Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/admin/ drwxr-xr-x |
Viewing file: AllUserList.php (14.21 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php session_start(); if (session_is_registered("valid_user")) { include("../include/FunctionDB.php"); include("../include/Function.php"); ConnectDB(); $sql11 = "Select * From user_tb "; $result11 = mysql_query($sql11) or die("Error".mysql_error()); $rss = mysql_fetch_array($result11); $strSQL = "SELECT * FROM personal_tb Where permision='2' "; if (! $Page) $Page = 1; $Pre_Page = $Page - 1; $Next_Page = $Page +1; $Per_Page =50; $result = mysql_query($strSQL); $Page_start = ($Per_Page*$Page) - $Per_Page; $Num_Rows = mysql_num_rows($result); if( $Num_Rows <= $Per_Page) $Num_Pages = 1; else if (($Num_Rows % $Per_Page) == 0) $Num_Pages = ($Num_Rows / $Per_Page); else $Num_Pages = ($Num_Rows / $Per_Page) + 1; $Num_Pages = (int)$Num_Pages; if (( $Page > $Num_Pages) || ($Page < 0)) echo"Page $Page More than $Num_Pages"; $strSQL .=" LIMIT $Page_start,$Per_Page" ; $result = mysql_query($strSQL); /////////////////////////////////////////////////////////////////////////////////// $num = mysql_num_rows( $result ); //$count = 0; ?> <html> <head> <title>Information List</title> <link rel="stylesheet" href="../css/style1.css" type="text/css"> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> <script language="JavaScript" > function MM_openBrWindow(theURL,winName,features) { //v2.0 window.open(theURL,winName,features); } //--> </script> </head> <body bgcolor="#FFFFFF"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="1" bordercolor="#999999"> <tr> <td width="20%" height="21" background="../../Image/bard2.jpg" class="table"> <div align="center"><strong><font size="2" face="Tahoma"><a href="../adminmenu.php" class="d">กลับหน้าหลัก</a></font></strong></div></td> <td width="20%" background="../../Image/bard2.jpg" class="table"> <div align="center"><strong><font size="2" face="Tahoma"><a href="../../logout.php" class="d">Logout</a></font></strong></div></td> </tr> </table></td> </tr> </table> <form name="form1" method="post" action="Deluser.php"> <table width="100%" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#EEEEEE" style="border:1px solid gray"> <tr bordercolor="#003366" bgcolor="#ABE4AF"> <td colspan="9" align="center"><font color="#000000" size="4" face="Tahoma"><strong>รายชื่อผู้ใช้ทั้งหมด</strong></font></td> </tr> <tr bordercolor="#003366" bgcolor="#E2F5E3"> <td width="20" align="center"><font color="#FF0000" size="2" face="Tahoma"><strong>ลบ</strong></font></td> <td width="21" align="center"><font color="#003366" size="2" face="Tahoma"><b>No.</b></font></td> <td width="263" align="center"><font color="#003366" size="2" face="Tahoma"><strong>ชื่อ - นามสกุล</strong></font></td> <td width="153" align="center"><font color="#003366" size="2" face="Tahoma"><b>username</b></font></td> <td colspan="2" align="center" bgcolor="#E2F5E3"><font color="#003366" size="2" face="Tahoma"><b>password</b></font></td> <td width="202" align="center"><font color="#003366" size="2" face="Tahoma"><strong>Priority</strong></font></td> <td width="129" align="center"><font color="#003366" size="2" face="Tahoma"><strong>สถานะการเข้าใช้ระบบ</strong></font></td> <td width="46" align="center"><font color="#FF0000" size="2" face="Tahoma"><strong>ลบ</strong></font></td> </tr> <?php $i = 1; while($row = mysql_fetch_array($result)) { if($count==0) { ?> <tr bgcolor="#F7F7F7" > <td align=center bordercolor="#D1D1D1" > <div align="center"> <input name="checkbox[]" type="checkbox" id="checkbox[]" value="<? echo $row[studentId]?>"> </div></td> <td align=center bordercolor="#D1D1D1" ><strong><font color="#003300" size="2" face="Tahoma"> <?=$i?> </font></strong></td> <td align=center bordercolor="#DFDFDF" > <div align="left"> <?php $Flag = $row["Flag_del"]; if ($Flag == "1") { echo"<font color=\"#FF0000\" size=\"2\" face=\"Tahoma\">"; echo"$row[First_name] $row[studentName] $row[studentLastname]"; echo"</font>"; } else { echo"<font color=\"#003300\" size=\"2\" face=\"Tahoma\">"; echo"$row[student_code] $row[studentName] $row[studentLastname]"; echo"</font>"; } ?></font> </div></td> <td align=center bordercolor="#DFDFDF" > <div align="left"><font color="#003300" size="2" face="Tahoma"> <? echo"$row[Username]";?> </font></div></td> <td width="112" bordercolor="#DFDFDF"> <div align="center" onClick="MM_openBrWindow('FrmEditPwd.php?studentId=<? echo $row[studentId]?>&Username=<? echo $row[Username]?>','Detail','width=400,height=150')"><a href="#"><img src="../../picture/edit.gif" width="15" height="12" border="0" align="absmiddle"></a></div></td> <td width="45" bordercolor="#DFDFDF"> <div align="left"><font color="#000000" size="2" face="Tahoma"> <?php $Teacher_code= $row["Teacher_code"]; $sql2 = "Select * From user_tb Where Teacher_code='$Teacher_code'"; $result2= mysql_query($sql2) or die("Error".mysql_error()); $rss2 = mysql_fetch_array($result2); echo "$rss2[PasswordR]"; ?> </font></div></td> <td bordercolor="#DFDFDF"> <div align="center"><font color="#000000" size="2" face="Tahoma"> <?php $Permision = $row["Permision"] ; $sql1 = "Select * From permission_tb Where permision='$Permision'"; $result1 = mysql_query($sql1) or die("Error".mysql_error()); $rss = mysql_fetch_array($result1); echo "$rss[description]"; ?> </font><font color="#003300" size="2" face="Tahoma"><? echo"$row[Flag_del]";?></font><font color="#000000" size="2" face="Tahoma"> </font></div></td> <td bordercolor="#DFDFDF"> <div align="center"> <font size="2" face="Tahoma"> <a href="UpdatePermit.php?Teacher_code=<? echo $row[Teacher_code]?>&&Flag=<? echo $rss2[Flag]?>" class="d" > <?php $Teacher_code = $row["Teacher_code"]; $str = "Select * From user_tb Where Teacher_code='$Teacher_code'"; $res_p = mysql_query($str) or die("Error".mysql_error()); $res1 = mysql_fetch_array($res_p); if (!(strcmp("$res1[Flag]","0"))) { echo"<img src=\"../Image/unlock.gif\" width=\"13\" height=\"11\" align=\"absmiddle\" border=\"0\"> <font face=\"Tahoma\" size=\"2\" color=\"#0000FF\">อนุญาต</font>"; } else if (!(strcmp("$res1[Flag]","1"))) { echo"<img src=\"../Image/unlock.gif\" width=\"13\" height=\"11\" align=\"absmiddle\" border=\"0\"><font face=\"Tahoma\" size=\"2\" color=\"#0000FF\">อนุญาต</font>"; } else if (!(strcmp("$res1[Flag]","2"))) { echo"<img src=\"../Image/lock.gif\" width=\"10\" height=\"10\" align=\"absmiddle\" border=\"0\">ไม่อนุญาต"; } ?> </a><a href="UpdatePermit.php?studentId=<? echo $row[studentId]?>&&Flag=<? echo $rss2[Flag]?