!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/application/controllers/eregis-12022565/   drwxrwxrwx
Free 50.99 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     officer.php (30.04 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include('rg_controller.php');
class 
officer extends Rg_controller {
/*    function __construct() {
        parent::__construct();
    }
*/
    // ##### start prs

    
function showPrs() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_person','prs');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_config','cfg');

        
$qu_cfg $this->cfg->get_by_key();
        
$this->contents['qu_cfg'] = $qu_cfg;

        
// แสดงบุคลากรที่อยู่ปฏิบัติงาน กรณีมีระบบบุคลากร
        
$con_rs_prs = ($qu_cfg->row()->cfgCheckPP == 'Y') ? array('prsPsId'    => 1) : '';
        
$ord_rs_prs = array('fName'    => 'ASC',
            
'lName'     => 'ASC'
        
);
        
$this->contents['rs_prs'] = $this->prs->qryPrsJoinRG($con_rs_prs$ord_rs_prs);

        
$this->output($this->config->item("rg_folder")."v_showPerson");
    }

    function 
showDetailPrs() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_person','prs');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_persontype','pt');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_personstatus','ps');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_organization','org');

        
$prsId $this->input->post('prsId');

        
$con_qu_prs = array('prsId' => $prsId);
        
$qu_prs $this->prs->qryPrsJoinPPC($con_qu_prs);
        if (
$qu_prs->num_rows()) {
            
$row_prs $qu_prs->row();
            
$this->contents['qu_prs'] = $qu_prs;

            
$this->pt->ptId $row_prs->prsPtId;
            
$this->contents['qu_pt'] = $this->pt->get_by_key();

            
$this->ps->psId $row_prs->prsPsId;
            
$this->contents['qu_ps'] = $this->ps->get_by_key();

            
$this->org->orgId $row_prs->prsOrgId;
            
$qu_org $this->org->get_by_key();
            if (
$qu_org->num_rows()) {
                
$this->contents['qu_org'] = $qu_org;
            }
        }

        
$this->output_detail($this->config->item("rg_folder")."v_showDetailPrs");
    }

    function 
prs_input() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_config','cfg');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_person','prs');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_personstatus','ps');
        
$this->load->model($this->config->item("ppc_folder").'mo_prefix','pf');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_persontype','pt');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_instructortype','it');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_fstatusinps','fip');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_organization','org');

        
$tc $this->contents['tc'];
        
$personId = ($tc) ? $this->session->userdata('UsPsCode') : $this->input->post('personId');
        
$psoutId $this->input->post('psoutId');

        
$this->contents['tc'] = $tc;
        
$this->contents['qu_cfg'] = $this->cfg->get_by_key();

        if (
$psoutId || $personId) {
            if (
$psoutId) {
                
$con_qu_prs = array('psoutId' => $psoutId);
            } else {
                
$con_qu_prs = array('personId' => $personId);
            }
            
$qu_prs $this->prs->qryPrsJoinPPC($con_qu_prs);
            if (
$qu_prs->num_rows()) {
                
$row_prs $qu_prs->row();
                
$this->contents['qu_prs'] = $qu_prs;

                
$this->ps->psId $row_prs->prsPsId;
                
$this->contents['qu_ps'] = $this->ps->get_by_key();
            }
        }

        
$this->contents['rs_pf'] = $this->pf->get_options();

        
$ord_rs_pt = array('ptName'    => 'ASC');
        
$this->contents['rs_pt'] = $this->pt->get_options(''$ord_rs_pt);

        
$ord_rs_it = array('itName'    => 'ASC');
        
$this->contents['rs_it'] = $this->it->get_options(''$ord_rs_it);

        
$this->contents['rs_fip'] = $this->fip->get_optionsPs('');

        
$org_rs_org = array('orgName'    => 'ASC');
        
$this->contents['rs_org'] = $this->org->get_options(''$org_rs_org);

        
$this->output($this->config->item("rg_folder")."v_addPerson");
    }

    function 
tc_showTeacher () {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_person','prs');

        
$personId $this->session->userdata('UsPsCode');

        
$con_qu_prs = array('prsUsId'     => $personId);
        
$qu_prs $this->prs->qryPrs($con_qu_prs);
        if (
$qu_prs->num_rows()) {
            
$this->contents['tc'] = 'tc_';
            
$this->prs_input();
        } else {
            
$msg "ท่านไม่มีสิทธิ์ในเมนูนี้";
            
