Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/thaimed/ drwxr-xr-x |
Viewing file: InsertMassege.php (5.8 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php session_start(); if (session_is_registered("valid_user")) { include("../include/FunctionDB.php"); include("../include/Function.php"); ConnectDB(); $Flag = true; $Dental_code = htmlspecialchars(trim($_POST[Dental_code])); $Orderlist = htmlspecialchars(trim($_POST[Orderlist])); $First_name = htmlspecialchars(trim($_POST[First_name])); $Name = htmlspecialchars(trim($_POST[Name])); $Lastname = htmlspecialchars(trim($_POST[Lastname])); $Name_eng = htmlspecialchars(trim($_POST[Name_eng])); $Lastname_eng = htmlspecialchars(trim($_POST[Lastname_eng])); $Address = htmlspecialchars(trim($_POST[Address])); $Sex = trim( $_POST[Sex]); $DateBirth = $_POST[mYear]."-".$_POST[mMonth]."-".$_POST[mDate]; $Datetype = $_POST[mYear1]."-".$_POST[mMonth1]."-".$_POST[mDate1]; $provinId = htmlspecialchars(trim($_POST[provinId])); $Phone_1 = htmlspecialchars(trim($_POST[Phone_1])); $Phone_2= htmlspecialchars(trim($_POST[Phone_2])); $Email = htmlspecialchars(trim($_POST[Email])); $StatusId = htmlspecialchars(trim($_POST[StatusId])); $Description_1= htmlspecialchars(trim($_POST[Description_1])); $Description_2= htmlspecialchars(trim($_POST[Description_2])); $Year_1 = htmlspecialchars(trim($_POST[Year_1])); ////////////////////////// check First name if ($First_name =="") { $msg .="<li>กรุณาระบุ คำนำหน้า"; $button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; $Flag = false; } ///////////////////// check name if ($Name =="") { $msg .="<li>กรุณาระบุ ชื่อ"; $button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; $Flag = false; } /////////////////// Check Lastname if ($Lastname =="") { $msg .="<li>กรุณาระบุ นามสกุล"; $button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; $Flag = false; } ////////////////////////// check First name if ($Sex =="") { $msg .="<li>กรุณาระบุ เพศ"; $button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; $Flag = false; } //////////////////////// /*if ( ! CheckLenght($Student_id,7)) { $msg .= "<li>รหัสนักศึกษาต้องมีตั้งแต่ 7 หลัก"; $button = "<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold; color:#FFF; background-color:#036; border-style:outset; border-color:#69F; font-family: Tahoma;\">"; $Flag = false; }*/ /////////////////////// Check Address if ($Address=="") { $msg .="<li>กรุณาระบุ ภูมิลำเนา"; $button ="<input type=\"button\" value=\"กลับไปแก้ไข\" onclick=\"history.back();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; $Flag = false; } ///////////////////////// Check Status to Insert Data ///////////////////////////// if( $Flag) { $Path = "../images"; if ( isset($Img1) ) if (copy($Img1,"$Path/$Img1_name")) { unlink ($Img1); $Img1 = "$Path/$Img1_name"; } else echo"Can't Copy"; InsertMassege($Orderlist,$Dental_code,$First_name,$Name,$Lastname,$Name_eng,$Lastname_eng,$Sex,$DateBirth,$Datetype,$Religion,$Address,$Img1,$provinceId,$Phone_1,$Phone_2,$StatusId,$Email,$Description_1,$Description_2,$Year_1,$Flag) ; $msg.="<li>$Dentis_id<b>$Name $Lastname</b>"; $msg.="<li>ระบบจัดเก็บข้อมูลเรียบร้อยแล้ว"; $button = "<input type=\"reset\" value=\"Close Windows\" onclick=\"javascript:parent.close();\" style=\"font-weight:bold;color:#FFF;background-color:#036;border-style:outset;border-color:#69F;font-family:Tohoma;\">"; echo"<meta http-equiv=\"refresh\" content=\"1;URL=massegeList.php\">\n"; } CloseDB(); ?> <html> <head> <title>Student</title> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> <link rel="stylesheet" href="/css/style1.css" type="text/css"> </head> <body bgcolor="#FFFFFF" leftmargin="0" topmargin="0"marginwidth="0"marginheight="0"> <form> <br> <table width="70%" border="0" cellspacing="0"cellpadding="2"align="center"> <tr> <td><div align="center"></div></td> </tr> <tr> <td> <table width="100%" border="0" cellspacing="1"cellpadding="0"align="center" class="table"> <tr> <td bgcolor="#AFCFEF"><b><font color="#003333" size="3" face="Tahoma">ระบบแจ้งการทำงาน</font></b></td> </tr> <tr> <td bgcolor="#000000"> <table width="90%" border="0" cellspacing="0"cellpadding="2"align="center"> <tr> <td><span><b><font color="#FFFFFF"><?php echo $msg;?></font></b></span></td> </tr> </table> </td> </tr> <tr> <td bgcolor="#AFCFEF"> <div align="center"><b><font color="#CCFF00"><?php echo $button;?> <font size="2" face="Tahoma"></font></font></b></div></td> </tr> </table> </td> </tr> </table> <br> </form> </body> </html> <?php } else { echo"<body bgcolor=\"#CCCCCC\">"; echo"<meta http-equiv=\"refresh\" content=\"3;URL=../logout.php\" target=\"mainFrame\">\n"; echo"<center>"; echo"<br><br><br><b><font face=\"Tahoma\" size=\"4\" color=\"#FF0000\">Please Login</font> </b><br>"; echo"<br><br><font face=\"Tahoma\" size=\"10\" color=\"#000000\"> ERROR 404 PERMISION DENY</font><br>"; echo"<br><font face=\"Tahoma\" size=\"4\" color=\"#000000\"> คุณไม่มสิทธ์ใช้งาน</font>"; echo"</center>"; echo"</body>"; } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0062 ]-- |