>" class="d" ></a> </font></div></td> <td bordercolor="#DFDFDF"> <div align="center"> <script language="JavaScript"> function Conf<?=$row[studentId];?>0(object) { if (confirm("คุณต้องการลบข้อมูล [<?php echo " $row[studentId] $row[studentName] $row[studentLastname]"; ?>] หรือไม่?") == true) { return true; } return false; } </script> <a href="Deluser2.php?studentId=<?php echo $row[studentId]; ?>"> <img src="../../picture/deletenew.gif" alt=" Delete " width="16" height="19" border="0" onClick="return Conf<?=$row[studentId];?>0(this)"></a></div></td> </tr> <? $count=1; } else { ?> <tr bgcolor="#FFFFFF"> <td align="center" bordercolor="#D1D1D1" > <div align="center"> <input name="checkbox[]" type="checkbox" id="checkbox[]" value="<? echo $row[studentId]?>"> </div></td> <td align="center" bordercolor="#D1D1D1" ><strong><font color="#003300" size="2" face="Tahoma"> <?=$i?> </font></strong></td> <td align="center" bordercolor="#FFFFFF" > <div align="left"> <?php $Flag = $row[Flag_del]; if (Flag == "1") { echo"<font color=\"#FF0000\" size=\"2\" face=\"Tahoma\">"; echo"$row[student_code] $row[studentName] $row[studentLastname]"; echo"</font>"; } else { echo"<font color=\"#003300\" size=\"2\" face=\"Tahoma\">"; echo"$row[studentId] $row[studentName] $row[studentLastname]"; echo"</font>"; } ?> </div></td> <td height="18" align="center" bordercolor="#FFFFFF" > <div align="left"><font color="#003300" size="2" face="Tahoma"> <? echo"$row[Username]";?> </font></div></td> <td bordercolor="#FFFFFF" onClick="MM_openBrWindow('FrmEditPwd.php?studentId=<? echo $row[studentId]?>&Username=<? echo $row[Username]?>','Detail','width=400,height=150')"><div align="center" ><a href="#"><img src="../../picture/edit.gif" width="15" height="12" border="0" align="absmiddle"></a></div></td> <td bordercolor="#FFFFFF"> <div align="left"><font color="#000000" size="2" face="Tahoma"> <?php $Teacher_code= $row["Teacher_code"]; $sql2 = "Select * From user_tb Where Teacher_code='$Teacher_code'"; $result2= mysql_query($sql2) or die("Error".mysql_error()); $rss2 = mysql_fetch_array($result2); echo "$rss2[PasswordR]"; ?> </font></div></td> <td bordercolor="#FFFFFF"> <div align="center"><font color="#000000" size="2" face="Tahoma"> <?php $Permision = $row[Permision] ; $sql1 = "Select * From permission_tb Where permision='$Permision'"; $result1 = mysql_query($sql1) or die("Error".mysql_error()); $rss = mysql_fetch_array($result1); echo "$rss[description]"; ?> </font><font color="#003300" size="2" face="Tahoma"><? echo"$row[Flag_del]";?></font><font color="#000000" size="2" face="Tahoma"> </font></div></td> <td bordercolor="#FFFFFF"> <div align="center"> <font size="2" face="Tahoma"> <a href="UpdatePermit.php?Teacher_code=<? echo $row[Teacher_code]?>&&Flag=<? echo $rss2[Flag]?>" class="d" > <?php $Teacher_code = $row["Teacher_code"]; $str = "Select * From user_tb Where Teacher_code='$Teacher_code'"; $res_p = mysql_query($str) or die("Error".mysql_error()); $res1 = mysql_fetch_array($res_p); if (!(strcmp("$res1[Flag]","0"))) { echo"<img src=\"../Image/unlock.gif\" width=\"13\" height=\"11\" align=\"absmiddle\" border=\"0\"> <font face=\"Tahoma\" size=\"2\" color=\"#0000FF\">อนุญาต</font>"; } else if (!(strcmp("$res1[Flag]","1"))) { echo"<img src=\"../Image/unlock.gif\" width=\"13\" height=\"11\" align=\"absmiddle\" border=\"0\"><font face=\"Tahoma\" size=\"2\" color=\"#0000FF\">อนุญาต</font>"; } else if (!(strcmp("$res1[Flag]","2"))) { echo"<img src=\"../Image/lock.gif\" width=\"10\" height=\"10\" align=\"absmiddle\" border=\"0\">ไม่อนุญาต"; } ?> </a><a href="UpdatePermit.php?studentId=<? echo $row[studentId]?>&&Flag=<? echo $rss2[Flag]?>" class="d" ></a><a href="UpdatePermit.php?studentId=<? echo $row[studentId]?>&&Flag=<? echo $rss2[Flag]?>" class="d" ></a><a href="UpdatePermit.php?studentId=<? echo $row[studentId]?>&&Flag_del=<? echo $row[Flag_del]?>" class="d" > </a><a href="UpdatePermit.php?studentId=<? echo $row[studentId]?>" > </a> </font></div></td> <td bordercolor="#FFFFFF"> <div align="center"> <script language="JavaScript"> function Conf<?=$row[studentId];?>0(object) { if (confirm("คุณต้องการลบข้อมูล [<?php echo " $row[studentId] $row[studentName] $row[studentLastname]"; ?>] หรือไม่?") == true) { return true; } return false; } </script> <a href="Deluser2.php?studentId=<?php echo $row[studentId]; ?>"> <img src="../../picture/deletenew.gif" alt=" Delete " width="16" height="19" border="0" onClick="return Conf<?=$row[studentId];?>0(this)"></a></div></td> </tr> <? $count=0; } $i++; } CloseDB(); ?> <tr bgcolor="#E2F5E3"> <td colspan="9" align="center"> <input type="submit" name="Submit" value=" ลบ "></td> <tr bgcolor="#ABE4AF"> <td colspan="9" align="center"> <div align="center"><font color="#000000" size="2" face="Tahoma">ทั้งหมด</font><font color="#003399" size="2" face="Tahoma"> <? echo $num ?> </font><font color="#000000" size="2" face="Tahoma">รายการ </font> </div></td> </table> </form> <table width="100%" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#99CCFF"> <tr> <td align="right" class="Tahoma11"> <div align="center"><font color="#FFFFFF"> <font color="#FFFFFF" size="3" face="MS Sans Serif"><strong> <font color="#0033CC" size="2" face="Tahoma"> <?php echo $Num_Pages;?></font></strong></font><font color="#0033CC" size="2" face="Tahoma"><strong> หน้า</strong></font> <font color="#0033CC" size="2" face="Tahoma"><strong> <?php if ($Pre_Page) echo"<a href=\"$PHP_SELF?Page=$Pre_Page\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b><< Previus</b> </font></a>"; for($i=1;$i<=$Num_Pages;$i++) { if($i != $Page) echo" [<a href=\"$PHP_SELF?Page=$i\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b>$i</b></font></a>] "; else echo"<b>$i</b>"; } if($Page != $Num_Pages) echo"<a href=\"$PHP_SELF?Page=$Next_Page\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b> Next >></b> </font></a>"; ?> </strong></font> </font> </div></td> </tr> </table> <p align="left"><font color="#FF0000" size="2" face="Tahoma">ผู้ดูแลระบบมีสิทธิ์ในการลบรายชื่อในรายการได</font><font color="#FF0000">้</font></p> <p align="center"> </p> </body> </html> <?php } else { echo"<body bgcolor=\"#CCCCCC\">"; echo"<meta http-equiv=\"refresh\" content=\"3;URL=../logout.php\" target=\"mainFrame\">\n"; echo"<center>"; echo"<br><br><br><b><font face=\"Tahoma\" size=\"4\" color=\"#FF0000\">Please Login</font> </b><br>"; echo"<br><br><font face=\"Tahoma\" size=\"10\" color=\"#000000\"> ERROR 404 PERMISION DENY</font><br>"; echo"<br><font face=\"Tahoma\" size=\"4\" color=\"#000000\"> คุณไม่มีสิทธ์ใช้งาน</font>"; echo"</center>"; echo"</body>"; } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0058 ]-- |