$this->session->set_flashdata('msg'$msg);
            
redirect($this->config->item("rg_folder")."msg/err_msg");
        }
    }

    function 
prs_insert_update() {
        
$this->load->library('form_validation');
        
$this->form_validation->set_error_delimiters('<div class="error">','</div>');
        
$this->form_validation->set_rules('personId'' ''trim|xss_clean');

        
$tc $this->input->post('tc');
        
$prsItId $this->input->post('prsItId');

        
$this->contents['tc'] = $tc;

        if (!
$tc && $this->input->post('cfgCheckPP') == 'N') {
            
$this->form_validation->set_rules('prefixId'' ''callback_checkselect');
            
$this->form_validation->set_rules('fName'' ''trim|required|xss_clean');
            
$this->form_validation->set_rules('lName'' ''trim|required|xss_clean');
            
$this->form_validation->set_rules('prsPsId'' ''trim|required|xss_clean');
            
$this->form_validation->set_rules('pic'' ''trim|xss_clean');

            if (
$prsItId == 1) {
                
$this->form_validation->set_rules('personCode'' ''trim|required|xss_clean');
            }
        }
        if ((
$this->input->post('cfgCheckPP') == 'N') && ($prsItId == 1)) {
            
$this->form_validation->set_rules('fName2'' ''trim|required|xss_clean');
            
$this->form_validation->set_rules('lName2'' ''trim|required|xss_clean');
            
$this->form_validation->set_rules('emailAddr'' ''trim|required|xss_clean|valid_email');
        }
        if (!
$tc) {
            
$this->form_validation->set_rules('prsPtId'' ''callback_checkselect');
            
$this->form_validation->set_rules('prsItId'' ''callback_checkselect');
            
$this->form_validation->set_rules('prsOrgId'' ''trim|xss_clean');
            
$this->form_validation->set_rules('prsDeptUDAuthority'' ''trim|xss_clean');
            
$this->form_validation->set_rules('prsPosition'' ''trim|xss_clean');
        }
        
$this->form_validation->set_rules('prsAddr'' ''trim|required|xss_clean');
        
$this->form_validation->set_rules('prsPhoneNo'' ''trim|required|xss_clean');
        
$this->form_validation->set_rules('prsRemark'' ''trim|xss_clean');

        
$config['upload_path'] = $this->config->item('rg_upload_pictureT');
        
$config['allowed_types'] = 'jpg';
        
$config['max_width'] = $this->config->item('rg_allowed_width');
        
$config['max_height'] = $this->config->item('rg_allowed_height');
        
$config['max_size'] = $this->config->item('rg_upload_size');
        
$this->load->library('upload');
        foreach(
$_FILES as $key => $value) {
            if(
$_FILES['pic']['name']!=""){
                if(
file_exists($this->config->item('rg_upload_pictureT').$this->input->post('personCode').".jpg")) {
                    
rename ($this->config->item('rg_upload_pictureT').$this->input->post('personCode').".jpg"$this->config->item('rg_upload_pictureT').$this->input->post('personCode')."_old.jpg");
                }

                
$config['file_name'] = $this->input->post('personCode');
                
$this->upload->initialize($config);
                if (
$this->upload->do_upload($key)){
                    if(
file_exists($this->config->item('rg_upload_pictureT').$this->input->post('personCode')."_old.jpg")) {
                        
unlink($this->config->item('rg_upload_pictureT').$this->input->post('personCode')."_old.jpg");
                    }

                    
$data = array('upload_data' => $this->upload->data());
                    
$path $data['upload_data']['file_name'];
                } else {
                    if(
file_exists($this->config->item('rg_upload_pictureT').$this->input->post('personCode')."_old.jpg")) {
                        
rename ($this->config->item('rg_upload_pictureT').$this->input->post('personCode')."_old.jpg"$this->config->item('rg_upload_pictureT').$this->input->post('personCode').".jpg");
                    }

                    
$error = array('error' => $this->upload->display_errors());
                    
$this->form_validation->set_rules('pic'trim($error['error']), 'callback_checkupload');
                }
            }
        }

        if (
$this->form_validation->run() == FALSE) {
            
$this->prs_input();
        } else {
            
$personId $this->input->post('personId');
            
$personCode $this->input->post('personCode');
            
$prsPsId $this->input->post('prsPsId') ? $this->input->post('prsPsId') : 1;
            
$pic $this->input->post('pic');
            
