!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/application/controllers/esa/   drwxr-xr-x
Free 50.99 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     military.php (23.22 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include('sa_controller.php');
class 
Military extends Sa_controller {
//    function mil_input () {
//        $this->load->model($this->config->item('sa_folder').'sa_military_model','mil');
//        $this->load->model($this->config->item('rg_folder').'mo_rg_recruitmenttype','rt');
//        $this->load->model($this->config->item('sa_folder').'sa_except_military_model','ecp');
//
//        $mil_id = $this->input->post('mil_id');
//
//        $this->mil->mil_id = $mil_id;
//        $qu_mil = $this->mil->get_by_key_2();
//        if ($qu_mil->num_rows()) {
//            $data['qu_mil'] = $qu_mil;
//        }
//
//        $data['rs_rt'] = $this->rt->get_options();
//        $data['rs_ecp'] = $this->ecp->get_options();
//        $data['rs_mil'] = $this->mil->get_by_cond();
//
//        $this->output("v_add_military",$data);
//    }
//
//    function mil_insert_update () {
//        $this->load->library('form_validation');
//        $this->form_validation->set_error_delimiters('<div class="error">', '</div>');
//        $this->form_validation->set_rules('mil_id', ' ', 'trim|xss_clean');
//        $this->form_validation->set_rules('wk11_co', ' ', 'trim|xss_clean');
//        $this->form_validation->set_rules('std', ' ', 'trim|xss_clean');
//        $this->form_validation->set_rules('mil_rt_id', ' ', 'trim|required|xss_clean');
//
//        $mil_rt_id = $this->input->post('mil_rt_id');
//        if ($mil_rt_id == 2) {
//            $this->form_validation->set_rules('mil_ecp_id', ' ', 'trim|required|xss_clean');
//        } else if ($mil_rt_id == 3) {
//            $this->form_validation->set_rules('mil_served_as', ' ', 'trim|required|xss_clean');
//            $this->form_validation->set_rules('mil_fr_year', ' ', 'trim|required|exact_length[4]|xss_clean');
//            $this->form_validation->set_rules('mil_to_year', ' ', 'trim|required|exact_length[4]|xss_clean');
//        }
//
//        if ($this->form_validation->run() == FALSE) {
//            $this->mil_input();
//        } else {
//            $this->db->trans_begin();
//
//            $this->load->model($this->config->item('rg_folder').'mo_rg_student','std');
//            $this->load->model($this->config->item('rg_folder').'mo_rg_studentdetails','sdt');
//            $this->load->model($this->config->item('sa_folder').'sa_military_model','mil');
//
//            $mil_id = $this->input->post('mil_id');
//
//            $rs = explode("###", ($this->input->post('std') ? $this->input->post('std') : $this->input->post('wk11_co')));
//            foreach ($rs as $value) {
//                $std = explode(":", $value);
//
//                $con_qu_std = array('stdCode' => $std[0]);
//                $qu_std = $this->std->qryStd($con_qu_std);
//                if ($qu_std->num_rows()) {
//                    $this->sdt->sdtStdId = $qu_std->row()->stdId;
//                    $this->sdt->get_by_key(TRUE);
//                    $this->sdt->sdtRtId = $mil_rt_id;
//                    $this->sdt->update();
//
//                    $this->mil->mil_id = $mil_id;
//                    $this->mil->get_by_key(TRUE);
//
//                    $this->mil->mil_std_id = $qu_std->row()->stdId;
//                    $this->mil->mil_rt_id = $mil_rt_id;
//                    $this->mil->mil_ecp_id = ($mil_rt_id == 2) ? $this->input->post('mil_ecp_id') : NULL;
//                    $this->mil->mil_served_as = ($mil_rt_id == 3) ? trim($this->input->post('mil_served_as')) : '';
//                    $this->mil->mil_fr_year = ($mil_rt_id == 3) ? $this->input->post('mil_fr_year') : '';
//                    $this->mil->mil_to_year = ($mil_rt_id == 3) ? $this->input->post('mil_to_year') : '';
//                    $this->mil->mil_update_date = date('Y-m-d H:i:s');
//                    $this->mil->mil_update_us_login = $this->session->userdata('UsLogin');
//
//                    if ($mil_id) {
//                        $this->mil->update();
//                    } else {
//                        $this->mil->mil_create_date = date('Y-m-d H:i:s');
//                        $this->mil->mil_create_us_login = $this->session->userdata('UsLogin');
//                        $this->mil->insert();
//                    }
//                }
//            }
//
//            if ($this->db->trans_status() === false) {
//                $this->db->trans_rollback();
//            } else {
//                $this->db->trans_commit();
//            }
//
//            redirect($this->config->item('sa_folder').'military/mil_input');
//        }
//    }
//
//    function mil_delete () {
//        $this->load->model($this->config->item('sa_folder').'sa_military_model','mil');
//
//        $mil_id = $this->input->post('mil_id');
//
//        $this->mil->mil_id = $mil_id;
//        $this->mil->delete();
//
//        redirect($this->config->item('sa_folder').'military/mil_input');
//    }

