Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/Qa_depart/ drwxr-xr-x |
Viewing file: Select action/file-type: <?php session_start(); if (session_is_registered("valid_user")&&session_is_registered("Priority")&&session_is_registered("password") ) { //include("../include/FunctionDB.php"); //include("admin_menu.php"); ConnectDB(); $Username = $valid_user; $sql1 ="SELECT * FROM qa_standard_tb ";// Where codeId='codeId' and Stand_code='$Stand_code' "; $result1 = mysql_query($sql1) or die("Cannot Select").mysql_error(); $rs1 = mysql_fetch_array($result1); $strSQL = "SELECT * FROM qa_report_tb Where code='$code' "; if (! $Page) $Page = 1; $Pre_Page = $Page - 1; $Next_Page = $Page +1; $Per_Page = 20; $result = mysql_query($strSQL); $Page_start = ($Per_Page*$Page) - $Per_Page; $Num_Rows = mysql_num_rows($result); if( $Num_Rows <= $Per_Page) $Num_Pages = 1; else if (($Num_Rows % $Per_Page) == 0) $Num_Pages = ($Num_Rows / $Per_Page); else $Num_Pages = ($Num_Rows / $Per_Page) + 1; $Num_Pages = (int)$Num_Pages; if (( $Page > $Num_Pages) || ($Page < 0)) echo"Page $Page More than $Num_Pages"; $strSQL .=" LIMIT $Page_start,$Per_Page" ; $result = mysql_query($strSQL); $num = mysql_num_rows($result ); ?> <meta http-equiv="Content-Type" content="text/html; charset=TIS-620"> <link href="../source/style.css" rel="stylesheet" type="text/css"> <link href="../css/style1.css" rel="stylesheet" type="text/css"> <style type="text/css"> <!-- .style20 {font-size: 14px} .style22 {font-size: 14px; font-weight: bold; } --> </style> <script type="text/JavaScript"> <!-- function MM_openBrWindow(theURL,winName,features) { //v2.0 window.open(theURL,winName,features); } //--> </script> <table width="817" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="817" height="142"> <legend> <label><div align="center"> <form id="form1" name="form1" method="post" action=""> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0" style="background-color:#aaaaaa; border:0px solid gray"> <tr> <td width="24" height="33" align="center" bgcolor="#FFFFFF" style="border:0px solid gray"><font color="#000000" face="Tahoma"><strong><span class="style20"> <input name="Stand_code" type="hidden" id="Stand_code" value="<? echo $rs[Stand_code]?>" /> </span></strong></font></td> <td colspan="5" align="center" bgcolor="#FFFFFF" style="border:0px solid gray"><div align="left"><font color="#000000" face="Tahoma"><span class="style22">เพิ่มรายการเอกสาร</span></font><font size="2" face="Tahoma" onclick="MM_openBrWindow('AddReport.php?code=<? echo $rs[code]?>&codeId=<? echo $s[codeId]?>','Detail','scrollbars=yes,width=600,height=250')"><a href="#" > <img src="../picture/new.gif" alt="เพิ่มรายการเอกสาร" width="16" height="16" border="0" /></a></font></div></td> </tr> <?php $i = 1; while($row = mysql_fetch_array($result)) { if($count==0) { ?> <tr > <td rowspan="2" align="center" bgcolor="#FFFFFF" > </td> <td width="20" align="center" bgcolor="#FFFFFF" ><div align="center"><font color="#003366" size="2" face="Tahoma"> <a href="#" class="d"> </a></font></div></td> <td width="41" align="center" bgcolor="#FFFFFF" ><div align="left"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><img src="../picture/linesub.gif" width="16" height="16" border="0" align="absmiddle" /></font><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"><strong><font color="#996600" size="1" face="Tahoma"> <?=$i?> </font></strong></a></font></div></td> <td width="669" bgcolor="#FFFFFF"><div align="left"><font color="#336600" size="2" face="Tahoma"> </font> <div align="left"> <div align="center" onclick="MM_openBrWindow('<?