Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/admin/ drwxr-xr-x |
Viewing file: Select action/file-type: <?php session_start(); include("../include/FunctionDB.php"); if (session_is_registered("valid_user")) { $Username = $valid_user; ConnectDB(); ///////////////////////////////////////////////////// $sql ="SELECT * FROM tech_plan_tb "; $result1= mysql_query($sql) or die("Cannot Select").mysql_error(); $num = mysql_num_rows($result1); ?> <html> <head> <title>Plan </title> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> <link rel="stylesheet" href="../css/style1.css" type="text/css"> </head> <body bgcolor="#FFFFFF"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><table width="100%" border="0" cellpadding="0" cellspacing="2" bgcolor="#DBEFF7"> <tr bgcolor="#DBEFF7" background="../teacher/Image/bart1.jpg"> <td width="20%" height="25" bgcolor="#DBEFF7" background="../Image/bart1.jpg" class="table" > <div align="center"><font size="2" face="Tahoma"><strong><a href="adminmenu.php" class="d">กลับหน้าหลัก</a></strong></font></div></td> <td width="20%" height="25" bgcolor="#DBEFF7" background="../Image/bart1.jpg" class="table" > <div align="center"><font size="2" face="Tahoma"><strong><a href="../logout.php" class="d">Logout</a></strong></font></div></td> </tr> </table></td> </tr> </table> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><div align="center"></div></td> </tr> <tr> <td> </td> </tr> </table> <table width="100%" border="0" align="center" cellpadding="0" cellspacing="1" style="border:1px solid gray"> <form action="DelPlan.php" method="post"> <tr > <td colspan="7" bgcolor="#D3E4F8"> <div align="center"><font color="#FFFF99" size="4" face="Tahoma"><strong><font color="#003366">รายการแผนการสอนรายวิชา</font></strong></font></div></td> </tr> <tr bordercolor="#006633"> <td width="25" align="center" bgcolor="#CCCCCC"><div align="center"><font color="#993333" size="2" face="Tahoma"><strong>ลบ</strong></font></div></td> <td width="24" align="center" bgcolor="#CCCCCC"><font color="#003366" size="2" face="Tahoma"><b>no.</b></font></td> <td width="61" align="center" bgcolor="#CCCCCC"><font color="#003366" size="2" face="Tahoma"><b>รหัสวิชา</b></font></td> <td width="318" align="center" bgcolor="#CCCCCC"><font color="#003366" size="2" face="Tahoma"><b>ชื่อวิชา</b></font></td> <td width="111" align="center" bgcolor="#CCCCCC"><font color="#003366" size="2" face="Tahoma"><b>ภาคการสอน</b></font></td> <td width="95" align="center" bgcolor="#CCCCCC"><font color="#003366" size="2" face="Tahoma"><b>วันที่เิ่ริ่มสอน</b></font></td> <td align="center" bgcolor="#CCCCCC"><font color="#003366" size="2" face="Tahoma"><b>รายละเอียด</b></font></td> </tr> <? $i = 1; while($row = mysql_fetch_array($result1)) { if($count==0) { ?> <tr bordercolor="#eeeeee" > <td align=center bgcolor="#eeeeee" > <input type="checkbox" name="checkbox[]" value="<? echo $row[Plan_code] ?>"></td> <td align=center bgcolor="#eeeeee" ><strong><font color="#003366" size="2" face="Tahoma"> <?=$i?> </font></strong></td> <td align=center bgcolor="#eeeeee" > <div align="center"> <font color="#003366" size="2" face="Tahoma"> <?php $Subject_no = $row[Subject_no]; $sql3 = "Select * From subject_tb Where Subject_no='$Subject_no'"; $result3 = mysql_query($sql3) or die("Error".mysql_error()); $rss3 = mysql_fetch_array($result3); echo"$rss3[Subject_code]"; ?> </font> </div></td> <td align=center bordercolor="#eeeeee" bgcolor="#eeeeee" > <div align="left"><font color="#003366" size="2" face="Tahoma"> <?php $Subject_no = $row["Subject_no"]; $strSQL1 = "SELECT * FROM subject_tb WHERE Subject_no='$Subject_no' "; $res1= mysql_query($strSQL1) or die("Error".mysql_error()); $rs1 = mysql_fetch_array($res1); echo"$rs1[Subject_name]"; ?> </font></div></td> <td bgcolor="#eeeeee"> <div align="left"><font color="#003366" size="2" face="Tahoma"> <?php $Method_code = $row["Method_code"]; $strSQL2 = "SELECT * FROM method_tb WHERE Method_code='$Method_code' "; $result2= mysql_query($strSQL2); $rs2 = mysql_fetch_array($result2); echo"$rs2[Method_name]"; ?> </font></div></td> <td bgcolor="#eeeeee" > <div align="center"><font color="#003366" size="2" face="Tahoma"> <?=$row["Start_date"]?> </font></div></td> <td bordercolor="#eeeeee" bgcolor="#eeeeee" > <div align="center"><font color="#000000" size="2" face="Tahoma"> <a href="../teacher/tech_plan/ShowTechPlan.php?Teacher_code=<? echo $row[Teacher_code]?>&Plan_code=<?echo $row[Plan_code]?>" class="g">แผนการสอน</a></font></div></td> </tr> <? $count=1; } else { ?> <tr bordercolor="#FFFFFF"> <td align="center" bgcolor="#FFFFFF" ><input type="checkbox" name="checkbox[]2" value="<? echo $row[Plan_code] ?>"></td> <td align="center" bgcolor="#FFFFFF" ><strong><font color="#003366" size="2" face="Tahoma"> <?=$i?> </font></strong></td> <td align=center bordercolor="#eeeeee" bgcolor="#FFFFFF" > <div align="center"> <font color="#003366" size="2" face="Tahoma"> <?php $Subject_no = $row[Subject_no]; $sql3 = "Select * From subject_tb Where Subject_no='$Subject_no'"; $result3 = mysql_query($sql3) or die("Error".mysql_error()); $rss3 = mysql_fetch_array($result3); echo"$rss3[Subject_code]"; ?> </font> </div></td> <td align="center" > <div align="left"><font color="#003366" size="2" face="Tahoma"> <?php $Subject_no = $row["Subject_no"]; $strSQL1 = "SELECT * FROM subject_tb WHERE Subject_no='$Subject_no' "; $res1= mysql_query($strSQL1) or die("Error".mysql_error()); $rs1 = mysql_fetch_array($res1); echo"$rs1[Subject_name]"; ?> </font></div></td> <td bgcolor="#FFFFFF"> <div align="left"><font color="#003366" size="2" face="Tahoma"> <?php $Method_code = $row["Method_code"]; $strSQL2 = "SELECT * FROM method_tb WHERE Method_code='$Method_code' "; $result2= mysql_query($strSQL2); $rs2 = mysql_fetch_array($result2); echo"$rs2[Method_name]"; ?> </font></div></td> <td bgcolor="#FFFFFF" > <div align="center"><font color="#003366" size="2" face="Tahoma"> <?=$row["Start_date"]?> </font></div></td> <td bgcolor="#FFFFFF" > <div align="center"><font color="#000000" size="2" face="Tahoma"> <a href="../teacher/tech_plan/ShowTechPlan.php?Teacher_code=<? echo $row[Teacher_code]?>&Plan_code=<?echo $row[Plan_code]?>" class="g">แผนการสอน</a></font></div></td> </tr> <? $count=0; } $i++; } CloseDB(); ?> <tr> <td colspan="7" align="center" bgcolor="#CCCCCC"> <div align="center"><font color="#003366" size="2" face="Tahoma">ทั้งหมด <? echo $num ?> รายการ</font></div></td> <tr> <td height="24" colspan="7" align="center" bgcolor="#D3E4F8"> <input type="submit" name="Submit" value=" ลบ "></td> </form> </table> </body> </html> <?php } else { echo"<meta http-equiv=\"refresh\" content=\"3;URL=../login.php\">\n"; echo"Please Login "; } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0046 ]-- |