    // ##### start callback
    
function checkMin($str) {
        if(
$str>59) {
            
$this->form_validation->set_message('checkMin','นาทีต้องเป็น 00-59');
            return 
false;
        } else if(
$str<00) {
            
$this->form_validation->set_message('checkMin','นาทีต้องเป็น 00-59');
            return 
false;
        }else if(!
is_numeric ($str)){
            
$this->form_validation->set_message('checkMin','นาทีต้องเป็นตัวเลข 00-59 เท่านั้น');
            return 
false;
        } else{
            return 
true;
        }
    }
    
    function 
checkHour($str) {
        if(
$str>23) {
            
$this->form_validation->set_message('checkHour','ชั่วโมงต้องเป็น 00-23');
            return 
false;
        } else if(
$str<00) {
            
$this->form_validation->set_message('checkHour','ชั่วโมงต้องเป็น 00-23');
            return 
false;
        }else if(!
is_numeric ($str)){
            
$this->form_validation->set_message('checkHour','ชั่วโมงต้องเป็นตัวเลข 00-23 เท่านั้น');
            return 
false;
        } else{
            return 
true;
        }
    }
    
    function 
checkHourCorrect($str$field) {
        if (
$str $this->input->post($field)) { 
            
$this->form_validation->set_message('checkHourCorrect''เวลาเริ่มต้องน้อยกว่าเวลาสิ้นสุด'); return FALSE;
        } else { 
            return 
TRUE
        }
    }
    
    function 
checkUniStdByDay($str$field){
        
$this->load->model($this->config->item('sa_folder').'sa_rodo_model','rd');
        
$this->load->model($this->config->item('rg_folder').'mo_rg_student','std');
        
        if(
$this->input->post('rd_id')){
            
$this->rd->rd_id $this->input->post('rd_id');
            
$this->rd->get_by_key(TRUE);
            if(
$this->rd->rd_date==splitDateForm2($this->input->post('rd_date'), '-')){
                return 
TRUE;
            }else{
                
$rs explode("###"$str);
                
$ct 0;
                foreach (
$rs as $value) {
                    
$std explode(":"$value);
                    
$con_qu_std = array('stdCode' => $std[0]);
                    
$qu_std $this->std->qryStd($con_qu_std);
                    if (
$qu_std->num_rows()) {
                        
$to $this->rd->checkUni($qu_std->row()->stdId,splitDateForm2($this->input->post($field), '-'));
                        if(
$to->num_rows()>0){
                            
$ct++;
                        }
                    }
                }
            }
        }else{
            
$rs explode("###"$str);
            
$ct 0;
            foreach (
$rs as $value) {
                
$std explode(":"$value);
                
$con_qu_std = array('stdCode' => $std[0]);
                
$qu_std $this->std->qryStd($con_qu_std);
                if (
$qu_std->num_rows()) {
                    
$to $this->rd->checkUni($qu_std->row()->stdId,splitDateForm2($this->input->post($field), '-'));
                    if(
$to->num_rows()>0){
                        
