Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/teacher_aj_viratt/ drwxr-xr-x |
Viewing file: DetailFormA.php (16.53 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php //header('Content-type: application/ms-doc'); //header('Content-Disposition: attachment; filename="testing.doc"'); include("../include/FunctionDB.php"); include("../include/Function.php"); ConnectDB(); $Username = $valid_user; $sql = "SELECT * FROM personal_tb WHERE Teacher_code='$Teacher_code' "; $res = mysql_query($sql); $rs = mysql_fetch_array($res); $sql = "Select * From FormAoffice Where codeId='$codeId' and Teacher_code='$Teacher_code' and Training_code='$Training_code' "; $result = mysql_query($sql) or die(" Error").mysql_error(); $rss = mysql_fetch_array($result); $sql1 = "Select * From project_tb Where Teacher_code='$Teacher_code' and Training_code='$Training_code' "; $result1= mysql_query($sql1) or die(" Error").mysql_error(); $rs1= mysql_fetch_array($result1); ?> <meta http-equiv="Content-Type" content="text/html; charset=TIS-620"> <script language="JavaScript" src="../calendar/ew.js"></script> <script language="JavaScript" src="../calendar/popcalendar.js"></script> <script language="JavaScript" type="text/JavaScript"> function MM_reloadPage(init) { //reloads the window if Na v4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> } var highlightcolor="lightyellow" var ns6=document.getElementById&&!document.all var previous='' var eventobj //Regular expression to highlight only form elements var intended=/INPUT|TEXTAREA|SELECT|OPTION/ //Function to check whether element clicked is form element function checkel(which){ if (which.style&&intended.test(which.tagName)){ if (ns6&&eventobj.nodeType==3) eventobj=eventobj.parentNode.parentNode return true } else return false } </script> <script type="text/JavaScript"> <!-- function MM_openBrWindow(theURL,winName,features) { //v2.0 window.open(theURL,winName,features); } //--> </script> <style type="text/css"> <!-- .style1 { font-size: 14px; font-family: Tahoma; } .style2 { font-size: 14px; font-weight: bold; font-family: Tahoma; } .style5 {font-size: 14px; font-family: Tahoma; color: #FF0000; } .style7 {font-size: 14px} .style11 {font-size: 14px; color: #000000; } .style12 {color: #000000} --> </style> <table width="643" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td width="643"> <fieldset> <legend></legend> <div align="center"> <form id="pc" name="pc" method="post" action="InsertFormA.php"> <div align="left"> <table width="624" cellpadding="0" cellspacing="0"> <col width="88" /> <col width="79" /> <col width="85" /> <col width="56" /> <col width="64" /> <col width="185" /> <tr height="31"> <td height="31" width="118"></td> <td width="80"></td> <td colspan="3"><div align="center" class="style2"> <div align="left"> <p align="center"><strong>บันทึกข้อความ</strong></p> </div> </div></td> <td width="97"></td> </tr> <tr height="29"> <td height="29" colspan="6" l><div align="right"><font color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><span class="style7">ส่งออก <a href="mis120Word.php?Training_code=<? echo $rss[Training_code]?>&codeId=<? echo $rss[codeId] ?>&Teacher_code=<? echo $rss[Teacher_code] ?>"><img src="../picture/word-1.jpg" width="35" height="34" border="0" align="absmiddle" /></a></span></font></div></td> </tr> <tr height="29"> <td height="29" colspan="6" l> ส่วนราชการ วิทยาลัยการสาธารณสุขสิรินธร จังหวัดชลบุร ี</td> </tr> <td height="29" colspan="3" align="left"> ที่ สธ.0203.081/พิเศษ......... </td> <td height="29" align="left"> </td> <td height="29" colspan="2" align="left">วันที่<font color="#000000"> </font><font color="#003366" size="2" face="Tahoma"> <?php $sday = $rss[Date]; $yearthai = explode("-",$sday); $day = intval($yearthai[2]); $month = intval($yearthai[1]); $year = intval($yearthai[0]); ////////////////// // $yearthai = $day ; $m = getThaiSubMonth($month); echo"$day"." "."$m"." "."$year"; ?> </font></td> </tr> <tr height="29"> <td height="29" colspan="3" align="left">เรื่อง <font size="2" face="Tahoma"><? echo $rss[Detail]?