110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/mis/eassess/admin/fileupdate/eassess/admin/ drwxr-xr-x Free 53.7 GB of 127.8 GB (42.02%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

<?php

include_once "template.php";

showHeader();

include_once "../class/clsReg_SysSemesterDes.php";

include_once "../link/function.php";

include_once "../class/clsClassAssess.php";

include_once "../class/clsCourseAssess.php";

include_once "../class/clsOfficerAssess.php";



sendRequest();



$oCR = new clsConnection($GLOBALS['HOST'], $GLOBALS['DB_REG'], $GLOBALS['USER_REG'], $GLOBALS['PASSWORD_REG']);



$oCA = new clsConnection($GLOBALS['HOST'], $GLOBALS['DB_EASS'], $GLOBALS['USER_EASS'], $GLOBALS['PASSWORD_EASS']);



$oClass = new ClassAssess($oCA);

$oCourse = new CourseAssess($oCA);

$oOFA = new OfficerAssess($oCA);

        

if(!$acadYear)

    $acadYear = $GLOBALS["ACADYEAR"];

if(!$semester)

    $semester = $GLOBALS["SEMESTER"];



?>

<meta http-equiv="Content-Type" content="text/html; charset=tis-620">

<link href="source/style.css" rel="stylesheet" type="text/css">

<table width="740" border="0" align="center" cellpadding="0" cellspacing="0">

    <tr>

        <td><br><fieldset>

      <legend><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"> 

      <a href="index.php?mm=1">јЕЎТГ»ГРаБФ№</a> <img src="../picture/ico3.gif" align="absmiddle" border="0">¤й№ЛТГТВЄЧиННТЁТГВмјЩйКН№</font></legend>

      <?php

        if(!isset($acadYearSearch)&&(!isset($semesterSearch))){

                $acadYearSearch = $acadYear;

                $semesterSearch = $semester;

        }



            $oSse = new SysSemesterDes($oCR);

?>

      <div align="center"><br>

    <form name="pc" method="post" action="<?php echo $PHP_SELF; ?>">

          <table width="650" align="center" border="0" cellpadding="0" cellspacing="1">

            <tr> 

              <td height="194"><br>

                <table width="96%" height="22" border="0" align="center" cellpadding="1" cellspacing="1" bordercolor="<?php echo $GLOBALS["COLOR_BORDER_TABLE_1"];?>">

                  <tr bgcolor="<?php echo $GLOBALS['COLOR_BG_TD_4'];?>"> 

                    <td><font size="2" color="<?php echo $GLOBALS['COLOR_FONT_4'];?>"> 

                      &nbsp;&nbsp;<b>ГЛСКНТЁТГВм :</b> 

                      <input type="text" name="officerCode" size="11" maxlength="11">

                      <b>ЄЧиН :</b> </font><font color="<?php echo $GLOBALS['COLOR_FONT_3'];?>"> 

                      <input name="officerName" type="text" size="15">

                      </font><font size="2" color="<?php echo $GLOBALS['COLOR_FONT_4'];?>"> 

                      <b>№ТБКЎШЕ :</b></font><font color="<?php echo $GLOBALS['COLOR_FONT_3'];?>"> 

                      <font color="<?php echo $GLOBALS['COLOR_FONT_3'];?>"> 

                      <input name="officerSurname" type="text" size="15">

                      </font></font><font face="Microsoft Sans Serif" size="2"><b> 

                      <input type="submit" name="search" value="¤й№ЛТ">

                      <input type="reset" name="clear" value="а¤ЕХВГмўйНБЩЕ">

                      </b></font></td>

                  </tr>

                </table>

                <br>

                <table width="437" border="0" cellpadding="1" cellspacing="1" bgcolor="silver" align="center">

                  <tr bgcolor="<?php echo $GLOBALS["COLOR_BG_TABLE_2"];?>" align="center"> 

                    <td width="112" height="22" align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_1"];?>"><strong>ГЛСКНТЁТГВм</strong></font></td>

                    <td width="323" align="center"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_1"];?>"><strong>ЄЧиН-№ТБКЎШЕ</strong></font></td>

                  </tr>

                  <?

                    if($officerCode == "" && $officerName == "" && $officerSurname == ""){

                            $i = 0;

                            $numRow = 0;

                            // $oClass->SearchByAcadSemGroupAndOrderByCourseId($acadYearSearch,$semesterSearch);

                             //while($oClass->GetRecord()){

                            //    $numRow++;

                            //}

                            $oOFA->RSOfficerAssess();

                            $numRow = $oOFA->GetRowSelected();

                            $page_size = 20;

                            $total_page = (int)($numRow/$page_size);

                            if(($numRow%$page_size) != 0)

                                $total_page++;

                

                            if(isset($page_id))

                                $start = $page_size*($page_id-1);

                            else {

                                $page_id = 1;

                                $start = 0;

                            }

                                $i = 0;

                            /*$oClass->SearchLimitJointClassCourseByAcadSemGroupAndOrderByCourseId($acadYearSearch,$semesterSearch,$start, $page_size);

                               while($oClass->GetRecord()){

                                $oCourse->SearchByCourseId($oClass->courseId);

                                $oCourse->GetRecord();*/

                            

                            $oOFA->SearchRSLimitOrderOfficerIdNameSur($start,$page_size);

                            while($oOFA->GetRecord()){

                                if(($i%2) == 0)

                                    echo '<tr bgcolor="'.$GLOBALS["COLOR_BG_TD_5"].'">';

                                else

                                    echo '<tr bgcolor="'.$GLOBALS["COLOR_BG_TD_4"].'">';

