403Webshell
Server IP : 172.67.187.206  /  Your IP : 162.159.115.41
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /Inetpub/www/myoffice/2565/modules/tkk6/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /Inetpub/www/myoffice/2565/modules/tkk6/readtkk6.php.bak
<link href="style_web.css" rel="stylesheet" type="text/css" />
	<TABLE cellSpacing=0 cellPadding=0 width=1005 height=500 border=0 align="center">
      <TBODY>
        <TR>
          <TD  align="center" vAlign=top>
<TABLE cellSpacing=0 cellPadding=0 width=880 height="345"border=0 bgcolor=FFFFFF>
        <TR>
          <TD  vAlign=top>
<?
//	CheckUser($_SESSION['user_user']);
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
		$res[user] = $db->select_query("SELECT * FROM ".TB_user." WHERE username='".$_SESSION['user_user']."' ");
		$arr[user] = $db->fetch($res[user]);
$_GET['id'] = intval($_GET['id']);

//แสดงข่าวสาร/ประชาสัมพันธ์ 
//ดึงค่า
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
		$res[yearla] = $db->select_query("SELECT * FROM ".TB_YEARLA_CAT." ORDER BY id ");
		$arr[yearla] = $db->fetch($res[yearla]);		
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$res[tkk6] = $db->select_query("SELECT * FROM ".TB_TKK6." WHERE id='$_GET[id]'  ");
$arr[tkk6] = $db->fetch($res[tkk6]);
$res[user] = $db->select_query("SELECT * FROM ".TB_user." WHERE id='".$arr[tkk6][cat]."'  ");
$arr[user] = $db->fetch($res[user]);
$res[category] = $db->select_query("SELECT * FROM ".TB_TKK6_CAT." WHERE cat='".$arr[tkk6][cat]."' and yearla='".$arr[yearla][name]."'  ");
	$arr[category] = $db->fetch($res[category]);
$db->closedb ();
{
?>   
<table width="900" align="center"border="0" cellspacing="0" cellpadding="0" bgcolor=ffffff>
 <tr> 
   <td width="900"align="center">
   <BR><B>แบบใบลาพักผ่อน</B>
   </td>
   </tr>
  <tr> 
   <td width="850"align="right">
   <BR><B>ที่ &nbsp;&nbsp;<?echo thainumDigit($arr[tkk6][address]);?></B>
   </td>
   </tr>
   <tr>
   <td>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<B>วันที่&nbsp;&nbsp;<?echo thainumDigit("".thai_date_fullmonth(strtotime($arr[tkk6][date]))."" );?>
	<BR>
 <B>เรื่อง&nbsp;&nbsp;<?=$arr[tkk6][topic];?></B>
	<BR>
 <B>เรียน&nbsp;&nbsp;ผู้อำนวยการ<?=WEB_TITLE;?></B>
<BR>
 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<B>ข้าพเจ้า&nbsp;&nbsp;<?=$arr[tkk6][name];?></B>  <B>ตำแหน่ง&nbsp;&nbsp;<?=$arr[tkk6][position];?> <?=$arr[tkk6][kom];?> สังกัด <?=WEB_TITLE;?>&nbsp;&nbsp;มีวันลาพักผ่อนสะสม&nbsp;&nbsp;<?echo thainumDigit($arr[category][cumulative]);?>&nbsp;&nbsp;วันทำการ&nbsp;&nbsp;มีสิทธิลาพักผ่อนประจำปีนี้&nbsp;&nbsp;<?echo thainumDigit($arr[category][claim]);?>&nbsp;&nbsp;วันทำการ&nbsp;&nbsp;รวมเป็น&nbsp;&nbsp;<?echo thainumDigit(($arr[category][cumulative]+$arr[category][claim]));?>&nbsp;&nbsp;วันทำการ&nbsp;&nbsp;ขอลา<?=$arr[tkk6][la];?> &nbsp;&nbsp;ตั้งแต่วันที่&nbsp;&nbsp;<?echo thainumDigit("".thai_date_fullmonth(strtotime($arr[tkk6][date1]))."" );?>ถึงวันที่&nbsp;&nbsp;<?echo thainumDigit("".thai_date_fullmonth(strtotime($arr[tkk6][date2]))."" );?>  มีกำหนด&nbsp;&nbsp;<?echo thainumDigit($arr[tkk6][numpoi]);?>&nbsp;&nbsp; วัน
ในระหว่างลาติดต่อข้าพเจ้าได้ที่&nbsp;&nbsp;<?echo thainumDigit($arr[tkk6][satanti]);?></B>&nbsp;&nbsp;โทรศัพท์&nbsp;&nbsp;<?echo thainumDigit("".$arr[tkk6][tel]."");?></B>    
<tr><td align="center"><BR><B>ขอแสดงความนับถือ</B>
</td>
  </tr>
<tr>
<td align="center">
<IMG SRC="laysen/<?=($arr[tkk6][cat]);?>.jpg">
	<BR>
	(<?=$arr[tkk6][name];?>)
	<BR>
	<?=$arr[user][posit];?>
<?
		if  (($arr[user][work]=='2') OR ($arr[user][work]=='3')){  
?>
&nbsp;&nbsp;<?=WEB_AREA;?>
<?}?>
</td>
  </tr>
<tr>
<td>
<?
					 if($arr[tkk6][full_text]){ 	  
?>
<br><FONT COLOR="#990000">เอกสารแนบ</FONT></B>[<a href="tkk6/<?=$arr[tkk6][post_date];?><?=$arr[tkk6][full_text];?>" target="_blank"><b>ไฟล์ที่ 1</b></A>]  
<BR>
		  <? } else {echo "";}?>
</td>
  </tr>
<tr>
<td align="center">
	<BR>
<?
//	CheckUser($_SESSION['user_user']);
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
		$res[user] = $db->select_query("SELECT * FROM ".TB_user." WHERE id='".$arr[tkk6][cat]."'  ");
		$arr[user] = $db->fetch($res[user]);

//ดึงค่า
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
		$res[yearla] = $db->select_query("SELECT * FROM ".TB_YEARLA_CAT." ORDER BY id ");
		$arr[yearla] = $db->fetch($res[yearla]);	
?>
<?php
$_GET['id'] = intval($_GET['id']);

// Make a MySQL Connection
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$query = "SELECT numpoi SUM(numpoi) FROM web_tkk6  WHERE  cat='".$arr[user][id]."'and yearla='".$arr[yearla][name]."'  "; 
$sql7="select sum(numpoi) as tt7 from web_tkk6 where   cat='".$arr[user][id]."' and yearla='".$arr[yearla][name]."'  and la='".$arr[tkk6][la]."' and id<'$_GET[id]' ";
			$dbquery7= mysql_db_query($dbname, $sql7);
			$result7 = mysql_fetch_array($dbquery7);
			$rest=$result7[tt7];

$sql8="select numpoi as tt8 from web_tkk6 where   cat='".$arr[user][id]."' and yearla='".$arr[yearla][name]."' and la='".$arr[tkk6][la]."' and id='$_GET[id]'   ";
			$dbquery8 = mysql_db_query($dbname, $sql8);
			$num_rows8 = mysql_num_rows($dbquery8);
			$result8 = mysql_fetch_array($dbquery8);
			$rest1=$result8[tt8];
?>
<table width="900" border="0" bordercolor="#000000">
  <tr>
    <td width="400"valign="top">
	<table cellspacing="2" cellpadding="2" align="center"width="400" border="1"bordercolor="#000000">
  <tbody>		สถิติการลาในปีงบประมาณนี้
<BR>
    <tr> 
      <td align="center"><B>ประเภทการลา</B></td>
      <td align="center"><B>ลามาแล้ว<BR>วันทำการ</B></td>
      <td align="center"><B>ลาครั้งนี้ <BR>วันทำการ</B></td>
      <td height="25"><B>รวมเป็น<BR>วันทำการ</B></td>
    </tr>
    <tr>
      <td align="left"><B>ลาพักผ่อน</B></td>
   <td align="center"><b><?$a=$rest; echo thainumDigit("" .round($a,1));?></b></td>
      <td align="center"><B><?$a=$rest1; echo thainumDigit("" .round($a,1));?></B>
	  </td><td align="center"> <B><?$a=$rest+$rest1;echo thainumDigit("" .round($a,1))?></B></td>
    </tr>
</table>
<?
		$res[user] = $db->select_query("SELECT * FROM ".TB_user." WHERE id='".$arr[tkk6][laysen2]."'  ");
		$arr[user] = $db->fetch($res[user]);
?>
<table width="400" border="0" bordercolor="#000000">
  <tr> 
    <td height="5"></td>
    <td width="271" rowspan="2"align="center">
	<IMG SRC="laysen/<?=($arr[tkk6][laysen2]);?>.jpg">
			<BR>
	(<?=$arr[user][category_name];?>)
	<BR>
	<?=$arr[user][posit];?>
	</td>
    <td height="5"></td>
  </tr>
  <tr> 
    <td width="100" align="right" valign="top">ลงชื่อ</td>
    <td width="100" height="25" align="left" valign="top">ผู้ตรวจสอบ</td>
  </tr>
</table>
<table width="420" border="0" bordercolor="#000000">
<tr> 
      <td colspan="4" valign="top" align="left">
	  <?
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);


$res[user] = $db->select_query("SELECT * FROM ".TB_user." WHERE id='".$arr[tkk6][reason]."'  ");
	$arr[user] = $db->fetch($res[user]);
?>
	  <u>หมายเหตุ</u> ในการลาพักผ่อนครั้งนี้ข้าพเจ้าได้มอบหมายงาน<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ในหน้าที่ให้&nbsp;&nbsp;&nbsp;<? echo $arr[user][category_name];?>&nbsp;&nbsp;&nbsp;ปฏิบัติ<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; หน้าที่แทน
	  <div align=center>
	  <BR>
	  ลงชื่อ&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<IMG SRC="laysen/<?=($arr[tkk6][cat]);?>.jpg">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ผู้มอบ
	  	<BR>
	(<?=$arr[tkk6][name];?>)
	<BR>
 <?=$arr[tkk6][position];?>
		<?
			if  (($arr[user][work]=='2')OR($arr[user][work]=='3')){  
		?>
&nbsp;&nbsp;<?=WEB_AREA;?>
		<?}?>
	  <BR>
	  </div>
	  </td>
	  </tr>
	  </table>
<table width="420" border="0" bordercolor="#000000">
  <tr> 
    <td  align="center" valign="top">ลงชื่อ&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <IMG SRC="laysen/<?=($arr[tkk6][reason]);?>.jpg">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ผู้รับมอบ
   	  	<BR>
		(<?=$arr[user][category_name];?>)
		<BR>
		<?=$arr[user][posit];?>
		<?
			if  (($arr[user][work]<4)){  
		?>
&nbsp;&nbsp;<?=WEB_AREA;?>
		<?}?>
</td>
  </tr>
</table>
</td>
    <td width="500" height="39" valign="top"><TABLE cellSpacing=0 cellPadding=0 width=500 border=0 align="center" >
&nbsp;<B>ความเห็นผู้บังคับบัญชา</B>
<?
if($arr[tkk6][enable_comment]){
//	CheckUser($_SESSION['user_user']);
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
		$res[user] = $db->select_query("SELECT * FROM ".TB_user." WHERE username='".$_SESSION['user_user']."' ");
		$arr[user] = $db->fetch($res[user]);
	//Check Comment
	$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
	$res[comment] = $db->select_query("SELECT * FROM ".TB_TKK6_COMMENT." WHERE tkk6_id='".$arr[tkk6][id]."' ORDER BY id ");
	$count=0;
	while($arr[comment] = $db->fetch($res[comment])){
	$res[user] = $db->select_query("SELECT * FROM ".TB_user." WHERE id='".$arr[comment][laysen1]."'  ");
	$arr[user] = $db->fetch($res[user]);
		$count  ++;	
?>	
<?
					 if($arr[comment][comment1]==''){ 	  
?>
<TR>
<TD><div align="center"><B></FONT></B></div>
</TD>
</TR>
<TR>
<TD align="center">
<?
					 if($arr[comment][detail]){ 	  
?>
<?=($arr[comment][detail]);?>
<BR>
<? } ?>
<?
					 if($arr[comment][comment1]){ 	  
?>
<?=($arr[comment][comment1]);?>
<BR>
<? } ?>
<IMG SRC="laysen/<?=($arr[comment][laysen1]);?>.jpg">
<?
					 if($arr[comment][work]==''){ 	  
?>
<BR>
(<?=($arr[user][category_name]);?>)
<BR>
<?=($arr[user][posit]);?>
<? } ?>
<?
					 if($arr[comment][work]=='3'){ 	  
?>
<BR>
(<?=($arr[user][category_name]);?>)
<BR>
<?=($arr[user][posit]);?><?=($arr[user][school]);?>
<? } ?>
			</div></TD>
			</TR>
			<TR>
				<TD height="1" class="dotline"></TD>
			</TR>
<? } ?>	
<?
					 if($arr[comment][comment1]=='ส่งคืน'){ 	  
?>
			<TR>
				<TD><div align="center"><B><?=($arr[comment][detail]);?></FONT></B></div></TD>
				</TR>
			<TR><TD align="center"><B>
			<div align="center"><B><IMG SRC="laysen/<?=($arr[comment][laysen1]);?>.jpg">
			</div></TD>
			</TR>
			<TR>
				<TD height="1" class="dotline"></TD>
			</TR>
<? } ?>	
<?
					 if($arr[comment][comment1]=='อนุญาต'){ 	  
?>
			<TR>
				<TD>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<B>คำสั่ง</B><div align="center"><B><?=($arr[comment][detail]);?></FONT></B></div>
				</TD>
				</TR>
			<TR>
			<TD align="left">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<B><IMG SRC="images/tick.png"> <?=($arr[comment][comment1]);?></B>
			<BR>
			<div align="center">
			<IMG SRC="laysen/<?=($arr[comment][laysen1]);?>.jpg">
		<BR>
						(<?=($arr[user][category_name]);?>)
		<BR>
<?
					 if($arr[comment][work]=='1'){ 	  
?>

<?=WEB_D_DIRECTOR;?> <?=WEB_P_DIRECTOR;?><?=WEB_TITLE;?>
<? } ?>
<?
					 if(($arr[comment][work]=='2')AND($arr[user][working]=='2')){ 	  
?>
<?=WEB_D_DIRECTOR;?> <?=WEB_R_DIRECTOR;?><?=WEB_TITLE;?>
<BR>
<? }?>
<?
					 if(($arr[comment][work]=='2')AND($arr[user][working]=='4')){ 	  
?>
<?=($arr[user][posit]);?> <?=WEB_R_DIRECTOR;?><?=WEB_TITLE;?>
<BR>
<? }?>

<?
					 if(($arr[comment][work]=='2')AND($arr[user][working]=='12')){ 	  
?>
<?=($arr[user][posit]);?><?=($arr[user][school]);?> <?=WEB_R_DIRECTOR;?><?=WEB_TITLE;?>
<BR>
<? }?>
<?
					 if($arr[comment][work]=='3'){ 	  
?>

<?=($arr[user][posit]);?><?=WEB_TITLE;?>
<? } ?>
</div></TD>
				</TR>
			
			<TR>
				<TD height="1" class="dotline"></TD>
			</TR>
			<? } ?>
<?}?>
			</TABLE>
<?
	}
	$db->closedb ();
?>
		<!-- Enable Comment -->
<? } ?>
</td>
  </tr>
</table>
	</td>
	 </tr>
			</TABLE>
		  </TD>
        </TR>
      </TBODY>
    </TABLE>

Youez - 2016 - github.com/yon3zu
LinuXploit