403WebShell

403Webshell
Server IP : 172.67.187.206 / Your IP : 172.71.28.156
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF
Directory : E:/Inetpub/www/news/
Upload File :
[ Back ]
Current File : E:/Inetpub/www/news/XXsesao8_post.php
<?php 
session_start();
include("db.php"); 
if(!isset($_SESSION['username'])){
}else{ 
$username1 = $_SESSION['username'];
$user1 = $mysqli->query("SELECT * FROM users WHERE username='$username1' LIMIT 1");
$userrow1 = mysqli_fetch_array($user1);
} 

$sitesettings = $mysqli->query("SELECT * FROM settings WHERE id='1'");
$settingsrow = mysqli_fetch_array($sitesettings);

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8">
<style type="text/css">@import url(style.css) ;</style>
<script type="text/javascript" src="jquery/jquery.min.js.pagespeed.jm.dNQkGkUhLU.js"></script>
<script type="text/javascript" src="jquery/jquery.fancybox-1.3.4.pack.js"></script>
<script type="text/javascript">//<![CDATA[
(function(d){function g(a){var b=a||window.event,i=[].slice.call(arguments,1),c=0,h=0,e=0;a=d.event.fix(b);a.type="mousewheel";if(a.wheelDelta)c=a.wheelDelta/120;if(a.detail)c=-a.detail/3;e=c;if(b.axis!==undefined&&b.axis===b.HORIZONTAL_AXIS){e=0;h=-1*c}if(b.wheelDeltaY!==undefined)e=b.wheelDeltaY/120;if(b.wheelDeltaX!==undefined)h=-1*b.wheelDeltaX/120;i.unshift(a,c,h,e);return d.event.handle.apply(this,i)}var f=["DOMMouseScroll","mousewheel"];d.event.special.mousewheel={setup:function(){if(this.addEventListener)for(var a=f.length;a;)this.addEventListener(f[--a],g,false);else this.onmousewheel=g},teardown:function(){if(this.removeEventListener)for(var a=f.length;a;)this.removeEventListener(f[--a],g,false);else this.onmousewheel=null}};d.fn.extend({mousewheel:function(a){return a?this.bind("mousewheel",a):this.trigger("mousewheel")},unmousewheel:function(a){return this.unbind("mousewheel",a)}})})(jQuery);
//]]></script>
<script type="text/javascript" src="jquery/jquery.fancybox-1.3.4.pack.js"></script>
<link rel="stylesheet" type="text/css" href="jquery/I.jquery.fancybox-1.3.4.css" media="screen"/>
<script type="text/javascript">$(document).ready(function() {
			$("a.various3").fancybox({
				'width'				: '7',
				'height'			: '6',
				'autoScale'			: false,
				'transitionIn'		: 'none',
				'transitionOut'		: 'none',
				'type'				: 'iframe'
			});
			
		});

</script>

<link rel="stylesheet" type="text/css" href="jquery/I.jquery.fancybox-1.3.4.css" media="screen"/>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title></title>
<style type="text/css">
<!--
a:link {
	text-decoration: none;
}
a:visited {
	text-decoration: none;
}
a:hover {
	text-decoration: none;
}
a:active {
	text-decoration: none;
}
.font14 {
	font-size: 15px;
	color:#666;
	}
body {
	margin-left: 0px;
	margin-top: 0px;
	margin-right: 0px;
	margin-bottom: 0px;
}
-->
</style></head>
<body>


<table width="645" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <td></td>
  </tr>
  <tr>
    <td><table width="645" border="0" align="center" cellpadding="0" cellspacing="0">

