110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/teacher_aj_viratt/edu_product/ drwxr-xr-x Free 52.41 GB of 127.8 GB (41%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

<?php

 session_start();

 if (session_is_registered("valid_user"))

 {

$Username = $valid_user;

include("../../include/FunctionDB.php");

ConnectDB();

$sql = "SELECT * FROM personal_tb WHERE Teacher_code='$Teacher_code'";

$result = mysql_query($sql) or die("Error $sql $result".mysql_error()) ;

$rs = mysql_fetch_array($result);

$Teacher_code = $rs["Teacher_code"];

$strSQL = "SELECT * FROM edu_product_tb as p,personal_tb as t  Where p.Teacher_code= '$Teacher_code' and t.Teacher_code='$Teacher_code'";

if (! $Page)

$Page = 1;

$Pre_Page = $Page - 1;

$Next_Page = $Page +1;

$Per_Page = 10;

$result1 = mysql_query($strSQL) or die("Error $sql $result1".mysql_error()) ;

$Page_start = ($Per_Page*$Page) - $Per_Page;

$Num_Rows = mysql_num_rows($result1);

if( $Num_Rows <= $Per_Page)

   $Num_Pages = 1;

else if (($Num_Rows % $Per_Page) == 0)

       $Num_Pages = ($Num_Rows / $Per_Page);

else

        $Num_Pages = ($Num_Rows / $Per_Page) + 1;

$Num_Pages = (int)$Num_Pages;



if (( $Page > $Num_Pages) || ($Page < 0))

  echo"Page $Page More than $Num_Pages";

$strSQL .=" LIMIT $Page_start,$Per_Page" ;

$num = mysql_num_rows($result1 );

?> 

<html>

<head>

<title>Display Education Product List</title>

<link rel="stylesheet" href="../css/style1.css" type="text/css">

<meta http-equiv="Content-Type" content="text/html; charset=windows-874">

<link href="../../css/style1.css" rel="stylesheet" type="text/css">

</head>

<body bgcolor="#FFFFFF">

<table width="100%" border="0" cellspacing="0" cellpadding="0">

  <tr> 

    <td height="29" bgcolor="#0066CC"><div align="left"><img src="../../Image/Ponallogo.jpg" width="550" height="71"></div></td>

  </tr>

</table>

<table width="100%" border="0" cellspacing="0" cellpadding="0">

  <tr>

    <td>&nbsp;</td>

  </tr>

  <tr> 

    <td><table width="100%" border="0" align="center" cellpadding="0" cellspacing="1" bordercolor="#99CCFF">

        <tr> 

          <td width="20%" background="../../Image/bart1.jpg" class="table"> <div align="center"><strong><font size="2" face="Tahoma"><a href="../menu_teacher.php" class="d">ЎЕСєЛ№йТЛЕСЎ</a></font></strong></div></td>

          <td width="20%" background="../../Image/bart1.jpg" class="table"> <div align="center"><strong><font size="2" face="Tahoma"><a href="Add_edu_product.php?Teacher_code=<? echo $rs[Teacher_code]?>" class="d">аѕФиБ</a></font></strong></div></td>

          <td width="20%" background="../../Image/bart1.jpg" class="table"> <div align="center"><strong><font size="2" face="Tahoma"><a href="EditProductList.php?Teacher_code=<? echo  $rs[Teacher_code] ?>" class="d"> 

              бЎйдў</a></font></strong></div></td>

          <td width="20%" background="../../Image/bart1.jpg" class="table"> <div align="center"><strong><font size="2" face="Tahoma"><a href="../../logout.php" class="d">Logout</a></font></strong></div></td>

        </tr>

      </table> </td>

  </tr>

</table>

<table width="100%" border="0" cellspacing="0" cellpadding="0">

  <tr> 

    <td><div align="center"><font color="#003300" size="2" face="Tahoma">ўіР№Хй 

        ¤Ші</font> <font color="#993333" size="2" face="Tahoma"><strong><?php echo $rs["Teacher_name"]?>&nbsp; 

        <?php echo $rs["Teacher_lastname"]?> </strong></font><font color="#000000" size="2" face="Tahoma">ЎУЕС§гЄй§Т№ГРєє</font></div></td>

  </tr>

  <tr>

    <td>&nbsp;</td>

  </tr>

</table>

<table width="100%" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#EEEEEE" style="border:1px solid gray">

  <tr bgcolor="#D5F0F9"> 

    <td height="22" colspan="3"> 

      <div align="center"><font color="#000000" size="4" face="Tahoma"><strong>јЕ§Т№·Т§ЗФЄТЎТГ</strong></font></div></td>

