Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/Develop_person_depart/ drwxr-xr-x |
Viewing file: mis120Word.php (16.63 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php header('Content-type: application/ms-doc'); header('Content-Disposition: attachment; filename="testing.doc"'); include("../include/FunctionDB.php"); include("../include/Function.php"); ConnectDB(); $Username = $valid_user; $sql = "SELECT * FROM personal_tb WHERE Teacher_code='$Teacher_code' "; $res = mysql_query($sql); $rs = mysql_fetch_array($res); $sql = "Select * From FormAoffice Where Teacher_code='$Teacher_code' and codeId='$codeId' "; $result = mysql_query($sql) or die(" Error").mysql_error(); $rss = mysql_fetch_array($result); $sql1 = "Select * From project_tb Where Teacher_code='$Teacher_code' and Training_code='$Training_code' "; $result1= mysql_query($sql1) or die(" Error").mysql_error(); $rs1= mysql_fetch_array($result1); ?> <meta http-equiv="Content-Type" content="text/html; charset=TIS-620"> <script language="JavaScript" src="../calendar/ew.js"></script> <script language="JavaScript" src="../calendar/popcalendar.js"></script> <script language="JavaScript" type="text/JavaScript"> function MM_reloadPage(init) { //reloads the window if Na v4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> } var highlightcolor="lightyellow" var ns6=document.getElementById&&!document.all var previous='' var eventobj //Regular expression to highlight only form elements var intended=/INPUT|TEXTAREA|SELECT|OPTION/ //Function to check whether element clicked is form element function checkel(which){ if (which.style&&intended.test(which.tagName)){ if (ns6&&eventobj.nodeType==3) eventobj=eventobj.parentNode.parentNode return true } else return false } </script> <script type="text/JavaScript"> <!-- function MM_openBrWindow(theURL,winName,features) { //v2.0 window.open(theURL,winName,features); } //--> </script> <style type="text/css"> <!-- .style1 { font-size: 14px; font-family: Tahoma; } .style2 { font-size: 14px; font-weight: bold; font-family: Tahoma; } .style5 {font-size: 14px; font-family: Tahoma; color: #FF0000; } .style7 {font-size: 14px} .style11 {font-size: 14px; color: #000000; } .style12 {color: #000000} .style13 {font-size: 14px; color: #000000; font-family: Tahoma; } --> </style> <table width="591" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td width="591"> <fieldset> <legend></legend> <div align="center"> <form id="pc" name="pc" method="post" action="InsertFormA.php"> <div align="left"> <table width="587" cellpadding="0" cellspacing="0"> <col width="88" /> <col width="79" /> <col width="85" /> <col width="56" /> <col width="64" /> <col width="185" /> <tr height="31"> <td height="31" width="109"></td> <td colspan="4"><div align="center" class="style2"> <div align="left"> <p align="center"><strong>บันทึกข้อความ</strong></p> </div> </div></td> <td width="79"></td> </tr> <tr height="29"> <td height="29" colspan="6" l> </td> </tr> <tr height="29"> <td height="29" colspan="6" l><span class="style13"> ส่วนราชการ วิทยาลัยการสาธารณสุขสิรินธร จังหวัดชลบุร ี</span></td> </tr> <td height="29" colspan="3" align="left" class="style13"> ที่ สธ.0203.081/พิเศษ......... </td> <td height="29" align="left"> </td> <td height="29" colspan="2" align="left" class="style13">วันที่ <font color="#003366"> <?php $sday = $rss[Date]; $yearthai = explode("-",$sday); $day = intval($yearthai[2]); $month = intval($yearthai[1]); $year = intval($yearthai[0]); ////////////////// // $yearthai = $day ; $m = getThaiSubMonth($month); echo"$day"." "."$m"." "."$year"; ?> </font></td> </tr> <tr height="29"> <td height="29" colspan="3" align="left" class="style1">เรื่อง <font size="2" face="Tahoma"><? echo $rss[Detail]?></font></td> <td width="121"></td> <td width="97"></td> <td></td> </tr> <tr height="29"> <td height="29" colspan="5" align="left" class="style13">เรียน ผู้อำนวยการวิทยาลัยการสาธารณสุขสิรินธรจังหวัดชลบุรี</td> <td></td> </tr> <tr height="29"> <td height="26"></td> <td colspan="5" align="left" class="style13">ข้าพเจ้า....