$psoutId $this->input->post('psoutId');
            
$prsId $this->input->post('prsId');
            
$prsAddr $this->input->post('prsAddr');
            
$prsPhoneNo $this->input->post('prsPhoneNo');
            
$prsDebtUDAuthority $this->input->post('prsDebtUDAuthority');
            
$prsOrgId $this->input->post('prsOrgId');

            if (
$this->input->post('cfgCheckPP') == 'N') {    // กรณีไม่มีระบบบุคลากร
                
$this->db->trans_begin();

                if (
$prsItId == 1) {
                    
$this->load->model($this->config->item("ppc_folder").'mo_person','ps');
                    
$this->load->model($this->config->item("ppc_folder").'mo_persont','pst');

                    
$this->ps->personId $personId;
                    
$this->ps->prefixId $this->input->post('prefixId');
                    
$this->ps->fName $this->input->post('fName');
                    
$this->ps->lName $this->input->post('lName');
                    
$this->ps->assignId 1;
                    
$this->ps->personCode $personCode;
                    
$this->ps->fStatus $prsPsId;

                    
$this->pst->personId $personId;
                    
$this->pst->get_by_key(TRUE);

                    
$this->pst->fName2 strtoupper($this->input->post('fName2'));
                    
$this->pst->lName2 strtoupper($this->input->post('lName2'));
                    
$this->pst->emailAddr $this->input->post('emailAddr');
                    
$this->pst->pic = isset($path) ? $path : ($this->pst->pic=="" 'photo.jpg' $this->pst->pic);

                    if (
$personId) {
                        if (!
$tc) {
                            
$this->ps->update2();
                        }
                        
$this->pst->update2();
                    } else {
                        
$this->ps->insert2();
                        
$personId $this->ps->last_insert_id();

                        
$this->pst->personId $personId;
                        
$this->pst->insert2();
                    }
                } else {
                    
$this->load->model($this->config->item("ppc_folder").'mo_personout','pso');

                    
$this->pso->psoutId $psoutId;
                    
$this->pso->outtypeId 3;
                    
$this->pso->address $prsAddr;
                    
$this->pso->prefixId $this->input->post('prefixId');
                    
$this->pso->workPhone $prsPhoneNo;
                    
$this->pso->fName $this->input->post('fName');
                    
$this->pso->lName $this->input->post('lName');

                    if (
$psoutId) {
                        
$this->pso->update2();
                    } else {
                        
$this->pso->insert2();
                        
$psoutId $this->pso->last_insert_id();
                    }
                }    
// end if prsItId
            
}

            
$this->load->model($this->config->item("rg_folder").'mo_rg_person','prs');

            
$con_qu_prs = array('prsOrgId'     => $prsOrgId,
                
'prsDebtUDAuthority'    => 'Y'
            
);
            
$qu_prs $this->prs->qryPrs($con_qu_prs);
            
$numRowAuthor $qu_prs->num_rows();

            
$this->prs->prsId $prsId;
            
$this->prs->get_by_key(TRUE);

            
$this->prs->prsAddr $prsAddr;
            
$this->prs->prsPhoneNo $prsPhoneNo;
            
$this->prs->prsRemark $this->input->post('prsRemark');
            
$this->prs->prsUsId = ($prsItId == 1) ? $personId $psoutId;
            if (!
$tc) {
                
$this->prs->prsDebtUDAuthority = ($prsOrgId && !$numRowAuthor && $prsDebtUDAuthority) ? $prsDebtUDAuthority 'N';
                
$this->prs->prsPosition $this->input->post('prsPosition');
                
$this->prs->prsPtId $this->input->post('prsPtId');
                
$this->prs->prsOrgId $prsOrgId $prsOrgId NULL;
                
$this->prs->prsItId $prsItId;
                
$this->prs->prsPsId $this->input->post('prsPsId');
            }

            if (
$prsId) {
                
$this->prs->update();
            }else{
                
$this->prs->insert();
            }

            if (
$this->db->trans_status() === FALSE) {
                
$this->db->trans_rollback();
            } else {
                
$this->db->trans_commit();
            }

            if (
$tc) {
                
redirect($this->config->item('rg_folder').'officer/tc_showTeacher');
            } else {
                
redirect($this->config->item('rg_folder').'officer/showPrs');
            }
        }
    }

    function 
prs_delete() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_config','cfg');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_person','prs');

