Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/ drwxrwxrwx |
Viewing file: ShowStudentDetail.php (13.14 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php /** Define Validate Access */ define( '_VALID_ACCESS', 1 ); /** Configuration */ include( "configuration.php" ); require_once( $_Config_absolute_path . "/includes/framework.php" ); include_once( "./link/function.php" ); /** using 'reg' DB */ include("./includes/FunctionDB.php"); include("./includes/Function.php"); /** Create Database Object */ $dbObj = new DBConn; ConnectDB(); /** Config Table for This Page */ $myTable = "StudentMaster"; $myTableFK = "studentId"; $query = " SELECT * FROM $myTable WHERE studentId='$studentId' "; $result = $dbObj->execQuery($query); $rs = $dbObj->fetchArray($result); $sql = " SELECT * FROM StudentBio WHERE studentId='$studentId' "; $result = mysql_query($sql); $rss = mysql_fetch_array($result); $Img1 = str_replace( "../", "", $rs['Img1'] ); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-874" /> <title><?=$_Config_sitename;?> - ข้อมูลนักศึกษา - ประวัตินักศึกษา</title> <script type="text/javascript" src="./js/utilities.js"></script> <link href="./css/default.css" rel="stylesheet" type="text/css" /> </head> <body topmargin="0" rightmargin="0" bottommargin="0" leftmargin="0"> <?php include( "./templates/incHeader.php" ); ?> <table width="1003" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="215" align="left" valign="top" style="padding:10px 0px 0px 5px"><?php include( "templates/incMainMenuLeft.php" );?></td> <td width="788" height="300" align="center" valign="top" style="padding:10px 0px 5px 10px"><fieldset><table width="770" border="0" cellspacing="0" cellpadding="0"> <form id="myForm" name="myForm" method="post" action=""> <tr> <td height="5"></td> </tr> <tr> <td height="30" background="images/background/bg-head-topic-w780.gif"><span class="PADDING-LEFT-10"><strong><a href="index.php">หน้าหลัก</a></strong> <strong>» <a href="StudentList.php">ข้อมูลนักศึกษา</a> » <span class="NOTE">ประวัตินักศึกษา</span></strong></span></td> </tr> <tr> <td> </td> </tr> <tr> <td align="center" valign="top"><table width="95%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td width="80%"><table width="100%" border="0" align="center" cellpadding="1" cellspacing="1" bgcolor="#E4E4E4"> <tr bordercolor="#E7FAFE"> <td height="20" align="right" bordercolor="#FFFFFF" bgcolor="#FFFFFF">สังกัด ภาค/ฝ่าย</td> <td bgcolor="#FFFFFF"> </td> <td bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php echo $rs['studentCode']; ?></td> </tr> <tr bordercolor="#E7FAFE"> <td height="20" align="right" bordercolor="#FFFFFF" bgcolor="#FFFFFF">ชื่อ-นามสกุล (ไทย)</td> <td width="10" bgcolor="#FFFFFF"> </td> <td width="393" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php $prefixId = $rs['prefixId']; $sql1 = " SELECT * FROM Prefix WHERE prefixId='$prefixId' "; $result1 = mysql_query($sql1); $rs1 = mysql_fetch_array($result1); echo $rs1['prefixName'];?><?=$rs['studentName'];?> <?=$rs['studentSurname'];?></td> </tr> <tr bordercolor="#E7FAFE"> <td height="20" align="right" bordercolor="#FFFFFF" bgcolor="#FFFFFF">ชื่อ-นามสกุล (อังกฤษ)</td> <td width="10" bgcolor="#FFFFFF"> </td> <td width="393" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?=$rs['studentNameEng'];?> <?=$rs['studentSurnameEng'];?></td> </tr> <tr bordercolor="#E7FAFE"> <td width="150" height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">หลักสูตร</td> <td nowrap="nowrap" bgcolor="#FFFFFF"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php $sql = " SELECT * FROM Program WHERE programId='$rs[programId]' " ; $result2 = $dbObj->execQuery($sql); $rs2 = $dbObj->fetchArray($result2); $dbObj->freeresult($result2); if( $rs2['programName'] != "" ) echo $rs2['programName']; else echo " "; ?> <strong>รุ่น</strong> <?php $sql = " SELECT * FROM Generation WHERE programId='$rs[programId]' " ; $result3 = $dbObj->execQuery($sql); $rs3 = $dbObj->fetchArray($result3); $dbObj->freeresult($result3); if( $rs3['genNo'] != "" ) echo $rs3['genNo']; else echo " "; ?></td> </tr> <tr bordercolor="#FFFFFF"> <td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">ชั้นปีที่</td> <td width="10" nowrap="nowrap" bgcolor="#FFFFFF"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php echo $rs['studentYear']; ?></td> </tr> <tr bordercolor="#FFFFFF"> <td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">อายุ</td> <td width="10" nowrap="nowrap" bgcolor="#FFFFFF"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php //// Show Age $sql4 = " SELECT * FROM StudentBio WHERE studentId='$rs[studentId]' "; $result4 = mysql_query($sql4); $rs4 = mysql_fetch_array($result4); $age = $rs4['birthDate']; $year = explode("-",$age); $year = intval($year[0]); $year = $year - 543; $currentyear = date("Y"); $currentyear = intval($currentyear); $age = $currentyear - $year; echo "$age"; ?