110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/mis2222/application/views/esa/ drwxr-xr-x Free 50.65 GB of 127.8 GB (39.63%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

<link rel="stylesheet" href="<?=base_url();?>libraries/fcbkcomplete/fcbkcomplete.css" type="text/css"  charset="utf-8" />

<script src="<?=base_url();?>libraries/fcbkcomplete/jquery.js" type="text/javascript" charset="utf-8"></script>

<script src="<?=base_url();?>libraries/fcbkcomplete/fcbkcomplete.min.js" type="text/javascript" charset="utf-8"></script>

<script src="<?=base_url();?>libraries/fcbkcomplete/fcbkcomplete.js" type="text/javascript" charset="utf-8"></script>



<script type="text/javascript">



    function getAcY(){

        // fcbkcomplete



        //var maininput = $(".maininput").val();

        //alert(maininput);

        var list_url = "<?=site_url('esa/search/get_std_json');?>"+'/'+$('#year').val();

        $('.holder').remove(); // ตั้งค่า year ใหม่เมื่อมีการเปลี่ยนแปลง

        $.facebooklist('#facebook-demo', '#preadded', '#facebook-auto',{url:list_url,cache:1}, 10, {userfilter:1,casesensetive:0});

    }

    $(document).ready(function() {



        // call fcbkcomplete

        getAcY();

        // show & hide element

        $('input[name=list_type]:radio').click(function (){

            var n = $('input[name=list_type]:radio:checked').val();

            switch(n)

            {

                case '1':



                    $('#input_cur').hide();

                    $('#facebook_input').hide();

                    break;

                case '2':



                    $('#input_cur').toggle();



                    //$('#input_cur').show();

                    $('#facebook_input').hide();

                    getCur();

                    getSy();

                    break;

                case '3':



                    $('#input_cur').hide();

                    $('#facebook_input').show();

                    break;

            }

        });



        $("#smo_id").change(function () {

            change_smo();

            search_view();

        });



        $("#year").change(function () {

            $("#year").val();

            getAcY();

            var n = $('input[name=list_type]:radio:checked').val();

            if (n == 2){

                getCur();

                getSy();

            }

            search_view();

        });



        $(".maininput").keyup(function () {

            //getAcY();

            alert($(".maininput").val());

        });

    });    



function getCur(){

    var acY = $('#year').val();

    var cur = $('#curId').val();

    var sy = 0;

    var url ="<?=site_url('esa/search/get_cur_option');?>/"+acY+"/"+cur+"/"+sy;



    $.ajax({

        url: url,

        global: false,

        type: "GET",

        //      data: ({id : this.getAttribute('id')}),

        //      dataType: "html",

        async:false,

        success: function(data) 

        {   //alert("success"+data); 

            $('#cur').html(data);

        },

        error: function(xhr,state,exception) 

        { //alert("error"); 

            alert(state+', xhr.status = '+xhr.status);

        }

    });

}



function getSy(){

    var acY = $('#year').val();

    var cur = $('#curId').val();

    var sy = 0;



    var url ="<?=site_url('esa/search/get_sy_option');?>/"+acY+"/"+cur+"/"+sy;



    $.ajax({

        url: url,

        global: false,

        type: "GET",

        //      data: ({id : this.getAttribute('id')}),

        //      dataType: "html",

        async:false,

        success: function(data) 

        {   //alert("success"+data); 

            $('#sy').html(data);

        },

        error: function(xhr,state,exception) 

        { //alert("error"); 

            alert(state+', xhr.status = '+xhr.status);

        }

    });

}



function do_submit (action) {

    if (action) {

        jQuery("#myform").attr('action', action);

    }



    var mb_id = jQuery("#mb_id").val();

    //if (mb_id == '') {

        //tlist1.update();

    //}



    jQuery("#myform").submit();

}



function change_smo () {

    var url = "<?php echo site_url($this->config->item('sa_folder'));?>/smo_club/get_club/";

    $.ajax({

        url: url,

        global: false,

        type: "GET",

        data: ({smo_id : $('#smo_id').val()



                }),

        async:false,

        success: function(data) 