=$row["Filename"]?>','Detail','scrollbars=yes,width=850,height=600')"> <div align="left"><font color="#996600" size="2" face="Tahoma"><a href="#"><? echo $row["Report_name"]?></a></font></div> </div> </div> </div></td> <td width="26" bgcolor="#FFFFFF" onclick="MM_openBrWindow('frmReport.php?ReportId=<? echo $row[ReportId]?>','Detail','scrollbars=yes,width=600,height=250')"><div align="center"><font size="2" face="Tahoma"><a href="#"><img src="../picture/edit.gif" alt="แก้ไข" width="16" height="16" border="0" /></a></font></div></td> <td width="21" bgcolor="#FFFFFF"><div align="center"><strong><font size="2" face="Tahoma"> <script language="JavaScript" type="text/javascript"> function Conf<?=$row[code];?>0(object) { if (confirm("คุณต้องการลบข้อมูล <?php echo " $row[Report_name]"; ?> หรือไม่?") == true) { return true; } return false; } </script> <a href="DelReport.php?ReportId=<?php echo $row[ReportId]; ?>&code=<?php echo $row[code];?>"> <img src="../picture/deletenew.gif" width="16" height="16" align="absmiddle" border="0" onclick="return Conf<?=$row[code];?>0(this)" alt="ลบข้อมูล" /></a> </font></strong></div></td> </tr> <? $count=1; } else { ?> <tr > <td width="20" height="18" align="center" bgcolor="#FFFFFF" ><div align="center"><font color="#003366" size="2" face="Tahoma"> <a href="#" class="d"> </a></font></div></td> <td height="18" align="center" bgcolor="#FFFFFF"><div align="left"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><img src="../picture/linesub.gif" width="16" height="16" border="0" align="absmiddle" /></font><font color="#003366" size="2" face="Tahoma"><a href="#" class="d"><strong><font color="#996600" size="1" face="Tahoma"> <?=$i?> </font></strong></a></font></div></td> <td bgcolor="#FFFFFF"><div align="left"><font color="#336600" size="2" face="Tahoma"> </font> <div align="left"> <div align="center" onclick="MM_openBrWindow('<?=$row["Filename"]?>','Detail','scrollbars=yes,width=850,height=600')"> <div align="left"><font color="#996600" size="2" face="Tahoma"><a href="#"><? echo $row["Report_name"]?></a></font></div> </div> </div> </div></td> <td bgcolor="#FFFFFF" onclick="MM_openBrWindow('frmReport.php?ReportId=<? echo $row[ReportId]?>','Detail','scrollbars=yes,width=600,height=250')"><div align="center"><font size="2" face="Tahoma"><a href="#"><div align="center"><font size="2" face="Tahoma"><img src="../picture/edit.gif" alt="แก้ไข" width="16" height="16" border="0" /></font></div></td> <td bgcolor="#FFFFFF"><div align="center"><strong><font size="2" face="Tahoma"> <script language="JavaScript" type="text/javascript"> function Conf<?=$row[code];?>0(object) { if (confirm("คุณต้องการลบข้อมูล <?php echo " $row[Report_name]"; ?> หรือไม่?") == true) { return true; } return false; } </script> <a href="DelReport.php?ReportId=<?php echo $row[ReportId]; ?>&code=<?php echo $row[code];?>"> <img src="../picture/deletenew.gif" width="16" height="16" align="absmiddle" border="0" onclick="return Conf<?=$row[code];?>0(this)" alt="ลบข้อมูล" /></a> </font></strong></div></td> </tr> <? $count=0; } $i++; } CloseDB(); ?> <tr bgcolor="#DCF3DA"> <td height="25" colspan="6" align="center" bgcolor="#FFFFFF" ><div align="right"><span class="style20"><font color="#000000" face="Tahoma">ทั้งหมด<strong> <? echo $num ?> </strong>รายการ</font></span></div></td> </tr> </table> </form> </td> </tr> </table> <?php } else { echo"<meta http-equiv=\"refresh\" content=\"3;URL=../login.php\">\n"; echo"Please Login "; } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.005 ]-- |