!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/report/   drwxr-xr-x
Free 51.24 GB of 127.8 GB (40.09%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     rep01.php (11.86 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php   
include_once("classes/Crud.php");
$crud = new Crud();

    
$curYear=(date("Y")+543);
    
//ปีที่ต้องการแสดงข้อมูลในกราฟ
    
$yeara=$curYear;
    
$yearb=$curYear-1;
    
$yearc=$curYear-2;
    
$yeard=$curYear-3;
    
$yeare=$curYear-4;
    
$yearf=$curYear-5;
    
$yearg=$curYear-6;
    
$yearh=$curYear-7;
    
$yeari=$curYear-8;
    
$yearj=$curYear-9;
    
//ปีที่นักศึกษาจบ
    
$yearaa=$curYear+3;
    
$yearbb=($curYear-1)+3;
    
$yearcc=($curYear-2)+3;
    
$yeardd=($curYear-3)+3;
    
$yearee=($curYear-4)+3;
    
$yearff=($curYear-5)+3;
    
$yeargg=($curYear-6)+3;
    
$yearhh=($curYear-7)+3;
    
$yearii=($curYear-8)+3;
    
$yearjj=($curYear-9)+3;
    
//นักศึกษาแรกเข้า
    //ปีที่ 1
    
$iny1 "SELECT * FROM sdtin WHERE stdAdY='$yeara' ";
    
$resultin1 $crud->getData($iny1);foreach($resultin1 as $key => $data1){$total1=$data1['total'];} 
    if(
$total1==""){$totald1=0;}else{$totald1=$total1;}
    
//ปีที่ 2
    
$iny2 "SELECT * FROM sdtin WHERE stdAdY='$yearb' ";
    
$resultin2 $crud->getData($iny2);foreach($resultin2 as $key => $data2){$total2=$data2['total'];} 
    if(
$total2==""){$totald2=0;}else{$totald2=$total2;}
    
//ปีที่ 3
    
$iny3 "SELECT * FROM sdtin WHERE stdAdY='$yearc' ";
    
$resultin3 $crud->getData($iny3);foreach($resultin3 as $key => $data3){$total3=$data3['total'];} 
    if(
$total3==""){$totald3=0;}else{$totald3=$total3;}
    
//ปีที่ 4
    
$iny4 "SELECT * FROM sdtin WHERE stdAdY='$yeard' ";
    
$resultin4 $crud->getData($iny4);foreach($resultin4 as $key => $data4){$total4=$data4['total'];} 
    if(
$total4==""){$totald4=0;}else{$totald4=$total4;}
    
//ปีที่ 5
    
$iny5 "SELECT * FROM sdtin WHERE stdAdY='$yeare' ";
    
$resultin5 $crud->getData($iny5);foreach($resultin5 as $key => $data5){$total5=$data5['total'];} 
    if(
$total5==""){$totald5=0;}else{$totald5=$total5;}
    
//ปีที่ 6
    
$iny6 "SELECT * FROM sdtin WHERE stdAdY='$yearf' ";
    
$resultin6 $crud->getData($iny6);foreach($resultin6 as $key => $data6){$total6=$data6['total'];} 
    if(
$total6==""){$totald6=0;}else{$totald6=$total6;}
    
//ปีที่ 7
    
$iny7 "SELECT * FROM sdtin WHERE stdAdY='$yearg' ";
    
$resultin7 $crud->getData($iny7);foreach($resultin7 as $key => $data7){$total7=$data7['total'];} 
    if(
$total7==""){$totald7=0;}else{$totald7=$total7;}
    
//ปีที่ 8
    
$iny8 "SELECT * FROM sdtin WHERE stdAdY='$yearh' ";
    
$resultin8 $crud->getData($iny8);foreach($resultin8 as $key => $data8){$total8=$data8['total'];} 
    if(
$total8==""){$totald8=0;}else{$totald8=$total8;}
        
//ปีที่ 9
    
$iny9 "SELECT * FROM sdtin WHERE stdAdY='$yeari' ";
    
