Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/reg-tools/api/ drwxr-xr-x |
Viewing file: Select action/file-type: <?php include("../include/class.mysqldb.php"); include("../include/config.inc.php"); if($_REQUEST["action"] == "insertCrs"){ $crsUnit = $_REQUEST["crsCreditTotal"] . "(" . $_REQUEST["crsCredit1"] . "-" . $_REQUEST["crsCredit2"] . "-" . $_REQUEST["crsPeriod3"] . ")"; $sql = "INSERT INTO rg_Course VALUES ('','" . $_REQUEST["crsCode"] . "','" . $_REQUEST["crsCodeE"] . "','" . $_REQUEST["crsName"] . "','" . $_REQUEST["crsNameE"] . "','" . $_REQUEST["crsAbbr"] . "','" . $_REQUEST["crsAbbrE"] . "','','','" . $_REQUEST["crsCreditTotal"] . "','" . $_REQUEST["crsCredit1"] . "','" . $_REQUEST["crsCredit2"] . "','" . $_REQUEST["crsCredit1"] . "','" . $_REQUEST["crsCredit2"] . "','" . $_REQUEST["crsPeriod3"] . "','" . $crsUnit . "','Y','','" . $_REQUEST["crsCdId"] . "','1',now(),'reg-tools',now(),'reg-tools')"; $link->query($sql); echo "Insert Success!!"; } if($_REQUEST["action"] == "deleteCrs"){ $sql = "DELETE FROM rg_Course WHERE crsId = '" . $_REQUEST["crsId"] . "'"; $link->query($sql); echo "Data deleted."; } if($_REQUEST["action"] == "getCrsById"){ $sql = "SELECT * FROM rg_Course WHERE crsId = '".$_REQUEST["crsId"]."'"; $link->query($sql); echo json_encode($link->getnext()); } if($_REQUEST["action"] == "getCrsAll"){ $sql = "SELECT * FROM rg_Course"; $link->query($sql); $i = 1; while($data = $link->getnext()){ $opt = "<button class='btn btn-primary btn-sm' data-toggle='modal' data-target='#editCourse' data-id='" . $data->crsId . "'>Edit</button>"; $opt .= " <button class='btn btn-danger btn-sm' data-toggle='modal' data-target='#modalDel' data-id='" . $data->crsId . "'>Del</button>"; $json["data"][] = array("No"=>$i++,"crsCode"=>$data->crsCode,"crsCodeE"=>$data->crsCodeE,"crsName"=>$data->crsName,"crsNameE"=>$data->crsNameE,"crsUnit"=>$data->crsUnit, "opt"=>$opt); } echo json_encode($json); } if($_REQUEST["action"] == "updateCrs"){ $crsUnit = $_REQUEST["crsCreditTotal"]."(".$_REQUEST["crsCredit1"]."-".$_REQUEST["crsCredit2"]."-".$_REQUEST["crsPeriod3"].")"; $sql = "UPDATE rg_Course SET crsCode='" . $_REQUEST["crsCode"] . "', crsCodeE='" . $_REQUEST["crsCodeE"] . "',crsName='" . $_REQUEST["crsName"] . "', crsNameE='" . $_REQUEST["crsNameE"] . "', crsAbbr='" . $_REQUEST["crsAbbr"] . "', crsAbbrE='" . $_REQUEST["crsAbbrE"] . "', crsCreditTotal='" . $_REQUEST["crsCreditTotal"] . "', crsCredit1='" . $_REQUEST["crsCredit1"] . "', crsCredit2='" . $_REQUEST["crsCredit2"] . "', crsPeriod1='" . $_REQUEST["crsCredit1"] . "', crsPeriod2='" . $_REQUEST["crsCredit2"] . "', crsPeriod3='" . $_REQUEST["crsPeriod3"] . "', crsUnit='" . $crsUnit . "', crsCdId='" . $_REQUEST["crsCdId"] . "' WHERE crsId = '".$_REQUEST["crsId"]."'"; $link->query($sql); echo "Update Success!!"; } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0057 ]-- |