></font></td> <td width="32"></td> <td width="182"></td> <td></td> </tr> <tr height="29"> <td height="29" colspan="5" align="left">เรียน ผู้อำนวยการวิทยาลัยการสาธารณสุขสิรินธรจังหวัดชลบุรี</td> <td></td> </tr> <tr height="29"> <td height="26"></td> <td colspan="5" align="left">ข้าพเจ้า....<font size="2" face="Tahoma"> <?php $Teacher_code = $rss["Teacher_code"]; $sql = "Select * From personal_tb Where Teacher_code ='$Teacher_code' "; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result1); echo "$rs2[First_name]$rs2[Teacher_name] $rs2[Teacher_lastname]"; ?> </font>.................................. ตำแหน่ง.......<font size="2" face="Tahoma"><? echo $rs2[Gover_pos]?>.....</font></td> </tr> <tr height="29"> <td height="29" colspan="6" align="left">สังกัด....<font size="2" face="Tahoma"> <?php $Faculty_code = $rs["Faculty_code"]; $sql = "Select * From faculty_tb Where Faculty_code='$Faculty_code'"; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result1); echo "$rs2[Faculty_name] "; ?> </font>........<span class="style1">วิทยาลัยการสาธารณสุขสิรินธร จังหวัดชลบุรี</span>.....<span class="style1">สถาบันพระบรมราชชนก</span></td> </tr> <tr height="29"> <td height="29" colspan="6" align="left">ขออนุมัติเดินทางไปราชการ เรื่อง <font color="#0000FF" size="2" face="Tahoma"> ... </font><font size="2" face="Tahoma"><? echo $rss[Training_name]?></font></td> </tr> <tr height="29"> <td height="29" colspan="6" align="left"><label>อ้างตามหนังสือราชการเลขที่</label> <font color="#0000FF" size="2" face="Tahoma">... </font><font size="2" face="Tahoma"><? echo $rss[No_in]?></font><font color="#0000FF" size="2" face="Tahoma">... </font> <font face="Tahoma"><span class="style7">เพื่อ...</span></font><font size="2" face="Tahoma"> <?php $Training_type = $rss["Training_type"]; $sql = "Select * From training_type_tb Where Training_type='$Training_type' "; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result1); echo "$rs2[Detail]"; ?> </font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>" onclick="MM_openBrWindow('../../Application Data/SSH/temp/bookCode.php?Teacher_code=<? echo $rss["Teacher_code"]?>','Detail','width=820,height=280,scrollbars=yes')"><a href="#" ></a></font></td> </tr> <tr> <td height="29" colspan="6" align="left">อ้างตามแผนดำเนินการ ข้อที่ <span class="style5">*</span> <font size="2" face="Tahoma"> <?php $ProjectId = $rss["ProjectId"]; $sql = "Select * From project_tb Where ProjectId='$ProjectId' "; $result2 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result2); echo "$rs2[Orderlist]"; ?> </font><font color="#0000FF" size="2" face="Tahoma"> .. </font><font size="2" face="Tahoma"> <?php echo "$rs2[Project_plan]"; ?> </font> <font face="Tahoma"><span class="style11">ปีงบประมาณ</span></font><font size="2" face="Tahoma"> <?php echo "$rs2[Budget_Year]"; ?> </font><font face="Tahoma"><span class="style11"> จำนวนเงิน </span></font><font color="#0000FF" size="2" face="Tahoma"><span class="style5">*</span></font><font size="2" face="Tahoma"> <?php echo "$rs1[Budget_use]"; ?> </font><span class="style12"><font face="Tahoma"><span class="style7"> บาท</span></font></span></td> </tr> <td height="29" colspan="6" align="left">ตั้งแต่วันที่<font color="#000000">.....</font>.<font color="#003366" size="2" face="Tahoma"> <?php $sday = $rss[Date_start]; $yearthai = explode("-",$sday); $day = intval($yearthai[2]); $month = intval($yearthai[1]); $year = intval($yearthai[0]); ////////////////// // $yearthai = $day ; $m = getThaiSubMonth($month); echo"$day"." "."$m"." "."$year"; ?> </font>........................ถึงวันที่<font color="#000000"> </font>.. <font color="#003366" size="2" face="Tahoma"> <?php $sday = $rss[Date_finish]; $yearthai = explode("-",$sday); $day = intval($yearthai[2]); $month = intval($yearthai[1]); $year = intval($yearthai[0]); ////////////////// // $yearthai = $day ; $m = getThaiSubMonth($month); echo"$day"." "."$m"." "."$year"; ?> </font><font color="#003366" face="Tahoma"> <span class="style7">......... </span></font> <span class="style7"><font color="#000000" face="Tahoma"> </font></span>มีกำหนด<font size="2" face="Tahoma"> . <? echo $rss[Day]?></font><font color="#0000FF" size="2" face="Tahoma"> </font>.