!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mistk/mistk/mistk/eoffice/admin/   drwxr-xr-x
Free 50.78 GB of 127.8 GB (39.73%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     printRepFollowDocDeptexAllPI.php (21.1 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?
set_time_limit
(0);
header('Content-type: application/xls');
header('Content-Disposition: attachment; filename="printRepFollowDocDeptex.xls"');
// include_once "template.php";
include_once("../../class/clsConnection.php");
include_once(
"../../class/clsDB.php");
include_once 
"../global.php";
include_once 
"../link/function.php";
include_once 
"../link/functionshow.php";
include_once 
"../class/clsDocType.php";
include_once 
"../class/clsDocuments.php";
include_once 
"funct.php";
include_once 
"../class/clsDepartment.php";
include_once 
"../class/clsDocLineConfig.php";
include_once 
"../class/clsDocLinePosition.php";
include_once 
"../class/clsDocReceiveSend.php";
include_once 
"../class/clsPerson.php";
include_once 
"../link/keyThai.php";
include_once 
"getPrefix.php";

//CHAIN ADD
include_once "../class/clsSendReceive.php"
include_once 
"../class/clsCollegeDetail.php";

$oC = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_EOFFICE'], $GLOBALS['DBUSER_EOFFICE'], $GLOBALS['DBPASS_EOFFICE']);

$oDt = new doctype($oC);
$oDoc = new Documents($oC);    
$oDoc2 = new Documents($oC);    
$oDP = new Department($oC);
$oDP1 = new Department($oC);
$oDlc = new DocLineConfig($oC);
$oDlc1 = new DocLineConfig($oC);
$oDlc2 = new DocLineConfig($oC);
$oDlc3 = new DocLineConfig($oC);
$oDlc4 = new DocLineConfig($oC);
$oDlp = new docLinePosition($oC);
$oDlp1 = new docLinePosition($oC);
$oRs = new DocReceiveSend($oC);
$oRs0 = new DocReceiveSend($oC); // Chain add
$oRs1 = new DocReceiveSend($oC);
$oRs2 = new DocReceiveSend($oC); // Chain add
$oRs5 = new DocReceiveSend($oC); // Chain add
$oRs8 = new DocReceiveSend($oC);
$oRs9 = new DocReceiveSend($oC);
$oPS = new person($oC);
$oPS1 = new person($oC);
$oPS2 = new person($oC);
$oPS3 = new person($oC);
$MaxDocGroup=$oDP->SearchMaxDocGroup();

// CHAIN ADD
$oTsr = new sendreceive($oC);
$oCd = new collegedetail($oC); 

?>

<?php
function showsteplinedocRef1($searchDoc){
include_once 
"../class/clsDocLineConfig.php";
include_once 
"../class/clsDocLinePosition.php";
include_once 
"../class/clsPerson.php";
include_once 
"../class/clsDepartment.php";
include_once 
"getPrefix.php";

$oC = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_EOFFICE'], $GLOBALS['DBUSER_EOFFICE'], $GLOBALS['DBPASS_EOFFICE']);

$oRs00 = new DocReceiveSend($oC);
$oRs11 = new DocReceiveSend($oC);
$oRs22 = new DocReceiveSend($oC);
$oPS22 = new person($oC);

    
$oRs00->SearchByDocIDDsID3($searchDoc);
    if(
$oRs00->GetRecord()=="1"){
        
        
$oRs22->SearchByDrsFromDrsIDcaseps($oRs00->DrsID);
        while(
$oRs22->GetRecord()){
            
$oPS22->SearchByKey($oRs22->personId);    
            
$oPS22->GetRecord();

            echo 
"<br><font color=\"#029b0a\">[".iconv('TIS-620','UTF-8',GetPrefix($oPS22->prefixId).$oPS22->fName."&nbsp;".$oPS22->lName)."]</font>";
        }
        