$ct++;
                    }
                }
            }
        }
        
        if(
$ct>0){
            
$this->form_validation->set_message('checkUniStdByDay''วันที่ท่านเลือกมีข้อมูลนักศึกษาแล้วในระบบ'); return FALSE;
        }else{
            return 
true;
        }
    }
    
// ##### end callback

    
function rd_input () {
        
$this->load->model($this->config->item('sa_folder').'sa_rodo_model','rd');

        
$data['v_search'] = ($this->input->post('v_search')) ? $this->input->post('v_search') : '';
        
        
$this->rd->rd_id $this->input->post('rd_id');
        
$qu_rd $this->rd->get_by_key_2();
        if (
$qu_rd->num_rows()) {
            
$data['qu_rd'] = $qu_rd;
        }
//     edit 21/12/2555 by Sitthichai
//        if($this->input->post('v_search')){
            
$data['rs_rd'] = $this->rd->get_by_std($data['v_search']);
//        }

        
$this->output("v_add_rodo",$data);
    }

    function 
rd_insert_update () {
        if(
$this->input->post('btnCancel')){//click cancel button
            
redirect($this->config->item('sa_folder').'military/rd_input');
        }else{
            
$this->load->library('form_validation');
            
$this->form_validation->set_error_delimiters('<div class="error">''</div>');
            
$this->form_validation->set_rules('rd_id'' ''trim|xss_clean');

            
$rd_id $this->input->post('rd_id');
            
            if (
$rd_id) {
                
$this->form_validation->set_rules('std''รหัส/ชื่อ-สกุลนักศึกษา''trim|required|xss_clean|callback_checkUniStdByDay[rd_date]');
            } else {
                
$this->form_validation->set_rules('wk11_co''รหัส/ชื่อ-สกุลนักศึกษา''trim|required|xss_clean|callback_checkUniStdByDay[rd_date]');
            }

            
$this->form_validation->set_rules('rd_grade''ชั้นปีที่ศึกษาวิชาทหาร''trim|required|exact_length[1]|is_natural_no_zero|xss_clean');
            
$this->form_validation->set_rules('rd_date''วันที่ศึกษา''trim|required|xss_clean');
            
$this->form_validation->set_rules('hh_fr_time''เวลาศึกษา''callback_checkHour|callback_checkHourCorrect[hh_to_time]|trim|required|min_length[1]|max_length[2]|xss_clean');
            
$this->form_validation->set_rules('ii_fr_time''เวลาศึกษา''callback_checkMin|trim|required|min_length[1]|max_length[2]|xss_clean');
            
$this->form_validation->set_rules('hh_to_time''เวลาศึกษา''callback_checkHour|trim|required|min_length[1]|max_length[2]|xss_clean');
            
$this->form_validation->set_rules('ii_to_time''เวลาศึกษา''callback_checkMin|trim|required|min_length[1]|max_length[2]|xss_clean');
            
$this->form_validation->set_rules('rd_place''สถานที่ศึกษา''trim|required|xss_clean');

            if (
$this->form_validation->run() == FALSE) {
                
$this->rd_input();
                echo 
"as";
            } else {
                
$this->load->model($this->config->item('rg_folder').'mo_rg_student','std');
                
$this->load->model($this->config->item('sa_folder').'sa_rodo_model','rd');
                
                
$this->db->trans_begin();

                
$rs explode("###", ($this->input->post('std') ? $this->input->post('std') : $this->input->post('wk11_co')));
                foreach (
$rs as $value) {
                    
$std_data explode(":"$value);

                    
$con_qu_std = array('stdCode' => $std_data[0]);
                    
$qu_std $this->std->qryStd($con_qu_std);
                    if (
$qu_std->num_rows()) {
                        
$this->rd->rd_id $rd_id;
                        if (
$rd_id) {
                            
$this->rd->get_by_key(TRUE);
                        }
                        
                        
$this->rd->rd_std_id $qu_std->row()->stdId;
                        
$this->rd->rd_grade $this->input->post('rd_grade');
                        
$this->rd->rd_date splitDateForm2($this->input->post('rd_date'), '/');
                        
$this->rd->rd_fr_time substr('0'.trim($this->input->post('hh_fr_time')), -2).':'.substr('0'.trim($this->input->post('ii_fr_time')), -2).':00';
                        
$this->rd->rd_to_time substr('0'.trim($this->input->post('hh_to_time')), -2).':'.substr('0'.trim($this->input->post('ii_to_time')), -2).':00';
                        
$this->rd->rd_place trim($this->input->post('rd_place'));
                        
$this->rd->rd_update_date date('Y-m-d H:i:s');
                        
$this->rd->rd_update_us_login $this->session->userdata('UsLogin');

                        if (
$rd_id) {
                            
$this->rd->update();
                        } else {
                            
$this->rd->rd_create_date date('Y-m-d H:i:s');
                            
$this->rd->rd_create_us_login $this->session->userdata('UsLogin');
                                
                            
$this->rd->insert();
                        }
                    }
                }
                if (
$this->db->trans_status() === false) {
                    
$this->db->trans_rollback();
                } else {
                    
$this->db->trans_commit();
                }

                
redirect($this->config->item('sa_folder').'military/rd_input');
            }
        }
    }

    function 
rd_delete () {
        
$this->load->model($this->config->item('sa_folder').'sa_rodo_model','rd');

        
$rd_id $this->input->post('rd_id');

        
$this->rd->rd_id $rd_id;
        
$this->rd->delete();

        
redirect($this->config->item('sa_folder').'military/rd_input');
    }

    function 
ecp_input () {
        
$this->load->model($this->config->item('sa_folder').'sa_except_military_model','ecp');

        
$ecp_id $this->input->post('ecp_id');
        
$data['v_search'] = ($this->input->post('v_search')) ? $this->input->post('v_search') : '';
        
        
$rs_opt $this->ecp->get_options_year('Z');
        
$rs_opt[''] = "-- เลือกปี --";
        
ksort($rs_opt);
        
        
$data['rs_opt'] = $rs_opt;
        
        
$data['opt_year'] = ($this->input->post('opt_year')) ? $this->input->post('opt_year') : '';
        
        
$this->ecp->ecp_id $ecp_id;
        
$qu_ecp $this->ecp->get_by_key_2();
        
        if (
$qu_ecp->num_rows()) {
            
$data['qu_ecp'] = $qu_ecp;
        }
//     edit 21/12/2555 by Sitthichai
//        if($this->input->post('v_search')==TRUE OR $this->input->post('opt_year')==TRUE){
            
$data['rs_ecp'] = $this->ecp->get_by_std($data['v_search'],$data['opt_year']);
//        }
        
$this->output("v_add_except_military",$data);
    }

    function 
ecp_insert_update () {
        if(
$this->input->post('btnCancel')){//click cancel button
            
redirect($this->config->item('sa_folder').'military/ecp_input');
        }else{
            
$this->load->library('form_validation');
            
$this->form_validation->set_error_delimiters('<div class="error">''</div>');
            
$this->form_validation->set_rules('ecp_id'' ''trim|xss_clean');

            
$ecp_id $this->input->post('ecp_id');

            if (
$ecp_id) {
                
$this->form_validation->set_rules('std''รหัส/ชื่อ-สกุลนักศึกษา''trim|required|xss_clean');
            } else {
                
$this->form_validation->set_rules('wk11_co''รหัส/ชื่อ-สกุลนักศึกษา''trim|required|xss_clean');
            }

            
$this->form_validation->set_rules('ecp_year''ปีที่ขอผ่อนผัน''trim|required|xss_clean|callback_checkAdY');

            if (
$this->form_validation->run() == FALSE) {
                
$this->ecp_input();
            } else {
                
$this->db->trans_begin();

                
$this->load->model($this->config->item('rg_folder').'mo_rg_student','std');
                
$this->load->model($this->config->item('sa_folder').'sa_except_military_model','ecp');

                
$rs explode("###", ($this->input->post('std') ? $this->input->post('std') : $this->input->post('wk11_co')));
                foreach (
$rs as $value) {
                    
$std explode(":"$value);

                    
$con_qu_std = array('stdCode' => $std[0]);
                    
$qu_std $this->std->qryStd($con_qu_std);
                    if (
$qu_std->num_rows()) {
                        
$this->ecp->ecp_id $ecp_id;
                        
$this->ecp->get_by_key(TRUE);

                        
$this->ecp->ecp_std_id $qu_std->row()->stdId;
                        
$this->ecp->ecp_year $this->input->post('ecp_year');
                        
$this->ecp->ecp_update_date date('Y-m-d H:i:s');
                        
$this->ecp->ecp_update_us_login $this->session->userdata('UsLogin');
                        
                        
$qu_ecp $this->ecp->get_by_all($ecp_id);
                        if (
$qu_ecp->num_rows() == 0) {
                            if (
$ecp_id) {
                                
$this->ecp->update();
                            } else {
                                
$this->ecp->ecp_create_date date('Y-m-d H:i:s');
                                
$this->ecp->ecp_create_us_login $this->session->userdata('UsLogin');                            
                                
                                
$this->ecp->insert();
                            }
                        }
                    }
                }

                if (
$this->db->trans_status() === false) {
                    
$this->db->trans_rollback();
                } else {
                    
$this->db->trans_commit();
                }

                
redirect($this->config->item('sa_folder').'military/ecp_input');
            }
        }
    }

    function 
ecp_delete () {
        
$this->load->model($this->config->item('sa_folder').'sa_except_military_model','ecp');

        
$ecp_id $this->input->post('ecp_id');

        
$this->ecp->ecp_id $ecp_id;
        
$this->ecp->delete();

        
redirect($this->config->item('sa_folder').'military/ecp_input');
    }

    function 
mlt_file() {
        
$this->load->model($this->config->item('rg_folder').'mo_rg_news','nw');

        
$con_rs_nw = array('nwSystem'    => $this->config->item('sa_system'),
                           
'nwWorkFor'    => $this->config->item('nw_for_military'));
        
$ord_rs_nw = array('nwCreateDate'    => 'DESC');
        
$rs_nw $this->nw->qryNw($con_rs_nw$ord_rs_nw);
        
$data['rs_nw'] = $rs_nw;

        
// กรณี update
        
$nwId $this->input->post('nwId');
        
$con_qu_nw = array('nwId'    => $nwId);
        
$data['qu_nw'] = $this->nw->qryNw($con_qu_nw);
        
// จบกรณี update

        
$this->output("v_militaryFile",$data);
    }

    function 
mlt_showDetail() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_news','nw');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_newsfileupload','nwu');

        
$nwId $this->input->post('nwId');

        
$con_qu_nw = array('nwId'    => $nwId);
        
$data['qu_nw'] = $this->nw->qryNwJoinUmsystem($con_qu_nw);

        
$con_rs_nwu = array('nwuNwId'    => $nwId);
        
$data['rs_nwu'] = $this->nwu->qryNwu($con_rs_nwu);

        
$this->output_popup("v_militaryDetailFile",$data);
    }

    function 
mlt_file_insert_update() {
        
$this->load->model($this->config->item('rg_folder').'mo_rg_news','nw');

        
$this->load->library('form_validation');
        
$this->form_validation->set_error_delimiters('<div>''</div>');
        
$this->form_validation->set_rules('nwId'' ''trim|xss_clean');
        
$this->form_validation->set_rules('nwTitle'' ''trim|required|xss_clean');
        
$this->form_validation->set_rules('dpUsed'' ''trim|required|xss_clean');

        
$dpUsed $this->input->post('dpUsed');
        if(
$dpUsed=='N') {    // ระบุวันที่
            
$this->form_validation->set_rules('nwFrDate'' ''trim|callback_checkFrDate[nwToDate]|xss_clean');
            
$this->form_validation->set_rules('nwToDate'' ''trim|xss_clean');

            
$nwFrDate splitDateForm2($this->input->post('nwFrDate'),'-');
            
$nwToDate splitDateForm2($this->input->post('nwToDate'),'-');
        } else {
            
$nwFrDate '0000-00-00';
            
$nwToDate '0000-00-00';
        }

        
$this->form_validation->set_rules('nwDetail'' ''trim|xss_clean');
        
$this->form_validation->set_rules('nwAnnoucedBy'' ''trim|required|xss_clean');

        
$nwId $this->input->post('nwId');
        
$nwTitle $this->input->post('nwTitle');
        
$nwDetail $this->input->post('nwDetail');
        
$nwAnnoucedBy $this->input->post('nwAnnoucedBy');
        
$nwCreateDate getNowDate();

        if (
$this->form_validation->run() == FALSE) {
            if(
$dpUsed=='N') {
                
$this->load->vars(array('passvalid'    => 1));
            }
            
$this->mlt_file();
        } else {
            
$this->db->trans_begin();
            if(
$nwId) {
                
$this->nw->nwId $nwId;
                
$this->nw->get_by_key(TRUE);

                
$this->nw->nwTitle $nwTitle;
                
$this->nw->nwFrDate $nwFrDate;
                
$this->nw->nwToDate $nwToDate;
                
$this->nw->nwAnnoucedBy $nwAnnoucedBy;
                
$this->nw->nwDetail $nwDetail;
                
$this->nw->nwCreateDate date('Y-m-d H:i:s');
                
$this->nw->nwCreateUserId $this->session->userdata('UsLogin');
                
$this->nw->nwUpdateDate date('Y-m-d H:i:s');
                
$this->nw->nwUpdateUserId $this->session->userdata('UsLogin');
                
$this->nw->update();

                
$id $nwId;
            } else {
                
$con_qu_nw = array('nwTitle'        => $nwTitle,
                                   
'nwSystem'        => $this->config->item('sa_system'),
                                   
'nwCreateDate'    => $nwCreateDate."%");
                
$qu_nw $this->nw->qryNw($con_qu_nw);
                if(
$qu_nw->num_rows()==0) {
                    
$this->nw->nwId "";
                    
$this->nw->nwSystem $this->config->item('sa_system');
                    
$this->nw->nwTitle $nwTitle;
                    
$this->nw->nwFrDate $nwFrDate;
                    
$this->nw->nwToDate $nwToDate;
                    
$this->nw->nwAnnoucedBy $nwAnnoucedBy;
                    
$this->nw->nwPicture ''// ****************
                    
$this->nw->nwDetail $nwDetail;
                    
$this->nw->nwCreateDate date('Y-m-d H:i:s');
                    
$this->nw->nwCreateUserId $this->session->userdata('UsLogin');
                    
$this->nw->nwUpdateDate date('Y-m-d H:i:s');
                    
$this->nw->nwUpdateUserId $this->session->userdata('UsLogin');
                    
$this->nw->nwWorkFor $this->config->item('nw_for_military');
                    
$this->nw->insert();

                    
$id $this->nw->last_insert_id();
                } else {
                    
// ข้อมูลซ้ำ
                    
redirect($this->config->item("sa_folder")."military/mlt_file");
                }
            }

            if (
$this->db->trans_status() === false) {
                
$this->db->trans_rollback();
            } else {
                
$this->db->trans_commit();
            }

            
redirect($this->config->item("sa_folder")."military/mlt_attachfile/$id");
        }
    }

    function 
checkDocName($str) {
        
// ชื่อเอกสาร : $str
        
$nwId $this->input->post('nwId');

        
$this->load->model($this->config->item("rg_folder").'mo_rg_newsfileupload','nwu');

        if(
$str=="") {
            
$this->form_validation->set_message('checkDocName','กรุณาป้อน%s');
            return 
false;
        } else {
            
$con_rs_nwu = array('nwuFileName'    => $str,
                                
'nwuNwId'        => $nwId);
            
$rs_nwu $this->nwu->qryNwu($con_rs_nwu);
            if(
$rs_nwu->num_rows()) {
                
$this->form_validation->set_message('checkDocName','ชื่อเอกสารซ้ำ กรุณาป้อนชื่อใหม่');
                return 
false;
            } else {
                return 
true;
            }
        }
    }

    function 
mlt_attachfile($id=0) {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_news','nw');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_newsfileupload','nwu');

        
$this->nw->nwId $id;
        
$data['qu_nw'] = $this->nw->get_by_key();

        
$con_rs_nwu = array('nwuNwId'    => $id);
        
$data['rs_nwu'] = $this->nwu->qryNwu($con_rs_nwu);

        
$this->output("v_militaryFileAttach",$data);
    }

    function 
mlt_attachFile_insert_update() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_news','nw');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_newsfileupload','nwu');

        
$this->load->library('form_validation');
        
$this->form_validation->set_error_delimiters('<div class="error">','</div>');
        
$this->form_validation->set_rules('nwId',' ','trim|required|xss_clean');
        
$this->form_validation->set_rules('docName',' ','trim|required|callback_checkDocName|xss_clean');
        
$this->form_validation->set_rules('docFile',' ','trim|xss_clean');

        
$this->load->library('upload');
        foreach(
$_FILES as $key => $value) {
            
$config['upload_path'] = $this->config->item('rg_upload_docNews');
            
$config['allowed_types'] = '*';
            
$config['max_size'] = $this->config->item('rg_upload_maxsize');
            
$config['file_name'] = "file_".date('dmY_His');

            
$this->upload->initialize($config);
            if (
$this->upload->do_upload($key)){
                
$data = array('upload_data' => $this->upload->data());
                
$path $data['upload_data']['file_name'];
            } else {
                
$error = array('error' => $this->upload->display_errors());
                
$this->form_validation->set_rules('docFile'trim($error['error']), 'callback_checkupload');
            }
        }
        
// ************ upload file
        
$nwId $this->input->post('nwId');
        if(
$this->form_validation->run() == true) {
            
$this->db->trans_begin();

            
// ตรวจสอบชื่อเอกสาร
            
$con_rs_nwu = array('nwuNwId'    => $nwId,
                                
'nwuFileName'    => $this->input->post('docName'));
            
$rs_nwu $this->nwu->qryNwu($con_rs_nwu);
            
$file_version $rs_nwu->num_rows();
            
// จบตรวจสอบชื่อเอกสาร

            
$this->nwu->nwuId "";
            
$this->nwu->nwuSeq $this->nwu->getNextSeqByNwuNwId($nwId);
            
$this->nwu->nwuNwId $nwId;
            
$this->nwu->nwuFileName $this->input->post('docName').(($file_version==0) ? "" "[".$file_version."]");
            
$this->nwu->nwuPath $path;
            
$this->nwu->nwuCreateDate date('Y-m-d H:i:s');
            
$this->nwu->nwuUserId $this->session->userdata('UsLogin');
            
$this->nwu->insert();

            if(
$this->db->trans_status() === false) {
                
$this->db->trans_rollback();
            } else {
                
$this->db->trans_commit();
            }

            
redirect($this->config->item("sa_folder")."military/mlt_attachfile/$nwId");
        } else {
            
$this->mlt_attachfile($nwId);
        }
    }

    function 
mlt_deleteFile() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_newsfileupload','nwu');

        
$nwuId $this->input->post('nwuId');
        
$nwuNwId $this->input->post('nwuNwId');

        
$this->nwu->nwuId $nwuId;
        
$this->nwu->delete();

        
redirect($this->config->item("sa_folder")."military/mlt_attachfile/$nwuNwId");
    }

    function 
mlt_deleteFileHead() {
        
$this->load->model($this->config->item("rg_folder").'mo_rg_news','nw');
        
$this->load->model($this->config->item("rg_folder").'mo_rg_newsfileupload','nwu');

        
$nwId $this->input->post('nwId');

        
$con_rs_nw = array('nwuNwId'    => $nwId);
        
$this->nwu->delNwu($con_rs_nw);
        
        
$this->nw->nwId $nwId;
        
$this->nw->delete();

        
redirect($this->config->item('sa_folder').'military/mlt_file');
    }

}

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0134 ]--