วัน</td> </tr> <tr height="31"> <td height="31" colspan="2"><span class="style1">ปีงบประมาณ<span class="style5">* <font size="2" face="Tahoma"><? echo $rss[Year_std]?></font></span></span></td> <td width="113"> </td> <td colspan="3" align="left"> </td> </tr> <tr height="29"> <td height="29" colspan="3" align="left"> </td> <td></td> <td></td> <td></td> </tr> <tr height="29"> <td height="29" colspan="3" align="left"> </td> <td></td> <td></td> <td></td> </tr> <tr height="31"> <td height="31" colspan="2" align="left"> </td> <td> </td> <td colspan="2">ลงชื่อ .................................................</td> <td></td> </tr> <tr height="29"> <td height="29"> </td> <td> </td> <td> </td> <td colspan="2"><div align="center"><font size="2" face="Tahoma"> <?php $Teacher_code = $rss["Teacher_code"]; $sql = "Select * From personal_tb Where Teacher_code ='$Teacher_code' "; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result1); echo "$rs2[First_name]$rs2[Teacher_name] $rs2[Teacher_lastname]"; ?> </font></div></td> <td></td> </tr> <tr height="29"> <td height="29" colspan="3" align="left"> </td> <td colspan="2"><div align="left"><font face="Tahoma"><span class="style7">ตำแหน่ง</span></font><font size="2" face="Tahoma"> <? echo $rs2[Gover_pos]?></font></div></td> <td></td> </tr> <tr height="29"> <td height="29" colspan="2" align="left"><label> <input name="Flag1" type="checkbox" id="Flag1" <?php if (!(strcmp("$rss[Flag1]","1"))) {echo "checked";} ?> value="1" disabled="disabled" /> อนุญาต <input name="Flag1" type="checkbox" id="Flag1" <?php if (!(strcmp("$rss[Flag1]","2"))) {echo "checked";} ?> value="2" disabled="disabled"/> ไม่อนุญาต</label></td> <td align="left"> </td> <td colspan="3" align="left"> </td> </tr> <tr height="29"> <td height="29" colspan="3" align="left">ลงชื่อ.............................................หัวหน้าภาค/ฝ่าย.</td> <td colspan="3" align="left"> </td> </tr> <tr height="29"> <td height="29" colspan="2" align="left"><div align="center"><font size="2" face="Tahoma"> <?php $sql = "Select * From personal_tb Where Faculty_code ='$Faculty_code' and TeacherId='1' "; $result1 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result1); echo "$rs2[First_name]$rs2[Teacher_name] $rs2[Teacher_lastname]"; ?> </font></div></td> <td align="left"> </td> <td align="left"><div align="center">คำสั่ง</div></td> <td align="left"> </td> <td align="left"> </td> </tr> <tr height="29"> <td height="29" colspan="2" align="left"><div align="left"><font face="Tahoma"><span class="style7">ตำแหน่ง</span></font><font size="2" face="Tahoma"> <? echo $rs2[Gover_pos]?></font></div></td> <td align="left"> </td> <td align="left"> </td> <td align="left"><label> <input name="Flag2" type="checkbox" id="Flag2" <?php if (!(strcmp("$rss[Flag2]","1"))) {echo "checked";} ?> value="1" disabled="disabled"/> </label> อนมัติ <input name="Flag2" type="checkbox" id="Flag2" <?php if (!(strcmp("$rss[Flag2]","2"))) {echo "checked";} ?> value="2" disabled="disabled" /> ไม่อนุมัติ</td> <td align="left"> </td> </tr> <tr height="29"> <td height="29" colspan="2" align="left"> </td> <td align="left"> </td> <td colspan="2" align="left"> ลงชื่อ......................................... ..</td> <td align="left"> </td> </tr> <tr height="29"> <td height="28" colspan="2" align="left"> </td> <td align="left"> </td> <td colspan="2" align="left">ตำแหน่ง. .....................................</td> <td align="left"> </td> </tr> <tr height="29"> <td height="29" colspan="2" align="left"> </td> <td align="left"> </td> <td colspan="2" align="left"> วันที่..........เดือน......................พ.ศ.......... </td> <td align="left"> </td> </tr> </table> <label></label> </form> </div> </label> <div align="center"> <input type="button" name="close2" value="ปิดหน้าต่าง" onclick="window.close()" /> <input name="button" type="button" id="button" onclick="window.print()" value=" พิมพ์เอกสาร" /> </div> <div align="center"></div> </fieldset> <font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2"><br> </font></td> </tr> </table> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0055 ]-- |