<font size="2" face="Tahoma"> <?php $Teacher_code = $rss["Teacher_code"]; $sql = "Select * From personal_tb Where Teacher_code ='$Teacher_code' "; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result1); echo "$rs2[First_name]$rs2[Teacher_name] $rs2[Teacher_lastname]"; ?> </font>.................................. ตำแหน่ง.......<font size="2" face="Tahoma"><? echo $rs2[Gover_pos]?>.....</font></td> </tr> <tr height="29"> <td height="29" colspan="6" align="left" class="style13">สังกัด....<font size="2" face="Tahoma"> <?php $Faculty_code = $rs["Faculty_code"]; $sql = "Select * From faculty_tb Where Faculty_code='$Faculty_code'"; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result1); echo "$rs2[Faculty_name] "; ?> </font>........วิทยาลัยการสาธารณสุขสิรินธร จังหวัดชลบุรี.....สถาบันพระบรมราชชนก</td> </tr> <tr height="29"> <td height="29" colspan="6" align="left" class="style13">ขออนุมัติเดินทางไปราชการ เรื่อง <font color="#0000FF" size="2" face="Tahoma"> ... </font><font size="2" face="Tahoma"><? echo $rss[Training_name]?></font></td> </tr> <tr height="29"> <td height="29" colspan="6" align="left"><label><span class="style1">อ้างตามหนังสือราชการเลขที่</span></label> <span class="style1"><font color="#0000FF" size="2" face="Tahoma">... </font><font size="2" face="Tahoma"><? echo $rss[No_in]?></font><font color="#0000FF" size="2" face="Tahoma">... </font> <font face="Tahoma">เพื่อ...</font><font size="2" face="Tahoma"> <?php $Training_type = $rss["Training_type"]; $sql = "Select * From training_type_tb Where Training_type='$Training_type' "; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result1); echo "$rs2[Detail]"; ?> </font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>" onclick="MM_openBrWindow('../../Application Data/SSH/temp/bookCode.php?Teacher_code=<? echo $rss["Teacher_code"]?>','Detail','width=820,height=280,scrollbars=yes')"><a href="#" ></a></font></span></td> </tr> <tr> <td height="29" colspan="6" align="left" class="style1">อ้างตามแผนดำเนินการ ข้อที่ <span class="style5">*</span> <font size="2" face="Tahoma"> <?php $ProjectId = $rss["ProjectId"]; $sql = "Select * From project_tb Where ProjectId='$ProjectId' "; $result2 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result2); echo "$rs2[Orderlist]"; ?> </font><font color="#0000FF" size="2" face="Tahoma"> .. </font><font size="2" face="Tahoma"> <?php echo "$rs2[Project_plan]"; ?> </font> <font face="Tahoma"><span class="style11">ปีงบประมาณ </span></font><font size="2" face="Tahoma"><?php echo "$rs2[Budget_Year]"; ?> </font><font face="Tahoma"><span class="style11"> จำนวนเงิน </span></font><font color="#0000FF" size="2" face="Tahoma"><span class="style5">*</span></font><font size="2" face="Tahoma"> <?php echo "$rs1[Budget_use]"; ?> </font><span class="style12"><font face="Tahoma"><span class="style7"> บาท</span></font></span></td> </tr> <td height="29" colspan="6" align="left" class="style1">ตั้งแต่วันที่<font color="#000000">.....</font>.<font color="#003366" face="Tahoma"> <?php $sday = $rss[Date_start]; $yearthai = explode("-",$sday); $day = intval($yearthai[2]); $month = intval($yearthai[1]); $year = intval($yearthai[0]); ////////////////// // $yearthai = $day ; $m = getThaiSubMonth($month); echo"$day"." "."$m"." "."$year"; ?> </font>........................ถึงวันที่.. <font color="#003366" face="Tahoma"> <?php $sday = $rss[Date_finish]; $yearthai = explode("-",$sday); $day = intval($yearthai[2]); $month = intval($yearthai[1]); $year = intval($yearthai[0]); ////////////////// // $yearthai = $day ; $m = getThaiSubMonth($month); echo"$day"." "."$m"." "."$year"; ?> ......... </font> มีกำหนด<font face="Tahoma"> . <? echo $rss[Day]?></font> .วัน</td> </tr> <tr height="31"> <td height="31" colspan="2"><span class="style1">ปีงบประมาณ<span class="style5">* <font size="2" face="Tahoma"><? echo $rss[Year_std]?></font></span></span></td> <td width="73"> </td> <td colspan="3" align="left"> </td> </tr> <tr height="29"> <td height="29" colspan="3" align="left"> </td> <td></td> <td></td> <td></td> </tr> <tr height="29"> <td height="29" colspan="3" align="left"> </td> <td></td> <td></td> <td></td> </tr> <tr height="31"> <td height="31" colspan="2" align="left"> </td> <td> </td> <td colspan="2" class="style1">ลงชื่อ ...........................