!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/   drwxr-xr-x
Free 51.23 GB of 127.8 GB (40.08%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     personal_graph.php (6.48 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include("../include/FunctionDB.php");
include (
"jpgraph/src/jpgraph.php");
include (
"jpgraph/src/jpgraph_bar.php");
ConnectDB();

$sql1 "SELECT count(Degree_code) as num1 FROM personal_tb WHERE  StatusId='1'  and  Degree_code=1 ";
$result mysql_query($sql1) or die(" Error").mysql_error();
$rs1 mysql_fetch_array($result);

$sql2 "Select  Count(Degree_code) as num2 From personal_tb Where StatusId='1'  and  Degree_code=2 ";
$result mysql_query($sql2) or die(" Error").mysql_error();
$rs2 mysql_fetch_array($result);

$sql3 "Select  Count(Degree_code) as num3 From personal_tb Where StatusId='1'  and  Degree_code=3 ";
$result mysql_query($sql3) or die(" Error").mysql_error();
$rs3 mysql_fetch_array($result);

$sql4 "Select  Count(Teacher_type) as num4 From personal_tb Where StatusId='1'  and  Teacher_type=1 ";
$result mysql_query($sql4) or die(" Error").mysql_error();
$rs4 mysql_fetch_array($result);

$sql5 "Select  Count(Teacher_type) as num5 From personal_tb Where  StatusId='1'  and  Teacher_type=4 ";
$result mysql_query($sql5) or die(" Error").mysql_error();
$rs5 mysql_fetch_array($result);

$sql6 "Select  Count(Teacher_type) as num6 From personal_tb Where  StatusId='1'  and  Teacher_type=2 ";
$result mysql_query($sql6) or die(" Error").mysql_error();
$rs6mysql_fetch_array($result);

$sql7 "Select  Count(Teacher_type) as num7 From personal_tb Where  StatusId='1'  and  Teacher_type=5 ";
$result mysql_query($sql7) or die(" Error").mysql_error();
$rs7mysql_fetch_array($result);

$sql8 "Select  Count(Teacher_type) as num8 From personal_tb Where  StatusId='1'  and   Teacher_type=6 ";
$result mysql_query($sql8) or die(" Error").mysql_error();
$rs8mysql_fetch_array($result);

$sql9 "Select  Count(Person_type) as num9 From personal_tb Where  StatusId='1'  and  Person_type=1 ";
$result mysql_query($sql9) or die(" Error").mysql_error();
$rs9mysql_fetch_array($result);

$sql10 "Select  Count(Person_type) as num10 From personal_tb Where  StatusId='1'  and  Person_type=3 ";
$result mysql_query($sql10) or die(" Error").mysql_error();
$rs10mysql_fetch_array($result);

$sql11 "Select  Count(Person_type) as num11 From personal_tb Where  StatusId='1'  and   Person_type=4 ";
$result mysql_query($sql11) or die(" Error").mysql_error();
$rs11mysql_fetch_array($result);

/*------------------------------------graduate------------------------------------------*/

$datay=array($rs1['num1'],$rs2['num2'],$rs3['num3']);

// Create the graph. These two calls are always required
$graph = new Graph(600,300,"auto");    
$graph->SetScale("textlin");

// Add a drop shadow
$graph->SetShadow();

// Adjust the margin a bit to make more room for titles
$graph->img->SetMargin(40,30,20,40);

// Create a bar pot
$bplot = new BarPlot($datay);

// Specify X-labels
$graph->xaxis->SetTickLabels(array("ปริญญาตรี","ปริญญาโท","ปริญญาเอก"));

// Adjust fill color
$bplot->SetFillColor('orange');
$bplot->value->Show();
$graph->Add($bplot);

// Setup the titles
$graph->title->Set("กราฟแสดงระดับการศึกษาของบุคลากรทุกสายงานทั้งหมด");
//$graph->xaxis->title->Set("วุฒิการศึกษา");
$graph->yaxis->title->Set("จำนวน(คน)");

$graph->title->SetFont(FF_COURIER,FS_BOLD);
$graph->xaxis->SetFont(FF_TAHOMA,FS_NORMAL);
$graph->yaxis->title->SetFont(FF_COURIER,FS_BOLD);
$graph->xaxis->title->SetFont(FF_COURIER,FS_BOLD);

// Display the graph
$graph->Stroke("graduate.png");
echo 
"<img src='graduate.png'  border=0/><br><br><br>";

/*-----------------------------------personal type-------------------------------------------*/

$datay=array($rs4['num4'],$rs5['num5'],$rs6['num6'],$rs7['num7'],$rs8['num8']);

// Create the graph. These two calls are always required
$graph = new Graph(600,300,"auto");    
$graph->SetScale("textlin");

// Add a drop shadow
$graph->SetShadow();

// Adjust the margin a bit to make more room for titles
$graph->img->SetMargin(40,30,20,40);

// Create a bar pot
$bplot = new BarPlot($datay);

// Specify X-labels
$graph->xaxis->SetTickLabels(array("ทันตแพทย์","เภสัชกร","วิทยาจารย์","พยาบาลวิชาชีพ","สายสนับสนุน"));

// Adjust fill color
$bplot->SetFillColor('orange');
$bplot->value->Show();
$graph->Add($bplot);

// Setup the titles
$graph->title->Set("กราฟแสดงบุคลากรตามประเภทสายงาน");
//$graph->xaxis->title->Set("ประเภทสายงาน");
$graph->yaxis->title->Set("จำนวน(คน)");

$graph->title->SetFont(FF_COURIER,FS_BOLD);
$graph->xaxis->SetFont(FF_TAHOMA,FS_NORMAL);
$graph->yaxis->title->SetFont(FF_COURIER,FS_BOLD);
$graph->xaxis->title->SetFont(FF_COURIER,FS_BOLD);

// Display the graph
$graph->Stroke("personalType.png");
echo 
"<img src='personalType.png'  border=0/><br><br><br>";

/*-------------------------------------persoanl status-----------------------------------------*/

$datay=array($rs9['num9'],$rs10['num10'],$rs11['num11']);

// Create the graph. These two calls are always required
$graph = new Graph(600,300,"auto");    
$graph->SetScale("textlin");

// Add a drop shadow
$graph->SetShadow();

// Adjust the margin a bit to make more room for titles
$graph->img->SetMargin(40,30,20,40);

// Create a bar pot
$bplot = new BarPlot($datay);

// Specify X-labels
$graph->xaxis->SetTickLabels(array("ข้าราชการ","ลูกจ้างประจำ","ลูกจ้างชั่วคราว(เหมาจ่าย)"));

// Adjust fill color
$bplot->SetFillColor('orange');
$bplot->value->Show();
$graph->Add($bplot);

// Setup the titles
$graph->title->Set("กราฟแสดงบุคลากรตามสถานะ");
//$graph->xaxis->title->Set("สถานะบุคลากร");
$graph->yaxis->title->Set("จำนวน(คน)");

$graph->title->SetFont(FF_COURIER,FS_BOLD);
$graph->xaxis->SetFont(FF_TAHOMA,FS_NORMAL);
$graph->yaxis->title->SetFont(FF_COURIER,FS_BOLD);
$graph->xaxis->title->SetFont(FF_COURIER,FS_BOLD);

// Display the graph
$graph->Stroke("personalStatus.png");
echo 
"<img src='personalStatus.png'  border=0/>";

/*------------------------------------------------------------------------------------------------*/

?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0064 ]--