                    ?>

                  <td height="20" align="center"><a href="showDeFormTeachName.php?officerId=<? echo $oOFA->officerId ?>" onclick="return sendRequest(this);" onmouseover="window.status=''; return true;"><? echo $oOFA->officerCode ?></a></td>

                  <td>&nbsp;<a href="showDeFormTeachName.php?officerId=<? echo $oOFA->officerId ?>"  onclick="return sendRequest(this);" onmouseover="window.status=''; return true;"><? echo $oOFA->prefixName.$oOFA->officerName." ".$oOFA->officerSurname ?></a></td>

                  </tr>

                  <?            $i++;

                            } // end while

                        } else { // end if inputSearch

                            $i = 0;

                            //echo "<br> selectSearch = ".$selectSearch;

                            //echo "<br> inputSearch = ".$inputSearch;

                            /*if($selectSearch == 1){

                                $oOFA->SearchRSLikeOfficerCode($inputSearch);

                            }else if($selectSearch == 2){

                                list($officerName,$officerSurname) = split(' ',$inputSearch);

                                $oOFA->SearchRSLikeOfficerNameSurname($officerName,$officerSurname);

                            }*/

                            $oOFA->SearchRSLikeOfficerCodeNameSurname($officerCode,$officerName,$officerSurname);

                            while($oOFA->GetRecord()){ 

                                    if(($i%2) == 0)

                                        echo '<tr bgcolor="'.$GLOBALS["COLOR_BG_TD_5"].'">';

                                    else

                                        echo '<tr bgcolor="'.$GLOBALS["COLOR_BG_TD_4"].'">';

                    ?>

                  <td height="20" align="center"><a href="showDeFormTeachName.php?officerId=<? echo $oOFA->officerId ?>"  onclick="return sendRequest(this);" onmouseover="window.status=''; return true;"><? echo $oOFA->officerCode ?></a></td>

                  <td>&nbsp;<a href="showDeFormTeachName.php?officerId=<? echo $oOFA->officerId ?>"  onclick="return sendRequest(this);" onmouseover="window.status=''; return true;"><? echo $oOFA->prefixName.$oOFA->officerName." ".$oOFA->officerSurname ?></a></td>

                  </tr>

                  <?            $i++;

                                $numRow = $i;

                                $total_page = 1;

                                $page_id = 1;

                            } // end while    

                        } // end else inputSearch

                        if($i == 0){

?>

                  <tr bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_5"];?>"> 

                    <td colspan="2" height="20" align="center"><font size="2" color="<?php echo $GLOBALS['COLOR_FONT_3'];?>">** 

                      дБи»ГТЎЇ

                      <? 

                            if($inputSearch != ""){

                                if($selectSearch == 1){

                                     echo "ГЛСКНТЁТГВм '".$inputSearch,"' "; 

                                }else if($selectSearch == 2){

                                     echo "ЄЧиН-№ТБКЎШЕ '".$inputSearch,"' "; 

                                }

                            }else {

                                echo "ГТВЎТГ"; 

                            }?>

                      г№°Т№ўйНБЩЕ **</font></td>

                  </tr>

                  <?php

                                $numRow = 0;

                                $total_page = 1;

                                $page_id = 1;

                        }

?>

                </table>

                <table width="440" border="0" align="center">

                  <tr> 

                    <td width="341"><font size="2" color="<?php echo $GLOBALS['COLOR_FONT_4'];?>">Л№йТ-&gt; 

                      <?php

                    for ($num=1; $num<=$total_page; $num++) {    

                        if($num == $page_id)

                            echo $num." ";

                        else {

?>

                      <a href="searchFormByTeachName.php?page_id=<?php echo $num;?>&acadYearSearch=<? echo $acadYearSearch ?>&semesterSearch=<? echo $semesterSearch ?>"><?php echo '[ '.$num.' ]';?></a> 

                      <?php

                        }

                    }

?>

                      </font></td>

                    <td width="89" align="right"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_4"];?>">ГЗБ 

                      <?php echo $numRow;?> ГТВЎТГ</font></td>

                  </tr>

                  <tr> 

                    <td colspan="2">&nbsp;</td>

                  </tr>

                  <tr> 

                    <td colspan="2"><input type="button" name="back2" value="ЎЕСєКЩиЛ№йТЛЕСЎ" onClick=" location.href = 'index.php?mm=1'"></td>

                  </tr>

                </table>

                <br> </td>

           </tr>

  </table>     

</form>

      </div>

      </fieldset><br>

      <table width="742" border="0">

        <tr> 

          <td width="63" height="27"><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"];?>"><strong>ЛБТВаЛµШ 

            : </strong></font></td>

          <td width="669"><font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2">ЎЎГНЎГЛСКГТВНТЁТГВм 

            ЛГЧНЄЧиН-№ТБКЎШЕ аѕЧиН¤й№ЛТјЕЎТГ»ГРаБФ№бєє»ГРаБФ№НТЁТГВмјЩйКН№</font></td>

        </tr>

        <tr> 

          <td height="27">&nbsp;</td>

          <td><font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2">аЕЧНЎ¤ЕФЎ·ХиГЛСКЗФЄТЛГЧНЄЧиНГТВЗФЄТ 

            аѕЧиНґЩјЕЎТГ»ГРаБФ№</font></td>

        </tr>

        <tr>

          <td height="27">&nbsp;</td>

          <td>&nbsp;</td>

        </tr>

      </table> </td>

</tr>

</table>

<form name="silent" id="silent" style="margin:0px; padding: 0px;" method="post"></form>

<?php

showFooter();

?>
:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:
:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/
:: Command execute ::
Enter:	Select: