Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/mis2222/xmigratex/ drwxr-xr-x |
Viewing file: mof_ssm.php (6.28 KB) -rwxr-xr-x Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <link rel="stylesheet" type="text/css" href="style.css" /> <?php //$localhost_s = $_POST["localhost_s"]; //$localhost_u = $_POST["localhost_u"]; //$localhost_p = $_POST["localhost_p"]; //echo "tUsername = $tUsername<br>"; //echo "tPassword = $tPassword<br>"; //echo "dbNo = $dbNo<br>"; // echo "dbNo = $dbNo<br>"; //echo '<br><br>เริ่มลบข้อมูล<br>'; $dbreg = $_POST["dbreg"]; $dbmoreg = $_POST["dbmoreg"]; $dbppc = $_POST["dbppc"]; $oums = $_POST["oums"]; $nums = $_POST["nums"]; $host = $_POST["localhost_s"]; $tUsername = $_POST["localhost_u"]; $tPassword = $_POST["localhost_p"]; $dbNo = $_POST["dbNo"]; $ln_reg = mysql_connect($host, $tUsername, $tPassword, true); if (!$ln_reg) { echo "<font color='#FF0000'>$source_s"; die(' ไม่สามารถเชื่อมต่อฐานข้อมูลได้ ตรวจสอบชื่อ server, user และpassword ให้ถูกต้อง: ' . mysql_error()); echo "</font >"; }else{ //echo "Connected $source_s successfully<br>"; } $db_info = mysql_select_db($dbreg, $ln_reg); //mysql_query("SET NAMES 'utf8'", $ln_info); if (!$db_info) { die ('ไม่สามารถเชื่อมต่อฐานข้อมูล'.$dbmoreg.'ได้: ' . mysql_error()); }else{ echo " เชื่อมต่อฐานข้อมูล $dbreg สำเร็จ<br>"; } echo "<br><br>"; ?> <table border="1" class='tb_1'> <?php //$query = "SELECT * FROM $dbmoreg.rg_StudentSummary WHERE 1 ORDER BY ssmStdId,ssmAcY,ssmTmId"; //SELECT studentId, count( passStatus ) passStatus FROM reg.StudentStatus WHERE passStatus IN (1,2,3) GROUP BY studentId HAVING count( passStatus ) >3 // $query = "SELECT * FROM $dbreg.StudentStatus WHERE 1 ORDER BY studentId,acadYear,semester"; $query = "SELECT studentId ,acadYear ,semester ,studentStatus ,GPA ,creditAttempt ,creditSatisfy ,creditPoint ,GPAX ,sumCreditAttempt ,sumCreditSatisfy ,sumCreditPoint ,createDateTime ,createUserId ,updateDateTime ,updateUserId ,approveSpe ,approver ,refNo ,CONCAT(YEAR(approveDate)-543,'-',MONTH(approveDate),'-',DAY(approveDate)) AS approveDate ,passStatus , ( SELECT count( studentId ) +1 AS npass FROM $dbreg.`StudentStatus` ss2 WHERE ss.studentId = ss2.studentId AND ( ss2.acadYear < ss.acadYear OR ( ss2.acadYear = ss.acadYear AND ss2.semester < ss.semester ) ) AND ss2.passStatus IN ( 1, 2, 3 ) ) AS sy FROM $dbreg.`StudentStatus` ss WHERE 1 =1 ORDER BY studentId,acadYear,semester "; $result = mysql_query($query, $ln_reg); $num_rows = mysql_num_rows($result); ?> <tr><th colspan="9" align="right">StudentStatus ข้อมูล <?php echo $num_rows; ?> แถว</th></tr> <tr> <th>ลำดับ</th> <th>รหัสนักศึกษา<br>studentId</th> <th>ปีการศึกษา<br>acadYear</th> <th>ภาคการศึกษา<br>semester</th> <th>สถานะนึกศึกษา<br>studentStatus</th> <th>ประมาลผล<br>passStatus</th> <th>ชั้นปี<br>sy</th> <th>-<br>GPAX</th> <th>-<br>PassStatus</th> </tr> <?php $index =1; $stdId =0; $tr_class = '#e5e5e5'; while ($cur_row = mysql_fetch_object($result)) { if($stdId != $cur_row->ssmStdId){ if($tr_class=='#e5e5e5') $tr_class = '#d3dce3'; else $tr_class = '#e5e5e5'; $stdId = $cur_row->ssmStdId; } $style = "style='background-color: $tr_class ;'"; ?> <tr > <td <?php echo $style; ?>><?php echo $index; ?></td> <td <?php echo $style; ?>><?php echo $cur_row->studentId; ?></td> <td <?php echo $style; ?>><?php echo $cur_row->acadYear; ?></td> <td <?php echo $style; ?>><?php echo $cur_row->semester; ?></td> <td <?php echo $style; ?>><?php echo $cur_row->studentStatus; ?></td> <td <?php echo $style; ?>><?php echo $cur_row->passStatus; ?></td> <td <?php echo $style; ?>><?php echo $cur_row->sy; ?></td> <td <?php echo $style; ?>><?php echo $cur_row->GPAX; ?></td> <?php if($index+1 < $num_rows){ if (mysql_data_seek($result, $index)) { // มีแถวถัดไปมั้ย $next = mysql_fetch_object($result); if($next->studentId == $cur_row->studentId && $next->acadYear > $cur_row->acadYear){ if($cur_row->studentStatus == 1 && $cur_row->passStatus < 4 ){ ?> <td <?php echo $style; ?>><?php echo '1|2|3'; ?></td> <?php }elseif($cur_row->studentStatus ==1 && $cur_row->passStatus >= 4 && $cur_row->GPAX < 1.95){ echo "<td $style>$cur_row->passStatus</td>"; }elseif($cur_row->studentStatus !=1 && $cur_row->passStatus < 4){ echo "<td $style>0</td>"; }elseif($cur_row->studentStatus !=1 && $cur_row->passStatus >= 4 && $cur_row->GPAX < 1.95){ echo "<td $style>$cur_row->passStatus</td>"; }else{ echo "<td $style></td>"; } }else{ echo '<td></td>';} mysql_data_seek($result, $index); // หลังการ fetch result ต้องตั้งค่าให้แถวถัดไปเท่าเก่า } } /* if($index==2){ if (mysql_data_seek($result, $index)) { $next = mysql_fetch_object($result); echo '- '.$index; echo ' , '.$next->ssmStdId.''; echo ' , '.$next->ssmAcY; echo ' , '.$next->ssmTmId.'<br>'; mysql_data_seek($result, $index); }else{ echo 'end loop'; } } */ $index++; ?> </tr> <?php } mysql_free_result($result); ?> </table > |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0044 ]-- |