403Webshell
Server IP : 202.29.229.35  /  Your IP : 18.119.120.88
Web Server : Apache
System : Linux aapanel2 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64
User : www ( 1001)
PHP Version : 5.5.38
Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /www/wwwroot/www.ivecr2.ac.th/stdcard/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /www/wwwroot/www.ivecr2.ac.th/stdcard/StdImportCSV.php
<?php
	session_start();
	error_reporting(0); 
	include("connect/connect.php"); 
?>

<script type="text/javascript"> 
// Start XmlHttp Object
function uzXmlHttpSc(){
    var xmlhttpSc = false;
    try{
        xmlhttpSc = new ActiveXObject("Msxml2.XMLHTTP");
    }catch(e){
        try{
            xmlhttpSc = new ActiveXObject("Microsoft.XMLHTTP");
        }catch(e){
            xmlhttpSc = false;
        }
    }
 
    if(!xmlhttpSc && document.createElement){
        xmlhttpSc = new XMLHttpRequest();
    }
    return xmlhttpSc;
}
// End XmlHttp Object

function data_school(select_idSc,resultSc){
	var url = 'dataSchool.php?select_idSc='+select_idSc+'&resultSc='+resultSc ;
	//alert(url);    
	
    xmlhttpSc = uzXmlHttpSc();
    xmlhttpSc.open("GET", url, false);
	xmlhttpSc.setRequestHeader("Content-Type", "application/x-www-form-urlencoded;charset=utf-8"); // set Header
    xmlhttpSc.send(null);
	document.getElementById(resultSc).innerHTML =  xmlhttpSc.responseText;
}
//window.onLoad=data_show(5,'amphur'); 
</script>
<form action="" method="post" enctype="multipart/form-data" name="form1">
  <table width="600px" border="0" cellspacing="0" cellpadding="5">
    <tr  height="30">
      <td colspan="2">&nbsp;</td>
    </tr>
    <tr  height="30">
      <td>&nbsp;</td>
      <td align="left" valign="top"><a href="index.php">กลับหน้าหลัก</a></td>
    </tr>
    <tr  height="30">
      <td width="171">เลือกไฟล์ .CSV</td>
      <td width="544"><label for="fileField"></label>
      <input type="file" name="file_csv" id="file_csv"></td>
    </tr>
    <tr  height="50">
      <td colspan="2" align="center"><input type="submit" name="btnOK" id="btnOK" value="ตกลง" ></td>
    </tr>
  </table>
  <p>&nbsp;</p>
</form>


<?php 
//ลบข้อมูล นศ. ก่อนนำเข้าใหม่
//$sqldel=mysql_query("delete from student where tecinstitute='$tecscIns' and school_id='$school_name'");

$size=$_FILES['file_csv']['size'];
//echo "filesize=>".$size."<br>";
if($_FILES['file_csv']['size'] > 23){
	
	$target_dir = "csv_stdImport/";
	$target_file = $target_dir . basename($_FILES["file_csv"]["name"]);
	if(!move_uploaded_file($_FILES['file_csv']['tmp_name'],$target_file)){
		echo "Error mvoefile";
	}//end check move file
	
	//$file_from = $_POST['file_from'];
	$text = file($target_file);
	foreach($text as $value){
    $data = explode(",",$value);
	//$data[]=$file_from;
	mysql_query("SET NAMES tis620");
	$query = "INSERT INTO tblstd_idcard VALUES ('".implode("','",$data)."')";
	$resut=mysql_query($query);
	//echo "<br>=>".$query;
	if($query){
		//echo "<br>".$value.",".$file_from." บนทึกข้อมูลเสร็จสิ้น<br>";
		echo " บนทึกข้อมูลเสร็จสิ้น<br>";
		echo '<meta http-equiv="refresh" content="2; url=index.php" />';
		
	}else{
		echo $value.",".$file_from." ไม่สามารถบันทึกข้อมูลได้Error <br>";
	}
	
	}//end foreach
}//end 
/*
if($_FILES['file_csv']['tmp_name'] !=""){

	$sqlstdtitle2="select * from student where prefix_id_th='003'";
	$resultstdtitle2=mysql_query($sqlstdtitle2);
	while($rsstdtitle2=mysql_fetch_array($resultstdtitle2)){
	$perfix2=$rsstdtitle2['prefix_id_th'];
	$sqlup2="update student set prefix_id_th='004' where prefix_id_th= '$perfix2'";
	echo "<br>upd2=>".$sqlup2;
	$reup2=mysql_query($sqlup2);
	}
	
	$sqlstdtitle="select * from student where prefix_id_th='002'";
	$resultstdtitle=mysql_query($sqlstdtitle);
	while($rsstdtitle=mysql_fetch_array($resultstdtitle)){
	$perfix=$rsstdtitle['prefix_id_th'];
	$sqlup="update student set prefix_id_th='003' where prefix_id_th= '$perfix'";
	echo "<br>upd1=>".$sqlup;
	$reup=mysql_query($sqlup);
	
	}
}//end if
	*/
?>

Youez - 2016 - github.com/yon3zu
LinuXploit