$oRs11->SearchByDrsFromDrsIDcasedept($oRs00->DrsID);
        while(
$oRs11->GetRecord()){
            
showsteplinedocRef1($oRs11->DocID);
        }
        
        
// echo $DocNoBackTmp;
    
}
    
    
//return $DocNoBackTmp;
}
?>
<html>
<head>
<script language="javascript" src="../source/calendarDateInput.js"></script>
<meta http-equiv="Content-Type" content="text/html; charset=tis-620">
</head>
<body>
<table  width="100%"  align="center">
<tr><td >
<fieldset>
      <!--<legend><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="?mm=1">รายงาน</a>
    </font>
    <img src="../picture/ico3.gif" width="10" border="0" align="absmiddle">รายงานการติดตามหนังสือราชการที่กำหนดวันแล้วเสร็จ</font>
    </legend>-->
        <form name="ff"  method="post" action="printRepFollowDocDeptexAllPI.php">
        <table width="99%" align="center">
            <tr> 
              <td height="22"><font   face="MS Sans Serif, Tahoma, sans-serif"><strong>รายงานการติดตามหนังสือราชการที่กำหนดวันแล้วเสร็จ&nbsp;
               <? $oDP1->SearchByKey($deptId);  $oDP1->GetRecord(); echo "หน่วยงาน :: ".iconv('TIS-620','UTF-8',$oDP1->deptName);  ?>
               </strong></font></td>
              <td height="22" align="right">

                
              </td>
            </tr>
            <tr> 
              <td width="92%" height="22"><font   face="MS Sans Serif, Tahoma, sans-serif"><strong><? echo iconv('TIS-620','UTF-8',$GLOBALS["COLLEGENAME"]); ?> 
        
            <?     
// =======================================================================================================
// == CHAIN EDIT - 2015/07/16 ============================================================================
// =======================================================================================================
            
if(th2a($yearDoc) != 0){
                echo 
"วันที่ดำเนินการส่งหนังสือประจำปี ".iconv('TIS-620','UTF-8',a2th($yearDoc));            
            }else if(
$start != 0){
                echo 
"วันที่ดำเนินการส่งหนังสือตั้งแต่วันที่ "; list($day1,$month1,$year1) = preg_split('[/]',$start);  $s=($year1+543)."-".$month1."-".$day1;   echo iconv('TIS-620','UTF-8',abbreDate2($s,'/'));                        
                echo 
" ถึง "; list($day2,$month2,$year2) = preg_split('[/]',$end);  $e=($year2+543)."-".$month2."-".$day2;   echo iconv('TIS-620','UTF-8',abbreDate2($e,'/'));    
            }else if(
$DocDueDateStart != 0){
                echo 
"วันที่กำหนดวันเสร็จตั้งแต่วันที่ "; list($day1,$month1,$year1) = preg_split('[/]',$DocDueDateStart);  $s=($year1+543)."-".$month1."-".$day1;   echo iconv('TIS-620','UTF-8',abbreDate2($s,'/'));                        
                echo 
" ถึง "; list($day2,$month2,$year2) = preg_split('[/]',$DocDueDateEnd);  $e=($year2+543)."-".$month2."-".$day2;   echo iconv('TIS-620','UTF-8',abbreDate2($e,'/'));    
            }
// =======================================================================================================
            
?>
                </strong></font></td>
              <td width="8%" align="right">

              </td>
            </tr>
            <tr> 
              <td height="24" colspan="2"><hr></td>
            </tr>
            <tr align="center">
            <td align="center" colspan="2">
<!-- =============================================================================== -->
<!-- ==== CHAIN ADD - 2015/07/17 - Script Fix header of table ====================== -->
<!-- =============================================================================== -->
<style type="text/css">
    body { height: 1000px; }
    thead{
        background-color:white;
    }
  </style>
<script type="text/javascript" src="../source/jquery-1.9.1.min.js"></script>
<script type="text/javascript">//<![CDATA[ 
$(window).load(function(){
function moveScroll(){
    var scroll = $(window).scrollTop();
    var anchor_top = $("#maintable").offset().top;
    var anchor_bottom = $("#bottom_anchor").offset().top;
    if (scroll>anchor_top && scroll<anchor_bottom) {
    clone_table = $("#clone");
    if(clone_table.length == 0){
        clone_table = $("#maintable").clone();
        clone_table.attr('id', 'clone');
        clone_table.css({position:'fixed',
                 'pointer-events': 'none',
                 top:0});
        clone_table.width($("#maintable").width());
        $("#table-container").append(clone_table);
        $("#clone").css({visibility:'hidden'});
        $("#clone thead").css({visibility:'visible', 'pointer-events':'auto'});
    }
    } else {
    $("#clone").remove();
    }
}
$(window).scroll(moveScroll);
});//]]>  

</script>
<!-- =============================================================================== -->
<div id="table-container">
              <table id="maintable" width="100%" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#DADADA"  style="border-collapse:collapse">
              <thead>
               <tr bgcolor="<?php echo $GLOBALS["COLOR_BG_TD_1"]; ?>"><th width="6%" align="center"><strong>ที่</strong></th><th width="15%" align="center"><strong>ที่หนังสือ</strong></th><th width="22%" align="center"><strong>เรื่อง</strong></th><th width="10%" align="center"><strong>ว/ด/ป ที่<br>ลงทะเบียน</strong></th><th width="17%" align="center"><strong>หน่วยงานย่อย/<br>ผู้รับผิดชอบหลัก</strong>
               
               <!-- Chain Comment 20150629 -->
               <!--</td><th width="10%" align="center"><strong>หมายเหตุ</strong></th>-->
               
               </td><th width="10%" align="center"><strong>กำหนดวันแล้วเสร็จ</strong></th>
               </td><th width="10%" align="center"><strong>หนังสือตอบกลับ</strong></th>
               </td><th width="10%" align="center"><strong>รอดำเนินการ</strong></th>
               </td><th width="10%" align="center">ดำเนินการแล้วเสร็จ</th>
               </tr>
               </thead>
               <tbody>
            <? 
// =======================================================================================================
// == CHAIN EDIT - 2015/07/16 ============================================================================
// =======================================================================================================
                
$startT 0;
                
$endT 0;
                if(
th2a($yearDoc) != 0){ //ประจำปีปฎิทิน
                    
$yy th2a($yearDoc);
                    
$startT $yy."-01-01";
                    
$endT $yy."-12-31";
                }else if(
$start != 0){
                    list(
$dd$mm$yy) = preg_split('[/]',$start);
                    
$startT=($yy+543)."-".$mm."-".$dd;
                    list(
$dd$mm$yy) = preg_split('[/]',$end);
                    
$endT=($yy+543)."-".$mm."-".$dd;
                }
// =======================================================================================================                
                
else if($DocDueDateStart != 0){ //กำหนดวันเสร็จ
                    
list($dd$mm$yy) = preg_split('[/]',$DocDueDateStart);
                    
$DocDueDateStart=($yy+543)."-".$mm."-".$dd;
                    list(
$dd$mm$yy) = preg_split('[/]',$DocDueDateEnd);
                    
$DocDueDateEnd=($yy+543)."-".$mm."-".$dd;
                }
                
// $oDoc->SearchByDrsSendDateDocTypeNoDocSubjectDocNoDeptIdfDeleteDocGroupDsID3($startT,$endT,th2a($DocTypeNoStart),th2a($DocTypeNoEnd),th2a($DocSubject),th2a($DocNo),$deptId,$MaxDocGroup,$printorder);
                
$oDoc->SearchByDrsSendDateDocTypeNoDocSubjectDocNoDeptIdfDeleteDocGroupDsIDDocDueDate($startT,$endT,th2a($DocTypeNoStart),th2a($DocTypeNoEnd),th2a($DocSubject),th2a($DocNo),$deptId,$MaxDocGroup,$printorder,$DocDueDateStart,$DocDueDateEnd);
                while(
$oDoc->GetRecord()){
                
$nomainps='0';
                    if((
$i%2) == 0
                          echo 
"<tr bgcolor=\"#FFFFFF\" height=22 >";
                    else
                          echo 
"<tr bgcolor=\"".$GLOBALS["COLOR_BG_TD_17"]."\">";
  
//===================================================================================            
            
$nomainps=0;
            
$completedate "-"//กำหนดวันแล้วเสร็จ
            
$waitaction ""//สถานะการรอ
            
$actiondate ""//วันที่ดำเนินการแล้วเสร็จ
            
$DocNoBack     ""//ที่หนังสือตอบกลับ
            
$showname    ""//หน่วยงานย่อย/ผู้รับผิดชอบหลัก
            
            
$DueDate "";

//=================================================================================================
//==== CHAIN ADD 2015/07/14 กำหนดวันแล้วเสร็จ --completedate - (ส่งภายนอก)  ===============================================
//=================================================================================================                
            
if($oDoc->RsID=='2'){
                
$x=0;
                
$oTsr->SearchDocSend($GLOBALS["COLLEGEID"],$oDoc->DocID);
                while(
$oTsr->GetRecord()){
                    
                    
$oCd->SearchByKey($oTsr->tsr_to_node);
                    
$oCd->GetRecord();
                    
$showname .= "&nbsp;".$oCd->collegeAbbr;
                    if(
$oTsr->tsr_SendNew!="0000-00-00 00:00:00"){
                            list(
$DocD2,$DocT2) = preg_split('[ ]',$oTsr->tsr_SendNew); 
                            
$showname .= "<br>[ส่งเพิ่มเติม ".abbreDate2($DocD2,'/')."&nbsp;".a2th($DocT2)."]";
                    }
                    
$showname .= "<br>";
                    if(
$oTsr->tsr_DrsDocDueDate!="0000-00-00 00:00:00"){
                        list(
$DocD,$DocT) = preg_split('[ ]',$oTsr->tsr_DrsDocDueDate);
                        
$DueDate $DocD;
                        
$completedate abbreDate2($DocD,'/')."<br>".a2th($DocT);
                    }
                }
            }
//=================================================================================================
        
                // $oRs8->SearchByDrsFromDrsIDDrsMainPs($oDoc->DrsID);
                
$oRs8->SearchByDrsFromDrsID($oDoc->DrsID); // CHAIN Add
                
while($oRs8->GetRecord()){  //echo "<pre>";print_r($oRs8);echo "</pre>";
                
//=================================================================================================
//==== CHAIN ADD 2015/07/13 กำหนดวันแล้วเสร็จ --completedate===============================================
//=================================================================================================                
                    
if($oRs8->DrsDocDueDate!="0000-00-00" || $oRs8->DrsDocDueDate!=""){
                        list(
$DocD,$DocT) = preg_split('[ ]',$oRs8->DrsDocDueDate);
                        
$DueDate $DocD;
                        
$completedate abbreDate2($DocD,'/')."<br>".a2th($DocT);
                    }
//=================================================================================================


//=================================================================================================
//==== CHAIN ADD 2015/07/13 หน่วยงานย่อย/ผู้รับผิดชอบหลัก --showname=============================================
//=================================================================================================
                    
if($oRs8->personId==0){
                            
$oDlc->SearchByKey($oRs8->DlcID); $oDlc->GetRecord();  
                            
$oDP->SearchByKey($oDlc->deptId); $oDP->GetRecord();  
                            
$oPS->SearchByKey($oRs8->DrsReceivePersonId); $oPS->GetRecord(); 
                            if(
$oRs8->DrsReceivePersonId!='0'){
                            
$showname .= "&nbsp;".GetPrefix($oPS->prefixId).$oPS->fName."&nbsp;".$oPS->lName.'<br>';
                            }
                            
$showname .= "สารบรรณย่อย";
                            
