Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/Research_depart/ drwxr-xr-x |
Viewing file: InsertResearch.php (3.37 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php include("../include/FunctionDB.php"); ConnectDB(); $Flag = true; $Research_name = htmlspecialchars(trim($_POST['Research_name'])); $Research_char_else = htmlspecialchars(trim($_POST['Research_char_else'])); $name1 = htmlspecialchars(trim($_POST['name1'])); $name2 = htmlspecialchars(trim($_POST['name2'])); $name3 = htmlspecialchars(trim($_POST['name3'])); $name4 = htmlspecialchars(trim($_POST['name4'])); $name5 = htmlspecialchars(trim($_POST['name5'])); $name6 = htmlspecialchars(trim($_POST['name6'])); $name7 = htmlspecialchars(trim($_POST['name7'])); $name8 = htmlspecialchars(trim($_POST['name8'])); $Fund_resource = htmlspecialchars(trim($_POST['Fund_resource'])); $Year_start = $_POST[mYear]."-".$_POST[mMonth]."-".$_POST[mDate]; $Year_finish = $_POST[mYear2]."-".$_POST[mMonth2]."-".$_POST[mDate2]; ///////////////////// check name if ($Research_name =="") { $msg .="<li>กรุณาระบุ ชื่องานวิจัย"; $button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; $Flag = false; } /////////////////// Check Benifit if ($Year_prop =="") { $msg .="<li>กรุณาระบุ ปีที่เผยแพร่"; $button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; $Flag = false; } /////////////////////// Check Address if( $Flag) { InsertResearch($Teacher_code,$Branch,$Research_name,$Research_type,$Research_char,$R_position,$name1,$name2,$name3,$name4,$name5,$name6,$name7,$name8,$Year_start,$Year_finish,$Fund,$Fund_resource,$Resource_des,$Propagate,$Propagate_des,$Prop_type,$Prop_type1,$Prop_type2,$Prop_type3,$Apply1,$Apply2,$Apply3,$Apply4,$Apply_des,$Year_prop); $msg.="<li>ผลงาน<b>$Research_name</b>"; $msg.="<li>ระบบจัดเก็บข้อมูลของท่านเรียบร้อยแล้ว"; echo"<meta http-equiv=\"refresh\" content=\"2;URL=ResearchList.php?Teacher_code=$Teacher_code\">\n"; } CloseDB(); ?> <html> <head> <title>Inserting Research</title> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> <link rel="stylesheet" href="../css/Style1.css" type="text/css"> </head> <body bgcolor="#FFEFDF" leftmargin="0" topmargin="0"marginwidth="0"marginheight="0"> <form> <br> <table width="64%" border="0" cellspacing="0"cellpadding="2"align="center"> <tr> <td><div align="center"><span><b><font color="#003366" size="4" face="Tahoma">::ฟอร์มการเพิ่มข้อมูลผลงานวิจัยส่วนบุคคล::</font></b></span></div></td> </tr> <tr> <td> <table width="100%" border="0" cellspacing="1"cellpadding="0"align="center"bordercolor="#0B62D9" class="table"> <tr> <td bgcolor="#FFCC99"><b><font color="#003366" size="3" face="Tahoma">ระบบแจ้ง</font></b></td> </tr> <tr> <td bgcolor="#FEF5E0"> <table width="90%" border="0" cellspacing="0"cellpadding="2"align="center"> <tr> <td><font color="#FF0000" size="3" face="Tahoma"><span><b><?php echo $msg;?></b></span></font></td> </tr> </table></td> </tr> <tr> <td bgcolor="#FFCC99"> <div align="center"><b><font color="#CCFF00"><?php echo $button;?></font></b></div></td> </tr> </table> </td> </tr> </table> <br> <br> </form> </body> </html> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0113 ]-- |