Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/mistk_joice2222/ums/ drwxr-xr-x |
Viewing file: processUmUser.php (2.2 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php include_once("global.php"); include_once("../class/clsConnection.php"); include_once("../class/clsDB.php"); require_once("clsUmUser.php"); include_once("clsUmUserGroup.php"); include_once("clsUmPermission.php"); $oC = new clsConnection($GLOBALS['HOST'], $GLOBALS['DB'], $GLOBALS['USER'], $GLOBALS['PASSWORD']); $obj = new umuser($oC); $oUg = new umusergroup($oC); $oUp = new umpermission($oC); $oC->BeginTrans(); if($method=="add"){ $obj->AddNew(); $obj->UsID=$UsID; $obj->UsName=$UsName; $obj->UsLogin=$UsLogin; $obj->UsPassword=md5("O]O".$UsPassword."O[O"); $obj->UsPsCode=$UsPsCode; $obj->UsWgID=$UsWgID; $obj->UsQsID=$UsQsID; $obj->UsAnswer=$UsAnswer; $obj->UsEmail=$UsEmail; $obj->UsActive= ($UsActive=="on")? 1 : 0 ; $obj->UsAdmin= ($UsAdmin=="on")? 1 : 0 ; $obj->UsDesc=$UsDesc; $obj->UsPwdExpDt=$UsPwdExpDt; $obj->UsUpdDt=$UsUpdDt; $obj->UsUpdUsID=$UsUpdUsID; $obj->Save(); //save UserGroup $aBox = $GpID; foreach ($aBox as $v) { $oUg->AddNew(); $oUg->UgGpID=$v; $oUg->UgUsID=$obj->UsID; $oUg->Save(); } }else if($method=="edit"){ $obj->SearchByKey($UsID); $obj->GetRecord(); $obj->Edit(); $obj->UsID=$UsID; $obj->UsName=$UsName; $obj->UsLogin=$UsLogin; if ($UsPassword=="PaSsWoRd"){ $obj->UsPassword=$oldMd5UsPassword; }else{ $obj->UsPassword=md5("O]O".$UsPassword."O[O"); } $obj->UsPsCode=$UsPsCode; $obj->UsWgID=$UsWgID; $obj->UsQsID=$UsQsID; $obj->UsAnswer=$UsAnswer; $obj->UsEmail=$UsEmail; $obj->UsActive=($UsActive=="on")? 1 : 0 ; $obj->UsAdmin=($UsAdmin=="on")? 1 : 0 ; $obj->UsDesc=$UsDesc; $obj->UsPwdExpDt=$UsPwdExpDt; $obj->UsUpdDt=$UsUpdDt; $obj->UsUpdUsID=$UsUpdUsID; $obj->Save(); //save UserGroup $oUg->DeleteByUsID($UsID); $aBox = $GpID; foreach ($aBox as $v) { $oUg->AddNew(); $oUg->UgGpID=$v; $oUg->UgUsID=$obj->UsID; $oUg->Save(); } }else if($method=="delete"){ $oC->BeginTrans(); $oUg->DeleteByUsID($UsID); $oUp->DeleteByUs($UsID); $obj->SearchByKey($UsID); $obj->GetRecord(); $obj->Delete(); //don't foget to delete umlog } $oC->CommitTrans(); $obj->Close(); $oC->Disconnect(); echo "<meta http-equiv='refresh' content='0; URL=umShowUser.php'>"; ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0062 ]-- |