Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/Dental/ drwxr-xr-x | |
| Viewing file: Select action/file-type: <?php
session_start();
if (session_is_registered("valid_user"))
{
include("../include/FunctionDB.php");
include("../include/Function.php");
ConnectDB();
$Flag = true;
$HN_code = htmlspecialchars(trim($_POST[HN_code]));
$First_name = htmlspecialchars(trim($_POST[First_name]));
$Name = htmlspecialchars(trim($_POST[Name]));
$Lastname = htmlspecialchars(trim($_POST[Lastname]));
$Address = htmlspecialchars(trim($_POST[Address]));
$Datetype = $_POST[mYear1]."-".$_POST[mMonth1]."-".$_POST[mDate1];
$DateBirth = $_POST[mYear]."-".$_POST[mMonth]."-".$_POST[mDate];
//$DeTeacher_id = $_POST[Id1]."-".$_POST[Id2]."-".$_POST[Id3]."-".$_POST[Id4];
$Hostpital = htmlspecialchars(trim($_POST[Hostpital]));
$Sex = htmlspecialchars(trim($_POST[Sex]));
$Nationality = htmlspecialchars(trim($_POST[Nationality]));
$Nation = htmlspecialchars(trim($_POST[Nation]));
$Religion = htmlspecialchars(trim($_POST[Religion]));
$Age = htmlspecialchars(trim($_POST[Age]));
$Citizen_id = htmlspecialchars(trim($_POST[Citizen_id]));
$Address = htmlspecialchars(trim($_POST[Address]));
$Father_name = htmlspecialchars(trim($_POST[Father_name]));
$Mother_name = htmlspecialchars(trim($_POST[Mother_name]));
$ProvinceId =htmlspecialchars(trim($_POST[ProvinceId]));
$Zipcode =htmlspecialchars(trim($_POST[Zipcode]));
$Phone =htmlspecialchars(trim($_POST[Phone]));
$Mobile =htmlspecialchars(trim($_POST[Mobile]));
$Work =htmlspecialchars(trim($_POST[Work]));
$Education =htmlspecialchars(trim($_POST[Education]));
$Email_name =htmlspecialchars(trim($_POST[Email_name]));
$Email_1 =htmlspecialchars(trim($_POST[Email_1]));
$Status2 =htmlspecialchars(trim($_POST[Status2]));
$Status3 =htmlspecialchars(trim($_POST[Status3]));
$Phone_1 =htmlspecialchars(trim($_POST[Phone_1]));
$Mobile_1 =htmlspecialchars(trim($_POST[Mobile_1]));
$Degree_code = $_POST[Degree_code];
$Club_nid = $_POST[Club_nid];
$Teacher_code = $_POST[Teacher_code];
$Group_1 = htmlspecialchars(trim($_POST[Group_1]));
$Group_2 = htmlspecialchars(trim($_POST[Group_2]));
$Group_3 = htmlspecialchars(trim($_POST[Group_3]));
$Group_4 = htmlspecialchars(trim($_POST[Group_4]));
$Dental_code = $_POST[Dental_code];
$Username = $_POST[Username];
$Password = $_POST[Password];
/////////////// Check เลขที่บัตรประชาชน /////////////////////////////////////
echo "$Citizen_id <br>";
$sql = "Select * From personal_den_tb Where Citizen_id='$Citizen_id'";
$result = mysql_query($sql) or die("Error $result".mysql_error());
$sum = mysql_num_rows($result);
if ($sum>0)
{
$msg .="<li>รหัส $Citizen_id ซ้ำ";
$button ="<input type=\"button\" value=\"Back to Edit\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">";
$Flag = false;
}
///////////// นำค่า id มาเพิ่มให้กับค่ารหัสสมาชิกครั้งละ1 ////////
//$sql3 = "Select * From personal_den_tb order by Person_code desc";
//$result3 = mysql_query($sql3) or die("Error $result3".mysql_error());
//$rs = mysql_fetch_row($result3);
//$personal_den_tb = $rs[0]+1 ; // นำค่า id มาเพิ่มให้กับค่ารหัสสมาชิกครั้งละ1
//if($personal_den_tb>=100) {
//$HN_code = "0$personal_den_tb" ;
//}
//else {
//if($personal_den_tb >=10) {
//$HN_in = "000$personal_den_tb" ;
//}
//else {
//$HN_in = "0000$personal_den_tb" ;
//}
//}
//$HN_code = "$yourcode$HN_in" ; // รหัสสมาชิกเช่น ip0001
//////////////////// check Status Personal Register
//$sql2 ="Select * From accounttb Where Teacher_id = '$Teacher_id' ";
//$result1 = mysql_query($sql2) or die("Error $result1 $sql2".mysql_error());
//$row = mysql_num_rows($result1);
//if ($row < 0)
//{
//$msg .="<li>Teacher id Incorrect";
//$button ="<input type=\"button\" value=\"Back to Edit\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">";
//$Flag = false;
//}
////////////////////////// check First name
if ($First_name=="")
{
$msg .="<li>กรุณาระบุ คำนำหน้า";
$button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">";
$Flag = false;
}
///////////////////// check name
if ($Name =="")
{
$msg .="<li>กรุณาระบุ ชื่อ";
$button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">";
$Flag = false;
}
/////////////////// Check Lastname
if ($Lastname =="")
{
$msg .="<li>กรุณาระบุ นามสกุล";
$button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">";