        {   //alert("success"+data); 

            $('#show_cl').html(data);

        },

        error: function(xhr,state,exception) 

        { //alert("error"); 

            alert(state+', xhr.status = '+xhr.status);

        }

    });

    $("#cl_id").change(function () {

        search_view();

    });

}



function search_view(){



    var url = "<?=site_url($this->config->item('sa_folder').'search/test/');?>";

    $.ajax({

        url: url,

        global: false,

        type: "GET",

        data: ({smo_id : $('#smo_id').val()

                ,cl_id : $('#cl_id').val()

                ,year : $('#year').val()}

                ),

        //      dataType: "html",

        async:false,

        success: function(data) 

        {   //alert("success"+data); 

            $('#search_view').html(data);

        },

        error: function(xhr,state,exception) 

        { //alert("error"); 

            alert(state+', xhr.status = '+xhr.status);

        }

    });

}



</script>

<?php

$row_mb = isset($qu_mb) ? $qu_mb->row() : NULL;

$attributes = array('id' => 'myform', 'name' => 'myform');

echo form_open($this->config->item('sa_folder').'/smo_club/mbs_insert', $attributes);

?>

<table width="80%" align="center">

<tr>

<td align="center"><h3>บันทึกประวัติการเข้าร่วมสโมสร/ชมรม</h3></td>

</tr>

<tr>

<td>



<table class="szone2" width="100%">

    <tr >

        <th width="25%">สโมสร</th>

        <td><?php

            if(count($rs_smo)>2){

                $js = "id=\"smo_id\"  style='margin:5px;'"; //"onChange=\"change_smo()\

                echo form_dropdown('smo_id', $rs_smo, '',$js);

            }else{

                echo "<select id='smo_id' name='smo_id' style='margin:5px;' >";

                $c_smo=1;

                foreach ($rs_smo as $id => $name) {

                    if($c_smo==2)

                        echo "<option value=\"".$id."\">".$name."</option>";

                    $c_smo++;

                }

                echo "</select>";

            }

            echo form_error('smo_id');

        ?></td>

    </tr>

    <tr >

        <th>ชมรม</th>

        <td><div id="show_cl" style='margin:5px;'>

            <select id="cl_id" name="cl_id">

            <option selected="selected" value="">-----เลือก-----</option>

            </select>

            

            </div><?php

                //$js = "id=\"cl_id\"";

                //echo form_dropdown('cl_id', $rs_cl, '',$js);

            if(count($rs_smo)==2){

                ?><script>change_smo ();</script><?php

            }

        ?></td>

    </tr>

    <tr >

        <th>ปีการศึกษาที่เข้าร่วม</th>

        <td>

<?php

            $js = "id=\"year\" style=\"margin:5px;\"";

            echo form_dropdown('year', $rs_acY, getval('year', $row_mb, getNowYearTh()),$js);

?>

        </td>

    </tr>

    <tr>

        <th>วันที่เริ่มต้น</th>

        <td><script>DateInput('fr_date', true, 'DD/MM/YYYY',"<?php echo set_value('fr_date') ? set_value('fr_date') : splitDateDb2(getval('fr_date', $row_mb, getNowDate()), '/');?>");</script>

        <?php echo form_error('fr_date');?></td>

    </tr>

    <tr >

        <th>วันที่สิ้นสุด</th>

        <td><script>DateInput('to_date', true, 'DD/MM/YYYY',"<?php echo set_value('to_date') ? set_value('to_date') : splitDateDb2(getval('to_date', $row_mb, getNowDate()), '/');?>");</script>

        <?php echo form_error('to_date');?></td>

    </tr>

    <tr >

        <th>รหัส/ชื่อ-สกุลนักศึกษา</th>

        <td id="facebook-list" class="input-text">

<?php



$allstd = array(

    'name'        => 'list_type',

    'id'          => 'list_type',

    'value'       => '1',

    'checked'     => FALSE,

    'style'       => 'margin:5px',

    );

$list_cur = array(

    'name'        => 'list_type',

    'id'          => 'list_type',

    'value'       => '2',

    'checked'     => FALSE,

    'style'       => 'margin:5px',

    );