$resultin9 $crud->getData($iny9);foreach($resultin9 as $key => $data9){$total9=$data9['total'];} 
    if(
$total9==""){$totald9=0;}else{$totald9=$total9;}
        
//ปีที่ 10
    
$iny10 "SELECT * FROM sdtin WHERE stdAdY='$yearj' ";
    
$resultin10 $crud->getData($iny10);foreach($resultin10 as $key => $data10){$total10=$data10['total'];} 
    if(
$total10==""){$totald10=0;}else{$totald10=$total10;}

    
//นักศึกษาสำเร็จการศึกษา
    //ปีที่ 1
    
$endy1 "SELECT * FROM sdtend WHERE stdGraduateY='$yearaa' ";
    
$resultend1 $crud->getData($endy1);foreach($resultend1 as $key => $datae1){$totalEnd1=$datae1['totalEnd'];} 
    if(
$totalEnd1==""){$totale1=0;}else{$totale1=$totalEnd1;}
    
//ปีที่ 2
    
$endy2 "SELECT * FROM sdtend WHERE stdGraduateY='$yearbb' ";
    
$resultend2 $crud->getData($endy2);foreach($resultend2 as $key => $datae2){$totalEnd2=$datae2['totalEnd'];} 
    if(
$totalEnd2==""){$totale2=0;}else{$totale2=$totalEnd2;}
    
//ปีที่ 3
    
$endy3 "SELECT * FROM sdtend WHERE stdGraduateY='$yearcc' ";
    
$resultend3 $crud->getData($endy3);foreach($resultend3 as $key => $datae3){$totalEnd3=$datae3['totalEnd'];} 
    if(
$totalEnd3==""){$totale3=0;}else{$totale3=$totalEnd3;}
    
//ปีที่ 4
    
$endy4 "SELECT * FROM sdtend WHERE stdGraduateY='$yeardd' ";
    
$resultend4 $crud->getData($endy4);foreach($resultend4 as $key => $datae4){$totalEnd4=$datae4['totalEnd'];} 
    if(
$totalEnd4==""){$totale4=0;}else{$totale4=$totalEnd4;}
    
//ปีที่ 5
    
$endy5 "SELECT * FROM sdtend WHERE stdGraduateY='$yearee' ";
    
$resultend5 $crud->getData($endy5);foreach($resultend5 as $key => $datae5){$totalEnd5=$datae5['totalEnd'];} 
    if(
$totalEnd5==""){$totale5=0;}else{$totale5=$totalEnd5;}
    
//ปีที่ 6
    
$endy6 "SELECT * FROM sdtend WHERE stdGraduateY='$yearff' ";
    
$resultend6 $crud->getData($endy6);foreach($resultend6 as $key => $datae6){$totalEnd6=$datae6['totalEnd'];} 
    if(
$totalEnd6==""){$totale6=0;}else{$totale6=$totalEnd6;}
    
//ปีที่ 7
    
$endy7 "SELECT * FROM sdtend WHERE stdGraduateY='$yeargg' ";
    
$resultend7 $crud->getData($endy7);foreach($resultend7 as $key => $datae7){$totalEnd7=$datae7['totalEnd'];} 
    if(
$totalEnd7==""){$totale7=0;}else{$totale7=$totalEnd7;}
    
//ปีที่ 8
    
$endy8 "SELECT * FROM sdtend WHERE stdGraduateY='$yearhh' ";
    
$resultend8 $crud->getData($endy8);foreach($resultend8 as $key => $datae8){$totalEnd8=$datae8['totalEnd'];} 
    if(
$totalEnd8==""){$totale8=0;}else{$totale8=$totalEnd8;}
    
//ปีที่ 9
    
$endy9 "SELECT * FROM sdtend WHERE stdGraduateY='$yearii' ";
    
$resultend9 $crud->getData($endy9);foreach($resultend9 as $key => $datae9){$totalEnd9=$datae9['totalEnd'];} 
    if(
$totalEnd9==""){$totale9=0;}else{$totale9=$totalEnd9;}
    
//ปีที่ 10
    
$endy10 "SELECT * FROM sdtend WHERE stdGraduateY='$yearjj' ";
    
$resultend10 $crud->getData($endy10);foreach($resultend10 as $key => $datae10){$totalEnd10=$datae10['totalEnd'];} 
    if(
$totalEnd10==""){$totale10=0;}else{$totale10=$totalEnd10;}


?>
<!DOCTYPE HTML>
<html>
<head>  
<meta charset="UTF-8">
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
<link rel="stylesheet"
          href="https://fonts.googleapis.com/css?family=Tangerine">
    <style>
      body {
        font-family: 'Kanit', sans-serif;
        font-size: 8 px;
      }
    </style>
<link rel="stylesheet" type="text/css" href="app-assets/vendors/css/tables/datatable/datatables.min.css">
</head>
<body>
<?php
include("header.php");
?>
<br>
<center>รายงานการเปรียบเทียบนักศึกษาแรกเข้า/สำเร็จการศึกษา ในแต่ละปีการศึกษา</center>
<br>
<div class="row">
  <div class="col-sm-12 text-center">
    <div class="card">
      <div class="card-body">
      <div id="chartContainer" style="height: 370px; width: 100%;"></div>
      </div>
    </div>
  </div>
  
</div>

<div class="row">
  <div class="col-sm-12 text-center">
    <div class="card">
      <div class="card-body">
<table class="table table-bordered">
  <thead>
    <tr>
      <th>ปีการศึกษาที่เข้า</th>
      <th>จำนวนแรกเข้า(คน)</th>
      <th>ปีการศึกษาที่จบ</th>
      <th>จำนวนสำเร็จการศึกษา(คน)</th>
      <th>ค่าร้อยละ(%)</th>
    </tr>
  </thead>
  <tbody>
    <tr>
      <td><?=$yeara?></td>
      <td><?=$totald1?></td>
      <td><?=$yearaa?></td>
      <td><?=$totale1?></td>
      <td><?=number_format(($totale1/$totald1)*100,2)?>%</td>
    </tr>
    <tr>
      <td><?=$yearb?></td>
      <td><?=$totald2?></td>
      <td><?=$yearbb?></td>
      <td><?=$totale2?></td>
      <td><?=number_format(($totale2/$totald2)*100,2)?>%</td>
    </tr>
    <tr>
      <td><?=$yearc?></td>
      <td><?=$totald3?></td>
      <td><?=$yearcc?></td>
      <td><?=$totale3?></td>
      <td><?=number_format(($totale3/$totald3)*100,2)?>%</td>
    </tr>
    <tr>
      <td><?=$yeard?></td>
      <td><?=$totald4?></td>
      <td><?=$yeardd?></td>
      <td><?=$totale4?></td>
      <td><?=number_format(($totale4/$totald4)*100,2)?>%</td>
    </tr>
    <tr>
      <td><?=$yeare?></td>
      <td><?=$totald5?></td>
      <td><?=$yearee?></td>
      <td><?=$totale5?></td>
      <td><?=number_format(($totale5/$totald5)*100,2)?>%</td>
    </tr>
    <tr>
      <td><?=$yearf?></td>
      <td><?=$totald6?></td>
      <td><?=$yearff?></td>
      <td><?=$totale6?></td>
      <td><?=number_format(($totale6/$totald6)*100,2)?>%</td>
    </tr>
    <tr>
      <td><?=$yearg?></td>
      <td><?=$totald7?></td>
      <td><?=$yeargg?></td>
      <td><?=$totale7?></td>
      <td><?=number_format(($totale7/$totald7)*100,2)?>%</td>
    </tr>
    <tr>
      <td><?=$yearh?></td>
      <td><?=$totald8?></td>
      <td><?=$yearhh?></td>
      <td><?=$totale8?></td>
      <td><?=number_format(($totale8/$totald8)*100,2)?>%</td>
    </tr>
    <tr>
      <td><?=$yeari?></td>
      <td><?=$totald9?></td>
      <td><?=$yearii?></td>
      <td><?=$totale9?></td>
      <td><?=number_format(($totale9/$totald9)*100,2)?>%</td>
    </tr>
    <tr>
      <td><?=$yearj?></td>
      <td><?=$totald10?></td>
      <td><?=$yearjj?></td>
      <td><?=$totale10?></td>
      <td><?=number_format(($totale10/$totald10)*100,2)?>%</td>
    </tr>
  </tbody>
</table>
</div>
    </div>
  </div>
  