$showname .= "&nbsp;&nbsp;(".$oDP->deptName.")";
                            if(
$oRs8->DrsMainDept=="Y"){ $showname .= "<br>&nbsp;<font color=\"#029b0a\">[หน่วยงานรับผิดชอบหลัก]</font>";  }
                            
$nomainps=1;
                            
$sendtodept=1;
                    }else{
                            
$sendtodept='';
                            
$oPS->SearchByKey($oRs8->personId); $oPS->GetRecord(); 
                            
$showname .= "&nbsp;".GetPrefix($oPS->prefixId).$oPS->fName."&nbsp;".$oPS->lName;
                            if(
$oRs8->DrsMainPs=="Y"){ $showname .= "&nbsp;<font color=\"#029b0a\">[ผู้รับผิดชอบหลัก]</font>";  $nomainps=0;  }else{  $nomainps=1; }
                            if(
$oRs8->DrsSendToPs=="Y"){
                                
$showname .= "&nbsp;<font color=\"#FF0000\">[ส่งด่วน]</font>";
                            }
                    }
                    if(
$oRs8->DrsSendDocNew !="0000-00-00 00:00:00"){
                        
$showname .= "<br>&nbsp;&nbsp;<font color=\"#FF0000\">[ส่งเพิ่มเติม] ";
                        list(
$DocD,$DocT) = preg_split('[ ]',$oRs8->DrsSendDocNew);
                        
$showname .= abbreDate2($DocD,'/')."&nbsp;".a2th($DocT); 
                        
$showname .= "</font>";
                    }
                    
$showname .= "<br>";
                
$i++;  
                } 
                  
            
?>      
            <td width="6%" align="center" title="ที่"><? echo iconv('TIS-620','UTF-8',a2th($oDoc->DocTypeNo)); ?></td>
            <td width="15%" title="ที่หนังสือ">&nbsp;<? if($oDoc->DtID!="15"){ echo iconv('TIS-620','UTF-8',$oDoc->DocNo);  }else{  echo '-'; }?></td>
            <td width="23%" title="เรื่อง">&nbsp;<? echo iconv('TIS-620','UTF-8',$oDoc->DocSubject); ?></td>
            <td width="11%" align="center" title="ว/ด/ป ที่ลงทะเบียน"><?    if($oDoc->DocDateCreate!="0000-00-00 00:00:00"){  list($DocD,$DocT) = preg_split('[ ]',$oDoc->DocDateCreate); echo iconv('TIS-620','UTF-8',abbreDate2($DocD,'/')."<br>".a2th($DocT));} ?></td>
            <td width="15%" title="หน่วยงานย่อย/
ผู้รับผิดชอบหลัก">&nbsp;<? echo iconv('TIS-620','UTF-8',$showname); ?></td>
            
            <!-- Chain Comment 20150629 -->
            <!--<td width="9%">&nbsp;</td>-->
            
            <td width="9%" align ="center" title="กำหนดวันแล้วเสร็จ"><?php echo iconv('TIS-620','UTF-8',$completedate);?></td>
            <td width="9%" align ="center" title="หนังสือตอบกลับ">
            <?php 
            
//======================================================================================================
// == 2015/07/10 == CHAIN Add == หาที่หนังสือตอบกลับ , สถานะการตอบกลับ , วันที่ดำเนินการแล้วเสร็จ ===============================================
//======================================================================================================
                    
$oDoc2->searchDocRefByDocIDDocName($oDoc->DocIDth2a($oDoc->DocNo), th2a($oDoc->DocSubject));
                    
                    
$flag 1;
                    while(
$oDoc2->GetRecord()){
                        
$flag 0;
                        if(
$oDoc2->DocDateCreate!="0000-00-00 00:00:00"){  
                            list(
$DocD,$DocT) = preg_split('[ ]',$oDoc2->DocDateCreate);
                            
$waitaction .= "";
                            
                            
// --- เช็ควันเกินกำหนด --------------------------------------------------------------
                            
list($ya,$ma,$da) = preg_split('[,]',time_diff($DueDate$DocD));
                            if(
$ya == && $ma == && $da == 0){
                                
$actiondate .= abbreDate2($DocD,'/')."<br>".a2th($DocT);
                            }else if(
$ya || $ma || $da 0){
                                
$actiondate .= abbreDate2($DocD,'/')."<br>".a2th($DocT);
                            }else{
                                
$actiondate .= "<font color='#FF0000'>".abbreDate2($DocD,'/')."<br>".a2th($DocT)."</font>";
                            }
                        }
                        
$DocNoBack $oDoc2->DocNo;
                        echo 
iconv('TIS-620','UTF-8',$DocNoBack); // Chain Add 2015/08/13
                        
//==============================================================================            
//=== CHAIN ADD 2015/08/07 - แสดงชื่อผู้รับผิดชอบหลักของหนังสือตอบกลับ ======================            
//==============================================================================            
    
    
showsteplinedocRef1(th2a($oDoc2->DocID));

    
//==============================================================================            
                        
                        
$waitaction .= "<br>";
                        
$actiondate .= "<br>";
                        
$DocNoBack .= "<br>";
                    }
                    if(
$flag){
                        
$waitaction .= "/"
                        
$actiondate .= "-";
                        
$DocNoBack .= "-";
                    }
//======================================================================================================    
            
            // echo $DocNoBack; // Chain Comment 2015/08/13
            
?>
            </td>
            <td width="9%" align ="center" title="รอดำเนินการ"><?php echo iconv('TIS-620','UTF-8',$waitaction);?></td>
            <td width="9%" align ="center" title="ดำเนินการแล้วเสร็จ"><?php echo iconv('TIS-620','UTF-8',$actiondate);?></td>
            </tr>
            </tbody>
            <? $i++; }  
            
?>
            </table>
            
<!-- =============================================================================== -->
<!-- ==== CHAIN ADD - 2015/07/17 - Fix header of table ============================= -->
<!-- =============================================================================== -->
            <div id="bottom_anchor"></div>
</div>
<!-- =============================================================================== -->

            </td></tr>
            </table>
            <input type="hidden" name="DocSubject"   id="DocSubject"  value="<? echo $DocSubject?>" >
    <input type="hidden" name="DocNo" id="DocNo"  value="<? echo $DocNo?>" >
  <input type="hidden" name="start" id="start"  value="<? echo $start?>" >
  <input type="hidden" name="end" id="end"  value="<? echo $end?>" >
  <input type="hidden" name="yearDoc" id="yearDoc"  value="<? echo $yearDoc?>" >
  <input type="hidden" name="DocTypeNoStart" id="DocTypeNoStart"  value="<? echo $DocTypeNoStart?>" >
  <input type="hidden" name="DocTypeNoEnd" id="DocTypeNoEnd"  value="<? echo $DocTypeNoEnd?>" >
    <input type="hidden" name="pId"   id="pId"  value="<? echo $pId?>" >
  <input type="hidden" name="deptId" id="deptId"  value="<? echo $deptId?>" >
   <input type="hidden" name="seeAll" id="seeAll"  value="<? echo $seeAll?>" >
     <input type="hidden" name="dlcid" id="dlcid"  value="<? echo $dlcid?>" >
     <input type="hidden" name="printorder" id="printorder"  value="<? echo $printorder?>" >
   <input type="hidden" name="print"  id="print"  value="พิมพ์" >
                 </form>
                 </fieldset> 
        </td>
        </tr>
</table>
</body>
</html>
<script>
function printDetailFollowDocDept(p,q){ 
        FileName = "printRepFollowDocDeptDetail.php?DocID="+p+"&DrsID="+q;
            var w=600;  
            var h=600;
            strOption = "scrollbars=yes,left=300,top=100,width=" + w + ",height=" + h;
            window.open(FileName,"",strOption);         
}function showDocex(){
    document.ff.submit();
}
function showDocex2(){
    window.print();
}
</script>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0159 ]--