!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/eassess/admin/fileupdate/eassess/admin/   drwxr-xr-x
Free 50.75 GB of 127.8 GB (39.71%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     2553-02-23-1.0.01-showCourseEp.php (8.03 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include_once "template.php";
showHeader();
include_once 
"../class/clsReg_SysSemesterDes.php";
include_once 
"../link/function.php";
include_once 
"../class/clsClassAssess.php";
include_once 
"../class/clsCourseAssess.php";

sendRequest();

$oCR = new clsConnection($GLOBALS['HOST'], $GLOBALS['DB_REG'], $GLOBALS['USER_REG'], $GLOBALS['PASSWORD_REG']);

$oCA = new clsConnection($GLOBALS['HOST'], $GLOBALS['DB_EASS'], $GLOBALS['USER_EASS'], $GLOBALS['PASSWORD_EASS']);

$oClass = new ClassAssess($oCA);
$oCourse = new CourseAssess($oCA);
        
if(!
$acadYear)
    
$acadYear $GLOBALS["ACADYEAR"];
if(!
$semester)
    
$semester $GLOBALS["SEMESTER"];

?>
<meta http-equiv="Content-Type" content="text/html; charset=tis-620">
<link href="source/style.css" rel="stylesheet" type="text/css">
<SCRIPT>
   function keyCode(evt){
      //var key;
      //if (window.event) key = window.event.keyCode; // ใช้กับ IE
      //else if (e) key = e.which; // ใช้กับ Firefox
      //var key = (evt.which) ? evt.which : evt.keyCode
      var key = (evt.keyCode) ? evt.keyCode : event.keyCode
      if (key < 48 || key > 57)
          return false;
      else
          return true;
   }

</SCRIPT>
<table width="740" border="0" align="center" cellpadding="0" cellspacing="0">
    <tr>
        <td><br><fieldset>
      <legend><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"> 
      <a href="index.php?mm=1">ผลการประเมิน</a> <img src="../picture/ico3.gif" align="absmiddle" border="0">ผลการประเมินแหล่งฝึก</font></legend>
      <label> 
      <?php
        
if(!isset($acadYearSearch)&&(!isset($semesterSearch))){
                
$acadYearSearch $acadYear;
                
$semesterSearch $semester;
        }

            
$oSse = new SysSemesterDes($oCR);
?>
      <div align="center"><br>
    <form name="pc" method="post" action="<?php echo $PHP_SELF;?>">
          <table width="650" align="center" border="0" cellpadding="0" cellspacing="1">
            <tr> 
              <td height="97"><br>
                <table width="478" height="35" border="0" align="center" cellpadding="1" cellspacing="1" bordercolor="<?php echo $GLOBALS["COLOR_BORDER_TABLE_1"];?>">
                  <tr bgcolor="<?php echo $GLOBALS['COLOR_BG_TD_4'];?>"> 
                    <td width="374" height="32"><font size="2" color="<?php echo $GLOBALS['COLOR_FONT_4'];?>">&nbsp;&nbsp;<b>ปีการศึกษา</b></font> 
                      <input name="acadYearSearch" type="text" onKeyDown="javascript:return keyCode(event);" value="<? echo $acadYearSearch ?>" size="4" maxlength="4">
                      <font color="<?php echo $GLOBALS['COLOR_FONT_3'];?>">&nbsp;</font>&nbsp;&nbsp;&nbsp;&nbsp;<font size="2" color="<?php echo $GLOBALS['COLOR_FONT_4'];?>"><b>ภาคการศึกษา 
                      <select name="semesterSearch">
                        <?php

                        $oSse
->RSSysSemesterDes();
                        while(
$oSse->GetRecord()) {
                        
                    
?>
                        <option value="<?php echo $oSse->semester;?><? if($oSse->semester == $semesterSearch) echo "selected" ?>><?php echo $oSse->semesterName;?></option>
                        <?php
                                
}
                    
?>
                      </select>
                      </b></font><input type="submit" name="search" value="ค้นหา"></td>
                  </tr>
                </table>
                <br>
                <table width="485" border="0" cellpadding="1" cellspacing="1" bgcolor="silver" align="center">
                  <tr align="center" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_6"];?>"> 
                    <td height="22" colspan="3" align="center"><font size="2" color="<?php echo $GLOBALS['COLOR_FONT_3'];?>"><b>รายวิชาปฏิบัติที่เปิดสอน  : 
                      <? $oSse->SearchByKey($semesterSearch);
                            
$oSse->GetRecord();
                            echo 
$oSse->semesterName;?>/<? echo $acadYearSearch ?></b></font></td>
                  </tr>
                  <tr bgcolor="<?php echo $GLOBALS["COLOR_BG_TABLE_2"];?>" align="center"> 
                    <td width="112" height="22" align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_1"];?>"><strong>รหัสรายวิชา</strong></font></td>
                    <td width="366" align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_1"];?>"><strong>ชื่อรายวิชา</strong></font></td>
                  </tr>
                    <?

