403WebShell

403Webshell
Server IP : 104.21.80.248 / Your IP : 172.71.28.156
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF
Directory : /Inetpub/www/myschool/ratana/2568/modules_backup/tkknola/
Upload File :
[ Back ]
Current File : /Inetpub/www/myschool/ratana/2568/modules_backup/tkknola/index.php
<?
CheckUser($_SESSION['user_user'], $_SESSION['user_pwd']);
?>
<TABLE cellSpacing=0 cellPadding=0 width=100% height=500 border=0>
      <TBODY>
        <TR>
          <TD vAlign=top>
<TABLE width="100%" align=center cellSpacing=1 cellPadding=1 border=0 >
  <tr bgcolor="#1d9caa" height=25>
	<td width="5%"  align=center ><font color="#FFFFFF"><B>ประเภท</B></font></td>
	<td  align=center width="10%"><font color="#FFFFFF"><B>เรื่อง</B></font></td>
	<td width="25%"  align=center ><font color="#FFFFFF"><B>ผู้ส่งเรื่อง</B></font></td>
	<td width="25%" align=center ><font color="#FFFFFF"><B>ผู้ผ่านเรื่อง</B></font></td>
	<td width="15%" align=center ><font color="#FFFFFF"><B>สถานะ</B></font></td>
	<td width="15%" align=center ><font color="#FFFFFF"><B>แฟ้มเสนอ</B></font></td>
<?
//	CheckUser($_SESSION['user_user']);
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
		$res[user] = $db->select_query("SELECT * FROM ".TB_user." WHERE username='".$_SESSION['user_user']."' ");
		$arr[user] = $db->fetch($res[user]);
//ดึงค่า
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
		$res[yearla] = $db->select_query("SELECT * FROM ".TB_YEARLA_CAT." ORDER BY id ");
		$arr[yearla] = $db->fetch($res[yearla]);	
//แสดงบทความ
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
		$res[tkknola] = $db->select_query("SELECT * FROM ".TB_TKKNOLA."  WHERE cat='".$arr[user][id]."' and yearla='".$arr[yearla][name]."'   ORDER BY id DESC LIMIT 1 ");
		while($arr[tkknola] = $db->fetch($res[tkknola]))
{ 
 ?>
<?
	 if($arr[tkknola][comment1]=='1'){ 	  
?>
 	<td width="5%" align=center ><font color="#FFFFFF"><B>ลบ</B></font></td>
 <? }?>
 <? }?>
  </tr>   
<?
//แสดงข่าวสาร/ประชาสัมพันธ์ 
if($_GET[category]){
	$SQLwhere = " category='".$_GET[category]."' ";
	$SQLwhere2 = " WHERE category='".$_GET[category]."' ";
}
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$limit = 10 ;
$SUMPAGE = $db->num_rows(TB_TKKNOLA,"id","$SQLwhere");
$page=$_GET[page];
if (empty($page)){
	$page=1;
}
$rt = $SUMPAGE%$limit ;
$totalpage = ($rt!=0) ? floor($SUMPAGE/$limit)+1 : floor($SUMPAGE/$limit); 
$goto = ($page-1)*$limit ;

$res[tkknola] = $db->select_query("SELECT * FROM ".TB_TKKNOLA."  $SQLwhere2 and yearla='".$arr[yearla][name]."' ORDER BY id DESC LIMIT $goto, $limit ");

while($arr[tkknola] = $db->fetch($res[tkknola])){
		$res[tkk6] = $db->select_query("SELECT * FROM ".TB_TKK6." WHERE id='".$arr[tkknola][edit]."' ORDER BY id ");
		$arr[tkk6] = $db->fetch($res[tkk6]);	
?>
	<tr bgcolor="#FFFFFF">
		<td align="center" ><IMG SRC="myoffice/100.png"></td> 
		<td ><A HREF="javascript:NewWindow('popup2.php?name=tkknola&file=readtkknola_1&id=<?echo $arr[tkknola][id];?>','acepopup','1024','720','center','front');"><?echo $arr[tkknola][topic];?></A> 
		</td>
		<td align="center" ><? echo $arr[tkknola][name];?></td>
		<td align="center"  ><?=$arr[tkknola][namecom];?></td>
		<td align="center" >
<?
		if($arr[tkknola][comment1]==1){ 	  
?>
เสนอแฟ้ม
<?}?>
<?
		if(($arr[tkknola][comment1]==3)OR($arr[user][work]==8)AND($arr[tkknola][comment1]=='')OR($arr[user][la]==8)AND($arr[tkknola][comment1]=='')){ 	  
?>
เจ้าหน้าที่วันลา
<?}?>
<?
		if(($arr[tkknola][comment1]==14)OR($arr[user][work]==15)AND($arr[tkknola][comment1]=='')OR($arr[tkknola][comment1]==14)OR($arr[user][work]==12)AND($arr[tkknola][comment1]=='')){ 
	?>
เสนอ ผอ.รพ.สต.
<?}?>
<?
		if(($arr[tkknola][comment1]==5)OR($arr[user][odgroup]==4)AND($arr[tkknola][comment1]=='')){ 
	?>
เสนอหัวหน้า
<?}?>
<?
		if(($arr[tkknola][comment1]==7)OR($arr[user][work]==3)AND($arr[tkknola][comment1]=='')AND($arr[user][odpr]!=D2)){ 	  
?>
เสนอ ผู้ช่วยสสอ.
<?}?>
<?
		if(($arr[tkknola][comment1]==9)OR($arr[user][work]==2)AND($arr[tkknola][comment1]=='')){ 	  
?>
เสนอผู้บริหาร
<?}?>
<?
		if(($arr[tkknola][comment1]==10)AND($arr[user][odpr]==D2)OR($arr[user][odpr]==2)AND($arr[tkknola][comment1]=='')){ 	  
?>
เสนอรักษาการ
<?}?>
<?
		if($arr[tkknola][comment1]==อนุญาต){ 	  
?>
อนุญาต
<?}?>
<?
		if($arr[tkknola][comment1]==ไม่อนุญาต){ 	  
?>
ไม่อนุญาต
<?}?>
<?
		if($arr[tkknola][comment1]==ส่งคืน){ 	  
?>
แก้ไข
<?}?>
		</td>
		<td  align="center"  >
<?
		if($arr[tkknola][comment1]==ส่งคืน){ 	  
?>
		<a href="javascript:Confirm('?name=tkknola&file=index2&op=tkknola_del&id=<? echo $arr[tkknola][id];?>&prefix=<? echo $arr[tkknola][post_date];?>','ยกเลิกวันลาครั้งนี้ทั้งหมด?');"><IMG SRC="images/delete.gif"></a>
<? } else {echo "";}?>
<?
		 if($arr[tkknola][comment1]==1){ 	  
?>
		<A HREF="?name=tkknola&file=sent&op=tkknola_edit&id=<? echo $arr[tkknola][id];?>">ดำเนินการต่อ</A>
<? } else {echo "";}?>
<?
		if(($arr[tkknola][comment1]==14)OR($arr[user][work]==15)AND($arr[tkknola][comment1]=='')OR($arr[tkknola][comment1]==14)OR($arr[user][work]==12)AND($arr[tkknola][comment1]=='')){ 
	?>
		<A HREF="?name=tkknola&file=readtwo&op=tkknola_edit&id=<? echo $arr[tkknola][id];?>">ดำเนินการต่อ</A>
<?}?>
<?
		if(($arr[tkknola][comment1]==5)OR($arr[user][odgroup]==4)AND($arr[tkknola][comment1]=='')){
	?>
		<A HREF="?name=tkknola&file=readtwo&op=tkknola_edit&id=<? echo $arr[tkknola][id];?>">ดำเนินการต่อ</A>
<? } else {echo "";}?>
<?
		if(($arr[tkknola][comment1]==7)OR($arr[user][work]==3)AND($arr[tkknola][comment1]=='')AND($arr[user][odpr]!=D2)){ 	  
?>
		<A HREF="?name=tkknola&file=readtree&op=tkknola_edit&id=<? echo $arr[tkknola][id];?>">ดำเนินการต่อ</A>
<? } else {echo "";}?>
<?
		if(($arr[tkknola][comment1]==9)OR($arr[user][work]==2)AND($arr[tkknola][comment1]=='')){ 	  
?>
		<A HREF="?name=tkknola&file=readod&op=tkknola_edit&id=<? echo $arr[tkknola][id];?>">ดำเนินการต่อ</A>
<?}?>
<?
		if(($arr[tkknola][comment1]==10)AND($arr[user][odpr]==D2)OR($arr[user][odpr]==2)AND($arr[tkknola][comment1]=='')){ 	  
?>
		<A HREF="?name=tkknola&file=readod2&op=tkknola_edit&id=<? echo $arr[tkknola][id];?>">ดำเนินการต่อ</A>
<?}?>
<?
		if(($arr[tkknola][comment1]==อนุญาต)){ 	  
?>
		<A HREF="?name=tkknola&file=tabain&op=tkknola_edit&id=<? echo $arr[tkknola][id];?>">นำส่งเจ้าหน้าที่วันลา</A>
<?}?>
<?
		if($arr[tkknola][edit]!=$arr[tkk6][id]){ 	  
?>
<FORM NAME="myform" METHOD=POST ACTION="?name=tkknola&file=tabain2&op=tkknola_edit&action=edit&id=<? echo $arr[tkknola][id];?>" enctype="multipart/form-data">
<input type="hidden" name="CATEGORY" value="o"  checked>
<input type="hidden" name="COMMENT1" value="จัดเก็บ"  checked>
<INPUT TYPE="submit" value="จัดเก็บ" name="submit"> 
</FORM>
<? } else {echo "";}?>
<?
		if($arr[tkknola][comment1]==3){ 	  
?>
<?
if($arr[tkknola][edit]){
	//Check Comment
	$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
	$res[tkk6] = $db->select_query("SELECT * FROM ".TB_TKK6." WHERE id='".$arr[tkknola][edit]."' ORDER BY id ");
	while($arr[tkk6] = $db->fetch($res[tkk6])){
?>	
<?
		if($arr[tkk6][fix]==2){ 	  
?>
<FORM NAME="myform" METHOD=POST ACTION="?name=tkknola&file=tabain2&op=tkknola_edit&action=edit&id=<? echo $arr[tkknola][id];?>" enctype="multipart/form-data">
<input type="hidden" name="CATEGORY" value="o"  checked>
<input type="hidden" name="COMMENT1" value="จัดเก็บ"  checked>
<INPUT TYPE="submit" value="จัดเก็บ" name="submit"> 
</FORM>
<? } else {echo "";}?>