      <tr>
        <td><?php 
$size=4;
$url=$_SERVER['PHP_SELF'];
/*
$sql="select * from sc_news where cat_id between 70 and 85 order by id desc";
$result=mysql_query($sql);
mysql_query("SET NAMES UTF8");
*/
$sql= $mysqli->query("select * from sc_news where cat_id between 70 and 85 order by id desc");
$total=mysqli_num_rows($sql);
$npage=ceil($total/$size);
if (isset($_POST['page'])) {
 if(isset($_POST['first'])) {
  $page=1;
  } else if(isset($_POST['back'])) {
  $page=$_POST['page']-1;
  } else if(isset($_POST['next'])) {
  $page=$_POST['page']+1;
  } else if(isset($_POST['last'])) {
  $page=$npage;
  } else {
  $page=$_POST['page'];
  }
  }else {
  $page=1;
  }
  if ($page>$npage) {
  $page=$npage;
  } else if($page<1) {
  $page=1;
  }
  $start=($page-1)*$size;
 /* 
  $sql="select * from sc_news where cat_id between 70 and 85 order by id desc limit $start,$size";
  $result=mysql_query($sql);
  mysql_query("SET NAMES UTF8");
 */
$sql= $mysqli->query("select * from sc_news where cat_id between 70 and 85 order by id desc limit $start,$size");
 
  echo "<table border='0' align='center' width='645'>
   <tr><td  colspan='7'></td></tr>
  <tr align='center' bgcolor='#A8DEFF'>
  </tr>";
$bg1 = '#EAF7FF'; //สีที่2
$bg2 = '#FFFFFF';
$num=1;

while($r=mysqli_fetch_array($sql)) {
		if (($num%2)==0){
				$bg = $bg1;
		}else{
				$bg = $bg2;
		}

$rest2 = substr("$r[title]", 0,260);
$title2 = iconv_substr("$r[title]", 0,80,"UTF-8")."..";

		
echo "<tr bgcolor='$bg' onmouseover=\"this.bgColor='#ECFFEC'\" onmouseout=\"this.bgColor='$bg'\">
   <td valign='middle'  style='BORDER-BOTTOM: #CCC 1px dotted'><div class='font14'>&rArr; <a href='view.php?id=$r[id]' target='_blank'>$title2</a>";
$today=date("d-m-Y");
$date_news=$r['date_news'];
$rest2 = substr("$date_news", 0,-9);
$news_day=(strtotime($today)-strtotime($rest2))/(60*60*24);
if($news_day <= 3) { echo "<img src='images/update_news.gif'>";} else { echo "";}
$userid=$r['uid'];
$user2 = $mysqli->query("SELECT * FROM users WHERE id='$userid' LIMIT 1");
$userrow2 = mysqli_fetch_array($user2);
$school=$userrow2['school'];
echo "<br><font size='2'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ประกาศโดย:<i><font color='#006600'>$school</font></i> &nbsp;เมื่อ:<i>$date_news</i>&nbsp; อ่าน:<i>$r[views]</i> ครั้ง</font>";
 echo "</div></td>
";
$num++;
}
echo "</table>";
echo "<div align='right'><a href='http://news.sesaorb.go.th/news/se_postall.php' target='_blank'><img src='images/more_r.png' border='0' /></a>&nbsp;&nbsp;</div>";
/*
echo "<div align='right'>";
echo "<form method=post action='$url'>เลือกหน้า&nbsp;";
if($page<>1) {
echo "<input type='submit' name='first' value='l<'>";
echo "<input type='submit' name='back' value='<<'>";
}
echo "<select name='page' onchange='this.form.submit();'>";
for ($i=1; $i<=$npage; $i++) {
if ($i==$page) {
echo "<option value='$i' selected>$i</option>";
} else {
echo "<option value='$i'>$i</option>";
}
}
echo "</select>";
if ($page<>$npage) {
echo "<input type='submit' name='next' value='>>'>";
echo "<input type='submit' name='last' value='>l'>";
}
echo"&nbsp;ทั้งหมด $total รายการ";

*/
echo "</form></div>";
exit();
		?></td>
      </tr>
      <tr>
        <td>&nbsp;</td>
      </tr>
    </table></td>
  </tr>
</table>
</body>
</html>
Youez - 2016 - github.com/yon3zu
LinuXploit