Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/thaimed/ drwxr-xr-x | |
| Viewing file: Select action/file-type: <?php
session_start();
if (session_is_registered("valid_user"))
{
$Username = $valid_user;
include("../include/FunctionDB.php");
include("../include/Function.php");
include("admin_menu.php");
ConnectDB();
$strSQL = "SELECT * FROM personalMed Order by HN_code ";
//$strSQL = "SELECT * FROM accessories_tb Where Acc_type_code=00002";
if (! $Page)
$Page = 1;
$Pre_Page = $Page - 1;
$Next_Page = $Page +1;
$Per_Page = 25;
$result = mysql_query($strSQL);
$Page_start = ($Per_Page*$Page) - $Per_Page;
$Num_Rows = mysql_num_rows($result);
if( $Num_Rows <= $Per_Page)
$Num_Pages = 1;
else if (($Num_Rows % $Per_Page) == 0)
$Num_Pages = ($Num_Rows / $Per_Page);
else
$Num_Pages = ($Num_Rows / $Per_Page) + 1;
$Num_Pages = (int)$Num_Pages;
if (( $Page > $Num_Pages) || ($Page < 0))
echo"Page $Page More than $Num_Pages";
$strSQL .=" LIMIT $Page_start,$Per_Page" ;
$result = mysql_query($strSQL);
$num = mysql_num_rows($result );
?>
<meta http-equiv="Content-Type" content="text/html; charset=TIS-620">
<link href="../source/style.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
.style1 {font-size: 14px}
.style2 {color: #000000}
-->
</style>
<table width="834" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="818"><br>
<fieldset>
<legend><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="FrmThperson.php" >หน้าหลัก</a> <img src="../picture/ico3.gif" width="10" height="10" border="0" align="absmiddle">ข้อมูลคนประวัติไข้</font></legend>
<label><div align="center">
<form id="form1" name="form1" method="get" action="Serachperson.php">
<p align="left"><font size="2" face="Tahoma"><img src="../picture/previous.gif" onclick="window.history.back()" width="85" height="22" border="0" /></font></p>
<table width="88%" height="31" border="0" cellpadding="0" cellspacing="1" style="border:1px solid #CCCCFF">
<tr>
<td height="24" bgcolor="#ECF5FF"><div align="center"><span class="style1"><font face="Tahoma"> <strong>ชื่อที่ต้องการค้นหา</strong></font></span> <font size="2" face="Tahoma"> <img src="../picture/search.gif" width="15" height="19" align="absmiddle" border="0" />
<input name="keyword" type="text" style="background-color:#F0FFD2;" value="<? echo"$keyword"; ?>" size="30">
<strong>จาก</strong></font> <font size="2" face="Tahoma">
<select name="fields" style="background-color:#F0FFD2;" >
<option value="<? echo "$fields"; ?>">เลือกรายการ</option>
<option value="HN_code">เลขที่ HN</option>
<option value="Citizen_id">บัตรประชาชน</option>
<option value="Name">ชื่อ</option>
<option value="Lastname">นามสกุล</option>
<option value="Datetype">วันที่มาใช้บริการ</option>
</select>
<input type="submit" name="Submit" value="ค้นหา" />
</font></div></td>
</tr>
</table>
<table width="88%" border="0" cellpadding="0" cellspacing="0" bgcolor="#EEEEEE" style="border:0px solid gray">
<tr bgcolor="#EEEEEE">
<td width="27" align="center" bgcolor="#EEEEEE" style="border:1px solid gray"><span class="style1"><font color="#003366" face="Tahoma"> No.</font></span></td>
<td width="57" align="center" bgcolor="#EEEEEE" style="border:1px solid gray"><span class="style1"><font color="#000000" face="Tahoma">HN</font></span></td>
<td width="114" align="center" style="border:1px solid gray"><span class="style1"><font color="#000000" face="Tahoma">วันที่เข้ารักษา</font></span></td>
<td width="251" align="center" style="border:1px solid gray"><span class="style1"><font color="#000000" face="Tahoma">ชื่อ-นามสกุล</font></span></td>
<td width="224" align="center" style="border:1px solid gray"><span class="style10 style1"><font color="#000000" face="Tahoma">อยุรเวทผู้ตรวจ</font></span></td>
<td colspan="2" align="center" bgcolor="#EEEEEE" style="border:1px solid gray"><span class="style1"><font face="Tahoma">บันทึก</font></span></td>
</tr>
<?
