Linux ns8.secondary29.go.th 2.6.32-754.28.1.el6.x86_64 #1 SMP Wed Mar 11 18:38:45 UTC 2020 x86_64
Apache/2.2.15 (CentOS)
: 122.154.134.11 | : 122.154.134.9
Cant Read [ /etc/named.conf ]
5.6.40
apache
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
var /
www /
html /
amss /
modules /
idocument /
[ HOME SHELL ]
Name
Size
Permission
Action
fonts
[ DIR ]
drwxr-xr-x
images
[ DIR ]
drwxr-xr-x
install
[ DIR ]
drwxr-xr-x
main
[ DIR ]
drwxr-xr-x
manual
[ DIR ]
drwxr-xr-x
tcpdf
[ DIR ]
drwxr-xr-x
upload_files
[ DIR ]
drwxr-xr-x
add.php
16.08
KB
-rw-r--r--
book_pass.php
17.14
KB
-rw-r--r--
book_pass_form_comment1.php
5.19
KB
-rw-r--r--
book_pass_form_comment2.php
6.49
KB
-rw-r--r--
book_pass_form_comment3.php
2.72
KB
-rw-r--r--
css.css
1.06
KB
-rw-r--r--
default.php
216
B
-rw-r--r--
detail.php
8.11
KB
-rw-r--r--
display.php
9.25
KB
-rw-r--r--
docprint.php
7.22
KB
-rw-r--r--
document-detail.php
8.57
KB
-rw-r--r--
edit.php
20
KB
-rw-r--r--
idocument.sql
6.22
KB
-rw-r--r--
index.php
7.5
KB
-rw-r--r--
menu.php
3.13
KB
-rw-r--r--
menu_mobile.php
898
B
-rw-r--r--
save.php
4.91
KB
-rw-r--r--
time_inc.php
6.03
KB
-rw-r--r--
view.php
9.12
KB
-rw-r--r--
viewlist.php
7.88
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : save.php
<?php /** ensure this file is being included by a parent file */ defined( '_VALID_' ) or die( 'Direct Access to this location is not allowed.' ); ?> <?php //print_r($_REQUEST); //print_r($_FILES); //print_r($_SESSION); foreach($_REQUEST as $key=>$value) { $$key=$value; } //for($z=0;$z<250;$z++){ $predoc_id =""; //$workgroup = "";//$_SESSION['workgroup']; $content1 = htmlspecialchars($content1); $content2 = htmlspecialchars($content2); $content3 = htmlspecialchars($content3); //Get book no. $sqlBookNo = "Select MAX(book_number)+1 as MaxBookNo From idocument_main Where book_year = (".$_SESSION['bookregister_year'].")"; $query_BookNo=mysqli_query($connect,$sqlBookNo); $result_BookNo=mysqli_fetch_array($query_BookNo); $book_number = ($result_BookNo['MaxBookNo'] == NULL)?1:$result_BookNo['MaxBookNo']; $book_year = $_SESSION['bookregister_year']; $book_no = $book_number ."/". $book_year; $book_date = date("Y-m-d"); $sql = "INSERT INTO `idocument_main` ( `id`, `workgroup`, `workgroup_txt`, `book_year`, `book_number`, `book_no`, `book_date`, `subject`, `pre_doc_id`, `book_to`, `content1`, `content2`, `content3`, `officer`, `officer_name`, `officer_position`, `book_status`, `book_type`) VALUES (NULL, '$workgroup', '$workgroup_txt', '$book_year', '$book_number', '$book_no', '$book_date', '$subject', '$predoc_id', '$book_to', '$content1', '$content2', '$content3', '$officer', '$officer_name', '$officer_position', '0', '1');"; //echo $bookto_id; //echo "<br />".$sql; if($bookto_id!=""){ $dbquery = mysqli_query($connect,$sql); } else{ echo "<br>"; echo "<div align='center'>กรุณาเลือกบุคคลพิจารณา/เห็นชอบ</div>"; exit(); } //$dbquery = mysqli_query($connect,$sql); if ($dbquery){ $last_id = mysqli_insert_id($connect); $sqlSento = "Insert INTO idocument_sendto(document_id, rec_id, person_id,document_from) Values('$last_id', md5('$last_id'), '$bookto_id', '$officer');"; //echo $sqlSento; //mysqli_query($connect, $sqlSento); mysqli_query($connect, $sqlSento); //echo $sqlSento; //Upload file Ref Doc. $target_dir = "./modules/".$_GET['option']."/upload_files/"; $file_no = 0; //for($j=0;$j<count($_FILES['UploadedFile']['tmp_name']);$j++) { for($j=0;$j<count($UploadedFileComment);$j++) { $commentFile = $UploadedFileComment[$j]; if(!empty($_FILES['UploadedFile']['tmp_name'][$j])) { ++$file_no; $target_file = $target_dir . basename($_FILES["UploadedFile"]["name"][$j]); $uploadOk = 1; $imageFileType = pathinfo($target_file,PATHINFO_EXTENSION); $rename_file = $target_dir . $last_id . '-ref-' . round(microtime(true)) . '_'.$file_no.'.'. strtolower($imageFileType); if (move_uploaded_file($_FILES["UploadedFile"]["tmp_name"][$j], $rename_file)) { //echo "The file ". basename( $_FILES["UploadedFile"]["name"][$j]). " has been uploaded."; } }else{ $rename_file = ""; $imageFileType = ""; } if($commentFile<>""){ $sql = "INSERT INTO idocument_files( document_id, file_name,file_des,filetype, docType) VALUE( $last_id,'$rename_file', '$commentFile', '$imageFileType', 'ref')"; $result = mysqli_query($connect,$sql); } //echo $sql."<br>"; }//for //Upload file //Upload file Attach Doc. $target_dir = "./modules/".$_GET['option']."/upload_files/"; $file_no = 0; for($j=0;$j<count($UploadedFileComment2);$j++) { $commentFile = $UploadedFileComment2[$j]; if(!empty($_FILES['UploadedFile2']['tmp_name'][$j])) { ++$file_no; $target_file = $target_dir . basename($_FILES["UploadedFile2"]["name"][$j]); $uploadOk = 1; $imageFileType = pathinfo($target_file,PATHINFO_EXTENSION); $rename_file = $target_dir . $last_id . '-attach-' . round(microtime(true)) . '_'.$file_no.'.'. strtolower($imageFileType); if (move_uploaded_file($_FILES["UploadedFile2"]["tmp_name"][$j], $rename_file)) { //echo "The file ". basename( $_FILES["UploadedFile"]["name"][$j]). " has been uploaded."; } }else{ $rename_file = ""; $imageFileType = ""; } if($commentFile<>""){ $sql = "INSERT INTO idocument_files(document_id, file_name,file_des,filetype, docType) VALUE($last_id,'$rename_file', '$commentFile', '$imageFileType', 'attach')"; $result = mysqli_query($connect,$sql); //echo $sql."<br>"; } }//for //Upload file } //} //echo "<script language='javascript'>window.location.href = '?option=". $option ."&task=view'</script>"; echo "<script language='javascript'>window.location.href = '?option=". $option ."&task=detail&id=".$last_id."'</script>"; ?>
Close
