403Webshell
Server IP : 104.21.80.248  /  Your IP : 172.71.28.156
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /Inetpub/www/myschool/nekkham/modules/personal/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /Inetpub/www/myschool/nekkham/modules/personal/readawards.php
 <?
CheckUser($_SESSION['user_user'], $_SESSION['user_pwd']);
?>
<script type="text/javascript">
function showemotion() {
	emotion1.style.display = 'none';
	emotion2.style.display = '';
}
function closeemotion() {
	emotion1.style.display = '';
	emotion2.style.display = 'none';
}

function emoticon(theSmilie) {

	document.form2.COMMENT.value += ' ' + theSmilie + ' ';
	document.form2.COMMENT.focus();
}
</script>
<body>
<table width="100%"  height=500 border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#999999" bordercolordark="#FFFFFF">
	<tr>
		<td colspan="8"vAlign=top>
	<TABLE cellSpacing=0 cellPadding=0 width=100% border=0 align="center"vAlign=top>
      <TBODY>
        <TR>
          <TD vAlign=top align=center>
<?
$_GET['id'] = intval($_GET['id']);
//แสดงข่าวสาร/ประชาสัมพันธ์ 
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$limit = 10 ;
$SUMPAGE = $db->num_rows(TB_COURSE,"id","");
$page=$_GET[page];
if (empty($page)){
	$page=1;
}
$rt = $SUMPAGE%$limit ;
$totalpage = ($rt!=0) ? floor($SUMPAGE/$limit)+1 : floor($SUMPAGE/$limit); 
$goto = ($page-1)*$limit ;
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$res[user] = $db->select_query("SELECT * FROM ".TB_user."  WHERE id='$_GET[id]' ");
$arr[user] = $db->fetch($res[user]);
$db->closedb ();

?>			
  <tr> 
    <td align=center><font color=blue>การได้รับรางวัล ยกย่องเชิดชูเกียรติ ของ <?=$arr[user][category_name];?></font></td>
</tr>
<tr>
<td align=center>
<table width="100%"  cellspacing="2" cellpadding="1" >
<tr bgcolor="#adad13" height=25>
   <td  align=center width="5%"><font color="#FFFFFF"><B>ลำดับ</B></font></td>
   <td width="50%"  align=center ><font color="#FFFFFF"><B>ชื่อรางวัล</B></font></td>
   <td  align=center width="20%"><font color="#FFFFFF"><B>ระดับ</B></font></td>
	<td width="15%" align=center ><font color="#FFFFFF"><B>วันเดือนปี</B></font></td>
	<td width="10%" align=center ><font color="#FFFFFF"><B>หลักฐาน</B></font></td>
  </tr>  
<?
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
	$res[awards] = $db->select_query("SELECT * FROM ".TB_AWARDS." WHERE user_id='".$arr[user][id]."' ORDER BY id DESC LIMIT $goto, $limit");
	$count=0;
	$i=1;
	while($arr[awards] = $db->fetch($res[awards]))
{
 ?>
<tr bgcolor="#FFFFDF"height=20>
<td align="center"><? echo"".$i?></td>
<td><?=$arr[awards][awards];?></td>
 <td ><?=$arr[awards][degee];?></td>
<td align="center"><?=$arr[awards][date];?></td>
<td align="center">
<?
					 if($arr[awards][full_text]){ 	  
?>
<a href="data/fileawards/<?=$arr[awards][full_text];?>" target="_blank"><b><IMG SRC="images/pdf.gif"width="20"></b></A>
<? } else {
echo "";}?>
</td>

</TR>

</td>
  </tr>
<?
	$i++;
?>
<? 
$count++;
if (($count%1) == 0) { echo ""; $count=0; }
}
$db->closedb ();	
 ?>
	</TABLE>		<!-- End Enable Comment -->
<div align=left>
<?
	SplitPage($page,$totalpage,"?name=personal&file=readawards&id=".$arr[user][id]."");
	echo $ShowSumPages ;
	echo $ShowPages ;
	echo "<BR><BR>";
?>
</div>
	  </TD>
        </TR>
    </TABLE>
	<BR>
		  </TD>
        </TR>
      </TBODY>
    </TABLE>

Youez - 2016 - github.com/yon3zu
LinuXploit