$list_std = array(

    'name'        => 'list_type',

    'id'          => 'list_type',

    'value'       => '3',

    'checked'     => TRUE,

    'style'       => 'margin:5px',

    );

echo form_radio($allstd)."&nbsp;เลือกนักศึกษาทุกคน </br>";

echo form_radio($list_cur)."&nbsp;หลักสูตร/ชั้นปี </br>";

?>



    <span style="display:none" id="input_cur">

 &nbsp;&nbsp;<span id="cur"></span>

        <span id="sy"></span></br>

    </span>

<?php

echo form_radio($list_std)."&nbsp;ค้นหารายชื่อ ";

?></br>

&nbsp;&nbsp;

    <span id="facebook_input" style="display:inline-block"> 

        <input type="text" value="" id="facebook-demo" />

        <ul id="preadded" style="display:none"></ul>

        <div id="facebook-auto" >

            <div class="default">กรุณากรอกรหัส/ชื่อ-สกุลนักศึกษา</div> 

            <ul id="feed"></ul>

        </div>

    </span>

<?php echo form_error('facebook-demo');?>

        </td>

    </tr>

    <tr >

        <td colspan="2" align="center" ><input type="button" id="btnSubmit" name="btnSubmit" value="บันทึก" onClick="do_submit('mbs_insert')" />

        <input type="button" id="btnSearch" name="btnSearch" value="ค้นหา" onClick="do_submit('<?php echo site_url($this->config->item('sa_folder').'smo_club/mb_search');?>')" />

        <input type="hidden" id="mb_id" name="mb_id" value="<?php echo getval('mb_id', $row_mb);?>" /></td>

    </tr>

</table>



</td>

</tr>



</table><br />

<table class="tb_1" width="100%">

    <tr>

        <th>ลำดับ</th>

        <th>รหัสนักศึกษา</th>

        <th>ชื่อ-สกุลนักศึกษา</th>

        <th>สโมสร</th>

        <th>ชมรม</th>

        <th>ปีการศึกษาที่เข้าร่วม</th>

        <th>วันที่เริ่มต้น</th>

        <th>วันที่สิ้นสุด</th>

        <th>แก้ไข</th>

        <th>ลบ</th>

    </tr>

<?php

        $i = 1;

        if (isset($rs_mb)) {

            foreach ($rs_mb->result() as $row_mb) {

?>

        <tr >

            <td height="22" align="center"><?php echo $i;?></td>

            <td align="center"><span class="hand" onClick="sendPost('dtform', {'std_id':<?php echo $row_mb->mb_std_id;?>}, 'profile')"><?php echo $row_mb->stdCode;?></span></td>

            <td><?php echo $row_mb->prefixName.$row_mb->stdName.' '.$row_mb->stdSurname;?></td>

            <td><?php echo $row_mb->smo_name;?></td>

            <td><?php echo $row_mb->cl_name;?></td>

            <td align="center"><?php echo $row_mb->mb_year;?></td>

            <td align="center"><?php echo abbreDate2($row_mb->mb_fr_date);?></td>

            <td align="center"><?php echo abbreDate2($row_mb->mb_to_date);?></td>

            <td align="center"><span class="hand" onClick="sendPost('myform', {'mb_id':<?php echo $row_mb->mb_id;?>}, 'mb_input')"><?php echo img($this->config->item('sa_image_reply'));?></span></td>

            <td align="center"><span class="hand" onClick="if (confirm('ต้องการลบใช่หรือไม่')) { sendPost('hidform', {'mb_id':<?php echo $row_mb->mb_id;?>}, 'mb_delete'); }"><?php echo img($this->config->item('sa_image_del'));?></span></td>

        </tr>

<?php

                $i++;

            }

        }



        if ($i == 1) {

?>

        <tr class='notfound'>

            <td colspan="12" align="center"><?php echo $this->config->item('sa_not_found');?></td>

        </tr>

<?php

        }

?>

</table>

<?php



echo form_close();

?>

<div id='search_view'></div>
:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:
:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/
:: Command execute ::
Enter:	Select: