403Webshell
Server IP : 104.21.80.248  /  Your IP : 172.71.28.156
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  E:/Inetpub/www/myschool/nongplamor_new/modules/maintenance/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : E:/Inetpub/www/myschool/nongplamor_new/modules/maintenance/device.php
<?
require_once($MODPATH ."inc.php") ;

//print_r($_POST);
if(isset($_POST[addnew] )){
    $db->add_db(TB_device,array(
        "room"=>"$_POST[room]",
        "type"=>"$_POST[type]",
        "brand"=>"$_POST[brand]",
        "model"=>"$_POST[model]",
        "sn"=>"$_POST[sn]",
        "bn"=>"$_POST[bn]",
        "buydate"=>"$_POST[buydate]",
        "company"=>"$_POST[company]",
        "detail"=>"$_POST[detail]",
        "histrory"=>"$_POST[histrory]",			
        "waranty"=>"$_POST[waranty]",
        "status"=>"$_POST[status]"
    ));
    $ProcessOutput .= "<BR><BR>";
    $ProcessOutput .= "<CENTER><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>";
    $ProcessOutput .= "<FONT COLOR=\"#336600\"><B>ได้ทำการเพิ่ม เรียบร้อยแล้ว</B></FONT><BR><BR>";
    $ProcessOutput .= "<meta http-equiv=\"refresh\" content=\"1 ;url=?name=maintenance&file=roomedit&id=". $_POST[room] ."\">";
    $ProcessOutput .= "</CENTER>";
    $ProcessOutput .= "<BR><BR>";
    echo $ProcessOutput ;
    exit;
}
else if(isset($_POST[submit] )){
    if($_GET[op]=='update'){
        $db->update_db(TB_device,array(
			"room"=>"$_POST[room]",
			"type"=>"$_POST[type]",
			"brand"=>"$_POST[brand]",
			"model"=>"$_POST[model]",
			"sn"=>"$_POST[sn]",
			"bn"=>"$_POST[bn]",
			"buydate"=>"$_POST[buydate]",
			"company"=>"$_POST[company]",
			"detail"=>"$_POST[detail]",
            "histrory"=>"$_POST[histrory]",			
            "waranty"=>"$_POST[waranty]",
            "status"=>"$_POST[status]"
        )," id=$_POST[id] ");
    }
    else if($_GET[op]=='add'){
        $db->add_db(TB_device,array(
			"room"=>"$_POST[room]",
			"type"=>"$_POST[type]",
			"brand"=>"$_POST[brand]",
			"model"=>"$_POST[model]",
			"sn"=>"$_POST[sn]",
			"bn"=>"$_POST[bn]",
			"buydate"=>"$_POST[buydate]",
			"company"=>"$_POST[company]",
			"detail"=>"$_POST[detail]",
            "histrory"=>"$_POST[histrory]",			
            "waranty"=>"$_POST[waranty]",
            "status"=>"$_POST[status]"
        ));
    }

    $ProcessOutput .= "<BR><BR>";
    $ProcessOutput .= "<CENTER><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>";
    $ProcessOutput .= "<FONT COLOR=\"#336600\"><B>ได้ทำการแก้ไข เรียบร้อยแล้ว</B></FONT><BR><BR>";
    $ProcessOutput .= "<meta http-equiv=\"refresh\" content=\"1 ;url=?name=maintenance&file=roomedit&id=". $_POST[room] ."\">";
    $ProcessOutput .= "</CENTER>";
    $ProcessOutput .= "<BR><BR>";
    echo $ProcessOutput ;
    exit;
}

$res[device] = $db->select_query($sql="SELECT * FROM ".TB_device." WHERE id='" . $_GET[id] ."'" );

$arr[device] = $db->fetch($res[device]) ;
//print_r($arr[device]);
$op=($arr[device][id])?"op=update&" : "op=add&";
echo "<FORM METHOD=POST ACTION='?name=maintenance&file=device&".$op."id=" .  $_GET[id]  ."'>";
echo "<input type=hidden name=id value='".$arr[device][id] ."'>";

echo "<table border=1 cellspacing=0>";

echo "<tr><td>หมายเลขห้อง</td>";
echo "<td>";
$room=($arr[device][id])? $arr[device][room] : $_GET[room] ;
echo room_list_sel("room",$room);
echo "</td></tr>";

echo "<tr><td>type</td>";
echo "<td>";
echo type_list_sel("type",$arr[device][type]);
echo "</td></tr>";

echo "<tr><td>ยี่ห้อ</td>";
echo "<td>";
echo "<input type=text name=brand value='".$arr[device][brand] ."'>";
echo "</td></tr>";

echo "<tr><td>model</td>";
echo "<td>";
echo "<input type=text name=model value='".$arr[device][model] ."'>";
echo "</td></tr>";

echo "<tr><td>serial number</td>";
echo "<td>";
echo "<input type=text name=sn value='".$arr[device][sn] ."'>";
echo "</td></tr>";

echo "<tr><td>หมายเลขพัสดุ</td>";
echo "<td>";
echo "<input type=text name=bn value='".$arr[device][bn] ."'>";
echo "</td></tr>";

echo "<tr><td>วันที่ซื้อ/ส่งมอบ</td>";
echo "<td>";
echo "<input type=text name=buydate value='".$arr[device][buydate] ."'>";
echo "</td></tr>";

echo "<tr><td>ซื้อจาก</td>";
echo "<td>";
echo "<input type=text name=company value='".$arr[device][company] ."'>";
echo "</td></tr>";

echo "<tr><td>detail</td>";
echo "<td>";
echo "<input type=text name=detail value='".$arr[device][detail] ."'>";
echo "</td></tr>";

echo "<tr><td>histrory</td>";
echo "<td>";
echo "<input type=text name=histrory value='".$arr[device][histrory] ."'>";
echo "</td></tr>";



echo "<tr><td>waranty</td>";
echo "<td>";
echo "<input type=text name=waranty value='".$arr[device][waranty] ."'>";
echo "</td></tr>";

echo "<tr><td>status</td>";
echo "<td>";
echo "<input type=text name=status value='".$arr[device][status] ."'>";
echo "</td></tr>";

echo "<tr><td> </td>";
echo "<td>";
echo "<input type=submit name=submit value='save'>";
echo str_repeat("&nbsp;",5);
echo "<input type=submit name=addnew value='addnew'>";
echo str_repeat("&nbsp;",5);
echo "<input type=button name=cancle value='cancle' onclick='javascript:history.back();' >";

echo "</td></tr>";

echo "</form>";
?>

Youez - 2016 - github.com/yon3zu
LinuXploit