<?
		if($arr[tkk6][fix]==1){ 	  
?>
<?
		if(($arr[tkknola][tel]==$arr[tkknola][numpoi])AND($arr[tkknola][la]==กิจส่วนตัว)){ 	  
?>
		<a href="?name=tkk6&file=canceldelkit&op=tkk6_edit&id=<? echo $arr[tkknola][edit];?>">จัดการยกเลิก</a>
<? }?>
<?
		if(($arr[tkknola][tel]!=$arr[tkknola][numpoi])AND($arr[tkknola][la]==กิจส่วนตัว)){ 	  
?>
		<a href="?name=tkk6&file=cancel2kit&op=tkk6_edit&id=<? echo $arr[tkknola][edit];?>">จัดการยกเลิก</a>
<? }?>
<?
		 if(($arr[tkknola][tel]==$arr[tkknola][numpoi])AND($arr[tkknola][la]==พักผ่อน)){ 	  
?>
		<a href="?name=tkk6&file=canceldel&op=tkk6_edit&id=<? echo $arr[tkknola][edit];?>">จัดการยกเลิก</a>
<? }?>
<?
		 if(($arr[tkknola][tel]!=$arr[tkknola][numpoi])AND($arr[tkknola][la]==พักผ่อน)){ 	  
?>
		<a href="?name=tkk6&file=cancel2&op=tkk6_edit&id=<? echo $arr[tkknola][edit];?>">จัดการยกเลิก</a>
<? }?>
<? }?>
<?
}
}
?>
<?
}	
?>
<?
		if($arr[tkknola][comment1]==ไม่อนุญาต){ 	  
?>
<?
if($_SESSION['user_user']){
	//Admin Login Show Icon
?>				
<?
}
?>
<? } else {echo "";}?>
 <?
		if($arr[tkknola][category]==o){ 	  
?>
		<IMG SRC="images/tick.png">
<? } else {echo "";}?>
		</td>

<?
		if($arr[tkknola][comment1]==1){ 	  
?>
		<td align=center >
<?
if($_SESSION['user_user']){
	//Admin Login Show Icon
?>
			<a href="javascript:Confirm('?name=tkknola&file=index2&op=tkknola_del&id=<? echo $arr[tkknola][id];?>&prefix=<? echo $arr[tkknola][post_date];?>','คุณมั่นใจในการลบหัวข้อนี้ ?');"><IMG SRC="images/delete.gif" border="0" alt="ลบ" ></a>
<?
}
?>
			</td>
<? } else {echo ""; }?>
	 </tr>
<tr bgcolor=FFFFFF>
<td colspan="7" height="1" class="dotline"></td>
</tr>
<?
}
$db->closedb ();
?> 				
</table>
</form>		
				</TR>
			</TD>
		</TABLE>
		  </TD>
        </TR>
      </TBODY>
    </TABLE>
Youez - 2016 - github.com/yon3zu
LinuXploit