</td> <td></td> </tr> <tr height="29"> <td height="29"> </td> <td width="106"> </td> <td> </td> <td colspan="2"><font size="2" face="Tahoma"> <span class="style1"> <?php $Teacher_code = $rss["Teacher_code"]; $sql = "Select * From personal_tb Where Teacher_code ='$Teacher_code' "; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result1); echo "$rs2[First_name]$rs2[Teacher_name] $rs2[Teacher_lastname]"; ?> </span></font></td> <td></td> </tr> <tr height="29"> <td height="29" colspan="3" align="left"> </td> <td colspan="2"><font face="Tahoma"> <span class="style1"> ตำแหน่ง</span></font><span class="style1"><font size="2" face="Tahoma"> <? echo $rs2[Gover_pos]?></font></span></td> <td></td> </tr> <tr height="29"> <td height="29" colspan="2" align="left"><label class="style1"> <input name="Flag1" type="checkbox" id="Flag1" <?php if (!(strcmp("$rss[Flag1]","1"))) {echo "checked";} ?> value="1" disabled="disabled" /> <span class="style13">อนุญาต</span> <input name="Flag1" type="checkbox" id="Flag1" <?php if (!(strcmp("$rss[Flag1]","2"))) {echo "checked";} ?> value="2" disabled="disabled"/> <span class="style13">ไม่อนุญาต</span></label></td> <td align="left"> </td> <td colspan="3" align="left"> </td> </tr> <tr height="29"> <td height="29" colspan="3" align="left"> </td> <td colspan="3" align="left"> </td> </tr> <tr height="29"> <td height="29" colspan="3" align="left"><div align="center" class="style13">ลงชื่อ........................หัวหน้าภาค/ฝ่าย.</div></td> <td colspan="3" align="left"> </td> </tr> <tr height="29"> <td height="29" colspan="2" align="left"><div align="center" class="style1"><font size="2" face="Tahoma"> <?php $sql = "Select * From personal_tb Where Faculty_code ='$Faculty_code' and TeacherId='1' "; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result1); echo "$rs2[First_name]$rs2[Teacher_name] $rs2[Teacher_lastname]"; ?> </font></div></td> <td align="left"> </td> <td align="left"><div align="center" class="style13">คำสั่ง</div></td> <td align="left"> </td> <td align="left"> </td> </tr> <tr height="29"> <td height="27" colspan="2" align="left"><div align="center" class="style13"><font face="Tahoma">ตำแหน่ง</font><font size="2" face="Tahoma"> <? echo $rs2[Gover_pos]?></font></div></td> <td align="left"> </td> <td colspan="3" align="left"><label> <span class="style1"> <input name="Flag2" type="checkbox" id="Flag2" <?php if (!(strcmp("$rss[Flag2]","1"))) {echo "checked";} ?> value="1" disabled="disabled"/> </span></label> <span class="style13">อนมัติ </span><span class="style1"> <input name="Flag2" type="checkbox" id="Flag2" <?php if (!(strcmp("$rss[Flag2]","2"))) {echo "checked";} ?> value="2" disabled="disabled" /> </span><span class="style13">ไม่อนุมัติ</span></td> </tr> <tr height="29"> <td height="29" colspan="2" align="left"> </td> <td align="left"> </td> <td colspan="2" align="left"> </td> <td align="left"> </td> </tr> <tr height="29"> <td height="29" colspan="2" align="left"> </td> <td align="left"> </td> <td colspan="2" align="left" class="style13"> ลงชื่อ................. ..</td> <td align="left"> </td> </tr> <tr height="29"> <td height="28" colspan="2" align="left"> </td> <td align="left"> </td> <td colspan="2" align="left" class="style13">ตำแหน่ง. ..........................</td> <td align="left"> </td> </tr> <tr height="29"> <td height="29" colspan="2" align="left"> </td> <td align="left"> </td> <td colspan="2" align="left" class="style1"> วันที่.......เดือน..............พ.ศ....... </td> <td align="left"> </td> </tr> </table> <label></label> </form> </div> </label> <div align="center"> <input type="button" name="close2" value="ปิดหน้าต่าง" onclick="window.close()" /> </div> <div align="center"></div> </fieldset> <font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2"><br> </font></td> </tr> </table> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0054 ]-- |