        
$prsId $this->input->post('prsId');

        if (
$prsId) {
            
$qu_cfg $this->cfg->get_by_key();
            if (
$qu_cfg->num_rows()) {
                
$this->db->trans_begin();

                
$this->prs->prsId $prsId;
                
$this->prs->get_by_key(TRUE);
                
$this->prs->delete();

                if (
$qu_cfg->row()->cfgCheckPP == 'N') {
                    if (
$this->prs->prsItId == 1) {
                        
$this->load->model($this->config->item("ppc_folder").'mo_person','ps');
                        
$this->load->model($this->config->item("ppc_folder").'mo_persont','pst');

                        
$this->pst->personId $this->prs->prsUsId;
                        
$this->pst->delete();

                        
$this->ps->personId $this->prs->prsUsId;
                        
$this->ps->delete();
                    } else {
                        
$this->load->model($this->config->item("ppc_folder").'mo_personout','pso');

                        
$this->pso->psoutId $this->prs->prsUsId;
                        
$this->pso->delete();
                    }
                }

                if (
$this->db->trans_status() === FALSE) {
                    
$this->db->trans_rollback();
                } else {
                    
$this->db->trans_commit();
                }
            }
        }

        
redirect($this->config->item('rg_folder').'officer/showPrs');
    }



//    function studentTable(){
//        $this->load->model($this->config->item("rg_folder").'mo_rg_curriculum','cur');
//        $cur = $this->cur;
//        $con_rs_cur = array('curStatus'    => 'Y');
//        $ord_rs_cur = array('curId'        => 'curId');
//        $this->contents['rs_cur'] = $cur->get_options($con_rs_cur,$ord_rs_cur,'');
//
//        $prsId = $this->input->post('prsId');
//        $this->contents['prsId'] = $prsId;
//
//        $this->output_detail($this->config->item("rg_folder")."v_studentTable");
//    }

//    function studentTable_save(){
//        $prsId = $this->input->post('prsId');
//        $SyId = $this->input->post('SyId');
//        $curId = $this->input->post('curId');
//        $num_std = $this->input->post('num_std');
//        $ckb = $this->input->post('ckb');
//        
//        for($i=0;$i<$num_std;$i++){
//            if($ckb[$i] != ""){
//                echo ">>>".$ckb[$i]."<br>";
//            }
//        }
//
//        echo "<script>window.close()</script>";
//        
//        $this->output_detail($this->config->item("rg_folder")."v_studentTable");
//    }

//    function prs_print() {
//
//        $this->load->view($this->config->item("rg_folder")."v_printPerson", "");
//    }



    
function adv_show() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_termconfig','tmc');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_person','prs');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_adviser','adv');

        
$acY $this->input->post('acY') ? $this->input->post('acY') : $this->session->userdata('acY');

        
$this->contents['acY'] = $acY;

        
$this->contents['rs_tmc'] = $this->tmc->get_optionsGroupAcY();

        
$i 0;
        
$arr = array();
        
// แสดงบุคลากรที่อยู่ปฏิบัติงาน และเป็นอาจารย์ประจำ
        
$con_rs_prs = array('prsPsId'    => 1);
        
$ord_rs_prs = array('fName'    => 'ASC',
            
'lName'     => 'ASC'
        
);
        
$rs_prs $this->prs->qryPrsJoinPPC($con_rs_prs$ord_rs_prs);
        foreach (
$rs_prs->result() as $row_prs) {
            
$con_qu_prs = array('prsId'     => $row_prs->prsId);
            
$arr[$i]['qu_prs'] = $this->prs->qryPrsJoinPPC($con_qu_prs);

            
$con_qu_adv = array('advPrsId'     => $row_prs->prsId,
                
'advAcY'    => $acY,
                
'stdSstId'     => 1
            
);
            
$arr[$i]['cntStd'] = $this->adv->getCountStd($con_qu_adv);

            
$i++;
        }
        
$this->contents['rs'] = $arr;

        
$this->output($this->config->item("rg_folder")."v_showAdv");
    }

    function 
adv_detail() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_person','prs');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_adviser','adv');

        
$prsId $this->input->post('prsId');
        
$acY $this->input->post('acY');

        
$con_qu_prs = array('prsId' => $prsId);
        
$this->contents['qu_prs'] = $this->prs->qryPrsJoinPPC($con_qu_prs);

        
$con_rs_adv = array('advPrsId' => $prsId,
            
'advAcY'    => $acY
        
);
        