  </tr>

  <tr bgcolor="#CCCCCC"> 

    <td width="32" align="center" bordercolor="#9999FF"><strong><font color="#000000" size="2" face="Tahoma">No.</font></strong></td>

    <td width="508" align="center" bordercolor="#9999FF"><strong><font color="#000000" size="2" face="Tahoma">ЄЧиНјЕ§Т№</font></strong></td>

    <td width="233" align="center" bordercolor="#9999FF"><font color="#000000" size="2" face="Tahoma"><b>»ГРаА·јЕ§Т№</b></font></td>

  </tr>

  <?php

$i = 1;

 while($row = mysql_fetch_array($result1))

 {



     if($count==0)

     {

?>

  <tr bgcolor="#F2F2F2" > 

    <td align=center ><strong><font color="#000000" size="2" face="Tahoma"> 

      <? 

     //(50*(currentpage-1))+i 

        $no = ($Per_Page * ( $Page -1))+$i ;

        echo $no;

        ?>

      </font></strong></td>

    <td align=center > 

      <div align="left"><font color="#003399" size="2" face="Tahoma"> 

      <a href="ProductDetail.php?Prod_code=<? echo $row[Prod_code]?>" class="d">

        <?=$row["Product_name"]?>

        </a>

        </font></div></td>

    <td> 

      <div align="center"><font color="#336600" size="2" face="Tahoma"> </font></div>

      <div align="center"><font color="#336600" size="2" face="Tahoma"> 

        <?php

         echo  $row["Product_type"];

          ?>

        </font></div></td>

  </tr>

  <?

    $count=1;

     }

else

{

?>

  <tr bgcolor="#FFFFFF"> 

    <td align="center" bordercolor="#FFFFFF" ><strong><font color="#000000" size="2" face="Tahoma"> 

      <? 

     //(50*(currentpage-1))+i 

        $no = ($Per_Page * ( $Page -1))+$i ;

        echo $no;

        ?>

      </font></strong></td>

    <td height="18" align="center" bordercolor="#FFFFFF" > 

      <div align="left"><font color="#003399" size="2" face="Tahoma"> <a href="ProductDetail.php?Prod_code=<? echo $row[Prod_code]?>" class="d"> 

        <?=$row["Product_name"]?>

        </a> </font></div></td>

    <td bordercolor="#FFFFFF"> 

      <div align="center"><font color="#336600" size="2" face="Tahoma"> </font></div>

      <div align="center"><font color="#336600" size="2" face="Tahoma"> 

        <?php

         echo  $row["Product_type"];

          ?>

        </font></div></td>

  </tr>

  <?

$count=0;

}

$i++;

 }    

CloseDB();

?>

  <tr bgcolor="#D5F0F9"> 

    <td colspan="3" align="center"> 

      <div align="center"><strong><font color="#000000" size="2" face="Tahoma">·Сй§ЛБґ 

        <? echo $num ?> ГТВЎТГ&nbsp;</font> </strong></div></td>

</table>



<table width="100%" border="0" cellpadding="0" cellspacing="0" bordercolor="#99CCFF">

  <tr>

    <td align="right" bordercolor="#CCCCCC" class="Tahoma11"> 

      <div align="center"><font color="#FFFFFF"> <font color="#FFFFFF" size="3" face="MS Sans Serif"><strong> 

        <font color="#000000" size="2" face="Tahoma"><?php echo $Num_Pages;?></font></strong></font><font color="#000000" size="2" face="Tahoma"><strong> 

        Л№йТ</strong></font> <font color="#000000" size="2" face="Tahoma"><strong> 

        <?php

if ($Pre_Page)

   echo"<a href=\"$PHP_SELF?Page=$Pre_Page\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b>&lt;&lt; Previus</b> </font></a>";



   for($i=1;$i<=$Num_Pages;$i++)

   {

    if($i != $Page)

         echo" [<a href=\"$PHP_SELF?Page=$i\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b>$i</b></font></a>] ";

    else

        echo"<b>$i</b>";

   }

if($Page != $Num_Pages)

 echo"<a href=\"$PHP_SELF?Page=$Next_Page\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b> Next &gt;&gt;</b> </font></a>";

 ?>

        </strong></font> </font> </div></td>

</tr>

</table>



<p>&nbsp;</p>

</html>

<?php 

    }

else

{

       echo"<meta http-equiv=\"refresh\" content=\"3;URL=FrmLogin.php\">\n";

       echo"Please Login ";

}

?>
:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:
:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/
:: Command execute ::
Enter:	Select: