
									echo "</tr>\n\n";
								} else {
									if($ckReplyDate!="" ) {
										echo "\t<td> $Namer <font color=blue>[$ReplyDate]</font></td>\n";
									}
									else {
										echo "\t<td> ВС§дБиБХ¤№µНє </td>\n";
									}
									echo "</tr>\n\n";
								} # else
							
							} # while
							echo "</table>\n\n";
							
							// table НёФєТВ¤ЗТБЛБТВўН§ГЩ»
							echo "<table  width=809 height=36 border=0 bordercolor=black cellspacing=0 cellpadding=2>\n";
							echo "<tr><td align=left>\n";
							echo "\t<img src='../webboard/pic/newfd.gif'> - ¤У¶ТБгЛБи \n";
							echo "\t<img src='../webboard/pic/closefd.gif'> - ¤У¶ТБаЎиТ \n";
							echo "\t<img src='../webboard/pic/openfd.gif'> - ¤У¶ТБ·Хи¶ЩЎµНєбЕйЗ\n";
							echo "\t<img src='../webboard/pic/hotfd.gif'> - ¤У¶ТБ·ХиБХ¤№µНєБТЎ\n";
							echo "\t<img src='../webboard/pic/cam.gif'> - ¤У¶ТБ·ХиБХГЩ»\n";
							echo "\t<img src='../webboard/pic/online.gif'> - КБТЄФЎаЗзєєНГмґ\n";
							echo "</td></tr>\n";
							echo "</table>\n\n";
					
							// table бКґ§аЕўЛ№йТ
							echo "<table  width=809 height=36 border=0 bordercolor=black cellspacing=0 cellpadding=2>\n";
							echo "<tr><td align=left>\n";
							echo "\t<font size=2 color=#9400D3>\n";
					
							// КГйТ§ link аѕЧиНд»Л№йТЎиН№-Л№йТ¶Сґд»
							if($page>1 && $page<=$totalpage) {
								$prevpage = $page-1;
								echo "\t<a href='ComputerList.php?Teacher_code=$Teacher_code&page=$prevpage'>[Л№йТЎиН№ = $prevpage]</a>\n";
							}
					
							echo "\t ЎУЕС§бКґ§Л№йТ·Хи $page/$totalpage \n";
					
							if($page!=$totalpage) {
								$nextpage = $page+1;
								echo "\t<a href='ComputerList.php?Teacher_code=$Teacher_code&page=$nextpage'>[Л№йТ¶Сґд» = $nextpage]</a>\n";
							}
					
							echo "\t</font>\n";
							echo "</td></tr>\n";
							echo "<tr><td>\n";
					
							// З№ЕЩ»бКґ§аЕўЛ№йТ·Сй§ЛБґ
							for($i=1 ; $i<$page ; $i++) {
								echo "\t<a href='ComputerList.php?Teacher_code=$Teacher_code&page=$i'>$i</a> \n";
							}
							echo "\t<font size=2 color=red><b>$page</b></font> \n";
							
							for($i=$page+1 ; $i<=$totalpage ; $i++) {
								echo "\t<a href='ComputerList.php?Teacher_code=$Teacher_code&page=$i'>$i</a> \n";
							}
						
							echo "</td></tr>\n";
							echo "</table>\n";
							
						} # else
					?>
                    </a></font></td>
                  </tr>
                </table></td>
      </tr>
      <tr>
        <td>&nbsp;</td>
      </tr></form>
    </table>
   </fieldset></td>
  </tr>
</table>
<?php include("../templates/incFooter.php"); ?>
</body>
</html>
<?php
	/**  Free Resource */
	$dbObj->freeresult($result1);
	
	/**  Close the Database  */
	$dbObj->disconn();
	
	/**  Unset Class  */
	unset($dbObj);
?>
:: Command execute ::
Enter:	Select:
:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:
:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/
:: Search ::
:: Upload ::
:: Make Dir ::
:: Make File ::
:: Go Dir ::
:: Go File ::
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0059 ]--