$ord_rs_adv = array('stdName'    => 'ASC',
            
'stdSurname'    => 'ASC'
        
);
        
$this->contents['rs_adv'] = $this->adv->qryAdvJoinStd($con_rs_adv$ord_rs_adv);

        
$this->output_detail($this->config->item("rg_folder")."v_showDetailAdv");
    }

    function 
adv_input() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_person','prs');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_curriculum','cur');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_studyyear','sy');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_student','std');

        
$prsId $this->input->post('prsId');
        
$acY $this->input->post('acY');
        
$curId $this->input->post('curId');
        
$syId $this->input->post('syId') ? $this->input->post('syId') : 1;

        
$this->contents['acY'] = $acY;
        
$this->contents['curId'] = $curId;
        
$this->contents['syId'] = $syId;

        
$con_qu_prs = array('prsId' => $prsId);
        
$this->contents['qu_prs'] = $this->prs->qryPrsJoinPPC($con_qu_prs);

        
$con_rs_cur = array('curStatus'    => 'Y');
        
$ord_rs_cur = array('curName'    => 'ASC');
        
$this->contents['rs_cur'] = $this->cur->get_options($con_rs_cur$ord_rs_cur);

        
$ord_rs_sy = array('syCode'    => 'ASC');
        
$this->contents['rs_sy'] = $this->sy->get_options(''$ord_rs_sy''1);

        
$con_rs_std = array('stdCurId'    => $curId,
            
'stdSyId'    => $syId,
            
'stdSstId' => 1
        
);
        
$ord_rs_std = array('stdCode'    => 'ASC',
            
'stdName'    => 'ASC',
            
'stdSurname'    => 'ASC'
        
);
        
$this->contents['rs_std'] = $this->std->qryStdJoinAdvByPrsIdAcY($prsId$acY$con_rs_std$ord_rs_std);

        
$this->output($this->config->item("rg_folder")."v_addAdv");
    }

    function 
adv_insert() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_adviser','adv');

        
$cnt $this->input->post('cnt');
        
$acY $this->input->post('acY');
        
$syId $this->input->post('syId');
        
$prsId $this->input->post('prsId');

        for (
$i 0$i $cnt$i++) {
            
$order $this->input->post('order'.$i);
            
$stdId $this->input->post('stdId'.$i);

            
$this->adv->advAcY $acY;
            
$this->adv->advStdId $stdId;
            
$this->adv->advSyId $syId;
            
$this->adv->advPrsId $prsId;
            
$this->adv->delete();

            if (
$order) {
                
$this->adv->insert();
            }
        }

        
$this->adv_input();
    }

//    function prs_popupPersoncenter() {
//        $this->load->model($this->config->item("ppc_folder").'mo_person','ps');
//        $ps = $this->ps;
//
//        $ps_con = array('ps.fRetire' => '0' , 'ps.fStatus' => '1');
//        $ps_or = array('personId' => 'ps.personId');
//        $this->contents['rs_ps'] = $ps->qryPsJoinPtJoinPf($ps_con, $ps_or, '');
//
//        $this->output_detail($this->config->item("rg_folder")."v_showPersonCenterTable");
//    }

    
function ctc_show() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_termconfig','tmc');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_studyyear','sy');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_curriculum','cur');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_classteacher','ctc');

        
$acY $this->input->post('acY') ? $this->input->post('acY') : $this->session->userdata('acY');

        
$this->contents['acY'] = $acY;

        
$this->contents['rs_tmc'] = $this->tmc->get_optionsGroupAcY();

        
$ord_rs_sy = array('syCode'    => 'ASC');
        
$rs_sy $this->sy->qrySy(''$ord_rs_sy);
        
$this->contents['rs_sy'] = $rs_sy;

        
$i 0;
        
$arr = array();
        
$con_rs_cur = array('curStatus'    => 'Y');
        
$ord_rs_cur = array('curName'    => 'ASC');
        
$rs_cur $this->cur->qryCur($con_rs_cur$ord_rs_cur);
        foreach (
$rs_cur->result() as $row_cur) {
            
$this->cur->curId $row_cur->curId;
            
$arr[$i]['qu_cur'] = $this->cur->get_by_key();

            foreach (
$rs_sy->result() as $row_sy) {
                
$con_qu_ctc = array('ctcCurId'     => $row_cur->curId,
                    
'ctcAcY'    => $acY,
                    
'ctcSyId'    => $row_sy->syId
                
);
                