                    
//if($inputSearch == ""){
                        //$inputSearch = $acadYearSearch;
                        //$semesterSearch
                    //}
                            
$i 0;
                            
$numRow 0;
/*                             $oClass->SearchByAcadSemGroupAndOrderByCourseId($acadYearSearch,$semesterSearch);
                             while($oClass->GetRecord()){
                                $numRow++;
                            }
                            $page_size = 20;
                            $total_page = (int)($numRow/$page_size);
                            if(($numRow%$page_size) != 0)
                                $total_page++;
                
                            if(isset($page_id))
                                $start = $page_size*($page_id-1);
                            else {
                                $page_id = 1;
                                $start = 0;
                            }
*/                            
$i 0;
                            
$oCourse->RSCourseEpByAcYSe($acadYearSearch,$semesterSearch);
                            while(
$oCourse->GetRecord()){

                                if((
$i%2) == 0)
                                    echo 
'<tr bgcolor="'.$GLOBALS["COLOR_BG_TD_5"].'">';
                                else
                                    echo 
'<tr bgcolor="'.$GLOBALS["COLOR_BG_TD_4"].'">';
                    
?>      
                                
                    <td height="20" align="center"><a href="searchEpByCourse.php?courseId=<? echo $oCourse->courseId ?>&acY=<? echo $acadYearSearch ?>&sem=<? echo $semesterSearch ?>" onClick="return sendRequest(this);" onMouseOver="window.status=''; return true;"><? echo $oCourse->courseCode ?></a></td>
                                  
                    <td>&nbsp;<a href="searchEpByCourse.php?courseId=<? echo $oCourse->courseId ?>&acY=<? echo $acadYearSearch ?>&sem=<? echo $semesterSearch ?>" onclick="return sendRequest(this);" onmouseover="window.status=''; return true;"><? echo $oCourse->courseName ?></a></td>
                              </tr>
                    <?            $numRow++;
                            } 
// end while


                        
if($numRow == 0){
?>
                    <tr bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_5"];?>">
                    <td colspan="2" height="20" align="center"><font size="2" color="<?php echo $GLOBALS['COLOR_FONT_3'];?>">** 
                      ไม่ปรากฏ รายวิชาในฐานข้อมูล **<br> เนื่องจากยังไม่ได้ลงทะเบียนเรียน หรือ ยังไม่จัดตารางสอน</font></td>
                  </tr>
                  <?php
                                $numRow 
0;
                                
$total_page 1;
                                
$page_id 1;
                        }
?>
                </table>
                <table width="488" border="0" align="center">
                  <tr> 
                    <td width="121">&nbsp;</td>
                    <td width="357" align="right"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>">รวม 
                      <?php echo $numRow;?> รายการ</font></td>
                  </tr>
                  <tr> 
                    <td colspan="2">&nbsp;</td>
                  </tr>
                  <tr> 
                    <td colspan="2"><input type="button" name="back2" value="กลับสู่หน้าหลัก" onClick=" location.href = 'index.php?mm=1'"></td>
                  </tr>
                </table>
                <br> </td>
           </tr>
  </table>     
</form>
      </div>
      </fieldset><br>
      <table width="742" border="0">
        <tr> 
          <td width="63" height="27"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"];?>"><strong>หมายเหตุ 
            : </strong></font></td>
          <td width="669"><font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2">กรอกปีการศึกษา 
            เลือกภาคการศึกษา และกรอกรหัสรายวิชา หรือชื่อรายวิชา เพื่อค้นหาแบบประเมินที่ขึ้นกับชั้นปีนักศึกษา 
            และหลักสูตร</font></td>
        </tr>
        <tr> 
          <td height="27">&nbsp;</td>
          <td><font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2">เลือกคลิกที่รหัสวิชาหรือชื่อรายวิชา 
            เพื่อดูผลการประเมิน</font></td>
        </tr>
        <tr>
          <td height="27">&nbsp;</td>
          <td>&nbsp;</td>
        </tr>
      </table> </td>
</tr>
</table>
<form name="silent" id="silent" style="margin:0px; padding: 0px;" method="post"></form>
<?php
showFooter
();
?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0134 ]--