403Webshell
Server IP : 104.21.80.248  /  Your IP : 172.71.28.156
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /Inetpub/www/news/edu2018/admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /Inetpub/www/news/edu2018/admin/del.php

<?php

$id=$_SESSION['sess_id'];
?>

<?
$action = $_GET['action']; 

if ($action=="delstu") {  //ลบข้อมูลนักเรียน
$id = $_GET['id'];
$mysqli->query("DELETE FROM grand WHERE stucode='$id'");
$mysqli->query("DELETE FROM student WHERE code='$id'");
$mysqli->query("DELETE FROM score WHERE code='$id'");

echo "<script>window.parent.location=\"index.php?dash=a87ff679a2f3e71d9181a67b7542122c&op=mstudent&m=2\"</script>";
} else if ($action=="delgrand") {
$id = $_GET['id'];
$code = $_GET['code'];
$mysqli->query("DELETE FROM grand WHERE tid='$id'");
echo "<script>window.parent.location=\"index.php?dash=8f14e45fceea167a5a36dedd4bea2543&id=$code&op=mstudent&m=2\"</script>";	
} else if ($action=="delteacher") {
$id = $_GET['id'];
$mysqli->query("DELETE FROM users WHERE id_user='$id'");
echo "<script>window.parent.location=\"index.php?dash=c4ca4238a0b923820dcc509a6f75849b&op=mteacher&m=1\"</script>";	
} else if($action=="delcatscore") {
$id = $_GET['id'];
$mysqli->query("DELETE FROM catscore WHERE Id='$id'");
$mysqli->query("DELETE FROM score WHERE idcat='$id'");
echo "<script>window.parent.location=\"index.php?dash=9bf31c7ff062936a96d3c8bd1f8f2ff3\"</script>";	
}
?>

Youez - 2016 - github.com/yon3zu
LinuXploit