$arr[$i][$row_sy->syId] = $this->ctc->getCountPrs($con_qu_ctc);
            }

            
$i++;
        }
        
$this->contents['rs'] = $arr;

        
$this->output($this->config->item("rg_folder")."v_showCtc");
    }

    function 
ctc_detail() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_curriculum','cur');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_studyyear','sy');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_classteacher','ctc');

        
$curId $this->input->post('curId');
        
$acY $this->input->post('acY');

        
$this->contents['acY'] = $acY;

        
$this->cur->curId $curId;
        
$this->contents['qu_cur'] = $this->cur->get_by_key();

        
$i 0;
        
$arr = array();
        
$rs_sy $this->sy->qrySy();
        foreach (
$rs_sy->result() as $row_sy) {
            
$arr[$i]['syName'] = $row_sy->syName;

            
$con_qu_ctc = array('ctcCurId'    => $curId,
                
'ctcAcY'    => $acY,
                
'ctcSyId'    => $row_sy->syId
            
);
            
$arr[$i]['qu_ctc'] = $this->ctc->qryCtcJoinPrs($con_qu_ctc);

            
$i++;
        }
        
$this->contents['rs'] = $arr;

        
$this->output_detail($this->config->item("rg_folder")."v_showDetailCtc");
    }

    function 
ctc_input() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_curriculum','cur');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_studyyear','sy');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_person','prs');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_classteacher','ctc');

        
$curId $this->input->post('curId');
        
$syId $this->input->post('syId');
        
$acY $this->input->post('acY');

        
$this->contents['acY'] = $acY;

        
$this->cur->curId $curId;
        
$this->contents['qu_cur'] = $this->cur->get_by_key();

        
$this->sy->syId $syId;
        
$this->contents['qu_sy'] = $this->sy->get_by_key();

        
$i 0;
        
$arr = array();
        
$con_rs_prs = array('prsPsId'    => 1);
        
$ord_rs_prs = array('fName'    => 'ASC',
            
'lName'     => 'ASC'
        
);
        
$rs_prs $this->prs->qryPrsJoinPPC($con_rs_prs$ord_rs_prs);
        foreach (
$rs_prs->result() as $row_prs) {
            
$chk '';
            
$dsb '';

            
$con_qu_ctc = array('ctcAcY'     => $acY,
                
'ctcPrsId'    => $row_prs->prsId
            
);
            
$qu_ctc $this->ctc->qryCtc($con_qu_ctc);
            if (
$qu_ctc->num_rows()) {
                
$arr[$i]['qu_ctc'] = $qu_ctc;
                
$row_ctc $qu_ctc->row();

                if ((
$row_ctc->ctcCurId == $curId) && ($row_ctc->ctcSyId == $syId)) {
                    
$chk 'checked';
                } else {
                    
$dsb 'disabled';
                }
            }
            
$arr[$i]['chk'] = $chk;
            
$arr[$i]['dsb'] = $dsb;

            
$con_rs_prs = array('prsId'    => $row_prs->prsId);
            
$arr[$i]['qu_prs'] = $this->prs->qryPrsJoinPPC($con_rs_prs);

            
$i++;
        }
        
$this->contents['rs'] = $arr;

        
$this->output($this->config->item("rg_folder")."v_addCtc");
    }

    function 
ctc_insert() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_classteacher','ctc');

        
$curId $this->input->post('curId');
        
$syId $this->input->post('syId');
        
$acY $this->input->post('acY');
        
$prsId $this->input->post('prsId');

        
$con_rs_ctc = array('ctcCurId'    => $curId,
            
'ctcAcY'    => $acY,
            
'ctcSyId'    => $syId
        
);
        
$rs_ctc $this->ctc->qryCtc($con_rs_ctc);
        foreach (
$rs_ctc->result() as $row_ctc) {
            
$this->ctc->ctcCurId $curId;
            
$this->ctc->ctcAcY $acY;
            
$this->ctc->ctcSyId $syId;
            
$this->ctc->ctcPrsId $row_ctc->ctcPrsId;
            
$this->ctc->delete();
        }

        for (
$i 0$i count($prsId); $i++) {
            
$this->ctc->ctcCurId $curId;
            
$this->ctc->ctcAcY $acY;
            
$this->ctc->ctcSyId $syId;
            
$this->ctc->ctcPrsId $prsId[$i];
            
$this->ctc->insert();
        }

        
$this->ctc_input();
    }
    
// ##### end prs

    // ##### start pd
    
function pd_input() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_person','prs');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_persondepartment','pd');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_department','dpt');

        
$character $this->input->post('character');

        
$this->contents['character'] = $character;
        
$this->contents['rs_character'] = thaiCharacter();

        
$arr = array();
        if (
$character) {
            
$i 0;
            
$con_rs_prs = array('prsPsId'    => 1,
                
'fName'    => '%'.$character.'%'
            
);
            
$ord_rs_prs = array('fName'    =>'ASC',
                
'lName'=>'ASC'
            
);
            
$rs_prs $this->prs->qryPrsJoinPPC($con_rs_prs$ord_rs_prs);
            foreach (
$rs_prs->result() as $row_prs) {
                
$con_rs_prs = array('prsId'    => $row_prs->prsId);
                
$arr[$i]['qu_prs'] = $this->prs->qryPrsJoinPPC($con_rs_prs);

                
$con_qu_pd = array('pdPrsId'    => $row_prs->prsId);
                
$maxSeq $this->pd->getMaxSeq($con_qu_pd);

                
$this->pd->pdPrsId $row_prs->prsId;
                
$this->pd->pdSeq $maxSeq;
                
$qu_pd $this->pd->get_by_key();
                if (
$qu_pd->num_rows()) {
                    
$arr[$i]['qu_pd'] = $qu_pd;
                }

                
$i++;
            }
        }
        
$this->contents['rs'] = $arr;

        
$con_rs_dpt = array('dptStatus'    => 'Y');
        
$ord_rs_dpt = array('dptName'    =>'ASC');
        
$this->contents['rs_dpt'] = $this->dpt->get_options($con_rs_dpt$ord_rs_dpt);

        
$this->output($this->config->item("rg_folder")."v_addPersonDepartment");
    }

    function 
showDetailPd () {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_person','prs');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_persondepartment','pd');

        
$prsId $this->input->post('prsId');

        
$con_qu_prs = array('prsId'     => $prsId);
        
$this->contents['qu_prs'] = $this->prs->qryPrsJoinPPC($con_qu_prs);

        
$con_rs_pd = array('pdPrsId'    => $prsId);
        
$ord_rs_pd = array('pdSeq'     => 'ASC');
        
$this->contents['rs_pd'] = $this->pd->qryPdJoinDpt($con_rs_pd$ord_rs_pd);

        
$this->output_detail($this->config->item("rg_folder")."v_showDetailPd");
    }

    function 
pd_insert_update() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_persondepartment','pd');

        
$pdPrsId $this->input->post('pdPrsId');
        
$pdSeq $this->input->post('pdSeq');
        
$pdDptId $this->input->post('pdDptId');
        
$pdIsBoss $this->input->post('pdIsBoss');
        
$yy $this->input->post('yy');
        
$mm $this->input->post('mm');
        
$dd $this->input->post('dd');

        for (
$i 0$i count($pdPrsId); $i++) {
            if(!isset(
$pdIsBoss[$i])){
                
$pdIsBoss[$i] = '';
            }
            if (
$pdPrsId[$i] && $pdDptId[$i]) {
                
$this->pd->pdPrsId $pdPrsId[$i];
                
$this->pd->pdSeq $pdSeq[$i];
                
$qu_pd $this->pd->get_by_key();
                
$res $qu_pd->num_rows();
                if (
$res) {
                    
$row_pd $qu_pd->row();
                }

                if (!
$pdSeq[$i] || ($pdSeq[$i] && $res && (($pdDptId[$i] != $row_pd->pdDptId) || (($pdDptId[$i] == $row_pd->pdDptId) && ($pdIsBoss[$i] != $row_pd->pdIsBoss))))) {
                    
$pdFrDate = ($yy[$i] - 543).'-'.$mm[$i].'-'.$dd[$i];

                    if (
$res) {
                        
$this->pd->get_by_key(TRUE);
                        
$this->pd->pdToDate pastDay($pdFrDate1);
                        
$this->pd->update();
                    }

                    
$con_qu_pd = array('pdPrsId'    => $pdPrsId[$i]);
                    
$nextSeq $this->pd->getNextSeq($con_qu_pd);

                    
$this->pd->pdPrsId $pdPrsId[$i];
                    
$this->pd->pdSeq $nextSeq;
                    
$this->pd->pdDptId $pdDptId[$i];
                    
$this->pd->pdIsBoss $pdIsBoss[$i] ? $pdIsBoss[$i] : 'N';
                    
$this->pd->pdFrDate $pdFrDate;
                    
$this->pd->pdToDate '0000-00-00';
                    
$this->pd->insert();
                }
            }
        }

        
redirect($this->config->item('rg_folder').'officer/pd_input');
    }

    function 
pd_delete() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_persondepartment','pd');

        
$pdPrsId $this->input->post('pdPrsId');
        
$pdSeq $this->input->post('pdSeq');
        
$this->pd->pdPrsId $pdPrsId;
        
$this->pd->pdSeq $pdSeq;
        
$this->pd->delete();

        
$this->pd->pdPrsId $pdPrsId;
        
$this->pd->pdSeq $pdSeq 1;
        
$this->pd->get_by_key(TRUE);

        
$this->pd->pdToDate '0000-00-00';
        
$this->pd->update();

        
redirect($this->config->item('rg_folder').'officer/pd_input');
    }
    
// ##### end pd

    
function passwd_input() {
        
$this->contents['UsLogin'] = $this->session->userdata('UsLogin');

        
$this->output($this->config->item("rg_folder")."v_changePasswd");
    }

    function 
passwd_update() {
        
$this->load->library('form_validation');
        
$this->form_validation->set_error_delimiters('<div class="error">','</div>');
        
$this->form_validation->set_rules('passwdOld'' ''trim|required|xss_clean');
        
$this->form_validation->set_rules('passwdNew'' ''trim|required|min_length[8]|matches[passwdNewConfirm]|xss_clean');
        
$this->form_validation->set_rules('passwdNewConfirm'' ''trim|required|min_length[8]|xss_clean');

        if (
$this->form_validation->run() == FALSE) {
            
$this->passwd_input();
        } else {
            
$this->load->model($this->config->item("ums_folder").'m_umuser','us');
            
$this->us->db->trans_begin();

            
$UsLogin $this->session->userdata('UsLogin');
            
$passwdOld $this->input->post('passwdOld');
            
$passwdNew $this->input->post('passwdNew');
            
$passwdNewConfirm $this->input->post('passwdNewConfirm');

            
$qu_us $this->us->check_user($UsLogin$passwdOld);
            if (
$qu_us) {
                
$this->us->UsID $qu_us['UsID'];
                
$this->us->UsName $qu_us['UsName'];
                
$this->us->UsLogin $qu_us['UsLogin'];
                
$this->us->UsPassword md5("O]O".$passwdNew."O[O");
                
$this->us->UsPsCode $qu_us['UsPsCode'];
                
$this->us->UsWgID $qu_us['UsWgID'];
                
$this->us->UsQsID $qu_us['UsQsID'];
                
$this->us->UsAnswer $qu_us['UsAnswer'];
                
$this->us->UsEmail $qu_us['UsEmail'];
                
$this->us->UsActive $qu_us['UsActive'];
                
$this->us->UsAdmin $qu_us['UsAdmin'];
                
$this->us->UsDesc $qu_us['UsDesc'];
                
$this->us->UsPwdExpDt $qu_us['UsPwdExpDt'];
                
$this->us->UsUpdDt $qu_us['UsUpdDt'];
                
$this->us->UsUpdUsID $qu_us['UsUpdUsID'];
                
$this->us->UsSessionID $qu_us['UsSessionID'];
                
$this->us->update();

                
$flgmsg "<br /><font face='MS Sans Serif' size=3 color='#FF0000'><strong>ท่านสามารถเปลี่ยนรหัสผ่านได้สำเร็จ !!<br />กรุณารอสักครู่...</strong></font><br /><br /><br />";
            } else {
                
$flgmsg "<br /><font face='MS Sans Serif' size=3 color='#FF0000'><strong>ท่านไม่สามารถเปลี่ยนรหัสผ่านได้ กรุณาตรวจสอบข้อมูลอีกครั้ง !!<br />กรุณารอสักครู่...</strong></font><br /><br /><br />";
            }

            if (
$this->us->db->trans_status() === false) {
                
$this->us->db->trans_rollback();
            } else {
                
$this->us->db->trans_commit();
            }

            
$this->session->set_flashdata('msg'$flgmsg);
            
redirect($this->config->item('rg_folder').'officer/passwd_input');
        }
    }
}
?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0187 ]--