Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/admin/ drwxr-xr-x |
Viewing file: AllStudentList.php (12.31 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php session_start(); if (session_is_registered("valid_user")&&session_is_registered("password")&&session_is_registered("Priority")) { include("../include/FunctionDB.php"); include("../include/Function.php"); ConnectDB(); $strSQL = "SELECT * FROM student_tb Where Succ_Status='0' Order By Student_id,Class,Orderlist Asc"; if (! $Page) $Page = 1; $Pre_Page = $Page - 1; $Next_Page = $Page +1; $Per_Page = 50; $result = mysql_query($strSQL); $Page_start = ($Per_Page*$Page) - $Per_Page; $Num_Rows = mysql_num_rows($result); if( $Num_Rows <= $Per_Page) $Num_Pages = 1; else if (($Num_Rows % $Per_Page) == 0) $Num_Pages = ($Num_Rows / $Per_Page); else $Num_Pages = ($Num_Rows / $Per_Page) + 1; $Num_Pages = (int)$Num_Pages; if (( $Page > $Num_Pages) || ($Page < 0)) echo"Page $Page More than $Num_Pages"; $strSQL .=" LIMIT $Page_start,$Per_Page" ; $result = mysql_query($strSQL); /////////////////////////////////////////////////////////////////////////////////// $num = mysql_num_rows( $result ); //$count = 0; ?> <html> <head> <title>Display Project List </title> <link rel="stylesheet" href="../css/style1.css" type="text/css"> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"></head> <body bgcolor="#FFFFFF"> <table width="100%" border="0" align="center" cellpadding="0" cellspacing="1" bordercolor="#999999"> <tr> <td width="20%" height="21" background="../Image/bare3.jpg" class="table"> <div align="center"><strong><font size="2" face="Tahoma"><a href="adminmenu.php" class="d">¡ÅѺ˹éÒËÅÑ¡</a></font></strong></div></td> <td width="20%" background="../Image/bare3.jpg" class="table"> <div align="center"><strong><font size="2" face="Tahoma"><a href="../logout.php" class="d">Logout</a></font></strong></div></td> </tr> </table> <table width="100%" border="0" align="center" cellpadding="0" cellspacing="1"> <tr> <td bgcolor="#FFFFFF"> </td> </tr> </table> <table width="100%" border="0" align="center" cellpadding="0" cellspacing="1" style="border:1px solid gray"> <form action="Delstd.php" method="post"> <tr bgcolor="#D5E6F7" > <td colspan="9"> <div align="center"><font color="#003366" size="4" face="Tahoma"><strong><font color="#990000">ÃÒ¡Òà </font>¢éÍÁÙŹѡÈÖ¡ÉÒ·Ñé§ËÁ´</strong></font></div></td> </tr> <tr bgcolor="#EEEEEE"> <td width="27" align="center" bgcolor="#EEEEEE" style="border:1px solid gray"><font color="#FF0000" size="2" face="Tahoma"><strong>ź</strong></font></td> <td width="54" align="center" style="border:1px solid gray"><font color="#003366" size="2" face="Tahoma"> </font></td> <td width="90" align="center" bgcolor="#EEEEEE" style="border:1px solid gray"><strong><font size="2" face="Tahoma">ËÅÑ¡ÊÙµÃ</font></strong></td> <td width="37" align="center" bgcolor="#EEEEEE" style="border:1px solid gray"><strong><font size="2" face="Tahoma">ÃØè¹</font></strong></td> <td width="50" align="center" bgcolor="#EEEEEE" style="border:1px solid gray"><strong><font size="2" face="Tahoma">ÅӴѺ</font></strong></td> <td width="74" align="center" bgcolor="#EEEEEE" style="border:1px solid gray"><font color="#003366" size="2" face="Tahoma"><strong>ÃËÑÊ</strong></font></td> <td width="170" align="center" bgcolor="#EEEEEE" style="border:1px solid gray"><font color="#003366" size="2" face="Tahoma"><b>ª×èÍ-¹ÒÁÊ¡ØÅ</b></font></td> <td width="210" align="center" bgcolor="#EEEEEE" style="border:1px solid gray"><font size="2" face="Tahoma"><strong>ÍÒ¨ÒÃÂì·Õè»ÃÖ¡ÉÒ</strong></font><font color="#003366" size="2" face="Tahoma"><strong>¨Ó¹Ç¹</strong></font></td> <td width="38" align="center" bgcolor="#EEEEEE" style="border:1px solid gray"><font size="2" face="Tahoma"><strong>ź</strong></font></td> </tr> <? $i = 1; while($row = mysql_fetch_array($result)) { if($count==0) { ?> <tr bgcolor="#FBF5E3" onMouseOver="this.style.backgroundColor='#D8F8FA'" onMouseOut="this.style.backgroundColor='#FBF5E3'"> <td align=center bordercolor="#EEEEEE" > <input type="checkbox" name="checkbox[]" value="<? echo $row[Student_id]?>"></td> <td align=center bordercolor="#EEEEEE" ><font color="#003366" size="2" face="Tahoma"> <?=$i?> </font></td> <td align=center bordercolor="#EEEEEE" > <div align="left"><font color="#000000" size="2" face="Tahoma"> <?php $Course_code = $row[Course_code]; $sql2= "Select * From course_tb Where Course_code='$Course_code'"; $result2 = mysql_query($sql2) or die("Error Select".mysql_query()); $rs2 = mysql_fetch_array($result2); echo"$rs2[Short_Thai]"; ?> </font></div></td> <td align=center bordercolor="#EEEEEE" ><font color="#000000" size="2" face="Tahoma"> <?=$row["Class"]?> </font></td> <td align=center bordercolor="#EEEEEE" ><font color="#000000" size="2" face="Tahoma"> <?=$row["Orderlist"]?> </font></td> <td align=center bordercolor="#EEEEEE" ><font color="#003333" size="2" face="Tahoma"> <?=$row["Student_id"]?> </font></td> <td align="center" bordercolor="#EEEEEE" > <div align="left"><font color="#990099" size="2" face="Tahoma"> <a href="#" title="Click to see Detail" class="d"> <?=$row["First_name"]?> <?=$row["Name"]?> <?=$row["Lastname"]?> </a> </font></div> <div align="center"><font color="#003366" size="2" face="Tahoma"> </font></div></td> <td bordercolor="#EEEEEE" ><font color="#990099" size="2" face="Tahoma"> <a href="../Scholarship/ActivityDetail.php?code=<?=$row["code"]?>" title="Click to see Detail" class="d"> </a></font><font color="#003300" size="2" face="Tahoma"> Í. <?php $Teacher_code = $row[Teacher_code]; $sql3= "Select * From personal_tb Where Teacher_code='$Teacher_code'"; $result3 = mysql_query($sql3) or die("Error Select".mysql_query()); $rs3 = mysql_fetch_array($result3); echo"$rs3[Teacher_name] $rs3[Teacher_lastname]"; ?> </font><font color="#990099" size="2" face="Tahoma"><a href="../Scholarship/ActivityDetail.php?code=<?=$row["code"]?>" title="Click to see Detail" class="d"> </a></font> <div align="right"><font color="#003366" size="2" face="Tahoma"> </font></div></td> <td bordercolor="#EEEEEE" > <div align="center"> <script language="JavaScript"> function Conf<?=$row[Student_id];?>0(object) { if (confirm("¤Ø³µéͧ¡ÒÃź¢éÍÁÙÅ [<?php echo " $row[Student_id] $row[Name] $row[Lastname]"; ?>] ËÃ×ÍäÁè?") == true) { return true; } return false; } </script> <a href="DelStd2.php?Student_id=<?php echo $row[Student_id]; ?>"> <img src="../Image/del.gif" alt=" Delete " width="11" height="12" border="0" onClick="return Conf<?=$row[Student_id];?>0(this)"></a> </div></td> </tr> <? $count=1; } else { ?> <tr bgcolor="#FFFEF4" onMouseOver="this.style.backgroundColor='#D8F8FA'" onMouseOut="this.style.backgroundColor='#FFFEF4'"> <td align="center" bordercolor="#EEEEEE" > <input type="checkbox" name="checkbox[]2" value="<? echo $row[Student_id]?>"></td> <td align="center" bordercolor="#EEEEEE" ><font color="#003366" size="2" face="Tahoma"> <?=$i?> </font></td> <td align="center" bordercolor="#EEEEEE" > <div align="left"><font color="#000000" size="2" face="Tahoma"> <?php $Course_code = $row["Course_code"]; $sql2= "Select * From course_tb Where Course_code='$Course_code'"; $result2 = mysql_query($sql2) or die("Error Select".mysql_query()); $rs2 = mysql_fetch_array($result2); echo"$rs2[Short_Thai]"; ?> </font></div></td> <td align="center" bordercolor="#EEEEEE" ><font color="#000000" size="2" face="Tahoma"> <?=$row["Class"]?> </font></td> <td align="center" bordercolor="#EEEEEE" ><font color="#000000" size="2" face="Tahoma"> <?=$row["Orderlist"]?> </font></td> <td align="center" bordercolor="#EEEEEE" ><font color="#003333" size="2" face="Tahoma"> <?=$row["Student_id"]?> </font></td> <td height="18" align="center" bordercolor="#EEEEEE" > <div align="left"><font color="#990099" size="2" face="Tahoma"> <a href="#" title="Click to see Detail" class="d"> <?=$row["First_name"]?> <?=$row["Name"]?> <?=$row["Lastname"]?> </a> </font></div> <div align="center"><font color="#003366" size="2" face="Tahoma"> </font></div></td> <td bordercolor="#EEEEEE" ><font color="#990099" size="2" face="Tahoma"><a href="../Scholarship/ActivityDetail.php?code=<?=$row["code"]?>" title="Click to see Detail" class="d"> </a></font><font color="#003300" size="2" face="Tahoma"> Í. <?php $Teacher_code = $row[Teacher_code]; $sql3= "Select * From personal_tb Where Teacher_code='$Teacher_code'"; $result3 = mysql_query($sql3) or die("Error Select".mysql_query()); $rs3 = mysql_fetch_array($result3); echo"$rs3[Teacher_name] $rs3[Teacher_lastname]"; ?> </font><font color="#990099" size="2" face="Tahoma"><a href="../Scholarship/ActivityDetail.php?code=<?=$row["code"]?>" title="Click to see Detail" class="d"> </a></font> <div align="right"><font color="#003366" size="2" face="Tahoma"> </font></div></td> <td bordercolor="#EEEEEE" > <div align="center"> <script language="JavaScript"> function Conf<?=$row[Student_id];?>0(object) { if (confirm("¤Ø³µéͧ¡ÒÃź¢éÍÁÙÅ [<?php echo " $row[Student_id] $row[Name] $row[Lastname]"; ?>] ËÃ×ÍäÁè?") == true) { return true; } return false; } </script> <a href="DelStd2.php?Student_id=<?php echo $row[Student_id]; ?>"> </a><a href="DelStd2.php?Student_id=<?php echo $row[Student_id]; ?>"><img src="../Image/del.gif" alt=" Delete " width="11" height="12" border="0" onClick="return Conf<?=$row[Student_id];?>0(this)"></a> </div></td> </tr> <? $count=0; } $i++; } CloseDB(); ?> <tr bgcolor="#EEEEEE"> <td colspan="9" align="center"><input type="hidden" name="Student_id" value="<? echo $row[Student_id]?>"> <input type="submit" name="Submit" value="Delete"></td> <tr bgcolor="#D5E6F7"> <td colspan="9" align="center"> <div align="center"><font color="#003366" size="2" face="Tahoma">·Ñé§ËÁ´</font><font color="#FFFFFF" size="2" face="Tahoma"> <? echo $num ?> <font color="#003366">ËÑÇ¢éÍ</font> </font> </div></td> </form> </table> <table width="100%" border="0" cellpadding="0" cellspacing="1" bordercolor="#99CCFF"> <tr> <td align="right" bordercolor="#CCCCCC" class="Tahoma11"> <div align="center"><font color="#FFFFFF"> <font color="#FFFFFF" size="3" face="MS Sans Serif"><strong> <font color="#0033CC" size="2" face="Tahoma"><?php echo $Num_Pages;?></font></strong></font><font size="2" face="Tahoma"><strong> </strong><font color="#000000">˹éÒ</font></font> <font color="#0033CC" size="2" face="Tahoma"> <strong> <?php if ($Pre_Page) echo"<a href=\"$PHP_SELF?Page=$Pre_Page\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b><< Previus</b> </font></a>"; for($i=1;$i<=$Num_Pages;$i++) { if($i != $Page) echo" [<a href=\"$PHP_SELF?Page=$i\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b>$i</b></font></a>] "; else echo"<b>$i</b>"; } if($Page != $Num_Pages) echo"<a href=\"$PHP_SELF?Page=$Next_Page\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b> Next >></b> </font></a>"; ?> </strong></font> </font> </div></td> </tr> </table> <p> </p> </html> <?php } else { echo"<body bgcolor=\"#CCCCCC\">"; echo"<meta http-equiv=\"refresh\" content=\"3;URL=../logout.php\" target=\"mainFrame\">\n"; echo"<center>"; echo"<br><br><br><b><font face=\"Tahoma\" size=\"4\" color=\"#FF0000\">Please Login</font> </b><br>"; echo"<br><br><font face=\"Tahoma\" size=\"10\" color=\"#000000\"> ERROR 404 PERMISION DENY</font><br>"; echo"<br><font face=\"Tahoma\" size=\"4\" color=\"#000000\"> ¤Ø³äÁèÁÕÊÔ·¸ìãªé§Ò¹</font>"; echo"</center>"; echo"</body>"; } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0057 ]-- |