></td> </tr> <tr bordercolor="#E7FAFE"> <td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">วันที่เข้ารับการศึกษา</td> <td nowrap="nowrap" bgcolor="#FFFFFF"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php $sday = $rs['admitDate']; $yearthai = explode("-",$sday); $day = intval($yearthai[2]); $month = intval($yearthai[1]); $year = intval($yearthai[0]); $m = getThaiSubMonth($month); echo "$day"." "."$m"." "."$year"; ?></td> </tr> <tr bordercolor="#E7FAFE"> <td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">สถานะการลงทะเบียน</td> <td nowrap="nowrap" bgcolor="#FFFFFF"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><a href="checkEnrollItem.php?studentCode=<?=$rs['studentCode'];?>&studentId=<?=$rs['studentId'];?>">ตรวจสอบรายวิชาลงทะเบียนเรียน</a></td> </tr> <tr bordercolor="#E7FAFE"> <td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><a href="javascript:;" onclick="NewWindow('showDetailEnrollFee.php?studentId=<?=$rs["studentId"];?>&acadYear=<?=$rs["acadYear"];?>&studentYear=<?=$rs["studentYear"];?>&semester=<?=$rs["semester"];?>','showDetailEnrollFee','700','500','Yes');">ตรวจสอบค่าลงทะเบียน</a></td> </tr> <tr bordercolor="#E7FAFE"> <td height="20" align="right" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">อาจารย์ที่ปรึกษา</td> <td width="10" nowrap="nowrap" bgcolor="#FFFFFF"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php $sql = " SELECT * FROM Officer WHERE officerId='$rs[officerId1]' " ; $result5 = $dbObj->execQuery($sql); $rs5 = $dbObj->fetchArray($result5); $dbObj->freeresult($result5); if( $rs5['officerName'] != "" ) echo "อ.".$rs5['officerName']." ".$rs5['officerSurname']; else echo " "; ?></td> </tr> <tr bordercolor="#E7FAFE"> <td height="20" align="right" valign="top" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF">สภาพนักศึกษา</td> <td nowrap="nowrap" bgcolor="#FFFFFF"> </td> <td valign="top" nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10"><?php $studentStatus = $rs[studentStatus] ; $sql6 = " SELECT * FROM SysStudentStatusDes "; $result6 = mysql_query($sql6); $rs6 = mysql_fetch_array($result6); echo "$rs6[description]"; ?></td> </tr> <?php if( $rs['Degree_His2'] != "" ) { ?> <?php } #if if( $rs['Degree_His3'] != "" ) { ?> <?php } #if ?> <tr bordercolor="#E7FAFE"> <td height="20" align="right" valign="top" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF" class="PADDING-TOP-5"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10 PADDING-TOP-5"> </td> </tr> <tr bordercolor="#E7FAFE"> <td height="20" align="right" valign="top" nowrap="nowrap" bordercolor="#FFFFFF" bgcolor="#FFFFFF" class="PADDING-TOP-5">ภาระงาน</td> <td nowrap="nowrap" bgcolor="#FFFFFF"> </td> <td nowrap="nowrap" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10 PADDING-TOP-5"><table width="100%" border="0" cellspacing="1" cellpadding="1"> <tr> <td width="65%" align="left">• <a href="StudentDetail.php?studentId=<?php echo $rs['studentId']; ?>">ข้อมูลนักศึกษา</a></td> <td width="35%" align="center"> </td> </tr> <tr> <td align="left">• ข้อมูลผู้ปกครอง</td> <td align="center"> </td> </tr> <tr> <td align="left">• ข้อมูลทุนการศึกษา</td> <td align="center"> </td> </tr> <tr> <td align="left">• <a href="../mis/eregis/login.php">ข้อมูลผลการเรียน</a></td> <td align="center"> </td> </tr> <tr> <td align="left">• ข้อมูลสุขภาพ</td> <td align="center"> </td> </tr> <tr> <td align="left">• ข้อมูลการลา</td> <td align="center"> </td> </tr> <tr> <td align="left">• ข้อมูลพฤติกรรม และวินัยนักศึกษา</td> <td align="center"> </td> </tr> </table></td> </tr> </table> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td> </td> </tr> <tr> <td align="center"><input type="button" name="button" id="button" value="« ย้อนกลับ" class="CURSOR-HAND" onclick="window.history.back();" /></td> </tr> </table></td> <td width="20%" valign="top" align="center"><table width="150" border="0" cellspacing="0" cellpadding="0"> <tr> <td><img src="<?php echo $Img1; ?>" width="150" height="170" /></td> </tr> </table></td> </tr> </table></td> </tr> <tr> <td> </td> </tr></form> </table> </fieldset></td> </tr> </table> <?php include( "./templates/incFooter.php" ); ?> </body> </html> <?php /** Free Resource */ $dbObj->freeresult($result); /** Close the Database */ $dbObj->disconn(); /** Unset Class */ unset($dbObj); ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0056 ]-- |