</div>
    <script src="app-assets/vendors/js/tables/datatable/datatables.min.js"></script>
    <script src="app-assets/vendors/js/tables/datatable/datatables.buttons.min.js"></script>
    <script src="app-assets/vendors/js/tables/datatable/datatables.bootstrap4.min.js"></script>
    <script src="app-assets/js/scripts/datatables/datatable.js"></script>
    <script src="canvasjs.min.js"></script>
</body>
</html>
<?php
function DateThai($strDate)
{
    
$strYear date("Y",strtotime($strDate))+543;
    
$strMonthdate("n",strtotime($strDate));
    
$strDaydate("j",strtotime($strDate));
    
$strHourdate("H",strtotime($strDate));
    
$strMinutedate("i",strtotime($strDate));
    
$strSecondsdate("s",strtotime($strDate));
    
$strMonthCut = Array("","ม.ค.","ก.พ.","มี.ค.","เม.ย.","พ.ค.","มิ.ย.","ก.ค.","ส.ค.","ก.ย.","ต.ค.","พ.ย.","ธ.ค.");
    
$strMonthThai=$strMonthCut[$strMonth];
    return 
"$strDay $strMonthThai $strYear";
}
?>


<script>
window.onload = function () {

var chart = new CanvasJS.Chart("chartContainer", {
    exportEnabled: true,
    animationEnabled: true,
    title:{
        text: "รายงานการเปรียบเทียบนักศึกษาแรกเข้า/สำเร็จการศึกษา ในแต่ละปีการศึกษา"
    }, 
    axisX: {
        title: "ปีการศึกษา"
    },
    axisY: {
        title: "จำนวนคน",
        includeZero: true
    },
    toolTip: {
        shared: true
    },
    data: [{
        type: "column",
        name: "นักศึกษาแรกเข้า",
        showInLegend: true,      
        yValueFormatString: "#,##0.# คน",
        dataPoints: [
            { label: <?=$yeara?>,  y: <?=$totald1?> },
            { label: <?=$yearb?>, y: <?=$totald2?> },
            { label: <?=$yearc?>, y: <?=$totald3?> },
            { label: <?=$yeard?>,  y: <?=$totald4?> },
            { label: <?=$yeare?>,  y: <?=$totald5?> },
            { label: <?=$yearf?>,  y: <?=$totald6?> },
            { label: <?=$yearg?>,  y: <?=$totald7?> },
            { label: <?=$yeari?>,  y: <?=$totald8?> },
            { label: <?=$yearj?>,  y: <?=$totald9?> },
            { label: <?=$yearh?>,  y: <?=$totald10?> }
        ]
    },
    {
        type: "column",
        name: "สำเร็จการศึกษา",
        
        showInLegend: true,
        yValueFormatString: "#,##0.# คน",
        dataPoints: [
            { label: <?=$yeara?>, y: <?=$totale1?> },
            { label: <?=$yearb?>, y: <?=$totale2?> },
            { label: <?=$yearc?>, y: <?=$totale3?> },
            { label: <?=$yeard?>, y: <?=$totale4?> },
            { label: <?=$yeare?>, y: <?=$totale5?> },
            { label: <?=$yearf?>, y: <?=$totale6?> },
            { label: <?=$yearg?>, y: <?=$totale7?> },
            { label: <?=$yearh?>, y: <?=$totale8?> },
            { label: <?=$yeari?>, y: <?=$totale9?> },
            { label: <?=$yearj?>, y: <?=$totale10?> }
        ]
    }]
});
chart.render();

function toggleDataSeries(e) {
    if (typeof (e.dataSeries.visible) === "undefined" || e.dataSeries.visible) {
        e.dataSeries.visible = false;
    } else {
        e.dataSeries.visible = true;
    }
    e.chart.render();
}

}
</script>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0202 ]--