$i = 1;
while($row = mysql_fetch_array($result))
{
if($count==0)
{
?>
<tr bordercolor="#EEEEEE" bgcolor="#FDFAEE" onmouseover="this.style.backgroundColor='#D8F8FA'" onmouseout="this.style.backgroundColor='#FDFAEE'" >
<td height="24" align="center" bgcolor="#ECF5FF" ><font color="#003366" size="2" face="Tahoma"> </font><strong><font color="#996600" size="1" face="Tahoma">
<?=$i?>
</font></strong><font color="#003366" size="2" face="Tahoma"> </font></td>
<td align="center" bgcolor="#ECF5FF" ><font color="#003333" size="2" face="Tahoma">
<?=$row["HN_code"]?>
</font></td>
<td align="center" bgcolor="#ECF5FF" ><font color="#003333" size="2" face="Tahoma"> </font><font color="#003366" size="2" face="Tahoma">
<?php
$sday = $row[Datetype];
$yearthai = explode("-",$sday);
$day = intval($yearthai[2]);
$month = intval($yearthai[1]);
$year = intval($yearthai[0]);
//////////////////
// $yearthai = $day ;
$m = getThaiSubMonth($month);
echo"$day"." "."$m"." "."$year";
?>
</font><font color="#003333" size="2" face="Tahoma"> </font></td>
<td align="center" bgcolor="#ECF5FF" ><div align="left"><font color="#990099" size="2" face="Tahoma"> <a href="Historydetail.php?Person_code=<?=$row["Person_code"]?>" title="Click to see Detail"> </a></font><font size="2" face="Tahoma"><font size="2" face="Tahoma">
<?php
$prefixId = $row["prefixId"];
$sql = "Select * From Prefix Where prefixId ='$prefixId' ";
$result1 = mysql_query($sql) or die("Error".mysql_error());
$rss = mysql_fetch_array($result1);
echo "$rss[prefixName] ";
?>
</font></font><font color="#990099" size="2" face="Tahoma"><a href="Historydetail.php?personId=<?=$row["personId"]?>" title="Click to see Detail" class="d"><?=$row["Name"]?>
<?=$row["Lastname"]?>
</a></font><font color="#003366" size="2" face="Tahoma"> </font></div></td>
<td align="center" bgcolor="#ECF5FF" ><div align="left">
<div align="left"><font size="2" face="Tahoma">
<?php
$Teacher_code = $row["Teacher_code"];
$sql = "Select * From personal_tb Where Teacher_code='$Teacher_code'";
$result1 = mysql_query($sql) or die("Error".mysql_error());
$rss = mysql_fetch_array($result1);
echo "$rss[First_name] $rss[Teacher_name] $rss[Teacher_lastname]";
?>
</font></font></font></span> </font></span></font> </div></td>
<td width="34" align="center" bgcolor="#ECF5FF" ><div align="center"><font size="2" face="Tahoma"><strong><a href="AddTeacperson.php?personId=<? echo $row[personId]?>" class="c" ><img src="../picture/addc.gif" width="21" height="22" border="0" alt="บันทึกการรักษา" /></a></strong></font></div></td>
<td width="25" align="center" bgcolor="#ECF5FF" ><div align="left"><font color="#003333" size="2" face="Tahoma"> </font><font size="2" face="Tahoma"><strong><a href="AddTeach.php?Person_code=<? echo $row[Person_code]?>" class="c" > </a><a href="AddTeacperson.php?personId=<? echo $row[personId]?>" class="c" ><img src="../picture/ass.gif" width="16" height="16" border="0" alt="บันทึกรายการรักษา" /></a></strong></font><font color="#003333" size="2" face="Tahoma"> </font></div></td>
</tr>
<?
$count=1;
}
else
{
?>
<tr bordercolor="#EEEEEE" bgcolor="#FFFEF4" onmouseover="this.style.backgroundColor='#D8F8FA'" onmouseout="this.style.backgroundColor='#FFFEF4'">
<td align="center" bordercolor="#EEEEEE" bgcolor="#FFFFFF" ><font color="#003366" size="2" face="Tahoma"> </font><strong><font color="#996600" size="1" face="Tahoma">
<?=$i?>
</font></strong><font color="#003366" size="2" face="Tahoma"> </font></td>
<td align="center" bordercolor="#EEEEEE" bgcolor="#FFFFFF" ><font color="#003333" size="2" face="Tahoma">
<?=$row["HN_code"]?>
</font></td>
<td align="center" bordercolor="#EEEEEE" bgcolor="#FFFFFF" ><font color="#003333" size="2" face="Tahoma"> </font><font color="#003366" size="2" face="Tahoma">
<?php
$sday = $row[Datetype];
$yearthai = explode("-",$sday);
$day = intval($yearthai[2]);
$month = intval($yearthai[1]);
$year = intval($yearthai[0]);
//////////////////
// $yearthai = $day ;
$m = getThaiSubMonth($month);
echo"$day"." "."$m"." "."$year";
?>
</font><font color="#003333" size="2" face="Tahoma"> </font></td>
<td align="center" bordercolor="#EEEEEE" bgcolor="#FFFFFF" ><div align="left"><font size="2" face="Tahoma"><font size="2" face="Tahoma">
<?php
$prefixId = $row["prefixId"];
$sql = "Select * From Prefix Where prefixId ='$prefixId' ";
$result1 = mysql_query($sql) or die("Error".mysql_error());
$rss = mysql_fetch_array($result1);
echo "$rss[prefixName] ";
?>
</font></font><font color="#990099" size="2" face="Tahoma"><a href="Historydetail.php?personId=<?=$row["personId"]?>" title="Click to see Detail" class="d"><?=$row["Name"]?>
<?=$row["Lastname"]?>
</a></font></div></td>
<td align="center" bordercolor="#EEEEEE" bgcolor="#FFFFFF" ><div align="left"><font size="2" face="Tahoma">
<?php
$Teacher_code = $row["Teacher_code"];
$sql = "Select * From personal_tb Where Teacher_code='$Teacher_code'";
$result1 = mysql_query($sql) or die("Error".mysql_error());
$rss = mysql_fetch_array($result1);
echo "$rss[First_name] $rss[Teacher_name] $rss[Teacher_lastname]";
?>
</font></font></font></span> </font></span></font> </div></td>
<td align="center" bordercolor="#EEEEEE" bgcolor="#FFFFFF" ><div align="center"><font size="2" face="Tahoma"><strong><a href="AddTeacperson.php?personId=<? echo $row[personId]?>" class="c" ><img src="../picture/addc.gif" width="21" height="22" border="0" alt="บันทึกการรักษา" /></a></strong></font></div></td>
<td align="center" bordercolor="#EEEEEE" bgcolor="#FFFFFF" ><div align="left"><font size="2" face="Tahoma"><strong></strong></font><font size="2" face="Tahoma"><strong><a href="AddTeacperson.php?personId=<? echo $row[personId]?>" class="c" ><img src="../picture/ass.gif" width="16" height="16" border="0" alt="บันทึกรายการรักษา" /></a></strong></font><font color="#003333" size="2" face="Tahoma"> </font></div></td>
</tr>
<?
$count=0;
}
$i++;
}
CloseDB();
?>
<tr bgcolor="#AFCFEF">
<td colspan="7" align="center" nowrap="nowrap" bgcolor="#FFFFFF"><div align="center"><span class="style2"><font size="2" face="Tahoma">ทั้งหมด <? echo $num ?> หัวข้อ </font> </span></div></td>
</tr>
</table>
<table width="88%" border="0" cellpadding="0" cellspacing="1" bordercolor="#99CCFF">
<tr>
<td align="right" bordercolor="#CCCCCC" class="Tahoma11"><div align="center"><font color="#FFFFFF"> <font color="#FFFFFF" size="3" face="MS Sans Serif"><strong> <font color="#000000" size="2" face="Tahoma"><?php echo $Num_Pages;?></font></strong></font><font color="#000000" size="2" face="Tahoma"><strong> </strong>หน้า</font> <font color="#000000" size="2" face="Tahoma"> <strong>
<?php
if ($Pre_Page)
echo"<a href=\"$PHP_SELF?Page=$Pre_Page\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b><< Previus</b> </font></a>";
for($i=1;$i<=$Num_Pages;$i++)
{
if($i != $Page)
echo" [<a href=\"$PHP_SELF?Page=$i\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b>$i</b></font></a>] ";
else
echo"<b>$i</b>";
}
if($Page != $Num_Pages)
echo"<a href=\"$PHP_SELF?Page=$Next_Page\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b> Next >></b> </font></a>";
?>
</strong></font> </font> </div></td>
</tr>
</table>
</form>
</div>
</fieldset>
<br>
<font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2"><b>หมายเหตุ :</b> ใช้เมาส์คลิกที่ชื่อ</font></td>
</tr>
</table>
<?php
}
else
{
echo"<meta http-equiv=\"refresh\" content=\"2;URL=../login.php\">\n";
echo"Please Login ";
}
?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0062 ]-- |