Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/Dental/ drwxr-xr-x |
Viewing file: InsertTeach.php (5.16 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php session_start(); if (session_is_registered("valid_user")) { //$Username = $valid_user; include("../include/FunctionDB.php"); include("../include/Function.php"); ConnectDB(); $Flag = true; $HN_code = $_POST[HN_code]; $Person_code = $_POST[Person_code]; $Tooth_code = $_POST[Tooth_code]; $Code = $_POST[Code]; $Teacher_code = $_POST[Teacher_code]; $No_code = htmlspecialchars(trim($_POST[No_code])); $Code = htmlspecialchars(trim($_POST[Code])); $Time_in = htmlspecialchars(trim($_POST[Time_in ])); $Time_out = htmlspecialchars(trim($_POST[Time_out])); $Date = $_POST[mYear]."-".$_POST[mMonth]."-".$_POST[mDate]; $Price = htmlspecialchars(trim($_POST[Price])); $Roug = htmlspecialchars(trim($_POST[Roug])); $Mount = htmlspecialchars(trim($_POST[Mount])); $Percen = htmlspecialchars(trim($_POST[Percen])); $Hostpital = htmlspecialchars(trim($_POST[Hostpital])); $Cost_total = htmlspecialchars(trim($_POST[Cost_total])); $Price_coun1 = $Price ; $Mount_coun2 = $Mount ; $Cost_total = $Price_coun1 * $Mount_coun2 ; ////////////// นำค่า id มาเพิ่มให้กับค่ารหัสสมาชิกครั้งละ1 //////// //$sql3 = "Select * From account order by Teach_id desc "; //$result3 = mysql_query($sql3) or die("Error $result3".mysql_error()); //$rss = mysql_fetch_row($result3); //$account = $rss [0] +1 ; // นำค่า id มาเพิ่มให้กับค่ารหัสสมาชิกครั้งละ1 //if($account>=100) { //$No_in = "0$account" ; //} //else { //if($account>=10) { //$No_in = "000$account" ; //} //else { //$No_in = "0000$account" ; //} //} //$No_code = "$HN_no$No_in" ; // รหัสสมาชิกเช่น ip0001 /////////////////// Check เลขที่ใบเสร็จ /////////// if ($No_code =="") { $msg .="<li>กรุณาระบุ เลขที่ใบเสร็จด้วยค่ะ"; $button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; $Flag = false; } ////////////// Check เลขที่ใบเสร็จ ///////////////////////////////////// //echo "$No_code <br>"; //$sql = "Select * From account Where No_code='$No_code'"; //$result = mysql_query($sql) or die("Error $result".mysql_error()); //$sum = mysql_num_rows($result); //if ($sum>0) //{ //$msg .="<li>รหัส $No_code ซ้ำ"; //$button ="<input type=\"button\" value=\"Back to Edit\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; //$Flag = false; //} //////////////////////// if ( ! CheckLenght( $No_code,9 ) ) { $msg .= "<li>เลขที่ใบเสร็จต้องมีตั้งแต่ 9หลัก"; $button = "<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold; color:#FFF; background-color:#036; border-style:outset; border-color:#69F; font-family: Tahoma;\">"; $Flag = false; } //////////////////////// check จำนวน ///////////////// if ($Mount=="") { $msg .="<li>กรุณาระบุ จำนวน"; $button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; $Flag = false; } ///////////////////// check name if ($Price =="") { $msg .="<li>กรุณาระบุ ราคา"; $button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; $Flag = false; } ////////////////////////////////// if( $Flag) { InsertAccount($Person_code,$No_code,$HN_code,$Tooth_code,$Teach_code,$Teacher_code,$Code ,$Time_in,$Time_out,$Date,$Price ,$Mount,$Cost_total,$Percen,$Hostpital,$Roug); $msg.="<li>ระบบจัดเก็บข้อมูลเรียบร้อยแล้ว"; echo"<meta http-equiv=\"refresh\" content=\"1;URL=AddPlanTeach.php?Person_code=$Person_code\">\n"; } CloseDB(); ?> <html> <head> <title>Inserting Treattment</title> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> <link href="../css/style1.css" rel="stylesheet" type="text/css"> </head> <body bgcolor="#FFFFFF"> <form> <br> <table width="68%" border="0" cellspacing="0"cellpadding="2"align="center"> <tr> <td><div align="center"><span><b><font color="#000000" size="3" face="Tahoma">::ฟอร์มการเพิ่มข้อมูล::</font></b></span></div></td> </tr> <tr> <td> <table width="74%" border="0" cellspacing="1"cellpadding="2"align="center"bordercolor="#0B62D9" class="table"> <tr> <td bgcolor="#CCCCFF"> <div align="center"><b><font color="#003366" size="3" face="Tahoma">ระบบแจ้งการทำงาน</font></b></div></td> </tr> <tr> <td bgcolor="#000000"> <table width="90%" border="0" cellspacing="0"cellpadding="2"align="center"> <tr> <td><font color="#FFFFFF" size="3" face="Tahoma"><strong><span><?php echo $msg;?></span></strong></font></td> </tr> </table></td> </tr> <tr> <td bgcolor="#CCCCFF"> <div align="center"><b><font color="#CCFF00"><?php echo $button;?></font></b></div></td> </tr> </table> </td> </tr> </table> <br> <br> </form> </body> </html> <?php } else { echo"<meta http-equiv=\"refresh\" content=\"3;URL=../../login.php\">\n"; echo"Please Login "; } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0053 ]-- |