$Flag = false;
}
////////////////////////
if ( ! CheckLenght( $Citizen_id,13 ) )
{
$msg .= "<li>รหัสบัตรประชาชนต้องมีตั้งแต่ 13 หลัก";
$button = "<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold; color:#FFF; background-color:#036; border-style:outset; border-color:#69F; font-family: Tahoma;\">";
$Flag = false;
}
/////////////////////// Check Address ///////
if ($Address=="")
{
$msg .="<li>กรุณาระบุ ภูมิลำเนา";
$button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">";
$Flag = false;
}
//////////////////////// Check User //////////////////////
//if ($Password != $_POST[Password1])
//{
//$msg .="<li>กรุณายืนยัน รหัสผ่าน";
//$button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">";
//$Flag = false;
//}
/////////////////////////////////////
//if ( ! CheckLenght($Password,6))
// {
// $msg .= "<li>รหัสผ่านต้องมีตั้งแต่ 6-15 อักษร";
// $button = "<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold; color:#FFF; background-color:#036; border-style:outset; border-color:#69F; font-family: Tahoma;\">";
// $Flag = false;
// }
////////////////* ตรวจสอบว่า มีตัวอักษรอื่น ๆ นอกเนื่องจากตัวอักษรภาษาอังกฤษ และ ตัวเลขหรือไม่ */
//if ( ! CheckEngNumAlpha($Password))
// {
// $msg .= "<li>รหัสผ่านต้องเป็นอักษรภาษาอังกฤษ หรือ ตัวเลข เท่านั้น";
// $button = "<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold; color:#FFF; background-color:#036; border-style:outset; border-color:#69F; font-family: Tahoma;\">";
// $Flag = false;
// }
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////// Check Status to Insert Data /////////////////////////////
if( $Flag)
{
$Path = "../images";
if ( isset($Img1) )
if (copy($Img1,"$Path/$Img1_name"))
{
unlink ($Img1);
$Img1 = "$Path/$Img1_name";
}
else
echo"Can't Copy";
InsertPersonDen($HN_code,$Teacher_code,$First_name,$Name,$Lastname,$DateBirth,$Datetype,$Sex,$Hostpital,
$Nationality,$Nation,$Religion,$Citizen_id,$Father_name,$Mother_name,$Age,$ProvinceId, $Zipcode,$Phone,$Mobile,$Work,$Education,$Email_name,$Email_1,$Status2, $Status3,$Phone_1,$Mobile_1,$Address,$Img1,$Degree_code, $Person_type,$Club_nid,$Group_1,$Group_2,$Group_3,$Group_4,$Dental_code,$Username,$Password, $Permision);
$msg.="<li>คุณ<b> $Name $Lastname</b>";
$msg.="<li>ระบบจัดเก็บข้อมูลของท่านเรียบร้อยแล้ว";
$button = "<input type=\"reset\" value=\"Close Windows\" onclick=\"javascript:parent.close();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">";
echo "<meta http-equiv=\"refresh\" content=\"2;URL=Frmperson.php\">";
?>
<table width="69%" border="0" align="center" cellpadding="0" cellspacing="0">
</table>
<?php
}
CloseDB();
?>
<html>
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-874">
<link href="../css/style1.css" rel="stylesheet" type="text/css">
</head>
<body bgcolor="#FFFFFF" leftmargin="0" topmargin="0"marginwidth="0"marginheight="0">
<br>
<table width="70%" border="0" cellspacing="0"cellpadding="2"align="center">
<tr>
<td><div align="center"><span><b><font color="#003399" size="4" face="Tahoma">::แบบฟอร์มกรอกข้อมูลประวัติ::</font></b></span></div></td>
</tr>
<tr>
<td>
<table width="100%" border="0" cellspacing="1"cellpadding="0"align="center" class="table">
<tr>
<td bgcolor="#D7EBF4"><div align="center"><b><font color="#000000" size="2" face="Tahoma">ระบบแจ้งการทำงาน</font></b></div></td>
</tr>
<tr>
<td bgcolor="#000000">
<table width="90%" border="0" cellspacing="1"cellpadding="0"align="center">
<tr>
<td><span><b><font color="#FFFFFF"><?php echo $msg;?></font></b></span></td>
</tr>
</table>
</td>
</tr>
<tr>
<td bgcolor="#D7EBF4">
<div align="center"><b><font color="#CCFF00"><?php echo $button;?> <font size="2" face="Tahoma"></font></font></b></div></td>
</tr>
</table>
</td>
</tr>
</table>
<br>
</body>
</html>
<?php
}
else
{
echo"<body bgcolor=\"#CCCCCC\">";
echo"<meta http-equiv=\"refresh\" content=\"3;URL=../logout.php\" target=\"mainFrame\">\n";
echo"<center>";
echo"<br><br><br><b><font face=\"Tahoma\" size=\"4\" color=\"#FF0000\">Please Login</font> </b><br>";
echo"<br><br><font face=\"Tahoma\" size=\"10\" color=\"#000000\"> ERROR 404 PERMISION DENY</font><br>";
echo"<br><font face=\"Tahoma\" size=\"4\" color=\"#000000\"> คุณไม่มีสิทธ์ใช้งาน</font>";
echo"</center>";
echo"</body>";
}
?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0128 ]-- |