!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mistk/mistk/mistk/eoffice/admin/   drwxr-xr-x
Free 50.78 GB of 127.8 GB (39.73%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     editPsInfo.php (6.2 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

<?php
include_once "template.php";
include_once 
"../class/clsTable.php";
include_once 
"../class/clsDepartment.php";
include_once 
"../class/clsPerson.php";
include_once 
"../class/clshire.php";
include_once 
"../class/clsadmin.php";
include_once 
"../link/function.php";
include_once 
"../class/clsWorkGroup.php";

$oC = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_EOFFICE'], $GLOBALS['DBUSER_EOFFICE'], $GLOBALS['DBPASS_EOFFICE']);

$oDP = new Department($oC);
$oDP2 = new Department($oC);
$oDP3 = new Department($oC);
$oPs = new person($oC);
$oWG = new workGroup($oC);
$oWG2 = new workGroup($oC);
$oWG3 = new workGroup($oC);
$oHr = new hire($oC);
$oAd = new admin($oC);
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=tis-620">
<link href="../source/style.css" rel="stylesheet" type="text/css">
</head>
<body>
<iframe id="editInfo" name="editInfo" src="" style="width:$0px;height:0px;border:0"></iframe>
<br>
<table  width=703  align="center">
<tr><td height="150">
<fieldset>
            <legend><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="?mm=1">ตั้งค่าการใช้งานระบบ</a>
      <img src="../picture/ico3.gif" width="10" height="10" border="0" align="absmiddle"><a href="updatePerson2.php">แก้ไขข้อมูลบุคลากร</a>
    
      </font></legend>
     <form name="ff" action="processEditPsInfo.php" method="post" target="editInfo">
     <? $oPs->SearchByKey($ps);
             
$oPs->GetRecord();
    
?>
  <table width="80%" border="0" align="center" cellpadding="0" cellspacing="0">
              <tr>
          <td  height="30" align="left"><strong><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_2"];?>">&nbsp;&nbsp; 
            <img src="../picture/search2.jpg" alt=""  border="0" > ข้อมูลบุคลากร</font></strong></td>
        </tr>
              <tr>
    <td  align="left"></td>
  </tr>
            <tr>
            <td align="center"><br>
            <table width="95%" height="22" border="0" align="center"><tr>
       <? if($s=="1"){ ?>
       <td width="46%" align="center"><font color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>" size="2"><strong>    
           แก้ไขข้อมูลบุคลากรเรียบร้อยแล้ว</strong></font></td></tr>
        <? ?></table><br>    
        <table width="90%" border="0" align="center" cellpadding="0" cellspacing="1" bordercolor="#DADADA" style="border-collapse:collapse">
        <tr ><td width="33%" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_1"]; ?>" height="25">&nbsp;&nbsp;<strong>คำนำหน้าชื่อ</strong></td>
              <td width="2%" align="center"><strong>:</strong></td>
                <td width="65%" ><select name="prefixId">
                    <option value="1" <? if($oPs->prefixId=="1"){   echo "selected";} ?>>นาย</option>
                    <option value="2" <? if($oPs->prefixId=="2"){   echo "selected";}?>>นางสาว</option>
                    <option value="3" <? if($oPs->prefixId=="3"){   echo "selected";}?>>นาง</option>
                  </select></td>
      </tr>
          <tr ><td width="33%" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_1"]; ?>" height="25">&nbsp;&nbsp;<strong>ชื่อ - นามสกุล</strong></td>
              <td width="2%" align="center"><strong>:</strong></td>
                <td ><input name="fName" type="text" value="<? echo $oPs->fName;?>" size="15" maxlength="60"><input name="lName" type="text" maxlength="60" size="20" value="<? echo $oPs->lName;?>"></td>
      </tr>
           <tr ><td width="33%" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_1"]; ?>" height="25">&nbsp;&nbsp;<strong>สังกัด หน่วย/กอง/ฝ่าย</strong></td>
              <td width="2%" align="center"><strong>:</strong></td>
                <td ><select name="deptId">
                      <? $oDP->SearchBydeptDateDocGroup($oDP->SearchMaxDocGroup());
                            while(
$oDP->GetRecord()){?>
                      <option value="<? echo $oDP->deptId;?><? if($oDP->deptId==$oPs->deptId){   echo "selected";  }?>><? echo $oDP->deptName?></option>
                      <? ?>
                    </select></td>
      </tr>
      <tr ><td width="33%" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_1"]; ?>" height="25">&nbsp;&nbsp;<strong>ตำแหน่งในการเรียงลำดับ</strong></td>
              <td width="2%" align="center"><strong>:</strong></td>
                <td >  <select name="adminId">
                      <? $oAd->RSadmin();
                            while(
$oAd->GetRecord()){?>
                      <option value="<? echo $oAd->adminId;?><? if($oAd->adminId==$oPs->adminId){   echo "selected";  }?>><? echo $oAd->adminName?></option>
                      <? ?>
                    </select></td>
      </tr>
      <tr ><td width="33%" bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_1"]; ?>" height="25">&nbsp;&nbsp;<strong>ประเภทบุคลากร</strong></td>
              <td width="2%" align="center"><strong>:</strong></td>
                <td > 
                  <select name="hireId">
                      <? $oHr->RShire();
                            while(
$oHr->GetRecord()){?>
                      <option value="<? echo $oHr->hireId;?><? if($oHr->hireId==$oPs->hireId){   echo "selected";  }?>><? echo $oHr->hireName?></option>
                      <? ?>
                    </select>
                </td>
      </tr>
          <table width="100%" border="0" cellspacing="0" cellpadding="1">
    <tr>
        <td align="right">&nbsp;</td>
    </tr>    
</table>
        </table>
        <table border="0" align="center" width="90%"><tr>
                <td align="center"><input type="submit" name="jj" value="บันทึกข้อมูลบุคลากร" onClick="return checkFormat();"> 
                 <input type="reset" name="clear" value="เคลียร์ข้อมูล">
                  <input type="button" name="cancel" value="กลับหน้าหลัก" onClick="location.href = '?mm=1'">
                  <input type="hidden" name="ps" value="<? echo $ps?>" >
                  <input type="hidden" name="method" value="editinfo" >
                  
        </td></tr></table>
</form>
      
</fieldset>
 <br><br>
<br><br> <br><br>
</td>
</tr>
</table>
</body>
</html>

<script language="javascript">
function checkFormat(){
        if(document.ff.fName.value == ""){
                alert("กรุณากรอกชื่อ");
                document.ff.fName.focus();
                return false;
        }
        if(document.ff.lName.value == ""){
                alert("กรุณากรอกนามสกุล");
                document.ff.lName.focus();
                return false;
        }
        var agree=confirm("คุณต้องการบันทึกข้อมูลบุคลากรใช่หรือไม่ ?");
        if (agree){
            return true ;
        }else{
            return false ;
        }    
}
</script>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.014 ]--